Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
146s -
max time network
152s -
platform
windows10-ltsc 2021_x64 -
resource
win10ltsc2021-20241211-en -
resource tags
arch:x64arch:x86image:win10ltsc2021-20241211-enlocale:en-usos:windows10-ltsc 2021-x64system -
submitted
25/12/2024, 19:02 UTC
Static task
static1
URLScan task
urlscan1
Behavioral task
behavioral1
Sample
http://steamcoummunilty.com/tradeoffer/new/?partner=149270605216&token=hK3VWGgL
Resource
win10ltsc2021-20241211-en
General
-
Target
http://steamcoummunilty.com/tradeoffer/new/?partner=149270605216&token=hK3VWGgL
Malware Config
Signatures
-
Drops file in Program Files directory 2 IoCs
description ioc Process File created C:\Program Files (x86)\Microsoft\Edge\Application\SetupMetrics\3facffcd-7cc0-4869-bc7e-a26f7035ef2d.tmp setup.exe File opened for modification C:\Program Files (x86)\Microsoft\Edge\Application\SetupMetrics\20241225190318.pma setup.exe -
Enumerates system info in registry 2 TTPs 3 IoCs
description ioc Process Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS msedge.exe Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer msedge.exe Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName msedge.exe -
Suspicious behavior: EnumeratesProcesses 10 IoCs
pid Process 3464 msedge.exe 3464 msedge.exe 944 msedge.exe 944 msedge.exe 100 identity_helper.exe 100 identity_helper.exe 1668 msedge.exe 1668 msedge.exe 1668 msedge.exe 1668 msedge.exe -
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 12 IoCs
pid Process 944 msedge.exe 944 msedge.exe 944 msedge.exe 944 msedge.exe 944 msedge.exe 944 msedge.exe 944 msedge.exe 944 msedge.exe 944 msedge.exe 944 msedge.exe 944 msedge.exe 944 msedge.exe -
Suspicious use of FindShellTrayWindow 25 IoCs
pid Process 944 msedge.exe 944 msedge.exe 944 msedge.exe 944 msedge.exe 944 msedge.exe 944 msedge.exe 944 msedge.exe 944 msedge.exe 944 msedge.exe 944 msedge.exe 944 msedge.exe 944 msedge.exe 944 msedge.exe 944 msedge.exe 944 msedge.exe 944 msedge.exe 944 msedge.exe 944 msedge.exe 944 msedge.exe 944 msedge.exe 944 msedge.exe 944 msedge.exe 944 msedge.exe 944 msedge.exe 944 msedge.exe -
Suspicious use of SendNotifyMessage 24 IoCs
pid Process 944 msedge.exe 944 msedge.exe 944 msedge.exe 944 msedge.exe 944 msedge.exe 944 msedge.exe 944 msedge.exe 944 msedge.exe 944 msedge.exe 944 msedge.exe 944 msedge.exe 944 msedge.exe 944 msedge.exe 944 msedge.exe 944 msedge.exe 944 msedge.exe 944 msedge.exe 944 msedge.exe 944 msedge.exe 944 msedge.exe 944 msedge.exe 944 msedge.exe 944 msedge.exe 944 msedge.exe -
Suspicious use of WriteProcessMemory 64 IoCs
description pid Process procid_target PID 944 wrote to memory of 3128 944 msedge.exe 81 PID 944 wrote to memory of 3128 944 msedge.exe 81 PID 944 wrote to memory of 4928 944 msedge.exe 82 PID 944 wrote to memory of 4928 944 msedge.exe 82 PID 944 wrote to memory of 4928 944 msedge.exe 82 PID 944 wrote to memory of 4928 944 msedge.exe 82 PID 944 wrote to memory of 4928 944 msedge.exe 82 PID 944 wrote to memory of 4928 944 msedge.exe 82 PID 944 wrote to memory of 4928 944 msedge.exe 82 PID 944 wrote to memory of 4928 944 msedge.exe 82 PID 944 wrote to memory of 4928 944 msedge.exe 82 PID 944 wrote to memory of 4928 944 msedge.exe 82 PID 944 wrote to memory of 4928 944 msedge.exe 82 PID 944 wrote to memory of 4928 944 msedge.exe 82 PID 944 wrote to memory of 4928 944 msedge.exe 82 PID 944 wrote to memory of 4928 944 msedge.exe 82 PID 944 wrote to memory of 4928 944 msedge.exe 82 PID 944 wrote to memory of 4928 944 msedge.exe 82 PID 944 wrote to memory of 4928 944 msedge.exe 82 PID 944 wrote to memory of 4928 944 msedge.exe 82 PID 944 wrote to memory of 4928 944 msedge.exe 82 PID 944 wrote to memory of 4928 944 msedge.exe 82 PID 944 wrote to memory of 4928 944 msedge.exe 82 PID 944 wrote to memory of 4928 944 msedge.exe 82 PID 944 wrote to memory of 4928 944 msedge.exe 82 PID 944 wrote to memory of 4928 944 msedge.exe 82 PID 944 wrote to memory of 4928 944 msedge.exe 82 PID 944 wrote to memory of 4928 944 msedge.exe 82 PID 944 wrote to memory of 4928 944 msedge.exe 82 PID 944 wrote to memory of 4928 944 msedge.exe 82 PID 944 wrote to memory of 4928 944 msedge.exe 82 PID 944 wrote to memory of 4928 944 msedge.exe 82 PID 944 wrote to memory of 4928 944 msedge.exe 82 PID 944 wrote to memory of 4928 944 msedge.exe 82 PID 944 wrote to memory of 4928 944 msedge.exe 82 PID 944 wrote to memory of 4928 944 msedge.exe 82 PID 944 wrote to memory of 4928 944 msedge.exe 82 PID 944 wrote to memory of 4928 944 msedge.exe 82 PID 944 wrote to memory of 4928 944 msedge.exe 82 PID 944 wrote to memory of 4928 944 msedge.exe 82 PID 944 wrote to memory of 4928 944 msedge.exe 82 PID 944 wrote to memory of 4928 944 msedge.exe 82 PID 944 wrote to memory of 3464 944 msedge.exe 83 PID 944 wrote to memory of 3464 944 msedge.exe 83 PID 944 wrote to memory of 2236 944 msedge.exe 84 PID 944 wrote to memory of 2236 944 msedge.exe 84 PID 944 wrote to memory of 2236 944 msedge.exe 84 PID 944 wrote to memory of 2236 944 msedge.exe 84 PID 944 wrote to memory of 2236 944 msedge.exe 84 PID 944 wrote to memory of 2236 944 msedge.exe 84 PID 944 wrote to memory of 2236 944 msedge.exe 84 PID 944 wrote to memory of 2236 944 msedge.exe 84 PID 944 wrote to memory of 2236 944 msedge.exe 84 PID 944 wrote to memory of 2236 944 msedge.exe 84 PID 944 wrote to memory of 2236 944 msedge.exe 84 PID 944 wrote to memory of 2236 944 msedge.exe 84 PID 944 wrote to memory of 2236 944 msedge.exe 84 PID 944 wrote to memory of 2236 944 msedge.exe 84 PID 944 wrote to memory of 2236 944 msedge.exe 84 PID 944 wrote to memory of 2236 944 msedge.exe 84 PID 944 wrote to memory of 2236 944 msedge.exe 84 PID 944 wrote to memory of 2236 944 msedge.exe 84 PID 944 wrote to memory of 2236 944 msedge.exe 84 PID 944 wrote to memory of 2236 944 msedge.exe 84
Processes
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --start-maximized --single-argument http://steamcoummunilty.com/tradeoffer/new/?partner=149270605216&token=hK3VWGgL1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:944 -
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x124,0x128,0x12c,0x100,0x130,0x7ffb32e846f8,0x7ffb32e84708,0x7ffb32e847182⤵PID:3128
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2084,14922035932533252696,7226031026270092922,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2108 /prefetch:22⤵PID:4928
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2084,14922035932533252696,7226031026270092922,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2196 /prefetch:32⤵
- Suspicious behavior: EnumeratesProcesses
PID:3464
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2084,14922035932533252696,7226031026270092922,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2756 /prefetch:82⤵PID:2236
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,14922035932533252696,7226031026270092922,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3372 /prefetch:12⤵PID:3892
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,14922035932533252696,7226031026270092922,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3380 /prefetch:12⤵PID:3156
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,14922035932533252696,7226031026270092922,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5540 /prefetch:12⤵PID:3964
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2084,14922035932533252696,7226031026270092922,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6072 /prefetch:82⤵PID:636
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Installer\setup.exe"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Installer\setup.exe" --configure-user-settings --verbose-logging --system-level --msedge --force-configure-user-settings2⤵
- Drops file in Program Files directory
PID:224 -
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Installer\setup.exe"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Installer\setup.exe" --type=crashpad-handler /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Windows\TEMP\MsEdgeCrashpad --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Installer\setup.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x10c,0x118,0x154,0x130,0x150,0x7ff7b50d5460,0x7ff7b50d5470,0x7ff7b50d54803⤵PID:4204
