hxxp://github[.]com

max time kernel
148s
max time network
149s
platform
windows11-21h2_x64
resource
win11-20241007-en
resource tags

arch:x64arch:x86image:win11-20241007-enlocale:en-usos:windows11-21h2-x64system
submitted
13/12/2024, 18:08 UTC

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

http://github.com

Score

8^/10

defense_evasion discovery

Malware Config

Signatures

Downloads MZ/PE file

Executes dropped EXE 2 IoCs

pid	Process
4964	WinNuke.98 (1).exe
1004	WinNuke.98 (1).exe

Legitimate hosting services abused for malware hosting/C2 1 TTPs 2 IoCs

Web Service

T1102

flow	ioc
22	raw.githubusercontent.com
49	raw.githubusercontent.com

Subvert Trust Controls: Mark-of-the-Web Bypass 1 TTPs 1 IoCs

When files are downloaded from the Internet, they are tagged with a hidden NTFS Alternate Data Stream (ADS) named Zone.Identifier with a specific value known as the MOTW.

defense_evasion

SIP and Trust Provider Hijacking

T1553.003

description	ioc	Process
File opened for modification	C:\Users\Admin\Downloads\WinNuke.98 (1).exe:Zone.Identifier	msedge.exe

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	WinNuke.98 (1).exe

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

NTFS ADS 6 IoCs

description	ioc	Process
File opened for modification	C:\Users\Admin\Downloads\Unconfirmed 125809.crdownload:SmartScreen	msedge.exe
File opened for modification	C:\Users\Admin\Downloads\WinNuke.98 (1).exe:Zone.Identifier	msedge.exe
File opened for modification	C:\Users\Admin\Downloads\Unconfirmed 486307.crdownload:SmartScreen	msedge.exe
File opened for modification	C:\Users\Admin\Downloads\Walker.com:Zone.Identifier	msedge.exe
File opened for modification	C:\Users\Admin\Downloads\Unconfirmed 933993.crdownload:SmartScreen	msedge.exe
File opened for modification	C:\Users\Admin\Downloads\Unconfirmed 203481.crdownload:SmartScreen	msedge.exe

Suspicious behavior: EnumeratesProcesses 17 IoCs

pid	Process
4128	msedge.exe
4128	msedge.exe
2348	msedge.exe
2348	msedge.exe
2348	msedge.exe
4144	identity_helper.exe
4144	identity_helper.exe
3520	msedge.exe
3520	msedge.exe
3636	msedge.exe
3636	msedge.exe
3112	msedge.exe
3112	msedge.exe
3112	msedge.exe
3112	msedge.exe
4308	msedge.exe
4308	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 20 IoCs

pid	Process
2348	msedge.exe
2348	msedge.exe
2348	msedge.exe
2348	msedge.exe
2348	msedge.exe
2348	msedge.exe
2348	msedge.exe
2348	msedge.exe
2348	msedge.exe
2348	msedge.exe
2348	msedge.exe
2348	msedge.exe
2348	msedge.exe
2348	msedge.exe
2348	msedge.exe
2348	msedge.exe
2348	msedge.exe
2348	msedge.exe
2348	msedge.exe
2348	msedge.exe

Suspicious use of FindShellTrayWindow 64 IoCs

pid	Process
2348	msedge.exe
2348	msedge.exe
2348	msedge.exe
2348	msedge.exe
2348	msedge.exe
2348	msedge.exe
2348	msedge.exe
2348	msedge.exe
2348	msedge.exe
2348	msedge.exe
2348	msedge.exe
2348	msedge.exe
2348	msedge.exe
2348	msedge.exe
2348	msedge.exe
2348	msedge.exe
2348	msedge.exe
2348	msedge.exe
2348	msedge.exe
2348	msedge.exe
2348	msedge.exe
2348	msedge.exe
2348	msedge.exe
2348	msedge.exe
2348	msedge.exe
2348	msedge.exe
2348	msedge.exe
2348	msedge.exe
2348	msedge.exe
2348	msedge.exe
2348	msedge.exe
2348	msedge.exe
2348	msedge.exe
2348	msedge.exe
2348	msedge.exe
2348	msedge.exe
2348	msedge.exe
2348	msedge.exe
2348	msedge.exe
2348	msedge.exe
2348	msedge.exe
2348	msedge.exe
2348	msedge.exe
2348	msedge.exe
2348	msedge.exe
2348	msedge.exe
2348	msedge.exe
2348	msedge.exe
2348	msedge.exe
2348	msedge.exe
2348	msedge.exe
2348	msedge.exe
2348	msedge.exe
2348	msedge.exe
2348	msedge.exe
2348	msedge.exe
2348	msedge.exe
2348	msedge.exe
2348	msedge.exe
2348	msedge.exe
2348	msedge.exe
2348	msedge.exe
2348	msedge.exe
2348	msedge.exe

Suspicious use of SendNotifyMessage 12 IoCs

pid	Process
2348	msedge.exe
2348	msedge.exe
2348	msedge.exe
2348	msedge.exe
2348	msedge.exe
2348	msedge.exe
2348	msedge.exe
2348	msedge.exe
2348	msedge.exe
2348	msedge.exe
2348	msedge.exe
2348	msedge.exe

Suspicious use of SetWindowsHookEx 1 IoCs

pid	Process
2348	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2348 wrote to memory of 5084	2348	msedge.exe	77
PID 2348 wrote to memory of 5084	2348	msedge.exe	77
PID 2348 wrote to memory of 4968	2348	msedge.exe	78
PID 2348 wrote to memory of 4968	2348	msedge.exe	78
PID 2348 wrote to memory of 4968	2348	msedge.exe	78
PID 2348 wrote to memory of 4968	2348	msedge.exe	78
PID 2348 wrote to memory of 4968	2348	msedge.exe	78
PID 2348 wrote to memory of 4968	2348	msedge.exe	78
PID 2348 wrote to memory of 4968	2348	msedge.exe	78
PID 2348 wrote to memory of 4968	2348	msedge.exe	78
PID 2348 wrote to memory of 4968	2348	msedge.exe	78
PID 2348 wrote to memory of 4968	2348	msedge.exe	78
PID 2348 wrote to memory of 4968	2348	msedge.exe	78
PID 2348 wrote to memory of 4968	2348	msedge.exe	78
PID 2348 wrote to memory of 4968	2348	msedge.exe	78
PID 2348 wrote to memory of 4968	2348	msedge.exe	78
PID 2348 wrote to memory of 4968	2348	msedge.exe	78
PID 2348 wrote to memory of 4968	2348	msedge.exe	78
PID 2348 wrote to memory of 4968	2348	msedge.exe	78
PID 2348 wrote to memory of 4968	2348	msedge.exe	78
PID 2348 wrote to memory of 4968	2348	msedge.exe	78
PID 2348 wrote to memory of 4968	2348	msedge.exe	78
PID 2348 wrote to memory of 4968	2348	msedge.exe	78
PID 2348 wrote to memory of 4968	2348	msedge.exe	78
PID 2348 wrote to memory of 4968	2348	msedge.exe	78
PID 2348 wrote to memory of 4968	2348	msedge.exe	78
PID 2348 wrote to memory of 4968	2348	msedge.exe	78
PID 2348 wrote to memory of 4968	2348	msedge.exe	78
PID 2348 wrote to memory of 4968	2348	msedge.exe	78
PID 2348 wrote to memory of 4968	2348	msedge.exe	78
PID 2348 wrote to memory of 4968	2348	msedge.exe	78
PID 2348 wrote to memory of 4968	2348	msedge.exe	78
PID 2348 wrote to memory of 4968	2348	msedge.exe	78
PID 2348 wrote to memory of 4968	2348	msedge.exe	78
PID 2348 wrote to memory of 4968	2348	msedge.exe	78
PID 2348 wrote to memory of 4968	2348	msedge.exe	78
PID 2348 wrote to memory of 4968	2348	msedge.exe	78
PID 2348 wrote to memory of 4968	2348	msedge.exe	78
PID 2348 wrote to memory of 4968	2348	msedge.exe	78
PID 2348 wrote to memory of 4968	2348	msedge.exe	78
PID 2348 wrote to memory of 4968	2348	msedge.exe	78
PID 2348 wrote to memory of 4968	2348	msedge.exe	78
PID 2348 wrote to memory of 4128	2348	msedge.exe	79
PID 2348 wrote to memory of 4128	2348	msedge.exe	79
PID 2348 wrote to memory of 128	2348	msedge.exe	80
PID 2348 wrote to memory of 128	2348	msedge.exe	80
PID 2348 wrote to memory of 128	2348	msedge.exe	80
PID 2348 wrote to memory of 128	2348	msedge.exe	80
PID 2348 wrote to memory of 128	2348	msedge.exe	80
PID 2348 wrote to memory of 128	2348	msedge.exe	80
PID 2348 wrote to memory of 128	2348	msedge.exe	80
PID 2348 wrote to memory of 128	2348	msedge.exe	80
PID 2348 wrote to memory of 128	2348	msedge.exe	80
PID 2348 wrote to memory of 128	2348	msedge.exe	80
PID 2348 wrote to memory of 128	2348	msedge.exe	80
PID 2348 wrote to memory of 128	2348	msedge.exe	80
PID 2348 wrote to memory of 128	2348	msedge.exe	80
PID 2348 wrote to memory of 128	2348	msedge.exe	80
PID 2348 wrote to memory of 128	2348	msedge.exe	80
PID 2348 wrote to memory of 128	2348	msedge.exe	80
PID 2348 wrote to memory of 128	2348	msedge.exe	80
PID 2348 wrote to memory of 128	2348	msedge.exe	80
PID 2348 wrote to memory of 128	2348	msedge.exe	80
PID 2348 wrote to memory of 128	2348	msedge.exe	80

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --start-maximized --single-argument http://github.com
1⤵
- Enumerates system info in registry
- NTFS ADS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:2348
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ffd0c4e3cb8,0x7ffd0c4e3cc8,0x7ffd0c4e3cd8
  2⤵
  PID:5084
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1892,3012193047786892560,4454185279686482459,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1904 /prefetch:2
  2⤵
  PID:4968
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1892,3012193047786892560,4454185279686482459,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2220 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4128
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1892,3012193047786892560,4454185279686482459,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2616 /prefetch:8
  2⤵
  PID:128
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,3012193047786892560,4454185279686482459,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3144 /prefetch:1
  2⤵
  PID:1748
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,3012193047786892560,4454185279686482459,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3192 /prefetch:1
  2⤵
  PID:1488
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,3012193047786892560,4454185279686482459,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4896 /prefetch:1
  2⤵
  PID:3372
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=1892,3012193047786892560,4454185279686482459,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=4952 /prefetch:8
  2⤵
  PID:2984
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,3012193047786892560,4454185279686482459,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3544 /prefetch:1
  2⤵
  PID:2436
- C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1892,3012193047786892560,4454185279686482459,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5824 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4144
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,3012193047786892560,4454185279686482459,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5364 /prefetch:1
  2⤵
  PID:4284
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,3012193047786892560,4454185279686482459,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5376 /prefetch:1
  2⤵
  PID:1248
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1892,3012193047786892560,4454185279686482459,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3560 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3520
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,3012193047786892560,4454185279686482459,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5460 /prefetch:1
  2⤵
  PID:412
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,3012193047786892560,4454185279686482459,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5348 /prefetch:1
  2⤵
  PID:4008
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,3012193047786892560,4454185279686482459,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5396 /prefetch:1
  2⤵
  PID:2564
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=1892,3012193047786892560,4454185279686482459,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=3504 /prefetch:8
  2⤵
  PID:416
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,3012193047786892560,4454185279686482459,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5900 /prefetch:1
  2⤵
  PID:1560
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,3012193047786892560,4454185279686482459,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5936 /prefetch:1
  2⤵
  PID:3200
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,3012193047786892560,4454185279686482459,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2872 /prefetch:1
  2⤵
  PID:1608
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,3012193047786892560,4454185279686482459,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1160 /prefetch:1
  2⤵
  PID:2952
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,3012193047786892560,4454185279686482459,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4632 /prefetch:1
  2⤵
  PID:2308
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,3012193047786892560,4454185279686482459,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3592 /prefetch:1
  2⤵
  PID:3684
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,3012193047786892560,4454185279686482459,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3836 /prefetch:1
  2⤵
  PID:3120
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=1892,3012193047786892560,4454185279686482459,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6864 /prefetch:8
  2⤵
  - NTFS ADS
  - Suspicious behavior: EnumeratesProcesses
  PID:3636
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,3012193047786892560,4454185279686482459,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5808 /prefetch:1
  2⤵
  PID:1116
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,3012193047786892560,4454185279686482459,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2900 /prefetch:1
  2⤵
  PID:4556
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,3012193047786892560,4454185279686482459,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5952 /prefetch:1
  2⤵
  PID:2372
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,3012193047786892560,4454185279686482459,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6644 /prefetch:1
  2⤵
  PID:3844
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=1892,3012193047786892560,4454185279686482459,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=7300 /prefetch:8
  2⤵
  PID:1892
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1892,3012193047786892560,4454185279686482459,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --gpu-preferences=SAAAAAAAAADoAAAwAAAAAAAAAAAAAAAAAABgAAAQAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=6884 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3112
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=1892,3012193047786892560,4454185279686482459,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=6420 /prefetch:8
  2⤵
  PID:4960
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=1892,3012193047786892560,4454185279686482459,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6652 /prefetch:8
  2⤵
  - Subvert Trust Controls: Mark-of-the-Web Bypass
  - NTFS ADS
  - Suspicious behavior: EnumeratesProcesses
  PID:4308
- C:\Users\Admin\Downloads\WinNuke.98 (1).exe
  "C:\Users\Admin\Downloads\WinNuke.98 (1).exe"
  2⤵
  - Executes dropped EXE
  - System Location Discovery: System Language Discovery
  PID:4964
- C:\Users\Admin\Downloads\WinNuke.98 (1).exe
  "C:\Users\Admin\Downloads\WinNuke.98 (1).exe"
  2⤵
  - Executes dropped EXE
  PID:1004

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4056

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:1228

C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x000000000000049C 0x00000000000004DC
1⤵
PID:644

Network

DNS

github.com

msedge.exe

Remote address:

8.8.8.8:53

Request

github.com

IN A

Response

github.com

IN A

20.26.156.215
DNS

ctldl.windowsupdate.com

msedge.exe

Remote address:

8.8.8.8:53

Request

ctldl.windowsupdate.com

IN A

Response

ctldl.windowsupdate.com

IN CNAME

ctldl.windowsupdate.com.delivery.microsoft.com

ctldl.windowsupdate.com.delivery.microsoft.com

IN CNAME

wu-b-net.trafficmanager.net

wu-b-net.trafficmanager.net

IN CNAME

bg.microsoft.map.fastly.net

bg.microsoft.map.fastly.net

IN A

199.232.214.172

bg.microsoft.map.fastly.net

IN A

199.232.210.172
DNS

github.githubassets.com

msedge.exe

Remote address:

8.8.8.8:53

Request

github.githubassets.com

IN A

Response

github.githubassets.com

IN A

185.199.110.154

github.githubassets.com

IN A

185.199.111.154

github.githubassets.com

IN A

185.199.109.154

github.githubassets.com

IN A

185.199.108.154
DNS

user-images.githubusercontent.com

msedge.exe

Remote address:

8.8.8.8:53

Request

user-images.githubusercontent.com

IN A

Response

user-images.githubusercontent.com

IN A

185.199.111.133

user-images.githubusercontent.com

IN A

185.199.110.133

user-images.githubusercontent.com

IN A

185.199.108.133

user-images.githubusercontent.com

IN A

185.199.109.133
DNS

172.214.232.199.in-addr.arpa

msedge.exe

Remote address:

8.8.8.8:53

Request

172.214.232.199.in-addr.arpa

IN PTR

Response
DNS

22.112.82.140.in-addr.arpa

msedge.exe

Remote address:

8.8.8.8:53

Request

22.112.82.140.in-addr.arpa

IN PTR

Response

22.112.82.140.in-addr.arpa

IN PTR

lb-140-82-112-22-iadgithubcom
DNS

34.143.101.95.in-addr.arpa

msedge.exe

Remote address:

8.8.8.8:53

Request

34.143.101.95.in-addr.arpa

IN PTR

Response

34.143.101.95.in-addr.arpa

IN PTR

a95-101-143-34deploystaticakamaitechnologiescom
DNS

237.21.107.13.in-addr.arpa

msedge.exe

Remote address:

8.8.8.8:53

Request

237.21.107.13.in-addr.arpa

IN PTR

Response
DNS

github.com

msedge.exe

Remote address:

8.8.8.8:53

Request

github.com

IN A

Response

github.com

IN A

20.26.156.215
DNS

48.229.111.52.in-addr.arpa

msedge.exe

Remote address:

8.8.8.8:53

Request

48.229.111.52.in-addr.arpa

IN PTR

Response
GET

http://github.com/

msedge.exe

Remote address:

20.26.156.215:80

Request

GET / HTTP/1.1
Host: github.com
Connection: keep-alive
DNT: 1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 301 Moved Permanently

Content-Length: 0
Location: https://github.com/
DNS

msedge.exe

Remote address:

20.26.156.215:80

Response

HTTP/1.1 408 Request Time-out

Content-length: 110
Cache-Control: no-cache
Connection: close
Content-Type: text/html
GET

https://github.com/

msedge.exe

Remote address:

20.26.156.215:443

Request

GET / HTTP/2.0
host: github.com
dnt: 1
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
sec-ch-ua-mobile: ?0
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

server: GitHub.com
date: Fri, 13 Dec 2024 18:08:57 GMT
content-type: text/html; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Language, Accept-Encoding, Accept, X-Requested-With
content-language: en-US
etag: W/"36eacc17867c16cda9f9b2d18ebc1cd7"
cache-control: max-age=0, private, must-revalidate
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com github.githubassets.com edge.fullstory.com rs.fullstory.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com www.youtube-nocookie.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com github.githubassets.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
content-encoding: gzip
set-cookie: _gh_sess=3pslbJoWb%2B8s3S77LyoEbf3RSedzRGlxFfN%2BonOROqoALpLu8Y0uJPSZBT2vfiGhQB8%2BEs1zHSqozjwzhUNyekPr%2Fv%2FDgwzb0v7KOjg0izKz4014824b8juMY%2FwXf8W1Ydl8QgAtP0qlnDQbLL1t9RK47A%2BDQ9rN1uxnRwIgsfbPcdJlqzgz%2Fk9wjk%2FBgDJmpyQoDJU484cQ1lUBgdNoIUJMpBXg3j987gftiBKx2mUK4ede0h9zIxSKHS14Ty8U7N6ouFSeD4a%2FybL7rK7NqA%3D%3D--a4wUJGIce5wOWPMD--22Slh6i8WDVF7q8E4oOEtg%3D%3D; Path=/; HttpOnly; Secure; SameSite=Lax
set-cookie: _octo=GH1.1.1226490588.1734113350; Path=/; Domain=github.com; Expires=Sat, 13 Dec 2025 18:09:10 GMT; Secure; SameSite=Lax
set-cookie: logged_in=no; Path=/; Domain=github.com; Expires=Sat, 13 Dec 2025 18:09:10 GMT; HttpOnly; Secure; SameSite=Lax
accept-ranges: bytes
x-github-request-id: C25D:3C8BE4:160EE4E:1977E8D:675C7846
GET

https://github.com/opensearch.xml

msedge.exe

Remote address:

20.26.156.215:443

Request

GET /opensearch.xml HTTP/2.0
host: github.com
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: empty
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

server: GitHub.com
date: Fri, 13 Dec 2024 18:09:12 GMT
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
cache-control: max-age=604800, public
etag: W/"c75e05794d72230a695e880f1a6c83a4"
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
content-type: application/manifest+json; charset=utf-8
content-encoding: gzip
accept-ranges: bytes
content-length: 474
x-github-request-id: C25D:3C8BE4:160F013:19780C8:675C784A
GET

https://github.com/manifest.json

msedge.exe

Remote address:

20.26.156.215:443

Request

GET /manifest.json HTTP/2.0
host: github.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://github.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _gh_sess=3pslbJoWb%2B8s3S77LyoEbf3RSedzRGlxFfN%2BonOROqoALpLu8Y0uJPSZBT2vfiGhQB8%2BEs1zHSqozjwzhUNyekPr%2Fv%2FDgwzb0v7KOjg0izKz4014824b8juMY%2FwXf8W1Ydl8QgAtP0qlnDQbLL1t9RK47A%2BDQ9rN1uxnRwIgsfbPcdJlqzgz%2Fk9wjk%2FBgDJmpyQoDJU484cQ1lUBgdNoIUJMpBXg3j987gftiBKx2mUK4ede0h9zIxSKHS14Ty8U7N6ouFSeD4a%2FybL7rK7NqA%3D%3D--a4wUJGIce5wOWPMD--22Slh6i8WDVF7q8E4oOEtg%3D%3D
cookie: _octo=GH1.1.1226490588.1734113350
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 200

server: GitHub.com
date: Fri, 13 Dec 2024 18:09:14 GMT
content-type: text/xml
last-modified: Fri, 13 Dec 2024 17:21:30 GMT
etag: W/"675c6d1a-225"
vary: Accept-Encoding, Accept, X-Requested-With
x-frame-options: DENY
content-encoding: gzip
set-cookie: _gh_sess=AwKAkRUuD4V9T06SFbfsHQdlkwgMmW4PIwoM1r0bC5dSGWZk6WWW9J26ZwdWP%2BULcSUb85WkytKkdhsRZexl7MO0Kb5dT30XP0nSaes31CxhopCQ1hkSKqs9%2BbgUwbvvcP%2By0OB0x8KKhk8tArShDZbD2Z%2FYLqzIkQQylsFooWmlNbCLxnwgik1Fu4nlgFa6r6F0v97GGbe6SF67hIZYsbkva7Jp8n7CCstmYJKAIsq0KEt7wl%2Bk919pWa5pZRkGaQDnCgTggR2oFo4F%2FOhIwA%3D%3D--MtUbrBtfcM2571B1--ADrDW2DnAwbQnYorE5bRUw%3D%3D; Path=/; HttpOnly; Secure; SameSite=Lax
set-cookie: _octo=GH1.1.401256915.1734113354; Path=/; Domain=github.com; Expires=Sat, 13 Dec 2025 18:09:14 GMT; Secure; SameSite=Lax
set-cookie: logged_in=no; Path=/; Domain=github.com; Expires=Sat, 13 Dec 2025 18:09:14 GMT; HttpOnly; Secure; SameSite=Lax
accept-ranges: bytes
content-length: 328
x-github-request-id: C25D:3C8BE4:160F00E:19780C2:675C7846
GET

https://github.githubassets.com/assets/light-0cfd1fd8509e.css

msedge.exe

Remote address:

185.199.110.154:443

Request

GET /assets/light-0cfd1fd8509e.css HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: text/css,*/*;q=0.1
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: style
referer: https://github.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: text/css
last-modified: Wed, 20 Nov 2024 21:24:18 GMT
etag: "0x8DD09A9B15EC064"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 13 Dec 2024 18:09:10 GMT
age: 756094
x-served-by: cache-iad-kiad7000161-IAD, cache-lcy-eglc8600090-LCY
x-cache: HIT, HIT
x-cache-hits: 141, 20789
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 094f899d3daeadbfaf4c4f6f684d96c368c9b0f1
content-length: 6899
GET

https://github.githubassets.com/assets/dark-d782f59290e2.css

msedge.exe

Remote address:

185.199.110.154:443

Request

GET /assets/dark-d782f59290e2.css HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: text/css,*/*;q=0.1
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: style
referer: https://github.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: text/css
last-modified: Fri, 13 Dec 2024 08:12:55 GMT
etag: "0x8DD1B4DF271328B"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 13 Dec 2024 18:09:10 GMT
age: 29051
x-served-by: cache-iad-kiad7000090-IAD, cache-lcy-eglc8600090-LCY
x-cache: HIT, HIT
x-cache-hits: 14, 96
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 939523a80ca78e8aabc67996b6fb83bb7f306efa
content-length: 7261
GET

https://github.githubassets.com/assets/primer-primitives-953961b66e63.css

msedge.exe

Remote address:

185.199.110.154:443

Request

GET /assets/primer-primitives-953961b66e63.css HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: text/css,*/*;q=0.1
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: style
referer: https://github.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: text/css
last-modified: Thu, 05 Dec 2024 20:26:55 GMT
etag: "0x8DD156B298D6596"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 13 Dec 2024 18:09:10 GMT
age: 374607
x-served-by: cache-iad-kcgs7200071-IAD, cache-lcy-eglc8600090-LCY
x-cache: HIT, HIT
x-cache-hits: 9, 14042
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 41c2babf96df9d1fb425ec5a1e441b0ab69e0e8b
content-length: 38207
GET

https://github.githubassets.com/assets/primer-c2a395868004.css

msedge.exe

Remote address:

185.199.110.154:443

Request

GET /assets/primer-c2a395868004.css HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: text/css,*/*;q=0.1
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: style
referer: https://github.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: text/css
last-modified: Tue, 10 Dec 2024 14:41:47 GMT
etag: "0x8DD1928C696D724"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 13 Dec 2024 18:09:10 GMT
age: 252945
x-served-by: cache-iad-kiad7000165-IAD, cache-lcy-eglc8600090-LCY
x-cache: HIT, HIT
x-cache-hits: 44, 597
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: b5e5b8bcef73733370719af0d7654aa4ef3fdf50
content-length: 66321
GET

https://github.githubassets.com/assets/global-2f00718c6733.css

msedge.exe

Remote address:

185.199.110.154:443

Request

GET /assets/global-2f00718c6733.css HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: text/css,*/*;q=0.1
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: style
referer: https://github.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: text/css
last-modified: Wed, 11 Dec 2024 00:33:51 GMT
etag: "0x8DD197B7CA1683D"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 13 Dec 2024 18:09:10 GMT
age: 168341
x-served-by: cache-iad-kcgs7200089-IAD, cache-lcy-eglc8600090-LCY
x-cache: HIT, HIT
x-cache-hits: 78, 6588
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 1dfa1c0068dd441087528dad99463368fd21abc0
content-length: 17510
GET

https://github.githubassets.com/assets/github-2bd3a44faeb2.css

msedge.exe

Remote address:

185.199.110.154:443

Request

GET /assets/github-2bd3a44faeb2.css HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: text/css,*/*;q=0.1
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: style
referer: https://github.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: text/css
last-modified: Wed, 04 Dec 2024 01:10:11 GMT
etag: "0x8DD140066AFDC04"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 13 Dec 2024 18:09:10 GMT
age: 327938
x-served-by: cache-iad-kiad7000128-IAD, cache-lcy-eglc8600090-LCY
x-cache: HIT, HIT
x-cache-hits: 16, 12583
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: dcd75ee438260c6e8899acde325634ed35330df1
content-length: 39258
GET

https://github.githubassets.com/assets/primer-react.978a0e823d7b04f19850.module.css

msedge.exe

Remote address:

185.199.110.154:443

Request

GET /assets/primer-react.978a0e823d7b04f19850.module.css HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: text/css,*/*;q=0.1
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: style
referer: https://github.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: font/woff2
last-modified: Thu, 08 Aug 2024 18:12:01 GMT
etag: "0x8DCB7D599DB0D25"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 13 Dec 2024 18:09:10 GMT
age: 870802
x-served-by: cache-iad-kjyo7100166-IAD, cache-lcy-eglc8600090-LCY
x-cache: HIT, HIT
x-cache-hits: 621, 5362
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 6827f6222da2fb25480904763fb7e6edf0334153
content-length: 84388
GET

https://github.githubassets.com/assets/home-7d9ef44a828b.css

msedge.exe

Remote address:

185.199.110.154:443

Request

GET /assets/home-7d9ef44a828b.css HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: text/css,*/*;q=0.1
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: style
referer: https://github.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Thu, 03 Oct 2024 09:28:49 GMT
etag: "0x8DCE38DCA0CCF44"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 13 Dec 2024 18:09:10 GMT
age: 4417337
x-served-by: cache-iad-kjyo7100160-IAD, cache-lcy-eglc8600090-LCY
x-cache: HIT, HIT
x-cache-hits: 2, 4531
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: ae9a0c03cddd6c519f0f0779932f7e1e0d52b7d5
content-length: 206
GET

https://github.githubassets.com/assets/landing-pages-b6361b51e085.css

msedge.exe

Remote address:

185.199.110.154:443

Request

GET /assets/landing-pages-b6361b51e085.css HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: text/css,*/*;q=0.1
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: style
referer: https://github.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: text/css
last-modified: Thu, 12 Dec 2024 16:54:36 GMT
etag: "0x8DD1ACDA8E3D310"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 13 Dec 2024 18:09:10 GMT
age: 88535
x-served-by: cache-iad-kjyo7100034-IAD, cache-lcy-eglc8600090-LCY
x-cache: HIT, HIT
x-cache-hits: 17, 209
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: e17c4cfeae6df60a65e66b05faf64ea49323fca6
content-length: 2024
GET

https://github.githubassets.com/assets/site-cebe295375c4.css

msedge.exe

Remote address:

185.199.110.154:443

Request

GET /assets/site-cebe295375c4.css HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: text/css,*/*;q=0.1
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: style
referer: https://github.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: text/css
last-modified: Thu, 05 Dec 2024 20:26:57 GMT
etag: "0x8DD156B2A3F2554"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 13 Dec 2024 18:09:10 GMT
age: 374513
x-served-by: cache-iad-kiad7000143-IAD, cache-lcy-eglc8600090-LCY
x-cache: HIT, HIT
x-cache-hits: 11, 2679
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 0b0c73b1f9f0790e3cd6c81af9d1076e24a6bcda
content-length: 9397
GET

https://github.githubassets.com/assets/landing-pages.60c759f6b58588aa9dd7.module.css

msedge.exe

Remote address:

185.199.110.154:443

Request

GET /assets/landing-pages.60c759f6b58588aa9dd7.module.css HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: text/css,*/*;q=0.1
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: style
referer: https://github.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: text/css
last-modified: Tue, 10 Dec 2024 00:05:07 GMT
etag: "0x8DD18AE4E943703"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 13 Dec 2024 18:09:10 GMT
age: 64728
x-served-by: cache-iad-kiad7000101-IAD, cache-lcy-eglc8600090-LCY
x-cache: HIT, HIT
x-cache-hits: 72, 3014
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: a5c8d7f3b16fa04c8f1d3d28d39b3e6596c4f038
content-length: 21321
GET

https://github.githubassets.com/assets/global-banner-disable-f988792be49f.js

msedge.exe

Remote address:

185.199.110.154:443

Request

GET /assets/global-banner-disable-f988792be49f.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: text/css
last-modified: Wed, 11 Dec 2024 17:38:33 GMT
etag: "0x8DD1A0AA2CE9848"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 13 Dec 2024 18:09:10 GMT
age: 103969
x-served-by: cache-iad-kcgs7200156-IAD, cache-lcy-eglc8600090-LCY
x-cache: HIT, HIT
x-cache-hits: 9, 4682
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 1e0f732666811b517d420c47ced0be0fa1163fc0
content-length: 2591
GET

https://github.githubassets.com/assets/mona-sans-d1bf285e9b9b.woff2

msedge.exe

Remote address:

185.199.110.154:443

Request

GET /assets/mona-sans-d1bf285e9b9b.woff2 HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: font
referer: https://github.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: text/css
last-modified: Wed, 20 Nov 2024 21:24:16 GMT
etag: "0x8DD09A9B01484BC"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 13 Dec 2024 18:09:10 GMT
age: 756091
x-served-by: cache-iad-kiad7000027-IAD, cache-lcy-eglc8600090-LCY
x-cache: HIT, HIT
x-cache-hits: 139, 20855
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: e4887a10885a5fd2864ebe809d95e2651e4e43cb
content-length: 6985
GET

https://github.githubassets.com/assets/wp-runtime-2142a8343952.js

msedge.exe

Remote address:

185.199.110.154:443

Request

GET /assets/wp-runtime-2142a8343952.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Fri, 13 Dec 2024 14:08:12 GMT
etag: "0x8DD1B7F94662B8A"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 13 Dec 2024 18:09:10 GMT
age: 10648
x-served-by: cache-iad-kcgs7200167-IAD, cache-lcy-eglc8600090-LCY
x-cache: HIT, HIT
x-cache-hits: 8, 717
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: caa59112bd60072730e8da8f3f97aa8bbdc0eb3d
content-length: 14261
GET

https://github.githubassets.com/assets/vendors-node_modules_oddbird_popover-polyfill_dist_popover_js-9da652f58479.js

msedge.exe

Remote address:

185.199.110.154:443

Request

GET /assets/vendors-node_modules_oddbird_popover-polyfill_dist_popover_js-9da652f58479.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Tue, 12 Nov 2024 14:39:55 GMT
etag: "0x8DD0327E029647C"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 13 Dec 2024 18:09:10 GMT
age: 433604
x-served-by: cache-iad-kiad7000023-IAD, cache-lcy-eglc8600090-LCY
x-cache: HIT, HIT
x-cache-hits: 1, 15370
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: b92433e812e9b2059764ba84cce82d09a2b0bd4e
content-length: 3080
GET

https://github.githubassets.com/assets/vendors-node_modules_github_arianotify-polyfill_ariaNotify-polyfill_js-node_modules_github_mi-3abb8f-d7e6bc799724.js

msedge.exe

Remote address:

185.199.110.154:443

Request

GET /assets/vendors-node_modules_github_arianotify-polyfill_ariaNotify-polyfill_js-node_modules_github_mi-3abb8f-d7e6bc799724.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Mon, 25 Nov 2024 23:53:43 GMT
etag: "0x8DD0DAC64A4BC1B"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 13 Dec 2024 18:09:10 GMT
age: 433604
x-served-by: cache-iad-kiad7000104-IAD, cache-lcy-eglc8600090-LCY
x-cache: HIT, HIT
x-cache-hits: 1, 15416
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: e18b5d78e42232998afc44be28fcd70eb9fd969f
content-length: 3597
GET

https://github.githubassets.com/assets/ui_packages_failbot_failbot_ts-09435cd1cf6d.js

msedge.exe

Remote address:

185.199.110.154:443

Request

GET /assets/ui_packages_failbot_failbot_ts-09435cd1cf6d.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Thu, 05 Dec 2024 15:49:16 GMT
etag: "0x8DD15445FBFE222"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 13 Dec 2024 18:09:10 GMT
age: 433604
x-served-by: cache-iad-kiad7000130-IAD, cache-lcy-eglc8600090-LCY
x-cache: HIT, HIT
x-cache-hits: 1, 15469
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 431318bb72e47fa0a78563f2a7f09ab4f96cdeba
content-length: 4848
GET

https://github.githubassets.com/assets/environment-7b93e0f0c8ff.js

msedge.exe

Remote address:

185.199.110.154:443

Request

GET /assets/environment-7b93e0f0c8ff.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Mon, 25 Nov 2024 14:39:36 GMT
etag: "0x8DD0D5EFC4A53FF"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 13 Dec 2024 18:09:10 GMT
age: 877416
x-served-by: cache-iad-kiad7000134-IAD, cache-lcy-eglc8600090-LCY
x-cache: HIT, HIT
x-cache-hits: 20, 24906
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 3956aa40a587ff721f0457c197e4bbac04f0cb38
content-length: 735
GET

https://github.githubassets.com/assets/vendors-node_modules_primer_behaviors_dist_esm_index_mjs-ea2a5d75d580.js

msedge.exe

Remote address:

185.199.110.154:443

Request

GET /assets/vendors-node_modules_primer_behaviors_dist_esm_index_mjs-ea2a5d75d580.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Tue, 12 Nov 2024 00:52:41 GMT
etag: "0x8DD02B4500CD2AA"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 13 Dec 2024 18:09:10 GMT
age: 433604
x-served-by: cache-iad-kjyo7100040-IAD, cache-lcy-eglc8600090-LCY
x-cache: HIT, HIT
x-cache-hits: 1, 15464
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 3eb01311d06c4d30c528d562e2c9c3376c032d5e
content-length: 5756
GET

https://github.githubassets.com/assets/vendors-node_modules_github_selector-observer_dist_index_esm_js-f690fd9ae3d5.js

msedge.exe

Remote address:

185.199.110.154:443

Request

GET /assets/vendors-node_modules_github_selector-observer_dist_index_esm_js-f690fd9ae3d5.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Thu, 08 Aug 2024 18:12:13 GMT
etag: "0x8DCB7D5A12F8D41"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 13 Dec 2024 18:09:10 GMT
age: 4353711
x-served-by: cache-iad-kiad7000168-IAD, cache-lcy-eglc8600090-LCY
x-cache: HIT, HIT
x-cache-hits: 42466, 21679
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 06a3b0950d867e9f49f921b53e13875573805a0b
content-length: 3284
GET

https://github.githubassets.com/assets/vendors-node_modules_github_relative-time-element_dist_index_js-f6da4b3fa34c.js

msedge.exe

Remote address:

185.199.110.154:443

Request

GET /assets/vendors-node_modules_github_relative-time-element_dist_index_js-f6da4b3fa34c.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Mon, 09 Dec 2024 18:22:05 GMT
etag: "0x8DD187E625ACB6B"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 13 Dec 2024 18:09:10 GMT
age: 319348
x-served-by: cache-iad-kiad7000085-IAD, cache-lcy-eglc8600090-LCY
x-cache: HIT, HIT
x-cache-hits: 62, 12349
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: e603887714d6233a35388cd1b84f5f0e6f8e935b
content-length: 4645
GET

https://github.githubassets.com/assets/vendors-node_modules_github_combobox-nav_dist_index_js-node_modules_github_g-emoji-element_di-6ce195-8dc38c1f27cc.js

msedge.exe

Remote address:

185.199.110.154:443

Request

GET /assets/vendors-node_modules_github_combobox-nav_dist_index_js-node_modules_github_g-emoji-element_di-6ce195-8dc38c1f27cc.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Thu, 05 Dec 2024 15:49:17 GMT
etag: "0x8DD15446030C279"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 13 Dec 2024 18:09:10 GMT
age: 433604
x-served-by: cache-iad-kiad7000040-IAD, cache-lcy-eglc8600090-LCY
x-cache: HIT, HIT
x-cache-hits: 1, 15662
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 17762b3d2af020ead8e67bd75adbeb455c1797f8
content-length: 18635
GET

https://github.githubassets.com/assets/vendors-node_modules_github_auto-complete-element_dist_index_js-node_modules_github_catalyst_-8e9f78-a74b4e0a8a6b.js

msedge.exe

Remote address:

185.199.110.154:443

Request

GET /assets/vendors-node_modules_github_auto-complete-element_dist_index_js-node_modules_github_catalyst_-8e9f78-a74b4e0a8a6b.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Tue, 12 Nov 2024 00:52:40 GMT
etag: "0x8DD02B44F6AB94F"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 13 Dec 2024 18:09:10 GMT
age: 433605
x-served-by: cache-iad-kjyo7100042-IAD, cache-lcy-eglc8600090-LCY
x-cache: HIT, HIT
x-cache-hits: 1, 15495
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 161e61a611f02227a87164ffe86296629c4f3fe1
content-length: 6302
GET

https://github.githubassets.com/assets/vendors-node_modules_github_text-expander-element_dist_index_js-78748950cb0c.js

msedge.exe

Remote address:

185.199.110.154:443

Request

GET /assets/vendors-node_modules_github_text-expander-element_dist_index_js-78748950cb0c.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Mon, 25 Nov 2024 14:39:52 GMT
etag: "0x8DD0D5F05CBAB3B"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 13 Dec 2024 18:09:10 GMT
age: 877416
x-served-by: cache-iad-kiad7000130-IAD, cache-lcy-eglc8600090-LCY
x-cache: HIT, HIT
x-cache-hits: 20, 25171
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: ef7969afe75161e3dd1191dafc55a4421a837c38
content-length: 6786
GET

https://github.githubassets.com/assets/vendors-node_modules_github_filter-input-element_dist_index_js-node_modules_github_remote-inp-b5f1d7-a1760ffda83d.js

msedge.exe

Remote address:

185.199.110.154:443

Request

GET /assets/vendors-node_modules_github_filter-input-element_dist_index_js-node_modules_github_remote-inp-b5f1d7-a1760ffda83d.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Tue, 12 Nov 2024 00:52:41 GMT
etag: "0x8DD02B4500C5DFD"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 13 Dec 2024 18:09:10 GMT
age: 433604
x-served-by: cache-iad-kiad7000164-IAD, cache-lcy-eglc8600090-LCY
x-cache: HIT, HIT
x-cache-hits: 1, 15437
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: d01350d8403853c14fc0ae4738c8b2948fc64754
content-length: 4311
GET

https://github.githubassets.com/assets/vendors-node_modules_github_file-attachment-element_dist_index_js-node_modules_primer_view-co-381a4f-e1937e23751a.js

msedge.exe

Remote address:

185.199.110.154:443

Request

GET /assets/vendors-node_modules_github_file-attachment-element_dist_index_js-node_modules_primer_view-co-381a4f-e1937e23751a.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Tue, 12 Nov 2024 00:52:41 GMT
etag: "0x8DD02B4500E579D"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 13 Dec 2024 18:09:10 GMT
age: 433604
x-served-by: cache-iad-kjyo7100066-IAD, cache-lcy-eglc8600090-LCY
x-cache: HIT, HIT
x-cache-hits: 1, 15477
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: be3e5a97e6258a285b6895cffc1413042c3fc18f
content-length: 3918
GET

https://github.githubassets.com/assets/github-elements-902713b269e2.js

msedge.exe

Remote address:

185.199.110.154:443

Request

GET /assets/github-elements-902713b269e2.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Wed, 11 Dec 2024 19:47:31 GMT
etag: "0x8DD1A1CA6A374E0"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 13 Dec 2024 18:09:10 GMT
age: 91344
x-served-by: cache-iad-kiad7000158-IAD, cache-lcy-eglc8600090-LCY
x-cache: HIT, HIT
x-cache-hits: 16, 3125
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 8d2fc931faccd642b5c3b1e82458fe4c43e88df9
content-length: 24898
GET

https://github.githubassets.com/assets/element-registry-3cb970f9c462.js

msedge.exe

Remote address:

185.199.110.154:443

Request

GET /assets/element-registry-3cb970f9c462.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Thu, 05 Dec 2024 15:49:09 GMT
etag: "0x8DD15445B6C476E"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 13 Dec 2024 18:09:10 GMT
age: 433604
x-served-by: cache-iad-kcgs7200057-IAD, cache-lcy-eglc8600090-LCY
x-cache: HIT, HIT
x-cache-hits: 1, 15546
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 68ce79d6e65efdc93071d53d7de8d72a50b45dcf
content-length: 9532
GET

https://github.githubassets.com/assets/vendors-node_modules_braintree_browser-detection_dist_browser-detection_js-node_modules_githu-bb80ec-1b4f4deecd3a.js

msedge.exe

Remote address:

185.199.110.154:443

Request

GET /assets/vendors-node_modules_braintree_browser-detection_dist_browser-detection_js-node_modules_githu-bb80ec-1b4f4deecd3a.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Tue, 12 Nov 2024 00:52:41 GMT
etag: "0x8DD02B44FAF168F"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 13 Dec 2024 18:09:10 GMT
age: 433604
x-served-by: cache-iad-kiad7000037-IAD, cache-lcy-eglc8600090-LCY
x-cache: HIT, HIT
x-cache-hits: 1, 15569
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 4ac777b9973c67c7663f3c95efe57254e40608bf
content-length: 2385
GET

https://github.githubassets.com/assets/vendors-node_modules_lit-html_lit-html_js-be8cb88f481b.js

msedge.exe

Remote address:

185.199.110.154:443

Request

GET /assets/vendors-node_modules_lit-html_lit-html_js-be8cb88f481b.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Mon, 25 Nov 2024 15:32:27 GMT
etag: "0x8DD0D665E0F9ED8"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 13 Dec 2024 18:09:10 GMT
age: 433604
x-served-by: cache-iad-kcgs7200078-IAD, cache-lcy-eglc8600090-LCY
x-cache: HIT, HIT
x-cache-hits: 1, 15497
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 6f3ea2f8074c50f6a61d9ea8648cb099f5cde7c9
content-length: 5379
GET

https://github.githubassets.com/assets/vendors-node_modules_github_mini-throttle_dist_index_js-node_modules_morphdom_dist_morphdom-e-7c534c-a4a1922eb55f.js

msedge.exe

Remote address:

185.199.110.154:443

Request

GET /assets/vendors-node_modules_github_mini-throttle_dist_index_js-node_modules_morphdom_dist_morphdom-e-7c534c-a4a1922eb55f.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Fri, 13 Dec 2024 05:17:06 GMT
etag: "0x8DD1B356326D2B3"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 13 Dec 2024 18:09:10 GMT
age: 42283
x-served-by: cache-iad-kjyo7100179-IAD, cache-lcy-eglc8600090-LCY
x-cache: HIT, HIT
x-cache-hits: 59, 2726
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: f9e94d8bcc8cec1a76219b941cbfb0e3c75dccb9
content-length: 8071
GET

https://github.githubassets.com/assets/vendors-node_modules_github_turbo_dist_turbo_es2017-esm_js-e3cbe28f1638.js

msedge.exe

Remote address:

185.199.110.154:443

Request

GET /assets/vendors-node_modules_github_turbo_dist_turbo_es2017-esm_js-e3cbe28f1638.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Tue, 12 Nov 2024 00:52:40 GMT
etag: "0x8DD02B44F40A451"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 13 Dec 2024 18:09:10 GMT
age: 433604
x-served-by: cache-iad-kcgs7200096-IAD, cache-lcy-eglc8600090-LCY
x-cache: HIT, HIT
x-cache-hits: 1, 15494
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: c82a32c448626cbe867a46ee0ea43d87fae51446
content-length: 4942
GET

https://github.githubassets.com/assets/vendors-node_modules_github_remote-form_dist_index_js-node_modules_delegated-events_dist_inde-893f9f-6cf3320416b8.js

msedge.exe

Remote address:

185.199.110.154:443

Request

GET /assets/vendors-node_modules_github_remote-form_dist_index_js-node_modules_delegated-events_dist_inde-893f9f-6cf3320416b8.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Thu, 12 Dec 2024 18:16:50 GMT
etag: "0x8DD1AD925CBA8C0"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 13 Dec 2024 18:09:10 GMT
age: 64728
x-served-by: cache-iad-kjyo7100087-IAD, cache-lcy-eglc8600090-LCY
x-cache: HIT, HIT
x-cache-hits: 72, 3264
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: aece42f66ccc78721d64a001367ad8fa083bd26c
content-length: 107628
GET

https://github.githubassets.com/assets/vendors-node_modules_color-convert_index_js-e3180fe3bcb3.js

msedge.exe

Remote address:

185.199.110.154:443

Request

GET /assets/vendors-node_modules_color-convert_index_js-e3180fe3bcb3.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Thu, 05 Dec 2024 15:49:17 GMT
etag: "0x8DD154460870CCD"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 13 Dec 2024 18:09:10 GMT
age: 433604
x-served-by: cache-iad-kjyo7100114-IAD, cache-lcy-eglc8600090-LCY
x-cache: HIT, HIT
x-cache-hits: 1, 16564
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: dfebd44120aa49c49d6c4f1a61fd0713b56cc094
content-length: 7079
GET

https://github.githubassets.com/assets/vendors-node_modules_github_quote-selection_dist_index_js-node_modules_github_session-resume_-69cfcc-833249ee3034.js

msedge.exe

Remote address:

185.199.110.154:443

Request

GET /assets/vendors-node_modules_github_quote-selection_dist_index_js-node_modules_github_session-resume_-69cfcc-833249ee3034.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Thu, 05 Dec 2024 15:49:17 GMT
etag: "0x8DD1544602C817F"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 13 Dec 2024 18:09:10 GMT
age: 433604
x-served-by: cache-iad-kjyo7100132-IAD, cache-lcy-eglc8600090-LCY
x-cache: HIT, HIT
x-cache-hits: 1, 16627
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 7c9d6a553fa12fe61fe33208a679e8b0b9893e34
content-length: 5120
GET

https://github.githubassets.com/assets/ui_packages_updatable-content_updatable-content_ts-863ef5872a03.js

msedge.exe

Remote address:

185.199.110.154:443

Request

GET /assets/ui_packages_updatable-content_updatable-content_ts-863ef5872a03.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Mon, 09 Dec 2024 17:45:32 GMT
etag: "0x8DD1879474B8D64"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 13 Dec 2024 18:09:10 GMT
age: 239026
x-served-by: cache-iad-kcgs7200057-IAD, cache-lcy-eglc8600090-LCY
x-cache: HIT, HIT
x-cache-hits: 63, 9508
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: a7d71c8131e114aa39dd8bfbadbb1e61762bb43a
content-length: 4452
GET

https://github.githubassets.com/assets/app_assets_modules_github_behaviors_task-list_ts-app_assets_modules_github_sso_ts-ui_packages-900dde-917d4bda1f1a.js

msedge.exe

Remote address:

185.199.110.154:443

Request

GET /assets/app_assets_modules_github_behaviors_task-list_ts-app_assets_modules_github_sso_ts-ui_packages-900dde-917d4bda1f1a.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Tue, 10 Dec 2024 09:56:04 GMT
etag: "0x8DD1900DC86F5C7"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 13 Dec 2024 18:09:10 GMT
age: 197507
x-served-by: cache-iad-kcgs7200058-IAD, cache-lcy-eglc8600090-LCY
x-cache: HIT, HIT
x-cache-hits: 1, 8430
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 4e8a8a238ae44207993ef4305fcc8f338021da50
content-length: 3407
GET

https://github.githubassets.com/assets/app_assets_modules_github_sticky-scroll-into-view_ts-7cbef09a422c.js

msedge.exe

Remote address:

185.199.110.154:443

Request

GET /assets/app_assets_modules_github_sticky-scroll-into-view_ts-7cbef09a422c.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Tue, 12 Nov 2024 00:52:40 GMT
etag: "0x8DD02B44F3EF886"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 13 Dec 2024 18:09:10 GMT
age: 433604
x-served-by: cache-iad-kcgs7200145-IAD, cache-lcy-eglc8600090-LCY
x-cache: HIT, HIT
x-cache-hits: 1, 15531
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: d227f4e6ee39fa8aac3bce14ff7fe551cf9912e2
content-length: 4851
GET

https://github.githubassets.com/assets/app_assets_modules_github_behaviors_ajax-error_ts-app_assets_modules_github_behaviors_include-d0d0a6-b41aeef03499.js

msedge.exe

Remote address:

185.199.110.154:443

Request

GET /assets/app_assets_modules_github_behaviors_ajax-error_ts-app_assets_modules_github_behaviors_include-d0d0a6-b41aeef03499.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Thu, 08 Aug 2024 18:12:13 GMT
etag: "0x8DCB7D5A12F3F7D"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 13 Dec 2024 18:09:10 GMT
age: 3412538
x-served-by: cache-iad-kcgs7200153-IAD, cache-lcy-eglc8600090-LCY
x-cache: HIT, HIT
x-cache-hits: 22219, 21769
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: e7517b856cba45554524055dd4809a0e18a6b525
content-length: 3816
GET

https://github.githubassets.com/assets/app_assets_modules_github_behaviors_commenting_edit_ts-app_assets_modules_github_behaviors_ht-83c235-fb43816ab83c.js

msedge.exe

Remote address:

185.199.110.154:443

Request

GET /assets/app_assets_modules_github_behaviors_commenting_edit_ts-app_assets_modules_github_behaviors_ht-83c235-fb43816ab83c.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Thu, 05 Dec 2024 15:49:17 GMT
etag: "0x8DD1544602F3D8E"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 13 Dec 2024 18:09:10 GMT
age: 433605
x-served-by: cache-iad-kiad7000100-IAD, cache-lcy-eglc8600090-LCY
x-cache: HIT, HIT
x-cache-hits: 1, 1865
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: ef155abf244f7a5d475cd00b2ce62a4e1f279d30
content-length: 19397
GET

https://github.githubassets.com/assets/behaviors-bd73f5127970.js

msedge.exe

Remote address:

185.199.110.154:443

Request

GET /assets/behaviors-bd73f5127970.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Tue, 12 Nov 2024 00:52:38 GMT
etag: "0x8DD02B44DEAF90D"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 13 Dec 2024 18:09:10 GMT
age: 433604
x-served-by: cache-iad-kjyo7100051-IAD, cache-lcy-eglc8600090-LCY
x-cache: HIT, HIT
x-cache-hits: 1, 16907
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 7055bd2b5db42c8ae8436d25e0df4117e68102ab
content-length: 54804
GET

https://github.githubassets.com/assets/vendors-node_modules_delegated-events_dist_index_js-node_modules_github_catalyst_lib_index_js-f6223d90c7ba.js

msedge.exe

Remote address:

185.199.110.154:443

Request

GET /assets/vendors-node_modules_delegated-events_dist_index_js-node_modules_github_catalyst_lib_index_js-f6223d90c7ba.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Wed, 11 Dec 2024 14:39:53 GMT
etag: "0x8DD19F1ACAA1628"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 13 Dec 2024 18:09:10 GMT
age: 184303
x-served-by: cache-iad-kjyo7100176-IAD, cache-lcy-eglc8600090-LCY
x-cache: HIT, HIT
x-cache-hits: 7, 7804
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: f32ef5e891486b5aa2d1dfa397ac004b369c598d
content-length: 59994
GET

https://github.githubassets.com/assets/notifications-global-cfcd9f4f0f23.js

msedge.exe

Remote address:

185.199.110.154:443

Request

GET /assets/notifications-global-cfcd9f4f0f23.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Thu, 05 Dec 2024 15:49:16 GMT
etag: "0x8DD15445FC3FC45"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 13 Dec 2024 18:09:10 GMT
age: 433487
x-served-by: cache-iad-kjyo7100079-IAD, cache-lcy-eglc8600090-LCY
x-cache: HIT, HIT
x-cache-hits: 64, 2241
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 0e403bf4a7c6bb1d3395ff3da74e89f5d58a22b9
content-length: 7589
GET

https://github.githubassets.com/assets/vendors-node_modules_github_mini-throttle_dist_index_js-node_modules_delegated-events_dist_in-bae876-4b7fc9352994.js

msedge.exe

Remote address:

185.199.110.154:443

Request

GET /assets/vendors-node_modules_github_mini-throttle_dist_index_js-node_modules_delegated-events_dist_in-bae876-4b7fc9352994.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Wed, 11 Dec 2024 18:28:47 GMT
etag: "0x8DD1A11A74256D8"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 13 Dec 2024 18:09:10 GMT
age: 91345
x-served-by: cache-iad-kiad7000042-IAD, cache-lcy-eglc8600090-LCY
x-cache: HIT, HIT
x-cache-hits: 16, 3154
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 3b3ff2a9c90f74dd94936e72c2ee79072185fcf2
content-length: 40525
GET

https://github.githubassets.com/assets/marketing-essentials-a4759cf649d9.js

msedge.exe

Remote address:

185.199.110.154:443

Request

GET /assets/marketing-essentials-a4759cf649d9.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Thu, 05 Dec 2024 15:49:16 GMT
etag: "0x8DD15445FBEF8D2"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 13 Dec 2024 18:09:10 GMT
age: 433604
x-served-by: cache-iad-kiad7000052-IAD, cache-lcy-eglc8600090-LCY
x-cache: HIT, HIT
x-cache-hits: 1, 16611
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 45061b1ea0b1dea20d2c7c4dccf0aa2b0ab5a3e9
content-length: 9716
GET

https://github.githubassets.com/assets/primer-react-dcbe4742cab1.js

msedge.exe

Remote address:

185.199.110.154:443

Request

GET /assets/primer-react-dcbe4742cab1.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Thu, 05 Dec 2024 15:49:11 GMT
etag: "0x8DD15445D10CB59"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 13 Dec 2024 18:09:10 GMT
age: 433604
x-served-by: cache-iad-kcgs7200049-IAD, cache-lcy-eglc8600090-LCY
x-cache: HIT, HIT
x-cache-hits: 1, 15547
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: b0758c7782b665065818facd38b0e7616cbc0c5d
content-length: 3027
GET

https://github.githubassets.com/assets/react-core-10ab7568dc1d.js

msedge.exe

Remote address:

185.199.110.154:443

Request

GET /assets/react-core-10ab7568dc1d.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Mon, 25 Nov 2024 14:39:27 GMT
etag: "0x8DD0D5EF6E1B53E"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 13 Dec 2024 18:09:10 GMT
age: 877416
x-served-by: cache-iad-kcgs7200138-IAD, cache-lcy-eglc8600090-LCY
x-cache: HIT, HIT
x-cache-hits: 20, 25108
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: a1a7bfd8a17d9d41034a8153b869a7c11f430611
content-length: 3083
GET

https://github.githubassets.com/assets/react-lib-2131e17288a8.js

msedge.exe

Remote address:

185.199.110.154:443

Request

GET /assets/react-lib-2131e17288a8.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Tue, 19 Nov 2024 17:47:26 GMT
etag: "0x8DD08C23B22EDF8"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 13 Dec 2024 18:09:10 GMT
age: 2056763
x-served-by: cache-iad-kiad7000141-IAD, cache-lcy-eglc8600090-LCY
x-cache: HIT, HIT
x-cache-hits: 17, 22349
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: a21910c994b578aa08c85c096dfa9db6637699f6
content-length: 4143
GET

https://github.githubassets.com/assets/octicons-react-45c3a19dd792.js

msedge.exe

Remote address:

185.199.110.154:443

Request

GET /assets/octicons-react-45c3a19dd792.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Tue, 15 Oct 2024 16:12:32 GMT
etag: "0x8DCED342CC2D5FC"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 13 Dec 2024 18:09:10 GMT
age: 2714770
x-served-by: cache-iad-kcgs7200039-IAD, cache-lcy-eglc8600090-LCY
x-cache: HIT, HIT
x-cache-hits: 59, 22052
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: b0d56c8f31a17ce5a4c945a8f9ed904e5eb2a656
content-length: 3363
GET

https://github.githubassets.com/assets/vendors-node_modules_tanstack_query-core_build_modern_queryClient_js-e6f07a7e80b7.js

msedge.exe

Remote address:

185.199.110.154:443

Request

GET /assets/vendors-node_modules_tanstack_query-core_build_modern_queryClient_js-e6f07a7e80b7.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Thu, 21 Nov 2024 14:31:55 GMT
etag: "0x8DD0A393F81237C"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 13 Dec 2024 18:09:10 GMT
age: 1898969
x-served-by: cache-iad-kcgs7200102-IAD, cache-lcy-eglc8600090-LCY
x-cache: HIT, HIT
x-cache-hits: 44, 1689
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: c689d94809622e94561fe5482c961d86b7f546a5
content-length: 2826
GET

https://github.githubassets.com/assets/vendors-node_modules_emotion_is-prop-valid_dist_emotion-is-prop-valid_esm_js-node_modules_emo-37e3d5-92730c05e718.js

msedge.exe

Remote address:

185.199.110.154:443

Request

GET /assets/vendors-node_modules_emotion_is-prop-valid_dist_emotion-is-prop-valid_esm_js-node_modules_emo-37e3d5-92730c05e718.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Tue, 10 Dec 2024 22:28:17 GMT
etag: "0x8DD1969F1BFDB43"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 13 Dec 2024 18:09:10 GMT
age: 239026
x-served-by: cache-iad-kjyo7100119-IAD, cache-lcy-eglc8600090-LCY
x-cache: HIT, HIT
x-cache-hits: 63, 9556
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 11ca14dee24a0b43591bb2e1ee99336383b06348
content-length: 6141
GET

https://github.githubassets.com/assets/vendors-node_modules_github_mini-throttle_dist_index_js-node_modules_stacktrace-parser_dist_s-e7dcdd-f7cc96ebae76.js

msedge.exe

Remote address:

185.199.110.154:443

Request

GET /assets/vendors-node_modules_github_mini-throttle_dist_index_js-node_modules_stacktrace-parser_dist_s-e7dcdd-f7cc96ebae76.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Wed, 02 Oct 2024 18:46:02 GMT
etag: "0x8DCE3127730EEAF"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 13 Dec 2024 18:09:10 GMT
age: 1510910
x-served-by: cache-iad-kiad7000161-IAD, cache-lcy-eglc8600090-LCY
x-cache: HIT, HIT
x-cache-hits: 20, 24735
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 7dca90f948c3e3f98325c8a8d3000371cffc2a28
content-length: 90797
GET

https://github.githubassets.com/assets/vendors-node_modules_tanstack_query-core_build_modern_queryObserver_js-node_modules_tanstack_-defd52-843b41414e0e.js

msedge.exe

Remote address:

185.199.110.154:443

Request

GET /assets/vendors-node_modules_tanstack_query-core_build_modern_queryObserver_js-node_modules_tanstack_-defd52-843b41414e0e.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Thu, 08 Aug 2024 18:12:12 GMT
etag: "0x8DCB7D5A07C22CC"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 13 Dec 2024 18:09:10 GMT
age: 2622685
x-served-by: cache-iad-kcgs7200123-IAD, cache-lcy-eglc8600090-LCY
x-cache: HIT, HIT
x-cache-hits: 11656, 1882
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 2b4b60fbc91d7367a0e15d0e98c804071436ee5a
content-length: 2850
GET

https://github.githubassets.com/assets/vendors-node_modules_three_build_three_module_js-e0c7a2724803.js

msedge.exe

Remote address:

185.199.110.154:443

Request

GET /assets/vendors-node_modules_three_build_three_module_js-e0c7a2724803.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Tue, 12 Nov 2024 00:52:42 GMT
etag: "0x8DD02B4506391D8"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 13 Dec 2024 18:09:10 GMT
age: 433090
x-served-by: cache-iad-kcgs7200099-IAD, cache-lcy-eglc8600090-LCY
x-cache: HIT, HIT
x-cache-hits: 58, 1020
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: dfa9b552d4517873078bfb4e05f00901ee57feda
content-length: 12140
GET

https://github.githubassets.com/assets/vendors-node_modules_primer_react-brand_lib_index_js-node_modules_primer_live-region-element_-9942a0-00d4272573a5.js

msedge.exe

Remote address:

185.199.110.154:443

Request

GET /assets/vendors-node_modules_primer_react-brand_lib_index_js-node_modules_primer_live-region-element_-9942a0-00d4272573a5.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Tue, 10 Dec 2024 04:07:45 GMT
etag: "0x8DD18D033E185C9"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 13 Dec 2024 18:09:10 GMT
age: 91243
x-served-by: cache-iad-kcgs7200065-IAD, cache-lcy-eglc8600090-LCY
x-cache: HIT, HIT
x-cache-hits: 29, 167
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 6485f0d13bf88673f5ea5ebad279ccf2460d738a
content-length: 17065
GET

https://github.githubassets.com/assets/vendors-node_modules_contentful_rich-text-react-renderer_dist_rich-text-react-renderer_es5_js-fcd1ac-e9f8593fb246.js

msedge.exe

Remote address:

185.199.110.154:443

Request

GET /assets/vendors-node_modules_contentful_rich-text-react-renderer_dist_rich-text-react-renderer_es5_js-fcd1ac-e9f8593fb246.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Tue, 12 Nov 2024 14:39:55 GMT
etag: "0x8DD0327E029647C"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 13 Dec 2024 18:09:10 GMT
age: 433604
x-served-by: cache-iad-kcgs7200065-IAD, cache-lcy-eglc8600090-LCY
x-cache: HIT, HIT
x-cache-hits: 1, 9746
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 8e0578ba29fe6036a0822b937b1b7ab0ed36624c
content-length: 3412
GET

https://github.githubassets.com/assets/vendors-node_modules_three_examples_jsm_loaders_GLTFLoader_js-c0d84dec2b73.js

msedge.exe

Remote address:

185.199.110.154:443

Request

GET /assets/vendors-node_modules_three_examples_jsm_loaders_GLTFLoader_js-c0d84dec2b73.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Tue, 10 Dec 2024 14:41:49 GMT
etag: "0x8DD1928C7C48E1D"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 13 Dec 2024 18:09:10 GMT
age: 252956
x-served-by: cache-iad-kjyo7100033-IAD, cache-lcy-eglc8600090-LCY
x-cache: HIT, HIT
x-cache-hits: 45, 606
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 1926cd686d798d27a2e04aad6b6ab82c5a7ce64c
content-length: 87680
GET

https://github.githubassets.com/assets/vendors-node_modules_contentful_rich-text-html-renderer_dist_rich-text-html-renderer_es5_js-b83fdb5d31e7.js

msedge.exe

Remote address:

185.199.110.154:443

Request

GET /assets/vendors-node_modules_contentful_rich-text-html-renderer_dist_rich-text-html-renderer_es5_js-b83fdb5d31e7.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Tue, 12 Nov 2024 14:39:55 GMT
etag: "0x8DD0327E04B9321"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 13 Dec 2024 18:09:10 GMT
age: 433090
x-served-by: cache-iad-kcgs7200170-IAD, cache-lcy-eglc8600090-LCY
x-cache: HIT, HIT
x-cache-hits: 58, 1002
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: c7881ef5b07e6b53f6a8ba18706c4d77759fbae3
content-length: 117524
GET

https://github.githubassets.com/assets/ui_packages_aria-live_aria-live_ts-ui_packages_promise-with-resolvers-polyfill_promise-with-r-014121-a7926fdcecf7.js

msedge.exe

Remote address:

185.199.110.154:443

Request

GET /assets/ui_packages_aria-live_aria-live_ts-ui_packages_promise-with-resolvers-polyfill_promise-with-r-014121-a7926fdcecf7.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Wed, 11 Dec 2024 19:28:55 GMT
etag: "0x8DD1A1A0DC20646"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 13 Dec 2024 18:09:10 GMT
age: 88535
x-served-by: cache-iad-kcgs7200112-IAD, cache-lcy-eglc8600090-LCY
x-cache: HIT, HIT
x-cache-hits: 17, 215
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 49ae4b2f568e4544be4eb9cd9365264724a05020
content-length: 11565
GET

https://github.githubassets.com/assets/ui_packages_paths_index_ts-f12c66ceb89d.js

msedge.exe

Remote address:

185.199.110.154:443

Request

GET /assets/ui_packages_paths_index_ts-f12c66ceb89d.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Tue, 10 Dec 2024 22:28:29 GMT
etag: "0x8DD1969F8C0ACAB"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 13 Dec 2024 18:09:10 GMT
age: 239026
x-served-by: cache-iad-kjyo7100053-IAD, cache-lcy-eglc8600090-LCY
x-cache: HIT, HIT
x-cache-hits: 71, 6895
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: f40e311b6071c55c7c4952d20e0f476f13a8b9fe
content-length: 3123
GET

https://github.githubassets.com/assets/ui_packages_microsoft-analytics_microsoft-analytics_ts-78c2fc13b139.js

msedge.exe

Remote address:

185.199.110.154:443

Request

GET /assets/ui_packages_microsoft-analytics_microsoft-analytics_ts-78c2fc13b139.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Mon, 09 Dec 2024 19:48:09 GMT
etag: "0x8DD188A6861AFE6"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 13 Dec 2024 18:09:10 GMT
age: 319347
x-served-by: cache-iad-kiad7000035-IAD, cache-lcy-eglc8600090-LCY
x-cache: HIT, HIT
x-cache-hits: 61, 11596
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 417fa2ae864bb14ccb1096cfcbe6b01420e83cfd
content-length: 5756
GET

https://github.githubassets.com/assets/ui_packages_document-metadata_document-metadata_ts-ui_packages_swp-core_lib_utils_images_ts-u-9e4972-78338b2a59ca.js

msedge.exe

Remote address:

185.199.110.154:443

Request

GET /assets/ui_packages_document-metadata_document-metadata_ts-ui_packages_swp-core_lib_utils_images_ts-u-9e4972-78338b2a59ca.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Thu, 05 Dec 2024 15:49:15 GMT
etag: "0x8DD15445F6D8AF5"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 13 Dec 2024 18:09:10 GMT
age: 433090
x-served-by: cache-iad-kjyo7100087-IAD, cache-lcy-eglc8600090-LCY
x-cache: HIT, HIT
x-cache-hits: 35, 1089
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 084c953fda5685c99b5edb6449f6f2cc8b11a2cb
content-length: 60232
GET

https://github.githubassets.com/assets/ui_packages_swp-core_schemas_contentful_contentTypes_featuredBento_ts-ui_packages_swp-core_sc-155ce0-2c571a4e84c1.js

msedge.exe

Remote address:

185.199.110.154:443

Request

GET /assets/ui_packages_swp-core_schemas_contentful_contentTypes_featuredBento_ts-ui_packages_swp-core_sc-155ce0-2c571a4e84c1.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Fri, 13 Dec 2024 05:17:07 GMT
etag: "0x8DD1B3563777E5D"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 13 Dec 2024 18:09:10 GMT
age: 42208
x-served-by: cache-iad-kcgs7200087-IAD, cache-lcy-eglc8600090-LCY
x-cache: HIT, HIT
x-cache-hits: 30, 152
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 4552b4cf1f91a277210bf4b5c968ab8df9765192
content-length: 145782
GET

https://github.githubassets.com/assets/landing-pages-adc358dcb396.js

msedge.exe

Remote address:

185.199.110.154:443

Request

GET /assets/landing-pages-adc358dcb396.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Tue, 12 Nov 2024 14:39:55 GMT
etag: "0x8DD0327E025E5FB"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 13 Dec 2024 18:09:10 GMT
age: 433604
x-served-by: cache-iad-kcgs7200172-IAD, cache-lcy-eglc8600090-LCY
x-cache: HIT, HIT
x-cache-hits: 1, 16554
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: d64982a5eb8e3a01688f18bd8c116643179723b5
content-length: 3077
GET

https://github.githubassets.com/assets/vendors-node_modules_oddbird_popover-polyfill_dist_popover-fn_js-55fea94174bf.js

msedge.exe

Remote address:

185.199.110.154:443

Request

GET /assets/vendors-node_modules_oddbird_popover-polyfill_dist_popover-fn_js-55fea94174bf.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Tue, 10 Dec 2024 21:23:06 GMT
etag: "0x8DD1960D68FC282"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 13 Dec 2024 18:09:10 GMT
age: 153184
x-served-by: cache-iad-kjyo7100077-IAD, cache-lcy-eglc8600090-LCY
x-cache: HIT, HIT
x-cache-hits: 26, 81
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 1aaa291142678f3f71babb5d80c67b943e83441d
content-length: 201178
GET

https://github.githubassets.com/assets/ui_packages_ui-commands_ui-commands_ts-ad1e2d0f65cc.js

msedge.exe

Remote address:

185.199.110.154:443

Request

GET /assets/ui_packages_ui-commands_ui-commands_ts-ad1e2d0f65cc.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Thu, 12 Dec 2024 19:51:52 GMT
etag: "0x8DD1AE66C757613"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 13 Dec 2024 18:09:10 GMT
age: 64728
x-served-by: cache-iad-kcgs7200143-IAD, cache-lcy-eglc8600090-LCY
x-cache: HIT, HIT
x-cache-hits: 72, 3008
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: e25745c9155dee46898c4bcc74880052c76d28ff
content-length: 6201
GET

https://github.githubassets.com/assets/keyboard-shortcuts-dialog-958cae8ecd6c.js

msedge.exe

Remote address:

185.199.110.154:443

Request

GET /assets/keyboard-shortcuts-dialog-958cae8ecd6c.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Mon, 09 Dec 2024 13:29:36 GMT
etag: "0x8DD185586577B2A"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 13 Dec 2024 18:09:10 GMT
age: 248849
x-served-by: cache-iad-kcgs7200178-IAD, cache-lcy-eglc8600090-LCY
x-cache: HIT, HIT
x-cache-hits: 42, 6404
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 12b3becfe91faa46c739afe696f18a0d791ce655
content-length: 6212
GET

https://github.githubassets.com/assets/vendors-node_modules_github_remote-form_dist_index_js-node_modules_delegated-events_dist_inde-94fd67-73b675cf164a.js

msedge.exe

Remote address:

185.199.110.154:443

Request

GET /assets/vendors-node_modules_github_remote-form_dist_index_js-node_modules_delegated-events_dist_inde-94fd67-73b675cf164a.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Thu, 05 Dec 2024 15:49:17 GMT
etag: "0x8DD1544602C33B7"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 13 Dec 2024 18:09:10 GMT
age: 433089
x-served-by: cache-iad-kjyo7100030-IAD, cache-lcy-eglc8600090-LCY
x-cache: HIT, HIT
x-cache-hits: 30, 11737
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 87d3cf82e395758cc0ccc445b1fc61a8906f297c
content-length: 5246
GET

https://github.githubassets.com/assets/sessions-5d6426bbf16a.js

msedge.exe

Remote address:

185.199.110.154:443

Request

GET /assets/sessions-5d6426bbf16a.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Mon, 25 Nov 2024 15:32:22 GMT
etag: "0x8DD0D665B346AD3"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 13 Dec 2024 18:09:10 GMT
age: 433090
x-served-by: cache-iad-kiad7000020-IAD, cache-lcy-eglc8600090-LCY
x-cache: HIT, HIT
x-cache-hits: 30, 11695
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 7b8671768c19041bb036857ae6121713013a537f
content-length: 4152
GET

https://github.githubassets.com/assets/chunk-app_components_primer_experimental_select-panel-element_ts-df163caeb326.js

msedge.exe

Remote address:

185.199.110.154:443

Request

GET /assets/chunk-app_components_primer_experimental_select-panel-element_ts-df163caeb326.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Tue, 12 Nov 2024 00:52:32 GMT
etag: "0x8DD02B44A573252"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 13 Dec 2024 18:09:11 GMT
age: 433606
x-served-by: cache-iad-kcgs7200111-IAD, cache-lcy-eglc8600090-LCY
x-cache: HIT, HIT
x-cache-hits: 1, 14572
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: e9127b614c6eb23a792923ae329cb02706f3b463
content-length: 543
GET

https://github.githubassets.com/assets/chunk-app_components_primer_experimental_toggle-switch-element_ts-04349cb42240.js

msedge.exe

Remote address:

185.199.110.154:443

Request

GET /assets/chunk-app_components_primer_experimental_toggle-switch-element_ts-04349cb42240.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Thu, 05 Dec 2024 15:49:05 GMT
etag: "0x8DD1544596B17BB"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 13 Dec 2024 18:09:11 GMT
age: 433606
x-served-by: cache-iad-kjyo7100094-IAD, cache-lcy-eglc8600090-LCY
x-cache: HIT, HIT
x-cache-hits: 1, 14743
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 0d19107a03aa0f606fc01b3321158646d7955338
content-length: 7727
GET

https://github.githubassets.com/assets/chunk-app_components_search_custom-scopes-element_ts-e27cda452715.js

msedge.exe

Remote address:

185.199.110.154:443

Request

GET /assets/chunk-app_components_search_custom-scopes-element_ts-e27cda452715.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Thu, 05 Dec 2024 15:49:06 GMT
etag: "0x8DD154459929787"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 13 Dec 2024 18:09:11 GMT
age: 433606
x-served-by: cache-iad-kiad7000145-IAD, cache-lcy-eglc8600090-LCY
x-cache: HIT, HIT
x-cache-hits: 1, 13776
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: c0598d8ea7b9e416f124821995d4ebba23edd1d1
content-length: 4066
GET

https://github.githubassets.com/assets/chunk-vendors-node_modules_github_mini-throttle_dist_index_js-node_modules_github_combobox-nav_dist-b7767a-204b23f944ed.js

msedge.exe

Remote address:

185.199.110.154:443

Request

GET /assets/chunk-vendors-node_modules_github_mini-throttle_dist_index_js-node_modules_github_combobox-nav_dist-b7767a-204b23f944ed.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Thu, 05 Dec 2024 15:49:06 GMT
etag: "0x8DD154459DC45EF"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 13 Dec 2024 18:09:11 GMT
age: 433606
x-served-by: cache-iad-kjyo7100134-IAD, cache-lcy-eglc8600090-LCY
x-cache: HIT, HIT
x-cache-hits: 1, 13753
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 994b1d14557758c3437c8e5064ebc8ba0e0ba0c2
content-length: 6309
GET

https://github.githubassets.com/assets/ui_packages_query-builder-element_query-builder-element_ts-eff79392502f.js

msedge.exe

Remote address:

185.199.110.154:443

Request

GET /assets/ui_packages_query-builder-element_query-builder-element_ts-eff79392502f.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Thu, 05 Dec 2024 15:49:06 GMT
etag: "0x8DD154459DB5C9B"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 13 Dec 2024 18:09:11 GMT
age: 433606
x-served-by: cache-iad-kjyo7100145-IAD, cache-lcy-eglc8600090-LCY
x-cache: HIT, HIT
x-cache-hits: 1, 13768
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 21e39c78a9c6c7aaf05e252c0f798e0fe3a051be
content-length: 4404
GET

https://github.githubassets.com/assets/app_assets_modules_github_blob-anchor_ts-ui_packages_code-nav_code-nav_ts-ui_packages_filter--8253c1-f38cdfca9137.js

msedge.exe

Remote address:

185.199.110.154:443

Request

GET /assets/app_assets_modules_github_blob-anchor_ts-ui_packages_code-nav_code-nav_ts-ui_packages_filter--8253c1-f38cdfca9137.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Tue, 10 Dec 2024 22:28:19 GMT
etag: "0x8DD1969F2DBF2D1"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 13 Dec 2024 18:09:11 GMT
age: 239027
x-served-by: cache-iad-kjyo7100101-IAD, cache-lcy-eglc8600090-LCY
x-cache: HIT, HIT
x-cache-hits: 61, 8362
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 4c4a0e5451d8d635231abd1fff2f581432303068
content-length: 16652
GET

https://github.githubassets.com/assets/chunk-ui_packages_hydro-analytics_hydro-analytics_ts-ui_packages_jump-to-element_model_ts-1861998b8782.js

msedge.exe

Remote address:

185.199.110.154:443

Request

GET /assets/chunk-ui_packages_hydro-analytics_hydro-analytics_ts-ui_packages_jump-to-element_model_ts-1861998b8782.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Thu, 05 Dec 2024 15:49:15 GMT
etag: "0x8DD15445F692326"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 13 Dec 2024 18:09:11 GMT
age: 433606
x-served-by: cache-iad-kjyo7100061-IAD, cache-lcy-eglc8600090-LCY
x-cache: HIT, HIT
x-cache-hits: 1, 13829
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 860f61a938ae332fd54a49b5295fe9c0e228f070
content-length: 7512
GET

https://github.githubassets.com/assets/chunk-app_components_search_qbsearch-input-element_ts-0c296ada2937.js

msedge.exe

Remote address:

185.199.110.154:443

Request

GET /assets/chunk-app_components_search_qbsearch-input-element_ts-0c296ada2937.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Tue, 12 Nov 2024 14:39:20 GMT
etag: "0x8DD0327CB20BA64"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 13 Dec 2024 18:09:11 GMT
age: 433606
x-served-by: cache-iad-kjyo7100077-IAD, cache-lcy-eglc8600090-LCY
x-cache: HIT, HIT
x-cache-hits: 1, 13815
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 0d0c852ea4bd0a840ff8666819879407507844d8
content-length: 5382
GET

https://github.githubassets.com/assets/chunk-ui_packages_cookie-consent-link-element_cookie-consent-link-element_ts-73da88e31cac.js

msedge.exe

Remote address:

185.199.110.154:443

Request

GET /assets/chunk-ui_packages_cookie-consent-link-element_cookie-consent-link-element_ts-73da88e31cac.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Tue, 12 Nov 2024 14:39:25 GMT
etag: "0x8DD0327CE3BBA2E"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 13 Dec 2024 18:09:11 GMT
age: 433606
x-served-by: cache-iad-kiad7000134-IAD, cache-lcy-eglc8600090-LCY
x-cache: HIT, HIT
x-cache-hits: 1, 14380
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: e300211346491d2f89d9143ff15ade4092745c0c
content-length: 2934
GET

https://github.githubassets.com/assets/chunk-ui_packages_fullstory-capture-element_fullstory-capture-element_ts-4d1538b51962.js

msedge.exe

Remote address:

185.199.110.154:443

Request

GET /assets/chunk-ui_packages_fullstory-capture-element_fullstory-capture-element_ts-4d1538b51962.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Thu, 05 Dec 2024 15:49:06 GMT
etag: "0x8DD154459DC1F13"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 13 Dec 2024 18:09:11 GMT
age: 433090
x-served-by: cache-iad-kjyo7100147-IAD, cache-lcy-eglc8600090-LCY
x-cache: HIT, HIT
x-cache-hits: 51, 868
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 536e613595ee8defe37a736644003e07cee33396
content-length: 5475
GET

https://github.githubassets.com/assets/chunk-ui_packages_ghcc-consent-element_ghcc-consent-element_ts-ec3d32821c9f.js

msedge.exe

Remote address:

185.199.110.154:443

Request

GET /assets/chunk-ui_packages_ghcc-consent-element_ghcc-consent-element_ts-ec3d32821c9f.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Thu, 05 Dec 2024 15:49:06 GMT
etag: "0x8DD154459DBAA65"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 13 Dec 2024 18:09:11 GMT
age: 433605
x-served-by: cache-iad-kcgs7200070-IAD, cache-lcy-eglc8600090-LCY
x-cache: HIT, HIT
x-cache-hits: 1, 14232
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: cdf550730a591b5fd5aa290e8a20840424ff2027
content-length: 3164
GET

https://github.githubassets.com/assets/chunk-ui_packages_hydro-analytics_hydro-analytics_ts-node_modules_github_combobox-nav_dist_index_js-9e3f0c-b3919df742c6.js

msedge.exe

Remote address:

185.199.110.154:443

Request

GET /assets/chunk-ui_packages_hydro-analytics_hydro-analytics_ts-node_modules_github_combobox-nav_dist_index_js-9e3f0c-b3919df742c6.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Thu, 05 Dec 2024 15:49:06 GMT
etag: "0x8DD154459DD5637"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 13 Dec 2024 18:09:11 GMT
age: 433606
x-served-by: cache-iad-kiad7000071-IAD, cache-lcy-eglc8600090-LCY
x-cache: HIT, HIT
x-cache-hits: 1, 13786
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 169db5dd976e220bc03e3bbaff1463ad62bb95dc
content-length: 7094
GET

https://github.githubassets.com/assets/chunk-ui_packages_webauthn-get-element_webauthn-get-element_ts-57e9be291b69.js

msedge.exe

Remote address:

185.199.110.154:443

Request

GET /assets/chunk-ui_packages_webauthn-get-element_webauthn-get-element_ts-57e9be291b69.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Thu, 05 Dec 2024 15:49:06 GMT
etag: "0x8DD154459DB837D"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 13 Dec 2024 18:09:12 GMT
age: 433606
x-served-by: cache-iad-kiad7000096-IAD, cache-lcy-eglc8600090-LCY
x-cache: HIT, HIT
x-cache-hits: 1, 14548
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: a3b2bedca13ed719edd9de2e9875c7ba4acfb831
content-length: 2783
GET

https://github.githubassets.com/assets/chunk-app_assets_modules_marketing_active-global-banners_ts-c1f41b78ab87.js

msedge.exe

Remote address:

185.199.110.154:443

Request

GET /assets/chunk-app_assets_modules_marketing_active-global-banners_ts-c1f41b78ab87.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Thu, 05 Dec 2024 15:49:05 GMT
etag: "0x8DD1544595474DF"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 13 Dec 2024 18:09:12 GMT
age: 433090
x-served-by: cache-iad-kjyo7100020-IAD, cache-lcy-eglc8600090-LCY
x-cache: HIT, HIT
x-cache-hits: 53, 944
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: c5964c9fdcaf7be52a5406a9768f2fb30dc5e384
content-length: 1118
GET

https://github.githubassets.com/assets/chunk-vendors-node_modules_consent-banner_dist_consent-banner_js-362ca569b596.js

msedge.exe

Remote address:

185.199.110.154:443

Request

GET /assets/chunk-vendors-node_modules_consent-banner_dist_consent-banner_js-362ca569b596.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Tue, 12 Nov 2024 00:52:32 GMT
etag: "0x8DD02B44AD10969"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 13 Dec 2024 18:09:13 GMT
age: 433607
x-served-by: cache-iad-kjyo7100146-IAD, cache-lcy-eglc8600090-LCY
x-cache: HIT, HIT
x-cache-hits: 1, 13980
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 8d6662f87a3df171ac1e598f4b9cb172920bee6b
content-length: 9421
GET

https://github.githubassets.com/assets/cat-7c075cc3dda1.glb

msedge.exe

Remote address:

185.199.110.154:443

Request

GET /assets/cat-7c075cc3dda1.glb HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
origin: https://github.com
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://github.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: model/gltf-binary
last-modified: Fri, 22 Nov 2024 11:22:11 GMT
etag: "0x8DD0AE7E8B525EB"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
age: 786887
date: Fri, 13 Dec 2024 18:09:13 GMT
x-served-by: cache-iad-kjyo7100030-IAD, cache-lcy-eglc8600090-LCY
x-cache: HIT, HIT
x-cache-hits: 47, 0
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 38968b495006f0c403d5fc7712966a3aee1df575
content-length: 274104
GET

https://github.githubassets.com/assets/duck-5e1fb048b27e.glb

msedge.exe

Remote address:

185.199.110.154:443

Request

GET /assets/duck-5e1fb048b27e.glb HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
origin: https://github.com
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://github.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: model/gltf-binary
last-modified: Fri, 22 Nov 2024 11:22:12 GMT
etag: "0x8DD0AE7E9649D79"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 13 Dec 2024 18:09:13 GMT
age: 989612
x-served-by: cache-iad-kjyo7100031-IAD, cache-lcy-eglc8600090-LCY
x-cache: HIT, HIT
x-cache-hits: 47, 116
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 273a02038850f2b36c1694611e84e2cb6fc174e2
content-length: 174608
GET

https://github.githubassets.com/assets/copilot-5751dc22c3aa.glb

msedge.exe

Remote address:

185.199.110.154:443

Request

GET /assets/copilot-5751dc22c3aa.glb HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
origin: https://github.com
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://github.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: model/gltf-binary
last-modified: Fri, 22 Nov 2024 11:22:12 GMT
etag: "0x8DD0AE7E911D1B4"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 13 Dec 2024 18:09:13 GMT
age: 989612
x-served-by: cache-iad-kiad7000036-IAD, cache-lcy-eglc8600090-LCY
x-cache: HIT, HIT
x-cache-hits: 47, 159
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 466e9c64f0337fd11733bff56579e2443d4d7b91
content-length: 253216
GET

https://github.githubassets.com/assets/shield-204adefd566a.glb

msedge.exe

Remote address:

185.199.110.154:443

Request

GET /assets/shield-204adefd566a.glb HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
origin: https://github.com
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://github.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: model/gltf-binary
last-modified: Wed, 13 Nov 2024 20:13:04 GMT
etag: "0x8DD041F94BAAEE7"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 13 Dec 2024 18:09:13 GMT
age: 2566806
x-served-by: cache-iad-kcgs7200066-IAD, cache-lcy-eglc8600090-LCY
x-cache: HIT, HIT
x-cache-hits: 104, 1611
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 84a32878eb9fa361a8b1d57f1382d5744f665c7f
content-length: 122820
GET

https://github.githubassets.com/assets/mascot-5c5e94e491c2.jpg

msedge.exe

Remote address:

185.199.110.154:443

Request

GET /assets/mascot-5c5e94e491c2.jpg HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: image
referer: https://github.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: image/jpeg
last-modified: Wed, 13 Nov 2024 20:13:03 GMT
etag: "0x8DD041F9423FAB9"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 13 Dec 2024 18:09:13 GMT
age: 2566805
x-served-by: cache-iad-kcgs7200055-IAD, cache-lcy-eglc8600090-LCY
x-cache: HIT, HIT
x-cache-hits: 104, 1589
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 680afe1c9aa2bb72e244ae7792a542505fdcaf9d
content-length: 44208
GET

https://github.githubassets.com/assets/cat_eye-456cb07a65d8.jpg

msedge.exe

Remote address:

185.199.110.154:443

Request

GET /assets/cat_eye-456cb07a65d8.jpg HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: image
referer: https://github.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: image/jpeg
last-modified: Fri, 22 Nov 2024 10:03:26 GMT
etag: "0x8DD0ADCE8A221EE"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 13 Dec 2024 18:09:13 GMT
age: 989613
x-served-by: cache-iad-kcgs7200021-IAD, cache-lcy-eglc8600090-LCY
x-cache: HIT, HIT
x-cache-hits: 47, 912
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: b647322f97977205ec98b776df6cb2388a69c975
content-length: 32583
GET

https://github.githubassets.com/assets/star-4dcb4934560f.jpg

msedge.exe

Remote address:

185.199.110.154:443

Request

GET /assets/star-4dcb4934560f.jpg HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: image
referer: https://github.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: image/jpeg
last-modified: Wed, 13 Nov 2024 20:13:04 GMT
etag: "0x8DD041F94CD10BD"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 13 Dec 2024 18:09:13 GMT
age: 2566804
x-served-by: cache-iad-kcgs7200065-IAD, cache-lcy-eglc8600090-LCY
x-cache: HIT, HIT
x-cache-hits: 104, 1581
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 203c4eacbe6128703c5516af4115c11698274963
content-length: 8411
GET

https://github.githubassets.com/assets/head_sss-adeeeaf1228e.jpg

msedge.exe

Remote address:

185.199.110.154:443

Request

GET /assets/head_sss-adeeeaf1228e.jpg HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: image
referer: https://github.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: image/jpeg
last-modified: Fri, 22 Nov 2024 10:03:27 GMT
etag: "0x8DD0ADCE9496563"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 13 Dec 2024 18:09:13 GMT
age: 989613
x-served-by: cache-iad-kcgs7200160-IAD, cache-lcy-eglc8600090-LCY
x-cache: HIT, HIT
x-cache-hits: 47, 94
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 1ade9f5d07a487ab5deec60cb94633609a6a1a66
content-length: 142776
GET

https://github.githubassets.com/assets/eye_sss-40b5a23acf3c.jpg

msedge.exe

Remote address:

185.199.110.154:443

Request

GET /assets/eye_sss-40b5a23acf3c.jpg HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: image
referer: https://github.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: image/jpeg
last-modified: Wed, 13 Nov 2024 20:13:02 GMT
etag: "0x8DD041F939994CE"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 13 Dec 2024 18:09:13 GMT
age: 2566805
x-served-by: cache-iad-kcgs7200027-IAD, cache-lcy-eglc8600090-LCY
x-cache: HIT, HIT
x-cache-hits: 301, 1572
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: cb1ef066d057c487cad69163dcf14c33dd690fc3
content-length: 7540
GET

https://github.githubassets.com/assets/eye_color-e32a106912df.jpg

msedge.exe

Remote address:

185.199.110.154:443

Request

GET /assets/eye_color-e32a106912df.jpg HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: image
referer: https://github.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: image/jpeg
last-modified: Wed, 13 Nov 2024 20:13:02 GMT
etag: "0x8DD041F939B19B6"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 13 Dec 2024 18:09:13 GMT
age: 1944479
x-served-by: cache-iad-kjyo7100023-IAD, cache-lcy-eglc8600090-LCY
x-cache: HIT, HIT
x-cache-hits: 104, 1589
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 0dc0b8fbfc55001d1a0d32eccfb385386194b751
content-length: 10458
GET

https://github.githubassets.com/assets/body_sss-8dbf104b3f1e.jpg

msedge.exe

Remote address:

185.199.110.154:443

Request

GET /assets/body_sss-8dbf104b3f1e.jpg HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: image
referer: https://github.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: image/jpeg
last-modified: Fri, 22 Nov 2024 10:03:26 GMT
etag: "0x8DD0ADCE89868DC"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 13 Dec 2024 18:09:13 GMT
age: 989613
x-served-by: cache-iad-kjyo7100060-IAD, cache-lcy-eglc8600090-LCY
x-cache: HIT, HIT
x-cache-hits: 47, 1866
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: deb9408813a9bd9628f17d1a39a9697a2231d268
content-length: 41324
GET

https://github.githubassets.com/assets/head_sss-8b881bcfef20.jpg

msedge.exe

Remote address:

185.199.110.154:443

Request

GET /assets/head_sss-8b881bcfef20.jpg HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: image
referer: https://github.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: image/jpeg
last-modified: Fri, 22 Nov 2024 10:03:27 GMT
etag: "0x8DD0ADCE949179B"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 13 Dec 2024 18:09:13 GMT
age: 989613
x-served-by: cache-iad-kcgs7200123-IAD, cache-lcy-eglc8600090-LCY
x-cache: HIT, HIT
x-cache-hits: 47, 97
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 31d7440ec2cb0c15e3e0c143b18cf5788354927e
content-length: 193570
GET

https://github.githubassets.com/assets/shield_sss-63459f0a3abd.jpg

msedge.exe

Remote address:

185.199.110.154:443

Request

GET /assets/shield_sss-63459f0a3abd.jpg HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: image
referer: https://github.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: image/jpeg
last-modified: Wed, 13 Nov 2024 20:13:04 GMT
etag: "0x8DD041F94B75749"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 13 Dec 2024 18:09:13 GMT
age: 1411362
x-served-by: cache-iad-kjyo7100165-IAD, cache-lcy-eglc8600090-LCY
x-cache: HIT, HIT
x-cache-hits: 3220, 1583
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: bbf6d9d280d223e201a45fcaaf12f5dceef04715
content-length: 22369
GET

https://github.githubassets.com/assets/shield_diffuse-c23fafc5edb6.jpg

msedge.exe

Remote address:

185.199.110.154:443

Request

GET /assets/shield_diffuse-c23fafc5edb6.jpg HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: image
referer: https://github.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: image/jpeg
last-modified: Wed, 13 Nov 2024 20:13:04 GMT
etag: "0x8DD041F94B70980"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 13 Dec 2024 18:09:13 GMT
age: 2566805
x-served-by: cache-iad-kiad7000112-IAD, cache-lcy-eglc8600090-LCY
x-cache: HIT, HIT
x-cache-hits: 104, 1565
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 24ba74ff8cec8b2046a16085397a856af7009019
content-length: 10455
GET

https://github.githubassets.com/assets/shield_blur-2e456d4ffcc3.jpg

msedge.exe

Remote address:

185.199.110.154:443

Request

GET /assets/shield_blur-2e456d4ffcc3.jpg HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: image
referer: https://github.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: image/jpeg
last-modified: Wed, 13 Nov 2024 20:13:04 GMT
etag: "0x8DD041F94B73061"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 13 Dec 2024 18:09:13 GMT
age: 2566805
x-served-by: cache-iad-kcgs7200130-IAD, cache-lcy-eglc8600090-LCY
x-cache: HIT, HIT
x-cache-hits: 104, 1581
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: d9febb83d0d6e0ebdc0a75d439dcbc2aba839a8b
content-length: 30088
GET

https://github.githubassets.com/assets/chunk-ui_packages_landing-pages_routes_home_IntroHero_tsx-da150d4ba8d3.js

msedge.exe

Remote address:

185.199.110.154:443

Request

GET /assets/chunk-ui_packages_landing-pages_routes_home_IntroHero_tsx-da150d4ba8d3.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Thu, 05 Dec 2024 15:49:06 GMT
etag: "0x8DD154459DE666A"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 13 Dec 2024 18:09:14 GMT
age: 433088
x-served-by: cache-iad-kiad7000171-IAD, cache-lcy-eglc8600090-LCY
x-cache: HIT, HIT
x-cache-hits: 47, 795
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: a457664b635973d6909852b652c4f7106d148d08
content-length: 9858
GET

https://github.githubassets.com/assets/chunk-ui_packages_landing-pages_routes_home_components_SectionIntroWebGL_SectionIntroWebGL_tsx-d9d890435fcf.js

msedge.exe

Remote address:

185.199.110.154:443

Request

GET /assets/chunk-ui_packages_landing-pages_routes_home_components_SectionIntroWebGL_SectionIntroWebGL_tsx-d9d890435fcf.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Mon, 09 Dec 2024 12:11:57 GMT
etag: "0x8DD184AADCC6039"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 13 Dec 2024 18:09:14 GMT
age: 356141
x-served-by: cache-iad-kiad7000062-IAD, cache-lcy-eglc8600090-LCY
x-cache: HIT, HIT
x-cache-hits: 3, 641
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 01bcc93205294a0e0d987f55dd19c8af48519fec
content-length: 8554
GET

https://github.githubassets.com/assets/chunk-ui_packages_landing-pages_routes_home_CtaWebGL_tsx-ui_packages_landing-pages_routes_home_asse-96f8a8-7596de10ddab.js

msedge.exe

Remote address:

185.199.110.154:443

Request

GET /assets/chunk-ui_packages_landing-pages_routes_home_CtaWebGL_tsx-ui_packages_landing-pages_routes_home_asse-96f8a8-7596de10ddab.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Thu, 05 Dec 2024 15:49:06 GMT
etag: "0x8DD154459DFC479"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 13 Dec 2024 18:09:14 GMT
age: 433088
x-served-by: cache-iad-kcgs7200097-IAD, cache-lcy-eglc8600090-LCY
x-cache: HIT, HIT
x-cache-hits: 47, 792
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 00a2b1f1bb607b6c82587c9f9df2d2c50b47de1e
content-length: 7714
GET

https://github.githubassets.com/assets/repository-d031bcc14e1b.css

msedge.exe

Remote address:

185.199.110.154:443

Request

GET /assets/repository-d031bcc14e1b.css HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: text/css,*/*;q=0.1
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: style
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: text/css
last-modified: Mon, 26 Aug 2024 16:36:17 GMT
etag: "0x8DCC5ED35736954"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 13 Dec 2024 18:10:18 GMT
age: 4067025
x-served-by: cache-iad-kjyo7100115-IAD, cache-lcy-eglc8600090-LCY
x-cache: HIT, HIT
x-cache-hits: 32, 16403
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 6dda430009421b6aeb70978de9ded11b69d8e715
content-length: 479
GET

https://github.githubassets.com/assets/code-9e1913b328be.css

msedge.exe

Remote address:

185.199.110.154:443

Request

GET /assets/code-9e1913b328be.css HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: text/css,*/*;q=0.1
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: style
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Thu, 08 Aug 2024 18:12:15 GMT
etag: "0x8DCB7D5A25F63A1"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 13 Dec 2024 18:10:18 GMT
age: 2082117
x-served-by: cache-iad-kiad7000040-IAD, cache-lcy-eglc8600090-LCY
x-cache: HIT, HIT
x-cache-hits: 7891, 15529
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 6d7260aeac8dd43fcfda74eb885242b5a0af66ce
content-length: 3888
GET

https://github.githubassets.com/assets/notifications-subscriptions-menu.1bcff9205c241e99cff2.module.css

msedge.exe

Remote address:

185.199.110.154:443

Request

GET /assets/notifications-subscriptions-menu.1bcff9205c241e99cff2.module.css HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: text/css,*/*;q=0.1
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: style
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Thu, 05 Dec 2024 15:49:07 GMT
etag: "0x8DD15445A24BD36"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 13 Dec 2024 18:10:18 GMT
age: 433657
x-served-by: cache-iad-kcgs7200068-IAD, cache-lcy-eglc8600090-LCY
x-cache: MISS, HIT
x-cache-hits: 0, 9267
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: fbefcb40bc05cc118992aec75be0da8e6106cc1e
content-length: 5491
GET

https://github.githubassets.com/assets/vendors-node_modules_virtualized-list_es_index_js-node_modules_github_template-parts_lib_index_js-96453a51f920.js

msedge.exe

Remote address:

185.199.110.154:443

Request

GET /assets/vendors-node_modules_virtualized-list_es_index_js-node_modules_github_template-parts_lib_index_js-96453a51f920.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: text/css
last-modified: Tue, 26 Nov 2024 21:12:56 GMT
etag: "0x8DD0E5F193AF82C"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 13 Dec 2024 18:10:18 GMT
age: 780448
x-served-by: cache-iad-kjyo7100144-IAD, cache-lcy-eglc8600090-LCY
x-cache: HIT, HIT
x-cache-hits: 19, 19864
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: c9a65014ee6dee0d2b68a325b240d3a686c4b0a8
content-length: 5150
GET

https://github.githubassets.com/assets/vendors-node_modules_github_remote-form_dist_index_js-node_modules_delegated-events_dist_inde-70450e-eecf0d50276f.js

msedge.exe

Remote address:

185.199.110.154:443

Request

GET /assets/vendors-node_modules_github_remote-form_dist_index_js-node_modules_delegated-events_dist_inde-70450e-eecf0d50276f.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Mon, 25 Nov 2024 14:39:53 GMT
etag: "0x8DD0D5F064BBD59"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 13 Dec 2024 18:10:18 GMT
age: 877476
x-served-by: cache-iad-kiad7000150-IAD, cache-lcy-eglc8600090-LCY
x-cache: HIT, HIT
x-cache-hits: 17, 14207
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 7eebbc8966efa9abe7ac750e617004d85d4152f6
content-length: 4975
GET

https://github.githubassets.com/assets/app_assets_modules_github_ref-selector_ts-74c351a8d897.js

msedge.exe

Remote address:

185.199.110.154:443

Request

GET /assets/app_assets_modules_github_ref-selector_ts-74c351a8d897.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Thu, 05 Dec 2024 15:49:04 GMT
etag: "0x8DD15445878EE8D"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 13 Dec 2024 18:10:18 GMT
age: 433656
x-served-by: cache-iad-kcgs7200042-IAD, cache-lcy-eglc8600090-LCY
x-cache: MISS, HIT
x-cache-hits: 0, 11621
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: f2e3472e11a93cc06ae26420d573614089f383b4
content-length: 4951
GET

https://github.githubassets.com/assets/codespaces-a493a4b9528f.js

msedge.exe

Remote address:

185.199.110.154:443

Request

GET /assets/codespaces-a493a4b9528f.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: text/css
last-modified: Fri, 06 Dec 2024 20:56:32 GMT
etag: "0x8DD16387725931D"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 13 Dec 2024 18:10:18 GMT
age: 265705
x-served-by: cache-iad-kjyo7100112-IAD, cache-lcy-eglc8600090-LCY
x-cache: HIT, HIT
x-cache-hits: 10, 6440
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 8450a972b327c496d88d73d0fc2e57a3839e382a
content-length: 5163
GET

https://github.githubassets.com/assets/vendors-node_modules_github_filter-input-element_dist_index_js-node_modules_github_remote-inp-3eebbd-0763620ad7bf.js

msedge.exe

Remote address:

185.199.110.154:443

Request

GET /assets/vendors-node_modules_github_filter-input-element_dist_index_js-node_modules_github_remote-inp-3eebbd-0763620ad7bf.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Thu, 05 Dec 2024 15:49:16 GMT
etag: "0x8DD15445FC3AE69"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 13 Dec 2024 18:10:18 GMT
age: 433656
x-served-by: cache-iad-kcgs7200159-IAD, cache-lcy-eglc8600090-LCY
x-cache: MISS, HIT
x-cache-hits: 0, 10278
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: d3b9cfbd5600ffd59d68c654ad0ff39475151ed9
content-length: 6126
GET

https://github.githubassets.com/assets/vendors-node_modules_github_mini-throttle_dist_decorators_js-node_modules_delegated-events_di-e161aa-9d41fb1b6c9e.js

msedge.exe

Remote address:

185.199.110.154:443

Request

GET /assets/vendors-node_modules_github_mini-throttle_dist_decorators_js-node_modules_delegated-events_di-e161aa-9d41fb1b6c9e.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Mon, 25 Nov 2024 15:32:27 GMT
etag: "0x8DD0D665E7C17D4"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 13 Dec 2024 18:10:18 GMT
age: 433656
x-served-by: cache-iad-kcgs7200094-IAD, cache-lcy-eglc8600090-LCY
x-cache: MISS, HIT
x-cache-hits: 0, 10130
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 093160cc83f0c63499f560cafaac19e435501a4e
content-length: 2646
GET

https://github.githubassets.com/assets/vendors-node_modules_github_file-attachment-element_dist_index_js-node_modules_github_remote--3c9c82-7238cfcdaa51.js

msedge.exe

Remote address:

185.199.110.154:443

Request

GET /assets/vendors-node_modules_github_file-attachment-element_dist_index_js-node_modules_github_remote--3c9c82-7238cfcdaa51.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Sat, 16 Nov 2024 19:35:21 GMT
etag: "0x8DD0675CF86BAD9"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 13 Dec 2024 18:10:18 GMT
age: 433656
x-served-by: cache-iad-kiad7000054-IAD, cache-lcy-eglc8600090-LCY
x-cache: MISS, HIT
x-cache-hits: 0, 9979
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 5be836c1122ee7587def9a10d414a6d61de539a6
content-length: 4341
GET

https://github.githubassets.com/assets/repositories-f3093651fb0e.js

msedge.exe

Remote address:

185.199.110.154:443

Request

GET /assets/repositories-f3093651fb0e.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Mon, 09 Dec 2024 13:29:38 GMT
etag: "0x8DD185587B55AC2"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 13 Dec 2024 18:10:18 GMT
age: 248905
x-served-by: cache-iad-kcgs7200080-IAD, cache-lcy-eglc8600090-LCY
x-cache: HIT, HIT
x-cache-hits: 19, 4927
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 77de7dc17fa677a375d5cff0ceb9b9d8275db8a7
content-length: 5400
GET

https://github.githubassets.com/assets/vendors-node_modules_github_mini-throttle_dist_index_js-node_modules_github_catalyst_lib_inde-dbbea9-26cce2010167.js

msedge.exe

Remote address:

185.199.110.154:443

Request

GET /assets/vendors-node_modules_github_mini-throttle_dist_index_js-node_modules_github_catalyst_lib_inde-dbbea9-26cce2010167.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Thu, 05 Dec 2024 15:49:16 GMT
etag: "0x8DD15445FC02FE8"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 13 Dec 2024 18:10:18 GMT
age: 433657
x-served-by: cache-iad-kiad7000022-IAD, cache-lcy-eglc8600090-LCY
x-cache: MISS, HIT
x-cache-hits: 0, 9437
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: dc39e314dfc9419a1c40b5438b8dc1bed19bce2d
content-length: 3500
GET

https://github.githubassets.com/assets/code-menu-a6586c32bc2f.js

msedge.exe

Remote address:

185.199.110.154:443

Request

GET /assets/code-menu-a6586c32bc2f.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Thu, 05 Dec 2024 15:49:07 GMT
etag: "0x8DD15445A20CA09"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 13 Dec 2024 18:10:18 GMT
age: 433657
x-served-by: cache-iad-kcgs7200137-IAD, cache-lcy-eglc8600090-LCY
x-cache: MISS, HIT
x-cache-hits: 0, 10131
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 2295cd5479fec7b69587331dfeb7c3f158bf2802
content-length: 3454
GET

https://github.githubassets.com/assets/notifications-subscriptions-menu-51601778bd8d.js

msedge.exe

Remote address:

185.199.110.154:443

Request

GET /assets/notifications-subscriptions-menu-51601778bd8d.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Tue, 10 Dec 2024 22:28:27 GMT
etag: "0x8DD1969F7D55965"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 13 Dec 2024 18:10:18 GMT
age: 239094
x-served-by: cache-iad-kcgs7200176-IAD, cache-lcy-eglc8600090-LCY
x-cache: HIT, HIT
x-cache-hits: 62, 5883
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 67c28d89623b98cd690e8699d31e3fe02a3b8dcb
content-length: 16144
GET

https://github.githubassets.com/assets/repos-overview.9cc263aa0716ce801059.module.css

msedge.exe

Remote address:

185.199.110.154:443

Request

GET /assets/repos-overview.9cc263aa0716ce801059.module.css HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: text/css,*/*;q=0.1
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: style
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Tue, 10 Dec 2024 18:53:47 GMT
etag: "0x8DD194BFA81CCF1"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 13 Dec 2024 18:10:18 GMT
age: 248916
x-served-by: cache-iad-kjyo7100083-IAD, cache-lcy-eglc8600090-LCY
x-cache: HIT, HIT
x-cache-hits: 25, 4152
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 7456bd4d7234b7997a3b15e59fc1d0c8c1ab8199
content-length: 6283
GET

https://github.githubassets.com/assets/vendors-node_modules_dompurify_dist_purify_js-b89b98661809.js

msedge.exe

Remote address:

185.199.110.154:443

Request

GET /assets/vendors-node_modules_dompurify_dist_purify_js-b89b98661809.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Thu, 12 Dec 2024 00:53:47 GMT
etag: "0x8DD1A476FB957F2"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 13 Dec 2024 18:10:18 GMT
age: 88726
x-served-by: cache-iad-kiad7000047-IAD, cache-lcy-eglc8600090-LCY
x-cache: HIT, HIT
x-cache-hits: 8, 2421
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 4f7915390082740165aa1a0bf8fd103a6a069521
content-length: 20090
GET

https://github.githubassets.com/assets/ui_packages_ref-selector_RefSelector_tsx-9445f4afb2bc.js

msedge.exe

Remote address:

185.199.110.154:443

Request

GET /assets/ui_packages_ref-selector_RefSelector_tsx-9445f4afb2bc.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Tue, 12 Nov 2024 14:39:52 GMT
etag: "0x8DD0327DE7A8BE3"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 13 Dec 2024 18:10:18 GMT
age: 433671
x-served-by: cache-iad-kiad7000107-IAD, cache-lcy-eglc8600090-LCY
x-cache: HIT, HIT
x-cache-hits: 1, 10914
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: f8833abe5a5a6a04eb42aea37e769e6a877799f7
content-length: 8037
GET

https://github.githubassets.com/assets/ui_packages_code-view-shared_hooks_use-canonical-object_ts-ui_packages_code-view-shared_hooks-a6859a-6f85088e9b13.js

msedge.exe

Remote address:

185.199.110.154:443

Request

GET /assets/ui_packages_code-view-shared_hooks_use-canonical-object_ts-ui_packages_code-view-shared_hooks-a6859a-6f85088e9b13.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Thu, 12 Dec 2024 16:49:57 GMT
etag: "0x8DD1ACD02A13EE8"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 13 Dec 2024 18:10:18 GMT
age: 76016
x-served-by: cache-iad-kiad7000040-IAD, cache-lcy-eglc8600090-LCY
x-cache: HIT, HIT
x-cache-hits: 46, 1654
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 48c3769f3886e1882d2504f1805d9781c3c9b7a5
content-length: 21042
GET

https://github.githubassets.com/assets/ui_packages_commit-attribution_index_ts-ui_packages_commit-checks-status_index_ts-ui_packages-ba46f8-39f0ccb45f29.js

msedge.exe

Remote address:

185.199.110.154:443

Request

GET /assets/ui_packages_commit-attribution_index_ts-ui_packages_commit-checks-status_index_ts-ui_packages-ba46f8-39f0ccb45f29.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: text/css
last-modified: Tue, 22 Oct 2024 14:40:08 GMT
etag: "0x8DCF2A76D2FB21D"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 13 Dec 2024 18:10:18 GMT
age: 2107391
x-served-by: cache-iad-kiad7000028-IAD, cache-lcy-eglc8600090-LCY
x-cache: HIT, HIT
x-cache-hits: 49, 11417
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: ece6d30322fb69a0abe5a3abbf028df18781fb71
content-length: 222
GET

https://github.githubassets.com/assets/repos-overview-1cb3b222c0fd.js

msedge.exe

Remote address:

185.199.110.154:443

Request

GET /assets/repos-overview-1cb3b222c0fd.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Mon, 09 Dec 2024 20:16:01 GMT
etag: "0x8DD188E4CEF39E5"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 13 Dec 2024 18:10:18 GMT
age: 248905
x-served-by: cache-iad-kiad7000130-IAD, cache-lcy-eglc8600090-LCY
x-cache: HIT, HIT
x-cache-hits: 19, 3655
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 8bcce94b796b015faa89f964f46ae65d2cf7571c
content-length: 9257
GET

https://github.githubassets.com/assets/chunk-ui_packages_code-view-shared_components_files-search_FileResultsList_tsx-9889e76b905e.js

msedge.exe

Remote address:

185.199.110.154:443

Request

GET /assets/chunk-ui_packages_code-view-shared_components_files-search_FileResultsList_tsx-9889e76b905e.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Mon, 09 Dec 2024 13:29:32 GMT
etag: "0x8DD185583E1EC04"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 13 Dec 2024 18:10:19 GMT
age: 248906
x-served-by: cache-iad-kjyo7100065-IAD, cache-lcy-eglc8600090-LCY
x-cache: HIT, HIT
x-cache-hits: 17, 3404
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 1b3105ae74b003e2bec58fe6dfa382c6b11dcdbe
content-length: 5069
GET

https://github.githubassets.com/assets/react-code-view.6b587a69b593e23c3657.module.css

msedge.exe

Remote address:

185.199.110.154:443

Request

GET /assets/react-code-view.6b587a69b593e23c3657.module.css HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: text/css,*/*;q=0.1
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: style
referer: https://github.com/Da2dalus/The-MALWARE-Repo/tree/master/Virus
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: text/css
last-modified: Thu, 07 Nov 2024 20:35:22 GMT
etag: "0x8DCFF6BB3DAE07C"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 13 Dec 2024 18:10:28 GMT
age: 3019467
x-served-by: cache-iad-kjyo7100022-IAD, cache-lcy-eglc8600090-LCY
x-cache: HIT, HIT
x-cache-hits: 71, 6723
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: f9e720cc9c899de642333e200d94262478739eab
content-length: 1101
GET

https://github.githubassets.com/assets/vendors-node_modules_lodash-es__Stack_js-node_modules_lodash-es__Uint8Array_js-node_modules_l-4faaa6-10d8eea337ce.js

msedge.exe

Remote address:

185.199.110.154:443

Request

GET /assets/vendors-node_modules_lodash-es__Stack_js-node_modules_lodash-es__Uint8Array_js-node_modules_l-4faaa6-10d8eea337ce.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/tree/master/Virus
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Tue, 12 Nov 2024 00:52:41 GMT
etag: "0x8DD02B4500E09CE"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 13 Dec 2024 18:10:28 GMT
age: 433667
x-served-by: cache-iad-kcgs7200047-IAD, cache-lcy-eglc8600090-LCY
x-cache: MISS, HIT
x-cache-hits: 0, 6531
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 093ef55b3ea0a9c1c99f1ad1e518c994b9f989b0
content-length: 2137
GET

https://github.githubassets.com/assets/vendors-node_modules_lodash-es__baseIsEqual_js-8929eb9718d5.js

msedge.exe

Remote address:

185.199.110.154:443

Request

GET /assets/vendors-node_modules_lodash-es__baseIsEqual_js-8929eb9718d5.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/tree/master/Virus
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Mon, 16 Sep 2024 23:19:54 GMT
etag: "0x8DCD6A6128E8C4A"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 13 Dec 2024 18:10:28 GMT
age: 3374355
x-served-by: cache-iad-kiad7000157-IAD, cache-lcy-eglc8600090-LCY
x-cache: HIT, HIT
x-cache-hits: 49, 8477
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: e50e21f71d365704b9c4872fa52fc5d910fda620
content-length: 2209
GET

https://github.githubassets.com/assets/vendors-node_modules_github_hydro-analytics-client_dist_analytics-client_js-node_modules_gith-6c9205-5be7897ceb98.js

msedge.exe

Remote address:

185.199.110.154:443

Request

GET /assets/vendors-node_modules_github_hydro-analytics-client_dist_analytics-client_js-node_modules_gith-6c9205-5be7897ceb98.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/tree/master/Virus
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Thu, 12 Dec 2024 16:49:57 GMT
etag: "0x8DD1ACD031AB395"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 13 Dec 2024 18:10:28 GMT
age: 76036
x-served-by: cache-iad-kjyo7100057-IAD, cache-lcy-eglc8600090-LCY
x-cache: HIT, HIT
x-cache-hits: 24, 1072
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 60edef7b656e15e4bdbf512b73994cd106da268d
content-length: 3222
GET

https://github.githubassets.com/assets/vendors-node_modules_focus-visible_dist_focus-visible_js-node_modules_fzy_js_index_js-node_mo-f8ea3a-77f7bac5c79f.js

msedge.exe

Remote address:

185.199.110.154:443

Request

GET /assets/vendors-node_modules_focus-visible_dist_focus-visible_js-node_modules_fzy_js_index_js-node_mo-f8ea3a-77f7bac5c79f.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/tree/master/Virus
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Thu, 12 Dec 2024 16:49:57 GMT
etag: "0x8DD1ACD031C5F6A"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 13 Dec 2024 18:10:28 GMT
age: 76037
x-served-by: cache-iad-kjyo7100030-IAD, cache-lcy-eglc8600090-LCY
x-cache: HIT, HIT
x-cache-hits: 73, 933
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 2d6bfdd95053baf96042e50c084e8b2866b83098
content-length: 6563
GET

https://github.githubassets.com/assets/ui_packages_code-view-shared_utilities_web-worker_ts-ui_packages_code-view-shared_worker-jobs-cdcae1-f0dc8f3ae3e0.js

msedge.exe

Remote address:

185.199.110.154:443

Request

GET /assets/ui_packages_code-view-shared_utilities_web-worker_ts-ui_packages_code-view-shared_worker-jobs-cdcae1-f0dc8f3ae3e0.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/tree/master/Virus
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Tue, 10 Dec 2024 01:09:57 GMT
etag: "0x8DD18B75D2F881B"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 13 Dec 2024 18:10:28 GMT
age: 248926
x-served-by: cache-iad-kjyo7100101-IAD, cache-lcy-eglc8600090-LCY
x-cache: HIT, HIT
x-cache-hits: 58, 2116
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 30b7a612b09b19cf7a105db1a4c874ad8ffad1b6
content-length: 9430
GET

https://github.githubassets.com/assets/ui_packages_document-metadata_document-metadata_ts-ui_packages_repos-file-tree-view_repos-fil-5db355-20987ff3233b.js

msedge.exe

Remote address:

185.199.110.154:443

Request

GET /assets/ui_packages_document-metadata_document-metadata_ts-ui_packages_repos-file-tree-view_repos-fil-5db355-20987ff3233b.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/tree/master/Virus
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Thu, 12 Dec 2024 21:09:34 GMT
etag: "0x8DD1AF147577891"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 13 Dec 2024 18:10:28 GMT
age: 59862
x-served-by: cache-iad-kjyo7100050-IAD, cache-lcy-eglc8600090-LCY
x-cache: HIT, HIT
x-cache-hits: 60, 927
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: f63d2a33c017c700801a9e2b28a3625d2227a762
content-length: 13660
GET

https://github.githubassets.com/assets/react-code-view-8de22c3cf6c2.js

msedge.exe

Remote address:

185.199.110.154:443

Request

GET /assets/react-code-view-8de22c3cf6c2.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/tree/master/Virus
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Fri, 13 Dec 2024 07:17:33 GMT
etag: "0x8DD1B4636EE8026"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 13 Dec 2024 18:10:28 GMT
age: 36757
x-served-by: cache-iad-kiad7000061-IAD, cache-lcy-eglc8600090-LCY
x-cache: HIT, HIT
x-cache-hits: 8, 847
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 1f82c2d97bbb17240d8ee841a2c9768157b1070b
content-length: 63552
DNS

136.32.126.40.in-addr.arpa

Remote address:

8.8.8.8:53

Request

136.32.126.40.in-addr.arpa

IN PTR

Response
DNS

210.156.26.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

210.156.26.20.in-addr.arpa

IN PTR

Response
DNS

r.bing.com

Remote address:

8.8.8.8:53

Request

r.bing.com

IN A

Response

r.bing.com

IN CNAME

p-static.bing.trafficmanager.net

p-static.bing.trafficmanager.net

IN CNAME

r.bing.com.edgekey.net

r.bing.com.edgekey.net

IN CNAME

e86303.dscx.akamaiedge.net

e86303.dscx.akamaiedge.net

IN A

95.101.143.210

e86303.dscx.akamaiedge.net

IN A

95.101.143.195

e86303.dscx.akamaiedge.net

IN A

95.101.143.202

e86303.dscx.akamaiedge.net

IN A

95.101.143.177

e86303.dscx.akamaiedge.net

IN A

88.221.135.0

e86303.dscx.akamaiedge.net

IN A

95.101.143.193

e86303.dscx.akamaiedge.net

IN A

95.101.143.185

e86303.dscx.akamaiedge.net

IN A

88.221.135.25

e86303.dscx.akamaiedge.net

IN A

95.101.143.182
DNS

www2.bing.com

Remote address:

8.8.8.8:53

Request

www2.bing.com

IN A

Response

www2.bing.com

IN CNAME

www2-www2.bing.com.trafficmanager.net

www2-www2.bing.com.trafficmanager.net

IN CNAME

www-bing-com.dual-a-0034.a-msedge.net

www-bing-com.dual-a-0034.a-msedge.net

IN CNAME

dual-a-0034.a-msedge.net

dual-a-0034.a-msedge.net

IN A

13.107.21.237

dual-a-0034.a-msedge.net

IN A

204.79.197.237
DNS

21.49.80.91.in-addr.arpa

Remote address:

8.8.8.8:53

Request

21.49.80.91.in-addr.arpa

IN PTR

Response
DNS

133.111.199.185.in-addr.arpa

Remote address:

8.8.8.8:53

Request

133.111.199.185.in-addr.arpa

IN PTR

Response

133.111.199.185.in-addr.arpa

IN PTR

cdn-185-199-111-133githubcom
DNS

154.110.199.185.in-addr.arpa

Remote address:

8.8.8.8:53

Request

154.110.199.185.in-addr.arpa

IN PTR

Response

154.110.199.185.in-addr.arpa

IN PTR

cdn-185-199-110-154githubcom
DNS

www.bing.com

Remote address:

8.8.8.8:53

Request

www.bing.com

IN A

Response

www.bing.com

IN CNAME

www-www.bing.com.trafficmanager.net

www-www.bing.com.trafficmanager.net

IN CNAME

www.bing.com.edgekey.net

www.bing.com.edgekey.net

IN CNAME

e86303.dscx.akamaiedge.net

e86303.dscx.akamaiedge.net

IN A

88.221.135.51

e86303.dscx.akamaiedge.net

IN A

88.221.135.57

e86303.dscx.akamaiedge.net

IN A

95.101.143.195

e86303.dscx.akamaiedge.net

IN A

95.101.143.177

e86303.dscx.akamaiedge.net

IN A

95.101.143.193

e86303.dscx.akamaiedge.net

IN A

95.101.143.34

e86303.dscx.akamaiedge.net

IN A

95.101.143.185

e86303.dscx.akamaiedge.net

IN A

95.101.143.202

e86303.dscx.akamaiedge.net

IN A

88.221.135.33
DNS

2.159.190.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

2.159.190.20.in-addr.arpa

IN PTR

Response
DNS

ctldl.windowsupdate.com

Remote address:

8.8.8.8:53

Request

ctldl.windowsupdate.com

IN A

Response

ctldl.windowsupdate.com

IN CNAME

ctldl.windowsupdate.com.delivery.microsoft.com

ctldl.windowsupdate.com.delivery.microsoft.com

IN CNAME

wu-b-net.trafficmanager.net

wu-b-net.trafficmanager.net

IN CNAME

edge.ds-c7110-microsoft.global.dns.qwilted-cds.cqloud.com

edge.ds-c7110-microsoft.global.dns.qwilted-cds.cqloud.com

IN CNAME

default.qdr.p1.ds-c7110-microsoft.global.dns.qwilted-cds.cqloud.com

default.qdr.p1.ds-c7110-microsoft.global.dns.qwilted-cds.cqloud.com

IN A

91.80.49.21

default.qdr.p1.ds-c7110-microsoft.global.dns.qwilted-cds.cqloud.com

IN A

91.81.129.182

default.qdr.p1.ds-c7110-microsoft.global.dns.qwilted-cds.cqloud.com

IN A

91.80.49.22

default.qdr.p1.ds-c7110-microsoft.global.dns.qwilted-cds.cqloud.com

IN A

91.80.49.86

default.qdr.p1.ds-c7110-microsoft.global.dns.qwilted-cds.cqloud.com

IN A

91.81.130.134
DNS

raw.githubusercontent.com

Remote address:

8.8.8.8:53

Request

raw.githubusercontent.com

IN A

Response

raw.githubusercontent.com

IN A

185.199.111.133

raw.githubusercontent.com

IN A

185.199.108.133

raw.githubusercontent.com

IN A

185.199.109.133

raw.githubusercontent.com

IN A

185.199.110.133
DNS

133.109.199.185.in-addr.arpa

Remote address:

8.8.8.8:53

Request

133.109.199.185.in-addr.arpa

IN PTR

Response

133.109.199.185.in-addr.arpa

IN PTR

cdn-185-199-109-133githubcom
DNS

www.bing.com

Remote address:

8.8.8.8:53

Request

www.bing.com

IN A

Response

www.bing.com

IN CNAME

www-www.bing.com.trafficmanager.net

www-www.bing.com.trafficmanager.net

IN CNAME

www.bing.com.edgekey.net

www.bing.com.edgekey.net

IN CNAME

e86303.dscx.akamaiedge.net

e86303.dscx.akamaiedge.net

IN A

95.101.143.210

e86303.dscx.akamaiedge.net

IN A

88.221.135.33

e86303.dscx.akamaiedge.net

IN A

88.221.135.0

e86303.dscx.akamaiedge.net

IN A

88.221.135.26

e86303.dscx.akamaiedge.net

IN A

95.101.143.177

e86303.dscx.akamaiedge.net

IN A

95.101.143.34

e86303.dscx.akamaiedge.net

IN A

88.221.135.25

e86303.dscx.akamaiedge.net

IN A

95.101.143.183

e86303.dscx.akamaiedge.net

IN A

95.101.143.193
DNS

login.microsoftonline.com

Remote address:

8.8.8.8:53

Request

login.microsoftonline.com

IN A

Response

login.microsoftonline.com

IN CNAME

login.mso.msidentity.com

login.mso.msidentity.com

IN CNAME

ak.privatelink.msidentity.com

ak.privatelink.msidentity.com

IN CNAME

www.tm.ak.prd.aadg.trafficmanager.net

www.tm.ak.prd.aadg.trafficmanager.net

IN A

20.190.159.2

www.tm.ak.prd.aadg.trafficmanager.net

IN A

20.190.159.23

www.tm.ak.prd.aadg.trafficmanager.net

IN A

20.190.159.71

www.tm.ak.prd.aadg.trafficmanager.net

IN A

20.190.159.0

www.tm.ak.prd.aadg.trafficmanager.net

IN A

20.190.159.75

www.tm.ak.prd.aadg.trafficmanager.net

IN A

40.126.31.71

www.tm.ak.prd.aadg.trafficmanager.net

IN A

40.126.31.69

www.tm.ak.prd.aadg.trafficmanager.net

IN A

40.126.31.73
DNS

tse1.mm.bing.net

Remote address:

8.8.8.8:53

Request

tse1.mm.bing.net

IN A

Response

tse1.mm.bing.net

IN CNAME

mm-mm.bing.net.trafficmanager.net

mm-mm.bing.net.trafficmanager.net

IN CNAME

ax-0001.ax-msedge.net

ax-0001.ax-msedge.net

IN A

150.171.28.10

ax-0001.ax-msedge.net

IN A

150.171.27.10
DNS

github-cloud.s3.amazonaws.com

Remote address:

8.8.8.8:53

Request

github-cloud.s3.amazonaws.com

IN A

Response

github-cloud.s3.amazonaws.com

IN CNAME

s3-1-w.amazonaws.com

s3-1-w.amazonaws.com

IN CNAME

s3-w.us-east-1.amazonaws.com

s3-w.us-east-1.amazonaws.com

IN A

54.231.228.65

s3-w.us-east-1.amazonaws.com

IN A

3.5.27.130

s3-w.us-east-1.amazonaws.com

IN A

52.217.228.241

s3-w.us-east-1.amazonaws.com

IN A

3.5.12.86

s3-w.us-east-1.amazonaws.com

IN A

52.216.209.41

s3-w.us-east-1.amazonaws.com

IN A

3.5.29.185

s3-w.us-east-1.amazonaws.com

IN A

52.217.18.228

s3-w.us-east-1.amazonaws.com

IN A

54.231.164.49
DNS

github.com

Remote address:

8.8.8.8:53

Request

github.com

IN A

Response

github.com

IN A

20.26.156.215
DNS

95.221.229.192.in-addr.arpa

Remote address:

8.8.8.8:53

Request

95.221.229.192.in-addr.arpa

IN PTR

Response
DNS

210.143.101.95.in-addr.arpa

Remote address:

8.8.8.8:53

Request

210.143.101.95.in-addr.arpa

IN PTR

Response

210.143.101.95.in-addr.arpa

IN PTR

a95-101-143-210deploystaticakamaitechnologiescom
DNS

login.live.com

Remote address:

8.8.8.8:53

Request

login.live.com

IN A

Response

login.live.com

IN CNAME

login.msa.msidentity.com

login.msa.msidentity.com

IN CNAME

www.tm.lg.prod.aadmsa.trafficmanager.net

www.tm.lg.prod.aadmsa.trafficmanager.net

IN CNAME

prdv4a.aadg.msidentity.com

prdv4a.aadg.msidentity.com

IN CNAME

www.tm.v4.a.prd.aadg.akadns.net

www.tm.v4.a.prd.aadg.akadns.net

IN A

20.190.160.20

www.tm.v4.a.prd.aadg.akadns.net

IN A

40.126.32.136

www.tm.v4.a.prd.aadg.akadns.net

IN A

40.126.32.76

www.tm.v4.a.prd.aadg.akadns.net

IN A

40.126.32.140

www.tm.v4.a.prd.aadg.akadns.net

IN A

40.126.32.133

www.tm.v4.a.prd.aadg.akadns.net

IN A

40.126.32.134

www.tm.v4.a.prd.aadg.akadns.net

IN A

20.190.160.14

www.tm.v4.a.prd.aadg.akadns.net

IN A

40.126.32.72
DNS

10.28.171.150.in-addr.arpa

Remote address:

8.8.8.8:53

Request

10.28.171.150.in-addr.arpa

IN PTR

Response
DNS

api.github.com

Remote address:

8.8.8.8:53

Request

api.github.com

IN A

Response

api.github.com

IN A

20.26.156.210
GET

https://github.githubassets.com/assets/figma-62d390a52419.webp

msedge.exe

Remote address:

185.199.110.154:443

Request

GET /assets/figma-62d390a52419.webp HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://github.githubassets.com/assets/home-7d9ef44a828b.css
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: image/webp
last-modified: Wed, 13 Nov 2024 20:13:02 GMT
etag: "0x8DD041F93B1E368"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 13 Dec 2024 18:09:11 GMT
age: 2566803
x-served-by: cache-iad-kiad7000099-IAD, cache-lcy-eglc8600031-LCY
x-cache: HIT, HIT
x-cache-hits: 49, 691
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 4d66cfc01b031a55730f6d73415d461c36c74816
content-length: 42368
GET

https://github.githubassets.com/assets/mercedes-benz-d8f89b041561.webp

msedge.exe

Remote address:

185.199.110.154:443

Request

GET /assets/mercedes-benz-d8f89b041561.webp HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://github.githubassets.com/assets/home-7d9ef44a828b.css
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: image/webp
last-modified: Wed, 13 Nov 2024 20:13:03 GMT
etag: "0x8DD041F94387D10"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 13 Dec 2024 18:09:11 GMT
age: 2566803
x-served-by: cache-iad-kjyo7100062-IAD, cache-lcy-eglc8600031-LCY
x-cache: HIT, HIT
x-cache-hits: 49, 698
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 3ea618a20846d2cdee6cbfbdc33b6850289b316c
content-length: 42268
GET

https://github.githubassets.com/assets/mercado-libre-579cb5447302.webp

msedge.exe

Remote address:

185.199.110.154:443

Request

GET /assets/mercado-libre-579cb5447302.webp HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://github.githubassets.com/assets/home-7d9ef44a828b.css
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: image/webp
last-modified: Wed, 13 Nov 2024 20:13:03 GMT
etag: "0x8DD041F943A4FC1"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 13 Dec 2024 18:09:11 GMT
age: 2566803
x-served-by: cache-iad-kcgs7200067-IAD, cache-lcy-eglc8600031-LCY
x-cache: HIT, HIT
x-cache-hits: 17318, 692
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: a1c955ae16a5510a37421429f696e663f7b6958a
content-length: 41184
GET

https://github.githubassets.com/assets/code-1_poster_desktop-b2dc87b71fdc.webp

msedge.exe

Remote address:

185.199.110.154:443

Request

GET /assets/code-1_poster_desktop-b2dc87b71fdc.webp HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://github.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: image/webp
last-modified: Wed, 13 Nov 2024 20:13:01 GMT
etag: "0x8DD041F933356FD"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 13 Dec 2024 18:09:13 GMT
age: 2566805
x-served-by: cache-iad-kjyo7100081-IAD, cache-lcy-eglc8600031-LCY
x-cache: HIT, HIT
x-cache-hits: 44, 611
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 3db16ec3cbc75ff42e40c608e1ba9d7ebc7ab009
content-length: 126762
GET

https://github.githubassets.com/assets/hero_poster_desktop-aafcb240c684.webp

msedge.exe

Remote address:

185.199.110.154:443

Request

GET /assets/hero_poster_desktop-aafcb240c684.webp HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://github.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: image/webp
last-modified: Wed, 13 Nov 2024 20:13:02 GMT
etag: "0x8DD041F93D6F4E3"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 13 Dec 2024 18:09:13 GMT
age: 2566806
x-served-by: cache-iad-kjyo7100025-IAD, cache-lcy-eglc8600031-LCY
x-cache: HIT, HIT
x-cache-hits: 85, 656
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 0dab3002df3610e415a2871e19dee6d8d3675371
content-length: 105898
GET

https://github.githubassets.com/assets/code-1_desktop-7ab52aea3358.mp4

msedge.exe

Remote address:

185.199.110.154:443

Request

GET /assets/code-1_desktop-7ab52aea3358.mp4 HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
accept-encoding: identity;q=1, *;q=0
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: video
referer: https://github.com/
accept-language: en-US,en;q=0.9
range: bytes=0-

Response

HTTP/2.0 206

cache-control: public, max-age=31536000, immutable
content-type: video/mp4
last-modified: Fri, 25 Oct 2024 11:16:06 GMT
etag: "0x8DCF4E66BD13052"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
age: 3587565
content-range: bytes 0-481733/481734
date: Fri, 13 Dec 2024 18:09:13 GMT
x-served-by: cache-iad-kcgs7200165-IAD, cache-lcy-eglc8600031-LCY
x-cache: HIT, HIT
x-cache-hits: 17, 0
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: c0710fa8a22d5fc8af7d6765aba67e1cb497e2ed
content-length: 481734
GET

https://github.githubassets.com/assets/hero_desktop-4dc318ea1962.mp4

msedge.exe

Remote address:

185.199.110.154:443

Request

GET /assets/hero_desktop-4dc318ea1962.mp4 HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
accept-encoding: identity;q=1, *;q=0
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: video
referer: https://github.com/
accept-language: en-US,en;q=0.9
range: bytes=0-

Response

HTTP/2.0 206

cache-control: public, max-age=31536000, immutable
content-type: video/mp4
last-modified: Fri, 25 Oct 2024 11:16:04 GMT
etag: "0x8DCF4E66A86E9EE"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
age: 3473051
content-range: bytes 0-1081683/1081684
date: Fri, 13 Dec 2024 18:09:13 GMT
x-served-by: cache-iad-kcgs7200053-IAD, cache-lcy-eglc8600031-LCY
x-cache: MISS, HIT
x-cache-hits: 0, 0
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 0de29c1f6c0e836328ab2ddd6e92034e20d67b7d
content-length: 1081684
GET

https://github.githubassets.com/favicons/favicon.svg

msedge.exe

Remote address:

185.199.110.154:443

Request

GET /favicons/favicon.svg HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://github.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: image/svg+xml
content-md5: bYAvaN8MCaSZfP0o7q/Z/w==
last-modified: Wed, 14 Aug 2024 19:18:58 GMT
etag: "0x8DCBC95F2647EDF"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 13 Dec 2024 18:09:14 GMT
age: 115
x-served-by: cache-iad-kiad7000081-IAD, cache-lcy-eglc8600031-LCY
x-cache: HIT, HIT
x-cache-hits: 1694476, 2
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: cd7e5d1f521d0b10072fe82994c59dec04f52be3
content-length: 959
GET

https://github.githubassets.com/favicons/favicon.png

msedge.exe

Remote address:

185.199.110.154:443

Request

GET /favicons/favicon.png HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://github.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: image/png
content-md5: YDrNCDxuYozaAYS2sPzvIQ==
last-modified: Wed, 14 Aug 2024 19:49:39 GMT
etag: "0x8DCBC9A3C0EF02F"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 13 Dec 2024 18:09:15 GMT
age: 2464826
x-served-by: cache-iad-kiad7000023-IAD, cache-lcy-eglc8600031-LCY
x-cache: HIT, HIT
x-cache-hits: 381, 4001
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 4ab6be2739cbc475c0128cb3b192cc11435e769f
content-length: 14426
GET

https://github.githubassets.com/assets/apple-touch-icon-144x144-b882e354c005.png

msedge.exe

Remote address:

185.199.110.154:443

Request

GET /assets/apple-touch-icon-144x144-b882e354c005.png HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://github.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: image/png
content-md5: NG4JRxNi8pB1EKMYEhKc0g==
last-modified: Wed, 14 Aug 2024 19:18:46 GMT
etag: "0x8DCBC95EB57AC96"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 13 Dec 2024 18:09:15 GMT
age: 40
x-served-by: cache-iad-kiad7000070-IAD, cache-lcy-eglc8600031-LCY
x-cache: HIT, HIT
x-cache-hits: 3737157, 1
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 732efb9b0966ff7a7aeda7e5b58bcc846dd8346e
content-length: 958
POST

https://api.github.com/_private/browser/stats

msedge.exe

Remote address:

20.26.156.210:443

Request

POST /_private/browser/stats HTTP/2.0
host: api.github.com
content-length: 1520
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
content-type: text/plain;charset=UTF-8
accept: */*
origin: https://github.com
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://github.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _octo=GH1.1.1226490588.1734113350
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 200

date: Fri, 13 Dec 2024 18:09:15 GMT
content-type: text/plain
content-length: 0
cache-control: no-cache
x-ratelimit-limit: 60
x-ratelimit-remaining: 60
x-ratelimit-reset: 1734116955
x-ratelimit-used: 0
x-ratelimit-resource: core
x-github-media-type: github.v3; format=json
x-github-api-version-selected: 2022-11-28
access-control-expose-headers: ETag, Link, Location, Retry-After, X-GitHub-OTP, X-RateLimit-Limit, X-RateLimit-Remaining, X-RateLimit-Used, X-RateLimit-Resource, X-RateLimit-Reset, X-OAuth-Scopes, X-Accepted-OAuth-Scopes, X-Poll-Interval, X-GitHub-Media-Type, X-GitHub-SSO, X-GitHub-Request-Id, Deprecation, Sunset
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
content-security-policy: default-src 'none'
vary: Accept-Encoding, Accept, X-Requested-With
server: github.com
x-github-request-id: C318:7303A:6ACF39:7E462B:675C784A
POST

https://api.github.com/_private/browser/stats

msedge.exe

Remote address:

20.26.156.210:443

Request

POST /_private/browser/stats HTTP/2.0
host: api.github.com
content-length: 517
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
content-type: text/plain;charset=UTF-8
accept: */*
origin: https://github.com
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://github.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _octo=GH1.1.1226490588.1734113350
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 200

date: Fri, 13 Dec 2024 18:09:18 GMT
content-type: text/plain
content-length: 0
cache-control: no-cache
x-ratelimit-limit: 60
x-ratelimit-remaining: 60
x-ratelimit-reset: 1734116958
x-ratelimit-used: 0
x-ratelimit-resource: core
x-github-media-type: github.v3; format=json
x-github-api-version-selected: 2022-11-28
access-control-expose-headers: ETag, Link, Location, Retry-After, X-GitHub-OTP, X-RateLimit-Limit, X-RateLimit-Remaining, X-RateLimit-Used, X-RateLimit-Resource, X-RateLimit-Reset, X-OAuth-Scopes, X-Accepted-OAuth-Scopes, X-Poll-Interval, X-GitHub-Media-Type, X-GitHub-SSO, X-GitHub-Request-Id, Deprecation, Sunset
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
content-security-policy: default-src 'none'
vary: Accept-Encoding, Accept, X-Requested-With
server: github.com
x-github-request-id: C318:7303A:6AD007:7E4726:675C784B
POST

https://collector.github.com/github/collect

msedge.exe

Remote address:

140.82.112.22:443

Request

POST /github/collect HTTP/2.0
host: collector.github.com
content-length: 711
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
content-type: text/plain;charset=UTF-8
accept: */*
origin: https://github.com
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://github.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _octo=GH1.1.1226490588.1734113350
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 204

date: Fri, 13 Dec 2024 18:09:16 GMT
access-control-allow-methods: POST,OPTIONS
access-control-allow-headers: Content-Type
access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: no-cache
x-runtime: 0.002778
strict-transport-security: max-age=631138519
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-github-backend: Kubernetes
x-github-request-id: C31D:1A6042:249536:2E4B24:675C784C
POST

https://collector.github.com/github/collect

msedge.exe

Remote address:

140.82.112.22:443

Request

POST /github/collect HTTP/2.0
host: collector.github.com
content-length: 1007
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
content-type: text/plain;charset=UTF-8
accept: */*
origin: https://github.com
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://github.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _octo=GH1.1.1226490588.1734113350
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 204

date: Fri, 13 Dec 2024 18:09:16 GMT
access-control-allow-methods: POST,OPTIONS
access-control-allow-headers: Content-Type
access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: no-cache
x-runtime: 0.003368
strict-transport-security: max-age=631138519
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-github-backend: Kubernetes
x-github-request-id: C31D:1A6042:249536:2E4B23:675C784C
POST

https://collector.github.com/github/collect

msedge.exe

Remote address:

140.82.112.22:443

Request

POST /github/collect HTTP/2.0
host: collector.github.com
content-length: 1423
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
content-type: text/plain;charset=UTF-8
accept: */*
origin: https://github.com
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://github.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _octo=GH1.1.1226490588.1734113350
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 204

date: Fri, 13 Dec 2024 18:09:18 GMT
access-control-allow-methods: POST,OPTIONS
access-control-allow-headers: Content-Type
access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: no-cache
x-runtime: 0.002607
strict-transport-security: max-age=631138519
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-github-backend: Kubernetes
x-github-request-id: C31D:1A6042:249870:2E4F2E:675C784C
POST

https://collector.github.com/github/collect

msedge.exe

Remote address:

140.82.112.22:443

Request

POST /github/collect HTTP/2.0
host: collector.github.com
content-length: 1046
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
content-type: text/plain;charset=UTF-8
accept: */*
origin: https://github.com
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _octo=GH1.1.1226490588.1734113350
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 204

date: Fri, 13 Dec 2024 18:10:19 GMT
access-control-allow-methods: POST,OPTIONS
access-control-allow-headers: Content-Type
access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: no-cache
x-runtime: 0.003577
strict-transport-security: max-age=631138519
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-github-backend: Kubernetes
x-github-request-id: C31D:1A6042:2505CD:2ED917:675C784E
POST

https://collector.github.com/github/collect

msedge.exe

Remote address:

140.82.112.22:443

Request

POST /github/collect HTTP/2.0
host: collector.github.com
content-length: 1354
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
content-type: text/plain;charset=UTF-8
accept: */*
origin: https://github.com
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _octo=GH1.1.1226490588.1734113350
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 204

date: Fri, 13 Dec 2024 18:10:19 GMT
access-control-allow-methods: POST,OPTIONS
access-control-allow-headers: Content-Type
access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: no-cache
x-runtime: 0.003146
strict-transport-security: max-age=631138519
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-github-backend: Kubernetes
x-github-request-id: C31D:1A6042:2505E0:2ED92E:675C788B
POST

https://collector.github.com/github/collect

msedge.exe

Remote address:

140.82.112.22:443

Request

POST /github/collect HTTP/2.0
host: collector.github.com
content-length: 1412
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
content-type: text/plain;charset=UTF-8
accept: */*
origin: https://github.com
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _octo=GH1.1.1226490588.1734113350
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 204

date: Fri, 13 Dec 2024 18:10:28 GMT
access-control-allow-methods: POST,OPTIONS
access-control-allow-headers: Content-Type
access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: no-cache
x-runtime: 0.003340
strict-transport-security: max-age=631138519
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-github-backend: Kubernetes
x-github-request-id: C31D:1A6042:251479:2EEBDA:675C788B
POST

https://collector.github.com/github/collect

msedge.exe

Remote address:

140.82.112.22:443

Request

POST /github/collect HTTP/2.0
host: collector.github.com
content-length: 1553
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
content-type: text/plain;charset=UTF-8
accept: */*
origin: https://github.com
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _octo=GH1.1.1226490588.1734113350
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 204

date: Fri, 13 Dec 2024 18:10:28 GMT
access-control-allow-methods: POST,OPTIONS
access-control-allow-headers: Content-Type
access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: no-cache
x-runtime: 0.003092
strict-transport-security: max-age=631138519
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-github-backend: Kubernetes
x-github-request-id: C31D:1A6042:2514A6:2EEC12:675C7894
POST

https://collector.github.com/github/collect

msedge.exe

Remote address:

140.82.112.22:443

Request

POST /github/collect HTTP/2.0
host: collector.github.com
content-length: 1101
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
content-type: text/plain;charset=UTF-8
accept: */*
origin: https://github.com
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/tree/master/Virus
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _octo=GH1.1.1226490588.1734113350
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 204

date: Fri, 13 Dec 2024 18:10:29 GMT
access-control-allow-methods: POST,OPTIONS
access-control-allow-headers: Content-Type
access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: no-cache
x-runtime: 0.002916
strict-transport-security: max-age=631138519
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-github-backend: Kubernetes
x-github-request-id: C31D:1A6042:2515AC:2EED63:675C7894
POST

https://collector.github.com/github/collect

msedge.exe

Remote address:

140.82.112.22:443

Request

POST /github/collect HTTP/2.0
host: collector.github.com
content-length: 1523
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
content-type: text/plain;charset=UTF-8
accept: */*
origin: https://github.com
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/tree/master/Virus
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _octo=GH1.1.1226490588.1734113350
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 204

date: Fri, 13 Dec 2024 18:10:29 GMT
access-control-allow-methods: POST,OPTIONS
access-control-allow-headers: Content-Type
access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: no-cache
x-runtime: 0.002871
strict-transport-security: max-age=631138519
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-github-backend: Kubernetes
x-github-request-id: C31D:1A6042:251635:2EEE0A:675C7895
POST

https://collector.github.com/github/collect

msedge.exe

Remote address:

140.82.112.22:443

Request

POST /github/collect HTTP/2.0
host: collector.github.com
content-length: 1137
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
content-type: text/plain;charset=UTF-8
accept: */*
origin: https://github.com
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Virus/Walker.com
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _octo=GH1.1.1226490588.1734113350
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 204

date: Fri, 13 Dec 2024 18:10:33 GMT
access-control-allow-methods: POST,OPTIONS
access-control-allow-headers: Content-Type
access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: no-cache
x-runtime: 0.003853
strict-transport-security: max-age=631138519
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-github-backend: Kubernetes
x-github-request-id: C31D:1A6042:251DDC:2EF78C:675C7895
POST

https://collector.github.com/github/collect

msedge.exe

Remote address:

140.82.112.22:443

Request

POST /github/collect HTTP/2.0
host: collector.github.com
content-length: 1141
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
content-type: text/plain;charset=UTF-8
accept: */*
origin: https://github.com
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Virus/Walker.com
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _octo=GH1.1.1226490588.1734113350
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 204

date: Fri, 13 Dec 2024 18:10:33 GMT
access-control-allow-methods: POST,OPTIONS
access-control-allow-headers: Content-Type
access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: no-cache
x-runtime: 0.002857
strict-transport-security: max-age=631138519
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-github-backend: Kubernetes
x-github-request-id: C31D:1A6042:251DE0:2EF794:675C7899
POST

https://collector.github.com/github/collect

msedge.exe

Remote address:

140.82.112.22:443

Request

POST /github/collect HTTP/2.0
host: collector.github.com
content-length: 1558
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
content-type: text/plain;charset=UTF-8
accept: */*
origin: https://github.com
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Virus/Walker.com
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _octo=GH1.1.1226490588.1734113350
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 204

date: Fri, 13 Dec 2024 18:10:33 GMT
access-control-allow-methods: POST,OPTIONS
access-control-allow-headers: Content-Type
access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: no-cache
x-runtime: 0.002491
strict-transport-security: max-age=631138519
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-github-backend: Kubernetes
x-github-request-id: C31D:1A6042:251E00:2EF7B8:675C7899
POST

https://collector.github.com/github/collect

msedge.exe

Remote address:

140.82.112.22:443

Request

POST /github/collect HTTP/2.0
host: collector.github.com
content-length: 1246
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
content-type: text/plain;charset=UTF-8
accept: */*
origin: https://github.com
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Virus/Walker.com
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _octo=GH1.1.1226490588.1734113350
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 204

date: Fri, 13 Dec 2024 18:10:56 GMT
access-control-allow-methods: POST,OPTIONS
access-control-allow-headers: Content-Type
access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: no-cache
x-runtime: 0.003074
strict-transport-security: max-age=631138519
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-github-backend: Kubernetes
x-github-request-id: C31D:1A6042:2545F7:2F2A5A:675C7899
POST

https://collector.github.com/github/collect

msedge.exe

Remote address:

140.82.112.22:443

Request

POST /github/collect HTTP/2.0
host: collector.github.com
content-length: 1158
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
content-type: text/plain;charset=UTF-8
accept: */*
origin: https://github.com
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Virus/Melissa.doc
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _octo=GH1.1.1226490588.1734113350
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 204

date: Fri, 13 Dec 2024 18:10:56 GMT
access-control-allow-methods: POST,OPTIONS
access-control-allow-headers: Content-Type
access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: no-cache
x-runtime: 0.002453
strict-transport-security: max-age=631138519
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-github-backend: Kubernetes
x-github-request-id: C31D:1A6042:2546AB:2F2B32:675C78B0
POST

https://collector.github.com/github/collect

msedge.exe

Remote address:

140.82.112.22:443

Request

POST /github/collect HTTP/2.0
host: collector.github.com
content-length: 1154
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
content-type: text/plain;charset=UTF-8
accept: */*
origin: https://github.com
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Virus/Melissa.doc
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _octo=GH1.1.1226490588.1734113350
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 204

date: Fri, 13 Dec 2024 18:10:58 GMT
access-control-allow-methods: POST,OPTIONS
access-control-allow-headers: Content-Type
access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: no-cache
x-runtime: 0.003421
strict-transport-security: max-age=631138519
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-github-backend: Kubernetes
x-github-request-id: C31D:1A6042:25490B:2F2E2C:675C78B0
POST

https://collector.github.com/github/collect

msedge.exe

Remote address:

140.82.112.22:443

Request

POST /github/collect HTTP/2.0
host: collector.github.com
content-length: 1560
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
content-type: text/plain;charset=UTF-8
accept: */*
origin: https://github.com
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Virus/Melissa.doc
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _octo=GH1.1.1226490588.1734113350
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 204

date: Fri, 13 Dec 2024 18:10:58 GMT
access-control-allow-methods: POST,OPTIONS
access-control-allow-headers: Content-Type
access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: no-cache
x-runtime: 0.129271
strict-transport-security: max-age=631138519
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-github-backend: Kubernetes
x-github-request-id: C31D:1A6042:25490B:2F2E2D:675C78B2
POST

https://collector.github.com/github/collect

msedge.exe

Remote address:

140.82.112.22:443

Request

POST /github/collect HTTP/2.0
host: collector.github.com
content-length: 1252
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
content-type: text/plain;charset=UTF-8
accept: */*
origin: https://github.com
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Virus/Melissa.doc
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _octo=GH1.1.1226490588.1734113350
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 204

date: Fri, 13 Dec 2024 18:10:58 GMT
access-control-allow-methods: POST,OPTIONS
access-control-allow-headers: Content-Type
access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: no-cache
x-runtime: 0.022873
strict-transport-security: max-age=631138519
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-github-backend: Kubernetes
x-github-request-id: C31D:1A6042:254988:2F2EC7:675C78B2
POST

https://collector.github.com/github/collect

msedge.exe

Remote address:

140.82.112.22:443

Request

POST /github/collect HTTP/2.0
host: collector.github.com
content-length: 1165
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
content-type: text/plain;charset=UTF-8
accept: */*
origin: https://github.com
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Virus/WinNuke.98.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _octo=GH1.1.1226490588.1734113350
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 204

date: Fri, 13 Dec 2024 18:10:58 GMT
access-control-allow-methods: POST,OPTIONS
access-control-allow-headers: Content-Type
access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: no-cache
x-runtime: 0.002943
strict-transport-security: max-age=631138519
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-github-backend: Kubernetes
x-github-request-id: C31D:1A6042:254A10:2F2F72:675C78B2
POST

https://collector.github.com/github/collect

msedge.exe

Remote address:

140.82.112.22:443

Request

POST /github/collect HTTP/2.0
host: collector.github.com
content-length: 1161
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
content-type: text/plain;charset=UTF-8
accept: */*
origin: https://github.com
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Virus/WinNuke.98.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _octo=GH1.1.1226490588.1734113350
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 204

date: Fri, 13 Dec 2024 18:10:58 GMT
access-control-allow-methods: POST,OPTIONS
access-control-allow-headers: Content-Type
access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: no-cache
x-runtime: 0.003681
strict-transport-security: max-age=631138519
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-github-backend: Kubernetes
x-github-request-id: C31D:1A6042:254A13:2F2F76:675C78B2
POST

https://collector.github.com/github/collect

msedge.exe

Remote address:

140.82.112.22:443

Request

POST /github/collect HTTP/2.0
host: collector.github.com
content-length: 1570
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
content-type: text/plain;charset=UTF-8
accept: */*
origin: https://github.com
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Virus/WinNuke.98.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _octo=GH1.1.1226490588.1734113350
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 204

date: Fri, 13 Dec 2024 18:10:59 GMT
access-control-allow-methods: POST,OPTIONS
access-control-allow-headers: Content-Type
access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: no-cache
x-runtime: 0.002834
strict-transport-security: max-age=631138519
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-github-backend: Kubernetes
x-github-request-id: C31D:1A6042:254ACF:2F305E:675C78B2
POST

https://collector.github.com/github/collect

msedge.exe

Remote address:

140.82.112.22:443

Request

POST /github/collect HTTP/2.0
host: collector.github.com
content-length: 1258
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
content-type: text/plain;charset=UTF-8
accept: */*
origin: https://github.com
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Virus/WinNuke.98.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _octo=GH1.1.1226490588.1734113350
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 204

date: Fri, 13 Dec 2024 18:11:32 GMT
access-control-allow-methods: POST,OPTIONS
access-control-allow-headers: Content-Type
access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: no-cache
x-runtime: 0.003107
strict-transport-security: max-age=631138519
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-github-backend: Kubernetes
x-github-request-id: C31D:1A6042:257B1E:2F702F:675C78B3
POST

https://collector.github.com/github/collect

msedge.exe

Remote address:

140.82.112.22:443

Request

POST /github/collect HTTP/2.0
host: collector.github.com
content-length: 1166
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
content-type: text/plain;charset=UTF-8
accept: */*
origin: https://github.com
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Virus/Melissa.doc
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _octo=GH1.1.1226490588.1734113350
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 204

date: Fri, 13 Dec 2024 18:11:32 GMT
access-control-allow-methods: POST,OPTIONS
access-control-allow-headers: Content-Type
access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: no-cache
x-runtime: 0.003493
strict-transport-security: max-age=631138519
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-github-backend: Kubernetes
x-github-request-id: C31D:1A6042:257B99:2F70CF:675C78D4
POST

https://collector.github.com/github/collect

msedge.exe

Remote address:

140.82.112.22:443

Request

POST /github/collect HTTP/2.0
host: collector.github.com
content-length: 1158
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
content-type: text/plain;charset=UTF-8
accept: */*
origin: https://github.com
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Virus/Melissa.doc
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _octo=GH1.1.1226490588.1734113350
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 204

date: Fri, 13 Dec 2024 18:11:32 GMT
access-control-allow-methods: POST,OPTIONS
access-control-allow-headers: Content-Type
access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: no-cache
x-runtime: 0.002230
strict-transport-security: max-age=631138519
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-github-backend: Kubernetes
x-github-request-id: C31D:1A6042:257B9F:2F70D5:675C78D4
POST

https://collector.github.com/github/collect

msedge.exe

Remote address:

140.82.112.22:443

Request

POST /github/collect HTTP/2.0
host: collector.github.com
content-length: 1560
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
content-type: text/plain;charset=UTF-8
accept: */*
origin: https://github.com
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Virus/Melissa.doc
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _octo=GH1.1.1226490588.1734113350
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 204

date: Fri, 13 Dec 2024 18:11:32 GMT
access-control-allow-methods: POST,OPTIONS
access-control-allow-headers: Content-Type
access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: no-cache
x-runtime: 0.097538
strict-transport-security: max-age=631138519
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-github-backend: Kubernetes
x-github-request-id: C31D:1A6042:257BAB:2F70EC:675C78D4
POST

https://collector.github.com/github/collect

msedge.exe

Remote address:

140.82.112.22:443

Request

POST /github/collect HTTP/2.0
host: collector.github.com
content-length: 1248
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
content-type: text/plain;charset=UTF-8
accept: */*
origin: https://github.com
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Virus/Melissa.doc
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _octo=GH1.1.1226490588.1734113350
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 204

date: Fri, 13 Dec 2024 18:11:34 GMT
access-control-allow-methods: POST,OPTIONS
access-control-allow-headers: Content-Type
access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: no-cache
x-runtime: 0.003386
strict-transport-security: max-age=631138519
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-github-backend: Kubernetes
x-github-request-id: C31D:1A6042:257E33:2F7427:675C78D4
POST

https://collector.github.com/github/collect

msedge.exe

Remote address:

140.82.112.22:443

Request

POST /github/collect HTTP/2.0
host: collector.github.com
content-length: 1161
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
content-type: text/plain;charset=UTF-8
accept: */*
origin: https://github.com
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Virus/MadMan.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _octo=GH1.1.1226490588.1734113350
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 204

date: Fri, 13 Dec 2024 18:11:34 GMT
access-control-allow-methods: POST,OPTIONS
access-control-allow-headers: Content-Type
access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: no-cache
x-runtime: 0.003064
strict-transport-security: max-age=631138519
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-github-backend: Kubernetes
x-github-request-id: C31D:1A6042:257E93:2F74A1:675C78D6
POST

https://collector.github.com/github/collect

msedge.exe

Remote address:

140.82.112.22:443

Request

POST /github/collect HTTP/2.0
host: collector.github.com
content-length: 1153
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
content-type: text/plain;charset=UTF-8
accept: */*
origin: https://github.com
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Virus/MadMan.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _octo=GH1.1.1226490588.1734113350
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 204

date: Fri, 13 Dec 2024 18:11:34 GMT
access-control-allow-methods: POST,OPTIONS
access-control-allow-headers: Content-Type
access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: no-cache
x-runtime: 0.002825
strict-transport-security: max-age=631138519
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-github-backend: Kubernetes
x-github-request-id: C31D:1A6042:257E9A:2F74A5:675C78D6
POST

https://collector.github.com/github/collect

msedge.exe

Remote address:

140.82.112.22:443

Request

POST /github/collect HTTP/2.0
host: collector.github.com
content-length: 1558
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
content-type: text/plain;charset=UTF-8
accept: */*
origin: https://github.com
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Virus/MadMan.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _octo=GH1.1.1226490588.1734113350
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 204

date: Fri, 13 Dec 2024 18:11:34 GMT
access-control-allow-methods: POST,OPTIONS
access-control-allow-headers: Content-Type
access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: no-cache
x-runtime: 0.003684
strict-transport-security: max-age=631138519
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-github-backend: Kubernetes
x-github-request-id: C31D:1A6042:257E9C:2F74A8:675C78D6
GET

https://www.bing.com/qbox?query=ra&language=en-US&pt=EdgBox&cvid=7e729d80db1740afaef3a04217b93d4b&ig=1b164951032e44f6abff29f30224f234&oit=1&cp=2&pgcl=4

msedge.exe

Remote address:

95.101.143.210:443

Request

GET /qbox?query=ra&language=en-US&pt=EdgBox&cvid=7e729d80db1740afaef3a04217b93d4b&ig=1b164951032e44f6abff29f30224f234&oit=1&cp=2&pgcl=4 HTTP/2.0
host: www.bing.com
sec-fetch-site: none
sec-fetch-mode: no-cors
sec-fetch-dest: empty
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 432
content-type: application/json; charset=utf-8
cache-control: public, max-age=300
content-encoding: br
vary: Accept-Encoding
x-eventid: 675c78523512462583fbe576fd5cbb46
useragentreductionoptout: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
content-security-policy: script-src https: 'strict-dynamic' 'report-sample' 'wasm-unsafe-eval' 'nonce-2IKxKPU/zsAtFbmztLPQxy5AZtCkGMx10ax97QPFIFs='; base-uri 'self';report-to csp-endpoint
report-to: {"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
p3p: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
date: Fri, 13 Dec 2024 18:09:22 GMT
set-cookie: MUID=32747231F4596DF13DAE6765F5A96CC9; domain=.bing.com; expires=Wed, 07-Jan-2026 18:09:22 GMT; path=/; secure; SameSite=None
set-cookie: MUIDB=32747231F4596DF13DAE6765F5A96CC9; expires=Wed, 07-Jan-2026 18:09:22 GMT; path=/; HttpOnly
set-cookie: _EDGE_S=F=1&SID=165FB406C41A65890ADBA152C5EA647F; domain=.bing.com; path=/; HttpOnly
set-cookie: _EDGE_V=1; domain=.bing.com; expires=Wed, 07-Jan-2026 18:09:22 GMT; path=/; HttpOnly
set-cookie: USRLOC=HS=1; domain=.bing.com; expires=Wed, 07-Jan-2026 18:09:22 GMT; path=/; secure; HttpOnly; SameSite=None
set-cookie: SRCHD=AF=NOFORM; domain=.bing.com; expires=Wed, 07-Jan-2026 18:09:22 GMT; path=/; secure; SameSite=None
set-cookie: SRCHUID=V=2&GUID=C67B3730E070423AB62586E03308B5C6&dmnchg=1; domain=.bing.com; expires=Wed, 07-Jan-2026 18:09:22 GMT; path=/; secure; SameSite=None
set-cookie: SRCHUSR=DOB=20241213; domain=.bing.com; expires=Wed, 07-Jan-2026 18:09:22 GMT; path=/; secure; SameSite=None
set-cookie: SRCHHPGUSR=SRCHLANG=en; domain=.bing.com; expires=Wed, 07-Jan-2026 18:09:22 GMT; path=/; secure; SameSite=None
set-cookie: _SS=SID=165FB406C41A65890ADBA152C5EA647F; domain=.bing.com; path=/; secure; SameSite=None
alt-svc: h3=":443"; ma=93600
x-cdn-traceid: 0.4c367a5c.1734113362.a7032c5
GET

https://www.bing.com/qbox?query=ran&language=en-US&pt=EdgBox&cvid=7e729d80db1740afaef3a04217b93d4b&ig=dcbfb65e26ca4677b5d35a39ad46db04&oit=1&cp=3&pgcl=4

msedge.exe

Remote address:

95.101.143.210:443

Request

GET /qbox?query=ran&language=en-US&pt=EdgBox&cvid=7e729d80db1740afaef3a04217b93d4b&ig=dcbfb65e26ca4677b5d35a39ad46db04&oit=1&cp=3&pgcl=4 HTTP/2.0
host: www.bing.com
sec-fetch-site: none
sec-fetch-mode: no-cors
sec-fetch-dest: empty
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 586
content-type: application/json; charset=utf-8
cache-control: public, max-age=300
content-encoding: br
vary: Accept-Encoding
x-eventid: 675c7852003740b2a8f1613a8e6c876c
useragentreductionoptout: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
content-security-policy: script-src https: 'strict-dynamic' 'report-sample' 'wasm-unsafe-eval' 'nonce-7M4LJ/6keDYkIT/l1kXVv1yE5UDNI0UVKD5OJQWaYrg='; base-uri 'self';report-to csp-endpoint
report-to: {"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
p3p: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
date: Fri, 13 Dec 2024 18:09:22 GMT
set-cookie: MUID=153B0D0C26D96E423D00185827A06F1D; domain=.bing.com; expires=Wed, 07-Jan-2026 18:09:22 GMT; path=/; secure; SameSite=None
set-cookie: MUIDB=153B0D0C26D96E423D00185827A06F1D; expires=Wed, 07-Jan-2026 18:09:22 GMT; path=/; HttpOnly
set-cookie: _EDGE_S=F=1&SID=370ADF89692E603F1151CADD6857617B; domain=.bing.com; path=/; HttpOnly
set-cookie: _EDGE_V=1; domain=.bing.com; expires=Wed, 07-Jan-2026 18:09:22 GMT; path=/; HttpOnly
set-cookie: USRLOC=HS=1; domain=.bing.com; expires=Wed, 07-Jan-2026 18:09:22 GMT; path=/; secure; HttpOnly; SameSite=None
set-cookie: SRCHD=AF=NOFORM; domain=.bing.com; expires=Wed, 07-Jan-2026 18:09:22 GMT; path=/; secure; SameSite=None
set-cookie: SRCHUID=V=2&GUID=5FAF30EA317B437485734CE0AD1BFF6C&dmnchg=1; domain=.bing.com; expires=Wed, 07-Jan-2026 18:09:22 GMT; path=/; secure; SameSite=None
set-cookie: SRCHUSR=DOB=20241213; domain=.bing.com; expires=Wed, 07-Jan-2026 18:09:22 GMT; path=/; secure; SameSite=None
set-cookie: SRCHHPGUSR=SRCHLANG=en; domain=.bing.com; expires=Wed, 07-Jan-2026 18:09:22 GMT; path=/; secure; SameSite=None
set-cookie: _SS=SID=370ADF89692E603F1151CADD6857617B; domain=.bing.com; path=/; secure; SameSite=None
alt-svc: h3=":443"; ma=93600
x-cdn-traceid: 0.4c367a5c.1734113362.a70335d
GET

https://www.bing.com/qbox?query=rans&language=en-US&pt=EdgBox&cvid=7e729d80db1740afaef3a04217b93d4b&ig=d3b21556effd4021b7c5965d02554d23&oit=1&cp=4&pgcl=4

msedge.exe

Remote address:

95.101.143.210:443

Request

GET /qbox?query=rans&language=en-US&pt=EdgBox&cvid=7e729d80db1740afaef3a04217b93d4b&ig=d3b21556effd4021b7c5965d02554d23&oit=1&cp=4&pgcl=4 HTTP/2.0
host: www.bing.com
sec-fetch-site: none
sec-fetch-mode: no-cors
sec-fetch-dest: empty
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 514
content-type: application/json; charset=utf-8
cache-control: public, max-age=300
content-encoding: br
vary: Accept-Encoding
x-eventid: 675c7853469d42b2bcf0792b4b2805df
useragentreductionoptout: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
content-security-policy: script-src https: 'strict-dynamic' 'report-sample' 'wasm-unsafe-eval' 'nonce-0ifqGVPgSyN5BvL8orqiBks0ViYJuCikIq1B70GtBjU='; base-uri 'self';report-to csp-endpoint
report-to: {"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
p3p: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
date: Fri, 13 Dec 2024 18:09:23 GMT
set-cookie: MUID=2375E92BF4EB6E372083FC7FF5606F28; domain=.bing.com; expires=Wed, 07-Jan-2026 18:09:23 GMT; path=/; secure; SameSite=None
set-cookie: MUIDB=2375E92BF4EB6E372083FC7FF5606F28; expires=Wed, 07-Jan-2026 18:09:23 GMT; path=/; HttpOnly
set-cookie: _EDGE_S=F=1&SID=21420425A02262491C7E1171A1A96321; domain=.bing.com; path=/; HttpOnly
set-cookie: _EDGE_V=1; domain=.bing.com; expires=Wed, 07-Jan-2026 18:09:23 GMT; path=/; HttpOnly
set-cookie: USRLOC=HS=1; domain=.bing.com; expires=Wed, 07-Jan-2026 18:09:23 GMT; path=/; secure; HttpOnly; SameSite=None
set-cookie: SRCHD=AF=NOFORM; domain=.bing.com; expires=Wed, 07-Jan-2026 18:09:23 GMT; path=/; secure; SameSite=None
set-cookie: SRCHUID=V=2&GUID=1B4B06A493064F26AB81596106EDB208&dmnchg=1; domain=.bing.com; expires=Wed, 07-Jan-2026 18:09:23 GMT; path=/; secure; SameSite=None
set-cookie: SRCHUSR=DOB=20241213; domain=.bing.com; expires=Wed, 07-Jan-2026 18:09:23 GMT; path=/; secure; SameSite=None
set-cookie: SRCHHPGUSR=SRCHLANG=en; domain=.bing.com; expires=Wed, 07-Jan-2026 18:09:23 GMT; path=/; secure; SameSite=None
set-cookie: _SS=SID=21420425A02262491C7E1171A1A96321; domain=.bing.com; path=/; secure; SameSite=None
alt-svc: h3=":443"; ma=93600
x-cdn-traceid: 0.4c367a5c.1734113363.a7033d5
GET

https://www.bing.com/qbox?query=ranso&language=en-US&pt=EdgBox&cvid=7e729d80db1740afaef3a04217b93d4b&ig=36aec78b1da543219484c472d33c61fc&oit=1&cp=5&pgcl=4

msedge.exe

Remote address:

95.101.143.210:443

Request

GET /qbox?query=ranso&language=en-US&pt=EdgBox&cvid=7e729d80db1740afaef3a04217b93d4b&ig=36aec78b1da543219484c472d33c61fc&oit=1&cp=5&pgcl=4 HTTP/2.0
host: www.bing.com
sec-fetch-site: none
sec-fetch-mode: no-cors
sec-fetch-dest: empty
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 366
content-type: application/json; charset=utf-8
cache-control: public, max-age=300
content-encoding: br
vary: Accept-Encoding
x-eventid: 675c78537b2f4dc9a90eef8fd6ee1ae1
useragentreductionoptout: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
content-security-policy: script-src https: 'strict-dynamic' 'report-sample' 'wasm-unsafe-eval' 'nonce-TJswpZ98BUAS53sDmmafVeHpbJXTIS8V4vBMw/J0t7I='; base-uri 'self';report-to csp-endpoint
report-to: {"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
p3p: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
date: Fri, 13 Dec 2024 18:09:23 GMT
set-cookie: MUID=21C175F87CF66623107C60AC7D2F675F; domain=.bing.com; expires=Wed, 07-Jan-2026 18:09:23 GMT; path=/; secure; SameSite=None
set-cookie: MUIDB=21C175F87CF66623107C60AC7D2F675F; expires=Wed, 07-Jan-2026 18:09:23 GMT; path=/; HttpOnly
set-cookie: _EDGE_S=F=1&SID=292ABDD94EE86B2819A2A88D4F316A86; domain=.bing.com; path=/; HttpOnly
set-cookie: _EDGE_V=1; domain=.bing.com; expires=Wed, 07-Jan-2026 18:09:23 GMT; path=/; HttpOnly
set-cookie: USRLOC=HS=1; domain=.bing.com; expires=Wed, 07-Jan-2026 18:09:23 GMT; path=/; secure; HttpOnly; SameSite=None
set-cookie: SRCHD=AF=NOFORM; domain=.bing.com; expires=Wed, 07-Jan-2026 18:09:23 GMT; path=/; secure; SameSite=None
set-cookie: SRCHUID=V=2&GUID=C27855844C954B4F85A994324DF5E056&dmnchg=1; domain=.bing.com; expires=Wed, 07-Jan-2026 18:09:23 GMT; path=/; secure; SameSite=None
set-cookie: SRCHUSR=DOB=20241213; domain=.bing.com; expires=Wed, 07-Jan-2026 18:09:23 GMT; path=/; secure; SameSite=None
set-cookie: SRCHHPGUSR=SRCHLANG=en; domain=.bing.com; expires=Wed, 07-Jan-2026 18:09:23 GMT; path=/; secure; SameSite=None
set-cookie: _SS=SID=292ABDD94EE86B2819A2A88D4F316A86; domain=.bing.com; path=/; secure; SameSite=None
alt-svc: h3=":443"; ma=93600
x-cdn-traceid: 0.4c367a5c.1734113363.a70355f
GET

https://www.bing.com/qbox?query=ransom&language=en-US&pt=EdgBox&cvid=7e729d80db1740afaef3a04217b93d4b&ig=23654dca198f41e1a241d7b2486882ff&oit=1&cp=6&pgcl=4

msedge.exe

Remote address:

95.101.143.210:443

Request

GET /qbox?query=ransom&language=en-US&pt=EdgBox&cvid=7e729d80db1740afaef3a04217b93d4b&ig=23654dca198f41e1a241d7b2486882ff&oit=1&cp=6&pgcl=4 HTTP/2.0
host: www.bing.com
sec-fetch-site: none
sec-fetch-mode: no-cors
sec-fetch-dest: empty
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 373
content-type: application/json; charset=utf-8
cache-control: public, max-age=300
content-encoding: br
vary: Accept-Encoding
x-eventid: 675c78534c294dc6a3b78217cf43a9b7
useragentreductionoptout: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
content-security-policy: script-src https: 'strict-dynamic' 'report-sample' 'wasm-unsafe-eval' 'nonce-manJRD8U9kj9Ge0SUNsfNXE3++QB8C6I/QDLv0sUeYM='; base-uri 'self';report-to csp-endpoint
report-to: {"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
p3p: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
date: Fri, 13 Dec 2024 18:09:23 GMT
set-cookie: MUID=209AE21892AD63D613C0F74C93E662B9; domain=.bing.com; expires=Wed, 07-Jan-2026 18:09:23 GMT; path=/; secure; SameSite=None
set-cookie: MUIDB=209AE21892AD63D613C0F74C93E662B9; expires=Wed, 07-Jan-2026 18:09:23 GMT; path=/; HttpOnly
set-cookie: _EDGE_S=F=1&SID=27A760EE29DF6E421A0175BA28946F2F; domain=.bing.com; path=/; HttpOnly
set-cookie: _EDGE_V=1; domain=.bing.com; expires=Wed, 07-Jan-2026 18:09:23 GMT; path=/; HttpOnly
set-cookie: USRLOC=HS=1; domain=.bing.com; expires=Wed, 07-Jan-2026 18:09:23 GMT; path=/; secure; HttpOnly; SameSite=None
set-cookie: SRCHD=AF=NOFORM; domain=.bing.com; expires=Wed, 07-Jan-2026 18:09:23 GMT; path=/; secure; SameSite=None
set-cookie: SRCHUID=V=2&GUID=38016A0B11F3476F811A0C6065F1CB07&dmnchg=1; domain=.bing.com; expires=Wed, 07-Jan-2026 18:09:23 GMT; path=/; secure; SameSite=None
set-cookie: SRCHUSR=DOB=20241213; domain=.bing.com; expires=Wed, 07-Jan-2026 18:09:23 GMT; path=/; secure; SameSite=None
set-cookie: SRCHHPGUSR=SRCHLANG=en; domain=.bing.com; expires=Wed, 07-Jan-2026 18:09:23 GMT; path=/; secure; SameSite=None
set-cookie: _SS=SID=27A760EE29DF6E421A0175BA28946F2F; domain=.bing.com; path=/; secure; SameSite=None
alt-svc: h3=":443"; ma=93600
x-cdn-traceid: 0.4c367a5c.1734113363.a703666
GET

https://www.bing.com/qbox?query=ransomw&language=en-US&pt=EdgBox&cvid=7e729d80db1740afaef3a04217b93d4b&ig=34a7fa711af04c079b594a2c20bb1b88&oit=1&cp=7&pgcl=4

msedge.exe

Remote address:

95.101.143.210:443

Request

GET /qbox?query=ransomw&language=en-US&pt=EdgBox&cvid=7e729d80db1740afaef3a04217b93d4b&ig=34a7fa711af04c079b594a2c20bb1b88&oit=1&cp=7&pgcl=4 HTTP/2.0
host: www.bing.com
sec-fetch-site: none
sec-fetch-mode: no-cors
sec-fetch-dest: empty
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 327
content-type: application/json; charset=utf-8
cache-control: public, max-age=300
content-encoding: br
vary: Accept-Encoding
x-eventid: 675c7854d3a7471bbc0c4d6750aaa9f6
useragentreductionoptout: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
content-security-policy: script-src https: 'strict-dynamic' 'report-sample' 'wasm-unsafe-eval' 'nonce-Q1iFQqkvmAdQ/n6/4I5+IBZdcM/GRaukCs/7/fmkwns='; base-uri 'self';report-to csp-endpoint
report-to: {"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
p3p: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
date: Fri, 13 Dec 2024 18:09:24 GMT
set-cookie: MUID=2A0A4BB1E64765A427445EE5E72B643C; domain=.bing.com; expires=Wed, 07-Jan-2026 18:09:24 GMT; path=/; secure; SameSite=None
set-cookie: MUIDB=2A0A4BB1E64765A427445EE5E72B643C; expires=Wed, 07-Jan-2026 18:09:24 GMT; path=/; HttpOnly
set-cookie: _EDGE_S=F=1&SID=0367C6AE95196DDD2E1BD3FA94756C8B; domain=.bing.com; path=/; HttpOnly
set-cookie: _EDGE_V=1; domain=.bing.com; expires=Wed, 07-Jan-2026 18:09:24 GMT; path=/; HttpOnly
set-cookie: USRLOC=HS=1; domain=.bing.com; expires=Wed, 07-Jan-2026 18:09:24 GMT; path=/; secure; HttpOnly; SameSite=None
set-cookie: SRCHD=AF=NOFORM; domain=.bing.com; expires=Wed, 07-Jan-2026 18:09:24 GMT; path=/; secure; SameSite=None
set-cookie: SRCHUID=V=2&GUID=AB935AAB407E4DDDA4582FDFA0B18C36&dmnchg=1; domain=.bing.com; expires=Wed, 07-Jan-2026 18:09:24 GMT; path=/; secure; SameSite=None
set-cookie: SRCHUSR=DOB=20241213; domain=.bing.com; expires=Wed, 07-Jan-2026 18:09:24 GMT; path=/; secure; SameSite=None
set-cookie: SRCHHPGUSR=SRCHLANG=en; domain=.bing.com; expires=Wed, 07-Jan-2026 18:09:24 GMT; path=/; secure; SameSite=None
set-cookie: _SS=SID=0367C6AE95196DDD2E1BD3FA94756C8B; domain=.bing.com; path=/; secure; SameSite=None
alt-svc: h3=":443"; ma=93600
x-cdn-traceid: 0.4c367a5c.1734113364.a703a80
GET

https://www.bing.com/qbox?query=ransomwa&language=en-US&pt=EdgBox&cvid=7e729d80db1740afaef3a04217b93d4b&ig=539f69d432fe4bf888be9ee7397380df&oit=1&cp=8&pgcl=4

msedge.exe

Remote address:

95.101.143.210:443

Request

GET /qbox?query=ransomwa&language=en-US&pt=EdgBox&cvid=7e729d80db1740afaef3a04217b93d4b&ig=539f69d432fe4bf888be9ee7397380df&oit=1&cp=8&pgcl=4 HTTP/2.0
host: www.bing.com
sec-fetch-site: none
sec-fetch-mode: no-cors
sec-fetch-dest: empty
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 288
content-type: application/json; charset=utf-8
cache-control: public, max-age=300
content-encoding: br
vary: Accept-Encoding
x-eventid: 675c78549729438cacac361fa885aa22
useragentreductionoptout: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
content-security-policy: script-src https: 'strict-dynamic' 'report-sample' 'wasm-unsafe-eval' 'nonce-p4W2JveQBLbDi//Kq8oNhg7cwQOAkQgi7fZM3MCQgCE='; base-uri 'self';report-to csp-endpoint
report-to: {"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
p3p: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
date: Fri, 13 Dec 2024 18:09:24 GMT
set-cookie: MUID=28F48BCA8A226C3A15D29E9E8BC66D4F; domain=.bing.com; expires=Wed, 07-Jan-2026 18:09:24 GMT; path=/; secure; SameSite=None
set-cookie: MUIDB=28F48BCA8A226C3A15D29E9E8BC66D4F; expires=Wed, 07-Jan-2026 18:09:24 GMT; path=/; HttpOnly
set-cookie: _EDGE_S=F=1&SID=3F5840B9AB306B393A1255EDAAD46A94; domain=.bing.com; path=/; HttpOnly
set-cookie: _EDGE_V=1; domain=.bing.com; expires=Wed, 07-Jan-2026 18:09:24 GMT; path=/; HttpOnly
set-cookie: USRLOC=HS=1; domain=.bing.com; expires=Wed, 07-Jan-2026 18:09:24 GMT; path=/; secure; HttpOnly; SameSite=None
set-cookie: SRCHD=AF=NOFORM; domain=.bing.com; expires=Wed, 07-Jan-2026 18:09:24 GMT; path=/; secure; SameSite=None
set-cookie: SRCHUID=V=2&GUID=08784383BB224496B1C623BDC26941B7&dmnchg=1; domain=.bing.com; expires=Wed, 07-Jan-2026 18:09:24 GMT; path=/; secure; SameSite=None
set-cookie: SRCHUSR=DOB=20241213; domain=.bing.com; expires=Wed, 07-Jan-2026 18:09:24 GMT; path=/; secure; SameSite=None
set-cookie: SRCHHPGUSR=SRCHLANG=en; domain=.bing.com; expires=Wed, 07-Jan-2026 18:09:24 GMT; path=/; secure; SameSite=None
set-cookie: _SS=SID=3F5840B9AB306B393A1255EDAAD46A94; domain=.bing.com; path=/; secure; SameSite=None
alt-svc: h3=":443"; ma=93600
x-cdn-traceid: 0.4c367a5c.1734113364.a703b6d
GET

https://www.bing.com/qbox?query=ransomwar&language=en-US&pt=EdgBox&cvid=7e729d80db1740afaef3a04217b93d4b&ig=5eeb321289324a3ea30c9210f2169a49&oit=1&cp=9&pgcl=4

msedge.exe

Remote address:

95.101.143.210:443

Request

GET /qbox?query=ransomwar&language=en-US&pt=EdgBox&cvid=7e729d80db1740afaef3a04217b93d4b&ig=5eeb321289324a3ea30c9210f2169a49&oit=1&cp=9&pgcl=4 HTTP/2.0
host: www.bing.com
sec-fetch-site: none
sec-fetch-mode: no-cors
sec-fetch-dest: empty
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 286
content-type: application/json; charset=utf-8
cache-control: public, max-age=300
content-encoding: br
vary: Accept-Encoding
x-eventid: 675c7854195e4a00a197154198205b34
useragentreductionoptout: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
content-security-policy: script-src https: 'strict-dynamic' 'report-sample' 'wasm-unsafe-eval' 'nonce-wpKvUoy5SV5FCyU0Rtu1uLKUx9J74KkFRUzO/yPOGGQ='; base-uri 'self';report-to csp-endpoint
report-to: {"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
p3p: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
date: Fri, 13 Dec 2024 18:09:24 GMT
set-cookie: MUID=244B161C1C08642205BD03481D0965EC; domain=.bing.com; expires=Wed, 07-Jan-2026 18:09:24 GMT; path=/; secure; SameSite=None
set-cookie: MUIDB=244B161C1C08642205BD03481D0965EC; expires=Wed, 07-Jan-2026 18:09:24 GMT; path=/; HttpOnly
set-cookie: _EDGE_S=F=1&SID=39BEF776C82E6C890E37E222C92F6DF2; domain=.bing.com; path=/; HttpOnly
set-cookie: _EDGE_V=1; domain=.bing.com; expires=Wed, 07-Jan-2026 18:09:24 GMT; path=/; HttpOnly
set-cookie: USRLOC=HS=1; domain=.bing.com; expires=Wed, 07-Jan-2026 18:09:24 GMT; path=/; secure; HttpOnly; SameSite=None
set-cookie: SRCHD=AF=NOFORM; domain=.bing.com; expires=Wed, 07-Jan-2026 18:09:24 GMT; path=/; secure; SameSite=None
set-cookie: SRCHUID=V=2&GUID=5B9BCDB7665F44CC872BDED2FD51D356&dmnchg=1; domain=.bing.com; expires=Wed, 07-Jan-2026 18:09:24 GMT; path=/; secure; SameSite=None
set-cookie: SRCHUSR=DOB=20241213; domain=.bing.com; expires=Wed, 07-Jan-2026 18:09:24 GMT; path=/; secure; SameSite=None
set-cookie: SRCHHPGUSR=SRCHLANG=en; domain=.bing.com; expires=Wed, 07-Jan-2026 18:09:24 GMT; path=/; secure; SameSite=None
set-cookie: _SS=SID=39BEF776C82E6C890E37E222C92F6DF2; domain=.bing.com; path=/; secure; SameSite=None
alt-svc: h3=":443"; ma=93600
x-cdn-traceid: 0.4c367a5c.1734113364.a703be5
GET

https://www.bing.com/qbox?query=ransomware&language=en-US&pt=EdgBox&cvid=7e729d80db1740afaef3a04217b93d4b&ig=acdc0dc7b1e543c29b44a856f729792f&oit=1&cp=10&pgcl=4

msedge.exe

Remote address:

95.101.143.210:443

Request

GET /qbox?query=ransomware&language=en-US&pt=EdgBox&cvid=7e729d80db1740afaef3a04217b93d4b&ig=acdc0dc7b1e543c29b44a856f729792f&oit=1&cp=10&pgcl=4 HTTP/2.0
host: www.bing.com
sec-fetch-site: none
sec-fetch-mode: no-cors
sec-fetch-dest: empty
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 284
content-type: application/json; charset=utf-8
cache-control: public, max-age=300
content-encoding: br
vary: Accept-Encoding
x-eventid: 675c7854954c468185024673e4a106d4
useragentreductionoptout: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
content-security-policy: script-src https: 'strict-dynamic' 'report-sample' 'wasm-unsafe-eval' 'nonce-I2c+be2XBOyKctWxQBNs1ngdUw71OGD6MnOTsDWD7s0='; base-uri 'self';report-to csp-endpoint
report-to: {"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
p3p: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
date: Fri, 13 Dec 2024 18:09:25 GMT
set-cookie: MUID=06F6A4E8D0A064BD3D47B1BCD13C65B1; domain=.bing.com; expires=Wed, 07-Jan-2026 18:09:25 GMT; path=/; secure; SameSite=None
set-cookie: MUIDB=06F6A4E8D0A064BD3D47B1BCD13C65B1; expires=Wed, 07-Jan-2026 18:09:25 GMT; path=/; HttpOnly
set-cookie: _EDGE_S=F=1&SID=11AD610B4BF662D838AF745F4A6A630F; domain=.bing.com; path=/; HttpOnly
set-cookie: _EDGE_V=1; domain=.bing.com; expires=Wed, 07-Jan-2026 18:09:25 GMT; path=/; HttpOnly
set-cookie: USRLOC=HS=1; domain=.bing.com; expires=Wed, 07-Jan-2026 18:09:25 GMT; path=/; secure; HttpOnly; SameSite=None
set-cookie: SRCHD=AF=NOFORM; domain=.bing.com; expires=Wed, 07-Jan-2026 18:09:25 GMT; path=/; secure; SameSite=None
set-cookie: SRCHUID=V=2&GUID=DA1EFF3A53424CF8BF05FA7269BEBF2E&dmnchg=1; domain=.bing.com; expires=Wed, 07-Jan-2026 18:09:25 GMT; path=/; secure; SameSite=None
set-cookie: SRCHUSR=DOB=20241213; domain=.bing.com; expires=Wed, 07-Jan-2026 18:09:25 GMT; path=/; secure; SameSite=None
set-cookie: SRCHHPGUSR=SRCHLANG=en; domain=.bing.com; expires=Wed, 07-Jan-2026 18:09:25 GMT; path=/; secure; SameSite=None
set-cookie: _SS=SID=11AD610B4BF662D838AF745F4A6A630F; domain=.bing.com; path=/; secure; SameSite=None
alt-svc: h3=":443"; ma=93600
x-cdn-traceid: 0.4c367a5c.1734113364.a703c51
GET

https://www.bing.com/qbox?query=ransomware+&language=en-US&pt=EdgBox&cvid=7e729d80db1740afaef3a04217b93d4b&ig=f2377acffc1f48beb65b47860f35d831&oit=1&cp=11&pgcl=4

msedge.exe

Remote address:

95.101.143.210:443

Request

GET /qbox?query=ransomware+&language=en-US&pt=EdgBox&cvid=7e729d80db1740afaef3a04217b93d4b&ig=f2377acffc1f48beb65b47860f35d831&oit=1&cp=11&pgcl=4 HTTP/2.0
host: www.bing.com
sec-fetch-site: none
sec-fetch-mode: no-cors
sec-fetch-dest: empty
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 293
content-type: application/json; charset=utf-8
cache-control: public, max-age=300
content-encoding: br
vary: Accept-Encoding
x-eventid: 675c78553a9c460a8a70229a2e3ef029
useragentreductionoptout: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
content-security-policy: script-src https: 'strict-dynamic' 'report-sample' 'wasm-unsafe-eval' 'nonce-6FaSnyx6UREWHX9WC8KT3Cue2STF7SdB4RpDEtDH910='; base-uri 'self';report-to csp-endpoint
report-to: {"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
p3p: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
date: Fri, 13 Dec 2024 18:09:25 GMT
set-cookie: MUID=1486F85244E162CD2ECCED0645A763A0; domain=.bing.com; expires=Wed, 07-Jan-2026 18:09:25 GMT; path=/; secure; SameSite=None
set-cookie: MUIDB=1486F85244E162CD2ECCED0645A763A0; expires=Wed, 07-Jan-2026 18:09:25 GMT; path=/; HttpOnly
set-cookie: _EDGE_S=F=1&SID=2A5A7ACADEC4677E071E6F9EDF82660F; domain=.bing.com; path=/; HttpOnly
set-cookie: _EDGE_V=1; domain=.bing.com; expires=Wed, 07-Jan-2026 18:09:25 GMT; path=/; HttpOnly
set-cookie: USRLOC=HS=1; domain=.bing.com; expires=Wed, 07-Jan-2026 18:09:25 GMT; path=/; secure; HttpOnly; SameSite=None
set-cookie: SRCHD=AF=NOFORM; domain=.bing.com; expires=Wed, 07-Jan-2026 18:09:25 GMT; path=/; secure; SameSite=None
set-cookie: SRCHUID=V=2&GUID=91CC134AE7024A6C82BCA22F370C62DF&dmnchg=1; domain=.bing.com; expires=Wed, 07-Jan-2026 18:09:25 GMT; path=/; secure; SameSite=None
set-cookie: SRCHUSR=DOB=20241213; domain=.bing.com; expires=Wed, 07-Jan-2026 18:09:25 GMT; path=/; secure; SameSite=None
set-cookie: SRCHHPGUSR=SRCHLANG=en; domain=.bing.com; expires=Wed, 07-Jan-2026 18:09:25 GMT; path=/; secure; SameSite=None
set-cookie: _SS=SID=2A5A7ACADEC4677E071E6F9EDF82660F; domain=.bing.com; path=/; secure; SameSite=None
alt-svc: h3=":443"; ma=93600
x-cdn-traceid: 0.4c367a5c.1734113365.a703ca4
GET

https://www.bing.com/qbox?query=ransomware+d&language=en-US&pt=EdgBox&cvid=7e729d80db1740afaef3a04217b93d4b&ig=8a21e6d537d84d3d9ad8395fd7ffe32d&oit=4&cp=12&pgcl=4

msedge.exe

Remote address:

95.101.143.210:443

Request

GET /qbox?query=ransomware+d&language=en-US&pt=EdgBox&cvid=7e729d80db1740afaef3a04217b93d4b&ig=8a21e6d537d84d3d9ad8395fd7ffe32d&oit=4&cp=12&pgcl=4 HTTP/2.0
host: www.bing.com
sec-fetch-site: none
sec-fetch-mode: no-cors
sec-fetch-dest: empty
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 303
content-type: application/json; charset=utf-8
cache-control: public, max-age=300
content-encoding: br
vary: Accept-Encoding
x-eventid: 675c7855ab874d43b0b784a623f5cbcb
useragentreductionoptout: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
content-security-policy: script-src https: 'strict-dynamic' 'report-sample' 'wasm-unsafe-eval' 'nonce-lP+NWZdkIRrB680cXXyFZ4oJ0WYLqzATOHKDgBGkwyc='; base-uri 'self';report-to csp-endpoint
report-to: {"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
p3p: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
date: Fri, 13 Dec 2024 18:09:25 GMT
set-cookie: MUID=3DDE2687CE4B67832BC633D3CFCD6669; domain=.bing.com; expires=Wed, 07-Jan-2026 18:09:25 GMT; path=/; secure; SameSite=None
set-cookie: MUIDB=3DDE2687CE4B67832BC633D3CFCD6669; expires=Wed, 07-Jan-2026 18:09:25 GMT; path=/; HttpOnly
set-cookie: _EDGE_S=F=1&SID=0F5FB986DF2D6AD329ADACD2DEAB6B2C; domain=.bing.com; path=/; HttpOnly
set-cookie: _EDGE_V=1; domain=.bing.com; expires=Wed, 07-Jan-2026 18:09:25 GMT; path=/; HttpOnly
set-cookie: USRLOC=HS=1; domain=.bing.com; expires=Wed, 07-Jan-2026 18:09:25 GMT; path=/; secure; HttpOnly; SameSite=None
set-cookie: SRCHD=AF=NOFORM; domain=.bing.com; expires=Wed, 07-Jan-2026 18:09:25 GMT; path=/; secure; SameSite=None
set-cookie: SRCHUID=V=2&GUID=2D9891612DF9464F99736344FEEF4917&dmnchg=1; domain=.bing.com; expires=Wed, 07-Jan-2026 18:09:25 GMT; path=/; secure; SameSite=None
set-cookie: SRCHUSR=DOB=20241213; domain=.bing.com; expires=Wed, 07-Jan-2026 18:09:25 GMT; path=/; secure; SameSite=None
set-cookie: SRCHHPGUSR=SRCHLANG=en; domain=.bing.com; expires=Wed, 07-Jan-2026 18:09:25 GMT; path=/; secure; SameSite=None
set-cookie: _SS=SID=0F5FB986DF2D6AD329ADACD2DEAB6B2C; domain=.bing.com; path=/; secure; SameSite=None
alt-svc: h3=":443"; ma=93600
x-cdn-traceid: 0.4c367a5c.1734113365.a703d5d
GET

https://www.bing.com/qbox?query=ransomware+do&language=en-US&pt=EdgBox&cvid=7e729d80db1740afaef3a04217b93d4b&ig=4f72dba0de144fd3ac2020f52a2d68c1&oit=4&cp=13&pgcl=4

msedge.exe

Remote address:

95.101.143.210:443

Request

GET /qbox?query=ransomware+do&language=en-US&pt=EdgBox&cvid=7e729d80db1740afaef3a04217b93d4b&ig=4f72dba0de144fd3ac2020f52a2d68c1&oit=4&cp=13&pgcl=4 HTTP/2.0
host: www.bing.com
sec-fetch-site: none
sec-fetch-mode: no-cors
sec-fetch-dest: empty
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 300
content-type: application/json; charset=utf-8
cache-control: public, max-age=300
content-encoding: br
vary: Accept-Encoding
x-eventid: 675c78556b904358baf12c230775cb02
useragentreductionoptout: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
content-security-policy: script-src https: 'strict-dynamic' 'report-sample' 'wasm-unsafe-eval' 'nonce-a3LnkTcREFGy0rw11yHnN/zuvgeCmMdv/5+GPegx2Og='; base-uri 'self';report-to csp-endpoint
report-to: {"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
p3p: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
date: Fri, 13 Dec 2024 18:09:25 GMT
set-cookie: MUID=028F701F4F2260341ED6654B4E76616D; domain=.bing.com; expires=Wed, 07-Jan-2026 18:09:25 GMT; path=/; secure; SameSite=None
set-cookie: MUIDB=028F701F4F2260341ED6654B4E76616D; expires=Wed, 07-Jan-2026 18:09:25 GMT; path=/; HttpOnly
set-cookie: _EDGE_S=F=1&SID=098FB2D99BF56D7D31E3A78D9AA16C7D; domain=.bing.com; path=/; HttpOnly
set-cookie: _EDGE_V=1; domain=.bing.com; expires=Wed, 07-Jan-2026 18:09:25 GMT; path=/; HttpOnly
set-cookie: USRLOC=HS=1; domain=.bing.com; expires=Wed, 07-Jan-2026 18:09:25 GMT; path=/; secure; HttpOnly; SameSite=None
set-cookie: SRCHD=AF=NOFORM; domain=.bing.com; expires=Wed, 07-Jan-2026 18:09:25 GMT; path=/; secure; SameSite=None
set-cookie: SRCHUID=V=2&GUID=2D4DB88B77DE45F4826A3B83DBACA48C&dmnchg=1; domain=.bing.com; expires=Wed, 07-Jan-2026 18:09:25 GMT; path=/; secure; SameSite=None
set-cookie: SRCHUSR=DOB=20241213; domain=.bing.com; expires=Wed, 07-Jan-2026 18:09:25 GMT; path=/; secure; SameSite=None
set-cookie: SRCHHPGUSR=SRCHLANG=en; domain=.bing.com; expires=Wed, 07-Jan-2026 18:09:25 GMT; path=/; secure; SameSite=None
set-cookie: _SS=SID=098FB2D99BF56D7D31E3A78D9AA16C7D; domain=.bing.com; path=/; secure; SameSite=None
alt-svc: h3=":443"; ma=93600
x-cdn-traceid: 0.4c367a5c.1734113365.a703daf
GET

https://www.bing.com/qbox?query=ransomware+dow&language=en-US&pt=EdgBox&cvid=7e729d80db1740afaef3a04217b93d4b&ig=72f0540b051641288e185ad9c2e3673f&oit=4&cp=14&pgcl=4

msedge.exe

Remote address:

95.101.143.210:443

Request

GET /qbox?query=ransomware+dow&language=en-US&pt=EdgBox&cvid=7e729d80db1740afaef3a04217b93d4b&ig=72f0540b051641288e185ad9c2e3673f&oit=4&cp=14&pgcl=4 HTTP/2.0
host: www.bing.com
sec-fetch-site: none
sec-fetch-mode: no-cors
sec-fetch-dest: empty
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 276
content-type: application/json; charset=utf-8
cache-control: public, max-age=300
content-encoding: br
vary: Accept-Encoding
x-eventid: 675c785585154b158f600d2eed2beea3
useragentreductionoptout: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
content-security-policy: script-src https: 'strict-dynamic' 'report-sample' 'wasm-unsafe-eval' 'nonce-vZ7GZEwQ48q1o85r9xawV+mMSFgwPKL8J3tNGM9JMFc='; base-uri 'self';report-to csp-endpoint
report-to: {"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
p3p: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
date: Fri, 13 Dec 2024 18:09:25 GMT
set-cookie: MUID=181C15EA745D68AE230F00BE75416941; domain=.bing.com; expires=Wed, 07-Jan-2026 18:09:25 GMT; path=/; secure; SameSite=None
set-cookie: MUIDB=181C15EA745D68AE230F00BE75416941; expires=Wed, 07-Jan-2026 18:09:25 GMT; path=/; HttpOnly
set-cookie: _EDGE_S=F=1&SID=344B535FDA4F679A0B80460BDB536676; domain=.bing.com; path=/; HttpOnly
set-cookie: _EDGE_V=1; domain=.bing.com; expires=Wed, 07-Jan-2026 18:09:25 GMT; path=/; HttpOnly
set-cookie: USRLOC=HS=1; domain=.bing.com; expires=Wed, 07-Jan-2026 18:09:25 GMT; path=/; secure; HttpOnly; SameSite=None
set-cookie: SRCHD=AF=NOFORM; domain=.bing.com; expires=Wed, 07-Jan-2026 18:09:25 GMT; path=/; secure; SameSite=None
set-cookie: SRCHUID=V=2&GUID=E3CB273BB7404113A4A8A7091EFCCD07&dmnchg=1; domain=.bing.com; expires=Wed, 07-Jan-2026 18:09:25 GMT; path=/; secure; SameSite=None
set-cookie: SRCHUSR=DOB=20241213; domain=.bing.com; expires=Wed, 07-Jan-2026 18:09:25 GMT; path=/; secure; SameSite=None
set-cookie: SRCHHPGUSR=SRCHLANG=en; domain=.bing.com; expires=Wed, 07-Jan-2026 18:09:25 GMT; path=/; secure; SameSite=None
set-cookie: _SS=SID=344B535FDA4F679A0B80460BDB536676; domain=.bing.com; path=/; secure; SameSite=None
alt-svc: h3=":443"; ma=93600
x-cdn-traceid: 0.4c367a5c.1734113365.a703e24
GET

https://www.bing.com/qbox?query=ransomware+down&language=en-US&pt=EdgBox&cvid=7e729d80db1740afaef3a04217b93d4b&ig=a02d84e9efbe4419909c4b88e1a2d0ff&oit=4&cp=15&pgcl=4

msedge.exe

Remote address:

95.101.143.210:443

Request

GET /qbox?query=ransomware+down&language=en-US&pt=EdgBox&cvid=7e729d80db1740afaef3a04217b93d4b&ig=a02d84e9efbe4419909c4b88e1a2d0ff&oit=4&cp=15&pgcl=4 HTTP/2.0
host: www.bing.com
sec-fetch-site: none
sec-fetch-mode: no-cors
sec-fetch-dest: empty
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 278
content-type: application/json; charset=utf-8
cache-control: public, max-age=300
content-encoding: br
vary: Accept-Encoding
x-eventid: 675c7855a2224b768112de510ee670e7
useragentreductionoptout: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
content-security-policy: script-src https: 'strict-dynamic' 'report-sample' 'wasm-unsafe-eval' 'nonce-XVUpYeRhHrmHL7qSVV7DLXLmqRodnktW00koJFHAvj4='; base-uri 'self';report-to csp-endpoint
report-to: {"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
p3p: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
date: Fri, 13 Dec 2024 18:09:25 GMT
set-cookie: MUID=02856F9ECAF96A7F27BD7ACACBA06B1E; domain=.bing.com; expires=Wed, 07-Jan-2026 18:09:25 GMT; path=/; secure; SameSite=None
set-cookie: MUIDB=02856F9ECAF96A7F27BD7ACACBA06B1E; expires=Wed, 07-Jan-2026 18:09:25 GMT; path=/; HttpOnly
set-cookie: _EDGE_S=F=1&SID=049EFAF794C761E43421EFA3959E6002; domain=.bing.com; path=/; HttpOnly
set-cookie: _EDGE_V=1; domain=.bing.com; expires=Wed, 07-Jan-2026 18:09:25 GMT; path=/; HttpOnly
set-cookie: USRLOC=HS=1; domain=.bing.com; expires=Wed, 07-Jan-2026 18:09:25 GMT; path=/; secure; HttpOnly; SameSite=None
set-cookie: SRCHD=AF=NOFORM; domain=.bing.com; expires=Wed, 07-Jan-2026 18:09:25 GMT; path=/; secure; SameSite=None
set-cookie: SRCHUID=V=2&GUID=45158D8F060D4C1DB1C7DF690DA900F4&dmnchg=1; domain=.bing.com; expires=Wed, 07-Jan-2026 18:09:25 GMT; path=/; secure; SameSite=None
set-cookie: SRCHUSR=DOB=20241213; domain=.bing.com; expires=Wed, 07-Jan-2026 18:09:25 GMT; path=/; secure; SameSite=None
set-cookie: SRCHHPGUSR=SRCHLANG=en; domain=.bing.com; expires=Wed, 07-Jan-2026 18:09:25 GMT; path=/; secure; SameSite=None
set-cookie: _SS=SID=049EFAF794C761E43421EFA3959E6002; domain=.bing.com; path=/; secure; SameSite=None
alt-svc: h3=":443"; ma=93600
x-cdn-traceid: 0.4c367a5c.1734113365.a703eb7
GET

https://www.bing.com/qbox?query=ransomware+downl&language=en-US&pt=EdgBox&cvid=7e729d80db1740afaef3a04217b93d4b&ig=a51a9d92f4f044e080a87f5fa0e43608&oit=4&cp=16&pgcl=4

msedge.exe

Remote address:

95.101.143.210:443

Request

GET /qbox?query=ransomware+downl&language=en-US&pt=EdgBox&cvid=7e729d80db1740afaef3a04217b93d4b&ig=a51a9d92f4f044e080a87f5fa0e43608&oit=4&cp=16&pgcl=4 HTTP/2.0
host: www.bing.com
sec-fetch-site: none
sec-fetch-mode: no-cors
sec-fetch-dest: empty
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 268
content-type: application/json; charset=utf-8
cache-control: public, max-age=300
content-encoding: br
vary: Accept-Encoding
x-eventid: 675c7855789f40e4b85c24f3b38b3423
useragentreductionoptout: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
content-security-policy: script-src https: 'strict-dynamic' 'report-sample' 'wasm-unsafe-eval' 'nonce-/6oPVP2nEW1XqG9nZtTL4R93JRAPX8DMfuJ5RhDbtHs='; base-uri 'self';report-to csp-endpoint
report-to: {"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
p3p: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
date: Fri, 13 Dec 2024 18:09:25 GMT
set-cookie: MUID=029F2CE28F86682F20A639B68E5669DE; domain=.bing.com; expires=Wed, 07-Jan-2026 18:09:25 GMT; path=/; secure; SameSite=None
set-cookie: MUIDB=029F2CE28F86682F20A639B68E5669DE; expires=Wed, 07-Jan-2026 18:09:25 GMT; path=/; HttpOnly
set-cookie: _EDGE_S=F=1&SID=0C8A825953AA6DF40B76970D527A6CF9; domain=.bing.com; path=/; HttpOnly
set-cookie: _EDGE_V=1; domain=.bing.com; expires=Wed, 07-Jan-2026 18:09:25 GMT; path=/; HttpOnly
set-cookie: USRLOC=HS=1; domain=.bing.com; expires=Wed, 07-Jan-2026 18:09:25 GMT; path=/; secure; HttpOnly; SameSite=None
set-cookie: SRCHD=AF=NOFORM; domain=.bing.com; expires=Wed, 07-Jan-2026 18:09:25 GMT; path=/; secure; SameSite=None
set-cookie: SRCHUID=V=2&GUID=3B324F94F56044EB8C0CAAACB041454F&dmnchg=1; domain=.bing.com; expires=Wed, 07-Jan-2026 18:09:25 GMT; path=/; secure; SameSite=None
set-cookie: SRCHUSR=DOB=20241213; domain=.bing.com; expires=Wed, 07-Jan-2026 18:09:25 GMT; path=/; secure; SameSite=None
set-cookie: SRCHHPGUSR=SRCHLANG=en; domain=.bing.com; expires=Wed, 07-Jan-2026 18:09:25 GMT; path=/; secure; SameSite=None
set-cookie: _SS=SID=0C8A825953AA6DF40B76970D527A6CF9; domain=.bing.com; path=/; secure; SameSite=None
alt-svc: h3=":443"; ma=93600
x-cdn-traceid: 0.4c367a5c.1734113365.a703fc8
GET

https://www.bing.com/qbox?query=ransomware+downlo&language=en-US&pt=EdgBox&cvid=7e729d80db1740afaef3a04217b93d4b&ig=f21be16257824d21a997eea536eb9144&oit=4&cp=17&pgcl=4

msedge.exe

Remote address:

95.101.143.210:443

Request

GET /qbox?query=ransomware+downlo&language=en-US&pt=EdgBox&cvid=7e729d80db1740afaef3a04217b93d4b&ig=f21be16257824d21a997eea536eb9144&oit=4&cp=17&pgcl=4 HTTP/2.0
host: www.bing.com
sec-fetch-site: none
sec-fetch-mode: no-cors
sec-fetch-dest: empty
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 264
content-type: application/json; charset=utf-8
cache-control: public, max-age=300
content-encoding: br
vary: Accept-Encoding
x-eventid: 675c785590ac4df8b00c9093108ad68b
useragentreductionoptout: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
content-security-policy: script-src https: 'strict-dynamic' 'report-sample' 'wasm-unsafe-eval' 'nonce-6KHnX7q2A4ak6YpccQiQ9TPMmD1I3AVIGpCwplb07Y0='; base-uri 'self';report-to csp-endpoint
report-to: {"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
p3p: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
date: Fri, 13 Dec 2024 18:09:26 GMT
set-cookie: MUID=247FAF91D95F6CFC03FABAC5D8D86DDD; domain=.bing.com; expires=Wed, 07-Jan-2026 18:09:25 GMT; path=/; secure; SameSite=None
set-cookie: MUIDB=247FAF91D95F6CFC03FABAC5D8D86DDD; expires=Wed, 07-Jan-2026 18:09:25 GMT; path=/; HttpOnly
set-cookie: _EDGE_S=F=1&SID=213FB6839EFA64E600D9A3D79F7D6592; domain=.bing.com; path=/; HttpOnly
set-cookie: _EDGE_V=1; domain=.bing.com; expires=Wed, 07-Jan-2026 18:09:25 GMT; path=/; HttpOnly
set-cookie: USRLOC=HS=1; domain=.bing.com; expires=Wed, 07-Jan-2026 18:09:25 GMT; path=/; secure; HttpOnly; SameSite=None
set-cookie: SRCHD=AF=NOFORM; domain=.bing.com; expires=Wed, 07-Jan-2026 18:09:25 GMT; path=/; secure; SameSite=None
set-cookie: SRCHUID=V=2&GUID=1D3E0F272F3B4B668B17C751084BF440&dmnchg=1; domain=.bing.com; expires=Wed, 07-Jan-2026 18:09:25 GMT; path=/; secure; SameSite=None
set-cookie: SRCHUSR=DOB=20241213; domain=.bing.com; expires=Wed, 07-Jan-2026 18:09:25 GMT; path=/; secure; SameSite=None
set-cookie: SRCHHPGUSR=SRCHLANG=en; domain=.bing.com; expires=Wed, 07-Jan-2026 18:09:25 GMT; path=/; secure; SameSite=None
set-cookie: _SS=SID=213FB6839EFA64E600D9A3D79F7D6592; domain=.bing.com; path=/; secure; SameSite=None
alt-svc: h3=":443"; ma=93600
x-cdn-traceid: 0.4c367a5c.1734113365.a70403c
GET

https://www.bing.com/qbox?query=ransomware+downlou&language=en-US&pt=EdgBox&cvid=7e729d80db1740afaef3a04217b93d4b&ig=182d1983e4e446de9109cb22fb6aa870&oit=4&cp=18&pgcl=4

msedge.exe

Remote address:

95.101.143.210:443

Request

GET /qbox?query=ransomware+downlou&language=en-US&pt=EdgBox&cvid=7e729d80db1740afaef3a04217b93d4b&ig=182d1983e4e446de9109cb22fb6aa870&oit=4&cp=18&pgcl=4 HTTP/2.0
host: www.bing.com
sec-fetch-site: none
sec-fetch-mode: no-cors
sec-fetch-dest: empty
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 206
content-type: application/json; charset=utf-8
cache-control: public, max-age=300
content-encoding: br
vary: Accept-Encoding
x-eventid: 675c78561be847b586defa5e574b10f9
useragentreductionoptout: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
content-security-policy: script-src https: 'strict-dynamic' 'report-sample' 'wasm-unsafe-eval' 'nonce-rPBwGfnP9AKTqfoN658/f2U0S3YwWSo9vzjWULWxyy0='; base-uri 'self';report-to csp-endpoint
report-to: {"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
p3p: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
date: Fri, 13 Dec 2024 18:09:26 GMT
set-cookie: MUID=2403F845F82869A6083CED11F9D568C0; domain=.bing.com; expires=Wed, 07-Jan-2026 18:09:26 GMT; path=/; secure; SameSite=None
set-cookie: MUIDB=2403F845F82869A6083CED11F9D568C0; expires=Wed, 07-Jan-2026 18:09:26 GMT; path=/; HttpOnly
set-cookie: _EDGE_S=F=1&SID=2F5D3B95474F6FC532982EC146B26EB5; domain=.bing.com; path=/; HttpOnly
set-cookie: _EDGE_V=1; domain=.bing.com; expires=Wed, 07-Jan-2026 18:09:26 GMT; path=/; HttpOnly
set-cookie: USRLOC=HS=1; domain=.bing.com; expires=Wed, 07-Jan-2026 18:09:26 GMT; path=/; secure; HttpOnly; SameSite=None
set-cookie: SRCHD=AF=NOFORM; domain=.bing.com; expires=Wed, 07-Jan-2026 18:09:26 GMT; path=/; secure; SameSite=None
set-cookie: SRCHUID=V=2&GUID=7BC7EC772FEA4ACC82D18A33BFDC728F&dmnchg=1; domain=.bing.com; expires=Wed, 07-Jan-2026 18:09:26 GMT; path=/; secure; SameSite=None
set-cookie: SRCHUSR=DOB=20241213; domain=.bing.com; expires=Wed, 07-Jan-2026 18:09:26 GMT; path=/; secure; SameSite=None
set-cookie: SRCHHPGUSR=SRCHLANG=en; domain=.bing.com; expires=Wed, 07-Jan-2026 18:09:26 GMT; path=/; secure; SameSite=None
set-cookie: _SS=SID=2F5D3B95474F6FC532982EC146B26EB5; domain=.bing.com; path=/; secure; SameSite=None
alt-svc: h3=":443"; ma=93600
x-cdn-traceid: 0.4c367a5c.1734113366.a7041ac
GET

https://www.bing.com/qbox?query=ransomware+downloud&language=en-US&pt=EdgBox&cvid=7e729d80db1740afaef3a04217b93d4b&ig=3599795308334502b705db1aca172888&oit=4&cp=19&pgcl=4

msedge.exe

Remote address:

95.101.143.210:443

Request

GET /qbox?query=ransomware+downloud&language=en-US&pt=EdgBox&cvid=7e729d80db1740afaef3a04217b93d4b&ig=3599795308334502b705db1aca172888&oit=4&cp=19&pgcl=4 HTTP/2.0
host: www.bing.com
sec-fetch-site: none
sec-fetch-mode: no-cors
sec-fetch-dest: empty
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 208
content-type: application/json; charset=utf-8
cache-control: public, max-age=300
content-encoding: br
vary: Accept-Encoding
x-eventid: 675c7856011242818112a335b0d46cc7
useragentreductionoptout: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
content-security-policy: script-src https: 'strict-dynamic' 'report-sample' 'wasm-unsafe-eval' 'nonce-gj1lSggHr42T7egAypFU4g51GhyAEefqxba1gx1zmzU='; base-uri 'self';report-to csp-endpoint
report-to: {"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
p3p: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
date: Fri, 13 Dec 2024 18:09:26 GMT
set-cookie: MUID=1DFDF575F0576F552939E021F1C96EC5; domain=.bing.com; expires=Wed, 07-Jan-2026 18:09:26 GMT; path=/; secure; SameSite=None
set-cookie: MUIDB=1DFDF575F0576F552939E021F1C96EC5; expires=Wed, 07-Jan-2026 18:09:26 GMT; path=/; HttpOnly
set-cookie: _EDGE_S=F=1&SID=39D790E248B3626F1C0785B6492D6323; domain=.bing.com; path=/; HttpOnly
set-cookie: _EDGE_V=1; domain=.bing.com; expires=Wed, 07-Jan-2026 18:09:26 GMT; path=/; HttpOnly
set-cookie: USRLOC=HS=1; domain=.bing.com; expires=Wed, 07-Jan-2026 18:09:26 GMT; path=/; secure; HttpOnly; SameSite=None
set-cookie: SRCHD=AF=NOFORM; domain=.bing.com; expires=Wed, 07-Jan-2026 18:09:26 GMT; path=/; secure; SameSite=None
set-cookie: SRCHUID=V=2&GUID=A784229B969F4F4A94B7B454E49BDA3A&dmnchg=1; domain=.bing.com; expires=Wed, 07-Jan-2026 18:09:26 GMT; path=/; secure; SameSite=None
set-cookie: SRCHUSR=DOB=20241213; domain=.bing.com; expires=Wed, 07-Jan-2026 18:09:26 GMT; path=/; secure; SameSite=None
set-cookie: SRCHHPGUSR=SRCHLANG=en; domain=.bing.com; expires=Wed, 07-Jan-2026 18:09:26 GMT; path=/; secure; SameSite=None
set-cookie: _SS=SID=39D790E248B3626F1C0785B6492D6323; domain=.bing.com; path=/; secure; SameSite=None
alt-svc: h3=":443"; ma=93600
x-cdn-traceid: 0.4c367a5c.1734113366.a70422b
GET

https://www.bing.com/qbox?query=ransomware+downlouds&language=en-US&pt=EdgBox&cvid=7e729d80db1740afaef3a04217b93d4b&ig=4b53222ab073467687c30f18c7fd2b80&oit=4&cp=20&pgcl=4

msedge.exe

Remote address:

95.101.143.210:443

Request

GET /qbox?query=ransomware+downlouds&language=en-US&pt=EdgBox&cvid=7e729d80db1740afaef3a04217b93d4b&ig=4b53222ab073467687c30f18c7fd2b80&oit=4&cp=20&pgcl=4 HTTP/2.0
host: www.bing.com
sec-fetch-site: none
sec-fetch-mode: no-cors
sec-fetch-dest: empty
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 208
content-type: application/json; charset=utf-8
cache-control: public, max-age=300
content-encoding: br
vary: Accept-Encoding
x-eventid: 675c7856bb854cfd8344f9e6a02038ca
useragentreductionoptout: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
content-security-policy: script-src https: 'strict-dynamic' 'report-sample' 'wasm-unsafe-eval' 'nonce-CYZyGCN34ivtLwh26rZYQWdZ16Zgkye/rHNlw+eB47o='; base-uri 'self';report-to csp-endpoint
report-to: {"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
p3p: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
date: Fri, 13 Dec 2024 18:09:26 GMT
set-cookie: MUID=123856D5EF9460FA28EB4381EEBC6108; domain=.bing.com; expires=Wed, 07-Jan-2026 18:09:26 GMT; path=/; secure; SameSite=None
set-cookie: MUIDB=123856D5EF9460FA28EB4381EEBC6108; expires=Wed, 07-Jan-2026 18:09:26 GMT; path=/; HttpOnly
set-cookie: _EDGE_S=F=1&SID=03F348F93B0164223CF75DAD3A2965ED; domain=.bing.com; path=/; HttpOnly
set-cookie: _EDGE_V=1; domain=.bing.com; expires=Wed, 07-Jan-2026 18:09:26 GMT; path=/; HttpOnly
set-cookie: USRLOC=HS=1; domain=.bing.com; expires=Wed, 07-Jan-2026 18:09:26 GMT; path=/; secure; HttpOnly; SameSite=None
set-cookie: SRCHD=AF=NOFORM; domain=.bing.com; expires=Wed, 07-Jan-2026 18:09:26 GMT; path=/; secure; SameSite=None
set-cookie: SRCHUID=V=2&GUID=ED0E8F7DB04D45B3AD63F1F8B4DBEDCE&dmnchg=1; domain=.bing.com; expires=Wed, 07-Jan-2026 18:09:26 GMT; path=/; secure; SameSite=None
set-cookie: SRCHUSR=DOB=20241213; domain=.bing.com; expires=Wed, 07-Jan-2026 18:09:26 GMT; path=/; secure; SameSite=None
set-cookie: SRCHHPGUSR=SRCHLANG=en; domain=.bing.com; expires=Wed, 07-Jan-2026 18:09:26 GMT; path=/; secure; SameSite=None
set-cookie: _SS=SID=03F348F93B0164223CF75DAD3A2965ED; domain=.bing.com; path=/; secure; SameSite=None
alt-svc: h3=":443"; ma=93600
x-cdn-traceid: 0.4c367a5c.1734113366.a7042f1
GET

https://www.bing.com/search?q=ransomware+downlouds&cvid=7e729d80db1740afaef3a04217b93d4b&aqs=edge..69i57j0l6.4165j0j4&FORM=ANAB01&PC=U531

msedge.exe

Remote address:

95.101.143.210:443

Request

GET /search?q=ransomware+downlouds&cvid=7e729d80db1740afaef3a04217b93d4b&aqs=edge..69i57j0l6.4165j0j4&FORM=ANAB01&PC=U531 HTTP/2.0
host: www.bing.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
sec-ch-ua-mobile: ?0
dnt: 1
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: text/html; charset=utf-8
cache-control: private, max-age=0
content-encoding: br
expires: Fri, 13 Dec 2024 18:08:26 GMT
vary: Accept-Encoding
x-eventid: 675c78564ca447f7845898b671587a49
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, ECT, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
useragentreductionoptout: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: script-src https: 'strict-dynamic' 'report-sample' 'wasm-unsafe-eval' 'nonce-A/SyztcYi+/yu5sc61KNW4lqysN+kaT4BqKC5Hx8U8I='; base-uri 'self';report-to csp-endpoint
report-to: {"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingserp&ndcParam=QWthbWFp"}]}
report-to: {"group":"crossorigin-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingserp"}]}
p3p: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.01,"failure_fraction":1.0,"include_subdomains":true}
cross-origin-embedder-policy-report-only: 'require-corp; report-to=\"crossorigin-errors\"'
cross-origin-opener-policy-report-only: 'same-origin; report-to=\"crossorigin-errors\"'
date: Fri, 13 Dec 2024 18:09:26 GMT
set-cookie: MUID=2F4E2904EB0462ED0C753C50EA6963F3; domain=.bing.com; expires=Wed, 07-Jan-2026 18:09:26 GMT; path=/; secure; SameSite=None
set-cookie: MUIDB=2F4E2904EB0462ED0C753C50EA6963F3; expires=Wed, 07-Jan-2026 18:09:26 GMT; path=/; HttpOnly
set-cookie: _EDGE_S=F=1&SID=1FCCA6982E7F6C8F0728B3CC2F126D2A; domain=.bing.com; path=/; HttpOnly
set-cookie: _EDGE_V=1; domain=.bing.com; expires=Wed, 07-Jan-2026 18:09:26 GMT; path=/; HttpOnly
set-cookie: USRLOC=HS=1; domain=.bing.com; expires=Wed, 07-Jan-2026 18:09:26 GMT; path=/; secure; HttpOnly; SameSite=None
set-cookie: _SS=PC=U531&SID=1FCCA6982E7F6C8F0728B3CC2F126D2A; domain=.bing.com; path=/; secure; SameSite=None
set-cookie: SRCHS=PC=U531; domain=.bing.com; path=/; secure; SameSite=None
set-cookie: SRCHD=AF=ANAB01; domain=.bing.com; expires=Wed, 07-Jan-2026 18:09:26 GMT; path=/; secure; SameSite=None
set-cookie: SRCHUID=V=2&GUID=8F1B49904A39427CA6233E79AB5BE299&dmnchg=1; domain=.bing.com; expires=Wed, 07-Jan-2026 18:09:26 GMT; path=/; secure; SameSite=None
set-cookie: SRCHUSR=DOB=20241213; domain=.bing.com; expires=Wed, 07-Jan-2026 18:09:26 GMT; path=/; secure; SameSite=None
set-cookie: SRCHHPGUSR=SRCHLANG=en; domain=.bing.com; expires=Wed, 07-Jan-2026 18:09:26 GMT; path=/; secure; SameSite=None
alt-svc: h3=":443"; ma=93600
x-cdn-traceid: 0.4c367a5c.1734113366.a704390
set-cookie: ak_bmsc=F184CDB549F535F0B1E550D997395A26~000000000000000000000000000000~YAAQTDZ6XBXtdbWTAQAAMBM2wRr1wf4++RX/YAOWqh730thSrLKlBKMU4VpVMXbgi/LvbmuVgzyOM8kUlacDwjH4uybO7kvKG6QRuI8SPwe1QGFlxiVicp5hmGd05WFcNWnHPVzMekCo/R0SLhvaoXl1fXaULy3kgl/fRGp8xw7oPHyej/BhgG3YyX7oEK9PSWocKQbv1arXPfYTr6Pq5yZSN5gwlVVI1u9lfdVi4roZ6DhkyAUPIte/4/6rbnL5NOI3w7ljUelB+vV3TcmzPfreKRYeeCJXh/AD3CjtBdX5un91365jWwJXOGNWw6yGnnn/7U2buFemYCu8nb7bVSxMgoM6KK6PbpgeR0Pqv9YAr6odhOczXEav29qkndMDB/jhFnMCRoae; Domain=.bing.com; Path=/; Expires=Fri, 13 Dec 2024 20:09:26 GMT; Max-Age=7200
GET

https://www.bing.com/sa/simg/Roboto_Regular.woff2

msedge.exe

Remote address:

95.101.143.210:443

Request

GET /sa/simg/Roboto_Regular.woff2 HTTP/2.0
host: www.bing.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://www.bing.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "90.0.818.66"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
dnt: 1
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: font
referer: https://www.bing.com/search?q=ransomware+downlouds&cvid=7e729d80db1740afaef3a04217b93d4b&aqs=edge..69i57j0l6.4165j0j4&FORM=ANAB01&PC=U531
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: MUID=2F4E2904EB0462ED0C753C50EA6963F3
cookie: MUIDB=2F4E2904EB0462ED0C753C50EA6963F3
cookie: _EDGE_S=F=1&SID=1FCCA6982E7F6C8F0728B3CC2F126D2A
cookie: _EDGE_V=1
cookie: USRLOC=HS=1
cookie: _SS=PC=U531&SID=1FCCA6982E7F6C8F0728B3CC2F126D2A
cookie: SRCHS=PC=U531
cookie: SRCHD=AF=ANAB01
cookie: SRCHUID=V=2&GUID=8F1B49904A39427CA6233E79AB5BE299&dmnchg=1
cookie: SRCHUSR=DOB=20241213
cookie: SRCHHPGUSR=SRCHLANG=en
cookie: ak_bmsc=F184CDB549F535F0B1E550D997395A26~000000000000000000000000000000~YAAQTDZ6XBXtdbWTAQAAMBM2wRr1wf4++RX/YAOWqh730thSrLKlBKMU4VpVMXbgi/LvbmuVgzyOM8kUlacDwjH4uybO7kvKG6QRuI8SPwe1QGFlxiVicp5hmGd05WFcNWnHPVzMekCo/R0SLhvaoXl1fXaULy3kgl/fRGp8xw7oPHyej/BhgG3YyX7oEK9PSWocKQbv1arXPfYTr6Pq5yZSN5gwlVVI1u9lfdVi4roZ6DhkyAUPIte/4/6rbnL5NOI3w7ljUelB+vV3TcmzPfreKRYeeCJXh/AD3CjtBdX5un91365jWwJXOGNWw6yGnnn/7U2buFemYCu8nb7bVSxMgoM6KK6PbpgeR0Pqv9YAr6odhOczXEav29qkndMDB/jhFnMCRoae

Response

HTTP/2.0 200

content-length: 15344
content-type: font/woff2
cache-control: public, max-age=15552000
last-modified: Mon, 01 Jan 1601 00:00:00 GMT
x-eventid: 661aafd86e0b4a0c8792a1f83cd446ca
useragentreductionoptout: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
content-security-policy-report-only: script-src https: 'strict-dynamic' 'report-sample' 'nonce-3vTAQNKq8Us8FU4N1YKatO/0vBvTusxxyorbrP2yIH8='; base-uri 'self';report-to csp-endpoint
report-to: {"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
date: Fri, 13 Dec 2024 18:09:26 GMT
alt-svc: h3=":443"; ma=93600
x-cdn-traceid: 0.4c367a5c.1734113366.a70440e
GET

https://www.bing.com/sa/simg/Roboto_Semibold.woff2

msedge.exe

Remote address:

95.101.143.210:443

Request

GET /sa/simg/Roboto_Semibold.woff2 HTTP/2.0
host: www.bing.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://www.bing.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "90.0.818.66"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
dnt: 1
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: font
referer: https://www.bing.com/search?q=ransomware+downlouds&cvid=7e729d80db1740afaef3a04217b93d4b&aqs=edge..69i57j0l6.4165j0j4&FORM=ANAB01&PC=U531
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: MUID=2F4E2904EB0462ED0C753C50EA6963F3
cookie: MUIDB=2F4E2904EB0462ED0C753C50EA6963F3
cookie: _EDGE_S=F=1&SID=1FCCA6982E7F6C8F0728B3CC2F126D2A
cookie: _EDGE_V=1
cookie: USRLOC=HS=1
cookie: _SS=PC=U531&SID=1FCCA6982E7F6C8F0728B3CC2F126D2A
cookie: SRCHS=PC=U531
cookie: SRCHD=AF=ANAB01
cookie: SRCHUID=V=2&GUID=8F1B49904A39427CA6233E79AB5BE299&dmnchg=1
cookie: SRCHUSR=DOB=20241213
cookie: SRCHHPGUSR=SRCHLANG=en
cookie: ak_bmsc=F184CDB549F535F0B1E550D997395A26~000000000000000000000000000000~YAAQTDZ6XBXtdbWTAQAAMBM2wRr1wf4++RX/YAOWqh730thSrLKlBKMU4VpVMXbgi/LvbmuVgzyOM8kUlacDwjH4uybO7kvKG6QRuI8SPwe1QGFlxiVicp5hmGd05WFcNWnHPVzMekCo/R0SLhvaoXl1fXaULy3kgl/fRGp8xw7oPHyej/BhgG3YyX7oEK9PSWocKQbv1arXPfYTr6Pq5yZSN5gwlVVI1u9lfdVi4roZ6DhkyAUPIte/4/6rbnL5NOI3w7ljUelB+vV3TcmzPfreKRYeeCJXh/AD3CjtBdX5un91365jWwJXOGNWw6yGnnn/7U2buFemYCu8nb7bVSxMgoM6KK6PbpgeR0Pqv9YAr6odhOczXEav29qkndMDB/jhFnMCRoae

Response

HTTP/2.0 200

content-length: 15436
content-type: font/woff2
cache-control: public, max-age=15552000
last-modified: Mon, 01 Jan 1601 00:00:00 GMT
x-eventid: 661b7fb4a5a64a25bfe52f31cdb238a2
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
useragentreductionoptout: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
content-security-policy-report-only: script-src https: 'strict-dynamic' 'report-sample' 'nonce-Dc7XB6hZwYD7vh6hxGugqMXoa2v2PSgRTnvZk3RerSA='; base-uri 'self';report-to csp-endpoint
report-to: {"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
date: Fri, 13 Dec 2024 18:09:26 GMT
alt-svc: h3=":443"; ma=93600
x-cdn-traceid: 0.4c367a5c.1734113366.a704412
GET

https://www.bing.com/rp/kAwiv9gc4HPfHSU3xUQp2Xqm5wA.png

msedge.exe

Remote address:

95.101.143.210:443

Request

GET /rp/kAwiv9gc4HPfHSU3xUQp2Xqm5wA.png HTTP/2.0
host: www.bing.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "90.0.818.66"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.bing.com/search?q=ransomware+downlouds&cvid=7e729d80db1740afaef3a04217b93d4b&aqs=edge..69i57j0l6.4165j0j4&FORM=ANAB01&PC=U531
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: MUID=2F4E2904EB0462ED0C753C50EA6963F3
cookie: MUIDB=2F4E2904EB0462ED0C753C50EA6963F3
cookie: _EDGE_S=F=1&SID=1FCCA6982E7F6C8F0728B3CC2F126D2A
cookie: _EDGE_V=1
cookie: USRLOC=HS=1
cookie: _SS=PC=U531&SID=1FCCA6982E7F6C8F0728B3CC2F126D2A
cookie: SRCHS=PC=U531
cookie: SRCHD=AF=ANAB01
cookie: SRCHUID=V=2&GUID=8F1B49904A39427CA6233E79AB5BE299&dmnchg=1
cookie: SRCHUSR=DOB=20241213
cookie: SRCHHPGUSR=SRCHLANG=en
cookie: ak_bmsc=F184CDB549F535F0B1E550D997395A26~000000000000000000000000000000~YAAQTDZ6XBXtdbWTAQAAMBM2wRr1wf4++RX/YAOWqh730thSrLKlBKMU4VpVMXbgi/LvbmuVgzyOM8kUlacDwjH4uybO7kvKG6QRuI8SPwe1QGFlxiVicp5hmGd05WFcNWnHPVzMekCo/R0SLhvaoXl1fXaULy3kgl/fRGp8xw7oPHyej/BhgG3YyX7oEK9PSWocKQbv1arXPfYTr6Pq5yZSN5gwlVVI1u9lfdVi4roZ6DhkyAUPIte/4/6rbnL5NOI3w7ljUelB+vV3TcmzPfreKRYeeCJXh/AD3CjtBdX5un91365jWwJXOGNWw6yGnnn/7U2buFemYCu8nb7bVSxMgoM6KK6PbpgeR0Pqv9YAr6odhOczXEav29qkndMDB/jhFnMCRoae

Response

HTTP/2.0 200

last-modified: Tue, 24 Sep 2024 06:53:27 GMT
etag: 0x8DCDC6597B401F0
cache-control: public, no-transform, max-age=221945
expires: Sun, 15 Dec 2024 07:31:14 GMT
akamai-grn: 0.521a1202.1734025929.2ecfd6fc
timing-allow-origin: *
akamai-amd-bc-debug: [a=23.73.138.84,b=98544723,c=c,d=1730869163,h=304,k=1,l=0,n=GB_EN_SLOUGH,o=20940,r=1]
content-length: 9310
content-type: image/png
content-md5: GUexVzkiHrDbJxwd2PleRg==
x-ms-request-id: 490b4d38-e01e-005f-1926-15186e000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
date: Fri, 13 Dec 2024 18:09:26 GMT
alt-svc: h3=":443"; ma=93600
x-cdn-traceid: 0.4c367a5c.1734113366.a704439
GET

https://www.bing.com/fd/ls/l?IG=0DD49FA7ED914E5E96F20FA0AFFB5C37&CID=2F4E2904EB0462ED0C753C50EA6963F3&Type=Event.CPT&DATA={%22pp%22:{%22S%22:%22L%22,%22FC%22:16,%22BC%22:326,%22SE%22:-1,%22TC%22:-1,%22H%22:396,%22BP%22:440,%22CT%22:442,%22IL%22:18},%22ad%22:[43,194,1263,601,1263,2629,0],%22net%22:%22undefined%22}&P=SERP&DA=DUBE01

msedge.exe

Remote address:

95.101.143.210:443

Request

GET /fd/ls/l?IG=0DD49FA7ED914E5E96F20FA0AFFB5C37&CID=2F4E2904EB0462ED0C753C50EA6963F3&Type=Event.CPT&DATA={%22pp%22:{%22S%22:%22L%22,%22FC%22:16,%22BC%22:326,%22SE%22:-1,%22TC%22:-1,%22H%22:396,%22BP%22:440,%22CT%22:442,%22IL%22:18},%22ad%22:[43,194,1263,601,1263,2629,0],%22net%22:%22undefined%22}&P=SERP&DA=DUBE01 HTTP/2.0
host: www.bing.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "90.0.818.66"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.bing.com/search?q=ransomware+downlouds&cvid=7e729d80db1740afaef3a04217b93d4b&aqs=edge..69i57j0l6.4165j0j4&FORM=ANAB01&PC=U531
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: MUID=2F4E2904EB0462ED0C753C50EA6963F3
cookie: MUIDB=2F4E2904EB0462ED0C753C50EA6963F3
cookie: _EDGE_S=F=1&SID=1FCCA6982E7F6C8F0728B3CC2F126D2A
cookie: _EDGE_V=1
cookie: USRLOC=HS=1
cookie: _SS=PC=U531&SID=1FCCA6982E7F6C8F0728B3CC2F126D2A
cookie: SRCHS=PC=U531
cookie: SRCHD=AF=ANAB01
cookie: SRCHUID=V=2&GUID=8F1B49904A39427CA6233E79AB5BE299&dmnchg=1
cookie: SRCHUSR=DOB=20241213
cookie: SRCHHPGUSR=SRCHLANG=en
cookie: ak_bmsc=F184CDB549F535F0B1E550D997395A26~000000000000000000000000000000~YAAQTDZ6XBXtdbWTAQAAMBM2wRr1wf4++RX/YAOWqh730thSrLKlBKMU4VpVMXbgi/LvbmuVgzyOM8kUlacDwjH4uybO7kvKG6QRuI8SPwe1QGFlxiVicp5hmGd05WFcNWnHPVzMekCo/R0SLhvaoXl1fXaULy3kgl/fRGp8xw7oPHyej/BhgG3YyX7oEK9PSWocKQbv1arXPfYTr6Pq5yZSN5gwlVVI1u9lfdVi4roZ6DhkyAUPIte/4/6rbnL5NOI3w7ljUelB+vV3TcmzPfreKRYeeCJXh/AD3CjtBdX5un91365jWwJXOGNWw6yGnnn/7U2buFemYCu8nb7bVSxMgoM6KK6PbpgeR0Pqv9YAr6odhOczXEav29qkndMDB/jhFnMCRoae

Response

HTTP/2.0 200

content-length: 4286
content-type: image/x-icon
cache-control: public, max-age=15552000
last-modified: Mon, 01 Jan 1601 00:00:00 GMT
x-eventid: 66d5ec6055d9463c84257cec3982c879
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
useragentreductionoptout: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
content-security-policy-report-only: script-src https: 'strict-dynamic' 'report-sample' 'nonce-zB0eUvbRZZ+8BAOCzA2mVZMfYjd1Suqx4YY4zC5V9K4='; base-uri 'self';report-to csp-endpoint
report-to: {"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
date: Fri, 13 Dec 2024 18:09:27 GMT
alt-svc: h3=":443"; ma=93600
x-cdn-traceid: 0.4c367a5c.1734113367.a704610
POST

https://www.bing.com/fd/ls/lsp.aspx?

msedge.exe

Remote address:

95.101.143.210:443

Request

POST /fd/ls/lsp.aspx? HTTP/2.0
host: www.bing.com
content-length: 353
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "90.0.818.66"
sec-ch-ua-platform-version: "10.0"
content-type: text/plain;charset=UTF-8
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
accept: */*
origin: https://www.bing.com
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://www.bing.com/search?q=ransomware+downlouds&cvid=7e729d80db1740afaef3a04217b93d4b&aqs=edge..69i57j0l6.4165j0j4&FORM=ANAB01&PC=U531
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: MUID=2F4E2904EB0462ED0C753C50EA6963F3
cookie: MUIDB=2F4E2904EB0462ED0C753C50EA6963F3
cookie: _EDGE_S=F=1&SID=1FCCA6982E7F6C8F0728B3CC2F126D2A
cookie: _EDGE_V=1
cookie: USRLOC=HS=1
cookie: _SS=PC=U531&SID=1FCCA6982E7F6C8F0728B3CC2F126D2A
cookie: SRCHS=PC=U531
cookie: SRCHD=AF=ANAB01
cookie: SRCHUID=V=2&GUID=8F1B49904A39427CA6233E79AB5BE299&dmnchg=1
cookie: SRCHUSR=DOB=20241213
cookie: SRCHHPGUSR=SRCHLANG=en
cookie: ak_bmsc=F184CDB549F535F0B1E550D997395A26~000000000000000000000000000000~YAAQTDZ6XBXtdbWTAQAAMBM2wRr1wf4++RX/YAOWqh730thSrLKlBKMU4VpVMXbgi/LvbmuVgzyOM8kUlacDwjH4uybO7kvKG6QRuI8SPwe1QGFlxiVicp5hmGd05WFcNWnHPVzMekCo/R0SLhvaoXl1fXaULy3kgl/fRGp8xw7oPHyej/BhgG3YyX7oEK9PSWocKQbv1arXPfYTr6Pq5yZSN5gwlVVI1u9lfdVi4roZ6DhkyAUPIte/4/6rbnL5NOI3w7ljUelB+vV3TcmzPfreKRYeeCJXh/AD3CjtBdX5un91365jWwJXOGNWw6yGnnn/7U2buFemYCu8nb7bVSxMgoM6KK6PbpgeR0Pqv9YAr6odhOczXEav29qkndMDB/jhFnMCRoae

Response

HTTP/2.0 200

expires: Mon, 25 Nov 2024 21:15:40 GMT
last-modified: Wed, 20 Nov 2024 06:08:28 GMT
etag: 0x8DD0929C09196E1
cache-control: public, no-transform, max-age=424492
content-length: 7650
content-type: text/javascript; charset=utf-8
content-encoding: br
content-md5: x2EwVHeB7ANtgfiXW7B0ZQ==
x-ms-request-id: cc00ee3a-201e-006b-5776-3bb7c6000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
akamai-grn: 0.646e5668.1732138139.51dd4d4
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
timing-allow-origin: *
date: Fri, 13 Dec 2024 18:09:27 GMT
alt-svc: h3=":443"; ma=93600
x-cdn-traceid: 0.4c367a5c.1734113367.a704616
GET

https://www.bing.com/sa/simg/favicon-trans-bg-blue-mg.ico

msedge.exe

Remote address:

95.101.143.210:443

Request

GET /sa/simg/favicon-trans-bg-blue-mg.ico HTTP/2.0
host: www.bing.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "90.0.818.66"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.bing.com/search?q=ransomware+downlouds&cvid=7e729d80db1740afaef3a04217b93d4b&aqs=edge..69i57j0l6.4165j0j4&FORM=ANAB01&PC=U531
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: MUID=2F4E2904EB0462ED0C753C50EA6963F3
cookie: MUIDB=2F4E2904EB0462ED0C753C50EA6963F3
cookie: _EDGE_S=F=1&SID=1FCCA6982E7F6C8F0728B3CC2F126D2A
cookie: _EDGE_V=1
cookie: USRLOC=HS=1
cookie: _SS=PC=U531&SID=1FCCA6982E7F6C8F0728B3CC2F126D2A
cookie: SRCHS=PC=U531
cookie: SRCHD=AF=ANAB01
cookie: SRCHUID=V=2&GUID=8F1B49904A39427CA6233E79AB5BE299&dmnchg=1
cookie: SRCHUSR=DOB=20241213
cookie: SRCHHPGUSR=SRCHLANG=en
cookie: ak_bmsc=F184CDB549F535F0B1E550D997395A26~000000000000000000000000000000~YAAQTDZ6XBXtdbWTAQAAMBM2wRr1wf4++RX/YAOWqh730thSrLKlBKMU4VpVMXbgi/LvbmuVgzyOM8kUlacDwjH4uybO7kvKG6QRuI8SPwe1QGFlxiVicp5hmGd05WFcNWnHPVzMekCo/R0SLhvaoXl1fXaULy3kgl/fRGp8xw7oPHyej/BhgG3YyX7oEK9PSWocKQbv1arXPfYTr6Pq5yZSN5gwlVVI1u9lfdVi4roZ6DhkyAUPIte/4/6rbnL5NOI3w7ljUelB+vV3TcmzPfreKRYeeCJXh/AD3CjtBdX5un91365jWwJXOGNWw6yGnnn/7U2buFemYCu8nb7bVSxMgoM6KK6PbpgeR0Pqv9YAr6odhOczXEav29qkndMDB/jhFnMCRoae

Response

HTTP/2.0 200

content-length: 0
access-control-allow-origin: *
date: Fri, 13 Dec 2024 18:09:27 GMT
alt-svc: h3=":443"; ma=93600
x-cdn-traceid: 0.4c367a5c.1734113367.a704609
GET

https://www.bing.com/rp/5A_wVM0BDlqDmkBnZeuIpN6wkcA.br.js

msedge.exe

Remote address:

95.101.143.210:443

Request

GET /rp/5A_wVM0BDlqDmkBnZeuIpN6wkcA.br.js HTTP/2.0
host: www.bing.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://www.bing.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "90.0.818.66"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
dnt: 1
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://www.bing.com/search?q=ransomware+downlouds&cvid=7e729d80db1740afaef3a04217b93d4b&aqs=edge..69i57j0l6.4165j0j4&FORM=ANAB01&PC=U531
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: MUID=2F4E2904EB0462ED0C753C50EA6963F3
cookie: MUIDB=2F4E2904EB0462ED0C753C50EA6963F3
cookie: _EDGE_S=F=1&SID=1FCCA6982E7F6C8F0728B3CC2F126D2A
cookie: _EDGE_V=1
cookie: USRLOC=HS=1
cookie: _SS=PC=U531&SID=1FCCA6982E7F6C8F0728B3CC2F126D2A
cookie: SRCHS=PC=U531
cookie: SRCHD=AF=ANAB01
cookie: SRCHUID=V=2&GUID=8F1B49904A39427CA6233E79AB5BE299&dmnchg=1
cookie: SRCHUSR=DOB=20241213
cookie: SRCHHPGUSR=SRCHLANG=en
cookie: ak_bmsc=F184CDB549F535F0B1E550D997395A26~000000000000000000000000000000~YAAQTDZ6XBXtdbWTAQAAMBM2wRr1wf4++RX/YAOWqh730thSrLKlBKMU4VpVMXbgi/LvbmuVgzyOM8kUlacDwjH4uybO7kvKG6QRuI8SPwe1QGFlxiVicp5hmGd05WFcNWnHPVzMekCo/R0SLhvaoXl1fXaULy3kgl/fRGp8xw7oPHyej/BhgG3YyX7oEK9PSWocKQbv1arXPfYTr6Pq5yZSN5gwlVVI1u9lfdVi4roZ6DhkyAUPIte/4/6rbnL5NOI3w7ljUelB+vV3TcmzPfreKRYeeCJXh/AD3CjtBdX5un91365jWwJXOGNWw6yGnnn/7U2buFemYCu8nb7bVSxMgoM6KK6PbpgeR0Pqv9YAr6odhOczXEav29qkndMDB/jhFnMCRoae

Response

HTTP/2.0 204

access-control-allow-origin: *
date: Fri, 13 Dec 2024 18:09:27 GMT
alt-svc: h3=":443"; ma=93600
x-cdn-traceid: 0.4c367a5c.1734113367.a70460a
GET

https://www.bing.com/rewardsapp/widgetassets/prod/medallion/1.1.2/js/widget.js?t=241213

msedge.exe

Remote address:

95.101.143.210:443

Request

GET /rewardsapp/widgetassets/prod/medallion/1.1.2/js/widget.js?t=241213 HTTP/2.0
host: www.bing.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "90.0.818.66"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.bing.com/search?q=ransomware+downlouds&cvid=7e729d80db1740afaef3a04217b93d4b&aqs=edge..69i57j0l6.4165j0j4&FORM=ANAB01&PC=U531
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: MUID=2F4E2904EB0462ED0C753C50EA6963F3
cookie: MUIDB=2F4E2904EB0462ED0C753C50EA6963F3
cookie: _EDGE_S=F=1&SID=1FCCA6982E7F6C8F0728B3CC2F126D2A
cookie: _EDGE_V=1
cookie: USRLOC=HS=1
cookie: _SS=PC=U531&SID=1FCCA6982E7F6C8F0728B3CC2F126D2A
cookie: SRCHS=PC=U531
cookie: SRCHD=AF=ANAB01
cookie: SRCHUID=V=2&GUID=8F1B49904A39427CA6233E79AB5BE299&dmnchg=1
cookie: SRCHUSR=DOB=20241213
cookie: SRCHHPGUSR=SRCHLANG=en
cookie: ak_bmsc=F184CDB549F535F0B1E550D997395A26~000000000000000000000000000000~YAAQTDZ6XBXtdbWTAQAAMBM2wRr1wf4++RX/YAOWqh730thSrLKlBKMU4VpVMXbgi/LvbmuVgzyOM8kUlacDwjH4uybO7kvKG6QRuI8SPwe1QGFlxiVicp5hmGd05WFcNWnHPVzMekCo/R0SLhvaoXl1fXaULy3kgl/fRGp8xw7oPHyej/BhgG3YyX7oEK9PSWocKQbv1arXPfYTr6Pq5yZSN5gwlVVI1u9lfdVi4roZ6DhkyAUPIte/4/6rbnL5NOI3w7ljUelB+vV3TcmzPfreKRYeeCJXh/AD3CjtBdX5un91365jWwJXOGNWw6yGnnn/7U2buFemYCu8nb7bVSxMgoM6KK6PbpgeR0Pqv9YAr6odhOczXEav29qkndMDB/jhFnMCRoae

Response

HTTP/2.0 200

content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=21600
content-encoding: br
last-modified: Wed, 13 Nov 2024 18:09:46 GMT
vary: Accept-Encoding
x-ms-request-id: 1c421414-601e-004c-0235-4df7bb000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
x-azure-ref: 20241213T080000Z-r1c6d8bb987lfgf6hC1DB1a5us00000001zg000000008em8
x-fd-int-roxy-purgeid: 0
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
x-ceto-ref: 675be9801ff34313b2704ace849e06d9|AFD:675be9801ff34313b2704ace849e06d9|2024-12-13T08:00:00.705Z
content-length: 48856
date: Fri, 13 Dec 2024 18:09:27 GMT
alt-svc: h3=":443"; ma=93600
x-cdn-traceid: 0.4c367a5c.1734113367.a704659
GET

https://www.bing.com/rp/em88jYr3ZOv7yX3AqoOU5z8EEnA.png

msedge.exe

Remote address:

95.101.143.210:443

Request

GET /rp/em88jYr3ZOv7yX3AqoOU5z8EEnA.png HTTP/2.0
host: www.bing.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "90.0.818.66"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.bing.com/search?q=ransomware+downlouds&cvid=7e729d80db1740afaef3a04217b93d4b&aqs=edge..69i57j0l6.4165j0j4&FORM=ANAB01&PC=U531
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: MUID=2F4E2904EB0462ED0C753C50EA6963F3
cookie: MUIDB=2F4E2904EB0462ED0C753C50EA6963F3
cookie: _EDGE_S=F=1&SID=1FCCA6982E7F6C8F0728B3CC2F126D2A
cookie: _EDGE_V=1
cookie: USRLOC=HS=1
cookie: _SS=PC=U531&SID=1FCCA6982E7F6C8F0728B3CC2F126D2A
cookie: SRCHS=PC=U531
cookie: SRCHD=AF=ANAB01
cookie: SRCHUID=V=2&GUID=8F1B49904A39427CA6233E79AB5BE299&dmnchg=1
cookie: SRCHUSR=DOB=20241213
cookie: ak_bmsc=F184CDB549F535F0B1E550D997395A26~000000000000000000000000000000~YAAQTDZ6XBXtdbWTAQAAMBM2wRr1wf4++RX/YAOWqh730thSrLKlBKMU4VpVMXbgi/LvbmuVgzyOM8kUlacDwjH4uybO7kvKG6QRuI8SPwe1QGFlxiVicp5hmGd05WFcNWnHPVzMekCo/R0SLhvaoXl1fXaULy3kgl/fRGp8xw7oPHyej/BhgG3YyX7oEK9PSWocKQbv1arXPfYTr6Pq5yZSN5gwlVVI1u9lfdVi4roZ6DhkyAUPIte/4/6rbnL5NOI3w7ljUelB+vV3TcmzPfreKRYeeCJXh/AD3CjtBdX5un91365jWwJXOGNWw6yGnnn/7U2buFemYCu8nb7bVSxMgoM6KK6PbpgeR0Pqv9YAr6odhOczXEav29qkndMDB/jhFnMCRoae
cookie: SRCHHPGUSR=SRCHLANG=en&DM=0

Response

HTTP/2.0 200

expires: Thu, 28 Nov 2024 10:42:30 GMT
last-modified: Tue, 24 Sep 2024 06:45:05 GMT
etag: 0x8DCDC646C9AF5F4
cache-control: public, no-transform, max-age=314721
akamai-grn: 0.a3777b5c.1728974494.ceaeeaa
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
content-length: 1929
content-type: image/png
content-md5: TBVfy13T2kZEUa0kC23mBg==
x-ms-request-id: 1d60634c-401e-0052-2736-1bf762000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
date: Fri, 13 Dec 2024 18:09:27 GMT
alt-svc: h3=":443"; ma=93600
x-cdn-traceid: 0.4c367a5c.1734113367.a70465e
GET

https://www.bing.com/geolocation/write?isDevLoc=false&lat=51.98436737060547&lon=-0.22957976162433624&dispName=Letchworth%252C%2520Hertfordshire&isEff=1&effLocType=4&clientsid=undefined

msedge.exe

Remote address:

95.101.143.210:443

Request

GET /geolocation/write?isDevLoc=false&lat=51.98436737060547&lon=-0.22957976162433624&dispName=Letchworth%252C%2520Hertfordshire&isEff=1&effLocType=4&clientsid=undefined HTTP/2.0
host: www.bing.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "90.0.818.66"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.bing.com/search?q=ransomware+downlouds&cvid=7e729d80db1740afaef3a04217b93d4b&aqs=edge..69i57j0l6.4165j0j4&FORM=ANAB01&PC=U531
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: MUID=2F4E2904EB0462ED0C753C50EA6963F3
cookie: MUIDB=2F4E2904EB0462ED0C753C50EA6963F3
cookie: _EDGE_S=F=1&SID=1FCCA6982E7F6C8F0728B3CC2F126D2A
cookie: _EDGE_V=1
cookie: USRLOC=HS=1
cookie: _SS=PC=U531&SID=1FCCA6982E7F6C8F0728B3CC2F126D2A
cookie: SRCHS=PC=U531
cookie: SRCHD=AF=ANAB01
cookie: SRCHUID=V=2&GUID=8F1B49904A39427CA6233E79AB5BE299&dmnchg=1
cookie: SRCHUSR=DOB=20241213
cookie: ak_bmsc=F184CDB549F535F0B1E550D997395A26~000000000000000000000000000000~YAAQTDZ6XBXtdbWTAQAAMBM2wRr1wf4++RX/YAOWqh730thSrLKlBKMU4VpVMXbgi/LvbmuVgzyOM8kUlacDwjH4uybO7kvKG6QRuI8SPwe1QGFlxiVicp5hmGd05WFcNWnHPVzMekCo/R0SLhvaoXl1fXaULy3kgl/fRGp8xw7oPHyej/BhgG3YyX7oEK9PSWocKQbv1arXPfYTr6Pq5yZSN5gwlVVI1u9lfdVi4roZ6DhkyAUPIte/4/6rbnL5NOI3w7ljUelB+vV3TcmzPfreKRYeeCJXh/AD3CjtBdX5un91365jWwJXOGNWw6yGnnn/7U2buFemYCu8nb7bVSxMgoM6KK6PbpgeR0Pqv9YAr6odhOczXEav29qkndMDB/jhFnMCRoae
cookie: SRCHHPGUSR=SRCHLANG=en&DM=0&BRW=M&BRH=S&CW=1280&CH=601&SCW=1263&SCH=2629&DPR=1.0&UTC=0

Response

HTTP/2.0 200

cache-control: private
content-length: 1
content-type: text/html
content-encoding: br
vary: Accept-Encoding
p3p: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
x-eventid: 675c785796fa4c8c9f5e0704d42a72e1
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, ECT, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
useragentreductionoptout: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
content-security-policy: script-src https: 'strict-dynamic' 'report-sample' 'wasm-unsafe-eval' 'nonce-54eHVfQNvdWPWzJPnM+ZNTAscvpcWInIfIrvT8FbKx0='; base-uri 'self';report-to csp-endpoint
report-to: {"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
x-msedge-ref: Ref A: 7F4E51E5DEC34CF5B7045D7A5604EAD1 Ref B: LON601060107034 Ref C: 2024-12-13T18:09:27Z
date: Fri, 13 Dec 2024 18:09:27 GMT
set-cookie: MUIDB=2F4E2904EB0462ED0C753C50EA6963F3; expires=Wed, 07-Jan-2026 18:09:27 GMT; path=/; HttpOnly
set-cookie: SRCHHPGUSR=SRCHLANG=en&DM=0&BRW=M&BRH=S&CW=1280&CH=601&SCW=1263&SCH=2629&DPR=1.0&UTC=0&PV=10.0; domain=.bing.com; expires=Wed, 07-Jan-2026 18:09:27 GMT; path=/; secure; SameSite=None
set-cookie: USRLOC=HS=1&ELOC=LAT=51.98436737060547|LON=-0.22957976162433624|N=Letchworth%2C%20Hertfordshire|ELT=4|; domain=.bing.com; expires=Wed, 07-Jan-2026 18:09:27 GMT; path=/; secure; HttpOnly; SameSite=None
set-cookie: SRCHS=; domain=.bing.com; expires=Thu, 01-Jan-1970 08:00:00 GMT; path=/; secure; SameSite=None
set-cookie: SRCHS=; expires=Thu, 01-Jan-1970 08:00:00 GMT; path=/; secure; SameSite=None
alt-svc: h3=":443"; ma=93600
x-cdn-traceid: 0.4c367a5c.1734113367.a70466f
GET

https://www.bing.com/fd/ls/l?IG=0DD49FA7ED914E5E96F20FA0AFFB5C37&CID=2F4E2904EB0462ED0C753C50EA6963F3&TYPE=Event.ClientInst&DATA=%5B%7B%22T%22%3A%22CI.Init%22%2C%22TS%22%3A1734113366235%2C%22Name%22%3A%22Base%22%2C%22FID%22%3A%22CI%22%7D%2C%7B%22Rtt%22%3A%22150%22%2C%22Downlink%22%3A%227.3%22%2C%22T%22%3A%22CI.NetworkPerformance%22%2C%22TS%22%3A1734113366235%2C%22Name%22%3A%22timinginfo%22%2C%22FID%22%3A%22NetworkPerformanceDetails%22%7D%2C%7B%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1734113366243%2C%22Name%22%3A%220%22%2C%22FID%22%3A%22EdgeSpoofing%22%7D%2C%7B%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1734113366244%2C%22Name%22%3A%220%22%2C%22FID%22%3A%22DM%22%7D%5D

msedge.exe

Remote address:

95.101.143.210:443

Request

GET /fd/ls/l?IG=0DD49FA7ED914E5E96F20FA0AFFB5C37&CID=2F4E2904EB0462ED0C753C50EA6963F3&TYPE=Event.ClientInst&DATA=%5B%7B%22T%22%3A%22CI.Init%22%2C%22TS%22%3A1734113366235%2C%22Name%22%3A%22Base%22%2C%22FID%22%3A%22CI%22%7D%2C%7B%22Rtt%22%3A%22150%22%2C%22Downlink%22%3A%227.3%22%2C%22T%22%3A%22CI.NetworkPerformance%22%2C%22TS%22%3A1734113366235%2C%22Name%22%3A%22timinginfo%22%2C%22FID%22%3A%22NetworkPerformanceDetails%22%7D%2C%7B%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1734113366243%2C%22Name%22%3A%220%22%2C%22FID%22%3A%22EdgeSpoofing%22%7D%2C%7B%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1734113366244%2C%22Name%22%3A%220%22%2C%22FID%22%3A%22DM%22%7D%5D HTTP/2.0
host: www.bing.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "90.0.818.66"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.bing.com/search?q=ransomware+downlouds&cvid=7e729d80db1740afaef3a04217b93d4b&aqs=edge..69i57j0l6.4165j0j4&FORM=ANAB01&PC=U531
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: MUID=2F4E2904EB0462ED0C753C50EA6963F3
cookie: MUIDB=2F4E2904EB0462ED0C753C50EA6963F3
cookie: _EDGE_S=F=1&SID=1FCCA6982E7F6C8F0728B3CC2F126D2A
cookie: _EDGE_V=1
cookie: USRLOC=HS=1
cookie: _SS=PC=U531&SID=1FCCA6982E7F6C8F0728B3CC2F126D2A
cookie: SRCHS=PC=U531
cookie: SRCHD=AF=ANAB01
cookie: SRCHUID=V=2&GUID=8F1B49904A39427CA6233E79AB5BE299&dmnchg=1
cookie: SRCHUSR=DOB=20241213
cookie: ak_bmsc=F184CDB549F535F0B1E550D997395A26~000000000000000000000000000000~YAAQTDZ6XBXtdbWTAQAAMBM2wRr1wf4++RX/YAOWqh730thSrLKlBKMU4VpVMXbgi/LvbmuVgzyOM8kUlacDwjH4uybO7kvKG6QRuI8SPwe1QGFlxiVicp5hmGd05WFcNWnHPVzMekCo/R0SLhvaoXl1fXaULy3kgl/fRGp8xw7oPHyej/BhgG3YyX7oEK9PSWocKQbv1arXPfYTr6Pq5yZSN5gwlVVI1u9lfdVi4roZ6DhkyAUPIte/4/6rbnL5NOI3w7ljUelB+vV3TcmzPfreKRYeeCJXh/AD3CjtBdX5un91365jWwJXOGNWw6yGnnn/7U2buFemYCu8nb7bVSxMgoM6KK6PbpgeR0Pqv9YAr6odhOczXEav29qkndMDB/jhFnMCRoae
cookie: SRCHHPGUSR=SRCHLANG=en&DM=0&BRW=M&BRH=S&CW=1280&CH=601&SCW=1263&SCH=2629&DPR=1.0&UTC=0

Response

HTTP/2.0 200

last-modified: Tue, 24 Sep 2024 06:17:12 GMT
etag: 0x8DCDC608780CE8B
content-length: 512
content-type: image/svg+xml
content-md5: G0HPjgI1nZPfetni3YDkOw==
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: f5f97b5b-c01e-002e-02f1-176a57000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cache-control: public, no-transform, max-age=97630
expires: Sat, 14 Dec 2024 21:16:37 GMT
date: Fri, 13 Dec 2024 18:09:27 GMT
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.4c367a5c.1734113367.a704719
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://www.bing.com/fd/ls/l?IG=0DD49FA7ED914E5E96F20FA0AFFB5C37&CID=2F4E2904EB0462ED0C753C50EA6963F3&TYPE=Event.ClientInst&DATA=%5B%7B%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1734113366244%2C%22Name%22%3A%220%22%2C%22FID%22%3A%22DARKMODE%22%7D%5D

msedge.exe

Remote address:

95.101.143.210:443

Request

GET /fd/ls/l?IG=0DD49FA7ED914E5E96F20FA0AFFB5C37&CID=2F4E2904EB0462ED0C753C50EA6963F3&TYPE=Event.ClientInst&DATA=%5B%7B%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1734113366244%2C%22Name%22%3A%220%22%2C%22FID%22%3A%22DARKMODE%22%7D%5D HTTP/2.0
host: www.bing.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "90.0.818.66"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.bing.com/search?q=ransomware+downlouds&cvid=7e729d80db1740afaef3a04217b93d4b&aqs=edge..69i57j0l6.4165j0j4&FORM=ANAB01&PC=U531
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: MUID=2F4E2904EB0462ED0C753C50EA6963F3
cookie: MUIDB=2F4E2904EB0462ED0C753C50EA6963F3
cookie: _EDGE_S=F=1&SID=1FCCA6982E7F6C8F0728B3CC2F126D2A
cookie: _EDGE_V=1
cookie: USRLOC=HS=1
cookie: _SS=PC=U531&SID=1FCCA6982E7F6C8F0728B3CC2F126D2A
cookie: SRCHS=PC=U531
cookie: SRCHD=AF=ANAB01
cookie: SRCHUID=V=2&GUID=8F1B49904A39427CA6233E79AB5BE299&dmnchg=1
cookie: SRCHUSR=DOB=20241213
cookie: ak_bmsc=F184CDB549F535F0B1E550D997395A26~000000000000000000000000000000~YAAQTDZ6XBXtdbWTAQAAMBM2wRr1wf4++RX/YAOWqh730thSrLKlBKMU4VpVMXbgi/LvbmuVgzyOM8kUlacDwjH4uybO7kvKG6QRuI8SPwe1QGFlxiVicp5hmGd05WFcNWnHPVzMekCo/R0SLhvaoXl1fXaULy3kgl/fRGp8xw7oPHyej/BhgG3YyX7oEK9PSWocKQbv1arXPfYTr6Pq5yZSN5gwlVVI1u9lfdVi4roZ6DhkyAUPIte/4/6rbnL5NOI3w7ljUelB+vV3TcmzPfreKRYeeCJXh/AD3CjtBdX5un91365jWwJXOGNWw6yGnnn/7U2buFemYCu8nb7bVSxMgoM6KK6PbpgeR0Pqv9YAr6odhOczXEav29qkndMDB/jhFnMCRoae
cookie: SRCHHPGUSR=SRCHLANG=en&DM=0&BRW=M&BRH=S&CW=1280&CH=601&SCW=1263&SCH=2629&DPR=1.0&UTC=0

Response

HTTP/2.0 200

last-modified: Tue, 24 Sep 2024 06:02:04 GMT
etag: 0x8DCDC5E6A2D8636
content-length: 349
content-type: image/svg+xml
content-md5: iRh5eBPrKqjGuvgWi/nStw==
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: b848dd36-301e-003b-4f2a-16a8ce000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cache-control: public, no-transform, max-age=54132
expires: Sat, 14 Dec 2024 09:11:39 GMT
date: Fri, 13 Dec 2024 18:09:27 GMT
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.4c367a5c.1734113367.a70471a
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://www.bing.com/fd/ls/l?IG=0DD49FA7ED914E5E96F20FA0AFFB5C37&CID=2F4E2904EB0462ED0C753C50EA6963F3&Type=Event.ClientInst&DATA=[{%22T%22:%22Info%22,%22FID%22:%22CI%22,%22Name%22:%22ClientDimNotSent%22,%22Text%22:%221%22}]

msedge.exe

Remote address:

95.101.143.210:443

Request

GET /fd/ls/l?IG=0DD49FA7ED914E5E96F20FA0AFFB5C37&CID=2F4E2904EB0462ED0C753C50EA6963F3&Type=Event.ClientInst&DATA=[{%22T%22:%22Info%22,%22FID%22:%22CI%22,%22Name%22:%22ClientDimNotSent%22,%22Text%22:%221%22}] HTTP/2.0
host: www.bing.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "90.0.818.66"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.bing.com/search?q=ransomware+downlouds&cvid=7e729d80db1740afaef3a04217b93d4b&aqs=edge..69i57j0l6.4165j0j4&FORM=ANAB01&PC=U531
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: MUID=2F4E2904EB0462ED0C753C50EA6963F3
cookie: MUIDB=2F4E2904EB0462ED0C753C50EA6963F3
cookie: _EDGE_S=F=1&SID=1FCCA6982E7F6C8F0728B3CC2F126D2A
cookie: _EDGE_V=1
cookie: USRLOC=HS=1
cookie: _SS=PC=U531&SID=1FCCA6982E7F6C8F0728B3CC2F126D2A
cookie: SRCHS=PC=U531
cookie: SRCHD=AF=ANAB01
cookie: SRCHUID=V=2&GUID=8F1B49904A39427CA6233E79AB5BE299&dmnchg=1
cookie: SRCHUSR=DOB=20241213
cookie: ak_bmsc=F184CDB549F535F0B1E550D997395A26~000000000000000000000000000000~YAAQTDZ6XBXtdbWTAQAAMBM2wRr1wf4++RX/YAOWqh730thSrLKlBKMU4VpVMXbgi/LvbmuVgzyOM8kUlacDwjH4uybO7kvKG6QRuI8SPwe1QGFlxiVicp5hmGd05WFcNWnHPVzMekCo/R0SLhvaoXl1fXaULy3kgl/fRGp8xw7oPHyej/BhgG3YyX7oEK9PSWocKQbv1arXPfYTr6Pq5yZSN5gwlVVI1u9lfdVi4roZ6DhkyAUPIte/4/6rbnL5NOI3w7ljUelB+vV3TcmzPfreKRYeeCJXh/AD3CjtBdX5un91365jWwJXOGNWw6yGnnn/7U2buFemYCu8nb7bVSxMgoM6KK6PbpgeR0Pqv9YAr6odhOczXEav29qkndMDB/jhFnMCRoae
cookie: SRCHHPGUSR=SRCHLANG=en&DM=0&BRW=M&BRH=S&CW=1280&CH=601&SCW=1263&SCH=2629&DPR=1.0&UTC=0

Response

HTTP/2.0 200

content-length: 0
access-control-allow-origin: *
date: Fri, 13 Dec 2024 18:09:27 GMT
alt-svc: h3=":443"; ma=93600
x-cdn-traceid: 0.4c367a5c.1734113367.a70470a
GET

https://www.bing.com/fd/ls/l?IG=0DD49FA7ED914E5E96F20FA0AFFB5C37&CID=2F4E2904EB0462ED0C753C50EA6963F3&Type=Event.ClientInst&DATA=[{%22T%22:%22Info%22,%22FID%22:%22CI%22,%22Name%22:%22HasRR%22,%22Text%22:%221%22}]

msedge.exe

Remote address:

95.101.143.210:443

Request

GET /fd/ls/l?IG=0DD49FA7ED914E5E96F20FA0AFFB5C37&CID=2F4E2904EB0462ED0C753C50EA6963F3&Type=Event.ClientInst&DATA=[{%22T%22:%22Info%22,%22FID%22:%22CI%22,%22Name%22:%22HasRR%22,%22Text%22:%221%22}] HTTP/2.0
host: www.bing.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "90.0.818.66"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.bing.com/search?q=ransomware+downlouds&cvid=7e729d80db1740afaef3a04217b93d4b&aqs=edge..69i57j0l6.4165j0j4&FORM=ANAB01&PC=U531
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: MUID=2F4E2904EB0462ED0C753C50EA6963F3
cookie: MUIDB=2F4E2904EB0462ED0C753C50EA6963F3
cookie: _EDGE_S=F=1&SID=1FCCA6982E7F6C8F0728B3CC2F126D2A
cookie: _EDGE_V=1
cookie: USRLOC=HS=1
cookie: _SS=PC=U531&SID=1FCCA6982E7F6C8F0728B3CC2F126D2A
cookie: SRCHS=PC=U531
cookie: SRCHD=AF=ANAB01
cookie: SRCHUID=V=2&GUID=8F1B49904A39427CA6233E79AB5BE299&dmnchg=1
cookie: SRCHUSR=DOB=20241213
cookie: ak_bmsc=F184CDB549F535F0B1E550D997395A26~000000000000000000000000000000~YAAQTDZ6XBXtdbWTAQAAMBM2wRr1wf4++RX/YAOWqh730thSrLKlBKMU4VpVMXbgi/LvbmuVgzyOM8kUlacDwjH4uybO7kvKG6QRuI8SPwe1QGFlxiVicp5hmGd05WFcNWnHPVzMekCo/R0SLhvaoXl1fXaULy3kgl/fRGp8xw7oPHyej/BhgG3YyX7oEK9PSWocKQbv1arXPfYTr6Pq5yZSN5gwlVVI1u9lfdVi4roZ6DhkyAUPIte/4/6rbnL5NOI3w7ljUelB+vV3TcmzPfreKRYeeCJXh/AD3CjtBdX5un91365jWwJXOGNWw6yGnnn/7U2buFemYCu8nb7bVSxMgoM6KK6PbpgeR0Pqv9YAr6odhOczXEav29qkndMDB/jhFnMCRoae
cookie: SRCHHPGUSR=SRCHLANG=en&DM=0&BRW=M&BRH=S&CW=1280&CH=601&SCW=1263&SCH=2629&DPR=1.0&UTC=0

Response

HTTP/2.0 200

content-length: 0
access-control-allow-origin: *
date: Fri, 13 Dec 2024 18:09:27 GMT
alt-svc: h3=":443"; ma=93600
x-cdn-traceid: 0.4c367a5c.1734113367.a70470b
GET

https://www.bing.com/fd/ls/l?IG=0DD49FA7ED914E5E96F20FA0AFFB5C37&CID=2F4E2904EB0462ED0C753C50EA6963F3&TYPE=Event.ClientInst&DATA=%5B%7B%22width%22%3A%221280%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1734113366246%2C%22Name%22%3A%22M%22%2C%22FID%22%3A%22BRW%22%7D%2C%7B%22height%22%3A%22601%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1734113366247%2C%22Name%22%3A%22S%22%2C%22FID%22%3A%22BRH%22%7D%2C%7B%22RawDPR%22%3A%221.0%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1734113366251%2C%22Name%22%3A%221.0%22%2C%22FID%22%3A%22DPR%22%7D%2C%7B%22T%22%3A%22CI.SCArrST%22%2C%22TS%22%3A1734113366251%2C%22Name%22%3A497%2C%22FID%22%3A%22SCArrST%22%7D%2C%7B%22Namespace%22%3A%22SearchHarder%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1734113366251%2C%22Name%22%3A%22ButtonVisible%22%2C%22FID%22%3A%22SearchHarderEntryPoint%22%7D%2C%7B%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1734113366251%2C%22Name%22%3A%22VisibleOrDelayed%22%2C%22FID%22%3A%22BottomBanner%22%7D%2C%7B%22ID%22%3A%2263245%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1734113366251%2C%22Name%22%3A%22BottomBanner%22%2C%22FID%22%3A%22Mcp%22%7D%2C%7B%22T%22%3A%22CI.BNP%22%2C%22TS%22%3A1734113366251%2C%22Name%22%3A%22bnp.notif.shown%22%2C%22FID%22%3A%2263245%22%7D%2C%7B%22T%22%3A%22CI.BNP%22%2C%22TS%22%3A1734113366251%2C%22Name%22%3A%22InitializationStarted%22%2C%22FID%22%3A%2263245%22%7D%2C%7B%22T%22%3A%22CI.BNP%22%2C%22TS%22%3A1734113366251%2C%22Name%22%3A%22bnp.embed.ready%22%2C%22FID%22%3A%2263245%22%7D%2C%7B%22ID%22%3A%2263245%22%2C%22T%22%3A%22CI.BNPUxAssetIndex%22%2C%22TS%22%3A1734113366251%2C%22Name%22%3A0%2C%22FID%22%3A%22BNP%22%7D%2C%7B%22T%22%3A%22CI.BNP%22%2C%22TS%22%3A1734113366251%2C%22Name%22%3A1263%2C%22FID%22%3A%22ViewPortWidth%22%7D%2C%7B%22T%22%3A%22CI.BNP%22%2C%22TS%22%3A1734113366251%2C%22Name%22%3A%22OfferIdMissing%22%2C%22FID%22%3A%22BNPOfferId%22%7D%2C%7B%22T%22%3A%22CI.EffectiveLocation%22%2C%22TS%22%3A1734113366251%2C%22Name%22%3A%22tryWriteEffectiveLocation%22%2C%22FID%22%3A%22EffectiveLocation%22%7D%5D

msedge.exe

Remote address:

95.101.143.210:443

Request

GET /fd/ls/l?IG=0DD49FA7ED914E5E96F20FA0AFFB5C37&CID=2F4E2904EB0462ED0C753C50EA6963F3&TYPE=Event.ClientInst&DATA=%5B%7B%22width%22%3A%221280%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1734113366246%2C%22Name%22%3A%22M%22%2C%22FID%22%3A%22BRW%22%7D%2C%7B%22height%22%3A%22601%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1734113366247%2C%22Name%22%3A%22S%22%2C%22FID%22%3A%22BRH%22%7D%2C%7B%22RawDPR%22%3A%221.0%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1734113366251%2C%22Name%22%3A%221.0%22%2C%22FID%22%3A%22DPR%22%7D%2C%7B%22T%22%3A%22CI.SCArrST%22%2C%22TS%22%3A1734113366251%2C%22Name%22%3A497%2C%22FID%22%3A%22SCArrST%22%7D%2C%7B%22Namespace%22%3A%22SearchHarder%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1734113366251%2C%22Name%22%3A%22ButtonVisible%22%2C%22FID%22%3A%22SearchHarderEntryPoint%22%7D%2C%7B%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1734113366251%2C%22Name%22%3A%22VisibleOrDelayed%22%2C%22FID%22%3A%22BottomBanner%22%7D%2C%7B%22ID%22%3A%2263245%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1734113366251%2C%22Name%22%3A%22BottomBanner%22%2C%22FID%22%3A%22Mcp%22%7D%2C%7B%22T%22%3A%22CI.BNP%22%2C%22TS%22%3A1734113366251%2C%22Name%22%3A%22bnp.notif.shown%22%2C%22FID%22%3A%2263245%22%7D%2C%7B%22T%22%3A%22CI.BNP%22%2C%22TS%22%3A1734113366251%2C%22Name%22%3A%22InitializationStarted%22%2C%22FID%22%3A%2263245%22%7D%2C%7B%22T%22%3A%22CI.BNP%22%2C%22TS%22%3A1734113366251%2C%22Name%22%3A%22bnp.embed.ready%22%2C%22FID%22%3A%2263245%22%7D%2C%7B%22ID%22%3A%2263245%22%2C%22T%22%3A%22CI.BNPUxAssetIndex%22%2C%22TS%22%3A1734113366251%2C%22Name%22%3A0%2C%22FID%22%3A%22BNP%22%7D%2C%7B%22T%22%3A%22CI.BNP%22%2C%22TS%22%3A1734113366251%2C%22Name%22%3A1263%2C%22FID%22%3A%22ViewPortWidth%22%7D%2C%7B%22T%22%3A%22CI.BNP%22%2C%22TS%22%3A1734113366251%2C%22Name%22%3A%22OfferIdMissing%22%2C%22FID%22%3A%22BNPOfferId%22%7D%2C%7B%22T%22%3A%22CI.EffectiveLocation%22%2C%22TS%22%3A1734113366251%2C%22Name%22%3A%22tryWriteEffectiveLocation%22%2C%22FID%22%3A%22EffectiveLocation%22%7D%5D HTTP/2.0
host: www.bing.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "90.0.818.66"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.bing.com/search?q=ransomware+downlouds&cvid=7e729d80db1740afaef3a04217b93d4b&aqs=edge..69i57j0l6.4165j0j4&FORM=ANAB01&PC=U531
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: MUID=2F4E2904EB0462ED0C753C50EA6963F3
cookie: MUIDB=2F4E2904EB0462ED0C753C50EA6963F3
cookie: _EDGE_S=F=1&SID=1FCCA6982E7F6C8F0728B3CC2F126D2A
cookie: _EDGE_V=1
cookie: USRLOC=HS=1
cookie: _SS=PC=U531&SID=1FCCA6982E7F6C8F0728B3CC2F126D2A
cookie: SRCHS=PC=U531
cookie: SRCHD=AF=ANAB01
cookie: SRCHUID=V=2&GUID=8F1B49904A39427CA6233E79AB5BE299&dmnchg=1
cookie: SRCHUSR=DOB=20241213
cookie: ak_bmsc=F184CDB549F535F0B1E550D997395A26~000000000000000000000000000000~YAAQTDZ6XBXtdbWTAQAAMBM2wRr1wf4++RX/YAOWqh730thSrLKlBKMU4VpVMXbgi/LvbmuVgzyOM8kUlacDwjH4uybO7kvKG6QRuI8SPwe1QGFlxiVicp5hmGd05WFcNWnHPVzMekCo/R0SLhvaoXl1fXaULy3kgl/fRGp8xw7oPHyej/BhgG3YyX7oEK9PSWocKQbv1arXPfYTr6Pq5yZSN5gwlVVI1u9lfdVi4roZ6DhkyAUPIte/4/6rbnL5NOI3w7ljUelB+vV3TcmzPfreKRYeeCJXh/AD3CjtBdX5un91365jWwJXOGNWw6yGnnn/7U2buFemYCu8nb7bVSxMgoM6KK6PbpgeR0Pqv9YAr6odhOczXEav29qkndMDB/jhFnMCRoae
cookie: SRCHHPGUSR=SRCHLANG=en&DM=0&BRW=M&BRH=S&CW=1280&CH=601&SCW=1263&SCH=2629&DPR=1.0&UTC=0

Response

HTTP/2.0 200

content-length: 0
access-control-allow-origin: *
date: Fri, 13 Dec 2024 18:09:27 GMT
alt-svc: h3=":443"; ma=93600
x-cdn-traceid: 0.4c367a5c.1734113367.a704718
GET

https://r.bing.com/rp/NbA_o5_JH0GEi8eQ-UOtARHo4pE.svg

msedge.exe

Remote address:

95.101.143.210:443

Request

GET /rp/NbA_o5_JH0GEi8eQ-UOtARHo4pE.svg HTTP/2.0
host: r.bing.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: MUID=2F4E2904EB0462ED0C753C50EA6963F3
cookie: _EDGE_S=F=1&SID=1FCCA6982E7F6C8F0728B3CC2F126D2A
cookie: _EDGE_V=1
cookie: USRLOC=HS=1
cookie: _SS=PC=U531&SID=1FCCA6982E7F6C8F0728B3CC2F126D2A
cookie: SRCHS=PC=U531
cookie: SRCHD=AF=ANAB01
cookie: SRCHUID=V=2&GUID=8F1B49904A39427CA6233E79AB5BE299&dmnchg=1
cookie: SRCHUSR=DOB=20241213
cookie: ak_bmsc=F184CDB549F535F0B1E550D997395A26~000000000000000000000000000000~YAAQTDZ6XBXtdbWTAQAAMBM2wRr1wf4++RX/YAOWqh730thSrLKlBKMU4VpVMXbgi/LvbmuVgzyOM8kUlacDwjH4uybO7kvKG6QRuI8SPwe1QGFlxiVicp5hmGd05WFcNWnHPVzMekCo/R0SLhvaoXl1fXaULy3kgl/fRGp8xw7oPHyej/BhgG3YyX7oEK9PSWocKQbv1arXPfYTr6Pq5yZSN5gwlVVI1u9lfdVi4roZ6DhkyAUPIte/4/6rbnL5NOI3w7ljUelB+vV3TcmzPfreKRYeeCJXh/AD3CjtBdX5un91365jWwJXOGNWw6yGnnn/7U2buFemYCu8nb7bVSxMgoM6KK6PbpgeR0Pqv9YAr6odhOczXEav29qkndMDB/jhFnMCRoae
cookie: SRCHHPGUSR=SRCHLANG=en&DM=0&BRW=M&BRH=S&CW=1280&CH=601&SCW=1263&SCH=2629&DPR=1.0&UTC=0

Response

HTTP/2.0 200

content-length: 0
access-control-allow-origin: *
date: Fri, 13 Dec 2024 18:09:27 GMT
alt-svc: h3=":443"; ma=93600
x-cdn-traceid: 0.4c367a5c.1734113367.a704717
GET

https://r.bing.com/rp/Dl3Mgy5b8mZk0rO25YbvLM3bp7Q.svg

msedge.exe

Remote address:

95.101.143.210:443

Request

GET /rp/Dl3Mgy5b8mZk0rO25YbvLM3bp7Q.svg HTTP/2.0
host: r.bing.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: MUID=2F4E2904EB0462ED0C753C50EA6963F3
cookie: _EDGE_S=F=1&SID=1FCCA6982E7F6C8F0728B3CC2F126D2A
cookie: _EDGE_V=1
cookie: USRLOC=HS=1
cookie: _SS=PC=U531&SID=1FCCA6982E7F6C8F0728B3CC2F126D2A
cookie: SRCHS=PC=U531
cookie: SRCHD=AF=ANAB01
cookie: SRCHUID=V=2&GUID=8F1B49904A39427CA6233E79AB5BE299&dmnchg=1
cookie: SRCHUSR=DOB=20241213
cookie: ak_bmsc=F184CDB549F535F0B1E550D997395A26~000000000000000000000000000000~YAAQTDZ6XBXtdbWTAQAAMBM2wRr1wf4++RX/YAOWqh730thSrLKlBKMU4VpVMXbgi/LvbmuVgzyOM8kUlacDwjH4uybO7kvKG6QRuI8SPwe1QGFlxiVicp5hmGd05WFcNWnHPVzMekCo/R0SLhvaoXl1fXaULy3kgl/fRGp8xw7oPHyej/BhgG3YyX7oEK9PSWocKQbv1arXPfYTr6Pq5yZSN5gwlVVI1u9lfdVi4roZ6DhkyAUPIte/4/6rbnL5NOI3w7ljUelB+vV3TcmzPfreKRYeeCJXh/AD3CjtBdX5un91365jWwJXOGNWw6yGnnn/7U2buFemYCu8nb7bVSxMgoM6KK6PbpgeR0Pqv9YAr6odhOczXEav29qkndMDB/jhFnMCRoae
cookie: SRCHHPGUSR=SRCHLANG=en&DM=0&BRW=M&BRH=S&CW=1280&CH=601&SCW=1263&SCH=2629&DPR=1.0&UTC=0

Response

HTTP/2.0 200

content-length: 0
access-control-allow-origin: *
date: Fri, 13 Dec 2024 18:09:27 GMT
alt-svc: h3=":443"; ma=93600
x-cdn-traceid: 0.4c367a5c.1734113367.a704765
GET

https://www.bing.com/fd/ls/l?IG=0DD49FA7ED914E5E96F20FA0AFFB5C37&CID=2F4E2904EB0462ED0C753C50EA6963F3&TYPE=Event.ClientInst&DATA=%5B%7B%22T%22%3A%22CI.EffectiveLocation%22%2C%22TS%22%3A1734113366433%2C%22Name%22%3A%22WriteEffectiveLocationSuccess%22%2C%22FID%22%3A%22EffectiveLocation%22%7D%5D

msedge.exe

Remote address:

95.101.143.210:443

Request

GET /fd/ls/l?IG=0DD49FA7ED914E5E96F20FA0AFFB5C37&CID=2F4E2904EB0462ED0C753C50EA6963F3&TYPE=Event.ClientInst&DATA=%5B%7B%22T%22%3A%22CI.EffectiveLocation%22%2C%22TS%22%3A1734113366433%2C%22Name%22%3A%22WriteEffectiveLocationSuccess%22%2C%22FID%22%3A%22EffectiveLocation%22%7D%5D HTTP/2.0
host: www.bing.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "90.0.818.66"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.bing.com/search?q=ransomware+downlouds&cvid=7e729d80db1740afaef3a04217b93d4b&aqs=edge..69i57j0l6.4165j0j4&FORM=ANAB01&PC=U531
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: MUID=2F4E2904EB0462ED0C753C50EA6963F3
cookie: _EDGE_S=F=1&SID=1FCCA6982E7F6C8F0728B3CC2F126D2A
cookie: _EDGE_V=1
cookie: _SS=PC=U531&SID=1FCCA6982E7F6C8F0728B3CC2F126D2A
cookie: SRCHD=AF=ANAB01
cookie: SRCHUID=V=2&GUID=8F1B49904A39427CA6233E79AB5BE299&dmnchg=1
cookie: SRCHUSR=DOB=20241213
cookie: ak_bmsc=F184CDB549F535F0B1E550D997395A26~000000000000000000000000000000~YAAQTDZ6XBXtdbWTAQAAMBM2wRr1wf4++RX/YAOWqh730thSrLKlBKMU4VpVMXbgi/LvbmuVgzyOM8kUlacDwjH4uybO7kvKG6QRuI8SPwe1QGFlxiVicp5hmGd05WFcNWnHPVzMekCo/R0SLhvaoXl1fXaULy3kgl/fRGp8xw7oPHyej/BhgG3YyX7oEK9PSWocKQbv1arXPfYTr6Pq5yZSN5gwlVVI1u9lfdVi4roZ6DhkyAUPIte/4/6rbnL5NOI3w7ljUelB+vV3TcmzPfreKRYeeCJXh/AD3CjtBdX5un91365jWwJXOGNWw6yGnnn/7U2buFemYCu8nb7bVSxMgoM6KK6PbpgeR0Pqv9YAr6odhOczXEav29qkndMDB/jhFnMCRoae
cookie: MUIDB=2F4E2904EB0462ED0C753C50EA6963F3
cookie: SRCHHPGUSR=SRCHLANG=en&DM=0&BRW=M&BRH=S&CW=1280&CH=601&SCW=1263&SCH=2629&DPR=1.0&UTC=0&PV=10.0
cookie: USRLOC=HS=1&ELOC=LAT=51.98436737060547|LON=-0.22957976162433624|N=Letchworth%2C%20Hertfordshire|ELT=4|

Response

HTTP/2.0 200

content-length: 0
access-control-allow-origin: *
date: Fri, 13 Dec 2024 18:09:27 GMT
alt-svc: h3=":443"; ma=93600
x-cdn-traceid: 0.4c367a5c.1734113367.a704716
GET

https://www.bing.com/fd/ls/l?IG=0DD49FA7ED914E5E96F20FA0AFFB5C37&CID=2F4E2904EB0462ED0C753C50EA6963F3&Type=Event.ClientInst&DATA=[{%22T%22:%22CI.SERPSB%22,%22FID%22:%22CI%22,%22Name%22:%22CharCount%22,%22Text%22:%2220%22}]

msedge.exe

Remote address:

95.101.143.210:443

Request

GET /fd/ls/l?IG=0DD49FA7ED914E5E96F20FA0AFFB5C37&CID=2F4E2904EB0462ED0C753C50EA6963F3&Type=Event.ClientInst&DATA=[{%22T%22:%22CI.SERPSB%22,%22FID%22:%22CI%22,%22Name%22:%22CharCount%22,%22Text%22:%2220%22}] HTTP/2.0
host: www.bing.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "90.0.818.66"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.bing.com/search?q=ransomware+downlouds&cvid=7e729d80db1740afaef3a04217b93d4b&aqs=edge..69i57j0l6.4165j0j4&FORM=ANAB01&PC=U531
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: MUID=2F4E2904EB0462ED0C753C50EA6963F3
cookie: _EDGE_S=F=1&SID=1FCCA6982E7F6C8F0728B3CC2F126D2A
cookie: _EDGE_V=1
cookie: _SS=PC=U531&SID=1FCCA6982E7F6C8F0728B3CC2F126D2A
cookie: SRCHD=AF=ANAB01
cookie: SRCHUID=V=2&GUID=8F1B49904A39427CA6233E79AB5BE299&dmnchg=1
cookie: SRCHUSR=DOB=20241213
cookie: ak_bmsc=F184CDB549F535F0B1E550D997395A26~000000000000000000000000000000~YAAQTDZ6XBXtdbWTAQAAMBM2wRr1wf4++RX/YAOWqh730thSrLKlBKMU4VpVMXbgi/LvbmuVgzyOM8kUlacDwjH4uybO7kvKG6QRuI8SPwe1QGFlxiVicp5hmGd05WFcNWnHPVzMekCo/R0SLhvaoXl1fXaULy3kgl/fRGp8xw7oPHyej/BhgG3YyX7oEK9PSWocKQbv1arXPfYTr6Pq5yZSN5gwlVVI1u9lfdVi4roZ6DhkyAUPIte/4/6rbnL5NOI3w7ljUelB+vV3TcmzPfreKRYeeCJXh/AD3CjtBdX5un91365jWwJXOGNWw6yGnnn/7U2buFemYCu8nb7bVSxMgoM6KK6PbpgeR0Pqv9YAr6odhOczXEav29qkndMDB/jhFnMCRoae
cookie: MUIDB=2F4E2904EB0462ED0C753C50EA6963F3
cookie: SRCHHPGUSR=SRCHLANG=en&DM=0&BRW=M&BRH=S&CW=1280&CH=601&SCW=1263&SCH=2629&DPR=1.0&UTC=0&PV=10.0
cookie: USRLOC=HS=1&ELOC=LAT=51.98436737060547|LON=-0.22957976162433624|N=Letchworth%2C%20Hertfordshire|ELT=4|

Response

HTTP/2.0 200

content-length: 0
access-control-allow-origin: *
date: Fri, 13 Dec 2024 18:09:27 GMT
alt-svc: h3=":443"; ma=93600
x-cdn-traceid: 0.4c367a5c.1734113367.a704884
GET

https://www.bing.com/fd/ls/l?IG=0DD49FA7ED914E5E96F20FA0AFFB5C37&CID=2F4E2904EB0462ED0C753C50EA6963F3&Type=Event.ClientInst&DATA=[{%22T%22:%22CI.SERPSB%22,%22FID%22:%22CI%22,%22Name%22:%22LandingRows%22,%22Text%22:%221%22}]

msedge.exe

Remote address:

95.101.143.210:443

Request

GET /fd/ls/l?IG=0DD49FA7ED914E5E96F20FA0AFFB5C37&CID=2F4E2904EB0462ED0C753C50EA6963F3&Type=Event.ClientInst&DATA=[{%22T%22:%22CI.SERPSB%22,%22FID%22:%22CI%22,%22Name%22:%22LandingRows%22,%22Text%22:%221%22}] HTTP/2.0
host: www.bing.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "90.0.818.66"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.bing.com/search?q=ransomware+downlouds&cvid=7e729d80db1740afaef3a04217b93d4b&aqs=edge..69i57j0l6.4165j0j4&FORM=ANAB01&PC=U531
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: MUID=2F4E2904EB0462ED0C753C50EA6963F3
cookie: _EDGE_S=F=1&SID=1FCCA6982E7F6C8F0728B3CC2F126D2A
cookie: _EDGE_V=1
cookie: _SS=PC=U531&SID=1FCCA6982E7F6C8F0728B3CC2F126D2A
cookie: SRCHD=AF=ANAB01
cookie: SRCHUID=V=2&GUID=8F1B49904A39427CA6233E79AB5BE299&dmnchg=1
cookie: SRCHUSR=DOB=20241213
cookie: ak_bmsc=F184CDB549F535F0B1E550D997395A26~000000000000000000000000000000~YAAQTDZ6XBXtdbWTAQAAMBM2wRr1wf4++RX/YAOWqh730thSrLKlBKMU4VpVMXbgi/LvbmuVgzyOM8kUlacDwjH4uybO7kvKG6QRuI8SPwe1QGFlxiVicp5hmGd05WFcNWnHPVzMekCo/R0SLhvaoXl1fXaULy3kgl/fRGp8xw7oPHyej/BhgG3YyX7oEK9PSWocKQbv1arXPfYTr6Pq5yZSN5gwlVVI1u9lfdVi4roZ6DhkyAUPIte/4/6rbnL5NOI3w7ljUelB+vV3TcmzPfreKRYeeCJXh/AD3CjtBdX5un91365jWwJXOGNWw6yGnnn/7U2buFemYCu8nb7bVSxMgoM6KK6PbpgeR0Pqv9YAr6odhOczXEav29qkndMDB/jhFnMCRoae
cookie: MUIDB=2F4E2904EB0462ED0C753C50EA6963F3
cookie: SRCHHPGUSR=SRCHLANG=en&DM=0&BRW=M&BRH=S&CW=1280&CH=601&SCW=1263&SCH=2629&DPR=1.0&UTC=0&PV=10.0
cookie: USRLOC=HS=1&ELOC=LAT=51.98436737060547|LON=-0.22957976162433624|N=Letchworth%2C%20Hertfordshire|ELT=4|

Response

HTTP/2.0 200

content-length: 0
access-control-allow-origin: *
date: Fri, 13 Dec 2024 18:09:27 GMT
alt-svc: h3=":443"; ma=93600
x-cdn-traceid: 0.4c367a5c.1734113367.a70488a
GET

https://www.bing.com/images/sbi?mmasync=1&ig=0DD49FA7ED914E5E96F20FA0AFFB5C37&iid=.5098&ptn=Web&ep=0&iconpl=1

msedge.exe

Remote address:

95.101.143.210:443

Request

GET /images/sbi?mmasync=1&ig=0DD49FA7ED914E5E96F20FA0AFFB5C37&iid=.5098&ptn=Web&ep=0&iconpl=1 HTTP/2.0
host: www.bing.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "90.0.818.66"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.bing.com/search?q=ransomware+downlouds&cvid=7e729d80db1740afaef3a04217b93d4b&aqs=edge..69i57j0l6.4165j0j4&FORM=ANAB01&PC=U531
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: MUID=2F4E2904EB0462ED0C753C50EA6963F3
cookie: _EDGE_S=F=1&SID=1FCCA6982E7F6C8F0728B3CC2F126D2A
cookie: _EDGE_V=1
cookie: _SS=PC=U531&SID=1FCCA6982E7F6C8F0728B3CC2F126D2A
cookie: SRCHD=AF=ANAB01
cookie: SRCHUID=V=2&GUID=8F1B49904A39427CA6233E79AB5BE299&dmnchg=1
cookie: SRCHUSR=DOB=20241213
cookie: ak_bmsc=F184CDB549F535F0B1E550D997395A26~000000000000000000000000000000~YAAQTDZ6XBXtdbWTAQAAMBM2wRr1wf4++RX/YAOWqh730thSrLKlBKMU4VpVMXbgi/LvbmuVgzyOM8kUlacDwjH4uybO7kvKG6QRuI8SPwe1QGFlxiVicp5hmGd05WFcNWnHPVzMekCo/R0SLhvaoXl1fXaULy3kgl/fRGp8xw7oPHyej/BhgG3YyX7oEK9PSWocKQbv1arXPfYTr6Pq5yZSN5gwlVVI1u9lfdVi4roZ6DhkyAUPIte/4/6rbnL5NOI3w7ljUelB+vV3TcmzPfreKRYeeCJXh/AD3CjtBdX5un91365jWwJXOGNWw6yGnnn/7U2buFemYCu8nb7bVSxMgoM6KK6PbpgeR0Pqv9YAr6odhOczXEav29qkndMDB/jhFnMCRoae
cookie: MUIDB=2F4E2904EB0462ED0C753C50EA6963F3
cookie: SRCHHPGUSR=SRCHLANG=en&DM=0&BRW=M&BRH=S&CW=1280&CH=601&SCW=1263&SCH=2629&DPR=1.0&UTC=0&PV=10.0
cookie: USRLOC=HS=1&ELOC=LAT=51.98436737060547|LON=-0.22957976162433624|N=Letchworth%2C%20Hertfordshire|ELT=4|

Response

HTTP/2.0 200

content-length: 0
access-control-allow-origin: *
date: Fri, 13 Dec 2024 18:09:28 GMT
alt-svc: h3=":443"; ma=93600
x-cdn-traceid: 0.4c367a5c.1734113368.a7048a8
GET

https://www.bing.com/fd/ls/l?IG=0DD49FA7ED914E5E96F20FA0AFFB5C37&CID=2F4E2904EB0462ED0C753C50EA6963F3&TYPE=Event.ClientInst&DATA=%5B%7B%22Namespace%22%3A%22SearchHarder%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1734113366533%2C%22Name%22%3A%22ButtonVisible%22%2C%22FID%22%3A%22SearchHarderEntryPoint%22%7D%2C%7B%22Time%22%3A1253%2C%22time%22%3A1254%2C%22T%22%3A%22CI.Latency%22%2C%22TS%22%3A1734113366792%2C%22Name%22%3A%22Loaded%22%2C%22FID%22%3A%22HP%22%7D%5D

msedge.exe

Remote address:

95.101.143.210:443

Request

GET /fd/ls/l?IG=0DD49FA7ED914E5E96F20FA0AFFB5C37&CID=2F4E2904EB0462ED0C753C50EA6963F3&TYPE=Event.ClientInst&DATA=%5B%7B%22Namespace%22%3A%22SearchHarder%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1734113366533%2C%22Name%22%3A%22ButtonVisible%22%2C%22FID%22%3A%22SearchHarderEntryPoint%22%7D%2C%7B%22Time%22%3A1253%2C%22time%22%3A1254%2C%22T%22%3A%22CI.Latency%22%2C%22TS%22%3A1734113366792%2C%22Name%22%3A%22Loaded%22%2C%22FID%22%3A%22HP%22%7D%5D HTTP/2.0
host: www.bing.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "90.0.818.66"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.bing.com/search?q=ransomware+downlouds&cvid=7e729d80db1740afaef3a04217b93d4b&aqs=edge..69i57j0l6.4165j0j4&FORM=ANAB01&PC=U531
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: MUID=2F4E2904EB0462ED0C753C50EA6963F3
cookie: _EDGE_S=F=1&SID=1FCCA6982E7F6C8F0728B3CC2F126D2A
cookie: _EDGE_V=1
cookie: _SS=PC=U531&SID=1FCCA6982E7F6C8F0728B3CC2F126D2A
cookie: SRCHD=AF=ANAB01
cookie: SRCHUID=V=2&GUID=8F1B49904A39427CA6233E79AB5BE299&dmnchg=1
cookie: SRCHUSR=DOB=20241213
cookie: ak_bmsc=F184CDB549F535F0B1E550D997395A26~000000000000000000000000000000~YAAQTDZ6XBXtdbWTAQAAMBM2wRr1wf4++RX/YAOWqh730thSrLKlBKMU4VpVMXbgi/LvbmuVgzyOM8kUlacDwjH4uybO7kvKG6QRuI8SPwe1QGFlxiVicp5hmGd05WFcNWnHPVzMekCo/R0SLhvaoXl1fXaULy3kgl/fRGp8xw7oPHyej/BhgG3YyX7oEK9PSWocKQbv1arXPfYTr6Pq5yZSN5gwlVVI1u9lfdVi4roZ6DhkyAUPIte/4/6rbnL5NOI3w7ljUelB+vV3TcmzPfreKRYeeCJXh/AD3CjtBdX5un91365jWwJXOGNWw6yGnnn/7U2buFemYCu8nb7bVSxMgoM6KK6PbpgeR0Pqv9YAr6odhOczXEav29qkndMDB/jhFnMCRoae
cookie: MUIDB=2F4E2904EB0462ED0C753C50EA6963F3
cookie: SRCHHPGUSR=SRCHLANG=en&DM=0&BRW=M&BRH=S&CW=1280&CH=601&SCW=1263&SCH=2629&DPR=1.0&UTC=0&PV=10.0
cookie: USRLOC=HS=1&ELOC=LAT=51.98436737060547|LON=-0.22957976162433624|N=Letchworth%2C%20Hertfordshire|ELT=4|

Response

HTTP/2.0 200

content-length: 16001
content-type: text/html; charset=utf-8
cache-control: private
content-encoding: br
vary: Accept-Encoding
x-eventid: 675c785883894cf28c1d4735d110752e
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, ECT, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
useragentreductionoptout: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
content-security-policy: script-src https: 'strict-dynamic' 'report-sample' 'wasm-unsafe-eval' 'nonce-DGKTPcz45NbGT8yMPrDyINzvj2BPnBXVMscJnznRVOs='; base-uri 'self';report-to csp-endpoint
report-to: {"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
p3p: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
date: Fri, 13 Dec 2024 18:09:28 GMT
set-cookie: SRCHHPGUSR=SRCHLANG=en&DM=0&BRW=M&BRH=S&CW=1280&CH=601&SCW=1263&SCH=2629&DPR=1.0&UTC=0&PV=10.0; domain=.bing.com; expires=Wed, 07-Jan-2026 18:09:28 GMT; path=/; secure; SameSite=None
alt-svc: h3=":443"; ma=93600
x-cdn-traceid: 0.4c367a5c.1734113368.a7048a0
GET

https://www.bing.com/fd/ls/l?IG=0DD49FA7ED914E5E96F20FA0AFFB5C37&CID=2F4E2904EB0462ED0C753C50EA6963F3&TYPE=Event.ClientInst&DATA=%5B%7B%22comp%22%3A%22loaded%22%2C%22time%22%3A1256%2C%22T%22%3A%22CI.Data%22%2C%22TS%22%3A1734113366794%2C%22Name%22%3A%22speech%22%2C%22FID%22%3A%22HP%22%7D%5D

msedge.exe

Remote address:

95.101.143.210:443

Request

GET /fd/ls/l?IG=0DD49FA7ED914E5E96F20FA0AFFB5C37&CID=2F4E2904EB0462ED0C753C50EA6963F3&TYPE=Event.ClientInst&DATA=%5B%7B%22comp%22%3A%22loaded%22%2C%22time%22%3A1256%2C%22T%22%3A%22CI.Data%22%2C%22TS%22%3A1734113366794%2C%22Name%22%3A%22speech%22%2C%22FID%22%3A%22HP%22%7D%5D HTTP/2.0
host: www.bing.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "90.0.818.66"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.bing.com/search?q=ransomware+downlouds&cvid=7e729d80db1740afaef3a04217b93d4b&aqs=edge..69i57j0l6.4165j0j4&FORM=ANAB01&PC=U531
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: MUID=2F4E2904EB0462ED0C753C50EA6963F3
cookie: _EDGE_S=F=1&SID=1FCCA6982E7F6C8F0728B3CC2F126D2A
cookie: _EDGE_V=1
cookie: _SS=PC=U531&SID=1FCCA6982E7F6C8F0728B3CC2F126D2A
cookie: SRCHD=AF=ANAB01
cookie: SRCHUID=V=2&GUID=8F1B49904A39427CA6233E79AB5BE299&dmnchg=1
cookie: SRCHUSR=DOB=20241213
cookie: ak_bmsc=F184CDB549F535F0B1E550D997395A26~000000000000000000000000000000~YAAQTDZ6XBXtdbWTAQAAMBM2wRr1wf4++RX/YAOWqh730thSrLKlBKMU4VpVMXbgi/LvbmuVgzyOM8kUlacDwjH4uybO7kvKG6QRuI8SPwe1QGFlxiVicp5hmGd05WFcNWnHPVzMekCo/R0SLhvaoXl1fXaULy3kgl/fRGp8xw7oPHyej/BhgG3YyX7oEK9PSWocKQbv1arXPfYTr6Pq5yZSN5gwlVVI1u9lfdVi4roZ6DhkyAUPIte/4/6rbnL5NOI3w7ljUelB+vV3TcmzPfreKRYeeCJXh/AD3CjtBdX5un91365jWwJXOGNWw6yGnnn/7U2buFemYCu8nb7bVSxMgoM6KK6PbpgeR0Pqv9YAr6odhOczXEav29qkndMDB/jhFnMCRoae
cookie: MUIDB=2F4E2904EB0462ED0C753C50EA6963F3
cookie: SRCHHPGUSR=SRCHLANG=en&DM=0&BRW=M&BRH=S&CW=1280&CH=601&SCW=1263&SCH=2629&DPR=1.0&UTC=0&PV=10.0
cookie: USRLOC=HS=1&ELOC=LAT=51.98436737060547|LON=-0.22957976162433624|N=Letchworth%2C%20Hertfordshire|ELT=4|

Response

HTTP/2.0 200

content-length: 0
access-control-allow-origin: *
date: Fri, 13 Dec 2024 18:09:28 GMT
alt-svc: h3=":443"; ma=93600
x-cdn-traceid: 0.4c367a5c.1734113368.a7048ad
GET

https://www.bing.com/fd/ls/l?IG=0DD49FA7ED914E5E96F20FA0AFFB5C37&CID=2F4E2904EB0462ED0C753C50EA6963F3&TYPE=Event.ClientInst&DATA=%5B%7B%22micComponent%22%3A%22rendered%22%2C%22time%22%3A1256%2C%22T%22%3A%22CI.Data%22%2C%22TS%22%3A1734113366794%2C%22Name%22%3A%22speech%22%2C%22FID%22%3A%22HP%22%7D%5D

msedge.exe

Remote address:

95.101.143.210:443

Request

GET /fd/ls/l?IG=0DD49FA7ED914E5E96F20FA0AFFB5C37&CID=2F4E2904EB0462ED0C753C50EA6963F3&TYPE=Event.ClientInst&DATA=%5B%7B%22micComponent%22%3A%22rendered%22%2C%22time%22%3A1256%2C%22T%22%3A%22CI.Data%22%2C%22TS%22%3A1734113366794%2C%22Name%22%3A%22speech%22%2C%22FID%22%3A%22HP%22%7D%5D HTTP/2.0
host: www.bing.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "90.0.818.66"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.bing.com/search?q=ransomware+downlouds&cvid=7e729d80db1740afaef3a04217b93d4b&aqs=edge..69i57j0l6.4165j0j4&FORM=ANAB01&PC=U531
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: MUID=2F4E2904EB0462ED0C753C50EA6963F3
cookie: _EDGE_S=F=1&SID=1FCCA6982E7F6C8F0728B3CC2F126D2A
cookie: _EDGE_V=1
cookie: _SS=PC=U531&SID=1FCCA6982E7F6C8F0728B3CC2F126D2A
cookie: SRCHD=AF=ANAB01
cookie: SRCHUID=V=2&GUID=8F1B49904A39427CA6233E79AB5BE299&dmnchg=1
cookie: SRCHUSR=DOB=20241213
cookie: ak_bmsc=F184CDB549F535F0B1E550D997395A26~000000000000000000000000000000~YAAQTDZ6XBXtdbWTAQAAMBM2wRr1wf4++RX/YAOWqh730thSrLKlBKMU4VpVMXbgi/LvbmuVgzyOM8kUlacDwjH4uybO7kvKG6QRuI8SPwe1QGFlxiVicp5hmGd05WFcNWnHPVzMekCo/R0SLhvaoXl1fXaULy3kgl/fRGp8xw7oPHyej/BhgG3YyX7oEK9PSWocKQbv1arXPfYTr6Pq5yZSN5gwlVVI1u9lfdVi4roZ6DhkyAUPIte/4/6rbnL5NOI3w7ljUelB+vV3TcmzPfreKRYeeCJXh/AD3CjtBdX5un91365jWwJXOGNWw6yGnnn/7U2buFemYCu8nb7bVSxMgoM6KK6PbpgeR0Pqv9YAr6odhOczXEav29qkndMDB/jhFnMCRoae
cookie: MUIDB=2F4E2904EB0462ED0C753C50EA6963F3
cookie: SRCHHPGUSR=SRCHLANG=en&DM=0&BRW=M&BRH=S&CW=1280&CH=601&SCW=1263&SCH=2629&DPR=1.0&UTC=0&PV=10.0
cookie: USRLOC=HS=1&ELOC=LAT=51.98436737060547|LON=-0.22957976162433624|N=Letchworth%2C%20Hertfordshire|ELT=4|

Response

HTTP/2.0 200

content-length: 0
access-control-allow-origin: *
date: Fri, 13 Dec 2024 18:09:28 GMT
alt-svc: h3=":443"; ma=93600
x-cdn-traceid: 0.4c367a5c.1734113368.a7048ac
POST

https://www.bing.com/rewardsapp/ncheader?ver=52069067&IID=SERP.5055&IG=0DD49FA7ED914E5E96F20FA0AFFB5C37

msedge.exe

Remote address:

95.101.143.210:443

Request

POST /rewardsapp/ncheader?ver=52069067&IID=SERP.5055&IG=0DD49FA7ED914E5E96F20FA0AFFB5C37 HTTP/2.0
host: www.bing.com
content-length: 4
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "90.0.818.66"
sec-ch-ua-platform-version: "10.0"
content-type: application/x-www-form-urlencoded
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
accept: */*
origin: https://www.bing.com
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.bing.com/search?q=ransomware+downlouds&cvid=7e729d80db1740afaef3a04217b93d4b&aqs=edge..69i57j0l6.4165j0j4&FORM=ANAB01&PC=U531
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: MUID=2F4E2904EB0462ED0C753C50EA6963F3
cookie: _EDGE_S=F=1&SID=1FCCA6982E7F6C8F0728B3CC2F126D2A
cookie: _EDGE_V=1
cookie: _SS=PC=U531&SID=1FCCA6982E7F6C8F0728B3CC2F126D2A
cookie: SRCHD=AF=ANAB01
cookie: SRCHUID=V=2&GUID=8F1B49904A39427CA6233E79AB5BE299&dmnchg=1
cookie: ak_bmsc=F184CDB549F535F0B1E550D997395A26~000000000000000000000000000000~YAAQTDZ6XBXtdbWTAQAAMBM2wRr1wf4++RX/YAOWqh730thSrLKlBKMU4VpVMXbgi/LvbmuVgzyOM8kUlacDwjH4uybO7kvKG6QRuI8SPwe1QGFlxiVicp5hmGd05WFcNWnHPVzMekCo/R0SLhvaoXl1fXaULy3kgl/fRGp8xw7oPHyej/BhgG3YyX7oEK9PSWocKQbv1arXPfYTr6Pq5yZSN5gwlVVI1u9lfdVi4roZ6DhkyAUPIte/4/6rbnL5NOI3w7ljUelB+vV3TcmzPfreKRYeeCJXh/AD3CjtBdX5un91365jWwJXOGNWw6yGnnn/7U2buFemYCu8nb7bVSxMgoM6KK6PbpgeR0Pqv9YAr6odhOczXEav29qkndMDB/jhFnMCRoae
cookie: MUIDB=2F4E2904EB0462ED0C753C50EA6963F3
cookie: SRCHHPGUSR=SRCHLANG=en&DM=0&BRW=M&BRH=S&CW=1280&CH=601&SCW=1263&SCH=2629&DPR=1.0&UTC=0&PV=10.0
cookie: USRLOC=HS=1&ELOC=LAT=51.98436737060547|LON=-0.22957976162433624|N=Letchworth%2C%20Hertfordshire|ELT=4|
cookie: SRCHUSR=DOB=20241213&T=1734113366000

Response

HTTP/2.0 200

content-length: 774
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
content-encoding: br
expires: -1
pragma: no-cache
vary: Accept-Encoding
x-eventid: 675c78588bd34a5088630d15b203fbae
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, ECT, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
useragentreductionoptout: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
content-security-policy: script-src https: 'strict-dynamic' 'report-sample' 'wasm-unsafe-eval' 'nonce-cPCXX+WnqkkPzkXiqihnPnnRXSN/iH+t1tc9Xh/sAmw='; base-uri 'self';report-to csp-endpoint
report-to: {"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
p3p: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
x-ceto-ref: 675c78588bd34a5088630d15b203fbae|AFD:675c78588bd34a5088630d15b203fbae|2024-12-13T18:09:28.062Z
date: Fri, 13 Dec 2024 18:09:28 GMT
set-cookie: _C_ETH=1; domain=.bing.com; path=/; secure; httponly
set-cookie: _C_Auth=
alt-svc: h3=":443"; ma=93600
x-cdn-traceid: 0.4c367a5c.1734113368.a7048c4
POST

https://www.bing.com/rewardsapp/reportActivity?IG=0DD49FA7ED914E5E96F20FA0AFFB5C37&IID=SERP.5064&q=ransomware+downlouds&cvid=7e729d80db1740afaef3a04217b93d4b&aqs=edge..69i57j0l6.4165j0j4&FORM=ANAB01&PC=U531

msedge.exe

Remote address:

95.101.143.210:443

Request

POST /rewardsapp/reportActivity?IG=0DD49FA7ED914E5E96F20FA0AFFB5C37&IID=SERP.5064&q=ransomware+downlouds&cvid=7e729d80db1740afaef3a04217b93d4b&aqs=edge..69i57j0l6.4165j0j4&FORM=ANAB01&PC=U531 HTTP/2.0
host: www.bing.com
content-length: 169
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "90.0.818.66"
sec-ch-ua-platform-version: "10.0"
content-type: application/x-www-form-urlencoded
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
accept: */*
origin: https://www.bing.com
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.bing.com/search?q=ransomware+downlouds&cvid=7e729d80db1740afaef3a04217b93d4b&aqs=edge..69i57j0l6.4165j0j4&FORM=ANAB01&PC=U531
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: MUID=2F4E2904EB0462ED0C753C50EA6963F3
cookie: _EDGE_S=F=1&SID=1FCCA6982E7F6C8F0728B3CC2F126D2A
cookie: _EDGE_V=1
cookie: _SS=PC=U531&SID=1FCCA6982E7F6C8F0728B3CC2F126D2A
cookie: SRCHD=AF=ANAB01
cookie: SRCHUID=V=2&GUID=8F1B49904A39427CA6233E79AB5BE299&dmnchg=1
cookie: ak_bmsc=F184CDB549F535F0B1E550D997395A26~000000000000000000000000000000~YAAQTDZ6XBXtdbWTAQAAMBM2wRr1wf4++RX/YAOWqh730thSrLKlBKMU4VpVMXbgi/LvbmuVgzyOM8kUlacDwjH4uybO7kvKG6QRuI8SPwe1QGFlxiVicp5hmGd05WFcNWnHPVzMekCo/R0SLhvaoXl1fXaULy3kgl/fRGp8xw7oPHyej/BhgG3YyX7oEK9PSWocKQbv1arXPfYTr6Pq5yZSN5gwlVVI1u9lfdVi4roZ6DhkyAUPIte/4/6rbnL5NOI3w7ljUelB+vV3TcmzPfreKRYeeCJXh/AD3CjtBdX5un91365jWwJXOGNWw6yGnnn/7U2buFemYCu8nb7bVSxMgoM6KK6PbpgeR0Pqv9YAr6odhOczXEav29qkndMDB/jhFnMCRoae
cookie: MUIDB=2F4E2904EB0462ED0C753C50EA6963F3
cookie: SRCHHPGUSR=SRCHLANG=en&DM=0&BRW=M&BRH=S&CW=1280&CH=601&SCW=1263&SCH=2629&DPR=1.0&UTC=0&PV=10.0
cookie: USRLOC=HS=1&ELOC=LAT=51.98436737060547|LON=-0.22957976162433624|N=Letchworth%2C%20Hertfordshire|ELT=4|
cookie: SRCHUSR=DOB=20241213&T=1734113366000

Response

HTTP/2.0 200

content-length: 992
content-type: text/html; charset=utf-8
cache-control: no-cache
content-encoding: br
expires: -1
pragma: no-cache
vary: Accept-Encoding
x-eventid: 675c785852fb4d57bf9d36a1e637b16d
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, ECT, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
useragentreductionoptout: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
content-security-policy: script-src https: 'strict-dynamic' 'report-sample' 'wasm-unsafe-eval' 'nonce-sQBse4/le+TvxQEaJj539erygDNKNNepZpCIvxE6LUE='; base-uri 'self';report-to csp-endpoint
report-to: {"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
p3p: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
x-ceto-ref: 675c785852fb4d57bf9d36a1e637b16d|AFD:675c785852fb4d57bf9d36a1e637b16d|2024-12-13T18:09:28.068Z
date: Fri, 13 Dec 2024 18:09:28 GMT
set-cookie: _C_ETH=1; domain=.bing.com; path=/; secure; httponly
set-cookie: _C_Auth=
set-cookie: _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-12-13T08:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-12-13T18:09:28.0808190+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; domain=.bing.com; expires=Sat, 13-Dec-2025 18:09:28 GMT; path=/; secure; SameSite=None
set-cookie: _Rwho=u=d&ts=2024-12-13; domain=.bing.com; path=/; secure; HttpOnly; SameSite=None
set-cookie: _SS=PC=U531&SID=1FCCA6982E7F6C8F0728B3CC2F126D2A&R=3&RB=0&GB=0&RG=200&RP=0; domain=.bing.com; path=/; secure; SameSite=None
alt-svc: h3=":443"; ma=93600
x-cdn-traceid: 0.4c367a5c.1734113368.a7048cd
GET

https://r.bing.com/rp/fdVZU4ttbw8NDRm6H3I5BW3_vCo.svg

msedge.exe

Remote address:

95.101.143.210:443

Request

GET /rp/fdVZU4ttbw8NDRm6H3I5BW3_vCo.svg HTTP/2.0
host: r.bing.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: MUID=2F4E2904EB0462ED0C753C50EA6963F3
cookie: _EDGE_S=F=1&SID=1FCCA6982E7F6C8F0728B3CC2F126D2A
cookie: _EDGE_V=1
cookie: _SS=PC=U531&SID=1FCCA6982E7F6C8F0728B3CC2F126D2A
cookie: SRCHD=AF=ANAB01
cookie: SRCHUID=V=2&GUID=8F1B49904A39427CA6233E79AB5BE299&dmnchg=1
cookie: ak_bmsc=F184CDB549F535F0B1E550D997395A26~000000000000000000000000000000~YAAQTDZ6XBXtdbWTAQAAMBM2wRr1wf4++RX/YAOWqh730thSrLKlBKMU4VpVMXbgi/LvbmuVgzyOM8kUlacDwjH4uybO7kvKG6QRuI8SPwe1QGFlxiVicp5hmGd05WFcNWnHPVzMekCo/R0SLhvaoXl1fXaULy3kgl/fRGp8xw7oPHyej/BhgG3YyX7oEK9PSWocKQbv1arXPfYTr6Pq5yZSN5gwlVVI1u9lfdVi4roZ6DhkyAUPIte/4/6rbnL5NOI3w7ljUelB+vV3TcmzPfreKRYeeCJXh/AD3CjtBdX5un91365jWwJXOGNWw6yGnnn/7U2buFemYCu8nb7bVSxMgoM6KK6PbpgeR0Pqv9YAr6odhOczXEav29qkndMDB/jhFnMCRoae
cookie: USRLOC=HS=1&ELOC=LAT=51.98436737060547|LON=-0.22957976162433624|N=Letchworth%2C%20Hertfordshire|ELT=4|
cookie: SRCHHPGUSR=SRCHLANG=en&DM=0&BRW=M&BRH=S&CW=1280&CH=601&SCW=1263&SCH=2629&DPR=1.0&UTC=0&PV=10.0
cookie: SRCHUSR=DOB=20241213&T=1734113366000

Response

HTTP/2.0 200

last-modified: Tue, 24 Sep 2024 06:46:34 GMT
etag: 0x8DCDC64A18F365B
content-length: 671
content-type: image/svg+xml
content-md5: 2e0aQjQvN2lVcUGQcPjoGA==
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 08fd2788-101e-0005-299e-161eef000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cache-control: public, no-transform, max-age=225881
expires: Mon, 16 Dec 2024 08:54:09 GMT
date: Fri, 13 Dec 2024 18:09:28 GMT
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.4c367a5c.1734113368.a704910
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/4L4QdyjTv0HYE2Ig2ol9eYoqxg8.svg

msedge.exe

Remote address:

95.101.143.210:443

Request

GET /rp/4L4QdyjTv0HYE2Ig2ol9eYoqxg8.svg HTTP/2.0
host: r.bing.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: MUID=2F4E2904EB0462ED0C753C50EA6963F3
cookie: _EDGE_S=F=1&SID=1FCCA6982E7F6C8F0728B3CC2F126D2A
cookie: _EDGE_V=1
cookie: _SS=PC=U531&SID=1FCCA6982E7F6C8F0728B3CC2F126D2A
cookie: SRCHD=AF=ANAB01
cookie: SRCHUID=V=2&GUID=8F1B49904A39427CA6233E79AB5BE299&dmnchg=1
cookie: ak_bmsc=F184CDB549F535F0B1E550D997395A26~000000000000000000000000000000~YAAQTDZ6XBXtdbWTAQAAMBM2wRr1wf4++RX/YAOWqh730thSrLKlBKMU4VpVMXbgi/LvbmuVgzyOM8kUlacDwjH4uybO7kvKG6QRuI8SPwe1QGFlxiVicp5hmGd05WFcNWnHPVzMekCo/R0SLhvaoXl1fXaULy3kgl/fRGp8xw7oPHyej/BhgG3YyX7oEK9PSWocKQbv1arXPfYTr6Pq5yZSN5gwlVVI1u9lfdVi4roZ6DhkyAUPIte/4/6rbnL5NOI3w7ljUelB+vV3TcmzPfreKRYeeCJXh/AD3CjtBdX5un91365jWwJXOGNWw6yGnnn/7U2buFemYCu8nb7bVSxMgoM6KK6PbpgeR0Pqv9YAr6odhOczXEav29qkndMDB/jhFnMCRoae
cookie: USRLOC=HS=1&ELOC=LAT=51.98436737060547|LON=-0.22957976162433624|N=Letchworth%2C%20Hertfordshire|ELT=4|
cookie: SRCHHPGUSR=SRCHLANG=en&DM=0&BRW=M&BRH=S&CW=1280&CH=601&SCW=1263&SCH=2629&DPR=1.0&UTC=0&PV=10.0
cookie: SRCHUSR=DOB=20241213&T=1734113366000

Response

HTTP/2.0 200

content-length: 964
content-type: image/svg+xml
content-md5: iOPtPdfu4TP3P/udNrBLbw==
last-modified: Mon, 15 Aug 2022 20:49:31 GMT
etag: 0x8DA7EFFA703EB5F
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: b8d4fb37-c01e-008b-0cf0-081e4b000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
akamai-grn: 0.0a7b1060.1686747743.231c1613
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
akamai-grn: 0.157b1060.1686747764.1d5c2bc1
akamai-grn: 0.1b7b1060.1687776384.1457d6ce
cache-control: public, no-transform, max-age=14331733
expires: Wed, 28 May 2025 15:11:41 GMT
date: Fri, 13 Dec 2024 18:09:28 GMT
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.4c367a5c.1734113368.a704915
timing-allow-origin: *
GET

https://r.bing.com/rp/Fsa_OI0AplCnVoXGca8ALOo0S0s.svg

msedge.exe

Remote address:

95.101.143.210:443

Request

GET /rp/Fsa_OI0AplCnVoXGca8ALOo0S0s.svg HTTP/2.0
host: r.bing.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: MUID=2F4E2904EB0462ED0C753C50EA6963F3
cookie: _EDGE_S=F=1&SID=1FCCA6982E7F6C8F0728B3CC2F126D2A
cookie: _EDGE_V=1
cookie: _SS=PC=U531&SID=1FCCA6982E7F6C8F0728B3CC2F126D2A
cookie: SRCHD=AF=ANAB01
cookie: SRCHUID=V=2&GUID=8F1B49904A39427CA6233E79AB5BE299&dmnchg=1
cookie: ak_bmsc=F184CDB549F535F0B1E550D997395A26~000000000000000000000000000000~YAAQTDZ6XBXtdbWTAQAAMBM2wRr1wf4++RX/YAOWqh730thSrLKlBKMU4VpVMXbgi/LvbmuVgzyOM8kUlacDwjH4uybO7kvKG6QRuI8SPwe1QGFlxiVicp5hmGd05WFcNWnHPVzMekCo/R0SLhvaoXl1fXaULy3kgl/fRGp8xw7oPHyej/BhgG3YyX7oEK9PSWocKQbv1arXPfYTr6Pq5yZSN5gwlVVI1u9lfdVi4roZ6DhkyAUPIte/4/6rbnL5NOI3w7ljUelB+vV3TcmzPfreKRYeeCJXh/AD3CjtBdX5un91365jWwJXOGNWw6yGnnn/7U2buFemYCu8nb7bVSxMgoM6KK6PbpgeR0Pqv9YAr6odhOczXEav29qkndMDB/jhFnMCRoae
cookie: USRLOC=HS=1&ELOC=LAT=51.98436737060547|LON=-0.22957976162433624|N=Letchworth%2C%20Hertfordshire|ELT=4|
cookie: SRCHHPGUSR=SRCHLANG=en&DM=0&BRW=M&BRH=S&CW=1280&CH=601&SCW=1263&SCH=2629&DPR=1.0&UTC=0&PV=10.0
cookie: SRCHUSR=DOB=20241213&T=1734113366000

Response

HTTP/2.0 200

content-length: 1101
content-type: image/svg+xml
content-md5: kc0Rz8ymXPrOlhUyaNcfYw==
last-modified: Fri, 12 Aug 2022 20:45:00 GMT
etag: 0x8DA7CA3867FC831
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: adc41e54-901e-0086-2e09-15d69f000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
akamai-grn: 0.097b1060.1686747743.2aab8902
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
akamai-grn: 0.097b1060.1686747764.2aac12e8
akamai-grn: 0.2a7b1060.1687568922.2d70b24a
akamai-grn: 0.3d7b1060.1689052474.2206a8cd
akamai-grn: 0.21aedd58.1689771282.bd10a3b
cache-control: public, no-transform, max-age=9887398
expires: Mon, 07 Apr 2025 04:39:26 GMT
date: Fri, 13 Dec 2024 18:09:28 GMT
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.4c367a5c.1734113368.a704913
timing-allow-origin: *
GET

https://r.bing.com/rp/UYtUYDcn1oZlFG-YfBPz59zejYI.svg

msedge.exe

Remote address:

95.101.143.210:443

Request

GET /rp/UYtUYDcn1oZlFG-YfBPz59zejYI.svg HTTP/2.0
host: r.bing.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: MUID=2F4E2904EB0462ED0C753C50EA6963F3
cookie: _EDGE_S=F=1&SID=1FCCA6982E7F6C8F0728B3CC2F126D2A
cookie: _EDGE_V=1
cookie: _SS=PC=U531&SID=1FCCA6982E7F6C8F0728B3CC2F126D2A
cookie: SRCHD=AF=ANAB01
cookie: SRCHUID=V=2&GUID=8F1B49904A39427CA6233E79AB5BE299&dmnchg=1
cookie: ak_bmsc=F184CDB549F535F0B1E550D997395A26~000000000000000000000000000000~YAAQTDZ6XBXtdbWTAQAAMBM2wRr1wf4++RX/YAOWqh730thSrLKlBKMU4VpVMXbgi/LvbmuVgzyOM8kUlacDwjH4uybO7kvKG6QRuI8SPwe1QGFlxiVicp5hmGd05WFcNWnHPVzMekCo/R0SLhvaoXl1fXaULy3kgl/fRGp8xw7oPHyej/BhgG3YyX7oEK9PSWocKQbv1arXPfYTr6Pq5yZSN5gwlVVI1u9lfdVi4roZ6DhkyAUPIte/4/6rbnL5NOI3w7ljUelB+vV3TcmzPfreKRYeeCJXh/AD3CjtBdX5un91365jWwJXOGNWw6yGnnn/7U2buFemYCu8nb7bVSxMgoM6KK6PbpgeR0Pqv9YAr6odhOczXEav29qkndMDB/jhFnMCRoae
cookie: USRLOC=HS=1&ELOC=LAT=51.98436737060547|LON=-0.22957976162433624|N=Letchworth%2C%20Hertfordshire|ELT=4|
cookie: SRCHHPGUSR=SRCHLANG=en&DM=0&BRW=M&BRH=S&CW=1280&CH=601&SCW=1263&SCH=2629&DPR=1.0&UTC=0&PV=10.0
cookie: SRCHUSR=DOB=20241213&T=1734113366000

