crimsonrat | hxxp://my doom download

Analysis

max time kernel
363s
max time network
377s
platform
windows11-21h2_x64
resource
win11-20241007-en
resource tags

arch:x64arch:x86image:win11-20241007-enlocale:en-usos:windows11-21h2-x64system
submitted
25/12/2024, 11:22 UTC

Sharing

Copy URL

Twitter E-mail

Reason

Machine shutdown

Report Analysis Logs

General

Target

http://my doom download

Malware Config

Extracted

Family

crimsonrat

185.136.161.124

Extracted

Path

C:\Users\Admin\Downloads\!Please Read Me!.txt

Family

wannacry

Ransom Note

Q: What's wrong with my files? A: Ooops, your important files are encrypted. It means you will not be able to access them anymore until they are decrypted. If you follow our instructions we guarantee that you can decrypt all your files quickly and safely! Let's start decrypting! Q: What do I do? A: First, you need to pay service fees for the decryption. Please send $300 worth of bitcoin to this bitcoin address: 15zGqZCTcys6eCjDkE3DypCjXi6QWRV6V1 Next, please find the decrypt software on your desktop, an executable file named "!WannaDecryptor!.exe". If it does not exsit, download the software from the address below. (You may need to disable your antivirus for a while.) rar password: wcry123 Run and follow the instructions! �

Wallets

15zGqZCTcys6eCjDkE3DypCjXi6QWRV6V1

Signatures

CrimsonRAT main payload 1 IoCs

resource	yara_rule
behavioral1/files/0x00030000000006a1-537.dat	family_crimsonrat

CrimsonRat
Crimson RAT is a malware linked to a Pakistani-linked threat actor.
rat crimsonrat
Crimsonrat family
crimsonrat
Dharma
Dharma is a ransomware that uses security software installation to hide malicious activities.
ransomware dharma
Dharma family
dharma
Njrat family
njrat

UAC bypass 3 TTPs 1 IoCs

evasion trojan

Bypass User Account Control

T1548.002

Disable or Modify Tools

T1562.001

Modify Registry

T1112

description	ioc	Process
Set value (int)	\REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ConsentPromptBehaviorAdmin = "0"	wscript.exe

Wannacry
WannaCry is a ransomware cryptoworm.
ransomware worm wannacry
Wannacry family
wannacry
njRAT/Bladabindi
Widely used RAT written in .NET.
trojan njrat
Deletes shadow copies 3 TTPs
Ransomware often targets backup files to inhibit system recovery.
ransomware defense_evasion impact execution

File Deletion
T1070.004

Inhibit System Recovery
T1490

Windows Management Instrumentation
T1047
Renames multiple (553) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
ransomware
Downloads MZ/PE file

Modifies Windows Firewall 2 TTPs 1 IoCs

evasion

Windows Service

T1543.003

Disable or Modify System Firewall

T1562.004

pid	Process
456	netsh.exe

Credentials from Password Stores: Windows Credential Manager 1 TTPs
Suspicious access to Credentials History.
credential_access stealer

Windows Credential Manager
T1555.004

Drops startup file 12 IoCs

description	ioc	Process
File opened for modification	C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\~SD8A88.tmp	WannaCry.exe
File created	C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\b9584a316aeb9ca9b31edd4db18381f5.exe	NJRat.exe
File opened for modification	C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\b9584a316aeb9ca9b31edd4db18381f5.exe	NJRat.exe
File created	C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\b9584a316aeb9ca9b31edd4db18381f5.exe\:SmartScreen:$DATA	NJRat.exe
File created	C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CoronaVirus.exe	CoronaVirus.exe
File opened for modification	C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini	CoronaVirus.exe
File created	C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini.id-4B62598E.[coronavirus@qq.com].ncov	CoronaVirus.exe
File created	C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\b9584a316aeb9ca9b31edd4db18381f5.exe\:Zone.Identifier:$DATA	NJRat.exe
File opened for modification	C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini.id-4B62598E.[coronavirus@qq.com].ncov	CoronaVirus.exe
File opened for modification	C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\b9584a316aeb9ca9b31edd4db18381f5.exe	CoronaVirus.exe
File created	C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Info.hta	CoronaVirus.exe
File opened for modification	C:\Users\Admin\AppData\Roaming\Microsoft\Word\STARTUP\~SD8A9F.tmp	WannaCry.exe

Executes dropped EXE 47 IoCs

pid	Process
3872	NJRat.exe
2068	NJRat (8).exe
396	NJRat (9).exe
3900	CrimsonRAT.exe
3112	dlrarhsiva.exe
1624	CoronaVirus.exe
2788	CoronaVirus.exe
65964	NJRat (8).exe
66464	NJRat (9).exe
66472	NJRat.exe
73268	CrimsonRAT.exe
36544	dlrarhsiva.exe
37232	CoronaVirus.exe
37400	CoronaVirus.exe
37748	msedge.exe
63148	msedge.exe
37912	msedge.exe
38068	msedge.exe
38164	msedge.exe
38236	msedge.exe
38432	WannaCry.exe
38724	!WannaDecryptor!.exe
40112	!WannaDecryptor!.exe
40168	!WannaDecryptor!.exe
40224	WannaCry.exe
40320	!WannaDecryptor!.exe
40444	msedge.exe
40736	msedge.exe
40780	msedge.exe
40980	msedge.exe
41076	MrsMajor3.0.exe
41200	eulascr.exe
42028	msedge.exe
41960	msedge.exe
42648	msedge.exe
42592	ArcticBomb.exe
41672	msedge.exe
41660	msedge.exe
42768	msedge.exe
42480	msedge.exe
42368	MEMZ (1).exe
42244	MEMZ (1).exe
42192	MEMZ (1).exe
42816	MEMZ (1).exe
42836	MEMZ (1).exe
42860	MEMZ (1).exe
42876	MEMZ (1).exe

Loads dropped DLL 18 IoCs

pid	Process
37748	msedge.exe
63148	msedge.exe
37912	msedge.exe
38068	msedge.exe
38164	msedge.exe
38236	msedge.exe
40444	msedge.exe
40736	msedge.exe
40780	msedge.exe
40980	msedge.exe
41200	eulascr.exe
42028	msedge.exe
41960	msedge.exe
42648	msedge.exe
41672	msedge.exe
41660	msedge.exe
42768	msedge.exe
42480	msedge.exe

Obfuscated with Agile.Net obfuscator 1 IoCs

Detects use of the Agile.Net commercial obfuscator, which is capable of entity renaming and control flow obfuscation.

agilenet

resource	yara_rule
behavioral1/memory/41200-26144-0x0000000000680000-0x00000000006AA000-memory.dmp	agile_net

Reads user/profile data of web browsers 3 TTPs
Infostealers often target stored browser data, which can include saved credentials etc.
spyware stealer

Data from Local System
T1005

Credentials In Files
T1552.001

Credentials from Web Browsers
T1555.003

Adds Run key to start application 2 TTPs 6 IoCs

persistence

Registry Run Keys / Startup Folder

T1547.001

Modify Registry

T1112

description	ioc	Process
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\C:\Windows\System32\Info.hta = "mshta.exe \"C:\\Windows\\System32\\Info.hta\""	CoronaVirus.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\C:\Users\Admin\AppData\Roaming\Info.hta = "mshta.exe \"C:\\Users\\Admin\\AppData\\Roaming\\Info.hta\""	CoronaVirus.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\Microsoft Update Task Scheduler = "\"C:\\Users\\Admin\\Downloads\\WannaCry.exe\" /r"	WannaCry.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2584844841-1405471295-1760131749-1000\Software\Microsoft\Windows\CurrentVersion\Run\b9584a316aeb9ca9b31edd4db18381f5 = "\"C:\\Users\\Admin\\Downloads\\NJRat.exe\" .."	NJRat.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\b9584a316aeb9ca9b31edd4db18381f5 = "\"C:\\Users\\Admin\\Downloads\\NJRat.exe\" .."	NJRat.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\CoronaVirus.exe = "C:\\Windows\\System32\\CoronaVirus.exe"	CoronaVirus.exe

Drops desktop.ini file(s) 64 IoCs

description	ioc	Process
File opened for modification	C:\Users\Admin\AppData\Local\Microsoft\Windows\Burn\Burn\desktop.ini	CoronaVirus.exe
File opened for modification	C:\Users\Admin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\desktop.ini	CoronaVirus.exe
File opened for modification	C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance\Desktop.ini	CoronaVirus.exe
File opened for modification	C:\Users\Public\AccountPictures\desktop.ini	CoronaVirus.exe
File opened for modification	C:\Users\Public\Music\desktop.ini	CoronaVirus.exe
File opened for modification	C:\Users\Admin\AppData\Local\Microsoft\Windows\History\desktop.ini	CoronaVirus.exe
File opened for modification	C:\Users\Admin\AppData\Roaming\Microsoft\Windows\AccountPictures\desktop.ini	CoronaVirus.exe
File opened for modification	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\desktop.ini	CoronaVirus.exe
File opened for modification	C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools\desktop.ini	CoronaVirus.exe
File opened for modification	C:\Program Files\Microsoft Office\root\Office16\1033\DataServices\DESKTOP.INI	CoronaVirus.exe
File opened for modification	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools\desktop.ini	CoronaVirus.exe
File opened for modification	C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\desktop.ini	CoronaVirus.exe
File opened for modification	C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\desktop.ini	CoronaVirus.exe
File opened for modification	C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\desktop.ini	CoronaVirus.exe
File opened for modification	C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo\desktop.ini	CoronaVirus.exe
File opened for modification	C:\Users\Public\Documents\desktop.ini	CoronaVirus.exe
File opened for modification	C:\Users\Public\Pictures\desktop.ini	CoronaVirus.exe
File opened for modification	C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group1\desktop.ini	CoronaVirus.exe
File opened for modification	C:\$Recycle.Bin\S-1-5-21-2584844841-1405471295-1760131749-1000\desktop.ini	CoronaVirus.exe
File opened for modification	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini	CoronaVirus.exe
File opened for modification	C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\desktop.ini	CoronaVirus.exe
File opened for modification	C:\Users\Admin\Favorites\desktop.ini	CoronaVirus.exe
File opened for modification	C:\Users\Admin\Pictures\Camera Roll\desktop.ini	CoronaVirus.exe
File opened for modification	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility\Desktop.ini	CoronaVirus.exe
File opened for modification	C:\Users\Admin\AppData\Local\Microsoft\Windows\Application Shortcuts\desktop.ini	CoronaVirus.exe
File opened for modification	C:\Users\Admin\AppData\Local\Microsoft\Windows\WinX\Group1\desktop.ini	CoronaVirus.exe
File opened for modification	C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\desktop.ini	CoronaVirus.exe
File opened for modification	C:\Users\Admin\Desktop\desktop.ini	CoronaVirus.exe
File opened for modification	C:\Users\Admin\OneDrive\desktop.ini	CoronaVirus.exe
File opened for modification	C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance\Desktop.ini	CoronaVirus.exe
File opened for modification	C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\desktop.ini	CoronaVirus.exe
File opened for modification	C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\desktop.ini	CoronaVirus.exe
File opened for modification	F:\$RECYCLE.BIN\S-1-5-21-2584844841-1405471295-1760131749-1000\desktop.ini	CoronaVirus.exe
File opened for modification	C:\Users\Admin\AppData\Local\Microsoft\Windows\WinX\Group2\desktop.ini	CoronaVirus.exe
File opened for modification	C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\desktop.ini	CoronaVirus.exe
File opened for modification	C:\Users\Admin\Contacts\desktop.ini	CoronaVirus.exe
File opened for modification	C:\Users\Admin\Downloads\desktop.ini	CoronaVirus.exe
File opened for modification	C:\Users\Admin\Pictures\Saved Pictures\desktop.ini	CoronaVirus.exe
File opened for modification	C:\Users\Public\Desktop\desktop.ini	CoronaVirus.exe
File opened for modification	C:\Users\Public\Downloads\desktop.ini	CoronaVirus.exe
File opened for modification	C:\ProgramData\Microsoft\Windows\Start Menu\desktop.ini	CoronaVirus.exe
File opened for modification	C:\Users\Public\desktop.ini	CoronaVirus.exe
File opened for modification	C:\Users\Admin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\desktop.ini	CoronaVirus.exe
File opened for modification	C:\Program Files\desktop.ini	CoronaVirus.exe
File opened for modification	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\desktop.ini	CoronaVirus.exe
File opened for modification	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance\Desktop.ini	CoronaVirus.exe
File opened for modification	C:\Users\Admin\AppData\Roaming\Microsoft\Windows\SendTo\desktop.ini	CoronaVirus.exe
File opened for modification	C:\Users\Admin\Favorites\Links\desktop.ini	CoronaVirus.exe
File opened for modification	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\desktop.ini	CoronaVirus.exe
File opened for modification	C:\Users\Admin\AppData\Local\Microsoft\Windows\Burn\Burn1\desktop.ini	CoronaVirus.exe
File opened for modification	C:\Users\Admin\Documents\desktop.ini	CoronaVirus.exe
File opened for modification	C:\Users\Admin\Music\desktop.ini	CoronaVirus.exe
File opened for modification	C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Desktop.ini	CoronaVirus.exe
File opened for modification	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\desktop.ini	CoronaVirus.exe
File opened for modification	C:\Users\Admin\Searches\desktop.ini	CoronaVirus.exe
File opened for modification	C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\desktop.ini	CoronaVirus.exe
File opened for modification	C:\Users\Public\Libraries\desktop.ini	CoronaVirus.exe
File opened for modification	C:\Users\Admin\AppData\Local\Microsoft\Windows\WinX\Group3\desktop.ini	CoronaVirus.exe
File opened for modification	C:\Users\Admin\Videos\desktop.ini	CoronaVirus.exe
File opened for modification	C:\Users\Public\Videos\desktop.ini	CoronaVirus.exe
File opened for modification	C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\desktop.ini	CoronaVirus.exe
File opened for modification	C:\Program Files (x86)\desktop.ini	CoronaVirus.exe
File opened for modification	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\desktop.ini	CoronaVirus.exe
File opened for modification	C:\Users\Admin\AppData\Local\Microsoft\Windows\Burn\Burn2\desktop.ini	CoronaVirus.exe

Legitimate hosting services abused for malware hosting/C2 1 TTPs 5 IoCs

Web Service

T1102

flow	ioc
11	raw.githubusercontent.com
73	raw.githubusercontent.com
99	raw.githubusercontent.com
120	drive.google.com
10	drive.google.com

Writes to the Master Boot Record (MBR) 1 TTPs 1 IoCs

Bootkits write to the MBR to gain persistence at a level below the operating system.

bootkit persistence

Bootkit

T1542.003

description	ioc	Process
File opened for modification	\??\PhysicalDrive0	MEMZ (1).exe

Drops file in System32 directory 2 IoCs

description	ioc	Process
File created	C:\Windows\System32\CoronaVirus.exe	CoronaVirus.exe
File created	C:\Windows\System32\Info.hta	CoronaVirus.exe

Sets desktop wallpaper using registry 2 TTPs 1 IoCs

ransomware

Defacement

T1491

Modify Registry

T1112

description	ioc	Process
Set value (str)	\REGISTRY\USER\S-1-5-21-2584844841-1405471295-1760131749-1000\Control Panel\Desktop\Wallpaper = "C:\\Users\\Admin\\Desktop\\!WannaCryptor!.bmp"	!WannaDecryptor!.exe

UPX packed file 3 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
behavioral1/files/0x001b00000002af0d-26212.dat	upx
behavioral1/memory/42592-26241-0x0000000000400000-0x0000000000454000-memory.dmp	upx
behavioral1/memory/42592-26243-0x0000000000400000-0x0000000000454000-memory.dmp	upx

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File opened for modification	C:\Program Files\WindowsApps\Microsoft.ScreenSketch_11.2104.2.0_x64__8wekyb3d8bbwe\SnippingTool\Assets\StoreLogo.scale-200.png	CoronaVirus.exe
File opened for modification	C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.12827.20400.0_x64__8wekyb3d8bbwe\images\EmptyView-Dark.scale-400.png	CoronaVirus.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\my-recent-files\js\nls\sl-si\ui-strings.js.id-4B62598E.[coronavirus@qq.com].ncov	CoronaVirus.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.42251.0_x64__8wekyb3d8bbwe\Assets\AppPackageAppList.targetsize-30_altform-unplated.png	CoronaVirus.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.GetHelp_10.2008.32311.0_neutral_split.scale-100_8wekyb3d8bbwe\Assets\contrast-black\GetHelpBadgeLogo.scale-100_contrast-black.png	CoronaVirus.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.WebpImageExtension_1.0.32731.0_x64__8wekyb3d8bbwe\Assets\contrast-black\AppList.targetsize-80_contrast-black.png	CoronaVirus.exe
File opened for modification	C:\Program Files\Microsoft Office\root\Licenses16\PublisherVL_MAK-ul-phn.xrm-ms	CoronaVirus.exe
File created	C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\ACEEXCH.DLL.id-4B62598E.[coronavirus@qq.com].ncov	CoronaVirus.exe
File opened for modification	C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\1033\MAPISHELLR.DLL.id-4B62598E.[coronavirus@qq.com].ncov	CoronaVirus.exe
File opened for modification	C:\Program Files (x86)\WindowsPowerShell\Modules\PackageManagement\1.0.0.1\DSCResources\PackageManagementDscUtilities.psm1.id-4B62598E.[coronavirus@qq.com].ncov	CoronaVirus.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.WebpImageExtension_1.0.32731.0_x64__8wekyb3d8bbwe\Assets\AppList.targetsize-20.png	CoronaVirus.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\images\SearchEmail2x.png.id-4B62598E.[coronavirus@qq.com].ncov	CoronaVirus.exe
File opened for modification	C:\Program Files\Microsoft Office\root\Office16\ADDINS\Microsoft Power Query for Excel Integrated\bin\Microsoft.Mashup.SapBwProvider.dll.id-4B62598E.[coronavirus@qq.com].ncov	CoronaVirus.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\signatures\js\nls\en-gb\ui-strings.js.id-4B62598E.[coronavirus@qq.com].ncov	CoronaVirus.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\search-summary\js\nls\sk-sk\ui-strings.js.id-4B62598E.[coronavirus@qq.com].ncov	CoronaVirus.exe
File opened for modification	C:\Program Files\Microsoft Office\root\Licenses\c2rpridslicensefiles_auto.xml.id-4B62598E.[coronavirus@qq.com].ncov	CoronaVirus.exe
File opened for modification	C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App\6.0.27\PresentationFramework-SystemDrawing.dll	CoronaVirus.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.ScreenSketch_11.2104.2.0_neutral_split.scale-100_8wekyb3d8bbwe\Assets\contrast-white\SnipSketchStoreLogo.scale-100.png	CoronaVirus.exe
File created	C:\Program Files\Microsoft Office\root\Licenses16\HomeBusinessR_OEM_Perp2-pl.xrm-ms.id-4B62598E.[coronavirus@qq.com].ncov	CoronaVirus.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\exportpdfupsell-app\js\nls\fi-fi\ui-strings.js	CoronaVirus.exe
File opened for modification	C:\Program Files\Microsoft Office\root\Licenses16\O365ProPlusDemoR_BypassTrial365-ppd.xrm-ms	CoronaVirus.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\home\images\new_icons.png.id-4B62598E.[coronavirus@qq.com].ncov	CoronaVirus.exe
File opened for modification	C:\Program Files\VideoLAN\VLC\plugins\spu\libaudiobargraph_v_plugin.dll	CoronaVirus.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.BingWeather_4.9.2002.0_neutral_~_8wekyb3d8bbwe\AppxSignature.p7x	CoronaVirus.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\app-center\js\nls\ja-jp\ui-strings.js	CoronaVirus.exe
File opened for modification	C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\QUAD\QUAD.ELM	CoronaVirus.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\ADelRCP.exe	CoronaVirus.exe
File opened for modification	C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App\6.0.27\cs\System.Windows.Controls.Ribbon.resources.dll	CoronaVirus.exe
File created	C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Analysis Services\AS OLEDB\140\Cartridges\orcl7.xsl.id-4B62598E.[coronavirus@qq.com].ncov	CoronaVirus.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.Xbox.TCUI_1.23.28002.0_neutral_~_8wekyb3d8bbwe\AppxMetadata\AppxBundleManifest.xml	CoronaVirus.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\add-account\js\nls\tr-tr\ui-strings.js.id-4B62598E.[coronavirus@qq.com].ncov	CoronaVirus.exe
File created	C:\Program Files\Microsoft Office\root\Office16\1033\ONGuide.onepkg.id-4B62598E.[coronavirus@qq.com].ncov	CoronaVirus.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.GetHelp_10.2008.32311.0_neutral_split.scale-100_8wekyb3d8bbwe\Assets\GetHelpStoreLogo.scale-100.png	CoronaVirus.exe
File opened for modification	C:\Program Files\Microsoft Office\root\Licenses16\WordR_Retail-ul-phn.xrm-ms.id-4B62598E.[coronavirus@qq.com].ncov	CoronaVirus.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\tracked-send\js\plugins\tracked-send\css\tool-view.css.id-4B62598E.[coronavirus@qq.com].ncov	CoronaVirus.exe
File opened for modification	C:\Program Files\VideoLAN\VLC\plugins\access\libbluray-j2se-1.3.2.jar	CoronaVirus.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.HEIFImageExtension_1.0.40978.0_x64__8wekyb3d8bbwe\Assets\contrast-black\AppList.targetsize-30_contrast-black.png	CoronaVirus.exe
File opened for modification	C:\Program Files\Microsoft Office\root\Office16\msoianetutil.dll	CoronaVirus.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\images\themes\dark\s_reportabuse-default_18.svg.id-4B62598E.[coronavirus@qq.com].ncov	CoronaVirus.exe
File created	C:\Program Files\Microsoft Office\root\Licenses16\ExcelVL_MAK-ppd.xrm-ms.id-4B62598E.[coronavirus@qq.com].ncov	CoronaVirus.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\fss\img\tools\@1x\themes\dark\A12_Sign_White@1x.png.id-4B62598E.[coronavirus@qq.com].ncov	CoronaVirus.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\fss\js\nls\fr-fr\ui-strings.js.id-4B62598E.[coronavirus@qq.com].ncov	CoronaVirus.exe
File created	C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App\6.0.27\zh-Hans\System.Windows.Forms.Design.resources.dll.id-4B62598E.[coronavirus@qq.com].ncov	CoronaVirus.exe
File opened for modification	C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App\8.0.2\it\System.Windows.Forms.resources.dll	CoronaVirus.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.BingWeather_1.0.6.0_x64__8wekyb3d8bbwe\Assets\AppTiles\WeatherAppList.targetsize-20_altform-unplated.png	CoronaVirus.exe
File opened for modification	C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.12827.20400.0_x64__8wekyb3d8bbwe\images\GenericMailWideTile.scale-150.png	CoronaVirus.exe
File created	C:\Program Files\Java\jdk-1.8\jre\bin\java-rmi.exe.id-4B62598E.[coronavirus@qq.com].ncov	CoronaVirus.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\plug_ins\StorageConnectors.api	CoronaVirus.exe
File created	C:\Program Files\Java\jdk-1.8\bin\api-ms-win-core-libraryloader-l1-1-0.dll.id-4B62598E.[coronavirus@qq.com].ncov	CoronaVirus.exe
File opened for modification	C:\Program Files\Microsoft Office\root\Integration\C2RManifest.wordmui.msi.16.en-us.xml.id-4B62598E.[coronavirus@qq.com].ncov	CoronaVirus.exe
File opened for modification	C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\DataModel\Cartridges\informix.xsl	CoronaVirus.exe
File opened for modification	C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\JOURNAL\THMBNAIL.PNG	CoronaVirus.exe
File created	C:\Program Files\Mozilla Firefox\browser\VisualElements\PrivateBrowsing_150.png.id-4B62598E.[coronavirus@qq.com].ncov	CoronaVirus.exe
File opened for modification	C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App\7.0.16\tr\UIAutomationProvider.resources.dll	CoronaVirus.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.BingWeather_1.0.6.0_x64__8wekyb3d8bbwe\Assets\AppTiles\contrast-black\WeatherAppList.targetsize-64_altform-unplated_contrast-black.png	CoronaVirus.exe
File opened for modification	C:\Program Files\Google\Chrome\Application\123.0.6312.123\Locales\zh-TW.pak.id-4B62598E.[coronavirus@qq.com].ncov	CoronaVirus.exe
File opened for modification	C:\Program Files\Mozilla Firefox\browser\features\pictureinpicture@mozilla.org.xpi	CoronaVirus.exe
File opened for modification	C:\Program Files\Common Files\microsoft shared\ink\fsdefinitions\keypad\ea.xml	CoronaVirus.exe
File opened for modification	C:\Program Files\dotnet\shared\Microsoft.NETCore.App\7.0.16\System.Globalization.dll	CoronaVirus.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.WindowsStore_12104.1001.1.0_neutral_split.scale-100_8wekyb3d8bbwe\Assets\AppTiles\contrast-black\LibrarySquare150x150Logo.scale-100.png	CoronaVirus.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.YourPhone_0.19051.7.0_x64__8wekyb3d8bbwe\Assets\AppTiles\contrast-white\AppIcon.targetsize-60_altform-unplated_contrast-white.png	CoronaVirus.exe
File opened for modification	C:\Program Files\Microsoft Office\root\Office16\pkeyconfig-office.xrm-ms	CoronaVirus.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.Windows.Photos_21.21030.25003.0_x64__8wekyb3d8bbwe\ResourceDictionary.xbf	CoronaVirus.exe
File opened for modification	C:\Program Files\WindowsPowerShell\Modules\PackageManagement\1.0.0.1\DSCResources\MSFT_PackageManagement\ja-JP\MSFT_PackageManagement.schema.mfl.id-4B62598E.[coronavirus@qq.com].ncov	CoronaVirus.exe

Subvert Trust Controls: Mark-of-the-Web Bypass 1 TTPs 9 IoCs

When files are downloaded from the Internet, they are tagged with a hidden NTFS Alternate Data Stream (ADS) named Zone.Identifier with a specific value known as the MOTW.

defense_evasion

SIP and Trust Provider Hijacking

T1553.003

description	ioc	Process
File opened for modification	C:\Users\Admin\Downloads\CrimsonRAT.exe:Zone.Identifier	msedge.exe
File opened for modification	C:\Users\Admin\Downloads\MEMZ (1).exe:Zone.Identifier	msedge.exe
File opened for modification	C:\Users\Admin\Downloads\NJRat.exe:Zone.Identifier	msedge.exe
File opened for modification	C:\Users\Admin\Downloads\NJRat (9).exe:Zone.Identifier	msedge.exe
File opened for modification	C:\Users\Admin\Downloads\NJRat (8).exe:Zone.Identifier	msedge.exe
File opened for modification	C:\Users\Admin\Downloads\CoronaVirus.exe:Zone.Identifier	msedge.exe
File opened for modification	C:\Users\Admin\Downloads\WannaCry.exe:Zone.Identifier	msedge.exe
File opened for modification	C:\Users\Admin\Downloads\MrsMajor3.0.exe:Zone.Identifier	msedge.exe
File opened for modification	C:\Users\Admin\Downloads\ArcticBomb.exe:Zone.Identifier	msedge.exe

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

Event Triggered Execution: Netsh Helper DLL 1 TTPs 3 IoCs

Netsh.exe (also referred to as Netshell) is a command-line scripting utility used to interact with the network configuration of a system.

persistence privilege_escalation

Netsh Helper DLL

T1546.007

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\NetSh	netsh.exe
Key queried	\REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\NetSh	netsh.exe
Key value enumerated	\REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\NetSh	netsh.exe

System Location Discovery: System Language Discovery 1 TTPs 34 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	NJRat (8).exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	NJRat (9).exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	CoronaVirus.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	taskkill.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	!WannaDecryptor!.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	CoronaVirus.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	cmd.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	CoronaVirus.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	NJRat (9).exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	taskkill.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	cmd.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	WannaCry.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	cmd.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	MEMZ (1).exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	NJRat.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	!WannaDecryptor!.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	WMIC.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	MEMZ (1).exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	!WannaDecryptor!.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	taskkill.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	WannaCry.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	!WannaDecryptor!.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	MEMZ (1).exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	netsh.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	NJRat (8).exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	NJRat.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	cscript.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	MEMZ (1).exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	MEMZ (1).exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	CoronaVirus.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	taskkill.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	ArcticBomb.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	MEMZ (1).exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	MEMZ (1).exe

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe

Interacts with shadow copies 3 TTPs 2 IoCs

Shadow copies are often targeted by ransomware to inhibit system recovery.

ransomware

File Deletion

T1070.004

Inhibit System Recovery

T1490

Direct Volume Access

T1006

pid	Process
36824	vssadmin.exe
47996	vssadmin.exe

Kills process with taskkill 4 IoCs

evasion

pid	Process
38732	taskkill.exe
38756	taskkill.exe
38748	taskkill.exe
38740	taskkill.exe

NTFS ADS 28 IoCs

description	ioc	Process
File opened for modification	C:\Users\Admin\Downloads\NJRat (8).exe:Zone.Identifier	msedge.exe
File opened for modification	C:\Users\Admin\Downloads\Unconfirmed 625566.crdownload:SmartScreen	msedge.exe
File opened for modification	C:\Users\Admin\Downloads\Unconfirmed 982380.crdownload:SmartScreen	msedge.exe
File opened for modification	C:\Users\Admin\Downloads\Unconfirmed 409767.crdownload:SmartScreen	msedge.exe
File opened for modification	C:\Users\Admin\Downloads\Unconfirmed 594825.crdownload:SmartScreen	msedge.exe
File opened for modification	C:\Users\Admin\Downloads\CrimsonRAT.exe:Zone.Identifier	msedge.exe
File opened for modification	C:\Users\Admin\Downloads\Unconfirmed 783521.crdownload:SmartScreen	msedge.exe
File opened for modification	C:\Users\Admin\Downloads\MrsMajor3.0.exe:Zone.Identifier	msedge.exe
File opened for modification	C:\Users\Admin\Downloads\Unconfirmed 611056.crdownload:SmartScreen	msedge.exe
File opened for modification	C:\Users\Admin\Downloads\Unconfirmed 873104.crdownload:SmartScreen	msedge.exe
File opened for modification	C:\Users\Admin\Downloads\Unconfirmed 449384.crdownload:SmartScreen	msedge.exe
File opened for modification	C:\Users\Admin\Downloads\Unconfirmed 836028.crdownload:SmartScreen	msedge.exe
File opened for modification	C:\Users\Admin\Downloads\Unconfirmed 560718.crdownload:SmartScreen	msedge.exe
File opened for modification	C:\Users\Admin\Downloads\Unconfirmed 833799.crdownload:SmartScreen	msedge.exe
File opened for modification	C:\Users\Admin\Downloads\Unconfirmed 584113.crdownload:SmartScreen	msedge.exe
File opened for modification	C:\Users\Admin\Downloads\ArcticBomb.exe:Zone.Identifier	msedge.exe
File opened for modification	C:\Users\Admin\Downloads\MEMZ (1).exe:Zone.Identifier	msedge.exe
File opened for modification	C:\Users\Admin\Downloads\NJRat.exe:Zone.Identifier	msedge.exe
File opened for modification	C:\Users\Admin\Downloads\Unconfirmed 665566.crdownload:SmartScreen	msedge.exe
File opened for modification	C:\Users\Admin\Downloads\NJRat (9).exe:Zone.Identifier	msedge.exe
File opened for modification	C:\Users\Admin\Downloads\CoronaVirus.exe:Zone.Identifier	msedge.exe
File opened for modification	C:\Users\Admin\Downloads\WannaCry.exe:Zone.Identifier	msedge.exe
File opened for modification	C:\Users\Admin\Downloads\Unconfirmed 564320.crdownload:SmartScreen	msedge.exe
File opened for modification	C:\Users\Admin\Downloads\Unconfirmed 818691.crdownload:SmartScreen	msedge.exe
File opened for modification	C:\Users\Admin\Downloads\Unconfirmed 944951.crdownload:SmartScreen	msedge.exe
File opened for modification	C:\Users\Admin\Downloads\Unconfirmed 619481.crdownload:SmartScreen	msedge.exe
File opened for modification	C:\Users\Admin\Downloads\Unconfirmed 224677.crdownload:SmartScreen	msedge.exe
File opened for modification	C:\Users\Admin\Downloads\Unconfirmed 968591.crdownload:SmartScreen	msedge.exe

Suspicious behavior: EnumeratesProcesses 64 IoCs

pid	Process
3856	msedge.exe
3856	msedge.exe
4628	msedge.exe
4628	msedge.exe
2180	msedge.exe
2180	msedge.exe
3684	identity_helper.exe
3684	identity_helper.exe
4284	msedge.exe
4284	msedge.exe
3872	NJRat.exe
3872	NJRat.exe
3872	NJRat.exe
3872	NJRat.exe
3872	NJRat.exe
3872	NJRat.exe
3872	NJRat.exe
3872	NJRat.exe
3872	NJRat.exe
3872	NJRat.exe
3872	NJRat.exe
3872	NJRat.exe
3872	NJRat.exe
3872	NJRat.exe
3872	NJRat.exe
3872	NJRat.exe
3872	NJRat.exe
3872	NJRat.exe
3872	NJRat.exe
3872	NJRat.exe
3872	NJRat.exe
3872	NJRat.exe
3872	NJRat.exe
3872	NJRat.exe
3872	NJRat.exe
3872	NJRat.exe
3872	NJRat.exe
3872	NJRat.exe
3872	NJRat.exe
3872	NJRat.exe
3872	NJRat.exe
3872	NJRat.exe
3872	NJRat.exe
3872	NJRat.exe
3872	NJRat.exe
3872	NJRat.exe
3872	NJRat.exe
3872	NJRat.exe
3872	NJRat.exe
3872	NJRat.exe
3872	NJRat.exe
3872	NJRat.exe
3872	NJRat.exe
3872	NJRat.exe
3872	NJRat.exe
3872	NJRat.exe
3872	NJRat.exe
3872	NJRat.exe
3872	NJRat.exe
3872	NJRat.exe
3872	NJRat.exe
3872	NJRat.exe
3872	NJRat.exe
3872	NJRat.exe

Suspicious behavior: GetForegroundWindowSpam 2 IoCs

pid	Process
3872	NJRat.exe
4628	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 34 IoCs

pid	Process
4628	msedge.exe
4628	msedge.exe
4628	msedge.exe
4628	msedge.exe
4628	msedge.exe
4628	msedge.exe
4628	msedge.exe
4628	msedge.exe
4628	msedge.exe
4628	msedge.exe
4628	msedge.exe
4628	msedge.exe
4628	msedge.exe
4628	msedge.exe
4628	msedge.exe
4628	msedge.exe
4628	msedge.exe
4628	msedge.exe
4628	msedge.exe
4628	msedge.exe
4628	msedge.exe
4628	msedge.exe
4628	msedge.exe
4628	msedge.exe
4628	msedge.exe
4628	msedge.exe
4628	msedge.exe
4628	msedge.exe
4628	msedge.exe
4628	msedge.exe
4628	msedge.exe
4628	msedge.exe
4628	msedge.exe
4628	msedge.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeDebugPrivilege	3872	NJRat.exe
Token: 33	3872	NJRat.exe
Token: SeIncBasePriorityPrivilege	3872	NJRat.exe
Token: 33	3872	NJRat.exe
Token: SeIncBasePriorityPrivilege	3872	NJRat.exe
Token: SeDebugPrivilege	2068	NJRat (8).exe
Token: SeDebugPrivilege	396	NJRat (9).exe
Token: 33	3872	NJRat.exe
Token: SeIncBasePriorityPrivilege	3872	NJRat.exe
Token: 33	3872	NJRat.exe
Token: SeIncBasePriorityPrivilege	3872	NJRat.exe
Token: 33	3872	NJRat.exe
Token: SeIncBasePriorityPrivilege	3872	NJRat.exe
Token: 33	3872	NJRat.exe
Token: SeIncBasePriorityPrivilege	3872	NJRat.exe
Token: 33	3872	NJRat.exe
Token: SeIncBasePriorityPrivilege	3872	NJRat.exe
Token: 33	3872	NJRat.exe
Token: SeIncBasePriorityPrivilege	3872	NJRat.exe
Token: 33	3872	NJRat.exe
Token: SeIncBasePriorityPrivilege	3872	NJRat.exe
Token: 33	3872	NJRat.exe
Token: SeIncBasePriorityPrivilege	3872	NJRat.exe
Token: 33	3872	NJRat.exe
Token: SeIncBasePriorityPrivilege	3872	NJRat.exe
Token: SeDebugPrivilege	65964	NJRat (8).exe
Token: SeDebugPrivilege	66464	NJRat (9).exe
Token: SeDebugPrivilege	66472	NJRat.exe
Token: 33	3872	NJRat.exe
Token: SeIncBasePriorityPrivilege	3872	NJRat.exe
Token: SeBackupPrivilege	36896	vssvc.exe
Token: SeRestorePrivilege	36896	vssvc.exe
Token: SeAuditPrivilege	36896	vssvc.exe
Token: 33	3872	NJRat.exe
Token: SeIncBasePriorityPrivilege	3872	NJRat.exe
Token: 33	3872	NJRat.exe
Token: SeIncBasePriorityPrivilege	3872	NJRat.exe
Token: 33	3872	NJRat.exe
Token: SeIncBasePriorityPrivilege	3872	NJRat.exe
Token: 33	3872	NJRat.exe
Token: SeIncBasePriorityPrivilege	3872	NJRat.exe
Token: 33	3872	NJRat.exe
Token: SeIncBasePriorityPrivilege	3872	NJRat.exe
Token: 33	3872	NJRat.exe
Token: SeIncBasePriorityPrivilege	3872	NJRat.exe
Token: 33	3872	NJRat.exe
Token: SeIncBasePriorityPrivilege	3872	NJRat.exe
Token: 33	3872	NJRat.exe
Token: SeIncBasePriorityPrivilege	3872	NJRat.exe
Token: 33	3872	NJRat.exe
Token: SeIncBasePriorityPrivilege	3872	NJRat.exe
Token: SeDebugPrivilege	38748	taskkill.exe
Token: SeDebugPrivilege	38756	taskkill.exe
Token: SeDebugPrivilege	38740	taskkill.exe
Token: SeDebugPrivilege	38732	taskkill.exe
Token: 33	3872	NJRat.exe
Token: SeIncBasePriorityPrivilege	3872	NJRat.exe
Token: 33	3872	NJRat.exe
Token: SeIncBasePriorityPrivilege	3872	NJRat.exe
Token: SeIncreaseQuotaPrivilege	40552	WMIC.exe
Token: SeSecurityPrivilege	40552	WMIC.exe
Token: SeTakeOwnershipPrivilege	40552	WMIC.exe
Token: SeLoadDriverPrivilege	40552	WMIC.exe
Token: SeSystemProfilePrivilege	40552	WMIC.exe

Suspicious use of FindShellTrayWindow 64 IoCs

pid	Process
4628	msedge.exe
4628	msedge.exe
4628	msedge.exe
4628	msedge.exe
4628	msedge.exe
4628	msedge.exe
4628	msedge.exe
4628	msedge.exe
4628	msedge.exe
4628	msedge.exe
4628	msedge.exe
4628	msedge.exe
4628	msedge.exe
4628	msedge.exe
4628	msedge.exe
4628	msedge.exe
4628	msedge.exe
4628	msedge.exe
4628	msedge.exe
4628	msedge.exe
4628	msedge.exe
4628	msedge.exe
4628	msedge.exe
4628	msedge.exe
4628	msedge.exe
4628	msedge.exe
4628	msedge.exe
4628	msedge.exe
4628	msedge.exe
4628	msedge.exe
4628	msedge.exe
4628	msedge.exe
4628	msedge.exe
4628	msedge.exe
4628	msedge.exe
4628	msedge.exe
4628	msedge.exe
4628	msedge.exe
4628	msedge.exe
4628	msedge.exe
4628	msedge.exe
4628	msedge.exe
4628	msedge.exe
4628	msedge.exe
4628	msedge.exe
4628	msedge.exe
4628	msedge.exe
4628	msedge.exe
4628	msedge.exe
4628	msedge.exe
4628	msedge.exe
4628	msedge.exe
4628	msedge.exe
4628	msedge.exe
4628	msedge.exe
4628	msedge.exe
4628	msedge.exe
4628	msedge.exe
4628	msedge.exe
4628	msedge.exe
4628	msedge.exe
4628	msedge.exe
4628	msedge.exe
4628	msedge.exe

Suspicious use of SendNotifyMessage 28 IoCs

pid	Process
4628	msedge.exe
4628	msedge.exe
4628	msedge.exe
4628	msedge.exe
4628	msedge.exe
4628	msedge.exe
4628	msedge.exe
4628	msedge.exe
4628	msedge.exe
4628	msedge.exe
4628	msedge.exe
4628	msedge.exe
4628	msedge.exe
4628	msedge.exe
4628	msedge.exe
4628	msedge.exe
4628	msedge.exe
4628	msedge.exe
4628	msedge.exe
4628	msedge.exe
4628	msedge.exe
4628	msedge.exe
4628	msedge.exe
4628	msedge.exe
4628	msedge.exe
4628	msedge.exe
4628	msedge.exe
4628	msedge.exe

Suspicious use of SetWindowsHookEx 21 IoCs

pid	Process
38724	!WannaDecryptor!.exe
38724	!WannaDecryptor!.exe
40112	!WannaDecryptor!.exe
40112	!WannaDecryptor!.exe
40168	!WannaDecryptor!.exe
40168	!WannaDecryptor!.exe
40320	!WannaDecryptor!.exe
40320	!WannaDecryptor!.exe
41076	MrsMajor3.0.exe
42368	MEMZ (1).exe
42244	MEMZ (1).exe
42192	MEMZ (1).exe
42816	MEMZ (1).exe
42836	MEMZ (1).exe
42860	MEMZ (1).exe
42876	MEMZ (1).exe
42860	MEMZ (1).exe
42244	MEMZ (1).exe
42192	MEMZ (1).exe
42836	MEMZ (1).exe
42816	MEMZ (1).exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4628 wrote to memory of 2884	4628	msedge.exe	78
PID 4628 wrote to memory of 2884	4628	msedge.exe	78
PID 4628 wrote to memory of 704	4628	msedge.exe	79
PID 4628 wrote to memory of 704	4628	msedge.exe	79
PID 4628 wrote to memory of 704	4628	msedge.exe	79
PID 4628 wrote to memory of 704	4628	msedge.exe	79
PID 4628 wrote to memory of 704	4628	msedge.exe	79
PID 4628 wrote to memory of 704	4628	msedge.exe	79
PID 4628 wrote to memory of 704	4628	msedge.exe	79
PID 4628 wrote to memory of 704	4628	msedge.exe	79
PID 4628 wrote to memory of 704	4628	msedge.exe	79
PID 4628 wrote to memory of 704	4628	msedge.exe	79
PID 4628 wrote to memory of 704	4628	msedge.exe	79
PID 4628 wrote to memory of 704	4628	msedge.exe	79
PID 4628 wrote to memory of 704	4628	msedge.exe	79
PID 4628 wrote to memory of 704	4628	msedge.exe	79
PID 4628 wrote to memory of 704	4628	msedge.exe	79
PID 4628 wrote to memory of 704	4628	msedge.exe	79
PID 4628 wrote to memory of 704	4628	msedge.exe	79
PID 4628 wrote to memory of 704	4628	msedge.exe	79
PID 4628 wrote to memory of 704	4628	msedge.exe	79
PID 4628 wrote to memory of 704	4628	msedge.exe	79
PID 4628 wrote to memory of 704	4628	msedge.exe	79
PID 4628 wrote to memory of 704	4628	msedge.exe	79
PID 4628 wrote to memory of 704	4628	msedge.exe	79
PID 4628 wrote to memory of 704	4628	msedge.exe	79
PID 4628 wrote to memory of 704	4628	msedge.exe	79
PID 4628 wrote to memory of 704	4628	msedge.exe	79
PID 4628 wrote to memory of 704	4628	msedge.exe	79
PID 4628 wrote to memory of 704	4628	msedge.exe	79
PID 4628 wrote to memory of 704	4628	msedge.exe	79
PID 4628 wrote to memory of 704	4628	msedge.exe	79
PID 4628 wrote to memory of 704	4628	msedge.exe	79
PID 4628 wrote to memory of 704	4628	msedge.exe	79
PID 4628 wrote to memory of 704	4628	msedge.exe	79
PID 4628 wrote to memory of 704	4628	msedge.exe	79
PID 4628 wrote to memory of 704	4628	msedge.exe	79
PID 4628 wrote to memory of 704	4628	msedge.exe	79
PID 4628 wrote to memory of 704	4628	msedge.exe	79
PID 4628 wrote to memory of 704	4628	msedge.exe	79
PID 4628 wrote to memory of 704	4628	msedge.exe	79
PID 4628 wrote to memory of 704	4628	msedge.exe	79
PID 4628 wrote to memory of 3856	4628	msedge.exe	80
PID 4628 wrote to memory of 3856	4628	msedge.exe	80
PID 4628 wrote to memory of 5016	4628	msedge.exe	81
PID 4628 wrote to memory of 5016	4628	msedge.exe	81
PID 4628 wrote to memory of 5016	4628	msedge.exe	81
PID 4628 wrote to memory of 5016	4628	msedge.exe	81
PID 4628 wrote to memory of 5016	4628	msedge.exe	81
PID 4628 wrote to memory of 5016	4628	msedge.exe	81
PID 4628 wrote to memory of 5016	4628	msedge.exe	81
PID 4628 wrote to memory of 5016	4628	msedge.exe	81
PID 4628 wrote to memory of 5016	4628	msedge.exe	81
PID 4628 wrote to memory of 5016	4628	msedge.exe	81
PID 4628 wrote to memory of 5016	4628	msedge.exe	81
PID 4628 wrote to memory of 5016	4628	msedge.exe	81
PID 4628 wrote to memory of 5016	4628	msedge.exe	81
PID 4628 wrote to memory of 5016	4628	msedge.exe	81
PID 4628 wrote to memory of 5016	4628	msedge.exe	81
PID 4628 wrote to memory of 5016	4628	msedge.exe	81
PID 4628 wrote to memory of 5016	4628	msedge.exe	81
PID 4628 wrote to memory of 5016	4628	msedge.exe	81
PID 4628 wrote to memory of 5016	4628	msedge.exe	81
PID 4628 wrote to memory of 5016	4628	msedge.exe	81

System policy modification 1 TTPs 2 IoCs

evasion

Modify Registry

T1112

description	ioc	Process
Key created	\REGISTRY\MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System	wscript.exe
Set value (int)	\REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ConsentPromptBehaviorAdmin = "0"	wscript.exe

Uses Volume Shadow Copy service COM API
The Volume Shadow Copy service is used to manage backups/snapshots.
ransomware

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --start-maximized --single-argument http://my doom download
1⤵
- Enumerates system info in registry
- NTFS ADS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4628
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ffc67443cb8,0x7ffc67443cc8,0x7ffc67443cd8
  2⤵
  PID:2884
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1924,7432446895506376771,5627115845283154096,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1920 /prefetch:2
  2⤵
  PID:704
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1924,7432446895506376771,5627115845283154096,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2272 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3856
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1924,7432446895506376771,5627115845283154096,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2636 /prefetch:8
  2⤵
  PID:5016
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,7432446895506376771,5627115845283154096,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3224 /prefetch:1
  2⤵
  PID:4872
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,7432446895506376771,5627115845283154096,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3248 /prefetch:1
  2⤵
  PID:1664
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,7432446895506376771,5627115845283154096,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3848 /prefetch:1
  2⤵
  PID:4024
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,7432446895506376771,5627115845283154096,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4684 /prefetch:1
  2⤵
  PID:1264
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,7432446895506376771,5627115845283154096,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3896 /prefetch:1
  2⤵
  PID:2692
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,7432446895506376771,5627115845283154096,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5020 /prefetch:1
  2⤵
  PID:3968
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1924,7432446895506376771,5627115845283154096,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3576 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2180
- C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1924,7432446895506376771,5627115845283154096,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5808 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3684
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,7432446895506376771,5627115845283154096,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5584 /prefetch:1
  2⤵
  PID:4228
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,7432446895506376771,5627115845283154096,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5552 /prefetch:1
  2⤵
  PID:2316
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,7432446895506376771,5627115845283154096,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5432 /prefetch:1
  2⤵
  PID:3188
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,7432446895506376771,5627115845283154096,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4900 /prefetch:1
  2⤵
  PID:3824
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,7432446895506376771,5627115845283154096,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4216 /prefetch:1
  2⤵
  PID:2184
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,7432446895506376771,5627115845283154096,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5908 /prefetch:1
  2⤵
  PID:2300
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,7432446895506376771,5627115845283154096,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5840 /prefetch:1
  2⤵
  PID:2248
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,7432446895506376771,5627115845283154096,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6032 /prefetch:1
  2⤵
  PID:452
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,7432446895506376771,5627115845283154096,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5948 /prefetch:1
  2⤵
  PID:1268
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,7432446895506376771,5627115845283154096,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5036 /prefetch:1
  2⤵
  PID:560
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,7432446895506376771,5627115845283154096,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6540 /prefetch:1
  2⤵
  PID:1688
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=1924,7432446895506376771,5627115845283154096,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=6300 /prefetch:8
  2⤵
  PID:4944
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=1924,7432446895506376771,5627115845283154096,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=6416 /prefetch:8
  2⤵
  PID:2852
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=1924,7432446895506376771,5627115845283154096,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6036 /prefetch:8
  2⤵
  - Subvert Trust Controls: Mark-of-the-Web Bypass
  - NTFS ADS
  - Suspicious behavior: EnumeratesProcesses
  PID:4284
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=1924,7432446895506376771,5627115845283154096,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=6496 /prefetch:8
  2⤵
  PID:1096
- C:\Users\Admin\Downloads\NJRat.exe
  "C:\Users\Admin\Downloads\NJRat.exe"
  2⤵
  - Drops startup file
  - Executes dropped EXE
  - Adds Run key to start application
  - System Location Discovery: System Language Discovery
  - Suspicious behavior: EnumeratesProcesses
  - Suspicious behavior: GetForegroundWindowSpam
  - Suspicious use of AdjustPrivilegeToken
  PID:3872
- - C:\Windows\SysWOW64\netsh.exe
    netsh firewall add allowedprogram "C:\Users\Admin\Downloads\NJRat.exe" "NJRat.exe" ENABLE
    3⤵
    - Modifies Windows Firewall
    - Event Triggered Execution: Netsh Helper DLL
    - System Location Discovery: System Language Discovery
    PID:456
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,7432446895506376771,5627115845283154096,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6940 /prefetch:1
  2⤵
  PID:3864
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,7432446895506376771,5627115845283154096,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5592 /prefetch:1
  2⤵
  PID:2804
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=1924,7432446895506376771,5627115845283154096,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5376 /prefetch:8
  2⤵
  PID:3528
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=1924,7432446895506376771,5627115845283154096,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1152 /prefetch:8
  2⤵
  - Subvert Trust Controls: Mark-of-the-Web Bypass
  - NTFS ADS
  PID:1072
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=1924,7432446895506376771,5627115845283154096,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1624 /prefetch:8
  2⤵
  - Subvert Trust Controls: Mark-of-the-Web Bypass
  - NTFS ADS
  PID:1356
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=1924,7432446895506376771,5627115845283154096,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=7340 /prefetch:8
  2⤵
  - Subvert Trust Controls: Mark-of-the-Web Bypass
  - NTFS ADS
  PID:236
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=1924,7432446895506376771,5627115845283154096,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=2608 /prefetch:8
  2⤵
  PID:760
- C:\Users\Admin\Downloads\NJRat (8).exe
  "C:\Users\Admin\Downloads\NJRat (8).exe"
  2⤵
  - Executes dropped EXE
  - System Location Discovery: System Language Discovery
  - Suspicious use of AdjustPrivilegeToken
  PID:2068
- C:\Users\Admin\Downloads\NJRat (9).exe
  "C:\Users\Admin\Downloads\NJRat (9).exe"
  2⤵
  - Executes dropped EXE
  - System Location Discovery: System Language Discovery
  - Suspicious use of AdjustPrivilegeToken
  PID:396
- C:\Users\Admin\Downloads\CrimsonRAT.exe
  "C:\Users\Admin\Downloads\CrimsonRAT.exe"
  2⤵
  - Executes dropped EXE
  PID:3900
- - C:\ProgramData\Hdlharas\dlrarhsiva.exe
    "C:\ProgramData\Hdlharas\dlrarhsiva.exe"
    3⤵
    - Executes dropped EXE
    PID:3112
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,7432446895506376771,5627115845283154096,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7036 /prefetch:1
  2⤵
  PID:3128
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,7432446895506376771,5627115845283154096,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6944 /prefetch:1
  2⤵
  PID:4024
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,7432446895506376771,5627115845283154096,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7092 /prefetch:1
  2⤵
  PID:3308
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,7432446895506376771,5627115845283154096,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6788 /prefetch:1
  2⤵
  PID:2088
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,7432446895506376771,5627115845283154096,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5056 /prefetch:1
  2⤵
  PID:556
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,7432446895506376771,5627115845283154096,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=46 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6772 /prefetch:1
  2⤵
  PID:2916
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1924,7432446895506376771,5627115845283154096,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --gpu-preferences=SAAAAAAAAADoAAAwAAAAAAAAAAAAAAAAAABgAAAQAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=4896 /prefetch:2
  2⤵
  PID:3844
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,7432446895506376771,5627115845283154096,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=49 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6952 /prefetch:1
  2⤵
  PID:3356
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=1924,7432446895506376771,5627115845283154096,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=7508 /prefetch:8
  2⤵
  PID:4672
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=1924,7432446895506376771,5627115845283154096,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5848 /prefetch:8
  2⤵
  - Subvert Trust Controls: Mark-of-the-Web Bypass
  - NTFS ADS
  PID:4032
- C:\Users\Admin\Downloads\CoronaVirus.exe
  "C:\Users\Admin\Downloads\CoronaVirus.exe"
  2⤵
  - Drops startup file
  - Executes dropped EXE
  - Adds Run key to start application
  - Drops desktop.ini file(s)
  - Drops file in System32 directory
  - Drops file in Program Files directory
  - System Location Discovery: System Language Discovery
  PID:1624
- - C:\Windows\system32\cmd.exe
    "C:\Windows\system32\cmd.exe"
    3⤵
    PID:4608
  - - C:\Windows\system32\mode.com
      mode con cp select=1251
      4⤵
      PID:36528
  - - C:\Windows\system32\vssadmin.exe
      vssadmin delete shadows /all /quiet
      4⤵
      Interacts with shadow copies
      PID:36824
- - C:\Windows\system32\cmd.exe
    "C:\Windows\system32\cmd.exe"
    3⤵
    PID:36468
  - - C:\Windows\system32\mode.com
      mode con cp select=1251
      4⤵
      PID:36772
  - - C:\Windows\system32\vssadmin.exe
      vssadmin delete shadows /all /quiet
      4⤵
      Interacts with shadow copies
      PID:47996
- - C:\Windows\System32\mshta.exe
    "C:\Windows\System32\mshta.exe" "C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Info.hta"
    3⤵
    PID:36536
- - C:\Windows\System32\mshta.exe
    "C:\Windows\System32\mshta.exe" "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Info.hta"
    3⤵
    PID:36632
- C:\Users\Admin\Downloads\CoronaVirus.exe
  "C:\Users\Admin\Downloads\CoronaVirus.exe"
  2⤵
  - Executes dropped EXE
  - System Location Discovery: System Language Discovery
  PID:2788
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,7432446895506376771,5627115845283154096,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=53 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7160 /prefetch:1
  2⤵
  PID:26780
- C:\Users\Admin\Downloads\NJRat (8).exe
  "C:\Users\Admin\Downloads\NJRat (8).exe"
  2⤵
  - Executes dropped EXE
  - System Location Discovery: System Language Discovery
  - Suspicious use of AdjustPrivilegeToken
  PID:65964
- C:\Users\Admin\Downloads\NJRat (9).exe
  "C:\Users\Admin\Downloads\NJRat (9).exe"
  2⤵
  - Executes dropped EXE
  - System Location Discovery: System Language Discovery
  - Suspicious use of AdjustPrivilegeToken
  PID:66464
- C:\Users\Admin\Downloads\NJRat.exe
  "C:\Users\Admin\Downloads\NJRat.exe"
  2⤵
  - Executes dropped EXE
  - System Location Discovery: System Language Discovery
  - Suspicious use of AdjustPrivilegeToken
  PID:66472
- C:\Users\Admin\Downloads\CrimsonRAT.exe
  "C:\Users\Admin\Downloads\CrimsonRAT.exe"
  2⤵
  - Executes dropped EXE
  PID:73268
- - C:\ProgramData\Hdlharas\dlrarhsiva.exe
    "C:\ProgramData\Hdlharas\dlrarhsiva.exe"
    3⤵
    - Executes dropped EXE
    PID:36544
- C:\Users\Admin\Downloads\CoronaVirus.exe
  "C:\Users\Admin\Downloads\CoronaVirus.exe"
  2⤵
  - Executes dropped EXE
  - System Location Discovery: System Language Discovery
  PID:37232
- C:\Users\Admin\Downloads\CoronaVirus.exe
  "C:\Users\Admin\Downloads\CoronaVirus.exe"
  2⤵
  - Executes dropped EXE
  - System Location Discovery: System Language Discovery
  PID:37400
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,7432446895506376771,5627115845283154096,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=56 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5320 /prefetch:1
  2⤵
  - Executes dropped EXE
  - Loads dropped DLL
  PID:37748
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,7432446895506376771,5627115845283154096,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=57 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6236 /prefetch:1
  2⤵
  - Executes dropped EXE
  - Loads dropped DLL
  PID:63148
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=1924,7432446895506376771,5627115845283154096,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=7172 /prefetch:8
  2⤵
  - Executes dropped EXE
  - Loads dropped DLL
  PID:37912
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,7432446895506376771,5627115845283154096,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=60 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1576 /prefetch:1
  2⤵
  - Executes dropped EXE
  - Loads dropped DLL
  PID:38068
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=1924,7432446895506376771,5627115845283154096,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=7640 /prefetch:8
  2⤵
  - Executes dropped EXE
  - Loads dropped DLL
  PID:38164
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=1924,7432446895506376771,5627115845283154096,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=7600 /prefetch:8
  2⤵
  - Executes dropped EXE
  - Loads dropped DLL
  - Subvert Trust Controls: Mark-of-the-Web Bypass
  - NTFS ADS
  PID:38236
- C:\Users\Admin\Downloads\WannaCry.exe
  "C:\Users\Admin\Downloads\WannaCry.exe"
  2⤵
  - Drops startup file
  - Executes dropped EXE
  - Adds Run key to start application
  - System Location Discovery: System Language Discovery
  PID:38432
- - C:\Windows\SysWOW64\cmd.exe
    C:\Windows\system32\cmd.exe /c 65111735125988.bat
    3⤵
    - System Location Discovery: System Language Discovery
    PID:38520
  - - C:\Windows\SysWOW64\cscript.exe
      cscript //nologo c.vbs
      4⤵
      System Location Discovery: System Language Discovery
      PID:38572
- - C:\Users\Admin\Downloads\!WannaDecryptor!.exe
    !WannaDecryptor!.exe f
    3⤵
    - Executes dropped EXE
    - System Location Discovery: System Language Discovery
    - Suspicious use of SetWindowsHookEx
    PID:38724
- - C:\Windows\SysWOW64\taskkill.exe
    taskkill /f /im MSExchange*
    3⤵
    - System Location Discovery: System Language Discovery
    - Kills process with taskkill
    - Suspicious use of AdjustPrivilegeToken
    PID:38732
- - C:\Windows\SysWOW64\taskkill.exe
    taskkill /f /im Microsoft.Exchange.*
    3⤵
    - System Location Discovery: System Language Discovery
    - Kills process with taskkill
    - Suspicious use of AdjustPrivilegeToken
    PID:38740
- - C:\Windows\SysWOW64\taskkill.exe
    taskkill /f /im sqlserver.exe
    3⤵
    - System Location Discovery: System Language Discovery
    - Kills process with taskkill
    - Suspicious use of AdjustPrivilegeToken
    PID:38748
- - C:\Windows\SysWOW64\taskkill.exe
    taskkill /f /im sqlwriter.exe
    3⤵
    - System Location Discovery: System Language Discovery
    - Kills process with taskkill
    - Suspicious use of AdjustPrivilegeToken
    PID:38756
- - C:\Users\Admin\Downloads\!WannaDecryptor!.exe
    !WannaDecryptor!.exe c
    3⤵
    - Executes dropped EXE
    - System Location Discovery: System Language Discovery
    - Suspicious use of SetWindowsHookEx
    PID:40112
- - C:\Windows\SysWOW64\cmd.exe
    cmd.exe /c start /b !WannaDecryptor!.exe v
    3⤵
    - System Location Discovery: System Language Discovery
    PID:40120
  - - C:\Users\Admin\Downloads\!WannaDecryptor!.exe
      !WannaDecryptor!.exe v
      4⤵
      Executes dropped EXE
      System Location Discovery: System Language Discovery
      Suspicious use of SetWindowsHookEx
      PID:40168
    - - C:\Windows\SysWOW64\cmd.exe
        
        cmd.exe /c vssadmin delete shadows /all /quiet & wmic shadowcopy delete & bcdedit /set {default} bootstatuspolicy ignoreallfailures & bcdedit /set {default} recoveryenabled no & wbadmin delete catalog -quiet
        5⤵
        System Location Discovery: System Language Discovery
        
        PID:40480
      - C:\Windows\SysWOW64\Wbem\WMIC.exe
        
        wmic shadowcopy delete
        6⤵
        System Location Discovery: System Language Discovery
        Suspicious use of AdjustPrivilegeToken
        
        PID:40552
- - C:\Users\Admin\Downloads\!WannaDecryptor!.exe
    !WannaDecryptor!.exe
    3⤵
    - Executes dropped EXE
    - Sets desktop wallpaper using registry
    - System Location Discovery: System Language Discovery
    - Suspicious use of SetWindowsHookEx
    PID:40320
- C:\Users\Admin\Downloads\WannaCry.exe
  "C:\Users\Admin\Downloads\WannaCry.exe"
  2⤵
  - Executes dropped EXE
  - System Location Discovery: System Language Discovery
  PID:40224
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,7432446895506376771,5627115845283154096,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=64 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5932 /prefetch:1
  2⤵
  - Executes dropped EXE
  - Loads dropped DLL
  PID:40444
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,7432446895506376771,5627115845283154096,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=66 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6688 /prefetch:1
  2⤵
  - Executes dropped EXE
  - Loads dropped DLL
  PID:40736
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=1924,7432446895506376771,5627115845283154096,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=6604 /prefetch:8
  2⤵
  - Executes dropped EXE
  - Loads dropped DLL
  PID:40780
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=1924,7432446895506376771,5627115845283154096,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=7316 /prefetch:8
  2⤵
  - Executes dropped EXE
  - Loads dropped DLL
  - Subvert Trust Controls: Mark-of-the-Web Bypass
  - NTFS ADS
  PID:40980
- C:\Users\Admin\Downloads\MrsMajor3.0.exe
  "C:\Users\Admin\Downloads\MrsMajor3.0.exe"
  2⤵
  - Executes dropped EXE
  - Suspicious use of SetWindowsHookEx
  PID:41076
- - C:\Windows\system32\wscript.exe
    "C:\Windows\system32\wscript.exe" C:\Users\Admin\AppData\Local\Temp\F317.tmp\F318.tmp\F319.vbs //Nologo
    3⤵
    - UAC bypass
    - System policy modification
    PID:41148
  - - C:\Users\Admin\AppData\Local\Temp\F317.tmp\eulascr.exe
      "C:\Users\Admin\AppData\Local\Temp\F317.tmp\eulascr.exe"
      4⤵
      Executes dropped EXE
      Loads dropped DLL
      PID:41200
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,7432446895506376771,5627115845283154096,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=70 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5592 /prefetch:1
  2⤵
  - Executes dropped EXE
  - Loads dropped DLL
  PID:42028
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=1924,7432446895506376771,5627115845283154096,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=7180 /prefetch:8
  2⤵
  - Executes dropped EXE
  - Loads dropped DLL
  PID:41960
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=1924,7432446895506376771,5627115845283154096,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=7480 /prefetch:8
  2⤵
  - Executes dropped EXE
  - Loads dropped DLL
  - Subvert Trust Controls: Mark-of-the-Web Bypass
  - NTFS ADS
  PID:42648
- C:\Users\Admin\Downloads\ArcticBomb.exe
  "C:\Users\Admin\Downloads\ArcticBomb.exe"
  2⤵
  - Executes dropped EXE
  - System Location Discovery: System Language Discovery
  PID:42592
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,7432446895506376771,5627115845283154096,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=74 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6428 /prefetch:1
  2⤵
  - Executes dropped EXE
  - Loads dropped DLL
  PID:41672
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=1924,7432446895506376771,5627115845283154096,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=7568 /prefetch:8
  2⤵
  - Executes dropped EXE
  - Loads dropped DLL
  PID:41660
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=1924,7432446895506376771,5627115845283154096,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=2608 /prefetch:8
  2⤵
  - Executes dropped EXE
  - Loads dropped DLL
  PID:42768
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=1924,7432446895506376771,5627115845283154096,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6948 /prefetch:8
  2⤵
  - Executes dropped EXE
  - Loads dropped DLL
  - Subvert Trust Controls: Mark-of-the-Web Bypass
  - NTFS ADS
  PID:42480
- C:\Users\Admin\Downloads\MEMZ (1).exe
  "C:\Users\Admin\Downloads\MEMZ (1).exe"
  2⤵
  - Executes dropped EXE
  - System Location Discovery: System Language Discovery
  - Suspicious use of SetWindowsHookEx
  PID:42368
- - C:\Users\Admin\Downloads\MEMZ (1).exe
    "C:\Users\Admin\Downloads\MEMZ (1).exe" /watchdog
    3⤵
    - Executes dropped EXE
    - System Location Discovery: System Language Discovery
    - Suspicious use of SetWindowsHookEx
    PID:42244
- - C:\Users\Admin\Downloads\MEMZ (1).exe
    "C:\Users\Admin\Downloads\MEMZ (1).exe" /watchdog
    3⤵
    - Executes dropped EXE
    - System Location Discovery: System Language Discovery
    - Suspicious use of SetWindowsHookEx
    PID:42192
- - C:\Users\Admin\Downloads\MEMZ (1).exe
    "C:\Users\Admin\Downloads\MEMZ (1).exe" /watchdog
    3⤵
    - Executes dropped EXE
    - System Location Discovery: System Language Discovery
    - Suspicious use of SetWindowsHookEx
    PID:42816
- - C:\Users\Admin\Downloads\MEMZ (1).exe
    "C:\Users\Admin\Downloads\MEMZ (1).exe" /watchdog
    3⤵
    - Executes dropped EXE
    - System Location Discovery: System Language Discovery
    - Suspicious use of SetWindowsHookEx
    PID:42836
- - C:\Users\Admin\Downloads\MEMZ (1).exe
    "C:\Users\Admin\Downloads\MEMZ (1).exe" /watchdog
    3⤵
    - Executes dropped EXE
    - System Location Discovery: System Language Discovery
    - Suspicious use of SetWindowsHookEx
    PID:42860
- - C:\Users\Admin\Downloads\MEMZ (1).exe
    "C:\Users\Admin\Downloads\MEMZ (1).exe" /main
    3⤵
    - Executes dropped EXE
    - Writes to the Master Boot Record (MBR)
    - System Location Discovery: System Language Discovery
    - Suspicious use of SetWindowsHookEx
    PID:42876
  - - C:\Windows\SysWOW64\notepad.exe
      "C:\Windows\System32\notepad.exe" \note.txt
      4⤵
      PID:42968

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2752

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:5024

C:\Windows\system32\vssvc.exe
C:\Windows\system32\vssvc.exe
1⤵
- Suspicious use of AdjustPrivilegeToken
PID:36896

C:\Windows\system32\werfault.exe
werfault.exe /h /shared Global\72a1919c9bdc4359b869a2f129ca6559 /t 36636 /p 36632
1⤵
PID:37128

C:\Windows\system32\werfault.exe
werfault.exe /h /shared Global\09e14c2401524f1c8bf590437d6d8034 /t 36540 /p 36536
1⤵
PID:37260

C:\Windows\system32\NOTEPAD.EXE
"C:\Windows\system32\NOTEPAD.EXE" C:\Users\Admin\Desktop\FILES ENCRYPTED.txt
1⤵
PID:37488

Network

DNS

google.com

msedge.exe

Remote address:

8.8.8.8:53

Request

google.com

IN A

Response

google.com

IN A

216.58.214.174
DNS

google.com

msedge.exe

Remote address:

8.8.8.8:53

Request

google.com

IN A

Response

google.com

IN A

216.58.214.174
DNS

71.159.190.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

71.159.190.20.in-addr.arpa

IN PTR

Response
DNS

www.bing.com

Remote address:

8.8.8.8:53

Request

www.bing.com

IN A

Response

www.bing.com

IN CNAME

www-www.bing.com.trafficmanager.net

www-www.bing.com.trafficmanager.net

IN CNAME

www.bing.com.edgekey.net

www.bing.com.edgekey.net

IN CNAME

e86303.dscx.akamaiedge.net

e86303.dscx.akamaiedge.net

IN A

95.100.195.138

e86303.dscx.akamaiedge.net

IN A

95.100.195.140

e86303.dscx.akamaiedge.net

IN A

95.100.195.134

e86303.dscx.akamaiedge.net

IN A

95.100.195.139

e86303.dscx.akamaiedge.net

IN A

95.100.195.133

e86303.dscx.akamaiedge.net

IN A

95.100.195.137

e86303.dscx.akamaiedge.net

IN A

95.100.195.148

e86303.dscx.akamaiedge.net

IN A

95.100.195.145

e86303.dscx.akamaiedge.net

IN A

95.100.195.146
DNS

189.195.100.95.in-addr.arpa

Remote address:

8.8.8.8:53

Request

189.195.100.95.in-addr.arpa

IN PTR

Response

189.195.100.95.in-addr.arpa

IN PTR

a95-100-195-189deploystaticakamaitechnologiescom
DNS

134.252.19.2.in-addr.arpa

Remote address:

8.8.8.8:53

Request

134.252.19.2.in-addr.arpa

IN PTR

Response

134.252.19.2.in-addr.arpa

IN PTR

a2-19-252-134deploystaticakamaitechnologiescom
DNS

login.live.com

Remote address:

8.8.8.8:53

Request

login.live.com

IN A

Response

login.live.com

IN CNAME

login.msa.msidentity.com

login.msa.msidentity.com

IN CNAME

www.tm.lg.prod.aadmsa.trafficmanager.net

www.tm.lg.prod.aadmsa.trafficmanager.net

IN CNAME

prdv4a.aadg.msidentity.com

prdv4a.aadg.msidentity.com

IN CNAME

www.tm.v4.a.prd.aadg.trafficmanager.net

www.tm.v4.a.prd.aadg.trafficmanager.net

IN A

20.190.159.71

www.tm.v4.a.prd.aadg.trafficmanager.net

IN A

40.126.31.67

www.tm.v4.a.prd.aadg.trafficmanager.net

IN A

20.190.159.2

www.tm.v4.a.prd.aadg.trafficmanager.net

IN A

20.190.159.4

www.tm.v4.a.prd.aadg.trafficmanager.net

IN A

40.126.31.73

www.tm.v4.a.prd.aadg.trafficmanager.net

IN A

40.126.31.69

www.tm.v4.a.prd.aadg.trafficmanager.net

IN A

20.190.159.0

www.tm.v4.a.prd.aadg.trafficmanager.net

IN A

20.190.159.75
DNS

github.com

Remote address:

8.8.8.8:53

Request

github.com

IN A

Response

github.com

IN A

20.26.156.215
DNS

github.githubassets.com

Remote address:

8.8.8.8:53

Request

github.githubassets.com

IN A

Response

github.githubassets.com

IN A

185.199.109.154

github.githubassets.com

IN A

185.199.111.154

github.githubassets.com

IN A

185.199.110.154

github.githubassets.com

IN A

185.199.108.154
DNS

github-cloud.s3.amazonaws.com

Remote address:

8.8.8.8:53

Request

github-cloud.s3.amazonaws.com

IN A

Response

github-cloud.s3.amazonaws.com

IN CNAME

s3-1-w.amazonaws.com

s3-1-w.amazonaws.com

IN CNAME

s3-w.us-east-1.amazonaws.com

s3-w.us-east-1.amazonaws.com

IN A

52.216.218.73

s3-w.us-east-1.amazonaws.com

IN A

3.5.29.209

s3-w.us-east-1.amazonaws.com

IN A

16.182.106.9

s3-w.us-east-1.amazonaws.com

IN A

54.231.236.209

s3-w.us-east-1.amazonaws.com

IN A

52.217.137.145

s3-w.us-east-1.amazonaws.com

IN A

52.217.135.129

s3-w.us-east-1.amazonaws.com

IN A

16.15.192.156

s3-w.us-east-1.amazonaws.com

IN A

52.216.212.233
DNS

133.111.199.185.in-addr.arpa

Remote address:

8.8.8.8:53

Request

133.111.199.185.in-addr.arpa

IN PTR

Response

133.111.199.185.in-addr.arpa

IN PTR

cdn-185-199-111-133githubcom
DNS

210.156.26.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

210.156.26.20.in-addr.arpa

IN PTR

Response
DNS

133.108.199.185.in-addr.arpa

Remote address:

8.8.8.8:53

Request

133.108.199.185.in-addr.arpa

IN PTR

Response

133.108.199.185.in-addr.arpa

IN PTR

cdn-185-199-108-133githubcom
DNS

startitit2-23969.portmap.host

Remote address:

8.8.8.8:53

Request

startitit2-23969.portmap.host

IN A

Response
DNS

www.bing.com

Remote address:

8.8.8.8:53

Request

www.bing.com

IN A

Response

www.bing.com

IN CNAME

www-www.bing.com.trafficmanager.net

www-www.bing.com.trafficmanager.net

IN CNAME

www.bing.com.edgekey.net

www.bing.com.edgekey.net

IN CNAME

e86303.dscx.akamaiedge.net

e86303.dscx.akamaiedge.net

IN A

95.100.195.154

e86303.dscx.akamaiedge.net

IN A

95.100.195.145

e86303.dscx.akamaiedge.net

IN A

95.100.195.151

e86303.dscx.akamaiedge.net

IN A

95.100.195.152

e86303.dscx.akamaiedge.net

IN A

95.100.195.159

e86303.dscx.akamaiedge.net

IN A

95.100.195.144

e86303.dscx.akamaiedge.net

IN A

95.100.195.142

e86303.dscx.akamaiedge.net

IN A

95.100.195.149

e86303.dscx.akamaiedge.net

IN A

95.100.195.146
DNS

r.bing.com

Remote address:

8.8.8.8:53

Request

r.bing.com

IN A

Response

r.bing.com

IN CNAME

p-static.bing.trafficmanager.net

p-static.bing.trafficmanager.net

IN CNAME

r.bing.com.edgekey.net

r.bing.com.edgekey.net

IN CNAME

e86303.dscx.akamaiedge.net

e86303.dscx.akamaiedge.net

IN A

95.100.195.187

e86303.dscx.akamaiedge.net

IN A

95.100.195.179

e86303.dscx.akamaiedge.net

IN A

95.100.195.185

e86303.dscx.akamaiedge.net

IN A

95.100.195.189

e86303.dscx.akamaiedge.net

IN A

95.100.195.175

e86303.dscx.akamaiedge.net

IN A

95.100.195.180

e86303.dscx.akamaiedge.net

IN A

95.100.195.186

e86303.dscx.akamaiedge.net

IN A

95.100.195.188

e86303.dscx.akamaiedge.net

IN A

95.100.195.176
DNS

164.195.100.95.in-addr.arpa

Remote address:

8.8.8.8:53

Request

164.195.100.95.in-addr.arpa

IN PTR

Response

164.195.100.95.in-addr.arpa

IN PTR

a95-100-195-164deploystaticakamaitechnologiescom
DNS

97.195.144.58.in-addr.arpa

Remote address:

8.8.8.8:53

Request

97.195.144.58.in-addr.arpa

IN PTR

Response
DNS

startitit2-23969.portmap.host

Remote address:

8.8.8.8:53

Request

startitit2-23969.portmap.host

IN A

Response
DNS

124.161.136.185.in-addr.arpa

Remote address:

8.8.8.8:53

Request

124.161.136.185.in-addr.arpa

IN PTR

Response
DNS

startitit2-23969.portmap.host

Remote address:

8.8.8.8:53

Request

startitit2-23969.portmap.host

IN A

Response
DNS

startitit2-23969.portmap.host

Remote address:

8.8.8.8:53

Request

startitit2-23969.portmap.host

IN A

Response
DNS

startitit2-23969.portmap.host

Remote address:

8.8.8.8:53

Request

startitit2-23969.portmap.host

IN A

Response
DNS

collector.github.com

Remote address:

8.8.8.8:53

Request

collector.github.com

IN A

Response

collector.github.com

IN CNAME

glb-db52c2cf8be544.github.com

glb-db52c2cf8be544.github.com

IN A

140.82.112.21
DNS

21.112.82.140.in-addr.arpa

Remote address:

8.8.8.8:53

Request

21.112.82.140.in-addr.arpa

IN PTR

Response

21.112.82.140.in-addr.arpa

IN PTR

lb-140-82-112-21-iadgithubcom
DNS

startitit2-23969.portmap.host

Remote address:

8.8.8.8:53

Request

startitit2-23969.portmap.host

IN A

Response
DNS

startitit2-23969.portmap.host

Remote address:

8.8.8.8:53

Request

startitit2-23969.portmap.host

IN A

Response
DNS

146.252.19.2.in-addr.arpa

Remote address:

8.8.8.8:53

Request

146.252.19.2.in-addr.arpa

IN PTR

Response

146.252.19.2.in-addr.arpa

IN PTR

a2-19-252-146deploystaticakamaitechnologiescom
DNS

startitit2-23969.portmap.host

Remote address:

8.8.8.8:53

Request

startitit2-23969.portmap.host

IN A

Response
DNS

startitit2-23969.portmap.host

Remote address:

8.8.8.8:53

Request

startitit2-23969.portmap.host

IN A

Response
DNS

api.github.com

Remote address:

8.8.8.8:53

Request

api.github.com

IN A

Response

api.github.com

IN A

20.26.156.210
DNS

github.com

Remote address:

8.8.8.8:53

Request

github.com

IN A

Response

github.com

IN A

20.26.156.215
DNS

startitit2-23969.portmap.host

Remote address:

8.8.8.8:53

Request

startitit2-23969.portmap.host

IN A

Response
DNS

startitit2-23969.portmap.host

Remote address:

8.8.8.8:53

Request

startitit2-23969.portmap.host

IN A

Response
DNS

startitit2-23969.portmap.host

Remote address:

8.8.8.8:53

Request

startitit2-23969.portmap.host

IN A

Response
DNS

startitit2-23969.portmap.host

Remote address:

8.8.8.8:53

Request

startitit2-23969.portmap.host

IN A

Response
DNS

startitit2-23969.portmap.host

Remote address:

8.8.8.8:53

Request

startitit2-23969.portmap.host

IN A

Response
DNS

startitit2-23969.portmap.host

Remote address:

8.8.8.8:53

Request

startitit2-23969.portmap.host

IN A

Response
DNS

9.173.189.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

9.173.189.20.in-addr.arpa

IN PTR

Response
DNS

drive.google.com

Remote address:

8.8.8.8:53

Request

drive.google.com

IN A

Response

drive.google.com

IN A

142.250.75.238
DNS

drive.google.com

Remote address:

8.8.8.8:53

Request

drive.google.com

IN A

Response

drive.google.com

IN A

142.250.75.238
DNS

83.210.23.2.in-addr.arpa

Remote address:

8.8.8.8:53

Request

83.210.23.2.in-addr.arpa

IN PTR

Response

83.210.23.2.in-addr.arpa

IN PTR

a2-23-210-83deploystaticakamaitechnologiescom
DNS

148.195.100.95.in-addr.arpa

Remote address:

8.8.8.8:53

Request

148.195.100.95.in-addr.arpa

IN PTR

Response

148.195.100.95.in-addr.arpa

IN PTR

a95-100-195-148deploystaticakamaitechnologiescom
DNS

th.bing.com

Remote address:

8.8.8.8:53

Request

th.bing.com

IN A

Response

th.bing.com

IN CNAME

p-th.bing.com.trafficmanager.net

p-th.bing.com.trafficmanager.net

IN CNAME

th.bing.com.edgekey.net

th.bing.com.edgekey.net

IN CNAME

e86303.dscx.akamaiedge.net

e86303.dscx.akamaiedge.net

IN A

95.100.195.175

e86303.dscx.akamaiedge.net

IN A

95.100.195.187

e86303.dscx.akamaiedge.net

IN A

95.100.195.171

e86303.dscx.akamaiedge.net

IN A

95.100.195.186

e86303.dscx.akamaiedge.net

IN A

95.100.195.181

e86303.dscx.akamaiedge.net

IN A

95.100.195.177

e86303.dscx.akamaiedge.net

IN A

95.100.195.183

e86303.dscx.akamaiedge.net

IN A

95.100.195.179

e86303.dscx.akamaiedge.net

IN A

95.100.195.172
DNS

175.195.100.95.in-addr.arpa

Remote address:

8.8.8.8:53

Request

175.195.100.95.in-addr.arpa

IN PTR

Response

175.195.100.95.in-addr.arpa

IN PTR

a95-100-195-175deploystaticakamaitechnologiescom
DNS

login.microsoftonline.com

Remote address:

8.8.8.8:53

Request

login.microsoftonline.com

IN A

Response

login.microsoftonline.com

IN CNAME

login.mso.msidentity.com

login.mso.msidentity.com

IN CNAME

ak.privatelink.msidentity.com

ak.privatelink.msidentity.com

IN CNAME

www.tm.ak.prd.aadg.trafficmanager.net

www.tm.ak.prd.aadg.trafficmanager.net

IN A

20.190.159.68

www.tm.ak.prd.aadg.trafficmanager.net

IN A

20.190.159.2

www.tm.ak.prd.aadg.trafficmanager.net

IN A

40.126.31.67

www.tm.ak.prd.aadg.trafficmanager.net

IN A

40.126.31.71

www.tm.ak.prd.aadg.trafficmanager.net

IN A

20.190.159.73

www.tm.ak.prd.aadg.trafficmanager.net

IN A

20.190.159.71

www.tm.ak.prd.aadg.trafficmanager.net

IN A

20.190.159.75

www.tm.ak.prd.aadg.trafficmanager.net

IN A

40.126.31.69
DNS

www2.bing.com

Remote address:

8.8.8.8:53

Request

www2.bing.com

IN A

Response

www2.bing.com

IN CNAME

www2-www2.bing.com.trafficmanager.net

www2-www2.bing.com.trafficmanager.net

IN CNAME

www-bing-com.dual-a-0034.a-msedge.net

www-bing-com.dual-a-0034.a-msedge.net

IN CNAME

dual-a-0034.a-msedge.net

dual-a-0034.a-msedge.net

IN A

204.79.197.237

dual-a-0034.a-msedge.net

IN A

13.107.21.237
DNS

ctldl.windowsupdate.com

Remote address:

8.8.8.8:53

Request

ctldl.windowsupdate.com

IN A

Response

ctldl.windowsupdate.com

IN CNAME

ctldl.windowsupdate.com.delivery.microsoft.com

ctldl.windowsupdate.com.delivery.microsoft.com

IN CNAME

wu-b-net.trafficmanager.net

wu-b-net.trafficmanager.net

IN CNAME

download.windowsupdate.com.edgesuite.net

download.windowsupdate.com.edgesuite.net

IN CNAME

a767.dspw65.akamai.net

a767.dspw65.akamai.net

IN A

2.23.210.83

a767.dspw65.akamai.net

IN A

2.23.210.88
DNS

user-images.githubusercontent.com

Remote address:

8.8.8.8:53

Request

user-images.githubusercontent.com

IN A

Response

user-images.githubusercontent.com

IN A

185.199.110.133

user-images.githubusercontent.com

IN A

185.199.108.133

user-images.githubusercontent.com

IN A

185.199.109.133

user-images.githubusercontent.com

IN A

185.199.111.133
DNS

154.109.199.185.in-addr.arpa

Remote address:

8.8.8.8:53

Request

154.109.199.185.in-addr.arpa

IN PTR

Response

154.109.199.185.in-addr.arpa

IN PTR

cdn-185-199-109-154githubcom
DNS

api.github.com

Remote address:

8.8.8.8:53

Request

api.github.com

IN A

Response

api.github.com

IN A

20.26.156.210
DNS

raw.githubusercontent.com

Remote address:

8.8.8.8:53

Request

raw.githubusercontent.com

IN A

Response

raw.githubusercontent.com

IN A

185.199.108.133

raw.githubusercontent.com

IN A

185.199.109.133

raw.githubusercontent.com

IN A

185.199.110.133

raw.githubusercontent.com

IN A

185.199.111.133
DNS

ctldl.windowsupdate.com

Remote address:

8.8.8.8:53

Request

ctldl.windowsupdate.com

IN A

Response

ctldl.windowsupdate.com

IN CNAME

ctldl.windowsupdate.com.delivery.microsoft.com

ctldl.windowsupdate.com.delivery.microsoft.com

IN CNAME

wu-b-net.trafficmanager.net

wu-b-net.trafficmanager.net

IN CNAME

download.windowsupdate.com.edgesuite.net

download.windowsupdate.com.edgesuite.net

IN CNAME

a767.dspw65.akamai.net

a767.dspw65.akamai.net

IN A

2.23.210.83

a767.dspw65.akamai.net

IN A

2.23.210.88
DNS

startitit2-23969.portmap.host

Remote address:

8.8.8.8:53

Request

startitit2-23969.portmap.host

IN A

Response
DNS

www.bing.com

Remote address:

8.8.8.8:53

Request

www.bing.com

IN A

Response

www.bing.com

IN CNAME

www-www.bing.com.trafficmanager.net

www-www.bing.com.trafficmanager.net

IN CNAME

www.bing.com.edgekey.net

www.bing.com.edgekey.net

IN CNAME

e86303.dscx.akamaiedge.net

e86303.dscx.akamaiedge.net

IN A

95.100.195.144

e86303.dscx.akamaiedge.net

IN A

95.100.195.137

e86303.dscx.akamaiedge.net

IN A

95.100.195.145

e86303.dscx.akamaiedge.net

IN A

95.100.195.194

e86303.dscx.akamaiedge.net

IN A

95.100.195.140

e86303.dscx.akamaiedge.net

IN A

95.100.195.142

e86303.dscx.akamaiedge.net

IN A

95.100.195.193

e86303.dscx.akamaiedge.net

IN A

95.100.195.138

e86303.dscx.akamaiedge.net

IN A

95.100.195.195
DNS

154.195.100.95.in-addr.arpa

Remote address:

8.8.8.8:53

Request

154.195.100.95.in-addr.arpa

IN PTR

Response

154.195.100.95.in-addr.arpa

IN PTR

a95-100-195-154deploystaticakamaitechnologiescom
DNS

startitit2-23969.portmap.host

Remote address:

8.8.8.8:53

Request

startitit2-23969.portmap.host

IN A

Response
DNS

11.227.111.52.in-addr.arpa

Remote address:

8.8.8.8:53

Request

11.227.111.52.in-addr.arpa

IN PTR

Response
DNS

www.bing.com

Remote address:

8.8.8.8:53

Request

www.bing.com

IN A

Response

www.bing.com

IN CNAME

www-www.bing.com.trafficmanager.net

www-www.bing.com.trafficmanager.net

IN CNAME

www.bing.com.edgekey.net

www.bing.com.edgekey.net

IN CNAME

e86303.dscx.akamaiedge.net

e86303.dscx.akamaiedge.net

IN A

95.100.195.138

e86303.dscx.akamaiedge.net

IN A

95.100.195.145

e86303.dscx.akamaiedge.net

IN A

95.100.195.134

e86303.dscx.akamaiedge.net

IN A

95.100.195.139

e86303.dscx.akamaiedge.net

IN A

95.100.195.144

e86303.dscx.akamaiedge.net

IN A

95.100.195.142

e86303.dscx.akamaiedge.net

IN A

95.100.195.133

e86303.dscx.akamaiedge.net

IN A

95.100.195.146

e86303.dscx.akamaiedge.net

IN A

95.100.195.137
DNS

startitit2-23969.portmap.host

Remote address:

8.8.8.8:53

Request

startitit2-23969.portmap.host

IN A

Response
DNS

startitit2-23969.portmap.host

Remote address:

8.8.8.8:53

Request

startitit2-23969.portmap.host

IN A

Response
DNS

startitit2-23969.portmap.host

Remote address:

8.8.8.8:53

Request

startitit2-23969.portmap.host

IN A

Response
DNS

api.github.com

Remote address:

8.8.8.8:53

Request

api.github.com

IN A

Response

api.github.com

IN A

20.26.156.210
DNS

api.github.com

Remote address:

8.8.8.8:53

Request

api.github.com

IN A

Response

api.github.com

IN A

20.26.156.210
DNS

api.github.com

Remote address:

8.8.8.8:53

Request

api.github.com

IN A

Response

api.github.com

IN A

20.26.156.210
GET

https://www.bing.com/qbox?query=d&language=en-US&pt=EdgBox&cvid=fd4aeb802adf4258a6554adfef159159&ig=40fdd4e3ec5f477e8e1d8209a684893e&oit=1&cp=1&pgcl=1

msedge.exe

Remote address:

95.100.195.148:443

Request

GET /qbox?query=d&language=en-US&pt=EdgBox&cvid=fd4aeb802adf4258a6554adfef159159&ig=40fdd4e3ec5f477e8e1d8209a684893e&oit=1&cp=1&pgcl=1 HTTP/1.1
Host: www.bing.com
Connection: keep-alive
Sec-Fetch-Site: none
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
GET

https://www.bing.com/qbox?query=my&language=en-US&pt=EdgBox&cvid=fd4aeb802adf4258a6554adfef159159&ig=5b9ce7cdc0984ff2897829bf0917a2bc&oit=1&cp=2&pgcl=1

msedge.exe

Remote address:

95.100.195.148:443

Request

GET /qbox?query=my&language=en-US&pt=EdgBox&cvid=fd4aeb802adf4258a6554adfef159159&ig=5b9ce7cdc0984ff2897829bf0917a2bc&oit=1&cp=2&pgcl=1 HTTP/1.1
Host: www.bing.com
Connection: keep-alive
Sec-Fetch-Site: none
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
GET

https://www.bing.com/qbox?query=d&language=en-US&pt=EdgBox&cvid=58d22fbb25184c96826e1baa90a0e51c&ig=8ce4dff3d19c45d098a1022b825828bc&oit=1&cp=1&pgcl=4

msedge.exe

Remote address:

95.100.195.148:443

Request

GET /qbox?query=d&language=en-US&pt=EdgBox&cvid=58d22fbb25184c96826e1baa90a0e51c&ig=8ce4dff3d19c45d098a1022b825828bc&oit=1&cp=1&pgcl=4 HTTP/1.1
Host: www.bing.com
Connection: keep-alive
Sec-Fetch-Site: none
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
GET

https://www.bing.com/qbox?query=do&language=en-US&pt=EdgBox&cvid=58d22fbb25184c96826e1baa90a0e51c&ig=e54f3a273b7d4ddf93c8c6b1271b93ef&oit=1&cp=2&pgcl=4

msedge.exe

Remote address:

95.100.195.148:443

Request

GET /qbox?query=do&language=en-US&pt=EdgBox&cvid=58d22fbb25184c96826e1baa90a0e51c&ig=e54f3a273b7d4ddf93c8c6b1271b93ef&oit=1&cp=2&pgcl=4 HTTP/1.1
Host: www.bing.com
Connection: keep-alive
Sec-Fetch-Site: none
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Length: 416
Content-Type: application/json; charset=utf-8
Cache-Control: public, max-age=300
Content-Encoding: br
Vary: Accept-Encoding
X-EventID: 676beaf32b0d4514b5f69260575c2b78
UserAgentReductionOptOut: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
Content-Security-Policy: script-src https: 'strict-dynamic' 'report-sample' 'wasm-unsafe-eval' 'nonce-ahw7qIWZJt2SaHg3rDKfNHdla+bhPPGt5V8rnkOLGlc='; base-uri 'self';report-to csp-endpoint
Report-To: {"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
Date: Wed, 25 Dec 2024 11:22:27 GMT
Connection: keep-alive
Set-Cookie: MUID=30414299F3DA6A8A3D1857F9F2806BCE; domain=.bing.com; expires=Mon, 19-Jan-2026 11:22:27 GMT; path=/; secure; SameSite=None
Set-Cookie: MUIDB=30414299F3DA6A8A3D1857F9F2806BCE; expires=Mon, 19-Jan-2026 11:22:27 GMT; path=/; HttpOnly
Set-Cookie: _EDGE_S=F=1&SID=072F23D3646061AB346D36B3653A60E9; domain=.bing.com; path=/; HttpOnly
Set-Cookie: _EDGE_V=1; domain=.bing.com; expires=Mon, 19-Jan-2026 11:22:27 GMT; path=/; HttpOnly
Set-Cookie: USRLOC=HS=1; domain=.bing.com; expires=Mon, 19-Jan-2026 11:22:27 GMT; path=/; secure; HttpOnly; SameSite=None
Set-Cookie: SRCHD=AF=NOFORM; domain=.bing.com; expires=Mon, 19-Jan-2026 11:22:27 GMT; path=/; secure; SameSite=None
Set-Cookie: SRCHUID=V=2&GUID=E6755840668C49E7AB98FD80AA21F16D&dmnchg=1; domain=.bing.com; expires=Mon, 19-Jan-2026 11:22:27 GMT; path=/; secure; SameSite=None
Set-Cookie: SRCHUSR=DOB=20241225; domain=.bing.com; expires=Mon, 19-Jan-2026 11:22:27 GMT; path=/; secure; SameSite=None
Set-Cookie: SRCHHPGUSR=SRCHLANG=en; domain=.bing.com; expires=Mon, 19-Jan-2026 11:22:27 GMT; path=/; secure; SameSite=None
Set-Cookie: _SS=SID=072F23D3646061AB346D36B3653A60E9; domain=.bing.com; path=/; secure; SameSite=None
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.9cc2645f.1735125747.2f4a80c6
GET

https://www.bing.com/qbox?query=d&language=en-US&pt=EdgBox&cvid=58d22fbb25184c96826e1baa90a0e51c&ig=c891126243364f41bbc733ce2008e4b3&oit=1&cp=1&pgcl=4

msedge.exe

Remote address:

95.100.195.148:443

Request

GET /qbox?query=d&language=en-US&pt=EdgBox&cvid=58d22fbb25184c96826e1baa90a0e51c&ig=c891126243364f41bbc733ce2008e4b3&oit=1&cp=1&pgcl=4 HTTP/1.1
Host: www.bing.com
Connection: keep-alive
Sec-Fetch-Site: none
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Length: 415
Content-Type: application/json; charset=utf-8
Cache-Control: public, max-age=300
Content-Encoding: br
Vary: Accept-Encoding
X-EventID: 676beaf42f254ef2b5607b36f84cb286
UserAgentReductionOptOut: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
Content-Security-Policy: script-src https: 'strict-dynamic' 'report-sample' 'wasm-unsafe-eval' 'nonce-ujFENnqb5IGKSusJ1FmuUao5r/7A3scM+o8W7dTdTWo='; base-uri 'self';report-to csp-endpoint
Report-To: {"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
Date: Wed, 25 Dec 2024 11:22:28 GMT
Connection: keep-alive
Set-Cookie: MUID=022E99B0FD416BD335CD8CD0FC1B6A33; domain=.bing.com; expires=Mon, 19-Jan-2026 11:22:28 GMT; path=/; secure; SameSite=None
Set-Cookie: MUIDB=022E99B0FD416BD335CD8CD0FC1B6A33; expires=Mon, 19-Jan-2026 11:22:28 GMT; path=/; HttpOnly
Set-Cookie: _EDGE_S=F=1&SID=24BC5C78259967AC2DA8491824C366DF; domain=.bing.com; path=/; HttpOnly
Set-Cookie: _EDGE_V=1; domain=.bing.com; expires=Mon, 19-Jan-2026 11:22:28 GMT; path=/; HttpOnly
Set-Cookie: USRLOC=HS=1; domain=.bing.com; expires=Mon, 19-Jan-2026 11:22:28 GMT; path=/; secure; HttpOnly; SameSite=None
Set-Cookie: SRCHD=AF=NOFORM; domain=.bing.com; expires=Mon, 19-Jan-2026 11:22:28 GMT; path=/; secure; SameSite=None
Set-Cookie: SRCHUID=V=2&GUID=21E8B50B6EE84E98B18EB44B3C089A69&dmnchg=1; domain=.bing.com; expires=Mon, 19-Jan-2026 11:22:28 GMT; path=/; secure; SameSite=None
Set-Cookie: SRCHUSR=DOB=20241225; domain=.bing.com; expires=Mon, 19-Jan-2026 11:22:28 GMT; path=/; secure; SameSite=None
Set-Cookie: SRCHHPGUSR=SRCHLANG=en; domain=.bing.com; expires=Mon, 19-Jan-2026 11:22:28 GMT; path=/; secure; SameSite=None
Set-Cookie: _SS=SID=24BC5C78259967AC2DA8491824C366DF; domain=.bing.com; path=/; secure; SameSite=None
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.9cc2645f.1735125748.2f4a8229
GET

https://www.bing.com/qbox?query=m&language=en-US&pt=EdgBox&cvid=58d22fbb25184c96826e1baa90a0e51c&ig=725065b39a404281a2713400234d10d1&oit=1&cp=1&pgcl=4

msedge.exe

Remote address:

95.100.195.148:443

Request

GET /qbox?query=m&language=en-US&pt=EdgBox&cvid=58d22fbb25184c96826e1baa90a0e51c&ig=725065b39a404281a2713400234d10d1&oit=1&cp=1&pgcl=4 HTTP/1.1
Host: www.bing.com
Connection: keep-alive
Sec-Fetch-Site: none
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
GET

https://www.bing.com/qbox?query=my&language=en-US&pt=EdgBox&cvid=58d22fbb25184c96826e1baa90a0e51c&ig=3efb36434b334984b500f399428c9fd6&oit=1&cp=2&pgcl=4

msedge.exe

Remote address:

95.100.195.148:443

Request

GET /qbox?query=my&language=en-US&pt=EdgBox&cvid=58d22fbb25184c96826e1baa90a0e51c&ig=3efb36434b334984b500f399428c9fd6&oit=1&cp=2&pgcl=4 HTTP/1.1
Host: www.bing.com
Connection: keep-alive
Sec-Fetch-Site: none
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
GET

https://www.bing.com/qbox?query=mydo&language=en-US&pt=EdgBox&cvid=58d22fbb25184c96826e1baa90a0e51c&ig=d32eebaff04b48e28c1f29b9c00411f4&oit=1&cp=4&pgcl=4

msedge.exe

Remote address:

95.100.195.148:443

Request

GET /qbox?query=mydo&language=en-US&pt=EdgBox&cvid=58d22fbb25184c96826e1baa90a0e51c&ig=d32eebaff04b48e28c1f29b9c00411f4&oit=1&cp=4&pgcl=4 HTTP/1.1
Host: www.bing.com
Connection: keep-alive
Sec-Fetch-Site: none
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
GET

https://www.bing.com/qbox?query=mydoo&language=en-US&pt=EdgBox&cvid=58d22fbb25184c96826e1baa90a0e51c&ig=4cb4297eba404118881757afd2d196e2&oit=1&cp=5&pgcl=4

msedge.exe

Remote address:

95.100.195.148:443

Request

GET /qbox?query=mydoo&language=en-US&pt=EdgBox&cvid=58d22fbb25184c96826e1baa90a0e51c&ig=4cb4297eba404118881757afd2d196e2&oit=1&cp=5&pgcl=4 HTTP/1.1
Host: www.bing.com
Connection: keep-alive
Sec-Fetch-Site: none
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
GET

https://www.bing.com/qbox?query=mydoom&language=en-US&pt=EdgBox&cvid=58d22fbb25184c96826e1baa90a0e51c&ig=4a52be8e954243899c0c6012a5064e6e&oit=1&cp=6&pgcl=4

msedge.exe

Remote address:

95.100.195.148:443

Request

GET /qbox?query=mydoom&language=en-US&pt=EdgBox&cvid=58d22fbb25184c96826e1baa90a0e51c&ig=4a52be8e954243899c0c6012a5064e6e&oit=1&cp=6&pgcl=4 HTTP/1.1
Host: www.bing.com
Connection: keep-alive
Sec-Fetch-Site: none
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Length: 237
Content-Type: application/json; charset=utf-8
Cache-Control: public, max-age=300
Content-Encoding: br
Vary: Accept-Encoding
X-EventID: 676beaf8c4b9497795b99d20607b10cc
UserAgentReductionOptOut: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
Content-Security-Policy: script-src https: 'strict-dynamic' 'report-sample' 'wasm-unsafe-eval' 'nonce-fwAU58fQa22QMOIpnsgoqMJ+Bdeuj70DjUwT4N9iZhs='; base-uri 'self';report-to csp-endpoint
Report-To: {"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
Date: Wed, 25 Dec 2024 11:22:32 GMT
Connection: keep-alive
Set-Cookie: MUID=24601760AE5B6EF0068B0200AF3A6FB7; domain=.bing.com; expires=Mon, 19-Jan-2026 11:22:32 GMT; path=/; secure; SameSite=None
Set-Cookie: MUIDB=24601760AE5B6EF0068B0200AF3A6FB7; expires=Mon, 19-Jan-2026 11:22:32 GMT; path=/; HttpOnly
Set-Cookie: _EDGE_S=F=1&SID=1CFB1F13442B6E7B014A0A73454A6F3C; domain=.bing.com; path=/; HttpOnly
Set-Cookie: _EDGE_V=1; domain=.bing.com; expires=Mon, 19-Jan-2026 11:22:32 GMT; path=/; HttpOnly
Set-Cookie: USRLOC=HS=1; domain=.bing.com; expires=Mon, 19-Jan-2026 11:22:32 GMT; path=/; secure; HttpOnly; SameSite=None
Set-Cookie: SRCHD=AF=NOFORM; domain=.bing.com; expires=Mon, 19-Jan-2026 11:22:32 GMT; path=/; secure; SameSite=None
Set-Cookie: SRCHUID=V=2&GUID=22487335E33B4F70A8BFC4616797A022&dmnchg=1; domain=.bing.com; expires=Mon, 19-Jan-2026 11:22:32 GMT; path=/; secure; SameSite=None
Set-Cookie: SRCHUSR=DOB=20241225; domain=.bing.com; expires=Mon, 19-Jan-2026 11:22:32 GMT; path=/; secure; SameSite=None
Set-Cookie: SRCHHPGUSR=SRCHLANG=en; domain=.bing.com; expires=Mon, 19-Jan-2026 11:22:32 GMT; path=/; secure; SameSite=None
Set-Cookie: _SS=SID=1CFB1F13442B6E7B014A0A73454A6F3C; domain=.bing.com; path=/; secure; SameSite=None
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.b7c2645f.1735125752.dc70c8
GET

https://www.bing.com/qbox?query=mydoom+&language=en-US&pt=EdgBox&cvid=58d22fbb25184c96826e1baa90a0e51c&ig=a88885d5f9784bef9d0aabcb9ed01124&oit=1&cp=7&pgcl=4

msedge.exe

Remote address:

95.100.195.148:443

Request

GET /qbox?query=mydoom+&language=en-US&pt=EdgBox&cvid=58d22fbb25184c96826e1baa90a0e51c&ig=a88885d5f9784bef9d0aabcb9ed01124&oit=1&cp=7&pgcl=4 HTTP/1.1
Host: www.bing.com
Connection: keep-alive
Sec-Fetch-Site: none
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Length: 261
Content-Type: application/json; charset=utf-8
Cache-Control: public, max-age=300
Content-Encoding: br
Vary: Accept-Encoding
X-EventID: 676beaf88d904b2ba41624f7ed352309
UserAgentReductionOptOut: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
Content-Security-Policy: script-src https: 'strict-dynamic' 'report-sample' 'wasm-unsafe-eval' 'nonce-AeuVL57ECUQf8VRKq5wkGN8QAgdswu4BYclXGn19v0A='; base-uri 'self';report-to csp-endpoint
Report-To: {"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
Date: Wed, 25 Dec 2024 11:22:32 GMT
Connection: keep-alive
Set-Cookie: MUID=09E41B6E77DB687F3CEC0E0E76FA69FB; domain=.bing.com; expires=Mon, 19-Jan-2026 11:22:32 GMT; path=/; secure; SameSite=None
Set-Cookie: MUIDB=09E41B6E77DB687F3CEC0E0E76FA69FB; expires=Mon, 19-Jan-2026 11:22:32 GMT; path=/; HttpOnly
Set-Cookie: _EDGE_S=F=1&SID=2694942940CF637515C4814941EE620C; domain=.bing.com; path=/; HttpOnly
Set-Cookie: _EDGE_V=1; domain=.bing.com; expires=Mon, 19-Jan-2026 11:22:32 GMT; path=/; HttpOnly
Set-Cookie: USRLOC=HS=1; domain=.bing.com; expires=Mon, 19-Jan-2026 11:22:32 GMT; path=/; secure; HttpOnly; SameSite=None
Set-Cookie: SRCHD=AF=NOFORM; domain=.bing.com; expires=Mon, 19-Jan-2026 11:22:32 GMT; path=/; secure; SameSite=None
Set-Cookie: SRCHUID=V=2&GUID=926EC2AAB68B4DB0BF4146362915259E&dmnchg=1; domain=.bing.com; expires=Mon, 19-Jan-2026 11:22:32 GMT; path=/; secure; SameSite=None
Set-Cookie: SRCHUSR=DOB=20241225; domain=.bing.com; expires=Mon, 19-Jan-2026 11:22:32 GMT; path=/; secure; SameSite=None
Set-Cookie: SRCHHPGUSR=SRCHLANG=en; domain=.bing.com; expires=Mon, 19-Jan-2026 11:22:32 GMT; path=/; secure; SameSite=None
Set-Cookie: _SS=SID=2694942940CF637515C4814941EE620C; domain=.bing.com; path=/; secure; SameSite=None
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.b7c2645f.1735125752.dc7a67
GET

https://www.bing.com/qbox?query=mydoom+d&language=en-US&pt=EdgBox&cvid=58d22fbb25184c96826e1baa90a0e51c&ig=28db198234bf4f24bb15f3b1d614c478&oit=4&cp=8&pgcl=4

msedge.exe

Remote address:

95.100.195.148:443

Request

GET /qbox?query=mydoom+d&language=en-US&pt=EdgBox&cvid=58d22fbb25184c96826e1baa90a0e51c&ig=28db198234bf4f24bb15f3b1d614c478&oit=4&cp=8&pgcl=4 HTTP/1.1
Host: www.bing.com
Connection: keep-alive
Sec-Fetch-Site: none
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
GET

https://www.bing.com/qbox?query=mydoom+dow&language=en-US&pt=EdgBox&cvid=58d22fbb25184c96826e1baa90a0e51c&ig=5ecf207f499a4e6f9c70de42a2d4ee47&oit=4&cp=10&pgcl=4

msedge.exe

Remote address:

95.100.195.148:443

Request

GET /qbox?query=mydoom+dow&language=en-US&pt=EdgBox&cvid=58d22fbb25184c96826e1baa90a0e51c&ig=5ecf207f499a4e6f9c70de42a2d4ee47&oit=4&cp=10&pgcl=4 HTTP/1.1
Host: www.bing.com
Connection: keep-alive
Sec-Fetch-Site: none
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
GET

https://www.bing.com/qbox?query=mydoom+down&language=en-US&pt=EdgBox&cvid=58d22fbb25184c96826e1baa90a0e51c&ig=9e78c158ae7e4f748df1cf3b6428fb32&oit=4&cp=11&pgcl=4

msedge.exe

Remote address:

95.100.195.148:443

Request

GET /qbox?query=mydoom+down&language=en-US&pt=EdgBox&cvid=58d22fbb25184c96826e1baa90a0e51c&ig=9e78c158ae7e4f748df1cf3b6428fb32&oit=4&cp=11&pgcl=4 HTTP/1.1
Host: www.bing.com
Connection: keep-alive
Sec-Fetch-Site: none
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Length: 207
Content-Type: application/json; charset=utf-8
Cache-Control: public, max-age=300
Content-Encoding: br
Vary: Accept-Encoding
X-EventID: 676beafaeaf84cc98197747be4a661bc
UserAgentReductionOptOut: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
Content-Security-Policy: script-src https: 'strict-dynamic' 'report-sample' 'wasm-unsafe-eval' 'nonce-9RPzyV6Vfw042jhrXP5BMKMDZs/jC63qhohNG6GSZVw='; base-uri 'self';report-to csp-endpoint
Report-To: {"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
Date: Wed, 25 Dec 2024 11:22:34 GMT
Connection: keep-alive
Set-Cookie: MUID=0AF1644E9B416E8E0213712E9AA16F48; domain=.bing.com; expires=Mon, 19-Jan-2026 11:22:34 GMT; path=/; secure; SameSite=None
Set-Cookie: MUIDB=0AF1644E9B416E8E0213712E9AA16F48; expires=Mon, 19-Jan-2026 11:22:34 GMT; path=/; HttpOnly
Set-Cookie: _EDGE_S=F=1&SID=101E1883D7356AC31A7B0DE3D6D56B0B; domain=.bing.com; path=/; HttpOnly
Set-Cookie: _EDGE_V=1; domain=.bing.com; expires=Mon, 19-Jan-2026 11:22:34 GMT; path=/; HttpOnly
Set-Cookie: USRLOC=HS=1; domain=.bing.com; expires=Mon, 19-Jan-2026 11:22:34 GMT; path=/; secure; HttpOnly; SameSite=None
Set-Cookie: SRCHD=AF=NOFORM; domain=.bing.com; expires=Mon, 19-Jan-2026 11:22:34 GMT; path=/; secure; SameSite=None
Set-Cookie: SRCHUID=V=2&GUID=0B91297B40154B86B16E051C3FB59F7A&dmnchg=1; domain=.bing.com; expires=Mon, 19-Jan-2026 11:22:34 GMT; path=/; secure; SameSite=None
Set-Cookie: SRCHUSR=DOB=20241225; domain=.bing.com; expires=Mon, 19-Jan-2026 11:22:34 GMT; path=/; secure; SameSite=None
Set-Cookie: SRCHHPGUSR=SRCHLANG=en; domain=.bing.com; expires=Mon, 19-Jan-2026 11:22:34 GMT; path=/; secure; SameSite=None
Set-Cookie: _SS=SID=101E1883D7356AC31A7B0DE3D6D56B0B; domain=.bing.com; path=/; secure; SameSite=None
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.9cc2645f.1735125754.2f4aa662
GET

https://www.bing.com/qbox?query=mydoom+downl&language=en-US&pt=EdgBox&cvid=58d22fbb25184c96826e1baa90a0e51c&ig=47fa98c7e8ac4c55984ebdf665329cab&oit=4&cp=12&pgcl=4

msedge.exe

Remote address:

95.100.195.148:443

Request

GET /qbox?query=mydoom+downl&language=en-US&pt=EdgBox&cvid=58d22fbb25184c96826e1baa90a0e51c&ig=47fa98c7e8ac4c55984ebdf665329cab&oit=4&cp=12&pgcl=4 HTTP/1.1
Host: www.bing.com
Connection: keep-alive
Sec-Fetch-Site: none
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
GET

https://www.bing.com/qbox?query=mydoom+downlo&language=en-US&pt=EdgBox&cvid=58d22fbb25184c96826e1baa90a0e51c&ig=029f06b8febd4540817c54e04676b71b&oit=4&cp=13&pgcl=4

msedge.exe

Remote address:

95.100.195.148:443

Request

GET /qbox?query=mydoom+downlo&language=en-US&pt=EdgBox&cvid=58d22fbb25184c96826e1baa90a0e51c&ig=029f06b8febd4540817c54e04676b71b&oit=4&cp=13&pgcl=4 HTTP/1.1
Host: www.bing.com
Connection: keep-alive
Sec-Fetch-Site: none
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
GET

https://www.bing.com/qbox?query=mydoom+download&language=en-US&pt=EdgBox&cvid=58d22fbb25184c96826e1baa90a0e51c&ig=483816a0888e4b21b749bc366f30b974&oit=4&cp=15&pgcl=4

msedge.exe

Remote address:

95.100.195.148:443

Request

GET /qbox?query=mydoom+download&language=en-US&pt=EdgBox&cvid=58d22fbb25184c96826e1baa90a0e51c&ig=483816a0888e4b21b749bc366f30b974&oit=4&cp=15&pgcl=4 HTTP/1.1
Host: www.bing.com
Connection: keep-alive
Sec-Fetch-Site: none
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
GET

https://www.bing.com/search?q=mydoom+download&cvid=58d22fbb25184c96826e1baa90a0e51c&aqs=edge.0.0l7.8086j0j4&FORM=ANAB01&PC=U531

msedge.exe

Remote address:

95.100.195.148:443

Request

GET /search?q=mydoom+download&cvid=58d22fbb25184c96826e1baa90a0e51c&aqs=edge.0.0l7.8086j0j4&FORM=ANAB01&PC=U531 HTTP/1.1
Host: www.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
sec-ch-ua-mobile: ?0
DNT: 1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Type: text/html; charset=utf-8
Cache-Control: private, max-age=0
Content-Encoding: br
Expires: Wed, 25 Dec 2024 11:21:35 GMT
Vary: Accept-Encoding
X-EventID: 676beafba0d24a9380a9eebd839dda89
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, ECT, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
UserAgentReductionOptOut: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Security-Policy: script-src https: 'strict-dynamic' 'report-sample' 'wasm-unsafe-eval' 'nonce-HrJUcGlIRisgUYcMCQ2GySr96NY/Uz07gO+wK9y3hh8='; base-uri 'self';report-to csp-endpoint
Report-To: {"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
Report-To: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingserp&ndcParam=QWthbWFp"}]}
Report-To: {"group":"crossorigin-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingserp"}]}
P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
NEL: {"report_to":"network-errors","max_age":604800,"success_fraction":0.01,"failure_fraction":1.0,"include_subdomains":true}
Cross-Origin-Embedder-Policy-Report-Only: 'require-corp; report-to=\"crossorigin-errors\"'
Cross-Origin-Opener-Policy-Report-Only: 'same-origin; report-to=\"crossorigin-errors\"'
Date: Wed, 25 Dec 2024 11:22:35 GMT
Content-Length: 32699
Connection: keep-alive
Set-Cookie: MUID=2338596C739167DE37764C0C725866D5; domain=.bing.com; expires=Mon, 19-Jan-2026 11:22:35 GMT; path=/; secure; SameSite=None
Set-Cookie: MUIDB=2338596C739167DE37764C0C725866D5; expires=Mon, 19-Jan-2026 11:22:35 GMT; path=/; HttpOnly
Set-Cookie: _EDGE_S=F=1&SID=1237EDD3F7EE629C1C5CF8B3F6276339; domain=.bing.com; path=/; HttpOnly
Set-Cookie: _EDGE_V=1; domain=.bing.com; expires=Mon, 19-Jan-2026 11:22:35 GMT; path=/; HttpOnly
Set-Cookie: USRLOC=HS=1; domain=.bing.com; expires=Mon, 19-Jan-2026 11:22:35 GMT; path=/; secure; HttpOnly; SameSite=None
Set-Cookie: _SS=PC=U531&SID=1237EDD3F7EE629C1C5CF8B3F6276339; domain=.bing.com; path=/; secure; SameSite=None
Set-Cookie: SRCHS=PC=U531; domain=.bing.com; path=/; secure; SameSite=None
Set-Cookie: SRCHD=AF=ANAB01; domain=.bing.com; expires=Mon, 19-Jan-2026 11:22:35 GMT; path=/; secure; SameSite=None
Set-Cookie: SRCHUID=V=2&GUID=2D3226E919DD4358A046111CD2C18B22&dmnchg=1; domain=.bing.com; expires=Mon, 19-Jan-2026 11:22:35 GMT; path=/; secure; SameSite=None
Set-Cookie: SRCHUSR=DOB=20241225; domain=.bing.com; expires=Mon, 19-Jan-2026 11:22:35 GMT; path=/; secure; SameSite=None
Set-Cookie: SRCHHPGUSR=SRCHLANG=en; domain=.bing.com; expires=Mon, 19-Jan-2026 11:22:35 GMT; path=/; secure; SameSite=None
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.86c2645f.1735125755.1314e3e1
Set-Cookie: ak_bmsc=2A9335954D3F56E8581EF560E67280CB~000000000000000000000000000000~YAAQhsJkX5eApu2TAQAAQ+eN/RpUqnTT3y0DuOK4JGYnvggFsOXTypTxjSCS2H/QHcqS5/tt98eklF8q24NGXIrzGoufZex6A1fFaYI0HtCXNAmQuV1svccr7m0EXvJ3VvliO+T1k61J9zAUzKtvK2aFs+ul2wAp1uSxNBsiIbRqpqM21hvia0At3e0RLJ7oOrbVsPPZhWTy7+l4ng/bARBf2Hwh2Ap9CsYKoENVXG7Icivuznsh1z4QWy7x5jhQ5Twh6GJQWj3Cg93jzNv5+Rs3xceCOyquicxIYQLJl7UKGsyFt8bjgA/kFCSH4lUnNfL6QPoIcGDmvCsT7fakphMixxP8B6mS1w3OGaqmpzjdjZwbF8wiVNy9Hx2soDk=; Domain=.bing.com; Path=/; Expires=Wed, 25 Dec 2024 13:22:35 GMT; Max-Age=7200
GET

https://www.bing.com/sa/simg/Roboto_Semibold.woff2

msedge.exe

Remote address:

95.100.195.148:443

Request

GET /sa/simg/Roboto_Semibold.woff2 HTTP/1.1
Host: www.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
Origin: https://www.bing.com
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "90.0.818.66"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
DNT: 1
sec-ch-ua-platform: "Windows"
Accept: */*
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: font
Referer: https://www.bing.com/search?q=mydoom+download&cvid=58d22fbb25184c96826e1baa90a0e51c&aqs=edge.0.0l7.8086j0j4&FORM=ANAB01&PC=U531
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=2338596C739167DE37764C0C725866D5; MUIDB=2338596C739167DE37764C0C725866D5; _EDGE_S=F=1&SID=1237EDD3F7EE629C1C5CF8B3F6276339; _EDGE_V=1; USRLOC=HS=1; _SS=PC=U531&SID=1237EDD3F7EE629C1C5CF8B3F6276339; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=2D3226E919DD4358A046111CD2C18B22&dmnchg=1; SRCHUSR=DOB=20241225; SRCHHPGUSR=SRCHLANG=en; ak_bmsc=2A9335954D3F56E8581EF560E67280CB~000000000000000000000000000000~YAAQhsJkX5eApu2TAQAAQ+eN/RpUqnTT3y0DuOK4JGYnvggFsOXTypTxjSCS2H/QHcqS5/tt98eklF8q24NGXIrzGoufZex6A1fFaYI0HtCXNAmQuV1svccr7m0EXvJ3VvliO+T1k61J9zAUzKtvK2aFs+ul2wAp1uSxNBsiIbRqpqM21hvia0At3e0RLJ7oOrbVsPPZhWTy7+l4ng/bARBf2Hwh2Ap9CsYKoENVXG7Icivuznsh1z4QWy7x5jhQ5Twh6GJQWj3Cg93jzNv5+Rs3xceCOyquicxIYQLJl7UKGsyFt8bjgA/kFCSH4lUnNfL6QPoIcGDmvCsT7fakphMixxP8B6mS1w3OGaqmpzjdjZwbF8wiVNy9Hx2soDk=

Response

HTTP/1.1 200 OK

Content-Length: 15436
Content-Type: font/woff2
Cache-Control: public, max-age=15552000
Last-Modified: Mon, 01 Jan 1601 00:00:00 GMT
X-EventID: 66c8cdbf62184216b0ba82fd8dc7618f
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
UserAgentReductionOptOut: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
Content-Security-Policy: script-src https: 'strict-dynamic' 'report-sample' 'wasm-unsafe-eval' 'nonce-MUr5d2DCc9N0aViMptl4PlvczP/mFo2Q022RM8jTlzU='; base-uri 'self';report-to csp-endpoint
Report-To: {"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
Date: Wed, 25 Dec 2024 11:22:35 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.86c2645f.1735125755.1314e4db
GET

https://www.bing.com/sa/simg/favicon-trans-bg-blue-mg.ico

msedge.exe

Remote address:

95.100.195.148:443

Request

GET /sa/simg/favicon-trans-bg-blue-mg.ico HTTP/1.1
Host: www.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "90.0.818.66"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://www.bing.com/search?q=mydoom+download&cvid=58d22fbb25184c96826e1baa90a0e51c&aqs=edge.0.0l7.8086j0j4&FORM=ANAB01&PC=U531
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=2338596C739167DE37764C0C725866D5; MUIDB=2338596C739167DE37764C0C725866D5; _EDGE_S=F=1&SID=1237EDD3F7EE629C1C5CF8B3F6276339; _EDGE_V=1; USRLOC=HS=1; _SS=PC=U531&SID=1237EDD3F7EE629C1C5CF8B3F6276339; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=2D3226E919DD4358A046111CD2C18B22&dmnchg=1; SRCHUSR=DOB=20241225; ak_bmsc=2A9335954D3F56E8581EF560E67280CB~000000000000000000000000000000~YAAQhsJkX5eApu2TAQAAQ+eN/RpUqnTT3y0DuOK4JGYnvggFsOXTypTxjSCS2H/QHcqS5/tt98eklF8q24NGXIrzGoufZex6A1fFaYI0HtCXNAmQuV1svccr7m0EXvJ3VvliO+T1k61J9zAUzKtvK2aFs+ul2wAp1uSxNBsiIbRqpqM21hvia0At3e0RLJ7oOrbVsPPZhWTy7+l4ng/bARBf2Hwh2Ap9CsYKoENVXG7Icivuznsh1z4QWy7x5jhQ5Twh6GJQWj3Cg93jzNv5+Rs3xceCOyquicxIYQLJl7UKGsyFt8bjgA/kFCSH4lUnNfL6QPoIcGDmvCsT7fakphMixxP8B6mS1w3OGaqmpzjdjZwbF8wiVNy9Hx2soDk=; SRCHHPGUSR=SRCHLANG=en&HV=1735125756

Response

HTTP/1.1 200 OK

Content-Length: 4286
Content-Type: image/x-icon
Cache-Control: public, max-age=15552000
Last-Modified: Mon, 01 Jan 1601 00:00:00 GMT
X-EventID: 67162461ad1f4013b54acef8aba75209
UserAgentReductionOptOut: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
Content-Security-Policy: script-src https: 'strict-dynamic' 'report-sample' 'wasm-unsafe-eval' 'nonce-KulEWF8dvjSYwbHgXG28Cqc0TuUWG9vemrEfxTtoSUM='; base-uri 'self';report-to csp-endpoint
Report-To: {"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
Date: Wed, 25 Dec 2024 11:22:37 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.86c2645f.1735125757.1314e64e
GET

https://www.bing.com/fd/ls/l?IG=7AAC67B96C9140B491DCA5B62937FD8E&CID=2338596C739167DE37764C0C725866D5&TYPE=Event.ClientInst&DATA=%5B%7B%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1735125758939%2C%22Name%22%3A%220%22%2C%22FID%22%3A%22DARKMODE%22%7D%5D

msedge.exe

Remote address:

95.100.195.148:443

Request

GET /fd/ls/l?IG=7AAC67B96C9140B491DCA5B62937FD8E&CID=2338596C739167DE37764C0C725866D5&TYPE=Event.ClientInst&DATA=%5B%7B%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1735125758939%2C%22Name%22%3A%220%22%2C%22FID%22%3A%22DARKMODE%22%7D%5D HTTP/1.1
Host: www.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "90.0.818.66"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://www.bing.com/search?q=mydoom+download&cvid=58d22fbb25184c96826e1baa90a0e51c&aqs=edge.0.0l7.8086j0j4&FORM=ANAB01&PC=U531
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=2338596C739167DE37764C0C725866D5; MUIDB=2338596C739167DE37764C0C725866D5; _EDGE_S=F=1&SID=1237EDD3F7EE629C1C5CF8B3F6276339; _EDGE_V=1; USRLOC=HS=1; _SS=PC=U531&SID=1237EDD3F7EE629C1C5CF8B3F6276339; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=2D3226E919DD4358A046111CD2C18B22&dmnchg=1; SRCHUSR=DOB=20241225; ak_bmsc=2A9335954D3F56E8581EF560E67280CB~000000000000000000000000000000~YAAQhsJkX5eApu2TAQAAQ+eN/RpUqnTT3y0DuOK4JGYnvggFsOXTypTxjSCS2H/QHcqS5/tt98eklF8q24NGXIrzGoufZex6A1fFaYI0HtCXNAmQuV1svccr7m0EXvJ3VvliO+T1k61J9zAUzKtvK2aFs+ul2wAp1uSxNBsiIbRqpqM21hvia0At3e0RLJ7oOrbVsPPZhWTy7+l4ng/bARBf2Hwh2Ap9CsYKoENVXG7Icivuznsh1z4QWy7x5jhQ5Twh6GJQWj3Cg93jzNv5+Rs3xceCOyquicxIYQLJl7UKGsyFt8bjgA/kFCSH4lUnNfL6QPoIcGDmvCsT7fakphMixxP8B6mS1w3OGaqmpzjdjZwbF8wiVNy9Hx2soDk=; SRCHHPGUSR=SRCHLANG=en&HV=1735125756&DM=0

Response

HTTP/1.1 200 OK

Content-Length: 0
Access-Control-Allow-Origin: *
Date: Wed, 25 Dec 2024 11:22:40 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.86c2645f.1735125760.1314f267
GET

https://www.bing.com/fd/ls/l?IG=7AAC67B96C9140B491DCA5B62937FD8E&CID=2338596C739167DE37764C0C725866D5&Type=Event.ClientInst&DATA=[{%22T%22:%22CI.SERPSB%22,%22FID%22:%22CI%22,%22Name%22:%22CharCount%22,%22Text%22:%2215%22}]

msedge.exe

Remote address:

95.100.195.148:443

Request

GET /fd/ls/l?IG=7AAC67B96C9140B491DCA5B62937FD8E&CID=2338596C739167DE37764C0C725866D5&Type=Event.ClientInst&DATA=[{%22T%22:%22CI.SERPSB%22,%22FID%22:%22CI%22,%22Name%22:%22CharCount%22,%22Text%22:%2215%22}] HTTP/1.1
Host: www.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "90.0.818.66"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://www.bing.com/search?q=mydoom+download&cvid=58d22fbb25184c96826e1baa90a0e51c&aqs=edge.0.0l7.8086j0j4&FORM=ANAB01&PC=U531
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=2338596C739167DE37764C0C725866D5; MUIDB=2338596C739167DE37764C0C725866D5; _EDGE_S=F=1&SID=1237EDD3F7EE629C1C5CF8B3F6276339; _EDGE_V=1; USRLOC=HS=1; _SS=PC=U531&SID=1237EDD3F7EE629C1C5CF8B3F6276339; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=2D3226E919DD4358A046111CD2C18B22&dmnchg=1; SRCHUSR=DOB=20241225; ak_bmsc=2A9335954D3F56E8581EF560E67280CB~000000000000000000000000000000~YAAQhsJkX5eApu2TAQAAQ+eN/RpUqnTT3y0DuOK4JGYnvggFsOXTypTxjSCS2H/QHcqS5/tt98eklF8q24NGXIrzGoufZex6A1fFaYI0HtCXNAmQuV1svccr7m0EXvJ3VvliO+T1k61J9zAUzKtvK2aFs+ul2wAp1uSxNBsiIbRqpqM21hvia0At3e0RLJ7oOrbVsPPZhWTy7+l4ng/bARBf2Hwh2Ap9CsYKoENVXG7Icivuznsh1z4QWy7x5jhQ5Twh6GJQWj3Cg93jzNv5+Rs3xceCOyquicxIYQLJl7UKGsyFt8bjgA/kFCSH4lUnNfL6QPoIcGDmvCsT7fakphMixxP8B6mS1w3OGaqmpzjdjZwbF8wiVNy9Hx2soDk=; SRCHHPGUSR=SRCHLANG=en&HV=1735125756&DM=0&NTWKTYP=4g&BRW=M&BRH=S&CW=1280&CH=601&SCW=1263&SCH=1983&DPR=1.0&UTC=0

Response

HTTP/1.1 200 OK

Content-Length: 0
Access-Control-Allow-Origin: *
Date: Wed, 25 Dec 2024 11:22:40 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.86c2645f.1735125760.13150052
POST

https://www.bing.com/rewardsapp/reportActivity?IG=7AAC67B96C9140B491DCA5B62937FD8E&IID=SERP.5061&q=mydoom+download&cvid=58d22fbb25184c96826e1baa90a0e51c&aqs=edge.0.0l7.8086j0j4&FORM=ANAB01&PC=U531

msedge.exe

Remote address:

95.100.195.148:443

Request

POST /rewardsapp/reportActivity?IG=7AAC67B96C9140B491DCA5B62937FD8E&IID=SERP.5061&q=mydoom+download&cvid=58d22fbb25184c96826e1baa90a0e51c&aqs=edge.0.0l7.8086j0j4&FORM=ANAB01&PC=U531 HTTP/1.1
Host: www.bing.com
Connection: keep-alive
Content-Length: 159
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "90.0.818.66"
sec-ch-ua-platform-version: "10.0"
Content-type: application/x-www-form-urlencoded
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
Accept: */*
Origin: https://www.bing.com
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/search?q=mydoom+download&cvid=58d22fbb25184c96826e1baa90a0e51c&aqs=edge.0.0l7.8086j0j4&FORM=ANAB01&PC=U531
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=2338596C739167DE37764C0C725866D5; MUIDB=2338596C739167DE37764C0C725866D5; _EDGE_S=F=1&SID=1237EDD3F7EE629C1C5CF8B3F6276339; _EDGE_V=1; USRLOC=HS=1; _SS=PC=U531&SID=1237EDD3F7EE629C1C5CF8B3F6276339; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=2D3226E919DD4358A046111CD2C18B22&dmnchg=1; ak_bmsc=2A9335954D3F56E8581EF560E67280CB~000000000000000000000000000000~YAAQhsJkX5eApu2TAQAAQ+eN/RpUqnTT3y0DuOK4JGYnvggFsOXTypTxjSCS2H/QHcqS5/tt98eklF8q24NGXIrzGoufZex6A1fFaYI0HtCXNAmQuV1svccr7m0EXvJ3VvliO+T1k61J9zAUzKtvK2aFs+ul2wAp1uSxNBsiIbRqpqM21hvia0At3e0RLJ7oOrbVsPPZhWTy7+l4ng/bARBf2Hwh2Ap9CsYKoENVXG7Icivuznsh1z4QWy7x5jhQ5Twh6GJQWj3Cg93jzNv5+Rs3xceCOyquicxIYQLJl7UKGsyFt8bjgA/kFCSH4lUnNfL6QPoIcGDmvCsT7fakphMixxP8B6mS1w3OGaqmpzjdjZwbF8wiVNy9Hx2soDk=; SRCHHPGUSR=SRCHLANG=en&HV=1735125759&DM=0&NTWKTYP=4g&BRW=M&BRH=S&CW=1280&CH=601&SCW=1263&SCH=1983&DPR=1.0&UTC=0; SRCHUSR=DOB=20241225&T=1735125755000

Response

HTTP/1.1 200 OK

Content-Length: 994
Content-Type: text/html; charset=utf-8
Cache-Control: no-cache
Content-Encoding: br
Expires: -1
Pragma: no-cache
Vary: Accept-Encoding
X-EventID: 676beb01dc484806b3d912d490d635b8
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, ECT, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
UserAgentReductionOptOut: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
Content-Security-Policy: script-src https: 'strict-dynamic' 'report-sample' 'wasm-unsafe-eval' 'nonce-37aXEFFib4yAF9mY3gg+YUXxOr/rb20eAZkLrSa0ygQ='; base-uri 'self';report-to csp-endpoint
Report-To: {"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
X-Ceto-ref: 676beb01dc484806b3d912d490d635b8|AFD:676beb01dc484806b3d912d490d635b8|2024-12-25T11:22:41.159Z
Date: Wed, 25 Dec 2024 11:22:41 GMT
Connection: keep-alive
Set-Cookie: _C_ETH=1; domain=.bing.com; path=/; secure; httponly
Set-Cookie: _C_Auth=
Set-Cookie: SRCHHPGUSR=SRCHLANG=en&HV=1735125759&DM=0&NTWKTYP=4g&BRW=M&BRH=S&CW=1280&CH=601&SCW=1263&SCH=1983&DPR=1.0&UTC=0&PV=10.0; domain=.bing.com; expires=Mon, 19-Jan-2026 11:22:41 GMT; path=/; secure; SameSite=None
Set-Cookie: _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-12-25T08:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-12-25T11:22:41.1737217+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; domain=.bing.com; expires=Thu, 25-Dec-2025 11:22:41 GMT; path=/; secure; SameSite=None
Set-Cookie: _Rwho=u=d&ts=2024-12-25; domain=.bing.com; path=/; secure; HttpOnly; SameSite=None
Set-Cookie: _SS=PC=U531&SID=1237EDD3F7EE629C1C5CF8B3F6276339&R=3&RB=0&GB=0&RG=200&RP=0; domain=.bing.com; path=/; secure; SameSite=None
Set-Cookie: SRCHS=; domain=.bing.com; expires=Thu, 01-Jan-1970 08:00:00 GMT; path=/; secure; SameSite=None
Set-Cookie: SRCHS=; expires=Thu, 01-Jan-1970 08:00:00 GMT; path=/; secure; SameSite=None
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.86c2645f.1735125760.1315012b
GET

https://www.bing.com/fd/ls/l?IG=7AAC67B96C9140B491DCA5B62937FD8E&CID=2338596C739167DE37764C0C725866D5&TYPE=Event.ClientInst&DATA=%5B%7B%22width%22%3A%221280%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1735125758949%2C%22Name%22%3A%22M%22%2C%22FID%22%3A%22BRW%22%7D%2C%7B%22height%22%3A%22601%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1735125758949%2C%22Name%22%3A%22S%22%2C%22FID%22%3A%22BRH%22%7D%2C%7B%22RawDPR%22%3A%221.0%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1735125758949%2C%22Name%22%3A%221.0%22%2C%22FID%22%3A%22DPR%22%7D%2C%7B%22T%22%3A%22CI.SCArrST%22%2C%22TS%22%3A1735125758966%2C%22Name%22%3A1757%2C%22FID%22%3A%22SCArrST%22%7D%2C%7B%22T%22%3A%22CI.ClientInst%22%2C%22TS%22%3A1735125759274%2C%22Name%22%3A%22OrgId%22%2C%22FID%22%3A%22NoSignInAttempt%22%7D%2C%7B%22correlationId%22%3A%22676beafba0d24a9380a9eebd839dda89%22%2C%22T%22%3A%22CI.acclink%22%2C%22TS%22%3A1735125759283%2C%22Name%22%3A%22loadJsModule%22%2C%22FID%22%3A%22init%22%7D%2C%7B%22correlationId%22%3A%22676beafba0d24a9380a9eebd839dda89%22%2C%22T%22%3A%22CI.acclink%22%2C%22TS%22%3A1735125759283%2C%22Name%22%3A%22undirectflow%22%2C%22FID%22%3A%22init%22%7D%2C%7B%22osBuildVersion%22%3A%5B%2210%22%2C%220%22%2C%2222000%22%5D%2C%22isWin11OrHigher%22%3A%22true%22%2C%22fullOsBuild%22%3A%2210.0.22000%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1735125759310%2C%22Name%22%3A%22OSBuild%22%2C%22FID%22%3A%22OSBuild%22%7D%2C%7B%22T%22%3A%22CI.Tab%22%2C%22TS%22%3A1735125759533%2C%22Name%22%3A%221%22%2C%22FID%22%3A%22count%22%7D%2C%7B%22T%22%3A%22CI.DevLoc%22%2C%22TS%22%3A1735125760215%2C%22Name%22%3A%22PromptDevLoc%22%2C%22FID%22%3A%22AutoPrompt%22%7D%5D

msedge.exe

Remote address:

95.100.195.148:443

Request

GET /fd/ls/l?IG=7AAC67B96C9140B491DCA5B62937FD8E&CID=2338596C739167DE37764C0C725866D5&TYPE=Event.ClientInst&DATA=%5B%7B%22width%22%3A%221280%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1735125758949%2C%22Name%22%3A%22M%22%2C%22FID%22%3A%22BRW%22%7D%2C%7B%22height%22%3A%22601%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1735125758949%2C%22Name%22%3A%22S%22%2C%22FID%22%3A%22BRH%22%7D%2C%7B%22RawDPR%22%3A%221.0%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1735125758949%2C%22Name%22%3A%221.0%22%2C%22FID%22%3A%22DPR%22%7D%2C%7B%22T%22%3A%22CI.SCArrST%22%2C%22TS%22%3A1735125758966%2C%22Name%22%3A1757%2C%22FID%22%3A%22SCArrST%22%7D%2C%7B%22T%22%3A%22CI.ClientInst%22%2C%22TS%22%3A1735125759274%2C%22Name%22%3A%22OrgId%22%2C%22FID%22%3A%22NoSignInAttempt%22%7D%2C%7B%22correlationId%22%3A%22676beafba0d24a9380a9eebd839dda89%22%2C%22T%22%3A%22CI.acclink%22%2C%22TS%22%3A1735125759283%2C%22Name%22%3A%22loadJsModule%22%2C%22FID%22%3A%22init%22%7D%2C%7B%22correlationId%22%3A%22676beafba0d24a9380a9eebd839dda89%22%2C%22T%22%3A%22CI.acclink%22%2C%22TS%22%3A1735125759283%2C%22Name%22%3A%22undirectflow%22%2C%22FID%22%3A%22init%22%7D%2C%7B%22osBuildVersion%22%3A%5B%2210%22%2C%220%22%2C%2222000%22%5D%2C%22isWin11OrHigher%22%3A%22true%22%2C%22fullOsBuild%22%3A%2210.0.22000%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1735125759310%2C%22Name%22%3A%22OSBuild%22%2C%22FID%22%3A%22OSBuild%22%7D%2C%7B%22T%22%3A%22CI.Tab%22%2C%22TS%22%3A1735125759533%2C%22Name%22%3A%221%22%2C%22FID%22%3A%22count%22%7D%2C%7B%22T%22%3A%22CI.DevLoc%22%2C%22TS%22%3A1735125760215%2C%22Name%22%3A%22PromptDevLoc%22%2C%22FID%22%3A%22AutoPrompt%22%7D%5D HTTP/1.1
Host: www.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "90.0.818.66"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://www.bing.com/search?q=mydoom+download&cvid=58d22fbb25184c96826e1baa90a0e51c&aqs=edge.0.0l7.8086j0j4&FORM=ANAB01&PC=U531
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=2338596C739167DE37764C0C725866D5; _EDGE_S=F=1&SID=1237EDD3F7EE629C1C5CF8B3F6276339; _EDGE_V=1; USRLOC=HS=1; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=2D3226E919DD4358A046111CD2C18B22&dmnchg=1; ak_bmsc=2A9335954D3F56E8581EF560E67280CB~000000000000000000000000000000~YAAQhsJkX5eApu2TAQAAQ+eN/RpUqnTT3y0DuOK4JGYnvggFsOXTypTxjSCS2H/QHcqS5/tt98eklF8q24NGXIrzGoufZex6A1fFaYI0HtCXNAmQuV1svccr7m0EXvJ3VvliO+T1k61J9zAUzKtvK2aFs+ul2wAp1uSxNBsiIbRqpqM21hvia0At3e0RLJ7oOrbVsPPZhWTy7+l4ng/bARBf2Hwh2Ap9CsYKoENVXG7Icivuznsh1z4QWy7x5jhQ5Twh6GJQWj3Cg93jzNv5+Rs3xceCOyquicxIYQLJl7UKGsyFt8bjgA/kFCSH4lUnNfL6QPoIcGDmvCsT7fakphMixxP8B6mS1w3OGaqmpzjdjZwbF8wiVNy9Hx2soDk=; MUIDB=2338596C739167DE37764C0C725866D5; SRCHUSR=DOB=20241225&T=1735125755000; _C_ETH=1; _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-12-25T08:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-12-25T11:22:41.1737217+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _Rwho=u=d&ts=2024-12-25; _SS=PC=U531&SID=1237EDD3F7EE629C1C5CF8B3F6276339&R=3&RB=0&GB=0&RG=200&RP=0; SRCHHPGUSR=SRCHLANG=en&HV=1735125760&DM=0&NTWKTYP=4g&BRW=M&BRH=S&CW=1280&CH=601&SCW=1263&SCH=1983&DPR=1.0&UTC=0&PV=10.0

Response

HTTP/1.1 200 OK

Content-Length: 0
Access-Control-Allow-Origin: *
Date: Wed, 25 Dec 2024 11:22:41 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.86c2645f.1735125761.1315048f
GET

https://www.bing.com/qbox?query=free+mine&language=en-US&pt=EdgBox&cvid=da51f10fee9e4c68929b4d4f7a55def8&ig=bead57170e8b4bf98cfd85ff82ec9f57&oit=4&cp=9&pgcl=4

msedge.exe

Remote address:

95.100.195.148:443

Request

GET /qbox?query=free+mine&language=en-US&pt=EdgBox&cvid=da51f10fee9e4c68929b4d4f7a55def8&ig=bead57170e8b4bf98cfd85ff82ec9f57&oit=4&cp=9&pgcl=4 HTTP/1.1
Host: www.bing.com
Connection: keep-alive
Sec-Fetch-Site: none
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=2338596C739167DE37764C0C725866D5; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=2D3226E919DD4358A046111CD2C18B22&dmnchg=1; SRCHUSR=DOB=20241225&T=1735125755000; _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-12-25T08:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-12-25T11:22:41.1737217+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _Rwho=u=d&ts=2024-12-25; _SS=PC=U531&SID=1237EDD3F7EE629C1C5CF8B3F6276339&R=3&RB=0&GB=0&RG=200&RP=0; SRCHHPGUSR=SRCHLANG=en&HV=1735125760&DM=0&NTWKTYP=4g&BRW=M&BRH=S&CW=1280&CH=601&SCW=1263&SCH=1983&DPR=1.0&UTC=0&PV=10.0&WTS=63870722555; USRLOC=HS=1&BLOCK=TS=241225112241; ipv6=hit=1735129361377&t=4; MSPTC=0sId-ydt5KET1eJHPZpHrN8OIiMSzBo8-a6MuCxIyXw

Response

HTTP/1.1 200 OK

Content-Length: 261
Content-Type: application/json; charset=utf-8
Cache-Control: public, max-age=300
Content-Encoding: br
Vary: Accept-Encoding
X-EventID: 676beb41d7db40fd8b3e37586aae1cdf
UserAgentReductionOptOut: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
Content-Security-Policy: script-src https: 'strict-dynamic' 'report-sample' 'wasm-unsafe-eval' 'nonce-/Eog/8kmBKV+fGWHsFN4wYa1b2D3x/S/uKJAB/t88Ok='; base-uri 'self';report-to csp-endpoint
Report-To: {"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
Date: Wed, 25 Dec 2024 11:23:45 GMT
Connection: keep-alive
Set-Cookie: MUIDB=2338596C739167DE37764C0C725866D5; expires=Mon, 19-Jan-2026 11:23:45 GMT; path=/; HttpOnly
Set-Cookie: _EDGE_S=SID=15D73AB3C6E567D81B8B2FD3C75866B9; domain=.bing.com; path=/; HttpOnly
Set-Cookie: SRCHHPGUSR=SRCHLANG=en&HV=1735125760&DM=0&NTWKTYP=4g&BRW=M&BRH=S&CW=1280&CH=601&SCW=1263&SCH=1983&DPR=1.0&UTC=0&PV=10.0&WTS=63870722555; domain=.bing.com; expires=Mon, 19-Jan-2026 11:23:45 GMT; path=/; secure; SameSite=None
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.86c2645f.1735125825.1315065d
GET

https://www.bing.com/qbox?query=free+minec&language=en-US&pt=EdgBox&cvid=da51f10fee9e4c68929b4d4f7a55def8&ig=d60d338175644516be81dd15d783ad3f&oit=4&cp=10&pgcl=4

msedge.exe

Remote address:

95.100.195.148:443

Request

GET /qbox?query=free+minec&language=en-US&pt=EdgBox&cvid=da51f10fee9e4c68929b4d4f7a55def8&ig=d60d338175644516be81dd15d783ad3f&oit=4&cp=10&pgcl=4 HTTP/1.1
Host: www.bing.com
Connection: keep-alive
Sec-Fetch-Site: none
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=2338596C739167DE37764C0C725866D5; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=2D3226E919DD4358A046111CD2C18B22&dmnchg=1; SRCHUSR=DOB=20241225&T=1735125755000; _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-12-25T08:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-12-25T11:22:41.1737217+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _Rwho=u=d&ts=2024-12-25; _SS=PC=U531&SID=1237EDD3F7EE629C1C5CF8B3F6276339&R=3&RB=0&GB=0&RG=200&RP=0; SRCHHPGUSR=SRCHLANG=en&HV=1735125760&DM=0&NTWKTYP=4g&BRW=M&BRH=S&CW=1280&CH=601&SCW=1263&SCH=1983&DPR=1.0&UTC=0&PV=10.0&WTS=63870722555; USRLOC=HS=1&BLOCK=TS=241225112241; ipv6=hit=1735129361377&t=4; MSPTC=0sId-ydt5KET1eJHPZpHrN8OIiMSzBo8-a6MuCxIyXw

Response

HTTP/1.1 200 OK

Content-Length: 258
Content-Type: application/json; charset=utf-8
Cache-Control: public, max-age=300
Content-Encoding: br
Vary: Accept-Encoding
X-EventID: 676beb41ee3d4242850af5d3bbcf8d77
UserAgentReductionOptOut: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
Content-Security-Policy: script-src https: 'strict-dynamic' 'report-sample' 'wasm-unsafe-eval' 'nonce-6ZrK8DnXWO2O4iG2XHoC41piG3e2AYeS1HT3RQiyYiQ='; base-uri 'self';report-to csp-endpoint
Report-To: {"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
Date: Wed, 25 Dec 2024 11:23:45 GMT
Connection: keep-alive
Set-Cookie: MUIDB=2338596C739167DE37764C0C725866D5; expires=Mon, 19-Jan-2026 11:23:45 GMT; path=/; HttpOnly
Set-Cookie: _EDGE_S=SID=1BD83C6C438E64322A70290C4233653D; domain=.bing.com; path=/; HttpOnly
Set-Cookie: SRCHHPGUSR=SRCHLANG=en&HV=1735125760&DM=0&NTWKTYP=4g&BRW=M&BRH=S&CW=1280&CH=601&SCW=1263&SCH=1983&DPR=1.0&UTC=0&PV=10.0&WTS=63870722555; domain=.bing.com; expires=Mon, 19-Jan-2026 11:23:45 GMT; path=/; secure; SameSite=None
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.86c2645f.1735125825.1316a34e
GET

https://www.bing.com/qbox?query=free+minecr&language=en-US&pt=EdgBox&cvid=da51f10fee9e4c68929b4d4f7a55def8&ig=f74ca1cc081740d79b875091c0ab00fb&oit=4&cp=11&pgcl=4

msedge.exe

Remote address:

95.100.195.148:443

Request

GET /qbox?query=free+minecr&language=en-US&pt=EdgBox&cvid=da51f10fee9e4c68929b4d4f7a55def8&ig=f74ca1cc081740d79b875091c0ab00fb&oit=4&cp=11&pgcl=4 HTTP/1.1
Host: www.bing.com
Connection: keep-alive
Sec-Fetch-Site: none
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=2338596C739167DE37764C0C725866D5; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=2D3226E919DD4358A046111CD2C18B22&dmnchg=1; SRCHUSR=DOB=20241225&T=1735125755000; _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-12-25T08:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-12-25T11:22:41.1737217+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _Rwho=u=d&ts=2024-12-25; _SS=PC=U531&SID=1237EDD3F7EE629C1C5CF8B3F6276339&R=3&RB=0&GB=0&RG=200&RP=0; SRCHHPGUSR=SRCHLANG=en&HV=1735125760&DM=0&NTWKTYP=4g&BRW=M&BRH=S&CW=1280&CH=601&SCW=1263&SCH=1983&DPR=1.0&UTC=0&PV=10.0&WTS=63870722555; USRLOC=HS=1&BLOCK=TS=241225112241; ipv6=hit=1735129361377&t=4; MSPTC=0sId-ydt5KET1eJHPZpHrN8OIiMSzBo8-a6MuCxIyXw

Response

HTTP/1.1 200 OK

Content-Length: 265
Content-Type: application/json; charset=utf-8
Cache-Control: public, max-age=300
Content-Encoding: br
Vary: Accept-Encoding
X-EventID: 676beb41993d49f0bc5cb3ff8f036b5c
UserAgentReductionOptOut: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
Content-Security-Policy: script-src https: 'strict-dynamic' 'report-sample' 'wasm-unsafe-eval' 'nonce-o5XH73efFMhOFig573xUJJ/jucoaVAWT9dVb2N7ANOE='; base-uri 'self';report-to csp-endpoint
Report-To: {"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
Date: Wed, 25 Dec 2024 11:23:45 GMT
Connection: keep-alive
Set-Cookie: MUIDB=2338596C739167DE37764C0C725866D5; expires=Mon, 19-Jan-2026 11:23:45 GMT; path=/; HttpOnly
Set-Cookie: _EDGE_S=SID=2630CBC3E4356D8408F8DEA3E5736C25; domain=.bing.com; path=/; HttpOnly
Set-Cookie: SRCHHPGUSR=SRCHLANG=en&HV=1735125760&DM=0&NTWKTYP=4g&BRW=M&BRH=S&CW=1280&CH=601&SCW=1263&SCH=1983&DPR=1.0&UTC=0&PV=10.0&WTS=63870722555; domain=.bing.com; expires=Mon, 19-Jan-2026 11:23:45 GMT; path=/; secure; SameSite=None
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.86c2645f.1735125825.1316a47e
GET

https://www.bing.com/qbox?query=free+minecra&language=en-US&pt=EdgBox&cvid=da51f10fee9e4c68929b4d4f7a55def8&ig=ffe4b223f7eb4c079fa8a727b220b8fe&oit=4&cp=12&pgcl=4

msedge.exe

Remote address:

95.100.195.148:443

Request

GET /qbox?query=free+minecra&language=en-US&pt=EdgBox&cvid=da51f10fee9e4c68929b4d4f7a55def8&ig=ffe4b223f7eb4c079fa8a727b220b8fe&oit=4&cp=12&pgcl=4 HTTP/1.1
Host: www.bing.com
Connection: keep-alive
Sec-Fetch-Site: none
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=2338596C739167DE37764C0C725866D5; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=2D3226E919DD4358A046111CD2C18B22&dmnchg=1; SRCHUSR=DOB=20241225&T=1735125755000; _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-12-25T08:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-12-25T11:22:41.1737217+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _Rwho=u=d&ts=2024-12-25; _SS=PC=U531&SID=1237EDD3F7EE629C1C5CF8B3F6276339&R=3&RB=0&GB=0&RG=200&RP=0; SRCHHPGUSR=SRCHLANG=en&HV=1735125760&DM=0&NTWKTYP=4g&BRW=M&BRH=S&CW=1280&CH=601&SCW=1263&SCH=1983&DPR=1.0&UTC=0&PV=10.0&WTS=63870722555; USRLOC=HS=1&BLOCK=TS=241225112241; ipv6=hit=1735129361377&t=4; MSPTC=0sId-ydt5KET1eJHPZpHrN8OIiMSzBo8-a6MuCxIyXw
GET

https://www.bing.com/sa/simg/Roboto_Regular.woff2

msedge.exe

Remote address:

95.100.195.148:443

Request

GET /sa/simg/Roboto_Regular.woff2 HTTP/1.1
Host: www.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
Origin: https://www.bing.com
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "90.0.818.66"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
DNT: 1
sec-ch-ua-platform: "Windows"
Accept: */*
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: font
Referer: https://www.bing.com/search?q=mydoom+download&cvid=58d22fbb25184c96826e1baa90a0e51c&aqs=edge.0.0l7.8086j0j4&FORM=ANAB01&PC=U531
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=2338596C739167DE37764C0C725866D5; MUIDB=2338596C739167DE37764C0C725866D5; _EDGE_S=F=1&SID=1237EDD3F7EE629C1C5CF8B3F6276339; _EDGE_V=1; USRLOC=HS=1; _SS=PC=U531&SID=1237EDD3F7EE629C1C5CF8B3F6276339; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=2D3226E919DD4358A046111CD2C18B22&dmnchg=1; SRCHUSR=DOB=20241225; SRCHHPGUSR=SRCHLANG=en; ak_bmsc=2A9335954D3F56E8581EF560E67280CB~000000000000000000000000000000~YAAQhsJkX5eApu2TAQAAQ+eN/RpUqnTT3y0DuOK4JGYnvggFsOXTypTxjSCS2H/QHcqS5/tt98eklF8q24NGXIrzGoufZex6A1fFaYI0HtCXNAmQuV1svccr7m0EXvJ3VvliO+T1k61J9zAUzKtvK2aFs+ul2wAp1uSxNBsiIbRqpqM21hvia0At3e0RLJ7oOrbVsPPZhWTy7+l4ng/bARBf2Hwh2Ap9CsYKoENVXG7Icivuznsh1z4QWy7x5jhQ5Twh6GJQWj3Cg93jzNv5+Rs3xceCOyquicxIYQLJl7UKGsyFt8bjgA/kFCSH4lUnNfL6QPoIcGDmvCsT7fakphMixxP8B6mS1w3OGaqmpzjdjZwbF8wiVNy9Hx2soDk=

Response

HTTP/1.1 200 OK

Content-Length: 15344
Content-Type: font/woff2
Cache-Control: public, max-age=15552000
Last-Modified: Mon, 01 Jan 1601 00:00:00 GMT
X-EventID: 661aafd86e0b4a0c8792a1f83cd446ca
UserAgentReductionOptOut: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
Content-Security-Policy-Report-Only: script-src https: 'strict-dynamic' 'report-sample' 'nonce-3vTAQNKq8Us8FU4N1YKatO/0vBvTusxxyorbrP2yIH8='; base-uri 'self';report-to csp-endpoint
Report-To: {"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
Date: Wed, 25 Dec 2024 11:22:35 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.95c2645f.1735125755.2c2875
GET

https://www.bing.com/rp/5A_wVM0BDlqDmkBnZeuIpN6wkcA.br.js

msedge.exe

Remote address:

95.100.195.148:443

Request

GET /rp/5A_wVM0BDlqDmkBnZeuIpN6wkcA.br.js HTTP/1.1
Host: www.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
Origin: https://www.bing.com
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "90.0.818.66"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
DNT: 1
sec-ch-ua-platform: "Windows"
Accept: */*
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: script
Referer: https://www.bing.com/search?q=mydoom+download&cvid=58d22fbb25184c96826e1baa90a0e51c&aqs=edge.0.0l7.8086j0j4&FORM=ANAB01&PC=U531
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=2338596C739167DE37764C0C725866D5; MUIDB=2338596C739167DE37764C0C725866D5; _EDGE_S=F=1&SID=1237EDD3F7EE629C1C5CF8B3F6276339; _EDGE_V=1; USRLOC=HS=1; _SS=PC=U531&SID=1237EDD3F7EE629C1C5CF8B3F6276339; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=2D3226E919DD4358A046111CD2C18B22&dmnchg=1; SRCHUSR=DOB=20241225; SRCHHPGUSR=SRCHLANG=en; ak_bmsc=2A9335954D3F56E8581EF560E67280CB~000000000000000000000000000000~YAAQhsJkX5eApu2TAQAAQ+eN/RpUqnTT3y0DuOK4JGYnvggFsOXTypTxjSCS2H/QHcqS5/tt98eklF8q24NGXIrzGoufZex6A1fFaYI0HtCXNAmQuV1svccr7m0EXvJ3VvliO+T1k61J9zAUzKtvK2aFs+ul2wAp1uSxNBsiIbRqpqM21hvia0At3e0RLJ7oOrbVsPPZhWTy7+l4ng/bARBf2Hwh2Ap9CsYKoENVXG7Icivuznsh1z4QWy7x5jhQ5Twh6GJQWj3Cg93jzNv5+Rs3xceCOyquicxIYQLJl7UKGsyFt8bjgA/kFCSH4lUnNfL6QPoIcGDmvCsT7fakphMixxP8B6mS1w3OGaqmpzjdjZwbF8wiVNy9Hx2soDk=

Response

HTTP/1.1 200 OK

Expires: Tue, 17 Dec 2024 11:35:55 GMT
Last-Modified: Wed, 20 Nov 2024 06:08:28 GMT
ETag: 0x8DD0929C09196E1
Cache-Control: public, no-transform, max-age=145613
Content-Type: text/javascript; charset=utf-8
Content-MD5: x2EwVHeB7ANtgfiXW7B0ZQ==
x-ms-request-id: cc59156c-a01e-0058-6ab4-3beeeb000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Content-Length: 19842
Akamai-GRN: 0.a9777b5c.1732152262.11413ff4
Timing-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
Date: Wed, 25 Dec 2024 11:22:36 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.95c2645f.1735125755.2c293d
GET

https://www.bing.com/fd/ls/l?IG=7AAC67B96C9140B491DCA5B62937FD8E&CID=2338596C739167DE37764C0C725866D5&Type=Event.ClientInst&DATA=[{%22T%22:%22CI.BM%22,%22FID%22:%22CI%22,%22Name%22:%22HV%22}]

msedge.exe

Remote address:

95.100.195.148:443

Request

GET /fd/ls/l?IG=7AAC67B96C9140B491DCA5B62937FD8E&CID=2338596C739167DE37764C0C725866D5&Type=Event.ClientInst&DATA=[{%22T%22:%22CI.BM%22,%22FID%22:%22CI%22,%22Name%22:%22HV%22}] HTTP/1.1
Host: www.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "90.0.818.66"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://www.bing.com/search?q=mydoom+download&cvid=58d22fbb25184c96826e1baa90a0e51c&aqs=edge.0.0l7.8086j0j4&FORM=ANAB01&PC=U531
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=2338596C739167DE37764C0C725866D5; MUIDB=2338596C739167DE37764C0C725866D5; _EDGE_S=F=1&SID=1237EDD3F7EE629C1C5CF8B3F6276339; _EDGE_V=1; USRLOC=HS=1; _SS=PC=U531&SID=1237EDD3F7EE629C1C5CF8B3F6276339; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=2D3226E919DD4358A046111CD2C18B22&dmnchg=1; SRCHUSR=DOB=20241225; ak_bmsc=2A9335954D3F56E8581EF560E67280CB~000000000000000000000000000000~YAAQhsJkX5eApu2TAQAAQ+eN/RpUqnTT3y0DuOK4JGYnvggFsOXTypTxjSCS2H/QHcqS5/tt98eklF8q24NGXIrzGoufZex6A1fFaYI0HtCXNAmQuV1svccr7m0EXvJ3VvliO+T1k61J9zAUzKtvK2aFs+ul2wAp1uSxNBsiIbRqpqM21hvia0At3e0RLJ7oOrbVsPPZhWTy7+l4ng/bARBf2Hwh2Ap9CsYKoENVXG7Icivuznsh1z4QWy7x5jhQ5Twh6GJQWj3Cg93jzNv5+Rs3xceCOyquicxIYQLJl7UKGsyFt8bjgA/kFCSH4lUnNfL6QPoIcGDmvCsT7fakphMixxP8B6mS1w3OGaqmpzjdjZwbF8wiVNy9Hx2soDk=; SRCHHPGUSR=SRCHLANG=en&HV=1735125756

Response

HTTP/1.1 200 OK

Content-Length: 0
Access-Control-Allow-Origin: *
Date: Wed, 25 Dec 2024 11:22:37 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.95c2645f.1735125757.2c29fc
GET

https://www.bing.com/fd/ls/l?IG=7AAC67B96C9140B491DCA5B62937FD8E&CID=2338596C739167DE37764C0C725866D5&Type=Event.CPT&DATA={%22pp%22:{%22S%22:%22L%22,%22FC%22:1266,%22BC%22:1266,%22SE%22:-1,%22TC%22:-1,%22H%22:1930,%22BP%22:2057,%22CT%22:2064,%22IL%22:1},%22ad%22:[-1,-1,1263,601,1263,1983,0],%22net%22:%22undefined%22}&P=SERP&DA=DUBE01

msedge.exe

Remote address:

95.100.195.148:443

Request

GET /fd/ls/l?IG=7AAC67B96C9140B491DCA5B62937FD8E&CID=2338596C739167DE37764C0C725866D5&Type=Event.CPT&DATA={%22pp%22:{%22S%22:%22L%22,%22FC%22:1266,%22BC%22:1266,%22SE%22:-1,%22TC%22:-1,%22H%22:1930,%22BP%22:2057,%22CT%22:2064,%22IL%22:1},%22ad%22:[-1,-1,1263,601,1263,1983,0],%22net%22:%22undefined%22}&P=SERP&DA=DUBE01 HTTP/1.1
Host: www.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "90.0.818.66"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://www.bing.com/search?q=mydoom+download&cvid=58d22fbb25184c96826e1baa90a0e51c&aqs=edge.0.0l7.8086j0j4&FORM=ANAB01&PC=U531
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=2338596C739167DE37764C0C725866D5; MUIDB=2338596C739167DE37764C0C725866D5; _EDGE_S=F=1&SID=1237EDD3F7EE629C1C5CF8B3F6276339; _EDGE_V=1; USRLOC=HS=1; _SS=PC=U531&SID=1237EDD3F7EE629C1C5CF8B3F6276339; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=2D3226E919DD4358A046111CD2C18B22&dmnchg=1; SRCHUSR=DOB=20241225; ak_bmsc=2A9335954D3F56E8581EF560E67280CB~000000000000000000000000000000~YAAQhsJkX5eApu2TAQAAQ+eN/RpUqnTT3y0DuOK4JGYnvggFsOXTypTxjSCS2H/QHcqS5/tt98eklF8q24NGXIrzGoufZex6A1fFaYI0HtCXNAmQuV1svccr7m0EXvJ3VvliO+T1k61J9zAUzKtvK2aFs+ul2wAp1uSxNBsiIbRqpqM21hvia0At3e0RLJ7oOrbVsPPZhWTy7+l4ng/bARBf2Hwh2Ap9CsYKoENVXG7Icivuznsh1z4QWy7x5jhQ5Twh6GJQWj3Cg93jzNv5+Rs3xceCOyquicxIYQLJl7UKGsyFt8bjgA/kFCSH4lUnNfL6QPoIcGDmvCsT7fakphMixxP8B6mS1w3OGaqmpzjdjZwbF8wiVNy9Hx2soDk=; SRCHHPGUSR=SRCHLANG=en&HV=1735125756

Response

HTTP/1.1 200 OK

Content-Length: 0
Access-Control-Allow-Origin: *
Date: Wed, 25 Dec 2024 11:22:37 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.95c2645f.1735125757.2c307a
GET

https://www.bing.com/fd/ls/l?IG=7AAC67B96C9140B491DCA5B62937FD8E&CID=2338596C739167DE37764C0C725866D5&TYPE=Event.ClientInst&DATA=%5B%7B%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1735125758930%2C%22Name%22%3A%220%22%2C%22FID%22%3A%22EdgeSpoofing%22%7D%2C%7B%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1735125758938%2C%22Name%22%3A%220%22%2C%22FID%22%3A%22DM%22%7D%5D

msedge.exe

Remote address:

95.100.195.148:443

Request

GET /fd/ls/l?IG=7AAC67B96C9140B491DCA5B62937FD8E&CID=2338596C739167DE37764C0C725866D5&TYPE=Event.ClientInst&DATA=%5B%7B%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1735125758930%2C%22Name%22%3A%220%22%2C%22FID%22%3A%22EdgeSpoofing%22%7D%2C%7B%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1735125758938%2C%22Name%22%3A%220%22%2C%22FID%22%3A%22DM%22%7D%5D HTTP/1.1
Host: www.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "90.0.818.66"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://www.bing.com/search?q=mydoom+download&cvid=58d22fbb25184c96826e1baa90a0e51c&aqs=edge.0.0l7.8086j0j4&FORM=ANAB01&PC=U531
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=2338596C739167DE37764C0C725866D5; MUIDB=2338596C739167DE37764C0C725866D5; _EDGE_S=F=1&SID=1237EDD3F7EE629C1C5CF8B3F6276339; _EDGE_V=1; USRLOC=HS=1; _SS=PC=U531&SID=1237EDD3F7EE629C1C5CF8B3F6276339; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=2D3226E919DD4358A046111CD2C18B22&dmnchg=1; SRCHUSR=DOB=20241225; ak_bmsc=2A9335954D3F56E8581EF560E67280CB~000000000000000000000000000000~YAAQhsJkX5eApu2TAQAAQ+eN/RpUqnTT3y0DuOK4JGYnvggFsOXTypTxjSCS2H/QHcqS5/tt98eklF8q24NGXIrzGoufZex6A1fFaYI0HtCXNAmQuV1svccr7m0EXvJ3VvliO+T1k61J9zAUzKtvK2aFs+ul2wAp1uSxNBsiIbRqpqM21hvia0At3e0RLJ7oOrbVsPPZhWTy7+l4ng/bARBf2Hwh2Ap9CsYKoENVXG7Icivuznsh1z4QWy7x5jhQ5Twh6GJQWj3Cg93jzNv5+Rs3xceCOyquicxIYQLJl7UKGsyFt8bjgA/kFCSH4lUnNfL6QPoIcGDmvCsT7fakphMixxP8B6mS1w3OGaqmpzjdjZwbF8wiVNy9Hx2soDk=; SRCHHPGUSR=SRCHLANG=en&HV=1735125756&DM=0

Response

HTTP/1.1 200 OK

Content-Length: 0
Access-Control-Allow-Origin: *
Date: Wed, 25 Dec 2024 11:22:40 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.95c2645f.1735125760.2c3472
GET

https://www.bing.com/images/sbi?mmasync=1&ig=7AAC67B96C9140B491DCA5B62937FD8E&iid=.5094&ptn=Web&ep=0&iconpl=1

msedge.exe

Remote address:

95.100.195.148:443

Request

GET /images/sbi?mmasync=1&ig=7AAC67B96C9140B491DCA5B62937FD8E&iid=.5094&ptn=Web&ep=0&iconpl=1 HTTP/1.1
Host: www.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "90.0.818.66"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
Accept: */*
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/search?q=mydoom+download&cvid=58d22fbb25184c96826e1baa90a0e51c&aqs=edge.0.0l7.8086j0j4&FORM=ANAB01&PC=U531
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=2338596C739167DE37764C0C725866D5; MUIDB=2338596C739167DE37764C0C725866D5; _EDGE_S=F=1&SID=1237EDD3F7EE629C1C5CF8B3F6276339; _EDGE_V=1; USRLOC=HS=1; _SS=PC=U531&SID=1237EDD3F7EE629C1C5CF8B3F6276339; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=2D3226E919DD4358A046111CD2C18B22&dmnchg=1; SRCHUSR=DOB=20241225; ak_bmsc=2A9335954D3F56E8581EF560E67280CB~000000000000000000000000000000~YAAQhsJkX5eApu2TAQAAQ+eN/RpUqnTT3y0DuOK4JGYnvggFsOXTypTxjSCS2H/QHcqS5/tt98eklF8q24NGXIrzGoufZex6A1fFaYI0HtCXNAmQuV1svccr7m0EXvJ3VvliO+T1k61J9zAUzKtvK2aFs+ul2wAp1uSxNBsiIbRqpqM21hvia0At3e0RLJ7oOrbVsPPZhWTy7+l4ng/bARBf2Hwh2Ap9CsYKoENVXG7Icivuznsh1z4QWy7x5jhQ5Twh6GJQWj3Cg93jzNv5+Rs3xceCOyquicxIYQLJl7UKGsyFt8bjgA/kFCSH4lUnNfL6QPoIcGDmvCsT7fakphMixxP8B6mS1w3OGaqmpzjdjZwbF8wiVNy9Hx2soDk=; SRCHHPGUSR=SRCHLANG=en&HV=1735125756&DM=0&NTWKTYP=4g&BRW=M&BRH=S&CW=1280&CH=601&SCW=1263&SCH=1983&DPR=1.0&UTC=0

Response

HTTP/1.1 200 OK

Content-Length: 2958
Content-Type: text/html; charset=utf-8
Cache-Control: private
Content-Encoding: br
Vary: Accept-Encoding
X-EventID: 676beb00552f4255a6e7660560178023
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, ECT, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
UserAgentReductionOptOut: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
Content-Security-Policy: script-src https: 'strict-dynamic' 'report-sample' 'wasm-unsafe-eval' 'nonce-GiPUJQbmiou05fORtSuPM7+2eruT3bccddEMj70R5x8='; base-uri 'self';report-to csp-endpoint
Report-To: {"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
Date: Wed, 25 Dec 2024 11:22:40 GMT
Connection: keep-alive
Set-Cookie: SRCHHPGUSR=SRCHLANG=en&HV=1735125756&DM=0&NTWKTYP=4g&BRW=M&BRH=S&CW=1280&CH=601&SCW=1263&SCH=1983&DPR=1.0&UTC=0&PV=10.0; domain=.bing.com; expires=Mon, 19-Jan-2026 11:22:40 GMT; path=/; secure; SameSite=None
Set-Cookie: SRCHS=; domain=.bing.com; expires=Thu, 01-Jan-1970 08:00:00 GMT; path=/; secure; SameSite=None
Set-Cookie: SRCHS=; expires=Thu, 01-Jan-1970 08:00:00 GMT; path=/; secure; SameSite=None
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.95c2645f.1735125760.2c42f2
GET

https://www.bing.com/fd/ls/l?IG=7AAC67B96C9140B491DCA5B62937FD8E&CID=2338596C739167DE37764C0C725866D5&TYPE=Event.ClientInst&DATA=%5B%7B%22Text%22%3A%220%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1735125760218%2C%22Name%22%3A%22web%22%2C%22FID%22%3A%22DynScopeRank%22%7D%2C%7B%22Text%22%3A%221%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1735125760218%2C%22Name%22%3A%22images%22%2C%22FID%22%3A%22DynScopeRank%22%7D%2C%7B%22Text%22%3A%222%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1735125760218%2C%22Name%22%3A%22video%22%2C%22FID%22%3A%22DynScopeRank%22%7D%2C%7B%22Text%22%3A%223%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1735125760218%2C%22Name%22%3A%22local%22%2C%22FID%22%3A%22DynScopeRank%22%7D%2C%7B%22Text%22%3A%224%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1735125760218%2C%22Name%22%3A%22news%22%2C%22FID%22%3A%22DynScopeRank%22%7D%2C%7B%22Text%22%3A%225%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1735125760218%2C%22Name%22%3A%22shop%22%2C%22FID%22%3A%22DynScopeRank%22%7D%2C%7B%22Text%22%3A%226%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1735125760218%2C%22Name%22%3A%22flights%22%2C%22FID%22%3A%22DynScopeRank%22%7D%2C%7B%22Text%22%3A%227%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1735125760218%2C%22Name%22%3A%22travelhub%22%2C%22FID%22%3A%22DynScopeRank%22%7D%2C%7B%22Text%22%3A%228%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1735125760218%2C%22Name%22%3A%22hotels%22%2C%22FID%22%3A%22DynScopeRank%22%7D%2C%7B%22Fallback%22%3A%221%22%2C%22IsRewardUser%22%3A%22%22%2C%22IsAutoOpenFlyout%22%3A%22%22%2C%22SuppressionReason%22%3A%22NoTrigger%3AMuidTrialNotEnoughPoints%22%2C%22FID%22%3A%22ModernRewardsFlyout%22%2C%22EventName%22%3A%22AutoOpenFlyoutFired%22%2C%22T%22%3A%22CI.Init%22%2C%22TS%22%3A1735125760218%2C%22Name%22%3A%22AutoOpenFlyoutFired%22%7D%5D

msedge.exe

Remote address:

95.100.195.148:443

Request

GET /fd/ls/l?IG=7AAC67B96C9140B491DCA5B62937FD8E&CID=2338596C739167DE37764C0C725866D5&TYPE=Event.ClientInst&DATA=%5B%7B%22Text%22%3A%220%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1735125760218%2C%22Name%22%3A%22web%22%2C%22FID%22%3A%22DynScopeRank%22%7D%2C%7B%22Text%22%3A%221%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1735125760218%2C%22Name%22%3A%22images%22%2C%22FID%22%3A%22DynScopeRank%22%7D%2C%7B%22Text%22%3A%222%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1735125760218%2C%22Name%22%3A%22video%22%2C%22FID%22%3A%22DynScopeRank%22%7D%2C%7B%22Text%22%3A%223%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1735125760218%2C%22Name%22%3A%22local%22%2C%22FID%22%3A%22DynScopeRank%22%7D%2C%7B%22Text%22%3A%224%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1735125760218%2C%22Name%22%3A%22news%22%2C%22FID%22%3A%22DynScopeRank%22%7D%2C%7B%22Text%22%3A%225%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1735125760218%2C%22Name%22%3A%22shop%22%2C%22FID%22%3A%22DynScopeRank%22%7D%2C%7B%22Text%22%3A%226%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1735125760218%2C%22Name%22%3A%22flights%22%2C%22FID%22%3A%22DynScopeRank%22%7D%2C%7B%22Text%22%3A%227%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1735125760218%2C%22Name%22%3A%22travelhub%22%2C%22FID%22%3A%22DynScopeRank%22%7D%2C%7B%22Text%22%3A%228%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1735125760218%2C%22Name%22%3A%22hotels%22%2C%22FID%22%3A%22DynScopeRank%22%7D%2C%7B%22Fallback%22%3A%221%22%2C%22IsRewardUser%22%3A%22%22%2C%22IsAutoOpenFlyout%22%3A%22%22%2C%22SuppressionReason%22%3A%22NoTrigger%3AMuidTrialNotEnoughPoints%22%2C%22FID%22%3A%22ModernRewardsFlyout%22%2C%22EventName%22%3A%22AutoOpenFlyoutFired%22%2C%22T%22%3A%22CI.Init%22%2C%22TS%22%3A1735125760218%2C%22Name%22%3A%22AutoOpenFlyoutFired%22%7D%5D HTTP/1.1
Host: www.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "90.0.818.66"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://www.bing.com/search?q=mydoom+download&cvid=58d22fbb25184c96826e1baa90a0e51c&aqs=edge.0.0l7.8086j0j4&FORM=ANAB01&PC=U531
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=2338596C739167DE37764C0C725866D5; _EDGE_S=F=1&SID=1237EDD3F7EE629C1C5CF8B3F6276339; _EDGE_V=1; USRLOC=HS=1; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=2D3226E919DD4358A046111CD2C18B22&dmnchg=1; ak_bmsc=2A9335954D3F56E8581EF560E67280CB~000000000000000000000000000000~YAAQhsJkX5eApu2TAQAAQ+eN/RpUqnTT3y0DuOK4JGYnvggFsOXTypTxjSCS2H/QHcqS5/tt98eklF8q24NGXIrzGoufZex6A1fFaYI0HtCXNAmQuV1svccr7m0EXvJ3VvliO+T1k61J9zAUzKtvK2aFs+ul2wAp1uSxNBsiIbRqpqM21hvia0At3e0RLJ7oOrbVsPPZhWTy7+l4ng/bARBf2Hwh2Ap9CsYKoENVXG7Icivuznsh1z4QWy7x5jhQ5Twh6GJQWj3Cg93jzNv5+Rs3xceCOyquicxIYQLJl7UKGsyFt8bjgA/kFCSH4lUnNfL6QPoIcGDmvCsT7fakphMixxP8B6mS1w3OGaqmpzjdjZwbF8wiVNy9Hx2soDk=; MUIDB=2338596C739167DE37764C0C725866D5; SRCHUSR=DOB=20241225&T=1735125755000; _C_ETH=1; _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-12-25T08:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-12-25T11:22:41.1737217+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _Rwho=u=d&ts=2024-12-25; _SS=PC=U531&SID=1237EDD3F7EE629C1C5CF8B3F6276339&R=3&RB=0&GB=0&RG=200&RP=0; SRCHHPGUSR=SRCHLANG=en&HV=1735125760&DM=0&NTWKTYP=4g&BRW=M&BRH=S&CW=1280&CH=601&SCW=1263&SCH=1983&DPR=1.0&UTC=0&PV=10.0

Response

HTTP/1.1 200 OK

Content-Length: 0
Access-Control-Allow-Origin: *
Date: Wed, 25 Dec 2024 11:22:41 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.95c2645f.1735125761.2c44ae
GET

https://www.bing.com/fd/ls/l?IG=7AAC67B96C9140B491DCA5B62937FD8E&CID=2338596C739167DE37764C0C725866D5&TYPE=Event.ClientInst&DATA=%5B%7B%22T%22%3A%22CI.DevLoc%22%2C%22TS%22%3A1735125760218%2C%22Name%22%3A%22tryBlock%22%2C%22FID%22%3A%22AutoPrompt%22%7D%5D

msedge.exe

Remote address:

95.100.195.148:443

Request

GET /fd/ls/l?IG=7AAC67B96C9140B491DCA5B62937FD8E&CID=2338596C739167DE37764C0C725866D5&TYPE=Event.ClientInst&DATA=%5B%7B%22T%22%3A%22CI.DevLoc%22%2C%22TS%22%3A1735125760218%2C%22Name%22%3A%22tryBlock%22%2C%22FID%22%3A%22AutoPrompt%22%7D%5D HTTP/1.1
Host: www.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "90.0.818.66"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://www.bing.com/search?q=mydoom+download&cvid=58d22fbb25184c96826e1baa90a0e51c&aqs=edge.0.0l7.8086j0j4&FORM=ANAB01&PC=U531
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=2338596C739167DE37764C0C725866D5; _EDGE_S=F=1&SID=1237EDD3F7EE629C1C5CF8B3F6276339; _EDGE_V=1; USRLOC=HS=1; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=2D3226E919DD4358A046111CD2C18B22&dmnchg=1; ak_bmsc=2A9335954D3F56E8581EF560E67280CB~000000000000000000000000000000~YAAQhsJkX5eApu2TAQAAQ+eN/RpUqnTT3y0DuOK4JGYnvggFsOXTypTxjSCS2H/QHcqS5/tt98eklF8q24NGXIrzGoufZex6A1fFaYI0HtCXNAmQuV1svccr7m0EXvJ3VvliO+T1k61J9zAUzKtvK2aFs+ul2wAp1uSxNBsiIbRqpqM21hvia0At3e0RLJ7oOrbVsPPZhWTy7+l4ng/bARBf2Hwh2Ap9CsYKoENVXG7Icivuznsh1z4QWy7x5jhQ5Twh6GJQWj3Cg93jzNv5+Rs3xceCOyquicxIYQLJl7UKGsyFt8bjgA/kFCSH4lUnNfL6QPoIcGDmvCsT7fakphMixxP8B6mS1w3OGaqmpzjdjZwbF8wiVNy9Hx2soDk=; MUIDB=2338596C739167DE37764C0C725866D5; SRCHUSR=DOB=20241225&T=1735125755000; _C_ETH=1; _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-12-25T08:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-12-25T11:22:41.1737217+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _Rwho=u=d&ts=2024-12-25; _SS=PC=U531&SID=1237EDD3F7EE629C1C5CF8B3F6276339&R=3&RB=0&GB=0&RG=200&RP=0; SRCHHPGUSR=SRCHLANG=en&HV=1735125760&DM=0&NTWKTYP=4g&BRW=M&BRH=S&CW=1280&CH=601&SCW=1263&SCH=1983&DPR=1.0&UTC=0&PV=10.0&WTS=63870722555

Response

HTTP/1.1 200 OK

Content-Length: 0
Access-Control-Allow-Origin: *
Date: Wed, 25 Dec 2024 11:22:41 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.95c2645f.1735125761.2c4b70
GET

https://www.bing.com/ck/a?!&&p=de6807f3b40c57a424a6bfab0ca751f9f300e16f09aabf53b7f7d537deea5361JmltdHM9MTczNTA4NDgwMA&ptn=3&ver=2&hsh=4&fclid=2338596c-7391-67de-3776-4c0c725866d5&psq=mydoom+download&u=a1aHR0cHM6Ly9naXRodWIuY29tL0RhMmRhbHVzL1RoZS1NQUxXQVJFLVJlcG8&ntb=1

msedge.exe

Remote address:

95.100.195.148:443

Request

GET /ck/a?!&&p=de6807f3b40c57a424a6bfab0ca751f9f300e16f09aabf53b7f7d537deea5361JmltdHM9MTczNTA4NDgwMA&ptn=3&ver=2&hsh=4&fclid=2338596c-7391-67de-3776-4c0c725866d5&psq=mydoom+download&u=a1aHR0cHM6Ly9naXRodWIuY29tL0RhMmRhbHVzL1RoZS1NQUxXQVJFLVJlcG8&ntb=1 HTTP/1.1
Host: www.bing.com
Connection: keep-alive
ect: 4g
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
sec-ch-ua-mobile: ?0
sec-ch-ua-full-version: "90.0.818.66"
sec-ch-ua-arch: "x86"
sec-ch-ua-platform: "Windows"
sec-ch-ua-platform-version: "10.0"
sec-ch-ua-model: ""
DNT: 1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Referer: https://www.bing.com/search?q=mydoom+download&cvid=58d22fbb25184c96826e1baa90a0e51c&aqs=edge.0.0l7.8086j0j4&FORM=ANAB01&PC=U531
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=2338596C739167DE37764C0C725866D5; _EDGE_S=F=1&SID=1237EDD3F7EE629C1C5CF8B3F6276339; _EDGE_V=1; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=2D3226E919DD4358A046111CD2C18B22&dmnchg=1; ak_bmsc=2A9335954D3F56E8581EF560E67280CB~000000000000000000000000000000~YAAQhsJkX5eApu2TAQAAQ+eN/RpUqnTT3y0DuOK4JGYnvggFsOXTypTxjSCS2H/QHcqS5/tt98eklF8q24NGXIrzGoufZex6A1fFaYI0HtCXNAmQuV1svccr7m0EXvJ3VvliO+T1k61J9zAUzKtvK2aFs+ul2wAp1uSxNBsiIbRqpqM21hvia0At3e0RLJ7oOrbVsPPZhWTy7+l4ng/bARBf2Hwh2Ap9CsYKoENVXG7Icivuznsh1z4QWy7x5jhQ5Twh6GJQWj3Cg93jzNv5+Rs3xceCOyquicxIYQLJl7UKGsyFt8bjgA/kFCSH4lUnNfL6QPoIcGDmvCsT7fakphMixxP8B6mS1w3OGaqmpzjdjZwbF8wiVNy9Hx2soDk=; MUIDB=2338596C739167DE37764C0C725866D5; SRCHUSR=DOB=20241225&T=1735125755000; _C_ETH=1; _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-12-25T08:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-12-25T11:22:41.1737217+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _Rwho=u=d&ts=2024-12-25; _SS=PC=U531&SID=1237EDD3F7EE629C1C5CF8B3F6276339&R=3&RB=0&GB=0&RG=200&RP=0; SRCHHPGUSR=SRCHLANG=en&HV=1735125760&DM=0&NTWKTYP=4g&BRW=M&BRH=S&CW=1280&CH=601&SCW=1263&SCH=1983&DPR=1.0&UTC=0&PV=10.0&WTS=63870722555; USRLOC=HS=1&BLOCK=TS=241225112241; ipv6=hit=1735129361377&t=4

Response

HTTP/1.1 200 OK

Cache-Control: no-cache, must-revalidate
Pragma: no-cache
Content-Length: 1201
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
X-MSEdge-Ref: Ref A: A302AD74886C4B04954D0B83493A4DBD Ref B: LON601060101054 Ref C: 2024-12-25T11:22:44Z
Date: Wed, 25 Dec 2024 11:22:44 GMT
Connection: keep-alive
Set-Cookie: MSPTC=0sId-ydt5KET1eJHPZpHrN8OIiMSzBo8-a6MuCxIyXw; domain=.bing.com; expires=Mon, 19-Jan-2026 11:22:44 GMT; path=/; Partitioned; secure; SameSite=None
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.95c2645f.1735125764.2c4c4d
GET

https://www.bing.com/favicon.ico

msedge.exe

Remote address:

95.100.195.148:443

Request

GET /favicon.ico HTTP/1.1
Host: www.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "90.0.818.66"
sec-ch-ua-platform-version: "10.0"
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://www.bing.com/search?q=mydoom+download&cvid=58d22fbb25184c96826e1baa90a0e51c&aqs=edge.0.0l7.8086j0j4&FORM=ANAB01&PC=U531
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=2338596C739167DE37764C0C725866D5; _EDGE_S=F=1&SID=1237EDD3F7EE629C1C5CF8B3F6276339; _EDGE_V=1; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=2D3226E919DD4358A046111CD2C18B22&dmnchg=1; ak_bmsc=2A9335954D3F56E8581EF560E67280CB~000000000000000000000000000000~YAAQhsJkX5eApu2TAQAAQ+eN/RpUqnTT3y0DuOK4JGYnvggFsOXTypTxjSCS2H/QHcqS5/tt98eklF8q24NGXIrzGoufZex6A1fFaYI0HtCXNAmQuV1svccr7m0EXvJ3VvliO+T1k61J9zAUzKtvK2aFs+ul2wAp1uSxNBsiIbRqpqM21hvia0At3e0RLJ7oOrbVsPPZhWTy7+l4ng/bARBf2Hwh2Ap9CsYKoENVXG7Icivuznsh1z4QWy7x5jhQ5Twh6GJQWj3Cg93jzNv5+Rs3xceCOyquicxIYQLJl7UKGsyFt8bjgA/kFCSH4lUnNfL6QPoIcGDmvCsT7fakphMixxP8B6mS1w3OGaqmpzjdjZwbF8wiVNy9Hx2soDk=; MUIDB=2338596C739167DE37764C0C725866D5; SRCHUSR=DOB=20241225&T=1735125755000; _C_ETH=1; _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-12-25T08:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-12-25T11:22:41.1737217+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _Rwho=u=d&ts=2024-12-25; _SS=PC=U531&SID=1237EDD3F7EE629C1C5CF8B3F6276339&R=3&RB=0&GB=0&RG=200&RP=0; SRCHHPGUSR=SRCHLANG=en&HV=1735125760&DM=0&NTWKTYP=4g&BRW=M&BRH=S&CW=1280&CH=601&SCW=1263&SCH=1983&DPR=1.0&UTC=0&PV=10.0&WTS=63870722555; USRLOC=HS=1&BLOCK=TS=241225112241; ipv6=hit=1735129361377&t=4; MSPTC=0sId-ydt5KET1eJHPZpHrN8OIiMSzBo8-a6MuCxIyXw

Response

HTTP/1.1 200 OK

Cache-Control: public, max-age=15552000
Content-Length: 4286
Content-Type: image/x-icon
Last-Modified: Mon, 01 Jan 1601 00:00:00 GMT
X-EventID: 671d38380daa45358752380be0ef9c9f
UserAgentReductionOptOut: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
Accept-CH: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
X-MSEdge-Ref: Ref A: 72C2277C18134CF1A17E3939708919D7 Ref B: LON601060105036 Ref C: 2024-10-30T06:19:47Z
Date: Wed, 25 Dec 2024 11:22:45 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.95c2645f.1735125765.2c5d73
GET

https://www.bing.com/qbox?query=&language=en-US&pt=EdgBox&cvid=da51f10fee9e4c68929b4d4f7a55def8&oit=0

msedge.exe

Remote address:

95.100.195.148:443

Request

GET /qbox?query=&language=en-US&pt=EdgBox&cvid=da51f10fee9e4c68929b4d4f7a55def8&oit=0 HTTP/1.1
Host: www.bing.com
Connection: keep-alive
Sec-Fetch-Site: none
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=2338596C739167DE37764C0C725866D5; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=2D3226E919DD4358A046111CD2C18B22&dmnchg=1; SRCHUSR=DOB=20241225&T=1735125755000; _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-12-25T08:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-12-25T11:22:41.1737217+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _Rwho=u=d&ts=2024-12-25; _SS=PC=U531&SID=1237EDD3F7EE629C1C5CF8B3F6276339&R=3&RB=0&GB=0&RG=200&RP=0; SRCHHPGUSR=SRCHLANG=en&HV=1735125760&DM=0&NTWKTYP=4g&BRW=M&BRH=S&CW=1280&CH=601&SCW=1263&SCH=1983&DPR=1.0&UTC=0&PV=10.0&WTS=63870722555; USRLOC=HS=1&BLOCK=TS=241225112241; ipv6=hit=1735129361377&t=4; MSPTC=0sId-ydt5KET1eJHPZpHrN8OIiMSzBo8-a6MuCxIyXw

Response

HTTP/1.1 200 OK

Content-Length: 285
Content-Type: application/json; charset=utf-8
Cache-Control: public, max-age=300
Content-Encoding: br
Vary: Accept-Encoding
X-EventID: 676beb3c84b1494fad9ecf34ca1a8da3
UserAgentReductionOptOut: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
Content-Security-Policy: script-src https: 'strict-dynamic' 'report-sample' 'wasm-unsafe-eval' 'nonce-hlVA3RR/rp2fh6Hd6UZUqYyoJnFYkhbCgo9dRdlY9Dk='; base-uri 'self';report-to csp-endpoint
Report-To: {"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
Date: Wed, 25 Dec 2024 11:23:40 GMT
Connection: keep-alive
Set-Cookie: MUIDB=2338596C739167DE37764C0C725866D5; expires=Mon, 19-Jan-2026 11:23:40 GMT; path=/; HttpOnly
Set-Cookie: _EDGE_S=SID=2CF89B8297AB6E4304A68EE296336F8A; domain=.bing.com; path=/; HttpOnly
Set-Cookie: SRCHHPGUSR=SRCHLANG=en&HV=1735125760&DM=0&NTWKTYP=4g&BRW=M&BRH=S&CW=1280&CH=601&SCW=1263&SCH=1983&DPR=1.0&UTC=0&PV=10.0&WTS=63870722555; domain=.bing.com; expires=Mon, 19-Jan-2026 11:23:40 GMT; path=/; secure; SameSite=None
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.95c2645f.1735125820.2c5df5
GET

https://www.bing.com/qbox?query=f&language=en-US&pt=EdgBox&cvid=da51f10fee9e4c68929b4d4f7a55def8&ig=32d6dbad680c43498b21b381615abd3e&oit=1&cp=1&pgcl=4

msedge.exe

Remote address:

95.100.195.148:443

Request

GET /qbox?query=f&language=en-US&pt=EdgBox&cvid=da51f10fee9e4c68929b4d4f7a55def8&ig=32d6dbad680c43498b21b381615abd3e&oit=1&cp=1&pgcl=4 HTTP/1.1
Host: www.bing.com
Connection: keep-alive
Sec-Fetch-Site: none
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=2338596C739167DE37764C0C725866D5; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=2D3226E919DD4358A046111CD2C18B22&dmnchg=1; SRCHUSR=DOB=20241225&T=1735125755000; _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-12-25T08:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-12-25T11:22:41.1737217+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _Rwho=u=d&ts=2024-12-25; _SS=PC=U531&SID=1237EDD3F7EE629C1C5CF8B3F6276339&R=3&RB=0&GB=0&RG=200&RP=0; SRCHHPGUSR=SRCHLANG=en&HV=1735125760&DM=0&NTWKTYP=4g&BRW=M&BRH=S&CW=1280&CH=601&SCW=1263&SCH=1983&DPR=1.0&UTC=0&PV=10.0&WTS=63870722555; USRLOC=HS=1&BLOCK=TS=241225112241; ipv6=hit=1735129361377&t=4; MSPTC=0sId-ydt5KET1eJHPZpHrN8OIiMSzBo8-a6MuCxIyXw
GET

https://www.bing.com/fd/ls/l?IG=7AAC67B96C9140B491DCA5B62937FD8E&CID=2338596C739167DE37764C0C725866D5&TYPE=Event.ClientInst&DATA=%5B%7B%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1735125758944%2C%22Name%22%3A%224g%22%2C%22FID%22%3A%22NTWKTYP%22%7D%5D

msedge.exe

Remote address:

95.100.195.148:443

Request

GET /fd/ls/l?IG=7AAC67B96C9140B491DCA5B62937FD8E&CID=2338596C739167DE37764C0C725866D5&TYPE=Event.ClientInst&DATA=%5B%7B%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1735125758944%2C%22Name%22%3A%224g%22%2C%22FID%22%3A%22NTWKTYP%22%7D%5D HTTP/1.1
Host: www.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "90.0.818.66"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://www.bing.com/search?q=mydoom+download&cvid=58d22fbb25184c96826e1baa90a0e51c&aqs=edge.0.0l7.8086j0j4&FORM=ANAB01&PC=U531
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=2338596C739167DE37764C0C725866D5; MUIDB=2338596C739167DE37764C0C725866D5; _EDGE_S=F=1&SID=1237EDD3F7EE629C1C5CF8B3F6276339; _EDGE_V=1; USRLOC=HS=1; _SS=PC=U531&SID=1237EDD3F7EE629C1C5CF8B3F6276339; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=2D3226E919DD4358A046111CD2C18B22&dmnchg=1; SRCHUSR=DOB=20241225; ak_bmsc=2A9335954D3F56E8581EF560E67280CB~000000000000000000000000000000~YAAQhsJkX5eApu2TAQAAQ+eN/RpUqnTT3y0DuOK4JGYnvggFsOXTypTxjSCS2H/QHcqS5/tt98eklF8q24NGXIrzGoufZex6A1fFaYI0HtCXNAmQuV1svccr7m0EXvJ3VvliO+T1k61J9zAUzKtvK2aFs+ul2wAp1uSxNBsiIbRqpqM21hvia0At3e0RLJ7oOrbVsPPZhWTy7+l4ng/bARBf2Hwh2Ap9CsYKoENVXG7Icivuznsh1z4QWy7x5jhQ5Twh6GJQWj3Cg93jzNv5+Rs3xceCOyquicxIYQLJl7UKGsyFt8bjgA/kFCSH4lUnNfL6QPoIcGDmvCsT7fakphMixxP8B6mS1w3OGaqmpzjdjZwbF8wiVNy9Hx2soDk=; SRCHHPGUSR=SRCHLANG=en&HV=1735125756&DM=0&NTWKTYP=4g

Response

HTTP/1.1 200 OK

Content-Length: 0
Access-Control-Allow-Origin: *
Date: Wed, 25 Dec 2024 11:22:40 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.a9c2645f.1735125760.59a5e17
GET

https://www.bing.com/fd/ls/l?IG=7AAC67B96C9140B491DCA5B62937FD8E&CID=2338596C739167DE37764C0C725866D5&Type=Event.ClientInst&DATA=[{%22T%22:%22CI.SERPSB%22,%22FID%22:%22CI%22,%22Name%22:%22LandingRows%22,%22Text%22:%221%22}]

msedge.exe

Remote address:

95.100.195.148:443

Request

GET /fd/ls/l?IG=7AAC67B96C9140B491DCA5B62937FD8E&CID=2338596C739167DE37764C0C725866D5&Type=Event.ClientInst&DATA=[{%22T%22:%22CI.SERPSB%22,%22FID%22:%22CI%22,%22Name%22:%22LandingRows%22,%22Text%22:%221%22}] HTTP/1.1
Host: www.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "90.0.818.66"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://www.bing.com/search?q=mydoom+download&cvid=58d22fbb25184c96826e1baa90a0e51c&aqs=edge.0.0l7.8086j0j4&FORM=ANAB01&PC=U531
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=2338596C739167DE37764C0C725866D5; MUIDB=2338596C739167DE37764C0C725866D5; _EDGE_S=F=1&SID=1237EDD3F7EE629C1C5CF8B3F6276339; _EDGE_V=1; USRLOC=HS=1; _SS=PC=U531&SID=1237EDD3F7EE629C1C5CF8B3F6276339; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=2D3226E919DD4358A046111CD2C18B22&dmnchg=1; SRCHUSR=DOB=20241225; ak_bmsc=2A9335954D3F56E8581EF560E67280CB~000000000000000000000000000000~YAAQhsJkX5eApu2TAQAAQ+eN/RpUqnTT3y0DuOK4JGYnvggFsOXTypTxjSCS2H/QHcqS5/tt98eklF8q24NGXIrzGoufZex6A1fFaYI0HtCXNAmQuV1svccr7m0EXvJ3VvliO+T1k61J9zAUzKtvK2aFs+ul2wAp1uSxNBsiIbRqpqM21hvia0At3e0RLJ7oOrbVsPPZhWTy7+l4ng/bARBf2Hwh2Ap9CsYKoENVXG7Icivuznsh1z4QWy7x5jhQ5Twh6GJQWj3Cg93jzNv5+Rs3xceCOyquicxIYQLJl7UKGsyFt8bjgA/kFCSH4lUnNfL6QPoIcGDmvCsT7fakphMixxP8B6mS1w3OGaqmpzjdjZwbF8wiVNy9Hx2soDk=; SRCHHPGUSR=SRCHLANG=en&HV=1735125756&DM=0&NTWKTYP=4g&BRW=M&BRH=S&CW=1280&CH=601&SCW=1263&SCH=1983&DPR=1.0&UTC=0

Response

HTTP/1.1 200 OK

Content-Length: 0
Access-Control-Allow-Origin: *
Date: Wed, 25 Dec 2024 11:22:40 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.a9c2645f.1735125760.59a779a
GET

https://www.bing.com/geolocation/write?isBlocked=true&sid=1237EDD3F7EE629C1C5CF8B3F6276339&clientsid=undefined

msedge.exe

Remote address:

95.100.195.148:443

Request

GET /geolocation/write?isBlocked=true&sid=1237EDD3F7EE629C1C5CF8B3F6276339&clientsid=undefined HTTP/1.1
Host: www.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "90.0.818.66"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
Accept: */*
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/search?q=mydoom+download&cvid=58d22fbb25184c96826e1baa90a0e51c&aqs=edge.0.0l7.8086j0j4&FORM=ANAB01&PC=U531
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=2338596C739167DE37764C0C725866D5; _EDGE_S=F=1&SID=1237EDD3F7EE629C1C5CF8B3F6276339; _EDGE_V=1; USRLOC=HS=1; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=2D3226E919DD4358A046111CD2C18B22&dmnchg=1; ak_bmsc=2A9335954D3F56E8581EF560E67280CB~000000000000000000000000000000~YAAQhsJkX5eApu2TAQAAQ+eN/RpUqnTT3y0DuOK4JGYnvggFsOXTypTxjSCS2H/QHcqS5/tt98eklF8q24NGXIrzGoufZex6A1fFaYI0HtCXNAmQuV1svccr7m0EXvJ3VvliO+T1k61J9zAUzKtvK2aFs+ul2wAp1uSxNBsiIbRqpqM21hvia0At3e0RLJ7oOrbVsPPZhWTy7+l4ng/bARBf2Hwh2Ap9CsYKoENVXG7Icivuznsh1z4QWy7x5jhQ5Twh6GJQWj3Cg93jzNv5+Rs3xceCOyquicxIYQLJl7UKGsyFt8bjgA/kFCSH4lUnNfL6QPoIcGDmvCsT7fakphMixxP8B6mS1w3OGaqmpzjdjZwbF8wiVNy9Hx2soDk=; MUIDB=2338596C739167DE37764C0C725866D5; SRCHUSR=DOB=20241225&T=1735125755000; _C_ETH=1; _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-12-25T08:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-12-25T11:22:41.1737217+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _Rwho=u=d&ts=2024-12-25; _SS=PC=U531&SID=1237EDD3F7EE629C1C5CF8B3F6276339&R=3&RB=0&GB=0&RG=200&RP=0; SRCHHPGUSR=SRCHLANG=en&HV=1735125760&DM=0&NTWKTYP=4g&BRW=M&BRH=S&CW=1280&CH=601&SCW=1263&SCH=1983&DPR=1.0&UTC=0&PV=10.0

Response

HTTP/1.1 200 OK

Cache-Control: private
Content-Length: 1
Content-Type: text/html
Content-Encoding: br
Vary: Accept-Encoding
P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
X-EventID: 676beb01481f40e7a4bda0592f4edb48
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, ECT, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
UserAgentReductionOptOut: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
Content-Security-Policy: script-src https: 'strict-dynamic' 'report-sample' 'wasm-unsafe-eval' 'nonce-AmN/pajtA8FVcESh27q/NFeL34jNyms9HUy10r3//sM='; base-uri 'self';report-to csp-endpoint
Report-To: {"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
X-MSEdge-Ref: Ref A: B296701BA4D04624B12B1C2EA3EAC5C8 Ref B: LON601060104034 Ref C: 2024-12-25T11:22:41Z
Date: Wed, 25 Dec 2024 11:22:41 GMT
Connection: keep-alive
Set-Cookie: MUIDB=2338596C739167DE37764C0C725866D5; expires=Mon, 19-Jan-2026 11:22:41 GMT; path=/; HttpOnly
Set-Cookie: USRLOC=HS=1&BLOCK=TS=241225112241; domain=.bing.com; expires=Mon, 19-Jan-2026 11:22:41 GMT; path=/; secure; HttpOnly; SameSite=None
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.a9c2645f.1735125761.59a78cd
GET

https://www.bing.com/fd/ls/l?IG=7AAC67B96C9140B491DCA5B62937FD8E&CID=2338596C739167DE37764C0C725866D5&TYPE=Event.ClientInst&DATA=%5B%7B%22T%22%3A%22CI.ASBundleLoad%22%2C%22TS%22%3A1735125760371%2C%22Name%22%3A%22AutoSuggestBootstrap%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22LoadTime%22%3A%224979.5000000158325%22%2C%22T%22%3A%22CI.AutosuggestBootstrapLoaded%22%2C%22TS%22%3A1735125760373%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22LoadTime%22%3A%226373.500000016065%22%2C%22T%22%3A%22CI.AutosuggestJSBundleLoaded%22%2C%22TS%22%3A1735125760373%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22T%22%3A%22CI.DevLoc%22%2C%22TS%22%3A1735125760405%2C%22Name%22%3A%22BlockSuccess%22%2C%22FID%22%3A%22AutoPrompt%22%7D%5D

msedge.exe

Remote address:

95.100.195.148:443

Request

GET /fd/ls/l?IG=7AAC67B96C9140B491DCA5B62937FD8E&CID=2338596C739167DE37764C0C725866D5&TYPE=Event.ClientInst&DATA=%5B%7B%22T%22%3A%22CI.ASBundleLoad%22%2C%22TS%22%3A1735125760371%2C%22Name%22%3A%22AutoSuggestBootstrap%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22LoadTime%22%3A%224979.5000000158325%22%2C%22T%22%3A%22CI.AutosuggestBootstrapLoaded%22%2C%22TS%22%3A1735125760373%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22LoadTime%22%3A%226373.500000016065%22%2C%22T%22%3A%22CI.AutosuggestJSBundleLoaded%22%2C%22TS%22%3A1735125760373%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22T%22%3A%22CI.DevLoc%22%2C%22TS%22%3A1735125760405%2C%22Name%22%3A%22BlockSuccess%22%2C%22FID%22%3A%22AutoPrompt%22%7D%5D HTTP/1.1
Host: www.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "90.0.818.66"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://www.bing.com/search?q=mydoom+download&cvid=58d22fbb25184c96826e1baa90a0e51c&aqs=edge.0.0l7.8086j0j4&FORM=ANAB01&PC=U531
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=2338596C739167DE37764C0C725866D5; _EDGE_S=F=1&SID=1237EDD3F7EE629C1C5CF8B3F6276339; _EDGE_V=1; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=2D3226E919DD4358A046111CD2C18B22&dmnchg=1; ak_bmsc=2A9335954D3F56E8581EF560E67280CB~000000000000000000000000000000~YAAQhsJkX5eApu2TAQAAQ+eN/RpUqnTT3y0DuOK4JGYnvggFsOXTypTxjSCS2H/QHcqS5/tt98eklF8q24NGXIrzGoufZex6A1fFaYI0HtCXNAmQuV1svccr7m0EXvJ3VvliO+T1k61J9zAUzKtvK2aFs+ul2wAp1uSxNBsiIbRqpqM21hvia0At3e0RLJ7oOrbVsPPZhWTy7+l4ng/bARBf2Hwh2Ap9CsYKoENVXG7Icivuznsh1z4QWy7x5jhQ5Twh6GJQWj3Cg93jzNv5+Rs3xceCOyquicxIYQLJl7UKGsyFt8bjgA/kFCSH4lUnNfL6QPoIcGDmvCsT7fakphMixxP8B6mS1w3OGaqmpzjdjZwbF8wiVNy9Hx2soDk=; MUIDB=2338596C739167DE37764C0C725866D5; SRCHUSR=DOB=20241225&T=1735125755000; _C_ETH=1; _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-12-25T08:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-12-25T11:22:41.1737217+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _Rwho=u=d&ts=2024-12-25; _SS=PC=U531&SID=1237EDD3F7EE629C1C5CF8B3F6276339&R=3&RB=0&GB=0&RG=200&RP=0; SRCHHPGUSR=SRCHLANG=en&HV=1735125760&DM=0&NTWKTYP=4g&BRW=M&BRH=S&CW=1280&CH=601&SCW=1263&SCH=1983&DPR=1.0&UTC=0&PV=10.0&WTS=63870722555; USRLOC=HS=1&BLOCK=TS=241225112241

Response

HTTP/1.1 200 OK

Content-Length: 0
Access-Control-Allow-Origin: *
Date: Wed, 25 Dec 2024 11:22:41 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.a9c2645f.1735125761.59a8033
GET

https://www.bing.com/secure/Passport.aspx?popup=1&ssl=1

msedge.exe

Remote address:

95.100.195.148:443

Request

GET /secure/Passport.aspx?popup=1&ssl=1 HTTP/1.1
Host: www.bing.com
Connection: keep-alive
Upgrade-Insecure-Requests: 1
DNT: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
ect: 4g
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
sec-ch-ua-mobile: ?0
sec-ch-ua-full-version: "90.0.818.66"
sec-ch-ua-arch: "x86"
sec-ch-ua-platform: "Windows"
sec-ch-ua-platform-version: "10.0"
sec-ch-ua-model: ""
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: DIDC=ct%3D1735125761%26hashalg%3DSHA256%26bver%3D40%26appid%3DDefault%26da%3D%253CEncryptedData%2520xmlns%253D%2522http://www.w3.org/2001/04/xmlenc%2523%2522%2520Id%253D%2522devicesoftware%2522%2520Type%253D%2522http://www.w3.org/2001/04/xmlenc%2523Element%2522%253E%253CEncryptionMethod%2520Algorithm%253D%2522http://www.w3.org/2001/04/xmlenc%2523tripledes-cbc%2522%253E%253C/EncryptionMethod%253E%253Cds:KeyInfo%2520xmlns:ds%253D%2522http://www.w3.org/2000/09/xmldsig%2523%2522%253E%253Cds:KeyName%253Ehttp://Passport.NET/STS%253C/ds:KeyName%253E%253C/ds:KeyInfo%253E%253CCipherData%253E%253CCipherValue%253EM.C510_BAY.0.D.Cl7KrrE53u56k/R7RhAo3vjRlKR5%252BNK3oBvDWipdHiyAKUOP6qhW0QtQ%252BJAUuJXaHco0hS8yh3JpuUoFY8DV45QFyB5KbankoeJfTUM4wuaHM8A/Yu4PC7MFhJ74L4lKlXB61vLfgb6z/qljXOpPAcQ8EWuvNGOV2tLqno85QaVns1vRmtUlPvFsl12a8VspAYIOkFxuVBkM8xIhp1VBU32LX2UaEtKcMpUWOv9bMXcNXwTYhIfgLVIRCui2WhtkT2AUnEDksfodGc%252BO90zS5yS3aGr3Lb6OCQ8C2/ggCE50UmCk5/EbLVvTqp6XubwOphwJ46Jlr6Xu26e8sx9vLLHE8gIVYg8LY8/K0yKDYaxYZYH8SjMwu1zQhQLkQCI17GxYW3XniP6DDh3xRxKGVrJPENNx6z2%252Bnz7nTKAYisPFxBO%252BSJeF1gKtEZhMVneWwTgDs5N7/pwO6Y5tjOXqaUNcJSabEvFhHu/KJOPcPWfJ4n3WcHayaVtSM0Xi2P2d/lCx7sAsDPqz%252Br2tBp4Kk7AFQNncM7I3e3hBB19lNckU%253C/CipherValue%253E%253C/CipherData%253E%253C/EncryptedData%253E%26nonce%3DgfT1b8TVdpfFmoNBD0VY86N7wszgsD5X%26hash%3Den7flCtTPIo4yagltX0zWAVKt7XQUUeLHcCm6QJO%252BRE%253D%26dd%3D1;DIDCL=ct%3D1735125761%26hashalg%3DSHA256%26bver%3D40%26appid%3DDefault%26da%3D%253CEncryptedData%2520xmlns%253D%2522http://www.w3.org/2001/04/xmlenc%2523%2522%2520Id%253D%2522devicesoftware%2522%2520Type%253D%2522http://www.w3.org/2001/04/xmlenc%2523Element%2522%253E%253CEncryptionMethod%2520Algorithm%253D%2522http://www.w3.org/2001/04/xmlenc%2523tripledes-cbc%2522%253E%253C/EncryptionMethod%253E%253Cds:KeyInfo%2520xmlns:ds%253D%2522http://www.w3.org/2000/09/xmldsig%2523%2522%253E%253Cds:KeyName%253Ehttp://Passport.NET/STS%253C/ds:KeyName%253E%253C/ds:KeyInfo%253E%253CCipherData%253E%253CCipherValue%253EM.C510_BAY.0.D.Cl7KrrE53u56k/R7RhAo3vjRlKR5%252BNK3oBvDWipdHiyAKUOP6qhW0QtQ%252BJAUuJXaHco0hS8yh3JpuUoFY8DV45QFyB5KbankoeJfTUM4wuaHM8A/Yu4PC7MFhJ74L4lKlXB61vLfgb6z/qljXOpPAcQ8EWuvNGOV2tLqno85QaVns1vRmtUlPvFsl12a8VspAYIOkFxuVBkM8xIhp1VBU32LX2UaEtKcMpUWOv9bMXcNXwTYhIfgLVIRCui2WhtkT2AUnEDksfodGc%252BO90zS5yS3aGr3Lb6OCQ8C2/ggCE50UmCk5/EbLVvTqp6XubwOphwJ46Jlr6Xu26e8sx9vLLHE8gIVYg8LY8/K0yKDYaxYZYH8SjMwu1zQhQLkQCI17GxYW3XniP6DDh3xRxKGVrJPENNx6z2%252Bnz7nTKAYisPFxBO%252BSJeF1gKtEZhMVneWwTgDs5N7/pwO6Y5tjOXqaUNcJSabEvFhHu/KJOPcPWfJ4n3WcHayaVtSM0Xi2P2d/lCx7sAsDPqz%252Br2tBp4Kk7AFQNncM7I3e3hBB19lNckU%253C/CipherValue%253E%253C/CipherData%253E%253C/EncryptedData%253E%26nonce%3DgfT1b8TVdpfFmoNBD0VY86N7wszgsD5X%26hash%3Den7flCtTPIo4yagltX0zWAVKt7XQUUeLHcCm6QJO%252BRE%253D%26dd%3D1;MUID=2338596C739167DE37764C0C725866D5; _EDGE_S=F=1&SID=1237EDD3F7EE629C1C5CF8B3F6276339; _EDGE_V=1; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=2D3226E919DD4358A046111CD2C18B22&dmnchg=1; ak_bmsc=2A9335954D3F56E8581EF560E67280CB~000000000000000000000000000000~YAAQhsJkX5eApu2TAQAAQ+eN/RpUqnTT3y0DuOK4JGYnvggFsOXTypTxjSCS2H/QHcqS5/tt98eklF8q24NGXIrzGoufZex6A1fFaYI0HtCXNAmQuV1svccr7m0EXvJ3VvliO+T1k61J9zAUzKtvK2aFs+ul2wAp1uSxNBsiIbRqpqM21hvia0At3e0RLJ7oOrbVsPPZhWTy7+l4ng/bARBf2Hwh2Ap9CsYKoENVXG7Icivuznsh1z4QWy7x5jhQ5Twh6GJQWj3Cg93jzNv5+Rs3xceCOyquicxIYQLJl7UKGsyFt8bjgA/kFCSH4lUnNfL6QPoIcGDmvCsT7fakphMixxP8B6mS1w3OGaqmpzjdjZwbF8wiVNy9Hx2soDk=; MUIDB=2338596C739167DE37764C0C725866D5; SRCHUSR=DOB=20241225&T=1735125755000; _C_ETH=1; _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-12-25T08:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-12-25T11:22:41.1737217+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _Rwho=u=d&ts=2024-12-25; _SS=PC=U531&SID=1237EDD3F7EE629C1C5CF8B3F6276339&R=3&RB=0&GB=0&RG=200&RP=0; SRCHHPGUSR=SRCHLANG=en&HV=1735125760&DM=0&NTWKTYP=4g&BRW=M&BRH=S&CW=1280&CH=601&SCW=1263&SCH=1983&DPR=1.0&UTC=0&PV=10.0&WTS=63870722555; USRLOC=HS=1&BLOCK=TS=241225112241

Response

HTTP/1.1 200 OK

Cache-Control: no-cache,no-store
Pragma: no-cache
Content-Length: 235
Content-Type: text/html; charset=utf-8
Content-Encoding: br
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Vary: Accept-Encoding
P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
X-EventID: 676beb02e07844a48d0938024a9aa3df
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, ECT, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
UserAgentReductionOptOut: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
Content-Security-Policy: script-src https: 'strict-dynamic' 'report-sample' 'wasm-unsafe-eval' 'nonce-ZxMM63MH+AvAZWtzu439dvCjKiwfNvaVtdNGo9ZarPY='; base-uri 'self';report-to csp-endpoint
Report-To: {"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
X-MSEdge-Ref: Ref A: 286E73B1E85F4A3C9F5A45D1A91879A1 Ref B: LON601060104034 Ref C: 2024-12-25T11:22:42Z
Date: Wed, 25 Dec 2024 11:22:42 GMT
Connection: keep-alive
Set-Cookie: .MSA.Auth=; expires=Thu, 01 Jan 1970 00:00:00 GMT; domain=.bing.com; path=/; secure; samesite=lax; httponly
Set-Cookie: MUIDB=2338596C739167DE37764C0C725866D5; expires=Mon, 19-Jan-2026 11:22:42 GMT; path=/; HttpOnly
Set-Cookie: DIDC=; domain=.bing.com; expires=Thu, 01-Jan-1970 08:00:00 GMT; path=/; secure; SameSite=None
Set-Cookie: DIDC=; expires=Thu, 01-Jan-1970 08:00:00 GMT; path=/; secure; SameSite=None
Set-Cookie: DIDCL=; domain=.bing.com; expires=Thu, 01-Jan-1970 08:00:00 GMT; path=/; secure; SameSite=None
Set-Cookie: DIDCL=; expires=Thu, 01-Jan-1970 08:00:00 GMT; path=/; secure; SameSite=None
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.a9c2645f.1735125762.59a8123
GET

https://www.bing.com/ipv6test/test?FORM=MONITR

msedge.exe

Remote address:

95.100.195.148:443

Request

GET /ipv6test/test?FORM=MONITR HTTP/1.1
Host: www.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "90.0.818.66"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
Accept: */*
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/search?q=mydoom+download&cvid=58d22fbb25184c96826e1baa90a0e51c&aqs=edge.0.0l7.8086j0j4&FORM=ANAB01&PC=U531
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=2338596C739167DE37764C0C725866D5; _EDGE_S=F=1&SID=1237EDD3F7EE629C1C5CF8B3F6276339; _EDGE_V=1; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=2D3226E919DD4358A046111CD2C18B22&dmnchg=1; ak_bmsc=2A9335954D3F56E8581EF560E67280CB~000000000000000000000000000000~YAAQhsJkX5eApu2TAQAAQ+eN/RpUqnTT3y0DuOK4JGYnvggFsOXTypTxjSCS2H/QHcqS5/tt98eklF8q24NGXIrzGoufZex6A1fFaYI0HtCXNAmQuV1svccr7m0EXvJ3VvliO+T1k61J9zAUzKtvK2aFs+ul2wAp1uSxNBsiIbRqpqM21hvia0At3e0RLJ7oOrbVsPPZhWTy7+l4ng/bARBf2Hwh2Ap9CsYKoENVXG7Icivuznsh1z4QWy7x5jhQ5Twh6GJQWj3Cg93jzNv5+Rs3xceCOyquicxIYQLJl7UKGsyFt8bjgA/kFCSH4lUnNfL6QPoIcGDmvCsT7fakphMixxP8B6mS1w3OGaqmpzjdjZwbF8wiVNy9Hx2soDk=; MUIDB=2338596C739167DE37764C0C725866D5; SRCHUSR=DOB=20241225&T=1735125755000; _C_ETH=1; _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-12-25T08:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-12-25T11:22:41.1737217+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _Rwho=u=d&ts=2024-12-25; _SS=PC=U531&SID=1237EDD3F7EE629C1C5CF8B3F6276339&R=3&RB=0&GB=0&RG=200&RP=0; SRCHHPGUSR=SRCHLANG=en&HV=1735125760&DM=0&NTWKTYP=4g&BRW=M&BRH=S&CW=1280&CH=601&SCW=1263&SCH=1983&DPR=1.0&UTC=0&PV=10.0&WTS=63870722555; USRLOC=HS=1&BLOCK=TS=241225112241

Response

HTTP/1.1 200 OK

Content-Length: 64
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: https://www.bing.com
Cache-Control: no-cache, no-store, must-revalidate
Content-Encoding: br
Expires: -1
Pragma: no-cache
Vary: Accept-Encoding
X-EventID: 676beb0208f24e1b8e5de9225a800bf6
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, ECT, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
UserAgentReductionOptOut: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
Content-Security-Policy: script-src https: 'strict-dynamic' 'report-sample' 'wasm-unsafe-eval' 'nonce-VYjmI8B8Y03jKFrPG+rSnXQSdsWdpRFqafNHvnLbyGA='; base-uri 'self';report-to csp-endpoint
Report-To: {"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
Date: Wed, 25 Dec 2024 11:22:42 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.a9c2645f.1735125762.59a8441
POST

https://www.bing.com/fd/ls/GLinkPingPost.aspx?IG=7AAC67B96C9140B491DCA5B62937FD8E&ID=SERP,5135.2&url=https%3A%2F%2Fwww.bing.com%2Fck%2Fa%3F!%26%26p%3Dde6807f3b40c57a424a6bfab0ca751f9f300e16f09aabf53b7f7d537deea5361JmltdHM9MTczNTA4NDgwMA%26ptn%3D3%26ver%3D2%26hsh%3D4%26fclid%3D2338596c-7391-67de-3776-4c0c725866d5%26psq%3Dmydoom%2Bdownload%26u%3Da1aHR0cHM6Ly9naXRodWIuY29tL0RhMmRhbHVzL1RoZS1NQUxXQVJFLVJlcG8%26ntb%3D1

msedge.exe

Remote address:

95.100.195.148:443

Request

POST /fd/ls/GLinkPingPost.aspx?IG=7AAC67B96C9140B491DCA5B62937FD8E&ID=SERP,5135.2&url=https%3A%2F%2Fwww.bing.com%2Fck%2Fa%3F!%26%26p%3Dde6807f3b40c57a424a6bfab0ca751f9f300e16f09aabf53b7f7d537deea5361JmltdHM9MTczNTA4NDgwMA%26ptn%3D3%26ver%3D2%26hsh%3D4%26fclid%3D2338596c-7391-67de-3776-4c0c725866d5%26psq%3Dmydoom%2Bdownload%26u%3Da1aHR0cHM6Ly9naXRodWIuY29tL0RhMmRhbHVzL1RoZS1NQUxXQVJFLVJlcG8%26ntb%3D1 HTTP/1.1
Host: www.bing.com
Connection: keep-alive
Content-Length: 0
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "90.0.818.66"
sec-ch-ua-platform-version: "10.0"
Content-Type: text/plain;charset=UTF-8
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
Accept: */*
Origin: https://www.bing.com
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/search?q=mydoom+download&cvid=58d22fbb25184c96826e1baa90a0e51c&aqs=edge.0.0l7.8086j0j4&FORM=ANAB01&PC=U531
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=2338596C739167DE37764C0C725866D5; _EDGE_S=F=1&SID=1237EDD3F7EE629C1C5CF8B3F6276339; _EDGE_V=1; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=2D3226E919DD4358A046111CD2C18B22&dmnchg=1; ak_bmsc=2A9335954D3F56E8581EF560E67280CB~000000000000000000000000000000~YAAQhsJkX5eApu2TAQAAQ+eN/RpUqnTT3y0DuOK4JGYnvggFsOXTypTxjSCS2H/QHcqS5/tt98eklF8q24NGXIrzGoufZex6A1fFaYI0HtCXNAmQuV1svccr7m0EXvJ3VvliO+T1k61J9zAUzKtvK2aFs+ul2wAp1uSxNBsiIbRqpqM21hvia0At3e0RLJ7oOrbVsPPZhWTy7+l4ng/bARBf2Hwh2Ap9CsYKoENVXG7Icivuznsh1z4QWy7x5jhQ5Twh6GJQWj3Cg93jzNv5+Rs3xceCOyquicxIYQLJl7UKGsyFt8bjgA/kFCSH4lUnNfL6QPoIcGDmvCsT7fakphMixxP8B6mS1w3OGaqmpzjdjZwbF8wiVNy9Hx2soDk=; MUIDB=2338596C739167DE37764C0C725866D5; SRCHUSR=DOB=20241225&T=1735125755000; _C_ETH=1; _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-12-25T08:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-12-25T11:22:41.1737217+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _Rwho=u=d&ts=2024-12-25; _SS=PC=U531&SID=1237EDD3F7EE629C1C5CF8B3F6276339&R=3&RB=0&GB=0&RG=200&RP=0; SRCHHPGUSR=SRCHLANG=en&HV=1735125760&DM=0&NTWKTYP=4g&BRW=M&BRH=S&CW=1280&CH=601&SCW=1263&SCH=1983&DPR=1.0&UTC=0&PV=10.0&WTS=63870722555; USRLOC=HS=1&BLOCK=TS=241225112241; ipv6=hit=1735129361377&t=4

Response

HTTP/1.1 200 OK

Cache-Control: private
P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
Access-Control-Allow-Origin: *
X-EventID: 676beb04117d4d30953a3833779b3a37
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, ECT, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
UserAgentReductionOptOut: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
Content-Security-Policy: script-src https: 'strict-dynamic' 'report-sample' 'wasm-unsafe-eval' 'nonce-Pss1d+93Tzl82tCNClCppXD+Gz4KVHXr7rKU0dlf+nk='; base-uri 'self';report-to csp-endpoint
Report-To: {"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
X-MSEdge-Ref: Ref A: 6E383925B1884AA0BB98A488BB190B7F Ref B: LON601060101054 Ref C: 2024-12-25T11:22:44Z
Content-Length: 0
Date: Wed, 25 Dec 2024 11:22:44 GMT
Connection: keep-alive
Set-Cookie: MUIDB=2338596C739167DE37764C0C725866D5; expires=Mon, 19-Jan-2026 11:22:44 GMT; path=/; HttpOnly
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.a9c2645f.1735125764.59a863b
POST

https://www.bing.com/fd/ls/lsp.aspx

msedge.exe

Remote address:

95.100.195.148:443

Request

POST /fd/ls/lsp.aspx HTTP/1.1
Host: www.bing.com
Connection: keep-alive
Content-Length: 21962
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "90.0.818.66"
sec-ch-ua-platform-version: "10.0"
Content-Type: text/plain
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
Accept: */*
Origin: https://www.bing.com
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/search?q=mydoom+download&cvid=58d22fbb25184c96826e1baa90a0e51c&aqs=edge.0.0l7.8086j0j4&FORM=ANAB01&PC=U531
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=2338596C739167DE37764C0C725866D5; _EDGE_S=F=1&SID=1237EDD3F7EE629C1C5CF8B3F6276339; _EDGE_V=1; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=2D3226E919DD4358A046111CD2C18B22&dmnchg=1; ak_bmsc=2A9335954D3F56E8581EF560E67280CB~000000000000000000000000000000~YAAQhsJkX5eApu2TAQAAQ+eN/RpUqnTT3y0DuOK4JGYnvggFsOXTypTxjSCS2H/QHcqS5/tt98eklF8q24NGXIrzGoufZex6A1fFaYI0HtCXNAmQuV1svccr7m0EXvJ3VvliO+T1k61J9zAUzKtvK2aFs+ul2wAp1uSxNBsiIbRqpqM21hvia0At3e0RLJ7oOrbVsPPZhWTy7+l4ng/bARBf2Hwh2Ap9CsYKoENVXG7Icivuznsh1z4QWy7x5jhQ5Twh6GJQWj3Cg93jzNv5+Rs3xceCOyquicxIYQLJl7UKGsyFt8bjgA/kFCSH4lUnNfL6QPoIcGDmvCsT7fakphMixxP8B6mS1w3OGaqmpzjdjZwbF8wiVNy9Hx2soDk=; MUIDB=2338596C739167DE37764C0C725866D5; SRCHUSR=DOB=20241225&T=1735125755000; _C_ETH=1; _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-12-25T08:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-12-25T11:22:41.1737217+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _Rwho=u=d&ts=2024-12-25; _SS=PC=U531&SID=1237EDD3F7EE629C1C5CF8B3F6276339&R=3&RB=0&GB=0&RG=200&RP=0; SRCHHPGUSR=SRCHLANG=en&HV=1735125760&DM=0&NTWKTYP=4g&BRW=M&BRH=S&CW=1280&CH=601&SCW=1263&SCH=1983&DPR=1.0&UTC=0&PV=10.0&WTS=63870722555; USRLOC=HS=1&BLOCK=TS=241225112241; ipv6=hit=1735129361377&t=4

Response

HTTP/1.1 204 No Content

Access-Control-Allow-Origin: *
Date: Wed, 25 Dec 2024 11:22:44 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.a9c2645f.1735125764.59a91a6
GET

https://www.bing.com/qbox?query=free+m&language=en-US&pt=EdgBox&cvid=da51f10fee9e4c68929b4d4f7a55def8&ig=534a83ab8d88481296fad1cb9d631fb6&oit=4&cp=6&pgcl=4

msedge.exe

Remote address:

95.100.195.148:443

Request

GET /qbox?query=free+m&language=en-US&pt=EdgBox&cvid=da51f10fee9e4c68929b4d4f7a55def8&ig=534a83ab8d88481296fad1cb9d631fb6&oit=4&cp=6&pgcl=4 HTTP/1.1
Host: www.bing.com
Connection: keep-alive
Sec-Fetch-Site: none
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=2338596C739167DE37764C0C725866D5; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=2D3226E919DD4358A046111CD2C18B22&dmnchg=1; SRCHUSR=DOB=20241225&T=1735125755000; _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-12-25T08:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-12-25T11:22:41.1737217+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _Rwho=u=d&ts=2024-12-25; _SS=PC=U531&SID=1237EDD3F7EE629C1C5CF8B3F6276339&R=3&RB=0&GB=0&RG=200&RP=0; SRCHHPGUSR=SRCHLANG=en&HV=1735125760&DM=0&NTWKTYP=4g&BRW=M&BRH=S&CW=1280&CH=601&SCW=1263&SCH=1983&DPR=1.0&UTC=0&PV=10.0&WTS=63870722555; USRLOC=HS=1&BLOCK=TS=241225112241; ipv6=hit=1735129361377&t=4; MSPTC=0sId-ydt5KET1eJHPZpHrN8OIiMSzBo8-a6MuCxIyXw
POST

https://www.bing.com/fd/ls/lsp.aspx?

msedge.exe

Remote address:

95.100.195.148:443

Request

POST /fd/ls/lsp.aspx? HTTP/1.1
Host: www.bing.com
Connection: keep-alive
Content-Length: 368
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "90.0.818.66"
sec-ch-ua-platform-version: "10.0"
Content-Type: text/plain;charset=UTF-8
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
Accept: */*
Origin: https://www.bing.com
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/search?q=mydoom+download&cvid=58d22fbb25184c96826e1baa90a0e51c&aqs=edge.0.0l7.8086j0j4&FORM=ANAB01&PC=U531
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=2338596C739167DE37764C0C725866D5; MUIDB=2338596C739167DE37764C0C725866D5; _EDGE_S=F=1&SID=1237EDD3F7EE629C1C5CF8B3F6276339; _EDGE_V=1; USRLOC=HS=1; _SS=PC=U531&SID=1237EDD3F7EE629C1C5CF8B3F6276339; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=2D3226E919DD4358A046111CD2C18B22&dmnchg=1; SRCHUSR=DOB=20241225; ak_bmsc=2A9335954D3F56E8581EF560E67280CB~000000000000000000000000000000~YAAQhsJkX5eApu2TAQAAQ+eN/RpUqnTT3y0DuOK4JGYnvggFsOXTypTxjSCS2H/QHcqS5/tt98eklF8q24NGXIrzGoufZex6A1fFaYI0HtCXNAmQuV1svccr7m0EXvJ3VvliO+T1k61J9zAUzKtvK2aFs+ul2wAp1uSxNBsiIbRqpqM21hvia0At3e0RLJ7oOrbVsPPZhWTy7+l4ng/bARBf2Hwh2Ap9CsYKoENVXG7Icivuznsh1z4QWy7x5jhQ5Twh6GJQWj3Cg93jzNv5+Rs3xceCOyquicxIYQLJl7UKGsyFt8bjgA/kFCSH4lUnNfL6QPoIcGDmvCsT7fakphMixxP8B6mS1w3OGaqmpzjdjZwbF8wiVNy9Hx2soDk=; SRCHHPGUSR=SRCHLANG=en&HV=1735125756

Response

HTTP/1.1 204 No Content

Access-Control-Allow-Origin: *
Date: Wed, 25 Dec 2024 11:22:37 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.aac2645f.1735125757.55c77cd
GET

https://www.bing.com/fd/ls/l?IG=7AAC67B96C9140B491DCA5B62937FD8E&CID=2338596C739167DE37764C0C725866D5&TYPE=Event.ClientInst&DATA=%5B%7B%22T%22%3A%22CI.Init%22%2C%22TS%22%3A1735125756599%2C%22Name%22%3A%22Base%22%2C%22FID%22%3A%22CI%22%7D%2C%7B%22Rtt%22%3A%22200%22%2C%22Downlink%22%3A%221.9%22%2C%22T%22%3A%22CI.NetworkPerformance%22%2C%22TS%22%3A1735125756599%2C%22Name%22%3A%22timinginfo%22%2C%22FID%22%3A%22NetworkPerformanceDetails%22%7D%5D

msedge.exe

Remote address:

95.100.195.148:443

Request

GET /fd/ls/l?IG=7AAC67B96C9140B491DCA5B62937FD8E&CID=2338596C739167DE37764C0C725866D5&TYPE=Event.ClientInst&DATA=%5B%7B%22T%22%3A%22CI.Init%22%2C%22TS%22%3A1735125756599%2C%22Name%22%3A%22Base%22%2C%22FID%22%3A%22CI%22%7D%2C%7B%22Rtt%22%3A%22200%22%2C%22Downlink%22%3A%221.9%22%2C%22T%22%3A%22CI.NetworkPerformance%22%2C%22TS%22%3A1735125756599%2C%22Name%22%3A%22timinginfo%22%2C%22FID%22%3A%22NetworkPerformanceDetails%22%7D%5D HTTP/1.1
Host: www.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "90.0.818.66"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://www.bing.com/search?q=mydoom+download&cvid=58d22fbb25184c96826e1baa90a0e51c&aqs=edge.0.0l7.8086j0j4&FORM=ANAB01&PC=U531
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=2338596C739167DE37764C0C725866D5; MUIDB=2338596C739167DE37764C0C725866D5; _EDGE_S=F=1&SID=1237EDD3F7EE629C1C5CF8B3F6276339; _EDGE_V=1; USRLOC=HS=1; _SS=PC=U531&SID=1237EDD3F7EE629C1C5CF8B3F6276339; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=2D3226E919DD4358A046111CD2C18B22&dmnchg=1; SRCHUSR=DOB=20241225; ak_bmsc=2A9335954D3F56E8581EF560E67280CB~000000000000000000000000000000~YAAQhsJkX5eApu2TAQAAQ+eN/RpUqnTT3y0DuOK4JGYnvggFsOXTypTxjSCS2H/QHcqS5/tt98eklF8q24NGXIrzGoufZex6A1fFaYI0HtCXNAmQuV1svccr7m0EXvJ3VvliO+T1k61J9zAUzKtvK2aFs+ul2wAp1uSxNBsiIbRqpqM21hvia0At3e0RLJ7oOrbVsPPZhWTy7+l4ng/bARBf2Hwh2Ap9CsYKoENVXG7Icivuznsh1z4QWy7x5jhQ5Twh6GJQWj3Cg93jzNv5+Rs3xceCOyquicxIYQLJl7UKGsyFt8bjgA/kFCSH4lUnNfL6QPoIcGDmvCsT7fakphMixxP8B6mS1w3OGaqmpzjdjZwbF8wiVNy9Hx2soDk=; SRCHHPGUSR=SRCHLANG=en&HV=1735125756

Response

HTTP/1.1 200 OK

Content-Length: 0
Access-Control-Allow-Origin: *
Date: Wed, 25 Dec 2024 11:22:40 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.aac2645f.1735125760.55c8396
GET

https://www.bing.com/rewardsapp/widgetassets/prod/medallion/1.1.2/js/widget.js?t=241225

msedge.exe

Remote address:

95.100.195.148:443

Request

GET /rewardsapp/widgetassets/prod/medallion/1.1.2/js/widget.js?t=241225 HTTP/1.1
Host: www.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "90.0.818.66"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
Accept: */*
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: script
Referer: https://www.bing.com/search?q=mydoom+download&cvid=58d22fbb25184c96826e1baa90a0e51c&aqs=edge.0.0l7.8086j0j4&FORM=ANAB01&PC=U531
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=2338596C739167DE37764C0C725866D5; MUIDB=2338596C739167DE37764C0C725866D5; _EDGE_S=F=1&SID=1237EDD3F7EE629C1C5CF8B3F6276339; _EDGE_V=1; USRLOC=HS=1; _SS=PC=U531&SID=1237EDD3F7EE629C1C5CF8B3F6276339; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=2D3226E919DD4358A046111CD2C18B22&dmnchg=1; SRCHUSR=DOB=20241225; ak_bmsc=2A9335954D3F56E8581EF560E67280CB~000000000000000000000000000000~YAAQhsJkX5eApu2TAQAAQ+eN/RpUqnTT3y0DuOK4JGYnvggFsOXTypTxjSCS2H/QHcqS5/tt98eklF8q24NGXIrzGoufZex6A1fFaYI0HtCXNAmQuV1svccr7m0EXvJ3VvliO+T1k61J9zAUzKtvK2aFs+ul2wAp1uSxNBsiIbRqpqM21hvia0At3e0RLJ7oOrbVsPPZhWTy7+l4ng/bARBf2Hwh2Ap9CsYKoENVXG7Icivuznsh1z4QWy7x5jhQ5Twh6GJQWj3Cg93jzNv5+Rs3xceCOyquicxIYQLJl7UKGsyFt8bjgA/kFCSH4lUnNfL6QPoIcGDmvCsT7fakphMixxP8B6mS1w3OGaqmpzjdjZwbF8wiVNy9Hx2soDk=; SRCHHPGUSR=SRCHLANG=en&HV=1735125756

Response

HTTP/1.1 200 OK

Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=21600
Content-Encoding: br
Last-Modified: Wed, 13 Nov 2024 18:09:46 GMT
Vary: Accept-Encoding
x-ms-request-id: 27267809-201e-005d-02a2-566d0f000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
x-azure-ref: 20241225T080000Z-18576787c45mthwphC1DB18w980000000rzg000000008x81
x-fd-int-roxy-purgeid: 0
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
X-Ceto-ref: 676bbb80d53747798374199a595630f8|AFD:676bbb80d53747798374199a595630f8|2024-12-25T08:00:00.832Z
Content-Length: 48856
Date: Wed, 25 Dec 2024 11:22:40 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.aac2645f.1735125760.55c8f50
GET

https://www.bing.com/fd/ls/l?IG=7AAC67B96C9140B491DCA5B62937FD8E&CID=2338596C739167DE37764C0C725866D5&Type=Event.ClientInst&DATA=[{%22T%22:%22Info%22,%22FID%22:%22CI%22,%22Name%22:%22ClientDimNotSent%22,%22Text%22:%221%22}]

msedge.exe

Remote address:

95.100.195.148:443

Request

GET /fd/ls/l?IG=7AAC67B96C9140B491DCA5B62937FD8E&CID=2338596C739167DE37764C0C725866D5&Type=Event.ClientInst&DATA=[{%22T%22:%22Info%22,%22FID%22:%22CI%22,%22Name%22:%22ClientDimNotSent%22,%22Text%22:%221%22}] HTTP/1.1
Host: www.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "90.0.818.66"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://www.bing.com/search?q=mydoom+download&cvid=58d22fbb25184c96826e1baa90a0e51c&aqs=edge.0.0l7.8086j0j4&FORM=ANAB01&PC=U531
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=2338596C739167DE37764C0C725866D5; MUIDB=2338596C739167DE37764C0C725866D5; _EDGE_S=F=1&SID=1237EDD3F7EE629C1C5CF8B3F6276339; _EDGE_V=1; USRLOC=HS=1; _SS=PC=U531&SID=1237EDD3F7EE629C1C5CF8B3F6276339; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=2D3226E919DD4358A046111CD2C18B22&dmnchg=1; SRCHUSR=DOB=20241225; ak_bmsc=2A9335954D3F56E8581EF560E67280CB~000000000000000000000000000000~YAAQhsJkX5eApu2TAQAAQ+eN/RpUqnTT3y0DuOK4JGYnvggFsOXTypTxjSCS2H/QHcqS5/tt98eklF8q24NGXIrzGoufZex6A1fFaYI0HtCXNAmQuV1svccr7m0EXvJ3VvliO+T1k61J9zAUzKtvK2aFs+ul2wAp1uSxNBsiIbRqpqM21hvia0At3e0RLJ7oOrbVsPPZhWTy7+l4ng/bARBf2Hwh2Ap9CsYKoENVXG7Icivuznsh1z4QWy7x5jhQ5Twh6GJQWj3Cg93jzNv5+Rs3xceCOyquicxIYQLJl7UKGsyFt8bjgA/kFCSH4lUnNfL6QPoIcGDmvCsT7fakphMixxP8B6mS1w3OGaqmpzjdjZwbF8wiVNy9Hx2soDk=; SRCHHPGUSR=SRCHLANG=en&HV=1735125756&DM=0&NTWKTYP=4g&BRW=M&BRH=S&CW=1280&CH=601&SCW=1263&SCH=1983&DPR=1.0&UTC=0

Response

HTTP/1.1 200 OK

Content-Length: 0
Access-Control-Allow-Origin: *
Date: Wed, 25 Dec 2024 11:22:40 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.aac2645f.1735125760.55c9114
POST

https://www.bing.com/rewardsapp/ncheader?ver=52270063&IID=SERP.5051&IG=7AAC67B96C9140B491DCA5B62937FD8E

msedge.exe

Remote address:

95.100.195.148:443

Request

POST /rewardsapp/ncheader?ver=52270063&IID=SERP.5051&IG=7AAC67B96C9140B491DCA5B62937FD8E HTTP/1.1
Host: www.bing.com
Connection: keep-alive
Content-Length: 4
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "90.0.818.66"
sec-ch-ua-platform-version: "10.0"
Content-type: application/x-www-form-urlencoded
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
Accept: */*
Origin: https://www.bing.com
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/search?q=mydoom+download&cvid=58d22fbb25184c96826e1baa90a0e51c&aqs=edge.0.0l7.8086j0j4&FORM=ANAB01&PC=U531
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=2338596C739167DE37764C0C725866D5; MUIDB=2338596C739167DE37764C0C725866D5; _EDGE_S=F=1&SID=1237EDD3F7EE629C1C5CF8B3F6276339; _EDGE_V=1; USRLOC=HS=1; _SS=PC=U531&SID=1237EDD3F7EE629C1C5CF8B3F6276339; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=2D3226E919DD4358A046111CD2C18B22&dmnchg=1; ak_bmsc=2A9335954D3F56E8581EF560E67280CB~000000000000000000000000000000~YAAQhsJkX5eApu2TAQAAQ+eN/RpUqnTT3y0DuOK4JGYnvggFsOXTypTxjSCS2H/QHcqS5/tt98eklF8q24NGXIrzGoufZex6A1fFaYI0HtCXNAmQuV1svccr7m0EXvJ3VvliO+T1k61J9zAUzKtvK2aFs+ul2wAp1uSxNBsiIbRqpqM21hvia0At3e0RLJ7oOrbVsPPZhWTy7+l4ng/bARBf2Hwh2Ap9CsYKoENVXG7Icivuznsh1z4QWy7x5jhQ5Twh6GJQWj3Cg93jzNv5+Rs3xceCOyquicxIYQLJl7UKGsyFt8bjgA/kFCSH4lUnNfL6QPoIcGDmvCsT7fakphMixxP8B6mS1w3OGaqmpzjdjZwbF8wiVNy9Hx2soDk=; SRCHHPGUSR=SRCHLANG=en&HV=1735125759&DM=0&NTWKTYP=4g&BRW=M&BRH=S&CW=1280&CH=601&SCW=1263&SCH=1983&DPR=1.0&UTC=0; SRCHUSR=DOB=20241225&T=1735125755000

Response

HTTP/1.1 200 OK

Content-Length: 769
Content-Type: text/html; charset=utf-8
Cache-Control: no-cache, no-store, must-revalidate
Content-Encoding: br
Expires: -1
Pragma: no-cache
Vary: Accept-Encoding
X-EventID: 676beb00733248a991e083a0360ded0f
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, ECT, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
UserAgentReductionOptOut: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
Content-Security-Policy: script-src https: 'strict-dynamic' 'report-sample' 'wasm-unsafe-eval' 'nonce-x6CoPcV35kwJ0RCJUHogoacsI4vqY+DMr2NeiwcnqLw='; base-uri 'self';report-to csp-endpoint
Report-To: {"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
X-Ceto-ref: 676beb00733248a991e083a0360ded0f|AFD:676beb00733248a991e083a0360ded0f|2024-12-25T11:22:40.726Z
Date: Wed, 25 Dec 2024 11:22:40 GMT
Connection: keep-alive
Set-Cookie: _C_ETH=1; domain=.bing.com; path=/; secure; httponly
Set-Cookie: _C_Auth=
Set-Cookie: SRCHHPGUSR=SRCHLANG=en&HV=1735125759&DM=0&NTWKTYP=4g&BRW=M&BRH=S&CW=1280&CH=601&SCW=1263&SCH=1983&DPR=1.0&UTC=0&PV=10.0; domain=.bing.com; expires=Mon, 19-Jan-2026 11:22:40 GMT; path=/; secure; SameSite=None
Set-Cookie: SRCHS=; domain=.bing.com; expires=Thu, 01-Jan-1970 08:00:00 GMT; path=/; secure; SameSite=None
Set-Cookie: SRCHS=; expires=Thu, 01-Jan-1970 08:00:00 GMT; path=/; secure; SameSite=None
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.aac2645f.1735125760.55c9277
POST

https://www.bing.com/orgid/idtoken/conditional

msedge.exe

Remote address:

95.100.195.148:443

Request

POST /orgid/idtoken/conditional HTTP/1.1
Host: www.bing.com
Connection: keep-alive
Content-Length: 693
Cache-Control: max-age=0
ect: 4g
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
sec-ch-ua-mobile: ?0
sec-ch-ua-full-version: "90.0.818.66"
sec-ch-ua-arch: "x86"
sec-ch-ua-platform: "Windows"
sec-ch-ua-platform-version: "10.0"
sec-ch-ua-model: ""
Origin: https://login.microsoftonline.com
Upgrade-Insecure-Requests: 1
DNT: 1
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://login.microsoftonline.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=2338596C739167DE37764C0C725866D5; MUIDB=2338596C739167DE37764C0C725866D5; _EDGE_S=F=1&SID=1237EDD3F7EE629C1C5CF8B3F6276339; _EDGE_V=1; USRLOC=HS=1; _SS=PC=U531&SID=1237EDD3F7EE629C1C5CF8B3F6276339; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=2D3226E919DD4358A046111CD2C18B22&dmnchg=1; ak_bmsc=2A9335954D3F56E8581EF560E67280CB~000000000000000000000000000000~YAAQhsJkX5eApu2TAQAAQ+eN/RpUqnTT3y0DuOK4JGYnvggFsOXTypTxjSCS2H/QHcqS5/tt98eklF8q24NGXIrzGoufZex6A1fFaYI0HtCXNAmQuV1svccr7m0EXvJ3VvliO+T1k61J9zAUzKtvK2aFs+ul2wAp1uSxNBsiIbRqpqM21hvia0At3e0RLJ7oOrbVsPPZhWTy7+l4ng/bARBf2Hwh2Ap9CsYKoENVXG7Icivuznsh1z4QWy7x5jhQ5Twh6GJQWj3Cg93jzNv5+Rs3xceCOyquicxIYQLJl7UKGsyFt8bjgA/kFCSH4lUnNfL6QPoIcGDmvCsT7fakphMixxP8B6mS1w3OGaqmpzjdjZwbF8wiVNy9Hx2soDk=; SRCHUSR=DOB=20241225&T=1735125755000; _C_ETH=1; SRCHHPGUSR=SRCHLANG=en&HV=1735125759&DM=0&NTWKTYP=4g&BRW=M&BRH=S&CW=1280&CH=601&SCW=1263&SCH=1983&DPR=1.0&UTC=0&PV=10.0

Response

HTTP/1.1 200 OK

Cache-Control: private
Content-Length: 1
Content-Type: text/html
Content-Encoding: br
Vary: Accept-Encoding
P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
X-EventID: 676beb01c4e14f28b4c92404d8d98554
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, ECT, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
UserAgentReductionOptOut: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
Content-Security-Policy: script-src https: 'strict-dynamic' 'report-sample' 'wasm-unsafe-eval' 'nonce-vWfv13k3Jv5YbkKxR5lngeHySsKj4wou8zu2jvlsA8c='; base-uri 'self';report-to csp-endpoint
Report-To: {"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
X-MSEdge-Ref: Ref A: 97F01921784740D5A4F5F37E8C7596A9 Ref B: LON601060105023 Ref C: 2024-12-25T11:22:41Z
Date: Wed, 25 Dec 2024 11:22:41 GMT
Connection: keep-alive
Set-Cookie: MUIDB=2338596C739167DE37764C0C725866D5; expires=Mon, 19-Jan-2026 11:22:41 GMT; path=/; HttpOnly
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.aac2645f.1735125761.55c9447
GET

https://www.bing.com/fd/ls/l?IG=7AAC67B96C9140B491DCA5B62937FD8E&CID=2338596C739167DE37764C0C725866D5&Type=Event.ClientInst&DATA=[{%22T%22:%22CI.FeedbackInit%22,%22FID%22:%22CI%22,%22Name%22:%22Feedback%22,%22Text%22:%22sb_feedback%22}]

msedge.exe

Remote address:

95.100.195.148:443

Request

GET /fd/ls/l?IG=7AAC67B96C9140B491DCA5B62937FD8E&CID=2338596C739167DE37764C0C725866D5&Type=Event.ClientInst&DATA=[{%22T%22:%22CI.FeedbackInit%22,%22FID%22:%22CI%22,%22Name%22:%22Feedback%22,%22Text%22:%22sb_feedback%22}] HTTP/1.1
Host: www.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "90.0.818.66"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://www.bing.com/search?q=mydoom+download&cvid=58d22fbb25184c96826e1baa90a0e51c&aqs=edge.0.0l7.8086j0j4&FORM=ANAB01&PC=U531
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=2338596C739167DE37764C0C725866D5; _EDGE_S=F=1&SID=1237EDD3F7EE629C1C5CF8B3F6276339; _EDGE_V=1; USRLOC=HS=1; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=2D3226E919DD4358A046111CD2C18B22&dmnchg=1; ak_bmsc=2A9335954D3F56E8581EF560E67280CB~000000000000000000000000000000~YAAQhsJkX5eApu2TAQAAQ+eN/RpUqnTT3y0DuOK4JGYnvggFsOXTypTxjSCS2H/QHcqS5/tt98eklF8q24NGXIrzGoufZex6A1fFaYI0HtCXNAmQuV1svccr7m0EXvJ3VvliO+T1k61J9zAUzKtvK2aFs+ul2wAp1uSxNBsiIbRqpqM21hvia0At3e0RLJ7oOrbVsPPZhWTy7+l4ng/bARBf2Hwh2Ap9CsYKoENVXG7Icivuznsh1z4QWy7x5jhQ5Twh6GJQWj3Cg93jzNv5+Rs3xceCOyquicxIYQLJl7UKGsyFt8bjgA/kFCSH4lUnNfL6QPoIcGDmvCsT7fakphMixxP8B6mS1w3OGaqmpzjdjZwbF8wiVNy9Hx2soDk=; MUIDB=2338596C739167DE37764C0C725866D5; SRCHUSR=DOB=20241225&T=1735125755000; _C_ETH=1; SRCHHPGUSR=SRCHLANG=en&HV=1735125759&DM=0&NTWKTYP=4g&BRW=M&BRH=S&CW=1280&CH=601&SCW=1263&SCH=1983&DPR=1.0&UTC=0&PV=10.0; _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-12-25T08:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-12-25T11:22:41.1737217+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _Rwho=u=d&ts=2024-12-25; _SS=PC=U531&SID=1237EDD3F7EE629C1C5CF8B3F6276339&R=3&RB=0&GB=0&RG=200&RP=0

Response

HTTP/1.1 200 OK

Content-Length: 0
Access-Control-Allow-Origin: *
Date: Wed, 25 Dec 2024 11:22:41 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.aac2645f.1735125761.55c983d
GET

https://www.bing.com/fd/ls/l?IG=7AAC67B96C9140B491DCA5B62937FD8E&CID=2338596C739167DE37764C0C725866D5&TYPE=Event.ClientInst&DATA=%5B%7B%22T%22%3A%22CI.DevLoc%22%2C%22TS%22%3A1735125760218%2C%22Name%22%3A%22block%22%2C%22FID%22%3A%22AutoPrompt%22%7D%5D

msedge.exe

Remote address:

95.100.195.148:443

Request

GET /fd/ls/l?IG=7AAC67B96C9140B491DCA5B62937FD8E&CID=2338596C739167DE37764C0C725866D5&TYPE=Event.ClientInst&DATA=%5B%7B%22T%22%3A%22CI.DevLoc%22%2C%22TS%22%3A1735125760218%2C%22Name%22%3A%22block%22%2C%22FID%22%3A%22AutoPrompt%22%7D%5D HTTP/1.1
Host: www.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "90.0.818.66"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://www.bing.com/search?q=mydoom+download&cvid=58d22fbb25184c96826e1baa90a0e51c&aqs=edge.0.0l7.8086j0j4&FORM=ANAB01&PC=U531
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=2338596C739167DE37764C0C725866D5; _EDGE_S=F=1&SID=1237EDD3F7EE629C1C5CF8B3F6276339; _EDGE_V=1; USRLOC=HS=1; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=2D3226E919DD4358A046111CD2C18B22&dmnchg=1; ak_bmsc=2A9335954D3F56E8581EF560E67280CB~000000000000000000000000000000~YAAQhsJkX5eApu2TAQAAQ+eN/RpUqnTT3y0DuOK4JGYnvggFsOXTypTxjSCS2H/QHcqS5/tt98eklF8q24NGXIrzGoufZex6A1fFaYI0HtCXNAmQuV1svccr7m0EXvJ3VvliO+T1k61J9zAUzKtvK2aFs+ul2wAp1uSxNBsiIbRqpqM21hvia0At3e0RLJ7oOrbVsPPZhWTy7+l4ng/bARBf2Hwh2Ap9CsYKoENVXG7Icivuznsh1z4QWy7x5jhQ5Twh6GJQWj3Cg93jzNv5+Rs3xceCOyquicxIYQLJl7UKGsyFt8bjgA/kFCSH4lUnNfL6QPoIcGDmvCsT7fakphMixxP8B6mS1w3OGaqmpzjdjZwbF8wiVNy9Hx2soDk=; MUIDB=2338596C739167DE37764C0C725866D5; SRCHUSR=DOB=20241225&T=1735125755000; _C_ETH=1; _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-12-25T08:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-12-25T11:22:41.1737217+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _Rwho=u=d&ts=2024-12-25; _SS=PC=U531&SID=1237EDD3F7EE629C1C5CF8B3F6276339&R=3&RB=0&GB=0&RG=200&RP=0; SRCHHPGUSR=SRCHLANG=en&HV=1735125760&DM=0&NTWKTYP=4g&BRW=M&BRH=S&CW=1280&CH=601&SCW=1263&SCH=1983&DPR=1.0&UTC=0&PV=10.0&WTS=63870722555

Response

HTTP/1.1 200 OK

Content-Length: 0
Access-Control-Allow-Origin: *
Date: Wed, 25 Dec 2024 11:22:41 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.aac2645f.1735125761.55c99ac
POST

https://www.bing.com/fd/ls/lsp.aspx

msedge.exe

Remote address:

95.100.195.148:443

Request

POST /fd/ls/lsp.aspx HTTP/1.1
Host: www.bing.com
Connection: keep-alive
Content-Length: 287
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "90.0.818.66"
sec-ch-ua-platform-version: "10.0"
Content-Type: text/xml
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
Accept: */*
Origin: https://www.bing.com
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/search?q=mydoom+download&cvid=58d22fbb25184c96826e1baa90a0e51c&aqs=edge.0.0l7.8086j0j4&FORM=ANAB01&PC=U531
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=2338596C739167DE37764C0C725866D5; _EDGE_S=F=1&SID=1237EDD3F7EE629C1C5CF8B3F6276339; _EDGE_V=1; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=2D3226E919DD4358A046111CD2C18B22&dmnchg=1; ak_bmsc=2A9335954D3F56E8581EF560E67280CB~000000000000000000000000000000~YAAQhsJkX5eApu2TAQAAQ+eN/RpUqnTT3y0DuOK4JGYnvggFsOXTypTxjSCS2H/QHcqS5/tt98eklF8q24NGXIrzGoufZex6A1fFaYI0HtCXNAmQuV1svccr7m0EXvJ3VvliO+T1k61J9zAUzKtvK2aFs+ul2wAp1uSxNBsiIbRqpqM21hvia0At3e0RLJ7oOrbVsPPZhWTy7+l4ng/bARBf2Hwh2Ap9CsYKoENVXG7Icivuznsh1z4QWy7x5jhQ5Twh6GJQWj3Cg93jzNv5+Rs3xceCOyquicxIYQLJl7UKGsyFt8bjgA/kFCSH4lUnNfL6QPoIcGDmvCsT7fakphMixxP8B6mS1w3OGaqmpzjdjZwbF8wiVNy9Hx2soDk=; MUIDB=2338596C739167DE37764C0C725866D5; SRCHUSR=DOB=20241225&T=1735125755000; _C_ETH=1; _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-12-25T08:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-12-25T11:22:41.1737217+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _Rwho=u=d&ts=2024-12-25; _SS=PC=U531&SID=1237EDD3F7EE629C1C5CF8B3F6276339&R=3&RB=0&GB=0&RG=200&RP=0; SRCHHPGUSR=SRCHLANG=en&HV=1735125760&DM=0&NTWKTYP=4g&BRW=M&BRH=S&CW=1280&CH=601&SCW=1263&SCH=1983&DPR=1.0&UTC=0&PV=10.0&WTS=63870722555; USRLOC=HS=1&BLOCK=TS=241225112241; ipv6=hit=1735129361377&t=4

Response

HTTP/1.1 204 No Content

Access-Control-Allow-Origin: *
Date: Wed, 25 Dec 2024 11:22:44 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.aac2645f.1735125764.55c9aac
GET

https://www.bing.com/qbox?query=fr&language=en-US&pt=EdgBox&cvid=da51f10fee9e4c68929b4d4f7a55def8&ig=401aca834e6b4850a30f825e753ac863&oit=1&cp=2&pgcl=4

msedge.exe

Remote address:

95.100.195.148:443

Request

GET /qbox?query=fr&language=en-US&pt=EdgBox&cvid=da51f10fee9e4c68929b4d4f7a55def8&ig=401aca834e6b4850a30f825e753ac863&oit=1&cp=2&pgcl=4 HTTP/1.1
Host: www.bing.com
Connection: keep-alive
Sec-Fetch-Site: none
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=2338596C739167DE37764C0C725866D5; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=2D3226E919DD4358A046111CD2C18B22&dmnchg=1; SRCHUSR=DOB=20241225&T=1735125755000; _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-12-25T08:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-12-25T11:22:41.1737217+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _Rwho=u=d&ts=2024-12-25; _SS=PC=U531&SID=1237EDD3F7EE629C1C5CF8B3F6276339&R=3&RB=0&GB=0&RG=200&RP=0; SRCHHPGUSR=SRCHLANG=en&HV=1735125760&DM=0&NTWKTYP=4g&BRW=M&BRH=S&CW=1280&CH=601&SCW=1263&SCH=1983&DPR=1.0&UTC=0&PV=10.0&WTS=63870722555; USRLOC=HS=1&BLOCK=TS=241225112241; ipv6=hit=1735129361377&t=4; MSPTC=0sId-ydt5KET1eJHPZpHrN8OIiMSzBo8-a6MuCxIyXw

Response

HTTP/1.1 200 OK

Content-Length: 449
Content-Type: application/json; charset=utf-8
Cache-Control: public, max-age=300
Content-Encoding: br
Vary: Accept-Encoding
X-EventID: 676beb4016d94474835962ea5abc8e14
UserAgentReductionOptOut: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
Content-Security-Policy: script-src https: 'strict-dynamic' 'report-sample' 'wasm-unsafe-eval' 'nonce-oW9FewR1d7+n/chBrm/mu/hg5ErksiveO2cIax7U5QQ='; base-uri 'self';report-to csp-endpoint
Report-To: {"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
Date: Wed, 25 Dec 2024 11:23:44 GMT
Connection: keep-alive
Set-Cookie: MUIDB=2338596C739167DE37764C0C725866D5; expires=Mon, 19-Jan-2026 11:23:44 GMT; path=/; HttpOnly
Set-Cookie: _EDGE_S=SID=16862BE49B946C08332D3E849A386D49; domain=.bing.com; path=/; HttpOnly
Set-Cookie: SRCHHPGUSR=SRCHLANG=en&HV=1735125760&DM=0&NTWKTYP=4g&BRW=M&BRH=S&CW=1280&CH=601&SCW=1263&SCH=1983&DPR=1.0&UTC=0&PV=10.0&WTS=63870722555; domain=.bing.com; expires=Mon, 19-Jan-2026 11:23:44 GMT; path=/; secure; SameSite=None
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.aac2645f.1735125824.55caf91
GET

https://www.bing.com/qbox?query=fre&language=en-US&pt=EdgBox&cvid=da51f10fee9e4c68929b4d4f7a55def8&ig=63828e5059d34e8597bf1ab01b214149&oit=1&cp=3&pgcl=4

msedge.exe

Remote address:

95.100.195.148:443

Request

GET /qbox?query=fre&language=en-US&pt=EdgBox&cvid=da51f10fee9e4c68929b4d4f7a55def8&ig=63828e5059d34e8597bf1ab01b214149&oit=1&cp=3&pgcl=4 HTTP/1.1
Host: www.bing.com
Connection: keep-alive
Sec-Fetch-Site: none
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=2338596C739167DE37764C0C725866D5; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=2D3226E919DD4358A046111CD2C18B22&dmnchg=1; SRCHUSR=DOB=20241225&T=1735125755000; _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-12-25T08:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-12-25T11:22:41.1737217+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _Rwho=u=d&ts=2024-12-25; _SS=PC=U531&SID=1237EDD3F7EE629C1C5CF8B3F6276339&R=3&RB=0&GB=0&RG=200&RP=0; SRCHHPGUSR=SRCHLANG=en&HV=1735125760&DM=0&NTWKTYP=4g&BRW=M&BRH=S&CW=1280&CH=601&SCW=1263&SCH=1983&DPR=1.0&UTC=0&PV=10.0&WTS=63870722555; USRLOC=HS=1&BLOCK=TS=241225112241; ipv6=hit=1735129361377&t=4; MSPTC=0sId-ydt5KET1eJHPZpHrN8OIiMSzBo8-a6MuCxIyXw

Response

HTTP/1.1 200 OK

Content-Length: 437
Content-Type: application/json; charset=utf-8
Cache-Control: public, max-age=300
Content-Encoding: br
Vary: Accept-Encoding
X-EventID: 676beb401fc9487ebd51d93e94a03418
UserAgentReductionOptOut: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
Content-Security-Policy: script-src https: 'strict-dynamic' 'report-sample' 'wasm-unsafe-eval' 'nonce-L9Iseimxrfrx/zWRwqQypoNAvqGNqSWKFhgQ+QrD8S0='; base-uri 'self';report-to csp-endpoint
Report-To: {"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
Date: Wed, 25 Dec 2024 11:23:44 GMT
Connection: keep-alive
Set-Cookie: MUIDB=2338596C739167DE37764C0C725866D5; expires=Mon, 19-Jan-2026 11:23:44 GMT; path=/; HttpOnly
Set-Cookie: _EDGE_S=SID=18560DF95315657D0F5E189952CC6450; domain=.bing.com; path=/; HttpOnly
Set-Cookie: SRCHHPGUSR=SRCHLANG=en&HV=1735125760&DM=0&NTWKTYP=4g&BRW=M&BRH=S&CW=1280&CH=601&SCW=1263&SCH=1983&DPR=1.0&UTC=0&PV=10.0&WTS=63870722555; domain=.bing.com; expires=Mon, 19-Jan-2026 11:23:44 GMT; path=/; secure; SameSite=None
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.aac2645f.1735125824.55dfaf6
GET

https://www.bing.com/qbox?query=free&language=en-US&pt=EdgBox&cvid=da51f10fee9e4c68929b4d4f7a55def8&ig=9f86216676cc4fd6b92a32e303dd91d8&oit=1&cp=4&pgcl=4

msedge.exe

Remote address:

95.100.195.148:443

Request

GET /qbox?query=free&language=en-US&pt=EdgBox&cvid=da51f10fee9e4c68929b4d4f7a55def8&ig=9f86216676cc4fd6b92a32e303dd91d8&oit=1&cp=4&pgcl=4 HTTP/1.1
Host: www.bing.com
Connection: keep-alive
Sec-Fetch-Site: none
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=2338596C739167DE37764C0C725866D5; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=2D3226E919DD4358A046111CD2C18B22&dmnchg=1; SRCHUSR=DOB=20241225&T=1735125755000; _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-12-25T08:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-12-25T11:22:41.1737217+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _Rwho=u=d&ts=2024-12-25; _SS=PC=U531&SID=1237EDD3F7EE629C1C5CF8B3F6276339&R=3&RB=0&GB=0&RG=200&RP=0; SRCHHPGUSR=SRCHLANG=en&HV=1735125760&DM=0&NTWKTYP=4g&BRW=M&BRH=S&CW=1280&CH=601&SCW=1263&SCH=1983&DPR=1.0&UTC=0&PV=10.0&WTS=63870722555; USRLOC=HS=1&BLOCK=TS=241225112241; ipv6=hit=1735129361377&t=4; MSPTC=0sId-ydt5KET1eJHPZpHrN8OIiMSzBo8-a6MuCxIyXw

Response

HTTP/1.1 200 OK

Content-Length: 437
Content-Type: application/json; charset=utf-8
Cache-Control: public, max-age=300
Content-Encoding: br
Vary: Accept-Encoding
X-EventID: 676beb40d58e44fbb15de48fd738af21
UserAgentReductionOptOut: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
Content-Security-Policy: script-src https: 'strict-dynamic' 'report-sample' 'wasm-unsafe-eval' 'nonce-g1u0ojD4hcQLG6Ccr5bmzDUYUFPHY7IzkGsfBXJGxpw='; base-uri 'self';report-to csp-endpoint
Report-To: {"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
Date: Wed, 25 Dec 2024 11:23:44 GMT
Connection: keep-alive
Set-Cookie: MUIDB=2338596C739167DE37764C0C725866D5; expires=Mon, 19-Jan-2026 11:23:44 GMT; path=/; HttpOnly
Set-Cookie: _EDGE_S=SID=1D2B269D7E986550373F33FD7FD46487; domain=.bing.com; path=/; HttpOnly
Set-Cookie: SRCHHPGUSR=SRCHLANG=en&HV=1735125760&DM=0&NTWKTYP=4g&BRW=M&BRH=S&CW=1280&CH=601&SCW=1263&SCH=1983&DPR=1.0&UTC=0&PV=10.0&WTS=63870722555; domain=.bing.com; expires=Mon, 19-Jan-2026 11:23:44 GMT; path=/; secure; SameSite=None
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.aac2645f.1735125824.55dfc2f
GET

https://www.bing.com/qbox?query=free+&language=en-US&pt=EdgBox&cvid=da51f10fee9e4c68929b4d4f7a55def8&ig=a4ebf6fb9b56481b95ad6a2aa725d61e&oit=1&cp=5&pgcl=4

msedge.exe

Remote address:

95.100.195.148:443

Request

GET /qbox?query=free+&language=en-US&pt=EdgBox&cvid=da51f10fee9e4c68929b4d4f7a55def8&ig=a4ebf6fb9b56481b95ad6a2aa725d61e&oit=1&cp=5&pgcl=4 HTTP/1.1
Host: www.bing.com
Connection: keep-alive
Sec-Fetch-Site: none
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=2338596C739167DE37764C0C725866D5; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=2D3226E919DD4358A046111CD2C18B22&dmnchg=1; SRCHUSR=DOB=20241225&T=1735125755000; _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-12-25T08:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-12-25T11:22:41.1737217+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _Rwho=u=d&ts=2024-12-25; _SS=PC=U531&SID=1237EDD3F7EE629C1C5CF8B3F6276339&R=3&RB=0&GB=0&RG=200&RP=0; SRCHHPGUSR=SRCHLANG=en&HV=1735125760&DM=0&NTWKTYP=4g&BRW=M&BRH=S&CW=1280&CH=601&SCW=1263&SCH=1983&DPR=1.0&UTC=0&PV=10.0&WTS=63870722555; USRLOC=HS=1&BLOCK=TS=241225112241; ipv6=hit=1735129361377&t=4; MSPTC=0sId-ydt5KET1eJHPZpHrN8OIiMSzBo8-a6MuCxIyXw
GET

https://r.bing.com/rp/dliRwIxSaWxw-rZZkpFj-NPxBOA.br.css

msedge.exe

Remote address:

95.100.195.189:443

Request

GET /rp/dliRwIxSaWxw-rZZkpFj-NPxBOA.br.css HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept: text/css,*/*;q=0.1
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: style
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=2338596C739167DE37764C0C725866D5; _EDGE_S=F=1&SID=1237EDD3F7EE629C1C5CF8B3F6276339; _EDGE_V=1; USRLOC=HS=1; _SS=PC=U531&SID=1237EDD3F7EE629C1C5CF8B3F6276339; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=2D3226E919DD4358A046111CD2C18B22&dmnchg=1; SRCHUSR=DOB=20241225; SRCHHPGUSR=SRCHLANG=en; ak_bmsc=2A9335954D3F56E8581EF560E67280CB~000000000000000000000000000000~YAAQhsJkX5eApu2TAQAAQ+eN/RpUqnTT3y0DuOK4JGYnvggFsOXTypTxjSCS2H/QHcqS5/tt98eklF8q24NGXIrzGoufZex6A1fFaYI0HtCXNAmQuV1svccr7m0EXvJ3VvliO+T1k61J9zAUzKtvK2aFs+ul2wAp1uSxNBsiIbRqpqM21hvia0At3e0RLJ7oOrbVsPPZhWTy7+l4ng/bARBf2Hwh2Ap9CsYKoENVXG7Icivuznsh1z4QWy7x5jhQ5Twh6GJQWj3Cg93jzNv5+Rs3xceCOyquicxIYQLJl7UKGsyFt8bjgA/kFCSH4lUnNfL6QPoIcGDmvCsT7fakphMixxP8B6mS1w3OGaqmpzjdjZwbF8wiVNy9Hx2soDk=

Response

HTTP/1.1 200 OK

Last-Modified: Tue, 24 Sep 2024 06:43:41 GMT
ETag: 0x8DCDC643AB18727
Content-Length: 172
Content-Type: text/css
Content-Encoding: br
Content-MD5: 5ui94BGfQj5MuJRtm7wr9Q==
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 249b40ad-201e-0024-3b78-1573de000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Akamai-GRN: 0.a2777b5c.1731522442.276d722
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
Cache-Control: public, no-transform, max-age=123194
Expires: Thu, 26 Dec 2024 21:35:50 GMT
Date: Wed, 25 Dec 2024 11:22:36 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.91c2645f.1735125756.13488a98
Timing-Allow-Origin: *
GET

https://r.bing.com/rb/5U/cir3,cc,nc/vQzKbQMzetrJLFKyVioeAbgvM7E.css?bu=Bm5ujBS_FeMXbg&or=w

msedge.exe

Remote address:

95.100.195.189:443

Request

GET /rb/5U/cir3,cc,nc/vQzKbQMzetrJLFKyVioeAbgvM7E.css?bu=Bm5ujBS_FeMXbg&or=w HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept: text/css,*/*;q=0.1
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: style
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=2338596C739167DE37764C0C725866D5; _EDGE_S=F=1&SID=1237EDD3F7EE629C1C5CF8B3F6276339; _EDGE_V=1; USRLOC=HS=1; _SS=PC=U531&SID=1237EDD3F7EE629C1C5CF8B3F6276339; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=2D3226E919DD4358A046111CD2C18B22&dmnchg=1; SRCHUSR=DOB=20241225; SRCHHPGUSR=SRCHLANG=en; ak_bmsc=2A9335954D3F56E8581EF560E67280CB~000000000000000000000000000000~YAAQhsJkX5eApu2TAQAAQ+eN/RpUqnTT3y0DuOK4JGYnvggFsOXTypTxjSCS2H/QHcqS5/tt98eklF8q24NGXIrzGoufZex6A1fFaYI0HtCXNAmQuV1svccr7m0EXvJ3VvliO+T1k61J9zAUzKtvK2aFs+ul2wAp1uSxNBsiIbRqpqM21hvia0At3e0RLJ7oOrbVsPPZhWTy7+l4ng/bARBf2Hwh2Ap9CsYKoENVXG7Icivuznsh1z4QWy7x5jhQ5Twh6GJQWj3Cg93jzNv5+Rs3xceCOyquicxIYQLJl7UKGsyFt8bjgA/kFCSH4lUnNfL6QPoIcGDmvCsT7fakphMixxP8B6mS1w3OGaqmpzjdjZwbF8wiVNy9Hx2soDk=

Response

HTTP/1.1 200 OK

Content-Length: 975
Content-Type: text/css; charset=utf-8
Server: Kestrel
Access-Control-Allow-Headers: *
Access-Control-Allow-Origin: *
Content-Encoding: br
Last-Modified: Sat, 02 Oct 2010 09:51:22 GMT
X-EventID: 676207470ba64159833002ad0da38928
UserAgentReductionOptOut: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
X-AS-InstrumentationOptions: AppServerLoggingMaster=1
X-AS-MACHINENAME: DUBEEAP0000E0C0
X-AS-SuppressSetCookie: 1
Content-Security-Policy: script-src https: 'strict-dynamic' 'report-sample' 'wasm-unsafe-eval' 'nonce-Hc3SWlOBXAVkKvPSJcxNDCS6iO3YPS9ygSVzjIKksBs='; base-uri 'self';
cross-origin-resource-policy: cross-origin
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.75}
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingrms"}]}
Cache-Control: public, max-age=172590
Expires: Fri, 27 Dec 2024 11:19:06 GMT
Date: Wed, 25 Dec 2024 11:22:36 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.91c2645f.1735125756.13488adb
Timing-Allow-Origin: *
GET

https://r.bing.com/rp/ILpAc2VIof0cr4Py3y4rAFMboow.br.css

msedge.exe

Remote address:

95.100.195.189:443

Request

GET /rp/ILpAc2VIof0cr4Py3y4rAFMboow.br.css HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept: text/css,*/*;q=0.1
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: style
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=2338596C739167DE37764C0C725866D5; _EDGE_S=F=1&SID=1237EDD3F7EE629C1C5CF8B3F6276339; _EDGE_V=1; USRLOC=HS=1; _SS=PC=U531&SID=1237EDD3F7EE629C1C5CF8B3F6276339; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=2D3226E919DD4358A046111CD2C18B22&dmnchg=1; SRCHUSR=DOB=20241225; SRCHHPGUSR=SRCHLANG=en; ak_bmsc=2A9335954D3F56E8581EF560E67280CB~000000000000000000000000000000~YAAQhsJkX5eApu2TAQAAQ+eN/RpUqnTT3y0DuOK4JGYnvggFsOXTypTxjSCS2H/QHcqS5/tt98eklF8q24NGXIrzGoufZex6A1fFaYI0HtCXNAmQuV1svccr7m0EXvJ3VvliO+T1k61J9zAUzKtvK2aFs+ul2wAp1uSxNBsiIbRqpqM21hvia0At3e0RLJ7oOrbVsPPZhWTy7+l4ng/bARBf2Hwh2Ap9CsYKoENVXG7Icivuznsh1z4QWy7x5jhQ5Twh6GJQWj3Cg93jzNv5+Rs3xceCOyquicxIYQLJl7UKGsyFt8bjgA/kFCSH4lUnNfL6QPoIcGDmvCsT7fakphMixxP8B6mS1w3OGaqmpzjdjZwbF8wiVNy9Hx2soDk=

Response

HTTP/1.1 200 OK

Last-Modified: Tue, 24 Sep 2024 06:09:08 GMT
ETag: 0x8DCDC5F66D174F1
Content-Length: 85
Content-Type: text/css
Content-Encoding: br
Content-MD5: jEIZ4hw9ZiVJKtrBxiHDuQ==
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: b369ffd9-001e-0033-5fa3-14b3bd000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Akamai-GRN: 0.9c777b5c.1734459802.116a0902
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
Cache-Control: public, no-transform, max-age=154441
Expires: Fri, 27 Dec 2024 06:16:37 GMT
Date: Wed, 25 Dec 2024 11:22:36 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.91c2645f.1735125756.13488bf5
Timing-Allow-Origin: *
GET

https://r.bing.com/rp/_uzlXsRnS5Ra0MSF1ACv1JzUOlU.br.css

msedge.exe

Remote address:

95.100.195.189:443

Request

GET /rp/_uzlXsRnS5Ra0MSF1ACv1JzUOlU.br.css HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept: text/css,*/*;q=0.1
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: style
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=2338596C739167DE37764C0C725866D5; _EDGE_S=F=1&SID=1237EDD3F7EE629C1C5CF8B3F6276339; _EDGE_V=1; USRLOC=HS=1; _SS=PC=U531&SID=1237EDD3F7EE629C1C5CF8B3F6276339; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=2D3226E919DD4358A046111CD2C18B22&dmnchg=1; SRCHUSR=DOB=20241225; SRCHHPGUSR=SRCHLANG=en; ak_bmsc=2A9335954D3F56E8581EF560E67280CB~000000000000000000000000000000~YAAQhsJkX5eApu2TAQAAQ+eN/RpUqnTT3y0DuOK4JGYnvggFsOXTypTxjSCS2H/QHcqS5/tt98eklF8q24NGXIrzGoufZex6A1fFaYI0HtCXNAmQuV1svccr7m0EXvJ3VvliO+T1k61J9zAUzKtvK2aFs+ul2wAp1uSxNBsiIbRqpqM21hvia0At3e0RLJ7oOrbVsPPZhWTy7+l4ng/bARBf2Hwh2Ap9CsYKoENVXG7Icivuznsh1z4QWy7x5jhQ5Twh6GJQWj3Cg93jzNv5+Rs3xceCOyquicxIYQLJl7UKGsyFt8bjgA/kFCSH4lUnNfL6QPoIcGDmvCsT7fakphMixxP8B6mS1w3OGaqmpzjdjZwbF8wiVNy9Hx2soDk=

Response

HTTP/1.1 200 OK

Last-Modified: Tue, 24 Sep 2024 06:37:46 GMT
ETag: 0x8DCDC6366BE2831
Content-Length: 256
Content-Type: text/css
Content-Encoding: br
Content-MD5: fqV0JA+jGQeYnere1LJCEA==
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 53fbf966-601e-006c-6211-1b4143000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=121861
Expires: Thu, 26 Dec 2024 21:13:37 GMT
Date: Wed, 25 Dec 2024 11:22:36 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.91c2645f.1735125756.13488d27
Timing-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/VktYCgYmJQhASKykbCzusQ8Uqo8.br.css

msedge.exe

Remote address:

95.100.195.189:443

Request

GET /rp/VktYCgYmJQhASKykbCzusQ8Uqo8.br.css HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept: text/css,*/*;q=0.1
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: style
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=2338596C739167DE37764C0C725866D5; _EDGE_S=F=1&SID=1237EDD3F7EE629C1C5CF8B3F6276339; _EDGE_V=1; USRLOC=HS=1; _SS=PC=U531&SID=1237EDD3F7EE629C1C5CF8B3F6276339; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=2D3226E919DD4358A046111CD2C18B22&dmnchg=1; SRCHUSR=DOB=20241225; SRCHHPGUSR=SRCHLANG=en; ak_bmsc=2A9335954D3F56E8581EF560E67280CB~000000000000000000000000000000~YAAQhsJkX5eApu2TAQAAQ+eN/RpUqnTT3y0DuOK4JGYnvggFsOXTypTxjSCS2H/QHcqS5/tt98eklF8q24NGXIrzGoufZex6A1fFaYI0HtCXNAmQuV1svccr7m0EXvJ3VvliO+T1k61J9zAUzKtvK2aFs+ul2wAp1uSxNBsiIbRqpqM21hvia0At3e0RLJ7oOrbVsPPZhWTy7+l4ng/bARBf2Hwh2Ap9CsYKoENVXG7Icivuznsh1z4QWy7x5jhQ5Twh6GJQWj3Cg93jzNv5+Rs3xceCOyquicxIYQLJl7UKGsyFt8bjgA/kFCSH4lUnNfL6QPoIcGDmvCsT7fakphMixxP8B6mS1w3OGaqmpzjdjZwbF8wiVNy9Hx2soDk=

Response

HTTP/1.1 200 OK

Last-Modified: Tue, 24 Sep 2024 06:30:05 GMT
ETag: 0x8DCDC62542E7C17
Content-Length: 637
Content-Type: text/css
Content-Encoding: br
Content-MD5: QDWztluiNa6htDWoN3w2OQ==
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 7f18ecf4-101e-0041-050b-1bc283000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Akamai-GRN: 0.a7777b5c.1729738978.12c6aa72
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
Cache-Control: public, no-transform, max-age=156296
Expires: Fri, 27 Dec 2024 06:47:32 GMT
Date: Wed, 25 Dec 2024 11:22:36 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.91c2645f.1735125756.13488e10
Timing-Allow-Origin: *
GET

https://r.bing.com/rp/ASquubOekjWYCJwlunJ-aqgJVvM.br.css

msedge.exe

Remote address:

95.100.195.189:443

Request

GET /rp/ASquubOekjWYCJwlunJ-aqgJVvM.br.css HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept: text/css,*/*;q=0.1
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: style
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=2338596C739167DE37764C0C725866D5; _EDGE_S=F=1&SID=1237EDD3F7EE629C1C5CF8B3F6276339; _EDGE_V=1; USRLOC=HS=1; _SS=PC=U531&SID=1237EDD3F7EE629C1C5CF8B3F6276339; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=2D3226E919DD4358A046111CD2C18B22&dmnchg=1; SRCHUSR=DOB=20241225; SRCHHPGUSR=SRCHLANG=en; ak_bmsc=2A9335954D3F56E8581EF560E67280CB~000000000000000000000000000000~YAAQhsJkX5eApu2TAQAAQ+eN/RpUqnTT3y0DuOK4JGYnvggFsOXTypTxjSCS2H/QHcqS5/tt98eklF8q24NGXIrzGoufZex6A1fFaYI0HtCXNAmQuV1svccr7m0EXvJ3VvliO+T1k61J9zAUzKtvK2aFs+ul2wAp1uSxNBsiIbRqpqM21hvia0At3e0RLJ7oOrbVsPPZhWTy7+l4ng/bARBf2Hwh2Ap9CsYKoENVXG7Icivuznsh1z4QWy7x5jhQ5Twh6GJQWj3Cg93jzNv5+Rs3xceCOyquicxIYQLJl7UKGsyFt8bjgA/kFCSH4lUnNfL6QPoIcGDmvCsT7fakphMixxP8B6mS1w3OGaqmpzjdjZwbF8wiVNy9Hx2soDk=

Response

HTTP/1.1 200 OK

Last-Modified: Tue, 24 Sep 2024 05:56:18 GMT
ETag: 0x8DCDC5D9BB244CD
Content-Length: 41
Content-Type: text/css
Content-Encoding: br
Content-MD5: NT1lDvhbPWu1BUSseKtivA==
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: e9e650dd-b01e-0065-53c4-175bcd000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Akamai-GRN: 0.ab777b5c.1730220500.2e666448
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
Cache-Control: public, no-transform, max-age=76491
Expires: Thu, 26 Dec 2024 08:37:27 GMT
Date: Wed, 25 Dec 2024 11:22:36 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.91c2645f.1735125756.13488ecf
Timing-Allow-Origin: *
GET

https://r.bing.com/rb/4N/cc,nc/snnSLSAwgsOSJF1HZbQVd81R95o.css?bu=Au0R-hE&or=w

msedge.exe

Remote address:

95.100.195.189:443

Request

GET /rb/4N/cc,nc/snnSLSAwgsOSJF1HZbQVd81R95o.css?bu=Au0R-hE&or=w HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept: text/css,*/*;q=0.1
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: style
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=2338596C739167DE37764C0C725866D5; _EDGE_S=F=1&SID=1237EDD3F7EE629C1C5CF8B3F6276339; _EDGE_V=1; USRLOC=HS=1; _SS=PC=U531&SID=1237EDD3F7EE629C1C5CF8B3F6276339; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=2D3226E919DD4358A046111CD2C18B22&dmnchg=1; SRCHUSR=DOB=20241225; SRCHHPGUSR=SRCHLANG=en; ak_bmsc=2A9335954D3F56E8581EF560E67280CB~000000000000000000000000000000~YAAQhsJkX5eApu2TAQAAQ+eN/RpUqnTT3y0DuOK4JGYnvggFsOXTypTxjSCS2H/QHcqS5/tt98eklF8q24NGXIrzGoufZex6A1fFaYI0HtCXNAmQuV1svccr7m0EXvJ3VvliO+T1k61J9zAUzKtvK2aFs+ul2wAp1uSxNBsiIbRqpqM21hvia0At3e0RLJ7oOrbVsPPZhWTy7+l4ng/bARBf2Hwh2Ap9CsYKoENVXG7Icivuznsh1z4QWy7x5jhQ5Twh6GJQWj3Cg93jzNv5+Rs3xceCOyquicxIYQLJl7UKGsyFt8bjgA/kFCSH4lUnNfL6QPoIcGDmvCsT7fakphMixxP8B6mS1w3OGaqmpzjdjZwbF8wiVNy9Hx2soDk=

Response

HTTP/1.1 200 OK

Content-Length: 478
Content-Type: text/css; charset=utf-8
Server: Kestrel
Access-Control-Allow-Headers: *
Access-Control-Allow-Origin: *
Content-Encoding: br
Last-Modified: Sun, 21 Nov 2010 23:55:20 GMT
X-EventID: 6763585b25874efabb8341fc4888b31c
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, ECT, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
UserAgentReductionOptOut: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
X-AS-InstrumentationOptions: AppServerLoggingMaster=1
X-AS-MACHINENAME: DUBEEAP0000E146
X-AS-SuppressSetCookie: 1
Content-Security-Policy: script-src https: 'strict-dynamic' 'report-sample' 'wasm-unsafe-eval' 'nonce-ExIT4gwIpSHziffyFnfyoMh/R2zt7nA5wSUZQEUvLS8='; base-uri 'self';report-to csp-endpoint
Report-To: {"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
Report-To: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingrms"}]}
cross-origin-resource-policy: cross-origin
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.75}
Cache-Control: public, max-age=258956
Expires: Sat, 28 Dec 2024 11:18:33 GMT
Date: Wed, 25 Dec 2024 11:22:37 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.91c2645f.1735125757.13488fbf
Timing-Allow-Origin: *
GET

https://r.bing.com/rp/oI5RhkwetxuVgfOww-Nc0yTFfkU.br.css

msedge.exe

Remote address:

95.100.195.189:443

Request

GET /rp/oI5RhkwetxuVgfOww-Nc0yTFfkU.br.css HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept: text/css,*/*;q=0.1
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: style
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=2338596C739167DE37764C0C725866D5; _EDGE_S=F=1&SID=1237EDD3F7EE629C1C5CF8B3F6276339; _EDGE_V=1; USRLOC=HS=1; _SS=PC=U531&SID=1237EDD3F7EE629C1C5CF8B3F6276339; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=2D3226E919DD4358A046111CD2C18B22&dmnchg=1; SRCHUSR=DOB=20241225; SRCHHPGUSR=SRCHLANG=en; ak_bmsc=2A9335954D3F56E8581EF560E67280CB~000000000000000000000000000000~YAAQhsJkX5eApu2TAQAAQ+eN/RpUqnTT3y0DuOK4JGYnvggFsOXTypTxjSCS2H/QHcqS5/tt98eklF8q24NGXIrzGoufZex6A1fFaYI0HtCXNAmQuV1svccr7m0EXvJ3VvliO+T1k61J9zAUzKtvK2aFs+ul2wAp1uSxNBsiIbRqpqM21hvia0At3e0RLJ7oOrbVsPPZhWTy7+l4ng/bARBf2Hwh2Ap9CsYKoENVXG7Icivuznsh1z4QWy7x5jhQ5Twh6GJQWj3Cg93jzNv5+Rs3xceCOyquicxIYQLJl7UKGsyFt8bjgA/kFCSH4lUnNfL6QPoIcGDmvCsT7fakphMixxP8B6mS1w3OGaqmpzjdjZwbF8wiVNy9Hx2soDk=

Response

HTTP/1.1 200 OK

Last-Modified: Tue, 24 Sep 2024 06:59:15 GMT
ETag: 0x8DCDC66670B5061
Content-Length: 57
Content-Type: text/css
Content-Encoding: br
Content-MD5: HxTYuzm+bBlqMabY5Pojtg==
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: b03a757c-f01e-002d-4a21-176950000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Akamai-GRN: 0.54711102.1729804535.898d6f3
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
Cache-Control: public, no-transform, max-age=194887
Expires: Fri, 27 Dec 2024 17:30:44 GMT
Date: Wed, 25 Dec 2024 11:22:37 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.91c2645f.1735125757.134890c3
Timing-Allow-Origin: *
GET

https://r.bing.com/rp/IlGx5JyQLSR5amBY1qzAWL3z-LI.br.css

msedge.exe

Remote address:

95.100.195.189:443

Request

GET /rp/IlGx5JyQLSR5amBY1qzAWL3z-LI.br.css HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept: text/css,*/*;q=0.1
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: style
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=2338596C739167DE37764C0C725866D5; _EDGE_S=F=1&SID=1237EDD3F7EE629C1C5CF8B3F6276339; _EDGE_V=1; USRLOC=HS=1; _SS=PC=U531&SID=1237EDD3F7EE629C1C5CF8B3F6276339; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=2D3226E919DD4358A046111CD2C18B22&dmnchg=1; SRCHUSR=DOB=20241225; SRCHHPGUSR=SRCHLANG=en; ak_bmsc=2A9335954D3F56E8581EF560E67280CB~000000000000000000000000000000~YAAQhsJkX5eApu2TAQAAQ+eN/RpUqnTT3y0DuOK4JGYnvggFsOXTypTxjSCS2H/QHcqS5/tt98eklF8q24NGXIrzGoufZex6A1fFaYI0HtCXNAmQuV1svccr7m0EXvJ3VvliO+T1k61J9zAUzKtvK2aFs+ul2wAp1uSxNBsiIbRqpqM21hvia0At3e0RLJ7oOrbVsPPZhWTy7+l4ng/bARBf2Hwh2Ap9CsYKoENVXG7Icivuznsh1z4QWy7x5jhQ5Twh6GJQWj3Cg93jzNv5+Rs3xceCOyquicxIYQLJl7UKGsyFt8bjgA/kFCSH4lUnNfL6QPoIcGDmvCsT7fakphMixxP8B6mS1w3OGaqmpzjdjZwbF8wiVNy9Hx2soDk=

Response

HTTP/1.1 200 OK

Last-Modified: Tue, 24 Sep 2024 06:09:35 GMT
ETag: 0x8DCDC5F7732C5D7
Akamai-GRN: 0.5f221002.1729774506.19c5de5
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
Content-Length: 10
Content-Type: text/css; charset=utf-8
Content-Encoding: br
Content-MD5: Bb6S1Qp/ZCNoN+Xn6ZVoCw==
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 0106e435-301e-003b-6453-15a8ce000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=170138
Expires: Fri, 27 Dec 2024 10:38:15 GMT
Date: Wed, 25 Dec 2024 11:22:37 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.91c2645f.1735125757.134891bb
Timing-Allow-Origin: *
GET

https://r.bing.com/rp/tH67fvQiF0nalrIJQQCukA-8_u4.br.css

msedge.exe

Remote address:

95.100.195.189:443

Request

GET /rp/tH67fvQiF0nalrIJQQCukA-8_u4.br.css HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept: text/css,*/*;q=0.1
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: style
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=2338596C739167DE37764C0C725866D5; _EDGE_S=F=1&SID=1237EDD3F7EE629C1C5CF8B3F6276339; _EDGE_V=1; USRLOC=HS=1; _SS=PC=U531&SID=1237EDD3F7EE629C1C5CF8B3F6276339; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=2D3226E919DD4358A046111CD2C18B22&dmnchg=1; SRCHUSR=DOB=20241225; SRCHHPGUSR=SRCHLANG=en; ak_bmsc=2A9335954D3F56E8581EF560E67280CB~000000000000000000000000000000~YAAQhsJkX5eApu2TAQAAQ+eN/RpUqnTT3y0DuOK4JGYnvggFsOXTypTxjSCS2H/QHcqS5/tt98eklF8q24NGXIrzGoufZex6A1fFaYI0HtCXNAmQuV1svccr7m0EXvJ3VvliO+T1k61J9zAUzKtvK2aFs+ul2wAp1uSxNBsiIbRqpqM21hvia0At3e0RLJ7oOrbVsPPZhWTy7+l4ng/bARBf2Hwh2Ap9CsYKoENVXG7Icivuznsh1z4QWy7x5jhQ5Twh6GJQWj3Cg93jzNv5+Rs3xceCOyquicxIYQLJl7UKGsyFt8bjgA/kFCSH4lUnNfL6QPoIcGDmvCsT7fakphMixxP8B6mS1w3OGaqmpzjdjZwbF8wiVNy9Hx2soDk=

Response

HTTP/1.1 200 OK

Last-Modified: Tue, 24 Sep 2024 07:07:06 GMT
ETag: 0x8DCDC677F9E4051
Akamai-GRN: 0.ab777b5c.1729234444.3a5f4f80
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
Content-Length: 231
Content-Type: text/css
Content-Encoding: br
Content-MD5: +FFYHZmrU6b90bor/dTorw==
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: e67e8cc2-801e-0044-6d37-1636fc000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=225965
Expires: Sat, 28 Dec 2024 02:08:42 GMT
Date: Wed, 25 Dec 2024 11:22:37 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.91c2645f.1735125757.13489292
Timing-Allow-Origin: *
GET

https://r.bing.com/rp/4dS7uk1FfGdjhnjNuO7uM1lU6Dc.br.css

msedge.exe

Remote address:

95.100.195.189:443

Request

GET /rp/4dS7uk1FfGdjhnjNuO7uM1lU6Dc.br.css HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept: text/css,*/*;q=0.1
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: style
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=2338596C739167DE37764C0C725866D5; _EDGE_S=F=1&SID=1237EDD3F7EE629C1C5CF8B3F6276339; _EDGE_V=1; USRLOC=HS=1; _SS=PC=U531&SID=1237EDD3F7EE629C1C5CF8B3F6276339; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=2D3226E919DD4358A046111CD2C18B22&dmnchg=1; ak_bmsc=2A9335954D3F56E8581EF560E67280CB~000000000000000000000000000000~YAAQhsJkX5eApu2TAQAAQ+eN/RpUqnTT3y0DuOK4JGYnvggFsOXTypTxjSCS2H/QHcqS5/tt98eklF8q24NGXIrzGoufZex6A1fFaYI0HtCXNAmQuV1svccr7m0EXvJ3VvliO+T1k61J9zAUzKtvK2aFs+ul2wAp1uSxNBsiIbRqpqM21hvia0At3e0RLJ7oOrbVsPPZhWTy7+l4ng/bARBf2Hwh2Ap9CsYKoENVXG7Icivuznsh1z4QWy7x5jhQ5Twh6GJQWj3Cg93jzNv5+Rs3xceCOyquicxIYQLJl7UKGsyFt8bjgA/kFCSH4lUnNfL6QPoIcGDmvCsT7fakphMixxP8B6mS1w3OGaqmpzjdjZwbF8wiVNy9Hx2soDk=; SRCHUSR=DOB=20241225&T=1735125755000; SRCHHPGUSR=SRCHLANG=en&HV=1735125756&DM=0&NTWKTYP=4g&BRW=M&BRH=S&CW=1280&CH=601&SCW=1263&SCH=1983&DPR=1.0&UTC=0&PV=10.0&EXLTT=1

Response

HTTP/1.1 200 OK

Last-Modified: Mon, 14 Oct 2024 19:39:58 GMT
ETag: 0x8DCEC87FC88DD06
Content-Length: 667
Content-Type: text/css
Content-Encoding: br
Content-MD5: SlmK99Bz8Y22/6oP7nKlDg==
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 7a0e9bb7-101e-0068-0ef2-36b4c1000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Akamai-GRN: 0.a9777b5c.1731634704.139a2654
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
Cache-Control: public, no-transform, max-age=427632
Expires: Mon, 30 Dec 2024 10:09:52 GMT
Date: Wed, 25 Dec 2024 11:22:40 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.91c2645f.1735125760.1348938c
Timing-Allow-Origin: *
GET

https://r.bing.com/rp/17Kbwo14aoBIPkSeISAgHKajyeA.br.css

msedge.exe

Remote address:

95.100.195.189:443

Request

GET /rp/17Kbwo14aoBIPkSeISAgHKajyeA.br.css HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept: text/css,*/*;q=0.1
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: style
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=2338596C739167DE37764C0C725866D5; _EDGE_S=F=1&SID=1237EDD3F7EE629C1C5CF8B3F6276339; _EDGE_V=1; USRLOC=HS=1; _SS=PC=U531&SID=1237EDD3F7EE629C1C5CF8B3F6276339; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=2D3226E919DD4358A046111CD2C18B22&dmnchg=1; ak_bmsc=2A9335954D3F56E8581EF560E67280CB~000000000000000000000000000000~YAAQhsJkX5eApu2TAQAAQ+eN/RpUqnTT3y0DuOK4JGYnvggFsOXTypTxjSCS2H/QHcqS5/tt98eklF8q24NGXIrzGoufZex6A1fFaYI0HtCXNAmQuV1svccr7m0EXvJ3VvliO+T1k61J9zAUzKtvK2aFs+ul2wAp1uSxNBsiIbRqpqM21hvia0At3e0RLJ7oOrbVsPPZhWTy7+l4ng/bARBf2Hwh2Ap9CsYKoENVXG7Icivuznsh1z4QWy7x5jhQ5Twh6GJQWj3Cg93jzNv5+Rs3xceCOyquicxIYQLJl7UKGsyFt8bjgA/kFCSH4lUnNfL6QPoIcGDmvCsT7fakphMixxP8B6mS1w3OGaqmpzjdjZwbF8wiVNy9Hx2soDk=; SRCHUSR=DOB=20241225&T=1735125755000; _C_ETH=1; SRCHHPGUSR=SRCHLANG=en&HV=1735125759&DM=0&NTWKTYP=4g&BRW=M&BRH=S&CW=1280&CH=601&SCW=1263&SCH=1983&DPR=1.0&UTC=0&PV=10.0

Response

HTTP/1.1 200 OK

Last-Modified: Mon, 14 Oct 2024 19:29:57 GMT
ETag: 0x8DCEC86967FA2A4
Content-Length: 326
Content-Type: text/css; charset=utf-8
Content-Encoding: br
Content-MD5: yxQVEL8D2yYKzOkWuxDcBg==
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: d05ba974-b01e-0003-4c02-22e997000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=162771
Expires: Fri, 27 Dec 2024 08:35:31 GMT
Date: Wed, 25 Dec 2024 11:22:40 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.91c2645f.1735125760.1348a682
Timing-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/fdVZU4ttbw8NDRm6H3I5BW3_vCo.svg

msedge.exe

Remote address:

95.100.195.189:443

Request

GET /rp/fdVZU4ttbw8NDRm6H3I5BW3_vCo.svg HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=2338596C739167DE37764C0C725866D5; _EDGE_S=F=1&SID=1237EDD3F7EE629C1C5CF8B3F6276339; _EDGE_V=1; USRLOC=HS=1; _SS=PC=U531&SID=1237EDD3F7EE629C1C5CF8B3F6276339; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=2D3226E919DD4358A046111CD2C18B22&dmnchg=1; ak_bmsc=2A9335954D3F56E8581EF560E67280CB~000000000000000000000000000000~YAAQhsJkX5eApu2TAQAAQ+eN/RpUqnTT3y0DuOK4JGYnvggFsOXTypTxjSCS2H/QHcqS5/tt98eklF8q24NGXIrzGoufZex6A1fFaYI0HtCXNAmQuV1svccr7m0EXvJ3VvliO+T1k61J9zAUzKtvK2aFs+ul2wAp1uSxNBsiIbRqpqM21hvia0At3e0RLJ7oOrbVsPPZhWTy7+l4ng/bARBf2Hwh2Ap9CsYKoENVXG7Icivuznsh1z4QWy7x5jhQ5Twh6GJQWj3Cg93jzNv5+Rs3xceCOyquicxIYQLJl7UKGsyFt8bjgA/kFCSH4lUnNfL6QPoIcGDmvCsT7fakphMixxP8B6mS1w3OGaqmpzjdjZwbF8wiVNy9Hx2soDk=; SRCHUSR=DOB=20241225&T=1735125755000; _C_ETH=1; SRCHHPGUSR=SRCHLANG=en&HV=1735125759&DM=0&NTWKTYP=4g&BRW=M&BRH=S&CW=1280&CH=601&SCW=1263&SCH=1983&DPR=1.0&UTC=0&PV=10.0

Response

HTTP/1.1 200 OK

Last-Modified: Tue, 24 Sep 2024 06:46:34 GMT
ETag: 0x8DCDC64A18F365B
Content-Length: 671
Content-Type: image/svg+xml
Content-MD5: 2e0aQjQvN2lVcUGQcPjoGA==
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 08fd2788-101e-0005-299e-161eef000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=380086
Expires: Sun, 29 Dec 2024 20:57:27 GMT
Date: Wed, 25 Dec 2024 11:22:41 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.91c2645f.1735125761.1348a796
Timing-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/NnFHhz2jL6yzChtIhaB5IIVKY5k.svg

msedge.exe

Remote address:

95.100.195.189:443

Request

GET /rp/NnFHhz2jL6yzChtIhaB5IIVKY5k.svg HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=2338596C739167DE37764C0C725866D5; _EDGE_S=F=1&SID=1237EDD3F7EE629C1C5CF8B3F6276339; _EDGE_V=1; USRLOC=HS=1; _SS=PC=U531&SID=1237EDD3F7EE629C1C5CF8B3F6276339; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=2D3226E919DD4358A046111CD2C18B22&dmnchg=1; ak_bmsc=2A9335954D3F56E8581EF560E67280CB~000000000000000000000000000000~YAAQhsJkX5eApu2TAQAAQ+eN/RpUqnTT3y0DuOK4JGYnvggFsOXTypTxjSCS2H/QHcqS5/tt98eklF8q24NGXIrzGoufZex6A1fFaYI0HtCXNAmQuV1svccr7m0EXvJ3VvliO+T1k61J9zAUzKtvK2aFs+ul2wAp1uSxNBsiIbRqpqM21hvia0At3e0RLJ7oOrbVsPPZhWTy7+l4ng/bARBf2Hwh2Ap9CsYKoENVXG7Icivuznsh1z4QWy7x5jhQ5Twh6GJQWj3Cg93jzNv5+Rs3xceCOyquicxIYQLJl7UKGsyFt8bjgA/kFCSH4lUnNfL6QPoIcGDmvCsT7fakphMixxP8B6mS1w3OGaqmpzjdjZwbF8wiVNy9Hx2soDk=; SRCHUSR=DOB=20241225&T=1735125755000; _C_ETH=1; SRCHHPGUSR=SRCHLANG=en&HV=1735125759&DM=0&NTWKTYP=4g&BRW=M&BRH=S&CW=1280&CH=601&SCW=1263&SCH=1983&DPR=1.0&UTC=0&PV=10.0

Response

HTTP/1.1 200 OK

Content-Length: 1111
Content-Type: image/svg+xml
Content-MD5: wEyINKyRgCGG5s5neuSonQ==
Last-Modified: Mon, 15 Aug 2022 17:43:38 GMT
ETag: 0x8DA7EE5AFDCD0E6
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: b64d6f1d-301e-0026-47c0-9e523e000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Akamai-GRN: 0.b69f3617.1734277877.1be94e0c
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
Akamai-GRN: 0.96777b5c.1734590716.213d7025
Cache-Control: public, no-transform, max-age=13166144
Expires: Mon, 26 May 2025 20:38:25 GMT
Date: Wed, 25 Dec 2024 11:22:41 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.91c2645f.1735125761.1348a877
Timing-Allow-Origin: *
GET

https://r.bing.com/rp/dbmNS45xQvD1diApY1T2HExvOo8.jpg

msedge.exe

Remote address:

95.100.195.189:443

Request

GET /rp/dbmNS45xQvD1diApY1T2HExvOo8.jpg HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=2338596C739167DE37764C0C725866D5; _EDGE_S=F=1&SID=1237EDD3F7EE629C1C5CF8B3F6276339; _EDGE_V=1; USRLOC=HS=1; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=2D3226E919DD4358A046111CD2C18B22&dmnchg=1; ak_bmsc=2A9335954D3F56E8581EF560E67280CB~000000000000000000000000000000~YAAQhsJkX5eApu2TAQAAQ+eN/RpUqnTT3y0DuOK4JGYnvggFsOXTypTxjSCS2H/QHcqS5/tt98eklF8q24NGXIrzGoufZex6A1fFaYI0HtCXNAmQuV1svccr7m0EXvJ3VvliO+T1k61J9zAUzKtvK2aFs+ul2wAp1uSxNBsiIbRqpqM21hvia0At3e0RLJ7oOrbVsPPZhWTy7+l4ng/bARBf2Hwh2Ap9CsYKoENVXG7Icivuznsh1z4QWy7x5jhQ5Twh6GJQWj3Cg93jzNv5+Rs3xceCOyquicxIYQLJl7UKGsyFt8bjgA/kFCSH4lUnNfL6QPoIcGDmvCsT7fakphMixxP8B6mS1w3OGaqmpzjdjZwbF8wiVNy9Hx2soDk=; SRCHUSR=DOB=20241225&T=1735125755000; _C_ETH=1; SRCHHPGUSR=SRCHLANG=en&HV=1735125759&DM=0&NTWKTYP=4g&BRW=M&BRH=S&CW=1280&CH=601&SCW=1263&SCH=1983&DPR=1.0&UTC=0&PV=10.0; _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-12-25T08:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-12-25T11:22:41.1737217+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _Rwho=u=d&ts=2024-12-25; _SS=PC=U531&SID=1237EDD3F7EE629C1C5CF8B3F6276339&R=3&RB=0&GB=0&RG=200&RP=0

Response

HTTP/1.1 200 OK

Last-Modified: Tue, 24 Sep 2024 06:43:17 GMT
ETag: 0x8DCDC642C51AEC8
Content-Length: 4934
Content-Type: image/jpeg
Content-MD5: /aLOrgZ5YRk35ucfcBo2qw==
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 6bd85cd6-c01e-006a-44d5-27b63b000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=87224
Expires: Thu, 26 Dec 2024 11:36:25 GMT
Date: Wed, 25 Dec 2024 11:22:41 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.91c2645f.1735125761.1348a9d9
Timing-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/mq2km3vGlSmBhmoWmAFYcw09I0o.br.css

msedge.exe

Remote address:

95.100.195.189:443

Request

GET /rp/mq2km3vGlSmBhmoWmAFYcw09I0o.br.css HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept: text/css,*/*;q=0.1
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: style
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=2338596C739167DE37764C0C725866D5; _EDGE_S=F=1&SID=1237EDD3F7EE629C1C5CF8B3F6276339; _EDGE_V=1; USRLOC=HS=1; _SS=PC=U531&SID=1237EDD3F7EE629C1C5CF8B3F6276339; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=2D3226E919DD4358A046111CD2C18B22&dmnchg=1; SRCHUSR=DOB=20241225; SRCHHPGUSR=SRCHLANG=en; ak_bmsc=2A9335954D3F56E8581EF560E67280CB~000000000000000000000000000000~YAAQhsJkX5eApu2TAQAAQ+eN/RpUqnTT3y0DuOK4JGYnvggFsOXTypTxjSCS2H/QHcqS5/tt98eklF8q24NGXIrzGoufZex6A1fFaYI0HtCXNAmQuV1svccr7m0EXvJ3VvliO+T1k61J9zAUzKtvK2aFs+ul2wAp1uSxNBsiIbRqpqM21hvia0At3e0RLJ7oOrbVsPPZhWTy7+l4ng/bARBf2Hwh2Ap9CsYKoENVXG7Icivuznsh1z4QWy7x5jhQ5Twh6GJQWj3Cg93jzNv5+Rs3xceCOyquicxIYQLJl7UKGsyFt8bjgA/kFCSH4lUnNfL6QPoIcGDmvCsT7fakphMixxP8B6mS1w3OGaqmpzjdjZwbF8wiVNy9Hx2soDk=

Response

HTTP/1.1 200 OK

Last-Modified: Tue, 24 Sep 2024 06:57:30 GMT
ETag: 0x8DCDC662893026D
Akamai-GRN: 0.ec3f655f.1730065121.12066726
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
Content-Length: 358
Content-Type: text/css
Content-Encoding: br
Content-MD5: TSjnrgTnCqawYeZ3yGC9RQ==
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: ad73db5a-701e-0015-3f66-172809000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=295024
Expires: Sat, 28 Dec 2024 21:19:40 GMT
Date: Wed, 25 Dec 2024 11:22:36 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.90c2645f.1735125756.23dc4f24
Timing-Allow-Origin: *
GET

https://r.bing.com/rb/5W/cir3,cc,nc/jaWASttYmk6jtv2YhoMNB2OzLI0.css?bu=DeEu4DCkMqky5DLmOok9aOkxjS9ogzxo&or=w

msedge.exe

Remote address:

95.100.195.189:443

Request

GET /rb/5W/cir3,cc,nc/jaWASttYmk6jtv2YhoMNB2OzLI0.css?bu=DeEu4DCkMqky5DLmOok9aOkxjS9ogzxo&or=w HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept: text/css,*/*;q=0.1
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: style
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=2338596C739167DE37764C0C725866D5; _EDGE_S=F=1&SID=1237EDD3F7EE629C1C5CF8B3F6276339; _EDGE_V=1; USRLOC=HS=1; _SS=PC=U531&SID=1237EDD3F7EE629C1C5CF8B3F6276339; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=2D3226E919DD4358A046111CD2C18B22&dmnchg=1; SRCHUSR=DOB=20241225; SRCHHPGUSR=SRCHLANG=en; ak_bmsc=2A9335954D3F56E8581EF560E67280CB~000000000000000000000000000000~YAAQhsJkX5eApu2TAQAAQ+eN/RpUqnTT3y0DuOK4JGYnvggFsOXTypTxjSCS2H/QHcqS5/tt98eklF8q24NGXIrzGoufZex6A1fFaYI0HtCXNAmQuV1svccr7m0EXvJ3VvliO+T1k61J9zAUzKtvK2aFs+ul2wAp1uSxNBsiIbRqpqM21hvia0At3e0RLJ7oOrbVsPPZhWTy7+l4ng/bARBf2Hwh2Ap9CsYKoENVXG7Icivuznsh1z4QWy7x5jhQ5Twh6GJQWj3Cg93jzNv5+Rs3xceCOyquicxIYQLJl7UKGsyFt8bjgA/kFCSH4lUnNfL6QPoIcGDmvCsT7fakphMixxP8B6mS1w3OGaqmpzjdjZwbF8wiVNy9Hx2soDk=

Response

HTTP/1.1 200 OK

Content-Length: 2041
Content-Type: text/css; charset=utf-8
Server: Kestrel
Access-Control-Allow-Headers: *
Access-Control-Allow-Origin: *
Content-Encoding: br
Last-Modified: Wed, 10 Nov 2010 13:52:25 GMT
X-EventID: 67636ad70a5b41c78b4cc8253c59ca0f
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, ECT, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
UserAgentReductionOptOut: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
X-AS-InstrumentationOptions: AppServerLoggingMaster=1
X-AS-MACHINENAME: DUBEEAP0000E0C1
X-AS-SuppressSetCookie: 1
Content-Security-Policy: script-src https: 'strict-dynamic' 'report-sample' 'wasm-unsafe-eval' 'nonce-Xfqt5X3OdLHOfCC4CM4WtzESC6tEWFRFnX3ZevOwR54='; base-uri 'self';report-to csp-endpoint
Report-To: {"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
Report-To: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingrms"}]}
cross-origin-resource-policy: cross-origin
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.75}
Cache-Control: public, max-age=259290
Expires: Sat, 28 Dec 2024 11:24:06 GMT
Date: Wed, 25 Dec 2024 11:22:36 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.90c2645f.1735125756.23dc4f34
Timing-Allow-Origin: *
GET

https://r.bing.com/rp/icNDaHbrcaIFIZRVzDw7Mn4j_ws.br.css

msedge.exe

Remote address:

95.100.195.189:443

Request

GET /rp/icNDaHbrcaIFIZRVzDw7Mn4j_ws.br.css HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept: text/css,*/*;q=0.1
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: style
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=2338596C739167DE37764C0C725866D5; _EDGE_S=F=1&SID=1237EDD3F7EE629C1C5CF8B3F6276339; _EDGE_V=1; USRLOC=HS=1; _SS=PC=U531&SID=1237EDD3F7EE629C1C5CF8B3F6276339; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=2D3226E919DD4358A046111CD2C18B22&dmnchg=1; SRCHUSR=DOB=20241225; SRCHHPGUSR=SRCHLANG=en; ak_bmsc=2A9335954D3F56E8581EF560E67280CB~000000000000000000000000000000~YAAQhsJkX5eApu2TAQAAQ+eN/RpUqnTT3y0DuOK4JGYnvggFsOXTypTxjSCS2H/QHcqS5/tt98eklF8q24NGXIrzGoufZex6A1fFaYI0HtCXNAmQuV1svccr7m0EXvJ3VvliO+T1k61J9zAUzKtvK2aFs+ul2wAp1uSxNBsiIbRqpqM21hvia0At3e0RLJ7oOrbVsPPZhWTy7+l4ng/bARBf2Hwh2Ap9CsYKoENVXG7Icivuznsh1z4QWy7x5jhQ5Twh6GJQWj3Cg93jzNv5+Rs3xceCOyquicxIYQLJl7UKGsyFt8bjgA/kFCSH4lUnNfL6QPoIcGDmvCsT7fakphMixxP8B6mS1w3OGaqmpzjdjZwbF8wiVNy9Hx2soDk=

Response

HTTP/1.1 200 OK

Last-Modified: Tue, 24 Sep 2024 06:50:45 GMT
ETag: 0x8DCDC65376C7797
Content-Length: 272
Content-Type: text/css
Content-Encoding: br
Content-MD5: F9yqEyPYdu8JDuYVRbaZ0A==
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 76aeb963-901e-0036-598e-1547c2000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Akamai-GRN: 0.4c1a1202.1734460005.75cb5b1b
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
Cache-Control: public, no-transform, max-age=198327
Expires: Fri, 27 Dec 2024 18:28:03 GMT
Date: Wed, 25 Dec 2024 11:22:36 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.90c2645f.1735125756.23dc5038
Timing-Allow-Origin: *
GET

https://r.bing.com/rp/wczR3URZR4-oWjjc5idYK8_hr54.br.css

msedge.exe

Remote address:

95.100.195.189:443

Request

GET /rp/wczR3URZR4-oWjjc5idYK8_hr54.br.css HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept: text/css,*/*;q=0.1
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: style
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=2338596C739167DE37764C0C725866D5; _EDGE_S=F=1&SID=1237EDD3F7EE629C1C5CF8B3F6276339; _EDGE_V=1; USRLOC=HS=1; _SS=PC=U531&SID=1237EDD3F7EE629C1C5CF8B3F6276339; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=2D3226E919DD4358A046111CD2C18B22&dmnchg=1; SRCHUSR=DOB=20241225; SRCHHPGUSR=SRCHLANG=en; ak_bmsc=2A9335954D3F56E8581EF560E67280CB~000000000000000000000000000000~YAAQhsJkX5eApu2TAQAAQ+eN/RpUqnTT3y0DuOK4JGYnvggFsOXTypTxjSCS2H/QHcqS5/tt98eklF8q24NGXIrzGoufZex6A1fFaYI0HtCXNAmQuV1svccr7m0EXvJ3VvliO+T1k61J9zAUzKtvK2aFs+ul2wAp1uSxNBsiIbRqpqM21hvia0At3e0RLJ7oOrbVsPPZhWTy7+l4ng/bARBf2Hwh2Ap9CsYKoENVXG7Icivuznsh1z4QWy7x5jhQ5Twh6GJQWj3Cg93jzNv5+Rs3xceCOyquicxIYQLJl7UKGsyFt8bjgA/kFCSH4lUnNfL6QPoIcGDmvCsT7fakphMixxP8B6mS1w3OGaqmpzjdjZwbF8wiVNy9Hx2soDk=

Response

HTTP/1.1 200 OK

Last-Modified: Fri, 18 Oct 2024 21:09:40 GMT
ETag: 0x8DCEFB92E12AA2E
Content-Length: 362
Content-Type: text/css
Content-Encoding: br
Content-MD5: tOWLy5TTnZmu/Ug6KvlKMA==
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: f69e5610-501e-002b-1ec5-219e28000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Akamai-GRN: 0.a1777b5c.1729313267.1b727b3
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
Cache-Control: public, no-transform, max-age=76787
Expires: Thu, 26 Dec 2024 08:42:23 GMT
Date: Wed, 25 Dec 2024 11:22:36 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.90c2645f.1735125756.23dc5115
Timing-Allow-Origin: *
GET

https://r.bing.com/rp/BAy11H3wRXaRcm85yqz4_tjE_U8.br.css

msedge.exe

Remote address:

95.100.195.189:443

Request

GET /rp/BAy11H3wRXaRcm85yqz4_tjE_U8.br.css HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept: text/css,*/*;q=0.1
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: style
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=2338596C739167DE37764C0C725866D5; _EDGE_S=F=1&SID=1237EDD3F7EE629C1C5CF8B3F6276339; _EDGE_V=1; USRLOC=HS=1; _SS=PC=U531&SID=1237EDD3F7EE629C1C5CF8B3F6276339; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=2D3226E919DD4358A046111CD2C18B22&dmnchg=1; SRCHUSR=DOB=20241225; SRCHHPGUSR=SRCHLANG=en; ak_bmsc=2A9335954D3F56E8581EF560E67280CB~000000000000000000000000000000~YAAQhsJkX5eApu2TAQAAQ+eN/RpUqnTT3y0DuOK4JGYnvggFsOXTypTxjSCS2H/QHcqS5/tt98eklF8q24NGXIrzGoufZex6A1fFaYI0HtCXNAmQuV1svccr7m0EXvJ3VvliO+T1k61J9zAUzKtvK2aFs+ul2wAp1uSxNBsiIbRqpqM21hvia0At3e0RLJ7oOrbVsPPZhWTy7+l4ng/bARBf2Hwh2Ap9CsYKoENVXG7Icivuznsh1z4QWy7x5jhQ5Twh6GJQWj3Cg93jzNv5+Rs3xceCOyquicxIYQLJl7UKGsyFt8bjgA/kFCSH4lUnNfL6QPoIcGDmvCsT7fakphMixxP8B6mS1w3OGaqmpzjdjZwbF8wiVNy9Hx2soDk=

Response

HTTP/1.1 200 OK

Last-Modified: Tue, 24 Sep 2024 05:57:41 GMT
ETag: 0x8DCDC5DCD4D012E
Akamai-GRN: 0.e7061502.1730150018.c5f273
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
Content-Length: 118
Content-Type: text/css
Content-Encoding: br
Content-MD5: 6wYw3u/GPs1Cw4KBLjFI7Q==
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 1f1152b1-701e-003c-6a60-175e4b000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=244300
Expires: Sat, 28 Dec 2024 07:14:16 GMT
Date: Wed, 25 Dec 2024 11:22:36 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.90c2645f.1735125756.23dc5272
Timing-Allow-Origin: *
GET

https://r.bing.com/rp/2W6N7byXj1BspnYUZI2WP3l11J0.br.css

msedge.exe

Remote address:

95.100.195.189:443

Request

GET /rp/2W6N7byXj1BspnYUZI2WP3l11J0.br.css HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept: text/css,*/*;q=0.1
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: style
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=2338596C739167DE37764C0C725866D5; _EDGE_S=F=1&SID=1237EDD3F7EE629C1C5CF8B3F6276339; _EDGE_V=1; USRLOC=HS=1; _SS=PC=U531&SID=1237EDD3F7EE629C1C5CF8B3F6276339; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=2D3226E919DD4358A046111CD2C18B22&dmnchg=1; SRCHUSR=DOB=20241225; SRCHHPGUSR=SRCHLANG=en; ak_bmsc=2A9335954D3F56E8581EF560E67280CB~000000000000000000000000000000~YAAQhsJkX5eApu2TAQAAQ+eN/RpUqnTT3y0DuOK4JGYnvggFsOXTypTxjSCS2H/QHcqS5/tt98eklF8q24NGXIrzGoufZex6A1fFaYI0HtCXNAmQuV1svccr7m0EXvJ3VvliO+T1k61J9zAUzKtvK2aFs+ul2wAp1uSxNBsiIbRqpqM21hvia0At3e0RLJ7oOrbVsPPZhWTy7+l4ng/bARBf2Hwh2Ap9CsYKoENVXG7Icivuznsh1z4QWy7x5jhQ5Twh6GJQWj3Cg93jzNv5+Rs3xceCOyquicxIYQLJl7UKGsyFt8bjgA/kFCSH4lUnNfL6QPoIcGDmvCsT7fakphMixxP8B6mS1w3OGaqmpzjdjZwbF8wiVNy9Hx2soDk=

Response

HTTP/1.1 200 OK

Last-Modified: Mon, 14 Oct 2024 19:34:04 GMT
ETag: 0x8DCEC87297FDB02
Akamai-GRN: 0.4a367a5c.1730358139.9554a3c
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
Content-Length: 465
Content-Type: text/css; charset=utf-8
Content-Encoding: br
Content-MD5: RboUAZZdwxsCpfA+o/WMbw==
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 4ec3ec17-f01e-0026-5632-1f7124000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=50651
Expires: Thu, 26 Dec 2024 01:26:47 GMT
Date: Wed, 25 Dec 2024 11:22:36 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.90c2645f.1735125756.23dc535a
Timing-Allow-Origin: *
GET

https://r.bing.com/rp/rcJx5DodqqK-wxOI4K71tEgPVuE.br.css

msedge.exe

Remote address:

95.100.195.189:443

Request

GET /rp/rcJx5DodqqK-wxOI4K71tEgPVuE.br.css HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept: text/css,*/*;q=0.1
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: style
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=2338596C739167DE37764C0C725866D5; _EDGE_S=F=1&SID=1237EDD3F7EE629C1C5CF8B3F6276339; _EDGE_V=1; USRLOC=HS=1; _SS=PC=U531&SID=1237EDD3F7EE629C1C5CF8B3F6276339; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=2D3226E919DD4358A046111CD2C18B22&dmnchg=1; SRCHUSR=DOB=20241225; SRCHHPGUSR=SRCHLANG=en; ak_bmsc=2A9335954D3F56E8581EF560E67280CB~000000000000000000000000000000~YAAQhsJkX5eApu2TAQAAQ+eN/RpUqnTT3y0DuOK4JGYnvggFsOXTypTxjSCS2H/QHcqS5/tt98eklF8q24NGXIrzGoufZex6A1fFaYI0HtCXNAmQuV1svccr7m0EXvJ3VvliO+T1k61J9zAUzKtvK2aFs+ul2wAp1uSxNBsiIbRqpqM21hvia0At3e0RLJ7oOrbVsPPZhWTy7+l4ng/bARBf2Hwh2Ap9CsYKoENVXG7Icivuznsh1z4QWy7x5jhQ5Twh6GJQWj3Cg93jzNv5+Rs3xceCOyquicxIYQLJl7UKGsyFt8bjgA/kFCSH4lUnNfL6QPoIcGDmvCsT7fakphMixxP8B6mS1w3OGaqmpzjdjZwbF8wiVNy9Hx2soDk=

Response

HTTP/1.1 200 OK

Last-Modified: Tue, 24 Sep 2024 07:04:51 GMT
ETag: 0x8DCDC672F98855E
Content-Length: 114
Content-Type: text/css
Content-Encoding: br
Content-MD5: +pMZ3zDO5fQi8OwDnJk2Sg==
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: fc82fb29-a01e-003e-6a67-175cb1000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Akamai-GRN: 0.a1777b5c.1730928402.b6b97e
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
Cache-Control: public, no-transform, max-age=412109
Expires: Mon, 30 Dec 2024 05:51:06 GMT
Date: Wed, 25 Dec 2024 11:22:37 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.90c2645f.1735125757.23dc53f4
Timing-Allow-Origin: *
GET

https://r.bing.com/rp/H_AIjpKtj6MWw03xzSY7VP-3v_g.br.css

msedge.exe

Remote address:

95.100.195.189:443

Request

GET /rp/H_AIjpKtj6MWw03xzSY7VP-3v_g.br.css HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept: text/css,*/*;q=0.1
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: style
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=2338596C739167DE37764C0C725866D5; _EDGE_S=F=1&SID=1237EDD3F7EE629C1C5CF8B3F6276339; _EDGE_V=1; USRLOC=HS=1; _SS=PC=U531&SID=1237EDD3F7EE629C1C5CF8B3F6276339; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=2D3226E919DD4358A046111CD2C18B22&dmnchg=1; SRCHUSR=DOB=20241225; SRCHHPGUSR=SRCHLANG=en; ak_bmsc=2A9335954D3F56E8581EF560E67280CB~000000000000000000000000000000~YAAQhsJkX5eApu2TAQAAQ+eN/RpUqnTT3y0DuOK4JGYnvggFsOXTypTxjSCS2H/QHcqS5/tt98eklF8q24NGXIrzGoufZex6A1fFaYI0HtCXNAmQuV1svccr7m0EXvJ3VvliO+T1k61J9zAUzKtvK2aFs+ul2wAp1uSxNBsiIbRqpqM21hvia0At3e0RLJ7oOrbVsPPZhWTy7+l4ng/bARBf2Hwh2Ap9CsYKoENVXG7Icivuznsh1z4QWy7x5jhQ5Twh6GJQWj3Cg93jzNv5+Rs3xceCOyquicxIYQLJl7UKGsyFt8bjgA/kFCSH4lUnNfL6QPoIcGDmvCsT7fakphMixxP8B6mS1w3OGaqmpzjdjZwbF8wiVNy9Hx2soDk=

Response

HTTP/1.1 200 OK

Last-Modified: Fri, 25 Oct 2024 10:39:22 GMT
ETag: 0x8DCF4E14A2CB43C
Akamai-GRN: 0.1e801002.1734460496.c7186
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
Content-Length: 111
Content-Type: text/css
Content-Encoding: br
Content-MD5: xgiw8ivDCmIp0g48v7d2TA==
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 56ea26f7-a01e-0035-4a37-2a44c5000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=93928
Expires: Thu, 26 Dec 2024 13:28:05 GMT
Date: Wed, 25 Dec 2024 11:22:37 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.90c2645f.1735125757.23dc5518
Timing-Allow-Origin: *
GET

https://r.bing.com/rp/g8RFvmgwpBLY15PHz6aDHrBdIok.br.css

msedge.exe

Remote address:

95.100.195.189:443

Request

GET /rp/g8RFvmgwpBLY15PHz6aDHrBdIok.br.css HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept: text/css,*/*;q=0.1
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: style
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=2338596C739167DE37764C0C725866D5; _EDGE_S=F=1&SID=1237EDD3F7EE629C1C5CF8B3F6276339; _EDGE_V=1; USRLOC=HS=1; _SS=PC=U531&SID=1237EDD3F7EE629C1C5CF8B3F6276339; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=2D3226E919DD4358A046111CD2C18B22&dmnchg=1; SRCHUSR=DOB=20241225; SRCHHPGUSR=SRCHLANG=en; ak_bmsc=2A9335954D3F56E8581EF560E67280CB~000000000000000000000000000000~YAAQhsJkX5eApu2TAQAAQ+eN/RpUqnTT3y0DuOK4JGYnvggFsOXTypTxjSCS2H/QHcqS5/tt98eklF8q24NGXIrzGoufZex6A1fFaYI0HtCXNAmQuV1svccr7m0EXvJ3VvliO+T1k61J9zAUzKtvK2aFs+ul2wAp1uSxNBsiIbRqpqM21hvia0At3e0RLJ7oOrbVsPPZhWTy7+l4ng/bARBf2Hwh2Ap9CsYKoENVXG7Icivuznsh1z4QWy7x5jhQ5Twh6GJQWj3Cg93jzNv5+Rs3xceCOyquicxIYQLJl7UKGsyFt8bjgA/kFCSH4lUnNfL6QPoIcGDmvCsT7fakphMixxP8B6mS1w3OGaqmpzjdjZwbF8wiVNy9Hx2soDk=

Response

HTTP/1.1 200 OK

Last-Modified: Tue, 24 Sep 2024 06:47:07 GMT
ETag: 0x8DCDC64B565CAD8
Akamai-GRN: 0.5f1a1202.1729611772.1d621dc5
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
Content-Length: 205
Content-Type: text/css
Content-Encoding: br
Content-MD5: 5E78SH0rHLWsc4ce7O3UkQ==
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: f3e88114-f01e-0040-3d37-16c37e000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=215626
Expires: Fri, 27 Dec 2024 23:16:23 GMT
Date: Wed, 25 Dec 2024 11:22:37 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.90c2645f.1735125757.23dc55e1
Timing-Allow-Origin: *
GET

https://r.bing.com/rb/3T/cc,nc/FtH7yWHWJjaF_w_8GhgR7aWXHVM.css?bu=AtkD-gM&or=w

msedge.exe

Remote address:

95.100.195.189:443

Request

GET /rb/3T/cc,nc/FtH7yWHWJjaF_w_8GhgR7aWXHVM.css?bu=AtkD-gM&or=w HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept: text/css,*/*;q=0.1
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: style
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=2338596C739167DE37764C0C725866D5; _EDGE_S=F=1&SID=1237EDD3F7EE629C1C5CF8B3F6276339; _EDGE_V=1; USRLOC=HS=1; _SS=PC=U531&SID=1237EDD3F7EE629C1C5CF8B3F6276339; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=2D3226E919DD4358A046111CD2C18B22&dmnchg=1; SRCHUSR=DOB=20241225; SRCHHPGUSR=SRCHLANG=en; ak_bmsc=2A9335954D3F56E8581EF560E67280CB~000000000000000000000000000000~YAAQhsJkX5eApu2TAQAAQ+eN/RpUqnTT3y0DuOK4JGYnvggFsOXTypTxjSCS2H/QHcqS5/tt98eklF8q24NGXIrzGoufZex6A1fFaYI0HtCXNAmQuV1svccr7m0EXvJ3VvliO+T1k61J9zAUzKtvK2aFs+ul2wAp1uSxNBsiIbRqpqM21hvia0At3e0RLJ7oOrbVsPPZhWTy7+l4ng/bARBf2Hwh2Ap9CsYKoENVXG7Icivuznsh1z4QWy7x5jhQ5Twh6GJQWj3Cg93jzNv5+Rs3xceCOyquicxIYQLJl7UKGsyFt8bjgA/kFCSH4lUnNfL6QPoIcGDmvCsT7fakphMixxP8B6mS1w3OGaqmpzjdjZwbF8wiVNy9Hx2soDk=

Response

HTTP/1.1 200 OK

Content-Length: 329
Content-Type: text/css; charset=utf-8
Server: Kestrel
Access-Control-Allow-Headers: *
Access-Control-Allow-Origin: *
Content-Encoding: br
Last-Modified: Tue, 26 Oct 2010 17:26:49 GMT
X-EventID: 675c1f0760204e459daa2b1523dd7e9d
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, ECT, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
UserAgentReductionOptOut: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
X-AS-InstrumentationOptions: AppServerLoggingMaster=1
X-AS-MACHINENAME: DUBEEAP0000E023
X-AS-SuppressSetCookie: 1
Content-Security-Policy: script-src https: 'strict-dynamic' 'report-sample' 'wasm-unsafe-eval' 'nonce-xmuqr+15Cezepby9Mim81zpik0RBhChFUBjMFPRGrkc='; base-uri 'self';report-to csp-endpoint
Report-To: {"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
Report-To: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingrms"}]}
cross-origin-resource-policy: cross-origin
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.75}
Cache-Control: public, max-age=174811
Expires: Fri, 27 Dec 2024 11:56:08 GMT
Date: Wed, 25 Dec 2024 11:22:37 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.90c2645f.1735125757.23dc56ae
Timing-Allow-Origin: *
GET

https://r.bing.com/rp/KC_nX2_tPPyFvVw1RK20Yu1FyDk.svg

msedge.exe

Remote address:

95.100.195.189:443

Request

GET /rp/KC_nX2_tPPyFvVw1RK20Yu1FyDk.svg HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=2338596C739167DE37764C0C725866D5; _EDGE_S=F=1&SID=1237EDD3F7EE629C1C5CF8B3F6276339; _EDGE_V=1; USRLOC=HS=1; _SS=PC=U531&SID=1237EDD3F7EE629C1C5CF8B3F6276339; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=2D3226E919DD4358A046111CD2C18B22&dmnchg=1; ak_bmsc=2A9335954D3F56E8581EF560E67280CB~000000000000000000000000000000~YAAQhsJkX5eApu2TAQAAQ+eN/RpUqnTT3y0DuOK4JGYnvggFsOXTypTxjSCS2H/QHcqS5/tt98eklF8q24NGXIrzGoufZex6A1fFaYI0HtCXNAmQuV1svccr7m0EXvJ3VvliO+T1k61J9zAUzKtvK2aFs+ul2wAp1uSxNBsiIbRqpqM21hvia0At3e0RLJ7oOrbVsPPZhWTy7+l4ng/bARBf2Hwh2Ap9CsYKoENVXG7Icivuznsh1z4QWy7x5jhQ5Twh6GJQWj3Cg93jzNv5+Rs3xceCOyquicxIYQLJl7UKGsyFt8bjgA/kFCSH4lUnNfL6QPoIcGDmvCsT7fakphMixxP8B6mS1w3OGaqmpzjdjZwbF8wiVNy9Hx2soDk=; SRCHUSR=DOB=20241225&T=1735125755000; _C_ETH=1; SRCHHPGUSR=SRCHLANG=en&HV=1735125759&DM=0&NTWKTYP=4g&BRW=M&BRH=S&CW=1280&CH=601&SCW=1263&SCH=1983&DPR=1.0&UTC=0&PV=10.0

Response

HTTP/1.1 200 OK

Last-Modified: Mon, 15 Aug 2022 17:39:27 GMT
ETag: 0x8DA7EE519EF54EF
Akamai-GRN: 0.19fd4817.1699775190.19e2dda6
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
Content-Length: 726
Content-Type: image/svg+xml
Content-MD5: ZgHkolq4RyA+EBWzJRSxbA==
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: d46b8e76-f01e-0020-517e-0a9bf6000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Akamai-GRN: 0.1efd4817.1701123842.3b4e7f5b
Cache-Control: public, no-transform, max-age=10668004
Expires: Sun, 27 Apr 2025 22:42:45 GMT
Date: Wed, 25 Dec 2024 11:22:41 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.90c2645f.1735125761.23dc576c
Timing-Allow-Origin: *
GET

https://r.bing.com/rp/ln5TQq6AIWfcBlduDk-5bnaJMpY.jpg

msedge.exe

Remote address:

95.100.195.189:443

Request

GET /rp/ln5TQq6AIWfcBlduDk-5bnaJMpY.jpg HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=2338596C739167DE37764C0C725866D5; _EDGE_S=F=1&SID=1237EDD3F7EE629C1C5CF8B3F6276339; _EDGE_V=1; USRLOC=HS=1; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=2D3226E919DD4358A046111CD2C18B22&dmnchg=1; ak_bmsc=2A9335954D3F56E8581EF560E67280CB~000000000000000000000000000000~YAAQhsJkX5eApu2TAQAAQ+eN/RpUqnTT3y0DuOK4JGYnvggFsOXTypTxjSCS2H/QHcqS5/tt98eklF8q24NGXIrzGoufZex6A1fFaYI0HtCXNAmQuV1svccr7m0EXvJ3VvliO+T1k61J9zAUzKtvK2aFs+ul2wAp1uSxNBsiIbRqpqM21hvia0At3e0RLJ7oOrbVsPPZhWTy7+l4ng/bARBf2Hwh2Ap9CsYKoENVXG7Icivuznsh1z4QWy7x5jhQ5Twh6GJQWj3Cg93jzNv5+Rs3xceCOyquicxIYQLJl7UKGsyFt8bjgA/kFCSH4lUnNfL6QPoIcGDmvCsT7fakphMixxP8B6mS1w3OGaqmpzjdjZwbF8wiVNy9Hx2soDk=; SRCHUSR=DOB=20241225&T=1735125755000; _C_ETH=1; SRCHHPGUSR=SRCHLANG=en&HV=1735125759&DM=0&NTWKTYP=4g&BRW=M&BRH=S&CW=1280&CH=601&SCW=1263&SCH=1983&DPR=1.0&UTC=0&PV=10.0; _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-12-25T08:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-12-25T11:22:41.1737217+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _Rwho=u=d&ts=2024-12-25; _SS=PC=U531&SID=1237EDD3F7EE629C1C5CF8B3F6276339&R=3&RB=0&GB=0&RG=200&RP=0

Response

HTTP/1.1 200 OK

Last-Modified: Tue, 24 Sep 2024 06:55:51 GMT
ETag: 0x8DCDC65ED9B19A0
Content-Length: 4409
Content-Type: image/jpeg
Content-MD5: qYoIvbmbhCLJ3J1v3ZOHww==
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 0123ab47-601e-0001-11da-15eb6d000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=381590
Expires: Sun, 29 Dec 2024 21:22:31 GMT
Date: Wed, 25 Dec 2024 11:22:41 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.90c2645f.1735125761.23dc6cb2
Timing-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rs/5W/2hb/cir3,cc,nc/1KKUBDl-P5UnnMr4CFdIc4245kE.css?or=w

msedge.exe

Remote address:

95.100.195.189:443

Request

GET /rs/5W/2hb/cir3,cc,nc/1KKUBDl-P5UnnMr4CFdIc4245kE.css?or=w HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept: text/css,*/*;q=0.1
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: style
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=2338596C739167DE37764C0C725866D5; _EDGE_S=F=1&SID=1237EDD3F7EE629C1C5CF8B3F6276339; _EDGE_V=1; USRLOC=HS=1; _SS=PC=U531&SID=1237EDD3F7EE629C1C5CF8B3F6276339; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=2D3226E919DD4358A046111CD2C18B22&dmnchg=1; SRCHUSR=DOB=20241225; SRCHHPGUSR=SRCHLANG=en; ak_bmsc=2A9335954D3F56E8581EF560E67280CB~000000000000000000000000000000~YAAQhsJkX5eApu2TAQAAQ+eN/RpUqnTT3y0DuOK4JGYnvggFsOXTypTxjSCS2H/QHcqS5/tt98eklF8q24NGXIrzGoufZex6A1fFaYI0HtCXNAmQuV1svccr7m0EXvJ3VvliO+T1k61J9zAUzKtvK2aFs+ul2wAp1uSxNBsiIbRqpqM21hvia0At3e0RLJ7oOrbVsPPZhWTy7+l4ng/bARBf2Hwh2Ap9CsYKoENVXG7Icivuznsh1z4QWy7x5jhQ5Twh6GJQWj3Cg93jzNv5+Rs3xceCOyquicxIYQLJl7UKGsyFt8bjgA/kFCSH4lUnNfL6QPoIcGDmvCsT7fakphMixxP8B6mS1w3OGaqmpzjdjZwbF8wiVNy9Hx2soDk=

Response

HTTP/1.1 200 OK

Content-Length: 222
Content-Type: text/css; charset=utf-8
Server: Kestrel
Access-Control-Allow-Headers: *
Access-Control-Allow-Origin: *
Content-Encoding: br
Last-Modified: Mon, 14 Oct 2024 12:31:01 GMT
X-EventID: 6763353cb1cb45dbaa94bb7138a8e9c9
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, ECT, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
UserAgentReductionOptOut: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
X-AS-InstrumentationOptions: AppServerLoggingMaster=1
X-AS-MACHINENAME: DUBEEAP0000E04B
X-AS-SuppressSetCookie: 1
Content-Security-Policy: script-src https: 'strict-dynamic' 'report-sample' 'wasm-unsafe-eval' 'nonce-9vQf0Nx8Sr+6x+u6EY8vpD1+d6Fr6UvKRxAkTOOoZ/0='; base-uri 'self';report-to csp-endpoint
Report-To: {"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
Report-To: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingrms"}]}
cross-origin-resource-policy: cross-origin
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.75}
Cache-Control: public, max-age=222129
Expires: Sat, 28 Dec 2024 01:04:45 GMT
Date: Wed, 25 Dec 2024 11:22:36 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.92c2645f.1735125756.15aeea7d
Timing-Allow-Origin: *
GET

https://r.bing.com/rp/HnTisSbDqDcynvZ6icoKs1zYGQE.br.css

msedge.exe

Remote address:

95.100.195.189:443

Request

GET /rp/HnTisSbDqDcynvZ6icoKs1zYGQE.br.css HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept: text/css,*/*;q=0.1
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: style
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=2338596C739167DE37764C0C725866D5; _EDGE_S=F=1&SID=1237EDD3F7EE629C1C5CF8B3F6276339; _EDGE_V=1; USRLOC=HS=1; _SS=PC=U531&SID=1237EDD3F7EE629C1C5CF8B3F6276339; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=2D3226E919DD4358A046111CD2C18B22&dmnchg=1; SRCHUSR=DOB=20241225; SRCHHPGUSR=SRCHLANG=en; ak_bmsc=2A9335954D3F56E8581EF560E67280CB~000000000000000000000000000000~YAAQhsJkX5eApu2TAQAAQ+eN/RpUqnTT3y0DuOK4JGYnvggFsOXTypTxjSCS2H/QHcqS5/tt98eklF8q24NGXIrzGoufZex6A1fFaYI0HtCXNAmQuV1svccr7m0EXvJ3VvliO+T1k61J9zAUzKtvK2aFs+ul2wAp1uSxNBsiIbRqpqM21hvia0At3e0RLJ7oOrbVsPPZhWTy7+l4ng/bARBf2Hwh2Ap9CsYKoENVXG7Icivuznsh1z4QWy7x5jhQ5Twh6GJQWj3Cg93jzNv5+Rs3xceCOyquicxIYQLJl7UKGsyFt8bjgA/kFCSH4lUnNfL6QPoIcGDmvCsT7fakphMixxP8B6mS1w3OGaqmpzjdjZwbF8wiVNy9Hx2soDk=

Response

HTTP/1.1 200 OK

Last-Modified: Tue, 24 Sep 2024 06:08:19 GMT
ETag: 0x8DCDC5F49AF3FAD
Content-Length: 307
Content-Type: text/css
Content-Encoding: br
Content-MD5: l0w0ONIpmvXe4cEuyYB9Bw==
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 8a2e26f8-f01e-0040-02a3-14c37e000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Akamai-GRN: 0.b1777b5c.1730133384.34a557
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
Cache-Control: public, no-transform, max-age=159776
Expires: Fri, 27 Dec 2024 07:45:32 GMT
Date: Wed, 25 Dec 2024 11:22:36 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.92c2645f.1735125756.15aeea85
Timing-Allow-Origin: *
GET

https://r.bing.com/rp/aWcvNmbBScgv7y8smTMInr1pX1k.br.css

msedge.exe

Remote address:

95.100.195.189:443

Request

GET /rp/aWcvNmbBScgv7y8smTMInr1pX1k.br.css HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept: text/css,*/*;q=0.1
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: style
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=2338596C739167DE37764C0C725866D5; _EDGE_S=F=1&SID=1237EDD3F7EE629C1C5CF8B3F6276339; _EDGE_V=1; USRLOC=HS=1; _SS=PC=U531&SID=1237EDD3F7EE629C1C5CF8B3F6276339; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=2D3226E919DD4358A046111CD2C18B22&dmnchg=1; SRCHUSR=DOB=20241225; SRCHHPGUSR=SRCHLANG=en; ak_bmsc=2A9335954D3F56E8581EF560E67280CB~000000000000000000000000000000~YAAQhsJkX5eApu2TAQAAQ+eN/RpUqnTT3y0DuOK4JGYnvggFsOXTypTxjSCS2H/QHcqS5/tt98eklF8q24NGXIrzGoufZex6A1fFaYI0HtCXNAmQuV1svccr7m0EXvJ3VvliO+T1k61J9zAUzKtvK2aFs+ul2wAp1uSxNBsiIbRqpqM21hvia0At3e0RLJ7oOrbVsPPZhWTy7+l4ng/bARBf2Hwh2Ap9CsYKoENVXG7Icivuznsh1z4QWy7x5jhQ5Twh6GJQWj3Cg93jzNv5+Rs3xceCOyquicxIYQLJl7UKGsyFt8bjgA/kFCSH4lUnNfL6QPoIcGDmvCsT7fakphMixxP8B6mS1w3OGaqmpzjdjZwbF8wiVNy9Hx2soDk=

Response

HTTP/1.1 200 OK

Last-Modified: Tue, 24 Sep 2024 06:38:56 GMT
ETag: 0x8DCDC6390B25552
Content-Length: 130
Content-Type: text/css
Content-Encoding: br
Content-MD5: YqLg9Gw2SyH7L3KrK9BPvA==
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 17b02206-f01e-0026-0dd1-147124000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=82208
Expires: Thu, 26 Dec 2024 10:12:44 GMT
Date: Wed, 25 Dec 2024 11:22:36 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.92c2645f.1735125756.15aeeb73
Timing-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/iex9xOQQZy9eCAA55osfedgdfHY.br.css

msedge.exe

Remote address:

95.100.195.189:443

Request

GET /rp/iex9xOQQZy9eCAA55osfedgdfHY.br.css HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept: text/css,*/*;q=0.1
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: style
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=2338596C739167DE37764C0C725866D5; _EDGE_S=F=1&SID=1237EDD3F7EE629C1C5CF8B3F6276339; _EDGE_V=1; USRLOC=HS=1; _SS=PC=U531&SID=1237EDD3F7EE629C1C5CF8B3F6276339; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=2D3226E919DD4358A046111CD2C18B22&dmnchg=1; SRCHUSR=DOB=20241225; SRCHHPGUSR=SRCHLANG=en; ak_bmsc=2A9335954D3F56E8581EF560E67280CB~000000000000000000000000000000~YAAQhsJkX5eApu2TAQAAQ+eN/RpUqnTT3y0DuOK4JGYnvggFsOXTypTxjSCS2H/QHcqS5/tt98eklF8q24NGXIrzGoufZex6A1fFaYI0HtCXNAmQuV1svccr7m0EXvJ3VvliO+T1k61J9zAUzKtvK2aFs+ul2wAp1uSxNBsiIbRqpqM21hvia0At3e0RLJ7oOrbVsPPZhWTy7+l4ng/bARBf2Hwh2Ap9CsYKoENVXG7Icivuznsh1z4QWy7x5jhQ5Twh6GJQWj3Cg93jzNv5+Rs3xceCOyquicxIYQLJl7UKGsyFt8bjgA/kFCSH4lUnNfL6QPoIcGDmvCsT7fakphMixxP8B6mS1w3OGaqmpzjdjZwbF8wiVNy9Hx2soDk=

Response

HTTP/1.1 200 OK

Last-Modified: Tue, 24 Sep 2024 06:50:43 GMT
ETag: 0x8DCDC6535DE7062
Content-Length: 77
Content-Type: text/css
Content-Encoding: br
Content-MD5: ZjeMbtroVEFDSsesgTeJcQ==
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: d2f9b7d0-a01e-0058-15c9-14eeeb000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Akamai-GRN: 0.92777b5c.1730132902.117bdf67
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
Cache-Control: public, no-transform, max-age=370730
Expires: Sun, 29 Dec 2024 18:21:26 GMT
Date: Wed, 25 Dec 2024 11:22:36 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.92c2645f.1735125756.15aeec37
Timing-Allow-Origin: *
GET

https://r.bing.com/rb/5U/cc,nc/x0UaV4rAXPOr7W3kHPDIjM0y2-0.css?bu=BG7KGMcYvRg&or=w

msedge.exe

Remote address:

95.100.195.189:443

Request

GET /rb/5U/cc,nc/x0UaV4rAXPOr7W3kHPDIjM0y2-0.css?bu=BG7KGMcYvRg&or=w HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept: text/css,*/*;q=0.1
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: style
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=2338596C739167DE37764C0C725866D5; _EDGE_S=F=1&SID=1237EDD3F7EE629C1C5CF8B3F6276339; _EDGE_V=1; USRLOC=HS=1; _SS=PC=U531&SID=1237EDD3F7EE629C1C5CF8B3F6276339; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=2D3226E919DD4358A046111CD2C18B22&dmnchg=1; SRCHUSR=DOB=20241225; SRCHHPGUSR=SRCHLANG=en; ak_bmsc=2A9335954D3F56E8581EF560E67280CB~000000000000000000000000000000~YAAQhsJkX5eApu2TAQAAQ+eN/RpUqnTT3y0DuOK4JGYnvggFsOXTypTxjSCS2H/QHcqS5/tt98eklF8q24NGXIrzGoufZex6A1fFaYI0HtCXNAmQuV1svccr7m0EXvJ3VvliO+T1k61J9zAUzKtvK2aFs+ul2wAp1uSxNBsiIbRqpqM21hvia0At3e0RLJ7oOrbVsPPZhWTy7+l4ng/bARBf2Hwh2Ap9CsYKoENVXG7Icivuznsh1z4QWy7x5jhQ5Twh6GJQWj3Cg93jzNv5+Rs3xceCOyquicxIYQLJl7UKGsyFt8bjgA/kFCSH4lUnNfL6QPoIcGDmvCsT7fakphMixxP8B6mS1w3OGaqmpzjdjZwbF8wiVNy9Hx2soDk=

Response

HTTP/1.1 200 OK

Content-Length: 198
Content-Type: text/css; charset=utf-8
Server: Kestrel
Access-Control-Allow-Headers: *
Access-Control-Allow-Origin: *
Content-Encoding: br
Last-Modified: Sat, 02 Oct 2010 09:51:22 GMT
X-EventID: 675d9eb39d064a0b89a6a6891b756bea
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, ECT, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
UserAgentReductionOptOut: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
X-AS-InstrumentationOptions: AppServerLoggingMaster=1
X-AS-MACHINENAME: DUBEEAP0001061F
X-AS-SuppressSetCookie: 1
Content-Security-Policy-Report-Only: script-src https: 'strict-dynamic' 'report-sample' 'wasm-unsafe-eval' 'nonce-fM7lj3/Z8RD8slgOB7ahfE1w218B93DpXpErEhJz0NM='; base-uri 'self';report-to csp-endpoint
Report-To: {"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
Report-To: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingrms"}]}
cross-origin-resource-policy: cross-origin
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.75}
Cache-Control: public, max-age=47603
Expires: Thu, 26 Dec 2024 00:35:59 GMT
Date: Wed, 25 Dec 2024 11:22:36 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.92c2645f.1735125756.15aeed1c
Timing-Allow-Origin: *
GET

https://r.bing.com/rp/oovQ50wVYon598L2kxn0rbVAI0k.br.css

msedge.exe

Remote address:

95.100.195.189:443

Request

GET /rp/oovQ50wVYon598L2kxn0rbVAI0k.br.css HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept: text/css,*/*;q=0.1
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: style
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=2338596C739167DE37764C0C725866D5; _EDGE_S=F=1&SID=1237EDD3F7EE629C1C5CF8B3F6276339; _EDGE_V=1; USRLOC=HS=1; _SS=PC=U531&SID=1237EDD3F7EE629C1C5CF8B3F6276339; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=2D3226E919DD4358A046111CD2C18B22&dmnchg=1; SRCHUSR=DOB=20241225; SRCHHPGUSR=SRCHLANG=en; ak_bmsc=2A9335954D3F56E8581EF560E67280CB~000000000000000000000000000000~YAAQhsJkX5eApu2TAQAAQ+eN/RpUqnTT3y0DuOK4JGYnvggFsOXTypTxjSCS2H/QHcqS5/tt98eklF8q24NGXIrzGoufZex6A1fFaYI0HtCXNAmQuV1svccr7m0EXvJ3VvliO+T1k61J9zAUzKtvK2aFs+ul2wAp1uSxNBsiIbRqpqM21hvia0At3e0RLJ7oOrbVsPPZhWTy7+l4ng/bARBf2Hwh2Ap9CsYKoENVXG7Icivuznsh1z4QWy7x5jhQ5Twh6GJQWj3Cg93jzNv5+Rs3xceCOyquicxIYQLJl7UKGsyFt8bjgA/kFCSH4lUnNfL6QPoIcGDmvCsT7fakphMixxP8B6mS1w3OGaqmpzjdjZwbF8wiVNy9Hx2soDk=

Response

HTTP/1.1 200 OK

Last-Modified: Tue, 24 Sep 2024 07:00:25 GMT
ETag: 0x8DCDC66911794FA
Content-Length: 83
Content-Type: text/css
Content-Encoding: br
Content-MD5: 9zayuMRBIdRggpOy0DlNzQ==
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 925f6c17-301e-0019-6f5d-16c6f8000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Akamai-GRN: 0.4d221002.1729859454.7a6578
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
Cache-Control: public, no-transform, max-age=85938
Expires: Thu, 26 Dec 2024 11:14:54 GMT
Date: Wed, 25 Dec 2024 11:22:36 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.92c2645f.1735125756.15aeedf1
Timing-Allow-Origin: *
GET

https://r.bing.com/rp/o7Kb4BJdgw-aDzsVZChYKHGUa6w.br.css

msedge.exe

Remote address:

95.100.195.189:443

Request

GET /rp/o7Kb4BJdgw-aDzsVZChYKHGUa6w.br.css HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept: text/css,*/*;q=0.1
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: style
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=2338596C739167DE37764C0C725866D5; _EDGE_S=F=1&SID=1237EDD3F7EE629C1C5CF8B3F6276339; _EDGE_V=1; USRLOC=HS=1; _SS=PC=U531&SID=1237EDD3F7EE629C1C5CF8B3F6276339; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=2D3226E919DD4358A046111CD2C18B22&dmnchg=1; SRCHUSR=DOB=20241225; SRCHHPGUSR=SRCHLANG=en; ak_bmsc=2A9335954D3F56E8581EF560E67280CB~000000000000000000000000000000~YAAQhsJkX5eApu2TAQAAQ+eN/RpUqnTT3y0DuOK4JGYnvggFsOXTypTxjSCS2H/QHcqS5/tt98eklF8q24NGXIrzGoufZex6A1fFaYI0HtCXNAmQuV1svccr7m0EXvJ3VvliO+T1k61J9zAUzKtvK2aFs+ul2wAp1uSxNBsiIbRqpqM21hvia0At3e0RLJ7oOrbVsPPZhWTy7+l4ng/bARBf2Hwh2Ap9CsYKoENVXG7Icivuznsh1z4QWy7x5jhQ5Twh6GJQWj3Cg93jzNv5+Rs3xceCOyquicxIYQLJl7UKGsyFt8bjgA/kFCSH4lUnNfL6QPoIcGDmvCsT7fakphMixxP8B6mS1w3OGaqmpzjdjZwbF8wiVNy9Hx2soDk=

Response

HTTP/1.1 200 OK

Last-Modified: Fri, 13 Dec 2024 10:26:12 GMT
ETag: 0x8DD1B609173AE96
Akamai-GRN: 0.4c1a1202.1734798209.ace41b72
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
Content-Length: 1103
Content-Type: text/css
Content-Encoding: br
Content-MD5: IFxfgYdcl8MvwPMAiSuPDg==
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 52dfa5f9-801e-0066-2125-4f58ca000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=92014
Expires: Thu, 26 Dec 2024 12:56:11 GMT
Date: Wed, 25 Dec 2024 11:22:37 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.92c2645f.1735125757.15aeeec2
Timing-Allow-Origin: *
GET

https://r.bing.com/rp/yj7m_FD5mF9gOu3E6yQ461205q0.br.css

msedge.exe

Remote address:

95.100.195.189:443

Request

GET /rp/yj7m_FD5mF9gOu3E6yQ461205q0.br.css HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept: text/css,*/*;q=0.1
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: style
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=2338596C739167DE37764C0C725866D5; _EDGE_S=F=1&SID=1237EDD3F7EE629C1C5CF8B3F6276339; _EDGE_V=1; USRLOC=HS=1; _SS=PC=U531&SID=1237EDD3F7EE629C1C5CF8B3F6276339; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=2D3226E919DD4358A046111CD2C18B22&dmnchg=1; SRCHUSR=DOB=20241225; SRCHHPGUSR=SRCHLANG=en; ak_bmsc=2A9335954D3F56E8581EF560E67280CB~000000000000000000000000000000~YAAQhsJkX5eApu2TAQAAQ+eN/RpUqnTT3y0DuOK4JGYnvggFsOXTypTxjSCS2H/QHcqS5/tt98eklF8q24NGXIrzGoufZex6A1fFaYI0HtCXNAmQuV1svccr7m0EXvJ3VvliO+T1k61J9zAUzKtvK2aFs+ul2wAp1uSxNBsiIbRqpqM21hvia0At3e0RLJ7oOrbVsPPZhWTy7+l4ng/bARBf2Hwh2Ap9CsYKoENVXG7Icivuznsh1z4QWy7x5jhQ5Twh6GJQWj3Cg93jzNv5+Rs3xceCOyquicxIYQLJl7UKGsyFt8bjgA/kFCSH4lUnNfL6QPoIcGDmvCsT7fakphMixxP8B6mS1w3OGaqmpzjdjZwbF8wiVNy9Hx2soDk=

Response

HTTP/1.1 200 OK

Last-Modified: Tue, 24 Sep 2024 07:15:21 GMT
ETag: 0x8DCDC68A6D7FC77
Content-Length: 56
Content-Type: text/css
Content-Encoding: br
Content-MD5: uhNHYqm/wpV/CrZXUrkD0A==
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 17131811-801e-0066-7b8c-1858ca000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=99233
Expires: Thu, 26 Dec 2024 14:56:30 GMT
Date: Wed, 25 Dec 2024 11:22:37 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.92c2645f.1735125757.15aeefad
Timing-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/yZcwTXaWRuhQ7asFXZKcGicQJM4.br.css

msedge.exe

Remote address:

95.100.195.189:443

Request

GET /rp/yZcwTXaWRuhQ7asFXZKcGicQJM4.br.css HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept: text/css,*/*;q=0.1
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: style
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=2338596C739167DE37764C0C725866D5; _EDGE_S=F=1&SID=1237EDD3F7EE629C1C5CF8B3F6276339; _EDGE_V=1; USRLOC=HS=1; _SS=PC=U531&SID=1237EDD3F7EE629C1C5CF8B3F6276339; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=2D3226E919DD4358A046111CD2C18B22&dmnchg=1; SRCHUSR=DOB=20241225; SRCHHPGUSR=SRCHLANG=en; ak_bmsc=2A9335954D3F56E8581EF560E67280CB~000000000000000000000000000000~YAAQhsJkX5eApu2TAQAAQ+eN/RpUqnTT3y0DuOK4JGYnvggFsOXTypTxjSCS2H/QHcqS5/tt98eklF8q24NGXIrzGoufZex6A1fFaYI0HtCXNAmQuV1svccr7m0EXvJ3VvliO+T1k61J9zAUzKtvK2aFs+ul2wAp1uSxNBsiIbRqpqM21hvia0At3e0RLJ7oOrbVsPPZhWTy7+l4ng/bARBf2Hwh2Ap9CsYKoENVXG7Icivuznsh1z4QWy7x5jhQ5Twh6GJQWj3Cg93jzNv5+Rs3xceCOyquicxIYQLJl7UKGsyFt8bjgA/kFCSH4lUnNfL6QPoIcGDmvCsT7fakphMixxP8B6mS1w3OGaqmpzjdjZwbF8wiVNy9Hx2soDk=

Response

HTTP/1.1 200 OK

Last-Modified: Tue, 24 Sep 2024 07:15:26 GMT
ETag: 0x8DCDC68AA2A2DD2
Content-Length: 474
Content-Type: text/css
Content-Encoding: br
Content-MD5: 49OegtL5NW3HjQuBwAjunA==
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 9b05adad-401e-001d-60b0-14337a000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Akamai-GRN: 0.521a1202.1733423769.6e1cd74e
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
Cache-Control: public, no-transform, max-age=289012
Expires: Sat, 28 Dec 2024 19:39:29 GMT
Date: Wed, 25 Dec 2024 11:22:37 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.92c2645f.1735125757.15aef097
Timing-Allow-Origin: *
GET

https://r.bing.com/rp/HK3JWgw7vGok-S1ZNIRi81ouk9s.br.css

msedge.exe

Remote address:

95.100.195.189:443

Request

GET /rp/HK3JWgw7vGok-S1ZNIRi81ouk9s.br.css HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept: text/css,*/*;q=0.1
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: style
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=2338596C739167DE37764C0C725866D5; _EDGE_S=F=1&SID=1237EDD3F7EE629C1C5CF8B3F6276339; _EDGE_V=1; USRLOC=HS=1; _SS=PC=U531&SID=1237EDD3F7EE629C1C5CF8B3F6276339; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=2D3226E919DD4358A046111CD2C18B22&dmnchg=1; SRCHUSR=DOB=20241225; SRCHHPGUSR=SRCHLANG=en; ak_bmsc=2A9335954D3F56E8581EF560E67280CB~000000000000000000000000000000~YAAQhsJkX5eApu2TAQAAQ+eN/RpUqnTT3y0DuOK4JGYnvggFsOXTypTxjSCS2H/QHcqS5/tt98eklF8q24NGXIrzGoufZex6A1fFaYI0HtCXNAmQuV1svccr7m0EXvJ3VvliO+T1k61J9zAUzKtvK2aFs+ul2wAp1uSxNBsiIbRqpqM21hvia0At3e0RLJ7oOrbVsPPZhWTy7+l4ng/bARBf2Hwh2Ap9CsYKoENVXG7Icivuznsh1z4QWy7x5jhQ5Twh6GJQWj3Cg93jzNv5+Rs3xceCOyquicxIYQLJl7UKGsyFt8bjgA/kFCSH4lUnNfL6QPoIcGDmvCsT7fakphMixxP8B6mS1w3OGaqmpzjdjZwbF8wiVNy9Hx2soDk=

Response

HTTP/1.1 200 OK

Last-Modified: Tue, 24 Sep 2024 06:07:33 GMT
ETag: 0x8DCDC5F2DEE0BBF
Akamai-GRN: 0.86777b5c.1730285897.6831a9c
Content-Length: 43
Content-Type: text/css
Content-Encoding: br
Content-MD5: 4oH5ypplzwsNhI0bnzB/6g==
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: d0ddf3b4-701e-0078-7c90-188227000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
Cache-Control: public, no-transform, max-age=348222
Expires: Sun, 29 Dec 2024 12:06:19 GMT
Date: Wed, 25 Dec 2024 11:22:37 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.92c2645f.1735125757.15aef187
Timing-Allow-Origin: *
GET

https://r.bing.com/rp/B6jGHby7hXuEC7enS8xiNSUwqXw.png

msedge.exe

Remote address:

95.100.195.189:443

Request

GET /rp/B6jGHby7hXuEC7enS8xiNSUwqXw.png HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://r.bing.com/rp/icNDaHbrcaIFIZRVzDw7Mn4j_ws.br.css
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=2338596C739167DE37764C0C725866D5; _EDGE_S=F=1&SID=1237EDD3F7EE629C1C5CF8B3F6276339; _EDGE_V=1; USRLOC=HS=1; _SS=PC=U531&SID=1237EDD3F7EE629C1C5CF8B3F6276339; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=2D3226E919DD4358A046111CD2C18B22&dmnchg=1; SRCHUSR=DOB=20241225; SRCHHPGUSR=SRCHLANG=en; ak_bmsc=2A9335954D3F56E8581EF560E67280CB~000000000000000000000000000000~YAAQhsJkX5eApu2TAQAAQ+eN/RpUqnTT3y0DuOK4JGYnvggFsOXTypTxjSCS2H/QHcqS5/tt98eklF8q24NGXIrzGoufZex6A1fFaYI0HtCXNAmQuV1svccr7m0EXvJ3VvliO+T1k61J9zAUzKtvK2aFs+ul2wAp1uSxNBsiIbRqpqM21hvia0At3e0RLJ7oOrbVsPPZhWTy7+l4ng/bARBf2Hwh2Ap9CsYKoENVXG7Icivuznsh1z4QWy7x5jhQ5Twh6GJQWj3Cg93jzNv5+Rs3xceCOyquicxIYQLJl7UKGsyFt8bjgA/kFCSH4lUnNfL6QPoIcGDmvCsT7fakphMixxP8B6mS1w3OGaqmpzjdjZwbF8wiVNy9Hx2soDk=

Response

HTTP/1.1 200 OK

Last-Modified: Tue, 24 Sep 2024 05:57:20 GMT
ETag: 0x8DCDC5DC0B634E9
Akamai-GRN: 0.521a1202.1735118367.34ec60d3
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
Content-Length: 10060
Content-Type: image/png
Content-MD5: NyL0K09FbOsKFVWkE+stgw==
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 8d818a43-101e-004a-1cc7-15daf7000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=74133
Expires: Thu, 26 Dec 2024 07:58:10 GMT
Date: Wed, 25 Dec 2024 11:22:37 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.92c2645f.1735125757.15aef252
Timing-Allow-Origin: *
GET

https://r.bing.com/rp/qUkJ_atyBXdNaz_6J1Oh4klqCUg.br.css

msedge.exe

Remote address:

95.100.195.189:443

Request

GET /rp/qUkJ_atyBXdNaz_6J1Oh4klqCUg.br.css HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept: text/css,*/*;q=0.1
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: style
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=2338596C739167DE37764C0C725866D5; _EDGE_S=F=1&SID=1237EDD3F7EE629C1C5CF8B3F6276339; _EDGE_V=1; USRLOC=HS=1; _SS=PC=U531&SID=1237EDD3F7EE629C1C5CF8B3F6276339; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=2D3226E919DD4358A046111CD2C18B22&dmnchg=1; ak_bmsc=2A9335954D3F56E8581EF560E67280CB~000000000000000000000000000000~YAAQhsJkX5eApu2TAQAAQ+eN/RpUqnTT3y0DuOK4JGYnvggFsOXTypTxjSCS2H/QHcqS5/tt98eklF8q24NGXIrzGoufZex6A1fFaYI0HtCXNAmQuV1svccr7m0EXvJ3VvliO+T1k61J9zAUzKtvK2aFs+ul2wAp1uSxNBsiIbRqpqM21hvia0At3e0RLJ7oOrbVsPPZhWTy7+l4ng/bARBf2Hwh2Ap9CsYKoENVXG7Icivuznsh1z4QWy7x5jhQ5Twh6GJQWj3Cg93jzNv5+Rs3xceCOyquicxIYQLJl7UKGsyFt8bjgA/kFCSH4lUnNfL6QPoIcGDmvCsT7fakphMixxP8B6mS1w3OGaqmpzjdjZwbF8wiVNy9Hx2soDk=; SRCHUSR=DOB=20241225&T=1735125755000; SRCHHPGUSR=SRCHLANG=en&HV=1735125756&DM=0&NTWKTYP=4g&BRW=M&BRH=S&CW=1280&CH=601&SCW=1263&SCH=1983&DPR=1.0&UTC=0&PV=10.0&EXLTT=1

Response

HTTP/1.1 200 OK

Last-Modified: Tue, 24 Sep 2024 07:02:31 GMT
ETag: 0x8DCDC66DBAEA8AD
Akamai-GRN: 0.6e6e5668.1730486191.1262293c
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
Content-Length: 494
Content-Type: text/css
Content-Encoding: br
Content-MD5: akd5JhjAlAHd35fc1IOClg==
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 5ce5b4b1-a01e-0058-3d9b-15eeeb000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=427092
Expires: Mon, 30 Dec 2024 10:00:52 GMT
Date: Wed, 25 Dec 2024 11:22:40 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.92c2645f.1735125760.15aef314
Timing-Allow-Origin: *
GET

https://r.bing.com/rp/vDjLjnEkXEuH2C8u3tT0A004qwQ.br.css

msedge.exe

Remote address:

95.100.195.189:443

Request

GET /rp/vDjLjnEkXEuH2C8u3tT0A004qwQ.br.css HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept: text/css,*/*;q=0.1
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: style
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=2338596C739167DE37764C0C725866D5; _EDGE_S=F=1&SID=1237EDD3F7EE629C1C5CF8B3F6276339; _EDGE_V=1; USRLOC=HS=1; _SS=PC=U531&SID=1237EDD3F7EE629C1C5CF8B3F6276339; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=2D3226E919DD4358A046111CD2C18B22&dmnchg=1; ak_bmsc=2A9335954D3F56E8581EF560E67280CB~000000000000000000000000000000~YAAQhsJkX5eApu2TAQAAQ+eN/RpUqnTT3y0DuOK4JGYnvggFsOXTypTxjSCS2H/QHcqS5/tt98eklF8q24NGXIrzGoufZex6A1fFaYI0HtCXNAmQuV1svccr7m0EXvJ3VvliO+T1k61J9zAUzKtvK2aFs+ul2wAp1uSxNBsiIbRqpqM21hvia0At3e0RLJ7oOrbVsPPZhWTy7+l4ng/bARBf2Hwh2Ap9CsYKoENVXG7Icivuznsh1z4QWy7x5jhQ5Twh6GJQWj3Cg93jzNv5+Rs3xceCOyquicxIYQLJl7UKGsyFt8bjgA/kFCSH4lUnNfL6QPoIcGDmvCsT7fakphMixxP8B6mS1w3OGaqmpzjdjZwbF8wiVNy9Hx2soDk=; SRCHUSR=DOB=20241225&T=1735125755000; _C_ETH=1; SRCHHPGUSR=SRCHLANG=en&HV=1735125759&DM=0&NTWKTYP=4g&BRW=M&BRH=S&CW=1280&CH=601&SCW=1263&SCH=1983&DPR=1.0&UTC=0&PV=10.0

Response

HTTP/1.1 200 OK

Last-Modified: Tue, 24 Sep 2024 07:10:08 GMT
ETag: 0x8DCDC67EC841DCF
Content-Length: 1343
Content-Type: text/css
Content-Encoding: br
Content-MD5: DnViWNsgH/Vlo3SrH5gEzg==
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 7c50ab11-801e-0022-276d-1684a6000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=45815
Expires: Thu, 26 Dec 2024 00:06:15 GMT
Date: Wed, 25 Dec 2024 11:22:40 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.92c2645f.1735125760.15af0579
Timing-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/Fsa_OI0AplCnVoXGca8ALOo0S0s.svg

msedge.exe

Remote address:

95.100.195.189:443

Request

GET /rp/Fsa_OI0AplCnVoXGca8ALOo0S0s.svg HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=2338596C739167DE37764C0C725866D5; _EDGE_S=F=1&SID=1237EDD3F7EE629C1C5CF8B3F6276339; _EDGE_V=1; USRLOC=HS=1; _SS=PC=U531&SID=1237EDD3F7EE629C1C5CF8B3F6276339; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=2D3226E919DD4358A046111CD2C18B22&dmnchg=1; ak_bmsc=2A9335954D3F56E8581EF560E67280CB~000000000000000000000000000000~YAAQhsJkX5eApu2TAQAAQ+eN/RpUqnTT3y0DuOK4JGYnvggFsOXTypTxjSCS2H/QHcqS5/tt98eklF8q24NGXIrzGoufZex6A1fFaYI0HtCXNAmQuV1svccr7m0EXvJ3VvliO+T1k61J9zAUzKtvK2aFs+ul2wAp1uSxNBsiIbRqpqM21hvia0At3e0RLJ7oOrbVsPPZhWTy7+l4ng/bARBf2Hwh2Ap9CsYKoENVXG7Icivuznsh1z4QWy7x5jhQ5Twh6GJQWj3Cg93jzNv5+Rs3xceCOyquicxIYQLJl7UKGsyFt8bjgA/kFCSH4lUnNfL6QPoIcGDmvCsT7fakphMixxP8B6mS1w3OGaqmpzjdjZwbF8wiVNy9Hx2soDk=; SRCHUSR=DOB=20241225&T=1735125755000; _C_ETH=1; SRCHHPGUSR=SRCHLANG=en&HV=1735125759&DM=0&NTWKTYP=4g&BRW=M&BRH=S&CW=1280&CH=601&SCW=1263&SCH=1983&DPR=1.0&UTC=0&PV=10.0

Response

HTTP/1.1 200 OK

Last-Modified: Tue, 24 Sep 2024 06:05:25 GMT
ETag: 0x8DCDC5EE1BFCC0A
Content-Length: 282
Content-Type: image/svg+xml
Content-MD5: 44eVtjQVTsH/Qca82lTuUg==
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: cb169ceb-101e-0063-419b-15acb5000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=116313
Expires: Thu, 26 Dec 2024 19:41:14 GMT
Date: Wed, 25 Dec 2024 11:22:41 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.92c2645f.1735125761.15af06a8
Timing-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/95z5wMy4UcfbSSSlSw780vQ5jKA.jpg

msedge.exe

Remote address:

95.100.195.189:443

Request

GET /rp/95z5wMy4UcfbSSSlSw780vQ5jKA.jpg HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=2338596C739167DE37764C0C725866D5; _EDGE_S=F=1&SID=1237EDD3F7EE629C1C5CF8B3F6276339; _EDGE_V=1; USRLOC=HS=1; _SS=PC=U531&SID=1237EDD3F7EE629C1C5CF8B3F6276339; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=2D3226E919DD4358A046111CD2C18B22&dmnchg=1; ak_bmsc=2A9335954D3F56E8581EF560E67280CB~000000000000000000000000000000~YAAQhsJkX5eApu2TAQAAQ+eN/RpUqnTT3y0DuOK4JGYnvggFsOXTypTxjSCS2H/QHcqS5/tt98eklF8q24NGXIrzGoufZex6A1fFaYI0HtCXNAmQuV1svccr7m0EXvJ3VvliO+T1k61J9zAUzKtvK2aFs+ul2wAp1uSxNBsiIbRqpqM21hvia0At3e0RLJ7oOrbVsPPZhWTy7+l4ng/bARBf2Hwh2Ap9CsYKoENVXG7Icivuznsh1z4QWy7x5jhQ5Twh6GJQWj3Cg93jzNv5+Rs3xceCOyquicxIYQLJl7UKGsyFt8bjgA/kFCSH4lUnNfL6QPoIcGDmvCsT7fakphMixxP8B6mS1w3OGaqmpzjdjZwbF8wiVNy9Hx2soDk=; SRCHUSR=DOB=20241225&T=1735125755000; _C_ETH=1; SRCHHPGUSR=SRCHLANG=en&HV=1735125759&DM=0&NTWKTYP=4g&BRW=M&BRH=S&CW=1280&CH=601&SCW=1263&SCH=1983&DPR=1.0&UTC=0&PV=10.0

Response

HTTP/1.1 200 OK

Last-Modified: Tue, 24 Sep 2024 05:54:04 GMT
ETag: 0x8DCDC5D4C424AE8
Content-Length: 5387
Content-Type: image/jpeg
Content-MD5: adFid0+JT/i5IDMON2t6Yg==
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 233d1204-101e-0068-1d1a-16b4c1000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=237132
Expires: Sat, 28 Dec 2024 05:14:53 GMT
Date: Wed, 25 Dec 2024 11:22:41 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.92c2645f.1735125761.15af081b
Timing-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/ni3MyKKVu9pK0SgY6gb6Z2NOGpg.jpg

msedge.exe

Remote address:

95.100.195.189:443

Request

GET /rp/ni3MyKKVu9pK0SgY6gb6Z2NOGpg.jpg HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=2338596C739167DE37764C0C725866D5; _EDGE_S=F=1&SID=1237EDD3F7EE629C1C5CF8B3F6276339; _EDGE_V=1; USRLOC=HS=1; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=2D3226E919DD4358A046111CD2C18B22&dmnchg=1; ak_bmsc=2A9335954D3F56E8581EF560E67280CB~000000000000000000000000000000~YAAQhsJkX5eApu2TAQAAQ+eN/RpUqnTT3y0DuOK4JGYnvggFsOXTypTxjSCS2H/QHcqS5/tt98eklF8q24NGXIrzGoufZex6A1fFaYI0HtCXNAmQuV1svccr7m0EXvJ3VvliO+T1k61J9zAUzKtvK2aFs+ul2wAp1uSxNBsiIbRqpqM21hvia0At3e0RLJ7oOrbVsPPZhWTy7+l4ng/bARBf2Hwh2Ap9CsYKoENVXG7Icivuznsh1z4QWy7x5jhQ5Twh6GJQWj3Cg93jzNv5+Rs3xceCOyquicxIYQLJl7UKGsyFt8bjgA/kFCSH4lUnNfL6QPoIcGDmvCsT7fakphMixxP8B6mS1w3OGaqmpzjdjZwbF8wiVNy9Hx2soDk=; SRCHUSR=DOB=20241225&T=1735125755000; _C_ETH=1; SRCHHPGUSR=SRCHLANG=en&HV=1735125759&DM=0&NTWKTYP=4g&BRW=M&BRH=S&CW=1280&CH=601&SCW=1263&SCH=1983&DPR=1.0&UTC=0&PV=10.0; _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-12-25T08:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-12-25T11:22:41.1737217+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _Rwho=u=d&ts=2024-12-25; _SS=PC=U531&SID=1237EDD3F7EE629C1C5CF8B3F6276339&R=3&RB=0&GB=0&RG=200&RP=0

Response

HTTP/1.1 200 OK

Last-Modified: Tue, 24 Sep 2024 06:58:31 GMT
ETag: 0x8DCDC664D1860E2
Content-Length: 3814
Content-Type: image/jpeg
Content-MD5: KBVwYR+JIZqXDyWJ+YoJ2w==
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 53edbb4d-401e-003f-5f31-165d4c000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=226761
Expires: Sat, 28 Dec 2024 02:22:02 GMT
Date: Wed, 25 Dec 2024 11:22:41 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.92c2645f.1735125761.15af08fc
Timing-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/cRvrvrUA03NVEig8SXhQtErnYaM.br.css

msedge.exe

Remote address:

95.100.195.189:443

Request

GET /rp/cRvrvrUA03NVEig8SXhQtErnYaM.br.css HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept: text/css,*/*;q=0.1
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: style
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=2338596C739167DE37764C0C725866D5; _EDGE_S=F=1&SID=1237EDD3F7EE629C1C5CF8B3F6276339; _EDGE_V=1; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=2D3226E919DD4358A046111CD2C18B22&dmnchg=1; ak_bmsc=2A9335954D3F56E8581EF560E67280CB~000000000000000000000000000000~YAAQhsJkX5eApu2TAQAAQ+eN/RpUqnTT3y0DuOK4JGYnvggFsOXTypTxjSCS2H/QHcqS5/tt98eklF8q24NGXIrzGoufZex6A1fFaYI0HtCXNAmQuV1svccr7m0EXvJ3VvliO+T1k61J9zAUzKtvK2aFs+ul2wAp1uSxNBsiIbRqpqM21hvia0At3e0RLJ7oOrbVsPPZhWTy7+l4ng/bARBf2Hwh2Ap9CsYKoENVXG7Icivuznsh1z4QWy7x5jhQ5Twh6GJQWj3Cg93jzNv5+Rs3xceCOyquicxIYQLJl7UKGsyFt8bjgA/kFCSH4lUnNfL6QPoIcGDmvCsT7fakphMixxP8B6mS1w3OGaqmpzjdjZwbF8wiVNy9Hx2soDk=; SRCHUSR=DOB=20241225&T=1735125755000; _C_ETH=1; _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-12-25T08:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-12-25T11:22:41.1737217+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _Rwho=u=d&ts=2024-12-25; _SS=PC=U531&SID=1237EDD3F7EE629C1C5CF8B3F6276339&R=3&RB=0&GB=0&RG=200&RP=0; SRCHHPGUSR=SRCHLANG=en&HV=1735125760&DM=0&NTWKTYP=4g&BRW=M&BRH=S&CW=1280&CH=601&SCW=1263&SCH=1983&DPR=1.0&UTC=0&PV=10.0&WTS=63870722555; USRLOC=HS=1&BLOCK=TS=241225112241; ipv6=hit=1735129361377&t=4; MSPTC=0sId-ydt5KET1eJHPZpHrN8OIiMSzBo8-a6MuCxIyXw; SRCHS=PC=U531; bm_sv=134AFBE15FCC1878E655F6869AC42D89~YAAQkcJkX/mThOyTAQAA1v6O/RpuaR7Co4b9g3PpWGhmUurTIfwxr2sxIIp9CjqRFtNv8Xsn82/K/5KZCnop9VQcwANoqoklQHL2Wn+gTuUlG1KhIcAy9YQDgjw7+85xtvel3KdZHwji2g7jJjrQ2A3ZwClGaOAOCwFmMnNp5XPeDnvDJVd2PrB5vQB3xreJs1KT7mvjQ7QfnMumi3ljZpX9oiYF6laYxZ+LN2T4noagBztyCw9Wkh47IbCNZQ==~1

Response

HTTP/1.1 200 OK

Last-Modified: Tue, 24 Sep 2024 06:41:40 GMT
ETag: 0x8DCDC63F2456305
Content-Length: 124
Content-Type: text/css
Content-Encoding: br
Content-MD5: y1jBAhf1/ixm6cXEZu+uGQ==
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 44623b4a-d01e-0013-2019-16df71000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Akamai-GRN: 0.95777b5c.1730372064.5040f7e
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
Cache-Control: public, no-transform, max-age=142948
Expires: Fri, 27 Dec 2024 03:06:15 GMT
Date: Wed, 25 Dec 2024 11:23:47 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.92c2645f.1735125827.15af0a02
Timing-Allow-Origin: *
GET

https://r.bing.com/rp/zh5yhbkbJVkzFqNrcigech9CW1Y.br.css

msedge.exe

Remote address:

95.100.195.189:443

Request

GET /rp/zh5yhbkbJVkzFqNrcigech9CW1Y.br.css HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept: text/css,*/*;q=0.1
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: style
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=2338596C739167DE37764C0C725866D5; _EDGE_S=F=1&SID=1237EDD3F7EE629C1C5CF8B3F6276339; _EDGE_V=1; USRLOC=HS=1; _SS=PC=U531&SID=1237EDD3F7EE629C1C5CF8B3F6276339; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=2D3226E919DD4358A046111CD2C18B22&dmnchg=1; SRCHUSR=DOB=20241225; SRCHHPGUSR=SRCHLANG=en; ak_bmsc=2A9335954D3F56E8581EF560E67280CB~000000000000000000000000000000~YAAQhsJkX5eApu2TAQAAQ+eN/RpUqnTT3y0DuOK4JGYnvggFsOXTypTxjSCS2H/QHcqS5/tt98eklF8q24NGXIrzGoufZex6A1fFaYI0HtCXNAmQuV1svccr7m0EXvJ3VvliO+T1k61J9zAUzKtvK2aFs+ul2wAp1uSxNBsiIbRqpqM21hvia0At3e0RLJ7oOrbVsPPZhWTy7+l4ng/bARBf2Hwh2Ap9CsYKoENVXG7Icivuznsh1z4QWy7x5jhQ5Twh6GJQWj3Cg93jzNv5+Rs3xceCOyquicxIYQLJl7UKGsyFt8bjgA/kFCSH4lUnNfL6QPoIcGDmvCsT7fakphMixxP8B6mS1w3OGaqmpzjdjZwbF8wiVNy9Hx2soDk=

Response

HTTP/1.1 200 OK

Last-Modified: Tue, 24 Sep 2024 07:16:51 GMT
ETag: 0x8DCDC68DC6D229D
Content-Length: 39
Content-Type: text/css
Content-Encoding: br
Content-MD5: b4OWVwR8+xEsCRiKFGSGCg==
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 768ef852-501e-0064-2621-175a30000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=309205
Expires: Sun, 29 Dec 2024 01:16:01 GMT
Date: Wed, 25 Dec 2024 11:22:36 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.94c2645f.1735125756.11c1c7a9
Timing-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/Qo1KJzoRMo31gE9sb--6dyXZlXw.br.css

msedge.exe

Remote address:

95.100.195.189:443

Request

GET /rp/Qo1KJzoRMo31gE9sb--6dyXZlXw.br.css HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept: text/css,*/*;q=0.1
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: style
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=2338596C739167DE37764C0C725866D5; _EDGE_S=F=1&SID=1237EDD3F7EE629C1C5CF8B3F6276339; _EDGE_V=1; USRLOC=HS=1; _SS=PC=U531&SID=1237EDD3F7EE629C1C5CF8B3F6276339; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=2D3226E919DD4358A046111CD2C18B22&dmnchg=1; SRCHUSR=DOB=20241225; SRCHHPGUSR=SRCHLANG=en; ak_bmsc=2A9335954D3F56E8581EF560E67280CB~000000000000000000000000000000~YAAQhsJkX5eApu2TAQAAQ+eN/RpUqnTT3y0DuOK4JGYnvggFsOXTypTxjSCS2H/QHcqS5/tt98eklF8q24NGXIrzGoufZex6A1fFaYI0HtCXNAmQuV1svccr7m0EXvJ3VvliO+T1k61J9zAUzKtvK2aFs+ul2wAp1uSxNBsiIbRqpqM21hvia0At3e0RLJ7oOrbVsPPZhWTy7+l4ng/bARBf2Hwh2Ap9CsYKoENVXG7Icivuznsh1z4QWy7x5jhQ5Twh6GJQWj3Cg93jzNv5+Rs3xceCOyquicxIYQLJl7UKGsyFt8bjgA/kFCSH4lUnNfL6QPoIcGDmvCsT7fakphMixxP8B6mS1w3OGaqmpzjdjZwbF8wiVNy9Hx2soDk=

Response

HTTP/1.1 200 OK

Last-Modified: Tue, 24 Sep 2024 06:22:17 GMT
ETag: 0x8DCDC613D4BAC04
Content-Length: 331
Content-Type: text/css
Content-Encoding: br
Content-MD5: 5nc3NlU7Yz3D9I8j7eiMLA==
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 4cc3726b-701e-0037-65f4-17463f000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Akamai-GRN: 0.4c1a1202.1734462349.76353f91
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
Cache-Control: public, no-transform, max-age=333653
Expires: Sun, 29 Dec 2024 08:03:29 GMT
Date: Wed, 25 Dec 2024 11:22:36 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.94c2645f.1735125756.11c1c7bc
Timing-Allow-Origin: *
GET

https://r.bing.com/rp/oMe6-1unS900pZU7Ueh9zFhCpZs.br.css

msedge.exe

Remote address:

95.100.195.189:443

Request

GET /rp/oMe6-1unS900pZU7Ueh9zFhCpZs.br.css HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept: text/css,*/*;q=0.1
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: style
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=2338596C739167DE37764C0C725866D5; _EDGE_S=F=1&SID=1237EDD3F7EE629C1C5CF8B3F6276339; _EDGE_V=1; USRLOC=HS=1; _SS=PC=U531&SID=1237EDD3F7EE629C1C5CF8B3F6276339; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=2D3226E919DD4358A046111CD2C18B22&dmnchg=1; SRCHUSR=DOB=20241225; SRCHHPGUSR=SRCHLANG=en; ak_bmsc=2A9335954D3F56E8581EF560E67280CB~000000000000000000000000000000~YAAQhsJkX5eApu2TAQAAQ+eN/RpUqnTT3y0DuOK4JGYnvggFsOXTypTxjSCS2H/QHcqS5/tt98eklF8q24NGXIrzGoufZex6A1fFaYI0HtCXNAmQuV1svccr7m0EXvJ3VvliO+T1k61J9zAUzKtvK2aFs+ul2wAp1uSxNBsiIbRqpqM21hvia0At3e0RLJ7oOrbVsPPZhWTy7+l4ng/bARBf2Hwh2Ap9CsYKoENVXG7Icivuznsh1z4QWy7x5jhQ5Twh6GJQWj3Cg93jzNv5+Rs3xceCOyquicxIYQLJl7UKGsyFt8bjgA/kFCSH4lUnNfL6QPoIcGDmvCsT7fakphMixxP8B6mS1w3OGaqmpzjdjZwbF8wiVNy9Hx2soDk=

Response

HTTP/1.1 200 OK

Last-Modified: Thu, 10 Oct 2024 00:14:06 GMT
ETag: 0x8DCE8C074B3BD87
Content-Length: 288
Content-Type: text/css
Content-Encoding: br
Content-MD5: 4kjzTodhJAO+Kus0R8T5dA==
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: a70375a2-d01e-003a-64e6-1aa933000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Akamai-GRN: 0.ac901002.1728555927.57e3a04
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
Cache-Control: public, no-transform, max-age=120142
Expires: Thu, 26 Dec 2024 20:44:58 GMT
Date: Wed, 25 Dec 2024 11:22:36 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.94c2645f.1735125756.11c1c895
Timing-Allow-Origin: *
GET

https://r.bing.com/rp/dVMW5tVdi3_S7aODH6eNGoZMETI.br.css

msedge.exe

Remote address:

95.100.195.189:443

Request

GET /rp/dVMW5tVdi3_S7aODH6eNGoZMETI.br.css HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept: text/css,*/*;q=0.1
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: style
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=2338596C739167DE37764C0C725866D5; _EDGE_S=F=1&SID=1237EDD3F7EE629C1C5CF8B3F6276339; _EDGE_V=1; USRLOC=HS=1; _SS=PC=U531&SID=1237EDD3F7EE629C1C5CF8B3F6276339; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=2D3226E919DD4358A046111CD2C18B22&dmnchg=1; SRCHUSR=DOB=20241225; SRCHHPGUSR=SRCHLANG=en; ak_bmsc=2A9335954D3F56E8581EF560E67280CB~000000000000000000000000000000~YAAQhsJkX5eApu2TAQAAQ+eN/RpUqnTT3y0DuOK4JGYnvggFsOXTypTxjSCS2H/QHcqS5/tt98eklF8q24NGXIrzGoufZex6A1fFaYI0HtCXNAmQuV1svccr7m0EXvJ3VvliO+T1k61J9zAUzKtvK2aFs+ul2wAp1uSxNBsiIbRqpqM21hvia0At3e0RLJ7oOrbVsPPZhWTy7+l4ng/bARBf2Hwh2Ap9CsYKoENVXG7Icivuznsh1z4QWy7x5jhQ5Twh6GJQWj3Cg93jzNv5+Rs3xceCOyquicxIYQLJl7UKGsyFt8bjgA/kFCSH4lUnNfL6QPoIcGDmvCsT7fakphMixxP8B6mS1w3OGaqmpzjdjZwbF8wiVNy9Hx2soDk=

Response

HTTP/1.1 200 OK

Last-Modified: Tue, 24 Sep 2024 06:43:05 GMT
ETag: 0x8DCDC6425428C34
Content-Length: 92
Content-Type: text/css
Content-Encoding: br
Content-MD5: VF2Z/zrRUcw1CZI+EQMEgA==
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: b60ffedd-001e-005e-6692-2a1993000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=103475
Expires: Thu, 26 Dec 2024 16:07:11 GMT
Date: Wed, 25 Dec 2024 11:22:36 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.94c2645f.1735125756.11c1c958
Timing-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/D5J2f43mDKS53i88a3lr0emaEB4.br.css

msedge.exe

Remote address:

95.100.195.189:443

Request

GET /rp/D5J2f43mDKS53i88a3lr0emaEB4.br.css HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept: text/css,*/*;q=0.1
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: style
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=2338596C739167DE37764C0C725866D5; _EDGE_S=F=1&SID=1237EDD3F7EE629C1C5CF8B3F6276339; _EDGE_V=1; USRLOC=HS=1; _SS=PC=U531&SID=1237EDD3F7EE629C1C5CF8B3F6276339; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=2D3226E919DD4358A046111CD2C18B22&dmnchg=1; SRCHUSR=DOB=20241225; SRCHHPGUSR=SRCHLANG=en; ak_bmsc=2A9335954D3F56E8581EF560E67280CB~000000000000000000000000000000~YAAQhsJkX5eApu2TAQAAQ+eN/RpUqnTT3y0DuOK4JGYnvggFsOXTypTxjSCS2H/QHcqS5/tt98eklF8q24NGXIrzGoufZex6A1fFaYI0HtCXNAmQuV1svccr7m0EXvJ3VvliO+T1k61J9zAUzKtvK2aFs+ul2wAp1uSxNBsiIbRqpqM21hvia0At3e0RLJ7oOrbVsPPZhWTy7+l4ng/bARBf2Hwh2Ap9CsYKoENVXG7Icivuznsh1z4QWy7x5jhQ5Twh6GJQWj3Cg93jzNv5+Rs3xceCOyquicxIYQLJl7UKGsyFt8bjgA/kFCSH4lUnNfL6QPoIcGDmvCsT7fakphMixxP8B6mS1w3OGaqmpzjdjZwbF8wiVNy9Hx2soDk=

Response

HTTP/1.1 200 OK

Last-Modified: Tue, 05 Nov 2024 08:14:50 GMT
ETag: 0x8DCFD71EBC01779
Content-Length: 228
Content-Type: text/css
Content-Encoding: br
Content-MD5: r2sPa4l9zEnPBr4yjBB94A==
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 2ae58c48-701e-003c-4fa6-365e4b000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Akamai-GRN: 0.94777b5c.1734459512.1e70ea
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
Cache-Control: public, no-transform, max-age=156326
Expires: Fri, 27 Dec 2024 06:48:02 GMT
Date: Wed, 25 Dec 2024 11:22:36 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.94c2645f.1735125756.11c1ca29
Timing-Allow-Origin: *
GET

https://r.bing.com/rp/sd09ZoqYFtYgki8gbUcaMRzc1N4.br.css

msedge.exe

Remote address:

95.100.195.189:443

Request

GET /rp/sd09ZoqYFtYgki8gbUcaMRzc1N4.br.css HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept: text/css,*/*;q=0.1
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: style
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=2338596C739167DE37764C0C725866D5; _EDGE_S=F=1&SID=1237EDD3F7EE629C1C5CF8B3F6276339; _EDGE_V=1; USRLOC=HS=1; _SS=PC=U531&SID=1237EDD3F7EE629C1C5CF8B3F6276339; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=2D3226E919DD4358A046111CD2C18B22&dmnchg=1; SRCHUSR=DOB=20241225; SRCHHPGUSR=SRCHLANG=en; ak_bmsc=2A9335954D3F56E8581EF560E67280CB~000000000000000000000000000000~YAAQhsJkX5eApu2TAQAAQ+eN/RpUqnTT3y0DuOK4JGYnvggFsOXTypTxjSCS2H/QHcqS5/tt98eklF8q24NGXIrzGoufZex6A1fFaYI0HtCXNAmQuV1svccr7m0EXvJ3VvliO+T1k61J9zAUzKtvK2aFs+ul2wAp1uSxNBsiIbRqpqM21hvia0At3e0RLJ7oOrbVsPPZhWTy7+l4ng/bARBf2Hwh2Ap9CsYKoENVXG7Icivuznsh1z4QWy7x5jhQ5Twh6GJQWj3Cg93jzNv5+Rs3xceCOyquicxIYQLJl7UKGsyFt8bjgA/kFCSH4lUnNfL6QPoIcGDmvCsT7fakphMixxP8B6mS1w3OGaqmpzjdjZwbF8wiVNy9Hx2soDk=

Response

HTTP/1.1 200 OK

Last-Modified: Tue, 24 Sep 2024 07:05:49 GMT
ETag: 0x8DCDC675202CAD5
Content-Length: 66
Content-Type: text/css
Content-Encoding: br
Content-MD5: YEUwB9iLo0daX99OGxDp6A==
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 909f409f-001e-0055-104f-1a01e7000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=258380
Expires: Sat, 28 Dec 2024 11:08:56 GMT
Date: Wed, 25 Dec 2024 11:22:36 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.94c2645f.1735125756.11c1cb03
Timing-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/r1W3Us9sqNEEDTV-z9ivBVemdOs.br.css

msedge.exe

Remote address:

95.100.195.189:443

Request

GET /rp/r1W3Us9sqNEEDTV-z9ivBVemdOs.br.css HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept: text/css,*/*;q=0.1
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: style
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=2338596C739167DE37764C0C725866D5; _EDGE_S=F=1&SID=1237EDD3F7EE629C1C5CF8B3F6276339; _EDGE_V=1; USRLOC=HS=1; _SS=PC=U531&SID=1237EDD3F7EE629C1C5CF8B3F6276339; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=2D3226E919DD4358A046111CD2C18B22&dmnchg=1; SRCHUSR=DOB=20241225; SRCHHPGUSR=SRCHLANG=en; ak_bmsc=2A9335954D3F56E8581EF560E67280CB~000000000000000000000000000000~YAAQhsJkX5eApu2TAQAAQ+eN/RpUqnTT3y0DuOK4JGYnvggFsOXTypTxjSCS2H/QHcqS5/tt98eklF8q24NGXIrzGoufZex6A1fFaYI0HtCXNAmQuV1svccr7m0EXvJ3VvliO+T1k61J9zAUzKtvK2aFs+ul2wAp1uSxNBsiIbRqpqM21hvia0At3e0RLJ7oOrbVsPPZhWTy7+l4ng/bARBf2Hwh2Ap9CsYKoENVXG7Icivuznsh1z4QWy7x5jhQ5Twh6GJQWj3Cg93jzNv5+Rs3xceCOyquicxIYQLJl7UKGsyFt8bjgA/kFCSH4lUnNfL6QPoIcGDmvCsT7fakphMixxP8B6mS1w3OGaqmpzjdjZwbF8wiVNy9Hx2soDk=

Response

HTTP/1.1 200 OK

Last-Modified: Tue, 24 Sep 2024 07:03:41 GMT
ETag: 0x8DCDC6705F63EE9
Content-Length: 209
Content-Type: text/css
Content-Encoding: br
Content-MD5: gWB6rXyQ1v5axVm23MC7uw==
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: b03a753d-f01e-002d-1621-176950000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Akamai-GRN: 0.8dc2645f.1730450926.e93b40
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
Cache-Control: public, no-transform, max-age=68212
Expires: Thu, 26 Dec 2024 06:19:29 GMT
Date: Wed, 25 Dec 2024 11:22:37 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.94c2645f.1735125757.11c1cba1
Timing-Allow-Origin: *
GET

https://r.bing.com/rp/f7F7gkCBmf3fpEpT07FtU78rkg4.br.css

msedge.exe

Remote address:

95.100.195.189:443

Request

GET /rp/f7F7gkCBmf3fpEpT07FtU78rkg4.br.css HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept: text/css,*/*;q=0.1
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: style
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=2338596C739167DE37764C0C725866D5; _EDGE_S=F=1&SID=1237EDD3F7EE629C1C5CF8B3F6276339; _EDGE_V=1; USRLOC=HS=1; _SS=PC=U531&SID=1237EDD3F7EE629C1C5CF8B3F6276339; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=2D3226E919DD4358A046111CD2C18B22&dmnchg=1; SRCHUSR=DOB=20241225; SRCHHPGUSR=SRCHLANG=en; ak_bmsc=2A9335954D3F56E8581EF560E67280CB~000000000000000000000000000000~YAAQhsJkX5eApu2TAQAAQ+eN/RpUqnTT3y0DuOK4JGYnvggFsOXTypTxjSCS2H/QHcqS5/tt98eklF8q24NGXIrzGoufZex6A1fFaYI0HtCXNAmQuV1svccr7m0EXvJ3VvliO+T1k61J9zAUzKtvK2aFs+ul2wAp1uSxNBsiIbRqpqM21hvia0At3e0RLJ7oOrbVsPPZhWTy7+l4ng/bARBf2Hwh2Ap9CsYKoENVXG7Icivuznsh1z4QWy7x5jhQ5Twh6GJQWj3Cg93jzNv5+Rs3xceCOyquicxIYQLJl7UKGsyFt8bjgA/kFCSH4lUnNfL6QPoIcGDmvCsT7fakphMixxP8B6mS1w3OGaqmpzjdjZwbF8wiVNy9Hx2soDk=

Response

HTTP/1.1 200 OK

Last-Modified: Tue, 24 Sep 2024 06:45:28 GMT
ETag: 0x8DCDC6479EB3382
Content-Length: 141
Content-Type: text/css
Content-Encoding: br
Content-MD5: EAR/p1M0HKbJY1291VA1pw==
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: e2d43878-b01e-0021-341a-1b87a1000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Akamai-GRN: 0.95777b5c.1730241040.8f2b0e4
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
Cache-Control: public, no-transform, max-age=382885
Expires: Sun, 29 Dec 2024 21:44:02 GMT
Date: Wed, 25 Dec 2024 11:22:37 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.94c2645f.1735125757.11c1cc60
Timing-Allow-Origin: *
GET

https://r.bing.com/rp/GwvTDzr-_7Ipq8Y_s09cnrmtIeY.br.css

msedge.exe

Remote address:

95.100.195.189:443

Request

GET /rp/GwvTDzr-_7Ipq8Y_s09cnrmtIeY.br.css HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept: text/css,*/*;q=0.1
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: style
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=2338596C739167DE37764C0C725866D5; _EDGE_S=F=1&SID=1237EDD3F7EE629C1C5CF8B3F6276339; _EDGE_V=1; USRLOC=HS=1; _SS=PC=U531&SID=1237EDD3F7EE629C1C5CF8B3F6276339; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=2D3226E919DD4358A046111CD2C18B22&dmnchg=1; SRCHUSR=DOB=20241225; SRCHHPGUSR=SRCHLANG=en; ak_bmsc=2A9335954D3F56E8581EF560E67280CB~000000000000000000000000000000~YAAQhsJkX5eApu2TAQAAQ+eN/RpUqnTT3y0DuOK4JGYnvggFsOXTypTxjSCS2H/QHcqS5/tt98eklF8q24NGXIrzGoufZex6A1fFaYI0HtCXNAmQuV1svccr7m0EXvJ3VvliO+T1k61J9zAUzKtvK2aFs+ul2wAp1uSxNBsiIbRqpqM21hvia0At3e0RLJ7oOrbVsPPZhWTy7+l4ng/bARBf2Hwh2Ap9CsYKoENVXG7Icivuznsh1z4QWy7x5jhQ5Twh6GJQWj3Cg93jzNv5+Rs3xceCOyquicxIYQLJl7UKGsyFt8bjgA/kFCSH4lUnNfL6QPoIcGDmvCsT7fakphMixxP8B6mS1w3OGaqmpzjdjZwbF8wiVNy9Hx2soDk=

Response

HTTP/1.1 200 OK

Last-Modified: Tue, 24 Sep 2024 06:06:54 GMT
ETag: 0x8DCDC5F1718443B
Akamai-GRN: 0.afc2645f.1730459035.17fc546
Content-Length: 117
Content-Type: text/css
Content-Encoding: br
Content-MD5: ok6k2YChhrCNuY7rU1krKw==
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 5fe28185-401e-0034-5fd0-154538000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
Cache-Control: public, no-transform, max-age=195471
Expires: Fri, 27 Dec 2024 17:40:28 GMT
Date: Wed, 25 Dec 2024 11:22:37 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.94c2645f.1735125757.11c1cd3f
Timing-Allow-Origin: *
GET

https://r.bing.com/rp/Ra6gRXsMm2WooMA178dYrbFLMUU.br.css

msedge.exe

Remote address:

95.100.195.189:443

Request

GET /rp/Ra6gRXsMm2WooMA178dYrbFLMUU.br.css HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept: text/css,*/*;q=0.1
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: style
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=2338596C739167DE37764C0C725866D5; _EDGE_S=F=1&SID=1237EDD3F7EE629C1C5CF8B3F6276339; _EDGE_V=1; USRLOC=HS=1; _SS=PC=U531&SID=1237EDD3F7EE629C1C5CF8B3F6276339; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=2D3226E919DD4358A046111CD2C18B22&dmnchg=1; SRCHUSR=DOB=20241225; SRCHHPGUSR=SRCHLANG=en; ak_bmsc=2A9335954D3F56E8581EF560E67280CB~000000000000000000000000000000~YAAQhsJkX5eApu2TAQAAQ+eN/RpUqnTT3y0DuOK4JGYnvggFsOXTypTxjSCS2H/QHcqS5/tt98eklF8q24NGXIrzGoufZex6A1fFaYI0HtCXNAmQuV1svccr7m0EXvJ3VvliO+T1k61J9zAUzKtvK2aFs+ul2wAp1uSxNBsiIbRqpqM21hvia0At3e0RLJ7oOrbVsPPZhWTy7+l4ng/bARBf2Hwh2Ap9CsYKoENVXG7Icivuznsh1z4QWy7x5jhQ5Twh6GJQWj3Cg93jzNv5+Rs3xceCOyquicxIYQLJl7UKGsyFt8bjgA/kFCSH4lUnNfL6QPoIcGDmvCsT7fakphMixxP8B6mS1w3OGaqmpzjdjZwbF8wiVNy9Hx2soDk=

Response

HTTP/1.1 200 OK

Last-Modified: Tue, 24 Sep 2024 06:23:57 GMT
ETag: 0x8DCDC6178B7F4BB
Content-Length: 107
Content-Type: text/css
Content-Encoding: br
Content-MD5: bzj2pXimXA+l0+9M+nSHGw==
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 516921c3-b01e-006e-74fd-1e43b9000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=250362
Expires: Sat, 28 Dec 2024 08:55:19 GMT
Date: Wed, 25 Dec 2024 11:22:37 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.94c2645f.1735125757.11c1cdeb
Timing-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/S5v5mQLthXQUleTzGiiWTgGhU24.br.css

msedge.exe

Remote address:

95.100.195.189:443

Request

GET /rp/S5v5mQLthXQUleTzGiiWTgGhU24.br.css HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept: text/css,*/*;q=0.1
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: style
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=2338596C739167DE37764C0C725866D5; _EDGE_S=F=1&SID=1237EDD3F7EE629C1C5CF8B3F6276339; _EDGE_V=1; USRLOC=HS=1; _SS=PC=U531&SID=1237EDD3F7EE629C1C5CF8B3F6276339; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=2D3226E919DD4358A046111CD2C18B22&dmnchg=1; ak_bmsc=2A9335954D3F56E8581EF560E67280CB~000000000000000000000000000000~YAAQhsJkX5eApu2TAQAAQ+eN/RpUqnTT3y0DuOK4JGYnvggFsOXTypTxjSCS2H/QHcqS5/tt98eklF8q24NGXIrzGoufZex6A1fFaYI0HtCXNAmQuV1svccr7m0EXvJ3VvliO+T1k61J9zAUzKtvK2aFs+ul2wAp1uSxNBsiIbRqpqM21hvia0At3e0RLJ7oOrbVsPPZhWTy7+l4ng/bARBf2Hwh2Ap9CsYKoENVXG7Icivuznsh1z4QWy7x5jhQ5Twh6GJQWj3Cg93jzNv5+Rs3xceCOyquicxIYQLJl7UKGsyFt8bjgA/kFCSH4lUnNfL6QPoIcGDmvCsT7fakphMixxP8B6mS1w3OGaqmpzjdjZwbF8wiVNy9Hx2soDk=; SRCHUSR=DOB=20241225&T=1735125755000; SRCHHPGUSR=SRCHLANG=en&HV=1735125756&DM=0&NTWKTYP=4g&BRW=M&BRH=S&CW=1280&CH=601&SCW=1263&SCH=1983&DPR=1.0&UTC=0&PV=10.0&EXLTT=1

Response

HTTP/1.1 200 OK

Last-Modified: Fri, 18 Oct 2024 21:09:11 GMT
ETag: 0x8DCEFB91D4F43FE
Akamai-GRN: 0.94777b5c.1730497648.2560af3
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
Content-Length: 532
Content-Type: text/css
Content-Encoding: br
Content-MD5: AUAe3dXmmLN6xoUqSR7dyA==
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 568fc6be-f01e-002d-71eb-216950000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=258291
Expires: Sat, 28 Dec 2024 11:07:31 GMT
Date: Wed, 25 Dec 2024 11:22:40 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.94c2645f.1735125760.11c1cf1d
Timing-Allow-Origin: *
GET

https://r.bing.com/rp/c4ruj6QGsmSnOG64gJJnnnYDa44.br.css

msedge.exe

Remote address:

95.100.195.189:443

Request

GET /rp/c4ruj6QGsmSnOG64gJJnnnYDa44.br.css HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept: text/css,*/*;q=0.1
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: style
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=2338596C739167DE37764C0C725866D5; _EDGE_S=F=1&SID=1237EDD3F7EE629C1C5CF8B3F6276339; _EDGE_V=1; USRLOC=HS=1; _SS=PC=U531&SID=1237EDD3F7EE629C1C5CF8B3F6276339; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=2D3226E919DD4358A046111CD2C18B22&dmnchg=1; ak_bmsc=2A9335954D3F56E8581EF560E67280CB~000000000000000000000000000000~YAAQhsJkX5eApu2TAQAAQ+eN/RpUqnTT3y0DuOK4JGYnvggFsOXTypTxjSCS2H/QHcqS5/tt98eklF8q24NGXIrzGoufZex6A1fFaYI0HtCXNAmQuV1svccr7m0EXvJ3VvliO+T1k61J9zAUzKtvK2aFs+ul2wAp1uSxNBsiIbRqpqM21hvia0At3e0RLJ7oOrbVsPPZhWTy7+l4ng/bARBf2Hwh2Ap9CsYKoENVXG7Icivuznsh1z4QWy7x5jhQ5Twh6GJQWj3Cg93jzNv5+Rs3xceCOyquicxIYQLJl7UKGsyFt8bjgA/kFCSH4lUnNfL6QPoIcGDmvCsT7fakphMixxP8B6mS1w3OGaqmpzjdjZwbF8wiVNy9Hx2soDk=; SRCHUSR=DOB=20241225&T=1735125755000; _C_ETH=1; SRCHHPGUSR=SRCHLANG=en&HV=1735125759&DM=0&NTWKTYP=4g&BRW=M&BRH=S&CW=1280&CH=601&SCW=1263&SCH=1983&DPR=1.0&UTC=0&PV=10.0

Response

HTTP/1.1 200 OK

Last-Modified: Tue, 24 Sep 2024 06:41:12 GMT
ETag: 0x8DCDC63E1AC19C2
Content-Length: 324
Content-Type: text/css
Content-Encoding: br
Content-MD5: zul1ioyI5qjKzvVMsqd8eQ==
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 7d355d1d-a01e-0071-38fc-1698a9000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Akamai-GRN: 0.233f655f.1729803597.7eaef11
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
Cache-Control: public, no-transform, max-age=165334
Expires: Fri, 27 Dec 2024 09:18:14 GMT
Date: Wed, 25 Dec 2024 11:22:40 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.94c2645f.1735125760.11c1e099
Timing-Allow-Origin: *
GET

https://r.bing.com/rp/UYtUYDcn1oZlFG-YfBPz59zejYI.svg

msedge.exe

Remote address:

95.100.195.189:443

Request

GET /rp/UYtUYDcn1oZlFG-YfBPz59zejYI.svg HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=2338596C739167DE37764C0C725866D5; _EDGE_S=F=1&SID=1237EDD3F7EE629C1C5CF8B3F6276339; _EDGE_V=1; USRLOC=HS=1; _SS=PC=U531&SID=1237EDD3F7EE629C1C5CF8B3F6276339; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=2D3226E919DD4358A046111CD2C18B22&dmnchg=1; ak_bmsc=2A9335954D3F56E8581EF560E67280CB~000000000000000000000000000000~YAAQhsJkX5eApu2TAQAAQ+eN/RpUqnTT3y0DuOK4JGYnvggFsOXTypTxjSCS2H/QHcqS5/tt98eklF8q24NGXIrzGoufZex6A1fFaYI0HtCXNAmQuV1svccr7m0EXvJ3VvliO+T1k61J9zAUzKtvK2aFs+ul2wAp1uSxNBsiIbRqpqM21hvia0At3e0RLJ7oOrbVsPPZhWTy7+l4ng/bARBf2Hwh2Ap9CsYKoENVXG7Icivuznsh1z4QWy7x5jhQ5Twh6GJQWj3Cg93jzNv5+Rs3xceCOyquicxIYQLJl7UKGsyFt8bjgA/kFCSH4lUnNfL6QPoIcGDmvCsT7fakphMixxP8B6mS1w3OGaqmpzjdjZwbF8wiVNy9Hx2soDk=; SRCHUSR=DOB=20241225&T=1735125755000; _C_ETH=1; SRCHHPGUSR=SRCHLANG=en&HV=1735125759&DM=0&NTWKTYP=4g&BRW=M&BRH=S&CW=1280&CH=601&SCW=1263&SCH=1983&DPR=1.0&UTC=0&PV=10.0

Response

HTTP/1.1 200 OK

Last-Modified: Mon, 15 Aug 2022 20:49:31 GMT
ETag: 0x8DA7EFFA703EB5F
Akamai-GRN: 0.59281102.1714799759.224b2228
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
Content-Length: 964
Content-Type: image/svg+xml
Content-MD5: iOPtPdfu4TP3P/udNrBLbw==
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: a81edf47-401e-0068-185a-0386c1000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=6699901
Expires: Thu, 13 Mar 2025 00:27:42 GMT
Date: Wed, 25 Dec 2024 11:22:41 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.94c2645f.1735125761.11c1e197
Timing-Allow-Origin: *
GET

https://r.bing.com/rp/cfeVf2-uV0hUo3ToTbLjztuomWk.jpg

msedge.exe

Remote address:

95.100.195.189:443

Request

GET /rp/cfeVf2-uV0hUo3ToTbLjztuomWk.jpg HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=2338596C739167DE37764C0C725866D5; _EDGE_S=F=1&SID=1237EDD3F7EE629C1C5CF8B3F6276339; _EDGE_V=1; USRLOC=HS=1; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=2D3226E919DD4358A046111CD2C18B22&dmnchg=1; ak_bmsc=2A9335954D3F56E8581EF560E67280CB~000000000000000000000000000000~YAAQhsJkX5eApu2TAQAAQ+eN/RpUqnTT3y0DuOK4JGYnvggFsOXTypTxjSCS2H/QHcqS5/tt98eklF8q24NGXIrzGoufZex6A1fFaYI0HtCXNAmQuV1svccr7m0EXvJ3VvliO+T1k61J9zAUzKtvK2aFs+ul2wAp1uSxNBsiIbRqpqM21hvia0At3e0RLJ7oOrbVsPPZhWTy7+l4ng/bARBf2Hwh2Ap9CsYKoENVXG7Icivuznsh1z4QWy7x5jhQ5Twh6GJQWj3Cg93jzNv5+Rs3xceCOyquicxIYQLJl7UKGsyFt8bjgA/kFCSH4lUnNfL6QPoIcGDmvCsT7fakphMixxP8B6mS1w3OGaqmpzjdjZwbF8wiVNy9Hx2soDk=; SRCHUSR=DOB=20241225&T=1735125755000; _C_ETH=1; SRCHHPGUSR=SRCHLANG=en&HV=1735125759&DM=0&NTWKTYP=4g&BRW=M&BRH=S&CW=1280&CH=601&SCW=1263&SCH=1983&DPR=1.0&UTC=0&PV=10.0; _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-12-25T08:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-12-25T11:22:41.1737217+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _Rwho=u=d&ts=2024-12-25; _SS=PC=U531&SID=1237EDD3F7EE629C1C5CF8B3F6276339&R=3&RB=0&GB=0&RG=200&RP=0

Response

HTTP/1.1 200 OK

Last-Modified: Tue, 24 Sep 2024 06:41:55 GMT
ETag: 0x8DCDC63FB5BC9CB
Content-Length: 4547
Content-Type: image/jpeg
Content-MD5: eu9Mz25HuboDg2XNPR9Wkw==
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: e33a93d6-f01e-004b-7906-1adb0a000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=157086
Expires: Fri, 27 Dec 2024 07:00:47 GMT
Date: Wed, 25 Dec 2024 11:22:41 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.94c2645f.1735125761.11c1e3f1
Timing-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/dJ6zhcu6hCA_ehQSQmjPCmEnGfY.br.css

msedge.exe

Remote address:

95.100.195.189:443

Request

GET /rp/dJ6zhcu6hCA_ehQSQmjPCmEnGfY.br.css HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept: text/css,*/*;q=0.1
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: style
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=2338596C739167DE37764C0C725866D5; _EDGE_S=F=1&SID=1237EDD3F7EE629C1C5CF8B3F6276339; _EDGE_V=1; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=2D3226E919DD4358A046111CD2C18B22&dmnchg=1; ak_bmsc=2A9335954D3F56E8581EF560E67280CB~000000000000000000000000000000~YAAQhsJkX5eApu2TAQAAQ+eN/RpUqnTT3y0DuOK4JGYnvggFsOXTypTxjSCS2H/QHcqS5/tt98eklF8q24NGXIrzGoufZex6A1fFaYI0HtCXNAmQuV1svccr7m0EXvJ3VvliO+T1k61J9zAUzKtvK2aFs+ul2wAp1uSxNBsiIbRqpqM21hvia0At3e0RLJ7oOrbVsPPZhWTy7+l4ng/bARBf2Hwh2Ap9CsYKoENVXG7Icivuznsh1z4QWy7x5jhQ5Twh6GJQWj3Cg93jzNv5+Rs3xceCOyquicxIYQLJl7UKGsyFt8bjgA/kFCSH4lUnNfL6QPoIcGDmvCsT7fakphMixxP8B6mS1w3OGaqmpzjdjZwbF8wiVNy9Hx2soDk=; SRCHUSR=DOB=20241225&T=1735125755000; _C_ETH=1; _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-12-25T08:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-12-25T11:22:41.1737217+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _Rwho=u=d&ts=2024-12-25; _SS=PC=U531&SID=1237EDD3F7EE629C1C5CF8B3F6276339&R=3&RB=0&GB=0&RG=200&RP=0; SRCHHPGUSR=SRCHLANG=en&HV=1735125760&DM=0&NTWKTYP=4g&BRW=M&BRH=S&CW=1280&CH=601&SCW=1263&SCH=1983&DPR=1.0&UTC=0&PV=10.0&WTS=63870722555; USRLOC=HS=1&BLOCK=TS=241225112241; ipv6=hit=1735129361377&t=4; MSPTC=0sId-ydt5KET1eJHPZpHrN8OIiMSzBo8-a6MuCxIyXw; SRCHS=PC=U531; bm_sv=134AFBE15FCC1878E655F6869AC42D89~YAAQkcJkX/mThOyTAQAA1v6O/RpuaR7Co4b9g3PpWGhmUurTIfwxr2sxIIp9CjqRFtNv8Xsn82/K/5KZCnop9VQcwANoqoklQHL2Wn+gTuUlG1KhIcAy9YQDgjw7+85xtvel3KdZHwji2g7jJjrQ2A3ZwClGaOAOCwFmMnNp5XPeDnvDJVd2PrB5vQB3xreJs1KT7mvjQ7QfnMumi3ljZpX9oiYF6laYxZ+LN2T4noagBztyCw9Wkh47IbCNZQ==~1

Response

HTTP/1.1 200 OK

Last-Modified: Tue, 24 Sep 2024 06:42:57 GMT
ETag: 0x8DCDC641FFAA0A7
Content-Length: 358
Content-Type: text/css
Content-Encoding: br
Content-MD5: 9aCPL2oZkGcCxyjZBFRc8w==
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 645e3e6f-e01e-0039-6c0c-17aa34000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Akamai-GRN: 0.98777b5c.1730141172.c3e9efc
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
Cache-Control: public, no-transform, max-age=221847
Expires: Sat, 28 Dec 2024 01:01:14 GMT
Date: Wed, 25 Dec 2024 11:23:47 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.94c2645f.1735125827.11c1e5ae
Timing-Allow-Origin: *
GET

https://r.bing.com/rb/5W/cc,nc/GZY3PyHImAjt56VIC2PBbIGPof4.css?bu=AcIX&or=w

msedge.exe

Remote address:

95.100.195.189:443

Request

GET /rb/5W/cc,nc/GZY3PyHImAjt56VIC2PBbIGPof4.css?bu=AcIX&or=w HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept: text/css,*/*;q=0.1
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: style
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=2338596C739167DE37764C0C725866D5; _EDGE_S=F=1&SID=1237EDD3F7EE629C1C5CF8B3F6276339; _EDGE_V=1; USRLOC=HS=1; _SS=PC=U531&SID=1237EDD3F7EE629C1C5CF8B3F6276339; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=2D3226E919DD4358A046111CD2C18B22&dmnchg=1; SRCHUSR=DOB=20241225; SRCHHPGUSR=SRCHLANG=en; ak_bmsc=2A9335954D3F56E8581EF560E67280CB~000000000000000000000000000000~YAAQhsJkX5eApu2TAQAAQ+eN/RpUqnTT3y0DuOK4JGYnvggFsOXTypTxjSCS2H/QHcqS5/tt98eklF8q24NGXIrzGoufZex6A1fFaYI0HtCXNAmQuV1svccr7m0EXvJ3VvliO+T1k61J9zAUzKtvK2aFs+ul2wAp1uSxNBsiIbRqpqM21hvia0At3e0RLJ7oOrbVsPPZhWTy7+l4ng/bARBf2Hwh2Ap9CsYKoENVXG7Icivuznsh1z4QWy7x5jhQ5Twh6GJQWj3Cg93jzNv5+Rs3xceCOyquicxIYQLJl7UKGsyFt8bjgA/kFCSH4lUnNfL6QPoIcGDmvCsT7fakphMixxP8B6mS1w3OGaqmpzjdjZwbF8wiVNy9Hx2soDk=

Response

HTTP/1.1 200 OK

Content-Length: 467
Content-Type: text/css; charset=utf-8
Server: Kestrel
Access-Control-Allow-Headers: *
Access-Control-Allow-Origin: *
Content-Encoding: br
Last-Modified: Mon, 23 Sep 2024 23:06:07 GMT
X-EventID: 675c731ee76b497daeb32c73f132ba40
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, ECT, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
UserAgentReductionOptOut: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
X-AS-InstrumentationOptions: AppServerLoggingMaster=1
X-AS-MACHINENAME: DUBEEAP0000E09D
X-AS-SuppressSetCookie: 1
Content-Security-Policy-Report-Only: script-src https: 'strict-dynamic' 'report-sample' 'wasm-unsafe-eval' 'nonce-EaKvc/NxUzl40iOCDxkDL0JzAAlrQBfBi1COj8KB4TM='; base-uri 'self';report-to csp-endpoint
Report-To: {"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
Report-To: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingrms"}]}
cross-origin-resource-policy: cross-origin
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.75}
Cache-Control: public, max-age=195815
Expires: Fri, 27 Dec 2024 17:46:11 GMT
Date: Wed, 25 Dec 2024 11:22:36 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.98c2645f.1735125756.2bc1168f
Timing-Allow-Origin: *
GET

https://r.bing.com/rp/sS9WdiLA9F38WKJqRP3fX-VP9Lo.br.css

msedge.exe

Remote address:

95.100.195.189:443

Request

GET /rp/sS9WdiLA9F38WKJqRP3fX-VP9Lo.br.css HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept: text/css,*/*;q=0.1
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: style
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=2338596C739167DE37764C0C725866D5; _EDGE_S=F=1&SID=1237EDD3F7EE629C1C5CF8B3F6276339; _EDGE_V=1; USRLOC=HS=1; _SS=PC=U531&SID=1237EDD3F7EE629C1C5CF8B3F6276339; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=2D3226E919DD4358A046111CD2C18B22&dmnchg=1; SRCHUSR=DOB=20241225; SRCHHPGUSR=SRCHLANG=en; ak_bmsc=2A9335954D3F56E8581EF560E67280CB~000000000000000000000000000000~YAAQhsJkX5eApu2TAQAAQ+eN/RpUqnTT3y0DuOK4JGYnvggFsOXTypTxjSCS2H/QHcqS5/tt98eklF8q24NGXIrzGoufZex6A1fFaYI0HtCXNAmQuV1svccr7m0EXvJ3VvliO+T1k61J9zAUzKtvK2aFs+ul2wAp1uSxNBsiIbRqpqM21hvia0At3e0RLJ7oOrbVsPPZhWTy7+l4ng/bARBf2Hwh2Ap9CsYKoENVXG7Icivuznsh1z4QWy7x5jhQ5Twh6GJQWj3Cg93jzNv5+Rs3xceCOyquicxIYQLJl7UKGsyFt8bjgA/kFCSH4lUnNfL6QPoIcGDmvCsT7fakphMixxP8B6mS1w3OGaqmpzjdjZwbF8wiVNy9Hx2soDk=

Response

HTTP/1.1 200 OK

Last-Modified: Tue, 24 Sep 2024 07:06:01 GMT
ETag: 0x8DCDC67594E29DD
Content-Length: 410
Content-Type: text/css
Content-Encoding: br
Content-MD5: kIdnI9qrJP76HGdbY3bmeg==
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: a42f67c1-e01e-005f-31a0-16186e000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Akamai-GRN: 0.52d77a5c.1730441150.132c00bb
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
Cache-Control: public, no-transform, max-age=294098
Expires: Sat, 28 Dec 2024 21:04:14 GMT
Date: Wed, 25 Dec 2024 11:22:36 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.98c2645f.1735125756.2bc116df
Timing-Allow-Origin: *
GET

https://r.bing.com/rp/uf6-405sDPw8dZxAwsFhXIwMMWQ.br.css

msedge.exe

Remote address:

95.100.195.189:443

Request

GET /rp/uf6-405sDPw8dZxAwsFhXIwMMWQ.br.css HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept: text/css,*/*;q=0.1
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: style
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=2338596C739167DE37764C0C725866D5; _EDGE_S=F=1&SID=1237EDD3F7EE629C1C5CF8B3F6276339; _EDGE_V=1; USRLOC=HS=1; _SS=PC=U531&SID=1237EDD3F7EE629C1C5CF8B3F6276339; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=2D3226E919DD4358A046111CD2C18B22&dmnchg=1; SRCHUSR=DOB=20241225; SRCHHPGUSR=SRCHLANG=en; ak_bmsc=2A9335954D3F56E8581EF560E67280CB~000000000000000000000000000000~YAAQhsJkX5eApu2TAQAAQ+eN/RpUqnTT3y0DuOK4JGYnvggFsOXTypTxjSCS2H/QHcqS5/tt98eklF8q24NGXIrzGoufZex6A1fFaYI0HtCXNAmQuV1svccr7m0EXvJ3VvliO+T1k61J9zAUzKtvK2aFs+ul2wAp1uSxNBsiIbRqpqM21hvia0At3e0RLJ7oOrbVsPPZhWTy7+l4ng/bARBf2Hwh2Ap9CsYKoENVXG7Icivuznsh1z4QWy7x5jhQ5Twh6GJQWj3Cg93jzNv5+Rs3xceCOyquicxIYQLJl7UKGsyFt8bjgA/kFCSH4lUnNfL6QPoIcGDmvCsT7fakphMixxP8B6mS1w3OGaqmpzjdjZwbF8wiVNy9Hx2soDk=

Response

HTTP/1.1 200 OK

Last-Modified: Tue, 24 Sep 2024 07:09:20 GMT
ETag: 0x8DCDC67CFDE55E5
Content-Length: 162
Content-Type: text/css
Content-Encoding: br
Content-MD5: AjOqyl59V4dyZCW/Fr/S2Q==
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: d1703ae3-b01e-006e-6e08-1843b9000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=185308
Expires: Fri, 27 Dec 2024 14:51:04 GMT
Date: Wed, 25 Dec 2024 11:22:36 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.98c2645f.1735125756.2bc118a7
Timing-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/RuJsq8eAYqkavNQ_kj9tyr6ZZ4U.br.css

msedge.exe

Remote address:

95.100.195.189:443

Request

GET /rp/RuJsq8eAYqkavNQ_kj9tyr6ZZ4U.br.css HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept: text/css,*/*;q=0.1
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: style
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=2338596C739167DE37764C0C725866D5; _EDGE_S=F=1&SID=1237EDD3F7EE629C1C5CF8B3F6276339; _EDGE_V=1; USRLOC=HS=1; _SS=PC=U531&SID=1237EDD3F7EE629C1C5CF8B3F6276339; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=2D3226E919DD4358A046111CD2C18B22&dmnchg=1; SRCHUSR=DOB=20241225; SRCHHPGUSR=SRCHLANG=en; ak_bmsc=2A9335954D3F56E8581EF560E67280CB~000000000000000000000000000000~YAAQhsJkX5eApu2TAQAAQ+eN/RpUqnTT3y0DuOK4JGYnvggFsOXTypTxjSCS2H/QHcqS5/tt98eklF8q24NGXIrzGoufZex6A1fFaYI0HtCXNAmQuV1svccr7m0EXvJ3VvliO+T1k61J9zAUzKtvK2aFs+ul2wAp1uSxNBsiIbRqpqM21hvia0At3e0RLJ7oOrbVsPPZhWTy7+l4ng/bARBf2Hwh2Ap9CsYKoENVXG7Icivuznsh1z4QWy7x5jhQ5Twh6GJQWj3Cg93jzNv5+Rs3xceCOyquicxIYQLJl7UKGsyFt8bjgA/kFCSH4lUnNfL6QPoIcGDmvCsT7fakphMixxP8B6mS1w3OGaqmpzjdjZwbF8wiVNy9Hx2soDk=

Response

HTTP/1.1 200 OK

Last-Modified: Tue, 24 Sep 2024 06:24:09 GMT
ETag: 0x8DCDC617FF943E7
Content-Length: 38
Content-Type: text/css
Content-Encoding: br
Content-MD5: ZqrU0/0vl0O9rAMCSR3HRg==
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: a06600a4-001e-0077-6fc0-156fd1000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Akamai-GRN: 0.4c221002.1729859628.9f37ff8
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
Cache-Control: public, no-transform, max-age=103708
Expires: Thu, 26 Dec 2024 16:11:05 GMT
Date: Wed, 25 Dec 2024 11:22:37 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.98c2645f.1735125757.2bc119a2
Timing-Allow-Origin: *
GET

https://r.bing.com/rp/-daH6PNAGaQg3qCzuka0kd2jKdY.br.css

msedge.exe

Remote address:

95.100.195.189:443

Request

GET /rp/-daH6PNAGaQg3qCzuka0kd2jKdY.br.css HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept: text/css,*/*;q=0.1
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: style
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=2338596C739167DE37764C0C725866D5; _EDGE_S=F=1&SID=1237EDD3F7EE629C1C5CF8B3F6276339; _EDGE_V=1; USRLOC=HS=1; _SS=PC=U531&SID=1237EDD3F7EE629C1C5CF8B3F6276339; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=2D3226E919DD4358A046111CD2C18B22&dmnchg=1; SRCHUSR=DOB=20241225; SRCHHPGUSR=SRCHLANG=en; ak_bmsc=2A9335954D3F56E8581EF560E67280CB~000000000000000000000000000000~YAAQhsJkX5eApu2TAQAAQ+eN/RpUqnTT3y0DuOK4JGYnvggFsOXTypTxjSCS2H/QHcqS5/tt98eklF8q24NGXIrzGoufZex6A1fFaYI0HtCXNAmQuV1svccr7m0EXvJ3VvliO+T1k61J9zAUzKtvK2aFs+ul2wAp1uSxNBsiIbRqpqM21hvia0At3e0RLJ7oOrbVsPPZhWTy7+l4ng/bARBf2Hwh2Ap9CsYKoENVXG7Icivuznsh1z4QWy7x5jhQ5Twh6GJQWj3Cg93jzNv5+Rs3xceCOyquicxIYQLJl7UKGsyFt8bjgA/kFCSH4lUnNfL6QPoIcGDmvCsT7fakphMixxP8B6mS1w3OGaqmpzjdjZwbF8wiVNy9Hx2soDk=

Response

HTTP/1.1 200 OK

Last-Modified: Mon, 14 Oct 2024 19:26:24 GMT
ETag: 0x8DCEC8617B74AA3
Content-Length: 54
Content-Type: text/css
Content-Encoding: br
Content-MD5: og3PEyKNWJXw0RDX/cneKQ==
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 2420a354-a01e-0035-11a2-1e44c5000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Akamai-GRN: 0.9d777b5c.1730241041.743fcbe
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
Cache-Control: public, no-transform, max-age=52332
Expires: Thu, 26 Dec 2024 01:54:49 GMT
Date: Wed, 25 Dec 2024 11:22:37 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.98c2645f.1735125757.2bc11adb
Timing-Allow-Origin: *
GET

https://r.bing.com/rp/gQ1jxIQABGnYmoqYi1itol2s4Nc.br.css

msedge.exe

Remote address:

95.100.195.189:443

Request

GET /rp/gQ1jxIQABGnYmoqYi1itol2s4Nc.br.css HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept: text/css,*/*;q=0.1
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: style
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=2338596C739167DE37764C0C725866D5; _EDGE_S=F=1&SID=1237EDD3F7EE629C1C5CF8B3F6276339; _EDGE_V=1; USRLOC=HS=1; _SS=PC=U531&SID=1237EDD3F7EE629C1C5CF8B3F6276339; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=2D3226E919DD4358A046111CD2C18B22&dmnchg=1; SRCHUSR=DOB=20241225; SRCHHPGUSR=SRCHLANG=en; ak_bmsc=2A9335954D3F56E8581EF560E67280CB~000000000000000000000000000000~YAAQhsJkX5eApu2TAQAAQ+eN/RpUqnTT3y0DuOK4JGYnvggFsOXTypTxjSCS2H/QHcqS5/tt98eklF8q24NGXIrzGoufZex6A1fFaYI0HtCXNAmQuV1svccr7m0EXvJ3VvliO+T1k61J9zAUzKtvK2aFs+ul2wAp1uSxNBsiIbRqpqM21hvia0At3e0RLJ7oOrbVsPPZhWTy7+l4ng/bARBf2Hwh2Ap9CsYKoENVXG7Icivuznsh1z4QWy7x5jhQ5Twh6GJQWj3Cg93jzNv5+Rs3xceCOyquicxIYQLJl7UKGsyFt8bjgA/kFCSH4lUnNfL6QPoIcGDmvCsT7fakphMixxP8B6mS1w3OGaqmpzjdjZwbF8wiVNy9Hx2soDk=

Response

HTTP/1.1 200 OK

Last-Modified: Tue, 24 Sep 2024 06:47:29 GMT
ETag: 0x8DCDC64C2770C74
Content-Type: text/css
Content-MD5: vu36kkSQmqU4rgIojOI2Kg==
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: e052038e-d01e-0075-25a2-236d2b000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Content-Length: 50
Cache-Control: public, no-transform, max-age=240967
Expires: Sat, 28 Dec 2024 06:18:44 GMT
Date: Wed, 25 Dec 2024 11:22:37 GMT
Connection: keep-alive
Vary: Accept-Encoding
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.98c2645f.1735125757.2bc11b7b
Timing-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/zNCol8wZNOqNu5J9AALR7kSilGc.br.css

msedge.exe

Remote address:

95.100.195.189:443

Request

GET /rp/zNCol8wZNOqNu5J9AALR7kSilGc.br.css HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept: text/css,*/*;q=0.1
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: style
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=2338596C739167DE37764C0C725866D5; _EDGE_S=F=1&SID=1237EDD3F7EE629C1C5CF8B3F6276339; _EDGE_V=1; USRLOC=HS=1; _SS=PC=U531&SID=1237EDD3F7EE629C1C5CF8B3F6276339; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=2D3226E919DD4358A046111CD2C18B22&dmnchg=1; SRCHUSR=DOB=20241225; SRCHHPGUSR=SRCHLANG=en; ak_bmsc=2A9335954D3F56E8581EF560E67280CB~000000000000000000000000000000~YAAQhsJkX5eApu2TAQAAQ+eN/RpUqnTT3y0DuOK4JGYnvggFsOXTypTxjSCS2H/QHcqS5/tt98eklF8q24NGXIrzGoufZex6A1fFaYI0HtCXNAmQuV1svccr7m0EXvJ3VvliO+T1k61J9zAUzKtvK2aFs+ul2wAp1uSxNBsiIbRqpqM21hvia0At3e0RLJ7oOrbVsPPZhWTy7+l4ng/bARBf2Hwh2Ap9CsYKoENVXG7Icivuznsh1z4QWy7x5jhQ5Twh6GJQWj3Cg93jzNv5+Rs3xceCOyquicxIYQLJl7UKGsyFt8bjgA/kFCSH4lUnNfL6QPoIcGDmvCsT7fakphMixxP8B6mS1w3OGaqmpzjdjZwbF8wiVNy9Hx2soDk=