-
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2084,14922035932533252696,7226031026270092922,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6072 /prefetch:82⤵
- Suspicious behavior: EnumeratesProcesses
PID:100
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,14922035932533252696,7226031026270092922,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4876 /prefetch:12⤵PID:4380
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,14922035932533252696,7226031026270092922,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6136 /prefetch:12⤵PID:2804
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,14922035932533252696,7226031026270092922,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3508 /prefetch:12⤵PID:1668
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,14922035932533252696,7226031026270092922,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6348 /prefetch:12⤵PID:3540
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,14922035932533252696,7226031026270092922,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3556 /prefetch:12⤵PID:548
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,14922035932533252696,7226031026270092922,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1144 /prefetch:12⤵PID:2436
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,14922035932533252696,7226031026270092922,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6696 /prefetch:12⤵PID:4304
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,14922035932533252696,7226031026270092922,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5508 /prefetch:12⤵PID:3772
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,14922035932533252696,7226031026270092922,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6872 /prefetch:12⤵PID:408
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2084,14922035932533252696,7226031026270092922,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.4355 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5016 /prefetch:22⤵
- Suspicious behavior: EnumeratesProcesses
PID:1668
-
-
C:\Windows\System32\CompPkgSrv.exeC:\Windows\System32\CompPkgSrv.exe -Embedding1⤵PID:2364
-
C:\Windows\System32\CompPkgSrv.exeC:\Windows\System32\CompPkgSrv.exe -Embedding1⤵PID:2596
Network
-
Remote address:8.8.8.8:53Requeststeamcoummunilty.comIN AResponsesteamcoummunilty.comIN A147.45.44.92
-
Remote address:8.8.8.8:53Request14.160.190.20.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Request217.106.137.52.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Request217.106.137.52.in-addr.arpaIN PTR
-
Remote address:8.8.8.8:53Request92.44.45.147.in-addr.arpaIN PTRResponse
-
Remote address:147.45.44.92:80RequestGET /tradeoffer/new/?partner=149270605216&token=hK3VWGgL HTTP/1.1
Host: steamcoummunilty.com
Connection: keep-alive
DNT: 1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Date: Wed, 25 Dec 2024 19:03:16 GMT
Etag: W/"4e8b-/PPz8+Bv0m3u4R6nnFptmQnVNB0"
Origin-Agent-Cluster: ?1
Referrer-Policy: no-referrer
Server: Caddy
Set-Cookie: session=eyJhbGciOiJBMTI4S1ciLCJlbmMiOiJBMTI4R0NNIn0.lX00FWzoLKrWyJqIuropTomr9l5FGp3n.MsEnOBRIjK1FlQYy.tO_SjA0-mDQ2H91CM-1XDiTuF3XXsa3TUKReMrNrI-PiAqXKWtGeoVBFnBG4lsuGKiOCRAZp1kYXxETELeramF8QGyEGfJwJC4klZw7Uhw4vFyh6nPpo3ny5hF68ZWPzEGCdLI9AqddPFk3WCpNFOddgzeGkxk-4FdFjuGA-8wiGZu_J7WoaJ6t-ZSMo6Wq7530N8xLv4yMppq2lelcvn0Na9zH752e7of_8J42FPQZmpzSKy8GxoKqRtUbQJv2ZokVmxLqmTOa1omRfSPk8stMJNdO2vwWEeHka9w.89gRK4TZaMnB7_ZmOVe6Cg; Path=/; Expires=Wed, 25 Dec 2024 23:03:16 GMT; SameSite=Lax
Set-Cookie: token=eyJhbGciOiJIUzI1NiJ9.eyJvd25lciI6NzcsInNlY3JldCI6Ijc5NDFjZmU2Y2JiNmFkMzJiMjE3YjQ1ZWI0MDFiMGJiIiwic2VydmljZSI6IlN0ZWFtIn0.ifXqvLI8YZ1oj6ehcMhOOGmE6bZXJ1YJtsXJzA4q58I; Path=/; Expires=Wed, 25 Dec 2024 23:03:16 GMT; SameSite=Lax
Strict-Transport-Security: max-age=15552000; includeSubDomains
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Dns-Prefetch-Control: off
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
X-Permitted-Cross-Domain-Policies: none
X-Xss-Protection: 0
Transfer-Encoding: chunked
-
POSThttp://steamcoummunilty.com/73407a502e570642110306530e025557101703710c51424050721502244003104357514346552107575b500151520307500307125002410a09515e1451740a29046f6376042amsedge.exeRemote address:147.45.44.92:80RequestPOST /73407a502e570642110306530e025557101703710c51424050721502244003104357514346552107575b500151520307500307125002410a09515e1451740a29046f6376042a HTTP/1.1
Host: steamcoummunilty.com
Connection: keep-alive
Content-Length: 113
Cache-Control: max-age=0
Origin: null
Upgrade-Insecure-Requests: 1
DNT: 1
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
Cookie: session=eyJhbGciOiJBMTI4S1ciLCJlbmMiOiJBMTI4R0NNIn0.lX00FWzoLKrWyJqIuropTomr9l5FGp3n.MsEnOBRIjK1FlQYy.tO_SjA0-mDQ2H91CM-1XDiTuF3XXsa3TUKReMrNrI-PiAqXKWtGeoVBFnBG4lsuGKiOCRAZp1kYXxETELeramF8QGyEGfJwJC4klZw7Uhw4vFyh6nPpo3ny5hF68ZWPzEGCdLI9AqddPFk3WCpNFOddgzeGkxk-4FdFjuGA-8wiGZu_J7WoaJ6t-ZSMo6Wq7530N8xLv4yMppq2lelcvn0Na9zH752e7of_8J42FPQZmpzSKy8GxoKqRtUbQJv2ZokVmxLqmTOa1omRfSPk8stMJNdO2vwWEeHka9w.89gRK4TZaMnB7_ZmOVe6Cg; token=eyJhbGciOiJIUzI1NiJ9.eyJvd25lciI6NzcsInNlY3JldCI6Ijc5NDFjZmU2Y2JiNmFkMzJiMjE3YjQ1ZWI0MDFiMGJiIiwic2VydmljZSI6IlN0ZWFtIn0.ifXqvLI8YZ1oj6ehcMhOOGmE6bZXJ1YJtsXJzA4q58I
ResponseHTTP/1.1 201 Created
Content-Type: text/html; charset=utf-8
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Date: Wed, 25 Dec 2024 19:03:16 GMT
Etag: W/"c6f49-4cd69Zvjt81QRcte4RtHajWN+ik"
Origin-Agent-Cluster: ?1
Referrer-Policy: no-referrer
Server: Caddy
Strict-Transport-Security: max-age=15552000; includeSubDomains
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Dns-Prefetch-Control: off
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
X-Permitted-Cross-Domain-Policies: none
X-Xss-Protection: 0
Transfer-Encoding: chunked
-
Remote address:147.45.44.92:80RequestGET /73407a502e57065f0d06074e.js HTTP/1.1
Host: steamcoummunilty.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: */*
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
Cookie: session=eyJhbGciOiJBMTI4S1ciLCJlbmMiOiJBMTI4R0NNIn0.lX00FWzoLKrWyJqIuropTomr9l5FGp3n.MsEnOBRIjK1FlQYy.tO_SjA0-mDQ2H91CM-1XDiTuF3XXsa3TUKReMrNrI-PiAqXKWtGeoVBFnBG4lsuGKiOCRAZp1kYXxETELeramF8QGyEGfJwJC4klZw7Uhw4vFyh6nPpo3ny5hF68ZWPzEGCdLI9AqddPFk3WCpNFOddgzeGkxk-4FdFjuGA-8wiGZu_J7WoaJ6t-ZSMo6Wq7530N8xLv4yMppq2lelcvn0Na9zH752e7of_8J42FPQZmpzSKy8GxoKqRtUbQJv2ZokVmxLqmTOa1omRfSPk8stMJNdO2vwWEeHka9w.89gRK4TZaMnB7_ZmOVe6Cg; token=eyJhbGciOiJIUzI1NiJ9.eyJvd25lciI6NzcsInNlY3JldCI6Ijc5NDFjZmU2Y2JiNmFkMzJiMjE3YjQ1ZWI0MDFiMGJiIiwic2VydmljZSI6IlN0ZWFtIn0.ifXqvLI8YZ1oj6ehcMhOOGmE6bZXJ1YJtsXJzA4q58I
ResponseHTTP/1.1 200 OK
Content-Encoding: gzip
Content-Type: application/javascript
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Date: Wed, 25 Dec 2024 19:03:16 GMT
Last-Modified: Wed, 25 Dec 2024 06:24:21 GMT
Origin-Agent-Cluster: ?1
Referrer-Policy: no-referrer
Server: Caddy
Strict-Transport-Security: max-age=15552000; includeSubDomains
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Dns-Prefetch-Control: off
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
X-Permitted-Cross-Domain-Policies: none
X-Xss-Protection: 0
Transfer-Encoding: chunked
-
Remote address:147.45.44.92:80RequestGET /73407a502e5706510616315f1501705d0c545850 HTTP/1.1
Host: steamcoummunilty.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: */*
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
Cookie: session=eyJhbGciOiJBMTI4S1ciLCJlbmMiOiJBMTI4R0NNIn0.lX00FWzoLKrWyJqIuropTomr9l5FGp3n.MsEnOBRIjK1FlQYy.tO_SjA0-mDQ2H91CM-1XDiTuF3XXsa3TUKReMrNrI-PiAqXKWtGeoVBFnBG4lsuGKiOCRAZp1kYXxETELeramF8QGyEGfJwJC4klZw7Uhw4vFyh6nPpo3ny5hF68ZWPzEGCdLI9AqddPFk3WCpNFOddgzeGkxk-4FdFjuGA-8wiGZu_J7WoaJ6t-ZSMo6Wq7530N8xLv4yMppq2lelcvn0Na9zH752e7of_8J42FPQZmpzSKy8GxoKqRtUbQJv2ZokVmxLqmTOa1omRfSPk8stMJNdO2vwWEeHka9w.89gRK4TZaMnB7_ZmOVe6Cg; token=eyJhbGciOiJIUzI1NiJ9.eyJvd25lciI6NzcsInNlY3JldCI6Ijc5NDFjZmU2Y2JiNmFkMzJiMjE3YjQ1ZWI0MDFiMGJiIiwic2VydmljZSI6IlN0ZWFtIn0.ifXqvLI8YZ1oj6ehcMhOOGmE6bZXJ1YJtsXJzA4q58I; _ga=GA1.2.1275157451.1735153396; _gid=GA1.2.142591606.1735153396
ResponseHTTP/1.1 200 OK
Content-Type: application/json; charset=utf-8