Response

HTTP/2.0 200

last-modified: Mon, 15 Aug 2022 17:39:27 GMT
etag: 0x8DA7EE519EF54EF
akamai-grn: 0.19fd4817.1699775190.19e2dda6
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
content-length: 726
content-type: image/svg+xml
content-md5: ZgHkolq4RyA+EBWzJRSxbA==
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: d46b8e76-f01e-0020-517e-0a9bf6000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
akamai-grn: 0.1efd4817.1701123842.3b4e7f5b
cache-control: public, no-transform, max-age=11792477
expires: Tue, 29 Apr 2025 05:50:45 GMT
date: Fri, 13 Dec 2024 18:09:28 GMT
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.4c367a5c.1734113368.a704917
timing-allow-origin: *
GET

https://r.bing.com/rp/kiGH9ukZK6Q4hvtDtwwVc1yvueg.svg

msedge.exe

Remote address:

95.101.143.210:443

Request

GET /rp/kiGH9ukZK6Q4hvtDtwwVc1yvueg.svg HTTP/2.0
host: r.bing.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: MUID=2F4E2904EB0462ED0C753C50EA6963F3
cookie: _EDGE_S=F=1&SID=1FCCA6982E7F6C8F0728B3CC2F126D2A
cookie: _EDGE_V=1
cookie: _SS=PC=U531&SID=1FCCA6982E7F6C8F0728B3CC2F126D2A
cookie: SRCHD=AF=ANAB01
cookie: SRCHUID=V=2&GUID=8F1B49904A39427CA6233E79AB5BE299&dmnchg=1
cookie: ak_bmsc=F184CDB549F535F0B1E550D997395A26~000000000000000000000000000000~YAAQTDZ6XBXtdbWTAQAAMBM2wRr1wf4++RX/YAOWqh730thSrLKlBKMU4VpVMXbgi/LvbmuVgzyOM8kUlacDwjH4uybO7kvKG6QRuI8SPwe1QGFlxiVicp5hmGd05WFcNWnHPVzMekCo/R0SLhvaoXl1fXaULy3kgl/fRGp8xw7oPHyej/BhgG3YyX7oEK9PSWocKQbv1arXPfYTr6Pq5yZSN5gwlVVI1u9lfdVi4roZ6DhkyAUPIte/4/6rbnL5NOI3w7ljUelB+vV3TcmzPfreKRYeeCJXh/AD3CjtBdX5un91365jWwJXOGNWw6yGnnn/7U2buFemYCu8nb7bVSxMgoM6KK6PbpgeR0Pqv9YAr6odhOczXEav29qkndMDB/jhFnMCRoae
cookie: USRLOC=HS=1&ELOC=LAT=51.98436737060547|LON=-0.22957976162433624|N=Letchworth%2C%20Hertfordshire|ELT=4|
cookie: SRCHHPGUSR=SRCHLANG=en&DM=0&BRW=M&BRH=S&CW=1280&CH=601&SCW=1263&SCH=2629&DPR=1.0&UTC=0&PV=10.0
cookie: SRCHUSR=DOB=20241213&T=1734113366000

Response

HTTP/2.0 200

last-modified: Tue, 24 Sep 2024 06:17:16 GMT
etag: 0x8DCDC6089E98574
content-length: 1111
content-type: image/svg+xml
content-md5: wEyINKyRgCGG5s5neuSonQ==
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 03b9bc25-601e-000a-8048-17f319000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cache-control: public, no-transform, max-age=210577
expires: Mon, 16 Dec 2024 04:39:05 GMT
date: Fri, 13 Dec 2024 18:09:28 GMT
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.4c367a5c.1734113368.a704918
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/KC_nX2_tPPyFvVw1RK20Yu1FyDk.svg

msedge.exe

Remote address:

95.101.143.210:443

Request

GET /rp/KC_nX2_tPPyFvVw1RK20Yu1FyDk.svg HTTP/2.0
host: r.bing.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: MUID=2F4E2904EB0462ED0C753C50EA6963F3
cookie: _EDGE_S=F=1&SID=1FCCA6982E7F6C8F0728B3CC2F126D2A
cookie: _EDGE_V=1
cookie: _SS=PC=U531&SID=1FCCA6982E7F6C8F0728B3CC2F126D2A
cookie: SRCHD=AF=ANAB01
cookie: SRCHUID=V=2&GUID=8F1B49904A39427CA6233E79AB5BE299&dmnchg=1
cookie: ak_bmsc=F184CDB549F535F0B1E550D997395A26~000000000000000000000000000000~YAAQTDZ6XBXtdbWTAQAAMBM2wRr1wf4++RX/YAOWqh730thSrLKlBKMU4VpVMXbgi/LvbmuVgzyOM8kUlacDwjH4uybO7kvKG6QRuI8SPwe1QGFlxiVicp5hmGd05WFcNWnHPVzMekCo/R0SLhvaoXl1fXaULy3kgl/fRGp8xw7oPHyej/BhgG3YyX7oEK9PSWocKQbv1arXPfYTr6Pq5yZSN5gwlVVI1u9lfdVi4roZ6DhkyAUPIte/4/6rbnL5NOI3w7ljUelB+vV3TcmzPfreKRYeeCJXh/AD3CjtBdX5un91365jWwJXOGNWw6yGnnn/7U2buFemYCu8nb7bVSxMgoM6KK6PbpgeR0Pqv9YAr6odhOczXEav29qkndMDB/jhFnMCRoae
cookie: USRLOC=HS=1&ELOC=LAT=51.98436737060547|LON=-0.22957976162433624|N=Letchworth%2C%20Hertfordshire|ELT=4|
cookie: SRCHHPGUSR=SRCHLANG=en&DM=0&BRW=M&BRH=S&CW=1280&CH=601&SCW=1263&SCH=2629&DPR=1.0&UTC=0&PV=10.0
cookie: SRCHUSR=DOB=20241213&T=1734113366000

Response

HTTP/2.0 200

last-modified: Tue, 24 Sep 2024 06:49:39 GMT
etag: 0x8DCDC650FC3D927
content-length: 3791
content-type: image/jpeg
content-md5: KZpHmi9/HzDQlUXKjMXRYg==
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: d82f5a4c-d01e-0057-7a67-17031d000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cache-control: public, no-transform, max-age=87905
expires: Sat, 14 Dec 2024 18:34:33 GMT
date: Fri, 13 Dec 2024 18:09:28 GMT
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.4c367a5c.1734113368.a704919
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/NnFHhz2jL6yzChtIhaB5IIVKY5k.svg

msedge.exe

Remote address:

95.101.143.210:443

Request

GET /rp/NnFHhz2jL6yzChtIhaB5IIVKY5k.svg HTTP/2.0
host: r.bing.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: MUID=2F4E2904EB0462ED0C753C50EA6963F3
cookie: _EDGE_S=F=1&SID=1FCCA6982E7F6C8F0728B3CC2F126D2A
cookie: _EDGE_V=1
cookie: _SS=PC=U531&SID=1FCCA6982E7F6C8F0728B3CC2F126D2A
cookie: SRCHD=AF=ANAB01
cookie: SRCHUID=V=2&GUID=8F1B49904A39427CA6233E79AB5BE299&dmnchg=1
cookie: ak_bmsc=F184CDB549F535F0B1E550D997395A26~000000000000000000000000000000~YAAQTDZ6XBXtdbWTAQAAMBM2wRr1wf4++RX/YAOWqh730thSrLKlBKMU4VpVMXbgi/LvbmuVgzyOM8kUlacDwjH4uybO7kvKG6QRuI8SPwe1QGFlxiVicp5hmGd05WFcNWnHPVzMekCo/R0SLhvaoXl1fXaULy3kgl/fRGp8xw7oPHyej/BhgG3YyX7oEK9PSWocKQbv1arXPfYTr6Pq5yZSN5gwlVVI1u9lfdVi4roZ6DhkyAUPIte/4/6rbnL5NOI3w7ljUelB+vV3TcmzPfreKRYeeCJXh/AD3CjtBdX5un91365jWwJXOGNWw6yGnnn/7U2buFemYCu8nb7bVSxMgoM6KK6PbpgeR0Pqv9YAr6odhOczXEav29qkndMDB/jhFnMCRoae
cookie: USRLOC=HS=1&ELOC=LAT=51.98436737060547|LON=-0.22957976162433624|N=Letchworth%2C%20Hertfordshire|ELT=4|
cookie: SRCHHPGUSR=SRCHLANG=en&DM=0&BRW=M&BRH=S&CW=1280&CH=601&SCW=1263&SCH=2629&DPR=1.0&UTC=0&PV=10.0
cookie: SRCHUSR=DOB=20241213&T=1734113366000

Response

HTTP/2.0 200

last-modified: Tue, 24 Sep 2024 05:54:04 GMT
etag: 0x8DCDC5D4C424AE8
content-length: 5387
content-type: image/jpeg
content-md5: adFid0+JT/i5IDMON2t6Yg==
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 8f55db75-401e-0016-1dc2-172b0e000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cache-control: public, no-transform, max-age=177547
expires: Sun, 15 Dec 2024 19:28:35 GMT
date: Fri, 13 Dec 2024 18:09:28 GMT
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.4c367a5c.1734113368.a70491b
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/hx-eea1zqtCz4K0bW2uH_oN7Fs4.jpg

msedge.exe

Remote address:

95.101.143.210:443

Request

GET /rp/hx-eea1zqtCz4K0bW2uH_oN7Fs4.jpg HTTP/2.0
host: r.bing.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: MUID=2F4E2904EB0462ED0C753C50EA6963F3
cookie: _EDGE_S=F=1&SID=1FCCA6982E7F6C8F0728B3CC2F126D2A
cookie: _EDGE_V=1
cookie: _SS=PC=U531&SID=1FCCA6982E7F6C8F0728B3CC2F126D2A
cookie: SRCHD=AF=ANAB01
cookie: SRCHUID=V=2&GUID=8F1B49904A39427CA6233E79AB5BE299&dmnchg=1
cookie: ak_bmsc=F184CDB549F535F0B1E550D997395A26~000000000000000000000000000000~YAAQTDZ6XBXtdbWTAQAAMBM2wRr1wf4++RX/YAOWqh730thSrLKlBKMU4VpVMXbgi/LvbmuVgzyOM8kUlacDwjH4uybO7kvKG6QRuI8SPwe1QGFlxiVicp5hmGd05WFcNWnHPVzMekCo/R0SLhvaoXl1fXaULy3kgl/fRGp8xw7oPHyej/BhgG3YyX7oEK9PSWocKQbv1arXPfYTr6Pq5yZSN5gwlVVI1u9lfdVi4roZ6DhkyAUPIte/4/6rbnL5NOI3w7ljUelB+vV3TcmzPfreKRYeeCJXh/AD3CjtBdX5un91365jWwJXOGNWw6yGnnn/7U2buFemYCu8nb7bVSxMgoM6KK6PbpgeR0Pqv9YAr6odhOczXEav29qkndMDB/jhFnMCRoae
cookie: USRLOC=HS=1&ELOC=LAT=51.98436737060547|LON=-0.22957976162433624|N=Letchworth%2C%20Hertfordshire|ELT=4|
cookie: SRCHHPGUSR=SRCHLANG=en&DM=0&BRW=M&BRH=S&CW=1280&CH=601&SCW=1263&SCH=2629&DPR=1.0&UTC=0&PV=10.0
cookie: SRCHUSR=DOB=20241213&T=1734113366000

Response

HTTP/2.0 200

last-modified: Tue, 24 Sep 2024 06:05:48 GMT
etag: 0x8DCDC5EEFB0049C
content-length: 6817
content-type: image/jpeg
content-md5: DEHuMbBOl4tIgtF2kPA6Og==
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 42a58b94-c01e-0048-0d59-17d80d000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cache-control: public, no-transform, max-age=312467
expires: Tue, 17 Dec 2024 08:57:15 GMT
date: Fri, 13 Dec 2024 18:09:28 GMT
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.4c367a5c.1734113368.a70491c
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/95z5wMy4UcfbSSSlSw780vQ5jKA.jpg

msedge.exe

Remote address:

95.101.143.210:443

Request

GET /rp/95z5wMy4UcfbSSSlSw780vQ5jKA.jpg HTTP/2.0
host: r.bing.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: MUID=2F4E2904EB0462ED0C753C50EA6963F3
cookie: _EDGE_S=F=1&SID=1FCCA6982E7F6C8F0728B3CC2F126D2A
cookie: _EDGE_V=1
cookie: _SS=PC=U531&SID=1FCCA6982E7F6C8F0728B3CC2F126D2A
cookie: SRCHD=AF=ANAB01
cookie: SRCHUID=V=2&GUID=8F1B49904A39427CA6233E79AB5BE299&dmnchg=1
cookie: ak_bmsc=F184CDB549F535F0B1E550D997395A26~000000000000000000000000000000~YAAQTDZ6XBXtdbWTAQAAMBM2wRr1wf4++RX/YAOWqh730thSrLKlBKMU4VpVMXbgi/LvbmuVgzyOM8kUlacDwjH4uybO7kvKG6QRuI8SPwe1QGFlxiVicp5hmGd05WFcNWnHPVzMekCo/R0SLhvaoXl1fXaULy3kgl/fRGp8xw7oPHyej/BhgG3YyX7oEK9PSWocKQbv1arXPfYTr6Pq5yZSN5gwlVVI1u9lfdVi4roZ6DhkyAUPIte/4/6rbnL5NOI3w7ljUelB+vV3TcmzPfreKRYeeCJXh/AD3CjtBdX5un91365jWwJXOGNWw6yGnnn/7U2buFemYCu8nb7bVSxMgoM6KK6PbpgeR0Pqv9YAr6odhOczXEav29qkndMDB/jhFnMCRoae
cookie: USRLOC=HS=1&ELOC=LAT=51.98436737060547|LON=-0.22957976162433624|N=Letchworth%2C%20Hertfordshire|ELT=4|
cookie: SRCHHPGUSR=SRCHLANG=en&DM=0&BRW=M&BRH=S&CW=1280&CH=601&SCW=1263&SCH=2629&DPR=1.0&UTC=0&PV=10.0
cookie: SRCHUSR=DOB=20241213&T=1734113366000

Response

HTTP/2.0 200

last-modified: Tue, 24 Sep 2024 06:55:51 GMT
etag: 0x8DCDC65ED9B19A0
content-length: 4409
content-type: image/jpeg
content-md5: qYoIvbmbhCLJ3J1v3ZOHww==
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 0123ab47-601e-0001-11da-15eb6d000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cache-control: public, no-transform, max-age=52551
expires: Sat, 14 Dec 2024 08:45:19 GMT
date: Fri, 13 Dec 2024 18:09:28 GMT
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.4c367a5c.1734113368.a70491d
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/GJDmKr3_TS3Qpm6KEL9UKUQKUO4.jpg

msedge.exe

Remote address:

95.101.143.210:443

Request

GET /rp/GJDmKr3_TS3Qpm6KEL9UKUQKUO4.jpg HTTP/2.0
host: r.bing.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: MUID=2F4E2904EB0462ED0C753C50EA6963F3
cookie: _EDGE_S=F=1&SID=1FCCA6982E7F6C8F0728B3CC2F126D2A
cookie: _EDGE_V=1
cookie: _SS=PC=U531&SID=1FCCA6982E7F6C8F0728B3CC2F126D2A
cookie: SRCHD=AF=ANAB01
cookie: SRCHUID=V=2&GUID=8F1B49904A39427CA6233E79AB5BE299&dmnchg=1
cookie: ak_bmsc=F184CDB549F535F0B1E550D997395A26~000000000000000000000000000000~YAAQTDZ6XBXtdbWTAQAAMBM2wRr1wf4++RX/YAOWqh730thSrLKlBKMU4VpVMXbgi/LvbmuVgzyOM8kUlacDwjH4uybO7kvKG6QRuI8SPwe1QGFlxiVicp5hmGd05WFcNWnHPVzMekCo/R0SLhvaoXl1fXaULy3kgl/fRGp8xw7oPHyej/BhgG3YyX7oEK9PSWocKQbv1arXPfYTr6Pq5yZSN5gwlVVI1u9lfdVi4roZ6DhkyAUPIte/4/6rbnL5NOI3w7ljUelB+vV3TcmzPfreKRYeeCJXh/AD3CjtBdX5un91365jWwJXOGNWw6yGnnn/7U2buFemYCu8nb7bVSxMgoM6KK6PbpgeR0Pqv9YAr6odhOczXEav29qkndMDB/jhFnMCRoae
cookie: USRLOC=HS=1&ELOC=LAT=51.98436737060547|LON=-0.22957976162433624|N=Letchworth%2C%20Hertfordshire|ELT=4|
cookie: SRCHHPGUSR=SRCHLANG=en&DM=0&BRW=M&BRH=S&CW=1280&CH=601&SCW=1263&SCH=2629&DPR=1.0&UTC=0&PV=10.0
cookie: SRCHUSR=DOB=20241213&T=1734113366000

Response

HTTP/2.0 200

last-modified: Tue, 24 Sep 2024 06:43:17 GMT
etag: 0x8DCDC642C51AEC8
content-length: 4934
content-type: image/jpeg
content-md5: /aLOrgZ5YRk35ucfcBo2qw==
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: eb80deab-601e-0023-48af-16855b000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cache-control: public, no-transform, max-age=122051
expires: Sun, 15 Dec 2024 04:03:39 GMT
date: Fri, 13 Dec 2024 18:09:28 GMT
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.4c367a5c.1734113368.a70491e
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/ln5TQq6AIWfcBlduDk-5bnaJMpY.jpg

msedge.exe

Remote address:

95.101.143.210:443

Request

GET /rp/ln5TQq6AIWfcBlduDk-5bnaJMpY.jpg HTTP/2.0
host: r.bing.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: MUID=2F4E2904EB0462ED0C753C50EA6963F3
cookie: _EDGE_S=F=1&SID=1FCCA6982E7F6C8F0728B3CC2F126D2A
cookie: _EDGE_V=1
cookie: _SS=PC=U531&SID=1FCCA6982E7F6C8F0728B3CC2F126D2A
cookie: SRCHD=AF=ANAB01
cookie: SRCHUID=V=2&GUID=8F1B49904A39427CA6233E79AB5BE299&dmnchg=1
cookie: ak_bmsc=F184CDB549F535F0B1E550D997395A26~000000000000000000000000000000~YAAQTDZ6XBXtdbWTAQAAMBM2wRr1wf4++RX/YAOWqh730thSrLKlBKMU4VpVMXbgi/LvbmuVgzyOM8kUlacDwjH4uybO7kvKG6QRuI8SPwe1QGFlxiVicp5hmGd05WFcNWnHPVzMekCo/R0SLhvaoXl1fXaULy3kgl/fRGp8xw7oPHyej/BhgG3YyX7oEK9PSWocKQbv1arXPfYTr6Pq5yZSN5gwlVVI1u9lfdVi4roZ6DhkyAUPIte/4/6rbnL5NOI3w7ljUelB+vV3TcmzPfreKRYeeCJXh/AD3CjtBdX5un91365jWwJXOGNWw6yGnnn/7U2buFemYCu8nb7bVSxMgoM6KK6PbpgeR0Pqv9YAr6odhOczXEav29qkndMDB/jhFnMCRoae
cookie: USRLOC=HS=1&ELOC=LAT=51.98436737060547|LON=-0.22957976162433624|N=Letchworth%2C%20Hertfordshire|ELT=4|
cookie: SRCHHPGUSR=SRCHLANG=en&DM=0&BRW=M&BRH=S&CW=1280&CH=601&SCW=1263&SCH=2629&DPR=1.0&UTC=0&PV=10.0
cookie: SRCHUSR=DOB=20241213&T=1734113366000

Response

HTTP/2.0 200

last-modified: Tue, 24 Sep 2024 06:58:31 GMT
etag: 0x8DCDC664D1860E2
content-length: 3814
content-type: image/jpeg
content-md5: KBVwYR+JIZqXDyWJ+YoJ2w==
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 3ec8f7ea-901e-0072-119f-199bae000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cache-control: public, no-transform, max-age=69054
expires: Sat, 14 Dec 2024 13:20:22 GMT
date: Fri, 13 Dec 2024 18:09:28 GMT
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.4c367a5c.1734113368.a704921
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/dbmNS45xQvD1diApY1T2HExvOo8.jpg

msedge.exe

Remote address:

95.101.143.210:443

Request

GET /rp/dbmNS45xQvD1diApY1T2HExvOo8.jpg HTTP/2.0
host: r.bing.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: MUID=2F4E2904EB0462ED0C753C50EA6963F3
cookie: _EDGE_S=F=1&SID=1FCCA6982E7F6C8F0728B3CC2F126D2A
cookie: _EDGE_V=1
cookie: _SS=PC=U531&SID=1FCCA6982E7F6C8F0728B3CC2F126D2A
cookie: SRCHD=AF=ANAB01
cookie: SRCHUID=V=2&GUID=8F1B49904A39427CA6233E79AB5BE299&dmnchg=1
cookie: ak_bmsc=F184CDB549F535F0B1E550D997395A26~000000000000000000000000000000~YAAQTDZ6XBXtdbWTAQAAMBM2wRr1wf4++RX/YAOWqh730thSrLKlBKMU4VpVMXbgi/LvbmuVgzyOM8kUlacDwjH4uybO7kvKG6QRuI8SPwe1QGFlxiVicp5hmGd05WFcNWnHPVzMekCo/R0SLhvaoXl1fXaULy3kgl/fRGp8xw7oPHyej/BhgG3YyX7oEK9PSWocKQbv1arXPfYTr6Pq5yZSN5gwlVVI1u9lfdVi4roZ6DhkyAUPIte/4/6rbnL5NOI3w7ljUelB+vV3TcmzPfreKRYeeCJXh/AD3CjtBdX5un91365jWwJXOGNWw6yGnnn/7U2buFemYCu8nb7bVSxMgoM6KK6PbpgeR0Pqv9YAr6odhOczXEav29qkndMDB/jhFnMCRoae
cookie: USRLOC=HS=1&ELOC=LAT=51.98436737060547|LON=-0.22957976162433624|N=Letchworth%2C%20Hertfordshire|ELT=4|
cookie: SRCHHPGUSR=SRCHLANG=en&DM=0&BRW=M&BRH=S&CW=1280&CH=601&SCW=1263&SCH=2629&DPR=1.0&UTC=0&PV=10.0
cookie: SRCHUSR=DOB=20241213&T=1734113366000

Response

HTTP/2.0 200

last-modified: Tue, 24 Sep 2024 06:05:25 GMT
etag: 0x8DCDC5EE1BFCC0A
content-length: 282
content-type: image/svg+xml
content-md5: 44eVtjQVTsH/Qca82lTuUg==
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: e9a57e31-701e-001e-2a97-15307d000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cache-control: public, no-transform, max-age=193056
expires: Sun, 15 Dec 2024 23:47:04 GMT
date: Fri, 13 Dec 2024 18:09:28 GMT
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.4c367a5c.1734113368.a704914
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/cfeVf2-uV0hUo3ToTbLjztuomWk.jpg

msedge.exe

Remote address:

95.101.143.210:443

Request

GET /rp/cfeVf2-uV0hUo3ToTbLjztuomWk.jpg HTTP/2.0
host: r.bing.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: MUID=2F4E2904EB0462ED0C753C50EA6963F3
cookie: _EDGE_S=F=1&SID=1FCCA6982E7F6C8F0728B3CC2F126D2A
cookie: _EDGE_V=1
cookie: _SS=PC=U531&SID=1FCCA6982E7F6C8F0728B3CC2F126D2A
cookie: SRCHD=AF=ANAB01
cookie: SRCHUID=V=2&GUID=8F1B49904A39427CA6233E79AB5BE299&dmnchg=1
cookie: ak_bmsc=F184CDB549F535F0B1E550D997395A26~000000000000000000000000000000~YAAQTDZ6XBXtdbWTAQAAMBM2wRr1wf4++RX/YAOWqh730thSrLKlBKMU4VpVMXbgi/LvbmuVgzyOM8kUlacDwjH4uybO7kvKG6QRuI8SPwe1QGFlxiVicp5hmGd05WFcNWnHPVzMekCo/R0SLhvaoXl1fXaULy3kgl/fRGp8xw7oPHyej/BhgG3YyX7oEK9PSWocKQbv1arXPfYTr6Pq5yZSN5gwlVVI1u9lfdVi4roZ6DhkyAUPIte/4/6rbnL5NOI3w7ljUelB+vV3TcmzPfreKRYeeCJXh/AD3CjtBdX5un91365jWwJXOGNWw6yGnnn/7U2buFemYCu8nb7bVSxMgoM6KK6PbpgeR0Pqv9YAr6odhOczXEav29qkndMDB/jhFnMCRoae
cookie: USRLOC=HS=1&ELOC=LAT=51.98436737060547|LON=-0.22957976162433624|N=Letchworth%2C%20Hertfordshire|ELT=4|
cookie: SRCHHPGUSR=SRCHLANG=en&DM=0&BRW=M&BRH=S&CW=1280&CH=601&SCW=1263&SCH=2629&DPR=1.0&UTC=0&PV=10.0
cookie: SRCHUSR=DOB=20241213&T=1734113366000

Response

HTTP/2.0 200

last-modified: Tue, 24 Sep 2024 06:54:00 GMT
etag: 0x8DCDC65AB4005D8
content-length: 1391
content-type: image/svg+xml
content-md5: YgWAZX6KRbSnuEULjaXNMg==
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: a41a454b-e01e-0054-5833-16001a000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cache-control: public, no-transform, max-age=220820
expires: Mon, 16 Dec 2024 07:29:48 GMT
date: Fri, 13 Dec 2024 18:09:28 GMT
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.4c367a5c.1734113368.a704916
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/lvCKZ07bEYtoYmY62ifMzVa0RIE.jpg

msedge.exe

Remote address:

95.101.143.210:443

Request

GET /rp/lvCKZ07bEYtoYmY62ifMzVa0RIE.jpg HTTP/2.0
host: r.bing.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: MUID=2F4E2904EB0462ED0C753C50EA6963F3
cookie: _EDGE_S=F=1&SID=1FCCA6982E7F6C8F0728B3CC2F126D2A
cookie: _EDGE_V=1
cookie: _SS=PC=U531&SID=1FCCA6982E7F6C8F0728B3CC2F126D2A
cookie: SRCHD=AF=ANAB01
cookie: SRCHUID=V=2&GUID=8F1B49904A39427CA6233E79AB5BE299&dmnchg=1
cookie: ak_bmsc=F184CDB549F535F0B1E550D997395A26~000000000000000000000000000000~YAAQTDZ6XBXtdbWTAQAAMBM2wRr1wf4++RX/YAOWqh730thSrLKlBKMU4VpVMXbgi/LvbmuVgzyOM8kUlacDwjH4uybO7kvKG6QRuI8SPwe1QGFlxiVicp5hmGd05WFcNWnHPVzMekCo/R0SLhvaoXl1fXaULy3kgl/fRGp8xw7oPHyej/BhgG3YyX7oEK9PSWocKQbv1arXPfYTr6Pq5yZSN5gwlVVI1u9lfdVi4roZ6DhkyAUPIte/4/6rbnL5NOI3w7ljUelB+vV3TcmzPfreKRYeeCJXh/AD3CjtBdX5un91365jWwJXOGNWw6yGnnn/7U2buFemYCu8nb7bVSxMgoM6KK6PbpgeR0Pqv9YAr6odhOczXEav29qkndMDB/jhFnMCRoae
cookie: USRLOC=HS=1&ELOC=LAT=51.98436737060547|LON=-0.22957976162433624|N=Letchworth%2C%20Hertfordshire|ELT=4|
cookie: SRCHHPGUSR=SRCHLANG=en&DM=0&BRW=M&BRH=S&CW=1280&CH=601&SCW=1263&SCH=2629&DPR=1.0&UTC=0&PV=10.0
cookie: SRCHUSR=DOB=20241213&T=1734113366000

Response

HTTP/2.0 200

last-modified: Tue, 24 Sep 2024 06:55:56 GMT
etag: 0x8DCDC65F09D13C1
content-length: 5944
content-type: image/jpeg
content-md5: 9ucNopg0mtlCFfC0podQNw==
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: ab6448f5-c01e-0025-6b21-187223000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cache-control: public, no-transform, max-age=155406
expires: Sun, 15 Dec 2024 13:19:34 GMT
date: Fri, 13 Dec 2024 18:09:28 GMT
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.4c367a5c.1734113368.a704920
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/ni3MyKKVu9pK0SgY6gb6Z2NOGpg.jpg

msedge.exe

Remote address:

95.101.143.210:443

Request

GET /rp/ni3MyKKVu9pK0SgY6gb6Z2NOGpg.jpg HTTP/2.0
host: r.bing.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: MUID=2F4E2904EB0462ED0C753C50EA6963F3
cookie: _EDGE_S=F=1&SID=1FCCA6982E7F6C8F0728B3CC2F126D2A
cookie: _EDGE_V=1
cookie: _SS=PC=U531&SID=1FCCA6982E7F6C8F0728B3CC2F126D2A
cookie: SRCHD=AF=ANAB01
cookie: SRCHUID=V=2&GUID=8F1B49904A39427CA6233E79AB5BE299&dmnchg=1
cookie: ak_bmsc=F184CDB549F535F0B1E550D997395A26~000000000000000000000000000000~YAAQTDZ6XBXtdbWTAQAAMBM2wRr1wf4++RX/YAOWqh730thSrLKlBKMU4VpVMXbgi/LvbmuVgzyOM8kUlacDwjH4uybO7kvKG6QRuI8SPwe1QGFlxiVicp5hmGd05WFcNWnHPVzMekCo/R0SLhvaoXl1fXaULy3kgl/fRGp8xw7oPHyej/BhgG3YyX7oEK9PSWocKQbv1arXPfYTr6Pq5yZSN5gwlVVI1u9lfdVi4roZ6DhkyAUPIte/4/6rbnL5NOI3w7ljUelB+vV3TcmzPfreKRYeeCJXh/AD3CjtBdX5un91365jWwJXOGNWw6yGnnn/7U2buFemYCu8nb7bVSxMgoM6KK6PbpgeR0Pqv9YAr6odhOczXEav29qkndMDB/jhFnMCRoae
cookie: USRLOC=HS=1&ELOC=LAT=51.98436737060547|LON=-0.22957976162433624|N=Letchworth%2C%20Hertfordshire|ELT=4|
cookie: SRCHHPGUSR=SRCHLANG=en&DM=0&BRW=M&BRH=S&CW=1280&CH=601&SCW=1263&SCH=2629&DPR=1.0&UTC=0&PV=10.0
cookie: SRCHUSR=DOB=20241213&T=1734113366000

Response

HTTP/2.0 200

last-modified: Tue, 24 Sep 2024 06:41:12 GMT
etag: 0x8DCDC63E1AC19C2
content-length: 324
content-type: text/css
content-encoding: br
content-md5: zul1ioyI5qjKzvVMsqd8eQ==
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: c7c72aa6-101e-0041-7ad0-16c283000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cache-control: public, no-transform, max-age=106734
expires: Sat, 14 Dec 2024 23:48:22 GMT
date: Fri, 13 Dec 2024 18:09:28 GMT
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.4c367a5c.1734113368.a704929
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/c4ruj6QGsmSnOG64gJJnnnYDa44.br.css

msedge.exe

Remote address:

95.101.143.210:443

Request

GET /rp/c4ruj6QGsmSnOG64gJJnnnYDa44.br.css HTTP/2.0
host: r.bing.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: text/css,*/*;q=0.1
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: style
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: MUID=2F4E2904EB0462ED0C753C50EA6963F3
cookie: _EDGE_S=F=1&SID=1FCCA6982E7F6C8F0728B3CC2F126D2A
cookie: _EDGE_V=1
cookie: _SS=PC=U531&SID=1FCCA6982E7F6C8F0728B3CC2F126D2A
cookie: SRCHD=AF=ANAB01
cookie: SRCHUID=V=2&GUID=8F1B49904A39427CA6233E79AB5BE299&dmnchg=1
cookie: ak_bmsc=F184CDB549F535F0B1E550D997395A26~000000000000000000000000000000~YAAQTDZ6XBXtdbWTAQAAMBM2wRr1wf4++RX/YAOWqh730thSrLKlBKMU4VpVMXbgi/LvbmuVgzyOM8kUlacDwjH4uybO7kvKG6QRuI8SPwe1QGFlxiVicp5hmGd05WFcNWnHPVzMekCo/R0SLhvaoXl1fXaULy3kgl/fRGp8xw7oPHyej/BhgG3YyX7oEK9PSWocKQbv1arXPfYTr6Pq5yZSN5gwlVVI1u9lfdVi4roZ6DhkyAUPIte/4/6rbnL5NOI3w7ljUelB+vV3TcmzPfreKRYeeCJXh/AD3CjtBdX5un91365jWwJXOGNWw6yGnnn/7U2buFemYCu8nb7bVSxMgoM6KK6PbpgeR0Pqv9YAr6odhOczXEav29qkndMDB/jhFnMCRoae
cookie: USRLOC=HS=1&ELOC=LAT=51.98436737060547|LON=-0.22957976162433624|N=Letchworth%2C%20Hertfordshire|ELT=4|
cookie: SRCHHPGUSR=SRCHLANG=en&DM=0&BRW=M&BRH=S&CW=1280&CH=601&SCW=1263&SCH=2629&DPR=1.0&UTC=0&PV=10.0
cookie: SRCHUSR=DOB=20241213&T=1734113366000
cookie: _C_ETH=1

Response

HTTP/2.0 200

last-modified: Tue, 24 Sep 2024 06:41:55 GMT
etag: 0x8DCDC63FB5BC9CB
content-length: 4547
content-type: image/jpeg
content-md5: eu9Mz25HuboDg2XNPR9Wkw==
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 09ffe763-201e-0024-1c98-1673de000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cache-control: public, no-transform, max-age=377494
expires: Wed, 18 Dec 2024 03:01:02 GMT
date: Fri, 13 Dec 2024 18:09:28 GMT
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.4c367a5c.1734113368.a70491f
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/5-y8FBmAkXLBZZghI-X94CRnsqg.br.css

msedge.exe

Remote address:

95.101.143.210:443

Request

GET /rp/5-y8FBmAkXLBZZghI-X94CRnsqg.br.css HTTP/2.0
host: r.bing.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: text/css,*/*;q=0.1
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: style
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: MUID=2F4E2904EB0462ED0C753C50EA6963F3
cookie: _EDGE_S=F=1&SID=1FCCA6982E7F6C8F0728B3CC2F126D2A
cookie: _EDGE_V=1
cookie: _SS=PC=U531&SID=1FCCA6982E7F6C8F0728B3CC2F126D2A
cookie: SRCHD=AF=ANAB01
cookie: SRCHUID=V=2&GUID=8F1B49904A39427CA6233E79AB5BE299&dmnchg=1
cookie: ak_bmsc=F184CDB549F535F0B1E550D997395A26~000000000000000000000000000000~YAAQTDZ6XBXtdbWTAQAAMBM2wRr1wf4++RX/YAOWqh730thSrLKlBKMU4VpVMXbgi/LvbmuVgzyOM8kUlacDwjH4uybO7kvKG6QRuI8SPwe1QGFlxiVicp5hmGd05WFcNWnHPVzMekCo/R0SLhvaoXl1fXaULy3kgl/fRGp8xw7oPHyej/BhgG3YyX7oEK9PSWocKQbv1arXPfYTr6Pq5yZSN5gwlVVI1u9lfdVi4roZ6DhkyAUPIte/4/6rbnL5NOI3w7ljUelB+vV3TcmzPfreKRYeeCJXh/AD3CjtBdX5un91365jWwJXOGNWw6yGnnn/7U2buFemYCu8nb7bVSxMgoM6KK6PbpgeR0Pqv9YAr6odhOczXEav29qkndMDB/jhFnMCRoae
cookie: USRLOC=HS=1&ELOC=LAT=51.98436737060547|LON=-0.22957976162433624|N=Letchworth%2C%20Hertfordshire|ELT=4|
cookie: SRCHHPGUSR=SRCHLANG=en&DM=0&BRW=M&BRH=S&CW=1280&CH=601&SCW=1263&SCH=2629&DPR=1.0&UTC=0&PV=10.0
cookie: SRCHUSR=DOB=20241213&T=1734113366000
cookie: _C_ETH=1

Response

HTTP/2.0 200

last-modified: Tue, 24 Sep 2024 07:10:08 GMT
etag: 0x8DCDC67EC841DCF
content-type: text/css
content-md5: DnViWNsgH/Vlo3SrH5gEzg==
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 3f1872cf-901e-0079-615d-1683da000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
content-encoding: gzip
content-length: 1339
cache-control: public, no-transform, max-age=180307
expires: Sun, 15 Dec 2024 20:14:35 GMT
date: Fri, 13 Dec 2024 18:09:28 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.4c367a5c.1734113368.a70492f
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/17Kbwo14aoBIPkSeISAgHKajyeA.br.css

msedge.exe

Remote address:

95.101.143.210:443

Request

GET /rp/17Kbwo14aoBIPkSeISAgHKajyeA.br.css HTTP/2.0
host: r.bing.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: text/css,*/*;q=0.1
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: style
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: MUID=2F4E2904EB0462ED0C753C50EA6963F3
cookie: _EDGE_S=F=1&SID=1FCCA6982E7F6C8F0728B3CC2F126D2A
cookie: _EDGE_V=1
cookie: _SS=PC=U531&SID=1FCCA6982E7F6C8F0728B3CC2F126D2A
cookie: SRCHD=AF=ANAB01
cookie: SRCHUID=V=2&GUID=8F1B49904A39427CA6233E79AB5BE299&dmnchg=1
cookie: ak_bmsc=F184CDB549F535F0B1E550D997395A26~000000000000000000000000000000~YAAQTDZ6XBXtdbWTAQAAMBM2wRr1wf4++RX/YAOWqh730thSrLKlBKMU4VpVMXbgi/LvbmuVgzyOM8kUlacDwjH4uybO7kvKG6QRuI8SPwe1QGFlxiVicp5hmGd05WFcNWnHPVzMekCo/R0SLhvaoXl1fXaULy3kgl/fRGp8xw7oPHyej/BhgG3YyX7oEK9PSWocKQbv1arXPfYTr6Pq5yZSN5gwlVVI1u9lfdVi4roZ6DhkyAUPIte/4/6rbnL5NOI3w7ljUelB+vV3TcmzPfreKRYeeCJXh/AD3CjtBdX5un91365jWwJXOGNWw6yGnnn/7U2buFemYCu8nb7bVSxMgoM6KK6PbpgeR0Pqv9YAr6odhOczXEav29qkndMDB/jhFnMCRoae
cookie: USRLOC=HS=1&ELOC=LAT=51.98436737060547|LON=-0.22957976162433624|N=Letchworth%2C%20Hertfordshire|ELT=4|
cookie: SRCHHPGUSR=SRCHLANG=en&DM=0&BRW=M&BRH=S&CW=1280&CH=601&SCW=1263&SCH=2629&DPR=1.0&UTC=0&PV=10.0
cookie: SRCHUSR=DOB=20241213&T=1734113366000
cookie: _C_ETH=1

Response

HTTP/2.0 200

last-modified: Mon, 14 Oct 2024 19:29:57 GMT
etag: 0x8DCEC86967FA2A4
content-length: 326
content-type: text/css; charset=utf-8
content-encoding: br
content-md5: yxQVEL8D2yYKzOkWuxDcBg==
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 763a59cc-101e-0068-1fdd-1eb4c1000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cache-control: public, no-transform, max-age=56634
expires: Sat, 14 Dec 2024 09:53:22 GMT
date: Fri, 13 Dec 2024 18:09:28 GMT
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.4c367a5c.1734113368.a70492e
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/vDjLjnEkXEuH2C8u3tT0A004qwQ.br.css

msedge.exe

Remote address:

95.101.143.210:443

Request

GET /rp/vDjLjnEkXEuH2C8u3tT0A004qwQ.br.css HTTP/2.0
host: r.bing.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: text/css,*/*;q=0.1
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: style
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: MUID=2F4E2904EB0462ED0C753C50EA6963F3
cookie: _EDGE_S=F=1&SID=1FCCA6982E7F6C8F0728B3CC2F126D2A
cookie: _EDGE_V=1
cookie: _SS=PC=U531&SID=1FCCA6982E7F6C8F0728B3CC2F126D2A
cookie: SRCHD=AF=ANAB01
cookie: SRCHUID=V=2&GUID=8F1B49904A39427CA6233E79AB5BE299&dmnchg=1
cookie: ak_bmsc=F184CDB549F535F0B1E550D997395A26~000000000000000000000000000000~YAAQTDZ6XBXtdbWTAQAAMBM2wRr1wf4++RX/YAOWqh730thSrLKlBKMU4VpVMXbgi/LvbmuVgzyOM8kUlacDwjH4uybO7kvKG6QRuI8SPwe1QGFlxiVicp5hmGd05WFcNWnHPVzMekCo/R0SLhvaoXl1fXaULy3kgl/fRGp8xw7oPHyej/BhgG3YyX7oEK9PSWocKQbv1arXPfYTr6Pq5yZSN5gwlVVI1u9lfdVi4roZ6DhkyAUPIte/4/6rbnL5NOI3w7ljUelB+vV3TcmzPfreKRYeeCJXh/AD3CjtBdX5un91365jWwJXOGNWw6yGnnn/7U2buFemYCu8nb7bVSxMgoM6KK6PbpgeR0Pqv9YAr6odhOczXEav29qkndMDB/jhFnMCRoae
cookie: USRLOC=HS=1&ELOC=LAT=51.98436737060547|LON=-0.22957976162433624|N=Letchworth%2C%20Hertfordshire|ELT=4|
cookie: SRCHHPGUSR=SRCHLANG=en&DM=0&BRW=M&BRH=S&CW=1280&CH=601&SCW=1263&SCH=2629&DPR=1.0&UTC=0&PV=10.0
cookie: SRCHUSR=DOB=20241213&T=1734113366000
cookie: _C_ETH=1

Response

HTTP/2.0 200

last-modified: Mon, 14 Oct 2024 19:40:29 GMT
etag: 0x8DCEC880F396E3D
content-length: 269
content-type: text/css
content-encoding: br
content-md5: Twb1SQrgn66TMkCHmLv8IQ==
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 5c783b07-601e-000a-2332-1ff319000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cache-control: public, no-transform, max-age=226145
expires: Mon, 16 Dec 2024 08:58:33 GMT
date: Fri, 13 Dec 2024 18:09:28 GMT
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.4c367a5c.1734113368.a70492d
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://www.bing.com/fd/ls/l?BF=MSJ1&IG=0DD49FA7ED914E5E96F20FA0AFFB5C37&TYPE=Event.ClientInst&DATA=[{%22T%22:%22CI.BF%22,%22X%22:1}]

msedge.exe

Remote address:

95.101.143.210:443

Request

GET /fd/ls/l?BF=MSJ1&IG=0DD49FA7ED914E5E96F20FA0AFFB5C37&TYPE=Event.ClientInst&DATA=[{%22T%22:%22CI.BF%22,%22X%22:1}] HTTP/2.0
host: www.bing.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "90.0.818.66"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.bing.com/search?q=ransomware+downlouds&cvid=7e729d80db1740afaef3a04217b93d4b&aqs=edge..69i57j0l6.4165j0j4&FORM=ANAB01&PC=U531
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: MUID=2F4E2904EB0462ED0C753C50EA6963F3
cookie: _EDGE_S=F=1&SID=1FCCA6982E7F6C8F0728B3CC2F126D2A
cookie: _EDGE_V=1
cookie: SRCHD=AF=ANAB01
cookie: SRCHUID=V=2&GUID=8F1B49904A39427CA6233E79AB5BE299&dmnchg=1
cookie: ak_bmsc=F184CDB549F535F0B1E550D997395A26~000000000000000000000000000000~YAAQTDZ6XBXtdbWTAQAAMBM2wRr1wf4++RX/YAOWqh730thSrLKlBKMU4VpVMXbgi/LvbmuVgzyOM8kUlacDwjH4uybO7kvKG6QRuI8SPwe1QGFlxiVicp5hmGd05WFcNWnHPVzMekCo/R0SLhvaoXl1fXaULy3kgl/fRGp8xw7oPHyej/BhgG3YyX7oEK9PSWocKQbv1arXPfYTr6Pq5yZSN5gwlVVI1u9lfdVi4roZ6DhkyAUPIte/4/6rbnL5NOI3w7ljUelB+vV3TcmzPfreKRYeeCJXh/AD3CjtBdX5un91365jWwJXOGNWw6yGnnn/7U2buFemYCu8nb7bVSxMgoM6KK6PbpgeR0Pqv9YAr6odhOczXEav29qkndMDB/jhFnMCRoae
cookie: MUIDB=2F4E2904EB0462ED0C753C50EA6963F3
cookie: USRLOC=HS=1&ELOC=LAT=51.98436737060547|LON=-0.22957976162433624|N=Letchworth%2C%20Hertfordshire|ELT=4|
cookie: SRCHUSR=DOB=20241213&T=1734113366000
cookie: _C_ETH=1
cookie: _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-12-13T08:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-12-13T18:09:28.0808190+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=
cookie: _Rwho=u=d&ts=2024-12-13
cookie: _SS=PC=U531&SID=1FCCA6982E7F6C8F0728B3CC2F126D2A&R=3&RB=0&GB=0&RG=200&RP=0
cookie: SRCHHPGUSR=SRCHLANG=en&DM=0&BRW=M&BRH=S&CW=1280&CH=601&SCW=1263&SCH=2629&DPR=1.0&UTC=0&PV=10.0&EXLTT=1

Response

HTTP/2.0 200

content-length: 0
access-control-allow-origin: *
date: Fri, 13 Dec 2024 18:09:28 GMT
alt-svc: h3=":443"; ma=93600
x-cdn-traceid: 0.4c367a5c.1734113368.a7049bf
GET

https://www.bing.com/fd/ls/l?BF=MSJ0&IG=0DD49FA7ED914E5E96F20FA0AFFB5C37&TYPE=Event.ClientInst&DATA=[{%22T%22:%22CI.BF%22,%22X%22:0}]

msedge.exe

Remote address:

95.101.143.210:443

Request

GET /fd/ls/l?BF=MSJ0&IG=0DD49FA7ED914E5E96F20FA0AFFB5C37&TYPE=Event.ClientInst&DATA=[{%22T%22:%22CI.BF%22,%22X%22:0}] HTTP/2.0
host: www.bing.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "90.0.818.66"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.bing.com/search?q=ransomware+downlouds&cvid=7e729d80db1740afaef3a04217b93d4b&aqs=edge..69i57j0l6.4165j0j4&FORM=ANAB01&PC=U531
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: MUID=2F4E2904EB0462ED0C753C50EA6963F3
cookie: _EDGE_S=F=1&SID=1FCCA6982E7F6C8F0728B3CC2F126D2A
cookie: _EDGE_V=1
cookie: SRCHD=AF=ANAB01
cookie: SRCHUID=V=2&GUID=8F1B49904A39427CA6233E79AB5BE299&dmnchg=1
cookie: ak_bmsc=F184CDB549F535F0B1E550D997395A26~000000000000000000000000000000~YAAQTDZ6XBXtdbWTAQAAMBM2wRr1wf4++RX/YAOWqh730thSrLKlBKMU4VpVMXbgi/LvbmuVgzyOM8kUlacDwjH4uybO7kvKG6QRuI8SPwe1QGFlxiVicp5hmGd05WFcNWnHPVzMekCo/R0SLhvaoXl1fXaULy3kgl/fRGp8xw7oPHyej/BhgG3YyX7oEK9PSWocKQbv1arXPfYTr6Pq5yZSN5gwlVVI1u9lfdVi4roZ6DhkyAUPIte/4/6rbnL5NOI3w7ljUelB+vV3TcmzPfreKRYeeCJXh/AD3CjtBdX5un91365jWwJXOGNWw6yGnnn/7U2buFemYCu8nb7bVSxMgoM6KK6PbpgeR0Pqv9YAr6odhOczXEav29qkndMDB/jhFnMCRoae
cookie: MUIDB=2F4E2904EB0462ED0C753C50EA6963F3
cookie: USRLOC=HS=1&ELOC=LAT=51.98436737060547|LON=-0.22957976162433624|N=Letchworth%2C%20Hertfordshire|ELT=4|
cookie: SRCHUSR=DOB=20241213&T=1734113366000
cookie: _C_ETH=1
cookie: _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-12-13T08:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-12-13T18:09:28.0808190+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=
cookie: _Rwho=u=d&ts=2024-12-13
cookie: _SS=PC=U531&SID=1FCCA6982E7F6C8F0728B3CC2F126D2A&R=3&RB=0&GB=0&RG=200&RP=0
cookie: SRCHHPGUSR=SRCHLANG=en&DM=0&BRW=M&BRH=S&CW=1280&CH=601&SCW=1263&SCH=2629&DPR=1.0&UTC=0&PV=10.0&EXLTT=1

Response

HTTP/2.0 200

content-length: 0
access-control-allow-origin: *
date: Fri, 13 Dec 2024 18:09:28 GMT
alt-svc: h3=":443"; ma=93600
x-cdn-traceid: 0.4c367a5c.1734113368.a7049be
POST

https://www.bing.com/fd/ls/lsp.aspx

msedge.exe

Remote address:

95.101.143.210:443

Request

POST /fd/ls/lsp.aspx HTTP/2.0
host: www.bing.com
content-length: 415
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "90.0.818.66"
sec-ch-ua-platform-version: "10.0"
content-type: text/xml
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
accept: */*
origin: https://www.bing.com
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.bing.com/search?q=ransomware+downlouds&cvid=7e729d80db1740afaef3a04217b93d4b&aqs=edge..69i57j0l6.4165j0j4&FORM=ANAB01&PC=U531
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: MUID=2F4E2904EB0462ED0C753C50EA6963F3
cookie: _EDGE_S=F=1&SID=1FCCA6982E7F6C8F0728B3CC2F126D2A
cookie: _EDGE_V=1
cookie: SRCHD=AF=ANAB01
cookie: SRCHUID=V=2&GUID=8F1B49904A39427CA6233E79AB5BE299&dmnchg=1
cookie: ak_bmsc=F184CDB549F535F0B1E550D997395A26~000000000000000000000000000000~YAAQTDZ6XBXtdbWTAQAAMBM2wRr1wf4++RX/YAOWqh730thSrLKlBKMU4VpVMXbgi/LvbmuVgzyOM8kUlacDwjH4uybO7kvKG6QRuI8SPwe1QGFlxiVicp5hmGd05WFcNWnHPVzMekCo/R0SLhvaoXl1fXaULy3kgl/fRGp8xw7oPHyej/BhgG3YyX7oEK9PSWocKQbv1arXPfYTr6Pq5yZSN5gwlVVI1u9lfdVi4roZ6DhkyAUPIte/4/6rbnL5NOI3w7ljUelB+vV3TcmzPfreKRYeeCJXh/AD3CjtBdX5un91365jWwJXOGNWw6yGnnn/7U2buFemYCu8nb7bVSxMgoM6KK6PbpgeR0Pqv9YAr6odhOczXEav29qkndMDB/jhFnMCRoae
cookie: MUIDB=2F4E2904EB0462ED0C753C50EA6963F3
cookie: USRLOC=HS=1&ELOC=LAT=51.98436737060547|LON=-0.22957976162433624|N=Letchworth%2C%20Hertfordshire|ELT=4|
cookie: SRCHUSR=DOB=20241213&T=1734113366000
cookie: _C_ETH=1
cookie: _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-12-13T08:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-12-13T18:09:28.0808190+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=
cookie: _Rwho=u=d&ts=2024-12-13
cookie: _SS=PC=U531&SID=1FCCA6982E7F6C8F0728B3CC2F126D2A&R=3&RB=0&GB=0&RG=200&RP=0
cookie: SRCHHPGUSR=SRCHLANG=en&DM=0&BRW=M&BRH=S&CW=1280&CH=601&SCW=1263&SCH=2629&DPR=1.0&UTC=0&PV=10.0&EXLTT=1

Response

HTTP/2.0 204

access-control-allow-origin: *
date: Fri, 13 Dec 2024 18:09:28 GMT
alt-svc: h3=":443"; ma=93600
x-cdn-traceid: 0.4c367a5c.1734113368.a7049e8
GET

https://www.bing.com/aes/c.gif?type=mv&tids=58,60,62,64&rg=be9b04ac08ec4d669156aa56ae18f7c4&reqver=1.0

msedge.exe

Remote address:

95.101.143.210:443

Request

GET /aes/c.gif?type=mv&tids=58,60,62,64&rg=be9b04ac08ec4d669156aa56ae18f7c4&reqver=1.0 HTTP/2.0
host: www.bing.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "90.0.818.66"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.bing.com/search?q=ransomware+downlouds&cvid=7e729d80db1740afaef3a04217b93d4b&aqs=edge..69i57j0l6.4165j0j4&FORM=ANAB01&PC=U531
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: MUID=2F4E2904EB0462ED0C753C50EA6963F3
cookie: _EDGE_S=F=1&SID=1FCCA6982E7F6C8F0728B3CC2F126D2A
cookie: _EDGE_V=1
cookie: SRCHD=AF=ANAB01
cookie: SRCHUID=V=2&GUID=8F1B49904A39427CA6233E79AB5BE299&dmnchg=1
cookie: ak_bmsc=F184CDB549F535F0B1E550D997395A26~000000000000000000000000000000~YAAQTDZ6XBXtdbWTAQAAMBM2wRr1wf4++RX/YAOWqh730thSrLKlBKMU4VpVMXbgi/LvbmuVgzyOM8kUlacDwjH4uybO7kvKG6QRuI8SPwe1QGFlxiVicp5hmGd05WFcNWnHPVzMekCo/R0SLhvaoXl1fXaULy3kgl/fRGp8xw7oPHyej/BhgG3YyX7oEK9PSWocKQbv1arXPfYTr6Pq5yZSN5gwlVVI1u9lfdVi4roZ6DhkyAUPIte/4/6rbnL5NOI3w7ljUelB+vV3TcmzPfreKRYeeCJXh/AD3CjtBdX5un91365jWwJXOGNWw6yGnnn/7U2buFemYCu8nb7bVSxMgoM6KK6PbpgeR0Pqv9YAr6odhOczXEav29qkndMDB/jhFnMCRoae
cookie: MUIDB=2F4E2904EB0462ED0C753C50EA6963F3
cookie: USRLOC=HS=1&ELOC=LAT=51.98436737060547|LON=-0.22957976162433624|N=Letchworth%2C%20Hertfordshire|ELT=4|
cookie: SRCHUSR=DOB=20241213&T=1734113366000
cookie: _C_ETH=1
cookie: _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-12-13T08:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-12-13T18:09:28.0808190+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=
cookie: _Rwho=u=d&ts=2024-12-13
cookie: _SS=PC=U531&SID=1FCCA6982E7F6C8F0728B3CC2F126D2A&R=3&RB=0&GB=0&RG=200&RP=0
cookie: SRCHHPGUSR=SRCHLANG=en&DM=0&BRW=M&BRH=S&CW=1280&CH=601&SCW=1263&SCH=2629&DPR=1.0&UTC=0&PV=10.0&EXLTT=1

Response

HTTP/2.0 200

cache-control: private
content-length: 1
content-type: text/html
content-encoding: br
vary: Accept-Encoding
p3p: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
x-eventid: 675c78587a2b4f59aec74a990162057d
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, ECT, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
useragentreductionoptout: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
content-security-policy: script-src https: 'strict-dynamic' 'report-sample' 'wasm-unsafe-eval' 'nonce-EufH52T2PEz817G/bKpxFeiXleBMDz2TWeyMAEyvyk4='; base-uri 'self';report-to csp-endpoint
report-to: {"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
x-msedge-ref: Ref A: A61CAD40B0D8458F95B2316A130EC1DD Ref B: LON601060107034 Ref C: 2024-12-13T18:09:28Z
date: Fri, 13 Dec 2024 18:09:28 GMT
set-cookie: MUIDB=2F4E2904EB0462ED0C753C50EA6963F3; expires=Wed, 07-Jan-2026 18:09:28 GMT; path=/; HttpOnly
alt-svc: h3=":443"; ma=93600
x-cdn-traceid: 0.4c367a5c.1734113368.a704a5e
POST

https://www.bing.com/orgid/idtoken/conditional

msedge.exe

Remote address:

95.101.143.210:443

Request

POST /orgid/idtoken/conditional HTTP/2.0
host: www.bing.com
content-length: 693
cache-control: max-age=0
ect: 4g
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
sec-ch-ua-mobile: ?0
sec-ch-ua-full-version: "90.0.818.66"
sec-ch-ua-arch: "x86"
sec-ch-ua-platform: "Windows"
sec-ch-ua-platform-version: "10.0"
sec-ch-ua-model: ""
origin: https://login.microsoftonline.com
upgrade-insecure-requests: 1
dnt: 1
content-type: application/x-www-form-urlencoded
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://login.microsoftonline.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: MUID=2F4E2904EB0462ED0C753C50EA6963F3
cookie: _EDGE_S=F=1&SID=1FCCA6982E7F6C8F0728B3CC2F126D2A
cookie: _EDGE_V=1
cookie: SRCHD=AF=ANAB01
cookie: SRCHUID=V=2&GUID=8F1B49904A39427CA6233E79AB5BE299&dmnchg=1
cookie: ak_bmsc=F184CDB549F535F0B1E550D997395A26~000000000000000000000000000000~YAAQTDZ6XBXtdbWTAQAAMBM2wRr1wf4++RX/YAOWqh730thSrLKlBKMU4VpVMXbgi/LvbmuVgzyOM8kUlacDwjH4uybO7kvKG6QRuI8SPwe1QGFlxiVicp5hmGd05WFcNWnHPVzMekCo/R0SLhvaoXl1fXaULy3kgl/fRGp8xw7oPHyej/BhgG3YyX7oEK9PSWocKQbv1arXPfYTr6Pq5yZSN5gwlVVI1u9lfdVi4roZ6DhkyAUPIte/4/6rbnL5NOI3w7ljUelB+vV3TcmzPfreKRYeeCJXh/AD3CjtBdX5un91365jWwJXOGNWw6yGnnn/7U2buFemYCu8nb7bVSxMgoM6KK6PbpgeR0Pqv9YAr6odhOczXEav29qkndMDB/jhFnMCRoae
cookie: MUIDB=2F4E2904EB0462ED0C753C50EA6963F3
cookie: USRLOC=HS=1&ELOC=LAT=51.98436737060547|LON=-0.22957976162433624|N=Letchworth%2C%20Hertfordshire|ELT=4|
cookie: SRCHUSR=DOB=20241213&T=1734113366000
cookie: _C_ETH=1
cookie: _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-12-13T08:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-12-13T18:09:28.0808190+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=
cookie: _Rwho=u=d&ts=2024-12-13
cookie: _SS=PC=U531&SID=1FCCA6982E7F6C8F0728B3CC2F126D2A&R=3&RB=0&GB=0&RG=200&RP=0
cookie: SRCHHPGUSR=SRCHLANG=en&DM=0&BRW=M&BRH=S&CW=1280&CH=601&SCW=1263&SCH=2629&DPR=1.0&UTC=0&PV=10.0&EXLTT=1

Response

HTTP/2.0 200

content-length: 0
access-control-allow-origin: *
date: Fri, 13 Dec 2024 18:09:28 GMT
alt-svc: h3=":443"; ma=93600
x-cdn-traceid: 0.4c367a5c.1734113368.a704a76
GET

https://www.bing.com/fd/ls/l?IG=0DD49FA7ED914E5E96F20FA0AFFB5C37&CID=2F4E2904EB0462ED0C753C50EA6963F3&Type=Event.ClientInst&DATA=[{%22T%22:%22CI.FeedbackInit%22,%22FID%22:%22CI%22,%22Name%22:%22Feedback%22,%22Text%22:%22thumb_tum2%22}]

msedge.exe

Remote address:

95.101.143.210:443

Request

GET /fd/ls/l?IG=0DD49FA7ED914E5E96F20FA0AFFB5C37&CID=2F4E2904EB0462ED0C753C50EA6963F3&Type=Event.ClientInst&DATA=[{%22T%22:%22CI.FeedbackInit%22,%22FID%22:%22CI%22,%22Name%22:%22Feedback%22,%22Text%22:%22thumb_tum2%22}] HTTP/2.0
host: www.bing.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "90.0.818.66"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.bing.com/search?q=ransomware+downlouds&cvid=7e729d80db1740afaef3a04217b93d4b&aqs=edge..69i57j0l6.4165j0j4&FORM=ANAB01&PC=U531
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: MUID=2F4E2904EB0462ED0C753C50EA6963F3
cookie: _EDGE_S=F=1&SID=1FCCA6982E7F6C8F0728B3CC2F126D2A
cookie: _EDGE_V=1
cookie: SRCHD=AF=ANAB01
cookie: SRCHUID=V=2&GUID=8F1B49904A39427CA6233E79AB5BE299&dmnchg=1
cookie: ak_bmsc=F184CDB549F535F0B1E550D997395A26~000000000000000000000000000000~YAAQTDZ6XBXtdbWTAQAAMBM2wRr1wf4++RX/YAOWqh730thSrLKlBKMU4VpVMXbgi/LvbmuVgzyOM8kUlacDwjH4uybO7kvKG6QRuI8SPwe1QGFlxiVicp5hmGd05WFcNWnHPVzMekCo/R0SLhvaoXl1fXaULy3kgl/fRGp8xw7oPHyej/BhgG3YyX7oEK9PSWocKQbv1arXPfYTr6Pq5yZSN5gwlVVI1u9lfdVi4roZ6DhkyAUPIte/4/6rbnL5NOI3w7ljUelB+vV3TcmzPfreKRYeeCJXh/AD3CjtBdX5un91365jWwJXOGNWw6yGnnn/7U2buFemYCu8nb7bVSxMgoM6KK6PbpgeR0Pqv9YAr6odhOczXEav29qkndMDB/jhFnMCRoae
cookie: MUIDB=2F4E2904EB0462ED0C753C50EA6963F3
cookie: USRLOC=HS=1&ELOC=LAT=51.98436737060547|LON=-0.22957976162433624|N=Letchworth%2C%20Hertfordshire|ELT=4|
cookie: SRCHUSR=DOB=20241213&T=1734113366000
cookie: _C_ETH=1
cookie: _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-12-13T08:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-12-13T18:09:28.0808190+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=
cookie: _Rwho=u=d&ts=2024-12-13
cookie: _SS=PC=U531&SID=1FCCA6982E7F6C8F0728B3CC2F126D2A&R=3&RB=0&GB=0&RG=200&RP=0
cookie: SRCHHPGUSR=SRCHLANG=en&DM=0&BRW=M&BRH=S&CW=1280&CH=601&SCW=1263&SCH=2629&DPR=1.0&UTC=0&PV=10.0&EXLTT=1

Response

HTTP/2.0 200

content-length: 0
access-control-allow-origin: *
date: Fri, 13 Dec 2024 18:09:28 GMT
alt-svc: h3=":443"; ma=93600
x-cdn-traceid: 0.4c367a5c.1734113368.a704a79
GET

https://www.bing.com/fd/ls/l?IG=0DD49FA7ED914E5E96F20FA0AFFB5C37&CID=2F4E2904EB0462ED0C753C50EA6963F3&Type=Event.ClientInst&DATA=[{%22T%22:%22CI.FeedbackInit%22,%22FID%22:%22CI%22,%22Name%22:%22Feedback%22,%22Text%22:%22thumb_f2%22}]

msedge.exe

Remote address:

95.101.143.210:443

Request

GET /fd/ls/l?IG=0DD49FA7ED914E5E96F20FA0AFFB5C37&CID=2F4E2904EB0462ED0C753C50EA6963F3&Type=Event.ClientInst&DATA=[{%22T%22:%22CI.FeedbackInit%22,%22FID%22:%22CI%22,%22Name%22:%22Feedback%22,%22Text%22:%22thumb_f2%22}] HTTP/2.0
host: www.bing.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "90.0.818.66"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.bing.com/search?q=ransomware+downlouds&cvid=7e729d80db1740afaef3a04217b93d4b&aqs=edge..69i57j0l6.4165j0j4&FORM=ANAB01&PC=U531
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: MUID=2F4E2904EB0462ED0C753C50EA6963F3
cookie: _EDGE_S=F=1&SID=1FCCA6982E7F6C8F0728B3CC2F126D2A
cookie: _EDGE_V=1
cookie: SRCHD=AF=ANAB01
cookie: SRCHUID=V=2&GUID=8F1B49904A39427CA6233E79AB5BE299&dmnchg=1
cookie: ak_bmsc=F184CDB549F535F0B1E550D997395A26~000000000000000000000000000000~YAAQTDZ6XBXtdbWTAQAAMBM2wRr1wf4++RX/YAOWqh730thSrLKlBKMU4VpVMXbgi/LvbmuVgzyOM8kUlacDwjH4uybO7kvKG6QRuI8SPwe1QGFlxiVicp5hmGd05WFcNWnHPVzMekCo/R0SLhvaoXl1fXaULy3kgl/fRGp8xw7oPHyej/BhgG3YyX7oEK9PSWocKQbv1arXPfYTr6Pq5yZSN5gwlVVI1u9lfdVi4roZ6DhkyAUPIte/4/6rbnL5NOI3w7ljUelB+vV3TcmzPfreKRYeeCJXh/AD3CjtBdX5un91365jWwJXOGNWw6yGnnn/7U2buFemYCu8nb7bVSxMgoM6KK6PbpgeR0Pqv9YAr6odhOczXEav29qkndMDB/jhFnMCRoae
cookie: MUIDB=2F4E2904EB0462ED0C753C50EA6963F3
cookie: USRLOC=HS=1&ELOC=LAT=51.98436737060547|LON=-0.22957976162433624|N=Letchworth%2C%20Hertfordshire|ELT=4|
cookie: SRCHUSR=DOB=20241213&T=1734113366000
cookie: _C_ETH=1
cookie: _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-12-13T08:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-12-13T18:09:28.0808190+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=
cookie: _Rwho=u=d&ts=2024-12-13
cookie: _SS=PC=U531&SID=1FCCA6982E7F6C8F0728B3CC2F126D2A&R=3&RB=0&GB=0&RG=200&RP=0
cookie: SRCHHPGUSR=SRCHLANG=en&DM=0&BRW=M&BRH=S&CW=1280&CH=601&SCW=1263&SCH=2629&DPR=1.0&UTC=0&PV=10.0&EXLTT=1

Response

HTTP/2.0 200

content-length: 0
access-control-allow-origin: *
date: Fri, 13 Dec 2024 18:09:28 GMT
alt-svc: h3=":443"; ma=93600
x-cdn-traceid: 0.4c367a5c.1734113368.a704aae
GET

https://www.bing.com/fd/ls/l?IG=0DD49FA7ED914E5E96F20FA0AFFB5C37&CID=2F4E2904EB0462ED0C753C50EA6963F3&Type=Event.ClientInst&DATA=[{%22T%22:%22CI.FeedbackInit%22,%22FID%22:%22CI%22,%22Name%22:%22Feedback%22,%22Text%22:%22sb_feedback%22}]

msedge.exe

Remote address:

95.101.143.210:443

Request

GET /fd/ls/l?IG=0DD49FA7ED914E5E96F20FA0AFFB5C37&CID=2F4E2904EB0462ED0C753C50EA6963F3&Type=Event.ClientInst&DATA=[{%22T%22:%22CI.FeedbackInit%22,%22FID%22:%22CI%22,%22Name%22:%22Feedback%22,%22Text%22:%22sb_feedback%22}] HTTP/2.0
host: www.bing.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "90.0.818.66"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.bing.com/search?q=ransomware+downlouds&cvid=7e729d80db1740afaef3a04217b93d4b&aqs=edge..69i57j0l6.4165j0j4&FORM=ANAB01&PC=U531
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: MUID=2F4E2904EB0462ED0C753C50EA6963F3
cookie: _EDGE_S=F=1&SID=1FCCA6982E7F6C8F0728B3CC2F126D2A
cookie: _EDGE_V=1
cookie: SRCHD=AF=ANAB01
cookie: SRCHUID=V=2&GUID=8F1B49904A39427CA6233E79AB5BE299&dmnchg=1
cookie: ak_bmsc=F184CDB549F535F0B1E550D997395A26~000000000000000000000000000000~YAAQTDZ6XBXtdbWTAQAAMBM2wRr1wf4++RX/YAOWqh730thSrLKlBKMU4VpVMXbgi/LvbmuVgzyOM8kUlacDwjH4uybO7kvKG6QRuI8SPwe1QGFlxiVicp5hmGd05WFcNWnHPVzMekCo/R0SLhvaoXl1fXaULy3kgl/fRGp8xw7oPHyej/BhgG3YyX7oEK9PSWocKQbv1arXPfYTr6Pq5yZSN5gwlVVI1u9lfdVi4roZ6DhkyAUPIte/4/6rbnL5NOI3w7ljUelB+vV3TcmzPfreKRYeeCJXh/AD3CjtBdX5un91365jWwJXOGNWw6yGnnn/7U2buFemYCu8nb7bVSxMgoM6KK6PbpgeR0Pqv9YAr6odhOczXEav29qkndMDB/jhFnMCRoae
cookie: MUIDB=2F4E2904EB0462ED0C753C50EA6963F3
cookie: USRLOC=HS=1&ELOC=LAT=51.98436737060547|LON=-0.22957976162433624|N=Letchworth%2C%20Hertfordshire|ELT=4|
cookie: SRCHUSR=DOB=20241213&T=1734113366000
cookie: _C_ETH=1
cookie: _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-12-13T08:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-12-13T18:09:28.0808190+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=
cookie: _Rwho=u=d&ts=2024-12-13
cookie: _SS=PC=U531&SID=1FCCA6982E7F6C8F0728B3CC2F126D2A&R=3&RB=0&GB=0&RG=200&RP=0
cookie: SRCHHPGUSR=SRCHLANG=en&DM=0&BRW=M&BRH=S&CW=1280&CH=601&SCW=1263&SCH=2629&DPR=1.0&UTC=0&PV=10.0&EXLTT=1

Response

HTTP/2.0 204

access-control-allow-origin: *
date: Fri, 13 Dec 2024 18:09:28 GMT
alt-svc: h3=":443"; ma=93600
x-cdn-traceid: 0.4c367a5c.1734113368.a704ac8
POST

https://www.bing.com/fd/ls/lsp.aspx?

msedge.exe

Remote address:

95.101.143.210:443

Request

POST /fd/ls/lsp.aspx? HTTP/2.0
host: www.bing.com
content-length: 265
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "90.0.818.66"
sec-ch-ua-platform-version: "10.0"
content-type: text/plain;charset=UTF-8
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
accept: */*
origin: https://www.bing.com
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://www.bing.com/search?q=ransomware+downlouds&cvid=7e729d80db1740afaef3a04217b93d4b&aqs=edge..69i57j0l6.4165j0j4&FORM=ANAB01&PC=U531
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: MUID=2F4E2904EB0462ED0C753C50EA6963F3
cookie: _EDGE_S=F=1&SID=1FCCA6982E7F6C8F0728B3CC2F126D2A
cookie: _EDGE_V=1
cookie: SRCHD=AF=ANAB01
cookie: SRCHUID=V=2&GUID=8F1B49904A39427CA6233E79AB5BE299&dmnchg=1
cookie: ak_bmsc=F184CDB549F535F0B1E550D997395A26~000000000000000000000000000000~YAAQTDZ6XBXtdbWTAQAAMBM2wRr1wf4++RX/YAOWqh730thSrLKlBKMU4VpVMXbgi/LvbmuVgzyOM8kUlacDwjH4uybO7kvKG6QRuI8SPwe1QGFlxiVicp5hmGd05WFcNWnHPVzMekCo/R0SLhvaoXl1fXaULy3kgl/fRGp8xw7oPHyej/BhgG3YyX7oEK9PSWocKQbv1arXPfYTr6Pq5yZSN5gwlVVI1u9lfdVi4roZ6DhkyAUPIte/4/6rbnL5NOI3w7ljUelB+vV3TcmzPfreKRYeeCJXh/AD3CjtBdX5un91365jWwJXOGNWw6yGnnn/7U2buFemYCu8nb7bVSxMgoM6KK6PbpgeR0Pqv9YAr6odhOczXEav29qkndMDB/jhFnMCRoae
cookie: MUIDB=2F4E2904EB0462ED0C753C50EA6963F3
cookie: USRLOC=HS=1&ELOC=LAT=51.98436737060547|LON=-0.22957976162433624|N=Letchworth%2C%20Hertfordshire|ELT=4|
cookie: SRCHUSR=DOB=20241213&T=1734113366000
cookie: _C_ETH=1
cookie: _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-12-13T08:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-12-13T18:09:28.0808190+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=
cookie: _Rwho=u=d&ts=2024-12-13
cookie: _SS=PC=U531&SID=1FCCA6982E7F6C8F0728B3CC2F126D2A&R=3&RB=0&GB=0&RG=200&RP=0
cookie: SRCHHPGUSR=SRCHLANG=en&DM=0&BRW=M&BRH=S&CW=1280&CH=601&SCW=1263&SCH=2629&DPR=1.0&UTC=0&PV=10.0&EXLTT=1

Response

HTTP/2.0 200

content-length: 0
access-control-allow-origin: *
date: Fri, 13 Dec 2024 18:09:28 GMT
alt-svc: h3=":443"; ma=93600
x-cdn-traceid: 0.4c367a5c.1734113368.a704ae5
GET

https://www.bing.com/fd/ls/l?IG=0DD49FA7ED914E5E96F20FA0AFFB5C37&CID=2F4E2904EB0462ED0C753C50EA6963F3&TYPE=Event.ClientInst&DATA=%5B%7B%22T%22%3A%22CI.ClientInst%22%2C%22TS%22%3A1734113366803%2C%22Name%22%3A%22OrgId%22%2C%22FID%22%3A%22NoSignInAttempt%22%7D%2C%7B%22correlationId%22%3A%22675c78564ca447f7845898b671587a49%22%2C%22T%22%3A%22CI.acclink%22%2C%22TS%22%3A1734113366824%2C%22Name%22%3A%22loadJsModule%22%2C%22FID%22%3A%22init%22%7D%2C%7B%22correlationId%22%3A%22675c78564ca447f7845898b671587a49%22%2C%22T%22%3A%22CI.acclink%22%2C%22TS%22%3A1734113366824%2C%22Name%22%3A%22undirectflow%22%2C%22FID%22%3A%22init%22%7D%2C%7B%22T%22%3A%22CI.OpalUpsell%22%2C%22TS%22%3A1734113366844%2C%22Name%22%3A%22Show%22%2C%22FID%22%3A%22%22%7D%2C%7B%22T%22%3A%22CI.OpalUpsell%22%2C%22TS%22%3A1734113366844%2C%22Name%22%3A%22ShowBubble%22%2C%22FID%22%3A%22%22%7D%2C%7B%22osBuildVersion%22%3A%5B%2210%22%2C%220%22%2C%2222000%22%5D%2C%22isWin11OrHigher%22%3A%22true%22%2C%22fullOsBuild%22%3A%2210.0.22000%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1734113366911%2C%22Name%22%3A%22OSBuild%22%2C%22FID%22%3A%22OSBuild%22%7D%2C%7B%22Namespace%22%3A%22SearchHarder%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1734113366948%2C%22Name%22%3A%22ButtonVisible%22%2C%22FID%22%3A%22SearchHarderEntryPoint%22%7D%2C%7B%22T%22%3A%22CI.Tab%22%2C%22TS%22%3A1734113367126%2C%22Name%22%3A%221%22%2C%22FID%22%3A%22count%22%7D%2C%7B%22SuppressingFeature%22%3A%22wikiWidget%22%2C%22T%22%3A%22CI.LeftGutterUtility%22%2C%22TS%22%3A1734113367190%2C%22Name%22%3A%22LGSuppressed%22%2C%22FID%22%3A%22wikiWidget%22%7D%2C%7B%22SuppressingFeature%22%3A%22wikiWidget%22%2C%22T%22%3A%22CI.LeftGutterUtility%22%2C%22TS%22%3A1734113367255%2C%22Name%22%3A%22LGSuppressed%22%2C%22FID%22%3A%22lgVidAns%22%7D%2C%7B%22T%22%3A%22CI.DevLoc%22%2C%22TS%22%3A1734113367366%2C%22Name%22%3A%22PromptDevLoc%22%2C%22FID%22%3A%22AutoPrompt%22%7D%5D

msedge.exe

Remote address:

95.101.143.210:443

Request

GET /fd/ls/l?IG=0DD49FA7ED914E5E96F20FA0AFFB5C37&CID=2F4E2904EB0462ED0C753C50EA6963F3&TYPE=Event.ClientInst&DATA=%5B%7B%22T%22%3A%22CI.ClientInst%22%2C%22TS%22%3A1734113366803%2C%22Name%22%3A%22OrgId%22%2C%22FID%22%3A%22NoSignInAttempt%22%7D%2C%7B%22correlationId%22%3A%22675c78564ca447f7845898b671587a49%22%2C%22T%22%3A%22CI.acclink%22%2C%22TS%22%3A1734113366824%2C%22Name%22%3A%22loadJsModule%22%2C%22FID%22%3A%22init%22%7D%2C%7B%22correlationId%22%3A%22675c78564ca447f7845898b671587a49%22%2C%22T%22%3A%22CI.acclink%22%2C%22TS%22%3A1734113366824%2C%22Name%22%3A%22undirectflow%22%2C%22FID%22%3A%22init%22%7D%2C%7B%22T%22%3A%22CI.OpalUpsell%22%2C%22TS%22%3A1734113366844%2C%22Name%22%3A%22Show%22%2C%22FID%22%3A%22%22%7D%2C%7B%22T%22%3A%22CI.OpalUpsell%22%2C%22TS%22%3A1734113366844%2C%22Name%22%3A%22ShowBubble%22%2C%22FID%22%3A%22%22%7D%2C%7B%22osBuildVersion%22%3A%5B%2210%22%2C%220%22%2C%2222000%22%5D%2C%22isWin11OrHigher%22%3A%22true%22%2C%22fullOsBuild%22%3A%2210.0.22000%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1734113366911%2C%22Name%22%3A%22OSBuild%22%2C%22FID%22%3A%22OSBuild%22%7D%2C%7B%22Namespace%22%3A%22SearchHarder%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1734113366948%2C%22Name%22%3A%22ButtonVisible%22%2C%22FID%22%3A%22SearchHarderEntryPoint%22%7D%2C%7B%22T%22%3A%22CI.Tab%22%2C%22TS%22%3A1734113367126%2C%22Name%22%3A%221%22%2C%22FID%22%3A%22count%22%7D%2C%7B%22SuppressingFeature%22%3A%22wikiWidget%22%2C%22T%22%3A%22CI.LeftGutterUtility%22%2C%22TS%22%3A1734113367190%2C%22Name%22%3A%22LGSuppressed%22%2C%22FID%22%3A%22wikiWidget%22%7D%2C%7B%22SuppressingFeature%22%3A%22wikiWidget%22%2C%22T%22%3A%22CI.LeftGutterUtility%22%2C%22TS%22%3A1734113367255%2C%22Name%22%3A%22LGSuppressed%22%2C%22FID%22%3A%22lgVidAns%22%7D%2C%7B%22T%22%3A%22CI.DevLoc%22%2C%22TS%22%3A1734113367366%2C%22Name%22%3A%22PromptDevLoc%22%2C%22FID%22%3A%22AutoPrompt%22%7D%5D HTTP/2.0
host: www.bing.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "90.0.818.66"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.bing.com/search?q=ransomware+downlouds&cvid=7e729d80db1740afaef3a04217b93d4b&aqs=edge..69i57j0l6.4165j0j4&FORM=ANAB01&PC=U531
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: MUID=2F4E2904EB0462ED0C753C50EA6963F3
cookie: _EDGE_S=F=1&SID=1FCCA6982E7F6C8F0728B3CC2F126D2A
cookie: _EDGE_V=1
cookie: SRCHD=AF=ANAB01
cookie: SRCHUID=V=2&GUID=8F1B49904A39427CA6233E79AB5BE299&dmnchg=1
cookie: ak_bmsc=F184CDB549F535F0B1E550D997395A26~000000000000000000000000000000~YAAQTDZ6XBXtdbWTAQAAMBM2wRr1wf4++RX/YAOWqh730thSrLKlBKMU4VpVMXbgi/LvbmuVgzyOM8kUlacDwjH4uybO7kvKG6QRuI8SPwe1QGFlxiVicp5hmGd05WFcNWnHPVzMekCo/R0SLhvaoXl1fXaULy3kgl/fRGp8xw7oPHyej/BhgG3YyX7oEK9PSWocKQbv1arXPfYTr6Pq5yZSN5gwlVVI1u9lfdVi4roZ6DhkyAUPIte/4/6rbnL5NOI3w7ljUelB+vV3TcmzPfreKRYeeCJXh/AD3CjtBdX5un91365jWwJXOGNWw6yGnnn/7U2buFemYCu8nb7bVSxMgoM6KK6PbpgeR0Pqv9YAr6odhOczXEav29qkndMDB/jhFnMCRoae
cookie: MUIDB=2F4E2904EB0462ED0C753C50EA6963F3
cookie: USRLOC=HS=1&ELOC=LAT=51.98436737060547|LON=-0.22957976162433624|N=Letchworth%2C%20Hertfordshire|ELT=4|
cookie: SRCHUSR=DOB=20241213&T=1734113366000
cookie: _C_ETH=1
cookie: _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-12-13T08:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-12-13T18:09:28.0808190+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=
cookie: _Rwho=u=d&ts=2024-12-13
cookie: _SS=PC=U531&SID=1FCCA6982E7F6C8F0728B3CC2F126D2A&R=3&RB=0&GB=0&RG=200&RP=0
cookie: dsc=order=Video
cookie: SRCHHPGUSR=SRCHLANG=en&DM=0&BRW=M&BRH=S&CW=1280&CH=601&SCW=1263&SCH=2629&DPR=1.0&UTC=0&PV=10.0&EXLTT=1&HV=1734113367

Response

HTTP/2.0 200

cache-control: private,no-store
pragma: no-cache
vary: Origin
p3p: CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 1B54F33410464EB0B41C3E8ACBC380E1 Ref B: LON601060106034 Ref C: 2024-12-13T18:09:28Z
content-length: 0
date: Fri, 13 Dec 2024 18:09:28 GMT
alt-svc: h3=":443"; ma=93600
x-cdn-traceid: 0.4c367a5c.1734113368.a7049fc
GET

https://www.bing.com/fd/ls/l?IG=0DD49FA7ED914E5E96F20FA0AFFB5C37&CID=2F4E2904EB0462ED0C753C50EA6963F3&TYPE=Event.ClientInst&DATA=%5B%7B%22T%22%3A%22CI.DevLoc%22%2C%22TS%22%3A1734113367366%2C%22Name%22%3A%22Perm_Available%22%2C%22FID%22%3A%22AutoPrompt%22%7D%5D

msedge.exe

Remote address:

95.101.143.210:443

Request

GET /fd/ls/l?IG=0DD49FA7ED914E5E96F20FA0AFFB5C37&CID=2F4E2904EB0462ED0C753C50EA6963F3&TYPE=Event.ClientInst&DATA=%5B%7B%22T%22%3A%22CI.DevLoc%22%2C%22TS%22%3A1734113367366%2C%22Name%22%3A%22Perm_Available%22%2C%22FID%22%3A%22AutoPrompt%22%7D%5D HTTP/2.0
host: www.bing.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "90.0.818.66"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.bing.com/search?q=ransomware+downlouds&cvid=7e729d80db1740afaef3a04217b93d4b&aqs=edge..69i57j0l6.4165j0j4&FORM=ANAB01&PC=U531
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: MUID=2F4E2904EB0462ED0C753C50EA6963F3
cookie: _EDGE_S=F=1&SID=1FCCA6982E7F6C8F0728B3CC2F126D2A
cookie: _EDGE_V=1
cookie: SRCHD=AF=ANAB01
cookie: SRCHUID=V=2&GUID=8F1B49904A39427CA6233E79AB5BE299&dmnchg=1
cookie: ak_bmsc=F184CDB549F535F0B1E550D997395A26~000000000000000000000000000000~YAAQTDZ6XBXtdbWTAQAAMBM2wRr1wf4++RX/YAOWqh730thSrLKlBKMU4VpVMXbgi/LvbmuVgzyOM8kUlacDwjH4uybO7kvKG6QRuI8SPwe1QGFlxiVicp5hmGd05WFcNWnHPVzMekCo/R0SLhvaoXl1fXaULy3kgl/fRGp8xw7oPHyej/BhgG3YyX7oEK9PSWocKQbv1arXPfYTr6Pq5yZSN5gwlVVI1u9lfdVi4roZ6DhkyAUPIte/4/6rbnL5NOI3w7ljUelB+vV3TcmzPfreKRYeeCJXh/AD3CjtBdX5un91365jWwJXOGNWw6yGnnn/7U2buFemYCu8nb7bVSxMgoM6KK6PbpgeR0Pqv9YAr6odhOczXEav29qkndMDB/jhFnMCRoae
cookie: MUIDB=2F4E2904EB0462ED0C753C50EA6963F3
cookie: USRLOC=HS=1&ELOC=LAT=51.98436737060547|LON=-0.22957976162433624|N=Letchworth%2C%20Hertfordshire|ELT=4|
cookie: SRCHUSR=DOB=20241213&T=1734113366000
cookie: _C_ETH=1
cookie: _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-12-13T08:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-12-13T18:09:28.0808190+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=
cookie: _Rwho=u=d&ts=2024-12-13
cookie: _SS=PC=U531&SID=1FCCA6982E7F6C8F0728B3CC2F126D2A&R=3&RB=0&GB=0&RG=200&RP=0
cookie: dsc=order=Video
cookie: SRCHHPGUSR=SRCHLANG=en&DM=0&BRW=M&BRH=S&CW=1280&CH=601&SCW=1263&SCH=2629&DPR=1.0&UTC=0&PV=10.0&EXLTT=1&HV=1734113367

Response

HTTP/2.0 200

content-length: 0
access-control-allow-origin: *
date: Fri, 13 Dec 2024 18:09:28 GMT
alt-svc: h3=":443"; ma=93600
x-cdn-traceid: 0.4c367a5c.1734113368.a704aea
GET

https://www.bing.com/fd/ls/l?IG=0DD49FA7ED914E5E96F20FA0AFFB5C37&CID=2F4E2904EB0462ED0C753C50EA6963F3&TYPE=Event.ClientInst&DATA=%5B%7B%22Text%22%3A%220%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1734113367386%2C%22Name%22%3A%22web%22%2C%22FID%22%3A%22DynScopeRank%22%7D%2C%7B%22Text%22%3A%221%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1734113367386%2C%22Name%22%3A%22conv%22%2C%22FID%22%3A%22DynScopeRank%22%7D%2C%7B%22Text%22%3A%222%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1734113367386%2C%22Name%22%3A%22video%22%2C%22FID%22%3A%22DynScopeRank%22%7D%2C%7B%22Text%22%3A%223%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1734113367386%2C%22Name%22%3A%22images%22%2C%22FID%22%3A%22DynScopeRank%22%7D%2C%7B%22Text%22%3A%224%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1734113367386%2C%22Name%22%3A%22local%22%2C%22FID%22%3A%22DynScopeRank%22%7D%2C%7B%22Text%22%3A%225%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1734113367386%2C%22Name%22%3A%22news%22%2C%22FID%22%3A%22DynScopeRank%22%7D%2C%7B%22Text%22%3A%226%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1734113367386%2C%22Name%22%3A%22shop%22%2C%22FID%22%3A%22DynScopeRank%22%7D%2C%7B%22Text%22%3A%227%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1734113367386%2C%22Name%22%3A%22flights%22%2C%22FID%22%3A%22DynScopeRank%22%7D%2C%7B%22Text%22%3A%228%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1734113367386%2C%22Name%22%3A%22travelhub%22%2C%22FID%22%3A%22DynScopeRank%22%7D%2C%7B%22Text%22%3A%229%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1734113367386%2C%22Name%22%3A%22hotels%22%2C%22FID%22%3A%22DynScopeRank%22%7D%2C%7B%22Text%22%3A%2210%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1734113367386%2C%22Name%22%3A%22realestate%22%2C%22FID%22%3A%22DynScopeRank%22%7D%5D

msedge.exe

Remote address:

95.101.143.210:443

Request

GET /fd/ls/l?IG=0DD49FA7ED914E5E96F20FA0AFFB5C37&CID=2F4E2904EB0462ED0C753C50EA6963F3&TYPE=Event.ClientInst&DATA=%5B%7B%22Text%22%3A%220%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1734113367386%2C%22Name%22%3A%22web%22%2C%22FID%22%3A%22DynScopeRank%22%7D%2C%7B%22Text%22%3A%221%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1734113367386%2C%22Name%22%3A%22conv%22%2C%22FID%22%3A%22DynScopeRank%22%7D%2C%7B%22Text%22%3A%222%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1734113367386%2C%22Name%22%3A%22video%22%2C%22FID%22%3A%22DynScopeRank%22%7D%2C%7B%22Text%22%3A%223%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1734113367386%2C%22Name%22%3A%22images%22%2C%22FID%22%3A%22DynScopeRank%22%7D%2C%7B%22Text%22%3A%224%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1734113367386%2C%22Name%22%3A%22local%22%2C%22FID%22%3A%22DynScopeRank%22%7D%2C%7B%22Text%22%3A%225%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1734113367386%2C%22Name%22%3A%22news%22%2C%22FID%22%3A%22DynScopeRank%22%7D%2C%7B%22Text%22%3A%226%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1734113367386%2C%22Name%22%3A%22shop%22%2C%22FID%22%3A%22DynScopeRank%22%7D%2C%7B%22Text%22%3A%227%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1734113367386%2C%22Name%22%3A%22flights%22%2C%22FID%22%3A%22DynScopeRank%22%7D%2C%7B%22Text%22%3A%228%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1734113367386%2C%22Name%22%3A%22travelhub%22%2C%22FID%22%3A%22DynScopeRank%22%7D%2C%7B%22Text%22%3A%229%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1734113367386%2C%22Name%22%3A%22hotels%22%2C%22FID%22%3A%22DynScopeRank%22%7D%2C%7B%22Text%22%3A%2210%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1734113367386%2C%22Name%22%3A%22realestate%22%2C%22FID%22%3A%22DynScopeRank%22%7D%5D HTTP/2.0
host: www.bing.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "90.0.818.66"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.bing.com/search?q=ransomware+downlouds&cvid=7e729d80db1740afaef3a04217b93d4b&aqs=edge..69i57j0l6.4165j0j4&FORM=ANAB01&PC=U531
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: MUID=2F4E2904EB0462ED0C753C50EA6963F3
cookie: _EDGE_S=F=1&SID=1FCCA6982E7F6C8F0728B3CC2F126D2A
cookie: _EDGE_V=1
cookie: SRCHD=AF=ANAB01
cookie: SRCHUID=V=2&GUID=8F1B49904A39427CA6233E79AB5BE299&dmnchg=1
cookie: ak_bmsc=F184CDB549F535F0B1E550D997395A26~000000000000000000000000000000~YAAQTDZ6XBXtdbWTAQAAMBM2wRr1wf4++RX/YAOWqh730thSrLKlBKMU4VpVMXbgi/LvbmuVgzyOM8kUlacDwjH4uybO7kvKG6QRuI8SPwe1QGFlxiVicp5hmGd05WFcNWnHPVzMekCo/R0SLhvaoXl1fXaULy3kgl/fRGp8xw7oPHyej/BhgG3YyX7oEK9PSWocKQbv1arXPfYTr6Pq5yZSN5gwlVVI1u9lfdVi4roZ6DhkyAUPIte/4/6rbnL5NOI3w7ljUelB+vV3TcmzPfreKRYeeCJXh/AD3CjtBdX5un91365jWwJXOGNWw6yGnnn/7U2buFemYCu8nb7bVSxMgoM6KK6PbpgeR0Pqv9YAr6odhOczXEav29qkndMDB/jhFnMCRoae
cookie: MUIDB=2F4E2904EB0462ED0C753C50EA6963F3
cookie: USRLOC=HS=1&ELOC=LAT=51.98436737060547|LON=-0.22957976162433624|N=Letchworth%2C%20Hertfordshire|ELT=4|
cookie: SRCHUSR=DOB=20241213&T=1734113366000
cookie: _C_ETH=1
cookie: _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-12-13T08:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-12-13T18:09:28.0808190+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=
cookie: _Rwho=u=d&ts=2024-12-13
cookie: _SS=PC=U531&SID=1FCCA6982E7F6C8F0728B3CC2F126D2A&R=3&RB=0&GB=0&RG=200&RP=0
cookie: dsc=order=Video
cookie: SRCHHPGUSR=SRCHLANG=en&DM=0&BRW=M&BRH=S&CW=1280&CH=601&SCW=1263&SCH=2629&DPR=1.0&UTC=0&PV=10.0&EXLTT=1&HV=1734113367

Response

HTTP/2.0 200

content-length: 0
access-control-allow-origin: *
date: Fri, 13 Dec 2024 18:09:28 GMT
alt-svc: h3=":443"; ma=93600
x-cdn-traceid: 0.4c367a5c.1734113368.a704af9
GET

https://www.bing.com/fd/ls/l?IG=0DD49FA7ED914E5E96F20FA0AFFB5C37&CID=2F4E2904EB0462ED0C753C50EA6963F3&TYPE=Event.ClientInst&DATA=%5B%7B%22Fallback%22%3A%221%22%2C%22IsRewardUser%22%3A%22%22%2C%22IsAutoOpenFlyout%22%3A%22%22%2C%22SuppressionReason%22%3A%22NoTrigger%3AMuidTrialNotEnoughPoints%22%2C%22FID%22%3A%22ModernRewardsFlyout%22%2C%22EventName%22%3A%22AutoOpenFlyoutFired%22%2C%22T%22%3A%22CI.Init%22%2C%22TS%22%3A1734113367386%2C%22Name%22%3A%22AutoOpenFlyoutFired%22%7D%5D

msedge.exe

Remote address:

95.101.143.210:443

Request

GET /fd/ls/l?IG=0DD49FA7ED914E5E96F20FA0AFFB5C37&CID=2F4E2904EB0462ED0C753C50EA6963F3&TYPE=Event.ClientInst&DATA=%5B%7B%22Fallback%22%3A%221%22%2C%22IsRewardUser%22%3A%22%22%2C%22IsAutoOpenFlyout%22%3A%22%22%2C%22SuppressionReason%22%3A%22NoTrigger%3AMuidTrialNotEnoughPoints%22%2C%22FID%22%3A%22ModernRewardsFlyout%22%2C%22EventName%22%3A%22AutoOpenFlyoutFired%22%2C%22T%22%3A%22CI.Init%22%2C%22TS%22%3A1734113367386%2C%22Name%22%3A%22AutoOpenFlyoutFired%22%7D%5D HTTP/2.0
host: www.bing.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "90.0.818.66"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.bing.com/search?q=ransomware+downlouds&cvid=7e729d80db1740afaef3a04217b93d4b&aqs=edge..69i57j0l6.4165j0j4&FORM=ANAB01&PC=U531
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: MUID=2F4E2904EB0462ED0C753C50EA6963F3
cookie: _EDGE_S=F=1&SID=1FCCA6982E7F6C8F0728B3CC2F126D2A
cookie: _EDGE_V=1
cookie: SRCHD=AF=ANAB01
cookie: SRCHUID=V=2&GUID=8F1B49904A39427CA6233E79AB5BE299&dmnchg=1
cookie: ak_bmsc=F184CDB549F535F0B1E550D997395A26~000000000000000000000000000000~YAAQTDZ6XBXtdbWTAQAAMBM2wRr1wf4++RX/YAOWqh730thSrLKlBKMU4VpVMXbgi/LvbmuVgzyOM8kUlacDwjH4uybO7kvKG6QRuI8SPwe1QGFlxiVicp5hmGd05WFcNWnHPVzMekCo/R0SLhvaoXl1fXaULy3kgl/fRGp8xw7oPHyej/BhgG3YyX7oEK9PSWocKQbv1arXPfYTr6Pq5yZSN5gwlVVI1u9lfdVi4roZ6DhkyAUPIte/4/6rbnL5NOI3w7ljUelB+vV3TcmzPfreKRYeeCJXh/AD3CjtBdX5un91365jWwJXOGNWw6yGnnn/7U2buFemYCu8nb7bVSxMgoM6KK6PbpgeR0Pqv9YAr6odhOczXEav29qkndMDB/jhFnMCRoae
cookie: MUIDB=2F4E2904EB0462ED0C753C50EA6963F3
cookie: USRLOC=HS=1&ELOC=LAT=51.98436737060547|LON=-0.22957976162433624|N=Letchworth%2C%20Hertfordshire|ELT=4|
cookie: SRCHUSR=DOB=20241213&T=1734113366000
cookie: _C_ETH=1
cookie: _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-12-13T08:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-12-13T18:09:28.0808190+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=
cookie: _Rwho=u=d&ts=2024-12-13
cookie: _SS=PC=U531&SID=1FCCA6982E7F6C8F0728B3CC2F126D2A&R=3&RB=0&GB=0&RG=200&RP=0
cookie: dsc=order=Video
cookie: SRCHHPGUSR=SRCHLANG=en&DM=0&BRW=M&BRH=S&CW=1280&CH=601&SCW=1263&SCH=2629&DPR=1.0&UTC=0&PV=10.0&EXLTT=1&HV=1734113367

Response

HTTP/2.0 200

content-length: 0
access-control-allow-origin: *
date: Fri, 13 Dec 2024 18:09:28 GMT
alt-svc: h3=":443"; ma=93600
x-cdn-traceid: 0.4c367a5c.1734113368.a704afb
GET

https://www.bing.com/geolocation/write?isBlocked=true&sid=1FCCA6982E7F6C8F0728B3CC2F126D2A&clientsid=undefined

msedge.exe

Remote address:

95.101.143.210:443

Request

GET /geolocation/write?isBlocked=true&sid=1FCCA6982E7F6C8F0728B3CC2F126D2A&clientsid=undefined HTTP/2.0
host: www.bing.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "90.0.818.66"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.bing.com/search?q=ransomware+downlouds&cvid=7e729d80db1740afaef3a04217b93d4b&aqs=edge..69i57j0l6.4165j0j4&FORM=ANAB01&PC=U531
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: MUID=2F4E2904EB0462ED0C753C50EA6963F3
cookie: _EDGE_S=F=1&SID=1FCCA6982E7F6C8F0728B3CC2F126D2A
cookie: _EDGE_V=1
cookie: SRCHD=AF=ANAB01
cookie: SRCHUID=V=2&GUID=8F1B49904A39427CA6233E79AB5BE299&dmnchg=1
cookie: ak_bmsc=F184CDB549F535F0B1E550D997395A26~000000000000000000000000000000~YAAQTDZ6XBXtdbWTAQAAMBM2wRr1wf4++RX/YAOWqh730thSrLKlBKMU4VpVMXbgi/LvbmuVgzyOM8kUlacDwjH4uybO7kvKG6QRuI8SPwe1QGFlxiVicp5hmGd05WFcNWnHPVzMekCo/R0SLhvaoXl1fXaULy3kgl/fRGp8xw7oPHyej/BhgG3YyX7oEK9PSWocKQbv1arXPfYTr6Pq5yZSN5gwlVVI1u9lfdVi4roZ6DhkyAUPIte/4/6rbnL5NOI3w7ljUelB+vV3TcmzPfreKRYeeCJXh/AD3CjtBdX5un91365jWwJXOGNWw6yGnnn/7U2buFemYCu8nb7bVSxMgoM6KK6PbpgeR0Pqv9YAr6odhOczXEav29qkndMDB/jhFnMCRoae
cookie: MUIDB=2F4E2904EB0462ED0C753C50EA6963F3
cookie: USRLOC=HS=1&ELOC=LAT=51.98436737060547|LON=-0.22957976162433624|N=Letchworth%2C%20Hertfordshire|ELT=4|
cookie: SRCHUSR=DOB=20241213&T=1734113366000
cookie: _C_ETH=1
cookie: _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-12-13T08:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-12-13T18:09:28.0808190+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=
cookie: _Rwho=u=d&ts=2024-12-13
cookie: _SS=PC=U531&SID=1FCCA6982E7F6C8F0728B3CC2F126D2A&R=3&RB=0&GB=0&RG=200&RP=0
cookie: dsc=order=Video
cookie: SRCHHPGUSR=SRCHLANG=en&DM=0&BRW=M&BRH=S&CW=1280&CH=601&SCW=1263&SCH=2629&DPR=1.0&UTC=0&PV=10.0&EXLTT=1&HV=1734113367

Response

HTTP/2.0 200

content-length: 0
access-control-allow-origin: *
date: Fri, 13 Dec 2024 18:09:28 GMT
alt-svc: h3=":443"; ma=93600
x-cdn-traceid: 0.4c367a5c.1734113368.a704ae6
GET

https://www.bing.com/fd/ls/l?IG=0DD49FA7ED914E5E96F20FA0AFFB5C37&CID=2F4E2904EB0462ED0C753C50EA6963F3&TYPE=Event.ClientInst&DATA=%5B%7B%22T%22%3A%22CI.DevLoc%22%2C%22TS%22%3A1734113367394%2C%22Name%22%3A%22Perm_Denied%22%2C%22FID%22%3A%22AutoPrompt%22%7D%5D

msedge.exe

Remote address:

95.101.143.210:443

Request

GET /fd/ls/l?IG=0DD49FA7ED914E5E96F20FA0AFFB5C37&CID=2F4E2904EB0462ED0C753C50EA6963F3&TYPE=Event.ClientInst&DATA=%5B%7B%22T%22%3A%22CI.DevLoc%22%2C%22TS%22%3A1734113367394%2C%22Name%22%3A%22Perm_Denied%22%2C%22FID%22%3A%22AutoPrompt%22%7D%5D HTTP/2.0
host: www.bing.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "90.0.818.66"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.bing.com/search?q=ransomware+downlouds&cvid=7e729d80db1740afaef3a04217b93d4b&aqs=edge..69i57j0l6.4165j0j4&FORM=ANAB01&PC=U531
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: MUID=2F4E2904EB0462ED0C753C50EA6963F3
cookie: _EDGE_S=F=1&SID=1FCCA6982E7F6C8F0728B3CC2F126D2A
cookie: _EDGE_V=1
cookie: SRCHD=AF=ANAB01
cookie: SRCHUID=V=2&GUID=8F1B49904A39427CA6233E79AB5BE299&dmnchg=1
cookie: ak_bmsc=F184CDB549F535F0B1E550D997395A26~000000000000000000000000000000~YAAQTDZ6XBXtdbWTAQAAMBM2wRr1wf4++RX/YAOWqh730thSrLKlBKMU4VpVMXbgi/LvbmuVgzyOM8kUlacDwjH4uybO7kvKG6QRuI8SPwe1QGFlxiVicp5hmGd05WFcNWnHPVzMekCo/R0SLhvaoXl1fXaULy3kgl/fRGp8xw7oPHyej/BhgG3YyX7oEK9PSWocKQbv1arXPfYTr6Pq5yZSN5gwlVVI1u9lfdVi4roZ6DhkyAUPIte/4/6rbnL5NOI3w7ljUelB+vV3TcmzPfreKRYeeCJXh/AD3CjtBdX5un91365jWwJXOGNWw6yGnnn/7U2buFemYCu8nb7bVSxMgoM6KK6PbpgeR0Pqv9YAr6odhOczXEav29qkndMDB/jhFnMCRoae
cookie: MUIDB=2F4E2904EB0462ED0C753C50EA6963F3
cookie: USRLOC=HS=1&ELOC=LAT=51.98436737060547|LON=-0.22957976162433624|N=Letchworth%2C%20Hertfordshire|ELT=4|
cookie: SRCHUSR=DOB=20241213&T=1734113366000
cookie: _C_ETH=1
cookie: _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-12-13T08:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-12-13T18:09:28.0808190+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=
cookie: _Rwho=u=d&ts=2024-12-13
cookie: _SS=PC=U531&SID=1FCCA6982E7F6C8F0728B3CC2F126D2A&R=3&RB=0&GB=0&RG=200&RP=0
cookie: dsc=order=Video
cookie: SRCHHPGUSR=SRCHLANG=en&DM=0&BRW=M&BRH=S&CW=1280&CH=601&SCW=1263&SCH=2629&DPR=1.0&UTC=0&PV=10.0&EXLTT=1&HV=1734113367

Response

HTTP/2.0 200

content-length: 0
access-control-allow-origin: *
date: Fri, 13 Dec 2024 18:09:28 GMT
alt-svc: h3=":443"; ma=93600
x-cdn-traceid: 0.4c367a5c.1734113368.a704ae9
GET

https://www.bing.com/fd/ls/l?IG=0DD49FA7ED914E5E96F20FA0AFFB5C37&CID=2F4E2904EB0462ED0C753C50EA6963F3&TYPE=Event.ClientInst&DATA=%5B%7B%22T%22%3A%22CI.DevLoc%22%2C%22TS%22%3A1734113367394%2C%22Name%22%3A%22block%22%2C%22FID%22%3A%22AutoPrompt%22%7D%5D

msedge.exe

Remote address:

95.101.143.210:443

Request

GET /fd/ls/l?IG=0DD49FA7ED914E5E96F20FA0AFFB5C37&CID=2F4E2904EB0462ED0C753C50EA6963F3&TYPE=Event.ClientInst&DATA=%5B%7B%22T%22%3A%22CI.DevLoc%22%2C%22TS%22%3A1734113367394%2C%22Name%22%3A%22block%22%2C%22FID%22%3A%22AutoPrompt%22%7D%5D HTTP/2.0
host: www.bing.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "90.0.818.66"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.bing.com/search?q=ransomware+downlouds&cvid=7e729d80db1740afaef3a04217b93d4b&aqs=edge..69i57j0l6.4165j0j4&FORM=ANAB01&PC=U531
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: MUID=2F4E2904EB0462ED0C753C50EA6963F3
cookie: _EDGE_S=F=1&SID=1FCCA6982E7F6C8F0728B3CC2F126D2A
cookie: _EDGE_V=1
cookie: SRCHD=AF=ANAB01
cookie: SRCHUID=V=2&GUID=8F1B49904A39427CA6233E79AB5BE299&dmnchg=1
cookie: ak_bmsc=F184CDB549F535F0B1E550D997395A26~000000000000000000000000000000~YAAQTDZ6XBXtdbWTAQAAMBM2wRr1wf4++RX/YAOWqh730thSrLKlBKMU4VpVMXbgi/LvbmuVgzyOM8kUlacDwjH4uybO7kvKG6QRuI8SPwe1QGFlxiVicp5hmGd05WFcNWnHPVzMekCo/R0SLhvaoXl1fXaULy3kgl/fRGp8xw7oPHyej/BhgG3YyX7oEK9PSWocKQbv1arXPfYTr6Pq5yZSN5gwlVVI1u9lfdVi4roZ6DhkyAUPIte/4/6rbnL5NOI3w7ljUelB+vV3TcmzPfreKRYeeCJXh/AD3CjtBdX5un91365jWwJXOGNWw6yGnnn/7U2buFemYCu8nb7bVSxMgoM6KK6PbpgeR0Pqv9YAr6odhOczXEav29qkndMDB/jhFnMCRoae
cookie: MUIDB=2F4E2904EB0462ED0C753C50EA6963F3
cookie: USRLOC=HS=1&ELOC=LAT=51.98436737060547|LON=-0.22957976162433624|N=Letchworth%2C%20Hertfordshire|ELT=4|
cookie: SRCHUSR=DOB=20241213&T=1734113366000
cookie: _C_ETH=1
cookie: _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-12-13T08:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-12-13T18:09:28.0808190+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=
cookie: _Rwho=u=d&ts=2024-12-13
cookie: _SS=PC=U531&SID=1FCCA6982E7F6C8F0728B3CC2F126D2A&R=3&RB=0&GB=0&RG=200&RP=0
cookie: dsc=order=Video
cookie: SRCHHPGUSR=SRCHLANG=en&DM=0&BRW=M&BRH=S&CW=1280&CH=601&SCW=1263&SCH=2629&DPR=1.0&UTC=0&PV=10.0&EXLTT=1&HV=1734113367

Response

HTTP/2.0 200

content-length: 0
access-control-allow-origin: *
date: Fri, 13 Dec 2024 18:09:28 GMT
alt-svc: h3=":443"; ma=93600
x-cdn-traceid: 0.4c367a5c.1734113368.a704afa
GET

https://www.bing.com/fd/ls/l?IG=0DD49FA7ED914E5E96F20FA0AFFB5C37&CID=2F4E2904EB0462ED0C753C50EA6963F3&TYPE=Event.ClientInst&DATA=%5B%7B%22T%22%3A%22CI.DevLoc%22%2C%22TS%22%3A1734113367395%2C%22Name%22%3A%22tryBlock%22%2C%22FID%22%3A%22AutoPrompt%22%7D%5D

msedge.exe

Remote address:

95.101.143.210:443

Request

GET /fd/ls/l?IG=0DD49FA7ED914E5E96F20FA0AFFB5C37&CID=2F4E2904EB0462ED0C753C50EA6963F3&TYPE=Event.ClientInst&DATA=%5B%7B%22T%22%3A%22CI.DevLoc%22%2C%22TS%22%3A1734113367395%2C%22Name%22%3A%22tryBlock%22%2C%22FID%22%3A%22AutoPrompt%22%7D%5D HTTP/2.0
host: www.bing.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "90.0.818.66"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.bing.com/search?q=ransomware+downlouds&cvid=7e729d80db1740afaef3a04217b93d4b&aqs=edge..69i57j0l6.4165j0j4&FORM=ANAB01&PC=U531
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: MUID=2F4E2904EB0462ED0C753C50EA6963F3
cookie: _EDGE_S=F=1&SID=1FCCA6982E7F6C8F0728B3CC2F126D2A
cookie: _EDGE_V=1
cookie: SRCHD=AF=ANAB01
cookie: SRCHUID=V=2&GUID=8F1B49904A39427CA6233E79AB5BE299&dmnchg=1
cookie: ak_bmsc=F184CDB549F535F0B1E550D997395A26~000000000000000000000000000000~YAAQTDZ6XBXtdbWTAQAAMBM2wRr1wf4++RX/YAOWqh730thSrLKlBKMU4VpVMXbgi/LvbmuVgzyOM8kUlacDwjH4uybO7kvKG6QRuI8SPwe1QGFlxiVicp5hmGd05WFcNWnHPVzMekCo/R0SLhvaoXl1fXaULy3kgl/fRGp8xw7oPHyej/BhgG3YyX7oEK9PSWocKQbv1arXPfYTr6Pq5yZSN5gwlVVI1u9lfdVi4roZ6DhkyAUPIte/4/6rbnL5NOI3w7ljUelB+vV3TcmzPfreKRYeeCJXh/AD3CjtBdX5un91365jWwJXOGNWw6yGnnn/7U2buFemYCu8nb7bVSxMgoM6KK6PbpgeR0Pqv9YAr6odhOczXEav29qkndMDB/jhFnMCRoae
cookie: MUIDB=2F4E2904EB0462ED0C753C50EA6963F3
cookie: USRLOC=HS=1&ELOC=LAT=51.98436737060547|LON=-0.22957976162433624|N=Letchworth%2C%20Hertfordshire|ELT=4|
cookie: SRCHUSR=DOB=20241213&T=1734113366000
cookie: _C_ETH=1
cookie: _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-12-13T08:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-12-13T18:09:28.0808190+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=
cookie: _Rwho=u=d&ts=2024-12-13
cookie: _SS=PC=U531&SID=1FCCA6982E7F6C8F0728B3CC2F126D2A&R=3&RB=0&GB=0&RG=200&RP=0
cookie: dsc=order=Video
cookie: SRCHHPGUSR=SRCHLANG=en&DM=0&BRW=M&BRH=S&CW=1280&CH=601&SCW=1263&SCH=2629&DPR=1.0&UTC=0&PV=10.0&EXLTT=1&HV=1734113367

Response

HTTP/2.0 200

cache-control: private
content-length: 1
content-type: text/html
content-encoding: br
vary: Accept-Encoding
p3p: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
x-eventid: 675c785882964af6badc20e67bdaf75d
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, ECT, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
useragentreductionoptout: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
content-security-policy: script-src https: 'strict-dynamic' 'report-sample' 'wasm-unsafe-eval' 'nonce-SWAyHmOFMYkKIWFvKJmWPStbGWR9AvByOUM7+otNRsI='; base-uri 'self';report-to csp-endpoint
report-to: {"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
x-msedge-ref: Ref A: 901C40728ACE4BAFA31D67929D6A8FD2 Ref B: LON601060107034 Ref C: 2024-12-13T18:09:28Z
date: Fri, 13 Dec 2024 18:09:28 GMT
set-cookie: MUIDB=2F4E2904EB0462ED0C753C50EA6963F3; expires=Wed, 07-Jan-2026 18:09:28 GMT; path=/; HttpOnly
set-cookie: USRLOC=HS=1&ELOC=LAT=51.98436737060547|LON=-0.22957976162433624|N=Letchworth%2C%20Hertfordshire|ELT=4|&BLOCK=TS=241213180928; domain=.bing.com; expires=Wed, 07-Jan-2026 18:09:28 GMT; path=/; secure; HttpOnly; SameSite=None
alt-svc: h3=":443"; ma=93600
x-cdn-traceid: 0.4c367a5c.1734113368.a704af8
GET

https://www.bing.com/fd/ls/l?IG=0DD49FA7ED914E5E96F20FA0AFFB5C37&CID=2F4E2904EB0462ED0C753C50EA6963F3&TYPE=Event.ClientInst&DATA=%5B%7B%22T%22%3A%22CI.ASBundleLoad%22%2C%22TS%22%3A1734113367431%2C%22Name%22%3A%22AutoSuggestBootstrap%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22LoadTime%22%3A%22712.5000000232831%22%2C%22T%22%3A%22CI.AutosuggestBootstrapLoaded%22%2C%22TS%22%3A1734113367439%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22LoadTime%22%3A%221892.5000000162981%22%2C%22T%22%3A%22CI.AutosuggestJSBundleLoaded%22%2C%22TS%22%3A1734113367439%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22T%22%3A%22CI.DevLoc%22%2C%22TS%22%3A1734113367507%2C%22Name%22%3A%22BlockSuccess%22%2C%22FID%22%3A%22AutoPrompt%22%7D%5D

msedge.exe

Remote address:

95.101.143.210:443

Request

GET /fd/ls/l?IG=0DD49FA7ED914E5E96F20FA0AFFB5C37&CID=2F4E2904EB0462ED0C753C50EA6963F3&TYPE=Event.ClientInst&DATA=%5B%7B%22T%22%3A%22CI.ASBundleLoad%22%2C%22TS%22%3A1734113367431%2C%22Name%22%3A%22AutoSuggestBootstrap%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22LoadTime%22%3A%22712.5000000232831%22%2C%22T%22%3A%22CI.AutosuggestBootstrapLoaded%22%2C%22TS%22%3A1734113367439%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22LoadTime%22%3A%221892.5000000162981%22%2C%22T%22%3A%22CI.AutosuggestJSBundleLoaded%22%2C%22TS%22%3A1734113367439%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22T%22%3A%22CI.DevLoc%22%2C%22TS%22%3A1734113367507%2C%22Name%22%3A%22BlockSuccess%22%2C%22FID%22%3A%22AutoPrompt%22%7D%5D HTTP/2.0
host: www.bing.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "90.0.818.66"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.bing.com/search?q=ransomware+downlouds&cvid=7e729d80db1740afaef3a04217b93d4b&aqs=edge..69i57j0l6.4165j0j4&FORM=ANAB01&PC=U531
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: MUID=2F4E2904EB0462ED0C753C50EA6963F3
cookie: _EDGE_S=F=1&SID=1FCCA6982E7F6C8F0728B3CC2F126D2A
cookie: _EDGE_V=1
cookie: SRCHD=AF=ANAB01
cookie: SRCHUID=V=2&GUID=8F1B49904A39427CA6233E79AB5BE299&dmnchg=1
cookie: ak_bmsc=F184CDB549F535F0B1E550D997395A26~000000000000000000000000000000~YAAQTDZ6XBXtdbWTAQAAMBM2wRr1wf4++RX/YAOWqh730thSrLKlBKMU4VpVMXbgi/LvbmuVgzyOM8kUlacDwjH4uybO7kvKG6QRuI8SPwe1QGFlxiVicp5hmGd05WFcNWnHPVzMekCo/R0SLhvaoXl1fXaULy3kgl/fRGp8xw7oPHyej/BhgG3YyX7oEK9PSWocKQbv1arXPfYTr6Pq5yZSN5gwlVVI1u9lfdVi4roZ6DhkyAUPIte/4/6rbnL5NOI3w7ljUelB+vV3TcmzPfreKRYeeCJXh/AD3CjtBdX5un91365jWwJXOGNWw6yGnnn/7U2buFemYCu8nb7bVSxMgoM6KK6PbpgeR0Pqv9YAr6odhOczXEav29qkndMDB/jhFnMCRoae
cookie: MUIDB=2F4E2904EB0462ED0C753C50EA6963F3
cookie: SRCHUSR=DOB=20241213&T=1734113366000
cookie: _C_ETH=1
cookie: _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-12-13T08:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-12-13T18:09:28.0808190+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=
cookie: _Rwho=u=d&ts=2024-12-13
cookie: _SS=PC=U531&SID=1FCCA6982E7F6C8F0728B3CC2F126D2A&R=3&RB=0&GB=0&RG=200&RP=0
cookie: dsc=order=Video
cookie: SRCHHPGUSR=SRCHLANG=en&DM=0&BRW=M&BRH=S&CW=1280&CH=601&SCW=1263&SCH=2629&DPR=1.0&UTC=0&PV=10.0&EXLTT=1&HV=1734113367&WTS=63869710166
cookie: USRLOC=HS=1&ELOC=LAT=51.98436737060547|LON=-0.22957976162433624|N=Letchworth%2C%20Hertfordshire|ELT=4|&BLOCK=TS=241213180928

Response

HTTP/2.0 200

content-length: 0
access-control-allow-origin: *
date: Fri, 13 Dec 2024 18:09:28 GMT
alt-svc: h3=":443"; ma=93600
x-cdn-traceid: 0.4c367a5c.1734113368.a704b36
GET

https://www.bing.com/secure/Passport.aspx?popup=1&ssl=1

msedge.exe

Remote address:

95.101.143.210:443

Request

GET /secure/Passport.aspx?popup=1&ssl=1 HTTP/2.0
host: www.bing.com
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
ect: 4g
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
sec-ch-ua-mobile: ?0
sec-ch-ua-full-version: "90.0.818.66"
sec-ch-ua-arch: "x86"
sec-ch-ua-platform: "Windows"
sec-ch-ua-platform-version: "10.0"
sec-ch-ua-model: ""
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: DIDC=ct%3D1734113368%26hashalg%3DSHA256%26bver%3D40%26appid%3DDefault%26da%3D%253CEncryptedData%2520xmlns%253D%2522http://www.w3.org/2001/04/xmlenc%2523%2522%2520Id%253D%2522devicesoftware%2522%2520Type%253D%2522http://www.w3.org/2001/04/xmlenc%2523Element%2522%253E%253CEncryptionMethod%2520Algorithm%253D%2522http://www.w3.org/2001/04/xmlenc%2523tripledes-cbc%2522%253E%253C/EncryptionMethod%253E%253Cds:KeyInfo%2520xmlns:ds%253D%2522http://www.w3.org/2000/09/xmldsig%2523%2522%253E%253Cds:KeyName%253Ehttp://Passport.NET/STS%253C/ds:KeyName%253E%253C/ds:KeyInfo%253E%253CCipherData%253E%253CCipherValue%253EM.C549_BAY.0.D.Cp3UObQFX233oSQEpBdpPkAx5ODb7njpWTm25oyCQRBXkiQJ1dtYKcb1h6JLpI/TFMf%252BQ1%252Bgu114zmFfaje26ChEvBM4LeDKAnVJpVX/CGilHu/1Elkn6aWEBlfDZIrSiVxF%252B9FdFGRnlnjcYZkCo6SE0TvgK0bIosK5vpXpgyZJ3cEKu3uYXF6hE3sw6G28iDZ8EAqNNVCgY4ZqSqfl2vm1V9sXkMGFfBUoUIakoD/MrAg0rcGgHDjvIj23C/OBsE3BQ1DazYYCPrS7MRbnTUZNxZchhRwrZTpyVuQwAaaZRIy2dBv4fEjHXxfuHGbBSCGGjIrPTb0h27AkvdLCIhUNREEaWOZyrgb316F5DE5HyVLdJnRPq2bzuzKFGoqMJ8q8mBb39nyGl%252B2k%252BnzxPuy8aZYARlLo3WkYzcL%252BB113WkxrJFbYyYdzwZw38mOqUlK/ssArGfRRtJAJFt8qqEFq/b7b5KZE/6Lx5lCPn7Cy0%252BTesHCCvCgo7K8oojcQejGKC7CjakS02m1j3FZAFbG2u9LYUJBtGumtvAFGLAze%253C/CipherValue%253E%253C/CipherData%253E%253C/EncryptedData%253E%26nonce%3Dlw2FMYpEpesTSD652GR2tJvSlnUyuFO3%26hash%3D6k68EyE%252F41CCBjmAQ5X4r0QmUttYVugbqHezVXFtOWk%253D%26dd%3D1
cookie: DIDCL=ct%3D1734113368%26hashalg%3DSHA256%26bver%3D40%26appid%3DDefault%26da%3D%253CEncryptedData%2520xmlns%253D%2522http://www.w3.org/2001/04/xmlenc%2523%2522%2520Id%253D%2522devicesoftware%2522%2520Type%253D%2522http://www.w3.org/2001/04/xmlenc%2523Element%2522%253E%253CEncryptionMethod%2520Algorithm%253D%2522http://www.w3.org/2001/04/xmlenc%2523tripledes-cbc%2522%253E%253C/EncryptionMethod%253E%253Cds:KeyInfo%2520xmlns:ds%253D%2522http://www.w3.org/2000/09/xmldsig%2523%2522%253E%253Cds:KeyName%253Ehttp://Passport.NET/STS%253C/ds:KeyName%253E%253C/ds:KeyInfo%253E%253CCipherData%253E%253CCipherValue%253EM.C549_BAY.0.D.Cp3UObQFX233oSQEpBdpPkAx5ODb7njpWTm25oyCQRBXkiQJ1dtYKcb1h6JLpI/TFMf%252BQ1%252Bgu114zmFfaje26ChEvBM4LeDKAnVJpVX/CGilHu/1Elkn6aWEBlfDZIrSiVxF%252B9FdFGRnlnjcYZkCo6SE0TvgK0bIosK5vpXpgyZJ3cEKu3uYXF6hE3sw6G28iDZ8EAqNNVCgY4ZqSqfl2vm1V9sXkMGFfBUoUIakoD/MrAg0rcGgHDjvIj23C/OBsE3BQ1DazYYCPrS7MRbnTUZNxZchhRwrZTpyVuQwAaaZRIy2dBv4fEjHXxfuHGbBSCGGjIrPTb0h27AkvdLCIhUNREEaWOZyrgb316F5DE5HyVLdJnRPq2bzuzKFGoqMJ8q8mBb39nyGl%252B2k%252BnzxPuy8aZYARlLo3WkYzcL%252BB113WkxrJFbYyYdzwZw38mOqUlK/ssArGfRRtJAJFt8qqEFq/b7b5KZE/6Lx5lCPn7Cy0%252BTesHCCvCgo7K8oojcQejGKC7CjakS02m1j3FZAFbG2u9LYUJBtGumtvAFGLAze%253C/CipherValue%253E%253C/CipherData%253E%253C/EncryptedData%253E%26nonce%3Dlw2FMYpEpesTSD652GR2tJvSlnUyuFO3%26hash%3D6k68EyE%252F41CCBjmAQ5X4r0QmUttYVugbqHezVXFtOWk%253D%26dd%3D1
cookie: MUID=2F4E2904EB0462ED0C753C50EA6963F3
cookie: _EDGE_S=F=1&SID=1FCCA6982E7F6C8F0728B3CC2F126D2A
cookie: _EDGE_V=1
cookie: SRCHD=AF=ANAB01
cookie: SRCHUID=V=2&GUID=8F1B49904A39427CA6233E79AB5BE299&dmnchg=1
cookie: ak_bmsc=F184CDB549F535F0B1E550D997395A26~000000000000000000000000000000~YAAQTDZ6XBXtdbWTAQAAMBM2wRr1wf4++RX/YAOWqh730thSrLKlBKMU4VpVMXbgi/LvbmuVgzyOM8kUlacDwjH4uybO7kvKG6QRuI8SPwe1QGFlxiVicp5hmGd05WFcNWnHPVzMekCo/R0SLhvaoXl1fXaULy3kgl/fRGp8xw7oPHyej/BhgG3YyX7oEK9PSWocKQbv1arXPfYTr6Pq5yZSN5gwlVVI1u9lfdVi4roZ6DhkyAUPIte/4/6rbnL5NOI3w7ljUelB+vV3TcmzPfreKRYeeCJXh/AD3CjtBdX5un91365jWwJXOGNWw6yGnnn/7U2buFemYCu8nb7bVSxMgoM6KK6PbpgeR0Pqv9YAr6odhOczXEav29qkndMDB/jhFnMCRoae
cookie: MUIDB=2F4E2904EB0462ED0C753C50EA6963F3
cookie: SRCHUSR=DOB=20241213&T=1734113366000
cookie: _C_ETH=1
cookie: _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-12-13T08:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-12-13T18:09:28.0808190+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=
cookie: _Rwho=u=d&ts=2024-12-13
cookie: _SS=PC=U531&SID=1FCCA6982E7F6C8F0728B3CC2F126D2A&R=3&RB=0&GB=0&RG=200&RP=0
cookie: dsc=order=Video
cookie: SRCHHPGUSR=SRCHLANG=en&DM=0&BRW=M&BRH=S&CW=1280&CH=601&SCW=1263&SCH=2629&DPR=1.0&UTC=0&PV=10.0&EXLTT=1&HV=1734113367&WTS=63869710166
cookie: USRLOC=HS=1&ELOC=LAT=51.98436737060547|LON=-0.22957976162433624|N=Letchworth%2C%20Hertfordshire|ELT=4|&BLOCK=TS=241213180928

Response

HTTP/2.0 200

cache-control: no-cache,no-store
pragma: no-cache
content-length: 235
content-type: text/html; charset=utf-8
content-encoding: br
expires: Thu, 01 Jan 1970 00:00:00 GMT
vary: Accept-Encoding
p3p: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
x-eventid: 675c7859cb46425aa3f7aed5c78962da
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, ECT, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
useragentreductionoptout: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
content-security-policy: script-src https: 'strict-dynamic' 'report-sample' 'wasm-unsafe-eval' 'nonce-qRkTi+GJ6tYCnnGDJWVdFj/kMkMCleyj7kk2FWRUkJg='; base-uri 'self';report-to csp-endpoint
report-to: {"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
x-msedge-ref: Ref A: DA8DB060DA0743379F4E4B725FC7FB5E Ref B: LON601060102029 Ref C: 2024-12-13T18:09:29Z
date: Fri, 13 Dec 2024 18:09:29 GMT
set-cookie: .MSA.Auth=; expires=Thu, 01 Jan 1970 00:00:00 GMT; domain=.bing.com; path=/; secure; samesite=lax; httponly
set-cookie: MUIDB=2F4E2904EB0462ED0C753C50EA6963F3; expires=Wed, 07-Jan-2026 18:09:29 GMT; path=/; HttpOnly
set-cookie: DIDC=; domain=.bing.com; expires=Thu, 01-Jan-1970 08:00:00 GMT; path=/; secure; SameSite=None
set-cookie: DIDC=; expires=Thu, 01-Jan-1970 08:00:00 GMT; path=/; secure; SameSite=None
set-cookie: DIDCL=; domain=.bing.com; expires=Thu, 01-Jan-1970 08:00:00 GMT; path=/; secure; SameSite=None
set-cookie: DIDCL=; expires=Thu, 01-Jan-1970 08:00:00 GMT; path=/; secure; SameSite=None
alt-svc: h3=":443"; ma=93600
x-cdn-traceid: 0.4c367a5c.1734113369.a704c8b
GET

https://www.bing.com/ipv6test/test?FORM=MONITR

msedge.exe

Remote address:

95.101.143.210:443

Request

GET /ipv6test/test?FORM=MONITR HTTP/2.0
host: www.bing.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "90.0.818.66"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.bing.com/search?q=ransomware+downlouds&cvid=7e729d80db1740afaef3a04217b93d4b&aqs=edge..69i57j0l6.4165j0j4&FORM=ANAB01&PC=U531
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: MUID=2F4E2904EB0462ED0C753C50EA6963F3
cookie: _EDGE_S=F=1&SID=1FCCA6982E7F6C8F0728B3CC2F126D2A
cookie: _EDGE_V=1
cookie: SRCHD=AF=ANAB01
cookie: SRCHUID=V=2&GUID=8F1B49904A39427CA6233E79AB5BE299&dmnchg=1
cookie: ak_bmsc=F184CDB549F535F0B1E550D997395A26~000000000000000000000000000000~YAAQTDZ6XBXtdbWTAQAAMBM2wRr1wf4++RX/YAOWqh730thSrLKlBKMU4VpVMXbgi/LvbmuVgzyOM8kUlacDwjH4uybO7kvKG6QRuI8SPwe1QGFlxiVicp5hmGd05WFcNWnHPVzMekCo/R0SLhvaoXl1fXaULy3kgl/fRGp8xw7oPHyej/BhgG3YyX7oEK9PSWocKQbv1arXPfYTr6Pq5yZSN5gwlVVI1u9lfdVi4roZ6DhkyAUPIte/4/6rbnL5NOI3w7ljUelB+vV3TcmzPfreKRYeeCJXh/AD3CjtBdX5un91365jWwJXOGNWw6yGnnn/7U2buFemYCu8nb7bVSxMgoM6KK6PbpgeR0Pqv9YAr6odhOczXEav29qkndMDB/jhFnMCRoae
cookie: MUIDB=2F4E2904EB0462ED0C753C50EA6963F3
cookie: SRCHUSR=DOB=20241213&T=1734113366000
cookie: _C_ETH=1
cookie: _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-12-13T08:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-12-13T18:09:28.0808190+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=
cookie: _Rwho=u=d&ts=2024-12-13
cookie: _SS=PC=U531&SID=1FCCA6982E7F6C8F0728B3CC2F126D2A&R=3&RB=0&GB=0&RG=200&RP=0
cookie: dsc=order=Video
cookie: SRCHHPGUSR=SRCHLANG=en&DM=0&BRW=M&BRH=S&CW=1280&CH=601&SCW=1263&SCH=2629&DPR=1.0&UTC=0&PV=10.0&EXLTT=1&HV=1734113367&WTS=63869710166
cookie: USRLOC=HS=1&ELOC=LAT=51.98436737060547|LON=-0.22957976162433624|N=Letchworth%2C%20Hertfordshire|ELT=4|&BLOCK=TS=241213180928

Response

HTTP/2.0 200

content-length: 64
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.bing.com
cache-control: no-cache, no-store, must-revalidate
content-encoding: br
expires: -1
pragma: no-cache
vary: Accept-Encoding
x-eventid: 675c78596984449fb2ddd691537f5b43
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, ECT, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
useragentreductionoptout: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
content-security-policy: script-src https: 'strict-dynamic' 'report-sample' 'wasm-unsafe-eval' 'nonce-uZwO1/olG5mrzBr5VwJjg17ONIRyrc1gnud0xz7MLO4='; base-uri 'self';report-to csp-endpoint
report-to: {"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
p3p: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
date: Fri, 13 Dec 2024 18:09:29 GMT
alt-svc: h3=":443"; ma=93600
x-cdn-traceid: 0.4c367a5c.1734113369.a704f98
GET

https://www.bing.com/th?id=OBFB.1B096C6DCB92C2B9A732929A92AF5585&pid=Fb&qlt=99&r=0

msedge.exe

Remote address:

95.101.143.210:443

Request

GET /th?id=OBFB.1B096C6DCB92C2B9A732929A92AF5585&pid=Fb&qlt=99&r=0 HTTP/2.0
host: www.bing.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "90.0.818.66"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.bing.com/search?q=ransomware+downlouds&cvid=7e729d80db1740afaef3a04217b93d4b&aqs=edge..69i57j0l6.4165j0j4&FORM=ANAB01&PC=U531
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: MUID=2F4E2904EB0462ED0C753C50EA6963F3
cookie: _EDGE_S=F=1&SID=1FCCA6982E7F6C8F0728B3CC2F126D2A
cookie: _EDGE_V=1
cookie: SRCHD=AF=ANAB01
cookie: SRCHUID=V=2&GUID=8F1B49904A39427CA6233E79AB5BE299&dmnchg=1
cookie: ak_bmsc=F184CDB549F535F0B1E550D997395A26~000000000000000000000000000000~YAAQTDZ6XBXtdbWTAQAAMBM2wRr1wf4++RX/YAOWqh730thSrLKlBKMU4VpVMXbgi/LvbmuVgzyOM8kUlacDwjH4uybO7kvKG6QRuI8SPwe1QGFlxiVicp5hmGd05WFcNWnHPVzMekCo/R0SLhvaoXl1fXaULy3kgl/fRGp8xw7oPHyej/BhgG3YyX7oEK9PSWocKQbv1arXPfYTr6Pq5yZSN5gwlVVI1u9lfdVi4roZ6DhkyAUPIte/4/6rbnL5NOI3w7ljUelB+vV3TcmzPfreKRYeeCJXh/AD3CjtBdX5un91365jWwJXOGNWw6yGnnn/7U2buFemYCu8nb7bVSxMgoM6KK6PbpgeR0Pqv9YAr6odhOczXEav29qkndMDB/jhFnMCRoae
cookie: MUIDB=2F4E2904EB0462ED0C753C50EA6963F3
cookie: SRCHUSR=DOB=20241213&T=1734113366000
cookie: _C_ETH=1
cookie: _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-12-13T08:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-12-13T18:09:28.0808190+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=
cookie: _Rwho=u=d&ts=2024-12-13
cookie: _SS=PC=U531&SID=1FCCA6982E7F6C8F0728B3CC2F126D2A&R=3&RB=0&GB=0&RG=200&RP=0
cookie: dsc=order=Video
cookie: SRCHHPGUSR=SRCHLANG=en&DM=0&BRW=M&BRH=S&CW=1280&CH=601&SCW=1263&SCH=2629&DPR=1.0&UTC=0&PV=10.0&EXLTT=1&HV=1734113367&WTS=63869710166
cookie: USRLOC=HS=1&ELOC=LAT=51.98436737060547|LON=-0.22957976162433624|N=Letchworth%2C%20Hertfordshire|ELT=4|&BLOCK=TS=241213180928
cookie: ipv6=hit=1734116968441&t=4

Response

HTTP/2.0 200

cache-control: public, max-age=2592000
content-type: image/png
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QWthbWFp"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
content-length: 54612
date: Fri, 13 Dec 2024 18:09:30 GMT
alt-svc: h3=":443"; ma=93600
x-cdn-traceid: 0.4c367a5c.1734113370.a7053ce
GET

https://www.bing.com/th?id=OBFB.1E928B2B86E3D4E8ED1D46B83E667303&pid=Fb&qlt=99&r=0

msedge.exe

Remote address:

95.101.143.210:443

Request

GET /th?id=OBFB.1E928B2B86E3D4E8ED1D46B83E667303&pid=Fb&qlt=99&r=0 HTTP/2.0
host: www.bing.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "90.0.818.66"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.bing.com/search?q=ransomware+downlouds&cvid=7e729d80db1740afaef3a04217b93d4b&aqs=edge..69i57j0l6.4165j0j4&FORM=ANAB01&PC=U531
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: MUID=2F4E2904EB0462ED0C753C50EA6963F3
cookie: _EDGE_S=F=1&SID=1FCCA6982E7F6C8F0728B3CC2F126D2A
cookie: _EDGE_V=1
cookie: SRCHD=AF=ANAB01
cookie: SRCHUID=V=2&GUID=8F1B49904A39427CA6233E79AB5BE299&dmnchg=1
cookie: ak_bmsc=F184CDB549F535F0B1E550D997395A26~000000000000000000000000000000~YAAQTDZ6XBXtdbWTAQAAMBM2wRr1wf4++RX/YAOWqh730thSrLKlBKMU4VpVMXbgi/LvbmuVgzyOM8kUlacDwjH4uybO7kvKG6QRuI8SPwe1QGFlxiVicp5hmGd05WFcNWnHPVzMekCo/R0SLhvaoXl1fXaULy3kgl/fRGp8xw7oPHyej/BhgG3YyX7oEK9PSWocKQbv1arXPfYTr6Pq5yZSN5gwlVVI1u9lfdVi4roZ6DhkyAUPIte/4/6rbnL5NOI3w7ljUelB+vV3TcmzPfreKRYeeCJXh/AD3CjtBdX5un91365jWwJXOGNWw6yGnnn/7U2buFemYCu8nb7bVSxMgoM6KK6PbpgeR0Pqv9YAr6odhOczXEav29qkndMDB/jhFnMCRoae
cookie: MUIDB=2F4E2904EB0462ED0C753C50EA6963F3
cookie: SRCHUSR=DOB=20241213&T=1734113366000
cookie: _C_ETH=1
cookie: _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-12-13T08:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-12-13T18:09:28.0808190+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=
cookie: _Rwho=u=d&ts=2024-12-13
cookie: _SS=PC=U531&SID=1FCCA6982E7F6C8F0728B3CC2F126D2A&R=3&RB=0&GB=0&RG=200&RP=0
cookie: dsc=order=Video
cookie: SRCHHPGUSR=SRCHLANG=en&DM=0&BRW=M&BRH=S&CW=1280&CH=601&SCW=1263&SCH=2629&DPR=1.0&UTC=0&PV=10.0&EXLTT=1&HV=1734113367&WTS=63869710166
cookie: USRLOC=HS=1&ELOC=LAT=51.98436737060547|LON=-0.22957976162433624|N=Letchworth%2C%20Hertfordshire|ELT=4|&BLOCK=TS=241213180928
cookie: ipv6=hit=1734116968441&t=4

Response

HTTP/2.0 200

cache-control: public, max-age=2592000
content-type: image/png
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QWthbWFp"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
content-length: 41572
date: Fri, 13 Dec 2024 18:09:30 GMT
alt-svc: h3=":443"; ma=93600
x-cdn-traceid: 0.4c367a5c.1734113370.a7053cc
GET

https://www.bing.com/notifications/handle?action=1&nid=63245&view=BottomBanner_NoTitleRejectBtn&vertical=serp

msedge.exe

Remote address:

95.101.143.210:443

Request

GET /notifications/handle?action=1&nid=63245&view=BottomBanner_NoTitleRejectBtn&vertical=serp HTTP/2.0
host: www.bing.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "90.0.818.66"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.bing.com/search?q=ransomware+downlouds&cvid=7e729d80db1740afaef3a04217b93d4b&aqs=edge..69i57j0l6.4165j0j4&FORM=ANAB01&PC=U531
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: MUID=2F4E2904EB0462ED0C753C50EA6963F3
cookie: _EDGE_S=F=1&SID=1FCCA6982E7F6C8F0728B3CC2F126D2A
cookie: _EDGE_V=1
cookie: SRCHD=AF=ANAB01
cookie: SRCHUID=V=2&GUID=8F1B49904A39427CA6233E79AB5BE299&dmnchg=1
cookie: ak_bmsc=F184CDB549F535F0B1E550D997395A26~000000000000000000000000000000~YAAQTDZ6XBXtdbWTAQAAMBM2wRr1wf4++RX/YAOWqh730thSrLKlBKMU4VpVMXbgi/LvbmuVgzyOM8kUlacDwjH4uybO7kvKG6QRuI8SPwe1QGFlxiVicp5hmGd05WFcNWnHPVzMekCo/R0SLhvaoXl1fXaULy3kgl/fRGp8xw7oPHyej/BhgG3YyX7oEK9PSWocKQbv1arXPfYTr6Pq5yZSN5gwlVVI1u9lfdVi4roZ6DhkyAUPIte/4/6rbnL5NOI3w7ljUelB+vV3TcmzPfreKRYeeCJXh/AD3CjtBdX5un91365jWwJXOGNWw6yGnnn/7U2buFemYCu8nb7bVSxMgoM6KK6PbpgeR0Pqv9YAr6odhOczXEav29qkndMDB/jhFnMCRoae
cookie: MUIDB=2F4E2904EB0462ED0C753C50EA6963F3
cookie: SRCHUSR=DOB=20241213&T=1734113366000
cookie: _C_ETH=1
cookie: _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-12-13T08:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-12-13T18:09:28.0808190+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=
cookie: _Rwho=u=d&ts=2024-12-13
cookie: _SS=PC=U531&SID=1FCCA6982E7F6C8F0728B3CC2F126D2A&R=3&RB=0&GB=0&RG=200&RP=0
cookie: dsc=order=Video
cookie: SRCHHPGUSR=SRCHLANG=en&DM=0&BRW=M&BRH=S&CW=1280&CH=601&SCW=1263&SCH=2629&DPR=1.0&UTC=0&PV=10.0&EXLTT=1&HV=1734113367&WTS=63869710166
cookie: USRLOC=HS=1&ELOC=LAT=51.98436737060547|LON=-0.22957976162433624|N=Letchworth%2C%20Hertfordshire|ELT=4|&BLOCK=TS=241213180928
cookie: ipv6=hit=1734116968441&t=4
cookie: BCP=AD=1&AL=1&SM=1

Response

HTTP/2.0 200

cache-control: no-cache
pragma: no-cache
content-length: 1
content-type: text/html
content-encoding: br
expires: -1
vary: Accept-Encoding
p3p: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
x-eventid: 675c785b5fe14b20af95825084500f05
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, ECT, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
useragentreductionoptout: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
content-security-policy: script-src https: 'strict-dynamic' 'report-sample' 'wasm-unsafe-eval' 'nonce-cnWeptf1Y/h5Q7HSyAKD2QQ4BqTkLj4uovio7htoZN0='; base-uri 'self';report-to csp-endpoint
report-to: {"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
x-msedge-ref: Ref A: 6F4FDF48D6C24B17934551086BE3931F Ref B: LON601060101023 Ref C: 2024-12-13T18:09:31Z
date: Fri, 13 Dec 2024 18:09:31 GMT
set-cookie: MUIDB=2F4E2904EB0462ED0C753C50EA6963F3; expires=Wed, 07-Jan-2026 18:09:31 GMT; path=/; HttpOnly
alt-svc: h3=":443"; ma=93600
x-cdn-traceid: 0.4c367a5c.1734113371.a70550f
POST

https://www.bing.com/fd/ls/ls.gif?IG=0DD49FA7ED914E5E96F20FA0AFFB5C37&Type=Event.ClientInst&DATA={%22T%22:%22CI.Hover%22,%22AppNS%22:%22SERP%22,%22K%22:%225596.1%22,%22Name%22:%22VidCaption%22,%22TS%22:1734113370418,%22HType%22:%22h%22,%22FID%22:%22VideoAnswer%22,%22TType%22:0}&log=UserEvent

msedge.exe

Remote address:

95.101.143.210:443

Request

POST /fd/ls/ls.gif?IG=0DD49FA7ED914E5E96F20FA0AFFB5C37&Type=Event.ClientInst&DATA={%22T%22:%22CI.Hover%22,%22AppNS%22:%22SERP%22,%22K%22:%225596.1%22,%22Name%22:%22VidCaption%22,%22TS%22:1734113370418,%22HType%22:%22h%22,%22FID%22:%22VideoAnswer%22,%22TType%22:0}&log=UserEvent HTTP/2.0
host: www.bing.com
content-length: 0
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "90.0.818.66"
sec-ch-ua-platform-version: "10.0"
content-type: text/plain;charset=UTF-8
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
accept: */*
origin: https://www.bing.com
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://www.bing.com/search?q=ransomware+downlouds&cvid=7e729d80db1740afaef3a04217b93d4b&aqs=edge..69i57j0l6.4165j0j4&FORM=ANAB01&PC=U531
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: MUID=2F4E2904EB0462ED0C753C50EA6963F3
cookie: _EDGE_S=F=1&SID=1FCCA6982E7F6C8F0728B3CC2F126D2A
cookie: _EDGE_V=1
cookie: SRCHD=AF=ANAB01
cookie: SRCHUID=V=2&GUID=8F1B49904A39427CA6233E79AB5BE299&dmnchg=1
cookie: ak_bmsc=F184CDB549F535F0B1E550D997395A26~000000000000000000000000000000~YAAQTDZ6XBXtdbWTAQAAMBM2wRr1wf4++RX/YAOWqh730thSrLKlBKMU4VpVMXbgi/LvbmuVgzyOM8kUlacDwjH4uybO7kvKG6QRuI8SPwe1QGFlxiVicp5hmGd05WFcNWnHPVzMekCo/R0SLhvaoXl1fXaULy3kgl/fRGp8xw7oPHyej/BhgG3YyX7oEK9PSWocKQbv1arXPfYTr6Pq5yZSN5gwlVVI1u9lfdVi4roZ6DhkyAUPIte/4/6rbnL5NOI3w7ljUelB+vV3TcmzPfreKRYeeCJXh/AD3CjtBdX5un91365jWwJXOGNWw6yGnnn/7U2buFemYCu8nb7bVSxMgoM6KK6PbpgeR0Pqv9YAr6odhOczXEav29qkndMDB/jhFnMCRoae
cookie: MUIDB=2F4E2904EB0462ED0C753C50EA6963F3
cookie: SRCHUSR=DOB=20241213&T=1734113366000
cookie: _C_ETH=1
cookie: _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-12-13T08:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-12-13T18:09:28.0808190+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=
cookie: _Rwho=u=d&ts=2024-12-13
cookie: _SS=PC=U531&SID=1FCCA6982E7F6C8F0728B3CC2F126D2A&R=3&RB=0&GB=0&RG=200&RP=0
cookie: dsc=order=Video
cookie: SRCHHPGUSR=SRCHLANG=en&DM=0&BRW=M&BRH=S&CW=1280&CH=601&SCW=1263&SCH=2629&DPR=1.0&UTC=0&PV=10.0&EXLTT=1&HV=1734113367&WTS=63869710166
cookie: USRLOC=HS=1&ELOC=LAT=51.98436737060547|LON=-0.22957976162433624|N=Letchworth%2C%20Hertfordshire|ELT=4|&BLOCK=TS=241213180928
cookie: ipv6=hit=1734116968441&t=4
cookie: BCP=AD=1&AL=1&SM=1

Response

HTTP/2.0 200

expires: Sat, 30 Nov 2024 02:29:54 GMT
last-modified: Tue, 24 Sep 2024 06:11:01 GMT
etag: 0x8DCDC5FAA0C3E31
cache-control: public, no-transform, max-age=369661
content-length: 644
content-type: image/gif
content-md5: HGU2zuFG7AoIwp9z9fxz2A==
x-ms-request-id: 2ff3b732-601e-004e-3620-152f75000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
akamai-grn: 0.a7361602.1729689441.eeaf154
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
date: Fri, 13 Dec 2024 18:09:31 GMT
alt-svc: h3=":443"; ma=93600
x-cdn-traceid: 0.4c367a5c.1734113371.a70572c
GET

https://www.bing.com/rp/J_o2maogFDeUOsovPJL-ofEuxJ4.gif

msedge.exe

Remote address:

95.101.143.210:443

Request

GET /rp/J_o2maogFDeUOsovPJL-ofEuxJ4.gif HTTP/2.0
host: www.bing.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "90.0.818.66"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.bing.com/search?q=ransomware+downlouds&cvid=7e729d80db1740afaef3a04217b93d4b&aqs=edge..69i57j0l6.4165j0j4&FORM=ANAB01&PC=U531
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: MUID=2F4E2904EB0462ED0C753C50EA6963F3
cookie: _EDGE_S=F=1&SID=1FCCA6982E7F6C8F0728B3CC2F126D2A
cookie: _EDGE_V=1
cookie: SRCHD=AF=ANAB01
cookie: SRCHUID=V=2&GUID=8F1B49904A39427CA6233E79AB5BE299&dmnchg=1
cookie: ak_bmsc=F184CDB549F535F0B1E550D997395A26~000000000000000000000000000000~YAAQTDZ6XBXtdbWTAQAAMBM2wRr1wf4++RX/YAOWqh730thSrLKlBKMU4VpVMXbgi/LvbmuVgzyOM8kUlacDwjH4uybO7kvKG6QRuI8SPwe1QGFlxiVicp5hmGd05WFcNWnHPVzMekCo/R0SLhvaoXl1fXaULy3kgl/fRGp8xw7oPHyej/BhgG3YyX7oEK9PSWocKQbv1arXPfYTr6Pq5yZSN5gwlVVI1u9lfdVi4roZ6DhkyAUPIte/4/6rbnL5NOI3w7ljUelB+vV3TcmzPfreKRYeeCJXh/AD3CjtBdX5un91365jWwJXOGNWw6yGnnn/7U2buFemYCu8nb7bVSxMgoM6KK6PbpgeR0Pqv9YAr6odhOczXEav29qkndMDB/jhFnMCRoae
cookie: MUIDB=2F4E2904EB0462ED0C753C50EA6963F3
cookie: SRCHUSR=DOB=20241213&T=1734113366000
cookie: _C_ETH=1
cookie: _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-12-13T08:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-12-13T18:09:28.0808190+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=
cookie: _Rwho=u=d&ts=2024-12-13
cookie: _SS=PC=U531&SID=1FCCA6982E7F6C8F0728B3CC2F126D2A&R=3&RB=0&GB=0&RG=200&RP=0
cookie: dsc=order=Video
cookie: SRCHHPGUSR=SRCHLANG=en&DM=0&BRW=M&BRH=S&CW=1280&CH=601&SCW=1263&SCH=2629&DPR=1.0&UTC=0&PV=10.0&EXLTT=1&HV=1734113367&WTS=63869710166
cookie: USRLOC=HS=1&ELOC=LAT=51.98436737060547|LON=-0.22957976162433624|N=Letchworth%2C%20Hertfordshire|ELT=4|&BLOCK=TS=241213180928
cookie: ipv6=hit=1734116968441&t=4
cookie: BCP=AD=1&AL=1&SM=1

Response

HTTP/2.0 200

content-length: 0
access-control-allow-origin: *
date: Fri, 13 Dec 2024 18:09:31 GMT
alt-svc: h3=":443"; ma=93600
x-cdn-traceid: 0.4c367a5c.1734113371.a705720
GET

https://www.bing.com/rp/NosrlR4amKTs1zYxWy3laZN3HRk.svg

msedge.exe

Remote address:

95.101.143.210:443

Request

GET /rp/NosrlR4amKTs1zYxWy3laZN3HRk.svg HTTP/2.0
host: www.bing.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "90.0.818.66"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.bing.com/search?q=ransomware+downlouds&cvid=7e729d80db1740afaef3a04217b93d4b&aqs=edge..69i57j0l6.4165j0j4&FORM=ANAB01&PC=U531
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: MUID=2F4E2904EB0462ED0C753C50EA6963F3
cookie: _EDGE_S=F=1&SID=1FCCA6982E7F6C8F0728B3CC2F126D2A
cookie: _EDGE_V=1
cookie: SRCHD=AF=ANAB01
cookie: SRCHUID=V=2&GUID=8F1B49904A39427CA6233E79AB5BE299&dmnchg=1
cookie: ak_bmsc=F184CDB549F535F0B1E550D997395A26~000000000000000000000000000000~YAAQTDZ6XBXtdbWTAQAAMBM2wRr1wf4++RX/YAOWqh730thSrLKlBKMU4VpVMXbgi/LvbmuVgzyOM8kUlacDwjH4uybO7kvKG6QRuI8SPwe1QGFlxiVicp5hmGd05WFcNWnHPVzMekCo/R0SLhvaoXl1fXaULy3kgl/fRGp8xw7oPHyej/BhgG3YyX7oEK9PSWocKQbv1arXPfYTr6Pq5yZSN5gwlVVI1u9lfdVi4roZ6DhkyAUPIte/4/6rbnL5NOI3w7ljUelB+vV3TcmzPfreKRYeeCJXh/AD3CjtBdX5un91365jWwJXOGNWw6yGnnn/7U2buFemYCu8nb7bVSxMgoM6KK6PbpgeR0Pqv9YAr6odhOczXEav29qkndMDB/jhFnMCRoae
cookie: MUIDB=2F4E2904EB0462ED0C753C50EA6963F3
cookie: SRCHUSR=DOB=20241213&T=1734113366000
cookie: _C_ETH=1
cookie: _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-12-13T08:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-12-13T18:09:28.0808190+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=
cookie: _Rwho=u=d&ts=2024-12-13
cookie: _SS=PC=U531&SID=1FCCA6982E7F6C8F0728B3CC2F126D2A&R=3&RB=0&GB=0&RG=200&RP=0
cookie: dsc=order=Video
cookie: SRCHHPGUSR=SRCHLANG=en&DM=0&BRW=M&BRH=S&CW=1280&CH=601&SCW=1263&SCH=2629&DPR=1.0&UTC=0&PV=10.0&EXLTT=1&HV=1734113367&WTS=63869710166
cookie: USRLOC=HS=1&ELOC=LAT=51.98436737060547|LON=-0.22957976162433624|N=Letchworth%2C%20Hertfordshire|ELT=4|&BLOCK=TS=241213180928
cookie: ipv6=hit=1734116968441&t=4
cookie: BCP=AD=1&AL=1&SM=1

Response

HTTP/2.0 200

content-length: 1960
content-type: image/svg+xml
content-md5: lOxVXuFtjjXpIAll7kgzvA==
last-modified: Mon, 15 Aug 2022 17:45:21 GMT
etag: 0x8DA7EE5ED1F56FD
x-ms-request-id: 7c27555a-001e-00bb-2c31-c4a084000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
akamai-grn: 0.565cda17.1690899375.255be5ab
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
akamai-grn: 0.5d5cda17.1694874810.1afe5694
akamai-grn: 0.b08e1402.1696360426.1b34534
akamai-grn: 0.55281102.1700232259.1839b9d2
akamai-grn: 0.4b281102.1702526738.c0841ccd
akamai-grn: 0.4eba1302.1703096022.4645b734
akamai-grn: 0.59281102.1707387776.8a9b7e9
cache-control: public, no-transform, max-age=5748888
expires: Tue, 14 May 2024 08:27:25 GMT
akamai-grn: 0.4b281102.1709926357.35ab79d4
timing-allow-origin: *
date: Fri, 13 Dec 2024 18:09:31 GMT
alt-svc: h3=":443"; ma=93600
x-cdn-traceid: 0.4c367a5c.1734113371.a70582b
POST

https://www.bing.com/fd/ls/ls.gif?IG=0DD49FA7ED914E5E96F20FA0AFFB5C37&Type=Event.ClientInst&DATA={%22T%22:%22CI.RichHover.Summary%22,%22AppNS%22:%22SERP%22,%22K%22:%225596.1%22,%22TS%22:1734113370876,%22DU%22:658,%22THLT%22:483,%22RCLT%22:null,%22MOS%22:4509,%22MOT%22:658,%22IsMT%22:1,%22VPST%22:604,%22VDT%22:604,%22MaxVPT%22:658,%22SCNT%22:0,%22MMSTLT%22:null,%22IsMMT%22:0,%22MuteCNT%22:0,%22Mute%22:1,%22IFLT%22:null,%22IFSCT%22:null}&log=UserEvent

msedge.exe

Remote address:

95.101.143.210:443

Request

POST /fd/ls/ls.gif?IG=0DD49FA7ED914E5E96F20FA0AFFB5C37&Type=Event.ClientInst&DATA={%22T%22:%22CI.RichHover.Summary%22,%22AppNS%22:%22SERP%22,%22K%22:%225596.1%22,%22TS%22:1734113370876,%22DU%22:658,%22THLT%22:483,%22RCLT%22:null,%22MOS%22:4509,%22MOT%22:658,%22IsMT%22:1,%22VPST%22:604,%22VDT%22:604,%22MaxVPT%22:658,%22SCNT%22:0,%22MMSTLT%22:null,%22IsMMT%22:0,%22MuteCNT%22:0,%22Mute%22:1,%22IFLT%22:null,%22IFSCT%22:null}&log=UserEvent HTTP/2.0
host: www.bing.com
content-length: 0
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "90.0.818.66"
sec-ch-ua-platform-version: "10.0"
content-type: text/plain;charset=UTF-8
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
accept: */*
origin: https://www.bing.com
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://www.bing.com/search?q=ransomware+downlouds&cvid=7e729d80db1740afaef3a04217b93d4b&aqs=edge..69i57j0l6.4165j0j4&FORM=ANAB01&PC=U531
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: MUID=2F4E2904EB0462ED0C753C50EA6963F3
cookie: _EDGE_S=F=1&SID=1FCCA6982E7F6C8F0728B3CC2F126D2A
cookie: _EDGE_V=1
cookie: SRCHD=AF=ANAB01
cookie: SRCHUID=V=2&GUID=8F1B49904A39427CA6233E79AB5BE299&dmnchg=1
cookie: ak_bmsc=F184CDB549F535F0B1E550D997395A26~000000000000000000000000000000~YAAQTDZ6XBXtdbWTAQAAMBM2wRr1wf4++RX/YAOWqh730thSrLKlBKMU4VpVMXbgi/LvbmuVgzyOM8kUlacDwjH4uybO7kvKG6QRuI8SPwe1QGFlxiVicp5hmGd05WFcNWnHPVzMekCo/R0SLhvaoXl1fXaULy3kgl/fRGp8xw7oPHyej/BhgG3YyX7oEK9PSWocKQbv1arXPfYTr6Pq5yZSN5gwlVVI1u9lfdVi4roZ6DhkyAUPIte/4/6rbnL5NOI3w7ljUelB+vV3TcmzPfreKRYeeCJXh/AD3CjtBdX5un91365jWwJXOGNWw6yGnnn/7U2buFemYCu8nb7bVSxMgoM6KK6PbpgeR0Pqv9YAr6odhOczXEav29qkndMDB/jhFnMCRoae
cookie: MUIDB=2F4E2904EB0462ED0C753C50EA6963F3
cookie: SRCHUSR=DOB=20241213&T=1734113366000
cookie: _C_ETH=1
cookie: _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-12-13T08:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-12-13T18:09:28.0808190+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=
cookie: _Rwho=u=d&ts=2024-12-13
cookie: _SS=PC=U531&SID=1FCCA6982E7F6C8F0728B3CC2F126D2A&R=3&RB=0&GB=0&RG=200&RP=0
cookie: dsc=order=Video
cookie: SRCHHPGUSR=SRCHLANG=en&DM=0&BRW=M&BRH=S&CW=1280&CH=601&SCW=1263&SCH=2629&DPR=1.0&UTC=0&PV=10.0&EXLTT=1&HV=1734113367&WTS=63869710166
cookie: USRLOC=HS=1&ELOC=LAT=51.98436737060547|LON=-0.22957976162433624|N=Letchworth%2C%20Hertfordshire|ELT=4|&BLOCK=TS=241213180928
cookie: ipv6=hit=1734116968441&t=4
cookie: BCP=AD=1&AL=1&SM=1

Response

HTTP/2.0 200

content-length: 0
access-control-allow-origin: *
date: Fri, 13 Dec 2024 18:09:32 GMT
alt-svc: h3=":443"; ma=93600
x-cdn-traceid: 0.4c367a5c.1734113372.a7058c3
GET

https://www.bing.com/fd/ls/l?IG=0DD49FA7ED914E5E96F20FA0AFFB5C37&CID=2F4E2904EB0462ED0C753C50EA6963F3&TYPE=Event.ClientInst&DATA=%5B%7B%22ID%22%3A%2263245%22%2C%22T%22%3A%22CI.Click%22%2C%22TS%22%3A1734113369874%2C%22Name%22%3A%22AllowAll%22%2C%22FID%22%3A%22Mcp%22%7D%2C%7B%22ID%22%3A%2263245%22%2C%22T%22%3A%22CI.Click%22%2C%22TS%22%3A1734113369874%2C%22Name%22%3A%22BnpClick%22%2C%22FID%22%3A%22Bnp%22%7D%5D

msedge.exe

Remote address:

95.101.143.210:443

Request

GET /fd/ls/l?IG=0DD49FA7ED914E5E96F20FA0AFFB5C37&CID=2F4E2904EB0462ED0C753C50EA6963F3&TYPE=Event.ClientInst&DATA=%5B%7B%22ID%22%3A%2263245%22%2C%22T%22%3A%22CI.Click%22%2C%22TS%22%3A1734113369874%2C%22Name%22%3A%22AllowAll%22%2C%22FID%22%3A%22Mcp%22%7D%2C%7B%22ID%22%3A%2263245%22%2C%22T%22%3A%22CI.Click%22%2C%22TS%22%3A1734113369874%2C%22Name%22%3A%22BnpClick%22%2C%22FID%22%3A%22Bnp%22%7D%5D HTTP/2.0
host: www.bing.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "90.0.818.66"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.bing.com/search?q=ransomware+downlouds&cvid=7e729d80db1740afaef3a04217b93d4b&aqs=edge..69i57j0l6.4165j0j4&FORM=ANAB01&PC=U531
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: MUID=2F4E2904EB0462ED0C753C50EA6963F3
cookie: _EDGE_S=F=1&SID=1FCCA6982E7F6C8F0728B3CC2F126D2A
cookie: _EDGE_V=1
cookie: SRCHD=AF=ANAB01
cookie: SRCHUID=V=2&GUID=8F1B49904A39427CA6233E79AB5BE299&dmnchg=1
cookie: ak_bmsc=F184CDB549F535F0B1E550D997395A26~000000000000000000000000000000~YAAQTDZ6XBXtdbWTAQAAMBM2wRr1wf4++RX/YAOWqh730thSrLKlBKMU4VpVMXbgi/LvbmuVgzyOM8kUlacDwjH4uybO7kvKG6QRuI8SPwe1QGFlxiVicp5hmGd05WFcNWnHPVzMekCo/R0SLhvaoXl1fXaULy3kgl/fRGp8xw7oPHyej/BhgG3YyX7oEK9PSWocKQbv1arXPfYTr6Pq5yZSN5gwlVVI1u9lfdVi4roZ6DhkyAUPIte/4/6rbnL5NOI3w7ljUelB+vV3TcmzPfreKRYeeCJXh/AD3CjtBdX5un91365jWwJXOGNWw6yGnnn/7U2buFemYCu8nb7bVSxMgoM6KK6PbpgeR0Pqv9YAr6odhOczXEav29qkndMDB/jhFnMCRoae
cookie: MUIDB=2F4E2904EB0462ED0C753C50EA6963F3
cookie: SRCHUSR=DOB=20241213&T=1734113366000
cookie: _C_ETH=1
cookie: _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-12-13T08:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-12-13T18:09:28.0808190+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=
cookie: _Rwho=u=d&ts=2024-12-13
cookie: _SS=PC=U531&SID=1FCCA6982E7F6C8F0728B3CC2F126D2A&R=3&RB=0&GB=0&RG=200&RP=0
cookie: dsc=order=Video
cookie: SRCHHPGUSR=SRCHLANG=en&DM=0&BRW=M&BRH=S&CW=1280&CH=601&SCW=1263&SCH=2629&DPR=1.0&UTC=0&PV=10.0&EXLTT=1&HV=1734113367&WTS=63869710166
cookie: USRLOC=HS=1&ELOC=LAT=51.98436737060547|LON=-0.22957976162433624|N=Letchworth%2C%20Hertfordshire|ELT=4|&BLOCK=TS=241213180928
cookie: ipv6=hit=1734116968441&t=4
cookie: BCP=AD=1&AL=1&SM=1

Response

HTTP/2.0 200

content-length: 0
access-control-allow-origin: *
date: Fri, 13 Dec 2024 18:09:32 GMT
alt-svc: h3=":443"; ma=93600
x-cdn-traceid: 0.4c367a5c.1734113372.a705aec
POST

https://www.bing.com/fd/ls/lsp.aspx

msedge.exe

Remote address:

95.101.143.210:443

Request

POST /fd/ls/lsp.aspx HTTP/2.0
host: www.bing.com
content-length: 21618
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "90.0.818.66"
sec-ch-ua-platform-version: "10.0"
content-type: text/xml
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
accept: */*
origin: https://www.bing.com
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.bing.com/search?q=ransomware+downlouds&cvid=7e729d80db1740afaef3a04217b93d4b&aqs=edge..69i57j0l6.4165j0j4&FORM=ANAB01&PC=U531
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: MUID=2F4E2904EB0462ED0C753C50EA6963F3
cookie: _EDGE_S=F=1&SID=1FCCA6982E7F6C8F0728B3CC2F126D2A
cookie: _EDGE_V=1
cookie: SRCHD=AF=ANAB01
cookie: SRCHUID=V=2&GUID=8F1B49904A39427CA6233E79AB5BE299&dmnchg=1
cookie: ak_bmsc=F184CDB549F535F0B1E550D997395A26~000000000000000000000000000000~YAAQTDZ6XBXtdbWTAQAAMBM2wRr1wf4++RX/YAOWqh730thSrLKlBKMU4VpVMXbgi/LvbmuVgzyOM8kUlacDwjH4uybO7kvKG6QRuI8SPwe1QGFlxiVicp5hmGd05WFcNWnHPVzMekCo/R0SLhvaoXl1fXaULy3kgl/fRGp8xw7oPHyej/BhgG3YyX7oEK9PSWocKQbv1arXPfYTr6Pq5yZSN5gwlVVI1u9lfdVi4roZ6DhkyAUPIte/4/6rbnL5NOI3w7ljUelB+vV3TcmzPfreKRYeeCJXh/AD3CjtBdX5un91365jWwJXOGNWw6yGnnn/7U2buFemYCu8nb7bVSxMgoM6KK6PbpgeR0Pqv9YAr6odhOczXEav29qkndMDB/jhFnMCRoae
cookie: MUIDB=2F4E2904EB0462ED0C753C50EA6963F3
cookie: SRCHUSR=DOB=20241213&T=1734113366000
cookie: _C_ETH=1
cookie: _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-12-13T08:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-12-13T18:09:28.0808190+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=
cookie: _Rwho=u=d&ts=2024-12-13
cookie: _SS=PC=U531&SID=1FCCA6982E7F6C8F0728B3CC2F126D2A&R=3&RB=0&GB=0&RG=200&RP=0
cookie: dsc=order=Video
cookie: SRCHHPGUSR=SRCHLANG=en&DM=0&BRW=M&BRH=S&CW=1280&CH=601&SCW=1263&SCH=2629&DPR=1.0&UTC=0&PV=10.0&EXLTT=1&HV=1734113367&WTS=63869710166
cookie: USRLOC=HS=1&ELOC=LAT=51.98436737060547|LON=-0.22957976162433624|N=Letchworth%2C%20Hertfordshire|ELT=4|&BLOCK=TS=241213180928
cookie: ipv6=hit=1734116968441&t=4
cookie: BCP=AD=1&AL=1&SM=1

Response

HTTP/2.0 204

access-control-allow-origin: *
date: Fri, 13 Dec 2024 18:09:33 GMT
alt-svc: h3=":443"; ma=93600
x-cdn-traceid: 0.4c367a5c.1734113373.a705f7f
POST

https://www.bing.com/fd/ls/ls.gif?IG=0DD49FA7ED914E5E96F20FA0AFFB5C37&Type=Event.ClientInst&DATA={%22T%22:%22CI.Hover%22,%22AppNS%22:%22SERP%22,%22K%22:%225596.1%22,%22Name%22:%22VidCaption%22,%22TS%22:1734113373575,%22HType%22:%22h%22,%22FID%22:%22VideoAnswer%22,%22TType%22:0}&log=UserEvent

msedge.exe

Remote address:

95.101.143.210:443

Request

POST /fd/ls/ls.gif?IG=0DD49FA7ED914E5E96F20FA0AFFB5C37&Type=Event.ClientInst&DATA={%22T%22:%22CI.Hover%22,%22AppNS%22:%22SERP%22,%22K%22:%225596.1%22,%22Name%22:%22VidCaption%22,%22TS%22:1734113373575,%22HType%22:%22h%22,%22FID%22:%22VideoAnswer%22,%22TType%22:0}&log=UserEvent HTTP/2.0
host: www.bing.com
content-length: 0
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "90.0.818.66"
sec-ch-ua-platform-version: "10.0"
content-type: text/plain;charset=UTF-8
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
accept: */*
origin: https://www.bing.com
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://www.bing.com/search?q=ransomware+downlouds&cvid=7e729d80db1740afaef3a04217b93d4b&aqs=edge..69i57j0l6.4165j0j4&FORM=ANAB01&PC=U531
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: MUID=2F4E2904EB0462ED0C753C50EA6963F3
cookie: _EDGE_S=F=1&SID=1FCCA6982E7F6C8F0728B3CC2F126D2A
cookie: _EDGE_V=1
cookie: SRCHD=AF=ANAB01
cookie: SRCHUID=V=2&GUID=8F1B49904A39427CA6233E79AB5BE299&dmnchg=1
cookie: ak_bmsc=F184CDB549F535F0B1E550D997395A26~000000000000000000000000000000~YAAQTDZ6XBXtdbWTAQAAMBM2wRr1wf4++RX/YAOWqh730thSrLKlBKMU4VpVMXbgi/LvbmuVgzyOM8kUlacDwjH4uybO7kvKG6QRuI8SPwe1QGFlxiVicp5hmGd05WFcNWnHPVzMekCo/R0SLhvaoXl1fXaULy3kgl/fRGp8xw7oPHyej/BhgG3YyX7oEK9PSWocKQbv1arXPfYTr6Pq5yZSN5gwlVVI1u9lfdVi4roZ6DhkyAUPIte/4/6rbnL5NOI3w7ljUelB+vV3TcmzPfreKRYeeCJXh/AD3CjtBdX5un91365jWwJXOGNWw6yGnnn/7U2buFemYCu8nb7bVSxMgoM6KK6PbpgeR0Pqv9YAr6odhOczXEav29qkndMDB/jhFnMCRoae
cookie: MUIDB=2F4E2904EB0462ED0C753C50EA6963F3
cookie: SRCHUSR=DOB=20241213&T=1734113366000
cookie: _C_ETH=1
cookie: _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-12-13T08:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-12-13T18:09:28.0808190+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=
cookie: _Rwho=u=d&ts=2024-12-13
cookie: _SS=PC=U531&SID=1FCCA6982E7F6C8F0728B3CC2F126D2A&R=3&RB=0&GB=0&RG=200&RP=0
cookie: dsc=order=Video
cookie: SRCHHPGUSR=SRCHLANG=en&DM=0&BRW=M&BRH=S&CW=1280&CH=601&SCW=1263&SCH=2629&DPR=1.0&UTC=0&PV=10.0&EXLTT=1&HV=1734113367&WTS=63869710166
cookie: USRLOC=HS=1&ELOC=LAT=51.98436737060547|LON=-0.22957976162433624|N=Letchworth%2C%20Hertfordshire|ELT=4|&BLOCK=TS=241213180928
cookie: ipv6=hit=1734116968441&t=4
cookie: BCP=AD=1&AL=1&SM=1

Response

HTTP/2.0 200

content-length: 0
access-control-allow-origin: *
date: Fri, 13 Dec 2024 18:09:34 GMT
alt-svc: h3=":443"; ma=93600
x-cdn-traceid: 0.4c367a5c.1734113374.a706395
POST

https://www.bing.com/fd/ls/ls.gif?IG=0DD49FA7ED914E5E96F20FA0AFFB5C37&Type=Event.ClientInst&DATA={%22T%22:%22CI.RichHover.Summary%22,%22AppNS%22:%22SERP%22,%22K%22:%225596.1%22,%22TS%22:1734113373919,%22DU%22:544,%22THLT%22:206,%22RCLT%22:null,%22MOS%22:7666,%22MOT%22:544,%22IsMT%22:1,%22VPST%22:246,%22VDT%22:246,%22MaxVPT%22:544,%22SCNT%22:0,%22MMSTLT%22:null,%22IsMMT%22:0,%22MuteCNT%22:0,%22Mute%22:1,%22IFLT%22:null,%22IFSCT%22:null}&log=UserEvent

msedge.exe

Remote address:

95.101.143.210:443

Request

POST /fd/ls/ls.gif?IG=0DD49FA7ED914E5E96F20FA0AFFB5C37&Type=Event.ClientInst&DATA={%22T%22:%22CI.RichHover.Summary%22,%22AppNS%22:%22SERP%22,%22K%22:%225596.1%22,%22TS%22:1734113373919,%22DU%22:544,%22THLT%22:206,%22RCLT%22:null,%22MOS%22:7666,%22MOT%22:544,%22IsMT%22:1,%22VPST%22:246,%22VDT%22:246,%22MaxVPT%22:544,%22SCNT%22:0,%22MMSTLT%22:null,%22IsMMT%22:0,%22MuteCNT%22:0,%22Mute%22:1,%22IFLT%22:null,%22IFSCT%22:null}&log=UserEvent HTTP/2.0
host: www.bing.com
content-length: 0
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "90.0.818.66"
sec-ch-ua-platform-version: "10.0"
content-type: text/plain;charset=UTF-8
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
accept: */*
origin: https://www.bing.com
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://www.bing.com/search?q=ransomware+downlouds&cvid=7e729d80db1740afaef3a04217b93d4b&aqs=edge..69i57j0l6.4165j0j4&FORM=ANAB01&PC=U531
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: MUID=2F4E2904EB0462ED0C753C50EA6963F3
cookie: _EDGE_S=F=1&SID=1FCCA6982E7F6C8F0728B3CC2F126D2A
cookie: _EDGE_V=1
cookie: SRCHD=AF=ANAB01
cookie: SRCHUID=V=2&GUID=8F1B49904A39427CA6233E79AB5BE299&dmnchg=1
cookie: ak_bmsc=F184CDB549F535F0B1E550D997395A26~000000000000000000000000000000~YAAQTDZ6XBXtdbWTAQAAMBM2wRr1wf4++RX/YAOWqh730thSrLKlBKMU4VpVMXbgi/LvbmuVgzyOM8kUlacDwjH4uybO7kvKG6QRuI8SPwe1QGFlxiVicp5hmGd05WFcNWnHPVzMekCo/R0SLhvaoXl1fXaULy3kgl/fRGp8xw7oPHyej/BhgG3YyX7oEK9PSWocKQbv1arXPfYTr6Pq5yZSN5gwlVVI1u9lfdVi4roZ6DhkyAUPIte/4/6rbnL5NOI3w7ljUelB+vV3TcmzPfreKRYeeCJXh/AD3CjtBdX5un91365jWwJXOGNWw6yGnnn/7U2buFemYCu8nb7bVSxMgoM6KK6PbpgeR0Pqv9YAr6odhOczXEav29qkndMDB/jhFnMCRoae
cookie: MUIDB=2F4E2904EB0462ED0C753C50EA6963F3
cookie: SRCHUSR=DOB=20241213&T=1734113366000
cookie: _C_ETH=1
cookie: _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-12-13T08:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-12-13T18:09:28.0808190+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=
cookie: _Rwho=u=d&ts=2024-12-13
cookie: _SS=PC=U531&SID=1FCCA6982E7F6C8F0728B3CC2F126D2A&R=3&RB=0&GB=0&RG=200&RP=0
cookie: dsc=order=Video
cookie: SRCHHPGUSR=SRCHLANG=en&DM=0&BRW=M&BRH=S&CW=1280&CH=601&SCW=1263&SCH=2629&DPR=1.0&UTC=0&PV=10.0&EXLTT=1&HV=1734113367&WTS=63869710166
cookie: USRLOC=HS=1&ELOC=LAT=51.98436737060547|LON=-0.22957976162433624|N=Letchworth%2C%20Hertfordshire|ELT=4|&BLOCK=TS=241213180928
cookie: ipv6=hit=1734116968441&t=4
cookie: BCP=AD=1&AL=1&SM=1

Response

HTTP/2.0 200

content-length: 0
access-control-allow-origin: *
date: Fri, 13 Dec 2024 18:09:35 GMT
alt-svc: h3=":443"; ma=93600
x-cdn-traceid: 0.4c367a5c.1734113375.a7064c8
POST

https://www.bing.com/fd/ls/lsp.aspx

msedge.exe

Remote address:

95.101.143.210:443

Request

POST /fd/ls/lsp.aspx HTTP/2.0
host: www.bing.com
content-length: 1127
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "90.0.818.66"
sec-ch-ua-platform-version: "10.0"
content-type: text/xml
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
accept: */*
origin: https://www.bing.com
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.bing.com/search?q=ransomware+downlouds&cvid=7e729d80db1740afaef3a04217b93d4b&aqs=edge..69i57j0l6.4165j0j4&FORM=ANAB01&PC=U531
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: MUID=2F4E2904EB0462ED0C753C50EA6963F3
cookie: _EDGE_S=F=1&SID=1FCCA6982E7F6C8F0728B3CC2F126D2A
cookie: _EDGE_V=1
cookie: SRCHD=AF=ANAB01
cookie: SRCHUID=V=2&GUID=8F1B49904A39427CA6233E79AB5BE299&dmnchg=1
cookie: ak_bmsc=F184CDB549F535F0B1E550D997395A26~000000000000000000000000000000~YAAQTDZ6XBXtdbWTAQAAMBM2wRr1wf4++RX/YAOWqh730thSrLKlBKMU4VpVMXbgi/LvbmuVgzyOM8kUlacDwjH4uybO7kvKG6QRuI8SPwe1QGFlxiVicp5hmGd05WFcNWnHPVzMekCo/R0SLhvaoXl1fXaULy3kgl/fRGp8xw7oPHyej/BhgG3YyX7oEK9PSWocKQbv1arXPfYTr6Pq5yZSN5gwlVVI1u9lfdVi4roZ6DhkyAUPIte/4/6rbnL5NOI3w7ljUelB+vV3TcmzPfreKRYeeCJXh/AD3CjtBdX5un91365jWwJXOGNWw6yGnnn/7U2buFemYCu8nb7bVSxMgoM6KK6PbpgeR0Pqv9YAr6odhOczXEav29qkndMDB/jhFnMCRoae
cookie: MUIDB=2F4E2904EB0462ED0C753C50EA6963F3
cookie: SRCHUSR=DOB=20241213&T=1734113366000
cookie: _C_ETH=1
cookie: _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-12-13T08:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-12-13T18:09:28.0808190+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=
cookie: _Rwho=u=d&ts=2024-12-13
cookie: _SS=PC=U531&SID=1FCCA6982E7F6C8F0728B3CC2F126D2A&R=3&RB=0&GB=0&RG=200&RP=0
cookie: dsc=order=Video
cookie: SRCHHPGUSR=SRCHLANG=en&DM=0&BRW=M&BRH=S&CW=1280&CH=601&SCW=1263&SCH=2629&DPR=1.0&UTC=0&PV=10.0&EXLTT=1&HV=1734113367&WTS=63869710166
cookie: USRLOC=HS=1&ELOC=LAT=51.98436737060547|LON=-0.22957976162433624|N=Letchworth%2C%20Hertfordshire|ELT=4|&BLOCK=TS=241213180928
cookie: ipv6=hit=1734116968441&t=4
cookie: BCP=AD=1&AL=1&SM=1

Response

HTTP/2.0 204

access-control-allow-origin: *
date: Fri, 13 Dec 2024 18:09:36 GMT
alt-svc: h3=":443"; ma=93600
x-cdn-traceid: 0.4c367a5c.1734113376.a706a60
POST

https://www.bing.com/fd/ls/ls.gif?IG=0DD49FA7ED914E5E96F20FA0AFFB5C37&Type=Event.ClientInst&DATA={%22T%22:%22CI.Hover%22,%22AppNS%22:%22SERP%22,%22K%22:%225596.1%22,%22Name%22:%22VidCaption%22,%22TS%22:1734113376302,%22HType%22:%22h%22,%22FID%22:%22VideoAnswer%22,%22TType%22:0}&log=UserEvent

msedge.exe

Remote address:

95.101.143.210:443

Request

POST /fd/ls/ls.gif?IG=0DD49FA7ED914E5E96F20FA0AFFB5C37&Type=Event.ClientInst&DATA={%22T%22:%22CI.Hover%22,%22AppNS%22:%22SERP%22,%22K%22:%225596.1%22,%22Name%22:%22VidCaption%22,%22TS%22:1734113376302,%22HType%22:%22h%22,%22FID%22:%22VideoAnswer%22,%22TType%22:0}&log=UserEvent HTTP/2.0
host: www.bing.com
content-length: 0
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "90.0.818.66"
sec-ch-ua-platform-version: "10.0"
content-type: text/plain;charset=UTF-8
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
accept: */*
origin: https://www.bing.com
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://www.bing.com/search?q=ransomware+downlouds&cvid=7e729d80db1740afaef3a04217b93d4b&aqs=edge..69i57j0l6.4165j0j4&FORM=ANAB01&PC=U531
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: MUID=2F4E2904EB0462ED0C753C50EA6963F3
cookie: _EDGE_S=F=1&SID=1FCCA6982E7F6C8F0728B3CC2F126D2A
cookie: _EDGE_V=1
cookie: SRCHD=AF=ANAB01
cookie: SRCHUID=V=2&GUID=8F1B49904A39427CA6233E79AB5BE299&dmnchg=1
cookie: ak_bmsc=F184CDB549F535F0B1E550D997395A26~000000000000000000000000000000~YAAQTDZ6XBXtdbWTAQAAMBM2wRr1wf4++RX/YAOWqh730thSrLKlBKMU4VpVMXbgi/LvbmuVgzyOM8kUlacDwjH4uybO7kvKG6QRuI8SPwe1QGFlxiVicp5hmGd05WFcNWnHPVzMekCo/R0SLhvaoXl1fXaULy3kgl/fRGp8xw7oPHyej/BhgG3YyX7oEK9PSWocKQbv1arXPfYTr6Pq5yZSN5gwlVVI1u9lfdVi4roZ6DhkyAUPIte/4/6rbnL5NOI3w7ljUelB+vV3TcmzPfreKRYeeCJXh/AD3CjtBdX5un91365jWwJXOGNWw6yGnnn/7U2buFemYCu8nb7bVSxMgoM6KK6PbpgeR0Pqv9YAr6odhOczXEav29qkndMDB/jhFnMCRoae
cookie: MUIDB=2F4E2904EB0462ED0C753C50EA6963F3
cookie: SRCHUSR=DOB=20241213&T=1734113366000
cookie: _C_ETH=1
cookie: _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-12-13T08:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-12-13T18:09:28.0808190+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=
cookie: _Rwho=u=d&ts=2024-12-13
cookie: _SS=PC=U531&SID=1FCCA6982E7F6C8F0728B3CC2F126D2A&R=3&RB=0&GB=0&RG=200&RP=0
cookie: dsc=order=Video
cookie: SRCHHPGUSR=SRCHLANG=en&DM=0&BRW=M&BRH=S&CW=1280&CH=601&SCW=1263&SCH=2629&DPR=1.0&UTC=0&PV=10.0&EXLTT=1&HV=1734113367&WTS=63869710166
cookie: USRLOC=HS=1&ELOC=LAT=51.98436737060547|LON=-0.22957976162433624|N=Letchworth%2C%20Hertfordshire|ELT=4|&BLOCK=TS=241213180928
cookie: ipv6=hit=1734116968441&t=4
cookie: BCP=AD=1&AL=1&SM=1

Response

HTTP/2.0 200

content-length: 0
access-control-allow-origin: *
date: Fri, 13 Dec 2024 18:09:37 GMT
alt-svc: h3=":443"; ma=93600
x-cdn-traceid: 0.4c367a5c.1734113377.a706eae
POST

https://www.bing.com/fd/ls/lsp.aspx

msedge.exe

Remote address:

95.101.143.210:443

Request

POST /fd/ls/lsp.aspx HTTP/2.0
host: www.bing.com
content-length: 1046
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "90.0.818.66"
sec-ch-ua-platform-version: "10.0"
content-type: text/xml
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
accept: */*
origin: https://www.bing.com
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.bing.com/search?q=ransomware+downlouds&cvid=7e729d80db1740afaef3a04217b93d4b&aqs=edge..69i57j0l6.4165j0j4&FORM=ANAB01&PC=U531
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: MUID=2F4E2904EB0462ED0C753C50EA6963F3
cookie: _EDGE_S=F=1&SID=1FCCA6982E7F6C8F0728B3CC2F126D2A
cookie: _EDGE_V=1
cookie: SRCHD=AF=ANAB01
cookie: SRCHUID=V=2&GUID=8F1B49904A39427CA6233E79AB5BE299&dmnchg=1
cookie: ak_bmsc=F184CDB549F535F0B1E550D997395A26~000000000000000000000000000000~YAAQTDZ6XBXtdbWTAQAAMBM2wRr1wf4++RX/YAOWqh730thSrLKlBKMU4VpVMXbgi/LvbmuVgzyOM8kUlacDwjH4uybO7kvKG6QRuI8SPwe1QGFlxiVicp5hmGd05WFcNWnHPVzMekCo/R0SLhvaoXl1fXaULy3kgl/fRGp8xw7oPHyej/BhgG3YyX7oEK9PSWocKQbv1arXPfYTr6Pq5yZSN5gwlVVI1u9lfdVi4roZ6DhkyAUPIte/4/6rbnL5NOI3w7ljUelB+vV3TcmzPfreKRYeeCJXh/AD3CjtBdX5un91365jWwJXOGNWw6yGnnn/7U2buFemYCu8nb7bVSxMgoM6KK6PbpgeR0Pqv9YAr6odhOczXEav29qkndMDB/jhFnMCRoae
cookie: MUIDB=2F4E2904EB0462ED0C753C50EA6963F3
cookie: SRCHUSR=DOB=20241213&T=1734113366000
cookie: _C_ETH=1
cookie: _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-12-13T08:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-12-13T18:09:28.0808190+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=
cookie: _Rwho=u=d&ts=2024-12-13
cookie: _SS=PC=U531&SID=1FCCA6982E7F6C8F0728B3CC2F126D2A&R=3&RB=0&GB=0&RG=200&RP=0
cookie: dsc=order=Video
cookie: SRCHHPGUSR=SRCHLANG=en&DM=0&BRW=M&BRH=S&CW=1280&CH=601&SCW=1263&SCH=2629&DPR=1.0&UTC=0&PV=10.0&EXLTT=1&HV=1734113367&WTS=63869710166
cookie: USRLOC=HS=1&ELOC=LAT=51.98436737060547|LON=-0.22957976162433624|N=Letchworth%2C%20Hertfordshire|ELT=4|&BLOCK=TS=241213180928
cookie: ipv6=hit=1734116968441&t=4
cookie: BCP=AD=1&AL=1&SM=1

Response

HTTP/2.0 204

access-control-allow-origin: *
date: Fri, 13 Dec 2024 18:09:38 GMT
alt-svc: h3=":443"; ma=93600
x-cdn-traceid: 0.4c367a5c.1734113378.a7071a6
POST

https://www.bing.com/fd/ls/ls.gif?IG=0DD49FA7ED914E5E96F20FA0AFFB5C37&Type=Event.ClientInst&DATA={%22T%22:%22CI.Hover%22,%22AppNS%22:%22SERP%22,%22K%22:%225596.1%22,%22Name%22:%22VidCaption%22,%22TS%22:1734113379513,%22HType%22:%22h%22,%22FID%22:%22VideoAnswer%22,%22TType%22:0}&log=UserEvent

msedge.exe

Remote address:

95.101.143.210:443

Request

POST /fd/ls/ls.gif?IG=0DD49FA7ED914E5E96F20FA0AFFB5C37&Type=Event.ClientInst&DATA={%22T%22:%22CI.Hover%22,%22AppNS%22:%22SERP%22,%22K%22:%225596.1%22,%22Name%22:%22VidCaption%22,%22TS%22:1734113379513,%22HType%22:%22h%22,%22FID%22:%22VideoAnswer%22,%22TType%22:0}&log=UserEvent HTTP/2.0
host: www.bing.com
content-length: 0
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "90.0.818.66"
sec-ch-ua-platform-version: "10.0"
content-type: text/plain;charset=UTF-8
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
accept: */*
origin: https://www.bing.com
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://www.bing.com/search?q=ransomware+downlouds&cvid=7e729d80db1740afaef3a04217b93d4b&aqs=edge..69i57j0l6.4165j0j4&FORM=ANAB01&PC=U531
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: MUID=2F4E2904EB0462ED0C753C50EA6963F3
cookie: _EDGE_S=F=1&SID=1FCCA6982E7F6C8F0728B3CC2F126D2A
cookie: _EDGE_V=1
cookie: SRCHD=AF=ANAB01
cookie: SRCHUID=V=2&GUID=8F1B49904A39427CA6233E79AB5BE299&dmnchg=1
cookie: ak_bmsc=F184CDB549F535F0B1E550D997395A26~000000000000000000000000000000~YAAQTDZ6XBXtdbWTAQAAMBM2wRr1wf4++RX/YAOWqh730thSrLKlBKMU4VpVMXbgi/LvbmuVgzyOM8kUlacDwjH4uybO7kvKG6QRuI8SPwe1QGFlxiVicp5hmGd05WFcNWnHPVzMekCo/R0SLhvaoXl1fXaULy3kgl/fRGp8xw7oPHyej/BhgG3YyX7oEK9PSWocKQbv1arXPfYTr6Pq5yZSN5gwlVVI1u9lfdVi4roZ6DhkyAUPIte/4/6rbnL5NOI3w7ljUelB+vV3TcmzPfreKRYeeCJXh/AD3CjtBdX5un91365jWwJXOGNWw6yGnnn/7U2buFemYCu8nb7bVSxMgoM6KK6PbpgeR0Pqv9YAr6odhOczXEav29qkndMDB/jhFnMCRoae
cookie: MUIDB=2F4E2904EB0462ED0C753C50EA6963F3
cookie: SRCHUSR=DOB=20241213&T=1734113366000
cookie: _C_ETH=1
cookie: _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-12-13T08:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-12-13T18:09:28.0808190+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=
cookie: _Rwho=u=d&ts=2024-12-13
cookie: _SS=PC=U531&SID=1FCCA6982E7F6C8F0728B3CC2F126D2A&R=3&RB=0&GB=0&RG=200&RP=0
cookie: dsc=order=Video
cookie: SRCHHPGUSR=SRCHLANG=en&DM=0&BRW=M&BRH=S&CW=1280&CH=601&SCW=1263&SCH=2629&DPR=1.0&UTC=0&PV=10.0&EXLTT=1&HV=1734113367&WTS=63869710166
cookie: USRLOC=HS=1&ELOC=LAT=51.98436737060547|LON=-0.22957976162433624|N=Letchworth%2C%20Hertfordshire|ELT=4|&BLOCK=TS=241213180928
cookie: ipv6=hit=1734116968441&t=4
cookie: BCP=AD=1&AL=1&SM=1

Response

HTTP/2.0 200

content-length: 0
access-control-allow-origin: *
date: Fri, 13 Dec 2024 18:09:40 GMT
alt-svc: h3=":443"; ma=93600
x-cdn-traceid: 0.4c367a5c.1734113380.a707ae2
POST

https://www.bing.com/fd/ls/lsp.aspx

msedge.exe

Remote address:

95.101.143.210:443

Request

POST /fd/ls/lsp.aspx HTTP/2.0
host: www.bing.com
content-length: 1280
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "90.0.818.66"
sec-ch-ua-platform-version: "10.0"
content-type: text/xml
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
accept: */*
origin: https://www.bing.com
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.bing.com/search?q=ransomware+downlouds&cvid=7e729d80db1740afaef3a04217b93d4b&aqs=edge..69i57j0l6.4165j0j4&FORM=ANAB01&PC=U531
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: MUID=2F4E2904EB0462ED0C753C50EA6963F3
cookie: _EDGE_S=F=1&SID=1FCCA6982E7F6C8F0728B3CC2F126D2A
cookie: _EDGE_V=1
cookie: SRCHD=AF=ANAB01
cookie: SRCHUID=V=2&GUID=8F1B49904A39427CA6233E79AB5BE299&dmnchg=1
cookie: ak_bmsc=F184CDB549F535F0B1E550D997395A26~000000000000000000000000000000~YAAQTDZ6XBXtdbWTAQAAMBM2wRr1wf4++RX/YAOWqh730thSrLKlBKMU4VpVMXbgi/LvbmuVgzyOM8kUlacDwjH4uybO7kvKG6QRuI8SPwe1QGFlxiVicp5hmGd05WFcNWnHPVzMekCo/R0SLhvaoXl1fXaULy3kgl/fRGp8xw7oPHyej/BhgG3YyX7oEK9PSWocKQbv1arXPfYTr6Pq5yZSN5gwlVVI1u9lfdVi4roZ6DhkyAUPIte/4/6rbnL5NOI3w7ljUelB+vV3TcmzPfreKRYeeCJXh/AD3CjtBdX5un91365jWwJXOGNWw6yGnnn/7U2buFemYCu8nb7bVSxMgoM6KK6PbpgeR0Pqv9YAr6odhOczXEav29qkndMDB/jhFnMCRoae
cookie: MUIDB=2F4E2904EB0462ED0C753C50EA6963F3
cookie: SRCHUSR=DOB=20241213&T=1734113366000
cookie: _C_ETH=1
cookie: _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-12-13T08:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-12-13T18:09:28.0808190+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=
cookie: _Rwho=u=d&ts=2024-12-13
cookie: _SS=PC=U531&SID=1FCCA6982E7F6C8F0728B3CC2F126D2A&R=3&RB=0&GB=0&RG=200&RP=0
cookie: dsc=order=Video
cookie: SRCHHPGUSR=SRCHLANG=en&DM=0&BRW=M&BRH=S&CW=1280&CH=601&SCW=1263&SCH=2629&DPR=1.0&UTC=0&PV=10.0&EXLTT=1&HV=1734113367&WTS=63869710166
cookie: USRLOC=HS=1&ELOC=LAT=51.98436737060547|LON=-0.22957976162433624|N=Letchworth%2C%20Hertfordshire|ELT=4|&BLOCK=TS=241213180928
cookie: ipv6=hit=1734116968441&t=4
cookie: BCP=AD=1&AL=1&SM=1

Response

HTTP/2.0 204

access-control-allow-origin: *
date: Fri, 13 Dec 2024 18:09:41 GMT
alt-svc: h3=":443"; ma=93600
x-cdn-traceid: 0.4c367a5c.1734113381.a707e3b
POST

https://www.bing.com/fd/ls/GLinkPingPost.aspx?IG=0DD49FA7ED914E5E96F20FA0AFFB5C37&ID=SERP,5251.2&url=https%3A%2F%2Fwww.bing.com%2Fck%2Fa%3F!%26%26p%3D0108f087cfa69806df14b47ebed4cf528b86a44912fa38c24cdf4bfd82efe49cJmltdHM9MTczNDA0ODAwMA%26ptn%3D3%26ver%3D2%26hsh%3D4%26fclid%3D2f4e2904-eb04-62ed-0c75-3c50ea6963f3%26psq%3Dransomware%2Bdownlouds%26u%3Da1aHR0cHM6Ly9naXRodWIuY29tL0RhMmRhbHVzL1RoZS1NQUxXQVJFLVJlcG8%26ntb%3D1

msedge.exe

Remote address:

95.101.143.210:443

Request

POST /fd/ls/GLinkPingPost.aspx?IG=0DD49FA7ED914E5E96F20FA0AFFB5C37&ID=SERP,5251.2&url=https%3A%2F%2Fwww.bing.com%2Fck%2Fa%3F!%26%26p%3D0108f087cfa69806df14b47ebed4cf528b86a44912fa38c24cdf4bfd82efe49cJmltdHM9MTczNDA0ODAwMA%26ptn%3D3%26ver%3D2%26hsh%3D4%26fclid%3D2f4e2904-eb04-62ed-0c75-3c50ea6963f3%26psq%3Dransomware%2Bdownlouds%26u%3Da1aHR0cHM6Ly9naXRodWIuY29tL0RhMmRhbHVzL1RoZS1NQUxXQVJFLVJlcG8%26ntb%3D1 HTTP/2.0
host: www.bing.com
content-length: 0
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "90.0.818.66"
sec-ch-ua-platform-version: "10.0"
content-type: text/plain;charset=UTF-8
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
accept: */*
origin: https://www.bing.com
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://www.bing.com/search?q=ransomware+downlouds&cvid=7e729d80db1740afaef3a04217b93d4b&aqs=edge..69i57j0l6.4165j0j4&FORM=ANAB01&PC=U531
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: MUID=2F4E2904EB0462ED0C753C50EA6963F3
cookie: _EDGE_S=F=1&SID=1FCCA6982E7F6C8F0728B3CC2F126D2A
cookie: _EDGE_V=1
cookie: SRCHD=AF=ANAB01
cookie: SRCHUID=V=2&GUID=8F1B49904A39427CA6233E79AB5BE299&dmnchg=1
cookie: ak_bmsc=F184CDB549F535F0B1E550D997395A26~000000000000000000000000000000~YAAQTDZ6XBXtdbWTAQAAMBM2wRr1wf4++RX/YAOWqh730thSrLKlBKMU4VpVMXbgi/LvbmuVgzyOM8kUlacDwjH4uybO7kvKG6QRuI8SPwe1QGFlxiVicp5hmGd05WFcNWnHPVzMekCo/R0SLhvaoXl1fXaULy3kgl/fRGp8xw7oPHyej/BhgG3YyX7oEK9PSWocKQbv1arXPfYTr6Pq5yZSN5gwlVVI1u9lfdVi4roZ6DhkyAUPIte/4/6rbnL5NOI3w7ljUelB+vV3TcmzPfreKRYeeCJXh/AD3CjtBdX5un91365jWwJXOGNWw6yGnnn/7U2buFemYCu8nb7bVSxMgoM6KK6PbpgeR0Pqv9YAr6odhOczXEav29qkndMDB/jhFnMCRoae
cookie: MUIDB=2F4E2904EB0462ED0C753C50EA6963F3
cookie: SRCHUSR=DOB=20241213&T=1734113366000
cookie: _C_ETH=1
cookie: _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-12-13T08:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-12-13T18:09:28.0808190+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=
cookie: _Rwho=u=d&ts=2024-12-13
cookie: _SS=PC=U531&SID=1FCCA6982E7F6C8F0728B3CC2F126D2A&R=3&RB=0&GB=0&RG=200&RP=0
cookie: dsc=order=Video
cookie: SRCHHPGUSR=SRCHLANG=en&DM=0&BRW=M&BRH=S&CW=1280&CH=601&SCW=1263&SCH=2629&DPR=1.0&UTC=0&PV=10.0&EXLTT=1&HV=1734113367&WTS=63869710166
cookie: USRLOC=HS=1&ELOC=LAT=51.98436737060547|LON=-0.22957976162433624|N=Letchworth%2C%20Hertfordshire|ELT=4|&BLOCK=TS=241213180928
cookie: ipv6=hit=1734116968441&t=4
cookie: BCP=AD=1&AL=1&SM=1

Response

HTTP/2.0 200

cache-control: private
p3p: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
access-control-allow-origin: *
x-eventid: 675c7889838044df871c8c58057679eb
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, ECT, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
useragentreductionoptout: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
content-security-policy: script-src https: 'strict-dynamic' 'report-sample' 'wasm-unsafe-eval' 'nonce-kGKqtxVb0WeEROcUye+yAFoMrMnYkglmIbl4cSrCm4s='; base-uri 'self';report-to csp-endpoint
report-to: {"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
x-msedge-ref: Ref A: E9162A461D8D4967B535D1BCE99A916E Ref B: LON601060102031 Ref C: 2024-12-13T18:10:17Z
content-length: 0
date: Fri, 13 Dec 2024 18:10:17 GMT
set-cookie: MUIDB=2F4E2904EB0462ED0C753C50EA6963F3; expires=Wed, 07-Jan-2026 18:10:17 GMT; path=/; HttpOnly
alt-svc: h3=":443"; ma=93600
x-cdn-traceid: 0.4c367a5c.1734113417.a710833
POST

https://www.bing.com/fd/ls/lsp.aspx

msedge.exe

Remote address:

95.101.143.210:443

Request

POST /fd/ls/lsp.aspx HTTP/2.0
host: www.bing.com
content-length: 765
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "90.0.818.66"
sec-ch-ua-platform-version: "10.0"
content-type: text/plain
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
accept: */*
origin: https://www.bing.com
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://www.bing.com/search?q=ransomware+downlouds&cvid=7e729d80db1740afaef3a04217b93d4b&aqs=edge..69i57j0l6.4165j0j4&FORM=ANAB01&PC=U531
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: MUID=2F4E2904EB0462ED0C753C50EA6963F3
cookie: _EDGE_S=F=1&SID=1FCCA6982E7F6C8F0728B3CC2F126D2A
cookie: _EDGE_V=1
cookie: SRCHD=AF=ANAB01
cookie: SRCHUID=V=2&GUID=8F1B49904A39427CA6233E79AB5BE299&dmnchg=1
cookie: ak_bmsc=F184CDB549F535F0B1E550D997395A26~000000000000000000000000000000~YAAQTDZ6XBXtdbWTAQAAMBM2wRr1wf4++RX/YAOWqh730thSrLKlBKMU4VpVMXbgi/LvbmuVgzyOM8kUlacDwjH4uybO7kvKG6QRuI8SPwe1QGFlxiVicp5hmGd05WFcNWnHPVzMekCo/R0SLhvaoXl1fXaULy3kgl/fRGp8xw7oPHyej/BhgG3YyX7oEK9PSWocKQbv1arXPfYTr6Pq5yZSN5gwlVVI1u9lfdVi4roZ6DhkyAUPIte/4/6rbnL5NOI3w7ljUelB+vV3TcmzPfreKRYeeCJXh/AD3CjtBdX5un91365jWwJXOGNWw6yGnnn/7U2buFemYCu8nb7bVSxMgoM6KK6PbpgeR0Pqv9YAr6odhOczXEav29qkndMDB/jhFnMCRoae
cookie: MUIDB=2F4E2904EB0462ED0C753C50EA6963F3
cookie: SRCHUSR=DOB=20241213&T=1734113366000
cookie: _C_ETH=1
cookie: _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-12-13T08:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-12-13T18:09:28.0808190+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=
cookie: _Rwho=u=d&ts=2024-12-13
cookie: _SS=PC=U531&SID=1FCCA6982E7F6C8F0728B3CC2F126D2A&R=3&RB=0&GB=0&RG=200&RP=0
cookie: dsc=order=Video
cookie: SRCHHPGUSR=SRCHLANG=en&DM=0&BRW=M&BRH=S&CW=1280&CH=601&SCW=1263&SCH=2629&DPR=1.0&UTC=0&PV=10.0&EXLTT=1&HV=1734113367&WTS=63869710166
cookie: USRLOC=HS=1&ELOC=LAT=51.98436737060547|LON=-0.22957976162433624|N=Letchworth%2C%20Hertfordshire|ELT=4|&BLOCK=TS=241213180928
cookie: ipv6=hit=1734116968441&t=4
cookie: BCP=AD=1&AL=1&SM=1

Response

HTTP/2.0 204

access-control-allow-origin: *
date: Fri, 13 Dec 2024 18:10:17 GMT
alt-svc: h3=":443"; ma=93600
x-cdn-traceid: 0.4c367a5c.1734113417.a7108e9
POST

https://www.bing.com/fd/ls/lsp.aspx

msedge.exe

Remote address:

95.101.143.210:443

Request

POST /fd/ls/lsp.aspx HTTP/2.0
host: www.bing.com
content-length: 285
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "90.0.818.66"
sec-ch-ua-platform-version: "10.0"
content-type: text/xml
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
accept: */*
origin: https://www.bing.com
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.bing.com/search?q=ransomware+downlouds&cvid=7e729d80db1740afaef3a04217b93d4b&aqs=edge..69i57j0l6.4165j0j4&FORM=ANAB01&PC=U531
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: MUID=2F4E2904EB0462ED0C753C50EA6963F3
cookie: _EDGE_S=F=1&SID=1FCCA6982E7F6C8F0728B3CC2F126D2A
cookie: _EDGE_V=1
cookie: SRCHD=AF=ANAB01
cookie: SRCHUID=V=2&GUID=8F1B49904A39427CA6233E79AB5BE299&dmnchg=1
cookie: ak_bmsc=F184CDB549F535F0B1E550D997395A26~000000000000000000000000000000~YAAQTDZ6XBXtdbWTAQAAMBM2wRr1wf4++RX/YAOWqh730thSrLKlBKMU4VpVMXbgi/LvbmuVgzyOM8kUlacDwjH4uybO7kvKG6QRuI8SPwe1QGFlxiVicp5hmGd05WFcNWnHPVzMekCo/R0SLhvaoXl1fXaULy3kgl/fRGp8xw7oPHyej/BhgG3YyX7oEK9PSWocKQbv1arXPfYTr6Pq5yZSN5gwlVVI1u9lfdVi4roZ6DhkyAUPIte/4/6rbnL5NOI3w7ljUelB+vV3TcmzPfreKRYeeCJXh/AD3CjtBdX5un91365jWwJXOGNWw6yGnnn/7U2buFemYCu8nb7bVSxMgoM6KK6PbpgeR0Pqv9YAr6odhOczXEav29qkndMDB/jhFnMCRoae
cookie: MUIDB=2F4E2904EB0462ED0C753C50EA6963F3
cookie: SRCHUSR=DOB=20241213&T=1734113366000
cookie: _C_ETH=1
cookie: _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-12-13T08:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-12-13T18:09:28.0808190+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=
cookie: _Rwho=u=d&ts=2024-12-13
cookie: _SS=PC=U531&SID=1FCCA6982E7F6C8F0728B3CC2F126D2A&R=3&RB=0&GB=0&RG=200&RP=0
cookie: dsc=order=Video
cookie: SRCHHPGUSR=SRCHLANG=en&DM=0&BRW=M&BRH=S&CW=1280&CH=601&SCW=1263&SCH=2629&DPR=1.0&UTC=0&PV=10.0&EXLTT=1&HV=1734113367&WTS=63869710166
cookie: USRLOC=HS=1&ELOC=LAT=51.98436737060547|LON=-0.22957976162433624|N=Letchworth%2C%20Hertfordshire|ELT=4|&BLOCK=TS=241213180928
cookie: ipv6=hit=1734116968441&t=4
cookie: BCP=AD=1&AL=1&SM=1

Response

HTTP/2.0 204

access-control-allow-origin: *
date: Fri, 13 Dec 2024 18:10:17 GMT
alt-svc: h3=":443"; ma=93600
x-cdn-traceid: 0.4c367a5c.1734113417.a7108eb
GET

https://www.bing.com/ck/a?!&&p=0108f087cfa69806df14b47ebed4cf528b86a44912fa38c24cdf4bfd82efe49cJmltdHM9MTczNDA0ODAwMA&ptn=3&ver=2&hsh=4&fclid=2f4e2904-eb04-62ed-0c75-3c50ea6963f3&psq=ransomware+downlouds&u=a1aHR0cHM6Ly9naXRodWIuY29tL0RhMmRhbHVzL1RoZS1NQUxXQVJFLVJlcG8&ntb=1

msedge.exe

Remote address:

95.101.143.210:443

Request

GET /ck/a?!&&p=0108f087cfa69806df14b47ebed4cf528b86a44912fa38c24cdf4bfd82efe49cJmltdHM9MTczNDA0ODAwMA&ptn=3&ver=2&hsh=4&fclid=2f4e2904-eb04-62ed-0c75-3c50ea6963f3&psq=ransomware+downlouds&u=a1aHR0cHM6Ly9naXRodWIuY29tL0RhMmRhbHVzL1RoZS1NQUxXQVJFLVJlcG8&ntb=1 HTTP/2.0
host: www.bing.com
ect: 4g
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
sec-ch-ua-mobile: ?0
sec-ch-ua-full-version: "90.0.818.66"
sec-ch-ua-arch: "x86"
sec-ch-ua-platform: "Windows"
sec-ch-ua-platform-version: "10.0"
sec-ch-ua-model: ""
dnt: 1
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
referer: https://www.bing.com/search?q=ransomware+downlouds&cvid=7e729d80db1740afaef3a04217b93d4b&aqs=edge..69i57j0l6.4165j0j4&FORM=ANAB01&PC=U531
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: MUID=2F4E2904EB0462ED0C753C50EA6963F3
cookie: _EDGE_S=F=1&SID=1FCCA6982E7F6C8F0728B3CC2F126D2A
cookie: _EDGE_V=1
cookie: SRCHD=AF=ANAB01
cookie: SRCHUID=V=2&GUID=8F1B49904A39427CA6233E79AB5BE299&dmnchg=1
cookie: ak_bmsc=F184CDB549F535F0B1E550D997395A26~000000000000000000000000000000~YAAQTDZ6XBXtdbWTAQAAMBM2wRr1wf4++RX/YAOWqh730thSrLKlBKMU4VpVMXbgi/LvbmuVgzyOM8kUlacDwjH4uybO7kvKG6QRuI8SPwe1QGFlxiVicp5hmGd05WFcNWnHPVzMekCo/R0SLhvaoXl1fXaULy3kgl/fRGp8xw7oPHyej/BhgG3YyX7oEK9PSWocKQbv1arXPfYTr6Pq5yZSN5gwlVVI1u9lfdVi4roZ6DhkyAUPIte/4/6rbnL5NOI3w7ljUelB+vV3TcmzPfreKRYeeCJXh/AD3CjtBdX5un91365jWwJXOGNWw6yGnnn/7U2buFemYCu8nb7bVSxMgoM6KK6PbpgeR0Pqv9YAr6odhOczXEav29qkndMDB/jhFnMCRoae
cookie: MUIDB=2F4E2904EB0462ED0C753C50EA6963F3
cookie: SRCHUSR=DOB=20241213&T=1734113366000
cookie: _C_ETH=1
cookie: _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-12-13T08:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-12-13T18:09:28.0808190+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=
cookie: _Rwho=u=d&ts=2024-12-13
cookie: _SS=PC=U531&SID=1FCCA6982E7F6C8F0728B3CC2F126D2A&R=3&RB=0&GB=0&RG=200&RP=0
cookie: dsc=order=Video
cookie: SRCHHPGUSR=SRCHLANG=en&DM=0&BRW=M&BRH=S&CW=1280&CH=601&SCW=1263&SCH=2629&DPR=1.0&UTC=0&PV=10.0&EXLTT=1&HV=1734113367&WTS=63869710166
cookie: USRLOC=HS=1&ELOC=LAT=51.98436737060547|LON=-0.22957976162433624|N=Letchworth%2C%20Hertfordshire|ELT=4|&BLOCK=TS=241213180928
cookie: ipv6=hit=1734116968441&t=4
cookie: BCP=AD=1&AL=1&SM=1

Response

HTTP/2.0 200

cache-control: no-cache, must-revalidate
pragma: no-cache
content-length: 1201
content-type: text/html; charset=UTF-8
content-encoding: gzip
expires: Fri, 01 Jan 1990 00:00:00 GMT
vary: Accept-Encoding
access-control-allow-origin: *
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: F2DDB24B07EB45D49BD16E6A178579CB Ref B: LON601060101029 Ref C: 2024-12-13T18:10:17Z
date: Fri, 13 Dec 2024 18:10:17 GMT
set-cookie: MSPTC=52sMu2dUEz7pZOHCyRIi_GI1VKOVz2PT3yh0l1sSlY0; domain=.bing.com; expires=Wed, 07-Jan-2026 18:10:17 GMT; path=/; Partitioned; secure; SameSite=None
alt-svc: h3=":443"; ma=93600
x-cdn-traceid: 0.4c367a5c.1734113417.a7108ec
GET

https://www.bing.com/fd/ls/l?IG=0DD49FA7ED914E5E96F20FA0AFFB5C37&CID=2F4E2904EB0462ED0C753C50EA6963F3&Type=Event.ClientInst&DATA=[{%22T%22:%22CI.RSSQB%22,%22FID%22:%22CI%22,%22Name%22:%22Show%22,%22Text%22:%22Triggered%22}]

msedge.exe

Remote address:

95.101.143.210:443

Request

GET /fd/ls/l?IG=0DD49FA7ED914E5E96F20FA0AFFB5C37&CID=2F4E2904EB0462ED0C753C50EA6963F3&Type=Event.ClientInst&DATA=[{%22T%22:%22CI.RSSQB%22,%22FID%22:%22CI%22,%22Name%22:%22Show%22,%22Text%22:%22Triggered%22}] HTTP/2.0
host: www.bing.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "90.0.818.66"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.bing.com/search?q=ransomware+downlouds&cvid=7e729d80db1740afaef3a04217b93d4b&aqs=edge..69i57j0l6.4165j0j4&FORM=ANAB01&PC=U531
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: MUID=2F4E2904EB0462ED0C753C50EA6963F3
cookie: _EDGE_S=F=1&SID=1FCCA6982E7F6C8F0728B3CC2F126D2A
cookie: _EDGE_V=1
cookie: SRCHD=AF=ANAB01
cookie: SRCHUID=V=2&GUID=8F1B49904A39427CA6233E79AB5BE299&dmnchg=1
cookie: ak_bmsc=F184CDB549F535F0B1E550D997395A26~000000000000000000000000000000~YAAQTDZ6XBXtdbWTAQAAMBM2wRr1wf4++RX/YAOWqh730thSrLKlBKMU4VpVMXbgi/LvbmuVgzyOM8kUlacDwjH4uybO7kvKG6QRuI8SPwe1QGFlxiVicp5hmGd05WFcNWnHPVzMekCo/R0SLhvaoXl1fXaULy3kgl/fRGp8xw7oPHyej/BhgG3YyX7oEK9PSWocKQbv1arXPfYTr6Pq5yZSN5gwlVVI1u9lfdVi4roZ6DhkyAUPIte/4/6rbnL5NOI3w7ljUelB+vV3TcmzPfreKRYeeCJXh/AD3CjtBdX5un91365jWwJXOGNWw6yGnnn/7U2buFemYCu8nb7bVSxMgoM6KK6PbpgeR0Pqv9YAr6odhOczXEav29qkndMDB/jhFnMCRoae
cookie: MUIDB=2F4E2904EB0462ED0C753C50EA6963F3
cookie: SRCHUSR=DOB=20241213&T=1734113366000
cookie: _C_ETH=1
cookie: _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-12-13T08:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-12-13T18:09:28.0808190+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=
cookie: _Rwho=u=d&ts=2024-12-13
cookie: _SS=PC=U531&SID=1FCCA6982E7F6C8F0728B3CC2F126D2A&R=3&RB=0&GB=0&RG=200&RP=0
cookie: dsc=order=Video
cookie: SRCHHPGUSR=SRCHLANG=en&DM=0&BRW=M&BRH=S&CW=1280&CH=601&SCW=1263&SCH=2629&DPR=1.0&UTC=0&PV=10.0&EXLTT=1&HV=1734113367&WTS=63869710166
cookie: USRLOC=HS=1&ELOC=LAT=51.98436737060547|LON=-0.22957976162433624|N=Letchworth%2C%20Hertfordshire|ELT=4|&BLOCK=TS=241213180928
cookie: ipv6=hit=1734116968441&t=4
cookie: BCP=AD=1&AL=1&SM=1

Response

HTTP/2.0 200

content-length: 0
access-control-allow-origin: *
date: Fri, 13 Dec 2024 18:10:17 GMT
alt-svc: h3=":443"; ma=93600
x-cdn-traceid: 0.4c367a5c.1734113417.a7108f0
GET

https://www.bing.com/fd/ls/l?IG=0DD49FA7ED914E5E96F20FA0AFFB5C37&CID=2F4E2904EB0462ED0C753C50EA6963F3&Type=Event.ClientInst&DATA=[{%22T%22:%22CI.RSSQBLog%22,%22FID%22:%22CI%22,%22Name%22:%22ShowCFLog%22,%22Text%22:%22Triggered%22}]

msedge.exe

Remote address:

95.101.143.210:443

Request

GET /fd/ls/l?IG=0DD49FA7ED914E5E96F20FA0AFFB5C37&CID=2F4E2904EB0462ED0C753C50EA6963F3&Type=Event.ClientInst&DATA=[{%22T%22:%22CI.RSSQBLog%22,%22FID%22:%22CI%22,%22Name%22:%22ShowCFLog%22,%22Text%22:%22Triggered%22}] HTTP/2.0
host: www.bing.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "90.0.818.66"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.bing.com/search?q=ransomware+downlouds&cvid=7e729d80db1740afaef3a04217b93d4b&aqs=edge..69i57j0l6.4165j0j4&FORM=ANAB01&PC=U531
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: MUID=2F4E2904EB0462ED0C753C50EA6963F3
cookie: _EDGE_S=F=1&SID=1FCCA6982E7F6C8F0728B3CC2F126D2A
cookie: _EDGE_V=1
cookie: SRCHD=AF=ANAB01
cookie: SRCHUID=V=2&GUID=8F1B49904A39427CA6233E79AB5BE299&dmnchg=1
cookie: ak_bmsc=F184CDB549F535F0B1E550D997395A26~000000000000000000000000000000~YAAQTDZ6XBXtdbWTAQAAMBM2wRr1wf4++RX/YAOWqh730thSrLKlBKMU4VpVMXbgi/LvbmuVgzyOM8kUlacDwjH4uybO7kvKG6QRuI8SPwe1QGFlxiVicp5hmGd05WFcNWnHPVzMekCo/R0SLhvaoXl1fXaULy3kgl/fRGp8xw7oPHyej/BhgG3YyX7oEK9PSWocKQbv1arXPfYTr6Pq5yZSN5gwlVVI1u9lfdVi4roZ6DhkyAUPIte/4/6rbnL5NOI3w7ljUelB+vV3TcmzPfreKRYeeCJXh/AD3CjtBdX5un91365jWwJXOGNWw6yGnnn/7U2buFemYCu8nb7bVSxMgoM6KK6PbpgeR0Pqv9YAr6odhOczXEav29qkndMDB/jhFnMCRoae
cookie: MUIDB=2F4E2904EB0462ED0C753C50EA6963F3
cookie: SRCHUSR=DOB=20241213&T=1734113366000
cookie: _C_ETH=1
cookie: _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-12-13T08:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-12-13T18:09:28.0808190+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=
cookie: _Rwho=u=d&ts=2024-12-13
cookie: _SS=PC=U531&SID=1FCCA6982E7F6C8F0728B3CC2F126D2A&R=3&RB=0&GB=0&RG=200&RP=0
cookie: dsc=order=Video
cookie: SRCHHPGUSR=SRCHLANG=en&DM=0&BRW=M&BRH=S&CW=1280&CH=601&SCW=1263&SCH=2629&DPR=1.0&UTC=0&PV=10.0&EXLTT=1&HV=1734113367&WTS=63869710166
cookie: USRLOC=HS=1&ELOC=LAT=51.98436737060547|LON=-0.22957976162433624|N=Letchworth%2C%20Hertfordshire|ELT=4|&BLOCK=TS=241213180928
cookie: ipv6=hit=1734116968441&t=4
cookie: BCP=AD=1&AL=1&SM=1