Response

HTTP/1.1 200 OK

Last-Modified: Tue, 24 Sep 2024 07:16:40 GMT
ETag: 0x8DCDC68D5F1ED12
Akamai-GRN: 0.c0777b5c.1730315324.2486ec69
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
Content-Length: 41
Content-Type: text/css
Content-Encoding: br
Content-MD5: T/hoBLqoViHGTblb5pL48w==
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 08888d13-b01e-004c-708d-172d8f000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=296573
Expires: Sat, 28 Dec 2024 21:45:30 GMT
Date: Wed, 25 Dec 2024 11:22:37 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.98c2645f.1735125757.2bc11c92
Timing-Allow-Origin: *
GET

https://r.bing.com/rp/6vW-cIY2Dxj_U1X3fdBnNVLFgF8.br.css

msedge.exe

Remote address:

95.100.195.189:443

Request

GET /rp/6vW-cIY2Dxj_U1X3fdBnNVLFgF8.br.css HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept: text/css,*/*;q=0.1
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: style
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=2338596C739167DE37764C0C725866D5; _EDGE_S=F=1&SID=1237EDD3F7EE629C1C5CF8B3F6276339; _EDGE_V=1; USRLOC=HS=1; _SS=PC=U531&SID=1237EDD3F7EE629C1C5CF8B3F6276339; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=2D3226E919DD4358A046111CD2C18B22&dmnchg=1; SRCHUSR=DOB=20241225; SRCHHPGUSR=SRCHLANG=en; ak_bmsc=2A9335954D3F56E8581EF560E67280CB~000000000000000000000000000000~YAAQhsJkX5eApu2TAQAAQ+eN/RpUqnTT3y0DuOK4JGYnvggFsOXTypTxjSCS2H/QHcqS5/tt98eklF8q24NGXIrzGoufZex6A1fFaYI0HtCXNAmQuV1svccr7m0EXvJ3VvliO+T1k61J9zAUzKtvK2aFs+ul2wAp1uSxNBsiIbRqpqM21hvia0At3e0RLJ7oOrbVsPPZhWTy7+l4ng/bARBf2Hwh2Ap9CsYKoENVXG7Icivuznsh1z4QWy7x5jhQ5Twh6GJQWj3Cg93jzNv5+Rs3xceCOyquicxIYQLJl7UKGsyFt8bjgA/kFCSH4lUnNfL6QPoIcGDmvCsT7fakphMixxP8B6mS1w3OGaqmpzjdjZwbF8wiVNy9Hx2soDk=

Response

HTTP/1.1 200 OK

Last-Modified: Tue, 24 Sep 2024 05:50:54 GMT
ETag: 0x8DCDC5CDACF93C9
Akamai-GRN: 0.4c1a1202.1730220704.275735f0
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
Content-Length: 1273
Content-Type: text/css
Content-Encoding: br
Content-MD5: nL46pcr+xJOe1GQ8ZSrC9A==
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 18b948b0-c01e-0025-3a57-197223000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=91523
Expires: Thu, 26 Dec 2024 12:48:00 GMT
Date: Wed, 25 Dec 2024 11:22:37 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.98c2645f.1735125757.2bc11d8b
Timing-Allow-Origin: *
GET

https://r.bing.com/rp/LrkoEs5Wr_EVEejC8ayFO3YHrw4.br.css

msedge.exe

Remote address:

95.100.195.189:443

Request

GET /rp/LrkoEs5Wr_EVEejC8ayFO3YHrw4.br.css HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept: text/css,*/*;q=0.1
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: style
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=2338596C739167DE37764C0C725866D5; _EDGE_S=F=1&SID=1237EDD3F7EE629C1C5CF8B3F6276339; _EDGE_V=1; USRLOC=HS=1; _SS=PC=U531&SID=1237EDD3F7EE629C1C5CF8B3F6276339; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=2D3226E919DD4358A046111CD2C18B22&dmnchg=1; ak_bmsc=2A9335954D3F56E8581EF560E67280CB~000000000000000000000000000000~YAAQhsJkX5eApu2TAQAAQ+eN/RpUqnTT3y0DuOK4JGYnvggFsOXTypTxjSCS2H/QHcqS5/tt98eklF8q24NGXIrzGoufZex6A1fFaYI0HtCXNAmQuV1svccr7m0EXvJ3VvliO+T1k61J9zAUzKtvK2aFs+ul2wAp1uSxNBsiIbRqpqM21hvia0At3e0RLJ7oOrbVsPPZhWTy7+l4ng/bARBf2Hwh2Ap9CsYKoENVXG7Icivuznsh1z4QWy7x5jhQ5Twh6GJQWj3Cg93jzNv5+Rs3xceCOyquicxIYQLJl7UKGsyFt8bjgA/kFCSH4lUnNfL6QPoIcGDmvCsT7fakphMixxP8B6mS1w3OGaqmpzjdjZwbF8wiVNy9Hx2soDk=; SRCHUSR=DOB=20241225&T=1735125755000; SRCHHPGUSR=SRCHLANG=en&HV=1735125756&DM=0&NTWKTYP=4g&BRW=M&BRH=S&CW=1280&CH=601&SCW=1263&SCH=1983&DPR=1.0&UTC=0&PV=10.0&EXLTT=1

Response

HTTP/1.1 200 OK

Last-Modified: Thu, 14 Nov 2024 09:47:19 GMT
ETag: 0x8DD049154F07299
Content-Length: 1398
Content-Type: text/css
Content-Encoding: br
Content-MD5: NofJ2ogm1ql4F5yP50D1ug==
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: bc378039-501e-004d-4abc-362c72000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Akamai-GRN: 0.b5777b5c.1731634704.b6f4e76
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
Cache-Control: public, no-transform, max-age=38969
Expires: Wed, 25 Dec 2024 22:12:09 GMT
Date: Wed, 25 Dec 2024 11:22:40 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.98c2645f.1735125760.2bc11e55
Timing-Allow-Origin: *
GET

https://r.bing.com/rp/5-y8FBmAkXLBZZghI-X94CRnsqg.br.css

msedge.exe

Remote address:

95.100.195.189:443

Request

GET /rp/5-y8FBmAkXLBZZghI-X94CRnsqg.br.css HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept: text/css,*/*;q=0.1
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: style
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=2338596C739167DE37764C0C725866D5; _EDGE_S=F=1&SID=1237EDD3F7EE629C1C5CF8B3F6276339; _EDGE_V=1; USRLOC=HS=1; _SS=PC=U531&SID=1237EDD3F7EE629C1C5CF8B3F6276339; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=2D3226E919DD4358A046111CD2C18B22&dmnchg=1; ak_bmsc=2A9335954D3F56E8581EF560E67280CB~000000000000000000000000000000~YAAQhsJkX5eApu2TAQAAQ+eN/RpUqnTT3y0DuOK4JGYnvggFsOXTypTxjSCS2H/QHcqS5/tt98eklF8q24NGXIrzGoufZex6A1fFaYI0HtCXNAmQuV1svccr7m0EXvJ3VvliO+T1k61J9zAUzKtvK2aFs+ul2wAp1uSxNBsiIbRqpqM21hvia0At3e0RLJ7oOrbVsPPZhWTy7+l4ng/bARBf2Hwh2Ap9CsYKoENVXG7Icivuznsh1z4QWy7x5jhQ5Twh6GJQWj3Cg93jzNv5+Rs3xceCOyquicxIYQLJl7UKGsyFt8bjgA/kFCSH4lUnNfL6QPoIcGDmvCsT7fakphMixxP8B6mS1w3OGaqmpzjdjZwbF8wiVNy9Hx2soDk=; SRCHUSR=DOB=20241225&T=1735125755000; _C_ETH=1; SRCHHPGUSR=SRCHLANG=en&HV=1735125759&DM=0&NTWKTYP=4g&BRW=M&BRH=S&CW=1280&CH=601&SCW=1263&SCH=1983&DPR=1.0&UTC=0&PV=10.0

Response

HTTP/1.1 200 OK

Last-Modified: Mon, 14 Oct 2024 19:40:29 GMT
ETag: 0x8DCEC880F396E3D
Akamai-GRN: 0.53ba1302.1730232551.17accbb6
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
Content-Type: text/css
Content-MD5: Twb1SQrgn66TMkCHmLv8IQ==
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 83142a0a-b01e-006e-6f86-1e43b9000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Content-Length: 301
Cache-Control: public, no-transform, max-age=379907
Expires: Sun, 29 Dec 2024 20:54:27 GMT
Date: Wed, 25 Dec 2024 11:22:40 GMT
Connection: keep-alive
Vary: Accept-Encoding
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.98c2645f.1735125760.2bc12f2f
Timing-Allow-Origin: *
GET

https://r.bing.com/rp/4L4QdyjTv0HYE2Ig2ol9eYoqxg8.svg

msedge.exe

Remote address:

95.100.195.189:443

Request

GET /rp/4L4QdyjTv0HYE2Ig2ol9eYoqxg8.svg HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=2338596C739167DE37764C0C725866D5; _EDGE_S=F=1&SID=1237EDD3F7EE629C1C5CF8B3F6276339; _EDGE_V=1; USRLOC=HS=1; _SS=PC=U531&SID=1237EDD3F7EE629C1C5CF8B3F6276339; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=2D3226E919DD4358A046111CD2C18B22&dmnchg=1; ak_bmsc=2A9335954D3F56E8581EF560E67280CB~000000000000000000000000000000~YAAQhsJkX5eApu2TAQAAQ+eN/RpUqnTT3y0DuOK4JGYnvggFsOXTypTxjSCS2H/QHcqS5/tt98eklF8q24NGXIrzGoufZex6A1fFaYI0HtCXNAmQuV1svccr7m0EXvJ3VvliO+T1k61J9zAUzKtvK2aFs+ul2wAp1uSxNBsiIbRqpqM21hvia0At3e0RLJ7oOrbVsPPZhWTy7+l4ng/bARBf2Hwh2Ap9CsYKoENVXG7Icivuznsh1z4QWy7x5jhQ5Twh6GJQWj3Cg93jzNv5+Rs3xceCOyquicxIYQLJl7UKGsyFt8bjgA/kFCSH4lUnNfL6QPoIcGDmvCsT7fakphMixxP8B6mS1w3OGaqmpzjdjZwbF8wiVNy9Hx2soDk=; SRCHUSR=DOB=20241225&T=1735125755000; _C_ETH=1; SRCHHPGUSR=SRCHLANG=en&HV=1735125759&DM=0&NTWKTYP=4g&BRW=M&BRH=S&CW=1280&CH=601&SCW=1263&SCH=1983&DPR=1.0&UTC=0&PV=10.0

Response

HTTP/1.1 200 OK

Content-Length: 1101
Content-Type: image/svg+xml
Content-MD5: kc0Rz8ymXPrOlhUyaNcfYw==
Last-Modified: Mon, 14 Oct 2024 19:38:51 GMT
ETag: 0x8DCEC87D4AE1626
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 0ea44374-101e-0027-48dc-2570d9000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=416686
Expires: Mon, 30 Dec 2024 07:07:27 GMT
Date: Wed, 25 Dec 2024 11:22:41 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.98c2645f.1735125761.2bc13069
Timing-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/hx-eea1zqtCz4K0bW2uH_oN7Fs4.jpg

msedge.exe

Remote address:

95.100.195.189:443

Request

GET /rp/hx-eea1zqtCz4K0bW2uH_oN7Fs4.jpg HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=2338596C739167DE37764C0C725866D5; _EDGE_S=F=1&SID=1237EDD3F7EE629C1C5CF8B3F6276339; _EDGE_V=1; USRLOC=HS=1; _SS=PC=U531&SID=1237EDD3F7EE629C1C5CF8B3F6276339; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=2D3226E919DD4358A046111CD2C18B22&dmnchg=1; ak_bmsc=2A9335954D3F56E8581EF560E67280CB~000000000000000000000000000000~YAAQhsJkX5eApu2TAQAAQ+eN/RpUqnTT3y0DuOK4JGYnvggFsOXTypTxjSCS2H/QHcqS5/tt98eklF8q24NGXIrzGoufZex6A1fFaYI0HtCXNAmQuV1svccr7m0EXvJ3VvliO+T1k61J9zAUzKtvK2aFs+ul2wAp1uSxNBsiIbRqpqM21hvia0At3e0RLJ7oOrbVsPPZhWTy7+l4ng/bARBf2Hwh2Ap9CsYKoENVXG7Icivuznsh1z4QWy7x5jhQ5Twh6GJQWj3Cg93jzNv5+Rs3xceCOyquicxIYQLJl7UKGsyFt8bjgA/kFCSH4lUnNfL6QPoIcGDmvCsT7fakphMixxP8B6mS1w3OGaqmpzjdjZwbF8wiVNy9Hx2soDk=; SRCHUSR=DOB=20241225&T=1735125755000; _C_ETH=1; SRCHHPGUSR=SRCHLANG=en&HV=1735125759&DM=0&NTWKTYP=4g&BRW=M&BRH=S&CW=1280&CH=601&SCW=1263&SCH=1983&DPR=1.0&UTC=0&PV=10.0

Response

HTTP/1.1 200 OK

Last-Modified: Tue, 24 Sep 2024 06:49:39 GMT
ETag: 0x8DCDC650FC3D927
Content-Length: 3791
Content-Type: image/jpeg
Content-MD5: KZpHmi9/HzDQlUXKjMXRYg==
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 10c61bf0-e01e-0039-04d1-15aa34000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=139610
Expires: Fri, 27 Dec 2024 02:09:31 GMT
Date: Wed, 25 Dec 2024 11:22:41 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.98c2645f.1735125761.2bc13182
Timing-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/lvCKZ07bEYtoYmY62ifMzVa0RIE.jpg

msedge.exe

Remote address:

95.100.195.189:443

Request

GET /rp/lvCKZ07bEYtoYmY62ifMzVa0RIE.jpg HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=2338596C739167DE37764C0C725866D5; _EDGE_S=F=1&SID=1237EDD3F7EE629C1C5CF8B3F6276339; _EDGE_V=1; USRLOC=HS=1; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=2D3226E919DD4358A046111CD2C18B22&dmnchg=1; ak_bmsc=2A9335954D3F56E8581EF560E67280CB~000000000000000000000000000000~YAAQhsJkX5eApu2TAQAAQ+eN/RpUqnTT3y0DuOK4JGYnvggFsOXTypTxjSCS2H/QHcqS5/tt98eklF8q24NGXIrzGoufZex6A1fFaYI0HtCXNAmQuV1svccr7m0EXvJ3VvliO+T1k61J9zAUzKtvK2aFs+ul2wAp1uSxNBsiIbRqpqM21hvia0At3e0RLJ7oOrbVsPPZhWTy7+l4ng/bARBf2Hwh2Ap9CsYKoENVXG7Icivuznsh1z4QWy7x5jhQ5Twh6GJQWj3Cg93jzNv5+Rs3xceCOyquicxIYQLJl7UKGsyFt8bjgA/kFCSH4lUnNfL6QPoIcGDmvCsT7fakphMixxP8B6mS1w3OGaqmpzjdjZwbF8wiVNy9Hx2soDk=; SRCHUSR=DOB=20241225&T=1735125755000; _C_ETH=1; SRCHHPGUSR=SRCHLANG=en&HV=1735125759&DM=0&NTWKTYP=4g&BRW=M&BRH=S&CW=1280&CH=601&SCW=1263&SCH=1983&DPR=1.0&UTC=0&PV=10.0; _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-12-25T08:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-12-25T11:22:41.1737217+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _Rwho=u=d&ts=2024-12-25; _SS=PC=U531&SID=1237EDD3F7EE629C1C5CF8B3F6276339&R=3&RB=0&GB=0&RG=200&RP=0

Response

HTTP/1.1 200 OK

Last-Modified: Tue, 24 Sep 2024 06:55:56 GMT
ETag: 0x8DCDC65F09D13C1
Content-Length: 5944
Content-Type: image/jpeg
Content-MD5: 9ucNopg0mtlCFfC0podQNw==
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: ab6448f5-c01e-0025-6b21-187223000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=187337
Expires: Fri, 27 Dec 2024 15:24:58 GMT
Date: Wed, 25 Dec 2024 11:22:41 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.98c2645f.1735125761.2bc1325b
Timing-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rb/5W/cc,nc/VsGd7ArAkRnLu5ZjSEmDdBRJ3AE.css?bu=IGhouwuXD2iyD5oQ4BP_E5sUaGiMFoEf7SFozCaTLGhouCTRBdQFaDicAZwEaM9Ei0VoaA&or=w

msedge.exe

Remote address:

95.100.195.189:443

Request

GET /rb/5W/cc,nc/VsGd7ArAkRnLu5ZjSEmDdBRJ3AE.css?bu=IGhouwuXD2iyD5oQ4BP_E5sUaGiMFoEf7SFozCaTLGhouCTRBdQFaDicAZwEaM9Ei0VoaA&or=w HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept: text/css,*/*;q=0.1
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: style
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=2338596C739167DE37764C0C725866D5; _EDGE_S=F=1&SID=1237EDD3F7EE629C1C5CF8B3F6276339; _EDGE_V=1; USRLOC=HS=1; _SS=PC=U531&SID=1237EDD3F7EE629C1C5CF8B3F6276339; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=2D3226E919DD4358A046111CD2C18B22&dmnchg=1; SRCHUSR=DOB=20241225; SRCHHPGUSR=SRCHLANG=en; ak_bmsc=2A9335954D3F56E8581EF560E67280CB~000000000000000000000000000000~YAAQhsJkX5eApu2TAQAAQ+eN/RpUqnTT3y0DuOK4JGYnvggFsOXTypTxjSCS2H/QHcqS5/tt98eklF8q24NGXIrzGoufZex6A1fFaYI0HtCXNAmQuV1svccr7m0EXvJ3VvliO+T1k61J9zAUzKtvK2aFs+ul2wAp1uSxNBsiIbRqpqM21hvia0At3e0RLJ7oOrbVsPPZhWTy7+l4ng/bARBf2Hwh2Ap9CsYKoENVXG7Icivuznsh1z4QWy7x5jhQ5Twh6GJQWj3Cg93jzNv5+Rs3xceCOyquicxIYQLJl7UKGsyFt8bjgA/kFCSH4lUnNfL6QPoIcGDmvCsT7fakphMixxP8B6mS1w3OGaqmpzjdjZwbF8wiVNy9Hx2soDk=

Response

HTTP/1.1 200 OK

Content-Length: 6431
Content-Type: text/css; charset=utf-8
Server: Kestrel
Access-Control-Allow-Headers: *
Access-Control-Allow-Origin: *
Content-Encoding: br
Last-Modified: Wed, 13 Oct 2010 11:37:36 GMT
X-EventID: 6763744cb003461492fbdef9e54a7699
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, ECT, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
UserAgentReductionOptOut: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
X-AS-InstrumentationOptions: AppServerLoggingMaster=1
X-AS-MACHINENAME: DUBEEAP0000E082
X-AS-SuppressSetCookie: 1
Content-Security-Policy: script-src https: 'strict-dynamic' 'report-sample' 'wasm-unsafe-eval' 'nonce-5Wa8r1+Mss2YT0xylAvHXEi+3NVZ5WOzriYJxKwJCKw='; base-uri 'self';report-to csp-endpoint
Report-To: {"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
Report-To: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingrms"}]}
cross-origin-resource-policy: cross-origin
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.75}
Cache-Control: public, max-age=179242
Expires: Fri, 27 Dec 2024 13:09:58 GMT
Date: Wed, 25 Dec 2024 11:22:36 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.9cc2645f.1735125756.2f4ab29a
Timing-Allow-Origin: *
GET

https://r.bing.com/rp/8hd1-XgnZ26SnhiiMN_GgejYN8w.br.css

msedge.exe

Remote address:

95.100.195.189:443

Request

GET /rp/8hd1-XgnZ26SnhiiMN_GgejYN8w.br.css HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept: text/css,*/*;q=0.1
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: style
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=2338596C739167DE37764C0C725866D5; _EDGE_S=F=1&SID=1237EDD3F7EE629C1C5CF8B3F6276339; _EDGE_V=1; USRLOC=HS=1; _SS=PC=U531&SID=1237EDD3F7EE629C1C5CF8B3F6276339; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=2D3226E919DD4358A046111CD2C18B22&dmnchg=1; SRCHUSR=DOB=20241225; SRCHHPGUSR=SRCHLANG=en; ak_bmsc=2A9335954D3F56E8581EF560E67280CB~000000000000000000000000000000~YAAQhsJkX5eApu2TAQAAQ+eN/RpUqnTT3y0DuOK4JGYnvggFsOXTypTxjSCS2H/QHcqS5/tt98eklF8q24NGXIrzGoufZex6A1fFaYI0HtCXNAmQuV1svccr7m0EXvJ3VvliO+T1k61J9zAUzKtvK2aFs+ul2wAp1uSxNBsiIbRqpqM21hvia0At3e0RLJ7oOrbVsPPZhWTy7+l4ng/bARBf2Hwh2Ap9CsYKoENVXG7Icivuznsh1z4QWy7x5jhQ5Twh6GJQWj3Cg93jzNv5+Rs3xceCOyquicxIYQLJl7UKGsyFt8bjgA/kFCSH4lUnNfL6QPoIcGDmvCsT7fakphMixxP8B6mS1w3OGaqmpzjdjZwbF8wiVNy9Hx2soDk=

Response

HTTP/1.1 200 OK

Last-Modified: Tue, 24 Sep 2024 05:53:58 GMT
ETag: 0x8DCDC5D48950ED2
Content-Length: 75
Content-Type: text/css
Content-Encoding: br
Content-MD5: 2luF31/cu57H/qpO9PIHtw==
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: e7488a57-a01e-0071-0571-1998a9000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Akamai-GRN: 0.9b777b5c.1731424482.bbd2c1
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
Cache-Control: public, no-transform, max-age=84841
Expires: Thu, 26 Dec 2024 10:56:37 GMT
Date: Wed, 25 Dec 2024 11:22:36 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.9cc2645f.1735125756.2f4ab29e
Timing-Allow-Origin: *
GET

https://r.bing.com/rp/7APrwFbw1Ly9Oc0nCuyUM30nTqM.br.css

msedge.exe

Remote address:

95.100.195.189:443

Request

GET /rp/7APrwFbw1Ly9Oc0nCuyUM30nTqM.br.css HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept: text/css,*/*;q=0.1
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: style
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=2338596C739167DE37764C0C725866D5; _EDGE_S=F=1&SID=1237EDD3F7EE629C1C5CF8B3F6276339; _EDGE_V=1; USRLOC=HS=1; _SS=PC=U531&SID=1237EDD3F7EE629C1C5CF8B3F6276339; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=2D3226E919DD4358A046111CD2C18B22&dmnchg=1; SRCHUSR=DOB=20241225; SRCHHPGUSR=SRCHLANG=en; ak_bmsc=2A9335954D3F56E8581EF560E67280CB~000000000000000000000000000000~YAAQhsJkX5eApu2TAQAAQ+eN/RpUqnTT3y0DuOK4JGYnvggFsOXTypTxjSCS2H/QHcqS5/tt98eklF8q24NGXIrzGoufZex6A1fFaYI0HtCXNAmQuV1svccr7m0EXvJ3VvliO+T1k61J9zAUzKtvK2aFs+ul2wAp1uSxNBsiIbRqpqM21hvia0At3e0RLJ7oOrbVsPPZhWTy7+l4ng/bARBf2Hwh2Ap9CsYKoENVXG7Icivuznsh1z4QWy7x5jhQ5Twh6GJQWj3Cg93jzNv5+Rs3xceCOyquicxIYQLJl7UKGsyFt8bjgA/kFCSH4lUnNfL6QPoIcGDmvCsT7fakphMixxP8B6mS1w3OGaqmpzjdjZwbF8wiVNy9Hx2soDk=

Response

HTTP/1.1 200 OK

Last-Modified: Tue, 24 Sep 2024 05:51:12 GMT
ETag: 0x8DCDC5CE5BDA9CE
Content-Length: 244
Content-Type: text/css
Content-Encoding: br
Content-MD5: U59d6xcASULZxenJXCkeFw==
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: d5424b97-501e-0020-2807-17865c000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Akamai-GRN: 0.94777b5c.1734462708.753021
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
Cache-Control: public, no-transform, max-age=83249
Expires: Thu, 26 Dec 2024 10:30:05 GMT
Date: Wed, 25 Dec 2024 11:22:36 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.9cc2645f.1735125756.2f4ab387
Timing-Allow-Origin: *
GET

https://r.bing.com/rp/4ZTaLaL7iv-7hReOFdLM6qYIq8c.br.css

msedge.exe

Remote address:

95.100.195.189:443

Request

GET /rp/4ZTaLaL7iv-7hReOFdLM6qYIq8c.br.css HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept: text/css,*/*;q=0.1
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: style
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=2338596C739167DE37764C0C725866D5; _EDGE_S=F=1&SID=1237EDD3F7EE629C1C5CF8B3F6276339; _EDGE_V=1; USRLOC=HS=1; _SS=PC=U531&SID=1237EDD3F7EE629C1C5CF8B3F6276339; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=2D3226E919DD4358A046111CD2C18B22&dmnchg=1; SRCHUSR=DOB=20241225; SRCHHPGUSR=SRCHLANG=en; ak_bmsc=2A9335954D3F56E8581EF560E67280CB~000000000000000000000000000000~YAAQhsJkX5eApu2TAQAAQ+eN/RpUqnTT3y0DuOK4JGYnvggFsOXTypTxjSCS2H/QHcqS5/tt98eklF8q24NGXIrzGoufZex6A1fFaYI0HtCXNAmQuV1svccr7m0EXvJ3VvliO+T1k61J9zAUzKtvK2aFs+ul2wAp1uSxNBsiIbRqpqM21hvia0At3e0RLJ7oOrbVsPPZhWTy7+l4ng/bARBf2Hwh2Ap9CsYKoENVXG7Icivuznsh1z4QWy7x5jhQ5Twh6GJQWj3Cg93jzNv5+Rs3xceCOyquicxIYQLJl7UKGsyFt8bjgA/kFCSH4lUnNfL6QPoIcGDmvCsT7fakphMixxP8B6mS1w3OGaqmpzjdjZwbF8wiVNy9Hx2soDk=

Response

HTTP/1.1 200 OK

Last-Modified: Tue, 05 Nov 2024 01:29:41 GMT
ETag: 0x8DCFD39522928D1
Content-Length: 362
Content-Type: text/css
Content-Encoding: br
Content-MD5: Xjmo1X1lDhtxh1nvEnwCqQ==
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: b9a9bd58-901e-0072-244c-2f9bae000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Akamai-GRN: 0.a5777b5c.1730797317.18aedaf8
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
Cache-Control: public, no-transform, max-age=250298
Expires: Sat, 28 Dec 2024 08:54:14 GMT
Date: Wed, 25 Dec 2024 11:22:36 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.9cc2645f.1735125756.2f4ab459
Timing-Allow-Origin: *
GET

https://r.bing.com/rp/eeGCipqheoe_uezlnNy3LLj5EpM.br.css

msedge.exe

Remote address:

95.100.195.189:443

Request

GET /rp/eeGCipqheoe_uezlnNy3LLj5EpM.br.css HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept: text/css,*/*;q=0.1
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: style
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=2338596C739167DE37764C0C725866D5; _EDGE_S=F=1&SID=1237EDD3F7EE629C1C5CF8B3F6276339; _EDGE_V=1; USRLOC=HS=1; _SS=PC=U531&SID=1237EDD3F7EE629C1C5CF8B3F6276339; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=2D3226E919DD4358A046111CD2C18B22&dmnchg=1; SRCHUSR=DOB=20241225; SRCHHPGUSR=SRCHLANG=en; ak_bmsc=2A9335954D3F56E8581EF560E67280CB~000000000000000000000000000000~YAAQhsJkX5eApu2TAQAAQ+eN/RpUqnTT3y0DuOK4JGYnvggFsOXTypTxjSCS2H/QHcqS5/tt98eklF8q24NGXIrzGoufZex6A1fFaYI0HtCXNAmQuV1svccr7m0EXvJ3VvliO+T1k61J9zAUzKtvK2aFs+ul2wAp1uSxNBsiIbRqpqM21hvia0At3e0RLJ7oOrbVsPPZhWTy7+l4ng/bARBf2Hwh2Ap9CsYKoENVXG7Icivuznsh1z4QWy7x5jhQ5Twh6GJQWj3Cg93jzNv5+Rs3xceCOyquicxIYQLJl7UKGsyFt8bjgA/kFCSH4lUnNfL6QPoIcGDmvCsT7fakphMixxP8B6mS1w3OGaqmpzjdjZwbF8wiVNy9Hx2soDk=

Response

HTTP/1.1 200 OK

Last-Modified: Tue, 24 Sep 2024 06:44:54 GMT
ETag: 0x8DCDC6465F0050B
Content-Length: 193
Content-Type: text/css
Content-Encoding: br
Content-MD5: IPHHEn9JEjMo2zYpXrkcQA==
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: a6e679b7-001e-0038-0b6d-16abc9000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Akamai-GRN: 0.b7777b5c.1730132817.1e2cc57c
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
Cache-Control: public, no-transform, max-age=383201
Expires: Sun, 29 Dec 2024 21:49:17 GMT
Date: Wed, 25 Dec 2024 11:22:36 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.9cc2645f.1735125756.2f4ab557
Timing-Allow-Origin: *
GET

https://r.bing.com/rp/d1CTdFN2PzYdPJfj02hT834p0CA.br.css

msedge.exe

Remote address:

95.100.195.189:443

Request

GET /rp/d1CTdFN2PzYdPJfj02hT834p0CA.br.css HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept: text/css,*/*;q=0.1
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: style
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=2338596C739167DE37764C0C725866D5; _EDGE_S=F=1&SID=1237EDD3F7EE629C1C5CF8B3F6276339; _EDGE_V=1; USRLOC=HS=1; _SS=PC=U531&SID=1237EDD3F7EE629C1C5CF8B3F6276339; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=2D3226E919DD4358A046111CD2C18B22&dmnchg=1; SRCHUSR=DOB=20241225; SRCHHPGUSR=SRCHLANG=en; ak_bmsc=2A9335954D3F56E8581EF560E67280CB~000000000000000000000000000000~YAAQhsJkX5eApu2TAQAAQ+eN/RpUqnTT3y0DuOK4JGYnvggFsOXTypTxjSCS2H/QHcqS5/tt98eklF8q24NGXIrzGoufZex6A1fFaYI0HtCXNAmQuV1svccr7m0EXvJ3VvliO+T1k61J9zAUzKtvK2aFs+ul2wAp1uSxNBsiIbRqpqM21hvia0At3e0RLJ7oOrbVsPPZhWTy7+l4ng/bARBf2Hwh2Ap9CsYKoENVXG7Icivuznsh1z4QWy7x5jhQ5Twh6GJQWj3Cg93jzNv5+Rs3xceCOyquicxIYQLJl7UKGsyFt8bjgA/kFCSH4lUnNfL6QPoIcGDmvCsT7fakphMixxP8B6mS1w3OGaqmpzjdjZwbF8wiVNy9Hx2soDk=

Response

HTTP/1.1 200 OK

Last-Modified: Tue, 24 Sep 2024 06:42:37 GMT
ETag: 0x8DCDC641454C744
Content-Length: 65
Content-Type: text/css
Content-Encoding: br
Content-MD5: Lp41RtKlF+oNsu3kLm8fTg==
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 28c113fe-d01e-005c-46ec-1e1b69000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=344637
Expires: Sun, 29 Dec 2024 11:06:34 GMT
Date: Wed, 25 Dec 2024 11:22:37 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.9cc2645f.1735125757.2f4ab5fe
Timing-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/P38DWK7Xtu4-1AEqPvXltg-NJaE.br.css

msedge.exe

Remote address:

95.100.195.189:443

Request

GET /rp/P38DWK7Xtu4-1AEqPvXltg-NJaE.br.css HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept: text/css,*/*;q=0.1
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: style
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=2338596C739167DE37764C0C725866D5; _EDGE_S=F=1&SID=1237EDD3F7EE629C1C5CF8B3F6276339; _EDGE_V=1; USRLOC=HS=1; _SS=PC=U531&SID=1237EDD3F7EE629C1C5CF8B3F6276339; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=2D3226E919DD4358A046111CD2C18B22&dmnchg=1; SRCHUSR=DOB=20241225; SRCHHPGUSR=SRCHLANG=en; ak_bmsc=2A9335954D3F56E8581EF560E67280CB~000000000000000000000000000000~YAAQhsJkX5eApu2TAQAAQ+eN/RpUqnTT3y0DuOK4JGYnvggFsOXTypTxjSCS2H/QHcqS5/tt98eklF8q24NGXIrzGoufZex6A1fFaYI0HtCXNAmQuV1svccr7m0EXvJ3VvliO+T1k61J9zAUzKtvK2aFs+ul2wAp1uSxNBsiIbRqpqM21hvia0At3e0RLJ7oOrbVsPPZhWTy7+l4ng/bARBf2Hwh2Ap9CsYKoENVXG7Icivuznsh1z4QWy7x5jhQ5Twh6GJQWj3Cg93jzNv5+Rs3xceCOyquicxIYQLJl7UKGsyFt8bjgA/kFCSH4lUnNfL6QPoIcGDmvCsT7fakphMixxP8B6mS1w3OGaqmpzjdjZwbF8wiVNy9Hx2soDk=

Response

HTTP/1.1 200 OK

Last-Modified: Wed, 11 Dec 2024 05:09:20 GMT
ETag: 0x8DD19A1F86BF707
Content-Length: 641
Content-Type: text/css
Content-Encoding: br
Content-MD5: gmU/3VNp0Ym70OCUeJKGBA==
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 0de78cc9-f01e-0069-61fc-4bb53c000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Akamai-GRN: 0.b7901002.1733961488.19f5b747
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
Cache-Control: public, no-transform, max-age=55442
Expires: Thu, 26 Dec 2024 02:46:39 GMT
Date: Wed, 25 Dec 2024 11:22:37 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.9cc2645f.1735125757.2f4ab726
Timing-Allow-Origin: *
GET

https://r.bing.com/rp/9QVAd0uprTCf6QvhFRBK-cLsJ44.br.css

msedge.exe

Remote address:

95.100.195.189:443

Request

GET /rp/9QVAd0uprTCf6QvhFRBK-cLsJ44.br.css HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept: text/css,*/*;q=0.1
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: style
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=2338596C739167DE37764C0C725866D5; _EDGE_S=F=1&SID=1237EDD3F7EE629C1C5CF8B3F6276339; _EDGE_V=1; USRLOC=HS=1; _SS=PC=U531&SID=1237EDD3F7EE629C1C5CF8B3F6276339; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=2D3226E919DD4358A046111CD2C18B22&dmnchg=1; SRCHUSR=DOB=20241225; SRCHHPGUSR=SRCHLANG=en; ak_bmsc=2A9335954D3F56E8581EF560E67280CB~000000000000000000000000000000~YAAQhsJkX5eApu2TAQAAQ+eN/RpUqnTT3y0DuOK4JGYnvggFsOXTypTxjSCS2H/QHcqS5/tt98eklF8q24NGXIrzGoufZex6A1fFaYI0HtCXNAmQuV1svccr7m0EXvJ3VvliO+T1k61J9zAUzKtvK2aFs+ul2wAp1uSxNBsiIbRqpqM21hvia0At3e0RLJ7oOrbVsPPZhWTy7+l4ng/bARBf2Hwh2Ap9CsYKoENVXG7Icivuznsh1z4QWy7x5jhQ5Twh6GJQWj3Cg93jzNv5+Rs3xceCOyquicxIYQLJl7UKGsyFt8bjgA/kFCSH4lUnNfL6QPoIcGDmvCsT7fakphMixxP8B6mS1w3OGaqmpzjdjZwbF8wiVNy9Hx2soDk=

Response

HTTP/1.1 200 OK

Last-Modified: Tue, 24 Sep 2024 05:54:58 GMT
ETag: 0x8DCDC5D6C01D24A
Content-Length: 128
Content-Type: text/css
Content-Encoding: br
Content-MD5: 7oi8QzDYA9q2BYjZVfOFdg==
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 2bffd49e-b01e-004c-6696-1c2d8f000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Akamai-GRN: 0.4c1a1202.1730016279.d4594914
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
Cache-Control: public, no-transform, max-age=372204
Expires: Sun, 29 Dec 2024 18:46:01 GMT
Date: Wed, 25 Dec 2024 11:22:37 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.9cc2645f.1735125757.2f4ab7f6
Timing-Allow-Origin: *
GET

https://r.bing.com/rp/Sup-zKprBXap74esHIEtHpeXnfE.br.css

msedge.exe

Remote address:

95.100.195.189:443

Request

GET /rp/Sup-zKprBXap74esHIEtHpeXnfE.br.css HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept: text/css,*/*;q=0.1
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: style
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=2338596C739167DE37764C0C725866D5; _EDGE_S=F=1&SID=1237EDD3F7EE629C1C5CF8B3F6276339; _EDGE_V=1; USRLOC=HS=1; _SS=PC=U531&SID=1237EDD3F7EE629C1C5CF8B3F6276339; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=2D3226E919DD4358A046111CD2C18B22&dmnchg=1; SRCHUSR=DOB=20241225; SRCHHPGUSR=SRCHLANG=en; ak_bmsc=2A9335954D3F56E8581EF560E67280CB~000000000000000000000000000000~YAAQhsJkX5eApu2TAQAAQ+eN/RpUqnTT3y0DuOK4JGYnvggFsOXTypTxjSCS2H/QHcqS5/tt98eklF8q24NGXIrzGoufZex6A1fFaYI0HtCXNAmQuV1svccr7m0EXvJ3VvliO+T1k61J9zAUzKtvK2aFs+ul2wAp1uSxNBsiIbRqpqM21hvia0At3e0RLJ7oOrbVsPPZhWTy7+l4ng/bARBf2Hwh2Ap9CsYKoENVXG7Icivuznsh1z4QWy7x5jhQ5Twh6GJQWj3Cg93jzNv5+Rs3xceCOyquicxIYQLJl7UKGsyFt8bjgA/kFCSH4lUnNfL6QPoIcGDmvCsT7fakphMixxP8B6mS1w3OGaqmpzjdjZwbF8wiVNy9Hx2soDk=

Response

HTTP/1.1 200 OK

Last-Modified: Tue, 24 Sep 2024 06:25:22 GMT
ETag: 0x8DCDC61AB82CBA9
Content-Length: 209
Content-Type: text/css
Content-Encoding: br
Content-MD5: DnFuRpje8XuxZ0GXQ+B5Uw==
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 67eaf8d9-801e-000b-5f8e-18f2e4000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=78339
Expires: Thu, 26 Dec 2024 09:08:16 GMT
Date: Wed, 25 Dec 2024 11:22:37 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.9cc2645f.1735125757.2f4ab89b
Timing-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/zpz9mUu6xFDGIytYv1oooVE8Jzg.br.css

msedge.exe

Remote address:

95.100.195.189:443

Request

GET /rp/zpz9mUu6xFDGIytYv1oooVE8Jzg.br.css HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept: text/css,*/*;q=0.1
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: style
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=2338596C739167DE37764C0C725866D5; _EDGE_S=F=1&SID=1237EDD3F7EE629C1C5CF8B3F6276339; _EDGE_V=1; USRLOC=HS=1; _SS=PC=U531&SID=1237EDD3F7EE629C1C5CF8B3F6276339; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=2D3226E919DD4358A046111CD2C18B22&dmnchg=1; SRCHUSR=DOB=20241225; SRCHHPGUSR=SRCHLANG=en; ak_bmsc=2A9335954D3F56E8581EF560E67280CB~000000000000000000000000000000~YAAQhsJkX5eApu2TAQAAQ+eN/RpUqnTT3y0DuOK4JGYnvggFsOXTypTxjSCS2H/QHcqS5/tt98eklF8q24NGXIrzGoufZex6A1fFaYI0HtCXNAmQuV1svccr7m0EXvJ3VvliO+T1k61J9zAUzKtvK2aFs+ul2wAp1uSxNBsiIbRqpqM21hvia0At3e0RLJ7oOrbVsPPZhWTy7+l4ng/bARBf2Hwh2Ap9CsYKoENVXG7Icivuznsh1z4QWy7x5jhQ5Twh6GJQWj3Cg93jzNv5+Rs3xceCOyquicxIYQLJl7UKGsyFt8bjgA/kFCSH4lUnNfL6QPoIcGDmvCsT7fakphMixxP8B6mS1w3OGaqmpzjdjZwbF8wiVNy9Hx2soDk=

Response

HTTP/1.1 200 OK

Last-Modified: Fri, 13 Dec 2024 06:10:50 GMT
ETag: 0x8DD1B3CE4EFBDBA
Content-Length: 150
Content-Type: text/css
Content-Encoding: br
Content-MD5: F11DaIa66ZrGM0OTmA12OQ==
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 5e53eb91-201e-002f-5b5e-4e6baa000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Akamai-GRN: 0.7757dd58.1734205598.ae497f3
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
Cache-Control: public, no-transform, max-age=289971
Expires: Sat, 28 Dec 2024 19:55:28 GMT
Date: Wed, 25 Dec 2024 11:22:37 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.9cc2645f.1735125757.2f4ab9b9
Timing-Allow-Origin: *
GET

https://r.bing.com/rp/kiGH9ukZK6Q4hvtDtwwVc1yvueg.svg

msedge.exe

Remote address:

95.100.195.189:443

Request

GET /rp/kiGH9ukZK6Q4hvtDtwwVc1yvueg.svg HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=2338596C739167DE37764C0C725866D5; _EDGE_S=F=1&SID=1237EDD3F7EE629C1C5CF8B3F6276339; _EDGE_V=1; USRLOC=HS=1; _SS=PC=U531&SID=1237EDD3F7EE629C1C5CF8B3F6276339; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=2D3226E919DD4358A046111CD2C18B22&dmnchg=1; ak_bmsc=2A9335954D3F56E8581EF560E67280CB~000000000000000000000000000000~YAAQhsJkX5eApu2TAQAAQ+eN/RpUqnTT3y0DuOK4JGYnvggFsOXTypTxjSCS2H/QHcqS5/tt98eklF8q24NGXIrzGoufZex6A1fFaYI0HtCXNAmQuV1svccr7m0EXvJ3VvliO+T1k61J9zAUzKtvK2aFs+ul2wAp1uSxNBsiIbRqpqM21hvia0At3e0RLJ7oOrbVsPPZhWTy7+l4ng/bARBf2Hwh2Ap9CsYKoENVXG7Icivuznsh1z4QWy7x5jhQ5Twh6GJQWj3Cg93jzNv5+Rs3xceCOyquicxIYQLJl7UKGsyFt8bjgA/kFCSH4lUnNfL6QPoIcGDmvCsT7fakphMixxP8B6mS1w3OGaqmpzjdjZwbF8wiVNy9Hx2soDk=; SRCHUSR=DOB=20241225&T=1735125755000; _C_ETH=1; SRCHHPGUSR=SRCHLANG=en&HV=1735125759&DM=0&NTWKTYP=4g&BRW=M&BRH=S&CW=1280&CH=601&SCW=1263&SCH=1983&DPR=1.0&UTC=0&PV=10.0

Response

HTTP/1.1 200 OK

Last-Modified: Tue, 24 Sep 2024 06:54:00 GMT
ETag: 0x8DCDC65AB4005D8
Content-Length: 1391
Content-Type: image/svg+xml
Content-MD5: YgWAZX6KRbSnuEULjaXNMg==
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 8c408869-201e-000d-6793-2a059c000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=339537
Expires: Sun, 29 Dec 2024 09:41:38 GMT
Date: Wed, 25 Dec 2024 11:22:41 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.9cc2645f.1735125761.2f4aba55
Timing-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/GJDmKr3_TS3Qpm6KEL9UKUQKUO4.jpg

msedge.exe

Remote address:

95.100.195.189:443

Request

GET /rp/GJDmKr3_TS3Qpm6KEL9UKUQKUO4.jpg HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=2338596C739167DE37764C0C725866D5; _EDGE_S=F=1&SID=1237EDD3F7EE629C1C5CF8B3F6276339; _EDGE_V=1; USRLOC=HS=1; _SS=PC=U531&SID=1237EDD3F7EE629C1C5CF8B3F6276339; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=2D3226E919DD4358A046111CD2C18B22&dmnchg=1; ak_bmsc=2A9335954D3F56E8581EF560E67280CB~000000000000000000000000000000~YAAQhsJkX5eApu2TAQAAQ+eN/RpUqnTT3y0DuOK4JGYnvggFsOXTypTxjSCS2H/QHcqS5/tt98eklF8q24NGXIrzGoufZex6A1fFaYI0HtCXNAmQuV1svccr7m0EXvJ3VvliO+T1k61J9zAUzKtvK2aFs+ul2wAp1uSxNBsiIbRqpqM21hvia0At3e0RLJ7oOrbVsPPZhWTy7+l4ng/bARBf2Hwh2Ap9CsYKoENVXG7Icivuznsh1z4QWy7x5jhQ5Twh6GJQWj3Cg93jzNv5+Rs3xceCOyquicxIYQLJl7UKGsyFt8bjgA/kFCSH4lUnNfL6QPoIcGDmvCsT7fakphMixxP8B6mS1w3OGaqmpzjdjZwbF8wiVNy9Hx2soDk=; SRCHUSR=DOB=20241225&T=1735125755000; _C_ETH=1; SRCHHPGUSR=SRCHLANG=en&HV=1735125759&DM=0&NTWKTYP=4g&BRW=M&BRH=S&CW=1280&CH=601&SCW=1263&SCH=1983&DPR=1.0&UTC=0&PV=10.0

Response

HTTP/1.1 200 OK

Last-Modified: Tue, 24 Sep 2024 06:05:48 GMT
ETag: 0x8DCDC5EEFB0049C
Content-Length: 6817
Content-Type: image/jpeg
Content-MD5: DEHuMbBOl4tIgtF2kPA6Og==
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 42a58b94-c01e-0048-0d59-17d80d000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=77704
Expires: Thu, 26 Dec 2024 08:57:45 GMT
Date: Wed, 25 Dec 2024 11:22:41 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.9cc2645f.1735125761.2f4ad08e
Timing-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/FIrq4n7XJcH-bxJlHvalz0nETAA.br.js

msedge.exe

Remote address:

95.100.195.189:443

Request

GET /rp/FIrq4n7XJcH-bxJlHvalz0nETAA.br.js HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
Origin: https://www.bing.com
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
DNT: 1
Accept: */*
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: script
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Last-Modified: Tue, 24 Sep 2024 06:04:39 GMT
ETag: 0x8DCDC5EC6BE02CE
Content-Length: 105
Content-Type: text/javascript; charset=utf-8
Content-Encoding: br
Content-MD5: oglWtvyLTVv5YmVMX1J+nQ==
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: a1a4ec5f-201e-000d-35ba-18059c000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Akamai-GRN: 0.9b777b5c.1730104655.13e43c15
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
Cache-Control: public, no-transform, max-age=205593
Expires: Fri, 27 Dec 2024 20:29:09 GMT
Date: Wed, 25 Dec 2024 11:22:36 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.9dc2645f.1735125756.5935b756
Timing-Allow-Origin: *
GET

https://r.bing.com/rp/4vmXcresDrXXGfYqCZnpE80tVj0.br.css

msedge.exe

Remote address:

95.100.195.189:443

Request

GET /rp/4vmXcresDrXXGfYqCZnpE80tVj0.br.css HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
Origin: https://www.bing.com
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
DNT: 1
Accept: application/signed-exchange;v=b3;q=0.9,*/*;q=0.8
Purpose: prefetch
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Last-Modified: Fri, 20 Dec 2024 08:56:29 GMT
ETag: 0x8DD20D43166A089
Content-Length: 5339
Content-Type: text/css
Content-Encoding: br
Content-MD5: zzcEGbOuEzSQVLd7kYp11Q==
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: efa37f0f-801e-0029-5014-539cd2000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Akamai-GRN: 0.adc2645f.1734741737.751827d
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
Cache-Control: public, no-transform, max-age=417514
Expires: Mon, 30 Dec 2024 07:21:11 GMT
Date: Wed, 25 Dec 2024 11:22:37 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.9dc2645f.1735125757.5935b75f
Timing-Allow-Origin: *
GET

https://r.bing.com/rp/cfKt7bw67nxWZkkgOIRReDE3rQI.br.js

msedge.exe

Remote address:

95.100.195.189:443

Request

GET /rp/cfKt7bw67nxWZkkgOIRReDE3rQI.br.js HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept: */*
Origin: https://www.bing.com
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Last-Modified: Thu, 10 Oct 2024 00:32:42 GMT
ETag: 0x8DCE8C30DC01669
Akamai-GRN: 0.87c2645f.1730444613.71f62c
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
Content-Type: text/javascript; charset=utf-8
Content-MD5: e7f/zlZuzAgnEk3uqGLnHQ==
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: a71cefa0-901e-0036-5409-1b47c2000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Content-Length: 264
Vary: Accept-Encoding
Cache-Control: public, no-transform, max-age=72618
Expires: Thu, 26 Dec 2024 07:32:56 GMT
Date: Wed, 25 Dec 2024 11:22:38 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.9dc2645f.1735125758.5935bf74
Timing-Allow-Origin: *
GET

https://r.bing.com/rp/AJF0byxTDIdetV3TqxY9v12oeN8.br.js

msedge.exe

Remote address:

95.100.195.189:443

Request

GET /rp/AJF0byxTDIdetV3TqxY9v12oeN8.br.js HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept: */*
Origin: https://www.bing.com
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Last-Modified: Tue, 24 Sep 2024 05:56:18 GMT
ETag: 0x8DCDC5D9C26EE90
Akamai-GRN: 0.9d777b5c.1730367735.e1bce79
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
Content-Length: 670
Content-Type: text/javascript; charset=utf-8
Content-Encoding: br
Content-MD5: 0PLdAGr2NYkg9nvkR9neRA==
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: c92a3c79-f01e-0069-11ad-16b53c000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=174818
Expires: Fri, 27 Dec 2024 11:56:16 GMT
Date: Wed, 25 Dec 2024 11:22:38 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.9dc2645f.1735125758.5935c066
Timing-Allow-Origin: *
GET

https://r.bing.com/rp/MzyDqbzAe1f4stub6mLV5gA_bVA.br.js

msedge.exe

Remote address:

95.100.195.189:443

Request

GET /rp/MzyDqbzAe1f4stub6mLV5gA_bVA.br.js HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept: */*
Origin: https://www.bing.com
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Last-Modified: Thu, 10 Oct 2024 00:30:09 GMT
ETag: 0x8DCE8C2B27A5DE0
Content-Length: 5337
Content-Type: text/javascript; charset=utf-8
Content-Encoding: br
Content-MD5: 3vOHkfV0C9igQPjC6cuDPw==
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 7d652e8a-b01e-0021-62a0-2387a1000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Akamai-GRN: 0.17ff1302.1731632821.3a56f4ae
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
Cache-Control: public, no-transform, max-age=156269
Expires: Fri, 27 Dec 2024 06:47:07 GMT
Date: Wed, 25 Dec 2024 11:22:38 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.9dc2645f.1735125758.5935c1d2
Timing-Allow-Origin: *
GET

https://r.bing.com/rp/eFDN7fKU2A1-FihFOP4WWnERGEw.br.js

msedge.exe

Remote address:

95.100.195.189:443

Request

GET /rp/eFDN7fKU2A1-FihFOP4WWnERGEw.br.js HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept: */*
Origin: https://www.bing.com
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Last-Modified: Tue, 24 Sep 2024 06:44:27 GMT
ETag: 0x8DCDC6455E8AE2E
Content-Length: 430
Content-Type: text/javascript; charset=utf-8
Content-Encoding: br
Content-MD5: rTCSXbL+SXH05fSVWttbkA==
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 52782a79-d01e-0075-1abe-176d2b000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Akamai-GRN: 0.94777b5c.1729511037.5d93300
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
Cache-Control: public, no-transform, max-age=296634
Expires: Sat, 28 Dec 2024 21:46:32 GMT
Date: Wed, 25 Dec 2024 11:22:38 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.9dc2645f.1735125758.5935c297
Timing-Allow-Origin: *
GET

https://r.bing.com/rp/RzViTKGwkEgFQiH73K3yCMS31gY.br.js

msedge.exe

Remote address:

95.100.195.189:443

Request

GET /rp/RzViTKGwkEgFQiH73K3yCMS31gY.br.js HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept: */*
Origin: https://www.bing.com
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Last-Modified: Thu, 14 Nov 2024 09:54:22 GMT
ETag: 0x8DD049250A38A8A
Content-Length: 2432
Content-Type: text/javascript; charset=utf-8
Content-Encoding: br
Content-MD5: so7FAONZawibBGU6jWr5DA==
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 4177bccd-501e-004d-60ae-3f2c72000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Akamai-GRN: 0.5e6e5668.1732605045.10f0e2d3
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
Cache-Control: public, no-transform, max-age=169853
Expires: Fri, 27 Dec 2024 10:33:31 GMT
Date: Wed, 25 Dec 2024 11:22:38 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.9dc2645f.1735125758.5935c390
Timing-Allow-Origin: *
GET

https://r.bing.com/rp/XpyaFPNakGOwlPXoOWhSNZDWjDU.br.js

msedge.exe

Remote address:

95.100.195.189:443

Request

GET /rp/XpyaFPNakGOwlPXoOWhSNZDWjDU.br.js HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept: */*
Origin: https://www.bing.com
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Last-Modified: Tue, 24 Sep 2024 06:33:01 GMT
ETag: 0x8DCDC62BD43783A
Akamai-GRN: 0.86777b5c.1730017886.1379270f
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
Content-Length: 162
Content-Type: text/javascript; charset=utf-8
Content-Encoding: br
Content-MD5: nHbtRiKzAW4DxhW4zhKJGw==
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 37f43fbc-101e-0005-2e21-171eef000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=221682
Expires: Sat, 28 Dec 2024 00:57:20 GMT
Date: Wed, 25 Dec 2024 11:22:38 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.9dc2645f.1735125758.5935c450
Timing-Allow-Origin: *
GET

https://r.bing.com/rp/TaNyfCzxqBX9l7QZbgZUegopTuI.br.js

msedge.exe

Remote address:

95.100.195.189:443

Request

GET /rp/TaNyfCzxqBX9l7QZbgZUegopTuI.br.js HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept: */*
Origin: https://www.bing.com
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Last-Modified: Tue, 24 Sep 2024 06:26:40 GMT
ETag: 0x8DCDC61D9BDA003
Content-Type: text/javascript; charset=utf-8
Content-MD5: 4vFQ72ZNf8ORyGv0/A7BUA==
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 8dda011b-701e-005a-17b0-23ec11000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Content-Length: 936
Cache-Control: public, no-transform, max-age=75134
Expires: Thu, 26 Dec 2024 08:14:52 GMT
Date: Wed, 25 Dec 2024 11:22:38 GMT
Connection: keep-alive
Vary: Accept-Encoding
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.9dc2645f.1735125758.5935c51a
Timing-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/K3hC1_cQXGFr6cxRJVWYpzZJaAM.br.js

msedge.exe

Remote address:

95.100.195.189:443

Request

GET /rp/K3hC1_cQXGFr6cxRJVWYpzZJaAM.br.js HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept: */*
Origin: https://www.bing.com
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Last-Modified: Tue, 24 Sep 2024 06:11:30 GMT
ETag: 0x8DCDC5FBB9234C6
Akamai-GRN: 0.a1777b5c.1730239712.2d590c5
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
Content-Length: 395
Content-Type: text/javascript; charset=utf-8
Content-Encoding: br
Content-MD5: bJNwzHWywBuWP28bX2mBGQ==
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 34450cb7-001e-0011-4af1-15dd8b000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=89338
Expires: Thu, 26 Dec 2024 12:11:37 GMT
Date: Wed, 25 Dec 2024 11:22:39 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.9dc2645f.1735125759.5935c5b9
Timing-Allow-Origin: *
GET

https://r.bing.com/rp/Gyuq2bqitqDJM0BeAkbKXGlQXNw.br.js

msedge.exe

Remote address:

95.100.195.189:443

Request

GET /rp/Gyuq2bqitqDJM0BeAkbKXGlQXNw.br.js HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept: */*
Origin: https://www.bing.com
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Last-Modified: Tue, 24 Sep 2024 06:06:53 GMT
ETag: 0x8DCDC5F1663B480
Akamai-GRN: 0.521a1202.1729838304.ea8aad22
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
Content-Type: text/javascript; charset=utf-8
Content-MD5: wQmZQwuzNQKGWvk013IgpA==
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 9af2386f-f01e-004b-0fcd-17db0a000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Content-Length: 738
Vary: Accept-Encoding
Cache-Control: public, no-transform, max-age=340900
Expires: Sun, 29 Dec 2024 10:04:19 GMT
Date: Wed, 25 Dec 2024 11:22:39 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.9dc2645f.1735125759.5935c66f
Timing-Allow-Origin: *
GET

https://r.bing.com/rp/_2I169N92jVtSc_VEsV0nma5sRY.br.js

msedge.exe

Remote address:

95.100.195.189:443

Request

GET /rp/_2I169N92jVtSc_VEsV0nma5sRY.br.js HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept: */*
Origin: https://www.bing.com
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Last-Modified: Tue, 24 Sep 2024 06:36:19 GMT
ETag: 0x8DCDC63331FF483
Content-Type: text/javascript; charset=utf-8
Content-MD5: Ij6CMW7d9STrT+a4Nf7dFA==
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 2e9c68ac-a01e-0053-3115-18f69f000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Content-Length: 327
Cache-Control: public, no-transform, max-age=206517
Expires: Fri, 27 Dec 2024 20:44:36 GMT
Date: Wed, 25 Dec 2024 11:22:39 GMT
Connection: keep-alive
Vary: Accept-Encoding
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.9dc2645f.1735125759.5935c73b
Timing-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rs/6r/ku/jnc,nj/cNbseG2vlUH2ubvgjbDJtgTzQPo.js?or=w

msedge.exe

Remote address:

95.100.195.189:443

Request

GET /rs/6r/ku/jnc,nj/cNbseG2vlUH2ubvgjbDJtgTzQPo.js?or=w HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept: */*
Origin: https://www.bing.com
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Length: 241
Content-Type: application/x-javascript; charset=utf-8
Server: Kestrel
Access-Control-Allow-Headers: *
Access-Control-Allow-Origin: *
Content-Encoding: br
Last-Modified: Mon, 23 Sep 2024 23:41:33 GMT
X-EventID: 671e9ade67c64afba6fb8118feece63c
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, ECT, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
UserAgentReductionOptOut: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
X-AS-InstrumentationOptions: AppServerLoggingMaster=1
X-AS-MACHINENAME: DUBEEAP0000E12C
X-AS-SuppressSetCookie: 1
Content-Security-Policy: script-src https: 'strict-dynamic' 'report-sample' 'wasm-unsafe-eval' 'nonce-tslw9CbmAj3DVBOLLS03zESL3g+97Ufqa0RwxZYyWho='; base-uri 'self';report-to csp-endpoint
Report-To: {"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
Report-To: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingrms"}]}
cross-origin-resource-policy: cross-origin
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.75}
Cache-Control: public, max-age=139909
Expires: Fri, 27 Dec 2024 02:14:28 GMT
Date: Wed, 25 Dec 2024 11:22:39 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.9dc2645f.1735125759.5935c8cd
Timing-Allow-Origin: *
GET

https://r.bing.com/rp/mOy7YpeLJ3c40BBAFNUI6SmOUTY.br.js

msedge.exe

Remote address:

95.100.195.189:443

Request

GET /rp/mOy7YpeLJ3c40BBAFNUI6SmOUTY.br.js HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept: */*
Origin: https://www.bing.com
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Last-Modified: Tue, 24 Sep 2024 06:56:27 GMT
ETag: 0x8DCDC66034C9278
Akamai-GRN: 0.85777b5c.1734258466.241dbd3c
Content-Type: text/javascript; charset=utf-8
Content-MD5: Tm502hkAmxWuxzxBM7uX9A==
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 1fc4b8d2-b01e-0008-49f0-17f1e3000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Content-Length: 584
Vary: Accept-Encoding
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
Cache-Control: public, no-transform, max-age=119037
Expires: Thu, 26 Dec 2024 20:26:36 GMT
Date: Wed, 25 Dec 2024 11:22:39 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.9dc2645f.1735125759.5935c9e1
Timing-Allow-Origin: *
GET

https://r.bing.com/rp/hAEVe25_jil71qxV8HNHEcjwOsk.br.js

msedge.exe

Remote address:

95.100.195.189:443

Request

GET /rp/hAEVe25_jil71qxV8HNHEcjwOsk.br.js HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept: */*
Origin: https://www.bing.com
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Last-Modified: Tue, 24 Sep 2024 06:48:18 GMT
ETag: 0x8DCDC64DF5EFE90
Akamai-GRN: 0.521a1202.1730303170.ad30af43
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
Content-Length: 200
Content-Type: text/javascript; charset=utf-8
Content-Encoding: br
Content-MD5: Zbe+hPSEBfAPOTFWcPh+cQ==
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: ed8e310f-001e-005e-02bd-171993000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=78623
Expires: Thu, 26 Dec 2024 09:13:03 GMT
Date: Wed, 25 Dec 2024 11:22:40 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.9dc2645f.1735125760.5935cacf
Timing-Allow-Origin: *
GET

https://r.bing.com/rp/O-ejpxJOK4ur1-qUtpPRk7Z6wj0.br.js

msedge.exe

Remote address:

95.100.195.189:443

Request

GET /rp/O-ejpxJOK4ur1-qUtpPRk7Z6wj0.br.js HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept: */*
Origin: https://www.bing.com
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Last-Modified: Tue, 24 Sep 2024 06:17:35 GMT
ETag: 0x8DCDC60951168B3
Akamai-GRN: 0.40367a5c.1730358150.1360a947
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
Content-Length: 401
Content-Type: text/javascript; charset=utf-8
Content-Encoding: br
Content-MD5: SBAFdM5FfKl3Pa3F9r4h7Q==
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 9232186b-d01e-0031-010a-17b147000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=32607
Expires: Wed, 25 Dec 2024 20:26:07 GMT
Date: Wed, 25 Dec 2024 11:22:40 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.9dc2645f.1735125760.5935cb8e
Timing-Allow-Origin: *
GET

https://r.bing.com/rp/FmQyPuaotJoJngGZby-oO070KQA.br.js

msedge.exe

Remote address:

95.100.195.189:443

Request

GET /rp/FmQyPuaotJoJngGZby-oO070KQA.br.js HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
Origin: https://www.bing.com
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
DNT: 1
Accept: */*
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: script
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Last-Modified: Tue, 24 Sep 2024 06:04:52 GMT
ETag: 0x8DCDC5ECE7CD3A7
Akamai-GRN: 0.b6777b5c.1730572334.96b1ac5
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
Content-Length: 1729
Content-Type: text/javascript; charset=utf-8
Content-Encoding: br
Content-MD5: 0oD04Dv0V8uhj4Kpa2NhXQ==
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: f814f8b9-d01e-0013-4aa9-17df71000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=111618
Expires: Thu, 26 Dec 2024 18:22:58 GMT
Date: Wed, 25 Dec 2024 11:22:40 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.9dc2645f.1735125760.5935cc38
Timing-Allow-Origin: *
GET

https://r.bing.com/rp/aSHY1fgTTA30J2uolpV0_7aWZVo.br.js

msedge.exe

Remote address:

95.100.195.189:443

Request

GET /rp/aSHY1fgTTA30J2uolpV0_7aWZVo.br.js HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
Origin: https://www.bing.com
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
DNT: 1
Accept: */*
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: script
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Last-Modified: Thu, 10 Oct 2024 00:31:30 GMT
ETag: 0x8DCE8C2E2CED71E
Content-Length: 2918
Content-Type: text/javascript; charset=utf-8
Content-Encoding: br
Content-MD5: geGEskVkGRX9cnuzA8iOng==
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 3c0aa404-601e-006c-59f2-364143000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Akamai-GRN: 0.92777b5c.1731634552.12a86fe
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
Cache-Control: public, no-transform, max-age=27298
Expires: Wed, 25 Dec 2024 18:57:39 GMT
Date: Wed, 25 Dec 2024 11:22:41 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.9dc2645f.1735125761.5935d13a
Timing-Allow-Origin: *
GET

https://r.bing.com/rp/ivu0QwP26BHIJjH_DSqboRdhsO0.br.js

msedge.exe

Remote address:

95.100.195.189:443

Request

GET /rp/ivu0QwP26BHIJjH_DSqboRdhsO0.br.js HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
Origin: https://www.bing.com
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
DNT: 1
Accept: */*
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: script
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Last-Modified: Thu, 14 Nov 2024 09:56:27 GMT
ETag: 0x8DD04929B4990FB
Content-Type: text/javascript; charset=utf-8
Content-MD5: PtU28jG6dGjHkVaL3KCYNw==
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 0db90d9f-b01e-004c-55dd-362d8f000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Content-Length: 3915
Cache-Control: public, no-transform, max-age=123518
Expires: Thu, 26 Dec 2024 21:41:19 GMT
Date: Wed, 25 Dec 2024 11:22:41 GMT
Connection: keep-alive
Vary: Accept-Encoding
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.9dc2645f.1735125761.5935d23e
Timing-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/VKotk_QDV7V7jdYhLvGcrJlzHyE.br.js

msedge.exe

Remote address:

95.100.195.189:443

Request

GET /rp/VKotk_QDV7V7jdYhLvGcrJlzHyE.br.js HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
Origin: https://www.bing.com
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
DNT: 1
Accept: */*
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: script
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Last-Modified: Thu, 19 Dec 2024 07:35:51 GMT
ETag: 0x8DD1FFFC369A694
Content-Length: 13175
Content-Type: text/javascript; charset=utf-8
Content-Encoding: br
Content-MD5: P40kHkuCONKLasanvjGRrw==
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: db369e47-001e-0033-7847-52b3bd000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Akamai-GRN: 0.60ba1302.1734652200.14d06885
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
Cache-Control: public, no-transform, max-age=331668
Expires: Sun, 29 Dec 2024 07:30:29 GMT
Date: Wed, 25 Dec 2024 11:22:41 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.9dc2645f.1735125761.5935d4ea
Timing-Allow-Origin: *
GET

https://r.bing.com/sa/simg/Roboto_Regular.woff2

msedge.exe

Remote address:

95.100.195.189:443

Request

GET /sa/simg/Roboto_Regular.woff2 HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
Origin: https://www.bing.com
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
DNT: 1
Accept: */*
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: font
Referer: https://r.bing.com/rs/5W/2hb/cir3,cc,nc/1KKUBDl-P5UnnMr4CFdIc4245kE.css?or=w
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 404 Not Found

Accept-Ranges: bytes
Content-Length: 10
Server: AkamaiNetStorage
Date: Wed, 25 Dec 2024 11:23:47 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.9dc2645f.1735125827.5935d5ca
GET

https://r.bing.com/rp/etKr8FCYxUI3jpSkVsECVLsVlbY.br.js

msedge.exe

Remote address:

95.100.195.189:443

Request

GET /rp/etKr8FCYxUI3jpSkVsECVLsVlbY.br.js HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
Origin: https://www.bing.com
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
DNT: 1
Accept: */*
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: script
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Last-Modified: Thu, 14 Nov 2024 09:55:54 GMT
ETag: 0x8DD049287E5D182
Content-Type: text/javascript; charset=utf-8
Content-MD5: mSBkkcqqTETnAS1Oam7VNw==
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: a8a0ebad-b01e-0047-0d5b-3d35fb000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Content-Length: 8844
Vary: Accept-Encoding
Cache-Control: public, no-transform, max-age=253477
Expires: Sat, 28 Dec 2024 09:47:13 GMT
Date: Wed, 25 Dec 2024 11:22:36 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.95c2645f.1735125756.2c2afc
Timing-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/iqYxm8r46lk-3ernDKEwdszk1wo.br.js

msedge.exe

Remote address:

95.100.195.189:443

Request

GET /rp/iqYxm8r46lk-3ernDKEwdszk1wo.br.js HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept: */*
Origin: https://www.bing.com
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Last-Modified: Tue, 24 Sep 2024 06:51:06 GMT
ETag: 0x8DCDC6543F69E89
Content-Length: 270
Content-Type: text/javascript; charset=utf-8
Content-Encoding: br
Content-MD5: TOEJswICO3Ck7rsyPnl7KQ==
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 636a9ece-001e-0077-79b7-166fd1000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Akamai-GRN: 0.6f6e5668.1730447490.17a0ebac
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
Cache-Control: public, no-transform, max-age=284897
Expires: Sat, 28 Dec 2024 18:30:54 GMT
Date: Wed, 25 Dec 2024 11:22:37 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.95c2645f.1735125757.2c2b20
Timing-Allow-Origin: *
GET

https://r.bing.com/rp/yt5G3936XbeOUUYvhktH-Zp37Ac.br.js

msedge.exe

Remote address:

95.100.195.189:443

Request

GET /rp/yt5G3936XbeOUUYvhktH-Zp37Ac.br.js HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept: */*
Origin: https://www.bing.com
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Last-Modified: Tue, 24 Sep 2024 07:15:45 GMT
ETag: 0x8DCDC68B529586E
Content-Length: 62
Content-Type: text/javascript; charset=utf-8
Content-Encoding: br
Content-MD5: 56QwnVmnkrKOlc26EzLhyw==
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 20e18d6b-a01e-0017-4408-182af3000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Akamai-GRN: 0.c0901002.1729513750.7bccc0cd
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
Cache-Control: public, no-transform, max-age=410851
Expires: Mon, 30 Dec 2024 05:30:09 GMT
Date: Wed, 25 Dec 2024 11:22:38 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.95c2645f.1735125758.2c345d
Timing-Allow-Origin: *
GET

https://r.bing.com/rb/4N/jnc,nj/WjC77O8uVx9--UZpQC4Qfpa7qaE.js?bu=A683sje1Nw&or=w

msedge.exe

Remote address:

95.100.195.189:443

Request

GET /rb/4N/jnc,nj/WjC77O8uVx9--UZpQC4Qfpa7qaE.js?bu=A683sje1Nw&or=w HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept: */*
Origin: https://www.bing.com
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Length: 1528
Content-Type: application/x-javascript; charset=utf-8
Server: Kestrel
Access-Control-Allow-Headers: *
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Last-Modified: Fri, 20 Dec 2024 11:39:02 GMT
X-EventID: 67685eabbc5544e1b307b111d774b7a1
UserAgentReductionOptOut: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
X-AS-InstrumentationOptions: AppServerLoggingMaster=1
X-AS-MACHINENAME: DUBEEAP0000E09E
X-AS-SuppressSetCookie: 1
cross-origin-resource-policy: cross-origin
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.75}
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingrms"}]}
Cache-Control: public, max-age=199493
Expires: Fri, 27 Dec 2024 18:47:31 GMT
Date: Wed, 25 Dec 2024 11:22:38 GMT
Connection: keep-alive
Vary: Accept-Encoding
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.95c2645f.1735125758.2c3549
Timing-Allow-Origin: *
GET

https://r.bing.com/rp/TFi00n9kt1lqPoE9f5YVPavsHbE.br.js

msedge.exe

Remote address:

95.100.195.189:443

Request

GET /rp/TFi00n9kt1lqPoE9f5YVPavsHbE.br.js HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept: */*
Origin: https://www.bing.com
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Last-Modified: Tue, 24 Sep 2024 06:26:11 GMT
ETag: 0x8DCDC61C8DE57F4
Content-Length: 175
Content-Type: text/javascript; charset=utf-8
Content-Encoding: br
Content-MD5: 6EH+w8FwrQtefaxEd1LgMQ==
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: abcfdfc7-901e-0036-3561-1947c2000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Akamai-GRN: 0.ba777b5c.1730558262.ab586ac
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
Cache-Control: public, no-transform, max-age=250911
Expires: Sat, 28 Dec 2024 09:04:29 GMT
Date: Wed, 25 Dec 2024 11:22:38 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.95c2645f.1735125758.2c363c
Timing-Allow-Origin: *
GET

https://r.bing.com/rp/2B9u0snswl6MSm6KlelCMIZAr0E.br.js

msedge.exe

Remote address:

95.100.195.189:443

Request

GET /rp/2B9u0snswl6MSm6KlelCMIZAr0E.br.js HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept: */*
Origin: https://www.bing.com
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Last-Modified: Mon, 14 Oct 2024 19:33:07 GMT
ETag: 0x8DCEC8707881892
Content-Length: 1209
Content-Type: text/javascript; charset=utf-8
Content-Encoding: br
Content-MD5: D51WbBCmUCTaPMMHZOdm7w==
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: d5319e33-e01e-0032-20e8-1eb240000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=79442
Expires: Thu, 26 Dec 2024 09:26:40 GMT
Date: Wed, 25 Dec 2024 11:22:38 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.95c2645f.1735125758.2c3707
Timing-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/QhINJ5aAulL1ot_r_8dLH_aIfCk.br.js

msedge.exe

Remote address:

95.100.195.189:443

Request

GET /rp/QhINJ5aAulL1ot_r_8dLH_aIfCk.br.js HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept: */*
Origin: https://www.bing.com
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Last-Modified: Tue, 24 Sep 2024 06:21:47 GMT
ETag: 0x8DCDC612B52B7B6
Content-Length: 223
Content-Type: text/javascript; charset=utf-8
Content-Encoding: br
Content-MD5: Udx529Zy6uZ+LObiXq+Upw==
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: e21ff070-c01e-0061-1a66-17ae4f000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Akamai-GRN: 0.a2777b5c.1730446462.d93ccb2
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
Cache-Control: public, no-transform, max-age=107051
Expires: Thu, 26 Dec 2024 17:06:49 GMT
Date: Wed, 25 Dec 2024 11:22:38 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.95c2645f.1735125758.2c37de
Timing-Allow-Origin: *
GET

https://r.bing.com/rp/eeSRHmOwBCiYGkxCHmb9VbJ2hT8.br.js

msedge.exe

Remote address:

95.100.195.189:443

Request

GET /rp/eeSRHmOwBCiYGkxCHmb9VbJ2hT8.br.js HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept: */*
Origin: https://www.bing.com
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Last-Modified: Tue, 24 Sep 2024 06:44:49 GMT
ETag: 0x8DCDC64632A6EF0
Akamai-GRN: 0.88777b5c.1733864362.86c4f19
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
Content-Length: 323
Content-Type: text/javascript; charset=utf-8
Content-Encoding: br
Content-MD5: +CLmYDPZ4qSTibcD/NDa/Q==
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: f2a0b08b-201e-0049-782f-2cd9f0000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=273048
Expires: Sat, 28 Dec 2024 15:13:26 GMT
Date: Wed, 25 Dec 2024 11:22:38 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.95c2645f.1735125758.2c38bf
Timing-Allow-Origin: *
GET

https://r.bing.com/rp/oO6dDlhvIVzy0HGcxNJVSFPNKzA.br.js

msedge.exe

Remote address:

95.100.195.189:443

Request

GET /rp/oO6dDlhvIVzy0HGcxNJVSFPNKzA.br.js HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept: */*
Origin: https://www.bing.com
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Last-Modified: Tue, 24 Sep 2024 06:59:24 GMT
ETag: 0x8DCDC666C9E1C8D
Akamai-GRN: 0.8b777b5c.1734425159.4a1db65
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
Content-Length: 326
Content-Type: text/javascript; charset=utf-8
Content-Encoding: br
Content-MD5: qaL/LAYClf3YowzVYVMuuQ==
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: ce847912-001e-005e-34d7-161993000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=313486
Expires: Sun, 29 Dec 2024 02:27:25 GMT
Date: Wed, 25 Dec 2024 11:22:39 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.95c2645f.1735125759.2c39ff
Timing-Allow-Origin: *
GET

https://r.bing.com/rp/PmNLAq2f0t_lcD3LTchFOVy6h-U.br.js

msedge.exe

Remote address:

95.100.195.189:443

Request

GET /rp/PmNLAq2f0t_lcD3LTchFOVy6h-U.br.js HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept: */*
Origin: https://www.bing.com
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Last-Modified: Tue, 24 Sep 2024 06:20:42 GMT
ETag: 0x8DCDC6104407DFA
Content-Length: 201
Content-Type: text/javascript; charset=utf-8
Content-Encoding: br
Content-MD5: M3bjJ0CAgDmqFQQM+Mcpeg==
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 7a5fac1f-901e-001f-44f7-163180000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=221717
Expires: Sat, 28 Dec 2024 00:57:56 GMT
Date: Wed, 25 Dec 2024 11:22:39 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.95c2645f.1735125759.2c3b0c
Timing-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/gKwIRAF4fg7noG1zyeUz8x3Jdhc.br.js

msedge.exe

Remote address:

95.100.195.189:443

Request

GET /rp/gKwIRAF4fg7noG1zyeUz8x3Jdhc.br.js HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept: */*
Origin: https://www.bing.com
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Last-Modified: Tue, 24 Sep 2024 06:47:07 GMT
ETag: 0x8DCDC64B5831289
Content-Type: text/javascript; charset=utf-8
Content-MD5: rSmdN6tN5TS/1yEQ8Z6pNA==
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 7199d3ed-b01e-006e-2e1f-1643b9000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Content-Length: 507
Vary: Accept-Encoding
Cache-Control: public, no-transform, max-age=332062
Expires: Sun, 29 Dec 2024 07:37:01 GMT
Date: Wed, 25 Dec 2024 11:22:39 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.95c2645f.1735125759.2c3bd2
Timing-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/GSNeCa5XvtoP6jz0k5V172vRaQ8.br.js

msedge.exe

Remote address:

95.100.195.189:443

Request

GET /rp/GSNeCa5XvtoP6jz0k5V172vRaQ8.br.js HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept: */*
Origin: https://www.bing.com
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Last-Modified: Tue, 24 Sep 2024 06:06:16 GMT
ETag: 0x8DCDC5F0026627C
Akamai-GRN: 0.be777b5c.1734942973.7d527fb
Content-Type: text/javascript; charset=utf-8
Content-MD5: 6paabdGU2qEZnRtfjHNFcQ==
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: c9c6f350-101e-004a-0b4e-15daf7000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Content-Length: 171
Vary: Accept-Encoding
Cache-Control: public, no-transform, max-age=34670
Expires: Wed, 25 Dec 2024 21:00:29 GMT
Date: Wed, 25 Dec 2024 11:22:39 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.95c2645f.1735125759.2c3cb8
Timing-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/I_ndi6vVBymh23DuqRe-LcSg9Uk.br.js

msedge.exe

Remote address:

95.100.195.189:443

Request

GET /rp/I_ndi6vVBymh23DuqRe-LcSg9Uk.br.js HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept: */*
Origin: https://www.bing.com
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Last-Modified: Tue, 24 Sep 2024 06:09:36 GMT
ETag: 0x8DCDC5F77660359
Content-Length: 275
Content-Type: text/javascript; charset=utf-8
Content-Encoding: br
Content-MD5: X6fPgOYby704zDvgArarOQ==
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: eb559c18-801e-004f-46bd-172e88000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Akamai-GRN: 0.98777b5c.1730383102.1a5e5675
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
Cache-Control: public, no-transform, max-age=47774
Expires: Thu, 26 Dec 2024 00:38:53 GMT
Date: Wed, 25 Dec 2024 11:22:39 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.95c2645f.1735125759.2c3db5
Timing-Allow-Origin: *
GET

https://r.bing.com/rp/iY8PAEydb3lbGfuJiuA9ICzXgY8.br.js

msedge.exe

Remote address:

95.100.195.189:443

Request

GET /rp/iY8PAEydb3lbGfuJiuA9ICzXgY8.br.js HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept: */*
Origin: https://www.bing.com
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Last-Modified: Tue, 24 Sep 2024 06:50:43 GMT
ETag: 0x8DCDC6535F306CD
Akamai-GRN: 0.60ba1302.1734051396.2fd8388d
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
Content-Length: 490
Content-Type: text/javascript; charset=utf-8
Content-Encoding: br
Content-MD5: 3vstlq/a5ZcE98e8La1vPw==
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 777a5872-c01e-0061-68cb-1aae4f000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=75354
Expires: Thu, 26 Dec 2024 08:18:33 GMT
Date: Wed, 25 Dec 2024 11:22:39 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.95c2645f.1735125759.2c3eb9
Timing-Allow-Origin: *
GET

https://r.bing.com/rs/6r/lN/nj/EmG-XMIMCcq8zmcVBBO7jkFERAE.js?or=w

msedge.exe

Remote address:

95.100.195.189:443

Request

GET /rs/6r/lN/nj/EmG-XMIMCcq8zmcVBBO7jkFERAE.js?or=w HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept: */*
Origin: https://www.bing.com
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Length: 406
Content-Type: application/x-javascript; charset=utf-8
Server: Kestrel
Access-Control-Allow-Headers: *
Access-Control-Allow-Origin: *
Content-Encoding: br
Last-Modified: Fri, 20 Dec 2024 06:44:40 GMT
X-EventID: 6769f70172cd4db5aeeaa1607abe505d
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, ECT, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
UserAgentReductionOptOut: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
X-AS-InstrumentationOptions: AppServerLoggingMaster=1
X-AS-MACHINENAME: DUBEEAP00010626
X-AS-SuppressSetCookie: 1
Content-Security-Policy-Report-Only: script-src https: 'strict-dynamic' 'report-sample' 'wasm-unsafe-eval' 'nonce-5QtD2EQ1HZjRxyYKNks6rXfToXNg2iIfsw6YSU4da9k='; base-uri 'self';report-to csp-endpoint
Report-To: {"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
Report-To: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingrms"}]}
cross-origin-resource-policy: cross-origin
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.75}
Cache-Control: public, max-age=303951
Expires: Sat, 28 Dec 2024 23:48:31 GMT
Date: Wed, 25 Dec 2024 11:22:40 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.95c2645f.1735125760.2c3fbc
Timing-Allow-Origin: *
GET

https://r.bing.com/rp/PUx-sNZ5_D-0sf742vcWqy9vjIU.br.js

msedge.exe

Remote address:

95.100.195.189:443

Request

GET /rp/PUx-sNZ5_D-0sf742vcWqy9vjIU.br.js HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept: */*
Origin: https://www.bing.com
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Last-Modified: Thu, 10 Oct 2024 00:30:53 GMT
ETag: 0x8DCE8C2CCB15CBA
Content-Length: 844
Content-Type: text/javascript; charset=utf-8
Content-Encoding: br
Content-MD5: WQ+96eUj5Z369h6ZIa7jrA==
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 18967bbf-a01e-0058-47bd-36eeeb000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=291592
Expires: Sat, 28 Dec 2024 20:22:32 GMT
Date: Wed, 25 Dec 2024 11:22:40 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.95c2645f.1735125760.2c40bd
Timing-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/5XYcZsgWWzbiBf6EUQH4mydZTiI.br.js

msedge.exe

Remote address:

95.100.195.189:443

Request

GET /rp/5XYcZsgWWzbiBf6EUQH4mydZTiI.br.js HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
Origin: https://www.bing.com
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
DNT: 1
Accept: */*
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: script
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Last-Modified: Mon, 14 Oct 2024 19:42:07 GMT
ETag: 0x8DCEC88499C34F5
Content-Length: 1482
Content-Type: text/javascript; charset=utf-8
Content-Encoding: br
Content-MD5: cDDFDcadXP/Gqx2kH6KIvg==
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 20215499-601e-0067-5ec3-205937000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=297840
Expires: Sat, 28 Dec 2024 22:06:40 GMT
Date: Wed, 25 Dec 2024 11:22:40 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.95c2645f.1735125760.2c4237
Timing-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/w2ye0W2xVVGtLI2lFrOy9f7eTEE.br.js

msedge.exe

Remote address:

95.100.195.189:443

Request

GET /rp/w2ye0W2xVVGtLI2lFrOy9f7eTEE.br.js HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
Origin: https://www.bing.com
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
DNT: 1
Accept: */*
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: script
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Last-Modified: Tue, 24 Sep 2024 07:11:23 GMT
ETag: 0x8DCDC6818ED602B
Akamai-GRN: 0.8b777b5c.1730374818.65ed970
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
Content-Length: 307
Content-Type: text/javascript; charset=utf-8
Content-Encoding: br
Content-MD5: uYmYFUgcuhFAiNUh9ZhLMg==
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 04d77ac1-701e-0051-7044-15f465000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=123324
Expires: Thu, 26 Dec 2024 21:38:00 GMT
Date: Wed, 25 Dec 2024 11:22:36 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.9fc2645f.1735125756.48f411f5
Timing-Allow-Origin: *
GET

https://r.bing.com/sa/simg/Roboto_Regular.woff2

msedge.exe

Remote address:

95.100.195.189:443

Request

GET /sa/simg/Roboto_Regular.woff2 HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
Origin: https://www.bing.com
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
DNT: 1
Accept: */*
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: font
Referer: https://r.bing.com/rs/5W/2hb/cir3,cc,nc/1KKUBDl-P5UnnMr4CFdIc4245kE.css?or=w
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 404 Not Found

Accept-Ranges: bytes
Content-Length: 10
Server: AkamaiNetStorage
Date: Wed, 25 Dec 2024 11:22:37 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.9fc2645f.1735125757.48f4120c
GET

https://r.bing.com/sa/simg/Roboto_Semibold.woff2

msedge.exe

Remote address:

95.100.195.189:443

Request

GET /sa/simg/Roboto_Semibold.woff2 HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
Origin: https://www.bing.com
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
DNT: 1
Accept: */*
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: font
Referer: https://r.bing.com/rs/5W/2hb/cir3,cc,nc/1KKUBDl-P5UnnMr4CFdIc4245kE.css?or=w
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 404 Not Found

Accept-Ranges: bytes
Content-Length: 10
Server: AkamaiNetStorage
Date: Wed, 25 Dec 2024 11:22:37 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.9fc2645f.1735125757.48f416d5
GET

https://r.bing.com/rs/6r/fU/jnc,nj/tlifxqsNyCzxIJnRwtQKuZToQQw.js?or=w

msedge.exe

Remote address:

95.100.195.189:443

Request

GET /rs/6r/fU/jnc,nj/tlifxqsNyCzxIJnRwtQKuZToQQw.js?or=w HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept: */*
Origin: https://www.bing.com
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Length: 27
Content-Type: application/x-javascript; charset=utf-8
Server: Kestrel
Access-Control-Allow-Headers: *
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Last-Modified: Fri, 20 Dec 2024 06:44:40 GMT
X-EventID: 6769f690ac92487fa71b3cee8be09baa
UserAgentReductionOptOut: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
X-AS-InstrumentationOptions: AppServerLoggingMaster=1
X-AS-MACHINENAME: DUBEEAP0001061F
X-AS-SuppressSetCookie: 1
cross-origin-resource-policy: cross-origin
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.75}
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingrms"}]}
Cache-Control: public, max-age=303865
Expires: Sat, 28 Dec 2024 23:47:02 GMT
Date: Wed, 25 Dec 2024 11:22:37 GMT
Connection: keep-alive
Vary: Accept-Encoding
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.9fc2645f.1735125757.48f419e2
Timing-Allow-Origin: *
GET

https://r.bing.com/rp/KjcQM3UW1nOQMxru5p6M1wKu4ZQ.br.js

msedge.exe

Remote address:

95.100.195.189:443

Request

GET /rp/KjcQM3UW1nOQMxru5p6M1wKu4ZQ.br.js HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept: */*
Origin: https://www.bing.com
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Last-Modified: Tue, 24 Sep 2024 06:12:41 GMT
ETag: 0x8DCDC5FE5D2EEEE
Content-Length: 444
Content-Type: text/javascript; charset=utf-8
Content-Encoding: br
Content-MD5: rcwNaARzBLLtHGn0ljEM5g==
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: ba5432ae-f01e-000f-78e2-150766000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Akamai-GRN: 0.31d01702.1728036680.3ad9464
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
Cache-Control: public, no-transform, max-age=77282
Expires: Thu, 26 Dec 2024 08:50:40 GMT
Date: Wed, 25 Dec 2024 11:22:38 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.9fc2645f.1735125758.48f41abc
Timing-Allow-Origin: *
GET

https://r.bing.com/rp/0KrsBMKWyD66Rwt3tiMAonQOyGw.br.js

msedge.exe

Remote address:

95.100.195.189:443

Request

GET /rp/0KrsBMKWyD66Rwt3tiMAonQOyGw.br.js HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept: */*
Origin: https://www.bing.com
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Last-Modified: Mon, 14 Oct 2024 19:28:02 GMT
ETag: 0x8DCEC8651B9B166
Content-Type: text/javascript; charset=utf-8
Content-MD5: z5nlqd31IzcYeLY5KGuaJg==
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: f81c1378-d01e-0057-2e3c-21031d000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Content-Length: 80
Cache-Control: public, no-transform, max-age=81183
Expires: Thu, 26 Dec 2024 09:55:41 GMT
Date: Wed, 25 Dec 2024 11:22:38 GMT
Connection: keep-alive
Vary: Accept-Encoding
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.9fc2645f.1735125758.48f41bce
Timing-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/V5dpoD3fjhPtv-hIh3ssEsOr5_M.br.js

msedge.exe

Remote address:

95.100.195.189:443

Request

GET /rp/V5dpoD3fjhPtv-hIh3ssEsOr5_M.br.js HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept: */*
Origin: https://www.bing.com
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Last-Modified: Tue, 24 Sep 2024 06:29:12 GMT
ETag: 0x8DCDC6234635DEB
Akamai-GRN: 0.233f655f.1729803595.7eaef0e
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
Content-Length: 302
Content-Type: text/javascript; charset=utf-8
Content-Encoding: br
Content-MD5: EjYB8vze75Y5yL/vOyaplg==
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 6101304b-001e-0038-1df3-15abc9000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=75584
Expires: Thu, 26 Dec 2024 08:22:22 GMT
Date: Wed, 25 Dec 2024 11:22:38 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.9fc2645f.1735125758.48f41cc2
Timing-Allow-Origin: *
GET

https://r.bing.com/rp/MHGveHjpT20MyFEdoL1KWdpZGoU.br.js

msedge.exe

Remote address:

95.100.195.189:443

Request

GET /rp/MHGveHjpT20MyFEdoL1KWdpZGoU.br.js HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept: */*
Origin: https://www.bing.com
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Last-Modified: Tue, 24 Sep 2024 06:15:10 GMT
ETag: 0x8DCDC603EDAFF15
Content-Length: 149
Content-Type: text/javascript; charset=utf-8
Content-Encoding: br
Content-MD5: 0yRJLjnLGdkYMW/+ABD5Lw==
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 8a2a5976-801e-0029-6704-179cd2000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Akamai-GRN: 0.b6777b5c.1729195060.9391c84
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
Cache-Control: public, no-transform, max-age=164705
Expires: Fri, 27 Dec 2024 09:07:43 GMT
Date: Wed, 25 Dec 2024 11:22:38 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.9fc2645f.1735125758.48f41d7e
Timing-Allow-Origin: *
GET

https://r.bing.com/rp/Yp5uRx1ZvJMBOj_5nU0FUN0279s.br.js

msedge.exe

Remote address:

95.100.195.189:443

Request

GET /rp/Yp5uRx1ZvJMBOj_5nU0FUN0279s.br.js HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept: */*
Origin: https://www.bing.com
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Last-Modified: Tue, 24 Sep 2024 06:34:56 GMT
ETag: 0x8DCDC630183D39E
Content-Length: 1103
Content-Type: text/javascript; charset=utf-8
Content-Encoding: br
Content-MD5: /jlcyij4R609bRURPIuReQ==
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 8bbcecc8-601e-0067-469c-165937000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Akamai-GRN: 0.8a777b5c.1728337866.4b0d97c
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
Cache-Control: public, no-transform, max-age=296563
Expires: Sat, 28 Dec 2024 21:45:21 GMT
Date: Wed, 25 Dec 2024 11:22:38 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.9fc2645f.1735125758.48f41e4d
Timing-Allow-Origin: *
GET

https://r.bing.com/rp/KLrSbzDKMog0mCiPcB9iwoEvlE4.br.js

msedge.exe

Remote address:

95.100.195.189:443

Request

GET /rp/KLrSbzDKMog0mCiPcB9iwoEvlE4.br.js HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept: */*
Origin: https://www.bing.com
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Last-Modified: Thu, 10 Oct 2024 00:29:02 GMT
ETag: 0x8DCE8C28AC2EAB8
Content-Length: 2634
Content-Type: text/javascript; charset=utf-8
Content-Encoding: br
Content-MD5: YP0IUbsZfddh5LfrNKc0vw==
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 27aa3268-301e-0074-5e0d-236cd6000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=103458
Expires: Thu, 26 Dec 2024 16:06:56 GMT
Date: Wed, 25 Dec 2024 11:22:38 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.9fc2645f.1735125758.48f41f3b
Timing-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rs/6r/lz/nj/pxzfjFIjWTDQikh0A5aT_cguYyc.js?or=w

msedge.exe

Remote address:

95.100.195.189:443

Request

GET /rs/6r/lz/nj/pxzfjFIjWTDQikh0A5aT_cguYyc.js?or=w HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept: */*
Origin: https://www.bing.com
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Length: 333
Content-Type: application/x-javascript; charset=utf-8
Server: Kestrel
Access-Control-Allow-Headers: *
Access-Control-Allow-Origin: *
Content-Encoding: br
Last-Modified: Fri, 20 Dec 2024 00:02:18 GMT
X-EventID: 6765fc59cedc42c495b88ee545dc7c28
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, ECT, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
UserAgentReductionOptOut: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
X-AS-InstrumentationOptions: AppServerLoggingMaster=1
X-AS-MACHINENAME: DUBEEAP0000E067
X-AS-SuppressSetCookie: 1
Content-Security-Policy-Report-Only: script-src https: 'strict-dynamic' 'report-sample' 'wasm-unsafe-eval' 'nonce-A3X78l+yHlQP6xcW6+GeC1O1NuqU0hdC7tTIU83RV7Q='; base-uri 'self';report-to csp-endpoint
Report-To: {"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
Report-To: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingrms"}]}
cross-origin-resource-policy: cross-origin
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.75}
Cache-Control: public, max-age=43181
Expires: Wed, 25 Dec 2024 23:22:20 GMT
Date: Wed, 25 Dec 2024 11:22:39 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.9fc2645f.1735125759.48f41fdd
Timing-Allow-Origin: *
GET

https://r.bing.com/rp/V_fBQ_iVmAgE_Ta_T-6BNXc0ZY4.br.js

msedge.exe

Remote address:

95.100.195.189:443

Request

GET /rp/V_fBQ_iVmAgE_Ta_T-6BNXc0ZY4.br.js HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept: */*
Origin: https://www.bing.com
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Last-Modified: Tue, 24 Sep 2024 06:29:34 GMT
ETag: 0x8DCDC6241BA29EA
Content-Length: 368
Content-Type: text/javascript; charset=utf-8
Content-Encoding: br
Content-MD5: xl2SFLZCQEcsZUNAUSfMmA==
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 25a8ca54-f01e-000f-488e-1d0766000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=77014
Expires: Thu, 26 Dec 2024 08:46:13 GMT
Date: Wed, 25 Dec 2024 11:22:39 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.9fc2645f.1735125759.48f420f3
Timing-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rs/6r/x2/nj/nt6a1ZR520utsLoZmSYgwxdOPgI.js?or=w

msedge.exe

Remote address:

95.100.195.189:443

Request

GET /rs/6r/x2/nj/nt6a1ZR520utsLoZmSYgwxdOPgI.js?or=w HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept: */*
Origin: https://www.bing.com
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Length: 399
Content-Type: application/x-javascript; charset=utf-8
Server: Kestrel
Access-Control-Allow-Headers: *
Access-Control-Allow-Origin: *
Content-Encoding: br
Last-Modified: Fri, 20 Dec 2024 00:02:17 GMT
X-EventID: 67660565551c40698712280ed39b116e
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, ECT, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
UserAgentReductionOptOut: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
X-AS-InstrumentationOptions: AppServerLoggingMaster=1
X-AS-MACHINENAME: DUBEEAP0000E021
X-AS-SuppressSetCookie: 1
Content-Security-Policy: script-src https: 'strict-dynamic' 'report-sample' 'wasm-unsafe-eval' 'nonce-mUHuQ0p0WlLo1DLUgGyOEQqiyR6azlMD3Jdv84Hnr7k='; base-uri 'self';report-to csp-endpoint
Report-To: {"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
Report-To: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingrms"}]}
cross-origin-resource-policy: cross-origin
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.75}
Cache-Control: public, max-age=45517
Expires: Thu, 26 Dec 2024 00:01:16 GMT
Date: Wed, 25 Dec 2024 11:22:39 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.9fc2645f.1735125759.48f42186
Timing-Allow-Origin: *
GET

https://r.bing.com/rp/8LIV7VPMYjV_ya4Ggnu8LBWQIQQ.br.js

msedge.exe

Remote address:

95.100.195.189:443

Request

GET /rp/8LIV7VPMYjV_ya4Ggnu8LBWQIQQ.br.js HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept: */*
Origin: https://www.bing.com
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Last-Modified: Tue, 24 Sep 2024 05:53:26 GMT
ETag: 0x8DCDC5D351B0B64
Content-Type: text/javascript; charset=utf-8
Content-MD5: 6Xn7G4GYLjqWVjZYfi42LQ==
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 2fd2cb16-601e-0067-5c0c-155937000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Content-Length: 641
Cache-Control: public, no-transform, max-age=124192
Expires: Thu, 26 Dec 2024 21:52:31 GMT
Date: Wed, 25 Dec 2024 11:22:39 GMT
Connection: keep-alive
Vary: Accept-Encoding
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.9fc2645f.1735125759.48f42277
Timing-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/Xz21jpkTfbBon6hHKW7e4R7Hl0U.br.js

msedge.exe

Remote address:

95.100.195.189:443

Request

GET /rp/Xz21jpkTfbBon6hHKW7e4R7Hl0U.br.js HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept: */*
Origin: https://www.bing.com
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Last-Modified: Thu, 03 Oct 2024 00:29:00 GMT
ETag: 0x8DCE342607BCACB
Akamai-GRN: 0.85777b5c.1729111669.16cda41
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
Content-Length: 445
Content-Type: text/javascript; charset=utf-8
Content-Encoding: br
Content-MD5: aOJy98NWCam5NTQEQPKVXQ==
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: d51734f6-d01e-0031-6706-16b147000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=289168
Expires: Sat, 28 Dec 2024 19:42:07 GMT
Date: Wed, 25 Dec 2024 11:22:39 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.9fc2645f.1735125759.48f4235a
Timing-Allow-Origin: *
GET

https://r.bing.com/rp/yZjAz6-B4hIBhJ6D3nAyY_Ebn44.br.js

msedge.exe

Remote address:

95.100.195.189:443

Request

GET /rp/yZjAz6-B4hIBhJ6D3nAyY_Ebn44.br.js HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept: */*
Origin: https://www.bing.com
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Last-Modified: Tue, 24 Sep 2024 07:15:09 GMT
ETag: 0x8DCDC689FBBE351
Content-Length: 213
Content-Type: text/javascript; charset=utf-8
Content-Encoding: br
Content-MD5: WEjo6St2+BsB3AUDglK12Q==
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: dd61854d-b01e-0003-0f95-15e997000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=79115
Expires: Thu, 26 Dec 2024 09:21:14 GMT
Date: Wed, 25 Dec 2024 11:22:39 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.9fc2645f.1735125759.48f42452
Timing-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/CcMXS8Oo0OUnUE0LzYK9AFJ6la8.br.js

msedge.exe

Remote address:

95.100.195.189:443

Request

GET /rp/CcMXS8Oo0OUnUE0LzYK9AFJ6la8.br.js HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept: */*
Origin: https://www.bing.com
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Last-Modified: Tue, 24 Sep 2024 06:00:06 GMT
ETag: 0x8DCDC5E23EBB645
Content-Type: text/javascript; charset=utf-8
Content-MD5: rqa21C4TqvhBKaqsPZN5dA==
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 3e65cb90-701e-005a-0f05-18ec11000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Content-Length: 808
Akamai-GRN: 0.aa777b5c.1730143438.1ed63ba
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
Cache-Control: public, no-transform, max-age=53586
Expires: Thu, 26 Dec 2024 02:15:46 GMT
Date: Wed, 25 Dec 2024 11:22:40 GMT
Connection: keep-alive
Vary: Accept-Encoding
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.9fc2645f.1735125760.48f42556
Timing-Allow-Origin: *
GET

https://r.bing.com/rp/-2EVJNDwymhr08bVch00GwpjiDA.br.js

msedge.exe

Remote address:

95.100.195.189:443

Request

GET /rp/-2EVJNDwymhr08bVch00GwpjiDA.br.js HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept: */*
Origin: https://www.bing.com
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Last-Modified: Mon, 14 Oct 2024 19:24:23 GMT
ETag: 0x8DCEC85CF372642
Content-Length: 1043
Content-Type: text/javascript; charset=utf-8
Content-Encoding: br
Content-MD5: PkxdhPHrMXZXxfqaK/YI3w==
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 11da2983-c01e-006a-1ad0-1eb63b000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Akamai-GRN: 0.8f777b5c.1731598464.6c585f1
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
Cache-Control: public, no-transform, max-age=262093
Expires: Sat, 28 Dec 2024 12:10:53 GMT
Date: Wed, 25 Dec 2024 11:22:40 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.9fc2645f.1735125760.48f42639
Timing-Allow-Origin: *
GET

https://r.bing.com/rp/fSddFSSxFfxdxp7epLdqESvgpwk.br.js

msedge.exe

Remote address:

95.100.195.189:443

Request

GET /rp/fSddFSSxFfxdxp7epLdqESvgpwk.br.js HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
Origin: https://www.bing.com
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
DNT: 1
Accept: */*
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: script
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Last-Modified: Tue, 24 Sep 2024 06:46:03 GMT
ETag: 0x8DCDC648F4BFF09
Content-Length: 228
Content-Type: text/javascript; charset=utf-8
Content-Encoding: br
Content-MD5: Y6e5MlUs6sHR9zc21k8L3Q==
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: e1211d2d-701e-0037-0e0a-16463f000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Akamai-GRN: 0.a4777b5c.1730404966.a887c7c
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
Cache-Control: public, no-transform, max-age=176351
Expires: Fri, 27 Dec 2024 12:21:51 GMT
Date: Wed, 25 Dec 2024 11:22:40 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.9fc2645f.1735125760.48f4275f
Timing-Allow-Origin: *
GET

https://r.bing.com/rp/7R5WVaqi6UfSmn2gXZNR1SUqI2k.br.js

msedge.exe

Remote address:

95.100.195.189:443

Request

GET /rp/7R5WVaqi6UfSmn2gXZNR1SUqI2k.br.js HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
Origin: https://www.bing.com
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
DNT: 1
Accept: */*
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: script
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Last-Modified: Tue, 24 Sep 2024 05:51:48 GMT
ETag: 0x8DCDC5CFB1576E1
Content-Length: 740
Content-Type: text/javascript; charset=utf-8
Content-Encoding: br
Content-MD5: 1o9FHYejRFFBDBjhowYrFQ==
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 21b24197-401e-001d-6ba4-2b337a000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=258281
Expires: Sat, 28 Dec 2024 11:07:21 GMT
Date: Wed, 25 Dec 2024 11:22:40 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.9fc2645f.1735125760.48f429aa
Timing-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/BkcwASIof-oJUpgdmm3P7mWEwrY.br.js

msedge.exe

Remote address:

95.100.195.189:443

Request

GET /rp/BkcwASIof-oJUpgdmm3P7mWEwrY.br.js HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
Origin: https://www.bing.com
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
DNT: 1
Accept: */*
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: script
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Last-Modified: Tue, 24 Sep 2024 05:58:31 GMT
ETag: 0x8DCDC5DEAF9FB19
Content-Length: 715
Content-Type: text/javascript; charset=utf-8
Content-Encoding: br
Content-MD5: E1FrAnKe8MGupxHBCdhj7w==
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: fb38b51c-b01e-0003-4447-27e997000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=130888
Expires: Thu, 26 Dec 2024 23:44:09 GMT
Date: Wed, 25 Dec 2024 11:22:41 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.9fc2645f.1735125761.48f42a69
Timing-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/F9ya6E3sghxzDhnC7u30wctxmxI.br.js

msedge.exe

Remote address:

95.100.195.189:443

Request

GET /rp/F9ya6E3sghxzDhnC7u30wctxmxI.br.js HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
Origin: https://www.bing.com
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
DNT: 1
Accept: */*
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: script
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Last-Modified: Thu, 10 Oct 2024 00:29:07 GMT
ETag: 0x8DCE8C28D567CB8
Content-Length: 5639
Content-Type: text/javascript; charset=utf-8
Content-Encoding: br
Content-MD5: QpN1WDSLeAZ/Hq+4E0+B/A==
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 21aa3398-e01e-001b-1a7f-36c402000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Akamai-GRN: 0.6d711102.1731579776.c4cdaafc
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
Cache-Control: public, no-transform, max-age=75851
Expires: Thu, 26 Dec 2024 08:26:52 GMT
Date: Wed, 25 Dec 2024 11:22:41 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.9fc2645f.1735125761.48f42af5
Timing-Allow-Origin: *
GET

https://th.bing.com/th?id=ODLS.A2450BEC-5595-40BA-9F13-D9EC6AB74B9F&w=32&h=32&qlt=90&pcl=fffffa&o=6&pid=1.2

msedge.exe

Remote address:

95.100.195.175:443

Request

GET /th?id=ODLS.A2450BEC-5595-40BA-9F13-D9EC6AB74B9F&w=32&h=32&qlt=90&pcl=fffffa&o=6&pid=1.2 HTTP/1.1
Host: th.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=2338596C739167DE37764C0C725866D5; _EDGE_S=F=1&SID=1237EDD3F7EE629C1C5CF8B3F6276339; _EDGE_V=1; USRLOC=HS=1; _SS=PC=U531&SID=1237EDD3F7EE629C1C5CF8B3F6276339; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=2D3226E919DD4358A046111CD2C18B22&dmnchg=1; SRCHUSR=DOB=20241225; ak_bmsc=2A9335954D3F56E8581EF560E67280CB~000000000000000000000000000000~YAAQhsJkX5eApu2TAQAAQ+eN/RpUqnTT3y0DuOK4JGYnvggFsOXTypTxjSCS2H/QHcqS5/tt98eklF8q24NGXIrzGoufZex6A1fFaYI0HtCXNAmQuV1svccr7m0EXvJ3VvliO+T1k61J9zAUzKtvK2aFs+ul2wAp1uSxNBsiIbRqpqM21hvia0At3e0RLJ7oOrbVsPPZhWTy7+l4ng/bARBf2Hwh2Ap9CsYKoENVXG7Icivuznsh1z4QWy7x5jhQ5Twh6GJQWj3Cg93jzNv5+Rs3xceCOyquicxIYQLJl7UKGsyFt8bjgA/kFCSH4lUnNfL6QPoIcGDmvCsT7fakphMixxP8B6mS1w3OGaqmpzjdjZwbF8wiVNy9Hx2soDk=; SRCHHPGUSR=SRCHLANG=en&HV=1735125756&DM=0&NTWKTYP=4g&BRW=M&BRH=S&CW=1280&CH=601&SCW=1263&SCH=1983&DPR=1.0&UTC=0

Response

HTTP/1.1 200 OK

Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Timing-Allow-Origin: *
Report-To: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
NEL: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
Content-Length: 616
Cache-Control: public, max-age=1546536
Date: Wed, 25 Dec 2024 11:22:40 GMT
X-Cache: TCP_MISS from a95-100-194-181.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.b5c2645f.1735125760.32df11cd
X-Check-Cacheable: YES
GET

https://th.bing.com/th?id=ODLS.A2450BEC-5595-40BA-9F13-D9EC6AB74B9F&w=32&h=32&qlt=91&pcl=fffffa&o=6&pid=1.2

msedge.exe

Remote address:

95.100.195.175:443

Request

GET /th?id=ODLS.A2450BEC-5595-40BA-9F13-D9EC6AB74B9F&w=32&h=32&qlt=91&pcl=fffffa&o=6&pid=1.2 HTTP/1.1
Host: th.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=2338596C739167DE37764C0C725866D5; _EDGE_S=F=1&SID=1237EDD3F7EE629C1C5CF8B3F6276339; _EDGE_V=1; USRLOC=HS=1; _SS=PC=U531&SID=1237EDD3F7EE629C1C5CF8B3F6276339; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=2D3226E919DD4358A046111CD2C18B22&dmnchg=1; SRCHUSR=DOB=20241225; ak_bmsc=2A9335954D3F56E8581EF560E67280CB~000000000000000000000000000000~YAAQhsJkX5eApu2TAQAAQ+eN/RpUqnTT3y0DuOK4JGYnvggFsOXTypTxjSCS2H/QHcqS5/tt98eklF8q24NGXIrzGoufZex6A1fFaYI0HtCXNAmQuV1svccr7m0EXvJ3VvliO+T1k61J9zAUzKtvK2aFs+ul2wAp1uSxNBsiIbRqpqM21hvia0At3e0RLJ7oOrbVsPPZhWTy7+l4ng/bARBf2Hwh2Ap9CsYKoENVXG7Icivuznsh1z4QWy7x5jhQ5Twh6GJQWj3Cg93jzNv5+Rs3xceCOyquicxIYQLJl7UKGsyFt8bjgA/kFCSH4lUnNfL6QPoIcGDmvCsT7fakphMixxP8B6mS1w3OGaqmpzjdjZwbF8wiVNy9Hx2soDk=; SRCHHPGUSR=SRCHLANG=en&HV=1735125756&DM=0&NTWKTYP=4g&BRW=M&BRH=S&CW=1280&CH=601&SCW=1263&SCH=1983&DPR=1.0&UTC=0

Response

HTTP/1.1 200 OK

Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Timing-Allow-Origin: *
Report-To: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
NEL: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
Content-Length: 616
Cache-Control: public, max-age=857495
Date: Wed, 25 Dec 2024 11:22:40 GMT
X-Cache: TCP_HIT from a95-100-194-181.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.b5c2645f.1735125760.32df2a46
X-Check-Cacheable: YES
GET

https://th.bing.com/th?id=ODLS.A2450BEC-5595-40BA-9F13-D9EC6AB74B9F&w=32&h=32&qlt=96&pcl=fffffa&o=6&pid=1.2

msedge.exe

Remote address:

95.100.195.175:443

Request

GET /th?id=ODLS.A2450BEC-5595-40BA-9F13-D9EC6AB74B9F&w=32&h=32&qlt=96&pcl=fffffa&o=6&pid=1.2 HTTP/1.1
Host: th.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=2338596C739167DE37764C0C725866D5; _EDGE_S=F=1&SID=1237EDD3F7EE629C1C5CF8B3F6276339; _EDGE_V=1; USRLOC=HS=1; _SS=PC=U531&SID=1237EDD3F7EE629C1C5CF8B3F6276339; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=2D3226E919DD4358A046111CD2C18B22&dmnchg=1; SRCHUSR=DOB=20241225; ak_bmsc=2A9335954D3F56E8581EF560E67280CB~000000000000000000000000000000~YAAQhsJkX5eApu2TAQAAQ+eN/RpUqnTT3y0DuOK4JGYnvggFsOXTypTxjSCS2H/QHcqS5/tt98eklF8q24NGXIrzGoufZex6A1fFaYI0HtCXNAmQuV1svccr7m0EXvJ3VvliO+T1k61J9zAUzKtvK2aFs+ul2wAp1uSxNBsiIbRqpqM21hvia0At3e0RLJ7oOrbVsPPZhWTy7+l4ng/bARBf2Hwh2Ap9CsYKoENVXG7Icivuznsh1z4QWy7x5jhQ5Twh6GJQWj3Cg93jzNv5+Rs3xceCOyquicxIYQLJl7UKGsyFt8bjgA/kFCSH4lUnNfL6QPoIcGDmvCsT7fakphMixxP8B6mS1w3OGaqmpzjdjZwbF8wiVNy9Hx2soDk=; SRCHHPGUSR=SRCHLANG=en&HV=1735125759&DM=0&NTWKTYP=4g&BRW=M&BRH=S&CW=1280&CH=601&SCW=1263&SCH=1983&DPR=1.0&UTC=0

Response

HTTP/1.1 200 OK

Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Timing-Allow-Origin: *
Report-To: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
NEL: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
Content-Length: 616
Cache-Control: public, max-age=1593521
Date: Wed, 25 Dec 2024 11:22:40 GMT
X-Cache: TCP_MEM_HIT from a95-100-194-181.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.b5c2645f.1735125760.32df2b9d
X-Check-Cacheable: YES
OPTIONS

https://aefd.nelreports.net/api/report?cat=bingaotak

msedge.exe

Remote address:

2.19.252.134:443

Request

OPTIONS /api/report?cat=bingaotak HTTP/1.1
Host: aefd.nelreports.net
Connection: keep-alive
Origin: https://r.bing.com
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Length: 0
Server: Kestrel
Date: Wed, 25 Dec 2024 11:22:37 GMT
Alt-Svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Connection: keep-alive
PMUSER_FORMAT_QS:
X-CDN-TraceId: 0.92f91302.1735125757.9ec7e4b2
Access-Control-Allow-Headers: *
Access-Control-Allow-Credentials: false
Access-Control-Allow-Methods: GET, OPTIONS, POST
Access-Control-Allow-Origin: *
OPTIONS

https://aefd.nelreports.net/api/report?cat=bingaotak

msedge.exe

Remote address:

2.19.252.134:443

Request

OPTIONS /api/report?cat=bingaotak HTTP/1.1
Host: aefd.nelreports.net
Connection: keep-alive
Origin: https://r.bing.com
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Length: 0
Server: Kestrel
Date: Wed, 25 Dec 2024 11:23:37 GMT
Connection: keep-alive
PMUSER_FORMAT_QS:
X-CDN-TraceId: 0.92f91302.1735125817.9ec7e52c
Access-Control-Allow-Headers: *
Access-Control-Allow-Credentials: false
Access-Control-Allow-Methods: GET, OPTIONS, POST
Access-Control-Allow-Origin: *
GET

https://r.bing.com/rp/NW_w0EXs3h3l9N3PeqyVuRIrqp8.br.js

msedge.exe

Remote address:

95.100.195.189:443

Request

GET /rp/NW_w0EXs3h3l9N3PeqyVuRIrqp8.br.js HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept: */*
Origin: https://www.bing.com
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Last-Modified: Tue, 24 Sep 2024 06:17:01 GMT
ETag: 0x8DCDC60808668AA
Content-Length: 541
Content-Type: text/javascript; charset=utf-8
Content-Encoding: br
Content-MD5: NEMR8KpUsOFkLfYMbaoAQw==
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 4d6ce778-e01e-001b-6598-2ac402000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=335567
Expires: Sun, 29 Dec 2024 08:35:25 GMT
Date: Wed, 25 Dec 2024 11:22:38 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.bfc2645f.1735125758.5d880966
Timing-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/B41j9eGM1DLNjQd-XrgY_sctGDk.br.js

msedge.exe

Remote address:

95.100.195.189:443

Request

GET /rp/B41j9eGM1DLNjQd-XrgY_sctGDk.br.js HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept: */*
Origin: https://www.bing.com
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Last-Modified: Tue, 24 Sep 2024 05:57:45 GMT
ETag: 0x8DCDC5DCFBB3524
Content-Length: 198
Content-Type: text/javascript; charset=utf-8
Content-Encoding: br
Content-MD5: VLeA+PwqwSD+v3fH/0ovUw==
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: d5e22578-601e-004e-01d0-292f75000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=156345
Expires: Fri, 27 Dec 2024 06:48:23 GMT
Date: Wed, 25 Dec 2024 11:22:38 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.bfc2645f.1735125758.5d88096f
Timing-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/LLsqdhmv3RjYgfuepDBrVLeWshY.br.js

msedge.exe

Remote address:

95.100.195.189:443

Request

GET /rp/LLsqdhmv3RjYgfuepDBrVLeWshY.br.js HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept: */*
Origin: https://www.bing.com
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Last-Modified: Tue, 24 Sep 2024 06:13:41 GMT
ETag: 0x8DCDC6009620215
Content-Length: 63
Content-Type: text/javascript; charset=utf-8
Content-Encoding: br
Content-MD5: Xvj0756XVlhYFsFZY4TuJg==
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: da4d0d58-b01e-0003-0aad-14e997000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Akamai-GRN: 0.4e8a4917.1733461773.1155acb3
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
Cache-Control: public, no-transform, max-age=49610
Expires: Thu, 26 Dec 2024 01:09:28 GMT
Date: Wed, 25 Dec 2024 11:22:38 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.bfc2645f.1735125758.5d880a5d
Timing-Allow-Origin: *
GET

https://r.bing.com/rp/T5889cz8zTrV7Rl2tlyjGriSuv0.br.js

msedge.exe

Remote address:

95.100.195.189:443

Request

GET /rp/T5889cz8zTrV7Rl2tlyjGriSuv0.br.js HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept: */*
Origin: https://www.bing.com
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Last-Modified: Tue, 24 Sep 2024 06:25:49 GMT
ETag: 0x8DCDC61BBB65CB9
Content-Length: 150
Content-Type: text/javascript; charset=utf-8
Content-Encoding: br
Content-MD5: xMZwK0KBSElsxsIPlTMEkw==
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 91a79e64-901e-005b-6b1b-1aedec000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=376785
Expires: Sun, 29 Dec 2024 20:02:23 GMT
Date: Wed, 25 Dec 2024 11:22:38 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.bfc2645f.1735125758.5d880b36
Timing-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/Hdw3pI7FtFvJcOy2ZZvd6vlbAOU.br.js

msedge.exe

Remote address:

95.100.195.189:443

Request

GET /rp/Hdw3pI7FtFvJcOy2ZZvd6vlbAOU.br.js HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept: */*
Origin: https://www.bing.com
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Last-Modified: Tue, 24 Sep 2024 06:07:39 GMT
ETag: 0x8DCDC5F3193CF2A
Content-Length: 1292
Content-Type: text/javascript; charset=utf-8
Content-Encoding: br
Content-MD5: I3BasKzrfxsTHnCpr2Oniw==
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 1952c5c6-e01e-005f-1aff-17186e000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Akamai-GRN: 0.2f421202.1730437804.2dd8333
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
Cache-Control: public, no-transform, max-age=209626
Expires: Fri, 27 Dec 2024 21:36:24 GMT
Date: Wed, 25 Dec 2024 11:22:38 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.bfc2645f.1735125758.5d880bfd
Timing-Allow-Origin: *
GET

https://r.bing.com/rp/6ZpK9fh9cD0LYcXzkYpUR9MV_-g.br.js

msedge.exe

Remote address:

95.100.195.189:443

Request

GET /rp/6ZpK9fh9cD0LYcXzkYpUR9MV_-g.br.js HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept: */*
Origin: https://www.bing.com
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Last-Modified: Tue, 24 Sep 2024 05:50:37 GMT
ETag: 0x8DCDC5CD0923D35
Content-Length: 152
Content-Type: text/javascript; charset=utf-8
Content-Encoding: br
Content-MD5: OYWm8oudh4jPf5ceaY2T4A==
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: f16e0707-b01e-006e-3ea4-1443b9000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=215377
Expires: Fri, 27 Dec 2024 23:12:15 GMT
Date: Wed, 25 Dec 2024 11:22:38 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.bfc2645f.1735125758.5d880ca7
Timing-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/Mi_1CQO28mEq97e_dzQbiA3Bgx0.br.js

msedge.exe

Remote address:

95.100.195.189:443

Request

GET /rp/Mi_1CQO28mEq97e_dzQbiA3Bgx0.br.js HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept: */*
Origin: https://www.bing.com
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Last-Modified: Tue, 24 Sep 2024 06:15:22 GMT
ETag: 0x8DCDC6045E28140
Akamai-GRN: 0.a3777b5c.1730410403.1010ccdc
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
Content-Length: 200
Content-Type: text/javascript; charset=utf-8
Content-Encoding: br
Content-MD5: Gk5DW+HIyCdDGbieeoXmdg==
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 3d5ecc43-401e-0034-56a9-144538000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=343598
Expires: Sun, 29 Dec 2024 10:49:17 GMT
Date: Wed, 25 Dec 2024 11:22:39 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.bfc2645f.1735125759.5d880d43
Timing-Allow-Origin: *
GET

https://r.bing.com/rp/n21aGRCN5EKHB3qObygw029dyNU.br.js

msedge.exe

Remote address:

95.100.195.189:443

Request

GET /rp/n21aGRCN5EKHB3qObygw029dyNU.br.js HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept: */*
Origin: https://www.bing.com
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Last-Modified: Tue, 24 Sep 2024 06:57:19 GMT
ETag: 0x8DCDC66220B7293
Akamai-GRN: 0.521a1202.1730342427.b90f8642
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
Content-Length: 806
Content-Type: text/javascript; charset=utf-8
Content-Encoding: br
Content-MD5: hRrTe9xFPcEQGLGPgVvjhw==
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 3ed5921b-601e-0028-650e-169d2f000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=100772
Expires: Thu, 26 Dec 2024 15:22:11 GMT
Date: Wed, 25 Dec 2024 11:22:39 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.bfc2645f.1735125759.5d880ddf
Timing-Allow-Origin: *
GET

https://r.bing.com/rp/zL4sntecq0RmP6dobtS9Rd5WRvU.br.js

msedge.exe

Remote address:

95.100.195.189:443

Request

GET /rp/zL4sntecq0RmP6dobtS9Rd5WRvU.br.js HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept: */*
Origin: https://www.bing.com
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Last-Modified: Thu, 10 Oct 2024 00:34:27 GMT
ETag: 0x8DCE8C34C6E86D0
Akamai-GRN: 0.85c2645f.1732807952.5bf2c75
Content-Length: 1532
Content-Type: text/javascript; charset=utf-8
Content-Encoding: br
Content-MD5: 5WRb79OLEOB99g79FkaKhA==
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 88c6955a-701e-005a-3a0b-36ec11000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=211407
Expires: Fri, 27 Dec 2024 22:06:06 GMT
Date: Wed, 25 Dec 2024 11:22:39 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.bfc2645f.1735125759.5d880ec1
Timing-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/c-kfqLSd-OD-g3VtLKozRdXMO14.br.js

msedge.exe

Remote address:

95.100.195.189:443

Request

GET /rp/c-kfqLSd-OD-g3VtLKozRdXMO14.br.js HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept: */*
Origin: https://www.bing.com
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Last-Modified: Thu, 10 Oct 2024 00:32:37 GMT
ETag: 0x8DCE8C30A6A61DD
Content-Type: text/javascript; charset=utf-8
Content-MD5: /nrOcgcgG+7k8yxsmx1J4Q==
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 9ee5f1c5-801e-0066-7d01-3758ca000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Content-Length: 7001
Cache-Control: public, no-transform, max-age=163400
Expires: Fri, 27 Dec 2024 08:45:59 GMT
Date: Wed, 25 Dec 2024 11:22:39 GMT
Connection: keep-alive
Vary: Accept-Encoding
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.bfc2645f.1735125759.5d880f5c
Timing-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/Nz3080e44w3456W4QiR1L5nz6Tg.br.js

msedge.exe

Remote address:

95.100.195.189:443

Request

GET /rp/Nz3080e44w3456W4QiR1L5nz6Tg.br.js HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept: */*
Origin: https://www.bing.com
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Last-Modified: Tue, 24 Sep 2024 06:17:40 GMT
ETag: 0x8DCDC6097D3561C
Content-Length: 324
Content-Type: text/javascript; charset=utf-8
Content-Encoding: br
Content-MD5: KixLi5xMliwEIxbNV8RpbA==
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: b741ea4e-001e-0077-3414-1b6fd1000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=106963
Expires: Thu, 26 Dec 2024 17:05:22 GMT
Date: Wed, 25 Dec 2024 11:22:39 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.bfc2645f.1735125759.5d881015
Timing-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/UftfQbYuKvGGEUHPU3QGHYd90Z8.br.js

msedge.exe

Remote address:

95.100.195.189:443

Request

GET /rp/UftfQbYuKvGGEUHPU3QGHYd90Z8.br.js HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept: */*
Origin: https://www.bing.com
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Last-Modified: Tue, 24 Sep 2024 06:28:19 GMT
ETag: 0x8DCDC62149C3678
Akamai-GRN: 0.521a1202.1733400032.56cd89f7
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
Content-Length: 386
Content-Type: text/javascript; charset=utf-8
Content-Encoding: br
Content-MD5: 6W4GJTTFhKoLN+eXDWPo3Q==
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 2f7b32df-801e-006d-2071-1540be000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=401662
Expires: Mon, 30 Dec 2024 02:57:01 GMT
Date: Wed, 25 Dec 2024 11:22:39 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.bfc2645f.1735125759.5d88111a
Timing-Allow-Origin: *
GET

https://r.bing.com/rp/WwTHOlBv_iLBpZXNWkp-HzVHgrM.br.js

msedge.exe

Remote address:

95.100.195.189:443

Request

GET /rp/WwTHOlBv_iLBpZXNWkp-HzVHgrM.br.js HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept: */*
Origin: https://www.bing.com
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Last-Modified: Thu, 10 Oct 2024 00:31:17 GMT
ETag: 0x8DCE8C2DB362309
Content-Length: 3498
Content-Type: text/javascript; charset=utf-8
Content-Encoding: br
Content-MD5: qFAs4wCMzQBOlKg9KBk6eA==
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 62ae4166-101e-0063-2096-2bacb5000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=158414
Expires: Fri, 27 Dec 2024 07:22:54 GMT
Date: Wed, 25 Dec 2024 11:22:40 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.bfc2645f.1735125760.5d8811d4
Timing-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/Sv8bO2oxkbGjZh6Pe_GKzG1DtDU.br.js

msedge.exe

Remote address:

95.100.195.189:443

Request

GET /rp/Sv8bO2oxkbGjZh6Pe_GKzG1DtDU.br.js HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept: */*
Origin: https://www.bing.com
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Last-Modified: Fri, 13 Dec 2024 07:56:08 GMT
ETag: 0x8DD1B4B9A365000
Content-Length: 474
Content-Type: text/javascript; charset=utf-8
Content-Encoding: br
Content-MD5: p/3mO7vALd9wD5esEzLGZw==
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: f8018f31-b01e-002a-1085-4d9fd5000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Akamai-GRN: 0.60ba1302.1734126748.4cf25312
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
Cache-Control: public, no-transform, max-age=167593
Expires: Fri, 27 Dec 2024 09:55:53 GMT
Date: Wed, 25 Dec 2024 11:22:40 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.bfc2645f.1735125760.5d881283
Timing-Allow-Origin: *
GET

https://r.bing.com/rb/3s/jnc,nj/MVT8kycZ0G8jBgAYbG29BRlRppY.js?bu=Abkd&or=w

msedge.exe

Remote address:

95.100.195.189:443

Request

GET /rb/3s/jnc,nj/MVT8kycZ0G8jBgAYbG29BRlRppY.js?bu=Abkd&or=w HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
Origin: https://www.bing.com
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
DNT: 1
Accept: */*
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: script
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Length: 1463
Content-Type: application/x-javascript; charset=utf-8
Server: Kestrel
Access-Control-Allow-Headers: *
Access-Control-Allow-Origin: *
Content-Encoding: br
Last-Modified: Fri, 20 Dec 2024 00:16:16 GMT
X-EventID: 6769311b287b4ebbbf355a0a1ac084ab
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, ECT, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
UserAgentReductionOptOut: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
X-AS-InstrumentationOptions: AppServerLoggingMaster=1
X-AS-MACHINENAME: DUBEEAP0000E031
X-AS-SuppressSetCookie: 1
Content-Security-Policy-Report-Only: script-src https: 'strict-dynamic' 'report-sample' 'wasm-unsafe-eval' 'nonce-ZQhTGSNoNJLJlsUHNjmnc0U1U0qABHytJireKMzkmE8='; base-uri 'self';report-to csp-endpoint
Report-To: {"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
Report-To: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingrms"}]}
cross-origin-resource-policy: cross-origin
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.75}
Cache-Control: public, max-age=253298
Expires: Sat, 28 Dec 2024 09:44:18 GMT
Date: Wed, 25 Dec 2024 11:22:40 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.bfc2645f.1735125760.5d881359
Timing-Allow-Origin: *
GET

https://r.bing.com/rp/18fHpE0UHdi8_2-uCNRuSOzGKik.br.js

msedge.exe

Remote address:

95.100.195.189:443

Request

GET /rp/18fHpE0UHdi8_2-uCNRuSOzGKik.br.js HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
Origin: https://www.bing.com
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
DNT: 1
Accept: */*
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: script
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Last-Modified: Mon, 14 Oct 2024 19:30:43 GMT
ETag: 0x8DCEC86B1AF2C58
Content-Length: 691
Content-Type: text/javascript; charset=utf-8
Content-Encoding: br
Content-MD5: elyDJWRv9cAKHTrdGIwqSQ==
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 8508dc54-d01e-005c-6274-1e1b69000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Akamai-GRN: 0.521a1202.1730985652.7d1f9ef
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
Cache-Control: public, no-transform, max-age=419930
Expires: Mon, 30 Dec 2024 08:01:30 GMT
Date: Wed, 25 Dec 2024 11:22:40 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.bfc2645f.1735125760.5d8815d7
Timing-Allow-Origin: *
GET

https://r.bing.com/rp/lwgCOY8rCo0Ub0btSshwRlT9HWI.br.js

msedge.exe

Remote address:

95.100.195.189:443

Request

GET /rp/lwgCOY8rCo0Ub0btSshwRlT9HWI.br.js HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
Origin: https://www.bing.com
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
DNT: 1
Accept: */*
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: script
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Last-Modified: Wed, 09 Oct 2024 06:47:11 GMT
ETag: 0x8DCE82E33DB4289
Akamai-GRN: 0.ac777b5c.1733993373.4152564
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
Content-Length: 263
Content-Type: text/javascript; charset=utf-8
Content-Encoding: br
Content-MD5: kSd0hTdqYlIKxD09mZrqMA==
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 19451da4-501e-0046-6040-1a3406000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=77046
Expires: Thu, 26 Dec 2024 08:46:47 GMT
Date: Wed, 25 Dec 2024 11:22:41 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.bfc2645f.1735125761.5d881689
Timing-Allow-Origin: *
GET

https://r.bing.com/rp/qwce00QJxdHzNxXh5H1mBc8QgBU.br.js

msedge.exe

Remote address:

95.100.195.189:443

Request

GET /rp/qwce00QJxdHzNxXh5H1mBc8QgBU.br.js HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept: */*
Origin: https://www.bing.com
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Last-Modified: Tue, 24 Sep 2024 07:03:23 GMT
ETag: 0x8DCDC66FAE00DFD
Content-Type: text/javascript; charset=utf-8
Content-MD5: v9w4V2ItZPq2nYGNSEmAzA==
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: f7c2ff7f-701e-0073-1241-2c9a53000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Content-Length: 206
Cache-Control: public, no-transform, max-age=262627
Expires: Sat, 28 Dec 2024 12:19:45 GMT
Date: Wed, 25 Dec 2024 11:22:38 GMT
Connection: keep-alive
Vary: Accept-Encoding
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.c3c2645f.1735125758.10e9cea1
Timing-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rs/6r/ke/jnc,nj/Cxjd16nFbgkBYjPRUOx3kaNSK7w.js?or=w

msedge.exe

Remote address:

95.100.195.189:443

Request

GET /rs/6r/ke/jnc,nj/Cxjd16nFbgkBYjPRUOx3kaNSK7w.js?or=w HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept: */*
Origin: https://www.bing.com
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Length: 168
Content-Type: application/x-javascript; charset=utf-8
Server: Kestrel
Access-Control-Allow-Headers: *
Access-Control-Allow-Origin: *
Content-Encoding: br
Last-Modified: Fri, 20 Dec 2024 00:02:20 GMT
X-EventID: 6765fffadca64869b10e190d5219adf1
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, ECT, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
UserAgentReductionOptOut: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
X-AS-InstrumentationOptions: AppServerLoggingMaster=1
X-AS-MACHINENAME: DUBEEAP0000E07D
X-AS-SuppressSetCookie: 1
Content-Security-Policy: script-src https: 'strict-dynamic' 'report-sample' 'wasm-unsafe-eval' 'nonce-HpHqNVY0V+G9a5scg1cqHA0hLb9PnALubz/15DN3AAc='; base-uri 'self';report-to csp-endpoint
Report-To: {"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
Report-To: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingrms"}]}
cross-origin-resource-policy: cross-origin
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.75}
Cache-Control: public, max-age=44077
Expires: Wed, 25 Dec 2024 23:37:15 GMT
Date: Wed, 25 Dec 2024 11:22:38 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.c3c2645f.1735125758.10e9ceea
Timing-Allow-Origin: *
GET

https://r.bing.com/rp/8xkvUeJjS0zgx9UJLaoz8Ih_Yy4.br.js

msedge.exe

Remote address:

95.100.195.189:443

Request

GET /rp/8xkvUeJjS0zgx9UJLaoz8Ih_Yy4.br.js HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept: */*
Origin: https://www.bing.com
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Last-Modified: Tue, 24 Sep 2024 05:54:28 GMT
ETag: 0x8DCDC5D5A2ED889
Content-Length: 598
Content-Type: text/javascript; charset=utf-8
Content-Encoding: br
Content-MD5: 1nLWdicDwxe3KsJ1SxmxmQ==
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 744554e7-001e-0077-438e-186fd1000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Akamai-GRN: 0.521a1202.1730103861.3682892a
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
Cache-Control: public, no-transform, max-age=36508
Expires: Wed, 25 Dec 2024 21:31:06 GMT
Date: Wed, 25 Dec 2024 11:22:38 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.c3c2645f.1735125758.10e9cfe9
Timing-Allow-Origin: *
GET

https://r.bing.com/rp/cVhztCgE3ZjlZ4NrICPGsTh1WbQ.br.js

msedge.exe

Remote address:

95.100.195.189:443

Request

GET /rp/cVhztCgE3ZjlZ4NrICPGsTh1WbQ.br.js HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept: */*
Origin: https://www.bing.com
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Last-Modified: Tue, 24 Sep 2024 06:41:45 GMT
ETag: 0x8DCDC63F51C34C5
Content-Length: 779
Content-Type: text/javascript; charset=utf-8
Content-Encoding: br
Content-MD5: v3NqJ4fRbgHpdRJm3W2CIQ==
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 192f8b83-601e-006c-200b-154143000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Akamai-GRN: 0.a7777b5c.1727926153.3f89a14
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
Cache-Control: public, no-transform, max-age=210579
Expires: Fri, 27 Dec 2024 21:52:17 GMT
Date: Wed, 25 Dec 2024 11:22:38 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.c3c2645f.1735125758.10e9d0ce
Timing-Allow-Origin: *
GET

https://r.bing.com/rp/83zI0hMJWlilJFob8oEJ4_0I6j4.br.js

msedge.exe

Remote address:

95.100.195.189:443

Request

GET /rp/83zI0hMJWlilJFob8oEJ4_0I6j4.br.js HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept: */*
Origin: https://www.bing.com
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Last-Modified: Thu, 10 Oct 2024 00:28:03 GMT
ETag: 0x8DCE8C2678A65ED
Content-Length: 2425
Content-Type: text/javascript; charset=utf-8
Content-Encoding: br
Content-MD5: QLqZvnBZLjc5NijnEXP26w==
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 2f4507f6-101e-0027-2cde-1a70d9000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Akamai-GRN: 0.84777b5c.1731595927.6851f7a
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
Cache-Control: public, no-transform, max-age=63044
Expires: Thu, 26 Dec 2024 04:53:22 GMT
Date: Wed, 25 Dec 2024 11:22:38 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.c3c2645f.1735125758.10e9d184
Timing-Allow-Origin: *
GET

https://r.bing.com/rp/TjyWAmemrltxca9Tew0hTL__JHg.br.js

msedge.exe

Remote address:

95.100.195.189:443

Request

GET /rp/TjyWAmemrltxca9Tew0hTL__JHg.br.js HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept: */*
Origin: https://www.bing.com
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Last-Modified: Tue, 24 Sep 2024 06:26:57 GMT
ETag: 0x8DCDC61E3F44079
Content-Length: 1218
Content-Type: text/javascript; charset=utf-8
Content-Encoding: br
Content-MD5: 3+rYbha1WoVmHqd+xAo16Q==
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: d06e66b1-701e-0037-50e1-2a463f000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=176414
Expires: Fri, 27 Dec 2024 12:22:53 GMT
Date: Wed, 25 Dec 2024 11:22:39 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.c3c2645f.1735125759.10e9d24d
Timing-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/8CgcSSLayxEVUBf0swP_bQGMId8.br.js

msedge.exe

Remote address:

95.100.195.189:443

Request

GET /rp/8CgcSSLayxEVUBf0swP_bQGMId8.br.js HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept: */*
Origin: https://www.bing.com
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Last-Modified: Tue, 24 Sep 2024 05:52:56 GMT
ETag: 0x8DCDC5D2377F40E
Content-Type: text/javascript; charset=utf-8
Content-MD5: 0ApKmxnWdlgJ/r3VvxbmFQ==
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 2e3e1981-a01e-0058-3dc9-17eeeb000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Content-Length: 178
Cache-Control: public, no-transform, max-age=169731
Expires: Fri, 27 Dec 2024 10:31:30 GMT
Date: Wed, 25 Dec 2024 11:22:39 GMT
Connection: keep-alive
Vary: Accept-Encoding
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.c3c2645f.1735125759.10e9d38f
Timing-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/psgXZvzYJMEW2ydikIk493Va1d4.br.js

msedge.exe

Remote address:

95.100.195.189:443

Request

GET /rp/psgXZvzYJMEW2ydikIk493Va1d4.br.js HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept: */*
Origin: https://www.bing.com
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Last-Modified: Tue, 24 Sep 2024 07:02:01 GMT
ETag: 0x8DCDC66CA2704F8
Content-Length: 635
Content-Type: text/javascript; charset=utf-8
Content-Encoding: br
Content-MD5: cbryIH17LuJqgju0sWrerw==
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 9c1a67be-101e-002c-19ab-1668ad000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=97025
Expires: Thu, 26 Dec 2024 14:19:44 GMT
Date: Wed, 25 Dec 2024 11:22:39 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.c3c2645f.1735125759.10e9d498
Timing-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/K_V1CARn2Q2lTs5njJKUvUkHyi4.br.js

msedge.exe

Remote address:

95.100.195.189:443

Request

GET /rp/K_V1CARn2Q2lTs5njJKUvUkHyi4.br.js HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept: */*
Origin: https://www.bing.com
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Last-Modified: Tue, 24 Sep 2024 06:12:13 GMT
ETag: 0x8DCDC5FD53B2D55
Akamai-GRN: 0.a5777b5c.1733476761.1bee3b8b
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
Content-Length: 140
Content-Type: text/javascript; charset=utf-8
Content-Encoding: br
Content-MD5: zk7Mu+IZ+1Afv84KFZt8XQ==
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: e49a919d-b01e-0021-56c5-1787a1000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=32145
Expires: Wed, 25 Dec 2024 20:18:24 GMT
Date: Wed, 25 Dec 2024 11:22:39 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.c3c2645f.1735125759.10e9d58b
Timing-Allow-Origin: *
GET

https://r.bing.com/rp/uceaWoHkRefVM5EK1cFT2TcyRm0.br.js

msedge.exe

Remote address:

95.100.195.189:443

Request

GET /rp/uceaWoHkRefVM5EK1cFT2TcyRm0.br.js HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept: */*
Origin: https://www.bing.com
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Last-Modified: Tue, 24 Sep 2024 07:09:17 GMT
ETag: 0x8DCDC67CE093DD9
Content-Length: 420
Content-Type: text/javascript; charset=utf-8
Content-Encoding: br
Content-MD5: jo9OjDEVHQbXwUo+1GLIXA==
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 7d7c472f-d01e-0057-0ed8-16031d000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Akamai-GRN: 0.a5777b5c.1729982992.94fe2b2
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
Cache-Control: public, no-transform, max-age=43059
Expires: Wed, 25 Dec 2024 23:20:18 GMT
Date: Wed, 25 Dec 2024 11:22:39 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.c3c2645f.1735125759.10e9d68b
Timing-Allow-Origin: *
GET

https://r.bing.com/rp/6mZmj1db42G_jniFgdT7MCvBgyA.br.js

msedge.exe

Remote address:

95.100.195.189:443

Request

GET /rp/6mZmj1db42G_jniFgdT7MCvBgyA.br.js HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept: */*
Origin: https://www.bing.com
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Last-Modified: Tue, 24 Sep 2024 05:51:04 GMT
ETag: 0x8DCDC5CE09E00D2
Akamai-GRN: 0.a7777b5c.1729226598.228298be
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
Content-Type: text/javascript; charset=utf-8
Content-MD5: kdgVpI0X+oWcnOv0ZCUuIA==
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: c27362a4-801e-0066-350e-1658ca000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Content-Length: 415
Vary: Accept-Encoding
Cache-Control: public, no-transform, max-age=204192
Expires: Fri, 27 Dec 2024 20:05:51 GMT
Date: Wed, 25 Dec 2024 11:22:39 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.c3c2645f.1735125759.10e9d79d
Timing-Allow-Origin: *
GET

https://r.bing.com/rp/rWS0_tb2SOLTRkwVU0KG23fe_v0.br.js

msedge.exe

Remote address:

95.100.195.189:443

Request

GET /rp/rWS0_tb2SOLTRkwVU0KG23fe_v0.br.js HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept: */*
Origin: https://www.bing.com
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Last-Modified: Thu, 10 Oct 2024 00:33:54 GMT
ETag: 0x8DCE8C33887E39E
Content-Length: 600
Content-Type: text/javascript; charset=utf-8
Content-Encoding: br
Content-MD5: Zkzd6th/sQhbnSdzs68rIw==
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 82642192-201e-006b-2cc0-36b7c6000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Akamai-GRN: 0.ad421202.1731641973.825e405
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
Cache-Control: public, no-transform, max-age=70606
Expires: Thu, 26 Dec 2024 06:59:26 GMT
Date: Wed, 25 Dec 2024 11:22:40 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.c3c2645f.1735125760.10e9d8c8
Timing-Allow-Origin: *
GET

https://r.bing.com/rp/4a2l6ts7ENpX5gGW0kp5U2iD6h8.br.js

msedge.exe

Remote address:

95.100.195.189:443

Request

GET /rp/4a2l6ts7ENpX5gGW0kp5U2iD6h8.br.js HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept: */*
Origin: https://www.bing.com
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Type: text/javascript; charset=utf-8
Content-MD5: hmcBay1BgAVA4sBe4FzXJg==
Last-Modified: Mon, 14 Oct 2024 19:39:05 GMT
ETag: 0x8DCEC87DD067940
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: e6406887-201e-0049-0cdd-36d9f0000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Content-Length: 688
Cache-Control: public, no-transform, max-age=46816
Expires: Thu, 26 Dec 2024 00:22:56 GMT
Date: Wed, 25 Dec 2024 11:22:40 GMT
Connection: keep-alive
Vary: Accept-Encoding
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.c3c2645f.1735125760.10e9d9dd
Timing-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/irBkLw7EkO4AlsHlqwAleGAk1gY.br.js

msedge.exe

Remote address:

95.100.195.189:443

Request

GET /rp/irBkLw7EkO4AlsHlqwAleGAk1gY.br.js HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
Origin: https://www.bing.com
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
DNT: 1
Accept: */*
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: script
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Last-Modified: Thu, 10 Oct 2024 00:32:57 GMT
ETag: 0x8DCE8C316DFE599
Content-Length: 1592
Content-Type: text/javascript; charset=utf-8
Content-Encoding: br
Content-MD5: gFOTficCfqz3nmb9u7YPcA==
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 69be7871-201e-0024-23bc-3673de000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Akamai-GRN: 0.55421202.1731633899.9e35484
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
Cache-Control: public, no-transform, max-age=414073
Expires: Mon, 30 Dec 2024 06:23:53 GMT
Date: Wed, 25 Dec 2024 11:22:40 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.c3c2645f.1735125760.10e9dac9
Timing-Allow-Origin: *
GET

https://r.bing.com/rp/x2emqXiwLnoij1FAO-zonC2BP_I.br.js

msedge.exe

Remote address:

95.100.195.189:443

Request

GET /rp/x2emqXiwLnoij1FAO-zonC2BP_I.br.js HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept: */*
Origin: https://www.bing.com
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Last-Modified: Tue, 24 Sep 2024 07:12:56 GMT
ETag: 0x8DCDC68503BB79C
Content-Length: 581
Content-Type: text/javascript; charset=utf-8
Content-Encoding: br
Content-MD5: U2R9x9AHf4iYT7ZMEDdtZw==
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: bd368d45-401e-001d-039f-15337a000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Akamai-GRN: 0.521a1202.1730244807.8b23f7a0
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
Cache-Control: public, no-transform, max-age=222509
Expires: Sat, 28 Dec 2024 01:11:07 GMT
Date: Wed, 25 Dec 2024 11:22:38 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.86c2645f.1735125758.1314f43a
Timing-Allow-Origin: *
GET

https://r.bing.com/rp/fYa4G4wbz4PjD3tZaW3pycMuo2c.br.js

msedge.exe

Remote address:

95.100.195.189:443

Request

GET /rp/fYa4G4wbz4PjD3tZaW3pycMuo2c.br.js HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept: */*
Origin: https://www.bing.com
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Last-Modified: Tue, 24 Sep 2024 06:45:52 GMT
ETag: 0x8DCDC648875228E
Content-Length: 510
Content-Type: text/javascript; charset=utf-8
Content-Encoding: br
Content-MD5: hQdjDCHyrkihyogZmWzMPA==
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 4cd4b535-b01e-002a-0f60-199fd5000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Akamai-GRN: 0.ae777b5c.1730210906.30dde8e
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
Cache-Control: public, no-transform, max-age=258575
Expires: Sat, 28 Dec 2024 11:12:13 GMT
Date: Wed, 25 Dec 2024 11:22:38 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.86c2645f.1735125758.1314f45a
Timing-Allow-Origin: *
GET

https://r.bing.com/rp/zqwSU3XTEQLKpczawXAy_t0XtEU.br.js

msedge.exe

Remote address:

95.100.195.189:443

Request

GET /rp/zqwSU3XTEQLKpczawXAy_t0XtEU.br.js HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept: */*
Origin: https://www.bing.com
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Last-Modified: Tue, 24 Sep 2024 07:16:47 GMT
ETag: 0x8DCDC68DA2F1F39
Content-Length: 281
Content-Type: text/javascript; charset=utf-8
Content-Encoding: br
Content-MD5: XZluZ2KN4ywsPEFaG58RnQ==
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 898105a8-b01e-0047-5b1a-2b35fb000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Akamai-GRN: 0.4eba1302.1730354442.5349b232
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
Cache-Control: public, no-transform, max-age=241374
Expires: Sat, 28 Dec 2024 06:25:32 GMT
Date: Wed, 25 Dec 2024 11:22:38 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.86c2645f.1735125758.1314f557
Timing-Allow-Origin: *
GET

https://r.bing.com/rp/ip7DTy4KbenoY6zeu7omsfcdHyI.br.js

msedge.exe

Remote address:

95.100.195.189:443

Request

GET /rp/ip7DTy4KbenoY6zeu7omsfcdHyI.br.js HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept: */*
Origin: https://www.bing.com
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Last-Modified: Tue, 10 Dec 2024 11:10:16 GMT
ETag: 0x8DD190B39FAC4EF
Content-Length: 1242
Content-Type: text/javascript; charset=utf-8
Content-Encoding: br
Content-MD5: yI1ZJUTDrnonZz3v7n+p+Q==
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 0165eda0-a01e-0035-7238-4b44c5000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Akamai-GRN: 0.c2777b5c.1733870547.1066e3da
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
Cache-Control: public, no-transform, max-age=258276
Expires: Sat, 28 Dec 2024 11:07:14 GMT
Date: Wed, 25 Dec 2024 11:22:38 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.86c2645f.1735125758.1314f636
Timing-Allow-Origin: *
GET

https://r.bing.com/rs/6r/uR/jnc,nj/Qp5q6DtDal0Q6zp3EOeEQbFTsW0.js?or=w

msedge.exe

Remote address:

95.100.195.189:443

Request

GET /rs/6r/uR/jnc,nj/Qp5q6DtDal0Q6zp3EOeEQbFTsW0.js?or=w HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept: */*
Origin: https://www.bing.com
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Length: 1533
Content-Type: application/x-javascript; charset=utf-8
Server: Kestrel
Access-Control-Allow-Headers: *
Access-Control-Allow-Origin: *
Content-Encoding: br
Last-Modified: Fri, 20 Dec 2024 06:44:39 GMT
X-EventID: 676bdcddbc784de188d188a2bff64ca2
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, ECT, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
UserAgentReductionOptOut: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
X-AS-InstrumentationOptions: AppServerLoggingMaster=1
X-AS-MACHINENAME: DUBEEAP0000E214
X-AS-SuppressSetCookie: 1
Content-Security-Policy-Report-Only: script-src https: 'strict-dynamic' 'report-sample' 'wasm-unsafe-eval' 'nonce-pbKcUtndoZrHkkUdLwjIqV7fn9o67xEZ7p81NOv8LZM='; base-uri 'self';report-to csp-endpoint
Report-To: {"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
Report-To: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingrms"}]}
cross-origin-resource-policy: cross-origin
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.75}
Cache-Control: public, max-age=428386
Expires: Mon, 30 Dec 2024 10:22:24 GMT
Date: Wed, 25 Dec 2024 11:22:38 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.86c2645f.1735125758.1314f711
Timing-Allow-Origin: *
GET

https://r.bing.com/rp/LJBbk33xj0wpN1yZ2F5CHaTSir0.br.js

msedge.exe

Remote address:

95.100.195.189:443

Request

GET /rp/LJBbk33xj0wpN1yZ2F5CHaTSir0.br.js HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept: */*
Origin: https://www.bing.com
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Last-Modified: Tue, 24 Sep 2024 06:13:32 GMT
ETag: 0x8DCDC600424C39F
Content-Length: 409
Content-Type: text/javascript; charset=utf-8
Content-Encoding: br
Content-MD5: BteUZH4yORsv/669vnijjQ==
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 8895a3a9-f01e-002d-35d7-176950000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Akamai-GRN: 0.b7777b5c.1730212413.3e17c80
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
Cache-Control: public, no-transform, max-age=107011
Expires: Thu, 26 Dec 2024 17:06:10 GMT
Date: Wed, 25 Dec 2024 11:22:39 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.86c2645f.1735125759.1314f85a
Timing-Allow-Origin: *
GET

https://r.bing.com/rp/lLk8XmbdNzzlnPRzVzDhaF9yjqw.br.js

msedge.exe

Remote address:

95.100.195.189:443

Request

GET /rp/lLk8XmbdNzzlnPRzVzDhaF9yjqw.br.js HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept: */*
Origin: https://www.bing.com
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Last-Modified: Tue, 24 Sep 2024 06:55:01 GMT
ETag: 0x8DCDC65D005C0E0
Content-Length: 430
Content-Type: text/javascript; charset=utf-8
Content-Encoding: br
Content-MD5: l5PXwpOyUFdqY44wmnrCag==
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 6cf255c6-701e-003c-7d74-155e4b000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=50094
Expires: Thu, 26 Dec 2024 01:17:33 GMT
Date: Wed, 25 Dec 2024 11:22:39 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.86c2645f.1735125759.1314f944
Timing-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/9xGNA8UskvA9WHF58zbLOHZ5HvI.br.js

msedge.exe

Remote address:

95.100.195.189:443

Request

GET /rp/9xGNA8UskvA9WHF58zbLOHZ5HvI.br.js HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept: */*
Origin: https://www.bing.com
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Last-Modified: Tue, 24 Sep 2024 05:55:43 GMT
ETag: 0x8DCDC5D86C3D99C
Akamai-GRN: 0.b9777b5c.1734256392.14af4e7d
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
Content-Length: 308
Content-Type: text/javascript; charset=utf-8
Content-Encoding: br
Content-MD5: rimZQyGjXssDEnuSlgMaJA==
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 855d0f62-101e-0041-09a2-2bc283000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=404802
Expires: Mon, 30 Dec 2024 03:49:21 GMT
Date: Wed, 25 Dec 2024 11:22:39 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.86c2645f.1735125759.1314fa33
Timing-Allow-Origin: *
GET

https://r.bing.com/rp/5L3iD467J3iJWEPwIjxlK0MMDpY.br.js

msedge.exe

Remote address:

95.100.195.189:443

Request

GET /rp/5L3iD467J3iJWEPwIjxlK0MMDpY.br.js HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept: */*
Origin: https://www.bing.com
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Last-Modified: Mon, 14 Oct 2024 19:41:54 GMT
ETag: 0x8DCEC884215D06E
Content-Length: 772
Content-Type: text/javascript; charset=utf-8
Content-Encoding: br
Content-MD5: yaTET5I1fmUKhVemn0wu5w==
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: c1f3ee87-c01e-0025-5d79-1e7223000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=122460
Expires: Thu, 26 Dec 2024 21:23:39 GMT
Date: Wed, 25 Dec 2024 11:22:39 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.86c2645f.1735125759.1314fae6
Timing-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/NfTD8Ovh04Y_Ni14YxqYB8R_2_Q.br.js

msedge.exe

Remote address:

95.100.195.189:443

Request

GET /rp/NfTD8Ovh04Y_Ni14YxqYB8R_2_Q.br.js HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept: */*
Origin: https://www.bing.com
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Last-Modified: Tue, 24 Sep 2024 06:17:19 GMT
ETag: 0x8DCDC608BA54CA4
Akamai-GRN: 0.b4c2645f.1734705097.a6562da
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
Content-Type: text/javascript; charset=utf-8
Content-MD5: fr82fvtvcsicFIwsSPlj7g==
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 602e271b-401e-0034-26ec-154538000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Content-Length: 487
Vary: Accept-Encoding
Cache-Control: public, no-transform, max-age=169451
Expires: Fri, 27 Dec 2024 10:26:50 GMT
Date: Wed, 25 Dec 2024 11:22:39 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.86c2645f.1735125759.1314fbc1
Timing-Allow-Origin: *
GET

https://r.bing.com/rp/fRSNKQanUHk53F1a1Bi8UA71Qt4.br.js

msedge.exe

Remote address:

95.100.195.189:443

Request

GET /rp/fRSNKQanUHk53F1a1Bi8UA71Qt4.br.js HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept: */*
Origin: https://www.bing.com
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Last-Modified: Tue, 24 Sep 2024 06:46:13 GMT
ETag: 0x8DCDC6494C9BF9A
Content-Length: 174
Content-Type: text/javascript; charset=utf-8
Content-Encoding: br
Content-MD5: +jWBJey2nJqR+pG7G7E28A==
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 718bf412-301e-0074-1ff6-166cd6000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=411571
Expires: Mon, 30 Dec 2024 05:42:10 GMT
Date: Wed, 25 Dec 2024 11:22:39 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.86c2645f.1735125759.1314fc6e
Timing-Allow-Origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/zlfm-hC70pZAs62UVTTl3KShKOE.br.js

msedge.exe

Remote address:

95.100.195.189:443

Request

GET /rp/zlfm-hC70pZAs62UVTTl3KShKOE.br.js HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept: */*
Origin: https://www.bing.com
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Last-Modified: Tue, 24 Sep 2024 07:16:51 GMT
ETag: 0x8DCDC68DCA5DDA0
Akamai-GRN: 0.4c1a1202.1735110465.cd443f9e
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
Content-Length: 446
Content-Type: text/javascript; charset=utf-8
Content-Encoding: br
Content-MD5: wMjND6gwy3LKsXBo8Ww74w==
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 1f3f8833-a01e-0071-0101-1598a9000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=111980
Expires: Thu, 26 Dec 2024 18:29:00 GMT
Date: Wed, 25 Dec 2024 11:22:40 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.86c2645f.1735125760.1314fd83
Timing-Allow-Origin: *
GET

https://r.bing.com/rp/eKvcHdnNwo1WcxoSioV4ztnfZk8.br.js

msedge.exe

Remote address:

95.100.195.189:443

Request

GET /rp/eKvcHdnNwo1WcxoSioV4ztnfZk8.br.js HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept: */*
Origin: https://www.bing.com
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Last-Modified: Tue, 24 Sep 2024 06:44:16 GMT
ETag: 0x8DCDC644F5E5FC5
Content-Length: 1076
Content-Type: text/javascript; charset=utf-8
Content-Encoding: br
Content-MD5: oqLg+91b3FmpcS7e8iKMsQ==
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 70e43bb9-e01e-0032-0c15-16b240000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Akamai-GRN: 0.92777b5c.1730156784.1623cf2
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
Cache-Control: public, no-transform, max-age=207482
Expires: Fri, 27 Dec 2024 21:00:42 GMT
Date: Wed, 25 Dec 2024 11:22:40 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.86c2645f.1735125760.1314fe7c
Timing-Allow-Origin: *
GET

https://r.bing.com/rp/Y5Oi04QbFKQce-Q-PM36ANdY9E0.br.js

msedge.exe

Remote address:

95.100.195.189:443

Request

GET /rp/Y5Oi04QbFKQce-Q-PM36ANdY9E0.br.js HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
Origin: https://www.bing.com
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
DNT: 1
Accept: */*
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: script
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Last-Modified: Thu, 10 Oct 2024 00:31:12 GMT
ETag: 0x8DCE8C2D7EF6079
Content-Length: 1463
Content-Type: text/javascript; charset=utf-8
Content-Encoding: br
Content-MD5: OJc1hwgM/CmrnxKPR4pYmw==
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 2cfc1261-401e-0052-28bc-36f762000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Akamai-GRN: 0.a7777b5c.1731634627.4d03c2
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
Cache-Control: public, no-transform, max-age=156318
Expires: Fri, 27 Dec 2024 06:47:58 GMT
Date: Wed, 25 Dec 2024 11:22:40 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.86c2645f.1735125760.1314ff5b
Timing-Allow-Origin: *
GET

https://r.bing.com/rp/ulJ3ckR0YcGpvIX6xhO4prJhEQQ.br.js

msedge.exe

Remote address:

95.100.195.189:443

Request

GET /rp/ulJ3ckR0YcGpvIX6xhO4prJhEQQ.br.js HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
Origin: https://www.bing.com
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
DNT: 1
Accept: */*
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: script
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Last-Modified: Tue, 24 Sep 2024 07:09:09 GMT
ETag: 0x8DCDC67C959D1C6
Akamai-GRN: 0.45221002.1730246442.6074499
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
Content-Length: 230
Content-Type: text/javascript; charset=utf-8
Content-Encoding: br
Content-MD5: e8o72fCkQwkU95GMyH4alQ==
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 12c8ae3a-b01e-0003-2ca9-17e997000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=169797
Expires: Fri, 27 Dec 2024 10:32:38 GMT
Date: Wed, 25 Dec 2024 11:22:41 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.86c2645f.1735125761.131502ae
Timing-Allow-Origin: *
GET

https://r.bing.com/rp/DY2Md1oF5F7szcyNQaQohhJf-_U.br.js

msedge.exe

Remote address:

95.100.195.189:443

Request

GET /rp/DY2Md1oF5F7szcyNQaQohhJf-_U.br.js HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
Origin: https://www.bing.com
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
DNT: 1
Accept: */*
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: script
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Last-Modified: Fri, 06 Dec 2024 06:22:12 GMT
ETag: 0x8DD15BE5261E8D8
Content-Length: 27309
Content-Type: text/javascript; charset=utf-8
Content-Encoding: br
Content-MD5: 8SS4gFW++LTSEbdPcOWHUA==
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: caf58c21-601e-0023-0f16-48855b000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Akamai-GRN: 0.92777b5c.1733533440.135361b1
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
Cache-Control: public, no-transform, max-age=47085
Expires: Thu, 26 Dec 2024 00:27:26 GMT
Date: Wed, 25 Dec 2024 11:22:41 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.86c2645f.1735125761.131503ca
Timing-Allow-Origin: *
GET

https://r.bing.com/sa/simg/Roboto_Semibold.woff2

msedge.exe

Remote address:

95.100.195.189:443

Request

GET /sa/simg/Roboto_Semibold.woff2 HTTP/1.1
Host: r.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
Origin: https://www.bing.com
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
DNT: 1
Accept: */*
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: font
Referer: https://r.bing.com/rs/5W/2hb/cir3,cc,nc/1KKUBDl-P5UnnMr4CFdIc4245kE.css?or=w
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 404 Not Found

Accept-Ranges: bytes
Content-Length: 10
Server: AkamaiNetStorage
Date: Wed, 25 Dec 2024 11:23:47 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.86c2645f.1735125827.13150645
GET

https://www.bing.com/fd/ls/l?IG=7AAC67B96C9140B491DCA5B62937FD8E&CID=2338596C739167DE37764C0C725866D5&Type=Event.ClientInst&DATA=[{%22T%22:%22CI.BM%22,%22FID%22:%22CI%22,%22Name%22:%22HV%22}]

msedge.exe

Remote address:

95.100.195.148:443

Request

GET /fd/ls/l?IG=7AAC67B96C9140B491DCA5B62937FD8E&CID=2338596C739167DE37764C0C725866D5&Type=Event.ClientInst&DATA=[{%22T%22:%22CI.BM%22,%22FID%22:%22CI%22,%22Name%22:%22HV%22}] HTTP/1.1
Host: www.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "90.0.818.66"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://www.bing.com/search?q=mydoom+download&cvid=58d22fbb25184c96826e1baa90a0e51c&aqs=edge.0.0l7.8086j0j4&FORM=ANAB01&PC=U531
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=2338596C739167DE37764C0C725866D5; MUIDB=2338596C739167DE37764C0C725866D5; _EDGE_S=F=1&SID=1237EDD3F7EE629C1C5CF8B3F6276339; _EDGE_V=1; USRLOC=HS=1; _SS=PC=U531&SID=1237EDD3F7EE629C1C5CF8B3F6276339; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=2D3226E919DD4358A046111CD2C18B22&dmnchg=1; SRCHUSR=DOB=20241225; ak_bmsc=2A9335954D3F56E8581EF560E67280CB~000000000000000000000000000000~YAAQhsJkX5eApu2TAQAAQ+eN/RpUqnTT3y0DuOK4JGYnvggFsOXTypTxjSCS2H/QHcqS5/tt98eklF8q24NGXIrzGoufZex6A1fFaYI0HtCXNAmQuV1svccr7m0EXvJ3VvliO+T1k61J9zAUzKtvK2aFs+ul2wAp1uSxNBsiIbRqpqM21hvia0At3e0RLJ7oOrbVsPPZhWTy7+l4ng/bARBf2Hwh2Ap9CsYKoENVXG7Icivuznsh1z4QWy7x5jhQ5Twh6GJQWj3Cg93jzNv5+Rs3xceCOyquicxIYQLJl7UKGsyFt8bjgA/kFCSH4lUnNfL6QPoIcGDmvCsT7fakphMixxP8B6mS1w3OGaqmpzjdjZwbF8wiVNy9Hx2soDk=; SRCHHPGUSR=SRCHLANG=en&HV=1735125759&DM=0&NTWKTYP=4g&BRW=M&BRH=S&CW=1280&CH=601&SCW=1263&SCH=1983&DPR=1.0&UTC=0

Response

HTTP/1.1 200 OK

Content-Length: 0
Access-Control-Allow-Origin: *
Date: Wed, 25 Dec 2024 11:22:40 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.bbc2645f.1735125760.579d5c05
GET

https://www.bing.com/fd/ls/l?IG=7AAC67B96C9140B491DCA5B62937FD8E&CID=2338596C739167DE37764C0C725866D5&TYPE=Event.ClientInst&DATA=%5B%7B%22T%22%3A%22CI.DevLoc%22%2C%22TS%22%3A1735125760215%2C%22Name%22%3A%22Perm_Available%22%2C%22FID%22%3A%22AutoPrompt%22%7D%5D

msedge.exe

Remote address:

95.100.195.148:443

Request

GET /fd/ls/l?IG=7AAC67B96C9140B491DCA5B62937FD8E&CID=2338596C739167DE37764C0C725866D5&TYPE=Event.ClientInst&DATA=%5B%7B%22T%22%3A%22CI.DevLoc%22%2C%22TS%22%3A1735125760215%2C%22Name%22%3A%22Perm_Available%22%2C%22FID%22%3A%22AutoPrompt%22%7D%5D HTTP/1.1
Host: www.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "90.0.818.66"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://www.bing.com/search?q=mydoom+download&cvid=58d22fbb25184c96826e1baa90a0e51c&aqs=edge.0.0l7.8086j0j4&FORM=ANAB01&PC=U531
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=2338596C739167DE37764C0C725866D5; _EDGE_S=F=1&SID=1237EDD3F7EE629C1C5CF8B3F6276339; _EDGE_V=1; USRLOC=HS=1; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=2D3226E919DD4358A046111CD2C18B22&dmnchg=1; ak_bmsc=2A9335954D3F56E8581EF560E67280CB~000000000000000000000000000000~YAAQhsJkX5eApu2TAQAAQ+eN/RpUqnTT3y0DuOK4JGYnvggFsOXTypTxjSCS2H/QHcqS5/tt98eklF8q24NGXIrzGoufZex6A1fFaYI0HtCXNAmQuV1svccr7m0EXvJ3VvliO+T1k61J9zAUzKtvK2aFs+ul2wAp1uSxNBsiIbRqpqM21hvia0At3e0RLJ7oOrbVsPPZhWTy7+l4ng/bARBf2Hwh2Ap9CsYKoENVXG7Icivuznsh1z4QWy7x5jhQ5Twh6GJQWj3Cg93jzNv5+Rs3xceCOyquicxIYQLJl7UKGsyFt8bjgA/kFCSH4lUnNfL6QPoIcGDmvCsT7fakphMixxP8B6mS1w3OGaqmpzjdjZwbF8wiVNy9Hx2soDk=; MUIDB=2338596C739167DE37764C0C725866D5; SRCHUSR=DOB=20241225&T=1735125755000; _C_ETH=1; _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-12-25T08:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-12-25T11:22:41.1737217+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _Rwho=u=d&ts=2024-12-25; _SS=PC=U531&SID=1237EDD3F7EE629C1C5CF8B3F6276339&R=3&RB=0&GB=0&RG=200&RP=0; SRCHHPGUSR=SRCHLANG=en&HV=1735125760&DM=0&NTWKTYP=4g&BRW=M&BRH=S&CW=1280&CH=601&SCW=1263&SCH=1983&DPR=1.0&UTC=0&PV=10.0

Response

HTTP/1.1 200 OK

Content-Length: 0
Access-Control-Allow-Origin: *
Date: Wed, 25 Dec 2024 11:22:41 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.bbc2645f.1735125761.579d5c5e
GET

https://www.bing.com/qbox?query=free+min&language=en-US&pt=EdgBox&cvid=da51f10fee9e4c68929b4d4f7a55def8&ig=d310916c596d499485c89c2d6edfe4ba&oit=4&cp=8&pgcl=4

msedge.exe

Remote address:

95.100.195.148:443

Request

GET /qbox?query=free+min&language=en-US&pt=EdgBox&cvid=da51f10fee9e4c68929b4d4f7a55def8&ig=d310916c596d499485c89c2d6edfe4ba&oit=4&cp=8&pgcl=4 HTTP/1.1
Host: www.bing.com
Connection: keep-alive
Sec-Fetch-Site: none
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=2338596C739167DE37764C0C725866D5; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=2D3226E919DD4358A046111CD2C18B22&dmnchg=1; SRCHUSR=DOB=20241225&T=1735125755000; _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-12-25T08:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-12-25T11:22:41.1737217+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _Rwho=u=d&ts=2024-12-25; _SS=PC=U531&SID=1237EDD3F7EE629C1C5CF8B3F6276339&R=3&RB=0&GB=0&RG=200&RP=0; SRCHHPGUSR=SRCHLANG=en&HV=1735125760&DM=0&NTWKTYP=4g&BRW=M&BRH=S&CW=1280&CH=601&SCW=1263&SCH=1983&DPR=1.0&UTC=0&PV=10.0&WTS=63870722555; USRLOC=HS=1&BLOCK=TS=241225112241; ipv6=hit=1735129361377&t=4; MSPTC=0sId-ydt5KET1eJHPZpHrN8OIiMSzBo8-a6MuCxIyXw
GET

https://th.bing.com/th?id=ODLS.A2450BEC-5595-40BA-9F13-D9EC6AB74B9F&w=32&h=32&qlt=95&pcl=fffffa&o=6&pid=1.2

msedge.exe

Remote address:

95.100.195.175:443

Request

GET /th?id=ODLS.A2450BEC-5595-40BA-9F13-D9EC6AB74B9F&w=32&h=32&qlt=95&pcl=fffffa&o=6&pid=1.2 HTTP/1.1
Host: th.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=2338596C739167DE37764C0C725866D5; _EDGE_S=F=1&SID=1237EDD3F7EE629C1C5CF8B3F6276339; _EDGE_V=1; USRLOC=HS=1; _SS=PC=U531&SID=1237EDD3F7EE629C1C5CF8B3F6276339; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=2D3226E919DD4358A046111CD2C18B22&dmnchg=1; SRCHUSR=DOB=20241225; ak_bmsc=2A9335954D3F56E8581EF560E67280CB~000000000000000000000000000000~YAAQhsJkX5eApu2TAQAAQ+eN/RpUqnTT3y0DuOK4JGYnvggFsOXTypTxjSCS2H/QHcqS5/tt98eklF8q24NGXIrzGoufZex6A1fFaYI0HtCXNAmQuV1svccr7m0EXvJ3VvliO+T1k61J9zAUzKtvK2aFs+ul2wAp1uSxNBsiIbRqpqM21hvia0At3e0RLJ7oOrbVsPPZhWTy7+l4ng/bARBf2Hwh2Ap9CsYKoENVXG7Icivuznsh1z4QWy7x5jhQ5Twh6GJQWj3Cg93jzNv5+Rs3xceCOyquicxIYQLJl7UKGsyFt8bjgA/kFCSH4lUnNfL6QPoIcGDmvCsT7fakphMixxP8B6mS1w3OGaqmpzjdjZwbF8wiVNy9Hx2soDk=; SRCHHPGUSR=SRCHLANG=en&HV=1735125756&DM=0&NTWKTYP=4g&BRW=M&BRH=S&CW=1280&CH=601&SCW=1263&SCH=1983&DPR=1.0&UTC=0

Response

HTTP/1.1 200 OK

Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Timing-Allow-Origin: *
Report-To: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
NEL: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
Content-Length: 616
Cache-Control: public, max-age=453869
Date: Wed, 25 Dec 2024 11:22:40 GMT
X-Cache: TCP_HIT from a95-100-194-170.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.aac2645f.1735125760.55c93a9
X-Check-Cacheable: YES
GET

https://th.bing.com/th?id=ODLS.A2450BEC-5595-40BA-9F13-D9EC6AB74B9F&w=32&h=32&qlt=92&pcl=fffffa&o=6&pid=1.2

msedge.exe

Remote address:

95.100.195.175:443

Request

GET /th?id=ODLS.A2450BEC-5595-40BA-9F13-D9EC6AB74B9F&w=32&h=32&qlt=92&pcl=fffffa&o=6&pid=1.2 HTTP/1.1
Host: th.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=2338596C739167DE37764C0C725866D5; _EDGE_S=F=1&SID=1237EDD3F7EE629C1C5CF8B3F6276339; _EDGE_V=1; USRLOC=HS=1; _SS=PC=U531&SID=1237EDD3F7EE629C1C5CF8B3F6276339; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=2D3226E919DD4358A046111CD2C18B22&dmnchg=1; SRCHUSR=DOB=20241225; ak_bmsc=2A9335954D3F56E8581EF560E67280CB~000000000000000000000000000000~YAAQhsJkX5eApu2TAQAAQ+eN/RpUqnTT3y0DuOK4JGYnvggFsOXTypTxjSCS2H/QHcqS5/tt98eklF8q24NGXIrzGoufZex6A1fFaYI0HtCXNAmQuV1svccr7m0EXvJ3VvliO+T1k61J9zAUzKtvK2aFs+ul2wAp1uSxNBsiIbRqpqM21hvia0At3e0RLJ7oOrbVsPPZhWTy7+l4ng/bARBf2Hwh2Ap9CsYKoENVXG7Icivuznsh1z4QWy7x5jhQ5Twh6GJQWj3Cg93jzNv5+Rs3xceCOyquicxIYQLJl7UKGsyFt8bjgA/kFCSH4lUnNfL6QPoIcGDmvCsT7fakphMixxP8B6mS1w3OGaqmpzjdjZwbF8wiVNy9Hx2soDk=; SRCHHPGUSR=SRCHLANG=en&HV=1735125756&DM=0&NTWKTYP=4g&BRW=M&BRH=S&CW=1280&CH=601&SCW=1263&SCH=1983&DPR=1.0&UTC=0

Response

HTTP/1.1 200 OK

Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Timing-Allow-Origin: *
Report-To: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
NEL: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
Content-Length: 616
Cache-Control: public, max-age=1468354
Date: Wed, 25 Dec 2024 11:22:40 GMT
X-Cache: TCP_MEM_HIT from a95-100-194-160.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.a0c2645f.1735125760.1f6b8d6b
X-Check-Cacheable: YES
GET

https://th.bing.com/th?id=ODLS.A2450BEC-5595-40BA-9F13-D9EC6AB74B9F&w=32&h=32&qlt=98&pcl=fffffa&o=6&pid=1.2

msedge.exe

Remote address:

95.100.195.175:443

Request

GET /th?id=ODLS.A2450BEC-5595-40BA-9F13-D9EC6AB74B9F&w=32&h=32&qlt=98&pcl=fffffa&o=6&pid=1.2 HTTP/1.1
Host: th.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=2338596C739167DE37764C0C725866D5; _EDGE_S=F=1&SID=1237EDD3F7EE629C1C5CF8B3F6276339; _EDGE_V=1; USRLOC=HS=1; _SS=PC=U531&SID=1237EDD3F7EE629C1C5CF8B3F6276339; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=2D3226E919DD4358A046111CD2C18B22&dmnchg=1; ak_bmsc=2A9335954D3F56E8581EF560E67280CB~000000000000000000000000000000~YAAQhsJkX5eApu2TAQAAQ+eN/RpUqnTT3y0DuOK4JGYnvggFsOXTypTxjSCS2H/QHcqS5/tt98eklF8q24NGXIrzGoufZex6A1fFaYI0HtCXNAmQuV1svccr7m0EXvJ3VvliO+T1k61J9zAUzKtvK2aFs+ul2wAp1uSxNBsiIbRqpqM21hvia0At3e0RLJ7oOrbVsPPZhWTy7+l4ng/bARBf2Hwh2Ap9CsYKoENVXG7Icivuznsh1z4QWy7x5jhQ5Twh6GJQWj3Cg93jzNv5+Rs3xceCOyquicxIYQLJl7UKGsyFt8bjgA/kFCSH4lUnNfL6QPoIcGDmvCsT7fakphMixxP8B6mS1w3OGaqmpzjdjZwbF8wiVNy9Hx2soDk=; SRCHUSR=DOB=20241225&T=1735125755000; SRCHHPGUSR=SRCHLANG=en&HV=1735125756&DM=0&NTWKTYP=4g&BRW=M&BRH=S&CW=1280&CH=601&SCW=1263&SCH=1983&DPR=1.0&UTC=0&PV=10.0&EXLTT=1

Response

HTTP/1.1 200 OK

Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Timing-Allow-Origin: *
Report-To: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
NEL: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
Content-Length: 616
Cache-Control: public, max-age=1023001
Date: Wed, 25 Dec 2024 11:22:40 GMT
X-Cache: TCP_MEM_HIT from a95-100-194-160.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.a0c2645f.1735125760.1f6b8d73
X-Check-Cacheable: YES
GET

https://th.bing.com/th?id=ODLS.A2450BEC-5595-40BA-9F13-D9EC6AB74B9F&w=32&h=32&qlt=93&pcl=fffffa&o=6&pid=1.2

msedge.exe

Remote address:

95.100.195.175:443

Request

GET /th?id=ODLS.A2450BEC-5595-40BA-9F13-D9EC6AB74B9F&w=32&h=32&qlt=93&pcl=fffffa&o=6&pid=1.2 HTTP/1.1
Host: th.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=2338596C739167DE37764C0C725866D5; _EDGE_S=F=1&SID=1237EDD3F7EE629C1C5CF8B3F6276339; _EDGE_V=1; USRLOC=HS=1; _SS=PC=U531&SID=1237EDD3F7EE629C1C5CF8B3F6276339; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=2D3226E919DD4358A046111CD2C18B22&dmnchg=1; SRCHUSR=DOB=20241225; ak_bmsc=2A9335954D3F56E8581EF560E67280CB~000000000000000000000000000000~YAAQhsJkX5eApu2TAQAAQ+eN/RpUqnTT3y0DuOK4JGYnvggFsOXTypTxjSCS2H/QHcqS5/tt98eklF8q24NGXIrzGoufZex6A1fFaYI0HtCXNAmQuV1svccr7m0EXvJ3VvliO+T1k61J9zAUzKtvK2aFs+ul2wAp1uSxNBsiIbRqpqM21hvia0At3e0RLJ7oOrbVsPPZhWTy7+l4ng/bARBf2Hwh2Ap9CsYKoENVXG7Icivuznsh1z4QWy7x5jhQ5Twh6GJQWj3Cg93jzNv5+Rs3xceCOyquicxIYQLJl7UKGsyFt8bjgA/kFCSH4lUnNfL6QPoIcGDmvCsT7fakphMixxP8B6mS1w3OGaqmpzjdjZwbF8wiVNy9Hx2soDk=; SRCHHPGUSR=SRCHLANG=en&HV=1735125756&DM=0&NTWKTYP=4g&BRW=M&BRH=S&CW=1280&CH=601&SCW=1263&SCH=1983&DPR=1.0&UTC=0

Response

HTTP/1.1 200 OK

Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Timing-Allow-Origin: *
Report-To: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
NEL: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
Content-Length: 616
Cache-Control: public, max-age=2065400
Date: Wed, 25 Dec 2024 11:22:40 GMT
X-Cache: TCP_MEM_HIT from a95-100-194-162.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.a2c2645f.1735125760.2177036f
X-Check-Cacheable: YES
GET

https://th.bing.com/th?id=ODLS.A2450BEC-5595-40BA-9F13-D9EC6AB74B9F&w=32&h=32&qlt=99&pcl=fffffa&o=6&pid=1.2

msedge.exe

Remote address:

95.100.195.175:443

Request

GET /th?id=ODLS.A2450BEC-5595-40BA-9F13-D9EC6AB74B9F&w=32&h=32&qlt=99&pcl=fffffa&o=6&pid=1.2 HTTP/1.1
Host: th.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=2338596C739167DE37764C0C725866D5; _EDGE_S=F=1&SID=1237EDD3F7EE629C1C5CF8B3F6276339; _EDGE_V=1; USRLOC=HS=1; _SS=PC=U531&SID=1237EDD3F7EE629C1C5CF8B3F6276339; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=2D3226E919DD4358A046111CD2C18B22&dmnchg=1; ak_bmsc=2A9335954D3F56E8581EF560E67280CB~000000000000000000000000000000~YAAQhsJkX5eApu2TAQAAQ+eN/RpUqnTT3y0DuOK4JGYnvggFsOXTypTxjSCS2H/QHcqS5/tt98eklF8q24NGXIrzGoufZex6A1fFaYI0HtCXNAmQuV1svccr7m0EXvJ3VvliO+T1k61J9zAUzKtvK2aFs+ul2wAp1uSxNBsiIbRqpqM21hvia0At3e0RLJ7oOrbVsPPZhWTy7+l4ng/bARBf2Hwh2Ap9CsYKoENVXG7Icivuznsh1z4QWy7x5jhQ5Twh6GJQWj3Cg93jzNv5+Rs3xceCOyquicxIYQLJl7UKGsyFt8bjgA/kFCSH4lUnNfL6QPoIcGDmvCsT7fakphMixxP8B6mS1w3OGaqmpzjdjZwbF8wiVNy9Hx2soDk=; SRCHUSR=DOB=20241225&T=1735125755000; SRCHHPGUSR=SRCHLANG=en&HV=1735125756&DM=0&NTWKTYP=4g&BRW=M&BRH=S&CW=1280&CH=601&SCW=1263&SCH=1983&DPR=1.0&UTC=0&PV=10.0&EXLTT=1

Response

HTTP/1.1 200 OK

Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Timing-Allow-Origin: *
Report-To: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
NEL: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
Content-Length: 616
Cache-Control: public, max-age=1460571
Date: Wed, 25 Dec 2024 11:22:40 GMT
X-Cache: TCP_MEM_HIT from a95-100-194-162.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.a2c2645f.1735125760.2177038a
X-Check-Cacheable: YES
GET

https://th.bing.com/th?id=ODLS.A2450BEC-5595-40BA-9F13-D9EC6AB74B9F&w=32&h=32&qlt=94&pcl=fffffa&o=6&pid=1.2

msedge.exe

Remote address:

95.100.195.175:443

Request

GET /th?id=ODLS.A2450BEC-5595-40BA-9F13-D9EC6AB74B9F&w=32&h=32&qlt=94&pcl=fffffa&o=6&pid=1.2 HTTP/1.1
Host: th.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=2338596C739167DE37764C0C725866D5; _EDGE_S=F=1&SID=1237EDD3F7EE629C1C5CF8B3F6276339; _EDGE_V=1; USRLOC=HS=1; _SS=PC=U531&SID=1237EDD3F7EE629C1C5CF8B3F6276339; SRCHS=PC=U531; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=2D3226E919DD4358A046111CD2C18B22&dmnchg=1; SRCHUSR=DOB=20241225; ak_bmsc=2A9335954D3F56E8581EF560E67280CB~000000000000000000000000000000~YAAQhsJkX5eApu2TAQAAQ+eN/RpUqnTT3y0DuOK4JGYnvggFsOXTypTxjSCS2H/QHcqS5/tt98eklF8q24NGXIrzGoufZex6A1fFaYI0HtCXNAmQuV1svccr7m0EXvJ3VvliO+T1k61J9zAUzKtvK2aFs+ul2wAp1uSxNBsiIbRqpqM21hvia0At3e0RLJ7oOrbVsPPZhWTy7+l4ng/bARBf2Hwh2Ap9CsYKoENVXG7Icivuznsh1z4QWy7x5jhQ5Twh6GJQWj3Cg93jzNv5+Rs3xceCOyquicxIYQLJl7UKGsyFt8bjgA/kFCSH4lUnNfL6QPoIcGDmvCsT7fakphMixxP8B6mS1w3OGaqmpzjdjZwbF8wiVNy9Hx2soDk=; SRCHHPGUSR=SRCHLANG=en&HV=1735125756&DM=0&NTWKTYP=4g&BRW=M&BRH=S&CW=1280&CH=601&SCW=1263&SCH=1983&DPR=1.0&UTC=0

Response

HTTP/1.1 200 OK

Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Timing-Allow-Origin: *
Report-To: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
NEL: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
Content-Length: 616
Cache-Control: public, max-age=2066296
Date: Wed, 25 Dec 2024 11:22:40 GMT
X-Cache: TCP_MEM_HIT from a95-100-194-169.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.a9c2645f.1735125760.59a79a3
X-Check-Cacheable: YES
GET

https://th.bing.com/th?id=ODLS.A2450BEC-5595-40BA-9F13-D9EC6AB74B9F&w=32&h=32&qlt=97&pcl=fffffa&o=6&pid=1.2

msedge.exe

Remote address:

95.100.195.175:443

Request

GET /th?id=ODLS.A2450BEC-5595-40BA-9F13-D9EC6AB74B9F&w=32&h=32&qlt=97&pcl=fffffa&o=6&pid=1.2 HTTP/1.1
Host: th.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://www.bing.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=2338596C739167DE37764C0C725866D5; _EDGE_S=F=1&SID=1237EDD3F7EE629C1C5CF8B3F6276339; _EDGE_V=1; USRLOC=HS=1; _SS=PC=U531&SID=1237EDD3F7EE629C1C5CF8B3F6276339; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=2D3226E919DD4358A046111CD2C18B22&dmnchg=1; ak_bmsc=2A9335954D3F56E8581EF560E67280CB~000000000000000000000000000000~YAAQhsJkX5eApu2TAQAAQ+eN/RpUqnTT3y0DuOK4JGYnvggFsOXTypTxjSCS2H/QHcqS5/tt98eklF8q24NGXIrzGoufZex6A1fFaYI0HtCXNAmQuV1svccr7m0EXvJ3VvliO+T1k61J9zAUzKtvK2aFs+ul2wAp1uSxNBsiIbRqpqM21hvia0At3e0RLJ7oOrbVsPPZhWTy7+l4ng/bARBf2Hwh2Ap9CsYKoENVXG7Icivuznsh1z4QWy7x5jhQ5Twh6GJQWj3Cg93jzNv5+Rs3xceCOyquicxIYQLJl7UKGsyFt8bjgA/kFCSH4lUnNfL6QPoIcGDmvCsT7fakphMixxP8B6mS1w3OGaqmpzjdjZwbF8wiVNy9Hx2soDk=; SRCHUSR=DOB=20241225&T=1735125755000; SRCHHPGUSR=SRCHLANG=en&HV=1735125756&DM=0&NTWKTYP=4g&BRW=M&BRH=S&CW=1280&CH=601&SCW=1263&SCH=1983&DPR=1.0&UTC=0&PV=10.0&EXLTT=1

Response

HTTP/1.1 200 OK

Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Timing-Allow-Origin: *
Report-To: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
NEL: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
Content-Length: 616
Cache-Control: public, max-age=1154294
Date: Wed, 25 Dec 2024 11:22:40 GMT
X-Cache: TCP_MEM_HIT from a95-100-194-181.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Akamai-GRN: 0.b5c2645f.1735125760.32df2d40
X-Check-Cacheable: YES
GET

https://www.bing.com/fd/ls/l?IG=7AAC67B96C9140B491DCA5B62937FD8E&CID=2338596C739167DE37764C0C725866D5&TYPE=Event.ClientInst&DATA=%5B%7B%22T%22%3A%22CI.DevLoc%22%2C%22TS%22%3A1735125760218%2C%22Name%22%3A%22Perm_Denied%22%2C%22FID%22%3A%22AutoPrompt%22%7D%5D

msedge.exe

Remote address:

95.100.195.148:443

Request

GET /fd/ls/l?IG=7AAC67B96C9140B491DCA5B62937FD8E&CID=2338596C739167DE37764C0C725866D5&TYPE=Event.ClientInst&DATA=%5B%7B%22T%22%3A%22CI.DevLoc%22%2C%22TS%22%3A1735125760218%2C%22Name%22%3A%22Perm_Denied%22%2C%22FID%22%3A%22AutoPrompt%22%7D%5D HTTP/1.1
Host: www.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "90.0.818.66"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://www.bing.com/search?q=mydoom+download&cvid=58d22fbb25184c96826e1baa90a0e51c&aqs=edge.0.0l7.8086j0j4&FORM=ANAB01&PC=U531
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=2338596C739167DE37764C0C725866D5; _EDGE_S=F=1&SID=1237EDD3F7EE629C1C5CF8B3F6276339; _EDGE_V=1; USRLOC=HS=1; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=2D3226E919DD4358A046111CD2C18B22&dmnchg=1; ak_bmsc=2A9335954D3F56E8581EF560E67280CB~000000000000000000000000000000~YAAQhsJkX5eApu2TAQAAQ+eN/RpUqnTT3y0DuOK4JGYnvggFsOXTypTxjSCS2H/QHcqS5/tt98eklF8q24NGXIrzGoufZex6A1fFaYI0HtCXNAmQuV1svccr7m0EXvJ3VvliO+T1k61J9zAUzKtvK2aFs+ul2wAp1uSxNBsiIbRqpqM21hvia0At3e0RLJ7oOrbVsPPZhWTy7+l4ng/bARBf2Hwh2Ap9CsYKoENVXG7Icivuznsh1z4QWy7x5jhQ5Twh6GJQWj3Cg93jzNv5+Rs3xceCOyquicxIYQLJl7UKGsyFt8bjgA/kFCSH4lUnNfL6QPoIcGDmvCsT7fakphMixxP8B6mS1w3OGaqmpzjdjZwbF8wiVNy9Hx2soDk=; MUIDB=2338596C739167DE37764C0C725866D5; SRCHUSR=DOB=20241225&T=1735125755000; _C_ETH=1; _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-12-25T08:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-12-25T11:22:41.1737217+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _Rwho=u=d&ts=2024-12-25; _SS=PC=U531&SID=1237EDD3F7EE629C1C5CF8B3F6276339&R=3&RB=0&GB=0&RG=200&RP=0; SRCHHPGUSR=SRCHLANG=en&HV=1735125760&DM=0&NTWKTYP=4g&BRW=M&BRH=S&CW=1280&CH=601&SCW=1263&SCH=1983&DPR=1.0&UTC=0&PV=10.0&WTS=63870722555

Response

HTTP/1.1 200 OK

Content-Length: 0
Access-Control-Allow-Origin: *
Date: Wed, 25 Dec 2024 11:22:41 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.8ac2645f.1735125761.3c9eeebd
GET

https://www.bing.com/qbox?query=free+mi&language=en-US&pt=EdgBox&cvid=da51f10fee9e4c68929b4d4f7a55def8&ig=c4473c34f86e466881261e5189a981ea&oit=4&cp=7&pgcl=4

msedge.exe

Remote address:

95.100.195.148:443

Request

GET /qbox?query=free+mi&language=en-US&pt=EdgBox&cvid=da51f10fee9e4c68929b4d4f7a55def8&ig=c4473c34f86e466881261e5189a981ea&oit=4&cp=7&pgcl=4 HTTP/1.1
Host: www.bing.com
Connection: keep-alive
Sec-Fetch-Site: none
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=2338596C739167DE37764C0C725866D5; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=2D3226E919DD4358A046111CD2C18B22&dmnchg=1; SRCHUSR=DOB=20241225&T=1735125755000; _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-12-25T08:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-12-25T11:22:41.1737217+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _Rwho=u=d&ts=2024-12-25; _SS=PC=U531&SID=1237EDD3F7EE629C1C5CF8B3F6276339&R=3&RB=0&GB=0&RG=200&RP=0; SRCHHPGUSR=SRCHLANG=en&HV=1735125760&DM=0&NTWKTYP=4g&BRW=M&BRH=S&CW=1280&CH=601&SCW=1263&SCH=1983&DPR=1.0&UTC=0&PV=10.0&WTS=63870722555; USRLOC=HS=1&BLOCK=TS=241225112241; ipv6=hit=1735129361377&t=4; MSPTC=0sId-ydt5KET1eJHPZpHrN8OIiMSzBo8-a6MuCxIyXw
GET

https://login.microsoftonline.com/common/oauth2/authorize?client_id=9ea1ad79-fdb6-4f9a-8bc3-2b70f96e34c7&response_type=id_token+code&nonce=786a1cf0-73f1-42fa-9077-8f14881843ec&redirect_uri=https%3a%2f%2fwww.bing.com%2forgid%2fidtoken%2fconditional&scope=openid%20email%20profile%209ea1ad79-fdb6-4f9a-8bc3-2b70f96e34c7/.default&response_mode=form_post&instance_aware=true&msafed=0&prompt=none&state=%7b%22ig%22%3a%227AAC67B96C9140B491DCA5B62937FD8E%22%7d

msedge.exe

Remote address:

20.190.159.68:443

Request

GET /common/oauth2/authorize?client_id=9ea1ad79-fdb6-4f9a-8bc3-2b70f96e34c7&response_type=id_token+code&nonce=786a1cf0-73f1-42fa-9077-8f14881843ec&redirect_uri=https%3a%2f%2fwww.bing.com%2forgid%2fidtoken%2fconditional&scope=openid%20email%20profile%209ea1ad79-fdb6-4f9a-8bc3-2b70f96e34c7/.default&response_mode=form_post&instance_aware=true&msafed=0&prompt=none&state=%7b%22ig%22%3a%227AAC67B96C9140B491DCA5B62937FD8E%22%7d HTTP/2.0
host: login.microsoftonline.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: no-store, no-cache
pragma: no-cache
content-type: text/html; charset=utf-8
content-encoding: gzip
expires: -1
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
p3p: CP="DSP CUR OTPi IND OTRi ONL FIN"
x-ms-request-id: fe2ce933-d27a-4107-b708-350b5c151401
x-ms-ests-server: 2.1.19683.3 - WEULR1 ProdSlices
report-to: {"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+dub2"}]}
nel: {"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
x-ms-srs: 1.P
referrer-policy: strict-origin-when-cross-origin
content-security-policy-report-only: object-src 'none'; base-uri 'self'; script-src 'self' 'nonce-kSlC4AJbhCbOoW_46huHaw' 'unsafe-inline' 'unsafe-eval' https://*.msauth.net https://*.msftauth.net https://*.msftauthimages.net https://*.msauthimages.net https://*.msidentity.com https://*.microsoftonline-p.com https://*.microsoftazuread-sso.com https://*.azureedge.net https://*.outlook.com https://*.office.com https://*.office365.com https://*.microsoft.com https://*.bing.com 'report-sample'; img-src 'self' data: https://*.msauth.net https://*.msftauth.net https://*.msftauthimages.net https://*.msauthimages.net https://*.msidentity.com https://*.microsoftonline-p.com https://*.microsoftazuread-sso.com https://*.azureedge.net https://*.outlook.com https://*.office.com https://*.office365.com https://*.microsoft.com https://*.bing.com 'report-sample'; report-uri https://csp.microsoft.com/report/ESTS-UX-All
x-xss-protection: 0
set-cookie: buid=1.AR8AMe_N-B6jSkuT5F9XHpElWnmtoZ62_ZpPi8MrcPluNMcBAAAfAA.AQABGgEAAADW6jl31mB3T7ugrWTT8pFeJ296WGQFi0con5bA4VWmeRQ4xA3rJZ4Or1XiRhrG7mS0x6sJeZqx73NxDXOMO2dVmoOvXdsyotu8E9IUqbcab-VEUgurXd8GQsLdBlh84fUgAA; expires=Fri, 24-Jan-2025 11:22:41 GMT; path=/; secure; HttpOnly; SameSite=None
set-cookie: fpc=AtsaLpge0c9Npd69XSGyj96CeMQLAQAAAAHi_d4OAAAA; expires=Fri, 24-Jan-2025 11:22:41 GMT; path=/; secure; HttpOnly; SameSite=None
set-cookie: esctx=PAQABBwEAAADW6jl31mB3T7ugrWTT8pFesfF_II-XSmy0q2KNTmYZj0aef4X2D_oho9q2tjLYyx-3GHqDIp07krHHWm7LaXZufXOiO3A5cT9xAeaYrOrhAnGSAr7yGu9dA_K-pFIlx6jQhC0gmy-VLzn925h6ArU3Ua2dpUkbrIL1XLovVJpYARhWp0p57pnvWag-4Q52g9wgAA; domain=.login.microsoftonline.com; path=/; secure; HttpOnly; SameSite=None
set-cookie: x-ms-gateway-slice=estsfd; path=/; secure; samesite=none; httponly
set-cookie: stsservicecookie=estsfd; path=/; secure; samesite=none; httponly
date: Wed, 25 Dec 2024 11:22:40 GMT
content-length: 698
GET

https://github.com/Da2dalus/The-MALWARE-Repo

msedge.exe

Remote address:

20.26.156.215:443

Request

GET /Da2dalus/The-MALWARE-Repo HTTP/2.0
host: github.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

server: GitHub.com
date: Wed, 25 Dec 2024 11:22:45 GMT
content-type: text/html; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
etag: W/"58e64a5599b9ba916e33c83545becf68"
cache-control: max-age=0, private, must-revalidate
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
content-encoding: gzip
set-cookie: _gh_sess=AkizHccWs058JF915G7ccw%2BB5j5gvBsb1qe1F87Db97iiILQ7LZsw661Mfaf6vJR4%2FcbDgz%2FWM5QAUrGSSB%2BxPih63Wy2sR%2BDGqX%2F7t%2FlRmJVwlf%2FliS7wnZL6Dz4Y62nGQ4KddCN8j%2BfTsEy4wEMtylh%2B2DhMEqz%2FgQGpAPkDdcnn5brc3pxP0JBrHD5iw4LL4ZdrQwGVAfWz%2BrFY0Y0xi4L1Hq%2BzDNUrWRwimvSNh%2FzmJZ4P4cR%2FpINkiUYlkSlNJT%2Bekf1DPwTkD8FpNxww%3D%3D--1kFgd1vMoHmfTe9E--Ddf9OXfwk5UkzYwPZs3ZKw%3D%3D; Path=/; HttpOnly; Secure; SameSite=Lax
set-cookie: _octo=GH1.1.1788271999.1735125765; Path=/; Domain=github.com; Expires=Thu, 25 Dec 2025 11:22:45 GMT; Secure; SameSite=Lax
set-cookie: logged_in=no; Path=/; Domain=github.com; Expires=Thu, 25 Dec 2025 11:22:45 GMT; HttpOnly; Secure; SameSite=Lax
accept-ranges: bytes
x-github-request-id: 8E34:35A22:33CF42:4296BA:676BEB05
GET

https://github.com/Da2dalus/The-MALWARE-Repo/security/overall-count

msedge.exe

Remote address:

20.26.156.215:443

Request

GET /Da2dalus/The-MALWARE-Repo/security/overall-count HTTP/2.0
host: github.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
accept: text/fragment+html
dnt: 1
x-requested-with: XMLHttpRequest
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _gh_sess=AkizHccWs058JF915G7ccw%2BB5j5gvBsb1qe1F87Db97iiILQ7LZsw661Mfaf6vJR4%2FcbDgz%2FWM5QAUrGSSB%2BxPih63Wy2sR%2BDGqX%2F7t%2FlRmJVwlf%2FliS7wnZL6Dz4Y62nGQ4KddCN8j%2BfTsEy4wEMtylh%2B2DhMEqz%2FgQGpAPkDdcnn5brc3pxP0JBrHD5iw4LL4ZdrQwGVAfWz%2BrFY0Y0xi4L1Hq%2BzDNUrWRwimvSNh%2FzmJZ4P4cR%2FpINkiUYlkSlNJT%2Bekf1DPwTkD8FpNxww%3D%3D--1kFgd1vMoHmfTe9E--Ddf9OXfwk5UkzYwPZs3ZKw%3D%3D
cookie: _octo=GH1.1.1788271999.1735125765
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light

Response

HTTP/2.0 200

server: GitHub.com
date: Wed, 25 Dec 2024 11:22:47 GMT
content-type: text/fragment+html; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
cache-control: max-age=14400, private
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
content-encoding: gzip
accept-ranges: bytes
content-length: 20
x-github-request-id: 8E34:35A22:33CFD4:429762:676BEB05
GET

https://github.com/Da2dalus/The-MALWARE-Repo/hovercards/citation/sidebar_partial?tree_name=master

msedge.exe

Remote address:

20.26.156.215:443

Request

GET /Da2dalus/The-MALWARE-Repo/hovercards/citation/sidebar_partial?tree_name=master HTTP/2.0
host: github.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
accept: text/html
dnt: 1
x-requested-with: XMLHttpRequest
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _gh_sess=AkizHccWs058JF915G7ccw%2BB5j5gvBsb1qe1F87Db97iiILQ7LZsw661Mfaf6vJR4%2FcbDgz%2FWM5QAUrGSSB%2BxPih63Wy2sR%2BDGqX%2F7t%2FlRmJVwlf%2FliS7wnZL6Dz4Y62nGQ4KddCN8j%2BfTsEy4wEMtylh%2B2DhMEqz%2FgQGpAPkDdcnn5brc3pxP0JBrHD5iw4LL4ZdrQwGVAfWz%2BrFY0Y0xi4L1Hq%2BzDNUrWRwimvSNh%2FzmJZ4P4cR%2FpINkiUYlkSlNJT%2Bekf1DPwTkD8FpNxww%3D%3D--1kFgd1vMoHmfTe9E--Ddf9OXfwk5UkzYwPZs3ZKw%3D%3D
cookie: _octo=GH1.1.1788271999.1735125765
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light

Response

HTTP/2.0 204

server: GitHub.com
date: Wed, 25 Dec 2024 11:22:47 GMT
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
cache-control: no-cache
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
x-github-request-id: 8E34:35A22:33CFD4:429763:676BEB07
GET

https://github.com/Da2dalus/The-MALWARE-Repo/used_by_list

msedge.exe

Remote address:

20.26.156.215:443

Request

GET /Da2dalus/The-MALWARE-Repo/used_by_list HTTP/2.0
host: github.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
accept: text/fragment+html
dnt: 1
x-requested-with: XMLHttpRequest
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _gh_sess=AkizHccWs058JF915G7ccw%2BB5j5gvBsb1qe1F87Db97iiILQ7LZsw661Mfaf6vJR4%2FcbDgz%2FWM5QAUrGSSB%2BxPih63Wy2sR%2BDGqX%2F7t%2FlRmJVwlf%2FliS7wnZL6Dz4Y62nGQ4KddCN8j%2BfTsEy4wEMtylh%2B2DhMEqz%2FgQGpAPkDdcnn5brc3pxP0JBrHD5iw4LL4ZdrQwGVAfWz%2BrFY0Y0xi4L1Hq%2BzDNUrWRwimvSNh%2FzmJZ4P4cR%2FpINkiUYlkSlNJT%2Bekf1DPwTkD8FpNxww%3D%3D--1kFgd1vMoHmfTe9E--Ddf9OXfwk5UkzYwPZs3ZKw%3D%3D
cookie: _octo=GH1.1.1788271999.1735125765
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light

Response

HTTP/2.0 200

server: GitHub.com
date: Wed, 25 Dec 2024 11:22:47 GMT
content-type: text/plain; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
cache-control: no-cache
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
content-encoding: gzip
accept-ranges: bytes
content-length: 20
x-github-request-id: 8E34:35A22:33CFD4:429764:676BEB07
GET

https://github.com/Da2dalus/The-MALWARE-Repo/latest-commit/master

msedge.exe

Remote address:

20.26.156.215:443

Request

GET /Da2dalus/The-MALWARE-Repo/latest-commit/master HTTP/2.0
host: github.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
content-type: application/json
accept: application/json
x-requested-with: XMLHttpRequest
github-verified-fetch: true
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _gh_sess=AkizHccWs058JF915G7ccw%2BB5j5gvBsb1qe1F87Db97iiILQ7LZsw661Mfaf6vJR4%2FcbDgz%2FWM5QAUrGSSB%2BxPih63Wy2sR%2BDGqX%2F7t%2FlRmJVwlf%2FliS7wnZL6Dz4Y62nGQ4KddCN8j%2BfTsEy4wEMtylh%2B2DhMEqz%2FgQGpAPkDdcnn5brc3pxP0JBrHD5iw4LL4ZdrQwGVAfWz%2BrFY0Y0xi4L1Hq%2BzDNUrWRwimvSNh%2FzmJZ4P4cR%2FpINkiUYlkSlNJT%2Bekf1DPwTkD8FpNxww%3D%3D--1kFgd1vMoHmfTe9E--Ddf9OXfwk5UkzYwPZs3ZKw%3D%3D
cookie: _octo=GH1.1.1788271999.1735125765
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light

Response

HTTP/2.0 200

server: GitHub.com
date: Wed, 25 Dec 2024 11:22:47 GMT
content-type: application/json; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
etag: W/"57dd3ff551f8b3d10b3856a048bab63c"
cache-control: max-age=0, private, must-revalidate
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
content-encoding: gzip
accept-ranges: bytes
content-length: 53
x-github-request-id: 8E34:35A22:33CFDB:429770:676BEB07
GET

https://github.com/Da2dalus/The-MALWARE-Repo/refs?type=branch

msedge.exe

Remote address:

20.26.156.215:443

Request

GET /Da2dalus/The-MALWARE-Repo/refs?type=branch HTTP/2.0
host: github.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
accept: application/json
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _gh_sess=AkizHccWs058JF915G7ccw%2BB5j5gvBsb1qe1F87Db97iiILQ7LZsw661Mfaf6vJR4%2FcbDgz%2FWM5QAUrGSSB%2BxPih63Wy2sR%2BDGqX%2F7t%2FlRmJVwlf%2FliS7wnZL6Dz4Y62nGQ4KddCN8j%2BfTsEy4wEMtylh%2B2DhMEqz%2FgQGpAPkDdcnn5brc3pxP0JBrHD5iw4LL4ZdrQwGVAfWz%2BrFY0Y0xi4L1Hq%2BzDNUrWRwimvSNh%2FzmJZ4P4cR%2FpINkiUYlkSlNJT%2Bekf1DPwTkD8FpNxww%3D%3D--1kFgd1vMoHmfTe9E--Ddf9OXfwk5UkzYwPZs3ZKw%3D%3D
cookie: _octo=GH1.1.1788271999.1735125765
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light

Response

HTTP/2.0 200

server: GitHub.com
date: Wed, 25 Dec 2024 11:22:47 GMT
content-type: application/json; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
etag: W/"adc2c0d060742993a54f31416bc951e3"
cache-control: max-age=0, private, must-revalidate
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
content-encoding: gzip
accept-ranges: bytes
content-length: 79
x-github-request-id: 8E34:35A22:33CFDB:42976E:676BEB07
GET

https://github.com/Da2dalus/The-MALWARE-Repo/tree-commit-info/master

msedge.exe

Remote address:

20.26.156.215:443

Request

GET /Da2dalus/The-MALWARE-Repo/tree-commit-info/master HTTP/2.0
host: github.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
content-type: application/json
accept: application/json
x-requested-with: XMLHttpRequest
github-verified-fetch: true
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _gh_sess=AkizHccWs058JF915G7ccw%2BB5j5gvBsb1qe1F87Db97iiILQ7LZsw661Mfaf6vJR4%2FcbDgz%2FWM5QAUrGSSB%2BxPih63Wy2sR%2BDGqX%2F7t%2FlRmJVwlf%2FliS7wnZL6Dz4Y62nGQ4KddCN8j%2BfTsEy4wEMtylh%2B2DhMEqz%2FgQGpAPkDdcnn5brc3pxP0JBrHD5iw4LL4ZdrQwGVAfWz%2BrFY0Y0xi4L1Hq%2BzDNUrWRwimvSNh%2FzmJZ4P4cR%2FpINkiUYlkSlNJT%2Bekf1DPwTkD8FpNxww%3D%3D--1kFgd1vMoHmfTe9E--Ddf9OXfwk5UkzYwPZs3ZKw%3D%3D
cookie: _octo=GH1.1.1788271999.1735125765
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light

Response

HTTP/2.0 200

server: GitHub.com
date: Wed, 25 Dec 2024 11:22:47 GMT
content-type: application/json; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
etag: W/"07da86d5c2d3c431a0aa2221ab777c22"
cache-control: max-age=0, private, must-revalidate
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
content-encoding: gzip
accept-ranges: bytes
content-length: 1218
x-github-request-id: 8E34:35A22:33CFDB:42976F:676BEB07
GET

https://github.com/Da2dalus/The-MALWARE-Repo/branch-and-tag-count

msedge.exe

Remote address:

20.26.156.215:443

Request

GET /Da2dalus/The-MALWARE-Repo/branch-and-tag-count HTTP/2.0
host: github.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
content-type: application/json
accept: application/json
x-requested-with: XMLHttpRequest
github-verified-fetch: true
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _gh_sess=AkizHccWs058JF915G7ccw%2BB5j5gvBsb1qe1F87Db97iiILQ7LZsw661Mfaf6vJR4%2FcbDgz%2FWM5QAUrGSSB%2BxPih63Wy2sR%2BDGqX%2F7t%2FlRmJVwlf%2FliS7wnZL6Dz4Y62nGQ4KddCN8j%2BfTsEy4wEMtylh%2B2DhMEqz%2FgQGpAPkDdcnn5brc3pxP0JBrHD5iw4LL4ZdrQwGVAfWz%2BrFY0Y0xi4L1Hq%2BzDNUrWRwimvSNh%2FzmJZ4P4cR%2FpINkiUYlkSlNJT%2Bekf1DPwTkD8FpNxww%3D%3D--1kFgd1vMoHmfTe9E--Ddf9OXfwk5UkzYwPZs3ZKw%3D%3D
cookie: _octo=GH1.1.1788271999.1735125765
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light

Response

HTTP/2.0 200

server: GitHub.com
date: Wed, 25 Dec 2024 11:22:47 GMT
content-type: application/json; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
etag: W/"ced17b2112827c8d5577d524acbe58b5"
cache-control: max-age=0, private, must-revalidate
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
content-encoding: gzip
accept-ranges: bytes
content-length: 632
x-github-request-id: 8E34:35A22:33CFDA:42976D:676BEB07
GET

https://github.com/manifest.json

msedge.exe

Remote address:

20.26.156.215:443

Request

GET /manifest.json HTTP/2.0
host: github.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _gh_sess=AkizHccWs058JF915G7ccw%2BB5j5gvBsb1qe1F87Db97iiILQ7LZsw661Mfaf6vJR4%2FcbDgz%2FWM5QAUrGSSB%2BxPih63Wy2sR%2BDGqX%2F7t%2FlRmJVwlf%2FliS7wnZL6Dz4Y62nGQ4KddCN8j%2BfTsEy4wEMtylh%2B2DhMEqz%2FgQGpAPkDdcnn5brc3pxP0JBrHD5iw4LL4ZdrQwGVAfWz%2BrFY0Y0xi4L1Hq%2BzDNUrWRwimvSNh%2FzmJZ4P4cR%2FpINkiUYlkSlNJT%2Bekf1DPwTkD8FpNxww%3D%3D--1kFgd1vMoHmfTe9E--Ddf9OXfwk5UkzYwPZs3ZKw%3D%3D
cookie: _octo=GH1.1.1788271999.1735125765
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 200

server: GitHub.com
date: Wed, 25 Dec 2024 11:22:43 GMT
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
cache-control: max-age=604800, public
etag: W/"c75e05794d72230a695e880f1a6c83a4"
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
content-type: application/manifest+json; charset=utf-8
content-encoding: gzip
accept-ranges: bytes
content-length: 474
x-github-request-id: 8E34:35A22:33CFF1:429782:676BEB07
GET

https://github.com/Da2dalus/The-MALWARE-Repo/tree/master/RAT

msedge.exe

Remote address:

20.26.156.215:443

Request

GET /Da2dalus/The-MALWARE-Repo/tree/master/RAT HTTP/2.0
host: github.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
accept: text/html, application/xhtml+xml, application/json
dnt: 1
turbo-visit: true
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
x-react-app-name: repos-overview
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _gh_sess=AkizHccWs058JF915G7ccw%2BB5j5gvBsb1qe1F87Db97iiILQ7LZsw661Mfaf6vJR4%2FcbDgz%2FWM5QAUrGSSB%2BxPih63Wy2sR%2BDGqX%2F7t%2FlRmJVwlf%2FliS7wnZL6Dz4Y62nGQ4KddCN8j%2BfTsEy4wEMtylh%2B2DhMEqz%2FgQGpAPkDdcnn5brc3pxP0JBrHD5iw4LL4ZdrQwGVAfWz%2BrFY0Y0xi4L1Hq%2BzDNUrWRwimvSNh%2FzmJZ4P4cR%2FpINkiUYlkSlNJT%2Bekf1DPwTkD8FpNxww%3D%3D--1kFgd1vMoHmfTe9E--Ddf9OXfwk5UkzYwPZs3ZKw%3D%3D
cookie: _octo=GH1.1.1788271999.1735125765
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 200

server: GitHub.com
date: Wed, 25 Dec 2024 11:22:52 GMT
content-type: text/html; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
etag: W/"9f4a048b733e2d8816356d21f9dcb888"
cache-control: max-age=0, private, must-revalidate
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
content-encoding: gzip
x-html-safe: 5ea9b7eb53f9e22fcce4bb0b6c5c5f16058540392b9f81f4567d2c8216c9aef2
accept-ranges: bytes
x-github-request-id: 8E34:35A22:33D16F:429978:676BEB07
GET

https://github.com/Da2dalus/The-MALWARE-Repo/latest-commit/master/RAT

msedge.exe

Remote address:

20.26.156.215:443

Request

GET /Da2dalus/The-MALWARE-Repo/latest-commit/master/RAT HTTP/2.0
host: github.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
content-type: application/json
accept: application/json
x-requested-with: XMLHttpRequest
github-verified-fetch: true
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/tree/master/RAT
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _gh_sess=AkizHccWs058JF915G7ccw%2BB5j5gvBsb1qe1F87Db97iiILQ7LZsw661Mfaf6vJR4%2FcbDgz%2FWM5QAUrGSSB%2BxPih63Wy2sR%2BDGqX%2F7t%2FlRmJVwlf%2FliS7wnZL6Dz4Y62nGQ4KddCN8j%2BfTsEy4wEMtylh%2B2DhMEqz%2FgQGpAPkDdcnn5brc3pxP0JBrHD5iw4LL4ZdrQwGVAfWz%2BrFY0Y0xi4L1Hq%2BzDNUrWRwimvSNh%2FzmJZ4P4cR%2FpINkiUYlkSlNJT%2Bekf1DPwTkD8FpNxww%3D%3D--1kFgd1vMoHmfTe9E--Ddf9OXfwk5UkzYwPZs3ZKw%3D%3D
cookie: _octo=GH1.1.1788271999.1735125765
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 200

server: GitHub.com
date: Wed, 25 Dec 2024 11:22:52 GMT
content-type: application/json; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
etag: W/"9f833aed4efbbdd96e7a8472e5ee5e3f"
cache-control: max-age=0, private, must-revalidate
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
content-encoding: gzip
accept-ranges: bytes
content-length: 444
x-github-request-id: 8E34:35A22:33D1C0:4299D6:676BEB0C
GET

https://github.com/Da2dalus/The-MALWARE-Repo/tree-commit-info/master/RAT

msedge.exe

Remote address:

20.26.156.215:443

Request

GET /Da2dalus/The-MALWARE-Repo/tree-commit-info/master/RAT HTTP/2.0
host: github.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
content-type: application/json
accept: application/json
x-requested-with: XMLHttpRequest
github-verified-fetch: true
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/tree/master/RAT
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _gh_sess=AkizHccWs058JF915G7ccw%2BB5j5gvBsb1qe1F87Db97iiILQ7LZsw661Mfaf6vJR4%2FcbDgz%2FWM5QAUrGSSB%2BxPih63Wy2sR%2BDGqX%2F7t%2FlRmJVwlf%2FliS7wnZL6Dz4Y62nGQ4KddCN8j%2BfTsEy4wEMtylh%2B2DhMEqz%2FgQGpAPkDdcnn5brc3pxP0JBrHD5iw4LL4ZdrQwGVAfWz%2BrFY0Y0xi4L1Hq%2BzDNUrWRwimvSNh%2FzmJZ4P4cR%2FpINkiUYlkSlNJT%2Bekf1DPwTkD8FpNxww%3D%3D--1kFgd1vMoHmfTe9E--Ddf9OXfwk5UkzYwPZs3ZKw%3D%3D
cookie: _octo=GH1.1.1788271999.1735125765
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 200

server: GitHub.com
date: Wed, 25 Dec 2024 11:22:52 GMT
content-type: application/json; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
etag: W/"3b1ec0bc5e0864a5815defaffc90db22"
cache-control: max-age=0, private, must-revalidate
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
content-encoding: gzip
accept-ranges: bytes
content-length: 181
x-github-request-id: 8E34:35A22:33D1C2:4299DB:676BEB0C
GET

https://github.com/Da2dalus/The-MALWARE-Repo/deferred-metadata/master/RAT

msedge.exe

Remote address:

20.26.156.215:443

Request

GET /Da2dalus/The-MALWARE-Repo/deferred-metadata/master/RAT HTTP/2.0
host: github.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
content-type: application/json
accept: application/json
x-requested-with: XMLHttpRequest
github-verified-fetch: true
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/tree/master/RAT
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _gh_sess=AkizHccWs058JF915G7ccw%2BB5j5gvBsb1qe1F87Db97iiILQ7LZsw661Mfaf6vJR4%2FcbDgz%2FWM5QAUrGSSB%2BxPih63Wy2sR%2BDGqX%2F7t%2FlRmJVwlf%2FliS7wnZL6Dz4Y62nGQ4KddCN8j%2BfTsEy4wEMtylh%2B2DhMEqz%2FgQGpAPkDdcnn5brc3pxP0JBrHD5iw4LL4ZdrQwGVAfWz%2BrFY0Y0xi4L1Hq%2BzDNUrWRwimvSNh%2FzmJZ4P4cR%2FpINkiUYlkSlNJT%2Bekf1DPwTkD8FpNxww%3D%3D--1kFgd1vMoHmfTe9E--Ddf9OXfwk5UkzYwPZs3ZKw%3D%3D
cookie: _octo=GH1.1.1788271999.1735125765
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 200

server: GitHub.com
date: Wed, 25 Dec 2024 11:22:53 GMT
content-type: application/json; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
etag: W/"4d57b8d5dcc859dc5bac3308b216eaf8"
cache-control: max-age=0, private, must-revalidate
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
content-encoding: gzip
accept-ranges: bytes
content-length: 772
x-github-request-id: 8E34:35A22:33D1C2:4299DA:676BEB0C
GET

https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/RAT/NJRat.exe

msedge.exe

Remote address:

20.26.156.215:443

Request

GET /Da2dalus/The-MALWARE-Repo/blob/master/RAT/NJRat.exe HTTP/2.0
host: github.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: application/json
x-requested-with: XMLHttpRequest
x-react-router: json
x-github-target: dotcom
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/RAT/NJRat.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _gh_sess=AkizHccWs058JF915G7ccw%2BB5j5gvBsb1qe1F87Db97iiILQ7LZsw661Mfaf6vJR4%2FcbDgz%2FWM5QAUrGSSB%2BxPih63Wy2sR%2BDGqX%2F7t%2FlRmJVwlf%2FliS7wnZL6Dz4Y62nGQ4KddCN8j%2BfTsEy4wEMtylh%2B2DhMEqz%2FgQGpAPkDdcnn5brc3pxP0JBrHD5iw4LL4ZdrQwGVAfWz%2BrFY0Y0xi4L1Hq%2BzDNUrWRwimvSNh%2FzmJZ4P4cR%2FpINkiUYlkSlNJT%2Bekf1DPwTkD8FpNxww%3D%3D--1kFgd1vMoHmfTe9E--Ddf9OXfwk5UkzYwPZs3ZKw%3D%3D
cookie: _octo=GH1.1.1788271999.1735125765
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 200

server: GitHub.com
date: Wed, 25 Dec 2024 11:22:58 GMT
content-type: application/json; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
etag: W/"98c17fb5cb6fcadad02906b8033207bd"
cache-control: max-age=0, private, must-revalidate
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
content-encoding: gzip
accept-ranges: bytes
content-length: 1921
x-github-request-id: 8E34:35A22:33D3A1:429C53:676BEB0D
GET

https://github.com/Da2dalus/The-MALWARE-Repo/latest-commit/master/RAT/NJRat.exe

msedge.exe

Remote address:

20.26.156.215:443

Request

GET /Da2dalus/The-MALWARE-Repo/latest-commit/master/RAT/NJRat.exe HTTP/2.0
host: github.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
content-type: application/json
accept: application/json
x-requested-with: XMLHttpRequest
github-verified-fetch: true
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/RAT/NJRat.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _gh_sess=AkizHccWs058JF915G7ccw%2BB5j5gvBsb1qe1F87Db97iiILQ7LZsw661Mfaf6vJR4%2FcbDgz%2FWM5QAUrGSSB%2BxPih63Wy2sR%2BDGqX%2F7t%2FlRmJVwlf%2FliS7wnZL6Dz4Y62nGQ4KddCN8j%2BfTsEy4wEMtylh%2B2DhMEqz%2FgQGpAPkDdcnn5brc3pxP0JBrHD5iw4LL4ZdrQwGVAfWz%2BrFY0Y0xi4L1Hq%2BzDNUrWRwimvSNh%2FzmJZ4P4cR%2FpINkiUYlkSlNJT%2Bekf1DPwTkD8FpNxww%3D%3D--1kFgd1vMoHmfTe9E--Ddf9OXfwk5UkzYwPZs3ZKw%3D%3D
cookie: _octo=GH1.1.1788271999.1735125765
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 200

server: GitHub.com
date: Wed, 25 Dec 2024 11:22:58 GMT
content-type: application/json; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
etag: W/"3b1ec0bc5e0864a5815defaffc90db22"
cache-control: max-age=0, private, must-revalidate
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
content-encoding: gzip
accept-ranges: bytes
content-length: 181
x-github-request-id: 8E34:35A22:33D3FA:429CAC:676BEB12
GET

https://github.com/Da2dalus/The-MALWARE-Repo/deferred-metadata/master/RAT/NJRat.exe

msedge.exe

Remote address:

20.26.156.215:443

Request

GET /Da2dalus/The-MALWARE-Repo/deferred-metadata/master/RAT/NJRat.exe HTTP/2.0
host: github.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
content-type: application/json
accept: application/json
x-requested-with: XMLHttpRequest
github-verified-fetch: true
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/RAT/NJRat.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _gh_sess=AkizHccWs058JF915G7ccw%2BB5j5gvBsb1qe1F87Db97iiILQ7LZsw661Mfaf6vJR4%2FcbDgz%2FWM5QAUrGSSB%2BxPih63Wy2sR%2BDGqX%2F7t%2FlRmJVwlf%2FliS7wnZL6Dz4Y62nGQ4KddCN8j%2BfTsEy4wEMtylh%2B2DhMEqz%2FgQGpAPkDdcnn5brc3pxP0JBrHD5iw4LL4ZdrQwGVAfWz%2BrFY0Y0xi4L1Hq%2BzDNUrWRwimvSNh%2FzmJZ4P4cR%2FpINkiUYlkSlNJT%2Bekf1DPwTkD8FpNxww%3D%3D--1kFgd1vMoHmfTe9E--Ddf9OXfwk5UkzYwPZs3ZKw%3D%3D
cookie: _octo=GH1.1.1788271999.1735125765
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 200

server: GitHub.com
date: Wed, 25 Dec 2024 11:22:58 GMT
content-type: application/json; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
etag: W/"5f7774cae479b4feced0d5e61e941797"
cache-control: max-age=0, private, must-revalidate
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
content-encoding: gzip
accept-ranges: bytes
content-length: 447
x-github-request-id: 8E34:35A22:33D3FA:429CAB:676BEB12
GET

https://github.com/Da2dalus/The-MALWARE-Repo/raw/refs/heads/master/RAT/NJRat.exe

msedge.exe

Remote address:

20.26.156.215:443

Request

GET /Da2dalus/The-MALWARE-Repo/raw/refs/heads/master/RAT/NJRat.exe HTTP/2.0
host: github.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/RAT/NJRat.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _gh_sess=AkizHccWs058JF915G7ccw%2BB5j5gvBsb1qe1F87Db97iiILQ7LZsw661Mfaf6vJR4%2FcbDgz%2FWM5QAUrGSSB%2BxPih63Wy2sR%2BDGqX%2F7t%2FlRmJVwlf%2FliS7wnZL6Dz4Y62nGQ4KddCN8j%2BfTsEy4wEMtylh%2B2DhMEqz%2FgQGpAPkDdcnn5brc3pxP0JBrHD5iw4LL4ZdrQwGVAfWz%2BrFY0Y0xi4L1Hq%2BzDNUrWRwimvSNh%2FzmJZ4P4cR%2FpINkiUYlkSlNJT%2Bekf1DPwTkD8FpNxww%3D%3D--1kFgd1vMoHmfTe9E--Ddf9OXfwk5UkzYwPZs3ZKw%3D%3D
cookie: _octo=GH1.1.1788271999.1735125765
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 302

server: GitHub.com
date: Wed, 25 Dec 2024 11:23:01 GMT
content-type: text/html; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
access-control-allow-origin:
location: https://raw.githubusercontent.com/Da2dalus/The-MALWARE-Repo/refs/heads/master/RAT/NJRat.exe
cache-control: no-cache
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
content-length: 0
x-github-request-id: 8E34:35A22:33D562:429E6A:676BEB12
GET

https://github.com/Da2dalus/The-MALWARE-Repo/raw/refs/heads/master/RAT/NJRat.exe

msedge.exe

Remote address:

20.26.156.215:443

Request

GET /Da2dalus/The-MALWARE-Repo/raw/refs/heads/master/RAT/NJRat.exe HTTP/2.0
host: github.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/RAT/NJRat.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _gh_sess=AkizHccWs058JF915G7ccw%2BB5j5gvBsb1qe1F87Db97iiILQ7LZsw661Mfaf6vJR4%2FcbDgz%2FWM5QAUrGSSB%2BxPih63Wy2sR%2BDGqX%2F7t%2FlRmJVwlf%2FliS7wnZL6Dz4Y62nGQ4KddCN8j%2BfTsEy4wEMtylh%2B2DhMEqz%2FgQGpAPkDdcnn5brc3pxP0JBrHD5iw4LL4ZdrQwGVAfWz%2BrFY0Y0xi4L1Hq%2BzDNUrWRwimvSNh%2FzmJZ4P4cR%2FpINkiUYlkSlNJT%2Bekf1DPwTkD8FpNxww%3D%3D--1kFgd1vMoHmfTe9E--Ddf9OXfwk5UkzYwPZs3ZKw%3D%3D
cookie: _octo=GH1.1.1788271999.1735125765
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 302

server: GitHub.com
date: Wed, 25 Dec 2024 11:23:01 GMT
content-type: text/html; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
access-control-allow-origin:
location: https://raw.githubusercontent.com/Da2dalus/The-MALWARE-Repo/refs/heads/master/RAT/NJRat.exe
cache-control: no-cache
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
content-length: 0
x-github-request-id: 8E34:35A22:33D58A:429E8D:676BEB15
GET

https://github.com/Da2dalus/The-MALWARE-Repo/raw/refs/heads/master/RAT/NJRat.exe

msedge.exe

Remote address:

20.26.156.215:443

Request

GET /Da2dalus/The-MALWARE-Repo/raw/refs/heads/master/RAT/NJRat.exe HTTP/2.0
host: github.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/RAT/NJRat.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _gh_sess=AkizHccWs058JF915G7ccw%2BB5j5gvBsb1qe1F87Db97iiILQ7LZsw661Mfaf6vJR4%2FcbDgz%2FWM5QAUrGSSB%2BxPih63Wy2sR%2BDGqX%2F7t%2FlRmJVwlf%2FliS7wnZL6Dz4Y62nGQ4KddCN8j%2BfTsEy4wEMtylh%2B2DhMEqz%2FgQGpAPkDdcnn5brc3pxP0JBrHD5iw4LL4ZdrQwGVAfWz%2BrFY0Y0xi4L1Hq%2BzDNUrWRwimvSNh%2FzmJZ4P4cR%2FpINkiUYlkSlNJT%2Bekf1DPwTkD8FpNxww%3D%3D--1kFgd1vMoHmfTe9E--Ddf9OXfwk5UkzYwPZs3ZKw%3D%3D
cookie: _octo=GH1.1.1788271999.1735125765
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 302

server: GitHub.com
date: Wed, 25 Dec 2024 11:23:01 GMT
content-type: text/html; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
access-control-allow-origin:
location: https://raw.githubusercontent.com/Da2dalus/The-MALWARE-Repo/refs/heads/master/RAT/NJRat.exe
cache-control: no-cache
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
content-length: 0
x-github-request-id: 8E34:35A22:33D59D:429E9E:676BEB15
GET

https://github.com/Da2dalus/The-MALWARE-Repo/raw/refs/heads/master/RAT/NJRat.exe

msedge.exe

Remote address:

20.26.156.215:443

Request

GET /Da2dalus/The-MALWARE-Repo/raw/refs/heads/master/RAT/NJRat.exe HTTP/2.0
host: github.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/RAT/NJRat.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _gh_sess=AkizHccWs058JF915G7ccw%2BB5j5gvBsb1qe1F87Db97iiILQ7LZsw661Mfaf6vJR4%2FcbDgz%2FWM5QAUrGSSB%2BxPih63Wy2sR%2BDGqX%2F7t%2FlRmJVwlf%2FliS7wnZL6Dz4Y62nGQ4KddCN8j%2BfTsEy4wEMtylh%2B2DhMEqz%2FgQGpAPkDdcnn5brc3pxP0JBrHD5iw4LL4ZdrQwGVAfWz%2BrFY0Y0xi4L1Hq%2BzDNUrWRwimvSNh%2FzmJZ4P4cR%2FpINkiUYlkSlNJT%2Bekf1DPwTkD8FpNxww%3D%3D--1kFgd1vMoHmfTe9E--Ddf9OXfwk5UkzYwPZs3ZKw%3D%3D
cookie: _octo=GH1.1.1788271999.1735125765
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 302

server: GitHub.com
date: Wed, 25 Dec 2024 11:23:01 GMT
content-type: text/html; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
access-control-allow-origin:
location: https://raw.githubusercontent.com/Da2dalus/The-MALWARE-Repo/refs/heads/master/RAT/NJRat.exe
cache-control: no-cache
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
content-length: 0
x-github-request-id: 8E34:35A22:33D5AF:429EB6:676BEB15
GET

https://github.com/Da2dalus/The-MALWARE-Repo/raw/refs/heads/master/RAT/NJRat.exe

msedge.exe

Remote address:

20.26.156.215:443

Request

GET /Da2dalus/The-MALWARE-Repo/raw/refs/heads/master/RAT/NJRat.exe HTTP/2.0
host: github.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/RAT/NJRat.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _gh_sess=AkizHccWs058JF915G7ccw%2BB5j5gvBsb1qe1F87Db97iiILQ7LZsw661Mfaf6vJR4%2FcbDgz%2FWM5QAUrGSSB%2BxPih63Wy2sR%2BDGqX%2F7t%2FlRmJVwlf%2FliS7wnZL6Dz4Y62nGQ4KddCN8j%2BfTsEy4wEMtylh%2B2DhMEqz%2FgQGpAPkDdcnn5brc3pxP0JBrHD5iw4LL4ZdrQwGVAfWz%2BrFY0Y0xi4L1Hq%2BzDNUrWRwimvSNh%2FzmJZ4P4cR%2FpINkiUYlkSlNJT%2Bekf1DPwTkD8FpNxww%3D%3D--1kFgd1vMoHmfTe9E--Ddf9OXfwk5UkzYwPZs3ZKw%3D%3D
cookie: _octo=GH1.1.1788271999.1735125765
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 302

server: GitHub.com
date: Wed, 25 Dec 2024 11:23:01 GMT
content-type: text/html; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
access-control-allow-origin:
location: https://raw.githubusercontent.com/Da2dalus/The-MALWARE-Repo/refs/heads/master/RAT/NJRat.exe
cache-control: no-cache
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
content-length: 0
x-github-request-id: 8E34:35A22:33D5C4:429ED2:676BEB16
GET

https://github.com/Da2dalus/The-MALWARE-Repo/raw/refs/heads/master/RAT/NJRat.exe

msedge.exe

Remote address:

20.26.156.215:443

Request

GET /Da2dalus/The-MALWARE-Repo/raw/refs/heads/master/RAT/NJRat.exe HTTP/2.0
host: github.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/RAT/NJRat.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _gh_sess=AkizHccWs058JF915G7ccw%2BB5j5gvBsb1qe1F87Db97iiILQ7LZsw661Mfaf6vJR4%2FcbDgz%2FWM5QAUrGSSB%2BxPih63Wy2sR%2BDGqX%2F7t%2FlRmJVwlf%2FliS7wnZL6Dz4Y62nGQ4KddCN8j%2BfTsEy4wEMtylh%2B2DhMEqz%2FgQGpAPkDdcnn5brc3pxP0JBrHD5iw4LL4ZdrQwGVAfWz%2BrFY0Y0xi4L1Hq%2BzDNUrWRwimvSNh%2FzmJZ4P4cR%2FpINkiUYlkSlNJT%2Bekf1DPwTkD8FpNxww%3D%3D--1kFgd1vMoHmfTe9E--Ddf9OXfwk5UkzYwPZs3ZKw%3D%3D
cookie: _octo=GH1.1.1788271999.1735125765
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 302

server: GitHub.com
date: Wed, 25 Dec 2024 11:23:01 GMT
content-type: text/html; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
access-control-allow-origin:
location: https://raw.githubusercontent.com/Da2dalus/The-MALWARE-Repo/refs/heads/master/RAT/NJRat.exe
cache-control: no-cache
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
content-length: 0
x-github-request-id: 8E34:35A22:33D5D7:429EEC:676BEB16
GET

https://github.com/Da2dalus/The-MALWARE-Repo/raw/refs/heads/master/RAT/NJRat.exe

msedge.exe

Remote address:

20.26.156.215:443

Request

GET /Da2dalus/The-MALWARE-Repo/raw/refs/heads/master/RAT/NJRat.exe HTTP/2.0
host: github.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/RAT/NJRat.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _gh_sess=AkizHccWs058JF915G7ccw%2BB5j5gvBsb1qe1F87Db97iiILQ7LZsw661Mfaf6vJR4%2FcbDgz%2FWM5QAUrGSSB%2BxPih63Wy2sR%2BDGqX%2F7t%2FlRmJVwlf%2FliS7wnZL6Dz4Y62nGQ4KddCN8j%2BfTsEy4wEMtylh%2B2DhMEqz%2FgQGpAPkDdcnn5brc3pxP0JBrHD5iw4LL4ZdrQwGVAfWz%2BrFY0Y0xi4L1Hq%2BzDNUrWRwimvSNh%2FzmJZ4P4cR%2FpINkiUYlkSlNJT%2Bekf1DPwTkD8FpNxww%3D%3D--1kFgd1vMoHmfTe9E--Ddf9OXfwk5UkzYwPZs3ZKw%3D%3D
cookie: _octo=GH1.1.1788271999.1735125765
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 302

server: GitHub.com
date: Wed, 25 Dec 2024 11:23:01 GMT
content-type: text/html; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
access-control-allow-origin:
location: https://raw.githubusercontent.com/Da2dalus/The-MALWARE-Repo/refs/heads/master/RAT/NJRat.exe
cache-control: no-cache
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
content-length: 0
x-github-request-id: 8E34:35A22:33D5ED:429F00:676BEB16
GET

https://github.com/Da2dalus/The-MALWARE-Repo/raw/refs/heads/master/RAT/NJRat.exe

msedge.exe

Remote address:

20.26.156.215:443

Request

GET /Da2dalus/The-MALWARE-Repo/raw/refs/heads/master/RAT/NJRat.exe HTTP/2.0
host: github.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/RAT/NJRat.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _gh_sess=AkizHccWs058JF915G7ccw%2BB5j5gvBsb1qe1F87Db97iiILQ7LZsw661Mfaf6vJR4%2FcbDgz%2FWM5QAUrGSSB%2BxPih63Wy2sR%2BDGqX%2F7t%2FlRmJVwlf%2FliS7wnZL6Dz4Y62nGQ4KddCN8j%2BfTsEy4wEMtylh%2B2DhMEqz%2FgQGpAPkDdcnn5brc3pxP0JBrHD5iw4LL4ZdrQwGVAfWz%2BrFY0Y0xi4L1Hq%2BzDNUrWRwimvSNh%2FzmJZ4P4cR%2FpINkiUYlkSlNJT%2Bekf1DPwTkD8FpNxww%3D%3D--1kFgd1vMoHmfTe9E--Ddf9OXfwk5UkzYwPZs3ZKw%3D%3D
cookie: _octo=GH1.1.1788271999.1735125765
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 302

server: GitHub.com
date: Wed, 25 Dec 2024 11:23:01 GMT
content-type: text/html; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
access-control-allow-origin:
location: https://raw.githubusercontent.com/Da2dalus/The-MALWARE-Repo/refs/heads/master/RAT/NJRat.exe
cache-control: no-cache
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
content-length: 0
x-github-request-id: 8E34:35A22:33D5FD:429F14:676BEB16
GET

https://github.com/Da2dalus/The-MALWARE-Repo/raw/refs/heads/master/RAT/NJRat.exe

msedge.exe

Remote address:

20.26.156.215:443

Request

GET /Da2dalus/The-MALWARE-Repo/raw/refs/heads/master/RAT/NJRat.exe HTTP/2.0
host: github.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/RAT/NJRat.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _gh_sess=AkizHccWs058JF915G7ccw%2BB5j5gvBsb1qe1F87Db97iiILQ7LZsw661Mfaf6vJR4%2FcbDgz%2FWM5QAUrGSSB%2BxPih63Wy2sR%2BDGqX%2F7t%2FlRmJVwlf%2FliS7wnZL6Dz4Y62nGQ4KddCN8j%2BfTsEy4wEMtylh%2B2DhMEqz%2FgQGpAPkDdcnn5brc3pxP0JBrHD5iw4LL4ZdrQwGVAfWz%2BrFY0Y0xi4L1Hq%2BzDNUrWRwimvSNh%2FzmJZ4P4cR%2FpINkiUYlkSlNJT%2Bekf1DPwTkD8FpNxww%3D%3D--1kFgd1vMoHmfTe9E--Ddf9OXfwk5UkzYwPZs3ZKw%3D%3D
cookie: _octo=GH1.1.1788271999.1735125765
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 302

server: GitHub.com
date: Wed, 25 Dec 2024 11:23:01 GMT
content-type: text/html; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
access-control-allow-origin:
location: https://raw.githubusercontent.com/Da2dalus/The-MALWARE-Repo/refs/heads/master/RAT/NJRat.exe
cache-control: no-cache
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
content-length: 0
x-github-request-id: 8E34:35A22:33D60C:429F2B:676BEB16
GET

https://github.com/Da2dalus/The-MALWARE-Repo/raw/refs/heads/master/RAT/NJRat.exe

msedge.exe

Remote address:

20.26.156.215:443

Request

GET /Da2dalus/The-MALWARE-Repo/raw/refs/heads/master/RAT/NJRat.exe HTTP/2.0
host: github.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/RAT/NJRat.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _gh_sess=AkizHccWs058JF915G7ccw%2BB5j5gvBsb1qe1F87Db97iiILQ7LZsw661Mfaf6vJR4%2FcbDgz%2FWM5QAUrGSSB%2BxPih63Wy2sR%2BDGqX%2F7t%2FlRmJVwlf%2FliS7wnZL6Dz4Y62nGQ4KddCN8j%2BfTsEy4wEMtylh%2B2DhMEqz%2FgQGpAPkDdcnn5brc3pxP0JBrHD5iw4LL4ZdrQwGVAfWz%2BrFY0Y0xi4L1Hq%2BzDNUrWRwimvSNh%2FzmJZ4P4cR%2FpINkiUYlkSlNJT%2Bekf1DPwTkD8FpNxww%3D%3D--1kFgd1vMoHmfTe9E--Ddf9OXfwk5UkzYwPZs3ZKw%3D%3D
cookie: _octo=GH1.1.1788271999.1735125765
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 302

server: GitHub.com
date: Wed, 25 Dec 2024 11:23:01 GMT
content-type: text/html; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
access-control-allow-origin:
location: https://raw.githubusercontent.com/Da2dalus/The-MALWARE-Repo/refs/heads/master/RAT/NJRat.exe
cache-control: no-cache
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
content-length: 0
x-github-request-id: 8E34:35A22:33D61D:429F43:676BEB17
GET

https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/RAT/CrimsonRAT.exe

msedge.exe

Remote address:

20.26.156.215:443

Request

GET /Da2dalus/The-MALWARE-Repo/blob/master/RAT/CrimsonRAT.exe HTTP/2.0
host: github.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: application/json
x-requested-with: XMLHttpRequest
x-react-router: json
x-github-target: dotcom
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/RAT/CrimsonRAT.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _gh_sess=AkizHccWs058JF915G7ccw%2BB5j5gvBsb1qe1F87Db97iiILQ7LZsw661Mfaf6vJR4%2FcbDgz%2FWM5QAUrGSSB%2BxPih63Wy2sR%2BDGqX%2F7t%2FlRmJVwlf%2FliS7wnZL6Dz4Y62nGQ4KddCN8j%2BfTsEy4wEMtylh%2B2DhMEqz%2FgQGpAPkDdcnn5brc3pxP0JBrHD5iw4LL4ZdrQwGVAfWz%2BrFY0Y0xi4L1Hq%2BzDNUrWRwimvSNh%2FzmJZ4P4cR%2FpINkiUYlkSlNJT%2Bekf1DPwTkD8FpNxww%3D%3D--1kFgd1vMoHmfTe9E--Ddf9OXfwk5UkzYwPZs3ZKw%3D%3D
cookie: _octo=GH1.1.1788271999.1735125765
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 200

server: GitHub.com
date: Wed, 25 Dec 2024 11:23:19 GMT
content-type: application/json; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
etag: W/"0a8d0cdf500d7bb35a7327310cc0ea97"
cache-control: max-age=0, private, must-revalidate
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
content-encoding: gzip
accept-ranges: bytes
content-length: 1918
x-github-request-id: 8E34:35A22:33DC6C:42A707:676BEB17
GET

https://github.com/Da2dalus/The-MALWARE-Repo/latest-commit/master/RAT/CrimsonRAT.exe

msedge.exe

Remote address:

20.26.156.215:443

Request

GET /Da2dalus/The-MALWARE-Repo/latest-commit/master/RAT/CrimsonRAT.exe HTTP/2.0
host: github.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
content-type: application/json
accept: application/json
x-requested-with: XMLHttpRequest
github-verified-fetch: true
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/RAT/CrimsonRAT.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _gh_sess=AkizHccWs058JF915G7ccw%2BB5j5gvBsb1qe1F87Db97iiILQ7LZsw661Mfaf6vJR4%2FcbDgz%2FWM5QAUrGSSB%2BxPih63Wy2sR%2BDGqX%2F7t%2FlRmJVwlf%2FliS7wnZL6Dz4Y62nGQ4KddCN8j%2BfTsEy4wEMtylh%2B2DhMEqz%2FgQGpAPkDdcnn5brc3pxP0JBrHD5iw4LL4ZdrQwGVAfWz%2BrFY0Y0xi4L1Hq%2BzDNUrWRwimvSNh%2FzmJZ4P4cR%2FpINkiUYlkSlNJT%2Bekf1DPwTkD8FpNxww%3D%3D--1kFgd1vMoHmfTe9E--Ddf9OXfwk5UkzYwPZs3ZKw%3D%3D
cookie: _octo=GH1.1.1788271999.1735125765
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 200

server: GitHub.com
date: Wed, 25 Dec 2024 11:23:19 GMT
content-type: application/json; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
etag: W/"512a4e287782e4753df12f306462646d"
cache-control: max-age=0, private, must-revalidate
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
content-encoding: gzip
accept-ranges: bytes
content-length: 447
x-github-request-id: 8E34:35A22:33DCA6:42A74C:676BEB27
GET

https://github.com/Da2dalus/The-MALWARE-Repo/deferred-metadata/master/RAT/CrimsonRAT.exe

msedge.exe

Remote address:

20.26.156.215:443

Request

GET /Da2dalus/The-MALWARE-Repo/deferred-metadata/master/RAT/CrimsonRAT.exe HTTP/2.0
host: github.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
content-type: application/json
accept: application/json
x-requested-with: XMLHttpRequest
github-verified-fetch: true
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/RAT/CrimsonRAT.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _gh_sess=AkizHccWs058JF915G7ccw%2BB5j5gvBsb1qe1F87Db97iiILQ7LZsw661Mfaf6vJR4%2FcbDgz%2FWM5QAUrGSSB%2BxPih63Wy2sR%2BDGqX%2F7t%2FlRmJVwlf%2FliS7wnZL6Dz4Y62nGQ4KddCN8j%2BfTsEy4wEMtylh%2B2DhMEqz%2FgQGpAPkDdcnn5brc3pxP0JBrHD5iw4LL4ZdrQwGVAfWz%2BrFY0Y0xi4L1Hq%2BzDNUrWRwimvSNh%2FzmJZ4P4cR%2FpINkiUYlkSlNJT%2Bekf1DPwTkD8FpNxww%3D%3D--1kFgd1vMoHmfTe9E--Ddf9OXfwk5UkzYwPZs3ZKw%3D%3D
cookie: _octo=GH1.1.1788271999.1735125765
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 200

server: GitHub.com
date: Wed, 25 Dec 2024 11:23:19 GMT
content-type: application/json; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
etag: W/"3b1ec0bc5e0864a5815defaffc90db22"
cache-control: max-age=0, private, must-revalidate
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
content-encoding: gzip
accept-ranges: bytes
content-length: 181
x-github-request-id: 8E34:35A22:33DCA6:42A74D:676BEB27
GET

https://github.com/Da2dalus/The-MALWARE-Repo/raw/refs/heads/master/RAT/CrimsonRAT.exe

msedge.exe

Remote address:

20.26.156.215:443

Request

GET /Da2dalus/The-MALWARE-Repo/raw/refs/heads/master/RAT/CrimsonRAT.exe HTTP/2.0
host: github.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/RAT/CrimsonRAT.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _gh_sess=AkizHccWs058JF915G7ccw%2BB5j5gvBsb1qe1F87Db97iiILQ7LZsw661Mfaf6vJR4%2FcbDgz%2FWM5QAUrGSSB%2BxPih63Wy2sR%2BDGqX%2F7t%2FlRmJVwlf%2FliS7wnZL6Dz4Y62nGQ4KddCN8j%2BfTsEy4wEMtylh%2B2DhMEqz%2FgQGpAPkDdcnn5brc3pxP0JBrHD5iw4LL4ZdrQwGVAfWz%2BrFY0Y0xi4L1Hq%2BzDNUrWRwimvSNh%2FzmJZ4P4cR%2FpINkiUYlkSlNJT%2Bekf1DPwTkD8FpNxww%3D%3D--1kFgd1vMoHmfTe9E--Ddf9OXfwk5UkzYwPZs3ZKw%3D%3D
cookie: _octo=GH1.1.1788271999.1735125765
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 302

server: GitHub.com
date: Wed, 25 Dec 2024 11:23:21 GMT
content-type: text/html; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
access-control-allow-origin:
location: https://raw.githubusercontent.com/Da2dalus/The-MALWARE-Repo/refs/heads/master/RAT/CrimsonRAT.exe
cache-control: no-cache
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
content-length: 0
x-github-request-id: 8E34:35A22:33DD45:42A812:676BEB28
GET

https://github.githubassets.com/assets/light-0cfd1fd8509e.css

msedge.exe

Remote address:

185.199.109.154:443

Request

GET /assets/light-0cfd1fd8509e.css HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: text/css,*/*;q=0.1
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: style
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: text/css
last-modified: Mon, 26 Aug 2024 16:36:17 GMT
etag: "0x8DCC5ED35736954"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 25 Dec 2024 11:22:46 GMT
age: 1222598
x-served-by: cache-iad-kjyo7100115-IAD, cache-ams21077-AMS
x-cache: HIT, HIT
x-cache-hits: 15, 1416
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: b14c6e38a33e3e1f8e58a35206c6ad675d11820e
content-length: 479
GET

https://github.githubassets.com/assets/dark-d782f59290e2.css

msedge.exe

Remote address:

185.199.109.154:443

Request

GET /assets/dark-d782f59290e2.css HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: text/css,*/*;q=0.1
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: style
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: text/css
last-modified: Fri, 06 Dec 2024 20:56:32 GMT
etag: "0x8DD16387725931D"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 25 Dec 2024 11:22:46 GMT
age: 1278052
x-served-by: cache-iad-kjyo7100112-IAD, cache-ams21077-AMS
x-cache: HIT, HIT
x-cache-hits: 9, 1192
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: ee665b4ee487cd9209aba835e5d441af8ec5654d
content-length: 5163
GET

https://github.githubassets.com/assets/primer-primitives-953961b66e63.css

msedge.exe

Remote address:

185.199.109.154:443

Request

GET /assets/primer-primitives-953961b66e63.css HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: text/css,*/*;q=0.1
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: style
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: text/css
last-modified: Wed, 20 Nov 2024 21:24:16 GMT
etag: "0x8DD09A9B01484BC"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 25 Dec 2024 11:22:46 GMT
age: 1768507
x-served-by: cache-iad-kiad7000027-IAD, cache-ams21077-AMS
x-cache: HIT, HIT
x-cache-hits: 16542, 1792
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 67713351697876224171fa756f5b168a50102e7a
content-length: 6985
GET

https://github.githubassets.com/assets/repository-d031bcc14e1b.css

msedge.exe

Remote address:

185.199.109.154:443

Request

GET /assets/repository-d031bcc14e1b.css HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: text/css,*/*;q=0.1
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: style
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: text/css
last-modified: Tue, 26 Nov 2024 21:12:56 GMT
etag: "0x8DD0E5F193AF82C"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 25 Dec 2024 11:22:46 GMT
age: 1792795
x-served-by: cache-iad-kjyo7100144-IAD, cache-ams21077-AMS
x-cache: HIT, HIT
x-cache-hits: 6497, 1540
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: b033a4d8f3b5ba39ba32acea6da111419c283c29
content-length: 5150
GET

https://github.githubassets.com/assets/global-47b8b2ca21ae.css

msedge.exe

Remote address:

185.199.109.154:443

Request

GET /assets/global-47b8b2ca21ae.css HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: text/css,*/*;q=0.1
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: style
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: text/css
last-modified: Fri, 20 Dec 2024 19:37:11 GMT
etag: "0x8DD212DB320AE8E"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 25 Dec 2024 11:22:46 GMT
age: 395231
x-served-by: cache-iad-kiad7000146-IAD, cache-ams21077-AMS
x-cache: HIT, HIT
x-cache-hits: 8, 2020
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: dceb40313da8a7028e76cf0a692bf876cee9e66e
content-length: 38143
GET

https://github.githubassets.com/assets/primer-4430d3c2c150.css

msedge.exe

Remote address:

185.199.109.154:443

Request

GET /assets/primer-4430d3c2c150.css HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: text/css,*/*;q=0.1
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: style
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: text/css
last-modified: Wed, 11 Dec 2024 17:38:33 GMT
etag: "0x8DD1A0AA2CE9848"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 25 Dec 2024 11:22:46 GMT
age: 1116384
x-served-by: cache-iad-kcgs7200156-IAD, cache-ams21077-AMS
x-cache: MISS, HIT
x-cache-hits: 0, 1868
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 4c8f81387e2b0e10c94e1bd96592bd4becbf92c2
content-length: 2591
GET

https://github.githubassets.com/assets/notifications-subscriptions-menu.1bcff9205c241e99cff2.module.css

msedge.exe

Remote address:

185.199.109.154:443

Request

GET /assets/notifications-subscriptions-menu.1bcff9205c241e99cff2.module.css HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: text/css,*/*;q=0.1
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: style
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: text/css
last-modified: Fri, 13 Dec 2024 19:44:51 GMT
etag: "0x8DD1BAE9C74ED39"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 25 Dec 2024 11:22:46 GMT
age: 664794
x-served-by: cache-iad-kcgs7200070-IAD, cache-ams21077-AMS
x-cache: HIT, HIT
x-cache-hits: 31, 1922
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 0e18794de972fba46d9bf624225129f5e6edb396
content-length: 21280
GET

https://github.githubassets.com/assets/repos-overview.9cc263aa0716ce801059.module.css

msedge.exe

Remote address:

185.199.109.154:443

Request

GET /assets/repos-overview.9cc263aa0716ce801059.module.css HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: text/css,*/*;q=0.1
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: style
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: text/css
last-modified: Tue, 17 Dec 2024 18:43:31 GMT
etag: "0x8DD1ECAB43210B5"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 25 Dec 2024 11:22:46 GMT
age: 474848
x-served-by: cache-iad-kjyo7100094-IAD, cache-ams21077-AMS
x-cache: HIT, HIT
x-cache-hits: 28, 2005
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: dfafa3e69833f5cec5df1201765d4de9fb1a184a
content-length: 39148
GET

https://github.githubassets.com/assets/code-9e1913b328be.css

msedge.exe

Remote address:

185.199.109.154:443

Request

GET /assets/code-9e1913b328be.css HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: text/css,*/*;q=0.1
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: style
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: text/css
last-modified: Tue, 22 Oct 2024 14:40:08 GMT
etag: "0x8DCF2A76D2FB21D"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 25 Dec 2024 11:22:46 GMT
age: 5462993
x-served-by: cache-iad-kiad7000028-IAD, cache-ams21077-AMS
x-cache: HIT, HIT
x-cache-hits: 10928, 967
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 0983cfe2f29da46ebeb407f29cd8a4c4df1b8244
content-length: 222
GET

https://github.githubassets.com/assets/github-e72829f5538b.css

msedge.exe

Remote address:

185.199.109.154:443

Request

GET /assets/github-e72829f5538b.css HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: text/css,*/*;q=0.1
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: style
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: text/css
last-modified: Wed, 20 Nov 2024 21:24:18 GMT
etag: "0x8DD09A9B15EC064"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 25 Dec 2024 11:22:46 GMT
age: 1768509
x-served-by: cache-iad-kiad7000161-IAD, cache-ams21077-AMS
x-cache: HIT, HIT
x-cache-hits: 166, 1821
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 5f010875c2ef0dd3dd3b466747a4769d2ccd9603
content-length: 6899
GET

https://github.githubassets.com/assets/primer-react.797c8ec006b327590422.module.css

msedge.exe

Remote address:

185.199.109.154:443

Request

GET /assets/primer-react.797c8ec006b327590422.module.css HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: text/css,*/*;q=0.1
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: style
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: text/css
last-modified: Wed, 18 Dec 2024 14:30:02 GMT
etag: "0x8DD1F7075BC9820"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 25 Dec 2024 11:22:46 GMT
age: 486853
x-served-by: cache-iad-kcgs7200091-IAD, cache-ams21077-AMS
x-cache: HIT, HIT
x-cache-hits: 41, 2072
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: f143be1f29ccfe6c40d7765258ebdf74908a868a
content-length: 18441
GET

https://github.githubassets.com/assets/vendors-node_modules_tanstack_query-core_build_modern_queryObserver_js-node_modules_tanstack_-defd52-843b41414e0e.js

msedge.exe

Remote address:

185.199.109.154:443

Request

GET /assets/vendors-node_modules_tanstack_query-core_build_modern_queryObserver_js-node_modules_tanstack_-defd52-843b41414e0e.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Tue, 12 Nov 2024 14:39:55 GMT
etag: "0x8DD0327E029647C"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 25 Dec 2024 11:22:46 GMT
age: 1446021
x-served-by: cache-iad-kcgs7200065-IAD, cache-ams21077-AMS
x-cache: HIT, HIT
x-cache-hits: 23, 1132
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 0e76ea6927495dd251b496ebae260058bbda5ebe
content-length: 3412
GET

https://github.githubassets.com/assets/vendors-node_modules_github_hydro-analytics-client_dist_analytics-client_js-node_modules_gith-9002b0-881da98a8b00.js

msedge.exe

Remote address:

185.199.109.154:443

Request

GET /assets/vendors-node_modules_github_hydro-analytics-client_dist_analytics-client_js-node_modules_gith-9002b0-881da98a8b00.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Thu, 19 Dec 2024 03:47:22 GMT
etag: "0x8DD1FDFD884F18B"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 25 Dec 2024 11:22:46 GMT
age: 486853
x-served-by: cache-iad-kjyo7100151-IAD, cache-ams21077-AMS
x-cache: HIT, HIT
x-cache-hits: 64, 1901
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: f71f4bd54025df301c118ef64846467aaec292b7
content-length: 5898
GET

https://github.githubassets.com/assets/vendors-node_modules_dompurify_dist_purify_js-b89b98661809.js

msedge.exe

Remote address:

185.199.109.154:443

Request

GET /assets/vendors-node_modules_dompurify_dist_purify_js-b89b98661809.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Tue, 10 Dec 2024 22:28:29 GMT
etag: "0x8DD1969F8C0ACAB"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 25 Dec 2024 11:22:46 GMT
age: 1251442
x-served-by: cache-iad-kjyo7100053-IAD, cache-ams21077-AMS
x-cache: HIT, HIT
x-cache-hits: 3673, 1313
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: a8c0422112c8251c4764151fe9efc7674e2a2745
content-length: 3123
GET

https://github.githubassets.com/assets/ui_packages_paths_index_ts-4e4d706da555.js

msedge.exe

Remote address:

185.199.109.154:443

Request

GET /assets/ui_packages_paths_index_ts-4e4d706da555.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Tue, 12 Nov 2024 14:39:52 GMT
etag: "0x8DD0327DE7A8BE3"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 25 Dec 2024 11:22:46 GMT
age: 1446020
x-served-by: cache-iad-kiad7000107-IAD, cache-ams21077-AMS
x-cache: HIT, HIT
x-cache-hits: 33, 1243
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: e01e2efdae83818c8a819afe9476aa068044b5b4
content-length: 8037
GET

https://github.githubassets.com/assets/ui_packages_aria-live_aria-live_ts-ui_packages_promise-with-resolvers-polyfill_promise-with-r-014121-a7926fdcecf7.js

msedge.exe

Remote address:

185.199.109.154:443

Request

GET /assets/ui_packages_aria-live_aria-live_ts-ui_packages_promise-with-resolvers-polyfill_promise-with-r-014121-a7926fdcecf7.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Thu, 19 Dec 2024 15:00:11 GMT
etag: "0x8DD203DD5F27E62"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 25 Dec 2024 11:22:46 GMT
age: 486853
x-served-by: cache-iad-kiad7000167-IAD, cache-ams21077-AMS
x-cache: HIT, HIT
x-cache-hits: 25, 1286
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: dd00fcdd70022d9e4c6b17822b30d7a8b445aafa
content-length: 5296
GET

https://github.githubassets.com/assets/ui_packages_ref-selector_RefSelector_tsx-9445f4afb2bc.js

msedge.exe

Remote address:

185.199.109.154:443

Request

GET /assets/ui_packages_ref-selector_RefSelector_tsx-9445f4afb2bc.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Mon, 09 Dec 2024 18:22:05 GMT
etag: "0x8DD187E625ACB6B"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 25 Dec 2024 11:22:46 GMT
age: 1331763
x-served-by: cache-iad-kiad7000085-IAD, cache-ams21077-AMS
x-cache: HIT, HIT
x-cache-hits: 107, 1808
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 93fd8bf533dfd2f7b0e99eb0a4842e77a378f798
content-length: 4645
GET

https://github.githubassets.com/assets/ui_packages_code-view-shared_hooks_use-canonical-object_ts-ui_packages_code-view-shared_hooks-503c34-7dfba50d2c16.js

msedge.exe

Remote address:

185.199.109.154:443

Request

GET /assets/ui_packages_code-view-shared_hooks_use-canonical-object_ts-ui_packages_code-view-shared_hooks-503c34-7dfba50d2c16.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Tue, 12 Nov 2024 00:52:41 GMT
etag: "0x8DD02B4500C5DFD"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 25 Dec 2024 11:22:46 GMT
age: 1446020
x-served-by: cache-iad-kiad7000164-IAD, cache-ams21077-AMS
x-cache: HIT, HIT
x-cache-hits: 4991, 1812
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 777d53bd9a3a22bdb82009657d375138c7317c95
content-length: 4311
GET

https://github.githubassets.com/assets/ui_packages_commit-attribution_index_ts-ui_packages_commit-checks-status_index_ts-ui_packages-56ee79-b20e64ad06f9.js

msedge.exe

Remote address:

185.199.109.154:443

Request

GET /assets/ui_packages_commit-attribution_index_ts-ui_packages_commit-checks-status_index_ts-ui_packages-56ee79-b20e64ad06f9.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Mon, 25 Nov 2024 15:32:27 GMT
etag: "0x8DD0D665E0F9ED8"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 25 Dec 2024 11:22:46 GMT
age: 1446020
x-served-by: cache-iad-kcgs7200078-IAD, cache-ams21077-AMS
x-cache: HIT, HIT
x-cache-hits: 33, 1811
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 8102c2bc0d0528d927421ff4f48297d83e636dc2
content-length: 5379
GET

https://github.githubassets.com/assets/repos-overview-e21499fb8264.js

msedge.exe

Remote address:

185.199.109.154:443

Request

GET /assets/repos-overview-e21499fb8264.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Tue, 10 Dec 2024 19:56:20 GMT
etag: "0x8DD1954B7817C15"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 25 Dec 2024 11:22:46 GMT
age: 515404
x-served-by: cache-iad-kjyo7100066-IAD, cache-ams21077-AMS
x-cache: HIT, HIT
x-cache-hits: 1, 1949
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 958f9f0124a6d6516174e248ddd1737c492c0b16
content-length: 3683
GET

https://github.githubassets.com/assets/wp-runtime-8fd927947b24.js

msedge.exe

Remote address:

185.199.109.154:443

Request

GET /assets/wp-runtime-8fd927947b24.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Thu, 19 Dec 2024 17:24:30 GMT
etag: "0x8DD2051FF28CC62"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 25 Dec 2024 11:22:46 GMT
age: 474848
x-served-by: cache-iad-kjyo7100035-IAD, cache-ams21077-AMS
x-cache: HIT, HIT
x-cache-hits: 28, 2038
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: d6aafe721b88ea7e4644a75787c9472cff249171
content-length: 27463
GET

https://github.githubassets.com/assets/vendors-node_modules_oddbird_popover-polyfill_dist_popover_js-9da652f58479.js

msedge.exe

Remote address:

185.199.109.154:443

Request

GET /assets/vendors-node_modules_oddbird_popover-polyfill_dist_popover_js-9da652f58479.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Thu, 19 Dec 2024 17:24:25 GMT
etag: "0x8DD2051FC564485"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 25 Dec 2024 11:22:46 GMT
age: 474848
x-served-by: cache-iad-kjyo7100112-IAD, cache-ams21077-AMS
x-cache: HIT, HIT
x-cache-hits: 28, 2025
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 2d437e1102326afc5c852024f8c87a062897a73f
content-length: 9522
GET

https://github.githubassets.com/assets/vendors-node_modules_github_arianotify-polyfill_ariaNotify-polyfill_js-node_modules_github_mi-3abb8f-d7e6bc799724.js

msedge.exe

Remote address:

185.199.109.154:443

Request

GET /assets/vendors-node_modules_github_arianotify-polyfill_ariaNotify-polyfill_js-node_modules_github_mi-3abb8f-d7e6bc799724.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Mon, 16 Dec 2024 19:55:11 GMT
etag: "0x8DD1E0B8D014955"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 25 Dec 2024 11:22:46 GMT
age: 515404
x-served-by: cache-iad-kcgs7200171-IAD, cache-ams21077-AMS
x-cache: HIT, HIT
x-cache-hits: 1, 1964
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 0c8710229182d05ab958eb9b5e371ee6b3a0af78
content-length: 7892
GET

https://github.githubassets.com/assets/ui_packages_failbot_failbot_ts-c551691a8183.js

msedge.exe

Remote address:

185.199.109.154:443

Request

GET /assets/ui_packages_failbot_failbot_ts-c551691a8183.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Wed, 18 Dec 2024 20:13:06 GMT
etag: "0x8DD1FA062B76FEE"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 25 Dec 2024 11:22:46 GMT
age: 515404
x-served-by: cache-iad-kjyo7100051-IAD, cache-ams21077-AMS
x-cache: HIT, HIT
x-cache-hits: 1, 1959
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: a823de199b22f57bf44a9fa1e524b2df435c4da0
content-length: 4964
GET

https://github.githubassets.com/assets/environment-7b93e0f0c8ff.js

msedge.exe

Remote address:

185.199.109.154:443

Request

GET /assets/environment-7b93e0f0c8ff.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Tue, 10 Dec 2024 18:53:47 GMT
etag: "0x8DD194BFA81CCF1"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 25 Dec 2024 11:22:46 GMT
age: 1261264
x-served-by: cache-iad-kjyo7100083-IAD, cache-ams21077-AMS
x-cache: HIT, HIT
x-cache-hits: 574, 1164
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: a8f1e6fbec1ed57e86a4f1e6f5c83ce67ccf0317
content-length: 6283
GET

https://github.githubassets.com/assets/vendors-node_modules_primer_behaviors_dist_esm_index_mjs-ea2a5d75d580.js

msedge.exe

Remote address:

185.199.109.154:443

Request

GET /assets/vendors-node_modules_primer_behaviors_dist_esm_index_mjs-ea2a5d75d580.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Thu, 19 Dec 2024 15:00:09 GMT
etag: "0x8DD203DD4E9D962"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 25 Dec 2024 11:22:46 GMT
age: 486853
x-served-by: cache-iad-kiad7000060-IAD, cache-ams21077-AMS
x-cache: HIT, HIT
x-cache-hits: 25, 1293
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 2350222c90215fc6e6ba68cfbd58875359ac6f2b
content-length: 20760
GET

https://github.githubassets.com/assets/vendors-node_modules_github_selector-observer_dist_index_esm_js-f690fd9ae3d5.js

msedge.exe

Remote address:

185.199.109.154:443

Request

GET /assets/vendors-node_modules_github_selector-observer_dist_index_esm_js-f690fd9ae3d5.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Fri, 13 Dec 2024 20:46:29 GMT
etag: "0x8DD1BB73845185D"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 25 Dec 2024 11:22:46 GMT
age: 402480
x-served-by: cache-iad-kjyo7100037-IAD, cache-ams21077-AMS
x-cache: HIT, HIT
x-cache-hits: 21, 1176
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 20ca025a62cbb04ca092339526534615ba0c58b9
content-length: 9211
GET

https://github.githubassets.com/assets/vendors-node_modules_github_relative-time-element_dist_index_js-f6da4b3fa34c.js

msedge.exe

Remote address:

185.199.109.154:443

Request

GET /assets/vendors-node_modules_github_relative-time-element_dist_index_js-f6da4b3fa34c.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Thu, 19 Dec 2024 20:30:30 GMT
etag: "0x8DD206BFB52D2F5"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 25 Dec 2024 11:22:46 GMT
age: 478893
x-served-by: cache-iad-kiad7000036-IAD, cache-ams21077-AMS
x-cache: HIT, HIT
x-cache-hits: 67, 1146
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: b0d83bb11e868d48e9b7041ca429a056f410b9a2
content-length: 15659
GET

https://github.githubassets.com/assets/vendors-node_modules_github_auto-complete-element_dist_index_js-node_modules_github_catalyst_-8e9f78-a74b4e0a8a6b.js

msedge.exe

Remote address:

185.199.109.154:443

Request

GET /assets/vendors-node_modules_github_auto-complete-element_dist_index_js-node_modules_github_catalyst_-8e9f78-a74b4e0a8a6b.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Mon, 23 Dec 2024 17:41:14 GMT
etag: "0x8DD2378FF33E3D4"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 25 Dec 2024 11:22:46 GMT
age: 144672
x-served-by: cache-iad-kiad7000075-IAD, cache-ams21077-AMS
x-cache: HIT, HIT
x-cache-hits: 42, 2435
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 7d7066863b4ebf63c0b4593bf65608b34f178893
content-length: 14077
GET

https://github.githubassets.com/assets/vendors-node_modules_github_text-expander-element_dist_index_js-78748950cb0c.js

msedge.exe

Remote address:

185.199.109.154:443

Request

GET /assets/vendors-node_modules_github_text-expander-element_dist_index_js-78748950cb0c.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Tue, 12 Nov 2024 00:52:41 GMT
etag: "0x8DD02B4500E579D"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 25 Dec 2024 11:22:46 GMT
age: 1446021
x-served-by: cache-iad-kjyo7100066-IAD, cache-ams21077-AMS
x-cache: HIT, HIT
x-cache-hits: 6772, 1806
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: b089ebdee9cbba2b62b792139ad933a5865c178e
content-length: 3918
GET

https://github.githubassets.com/assets/vendors-node_modules_github_filter-input-element_dist_index_js-node_modules_github_remote-inp-b5f1d7-a1760ffda83d.js

msedge.exe

Remote address:

185.199.109.154:443

Request

GET /assets/vendors-node_modules_github_filter-input-element_dist_index_js-node_modules_github_remote-inp-b5f1d7-a1760ffda83d.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Thu, 05 Dec 2024 15:49:16 GMT
etag: "0x8DD15445FBFE222"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 25 Dec 2024 11:22:46 GMT
age: 1446021
x-served-by: cache-iad-kiad7000130-IAD, cache-ams21077-AMS
x-cache: HIT, HIT
x-cache-hits: 22076, 1791
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 1b0901491543fa520bfd1991ff3d05c812492b73
content-length: 4848
GET

https://github.githubassets.com/assets/vendors-node_modules_github_markdown-toolbar-element_dist_index_js-ceef33f593fa.js

msedge.exe

Remote address:

185.199.109.154:443

Request

GET /assets/vendors-node_modules_github_markdown-toolbar-element_dist_index_js-ceef33f593fa.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Wed, 11 Dec 2024 22:19:04 GMT
etag: "0x8DD1A31D2913996"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 25 Dec 2024 11:22:46 GMT
age: 694652
x-served-by: cache-iad-kcgs7200056-IAD, cache-ams21077-AMS
x-cache: HIT, HIT
x-cache-hits: 3, 1877
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: b90d9d2462c063ad286e12819d4b58dcfd5cbe18
content-length: 3629
GET

https://github.githubassets.com/assets/vendors-node_modules_github_file-attachment-element_dist_index_js-node_modules_primer_view-co-c44a69-c6d035fa8dc8.js

msedge.exe

Remote address:

185.199.109.154:443

Request

GET /assets/vendors-node_modules_github_file-attachment-element_dist_index_js-node_modules_primer_view-co-c44a69-c6d035fa8dc8.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Tue, 12 Nov 2024 14:39:55 GMT
etag: "0x8DD0327E029647C"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 25 Dec 2024 11:22:46 GMT
age: 1446020
x-served-by: cache-iad-kiad7000023-IAD, cache-ams21077-AMS
x-cache: HIT, HIT
x-cache-hits: 4899, 1784
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: bab5f41a35a82a4729bbebe45912c825cdd760a3
content-length: 3080
GET

https://github.githubassets.com/assets/github-elements-f991cfab5105.js

msedge.exe

Remote address:

185.199.109.154:443

Request

GET /assets/github-elements-f991cfab5105.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Thu, 08 Aug 2024 18:12:13 GMT
etag: "0x8DCB7D5A12F8D41"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 25 Dec 2024 11:22:46 GMT
age: 758207
x-served-by: cache-iad-kiad7000168-IAD, cache-ams21077-AMS
x-cache: HIT, HIT
x-cache-hits: 963, 1724
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: f88eb1a350144970a9a0c6de6462523cd2f6d71e
content-length: 3284
GET

https://github.githubassets.com/assets/element-registry-d283cbab281e.js

msedge.exe

Remote address:

185.199.109.154:443

Request

GET /assets/element-registry-d283cbab281e.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Mon, 25 Nov 2024 14:39:36 GMT
etag: "0x8DD0D5EFC4A53FF"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 25 Dec 2024 11:22:46 GMT
age: 1735075
x-served-by: cache-iad-kiad7000134-IAD, cache-ams21077-AMS
x-cache: HIT, HIT
x-cache-hits: 6204, 1757
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: b7d495d97c803c8b344318b3754b45bfc5992aa7
content-length: 735
GET

https://github.githubassets.com/assets/vendors-node_modules_braintree_browser-detection_dist_browser-detection_js-node_modules_githu-bb80ec-7f43298e364b.js

msedge.exe

Remote address:

185.199.109.154:443

Request

GET /assets/vendors-node_modules_braintree_browser-detection_dist_browser-detection_js-node_modules_githu-bb80ec-7f43298e364b.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Tue, 12 Nov 2024 00:52:41 GMT
etag: "0x8DD02B4500CD2AA"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 25 Dec 2024 11:22:46 GMT
age: 1446020
x-served-by: cache-iad-kjyo7100040-IAD, cache-ams21077-AMS
x-cache: HIT, HIT
x-cache-hits: 33, 1817
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: b0dc32c27a8a9b9a00e001cbdceb2c40a93683dd
content-length: 5756
GET

https://github.githubassets.com/assets/vendors-node_modules_lit-html_lit-html_js-be8cb88f481b.js

msedge.exe

Remote address:

185.199.109.154:443

Request

GET /assets/vendors-node_modules_lit-html_lit-html_js-be8cb88f481b.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Mon, 25 Nov 2024 14:39:52 GMT
etag: "0x8DD0D5F05CBAB3B"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 25 Dec 2024 11:22:46 GMT
age: 1737996
x-served-by: cache-iad-kiad7000130-IAD, cache-ams21077-AMS
x-cache: HIT, HIT
x-cache-hits: 2, 1794
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 0376cdf0b36756b64cedd6617dde73796b20d174
content-length: 6786
GET

https://github.githubassets.com/assets/vendors-node_modules_github_mini-throttle_dist_index_js-node_modules_morphdom_dist_morphdom-e-7c534c-a4a1922eb55f.js

msedge.exe

Remote address:

185.199.109.154:443

Request

GET /assets/vendors-node_modules_github_mini-throttle_dist_index_js-node_modules_morphdom_dist_morphdom-e-7c534c-a4a1922eb55f.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Tue, 10 Dec 2024 22:28:17 GMT
etag: "0x8DD1969F1BFDB43"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 25 Dec 2024 11:22:46 GMT
age: 1251441
x-served-by: cache-iad-kjyo7100119-IAD, cache-ams21077-AMS
x-cache: HIT, HIT
x-cache-hits: 89, 1825
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 24279c76f9287e6598a8088046c023adfd6c8d5f
content-length: 6141
GET

https://github.githubassets.com/assets/vendors-node_modules_github_turbo_dist_turbo_es2017-esm_js-e3cbe28f1638.js

msedge.exe

Remote address:

185.199.109.154:443

Request

GET /assets/vendors-node_modules_github_turbo_dist_turbo_es2017-esm_js-e3cbe28f1638.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Tue, 10 Dec 2024 09:56:04 GMT
etag: "0x8DD1900DC86F5C7"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 25 Dec 2024 11:22:46 GMT
age: 1209923
x-served-by: cache-iad-kcgs7200058-IAD, cache-ams21077-AMS
x-cache: HIT, HIT
x-cache-hits: 4, 1840
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 4f5ae2106ea4dcc078ca4c70585ae963f4f878bd
content-length: 3407
GET

https://github.githubassets.com/assets/vendors-node_modules_github_remote-form_dist_index_js-node_modules_delegated-events_dist_inde-893f9f-6cf3320416b8.js

msedge.exe

Remote address:

185.199.109.154:443

Request

GET /assets/vendors-node_modules_github_remote-form_dist_index_js-node_modules_delegated-events_dist_inde-893f9f-6cf3320416b8.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Tue, 15 Oct 2024 16:12:32 GMT
etag: "0x8DCED342CC2D5FC"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 25 Dec 2024 11:22:46 GMT
age: 3727185
x-served-by: cache-iad-kcgs7200039-IAD, cache-ams21077-AMS
x-cache: HIT, HIT
x-cache-hits: 22179, 1759
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: c856bfbfa4175d599b11a485fa9c587cb11a3be5
content-length: 3363
GET

https://github.githubassets.com/assets/vendors-node_modules_color-convert_index_js-e3180fe3bcb3.js

msedge.exe

Remote address:

185.199.109.154:443

Request

GET /assets/vendors-node_modules_color-convert_index_js-e3180fe3bcb3.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Thu, 05 Dec 2024 15:49:17 GMT
etag: "0x8DD15446030C279"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 25 Dec 2024 11:22:46 GMT
age: 1446020
x-served-by: cache-iad-kiad7000040-IAD, cache-ams21077-AMS
x-cache: HIT, HIT
x-cache-hits: 12866, 1838
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: ce0f19ef23859ff2b061a694c550bca0fe4cdc3b
content-length: 18635
GET

https://github.githubassets.com/assets/vendors-node_modules_github_quote-selection_dist_index_js-node_modules_github_session-resume_-69cfcc-833249ee3034.js

msedge.exe

Remote address:

185.199.109.154:443

Request

GET /assets/vendors-node_modules_github_quote-selection_dist_index_js-node_modules_github_session-resume_-69cfcc-833249ee3034.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Thu, 08 Aug 2024 18:12:13 GMT
etag: "0x8DCB7D5A12F3F7D"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 25 Dec 2024 11:22:46 GMT
age: 2427680
x-served-by: cache-iad-kcgs7200153-IAD, cache-ams21077-AMS
x-cache: HIT, HIT
x-cache-hits: 8214, 1742
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: cfc7a5651e63783fe76bcb1c736061d4b1734811
content-length: 3816
GET

https://github.githubassets.com/assets/ui_packages_updatable-content_updatable-content_ts-863ef5872a03.js

msedge.exe

Remote address:

185.199.109.154:443

Request

GET /assets/ui_packages_updatable-content_updatable-content_ts-863ef5872a03.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Thu, 05 Dec 2024 15:49:17 GMT
etag: "0x8DD1544602F3D8E"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 25 Dec 2024 11:22:46 GMT
age: 674583
x-served-by: cache-iad-kiad7000100-IAD, cache-ams21077-AMS
x-cache: HIT, HIT
x-cache-hits: 34, 1930
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 8404b7940765c25a0c6b07673f66254cf132256b
content-length: 19397
GET

https://github.githubassets.com/assets/app_assets_modules_github_behaviors_task-list_ts-app_assets_modules_github_sso_ts-ui_packages-900dde-917d4bda1f1a.js

msedge.exe

Remote address:

185.199.109.154:443

Request

GET /assets/app_assets_modules_github_behaviors_task-list_ts-app_assets_modules_github_sso_ts-ui_packages-900dde-917d4bda1f1a.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Tue, 12 Nov 2024 00:52:41 GMT
etag: "0x8DD02B44FAF168F"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 25 Dec 2024 11:22:46 GMT
age: 1446020
x-served-by: cache-iad-kiad7000037-IAD, cache-ams21077-AMS
x-cache: HIT, HIT
x-cache-hits: 34, 1810
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 77670c2d0b24ab92b1e6882e02c4ee5558037c0e
content-length: 2385
GET

https://github.githubassets.com/assets/app_assets_modules_github_sticky-scroll-into-view_ts-7cbef09a422c.js

msedge.exe

Remote address:

185.199.109.154:443

Request

GET /assets/app_assets_modules_github_sticky-scroll-into-view_ts-7cbef09a422c.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Tue, 12 Nov 2024 00:52:40 GMT
etag: "0x8DD02B44F3EF886"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 25 Dec 2024 11:22:46 GMT
age: 1446020
x-served-by: cache-iad-kcgs7200145-IAD, cache-ams21077-AMS
x-cache: HIT, HIT
x-cache-hits: 34, 1809
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: ea362a9371c8e9333bb861215ae60b3ad91db5d3
content-length: 4851
GET

https://github.githubassets.com/assets/app_assets_modules_github_behaviors_ajax-error_ts-app_assets_modules_github_behaviors_include-d0d0a6-b41aeef03499.js

msedge.exe

Remote address:

185.199.109.154:443

Request

GET /assets/app_assets_modules_github_behaviors_ajax-error_ts-app_assets_modules_github_behaviors_include-d0d0a6-b41aeef03499.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Mon, 09 Dec 2024 17:45:32 GMT
etag: "0x8DD1879474B8D64"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 25 Dec 2024 11:22:46 GMT
age: 1251441
x-served-by: cache-iad-kcgs7200057-IAD, cache-ams21077-AMS
x-cache: HIT, HIT
x-cache-hits: 89, 1831
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 27b12e88d68105940db1bd127db49c8184dee192
content-length: 4452
GET

https://github.githubassets.com/assets/app_assets_modules_github_behaviors_commenting_edit_ts-app_assets_modules_github_behaviors_ht-83c235-fb43816ab83c.js

msedge.exe

Remote address:

185.199.109.154:443

Request

GET /assets/app_assets_modules_github_behaviors_commenting_edit_ts-app_assets_modules_github_behaviors_ht-83c235-fb43816ab83c.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Thu, 05 Dec 2024 15:49:11 GMT
etag: "0x8DD15445D10CB59"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 25 Dec 2024 11:22:46 GMT
age: 1446020
x-served-by: cache-iad-kcgs7200049-IAD, cache-ams21077-AMS
x-cache: HIT, HIT
x-cache-hits: 4057, 1802
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 12a27b005cc7610b6c4ed978c7bc09f3a0b0adbf
content-length: 3027
GET

https://github.githubassets.com/assets/behaviors-a6abce982f3f.js

msedge.exe

Remote address:

185.199.109.154:443

Request

GET /assets/behaviors-a6abce982f3f.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Thu, 19 Dec 2024 22:25:52 GMT
etag: "0x8DD207C18FC3FA9"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 25 Dec 2024 11:22:46 GMT
age: 458362
x-served-by: cache-iad-kjyo7100114-IAD, cache-ams21077-AMS
x-cache: HIT, HIT
x-cache-hits: 83, 2015
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 6a74fc8632a52b11e65e43366ab0370a8c5a633f
content-length: 60145
GET

https://github.githubassets.com/assets/vendors-node_modules_delegated-events_dist_index_js-node_modules_github_catalyst_lib_index_js-f6223d90c7ba.js

msedge.exe

Remote address:

185.199.109.154:443

Request

GET /assets/vendors-node_modules_delegated-events_dist_index_js-node_modules_github_catalyst_lib_index_js-f6223d90c7ba.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Mon, 25 Nov 2024 14:39:27 GMT
etag: "0x8DD0D5EF6E1B53E"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 25 Dec 2024 11:22:46 GMT
age: 1813312
x-served-by: cache-iad-kcgs7200138-IAD, cache-ams21077-AMS
x-cache: HIT, HIT
x-cache-hits: 2, 1785
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 26f5b094d135f45db4414491388763e9f4bfbc23
content-length: 3083
GET

https://github.githubassets.com/assets/notifications-global-cfcd9f4f0f23.js

msedge.exe

Remote address:

185.199.109.154:443

Request

GET /assets/notifications-global-cfcd9f4f0f23.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Tue, 19 Nov 2024 17:47:26 GMT
etag: "0x8DD08C23B22EDF8"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 25 Dec 2024 11:22:46 GMT
age: 2436469
x-served-by: cache-iad-kiad7000141-IAD, cache-ams21077-AMS
x-cache: HIT, HIT
x-cache-hits: 24957, 1774
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: d639d1f52027cca5dfbdcb66d8daeb808b5cfb68
content-length: 4143
GET

https://github.githubassets.com/assets/vendors-node_modules_virtualized-list_es_index_js-node_modules_github_template-parts_lib_index_js-96453a51f920.js

msedge.exe

Remote address:

185.199.109.154:443

Request

GET /assets/vendors-node_modules_virtualized-list_es_index_js-node_modules_github_template-parts_lib_index_js-96453a51f920.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Tue, 10 Dec 2024 22:28:27 GMT
etag: "0x8DD1969F7D55965"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 25 Dec 2024 11:22:46 GMT
age: 713038
x-served-by: cache-iad-kcgs7200176-IAD, cache-ams21077-AMS
x-cache: HIT, HIT
x-cache-hits: 51, 1179
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: eb24ab16aa373a5b5110997ea4b03dafb89bf370
content-length: 16144
GET

https://github.githubassets.com/assets/vendors-node_modules_github_remote-form_dist_index_js-node_modules_delegated-events_dist_inde-70450e-eecf0d50276f.js

msedge.exe

Remote address:

185.199.109.154:443

Request

GET /assets/vendors-node_modules_github_remote-form_dist_index_js-node_modules_delegated-events_dist_inde-70450e-eecf0d50276f.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Thu, 05 Dec 2024 15:49:16 GMT
etag: "0x8DD15445FC3AE69"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 25 Dec 2024 11:22:46 GMT
age: 1446004
x-served-by: cache-iad-kcgs7200159-IAD, cache-ams21077-AMS
x-cache: HIT, HIT
x-cache-hits: 22, 1273
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: ef10315eca0681e2fa5a8a4c21c8e544edbea285
content-length: 6126
GET

https://github.githubassets.com/assets/app_assets_modules_github_ref-selector_ts-842c74d2eab4.js

msedge.exe

Remote address:

185.199.109.154:443

Request

GET /assets/app_assets_modules_github_ref-selector_ts-842c74d2eab4.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Thu, 05 Dec 2024 15:49:16 GMT
etag: "0x8DD15445FC02FE8"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 25 Dec 2024 11:22:46 GMT
age: 1053824
x-served-by: cache-iad-kiad7000022-IAD, cache-ams21077-AMS
x-cache: HIT, HIT
x-cache-hits: 1952, 1160
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: e10e2b5a68d93f04f80eda0399e9ebbfccba31f2
content-length: 3500
GET

https://github.githubassets.com/assets/codespaces-a493a4b9528f.js

msedge.exe

Remote address:

185.199.109.154:443

Request

GET /assets/codespaces-a493a4b9528f.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Thu, 05 Dec 2024 15:49:07 GMT
etag: "0x8DD15445A24BD36"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 25 Dec 2024 11:22:46 GMT
age: 1446005
x-served-by: cache-iad-kcgs7200068-IAD, cache-ams21077-AMS
x-cache: HIT, HIT
x-cache-hits: 17, 1053
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: b7983a091e1fc3da90c56bf4613407f05f8bca9d
content-length: 5491
GET

https://github.githubassets.com/assets/vendors-node_modules_github_filter-input-element_dist_index_js-node_modules_github_remote-inp-3eebbd-0763620ad7bf.js

msedge.exe

Remote address:

185.199.109.154:443

Request

GET /assets/vendors-node_modules_github_filter-input-element_dist_index_js-node_modules_github_remote-inp-3eebbd-0763620ad7bf.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Thu, 08 Aug 2024 18:12:15 GMT
etag: "0x8DCB7D5A25F63A1"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 25 Dec 2024 11:22:46 GMT
age: 3094465
x-served-by: cache-iad-kiad7000040-IAD, cache-ams21077-AMS
x-cache: HIT, HIT
x-cache-hits: 15146, 1350
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 71b320ebdae2bd112ca520df2daf3b161ac853c4
content-length: 3888
GET

https://github.githubassets.com/assets/vendors-node_modules_github_mini-throttle_dist_decorators_js-node_modules_delegated-events_di-e161aa-9d41fb1b6c9e.js

msedge.exe

Remote address:

185.199.109.154:443

Request

GET /assets/vendors-node_modules_github_mini-throttle_dist_decorators_js-node_modules_delegated-events_di-e161aa-9d41fb1b6c9e.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Sat, 16 Nov 2024 19:35:21 GMT
etag: "0x8DD0675CF86BAD9"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 25 Dec 2024 11:22:46 GMT
age: 1446005
x-served-by: cache-iad-kiad7000054-IAD, cache-ams21077-AMS
x-cache: HIT, HIT
x-cache-hits: 1990, 1212
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 5d2d0cb956e81bb7be78273c549da491b985f09e
content-length: 4341
GET

https://github.githubassets.com/assets/vendors-node_modules_github_file-attachment-element_dist_index_js-node_modules_github_remote--3c9c82-7238cfcdaa51.js

msedge.exe

Remote address:

185.199.109.154:443

Request

GET /assets/vendors-node_modules_github_file-attachment-element_dist_index_js-node_modules_github_remote--3c9c82-7238cfcdaa51.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Mon, 25 Nov 2024 14:39:53 GMT
etag: "0x8DD0D5F064BBD59"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 25 Dec 2024 11:22:46 GMT
age: 1836167
x-served-by: cache-iad-kiad7000150-IAD, cache-ams21077-AMS
x-cache: HIT, HIT
x-cache-hits: 1, 1039
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: ec7502738ce5e48ea4443937d83e61ac96ba0966
content-length: 4975
GET

https://github.githubassets.com/assets/repositories-f3093651fb0e.js

msedge.exe

Remote address:

185.199.109.154:443

Request

GET /assets/repositories-f3093651fb0e.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Wed, 11 Dec 2024 22:19:00 GMT
etag: "0x8DD1A31D010928E"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 25 Dec 2024 11:22:46 GMT
age: 741791
x-served-by: cache-iad-kiad7000113-IAD, cache-ams21077-AMS
x-cache: HIT, HIT
x-cache-hits: 29, 1476
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 37d7a2fd0a68fd2ef0349f96d98d96b0fcf829e6
content-length: 4986
GET

https://github.githubassets.com/assets/vendors-node_modules_github_mini-throttle_dist_index_js-node_modules_github_catalyst_lib_inde-dbbea9-26cce2010167.js

msedge.exe

Remote address:

185.199.109.154:443

Request

GET /assets/vendors-node_modules_github_mini-throttle_dist_index_js-node_modules_github_catalyst_lib_inde-dbbea9-26cce2010167.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Wed, 18 Dec 2024 21:21:05 GMT
etag: "0x8DD1FA9E1A14879"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 25 Dec 2024 11:22:46 GMT
age: 490557
x-served-by: cache-iad-kjyo7100061-IAD, cache-ams21077-AMS
x-cache: HIT, HIT
x-cache-hits: 3456, 1976
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: f7c6387db97f00cd5c3a4ce6d7a5648eb4c4ecf5
content-length: 6241
GET

https://github.githubassets.com/assets/code-menu-b5f092ec4b30.js

msedge.exe

Remote address:

185.199.109.154:443

Request

GET /assets/code-menu-b5f092ec4b30.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Thu, 05 Dec 2024 15:49:17 GMT
etag: "0x8DD1544602C33B7"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 25 Dec 2024 11:22:46 GMT
age: 1445506
x-served-by: cache-iad-kjyo7100030-IAD, cache-ams21077-AMS
x-cache: HIT, HIT
x-cache-hits: 7205, 1609
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: b076f32c1b1c4c61c6137ea542f3b1a85c2e796d
content-length: 5246
GET

https://github.githubassets.com/assets/primer-react-753dc87b1e29.js

msedge.exe

Remote address:

185.199.109.154:443

Request

GET /assets/primer-react-753dc87b1e29.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Mon, 25 Nov 2024 15:32:22 GMT
etag: "0x8DD0D665B346AD3"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 25 Dec 2024 11:22:46 GMT
age: 707145
x-served-by: cache-iad-kiad7000020-IAD, cache-ams21077-AMS
x-cache: HIT, HIT
x-cache-hits: 2674, 1601
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 76a52695ed14cfe2faffc245d274fde36b93112e
content-length: 4152
GET

https://github.githubassets.com/assets/react-core-accb67f1350f.js

msedge.exe

Remote address:

185.199.109.154:443

Request

GET /assets/react-core-accb67f1350f.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Mon, 25 Nov 2024 15:32:27 GMT
etag: "0x8DD0D665E7C17D4"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 25 Dec 2024 11:22:46 GMT
age: 1446005
x-served-by: cache-iad-kcgs7200094-IAD, cache-ams21077-AMS
x-cache: HIT, HIT
x-cache-hits: 18, 1168
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 2504c292bdafbd6e74b9433be486a7a7443f46ab
content-length: 2646
GET

https://github.githubassets.com/assets/react-lib-2131e17288a8.js

msedge.exe

Remote address:

185.199.109.154:443

Request

GET /assets/react-lib-2131e17288a8.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Fri, 13 Dec 2024 17:20:12 GMT
etag: "0x8DD1B9A66F92367"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 25 Dec 2024 11:22:46 GMT
age: 741795
x-served-by: cache-iad-kcgs7200070-IAD, cache-ams21077-AMS
x-cache: HIT, HIT
x-cache-hits: 3, 2138
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: eec64d0b708e7ff81c71d83351315c3275218dd4
content-length: 108340
GET

https://github.githubassets.com/assets/octicons-react-45c3a19dd792.js

msedge.exe

Remote address:

185.199.109.154:443

Request

GET /assets/octicons-react-45c3a19dd792.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Tue, 12 Nov 2024 14:39:55 GMT
etag: "0x8DD0327E025E5FB"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 25 Dec 2024 11:22:46 GMT
age: 1446021
x-served-by: cache-iad-kcgs7200172-IAD, cache-ams21077-AMS
x-cache: HIT, HIT
x-cache-hits: 13092, 1941
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: d05ff2ffc8d4b265906a3f283a0912fcb0a70cbc
content-length: 3077
GET

https://github.githubassets.com/assets/vendors-node_modules_tanstack_query-core_build_modern_queryClient_js-e6f07a7e80b7.js

msedge.exe

Remote address:

185.199.109.154:443

Request

GET /assets/vendors-node_modules_tanstack_query-core_build_modern_queryClient_js-e6f07a7e80b7.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Mon, 09 Dec 2024 13:29:38 GMT
etag: "0x8DD185587B55AC2"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 25 Dec 2024 11:22:46 GMT
age: 1261253
x-served-by: cache-iad-kcgs7200080-IAD, cache-ams21077-AMS
x-cache: HIT, HIT
x-cache-hits: 55, 1482
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 7ccf3cfe3ba1032711d8756f5b055cd0f30bb0ca
content-length: 5400
GET

https://github.githubassets.com/assets/vendors-node_modules_emotion_is-prop-valid_dist_emotion-is-prop-valid_esm_js-node_modules_emo-37e3d5-92730c05e718.js

msedge.exe

Remote address:

185.199.109.154:443

Request

GET /assets/vendors-node_modules_emotion_is-prop-valid_dist_emotion-is-prop-valid_esm_js-node_modules_emo-37e3d5-92730c05e718.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Tue, 12 Nov 2024 00:52:38 GMT
etag: "0x8DD02B44DEAF90D"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 25 Dec 2024 11:22:46 GMT
age: 1446020
x-served-by: cache-iad-kjyo7100051-IAD, cache-ams21077-AMS
x-cache: HIT, HIT
x-cache-hits: 34, 2020
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 22f157f37dcd338075ef98329fe88ce918dbfb97
content-length: 54804
GET

https://github.githubassets.com/assets/vendors-node_modules_github_mini-throttle_dist_index_js-node_modules_stacktrace-parser_dist_s-e7dcdd-f7cc96ebae76.js

msedge.exe

Remote address:

185.199.109.154:443

Request

GET /assets/vendors-node_modules_github_mini-throttle_dist_index_js-node_modules_stacktrace-parser_dist_s-e7dcdd-f7cc96ebae76.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Wed, 02 Oct 2024 18:46:02 GMT
etag: "0x8DCE3127730EEAF"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 25 Dec 2024 11:22:46 GMT
age: 2523325
x-served-by: cache-iad-kiad7000161-IAD, cache-ams21077-AMS
x-cache: HIT, HIT
x-cache-hits: 11824, 1983
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: ab631a142234f947a3a2c1b28cceffc5858d8afe
content-length: 90797
GET

https://github.githubassets.com/assets/vendors-node_modules_oddbird_popover-polyfill_dist_popover-fn_js-55fea94174bf.js

msedge.exe

Remote address:

185.199.109.154:443

Request

GET /assets/vendors-node_modules_oddbird_popover-polyfill_dist_popover-fn_js-55fea94174bf.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Thu, 05 Dec 2024 15:49:17 GMT
etag: "0x8DD154460870CCD"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 25 Dec 2024 11:22:46 GMT
age: 1446021
x-served-by: cache-iad-kjyo7100114-IAD, cache-ams21077-AMS
x-cache: HIT, HIT
x-cache-hits: 8508, 1962
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: e9ed22893e1f733a1af4a3ec8b01422d66145a9b
content-length: 7079
GET

https://github.githubassets.com/assets/notifications-subscriptions-menu-51601778bd8d.js

msedge.exe

Remote address:

185.199.109.154:443

Request

GET /assets/notifications-subscriptions-menu-51601778bd8d.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Thu, 05 Dec 2024 15:49:16 GMT
etag: "0x8DD15445FBEF8D2"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 25 Dec 2024 11:22:46 GMT
age: 698706
x-served-by: cache-iad-kiad7000052-IAD, cache-ams21077-AMS
x-cache: HIT, HIT
x-cache-hits: 34, 1970
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 2359eadd2a9fcdb62a65d10442265950e5a533a2
content-length: 9716
GET

https://github.githubassets.com/assets/ui_packages_ui-commands_ui-commands_ts-df3b47d86af0.js

msedge.exe

Remote address:

185.199.109.154:443

Request

GET /assets/ui_packages_ui-commands_ui-commands_ts-df3b47d86af0.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Thu, 05 Dec 2024 15:49:17 GMT
etag: "0x8DD1544602C817F"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 25 Dec 2024 11:22:46 GMT
age: 1446021
x-served-by: cache-iad-kjyo7100132-IAD, cache-ams21077-AMS
x-cache: HIT, HIT
x-cache-hits: 7144, 1946
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 7fe775e1fe2da6374e154034e9b289c7a3e7460e
content-length: 5120
GET

https://github.githubassets.com/assets/keyboard-shortcuts-dialog-958cae8ecd6c.js

msedge.exe

Remote address:

185.199.109.154:443

Request

GET /assets/keyboard-shortcuts-dialog-958cae8ecd6c.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Mon, 09 Dec 2024 13:29:36 GMT
etag: "0x8DD185586577B2A"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 25 Dec 2024 11:22:46 GMT
age: 1261264
x-served-by: cache-iad-kcgs7200178-IAD, cache-ams21077-AMS
x-cache: HIT, HIT
x-cache-hits: 56, 1821
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 8e3d9e5c05a7ac4e591bd3c9f2dde70adcd97f2c
content-length: 6212
GET

https://github.githubassets.com/assets/vendors-node_modules_github_remote-form_dist_index_js-node_modules_delegated-events_dist_inde-94fd67-73b675cf164a.js

msedge.exe

Remote address:

185.199.109.154:443

Request

GET /assets/vendors-node_modules_github_remote-form_dist_index_js-node_modules_delegated-events_dist_inde-94fd67-73b675cf164a.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Wed, 11 Dec 2024 22:19:01 GMT
etag: "0x8DD1A31D0950C44"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 25 Dec 2024 11:22:46 GMT
age: 741790
x-served-by: cache-iad-kiad7000130-IAD, cache-ams21077-AMS
x-cache: HIT, HIT
x-cache-hits: 30, 1230
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: ba8993d6f2747f18c5f7dc415a98374da74ca00b
content-length: 3489
GET

https://github.githubassets.com/assets/sessions-5d6426bbf16a.js

msedge.exe

Remote address:

185.199.109.154:443

Request

GET /assets/sessions-5d6426bbf16a.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Thu, 19 Dec 2024 17:20:57 GMT
etag: "0x8DD205180915E18"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 25 Dec 2024 11:22:46 GMT
age: 490558
x-served-by: cache-iad-kjyo7100141-IAD, cache-ams21077-AMS
x-cache: HIT, HIT
x-cache-hits: 33, 2166
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: dadf2e81d453ede56972822605b3db7269514df5
content-length: 40640
GET

https://github.githubassets.com/assets/chunk-app_components_primer_experimental_select-panel-element_ts-4becf93aa968.js

msedge.exe

Remote address:

185.199.109.154:443

Request

GET /assets/chunk-app_components_primer_experimental_select-panel-element_ts-4becf93aa968.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Wed, 11 Dec 2024 22:19:00 GMT
etag: "0x8DD1A31D05E5B2D"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 25 Dec 2024 11:22:46 GMT
age: 741796
x-served-by: cache-iad-kiad7000168-IAD, cache-ams21077-AMS
x-cache: HIT, HIT
x-cache-hits: 691, 1825
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: b1521f165c930ba704fcc89d5b76046e4e2fb57b
content-length: 7760
GET

https://github.githubassets.com/assets/chunk-app_components_primer_experimental_toggle-switch-element_ts-04349cb42240.js

msedge.exe

Remote address:

185.199.109.154:443

Request

GET /assets/chunk-app_components_primer_experimental_toggle-switch-element_ts-04349cb42240.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Fri, 06 Dec 2024 19:19:22 GMT
etag: "0x8DD162AE3C55516"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 25 Dec 2024 11:22:46 GMT
age: 515405
x-served-by: cache-iad-kiad7000044-IAD, cache-ams21077-AMS
x-cache: HIT, HIT
x-cache-hits: 2, 1766
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: e33d5983fc94264c78fa2d3e3b6a88b1679d8511
content-length: 6323
GET

https://github.githubassets.com/assets/chunk-app_components_search_custom-scopes-element_ts-e27cda452715.js

msedge.exe

Remote address:

185.199.109.154:443

Request

GET /assets/chunk-app_components_search_custom-scopes-element_ts-e27cda452715.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Tue, 12 Nov 2024 00:52:32 GMT
etag: "0x8DD02B44A573252"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 25 Dec 2024 11:22:46 GMT
age: 1446020
x-served-by: cache-iad-kcgs7200111-IAD, cache-ams21077-AMS
x-cache: HIT, HIT
x-cache-hits: 33, 1710
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 03ca29531ba60b0bf8ebf38572e4b70a5108977e
content-length: 543
GET

https://github.githubassets.com/assets/chunk-vendors-node_modules_github_mini-throttle_dist_index_js-node_modules_github_combobox-nav_dist-b7767a-9ad7d4eda3d9.js

msedge.exe

Remote address:

185.199.109.154:443

Request

GET /assets/chunk-vendors-node_modules_github_mini-throttle_dist_index_js-node_modules_github_combobox-nav_dist-b7767a-9ad7d4eda3d9.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Thu, 05 Dec 2024 15:49:06 GMT
etag: "0x8DD154459929787"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 25 Dec 2024 11:22:46 GMT
age: 1446021
x-served-by: cache-iad-kiad7000145-IAD, cache-ams21077-AMS
x-cache: HIT, HIT
x-cache-hits: 13517, 1631
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 33f7a05bbc7560dfe5a90ce3c7c0b4a08255bb02
content-length: 4066
GET

https://github.githubassets.com/assets/ui_packages_query-builder-element_query-builder-element_ts-405952f48873.js

msedge.exe

Remote address:

185.199.109.154:443

Request

GET /assets/ui_packages_query-builder-element_query-builder-element_ts-405952f48873.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Fri, 06 Dec 2024 19:19:21 GMT
etag: "0x8DD162AE37E62AA"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 25 Dec 2024 11:22:46 GMT
age: 515404
x-served-by: cache-iad-kjyo7100125-IAD, cache-ams21077-AMS
x-cache: HIT, HIT
x-cache-hits: 3508, 1842
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 7f047cbc2992493a2cf32de74a1d67c4b01ad93f
content-length: 2920
GET

https://github.githubassets.com/assets/app_assets_modules_github_blob-anchor_ts-ui_packages_code-nav_code-nav_ts-ui_packages_filter--8253c1-f38cdfca9137.js

msedge.exe

Remote address:

185.199.109.154:443

Request

GET /assets/app_assets_modules_github_blob-anchor_ts-ui_packages_code-nav_code-nav_ts-ui_packages_filter--8253c1-f38cdfca9137.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Wed, 11 Dec 2024 22:19:01 GMT
etag: "0x8DD1A31D08393AD"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 25 Dec 2024 11:22:46 GMT
age: 683985
x-served-by: cache-iad-kjyo7100056-IAD, cache-ams21077-AMS
x-cache: HIT, HIT
x-cache-hits: 2, 1695
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 7914b93318f54b9accadfebd61d45e7625b28738
content-length: 4436
GET

https://github.githubassets.com/assets/chunk-ui_packages_hydro-analytics_hydro-analytics_ts-ui_packages_jump-to-element_model_ts-201ddaee8e7d.js

msedge.exe

Remote address:

185.199.109.154:443

Request

GET /assets/chunk-ui_packages_hydro-analytics_hydro-analytics_ts-ui_packages_jump-to-element_model_ts-201ddaee8e7d.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Thu, 12 Dec 2024 15:17:53 GMT
etag: "0x8DD1AC026545DBA"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 25 Dec 2024 11:22:46 GMT
age: 515405
x-served-by: cache-iad-kiad7000126-IAD, cache-ams21077-AMS
x-cache: HIT, HIT
x-cache-hits: 2, 1763
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 5f3470cc9f634d13ed68c119c992d79a97ff7dea
content-length: 16643
GET

https://github.githubassets.com/assets/chunk-app_components_search_qbsearch-input-element_ts-343b1f8e02e1.js

msedge.exe

Remote address:

185.199.109.154:443

Request

GET /assets/chunk-app_components_search_qbsearch-input-element_ts-343b1f8e02e1.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Fri, 06 Dec 2024 19:19:22 GMT
etag: "0x8DD162AE3BAD98C"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 25 Dec 2024 11:22:46 GMT
age: 515404
x-served-by: cache-iad-kiad7000114-IAD, cache-ams21077-AMS
x-cache: HIT, HIT
x-cache-hits: 2, 1763
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 5be1236797d2ca0351d0975e328da4a6b516c1b6
content-length: 5020
GET

https://github.githubassets.com/assets/chunk-ui_packages_cookie-consent-link-element_element-entry_ts-0ade2bf7a852.js

msedge.exe

Remote address:

185.199.109.154:443

Request

GET /assets/chunk-ui_packages_cookie-consent-link-element_element-entry_ts-0ade2bf7a852.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Wed, 18 Dec 2024 13:39:03 GMT
etag: "0x8DD1F695643DD5B"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 25 Dec 2024 11:22:46 GMT
age: 515405
x-served-by: cache-iad-kcgs7200121-IAD, cache-ams21077-AMS
x-cache: HIT, HIT
x-cache-hits: 2, 1754
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: d840b90ec93de3ea7dbb75210171e0b1a902a781
content-length: 2523
GET

https://github.githubassets.com/assets/chunk-ui_packages_ghcc-consent-element_element-entry_ts-28a44339e296.js

msedge.exe

Remote address:

185.199.109.154:443

Request

GET /assets/chunk-ui_packages_ghcc-consent-element_element-entry_ts-28a44339e296.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Fri, 06 Dec 2024 19:19:33 GMT
etag: "0x8DD162AEA51054B"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 25 Dec 2024 11:22:46 GMT
age: 515404
x-served-by: cache-iad-kiad7000077-IAD, cache-ams21077-AMS
x-cache: HIT, HIT
x-cache-hits: 1, 1773
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 8e9db69d05bacfb43061f0bf525acbd8c1557628
content-length: 7440
GET

https://github.githubassets.com/assets/chunk-vendors-node_modules_github_mini-throttle_dist_index_js-node_modules_github_combobox-nav_dist-5f477b-eeb221e8a5a3.js

msedge.exe

Remote address:

185.199.109.154:443

Request

GET /assets/chunk-vendors-node_modules_github_mini-throttle_dist_index_js-node_modules_github_combobox-nav_dist-5f477b-eeb221e8a5a3.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Tue, 12 Nov 2024 14:39:20 GMT
etag: "0x8DD0327CB20BA64"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 25 Dec 2024 11:22:46 GMT
age: 1446021
x-served-by: cache-iad-kjyo7100077-IAD, cache-ams21077-AMS
x-cache: HIT, HIT
x-cache-hits: 33, 1648
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: c6ba3a95d4bfe6bcd63b4501746055897207ff36
content-length: 5382
GET

https://github.githubassets.com/assets/chunk-ui_packages_hydro-analytics_hydro-analytics_ts-ui_packages_query-builder-element_element-entry_ts-bb301b3aed11.js

msedge.exe

Remote address:

185.199.109.154:443

Request

GET /assets/chunk-ui_packages_hydro-analytics_hydro-analytics_ts-ui_packages_query-builder-element_element-entry_ts-bb301b3aed11.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Fri, 06 Dec 2024 19:19:22 GMT
etag: "0x8DD162AE3BCFA12"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 25 Dec 2024 11:22:46 GMT
age: 515405
x-served-by: cache-iad-kcgs7200085-IAD, cache-ams21077-AMS
x-cache: HIT, HIT
x-cache-hits: 2, 1857
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: a2cadee18bf579ba29182402a24e1e3fc0c56e68
content-length: 3165
GET

https://github.githubassets.com/assets/chunk-ui_packages_webauthn-get-element_element-entry_ts-0937e3810b98.js

msedge.exe

Remote address:

185.199.109.154:443

Request

GET /assets/chunk-ui_packages_webauthn-get-element_element-entry_ts-0937e3810b98.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Fri, 06 Dec 2024 19:19:22 GMT
etag: "0x8DD162AE3BC3790"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 25 Dec 2024 11:22:47 GMT
age: 515406
x-served-by: cache-iad-kiad7000163-IAD, cache-ams21077-AMS
x-cache: HIT, HIT
x-cache-hits: 2, 1839
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 74c53fb54e0b3f59f1dff63fbfcb229aebd865de
content-length: 2790
GET

https://github.githubassets.com/assets/chunk-ui_packages_code-view-shared_components_files-search_FileResultsList_tsx-9889e76b905e.js

msedge.exe

Remote address:

185.199.109.154:443

Request

GET /assets/chunk-ui_packages_code-view-shared_components_files-search_FileResultsList_tsx-9889e76b905e.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Mon, 09 Dec 2024 13:29:32 GMT
etag: "0x8DD185583E1EC04"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 25 Dec 2024 11:22:47 GMT
age: 1261254
x-served-by: cache-iad-kjyo7100065-IAD, cache-ams21077-AMS
x-cache: HIT, HIT
x-cache-hits: 3643, 954
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 7d1dde1940cdd6210ef2c952a6a9eabeec2f574a
content-length: 5069
GET

https://github.githubassets.com/assets/chunk-vendors-node_modules_consent-banner_dist_consent-banner_js-362ca569b596.js

msedge.exe

Remote address:

185.199.109.154:443

Request

GET /assets/chunk-vendors-node_modules_consent-banner_dist_consent-banner_js-362ca569b596.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Tue, 12 Nov 2024 00:52:32 GMT
etag: "0x8DD02B44AD10969"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 25 Dec 2024 11:22:47 GMT
age: 1446021
x-served-by: cache-iad-kjyo7100146-IAD, cache-ams21077-AMS
x-cache: HIT, HIT
x-cache-hits: 21, 1690
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 82711d75ee9771fb258cf6cd536d52a12723be28
content-length: 9421
GET

https://github.githubassets.com/assets/react-code-view.6b587a69b593e23c3657.module.css

msedge.exe

Remote address:

185.199.109.154:443

Request

GET /assets/react-code-view.6b587a69b593e23c3657.module.css HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: text/css,*/*;q=0.1
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: style
referer: https://github.com/Da2dalus/The-MALWARE-Repo/tree/master/RAT
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Mon, 16 Sep 2024 23:19:54 GMT
etag: "0x8DCD6A6128E8C4A"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 25 Dec 2024 11:22:52 GMT
age: 2491246
x-served-by: cache-iad-kiad7000157-IAD, cache-ams21077-AMS
x-cache: HIT, HIT
x-cache-hits: 29, 593
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: ca8b24a406dd475a76604612615fb2fcb205ce4a
content-length: 2209
GET

https://github.githubassets.com/assets/vendors-node_modules_lodash-es__Stack_js-node_modules_lodash-es__Uint8Array_js-node_modules_l-4faaa6-10d8eea337ce.js

msedge.exe

Remote address:

185.199.109.154:443

Request

GET /assets/vendors-node_modules_lodash-es__Stack_js-node_modules_lodash-es__Uint8Array_js-node_modules_l-4faaa6-10d8eea337ce.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/tree/master/RAT
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Tue, 10 Dec 2024 01:09:57 GMT
etag: "0x8DD18B75D2F881B"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 25 Dec 2024 11:22:52 GMT
age: 1261270
x-served-by: cache-iad-kjyo7100101-IAD, cache-ams21077-AMS
x-cache: HIT, HIT
x-cache-hits: 84, 533
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: a3b0da3ff527f274bab76ea5fcaf1ea9db20877f
content-length: 9430
GET

https://github.githubassets.com/assets/vendors-node_modules_lodash-es__baseIsEqual_js-8929eb9718d5.js

msedge.exe

Remote address:

185.199.109.154:443

Request

GET /assets/vendors-node_modules_lodash-es__baseIsEqual_js-8929eb9718d5.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/tree/master/RAT
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: text/css
last-modified: Thu, 07 Nov 2024 20:35:22 GMT
etag: "0x8DCFF6BB3DAE07C"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 25 Dec 2024 11:22:52 GMT
age: 1799477
x-served-by: cache-iad-kjyo7100022-IAD, cache-ams21077-AMS
x-cache: HIT, HIT
x-cache-hits: 4935, 502
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: bcf005b0107496bc217701c4dc88b3bd00ab540e
content-length: 1101
GET

https://github.githubassets.com/assets/ui_packages_code-view-shared_utilities_web-worker_ts-ui_packages_code-view-shared_worker-jobs-cdcae1-f0dc8f3ae3e0.js

msedge.exe

Remote address:

185.199.109.154:443

Request

GET /assets/ui_packages_code-view-shared_utilities_web-worker_ts-ui_packages_code-view-shared_worker-jobs-cdcae1-f0dc8f3ae3e0.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/tree/master/RAT
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Tue, 12 Nov 2024 00:52:41 GMT
etag: "0x8DD02B4500E09CE"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 25 Dec 2024 11:22:52 GMT
age: 1446010
x-served-by: cache-iad-kcgs7200047-IAD, cache-ams21077-AMS
x-cache: HIT, HIT
x-cache-hits: 3232, 620
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 197e636ccf442c967963d6a72d28107a1ec79b02
content-length: 2137
GET

https://github.githubassets.com/assets/ui_packages_document-metadata_document-metadata_ts-ui_packages_repos-file-tree-view_repos-fil-5db355-d0627efd6544.js

msedge.exe

Remote address:

185.199.109.154:443

Request

GET /assets/ui_packages_document-metadata_document-metadata_ts-ui_packages_repos-file-tree-view_repos-fil-5db355-d0627efd6544.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/tree/master/RAT
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Fri, 20 Dec 2024 12:51:26 GMT
etag: "0x8DD20F504464C08"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 25 Dec 2024 11:22:52 GMT
age: 413785
x-served-by: cache-iad-kjyo7100131-IAD, cache-ams21077-AMS
x-cache: HIT, HIT
x-cache-hits: 17, 569
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 8c0ff1820d76bf16c05dd973f9cf9c52aed60866
content-length: 67047
GET

https://github.githubassets.com/assets/react-code-view-46a8d3dce54e.js

msedge.exe

Remote address:

185.199.109.154:443

Request

GET /assets/react-code-view-46a8d3dce54e.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/tree/master/RAT
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Wed, 18 Dec 2024 23:32:35 GMT
etag: "0x8DD1FBC40608B0C"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 25 Dec 2024 11:22:52 GMT
age: 478901
x-served-by: cache-iad-kiad7000168-IAD, cache-ams21077-AMS
x-cache: HIT, HIT
x-cache-hits: 53, 557
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: faf788c6ec71a87647e8c1c060b8915105921020
content-length: 13672
GET

https://avatars.githubusercontent.com/u/63458929?s=64&v=4

msedge.exe

Remote address:

185.199.111.133:443

Request

GET /u/63458929?s=64&v=4 HTTP/2.0
host: avatars.githubusercontent.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: max-age=300
content-security-policy: default-src 'none'
content-type: image/png
etag: "e25efc2f3c542a995df70f85198b7fd6184be4700ec9756e00c0a8fd9e7a124c"
last-modified: Mon, 22 Dec 2014 15:51:20 GMT
strict-transport-security: max-age=31557600
timing-allow-origin: https://github.com
x-content-type-options: nosniff
x-frame-options: deny
x-github-tenant:
x-xss-protection: 1; mode=block
x-github-request-id: 88E0:4E53C:47C47:4C457:676B59D8
accept-ranges: bytes
date: Wed, 25 Dec 2024 11:22:46 GMT
via: 1.1 varnish
x-served-by: cache-ams21050-AMS
x-cache: HIT
x-cache-hits: 0
x-timer: S1735125766.403530,VS0,VE1
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-fastly-request-id: d74c800ea151de8de210efa29195784be6de13e0
expires: Wed, 25 Dec 2024 11:27:46 GMT
source-age: 37165
vary: Authorization,Accept-Encoding
content-length: 1505
GET

https://avatars.githubusercontent.com/u/123590232?s=64&v=4

msedge.exe

Remote address:

185.199.111.133:443

Request

GET /u/123590232?s=64&v=4 HTTP/2.0
host: avatars.githubusercontent.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: max-age=300
content-security-policy: default-src 'none'
content-type: image/jpeg
etag: "1d9f1acf397d81e762e9ede9d36dd95eb2e889d8dc41c4f240aa17ffcd5ff02f"
last-modified: Thu, 20 Jul 2023 19:54:24 GMT
strict-transport-security: max-age=31557600
timing-allow-origin: https://github.com
x-content-type-options: nosniff
x-frame-options: deny
x-github-tenant:
x-xss-protection: 1; mode=block
x-github-request-id: 7738:1BBAC7:DF6288:E95EDF:676726AE
accept-ranges: bytes
date: Wed, 25 Dec 2024 11:22:46 GMT
via: 1.1 varnish
x-served-by: cache-ams21050-AMS
x-cache: HIT
x-cache-hits: 0
x-timer: S1735125766.403481,VS0,VE1
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-fastly-request-id: eb675d8c3738775d9ef0b0758a283e5995d068cb
expires: Wed, 25 Dec 2024 11:27:46 GMT
source-age: 312407
vary: Authorization,Accept-Encoding
content-length: 1266
GET

https://avatars.githubusercontent.com/u/63458929?v=4&size=40

msedge.exe

Remote address:

185.199.111.133:443

Request

GET /u/63458929?v=4&size=40 HTTP/2.0
host: avatars.githubusercontent.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: max-age=300
content-security-policy: default-src 'none'
content-type: image/png
etag: "e25efc2f3c542a995df70f85198b7fd6184be4700ec9756e00c0a8fd9e7a124c"
last-modified: Sun, 14 Dec 2014 23:09:35 GMT
strict-transport-security: max-age=31557600
timing-allow-origin: https://github.com
x-content-type-options: nosniff
x-frame-options: deny
x-github-tenant:
x-xss-protection: 1; mode=block
x-github-request-id: AC7E:16A80E:1D6C8F:1E2BDF:675C8DD5
accept-ranges: bytes
date: Wed, 25 Dec 2024 11:22:47 GMT
via: 1.1 varnish
x-served-by: cache-ams21050-AMS
x-cache: HIT
x-cache-hits: 0
x-timer: S1735125768.509111,VS0,VE1
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-fastly-request-id: ee717e1eb37e821c47f57c27c87cec658a3874a6
expires: Wed, 25 Dec 2024 11:27:47 GMT
source-age: 1006897
vary: Authorization,Accept-Encoding
content-length: 1505
GET

https://avatars.githubusercontent.com/u/123590232?v=4&size=40

msedge.exe

Remote address:

185.199.111.133:443

Request

GET /u/123590232?v=4&size=40 HTTP/2.0
host: avatars.githubusercontent.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Ransomware/CoronaVirus.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: max-age=300
content-security-policy: default-src 'none'
content-type: image/jpeg
etag: "7092780138ee29ef74ab07ab33208aed411686853b3bcef4814b6c7687153094"
last-modified: Thu, 20 Jul 2023 19:54:24 GMT
strict-transport-security: max-age=31557600
timing-allow-origin: https://github.com
x-content-type-options: nosniff
x-frame-options: deny
x-github-tenant:
x-xss-protection: 1; mode=block
x-github-request-id: 5545:70517:F6BC:103E8:676B448E
accept-ranges: bytes
date: Wed, 25 Dec 2024 11:24:30 GMT
via: 1.1 varnish
x-served-by: cache-ams21050-AMS
x-cache: HIT
x-cache-hits: 0
x-timer: S1735125870.073340,VS0,VE1
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-fastly-request-id: 7654704eb61be7c89a171745bf597bec85aa6673
expires: Wed, 25 Dec 2024 11:29:30 GMT
source-age: 42719
vary: Authorization,Accept-Encoding
content-length: 1014
GET

https://github.githubassets.com/favicons/favicon.svg

msedge.exe

Remote address:

185.199.109.154:443

Request

GET /favicons/favicon.svg HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: image/svg+xml
content-md5: bYAvaN8MCaSZfP0o7q/Z/w==
last-modified: Wed, 14 Aug 2024 19:18:58 GMT
etag: "0x8DCBC95F2647EDF"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 25 Dec 2024 11:22:47 GMT
age: 150
x-served-by: cache-iad-kiad7000081-IAD, cache-ams21059-AMS
x-cache: HIT, HIT
x-cache-hits: 3082817, 2
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 6dc3ce0ad97521c25c53d1b67cdc7d6906a84dbb
content-length: 959
GET

https://github.githubassets.com/assets/apple-touch-icon-144x144-b882e354c005.png

msedge.exe

Remote address:

185.199.109.154:443

Request

GET /assets/apple-touch-icon-144x144-b882e354c005.png HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: image/png
content-md5: YDrNCDxuYozaAYS2sPzvIQ==
last-modified: Wed, 14 Aug 2024 19:49:39 GMT
etag: "0x8DCBC9A3C0EF02F"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 25 Dec 2024 11:22:47 GMT
age: 3477239
x-served-by: cache-iad-kiad7000023-IAD, cache-ams21059-AMS
x-cache: HIT, HIT
x-cache-hits: 5398, 13570
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 35236af352f4e1a7d19a2b80bb800a22fef61bdb
content-length: 14426
GET

https://github.githubassets.com/favicons/favicon.png

msedge.exe

Remote address:

185.199.109.154:443

Request

GET /favicons/favicon.png HTTP/2.0
host: github.githubassets.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: image/png
content-md5: NG4JRxNi8pB1EKMYEhKc0g==
last-modified: Wed, 14 Aug 2024 19:18:46 GMT
etag: "0x8DCBC95EB57AC96"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 25 Dec 2024 11:22:47 GMT
age: 134
x-served-by: cache-iad-kiad7000070-IAD, cache-ams21059-AMS
x-cache: HIT, HIT
x-cache-hits: 2431157, 1
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 958b527ca5d0daf8a6df9e5b8fc6fa5e9d3a32f5
content-length: 958
POST

https://collector.github.com/github/collect

msedge.exe

Remote address:

140.82.114.21:443

Request

POST /github/collect HTTP/2.0
host: collector.github.com
content-length: 1043
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
content-type: text/plain;charset=UTF-8
accept: */*
origin: https://github.com
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _octo=GH1.1.1788271999.1735125765
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 204

date: Wed, 25 Dec 2024 11:22:47 GMT
access-control-allow-methods: POST,OPTIONS
access-control-allow-headers: Content-Type
access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: no-cache
x-runtime: 0.003749
strict-transport-security: max-age=631138519
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-github-backend: Kubernetes
x-github-request-id: ABB9:39089B:869E7B:D1B5E3:676BEB07
POST

https://collector.github.com/github/collect

msedge.exe

Remote address:

140.82.114.21:443

Request

POST /github/collect HTTP/2.0
host: collector.github.com
content-length: 1094
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
content-type: text/plain;charset=UTF-8
accept: */*
origin: https://github.com
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/tree/master/RAT
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _octo=GH1.1.1788271999.1735125765
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 204

date: Wed, 25 Dec 2024 11:22:52 GMT
access-control-allow-methods: POST,OPTIONS
access-control-allow-headers: Content-Type
access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: no-cache
x-runtime: 0.002285
strict-transport-security: max-age=631138519
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-github-backend: Kubernetes
x-github-request-id: ABB9:39089B:86A311:D1BCE7:676BEB07
POST

https://collector.github.com/github/collect

msedge.exe

Remote address:

140.82.114.21:443

Request

POST /github/collect HTTP/2.0
host: collector.github.com
content-length: 1127
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
content-type: text/plain;charset=UTF-8
accept: */*
origin: https://github.com
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/RAT/NJRat.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _octo=GH1.1.1788271999.1735125765
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 204

date: Wed, 25 Dec 2024 11:22:58 GMT
access-control-allow-methods: POST,OPTIONS
access-control-allow-headers: Content-Type
access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: no-cache
x-runtime: 0.021612
strict-transport-security: max-age=631138519
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-github-backend: Kubernetes
x-github-request-id: ABB9:39089B:86A7E8:D1C47D:676BEB0C
POST

https://collector.github.com/github/collect

msedge.exe

Remote address:

140.82.114.21:443

Request

POST /github/collect HTTP/2.0
host: collector.github.com
content-length: 1130
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
content-type: text/plain;charset=UTF-8
accept: */*
origin: https://github.com
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/RAT/NJRat.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _octo=GH1.1.1788271999.1735125765
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 204

date: Wed, 25 Dec 2024 11:22:58 GMT
access-control-allow-methods: POST,OPTIONS
access-control-allow-headers: Content-Type
access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: no-cache
x-runtime: 0.014009
strict-transport-security: max-age=631138519
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-github-backend: Kubernetes
x-github-request-id: ABB9:39089B:86A7F1:D1C485:676BEB12
POST

https://collector.github.com/github/collect

msedge.exe

Remote address:

140.82.114.21:443

Request

POST /github/collect HTTP/2.0
host: collector.github.com
content-length: 1235
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
content-type: text/plain;charset=UTF-8
accept: */*
origin: https://github.com
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/RAT/NJRat.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _octo=GH1.1.1788271999.1735125765
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 204

date: Wed, 25 Dec 2024 11:23:19 GMT
access-control-allow-methods: POST,OPTIONS
access-control-allow-headers: Content-Type
access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: no-cache
x-runtime: 0.041531
strict-transport-security: max-age=631138519
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-github-backend: Kubernetes
x-github-request-id: ABB9:39089B:86BA2B:D1E0CD:676BEB12
POST

https://collector.github.com/github/collect

msedge.exe

Remote address:

140.82.114.21:443

Request

POST /github/collect HTTP/2.0
host: collector.github.com
content-length: 1150
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
content-type: text/plain;charset=UTF-8
accept: */*
origin: https://github.com
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/RAT/CrimsonRAT.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _octo=GH1.1.1788271999.1735125765
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 204

date: Wed, 25 Dec 2024 11:23:19 GMT
access-control-allow-methods: POST,OPTIONS
access-control-allow-headers: Content-Type
access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: no-cache
x-runtime: 0.022884
strict-transport-security: max-age=631138519
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-github-backend: Kubernetes
x-github-request-id: ABB9:39089B:86BA9E:D1E180:676BEB27
POST

https://collector.github.com/github/collect

msedge.exe

Remote address:

140.82.114.21:443

Request

POST /github/collect HTTP/2.0
host: collector.github.com
content-length: 1150
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
content-type: text/plain;charset=UTF-8
accept: */*
origin: https://github.com
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/RAT/CrimsonRAT.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _octo=GH1.1.1788271999.1735125765
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 204

date: Wed, 25 Dec 2024 11:23:19 GMT
access-control-allow-methods: POST,OPTIONS
access-control-allow-headers: Content-Type
access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: no-cache
x-runtime: 0.002745
strict-transport-security: max-age=631138519
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-github-backend: Kubernetes
x-github-request-id: ABB9:39089B:86BAA1:D1E186:676BEB27
POST

https://collector.github.com/github/collect

msedge.exe

Remote address:

140.82.114.21:443

Request

POST /github/collect HTTP/2.0
host: collector.github.com
content-length: 1205
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
content-type: text/plain;charset=UTF-8
accept: */*
origin: https://github.com
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/RAT/CrimsonRAT.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _octo=GH1.1.1788271999.1735125765
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 204

date: Wed, 25 Dec 2024 11:24:22 GMT
access-control-allow-methods: POST,OPTIONS
access-control-allow-headers: Content-Type
access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: no-cache
x-runtime: 0.046377
strict-transport-security: max-age=631138519
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-github-backend: Kubernetes
x-github-request-id: ABB9:39089B:86F1FA:D236FD:676BEB27
POST

https://collector.github.com/github/collect

msedge.exe

Remote address:

140.82.114.21:443

Request

POST /github/collect HTTP/2.0
host: collector.github.com
content-length: 1258
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
content-type: text/plain;charset=UTF-8
accept: */*
origin: https://github.com
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/RAT/CrimsonRAT.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _octo=GH1.1.1788271999.1735125765
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 204

date: Wed, 25 Dec 2024 11:24:29 GMT
access-control-allow-methods: POST,OPTIONS
access-control-allow-headers: Content-Type
access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: no-cache
x-runtime: 0.001973
strict-transport-security: max-age=631138519
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-github-backend: Kubernetes
x-github-request-id: ABB9:39089B:86F826:D24063:676BEB66
POST

https://collector.github.com/github/collect

msedge.exe

Remote address:

140.82.114.21:443

Request

POST /github/collect HTTP/2.0
host: collector.github.com
content-length: 1170
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
content-type: text/plain;charset=UTF-8
accept: */*
origin: https://github.com
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Ransomware/CoronaVirus.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _octo=GH1.1.1788271999.1735125765
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 204

date: Wed, 25 Dec 2024 11:24:29 GMT
access-control-allow-methods: POST,OPTIONS
access-control-allow-headers: Content-Type
access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: no-cache
x-runtime: 0.002692
strict-transport-security: max-age=631138519
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-github-backend: Kubernetes
x-github-request-id: ABB9:39089B:86F8EE:D24179:676BEB6D
POST

https://collector.github.com/github/collect

msedge.exe

Remote address:

140.82.114.21:443

Request

POST /github/collect HTTP/2.0
host: collector.github.com
content-length: 1171
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
content-type: text/plain;charset=UTF-8
accept: */*
origin: https://github.com
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Ransomware/CoronaVirus.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _octo=GH1.1.1788271999.1735125765
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 204

date: Wed, 25 Dec 2024 11:24:29 GMT
access-control-allow-methods: POST,OPTIONS
access-control-allow-headers: Content-Type
access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: no-cache
x-runtime: 0.002016
strict-transport-security: max-age=631138519
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-github-backend: Kubernetes
x-github-request-id: ABB9:39089B:86F8F6:D24187:676BEB6D
POST

https://collector.github.com/github/collect

msedge.exe

Remote address:

140.82.114.21:443

Request

POST /github/collect HTTP/2.0
host: collector.github.com
content-length: 1277
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
content-type: text/plain;charset=UTF-8
accept: */*
origin: https://github.com
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Ransomware/CoronaVirus.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _octo=GH1.1.1788271999.1735125765
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 204

date: Wed, 25 Dec 2024 11:24:48 GMT
access-control-allow-methods: POST,OPTIONS
access-control-allow-headers: Content-Type
access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: no-cache
x-runtime: 0.045164
strict-transport-security: max-age=631138519
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-github-backend: Kubernetes
x-github-request-id: ABB9:39089B:870A38:D25BB9:676BEB6D
POST

https://collector.github.com/github/collect

msedge.exe

Remote address:

140.82.114.21:443

Request

POST /github/collect HTTP/2.0
host: collector.github.com
content-length: 1272
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
content-type: text/plain;charset=UTF-8
accept: */*
origin: https://github.com
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Ransomware/RedEye.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _octo=GH1.1.1788271999.1735125765
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 204

date: Wed, 25 Dec 2024 11:24:50 GMT
access-control-allow-methods: POST,OPTIONS
access-control-allow-headers: Content-Type
access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: no-cache
x-runtime: 0.042837
strict-transport-security: max-age=631138519
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-github-backend: Kubernetes
x-github-request-id: ABB9:39089B:870C7F:D25F52:676BEB80
POST

https://api.github.com/_private/browser/stats

msedge.exe

Remote address:

20.26.156.210:443

Request

POST /_private/browser/stats HTTP/2.0
host: api.github.com
content-length: 5325
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
content-type: text/plain;charset=UTF-8
accept: */*
origin: https://github.com
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _octo=GH1.1.1788271999.1735125765
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 200

date: Wed, 25 Dec 2024 11:22:47 GMT
content-type: text/plain
content-length: 0
cache-control: no-cache
x-ratelimit-limit: 60
x-ratelimit-remaining: 60
x-ratelimit-reset: 1735129367
x-ratelimit-used: 0
x-ratelimit-resource: core
x-github-media-type: github.v3; format=json
x-github-api-version-selected: 2022-11-28
access-control-expose-headers: ETag, Link, Location, Retry-After, X-GitHub-OTP, X-RateLimit-Limit, X-RateLimit-Remaining, X-RateLimit-Used, X-RateLimit-Resource, X-RateLimit-Reset, X-OAuth-Scopes, X-Accepted-OAuth-Scopes, X-Poll-Interval, X-GitHub-Media-Type, X-GitHub-SSO, X-GitHub-Request-Id, Deprecation, Sunset
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
content-security-policy: default-src 'none'
vary: Accept-Encoding, Accept, X-Requested-With
server: github.com
x-github-request-id: AC61:1A4D88:259D36:303CDD:676BEB07
POST

https://api.github.com/_private/browser/stats

msedge.exe

Remote address:

20.26.156.210:443

Request

POST /_private/browser/stats HTTP/2.0
host: api.github.com
content-length: 1512
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
content-type: text/plain;charset=UTF-8
accept: */*
origin: https://github.com
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/tree/master/RAT
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _octo=GH1.1.1788271999.1735125765
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 200

date: Wed, 25 Dec 2024 11:22:58 GMT
content-type: text/plain
content-length: 0
cache-control: no-cache
x-ratelimit-limit: 60
x-ratelimit-remaining: 60
x-ratelimit-reset: 1735129378
x-ratelimit-used: 0
x-ratelimit-resource: core
x-github-media-type: github.v3; format=json
x-github-api-version-selected: 2022-11-28
access-control-expose-headers: ETag, Link, Location, Retry-After, X-GitHub-OTP, X-RateLimit-Limit, X-RateLimit-Remaining, X-RateLimit-Used, X-RateLimit-Resource, X-RateLimit-Reset, X-OAuth-Scopes, X-Accepted-OAuth-Scopes, X-Poll-Interval, X-GitHub-Media-Type, X-GitHub-SSO, X-GitHub-Request-Id, Deprecation, Sunset
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
content-security-policy: default-src 'none'
vary: Accept-Encoding, Accept, X-Requested-With
server: github.com
x-github-request-id: AC61:1A4D88:259FFE:304039:676BEB07
POST

https://api.github.com/_private/browser/stats

msedge.exe

Remote address:

20.26.156.210:443

Request

POST /_private/browser/stats HTTP/2.0
host: api.github.com
content-length: 611
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
content-type: text/plain;charset=UTF-8
accept: */*
origin: https://github.com
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/RAT/NJRat.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _octo=GH1.1.1788271999.1735125765
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 200

date: Wed, 25 Dec 2024 11:23:03 GMT
content-type: text/plain
content-length: 0
cache-control: no-cache
x-ratelimit-limit: 60
x-ratelimit-remaining: 60
x-ratelimit-reset: 1735129383
x-ratelimit-used: 0
x-ratelimit-resource: core
x-github-media-type: github.v3; format=json
x-github-api-version-selected: 2022-11-28
access-control-expose-headers: ETag, Link, Location, Retry-After, X-GitHub-OTP, X-RateLimit-Limit, X-RateLimit-Remaining, X-RateLimit-Used, X-RateLimit-Resource, X-RateLimit-Reset, X-OAuth-Scopes, X-Accepted-OAuth-Scopes, X-Poll-Interval, X-GitHub-Media-Type, X-GitHub-SSO, X-GitHub-Request-Id, Deprecation, Sunset
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
content-security-policy: default-src 'none'
vary: Accept-Encoding, Accept, X-Requested-With
server: github.com
x-github-request-id: AC61:1A4D88:25A1E4:30428C:676BEB12
POST

https://api.github.com/_private/browser/stats

msedge.exe

Remote address:

20.26.156.210:443

Request

POST /_private/browser/stats HTTP/2.0
host: api.github.com
content-length: 220
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
content-type: text/plain;charset=UTF-8
accept: */*
origin: https://github.com
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/RAT/CrimsonRAT.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _octo=GH1.1.1788271999.1735125765
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 200

date: Wed, 25 Dec 2024 11:23:19 GMT
content-type: text/plain
content-length: 0
cache-control: no-cache
x-ratelimit-limit: 60
x-ratelimit-remaining: 60
x-ratelimit-reset: 1735129399
x-ratelimit-used: 0
x-ratelimit-resource: core
x-github-media-type: github.v3; format=json
x-github-api-version-selected: 2022-11-28
access-control-expose-headers: ETag, Link, Location, Retry-After, X-GitHub-OTP, X-RateLimit-Limit, X-RateLimit-Remaining, X-RateLimit-Used, X-RateLimit-Resource, X-RateLimit-Reset, X-OAuth-Scopes, X-Accepted-OAuth-Scopes, X-Poll-Interval, X-GitHub-Media-Type, X-GitHub-SSO, X-GitHub-Request-Id, Deprecation, Sunset
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
content-security-policy: default-src 'none'
vary: Accept-Encoding, Accept, X-Requested-With
server: github.com
x-github-request-id: AC61:1A4D88:25A785:30493C:676BEB17
POST

https://api.github.com/_private/browser/stats

msedge.exe

Remote address:

20.26.156.210:443

Request

POST /_private/browser/stats HTTP/2.0
host: api.github.com
content-length: 325
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
content-type: text/plain;charset=UTF-8
accept: */*
origin: https://github.com
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/RAT/CrimsonRAT.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _octo=GH1.1.1788271999.1735125765
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 200

date: Wed, 25 Dec 2024 11:23:24 GMT
content-type: text/plain
content-length: 0
cache-control: no-cache
x-ratelimit-limit: 60
x-ratelimit-remaining: 60
x-ratelimit-reset: 1735129404
x-ratelimit-used: 0
x-ratelimit-resource: core
x-github-media-type: github.v3; format=json
x-github-api-version-selected: 2022-11-28
access-control-expose-headers: ETag, Link, Location, Retry-After, X-GitHub-OTP, X-RateLimit-Limit, X-RateLimit-Remaining, X-RateLimit-Used, X-RateLimit-Resource, X-RateLimit-Reset, X-OAuth-Scopes, X-Accepted-OAuth-Scopes, X-Poll-Interval, X-GitHub-Media-Type, X-GitHub-SSO, X-GitHub-Request-Id, Deprecation, Sunset
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
content-security-policy: default-src 'none'
vary: Accept-Encoding, Accept, X-Requested-With
server: github.com
x-github-request-id: AC61:1A4D88:25A948:304B44:676BEB28
GET

https://raw.githubusercontent.com/Da2dalus/The-MALWARE-Repo/refs/heads/master/RAT/NJRat.exe

msedge.exe

Remote address:

185.199.108.133:443

Request

GET /Da2dalus/The-MALWARE-Repo/refs/heads/master/RAT/NJRat.exe HTTP/2.0
host: raw.githubusercontent.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
origin: https://github.com
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/RAT/NJRat.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: max-age=300
content-security-policy: default-src 'none'; style-src 'unsafe-inline'; sandbox
content-type: application/octet-stream
etag: W/"e7cf3ab4ab27dc9d02c7ecaadd6796ea5fe82d055ea1c679d1249b0c3fcee6f5"
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: deny
x-xss-protection: 1; mode=block
x-github-request-id: B7E1:7BDA3:56148B:5A5943:676BEB14
accept-ranges: bytes
date: Wed, 25 Dec 2024 11:23:02 GMT
via: 1.1 varnish
x-served-by: cache-ams21038-AMS
x-cache: MISS
x-cache-hits: 0
x-timer: S1735125782.253317,VS0,VE159
vary: Authorization,Accept-Encoding,Origin
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-fastly-request-id: 3dc982ffd67b52f11e1378dc935701c3a737fa72
expires: Wed, 25 Dec 2024 11:28:02 GMT
source-age: 0
content-length: 32256
GET

https://raw.githubusercontent.com/Da2dalus/The-MALWARE-Repo/refs/heads/master/RAT/CrimsonRAT.exe

msedge.exe

Remote address:

185.199.108.133:443

Request

GET /Da2dalus/The-MALWARE-Repo/refs/heads/master/RAT/CrimsonRAT.exe HTTP/2.0
host: raw.githubusercontent.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
origin: https://github.com
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/RAT/CrimsonRAT.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: max-age=300
content-security-policy: default-src 'none'; style-src 'unsafe-inline'; sandbox
content-type: application/octet-stream
etag: W/"1390a6299d106b3ee742f0d51fc554b2947a5ea25d74be8fbb13fea632160cc0"
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: deny
x-xss-protection: 1; mode=block
x-github-request-id: 8356:8F181:53D70A:581C3E:676BEB29
accept-ranges: bytes
date: Wed, 25 Dec 2024 11:23:21 GMT
via: 1.1 varnish
x-served-by: cache-ams21038-AMS
x-cache: MISS
x-cache-hits: 0
x-timer: S1735125802.724728,VS0,VE186
vary: Authorization,Accept-Encoding,Origin
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-fastly-request-id: 20eba6b26b0597941122f381e542825a3f12203a
expires: Wed, 25 Dec 2024 11:28:21 GMT
source-age: 0
content-length: 86016
GET

https://raw.githubusercontent.com/Da2dalus/The-MALWARE-Repo/refs/heads/master/Ransomware/CoronaVirus.exe

msedge.exe

Remote address:

185.199.108.133:443

Request

GET /Da2dalus/The-MALWARE-Repo/refs/heads/master/Ransomware/CoronaVirus.exe HTTP/2.0
host: raw.githubusercontent.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
origin: https://github.com
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Ransomware/CoronaVirus.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: max-age=300
content-security-policy: default-src 'none'; style-src 'unsafe-inline'; sandbox
content-type: application/octet-stream
etag: W/"0c2ab3b5008de98cdf3744ee4162547dc4f03eaa3fa85e592090ddeaa7698c9f"
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: deny
x-xss-protection: 1; mode=block
x-github-request-id: 51E7:65750:525643:569D66:676BEB70
accept-ranges: bytes
date: Wed, 25 Dec 2024 11:24:32 GMT
via: 1.1 varnish
x-served-by: cache-ams21038-AMS
x-cache: MISS
x-cache-hits: 0
x-timer: S1735125872.122552,VS0,VE185
vary: Authorization,Accept-Encoding,Origin
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-fastly-request-id: abdc09f890840ae4a8008c2551b9add2bf9ecfc1
expires: Wed, 25 Dec 2024 11:29:32 GMT
source-age: 0
content-length: 1062912
GET

https://www.bing.com/qbox?query=free+minecraft&language=en-US&pt=EdgBox&cvid=da51f10fee9e4c68929b4d4f7a55def8&ig=8d63122ef7fb4ab39b34ab57453f4139&oit=4&cp=14&pgcl=4

msedge.exe

Remote address:

95.100.195.154:443

Request

GET /qbox?query=free+minecraft&language=en-US&pt=EdgBox&cvid=da51f10fee9e4c68929b4d4f7a55def8&ig=8d63122ef7fb4ab39b34ab57453f4139&oit=4&cp=14&pgcl=4 HTTP/1.1
Host: www.bing.com
Connection: keep-alive
Sec-Fetch-Site: none
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=2338596C739167DE37764C0C725866D5; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=2D3226E919DD4358A046111CD2C18B22&dmnchg=1; SRCHUSR=DOB=20241225&T=1735125755000; _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-12-25T08:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-12-25T11:22:41.1737217+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _Rwho=u=d&ts=2024-12-25; _SS=PC=U531&SID=1237EDD3F7EE629C1C5CF8B3F6276339&R=3&RB=0&GB=0&RG=200&RP=0; SRCHHPGUSR=SRCHLANG=en&HV=1735125760&DM=0&NTWKTYP=4g&BRW=M&BRH=S&CW=1280&CH=601&SCW=1263&SCH=1983&DPR=1.0&UTC=0&PV=10.0&WTS=63870722555; USRLOC=HS=1&BLOCK=TS=241225112241; ipv6=hit=1735129361377&t=4; MSPTC=0sId-ydt5KET1eJHPZpHrN8OIiMSzBo8-a6MuCxIyXw

Response

HTTP/1.1 200 OK

Content-Length: 266
Content-Type: application/json; charset=utf-8
Cache-Control: public, max-age=300
Content-Encoding: br
Vary: Accept-Encoding
X-EventID: 676beb427bff4de2825b60360475eb20
UserAgentReductionOptOut: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
Content-Security-Policy: script-src https: 'strict-dynamic' 'report-sample' 'wasm-unsafe-eval' 'nonce-M8ldAdKPmGgw3/pWHRVU0ponaQlYm3fgQFjbMEzuQ2Y='; base-uri 'self';report-to csp-endpoint
Report-To: {"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
Date: Wed, 25 Dec 2024 11:23:46 GMT
Connection: keep-alive
Set-Cookie: MUIDB=2338596C739167DE37764C0C725866D5; expires=Mon, 19-Jan-2026 11:23:46 GMT; path=/; HttpOnly
Set-Cookie: _EDGE_S=SID=1FC57F9C91F16DE935116AFC90ED6C81; domain=.bing.com; path=/; HttpOnly
Set-Cookie: SRCHHPGUSR=SRCHLANG=en&HV=1735125760&DM=0&NTWKTYP=4g&BRW=M&BRH=S&CW=1280&CH=601&SCW=1263&SCH=1983&DPR=1.0&UTC=0&PV=10.0&WTS=63870722555; domain=.bing.com; expires=Mon, 19-Jan-2026 11:23:46 GMT; path=/; secure; SameSite=None
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.91c2645f.1735125826.134a29d8
GET

https://www.bing.com/search?q=free+minecraft&cvid=da51f10fee9e4c68929b4d4f7a55def8&aqs=edge..69i57j0l6.3039j0j4&FORM=ANAB01&PC=U531

msedge.exe

Remote address:

95.100.195.154:443

Request

GET /search?q=free+minecraft&cvid=da51f10fee9e4c68929b4d4f7a55def8&aqs=edge..69i57j0l6.3039j0j4&FORM=ANAB01&PC=U531 HTTP/1.1
Host: www.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
sec-ch-ua-mobile: ?0
sec-ch-ua-full-version: "90.0.818.66"
sec-ch-ua-arch: "x86"
sec-ch-ua-platform: "Windows"
sec-ch-ua-platform-version: "10.0"
sec-ch-ua-model: ""
DNT: 1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=2338596C739167DE37764C0C725866D5; _EDGE_S=F=1&SID=1237EDD3F7EE629C1C5CF8B3F6276339; _EDGE_V=1; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=2D3226E919DD4358A046111CD2C18B22&dmnchg=1; ak_bmsc=2A9335954D3F56E8581EF560E67280CB~000000000000000000000000000000~YAAQhsJkX5eApu2TAQAAQ+eN/RpUqnTT3y0DuOK4JGYnvggFsOXTypTxjSCS2H/QHcqS5/tt98eklF8q24NGXIrzGoufZex6A1fFaYI0HtCXNAmQuV1svccr7m0EXvJ3VvliO+T1k61J9zAUzKtvK2aFs+ul2wAp1uSxNBsiIbRqpqM21hvia0At3e0RLJ7oOrbVsPPZhWTy7+l4ng/bARBf2Hwh2Ap9CsYKoENVXG7Icivuznsh1z4QWy7x5jhQ5Twh6GJQWj3Cg93jzNv5+Rs3xceCOyquicxIYQLJl7UKGsyFt8bjgA/kFCSH4lUnNfL6QPoIcGDmvCsT7fakphMixxP8B6mS1w3OGaqmpzjdjZwbF8wiVNy9Hx2soDk=; MUIDB=2338596C739167DE37764C0C725866D5; SRCHUSR=DOB=20241225&T=1735125755000; _C_ETH=1; _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-12-25T08:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-12-25T11:22:41.1737217+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _Rwho=u=d&ts=2024-12-25; _SS=PC=U531&SID=1237EDD3F7EE629C1C5CF8B3F6276339&R=3&RB=0&GB=0&RG=200&RP=0; SRCHHPGUSR=SRCHLANG=en&HV=1735125760&DM=0&NTWKTYP=4g&BRW=M&BRH=S&CW=1280&CH=601&SCW=1263&SCH=1983&DPR=1.0&UTC=0&PV=10.0&WTS=63870722555; USRLOC=HS=1&BLOCK=TS=241225112241; ipv6=hit=1735129361377&t=4; MSPTC=0sId-ydt5KET1eJHPZpHrN8OIiMSzBo8-a6MuCxIyXw

Response

HTTP/1.1 200 OK

Content-Type: text/html; charset=utf-8
Cache-Control: private, max-age=0
Content-Encoding: br
Expires: Wed, 25 Dec 2024 11:22:47 GMT
Vary: Accept-Encoding
X-EventID: 676beb436cf94ebd8683e18080ea77ed
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, ECT, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
UserAgentReductionOptOut: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Security-Policy: script-src https: 'strict-dynamic' 'report-sample' 'wasm-unsafe-eval' 'nonce-6RDV7te6vlCzjZGBc/RSVsoKCu48koCstIlyu8dKo3k='; base-uri 'self';report-to csp-endpoint
Report-To: {"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
Report-To: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingserp&ndcParam=QWthbWFp"}]}
Report-To: {"group":"crossorigin-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingserp"}]}
P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
NEL: {"report_to":"network-errors","max_age":604800,"success_fraction":0.01,"failure_fraction":1.0,"include_subdomains":true}
Cross-Origin-Embedder-Policy-Report-Only: 'require-corp; report-to=\"crossorigin-errors\"'
Cross-Origin-Opener-Policy-Report-Only: 'same-origin; report-to=\"crossorigin-errors\"'
Date: Wed, 25 Dec 2024 11:23:47 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Connection: Transfer-Encoding
Set-Cookie: _SS=PC=U531&SID=1237EDD3F7EE629C1C5CF8B3F6276339&R=3&RB=0&GB=0&RG=200&RP=0; domain=.bing.com; path=/; secure; SameSite=None
Set-Cookie: SRCHS=PC=U531; domain=.bing.com; path=/; secure; SameSite=None
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.91c2645f.1735125827.134a2a50
Set-Cookie: bm_sv=134AFBE15FCC1878E655F6869AC42D89~YAAQkcJkX/mThOyTAQAA1v6O/RpuaR7Co4b9g3PpWGhmUurTIfwxr2sxIIp9CjqRFtNv8Xsn82/K/5KZCnop9VQcwANoqoklQHL2Wn+gTuUlG1KhIcAy9YQDgjw7+85xtvel3KdZHwji2g7jJjrQ2A3ZwClGaOAOCwFmMnNp5XPeDnvDJVd2PrB5vQB3xreJs1KT7mvjQ7QfnMumi3ljZpX9oiYF6laYxZ+LN2T4noagBztyCw9Wkh47IbCNZQ==~1; Domain=.bing.com; Path=/; Expires=Wed, 25 Dec 2024 13:23:47 GMT; Max-Age=7200; Secure
GET

https://www.bing.com/fd/ls/l?IG=D0DCDB97B59A4F31AEB54F45F397A531&Type=Event.ClientInst&DATA=[{%22T%22:%22CI.BM%22,%22FID%22:%22CI%22,%22Name%22:%22HV%22}]

msedge.exe

Remote address:

95.100.195.154:443

Request

GET /fd/ls/l?IG=D0DCDB97B59A4F31AEB54F45F397A531&Type=Event.ClientInst&DATA=[{%22T%22:%22CI.BM%22,%22FID%22:%22CI%22,%22Name%22:%22HV%22}] HTTP/1.1
Host: www.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "90.0.818.66"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://www.bing.com/search?q=free+minecraft&cvid=da51f10fee9e4c68929b4d4f7a55def8&aqs=edge..69i57j0l6.3039j0j4&FORM=ANAB01&PC=U531
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=2338596C739167DE37764C0C725866D5; _EDGE_S=F=1&SID=1237EDD3F7EE629C1C5CF8B3F6276339; _EDGE_V=1; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=2D3226E919DD4358A046111CD2C18B22&dmnchg=1; ak_bmsc=2A9335954D3F56E8581EF560E67280CB~000000000000000000000000000000~YAAQhsJkX5eApu2TAQAAQ+eN/RpUqnTT3y0DuOK4JGYnvggFsOXTypTxjSCS2H/QHcqS5/tt98eklF8q24NGXIrzGoufZex6A1fFaYI0HtCXNAmQuV1svccr7m0EXvJ3VvliO+T1k61J9zAUzKtvK2aFs+ul2wAp1uSxNBsiIbRqpqM21hvia0At3e0RLJ7oOrbVsPPZhWTy7+l4ng/bARBf2Hwh2Ap9CsYKoENVXG7Icivuznsh1z4QWy7x5jhQ5Twh6GJQWj3Cg93jzNv5+Rs3xceCOyquicxIYQLJl7UKGsyFt8bjgA/kFCSH4lUnNfL6QPoIcGDmvCsT7fakphMixxP8B6mS1w3OGaqmpzjdjZwbF8wiVNy9Hx2soDk=; MUIDB=2338596C739167DE37764C0C725866D5; SRCHUSR=DOB=20241225&T=1735125755000; _C_ETH=1; _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-12-25T08:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-12-25T11:22:41.1737217+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _Rwho=u=d&ts=2024-12-25; _SS=PC=U531&SID=1237EDD3F7EE629C1C5CF8B3F6276339&R=3&RB=0&GB=0&RG=200&RP=0; USRLOC=HS=1&BLOCK=TS=241225112241; ipv6=hit=1735129361377&t=4; MSPTC=0sId-ydt5KET1eJHPZpHrN8OIiMSzBo8-a6MuCxIyXw; SRCHS=PC=U531; bm_sv=134AFBE15FCC1878E655F6869AC42D89~YAAQkcJkX/mThOyTAQAA1v6O/RpuaR7Co4b9g3PpWGhmUurTIfwxr2sxIIp9CjqRFtNv8Xsn82/K/5KZCnop9VQcwANoqoklQHL2Wn+gTuUlG1KhIcAy9YQDgjw7+85xtvel3KdZHwji2g7jJjrQ2A3ZwClGaOAOCwFmMnNp5XPeDnvDJVd2PrB5vQB3xreJs1KT7mvjQ7QfnMumi3ljZpX9oiYF6laYxZ+LN2T4noagBztyCw9Wkh47IbCNZQ==~1; SRCHHPGUSR=SRCHLANG=en&HV=1735125826&DM=0&NTWKTYP=4g&BRW=M&BRH=S&CW=1280&CH=601&SCW=1263&SCH=1983&DPR=1.0&UTC=0&PV=10.0&WTS=63870722555

Response

HTTP/1.1 200 OK

Content-Length: 0
Access-Control-Allow-Origin: *
Date: Wed, 25 Dec 2024 11:23:47 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.91c2645f.1735125827.134a2f5a
POST

https://www.bing.com/fd/ls/lsp.aspx?

msedge.exe

Remote address:

95.100.195.154:443

Request

POST /fd/ls/lsp.aspx? HTTP/1.1
Host: www.bing.com
Connection: keep-alive
Content-Length: 345
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "90.0.818.66"
sec-ch-ua-platform-version: "10.0"
Content-Type: text/plain;charset=UTF-8
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
Accept: */*
Origin: https://www.bing.com
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/search?q=free+minecraft&cvid=da51f10fee9e4c68929b4d4f7a55def8&aqs=edge..69i57j0l6.3039j0j4&FORM=ANAB01&PC=U531
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=2338596C739167DE37764C0C725866D5; _EDGE_S=F=1&SID=1237EDD3F7EE629C1C5CF8B3F6276339; _EDGE_V=1; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=2D3226E919DD4358A046111CD2C18B22&dmnchg=1; ak_bmsc=2A9335954D3F56E8581EF560E67280CB~000000000000000000000000000000~YAAQhsJkX5eApu2TAQAAQ+eN/RpUqnTT3y0DuOK4JGYnvggFsOXTypTxjSCS2H/QHcqS5/tt98eklF8q24NGXIrzGoufZex6A1fFaYI0HtCXNAmQuV1svccr7m0EXvJ3VvliO+T1k61J9zAUzKtvK2aFs+ul2wAp1uSxNBsiIbRqpqM21hvia0At3e0RLJ7oOrbVsPPZhWTy7+l4ng/bARBf2Hwh2Ap9CsYKoENVXG7Icivuznsh1z4QWy7x5jhQ5Twh6GJQWj3Cg93jzNv5+Rs3xceCOyquicxIYQLJl7UKGsyFt8bjgA/kFCSH4lUnNfL6QPoIcGDmvCsT7fakphMixxP8B6mS1w3OGaqmpzjdjZwbF8wiVNy9Hx2soDk=; MUIDB=2338596C739167DE37764C0C725866D5; SRCHUSR=DOB=20241225&T=1735125755000; _C_ETH=1; _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-12-25T08:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-12-25T11:22:41.1737217+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _Rwho=u=d&ts=2024-12-25; _SS=PC=U531&SID=1237EDD3F7EE629C1C5CF8B3F6276339&R=3&RB=0&GB=0&RG=200&RP=0; USRLOC=HS=1&BLOCK=TS=241225112241; ipv6=hit=1735129361377&t=4; MSPTC=0sId-ydt5KET1eJHPZpHrN8OIiMSzBo8-a6MuCxIyXw; SRCHS=PC=U531; bm_sv=134AFBE15FCC1878E655F6869AC42D89~YAAQkcJkX/mThOyTAQAA1v6O/RpuaR7Co4b9g3PpWGhmUurTIfwxr2sxIIp9CjqRFtNv8Xsn82/K/5KZCnop9VQcwANoqoklQHL2Wn+gTuUlG1KhIcAy9YQDgjw7+85xtvel3KdZHwji2g7jJjrQ2A3ZwClGaOAOCwFmMnNp5XPeDnvDJVd2PrB5vQB3xreJs1KT7mvjQ7QfnMumi3ljZpX9oiYF6laYxZ+LN2T4noagBztyCw9Wkh47IbCNZQ==~1; SRCHHPGUSR=SRCHLANG=en&HV=1735125826&DM=0&NTWKTYP=4g&BRW=M&BRH=S&CW=1280&CH=601&SCW=1263&SCH=1983&DPR=1.0&UTC=0&PV=10.0&WTS=63870722555

Response

HTTP/1.1 204 No Content

Access-Control-Allow-Origin: *
Date: Wed, 25 Dec 2024 11:23:48 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.91c2645f.1735125828.134a31cc
GET

https://www.bing.com/fd/ls/l?IG=D0DCDB97B59A4F31AEB54F45F397A531&TYPE=Event.ClientInst&DATA=%5B%7B%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1735125826902%2C%22Name%22%3A%220%22%2C%22FID%22%3A%22DARKMODE%22%7D%5D

msedge.exe

Remote address:

95.100.195.154:443

Request

GET /fd/ls/l?IG=D0DCDB97B59A4F31AEB54F45F397A531&TYPE=Event.ClientInst&DATA=%5B%7B%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1735125826902%2C%22Name%22%3A%220%22%2C%22FID%22%3A%22DARKMODE%22%7D%5D HTTP/1.1
Host: www.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "90.0.818.66"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://www.bing.com/search?q=free+minecraft&cvid=da51f10fee9e4c68929b4d4f7a55def8&aqs=edge..69i57j0l6.3039j0j4&FORM=ANAB01&PC=U531
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=2338596C739167DE37764C0C725866D5; _EDGE_S=F=1&SID=1237EDD3F7EE629C1C5CF8B3F6276339; _EDGE_V=1; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=2D3226E919DD4358A046111CD2C18B22&dmnchg=1; ak_bmsc=2A9335954D3F56E8581EF560E67280CB~000000000000000000000000000000~YAAQhsJkX5eApu2TAQAAQ+eN/RpUqnTT3y0DuOK4JGYnvggFsOXTypTxjSCS2H/QHcqS5/tt98eklF8q24NGXIrzGoufZex6A1fFaYI0HtCXNAmQuV1svccr7m0EXvJ3VvliO+T1k61J9zAUzKtvK2aFs+ul2wAp1uSxNBsiIbRqpqM21hvia0At3e0RLJ7oOrbVsPPZhWTy7+l4ng/bARBf2Hwh2Ap9CsYKoENVXG7Icivuznsh1z4QWy7x5jhQ5Twh6GJQWj3Cg93jzNv5+Rs3xceCOyquicxIYQLJl7UKGsyFt8bjgA/kFCSH4lUnNfL6QPoIcGDmvCsT7fakphMixxP8B6mS1w3OGaqmpzjdjZwbF8wiVNy9Hx2soDk=; MUIDB=2338596C739167DE37764C0C725866D5; SRCHUSR=DOB=20241225&T=1735125755000; _C_ETH=1; _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-12-25T08:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-12-25T11:22:41.1737217+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _Rwho=u=d&ts=2024-12-25; _SS=PC=U531&SID=1237EDD3F7EE629C1C5CF8B3F6276339&R=3&RB=0&GB=0&RG=200&RP=0; USRLOC=HS=1&BLOCK=TS=241225112241; ipv6=hit=1735129361377&t=4; MSPTC=0sId-ydt5KET1eJHPZpHrN8OIiMSzBo8-a6MuCxIyXw; SRCHS=PC=U531; bm_sv=134AFBE15FCC1878E655F6869AC42D89~YAAQkcJkX/mThOyTAQAA1v6O/RpuaR7Co4b9g3PpWGhmUurTIfwxr2sxIIp9CjqRFtNv8Xsn82/K/5KZCnop9VQcwANoqoklQHL2Wn+gTuUlG1KhIcAy9YQDgjw7+85xtvel3KdZHwji2g7jJjrQ2A3ZwClGaOAOCwFmMnNp5XPeDnvDJVd2PrB5vQB3xreJs1KT7mvjQ7QfnMumi3ljZpX9oiYF6laYxZ+LN2T4noagBztyCw9Wkh47IbCNZQ==~1; SRCHHPGUSR=SRCHLANG=en&HV=1735125826&DM=0&NTWKTYP=4g&BRW=M&BRH=S&CW=1280&CH=601&SCW=1263&SCH=1983&DPR=1.0&UTC=0&PV=10.0&WTS=63870722555

Response

HTTP/1.1 200 OK

Content-Length: 0
Access-Control-Allow-Origin: *
Date: Wed, 25 Dec 2024 11:23:48 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.91c2645f.1735125828.134a3302
GET

https://www.bing.com/images/sbi?mmasync=1&ig=D0DCDB97B59A4F31AEB54F45F397A531&iid=.5094&ptn=Web&ep=0&iconpl=1

msedge.exe

Remote address:

95.100.195.154:443

Request

GET /images/sbi?mmasync=1&ig=D0DCDB97B59A4F31AEB54F45F397A531&iid=.5094&ptn=Web&ep=0&iconpl=1 HTTP/1.1
Host: www.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "90.0.818.66"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
Accept: */*
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/search?q=free+minecraft&cvid=da51f10fee9e4c68929b4d4f7a55def8&aqs=edge..69i57j0l6.3039j0j4&FORM=ANAB01&PC=U531
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=2338596C739167DE37764C0C725866D5; _EDGE_S=F=1&SID=1237EDD3F7EE629C1C5CF8B3F6276339; _EDGE_V=1; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=2D3226E919DD4358A046111CD2C18B22&dmnchg=1; ak_bmsc=2A9335954D3F56E8581EF560E67280CB~000000000000000000000000000000~YAAQhsJkX5eApu2TAQAAQ+eN/RpUqnTT3y0DuOK4JGYnvggFsOXTypTxjSCS2H/QHcqS5/tt98eklF8q24NGXIrzGoufZex6A1fFaYI0HtCXNAmQuV1svccr7m0EXvJ3VvliO+T1k61J9zAUzKtvK2aFs+ul2wAp1uSxNBsiIbRqpqM21hvia0At3e0RLJ7oOrbVsPPZhWTy7+l4ng/bARBf2Hwh2Ap9CsYKoENVXG7Icivuznsh1z4QWy7x5jhQ5Twh6GJQWj3Cg93jzNv5+Rs3xceCOyquicxIYQLJl7UKGsyFt8bjgA/kFCSH4lUnNfL6QPoIcGDmvCsT7fakphMixxP8B6mS1w3OGaqmpzjdjZwbF8wiVNy9Hx2soDk=; MUIDB=2338596C739167DE37764C0C725866D5; SRCHUSR=DOB=20241225&T=1735125755000; _C_ETH=1; _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-12-25T08:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-12-25T11:22:41.1737217+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _Rwho=u=d&ts=2024-12-25; _SS=PC=U531&SID=1237EDD3F7EE629C1C5CF8B3F6276339&R=3&RB=0&GB=0&RG=200&RP=0; USRLOC=HS=1&BLOCK=TS=241225112241; ipv6=hit=1735129361377&t=4; MSPTC=0sId-ydt5KET1eJHPZpHrN8OIiMSzBo8-a6MuCxIyXw; SRCHS=PC=U531; bm_sv=134AFBE15FCC1878E655F6869AC42D89~YAAQkcJkX/mThOyTAQAA1v6O/RpuaR7Co4b9g3PpWGhmUurTIfwxr2sxIIp9CjqRFtNv8Xsn82/K/5KZCnop9VQcwANoqoklQHL2Wn+gTuUlG1KhIcAy9YQDgjw7+85xtvel3KdZHwji2g7jJjrQ2A3ZwClGaOAOCwFmMnNp5XPeDnvDJVd2PrB5vQB3xreJs1KT7mvjQ7QfnMumi3ljZpX9oiYF6laYxZ+LN2T4noagBztyCw9Wkh47IbCNZQ==~1; SRCHHPGUSR=SRCHLANG=en&HV=1735125826&DM=0&NTWKTYP=4g&BRW=M&BRH=S&CW=1280&CH=601&SCW=1263&SCH=1710&DPR=1.0&UTC=0&PV=10.0&WTS=63870722555

Response

HTTP/1.1 200 OK

Content-Length: 2959
Content-Type: text/html; charset=utf-8
Cache-Control: private
Content-Encoding: br
Vary: Accept-Encoding
X-EventID: 676beb44adb74219ad9cce13be617625
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, ECT, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
UserAgentReductionOptOut: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
Content-Security-Policy: script-src https: 'strict-dynamic' 'report-sample' 'wasm-unsafe-eval' 'nonce-Tlbsa37vRgqRcRK3b4tqmApmhAL41JLMJ7/zba5wsic='; base-uri 'self';report-to csp-endpoint
Report-To: {"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
Date: Wed, 25 Dec 2024 11:23:48 GMT
Connection: keep-alive
Set-Cookie: SRCHHPGUSR=SRCHLANG=en&HV=1735125826&DM=0&NTWKTYP=4g&BRW=M&BRH=S&CW=1280&CH=601&SCW=1263&SCH=1710&DPR=1.0&UTC=0&PV=10.0&WTS=63870722555; domain=.bing.com; expires=Mon, 19-Jan-2026 11:23:48 GMT; path=/; secure; SameSite=None
Set-Cookie: SRCHS=; domain=.bing.com; expires=Thu, 01-Jan-1970 08:00:00 GMT; path=/; secure; SameSite=None
Set-Cookie: SRCHS=; expires=Thu, 01-Jan-1970 08:00:00 GMT; path=/; secure; SameSite=None
Set-Cookie: bm_sv=; domain=.bing.com; expires=Thu, 01-Jan-1970 08:00:00 GMT; path=/; secure; SameSite=None
Set-Cookie: bm_sv=; expires=Thu, 01-Jan-1970 08:00:00 GMT; path=/; secure; SameSite=None
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.91c2645f.1735125828.134a3523
GET

https://www.bing.com/fd/ls/l?IG=D0DCDB97B59A4F31AEB54F45F397A531&Type=Event.ClientInst&DATA=[{%22T%22:%22CI.SERPSB%22,%22FID%22:%22CI%22,%22Name%22:%22CharCount%22,%22Text%22:%2214%22}]

msedge.exe

Remote address:

95.100.195.154:443

Request

GET /fd/ls/l?IG=D0DCDB97B59A4F31AEB54F45F397A531&Type=Event.ClientInst&DATA=[{%22T%22:%22CI.SERPSB%22,%22FID%22:%22CI%22,%22Name%22:%22CharCount%22,%22Text%22:%2214%22}] HTTP/1.1
Host: www.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "90.0.818.66"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://www.bing.com/search?q=free+minecraft&cvid=da51f10fee9e4c68929b4d4f7a55def8&aqs=edge..69i57j0l6.3039j0j4&FORM=ANAB01&PC=U531
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=2338596C739167DE37764C0C725866D5; _EDGE_S=F=1&SID=1237EDD3F7EE629C1C5CF8B3F6276339; _EDGE_V=1; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=2D3226E919DD4358A046111CD2C18B22&dmnchg=1; ak_bmsc=2A9335954D3F56E8581EF560E67280CB~000000000000000000000000000000~YAAQhsJkX5eApu2TAQAAQ+eN/RpUqnTT3y0DuOK4JGYnvggFsOXTypTxjSCS2H/QHcqS5/tt98eklF8q24NGXIrzGoufZex6A1fFaYI0HtCXNAmQuV1svccr7m0EXvJ3VvliO+T1k61J9zAUzKtvK2aFs+ul2wAp1uSxNBsiIbRqpqM21hvia0At3e0RLJ7oOrbVsPPZhWTy7+l4ng/bARBf2Hwh2Ap9CsYKoENVXG7Icivuznsh1z4QWy7x5jhQ5Twh6GJQWj3Cg93jzNv5+Rs3xceCOyquicxIYQLJl7UKGsyFt8bjgA/kFCSH4lUnNfL6QPoIcGDmvCsT7fakphMixxP8B6mS1w3OGaqmpzjdjZwbF8wiVNy9Hx2soDk=; MUIDB=2338596C739167DE37764C0C725866D5; SRCHUSR=DOB=20241225&T=1735125755000; _C_ETH=1; _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-12-25T08:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-12-25T11:22:41.1737217+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _Rwho=u=d&ts=2024-12-25; _SS=PC=U531&SID=1237EDD3F7EE629C1C5CF8B3F6276339&R=3&RB=0&GB=0&RG=200&RP=0; USRLOC=HS=1&BLOCK=TS=241225112241; ipv6=hit=1735129361377&t=4; MSPTC=0sId-ydt5KET1eJHPZpHrN8OIiMSzBo8-a6MuCxIyXw; SRCHS=PC=U531; bm_sv=134AFBE15FCC1878E655F6869AC42D89~YAAQkcJkX/mThOyTAQAA1v6O/RpuaR7Co4b9g3PpWGhmUurTIfwxr2sxIIp9CjqRFtNv8Xsn82/K/5KZCnop9VQcwANoqoklQHL2Wn+gTuUlG1KhIcAy9YQDgjw7+85xtvel3KdZHwji2g7jJjrQ2A3ZwClGaOAOCwFmMnNp5XPeDnvDJVd2PrB5vQB3xreJs1KT7mvjQ7QfnMumi3ljZpX9oiYF6laYxZ+LN2T4noagBztyCw9Wkh47IbCNZQ==~1; SRCHHPGUSR=SRCHLANG=en&HV=1735125826&DM=0&NTWKTYP=4g&BRW=M&BRH=S&CW=1280&CH=601&SCW=1263&SCH=1710&DPR=1.0&UTC=0&PV=10.0&WTS=63870722555

Response

HTTP/1.1 200 OK

Content-Length: 0
Access-Control-Allow-Origin: *
Date: Wed, 25 Dec 2024 11:23:48 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.91c2645f.1735125828.134a35cd
GET

https://www.bing.com/fd/ls/l?IG=D0DCDB97B59A4F31AEB54F45F397A531&TYPE=Event.ClientInst&DATA=%5B%7B%22T%22%3A%22CI.DevLoc%22%2C%22TS%22%3A1735125827154%2C%22Name%22%3A%22Perm_Available%22%2C%22FID%22%3A%22AutoPrompt%22%7D%5D

msedge.exe

Remote address:

95.100.195.154:443

Request

GET /fd/ls/l?IG=D0DCDB97B59A4F31AEB54F45F397A531&TYPE=Event.ClientInst&DATA=%5B%7B%22T%22%3A%22CI.DevLoc%22%2C%22TS%22%3A1735125827154%2C%22Name%22%3A%22Perm_Available%22%2C%22FID%22%3A%22AutoPrompt%22%7D%5D HTTP/1.1
Host: www.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "90.0.818.66"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://www.bing.com/search?q=free+minecraft&cvid=da51f10fee9e4c68929b4d4f7a55def8&aqs=edge..69i57j0l6.3039j0j4&FORM=ANAB01&PC=U531
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=2338596C739167DE37764C0C725866D5; _EDGE_S=F=1&SID=1237EDD3F7EE629C1C5CF8B3F6276339; _EDGE_V=1; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=2D3226E919DD4358A046111CD2C18B22&dmnchg=1; ak_bmsc=2A9335954D3F56E8581EF560E67280CB~000000000000000000000000000000~YAAQhsJkX5eApu2TAQAAQ+eN/RpUqnTT3y0DuOK4JGYnvggFsOXTypTxjSCS2H/QHcqS5/tt98eklF8q24NGXIrzGoufZex6A1fFaYI0HtCXNAmQuV1svccr7m0EXvJ3VvliO+T1k61J9zAUzKtvK2aFs+ul2wAp1uSxNBsiIbRqpqM21hvia0At3e0RLJ7oOrbVsPPZhWTy7+l4ng/bARBf2Hwh2Ap9CsYKoENVXG7Icivuznsh1z4QWy7x5jhQ5Twh6GJQWj3Cg93jzNv5+Rs3xceCOyquicxIYQLJl7UKGsyFt8bjgA/kFCSH4lUnNfL6QPoIcGDmvCsT7fakphMixxP8B6mS1w3OGaqmpzjdjZwbF8wiVNy9Hx2soDk=; MUIDB=2338596C739167DE37764C0C725866D5; SRCHUSR=DOB=20241225&T=1735125755000; _Rwho=u=d&ts=2024-12-25; USRLOC=HS=1&BLOCK=TS=241225112241; ipv6=hit=1735129361377&t=4; MSPTC=0sId-ydt5KET1eJHPZpHrN8OIiMSzBo8-a6MuCxIyXw; SRCHHPGUSR=SRCHLANG=en&HV=1735125826&DM=0&NTWKTYP=4g&BRW=M&BRH=S&CW=1280&CH=601&SCW=1263&SCH=1710&DPR=1.0&UTC=0&PV=10.0&WTS=63870722555; _RwBf=r=0&ilt=2&ihpd=0&ispd=2&rc=6&rb=0&gb=0&rg=200&pc=3&mtu=0&rbb=0&g=0&cid=&clo=0&v=2&l=2024-12-25T08:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-12-25T11:23:48.6196096+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _SS=PC=U531&SID=1237EDD3F7EE629C1C5CF8B3F6276339&R=6&RB=0&GB=0&RG=200&RP=3

Response

HTTP/1.1 200 OK

Content-Length: 0
Access-Control-Allow-Origin: *
Date: Wed, 25 Dec 2024 11:23:48 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.91c2645f.1735125828.134a36a8
GET

https://www.bing.com/fd/ls/l?IG=D0DCDB97B59A4F31AEB54F45F397A531&TYPE=Event.ClientInst&DATA=%5B%7B%22T%22%3A%22CI.DevLoc%22%2C%22TS%22%3A1735125827404%2C%22Name%22%3A%22BlockSuccess%22%2C%22FID%22%3A%22AutoPrompt%22%7D%5D

msedge.exe

Remote address:

95.100.195.154:443

Request

GET /fd/ls/l?IG=D0DCDB97B59A4F31AEB54F45F397A531&TYPE=Event.ClientInst&DATA=%5B%7B%22T%22%3A%22CI.DevLoc%22%2C%22TS%22%3A1735125827404%2C%22Name%22%3A%22BlockSuccess%22%2C%22FID%22%3A%22AutoPrompt%22%7D%5D HTTP/1.1
Host: www.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "90.0.818.66"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://www.bing.com/search?q=free+minecraft&cvid=da51f10fee9e4c68929b4d4f7a55def8&aqs=edge..69i57j0l6.3039j0j4&FORM=ANAB01&PC=U531
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=2338596C739167DE37764C0C725866D5; _EDGE_S=F=1&SID=1237EDD3F7EE629C1C5CF8B3F6276339; _EDGE_V=1; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=2D3226E919DD4358A046111CD2C18B22&dmnchg=1; ak_bmsc=2A9335954D3F56E8581EF560E67280CB~000000000000000000000000000000~YAAQhsJkX5eApu2TAQAAQ+eN/RpUqnTT3y0DuOK4JGYnvggFsOXTypTxjSCS2H/QHcqS5/tt98eklF8q24NGXIrzGoufZex6A1fFaYI0HtCXNAmQuV1svccr7m0EXvJ3VvliO+T1k61J9zAUzKtvK2aFs+ul2wAp1uSxNBsiIbRqpqM21hvia0At3e0RLJ7oOrbVsPPZhWTy7+l4ng/bARBf2Hwh2Ap9CsYKoENVXG7Icivuznsh1z4QWy7x5jhQ5Twh6GJQWj3Cg93jzNv5+Rs3xceCOyquicxIYQLJl7UKGsyFt8bjgA/kFCSH4lUnNfL6QPoIcGDmvCsT7fakphMixxP8B6mS1w3OGaqmpzjdjZwbF8wiVNy9Hx2soDk=; MUIDB=2338596C739167DE37764C0C725866D5; SRCHUSR=DOB=20241225&T=1735125755000; _Rwho=u=d&ts=2024-12-25; ipv6=hit=1735129361377&t=4; MSPTC=0sId-ydt5KET1eJHPZpHrN8OIiMSzBo8-a6MuCxIyXw; SRCHHPGUSR=SRCHLANG=en&HV=1735125826&DM=0&NTWKTYP=4g&BRW=M&BRH=S&CW=1280&CH=601&SCW=1263&SCH=1710&DPR=1.0&UTC=0&PV=10.0&WTS=63870722555; _RwBf=r=0&ilt=2&ihpd=0&ispd=2&rc=6&rb=0&gb=0&rg=200&pc=3&mtu=0&rbb=0&g=0&cid=&clo=0&v=2&l=2024-12-25T08:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-12-25T11:23:48.6196096+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _SS=PC=U531&SID=1237EDD3F7EE629C1C5CF8B3F6276339&R=6&RB=0&GB=0&RG=200&RP=3; USRLOC=HS=1&BLOCK=TS=241225112348

Response

HTTP/1.1 200 OK

Content-Length: 0
Access-Control-Allow-Origin: *
Date: Wed, 25 Dec 2024 11:23:48 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.91c2645f.1735125828.134a3751
POST

https://www.bing.com/fd/ls/lsp.aspx?

msedge.exe

Remote address:

95.100.195.154:443

Request

POST /fd/ls/lsp.aspx? HTTP/1.1
Host: www.bing.com
Connection: keep-alive
Content-Length: 255
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "90.0.818.66"
sec-ch-ua-platform-version: "10.0"
Content-Type: text/plain;charset=UTF-8
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
Accept: */*
Origin: https://www.bing.com
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/search?q=free+minecraft&cvid=da51f10fee9e4c68929b4d4f7a55def8&aqs=edge..69i57j0l6.3039j0j4&FORM=ANAB01&PC=U531
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=2338596C739167DE37764C0C725866D5; _EDGE_S=F=1&SID=1237EDD3F7EE629C1C5CF8B3F6276339; _EDGE_V=1; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=2D3226E919DD4358A046111CD2C18B22&dmnchg=1; ak_bmsc=2A9335954D3F56E8581EF560E67280CB~000000000000000000000000000000~YAAQhsJkX5eApu2TAQAAQ+eN/RpUqnTT3y0DuOK4JGYnvggFsOXTypTxjSCS2H/QHcqS5/tt98eklF8q24NGXIrzGoufZex6A1fFaYI0HtCXNAmQuV1svccr7m0EXvJ3VvliO+T1k61J9zAUzKtvK2aFs+ul2wAp1uSxNBsiIbRqpqM21hvia0At3e0RLJ7oOrbVsPPZhWTy7+l4ng/bARBf2Hwh2Ap9CsYKoENVXG7Icivuznsh1z4QWy7x5jhQ5Twh6GJQWj3Cg93jzNv5+Rs3xceCOyquicxIYQLJl7UKGsyFt8bjgA/kFCSH4lUnNfL6QPoIcGDmvCsT7fakphMixxP8B6mS1w3OGaqmpzjdjZwbF8wiVNy9Hx2soDk=; MUIDB=2338596C739167DE37764C0C725866D5; SRCHUSR=DOB=20241225&T=1735125755000; _Rwho=u=d&ts=2024-12-25; ipv6=hit=1735129361377&t=4; MSPTC=0sId-ydt5KET1eJHPZpHrN8OIiMSzBo8-a6MuCxIyXw; SRCHHPGUSR=SRCHLANG=en&HV=1735125826&DM=0&NTWKTYP=4g&BRW=M&BRH=S&CW=1280&CH=601&SCW=1263&SCH=1710&DPR=1.0&UTC=0&PV=10.0&WTS=63870722555; _RwBf=r=0&ilt=2&ihpd=0&ispd=2&rc=6&rb=0&gb=0&rg=200&pc=3&mtu=0&rbb=0&g=0&cid=&clo=0&v=2&l=2024-12-25T08:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-12-25T11:23:48.6196096+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _SS=PC=U531&SID=1237EDD3F7EE629C1C5CF8B3F6276339&R=6&RB=0&GB=0&RG=200&RP=3; USRLOC=HS=1&BLOCK=TS=241225112348

Response

HTTP/1.1 204 No Content

Access-Control-Allow-Origin: *
Date: Wed, 25 Dec 2024 11:23:49 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.91c2645f.1735125829.134a3847
POST

https://www.bing.com/fd/ls/GLinkPingPost.aspx?IG=D0DCDB97B59A4F31AEB54F45F397A531&ID=SERP,5130.2&url=https%3A%2F%2Fwww.bing.com%2Fck%2Fa%3F!%26%26p%3D44d1689868f0fb52755d18dc98d4a015a75ce938d34cba8c7bd7eda29c53abf0JmltdHM9MTczNTA4NDgwMA%26ptn%3D3%26ver%3D2%26hsh%3D4%26fclid%3D2338596c-7391-67de-3776-4c0c725866d5%26psq%3Dfree%2Bminecraft%26u%3Da1aHR0cHM6Ly93d3cubWNiYnMubmV0L2ZvcnVtLnBocD9tb2Q9Zm9ydW1kaXNwbGF5JmZpZD00NzkmdHlwZWlkPTEwMjgmb3JkZXJieT1sYXN0cG9zdCZ0eXBlaWQ9MTAyOCZvcmRlcmJ5PWxhc3Rwb3N0JmZpbHRlcj10eXBlaWQmcGFnZT00%26ntb%3D1

msedge.exe

Remote address:

95.100.195.154:443

Request

POST /fd/ls/GLinkPingPost.aspx?IG=D0DCDB97B59A4F31AEB54F45F397A531&ID=SERP,5130.2&url=https%3A%2F%2Fwww.bing.com%2Fck%2Fa%3F!%26%26p%3D44d1689868f0fb52755d18dc98d4a015a75ce938d34cba8c7bd7eda29c53abf0JmltdHM9MTczNTA4NDgwMA%26ptn%3D3%26ver%3D2%26hsh%3D4%26fclid%3D2338596c-7391-67de-3776-4c0c725866d5%26psq%3Dfree%2Bminecraft%26u%3Da1aHR0cHM6Ly93d3cubWNiYnMubmV0L2ZvcnVtLnBocD9tb2Q9Zm9ydW1kaXNwbGF5JmZpZD00NzkmdHlwZWlkPTEwMjgmb3JkZXJieT1sYXN0cG9zdCZ0eXBlaWQ9MTAyOCZvcmRlcmJ5PWxhc3Rwb3N0JmZpbHRlcj10eXBlaWQmcGFnZT00%26ntb%3D1 HTTP/1.1
Host: www.bing.com
Connection: keep-alive
Content-Length: 0
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "90.0.818.66"
sec-ch-ua-platform-version: "10.0"
Content-Type: text/plain;charset=UTF-8
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
Accept: */*
Origin: https://www.bing.com
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/search?q=free+minecraft&cvid=da51f10fee9e4c68929b4d4f7a55def8&aqs=edge..69i57j0l6.3039j0j4&FORM=ANAB01&PC=U531
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=2338596C739167DE37764C0C725866D5; _EDGE_S=F=1&SID=1237EDD3F7EE629C1C5CF8B3F6276339; _EDGE_V=1; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=2D3226E919DD4358A046111CD2C18B22&dmnchg=1; ak_bmsc=2A9335954D3F56E8581EF560E67280CB~000000000000000000000000000000~YAAQhsJkX5eApu2TAQAAQ+eN/RpUqnTT3y0DuOK4JGYnvggFsOXTypTxjSCS2H/QHcqS5/tt98eklF8q24NGXIrzGoufZex6A1fFaYI0HtCXNAmQuV1svccr7m0EXvJ3VvliO+T1k61J9zAUzKtvK2aFs+ul2wAp1uSxNBsiIbRqpqM21hvia0At3e0RLJ7oOrbVsPPZhWTy7+l4ng/bARBf2Hwh2Ap9CsYKoENVXG7Icivuznsh1z4QWy7x5jhQ5Twh6GJQWj3Cg93jzNv5+Rs3xceCOyquicxIYQLJl7UKGsyFt8bjgA/kFCSH4lUnNfL6QPoIcGDmvCsT7fakphMixxP8B6mS1w3OGaqmpzjdjZwbF8wiVNy9Hx2soDk=; MUIDB=2338596C739167DE37764C0C725866D5; SRCHUSR=DOB=20241225&T=1735125755000; _Rwho=u=d&ts=2024-12-25; ipv6=hit=1735129361377&t=4; MSPTC=0sId-ydt5KET1eJHPZpHrN8OIiMSzBo8-a6MuCxIyXw; SRCHHPGUSR=SRCHLANG=en&HV=1735125826&DM=0&NTWKTYP=4g&BRW=M&BRH=S&CW=1280&CH=601&SCW=1263&SCH=1710&DPR=1.0&UTC=0&PV=10.0&WTS=63870722555; _RwBf=r=0&ilt=2&ihpd=0&ispd=2&rc=6&rb=0&gb=0&rg=200&pc=3&mtu=0&rbb=0&g=0&cid=&clo=0&v=2&l=2024-12-25T08:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-12-25T11:23:48.6196096+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _SS=PC=U531&SID=1237EDD3F7EE629C1C5CF8B3F6276339&R=6&RB=0&GB=0&RG=200&RP=3; USRLOC=HS=1&BLOCK=TS=241225112348

Response

HTTP/1.1 200 OK

Cache-Control: private
P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
Access-Control-Allow-Origin: *
X-EventID: 676beb47d1f845e6bb2398ab42579c0e
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, ECT, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
UserAgentReductionOptOut: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
Content-Security-Policy: script-src https: 'strict-dynamic' 'report-sample' 'wasm-unsafe-eval' 'nonce-yZda3W4XBJUohGZic/jr/tT0F4CgEx9GbWrPklQCttA='; base-uri 'self';report-to csp-endpoint
Report-To: {"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
X-MSEdge-Ref: Ref A: 6E52109FC3E74F86BF45C42D0704619B Ref B: LON601060104011 Ref C: 2024-12-25T11:23:51Z
Content-Length: 0
Date: Wed, 25 Dec 2024 11:23:51 GMT
Connection: keep-alive
Set-Cookie: MUIDB=2338596C739167DE37764C0C725866D5; expires=Mon, 19-Jan-2026 11:23:51 GMT; path=/; HttpOnly
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.91c2645f.1735125831.134a3c58
POST

https://www.bing.com/fd/ls/lsp.aspx

msedge.exe

Remote address:

95.100.195.154:443

Request

POST /fd/ls/lsp.aspx HTTP/1.1
Host: www.bing.com
Connection: keep-alive
Content-Length: 19337
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "90.0.818.66"
sec-ch-ua-platform-version: "10.0"
Content-Type: text/plain
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
Accept: */*
Origin: https://www.bing.com
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/search?q=free+minecraft&cvid=da51f10fee9e4c68929b4d4f7a55def8&aqs=edge..69i57j0l6.3039j0j4&FORM=ANAB01&PC=U531
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=2338596C739167DE37764C0C725866D5; _EDGE_S=F=1&SID=1237EDD3F7EE629C1C5CF8B3F6276339; _EDGE_V=1; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=2D3226E919DD4358A046111CD2C18B22&dmnchg=1; ak_bmsc=2A9335954D3F56E8581EF560E67280CB~000000000000000000000000000000~YAAQhsJkX5eApu2TAQAAQ+eN/RpUqnTT3y0DuOK4JGYnvggFsOXTypTxjSCS2H/QHcqS5/tt98eklF8q24NGXIrzGoufZex6A1fFaYI0HtCXNAmQuV1svccr7m0EXvJ3VvliO+T1k61J9zAUzKtvK2aFs+ul2wAp1uSxNBsiIbRqpqM21hvia0At3e0RLJ7oOrbVsPPZhWTy7+l4ng/bARBf2Hwh2Ap9CsYKoENVXG7Icivuznsh1z4QWy7x5jhQ5Twh6GJQWj3Cg93jzNv5+Rs3xceCOyquicxIYQLJl7UKGsyFt8bjgA/kFCSH4lUnNfL6QPoIcGDmvCsT7fakphMixxP8B6mS1w3OGaqmpzjdjZwbF8wiVNy9Hx2soDk=; MUIDB=2338596C739167DE37764C0C725866D5; SRCHUSR=DOB=20241225&T=1735125755000; _Rwho=u=d&ts=2024-12-25; ipv6=hit=1735129361377&t=4; MSPTC=0sId-ydt5KET1eJHPZpHrN8OIiMSzBo8-a6MuCxIyXw; SRCHHPGUSR=SRCHLANG=en&HV=1735125826&DM=0&NTWKTYP=4g&BRW=M&BRH=S&CW=1280&CH=601&SCW=1263&SCH=1710&DPR=1.0&UTC=0&PV=10.0&WTS=63870722555; _RwBf=r=0&ilt=2&ihpd=0&ispd=2&rc=6&rb=0&gb=0&rg=200&pc=3&mtu=0&rbb=0&g=0&cid=&clo=0&v=2&l=2024-12-25T08:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-12-25T11:23:48.6196096+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _SS=PC=U531&SID=1237EDD3F7EE629C1C5CF8B3F6276339&R=6&RB=0&GB=0&RG=200&RP=3; USRLOC=HS=1&BLOCK=TS=241225112348

Response

HTTP/1.1 204 No Content

Access-Control-Allow-Origin: *
Date: Wed, 25 Dec 2024 11:23:51 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.91c2645f.1735125831.134a4505
GET

https://www.bing.com/fd/ls/l?IG=D0DCDB97B59A4F31AEB54F45F397A531&Type=Event.CPT&DATA={%22pp%22:{%22S%22:%22L%22,%22FC%22:213,%22BC%22:213,%22SE%22:-1,%22TC%22:-1,%22H%22:345,%22BP%22:566,%22CT%22:570,%22IL%22:1},%22ad%22:[-1,-1,1263,601,1263,1710,0],%22net%22:%22undefined%22}&P=SERP&DA=DUBE01

msedge.exe

Remote address:

95.100.195.154:443

Request

GET /fd/ls/l?IG=D0DCDB97B59A4F31AEB54F45F397A531&Type=Event.CPT&DATA={%22pp%22:{%22S%22:%22L%22,%22FC%22:213,%22BC%22:213,%22SE%22:-1,%22TC%22:-1,%22H%22:345,%22BP%22:566,%22CT%22:570,%22IL%22:1},%22ad%22:[-1,-1,1263,601,1263,1710,0],%22net%22:%22undefined%22}&P=SERP&DA=DUBE01 HTTP/1.1
Host: www.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "90.0.818.66"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://www.bing.com/search?q=free+minecraft&cvid=da51f10fee9e4c68929b4d4f7a55def8&aqs=edge..69i57j0l6.3039j0j4&FORM=ANAB01&PC=U531
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=2338596C739167DE37764C0C725866D5; _EDGE_S=F=1&SID=1237EDD3F7EE629C1C5CF8B3F6276339; _EDGE_V=1; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=2D3226E919DD4358A046111CD2C18B22&dmnchg=1; ak_bmsc=2A9335954D3F56E8581EF560E67280CB~000000000000000000000000000000~YAAQhsJkX5eApu2TAQAAQ+eN/RpUqnTT3y0DuOK4JGYnvggFsOXTypTxjSCS2H/QHcqS5/tt98eklF8q24NGXIrzGoufZex6A1fFaYI0HtCXNAmQuV1svccr7m0EXvJ3VvliO+T1k61J9zAUzKtvK2aFs+ul2wAp1uSxNBsiIbRqpqM21hvia0At3e0RLJ7oOrbVsPPZhWTy7+l4ng/bARBf2Hwh2Ap9CsYKoENVXG7Icivuznsh1z4QWy7x5jhQ5Twh6GJQWj3Cg93jzNv5+Rs3xceCOyquicxIYQLJl7UKGsyFt8bjgA/kFCSH4lUnNfL6QPoIcGDmvCsT7fakphMixxP8B6mS1w3OGaqmpzjdjZwbF8wiVNy9Hx2soDk=; MUIDB=2338596C739167DE37764C0C725866D5; SRCHUSR=DOB=20241225&T=1735125755000; _C_ETH=1; _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-12-25T08:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-12-25T11:22:41.1737217+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _Rwho=u=d&ts=2024-12-25; _SS=PC=U531&SID=1237EDD3F7EE629C1C5CF8B3F6276339&R=3&RB=0&GB=0&RG=200&RP=0; USRLOC=HS=1&BLOCK=TS=241225112241; ipv6=hit=1735129361377&t=4; MSPTC=0sId-ydt5KET1eJHPZpHrN8OIiMSzBo8-a6MuCxIyXw; SRCHS=PC=U531; bm_sv=134AFBE15FCC1878E655F6869AC42D89~YAAQkcJkX/mThOyTAQAA1v6O/RpuaR7Co4b9g3PpWGhmUurTIfwxr2sxIIp9CjqRFtNv8Xsn82/K/5KZCnop9VQcwANoqoklQHL2Wn+gTuUlG1KhIcAy9YQDgjw7+85xtvel3KdZHwji2g7jJjrQ2A3ZwClGaOAOCwFmMnNp5XPeDnvDJVd2PrB5vQB3xreJs1KT7mvjQ7QfnMumi3ljZpX9oiYF6laYxZ+LN2T4noagBztyCw9Wkh47IbCNZQ==~1; SRCHHPGUSR=SRCHLANG=en&HV=1735125826&DM=0&NTWKTYP=4g&BRW=M&BRH=S&CW=1280&CH=601&SCW=1263&SCH=1983&DPR=1.0&UTC=0&PV=10.0&WTS=63870722555

Response

HTTP/1.1 200 OK

Content-Length: 0
Access-Control-Allow-Origin: *
Date: Wed, 25 Dec 2024 11:23:48 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.98c2645f.1735125828.2bc28c55
GET

https://www.bing.com/fd/ls/l?IG=D0DCDB97B59A4F31AEB54F45F397A531&TYPE=Event.ClientInst&DATA=%5B%7B%22T%22%3A%22CI.Init%22%2C%22TS%22%3A1735125826617%2C%22Name%22%3A%22Base%22%2C%22FID%22%3A%22CI%22%7D%2C%7B%22Rtt%22%3A%22150%22%2C%22Downlink%22%3A%225.4%22%2C%22T%22%3A%22CI.NetworkPerformance%22%2C%22TS%22%3A1735125826617%2C%22Name%22%3A%22timinginfo%22%2C%22FID%22%3A%22NetworkPerformanceDetails%22%7D%2C%7B%22T%22%3A%22CI.SCArrST%22%2C%22TS%22%3A1735125826877%2C%22Name%22%3A411%2C%22FID%22%3A%22SCArrST%22%7D%2C%7B%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1735125826896%2C%22Name%22%3A%220%22%2C%22FID%22%3A%22EdgeSpoofing%22%7D%2C%7B%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1735125826902%2C%22Name%22%3A%220%22%2C%22FID%22%3A%22DM%22%7D%5D

msedge.exe

Remote address:

95.100.195.154:443

Request

GET /fd/ls/l?IG=D0DCDB97B59A4F31AEB54F45F397A531&TYPE=Event.ClientInst&DATA=%5B%7B%22T%22%3A%22CI.Init%22%2C%22TS%22%3A1735125826617%2C%22Name%22%3A%22Base%22%2C%22FID%22%3A%22CI%22%7D%2C%7B%22Rtt%22%3A%22150%22%2C%22Downlink%22%3A%225.4%22%2C%22T%22%3A%22CI.NetworkPerformance%22%2C%22TS%22%3A1735125826617%2C%22Name%22%3A%22timinginfo%22%2C%22FID%22%3A%22NetworkPerformanceDetails%22%7D%2C%7B%22T%22%3A%22CI.SCArrST%22%2C%22TS%22%3A1735125826877%2C%22Name%22%3A411%2C%22FID%22%3A%22SCArrST%22%7D%2C%7B%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1735125826896%2C%22Name%22%3A%220%22%2C%22FID%22%3A%22EdgeSpoofing%22%7D%2C%7B%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1735125826902%2C%22Name%22%3A%220%22%2C%22FID%22%3A%22DM%22%7D%5D HTTP/1.1
Host: www.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "90.0.818.66"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://www.bing.com/search?q=free+minecraft&cvid=da51f10fee9e4c68929b4d4f7a55def8&aqs=edge..69i57j0l6.3039j0j4&FORM=ANAB01&PC=U531
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=2338596C739167DE37764C0C725866D5; _EDGE_S=F=1&SID=1237EDD3F7EE629C1C5CF8B3F6276339; _EDGE_V=1; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=2D3226E919DD4358A046111CD2C18B22&dmnchg=1; ak_bmsc=2A9335954D3F56E8581EF560E67280CB~000000000000000000000000000000~YAAQhsJkX5eApu2TAQAAQ+eN/RpUqnTT3y0DuOK4JGYnvggFsOXTypTxjSCS2H/QHcqS5/tt98eklF8q24NGXIrzGoufZex6A1fFaYI0HtCXNAmQuV1svccr7m0EXvJ3VvliO+T1k61J9zAUzKtvK2aFs+ul2wAp1uSxNBsiIbRqpqM21hvia0At3e0RLJ7oOrbVsPPZhWTy7+l4ng/bARBf2Hwh2Ap9CsYKoENVXG7Icivuznsh1z4QWy7x5jhQ5Twh6GJQWj3Cg93jzNv5+Rs3xceCOyquicxIYQLJl7UKGsyFt8bjgA/kFCSH4lUnNfL6QPoIcGDmvCsT7fakphMixxP8B6mS1w3OGaqmpzjdjZwbF8wiVNy9Hx2soDk=; MUIDB=2338596C739167DE37764C0C725866D5; SRCHUSR=DOB=20241225&T=1735125755000; _C_ETH=1; _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-12-25T08:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-12-25T11:22:41.1737217+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _Rwho=u=d&ts=2024-12-25; _SS=PC=U531&SID=1237EDD3F7EE629C1C5CF8B3F6276339&R=3&RB=0&GB=0&RG=200&RP=0; USRLOC=HS=1&BLOCK=TS=241225112241; ipv6=hit=1735129361377&t=4; MSPTC=0sId-ydt5KET1eJHPZpHrN8OIiMSzBo8-a6MuCxIyXw; SRCHS=PC=U531; bm_sv=134AFBE15FCC1878E655F6869AC42D89~YAAQkcJkX/mThOyTAQAA1v6O/RpuaR7Co4b9g3PpWGhmUurTIfwxr2sxIIp9CjqRFtNv8Xsn82/K/5KZCnop9VQcwANoqoklQHL2Wn+gTuUlG1KhIcAy9YQDgjw7+85xtvel3KdZHwji2g7jJjrQ2A3ZwClGaOAOCwFmMnNp5XPeDnvDJVd2PrB5vQB3xreJs1KT7mvjQ7QfnMumi3ljZpX9oiYF6laYxZ+LN2T4noagBztyCw9Wkh47IbCNZQ==~1; SRCHHPGUSR=SRCHLANG=en&HV=1735125826&DM=0&NTWKTYP=4g&BRW=M&BRH=S&CW=1280&CH=601&SCW=1263&SCH=1983&DPR=1.0&UTC=0&PV=10.0&WTS=63870722555

Response

HTTP/1.1 200 OK

Content-Length: 0
Access-Control-Allow-Origin: *
Date: Wed, 25 Dec 2024 11:23:48 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.98c2645f.1735125828.2bc29617
GET

https://www.bing.com/fd/ls/l?IG=D0DCDB97B59A4F31AEB54F45F397A531&TYPE=Event.ClientInst&DATA=%5B%7B%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1735125826920%2C%22Name%22%3A%224g%22%2C%22FID%22%3A%22NTWKTYP%22%7D%5D

msedge.exe

Remote address:

95.100.195.154:443

Request

GET /fd/ls/l?IG=D0DCDB97B59A4F31AEB54F45F397A531&TYPE=Event.ClientInst&DATA=%5B%7B%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1735125826920%2C%22Name%22%3A%224g%22%2C%22FID%22%3A%22NTWKTYP%22%7D%5D HTTP/1.1
Host: www.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "90.0.818.66"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://www.bing.com/search?q=free+minecraft&cvid=da51f10fee9e4c68929b4d4f7a55def8&aqs=edge..69i57j0l6.3039j0j4&FORM=ANAB01&PC=U531
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=2338596C739167DE37764C0C725866D5; _EDGE_S=F=1&SID=1237EDD3F7EE629C1C5CF8B3F6276339; _EDGE_V=1; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=2D3226E919DD4358A046111CD2C18B22&dmnchg=1; ak_bmsc=2A9335954D3F56E8581EF560E67280CB~000000000000000000000000000000~YAAQhsJkX5eApu2TAQAAQ+eN/RpUqnTT3y0DuOK4JGYnvggFsOXTypTxjSCS2H/QHcqS5/tt98eklF8q24NGXIrzGoufZex6A1fFaYI0HtCXNAmQuV1svccr7m0EXvJ3VvliO+T1k61J9zAUzKtvK2aFs+ul2wAp1uSxNBsiIbRqpqM21hvia0At3e0RLJ7oOrbVsPPZhWTy7+l4ng/bARBf2Hwh2Ap9CsYKoENVXG7Icivuznsh1z4QWy7x5jhQ5Twh6GJQWj3Cg93jzNv5+Rs3xceCOyquicxIYQLJl7UKGsyFt8bjgA/kFCSH4lUnNfL6QPoIcGDmvCsT7fakphMixxP8B6mS1w3OGaqmpzjdjZwbF8wiVNy9Hx2soDk=; MUIDB=2338596C739167DE37764C0C725866D5; SRCHUSR=DOB=20241225&T=1735125755000; _C_ETH=1; _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-12-25T08:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-12-25T11:22:41.1737217+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _Rwho=u=d&ts=2024-12-25; _SS=PC=U531&SID=1237EDD3F7EE629C1C5CF8B3F6276339&R=3&RB=0&GB=0&RG=200&RP=0; USRLOC=HS=1&BLOCK=TS=241225112241; ipv6=hit=1735129361377&t=4; MSPTC=0sId-ydt5KET1eJHPZpHrN8OIiMSzBo8-a6MuCxIyXw; SRCHS=PC=U531; bm_sv=134AFBE15FCC1878E655F6869AC42D89~YAAQkcJkX/mThOyTAQAA1v6O/RpuaR7Co4b9g3PpWGhmUurTIfwxr2sxIIp9CjqRFtNv8Xsn82/K/5KZCnop9VQcwANoqoklQHL2Wn+gTuUlG1KhIcAy9YQDgjw7+85xtvel3KdZHwji2g7jJjrQ2A3ZwClGaOAOCwFmMnNp5XPeDnvDJVd2PrB5vQB3xreJs1KT7mvjQ7QfnMumi3ljZpX9oiYF6laYxZ+LN2T4noagBztyCw9Wkh47IbCNZQ==~1; SRCHHPGUSR=SRCHLANG=en&HV=1735125826&DM=0&NTWKTYP=4g&BRW=M&BRH=S&CW=1280&CH=601&SCW=1263&SCH=1983&DPR=1.0&UTC=0&PV=10.0&WTS=63870722555

Response

HTTP/1.1 200 OK

Content-Length: 0
Access-Control-Allow-Origin: *
Date: Wed, 25 Dec 2024 11:23:48 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.98c2645f.1735125828.2bc29744
POST

https://www.bing.com/rewardsapp/ncheader?ver=52270063&IID=SERP.5051&IG=D0DCDB97B59A4F31AEB54F45F397A531

msedge.exe

Remote address:

95.100.195.154:443

Request

POST /rewardsapp/ncheader?ver=52270063&IID=SERP.5051&IG=D0DCDB97B59A4F31AEB54F45F397A531 HTTP/1.1
Host: www.bing.com
Connection: keep-alive
Content-Length: 4
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "90.0.818.66"
sec-ch-ua-platform-version: "10.0"
Content-type: application/x-www-form-urlencoded
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
Accept: */*
Origin: https://www.bing.com
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/search?q=free+minecraft&cvid=da51f10fee9e4c68929b4d4f7a55def8&aqs=edge..69i57j0l6.3039j0j4&FORM=ANAB01&PC=U531
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: _C_Auth=; MUID=2338596C739167DE37764C0C725866D5; _EDGE_S=F=1&SID=1237EDD3F7EE629C1C5CF8B3F6276339; _EDGE_V=1; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=2D3226E919DD4358A046111CD2C18B22&dmnchg=1; ak_bmsc=2A9335954D3F56E8581EF560E67280CB~000000000000000000000000000000~YAAQhsJkX5eApu2TAQAAQ+eN/RpUqnTT3y0DuOK4JGYnvggFsOXTypTxjSCS2H/QHcqS5/tt98eklF8q24NGXIrzGoufZex6A1fFaYI0HtCXNAmQuV1svccr7m0EXvJ3VvliO+T1k61J9zAUzKtvK2aFs+ul2wAp1uSxNBsiIbRqpqM21hvia0At3e0RLJ7oOrbVsPPZhWTy7+l4ng/bARBf2Hwh2Ap9CsYKoENVXG7Icivuznsh1z4QWy7x5jhQ5Twh6GJQWj3Cg93jzNv5+Rs3xceCOyquicxIYQLJl7UKGsyFt8bjgA/kFCSH4lUnNfL6QPoIcGDmvCsT7fakphMixxP8B6mS1w3OGaqmpzjdjZwbF8wiVNy9Hx2soDk=; MUIDB=2338596C739167DE37764C0C725866D5; SRCHUSR=DOB=20241225&T=1735125755000; _C_ETH=1; _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-12-25T08:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-12-25T11:22:41.1737217+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _Rwho=u=d&ts=2024-12-25; _SS=PC=U531&SID=1237EDD3F7EE629C1C5CF8B3F6276339&R=3&RB=0&GB=0&RG=200&RP=0; USRLOC=HS=1&BLOCK=TS=241225112241; ipv6=hit=1735129361377&t=4; MSPTC=0sId-ydt5KET1eJHPZpHrN8OIiMSzBo8-a6MuCxIyXw; SRCHS=PC=U531; bm_sv=134AFBE15FCC1878E655F6869AC42D89~YAAQkcJkX/mThOyTAQAA1v6O/RpuaR7Co4b9g3PpWGhmUurTIfwxr2sxIIp9CjqRFtNv8Xsn82/K/5KZCnop9VQcwANoqoklQHL2Wn+gTuUlG1KhIcAy9YQDgjw7+85xtvel3KdZHwji2g7jJjrQ2A3ZwClGaOAOCwFmMnNp5XPeDnvDJVd2PrB5vQB3xreJs1KT7mvjQ7QfnMumi3ljZpX9oiYF6laYxZ+LN2T4noagBztyCw9Wkh47IbCNZQ==~1; SRCHHPGUSR=SRCHLANG=en&HV=1735125827&DM=0&NTWKTYP=4g&BRW=M&BRH=S&CW=1280&CH=601&SCW=1263&SCH=1710&DPR=1.0&UTC=0&PV=10.0&WTS=63870722555

Response

HTTP/1.1 200 OK

Content-Length: 770
Content-Type: text/html; charset=utf-8
Cache-Control: no-cache, no-store, must-revalidate
Content-Encoding: br
Expires: -1
Pragma: no-cache
Vary: Accept-Encoding
X-EventID: 676beb448fb74a6289a0bd718976dcaf
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, ECT, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
UserAgentReductionOptOut: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
Content-Security-Policy: script-src https: 'strict-dynamic' 'report-sample' 'wasm-unsafe-eval' 'nonce-9XkIcnJmQeQQ/sKkR4iuhkqrW+cPz3EPHG+roibpQoo='; base-uri 'self';report-to csp-endpoint
Report-To: {"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
X-Ceto-ref: 676beb448fb74a6289a0bd718976dcaf|AFD:676beb448fb74a6289a0bd718976dcaf|2024-12-25T11:23:48.519Z
Date: Wed, 25 Dec 2024 11:23:48 GMT
Connection: keep-alive
Set-Cookie: _C_ETH=1; expires=Tue, 24 Dec 2024 11:23:48 GMT; domain=.bing.com; path=/; secure; httponly
Set-Cookie: _C_Auth=
Set-Cookie: SRCHS=; domain=.bing.com; expires=Thu, 01-Jan-1970 08:00:00 GMT; path=/; secure; SameSite=None
Set-Cookie: SRCHS=; expires=Thu, 01-Jan-1970 08:00:00 GMT; path=/; secure; SameSite=None
Set-Cookie: bm_sv=; domain=.bing.com; expires=Thu, 01-Jan-1970 08:00:00 GMT; path=/; secure; SameSite=None
Set-Cookie: bm_sv=; expires=Thu, 01-Jan-1970 08:00:00 GMT; path=/; secure; SameSite=None
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.98c2645f.1735125828.2bc297a6
GET

https://www.bing.com/geolocation/write?isBlocked=true&sid=1237EDD3F7EE629C1C5CF8B3F6276339&clientsid=undefined

msedge.exe

Remote address:

95.100.195.154:443

Request

GET /geolocation/write?isBlocked=true&sid=1237EDD3F7EE629C1C5CF8B3F6276339&clientsid=undefined HTTP/1.1
Host: www.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "90.0.818.66"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
Accept: */*
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/search?q=free+minecraft&cvid=da51f10fee9e4c68929b4d4f7a55def8&aqs=edge..69i57j0l6.3039j0j4&FORM=ANAB01&PC=U531
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=2338596C739167DE37764C0C725866D5; _EDGE_S=F=1&SID=1237EDD3F7EE629C1C5CF8B3F6276339; _EDGE_V=1; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=2D3226E919DD4358A046111CD2C18B22&dmnchg=1; ak_bmsc=2A9335954D3F56E8581EF560E67280CB~000000000000000000000000000000~YAAQhsJkX5eApu2TAQAAQ+eN/RpUqnTT3y0DuOK4JGYnvggFsOXTypTxjSCS2H/QHcqS5/tt98eklF8q24NGXIrzGoufZex6A1fFaYI0HtCXNAmQuV1svccr7m0EXvJ3VvliO+T1k61J9zAUzKtvK2aFs+ul2wAp1uSxNBsiIbRqpqM21hvia0At3e0RLJ7oOrbVsPPZhWTy7+l4ng/bARBf2Hwh2Ap9CsYKoENVXG7Icivuznsh1z4QWy7x5jhQ5Twh6GJQWj3Cg93jzNv5+Rs3xceCOyquicxIYQLJl7UKGsyFt8bjgA/kFCSH4lUnNfL6QPoIcGDmvCsT7fakphMixxP8B6mS1w3OGaqmpzjdjZwbF8wiVNy9Hx2soDk=; MUIDB=2338596C739167DE37764C0C725866D5; SRCHUSR=DOB=20241225&T=1735125755000; _C_ETH=1; _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-12-25T08:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-12-25T11:22:41.1737217+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _Rwho=u=d&ts=2024-12-25; _SS=PC=U531&SID=1237EDD3F7EE629C1C5CF8B3F6276339&R=3&RB=0&GB=0&RG=200&RP=0; USRLOC=HS=1&BLOCK=TS=241225112241; ipv6=hit=1735129361377&t=4; MSPTC=0sId-ydt5KET1eJHPZpHrN8OIiMSzBo8-a6MuCxIyXw; SRCHS=PC=U531; bm_sv=134AFBE15FCC1878E655F6869AC42D89~YAAQkcJkX/mThOyTAQAA1v6O/RpuaR7Co4b9g3PpWGhmUurTIfwxr2sxIIp9CjqRFtNv8Xsn82/K/5KZCnop9VQcwANoqoklQHL2Wn+gTuUlG1KhIcAy9YQDgjw7+85xtvel3KdZHwji2g7jJjrQ2A3ZwClGaOAOCwFmMnNp5XPeDnvDJVd2PrB5vQB3xreJs1KT7mvjQ7QfnMumi3ljZpX9oiYF6laYxZ+LN2T4noagBztyCw9Wkh47IbCNZQ==~1; SRCHHPGUSR=SRCHLANG=en&HV=1735125827&DM=0&NTWKTYP=4g&BRW=M&BRH=S&CW=1280&CH=601&SCW=1263&SCH=1710&DPR=1.0&UTC=0&PV=10.0&WTS=63870722555&EXLTT=1

Response

HTTP/1.1 200 OK

Cache-Control: private
Content-Length: 1
Content-Type: text/html
Content-Encoding: br
Vary: Accept-Encoding
P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
X-EventID: 676beb44221a4e02b8740cb497fbf750
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, ECT, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
UserAgentReductionOptOut: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
Content-Security-Policy: script-src https: 'strict-dynamic' 'report-sample' 'wasm-unsafe-eval' 'nonce-yu23OaFtJoLWVwG8GFNkYb2Ve/clR8s2WqYTQlev3Po='; base-uri 'self';report-to csp-endpoint
Report-To: {"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
X-MSEdge-Ref: Ref A: 15D69CFD211641CC89DC76B9836C11EF Ref B: LON601060107036 Ref C: 2024-12-25T11:23:48Z
Date: Wed, 25 Dec 2024 11:23:48 GMT
Connection: keep-alive
Set-Cookie: MUIDB=2338596C739167DE37764C0C725866D5; expires=Mon, 19-Jan-2026 11:23:48 GMT; path=/; HttpOnly
Set-Cookie: USRLOC=HS=1&BLOCK=TS=241225112348; domain=.bing.com; expires=Mon, 19-Jan-2026 11:23:48 GMT; path=/; secure; HttpOnly; SameSite=None
Set-Cookie: SRCHS=; domain=.bing.com; expires=Thu, 01-Jan-1970 08:00:00 GMT; path=/; secure; SameSite=None
Set-Cookie: SRCHS=; expires=Thu, 01-Jan-1970 08:00:00 GMT; path=/; secure; SameSite=None
Set-Cookie: bm_sv=; domain=.bing.com; expires=Thu, 01-Jan-1970 08:00:00 GMT; path=/; secure; SameSite=None
Set-Cookie: bm_sv=; expires=Thu, 01-Jan-1970 08:00:00 GMT; path=/; secure; SameSite=None
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.98c2645f.1735125828.2bc29881
GET

https://www.bing.com/fd/ls/l?IG=D0DCDB97B59A4F31AEB54F45F397A531&TYPE=Event.ClientInst&DATA=%5B%7B%22Text%22%3A%220%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1735125827154%2C%22Name%22%3A%22web%22%2C%22FID%22%3A%22DynScopeRank%22%7D%2C%7B%22Text%22%3A%221%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1735125827154%2C%22Name%22%3A%22images%22%2C%22FID%22%3A%22DynScopeRank%22%7D%2C%7B%22Text%22%3A%222%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1735125827154%2C%22Name%22%3A%22video%22%2C%22FID%22%3A%22DynScopeRank%22%7D%2C%7B%22Text%22%3A%223%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1735125827154%2C%22Name%22%3A%22local%22%2C%22FID%22%3A%22DynScopeRank%22%7D%2C%7B%22Text%22%3A%224%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1735125827154%2C%22Name%22%3A%22news%22%2C%22FID%22%3A%22DynScopeRank%22%7D%2C%7B%22Text%22%3A%225%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1735125827154%2C%22Name%22%3A%22shop%22%2C%22FID%22%3A%22DynScopeRank%22%7D%2C%7B%22Text%22%3A%226%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1735125827154%2C%22Name%22%3A%22flights%22%2C%22FID%22%3A%22DynScopeRank%22%7D%2C%7B%22Text%22%3A%227%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1735125827154%2C%22Name%22%3A%22travelhub%22%2C%22FID%22%3A%22DynScopeRank%22%7D%2C%7B%22Text%22%3A%228%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1735125827154%2C%22Name%22%3A%22hotels%22%2C%22FID%22%3A%22DynScopeRank%22%7D%2C%7B%22T%22%3A%22CI.DevLoc%22%2C%22TS%22%3A1735125827170%2C%22Name%22%3A%22Perm_Denied%22%2C%22FID%22%3A%22AutoPrompt%22%7D%5D

msedge.exe

Remote address:

95.100.195.154:443

Request

GET /fd/ls/l?IG=D0DCDB97B59A4F31AEB54F45F397A531&TYPE=Event.ClientInst&DATA=%5B%7B%22Text%22%3A%220%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1735125827154%2C%22Name%22%3A%22web%22%2C%22FID%22%3A%22DynScopeRank%22%7D%2C%7B%22Text%22%3A%221%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1735125827154%2C%22Name%22%3A%22images%22%2C%22FID%22%3A%22DynScopeRank%22%7D%2C%7B%22Text%22%3A%222%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1735125827154%2C%22Name%22%3A%22video%22%2C%22FID%22%3A%22DynScopeRank%22%7D%2C%7B%22Text%22%3A%223%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1735125827154%2C%22Name%22%3A%22local%22%2C%22FID%22%3A%22DynScopeRank%22%7D%2C%7B%22Text%22%3A%224%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1735125827154%2C%22Name%22%3A%22news%22%2C%22FID%22%3A%22DynScopeRank%22%7D%2C%7B%22Text%22%3A%225%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1735125827154%2C%22Name%22%3A%22shop%22%2C%22FID%22%3A%22DynScopeRank%22%7D%2C%7B%22Text%22%3A%226%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1735125827154%2C%22Name%22%3A%22flights%22%2C%22FID%22%3A%22DynScopeRank%22%7D%2C%7B%22Text%22%3A%227%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1735125827154%2C%22Name%22%3A%22travelhub%22%2C%22FID%22%3A%22DynScopeRank%22%7D%2C%7B%22Text%22%3A%228%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1735125827154%2C%22Name%22%3A%22hotels%22%2C%22FID%22%3A%22DynScopeRank%22%7D%2C%7B%22T%22%3A%22CI.DevLoc%22%2C%22TS%22%3A1735125827170%2C%22Name%22%3A%22Perm_Denied%22%2C%22FID%22%3A%22AutoPrompt%22%7D%5D HTTP/1.1
Host: www.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "90.0.818.66"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://www.bing.com/search?q=free+minecraft&cvid=da51f10fee9e4c68929b4d4f7a55def8&aqs=edge..69i57j0l6.3039j0j4&FORM=ANAB01&PC=U531
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=2338596C739167DE37764C0C725866D5; _EDGE_S=F=1&SID=1237EDD3F7EE629C1C5CF8B3F6276339; _EDGE_V=1; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=2D3226E919DD4358A046111CD2C18B22&dmnchg=1; ak_bmsc=2A9335954D3F56E8581EF560E67280CB~000000000000000000000000000000~YAAQhsJkX5eApu2TAQAAQ+eN/RpUqnTT3y0DuOK4JGYnvggFsOXTypTxjSCS2H/QHcqS5/tt98eklF8q24NGXIrzGoufZex6A1fFaYI0HtCXNAmQuV1svccr7m0EXvJ3VvliO+T1k61J9zAUzKtvK2aFs+ul2wAp1uSxNBsiIbRqpqM21hvia0At3e0RLJ7oOrbVsPPZhWTy7+l4ng/bARBf2Hwh2Ap9CsYKoENVXG7Icivuznsh1z4QWy7x5jhQ5Twh6GJQWj3Cg93jzNv5+Rs3xceCOyquicxIYQLJl7UKGsyFt8bjgA/kFCSH4lUnNfL6QPoIcGDmvCsT7fakphMixxP8B6mS1w3OGaqmpzjdjZwbF8wiVNy9Hx2soDk=; MUIDB=2338596C739167DE37764C0C725866D5; SRCHUSR=DOB=20241225&T=1735125755000; _Rwho=u=d&ts=2024-12-25; ipv6=hit=1735129361377&t=4; MSPTC=0sId-ydt5KET1eJHPZpHrN8OIiMSzBo8-a6MuCxIyXw; SRCHHPGUSR=SRCHLANG=en&HV=1735125826&DM=0&NTWKTYP=4g&BRW=M&BRH=S&CW=1280&CH=601&SCW=1263&SCH=1710&DPR=1.0&UTC=0&PV=10.0&WTS=63870722555; _RwBf=r=0&ilt=2&ihpd=0&ispd=2&rc=6&rb=0&gb=0&rg=200&pc=3&mtu=0&rbb=0&g=0&cid=&clo=0&v=2&l=2024-12-25T08:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-12-25T11:23:48.6196096+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _SS=PC=U531&SID=1237EDD3F7EE629C1C5CF8B3F6276339&R=6&RB=0&GB=0&RG=200&RP=3; USRLOC=HS=1&BLOCK=TS=241225112348

Response

HTTP/1.1 200 OK

Content-Length: 0
Access-Control-Allow-Origin: *
Date: Wed, 25 Dec 2024 11:23:48 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.98c2645f.1735125828.2bc29966
POST

https://www.bing.com/rewardsapp/reportActivity?IG=D0DCDB97B59A4F31AEB54F45F397A531&IID=SERP.5061&q=free+minecraft&cvid=da51f10fee9e4c68929b4d4f7a55def8&aqs=edge..69i57j0l6.3039j0j4&FORM=ANAB01&PC=U531

msedge.exe

Remote address:

95.100.195.154:443

Request

POST /rewardsapp/reportActivity?IG=D0DCDB97B59A4F31AEB54F45F397A531&IID=SERP.5061&q=free+minecraft&cvid=da51f10fee9e4c68929b4d4f7a55def8&aqs=edge..69i57j0l6.3039j0j4&FORM=ANAB01&PC=U531 HTTP/1.1
Host: www.bing.com
Connection: keep-alive
Content-Length: 163
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "90.0.818.66"
sec-ch-ua-platform-version: "10.0"
Content-type: application/x-www-form-urlencoded
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
Accept: */*
Origin: https://www.bing.com
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/search?q=free+minecraft&cvid=da51f10fee9e4c68929b4d4f7a55def8&aqs=edge..69i57j0l6.3039j0j4&FORM=ANAB01&PC=U531
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: _C_Auth=; MUID=2338596C739167DE37764C0C725866D5; _EDGE_S=F=1&SID=1237EDD3F7EE629C1C5CF8B3F6276339; _EDGE_V=1; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=2D3226E919DD4358A046111CD2C18B22&dmnchg=1; ak_bmsc=2A9335954D3F56E8581EF560E67280CB~000000000000000000000000000000~YAAQhsJkX5eApu2TAQAAQ+eN/RpUqnTT3y0DuOK4JGYnvggFsOXTypTxjSCS2H/QHcqS5/tt98eklF8q24NGXIrzGoufZex6A1fFaYI0HtCXNAmQuV1svccr7m0EXvJ3VvliO+T1k61J9zAUzKtvK2aFs+ul2wAp1uSxNBsiIbRqpqM21hvia0At3e0RLJ7oOrbVsPPZhWTy7+l4ng/bARBf2Hwh2Ap9CsYKoENVXG7Icivuznsh1z4QWy7x5jhQ5Twh6GJQWj3Cg93jzNv5+Rs3xceCOyquicxIYQLJl7UKGsyFt8bjgA/kFCSH4lUnNfL6QPoIcGDmvCsT7fakphMixxP8B6mS1w3OGaqmpzjdjZwbF8wiVNy9Hx2soDk=; MUIDB=2338596C739167DE37764C0C725866D5; SRCHUSR=DOB=20241225&T=1735125755000; _C_ETH=1; _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-12-25T08:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-12-25T11:22:41.1737217+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _Rwho=u=d&ts=2024-12-25; _SS=PC=U531&SID=1237EDD3F7EE629C1C5CF8B3F6276339&R=3&RB=0&GB=0&RG=200&RP=0; USRLOC=HS=1&BLOCK=TS=241225112241; ipv6=hit=1735129361377&t=4; MSPTC=0sId-ydt5KET1eJHPZpHrN8OIiMSzBo8-a6MuCxIyXw; SRCHS=PC=U531; bm_sv=134AFBE15FCC1878E655F6869AC42D89~YAAQkcJkX/mThOyTAQAA1v6O/RpuaR7Co4b9g3PpWGhmUurTIfwxr2sxIIp9CjqRFtNv8Xsn82/K/5KZCnop9VQcwANoqoklQHL2Wn+gTuUlG1KhIcAy9YQDgjw7+85xtvel3KdZHwji2g7jJjrQ2A3ZwClGaOAOCwFmMnNp5XPeDnvDJVd2PrB5vQB3xreJs1KT7mvjQ7QfnMumi3ljZpX9oiYF6laYxZ+LN2T4noagBztyCw9Wkh47IbCNZQ==~1; SRCHHPGUSR=SRCHLANG=en&HV=1735125827&DM=0&NTWKTYP=4g&BRW=M&BRH=S&CW=1280&CH=601&SCW=1263&SCH=1710&DPR=1.0&UTC=0&PV=10.0&WTS=63870722555

Response

HTTP/1.1 200 OK

Content-Length: 1000
Content-Type: text/html; charset=utf-8
Cache-Control: no-cache
Content-Encoding: br
Expires: -1
Pragma: no-cache
Vary: Accept-Encoding
X-EventID: 676beb444d33425a925b42ae02daefac
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, ECT, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
UserAgentReductionOptOut: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
Content-Security-Policy: script-src https: 'strict-dynamic' 'report-sample' 'wasm-unsafe-eval' 'nonce-CcVv8RbY0BjY2xTJPvy5NRnOxSL6m92ERfqbQdaPkdI='; base-uri 'self';report-to csp-endpoint
Report-To: {"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
X-Ceto-ref: 676beb444d33425a925b42ae02daefac|AFD:676beb444d33425a925b42ae02daefac|2024-12-25T11:23:48.605Z
Date: Wed, 25 Dec 2024 11:23:48 GMT
Connection: keep-alive
Set-Cookie: _C_ETH=1; expires=Tue, 24 Dec 2024 11:23:48 GMT; domain=.bing.com; path=/; secure; httponly
Set-Cookie: _C_Auth=
Set-Cookie: _RwBf=r=0&ilt=2&ihpd=0&ispd=2&rc=6&rb=0&gb=0&rg=200&pc=3&mtu=0&rbb=0&g=0&cid=&clo=0&v=2&l=2024-12-25T08:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-12-25T11:23:48.6196096+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; domain=.bing.com; expires=Thu, 25-Dec-2025 11:23:48 GMT; path=/; secure; SameSite=None
Set-Cookie: _Rwho=u=d&ts=2024-12-25; domain=.bing.com; path=/; secure; HttpOnly; SameSite=None
Set-Cookie: _SS=PC=U531&SID=1237EDD3F7EE629C1C5CF8B3F6276339&R=6&RB=0&GB=0&RG=200&RP=3; domain=.bing.com; path=/; secure; SameSite=None
Set-Cookie: SRCHS=; domain=.bing.com; expires=Thu, 01-Jan-1970 08:00:00 GMT; path=/; secure; SameSite=None
Set-Cookie: SRCHS=; expires=Thu, 01-Jan-1970 08:00:00 GMT; path=/; secure; SameSite=None
Set-Cookie: bm_sv=; domain=.bing.com; expires=Thu, 01-Jan-1970 08:00:00 GMT; path=/; secure; SameSite=None
Set-Cookie: bm_sv=; expires=Thu, 01-Jan-1970 08:00:00 GMT; path=/; secure; SameSite=None
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.c2c2645f.1735125828.2104727a
GET

https://www.bing.com/fd/ls/l?IG=D0DCDB97B59A4F31AEB54F45F397A531&Type=Event.ClientInst&DATA=[{%22T%22:%22CI.FeedbackInit%22,%22FID%22:%22CI%22,%22Name%22:%22Feedback%22,%22Text%22:%22sb_feedback%22}]

msedge.exe

Remote address:

95.100.195.154:443

Request

GET /fd/ls/l?IG=D0DCDB97B59A4F31AEB54F45F397A531&Type=Event.ClientInst&DATA=[{%22T%22:%22CI.FeedbackInit%22,%22FID%22:%22CI%22,%22Name%22:%22Feedback%22,%22Text%22:%22sb_feedback%22}] HTTP/1.1
Host: www.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "90.0.818.66"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://www.bing.com/search?q=free+minecraft&cvid=da51f10fee9e4c68929b4d4f7a55def8&aqs=edge..69i57j0l6.3039j0j4&FORM=ANAB01&PC=U531
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=2338596C739167DE37764C0C725866D5; _EDGE_S=F=1&SID=1237EDD3F7EE629C1C5CF8B3F6276339; _EDGE_V=1; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=2D3226E919DD4358A046111CD2C18B22&dmnchg=1; ak_bmsc=2A9335954D3F56E8581EF560E67280CB~000000000000000000000000000000~YAAQhsJkX5eApu2TAQAAQ+eN/RpUqnTT3y0DuOK4JGYnvggFsOXTypTxjSCS2H/QHcqS5/tt98eklF8q24NGXIrzGoufZex6A1fFaYI0HtCXNAmQuV1svccr7m0EXvJ3VvliO+T1k61J9zAUzKtvK2aFs+ul2wAp1uSxNBsiIbRqpqM21hvia0At3e0RLJ7oOrbVsPPZhWTy7+l4ng/bARBf2Hwh2Ap9CsYKoENVXG7Icivuznsh1z4QWy7x5jhQ5Twh6GJQWj3Cg93jzNv5+Rs3xceCOyquicxIYQLJl7UKGsyFt8bjgA/kFCSH4lUnNfL6QPoIcGDmvCsT7fakphMixxP8B6mS1w3OGaqmpzjdjZwbF8wiVNy9Hx2soDk=; MUIDB=2338596C739167DE37764C0C725866D5; SRCHUSR=DOB=20241225&T=1735125755000; _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-12-25T08:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-12-25T11:22:41.1737217+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _Rwho=u=d&ts=2024-12-25; _SS=PC=U531&SID=1237EDD3F7EE629C1C5CF8B3F6276339&R=3&RB=0&GB=0&RG=200&RP=0; USRLOC=HS=1&BLOCK=TS=241225112241; ipv6=hit=1735129361377&t=4; MSPTC=0sId-ydt5KET1eJHPZpHrN8OIiMSzBo8-a6MuCxIyXw; SRCHHPGUSR=SRCHLANG=en&HV=1735125826&DM=0&NTWKTYP=4g&BRW=M&BRH=S&CW=1280&CH=601&SCW=1263&SCH=1710&DPR=1.0&UTC=0&PV=10.0&WTS=63870722555

Response

HTTP/1.1 200 OK

Content-Length: 0
Access-Control-Allow-Origin: *
Date: Wed, 25 Dec 2024 11:23:48 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.c2c2645f.1735125828.210472dd
GET

https://www.bing.com/fd/ls/l?IG=D0DCDB97B59A4F31AEB54F45F397A531&TYPE=Event.ClientInst&DATA=%5B%7B%22T%22%3A%22CI.DevLoc%22%2C%22TS%22%3A1735125827170%2C%22Name%22%3A%22tryBlock%22%2C%22FID%22%3A%22AutoPrompt%22%7D%5D

msedge.exe

Remote address:

95.100.195.154:443

Request

GET /fd/ls/l?IG=D0DCDB97B59A4F31AEB54F45F397A531&TYPE=Event.ClientInst&DATA=%5B%7B%22T%22%3A%22CI.DevLoc%22%2C%22TS%22%3A1735125827170%2C%22Name%22%3A%22tryBlock%22%2C%22FID%22%3A%22AutoPrompt%22%7D%5D HTTP/1.1
Host: www.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "90.0.818.66"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://www.bing.com/search?q=free+minecraft&cvid=da51f10fee9e4c68929b4d4f7a55def8&aqs=edge..69i57j0l6.3039j0j4&FORM=ANAB01&PC=U531
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=2338596C739167DE37764C0C725866D5; _EDGE_S=F=1&SID=1237EDD3F7EE629C1C5CF8B3F6276339; _EDGE_V=1; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=2D3226E919DD4358A046111CD2C18B22&dmnchg=1; ak_bmsc=2A9335954D3F56E8581EF560E67280CB~000000000000000000000000000000~YAAQhsJkX5eApu2TAQAAQ+eN/RpUqnTT3y0DuOK4JGYnvggFsOXTypTxjSCS2H/QHcqS5/tt98eklF8q24NGXIrzGoufZex6A1fFaYI0HtCXNAmQuV1svccr7m0EXvJ3VvliO+T1k61J9zAUzKtvK2aFs+ul2wAp1uSxNBsiIbRqpqM21hvia0At3e0RLJ7oOrbVsPPZhWTy7+l4ng/bARBf2Hwh2Ap9CsYKoENVXG7Icivuznsh1z4QWy7x5jhQ5Twh6GJQWj3Cg93jzNv5+Rs3xceCOyquicxIYQLJl7UKGsyFt8bjgA/kFCSH4lUnNfL6QPoIcGDmvCsT7fakphMixxP8B6mS1w3OGaqmpzjdjZwbF8wiVNy9Hx2soDk=; MUIDB=2338596C739167DE37764C0C725866D5; SRCHUSR=DOB=20241225&T=1735125755000; _Rwho=u=d&ts=2024-12-25; ipv6=hit=1735129361377&t=4; MSPTC=0sId-ydt5KET1eJHPZpHrN8OIiMSzBo8-a6MuCxIyXw; SRCHHPGUSR=SRCHLANG=en&HV=1735125826&DM=0&NTWKTYP=4g&BRW=M&BRH=S&CW=1280&CH=601&SCW=1263&SCH=1710&DPR=1.0&UTC=0&PV=10.0&WTS=63870722555; _RwBf=r=0&ilt=2&ihpd=0&ispd=2&rc=6&rb=0&gb=0&rg=200&pc=3&mtu=0&rbb=0&g=0&cid=&clo=0&v=2&l=2024-12-25T08:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-12-25T11:23:48.6196096+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _SS=PC=U531&SID=1237EDD3F7EE629C1C5CF8B3F6276339&R=6&RB=0&GB=0&RG=200&RP=3; USRLOC=HS=1&BLOCK=TS=241225112348

Response

HTTP/1.1 200 OK

Content-Length: 0
Access-Control-Allow-Origin: *
Date: Wed, 25 Dec 2024 11:23:48 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.c2c2645f.1735125828.210473a8
GET

https://www.bing.com/fd/ls/l?IG=D0DCDB97B59A4F31AEB54F45F397A531&Type=Event.ClientInst&DATA=[{%22T%22:%22CI.SERPSB%22,%22FID%22:%22CI%22,%22Name%22:%22LandingRows%22,%22Text%22:%221%22}]

msedge.exe

Remote address:

95.100.195.154:443

Request

GET /fd/ls/l?IG=D0DCDB97B59A4F31AEB54F45F397A531&Type=Event.ClientInst&DATA=[{%22T%22:%22CI.SERPSB%22,%22FID%22:%22CI%22,%22Name%22:%22LandingRows%22,%22Text%22:%221%22}] HTTP/1.1
Host: www.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "90.0.818.66"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://www.bing.com/search?q=free+minecraft&cvid=da51f10fee9e4c68929b4d4f7a55def8&aqs=edge..69i57j0l6.3039j0j4&FORM=ANAB01&PC=U531
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=2338596C739167DE37764C0C725866D5; _EDGE_S=F=1&SID=1237EDD3F7EE629C1C5CF8B3F6276339; _EDGE_V=1; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=2D3226E919DD4358A046111CD2C18B22&dmnchg=1; ak_bmsc=2A9335954D3F56E8581EF560E67280CB~000000000000000000000000000000~YAAQhsJkX5eApu2TAQAAQ+eN/RpUqnTT3y0DuOK4JGYnvggFsOXTypTxjSCS2H/QHcqS5/tt98eklF8q24NGXIrzGoufZex6A1fFaYI0HtCXNAmQuV1svccr7m0EXvJ3VvliO+T1k61J9zAUzKtvK2aFs+ul2wAp1uSxNBsiIbRqpqM21hvia0At3e0RLJ7oOrbVsPPZhWTy7+l4ng/bARBf2Hwh2Ap9CsYKoENVXG7Icivuznsh1z4QWy7x5jhQ5Twh6GJQWj3Cg93jzNv5+Rs3xceCOyquicxIYQLJl7UKGsyFt8bjgA/kFCSH4lUnNfL6QPoIcGDmvCsT7fakphMixxP8B6mS1w3OGaqmpzjdjZwbF8wiVNy9Hx2soDk=; MUIDB=2338596C739167DE37764C0C725866D5; SRCHUSR=DOB=20241225&T=1735125755000; _C_ETH=1; _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-12-25T08:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-12-25T11:22:41.1737217+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _Rwho=u=d&ts=2024-12-25; _SS=PC=U531&SID=1237EDD3F7EE629C1C5CF8B3F6276339&R=3&RB=0&GB=0&RG=200&RP=0; USRLOC=HS=1&BLOCK=TS=241225112241; ipv6=hit=1735129361377&t=4; MSPTC=0sId-ydt5KET1eJHPZpHrN8OIiMSzBo8-a6MuCxIyXw; SRCHS=PC=U531; bm_sv=134AFBE15FCC1878E655F6869AC42D89~YAAQkcJkX/mThOyTAQAA1v6O/RpuaR7Co4b9g3PpWGhmUurTIfwxr2sxIIp9CjqRFtNv8Xsn82/K/5KZCnop9VQcwANoqoklQHL2Wn+gTuUlG1KhIcAy9YQDgjw7+85xtvel3KdZHwji2g7jJjrQ2A3ZwClGaOAOCwFmMnNp5XPeDnvDJVd2PrB5vQB3xreJs1KT7mvjQ7QfnMumi3ljZpX9oiYF6laYxZ+LN2T4noagBztyCw9Wkh47IbCNZQ==~1; SRCHHPGUSR=SRCHLANG=en&HV=1735125826&DM=0&NTWKTYP=4g&BRW=M&BRH=S&CW=1280&CH=601&SCW=1263&SCH=1710&DPR=1.0&UTC=0&PV=10.0&WTS=63870722555

Response

HTTP/1.1 200 OK

Content-Length: 0
Access-Control-Allow-Origin: *
Date: Wed, 25 Dec 2024 11:23:48 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.c3c2645f.1735125828.10eb5829
GET

https://www.bing.com/fd/ls/l?IG=D0DCDB97B59A4F31AEB54F45F397A531&TYPE=Event.ClientInst&DATA=%5B%7B%22T%22%3A%22CI.DevLoc%22%2C%22TS%22%3A1735125827170%2C%22Name%22%3A%22block%22%2C%22FID%22%3A%22AutoPrompt%22%7D%5D

msedge.exe

Remote address:

95.100.195.154:443

Request

GET /fd/ls/l?IG=D0DCDB97B59A4F31AEB54F45F397A531&TYPE=Event.ClientInst&DATA=%5B%7B%22T%22%3A%22CI.DevLoc%22%2C%22TS%22%3A1735125827170%2C%22Name%22%3A%22block%22%2C%22FID%22%3A%22AutoPrompt%22%7D%5D HTTP/1.1
Host: www.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "90.0.818.66"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://www.bing.com/search?q=free+minecraft&cvid=da51f10fee9e4c68929b4d4f7a55def8&aqs=edge..69i57j0l6.3039j0j4&FORM=ANAB01&PC=U531
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=2338596C739167DE37764C0C725866D5; _EDGE_S=F=1&SID=1237EDD3F7EE629C1C5CF8B3F6276339; _EDGE_V=1; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=2D3226E919DD4358A046111CD2C18B22&dmnchg=1; ak_bmsc=2A9335954D3F56E8581EF560E67280CB~000000000000000000000000000000~YAAQhsJkX5eApu2TAQAAQ+eN/RpUqnTT3y0DuOK4JGYnvggFsOXTypTxjSCS2H/QHcqS5/tt98eklF8q24NGXIrzGoufZex6A1fFaYI0HtCXNAmQuV1svccr7m0EXvJ3VvliO+T1k61J9zAUzKtvK2aFs+ul2wAp1uSxNBsiIbRqpqM21hvia0At3e0RLJ7oOrbVsPPZhWTy7+l4ng/bARBf2Hwh2Ap9CsYKoENVXG7Icivuznsh1z4QWy7x5jhQ5Twh6GJQWj3Cg93jzNv5+Rs3xceCOyquicxIYQLJl7UKGsyFt8bjgA/kFCSH4lUnNfL6QPoIcGDmvCsT7fakphMixxP8B6mS1w3OGaqmpzjdjZwbF8wiVNy9Hx2soDk=; MUIDB=2338596C739167DE37764C0C725866D5; SRCHUSR=DOB=20241225&T=1735125755000; _Rwho=u=d&ts=2024-12-25; ipv6=hit=1735129361377&t=4; MSPTC=0sId-ydt5KET1eJHPZpHrN8OIiMSzBo8-a6MuCxIyXw; SRCHHPGUSR=SRCHLANG=en&HV=1735125826&DM=0&NTWKTYP=4g&BRW=M&BRH=S&CW=1280&CH=601&SCW=1263&SCH=1710&DPR=1.0&UTC=0&PV=10.0&WTS=63870722555; _RwBf=r=0&ilt=2&ihpd=0&ispd=2&rc=6&rb=0&gb=0&rg=200&pc=3&mtu=0&rbb=0&g=0&cid=&clo=0&v=2&l=2024-12-25T08:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-12-25T11:23:48.6196096+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _SS=PC=U531&SID=1237EDD3F7EE629C1C5CF8B3F6276339&R=6&RB=0&GB=0&RG=200&RP=3; USRLOC=HS=1&BLOCK=TS=241225112348

Response

HTTP/1.1 200 OK

Content-Length: 0
Access-Control-Allow-Origin: *
Date: Wed, 25 Dec 2024 11:23:48 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.c3c2645f.1735125828.10eb585e
GET

https://www.bing.com/fd/ls/l?IG=D0DCDB97B59A4F31AEB54F45F397A531&TYPE=Event.ClientInst&DATA=%5B%7B%22width%22%3A%221280%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1735125826932%2C%22Name%22%3A%22M%22%2C%22FID%22%3A%22BRW%22%7D%2C%7B%22height%22%3A%22601%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1735125826933%2C%22Name%22%3A%22S%22%2C%22FID%22%3A%22BRH%22%7D%2C%7B%22RawDPR%22%3A%221.0%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1735125826933%2C%22Name%22%3A%221.0%22%2C%22FID%22%3A%22DPR%22%7D%2C%7B%22correlationId%22%3A%22676beb436cf94ebd8683e18080ea77ed%22%2C%22T%22%3A%22CI.acclink%22%2C%22TS%22%3A1735125827072%2C%22Name%22%3A%22loadJsModule%22%2C%22FID%22%3A%22init%22%7D%2C%7B%22correlationId%22%3A%22676beb436cf94ebd8683e18080ea77ed%22%2C%22T%22%3A%22CI.acclink%22%2C%22TS%22%3A1735125827072%2C%22Name%22%3A%22undirectflow%22%2C%22FID%22%3A%22init%22%7D%2C%7B%22osBuildVersion%22%3A%5B%2210%22%2C%220%22%2C%2222000%22%5D%2C%22isWin11OrHigher%22%3A%22true%22%2C%22fullOsBuild%22%3A%2210.0.22000%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1735125827103%2C%22Name%22%3A%22OSBuild%22%2C%22FID%22%3A%22OSBuild%22%7D%2C%7B%22T%22%3A%22CI.DevLoc%22%2C%22TS%22%3A1735125827154%2C%22Name%22%3A%22PromptDevLoc%22%2C%22FID%22%3A%22AutoPrompt%22%7D%5D

msedge.exe

Remote address:

95.100.195.154:443

Request

GET /fd/ls/l?IG=D0DCDB97B59A4F31AEB54F45F397A531&TYPE=Event.ClientInst&DATA=%5B%7B%22width%22%3A%221280%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1735125826932%2C%22Name%22%3A%22M%22%2C%22FID%22%3A%22BRW%22%7D%2C%7B%22height%22%3A%22601%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1735125826933%2C%22Name%22%3A%22S%22%2C%22FID%22%3A%22BRH%22%7D%2C%7B%22RawDPR%22%3A%221.0%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1735125826933%2C%22Name%22%3A%221.0%22%2C%22FID%22%3A%22DPR%22%7D%2C%7B%22correlationId%22%3A%22676beb436cf94ebd8683e18080ea77ed%22%2C%22T%22%3A%22CI.acclink%22%2C%22TS%22%3A1735125827072%2C%22Name%22%3A%22loadJsModule%22%2C%22FID%22%3A%22init%22%7D%2C%7B%22correlationId%22%3A%22676beb436cf94ebd8683e18080ea77ed%22%2C%22T%22%3A%22CI.acclink%22%2C%22TS%22%3A1735125827072%2C%22Name%22%3A%22undirectflow%22%2C%22FID%22%3A%22init%22%7D%2C%7B%22osBuildVersion%22%3A%5B%2210%22%2C%220%22%2C%2222000%22%5D%2C%22isWin11OrHigher%22%3A%22true%22%2C%22fullOsBuild%22%3A%2210.0.22000%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1735125827103%2C%22Name%22%3A%22OSBuild%22%2C%22FID%22%3A%22OSBuild%22%7D%2C%7B%22T%22%3A%22CI.DevLoc%22%2C%22TS%22%3A1735125827154%2C%22Name%22%3A%22PromptDevLoc%22%2C%22FID%22%3A%22AutoPrompt%22%7D%5D HTTP/1.1
Host: www.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "90.0.818.66"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://www.bing.com/search?q=free+minecraft&cvid=da51f10fee9e4c68929b4d4f7a55def8&aqs=edge..69i57j0l6.3039j0j4&FORM=ANAB01&PC=U531
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=2338596C739167DE37764C0C725866D5; _EDGE_S=F=1&SID=1237EDD3F7EE629C1C5CF8B3F6276339; _EDGE_V=1; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=2D3226E919DD4358A046111CD2C18B22&dmnchg=1; ak_bmsc=2A9335954D3F56E8581EF560E67280CB~000000000000000000000000000000~YAAQhsJkX5eApu2TAQAAQ+eN/RpUqnTT3y0DuOK4JGYnvggFsOXTypTxjSCS2H/QHcqS5/tt98eklF8q24NGXIrzGoufZex6A1fFaYI0HtCXNAmQuV1svccr7m0EXvJ3VvliO+T1k61J9zAUzKtvK2aFs+ul2wAp1uSxNBsiIbRqpqM21hvia0At3e0RLJ7oOrbVsPPZhWTy7+l4ng/bARBf2Hwh2Ap9CsYKoENVXG7Icivuznsh1z4QWy7x5jhQ5Twh6GJQWj3Cg93jzNv5+Rs3xceCOyquicxIYQLJl7UKGsyFt8bjgA/kFCSH4lUnNfL6QPoIcGDmvCsT7fakphMixxP8B6mS1w3OGaqmpzjdjZwbF8wiVNy9Hx2soDk=; MUIDB=2338596C739167DE37764C0C725866D5; SRCHUSR=DOB=20241225&T=1735125755000; _Rwho=u=d&ts=2024-12-25; USRLOC=HS=1&BLOCK=TS=241225112241; ipv6=hit=1735129361377&t=4; MSPTC=0sId-ydt5KET1eJHPZpHrN8OIiMSzBo8-a6MuCxIyXw; SRCHHPGUSR=SRCHLANG=en&HV=1735125826&DM=0&NTWKTYP=4g&BRW=M&BRH=S&CW=1280&CH=601&SCW=1263&SCH=1710&DPR=1.0&UTC=0&PV=10.0&WTS=63870722555; _RwBf=r=0&ilt=2&ihpd=0&ispd=2&rc=6&rb=0&gb=0&rg=200&pc=3&mtu=0&rbb=0&g=0&cid=&clo=0&v=2&l=2024-12-25T08:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-12-25T11:23:48.6196096+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _SS=PC=U531&SID=1237EDD3F7EE629C1C5CF8B3F6276339&R=6&RB=0&GB=0&RG=200&RP=3

Response

HTTP/1.1 200 OK

Content-Length: 0
Access-Control-Allow-Origin: *
Date: Wed, 25 Dec 2024 11:23:48 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.89c2645f.1735125828.3b9d40d5
GET

https://www.bing.com/fd/ls/l?IG=D0DCDB97B59A4F31AEB54F45F397A531&TYPE=Event.ClientInst&DATA=%5B%7B%22T%22%3A%22CI.ASBundleLoad%22%2C%22TS%22%3A1735125827179%2C%22Name%22%3A%22AutoSuggestBootstrap%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22LoadTime%22%3A%221138.9999999955762%22%2C%22T%22%3A%22CI.AutosuggestBootstrapLoaded%22%2C%22TS%22%3A1735125827179%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22LoadTime%22%3A%221353.9999999920838%22%2C%22T%22%3A%22CI.AutosuggestJSBundleLoaded%22%2C%22TS%22%3A1735125827179%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22T%22%3A%22CI.Tab%22%2C%22TS%22%3A1735125827303%2C%22Name%22%3A%222%22%2C%22FID%22%3A%22count%22%7D%2C%7B%22Fallback%22%3A%221%22%2C%22IsRewardUser%22%3A%22%22%2C%22IsAutoOpenFlyout%22%3A%22%22%2C%22SuppressionReason%22%3A%22NoTrigger%3AMuidTrialNotEnoughPoints%22%2C%22FID%22%3A%22ModernRewardsFlyout%22%2C%22EventName%22%3A%22AutoOpenFlyoutFired%22%2C%22T%22%3A%22CI.Init%22%2C%22TS%22%3A1735125827372%2C%22Name%22%3A%22AutoOpenFlyoutFired%22%7D%5D

msedge.exe

Remote address:

95.100.195.154:443

Request

GET /fd/ls/l?IG=D0DCDB97B59A4F31AEB54F45F397A531&TYPE=Event.ClientInst&DATA=%5B%7B%22T%22%3A%22CI.ASBundleLoad%22%2C%22TS%22%3A1735125827179%2C%22Name%22%3A%22AutoSuggestBootstrap%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22LoadTime%22%3A%221138.9999999955762%22%2C%22T%22%3A%22CI.AutosuggestBootstrapLoaded%22%2C%22TS%22%3A1735125827179%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22LoadTime%22%3A%221353.9999999920838%22%2C%22T%22%3A%22CI.AutosuggestJSBundleLoaded%22%2C%22TS%22%3A1735125827179%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22T%22%3A%22CI.Tab%22%2C%22TS%22%3A1735125827303%2C%22Name%22%3A%222%22%2C%22FID%22%3A%22count%22%7D%2C%7B%22Fallback%22%3A%221%22%2C%22IsRewardUser%22%3A%22%22%2C%22IsAutoOpenFlyout%22%3A%22%22%2C%22SuppressionReason%22%3A%22NoTrigger%3AMuidTrialNotEnoughPoints%22%2C%22FID%22%3A%22ModernRewardsFlyout%22%2C%22EventName%22%3A%22AutoOpenFlyoutFired%22%2C%22T%22%3A%22CI.Init%22%2C%22TS%22%3A1735125827372%2C%22Name%22%3A%22AutoOpenFlyoutFired%22%7D%5D HTTP/1.1
Host: www.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "90.0.818.66"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://www.bing.com/search?q=free+minecraft&cvid=da51f10fee9e4c68929b4d4f7a55def8&aqs=edge..69i57j0l6.3039j0j4&FORM=ANAB01&PC=U531
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=2338596C739167DE37764C0C725866D5; _EDGE_S=F=1&SID=1237EDD3F7EE629C1C5CF8B3F6276339; _EDGE_V=1; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=2D3226E919DD4358A046111CD2C18B22&dmnchg=1; ak_bmsc=2A9335954D3F56E8581EF560E67280CB~000000000000000000000000000000~YAAQhsJkX5eApu2TAQAAQ+eN/RpUqnTT3y0DuOK4JGYnvggFsOXTypTxjSCS2H/QHcqS5/tt98eklF8q24NGXIrzGoufZex6A1fFaYI0HtCXNAmQuV1svccr7m0EXvJ3VvliO+T1k61J9zAUzKtvK2aFs+ul2wAp1uSxNBsiIbRqpqM21hvia0At3e0RLJ7oOrbVsPPZhWTy7+l4ng/bARBf2Hwh2Ap9CsYKoENVXG7Icivuznsh1z4QWy7x5jhQ5Twh6GJQWj3Cg93jzNv5+Rs3xceCOyquicxIYQLJl7UKGsyFt8bjgA/kFCSH4lUnNfL6QPoIcGDmvCsT7fakphMixxP8B6mS1w3OGaqmpzjdjZwbF8wiVNy9Hx2soDk=; MUIDB=2338596C739167DE37764C0C725866D5; SRCHUSR=DOB=20241225&T=1735125755000; _Rwho=u=d&ts=2024-12-25; ipv6=hit=1735129361377&t=4; MSPTC=0sId-ydt5KET1eJHPZpHrN8OIiMSzBo8-a6MuCxIyXw; SRCHHPGUSR=SRCHLANG=en&HV=1735125826&DM=0&NTWKTYP=4g&BRW=M&BRH=S&CW=1280&CH=601&SCW=1263&SCH=1710&DPR=1.0&UTC=0&PV=10.0&WTS=63870722555; _RwBf=r=0&ilt=2&ihpd=0&ispd=2&rc=6&rb=0&gb=0&rg=200&pc=3&mtu=0&rbb=0&g=0&cid=&clo=0&v=2&l=2024-12-25T08:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-12-25T11:23:48.6196096+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _SS=PC=U531&SID=1237EDD3F7EE629C1C5CF8B3F6276339&R=6&RB=0&GB=0&RG=200&RP=3; USRLOC=HS=1&BLOCK=TS=241225112348

Response

HTTP/1.1 200 OK

Content-Length: 0
Access-Control-Allow-Origin: *
Date: Wed, 25 Dec 2024 11:23:48 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.89c2645f.1735125828.3b9d40ff
POST

https://www.bing.com/fd/ls/lsp.aspx

msedge.exe

Remote address:

95.100.195.154:443

Request

POST /fd/ls/lsp.aspx HTTP/1.1
Host: www.bing.com
Connection: keep-alive
Content-Length: 286
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "90.0.818.66"
sec-ch-ua-platform-version: "10.0"
Content-Type: text/xml
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
Accept: */*
Origin: https://www.bing.com
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/search?q=free+minecraft&cvid=da51f10fee9e4c68929b4d4f7a55def8&aqs=edge..69i57j0l6.3039j0j4&FORM=ANAB01&PC=U531
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=2338596C739167DE37764C0C725866D5; _EDGE_S=F=1&SID=1237EDD3F7EE629C1C5CF8B3F6276339; _EDGE_V=1; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=2D3226E919DD4358A046111CD2C18B22&dmnchg=1; ak_bmsc=2A9335954D3F56E8581EF560E67280CB~000000000000000000000000000000~YAAQhsJkX5eApu2TAQAAQ+eN/RpUqnTT3y0DuOK4JGYnvggFsOXTypTxjSCS2H/QHcqS5/tt98eklF8q24NGXIrzGoufZex6A1fFaYI0HtCXNAmQuV1svccr7m0EXvJ3VvliO+T1k61J9zAUzKtvK2aFs+ul2wAp1uSxNBsiIbRqpqM21hvia0At3e0RLJ7oOrbVsPPZhWTy7+l4ng/bARBf2Hwh2Ap9CsYKoENVXG7Icivuznsh1z4QWy7x5jhQ5Twh6GJQWj3Cg93jzNv5+Rs3xceCOyquicxIYQLJl7UKGsyFt8bjgA/kFCSH4lUnNfL6QPoIcGDmvCsT7fakphMixxP8B6mS1w3OGaqmpzjdjZwbF8wiVNy9Hx2soDk=; MUIDB=2338596C739167DE37764C0C725866D5; SRCHUSR=DOB=20241225&T=1735125755000; _Rwho=u=d&ts=2024-12-25; ipv6=hit=1735129361377&t=4; MSPTC=0sId-ydt5KET1eJHPZpHrN8OIiMSzBo8-a6MuCxIyXw; SRCHHPGUSR=SRCHLANG=en&HV=1735125826&DM=0&NTWKTYP=4g&BRW=M&BRH=S&CW=1280&CH=601&SCW=1263&SCH=1710&DPR=1.0&UTC=0&PV=10.0&WTS=63870722555; _RwBf=r=0&ilt=2&ihpd=0&ispd=2&rc=6&rb=0&gb=0&rg=200&pc=3&mtu=0&rbb=0&g=0&cid=&clo=0&v=2&l=2024-12-25T08:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-12-25T11:23:48.6196096+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _SS=PC=U531&SID=1237EDD3F7EE629C1C5CF8B3F6276339&R=6&RB=0&GB=0&RG=200&RP=3; USRLOC=HS=1&BLOCK=TS=241225112348

Response

HTTP/1.1 204 No Content

Access-Control-Allow-Origin: *
Date: Wed, 25 Dec 2024 11:23:51 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.89c2645f.1735125831.3b9d41e3
GET

https://www.bing.com/fd/ls/l?IG=D0DCDB97B59A4F31AEB54F45F397A531&Type=Event.ClientInst&DATA=[{%22T%22:%22CI.BM%22,%22FID%22:%22CI%22,%22Name%22:%22HV%22}]

msedge.exe

Remote address:

95.100.195.154:443

Request

GET /fd/ls/l?IG=D0DCDB97B59A4F31AEB54F45F397A531&Type=Event.ClientInst&DATA=[{%22T%22:%22CI.BM%22,%22FID%22:%22CI%22,%22Name%22:%22HV%22}] HTTP/1.1
Host: www.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "90.0.818.66"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://www.bing.com/search?q=free+minecraft&cvid=da51f10fee9e4c68929b4d4f7a55def8&aqs=edge..69i57j0l6.3039j0j4&FORM=ANAB01&PC=U531
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=2338596C739167DE37764C0C725866D5; _EDGE_S=F=1&SID=1237EDD3F7EE629C1C5CF8B3F6276339; _EDGE_V=1; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=2D3226E919DD4358A046111CD2C18B22&dmnchg=1; ak_bmsc=2A9335954D3F56E8581EF560E67280CB~000000000000000000000000000000~YAAQhsJkX5eApu2TAQAAQ+eN/RpUqnTT3y0DuOK4JGYnvggFsOXTypTxjSCS2H/QHcqS5/tt98eklF8q24NGXIrzGoufZex6A1fFaYI0HtCXNAmQuV1svccr7m0EXvJ3VvliO+T1k61J9zAUzKtvK2aFs+ul2wAp1uSxNBsiIbRqpqM21hvia0At3e0RLJ7oOrbVsPPZhWTy7+l4ng/bARBf2Hwh2Ap9CsYKoENVXG7Icivuznsh1z4QWy7x5jhQ5Twh6GJQWj3Cg93jzNv5+Rs3xceCOyquicxIYQLJl7UKGsyFt8bjgA/kFCSH4lUnNfL6QPoIcGDmvCsT7fakphMixxP8B6mS1w3OGaqmpzjdjZwbF8wiVNy9Hx2soDk=; MUIDB=2338596C739167DE37764C0C725866D5; SRCHUSR=DOB=20241225&T=1735125755000; _C_ETH=1; _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2024-12-25T08:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-12-25T11:22:41.1737217+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _Rwho=u=d&ts=2024-12-25; _SS=PC=U531&SID=1237EDD3F7EE629C1C5CF8B3F6276339&R=3&RB=0&GB=0&RG=200&RP=0; USRLOC=HS=1&BLOCK=TS=241225112241; ipv6=hit=1735129361377&t=4; MSPTC=0sId-ydt5KET1eJHPZpHrN8OIiMSzBo8-a6MuCxIyXw; SRCHS=PC=U531; bm_sv=134AFBE15FCC1878E655F6869AC42D89~YAAQkcJkX/mThOyTAQAA1v6O/RpuaR7Co4b9g3PpWGhmUurTIfwxr2sxIIp9CjqRFtNv8Xsn82/K/5KZCnop9VQcwANoqoklQHL2Wn+gTuUlG1KhIcAy9YQDgjw7+85xtvel3KdZHwji2g7jJjrQ2A3ZwClGaOAOCwFmMnNp5XPeDnvDJVd2PrB5vQB3xreJs1KT7mvjQ7QfnMumi3ljZpX9oiYF6laYxZ+LN2T4noagBztyCw9Wkh47IbCNZQ==~1; SRCHHPGUSR=SRCHLANG=en&HV=1735125827&DM=0&NTWKTYP=4g&BRW=M&BRH=S&CW=1280&CH=601&SCW=1263&SCH=1710&DPR=1.0&UTC=0&PV=10.0&WTS=63870722555

Response

HTTP/1.1 200 OK

Content-Length: 0
Access-Control-Allow-Origin: *
Date: Wed, 25 Dec 2024 11:23:48 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.85c2645f.1735125828.21569198
GET

https://www.bing.com/ck/a?!&&p=44d1689868f0fb52755d18dc98d4a015a75ce938d34cba8c7bd7eda29c53abf0JmltdHM9MTczNTA4NDgwMA&ptn=3&ver=2&hsh=4&fclid=2338596c-7391-67de-3776-4c0c725866d5&psq=free+minecraft&u=a1aHR0cHM6Ly93d3cubWNiYnMubmV0L2ZvcnVtLnBocD9tb2Q9Zm9ydW1kaXNwbGF5JmZpZD00NzkmdHlwZWlkPTEwMjgmb3JkZXJieT1sYXN0cG9zdCZ0eXBlaWQ9MTAyOCZvcmRlcmJ5PWxhc3Rwb3N0JmZpbHRlcj10eXBlaWQmcGFnZT00&ntb=1

msedge.exe

Remote address:

95.100.195.154:443

Request

GET /ck/a?!&&p=44d1689868f0fb52755d18dc98d4a015a75ce938d34cba8c7bd7eda29c53abf0JmltdHM9MTczNTA4NDgwMA&ptn=3&ver=2&hsh=4&fclid=2338596c-7391-67de-3776-4c0c725866d5&psq=free+minecraft&u=a1aHR0cHM6Ly93d3cubWNiYnMubmV0L2ZvcnVtLnBocD9tb2Q9Zm9ydW1kaXNwbGF5JmZpZD00NzkmdHlwZWlkPTEwMjgmb3JkZXJieT1sYXN0cG9zdCZ0eXBlaWQ9MTAyOCZvcmRlcmJ5PWxhc3Rwb3N0JmZpbHRlcj10eXBlaWQmcGFnZT00&ntb=1 HTTP/1.1
Host: www.bing.com
Connection: keep-alive
ect: 4g
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
sec-ch-ua-mobile: ?0
sec-ch-ua-full-version: "90.0.818.66"
sec-ch-ua-arch: "x86"
sec-ch-ua-platform: "Windows"
sec-ch-ua-platform-version: "10.0"
sec-ch-ua-model: ""
DNT: 1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Referer: https://www.bing.com/search?q=free+minecraft&cvid=da51f10fee9e4c68929b4d4f7a55def8&aqs=edge..69i57j0l6.3039j0j4&FORM=ANAB01&PC=U531
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=2338596C739167DE37764C0C725866D5; _EDGE_S=F=1&SID=1237EDD3F7EE629C1C5CF8B3F6276339; _EDGE_V=1; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=2D3226E919DD4358A046111CD2C18B22&dmnchg=1; ak_bmsc=2A9335954D3F56E8581EF560E67280CB~000000000000000000000000000000~YAAQhsJkX5eApu2TAQAAQ+eN/RpUqnTT3y0DuOK4JGYnvggFsOXTypTxjSCS2H/QHcqS5/tt98eklF8q24NGXIrzGoufZex6A1fFaYI0HtCXNAmQuV1svccr7m0EXvJ3VvliO+T1k61J9zAUzKtvK2aFs+ul2wAp1uSxNBsiIbRqpqM21hvia0At3e0RLJ7oOrbVsPPZhWTy7+l4ng/bARBf2Hwh2Ap9CsYKoENVXG7Icivuznsh1z4QWy7x5jhQ5Twh6GJQWj3Cg93jzNv5+Rs3xceCOyquicxIYQLJl7UKGsyFt8bjgA/kFCSH4lUnNfL6QPoIcGDmvCsT7fakphMixxP8B6mS1w3OGaqmpzjdjZwbF8wiVNy9Hx2soDk=; MUIDB=2338596C739167DE37764C0C725866D5; SRCHUSR=DOB=20241225&T=1735125755000; _Rwho=u=d&ts=2024-12-25; ipv6=hit=1735129361377&t=4; MSPTC=0sId-ydt5KET1eJHPZpHrN8OIiMSzBo8-a6MuCxIyXw; SRCHHPGUSR=SRCHLANG=en&HV=1735125826&DM=0&NTWKTYP=4g&BRW=M&BRH=S&CW=1280&CH=601&SCW=1263&SCH=1710&DPR=1.0&UTC=0&PV=10.0&WTS=63870722555; _RwBf=r=0&ilt=2&ihpd=0&ispd=2&rc=6&rb=0&gb=0&rg=200&pc=3&mtu=0&rbb=0&g=0&cid=&clo=0&v=2&l=2024-12-25T08:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-12-25T11:23:48.6196096+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _SS=PC=U531&SID=1237EDD3F7EE629C1C5CF8B3F6276339&R=6&RB=0&GB=0&RG=200&RP=3; USRLOC=HS=1&BLOCK=TS=241225112348

Response

HTTP/1.1 200 OK

Cache-Control: no-cache, must-revalidate
Pragma: no-cache
Content-Length: 1362
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
X-MSEdge-Ref: Ref A: 858B1BFE22544E3D8D5A31332E00C336 Ref B: LON601060102034 Ref C: 2024-12-25T11:23:51Z
Date: Wed, 25 Dec 2024 11:23:51 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.85c2645f.1735125831.21569218
GET

https://www.bing.com/ck/a?!&&p=44d1689868f0fb52755d18dc98d4a015a75ce938d34cba8c7bd7eda29c53abf0JmltdHM9MTczNTA4NDgwMA&ptn=3&ver=2&hsh=4&fclid=2338596c-7391-67de-3776-4c0c725866d5&psq=free+minecraft&u=a1aHR0cHM6Ly93d3cubWNiYnMubmV0L2ZvcnVtLnBocD9tb2Q9Zm9ydW1kaXNwbGF5JmZpZD00NzkmdHlwZWlkPTEwMjgmb3JkZXJieT1sYXN0cG9zdCZ0eXBlaWQ9MTAyOCZvcmRlcmJ5PWxhc3Rwb3N0JmZpbHRlcj10eXBlaWQmcGFnZT00&ntb=F

msedge.exe

Remote address:

95.100.195.154:443

Request

GET /ck/a?!&&p=44d1689868f0fb52755d18dc98d4a015a75ce938d34cba8c7bd7eda29c53abf0JmltdHM9MTczNTA4NDgwMA&ptn=3&ver=2&hsh=4&fclid=2338596c-7391-67de-3776-4c0c725866d5&psq=free+minecraft&u=a1aHR0cHM6Ly93d3cubWNiYnMubmV0L2ZvcnVtLnBocD9tb2Q9Zm9ydW1kaXNwbGF5JmZpZD00NzkmdHlwZWlkPTEwMjgmb3JkZXJieT1sYXN0cG9zdCZ0eXBlaWQ9MTAyOCZvcmRlcmJ5PWxhc3Rwb3N0JmZpbHRlcj10eXBlaWQmcGFnZT00&ntb=F HTTP/1.1
Host: www.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
sec-ch-ua-mobile: ?0
sec-ch-ua-full-version: "90.0.818.66"
sec-ch-ua-arch: "x86"
sec-ch-ua-platform: "Windows"
sec-ch-ua-platform-version: "10.0"
sec-ch-ua-model: ""
Upgrade-Insecure-Requests: 1
DNT: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Referer: https://www.bing.com/search?q=free+minecraft&cvid=da51f10fee9e4c68929b4d4f7a55def8&aqs=edge..69i57j0l6.3039j0j4&FORM=ANAB01&PC=U531
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=2338596C739167DE37764C0C725866D5; _EDGE_S=F=1&SID=1237EDD3F7EE629C1C5CF8B3F6276339; _EDGE_V=1; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=2D3226E919DD4358A046111CD2C18B22&dmnchg=1; ak_bmsc=2A9335954D3F56E8581EF560E67280CB~000000000000000000000000000000~YAAQhsJkX5eApu2TAQAAQ+eN/RpUqnTT3y0DuOK4JGYnvggFsOXTypTxjSCS2H/QHcqS5/tt98eklF8q24NGXIrzGoufZex6A1fFaYI0HtCXNAmQuV1svccr7m0EXvJ3VvliO+T1k61J9zAUzKtvK2aFs+ul2wAp1uSxNBsiIbRqpqM21hvia0At3e0RLJ7oOrbVsPPZhWTy7+l4ng/bARBf2Hwh2Ap9CsYKoENVXG7Icivuznsh1z4QWy7x5jhQ5Twh6GJQWj3Cg93jzNv5+Rs3xceCOyquicxIYQLJl7UKGsyFt8bjgA/kFCSH4lUnNfL6QPoIcGDmvCsT7fakphMixxP8B6mS1w3OGaqmpzjdjZwbF8wiVNy9Hx2soDk=; MUIDB=2338596C739167DE37764C0C725866D5; SRCHUSR=DOB=20241225&T=1735125755000; _Rwho=u=d&ts=2024-12-25; ipv6=hit=1735129361377&t=4; MSPTC=0sId-ydt5KET1eJHPZpHrN8OIiMSzBo8-a6MuCxIyXw; SRCHHPGUSR=SRCHLANG=en&HV=1735125826&DM=0&NTWKTYP=4g&BRW=M&BRH=S&CW=1280&CH=601&SCW=1263&SCH=1710&DPR=1.0&UTC=0&PV=10.0&WTS=63870722555; _RwBf=r=0&ilt=2&ihpd=0&ispd=2&rc=6&rb=0&gb=0&rg=200&pc=3&mtu=0&rbb=0&g=0&cid=&clo=0&v=2&l=2024-12-25T08:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-12-25T11:23:48.6196096+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _SS=PC=U531&SID=1237EDD3F7EE629C1C5CF8B3F6276339&R=6&RB=0&GB=0&RG=200&RP=3; USRLOC=HS=1&BLOCK=TS=241225112348

Response

HTTP/1.1 302 Moved Temporarily

Cache-Control: no-cache, must-revalidate
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Location: https://www.mcbbs.net/forum.php?mod=forumdisplay&fid=479&typeid=1028&orderby=lastpost&typeid=1028&orderby=lastpost&filter=typeid&page=4
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
X-MSEdge-Ref: Ref A: 1991EF1E5B97464A822BD4A806FA1F4E Ref B: LON601060103052 Ref C: 2024-12-25T11:24:04Z
Content-Length: 0
Date: Wed, 25 Dec 2024 11:24:04 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.85c2645f.1735125844.21569d15
GET

https://www.bing.com/ck/a?!&&p=44d1689868f0fb52755d18dc98d4a015a75ce938d34cba8c7bd7eda29c53abf0JmltdHM9MTczNTA4NDgwMA&ptn=3&ver=2&hsh=4&fclid=2338596c-7391-67de-3776-4c0c725866d5&psq=free+minecraft&u=a1aHR0cHM6Ly93d3cubWNiYnMubmV0L2ZvcnVtLnBocD9tb2Q9Zm9ydW1kaXNwbGF5JmZpZD00NzkmdHlwZWlkPTEwMjgmb3JkZXJieT1sYXN0cG9zdCZ0eXBlaWQ9MTAyOCZvcmRlcmJ5PWxhc3Rwb3N0JmZpbHRlcj10eXBlaWQmcGFnZT00&ntb=F

msedge.exe

Remote address:

95.100.195.154:443

Request

GET /ck/a?!&&p=44d1689868f0fb52755d18dc98d4a015a75ce938d34cba8c7bd7eda29c53abf0JmltdHM9MTczNTA4NDgwMA&ptn=3&ver=2&hsh=4&fclid=2338596c-7391-67de-3776-4c0c725866d5&psq=free+minecraft&u=a1aHR0cHM6Ly93d3cubWNiYnMubmV0L2ZvcnVtLnBocD9tb2Q9Zm9ydW1kaXNwbGF5JmZpZD00NzkmdHlwZWlkPTEwMjgmb3JkZXJieT1sYXN0cG9zdCZ0eXBlaWQ9MTAyOCZvcmRlcmJ5PWxhc3Rwb3N0JmZpbHRlcj10eXBlaWQmcGFnZT00&ntb=F HTTP/1.1
Host: www.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
sec-ch-ua-mobile: ?0
sec-ch-ua-full-version: "90.0.818.66"
sec-ch-ua-arch: "x86"
sec-ch-ua-platform: "Windows"
sec-ch-ua-platform-version: "10.0"
sec-ch-ua-model: ""
Upgrade-Insecure-Requests: 1
DNT: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Referer: https://www.bing.com/search?q=free+minecraft&cvid=da51f10fee9e4c68929b4d4f7a55def8&aqs=edge..69i57j0l6.3039j0j4&FORM=ANAB01&PC=U531
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=2338596C739167DE37764C0C725866D5; _EDGE_S=F=1&SID=1237EDD3F7EE629C1C5CF8B3F6276339; _EDGE_V=1; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=2D3226E919DD4358A046111CD2C18B22&dmnchg=1; ak_bmsc=2A9335954D3F56E8581EF560E67280CB~000000000000000000000000000000~YAAQhsJkX5eApu2TAQAAQ+eN/RpUqnTT3y0DuOK4JGYnvggFsOXTypTxjSCS2H/QHcqS5/tt98eklF8q24NGXIrzGoufZex6A1fFaYI0HtCXNAmQuV1svccr7m0EXvJ3VvliO+T1k61J9zAUzKtvK2aFs+ul2wAp1uSxNBsiIbRqpqM21hvia0At3e0RLJ7oOrbVsPPZhWTy7+l4ng/bARBf2Hwh2Ap9CsYKoENVXG7Icivuznsh1z4QWy7x5jhQ5Twh6GJQWj3Cg93jzNv5+Rs3xceCOyquicxIYQLJl7UKGsyFt8bjgA/kFCSH4lUnNfL6QPoIcGDmvCsT7fakphMixxP8B6mS1w3OGaqmpzjdjZwbF8wiVNy9Hx2soDk=; MUIDB=2338596C739167DE37764C0C725866D5; SRCHUSR=DOB=20241225&T=1735125755000; _Rwho=u=d&ts=2024-12-25; ipv6=hit=1735129361377&t=4; MSPTC=0sId-ydt5KET1eJHPZpHrN8OIiMSzBo8-a6MuCxIyXw; SRCHHPGUSR=SRCHLANG=en&HV=1735125826&DM=0&NTWKTYP=4g&BRW=M&BRH=S&CW=1280&CH=601&SCW=1263&SCH=1710&DPR=1.0&UTC=0&PV=10.0&WTS=63870722555; _RwBf=r=0&ilt=2&ihpd=0&ispd=2&rc=6&rb=0&gb=0&rg=200&pc=3&mtu=0&rbb=0&g=0&cid=&clo=0&v=2&l=2024-12-25T08:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-12-25T11:23:48.6196096+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _SS=PC=U531&SID=1237EDD3F7EE629C1C5CF8B3F6276339&R=6&RB=0&GB=0&RG=200&RP=3; USRLOC=HS=1&BLOCK=TS=241225112348

Response

HTTP/1.1 302 Moved Temporarily

Cache-Control: no-cache, must-revalidate
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Location: https://www.mcbbs.net/forum.php?mod=forumdisplay&fid=479&typeid=1028&orderby=lastpost&typeid=1028&orderby=lastpost&filter=typeid&page=4
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
X-MSEdge-Ref: Ref A: CCFA4FC2C6024968884A5B985FF94133 Ref B: LON601060103052 Ref C: 2024-12-25T11:24:06Z
Content-Length: 0
Date: Wed, 25 Dec 2024 11:24:06 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.85c2645f.1735125846.2156dbce
GET

https://www.bing.com/fd/ls/l?IG=7AAC67B96C9140B491DCA5B62937FD8E&CID=2338596C739167DE37764C0C725866D5&TYPE=Event.TabFocusChanged&DATA=%5B%7B%22T%22%3A%22CI.TabFocusChanged%22%2C%22TS%22%3A1735125856410%2C%22Name%22%3A%22visible%22%2C%22FID%22%3A%22TabFocused%22%7D%5D

msedge.exe

Remote address:

95.100.195.154:443

Request

GET /fd/ls/l?IG=7AAC67B96C9140B491DCA5B62937FD8E&CID=2338596C739167DE37764C0C725866D5&TYPE=Event.TabFocusChanged&DATA=%5B%7B%22T%22%3A%22CI.TabFocusChanged%22%2C%22TS%22%3A1735125856410%2C%22Name%22%3A%22visible%22%2C%22FID%22%3A%22TabFocused%22%7D%5D HTTP/1.1
Host: www.bing.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "90.0.818.66"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://www.bing.com/search?q=mydoom+download&cvid=58d22fbb25184c96826e1baa90a0e51c&aqs=edge.0.0l7.8086j0j4&FORM=ANAB01&PC=U531
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=2338596C739167DE37764C0C725866D5; _EDGE_S=F=1&SID=1237EDD3F7EE629C1C5CF8B3F6276339; _EDGE_V=1; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=2D3226E919DD4358A046111CD2C18B22&dmnchg=1; ak_bmsc=2A9335954D3F56E8581EF560E67280CB~000000000000000000000000000000~YAAQhsJkX5eApu2TAQAAQ+eN/RpUqnTT3y0DuOK4JGYnvggFsOXTypTxjSCS2H/QHcqS5/tt98eklF8q24NGXIrzGoufZex6A1fFaYI0HtCXNAmQuV1svccr7m0EXvJ3VvliO+T1k61J9zAUzKtvK2aFs+ul2wAp1uSxNBsiIbRqpqM21hvia0At3e0RLJ7oOrbVsPPZhWTy7+l4ng/bARBf2Hwh2Ap9CsYKoENVXG7Icivuznsh1z4QWy7x5jhQ5Twh6GJQWj3Cg93jzNv5+Rs3xceCOyquicxIYQLJl7UKGsyFt8bjgA/kFCSH4lUnNfL6QPoIcGDmvCsT7fakphMixxP8B6mS1w3OGaqmpzjdjZwbF8wiVNy9Hx2soDk=; MUIDB=2338596C739167DE37764C0C725866D5; SRCHUSR=DOB=20241225&T=1735125755000; _Rwho=u=d&ts=2024-12-25; ipv6=hit=1735129361377&t=4; MSPTC=0sId-ydt5KET1eJHPZpHrN8OIiMSzBo8-a6MuCxIyXw; SRCHHPGUSR=SRCHLANG=en&HV=1735125826&DM=0&NTWKTYP=4g&BRW=M&BRH=S&CW=1280&CH=601&SCW=1263&SCH=1710&DPR=1.0&UTC=0&PV=10.0&WTS=63870722555; _RwBf=r=0&ilt=2&ihpd=0&ispd=2&rc=6&rb=0&gb=0&rg=200&pc=3&mtu=0&rbb=0&g=0&cid=&clo=0&v=2&l=2024-12-25T08:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-12-25T11:23:48.6196096+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _SS=PC=U531&SID=1237EDD3F7EE629C1C5CF8B3F6276339&R=6&RB=0&GB=0&RG=200&RP=3; USRLOC=HS=1&BLOCK=TS=241225112348

Response

HTTP/1.1 200 OK

Content-Length: 0
Access-Control-Allow-Origin: *
Date: Wed, 25 Dec 2024 11:24:17 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.85c2645f.1735125857.2156e20d
POST

https://www.bing.com/fd/ls/lsp.aspx

msedge.exe

Remote address:

95.100.195.154:443

Request

POST /fd/ls/lsp.aspx HTTP/1.1
Host: www.bing.com
Connection: keep-alive
Content-Length: 604
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "90.0.818.66"
sec-ch-ua-platform-version: "10.0"
Content-Type: text/xml
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
Accept: */*
Origin: https://www.bing.com
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/search?q=mydoom+download&cvid=58d22fbb25184c96826e1baa90a0e51c&aqs=edge.0.0l7.8086j0j4&FORM=ANAB01&PC=U531
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=2338596C739167DE37764C0C725866D5; _EDGE_S=F=1&SID=1237EDD3F7EE629C1C5CF8B3F6276339; _EDGE_V=1; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=2D3226E919DD4358A046111CD2C18B22&dmnchg=1; ak_bmsc=2A9335954D3F56E8581EF560E67280CB~000000000000000000000000000000~YAAQhsJkX5eApu2TAQAAQ+eN/RpUqnTT3y0DuOK4JGYnvggFsOXTypTxjSCS2H/QHcqS5/tt98eklF8q24NGXIrzGoufZex6A1fFaYI0HtCXNAmQuV1svccr7m0EXvJ3VvliO+T1k61J9zAUzKtvK2aFs+ul2wAp1uSxNBsiIbRqpqM21hvia0At3e0RLJ7oOrbVsPPZhWTy7+l4ng/bARBf2Hwh2Ap9CsYKoENVXG7Icivuznsh1z4QWy7x5jhQ5Twh6GJQWj3Cg93jzNv5+Rs3xceCOyquicxIYQLJl7UKGsyFt8bjgA/kFCSH4lUnNfL6QPoIcGDmvCsT7fakphMixxP8B6mS1w3OGaqmpzjdjZwbF8wiVNy9Hx2soDk=; MUIDB=2338596C739167DE37764C0C725866D5; SRCHUSR=DOB=20241225&T=1735125755000; _Rwho=u=d&ts=2024-12-25; ipv6=hit=1735129361377&t=4; MSPTC=0sId-ydt5KET1eJHPZpHrN8OIiMSzBo8-a6MuCxIyXw; SRCHHPGUSR=SRCHLANG=en&HV=1735125826&DM=0&NTWKTYP=4g&BRW=M&BRH=S&CW=1280&CH=601&SCW=1263&SCH=1710&DPR=1.0&UTC=0&PV=10.0&WTS=63870722555; _RwBf=r=0&ilt=2&ihpd=0&ispd=2&rc=6&rb=0&gb=0&rg=200&pc=3&mtu=0&rbb=0&g=0&cid=&clo=0&v=2&l=2024-12-25T08:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-12-25T11:23:48.6196096+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _SS=PC=U531&SID=1237EDD3F7EE629C1C5CF8B3F6276339&R=6&RB=0&GB=0&RG=200&RP=3; USRLOC=HS=1&BLOCK=TS=241225112348

Response

HTTP/1.1 204 No Content

Access-Control-Allow-Origin: *
Date: Wed, 25 Dec 2024 11:24:18 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.85c2645f.1735125858.21571a9b
POST

https://www.bing.com/fd/ls/lsp.aspx

msedge.exe

Remote address:

95.100.195.154:443

Request

POST /fd/ls/lsp.aspx HTTP/1.1
Host: www.bing.com
Connection: keep-alive
Content-Length: 605
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "90.0.818.66"
sec-ch-ua-platform-version: "10.0"
Content-Type: text/plain
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
Accept: */*
Origin: https://www.bing.com
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: empty
Referer: https://www.bing.com/search?q=mydoom+download&cvid=58d22fbb25184c96826e1baa90a0e51c&aqs=edge.0.0l7.8086j0j4&FORM=ANAB01&PC=U531
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=2338596C739167DE37764C0C725866D5; _EDGE_S=F=1&SID=1237EDD3F7EE629C1C5CF8B3F6276339; _EDGE_V=1; SRCHD=AF=ANAB01; SRCHUID=V=2&GUID=2D3226E919DD4358A046111CD2C18B22&dmnchg=1; ak_bmsc=2A9335954D3F56E8581EF560E67280CB~000000000000000000000000000000~YAAQhsJkX5eApu2TAQAAQ+eN/RpUqnTT3y0DuOK4JGYnvggFsOXTypTxjSCS2H/QHcqS5/tt98eklF8q24NGXIrzGoufZex6A1fFaYI0HtCXNAmQuV1svccr7m0EXvJ3VvliO+T1k61J9zAUzKtvK2aFs+ul2wAp1uSxNBsiIbRqpqM21hvia0At3e0RLJ7oOrbVsPPZhWTy7+l4ng/bARBf2Hwh2Ap9CsYKoENVXG7Icivuznsh1z4QWy7x5jhQ5Twh6GJQWj3Cg93jzNv5+Rs3xceCOyquicxIYQLJl7UKGsyFt8bjgA/kFCSH4lUnNfL6QPoIcGDmvCsT7fakphMixxP8B6mS1w3OGaqmpzjdjZwbF8wiVNy9Hx2soDk=; MUIDB=2338596C739167DE37764C0C725866D5; SRCHUSR=DOB=20241225&T=1735125755000; _Rwho=u=d&ts=2024-12-25; ipv6=hit=1735129361377&t=4; MSPTC=0sId-ydt5KET1eJHPZpHrN8OIiMSzBo8-a6MuCxIyXw; SRCHHPGUSR=SRCHLANG=en&HV=1735125826&DM=0&NTWKTYP=4g&BRW=M&BRH=S&CW=1280&CH=601&SCW=1263&SCH=1710&DPR=1.0&UTC=0&PV=10.0&WTS=63870722555; _RwBf=r=0&ilt=2&ihpd=0&ispd=2&rc=6&rb=0&gb=0&rg=200&pc=3&mtu=0&rbb=0&g=0&cid=&clo=0&v=2&l=2024-12-25T08:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2024-12-25T11:23:48.6196096+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; _SS=PC=U531&SID=1237EDD3F7EE629C1C5CF8B3F6276339&R=6&RB=0&GB=0&RG=200&RP=3; USRLOC=HS=1&BLOCK=TS=241225112348

Response

HTTP/1.1 204 No Content

Access-Control-Allow-Origin: *
Date: Wed, 25 Dec 2024 11:24:18 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
X-CDN-TraceID: 0.85c2645f.1735125858.21571ed8
GET

https://github.com/Da2dalus/The-MALWARE-Repo/tree/master/Ransomware?noancestors=1

msedge.exe

Remote address:

20.26.156.215:443

Request

GET /Da2dalus/The-MALWARE-Repo/tree/master/Ransomware?noancestors=1 HTTP/2.0
host: github.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
content-type: application/json
accept: application/json
x-requested-with: XMLHttpRequest
github-verified-fetch: true
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/RAT/CrimsonRAT.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _gh_sess=AkizHccWs058JF915G7ccw%2BB5j5gvBsb1qe1F87Db97iiILQ7LZsw661Mfaf6vJR4%2FcbDgz%2FWM5QAUrGSSB%2BxPih63Wy2sR%2BDGqX%2F7t%2FlRmJVwlf%2FliS7wnZL6Dz4Y62nGQ4KddCN8j%2BfTsEy4wEMtylh%2B2DhMEqz%2FgQGpAPkDdcnn5brc3pxP0JBrHD5iw4LL4ZdrQwGVAfWz%2BrFY0Y0xi4L1Hq%2BzDNUrWRwimvSNh%2FzmJZ4P4cR%2FpINkiUYlkSlNJT%2Bekf1DPwTkD8FpNxww%3D%3D--1kFgd1vMoHmfTe9E--Ddf9OXfwk5UkzYwPZs3ZKw%3D%3D
cookie: _octo=GH1.1.1788271999.1735125765
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 200

server: GitHub.com
date: Wed, 25 Dec 2024 11:24:22 GMT
content-type: application/json; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
etag: W/"c8027b6553d99da57738a23cd73fd14d"
cache-control: max-age=0, private, must-revalidate
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
content-encoding: gzip
accept-ranges: bytes
content-length: 1457
x-github-request-id: 2863:281000:3443D1:43149B:676BEB65
GET

https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Ransomware/CoronaVirus.exe

msedge.exe

Remote address:

20.26.156.215:443

Request

GET /Da2dalus/The-MALWARE-Repo/blob/master/Ransomware/CoronaVirus.exe HTTP/2.0
host: github.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: application/json
x-requested-with: XMLHttpRequest
x-react-router: json
x-github-target: dotcom
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Ransomware/CoronaVirus.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _gh_sess=AkizHccWs058JF915G7ccw%2BB5j5gvBsb1qe1F87Db97iiILQ7LZsw661Mfaf6vJR4%2FcbDgz%2FWM5QAUrGSSB%2BxPih63Wy2sR%2BDGqX%2F7t%2FlRmJVwlf%2FliS7wnZL6Dz4Y62nGQ4KddCN8j%2BfTsEy4wEMtylh%2B2DhMEqz%2FgQGpAPkDdcnn5brc3pxP0JBrHD5iw4LL4ZdrQwGVAfWz%2BrFY0Y0xi4L1Hq%2BzDNUrWRwimvSNh%2FzmJZ4P4cR%2FpINkiUYlkSlNJT%2Bekf1DPwTkD8FpNxww%3D%3D--1kFgd1vMoHmfTe9E--Ddf9OXfwk5UkzYwPZs3ZKw%3D%3D
cookie: _octo=GH1.1.1788271999.1735125765
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 200

server: GitHub.com
date: Wed, 25 Dec 2024 11:24:29 GMT
content-type: application/json; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
etag: W/"d7a74b7d4d7ff1e3d95dbeb32feba515"
cache-control: max-age=0, private, must-revalidate
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
content-encoding: gzip
accept-ranges: bytes
content-length: 2203
x-github-request-id: 2863:281000:34464A:4317B9:676BEB66
GET

https://github.com/Da2dalus/The-MALWARE-Repo/latest-commit/master/Ransomware/CoronaVirus.exe

msedge.exe

Remote address:

20.26.156.215:443

Request

GET /Da2dalus/The-MALWARE-Repo/latest-commit/master/Ransomware/CoronaVirus.exe HTTP/2.0
host: github.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
content-type: application/json
accept: application/json
x-requested-with: XMLHttpRequest
github-verified-fetch: true
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Ransomware/CoronaVirus.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _gh_sess=AkizHccWs058JF915G7ccw%2BB5j5gvBsb1qe1F87Db97iiILQ7LZsw661Mfaf6vJR4%2FcbDgz%2FWM5QAUrGSSB%2BxPih63Wy2sR%2BDGqX%2F7t%2FlRmJVwlf%2FliS7wnZL6Dz4Y62nGQ4KddCN8j%2BfTsEy4wEMtylh%2B2DhMEqz%2FgQGpAPkDdcnn5brc3pxP0JBrHD5iw4LL4ZdrQwGVAfWz%2BrFY0Y0xi4L1Hq%2BzDNUrWRwimvSNh%2FzmJZ4P4cR%2FpINkiUYlkSlNJT%2Bekf1DPwTkD8FpNxww%3D%3D--1kFgd1vMoHmfTe9E--Ddf9OXfwk5UkzYwPZs3ZKw%3D%3D
cookie: _octo=GH1.1.1788271999.1735125765
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 200

server: GitHub.com
date: Wed, 25 Dec 2024 11:24:29 GMT
content-type: application/json; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
etag: W/"daa8cdc28e2a92e29b5b249ec65db5d2"
cache-control: max-age=0, private, must-revalidate
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
content-encoding: gzip
accept-ranges: bytes
content-length: 442
x-github-request-id: 2863:281000:344683:4317FC:676BEB6D
GET

https://github.com/Da2dalus/The-MALWARE-Repo/deferred-metadata/master/Ransomware/CoronaVirus.exe

msedge.exe

Remote address:

20.26.156.215:443

Request

GET /Da2dalus/The-MALWARE-Repo/deferred-metadata/master/Ransomware/CoronaVirus.exe HTTP/2.0
host: github.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
content-type: application/json
accept: application/json
x-requested-with: XMLHttpRequest
github-verified-fetch: true
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Ransomware/CoronaVirus.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _gh_sess=AkizHccWs058JF915G7ccw%2BB5j5gvBsb1qe1F87Db97iiILQ7LZsw661Mfaf6vJR4%2FcbDgz%2FWM5QAUrGSSB%2BxPih63Wy2sR%2BDGqX%2F7t%2FlRmJVwlf%2FliS7wnZL6Dz4Y62nGQ4KddCN8j%2BfTsEy4wEMtylh%2B2DhMEqz%2FgQGpAPkDdcnn5brc3pxP0JBrHD5iw4LL4ZdrQwGVAfWz%2BrFY0Y0xi4L1Hq%2BzDNUrWRwimvSNh%2FzmJZ4P4cR%2FpINkiUYlkSlNJT%2Bekf1DPwTkD8FpNxww%3D%3D--1kFgd1vMoHmfTe9E--Ddf9OXfwk5UkzYwPZs3ZKw%3D%3D
cookie: _octo=GH1.1.1788271999.1735125765
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 200

server: GitHub.com
date: Wed, 25 Dec 2024 11:24:30 GMT
content-type: application/json; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
etag: W/"3b1ec0bc5e0864a5815defaffc90db22"
cache-control: max-age=0, private, must-revalidate
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
content-encoding: gzip
accept-ranges: bytes
content-length: 181
x-github-request-id: 2863:281000:344685:431801:676BEB6D
GET

https://github.com/Da2dalus/The-MALWARE-Repo/raw/refs/heads/master/Ransomware/CoronaVirus.exe

msedge.exe

Remote address:

20.26.156.215:443

Request

GET /Da2dalus/The-MALWARE-Repo/raw/refs/heads/master/Ransomware/CoronaVirus.exe HTTP/2.0
host: github.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Ransomware/CoronaVirus.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _gh_sess=AkizHccWs058JF915G7ccw%2BB5j5gvBsb1qe1F87Db97iiILQ7LZsw661Mfaf6vJR4%2FcbDgz%2FWM5QAUrGSSB%2BxPih63Wy2sR%2BDGqX%2F7t%2FlRmJVwlf%2FliS7wnZL6Dz4Y62nGQ4KddCN8j%2BfTsEy4wEMtylh%2B2DhMEqz%2FgQGpAPkDdcnn5brc3pxP0JBrHD5iw4LL4ZdrQwGVAfWz%2BrFY0Y0xi4L1Hq%2BzDNUrWRwimvSNh%2FzmJZ4P4cR%2FpINkiUYlkSlNJT%2Bekf1DPwTkD8FpNxww%3D%3D--1kFgd1vMoHmfTe9E--Ddf9OXfwk5UkzYwPZs3ZKw%3D%3D
cookie: _octo=GH1.1.1788271999.1735125765
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 302

server: GitHub.com
date: Wed, 25 Dec 2024 11:24:31 GMT
content-type: text/html; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
access-control-allow-origin:
location: https://raw.githubusercontent.com/Da2dalus/The-MALWARE-Repo/refs/heads/master/Ransomware/CoronaVirus.exe
cache-control: no-cache
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
content-length: 0
x-github-request-id: 2863:281000:34474A:43190B:676BEB6E
GET

https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Ransomware/RedEye.exe

msedge.exe

Remote address:

20.26.156.215:443

Request

GET /Da2dalus/The-MALWARE-Repo/blob/master/Ransomware/RedEye.exe HTTP/2.0
host: github.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: application/json
x-requested-with: XMLHttpRequest
x-react-router: json
x-github-target: dotcom
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Ransomware/RedEye.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _gh_sess=AkizHccWs058JF915G7ccw%2BB5j5gvBsb1qe1F87Db97iiILQ7LZsw661Mfaf6vJR4%2FcbDgz%2FWM5QAUrGSSB%2BxPih63Wy2sR%2BDGqX%2F7t%2FlRmJVwlf%2FliS7wnZL6Dz4Y62nGQ4KddCN8j%2BfTsEy4wEMtylh%2B2DhMEqz%2FgQGpAPkDdcnn5brc3pxP0JBrHD5iw4LL4ZdrQwGVAfWz%2BrFY0Y0xi4L1Hq%2BzDNUrWRwimvSNh%2FzmJZ4P4cR%2FpINkiUYlkSlNJT%2Bekf1DPwTkD8FpNxww%3D%3D--1kFgd1vMoHmfTe9E--Ddf9OXfwk5UkzYwPZs3ZKw%3D%3D
cookie: _octo=GH1.1.1788271999.1735125765
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 200

server: GitHub.com
date: Wed, 25 Dec 2024 11:24:54 GMT
content-type: application/json; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
etag: W/"86de359728ea809633547fd3bd9d5d48"
cache-control: max-age=0, private, must-revalidate
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
content-encoding: gzip
accept-ranges: bytes
content-length: 2275
x-github-request-id: 2863:281000:344EBA:43228F:676BEB6F
POST

https://api.github.com/_private/browser/stats

msedge.exe

Remote address:

20.26.156.210:443

Request

POST /_private/browser/stats HTTP/2.0
host: api.github.com
content-length: 225
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
content-type: text/plain;charset=UTF-8
accept: */*
origin: https://github.com
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Ransomware/RedEye.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _octo=GH1.1.1788271999.1735125765
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 200

date: Wed, 25 Dec 2024 11:25:05 GMT
content-type: text/plain
content-length: 0
cache-control: no-cache
x-ratelimit-limit: 60
x-ratelimit-remaining: 60
x-ratelimit-reset: 1735129505
x-ratelimit-used: 0
x-ratelimit-resource: core
x-github-media-type: github.v3; format=json
x-github-api-version-selected: 2022-11-28
access-control-expose-headers: ETag, Link, Location, Retry-After, X-GitHub-OTP, X-RateLimit-Limit, X-RateLimit-Remaining, X-RateLimit-Used, X-RateLimit-Resource, X-RateLimit-Reset, X-OAuth-Scopes, X-Accepted-OAuth-Scopes, X-Poll-Interval, X-GitHub-Media-Type, X-GitHub-SSO, X-GitHub-Request-Id, Deprecation, Sunset
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
content-security-policy: default-src 'none'
vary: Accept-Encoding, Accept, X-Requested-With
server: github.com
x-github-request-id: FDFE:F35B1:260626:30AE6A:676BEB91
POST

https://api.github.com/_private/browser/stats

msedge.exe

Remote address:

20.26.156.210:443

Request

POST /_private/browser/stats HTTP/2.0
host: api.github.com
content-length: 757
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
content-type: text/plain;charset=UTF-8
accept: */*
origin: https://github.com
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Ransomware/RedEye.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _octo=GH1.1.1788271999.1735125765
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 200

date: Wed, 25 Dec 2024 11:25:16 GMT
content-type: text/plain
content-length: 0
cache-control: no-cache
x-ratelimit-limit: 60
x-ratelimit-remaining: 60
x-ratelimit-reset: 1735129516
x-ratelimit-used: 0
x-ratelimit-resource: core
x-github-media-type: github.v3; format=json
x-github-api-version-selected: 2022-11-28
access-control-expose-headers: ETag, Link, Location, Retry-After, X-GitHub-OTP, X-RateLimit-Limit, X-RateLimit-Remaining, X-RateLimit-Used, X-RateLimit-Resource, X-RateLimit-Reset, X-OAuth-Scopes, X-Accepted-OAuth-Scopes, X-Poll-Interval, X-GitHub-Media-Type, X-GitHub-SSO, X-GitHub-Request-Id, Deprecation, Sunset
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
content-security-policy: default-src 'none'
vary: Accept-Encoding, Accept, X-Requested-With
server: github.com
x-github-request-id: FDFE:F35B1:260A57:30B35D:676BEB91
POST

https://api.github.com/_private/browser/stats

msedge.exe

Remote address:

20.26.156.210:443

Request

POST /_private/browser/stats HTTP/2.0
host: api.github.com
content-length: 223
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
content-type: text/plain;charset=UTF-8
accept: */*
origin: https://github.com
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Ransomware/RedEye.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _octo=GH1.1.1788271999.1735125765
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 200

date: Wed, 25 Dec 2024 11:25:21 GMT
content-type: text/plain
content-length: 0
cache-control: no-cache
x-ratelimit-limit: 60
x-ratelimit-remaining: 60
x-ratelimit-reset: 1735129521
x-ratelimit-used: 0
x-ratelimit-resource: core
x-github-media-type: github.v3; format=json
x-github-api-version-selected: 2022-11-28
access-control-expose-headers: ETag, Link, Location, Retry-After, X-GitHub-OTP, X-RateLimit-Limit, X-RateLimit-Remaining, X-RateLimit-Used, X-RateLimit-Resource, X-RateLimit-Reset, X-OAuth-Scopes, X-Accepted-OAuth-Scopes, X-Poll-Interval, X-GitHub-Media-Type, X-GitHub-SSO, X-GitHub-Request-Id, Deprecation, Sunset
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
content-security-policy: default-src 'none'
vary: Accept-Encoding, Accept, X-Requested-With
server: github.com
x-github-request-id: FDFE:F35B1:260BD6:30B52D:676BEB9C
GET

https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Ransomware/RedEye.exe

msedge.exe

Remote address:

20.26.156.215:443

Request

GET /Da2dalus/The-MALWARE-Repo/blob/master/Ransomware/RedEye.exe HTTP/2.0
host: github.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: application/json
x-requested-with: XMLHttpRequest
x-react-router: json
x-github-target: dotcom
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Ransomware/RedEye.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _gh_sess=AkizHccWs058JF915G7ccw%2BB5j5gvBsb1qe1F87Db97iiILQ7LZsw661Mfaf6vJR4%2FcbDgz%2FWM5QAUrGSSB%2BxPih63Wy2sR%2BDGqX%2F7t%2FlRmJVwlf%2FliS7wnZL6Dz4Y62nGQ4KddCN8j%2BfTsEy4wEMtylh%2B2DhMEqz%2FgQGpAPkDdcnn5brc3pxP0JBrHD5iw4LL4ZdrQwGVAfWz%2BrFY0Y0xi4L1Hq%2BzDNUrWRwimvSNh%2FzmJZ4P4cR%2FpINkiUYlkSlNJT%2Bekf1DPwTkD8FpNxww%3D%3D--1kFgd1vMoHmfTe9E--Ddf9OXfwk5UkzYwPZs3ZKw%3D%3D
cookie: _octo=GH1.1.1788271999.1735125765
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC
if-none-match: W/"86de359728ea809633547fd3bd9d5d48"

Response

HTTP/2.0 200

server: GitHub.com
date: Wed, 25 Dec 2024 11:25:08 GMT
content-type: application/json; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
etag: W/"f49742a24b673d250cdb8fd7dd03e70d"
cache-control: max-age=0, private, must-revalidate
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
content-encoding: gzip
accept-ranges: bytes
content-length: 2274
x-github-request-id: C994:C583:33D396:42A834:676BEB93
GET

https://github.com/Da2dalus/The-MALWARE-Repo/raw/refs/heads/master/Ransomware/CoronaVirus.exe

msedge.exe

Remote address:

20.26.156.215:443

Request

GET /Da2dalus/The-MALWARE-Repo/raw/refs/heads/master/Ransomware/CoronaVirus.exe HTTP/2.0
host: github.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Ransomware/RedEye.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _gh_sess=AkizHccWs058JF915G7ccw%2BB5j5gvBsb1qe1F87Db97iiILQ7LZsw661Mfaf6vJR4%2FcbDgz%2FWM5QAUrGSSB%2BxPih63Wy2sR%2BDGqX%2F7t%2FlRmJVwlf%2FliS7wnZL6Dz4Y62nGQ4KddCN8j%2BfTsEy4wEMtylh%2B2DhMEqz%2FgQGpAPkDdcnn5brc3pxP0JBrHD5iw4LL4ZdrQwGVAfWz%2BrFY0Y0xi4L1Hq%2BzDNUrWRwimvSNh%2FzmJZ4P4cR%2FpINkiUYlkSlNJT%2Bekf1DPwTkD8FpNxww%3D%3D--1kFgd1vMoHmfTe9E--Ddf9OXfwk5UkzYwPZs3ZKw%3D%3D
cookie: _octo=GH1.1.1788271999.1735125765
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 302

server: GitHub.com
date: Wed, 25 Dec 2024 11:25:12 GMT
content-type: text/html; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
access-control-allow-origin:
location: https://raw.githubusercontent.com/Da2dalus/The-MALWARE-Repo/refs/heads/master/Ransomware/CoronaVirus.exe
cache-control: no-cache
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
content-length: 0
x-github-request-id: C994:C583:33D489:42A97A:676BEB94
GET

https://github.com/Da2dalus/The-MALWARE-Repo/latest-commit/master/Ransomware/RedEye.exe

msedge.exe

Remote address:

20.26.156.215:443

Request

GET /Da2dalus/The-MALWARE-Repo/latest-commit/master/Ransomware/RedEye.exe HTTP/2.0
host: github.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
content-type: application/json
accept: application/json
x-requested-with: XMLHttpRequest
github-verified-fetch: true
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Ransomware/RedEye.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _gh_sess=AkizHccWs058JF915G7ccw%2BB5j5gvBsb1qe1F87Db97iiILQ7LZsw661Mfaf6vJR4%2FcbDgz%2FWM5QAUrGSSB%2BxPih63Wy2sR%2BDGqX%2F7t%2FlRmJVwlf%2FliS7wnZL6Dz4Y62nGQ4KddCN8j%2BfTsEy4wEMtylh%2B2DhMEqz%2FgQGpAPkDdcnn5brc3pxP0JBrHD5iw4LL4ZdrQwGVAfWz%2BrFY0Y0xi4L1Hq%2BzDNUrWRwimvSNh%2FzmJZ4P4cR%2FpINkiUYlkSlNJT%2Bekf1DPwTkD8FpNxww%3D%3D--1kFgd1vMoHmfTe9E--Ddf9OXfwk5UkzYwPZs3ZKw%3D%3D
cookie: _octo=GH1.1.1788271999.1735125765
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 200

server: GitHub.com
date: Wed, 25 Dec 2024 11:25:12 GMT
content-type: application/json; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
etag: W/"3ced86846dae3ee107fee9d1856e8b37"
cache-control: max-age=0, private, must-revalidate
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
content-encoding: gzip
accept-ranges: bytes
content-length: 478
x-github-request-id: C994:C583:33D532:42AA42:676BEB98
GET

https://github.com/Da2dalus/The-MALWARE-Repo/deferred-metadata/master/Ransomware/RedEye.exe

msedge.exe

Remote address:

20.26.156.215:443

Request

GET /Da2dalus/The-MALWARE-Repo/deferred-metadata/master/Ransomware/RedEye.exe HTTP/2.0
host: github.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
content-type: application/json
accept: application/json
x-requested-with: XMLHttpRequest
github-verified-fetch: true
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Ransomware/RedEye.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _gh_sess=AkizHccWs058JF915G7ccw%2BB5j5gvBsb1qe1F87Db97iiILQ7LZsw661Mfaf6vJR4%2FcbDgz%2FWM5QAUrGSSB%2BxPih63Wy2sR%2BDGqX%2F7t%2FlRmJVwlf%2FliS7wnZL6Dz4Y62nGQ4KddCN8j%2BfTsEy4wEMtylh%2B2DhMEqz%2FgQGpAPkDdcnn5brc3pxP0JBrHD5iw4LL4ZdrQwGVAfWz%2BrFY0Y0xi4L1Hq%2BzDNUrWRwimvSNh%2FzmJZ4P4cR%2FpINkiUYlkSlNJT%2Bekf1DPwTkD8FpNxww%3D%3D--1kFgd1vMoHmfTe9E--Ddf9OXfwk5UkzYwPZs3ZKw%3D%3D
cookie: _octo=GH1.1.1788271999.1735125765
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 200

server: GitHub.com
date: Wed, 25 Dec 2024 11:25:12 GMT
content-type: application/json; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
etag: W/"3b1ec0bc5e0864a5815defaffc90db22"
cache-control: max-age=0, private, must-revalidate
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
content-encoding: gzip
accept-ranges: bytes
content-length: 181
x-github-request-id: C994:C583:33D532:42AA4A:676BEB98
POST

https://collector.github.com/github/collect

msedge.exe

Remote address:

140.82.112.21:443

Request

POST /github/collect HTTP/2.0
host: collector.github.com
content-length: 1193
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
content-type: text/plain;charset=UTF-8
accept: */*
origin: https://github.com
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Ransomware/RedEye.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _octo=GH1.1.1788271999.1735125765
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 204

date: Wed, 25 Dec 2024 11:25:11 GMT
access-control-allow-methods: POST,OPTIONS
access-control-allow-headers: Content-Type
access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: no-cache
x-runtime: 0.026680
strict-transport-security: max-age=631138519
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-github-backend: Kubernetes
x-github-request-id: 439A:228380:891F55:D545F3:676BEB97
POST

https://collector.github.com/github/collect

msedge.exe

Remote address:

140.82.112.21:443

Request

POST /github/collect HTTP/2.0
host: collector.github.com
content-length: 1169
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
content-type: text/plain;charset=UTF-8
accept: */*
origin: https://github.com
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Ransomware/RedEye.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _octo=GH1.1.1788271999.1735125765
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 204

date: Wed, 25 Dec 2024 11:25:12 GMT
access-control-allow-methods: POST,OPTIONS
access-control-allow-headers: Content-Type
access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: no-cache
x-runtime: 0.082377
strict-transport-security: max-age=631138519
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-github-backend: Kubernetes
x-github-request-id: 439A:228380:891F57:D545F8:676BEB97
POST

https://collector.github.com/github/collect

msedge.exe

Remote address:

140.82.112.21:443

Request

POST /github/collect HTTP/2.0
host: collector.github.com
content-length: 1268
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
content-type: text/plain;charset=UTF-8
accept: */*
origin: https://github.com
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Ransomware/RedEye.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _octo=GH1.1.1788271999.1735125765
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 204

date: Wed, 25 Dec 2024 11:26:04 GMT
access-control-allow-methods: POST,OPTIONS
access-control-allow-headers: Content-Type
access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: no-cache
x-runtime: 0.108404
strict-transport-security: max-age=631138519
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-github-backend: Kubernetes
x-github-request-id: 439A:228380:894CC7:D58CCF:676BEB98
POST

https://collector.github.com/github/collect

msedge.exe

Remote address:

140.82.112.21:443

Request

POST /github/collect HTTP/2.0
host: collector.github.com
content-length: 1189
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
content-type: text/plain;charset=UTF-8
accept: */*
origin: https://github.com
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Ransomware/WannaCrypt0r.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _octo=GH1.1.1788271999.1735125765
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 204

date: Wed, 25 Dec 2024 11:26:05 GMT
access-control-allow-methods: POST,OPTIONS
access-control-allow-headers: Content-Type
access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: no-cache
x-runtime: 0.080723
strict-transport-security: max-age=631138519
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-github-backend: Kubernetes
x-github-request-id: 439A:228380:894D50:D58DAC:676BEBCC
POST

https://collector.github.com/github/collect

msedge.exe

Remote address:

140.82.112.21:443

Request

POST /github/collect HTTP/2.0
host: collector.github.com
content-length: 1176
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
content-type: text/plain;charset=UTF-8
accept: */*
origin: https://github.com
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Ransomware/WannaCrypt0r.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _octo=GH1.1.1788271999.1735125765
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 204

date: Wed, 25 Dec 2024 11:26:05 GMT
access-control-allow-methods: POST,OPTIONS
access-control-allow-headers: Content-Type
access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: no-cache
x-runtime: 0.028341
strict-transport-security: max-age=631138519
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-github-backend: Kubernetes
x-github-request-id: 439A:228380:894D62:D58DC8:676BEBCD
POST

https://collector.github.com/github/collect

msedge.exe

Remote address:

140.82.112.21:443

Request

POST /github/collect HTTP/2.0
host: collector.github.com
content-length: 1282
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
content-type: text/plain;charset=UTF-8
accept: */*
origin: https://github.com
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Ransomware/WannaCrypt0r.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _octo=GH1.1.1788271999.1735125765
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 204

date: Wed, 25 Dec 2024 11:26:06 GMT
access-control-allow-methods: POST,OPTIONS
access-control-allow-headers: Content-Type
access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: no-cache
x-runtime: 0.108519
strict-transport-security: max-age=631138519
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-github-backend: Kubernetes
x-github-request-id: 439A:228380:894E5E:D58F4C:676BEBCD
POST

https://collector.github.com/github/collect

msedge.exe

Remote address:

140.82.112.21:443

Request

POST /github/collect HTTP/2.0
host: collector.github.com
content-length: 1184
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
content-type: text/plain;charset=UTF-8
accept: */*
origin: https://github.com
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Ransomware/WannaCry.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _octo=GH1.1.1788271999.1735125765
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 204

date: Wed, 25 Dec 2024 11:26:06 GMT
access-control-allow-methods: POST,OPTIONS
access-control-allow-headers: Content-Type
access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: no-cache
x-runtime: 0.003240
strict-transport-security: max-age=631138519
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-github-backend: Kubernetes
x-github-request-id: 439A:228380:894E9B:D58FA1:676BEBCE
POST

https://collector.github.com/github/collect

msedge.exe

Remote address:

140.82.112.21:443

Request

POST /github/collect HTTP/2.0
host: collector.github.com
content-length: 1174
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
content-type: text/plain;charset=UTF-8
accept: */*
origin: https://github.com
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Ransomware/WannaCry.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _octo=GH1.1.1788271999.1735125765
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 204

date: Wed, 25 Dec 2024 11:26:06 GMT
access-control-allow-methods: POST,OPTIONS
access-control-allow-headers: Content-Type
access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: no-cache
x-runtime: 0.041327
strict-transport-security: max-age=631138519
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-github-backend: Kubernetes
x-github-request-id: 439A:228380:894EA6:D58FB3:676BEBCE
POST

https://collector.github.com/github/collect

msedge.exe

Remote address:

140.82.112.21:443

Request

POST /github/collect HTTP/2.0
host: collector.github.com
content-length: 1221
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
content-type: text/plain;charset=UTF-8
accept: */*
origin: https://github.com
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Ransomware/WannaCry.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _octo=GH1.1.1788271999.1735125765
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 204

date: Wed, 25 Dec 2024 11:26:12 GMT
access-control-allow-methods: POST,OPTIONS
access-control-allow-headers: Content-Type
access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: no-cache
x-runtime: 0.002540
strict-transport-security: max-age=631138519
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-github-backend: Kubernetes
x-github-request-id: 439A:228380:8953EA:D597CA:676BEBCE
POST

https://collector.github.com/github/collect

msedge.exe

Remote address:

140.82.112.21:443

Request

POST /github/collect HTTP/2.0
host: collector.github.com
content-length: 1220
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
content-type: text/plain;charset=UTF-8
accept: */*
origin: https://github.com
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Ransomware/WannaCry.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _octo=GH1.1.1788271999.1735125765
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 204

date: Wed, 25 Dec 2024 11:26:14 GMT
access-control-allow-methods: POST,OPTIONS
access-control-allow-headers: Content-Type
access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: no-cache
x-runtime: 0.107591
strict-transport-security: max-age=631138519
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-github-backend: Kubernetes
x-github-request-id: 439A:228380:8955D8:D59AA9:676BEBD4
POST

https://collector.github.com/github/collect

msedge.exe

Remote address:

140.82.112.21:443

Request

POST /github/collect HTTP/2.0
host: collector.github.com
content-length: 1279
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
content-type: text/plain;charset=UTF-8
accept: */*
origin: https://github.com
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Ransomware/WannaCry.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _octo=GH1.1.1788271999.1735125765
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 204

date: Wed, 25 Dec 2024 11:26:16 GMT
access-control-allow-methods: POST,OPTIONS
access-control-allow-headers: Content-Type
access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: no-cache
x-runtime: 0.107949
strict-transport-security: max-age=631138519
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-github-backend: Kubernetes
x-github-request-id: 439A:228380:8956FE:D59C81:676BEBD6
POST

https://collector.github.com/github/collect

msedge.exe

Remote address:

140.82.112.21:443

Request

POST /github/collect HTTP/2.0
host: collector.github.com
content-length: 1185
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
content-type: text/plain;charset=UTF-8
accept: */*
origin: https://github.com
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Trojan/MrsMajors/MrsMajor3.0.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _octo=GH1.1.1788271999.1735125765
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 204

date: Wed, 25 Dec 2024 11:26:16 GMT
access-control-allow-methods: POST,OPTIONS
access-control-allow-headers: Content-Type
access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: no-cache
x-runtime: 0.002578
strict-transport-security: max-age=631138519
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-github-backend: Kubernetes
x-github-request-id: 439A:228380:895767:D59D16:676BEBD8
POST

https://collector.github.com/github/collect

msedge.exe

Remote address:

140.82.112.21:443

Request

POST /github/collect HTTP/2.0
host: collector.github.com
content-length: 1188
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
content-type: text/plain;charset=UTF-8
accept: */*
origin: https://github.com
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Trojan/MrsMajors/MrsMajor3.0.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _octo=GH1.1.1788271999.1735125765
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 204

date: Wed, 25 Dec 2024 11:26:16 GMT
access-control-allow-methods: POST,OPTIONS
access-control-allow-headers: Content-Type
access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: no-cache
x-runtime: 0.056084
strict-transport-security: max-age=631138519
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-github-backend: Kubernetes
x-github-request-id: 439A:228380:895771:D59D28:676BEBD8
POST

https://collector.github.com/github/collect

msedge.exe

Remote address:

140.82.112.21:443

Request

POST /github/collect HTTP/2.0
host: collector.github.com
content-length: 1295
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
content-type: text/plain;charset=UTF-8
accept: */*
origin: https://github.com
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Trojan/MrsMajors/MrsMajor3.0.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _octo=GH1.1.1788271999.1735125765
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 204

date: Wed, 25 Dec 2024 11:27:39 GMT
access-control-allow-methods: POST,OPTIONS
access-control-allow-headers: Content-Type
access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: no-cache
x-runtime: 0.108705
strict-transport-security: max-age=631138519
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-github-backend: Kubernetes
x-github-request-id: 439A:228380:899FD0:D60D9B:676BEBD8
POST

https://collector.github.com/github/collect

msedge.exe

Remote address:

140.82.112.21:443

Request

POST /github/collect HTTP/2.0
host: collector.github.com
content-length: 1192
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
content-type: text/plain;charset=UTF-8
accept: */*
origin: https://github.com
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Trojan/ArcticBomb.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _octo=GH1.1.1788271999.1735125765
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 204

date: Wed, 25 Dec 2024 11:27:40 GMT
access-control-allow-methods: POST,OPTIONS
access-control-allow-headers: Content-Type
access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: no-cache
x-runtime: 0.003428
strict-transport-security: max-age=631138519
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-github-backend: Kubernetes
x-github-request-id: 439A:228380:89A076:D60E9F:676BEC2B
POST

https://collector.github.com/github/collect

msedge.exe

Remote address:

140.82.112.21:443

Request

POST /github/collect HTTP/2.0
host: collector.github.com
content-length: 1175
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
content-type: text/plain;charset=UTF-8
accept: */*
origin: https://github.com
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Trojan/ArcticBomb.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _octo=GH1.1.1788271999.1735125765
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 204

date: Wed, 25 Dec 2024 11:27:40 GMT
access-control-allow-methods: POST,OPTIONS
access-control-allow-headers: Content-Type
access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: no-cache
x-runtime: 0.108427
strict-transport-security: max-age=631138519
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-github-backend: Kubernetes
x-github-request-id: 439A:228380:89A076:D60EA0:676BEC2C
POST

https://collector.github.com/github/collect

msedge.exe

Remote address:

140.82.112.21:443

Request

POST /github/collect HTTP/2.0
host: collector.github.com
content-length: 1256
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
content-type: text/plain;charset=UTF-8
accept: */*
origin: https://github.com
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Trojan/ArcticBomb.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _octo=GH1.1.1788271999.1735125765
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 204

date: Wed, 25 Dec 2024 11:28:00 GMT
access-control-allow-methods: POST,OPTIONS
access-control-allow-headers: Content-Type
access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: no-cache
x-runtime: 0.108253
strict-transport-security: max-age=631138519
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-github-backend: Kubernetes
x-github-request-id: 439A:228380:89B01D:D6281F:676BEC2C
POST

https://collector.github.com/github/collect

msedge.exe

Remote address:

140.82.112.21:443

Request

POST /github/collect HTTP/2.0
host: collector.github.com
content-length: 1165
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
content-type: text/plain;charset=UTF-8
accept: */*
origin: https://github.com
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Trojan/MEMZ.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _octo=GH1.1.1788271999.1735125765
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 204

date: Wed, 25 Dec 2024 11:28:01 GMT
access-control-allow-methods: POST,OPTIONS
access-control-allow-headers: Content-Type
access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: no-cache
x-runtime: 0.052475
strict-transport-security: max-age=631138519
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-github-backend: Kubernetes
x-github-request-id: 439A:228380:89B066:D62898:676BEC40
POST

https://collector.github.com/github/collect

msedge.exe

Remote address:

140.82.112.21:443

Request

POST /github/collect HTTP/2.0
host: collector.github.com
content-length: 1152
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
content-type: text/plain;charset=UTF-8
accept: */*
origin: https://github.com
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Trojan/MEMZ.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _octo=GH1.1.1788271999.1735125765
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 204

date: Wed, 25 Dec 2024 11:28:01 GMT
access-control-allow-methods: POST,OPTIONS
access-control-allow-headers: Content-Type
access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: no-cache
x-runtime: 0.055990
strict-transport-security: max-age=631138519
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-github-backend: Kubernetes
x-github-request-id: 439A:228380:89B072:D628AA:676BEC41
OPTIONS

https://aefd.nelreports.net/api/report?cat=bingaotak

msedge.exe

Remote address:

2.19.252.146:443

Request

OPTIONS /api/report?cat=bingaotak HTTP/1.1
Host: aefd.nelreports.net
Connection: keep-alive
Origin: https://r.bing.com
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Length: 0
Server: Kestrel
Date: Wed, 25 Dec 2024 11:25:37 GMT
Alt-Svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Connection: keep-alive
PMUSER_FORMAT_QS:
X-CDN-TraceId: 0.86f91302.1735125937.809a7649
Access-Control-Allow-Headers: *
Access-Control-Allow-Credentials: false
Access-Control-Allow-Methods: GET, OPTIONS, POST
Access-Control-Allow-Origin: *
GET

https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Ransomware/WannaCrypt0r.exe

msedge.exe

Remote address:

20.26.156.215:443

Request

GET /Da2dalus/The-MALWARE-Repo/blob/master/Ransomware/WannaCrypt0r.exe HTTP/2.0
host: github.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: application/json
x-requested-with: XMLHttpRequest
x-react-router: json
x-github-target: dotcom
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Ransomware/WannaCrypt0r.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _gh_sess=AkizHccWs058JF915G7ccw%2BB5j5gvBsb1qe1F87Db97iiILQ7LZsw661Mfaf6vJR4%2FcbDgz%2FWM5QAUrGSSB%2BxPih63Wy2sR%2BDGqX%2F7t%2FlRmJVwlf%2FliS7wnZL6Dz4Y62nGQ4KddCN8j%2BfTsEy4wEMtylh%2B2DhMEqz%2FgQGpAPkDdcnn5brc3pxP0JBrHD5iw4LL4ZdrQwGVAfWz%2BrFY0Y0xi4L1Hq%2BzDNUrWRwimvSNh%2FzmJZ4P4cR%2FpINkiUYlkSlNJT%2Bekf1DPwTkD8FpNxww%3D%3D--1kFgd1vMoHmfTe9E--Ddf9OXfwk5UkzYwPZs3ZKw%3D%3D
cookie: _octo=GH1.1.1788271999.1735125765
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 200

server: GitHub.com
date: Wed, 25 Dec 2024 11:26:04 GMT
content-type: application/json; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
etag: W/"297b74c99970e5eb3dd62364a2229813"
cache-control: max-age=0, private, must-revalidate
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
content-encoding: gzip
accept-ranges: bytes
content-length: 2274
x-github-request-id: 4A22:1B0BBA:347027:434ACA:676BEBCC
GET

https://github.com/Da2dalus/The-MALWARE-Repo/latest-commit/master/Ransomware/WannaCrypt0r.exe

msedge.exe

Remote address:

20.26.156.215:443

Request

GET /Da2dalus/The-MALWARE-Repo/latest-commit/master/Ransomware/WannaCrypt0r.exe HTTP/2.0
host: github.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
content-type: application/json
accept: application/json
x-requested-with: XMLHttpRequest
github-verified-fetch: true
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Ransomware/WannaCrypt0r.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _gh_sess=AkizHccWs058JF915G7ccw%2BB5j5gvBsb1qe1F87Db97iiILQ7LZsw661Mfaf6vJR4%2FcbDgz%2FWM5QAUrGSSB%2BxPih63Wy2sR%2BDGqX%2F7t%2FlRmJVwlf%2FliS7wnZL6Dz4Y62nGQ4KddCN8j%2BfTsEy4wEMtylh%2B2DhMEqz%2FgQGpAPkDdcnn5brc3pxP0JBrHD5iw4LL4ZdrQwGVAfWz%2BrFY0Y0xi4L1Hq%2BzDNUrWRwimvSNh%2FzmJZ4P4cR%2FpINkiUYlkSlNJT%2Bekf1DPwTkD8FpNxww%3D%3D--1kFgd1vMoHmfTe9E--Ddf9OXfwk5UkzYwPZs3ZKw%3D%3D
cookie: _octo=GH1.1.1788271999.1735125765
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 200

server: GitHub.com
date: Wed, 25 Dec 2024 11:26:05 GMT
content-type: application/json; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
etag: W/"5317c32d4daae425ec6a69439a152945"
cache-control: max-age=0, private, must-revalidate
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
content-encoding: gzip
accept-ranges: bytes
content-length: 442
x-github-request-id: 4A22:1B0BBA:347057:434B01:676BEBCC
GET

https://github.com/Da2dalus/The-MALWARE-Repo/deferred-metadata/master/Ransomware/WannaCrypt0r.exe

msedge.exe

Remote address:

20.26.156.215:443

Request

GET /Da2dalus/The-MALWARE-Repo/deferred-metadata/master/Ransomware/WannaCrypt0r.exe HTTP/2.0
host: github.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
content-type: application/json
accept: application/json
x-requested-with: XMLHttpRequest
github-verified-fetch: true
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Ransomware/WannaCrypt0r.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _gh_sess=AkizHccWs058JF915G7ccw%2BB5j5gvBsb1qe1F87Db97iiILQ7LZsw661Mfaf6vJR4%2FcbDgz%2FWM5QAUrGSSB%2BxPih63Wy2sR%2BDGqX%2F7t%2FlRmJVwlf%2FliS7wnZL6Dz4Y62nGQ4KddCN8j%2BfTsEy4wEMtylh%2B2DhMEqz%2FgQGpAPkDdcnn5brc3pxP0JBrHD5iw4LL4ZdrQwGVAfWz%2BrFY0Y0xi4L1Hq%2BzDNUrWRwimvSNh%2FzmJZ4P4cR%2FpINkiUYlkSlNJT%2Bekf1DPwTkD8FpNxww%3D%3D--1kFgd1vMoHmfTe9E--Ddf9OXfwk5UkzYwPZs3ZKw%3D%3D
cookie: _octo=GH1.1.1788271999.1735125765
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 200

server: GitHub.com
date: Wed, 25 Dec 2024 11:26:05 GMT
content-type: application/json; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
etag: W/"3b1ec0bc5e0864a5815defaffc90db22"
cache-control: max-age=0, private, must-revalidate
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
content-encoding: gzip
accept-ranges: bytes
content-length: 181
x-github-request-id: 4A22:1B0BBA:34705A:434B04:676BEBCD
GET

https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Ransomware/WannaCry.exe

msedge.exe

Remote address:

20.26.156.215:443

Request

GET /Da2dalus/The-MALWARE-Repo/blob/master/Ransomware/WannaCry.exe HTTP/2.0
host: github.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: application/json
x-requested-with: XMLHttpRequest
x-react-router: json
x-github-target: dotcom
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Ransomware/WannaCry.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _gh_sess=AkizHccWs058JF915G7ccw%2BB5j5gvBsb1qe1F87Db97iiILQ7LZsw661Mfaf6vJR4%2FcbDgz%2FWM5QAUrGSSB%2BxPih63Wy2sR%2BDGqX%2F7t%2FlRmJVwlf%2FliS7wnZL6Dz4Y62nGQ4KddCN8j%2BfTsEy4wEMtylh%2B2DhMEqz%2FgQGpAPkDdcnn5brc3pxP0JBrHD5iw4LL4ZdrQwGVAfWz%2BrFY0Y0xi4L1Hq%2BzDNUrWRwimvSNh%2FzmJZ4P4cR%2FpINkiUYlkSlNJT%2Bekf1DPwTkD8FpNxww%3D%3D--1kFgd1vMoHmfTe9E--Ddf9OXfwk5UkzYwPZs3ZKw%3D%3D
cookie: _octo=GH1.1.1788271999.1735125765
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 200

server: GitHub.com
date: Wed, 25 Dec 2024 11:26:06 GMT
content-type: application/json; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
etag: W/"4b37d59acbe39ca1aaff98461634b2bb"
cache-control: max-age=0, private, must-revalidate
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
content-encoding: gzip
accept-ranges: bytes
content-length: 2197
x-github-request-id: 4A22:1B0BBA:3470C8:434B83:676BEBCD
GET

https://github.com/Da2dalus/The-MALWARE-Repo/latest-commit/master/Ransomware/WannaCry.exe

msedge.exe

Remote address:

20.26.156.215:443

Request

GET /Da2dalus/The-MALWARE-Repo/latest-commit/master/Ransomware/WannaCry.exe HTTP/2.0
host: github.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
content-type: application/json
accept: application/json
x-requested-with: XMLHttpRequest
github-verified-fetch: true
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Ransomware/WannaCry.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _gh_sess=AkizHccWs058JF915G7ccw%2BB5j5gvBsb1qe1F87Db97iiILQ7LZsw661Mfaf6vJR4%2FcbDgz%2FWM5QAUrGSSB%2BxPih63Wy2sR%2BDGqX%2F7t%2FlRmJVwlf%2FliS7wnZL6Dz4Y62nGQ4KddCN8j%2BfTsEy4wEMtylh%2B2DhMEqz%2FgQGpAPkDdcnn5brc3pxP0JBrHD5iw4LL4ZdrQwGVAfWz%2BrFY0Y0xi4L1Hq%2BzDNUrWRwimvSNh%2FzmJZ4P4cR%2FpINkiUYlkSlNJT%2Bekf1DPwTkD8FpNxww%3D%3D--1kFgd1vMoHmfTe9E--Ddf9OXfwk5UkzYwPZs3ZKw%3D%3D
cookie: _octo=GH1.1.1788271999.1735125765
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 200

server: GitHub.com
date: Wed, 25 Dec 2024 11:26:06 GMT
content-type: application/json; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
etag: W/"3b1ec0bc5e0864a5815defaffc90db22"
cache-control: max-age=0, private, must-revalidate
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
content-encoding: gzip
accept-ranges: bytes
content-length: 181
x-github-request-id: 4A22:1B0BBA:3470F4:434BBE:676BEBCE
GET

https://github.com/Da2dalus/The-MALWARE-Repo/deferred-metadata/master/Ransomware/WannaCry.exe

msedge.exe

Remote address:

20.26.156.215:443

Request

GET /Da2dalus/The-MALWARE-Repo/deferred-metadata/master/Ransomware/WannaCry.exe HTTP/2.0
host: github.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
content-type: application/json
accept: application/json
x-requested-with: XMLHttpRequest
github-verified-fetch: true
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Ransomware/WannaCry.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _gh_sess=AkizHccWs058JF915G7ccw%2BB5j5gvBsb1qe1F87Db97iiILQ7LZsw661Mfaf6vJR4%2FcbDgz%2FWM5QAUrGSSB%2BxPih63Wy2sR%2BDGqX%2F7t%2FlRmJVwlf%2FliS7wnZL6Dz4Y62nGQ4KddCN8j%2BfTsEy4wEMtylh%2B2DhMEqz%2FgQGpAPkDdcnn5brc3pxP0JBrHD5iw4LL4ZdrQwGVAfWz%2BrFY0Y0xi4L1Hq%2BzDNUrWRwimvSNh%2FzmJZ4P4cR%2FpINkiUYlkSlNJT%2Bekf1DPwTkD8FpNxww%3D%3D--1kFgd1vMoHmfTe9E--Ddf9OXfwk5UkzYwPZs3ZKw%3D%3D
cookie: _octo=GH1.1.1788271999.1735125765
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 200

server: GitHub.com
date: Wed, 25 Dec 2024 11:26:06 GMT
content-type: application/json; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
etag: W/"3ced86846dae3ee107fee9d1856e8b37"
cache-control: max-age=0, private, must-revalidate
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
content-encoding: gzip
accept-ranges: bytes
content-length: 478
x-github-request-id: 4A22:1B0BBA:3470F2:434BBA:676BEBCE
GET

https://github.com/Da2dalus/The-MALWARE-Repo/raw/refs/heads/master/Ransomware/WannaCry.exe

msedge.exe

Remote address:

20.26.156.215:443

Request

GET /Da2dalus/The-MALWARE-Repo/raw/refs/heads/master/Ransomware/WannaCry.exe HTTP/2.0
host: github.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Ransomware/WannaCry.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _gh_sess=AkizHccWs058JF915G7ccw%2BB5j5gvBsb1qe1F87Db97iiILQ7LZsw661Mfaf6vJR4%2FcbDgz%2FWM5QAUrGSSB%2BxPih63Wy2sR%2BDGqX%2F7t%2FlRmJVwlf%2FliS7wnZL6Dz4Y62nGQ4KddCN8j%2BfTsEy4wEMtylh%2B2DhMEqz%2FgQGpAPkDdcnn5brc3pxP0JBrHD5iw4LL4ZdrQwGVAfWz%2BrFY0Y0xi4L1Hq%2BzDNUrWRwimvSNh%2FzmJZ4P4cR%2FpINkiUYlkSlNJT%2Bekf1DPwTkD8FpNxww%3D%3D--1kFgd1vMoHmfTe9E--Ddf9OXfwk5UkzYwPZs3ZKw%3D%3D
cookie: _octo=GH1.1.1788271999.1735125765
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 302

server: GitHub.com
date: Wed, 25 Dec 2024 11:26:08 GMT
content-type: text/html; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
access-control-allow-origin:
location: https://raw.githubusercontent.com/Da2dalus/The-MALWARE-Repo/refs/heads/master/Ransomware/WannaCry.exe
cache-control: no-cache
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
content-length: 0
x-github-request-id: 4A22:1B0BBA:3471D0:434CC2:676BEBCE
GET

https://github.com/Da2dalus/The-MALWARE-Repo/tree/master/Trojan?noancestors=1

msedge.exe

Remote address:

20.26.156.215:443

Request

GET /Da2dalus/The-MALWARE-Repo/tree/master/Trojan?noancestors=1 HTTP/2.0
host: github.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
content-type: application/json
accept: application/json
x-requested-with: XMLHttpRequest
github-verified-fetch: true
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Ransomware/WannaCry.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _gh_sess=AkizHccWs058JF915G7ccw%2BB5j5gvBsb1qe1F87Db97iiILQ7LZsw661Mfaf6vJR4%2FcbDgz%2FWM5QAUrGSSB%2BxPih63Wy2sR%2BDGqX%2F7t%2FlRmJVwlf%2FliS7wnZL6Dz4Y62nGQ4KddCN8j%2BfTsEy4wEMtylh%2B2DhMEqz%2FgQGpAPkDdcnn5brc3pxP0JBrHD5iw4LL4ZdrQwGVAfWz%2BrFY0Y0xi4L1Hq%2BzDNUrWRwimvSNh%2FzmJZ4P4cR%2FpINkiUYlkSlNJT%2Bekf1DPwTkD8FpNxww%3D%3D--1kFgd1vMoHmfTe9E--Ddf9OXfwk5UkzYwPZs3ZKw%3D%3D
cookie: _octo=GH1.1.1788271999.1735125765
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 200

server: GitHub.com
date: Wed, 25 Dec 2024 11:26:12 GMT
content-type: application/json; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
etag: W/"e02990b9cd314bae48cd23857e4e1070"
cache-control: max-age=0, private, must-revalidate
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
content-encoding: gzip
accept-ranges: bytes
content-length: 1546
x-github-request-id: 4A22:1B0BBA:347340:434E94:676BEBD0
GET

https://github.com/Da2dalus/The-MALWARE-Repo/tree/master/Trojan/MrsMajors?noancestors=1

msedge.exe

Remote address:

20.26.156.215:443

Request

GET /Da2dalus/The-MALWARE-Repo/tree/master/Trojan/MrsMajors?noancestors=1 HTTP/2.0
host: github.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
content-type: application/json
accept: application/json
x-requested-with: XMLHttpRequest
github-verified-fetch: true
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Ransomware/WannaCry.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _gh_sess=AkizHccWs058JF915G7ccw%2BB5j5gvBsb1qe1F87Db97iiILQ7LZsw661Mfaf6vJR4%2FcbDgz%2FWM5QAUrGSSB%2BxPih63Wy2sR%2BDGqX%2F7t%2FlRmJVwlf%2FliS7wnZL6Dz4Y62nGQ4KddCN8j%2BfTsEy4wEMtylh%2B2DhMEqz%2FgQGpAPkDdcnn5brc3pxP0JBrHD5iw4LL4ZdrQwGVAfWz%2BrFY0Y0xi4L1Hq%2BzDNUrWRwimvSNh%2FzmJZ4P4cR%2FpINkiUYlkSlNJT%2Bekf1DPwTkD8FpNxww%3D%3D--1kFgd1vMoHmfTe9E--Ddf9OXfwk5UkzYwPZs3ZKw%3D%3D
cookie: _octo=GH1.1.1788271999.1735125765
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 200

server: GitHub.com
date: Wed, 25 Dec 2024 11:26:14 GMT
content-type: application/json; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
etag: W/"b5a4e70e95b008a3326908c6555ec406"
cache-control: max-age=0, private, must-revalidate
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
content-encoding: gzip
accept-ranges: bytes
content-length: 1594
x-github-request-id: 4A22:1B0BBA:34742A:434FAD:676BEBD4
GET

https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Trojan/MrsMajors/MrsMajor3.0.exe

msedge.exe

Remote address:

20.26.156.215:443

Request

GET /Da2dalus/The-MALWARE-Repo/blob/master/Trojan/MrsMajors/MrsMajor3.0.exe HTTP/2.0
host: github.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: application/json
x-requested-with: XMLHttpRequest
x-react-router: json
x-github-target: dotcom
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Trojan/MrsMajors/MrsMajor3.0.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _gh_sess=AkizHccWs058JF915G7ccw%2BB5j5gvBsb1qe1F87Db97iiILQ7LZsw661Mfaf6vJR4%2FcbDgz%2FWM5QAUrGSSB%2BxPih63Wy2sR%2BDGqX%2F7t%2FlRmJVwlf%2FliS7wnZL6Dz4Y62nGQ4KddCN8j%2BfTsEy4wEMtylh%2B2DhMEqz%2FgQGpAPkDdcnn5brc3pxP0JBrHD5iw4LL4ZdrQwGVAfWz%2BrFY0Y0xi4L1Hq%2BzDNUrWRwimvSNh%2FzmJZ4P4cR%2FpINkiUYlkSlNJT%2Bekf1DPwTkD8FpNxww%3D%3D--1kFgd1vMoHmfTe9E--Ddf9OXfwk5UkzYwPZs3ZKw%3D%3D
cookie: _octo=GH1.1.1788271999.1735125765
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 200

server: GitHub.com
date: Wed, 25 Dec 2024 11:26:16 GMT
content-type: application/json; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
etag: W/"b1ac55f790d3e3b5916c2eb44e1e2d1f"
cache-control: max-age=0, private, must-revalidate
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
content-encoding: gzip
accept-ranges: bytes
content-length: 2343
x-github-request-id: 4A22:1B0BBA:3474C6:435067:676BEBD6
GET

https://github.com/Da2dalus/The-MALWARE-Repo/latest-commit/master/Trojan/MrsMajors/MrsMajor3.0.exe

msedge.exe

Remote address:

20.26.156.215:443

Request

GET /Da2dalus/The-MALWARE-Repo/latest-commit/master/Trojan/MrsMajors/MrsMajor3.0.exe HTTP/2.0
host: github.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
content-type: application/json
accept: application/json
x-requested-with: XMLHttpRequest
github-verified-fetch: true
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Trojan/MrsMajors/MrsMajor3.0.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _gh_sess=AkizHccWs058JF915G7ccw%2BB5j5gvBsb1qe1F87Db97iiILQ7LZsw661Mfaf6vJR4%2FcbDgz%2FWM5QAUrGSSB%2BxPih63Wy2sR%2BDGqX%2F7t%2FlRmJVwlf%2FliS7wnZL6Dz4Y62nGQ4KddCN8j%2BfTsEy4wEMtylh%2B2DhMEqz%2FgQGpAPkDdcnn5brc3pxP0JBrHD5iw4LL4ZdrQwGVAfWz%2BrFY0Y0xi4L1Hq%2BzDNUrWRwimvSNh%2FzmJZ4P4cR%2FpINkiUYlkSlNJT%2Bekf1DPwTkD8FpNxww%3D%3D--1kFgd1vMoHmfTe9E--Ddf9OXfwk5UkzYwPZs3ZKw%3D%3D
cookie: _octo=GH1.1.1788271999.1735125765
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 200

server: GitHub.com
date: Wed, 25 Dec 2024 11:26:16 GMT
content-type: application/json; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
etag: W/"82bc4089ee286a428633129c52977d4e"
cache-control: max-age=0, private, must-revalidate
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
content-encoding: gzip
accept-ranges: bytes
content-length: 447
x-github-request-id: 4A22:1B0BBA:3474F2:4350A5:676BEBD8
GET

https://github.com/Da2dalus/The-MALWARE-Repo/deferred-metadata/master/Trojan/MrsMajors/MrsMajor3.0.exe

msedge.exe

Remote address:

20.26.156.215:443

Request

GET /Da2dalus/The-MALWARE-Repo/deferred-metadata/master/Trojan/MrsMajors/MrsMajor3.0.exe HTTP/2.0
host: github.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
content-type: application/json
accept: application/json
x-requested-with: XMLHttpRequest
github-verified-fetch: true
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Trojan/MrsMajors/MrsMajor3.0.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _gh_sess=AkizHccWs058JF915G7ccw%2BB5j5gvBsb1qe1F87Db97iiILQ7LZsw661Mfaf6vJR4%2FcbDgz%2FWM5QAUrGSSB%2BxPih63Wy2sR%2BDGqX%2F7t%2FlRmJVwlf%2FliS7wnZL6Dz4Y62nGQ4KddCN8j%2BfTsEy4wEMtylh%2B2DhMEqz%2FgQGpAPkDdcnn5brc3pxP0JBrHD5iw4LL4ZdrQwGVAfWz%2BrFY0Y0xi4L1Hq%2BzDNUrWRwimvSNh%2FzmJZ4P4cR%2FpINkiUYlkSlNJT%2Bekf1DPwTkD8FpNxww%3D%3D--1kFgd1vMoHmfTe9E--Ddf9OXfwk5UkzYwPZs3ZKw%3D%3D
cookie: _octo=GH1.1.1788271999.1735125765
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 200

server: GitHub.com
date: Wed, 25 Dec 2024 11:26:16 GMT
content-type: application/json; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
etag: W/"3b1ec0bc5e0864a5815defaffc90db22"
cache-control: max-age=0, private, must-revalidate
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
content-encoding: gzip
accept-ranges: bytes
content-length: 181
x-github-request-id: 4A22:1B0BBA:3474F3:4350A7:676BEBD8
GET

https://github.com/Da2dalus/The-MALWARE-Repo/raw/refs/heads/master/Trojan/MrsMajors/MrsMajor3.0.exe

msedge.exe

Remote address:

20.26.156.215:443

Request

GET /Da2dalus/The-MALWARE-Repo/raw/refs/heads/master/Trojan/MrsMajors/MrsMajor3.0.exe HTTP/2.0
host: github.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Trojan/MrsMajors/MrsMajor3.0.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _gh_sess=AkizHccWs058JF915G7ccw%2BB5j5gvBsb1qe1F87Db97iiILQ7LZsw661Mfaf6vJR4%2FcbDgz%2FWM5QAUrGSSB%2BxPih63Wy2sR%2BDGqX%2F7t%2FlRmJVwlf%2FliS7wnZL6Dz4Y62nGQ4KddCN8j%2BfTsEy4wEMtylh%2B2DhMEqz%2FgQGpAPkDdcnn5brc3pxP0JBrHD5iw4LL4ZdrQwGVAfWz%2BrFY0Y0xi4L1Hq%2BzDNUrWRwimvSNh%2FzmJZ4P4cR%2FpINkiUYlkSlNJT%2Bekf1DPwTkD8FpNxww%3D%3D--1kFgd1vMoHmfTe9E--Ddf9OXfwk5UkzYwPZs3ZKw%3D%3D
cookie: _octo=GH1.1.1788271999.1735125765
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 302

server: GitHub.com
date: Wed, 25 Dec 2024 11:26:18 GMT
content-type: text/html; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
access-control-allow-origin:
location: https://raw.githubusercontent.com/Da2dalus/The-MALWARE-Repo/refs/heads/master/Trojan/MrsMajors/MrsMajor3.0.exe
cache-control: no-cache
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
content-length: 0
x-github-request-id: 4A22:1B0BBA:3475B9:4351AC:676BEBD8
POST

https://api.github.com/_private/browser/stats

msedge.exe

Remote address:

20.26.156.210:443

Request

POST /_private/browser/stats HTTP/2.0
host: api.github.com
content-length: 747
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
content-type: text/plain;charset=UTF-8
accept: */*
origin: https://github.com
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Ransomware/WannaCrypt0r.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _octo=GH1.1.1788271999.1735125765
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 200

date: Wed, 25 Dec 2024 11:26:05 GMT
content-type: text/plain
content-length: 0
cache-control: no-cache
x-ratelimit-limit: 60
x-ratelimit-remaining: 60
x-ratelimit-reset: 1735129565
x-ratelimit-used: 0
x-ratelimit-resource: core
x-github-media-type: github.v3; format=json
x-github-api-version-selected: 2022-11-28
access-control-expose-headers: ETag, Link, Location, Retry-After, X-GitHub-OTP, X-RateLimit-Limit, X-RateLimit-Remaining, X-RateLimit-Used, X-RateLimit-Resource, X-RateLimit-Reset, X-OAuth-Scopes, X-Accepted-OAuth-Scopes, X-Poll-Interval, X-GitHub-Media-Type, X-GitHub-SSO, X-GitHub-Request-Id, Deprecation, Sunset
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
content-security-policy: default-src 'none'
vary: Accept-Encoding, Accept, X-Requested-With
server: github.com
x-github-request-id: 7A7C:1921B:28C98B:337625:676BEBCD
POST

https://api.github.com/_private/browser/stats

msedge.exe

Remote address:

20.26.156.210:443

Request

POST /_private/browser/stats HTTP/2.0
host: api.github.com
content-length: 234
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
content-type: text/plain;charset=UTF-8
accept: */*
origin: https://github.com
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Trojan/MrsMajors/MrsMajor3.0.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _octo=GH1.1.1788271999.1735125765
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 200

date: Wed, 25 Dec 2024 11:26:34 GMT
content-type: text/plain
content-length: 0
cache-control: no-cache
x-ratelimit-limit: 60
x-ratelimit-remaining: 60
x-ratelimit-reset: 1735129594
x-ratelimit-used: 0
x-ratelimit-resource: core
x-github-media-type: github.v3; format=json
x-github-api-version-selected: 2022-11-28
access-control-expose-headers: ETag, Link, Location, Retry-After, X-GitHub-OTP, X-RateLimit-Limit, X-RateLimit-Remaining, X-RateLimit-Used, X-RateLimit-Resource, X-RateLimit-Reset, X-OAuth-Scopes, X-Accepted-OAuth-Scopes, X-Poll-Interval, X-GitHub-Media-Type, X-GitHub-SSO, X-GitHub-Request-Id, Deprecation, Sunset
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
content-security-policy: default-src 'none'
vary: Accept-Encoding, Accept, X-Requested-With
server: github.com
x-github-request-id: 7A7C:1921B:28D027:337E9F:676BEBCD
POST

https://api.github.com/_private/browser/stats

msedge.exe

Remote address:

20.26.156.210:443

Request

POST /_private/browser/stats HTTP/2.0
host: api.github.com
content-length: 235
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
content-type: text/plain;charset=UTF-8
accept: */*
origin: https://github.com
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Trojan/MrsMajors/MrsMajor3.0.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _octo=GH1.1.1788271999.1735125765
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 200

date: Wed, 25 Dec 2024 11:26:39 GMT
content-type: text/plain
content-length: 0
cache-control: no-cache
x-ratelimit-limit: 60
x-ratelimit-remaining: 60
x-ratelimit-reset: 1735129599
x-ratelimit-used: 0
x-ratelimit-resource: core
x-github-media-type: github.v3; format=json
x-github-api-version-selected: 2022-11-28
access-control-expose-headers: ETag, Link, Location, Retry-After, X-GitHub-OTP, X-RateLimit-Limit, X-RateLimit-Remaining, X-RateLimit-Used, X-RateLimit-Resource, X-RateLimit-Reset, X-OAuth-Scopes, X-Accepted-OAuth-Scopes, X-Poll-Interval, X-GitHub-Media-Type, X-GitHub-SSO, X-GitHub-Request-Id, Deprecation, Sunset
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
content-security-policy: default-src 'none'
vary: Accept-Encoding, Accept, X-Requested-With
server: github.com
x-github-request-id: 7A7C:1921B:28D11F:337FFB:676BEBEA
POST

https://api.github.com/_private/browser/stats

msedge.exe

Remote address:

20.26.156.210:443

Request

POST /_private/browser/stats HTTP/2.0
host: api.github.com
content-length: 234
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
content-type: text/plain;charset=UTF-8
accept: */*
origin: https://github.com
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Trojan/MrsMajors/MrsMajor3.0.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _octo=GH1.1.1788271999.1735125765
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 200

date: Wed, 25 Dec 2024 11:26:45 GMT
content-type: text/plain
content-length: 0
cache-control: no-cache
x-ratelimit-limit: 60
x-ratelimit-remaining: 60
x-ratelimit-reset: 1735129605
x-ratelimit-used: 0
x-ratelimit-resource: core
x-github-media-type: github.v3; format=json
x-github-api-version-selected: 2022-11-28
access-control-expose-headers: ETag, Link, Location, Retry-After, X-GitHub-OTP, X-RateLimit-Limit, X-RateLimit-Remaining, X-RateLimit-Used, X-RateLimit-Resource, X-RateLimit-Reset, X-OAuth-Scopes, X-Accepted-OAuth-Scopes, X-Poll-Interval, X-GitHub-Media-Type, X-GitHub-SSO, X-GitHub-Request-Id, Deprecation, Sunset
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
content-security-policy: default-src 'none'
vary: Accept-Encoding, Accept, X-Requested-With
server: github.com
x-github-request-id: 7A7C:1921B:28D22D:33815E:676BEBEF
GET

https://raw.githubusercontent.com/Da2dalus/The-MALWARE-Repo/refs/heads/master/Ransomware/WannaCry.exe

msedge.exe

Remote address:

185.199.108.133:443

Request

GET /Da2dalus/The-MALWARE-Repo/refs/heads/master/Ransomware/WannaCry.exe HTTP/2.0
host: raw.githubusercontent.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
origin: https://github.com
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Ransomware/WannaCry.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: max-age=300
content-security-policy: default-src 'none'; style-src 'unsafe-inline'; sandbox
content-type: application/octet-stream
etag: W/"8088e0474a4eb95a79a9a931cc793ed2410970e09c542098ce24b8f0be490da9"
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: deny
x-xss-protection: 1; mode=block
x-github-request-id: 7886:53580:53EE1A:583804:676BEBD0
accept-ranges: bytes
date: Wed, 25 Dec 2024 11:26:09 GMT
via: 1.1 varnish
x-served-by: cache-fra-etou8220094-FRA
x-cache: MISS
x-cache-hits: 0
x-timer: S1735125969.209291,VS0,VE149
vary: Authorization,Accept-Encoding,Origin
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-fastly-request-id: cdd542fd2a5505ad0fac85421cc63db0ac07f88b
expires: Wed, 25 Dec 2024 11:31:09 GMT
source-age: 0
content-length: 229376
GET

https://raw.githubusercontent.com/Da2dalus/The-MALWARE-Repo/refs/heads/master/Trojan/MrsMajors/MrsMajor3.0.exe

msedge.exe

Remote address:

185.199.108.133:443

Request

GET /Da2dalus/The-MALWARE-Repo/refs/heads/master/Trojan/MrsMajors/MrsMajor3.0.exe HTTP/2.0
host: raw.githubusercontent.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
origin: https://github.com
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Trojan/MrsMajors/MrsMajor3.0.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: max-age=300
content-security-policy: default-src 'none'; style-src 'unsafe-inline'; sandbox
content-type: application/octet-stream
etag: W/"530fee1c1d957dce11d32ea878f1cd385b1c24d46e55fe154755089197b5a55c"
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: deny
x-xss-protection: 1; mode=block
x-github-request-id: 5C0D:697B0:55AF91:59F9B3:676BEBDA
accept-ranges: bytes
date: Wed, 25 Dec 2024 11:26:18 GMT
via: 1.1 varnish
x-served-by: cache-fra-etou8220094-FRA
x-cache: MISS
x-cache-hits: 0
x-timer: S1735125979.633281,VS0,VE181
vary: Authorization,Accept-Encoding,Origin
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-fastly-request-id: 75e9cd559eeff6489b1e3b56bb2e4ae8d4ac2aab
expires: Wed, 25 Dec 2024 11:31:18 GMT
source-age: 0
content-length: 390656
GET

https://raw.githubusercontent.com/Da2dalus/The-MALWARE-Repo/refs/heads/master/Trojan/ArcticBomb.exe

msedge.exe

Remote address:

185.199.108.133:443

Request

GET /Da2dalus/The-MALWARE-Repo/refs/heads/master/Trojan/ArcticBomb.exe HTTP/2.0
host: raw.githubusercontent.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
origin: https://github.com
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Trojan/ArcticBomb.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: max-age=300
content-security-policy: default-src 'none'; style-src 'unsafe-inline'; sandbox
content-type: application/octet-stream
etag: W/"f56d83d5ef1d56d6ba8db5a5ba379a1ec78ee690ff357c3e458cf4da8526501c"
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: deny
x-xss-protection: 1; mode=block
x-github-request-id: 421D:53580:5435FA:588271:676BEC31
accept-ranges: bytes
date: Wed, 25 Dec 2024 11:27:45 GMT
via: 1.1 varnish
x-served-by: cache-fra-etou8220094-FRA
x-cache: MISS
x-cache-hits: 0
x-timer: S1735126065.289555,VS0,VE226
vary: Authorization,Accept-Encoding,Origin
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-fastly-request-id: f9f58d469044858c63f51212055cce85c4ddd138
expires: Wed, 25 Dec 2024 11:32:45 GMT
source-age: 0
content-length: 128512
GET

https://raw.githubusercontent.com/Da2dalus/The-MALWARE-Repo/refs/heads/master/Trojan/MEMZ.exe

msedge.exe

Remote address:

185.199.108.133:443

Request

GET /Da2dalus/The-MALWARE-Repo/refs/heads/master/Trojan/MEMZ.exe HTTP/2.0
host: raw.githubusercontent.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
origin: https://github.com
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Trojan/MEMZ.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: max-age=300
content-security-policy: default-src 'none'; style-src 'unsafe-inline'; sandbox
content-type: application/octet-stream
etag: W/"4e2f634bcba0c8c0b5d906e465c59e46cb08da93727ff435e8e04af70f85b9d0"
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: deny
x-xss-protection: 1; mode=block
x-github-request-id: 60C1:4DE10:555E54:59AB5C:676BEC43
accept-ranges: bytes
date: Wed, 25 Dec 2024 11:28:03 GMT
via: 1.1 varnish
x-served-by: cache-fra-etou8220094-FRA
x-cache: MISS
x-cache-hits: 0
x-timer: S1735126084.769344,VS0,VE156
vary: Authorization,Accept-Encoding,Origin
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-fastly-request-id: 289590fea7625dad16ee9253545a6dc88115e720
expires: Wed, 25 Dec 2024 11:33:03 GMT
source-age: 0
content-length: 14848
GET

https://github.com/Da2dalus/The-MALWARE-Repo/raw/refs/heads/master/Trojan/MrsMajors/MrsMajor3.0.exe

msedge.exe

Remote address:

20.26.156.215:443

Request

GET /Da2dalus/The-MALWARE-Repo/raw/refs/heads/master/Trojan/MrsMajors/MrsMajor3.0.exe HTTP/2.0
host: github.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Trojan/MrsMajors/MrsMajor3.0.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _gh_sess=AkizHccWs058JF915G7ccw%2BB5j5gvBsb1qe1F87Db97iiILQ7LZsw661Mfaf6vJR4%2FcbDgz%2FWM5QAUrGSSB%2BxPih63Wy2sR%2BDGqX%2F7t%2FlRmJVwlf%2FliS7wnZL6Dz4Y62nGQ4KddCN8j%2BfTsEy4wEMtylh%2B2DhMEqz%2FgQGpAPkDdcnn5brc3pxP0JBrHD5iw4LL4ZdrQwGVAfWz%2BrFY0Y0xi4L1Hq%2BzDNUrWRwimvSNh%2FzmJZ4P4cR%2FpINkiUYlkSlNJT%2Bekf1DPwTkD8FpNxww%3D%3D--1kFgd1vMoHmfTe9E--Ddf9OXfwk5UkzYwPZs3ZKw%3D%3D
cookie: _octo=GH1.1.1788271999.1735125765
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 302

server: GitHub.com
date: Wed, 25 Dec 2024 11:26:51 GMT
content-type: text/html; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
access-control-allow-origin:
location: https://raw.githubusercontent.com/Da2dalus/The-MALWARE-Repo/refs/heads/master/Trojan/MrsMajors/MrsMajor3.0.exe
cache-control: no-cache
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
content-length: 0
x-github-request-id: BCA4:2E787E:354A7F:41D2A5:676BEBFA
GET

https://github.com/Da2dalus/The-MALWARE-Repo/raw/refs/heads/master/Trojan/MrsMajors/MrsMajor3.0.exe

msedge.exe

Remote address:

20.26.156.215:443

Request

GET /Da2dalus/The-MALWARE-Repo/raw/refs/heads/master/Trojan/MrsMajors/MrsMajor3.0.exe HTTP/2.0
host: github.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Trojan/MrsMajors/MrsMajor3.0.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _gh_sess=AkizHccWs058JF915G7ccw%2BB5j5gvBsb1qe1F87Db97iiILQ7LZsw661Mfaf6vJR4%2FcbDgz%2FWM5QAUrGSSB%2BxPih63Wy2sR%2BDGqX%2F7t%2FlRmJVwlf%2FliS7wnZL6Dz4Y62nGQ4KddCN8j%2BfTsEy4wEMtylh%2B2DhMEqz%2FgQGpAPkDdcnn5brc3pxP0JBrHD5iw4LL4ZdrQwGVAfWz%2BrFY0Y0xi4L1Hq%2BzDNUrWRwimvSNh%2FzmJZ4P4cR%2FpINkiUYlkSlNJT%2Bekf1DPwTkD8FpNxww%3D%3D--1kFgd1vMoHmfTe9E--Ddf9OXfwk5UkzYwPZs3ZKw%3D%3D
cookie: _octo=GH1.1.1788271999.1735125765
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 302

server: GitHub.com
date: Wed, 25 Dec 2024 11:26:51 GMT
content-type: text/html; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
access-control-allow-origin:
location: https://raw.githubusercontent.com/Da2dalus/The-MALWARE-Repo/refs/heads/master/Trojan/MrsMajors/MrsMajor3.0.exe
cache-control: no-cache
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
content-length: 0
x-github-request-id: BCA4:2E787E:354AAD:41D2DB:676BEBFB
DNS

225.74.250.142.in-addr.arpa

Remote address:

8.8.8.8:53

Request

225.74.250.142.in-addr.arpa

IN PTR

Response

225.74.250.142.in-addr.arpa

IN PTR

par10s40-in-f11e100net
DNS

startitit2-23969.portmap.host

Remote address:

8.8.8.8:53

Request

startitit2-23969.portmap.host

IN A

Response
DNS

startitit2-23969.portmap.host

Remote address:

8.8.8.8:53

Request

startitit2-23969.portmap.host

IN A

Response
DNS

api.github.com

Remote address:

8.8.8.8:53

Request

api.github.com

IN A

Response

api.github.com

IN A

20.26.156.210
DNS

github.com

Remote address:

8.8.8.8:53

Request

github.com

IN A

Response

github.com

IN A

20.26.156.215
DNS

startitit2-23969.portmap.host

Remote address:

8.8.8.8:53

Request

startitit2-23969.portmap.host

IN A

Response
DNS

startitit2-23969.portmap.host

Remote address:

8.8.8.8:53

Request

startitit2-23969.portmap.host

IN A

Response
DNS

startitit2-23969.portmap.host

Remote address:

8.8.8.8:53

Request

startitit2-23969.portmap.host

IN A

Response
DNS

startitit2-23969.portmap.host

Remote address:

8.8.8.8:53

Request

startitit2-23969.portmap.host

IN A

Response
DNS

startitit2-23969.portmap.host

Remote address:

8.8.8.8:53

Request

startitit2-23969.portmap.host

IN A

Response
DNS

startitit2-23969.portmap.host

Remote address:

8.8.8.8:53

Request

startitit2-23969.portmap.host

IN A

Response
DNS

startitit2-23969.portmap.host

Remote address:

8.8.8.8:53

Request

startitit2-23969.portmap.host

IN A

Response
GET

https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Trojan/ArcticBomb.exe

msedge.exe

Remote address:

20.26.156.215:443

Request

GET /Da2dalus/The-MALWARE-Repo/blob/master/Trojan/ArcticBomb.exe HTTP/2.0
host: github.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: application/json
x-requested-with: XMLHttpRequest
x-react-router: json
x-github-target: dotcom
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Trojan/ArcticBomb.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _gh_sess=AkizHccWs058JF915G7ccw%2BB5j5gvBsb1qe1F87Db97iiILQ7LZsw661Mfaf6vJR4%2FcbDgz%2FWM5QAUrGSSB%2BxPih63Wy2sR%2BDGqX%2F7t%2FlRmJVwlf%2FliS7wnZL6Dz4Y62nGQ4KddCN8j%2BfTsEy4wEMtylh%2B2DhMEqz%2FgQGpAPkDdcnn5brc3pxP0JBrHD5iw4LL4ZdrQwGVAfWz%2BrFY0Y0xi4L1Hq%2BzDNUrWRwimvSNh%2FzmJZ4P4cR%2FpINkiUYlkSlNJT%2Bekf1DPwTkD8FpNxww%3D%3D--1kFgd1vMoHmfTe9E--Ddf9OXfwk5UkzYwPZs3ZKw%3D%3D
cookie: _octo=GH1.1.1788271999.1735125765
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 200

server: GitHub.com
date: Wed, 25 Dec 2024 11:27:39 GMT
content-type: application/json; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
etag: W/"155861d70e608b25c991d6202b4579c3"
cache-control: max-age=0, private, must-revalidate
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
content-encoding: gzip
accept-ranges: bytes
content-length: 2294
x-github-request-id: AB46:1B9654:359E5C:4481B4:676BEC2B
GET

https://github.com/Da2dalus/The-MALWARE-Repo/latest-commit/master/Trojan/ArcticBomb.exe

msedge.exe

Remote address:

20.26.156.215:443

Request

GET /Da2dalus/The-MALWARE-Repo/latest-commit/master/Trojan/ArcticBomb.exe HTTP/2.0
host: github.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
content-type: application/json
accept: application/json
x-requested-with: XMLHttpRequest
github-verified-fetch: true
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Trojan/ArcticBomb.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _gh_sess=AkizHccWs058JF915G7ccw%2BB5j5gvBsb1qe1F87Db97iiILQ7LZsw661Mfaf6vJR4%2FcbDgz%2FWM5QAUrGSSB%2BxPih63Wy2sR%2BDGqX%2F7t%2FlRmJVwlf%2FliS7wnZL6Dz4Y62nGQ4KddCN8j%2BfTsEy4wEMtylh%2B2DhMEqz%2FgQGpAPkDdcnn5brc3pxP0JBrHD5iw4LL4ZdrQwGVAfWz%2BrFY0Y0xi4L1Hq%2BzDNUrWRwimvSNh%2FzmJZ4P4cR%2FpINkiUYlkSlNJT%2Bekf1DPwTkD8FpNxww%3D%3D--1kFgd1vMoHmfTe9E--Ddf9OXfwk5UkzYwPZs3ZKw%3D%3D
cookie: _octo=GH1.1.1788271999.1735125765
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 200

server: GitHub.com
date: Wed, 25 Dec 2024 11:27:40 GMT
content-type: application/json; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
etag: W/"5185db155c3506b14ff9569056b0e747"
cache-control: max-age=0, private, must-revalidate
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
content-encoding: gzip
accept-ranges: bytes
content-length: 448
x-github-request-id: AB46:1B9654:359E83:4481E2:676BEC2B
GET

https://github.com/Da2dalus/The-MALWARE-Repo/deferred-metadata/master/Trojan/ArcticBomb.exe

msedge.exe

Remote address:

20.26.156.215:443

Request

GET /Da2dalus/The-MALWARE-Repo/deferred-metadata/master/Trojan/ArcticBomb.exe HTTP/2.0
host: github.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
content-type: application/json
accept: application/json
x-requested-with: XMLHttpRequest
github-verified-fetch: true
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Trojan/ArcticBomb.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _gh_sess=AkizHccWs058JF915G7ccw%2BB5j5gvBsb1qe1F87Db97iiILQ7LZsw661Mfaf6vJR4%2FcbDgz%2FWM5QAUrGSSB%2BxPih63Wy2sR%2BDGqX%2F7t%2FlRmJVwlf%2FliS7wnZL6Dz4Y62nGQ4KddCN8j%2BfTsEy4wEMtylh%2B2DhMEqz%2FgQGpAPkDdcnn5brc3pxP0JBrHD5iw4LL4ZdrQwGVAfWz%2BrFY0Y0xi4L1Hq%2BzDNUrWRwimvSNh%2FzmJZ4P4cR%2FpINkiUYlkSlNJT%2Bekf1DPwTkD8FpNxww%3D%3D--1kFgd1vMoHmfTe9E--Ddf9OXfwk5UkzYwPZs3ZKw%3D%3D
cookie: _octo=GH1.1.1788271999.1735125765
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 200

server: GitHub.com
date: Wed, 25 Dec 2024 11:27:40 GMT
content-type: application/json; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
etag: W/"3b1ec0bc5e0864a5815defaffc90db22"
cache-control: max-age=0, private, must-revalidate
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
content-encoding: gzip
accept-ranges: bytes
content-length: 181
x-github-request-id: AB46:1B9654:359E87:4481EB:676BEC2C
GET

https://github.com/Da2dalus/The-MALWARE-Repo/raw/refs/heads/master/Trojan/ArcticBomb.exe

msedge.exe

Remote address:

20.26.156.215:443

Request

GET /Da2dalus/The-MALWARE-Repo/raw/refs/heads/master/Trojan/ArcticBomb.exe HTTP/2.0
host: github.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Trojan/ArcticBomb.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _gh_sess=AkizHccWs058JF915G7ccw%2BB5j5gvBsb1qe1F87Db97iiILQ7LZsw661Mfaf6vJR4%2FcbDgz%2FWM5QAUrGSSB%2BxPih63Wy2sR%2BDGqX%2F7t%2FlRmJVwlf%2FliS7wnZL6Dz4Y62nGQ4KddCN8j%2BfTsEy4wEMtylh%2B2DhMEqz%2FgQGpAPkDdcnn5brc3pxP0JBrHD5iw4LL4ZdrQwGVAfWz%2BrFY0Y0xi4L1Hq%2BzDNUrWRwimvSNh%2FzmJZ4P4cR%2FpINkiUYlkSlNJT%2Bekf1DPwTkD8FpNxww%3D%3D--1kFgd1vMoHmfTe9E--Ddf9OXfwk5UkzYwPZs3ZKw%3D%3D
cookie: _octo=GH1.1.1788271999.1735125765
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 302

server: GitHub.com
date: Wed, 25 Dec 2024 11:27:43 GMT
content-type: text/html; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
access-control-allow-origin:
location: https://raw.githubusercontent.com/Da2dalus/The-MALWARE-Repo/refs/heads/master/Trojan/ArcticBomb.exe
cache-control: no-cache
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
x-github-request-id: AB46:1B9654:359F9E:448344:676BEC2C
GET

https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Trojan/MEMZ.exe

msedge.exe

Remote address:

20.26.156.215:443

Request

GET /Da2dalus/The-MALWARE-Repo/blob/master/Trojan/MEMZ.exe HTTP/2.0
host: github.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: application/json
x-requested-with: XMLHttpRequest
x-react-router: json
x-github-target: dotcom
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Trojan/MEMZ.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _gh_sess=AkizHccWs058JF915G7ccw%2BB5j5gvBsb1qe1F87Db97iiILQ7LZsw661Mfaf6vJR4%2FcbDgz%2FWM5QAUrGSSB%2BxPih63Wy2sR%2BDGqX%2F7t%2FlRmJVwlf%2FliS7wnZL6Dz4Y62nGQ4KddCN8j%2BfTsEy4wEMtylh%2B2DhMEqz%2FgQGpAPkDdcnn5brc3pxP0JBrHD5iw4LL4ZdrQwGVAfWz%2BrFY0Y0xi4L1Hq%2BzDNUrWRwimvSNh%2FzmJZ4P4cR%2FpINkiUYlkSlNJT%2Bekf1DPwTkD8FpNxww%3D%3D--1kFgd1vMoHmfTe9E--Ddf9OXfwk5UkzYwPZs3ZKw%3D%3D
cookie: _octo=GH1.1.1788271999.1735125765
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 200

server: GitHub.com
date: Wed, 25 Dec 2024 11:28:00 GMT
content-type: application/json; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
etag: W/"594e82fa3c1bf5535f8b068df9fc1b93"
cache-control: max-age=0, private, must-revalidate
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
content-encoding: gzip
accept-ranges: bytes
content-length: 2292
x-github-request-id: AB46:1B9654:35A56A:448ABF:676BEC2F
GET

https://github.com/Da2dalus/The-MALWARE-Repo/latest-commit/master/Trojan/MEMZ.exe

msedge.exe

Remote address:

20.26.156.215:443

Request

GET /Da2dalus/The-MALWARE-Repo/latest-commit/master/Trojan/MEMZ.exe HTTP/2.0
host: github.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
content-type: application/json
accept: application/json
x-requested-with: XMLHttpRequest
github-verified-fetch: true
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Trojan/MEMZ.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _gh_sess=AkizHccWs058JF915G7ccw%2BB5j5gvBsb1qe1F87Db97iiILQ7LZsw661Mfaf6vJR4%2FcbDgz%2FWM5QAUrGSSB%2BxPih63Wy2sR%2BDGqX%2F7t%2FlRmJVwlf%2FliS7wnZL6Dz4Y62nGQ4KddCN8j%2BfTsEy4wEMtylh%2B2DhMEqz%2FgQGpAPkDdcnn5brc3pxP0JBrHD5iw4LL4ZdrQwGVAfWz%2BrFY0Y0xi4L1Hq%2BzDNUrWRwimvSNh%2FzmJZ4P4cR%2FpINkiUYlkSlNJT%2Bekf1DPwTkD8FpNxww%3D%3D--1kFgd1vMoHmfTe9E--Ddf9OXfwk5UkzYwPZs3ZKw%3D%3D
cookie: _octo=GH1.1.1788271999.1735125765
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 200

server: GitHub.com
date: Wed, 25 Dec 2024 11:28:01 GMT
content-type: application/json; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
etag: W/"5185db155c3506b14ff9569056b0e747"
cache-control: max-age=0, private, must-revalidate
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
content-encoding: gzip
accept-ranges: bytes
content-length: 448
x-github-request-id: AB46:1B9654:35A590:448AE8:676BEC40
GET

https://github.com/Da2dalus/The-MALWARE-Repo/deferred-metadata/master/Trojan/MEMZ.exe

msedge.exe

Remote address:

20.26.156.215:443

Request

GET /Da2dalus/The-MALWARE-Repo/deferred-metadata/master/Trojan/MEMZ.exe HTTP/2.0
host: github.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
content-type: application/json
accept: application/json
x-requested-with: XMLHttpRequest
github-verified-fetch: true
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Trojan/MEMZ.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _gh_sess=AkizHccWs058JF915G7ccw%2BB5j5gvBsb1qe1F87Db97iiILQ7LZsw661Mfaf6vJR4%2FcbDgz%2FWM5QAUrGSSB%2BxPih63Wy2sR%2BDGqX%2F7t%2FlRmJVwlf%2FliS7wnZL6Dz4Y62nGQ4KddCN8j%2BfTsEy4wEMtylh%2B2DhMEqz%2FgQGpAPkDdcnn5brc3pxP0JBrHD5iw4LL4ZdrQwGVAfWz%2BrFY0Y0xi4L1Hq%2BzDNUrWRwimvSNh%2FzmJZ4P4cR%2FpINkiUYlkSlNJT%2Bekf1DPwTkD8FpNxww%3D%3D--1kFgd1vMoHmfTe9E--Ddf9OXfwk5UkzYwPZs3ZKw%3D%3D
cookie: _octo=GH1.1.1788271999.1735125765
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 200

server: GitHub.com
date: Wed, 25 Dec 2024 11:28:01 GMT
content-type: application/json; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
etag: W/"3b1ec0bc5e0864a5815defaffc90db22"
cache-control: max-age=0, private, must-revalidate
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
content-encoding: gzip
accept-ranges: bytes
content-length: 181
x-github-request-id: AB46:1B9654:35A598:448AF5:676BEC41
GET

https://github.com/Da2dalus/The-MALWARE-Repo/raw/refs/heads/master/Trojan/MEMZ.exe

msedge.exe

Remote address:

20.26.156.215:443

Request

GET /Da2dalus/The-MALWARE-Repo/raw/refs/heads/master/Trojan/MEMZ.exe HTTP/2.0
host: github.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Trojan/MEMZ.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _gh_sess=AkizHccWs058JF915G7ccw%2BB5j5gvBsb1qe1F87Db97iiILQ7LZsw661Mfaf6vJR4%2FcbDgz%2FWM5QAUrGSSB%2BxPih63Wy2sR%2BDGqX%2F7t%2FlRmJVwlf%2FliS7wnZL6Dz4Y62nGQ4KddCN8j%2BfTsEy4wEMtylh%2B2DhMEqz%2FgQGpAPkDdcnn5brc3pxP0JBrHD5iw4LL4ZdrQwGVAfWz%2BrFY0Y0xi4L1Hq%2BzDNUrWRwimvSNh%2FzmJZ4P4cR%2FpINkiUYlkSlNJT%2Bekf1DPwTkD8FpNxww%3D%3D--1kFgd1vMoHmfTe9E--Ddf9OXfwk5UkzYwPZs3ZKw%3D%3D
cookie: _octo=GH1.1.1788271999.1735125765
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 302

server: GitHub.com
date: Wed, 25 Dec 2024 11:28:03 GMT
content-type: text/html; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
access-control-allow-origin:
location: https://raw.githubusercontent.com/Da2dalus/The-MALWARE-Repo/refs/heads/master/Trojan/MEMZ.exe
cache-control: no-cache
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
content-length: 0
x-github-request-id: AB46:1B9654:35A6AB:448C3D:676BEC41
GET

https://github.com/Da2dalus/The-MALWARE-Repo/raw/refs/heads/master/Trojan/MEMZ.exe

msedge.exe

Remote address:

20.26.156.215:443

Request

GET /Da2dalus/The-MALWARE-Repo/raw/refs/heads/master/Trojan/MEMZ.exe HTTP/2.0
host: github.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Trojan/MEMZ.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _gh_sess=AkizHccWs058JF915G7ccw%2BB5j5gvBsb1qe1F87Db97iiILQ7LZsw661Mfaf6vJR4%2FcbDgz%2FWM5QAUrGSSB%2BxPih63Wy2sR%2BDGqX%2F7t%2FlRmJVwlf%2FliS7wnZL6Dz4Y62nGQ4KddCN8j%2BfTsEy4wEMtylh%2B2DhMEqz%2FgQGpAPkDdcnn5brc3pxP0JBrHD5iw4LL4ZdrQwGVAfWz%2BrFY0Y0xi4L1Hq%2BzDNUrWRwimvSNh%2FzmJZ4P4cR%2FpINkiUYlkSlNJT%2Bekf1DPwTkD8FpNxww%3D%3D--1kFgd1vMoHmfTe9E--Ddf9OXfwk5UkzYwPZs3ZKw%3D%3D
cookie: _octo=GH1.1.1788271999.1735125765
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 302

server: GitHub.com
date: Wed, 25 Dec 2024 11:28:03 GMT
content-type: text/html; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
access-control-allow-origin:
location: https://raw.githubusercontent.com/Da2dalus/The-MALWARE-Repo/refs/heads/master/Trojan/MEMZ.exe
cache-control: no-cache
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
content-length: 0
x-github-request-id: AB46:1B9654:35A704:448CA8:676BEC43
POST

https://api.github.com/_private/browser/stats

msedge.exe

Remote address:

20.26.156.210:443

Request

POST /_private/browser/stats HTTP/2.0
host: api.github.com
content-length: 735
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
content-type: text/plain;charset=UTF-8
accept: */*
origin: https://github.com
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Trojan/ArcticBomb.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _octo=GH1.1.1788271999.1735125765
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 200

date: Wed, 25 Dec 2024 11:27:45 GMT
content-type: text/plain
content-length: 0
cache-control: no-cache
x-ratelimit-limit: 60
x-ratelimit-remaining: 60
x-ratelimit-reset: 1735129665
x-ratelimit-used: 0
x-ratelimit-resource: core
x-github-media-type: github.v3; format=json
x-github-api-version-selected: 2022-11-28
access-control-expose-headers: ETag, Link, Location, Retry-After, X-GitHub-OTP, X-RateLimit-Limit, X-RateLimit-Remaining, X-RateLimit-Used, X-RateLimit-Resource, X-RateLimit-Reset, X-OAuth-Scopes, X-Accepted-OAuth-Scopes, X-Poll-Interval, X-GitHub-Media-Type, X-GitHub-SSO, X-GitHub-Request-Id, Deprecation, Sunset
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
content-security-policy: default-src 'none'
vary: Accept-Encoding, Accept, X-Requested-With
server: github.com
x-github-request-id: 89A8:1126BA:2799D6:324C24:676BEC31

95.100.195.148:443

https://www.bing.com/qbox?query=d&language=en-US&pt=EdgBox&cvid=fd4aeb802adf4258a6554adfef159159&ig=40fdd4e3ec5f477e8e1d8209a684893e&oit=1&cp=1&pgcl=1

tls, http

msedge.exe

1.4kB
4.4kB
8
9

HTTP Request

GET https://www.bing.com/qbox?query=d&language=en-US&pt=EdgBox&cvid=fd4aeb802adf4258a6554adfef159159&ig=40fdd4e3ec5f477e8e1d8209a684893e&oit=1&cp=1&pgcl=1
95.100.195.148:443

https://www.bing.com/qbox?query=my&language=en-US&pt=EdgBox&cvid=fd4aeb802adf4258a6554adfef159159&ig=5b9ce7cdc0984ff2897829bf0917a2bc&oit=1&cp=2&pgcl=1

tls, http

msedge.exe

1.5kB
4.8kB
8
10

HTTP Request

GET https://www.bing.com/qbox?query=my&language=en-US&pt=EdgBox&cvid=fd4aeb802adf4258a6554adfef159159&ig=5b9ce7cdc0984ff2897829bf0917a2bc&oit=1&cp=2&pgcl=1
95.100.195.148:443

https://www.bing.com/qbox?query=d&language=en-US&pt=EdgBox&cvid=58d22fbb25184c96826e1baa90a0e51c&ig=8ce4dff3d19c45d098a1022b825828bc&oit=1&cp=1&pgcl=4

tls, http

msedge.exe

1.4kB
5.0kB
8
10

HTTP Request

GET https://www.bing.com/qbox?query=d&language=en-US&pt=EdgBox&cvid=58d22fbb25184c96826e1baa90a0e51c&ig=8ce4dff3d19c45d098a1022b825828bc&oit=1&cp=1&pgcl=4
95.100.195.148:443

https://www.bing.com/qbox?query=m&language=en-US&pt=EdgBox&cvid=58d22fbb25184c96826e1baa90a0e51c&ig=725065b39a404281a2713400234d10d1&oit=1&cp=1&pgcl=4

tls, http

msedge.exe

2.7kB
6.5kB
11
13

HTTP Request

GET https://www.bing.com/qbox?query=do&language=en-US&pt=EdgBox&cvid=58d22fbb25184c96826e1baa90a0e51c&ig=e54f3a273b7d4ddf93c8c6b1271b93ef&oit=1&cp=2&pgcl=4

HTTP Response

200

HTTP Request

GET https://www.bing.com/qbox?query=d&language=en-US&pt=EdgBox&cvid=58d22fbb25184c96826e1baa90a0e51c&ig=c891126243364f41bbc733ce2008e4b3&oit=1&cp=1&pgcl=4