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Date: Wed, 25 Dec 2024 19:03:17 GMT
Etag: W/"122-Ge9HPobOxOigj58v2fMPgswnlBA"
Origin-Agent-Cluster: ?1
Referrer-Policy: no-referrer
Server: Caddy
Strict-Transport-Security: max-age=15552000; includeSubDomains
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Dns-Prefetch-Control: off
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
X-Permitted-Cross-Domain-Policies: none
X-Xss-Protection: 0
Transfer-Encoding: chunked
-
Remote address:147.45.44.92:80RequestGET /tradeoffer/new/?partner=149270605216&token=hK3VWGgL HTTP/1.1
Host: steamcoummunilty.com
Connection: keep-alive
Cache-Control: max-age=0
DNT: 1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
Cookie: session=eyJhbGciOiJBMTI4S1ciLCJlbmMiOiJBMTI4R0NNIn0.lX00FWzoLKrWyJqIuropTomr9l5FGp3n.MsEnOBRIjK1FlQYy.tO_SjA0-mDQ2H91CM-1XDiTuF3XXsa3TUKReMrNrI-PiAqXKWtGeoVBFnBG4lsuGKiOCRAZp1kYXxETELeramF8QGyEGfJwJC4klZw7Uhw4vFyh6nPpo3ny5hF68ZWPzEGCdLI9AqddPFk3WCpNFOddgzeGkxk-4FdFjuGA-8wiGZu_J7WoaJ6t-ZSMo6Wq7530N8xLv4yMppq2lelcvn0Na9zH752e7of_8J42FPQZmpzSKy8GxoKqRtUbQJv2ZokVmxLqmTOa1omRfSPk8stMJNdO2vwWEeHka9w.89gRK4TZaMnB7_ZmOVe6Cg; token=eyJhbGciOiJIUzI1NiJ9.eyJvd25lciI6NzcsInNlY3JldCI6Ijc5NDFjZmU2Y2JiNmFkMzJiMjE3YjQ1ZWI0MDFiMGJiIiwic2VydmljZSI6IlN0ZWFtIn0.ifXqvLI8YZ1oj6ehcMhOOGmE6bZXJ1YJtsXJzA4q58I; _ga=GA1.2.1275157451.1735153396; _gid=GA1.2.142591606.1735153396
If-None-Match: W/"4e8b-/PPz8+Bv0m3u4R6nnFptmQnVNB0"
ResponseHTTP/1.1 304 Not Modified
Cross-Origin-Resource-Policy: same-origin
Date: Wed, 25 Dec 2024 19:03:25 GMT
Etag: W/"4e8b-/PPz8+Bv0m3u4R6nnFptmQnVNB0"
Origin-Agent-Cluster: ?1
Referrer-Policy: no-referrer
Server: Caddy
Strict-Transport-Security: max-age=15552000; includeSubDomains
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Dns-Prefetch-Control: off
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
X-Permitted-Cross-Domain-Policies: none
X-Xss-Protection: 0
-
POSThttp://steamcoummunilty.com/73407a502e570642110306530e025557101703710c51424050721502244003104357514346552107575b500151520307500307125002410a09515e1451740a29046f6376042amsedge.exeRemote address:147.45.44.92:80RequestPOST /73407a502e570642110306530e025557101703710c51424050721502244003104357514346552107575b500151520307500307125002410a09515e1451740a29046f6376042a HTTP/1.1
Host: steamcoummunilty.com
Connection: keep-alive
Content-Length: 113
Cache-Control: max-age=0
Origin: null
Upgrade-Insecure-Requests: 1
DNT: 1
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
Cookie: session=eyJhbGciOiJBMTI4S1ciLCJlbmMiOiJBMTI4R0NNIn0.lX00FWzoLKrWyJqIuropTomr9l5FGp3n.MsEnOBRIjK1FlQYy.tO_SjA0-mDQ2H91CM-1XDiTuF3XXsa3TUKReMrNrI-PiAqXKWtGeoVBFnBG4lsuGKiOCRAZp1kYXxETELeramF8QGyEGfJwJC4klZw7Uhw4vFyh6nPpo3ny5hF68ZWPzEGCdLI9AqddPFk3WCpNFOddgzeGkxk-4FdFjuGA-8wiGZu_J7WoaJ6t-ZSMo6Wq7530N8xLv4yMppq2lelcvn0Na9zH752e7of_8J42FPQZmpzSKy8GxoKqRtUbQJv2ZokVmxLqmTOa1omRfSPk8stMJNdO2vwWEeHka9w.89gRK4TZaMnB7_ZmOVe6Cg; token=eyJhbGciOiJIUzI1NiJ9.eyJvd25lciI6NzcsInNlY3JldCI6Ijc5NDFjZmU2Y2JiNmFkMzJiMjE3YjQ1ZWI0MDFiMGJiIiwic2VydmljZSI6IlN0ZWFtIn0.ifXqvLI8YZ1oj6ehcMhOOGmE6bZXJ1YJtsXJzA4q58I; _ga=GA1.2.1275157451.1735153396; _gid=GA1.2.142591606.1735153396
ResponseHTTP/1.1 201 Created
Content-Type: text/html; charset=utf-8
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Date: Wed, 25 Dec 2024 19:03:25 GMT
Etag: W/"c6f49-4cd69Zvjt81QRcte4RtHajWN+ik"
Origin-Agent-Cluster: ?1
Referrer-Policy: no-referrer
Server: Caddy
Strict-Transport-Security: max-age=15552000; includeSubDomains
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Dns-Prefetch-Control: off
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
X-Permitted-Cross-Domain-Policies: none
X-Xss-Protection: 0
Transfer-Encoding: chunked
-
Remote address:147.45.44.92:80RequestGET /tradeoffer/new/?partner=149270605216&token=hK3VWGgL HTTP/1.1
Host: steamcoummunilty.com
Connection: keep-alive
Cache-Control: max-age=0
DNT: 1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
Cookie: session=eyJhbGciOiJBMTI4S1ciLCJlbmMiOiJBMTI4R0NNIn0.lX00FWzoLKrWyJqIuropTomr9l5FGp3n.MsEnOBRIjK1FlQYy.tO_SjA0-mDQ2H91CM-1XDiTuF3XXsa3TUKReMrNrI-PiAqXKWtGeoVBFnBG4lsuGKiOCRAZp1kYXxETELeramF8QGyEGfJwJC4klZw7Uhw4vFyh6nPpo3ny5hF68ZWPzEGCdLI9AqddPFk3WCpNFOddgzeGkxk-4FdFjuGA-8wiGZu_J7WoaJ6t-ZSMo6Wq7530N8xLv4yMppq2lelcvn0Na9zH752e7of_8J42FPQZmpzSKy8GxoKqRtUbQJv2ZokVmxLqmTOa1omRfSPk8stMJNdO2vwWEeHka9w.89gRK4TZaMnB7_ZmOVe6Cg; token=eyJhbGciOiJIUzI1NiJ9.eyJvd25lciI6NzcsInNlY3JldCI6Ijc5NDFjZmU2Y2JiNmFkMzJiMjE3YjQ1ZWI0MDFiMGJiIiwic2VydmljZSI6IlN0ZWFtIn0.ifXqvLI8YZ1oj6ehcMhOOGmE6bZXJ1YJtsXJzA4q58I; _ga=GA1.2.1275157451.1735153396; _gid=GA1.2.142591606.1735153396
If-None-Match: W/"4e8b-/PPz8+Bv0m3u4R6nnFptmQnVNB0"
ResponseHTTP/1.1 304 Not Modified
Cross-Origin-Resource-Policy: same-origin
Date: Wed, 25 Dec 2024 19:03:41 GMT
Etag: W/"4e8b-/PPz8+Bv0m3u4R6nnFptmQnVNB0"
Origin-Agent-Cluster: ?1
Referrer-Policy: no-referrer
Server: Caddy
Strict-Transport-Security: max-age=15552000; includeSubDomains
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Dns-Prefetch-Control: off
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
X-Permitted-Cross-Domain-Policies: none
X-Xss-Protection: 0
-
POSThttp://steamcoummunilty.com/73407a502e570642110306530e025557101703710c51424050721502244003104357514346552107575b500151520307500307125002410a09515e1451740a29046f6376042amsedge.exeRemote address:147.45.44.92:80RequestPOST /73407a502e570642110306530e025557101703710c51424050721502244003104357514346552107575b500151520307500307125002410a09515e1451740a29046f6376042a HTTP/1.1
Host: steamcoummunilty.com
Connection: keep-alive
Content-Length: 113
Cache-Control: max-age=0
Origin: null
Upgrade-Insecure-Requests: 1
DNT: 1
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
Cookie: session=eyJhbGciOiJBMTI4S1ciLCJlbmMiOiJBMTI4R0NNIn0.lX00FWzoLKrWyJqIuropTomr9l5FGp3n.MsEnOBRIjK1FlQYy.tO_SjA0-mDQ2H91CM-1XDiTuF3XXsa3TUKReMrNrI-PiAqXKWtGeoVBFnBG4lsuGKiOCRAZp1kYXxETELeramF8QGyEGfJwJC4klZw7Uhw4vFyh6nPpo3ny5hF68ZWPzEGCdLI9AqddPFk3WCpNFOddgzeGkxk-4FdFjuGA-8wiGZu_J7WoaJ6t-ZSMo6Wq7530N8xLv4yMppq2lelcvn0Na9zH752e7of_8J42FPQZmpzSKy8GxoKqRtUbQJv2ZokVmxLqmTOa1omRfSPk8stMJNdO2vwWEeHka9w.89gRK4TZaMnB7_ZmOVe6Cg; token=eyJhbGciOiJIUzI1NiJ9.eyJvd25lciI6NzcsInNlY3JldCI6Ijc5NDFjZmU2Y2JiNmFkMzJiMjE3YjQ1ZWI0MDFiMGJiIiwic2VydmljZSI6IlN0ZWFtIn0.ifXqvLI8YZ1oj6ehcMhOOGmE6bZXJ1YJtsXJzA4q58I; _ga=GA1.2.1275157451.1735153396; _gid=GA1.2.142591606.1735153396
ResponseHTTP/1.1 502 Bad Gateway
Date: Wed, 25 Dec 2024 19:03:55 GMT
Content-Length: 0
-
Remote address:147.45.44.92:80RequestGET /tradeoffer/new/?partner=149270605216&token=hK3VWGgL HTTP/1.1
Host: steamcoummunilty.com
Connection: keep-alive
Cache-Control: max-age=0
DNT: 1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
Cookie: session=eyJhbGciOiJBMTI4S1ciLCJlbmMiOiJBMTI4R0NNIn0.lX00FWzoLKrWyJqIuropTomr9l5FGp3n.MsEnOBRIjK1FlQYy.tO_SjA0-mDQ2H91CM-1XDiTuF3XXsa3TUKReMrNrI-PiAqXKWtGeoVBFnBG4lsuGKiOCRAZp1kYXxETELeramF8QGyEGfJwJC4klZw7Uhw4vFyh6nPpo3ny5hF68ZWPzEGCdLI9AqddPFk3WCpNFOddgzeGkxk-4FdFjuGA-8wiGZu_J7WoaJ6t-ZSMo6Wq7530N8xLv4yMppq2lelcvn0Na9zH752e7of_8J42FPQZmpzSKy8GxoKqRtUbQJv2ZokVmxLqmTOa1omRfSPk8stMJNdO2vwWEeHka9w.89gRK4TZaMnB7_ZmOVe6Cg; token=eyJhbGciOiJIUzI1NiJ9.eyJvd25lciI6NzcsInNlY3JldCI6Ijc5NDFjZmU2Y2JiNmFkMzJiMjE3YjQ1ZWI0MDFiMGJiIiwic2VydmljZSI6IlN0ZWFtIn0.ifXqvLI8YZ1oj6ehcMhOOGmE6bZXJ1YJtsXJzA4q58I; _ga=GA1.2.1275157451.1735153396; _gid=GA1.2.142591606.1735153396
If-None-Match: W/"4e8b-/PPz8+Bv0m3u4R6nnFptmQnVNB0"
ResponseHTTP/1.1 502 Bad Gateway
Date: Wed, 25 Dec 2024 19:04:09 GMT
Content-Length: 0
-
Remote address:8.8.8.8:53Requestnav.smartscreen.microsoft.comIN AResponsenav.smartscreen.microsoft.comIN CNAMEprod-atm-wds-nav.trafficmanager.netprod-atm-wds-nav.trafficmanager.netIN CNAMEprod-agic-uw-3.ukwest.cloudapp.azure.comprod-agic-uw-3.ukwest.cloudapp.azure.comIN A51.11.108.188
-
Remote address:51.11.108.188:443RequestPOST /api/browser/edge/navigate/2 HTTP/1.1
Connection: Keep-Alive
Content-Type: application/json
Authorization: SmartScreenHash eyJhdXRoSWQiOiIzODFkZGQxZS1lNjAwLTQyZGUtOTRlZC04YzM0YmY3M2YxNmQiLCJoYXNoIjoiYzBtZzVReTBhZzQ9Iiwia2V5IjoiYkowTU5HQ1M3MEJIRDROd04wTDMzZz09In0=
User-Agent: SmartScreen/281479409565696
Content-Length: 1710
Host: nav.smartscreen.microsoft.com
ResponseHTTP/1.1 200 OK