Response

HTTP/2.0 200

content-length: 0
access-control-allow-origin: *
date: Fri, 13 Dec 2024 18:10:17 GMT
alt-svc: h3=":443"; ma=93600
x-cdn-traceid: 0.4c367a5c.1734113417.a7108ef
GET

https://www.bing.com/favicon.ico

msedge.exe

Remote address:

95.101.143.210:443

Request

GET /favicon.ico HTTP/2.0
host: www.bing.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "90.0.818.66"
sec-ch-ua-platform-version: "10.0"
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.bing.com/search?q=ransomware+downlouds&cvid=7e729d80db1740afaef3a04217b93d4b&aqs=edge..69i57j0l6.4165j0j4&FORM=ANAB01&PC=U531
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: MUID=2F4E2904EB0462ED0C753C50EA6963F3
cookie: _EDGE_S=F=1&SID=1FCCA6982E7F6C8F0728B3CC2F126D2A
cookie: _EDGE_V=1
cookie: SRCHD=AF=ANAB01
cookie: SRCHUID=V=2&GUID=8F1B49904A39427CA6233E79AB5BE299&dmnchg=1
cookie: ak_bmsc=F184CDB549F535F0B1E550D997395A26~000000000000000000000000000000~YAAQTDZ6XBXtdbWTAQAAMBM2wRr1wf4++RX/YAOWqh730thSrLKlBKMU4VpVMXbgi/LvbmuVgzyOM8kUlacDwjH4uybO7kvKG6QRuI8SPwe1QGFlxiVicp5hmGd05WFcNWnHPVzMekCo/R0SLhvaoXl1fXaULy3kgl/fRGp8xw7oPHyej/BhgG3YyX7oEK9PSWocKQbv1arXPfYTr6Pq5yZSN5gwlVVI1u9lfdVi4roZ6DhkyAUPIte/4/6rbnL5NOI3w7ljUelB+vV3TcmzPfreKRYeeCJXh/AD3CjtBdX5un91365jWwJXOGNWw6yGnnn/7U2buFemYCu8nb7bVSxMgoM6KK6PbpgeR0Pqv9YAr6odhOczXEav29qkndMDB/jhFnMCRoae
cookie: MUIDB=2F4E2904EB0462ED0C753C50EA6963F3
cookie: SRCHUSR=DOB=20241213&T=1734113366000
cookie: _C_ETH=1
cookie: _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-12-13T08:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-12-13T18:09:28.0808190+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=
cookie: _Rwho=u=d&ts=2024-12-13
cookie: _SS=PC=U531&SID=1FCCA6982E7F6C8F0728B3CC2F126D2A&R=3&RB=0&GB=0&RG=200&RP=0
cookie: dsc=order=Video
cookie: SRCHHPGUSR=SRCHLANG=en&DM=0&BRW=M&BRH=S&CW=1280&CH=601&SCW=1263&SCH=2629&DPR=1.0&UTC=0&PV=10.0&EXLTT=1&HV=1734113367&WTS=63869710166
cookie: USRLOC=HS=1&ELOC=LAT=51.98436737060547|LON=-0.22957976162433624|N=Letchworth%2C%20Hertfordshire|ELT=4|&BLOCK=TS=241213180928
cookie: ipv6=hit=1734116968441&t=4
cookie: BCP=AD=1&AL=1&SM=1
cookie: MSPTC=52sMu2dUEz7pZOHCyRIi_GI1VKOVz2PT3yh0l1sSlY0

Response

HTTP/2.0 200

cache-control: public, max-age=15552000
content-length: 4286
content-type: image/x-icon
last-modified: Mon, 01 Jan 1601 00:00:00 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: FF7F9C6CB1714EC59EFAB3D4C612DCB2 Ref B: LTSEDGE1121 Ref C: 2023-01-04T16:48:40Z
date: Fri, 13 Dec 2024 18:10:18 GMT
alt-svc: h3=":443"; ma=93600
x-cdn-traceid: 0.4c367a5c.1734113417.a71096e
POST

https://www.bing.com/fd/ls/lsp.aspx

msedge.exe

Remote address:

95.101.143.210:443

Request

POST /fd/ls/lsp.aspx HTTP/2.0
host: www.bing.com
content-length: 924
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "90.0.818.66"
sec-ch-ua-platform-version: "10.0"
content-type: text/xml
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
accept: */*
origin: https://www.bing.com
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.bing.com/search?q=ransomware+downlouds&cvid=7e729d80db1740afaef3a04217b93d4b&aqs=edge..69i57j0l6.4165j0j4&FORM=ANAB01&PC=U531
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: MUID=2F4E2904EB0462ED0C753C50EA6963F3
cookie: _EDGE_S=F=1&SID=1FCCA6982E7F6C8F0728B3CC2F126D2A
cookie: _EDGE_V=1
cookie: SRCHD=AF=ANAB01
cookie: SRCHUID=V=2&GUID=8F1B49904A39427CA6233E79AB5BE299&dmnchg=1
cookie: ak_bmsc=F184CDB549F535F0B1E550D997395A26~000000000000000000000000000000~YAAQTDZ6XBXtdbWTAQAAMBM2wRr1wf4++RX/YAOWqh730thSrLKlBKMU4VpVMXbgi/LvbmuVgzyOM8kUlacDwjH4uybO7kvKG6QRuI8SPwe1QGFlxiVicp5hmGd05WFcNWnHPVzMekCo/R0SLhvaoXl1fXaULy3kgl/fRGp8xw7oPHyej/BhgG3YyX7oEK9PSWocKQbv1arXPfYTr6Pq5yZSN5gwlVVI1u9lfdVi4roZ6DhkyAUPIte/4/6rbnL5NOI3w7ljUelB+vV3TcmzPfreKRYeeCJXh/AD3CjtBdX5un91365jWwJXOGNWw6yGnnn/7U2buFemYCu8nb7bVSxMgoM6KK6PbpgeR0Pqv9YAr6odhOczXEav29qkndMDB/jhFnMCRoae
cookie: MUIDB=2F4E2904EB0462ED0C753C50EA6963F3
cookie: SRCHUSR=DOB=20241213&T=1734113366000
cookie: _C_ETH=1
cookie: _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-12-13T08:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-12-13T18:09:28.0808190+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=
cookie: _Rwho=u=d&ts=2024-12-13
cookie: _SS=PC=U531&SID=1FCCA6982E7F6C8F0728B3CC2F126D2A&R=3&RB=0&GB=0&RG=200&RP=0
cookie: dsc=order=Video
cookie: SRCHHPGUSR=SRCHLANG=en&DM=0&BRW=M&BRH=S&CW=1280&CH=601&SCW=1263&SCH=2629&DPR=1.0&UTC=0&PV=10.0&EXLTT=1&HV=1734113367&WTS=63869710166
cookie: USRLOC=HS=1&ELOC=LAT=51.98436737060547|LON=-0.22957976162433624|N=Letchworth%2C%20Hertfordshire|ELT=4|&BLOCK=TS=241213180928
cookie: ipv6=hit=1734116968441&t=4
cookie: BCP=AD=1&AL=1&SM=1
cookie: MSPTC=52sMu2dUEz7pZOHCyRIi_GI1VKOVz2PT3yh0l1sSlY0

Response

HTTP/2.0 204

access-control-allow-origin: *
date: Fri, 13 Dec 2024 18:10:19 GMT
alt-svc: h3=":443"; ma=93600
x-cdn-traceid: 0.4c367a5c.1734113419.a710f33
GET

https://r.bing.com/rp/Jq1iNEFYyYxdiTTTVaaoRXA4GNg.br.css

msedge.exe

Remote address:

95.101.143.210:443

Request

GET /rp/Jq1iNEFYyYxdiTTTVaaoRXA4GNg.br.css HTTP/2.0
host: r.bing.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://www.bing.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: application/signed-exchange;v=b3;q=0.9,*/*;q=0.8
purpose: prefetch
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 8277
content-type: text/css
content-encoding: br
content-md5: +N1ojel3xPo4BLRFM4tvDA==
last-modified: Thu, 12 Dec 2024 11:43:02 GMT
etag: 0x8DD1AA222E86144
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: eecc1cf8-901e-003d-6d21-4d5fb6000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cache-control: public, no-transform, max-age=387300
expires: Wed, 18 Dec 2024 05:44:27 GMT
date: Fri, 13 Dec 2024 18:09:27 GMT
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.4c367a5c.1734113367.a704556
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/83zI0hMJWlilJFob8oEJ4_0I6j4.br.js

msedge.exe

Remote address:

95.101.143.210:443

Request

GET /rp/83zI0hMJWlilJFob8oEJ4_0I6j4.br.js HTTP/2.0
host: r.bing.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
origin: https://www.bing.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

last-modified: Thu, 10 Oct 2024 00:28:03 GMT
etag: 0x8DCE8C2678A65ED
content-length: 2425
content-type: text/javascript; charset=utf-8
content-encoding: br
content-md5: QLqZvnBZLjc5NijnEXP26w==
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 2f4507f6-101e-0027-2cde-1a70d9000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
akamai-grn: 0.95777b5c.1728543050.11b0d156
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
cache-control: public, no-transform, max-age=290805
expires: Tue, 17 Dec 2024 02:56:12 GMT
date: Fri, 13 Dec 2024 18:09:27 GMT
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.4c367a5c.1734113367.a704671
timing-allow-origin: *
GET

https://r.bing.com/rp/HndC9IrfiOmnQLZpq0bxaPUIDII.br.js

msedge.exe

Remote address:

95.101.143.210:443

Request

GET /rp/HndC9IrfiOmnQLZpq0bxaPUIDII.br.js HTTP/2.0
host: r.bing.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
origin: https://www.bing.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: text/javascript; charset=utf-8
content-md5: 7P/1lM50lR5NLXB84B2f6A==
last-modified: Thu, 14 Nov 2024 09:56:24 GMT
etag: 0x8DD0492999C1FC5
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 9e02168d-701e-005a-36fe-36ec11000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
content-encoding: gzip
content-length: 8835
cache-control: public, no-transform, max-age=188287
expires: Sun, 15 Dec 2024 22:27:34 GMT
date: Fri, 13 Dec 2024 18:09:27 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.4c367a5c.1734113367.a704689
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/KLrSbzDKMog0mCiPcB9iwoEvlE4.br.js

msedge.exe

Remote address:

95.101.143.210:443

Request

GET /rp/KLrSbzDKMog0mCiPcB9iwoEvlE4.br.js HTTP/2.0
host: r.bing.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
origin: https://www.bing.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

last-modified: Thu, 10 Oct 2024 00:29:02 GMT
etag: 0x8DCE8C28AC2EAB8
content-length: 2634
content-type: text/javascript; charset=utf-8
content-encoding: br
content-md5: YP0IUbsZfddh5LfrNKc0vw==
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 27aa3268-301e-0074-5e0d-236cd6000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
akamai-grn: 0.b8901002.1731409690.944a9f97
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
cache-control: public, no-transform, max-age=304764
expires: Tue, 17 Dec 2024 06:48:51 GMT
date: Fri, 13 Dec 2024 18:09:27 GMT
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.4c367a5c.1734113367.a70468a
timing-allow-origin: *
GET

https://r.bing.com/rp/TaNyfCzxqBX9l7QZbgZUegopTuI.br.js

msedge.exe

Remote address:

95.101.143.210:443

Request

GET /rp/TaNyfCzxqBX9l7QZbgZUegopTuI.br.js HTTP/2.0
host: r.bing.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
origin: https://www.bing.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

last-modified: Tue, 24 Sep 2024 06:26:40 GMT
etag: 0x8DCDC61D9BDA003
content-type: text/javascript; charset=utf-8
content-md5: 4vFQ72ZNf8ORyGv0/A7BUA==
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 9d961b2a-a01e-0058-3d94-16eeeb000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
content-encoding: gzip
content-length: 936
cache-control: public, no-transform, max-age=88907
expires: Sat, 14 Dec 2024 18:51:14 GMT
date: Fri, 13 Dec 2024 18:09:27 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.4c367a5c.1734113367.a70468b
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/cfKt7bw67nxWZkkgOIRReDE3rQI.br.js

msedge.exe

Remote address:

95.101.143.210:443

Request

GET /rp/cfKt7bw67nxWZkkgOIRReDE3rQI.br.js HTTP/2.0
host: r.bing.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
origin: https://www.bing.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

last-modified: Thu, 10 Oct 2024 00:32:42 GMT
etag: 0x8DCE8C30DC01669
content-type: text/javascript; charset=utf-8
content-md5: e7f/zlZuzAgnEk3uqGLnHQ==
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 88ed3102-e01e-0076-31fe-1a6e2c000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
content-encoding: gzip
content-length: 264
vary: Accept-Encoding
cache-control: public, no-transform, max-age=305609
expires: Tue, 17 Dec 2024 07:02:56 GMT
date: Fri, 13 Dec 2024 18:09:27 GMT
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.4c367a5c.1734113367.a70468c
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/8dR1RYrnsnPSX-e26dc1yBQAF44.br.js

msedge.exe

Remote address:

95.101.143.210:443

Request

GET /rp/8dR1RYrnsnPSX-e26dc1yBQAF44.br.js HTTP/2.0
host: r.bing.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
origin: https://www.bing.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: text/javascript; charset=utf-8
content-md5: IZbFUNKxAIylYfr267f+Iw==
last-modified: Wed, 25 Sep 2024 12:41:09 GMT
etag: 0x8DCDD5F54E641FF
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: b30f05fa-e01e-001b-7af1-17c402000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
content-encoding: gzip
content-length: 1231
cache-control: public, no-transform, max-age=107584
expires: Sun, 15 Dec 2024 00:02:31 GMT
date: Fri, 13 Dec 2024 18:09:27 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.4c367a5c.1734113367.a70468d
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/K3hC1_cQXGFr6cxRJVWYpzZJaAM.br.js

msedge.exe

Remote address:

95.101.143.210:443

Request

GET /rp/K3hC1_cQXGFr6cxRJVWYpzZJaAM.br.js HTTP/2.0
host: r.bing.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
origin: https://www.bing.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

last-modified: Thu, 10 Oct 2024 00:32:51 GMT
etag: 0x8DCE8C3132785D7
akamai-grn: 0.ab777b5c.1730156542.2a3c7463
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
content-type: text/javascript; charset=utf-8
content-md5: zen1RFa4GLG9w/XJIRfohw==
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 06d360c6-301e-005d-1709-1b1a94000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
content-encoding: gzip
content-length: 4908
vary: Accept-Encoding
cache-control: public, no-transform, max-age=51584
expires: Sat, 14 Dec 2024 08:29:11 GMT
date: Fri, 13 Dec 2024 18:09:27 GMT
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.4c367a5c.1734113367.a70468f
timing-allow-origin: *
GET

https://r.bing.com/rp/n23ANye7L3wtUcgKxoGHb7_ezc4.br.js

msedge.exe

Remote address:

95.101.143.210:443

Request

GET /rp/n23ANye7L3wtUcgKxoGHb7_ezc4.br.js HTTP/2.0
host: r.bing.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
origin: https://www.bing.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

last-modified: Thu, 10 Oct 2024 00:29:32 GMT
etag: 0x8DCE8C29C4714A6
akamai-grn: 0.bd3f655f.1731573083.9bca1c
content-length: 64359
content-type: text/javascript; charset=utf-8
content-encoding: br
content-md5: yBOhuH8WUdZCzcrV/Ken2A==
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 1f3ed3c1-401e-0059-09df-1aef16000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
cache-control: public, no-transform, max-age=309616
expires: Tue, 17 Dec 2024 08:09:43 GMT
date: Fri, 13 Dec 2024 18:09:27 GMT
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.4c367a5c.1734113367.a704690
timing-allow-origin: *
GET

https://r.bing.com/rp/DmYomXZ0p9--syG1mm6CnQwvRHg.br.js

msedge.exe

Remote address:

95.101.143.210:443

Request

GET /rp/DmYomXZ0p9--syG1mm6CnQwvRHg.br.js HTTP/2.0
host: r.bing.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
origin: https://www.bing.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

last-modified: Tue, 24 Sep 2024 06:11:30 GMT
etag: 0x8DCDC5FBB9234C6
content-length: 395
content-type: text/javascript; charset=utf-8
content-encoding: br
content-md5: bJNwzHWywBuWP28bX2mBGQ==
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 5fa04812-b01e-002a-02f0-159fd5000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cache-control: public, no-transform, max-age=234584
expires: Mon, 16 Dec 2024 11:19:11 GMT
date: Fri, 13 Dec 2024 18:09:27 GMT
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.4c367a5c.1734113367.a70468e
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/u5YAP_hr2d7b0pdrGRbYesZAIHM.br.js

msedge.exe

Remote address:

95.101.143.210:443

Request

GET /rp/u5YAP_hr2d7b0pdrGRbYesZAIHM.br.js HTTP/2.0
host: r.bing.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
origin: https://www.bing.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: text/javascript; charset=utf-8
content-md5: snX6jS0tdoIxKJ0RT0jjXw==
last-modified: Thu, 14 Nov 2024 09:56:56 GMT
etag: 0x8DD0492ACBD139F
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: ae7ad657-801e-0022-6afe-3684a6000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
content-encoding: gzip
content-length: 71748
cache-control: public, no-transform, max-age=175475
expires: Sun, 15 Dec 2024 18:54:02 GMT
date: Fri, 13 Dec 2024 18:09:27 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.4c367a5c.1734113367.a704691
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/lLk8XmbdNzzlnPRzVzDhaF9yjqw.br.js

msedge.exe

Remote address:

95.101.143.210:443

Request

GET /rp/lLk8XmbdNzzlnPRzVzDhaF9yjqw.br.js HTTP/2.0
host: r.bing.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
origin: https://www.bing.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

last-modified: Tue, 24 Sep 2024 06:55:01 GMT
etag: 0x8DCDC65D005C0E0
content-length: 430
content-type: text/javascript; charset=utf-8
content-encoding: br
content-md5: l5PXwpOyUFdqY44wmnrCag==
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 8bb902d4-901e-0072-3e72-159bae000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cache-control: public, no-transform, max-age=135639
expires: Sun, 15 Dec 2024 07:50:06 GMT
date: Fri, 13 Dec 2024 18:09:27 GMT
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.4c367a5c.1734113367.a704694
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/Gyuq2bqitqDJM0BeAkbKXGlQXNw.br.js

msedge.exe

Remote address:

95.101.143.210:443

Request

GET /rp/Gyuq2bqitqDJM0BeAkbKXGlQXNw.br.js HTTP/2.0
host: r.bing.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
origin: https://www.bing.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

last-modified: Tue, 24 Sep 2024 05:52:56 GMT
etag: 0x8DCDC5D2377F40E
content-type: text/javascript; charset=utf-8
content-md5: 0ApKmxnWdlgJ/r3VvxbmFQ==
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 2e3e1981-a01e-0058-3dc9-17eeeb000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
content-encoding: gzip
content-length: 178
cache-control: public, no-transform, max-age=91523
expires: Sat, 14 Dec 2024 19:34:50 GMT
date: Fri, 13 Dec 2024 18:09:27 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.4c367a5c.1734113367.a704697
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/n21aGRCN5EKHB3qObygw029dyNU.br.js

msedge.exe

Remote address:

95.101.143.210:443

Request

GET /rp/n21aGRCN5EKHB3qObygw029dyNU.br.js HTTP/2.0
host: r.bing.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
origin: https://www.bing.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

last-modified: Tue, 24 Sep 2024 06:29:34 GMT
etag: 0x8DCDC6241BA29EA
content-length: 368
content-type: text/javascript; charset=utf-8
content-encoding: br
content-md5: xl2SFLZCQEcsZUNAUSfMmA==
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: c72e3555-d01e-0057-4e3d-16031d000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cache-control: public, no-transform, max-age=10903
expires: Fri, 13 Dec 2024 21:11:10 GMT
date: Fri, 13 Dec 2024 18:09:27 GMT
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.4c367a5c.1734113367.a704698
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/8CgcSSLayxEVUBf0swP_bQGMId8.br.js

msedge.exe

Remote address:

95.101.143.210:443

Request

GET /rp/8CgcSSLayxEVUBf0swP_bQGMId8.br.js HTTP/2.0
host: r.bing.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
origin: https://www.bing.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

last-modified: Tue, 24 Sep 2024 06:47:07 GMT
etag: 0x8DCDC64B5831289
content-length: 492
content-type: text/javascript; charset=utf-8
content-encoding: br
content-md5: rSmdN6tN5TS/1yEQ8Z6pNA==
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 7b418c73-801e-0022-3518-1684a6000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cache-control: public, no-transform, max-age=271027
expires: Mon, 16 Dec 2024 21:26:34 GMT
date: Fri, 13 Dec 2024 18:09:27 GMT
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.4c367a5c.1734113367.a70469b
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/V_fBQ_iVmAgE_Ta_T-6BNXc0ZY4.br.js

msedge.exe

Remote address:

95.101.143.210:443

Request

GET /rp/V_fBQ_iVmAgE_Ta_T-6BNXc0ZY4.br.js HTTP/2.0
host: r.bing.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
origin: https://www.bing.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

last-modified: Thu, 10 Oct 2024 00:34:27 GMT
etag: 0x8DCE8C34C6E86D0
content-type: text/javascript; charset=utf-8
content-md5: 5WRb79OLEOB99g79FkaKhA==
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: f66e2ec1-f01e-0004-15fe-1a1f12000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
content-encoding: gzip
content-length: 1541
vary: Accept-Encoding
cache-control: public, no-transform, max-age=135347
expires: Sun, 15 Dec 2024 07:45:14 GMT
date: Fri, 13 Dec 2024 18:09:27 GMT
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.4c367a5c.1734113367.a70469c
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/9xGNA8UskvA9WHF58zbLOHZ5HvI.br.js

msedge.exe

Remote address:

95.101.143.210:443

Request

GET /rp/9xGNA8UskvA9WHF58zbLOHZ5HvI.br.js HTTP/2.0
host: r.bing.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
origin: https://www.bing.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

last-modified: Tue, 24 Sep 2024 07:02:01 GMT
etag: 0x8DCDC66CA2704F8
content-length: 635
content-type: text/javascript; charset=utf-8
content-encoding: br
content-md5: cbryIH17LuJqgju0sWrerw==
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 4c8af66e-001e-0033-6cab-16b3bd000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cache-control: public, no-transform, max-age=336269
expires: Tue, 17 Dec 2024 15:33:56 GMT
date: Fri, 13 Dec 2024 18:09:27 GMT
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.4c367a5c.1734113367.a70469d
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/_2I169N92jVtSc_VEsV0nma5sRY.br.js

msedge.exe

Remote address:

95.101.143.210:443

Request

GET /rp/_2I169N92jVtSc_VEsV0nma5sRY.br.js HTTP/2.0
host: r.bing.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
origin: https://www.bing.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 399
content-type: application/x-javascript; charset=utf-8
server: Kestrel
access-control-allow-headers: *
access-control-allow-origin: *
content-encoding: br
last-modified: Mon, 23 Sep 2024 23:58:56 GMT
x-eventid: 6759d612be6c4089b04d72a1fce5e7d3
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, ECT, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
useragentreductionoptout: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
x-as-instrumentationoptions: AppServerLoggingMaster=1
x-as-machinename: DUBEEAP0000E040
x-as-suppresssetcookie: 1
content-security-policy-report-only: script-src https: 'strict-dynamic' 'report-sample' 'wasm-unsafe-eval' 'nonce-7DKrdt21C+fmjL9a8dTvQESOua1Y/8qRAZ1cZNmjksg='; base-uri 'self';report-to csp-endpoint
report-to: {"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingrms"}]}
cross-origin-resource-policy: cross-origin
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.75}
cache-control: public, max-age=259420
expires: Mon, 16 Dec 2024 18:13:07 GMT
date: Fri, 13 Dec 2024 18:09:27 GMT
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.4c367a5c.1734113367.a70469e
timing-allow-origin: *
GET

https://r.bing.com/rp/gKwIRAF4fg7noG1zyeUz8x3Jdhc.br.js

msedge.exe

Remote address:

95.101.143.210:443

Request

GET /rp/gKwIRAF4fg7noG1zyeUz8x3Jdhc.br.js HTTP/2.0
host: r.bing.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
origin: https://www.bing.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

last-modified: Mon, 14 Oct 2024 19:41:54 GMT
etag: 0x8DCEC884215D06E
content-type: text/javascript; charset=utf-8
content-md5: yaTET5I1fmUKhVemn0wu5w==
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 692ae905-601e-0067-4a7a-1e5937000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
content-encoding: gzip
content-length: 786
cache-control: public, no-transform, max-age=59947
expires: Sat, 14 Dec 2024 10:48:34 GMT
date: Fri, 13 Dec 2024 18:09:27 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.4c367a5c.1734113367.a70469f
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/zL4sntecq0RmP6dobtS9Rd5WRvU.br.js

msedge.exe

Remote address:

95.101.143.210:443

Request

GET /rp/zL4sntecq0RmP6dobtS9Rd5WRvU.br.js HTTP/2.0
host: r.bing.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
origin: https://www.bing.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

last-modified: Thu, 10 Oct 2024 00:32:37 GMT
etag: 0x8DCE8C30A6A61DD
content-length: 7058
content-type: text/javascript; charset=utf-8
content-encoding: br
content-md5: /nrOcgcgG+7k8yxsmx1J4Q==
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 4805e060-e01e-005f-4dde-1a186e000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
akamai-grn: 0.4c1a1202.1731610716.1946722b
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
cache-control: public, no-transform, max-age=227401
expires: Mon, 16 Dec 2024 09:19:28 GMT
date: Fri, 13 Dec 2024 18:09:27 GMT
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.4c367a5c.1734113367.a7046a0
timing-allow-origin: *
GET

https://r.bing.com/rp/psgXZvzYJMEW2ydikIk493Va1d4.br.js

msedge.exe

Remote address:

95.101.143.210:443

Request

GET /rp/psgXZvzYJMEW2ydikIk493Va1d4.br.js HTTP/2.0
host: r.bing.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
origin: https://www.bing.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

last-modified: Tue, 24 Sep 2024 06:06:53 GMT
etag: 0x8DCDC5F1663B480
content-length: 714
content-type: text/javascript; charset=utf-8
content-encoding: br
content-md5: wQmZQwuzNQKGWvk013IgpA==
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 6610645e-101e-002c-1bc2-1768ad000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cache-control: public, no-transform, max-age=228491
expires: Mon, 16 Dec 2024 09:37:38 GMT
date: Fri, 13 Dec 2024 18:09:27 GMT
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.4c367a5c.1734113367.a704695
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rs/6r/x2/nj/nt6a1ZR520utsLoZmSYgwxdOPgI.js?or=w

msedge.exe

Remote address:

95.101.143.210:443

Request

GET /rs/6r/x2/nj/nt6a1ZR520utsLoZmSYgwxdOPgI.js?or=w HTTP/2.0
host: r.bing.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
origin: https://www.bing.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

last-modified: Tue, 24 Sep 2024 06:36:19 GMT
etag: 0x8DCDC63331FF483
content-length: 312
content-type: text/javascript; charset=utf-8
content-encoding: br
content-md5: Ij6CMW7d9STrT+a4Nf7dFA==
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: cbc4fcef-801e-004f-35b8-162e88000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cache-control: public, no-transform, max-age=96583
expires: Sat, 14 Dec 2024 20:59:10 GMT
date: Fri, 13 Dec 2024 18:09:27 GMT
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.4c367a5c.1734113367.a70469a
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/5L3iD467J3iJWEPwIjxlK0MMDpY.br.js

msedge.exe

Remote address:

95.101.143.210:443

Request

GET /rp/5L3iD467J3iJWEPwIjxlK0MMDpY.br.js HTTP/2.0
host: r.bing.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
origin: https://www.bing.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

last-modified: Tue, 24 Sep 2024 06:57:19 GMT
etag: 0x8DCDC66220B7293
content-type: text/javascript; charset=utf-8
content-md5: hRrTe9xFPcEQGLGPgVvjhw==
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 0f846a5f-901e-0036-2408-1647c2000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
content-encoding: gzip
content-length: 835
cache-control: public, no-transform, max-age=81718
expires: Sat, 14 Dec 2024 16:51:25 GMT
date: Fri, 13 Dec 2024 18:09:27 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.4c367a5c.1734113367.a704696
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/c-kfqLSd-OD-g3VtLKozRdXMO14.br.js

msedge.exe

Remote address:

95.101.143.210:443

Request

GET /rp/c-kfqLSd-OD-g3VtLKozRdXMO14.br.js HTTP/2.0
host: r.bing.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
origin: https://www.bing.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

last-modified: Tue, 24 Sep 2024 06:12:13 GMT
etag: 0x8DCDC5FD53B2D55
content-length: 140
content-type: text/javascript; charset=utf-8
content-encoding: br
content-md5: zk7Mu+IZ+1Afv84KFZt8XQ==
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: e49a919d-b01e-0021-56c5-1787a1000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cache-control: public, no-transform, max-age=260627
expires: Mon, 16 Dec 2024 18:33:14 GMT
date: Fri, 13 Dec 2024 18:09:27 GMT
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.4c367a5c.1734113367.a7046a8
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/K_V1CARn2Q2lTs5njJKUvUkHyi4.br.js

msedge.exe

Remote address:

95.101.143.210:443

Request

GET /rp/K_V1CARn2Q2lTs5njJKUvUkHyi4.br.js HTTP/2.0
host: r.bing.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
origin: https://www.bing.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

last-modified: Thu, 10 Oct 2024 00:32:36 GMT
etag: 0x8DCE8C30A28A766
content-length: 1707
content-type: text/javascript; charset=utf-8
content-encoding: br
content-md5: MkbY3tM5BoIJgMyWXEttiw==
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 37709367-b01e-004c-3e4c-352d8f000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
akamai-grn: 0.37421202.1731631657.2991352
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
cache-control: public, no-transform, max-age=352396
expires: Tue, 17 Dec 2024 20:02:43 GMT
date: Fri, 13 Dec 2024 18:09:27 GMT
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.4c367a5c.1734113367.a7046a9
timing-allow-origin: *
GET

https://r.bing.com/rp/dUzSc2TJEdHviToK914Fg1aekPA.br.js

msedge.exe

Remote address:

95.101.143.210:443

Request

GET /rp/dUzSc2TJEdHviToK914Fg1aekPA.br.js HTTP/2.0
host: r.bing.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
origin: https://www.bing.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

last-modified: Tue, 24 Sep 2024 06:10:36 GMT
etag: 0x8DCDC5F9B563C48
akamai-grn: 0.a6777b5c.1728372052.2703037
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
content-length: 168
content-type: text/javascript; charset=utf-8
content-encoding: br
content-md5: 10AmaEgXjFITcl8HP2hwyQ==
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 4146679f-101e-0027-3a22-1570d9000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cache-control: public, no-transform, max-age=69194
expires: Sat, 14 Dec 2024 13:22:41 GMT
date: Fri, 13 Dec 2024 18:09:27 GMT
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.4c367a5c.1734113367.a7046ab
timing-allow-origin: *
GET

https://r.bing.com/rp/8LIV7VPMYjV_ya4Ggnu8LBWQIQQ.br.js

msedge.exe

Remote address:

95.101.143.210:443

Request

GET /rp/8LIV7VPMYjV_ya4Ggnu8LBWQIQQ.br.js HTTP/2.0
host: r.bing.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
origin: https://www.bing.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

last-modified: Tue, 24 Sep 2024 06:36:36 GMT
etag: 0x8DCDC633D5EAA6A
content-length: 282
content-type: text/javascript; charset=utf-8
content-encoding: br
content-md5: ZsrYRIS4X28M0gd5bb2Heg==
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 81189a7e-d01e-0057-6fda-15031d000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cache-control: public, no-transform, max-age=262392
expires: Mon, 16 Dec 2024 19:02:39 GMT
date: Fri, 13 Dec 2024 18:09:27 GMT
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.4c367a5c.1734113367.a7046ac
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/JTnIefOMiNK7DX11D7RY8i0_PKc.br.js

msedge.exe

Remote address:

95.101.143.210:443

Request

GET /rp/JTnIefOMiNK7DX11D7RY8i0_PKc.br.js HTTP/2.0
host: r.bing.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
origin: https://www.bing.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

last-modified: Tue, 24 Sep 2024 06:17:19 GMT
etag: 0x8DCDC608BA54CA4
content-length: 462
content-type: text/javascript; charset=utf-8
content-encoding: br
content-md5: fr82fvtvcsicFIwsSPlj7g==
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: b11a13af-501e-0046-0ef0-153406000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cache-control: public, no-transform, max-age=93187
expires: Sat, 14 Dec 2024 20:02:34 GMT
date: Fri, 13 Dec 2024 18:09:27 GMT
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.4c367a5c.1734113367.a7046ad
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/_Bf8WbhrPNleVJdfG-L0A8nld9c.br.js

msedge.exe

Remote address:

95.101.143.210:443

Request

GET /rp/_Bf8WbhrPNleVJdfG-L0A8nld9c.br.js HTTP/2.0
host: r.bing.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
origin: https://www.bing.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

last-modified: Tue, 24 Sep 2024 06:56:27 GMT
etag: 0x8DCDC66034C9278
content-length: 507
content-type: text/javascript; charset=utf-8
content-encoding: br
content-md5: Tm502hkAmxWuxzxBM7uX9A==
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: f848f133-f01e-0062-47bc-17ad48000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cache-control: public, no-transform, max-age=353570
expires: Tue, 17 Dec 2024 20:22:17 GMT
date: Fri, 13 Dec 2024 18:09:27 GMT
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.4c367a5c.1734113367.a7046b0
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/NfTD8Ovh04Y_Ni14YxqYB8R_2_Q.br.js

msedge.exe

Remote address:

95.101.143.210:443

Request

GET /rp/NfTD8Ovh04Y_Ni14YxqYB8R_2_Q.br.js HTTP/2.0
host: r.bing.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
origin: https://www.bing.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

last-modified: Tue, 24 Sep 2024 05:51:04 GMT
etag: 0x8DCDC5CE09E00D2
content-length: 375
content-type: text/javascript; charset=utf-8
content-encoding: br
content-md5: kdgVpI0X+oWcnOv0ZCUuIA==
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 40b94707-101e-0027-33eb-1470d9000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cache-control: public, no-transform, max-age=299423
expires: Tue, 17 Dec 2024 05:19:50 GMT
date: Fri, 13 Dec 2024 18:09:27 GMT
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.4c367a5c.1734113367.a7046b1
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rs/6r/ku/jnc,nj/cNbseG2vlUH2ubvgjbDJtgTzQPo.js?or=w

msedge.exe

Remote address:

95.101.143.210:443

Request

GET /rs/6r/ku/jnc,nj/cNbseG2vlUH2ubvgjbDJtgTzQPo.js?or=w HTTP/2.0
host: r.bing.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
origin: https://www.bing.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

last-modified: Tue, 24 Sep 2024 06:50:43 GMT
etag: 0x8DCDC6535F306CD
content-type: text/javascript; charset=utf-8
content-md5: 3vstlq/a5ZcE98e8La1vPw==
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: c0f0b997-101e-0063-200a-18acb5000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
content-encoding: gzip
content-length: 511
cache-control: public, no-transform, max-age=14775
expires: Fri, 13 Dec 2024 22:15:42 GMT
date: Fri, 13 Dec 2024 18:09:27 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.4c367a5c.1734113367.a7046b2
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/fRSNKQanUHk53F1a1Bi8UA71Qt4.br.js

msedge.exe

Remote address:

95.101.143.210:443

Request

GET /rp/fRSNKQanUHk53F1a1Bi8UA71Qt4.br.js HTTP/2.0
host: r.bing.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
origin: https://www.bing.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: text/javascript; charset=utf-8
content-md5: 6W4GJTTFhKoLN+eXDWPo3Q==
last-modified: Tue, 24 Sep 2024 06:28:19 GMT
etag: 0x8DCDC62149C3678
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: da860909-201e-000d-2e71-15059c000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
content-encoding: gzip
content-length: 419
cache-control: public, no-transform, max-age=61815
expires: Sat, 14 Dec 2024 11:19:42 GMT
date: Fri, 13 Dec 2024 18:09:27 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.4c367a5c.1734113367.a7046b3
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/mOy7YpeLJ3c40BBAFNUI6SmOUTY.br.js

msedge.exe

Remote address:

95.101.143.210:443

Request

GET /rp/mOy7YpeLJ3c40BBAFNUI6SmOUTY.br.js HTTP/2.0
host: r.bing.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
origin: https://www.bing.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

last-modified: Tue, 24 Sep 2024 07:15:09 GMT
etag: 0x8DCDC689FBBE351
content-length: 213
content-type: text/javascript; charset=utf-8
content-encoding: br
content-md5: WEjo6St2+BsB3AUDglK12Q==
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: e287049f-a01e-0053-1a97-15f69f000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cache-control: public, no-transform, max-age=82429
expires: Sat, 14 Dec 2024 17:03:16 GMT
date: Fri, 13 Dec 2024 18:09:27 GMT
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.4c367a5c.1734113367.a7046b4
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/6mZmj1db42G_jniFgdT7MCvBgyA.br.js

msedge.exe

Remote address:

95.101.143.210:443

Request

GET /rp/6mZmj1db42G_jniFgdT7MCvBgyA.br.js HTTP/2.0
host: r.bing.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
origin: https://www.bing.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

last-modified: Tue, 24 Sep 2024 07:16:51 GMT
etag: 0x8DCDC68DCA5DDA0
content-type: text/javascript; charset=utf-8
content-md5: wMjND6gwy3LKsXBo8Ww74w==
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: ce25302a-c01e-002e-0401-156a57000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
content-encoding: gzip
content-length: 481
vary: Accept-Encoding
cache-control: public, no-transform, max-age=143324
expires: Sun, 15 Dec 2024 09:58:11 GMT
date: Fri, 13 Dec 2024 18:09:27 GMT
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.4c367a5c.1734113367.a7046b5
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/iY8PAEydb3lbGfuJiuA9ICzXgY8.br.js

msedge.exe

Remote address:

95.101.143.210:443

Request

GET /rp/iY8PAEydb3lbGfuJiuA9ICzXgY8.br.js HTTP/2.0
host: r.bing.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
origin: https://www.bing.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

last-modified: Thu, 10 Oct 2024 00:28:16 GMT
etag: 0x8DCE8C26ED294B5
akamai-grn: 0.94777b5c.1730314488.768384e
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
content-type: text/javascript; charset=utf-8
content-md5: ImVBVQpRkRw3Uhb3GEk/ZQ==
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: b6201531-e01e-0054-4c08-1b001a000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
content-encoding: gzip
content-length: 66669
vary: Accept-Encoding
cache-control: public, no-transform, max-age=234383
expires: Mon, 16 Dec 2024 11:15:50 GMT
date: Fri, 13 Dec 2024 18:09:27 GMT
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.4c367a5c.1734113367.a7046b7
timing-allow-origin: *
GET

https://r.bing.com/rp/UftfQbYuKvGGEUHPU3QGHYd90Z8.br.js

msedge.exe

Remote address:

95.101.143.210:443

Request

GET /rp/UftfQbYuKvGGEUHPU3QGHYd90Z8.br.js HTTP/2.0
host: r.bing.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
origin: https://www.bing.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

last-modified: Tue, 24 Sep 2024 05:55:43 GMT
etag: 0x8DCDC5D86C3D99C
content-length: 308
content-type: text/javascript; charset=utf-8
content-encoding: br
content-md5: rimZQyGjXssDEnuSlgMaJA==
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 52c65f3b-c01e-0007-0c4e-181c15000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cache-control: public, no-transform, max-age=51542
expires: Sat, 14 Dec 2024 08:28:29 GMT
date: Fri, 13 Dec 2024 18:09:27 GMT
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.4c367a5c.1734113367.a704699
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/yZjAz6-B4hIBhJ6D3nAyY_Ebn44.br.js

msedge.exe

Remote address:

95.101.143.210:443

Request

GET /rp/yZjAz6-B4hIBhJ6D3nAyY_Ebn44.br.js HTTP/2.0
host: r.bing.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
origin: https://www.bing.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

last-modified: Tue, 24 Sep 2024 05:53:26 GMT
etag: 0x8DCDC5D351B0B64
content-length: 626
content-type: text/javascript; charset=utf-8
content-encoding: br
content-md5: 6Xn7G4GYLjqWVjZYfi42LQ==
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 942ab205-401e-0070-59f5-179954000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cache-control: public, no-transform, max-age=0
expires: Fri, 13 Dec 2024 18:09:27 GMT
date: Fri, 13 Dec 2024 18:09:27 GMT
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.4c367a5c.1734113367.a7046aa
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/zlfm-hC70pZAs62UVTTl3KShKOE.br.js

msedge.exe

Remote address:

95.101.143.210:443

Request

GET /rp/zlfm-hC70pZAs62UVTTl3KShKOE.br.js HTTP/2.0
host: r.bing.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
origin: https://www.bing.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 241
content-type: application/x-javascript; charset=utf-8
server: Kestrel
access-control-allow-headers: *
access-control-allow-origin: *
content-encoding: br
last-modified: Mon, 23 Sep 2024 23:41:33 GMT
x-eventid: 66faba418ff64f95a20a7bcac2f77389
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, ECT, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
useragentreductionoptout: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
x-as-instrumentationoptions: AppServerLoggingMaster=1
x-as-machinename: DUBEEAP0000E06C
x-as-suppresssetcookie: 1
content-security-policy: script-src https: 'strict-dynamic' 'report-sample' 'wasm-unsafe-eval' 'nonce-+d/lq33XRzjmEnOtvgMieSzqAskX/8JsMFx2gVqKsws='; base-uri 'self';report-to csp-endpoint
report-to: {"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingrms"}]}
cross-origin-resource-policy: cross-origin
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.75}
cache-control: public, max-age=373709
expires: Wed, 18 Dec 2024 01:57:56 GMT
date: Fri, 13 Dec 2024 18:09:27 GMT
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.4c367a5c.1734113367.a7046ae
timing-allow-origin: *
GET

https://r.bing.com/rp/DWZSY9SRnkHaYWjJ109REMim90A.br.js

msedge.exe

Remote address:

95.101.143.210:443

Request

GET /rp/DWZSY9SRnkHaYWjJ109REMim90A.br.js HTTP/2.0
host: r.bing.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
origin: https://www.bing.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

last-modified: Tue, 24 Sep 2024 06:46:13 GMT
etag: 0x8DCDC6494C9BF9A
content-length: 174
content-type: text/javascript; charset=utf-8
content-encoding: br
content-md5: +jWBJey2nJqR+pG7G7E28A==
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 7fcf8c82-301e-003b-4d01-17a8ce000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cache-control: public, no-transform, max-age=233280
expires: Mon, 16 Dec 2024 10:57:27 GMT
date: Fri, 13 Dec 2024 18:09:27 GMT
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.4c367a5c.1734113367.a7046af
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/9uYIRoQB-ThMq970XKGeKvrMhL0.br.js

msedge.exe

Remote address:

95.101.143.210:443

Request

GET /rp/9uYIRoQB-ThMq970XKGeKvrMhL0.br.js HTTP/2.0
host: r.bing.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
origin: https://www.bing.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

last-modified: Thu, 10 Oct 2024 00:28:47 GMT
etag: 0x8DCE8C2817D87DF
content-type: text/javascript; charset=utf-8
content-md5: 63v18faN7ozJ98XstK/S+w==
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: abb7f9ac-b01e-0065-30fe-1a5bcd000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
content-encoding: gzip
content-length: 11731
vary: Accept-Encoding
akamai-grn: 0.a4777b5c.1731626473.ade7b8b
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
cache-control: public, no-transform, max-age=136963
expires: Sun, 15 Dec 2024 08:12:10 GMT
date: Fri, 13 Dec 2024 18:09:27 GMT
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.4c367a5c.1734113367.a7046b6
timing-allow-origin: *
GET

https://r.bing.com/rp/bdiAPlmUnJhdap3y8myDMEGlF4w.br.js

msedge.exe

Remote address:

95.101.143.210:443

Request

GET /rp/bdiAPlmUnJhdap3y8myDMEGlF4w.br.js HTTP/2.0
host: r.bing.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
origin: https://www.bing.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

last-modified: Thu, 10 Oct 2024 00:31:13 GMT
etag: 0x8DCE8C2D89FAB3C
content-type: text/javascript; charset=utf-8
content-md5: G9Suce+Oaa1LX/2Nx9LctQ==
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 221f2fc7-501e-006f-3c09-1b4244000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
content-encoding: gzip
content-length: 19997
vary: Accept-Encoding
akamai-grn: 0.a5777b5c.1730384105.107752ae
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
cache-control: public, no-transform, max-age=230980
expires: Mon, 16 Dec 2024 10:19:07 GMT
date: Fri, 13 Dec 2024 18:09:27 GMT
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.4c367a5c.1734113367.a7046b8
timing-allow-origin: *
GET

https://r.bing.com/rp/WwTHOlBv_iLBpZXNWkp-HzVHgrM.br.js

msedge.exe

Remote address:

95.101.143.210:443

Request

GET /rp/WwTHOlBv_iLBpZXNWkp-HzVHgrM.br.js HTTP/2.0
host: r.bing.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
origin: https://www.bing.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

last-modified: Thu, 10 Oct 2024 00:31:17 GMT
etag: 0x8DCE8C2DB362309
content-length: 3498
content-type: text/javascript; charset=utf-8
content-encoding: br
content-md5: qFAs4wCMzQBOlKg9KBk6eA==
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 1c8cd8dc-201e-0060-74de-1aafb2000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cache-control: public, no-transform, max-age=50239
expires: Sat, 14 Dec 2024 08:06:46 GMT
date: Fri, 13 Dec 2024 18:09:27 GMT
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.4c367a5c.1734113367.a7046cf
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/CcMXS8Oo0OUnUE0LzYK9AFJ6la8.br.js

msedge.exe

Remote address:

95.101.143.210:443

Request

GET /rp/CcMXS8Oo0OUnUE0LzYK9AFJ6la8.br.js HTTP/2.0
host: r.bing.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
origin: https://www.bing.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

last-modified: Tue, 24 Sep 2024 06:00:06 GMT
etag: 0x8DCDC5E23EBB645
content-type: text/javascript; charset=utf-8
content-md5: rqa21C4TqvhBKaqsPZN5dA==
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 3e65cb90-701e-005a-0f05-18ec11000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
content-encoding: gzip
content-length: 808
vary: Accept-Encoding
cache-control: public, no-transform, max-age=157903
expires: Sun, 15 Dec 2024 14:01:10 GMT
date: Fri, 13 Dec 2024 18:09:27 GMT
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.4c367a5c.1734113367.a7046d0
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/1Jz2vFBGshGz47SHAQMwptTnpB0.br.js

msedge.exe

Remote address:

95.101.143.210:443

Request

GET /rp/1Jz2vFBGshGz47SHAQMwptTnpB0.br.js HTTP/2.0
host: r.bing.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
origin: https://www.bing.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

last-modified: Mon, 14 Oct 2024 19:30:41 GMT
etag: 0x8DCEC86B0CE8A0B
content-type: text/javascript; charset=utf-8
content-md5: 15JqyZBsCgkATXocOIdHMw==
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 19c13b40-c01e-006a-573c-24b63b000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
content-encoding: gzip
content-length: 365
cache-control: public, no-transform, max-age=88206
expires: Sat, 14 Dec 2024 18:39:33 GMT
date: Fri, 13 Dec 2024 18:09:27 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.4c367a5c.1734113367.a7046d1
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/Cah4LahmcqZwMC9LQrNkz-q8yNA.br.js

msedge.exe

Remote address:

95.101.143.210:443

Request

GET /rp/Cah4LahmcqZwMC9LQrNkz-q8yNA.br.js HTTP/2.0
host: r.bing.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
origin: https://www.bing.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

last-modified: Tue, 24 Sep 2024 06:00:08 GMT
etag: 0x8DCDC5E250561B1
content-length: 476
content-type: text/javascript; charset=utf-8
content-encoding: br
content-md5: dIetyGvEY3rWVcsphG5z6g==
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: f5164213-c01e-0048-32a8-14d80d000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cache-control: public, no-transform, max-age=64645
expires: Sat, 14 Dec 2024 12:06:52 GMT
date: Fri, 13 Dec 2024 18:09:27 GMT
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.4c367a5c.1734113367.a7046d2
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/7q76z2PhZYQSlMklnpUZ4ZrWoeg.br.js

msedge.exe

Remote address:

95.101.143.210:443

Request

GET /rp/7q76z2PhZYQSlMklnpUZ4ZrWoeg.br.js HTTP/2.0
host: r.bing.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
origin: https://www.bing.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

last-modified: Tue, 24 Sep 2024 05:52:30 GMT
etag: 0x8DCDC5D13CD0771
content-length: 310
content-type: text/javascript; charset=utf-8
content-encoding: br
content-md5: L5ADL4PV6f4x84onM+3pfQ==
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 9de40b7a-901e-0079-35f3-1583da000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cache-control: public, no-transform, max-age=197560
expires: Mon, 16 Dec 2024 01:02:07 GMT
date: Fri, 13 Dec 2024 18:09:27 GMT
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.4c367a5c.1734113367.a7046d3
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/MnlneN-7se6Sb8r2rU60mRHbccg.br.js

msedge.exe

Remote address:

95.101.143.210:443

Request

GET /rp/MnlneN-7se6Sb8r2rU60mRHbccg.br.js HTTP/2.0
host: r.bing.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
origin: https://www.bing.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

last-modified: Tue, 24 Sep 2024 06:16:07 GMT
etag: 0x8DCDC6060BC5610
content-length: 247
content-type: text/javascript; charset=utf-8
content-encoding: br
content-md5: pDodX6p5WFhmpgGbyxGATg==
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: bd9fef0a-201e-0042-15cd-14c184000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cache-control: public, no-transform, max-age=52663
expires: Sat, 14 Dec 2024 08:47:10 GMT
date: Fri, 13 Dec 2024 18:09:27 GMT
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.4c367a5c.1734113367.a7046d4
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/HqDsKR6xyRoUSYXXRfEdLVt772I.br.js

msedge.exe

Remote address:

95.101.143.210:443

Request

GET /rp/HqDsKR6xyRoUSYXXRfEdLVt772I.br.js HTTP/2.0
host: r.bing.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
origin: https://www.bing.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

last-modified: Tue, 24 Sep 2024 06:08:01 GMT
etag: 0x8DCDC5F3F15CCC5
content-type: text/javascript; charset=utf-8
content-md5: PX2MCYqpUzo58j8uZ/WgUQ==
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: ba33cabd-901e-001f-2b7a-173180000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
content-encoding: gzip
content-length: 319
cache-control: public, no-transform, max-age=93255
expires: Sat, 14 Dec 2024 20:03:42 GMT
date: Fri, 13 Dec 2024 18:09:27 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.4c367a5c.1734113367.a7046d5
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/fe3DkJBEZ_ozHEluN7fcMZ-9YBE.br.js

msedge.exe

Remote address:

95.101.143.210:443

Request

GET /rp/fe3DkJBEZ_ozHEluN7fcMZ-9YBE.br.js HTTP/2.0
host: r.bing.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
origin: https://www.bing.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 695
content-type: text/javascript; charset=utf-8
content-encoding: br
content-md5: kkVEoaEFheCDLTcP13ErXA==
last-modified: Thu, 05 Dec 2024 06:32:07 GMT
etag: 0x8DD14F68AC91E4F
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: e24eaf2d-d01e-0018-10cc-4ac705000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
akamai-grn: 0.a6901002.1733821358.cb7aaaf
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
akamai-grn: 0.8f777b5c.1733821398.17b0063
cache-control: public, no-transform, max-age=130344
expires: Sun, 15 Dec 2024 06:21:51 GMT
date: Fri, 13 Dec 2024 18:09:27 GMT
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.4c367a5c.1734113367.a7046d6
timing-allow-origin: *
GET

https://r.bing.com/rp/u2MYL4Uj-EK9FdZPToQOipi2q40.br.js

msedge.exe

Remote address:

95.101.143.210:443

Request

GET /rp/u2MYL4Uj-EK9FdZPToQOipi2q40.br.js HTTP/2.0
host: r.bing.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
origin: https://www.bing.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

last-modified: Tue, 24 Sep 2024 07:08:12 GMT
etag: 0x8DCDC67A73161B2
content-type: text/javascript; charset=utf-8
content-md5: rEFXJrf0kyk8MofTblrrHg==
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 15e28938-101e-0063-550e-16acb5000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
content-encoding: gzip
content-length: 517
cache-control: public, no-transform, max-age=365395
expires: Tue, 17 Dec 2024 23:39:22 GMT
date: Fri, 13 Dec 2024 18:09:27 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.4c367a5c.1734113367.a7046d7
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/IzifzVeZAFUPAOVXA0p1w_tvqEA.br.js

msedge.exe

Remote address:

95.101.143.210:443

Request

GET /rp/IzifzVeZAFUPAOVXA0p1w_tvqEA.br.js HTTP/2.0
host: r.bing.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
origin: https://www.bing.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

last-modified: Fri, 06 Dec 2024 21:14:03 GMT
etag: 0x8DD163AE97BF649
content-length: 318
content-type: text/javascript; charset=utf-8
content-encoding: br
content-md5: CPKqpyd3O29Qao9K5FGPzQ==
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: bbcea579-c01e-0043-446a-48c079000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
akamai-grn: 0.9e777b5c.1733568767.12d6c659
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
cache-control: public, no-transform, max-age=48442
expires: Sat, 14 Dec 2024 07:36:49 GMT
date: Fri, 13 Dec 2024 18:09:27 GMT
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.4c367a5c.1734113367.a7046d8
timing-allow-origin: *
GET

https://r.bing.com/rp/qFV8REKe2pPY9NqiNskjmDxjgdc.br.js

msedge.exe

Remote address:

95.101.143.210:443

Request

GET /rp/qFV8REKe2pPY9NqiNskjmDxjgdc.br.js HTTP/2.0
host: r.bing.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
origin: https://www.bing.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

last-modified: Tue, 24 Sep 2024 07:02:23 GMT
etag: 0x8DCDC66D6FEC879
content-length: 1092
content-type: text/javascript; charset=utf-8
content-encoding: br
content-md5: v56DnyZo0+Ho77B8f6GoyA==
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: d944e846-001e-0011-1209-19dd8b000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cache-control: public, no-transform, max-age=228430
expires: Mon, 16 Dec 2024 09:36:37 GMT
date: Fri, 13 Dec 2024 18:09:27 GMT
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.4c367a5c.1734113367.a7046d9
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/rbBaKhtkLVke-4PIWp9e6AV5_kg.br.js

msedge.exe

Remote address:

95.101.143.210:443

Request

GET /rp/rbBaKhtkLVke-4PIWp9e6AV5_kg.br.js HTTP/2.0
host: r.bing.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
origin: https://www.bing.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

last-modified: Tue, 24 Sep 2024 07:04:52 GMT
etag: 0x8DCDC672FE75D26
content-length: 418
content-type: text/javascript; charset=utf-8
content-encoding: br
content-md5: JYNnUW1D/Qe7hGsFi8+mBQ==
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 89f20538-501e-006f-5b00-154244000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cache-control: public, no-transform, max-age=325448
expires: Tue, 17 Dec 2024 12:33:35 GMT
date: Fri, 13 Dec 2024 18:09:27 GMT
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.4c367a5c.1734113367.a7046da
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/wJ4ypLxMemRfvxvJkUCpuYEBwew.br.js

msedge.exe

Remote address:

95.101.143.210:443

Request

GET /rp/wJ4ypLxMemRfvxvJkUCpuYEBwew.br.js HTTP/2.0
host: r.bing.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
origin: https://www.bing.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

last-modified: Thu, 10 Oct 2024 00:33:23 GMT
etag: 0x8DCE8C3263B07E9
content-type: text/javascript; charset=utf-8
content-md5: 80z3xDtWBrHD/WXVZ9HXMQ==
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 1cee5333-201e-0060-39fe-1aafb2000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
content-encoding: gzip
content-length: 887
cache-control: public, no-transform, max-age=20380
expires: Fri, 13 Dec 2024 23:49:07 GMT
date: Fri, 13 Dec 2024 18:09:27 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.4c367a5c.1734113367.a7046db
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/RvRBoZ5KQDNHwbHfo-_ZBZIoYQo.br.js

msedge.exe

Remote address:

95.101.143.210:443

Request

GET /rp/RvRBoZ5KQDNHwbHfo-_ZBZIoYQo.br.js HTTP/2.0
host: r.bing.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
origin: https://www.bing.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

last-modified: Tue, 24 Sep 2024 06:24:00 GMT
etag: 0x8DCDC617A7BA9F4
content-type: text/javascript; charset=utf-8
content-md5: 3LAdJkykvHw5zfSSu6AY7w==
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: a5fdd3df-c01e-0061-27d9-17ae4f000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
content-encoding: gzip
content-length: 797
vary: Accept-Encoding
cache-control: public, no-transform, max-age=51502
expires: Sat, 14 Dec 2024 08:27:49 GMT
date: Fri, 13 Dec 2024 18:09:27 GMT
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.4c367a5c.1734113367.a7046dc
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/bzAVZoOHiaJeSbLoUcTPF4HPvJQ.br.js

msedge.exe

Remote address:

95.101.143.210:443

Request

GET /rp/bzAVZoOHiaJeSbLoUcTPF4HPvJQ.br.js HTTP/2.0
host: r.bing.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
origin: https://www.bing.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

last-modified: Thu, 10 Oct 2024 00:32:28 GMT
etag: 0x8DCE8C305642E82
content-type: text/javascript; charset=utf-8
content-md5: o0P31pAM8ZjqucLAMWUkZQ==
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 19abbe20-e01e-0010-2301-37dc76000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
content-encoding: gzip
content-length: 1433
cache-control: public, no-transform, max-age=394822
expires: Wed, 18 Dec 2024 07:49:49 GMT
date: Fri, 13 Dec 2024 18:09:27 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.4c367a5c.1734113367.a7046dd
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/3s0czFTJyV5b3KCC7geWICWvvPs.br.js

msedge.exe

Remote address:

95.101.143.210:443

Request

GET /rp/3s0czFTJyV5b3KCC7geWICWvvPs.br.js HTTP/2.0
host: r.bing.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
origin: https://www.bing.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

last-modified: Mon, 14 Oct 2024 19:37:29 GMT
etag: 0x8DCEC87A3ED1870
content-length: 1320
content-type: text/javascript; charset=utf-8
content-encoding: br
content-md5: F/FfhRxYlnuZTsg2+6i7VA==
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 4286f8ac-f01e-000f-2cda-210766000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cache-control: public, no-transform, max-age=186830
expires: Sun, 15 Dec 2024 22:03:17 GMT
date: Fri, 13 Dec 2024 18:09:27 GMT
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.4c367a5c.1734113367.a7046de
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/wNhUjm3kl_kvyfrio44J6j1zdYo.br.js

msedge.exe

Remote address:

95.101.143.210:443

Request

GET /rp/wNhUjm3kl_kvyfrio44J6j1zdYo.br.js HTTP/2.0
host: r.bing.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
origin: https://www.bing.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

last-modified: Tue, 24 Sep 2024 07:11:33 GMT
etag: 0x8DCDC681EDAC2C8
content-length: 245
content-type: text/javascript; charset=utf-8
content-encoding: br
content-md5: ItmcJflzfwBqUrBIYlGXpQ==
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 261a5bac-401e-0034-7fb8-1b4538000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cache-control: public, no-transform, max-age=164798
expires: Sun, 15 Dec 2024 15:56:05 GMT
date: Fri, 13 Dec 2024 18:09:27 GMT
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.4c367a5c.1734113367.a7046df
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/gfI083AUtzdZuPReAN6CvS-Ca98.br.js

msedge.exe

Remote address:

95.101.143.210:443

Request

GET /rp/gfI083AUtzdZuPReAN6CvS-Ca98.br.js HTTP/2.0
host: r.bing.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
origin: https://www.bing.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

last-modified: Thu, 10 Oct 2024 00:33:01 GMT
etag: 0x8DCE8C3193D5444
content-length: 9007
content-type: text/javascript; charset=utf-8
content-encoding: br
content-md5: K6mYdssyGKO2Fe2fyESYTg==
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: c2a1a5f9-c01e-0007-4fde-1a1c15000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cache-control: public, no-transform, max-age=110582
expires: Sun, 15 Dec 2024 00:52:29 GMT
date: Fri, 13 Dec 2024 18:09:27 GMT
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.4c367a5c.1734113367.a7046e0
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/R5OIlHZUEYWuNhJa46yx5Wir2pM.br.js

msedge.exe

Remote address:

95.101.143.210:443

Request

GET /rp/R5OIlHZUEYWuNhJa46yx5Wir2pM.br.js HTTP/2.0
host: r.bing.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
origin: https://www.bing.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

last-modified: Tue, 24 Sep 2024 06:22:38 GMT
etag: 0x8DCDC6149E5871E
content-length: 585
content-type: text/javascript; charset=utf-8
content-encoding: br
content-md5: sbJ/BFEx86eoWqpF1v/OBg==
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 150042bc-501e-0002-6231-16e86a000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cache-control: public, no-transform, max-age=128677
expires: Sun, 15 Dec 2024 05:54:04 GMT
date: Fri, 13 Dec 2024 18:09:27 GMT
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.4c367a5c.1734113367.a7046e1
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/4bMWZh7L34S1IHeBoXTI4nOmGig.br.js

msedge.exe

Remote address:

95.101.143.210:443

Request

GET /rp/4bMWZh7L34S1IHeBoXTI4nOmGig.br.js HTTP/2.0
host: r.bing.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
origin: https://www.bing.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

last-modified: Mon, 14 Oct 2024 19:39:03 GMT
etag: 0x8DCEC87DBCEE9FF
content-type: text/javascript; charset=utf-8
content-md5: c7hPyF7x5MvGPfRgXkJiTg==
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 6d53080a-701e-003c-4894-1f5e4b000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
content-encoding: gzip
content-length: 521
cache-control: public, no-transform, max-age=301884
expires: Tue, 17 Dec 2024 06:00:51 GMT
date: Fri, 13 Dec 2024 18:09:27 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.4c367a5c.1734113367.a7046e2
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/RMRjctrz--TNvbEliu0umBztyAQ.br.js

msedge.exe

Remote address:

95.101.143.210:443

Request

GET /rp/RMRjctrz--TNvbEliu0umBztyAQ.br.js HTTP/2.0
host: r.bing.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
origin: https://www.bing.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

last-modified: Thu, 10 Oct 2024 00:30:57 GMT
etag: 0x8DCE8C2CF400D7F
content-type: text/javascript; charset=utf-8
content-md5: DTDL0ta8Z4w5qdHa9ZUG/Q==
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: b7db009a-d01e-005c-08fe-1a1b69000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
content-encoding: gzip
content-length: 2636
vary: Accept-Encoding
cache-control: public, no-transform, max-age=275412
expires: Mon, 16 Dec 2024 22:39:39 GMT
date: Fri, 13 Dec 2024 18:09:27 GMT
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.4c367a5c.1734113367.a7046e5
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/bKGfvbVy5iHDG2XSTMlh56y9b8Y.br.js

msedge.exe

Remote address:

95.101.143.210:443

Request

GET /rp/bKGfvbVy5iHDG2XSTMlh56y9b8Y.br.js HTTP/2.0
host: r.bing.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
origin: https://www.bing.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

last-modified: Thu, 03 Oct 2024 23:52:40 GMT
etag: 0x8DCE406777B361D
content-length: 989
content-type: text/javascript; charset=utf-8
content-encoding: br
content-md5: no3q5IDtWMP5jPFHYqq5Bw==
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 91a9089f-301e-0019-741e-16c6f8000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cache-control: public, no-transform, max-age=168662
expires: Sun, 15 Dec 2024 17:00:29 GMT
date: Fri, 13 Dec 2024 18:09:27 GMT
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.4c367a5c.1734113367.a7046e6
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/_zFr7fEL2h0Je-qWeWWUGTkxvv4.br.js

msedge.exe

Remote address:

95.101.143.210:443

Request

GET /rp/_zFr7fEL2h0Je-qWeWWUGTkxvv4.br.js HTTP/2.0
host: r.bing.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
origin: https://www.bing.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

last-modified: Thu, 10 Oct 2024 00:31:04 GMT
etag: 0x8DCE8C2D378FC64
content-length: 6956
content-type: text/javascript; charset=utf-8
content-encoding: br
content-md5: ZqBHOdBq0B8dmk7gyG9TsA==
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: f6c0f5ba-901e-003d-5766-285fb6000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cache-control: public, no-transform, max-age=145261
expires: Sun, 15 Dec 2024 10:30:28 GMT
date: Fri, 13 Dec 2024 18:09:27 GMT
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.4c367a5c.1734113367.a7046e7
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/8aj_I6fSAQ2HauP0CPPAfDwa2j8.br.js

msedge.exe

Remote address:

95.101.143.210:443

Request

GET /rp/8aj_I6fSAQ2HauP0CPPAfDwa2j8.br.js HTTP/2.0
host: r.bing.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
origin: https://www.bing.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

last-modified: Tue, 24 Sep 2024 05:53:13 GMT
etag: 0x8DCDC5D2D7EB1BF
content-length: 320
content-type: text/javascript; charset=utf-8
content-encoding: br
content-md5: DXeqkh2i/zZTwJ5wkgDOdw==
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 786f8353-001e-0055-1035-1601e7000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
akamai-grn: 0.85777b5c.1728204244.1e384909
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
cache-control: public, no-transform, max-age=279766
expires: Mon, 16 Dec 2024 23:52:13 GMT
date: Fri, 13 Dec 2024 18:09:27 GMT
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.4c367a5c.1734113367.a7046e8
timing-allow-origin: *
GET

https://r.bing.com/rp/LTCT2zdUcB3ayDDUpC7BI5zxXuE.br.js

msedge.exe

Remote address:

95.101.143.210:443

Request

GET /rp/LTCT2zdUcB3ayDDUpC7BI5zxXuE.br.js HTTP/2.0
host: r.bing.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
origin: https://www.bing.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

last-modified: Tue, 24 Sep 2024 06:14:00 GMT
etag: 0x8DCDC6014B09FF0
akamai-grn: 0.a1901002.1733957137.5603caa
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
content-length: 542
content-type: text/javascript; charset=utf-8
content-encoding: br
content-md5: Jc7Bnfc4/wV22XT5OjPjLg==
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 96271d35-101e-002c-405a-1768ad000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cache-control: public, no-transform, max-age=55493
expires: Sat, 14 Dec 2024 09:34:20 GMT
date: Fri, 13 Dec 2024 18:09:27 GMT
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.4c367a5c.1734113367.a7046e9
timing-allow-origin: *
GET

https://r.bing.com/rs/6r/sQ/jnc,nj/2RFgnacsz6nPw9vvxd8AGFyaQr8.js?or=w

msedge.exe

Remote address:

95.101.143.210:443

Request

GET /rs/6r/sQ/jnc,nj/2RFgnacsz6nPw9vvxd8AGFyaQr8.js?or=w HTTP/2.0
host: r.bing.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
origin: https://www.bing.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 182
content-type: application/x-javascript; charset=utf-8
server: Kestrel
access-control-allow-headers: *
access-control-allow-origin: *
content-encoding: br
last-modified: Mon, 14 Oct 2024 12:33:31 GMT
x-eventid: 6759d628d0ca485a8bd5267f050c6479
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, ECT, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
useragentreductionoptout: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
x-as-instrumentationoptions: AppServerLoggingMaster=1
x-as-machinename: DUBEEAP00010626
x-as-suppresssetcookie: 1
content-security-policy: script-src https: 'strict-dynamic' 'report-sample' 'wasm-unsafe-eval' 'nonce-lFXGrP+LWYj+fhjdYtdnmdLLuE3ti3WWNMWFKT8GnqY='; base-uri 'self';report-to csp-endpoint
report-to: {"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingrms"}]}
cross-origin-resource-policy: cross-origin
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.75}
cache-control: public, max-age=259577
expires: Mon, 16 Dec 2024 18:15:44 GMT
date: Fri, 13 Dec 2024 18:09:27 GMT
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.4c367a5c.1734113367.a7046eb
timing-allow-origin: *
GET

https://r.bing.com/rp/HdiojNH85n4iu87NAQvDH5bKMnM.br.js

msedge.exe

Remote address:

95.101.143.210:443

Request

GET /rp/HdiojNH85n4iu87NAQvDH5bKMnM.br.js HTTP/2.0
host: r.bing.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
origin: https://www.bing.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

last-modified: Tue, 24 Sep 2024 06:07:47 GMT
etag: 0x8DCDC5F365A1AB8
content-type: text/javascript; charset=utf-8
content-md5: xGpjcATT83Cyo4MSw4SamQ==
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 448b9b60-901e-0014-7637-1629f4000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
content-encoding: gzip
content-length: 205
cache-control: public, no-transform, max-age=181629
expires: Sun, 15 Dec 2024 20:36:36 GMT
date: Fri, 13 Dec 2024 18:09:27 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.4c367a5c.1734113367.a7046ec
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/s_KB_GYETp6JptI_mOoLcYDN4OY.br.js

msedge.exe

Remote address:

95.101.143.210:443

Request

GET /rp/s_KB_GYETp6JptI_mOoLcYDN4OY.br.js HTTP/2.0
host: r.bing.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
origin: https://www.bing.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

last-modified: Tue, 24 Sep 2024 07:06:02 GMT
etag: 0x8DCDC675996C0F4
content-type: text/javascript; charset=utf-8
content-md5: 3Tj2RpIK8rOoXP8XXxZasg==
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: e86ad052-701e-0051-48da-16f465000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
content-encoding: gzip
content-length: 1828
cache-control: public, no-transform, max-age=182983
expires: Sun, 15 Dec 2024 20:59:10 GMT
date: Fri, 13 Dec 2024 18:09:27 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.4c367a5c.1734113367.a7046ed
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/BFQDsdSF9E9Gp0u-xRbmGVfJfe0.br.js

msedge.exe

Remote address:

95.101.143.210:443

Request

GET /rp/BFQDsdSF9E9Gp0u-xRbmGVfJfe0.br.js HTTP/2.0
host: r.bing.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
origin: https://www.bing.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

last-modified: Tue, 24 Sep 2024 05:57:43 GMT
etag: 0x8DCDC5DCE643BD1
content-type: text/javascript; charset=utf-8
content-md5: CnBe2qUSynWF62FiKAsEfg==
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 3d1914a5-401e-0059-7512-16ef16000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
content-encoding: gzip
content-length: 1133
cache-control: public, no-transform, max-age=103309
expires: Sat, 14 Dec 2024 22:51:16 GMT
date: Fri, 13 Dec 2024 18:09:27 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.4c367a5c.1734113367.a7046ee
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/WPedHfV8dQrn4qkif5azDZSqmn8.br.js

msedge.exe

Remote address:

95.101.143.210:443

Request

GET /rp/WPedHfV8dQrn4qkif5azDZSqmn8.br.js HTTP/2.0
host: r.bing.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
origin: https://www.bing.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

last-modified: Tue, 24 Sep 2024 06:31:17 GMT
etag: 0x8DCDC627F380DA7
akamai-grn: 0.4c1a1202.1733907768.8af50b9
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
content-length: 613
content-type: text/javascript; charset=utf-8
content-encoding: br
content-md5: 1Rf0xX8VNREaPigiNASk/Q==
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 3401a72b-401e-003f-300d-155d4c000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cache-control: public, no-transform, max-age=226508
expires: Mon, 16 Dec 2024 09:04:35 GMT
date: Fri, 13 Dec 2024 18:09:27 GMT
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.4c367a5c.1734113367.a7046ef
timing-allow-origin: *
GET

https://r.bing.com/rp/nc-eSocRvb1YGk0LjP4DtvgRRsw.br.js

msedge.exe

Remote address:

95.101.143.210:443

Request

GET /rp/nc-eSocRvb1YGk0LjP4DtvgRRsw.br.js HTTP/2.0
host: r.bing.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
origin: https://www.bing.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

last-modified: Thu, 10 Oct 2024 00:32:19 GMT
etag: 0x8DCE8C2FFE31093
content-type: text/javascript; charset=utf-8
content-md5: h74d7kzmL5ogfEui+8PbEg==
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 03ed948d-901e-005b-0afe-36edec000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
content-encoding: gzip
content-length: 1909
cache-control: public, no-transform, max-age=46392
expires: Sat, 14 Dec 2024 07:02:39 GMT
date: Fri, 13 Dec 2024 18:09:27 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.4c367a5c.1734113367.a7046f0
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/5jOFZTRZRQNYEniUpjuVlRlTSUA.br.js

msedge.exe

Remote address:

95.101.143.210:443

Request

GET /rp/5jOFZTRZRQNYEniUpjuVlRlTSUA.br.js HTTP/2.0
host: r.bing.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
origin: https://www.bing.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

last-modified: Mon, 14 Oct 2024 19:42:33 GMT
etag: 0x8DCEC88590A49A7
content-type: text/javascript; charset=utf-8
content-md5: ADAJbopPIaunlKI/GZphBw==
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 63cd0002-201e-0006-680e-371de8000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
content-encoding: gzip
content-length: 1702
cache-control: public, no-transform, max-age=95399
expires: Sat, 14 Dec 2024 20:39:26 GMT
date: Fri, 13 Dec 2024 18:09:27 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.4c367a5c.1734113367.a7046f1
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/8BLbyUK5EaqCuzmCEcf9-meevmE.br.js

msedge.exe

Remote address:

95.101.143.210:443

Request

GET /rp/8BLbyUK5EaqCuzmCEcf9-meevmE.br.js HTTP/2.0
host: r.bing.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
origin: https://www.bing.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

last-modified: Thu, 10 Oct 2024 00:28:12 GMT
etag: 0x8DCE8C26CBEA77D
content-length: 1934
content-type: text/javascript; charset=utf-8
content-encoding: br
content-md5: NwHEJrwNKfNaWOfUurgsUQ==
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 44d1d951-101e-002c-01de-1a68ad000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
akamai-grn: 0.4c1a1202.1731627879.1ae70d09
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
cache-control: public, no-transform, max-age=84470
expires: Sat, 14 Dec 2024 17:37:17 GMT
date: Fri, 13 Dec 2024 18:09:27 GMT
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.4c367a5c.1734113367.a7046f2
timing-allow-origin: *
GET

https://r.bing.com/rp/YOfvioAlqeLJzUxJ3VRDJvFPi5Q.br.js

msedge.exe

Remote address:

95.101.143.210:443

Request

GET /rp/YOfvioAlqeLJzUxJ3VRDJvFPi5Q.br.js HTTP/2.0
host: r.bing.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
origin: https://www.bing.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

last-modified: Thu, 10 Oct 2024 00:30:47 GMT
etag: 0x8DCE8C2C92E361F
content-type: text/javascript; charset=utf-8
content-md5: oCgEakDIKvDIYdA4zfrHhQ==
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 03ed9972-901e-005b-1bfe-36edec000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
content-encoding: gzip
content-length: 1937
cache-control: public, no-transform, max-age=170085
expires: Sun, 15 Dec 2024 17:24:12 GMT
date: Fri, 13 Dec 2024 18:09:27 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.4c367a5c.1734113367.a7046f5
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/7LkHIwasTuL6tufzeF3vEaazAxw.br.js

msedge.exe

Remote address:

95.101.143.210:443

Request

GET /rp/7LkHIwasTuL6tufzeF3vEaazAxw.br.js HTTP/2.0
host: r.bing.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
origin: https://www.bing.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

last-modified: Tue, 24 Sep 2024 05:51:54 GMT
etag: 0x8DCDC5CFE789590
content-type: text/javascript; charset=utf-8
content-md5: YsxphTS643oFtIWrwjg5mA==
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 2f850e99-601e-0067-72ef-145937000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
content-encoding: gzip
content-length: 1427
cache-control: public, no-transform, max-age=430905
expires: Wed, 18 Dec 2024 17:51:12 GMT
date: Fri, 13 Dec 2024 18:09:27 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.4c367a5c.1734113367.a7046f6
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/MCwdqGFTwqu20jt3177s57V4wZk.br.js

msedge.exe

Remote address:

95.101.143.210:443

Request

GET /rp/MCwdqGFTwqu20jt3177s57V4wZk.br.js HTTP/2.0
host: r.bing.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
origin: https://www.bing.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

last-modified: Tue, 24 Sep 2024 06:14:44 GMT
etag: 0x8DCDC602EF80ACF
content-length: 92
content-type: text/javascript; charset=utf-8
content-encoding: br
content-md5: 6CIgOkytlGCbuuRvU1ESHg==
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: b826b2dc-201e-0024-251c-1573de000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cache-control: public, no-transform, max-age=48131
expires: Sat, 14 Dec 2024 07:31:38 GMT
date: Fri, 13 Dec 2024 18:09:27 GMT
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.4c367a5c.1734113367.a7046f7
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/dDiRViGCXHkOBl6zHkdBDLk0yFg.br.js

msedge.exe

Remote address:

95.101.143.210:443

Request

GET /rp/dDiRViGCXHkOBl6zHkdBDLk0yFg.br.js HTTP/2.0
host: r.bing.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
origin: https://www.bing.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

last-modified: Tue, 19 Nov 2024 04:13:15 GMT
etag: 0x8DD08507D665276
content-length: 955
content-type: text/javascript; charset=utf-8
content-encoding: br
content-md5: Kk0u9e/SalHwM0LSYxaS+g==
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: a67788bb-101e-0063-1eab-3aacb5000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
akamai-grn: 0.521a1202.1732053803.7ae27a55
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
cache-control: public, no-transform, max-age=73632
expires: Sat, 14 Dec 2024 14:36:39 GMT
date: Fri, 13 Dec 2024 18:09:27 GMT
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.4c367a5c.1734113367.a7046f8
timing-allow-origin: *
GET

https://r.bing.com/rp/9Fqz5Ex6jCtgxHZiTZCH48EoBds.br.js

msedge.exe

Remote address:

95.101.143.210:443

Request

GET /rp/9Fqz5Ex6jCtgxHZiTZCH48EoBds.br.js HTTP/2.0
host: r.bing.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
origin: https://www.bing.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

last-modified: Thu, 10 Oct 2024 00:27:10 GMT
etag: 0x8DCE8C247F92C3E
content-type: text/javascript; charset=utf-8
content-md5: hOJRe/y21ezUnMJkb3Rnrw==
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: c76bcc77-d01e-0018-380e-37c705000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
content-encoding: gzip
content-length: 2754
cache-control: public, no-transform, max-age=108451
expires: Sun, 15 Dec 2024 00:16:58 GMT
date: Fri, 13 Dec 2024 18:09:27 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.4c367a5c.1734113367.a7046f9
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/qY42f0yZJzcOD6Gr6zubromZGRk.br.js

msedge.exe

Remote address:

95.101.143.210:443

Request

GET /rp/qY42f0yZJzcOD6Gr6zubromZGRk.br.js HTTP/2.0
host: r.bing.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
origin: https://www.bing.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

last-modified: Thu, 10 Oct 2024 00:34:24 GMT
etag: 0x8DCE8C34A2EADC0
content-type: text/javascript; charset=utf-8
content-md5: UYaER6ThZGEud/Muajg45w==
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 5d7ec60e-101e-000e-50d0-1e069b000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
content-encoding: gzip
content-length: 2303
vary: Accept-Encoding
akamai-grn: 0.521a1202.1731419023.37910172
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
cache-control: public, no-transform, max-age=58817
expires: Sat, 14 Dec 2024 10:29:44 GMT
date: Fri, 13 Dec 2024 18:09:27 GMT
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.4c367a5c.1734113367.a7046fa
timing-allow-origin: *
GET

https://r.bing.com/rp/YALqEqJYnL-gaTc_XU1h3jHCQgc.br.js

msedge.exe

Remote address:

95.101.143.210:443

Request

GET /rp/YALqEqJYnL-gaTc_XU1h3jHCQgc.br.js HTTP/2.0
host: r.bing.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
origin: https://www.bing.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: text/javascript; charset=utf-8
content-md5: vWEA5SJVYZzqDBnXjnUTIw==
last-modified: Tue, 10 Dec 2024 09:51:22 GMT
etag: 0x8DD1900343E7BFE
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 5f43981e-b01e-0021-5156-4b87a1000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
content-encoding: gzip
content-length: 11445
vary: Accept-Encoding
cache-control: public, no-transform, max-age=189889
expires: Sun, 15 Dec 2024 22:54:16 GMT
date: Fri, 13 Dec 2024 18:09:27 GMT
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.4c367a5c.1734113367.a7046fb
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/6juFsmmZTw2skj7CvpgreXtsgqM.br.js

msedge.exe

Remote address:

95.101.143.210:443

Request

GET /rp/6juFsmmZTw2skj7CvpgreXtsgqM.br.js HTTP/2.0
host: r.bing.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
origin: https://www.bing.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

last-modified: Tue, 24 Sep 2024 05:51:03 GMT
etag: 0x8DCDC5CDFF72AD3
content-type: text/javascript; charset=utf-8
content-md5: V1kiVXzIRqmzPm5TrNimoA==
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: a683a4e2-d01e-003a-0e60-16a933000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
content-encoding: gzip
content-length: 514
cache-control: public, no-transform, max-age=171426
expires: Sun, 15 Dec 2024 17:46:33 GMT
date: Fri, 13 Dec 2024 18:09:27 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.4c367a5c.1734113367.a7046fd
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/CuoJ-XSESmq5e-S0atX4JdNgEbQ.br.js

msedge.exe

Remote address:

95.101.143.210:443

Request

GET /rp/CuoJ-XSESmq5e-S0atX4JdNgEbQ.br.js HTTP/2.0
host: r.bing.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
origin: https://www.bing.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

last-modified: Tue, 24 Sep 2024 06:00:56 GMT
etag: 0x8DCDC5E41B5114A
content-length: 259
content-type: text/javascript; charset=utf-8
content-encoding: br
content-md5: jDpfrkHEWPKiRt+7YgCBFw==
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 77f2af1e-b01e-0021-3ab8-1587a1000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cache-control: public, no-transform, max-age=47109
expires: Sat, 14 Dec 2024 07:14:36 GMT
date: Fri, 13 Dec 2024 18:09:27 GMT
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.4c367a5c.1734113367.a7046fe
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/ux1mL_BeI5W_NEKqkFEN1fLUu0o.br.js

msedge.exe

Remote address:

95.101.143.210:443

Request

GET /rp/ux1mL_BeI5W_NEKqkFEN1fLUu0o.br.js HTTP/2.0
host: r.bing.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
origin: https://www.bing.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

last-modified: Tue, 24 Sep 2024 07:09:30 GMT
etag: 0x8DCDC67D57CE10E
content-length: 297
content-type: text/javascript; charset=utf-8
content-encoding: br
content-md5: aMcgzJXX0Ee99dBf6DeIvg==
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: a517959b-001e-0033-755e-17b3bd000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cache-control: public, no-transform, max-age=51679
expires: Sat, 14 Dec 2024 08:30:46 GMT
date: Fri, 13 Dec 2024 18:09:27 GMT
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.4c367a5c.1734113367.a7046ff
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/ztUh7qME7I8WPjdMsB8y8tLZ8s4.br.js

msedge.exe

Remote address:

95.101.143.210:443

Request

GET /rp/ztUh7qME7I8WPjdMsB8y8tLZ8s4.br.js HTTP/2.0
host: r.bing.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
origin: https://www.bing.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

last-modified: Thu, 14 Nov 2024 09:56:41 GMT
etag: 0x8DD0492A397BB70
content-length: 1221
content-type: text/javascript; charset=utf-8
content-encoding: br
content-md5: NQz+bEN0M74gpmwj/XRR0Q==
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 20a5a5fa-801e-0000-7ebc-36ea90000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
akamai-grn: 0.a5777b5c.1731628052.88941a5
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
cache-control: public, no-transform, max-age=281937
expires: Tue, 17 Dec 2024 00:28:24 GMT
date: Fri, 13 Dec 2024 18:09:27 GMT
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.4c367a5c.1734113367.a704700
timing-allow-origin: *
GET

https://r.bing.com/rp/ArHyxbBQcE8YU5aazNfFDRsXU7E.br.js

msedge.exe

Remote address:

95.101.143.210:443

Request

GET /rp/ArHyxbBQcE8YU5aazNfFDRsXU7E.br.js HTTP/2.0
host: r.bing.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
origin: https://www.bing.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

last-modified: Thu, 10 Oct 2024 00:25:57 GMT
etag: 0x8DCE8C21C48FDF3
akamai-grn: 0.bc901002.1731334608.299f224f
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
content-type: text/javascript; charset=utf-8
content-md5: 9+Ds/dwwgvsKmdQ2CXRY4g==
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 07c3ab55-601e-0001-1d0a-1beb6d000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
content-encoding: gzip
content-length: 3750
vary: Accept-Encoding
cache-control: public, no-transform, max-age=120126
expires: Sun, 15 Dec 2024 03:31:33 GMT
date: Fri, 13 Dec 2024 18:09:27 GMT
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.4c367a5c.1734113367.a704701
timing-allow-origin: *
GET

https://r.bing.com/rp/RoFJpzeql5F0UwlxxhHctrDb1gI.br.js

msedge.exe

Remote address:

95.101.143.210:443

Request

GET /rp/RoFJpzeql5F0UwlxxhHctrDb1gI.br.js HTTP/2.0
host: r.bing.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
origin: https://www.bing.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

last-modified: Thu, 10 Oct 2024 00:30:35 GMT
etag: 0x8DCE8C2C1D3938C
content-length: 705
content-type: text/javascript; charset=utf-8
content-encoding: br
content-md5: P+eOaBwLbPYjz8rXRd9vFw==
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 6268a7d3-d01e-0018-789b-2fc705000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
akamai-grn: 0.93901002.1731401856.2edd0f14
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
cache-control: public, no-transform, max-age=217168
expires: Mon, 16 Dec 2024 06:28:55 GMT
date: Fri, 13 Dec 2024 18:09:27 GMT
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.4c367a5c.1734113367.a704702
timing-allow-origin: *
GET

https://r.bing.com/rp/V7D5VL7UuG-0dS9EFG9ef5ebxvE.br.js

msedge.exe

Remote address:

95.101.143.210:443

Request

GET /rp/V7D5VL7UuG-0dS9EFG9ef5ebxvE.br.js HTTP/2.0
host: r.bing.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
origin: https://www.bing.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

last-modified: Thu, 10 Oct 2024 00:31:25 GMT
etag: 0x8DCE8C2E001EDE6
content-length: 824
content-type: text/javascript; charset=utf-8
content-encoding: br
content-md5: TUk4X9om/2F0RL1zKm6nPg==
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: b7daf5e3-401e-0070-58bc-369954000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
akamai-grn: 0.521a1202.1731632788.8eb7e96c
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
cache-control: public, no-transform, max-age=296925
expires: Tue, 17 Dec 2024 04:38:12 GMT
date: Fri, 13 Dec 2024 18:09:27 GMT
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.4c367a5c.1734113367.a704703
timing-allow-origin: *
GET

https://r.bing.com/rp/64ZSq206R4R8FyO8Y2Q8OdNSmMs.br.js

msedge.exe

Remote address:

95.101.143.210:443

Request

GET /rp/64ZSq206R4R8FyO8Y2Q8OdNSmMs.br.js HTTP/2.0
host: r.bing.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
origin: https://www.bing.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

last-modified: Mon, 25 Nov 2024 04:34:12 GMT
etag: 0x8DD0D0A698D06DA
content-type: text/javascript; charset=utf-8
content-md5: M7IvEcfYE+WVXHAPUsbH+w==
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: e1ebc840-001e-005e-2dd9-3f1993000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
content-encoding: gzip
content-length: 1304
cache-control: public, no-transform, max-age=414377
expires: Wed, 18 Dec 2024 13:15:44 GMT
date: Fri, 13 Dec 2024 18:09:27 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.4c367a5c.1734113367.a704704
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/4a2l6ts7ENpX5gGW0kp5U2iD6h8.br.js

msedge.exe

Remote address:

95.101.143.210:443

Request

GET /rp/4a2l6ts7ENpX5gGW0kp5U2iD6h8.br.js HTTP/2.0
host: r.bing.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
origin: https://www.bing.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

last-modified: Mon, 14 Oct 2024 19:39:05 GMT
etag: 0x8DCEC87DD067940
content-length: 658
content-type: text/javascript; charset=utf-8
content-encoding: br
content-md5: hmcBay1BgAVA4sBe4FzXJg==
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 704eda35-601e-000a-19d0-1ef319000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cache-control: public, no-transform, max-age=0
expires: Fri, 13 Dec 2024 18:09:27 GMT
date: Fri, 13 Dec 2024 18:09:27 GMT
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.4c367a5c.1734113367.a704706
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/eKvcHdnNwo1WcxoSioV4ztnfZk8.br.js

msedge.exe

Remote address:

95.101.143.210:443

Request

GET /rp/eKvcHdnNwo1WcxoSioV4ztnfZk8.br.js HTTP/2.0
host: r.bing.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
origin: https://www.bing.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

last-modified: Tue, 24 Sep 2024 06:44:16 GMT
etag: 0x8DCDC644F5E5FC5
content-type: text/javascript; charset=utf-8
content-md5: oqLg+91b3FmpcS7e8iKMsQ==
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 15efc9bd-101e-0063-5e13-16acb5000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
content-encoding: gzip
content-length: 1143
cache-control: public, no-transform, max-age=78468
expires: Sat, 14 Dec 2024 15:57:15 GMT
date: Fri, 13 Dec 2024 18:09:27 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.4c367a5c.1734113367.a704707
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/ID-70CBAEOXh6Nwxga-CxgpUq4k.br.js

msedge.exe

Remote address:

95.101.143.210:443

Request

GET /rp/ID-70CBAEOXh6Nwxga-CxgpUq4k.br.js HTTP/2.0
host: r.bing.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
origin: https://www.bing.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

last-modified: Tue, 24 Sep 2024 06:08:44 GMT
etag: 0x8DCDC5F58808E4E
content-length: 468
content-type: text/javascript; charset=utf-8
content-encoding: br
content-md5: Hld4hrLTgdOY14/WVAnFqg==
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 7add5af7-c01e-0048-2f6b-16d80d000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cache-control: public, no-transform, max-age=176669
expires: Sun, 15 Dec 2024 19:13:56 GMT
date: Fri, 13 Dec 2024 18:09:27 GMT
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.4c367a5c.1734113367.a704708
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/-2EVJNDwymhr08bVch00GwpjiDA.br.js

msedge.exe

Remote address:

95.101.143.210:443

Request

GET /rp/-2EVJNDwymhr08bVch00GwpjiDA.br.js HTTP/2.0
host: r.bing.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
origin: https://www.bing.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

last-modified: Mon, 14 Oct 2024 19:24:23 GMT
etag: 0x8DCEC85CF372642
content-type: text/javascript; charset=utf-8
content-md5: PkxdhPHrMXZXxfqaK/YI3w==
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 0891fdf4-501e-0009-18fe-36f01e000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
content-encoding: gzip
content-length: 1067
cache-control: public, no-transform, max-age=163284
expires: Sun, 15 Dec 2024 15:30:51 GMT
date: Fri, 13 Dec 2024 18:09:27 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.4c367a5c.1734113367.a704709
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/8LIV7VPMYjV_ya4Ggnu8LBWQIQQ.br.js

msedge.exe

Remote address:

95.101.143.210:443

Request

GET /rp/8LIV7VPMYjV_ya4Ggnu8LBWQIQQ.br.js HTTP/2.0
host: r.bing.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://www.bing.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: */*
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
if-none-match: 0x8DCDC5D351B0B64
if-modified-since: Tue, 24 Sep 2024 05:53:26 GMT

Response

HTTP/2.0 304

content-type: text/javascript; charset=utf-8
last-modified: Tue, 24 Sep 2024 05:53:26 GMT
etag: 0x8DCDC5D351B0B64
cache-control: public, no-transform, max-age=101546
expires: Sat, 14 Dec 2024 22:21:54 GMT
date: Fri, 13 Dec 2024 18:09:28 GMT
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.4c367a5c.1734113368.a7048d1
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/lwgCOY8rCo0Ub0btSshwRlT9HWI.br.js

msedge.exe

Remote address:

95.101.143.210:443

Request

GET /rp/lwgCOY8rCo0Ub0btSshwRlT9HWI.br.js HTTP/2.0
host: r.bing.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://www.bing.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: */*
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

last-modified: Wed, 09 Oct 2024 06:47:11 GMT
etag: 0x8DCE82E33DB4289
content-length: 263
content-type: text/javascript; charset=utf-8
content-encoding: br
content-md5: kSd0hTdqYlIKxD09mZrqMA==
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 19451da4-501e-0046-6040-1a3406000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cache-control: public, no-transform, max-age=26543
expires: Sat, 14 Dec 2024 01:31:51 GMT
date: Fri, 13 Dec 2024 18:09:28 GMT
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.4c367a5c.1734113368.a704907
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/ulJ3ckR0YcGpvIX6xhO4prJhEQQ.br.js

msedge.exe

Remote address:

95.101.143.210:443

Request

GET /rp/ulJ3ckR0YcGpvIX6xhO4prJhEQQ.br.js HTTP/2.0
host: r.bing.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://www.bing.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: */*
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

last-modified: Tue, 24 Sep 2024 07:09:09 GMT
etag: 0x8DCDC67C959D1C6
content-length: 230
content-type: text/javascript; charset=utf-8
content-encoding: br
content-md5: e8o72fCkQwkU95GMyH4alQ==
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: ce50cb20-d01e-0018-1b62-17c705000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cache-control: public, no-transform, max-age=306920
expires: Tue, 17 Dec 2024 07:24:48 GMT
date: Fri, 13 Dec 2024 18:09:28 GMT
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.4c367a5c.1734113368.a70490f
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/ivu0QwP26BHIJjH_DSqboRdhsO0.br.js

msedge.exe

Remote address:

95.101.143.210:443

Request

GET /rp/ivu0QwP26BHIJjH_DSqboRdhsO0.br.js HTTP/2.0
host: r.bing.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://www.bing.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: */*
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

last-modified: Thu, 14 Nov 2024 09:56:27 GMT
etag: 0x8DD04929B4990FB
content-length: 3910
content-type: text/javascript; charset=utf-8
content-encoding: br
content-md5: PtU28jG6dGjHkVaL3KCYNw==
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: d0661e89-601e-0001-5ebb-36eb6d000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
akamai-grn: 0.4c1a1202.1731612728.198d7eea
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
cache-control: public, no-transform, max-age=103196
expires: Sat, 14 Dec 2024 22:49:24 GMT
date: Fri, 13 Dec 2024 18:09:28 GMT
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.4c367a5c.1734113368.a70492b
timing-allow-origin: *
GET

https://r.bing.com/rp/4a2l6ts7ENpX5gGW0kp5U2iD6h8.br.js

msedge.exe

Remote address:

95.101.143.210:443

Request

GET /rp/4a2l6ts7ENpX5gGW0kp5U2iD6h8.br.js HTTP/2.0
host: r.bing.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://www.bing.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: */*
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
if-none-match: 0x8DCEC87DD067940
if-modified-since: Mon, 14 Oct 2024 19:39:05 GMT

Response

HTTP/2.0 304

content-type: text/javascript; charset=utf-8
last-modified: Mon, 14 Oct 2024 19:39:05 GMT
etag: 0x8DCEC87DD067940
cache-control: public, no-transform, max-age=219479
expires: Mon, 16 Dec 2024 07:07:27 GMT
date: Fri, 13 Dec 2024 18:09:28 GMT
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.4c367a5c.1734113368.a704a75
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/rSGsMdC73uduuQlIQndCFjDqLb0.br.js

msedge.exe

Remote address:

95.101.143.210:443

Request

GET /rp/rSGsMdC73uduuQlIQndCFjDqLb0.br.js HTTP/2.0
host: r.bing.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://www.bing.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: */*
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: text/javascript; charset=utf-8
content-md5: XepiajoIzA8mdkJ+Qn60Zw==
last-modified: Fri, 06 Dec 2024 06:22:02 GMT
etag: 0x8DD15BE4C6397FE
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 06668211-401e-0034-7a65-484538000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
content-encoding: gzip
content-length: 26170
cache-control: public, no-transform, max-age=69641
expires: Sat, 14 Dec 2024 13:30:09 GMT
date: Fri, 13 Dec 2024 18:09:28 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.4c367a5c.1734113368.a704aca
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/eB-Ay8kZeiSr9wHeKy54GsK5c3A.br.js

msedge.exe

Remote address:

95.101.143.210:443

Request

GET /rp/eB-Ay8kZeiSr9wHeKy54GsK5c3A.br.js HTTP/2.0
host: r.bing.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://www.bing.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: */*
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 13164
content-type: text/javascript; charset=utf-8
content-encoding: br
content-md5: sNdvKHkTG/uMPHPRSYV/Kg==
last-modified: Thu, 12 Dec 2024 11:43:32 GMT
etag: 0x8DD1AA234850EA0
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: b92a988d-e01e-005f-1221-4d186e000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cache-control: public, no-transform, max-age=387165
expires: Wed, 18 Dec 2024 05:42:13 GMT
date: Fri, 13 Dec 2024 18:09:28 GMT
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.4c367a5c.1734113368.a704acc
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://th.bing.com/th?id=OADD2.8246383030707_1BSX2LM3T420X2GV1W&w=32&h=32&o=6&pid=21.2

msedge.exe

Remote address:

95.101.143.34:443

Request

GET /th?id=OADD2.8246383030707_1BSX2LM3T420X2GV1W&w=32&h=32&o=6&pid=21.2 HTTP/2.0
host: th.bing.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: MUID=2F4E2904EB0462ED0C753C50EA6963F3
cookie: _EDGE_S=F=1&SID=1FCCA6982E7F6C8F0728B3CC2F126D2A
cookie: _EDGE_V=1
cookie: USRLOC=HS=1
cookie: _SS=PC=U531&SID=1FCCA6982E7F6C8F0728B3CC2F126D2A
cookie: SRCHS=PC=U531
cookie: SRCHD=AF=ANAB01
cookie: SRCHUID=V=2&GUID=8F1B49904A39427CA6233E79AB5BE299&dmnchg=1
cookie: SRCHUSR=DOB=20241213
cookie: ak_bmsc=F184CDB549F535F0B1E550D997395A26~000000000000000000000000000000~YAAQTDZ6XBXtdbWTAQAAMBM2wRr1wf4++RX/YAOWqh730thSrLKlBKMU4VpVMXbgi/LvbmuVgzyOM8kUlacDwjH4uybO7kvKG6QRuI8SPwe1QGFlxiVicp5hmGd05WFcNWnHPVzMekCo/R0SLhvaoXl1fXaULy3kgl/fRGp8xw7oPHyej/BhgG3YyX7oEK9PSWocKQbv1arXPfYTr6Pq5yZSN5gwlVVI1u9lfdVi4roZ6DhkyAUPIte/4/6rbnL5NOI3w7ljUelB+vV3TcmzPfreKRYeeCJXh/AD3CjtBdX5un91365jWwJXOGNWw6yGnnn/7U2buFemYCu8nb7bVSxMgoM6KK6PbpgeR0Pqv9YAr6odhOczXEav29qkndMDB/jhFnMCRoae
cookie: SRCHHPGUSR=SRCHLANG=en&DM=0&BRW=M&BRH=S&CW=1280&CH=601&SCW=1263&SCH=2629&DPR=1.0&UTC=0

Response

HTTP/2.0 200

content-type: image/jpeg
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
content-length: 720
cache-control: public, max-age=1189342
date: Fri, 13 Dec 2024 18:09:27 GMT
x-cache: TCP_HIT from a95-101-143-206.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.ce8f655f.1734113367.24bcd4a
x-check-cacheable: YES
GET

https://th.bing.com/th?id=ODLS.03245701-8d3e-443e-af13-66e289085f86&w=32&h=32&qlt=90&pcl=fffffa&o=6&pid=1.2

msedge.exe

Remote address:

95.101.143.34:443

Request

GET /th?id=ODLS.03245701-8d3e-443e-af13-66e289085f86&w=32&h=32&qlt=90&pcl=fffffa&o=6&pid=1.2 HTTP/2.0
host: th.bing.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: MUID=2F4E2904EB0462ED0C753C50EA6963F3
cookie: _EDGE_S=F=1&SID=1FCCA6982E7F6C8F0728B3CC2F126D2A
cookie: _EDGE_V=1
cookie: USRLOC=HS=1
cookie: _SS=PC=U531&SID=1FCCA6982E7F6C8F0728B3CC2F126D2A
cookie: SRCHS=PC=U531
cookie: SRCHD=AF=ANAB01
cookie: SRCHUID=V=2&GUID=8F1B49904A39427CA6233E79AB5BE299&dmnchg=1
cookie: SRCHUSR=DOB=20241213
cookie: ak_bmsc=F184CDB549F535F0B1E550D997395A26~000000000000000000000000000000~YAAQTDZ6XBXtdbWTAQAAMBM2wRr1wf4++RX/YAOWqh730thSrLKlBKMU4VpVMXbgi/LvbmuVgzyOM8kUlacDwjH4uybO7kvKG6QRuI8SPwe1QGFlxiVicp5hmGd05WFcNWnHPVzMekCo/R0SLhvaoXl1fXaULy3kgl/fRGp8xw7oPHyej/BhgG3YyX7oEK9PSWocKQbv1arXPfYTr6Pq5yZSN5gwlVVI1u9lfdVi4roZ6DhkyAUPIte/4/6rbnL5NOI3w7ljUelB+vV3TcmzPfreKRYeeCJXh/AD3CjtBdX5un91365jWwJXOGNWw6yGnnn/7U2buFemYCu8nb7bVSxMgoM6KK6PbpgeR0Pqv9YAr6odhOczXEav29qkndMDB/jhFnMCRoae
cookie: SRCHHPGUSR=SRCHLANG=en&DM=0&BRW=M&BRH=S&CW=1280&CH=601&SCW=1263&SCH=2629&DPR=1.0&UTC=0

Response

HTTP/2.0 200

content-type: image/png
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
content-length: 944
cache-control: public, max-age=370359
date: Fri, 13 Dec 2024 18:09:27 GMT
x-cache: TCP_MEM_HIT from a95-101-143-206.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.ce8f655f.1734113367.24bcd4b
x-check-cacheable: YES
GET

https://th.bing.com/th?id=OIP.nbU9gKsTXIMD0klgus1wkQHaDt&w=298&h=149&c=10&rs=1&qlt=99&bgcl=fffffe&r=0&o=6&pid=MultiSMRSV2Source

msedge.exe

Remote address:

95.101.143.34:443

Request

GET /th?id=OIP.nbU9gKsTXIMD0klgus1wkQHaDt&w=298&h=149&c=10&rs=1&qlt=99&bgcl=fffffe&r=0&o=6&pid=MultiSMRSV2Source HTTP/2.0
host: th.bing.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: MUID=2F4E2904EB0462ED0C753C50EA6963F3
cookie: _EDGE_S=F=1&SID=1FCCA6982E7F6C8F0728B3CC2F126D2A
cookie: _EDGE_V=1
cookie: USRLOC=HS=1
cookie: _SS=PC=U531&SID=1FCCA6982E7F6C8F0728B3CC2F126D2A
cookie: SRCHS=PC=U531
cookie: SRCHD=AF=ANAB01
cookie: SRCHUID=V=2&GUID=8F1B49904A39427CA6233E79AB5BE299&dmnchg=1
cookie: SRCHUSR=DOB=20241213
cookie: ak_bmsc=F184CDB549F535F0B1E550D997395A26~000000000000000000000000000000~YAAQTDZ6XBXtdbWTAQAAMBM2wRr1wf4++RX/YAOWqh730thSrLKlBKMU4VpVMXbgi/LvbmuVgzyOM8kUlacDwjH4uybO7kvKG6QRuI8SPwe1QGFlxiVicp5hmGd05WFcNWnHPVzMekCo/R0SLhvaoXl1fXaULy3kgl/fRGp8xw7oPHyej/BhgG3YyX7oEK9PSWocKQbv1arXPfYTr6Pq5yZSN5gwlVVI1u9lfdVi4roZ6DhkyAUPIte/4/6rbnL5NOI3w7ljUelB+vV3TcmzPfreKRYeeCJXh/AD3CjtBdX5un91365jWwJXOGNWw6yGnnn/7U2buFemYCu8nb7bVSxMgoM6KK6PbpgeR0Pqv9YAr6odhOczXEav29qkndMDB/jhFnMCRoae
cookie: SRCHHPGUSR=SRCHLANG=en&DM=0&BRW=M&BRH=S&CW=1280&CH=601&SCW=1263&SCH=2629&DPR=1.0&UTC=0

Response

HTTP/2.0 200

content-type: image/jpeg
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
content-length: 16796
x-check-cacheable: YES
cache-control: public, max-age=237009
date: Fri, 13 Dec 2024 18:09:27 GMT
x-cache: TCP_MISS from a95-101-143-206.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.ce8f655f.1734113367.24bcd4c
GET

https://th.bing.com/th?q=Wanna+Cry+Download&w=120&h=50&c=7&rs=1&qlt=90&p=0&o=5&pid=1.7&mkt=en-GB&cc=GB&setlang=en&adlt=moderate&t=1

msedge.exe

Remote address:

95.101.143.34:443

Request

GET /th?q=Wanna+Cry+Download&w=120&h=50&c=7&rs=1&qlt=90&p=0&o=5&pid=1.7&mkt=en-GB&cc=GB&setlang=en&adlt=moderate&t=1 HTTP/2.0
host: th.bing.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: MUID=2F4E2904EB0462ED0C753C50EA6963F3
cookie: _EDGE_S=F=1&SID=1FCCA6982E7F6C8F0728B3CC2F126D2A
cookie: _EDGE_V=1
cookie: USRLOC=HS=1
cookie: _SS=PC=U531&SID=1FCCA6982E7F6C8F0728B3CC2F126D2A
cookie: SRCHS=PC=U531
cookie: SRCHD=AF=ANAB01
cookie: SRCHUID=V=2&GUID=8F1B49904A39427CA6233E79AB5BE299&dmnchg=1
cookie: SRCHUSR=DOB=20241213
cookie: ak_bmsc=F184CDB549F535F0B1E550D997395A26~000000000000000000000000000000~YAAQTDZ6XBXtdbWTAQAAMBM2wRr1wf4++RX/YAOWqh730thSrLKlBKMU4VpVMXbgi/LvbmuVgzyOM8kUlacDwjH4uybO7kvKG6QRuI8SPwe1QGFlxiVicp5hmGd05WFcNWnHPVzMekCo/R0SLhvaoXl1fXaULy3kgl/fRGp8xw7oPHyej/BhgG3YyX7oEK9PSWocKQbv1arXPfYTr6Pq5yZSN5gwlVVI1u9lfdVi4roZ6DhkyAUPIte/4/6rbnL5NOI3w7ljUelB+vV3TcmzPfreKRYeeCJXh/AD3CjtBdX5un91365jWwJXOGNWw6yGnnn/7U2buFemYCu8nb7bVSxMgoM6KK6PbpgeR0Pqv9YAr6odhOczXEav29qkndMDB/jhFnMCRoae
cookie: SRCHHPGUSR=SRCHLANG=en&DM=0&BRW=M&BRH=S&CW=1280&CH=601&SCW=1263&SCH=2629&DPR=1.0&UTC=0

Response

HTTP/2.0 200

content-type: image/jpeg
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
content-length: 2996
x-check-cacheable: YES
cache-control: public, max-age=4321890
date: Fri, 13 Dec 2024 18:09:27 GMT
x-cache: TCP_MISS from a95-101-143-206.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.ce8f655f.1734113367.24bcd4e
GET

https://th.bing.com/th?q=Free+Ransomware+Removal+Tool&w=120&h=50&c=7&rs=1&qlt=90&p=0&o=5&pid=1.7&mkt=en-GB&cc=GB&setlang=en&adlt=moderate&t=1

msedge.exe

Remote address:

95.101.143.34:443

Request

GET /th?q=Free+Ransomware+Removal+Tool&w=120&h=50&c=7&rs=1&qlt=90&p=0&o=5&pid=1.7&mkt=en-GB&cc=GB&setlang=en&adlt=moderate&t=1 HTTP/2.0
host: th.bing.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: MUID=2F4E2904EB0462ED0C753C50EA6963F3
cookie: _EDGE_S=F=1&SID=1FCCA6982E7F6C8F0728B3CC2F126D2A
cookie: _EDGE_V=1
cookie: USRLOC=HS=1
cookie: _SS=PC=U531&SID=1FCCA6982E7F6C8F0728B3CC2F126D2A
cookie: SRCHS=PC=U531
cookie: SRCHD=AF=ANAB01
cookie: SRCHUID=V=2&GUID=8F1B49904A39427CA6233E79AB5BE299&dmnchg=1
cookie: SRCHUSR=DOB=20241213
cookie: ak_bmsc=F184CDB549F535F0B1E550D997395A26~000000000000000000000000000000~YAAQTDZ6XBXtdbWTAQAAMBM2wRr1wf4++RX/YAOWqh730thSrLKlBKMU4VpVMXbgi/LvbmuVgzyOM8kUlacDwjH4uybO7kvKG6QRuI8SPwe1QGFlxiVicp5hmGd05WFcNWnHPVzMekCo/R0SLhvaoXl1fXaULy3kgl/fRGp8xw7oPHyej/BhgG3YyX7oEK9PSWocKQbv1arXPfYTr6Pq5yZSN5gwlVVI1u9lfdVi4roZ6DhkyAUPIte/4/6rbnL5NOI3w7ljUelB+vV3TcmzPfreKRYeeCJXh/AD3CjtBdX5un91365jWwJXOGNWw6yGnnn/7U2buFemYCu8nb7bVSxMgoM6KK6PbpgeR0Pqv9YAr6odhOczXEav29qkndMDB/jhFnMCRoae
cookie: SRCHHPGUSR=SRCHLANG=en&DM=0&BRW=M&BRH=S&CW=1280&CH=601&SCW=1263&SCH=2629&DPR=1.0&UTC=0

Response

HTTP/2.0 200

content-type: image/jpeg
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
content-length: 1695
cache-control: public, max-age=4321841
date: Fri, 13 Dec 2024 18:09:27 GMT
x-cache: TCP_MISS from a95-101-143-206.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.ce8f655f.1734113367.24bcd4f
x-check-cacheable: YES
GET

https://th.bing.com/th?q=Jigsaw.exe+Download&w=120&h=50&c=7&rs=1&qlt=90&p=0&o=5&pid=1.7&mkt=en-GB&cc=GB&setlang=en&adlt=moderate&t=1

msedge.exe

Remote address:

95.101.143.34:443

Request

GET /th?q=Jigsaw.exe+Download&w=120&h=50&c=7&rs=1&qlt=90&p=0&o=5&pid=1.7&mkt=en-GB&cc=GB&setlang=en&adlt=moderate&t=1 HTTP/2.0
host: th.bing.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: MUID=2F4E2904EB0462ED0C753C50EA6963F3
cookie: _EDGE_S=F=1&SID=1FCCA6982E7F6C8F0728B3CC2F126D2A
cookie: _EDGE_V=1
cookie: USRLOC=HS=1
cookie: _SS=PC=U531&SID=1FCCA6982E7F6C8F0728B3CC2F126D2A
cookie: SRCHS=PC=U531
cookie: SRCHD=AF=ANAB01
cookie: SRCHUID=V=2&GUID=8F1B49904A39427CA6233E79AB5BE299&dmnchg=1
cookie: SRCHUSR=DOB=20241213
cookie: ak_bmsc=F184CDB549F535F0B1E550D997395A26~000000000000000000000000000000~YAAQTDZ6XBXtdbWTAQAAMBM2wRr1wf4++RX/YAOWqh730thSrLKlBKMU4VpVMXbgi/LvbmuVgzyOM8kUlacDwjH4uybO7kvKG6QRuI8SPwe1QGFlxiVicp5hmGd05WFcNWnHPVzMekCo/R0SLhvaoXl1fXaULy3kgl/fRGp8xw7oPHyej/BhgG3YyX7oEK9PSWocKQbv1arXPfYTr6Pq5yZSN5gwlVVI1u9lfdVi4roZ6DhkyAUPIte/4/6rbnL5NOI3w7ljUelB+vV3TcmzPfreKRYeeCJXh/AD3CjtBdX5un91365jWwJXOGNWw6yGnnn/7U2buFemYCu8nb7bVSxMgoM6KK6PbpgeR0Pqv9YAr6odhOczXEav29qkndMDB/jhFnMCRoae
cookie: SRCHHPGUSR=SRCHLANG=en&DM=0&BRW=M&BRH=S&CW=1280&CH=601&SCW=1263&SCH=2629&DPR=1.0&UTC=0

Response

HTTP/2.0 200

content-type: image/jpeg
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
content-length: 2599
x-check-cacheable: YES
cache-control: public, max-age=4292493
date: Fri, 13 Dec 2024 18:09:27 GMT
x-cache: TCP_MISS from a95-101-143-206.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.ce8f655f.1734113367.24bcd50
GET

https://th.bing.com/th?q=Petya+Download&w=120&h=50&c=7&rs=1&qlt=90&p=0&o=5&pid=1.7&mkt=en-GB&cc=GB&setlang=en&adlt=moderate&t=1

msedge.exe

Remote address:

95.101.143.34:443

Request

GET /th?q=Petya+Download&w=120&h=50&c=7&rs=1&qlt=90&p=0&o=5&pid=1.7&mkt=en-GB&cc=GB&setlang=en&adlt=moderate&t=1 HTTP/2.0
host: th.bing.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: MUID=2F4E2904EB0462ED0C753C50EA6963F3
cookie: _EDGE_S=F=1&SID=1FCCA6982E7F6C8F0728B3CC2F126D2A
cookie: _EDGE_V=1
cookie: USRLOC=HS=1
cookie: _SS=PC=U531&SID=1FCCA6982E7F6C8F0728B3CC2F126D2A
cookie: SRCHS=PC=U531
cookie: SRCHD=AF=ANAB01
cookie: SRCHUID=V=2&GUID=8F1B49904A39427CA6233E79AB5BE299&dmnchg=1
cookie: SRCHUSR=DOB=20241213
cookie: ak_bmsc=F184CDB549F535F0B1E550D997395A26~000000000000000000000000000000~YAAQTDZ6XBXtdbWTAQAAMBM2wRr1wf4++RX/YAOWqh730thSrLKlBKMU4VpVMXbgi/LvbmuVgzyOM8kUlacDwjH4uybO7kvKG6QRuI8SPwe1QGFlxiVicp5hmGd05WFcNWnHPVzMekCo/R0SLhvaoXl1fXaULy3kgl/fRGp8xw7oPHyej/BhgG3YyX7oEK9PSWocKQbv1arXPfYTr6Pq5yZSN5gwlVVI1u9lfdVi4roZ6DhkyAUPIte/4/6rbnL5NOI3w7ljUelB+vV3TcmzPfreKRYeeCJXh/AD3CjtBdX5un91365jWwJXOGNWw6yGnnn/7U2buFemYCu8nb7bVSxMgoM6KK6PbpgeR0Pqv9YAr6odhOczXEav29qkndMDB/jhFnMCRoae
cookie: SRCHHPGUSR=SRCHLANG=en&DM=0&BRW=M&BRH=S&CW=1280&CH=601&SCW=1263&SCH=2629&DPR=1.0&UTC=0

Response

HTTP/2.0 200

content-type: image/jpeg
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
content-length: 3300
x-check-cacheable: YES
cache-control: public, max-age=4321948
date: Fri, 13 Dec 2024 18:09:27 GMT
x-cache: TCP_MISS from a95-101-143-206.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.ce8f655f.1734113367.24bcd51
GET

https://th.bing.com/th?q=Virus+Download+Link&w=120&h=50&c=7&rs=1&qlt=90&p=0&o=5&pid=1.7&mkt=en-GB&cc=GB&setlang=en&adlt=moderate&t=1

msedge.exe

Remote address:

95.101.143.34:443

Request

GET /th?q=Virus+Download+Link&w=120&h=50&c=7&rs=1&qlt=90&p=0&o=5&pid=1.7&mkt=en-GB&cc=GB&setlang=en&adlt=moderate&t=1 HTTP/2.0
host: th.bing.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: MUID=2F4E2904EB0462ED0C753C50EA6963F3
cookie: _EDGE_S=F=1&SID=1FCCA6982E7F6C8F0728B3CC2F126D2A
cookie: _EDGE_V=1
cookie: USRLOC=HS=1
cookie: _SS=PC=U531&SID=1FCCA6982E7F6C8F0728B3CC2F126D2A
cookie: SRCHS=PC=U531
cookie: SRCHD=AF=ANAB01
cookie: SRCHUID=V=2&GUID=8F1B49904A39427CA6233E79AB5BE299&dmnchg=1
cookie: SRCHUSR=DOB=20241213
cookie: ak_bmsc=F184CDB549F535F0B1E550D997395A26~000000000000000000000000000000~YAAQTDZ6XBXtdbWTAQAAMBM2wRr1wf4++RX/YAOWqh730thSrLKlBKMU4VpVMXbgi/LvbmuVgzyOM8kUlacDwjH4uybO7kvKG6QRuI8SPwe1QGFlxiVicp5hmGd05WFcNWnHPVzMekCo/R0SLhvaoXl1fXaULy3kgl/fRGp8xw7oPHyej/BhgG3YyX7oEK9PSWocKQbv1arXPfYTr6Pq5yZSN5gwlVVI1u9lfdVi4roZ6DhkyAUPIte/4/6rbnL5NOI3w7ljUelB+vV3TcmzPfreKRYeeCJXh/AD3CjtBdX5un91365jWwJXOGNWw6yGnnn/7U2buFemYCu8nb7bVSxMgoM6KK6PbpgeR0Pqv9YAr6odhOczXEav29qkndMDB/jhFnMCRoae
cookie: SRCHHPGUSR=SRCHLANG=en&DM=0&BRW=M&BRH=S&CW=1280&CH=601&SCW=1263&SCH=2629&DPR=1.0&UTC=0

Response

HTTP/2.0 200

content-type: image/png
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
content-length: 944
cache-control: public, max-age=370577
date: Fri, 13 Dec 2024 18:09:27 GMT
x-cache: TCP_MEM_HIT from a95-101-143-206.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.ce8f655f.1734113367.24bcd52
x-check-cacheable: YES
GET

https://th.bing.com/th?id=ODLS.03245701-8d3e-443e-af13-66e289085f86&w=32&h=32&qlt=91&pcl=fffffa&o=6&pid=1.2

msedge.exe

Remote address:

95.101.143.34:443

Request

GET /th?id=ODLS.03245701-8d3e-443e-af13-66e289085f86&w=32&h=32&qlt=91&pcl=fffffa&o=6&pid=1.2 HTTP/2.0
host: th.bing.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: MUID=2F4E2904EB0462ED0C753C50EA6963F3
cookie: _EDGE_S=F=1&SID=1FCCA6982E7F6C8F0728B3CC2F126D2A
cookie: _EDGE_V=1
cookie: USRLOC=HS=1
cookie: _SS=PC=U531&SID=1FCCA6982E7F6C8F0728B3CC2F126D2A
cookie: SRCHS=PC=U531
cookie: SRCHD=AF=ANAB01
cookie: SRCHUID=V=2&GUID=8F1B49904A39427CA6233E79AB5BE299&dmnchg=1
cookie: SRCHUSR=DOB=20241213
cookie: ak_bmsc=F184CDB549F535F0B1E550D997395A26~000000000000000000000000000000~YAAQTDZ6XBXtdbWTAQAAMBM2wRr1wf4++RX/YAOWqh730thSrLKlBKMU4VpVMXbgi/LvbmuVgzyOM8kUlacDwjH4uybO7kvKG6QRuI8SPwe1QGFlxiVicp5hmGd05WFcNWnHPVzMekCo/R0SLhvaoXl1fXaULy3kgl/fRGp8xw7oPHyej/BhgG3YyX7oEK9PSWocKQbv1arXPfYTr6Pq5yZSN5gwlVVI1u9lfdVi4roZ6DhkyAUPIte/4/6rbnL5NOI3w7ljUelB+vV3TcmzPfreKRYeeCJXh/AD3CjtBdX5un91365jWwJXOGNWw6yGnnn/7U2buFemYCu8nb7bVSxMgoM6KK6PbpgeR0Pqv9YAr6odhOczXEav29qkndMDB/jhFnMCRoae
cookie: SRCHHPGUSR=SRCHLANG=en&DM=0&BRW=M&BRH=S&CW=1280&CH=601&SCW=1263&SCH=2629&DPR=1.0&UTC=0

Response

HTTP/2.0 200

content-type: image/png
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
content-length: 1073
cache-control: public, max-age=1435345
date: Fri, 13 Dec 2024 18:09:27 GMT
x-cache: TCP_HIT from a95-101-143-206.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.ce8f655f.1734113367.24bcd53
x-check-cacheable: YES
GET

https://th.bing.com/th?id=ODLS.8e7e59ef-b994-4f32-aa65-a853f1a07e79&w=32&h=32&o=6&pid=AdsPlus

msedge.exe

Remote address:

95.101.143.34:443

Request

GET /th?id=ODLS.8e7e59ef-b994-4f32-aa65-a853f1a07e79&w=32&h=32&o=6&pid=AdsPlus HTTP/2.0
host: th.bing.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: MUID=2F4E2904EB0462ED0C753C50EA6963F3
cookie: _EDGE_S=F=1&SID=1FCCA6982E7F6C8F0728B3CC2F126D2A
cookie: _EDGE_V=1
cookie: USRLOC=HS=1
cookie: _SS=PC=U531&SID=1FCCA6982E7F6C8F0728B3CC2F126D2A
cookie: SRCHS=PC=U531
cookie: SRCHD=AF=ANAB01
cookie: SRCHUID=V=2&GUID=8F1B49904A39427CA6233E79AB5BE299&dmnchg=1
cookie: SRCHUSR=DOB=20241213
cookie: ak_bmsc=F184CDB549F535F0B1E550D997395A26~000000000000000000000000000000~YAAQTDZ6XBXtdbWTAQAAMBM2wRr1wf4++RX/YAOWqh730thSrLKlBKMU4VpVMXbgi/LvbmuVgzyOM8kUlacDwjH4uybO7kvKG6QRuI8SPwe1QGFlxiVicp5hmGd05WFcNWnHPVzMekCo/R0SLhvaoXl1fXaULy3kgl/fRGp8xw7oPHyej/BhgG3YyX7oEK9PSWocKQbv1arXPfYTr6Pq5yZSN5gwlVVI1u9lfdVi4roZ6DhkyAUPIte/4/6rbnL5NOI3w7ljUelB+vV3TcmzPfreKRYeeCJXh/AD3CjtBdX5un91365jWwJXOGNWw6yGnnn/7U2buFemYCu8nb7bVSxMgoM6KK6PbpgeR0Pqv9YAr6odhOczXEav29qkndMDB/jhFnMCRoae
cookie: SRCHHPGUSR=SRCHLANG=en&DM=0&BRW=M&BRH=S&CW=1280&CH=601&SCW=1263&SCH=2629&DPR=1.0&UTC=0

Response

HTTP/2.0 200

content-type: image/png
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
content-length: 2535
cache-control: public, max-age=2297111
date: Fri, 13 Dec 2024 18:09:27 GMT
x-cache: TCP_MEM_HIT from a95-101-143-206.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.ce8f655f.1734113367.24bcd5f
x-check-cacheable: YES
GET

https://th.bing.com/th?id=ODLS.2eb3a562-e68d-4b64-8755-6c06140f4654&w=32&h=32&o=6&pid=AdsPlus

msedge.exe

Remote address:

95.101.143.34:443

Request

GET /th?id=ODLS.2eb3a562-e68d-4b64-8755-6c06140f4654&w=32&h=32&o=6&pid=AdsPlus HTTP/2.0
host: th.bing.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: MUID=2F4E2904EB0462ED0C753C50EA6963F3
cookie: _EDGE_S=F=1&SID=1FCCA6982E7F6C8F0728B3CC2F126D2A
cookie: _EDGE_V=1
cookie: USRLOC=HS=1
cookie: _SS=PC=U531&SID=1FCCA6982E7F6C8F0728B3CC2F126D2A
cookie: SRCHS=PC=U531
cookie: SRCHD=AF=ANAB01
cookie: SRCHUID=V=2&GUID=8F1B49904A39427CA6233E79AB5BE299&dmnchg=1
cookie: SRCHUSR=DOB=20241213
cookie: ak_bmsc=F184CDB549F535F0B1E550D997395A26~000000000000000000000000000000~YAAQTDZ6XBXtdbWTAQAAMBM2wRr1wf4++RX/YAOWqh730thSrLKlBKMU4VpVMXbgi/LvbmuVgzyOM8kUlacDwjH4uybO7kvKG6QRuI8SPwe1QGFlxiVicp5hmGd05WFcNWnHPVzMekCo/R0SLhvaoXl1fXaULy3kgl/fRGp8xw7oPHyej/BhgG3YyX7oEK9PSWocKQbv1arXPfYTr6Pq5yZSN5gwlVVI1u9lfdVi4roZ6DhkyAUPIte/4/6rbnL5NOI3w7ljUelB+vV3TcmzPfreKRYeeCJXh/AD3CjtBdX5un91365jWwJXOGNWw6yGnnn/7U2buFemYCu8nb7bVSxMgoM6KK6PbpgeR0Pqv9YAr6odhOczXEav29qkndMDB/jhFnMCRoae
cookie: SRCHHPGUSR=SRCHLANG=en&DM=0&BRW=M&BRH=S&CW=1280&CH=601&SCW=1263&SCH=2629&DPR=1.0&UTC=0

Response

HTTP/2.0 200

content-type: image/jpeg
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
content-length: 1828
x-check-cacheable: YES
cache-control: public, max-age=2305102
date: Fri, 13 Dec 2024 18:09:27 GMT
x-cache: TCP_MISS from a95-101-143-206.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.ce8f655f.1734113367.24bcd61
GET

https://th.bing.com/th?id=OSK.afde16707eea1f9685bc3189e85ce9f7&w=80&h=80&c=7&o=6&pid=SANGAM

msedge.exe

Remote address:

95.101.143.34:443

Request

GET /th?id=OSK.afde16707eea1f9685bc3189e85ce9f7&w=80&h=80&c=7&o=6&pid=SANGAM HTTP/2.0
host: th.bing.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: MUID=2F4E2904EB0462ED0C753C50EA6963F3
cookie: _EDGE_S=F=1&SID=1FCCA6982E7F6C8F0728B3CC2F126D2A
cookie: _EDGE_V=1
cookie: USRLOC=HS=1
cookie: _SS=PC=U531&SID=1FCCA6982E7F6C8F0728B3CC2F126D2A
cookie: SRCHS=PC=U531
cookie: SRCHD=AF=ANAB01
cookie: SRCHUID=V=2&GUID=8F1B49904A39427CA6233E79AB5BE299&dmnchg=1
cookie: SRCHUSR=DOB=20241213
cookie: ak_bmsc=F184CDB549F535F0B1E550D997395A26~000000000000000000000000000000~YAAQTDZ6XBXtdbWTAQAAMBM2wRr1wf4++RX/YAOWqh730thSrLKlBKMU4VpVMXbgi/LvbmuVgzyOM8kUlacDwjH4uybO7kvKG6QRuI8SPwe1QGFlxiVicp5hmGd05WFcNWnHPVzMekCo/R0SLhvaoXl1fXaULy3kgl/fRGp8xw7oPHyej/BhgG3YyX7oEK9PSWocKQbv1arXPfYTr6Pq5yZSN5gwlVVI1u9lfdVi4roZ6DhkyAUPIte/4/6rbnL5NOI3w7ljUelB+vV3TcmzPfreKRYeeCJXh/AD3CjtBdX5un91365jWwJXOGNWw6yGnnn/7U2buFemYCu8nb7bVSxMgoM6KK6PbpgeR0Pqv9YAr6odhOczXEav29qkndMDB/jhFnMCRoae
cookie: SRCHHPGUSR=SRCHLANG=en&DM=0&BRW=M&BRH=S&CW=1280&CH=601&SCW=1263&SCH=2629&DPR=1.0&UTC=0

Response

HTTP/2.0 200

content-type: image/jpeg
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
content-length: 1668
cache-control: public, max-age=316251
date: Fri, 13 Dec 2024 18:09:27 GMT
x-cache: TCP_HIT from a95-101-143-206.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.ce8f655f.1734113367.24bcd62
x-check-cacheable: YES
GET

https://th.bing.com/th?id=OSK.497dc2afcba293e8d41462e529a6f0ac&w=80&h=80&c=7&o=6&pid=SANGAM

msedge.exe

Remote address:

95.101.143.34:443

Request

GET /th?id=OSK.497dc2afcba293e8d41462e529a6f0ac&w=80&h=80&c=7&o=6&pid=SANGAM HTTP/2.0
host: th.bing.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: MUID=2F4E2904EB0462ED0C753C50EA6963F3
cookie: _EDGE_S=F=1&SID=1FCCA6982E7F6C8F0728B3CC2F126D2A
cookie: _EDGE_V=1
cookie: USRLOC=HS=1
cookie: _SS=PC=U531&SID=1FCCA6982E7F6C8F0728B3CC2F126D2A
cookie: SRCHS=PC=U531
cookie: SRCHD=AF=ANAB01
cookie: SRCHUID=V=2&GUID=8F1B49904A39427CA6233E79AB5BE299&dmnchg=1
cookie: SRCHUSR=DOB=20241213
cookie: ak_bmsc=F184CDB549F535F0B1E550D997395A26~000000000000000000000000000000~YAAQTDZ6XBXtdbWTAQAAMBM2wRr1wf4++RX/YAOWqh730thSrLKlBKMU4VpVMXbgi/LvbmuVgzyOM8kUlacDwjH4uybO7kvKG6QRuI8SPwe1QGFlxiVicp5hmGd05WFcNWnHPVzMekCo/R0SLhvaoXl1fXaULy3kgl/fRGp8xw7oPHyej/BhgG3YyX7oEK9PSWocKQbv1arXPfYTr6Pq5yZSN5gwlVVI1u9lfdVi4roZ6DhkyAUPIte/4/6rbnL5NOI3w7ljUelB+vV3TcmzPfreKRYeeCJXh/AD3CjtBdX5un91365jWwJXOGNWw6yGnnn/7U2buFemYCu8nb7bVSxMgoM6KK6PbpgeR0Pqv9YAr6odhOczXEav29qkndMDB/jhFnMCRoae
cookie: SRCHHPGUSR=SRCHLANG=en&DM=0&BRW=M&BRH=S&CW=1280&CH=601&SCW=1263&SCH=2629&DPR=1.0&UTC=0

Response

HTTP/2.0 200

content-type: image/jpeg
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
content-length: 1458
cache-control: public, max-age=395657
date: Fri, 13 Dec 2024 18:09:27 GMT
x-cache: TCP_HIT from a95-101-143-206.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.ce8f655f.1734113367.24bcd63
x-check-cacheable: YES
GET

https://th.bing.com/th?id=OSK.f26bf61d4e3becf4df6936414f0865ab&w=80&h=80&c=7&o=6&pid=SANGAM

msedge.exe

Remote address:

95.101.143.34:443

Request

GET /th?id=OSK.f26bf61d4e3becf4df6936414f0865ab&w=80&h=80&c=7&o=6&pid=SANGAM HTTP/2.0
host: th.bing.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: MUID=2F4E2904EB0462ED0C753C50EA6963F3
cookie: _EDGE_S=F=1&SID=1FCCA6982E7F6C8F0728B3CC2F126D2A
cookie: _EDGE_V=1
cookie: USRLOC=HS=1
cookie: _SS=PC=U531&SID=1FCCA6982E7F6C8F0728B3CC2F126D2A
cookie: SRCHS=PC=U531
cookie: SRCHD=AF=ANAB01
cookie: SRCHUID=V=2&GUID=8F1B49904A39427CA6233E79AB5BE299&dmnchg=1
cookie: SRCHUSR=DOB=20241213
cookie: ak_bmsc=F184CDB549F535F0B1E550D997395A26~000000000000000000000000000000~YAAQTDZ6XBXtdbWTAQAAMBM2wRr1wf4++RX/YAOWqh730thSrLKlBKMU4VpVMXbgi/LvbmuVgzyOM8kUlacDwjH4uybO7kvKG6QRuI8SPwe1QGFlxiVicp5hmGd05WFcNWnHPVzMekCo/R0SLhvaoXl1fXaULy3kgl/fRGp8xw7oPHyej/BhgG3YyX7oEK9PSWocKQbv1arXPfYTr6Pq5yZSN5gwlVVI1u9lfdVi4roZ6DhkyAUPIte/4/6rbnL5NOI3w7ljUelB+vV3TcmzPfreKRYeeCJXh/AD3CjtBdX5un91365jWwJXOGNWw6yGnnn/7U2buFemYCu8nb7bVSxMgoM6KK6PbpgeR0Pqv9YAr6odhOczXEav29qkndMDB/jhFnMCRoae
cookie: SRCHHPGUSR=SRCHLANG=en&DM=0&BRW=M&BRH=S&CW=1280&CH=601&SCW=1263&SCH=2629&DPR=1.0&UTC=0

Response

HTTP/2.0 200

content-type: image/jpeg
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
content-length: 1629
cache-control: public, max-age=485472
date: Fri, 13 Dec 2024 18:09:27 GMT
x-cache: TCP_HIT from a95-101-143-206.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.ce8f655f.1734113367.24bcd60
x-check-cacheable: YES
GET

https://th.bing.com/th?id=OSK.e916af50a9b5938ce7a6c9a7a2e08c7b&w=80&h=80&c=7&o=6&pid=SANGAM

msedge.exe

Remote address:

95.101.143.34:443

Request

GET /th?id=OSK.e916af50a9b5938ce7a6c9a7a2e08c7b&w=80&h=80&c=7&o=6&pid=SANGAM HTTP/2.0
host: th.bing.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: MUID=2F4E2904EB0462ED0C753C50EA6963F3
cookie: _EDGE_S=F=1&SID=1FCCA6982E7F6C8F0728B3CC2F126D2A
cookie: _EDGE_V=1
cookie: USRLOC=HS=1
cookie: _SS=PC=U531&SID=1FCCA6982E7F6C8F0728B3CC2F126D2A
cookie: SRCHS=PC=U531
cookie: SRCHD=AF=ANAB01
cookie: SRCHUID=V=2&GUID=8F1B49904A39427CA6233E79AB5BE299&dmnchg=1
cookie: SRCHUSR=DOB=20241213
cookie: ak_bmsc=F184CDB549F535F0B1E550D997395A26~000000000000000000000000000000~YAAQTDZ6XBXtdbWTAQAAMBM2wRr1wf4++RX/YAOWqh730thSrLKlBKMU4VpVMXbgi/LvbmuVgzyOM8kUlacDwjH4uybO7kvKG6QRuI8SPwe1QGFlxiVicp5hmGd05WFcNWnHPVzMekCo/R0SLhvaoXl1fXaULy3kgl/fRGp8xw7oPHyej/BhgG3YyX7oEK9PSWocKQbv1arXPfYTr6Pq5yZSN5gwlVVI1u9lfdVi4roZ6DhkyAUPIte/4/6rbnL5NOI3w7ljUelB+vV3TcmzPfreKRYeeCJXh/AD3CjtBdX5un91365jWwJXOGNWw6yGnnn/7U2buFemYCu8nb7bVSxMgoM6KK6PbpgeR0Pqv9YAr6odhOczXEav29qkndMDB/jhFnMCRoae
cookie: SRCHHPGUSR=SRCHLANG=en&DM=0&BRW=M&BRH=S&CW=1280&CH=601&SCW=1263&SCH=2629&DPR=1.0&UTC=0

Response

HTTP/2.0 200

content-type: image/jpeg
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
content-length: 2010
x-check-cacheable: YES
cache-control: public, max-age=1605737
date: Fri, 13 Dec 2024 18:09:27 GMT
x-cache: TCP_MISS from a95-101-143-206.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.ce8f655f.1734113367.24bcd64
GET

https://th.bing.com/th?id=OSK.a55d2147e4ec2a0fa38a3889b62b2ebc&w=80&h=80&c=7&o=6&pid=SANGAM

msedge.exe

Remote address:

95.101.143.34:443

Request

GET /th?id=OSK.a55d2147e4ec2a0fa38a3889b62b2ebc&w=80&h=80&c=7&o=6&pid=SANGAM HTTP/2.0
host: th.bing.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: MUID=2F4E2904EB0462ED0C753C50EA6963F3
cookie: _EDGE_S=F=1&SID=1FCCA6982E7F6C8F0728B3CC2F126D2A
cookie: _EDGE_V=1
cookie: USRLOC=HS=1
cookie: _SS=PC=U531&SID=1FCCA6982E7F6C8F0728B3CC2F126D2A
cookie: SRCHS=PC=U531
cookie: SRCHD=AF=ANAB01
cookie: SRCHUID=V=2&GUID=8F1B49904A39427CA6233E79AB5BE299&dmnchg=1
cookie: SRCHUSR=DOB=20241213
cookie: ak_bmsc=F184CDB549F535F0B1E550D997395A26~000000000000000000000000000000~YAAQTDZ6XBXtdbWTAQAAMBM2wRr1wf4++RX/YAOWqh730thSrLKlBKMU4VpVMXbgi/LvbmuVgzyOM8kUlacDwjH4uybO7kvKG6QRuI8SPwe1QGFlxiVicp5hmGd05WFcNWnHPVzMekCo/R0SLhvaoXl1fXaULy3kgl/fRGp8xw7oPHyej/BhgG3YyX7oEK9PSWocKQbv1arXPfYTr6Pq5yZSN5gwlVVI1u9lfdVi4roZ6DhkyAUPIte/4/6rbnL5NOI3w7ljUelB+vV3TcmzPfreKRYeeCJXh/AD3CjtBdX5un91365jWwJXOGNWw6yGnnn/7U2buFemYCu8nb7bVSxMgoM6KK6PbpgeR0Pqv9YAr6odhOczXEav29qkndMDB/jhFnMCRoae
cookie: SRCHHPGUSR=SRCHLANG=en&DM=0&BRW=M&BRH=S&CW=1280&CH=601&SCW=1263&SCH=2629&DPR=1.0&UTC=0

Response

HTTP/2.0 200

content-type: image/jpeg
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
content-length: 3111
x-check-cacheable: YES
cache-control: public, max-age=5012913
date: Fri, 13 Dec 2024 18:09:27 GMT
x-cache: TCP_MISS from a95-101-143-206.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.ce8f655f.1734113367.24bcd4d
GET

https://th.bing.com/th?id=OVP.lm0KeWTIbgyhTNxvz885MAHgFo&w=197&h=110&c=7&rs=1&qlt=90&o=6&pid=1.7

msedge.exe

Remote address:

95.101.143.34:443

Request

GET /th?id=OVP.lm0KeWTIbgyhTNxvz885MAHgFo&w=197&h=110&c=7&rs=1&qlt=90&o=6&pid=1.7 HTTP/2.0
host: th.bing.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: MUID=2F4E2904EB0462ED0C753C50EA6963F3
cookie: _EDGE_S=F=1&SID=1FCCA6982E7F6C8F0728B3CC2F126D2A
cookie: _EDGE_V=1
cookie: SRCHD=AF=ANAB01
cookie: SRCHUID=V=2&GUID=8F1B49904A39427CA6233E79AB5BE299&dmnchg=1
cookie: ak_bmsc=F184CDB549F535F0B1E550D997395A26~000000000000000000000000000000~YAAQTDZ6XBXtdbWTAQAAMBM2wRr1wf4++RX/YAOWqh730thSrLKlBKMU4VpVMXbgi/LvbmuVgzyOM8kUlacDwjH4uybO7kvKG6QRuI8SPwe1QGFlxiVicp5hmGd05WFcNWnHPVzMekCo/R0SLhvaoXl1fXaULy3kgl/fRGp8xw7oPHyej/BhgG3YyX7oEK9PSWocKQbv1arXPfYTr6Pq5yZSN5gwlVVI1u9lfdVi4roZ6DhkyAUPIte/4/6rbnL5NOI3w7ljUelB+vV3TcmzPfreKRYeeCJXh/AD3CjtBdX5un91365jWwJXOGNWw6yGnnn/7U2buFemYCu8nb7bVSxMgoM6KK6PbpgeR0Pqv9YAr6odhOczXEav29qkndMDB/jhFnMCRoae
cookie: USRLOC=HS=1&ELOC=LAT=51.98436737060547|LON=-0.22957976162433624|N=Letchworth%2C%20Hertfordshire|ELT=4|
cookie: SRCHUSR=DOB=20241213&T=1734113366000
cookie: _C_ETH=1
cookie: _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-12-13T08:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-12-13T18:09:28.0808190+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=
cookie: _Rwho=u=d&ts=2024-12-13
cookie: _SS=PC=U531&SID=1FCCA6982E7F6C8F0728B3CC2F126D2A&R=3&RB=0&GB=0&RG=200&RP=0
cookie: dsc=order=Video
cookie: SRCHHPGUSR=SRCHLANG=en&DM=0&BRW=M&BRH=S&CW=1280&CH=601&SCW=1263&SCH=2629&DPR=1.0&UTC=0&PV=10.0&EXLTT=1&HV=1734113367

Response

HTTP/2.0 200

content-type: image/jpeg
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
content-length: 11239
cache-control: public, max-age=502295
date: Fri, 13 Dec 2024 18:09:28 GMT
x-cache: TCP_MEM_HIT from a95-101-143-206.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.ce8f655f.1734113368.24bd0de
x-check-cacheable: YES
GET

https://th.bing.com/th?id=OSK.HIKUUFKV3JJCxBBCAady78TVfmIYl7pzBYceieaNmwIDIgk&w=90&h=90&c=7&o=6&pid=SANGAM

msedge.exe

Remote address:

95.101.143.34:443

Request

GET /th?id=OSK.HIKUUFKV3JJCxBBCAady78TVfmIYl7pzBYceieaNmwIDIgk&w=90&h=90&c=7&o=6&pid=SANGAM HTTP/2.0
host: th.bing.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: MUID=2F4E2904EB0462ED0C753C50EA6963F3
cookie: _EDGE_S=F=1&SID=1FCCA6982E7F6C8F0728B3CC2F126D2A
cookie: _EDGE_V=1
cookie: SRCHD=AF=ANAB01
cookie: SRCHUID=V=2&GUID=8F1B49904A39427CA6233E79AB5BE299&dmnchg=1
cookie: ak_bmsc=F184CDB549F535F0B1E550D997395A26~000000000000000000000000000000~YAAQTDZ6XBXtdbWTAQAAMBM2wRr1wf4++RX/YAOWqh730thSrLKlBKMU4VpVMXbgi/LvbmuVgzyOM8kUlacDwjH4uybO7kvKG6QRuI8SPwe1QGFlxiVicp5hmGd05WFcNWnHPVzMekCo/R0SLhvaoXl1fXaULy3kgl/fRGp8xw7oPHyej/BhgG3YyX7oEK9PSWocKQbv1arXPfYTr6Pq5yZSN5gwlVVI1u9lfdVi4roZ6DhkyAUPIte/4/6rbnL5NOI3w7ljUelB+vV3TcmzPfreKRYeeCJXh/AD3CjtBdX5un91365jWwJXOGNWw6yGnnn/7U2buFemYCu8nb7bVSxMgoM6KK6PbpgeR0Pqv9YAr6odhOczXEav29qkndMDB/jhFnMCRoae
cookie: USRLOC=HS=1&ELOC=LAT=51.98436737060547|LON=-0.22957976162433624|N=Letchworth%2C%20Hertfordshire|ELT=4|
cookie: SRCHUSR=DOB=20241213&T=1734113366000
cookie: _C_ETH=1
cookie: _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-12-13T08:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-12-13T18:09:28.0808190+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=
cookie: _Rwho=u=d&ts=2024-12-13
cookie: _SS=PC=U531&SID=1FCCA6982E7F6C8F0728B3CC2F126D2A&R=3&RB=0&GB=0&RG=200&RP=0
cookie: dsc=order=Video
cookie: SRCHHPGUSR=SRCHLANG=en&DM=0&BRW=M&BRH=S&CW=1280&CH=601&SCW=1263&SCH=2629&DPR=1.0&UTC=0&PV=10.0&EXLTT=1&HV=1734113367

Response

HTTP/2.0 200

content-type: image/jpeg
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
content-length: 7423
x-check-cacheable: YES
cache-control: public, max-age=842666
date: Fri, 13 Dec 2024 18:09:28 GMT
x-cache: TCP_MISS from a95-101-143-206.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.ce8f655f.1734113368.24bd0dc
GET

https://th.bing.com/th?id=OSK.HEROO9QW1akP0oES5Qqz7E9b5CmeL_aBb1vIneZrxOMEG7I&w=384&h=228&c=1&rs=2&o=6&pid=SANGAM

msedge.exe

Remote address:

95.101.143.34:443

Request

GET /th?id=OSK.HEROO9QW1akP0oES5Qqz7E9b5CmeL_aBb1vIneZrxOMEG7I&w=384&h=228&c=1&rs=2&o=6&pid=SANGAM HTTP/2.0
host: th.bing.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: MUID=2F4E2904EB0462ED0C753C50EA6963F3
cookie: _EDGE_S=F=1&SID=1FCCA6982E7F6C8F0728B3CC2F126D2A
cookie: _EDGE_V=1
cookie: SRCHD=AF=ANAB01
cookie: SRCHUID=V=2&GUID=8F1B49904A39427CA6233E79AB5BE299&dmnchg=1
cookie: ak_bmsc=F184CDB549F535F0B1E550D997395A26~000000000000000000000000000000~YAAQTDZ6XBXtdbWTAQAAMBM2wRr1wf4++RX/YAOWqh730thSrLKlBKMU4VpVMXbgi/LvbmuVgzyOM8kUlacDwjH4uybO7kvKG6QRuI8SPwe1QGFlxiVicp5hmGd05WFcNWnHPVzMekCo/R0SLhvaoXl1fXaULy3kgl/fRGp8xw7oPHyej/BhgG3YyX7oEK9PSWocKQbv1arXPfYTr6Pq5yZSN5gwlVVI1u9lfdVi4roZ6DhkyAUPIte/4/6rbnL5NOI3w7ljUelB+vV3TcmzPfreKRYeeCJXh/AD3CjtBdX5un91365jWwJXOGNWw6yGnnn/7U2buFemYCu8nb7bVSxMgoM6KK6PbpgeR0Pqv9YAr6odhOczXEav29qkndMDB/jhFnMCRoae
cookie: USRLOC=HS=1&ELOC=LAT=51.98436737060547|LON=-0.22957976162433624|N=Letchworth%2C%20Hertfordshire|ELT=4|
cookie: SRCHUSR=DOB=20241213&T=1734113366000
cookie: _C_ETH=1
cookie: _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-12-13T08:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-12-13T18:09:28.0808190+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=
cookie: _Rwho=u=d&ts=2024-12-13
cookie: _SS=PC=U531&SID=1FCCA6982E7F6C8F0728B3CC2F126D2A&R=3&RB=0&GB=0&RG=200&RP=0
cookie: dsc=order=Video
cookie: SRCHHPGUSR=SRCHLANG=en&DM=0&BRW=M&BRH=S&CW=1280&CH=601&SCW=1263&SCH=2629&DPR=1.0&UTC=0&PV=10.0&EXLTT=1&HV=1734113367

Response

HTTP/2.0 200

content-type: image/jpeg
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
content-length: 2476
x-check-cacheable: YES
cache-control: public, max-age=1110039
date: Fri, 13 Dec 2024 18:09:28 GMT
x-cache: TCP_MISS from a95-101-143-206.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.ce8f655f.1734113368.24bd0dd
GET

https://th.bing.com/th?id=OSK.f80e54da6e196a463f73e58684e5c092&w=180&h=116&o=6&pid=SANGAM

msedge.exe

Remote address:

95.101.143.34:443

Request

GET /th?id=OSK.f80e54da6e196a463f73e58684e5c092&w=180&h=116&o=6&pid=SANGAM HTTP/2.0
host: th.bing.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: MUID=2F4E2904EB0462ED0C753C50EA6963F3
cookie: _EDGE_S=F=1&SID=1FCCA6982E7F6C8F0728B3CC2F126D2A
cookie: _EDGE_V=1
cookie: SRCHD=AF=ANAB01
cookie: SRCHUID=V=2&GUID=8F1B49904A39427CA6233E79AB5BE299&dmnchg=1
cookie: ak_bmsc=F184CDB549F535F0B1E550D997395A26~000000000000000000000000000000~YAAQTDZ6XBXtdbWTAQAAMBM2wRr1wf4++RX/YAOWqh730thSrLKlBKMU4VpVMXbgi/LvbmuVgzyOM8kUlacDwjH4uybO7kvKG6QRuI8SPwe1QGFlxiVicp5hmGd05WFcNWnHPVzMekCo/R0SLhvaoXl1fXaULy3kgl/fRGp8xw7oPHyej/BhgG3YyX7oEK9PSWocKQbv1arXPfYTr6Pq5yZSN5gwlVVI1u9lfdVi4roZ6DhkyAUPIte/4/6rbnL5NOI3w7ljUelB+vV3TcmzPfreKRYeeCJXh/AD3CjtBdX5un91365jWwJXOGNWw6yGnnn/7U2buFemYCu8nb7bVSxMgoM6KK6PbpgeR0Pqv9YAr6odhOczXEav29qkndMDB/jhFnMCRoae
cookie: USRLOC=HS=1&ELOC=LAT=51.98436737060547|LON=-0.22957976162433624|N=Letchworth%2C%20Hertfordshire|ELT=4|
cookie: SRCHUSR=DOB=20241213&T=1734113366000
cookie: _C_ETH=1
cookie: _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-12-13T08:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-12-13T18:09:28.0808190+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=
cookie: _Rwho=u=d&ts=2024-12-13
cookie: _SS=PC=U531&SID=1FCCA6982E7F6C8F0728B3CC2F126D2A&R=3&RB=0&GB=0&RG=200&RP=0
cookie: dsc=order=Video
cookie: SRCHHPGUSR=SRCHLANG=en&DM=0&BRW=M&BRH=S&CW=1280&CH=601&SCW=1263&SCH=2629&DPR=1.0&UTC=0&PV=10.0&EXLTT=1&HV=1734113367

Response

HTTP/2.0 200

content-type: image/jpeg
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
content-length: 4029
x-check-cacheable: YES
cache-control: public, max-age=632410
date: Fri, 13 Dec 2024 18:09:28 GMT
x-cache: TCP_MISS from a95-101-143-206.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.ce8f655f.1734113368.24bd0df
GET

https://th.bing.com/th?id=OM.SFdc6U074MAQiQ_1728549296&pid=1.7

msedge.exe

Remote address:

95.101.143.34:443

Request

GET /th?id=OM.SFdc6U074MAQiQ_1728549296&pid=1.7 HTTP/2.0
host: th.bing.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
accept-encoding: identity;q=1, *;q=0
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: video
referer: https://www.bing.com/
accept-language: en-US,en;q=0.9
cookie: MUID=2F4E2904EB0462ED0C753C50EA6963F3
cookie: _EDGE_S=F=1&SID=1FCCA6982E7F6C8F0728B3CC2F126D2A
cookie: _EDGE_V=1
cookie: SRCHD=AF=ANAB01
cookie: SRCHUID=V=2&GUID=8F1B49904A39427CA6233E79AB5BE299&dmnchg=1
cookie: ak_bmsc=F184CDB549F535F0B1E550D997395A26~000000000000000000000000000000~YAAQTDZ6XBXtdbWTAQAAMBM2wRr1wf4++RX/YAOWqh730thSrLKlBKMU4VpVMXbgi/LvbmuVgzyOM8kUlacDwjH4uybO7kvKG6QRuI8SPwe1QGFlxiVicp5hmGd05WFcNWnHPVzMekCo/R0SLhvaoXl1fXaULy3kgl/fRGp8xw7oPHyej/BhgG3YyX7oEK9PSWocKQbv1arXPfYTr6Pq5yZSN5gwlVVI1u9lfdVi4roZ6DhkyAUPIte/4/6rbnL5NOI3w7ljUelB+vV3TcmzPfreKRYeeCJXh/AD3CjtBdX5un91365jWwJXOGNWw6yGnnn/7U2buFemYCu8nb7bVSxMgoM6KK6PbpgeR0Pqv9YAr6odhOczXEav29qkndMDB/jhFnMCRoae
cookie: SRCHUSR=DOB=20241213&T=1734113366000
cookie: _C_ETH=1
cookie: _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-12-13T08:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-12-13T18:09:28.0808190+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=
cookie: _Rwho=u=d&ts=2024-12-13
cookie: _SS=PC=U531&SID=1FCCA6982E7F6C8F0728B3CC2F126D2A&R=3&RB=0&GB=0&RG=200&RP=0
cookie: dsc=order=Video
cookie: SRCHHPGUSR=SRCHLANG=en&DM=0&BRW=M&BRH=S&CW=1280&CH=601&SCW=1263&SCH=2629&DPR=1.0&UTC=0&PV=10.0&EXLTT=1&HV=1734113367&WTS=63869710166
cookie: USRLOC=HS=1&ELOC=LAT=51.98436737060547|LON=-0.22957976162433624|N=Letchworth%2C%20Hertfordshire|ELT=4|&BLOCK=TS=241213180928
cookie: ipv6=hit=1734116968441&t=4
cookie: BCP=AD=1&AL=1&SM=1
range: bytes=0-

Response

HTTP/2.0 206

content-type: video/mp4
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
content-range: bytes 0-342059/342060
content-length: 342060
x-check-cacheable: YES
cache-control: public, max-age=1010355
date: Fri, 13 Dec 2024 18:09:31 GMT
x-cache: TCP_MISS from a95-101-143-206.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.ce8f655f.1734113371.24bdd11
GET

https://login.microsoftonline.com/common/oauth2/authorize?client_id=9ea1ad79-fdb6-4f9a-8bc3-2b70f96e34c7&response_type=id_token+code&nonce=8f75881f-c3fa-4733-a411-49479e7aaaa4&redirect_uri=https%3a%2f%2fwww.bing.com%2forgid%2fidtoken%2fconditional&scope=openid%20email%20profile%209ea1ad79-fdb6-4f9a-8bc3-2b70f96e34c7/.default&response_mode=form_post&instance_aware=true&msafed=0&prompt=none&state=%7b%22ig%22%3a%220DD49FA7ED914E5E96F20FA0AFFB5C37%22%7d

msedge.exe

Remote address:

20.190.159.2:443

Request

GET /common/oauth2/authorize?client_id=9ea1ad79-fdb6-4f9a-8bc3-2b70f96e34c7&response_type=id_token+code&nonce=8f75881f-c3fa-4733-a411-49479e7aaaa4&redirect_uri=https%3a%2f%2fwww.bing.com%2forgid%2fidtoken%2fconditional&scope=openid%20email%20profile%209ea1ad79-fdb6-4f9a-8bc3-2b70f96e34c7/.default&response_mode=form_post&instance_aware=true&msafed=0&prompt=none&state=%7b%22ig%22%3a%220DD49FA7ED914E5E96F20FA0AFFB5C37%22%7d HTTP/2.0
host: login.microsoftonline.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: no-store, no-cache
pragma: no-cache
content-type: text/html; charset=utf-8
content-encoding: gzip
expires: -1
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
p3p: CP="DSP CUR OTPi IND OTRi ONL FIN"
x-ms-request-id: 4eb86108-2d81-4857-a6c9-902764704d00
x-ms-ests-server: 2.1.19683.3 - SEC ProdSlices
report-to: {"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+dub2"}]}
nel: {"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
x-ms-srs: 1.P
referrer-policy: strict-origin-when-cross-origin
content-security-policy-report-only: object-src 'none'; base-uri 'self'; script-src 'self' 'nonce-4f0hcIQY3mVLY1Fk6BIIWQ' 'unsafe-inline' 'unsafe-eval' https://*.msauth.net https://*.msftauth.net https://*.msftauthimages.net https://*.msauthimages.net https://*.msidentity.com https://*.microsoftonline-p.com https://*.microsoftazuread-sso.com https://*.azureedge.net https://*.outlook.com https://*.office.com https://*.office365.com https://*.microsoft.com https://*.bing.com 'report-sample'; img-src 'self' data: https://*.msauth.net https://*.msftauth.net https://*.msftauthimages.net https://*.msauthimages.net https://*.msidentity.com https://*.microsoftonline-p.com https://*.microsoftazuread-sso.com https://*.azureedge.net https://*.outlook.com https://*.office.com https://*.office365.com https://*.microsoft.com https://*.bing.com 'report-sample'; report-uri https://csp.microsoft.com/report/ESTS-UX-All
x-xss-protection: 0
set-cookie: buid=1.AToAMe_N-B6jSkuT5F9XHpElWnmtoZ62_ZpPi8MrcPluNMcBAAA6AA.AQABGgEAAADW6jl31mB3T7ugrWTT8pFeZNIzg4UbOBZw5vci-3tq_uOG1DJHsAIBdZg9rOzS6guudidN9ZbKuRaxTF7H8VnlCRGiJ5mRtm0PYjo3XJAFpmbEjsGV9YEefwCkiWLKdh0gAA; expires=Sun, 12-Jan-2025 18:09:28 GMT; path=/; secure; HttpOnly; SameSite=None
set-cookie: fpc=AvaORt3CDr5OrAVO9NHK1w2CeMQLAQAAAFdv7t4OAAAA; expires=Sun, 12-Jan-2025 18:09:28 GMT; path=/; secure; HttpOnly; SameSite=None
set-cookie: esctx=PAQABBwEAAADW6jl31mB3T7ugrWTT8pFegoYrOjCMgGHD1qC_I-Jsd-99tlPkBIPCjnz3D5Mpzz5DSnx4Fh9_DF5JkOC2WT1nZwmqiRWaRfDc9SumMfruyTfYHi1gFdqyTElQmp9m0b5wZBAMjWBba_2YEfsFc4mBlIy-YjTIJuo2VOqtZwUMCC2b_eaXFOS-Uh6qg6DWV_YgAA; domain=.login.microsoftonline.com; path=/; secure; HttpOnly; SameSite=None
set-cookie: x-ms-gateway-slice=estsfd; path=/; secure; samesite=none; httponly
set-cookie: stsservicecookie=estsfd; path=/; secure; samesite=none; httponly
date: Fri, 13 Dec 2024 18:09:27 GMT
content-length: 702
GET

https://tse1.mm.bing.net/th?&id=OVP.lm0KeWTIbgyhTNxvz885MAHgFo&w=197&h=110&c=7&pid=1.7&rs=1

msedge.exe

Remote address:

150.171.28.10:443

Request

GET /th?&id=OVP.lm0KeWTIbgyhTNxvz885MAHgFo&w=197&h=110&c=7&pid=1.7&rs=1 HTTP/2.0
host: tse1.mm.bing.net
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=1209600
content-length: 5386
content-type: image/jpeg
x-cache: TCP_HIT
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 903EB0EB243349669F6008432A85AF42 Ref B: LON601060107029 Ref C: 2024-12-13T18:09:31Z
date: Fri, 13 Dec 2024 18:09:31 GMT
GET

https://github.com/Da2dalus/The-MALWARE-Repo

msedge.exe

Remote address:

20.26.156.215:443

Request

GET /Da2dalus/The-MALWARE-Repo HTTP/2.0
host: github.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _gh_sess=3pslbJoWb%2B8s3S77LyoEbf3RSedzRGlxFfN%2BonOROqoALpLu8Y0uJPSZBT2vfiGhQB8%2BEs1zHSqozjwzhUNyekPr%2Fv%2FDgwzb0v7KOjg0izKz4014824b8juMY%2FwXf8W1Ydl8QgAtP0qlnDQbLL1t9RK47A%2BDQ9rN1uxnRwIgsfbPcdJlqzgz%2Fk9wjk%2FBgDJmpyQoDJU484cQ1lUBgdNoIUJMpBXg3j987gftiBKx2mUK4ede0h9zIxSKHS14Ty8U7N6ouFSeD4a%2FybL7rK7NqA%3D%3D--a4wUJGIce5wOWPMD--22Slh6i8WDVF7q8E4oOEtg%3D%3D
cookie: _octo=GH1.1.1226490588.1734113350
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 200

server: GitHub.com
date: Fri, 13 Dec 2024 18:10:18 GMT
content-type: text/html; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
etag: W/"a68b636e5a66d9231673fc789c0df5b1"
cache-control: max-age=0, private, must-revalidate
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
content-encoding: gzip
accept-ranges: bytes
x-github-request-id: C3F9:17A6AF:162522D:1A3147E:675C788A
GET

https://github.com/Da2dalus/The-MALWARE-Repo/security/overall-count

msedge.exe

Remote address:

20.26.156.215:443

Request

GET /Da2dalus/The-MALWARE-Repo/security/overall-count HTTP/2.0
host: github.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
accept: text/fragment+html
dnt: 1
x-requested-with: XMLHttpRequest
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _gh_sess=3pslbJoWb%2B8s3S77LyoEbf3RSedzRGlxFfN%2BonOROqoALpLu8Y0uJPSZBT2vfiGhQB8%2BEs1zHSqozjwzhUNyekPr%2Fv%2FDgwzb0v7KOjg0izKz4014824b8juMY%2FwXf8W1Ydl8QgAtP0qlnDQbLL1t9RK47A%2BDQ9rN1uxnRwIgsfbPcdJlqzgz%2Fk9wjk%2FBgDJmpyQoDJU484cQ1lUBgdNoIUJMpBXg3j987gftiBKx2mUK4ede0h9zIxSKHS14Ty8U7N6ouFSeD4a%2FybL7rK7NqA%3D%3D--a4wUJGIce5wOWPMD--22Slh6i8WDVF7q8E4oOEtg%3D%3D
cookie: _octo=GH1.1.1226490588.1734113350
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 200

server: GitHub.com
date: Fri, 13 Dec 2024 18:10:19 GMT
content-type: text/fragment+html; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
cache-control: max-age=14400, private
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
content-encoding: gzip
accept-ranges: bytes
content-length: 20
x-github-request-id: C3F9:17A6AF:16252D8:1A31548:675C788A
GET

https://github.com/Da2dalus/The-MALWARE-Repo/hovercards/citation/sidebar_partial?tree_name=master

msedge.exe

Remote address:

20.26.156.215:443

Request

GET /Da2dalus/The-MALWARE-Repo/hovercards/citation/sidebar_partial?tree_name=master HTTP/2.0
host: github.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
accept: text/html
dnt: 1
x-requested-with: XMLHttpRequest
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _gh_sess=3pslbJoWb%2B8s3S77LyoEbf3RSedzRGlxFfN%2BonOROqoALpLu8Y0uJPSZBT2vfiGhQB8%2BEs1zHSqozjwzhUNyekPr%2Fv%2FDgwzb0v7KOjg0izKz4014824b8juMY%2FwXf8W1Ydl8QgAtP0qlnDQbLL1t9RK47A%2BDQ9rN1uxnRwIgsfbPcdJlqzgz%2Fk9wjk%2FBgDJmpyQoDJU484cQ1lUBgdNoIUJMpBXg3j987gftiBKx2mUK4ede0h9zIxSKHS14Ty8U7N6ouFSeD4a%2FybL7rK7NqA%3D%3D--a4wUJGIce5wOWPMD--22Slh6i8WDVF7q8E4oOEtg%3D%3D
cookie: _octo=GH1.1.1226490588.1734113350
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 204

server: GitHub.com
date: Fri, 13 Dec 2024 18:10:19 GMT
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
cache-control: no-cache
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
x-github-request-id: C3F9:17A6AF:16252D8:1A31549:675C788B
GET

https://github.com/Da2dalus/The-MALWARE-Repo/used_by_list

msedge.exe

Remote address:

20.26.156.215:443

Request

GET /Da2dalus/The-MALWARE-Repo/used_by_list HTTP/2.0
host: github.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
accept: text/fragment+html
dnt: 1
x-requested-with: XMLHttpRequest
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _gh_sess=3pslbJoWb%2B8s3S77LyoEbf3RSedzRGlxFfN%2BonOROqoALpLu8Y0uJPSZBT2vfiGhQB8%2BEs1zHSqozjwzhUNyekPr%2Fv%2FDgwzb0v7KOjg0izKz4014824b8juMY%2FwXf8W1Ydl8QgAtP0qlnDQbLL1t9RK47A%2BDQ9rN1uxnRwIgsfbPcdJlqzgz%2Fk9wjk%2FBgDJmpyQoDJU484cQ1lUBgdNoIUJMpBXg3j987gftiBKx2mUK4ede0h9zIxSKHS14Ty8U7N6ouFSeD4a%2FybL7rK7NqA%3D%3D--a4wUJGIce5wOWPMD--22Slh6i8WDVF7q8E4oOEtg%3D%3D
cookie: _octo=GH1.1.1226490588.1734113350
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 200

server: GitHub.com
date: Fri, 13 Dec 2024 18:10:19 GMT
content-type: application/json; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
etag: W/"adc2c0d060742993a54f31416bc951e3"
cache-control: max-age=0, private, must-revalidate
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
content-encoding: gzip
accept-ranges: bytes
content-length: 79
x-github-request-id: C3F9:17A6AF:16252E2:1A31557:675C788B
GET

https://github.com/Da2dalus/The-MALWARE-Repo/latest-commit/master

msedge.exe

Remote address:

20.26.156.215:443

Request

GET /Da2dalus/The-MALWARE-Repo/latest-commit/master HTTP/2.0
host: github.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
content-type: application/json
accept: application/json
x-requested-with: XMLHttpRequest
github-verified-fetch: true
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _gh_sess=3pslbJoWb%2B8s3S77LyoEbf3RSedzRGlxFfN%2BonOROqoALpLu8Y0uJPSZBT2vfiGhQB8%2BEs1zHSqozjwzhUNyekPr%2Fv%2FDgwzb0v7KOjg0izKz4014824b8juMY%2FwXf8W1Ydl8QgAtP0qlnDQbLL1t9RK47A%2BDQ9rN1uxnRwIgsfbPcdJlqzgz%2Fk9wjk%2FBgDJmpyQoDJU484cQ1lUBgdNoIUJMpBXg3j987gftiBKx2mUK4ede0h9zIxSKHS14Ty8U7N6ouFSeD4a%2FybL7rK7NqA%3D%3D--a4wUJGIce5wOWPMD--22Slh6i8WDVF7q8E4oOEtg%3D%3D
cookie: _octo=GH1.1.1226490588.1734113350
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 200

server: GitHub.com
date: Fri, 13 Dec 2024 18:10:19 GMT
content-type: application/json; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
etag: W/"ced17b2112827c8d5577d524acbe58b5"
cache-control: max-age=0, private, must-revalidate
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
content-encoding: gzip
accept-ranges: bytes
content-length: 632
x-github-request-id: C3F9:17A6AF:16252E2:1A31555:675C788B
GET

https://github.com/Da2dalus/The-MALWARE-Repo/refs?type=branch

msedge.exe

Remote address:

20.26.156.215:443

Request

GET /Da2dalus/The-MALWARE-Repo/refs?type=branch HTTP/2.0
host: github.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
accept: application/json
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _gh_sess=3pslbJoWb%2B8s3S77LyoEbf3RSedzRGlxFfN%2BonOROqoALpLu8Y0uJPSZBT2vfiGhQB8%2BEs1zHSqozjwzhUNyekPr%2Fv%2FDgwzb0v7KOjg0izKz4014824b8juMY%2FwXf8W1Ydl8QgAtP0qlnDQbLL1t9RK47A%2BDQ9rN1uxnRwIgsfbPcdJlqzgz%2Fk9wjk%2FBgDJmpyQoDJU484cQ1lUBgdNoIUJMpBXg3j987gftiBKx2mUK4ede0h9zIxSKHS14Ty8U7N6ouFSeD4a%2FybL7rK7NqA%3D%3D--a4wUJGIce5wOWPMD--22Slh6i8WDVF7q8E4oOEtg%3D%3D
cookie: _octo=GH1.1.1226490588.1734113350
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 200

server: GitHub.com
date: Fri, 13 Dec 2024 18:10:19 GMT
content-type: application/json; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
etag: W/"07da86d5c2d3c431a0aa2221ab777c22"
cache-control: max-age=0, private, must-revalidate
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
content-encoding: gzip
accept-ranges: bytes
content-length: 1218
x-github-request-id: C3F9:17A6AF:16252E2:1A31558:675C788B
GET

https://github.com/Da2dalus/The-MALWARE-Repo/tree-commit-info/master

msedge.exe

Remote address:

20.26.156.215:443

Request

GET /Da2dalus/The-MALWARE-Repo/tree-commit-info/master HTTP/2.0
host: github.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
content-type: application/json
accept: application/json
x-requested-with: XMLHttpRequest
github-verified-fetch: true
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _gh_sess=3pslbJoWb%2B8s3S77LyoEbf3RSedzRGlxFfN%2BonOROqoALpLu8Y0uJPSZBT2vfiGhQB8%2BEs1zHSqozjwzhUNyekPr%2Fv%2FDgwzb0v7KOjg0izKz4014824b8juMY%2FwXf8W1Ydl8QgAtP0qlnDQbLL1t9RK47A%2BDQ9rN1uxnRwIgsfbPcdJlqzgz%2Fk9wjk%2FBgDJmpyQoDJU484cQ1lUBgdNoIUJMpBXg3j987gftiBKx2mUK4ede0h9zIxSKHS14Ty8U7N6ouFSeD4a%2FybL7rK7NqA%3D%3D--a4wUJGIce5wOWPMD--22Slh6i8WDVF7q8E4oOEtg%3D%3D
cookie: _octo=GH1.1.1226490588.1734113350
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 200

server: GitHub.com
date: Fri, 13 Dec 2024 18:10:19 GMT
content-type: application/json; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
etag: W/"57dd3ff551f8b3d10b3856a048bab63c"
cache-control: max-age=0, private, must-revalidate
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
content-encoding: gzip
accept-ranges: bytes
content-length: 53
x-github-request-id: C3F9:17A6AF:16252E2:1A3155B:675C788B
GET

https://github.com/Da2dalus/The-MALWARE-Repo/branch-and-tag-count

msedge.exe

Remote address:

20.26.156.215:443

Request

GET /Da2dalus/The-MALWARE-Repo/branch-and-tag-count HTTP/2.0
host: github.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
content-type: application/json
accept: application/json
x-requested-with: XMLHttpRequest
github-verified-fetch: true
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _gh_sess=3pslbJoWb%2B8s3S77LyoEbf3RSedzRGlxFfN%2BonOROqoALpLu8Y0uJPSZBT2vfiGhQB8%2BEs1zHSqozjwzhUNyekPr%2Fv%2FDgwzb0v7KOjg0izKz4014824b8juMY%2FwXf8W1Ydl8QgAtP0qlnDQbLL1t9RK47A%2BDQ9rN1uxnRwIgsfbPcdJlqzgz%2Fk9wjk%2FBgDJmpyQoDJU484cQ1lUBgdNoIUJMpBXg3j987gftiBKx2mUK4ede0h9zIxSKHS14Ty8U7N6ouFSeD4a%2FybL7rK7NqA%3D%3D--a4wUJGIce5wOWPMD--22Slh6i8WDVF7q8E4oOEtg%3D%3D
cookie: _octo=GH1.1.1226490588.1734113350
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 200

server: GitHub.com
date: Fri, 13 Dec 2024 18:10:22 GMT
content-type: text/plain; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
cache-control: no-cache
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
content-encoding: gzip
accept-ranges: bytes
content-length: 20
x-github-request-id: C3F9:17A6AF:16252D8:1A3154A:675C788B
GET

https://github.com/Da2dalus/The-MALWARE-Repo/tree/master/Virus

msedge.exe

Remote address:

20.26.156.215:443

Request

GET /Da2dalus/The-MALWARE-Repo/tree/master/Virus HTTP/2.0
host: github.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
accept: text/html, application/xhtml+xml, application/json
dnt: 1
turbo-visit: true
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
x-react-app-name: repos-overview
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _gh_sess=3pslbJoWb%2B8s3S77LyoEbf3RSedzRGlxFfN%2BonOROqoALpLu8Y0uJPSZBT2vfiGhQB8%2BEs1zHSqozjwzhUNyekPr%2Fv%2FDgwzb0v7KOjg0izKz4014824b8juMY%2FwXf8W1Ydl8QgAtP0qlnDQbLL1t9RK47A%2BDQ9rN1uxnRwIgsfbPcdJlqzgz%2Fk9wjk%2FBgDJmpyQoDJU484cQ1lUBgdNoIUJMpBXg3j987gftiBKx2mUK4ede0h9zIxSKHS14Ty8U7N6ouFSeD4a%2FybL7rK7NqA%3D%3D--a4wUJGIce5wOWPMD--22Slh6i8WDVF7q8E4oOEtg%3D%3D
cookie: _octo=GH1.1.1226490588.1734113350
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 200

server: GitHub.com
date: Fri, 13 Dec 2024 18:10:28 GMT
content-type: text/html; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
etag: W/"545329e16499437651780d77665860d3"
cache-control: max-age=0, private, must-revalidate
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
content-encoding: gzip
x-html-safe: a1e98867d4cff11188f2272338d043e75d899862c80ef3eb9c87373cab64d772
accept-ranges: bytes
x-github-request-id: C3F9:17A6AF:1625744:1A31A96:675C788E
GET

https://github.com/Da2dalus/The-MALWARE-Repo/latest-commit/master/Virus

msedge.exe

Remote address:

20.26.156.215:443

Request

GET /Da2dalus/The-MALWARE-Repo/latest-commit/master/Virus HTTP/2.0
host: github.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
content-type: application/json
accept: application/json
x-requested-with: XMLHttpRequest
github-verified-fetch: true
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/tree/master/Virus
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _gh_sess=3pslbJoWb%2B8s3S77LyoEbf3RSedzRGlxFfN%2BonOROqoALpLu8Y0uJPSZBT2vfiGhQB8%2BEs1zHSqozjwzhUNyekPr%2Fv%2FDgwzb0v7KOjg0izKz4014824b8juMY%2FwXf8W1Ydl8QgAtP0qlnDQbLL1t9RK47A%2BDQ9rN1uxnRwIgsfbPcdJlqzgz%2Fk9wjk%2FBgDJmpyQoDJU484cQ1lUBgdNoIUJMpBXg3j987gftiBKx2mUK4ede0h9zIxSKHS14Ty8U7N6ouFSeD4a%2FybL7rK7NqA%3D%3D--a4wUJGIce5wOWPMD--22Slh6i8WDVF7q8E4oOEtg%3D%3D
cookie: _octo=GH1.1.1226490588.1734113350
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 200

server: GitHub.com
date: Fri, 13 Dec 2024 18:10:29 GMT
content-type: application/json; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
etag: W/"f8f4fbf1763c56bc75eb5f80ab16274a"
cache-control: max-age=0, private, must-revalidate
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
content-encoding: gzip
accept-ranges: bytes
content-length: 331
x-github-request-id: C3F9:17A6AF:162578E:1A31AFA:675C7895
GET

https://github.com/Da2dalus/The-MALWARE-Repo/tree-commit-info/master/Virus

msedge.exe

Remote address:

20.26.156.215:443

Request

GET /Da2dalus/The-MALWARE-Repo/tree-commit-info/master/Virus HTTP/2.0
host: github.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
content-type: application/json
accept: application/json
x-requested-with: XMLHttpRequest
github-verified-fetch: true
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/tree/master/Virus
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _gh_sess=3pslbJoWb%2B8s3S77LyoEbf3RSedzRGlxFfN%2BonOROqoALpLu8Y0uJPSZBT2vfiGhQB8%2BEs1zHSqozjwzhUNyekPr%2Fv%2FDgwzb0v7KOjg0izKz4014824b8juMY%2FwXf8W1Ydl8QgAtP0qlnDQbLL1t9RK47A%2BDQ9rN1uxnRwIgsfbPcdJlqzgz%2Fk9wjk%2FBgDJmpyQoDJU484cQ1lUBgdNoIUJMpBXg3j987gftiBKx2mUK4ede0h9zIxSKHS14Ty8U7N6ouFSeD4a%2FybL7rK7NqA%3D%3D--a4wUJGIce5wOWPMD--22Slh6i8WDVF7q8E4oOEtg%3D%3D
cookie: _octo=GH1.1.1226490588.1734113350
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 200

server: GitHub.com
date: Fri, 13 Dec 2024 18:10:29 GMT
content-type: application/json; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
etag: W/"413669063bf1c291e252618e3eb3f2a5"
cache-control: max-age=0, private, must-revalidate
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
content-encoding: gzip
accept-ranges: bytes
content-length: 441
x-github-request-id: C3F9:17A6AF:162578E:1A31AF9:675C7894
GET

https://github.com/Da2dalus/The-MALWARE-Repo/deferred-metadata/master/Virus

msedge.exe

Remote address:

20.26.156.215:443

Request

GET /Da2dalus/The-MALWARE-Repo/deferred-metadata/master/Virus HTTP/2.0
host: github.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
content-type: application/json
accept: application/json
x-requested-with: XMLHttpRequest
github-verified-fetch: true
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/tree/master/Virus
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _gh_sess=3pslbJoWb%2B8s3S77LyoEbf3RSedzRGlxFfN%2BonOROqoALpLu8Y0uJPSZBT2vfiGhQB8%2BEs1zHSqozjwzhUNyekPr%2Fv%2FDgwzb0v7KOjg0izKz4014824b8juMY%2FwXf8W1Ydl8QgAtP0qlnDQbLL1t9RK47A%2BDQ9rN1uxnRwIgsfbPcdJlqzgz%2Fk9wjk%2FBgDJmpyQoDJU484cQ1lUBgdNoIUJMpBXg3j987gftiBKx2mUK4ede0h9zIxSKHS14Ty8U7N6ouFSeD4a%2FybL7rK7NqA%3D%3D--a4wUJGIce5wOWPMD--22Slh6i8WDVF7q8E4oOEtg%3D%3D
cookie: _octo=GH1.1.1226490588.1734113350
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 200

server: GitHub.com
date: Fri, 13 Dec 2024 18:10:29 GMT
content-type: application/json; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
etag: W/"3b1ec0bc5e0864a5815defaffc90db22"
cache-control: max-age=0, private, must-revalidate
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
content-encoding: gzip
accept-ranges: bytes
content-length: 181
x-github-request-id: C3F9:17A6AF:162578E:1A31AFB:675C7895
GET

https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Virus/Walker.com

msedge.exe

Remote address:

20.26.156.215:443

Request

GET /Da2dalus/The-MALWARE-Repo/blob/master/Virus/Walker.com HTTP/2.0
host: github.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: application/json
x-requested-with: XMLHttpRequest
x-react-router: json
x-github-target: dotcom
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Virus/Walker.com
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _gh_sess=3pslbJoWb%2B8s3S77LyoEbf3RSedzRGlxFfN%2BonOROqoALpLu8Y0uJPSZBT2vfiGhQB8%2BEs1zHSqozjwzhUNyekPr%2Fv%2FDgwzb0v7KOjg0izKz4014824b8juMY%2FwXf8W1Ydl8QgAtP0qlnDQbLL1t9RK47A%2BDQ9rN1uxnRwIgsfbPcdJlqzgz%2Fk9wjk%2FBgDJmpyQoDJU484cQ1lUBgdNoIUJMpBXg3j987gftiBKx2mUK4ede0h9zIxSKHS14Ty8U7N6ouFSeD4a%2FybL7rK7NqA%3D%3D--a4wUJGIce5wOWPMD--22Slh6i8WDVF7q8E4oOEtg%3D%3D
cookie: _octo=GH1.1.1226490588.1734113350
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 200

server: GitHub.com
date: Fri, 13 Dec 2024 18:10:33 GMT
content-type: application/json; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
etag: W/"9478cf5639b99de12851d7da2749156d"
cache-control: max-age=0, private, must-revalidate
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
content-encoding: gzip
accept-ranges: bytes
content-length: 1868
x-github-request-id: C3F9:17A6AF:1625950:1A31D11:675C7895
GET

https://github.com/Da2dalus/The-MALWARE-Repo/latest-commit/master/Virus/Walker.com

msedge.exe

Remote address:

20.26.156.215:443

Request

GET /Da2dalus/The-MALWARE-Repo/latest-commit/master/Virus/Walker.com HTTP/2.0
host: github.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
content-type: application/json
accept: application/json
x-requested-with: XMLHttpRequest
github-verified-fetch: true
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Virus/Walker.com
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _gh_sess=3pslbJoWb%2B8s3S77LyoEbf3RSedzRGlxFfN%2BonOROqoALpLu8Y0uJPSZBT2vfiGhQB8%2BEs1zHSqozjwzhUNyekPr%2Fv%2FDgwzb0v7KOjg0izKz4014824b8juMY%2FwXf8W1Ydl8QgAtP0qlnDQbLL1t9RK47A%2BDQ9rN1uxnRwIgsfbPcdJlqzgz%2Fk9wjk%2FBgDJmpyQoDJU484cQ1lUBgdNoIUJMpBXg3j987gftiBKx2mUK4ede0h9zIxSKHS14Ty8U7N6ouFSeD4a%2FybL7rK7NqA%3D%3D--a4wUJGIce5wOWPMD--22Slh6i8WDVF7q8E4oOEtg%3D%3D
cookie: _octo=GH1.1.1226490588.1734113350
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 200

server: GitHub.com
date: Fri, 13 Dec 2024 18:10:33 GMT
content-type: application/json; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
etag: W/"413669063bf1c291e252618e3eb3f2a5"
cache-control: max-age=0, private, must-revalidate
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
content-encoding: gzip
accept-ranges: bytes
content-length: 441
x-github-request-id: C3F9:17A6AF:162597E:1A31D3B:675C7899
GET

https://github.com/Da2dalus/The-MALWARE-Repo/deferred-metadata/master/Virus/Walker.com

msedge.exe

Remote address:

20.26.156.215:443

Request

GET /Da2dalus/The-MALWARE-Repo/deferred-metadata/master/Virus/Walker.com HTTP/2.0
host: github.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
content-type: application/json
accept: application/json
x-requested-with: XMLHttpRequest
github-verified-fetch: true
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Virus/Walker.com
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _gh_sess=3pslbJoWb%2B8s3S77LyoEbf3RSedzRGlxFfN%2BonOROqoALpLu8Y0uJPSZBT2vfiGhQB8%2BEs1zHSqozjwzhUNyekPr%2Fv%2FDgwzb0v7KOjg0izKz4014824b8juMY%2FwXf8W1Ydl8QgAtP0qlnDQbLL1t9RK47A%2BDQ9rN1uxnRwIgsfbPcdJlqzgz%2Fk9wjk%2FBgDJmpyQoDJU484cQ1lUBgdNoIUJMpBXg3j987gftiBKx2mUK4ede0h9zIxSKHS14Ty8U7N6ouFSeD4a%2FybL7rK7NqA%3D%3D--a4wUJGIce5wOWPMD--22Slh6i8WDVF7q8E4oOEtg%3D%3D
cookie: _octo=GH1.1.1226490588.1734113350
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 200

server: GitHub.com
date: Fri, 13 Dec 2024 18:10:33 GMT
content-type: application/json; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
etag: W/"3b1ec0bc5e0864a5815defaffc90db22"
cache-control: max-age=0, private, must-revalidate
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
content-encoding: gzip
accept-ranges: bytes
content-length: 181
x-github-request-id: C3F9:17A6AF:162597E:1A31D3C:675C7899
GET

https://github.com/Da2dalus/The-MALWARE-Repo/raw/refs/heads/master/Virus/Walker.com

msedge.exe

Remote address:

20.26.156.215:443

Request

GET /Da2dalus/The-MALWARE-Repo/raw/refs/heads/master/Virus/Walker.com HTTP/2.0
host: github.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Virus/Walker.com
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _gh_sess=3pslbJoWb%2B8s3S77LyoEbf3RSedzRGlxFfN%2BonOROqoALpLu8Y0uJPSZBT2vfiGhQB8%2BEs1zHSqozjwzhUNyekPr%2Fv%2FDgwzb0v7KOjg0izKz4014824b8juMY%2FwXf8W1Ydl8QgAtP0qlnDQbLL1t9RK47A%2BDQ9rN1uxnRwIgsfbPcdJlqzgz%2Fk9wjk%2FBgDJmpyQoDJU484cQ1lUBgdNoIUJMpBXg3j987gftiBKx2mUK4ede0h9zIxSKHS14Ty8U7N6ouFSeD4a%2FybL7rK7NqA%3D%3D--a4wUJGIce5wOWPMD--22Slh6i8WDVF7q8E4oOEtg%3D%3D
cookie: _octo=GH1.1.1226490588.1734113350
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 302

server: GitHub.com
date: Fri, 13 Dec 2024 18:10:35 GMT
content-type: text/html; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
access-control-allow-origin:
location: https://raw.githubusercontent.com/Da2dalus/The-MALWARE-Repo/refs/heads/master/Virus/Walker.com
cache-control: no-cache
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
content-length: 0
x-github-request-id: C3F9:17A6AF:1625A5D:1A31E59:675C7899
GET

https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Virus/Melissa.doc

msedge.exe

Remote address:

20.26.156.215:443

Request

GET /Da2dalus/The-MALWARE-Repo/blob/master/Virus/Melissa.doc HTTP/2.0
host: github.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: application/json
x-requested-with: XMLHttpRequest
x-react-router: json
x-github-target: dotcom
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Virus/Melissa.doc
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _gh_sess=3pslbJoWb%2B8s3S77LyoEbf3RSedzRGlxFfN%2BonOROqoALpLu8Y0uJPSZBT2vfiGhQB8%2BEs1zHSqozjwzhUNyekPr%2Fv%2FDgwzb0v7KOjg0izKz4014824b8juMY%2FwXf8W1Ydl8QgAtP0qlnDQbLL1t9RK47A%2BDQ9rN1uxnRwIgsfbPcdJlqzgz%2Fk9wjk%2FBgDJmpyQoDJU484cQ1lUBgdNoIUJMpBXg3j987gftiBKx2mUK4ede0h9zIxSKHS14Ty8U7N6ouFSeD4a%2FybL7rK7NqA%3D%3D--a4wUJGIce5wOWPMD--22Slh6i8WDVF7q8E4oOEtg%3D%3D
cookie: _octo=GH1.1.1226490588.1734113350
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 200

server: GitHub.com
date: Fri, 13 Dec 2024 18:10:56 GMT
content-type: application/json; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
etag: W/"34caff07e7b51b635b369353d1e8dd0a"
cache-control: max-age=0, private, must-revalidate
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
content-encoding: gzip
accept-ranges: bytes
content-length: 1875
x-github-request-id: C3F9:17A6AF:16264C9:1A32AC4:675C789B
GET

https://github.com/Da2dalus/The-MALWARE-Repo/latest-commit/master/Virus/Melissa.doc

msedge.exe

Remote address:

20.26.156.215:443

Request

GET /Da2dalus/The-MALWARE-Repo/latest-commit/master/Virus/Melissa.doc HTTP/2.0
host: github.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
content-type: application/json
accept: application/json
x-requested-with: XMLHttpRequest
github-verified-fetch: true
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Virus/Melissa.doc
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _gh_sess=3pslbJoWb%2B8s3S77LyoEbf3RSedzRGlxFfN%2BonOROqoALpLu8Y0uJPSZBT2vfiGhQB8%2BEs1zHSqozjwzhUNyekPr%2Fv%2FDgwzb0v7KOjg0izKz4014824b8juMY%2FwXf8W1Ydl8QgAtP0qlnDQbLL1t9RK47A%2BDQ9rN1uxnRwIgsfbPcdJlqzgz%2Fk9wjk%2FBgDJmpyQoDJU484cQ1lUBgdNoIUJMpBXg3j987gftiBKx2mUK4ede0h9zIxSKHS14Ty8U7N6ouFSeD4a%2FybL7rK7NqA%3D%3D--a4wUJGIce5wOWPMD--22Slh6i8WDVF7q8E4oOEtg%3D%3D
cookie: _octo=GH1.1.1226490588.1734113350
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 200

server: GitHub.com
date: Fri, 13 Dec 2024 18:10:57 GMT
content-type: application/json; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
etag: W/"3b1ec0bc5e0864a5815defaffc90db22"
cache-control: max-age=0, private, must-revalidate
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
content-encoding: gzip
accept-ranges: bytes
content-length: 181
x-github-request-id: C3F9:17A6AF:16264FA:1A32AFE:675C78B0
GET

https://github.com/Da2dalus/The-MALWARE-Repo/deferred-metadata/master/Virus/Melissa.doc

msedge.exe

Remote address:

20.26.156.215:443

Request

GET /Da2dalus/The-MALWARE-Repo/deferred-metadata/master/Virus/Melissa.doc HTTP/2.0
host: github.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
content-type: application/json
accept: application/json
x-requested-with: XMLHttpRequest
github-verified-fetch: true
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Virus/Melissa.doc
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _gh_sess=3pslbJoWb%2B8s3S77LyoEbf3RSedzRGlxFfN%2BonOROqoALpLu8Y0uJPSZBT2vfiGhQB8%2BEs1zHSqozjwzhUNyekPr%2Fv%2FDgwzb0v7KOjg0izKz4014824b8juMY%2FwXf8W1Ydl8QgAtP0qlnDQbLL1t9RK47A%2BDQ9rN1uxnRwIgsfbPcdJlqzgz%2Fk9wjk%2FBgDJmpyQoDJU484cQ1lUBgdNoIUJMpBXg3j987gftiBKx2mUK4ede0h9zIxSKHS14Ty8U7N6ouFSeD4a%2FybL7rK7NqA%3D%3D--a4wUJGIce5wOWPMD--22Slh6i8WDVF7q8E4oOEtg%3D%3D
cookie: _octo=GH1.1.1226490588.1734113350
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 200

server: GitHub.com
date: Fri, 13 Dec 2024 18:10:57 GMT
content-type: application/json; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
etag: W/"413669063bf1c291e252618e3eb3f2a5"
cache-control: max-age=0, private, must-revalidate
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
content-encoding: gzip
accept-ranges: bytes
content-length: 441
x-github-request-id: C3F9:17A6AF:16264FA:1A32AFD:675C78B0
GET

https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Virus/WinNuke.98.exe

msedge.exe

Remote address:

20.26.156.215:443

Request

GET /Da2dalus/The-MALWARE-Repo/blob/master/Virus/WinNuke.98.exe HTTP/2.0
host: github.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: application/json
x-requested-with: XMLHttpRequest
x-react-router: json
x-github-target: dotcom
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Virus/WinNuke.98.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _gh_sess=3pslbJoWb%2B8s3S77LyoEbf3RSedzRGlxFfN%2BonOROqoALpLu8Y0uJPSZBT2vfiGhQB8%2BEs1zHSqozjwzhUNyekPr%2Fv%2FDgwzb0v7KOjg0izKz4014824b8juMY%2FwXf8W1Ydl8QgAtP0qlnDQbLL1t9RK47A%2BDQ9rN1uxnRwIgsfbPcdJlqzgz%2Fk9wjk%2FBgDJmpyQoDJU484cQ1lUBgdNoIUJMpBXg3j987gftiBKx2mUK4ede0h9zIxSKHS14Ty8U7N6ouFSeD4a%2FybL7rK7NqA%3D%3D--a4wUJGIce5wOWPMD--22Slh6i8WDVF7q8E4oOEtg%3D%3D
cookie: _octo=GH1.1.1226490588.1734113350
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 200

server: GitHub.com
date: Fri, 13 Dec 2024 18:10:58 GMT
content-type: application/json; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
etag: W/"8be4504c9910fb726c060445d05bb6e3"
cache-control: max-age=0, private, must-revalidate
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
content-encoding: gzip
accept-ranges: bytes
content-length: 1876
x-github-request-id: C3F9:17A6AF:16265A3:1A32BC4:675C78B1
GET

https://github.com/Da2dalus/The-MALWARE-Repo/latest-commit/master/Virus/WinNuke.98.exe

msedge.exe

Remote address:

20.26.156.215:443

Request

GET /Da2dalus/The-MALWARE-Repo/latest-commit/master/Virus/WinNuke.98.exe HTTP/2.0
host: github.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
content-type: application/json
accept: application/json
x-requested-with: XMLHttpRequest
github-verified-fetch: true
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Virus/WinNuke.98.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _gh_sess=3pslbJoWb%2B8s3S77LyoEbf3RSedzRGlxFfN%2BonOROqoALpLu8Y0uJPSZBT2vfiGhQB8%2BEs1zHSqozjwzhUNyekPr%2Fv%2FDgwzb0v7KOjg0izKz4014824b8juMY%2FwXf8W1Ydl8QgAtP0qlnDQbLL1t9RK47A%2BDQ9rN1uxnRwIgsfbPcdJlqzgz%2Fk9wjk%2FBgDJmpyQoDJU484cQ1lUBgdNoIUJMpBXg3j987gftiBKx2mUK4ede0h9zIxSKHS14Ty8U7N6ouFSeD4a%2FybL7rK7NqA%3D%3D--a4wUJGIce5wOWPMD--22Slh6i8WDVF7q8E4oOEtg%3D%3D
cookie: _octo=GH1.1.1226490588.1734113350
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 200

server: GitHub.com
date: Fri, 13 Dec 2024 18:10:58 GMT
content-type: application/json; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
etag: W/"3b1ec0bc5e0864a5815defaffc90db22"
cache-control: max-age=0, private, must-revalidate
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
content-encoding: gzip
accept-ranges: bytes
content-length: 181
x-github-request-id: C3F9:17A6AF:16265CA:1A32BFE:675C78B2
GET

https://github.com/Da2dalus/The-MALWARE-Repo/deferred-metadata/master/Virus/WinNuke.98.exe

msedge.exe

Remote address:

20.26.156.215:443

Request

GET /Da2dalus/The-MALWARE-Repo/deferred-metadata/master/Virus/WinNuke.98.exe HTTP/2.0
host: github.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
content-type: application/json
accept: application/json
x-requested-with: XMLHttpRequest
github-verified-fetch: true
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Virus/WinNuke.98.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _gh_sess=3pslbJoWb%2B8s3S77LyoEbf3RSedzRGlxFfN%2BonOROqoALpLu8Y0uJPSZBT2vfiGhQB8%2BEs1zHSqozjwzhUNyekPr%2Fv%2FDgwzb0v7KOjg0izKz4014824b8juMY%2FwXf8W1Ydl8QgAtP0qlnDQbLL1t9RK47A%2BDQ9rN1uxnRwIgsfbPcdJlqzgz%2Fk9wjk%2FBgDJmpyQoDJU484cQ1lUBgdNoIUJMpBXg3j987gftiBKx2mUK4ede0h9zIxSKHS14Ty8U7N6ouFSeD4a%2FybL7rK7NqA%3D%3D--a4wUJGIce5wOWPMD--22Slh6i8WDVF7q8E4oOEtg%3D%3D
cookie: _octo=GH1.1.1226490588.1734113350
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 200

server: GitHub.com
date: Fri, 13 Dec 2024 18:10:58 GMT
content-type: application/json; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
etag: W/"413669063bf1c291e252618e3eb3f2a5"
cache-control: max-age=0, private, must-revalidate
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
content-encoding: gzip
accept-ranges: bytes
content-length: 441
x-github-request-id: C3F9:17A6AF:16265CA:1A32BFD:675C78B2
GET

https://github.com/Da2dalus/The-MALWARE-Repo/raw/refs/heads/master/Virus/WinNuke.98.exe

msedge.exe

Remote address:

20.26.156.215:443

Request

GET /Da2dalus/The-MALWARE-Repo/raw/refs/heads/master/Virus/WinNuke.98.exe HTTP/2.0
host: github.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Virus/WinNuke.98.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _gh_sess=3pslbJoWb%2B8s3S77LyoEbf3RSedzRGlxFfN%2BonOROqoALpLu8Y0uJPSZBT2vfiGhQB8%2BEs1zHSqozjwzhUNyekPr%2Fv%2FDgwzb0v7KOjg0izKz4014824b8juMY%2FwXf8W1Ydl8QgAtP0qlnDQbLL1t9RK47A%2BDQ9rN1uxnRwIgsfbPcdJlqzgz%2Fk9wjk%2FBgDJmpyQoDJU484cQ1lUBgdNoIUJMpBXg3j987gftiBKx2mUK4ede0h9zIxSKHS14Ty8U7N6ouFSeD4a%2FybL7rK7NqA%3D%3D--a4wUJGIce5wOWPMD--22Slh6i8WDVF7q8E4oOEtg%3D%3D
cookie: _octo=GH1.1.1226490588.1734113350
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 302

server: GitHub.com
date: Fri, 13 Dec 2024 18:11:01 GMT
content-type: text/html; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
access-control-allow-origin:
location: https://raw.githubusercontent.com/Da2dalus/The-MALWARE-Repo/refs/heads/master/Virus/WinNuke.98.exe
cache-control: no-cache
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
content-length: 0
x-github-request-id: C3F9:17A6AF:1626704:1A32D68:675C78B2
GET

https://github.com/Da2dalus/The-MALWARE-Repo/raw/refs/heads/master/Virus/WinNuke.98.exe

msedge.exe

Remote address:

20.26.156.215:443

Request

GET /Da2dalus/The-MALWARE-Repo/raw/refs/heads/master/Virus/WinNuke.98.exe HTTP/2.0
host: github.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Virus/WinNuke.98.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _gh_sess=3pslbJoWb%2B8s3S77LyoEbf3RSedzRGlxFfN%2BonOROqoALpLu8Y0uJPSZBT2vfiGhQB8%2BEs1zHSqozjwzhUNyekPr%2Fv%2FDgwzb0v7KOjg0izKz4014824b8juMY%2FwXf8W1Ydl8QgAtP0qlnDQbLL1t9RK47A%2BDQ9rN1uxnRwIgsfbPcdJlqzgz%2Fk9wjk%2FBgDJmpyQoDJU484cQ1lUBgdNoIUJMpBXg3j987gftiBKx2mUK4ede0h9zIxSKHS14Ty8U7N6ouFSeD4a%2FybL7rK7NqA%3D%3D--a4wUJGIce5wOWPMD--22Slh6i8WDVF7q8E4oOEtg%3D%3D
cookie: _octo=GH1.1.1226490588.1734113350
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 302

server: GitHub.com
date: Fri, 13 Dec 2024 18:11:01 GMT
content-type: text/html; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
access-control-allow-origin:
location: https://raw.githubusercontent.com/Da2dalus/The-MALWARE-Repo/refs/heads/master/Virus/WinNuke.98.exe
cache-control: no-cache
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
content-length: 0
x-github-request-id: C3F9:17A6AF:1626834:1A32ED0:675C78B5
GET

https://github.com/Da2dalus/The-MALWARE-Repo/raw/refs/heads/master/Virus/WinNuke.98.exe

msedge.exe

Remote address:

20.26.156.215:443

Request

GET /Da2dalus/The-MALWARE-Repo/raw/refs/heads/master/Virus/WinNuke.98.exe HTTP/2.0
host: github.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Virus/WinNuke.98.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _gh_sess=3pslbJoWb%2B8s3S77LyoEbf3RSedzRGlxFfN%2BonOROqoALpLu8Y0uJPSZBT2vfiGhQB8%2BEs1zHSqozjwzhUNyekPr%2Fv%2FDgwzb0v7KOjg0izKz4014824b8juMY%2FwXf8W1Ydl8QgAtP0qlnDQbLL1t9RK47A%2BDQ9rN1uxnRwIgsfbPcdJlqzgz%2Fk9wjk%2FBgDJmpyQoDJU484cQ1lUBgdNoIUJMpBXg3j987gftiBKx2mUK4ede0h9zIxSKHS14Ty8U7N6ouFSeD4a%2FybL7rK7NqA%3D%3D--a4wUJGIce5wOWPMD--22Slh6i8WDVF7q8E4oOEtg%3D%3D
cookie: _octo=GH1.1.1226490588.1734113350
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 302

server: GitHub.com
date: Fri, 13 Dec 2024 18:11:01 GMT
content-type: text/html; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
access-control-allow-origin:
location: https://raw.githubusercontent.com/Da2dalus/The-MALWARE-Repo/refs/heads/master/Virus/WinNuke.98.exe
cache-control: no-cache
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
content-length: 0
x-github-request-id: C3F9:17A6AF:1626AE8:1A33208:675C78B7
GET

https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Virus/Melissa.doc

msedge.exe

Remote address:

20.26.156.215:443

Request

GET /Da2dalus/The-MALWARE-Repo/blob/master/Virus/Melissa.doc HTTP/2.0
host: github.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: application/json
x-requested-with: XMLHttpRequest
x-react-router: json
x-github-target: dotcom
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Virus/Melissa.doc
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _gh_sess=3pslbJoWb%2B8s3S77LyoEbf3RSedzRGlxFfN%2BonOROqoALpLu8Y0uJPSZBT2vfiGhQB8%2BEs1zHSqozjwzhUNyekPr%2Fv%2FDgwzb0v7KOjg0izKz4014824b8juMY%2FwXf8W1Ydl8QgAtP0qlnDQbLL1t9RK47A%2BDQ9rN1uxnRwIgsfbPcdJlqzgz%2Fk9wjk%2FBgDJmpyQoDJU484cQ1lUBgdNoIUJMpBXg3j987gftiBKx2mUK4ede0h9zIxSKHS14Ty8U7N6ouFSeD4a%2FybL7rK7NqA%3D%3D--a4wUJGIce5wOWPMD--22Slh6i8WDVF7q8E4oOEtg%3D%3D
cookie: _octo=GH1.1.1226490588.1734113350
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC
if-none-match: W/"34caff07e7b51b635b369353d1e8dd0a"

Response

HTTP/2.0 200

server: GitHub.com
date: Fri, 13 Dec 2024 18:11:32 GMT
content-type: application/json; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
etag: W/"e3fe5ee38e521610e904fa8915e9387b"
cache-control: max-age=0, private, must-revalidate
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
content-encoding: gzip
accept-ranges: bytes
content-length: 1869
x-github-request-id: C3F9:17A6AF:16276B6:1A34008:675C78BC
GET

https://github.com/Da2dalus/The-MALWARE-Repo/latest-commit/master/Virus/Melissa.doc

msedge.exe

Remote address:

20.26.156.215:443

Request

GET /Da2dalus/The-MALWARE-Repo/latest-commit/master/Virus/Melissa.doc HTTP/2.0
host: github.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
content-type: application/json
accept: application/json
x-requested-with: XMLHttpRequest
github-verified-fetch: true
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Virus/Melissa.doc
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _gh_sess=3pslbJoWb%2B8s3S77LyoEbf3RSedzRGlxFfN%2BonOROqoALpLu8Y0uJPSZBT2vfiGhQB8%2BEs1zHSqozjwzhUNyekPr%2Fv%2FDgwzb0v7KOjg0izKz4014824b8juMY%2FwXf8W1Ydl8QgAtP0qlnDQbLL1t9RK47A%2BDQ9rN1uxnRwIgsfbPcdJlqzgz%2Fk9wjk%2FBgDJmpyQoDJU484cQ1lUBgdNoIUJMpBXg3j987gftiBKx2mUK4ede0h9zIxSKHS14Ty8U7N6ouFSeD4a%2FybL7rK7NqA%3D%3D--a4wUJGIce5wOWPMD--22Slh6i8WDVF7q8E4oOEtg%3D%3D
cookie: _octo=GH1.1.1226490588.1734113350
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC
if-none-match: W/"413669063bf1c291e252618e3eb3f2a5"

Response

HTTP/2.0 304

server: GitHub.com
date: Fri, 13 Dec 2024 18:11:32 GMT
content-type: application/json; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
etag: W/"3b1ec0bc5e0864a5815defaffc90db22"
cache-control: max-age=0, private, must-revalidate
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
content-encoding: gzip
x-github-request-id: C3F9:17A6AF:16276CE:1A3402D:675C78D4
GET

https://github.com/Da2dalus/The-MALWARE-Repo/deferred-metadata/master/Virus/Melissa.doc

msedge.exe

Remote address:

20.26.156.215:443

Request

GET /Da2dalus/The-MALWARE-Repo/deferred-metadata/master/Virus/Melissa.doc HTTP/2.0
host: github.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
content-type: application/json
accept: application/json
x-requested-with: XMLHttpRequest
github-verified-fetch: true
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Virus/Melissa.doc
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _gh_sess=3pslbJoWb%2B8s3S77LyoEbf3RSedzRGlxFfN%2BonOROqoALpLu8Y0uJPSZBT2vfiGhQB8%2BEs1zHSqozjwzhUNyekPr%2Fv%2FDgwzb0v7KOjg0izKz4014824b8juMY%2FwXf8W1Ydl8QgAtP0qlnDQbLL1t9RK47A%2BDQ9rN1uxnRwIgsfbPcdJlqzgz%2Fk9wjk%2FBgDJmpyQoDJU484cQ1lUBgdNoIUJMpBXg3j987gftiBKx2mUK4ede0h9zIxSKHS14Ty8U7N6ouFSeD4a%2FybL7rK7NqA%3D%3D--a4wUJGIce5wOWPMD--22Slh6i8WDVF7q8E4oOEtg%3D%3D
cookie: _octo=GH1.1.1226490588.1734113350
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC
if-none-match: W/"3b1ec0bc5e0864a5815defaffc90db22"

Response

HTTP/2.0 304

server: GitHub.com
date: Fri, 13 Dec 2024 18:11:32 GMT
content-type: application/json; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
etag: W/"413669063bf1c291e252618e3eb3f2a5"
cache-control: max-age=0, private, must-revalidate
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
content-encoding: gzip
x-github-request-id: C3F9:17A6AF:16276CE:1A3402C:675C78D4
GET

https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Virus/MadMan.exe

msedge.exe

Remote address:

20.26.156.215:443

Request

GET /Da2dalus/The-MALWARE-Repo/blob/master/Virus/MadMan.exe HTTP/2.0
host: github.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: application/json
x-requested-with: XMLHttpRequest
x-react-router: json
x-github-target: dotcom
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Virus/MadMan.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _gh_sess=3pslbJoWb%2B8s3S77LyoEbf3RSedzRGlxFfN%2BonOROqoALpLu8Y0uJPSZBT2vfiGhQB8%2BEs1zHSqozjwzhUNyekPr%2Fv%2FDgwzb0v7KOjg0izKz4014824b8juMY%2FwXf8W1Ydl8QgAtP0qlnDQbLL1t9RK47A%2BDQ9rN1uxnRwIgsfbPcdJlqzgz%2Fk9wjk%2FBgDJmpyQoDJU484cQ1lUBgdNoIUJMpBXg3j987gftiBKx2mUK4ede0h9zIxSKHS14Ty8U7N6ouFSeD4a%2FybL7rK7NqA%3D%3D--a4wUJGIce5wOWPMD--22Slh6i8WDVF7q8E4oOEtg%3D%3D
cookie: _octo=GH1.1.1226490588.1734113350
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 200

server: GitHub.com
date: Fri, 13 Dec 2024 18:11:34 GMT
content-type: application/json; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
etag: W/"1731c991983ee46f84078518628aa5bf"
cache-control: max-age=0, private, must-revalidate
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
content-encoding: gzip
accept-ranges: bytes
content-length: 1871
x-github-request-id: C3F9:17A6AF:16277A8:1A34129:675C78D4
GET

https://github.com/Da2dalus/The-MALWARE-Repo/latest-commit/master/Virus/MadMan.exe

msedge.exe

Remote address:

20.26.156.215:443

Request

GET /Da2dalus/The-MALWARE-Repo/latest-commit/master/Virus/MadMan.exe HTTP/2.0
host: github.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
content-type: application/json
accept: application/json
x-requested-with: XMLHttpRequest
github-verified-fetch: true
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Virus/MadMan.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _gh_sess=3pslbJoWb%2B8s3S77LyoEbf3RSedzRGlxFfN%2BonOROqoALpLu8Y0uJPSZBT2vfiGhQB8%2BEs1zHSqozjwzhUNyekPr%2Fv%2FDgwzb0v7KOjg0izKz4014824b8juMY%2FwXf8W1Ydl8QgAtP0qlnDQbLL1t9RK47A%2BDQ9rN1uxnRwIgsfbPcdJlqzgz%2Fk9wjk%2FBgDJmpyQoDJU484cQ1lUBgdNoIUJMpBXg3j987gftiBKx2mUK4ede0h9zIxSKHS14Ty8U7N6ouFSeD4a%2FybL7rK7NqA%3D%3D--a4wUJGIce5wOWPMD--22Slh6i8WDVF7q8E4oOEtg%3D%3D
cookie: _octo=GH1.1.1226490588.1734113350
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 200

server: GitHub.com
date: Fri, 13 Dec 2024 18:11:34 GMT
content-type: application/json; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
etag: W/"3b1ec0bc5e0864a5815defaffc90db22"
cache-control: max-age=0, private, must-revalidate
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
content-encoding: gzip
accept-ranges: bytes
content-length: 181
x-github-request-id: C3F9:17A6AF:16277C3:1A3414C:675C78D6
GET

https://github.com/Da2dalus/The-MALWARE-Repo/deferred-metadata/master/Virus/MadMan.exe

msedge.exe

Remote address:

20.26.156.215:443

Request

GET /Da2dalus/The-MALWARE-Repo/deferred-metadata/master/Virus/MadMan.exe HTTP/2.0
host: github.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
content-type: application/json
accept: application/json
x-requested-with: XMLHttpRequest
github-verified-fetch: true
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Virus/MadMan.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _gh_sess=3pslbJoWb%2B8s3S77LyoEbf3RSedzRGlxFfN%2BonOROqoALpLu8Y0uJPSZBT2vfiGhQB8%2BEs1zHSqozjwzhUNyekPr%2Fv%2FDgwzb0v7KOjg0izKz4014824b8juMY%2FwXf8W1Ydl8QgAtP0qlnDQbLL1t9RK47A%2BDQ9rN1uxnRwIgsfbPcdJlqzgz%2Fk9wjk%2FBgDJmpyQoDJU484cQ1lUBgdNoIUJMpBXg3j987gftiBKx2mUK4ede0h9zIxSKHS14Ty8U7N6ouFSeD4a%2FybL7rK7NqA%3D%3D--a4wUJGIce5wOWPMD--22Slh6i8WDVF7q8E4oOEtg%3D%3D
cookie: _octo=GH1.1.1226490588.1734113350
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 200

server: GitHub.com
date: Fri, 13 Dec 2024 18:11:34 GMT
content-type: application/json; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
etag: W/"413669063bf1c291e252618e3eb3f2a5"
cache-control: max-age=0, private, must-revalidate
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
content-encoding: gzip
accept-ranges: bytes
content-length: 441
x-github-request-id: C3F9:17A6AF:16277C3:1A3414B:675C78D6
GET

https://github.com/Da2dalus/The-MALWARE-Repo/raw/refs/heads/master/Virus/MadMan.exe

msedge.exe

Remote address:

20.26.156.215:443

Request

GET /Da2dalus/The-MALWARE-Repo/raw/refs/heads/master/Virus/MadMan.exe HTTP/2.0
host: github.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Virus/MadMan.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _gh_sess=3pslbJoWb%2B8s3S77LyoEbf3RSedzRGlxFfN%2BonOROqoALpLu8Y0uJPSZBT2vfiGhQB8%2BEs1zHSqozjwzhUNyekPr%2Fv%2FDgwzb0v7KOjg0izKz4014824b8juMY%2FwXf8W1Ydl8QgAtP0qlnDQbLL1t9RK47A%2BDQ9rN1uxnRwIgsfbPcdJlqzgz%2Fk9wjk%2FBgDJmpyQoDJU484cQ1lUBgdNoIUJMpBXg3j987gftiBKx2mUK4ede0h9zIxSKHS14Ty8U7N6ouFSeD4a%2FybL7rK7NqA%3D%3D--a4wUJGIce5wOWPMD--22Slh6i8WDVF7q8E4oOEtg%3D%3D
cookie: _octo=GH1.1.1226490588.1734113350
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 302

server: GitHub.com
date: Fri, 13 Dec 2024 18:11:37 GMT
content-type: text/html; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
access-control-allow-origin:
location: https://raw.githubusercontent.com/Da2dalus/The-MALWARE-Repo/refs/heads/master/Virus/MadMan.exe
cache-control: no-cache
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
content-length: 0
x-github-request-id: C3F9:17A6AF:1627926:1A342F6:675C78D6
GET

https://avatars.githubusercontent.com/u/63458929?s=64&v=4

msedge.exe

Remote address:

185.199.109.133:443

Request

GET /u/63458929?s=64&v=4 HTTP/2.0
host: avatars.githubusercontent.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: max-age=300
content-security-policy: default-src 'none'
content-type: image/png
etag: "e25efc2f3c542a995df70f85198b7fd6184be4700ec9756e00c0a8fd9e7a124c"
last-modified: Sat, 06 Dec 2014 07:54:23 GMT
strict-transport-security: max-age=31557600
timing-allow-origin: https://github.com
x-content-type-options: nosniff
x-frame-options: deny
x-github-tenant:
x-xss-protection: 1; mode=block
x-github-request-id: 5B3B:322CD7:7578D:9438A:6757FCB9
accept-ranges: bytes
date: Fri, 13 Dec 2024 18:10:18 GMT
via: 1.1 varnish
x-served-by: cache-lcy-eglc8600066-LCY
x-cache: HIT
x-cache-hits: 0
x-timer: S1734113419.835814,VS0,VE1
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-fastly-request-id: d8ea9773f1ef6dbe564f0ed21444798ac3a26d86
expires: Fri, 13 Dec 2024 18:15:18 GMT
source-age: 293841
vary: Authorization,Accept-Encoding
content-length: 1505
GET

https://avatars.githubusercontent.com/u/123590232?s=64&v=4

msedge.exe

Remote address:

185.199.109.133:443

Request

GET /u/123590232?s=64&v=4 HTTP/2.0
host: avatars.githubusercontent.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: max-age=300
content-security-policy: default-src 'none'
content-type: image/jpeg
etag: "1d9f1acf397d81e762e9ede9d36dd95eb2e889d8dc41c4f240aa17ffcd5ff02f"
last-modified: Thu, 20 Jul 2023 19:54:24 GMT
strict-transport-security: max-age=31557600
timing-allow-origin: https://github.com
x-content-type-options: nosniff
x-frame-options: deny
x-github-tenant:
x-xss-protection: 1; mode=block
x-github-request-id: 3370:3A0AC1:12824D:160147:67501957
accept-ranges: bytes
date: Fri, 13 Dec 2024 18:10:18 GMT
via: 1.1 varnish
x-served-by: cache-lcy-eglc8600066-LCY
x-cache: HIT
x-cache-hits: 0
x-timer: S1734113419.835912,VS0,VE1
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-fastly-request-id: 861a7d9833d4a479b87f30aee3c9ee9ebb250700
expires: Fri, 13 Dec 2024 18:15:18 GMT
source-age: 810802
vary: Authorization,Accept-Encoding
content-length: 1266
GET

https://avatars.githubusercontent.com/u/63458929?v=4&size=40

msedge.exe

Remote address:

185.199.109.133:443

Request

GET /u/63458929?v=4&size=40 HTTP/2.0
host: avatars.githubusercontent.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: max-age=300
content-security-policy: default-src 'none'
content-type: image/png
etag: "e25efc2f3c542a995df70f85198b7fd6184be4700ec9756e00c0a8fd9e7a124c"
last-modified: Tue, 25 Nov 2014 17:15:17 GMT
strict-transport-security: max-age=31557600
timing-allow-origin: https://github.com
x-content-type-options: nosniff
x-frame-options: deny
x-github-tenant:
x-xss-protection: 1; mode=block
x-github-request-id: E890:3A3C8E:278A4:3096F:67458F7B
accept-ranges: bytes
date: Fri, 13 Dec 2024 18:10:19 GMT
via: 1.1 varnish
x-served-by: cache-lcy-eglc8600066-LCY
x-cache: HIT
x-cache-hits: 0
x-timer: S1734113420.775307,VS0,VE1
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-fastly-request-id: 33e4340a740e53093a2589869e54f268a20d262f
expires: Fri, 13 Dec 2024 18:15:19 GMT
source-age: 1501455
vary: Authorization,Accept-Encoding
content-length: 1505
POST

https://api.github.com/_private/browser/stats

msedge.exe

Remote address:

20.26.156.210:443

Request

POST /_private/browser/stats HTTP/2.0
host: api.github.com
content-length: 2566
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
content-type: text/plain;charset=UTF-8
accept: */*
origin: https://github.com
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _octo=GH1.1.1226490588.1734113350
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 200

date: Fri, 13 Dec 2024 18:10:19 GMT
content-type: text/plain
content-length: 0
cache-control: no-cache
x-ratelimit-limit: 60
x-ratelimit-remaining: 60
x-ratelimit-reset: 1734117019
x-ratelimit-used: 0
x-ratelimit-resource: core
x-github-media-type: github.v3; format=json
x-github-api-version-selected: 2022-11-28
access-control-expose-headers: ETag, Link, Location, Retry-After, X-GitHub-OTP, X-RateLimit-Limit, X-RateLimit-Remaining, X-RateLimit-Used, X-RateLimit-Resource, X-RateLimit-Reset, X-OAuth-Scopes, X-Accepted-OAuth-Scopes, X-Poll-Interval, X-GitHub-Media-Type, X-GitHub-SSO, X-GitHub-Request-Id, Deprecation, Sunset
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
content-security-policy: default-src 'none'
vary: Accept-Encoding, Accept, X-Requested-With
server: github.com
x-github-request-id: C4A8:81D14:6DF63B:81715F:675C788B
POST

https://api.github.com/_private/browser/stats

msedge.exe

Remote address:

20.26.156.210:443

Request

POST /_private/browser/stats HTTP/2.0
host: api.github.com
content-length: 148
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
content-type: text/plain;charset=UTF-8
accept: */*
origin: https://github.com
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _octo=GH1.1.1226490588.1734113350
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 200

date: Fri, 13 Dec 2024 18:10:24 GMT
content-type: text/plain
content-length: 0
cache-control: no-cache
x-ratelimit-limit: 60
x-ratelimit-remaining: 60
x-ratelimit-reset: 1734117024
x-ratelimit-used: 0
x-ratelimit-resource: core
x-github-media-type: github.v3; format=json
x-github-api-version-selected: 2022-11-28
access-control-expose-headers: ETag, Link, Location, Retry-After, X-GitHub-OTP, X-RateLimit-Limit, X-RateLimit-Remaining, X-RateLimit-Used, X-RateLimit-Resource, X-RateLimit-Reset, X-OAuth-Scopes, X-Accepted-OAuth-Scopes, X-Poll-Interval, X-GitHub-Media-Type, X-GitHub-SSO, X-GitHub-Request-Id, Deprecation, Sunset
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
content-security-policy: default-src 'none'
vary: Accept-Encoding, Accept, X-Requested-With
server: github.com
x-github-request-id: C4A8:81D14:6DF79F:81730D:675C788B
POST

https://api.github.com/_private/browser/stats

msedge.exe

Remote address:

20.26.156.210:443

Request

POST /_private/browser/stats HTTP/2.0
host: api.github.com
content-length: 892
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
content-type: text/plain;charset=UTF-8
accept: */*
origin: https://github.com
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Virus/Walker.com
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _octo=GH1.1.1226490588.1734113350
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 200

date: Fri, 13 Dec 2024 18:10:38 GMT
content-type: text/plain
content-length: 0
cache-control: no-cache
x-ratelimit-limit: 60
x-ratelimit-remaining: 60
x-ratelimit-reset: 1734117038
x-ratelimit-used: 0
x-ratelimit-resource: core
x-github-media-type: github.v3; format=json
x-github-api-version-selected: 2022-11-28
access-control-expose-headers: ETag, Link, Location, Retry-After, X-GitHub-OTP, X-RateLimit-Limit, X-RateLimit-Remaining, X-RateLimit-Used, X-RateLimit-Resource, X-RateLimit-Reset, X-OAuth-Scopes, X-Accepted-OAuth-Scopes, X-Poll-Interval, X-GitHub-Media-Type, X-GitHub-SSO, X-GitHub-Request-Id, Deprecation, Sunset
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
content-security-policy: default-src 'none'
vary: Accept-Encoding, Accept, X-Requested-With
server: github.com
x-github-request-id: C4A8:81D14:6DFBA0:8177EE:675C7890
POST

https://api.github.com/_private/browser/stats

msedge.exe

Remote address:

20.26.156.210:443

Request

POST /_private/browser/stats HTTP/2.0
host: api.github.com
content-length: 307
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
content-type: text/plain;charset=UTF-8
accept: */*
origin: https://github.com
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Virus/WinNuke.98.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _octo=GH1.1.1226490588.1734113350
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 200

date: Fri, 13 Dec 2024 18:11:04 GMT
content-type: text/plain
content-length: 0
cache-control: no-cache
x-ratelimit-limit: 60
x-ratelimit-remaining: 60
x-ratelimit-reset: 1734117064
x-ratelimit-used: 0
x-ratelimit-resource: core
x-github-media-type: github.v3; format=json
x-github-api-version-selected: 2022-11-28
access-control-expose-headers: ETag, Link, Location, Retry-After, X-GitHub-OTP, X-RateLimit-Limit, X-RateLimit-Remaining, X-RateLimit-Used, X-RateLimit-Resource, X-RateLimit-Reset, X-OAuth-Scopes, X-Accepted-OAuth-Scopes, X-Poll-Interval, X-GitHub-Media-Type, X-GitHub-SSO, X-GitHub-Request-Id, Deprecation, Sunset
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
content-security-policy: default-src 'none'
vary: Accept-Encoding, Accept, X-Requested-With
server: github.com
x-github-request-id: C4A8:81D14:6E0324:81810F:675C789E
POST

https://api.github.com/_private/browser/stats

msedge.exe

Remote address:

20.26.156.210:443

Request

POST /_private/browser/stats HTTP/2.0
host: api.github.com
content-length: 727
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
content-type: text/plain;charset=UTF-8
accept: */*
origin: https://github.com
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Virus/Melissa.doc
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _octo=GH1.1.1226490588.1734113350
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 200

date: Fri, 13 Dec 2024 18:11:32 GMT
content-type: text/plain
content-length: 0
cache-control: no-cache
x-ratelimit-limit: 60
x-ratelimit-remaining: 60
x-ratelimit-reset: 1734117092
x-ratelimit-used: 0
x-ratelimit-resource: core
x-github-media-type: github.v3; format=json
x-github-api-version-selected: 2022-11-28
access-control-expose-headers: ETag, Link, Location, Retry-After, X-GitHub-OTP, X-RateLimit-Limit, X-RateLimit-Remaining, X-RateLimit-Used, X-RateLimit-Resource, X-RateLimit-Reset, X-OAuth-Scopes, X-Accepted-OAuth-Scopes, X-Poll-Interval, X-GitHub-Media-Type, X-GitHub-SSO, X-GitHub-Request-Id, Deprecation, Sunset
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
content-security-policy: default-src 'none'
vary: Accept-Encoding, Accept, X-Requested-With
server: github.com
x-github-request-id: C4A8:81D14:6E0AF0:818AA8:675C78B8
GET

https://raw.githubusercontent.com/Da2dalus/The-MALWARE-Repo/refs/heads/master/Virus/Walker.com

msedge.exe

Remote address:

185.199.111.133:443

Request

GET /Da2dalus/The-MALWARE-Repo/refs/heads/master/Virus/Walker.com HTTP/2.0
host: raw.githubusercontent.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
origin: https://github.com
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Virus/Walker.com
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: max-age=300
content-security-policy: default-src 'none'; style-src 'unsafe-inline'; sandbox
content-type: application/octet-stream
etag: W/"e7ccef86081efeda9fcd898928cfb9c4b048bf29a14938ae9e612cf086a46a0e"
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: deny
x-xss-protection: 1; mode=block
x-github-request-id: 99BA:32F060:46BB13:5449EF:675C7898
accept-ranges: bytes
date: Fri, 13 Dec 2024 18:10:35 GMT
via: 1.1 varnish
x-served-by: cache-lon4223-LON
x-cache: MISS
x-cache-hits: 0
x-timer: S1734113436.507922,VS0,VE145
vary: Authorization,Accept-Encoding,Origin
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-fastly-request-id: cc2381c1641cffd5170ce18f878a949df053ac46
expires: Fri, 13 Dec 2024 18:15:35 GMT
source-age: 0
content-length: 5078
GET

https://raw.githubusercontent.com/Da2dalus/The-MALWARE-Repo/refs/heads/master/Virus/WinNuke.98.exe

msedge.exe

Remote address:

185.199.111.133:443

Request

GET /Da2dalus/The-MALWARE-Repo/refs/heads/master/Virus/WinNuke.98.exe HTTP/2.0
host: raw.githubusercontent.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
origin: https://github.com
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Virus/WinNuke.98.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: max-age=300
content-security-policy: default-src 'none'; style-src 'unsafe-inline'; sandbox
content-type: application/octet-stream
etag: W/"9fbd3e46fbe7bcda29b00ec7e4d114485b25199494c04336fa1ffee3b0dcff60"
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: deny
x-xss-protection: 1; mode=block
x-github-request-id: 4407:330608:4830A9:55BFEB:675C78B4
accept-ranges: bytes
date: Fri, 13 Dec 2024 18:11:03 GMT
via: 1.1 varnish
x-served-by: cache-lon4223-LON
x-cache: MISS
x-cache-hits: 0
x-timer: S1734113461.410917,VS0,VE2058
vary: Authorization,Accept-Encoding,Origin
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-fastly-request-id: 55b02c938bd6bf177e5f5050ada6a704971e6d9a
expires: Fri, 13 Dec 2024 18:16:03 GMT
source-age: 0
content-length: 33280
GET

https://raw.githubusercontent.com/Da2dalus/The-MALWARE-Repo/refs/heads/master/Virus/MadMan.exe

msedge.exe

Remote address:

185.199.111.133:443

Request

GET /Da2dalus/The-MALWARE-Repo/refs/heads/master/Virus/MadMan.exe HTTP/2.0
host: raw.githubusercontent.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
origin: https://github.com
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Virus/MadMan.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: max-age=300
content-security-policy: default-src 'none'; style-src 'unsafe-inline'; sandbox
content-type: application/octet-stream
etag: W/"e40fdff69b64beb81723926466972cf709a5fe382c8aa2aed80d255ad2c054bc"
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: deny
x-xss-protection: 1; mode=block
x-github-request-id: D389:33FEEF:4CA1FF:5A31D8:675C78D7
accept-ranges: bytes
date: Fri, 13 Dec 2024 18:11:37 GMT
via: 1.1 varnish
x-served-by: cache-lon4223-LON
x-cache: MISS
x-cache-hits: 0
x-timer: S1734113497.478433,VS0,VE143
vary: Authorization,Accept-Encoding,Origin
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-fastly-request-id: 126ffa0663cb07be114e4357061ac5400e5fc264
expires: Fri, 13 Dec 2024 18:16:37 GMT
source-age: 0
content-length: 2671

20.26.156.215:80

http://github.com/

http

msedge.exe

718 B
256 B
6
4

HTTP Request

GET http://github.com/

HTTP Response

301
20.26.156.215:80

github.com

http

msedge.exe

242 B
457 B
5
5

HTTP Response

408
20.26.156.215:443

https://github.com/manifest.json

tls, http2

msedge.exe

3.6kB
63.6kB
43
58

HTTP Request

GET https://github.com/

HTTP Response

200

HTTP Request

GET https://github.com/opensearch.xml

HTTP Request

GET https://github.com/manifest.json

HTTP Response

200

HTTP Response

200
185.199.110.154:443

github.githubassets.com

tls

msedge.exe

989 B
6.3kB
9
11
185.199.110.154:443

https://github.githubassets.com/assets/react-code-view-8de22c3cf6c2.js

tls, http2

msedge.exe

89.4kB
3.4MB
1580
2603

HTTP Request

GET https://github.githubassets.com/assets/light-0cfd1fd8509e.css

HTTP Request

GET https://github.githubassets.com/assets/dark-d782f59290e2.css

HTTP Request

GET https://github.githubassets.com/assets/primer-primitives-953961b66e63.css

HTTP Request

GET https://github.githubassets.com/assets/primer-c2a395868004.css

HTTP Request

GET https://github.githubassets.com/assets/global-2f00718c6733.css

HTTP Request

GET https://github.githubassets.com/assets/github-2bd3a44faeb2.css

HTTP Request

GET https://github.githubassets.com/assets/primer-react.978a0e823d7b04f19850.module.css

HTTP Request

GET https://github.githubassets.com/assets/home-7d9ef44a828b.css

HTTP Request

GET https://github.githubassets.com/assets/landing-pages-b6361b51e085.css

HTTP Request

GET https://github.githubassets.com/assets/site-cebe295375c4.css

HTTP Request

GET https://github.githubassets.com/assets/landing-pages.60c759f6b58588aa9dd7.module.css

HTTP Request

GET https://github.githubassets.com/assets/global-banner-disable-f988792be49f.js

HTTP Request

GET https://github.githubassets.com/assets/mona-sans-d1bf285e9b9b.woff2

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://github.githubassets.com/assets/wp-runtime-2142a8343952.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_oddbird_popover-polyfill_dist_popover_js-9da652f58479.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_github_arianotify-polyfill_ariaNotify-polyfill_js-node_modules_github_mi-3abb8f-d7e6bc799724.js

HTTP Request

GET https://github.githubassets.com/assets/ui_packages_failbot_failbot_ts-09435cd1cf6d.js

HTTP Request

GET https://github.githubassets.com/assets/environment-7b93e0f0c8ff.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_primer_behaviors_dist_esm_index_mjs-ea2a5d75d580.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_github_selector-observer_dist_index_esm_js-f690fd9ae3d5.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_github_relative-time-element_dist_index_js-f6da4b3fa34c.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_github_combobox-nav_dist_index_js-node_modules_github_g-emoji-element_di-6ce195-8dc38c1f27cc.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_github_auto-complete-element_dist_index_js-node_modules_github_catalyst_-8e9f78-a74b4e0a8a6b.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_github_text-expander-element_dist_index_js-78748950cb0c.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_github_filter-input-element_dist_index_js-node_modules_github_remote-inp-b5f1d7-a1760ffda83d.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_github_file-attachment-element_dist_index_js-node_modules_primer_view-co-381a4f-e1937e23751a.js

HTTP Request

GET https://github.githubassets.com/assets/github-elements-902713b269e2.js

HTTP Request

GET https://github.githubassets.com/assets/element-registry-3cb970f9c462.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_braintree_browser-detection_dist_browser-detection_js-node_modules_githu-bb80ec-1b4f4deecd3a.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_lit-html_lit-html_js-be8cb88f481b.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_github_mini-throttle_dist_index_js-node_modules_morphdom_dist_morphdom-e-7c534c-a4a1922eb55f.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_github_turbo_dist_turbo_es2017-esm_js-e3cbe28f1638.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_github_remote-form_dist_index_js-node_modules_delegated-events_dist_inde-893f9f-6cf3320416b8.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_color-convert_index_js-e3180fe3bcb3.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_github_quote-selection_dist_index_js-node_modules_github_session-resume_-69cfcc-833249ee3034.js

HTTP Request

GET https://github.githubassets.com/assets/ui_packages_updatable-content_updatable-content_ts-863ef5872a03.js

HTTP Request

GET https://github.githubassets.com/assets/app_assets_modules_github_behaviors_task-list_ts-app_assets_modules_github_sso_ts-ui_packages-900dde-917d4bda1f1a.js

HTTP Request

GET https://github.githubassets.com/assets/app_assets_modules_github_sticky-scroll-into-view_ts-7cbef09a422c.js

HTTP Request

GET https://github.githubassets.com/assets/app_assets_modules_github_behaviors_ajax-error_ts-app_assets_modules_github_behaviors_include-d0d0a6-b41aeef03499.js

HTTP Request

GET https://github.githubassets.com/assets/app_assets_modules_github_behaviors_commenting_edit_ts-app_assets_modules_github_behaviors_ht-83c235-fb43816ab83c.js

HTTP Request

GET https://github.githubassets.com/assets/behaviors-bd73f5127970.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_delegated-events_dist_index_js-node_modules_github_catalyst_lib_index_js-f6223d90c7ba.js

HTTP Request

GET https://github.githubassets.com/assets/notifications-global-cfcd9f4f0f23.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_github_mini-throttle_dist_index_js-node_modules_delegated-events_dist_in-bae876-4b7fc9352994.js

HTTP Request

GET https://github.githubassets.com/assets/marketing-essentials-a4759cf649d9.js

HTTP Request

GET https://github.githubassets.com/assets/primer-react-dcbe4742cab1.js

HTTP Request

GET https://github.githubassets.com/assets/react-core-10ab7568dc1d.js

HTTP Request

GET https://github.githubassets.com/assets/react-lib-2131e17288a8.js

HTTP Request

GET https://github.githubassets.com/assets/octicons-react-45c3a19dd792.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_tanstack_query-core_build_modern_queryClient_js-e6f07a7e80b7.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_emotion_is-prop-valid_dist_emotion-is-prop-valid_esm_js-node_modules_emo-37e3d5-92730c05e718.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_github_mini-throttle_dist_index_js-node_modules_stacktrace-parser_dist_s-e7dcdd-f7cc96ebae76.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_tanstack_query-core_build_modern_queryObserver_js-node_modules_tanstack_-defd52-843b41414e0e.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_three_build_three_module_js-e0c7a2724803.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_primer_react-brand_lib_index_js-node_modules_primer_live-region-element_-9942a0-00d4272573a5.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_contentful_rich-text-react-renderer_dist_rich-text-react-renderer_es5_js-fcd1ac-e9f8593fb246.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_three_examples_jsm_loaders_GLTFLoader_js-c0d84dec2b73.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_contentful_rich-text-html-renderer_dist_rich-text-html-renderer_es5_js-b83fdb5d31e7.js

HTTP Request

GET https://github.githubassets.com/assets/ui_packages_aria-live_aria-live_ts-ui_packages_promise-with-resolvers-polyfill_promise-with-r-014121-a7926fdcecf7.js

HTTP Request

GET https://github.githubassets.com/assets/ui_packages_paths_index_ts-f12c66ceb89d.js

HTTP Request

GET https://github.githubassets.com/assets/ui_packages_microsoft-analytics_microsoft-analytics_ts-78c2fc13b139.js

HTTP Request

GET https://github.githubassets.com/assets/ui_packages_document-metadata_document-metadata_ts-ui_packages_swp-core_lib_utils_images_ts-u-9e4972-78338b2a59ca.js

HTTP Request

GET https://github.githubassets.com/assets/ui_packages_swp-core_schemas_contentful_contentTypes_featuredBento_ts-ui_packages_swp-core_sc-155ce0-2c571a4e84c1.js

HTTP Request

GET https://github.githubassets.com/assets/landing-pages-adc358dcb396.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_oddbird_popover-polyfill_dist_popover-fn_js-55fea94174bf.js

HTTP Request

GET https://github.githubassets.com/assets/ui_packages_ui-commands_ui-commands_ts-ad1e2d0f65cc.js

HTTP Request

GET https://github.githubassets.com/assets/keyboard-shortcuts-dialog-958cae8ecd6c.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_github_remote-form_dist_index_js-node_modules_delegated-events_dist_inde-94fd67-73b675cf164a.js

HTTP Request

GET https://github.githubassets.com/assets/sessions-5d6426bbf16a.js

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://github.githubassets.com/assets/chunk-app_components_primer_experimental_select-panel-element_ts-df163caeb326.js

HTTP Request

GET https://github.githubassets.com/assets/chunk-app_components_primer_experimental_toggle-switch-element_ts-04349cb42240.js

HTTP Request

GET https://github.githubassets.com/assets/chunk-app_components_search_custom-scopes-element_ts-e27cda452715.js

HTTP Request

GET https://github.githubassets.com/assets/chunk-vendors-node_modules_github_mini-throttle_dist_index_js-node_modules_github_combobox-nav_dist-b7767a-204b23f944ed.js

HTTP Request

GET https://github.githubassets.com/assets/ui_packages_query-builder-element_query-builder-element_ts-eff79392502f.js

HTTP Request

GET https://github.githubassets.com/assets/app_assets_modules_github_blob-anchor_ts-ui_packages_code-nav_code-nav_ts-ui_packages_filter--8253c1-f38cdfca9137.js

HTTP Request

GET https://github.githubassets.com/assets/chunk-ui_packages_hydro-analytics_hydro-analytics_ts-ui_packages_jump-to-element_model_ts-1861998b8782.js

HTTP Request

GET https://github.githubassets.com/assets/chunk-app_components_search_qbsearch-input-element_ts-0c296ada2937.js

HTTP Request

GET https://github.githubassets.com/assets/chunk-ui_packages_cookie-consent-link-element_cookie-consent-link-element_ts-73da88e31cac.js

HTTP Request

GET https://github.githubassets.com/assets/chunk-ui_packages_fullstory-capture-element_fullstory-capture-element_ts-4d1538b51962.js

HTTP Request

GET https://github.githubassets.com/assets/chunk-ui_packages_ghcc-consent-element_ghcc-consent-element_ts-ec3d32821c9f.js

HTTP Request

GET https://github.githubassets.com/assets/chunk-ui_packages_hydro-analytics_hydro-analytics_ts-node_modules_github_combobox-nav_dist_index_js-9e3f0c-b3919df742c6.js

HTTP Request

GET https://github.githubassets.com/assets/chunk-ui_packages_webauthn-get-element_webauthn-get-element_ts-57e9be291b69.js

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://github.githubassets.com/assets/chunk-app_assets_modules_marketing_active-global-banners_ts-c1f41b78ab87.js

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://github.githubassets.com/assets/chunk-vendors-node_modules_consent-banner_dist_consent-banner_js-362ca569b596.js

HTTP Response

200

HTTP Request

GET https://github.githubassets.com/assets/cat-7c075cc3dda1.glb

HTTP Request

GET https://github.githubassets.com/assets/duck-5e1fb048b27e.glb

HTTP Request

GET https://github.githubassets.com/assets/copilot-5751dc22c3aa.glb

HTTP Request

GET https://github.githubassets.com/assets/shield-204adefd566a.glb

HTTP Request

GET https://github.githubassets.com/assets/mascot-5c5e94e491c2.jpg

HTTP Request

GET https://github.githubassets.com/assets/cat_eye-456cb07a65d8.jpg

HTTP Request

GET https://github.githubassets.com/assets/star-4dcb4934560f.jpg

HTTP Request

GET https://github.githubassets.com/assets/head_sss-adeeeaf1228e.jpg

HTTP Request

GET https://github.githubassets.com/assets/eye_sss-40b5a23acf3c.jpg

HTTP Request

GET https://github.githubassets.com/assets/eye_color-e32a106912df.jpg

HTTP Request

GET https://github.githubassets.com/assets/body_sss-8dbf104b3f1e.jpg

HTTP Request

GET https://github.githubassets.com/assets/head_sss-8b881bcfef20.jpg

HTTP Request

GET https://github.githubassets.com/assets/shield_sss-63459f0a3abd.jpg

HTTP Request

GET https://github.githubassets.com/assets/shield_diffuse-c23fafc5edb6.jpg

HTTP Request

GET https://github.githubassets.com/assets/shield_blur-2e456d4ffcc3.jpg

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://github.githubassets.com/assets/chunk-ui_packages_landing-pages_routes_home_IntroHero_tsx-da150d4ba8d3.js

HTTP Request

GET https://github.githubassets.com/assets/chunk-ui_packages_landing-pages_routes_home_components_SectionIntroWebGL_SectionIntroWebGL_tsx-d9d890435fcf.js

HTTP Request

GET https://github.githubassets.com/assets/chunk-ui_packages_landing-pages_routes_home_CtaWebGL_tsx-ui_packages_landing-pages_routes_home_asse-96f8a8-7596de10ddab.js

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://github.githubassets.com/assets/repository-d031bcc14e1b.css

HTTP Request

GET https://github.githubassets.com/assets/code-9e1913b328be.css

HTTP Request

GET https://github.githubassets.com/assets/notifications-subscriptions-menu.1bcff9205c241e99cff2.module.css

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_virtualized-list_es_index_js-node_modules_github_template-parts_lib_index_js-96453a51f920.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_github_remote-form_dist_index_js-node_modules_delegated-events_dist_inde-70450e-eecf0d50276f.js

HTTP Request

GET https://github.githubassets.com/assets/app_assets_modules_github_ref-selector_ts-74c351a8d897.js

HTTP Request

GET https://github.githubassets.com/assets/codespaces-a493a4b9528f.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_github_filter-input-element_dist_index_js-node_modules_github_remote-inp-3eebbd-0763620ad7bf.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_github_mini-throttle_dist_decorators_js-node_modules_delegated-events_di-e161aa-9d41fb1b6c9e.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_github_file-attachment-element_dist_index_js-node_modules_github_remote--3c9c82-7238cfcdaa51.js

HTTP Request

GET https://github.githubassets.com/assets/repositories-f3093651fb0e.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_github_mini-throttle_dist_index_js-node_modules_github_catalyst_lib_inde-dbbea9-26cce2010167.js

HTTP Request

GET https://github.githubassets.com/assets/code-menu-a6586c32bc2f.js

HTTP Request

GET https://github.githubassets.com/assets/notifications-subscriptions-menu-51601778bd8d.js

HTTP Request

GET https://github.githubassets.com/assets/repos-overview.9cc263aa0716ce801059.module.css

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_dompurify_dist_purify_js-b89b98661809.js

HTTP Request

GET https://github.githubassets.com/assets/ui_packages_ref-selector_RefSelector_tsx-9445f4afb2bc.js

HTTP Request

GET https://github.githubassets.com/assets/ui_packages_code-view-shared_hooks_use-canonical-object_ts-ui_packages_code-view-shared_hooks-a6859a-6f85088e9b13.js

HTTP Request

GET https://github.githubassets.com/assets/ui_packages_commit-attribution_index_ts-ui_packages_commit-checks-status_index_ts-ui_packages-ba46f8-39f0ccb45f29.js

HTTP Request

GET https://github.githubassets.com/assets/repos-overview-1cb3b222c0fd.js

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://github.githubassets.com/assets/chunk-ui_packages_code-view-shared_components_files-search_FileResultsList_tsx-9889e76b905e.js

HTTP Response

200

HTTP Request

GET https://github.githubassets.com/assets/react-code-view.6b587a69b593e23c3657.module.css

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_lodash-es__Stack_js-node_modules_lodash-es__Uint8Array_js-node_modules_l-4faaa6-10d8eea337ce.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_lodash-es__baseIsEqual_js-8929eb9718d5.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_github_hydro-analytics-client_dist_analytics-client_js-node_modules_gith-6c9205-5be7897ceb98.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_focus-visible_dist_focus-visible_js-node_modules_fzy_js_index_js-node_mo-f8ea3a-77f7bac5c79f.js

HTTP Request

GET https://github.githubassets.com/assets/ui_packages_code-view-shared_utilities_web-worker_ts-ui_packages_code-view-shared_worker-jobs-cdcae1-f0dc8f3ae3e0.js

HTTP Request

GET https://github.githubassets.com/assets/ui_packages_document-metadata_document-metadata_ts-ui_packages_repos-file-tree-view_repos-fil-5db355-20987ff3233b.js

HTTP Request

GET https://github.githubassets.com/assets/react-code-view-8de22c3cf6c2.js

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200
185.199.110.154:443

github.githubassets.com

tls

msedge.exe

989 B
6.3kB
9
11
185.199.110.154:443

github.githubassets.com

tls

msedge.exe

989 B
6.3kB
9
11
185.199.110.154:443

github.githubassets.com

tls

msedge.exe

989 B
6.3kB
9
11
185.199.110.154:443

github.githubassets.com

tls

msedge.exe

989 B
6.3kB
9
11
185.199.109.133:443

avatars.githubusercontent.com

tls

msedge.exe

1.0kB
4.8kB
10
11
185.199.110.154:443

https://github.githubassets.com/assets/apple-touch-icon-144x144-b882e354c005.png

tls, http2

msedge.exe

46.6kB
2.0MB
936
1447

HTTP Request

GET https://github.githubassets.com/assets/figma-62d390a52419.webp

HTTP Request

GET https://github.githubassets.com/assets/mercedes-benz-d8f89b041561.webp

HTTP Request

GET https://github.githubassets.com/assets/mercado-libre-579cb5447302.webp

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://github.githubassets.com/assets/code-1_poster_desktop-b2dc87b71fdc.webp

HTTP Request

GET https://github.githubassets.com/assets/hero_poster_desktop-aafcb240c684.webp

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://github.githubassets.com/assets/code-1_desktop-7ab52aea3358.mp4

HTTP Request

GET https://github.githubassets.com/assets/hero_desktop-4dc318ea1962.mp4

HTTP Response

206

HTTP Response

206

HTTP Request

GET https://github.githubassets.com/favicons/favicon.svg

HTTP Response

200

HTTP Request

GET https://github.githubassets.com/favicons/favicon.png

HTTP Request

GET https://github.githubassets.com/assets/apple-touch-icon-144x144-b882e354c005.png

HTTP Response

200

HTTP Response

200
20.26.156.210:443

https://api.github.com/_private/browser/stats

tls, http2

msedge.exe

4.4kB
6.7kB
22
23

HTTP Request

POST https://api.github.com/_private/browser/stats

HTTP Response

200

HTTP Request

POST https://api.github.com/_private/browser/stats

HTTP Response

200
140.82.112.22:443

https://collector.github.com/github/collect

tls, http2

msedge.exe

52.1kB
26.9kB
120
102

HTTP Request

POST https://collector.github.com/github/collect

HTTP Request

POST https://collector.github.com/github/collect

HTTP Response

204

HTTP Response

204

HTTP Request

POST https://collector.github.com/github/collect

HTTP Response

204

HTTP Request

POST https://collector.github.com/github/collect

HTTP Request

POST https://collector.github.com/github/collect

HTTP Response

204

HTTP Response

204

HTTP Request

POST https://collector.github.com/github/collect

HTTP Request

POST https://collector.github.com/github/collect

HTTP Response

204

HTTP Response

204

HTTP Request

POST https://collector.github.com/github/collect

HTTP Response

204

HTTP Request

POST https://collector.github.com/github/collect

HTTP Response

204

HTTP Request

POST https://collector.github.com/github/collect

HTTP Request

POST https://collector.github.com/github/collect

HTTP Request

POST https://collector.github.com/github/collect

HTTP Response

204

HTTP Response

204

HTTP Response

204

HTTP Request

POST https://collector.github.com/github/collect

HTTP Response

204

HTTP Request

POST https://collector.github.com/github/collect

HTTP Request

POST https://collector.github.com/github/collect

HTTP Request

POST https://collector.github.com/github/collect

HTTP Response

204

HTTP Request

POST https://collector.github.com/github/collect

HTTP Response

204

HTTP Response

204

HTTP Request

POST https://collector.github.com/github/collect

HTTP Request

POST https://collector.github.com/github/collect

HTTP Response

204

HTTP Request

POST https://collector.github.com/github/collect

HTTP Response

204

HTTP Response

204

HTTP Response

204

HTTP Request

POST https://collector.github.com/github/collect

HTTP Response

204

HTTP Request

POST https://collector.github.com/github/collect

HTTP Request

POST https://collector.github.com/github/collect

HTTP Request

POST https://collector.github.com/github/collect

HTTP Response

204

HTTP Response

204

HTTP Response

204

HTTP Request

POST https://collector.github.com/github/collect

HTTP Response

204

HTTP Request

POST https://collector.github.com/github/collect

HTTP Request

POST https://collector.github.com/github/collect

HTTP Request

POST https://collector.github.com/github/collect

HTTP Response

204

HTTP Response

204

HTTP Response

204
140.82.112.22:443

collector.github.com

tls

msedge.exe

1.0kB
4.6kB
10
8
95.101.143.210:443

https://www.bing.com/fd/ls/lsp.aspx

tls, http2

msedge.exe

87.7kB
557.2kB
497
616

HTTP Request

GET https://www.bing.com/qbox?query=ra&language=en-US&pt=EdgBox&cvid=7e729d80db1740afaef3a04217b93d4b&ig=1b164951032e44f6abff29f30224f234&oit=1&cp=2&pgcl=4

HTTP Request

GET https://www.bing.com/qbox?query=ran&language=en-US&pt=EdgBox&cvid=7e729d80db1740afaef3a04217b93d4b&ig=dcbfb65e26ca4677b5d35a39ad46db04&oit=1&cp=3&pgcl=4

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://www.bing.com/qbox?query=rans&language=en-US&pt=EdgBox&cvid=7e729d80db1740afaef3a04217b93d4b&ig=d3b21556effd4021b7c5965d02554d23&oit=1&cp=4&pgcl=4

HTTP Response

200

HTTP Request

GET https://www.bing.com/qbox?query=ranso&language=en-US&pt=EdgBox&cvid=7e729d80db1740afaef3a04217b93d4b&ig=36aec78b1da543219484c472d33c61fc&oit=1&cp=5&pgcl=4

HTTP Response

200

HTTP Request

GET https://www.bing.com/qbox?query=ransom&language=en-US&pt=EdgBox&cvid=7e729d80db1740afaef3a04217b93d4b&ig=23654dca198f41e1a241d7b2486882ff&oit=1&cp=6&pgcl=4

HTTP Response

200

HTTP Request

GET https://www.bing.com/qbox?query=ransomw&language=en-US&pt=EdgBox&cvid=7e729d80db1740afaef3a04217b93d4b&ig=34a7fa711af04c079b594a2c20bb1b88&oit=1&cp=7&pgcl=4

HTTP Response

200

HTTP Request

GET https://www.bing.com/qbox?query=ransomwa&language=en-US&pt=EdgBox&cvid=7e729d80db1740afaef3a04217b93d4b&ig=539f69d432fe4bf888be9ee7397380df&oit=1&cp=8&pgcl=4

HTTP Response

200

HTTP Request

GET https://www.bing.com/qbox?query=ransomwar&language=en-US&pt=EdgBox&cvid=7e729d80db1740afaef3a04217b93d4b&ig=5eeb321289324a3ea30c9210f2169a49&oit=1&cp=9&pgcl=4

HTTP Response

200

HTTP Request

GET https://www.bing.com/qbox?query=ransomware&language=en-US&pt=EdgBox&cvid=7e729d80db1740afaef3a04217b93d4b&ig=acdc0dc7b1e543c29b44a856f729792f&oit=1&cp=10&pgcl=4

HTTP Response

200

HTTP Request

GET https://www.bing.com/qbox?query=ransomware+&language=en-US&pt=EdgBox&cvid=7e729d80db1740afaef3a04217b93d4b&ig=f2377acffc1f48beb65b47860f35d831&oit=1&cp=11&pgcl=4

HTTP Response

200

HTTP Request

GET https://www.bing.com/qbox?query=ransomware+d&language=en-US&pt=EdgBox&cvid=7e729d80db1740afaef3a04217b93d4b&ig=8a21e6d537d84d3d9ad8395fd7ffe32d&oit=4&cp=12&pgcl=4

HTTP Request

GET https://www.bing.com/qbox?query=ransomware+do&language=en-US&pt=EdgBox&cvid=7e729d80db1740afaef3a04217b93d4b&ig=4f72dba0de144fd3ac2020f52a2d68c1&oit=4&cp=13&pgcl=4

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://www.bing.com/qbox?query=ransomware+dow&language=en-US&pt=EdgBox&cvid=7e729d80db1740afaef3a04217b93d4b&ig=72f0540b051641288e185ad9c2e3673f&oit=4&cp=14&pgcl=4

HTTP Response

200

HTTP Request

GET https://www.bing.com/qbox?query=ransomware+down&language=en-US&pt=EdgBox&cvid=7e729d80db1740afaef3a04217b93d4b&ig=a02d84e9efbe4419909c4b88e1a2d0ff&oit=4&cp=15&pgcl=4

HTTP Response

200

HTTP Request

GET https://www.bing.com/qbox?query=ransomware+downl&language=en-US&pt=EdgBox&cvid=7e729d80db1740afaef3a04217b93d4b&ig=a51a9d92f4f044e080a87f5fa0e43608&oit=4&cp=16&pgcl=4

HTTP Response

200

HTTP Request

GET https://www.bing.com/qbox?query=ransomware+downlo&language=en-US&pt=EdgBox&cvid=7e729d80db1740afaef3a04217b93d4b&ig=f21be16257824d21a997eea536eb9144&oit=4&cp=17&pgcl=4

HTTP Response

200

HTTP Request

GET https://www.bing.com/qbox?query=ransomware+downlou&language=en-US&pt=EdgBox&cvid=7e729d80db1740afaef3a04217b93d4b&ig=182d1983e4e446de9109cb22fb6aa870&oit=4&cp=18&pgcl=4

HTTP Request

GET https://www.bing.com/qbox?query=ransomware+downloud&language=en-US&pt=EdgBox&cvid=7e729d80db1740afaef3a04217b93d4b&ig=3599795308334502b705db1aca172888&oit=4&cp=19&pgcl=4

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://www.bing.com/qbox?query=ransomware+downlouds&language=en-US&pt=EdgBox&cvid=7e729d80db1740afaef3a04217b93d4b&ig=4b53222ab073467687c30f18c7fd2b80&oit=4&cp=20&pgcl=4

HTTP Response

200

HTTP Request

GET https://www.bing.com/search?q=ransomware+downlouds&cvid=7e729d80db1740afaef3a04217b93d4b&aqs=edge..69i57j0l6.4165j0j4&FORM=ANAB01&PC=U531

HTTP Response

200

HTTP Request

GET https://www.bing.com/sa/simg/Roboto_Regular.woff2

HTTP Request

GET https://www.bing.com/sa/simg/Roboto_Semibold.woff2

HTTP Response

200

HTTP Request

GET https://www.bing.com/rp/kAwiv9gc4HPfHSU3xUQp2Xqm5wA.png

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://www.bing.com/fd/ls/l?IG=0DD49FA7ED914E5E96F20FA0AFFB5C37&CID=2F4E2904EB0462ED0C753C50EA6963F3&Type=Event.CPT&DATA={%22pp%22:{%22S%22:%22L%22,%22FC%22:16,%22BC%22:326,%22SE%22:-1,%22TC%22:-1,%22H%22:396,%22BP%22:440,%22CT%22:442,%22IL%22:18},%22ad%22:[43,194,1263,601,1263,2629,0],%22net%22:%22undefined%22}&P=SERP&DA=DUBE01

HTTP Request

POST https://www.bing.com/fd/ls/lsp.aspx?

HTTP Request

GET https://www.bing.com/sa/simg/favicon-trans-bg-blue-mg.ico

HTTP Request

GET https://www.bing.com/rp/5A_wVM0BDlqDmkBnZeuIpN6wkcA.br.js

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://www.bing.com/rewardsapp/widgetassets/prod/medallion/1.1.2/js/widget.js?t=241213

HTTP Request

GET https://www.bing.com/rp/em88jYr3ZOv7yX3AqoOU5z8EEnA.png

HTTP Response

200

HTTP Response

204

HTTP Request

GET https://www.bing.com/geolocation/write?isDevLoc=false&lat=51.98436737060547&lon=-0.22957976162433624&dispName=Letchworth%252C%2520Hertfordshire&isEff=1&effLocType=4&clientsid=undefined

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://www.bing.com/fd/ls/l?IG=0DD49FA7ED914E5E96F20FA0AFFB5C37&CID=2F4E2904EB0462ED0C753C50EA6963F3&TYPE=Event.ClientInst&DATA=%5B%7B%22T%22%3A%22CI.Init%22%2C%22TS%22%3A1734113366235%2C%22Name%22%3A%22Base%22%2C%22FID%22%3A%22CI%22%7D%2C%7B%22Rtt%22%3A%22150%22%2C%22Downlink%22%3A%227.3%22%2C%22T%22%3A%22CI.NetworkPerformance%22%2C%22TS%22%3A1734113366235%2C%22Name%22%3A%22timinginfo%22%2C%22FID%22%3A%22NetworkPerformanceDetails%22%7D%2C%7B%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1734113366243%2C%22Name%22%3A%220%22%2C%22FID%22%3A%22EdgeSpoofing%22%7D%2C%7B%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1734113366244%2C%22Name%22%3A%220%22%2C%22FID%22%3A%22DM%22%7D%5D

HTTP Request

GET https://www.bing.com/fd/ls/l?IG=0DD49FA7ED914E5E96F20FA0AFFB5C37&CID=2F4E2904EB0462ED0C753C50EA6963F3&TYPE=Event.ClientInst&DATA=%5B%7B%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1734113366244%2C%22Name%22%3A%220%22%2C%22FID%22%3A%22DARKMODE%22%7D%5D

HTTP Request

GET https://www.bing.com/fd/ls/l?IG=0DD49FA7ED914E5E96F20FA0AFFB5C37&CID=2F4E2904EB0462ED0C753C50EA6963F3&Type=Event.ClientInst&DATA=[{%22T%22:%22Info%22,%22FID%22:%22CI%22,%22Name%22:%22ClientDimNotSent%22,%22Text%22:%221%22}]

HTTP Request

GET https://www.bing.com/fd/ls/l?IG=0DD49FA7ED914E5E96F20FA0AFFB5C37&CID=2F4E2904EB0462ED0C753C50EA6963F3&Type=Event.ClientInst&DATA=[{%22T%22:%22Info%22,%22FID%22:%22CI%22,%22Name%22:%22HasRR%22,%22Text%22:%221%22}]

HTTP Request

GET https://www.bing.com/fd/ls/l?IG=0DD49FA7ED914E5E96F20FA0AFFB5C37&CID=2F4E2904EB0462ED0C753C50EA6963F3&TYPE=Event.ClientInst&DATA=%5B%7B%22width%22%3A%221280%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1734113366246%2C%22Name%22%3A%22M%22%2C%22FID%22%3A%22BRW%22%7D%2C%7B%22height%22%3A%22601%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1734113366247%2C%22Name%22%3A%22S%22%2C%22FID%22%3A%22BRH%22%7D%2C%7B%22RawDPR%22%3A%221.0%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1734113366251%2C%22Name%22%3A%221.0%22%2C%22FID%22%3A%22DPR%22%7D%2C%7B%22T%22%3A%22CI.SCArrST%22%2C%22TS%22%3A1734113366251%2C%22Name%22%3A497%2C%22FID%22%3A%22SCArrST%22%7D%2C%7B%22Namespace%22%3A%22SearchHarder%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1734113366251%2C%22Name%22%3A%22ButtonVisible%22%2C%22FID%22%3A%22SearchHarderEntryPoint%22%7D%2C%7B%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1734113366251%2C%22Name%22%3A%22VisibleOrDelayed%22%2C%22FID%22%3A%22BottomBanner%22%7D%2C%7B%22ID%22%3A%2263245%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1734113366251%2C%22Name%22%3A%22BottomBanner%22%2C%22FID%22%3A%22Mcp%22%7D%2C%7B%22T%22%3A%22CI.BNP%22%2C%22TS%22%3A1734113366251%2C%22Name%22%3A%22bnp.notif.shown%22%2C%22FID%22%3A%2263245%22%7D%2C%7B%22T%22%3A%22CI.BNP%22%2C%22TS%22%3A1734113366251%2C%22Name%22%3A%22InitializationStarted%22%2C%22FID%22%3A%2263245%22%7D%2C%7B%22T%22%3A%22CI.BNP%22%2C%22TS%22%3A1734113366251%2C%22Name%22%3A%22bnp.embed.ready%22%2C%22FID%22%3A%2263245%22%7D%2C%7B%22ID%22%3A%2263245%22%2C%22T%22%3A%22CI.BNPUxAssetIndex%22%2C%22TS%22%3A1734113366251%2C%22Name%22%3A0%2C%22FID%22%3A%22BNP%22%7D%2C%7B%22T%22%3A%22CI.BNP%22%2C%22TS%22%3A1734113366251%2C%22Name%22%3A1263%2C%22FID%22%3A%22ViewPortWidth%22%7D%2C%7B%22T%22%3A%22CI.BNP%22%2C%22TS%22%3A1734113366251%2C%22Name%22%3A%22OfferIdMissing%22%2C%22FID%22%3A%22BNPOfferId%22%7D%2C%7B%22T%22%3A%22CI.EffectiveLocation%22%2C%22TS%22%3A1734113366251%2C%22Name%22%3A%22tryWriteEffectiveLocation%22%2C%22FID%22%3A%22EffectiveLocation%22%7D%5D

HTTP Request

GET https://r.bing.com/rp/NbA_o5_JH0GEi8eQ-UOtARHo4pE.svg

HTTP Request

GET https://r.bing.com/rp/Dl3Mgy5b8mZk0rO25YbvLM3bp7Q.svg

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://www.bing.com/fd/ls/l?IG=0DD49FA7ED914E5E96F20FA0AFFB5C37&CID=2F4E2904EB0462ED0C753C50EA6963F3&TYPE=Event.ClientInst&DATA=%5B%7B%22T%22%3A%22CI.EffectiveLocation%22%2C%22TS%22%3A1734113366433%2C%22Name%22%3A%22WriteEffectiveLocationSuccess%22%2C%22FID%22%3A%22EffectiveLocation%22%7D%5D

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://www.bing.com/fd/ls/l?IG=0DD49FA7ED914E5E96F20FA0AFFB5C37&CID=2F4E2904EB0462ED0C753C50EA6963F3&Type=Event.ClientInst&DATA=[{%22T%22:%22CI.SERPSB%22,%22FID%22:%22CI%22,%22Name%22:%22CharCount%22,%22Text%22:%2220%22}]

HTTP Request

GET https://www.bing.com/fd/ls/l?IG=0DD49FA7ED914E5E96F20FA0AFFB5C37&CID=2F4E2904EB0462ED0C753C50EA6963F3&Type=Event.ClientInst&DATA=[{%22T%22:%22CI.SERPSB%22,%22FID%22:%22CI%22,%22Name%22:%22LandingRows%22,%22Text%22:%221%22}]

HTTP Request

GET https://www.bing.com/images/sbi?mmasync=1&ig=0DD49FA7ED914E5E96F20FA0AFFB5C37&iid=.5098&ptn=Web&ep=0&iconpl=1

HTTP Request

GET https://www.bing.com/fd/ls/l?IG=0DD49FA7ED914E5E96F20FA0AFFB5C37&CID=2F4E2904EB0462ED0C753C50EA6963F3&TYPE=Event.ClientInst&DATA=%5B%7B%22Namespace%22%3A%22SearchHarder%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1734113366533%2C%22Name%22%3A%22ButtonVisible%22%2C%22FID%22%3A%22SearchHarderEntryPoint%22%7D%2C%7B%22Time%22%3A1253%2C%22time%22%3A1254%2C%22T%22%3A%22CI.Latency%22%2C%22TS%22%3A1734113366792%2C%22Name%22%3A%22Loaded%22%2C%22FID%22%3A%22HP%22%7D%5D

HTTP Request

GET https://www.bing.com/fd/ls/l?IG=0DD49FA7ED914E5E96F20FA0AFFB5C37&CID=2F4E2904EB0462ED0C753C50EA6963F3&TYPE=Event.ClientInst&DATA=%5B%7B%22comp%22%3A%22loaded%22%2C%22time%22%3A1256%2C%22T%22%3A%22CI.Data%22%2C%22TS%22%3A1734113366794%2C%22Name%22%3A%22speech%22%2C%22FID%22%3A%22HP%22%7D%5D

HTTP Request

GET https://www.bing.com/fd/ls/l?IG=0DD49FA7ED914E5E96F20FA0AFFB5C37&CID=2F4E2904EB0462ED0C753C50EA6963F3&TYPE=Event.ClientInst&DATA=%5B%7B%22micComponent%22%3A%22rendered%22%2C%22time%22%3A1256%2C%22T%22%3A%22CI.Data%22%2C%22TS%22%3A1734113366794%2C%22Name%22%3A%22speech%22%2C%22FID%22%3A%22HP%22%7D%5D

HTTP Response

200

HTTP Response

200

HTTP Request

POST https://www.bing.com/rewardsapp/ncheader?ver=52069067&IID=SERP.5055&IG=0DD49FA7ED914E5E96F20FA0AFFB5C37

HTTP Request

POST https://www.bing.com/rewardsapp/reportActivity?IG=0DD49FA7ED914E5E96F20FA0AFFB5C37&IID=SERP.5064&q=ransomware+downlouds&cvid=7e729d80db1740afaef3a04217b93d4b&aqs=edge..69i57j0l6.4165j0j4&FORM=ANAB01&PC=U531

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/fdVZU4ttbw8NDRm6H3I5BW3_vCo.svg

HTTP Request

GET https://r.bing.com/rp/4L4QdyjTv0HYE2Ig2ol9eYoqxg8.svg

HTTP Request

GET https://r.bing.com/rp/Fsa_OI0AplCnVoXGca8ALOo0S0s.svg

HTTP Request

GET https://r.bing.com/rp/UYtUYDcn1oZlFG-YfBPz59zejYI.svg

HTTP Request

GET https://r.bing.com/rp/kiGH9ukZK6Q4hvtDtwwVc1yvueg.svg

HTTP Request

GET https://r.bing.com/rp/KC_nX2_tPPyFvVw1RK20Yu1FyDk.svg

HTTP Request

GET https://r.bing.com/rp/NnFHhz2jL6yzChtIhaB5IIVKY5k.svg

HTTP Request

GET https://r.bing.com/rp/hx-eea1zqtCz4K0bW2uH_oN7Fs4.jpg

HTTP Request

GET https://r.bing.com/rp/95z5wMy4UcfbSSSlSw780vQ5jKA.jpg

HTTP Request

GET https://r.bing.com/rp/GJDmKr3_TS3Qpm6KEL9UKUQKUO4.jpg

HTTP Request

GET https://r.bing.com/rp/ln5TQq6AIWfcBlduDk-5bnaJMpY.jpg

HTTP Request

GET https://r.bing.com/rp/dbmNS45xQvD1diApY1T2HExvOo8.jpg

HTTP Request

GET https://r.bing.com/rp/cfeVf2-uV0hUo3ToTbLjztuomWk.jpg

HTTP Request

GET https://r.bing.com/rp/lvCKZ07bEYtoYmY62ifMzVa0RIE.jpg

HTTP Request

GET https://r.bing.com/rp/ni3MyKKVu9pK0SgY6gb6Z2NOGpg.jpg

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/c4ruj6QGsmSnOG64gJJnnnYDa44.br.css

HTTP Request

GET https://r.bing.com/rp/5-y8FBmAkXLBZZghI-X94CRnsqg.br.css

HTTP Request

GET https://r.bing.com/rp/17Kbwo14aoBIPkSeISAgHKajyeA.br.css

HTTP Request

GET https://r.bing.com/rp/vDjLjnEkXEuH2C8u3tT0A004qwQ.br.css

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://www.bing.com/fd/ls/l?BF=MSJ1&IG=0DD49FA7ED914E5E96F20FA0AFFB5C37&TYPE=Event.ClientInst&DATA=[{%22T%22:%22CI.BF%22,%22X%22:1}]

HTTP Request

GET https://www.bing.com/fd/ls/l?BF=MSJ0&IG=0DD49FA7ED914E5E96F20FA0AFFB5C37&TYPE=Event.ClientInst&DATA=[{%22T%22:%22CI.BF%22,%22X%22:0}]

HTTP Request

POST https://www.bing.com/fd/ls/lsp.aspx

HTTP Request

GET https://www.bing.com/aes/c.gif?type=mv&tids=58,60,62,64&rg=be9b04ac08ec4d669156aa56ae18f7c4&reqver=1.0

HTTP Response

200

HTTP Response

200

HTTP Response

204

HTTP Request

POST https://www.bing.com/orgid/idtoken/conditional

HTTP Request

GET https://www.bing.com/fd/ls/l?IG=0DD49FA7ED914E5E96F20FA0AFFB5C37&CID=2F4E2904EB0462ED0C753C50EA6963F3&Type=Event.ClientInst&DATA=[{%22T%22:%22CI.FeedbackInit%22,%22FID%22:%22CI%22,%22Name%22:%22Feedback%22,%22Text%22:%22thumb_tum2%22}]

HTTP Request

GET https://www.bing.com/fd/ls/l?IG=0DD49FA7ED914E5E96F20FA0AFFB5C37&CID=2F4E2904EB0462ED0C753C50EA6963F3&Type=Event.ClientInst&DATA=[{%22T%22:%22CI.FeedbackInit%22,%22FID%22:%22CI%22,%22Name%22:%22Feedback%22,%22Text%22:%22thumb_f2%22}]

HTTP Response

200

HTTP Request

GET https://www.bing.com/fd/ls/l?IG=0DD49FA7ED914E5E96F20FA0AFFB5C37&CID=2F4E2904EB0462ED0C753C50EA6963F3&Type=Event.ClientInst&DATA=[{%22T%22:%22CI.FeedbackInit%22,%22FID%22:%22CI%22,%22Name%22:%22Feedback%22,%22Text%22:%22sb_feedback%22}]

HTTP Response

200

HTTP Response

200

HTTP Request

POST https://www.bing.com/fd/ls/lsp.aspx?

HTTP Request

GET https://www.bing.com/fd/ls/l?IG=0DD49FA7ED914E5E96F20FA0AFFB5C37&CID=2F4E2904EB0462ED0C753C50EA6963F3&TYPE=Event.ClientInst&DATA=%5B%7B%22T%22%3A%22CI.ClientInst%22%2C%22TS%22%3A1734113366803%2C%22Name%22%3A%22OrgId%22%2C%22FID%22%3A%22NoSignInAttempt%22%7D%2C%7B%22correlationId%22%3A%22675c78564ca447f7845898b671587a49%22%2C%22T%22%3A%22CI.acclink%22%2C%22TS%22%3A1734113366824%2C%22Name%22%3A%22loadJsModule%22%2C%22FID%22%3A%22init%22%7D%2C%7B%22correlationId%22%3A%22675c78564ca447f7845898b671587a49%22%2C%22T%22%3A%22CI.acclink%22%2C%22TS%22%3A1734113366824%2C%22Name%22%3A%22undirectflow%22%2C%22FID%22%3A%22init%22%7D%2C%7B%22T%22%3A%22CI.OpalUpsell%22%2C%22TS%22%3A1734113366844%2C%22Name%22%3A%22Show%22%2C%22FID%22%3A%22%22%7D%2C%7B%22T%22%3A%22CI.OpalUpsell%22%2C%22TS%22%3A1734113366844%2C%22Name%22%3A%22ShowBubble%22%2C%22FID%22%3A%22%22%7D%2C%7B%22osBuildVersion%22%3A%5B%2210%22%2C%220%22%2C%2222000%22%5D%2C%22isWin11OrHigher%22%3A%22true%22%2C%22fullOsBuild%22%3A%2210.0.22000%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1734113366911%2C%22Name%22%3A%22OSBuild%22%2C%22FID%22%3A%22OSBuild%22%7D%2C%7B%22Namespace%22%3A%22SearchHarder%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1734113366948%2C%22Name%22%3A%22ButtonVisible%22%2C%22FID%22%3A%22SearchHarderEntryPoint%22%7D%2C%7B%22T%22%3A%22CI.Tab%22%2C%22TS%22%3A1734113367126%2C%22Name%22%3A%221%22%2C%22FID%22%3A%22count%22%7D%2C%7B%22SuppressingFeature%22%3A%22wikiWidget%22%2C%22T%22%3A%22CI.LeftGutterUtility%22%2C%22TS%22%3A1734113367190%2C%22Name%22%3A%22LGSuppressed%22%2C%22FID%22%3A%22wikiWidget%22%7D%2C%7B%22SuppressingFeature%22%3A%22wikiWidget%22%2C%22T%22%3A%22CI.LeftGutterUtility%22%2C%22TS%22%3A1734113367255%2C%22Name%22%3A%22LGSuppressed%22%2C%22FID%22%3A%22lgVidAns%22%7D%2C%7B%22T%22%3A%22CI.DevLoc%22%2C%22TS%22%3A1734113367366%2C%22Name%22%3A%22PromptDevLoc%22%2C%22FID%22%3A%22AutoPrompt%22%7D%5D

HTTP Request

GET https://www.bing.com/fd/ls/l?IG=0DD49FA7ED914E5E96F20FA0AFFB5C37&CID=2F4E2904EB0462ED0C753C50EA6963F3&TYPE=Event.ClientInst&DATA=%5B%7B%22T%22%3A%22CI.DevLoc%22%2C%22TS%22%3A1734113367366%2C%22Name%22%3A%22Perm_Available%22%2C%22FID%22%3A%22AutoPrompt%22%7D%5D

HTTP Request

GET https://www.bing.com/fd/ls/l?IG=0DD49FA7ED914E5E96F20FA0AFFB5C37&CID=2F4E2904EB0462ED0C753C50EA6963F3&TYPE=Event.ClientInst&DATA=%5B%7B%22Text%22%3A%220%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1734113367386%2C%22Name%22%3A%22web%22%2C%22FID%22%3A%22DynScopeRank%22%7D%2C%7B%22Text%22%3A%221%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1734113367386%2C%22Name%22%3A%22conv%22%2C%22FID%22%3A%22DynScopeRank%22%7D%2C%7B%22Text%22%3A%222%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1734113367386%2C%22Name%22%3A%22video%22%2C%22FID%22%3A%22DynScopeRank%22%7D%2C%7B%22Text%22%3A%223%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1734113367386%2C%22Name%22%3A%22images%22%2C%22FID%22%3A%22DynScopeRank%22%7D%2C%7B%22Text%22%3A%224%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1734113367386%2C%22Name%22%3A%22local%22%2C%22FID%22%3A%22DynScopeRank%22%7D%2C%7B%22Text%22%3A%225%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1734113367386%2C%22Name%22%3A%22news%22%2C%22FID%22%3A%22DynScopeRank%22%7D%2C%7B%22Text%22%3A%226%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1734113367386%2C%22Name%22%3A%22shop%22%2C%22FID%22%3A%22DynScopeRank%22%7D%2C%7B%22Text%22%3A%227%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1734113367386%2C%22Name%22%3A%22flights%22%2C%22FID%22%3A%22DynScopeRank%22%7D%2C%7B%22Text%22%3A%228%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1734113367386%2C%22Name%22%3A%22travelhub%22%2C%22FID%22%3A%22DynScopeRank%22%7D%2C%7B%22Text%22%3A%229%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1734113367386%2C%22Name%22%3A%22hotels%22%2C%22FID%22%3A%22DynScopeRank%22%7D%2C%7B%22Text%22%3A%2210%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1734113367386%2C%22Name%22%3A%22realestate%22%2C%22FID%22%3A%22DynScopeRank%22%7D%5D

HTTP Request

GET https://www.bing.com/fd/ls/l?IG=0DD49FA7ED914E5E96F20FA0AFFB5C37&CID=2F4E2904EB0462ED0C753C50EA6963F3&TYPE=Event.ClientInst&DATA=%5B%7B%22Fallback%22%3A%221%22%2C%22IsRewardUser%22%3A%22%22%2C%22IsAutoOpenFlyout%22%3A%22%22%2C%22SuppressionReason%22%3A%22NoTrigger%3AMuidTrialNotEnoughPoints%22%2C%22FID%22%3A%22ModernRewardsFlyout%22%2C%22EventName%22%3A%22AutoOpenFlyoutFired%22%2C%22T%22%3A%22CI.Init%22%2C%22TS%22%3A1734113367386%2C%22Name%22%3A%22AutoOpenFlyoutFired%22%7D%5D

HTTP Request

GET https://www.bing.com/geolocation/write?isBlocked=true&sid=1FCCA6982E7F6C8F0728B3CC2F126D2A&clientsid=undefined

HTTP Request

GET https://www.bing.com/fd/ls/l?IG=0DD49FA7ED914E5E96F20FA0AFFB5C37&CID=2F4E2904EB0462ED0C753C50EA6963F3&TYPE=Event.ClientInst&DATA=%5B%7B%22T%22%3A%22CI.DevLoc%22%2C%22TS%22%3A1734113367394%2C%22Name%22%3A%22Perm_Denied%22%2C%22FID%22%3A%22AutoPrompt%22%7D%5D

HTTP Request

GET https://www.bing.com/fd/ls/l?IG=0DD49FA7ED914E5E96F20FA0AFFB5C37&CID=2F4E2904EB0462ED0C753C50EA6963F3&TYPE=Event.ClientInst&DATA=%5B%7B%22T%22%3A%22CI.DevLoc%22%2C%22TS%22%3A1734113367394%2C%22Name%22%3A%22block%22%2C%22FID%22%3A%22AutoPrompt%22%7D%5D

HTTP Request

GET https://www.bing.com/fd/ls/l?IG=0DD49FA7ED914E5E96F20FA0AFFB5C37&CID=2F4E2904EB0462ED0C753C50EA6963F3&TYPE=Event.ClientInst&DATA=%5B%7B%22T%22%3A%22CI.DevLoc%22%2C%22TS%22%3A1734113367395%2C%22Name%22%3A%22tryBlock%22%2C%22FID%22%3A%22AutoPrompt%22%7D%5D

HTTP Response

200

HTTP Response

204

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://www.bing.com/fd/ls/l?IG=0DD49FA7ED914E5E96F20FA0AFFB5C37&CID=2F4E2904EB0462ED0C753C50EA6963F3&TYPE=Event.ClientInst&DATA=%5B%7B%22T%22%3A%22CI.ASBundleLoad%22%2C%22TS%22%3A1734113367431%2C%22Name%22%3A%22AutoSuggestBootstrap%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22LoadTime%22%3A%22712.5000000232831%22%2C%22T%22%3A%22CI.AutosuggestBootstrapLoaded%22%2C%22TS%22%3A1734113367439%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22LoadTime%22%3A%221892.5000000162981%22%2C%22T%22%3A%22CI.AutosuggestJSBundleLoaded%22%2C%22TS%22%3A1734113367439%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22T%22%3A%22CI.DevLoc%22%2C%22TS%22%3A1734113367507%2C%22Name%22%3A%22BlockSuccess%22%2C%22FID%22%3A%22AutoPrompt%22%7D%5D

HTTP Response

200

HTTP Request

GET https://www.bing.com/secure/Passport.aspx?popup=1&ssl=1

HTTP Response

200

HTTP Request

GET https://www.bing.com/ipv6test/test?FORM=MONITR

HTTP Response

200

HTTP Request

GET https://www.bing.com/th?id=OBFB.1B096C6DCB92C2B9A732929A92AF5585&pid=Fb&qlt=99&r=0

HTTP Request

GET https://www.bing.com/th?id=OBFB.1E928B2B86E3D4E8ED1D46B83E667303&pid=Fb&qlt=99&r=0

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://www.bing.com/notifications/handle?action=1&nid=63245&view=BottomBanner_NoTitleRejectBtn&vertical=serp

HTTP Response

200

HTTP Request

POST https://www.bing.com/fd/ls/ls.gif?IG=0DD49FA7ED914E5E96F20FA0AFFB5C37&Type=Event.ClientInst&DATA={%22T%22:%22CI.Hover%22,%22AppNS%22:%22SERP%22,%22K%22:%225596.1%22,%22Name%22:%22VidCaption%22,%22TS%22:1734113370418,%22HType%22:%22h%22,%22FID%22:%22VideoAnswer%22,%22TType%22:0}&log=UserEvent

HTTP Request

GET https://www.bing.com/rp/J_o2maogFDeUOsovPJL-ofEuxJ4.gif

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://www.bing.com/rp/NosrlR4amKTs1zYxWy3laZN3HRk.svg

HTTP Response

200

HTTP Request

POST https://www.bing.com/fd/ls/ls.gif?IG=0DD49FA7ED914E5E96F20FA0AFFB5C37&Type=Event.ClientInst&DATA={%22T%22:%22CI.RichHover.Summary%22,%22AppNS%22:%22SERP%22,%22K%22:%225596.1%22,%22TS%22:1734113370876,%22DU%22:658,%22THLT%22:483,%22RCLT%22:null,%22MOS%22:4509,%22MOT%22:658,%22IsMT%22:1,%22VPST%22:604,%22VDT%22:604,%22MaxVPT%22:658,%22SCNT%22:0,%22MMSTLT%22:null,%22IsMMT%22:0,%22MuteCNT%22:0,%22Mute%22:1,%22IFLT%22:null,%22IFSCT%22:null}&log=UserEvent

HTTP Response

200

HTTP Request

GET https://www.bing.com/fd/ls/l?IG=0DD49FA7ED914E5E96F20FA0AFFB5C37&CID=2F4E2904EB0462ED0C753C50EA6963F3&TYPE=Event.ClientInst&DATA=%5B%7B%22ID%22%3A%2263245%22%2C%22T%22%3A%22CI.Click%22%2C%22TS%22%3A1734113369874%2C%22Name%22%3A%22AllowAll%22%2C%22FID%22%3A%22Mcp%22%7D%2C%7B%22ID%22%3A%2263245%22%2C%22T%22%3A%22CI.Click%22%2C%22TS%22%3A1734113369874%2C%22Name%22%3A%22BnpClick%22%2C%22FID%22%3A%22Bnp%22%7D%5D

HTTP Response

200

HTTP Request

POST https://www.bing.com/fd/ls/lsp.aspx

HTTP Response

204

HTTP Request

POST https://www.bing.com/fd/ls/ls.gif?IG=0DD49FA7ED914E5E96F20FA0AFFB5C37&Type=Event.ClientInst&DATA={%22T%22:%22CI.Hover%22,%22AppNS%22:%22SERP%22,%22K%22:%225596.1%22,%22Name%22:%22VidCaption%22,%22TS%22:1734113373575,%22HType%22:%22h%22,%22FID%22:%22VideoAnswer%22,%22TType%22:0}&log=UserEvent

HTTP Response

200

HTTP Request

POST https://www.bing.com/fd/ls/ls.gif?IG=0DD49FA7ED914E5E96F20FA0AFFB5C37&Type=Event.ClientInst&DATA={%22T%22:%22CI.RichHover.Summary%22,%22AppNS%22:%22SERP%22,%22K%22:%225596.1%22,%22TS%22:1734113373919,%22DU%22:544,%22THLT%22:206,%22RCLT%22:null,%22MOS%22:7666,%22MOT%22:544,%22IsMT%22:1,%22VPST%22:246,%22VDT%22:246,%22MaxVPT%22:544,%22SCNT%22:0,%22MMSTLT%22:null,%22IsMMT%22:0,%22MuteCNT%22:0,%22Mute%22:1,%22IFLT%22:null,%22IFSCT%22:null}&log=UserEvent

HTTP Response

200

HTTP Request

POST https://www.bing.com/fd/ls/lsp.aspx

HTTP Response

204

HTTP Request

POST https://www.bing.com/fd/ls/ls.gif?IG=0DD49FA7ED914E5E96F20FA0AFFB5C37&Type=Event.ClientInst&DATA={%22T%22:%22CI.Hover%22,%22AppNS%22:%22SERP%22,%22K%22:%225596.1%22,%22Name%22:%22VidCaption%22,%22TS%22:1734113376302,%22HType%22:%22h%22,%22FID%22:%22VideoAnswer%22,%22TType%22:0}&log=UserEvent

HTTP Response

200

HTTP Request

POST https://www.bing.com/fd/ls/lsp.aspx

HTTP Response

204

HTTP Request

POST https://www.bing.com/fd/ls/ls.gif?IG=0DD49FA7ED914E5E96F20FA0AFFB5C37&Type=Event.ClientInst&DATA={%22T%22:%22CI.Hover%22,%22AppNS%22:%22SERP%22,%22K%22:%225596.1%22,%22Name%22:%22VidCaption%22,%22TS%22:1734113379513,%22HType%22:%22h%22,%22FID%22:%22VideoAnswer%22,%22TType%22:0}&log=UserEvent

HTTP Response

200

HTTP Request

POST https://www.bing.com/fd/ls/lsp.aspx

HTTP Response

204

HTTP Request

POST https://www.bing.com/fd/ls/GLinkPingPost.aspx?IG=0DD49FA7ED914E5E96F20FA0AFFB5C37&ID=SERP,5251.2&url=https%3A%2F%2Fwww.bing.com%2Fck%2Fa%3F!%26%26p%3D0108f087cfa69806df14b47ebed4cf528b86a44912fa38c24cdf4bfd82efe49cJmltdHM9MTczNDA0ODAwMA%26ptn%3D3%26ver%3D2%26hsh%3D4%26fclid%3D2f4e2904-eb04-62ed-0c75-3c50ea6963f3%26psq%3Dransomware%2Bdownlouds%26u%3Da1aHR0cHM6Ly9naXRodWIuY29tL0RhMmRhbHVzL1RoZS1NQUxXQVJFLVJlcG8%26ntb%3D1

HTTP Response

200

HTTP Request

POST https://www.bing.com/fd/ls/lsp.aspx

HTTP Request

POST https://www.bing.com/fd/ls/lsp.aspx

HTTP Request

GET https://www.bing.com/ck/a?!&&p=0108f087cfa69806df14b47ebed4cf528b86a44912fa38c24cdf4bfd82efe49cJmltdHM9MTczNDA0ODAwMA&ptn=3&ver=2&hsh=4&fclid=2f4e2904-eb04-62ed-0c75-3c50ea6963f3&psq=ransomware+downlouds&u=a1aHR0cHM6Ly9naXRodWIuY29tL0RhMmRhbHVzL1RoZS1NQUxXQVJFLVJlcG8&ntb=1

HTTP Request

GET https://www.bing.com/fd/ls/l?IG=0DD49FA7ED914E5E96F20FA0AFFB5C37&CID=2F4E2904EB0462ED0C753C50EA6963F3&Type=Event.ClientInst&DATA=[{%22T%22:%22CI.RSSQB%22,%22FID%22:%22CI%22,%22Name%22:%22Show%22,%22Text%22:%22Triggered%22}]

HTTP Request

GET https://www.bing.com/fd/ls/l?IG=0DD49FA7ED914E5E96F20FA0AFFB5C37&CID=2F4E2904EB0462ED0C753C50EA6963F3&Type=Event.ClientInst&DATA=[{%22T%22:%22CI.RSSQBLog%22,%22FID%22:%22CI%22,%22Name%22:%22ShowCFLog%22,%22Text%22:%22Triggered%22}]

HTTP Response

204

HTTP Response

204

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://www.bing.com/favicon.ico

HTTP Response

200

HTTP Request

POST https://www.bing.com/fd/ls/lsp.aspx

HTTP Response

204
95.101.143.210:443

www.bing.com

tls, http2

msedge.exe

1.1kB
5.2kB
12
12
95.101.143.210:443

https://r.bing.com/rp/eB-Ay8kZeiSr9wHeKy54GsK5c3A.br.js

tls, http2

msedge.exe

23.3kB
496.8kB
315
400

HTTP Request

GET https://r.bing.com/rp/Jq1iNEFYyYxdiTTTVaaoRXA4GNg.br.css

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/83zI0hMJWlilJFob8oEJ4_0I6j4.br.js

HTTP Request

GET https://r.bing.com/rp/HndC9IrfiOmnQLZpq0bxaPUIDII.br.js

HTTP Request

GET https://r.bing.com/rp/KLrSbzDKMog0mCiPcB9iwoEvlE4.br.js

HTTP Request

GET https://r.bing.com/rp/TaNyfCzxqBX9l7QZbgZUegopTuI.br.js

HTTP Request

GET https://r.bing.com/rp/cfKt7bw67nxWZkkgOIRReDE3rQI.br.js

HTTP Request

GET https://r.bing.com/rp/8dR1RYrnsnPSX-e26dc1yBQAF44.br.js

HTTP Request

GET https://r.bing.com/rp/K3hC1_cQXGFr6cxRJVWYpzZJaAM.br.js

HTTP Request

GET https://r.bing.com/rp/n23ANye7L3wtUcgKxoGHb7_ezc4.br.js

HTTP Request

GET https://r.bing.com/rp/DmYomXZ0p9--syG1mm6CnQwvRHg.br.js

HTTP Request

GET https://r.bing.com/rp/u5YAP_hr2d7b0pdrGRbYesZAIHM.br.js

HTTP Request

GET https://r.bing.com/rp/lLk8XmbdNzzlnPRzVzDhaF9yjqw.br.js

HTTP Request

GET https://r.bing.com/rp/Gyuq2bqitqDJM0BeAkbKXGlQXNw.br.js

HTTP Request

GET https://r.bing.com/rp/n21aGRCN5EKHB3qObygw029dyNU.br.js

HTTP Request

GET https://r.bing.com/rp/8CgcSSLayxEVUBf0swP_bQGMId8.br.js

HTTP Request

GET https://r.bing.com/rp/V_fBQ_iVmAgE_Ta_T-6BNXc0ZY4.br.js

HTTP Request

GET https://r.bing.com/rp/9xGNA8UskvA9WHF58zbLOHZ5HvI.br.js

HTTP Request

GET https://r.bing.com/rp/_2I169N92jVtSc_VEsV0nma5sRY.br.js

HTTP Request

GET https://r.bing.com/rp/gKwIRAF4fg7noG1zyeUz8x3Jdhc.br.js

HTTP Request

GET https://r.bing.com/rp/zL4sntecq0RmP6dobtS9Rd5WRvU.br.js

HTTP Request

GET https://r.bing.com/rp/psgXZvzYJMEW2ydikIk493Va1d4.br.js

HTTP Request

GET https://r.bing.com/rs/6r/x2/nj/nt6a1ZR520utsLoZmSYgwxdOPgI.js?or=w

HTTP Request

GET https://r.bing.com/rp/5L3iD467J3iJWEPwIjxlK0MMDpY.br.js

HTTP Request

GET https://r.bing.com/rp/c-kfqLSd-OD-g3VtLKozRdXMO14.br.js

HTTP Request

GET https://r.bing.com/rp/K_V1CARn2Q2lTs5njJKUvUkHyi4.br.js

HTTP Request

GET https://r.bing.com/rp/dUzSc2TJEdHviToK914Fg1aekPA.br.js

HTTP Request

GET https://r.bing.com/rp/8LIV7VPMYjV_ya4Ggnu8LBWQIQQ.br.js

HTTP Request

GET https://r.bing.com/rp/JTnIefOMiNK7DX11D7RY8i0_PKc.br.js

HTTP Request

GET https://r.bing.com/rp/_Bf8WbhrPNleVJdfG-L0A8nld9c.br.js

HTTP Request

GET https://r.bing.com/rp/NfTD8Ovh04Y_Ni14YxqYB8R_2_Q.br.js

HTTP Request

GET https://r.bing.com/rs/6r/ku/jnc,nj/cNbseG2vlUH2ubvgjbDJtgTzQPo.js?or=w

HTTP Request

GET https://r.bing.com/rp/fRSNKQanUHk53F1a1Bi8UA71Qt4.br.js

HTTP Request

GET https://r.bing.com/rp/mOy7YpeLJ3c40BBAFNUI6SmOUTY.br.js

HTTP Request

GET https://r.bing.com/rp/6mZmj1db42G_jniFgdT7MCvBgyA.br.js

HTTP Request

GET https://r.bing.com/rp/iY8PAEydb3lbGfuJiuA9ICzXgY8.br.js

HTTP Request

GET https://r.bing.com/rp/UftfQbYuKvGGEUHPU3QGHYd90Z8.br.js

HTTP Request

GET https://r.bing.com/rp/yZjAz6-B4hIBhJ6D3nAyY_Ebn44.br.js

HTTP Request

GET https://r.bing.com/rp/zlfm-hC70pZAs62UVTTl3KShKOE.br.js

HTTP Request

GET https://r.bing.com/rp/DWZSY9SRnkHaYWjJ109REMim90A.br.js

HTTP Request

GET https://r.bing.com/rp/9uYIRoQB-ThMq970XKGeKvrMhL0.br.js

HTTP Request

GET https://r.bing.com/rp/bdiAPlmUnJhdap3y8myDMEGlF4w.br.js

HTTP Request

GET https://r.bing.com/rp/WwTHOlBv_iLBpZXNWkp-HzVHgrM.br.js

HTTP Request

GET https://r.bing.com/rp/CcMXS8Oo0OUnUE0LzYK9AFJ6la8.br.js

HTTP Request

GET https://r.bing.com/rp/1Jz2vFBGshGz47SHAQMwptTnpB0.br.js

HTTP Request

GET https://r.bing.com/rp/Cah4LahmcqZwMC9LQrNkz-q8yNA.br.js

HTTP Request

GET https://r.bing.com/rp/7q76z2PhZYQSlMklnpUZ4ZrWoeg.br.js

HTTP Request

GET https://r.bing.com/rp/MnlneN-7se6Sb8r2rU60mRHbccg.br.js

HTTP Request

GET https://r.bing.com/rp/HqDsKR6xyRoUSYXXRfEdLVt772I.br.js

HTTP Request

GET https://r.bing.com/rp/fe3DkJBEZ_ozHEluN7fcMZ-9YBE.br.js

HTTP Request

GET https://r.bing.com/rp/u2MYL4Uj-EK9FdZPToQOipi2q40.br.js

HTTP Request

GET https://r.bing.com/rp/IzifzVeZAFUPAOVXA0p1w_tvqEA.br.js

HTTP Request

GET https://r.bing.com/rp/qFV8REKe2pPY9NqiNskjmDxjgdc.br.js

HTTP Request

GET https://r.bing.com/rp/rbBaKhtkLVke-4PIWp9e6AV5_kg.br.js

HTTP Request

GET https://r.bing.com/rp/wJ4ypLxMemRfvxvJkUCpuYEBwew.br.js

HTTP Request

GET https://r.bing.com/rp/RvRBoZ5KQDNHwbHfo-_ZBZIoYQo.br.js

HTTP Request

GET https://r.bing.com/rp/bzAVZoOHiaJeSbLoUcTPF4HPvJQ.br.js

HTTP Request

GET https://r.bing.com/rp/3s0czFTJyV5b3KCC7geWICWvvPs.br.js

HTTP Request

GET https://r.bing.com/rp/wNhUjm3kl_kvyfrio44J6j1zdYo.br.js

HTTP Request

GET https://r.bing.com/rp/gfI083AUtzdZuPReAN6CvS-Ca98.br.js

HTTP Request

GET https://r.bing.com/rp/R5OIlHZUEYWuNhJa46yx5Wir2pM.br.js

HTTP Request

GET https://r.bing.com/rp/4bMWZh7L34S1IHeBoXTI4nOmGig.br.js

HTTP Request

GET https://r.bing.com/rp/RMRjctrz--TNvbEliu0umBztyAQ.br.js

HTTP Request

GET https://r.bing.com/rp/bKGfvbVy5iHDG2XSTMlh56y9b8Y.br.js

HTTP Request

GET https://r.bing.com/rp/_zFr7fEL2h0Je-qWeWWUGTkxvv4.br.js

HTTP Request

GET https://r.bing.com/rp/8aj_I6fSAQ2HauP0CPPAfDwa2j8.br.js

HTTP Request

GET https://r.bing.com/rp/LTCT2zdUcB3ayDDUpC7BI5zxXuE.br.js

HTTP Request

GET https://r.bing.com/rs/6r/sQ/jnc,nj/2RFgnacsz6nPw9vvxd8AGFyaQr8.js?or=w

HTTP Request

GET https://r.bing.com/rp/HdiojNH85n4iu87NAQvDH5bKMnM.br.js

HTTP Request

GET https://r.bing.com/rp/s_KB_GYETp6JptI_mOoLcYDN4OY.br.js

HTTP Request

GET https://r.bing.com/rp/BFQDsdSF9E9Gp0u-xRbmGVfJfe0.br.js

HTTP Request

GET https://r.bing.com/rp/WPedHfV8dQrn4qkif5azDZSqmn8.br.js

HTTP Request

GET https://r.bing.com/rp/nc-eSocRvb1YGk0LjP4DtvgRRsw.br.js

HTTP Request

GET https://r.bing.com/rp/5jOFZTRZRQNYEniUpjuVlRlTSUA.br.js

HTTP Request

GET https://r.bing.com/rp/8BLbyUK5EaqCuzmCEcf9-meevmE.br.js

HTTP Request

GET https://r.bing.com/rp/YOfvioAlqeLJzUxJ3VRDJvFPi5Q.br.js

HTTP Request

GET https://r.bing.com/rp/7LkHIwasTuL6tufzeF3vEaazAxw.br.js

HTTP Request

GET https://r.bing.com/rp/MCwdqGFTwqu20jt3177s57V4wZk.br.js

HTTP Request

GET https://r.bing.com/rp/dDiRViGCXHkOBl6zHkdBDLk0yFg.br.js

HTTP Request

GET https://r.bing.com/rp/9Fqz5Ex6jCtgxHZiTZCH48EoBds.br.js

HTTP Request

GET https://r.bing.com/rp/qY42f0yZJzcOD6Gr6zubromZGRk.br.js

HTTP Request

GET https://r.bing.com/rp/YALqEqJYnL-gaTc_XU1h3jHCQgc.br.js

HTTP Request

GET https://r.bing.com/rp/6juFsmmZTw2skj7CvpgreXtsgqM.br.js

HTTP Request

GET https://r.bing.com/rp/CuoJ-XSESmq5e-S0atX4JdNgEbQ.br.js

HTTP Request

GET https://r.bing.com/rp/ux1mL_BeI5W_NEKqkFEN1fLUu0o.br.js

HTTP Request

GET https://r.bing.com/rp/ztUh7qME7I8WPjdMsB8y8tLZ8s4.br.js

HTTP Request

GET https://r.bing.com/rp/ArHyxbBQcE8YU5aazNfFDRsXU7E.br.js

HTTP Request

GET https://r.bing.com/rp/RoFJpzeql5F0UwlxxhHctrDb1gI.br.js

HTTP Request

GET https://r.bing.com/rp/V7D5VL7UuG-0dS9EFG9ef5ebxvE.br.js

HTTP Request

GET https://r.bing.com/rp/64ZSq206R4R8FyO8Y2Q8OdNSmMs.br.js

HTTP Request

GET https://r.bing.com/rp/4a2l6ts7ENpX5gGW0kp5U2iD6h8.br.js

HTTP Request

GET https://r.bing.com/rp/eKvcHdnNwo1WcxoSioV4ztnfZk8.br.js

HTTP Request

GET https://r.bing.com/rp/ID-70CBAEOXh6Nwxga-CxgpUq4k.br.js

HTTP Request

GET https://r.bing.com/rp/-2EVJNDwymhr08bVch00GwpjiDA.br.js

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/8LIV7VPMYjV_ya4Ggnu8LBWQIQQ.br.js

HTTP Request

GET https://r.bing.com/rp/lwgCOY8rCo0Ub0btSshwRlT9HWI.br.js

HTTP Response

304

HTTP Request

GET https://r.bing.com/rp/ulJ3ckR0YcGpvIX6xhO4prJhEQQ.br.js

HTTP Request

GET https://r.bing.com/rp/ivu0QwP26BHIJjH_DSqboRdhsO0.br.js

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/4a2l6ts7ENpX5gGW0kp5U2iD6h8.br.js

HTTP Response

304

HTTP Request

GET https://r.bing.com/rp/rSGsMdC73uduuQlIQndCFjDqLb0.br.js

HTTP Request

GET https://r.bing.com/rp/eB-Ay8kZeiSr9wHeKy54GsK5c3A.br.js

HTTP Response

200

HTTP Response

200
95.101.143.210:443

r.bing.com

tls, http2

msedge.exe

1.0kB
5.1kB
9
11
95.101.143.34:443

https://th.bing.com/th?id=OM.SFdc6U074MAQiQ_1728549296&pid=1.7

tls, http2

msedge.exe

14.4kB
445.1kB
201
355

HTTP Request

GET https://th.bing.com/th?id=OADD2.8246383030707_1BSX2LM3T420X2GV1W&w=32&h=32&o=6&pid=21.2

HTTP Request

GET https://th.bing.com/th?id=ODLS.03245701-8d3e-443e-af13-66e289085f86&w=32&h=32&qlt=90&pcl=fffffa&o=6&pid=1.2

HTTP Request

GET https://th.bing.com/th?id=OIP.nbU9gKsTXIMD0klgus1wkQHaDt&w=298&h=149&c=10&rs=1&qlt=99&bgcl=fffffe&r=0&o=6&pid=MultiSMRSV2Source

HTTP Request

GET https://th.bing.com/th?q=Wanna+Cry+Download&w=120&h=50&c=7&rs=1&qlt=90&p=0&o=5&pid=1.7&mkt=en-GB&cc=GB&setlang=en&adlt=moderate&t=1

HTTP Request

GET https://th.bing.com/th?q=Free+Ransomware+Removal+Tool&w=120&h=50&c=7&rs=1&qlt=90&p=0&o=5&pid=1.7&mkt=en-GB&cc=GB&setlang=en&adlt=moderate&t=1

HTTP Request

GET https://th.bing.com/th?q=Jigsaw.exe+Download&w=120&h=50&c=7&rs=1&qlt=90&p=0&o=5&pid=1.7&mkt=en-GB&cc=GB&setlang=en&adlt=moderate&t=1

HTTP Request

GET https://th.bing.com/th?q=Petya+Download&w=120&h=50&c=7&rs=1&qlt=90&p=0&o=5&pid=1.7&mkt=en-GB&cc=GB&setlang=en&adlt=moderate&t=1

HTTP Request

GET https://th.bing.com/th?q=Virus+Download+Link&w=120&h=50&c=7&rs=1&qlt=90&p=0&o=5&pid=1.7&mkt=en-GB&cc=GB&setlang=en&adlt=moderate&t=1

HTTP Request

GET https://th.bing.com/th?id=ODLS.03245701-8d3e-443e-af13-66e289085f86&w=32&h=32&qlt=91&pcl=fffffa&o=6&pid=1.2

HTTP Request

GET https://th.bing.com/th?id=ODLS.8e7e59ef-b994-4f32-aa65-a853f1a07e79&w=32&h=32&o=6&pid=AdsPlus

HTTP Request

GET https://th.bing.com/th?id=ODLS.2eb3a562-e68d-4b64-8755-6c06140f4654&w=32&h=32&o=6&pid=AdsPlus

HTTP Request

GET https://th.bing.com/th?id=OSK.afde16707eea1f9685bc3189e85ce9f7&w=80&h=80&c=7&o=6&pid=SANGAM

HTTP Request

GET https://th.bing.com/th?id=OSK.497dc2afcba293e8d41462e529a6f0ac&w=80&h=80&c=7&o=6&pid=SANGAM

HTTP Request

GET https://th.bing.com/th?id=OSK.f26bf61d4e3becf4df6936414f0865ab&w=80&h=80&c=7&o=6&pid=SANGAM

HTTP Request

GET https://th.bing.com/th?id=OSK.e916af50a9b5938ce7a6c9a7a2e08c7b&w=80&h=80&c=7&o=6&pid=SANGAM

HTTP Request

GET https://th.bing.com/th?id=OSK.a55d2147e4ec2a0fa38a3889b62b2ebc&w=80&h=80&c=7&o=6&pid=SANGAM

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://th.bing.com/th?id=OVP.lm0KeWTIbgyhTNxvz885MAHgFo&w=197&h=110&c=7&rs=1&qlt=90&o=6&pid=1.7

HTTP Request

GET https://th.bing.com/th?id=OSK.HIKUUFKV3JJCxBBCAady78TVfmIYl7pzBYceieaNmwIDIgk&w=90&h=90&c=7&o=6&pid=SANGAM

HTTP Request

GET https://th.bing.com/th?id=OSK.HEROO9QW1akP0oES5Qqz7E9b5CmeL_aBb1vIneZrxOMEG7I&w=384&h=228&c=1&rs=2&o=6&pid=SANGAM

HTTP Request

GET https://th.bing.com/th?id=OSK.f80e54da6e196a463f73e58684e5c092&w=180&h=116&o=6&pid=SANGAM

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://th.bing.com/th?id=OM.SFdc6U074MAQiQ_1728549296&pid=1.7

HTTP Response

206
95.101.143.34:443

th.bing.com

tls, http2

msedge.exe

1.0kB
5.1kB
9
11
20.190.159.2:443

https://login.microsoftonline.com/common/oauth2/authorize?client_id=9ea1ad79-fdb6-4f9a-8bc3-2b70f96e34c7&response_type=id_token+code&nonce=8f75881f-c3fa-4733-a411-49479e7aaaa4&redirect_uri=https%3a%2f%2fwww.bing.com%2forgid%2fidtoken%2fconditional&scope=openid%20email%20profile%209ea1ad79-fdb6-4f9a-8bc3-2b70f96e34c7/.default&response_mode=form_post&instance_aware=true&msafed=0&prompt=none&state=%7b%22ig%22%3a%220DD49FA7ED914E5E96F20FA0AFFB5C37%22%7d

tls, http2

msedge.exe

2.7kB
7.9kB
15
15

HTTP Request

GET https://login.microsoftonline.com/common/oauth2/authorize?client_id=9ea1ad79-fdb6-4f9a-8bc3-2b70f96e34c7&response_type=id_token+code&nonce=8f75881f-c3fa-4733-a411-49479e7aaaa4&redirect_uri=https%3a%2f%2fwww.bing.com%2forgid%2fidtoken%2fconditional&scope=openid%20email%20profile%209ea1ad79-fdb6-4f9a-8bc3-2b70f96e34c7/.default&response_mode=form_post&instance_aware=true&msafed=0&prompt=none&state=%7b%22ig%22%3a%220DD49FA7ED914E5E96F20FA0AFFB5C37%22%7d

HTTP Response

200
150.171.28.10:443

https://tse1.mm.bing.net/th?&id=OVP.lm0KeWTIbgyhTNxvz885MAHgFo&w=197&h=110&c=7&pid=1.7&rs=1

tls, http2

msedge.exe

2.5kB
13.7kB
18
23

HTTP Request

GET https://tse1.mm.bing.net/th?&id=OVP.lm0KeWTIbgyhTNxvz885MAHgFo&w=197&h=110&c=7&pid=1.7&rs=1

HTTP Response

200
20.26.156.215:443

https://github.com/Da2dalus/The-MALWARE-Repo/raw/refs/heads/master/Virus/MadMan.exe

tls, http2

msedge.exe

12.8kB
254.8kB
157
239

HTTP Request

GET https://github.com/Da2dalus/The-MALWARE-Repo

HTTP Response

200

HTTP Request

GET https://github.com/Da2dalus/The-MALWARE-Repo/security/overall-count

HTTP Request

GET https://github.com/Da2dalus/The-MALWARE-Repo/hovercards/citation/sidebar_partial?tree_name=master

HTTP Request

GET https://github.com/Da2dalus/The-MALWARE-Repo/used_by_list

HTTP Request

GET https://github.com/Da2dalus/The-MALWARE-Repo/latest-commit/master

HTTP Request

GET https://github.com/Da2dalus/The-MALWARE-Repo/refs?type=branch

HTTP Request

GET https://github.com/Da2dalus/The-MALWARE-Repo/tree-commit-info/master

HTTP Request

GET https://github.com/Da2dalus/The-MALWARE-Repo/branch-and-tag-count

HTTP Response

200

HTTP Response

204

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://github.com/Da2dalus/The-MALWARE-Repo/tree/master/Virus

HTTP Response

200

HTTP Request

GET https://github.com/Da2dalus/The-MALWARE-Repo/latest-commit/master/Virus

HTTP Request

GET https://github.com/Da2dalus/The-MALWARE-Repo/tree-commit-info/master/Virus

HTTP Request

GET https://github.com/Da2dalus/The-MALWARE-Repo/deferred-metadata/master/Virus

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Virus/Walker.com

HTTP Response

200

HTTP Request

GET https://github.com/Da2dalus/The-MALWARE-Repo/latest-commit/master/Virus/Walker.com

HTTP Request

GET https://github.com/Da2dalus/The-MALWARE-Repo/deferred-metadata/master/Virus/Walker.com

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://github.com/Da2dalus/The-MALWARE-Repo/raw/refs/heads/master/Virus/Walker.com

HTTP Response

302

HTTP Request

GET https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Virus/Melissa.doc

HTTP Response

200

HTTP Request

GET https://github.com/Da2dalus/The-MALWARE-Repo/latest-commit/master/Virus/Melissa.doc

HTTP Request

GET https://github.com/Da2dalus/The-MALWARE-Repo/deferred-metadata/master/Virus/Melissa.doc

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Virus/WinNuke.98.exe

HTTP Response

200

HTTP Request

GET https://github.com/Da2dalus/The-MALWARE-Repo/latest-commit/master/Virus/WinNuke.98.exe

HTTP Request

GET https://github.com/Da2dalus/The-MALWARE-Repo/deferred-metadata/master/Virus/WinNuke.98.exe

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://github.com/Da2dalus/The-MALWARE-Repo/raw/refs/heads/master/Virus/WinNuke.98.exe

HTTP Response

302

HTTP Request

GET https://github.com/Da2dalus/The-MALWARE-Repo/raw/refs/heads/master/Virus/WinNuke.98.exe

HTTP Response

302

HTTP Request

GET https://github.com/Da2dalus/The-MALWARE-Repo/raw/refs/heads/master/Virus/WinNuke.98.exe

HTTP Response

302

HTTP Request

GET https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Virus/Melissa.doc

HTTP Response

200

HTTP Request

GET https://github.com/Da2dalus/The-MALWARE-Repo/latest-commit/master/Virus/Melissa.doc

HTTP Request

GET https://github.com/Da2dalus/The-MALWARE-Repo/deferred-metadata/master/Virus/Melissa.doc

HTTP Response

304

HTTP Response

304

HTTP Request

GET https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Virus/MadMan.exe

HTTP Response

200

HTTP Request

GET https://github.com/Da2dalus/The-MALWARE-Repo/latest-commit/master/Virus/MadMan.exe

HTTP Request

GET https://github.com/Da2dalus/The-MALWARE-Repo/deferred-metadata/master/Virus/MadMan.exe

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://github.com/Da2dalus/The-MALWARE-Repo/raw/refs/heads/master/Virus/MadMan.exe

HTTP Response

302
185.199.109.133:443

https://avatars.githubusercontent.com/u/63458929?v=4&size=40

tls, http2

msedge.exe

2.0kB
6.6kB
15
17

HTTP Request

GET https://avatars.githubusercontent.com/u/63458929?s=64&v=4

HTTP Request

GET https://avatars.githubusercontent.com/u/123590232?s=64&v=4

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://avatars.githubusercontent.com/u/63458929?v=4&size=40

HTTP Response

200
20.26.156.210:443

https://api.github.com/_private/browser/stats

tls, http2

msedge.exe

8.7kB
10.2kB
34
33

HTTP Request

POST https://api.github.com/_private/browser/stats

HTTP Response

200

HTTP Request

POST https://api.github.com/_private/browser/stats

HTTP Response

200

HTTP Request

POST https://api.github.com/_private/browser/stats

HTTP Response

200

HTTP Request

POST https://api.github.com/_private/browser/stats

HTTP Response

200

HTTP Request

POST https://api.github.com/_private/browser/stats

HTTP Response

200
185.199.111.133:443

https://raw.githubusercontent.com/Da2dalus/The-MALWARE-Repo/refs/heads/master/Virus/MadMan.exe

tls, http2

msedge.exe

3.0kB
49.4kB
33
52

HTTP Request

GET https://raw.githubusercontent.com/Da2dalus/The-MALWARE-Repo/refs/heads/master/Virus/Walker.com

HTTP Response

200

HTTP Request

GET https://raw.githubusercontent.com/Da2dalus/The-MALWARE-Repo/refs/heads/master/Virus/WinNuke.98.exe

HTTP Response

200

HTTP Request

GET https://raw.githubusercontent.com/Da2dalus/The-MALWARE-Repo/refs/heads/master/Virus/MadMan.exe

HTTP Response

200

8.8.8.8:53

github.com

dns

msedge.exe

691 B
1.4kB
10
10

DNS Request

github.com

DNS Response

20.26.156.215

DNS Request

ctldl.windowsupdate.com

DNS Response

199.232.214.172

199.232.210.172

DNS Request

github.githubassets.com

DNS Response

185.199.110.154

185.199.111.154

185.199.109.154

185.199.108.154

DNS Request

user-images.githubusercontent.com

DNS Response

185.199.111.133

185.199.110.133

185.199.108.133

185.199.109.133

DNS Request

172.214.232.199.in-addr.arpa

DNS Request

22.112.82.140.in-addr.arpa

DNS Request

34.143.101.95.in-addr.arpa

DNS Request

237.21.107.13.in-addr.arpa

DNS Request

github.com

DNS Response

20.26.156.215

DNS Request

48.229.111.52.in-addr.arpa
8.8.8.8:53

136.32.126.40.in-addr.arpa

dns

403 B
1.1kB
6
6

DNS Request

136.32.126.40.in-addr.arpa

DNS Request

210.156.26.20.in-addr.arpa

DNS Request

r.bing.com

DNS Response

95.101.143.210

95.101.143.195

95.101.143.202

95.101.143.177

88.221.135.0

95.101.143.193

95.101.143.185

88.221.135.25

95.101.143.182

DNS Request

www2.bing.com

DNS Response

13.107.21.237

204.79.197.237

DNS Request

21.49.80.91.in-addr.arpa

DNS Request

133.111.199.185.in-addr.arpa
8.8.8.8:53

154.110.199.185.in-addr.arpa

dns

343 B
1.1kB
5
5

DNS Request

154.110.199.185.in-addr.arpa

DNS Request

www.bing.com

DNS Response

88.221.135.51

88.221.135.57

95.101.143.195

95.101.143.177

95.101.143.193

95.101.143.34

95.101.143.185

95.101.143.202

88.221.135.33

DNS Request

2.159.190.20.in-addr.arpa

DNS Request

ctldl.windowsupdate.com

DNS Response

91.80.49.21

91.81.129.182

91.80.49.22

91.80.49.86

91.81.130.134

DNS Request

raw.githubusercontent.com

DNS Response

185.199.111.133

185.199.108.133

185.199.109.133

185.199.110.133
8.8.8.8:53

133.109.199.185.in-addr.arpa

dns

396 B
1.3kB
6
6

DNS Request

133.109.199.185.in-addr.arpa

DNS Request

www.bing.com

DNS Response

95.101.143.210

88.221.135.33

88.221.135.0

88.221.135.26

95.101.143.177

95.101.143.34

88.221.135.25

95.101.143.183

95.101.143.193

DNS Request

login.microsoftonline.com

DNS Response

20.190.159.2

20.190.159.23

20.190.159.71

20.190.159.0

20.190.159.75

40.126.31.71

40.126.31.69

40.126.31.73

DNS Request

tse1.mm.bing.net

DNS Response

150.171.28.10

150.171.27.10

DNS Request

github-cloud.s3.amazonaws.com

DNS Response

54.231.228.65

3.5.27.130

52.217.228.241

3.5.12.86

52.216.209.41

3.5.29.185

52.217.18.228

54.231.164.49

DNS Request

github.com

DNS Response

20.26.156.215
8.8.8.8:53

95.221.229.192.in-addr.arpa

dns

338 B
862 B
5
5

DNS Request

95.221.229.192.in-addr.arpa

DNS Request

210.143.101.95.in-addr.arpa

DNS Request

login.live.com

DNS Response

20.190.160.20

40.126.32.136

40.126.32.76

40.126.32.140

40.126.32.133

40.126.32.134

20.190.160.14

40.126.32.72

DNS Request

10.28.171.150.in-addr.arpa

DNS Request

api.github.com

DNS Response

20.26.156.210
224.0.0.251:5353

msedge.exe

531 B
8

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Subvert Trust Controls

T1553

SIP and Trust Provider Hijacking

T1553.003

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Web Service

T1102

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
e9a2c784e6d797d91d4b8612e14d51bd

SHA1
25e2b07c396ee82e4404af09424f747fc05f04c2

SHA256
18ddbb93c981d8006071f9d26924ce3357cad212cbb65f48812d4a474c197ce6

SHA512
fc35688ae3cd448ed6b2069d39ce1219612c54f5bb0dd7b707c9e6f39450fe9fb1338cf5bd0b82a45207fac2fbab1e0eae77e5c9e6488371390eab45f76a5df1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
1fc959921446fa3ab5813f75ca4d0235

SHA1
0aeef3ba7ba2aa1f725fca09432d384b06995e2a

SHA256
1b1e89d3b2f3da84cc8494d07cf0babc472c426ccb1c4ae13398243360c9d02c

SHA512
899d1e1b0feece25ac97527daddcaaeb069cb428532477849eba43a627502c590261f2c26fef31e4e20efd3d7eb0815336a784c4d2888e05afcf5477af872b06

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000003

Filesize
17KB

MD5
18a9531f05f4a3662558d102349767b1

SHA1
328114b78180b5931d651669bf0b21d3a5cf8adc

SHA256
2d427df292899c50caad69f5c59737ff07f39544e52ff6b9d01f4fb82ec0d716

SHA512
b52d9f81a88694bbb16551a50fefd69a3f3dcd0ce5d3d3f3e3a2c1d7de969b5f6e27ca9fd22f7e964108f9b39eb083a44ef161ee3b8c39f61fa5939a15d21b2f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\temp-index

Filesize
3KB

MD5
9b21dc674629be97b5c7938f3674f9b6

SHA1
681cd26a5ee73f0332ba592efa5662c9dce68e8a

SHA256
617feb9a95a7877b1fb62b45c6b7eda4ac29f20245fb9adaa7783d49e40bce51

SHA512
db2e97836020216384265930159af1a26d6af0c1fb429e76081788b2d3d75ad9f00db72e64e2cc2ee788206a250824503f75b2a42e089146fb6a860e07232205

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
3KB

MD5
73cfae61313bff85e51a3b676ee86c6d

SHA1
3ab033633f15b93b380a0b380a3119f98ca97b38

SHA256
b8e99d8f05643a41176113b959415629d65adcc48e26f2804df1cec612ea4e9f

SHA512
a68e3221aa202995c1d67aa7b6f6878deecbffae4747fc24decd08f10552c2fa123c09d5544c35820d557cf423a1d2a271d48316ff26598df4bb57ec7ee76b2c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
844B

MD5
68fb1fa3691942d0dfe99364a6f5d6af

SHA1
a1e9627d9aecc5585e1f1cb83f402baef9bc2a86

SHA256
5b9377d5a7fb412a5544d5155acc6327909b85e721ac3d76f136243356f14e11

SHA512
8251f3dc9a5fdf66250949754970d4ff646ae5960fd28548bc11eb0844874e4c7c4a9754ed493254d41a25f73fbe663f76b11e51e4eaf78dce17e090e388b65c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1014B

MD5
98a97dbd22ec9dd68776b9aa96da62f8

SHA1
df9ee87a0d24c215efd08113760ec4c80d4f7f73

SHA256
1f8d0feb39601e17df3c705c26a39db51c73c8dabd7f1f32abed79918fd31b7a

SHA512
a23d38b5a1d773c9480dc21e2df5a36b4333c98016cebf3687f1e528e7e90ceb420016c89a6f4cc7472f175edf84133596b90744a2f50c7185d36dad3427d12e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
25a6571f111f737f2a693c858c3f6402

SHA1
6591e42de4df217c3e41b28e09df430d522e7264

SHA256
4391d8416aa70b223b582896d723880e8023954a6b6ca62c7ae6017cfb5722c1

SHA512
78d4e877a317dfc51baf32d97f6dc57640b6a257d846b1c59e1c370960a399207c64877ffad73155a2e87831c86cd419ac757044b365b6b03aef337bf119b8f4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
4b68cadcc6b669b6308e48de6ac0e3e5

SHA1
a7ec819805d679e7946ee1aea3698ef93a2540d3

SHA256
b3f915cd2ac39d0da796d21509001462f4cd0174761f18eb1abb25bb0c574a6e

SHA512
313290098dea85e9535bf9550e6de104881b113befce834f117bc2ec048e56bbf3eb6a1fb49e292c7cb74db106551406747bf65ab03d0b1d42c9dab08982dd30

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
7a99f298c15b1e7bbd287857faccebd2

SHA1
bbdcd56d650d81a1fada61a9c903500bd5476162

SHA256
2d80339dab1ec8609160f2dbdf660f9d06d38950ec4653a8ace09f1395faa24a

SHA512
3fed6dfd4a626857d128c1e47acdd916c038a46b2f79ea4c66b99b2858483e7095cb0244e7a21371d22640c9d28a576ca448150f0ae0dd9afde6ed5c0669d262

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
b8d73d4b4535befd90b45992c12f83f7

SHA1
205b17126b5f32f847e948c2b554a2214e8cbeba

SHA256
da0c2a2af0106fb850315647decabd947b384c5646f15585138d00c9f1c73edc

SHA512
611da65d060e1f82920c297e36323e895a605af9c8c3e71240d1e8eb02276e9a6f4b4cda236e7edff9d6f03a35cd1a8e6269f05a906f4a2a05f240c6cea7fd91

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
3c8cb77e58b356230a5f89700bd99d28

SHA1
956b1bcfd328594601ce609536bba3ca0ab9103c

SHA256
70619accb003088e83188edb4050cb2dac9c343730776b97ca58fed8ccef2450

SHA512
cf50a4aae2e51ae1fca8928fc667771896297158327a0f332bfc50fa3f2675193c575f7b64ba1876bacabab790b123a3ce5eee56d9932692d70f311b835dc5ca

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
b8f654c78f6359510a58f1ea5659f57f

SHA1
2267af70f806a4d9d0f744a0f23050a1ce4cc044

SHA256
e87058c3ac8331fb08d7a0e499a72f354660c69ec77b467479853329d03eee1f

SHA512
742d8061eb78945beeddbc49d9a1ce64dfe92852d067d4d1089c9a970d37cdb5e8f947e68f8a5d2d874b6a727340f71c78925353212218805b5f1c0adf3d6858

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
15e43d1ef54d9de416ce1b1235fd180f

SHA1
af1a0240511ff3b22f04bf482c5ceb21e61b22c2

SHA256
587d4ce9faf13ce4d3e0aa19e246caba5a76171f890d9eda9043a5987d8a1441

SHA512
9eb2875f34d0ed3caf1b91bc5bddf9d075bea857cf3d8cf98bc71d30711dc5fa439397bca3f8530df032123ef1a831aedab850cbd0f3f83dd0402dd52cd52e8b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
ef5aaceae27c6a3ca5c0472a3ca05f2f

SHA1
42cdb29b802357a60d481184f5c8db320fd24840

SHA256
2680d5892fcd3b755203fd14a7e5ba5fd70b131a330f0c94e5c9ddb7ce9ec618

SHA512
492f16d7b836dfb1985535d7ce0c4f8c4c4449743bd462923f8337e385ea48e3ecc1c96d3031c3120ff50413f07c9ba176b851bea46aa3cb09a86ac3a7f28610

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
ac0bcee8941ced66e56d72d62f05afa4

SHA1
efe4a8b8a783c6a9c4c276b85dd49cb42e7939bd

SHA256
10c83dae443fcc0665d8194eac23d058093a161effd8eb8e9e645093a7c81ac3

SHA512
4568481c1c5a87489b53a57a79f4575808e75282868174b2ce397d9718acc00909656b7f88ec3f2ae56f1c68c43d8a8c9237a92a371e2f8e9eb3d0f6229d868f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
2e820e04c8dff1eaa74a288475d465fc

SHA1
7f47aa47cf9472e941584a3f773fd0e77401f0e0

SHA256
8c8b092aa4574f49a5bb031fd6890c9fdfe04043efc9c8be0b35a90876994311

SHA512
23bc8b9215332361b42caada06e5021aabbff98b557f8d924db3dc1cf1070462cbf440ad07f78e0f2e494e04c129f6583eef595e425aae48471b49bc56495ec2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe57d34e.TMP

Filesize
706B

MD5
538ab7bbdbdc1ed8cd03be1adf93560f

SHA1
43342eb9b6b98202cfc5e3604ec31a756f946007

SHA256
96dfe3096778d2840fc7801993a351158bcff6e28b35eee52a166841c3ce274e

SHA512
bb8a5edb02c0ead849f49c3fe08b65a71dabc723825a81827bfc821c26b88d20d1d75201eacdbea1037fa2f805a8aef747e93568119a12d7d2ed8656a04f8fec

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
206702161f94c5cd39fadd03f4014d98

SHA1
bd8bfc144fb5326d21bd1531523d9fb50e1b600a

SHA256
1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167

SHA512
0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
9c37c2b681be47f48542a3048a140f95

SHA1
64474aa5bb43d482a69ee4e0f1176513be01d363

SHA256
450019c429d5fe272fd5e66c8fb22f26595e14202d2e28e76637636c4f72ef77

SHA512
ec9c85fc0b09fb8e42ecc58bf2c6d548838984d8fec4133a23546bc9e757b485af4e54fa4f600021f5893584d30e956187b6103303a8d591df253626b475d312

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
f69041634d3754b84ec1a9971f4fc5fd

SHA1
8e27344c29b93e362c2840a063b30db96bdb8caa

SHA256
45ec5750989b54fb6c04f87a31e4d836f8bdfed7617cf71e92939b2a449dee1c

SHA512
bb9a3121c3737ff365250f8e5b40870e3b1154dbf49e41bfac6d43fd72c8545a16d8172ad01263eee14b922b473946f6eff9c752cf0bdf04718826092af462c0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
0272d7c46f82eae9bef631c4de75d55f

SHA1
e0953ca1db3ac246ee1d2e468295048999acc831

SHA256
a1016acccbf6f3e3c38680a47dd390d8baa0c471429717f431b8e5a24cc73de3

SHA512
1f4e354e2fc8644a5110c7db8c3f490ec5988f8bb068f8e353b10ccd2c120dec186dfb7bd417a06a3bffb878469c73e3c8741275daa23228df21f6715fbd488b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
9eceba654b07ab184c0200605e882e4f

SHA1
c9352488fc6a0c99adb5b28bd4e2df81c2f6aad1

SHA256
6228c6ddf7a4eed9389c81f768af4415b47755739c32e4224ca6e700c4dce35e

SHA512
eb6fd31f4b9742f8ee291a4adee8e2f80a93381bd3aabb60135a78ccb1bcb2acc53deb01c56fc154a563f8b6040da3d4ac2266b5f082070f295e62bfb0e348bd

Download Submit
C:\Users\Admin\Downloads\Unconfirmed 486307.crdownload

Filesize
4KB

MD5
93ceffafe7bb69ec3f9b4a90908ece46

SHA1
14c85fa8930f8bfbe1f9102a10f4b03d24a16d02

SHA256
b87b48dcbf779b06c6ca6491cd31328cf840578d29a6327b7a44f9043ce1eb07

SHA512
c1cb5f15e2487f42d57ae0fa340e29c677fe24b44c945615ef617d77c2737ce4227d5a571547714973d263ed0a69c8893b6c51e89409261cdbedff612339d144

Download Submit
C:\Users\Admin\Downloads\Unconfirmed 933993.crdownload

Filesize
32KB

MD5
eb9324121994e5e41f1738b5af8944b1

SHA1
aa63c521b64602fa9c3a73dadd412fdaf181b690

SHA256
2f1f93ede80502d153e301baf9b7f68e7c7a9344cfa90cfae396aac17e81ce5a

SHA512
7f7a702ddec8d94cb2177b4736d94ec53e575be3dd2d610410cb3154ba9ad2936c98e0e72ed7ab5ebbcbe0329be0d9b20a3bcd84670a6d1c8d7e0a9a3056edd2

Download Submit
C:\Users\Admin\Downloads\Walker.com:Zone.Identifier

Filesize
55B

MD5
0f98a5550abe0fb880568b1480c96a1c

SHA1
d2ce9f7057b201d31f79f3aee2225d89f36be07d

SHA256
2dfb5f4b33e4cf8237b732c02b1f2b1192ffe4b83114bcf821f489bbf48c6aa1

SHA512
dbc1150d831950684ab37407defac0177b7583da0fe13ee8f8eeb65e8b05d23b357722246888189b4681b97507a4262ece96a1c458c4427a9a41d8ea8d11a2f6

Download Submit

Resubmissions

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

HTTP Request

HTTP Response

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Request

HTTP Response

HTTP Response

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Response

HTTP Response

HTTP Response

HTTP Response

HTTP Response

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request