HTTP Response

200

HTTP Request

GET https://www.bing.com/qbox?query=m&language=en-US&pt=EdgBox&cvid=58d22fbb25184c96826e1baa90a0e51c&ig=725065b39a404281a2713400234d10d1&oit=1&cp=1&pgcl=4
95.100.195.148:443

https://www.bing.com/qbox?query=my&language=en-US&pt=EdgBox&cvid=58d22fbb25184c96826e1baa90a0e51c&ig=3efb36434b334984b500f399428c9fd6&oit=1&cp=2&pgcl=4

tls, http

msedge.exe

1.4kB
522 B
6
6

HTTP Request

GET https://www.bing.com/qbox?query=my&language=en-US&pt=EdgBox&cvid=58d22fbb25184c96826e1baa90a0e51c&ig=3efb36434b334984b500f399428c9fd6&oit=1&cp=2&pgcl=4
95.100.195.148:443

https://www.bing.com/qbox?query=mydo&language=en-US&pt=EdgBox&cvid=58d22fbb25184c96826e1baa90a0e51c&ig=d32eebaff04b48e28c1f29b9c00411f4&oit=1&cp=4&pgcl=4

tls, http

msedge.exe

1.5kB
522 B
6
6

HTTP Request

GET https://www.bing.com/qbox?query=mydo&language=en-US&pt=EdgBox&cvid=58d22fbb25184c96826e1baa90a0e51c&ig=d32eebaff04b48e28c1f29b9c00411f4&oit=1&cp=4&pgcl=4
95.100.195.148:443

https://www.bing.com/qbox?query=mydoo&language=en-US&pt=EdgBox&cvid=58d22fbb25184c96826e1baa90a0e51c&ig=4cb4297eba404118881757afd2d196e2&oit=1&cp=5&pgcl=4

tls, http

msedge.exe

1.5kB
4.4kB
8
9

HTTP Request

GET https://www.bing.com/qbox?query=mydoo&language=en-US&pt=EdgBox&cvid=58d22fbb25184c96826e1baa90a0e51c&ig=4cb4297eba404118881757afd2d196e2&oit=1&cp=5&pgcl=4
95.100.195.148:443

https://www.bing.com/qbox?query=mydoom+d&language=en-US&pt=EdgBox&cvid=58d22fbb25184c96826e1baa90a0e51c&ig=28db198234bf4f24bb15f3b1d614c478&oit=4&cp=8&pgcl=4

tls, http

msedge.exe

2.7kB
10.4kB
14
17

HTTP Request

GET https://www.bing.com/qbox?query=mydoom&language=en-US&pt=EdgBox&cvid=58d22fbb25184c96826e1baa90a0e51c&ig=4a52be8e954243899c0c6012a5064e6e&oit=1&cp=6&pgcl=4

HTTP Response

200

HTTP Request

GET https://www.bing.com/qbox?query=mydoom+&language=en-US&pt=EdgBox&cvid=58d22fbb25184c96826e1baa90a0e51c&ig=a88885d5f9784bef9d0aabcb9ed01124&oit=1&cp=7&pgcl=4

HTTP Response

200

HTTP Request

GET https://www.bing.com/qbox?query=mydoom+d&language=en-US&pt=EdgBox&cvid=58d22fbb25184c96826e1baa90a0e51c&ig=28db198234bf4f24bb15f3b1d614c478&oit=4&cp=8&pgcl=4
95.100.195.148:443

https://www.bing.com/qbox?query=mydoom+dow&language=en-US&pt=EdgBox&cvid=58d22fbb25184c96826e1baa90a0e51c&ig=5ecf207f499a4e6f9c70de42a2d4ee47&oit=4&cp=10&pgcl=4

tls, http

msedge.exe

1.5kB
849 B
6
7

HTTP Request

GET https://www.bing.com/qbox?query=mydoom+dow&language=en-US&pt=EdgBox&cvid=58d22fbb25184c96826e1baa90a0e51c&ig=5ecf207f499a4e6f9c70de42a2d4ee47&oit=4&cp=10&pgcl=4
95.100.195.148:443

https://www.bing.com/qbox?query=mydoom+downl&language=en-US&pt=EdgBox&cvid=58d22fbb25184c96826e1baa90a0e51c&ig=47fa98c7e8ac4c55984ebdf665329cab&oit=4&cp=12&pgcl=4

tls, http

msedge.exe

2.1kB
3.5kB
10
11

HTTP Request

GET https://www.bing.com/qbox?query=mydoom+down&language=en-US&pt=EdgBox&cvid=58d22fbb25184c96826e1baa90a0e51c&ig=9e78c158ae7e4f748df1cf3b6428fb32&oit=4&cp=11&pgcl=4

HTTP Response

200

HTTP Request

GET https://www.bing.com/qbox?query=mydoom+downl&language=en-US&pt=EdgBox&cvid=58d22fbb25184c96826e1baa90a0e51c&ig=47fa98c7e8ac4c55984ebdf665329cab&oit=4&cp=12&pgcl=4
95.100.195.148:443

https://www.bing.com/qbox?query=mydoom+downlo&language=en-US&pt=EdgBox&cvid=58d22fbb25184c96826e1baa90a0e51c&ig=029f06b8febd4540817c54e04676b71b&oit=4&cp=13&pgcl=4

tls, http

msedge.exe

1.5kB
849 B
7
7

HTTP Request

GET https://www.bing.com/qbox?query=mydoom+downlo&language=en-US&pt=EdgBox&cvid=58d22fbb25184c96826e1baa90a0e51c&ig=029f06b8febd4540817c54e04676b71b&oit=4&cp=13&pgcl=4
95.100.195.148:443

https://www.bing.com/qbox?query=mydoom+download&language=en-US&pt=EdgBox&cvid=58d22fbb25184c96826e1baa90a0e51c&ig=483816a0888e4b21b749bc366f30b974&oit=4&cp=15&pgcl=4

tls, http

msedge.exe

1.5kB
522 B
6
6

HTTP Request

GET https://www.bing.com/qbox?query=mydoom+download&language=en-US&pt=EdgBox&cvid=58d22fbb25184c96826e1baa90a0e51c&ig=483816a0888e4b21b749bc366f30b974&oit=4&cp=15&pgcl=4
95.100.195.148:443

https://www.bing.com/qbox?query=free+minecra&language=en-US&pt=EdgBox&cvid=da51f10fee9e4c68929b4d4f7a55def8&ig=ffe4b223f7eb4c079fa8a727b220b8fe&oit=4&cp=12&pgcl=4

tls, http

msedge.exe

22.7kB
72.6kB
60
90

HTTP Request

GET https://www.bing.com/search?q=mydoom+download&cvid=58d22fbb25184c96826e1baa90a0e51c&aqs=edge.0.0l7.8086j0j4&FORM=ANAB01&PC=U531

HTTP Response

200

HTTP Request

GET https://www.bing.com/sa/simg/Roboto_Semibold.woff2

HTTP Response

200

HTTP Request

GET https://www.bing.com/sa/simg/favicon-trans-bg-blue-mg.ico

HTTP Response

200

HTTP Request

GET https://www.bing.com/fd/ls/l?IG=7AAC67B96C9140B491DCA5B62937FD8E&CID=2338596C739167DE37764C0C725866D5&TYPE=Event.ClientInst&DATA=%5B%7B%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1735125758939%2C%22Name%22%3A%220%22%2C%22FID%22%3A%22DARKMODE%22%7D%5D

HTTP Response

200

HTTP Request

GET https://www.bing.com/fd/ls/l?IG=7AAC67B96C9140B491DCA5B62937FD8E&CID=2338596C739167DE37764C0C725866D5&Type=Event.ClientInst&DATA=[{%22T%22:%22CI.SERPSB%22,%22FID%22:%22CI%22,%22Name%22:%22CharCount%22,%22Text%22:%2215%22}]

HTTP Response

200

HTTP Request

POST https://www.bing.com/rewardsapp/reportActivity?IG=7AAC67B96C9140B491DCA5B62937FD8E&IID=SERP.5061&q=mydoom+download&cvid=58d22fbb25184c96826e1baa90a0e51c&aqs=edge.0.0l7.8086j0j4&FORM=ANAB01&PC=U531

HTTP Response

200

HTTP Request

GET https://www.bing.com/fd/ls/l?IG=7AAC67B96C9140B491DCA5B62937FD8E&CID=2338596C739167DE37764C0C725866D5&TYPE=Event.ClientInst&DATA=%5B%7B%22width%22%3A%221280%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1735125758949%2C%22Name%22%3A%22M%22%2C%22FID%22%3A%22BRW%22%7D%2C%7B%22height%22%3A%22601%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1735125758949%2C%22Name%22%3A%22S%22%2C%22FID%22%3A%22BRH%22%7D%2C%7B%22RawDPR%22%3A%221.0%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1735125758949%2C%22Name%22%3A%221.0%22%2C%22FID%22%3A%22DPR%22%7D%2C%7B%22T%22%3A%22CI.SCArrST%22%2C%22TS%22%3A1735125758966%2C%22Name%22%3A1757%2C%22FID%22%3A%22SCArrST%22%7D%2C%7B%22T%22%3A%22CI.ClientInst%22%2C%22TS%22%3A1735125759274%2C%22Name%22%3A%22OrgId%22%2C%22FID%22%3A%22NoSignInAttempt%22%7D%2C%7B%22correlationId%22%3A%22676beafba0d24a9380a9eebd839dda89%22%2C%22T%22%3A%22CI.acclink%22%2C%22TS%22%3A1735125759283%2C%22Name%22%3A%22loadJsModule%22%2C%22FID%22%3A%22init%22%7D%2C%7B%22correlationId%22%3A%22676beafba0d24a9380a9eebd839dda89%22%2C%22T%22%3A%22CI.acclink%22%2C%22TS%22%3A1735125759283%2C%22Name%22%3A%22undirectflow%22%2C%22FID%22%3A%22init%22%7D%2C%7B%22osBuildVersion%22%3A%5B%2210%22%2C%220%22%2C%2222000%22%5D%2C%22isWin11OrHigher%22%3A%22true%22%2C%22fullOsBuild%22%3A%2210.0.22000%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1735125759310%2C%22Name%22%3A%22OSBuild%22%2C%22FID%22%3A%22OSBuild%22%7D%2C%7B%22T%22%3A%22CI.Tab%22%2C%22TS%22%3A1735125759533%2C%22Name%22%3A%221%22%2C%22FID%22%3A%22count%22%7D%2C%7B%22T%22%3A%22CI.DevLoc%22%2C%22TS%22%3A1735125760215%2C%22Name%22%3A%22PromptDevLoc%22%2C%22FID%22%3A%22AutoPrompt%22%7D%5D

HTTP Response

200

HTTP Request

GET https://www.bing.com/qbox?query=free+mine&language=en-US&pt=EdgBox&cvid=da51f10fee9e4c68929b4d4f7a55def8&ig=bead57170e8b4bf98cfd85ff82ec9f57&oit=4&cp=9&pgcl=4

HTTP Response

200

HTTP Request

GET https://www.bing.com/qbox?query=free+minec&language=en-US&pt=EdgBox&cvid=da51f10fee9e4c68929b4d4f7a55def8&ig=d60d338175644516be81dd15d783ad3f&oit=4&cp=10&pgcl=4

HTTP Response

200

HTTP Request

GET https://www.bing.com/qbox?query=free+minecr&language=en-US&pt=EdgBox&cvid=da51f10fee9e4c68929b4d4f7a55def8&ig=f74ca1cc081740d79b875091c0ab00fb&oit=4&cp=11&pgcl=4

HTTP Response

200

HTTP Request

GET https://www.bing.com/qbox?query=free+minecra&language=en-US&pt=EdgBox&cvid=da51f10fee9e4c68929b4d4f7a55def8&ig=ffe4b223f7eb4c079fa8a727b220b8fe&oit=4&cp=12&pgcl=4
95.100.195.148:443

https://www.bing.com/qbox?query=f&language=en-US&pt=EdgBox&cvid=da51f10fee9e4c68929b4d4f7a55def8&ig=32d6dbad680c43498b21b381615abd3e&oit=1&cp=1&pgcl=4

tls, http

msedge.exe

28.0kB
60.1kB
60
83

HTTP Request

GET https://www.bing.com/sa/simg/Roboto_Regular.woff2

HTTP Response

200

HTTP Request

GET https://www.bing.com/rp/5A_wVM0BDlqDmkBnZeuIpN6wkcA.br.js

HTTP Response

200

HTTP Request

GET https://www.bing.com/fd/ls/l?IG=7AAC67B96C9140B491DCA5B62937FD8E&CID=2338596C739167DE37764C0C725866D5&Type=Event.ClientInst&DATA=[{%22T%22:%22CI.BM%22,%22FID%22:%22CI%22,%22Name%22:%22HV%22}]

HTTP Response

200

HTTP Request

GET https://www.bing.com/fd/ls/l?IG=7AAC67B96C9140B491DCA5B62937FD8E&CID=2338596C739167DE37764C0C725866D5&Type=Event.CPT&DATA={%22pp%22:{%22S%22:%22L%22,%22FC%22:1266,%22BC%22:1266,%22SE%22:-1,%22TC%22:-1,%22H%22:1930,%22BP%22:2057,%22CT%22:2064,%22IL%22:1},%22ad%22:[-1,-1,1263,601,1263,1983,0],%22net%22:%22undefined%22}&P=SERP&DA=DUBE01

HTTP Response

200

HTTP Request

GET https://www.bing.com/fd/ls/l?IG=7AAC67B96C9140B491DCA5B62937FD8E&CID=2338596C739167DE37764C0C725866D5&TYPE=Event.ClientInst&DATA=%5B%7B%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1735125758930%2C%22Name%22%3A%220%22%2C%22FID%22%3A%22EdgeSpoofing%22%7D%2C%7B%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1735125758938%2C%22Name%22%3A%220%22%2C%22FID%22%3A%22DM%22%7D%5D

HTTP Response

200

HTTP Request

GET https://www.bing.com/images/sbi?mmasync=1&ig=7AAC67B96C9140B491DCA5B62937FD8E&iid=.5094&ptn=Web&ep=0&iconpl=1

HTTP Response

200

HTTP Request

GET https://www.bing.com/fd/ls/l?IG=7AAC67B96C9140B491DCA5B62937FD8E&CID=2338596C739167DE37764C0C725866D5&TYPE=Event.ClientInst&DATA=%5B%7B%22Text%22%3A%220%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1735125760218%2C%22Name%22%3A%22web%22%2C%22FID%22%3A%22DynScopeRank%22%7D%2C%7B%22Text%22%3A%221%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1735125760218%2C%22Name%22%3A%22images%22%2C%22FID%22%3A%22DynScopeRank%22%7D%2C%7B%22Text%22%3A%222%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1735125760218%2C%22Name%22%3A%22video%22%2C%22FID%22%3A%22DynScopeRank%22%7D%2C%7B%22Text%22%3A%223%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1735125760218%2C%22Name%22%3A%22local%22%2C%22FID%22%3A%22DynScopeRank%22%7D%2C%7B%22Text%22%3A%224%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1735125760218%2C%22Name%22%3A%22news%22%2C%22FID%22%3A%22DynScopeRank%22%7D%2C%7B%22Text%22%3A%225%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1735125760218%2C%22Name%22%3A%22shop%22%2C%22FID%22%3A%22DynScopeRank%22%7D%2C%7B%22Text%22%3A%226%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1735125760218%2C%22Name%22%3A%22flights%22%2C%22FID%22%3A%22DynScopeRank%22%7D%2C%7B%22Text%22%3A%227%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1735125760218%2C%22Name%22%3A%22travelhub%22%2C%22FID%22%3A%22DynScopeRank%22%7D%2C%7B%22Text%22%3A%228%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1735125760218%2C%22Name%22%3A%22hotels%22%2C%22FID%22%3A%22DynScopeRank%22%7D%2C%7B%22Fallback%22%3A%221%22%2C%22IsRewardUser%22%3A%22%22%2C%22IsAutoOpenFlyout%22%3A%22%22%2C%22SuppressionReason%22%3A%22NoTrigger%3AMuidTrialNotEnoughPoints%22%2C%22FID%22%3A%22ModernRewardsFlyout%22%2C%22EventName%22%3A%22AutoOpenFlyoutFired%22%2C%22T%22%3A%22CI.Init%22%2C%22TS%22%3A1735125760218%2C%22Name%22%3A%22AutoOpenFlyoutFired%22%7D%5D

HTTP Response

200

HTTP Request

GET https://www.bing.com/fd/ls/l?IG=7AAC67B96C9140B491DCA5B62937FD8E&CID=2338596C739167DE37764C0C725866D5&TYPE=Event.ClientInst&DATA=%5B%7B%22T%22%3A%22CI.DevLoc%22%2C%22TS%22%3A1735125760218%2C%22Name%22%3A%22tryBlock%22%2C%22FID%22%3A%22AutoPrompt%22%7D%5D

HTTP Response

200

HTTP Request

GET https://www.bing.com/ck/a?!&&p=de6807f3b40c57a424a6bfab0ca751f9f300e16f09aabf53b7f7d537deea5361JmltdHM9MTczNTA4NDgwMA&ptn=3&ver=2&hsh=4&fclid=2338596c-7391-67de-3776-4c0c725866d5&psq=mydoom+download&u=a1aHR0cHM6Ly9naXRodWIuY29tL0RhMmRhbHVzL1RoZS1NQUxXQVJFLVJlcG8&ntb=1

HTTP Response

200

HTTP Request

GET https://www.bing.com/favicon.ico

HTTP Response

200

HTTP Request

GET https://www.bing.com/qbox?query=&language=en-US&pt=EdgBox&cvid=da51f10fee9e4c68929b4d4f7a55def8&oit=0

HTTP Response

200

HTTP Request

GET https://www.bing.com/qbox?query=f&language=en-US&pt=EdgBox&cvid=da51f10fee9e4c68929b4d4f7a55def8&ig=32d6dbad680c43498b21b381615abd3e&oit=1&cp=1&pgcl=4
95.100.195.148:443

https://www.bing.com/qbox?query=free+m&language=en-US&pt=EdgBox&cvid=da51f10fee9e4c68929b4d4f7a55def8&ig=534a83ab8d88481296fad1cb9d631fb6&oit=4&cp=6&pgcl=4

tls, http

msedge.exe

47.3kB
10.8kB
52
55

HTTP Request

GET https://www.bing.com/fd/ls/l?IG=7AAC67B96C9140B491DCA5B62937FD8E&CID=2338596C739167DE37764C0C725866D5&TYPE=Event.ClientInst&DATA=%5B%7B%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1735125758944%2C%22Name%22%3A%224g%22%2C%22FID%22%3A%22NTWKTYP%22%7D%5D

HTTP Response

200

HTTP Request

GET https://www.bing.com/fd/ls/l?IG=7AAC67B96C9140B491DCA5B62937FD8E&CID=2338596C739167DE37764C0C725866D5&Type=Event.ClientInst&DATA=[{%22T%22:%22CI.SERPSB%22,%22FID%22:%22CI%22,%22Name%22:%22LandingRows%22,%22Text%22:%221%22}]

HTTP Response

200

HTTP Request

GET https://www.bing.com/geolocation/write?isBlocked=true&sid=1237EDD3F7EE629C1C5CF8B3F6276339&clientsid=undefined

HTTP Response

200

HTTP Request

GET https://www.bing.com/fd/ls/l?IG=7AAC67B96C9140B491DCA5B62937FD8E&CID=2338596C739167DE37764C0C725866D5&TYPE=Event.ClientInst&DATA=%5B%7B%22T%22%3A%22CI.ASBundleLoad%22%2C%22TS%22%3A1735125760371%2C%22Name%22%3A%22AutoSuggestBootstrap%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22LoadTime%22%3A%224979.5000000158325%22%2C%22T%22%3A%22CI.AutosuggestBootstrapLoaded%22%2C%22TS%22%3A1735125760373%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22LoadTime%22%3A%226373.500000016065%22%2C%22T%22%3A%22CI.AutosuggestJSBundleLoaded%22%2C%22TS%22%3A1735125760373%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22T%22%3A%22CI.DevLoc%22%2C%22TS%22%3A1735125760405%2C%22Name%22%3A%22BlockSuccess%22%2C%22FID%22%3A%22AutoPrompt%22%7D%5D

HTTP Response

200

HTTP Request

GET https://www.bing.com/secure/Passport.aspx?popup=1&ssl=1

HTTP Response

200

HTTP Request

GET https://www.bing.com/ipv6test/test?FORM=MONITR

HTTP Response

200

HTTP Request

POST https://www.bing.com/fd/ls/GLinkPingPost.aspx?IG=7AAC67B96C9140B491DCA5B62937FD8E&ID=SERP,5135.2&url=https%3A%2F%2Fwww.bing.com%2Fck%2Fa%3F!%26%26p%3Dde6807f3b40c57a424a6bfab0ca751f9f300e16f09aabf53b7f7d537deea5361JmltdHM9MTczNTA4NDgwMA%26ptn%3D3%26ver%3D2%26hsh%3D4%26fclid%3D2338596c-7391-67de-3776-4c0c725866d5%26psq%3Dmydoom%2Bdownload%26u%3Da1aHR0cHM6Ly9naXRodWIuY29tL0RhMmRhbHVzL1RoZS1NQUxXQVJFLVJlcG8%26ntb%3D1

HTTP Response

200

HTTP Request

POST https://www.bing.com/fd/ls/lsp.aspx

HTTP Response

204

HTTP Request

GET https://www.bing.com/qbox?query=free+m&language=en-US&pt=EdgBox&cvid=da51f10fee9e4c68929b4d4f7a55def8&ig=534a83ab8d88481296fad1cb9d631fb6&oit=4&cp=6&pgcl=4
95.100.195.148:443

https://www.bing.com/qbox?query=free+&language=en-US&pt=EdgBox&cvid=da51f10fee9e4c68929b4d4f7a55def8&ig=a4ebf6fb9b56481b95ad6a2aa725d61e&oit=1&cp=5&pgcl=4

tls, http

msedge.exe

28.7kB
65.8kB
64
92

HTTP Request

POST https://www.bing.com/fd/ls/lsp.aspx?

HTTP Response

204

HTTP Request

GET https://www.bing.com/fd/ls/l?IG=7AAC67B96C9140B491DCA5B62937FD8E&CID=2338596C739167DE37764C0C725866D5&TYPE=Event.ClientInst&DATA=%5B%7B%22T%22%3A%22CI.Init%22%2C%22TS%22%3A1735125756599%2C%22Name%22%3A%22Base%22%2C%22FID%22%3A%22CI%22%7D%2C%7B%22Rtt%22%3A%22200%22%2C%22Downlink%22%3A%221.9%22%2C%22T%22%3A%22CI.NetworkPerformance%22%2C%22TS%22%3A1735125756599%2C%22Name%22%3A%22timinginfo%22%2C%22FID%22%3A%22NetworkPerformanceDetails%22%7D%5D

HTTP Response

200

HTTP Request

GET https://www.bing.com/rewardsapp/widgetassets/prod/medallion/1.1.2/js/widget.js?t=241225

HTTP Response

200

HTTP Request

GET https://www.bing.com/fd/ls/l?IG=7AAC67B96C9140B491DCA5B62937FD8E&CID=2338596C739167DE37764C0C725866D5&Type=Event.ClientInst&DATA=[{%22T%22:%22Info%22,%22FID%22:%22CI%22,%22Name%22:%22ClientDimNotSent%22,%22Text%22:%221%22}]

HTTP Response

200

HTTP Request

POST https://www.bing.com/rewardsapp/ncheader?ver=52270063&IID=SERP.5051&IG=7AAC67B96C9140B491DCA5B62937FD8E

HTTP Response

200

HTTP Request

POST https://www.bing.com/orgid/idtoken/conditional

HTTP Response

200

HTTP Request

GET https://www.bing.com/fd/ls/l?IG=7AAC67B96C9140B491DCA5B62937FD8E&CID=2338596C739167DE37764C0C725866D5&Type=Event.ClientInst&DATA=[{%22T%22:%22CI.FeedbackInit%22,%22FID%22:%22CI%22,%22Name%22:%22Feedback%22,%22Text%22:%22sb_feedback%22}]

HTTP Response

200

HTTP Request

GET https://www.bing.com/fd/ls/l?IG=7AAC67B96C9140B491DCA5B62937FD8E&CID=2338596C739167DE37764C0C725866D5&TYPE=Event.ClientInst&DATA=%5B%7B%22T%22%3A%22CI.DevLoc%22%2C%22TS%22%3A1735125760218%2C%22Name%22%3A%22block%22%2C%22FID%22%3A%22AutoPrompt%22%7D%5D

HTTP Response

200

HTTP Request

POST https://www.bing.com/fd/ls/lsp.aspx

HTTP Response

204

HTTP Request

GET https://www.bing.com/qbox?query=fr&language=en-US&pt=EdgBox&cvid=da51f10fee9e4c68929b4d4f7a55def8&ig=401aca834e6b4850a30f825e753ac863&oit=1&cp=2&pgcl=4

HTTP Response

200

HTTP Request

GET https://www.bing.com/qbox?query=fre&language=en-US&pt=EdgBox&cvid=da51f10fee9e4c68929b4d4f7a55def8&ig=63828e5059d34e8597bf1ab01b214149&oit=1&cp=3&pgcl=4

HTTP Response

200

HTTP Request

GET https://www.bing.com/qbox?query=free&language=en-US&pt=EdgBox&cvid=da51f10fee9e4c68929b4d4f7a55def8&ig=9f86216676cc4fd6b92a32e303dd91d8&oit=1&cp=4&pgcl=4

HTTP Response

200

HTTP Request

GET https://www.bing.com/qbox?query=free+&language=en-US&pt=EdgBox&cvid=da51f10fee9e4c68929b4d4f7a55def8&ig=a4ebf6fb9b56481b95ad6a2aa725d61e&oit=1&cp=5&pgcl=4
95.100.195.189:443

https://r.bing.com/rp/dbmNS45xQvD1diApY1T2HExvOo8.jpg

tls, http

msedge.exe

23.8kB
33.5kB
45
61

HTTP Request

GET https://r.bing.com/rp/dliRwIxSaWxw-rZZkpFj-NPxBOA.br.css

HTTP Response

200

HTTP Request

GET https://r.bing.com/rb/5U/cir3,cc,nc/vQzKbQMzetrJLFKyVioeAbgvM7E.css?bu=Bm5ujBS_FeMXbg&or=w

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/ILpAc2VIof0cr4Py3y4rAFMboow.br.css

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/_uzlXsRnS5Ra0MSF1ACv1JzUOlU.br.css

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/VktYCgYmJQhASKykbCzusQ8Uqo8.br.css

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/ASquubOekjWYCJwlunJ-aqgJVvM.br.css

HTTP Response

200

HTTP Request

GET https://r.bing.com/rb/4N/cc,nc/snnSLSAwgsOSJF1HZbQVd81R95o.css?bu=Au0R-hE&or=w

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/oI5RhkwetxuVgfOww-Nc0yTFfkU.br.css

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/IlGx5JyQLSR5amBY1qzAWL3z-LI.br.css

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/tH67fvQiF0nalrIJQQCukA-8_u4.br.css

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/4dS7uk1FfGdjhnjNuO7uM1lU6Dc.br.css

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/17Kbwo14aoBIPkSeISAgHKajyeA.br.css

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/fdVZU4ttbw8NDRm6H3I5BW3_vCo.svg

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/NnFHhz2jL6yzChtIhaB5IIVKY5k.svg

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/dbmNS45xQvD1diApY1T2HExvOo8.jpg

HTTP Response

200
95.100.195.189:443

https://r.bing.com/rp/ln5TQq6AIWfcBlduDk-5bnaJMpY.jpg

tls, http

msedge.exe

19.1kB
29.7kB
37
52

HTTP Request

GET https://r.bing.com/rp/mq2km3vGlSmBhmoWmAFYcw09I0o.br.css

HTTP Response

200

HTTP Request

GET https://r.bing.com/rb/5W/cir3,cc,nc/jaWASttYmk6jtv2YhoMNB2OzLI0.css?bu=DeEu4DCkMqky5DLmOok9aOkxjS9ogzxo&or=w

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/icNDaHbrcaIFIZRVzDw7Mn4j_ws.br.css

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/wczR3URZR4-oWjjc5idYK8_hr54.br.css

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/BAy11H3wRXaRcm85yqz4_tjE_U8.br.css

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/2W6N7byXj1BspnYUZI2WP3l11J0.br.css

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/rcJx5DodqqK-wxOI4K71tEgPVuE.br.css

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/H_AIjpKtj6MWw03xzSY7VP-3v_g.br.css

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/g8RFvmgwpBLY15PHz6aDHrBdIok.br.css

HTTP Response

200

HTTP Request

GET https://r.bing.com/rb/3T/cc,nc/FtH7yWHWJjaF_w_8GhgR7aWXHVM.css?bu=AtkD-gM&or=w

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/KC_nX2_tPPyFvVw1RK20Yu1FyDk.svg

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/ln5TQq6AIWfcBlduDk-5bnaJMpY.jpg

HTTP Response

200
95.100.195.189:443

https://r.bing.com/rp/cRvrvrUA03NVEig8SXhQtErnYaM.br.css

tls, http

msedge.exe

27.8kB
49.8kB
53
76

HTTP Request

GET https://r.bing.com/rs/5W/2hb/cir3,cc,nc/1KKUBDl-P5UnnMr4CFdIc4245kE.css?or=w

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/HnTisSbDqDcynvZ6icoKs1zYGQE.br.css

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/aWcvNmbBScgv7y8smTMInr1pX1k.br.css

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/iex9xOQQZy9eCAA55osfedgdfHY.br.css

HTTP Response

200

HTTP Request

GET https://r.bing.com/rb/5U/cc,nc/x0UaV4rAXPOr7W3kHPDIjM0y2-0.css?bu=BG7KGMcYvRg&or=w

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/oovQ50wVYon598L2kxn0rbVAI0k.br.css

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/o7Kb4BJdgw-aDzsVZChYKHGUa6w.br.css

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/yj7m_FD5mF9gOu3E6yQ461205q0.br.css

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/yZcwTXaWRuhQ7asFXZKcGicQJM4.br.css

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/HK3JWgw7vGok-S1ZNIRi81ouk9s.br.css

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/B6jGHby7hXuEC7enS8xiNSUwqXw.png

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/qUkJ_atyBXdNaz_6J1Oh4klqCUg.br.css

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/vDjLjnEkXEuH2C8u3tT0A004qwQ.br.css

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/Fsa_OI0AplCnVoXGca8ALOo0S0s.svg

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/95z5wMy4UcfbSSSlSw780vQ5jKA.jpg

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/ni3MyKKVu9pK0SgY6gb6Z2NOGpg.jpg

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/cRvrvrUA03NVEig8SXhQtErnYaM.br.css

HTTP Response

200
95.100.195.189:443

https://r.bing.com/rp/dJ6zhcu6hCA_ehQSQmjPCmEnGfY.br.css

tls, http

msedge.exe

24.5kB
29.6kB
43
57

HTTP Request

GET https://r.bing.com/rp/zh5yhbkbJVkzFqNrcigech9CW1Y.br.css

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/Qo1KJzoRMo31gE9sb--6dyXZlXw.br.css

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/oMe6-1unS900pZU7Ueh9zFhCpZs.br.css

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/dVMW5tVdi3_S7aODH6eNGoZMETI.br.css

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/D5J2f43mDKS53i88a3lr0emaEB4.br.css

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/sd09ZoqYFtYgki8gbUcaMRzc1N4.br.css

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/r1W3Us9sqNEEDTV-z9ivBVemdOs.br.css

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/f7F7gkCBmf3fpEpT07FtU78rkg4.br.css

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/GwvTDzr-_7Ipq8Y_s09cnrmtIeY.br.css

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/Ra6gRXsMm2WooMA178dYrbFLMUU.br.css

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/S5v5mQLthXQUleTzGiiWTgGhU24.br.css

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/c4ruj6QGsmSnOG64gJJnnnYDa44.br.css

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/UYtUYDcn1oZlFG-YfBPz59zejYI.svg

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/cfeVf2-uV0hUo3ToTbLjztuomWk.jpg

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/dJ6zhcu6hCA_ehQSQmjPCmEnGfY.br.css

HTTP Response

200
95.100.195.189:443

https://r.bing.com/rp/lvCKZ07bEYtoYmY62ifMzVa0RIE.jpg

tls, http

msedge.exe

21.0kB
35.4kB
43
60

HTTP Request

GET https://r.bing.com/rb/5W/cc,nc/GZY3PyHImAjt56VIC2PBbIGPof4.css?bu=AcIX&or=w

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/sS9WdiLA9F38WKJqRP3fX-VP9Lo.br.css

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/uf6-405sDPw8dZxAwsFhXIwMMWQ.br.css

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/RuJsq8eAYqkavNQ_kj9tyr6ZZ4U.br.css

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/-daH6PNAGaQg3qCzuka0kd2jKdY.br.css

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/gQ1jxIQABGnYmoqYi1itol2s4Nc.br.css

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/zNCol8wZNOqNu5J9AALR7kSilGc.br.css

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/6vW-cIY2Dxj_U1X3fdBnNVLFgF8.br.css

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/LrkoEs5Wr_EVEejC8ayFO3YHrw4.br.css

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/5-y8FBmAkXLBZZghI-X94CRnsqg.br.css

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/4L4QdyjTv0HYE2Ig2ol9eYoqxg8.svg

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/hx-eea1zqtCz4K0bW2uH_oN7Fs4.jpg

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/lvCKZ07bEYtoYmY62ifMzVa0RIE.jpg

HTTP Response

200
95.100.195.189:443

https://r.bing.com/rp/GJDmKr3_TS3Qpm6KEL9UKUQKUO4.jpg

tls, http

msedge.exe

18.8kB
36.0kB
40
57

HTTP Request

GET https://r.bing.com/rb/5W/cc,nc/VsGd7ArAkRnLu5ZjSEmDdBRJ3AE.css?bu=IGhouwuXD2iyD5oQ4BP_E5sUaGiMFoEf7SFozCaTLGhouCTRBdQFaDicAZwEaM9Ei0VoaA&or=w

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/8hd1-XgnZ26SnhiiMN_GgejYN8w.br.css

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/7APrwFbw1Ly9Oc0nCuyUM30nTqM.br.css

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/4ZTaLaL7iv-7hReOFdLM6qYIq8c.br.css

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/eeGCipqheoe_uezlnNy3LLj5EpM.br.css

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/d1CTdFN2PzYdPJfj02hT834p0CA.br.css

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/P38DWK7Xtu4-1AEqPvXltg-NJaE.br.css

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/9QVAd0uprTCf6QvhFRBK-cLsJ44.br.css

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/Sup-zKprBXap74esHIEtHpeXnfE.br.css

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/zpz9mUu6xFDGIytYv1oooVE8Jzg.br.css

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/kiGH9ukZK6Q4hvtDtwwVc1yvueg.svg

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/GJDmKr3_TS3Qpm6KEL9UKUQKUO4.jpg

HTTP Response

200
95.100.195.189:443

https://r.bing.com/sa/simg/Roboto_Regular.woff2

tls, http

msedge.exe

15.7kB
69.6kB
61
91

HTTP Request

GET https://r.bing.com/rp/FIrq4n7XJcH-bxJlHvalz0nETAA.br.js

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/4vmXcresDrXXGfYqCZnpE80tVj0.br.css

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/cfKt7bw67nxWZkkgOIRReDE3rQI.br.js

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/AJF0byxTDIdetV3TqxY9v12oeN8.br.js

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/MzyDqbzAe1f4stub6mLV5gA_bVA.br.js

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/eFDN7fKU2A1-FihFOP4WWnERGEw.br.js

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/RzViTKGwkEgFQiH73K3yCMS31gY.br.js

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/XpyaFPNakGOwlPXoOWhSNZDWjDU.br.js

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/TaNyfCzxqBX9l7QZbgZUegopTuI.br.js

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/K3hC1_cQXGFr6cxRJVWYpzZJaAM.br.js

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/Gyuq2bqitqDJM0BeAkbKXGlQXNw.br.js

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/_2I169N92jVtSc_VEsV0nma5sRY.br.js

HTTP Response

200

HTTP Request

GET https://r.bing.com/rs/6r/ku/jnc,nj/cNbseG2vlUH2ubvgjbDJtgTzQPo.js?or=w

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/mOy7YpeLJ3c40BBAFNUI6SmOUTY.br.js

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/hAEVe25_jil71qxV8HNHEcjwOsk.br.js

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/O-ejpxJOK4ur1-qUtpPRk7Z6wj0.br.js

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/FmQyPuaotJoJngGZby-oO070KQA.br.js

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/aSHY1fgTTA30J2uolpV0_7aWZVo.br.js

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/ivu0QwP26BHIJjH_DSqboRdhsO0.br.js

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/VKotk_QDV7V7jdYhLvGcrJlzHyE.br.js

HTTP Response

200

HTTP Request

GET https://r.bing.com/sa/simg/Roboto_Regular.woff2

HTTP Response

404
95.100.195.189:443

https://r.bing.com/rp/5XYcZsgWWzbiBf6EUQH4mydZTiI.br.js

tls, http

msedge.exe

12.6kB
42.4kB
45
65

HTTP Request

GET https://r.bing.com/rp/etKr8FCYxUI3jpSkVsECVLsVlbY.br.js

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/iqYxm8r46lk-3ernDKEwdszk1wo.br.js

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/yt5G3936XbeOUUYvhktH-Zp37Ac.br.js

HTTP Response

200

HTTP Request

GET https://r.bing.com/rb/4N/jnc,nj/WjC77O8uVx9--UZpQC4Qfpa7qaE.js?bu=A683sje1Nw&or=w

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/TFi00n9kt1lqPoE9f5YVPavsHbE.br.js

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/2B9u0snswl6MSm6KlelCMIZAr0E.br.js

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/QhINJ5aAulL1ot_r_8dLH_aIfCk.br.js

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/eeSRHmOwBCiYGkxCHmb9VbJ2hT8.br.js

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/oO6dDlhvIVzy0HGcxNJVSFPNKzA.br.js

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/PmNLAq2f0t_lcD3LTchFOVy6h-U.br.js

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/gKwIRAF4fg7noG1zyeUz8x3Jdhc.br.js

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/GSNeCa5XvtoP6jz0k5V172vRaQ8.br.js

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/I_ndi6vVBymh23DuqRe-LcSg9Uk.br.js

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/iY8PAEydb3lbGfuJiuA9ICzXgY8.br.js

HTTP Response

200

HTTP Request

GET https://r.bing.com/rs/6r/lN/nj/EmG-XMIMCcq8zmcVBBO7jkFERAE.js?or=w

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/PUx-sNZ5_D-0sf742vcWqy9vjIU.br.js

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/5XYcZsgWWzbiBf6EUQH4mydZTiI.br.js

HTTP Response

200
95.100.195.189:443

https://r.bing.com/rp/F9ya6E3sghxzDhnC7u30wctxmxI.br.js

tls, http

msedge.exe

16.0kB
46.6kB
54
78

HTTP Request

GET https://r.bing.com/rp/w2ye0W2xVVGtLI2lFrOy9f7eTEE.br.js

HTTP Response

200

HTTP Request

GET https://r.bing.com/sa/simg/Roboto_Regular.woff2

HTTP Response

404

HTTP Request

GET https://r.bing.com/sa/simg/Roboto_Semibold.woff2

HTTP Response

404

HTTP Request

GET https://r.bing.com/rs/6r/fU/jnc,nj/tlifxqsNyCzxIJnRwtQKuZToQQw.js?or=w

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/KjcQM3UW1nOQMxru5p6M1wKu4ZQ.br.js

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/0KrsBMKWyD66Rwt3tiMAonQOyGw.br.js

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/V5dpoD3fjhPtv-hIh3ssEsOr5_M.br.js

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/MHGveHjpT20MyFEdoL1KWdpZGoU.br.js

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/Yp5uRx1ZvJMBOj_5nU0FUN0279s.br.js

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/KLrSbzDKMog0mCiPcB9iwoEvlE4.br.js

HTTP Response

200

HTTP Request

GET https://r.bing.com/rs/6r/lz/nj/pxzfjFIjWTDQikh0A5aT_cguYyc.js?or=w

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/V_fBQ_iVmAgE_Ta_T-6BNXc0ZY4.br.js

HTTP Response

200

HTTP Request

GET https://r.bing.com/rs/6r/x2/nj/nt6a1ZR520utsLoZmSYgwxdOPgI.js?or=w

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/8LIV7VPMYjV_ya4Ggnu8LBWQIQQ.br.js

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/Xz21jpkTfbBon6hHKW7e4R7Hl0U.br.js

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/yZjAz6-B4hIBhJ6D3nAyY_Ebn44.br.js

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/CcMXS8Oo0OUnUE0LzYK9AFJ6la8.br.js

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/-2EVJNDwymhr08bVch00GwpjiDA.br.js

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/fSddFSSxFfxdxp7epLdqESvgpwk.br.js

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/7R5WVaqi6UfSmn2gXZNR1SUqI2k.br.js

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/BkcwASIof-oJUpgdmm3P7mWEwrY.br.js

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/F9ya6E3sghxzDhnC7u30wctxmxI.br.js

HTTP Response

200
95.100.195.175:443

https://th.bing.com/th?id=ODLS.A2450BEC-5595-40BA-9F13-D9EC6AB74B9F&w=32&h=32&qlt=96&pcl=fffffa&o=6&pid=1.2

tls, http

msedge.exe

6.2kB
10.0kB
24
28

HTTP Request

GET https://th.bing.com/th?id=ODLS.A2450BEC-5595-40BA-9F13-D9EC6AB74B9F&w=32&h=32&qlt=90&pcl=fffffa&o=6&pid=1.2

HTTP Response

200

HTTP Request

GET https://th.bing.com/th?id=ODLS.A2450BEC-5595-40BA-9F13-D9EC6AB74B9F&w=32&h=32&qlt=91&pcl=fffffa&o=6&pid=1.2

HTTP Response

200

HTTP Request

GET https://th.bing.com/th?id=ODLS.A2450BEC-5595-40BA-9F13-D9EC6AB74B9F&w=32&h=32&qlt=96&pcl=fffffa&o=6&pid=1.2

HTTP Response

200
95.100.195.175:443

th.bing.com

tls

msedge.exe

1.1kB
5.2kB
12
13
2.19.252.134:443

https://aefd.nelreports.net/api/report?cat=bingaotak

tls, http

msedge.exe

2.3kB
6.1kB
19
20

HTTP Request

OPTIONS https://aefd.nelreports.net/api/report?cat=bingaotak

HTTP Response

200

HTTP Request

OPTIONS https://aefd.nelreports.net/api/report?cat=bingaotak

HTTP Response

200
95.100.195.189:443

https://r.bing.com/rp/lwgCOY8rCo0Ub0btSshwRlT9HWI.br.js

tls, http

msedge.exe

12.6kB
39.8kB
44
66

HTTP Request

GET https://r.bing.com/rp/NW_w0EXs3h3l9N3PeqyVuRIrqp8.br.js

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/B41j9eGM1DLNjQd-XrgY_sctGDk.br.js

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/LLsqdhmv3RjYgfuepDBrVLeWshY.br.js

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/T5889cz8zTrV7Rl2tlyjGriSuv0.br.js

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/Hdw3pI7FtFvJcOy2ZZvd6vlbAOU.br.js

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/6ZpK9fh9cD0LYcXzkYpUR9MV_-g.br.js

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/Mi_1CQO28mEq97e_dzQbiA3Bgx0.br.js

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/n21aGRCN5EKHB3qObygw029dyNU.br.js

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/zL4sntecq0RmP6dobtS9Rd5WRvU.br.js

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/c-kfqLSd-OD-g3VtLKozRdXMO14.br.js

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/Nz3080e44w3456W4QiR1L5nz6Tg.br.js

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/UftfQbYuKvGGEUHPU3QGHYd90Z8.br.js

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/WwTHOlBv_iLBpZXNWkp-HzVHgrM.br.js

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/Sv8bO2oxkbGjZh6Pe_GKzG1DtDU.br.js

HTTP Response

200

HTTP Request

GET https://r.bing.com/rb/3s/jnc,nj/MVT8kycZ0G8jBgAYbG29BRlRppY.js?bu=Abkd&or=w

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/18fHpE0UHdi8_2-uCNRuSOzGKik.br.js

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/lwgCOY8rCo0Ub0btSshwRlT9HWI.br.js

HTTP Response

200
95.100.195.189:443

https://r.bing.com/rp/irBkLw7EkO4AlsHlqwAleGAk1gY.br.js

tls, http

msedge.exe

10.6kB
31.7kB
40
57

HTTP Request

GET https://r.bing.com/rp/qwce00QJxdHzNxXh5H1mBc8QgBU.br.js

HTTP Response

200

HTTP Request

GET https://r.bing.com/rs/6r/ke/jnc,nj/Cxjd16nFbgkBYjPRUOx3kaNSK7w.js?or=w

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/8xkvUeJjS0zgx9UJLaoz8Ih_Yy4.br.js

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/cVhztCgE3ZjlZ4NrICPGsTh1WbQ.br.js

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/83zI0hMJWlilJFob8oEJ4_0I6j4.br.js

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/TjyWAmemrltxca9Tew0hTL__JHg.br.js

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/8CgcSSLayxEVUBf0swP_bQGMId8.br.js

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/psgXZvzYJMEW2ydikIk493Va1d4.br.js

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/K_V1CARn2Q2lTs5njJKUvUkHyi4.br.js

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/uceaWoHkRefVM5EK1cFT2TcyRm0.br.js

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/6mZmj1db42G_jniFgdT7MCvBgyA.br.js

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/rWS0_tb2SOLTRkwVU0KG23fe_v0.br.js

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/4a2l6ts7ENpX5gGW0kp5U2iD6h8.br.js

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/irBkLw7EkO4AlsHlqwAleGAk1gY.br.js

HTTP Response

200
95.100.195.189:443

https://r.bing.com/sa/simg/Roboto_Semibold.woff2

tls, http

msedge.exe

13.1kB
58.1kB
54
83

HTTP Request

GET https://r.bing.com/rp/x2emqXiwLnoij1FAO-zonC2BP_I.br.js

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/fYa4G4wbz4PjD3tZaW3pycMuo2c.br.js

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/zqwSU3XTEQLKpczawXAy_t0XtEU.br.js

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/ip7DTy4KbenoY6zeu7omsfcdHyI.br.js

HTTP Response

200

HTTP Request

GET https://r.bing.com/rs/6r/uR/jnc,nj/Qp5q6DtDal0Q6zp3EOeEQbFTsW0.js?or=w

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/LJBbk33xj0wpN1yZ2F5CHaTSir0.br.js

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/lLk8XmbdNzzlnPRzVzDhaF9yjqw.br.js

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/9xGNA8UskvA9WHF58zbLOHZ5HvI.br.js

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/5L3iD467J3iJWEPwIjxlK0MMDpY.br.js

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/NfTD8Ovh04Y_Ni14YxqYB8R_2_Q.br.js

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/fRSNKQanUHk53F1a1Bi8UA71Qt4.br.js

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/zlfm-hC70pZAs62UVTTl3KShKOE.br.js

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/eKvcHdnNwo1WcxoSioV4ztnfZk8.br.js

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/Y5Oi04QbFKQce-Q-PM36ANdY9E0.br.js

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/ulJ3ckR0YcGpvIX6xhO4prJhEQQ.br.js

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/DY2Md1oF5F7szcyNQaQohhJf-_U.br.js

HTTP Response

200

HTTP Request

GET https://r.bing.com/sa/simg/Roboto_Semibold.woff2

HTTP Response

404
95.100.195.148:443

https://www.bing.com/qbox?query=free+min&language=en-US&pt=EdgBox&cvid=da51f10fee9e4c68929b4d4f7a55def8&ig=d310916c596d499485c89c2d6edfe4ba&oit=4&cp=8&pgcl=4

tls, http

msedge.exe

7.1kB
1.7kB
17
17

HTTP Request

GET https://www.bing.com/fd/ls/l?IG=7AAC67B96C9140B491DCA5B62937FD8E&CID=2338596C739167DE37764C0C725866D5&Type=Event.ClientInst&DATA=[{%22T%22:%22CI.BM%22,%22FID%22:%22CI%22,%22Name%22:%22HV%22}]

HTTP Response

200

HTTP Request

GET https://www.bing.com/fd/ls/l?IG=7AAC67B96C9140B491DCA5B62937FD8E&CID=2338596C739167DE37764C0C725866D5&TYPE=Event.ClientInst&DATA=%5B%7B%22T%22%3A%22CI.DevLoc%22%2C%22TS%22%3A1735125760215%2C%22Name%22%3A%22Perm_Available%22%2C%22FID%22%3A%22AutoPrompt%22%7D%5D

HTTP Response

200

HTTP Request

GET https://www.bing.com/qbox?query=free+min&language=en-US&pt=EdgBox&cvid=da51f10fee9e4c68929b4d4f7a55def8&ig=d310916c596d499485c89c2d6edfe4ba&oit=4&cp=8&pgcl=4
95.100.195.175:443

https://th.bing.com/th?id=ODLS.A2450BEC-5595-40BA-9F13-D9EC6AB74B9F&w=32&h=32&qlt=95&pcl=fffffa&o=6&pid=1.2

tls, http

msedge.exe

3.0kB
6.9kB
19
21

HTTP Request

GET https://th.bing.com/th?id=ODLS.A2450BEC-5595-40BA-9F13-D9EC6AB74B9F&w=32&h=32&qlt=95&pcl=fffffa&o=6&pid=1.2

HTTP Response

200
95.100.195.175:443

https://th.bing.com/th?id=ODLS.A2450BEC-5595-40BA-9F13-D9EC6AB74B9F&w=32&h=32&qlt=98&pcl=fffffa&o=6&pid=1.2

tls, http

msedge.exe

4.6kB
4.3kB
20
21

HTTP Request

GET https://th.bing.com/th?id=ODLS.A2450BEC-5595-40BA-9F13-D9EC6AB74B9F&w=32&h=32&qlt=92&pcl=fffffa&o=6&pid=1.2

HTTP Response

200

HTTP Request

GET https://th.bing.com/th?id=ODLS.A2450BEC-5595-40BA-9F13-D9EC6AB74B9F&w=32&h=32&qlt=98&pcl=fffffa&o=6&pid=1.2

HTTP Response

200
95.100.195.175:443

https://th.bing.com/th?id=ODLS.A2450BEC-5595-40BA-9F13-D9EC6AB74B9F&w=32&h=32&qlt=99&pcl=fffffa&o=6&pid=1.2

tls, http

msedge.exe

4.6kB
4.3kB
20
21

HTTP Request

GET https://th.bing.com/th?id=ODLS.A2450BEC-5595-40BA-9F13-D9EC6AB74B9F&w=32&h=32&qlt=93&pcl=fffffa&o=6&pid=1.2

HTTP Response

200

HTTP Request

GET https://th.bing.com/th?id=ODLS.A2450BEC-5595-40BA-9F13-D9EC6AB74B9F&w=32&h=32&qlt=99&pcl=fffffa&o=6&pid=1.2

HTTP Response

200
95.100.195.175:443

https://th.bing.com/th?id=ODLS.A2450BEC-5595-40BA-9F13-D9EC6AB74B9F&w=32&h=32&qlt=94&pcl=fffffa&o=6&pid=1.2

tls, http

msedge.exe

3.0kB
6.9kB
19
21

HTTP Request

GET https://th.bing.com/th?id=ODLS.A2450BEC-5595-40BA-9F13-D9EC6AB74B9F&w=32&h=32&qlt=94&pcl=fffffa&o=6&pid=1.2

HTTP Response

200
95.100.195.175:443

https://th.bing.com/th?id=ODLS.A2450BEC-5595-40BA-9F13-D9EC6AB74B9F&w=32&h=32&qlt=97&pcl=fffffa&o=6&pid=1.2

tls, http

msedge.exe

3.0kB
6.9kB
19
21

HTTP Request

GET https://th.bing.com/th?id=ODLS.A2450BEC-5595-40BA-9F13-D9EC6AB74B9F&w=32&h=32&qlt=97&pcl=fffffa&o=6&pid=1.2

HTTP Response

200
95.100.195.148:443

https://www.bing.com/qbox?query=free+mi&language=en-US&pt=EdgBox&cvid=da51f10fee9e4c68929b4d4f7a55def8&ig=c4473c34f86e466881261e5189a981ea&oit=4&cp=7&pgcl=4

tls, http

msedge.exe

5.1kB
1.4kB
14
14

HTTP Request

GET https://www.bing.com/fd/ls/l?IG=7AAC67B96C9140B491DCA5B62937FD8E&CID=2338596C739167DE37764C0C725866D5&TYPE=Event.ClientInst&DATA=%5B%7B%22T%22%3A%22CI.DevLoc%22%2C%22TS%22%3A1735125760218%2C%22Name%22%3A%22Perm_Denied%22%2C%22FID%22%3A%22AutoPrompt%22%7D%5D

HTTP Response

200

HTTP Request

GET https://www.bing.com/qbox?query=free+mi&language=en-US&pt=EdgBox&cvid=da51f10fee9e4c68929b4d4f7a55def8&ig=c4473c34f86e466881261e5189a981ea&oit=4&cp=7&pgcl=4
20.190.159.68:443

https://login.microsoftonline.com/common/oauth2/authorize?client_id=9ea1ad79-fdb6-4f9a-8bc3-2b70f96e34c7&response_type=id_token+code&nonce=786a1cf0-73f1-42fa-9077-8f14881843ec&redirect_uri=https%3a%2f%2fwww.bing.com%2forgid%2fidtoken%2fconditional&scope=openid%20email%20profile%209ea1ad79-fdb6-4f9a-8bc3-2b70f96e34c7/.default&response_mode=form_post&instance_aware=true&msafed=0&prompt=none&state=%7b%22ig%22%3a%227AAC67B96C9140B491DCA5B62937FD8E%22%7d

tls, http2

msedge.exe

2.9kB
8.3kB
21
25

HTTP Request

GET https://login.microsoftonline.com/common/oauth2/authorize?client_id=9ea1ad79-fdb6-4f9a-8bc3-2b70f96e34c7&response_type=id_token+code&nonce=786a1cf0-73f1-42fa-9077-8f14881843ec&redirect_uri=https%3a%2f%2fwww.bing.com%2forgid%2fidtoken%2fconditional&scope=openid%20email%20profile%209ea1ad79-fdb6-4f9a-8bc3-2b70f96e34c7/.default&response_mode=form_post&instance_aware=true&msafed=0&prompt=none&state=%7b%22ig%22%3a%227AAC67B96C9140B491DCA5B62937FD8E%22%7d

HTTP Response

200
20.26.156.215:443

https://github.com/Da2dalus/The-MALWARE-Repo/raw/refs/heads/master/RAT/CrimsonRAT.exe

tls, http2

msedge.exe

11.4kB
235.1kB
145
243

HTTP Request

GET https://github.com/Da2dalus/The-MALWARE-Repo

HTTP Response

200

HTTP Request

GET https://github.com/Da2dalus/The-MALWARE-Repo/security/overall-count

HTTP Request

GET https://github.com/Da2dalus/The-MALWARE-Repo/hovercards/citation/sidebar_partial?tree_name=master

HTTP Request

GET https://github.com/Da2dalus/The-MALWARE-Repo/used_by_list

HTTP Request

GET https://github.com/Da2dalus/The-MALWARE-Repo/latest-commit/master

HTTP Request

GET https://github.com/Da2dalus/The-MALWARE-Repo/refs?type=branch

HTTP Request

GET https://github.com/Da2dalus/The-MALWARE-Repo/tree-commit-info/master

HTTP Request

GET https://github.com/Da2dalus/The-MALWARE-Repo/branch-and-tag-count

HTTP Response

200

HTTP Response

204

HTTP Request

GET https://github.com/manifest.json

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://github.com/Da2dalus/The-MALWARE-Repo/tree/master/RAT

HTTP Response

200

HTTP Request

GET https://github.com/Da2dalus/The-MALWARE-Repo/latest-commit/master/RAT

HTTP Request

GET https://github.com/Da2dalus/The-MALWARE-Repo/tree-commit-info/master/RAT

HTTP Request

GET https://github.com/Da2dalus/The-MALWARE-Repo/deferred-metadata/master/RAT

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/RAT/NJRat.exe

HTTP Response

200

HTTP Request

GET https://github.com/Da2dalus/The-MALWARE-Repo/latest-commit/master/RAT/NJRat.exe

HTTP Request

GET https://github.com/Da2dalus/The-MALWARE-Repo/deferred-metadata/master/RAT/NJRat.exe

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://github.com/Da2dalus/The-MALWARE-Repo/raw/refs/heads/master/RAT/NJRat.exe

HTTP Response

302

HTTP Request

GET https://github.com/Da2dalus/The-MALWARE-Repo/raw/refs/heads/master/RAT/NJRat.exe

HTTP Response

302

HTTP Request

GET https://github.com/Da2dalus/The-MALWARE-Repo/raw/refs/heads/master/RAT/NJRat.exe

HTTP Response

302

HTTP Request

GET https://github.com/Da2dalus/The-MALWARE-Repo/raw/refs/heads/master/RAT/NJRat.exe

HTTP Response

302

HTTP Request

GET https://github.com/Da2dalus/The-MALWARE-Repo/raw/refs/heads/master/RAT/NJRat.exe

HTTP Response

302

HTTP Request

GET https://github.com/Da2dalus/The-MALWARE-Repo/raw/refs/heads/master/RAT/NJRat.exe

HTTP Response

302

HTTP Request

GET https://github.com/Da2dalus/The-MALWARE-Repo/raw/refs/heads/master/RAT/NJRat.exe

HTTP Response

302

HTTP Request

GET https://github.com/Da2dalus/The-MALWARE-Repo/raw/refs/heads/master/RAT/NJRat.exe

HTTP Response

302

HTTP Request

GET https://github.com/Da2dalus/The-MALWARE-Repo/raw/refs/heads/master/RAT/NJRat.exe

HTTP Response

302

HTTP Request

GET https://github.com/Da2dalus/The-MALWARE-Repo/raw/refs/heads/master/RAT/NJRat.exe

HTTP Response

302

HTTP Request

GET https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/RAT/CrimsonRAT.exe

HTTP Response

200

HTTP Request

GET https://github.com/Da2dalus/The-MALWARE-Repo/latest-commit/master/RAT/CrimsonRAT.exe

HTTP Request

GET https://github.com/Da2dalus/The-MALWARE-Repo/deferred-metadata/master/RAT/CrimsonRAT.exe

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://github.com/Da2dalus/The-MALWARE-Repo/raw/refs/heads/master/RAT/CrimsonRAT.exe

HTTP Response

302
20.26.156.215:443

github.com

tls

msedge.exe

943 B
3.9kB
8
9
185.199.109.154:443

https://github.githubassets.com/assets/react-code-view-46a8d3dce54e.js

tls, http2

msedge.exe

33.8kB
1.1MB
496
863

HTTP Request

GET https://github.githubassets.com/assets/light-0cfd1fd8509e.css

HTTP Request

GET https://github.githubassets.com/assets/dark-d782f59290e2.css

HTTP Request

GET https://github.githubassets.com/assets/primer-primitives-953961b66e63.css

HTTP Request

GET https://github.githubassets.com/assets/repository-d031bcc14e1b.css

HTTP Request

GET https://github.githubassets.com/assets/global-47b8b2ca21ae.css

HTTP Request

GET https://github.githubassets.com/assets/primer-4430d3c2c150.css

HTTP Request

GET https://github.githubassets.com/assets/notifications-subscriptions-menu.1bcff9205c241e99cff2.module.css

HTTP Request

GET https://github.githubassets.com/assets/repos-overview.9cc263aa0716ce801059.module.css

HTTP Request

GET https://github.githubassets.com/assets/code-9e1913b328be.css

HTTP Request

GET https://github.githubassets.com/assets/github-e72829f5538b.css

HTTP Request

GET https://github.githubassets.com/assets/primer-react.797c8ec006b327590422.module.css

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_tanstack_query-core_build_modern_queryObserver_js-node_modules_tanstack_-defd52-843b41414e0e.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_github_hydro-analytics-client_dist_analytics-client_js-node_modules_gith-9002b0-881da98a8b00.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_dompurify_dist_purify_js-b89b98661809.js

HTTP Request

GET https://github.githubassets.com/assets/ui_packages_paths_index_ts-4e4d706da555.js

HTTP Request

GET https://github.githubassets.com/assets/ui_packages_aria-live_aria-live_ts-ui_packages_promise-with-resolvers-polyfill_promise-with-r-014121-a7926fdcecf7.js

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://github.githubassets.com/assets/ui_packages_ref-selector_RefSelector_tsx-9445f4afb2bc.js

HTTP Request

GET https://github.githubassets.com/assets/ui_packages_code-view-shared_hooks_use-canonical-object_ts-ui_packages_code-view-shared_hooks-503c34-7dfba50d2c16.js

HTTP Request

GET https://github.githubassets.com/assets/ui_packages_commit-attribution_index_ts-ui_packages_commit-checks-status_index_ts-ui_packages-56ee79-b20e64ad06f9.js

HTTP Request

GET https://github.githubassets.com/assets/repos-overview-e21499fb8264.js

HTTP Request

GET https://github.githubassets.com/assets/wp-runtime-8fd927947b24.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_oddbird_popover-polyfill_dist_popover_js-9da652f58479.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_github_arianotify-polyfill_ariaNotify-polyfill_js-node_modules_github_mi-3abb8f-d7e6bc799724.js

HTTP Request

GET https://github.githubassets.com/assets/ui_packages_failbot_failbot_ts-c551691a8183.js

HTTP Request

GET https://github.githubassets.com/assets/environment-7b93e0f0c8ff.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_primer_behaviors_dist_esm_index_mjs-ea2a5d75d580.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_github_selector-observer_dist_index_esm_js-f690fd9ae3d5.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_github_relative-time-element_dist_index_js-f6da4b3fa34c.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_github_auto-complete-element_dist_index_js-node_modules_github_catalyst_-8e9f78-a74b4e0a8a6b.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_github_text-expander-element_dist_index_js-78748950cb0c.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_github_filter-input-element_dist_index_js-node_modules_github_remote-inp-b5f1d7-a1760ffda83d.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_github_markdown-toolbar-element_dist_index_js-ceef33f593fa.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_github_file-attachment-element_dist_index_js-node_modules_primer_view-co-c44a69-c6d035fa8dc8.js

HTTP Request

GET https://github.githubassets.com/assets/github-elements-f991cfab5105.js

HTTP Request

GET https://github.githubassets.com/assets/element-registry-d283cbab281e.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_braintree_browser-detection_dist_browser-detection_js-node_modules_githu-bb80ec-7f43298e364b.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_lit-html_lit-html_js-be8cb88f481b.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_github_mini-throttle_dist_index_js-node_modules_morphdom_dist_morphdom-e-7c534c-a4a1922eb55f.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_github_turbo_dist_turbo_es2017-esm_js-e3cbe28f1638.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_github_remote-form_dist_index_js-node_modules_delegated-events_dist_inde-893f9f-6cf3320416b8.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_color-convert_index_js-e3180fe3bcb3.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_github_quote-selection_dist_index_js-node_modules_github_session-resume_-69cfcc-833249ee3034.js

HTTP Request

GET https://github.githubassets.com/assets/ui_packages_updatable-content_updatable-content_ts-863ef5872a03.js

HTTP Request

GET https://github.githubassets.com/assets/app_assets_modules_github_behaviors_task-list_ts-app_assets_modules_github_sso_ts-ui_packages-900dde-917d4bda1f1a.js

HTTP Request

GET https://github.githubassets.com/assets/app_assets_modules_github_sticky-scroll-into-view_ts-7cbef09a422c.js

HTTP Request

GET https://github.githubassets.com/assets/app_assets_modules_github_behaviors_ajax-error_ts-app_assets_modules_github_behaviors_include-d0d0a6-b41aeef03499.js

HTTP Request

GET https://github.githubassets.com/assets/app_assets_modules_github_behaviors_commenting_edit_ts-app_assets_modules_github_behaviors_ht-83c235-fb43816ab83c.js

HTTP Request

GET https://github.githubassets.com/assets/behaviors-a6abce982f3f.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_delegated-events_dist_index_js-node_modules_github_catalyst_lib_index_js-f6223d90c7ba.js

HTTP Request

GET https://github.githubassets.com/assets/notifications-global-cfcd9f4f0f23.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_virtualized-list_es_index_js-node_modules_github_template-parts_lib_index_js-96453a51f920.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_github_remote-form_dist_index_js-node_modules_delegated-events_dist_inde-70450e-eecf0d50276f.js

HTTP Request

GET https://github.githubassets.com/assets/app_assets_modules_github_ref-selector_ts-842c74d2eab4.js

HTTP Request

GET https://github.githubassets.com/assets/codespaces-a493a4b9528f.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_github_filter-input-element_dist_index_js-node_modules_github_remote-inp-3eebbd-0763620ad7bf.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_github_mini-throttle_dist_decorators_js-node_modules_delegated-events_di-e161aa-9d41fb1b6c9e.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_github_file-attachment-element_dist_index_js-node_modules_github_remote--3c9c82-7238cfcdaa51.js

HTTP Request

GET https://github.githubassets.com/assets/repositories-f3093651fb0e.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_github_mini-throttle_dist_index_js-node_modules_github_catalyst_lib_inde-dbbea9-26cce2010167.js

HTTP Request

GET https://github.githubassets.com/assets/code-menu-b5f092ec4b30.js

HTTP Request

GET https://github.githubassets.com/assets/primer-react-753dc87b1e29.js

HTTP Request

GET https://github.githubassets.com/assets/react-core-accb67f1350f.js

HTTP Request

GET https://github.githubassets.com/assets/react-lib-2131e17288a8.js

HTTP Request

GET https://github.githubassets.com/assets/octicons-react-45c3a19dd792.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_tanstack_query-core_build_modern_queryClient_js-e6f07a7e80b7.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_emotion_is-prop-valid_dist_emotion-is-prop-valid_esm_js-node_modules_emo-37e3d5-92730c05e718.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_github_mini-throttle_dist_index_js-node_modules_stacktrace-parser_dist_s-e7dcdd-f7cc96ebae76.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_oddbird_popover-polyfill_dist_popover-fn_js-55fea94174bf.js

HTTP Request

GET https://github.githubassets.com/assets/notifications-subscriptions-menu-51601778bd8d.js

HTTP Request

GET https://github.githubassets.com/assets/ui_packages_ui-commands_ui-commands_ts-df3b47d86af0.js

HTTP Request

GET https://github.githubassets.com/assets/keyboard-shortcuts-dialog-958cae8ecd6c.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_github_remote-form_dist_index_js-node_modules_delegated-events_dist_inde-94fd67-73b675cf164a.js

HTTP Request

GET https://github.githubassets.com/assets/sessions-5d6426bbf16a.js

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://github.githubassets.com/assets/chunk-app_components_primer_experimental_select-panel-element_ts-4becf93aa968.js

HTTP Request

GET https://github.githubassets.com/assets/chunk-app_components_primer_experimental_toggle-switch-element_ts-04349cb42240.js

HTTP Request

GET https://github.githubassets.com/assets/chunk-app_components_search_custom-scopes-element_ts-e27cda452715.js

HTTP Request

GET https://github.githubassets.com/assets/chunk-vendors-node_modules_github_mini-throttle_dist_index_js-node_modules_github_combobox-nav_dist-b7767a-9ad7d4eda3d9.js

HTTP Request

GET https://github.githubassets.com/assets/ui_packages_query-builder-element_query-builder-element_ts-405952f48873.js

HTTP Request

GET https://github.githubassets.com/assets/app_assets_modules_github_blob-anchor_ts-ui_packages_code-nav_code-nav_ts-ui_packages_filter--8253c1-f38cdfca9137.js

HTTP Request

GET https://github.githubassets.com/assets/chunk-ui_packages_hydro-analytics_hydro-analytics_ts-ui_packages_jump-to-element_model_ts-201ddaee8e7d.js

HTTP Request

GET https://github.githubassets.com/assets/chunk-app_components_search_qbsearch-input-element_ts-343b1f8e02e1.js

HTTP Request

GET https://github.githubassets.com/assets/chunk-ui_packages_cookie-consent-link-element_element-entry_ts-0ade2bf7a852.js

HTTP Request

GET https://github.githubassets.com/assets/chunk-ui_packages_ghcc-consent-element_element-entry_ts-28a44339e296.js

HTTP Request

GET https://github.githubassets.com/assets/chunk-vendors-node_modules_github_mini-throttle_dist_index_js-node_modules_github_combobox-nav_dist-5f477b-eeb221e8a5a3.js

HTTP Request

GET https://github.githubassets.com/assets/chunk-ui_packages_hydro-analytics_hydro-analytics_ts-ui_packages_query-builder-element_element-entry_ts-bb301b3aed11.js

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://github.githubassets.com/assets/chunk-ui_packages_webauthn-get-element_element-entry_ts-0937e3810b98.js

HTTP Request

GET https://github.githubassets.com/assets/chunk-ui_packages_code-view-shared_components_files-search_FileResultsList_tsx-9889e76b905e.js

HTTP Response

200

HTTP Request

GET https://github.githubassets.com/assets/chunk-vendors-node_modules_consent-banner_dist_consent-banner_js-362ca569b596.js

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://github.githubassets.com/assets/react-code-view.6b587a69b593e23c3657.module.css

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_lodash-es__Stack_js-node_modules_lodash-es__Uint8Array_js-node_modules_l-4faaa6-10d8eea337ce.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_lodash-es__baseIsEqual_js-8929eb9718d5.js

HTTP Request

GET https://github.githubassets.com/assets/ui_packages_code-view-shared_utilities_web-worker_ts-ui_packages_code-view-shared_worker-jobs-cdcae1-f0dc8f3ae3e0.js

HTTP Request

GET https://github.githubassets.com/assets/ui_packages_document-metadata_document-metadata_ts-ui_packages_repos-file-tree-view_repos-fil-5db355-d0627efd6544.js

HTTP Request

GET https://github.githubassets.com/assets/react-code-view-46a8d3dce54e.js

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200
185.199.111.133:443

https://avatars.githubusercontent.com/u/123590232?v=4&size=40

tls, http2

msedge.exe

2.6kB
12.7kB
26
31

HTTP Request

GET https://avatars.githubusercontent.com/u/63458929?s=64&v=4

HTTP Request

GET https://avatars.githubusercontent.com/u/123590232?s=64&v=4

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://avatars.githubusercontent.com/u/63458929?v=4&size=40

HTTP Response

200

HTTP Request

GET https://avatars.githubusercontent.com/u/123590232?v=4&size=40

HTTP Response

200
185.199.109.154:443

github.githubassets.com

tls

msedge.exe

747 B
4.3kB
5
6
185.199.109.154:443

github.githubassets.com

tls

msedge.exe

747 B
2.7kB
5
5
185.199.109.154:443

github.githubassets.com

tls

msedge.exe

747 B
3.7kB
5
6
185.199.109.154:443

github.githubassets.com

tls

msedge.exe

747 B
1.7kB
5
5
185.199.109.154:443

github.githubassets.com

tls

msedge.exe

701 B
132 B
4
3
185.199.111.133:443

avatars.githubusercontent.com

tls

msedge.exe

747 B
3.7kB
5
6
185.199.109.154:443

https://github.githubassets.com/favicons/favicon.png

tls, http2

msedge.exe

2.6kB
24.9kB
29
37

HTTP Request

GET https://github.githubassets.com/favicons/favicon.svg

HTTP Request

GET https://github.githubassets.com/assets/apple-touch-icon-144x144-b882e354c005.png

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://github.githubassets.com/favicons/favicon.png

HTTP Response

200
140.82.114.21:443

https://collector.github.com/github/collect

tls, http2

msedge.exe

20.7kB
13.8kB
58
66

HTTP Request

POST https://collector.github.com/github/collect

HTTP Response

204

HTTP Request

POST https://collector.github.com/github/collect

HTTP Response

204

HTTP Request

POST https://collector.github.com/github/collect

HTTP Request

POST https://collector.github.com/github/collect

HTTP Response

204

HTTP Response

204

HTTP Request

POST https://collector.github.com/github/collect

HTTP Response

204

HTTP Request

POST https://collector.github.com/github/collect

HTTP Request

POST https://collector.github.com/github/collect

HTTP Response

204

HTTP Response

204

HTTP Request

POST https://collector.github.com/github/collect

HTTP Response

204

HTTP Request

POST https://collector.github.com/github/collect

HTTP Response

204

HTTP Request

POST https://collector.github.com/github/collect

HTTP Request

POST https://collector.github.com/github/collect

HTTP Response

204

HTTP Response

204

HTTP Request

POST https://collector.github.com/github/collect

HTTP Response

204

HTTP Request

POST https://collector.github.com/github/collect

HTTP Response

204
20.26.156.210:443

https://api.github.com/_private/browser/stats

tls, http2

msedge.exe

11.6kB
10.7kB
36
44

HTTP Request

POST https://api.github.com/_private/browser/stats

HTTP Response

200

HTTP Request

POST https://api.github.com/_private/browser/stats

HTTP Response

200

HTTP Request

POST https://api.github.com/_private/browser/stats

HTTP Response

200

HTTP Request

POST https://api.github.com/_private/browser/stats

HTTP Response

200

HTTP Request

POST https://api.github.com/_private/browser/stats

HTTP Response

200
185.199.108.133:443

https://raw.githubusercontent.com/Da2dalus/The-MALWARE-Repo/refs/heads/master/Ransomware/CoronaVirus.exe

tls, http2

msedge.exe

23.2kB
1.2MB
471
909

HTTP Request

GET https://raw.githubusercontent.com/Da2dalus/The-MALWARE-Repo/refs/heads/master/RAT/NJRat.exe

HTTP Response

200

HTTP Request

GET https://raw.githubusercontent.com/Da2dalus/The-MALWARE-Repo/refs/heads/master/RAT/CrimsonRAT.exe

HTTP Response

200

HTTP Request

GET https://raw.githubusercontent.com/Da2dalus/The-MALWARE-Repo/refs/heads/master/Ransomware/CoronaVirus.exe

HTTP Response

200
95.100.195.154:443

https://www.bing.com/fd/ls/lsp.aspx

tls, http

msedge.exe

53.6kB
48.4kB
73
95

HTTP Request

GET https://www.bing.com/qbox?query=free+minecraft&language=en-US&pt=EdgBox&cvid=da51f10fee9e4c68929b4d4f7a55def8&ig=8d63122ef7fb4ab39b34ab57453f4139&oit=4&cp=14&pgcl=4

HTTP Response

200

HTTP Request

GET https://www.bing.com/search?q=free+minecraft&cvid=da51f10fee9e4c68929b4d4f7a55def8&aqs=edge..69i57j0l6.3039j0j4&FORM=ANAB01&PC=U531

HTTP Response

200

HTTP Request

GET https://www.bing.com/fd/ls/l?IG=D0DCDB97B59A4F31AEB54F45F397A531&Type=Event.ClientInst&DATA=[{%22T%22:%22CI.BM%22,%22FID%22:%22CI%22,%22Name%22:%22HV%22}]

HTTP Response

200

HTTP Request

POST https://www.bing.com/fd/ls/lsp.aspx?

HTTP Response

204

HTTP Request

GET https://www.bing.com/fd/ls/l?IG=D0DCDB97B59A4F31AEB54F45F397A531&TYPE=Event.ClientInst&DATA=%5B%7B%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1735125826902%2C%22Name%22%3A%220%22%2C%22FID%22%3A%22DARKMODE%22%7D%5D

HTTP Response

200

HTTP Request

GET https://www.bing.com/images/sbi?mmasync=1&ig=D0DCDB97B59A4F31AEB54F45F397A531&iid=.5094&ptn=Web&ep=0&iconpl=1

HTTP Response

200

HTTP Request

GET https://www.bing.com/fd/ls/l?IG=D0DCDB97B59A4F31AEB54F45F397A531&Type=Event.ClientInst&DATA=[{%22T%22:%22CI.SERPSB%22,%22FID%22:%22CI%22,%22Name%22:%22CharCount%22,%22Text%22:%2214%22}]

HTTP Response

200

HTTP Request

GET https://www.bing.com/fd/ls/l?IG=D0DCDB97B59A4F31AEB54F45F397A531&TYPE=Event.ClientInst&DATA=%5B%7B%22T%22%3A%22CI.DevLoc%22%2C%22TS%22%3A1735125827154%2C%22Name%22%3A%22Perm_Available%22%2C%22FID%22%3A%22AutoPrompt%22%7D%5D

HTTP Response

200

HTTP Request

GET https://www.bing.com/fd/ls/l?IG=D0DCDB97B59A4F31AEB54F45F397A531&TYPE=Event.ClientInst&DATA=%5B%7B%22T%22%3A%22CI.DevLoc%22%2C%22TS%22%3A1735125827404%2C%22Name%22%3A%22BlockSuccess%22%2C%22FID%22%3A%22AutoPrompt%22%7D%5D

HTTP Response

200

HTTP Request

POST https://www.bing.com/fd/ls/lsp.aspx?

HTTP Response

204

HTTP Request

POST https://www.bing.com/fd/ls/GLinkPingPost.aspx?IG=D0DCDB97B59A4F31AEB54F45F397A531&ID=SERP,5130.2&url=https%3A%2F%2Fwww.bing.com%2Fck%2Fa%3F!%26%26p%3D44d1689868f0fb52755d18dc98d4a015a75ce938d34cba8c7bd7eda29c53abf0JmltdHM9MTczNTA4NDgwMA%26ptn%3D3%26ver%3D2%26hsh%3D4%26fclid%3D2338596c-7391-67de-3776-4c0c725866d5%26psq%3Dfree%2Bminecraft%26u%3Da1aHR0cHM6Ly93d3cubWNiYnMubmV0L2ZvcnVtLnBocD9tb2Q9Zm9ydW1kaXNwbGF5JmZpZD00NzkmdHlwZWlkPTEwMjgmb3JkZXJieT1sYXN0cG9zdCZ0eXBlaWQ9MTAyOCZvcmRlcmJ5PWxhc3Rwb3N0JmZpbHRlcj10eXBlaWQmcGFnZT00%26ntb%3D1

HTTP Response

200

HTTP Request

POST https://www.bing.com/fd/ls/lsp.aspx

HTTP Response

204
95.100.195.154:443

https://www.bing.com/fd/ls/l?IG=D0DCDB97B59A4F31AEB54F45F397A531&TYPE=Event.ClientInst&DATA=%5B%7B%22Text%22%3A%220%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1735125827154%2C%22Name%22%3A%22web%22%2C%22FID%22%3A%22DynScopeRank%22%7D%2C%7B%22Text%22%3A%221%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1735125827154%2C%22Name%22%3A%22images%22%2C%22FID%22%3A%22DynScopeRank%22%7D%2C%7B%22Text%22%3A%222%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1735125827154%2C%22Name%22%3A%22video%22%2C%22FID%22%3A%22DynScopeRank%22%7D%2C%7B%22Text%22%3A%223%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1735125827154%2C%22Name%22%3A%22local%22%2C%22FID%22%3A%22DynScopeRank%22%7D%2C%7B%22Text%22%3A%224%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1735125827154%2C%22Name%22%3A%22news%22%2C%22FID%22%3A%22DynScopeRank%22%7D%2C%7B%22Text%22%3A%225%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1735125827154%2C%22Name%22%3A%22shop%22%2C%22FID%22%3A%22DynScopeRank%22%7D%2C%7B%22Text%22%3A%226%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1735125827154%2C%22Name%22%3A%22flights%22%2C%22FID%22%3A%22DynScopeRank%22%7D%2C%7B%22Text%22%3A%227%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1735125827154%2C%22Name%22%3A%22travelhub%22%2C%22FID%22%3A%22DynScopeRank%22%7D%2C%7B%22Text%22%3A%228%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1735125827154%2C%22Name%22%3A%22hotels%22%2C%22FID%22%3A%22DynScopeRank%22%7D%2C%7B%22T%22%3A%22CI.DevLoc%22%2C%22TS%22%3A1735125827170%2C%22Name%22%3A%22Perm_Denied%22%2C%22FID%22%3A%22AutoPrompt%22%7D%5D

tls, http

msedge.exe

20.1kB
7.7kB
29
33

HTTP Request

GET https://www.bing.com/fd/ls/l?IG=D0DCDB97B59A4F31AEB54F45F397A531&Type=Event.CPT&DATA={%22pp%22:{%22S%22:%22L%22,%22FC%22:213,%22BC%22:213,%22SE%22:-1,%22TC%22:-1,%22H%22:345,%22BP%22:566,%22CT%22:570,%22IL%22:1},%22ad%22:[-1,-1,1263,601,1263,1710,0],%22net%22:%22undefined%22}&P=SERP&DA=DUBE01

HTTP Response

200

HTTP Request

GET https://www.bing.com/fd/ls/l?IG=D0DCDB97B59A4F31AEB54F45F397A531&TYPE=Event.ClientInst&DATA=%5B%7B%22T%22%3A%22CI.Init%22%2C%22TS%22%3A1735125826617%2C%22Name%22%3A%22Base%22%2C%22FID%22%3A%22CI%22%7D%2C%7B%22Rtt%22%3A%22150%22%2C%22Downlink%22%3A%225.4%22%2C%22T%22%3A%22CI.NetworkPerformance%22%2C%22TS%22%3A1735125826617%2C%22Name%22%3A%22timinginfo%22%2C%22FID%22%3A%22NetworkPerformanceDetails%22%7D%2C%7B%22T%22%3A%22CI.SCArrST%22%2C%22TS%22%3A1735125826877%2C%22Name%22%3A411%2C%22FID%22%3A%22SCArrST%22%7D%2C%7B%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1735125826896%2C%22Name%22%3A%220%22%2C%22FID%22%3A%22EdgeSpoofing%22%7D%2C%7B%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1735125826902%2C%22Name%22%3A%220%22%2C%22FID%22%3A%22DM%22%7D%5D

HTTP Response

200

HTTP Request

GET https://www.bing.com/fd/ls/l?IG=D0DCDB97B59A4F31AEB54F45F397A531&TYPE=Event.ClientInst&DATA=%5B%7B%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1735125826920%2C%22Name%22%3A%224g%22%2C%22FID%22%3A%22NTWKTYP%22%7D%5D

HTTP Response

200

HTTP Request

POST https://www.bing.com/rewardsapp/ncheader?ver=52270063&IID=SERP.5051&IG=D0DCDB97B59A4F31AEB54F45F397A531

HTTP Response

200

HTTP Request

GET https://www.bing.com/geolocation/write?isBlocked=true&sid=1237EDD3F7EE629C1C5CF8B3F6276339&clientsid=undefined

HTTP Response

200

HTTP Request

GET https://www.bing.com/fd/ls/l?IG=D0DCDB97B59A4F31AEB54F45F397A531&TYPE=Event.ClientInst&DATA=%5B%7B%22Text%22%3A%220%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1735125827154%2C%22Name%22%3A%22web%22%2C%22FID%22%3A%22DynScopeRank%22%7D%2C%7B%22Text%22%3A%221%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1735125827154%2C%22Name%22%3A%22images%22%2C%22FID%22%3A%22DynScopeRank%22%7D%2C%7B%22Text%22%3A%222%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1735125827154%2C%22Name%22%3A%22video%22%2C%22FID%22%3A%22DynScopeRank%22%7D%2C%7B%22Text%22%3A%223%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1735125827154%2C%22Name%22%3A%22local%22%2C%22FID%22%3A%22DynScopeRank%22%7D%2C%7B%22Text%22%3A%224%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1735125827154%2C%22Name%22%3A%22news%22%2C%22FID%22%3A%22DynScopeRank%22%7D%2C%7B%22Text%22%3A%225%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1735125827154%2C%22Name%22%3A%22shop%22%2C%22FID%22%3A%22DynScopeRank%22%7D%2C%7B%22Text%22%3A%226%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1735125827154%2C%22Name%22%3A%22flights%22%2C%22FID%22%3A%22DynScopeRank%22%7D%2C%7B%22Text%22%3A%227%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1735125827154%2C%22Name%22%3A%22travelhub%22%2C%22FID%22%3A%22DynScopeRank%22%7D%2C%7B%22Text%22%3A%228%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1735125827154%2C%22Name%22%3A%22hotels%22%2C%22FID%22%3A%22DynScopeRank%22%7D%2C%7B%22T%22%3A%22CI.DevLoc%22%2C%22TS%22%3A1735125827170%2C%22Name%22%3A%22Perm_Denied%22%2C%22FID%22%3A%22AutoPrompt%22%7D%5D

HTTP Response

200
95.100.195.164:443

th.bing.com

tls

msedge.exe

1.2kB
1.0kB
11
11
95.100.195.154:443

https://www.bing.com/fd/ls/l?IG=D0DCDB97B59A4F31AEB54F45F397A531&TYPE=Event.ClientInst&DATA=%5B%7B%22T%22%3A%22CI.DevLoc%22%2C%22TS%22%3A1735125827170%2C%22Name%22%3A%22tryBlock%22%2C%22FID%22%3A%22AutoPrompt%22%7D%5D

tls, http

msedge.exe

9.5kB
5.7kB
20
23

HTTP Request

POST https://www.bing.com/rewardsapp/reportActivity?IG=D0DCDB97B59A4F31AEB54F45F397A531&IID=SERP.5061&q=free+minecraft&cvid=da51f10fee9e4c68929b4d4f7a55def8&aqs=edge..69i57j0l6.3039j0j4&FORM=ANAB01&PC=U531

HTTP Response

200

HTTP Request

GET https://www.bing.com/fd/ls/l?IG=D0DCDB97B59A4F31AEB54F45F397A531&Type=Event.ClientInst&DATA=[{%22T%22:%22CI.FeedbackInit%22,%22FID%22:%22CI%22,%22Name%22:%22Feedback%22,%22Text%22:%22sb_feedback%22}]

HTTP Response

200

HTTP Request

GET https://www.bing.com/fd/ls/l?IG=D0DCDB97B59A4F31AEB54F45F397A531&TYPE=Event.ClientInst&DATA=%5B%7B%22T%22%3A%22CI.DevLoc%22%2C%22TS%22%3A1735125827170%2C%22Name%22%3A%22tryBlock%22%2C%22FID%22%3A%22AutoPrompt%22%7D%5D

HTTP Response

200
95.100.195.154:443

https://www.bing.com/fd/ls/l?IG=D0DCDB97B59A4F31AEB54F45F397A531&TYPE=Event.ClientInst&DATA=%5B%7B%22T%22%3A%22CI.DevLoc%22%2C%22TS%22%3A1735125827170%2C%22Name%22%3A%22block%22%2C%22FID%22%3A%22AutoPrompt%22%7D%5D

tls, http

msedge.exe

6.6kB
1.7kB
15
16

HTTP Request

GET https://www.bing.com/fd/ls/l?IG=D0DCDB97B59A4F31AEB54F45F397A531&Type=Event.ClientInst&DATA=[{%22T%22:%22CI.SERPSB%22,%22FID%22:%22CI%22,%22Name%22:%22LandingRows%22,%22Text%22:%221%22}]

HTTP Response

200

HTTP Request

GET https://www.bing.com/fd/ls/l?IG=D0DCDB97B59A4F31AEB54F45F397A531&TYPE=Event.ClientInst&DATA=%5B%7B%22T%22%3A%22CI.DevLoc%22%2C%22TS%22%3A1735125827170%2C%22Name%22%3A%22block%22%2C%22FID%22%3A%22AutoPrompt%22%7D%5D

HTTP Response

200
95.100.195.154:443

https://www.bing.com/fd/ls/lsp.aspx

tls, http

msedge.exe

11.0kB
6.3kB
23
25

HTTP Request

GET https://www.bing.com/fd/ls/l?IG=D0DCDB97B59A4F31AEB54F45F397A531&TYPE=Event.ClientInst&DATA=%5B%7B%22width%22%3A%221280%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1735125826932%2C%22Name%22%3A%22M%22%2C%22FID%22%3A%22BRW%22%7D%2C%7B%22height%22%3A%22601%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1735125826933%2C%22Name%22%3A%22S%22%2C%22FID%22%3A%22BRH%22%7D%2C%7B%22RawDPR%22%3A%221.0%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1735125826933%2C%22Name%22%3A%221.0%22%2C%22FID%22%3A%22DPR%22%7D%2C%7B%22correlationId%22%3A%22676beb436cf94ebd8683e18080ea77ed%22%2C%22T%22%3A%22CI.acclink%22%2C%22TS%22%3A1735125827072%2C%22Name%22%3A%22loadJsModule%22%2C%22FID%22%3A%22init%22%7D%2C%7B%22correlationId%22%3A%22676beb436cf94ebd8683e18080ea77ed%22%2C%22T%22%3A%22CI.acclink%22%2C%22TS%22%3A1735125827072%2C%22Name%22%3A%22undirectflow%22%2C%22FID%22%3A%22init%22%7D%2C%7B%22osBuildVersion%22%3A%5B%2210%22%2C%220%22%2C%2222000%22%5D%2C%22isWin11OrHigher%22%3A%22true%22%2C%22fullOsBuild%22%3A%2210.0.22000%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1735125827103%2C%22Name%22%3A%22OSBuild%22%2C%22FID%22%3A%22OSBuild%22%7D%2C%7B%22T%22%3A%22CI.DevLoc%22%2C%22TS%22%3A1735125827154%2C%22Name%22%3A%22PromptDevLoc%22%2C%22FID%22%3A%22AutoPrompt%22%7D%5D

HTTP Response

200

HTTP Request

GET https://www.bing.com/fd/ls/l?IG=D0DCDB97B59A4F31AEB54F45F397A531&TYPE=Event.ClientInst&DATA=%5B%7B%22T%22%3A%22CI.ASBundleLoad%22%2C%22TS%22%3A1735125827179%2C%22Name%22%3A%22AutoSuggestBootstrap%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22LoadTime%22%3A%221138.9999999955762%22%2C%22T%22%3A%22CI.AutosuggestBootstrapLoaded%22%2C%22TS%22%3A1735125827179%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22LoadTime%22%3A%221353.9999999920838%22%2C%22T%22%3A%22CI.AutosuggestJSBundleLoaded%22%2C%22TS%22%3A1735125827179%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22T%22%3A%22CI.Tab%22%2C%22TS%22%3A1735125827303%2C%22Name%22%3A%222%22%2C%22FID%22%3A%22count%22%7D%2C%7B%22Fallback%22%3A%221%22%2C%22IsRewardUser%22%3A%22%22%2C%22IsAutoOpenFlyout%22%3A%22%22%2C%22SuppressionReason%22%3A%22NoTrigger%3AMuidTrialNotEnoughPoints%22%2C%22FID%22%3A%22ModernRewardsFlyout%22%2C%22EventName%22%3A%22AutoOpenFlyoutFired%22%2C%22T%22%3A%22CI.Init%22%2C%22TS%22%3A1735125827372%2C%22Name%22%3A%22AutoOpenFlyoutFired%22%7D%5D

HTTP Response

200

HTTP Request

POST https://www.bing.com/fd/ls/lsp.aspx

HTTP Response

204
95.100.195.154:443

https://www.bing.com/fd/ls/lsp.aspx

tls, http

msedge.exe

21.4kB
10.6kB
33
36

HTTP Request

GET https://www.bing.com/fd/ls/l?IG=D0DCDB97B59A4F31AEB54F45F397A531&Type=Event.ClientInst&DATA=[{%22T%22:%22CI.BM%22,%22FID%22:%22CI%22,%22Name%22:%22HV%22}]

HTTP Response

200

HTTP Request

GET https://www.bing.com/ck/a?!&&p=44d1689868f0fb52755d18dc98d4a015a75ce938d34cba8c7bd7eda29c53abf0JmltdHM9MTczNTA4NDgwMA&ptn=3&ver=2&hsh=4&fclid=2338596c-7391-67de-3776-4c0c725866d5&psq=free+minecraft&u=a1aHR0cHM6Ly93d3cubWNiYnMubmV0L2ZvcnVtLnBocD9tb2Q9Zm9ydW1kaXNwbGF5JmZpZD00NzkmdHlwZWlkPTEwMjgmb3JkZXJieT1sYXN0cG9zdCZ0eXBlaWQ9MTAyOCZvcmRlcmJ5PWxhc3Rwb3N0JmZpbHRlcj10eXBlaWQmcGFnZT00&ntb=1

HTTP Response

200

HTTP Request

GET https://www.bing.com/ck/a?!&&p=44d1689868f0fb52755d18dc98d4a015a75ce938d34cba8c7bd7eda29c53abf0JmltdHM9MTczNTA4NDgwMA&ptn=3&ver=2&hsh=4&fclid=2338596c-7391-67de-3776-4c0c725866d5&psq=free+minecraft&u=a1aHR0cHM6Ly93d3cubWNiYnMubmV0L2ZvcnVtLnBocD9tb2Q9Zm9ydW1kaXNwbGF5JmZpZD00NzkmdHlwZWlkPTEwMjgmb3JkZXJieT1sYXN0cG9zdCZ0eXBlaWQ9MTAyOCZvcmRlcmJ5PWxhc3Rwb3N0JmZpbHRlcj10eXBlaWQmcGFnZT00&ntb=F

HTTP Response

302

HTTP Request

GET https://www.bing.com/ck/a?!&&p=44d1689868f0fb52755d18dc98d4a015a75ce938d34cba8c7bd7eda29c53abf0JmltdHM9MTczNTA4NDgwMA&ptn=3&ver=2&hsh=4&fclid=2338596c-7391-67de-3776-4c0c725866d5&psq=free+minecraft&u=a1aHR0cHM6Ly93d3cubWNiYnMubmV0L2ZvcnVtLnBocD9tb2Q9Zm9ydW1kaXNwbGF5JmZpZD00NzkmdHlwZWlkPTEwMjgmb3JkZXJieT1sYXN0cG9zdCZ0eXBlaWQ9MTAyOCZvcmRlcmJ5PWxhc3Rwb3N0JmZpbHRlcj10eXBlaWQmcGFnZT00&ntb=F

HTTP Response

302

HTTP Request

GET https://www.bing.com/fd/ls/l?IG=7AAC67B96C9140B491DCA5B62937FD8E&CID=2338596C739167DE37764C0C725866D5&TYPE=Event.TabFocusChanged&DATA=%5B%7B%22T%22%3A%22CI.TabFocusChanged%22%2C%22TS%22%3A1735125856410%2C%22Name%22%3A%22visible%22%2C%22FID%22%3A%22TabFocused%22%7D%5D

HTTP Response

200

HTTP Request

POST https://www.bing.com/fd/ls/lsp.aspx

HTTP Response

204

HTTP Request

POST https://www.bing.com/fd/ls/lsp.aspx

HTTP Response

204
58.144.195.97:443

www.mcbbs.net

tls

msedge.exe

1.0kB
476 B
11
11
58.144.195.97:443

www.mcbbs.net

tls

msedge.exe

1.0kB
476 B
11
11
58.144.195.97:443

www.mcbbs.net

tls

msedge.exe

1.0kB
476 B
11
11
185.136.161.124:6128

dlrarhsiva.exe

466 B
412 B
10
10
20.26.156.215:443

https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Ransomware/RedEye.exe

tls, http2

msedge.exe

3.8kB
35.5kB
34
48

HTTP Request

GET https://github.com/Da2dalus/The-MALWARE-Repo/tree/master/Ransomware?noancestors=1

HTTP Response

200

HTTP Request

GET https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Ransomware/CoronaVirus.exe

HTTP Response

200

HTTP Request

GET https://github.com/Da2dalus/The-MALWARE-Repo/latest-commit/master/Ransomware/CoronaVirus.exe

HTTP Request

GET https://github.com/Da2dalus/The-MALWARE-Repo/deferred-metadata/master/Ransomware/CoronaVirus.exe

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://github.com/Da2dalus/The-MALWARE-Repo/raw/refs/heads/master/Ransomware/CoronaVirus.exe

HTTP Response

302

HTTP Request

GET https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Ransomware/RedEye.exe

HTTP Response

200
20.26.156.210:443

https://api.github.com/_private/browser/stats

tls, http2

msedge.exe

3.8kB
8.0kB
22
28

HTTP Request

POST https://api.github.com/_private/browser/stats

HTTP Response

200

HTTP Request

POST https://api.github.com/_private/browser/stats

HTTP Response

200

HTTP Request

POST https://api.github.com/_private/browser/stats

HTTP Response

200
20.26.156.215:443

https://github.com/Da2dalus/The-MALWARE-Repo/deferred-metadata/master/Ransomware/RedEye.exe

tls, http2

msedge.exe

3.1kB
24.2kB
25
36

HTTP Request

GET https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Ransomware/RedEye.exe

HTTP Response

200

HTTP Request

GET https://github.com/Da2dalus/The-MALWARE-Repo/raw/refs/heads/master/Ransomware/CoronaVirus.exe

HTTP Response

302

HTTP Request

GET https://github.com/Da2dalus/The-MALWARE-Repo/latest-commit/master/Ransomware/RedEye.exe

HTTP Request

GET https://github.com/Da2dalus/The-MALWARE-Repo/deferred-metadata/master/Ransomware/RedEye.exe

HTTP Response

200

HTTP Response

200
140.82.112.21:443

https://collector.github.com/github/collect

tls, http2

msedge.exe

30.1kB
18.1kB
83
91

HTTP Request

POST https://collector.github.com/github/collect

HTTP Request

POST https://collector.github.com/github/collect

HTTP Response

204

HTTP Response

204

HTTP Request

POST https://collector.github.com/github/collect

HTTP Response

204

HTTP Request

POST https://collector.github.com/github/collect

HTTP Request

POST https://collector.github.com/github/collect

HTTP Response

204

HTTP Response

204

HTTP Request

POST https://collector.github.com/github/collect

HTTP Request

POST https://collector.github.com/github/collect

HTTP Response

204

HTTP Request

POST https://collector.github.com/github/collect

HTTP Response

204

HTTP Response

204

HTTP Request

POST https://collector.github.com/github/collect

HTTP Response

204

HTTP Request

POST https://collector.github.com/github/collect

HTTP Response

204

HTTP Request

POST https://collector.github.com/github/collect

HTTP Response

204

HTTP Request

POST https://collector.github.com/github/collect

HTTP Request

POST https://collector.github.com/github/collect

HTTP Response

204

HTTP Response

204

HTTP Request

POST https://collector.github.com/github/collect

HTTP Response

204

HTTP Request

POST https://collector.github.com/github/collect

HTTP Request

POST https://collector.github.com/github/collect

HTTP Response

204

HTTP Response

204

HTTP Request

POST https://collector.github.com/github/collect

HTTP Response

204

HTTP Request

POST https://collector.github.com/github/collect

HTTP Request

POST https://collector.github.com/github/collect

HTTP Response

204

HTTP Response

204
140.82.112.21:443

collector.github.com

msedge.exe

144 B
92 B
3
2
2.19.252.146:443

https://aefd.nelreports.net/api/report?cat=bingaotak

tls, http

msedge.exe

1.9kB
1.8kB
17
19

HTTP Request

OPTIONS https://aefd.nelreports.net/api/report?cat=bingaotak

HTTP Response

200
185.136.161.124:6128

dlrarhsiva.exe

466 B
412 B
10
10
20.26.156.215:443

https://github.com/Da2dalus/The-MALWARE-Repo/raw/refs/heads/master/Trojan/MrsMajors/MrsMajor3.0.exe

tls, http2

msedge.exe

5.5kB
69.4kB
54
84

HTTP Request

GET https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Ransomware/WannaCrypt0r.exe

HTTP Response

200

HTTP Request

GET https://github.com/Da2dalus/The-MALWARE-Repo/latest-commit/master/Ransomware/WannaCrypt0r.exe

HTTP Request

GET https://github.com/Da2dalus/The-MALWARE-Repo/deferred-metadata/master/Ransomware/WannaCrypt0r.exe

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Ransomware/WannaCry.exe

HTTP Response

200

HTTP Request

GET https://github.com/Da2dalus/The-MALWARE-Repo/latest-commit/master/Ransomware/WannaCry.exe

HTTP Request

GET https://github.com/Da2dalus/The-MALWARE-Repo/deferred-metadata/master/Ransomware/WannaCry.exe

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://github.com/Da2dalus/The-MALWARE-Repo/raw/refs/heads/master/Ransomware/WannaCry.exe

HTTP Response

302

HTTP Request

GET https://github.com/Da2dalus/The-MALWARE-Repo/tree/master/Trojan?noancestors=1

HTTP Response

200

HTTP Request

GET https://github.com/Da2dalus/The-MALWARE-Repo/tree/master/Trojan/MrsMajors?noancestors=1

HTTP Response

200

HTTP Request

GET https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Trojan/MrsMajors/MrsMajor3.0.exe

HTTP Response

200

HTTP Request

GET https://github.com/Da2dalus/The-MALWARE-Repo/latest-commit/master/Trojan/MrsMajors/MrsMajor3.0.exe

HTTP Request

GET https://github.com/Da2dalus/The-MALWARE-Repo/deferred-metadata/master/Trojan/MrsMajors/MrsMajor3.0.exe

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://github.com/Da2dalus/The-MALWARE-Repo/raw/refs/heads/master/Trojan/MrsMajors/MrsMajor3.0.exe

HTTP Response

302
20.26.156.210:443

https://api.github.com/_private/browser/stats

tls, http2

msedge.exe

4.4kB
9.2kB
27
34

HTTP Request

POST https://api.github.com/_private/browser/stats

HTTP Response

200

HTTP Request

POST https://api.github.com/_private/browser/stats

HTTP Response

200

HTTP Request

POST https://api.github.com/_private/browser/stats

HTTP Response

200

HTTP Request

POST https://api.github.com/_private/browser/stats

HTTP Response

200
185.199.108.133:443

https://raw.githubusercontent.com/Da2dalus/The-MALWARE-Repo/refs/heads/master/Trojan/MEMZ.exe

tls, http2

msedge.exe

16.4kB
792.4kB
319
616

HTTP Request

GET https://raw.githubusercontent.com/Da2dalus/The-MALWARE-Repo/refs/heads/master/Ransomware/WannaCry.exe

HTTP Response

200

HTTP Request

GET https://raw.githubusercontent.com/Da2dalus/The-MALWARE-Repo/refs/heads/master/Trojan/MrsMajors/MrsMajor3.0.exe

HTTP Response

200

HTTP Request

GET https://raw.githubusercontent.com/Da2dalus/The-MALWARE-Repo/refs/heads/master/Trojan/ArcticBomb.exe

HTTP Response

200

HTTP Request

GET https://raw.githubusercontent.com/Da2dalus/The-MALWARE-Repo/refs/heads/master/Trojan/MEMZ.exe

HTTP Response

200
127.0.0.1:9050

!WannaDecryptor!.exe
127.0.0.1:9150

!WannaDecryptor!.exe
127.0.0.1:9050

!WannaDecryptor!.exe
127.0.0.1:9150

!WannaDecryptor!.exe
127.0.0.1:9050

!WannaDecryptor!.exe
127.0.0.1:9150

!WannaDecryptor!.exe
20.26.156.215:443

https://github.com/Da2dalus/The-MALWARE-Repo/raw/refs/heads/master/Trojan/MrsMajors/MrsMajor3.0.exe

tls, http2

msedge.exe

2.4kB
12.5kB
16
23

HTTP Request

GET https://github.com/Da2dalus/The-MALWARE-Repo/raw/refs/heads/master/Trojan/MrsMajors/MrsMajor3.0.exe

HTTP Response

302

HTTP Request

GET https://github.com/Da2dalus/The-MALWARE-Repo/raw/refs/heads/master/Trojan/MrsMajors/MrsMajor3.0.exe

HTTP Response

302
127.0.0.1:9050

!WannaDecryptor!.exe
127.0.0.1:9150

!WannaDecryptor!.exe
185.136.161.124:6128

dlrarhsiva.exe

374 B
332 B
8
8
127.0.0.1:9050

!WannaDecryptor!.exe
127.0.0.1:9150

!WannaDecryptor!.exe
127.0.0.1:9050

!WannaDecryptor!.exe
127.0.0.1:9150

!WannaDecryptor!.exe
127.0.0.1:9050

!WannaDecryptor!.exe
127.0.0.1:9150

!WannaDecryptor!.exe
127.0.0.1:9050

!WannaDecryptor!.exe
127.0.0.1:9150

!WannaDecryptor!.exe
142.250.75.238:443

drive.google.com

tls

eulascr.exe

902 B
8.9kB
9
11
142.250.74.225:443

drive.usercontent.google.com

tls

eulascr.exe

932 B
10.9kB
9
12
20.26.156.215:443

https://github.com/Da2dalus/The-MALWARE-Repo/raw/refs/heads/master/Trojan/MEMZ.exe

tls, http2

msedge.exe

4.5kB
47.5kB
43
68

HTTP Request

GET https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Trojan/ArcticBomb.exe

HTTP Response

200

HTTP Request

GET https://github.com/Da2dalus/The-MALWARE-Repo/latest-commit/master/Trojan/ArcticBomb.exe

HTTP Request

GET https://github.com/Da2dalus/The-MALWARE-Repo/deferred-metadata/master/Trojan/ArcticBomb.exe

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://github.com/Da2dalus/The-MALWARE-Repo/raw/refs/heads/master/Trojan/ArcticBomb.exe

HTTP Response

302

HTTP Request

GET https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Trojan/MEMZ.exe

HTTP Response

200

HTTP Request

GET https://github.com/Da2dalus/The-MALWARE-Repo/latest-commit/master/Trojan/MEMZ.exe

HTTP Request

GET https://github.com/Da2dalus/The-MALWARE-Repo/deferred-metadata/master/Trojan/MEMZ.exe

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://github.com/Da2dalus/The-MALWARE-Repo/raw/refs/heads/master/Trojan/MEMZ.exe

HTTP Response

302

HTTP Request

GET https://github.com/Da2dalus/The-MALWARE-Repo/raw/refs/heads/master/Trojan/MEMZ.exe

HTTP Response

302
20.26.156.210:443

https://api.github.com/_private/browser/stats

tls, http2

msedge.exe

2.6kB
5.5kB
13
17

HTTP Request

POST https://api.github.com/_private/browser/stats

HTTP Response

200
185.136.161.124:6128

dlrarhsiva.exe

98 B
92 B
2
2

8.8.8.8:53

google.com

dns

msedge.exe

56 B
72 B
1
1

DNS Request

google.com

DNS Response

216.58.214.174
8.8.8.8:53

google.com

dns

msedge.exe

56 B
72 B
1
1

DNS Request

google.com

DNS Response

216.58.214.174
8.8.8.8:53

71.159.190.20.in-addr.arpa

dns

2.7kB
6.3kB
39
39

DNS Request

71.159.190.20.in-addr.arpa

DNS Request

www.bing.com

DNS Response

95.100.195.138

95.100.195.140

95.100.195.134

95.100.195.139

95.100.195.133

95.100.195.137

95.100.195.148

95.100.195.145

95.100.195.146

DNS Request

189.195.100.95.in-addr.arpa

DNS Request

134.252.19.2.in-addr.arpa

DNS Request

login.live.com

DNS Response

20.190.159.71

40.126.31.67

20.190.159.2

20.190.159.4

40.126.31.73

40.126.31.69

20.190.159.0

20.190.159.75

DNS Request

github.com

DNS Response

20.26.156.215

DNS Request

github.githubassets.com

DNS Response

185.199.109.154

185.199.111.154

185.199.110.154

185.199.108.154

DNS Request

github-cloud.s3.amazonaws.com

DNS Response

52.216.218.73

3.5.29.209

16.182.106.9

54.231.236.209

52.217.137.145

52.217.135.129

16.15.192.156

52.216.212.233

DNS Request

133.111.199.185.in-addr.arpa

DNS Request

210.156.26.20.in-addr.arpa

DNS Request

133.108.199.185.in-addr.arpa

DNS Request

startitit2-23969.portmap.host

DNS Request

www.bing.com

DNS Response

95.100.195.154

95.100.195.145

95.100.195.151

95.100.195.152

95.100.195.159

95.100.195.144

95.100.195.142

95.100.195.149

95.100.195.146

DNS Request

r.bing.com

DNS Response

95.100.195.187

95.100.195.179

95.100.195.185

95.100.195.189

95.100.195.175

95.100.195.180

95.100.195.186

95.100.195.188

95.100.195.176

DNS Request

164.195.100.95.in-addr.arpa

DNS Request

97.195.144.58.in-addr.arpa

DNS Request

startitit2-23969.portmap.host

DNS Request

124.161.136.185.in-addr.arpa

DNS Request

startitit2-23969.portmap.host

DNS Request

startitit2-23969.portmap.host

DNS Request

startitit2-23969.portmap.host

DNS Request

collector.github.com

DNS Response

140.82.112.21

DNS Request

21.112.82.140.in-addr.arpa

DNS Request

startitit2-23969.portmap.host

DNS Request

startitit2-23969.portmap.host

DNS Request

146.252.19.2.in-addr.arpa

DNS Request

startitit2-23969.portmap.host

DNS Request

startitit2-23969.portmap.host

DNS Request

api.github.com

DNS Response

20.26.156.210

DNS Request

github.com

DNS Response

20.26.156.215

DNS Request

startitit2-23969.portmap.host

DNS Request

startitit2-23969.portmap.host

DNS Request

startitit2-23969.portmap.host

DNS Request

startitit2-23969.portmap.host

DNS Request

startitit2-23969.portmap.host

DNS Request

startitit2-23969.portmap.host

DNS Request

9.173.189.20.in-addr.arpa

DNS Request

drive.google.com

DNS Request

drive.google.com

DNS Response

142.250.75.238

DNS Response

142.250.75.238
8.8.8.8:53

83.210.23.2.in-addr.arpa

dns

1.6kB
4.3kB
24
24

DNS Request

83.210.23.2.in-addr.arpa

DNS Request

148.195.100.95.in-addr.arpa

DNS Request

th.bing.com

DNS Response

95.100.195.175

95.100.195.187

95.100.195.171

95.100.195.186

95.100.195.181

95.100.195.177

95.100.195.183

95.100.195.179

95.100.195.172

DNS Request

175.195.100.95.in-addr.arpa

DNS Request

login.microsoftonline.com

DNS Response

20.190.159.68

20.190.159.2

40.126.31.67

40.126.31.71

20.190.159.73

20.190.159.71

20.190.159.75

40.126.31.69

DNS Request

www2.bing.com

DNS Response

204.79.197.237

13.107.21.237

DNS Request

ctldl.windowsupdate.com

DNS Response

2.23.210.83

2.23.210.88

DNS Request

user-images.githubusercontent.com

DNS Response

185.199.110.133

185.199.108.133

185.199.109.133

185.199.111.133

DNS Request

154.109.199.185.in-addr.arpa

DNS Request

api.github.com

DNS Response

20.26.156.210

DNS Request

raw.githubusercontent.com

DNS Response

185.199.108.133

185.199.109.133

185.199.110.133

185.199.111.133

DNS Request

ctldl.windowsupdate.com

DNS Response

2.23.210.83

2.23.210.88

DNS Request

startitit2-23969.portmap.host

DNS Request

www.bing.com

DNS Response

95.100.195.144

95.100.195.137

95.100.195.145

95.100.195.194

95.100.195.140

95.100.195.142

95.100.195.193

95.100.195.138

95.100.195.195

DNS Request

154.195.100.95.in-addr.arpa

DNS Request

startitit2-23969.portmap.host

DNS Request

11.227.111.52.in-addr.arpa

DNS Request

www.bing.com

DNS Response

95.100.195.138

95.100.195.145

95.100.195.134

95.100.195.139

95.100.195.144

95.100.195.142

95.100.195.133

95.100.195.146

95.100.195.137

DNS Request

startitit2-23969.portmap.host

DNS Request

startitit2-23969.portmap.host

DNS Request

startitit2-23969.portmap.host

DNS Request

api.github.com

DNS Response

20.26.156.210

DNS Request

api.github.com

DNS Response

20.26.156.210

DNS Request

api.github.com

DNS Response

20.26.156.210
224.0.0.251:5353

msedge.exe

507 B
8
2.19.252.134:443

aefd.nelreports.net

https

msedge.exe

6.9kB
5
8.8.8.8:53

225.74.250.142.in-addr.arpa

dns

864 B
1.8kB
12
12

DNS Request

225.74.250.142.in-addr.arpa

DNS Request

startitit2-23969.portmap.host

DNS Request

startitit2-23969.portmap.host

DNS Request

api.github.com

DNS Response

20.26.156.210

DNS Request

github.com

DNS Response

20.26.156.215

DNS Request

startitit2-23969.portmap.host

DNS Request

startitit2-23969.portmap.host

DNS Request

startitit2-23969.portmap.host

DNS Request

startitit2-23969.portmap.host

DNS Request

startitit2-23969.portmap.host

DNS Request

startitit2-23969.portmap.host

DNS Request

startitit2-23969.portmap.host

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Windows Management Instrumentation

T1047

Persistence

Boot or Logon Autostart Execution

T1547

Registry Run Keys / Startup Folder

T1547.001

Create or Modify System Process

T1543

Windows Service

T1543.003

Event Triggered Execution

T1546

Netsh Helper DLL

T1546.007

Pre-OS Boot

T1542

Bootkit

T1542.003

Privilege Escalation

Abuse Elevation Control Mechanism

T1548

Bypass User Account Control

T1548.002

Boot or Logon Autostart Execution

T1547

Registry Run Keys / Startup Folder

T1547.001

Create or Modify System Process

T1543

Windows Service

T1543.003

Event Triggered Execution

T1546

Netsh Helper DLL

T1546.007

Defense Evasion

Abuse Elevation Control Mechanism

T1548

Bypass User Account Control

T1548.002

Direct Volume Access

T1006

Impair Defenses

T1562

Disable or Modify System Firewall

T1562.004

Disable or Modify Tools

T1562.001

Indicator Removal

T1070

File Deletion

T1070.004

Modify Registry

T1112

Pre-OS Boot

T1542

Bootkit

T1542.003

Subvert Trust Controls

T1553

SIP and Trust Provider Hijacking

T1553.003

Credential Access

Credentials from Password Stores

T1555

Credentials from Web Browsers

T1555.003

Windows Credential Manager

T1555.004

Unsecured Credentials

T1552

Credentials In Files

T1552.001

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Data from Local System

T1005

Command and Control

Web Service

T1102

Exfiltration

Impact

Defacement

T1491

Inhibit System Recovery

T1490

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Program Files\Common Files\microsoft shared\ClickToRun\AppvIsvSubsystems32.dll.id-4B62598E.[coronavirus@qq.com].ncov

Filesize
2.7MB

MD5
d6e643eda5bc03ca38267a1f200be132

SHA1
05012121e83a1317a131c5f7f4e31e2dd5873f90

SHA256
1d254c7a82e1baa38859128101d646d5e18ba6bee9e87426c64dfee64e1fcd17

SHA512
61696f563dc5f98b992c1c955e075a41a43b88bcd569090ef681db250eb6287aea2c84c5adfd07fb4404f0a918571eb395c04fedd7956746fdae9bb675a4c6e3

Download Submit
C:\ProgramData\Hdlharas\dlrarhsiva.exe

Filesize
9.1MB

MD5
64261d5f3b07671f15b7f10f2f78da3f

SHA1
d4f978177394024bb4d0e5b6b972a5f72f830181

SHA256
87f51b4632c5fbc351a59a234dfefef506d807f2c173aac23162b85d0d73c2ad

SHA512
3a9ff39e6bc7585b0b03f7327652e4c3b766563e8b183c25b6497e30956945add5684f1579862117e44c6bac2802601fc7c4d2a0daa1824f16c4da1fd6c9c91a

Download Submit
C:\ProgramData\Hdlharas\mdkhm.zip

Filesize
56KB

MD5
b635f6f767e485c7e17833411d567712

SHA1
5a9cbdca7794aae308c44edfa7a1ff5b155e4aa8

SHA256
6838286fb88e9e4e68882601a13fa770f1b510a0a86389b6a29070a129bf2e5e

SHA512
551ba05bd44e66685f359802b35a8c9775792a12844906b4b53e1a000d56624c6db323754331c9f399072790991c1b256d9114a50fb78111652a1c973d2880af

Download Submit
C:\Recovery\WindowsRE\!WannaDecryptor!.exe.lnk

Filesize
590B

MD5
e3b2f44eebca4fb56fa87b3ca91902b9

SHA1
f233f5dab7fbfde1efa664f57589e8f98e8366b1

SHA256
6ab6e4fe2bd51fb2a08bf92a7f89b35062e37becefb656693bd5777f1f00cf59

SHA512
5e17601f4891db526edb34961d639fdf9522e4aa01da5607467ba77b8feda5adc3dc69d14d13d3525192737949d2217fb29baaf4305e9ec4a81a39dd31c357d4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\CLR_v2.0_32\UsageLogs\NJRat.exe.log

Filesize
319B

MD5
2a0834560ed3770fc33d7a42f8229722

SHA1
c8c85f989e7a216211cf9e4ce90b0cc95354aa53

SHA256
8aa2d836004258f1a1195dc4a96215b685aed0c46a261a2860625d424e9402b6

SHA512
c5b64d84e57eb8cc387b5feedf7719f1f7ae21f6197169f5f73bc86deddb538b9af3c9952c94c4f69ae956e1656d11ab7441c292d2d850a4d2aaa9ec678f8e82

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
826c7cac03e3ae47bfe2a7e50281605e

SHA1
100fbea3e078edec43db48c3312fbbf83f11fca0

SHA256
239b1d7cc6f76e1d1832b0587664f114f38a21539cb8548e25626ed5053ea2ab

SHA512
a82f3c817a6460fd8907a4ac6ab37c2129fb5466707edcfb565c255680d7f7212a5669fe2a42976150f16e4e549ea8310078f22ed35514ee1b7b45b46d8cc96e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
02a4b762e84a74f9ee8a7d8ddd34fedb

SHA1
4a870e3bd7fd56235062789d780610f95e3b8785

SHA256
366e497233268d7cdf699242e4b2c7ecc1999d0a84e12744f5af2b638e9d86da

SHA512
19028c45f2e05a0cb32865a2554513c1536bf9da63512ff4e964c94a3e171f373493c7787d2d2a6df8012648bbefab63a9de924f119c50c39c727cf81bdc659f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000016

Filesize
31KB

MD5
29a37b6532a7acefa7580b826f23f6dd

SHA1
a0f4f3a1c5e159b6e2dadaa6615c5e4eb762479f

SHA256
7a84dd83f4f00cf0723b76a6a56587bdce6d57bd8024cc9c55565a442806cf69

SHA512
a54e2b097ffdaa51d49339bd7d15d6e8770b02603e3c864a13e5945322e28eb2eebc32680c6ddddbad1d9a3001aa02e944b6cef86d4a260db7e4b50f67ac9818

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
3KB

MD5
fe3c550649d67d85bdfe641bbe20b646

SHA1
ac931a90f79114a0242d24a347cd5990c508191d

SHA256
19de38ce334c3b72f2f9d06427d066bf5cb41678bfdea4d905b60628f569d02e

SHA512
83c4b8069002a24a9998ddb1662edd068c649d851554883d512cffba23c14f71284f365843118d0413218aa25aca7234c8fde8ed383227c55081c6e9674ef9a1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
3KB

MD5
178ff0b580b880f6848fc3586a128511

SHA1
135db9c4ad78ce7617a4f2e91f12fee7074a3011

SHA256
436bf13cfb1d7c0e6d3da5a2e4b34cb17c04f7a6feb4fcdf890977054fc1d064

SHA512
594c9fea6df9dd60a154afef7f415a9b1398f7036c9936a11b9ba38beeca92c577423d4fc2b14d7ddc5d453ae6a738ca74344b5baa9ff2cbe9ae018959024a1b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
09b27b1dbe00c2f9aa2b43d9b20aff31

SHA1
43bf165c8a232b247a25e726810806e48e0018fa

SHA256
5cf7813839a1c9c87fe2d1075ad873c1eb0dbfbb37b819c00d08adbd9a14ad5c

SHA512
0ee1929f33b07ba8f5aa32ef0556fe790e5d59b731f6c2a2d9ce4b50f7231fc2f10a8ce983df8a8dfd6d8d58525cbc8aabec0b549a52b0760ef254ea01736ad7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1009B

MD5
8ef5e59e32213bc65062bf4f5383da63

SHA1
6e09fed7de64ba317a35ecbef8fd4c816d582fea

SHA256
8ab1d408dd9292d1d614db82d70f1eefd70b4744e8e83f8a3ce6643e0a11135e

SHA512
0fc042dd0bb4f8c3f04ff5956e7da9fa6283104eca2aae4c35c61be8b510c0aff2c9ade7c40b546f6c28503567e5c01ed4caaba741cd2013ad3aaf2a27cc26ce

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
805a973d4b688604bb9b9ccb247008d7

SHA1
7ecf8cb8df34b8a75133e658c2c9d5d751b6f89d

SHA256
583caec7ca00a66544e5ab93198fea0c252b2d09b60fd9af6320aa7a11c9252f

SHA512
7492b5d8a3bb14eb15519fe1329ebd30b3513b3086155c6e84eec4049870cda15ece434b456040ce4cd51245f58fdf9d49b9337e7d7163c91366f8d3534ee985

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
d398dadfda20eb5ca9558a926088374c

SHA1
8f61e32136b1dae0d9c89559cb0cc6d1a0f2c561

SHA256
11cf6f4a65c21fd91e696e71d1b1706bdb6b12413bb158fafbf663bb28b14130

SHA512
8ad9f0d18a1ee3c76d7d5785d9033c6111061130ff3a0a779ca946caa2d84381a5928e2b06544b427232824009a4c71488dde4ac2b207dfeac38ab83ceaf0ed3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
fd5245f02ede02323ed0e68ab515df81

SHA1
b3d368979be186aa0998f202ebda0333a2acfe96

SHA256
fa2742835746378eefcf9248784763bde4004cc7dcff8a7830d85f5f59045383

SHA512
6896cd32f3569bd07886f36b04fee7b9c6b85900c04ca47f05ede24b6b7d453d3698fad438710998c722d29d0169e6fb24379fb2ae99ba07087b9d122404fe84

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
12b18637529b3c0264d7943aeec4ce30

SHA1
cea46ec6ab8b9d045a1bb1d4f64c82613166a8b2

SHA256
2a9ee6db0be1ed3e7cb654bdf80f8df4624e07d788c920a2f0cc5b76cc8afe0f

SHA512
92017afa65ffc9926a7b7e602deb63f77a8246f74132e58b3b073a6f0c7060834afca2b429e0f6a97047a1398c4328c549a19c1b0139369ec1ffb98b8cd5a2f0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
8dae3e6e1ab90971c27795b3fb59651c

SHA1
d9c25a9e429536469db19c46e2af128aa26de502

SHA256
f418086bc4f73a54db6bfb8c5fc1210758f7d17fa9a0d0c28f613809fd5284e1

SHA512
f4dd3d4e4c20a57254f416f566ab68e7a580058d05728bccbe80db784eff5270ac37000e8ba1a5122c9c7991b6485a2a7a849ed83734346da668df4c42b91024

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
dc3bf82ef6a4eecfb0741ddb21b63f47

SHA1
254de49810839317667834fde69b14212b40eea8

SHA256
bbe279bd33a4fa40c8ffa7002881933e07c909549199129ac1590de5d92af267

SHA512
9459da1817c0968c8d2e30225b32b3dc70aa787e3c42f089adc4d4ca8ba1d895adf02936f559ec436a868bc7c9d1fda1f74a1e4bb609d078eecdc9996d4d0b9f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
45cd6f120eb5970bbfba9c7d67dd2540

SHA1
4694eff4c83c935e222c1a41a0f5c68721a321b0

SHA256
45b2e478f753b67894c757aae10bbbcae4fd53a66af96e68729d616e8d2df4ca

SHA512
d5cb557d0404f80efd86c33f1c53511c9c0986b8310dc28c783f98d417fc5f763cf6c8d43aaf2079e9fb076c869b143aa51ee35b1de4e6a9bafc159af37ae7fa

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
f02483a2e725046f0cd5c57d18d0130b

SHA1
8658466f8e18d62fd4cee2ad6c34f0524d10261d

SHA256
cbc27ba86a87332459fa888e2c66c277e095831fbd8227b84fe156aaa4c4db9e

SHA512
184bc7c7ea858ea3e472687a0fc8b5ecb3970250c31dbfd835d0ca8629f60fe0d64e9552a9afb86728870a31d1e9833d54cde9ac680384c4bdf5ed5514251856

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
abf2a188a683d74e1d398b88107d49d8

SHA1
e048d5351e1aed8bb4fb10ba89e1acab8cc3f16b

SHA256
ed4c36f9cb928a690a4b574697a2e30054d62ffa2ea43c09085dd0934ec4fc2c

SHA512
c29a3b4dd1e87d36ca1475a99c1f6d6ac0aaba0016dd83d4a3ba984e2e49205677edf0a86b1b4b702d7c513d9717d4c7222e022a986fcc82e269674463ab40b4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
cbc555c27f3b81c0bc6baff4101490ce

SHA1
9c14f5266e7b0a36989afa82aed31b90846f3fe1

SHA256
aba2b8b2e791e98c53a6fcda002a1a7135568011d0b982782d72f73c2ea8a47b

SHA512
7bcc93db923592d1feadff22703f0ef25070cb59edd8f45a6c98fd802e4dc488b1888ee9c6622bbf490b5690aa45a617758901dfe7eb52389cbf7f51b1252f2a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
a7d98d6698116fcdab7c597b4585d54b

SHA1
09e3f5dec43719f1209e46e9c5bd978d2e924c89

SHA256
f017431e3c8b1ea3f3528e665a00e7b2c663cb906b763b7b9a29d172ba24064e

SHA512
60ad5f9a78fb36c2647b93347bb09bbb07b9a51d8652ee4e27839e4c0382804ad6109d67893390d47e2c38192f5d074d52e7f80e3069a90da7aa1a797372194e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
21d92ef4a254c932d7fd5a4309bcbfd5

SHA1
6652400f71db900c3629188ac3759ab97733c17d

SHA256
a641131d2e1c68937b7b100a0d00e84126713ab107a32f4ac72320389f3605e8

SHA512
4cfb0e2666713eb5d0c3eb832f15cce74d754d145da05edc57caa4e84ad181f3235ea26b8828311ea658d23fc77144f5de3fffc83bedd48860122fac7a133559

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
3b3f85725669bd0bcf34bba927e2bcea

SHA1
583152c2bc25d896eaf0cc482b9da3259f151210

SHA256
51acb49d34ea0844bfda85dfa8dfe50f9bfd113553db083061e2aa0704170b60

SHA512
32259bd0f080618a30dc67b8a8a731422c5c4a4e647a9daf5271afa7d2266ac587cd0231c22eb6f483cbe96491a15a658d797d4fac964282cf4465fd211cf311

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
25e0f36ff4c9ec807e30250486cf88aa

SHA1
7fd851921328efe8ed5c6d1f2bc87c16c4cb68c5

SHA256
7f8eebd77b1321e06301dfcc14e0b603c9aca22486bc577b3bea46ac9273241c

SHA512
1098d9256acdddb01e8db3a43329ed7e18b6315b687eb60d59ba465de8436b7d55fd8870b1c08e4fdf2ffe18a7874accb608e9b879152b284686506a8a89eb97

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
e2bbdf3279da11c50068a5fc90345b62

SHA1
dd6d822f87a249234dfbbad1922766492a0a6c63

SHA256
060801915e7ba9a7fefbfabb1ce2d9a536ce72603876f008acc4add9dc86dda8

SHA512
46a5a0b99f87b9ed9a344356313052f38732c02209373c5525ef7d191bc487d6300731362fb31554c464ebe0d0551adc9bbedf6965f11ce62bc40c7bc32ee646

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
2f2ca432b265061a8b2848259d669734

SHA1
e38736f21fd3ff18270a88d1ad3676364bfc3c0e

SHA256
d4f8ad1c8c25fbf260c88f2398a32ed4b2fca0c05f0a8d26196e10b46b5b095f

SHA512
e33fef32f9144a5baf9818c3ce3011fa0e3fc64d02b7474f958f753142ad2b00cbac43070c80945e87e5b2fc436bd06e61d533be07005cc0b27b2a19c9e9bad0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
4f19c9c76afc5d8be41f0c44beeddb0c

SHA1
3a342ddc183bc48b3c3bb91867acd2ed0905ec63

SHA256
3329c5e1a9e292f08ad3a852d25ddcc5361e7f769022c85317a60519b60da6e8

SHA512
90d2eaf465f739ca11de36afbf6d4511c4f94e8d52284ce1f7e97504f2e918516d81c3f48ddb80481d081591d8d94ae88a56526d77f90aa314d1ef1363e7c1c7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
4efd96c0b515bc9eb9c680ac24e02470

SHA1
0b09723af6886f81420038bac2c05d418f8342fe

SHA256
ec654b6647432dcdcf0c28e6c419b476c302dc7c8d0d365d60a472308be04106

SHA512
2de72675cfa5b0d68fb3742d84e261e39c6e125c647b57ef159ff4682f4c8c550c7a8b5be2f7a34e64443765dbf8ee411aa64d2fd08fc5544eebc745fa13199c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
714e3bf5b199010d18f98c3cdf41996b

SHA1
45651311b80116087e6a39d1a847e3c7fdc9300c

SHA256
dac7f54be3d3d5d811d2a9a6bb688e135cb6a86730d4062077e6351217539688

SHA512
48c0d730a4e74ad822ed6196668e3bda2cd6da1cb90bbfa2a71ff35bc497d0795e1deb94927d212634b076d3bfd42737e588064f4cc26fbead3720b687258f53

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
88f102a40703af00461b56504d9c137a

SHA1
cd9d320da1cb4cf63ffc8bb23dda5f6a5262daf7

SHA256
67ea84a7c95906813387dfc712213deafee72c3ce160cd644a49f3ddd53d0901

SHA512
e41b619111436f4d8e583a1761201ccbc9c73d82e35b5ba801d701cbe79634ed82bdb774a5b42411f6eedafd6bf2cad03d514f7d2d4feb66d1018d1409ed016e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
364c6ee05cb3d0934142013c7ae0ce4a

SHA1
180920bda2f3fa4c907324265d633508e712e905

SHA256
6190460e35eaede6600335059decc5ee99b43a5ff6b4f769b10ce3b9a22164f2

SHA512
394016ce3b89a75f93c117d6dec69ab1b4d9dd70f89c95c7b1dc5a158c52c21b8fb766e5285dcf275aa2cce252f4cc9af7ae12e5aa5ef509a87de319515dd214

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
bd7c94fce3658a9cbf40d3212be612d4

SHA1
42c8786aa59ae7d0eaa57d2756d4aa6fdde45a97

SHA256
d51b84917979768c2b75557651f8afa75276658835979345e498fc374397221d

SHA512
b0f022de14fc3385b90b07dcfaec744ceba32d7fc3d173489cc08e6350efaa54c3aec2f2a6e590f26cf96adf2520ec9f7afa72e6348d077fc28fb245f6aec9be

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
7cc09775067ab53fdff878b9fafc0a4e

SHA1
27d2ce12a9fa1e45876701716fca2fe50c596fa7

SHA256
7facec75c96d70d42cfa7b30836b821557e42903560343fda3f7399df98cbf40

SHA512
1da8c4a6b7e37c56640a49117ba38b5225d37d2dce368ffbdbd6c04988dbd273be135457a9f820a4366838317f47447067836db7cfa4d8327112dcbae44b2728

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
799e05ec19c36bc7900ddae5f50682b2

SHA1
dae2488b8ab80700af309202f0995dc91d3f8385

SHA256
1bb17d10792d1be611a88f10d5b1a7cb79af17be3afd3d6be7c3e3ed05bdee2e

SHA512
35dba22f35d5e71514536d7ea251f221452a7ae7b883498d8ca19d50171eb0b7cef7b5c57998fd90da54a3edeff7bcdf3b4296f08536a3eba7f8faf9754d851d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe583b7d.TMP

Filesize
534B

MD5
bbd6e8351ebd171d75512a2b018850d7

SHA1
e2ca4641d17ac2661a7787728a102d5f97533972

SHA256
2fcd2380d87783c42b196953cb57ba6b5fd20b1d5dbca1b4ad4988845a11729b

SHA512
70afe82234f07b84cfce6ed0ee65b7b7b3cf98aa29192b13f225ef50cee10bbfd375ca166c20edb65325506d945659e8be8cd9d5dc468d249604be128ed45219

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe5a87b0.TMP

Filesize
1KB

MD5
0a6976c6071e21d5b8f9ae4117093246

SHA1
475325f97343c12419b8bb10d6c33ecc4aa5c079

SHA256
becfcfeb8bfbb8b1d9de6c46e2a4456fb3fe3d21d10b9ad6f690bd608e215fd7

SHA512
ce57af829cdacd384f2c52319e4b3fcd4c5af8bb7f33d418684f3ff0e01baf989fe5f28641203cf1edeec063a21a55843fb195dead277f27ea46afa9fb3cbe1a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
b14a42e34b52a145c57ea3e58c96f9af

SHA1
b91758df295ef109f63c3c354cdc9c1dab08a65c

SHA256
8a7e895402ac3f871111103f3d7c453deb99bf0f5f70250da09f2242072d586e

SHA512
614a667859067b1c8d2f1266248bf3f5eb15acc50f2923a27ed5b395a56b1181c97090e46b5106f7575fbfc7478690be782cc8c380cf65509356cb7334f555de

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
3bd5e35b1bf3951cc58374b6cced788e

SHA1
f6bd35ff46f21417734288578584780bd02edeb7

SHA256
3f32a6df3bfd5c0c55eb810cf604ed4369dcaa17855a1b29b66f42ea7fd7f27c

SHA512
b7c4429ea697a4e656fc61d59577aab19bfc087222e670fac352518d6d000ac59ee95fae1611c01a10e4251619ce9c16d4bfd0119774505bb5923a8812e18bc0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
c21b1abe1b5e65b1f255ab3b48736a62

SHA1
65dc665b6386d889e428ee9334d5ef9ba14c9436

SHA256
81c81a5ff9844483ceb89df135e9d8d13c25d7393aadcc88239b1bd7d6edba3d

SHA512
52b0cd3ffccc27ab8d649c2a61dca5f2b06d971f5f41609fd2f5526469a131603e82ccb5bb99c15c701b9d58047bf4f03fb269c3a186218bc9d47db87bc9b03d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
d40bc11ddc123f8351b4cb156ba3718c

SHA1
291f66f6edd581b87c051fbb1ac17cc079142ec5

SHA256
96fc0dd424d7a4a21eaa2e82713849ce8d0f886a7944de32c6db2ae3f6f8c38a

SHA512
69a526d981ab5ed57d4f38192a3b431f2488902a03d6c7b8b2002660b7d232c4947df180e9907ba1a6c97cf99b9ca2bc1a32622801f1715f30d4005a3f3fa640

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
16a6cfd82da4e1ad789b024fbaf9848d

SHA1
2e34b22aea232927bd998db98f2f4f47ebde4f0f

SHA256
8bdf895ee7b895b2a7618d05d3a75ad2954cbcdc476ffd33c3975ed3ad2c79f5

SHA512
528fcc693a3b607a847ab17e14350ea358668650b37f8c5ef3a27d05a2501973fab44a81e898004354ac530d2ce58fcfa094352d9e2010b46a5c887d26110d24

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
bf9a5f5efc14c9eb4e3a5d2d971fb2e9

SHA1
7e10fc9c7b4caaaff2ef8833a0874f6720f48d98

SHA256
fe134ff636134d2e4fd38a9389e5d50371059008d0e880ee9fb678d72257ecc1

SHA512
e5846d61859787cd39b7b9b367c2393da2f68b50daa1fbe677826b67ee49bc8f050b92186c3a48755f8afe110e185b579072ccc1e20b19d11abd321ea0ac0354

Download Submit
C:\Users\Admin\AppData\Local\Temp\5a530dfd-bc51-4992-a05d-f09d41a331d4\AgileDotNetRT64.dll

Filesize
75KB

MD5
42b2c266e49a3acd346b91e3b0e638c0

SHA1
2bc52134f03fcc51cb4e0f6c7cf70646b4df7dd1

SHA256
adeed015f06efa363d504a18acb671b1db4b20b23664a55c9bc28aef3283ca29

SHA512
770822fd681a1d98afe03f6fbe5f116321b54c8e2989fb07491811fd29fca5b666f1adf4c6900823af1271e342cacc9293e9db307c4eef852d1a253b00347a81

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\AutomaticDestinations\f01b4d95cf55d32a.automaticDestinations-ms

Filesize
8KB

MD5
cd634452ef30243a3424cb942472a65b

SHA1
8bd3c7cae5e5727a03ff92a15a695f8cec059021

SHA256
45402a0770db11f5a54ed0638e0be7d956a7a013a086214c71c03f25852196af

SHA512
90c27997e58885455cbf9745baa113dac3421edce433227fb36306189e3bafbf15ede4973799691002962cd0ca4777c66c1bc70a5e0cb5547c3faec0a316c846

Download Submit
C:\Users\Admin\Downloads\!Please Read Me!.txt

Filesize
797B

MD5
afa18cf4aa2660392111763fb93a8c3d

SHA1
c219a3654a5f41ce535a09f2a188a464c3f5baf5

SHA256
227082c719fd4394c1f2311a0877d8a302c5b092bcc49f853a5cf3d2945f42b0

SHA512
4161f250d59b7d4d4a6c4f16639d66d21b2a9606de956d22ec00bedb006643fedbbb8e4cde9f6c0c977285918648314883ca91f3442d1125593bf2605f2d5c6b

Download Submit
C:\Users\Admin\Downloads\NJRat.exe:Zone.Identifier

Filesize
55B

MD5
0f98a5550abe0fb880568b1480c96a1c

SHA1
d2ce9f7057b201d31f79f3aee2225d89f36be07d

SHA256
2dfb5f4b33e4cf8237b732c02b1f2b1192ffe4b83114bcf821f489bbf48c6aa1

SHA512
dbc1150d831950684ab37407defac0177b7583da0fe13ee8f8eeb65e8b05d23b357722246888189b4681b97507a4262ece96a1c458c4427a9a41d8ea8d11a2f6

Download Submit
C:\Users\Admin\Downloads\Unconfirmed 224677.crdownload

Filesize
84KB

MD5
b6e148ee1a2a3b460dd2a0adbf1dd39c

SHA1
ec0efbe8fd2fa5300164e9e4eded0d40da549c60

SHA256
dc31e710277eac1b125de6f4626765a2684d992147691a33964e368e5f269cba

SHA512
4b8c62ddfc7cd3e5ce1f8b5a1ba4a611ab1bfccf81d80cf2cfc831cffa1d7a4b6da0494616a53b419168bc3a324b57382d4a6186af083de6fc93d144c4503741

Download Submit
C:\Users\Admin\Downloads\Unconfirmed 409767.crdownload:SmartScreen

Filesize
7B

MD5
4047530ecbc0170039e76fe1657bdb01

SHA1
32db7d5e662ebccdd1d71de285f907e3a1c68ac5

SHA256
82254025d1b98d60044d3aeb7c56eed7c61c07c3e30534d6e05dab9d6c326750

SHA512
8f002af3f4ed2b3dfb4ed8273318d160152da50ee4842c9f5d9915f50a3e643952494699c4258e6af993dc6e1695d0dc3db6d23f4d93c26b0bc6a20f4b4f336e

Download Submit
C:\Users\Admin\Downloads\Unconfirmed 584113.crdownload

Filesize
125KB

MD5
ea534626d73f9eb0e134de9885054892

SHA1
ab03e674b407aecf29c907b39717dec004843b13

SHA256
322eb96fc33119d8ed21b45f1cd57670f74fb42fd8888275ca4879dce1c1511c

SHA512
c8cda90323fd94387a566641ec48cb086540a400726032f3261151afe8a981730688a4dcd0983d9585355e22833a035ef627dbd1f643c4399f9ddce118a3a851

Download Submit
C:\Users\Admin\Downloads\Unconfirmed 625566.crdownload

Filesize
381KB

MD5
35a27d088cd5be278629fae37d464182

SHA1
d5a291fadead1f2a0cf35082012fe6f4bf22a3ab

SHA256
4a75f2db1dbd3c1218bb9994b7e1c690c4edd4e0c1a675de8d2a127611173e69

SHA512
eb0be3026321864bd5bcf53b88dc951711d8c0b4bcbd46800b90ca5116a56dba22452530e29f3ccbbcc43d943bdefc8ed8ca2d31ba2e7e5f0e594f74adba4ab5

Download Submit
C:\Users\Admin\Downloads\Unconfirmed 783521.crdownload

Filesize
224KB

MD5
5c7fb0927db37372da25f270708103a2

SHA1
120ed9279d85cbfa56e5b7779ffa7162074f7a29

SHA256
be22645c61949ad6a077373a7d6cd85e3fae44315632f161adc4c99d5a8e6844

SHA512
a15f97fad744ccf5f620e5aabb81f48507327b898a9aa4287051464019e0f89224c484e9691812e166471af9beaddcfc3deb2ba878658761f4800663beef7206

Download Submit
C:\Users\Admin\Downloads\Unconfirmed 833799.crdownload

Filesize
1.0MB

MD5
055d1462f66a350d9886542d4d79bc2b

SHA1
f1086d2f667d807dbb1aa362a7a809ea119f2565

SHA256
dddf7894b2e6aafa1903384759d68455c3a4a8348a7e2da3bd272555eba9bec0

SHA512
2c5e570226252bdb2104c90d5b75f11493af8ed1be8cb0fd14e3f324311a82138753064731b80ce8e8b120b3fe7009b21a50e9f4583d534080e28ab84b83fee1

Download Submit
C:\Users\Admin\Downloads\Unconfirmed 836028.crdownload

Filesize
14KB

MD5
19dbec50735b5f2a72d4199c4e184960

SHA1
6fed7732f7cb6f59743795b2ab154a3676f4c822

SHA256
a3d5715a81f2fbeb5f76c88c9c21eeee87142909716472f911ff6950c790c24d

SHA512
aa8a6bbb1ec516d5d5acf8be6863a4c6c5d754cee12b3d374c3a6acb393376806edc422f0ffb661c210e5b9485da88521e4a0956a4b7b08a5467cfaacd90591d

Download Submit
C:\Users\Admin\Downloads\u.wry

Filesize
236KB

MD5
cf1416074cd7791ab80a18f9e7e219d9

SHA1
276d2ec82c518d887a8a3608e51c56fa28716ded

SHA256
78e3f87f31688355c0f398317b2d87d803bd87ee3656c5a7c80f0561ec8606df

SHA512
0bb0843a90edacaf1407e6a7273a9fbb896701635e4d9467392b7350ad25a1bec0c1ceef36737b4af5e5841936f4891436eded0533aa3d74c9a54efa42f024c5

Download Submit
memory/1624-17016-0x0000000000400000-0x000000000056F000-memory.dmp

Filesize
1.4MB

Download
memory/1624-772-0x0000000000400000-0x000000000056F000-memory.dmp

Filesize
1.4MB

Download
memory/1624-786-0x0000000000400000-0x000000000056F000-memory.dmp

Filesize
1.4MB

Download
memory/2788-9667-0x0000000000400000-0x000000000056F000-memory.dmp

Filesize
1.4MB

Download
memory/2788-12429-0x0000000000400000-0x000000000056F000-memory.dmp

Filesize
1.4MB

Download
memory/2788-774-0x0000000000400000-0x000000000056F000-memory.dmp

Filesize
1.4MB

Download
memory/3112-546-0x0000026E21960000-0x0000026E22274000-memory.dmp

Filesize
9.1MB

Download
memory/3900-513-0x00000167211B0000-0x00000167211CE000-memory.dmp

Filesize
120KB

Download
memory/37232-25700-0x0000000000400000-0x000000000056F000-memory.dmp

Filesize
1.4MB

Download
memory/37232-25698-0x0000000000400000-0x000000000056F000-memory.dmp

Filesize
1.4MB

Download
memory/37232-25677-0x0000000000400000-0x000000000056F000-memory.dmp

Filesize
1.4MB

Download
memory/37400-25697-0x0000000000400000-0x000000000056F000-memory.dmp

Filesize
1.4MB

Download
memory/37400-25702-0x0000000000400000-0x000000000056F000-memory.dmp

Filesize
1.4MB

Download
memory/37400-25705-0x0000000000400000-0x000000000056F000-memory.dmp

Filesize
1.4MB

Download
memory/38432-25786-0x0000000010000000-0x0000000010012000-memory.dmp

Filesize
72KB

Download
memory/41200-26152-0x000000001D560000-0x000000001DA88000-memory.dmp

Filesize
5.2MB

Download
memory/41200-26151-0x000000001CE60000-0x000000001D022000-memory.dmp

Filesize
1.8MB

Download
memory/41200-26150-0x00007FFC507F0000-0x00007FFC5093F000-memory.dmp

Filesize
1.3MB

Download
memory/41200-26144-0x0000000000680000-0x00000000006AA000-memory.dmp

Filesize
168KB

Download
memory/42592-26241-0x0000000000400000-0x0000000000454000-memory.dmp

Filesize
336KB

Download
memory/42592-26243-0x0000000000400000-0x0000000000454000-memory.dmp

Filesize
336KB

Download

Analysis

Sharing

Errors

General

Malware Config

Extracted

Extracted

Signatures

Processes

Network

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Request

HTTP Request

HTTP Response

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Request

HTTP Response

HTTP Request

HTTP Response