Content-Type: application/json; charset=utf-8
Content-Length: 1368
Connection: keep-alive
Server: Kestrel
Cache-Control: max-age=0, private
Request-Context: appId=cid-v1:365e21c6-df19-4b1c-a612-b572489ace31
-
Remote address:51.11.108.188:443RequestPOST /api/browser/edge/telemetry HTTP/1.1
Connection: Keep-Alive
Content-Type: application/json
Authorization: SmartScreenHash eyJhdXRoSWQiOiIzODFkZGQxZS1lNjAwLTQyZGUtOTRlZC04YzM0YmY3M2YxNmQiLCJoYXNoIjoidmJzQU9JVEhTeHM9Iiwia2V5IjoiQmdvUlQ5ZjBuRERDNWVIOHl2bzR5UT09In0=
User-Agent: SmartScreen/281479409565696
Content-Length: 2058
Host: nav.smartscreen.microsoft.com
ResponseHTTP/1.1 200 OK
Content-Length: 0
Connection: keep-alive
Server: Kestrel
Cache-Control: max-age=0, private
Request-Context: appId=cid-v1:365e21c6-df19-4b1c-a612-b572489ace31
-
Remote address:51.11.108.188:443RequestPOST /api/browser/edge/telemetry HTTP/1.1
Connection: Keep-Alive
Content-Type: application/json
Authorization: SmartScreenHash eyJhdXRoSWQiOiIzODFkZGQxZS1lNjAwLTQyZGUtOTRlZC04YzM0YmY3M2YxNmQiLCJoYXNoIjoiOFVnZUtvNU9UN1U9Iiwia2V5IjoiZ1VBbCthOHdhcVVPWjRYSFRqTlp4Zz09In0=
User-Agent: SmartScreen/281479409565696
Content-Length: 2161
Host: nav.smartscreen.microsoft.com
ResponseHTTP/1.1 200 OK
Content-Length: 0
Connection: keep-alive
Server: Kestrel
Cache-Control: max-age=0, private
Request-Context: appId=cid-v1:365e21c6-df19-4b1c-a612-b572489ace31
-
Remote address:51.11.108.188:443RequestPOST /api/browser/edge/navigate/2 HTTP/1.1
Connection: Keep-Alive
Content-Type: application/json
Authorization: SmartScreenHash eyJhdXRoSWQiOiIzODFkZGQxZS1lNjAwLTQyZGUtOTRlZC04YzM0YmY3M2YxNmQiLCJoYXNoIjoic3ZNeXZoUHZORVU9Iiwia2V5IjoiTXFYSFlOOHBSbUlFZWxTOWg5bWZ0UT09In0=
User-Agent: SmartScreen/281479409565696
Content-Length: 1801
Host: nav.smartscreen.microsoft.com
ResponseHTTP/1.1 200 OK
Content-Type: application/json; charset=utf-8
Content-Length: 1482
Connection: keep-alive
Server: Kestrel
Cache-Control: max-age=0, private
Request-Context: appId=cid-v1:365e21c6-df19-4b1c-a612-b572489ace31
-
Remote address:51.11.108.188:443RequestPOST /api/browser/edge/telemetry HTTP/1.1
Connection: Keep-Alive
Content-Type: application/json
Authorization: SmartScreenHash eyJhdXRoSWQiOiIzODFkZGQxZS1lNjAwLTQyZGUtOTRlZC04YzM0YmY3M2YxNmQiLCJoYXNoIjoiVWhmaTA5UmU1QUU9Iiwia2V5IjoiUE9wUWJLZGxvZUNCRXJLSi8wUkNMZz09In0=
User-Agent: SmartScreen/281479409565696
Content-Length: 2071
Host: nav.smartscreen.microsoft.com
ResponseHTTP/1.1 200 OK
Content-Length: 0
Connection: keep-alive
Server: Kestrel
Cache-Control: max-age=0, private
Request-Context: appId=cid-v1:365e21c6-df19-4b1c-a612-b572489ace31
-
Remote address:51.11.108.188:443RequestPOST /api/browser/edge/navigate/2 HTTP/1.1
Connection: Keep-Alive
Content-Type: application/json
Authorization: SmartScreenHash eyJhdXRoSWQiOiIzODFkZGQxZS1lNjAwLTQyZGUtOTRlZC04YzM0YmY3M2YxNmQiLCJoYXNoIjoidERQTitRUUExRnM9Iiwia2V5IjoiaENpOG45UkhIcFM4aVJFUXk5bUlndz09In0=
User-Agent: SmartScreen/281479409565696
Content-Length: 1756
Host: nav.smartscreen.microsoft.com
ResponseHTTP/1.1 200 OK
Content-Type: application/json; charset=utf-8
Content-Length: 967
Connection: keep-alive
Server: Kestrel
Cache-Control: max-age=0, private
Request-Context: appId=cid-v1:365e21c6-df19-4b1c-a612-b572489ace31
-
Remote address:51.11.108.188:443RequestPOST /api/browser/edge/actions HTTP/1.1
Connection: Keep-Alive
Content-Type: application/json
Authorization: SmartScreenHash eyJhdXRoSWQiOiIzODFkZGQxZS1lNjAwLTQyZGUtOTRlZC04YzM0YmY3M2YxNmQiLCJoYXNoIjoidjRYMk1rSFN4aFk9Iiwia2V5IjoiRGM5eHJEL3B5R0ttSEJiUmlaa0RNUT09In0=
User-Agent: SmartScreen/281479409565696
Content-Length: 1272
Host: nav.smartscreen.microsoft.com
ResponseHTTP/1.1 200 OK
Content-Type: application/json; charset=utf-8
Content-Length: 705
Connection: keep-alive
Server: Kestrel
Cache-Control: max-age=0, private
Request-Context: appId=cid-v1:365e21c6-df19-4b1c-a612-b572489ace31
-
Remote address:51.11.108.188:443RequestPOST /api/browser/edge/navigate/2 HTTP/1.1
Connection: Keep-Alive
Content-Type: application/json
Authorization: SmartScreenHash eyJhdXRoSWQiOiIzODFkZGQxZS1lNjAwLTQyZGUtOTRlZC04YzM0YmY3M2YxNmQiLCJoYXNoIjoiTTM4NWE4SDlJZFU9Iiwia2V5IjoiWmJETEVjYWl3a00yaHM0UUU3TGhrZz09In0=
User-Agent: SmartScreen/281479409565696
Content-Length: 1836
Host: nav.smartscreen.microsoft.com
ResponseHTTP/1.1 200 OK
Content-Type: application/json; charset=utf-8
Content-Length: 757
Connection: keep-alive
Server: Kestrel
Cache-Control: max-age=0, private
Request-Context: appId=cid-v1:365e21c6-df19-4b1c-a612-b572489ace31
-
Remote address:8.8.8.8:53Requestcommunity.cloudflare.steamstatic.comIN AResponsecommunity.cloudflare.steamstatic.comIN A104.18.42.105community.cloudflare.steamstatic.comIN A172.64.145.151
-
Remote address:8.8.8.8:53Request95.221.229.192.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Request188.108.11.51.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Request172.210.232.199.in-addr.arpaIN PTRResponse
-
GEThttps://community.cloudflare.steamstatic.com/public/javascript/prototype-1.7.js?v=.55t44gwuwgvw&_cdn=cloudflaremsedge.exeRemote address:104.18.42.105:443RequestGET /public/javascript/prototype-1.7.js?v=.55t44gwuwgvw&_cdn=cloudflare HTTP/2.0
host: community.cloudflare.steamstatic.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
ResponseHTTP/2.0 200
content-type: text/javascript;charset=UTF-8
content-length: 37365
cache-control: public,max-age=15552000
expires: Thu, 01 May 2025 02:05:03 GMT
etag: ".55t44gwuwgvw"
last-modified: Fri, 05 Jan 2018 01:34:51 GMT
content-encoding: gzip
x-cache: MISS
cf-cache-status: HIT
age: 4019049
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 8f7b171b0ad7ef0b-LHR
-
GEThttps://community.cloudflare.steamstatic.com/public/javascript/scriptaculous/_combined.js?v=OeNIgrpEF8tL&l=english&_cdn=cloudflare&load=effects,controls,slider,dragdropmsedge.exeRemote address:104.18.42.105:443RequestGET /public/javascript/scriptaculous/_combined.js?v=OeNIgrpEF8tL&l=english&_cdn=cloudflare&load=effects,controls,slider,dragdrop HTTP/2.0
host: community.cloudflare.steamstatic.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
ResponseHTTP/2.0 200
content-type: text/javascript;charset=UTF-8
content-length: 1318
cache-control: public,max-age=15552000
expires: Sun, 11 May 2025 05:27:57 GMT
etag: "dfMhuy-Lrpyo"
last-modified: Sun, 09 Sep 2001 01:46:40 GMT
content-encoding: gzip
x-cache: MISS
cf-cache-status: HIT
age: 1762046
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 8f7b171b0ae2ef0b-LHR
-
GEThttps://community.cloudflare.steamstatic.com/public/javascript/global.js?v=ocpubhdPGXdc&l=english&_cdn=cloudflaremsedge.exeRemote address:104.18.42.105:443RequestGET /public/javascript/global.js?v=ocpubhdPGXdc&l=english&_cdn=cloudflare HTTP/2.0
host: community.cloudflare.steamstatic.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
ResponseHTTP/2.0 200
content-type: text/javascript;charset=UTF-8
content-length: 1771
cache-control: public,max-age=15552000
expires: Thu, 01 May 2025 06:09:19 GMT
etag: "tsXdRVB0yEaR"
last-modified: Sun, 09 Sep 2001 01:46:40 GMT
content-encoding: gzip
x-cache: MISS
cf-cache-status: HIT
age: 2509223
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 8f7b171b0ae1ef0b-LHR
-
GEThttps://community.cloudflare.steamstatic.com/public/javascript/jquery-1.11.1.min.js?v=.isFTSRckeNhC&_cdn=cloudflaremsedge.exeRemote address:104.18.42.105:443RequestGET /public/javascript/jquery-1.11.1.min.js?v=.isFTSRckeNhC&_cdn=cloudflare HTTP/2.0
host: community.cloudflare.steamstatic.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
ResponseHTTP/2.0 200
content-type: text/javascript;charset=UTF-8
content-length: 5118
cache-control: public,max-age=15552000
expires: Tue, 18 Feb 2025 23:02:04 GMT
etag: "mqM2FYA-LOuH"
last-modified: Sun, 09 Sep 2001 01:46:40 GMT
content-encoding: gzip
x-cache: MISS
cf-cache-status: HIT
age: 1935887
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 8f7b171b0ae5ef0b-LHR
-
GEThttps://community.cloudflare.steamstatic.com/public/shared/javascript/tooltip.js?v=.9Z1XDV02xrml&_cdn=cloudflaremsedge.exeRemote address:104.18.42.105:443RequestGET /public/shared/javascript/tooltip.js?v=.9Z1XDV02xrml&_cdn=cloudflare HTTP/2.0
host: community.cloudflare.steamstatic.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
ResponseHTTP/2.0 200
content-type: text/javascript;charset=UTF-8
content-length: 28116
cache-control: public,max-age=15552000
expires: Sun, 27 Apr 2025 10:40:37 GMT
etag: "OeNIgrpEF8tL"
last-modified: Sun, 09 Sep 2001 01:46:40 GMT
content-encoding: gzip
x-cache: MISS
cf-cache-status: HIT
age: 2450625
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 8f7b171b0ad8ef0b-LHR
-
GEThttps://community.cloudflare.steamstatic.com/public/shared/javascript/shared_global.js?v=R2JmKYDaxby2&l=english&_cdn=cloudflaremsedge.exeRemote address:104.18.42.105:443RequestGET /public/shared/javascript/shared_global.js?v=R2JmKYDaxby2&l=english&_cdn=cloudflare HTTP/2.0
host: community.cloudflare.steamstatic.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
ResponseHTTP/2.0 200
content-type: text/javascript;charset=UTF-8
content-length: 33169
cache-control: public,max-age=15552000
expires: Mon, 21 Apr 2025 16:43:45 GMT
etag: ".isFTSRckeNhC"
last-modified: Fri, 05 Jan 2018 01:34:51 GMT
content-encoding: gzip
x-cache: MISS
cf-cache-status: HIT
age: 4244409
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 8f7b171b0adbef0b-LHR
-
GEThttps://community.cloudflare.steamstatic.com/public/javascript/economy_trade.js?v=_S8IrXmFV6F8&l=english&_cdn=cloudflaremsedge.exeRemote address:104.18.42.105:443RequestGET /public/javascript/economy_trade.js?v=_S8IrXmFV6F8&l=english&_cdn=cloudflare HTTP/2.0
host: community.cloudflare.steamstatic.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
ResponseHTTP/2.0 200
content-type: text/javascript;charset=UTF-8
content-length: 4661
cache-control: public,max-age=0,must-revalidate
expires: Sun, 09 Sep 2001 01:46:40 GMT
etag: "QYkT4eS5mbTN"
x-integrity: "sha384-9OKBQPmBdENKPUAcLb4ACEhVuLu4340DOclXlsdtZl51Fp1lvqwJQXRNsMAi/B8Q"
last-modified: Mon, 20 Apr 1970 04:26:41 GMT
content-encoding: gzip
x-cache: MISS
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 8f7b171b0adcef0b-LHR
-
GEThttps://community.cloudflare.steamstatic.com/public/javascript/economy_common.js?v=tsXdRVB0yEaR&l=english&_cdn=cloudflaremsedge.exeRemote address:104.18.42.105:443RequestGET /public/javascript/economy_common.js?v=tsXdRVB0yEaR&l=english&_cdn=cloudflare HTTP/2.0
host: community.cloudflare.steamstatic.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
ResponseHTTP/2.0 200
content-type: text/javascript;charset=UTF-8
content-length: 6884
cache-control: public,max-age=0,must-revalidate
expires: Sun, 09 Sep 2001 01:46:40 GMT
etag: "tvQi85mXnRZH"
x-integrity: "sha384-h5ET3w5bE3ax6/CQKE4Hgcmfqs8Yzr8gPatjXv07os915OafK2jCEMUxFbG1xwPl"
last-modified: Mon, 20 Apr 1970 04:26:41 GMT
content-encoding: gzip
x-cache: MISS
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 8f7b171b0ae4ef0b-LHR
-
GEThttps://community.cloudflare.steamstatic.com/public/javascript/modalv2.js?v=dfMhuy-Lrpyo&l=english&_cdn=cloudflaremsedge.exeRemote address:104.18.42.105:443RequestGET /public/javascript/modalv2.js?v=dfMhuy-Lrpyo&l=english&_cdn=cloudflare HTTP/2.0
host: community.cloudflare.steamstatic.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
ResponseHTTP/2.0 200
content-type: text/javascript;charset=UTF-8
content-length: 27070
cache-control: public,max-age=0,must-revalidate
expires: Sun, 09 Sep 2001 01:46:40 GMT
etag: "3W_ge11SZngF"
x-integrity: "sha384-BIPAL4Ay3TjPEFzkdjLnbq8Riq79JL7BAXQLMGpcaoucpzfvHmVfAwJG+TRq8v6C"
last-modified: Mon, 20 Apr 1970 04:26:41 GMT
content-encoding: gzip
x-cache: MISS
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 8f7b171b0ad9ef0b-LHR
-
GEThttps://community.cloudflare.steamstatic.com/public/shared/javascript/shared_responsive_adapter.js?v=TbBMCK37KgCo&l=english&_cdn=cloudflaremsedge.exeRemote address:104.18.42.105:443RequestGET /public/shared/javascript/shared_responsive_adapter.js?v=TbBMCK37KgCo&l=english&_cdn=cloudflare HTTP/2.0
host: community.cloudflare.steamstatic.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
ResponseHTTP/2.0 200
content-type: text/javascript;charset=UTF-8
content-length: 23824
cache-control: public,max-age=0,must-revalidate
expires: Sun, 09 Sep 2001 01:46:40 GMT
etag: "9MsxBNJbXMIv"
x-integrity: "sha384-KIRXW1XfG9wae6/UA33/TD6ruigfiBBXk66ltRhObwwBSUpsbQ4nYN+5VRNngu/Y"
last-modified: Mon, 20 Apr 1970 04:26:41 GMT
content-encoding: gzip
x-cache: MISS
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 8f7b171b0adfef0b-LHR
-
GEThttps://community.cloudflare.steamstatic.com/public/javascript/economy_tradeoffer.js?v=mqM2FYA-LOuH&l=english&_cdn=cloudflaremsedge.exeRemote address:104.18.42.105:443RequestGET /public/javascript/economy_tradeoffer.js?v=mqM2FYA-LOuH&l=english&_cdn=cloudflare HTTP/2.0
host: community.cloudflare.steamstatic.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
ResponseHTTP/2.0 200
content-type: text/javascript;charset=UTF-8
content-length: 42172
cache-control: public,max-age=0,must-revalidate
expires: Sun, 09 Sep 2001 01:46:40 GMT
etag: "0y-Qdz9keFmk"
x-integrity: "sha384-5XNlxusqB6KASGOvu+oC+gl8gq9RwaQsR0tCzDM/zl65nUW888kIEPtZmHGkGFyK"
last-modified: Mon, 20 Apr 1970 04:26:41 GMT
content-encoding: gzip
x-cache: MISS
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 8f7b171b0addef0b-LHR
-
GEThttps://community.cloudflare.steamstatic.com/economy/image/-9a81dlWLwJ2UUGcVs_nsVtzdOEdtWwKGZZLQHTxDZ7I56KU0Zwwo4NUX4oFJZEHLbXH5ApeO4YmlhxYQknCRvCo04DEVlxkKgpopb3wflFf0vL3YyhL4s-Jk5KOkvnLPr7Vn35cppMo3OqWpN-j0VLj_0A6NWGidY_AcVQ7aA3QqVTvw73m08Tp6c7Pz3B9-n51hsB870M/96fx96fmsedge.exeRemote address:104.18.42.105:443RequestGET /economy/image/-9a81dlWLwJ2UUGcVs_nsVtzdOEdtWwKGZZLQHTxDZ7I56KU0Zwwo4NUX4oFJZEHLbXH5ApeO4YmlhxYQknCRvCo04DEVlxkKgpopb3wflFf0vL3YyhL4s-Jk5KOkvnLPr7Vn35cppMo3OqWpN-j0VLj_0A6NWGidY_AcVQ7aA3QqVTvw73m08Tp6c7Pz3B9-n51hsB870M/96fx96f HTTP/2.0
host: community.cloudflare.steamstatic.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
-
Remote address:142.250.179.110:80RequestGET /analytics.js HTTP/1.1
Host: www.google-analytics.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: */*
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Cross-Origin-Resource-Policy: cross-origin
Content-Security-Policy-Report-Only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to=coop_reporting
Report-To: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
Server: Golfe2
Content-Length: 20994
Date: Wed, 25 Dec 2024 17:10:09 GMT
Expires: Wed, 25 Dec 2024 19:10:09 GMT
Cache-Control: public, max-age=7200
Age: 6787
Last-Modified: Tue, 12 Dec 2023 18:09:08 GMT
Content-Type: text/javascript
Vary: Accept-Encoding
-
Remote address:8.8.8.8:53Requestdata-edge.smartscreen.microsoft.comIN AResponsedata-edge.smartscreen.microsoft.comIN CNAMEprod-atm-wds-edge.trafficmanager.netprod-atm-wds-edge.trafficmanager.netIN CNAMEprod-agic-uw-1.ukwest.cloudapp.azure.comprod-agic-uw-1.ukwest.cloudapp.azure.comIN A51.140.242.104
-
Remote address:51.140.242.104:443RequestPOST /api/browser/edge/data/settings HTTP/1.1
Connection: Keep-Alive
Content-Type: application/json; charset=utf-8
Accept: application/x-patch-bsdiff, application/octet-stream
Authorization: SmartScreenHash eyJhdXRoSWQiOiIzODFkZGQxZS1lNjAwLTQyZGUtOTRlZC04YzM0YmY3M2YxNmQiLCJoYXNoIjoiRzV5RTdYM2RRdUE9Iiwia2V5IjoidDIwRXkyV2VXTGt6S25oNERkWjhYQT09In0=
If-None-Match: "2.0-0"
User-Agent: SmartScreen/281479409565696
Content-Length: 1321
Host: data-edge.smartscreen.microsoft.com
ResponseHTTP/1.1 200 OK
Content-Type: application/octet-stream
Content-Length: 129085
Connection: keep-alive
Server: Kestrel
ETag: "2.0-2f9188b68640dbf72295f9083a21d674a314721ef06f82db281cbcb052ff8ec1"
Request-Context: appId=cid-v1:365e21c6-df19-4b1c-a612-b572489ace31
-
Remote address:51.140.242.104:443RequestPOST /api/browser/edge/data/settings HTTP/1.1
Connection: Keep-Alive
Content-Type: application/json; charset=utf-8
Accept: application/x-patch-bsdiff, application/octet-stream
Authorization: SmartScreenHash eyJhdXRoSWQiOiIzODFkZGQxZS1lNjAwLTQyZGUtOTRlZC04YzM0YmY3M2YxNmQiLCJoYXNoIjoidjRYMk1rSFN4aFk9Iiwia2V5IjoiRGM5eHJEL3B5R0ttSEJiUmlaa0RNUT09In0=
If-None-Match: "2.0-2f9188b68640dbf72295f9083a21d674a314721ef06f82db281cbcb052ff8ec1"
User-Agent: SmartScreen/281479409565696
Content-Length: 1272
Host: data-edge.smartscreen.microsoft.com
ResponseHTTP/1.1 200 OK
Content-Type: application/octet-stream
Content-Length: 129085
Connection: keep-alive
Server: Kestrel
ETag: "2.0-2f9188b68640dbf72295f9083a21d674a314721ef06f82db281cbcb052ff8ec1"
Request-Context: appId=cid-v1:365e21c6-df19-4b1c-a612-b572489ace31
-
GEThttps://data-edge.smartscreen.microsoft.com/windows/browser/edge/data/bloomfilter/x?pushCert=false&os=10.0.19044.4529.vb_releasemsedge.exeRemote address:51.140.242.104:443RequestGET /windows/browser/edge/data/bloomfilter/x?pushCert=false&os=10.0.19044.4529.vb_release HTTP/1.1
Connection: Keep-Alive
Accept: application/x-patch-bsdiff, application/octet-stream
Authorization: SmartScreenPlain eyJhdXRoSWQiOiIzODFkZGQxZS1lNjAwLTQyZGUtOTRlZC04YzM0YmY3M2YxNmQifQ==
If-None-Match: "638343870221005468"
User-Agent: SmartScreen/281479409565696
Host: data-edge.smartscreen.microsoft.com
ResponseHTTP/1.1 304 Not Modified
Content-Length: 0
Connection: keep-alive
Server: Kestrel
Cache-Control: max-age=86400
Request-Context: appId=cid-v1:365e21c6-df19-4b1c-a612-b572489ace31
-
GEThttps://data-edge.smartscreen.microsoft.com/windows/browser/edge/data/toptraffic?pushCert=false&os=10.0.19044.4529.vb_releasemsedge.exeRemote address:51.140.242.104:443RequestGET /windows/browser/edge/data/toptraffic?pushCert=false&os=10.0.19044.4529.vb_release HTTP/1.1
Connection: Keep-Alive
Accept: application/x-patch-bsdiff, application/octet-stream
Authorization: SmartScreenPlain eyJhdXRoSWQiOiIzODFkZGQxZS1lNjAwLTQyZGUtOTRlZC04YzM0YmY3M2YxNmQifQ==
If-None-Match: "170540185939602997400506234197983529371"
User-Agent: SmartScreen/281479409565696
Host: data-edge.smartscreen.microsoft.com
ResponseHTTP/1.1 200 OK
Content-Type: application/octet-stream
Content-Length: 460992
Connection: keep-alive
Server: Kestrel
Cache-Control: max-age=86400
ETag: "638004170464094982"
Request-Context: appId=cid-v1:365e21c6-df19-4b1c-a612-b572489ace31
X-OI-Signature: v=1; a=sha384RSA; ha=SHA384; bh=7csvs6wrK3NA5rU73eamx5vAWfaIbGGGGrCaQymgYIKtYElVZVn8FMwEOPvCPHsR; b=iLJvug2xVRHV/zRkTuEyY8Zm5DV1r2rcoFmtOqM4Th8e1UGMuxxCMsEl3V0m2DZ1ibIhJJXHkKq6VicNjkeGtE2XNLuXUg4Nt1+9AjYEtAzZZmF4g52u81VFXkPXAYwDAkuaWGEU1H35w7fv6AlvtPAdSa2GidI4us0RI8m8w0emxetz7h12azENRS2EkL1SmLqM1QA6gpadyCfwnzLR9jRyPC4iCtc4/Pk8DdunPJ80tS/A9XRjUXiBanugKBbt7rxXgPMKd/53Lx1dNJWhhRZdrIb1nui9Uz0C6J98qUNgxElxK1ih7UYNKU4qSWoO4vL6jWtpd+QWlKRX3g2gvQ==; fp=37DBD367E84BB5891D0C8F421BAE3393C75DF49C; h=CACHE-CONTROL:ETAG;
X-OI-Cert: MIIIsgYJKoZIhvcNAQcCoIIIozCCCJ8CAQExADAPBgkqhkiG9w0BBwGgAgQAoIIIgzCCCH8wggZnoAMCAQICEzMAZA/bZ2MnRmHFGGYAAABkD9swDQYJKoZIhvcNAQEMBQAwXTELMAkGA1UEBhMCVVMxHjAcBgNVBAoTFU1pY3Jvc29mdCBDb3Jwb3JhdGlvbjEuMCwGA1UEAxMlTWljcm9zb2Z0IEF6dXJlIFJTQSBUTFMgSXNzdWluZyBDQSAwMzAeFw0yNDA2MTgwNjM2MDZaFw0yNTA2MTMwNjM2MDZaMHMxCzAJBgNVBAYTAlVTMQswCQYDVQQIEwJXQTEQMA4GA1UEBxMHUmVkbW9uZDEeMBwGA1UEChMVTWljcm9zb2Z0IENvcnBvcmF0aW9uMSUwIwYDVQQDExxjb250ZW50LnNtYXJ0c2NyZWVuLm1zZnQubmV0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzzSkQH8K/WmXFFOfz8yP+NDIscpRldMgdHZ/Kc816gbCpEP+JEDiY4fA5GNEIbjnvfJxC6LS2f9f0q2Vv3v71yMOrA5w+sy4xgZROMqneRk4OOdRpkAS7/3Fg4HC0vx9ShdXcPpReU/FjIW0qpT6wydh41qsQXlitOZCmEFUrwaZWVpMFiZ1NElT6U6wH0ZH9atQMkkpoTb9Y9bROgctEnT8Iq9Isfe36cpLL5CVekqtCQ4EkiCyZnnKTEZZ8Frx0/Sa+UAivfNwojP0hVjIuTXffBgp04oENcLI8TIWSrqy6dGs0NKKqfYjX3aC9wG4f5KuYVAHgvNqtPOyvnYIrQIDAQABo4IEIDCCBBwwggGABgorBgEEAdZ5AgQCBIIBcASCAWwBagB2AE51oydcmhDDOFts1N8/Uusd8OCOG41pwLH6ZLFimjnfAAABkCoYiY8AAAQDAEcwRQIgAdMMTb63gVYnA93mpW7SmMwqAZWx96ueTYwL6TehoBECIQDgkkNU+beS5FjNaivae5pgzvpfrYx0JJqV8rWCEXesOAB3AH1ZHhLheCp7HGFnfF79+NCHXBSgTpWeuQMv2Q6MLnm4AAABkCoYjA0AAAQDAEgwRgIhALuO/1PINtm1k6b1daoCuuaestz02CkQKf6HQ9v6a3UsAiEA2i/FtCybsSHYT5L6/qRDeoGDOgZUdwCjapONqMODHhMAdwDgkrP8DB3I52g2H95huZZNClJ4GYpy1nLEsE2lbW9UBAAAAZAqGIoQAAAEAwBIMEYCIQDxvx82pdAiRUD2+wC7nQfGjs3X1Q1Vfo12nl9h9jR9QwIhAIuN6A84evReztCG1eEZmf4BDesaQDgjPt0Dx2GVga2iMCcGCSsGAQQBgjcVCgQaMBgwCgYIKwYBBQUHAwIwCgYIKwYBBQUHAwEwPAYJKwYBBAGCNxUHBC8wLQYlKwYBBAGCNxUIh73XG4Hn60aCgZ0ujtAMh/DaHV2ChOVpgvOnPgIBZAIBJjCBtAYIKwYBBQUHAQEEgacwgaQwcwYIKwYBBQUHMAKGZ2h0dHA6Ly93d3cubWljcm9zb2Z0LmNvbS9wa2lvcHMvY2VydHMvTWljcm9zb2Z0JTIwQXp1cmUlMjBSU0ElMjBUTFMlMjBJc3N1aW5nJTIwQ0ElMjAwMyUyMC0lMjB4c2lnbi5jcnQwLQYIKwYBBQUHMAGGIWh0dHA6Ly9vbmVvY3NwLm1pY3Jvc29mdC5jb20vb2NzcDAdBgNVHQ4EFgQUmS0vRaxdPTaVZEkUoU59i8aa+iIwDgYDVR0PAQH/BAQDAgWgMCcGA1UdEQQgMB6CHGNvbnRlbnQuc21hcnRzY3JlZW4ubXNmdC5uZXQwDAYDVR0TAQH/BAIwADBqBgNVHR8EYzBhMF+gXaBbhllodHRwOi8vd3d3Lm1pY3Jvc29mdC5jb20vcGtpb3BzL2NybC9NaWNyb3NvZnQlMjBBenVyZSUyMFJTQSUyMFRMUyUyMElzc3VpbmclMjBDQSUyMDAzLmNybDBmBgNVHSAEXzBdMFEGDCsGAQQBgjdMg30BATBBMD8GCCsGAQUFBwIBFjNodHRwOi8vd3d3Lm1pY3Jvc29mdC5jb20vcGtpb3BzL0RvY3MvUmVwb3NpdG9yeS5odG0wCAYGZ4EMAQICMB8GA1UdIwQYMBaAFP4JcUBVBRBE2KSBdbieGulKBojIMB0GA1UdJQQWMBQGCCsGAQUFBwMCBggrBgEFBQcDATANBgkqhkiG9w0BAQwFAAOCAgEAe1QltG1CI1df9IjK1nJmDNk2IFLlAW9EAV78FbEhTeVYqvAiIlJAZL8lV69JbhjFOqrf4kI8K56Uy16JKHBh3ZVK9Sm2IjOYetFaWXEgr1CH0PRs9iSa93kqsCUwgFL8eOgQ2/4nlWyNzvJbWchTs52KcBHkR6QentlCaEYALNYI0E2uBPj9/5C0djhVZVaOngEM5Wv6XPdh6d3Oy0iwReCKoNVHHr1eT5dWC7R84uftsGYAgWiTMzAGX2gihswe10uDjS0F0KSHPUtaHo3iT68fgESlBSrdKNbutOl94eP2uhRxRr3aB+Sn5jUM/miiRPKBE+rDOHF/g1YQEXzmgm4G0EyItS9MJZ4mrwRaV4vpdcjZuQz3ymmMN6swnRTsXrOuOlP9QU/WhGVimpclYVPusGGi3Z65kSq55yOVyV15m3G+v2bBh+lM6jMLuCcnQeuFGI36+t1NFAvTS/AU6dfY7X93Xqc7yCBBgqliB5nefi30aW8AHA2dVKdti7v9w1S6SdPHEk/IbT2WUS8cVaS9gNtZNjQuL/FjrogLrr3BeXZpsBYZCxCa1f0ksMOboOmngZ3YMn9n57J19dZq7oqUkV5uoiv++qxOM3etzptUD9cEhMjLet0DWAof34ieFziSnUOKhoIZNwfSDnhAiGRl3ytKrZJMc8DYtZvak94xAA==
-
GEThttps://data-edge.smartscreen.microsoft.com/windows/browser/edge/data/bloomfilter/x?pushCert=false&os=10.0.19044.4529.vb_releasemsedge.exeRemote address:51.140.242.104:443RequestGET /windows/browser/edge/data/bloomfilter/x?pushCert=false&os=10.0.19044.4529.vb_release HTTP/1.1
Connection: Keep-Alive
Accept: application/x-patch-bsdiff, application/octet-stream
Authorization: SmartScreenPlain eyJhdXRoSWQiOiIzODFkZGQxZS1lNjAwLTQyZGUtOTRlZC04YzM0YmY3M2YxNmQifQ==
If-None-Match: "636976985063396749.rel.v2"
User-Agent: SmartScreen/281479409565696
Host: data-edge.smartscreen.microsoft.com
ResponseHTTP/1.1 200 OK
Content-Type: application/octet-stream
Content-Length: 57
Connection: keep-alive
Server: Kestrel
Cache-Control: max-age=86400
ETag: "638343870221005468"
Request-Context: appId=cid-v1:365e21c6-df19-4b1c-a612-b572489ace31
X-OI-Signature: v=1; a=sha384RSA; ha=SHA384; bh=j4KrExT8d8Sta+9XdhCezD7hBBI07nd+3ZBLADaghRr4d/09v4f5U/qTjaOMrTCA; b=lsxejbsmixGwcuFeAOZKmpd1SHTEllQasQG2+/CD0NsAyZxEvj92iSXg4oIFBkMR6T5zGsr6fweTH5vZVeI6ucDD38nLM9KMrq5eRa9TryJWqO+IbvAljMHNXvAljPK2LeRsDTWYDgopZyWBvWkXXjA1SYiG1lcZjqGoeYE3RGB1av+gzIm0UtuS6l4lOPKBfqrbhng5p43VJZlfWnRtpUA6WIQlA77TnCYXYS+4qby6/glkxz/n6Kqj2AdZiBom/dT2adpHR7dqyW17hHIDaB6CYkxr/l3tputKOQWMABAZujw6r0VSf1RPj+lK+udHaMb0ncnK76ykfpMb9T1YBA==; fp=37DBD367E84BB5891D0C8F421BAE3393C75DF49C; h=CACHE-CONTROL:ETAG;
X-OI-Cert: MIIIsgYJKoZIhvcNAQcCoIIIozCCCJ8CAQExADAPBgkqhkiG9w0BBwGgAgQAoIIIgzCCCH8wggZnoAMCAQICEzMAZA/bZ2MnRmHFGGYAAABkD9swDQYJKoZIhvcNAQEMBQAwXTELMAkGA1UEBhMCVVMxHjAcBgNVBAoTFU1pY3Jvc29mdCBDb3Jwb3JhdGlvbjEuMCwGA1UEAxMlTWljcm9zb2Z0IEF6dXJlIFJTQSBUTFMgSXNzdWluZyBDQSAwMzAeFw0yNDA2MTgwNjM2MDZaFw0yNTA2MTMwNjM2MDZaMHMxCzAJBgNVBAYTAlVTMQswCQYDVQQIEwJXQTEQMA4GA1UEBxMHUmVkbW9uZDEeMBwGA1UEChMVTWljcm9zb2Z0IENvcnBvcmF0aW9uMSUwIwYDVQQDExxjb250ZW50LnNtYXJ0c2NyZWVuLm1zZnQubmV0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzzSkQH8K/WmXFFOfz8yP+NDIscpRldMgdHZ/Kc816gbCpEP+JEDiY4fA5GNEIbjnvfJxC6LS2f9f0q2Vv3v71yMOrA5w+sy4xgZROMqneRk4OOdRpkAS7/3Fg4HC0vx9ShdXcPpReU/FjIW0qpT6wydh41qsQXlitOZCmEFUrwaZWVpMFiZ1NElT6U6wH0ZH9atQMkkpoTb9Y9bROgctEnT8Iq9Isfe36cpLL5CVekqtCQ4EkiCyZnnKTEZZ8Frx0/Sa+UAivfNwojP0hVjIuTXffBgp04oENcLI8TIWSrqy6dGs0NKKqfYjX3aC9wG4f5KuYVAHgvNqtPOyvnYIrQIDAQABo4IEIDCCBBwwggGABgorBgEEAdZ5AgQCBIIBcASCAWwBagB2AE51oydcmhDDOFts1N8/Uusd8OCOG41pwLH6ZLFimjnfAAABkCoYiY8AAAQDAEcwRQIgAdMMTb63gVYnA93mpW7SmMwqAZWx96ueTYwL6TehoBECIQDgkkNU+beS5FjNaivae5pgzvpfrYx0JJqV8rWCEXesOAB3AH1ZHhLheCp7HGFnfF79+NCHXBSgTpWeuQMv2Q6MLnm4AAABkCoYjA0AAAQDAEgwRgIhALuO/1PINtm1k6b1daoCuuaestz02CkQKf6HQ9v6a3UsAiEA2i/FtCybsSHYT5L6/qRDeoGDOgZUdwCjapONqMODHhMAdwDgkrP8DB3I52g2H95huZZNClJ4GYpy1nLEsE2lbW9UBAAAAZAqGIoQAAAEAwBIMEYCIQDxvx82pdAiRUD2+wC7nQfGjs3X1Q1Vfo12nl9h9jR9QwIhAIuN6A84evReztCG1eEZmf4BDesaQDgjPt0Dx2GVga2iMCcGCSsGAQQBgjcVCgQaMBgwCgYIKwYBBQUHAwIwCgYIKwYBBQUHAwEwPAYJKwYBBAGCNxUHBC8wLQYlKwYBBAGCNxUIh73XG4Hn60aCgZ0ujtAMh/DaHV2ChOVpgvOnPgIBZAIBJjCBtAYIKwYBBQUHAQEEgacwgaQwcwYIKwYBBQUHMAKGZ2h0dHA6Ly93d3cubWljcm9zb2Z0LmNvbS9wa2lvcHMvY2VydHMvTWljcm9zb2Z0JTIwQXp1cmUlMjBSU0ElMjBUTFMlMjBJc3N1aW5nJTIwQ0ElMjAwMyUyMC0lMjB4c2lnbi5jcnQwLQYIKwYBBQUHMAGGIWh0dHA6Ly9vbmVvY3NwLm1pY3Jvc29mdC5jb20vb2NzcDAdBgNVHQ4EFgQUmS0vRaxdPTaVZEkUoU59i8aa+iIwDgYDVR0PAQH/BAQDAgWgMCcGA1UdEQQgMB6CHGNvbnRlbnQuc21hcnRzY3JlZW4ubXNmdC5uZXQwDAYDVR0TAQH/BAIwADBqBgNVHR8EYzBhMF+gXaBbhllodHRwOi8vd3d3Lm1pY3Jvc29mdC5jb20vcGtpb3BzL2NybC9NaWNyb3NvZnQlMjBBenVyZSUyMFJTQSUyMFRMUyUyMElzc3VpbmclMjBDQSUyMDAzLmNybDBmBgNVHSAEXzBdMFEGDCsGAQQBgjdMg30BATBBMD8GCCsGAQUFBwIBFjNodHRwOi8vd3d3Lm1pY3Jvc29mdC5jb20vcGtpb3BzL0RvY3MvUmVwb3NpdG9yeS5odG0wCAYGZ4EMAQICMB8GA1UdIwQYMBaAFP4JcUBVBRBE2KSBdbieGulKBojIMB0GA1UdJQQWMBQGCCsGAQUFBwMCBggrBgEFBQcDATANBgkqhkiG9w0BAQwFAAOCAgEAe1QltG1CI1df9IjK1nJmDNk2IFLlAW9EAV78FbEhTeVYqvAiIlJAZL8lV69JbhjFOqrf4kI8K56Uy16JKHBh3ZVK9Sm2IjOYetFaWXEgr1CH0PRs9iSa93kqsCUwgFL8eOgQ2/4nlWyNzvJbWchTs52KcBHkR6QentlCaEYALNYI0E2uBPj9/5C0djhVZVaOngEM5Wv6XPdh6d3Oy0iwReCKoNVHHr1eT5dWC7R84uftsGYAgWiTMzAGX2gihswe10uDjS0F0KSHPUtaHo3iT68fgESlBSrdKNbutOl94eP2uhRxRr3aB+Sn5jUM/miiRPKBE+rDOHF/g1YQEXzmgm4G0EyItS9MJZ4mrwRaV4vpdcjZuQz3ymmMN6swnRTsXrOuOlP9QU/WhGVimpclYVPusGGi3Z65kSq55yOVyV15m3G+v2bBh+lM6jMLuCcnQeuFGI36+t1NFAvTS/AU6dfY7X93Xqc7yCBBgqliB5nefi30aW8AHA2dVKdti7v9w1S6SdPHEk/IbT2WUS8cVaS9gNtZNjQuL/FjrogLrr3BeXZpsBYZCxCa1f0ksMOboOmngZ3YMn9n57J19dZq7oqUkV5uoiv++qxOM3etzptUD9cEhMjLet0DWAof34ieFziSnUOKhoIZNwfSDnhAiGRl3ytKrZJMc8DYtZvak94xAA==
-
GEThttps://data-edge.smartscreen.microsoft.com/windows/browser/edge/data/toptraffic?pushCert=false&os=10.0.19044.4529.vb_releasemsedge.exeRemote address:51.140.242.104:443RequestGET /windows/browser/edge/data/toptraffic?pushCert=false&os=10.0.19044.4529.vb_release HTTP/1.1
Connection: Keep-Alive
Accept: application/x-patch-bsdiff, application/octet-stream
Authorization: SmartScreenPlain eyJhdXRoSWQiOiIzODFkZGQxZS1lNjAwLTQyZGUtOTRlZC04YzM0YmY3M2YxNmQifQ==
If-None-Match: "638004170464094982"
User-Agent: SmartScreen/281479409565696
Host: data-edge.smartscreen.microsoft.com
ResponseHTTP/1.1 304 Not Modified
Content-Length: 0
Connection: keep-alive
Server: Kestrel
Cache-Control: max-age=86400
Request-Context: appId=cid-v1:365e21c6-df19-4b1c-a612-b572489ace31
-
Remote address:8.8.8.8:53Request105.42.18.104.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Request110.179.250.142.in-addr.arpaIN PTRResponse110.179.250.142.in-addr.arpaIN PTRpar21s20-in-f141e100net
-
Remote address:8.8.8.8:53Request104.242.140.51.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Request203.197.79.204.in-addr.arpaIN PTRResponse203.197.79.204.in-addr.arpaIN PTRa-0003a-msedgenet
-
Remote address:8.8.8.8:53Request58.55.71.13.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Requeststeamcommunity.comIN AResponsesteamcommunity.comIN A23.214.143.155
-
Remote address:23.214.143.155:443RequestGET /favicon.ico HTTP/1.1
Host: steamcommunity.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Content-Type: image/x-icon
Cache-Control: public,max-age=86400
Expires: Sun, 24 Nov 2024 04:08:32 GMT
Last-Modified: Fri, 22 Nov 2024 18:31:38 GMT
Content-Length: 38554
Date: Wed, 25 Dec 2024 19:03:25 GMT
Connection: keep-alive
-
Remote address:23.214.143.155:443RequestGET /favicon.ico HTTP/1.1
Host: steamcommunity.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Content-Type: image/x-icon
Cache-Control: public,max-age=86400
Expires: Sun, 24 Nov 2024 04:08:32 GMT
Last-Modified: Fri, 22 Nov 2024 18:31:38 GMT
Content-Length: 38554
Date: Wed, 25 Dec 2024 19:03:41 GMT
Connection: keep-alive
-
Remote address:8.8.8.8:53Request155.143.214.23.in-addr.arpaIN PTRResponse155.143.214.23.in-addr.arpaIN PTRa23-214-143-155deploystaticakamaitechnologiescom
-
Remote address:8.8.8.8:53Requestfeedback.smartscreen.microsoft.comIN AResponsefeedback.smartscreen.microsoft.comIN CNAMEfeedbacksite-prod.trafficmanager.netfeedbacksite-prod.trafficmanager.netIN CNAMEfb.smartscreen.microsoft.comfb.smartscreen.microsoft.comIN CNAMEwdsi-filesubmission.trafficmanager.netwdsi-filesubmission.trafficmanager.netIN CNAMEsecurityintelligencecenter-westus.azurewebsites.netsecurityintelligencecenter-westus.azurewebsites.netIN CNAMEwaws-prod-bay-061.vip.azurewebsites.windows.netwaws-prod-bay-061.vip.azurewebsites.windows.netIN CNAMEwaws-prod-bay-061.westus.cloudapp.azure.comwaws-prod-bay-061.westus.cloudapp.azure.comIN A40.118.255.59
-
Remote address:40.118.255.59:443RequestPOST /feedback.aspx HTTP/1.1
Host: feedback.smartscreen.microsoft.com
Connection: keep-alive
Content-Length: 490
Cache-Control: max-age=0
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
DNT: 1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Origin: null
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
Date: Wed, 25 Dec 2024 19:03:36 GMT
Cache-Control: private
Content-Encoding: gzip
Set-Cookie: ARRAffinity=28266f4629777913c365665d6cc1c67e368d161b0caa20d9651df831f4b3f244;Path=/;HttpOnly;Secure;Domain=feedback.smartscreen.microsoft.com
Set-Cookie: ARRAffinitySameSite=28266f4629777913c365665d6cc1c67e368d161b0caa20d9651df831f4b3f244;Path=/;HttpOnly;SameSite=None;Secure;Domain=feedback.smartscreen.microsoft.com
Vary: Accept-Encoding
Request-Context: appId=cid-v1:5f4e9a6c-0f63-4df4-b5bf-5df7206a5c64
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
-
Remote address:40.118.255.59:443RequestGET /Content/mslogo.png HTTP/1.1
Host: feedback.smartscreen.microsoft.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://feedback.smartscreen.microsoft.com/feedback.aspx
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: ARRAffinity=28266f4629777913c365665d6cc1c67e368d161b0caa20d9651df831f4b3f244; ARRAffinitySameSite=28266f4629777913c365665d6cc1c67e368d161b0caa20d9651df831f4b3f244
ResponseHTTP/1.1 200 OK
Content-Type: image/png
Date: Wed, 25 Dec 2024 19:03:37 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
ETag: "0beca4c2325db1:0"
Last-Modified: Wed, 23 Oct 2024 08:12:28 GMT
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
-
GEThttps://feedback.smartscreen.microsoft.com/en-us/wdsi/api/hipchallenge/visual/fb/849968391fc040e6bd55fe027d120bc7msedge.exeRemote address:40.118.255.59:443RequestGET /en-us/wdsi/api/hipchallenge/visual/fb/849968391fc040e6bd55fe027d120bc7 HTTP/1.1
Host: feedback.smartscreen.microsoft.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
Accept: */*
DNT: 1
X-Requested-With: XMLHttpRequest
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://feedback.smartscreen.microsoft.com/feedback.aspx
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: ARRAffinity=28266f4629777913c365665d6cc1c67e368d161b0caa20d9651df831f4b3f244; ARRAffinitySameSite=28266f4629777913c365665d6cc1c67e368d161b0caa20d9651df831f4b3f244
-
Remote address:8.8.8.8:53Request59.255.118.40.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Requestwww.microsoft.comIN AResponsewww.microsoft.comIN CNAMEwww.microsoft.com-c-3.edgekey.netwww.microsoft.com-c-3.edgekey.netIN CNAMEwww.microsoft.com-c-3.edgekey.net.globalredir.akadns.netwww.microsoft.com-c-3.edgekey.net.globalredir.akadns.netIN CNAMEe13678.dscb.akamaiedge.nete13678.dscb.akamaiedge.netIN A2.18.109.131
-
Remote address:8.8.8.8:53Requestwcpstatic.microsoft.comIN AResponsewcpstatic.microsoft.comIN CNAMEconsentdeliveryfd.azurefd.netconsentdeliveryfd.azurefd.netIN CNAMEfirstparty-azurefd-prod.trafficmanager.netfirstparty-azurefd-prod.trafficmanager.netIN CNAMEshed.dual-low.s-part-0036.t-0009.t-msedge.netshed.dual-low.s-part-0036.t-0009.t-msedge.netIN CNAMEs-part-0036.t-0009.t-msedge.nets-part-0036.t-0009.t-msedge.netIN A13.107.246.64
-
Remote address:8.8.8.8:53Requestsecurityintelligencecenter-westus.azurewebsites.netIN AResponsesecurityintelligencecenter-westus.azurewebsites.netIN CNAMEwaws-prod-bay-061.vip.azurewebsites.windows.netwaws-prod-bay-061.vip.azurewebsites.windows.netIN CNAMEwaws-prod-bay-061.westus.cloudapp.azure.comwaws-prod-bay-061.westus.cloudapp.azure.comIN A40.118.255.59
-
Remote address:8.8.8.8:53Requestassets.onestore.msIN AResponseassets.onestore.msIN CNAMEassets.onestore.ms.akadns.netassets.onestore.ms.akadns.netIN CNAMEassets.onestore.ms.edgekey.netassets.onestore.ms.edgekey.netIN CNAMEe10583.dspg.akamaiedge.nete10583.dspg.akamaiedge.netIN A23.214.139.72
-
Remote address:8.8.8.8:53Requestmem.gfx.msIN AResponsemem.gfx.msIN CNAMEamcdnmsftuswe.azureedge.netamcdnmsftuswe.azureedge.netIN CNAMEamcdnmsftuswe.afd.azureedge.netamcdnmsftuswe.afd.azureedge.netIN CNAMEfirstparty-azurefd-prod.trafficmanager.netfirstparty-azurefd-prod.trafficmanager.netIN CNAMEshed.dual-low.s-part-0036.t-0009.t-msedge.netshed.dual-low.s-part-0036.t-0009.t-msedge.netIN CNAMEs-part-0036.t-0009.t-msedge.nets-part-0036.t-0009.t-msedge.netIN A13.107.246.64
-
GEThttps://www.microsoft.com/onerfstatics/marketingsites-wcus-prod/west-european/shell/_scrf/css/themes=default.device=uplevel_web_pc/1b-9d8ed9/c9-be0100/a6-e969ef/43-9f2e7c/82-8b5456/a0-5d3913/52-918540/ca-ae3ce4?ver=2.0&_cf=02242021_3231msedge.exeRemote address:2.18.109.131:443RequestGET /onerfstatics/marketingsites-wcus-prod/west-european/shell/_scrf/css/themes=default.device=uplevel_web_pc/1b-9d8ed9/c9-be0100/a6-e969ef/43-9f2e7c/82-8b5456/a0-5d3913/52-918540/ca-ae3ce4?ver=2.0&_cf=02242021_3231 HTTP/2.0
host: www.microsoft.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/css,*/*;q=0.1
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: style
referer: https://feedback.smartscreen.microsoft.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
ResponseHTTP/2.0 200
last-modified: Thu, 05 Dec 2024 22:38:25 GMT
x-activity-id: 93e35be8-003d-44b8-bc14-7fc6b42e8f4b
x-appversion: 1.0.9090.33347
x-az: {did:92e7dc58ca2143cfb2c818b047cc5cd1, rid: OneDeployContainer, sn: marketingsites-prod-odeastasia, dt: 2018-05-03T20:14:23.4188992Z, bt: 2024-11-21T02:31:34.0000000Z}
ms-operation-id: 2ff7389bbf4fb32afb4aca7f9e4dbca6
p3p: CP="CAO CONi OTR OUR DEM ONL"
x-content-type-options: nosniff
x-s1: 2024-12-05T22:38:25
x-s2: 2024-12-05T22:38:25
timing-allow-origin: *
access-control-allow-origin: *
access-control-allow-methods: HEAD,GET,POST,PATCH,PUT,OPTIONS
x-xss-protection: 1; mode=block
x-azure-ref: 20241205T231005Z-er1bd968f9c5khfkhC1LONfqe40000000ke000000000hxbq
accept-ranges: bytes
content-encoding: gzip
content-length: 22805
cache-control: public, max-age=29820888
expires: Fri, 05 Dec 2025 22:38:24 GMT
date: Wed, 25 Dec 2024 19:03:36 GMT
vary: Accept-Encoding
tls_version: tls1.3
strict-transport-security: max-age=31536000
ms-cv: CASMicrosoftCV24f8151f.0
ms-cv-esi: CASMicrosoftCV24f8151f.0
x-rtag: RT
-
GEThttps://www.microsoft.com/onerfstatics/marketingsites-wcus-prod/shell/_scrf/js/themes=default/54-af9f9f/d4-fb1f57/e1-a50eee/e7-954872/d8-97d509/f0-251fe2/46-be1318/77-04a268/11-240c7b/63-077520/a4-34de62/f9-a5b2ce/db-bc0148/dc-7e9864/6d-c07ea1/6f-dafe8c/f6-aa5278/73-a24d00/6d-1e7ed0/b7-cadaa7/c4-898cf2/ca-40b7b0/4e-ee3a55/3e-f5c39b/c3-6454d7/f9-7592d3/d0-e64f3e/92-10345d/79-499886/7e-cda2d3/58-ab4971/74-d51c79/e0-3c9860/de-884374/1f-100dea/33-abe4df/2b-8e0ae6?ver=2.0&_cf=02242021_3231&iife=1msedge.exeRemote address:2.18.109.131:443RequestGET /onerfstatics/marketingsites-wcus-prod/shell/_scrf/js/themes=default/54-af9f9f/d4-fb1f57/e1-a50eee/e7-954872/d8-97d509/f0-251fe2/46-be1318/77-04a268/11-240c7b/63-077520/a4-34de62/f9-a5b2ce/db-bc0148/dc-7e9864/6d-c07ea1/6f-dafe8c/f6-aa5278/73-a24d00/6d-1e7ed0/b7-cadaa7/c4-898cf2/ca-40b7b0/4e-ee3a55/3e-f5c39b/c3-6454d7/f9-7592d3/d0-e64f3e/92-10345d/79-499886/7e-cda2d3/58-ab4971/74-d51c79/e0-3c9860/de-884374/1f-100dea/33-abe4df/2b-8e0ae6?ver=2.0&_cf=02242021_3231&iife=1 HTTP/2.0
host: www.microsoft.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://feedback.smartscreen.microsoft.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
ResponseHTTP/2.0 200
last-modified: Thu, 05 Dec 2024 23:05:23 GMT
x-activity-id: 19364177-50ea-489a-98f0-439584da3e61
x-appversion: 1.0.9090.33347
x-az: {did:92e7dc58ca2143cfb2c818b047cc5cd1, rid: OneDeployContainer, sn: marketingsites-prod-odeastasia, dt: 2018-05-03T20:14:23.4188992Z, bt: 2024-11-21T02:31:34.0000000Z}
ms-operation-id: 37c4515edf10c461aac4068a530932af
p3p: CP="CAO CONi OTR OUR DEM ONL"
x-content-type-options: nosniff
x-s1: 2024-12-05T23:05:23
x-s2: 2024-12-05T23:05:23
timing-allow-origin: *
access-control-allow-origin: *
access-control-allow-methods: HEAD,GET,POST,PATCH,PUT,OPTIONS
x-xss-protection: 1; mode=block
x-azure-ref: 20241205T231005Z-er1bd968f9cbwl86hC1LON26m800000002x000000000vg0v
accept-ranges: bytes
content-encoding: gzip
content-length: 36170
cache-control: public, max-age=29822530
expires: Fri, 05 Dec 2025 23:05:46 GMT
date: Wed, 25 Dec 2024 19:03:36 GMT
vary: Accept-Encoding
tls_version: tls1.3
strict-transport-security: max-age=31536000
ms-cv: CASMicrosoftCV24f81520.0
ms-cv-esi: CASMicrosoftCV24f81520.0
x-rtag: RT
-
Remote address:13.107.246.64:443RequestGET /mscc/lib/v2/wcp-consent.js HTTP/2.0
host: wcpstatic.microsoft.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://feedback.smartscreen.microsoft.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
ResponseHTTP/2.0 200
content-type: application/javascript
content-length: 81726
content-encoding: gzip
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
age: 21426
cache-control: max-age=43200
content-md5: X1JOIM5h9UISVFS6+GfEew==
etag: 0x8DA85F6EA62BF74
last-modified: Wed, 24 Aug 2022 17:34:36 GMT
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: 43069808-401e-00a1-2fcd-561ba2000000
x-ms-version: 2009-09-19
x-azure-ref: 20241225T190336Z-r1d8dc5d8768ffzthC1LON4hx80000000htg00000000p3yt
accept-ranges: bytes
-
Remote address:40.118.255.59:443RequestGET /Content/bootstrap HTTP/1.1
Host: securityintelligencecenter-westus.azurewebsites.net
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: text/css,*/*;q=0.1
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: style
Referer: https://feedback.smartscreen.microsoft.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Date: Wed, 25 Dec 2024 19:03:37 GMT
Cache-Control: public
Content-Encoding: gzip
Expires: Mon, 22 Dec 2025 14:11:23 GMT
Last-Modified: Sun, 22 Dec 2024 14:11:23 GMT
Set-Cookie: ARRAffinity=88bd1351d12d551dd343b3f1eece647bd090858e8c735ab5ee90c7be22f40c20;Path=/;HttpOnly;Secure;Domain=securityintelligencecenter-westus.azurewebsites.net
Set-Cookie: ARRAffinitySameSite=88bd1351d12d551dd343b3f1eece647bd090858e8c735ab5ee90c7be22f40c20;Path=/;HttpOnly;SameSite=None;Secure;Domain=securityintelligencecenter-westus.azurewebsites.net
Vary: User-Agent,Accept-Encoding
Request-Context: appId=cid-v1:5f4e9a6c-0f63-4df4-b5bf-5df7206a5c64
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
-
Remote address:40.118.255.59:443RequestGET /Content/mslogo.png HTTP/1.1
Host: securityintelligencecenter-westus.azurewebsites.net
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://feedback.smartscreen.microsoft.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: ARRAffinitySameSite=eaf37f543c9aac90e7eb6257f01f589d8e7661b7c17b044b9abf3063a84d4ab0
ResponseHTTP/1.1 200 OK
Content-Type: image/png
Date: Wed, 25 Dec 2024 19:03:37 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
ETag: "0beca4c2325db1:0"
Last-Modified: Wed, 23 Oct 2024 08:12:28 GMT
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
-
Remote address:40.118.255.59:443RequestGET /bundles/modernizr HTTP/1.1
Host: securityintelligencecenter-westus.azurewebsites.net
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: script
Referer: https://feedback.smartscreen.microsoft.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Content-Type: text/javascript; charset=utf-8
Date: Wed, 25 Dec 2024 19:03:37 GMT
Cache-Control: public
Content-Encoding: gzip
Expires: Mon, 22 Dec 2025 14:11:20 GMT
Last-Modified: Sun, 22 Dec 2024 14:11:20 GMT
Set-Cookie: ARRAffinity=88bd1351d12d551dd343b3f1eece647bd090858e8c735ab5ee90c7be22f40c20;Path=/;HttpOnly;Secure;Domain=securityintelligencecenter-westus.azurewebsites.net
Set-Cookie: ARRAffinitySameSite=88bd1351d12d551dd343b3f1eece647bd090858e8c735ab5ee90c7be22f40c20;Path=/;HttpOnly;SameSite=None;Secure;Domain=securityintelligencecenter-westus.azurewebsites.net
Vary: User-Agent,Accept-Encoding
Request-Context: appId=cid-v1:5f4e9a6c-0f63-4df4-b5bf-5df7206a5c64
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
-
Remote address:40.118.255.59:443RequestGET /bundles/site HTTP/1.1
Host: securityintelligencecenter-westus.azurewebsites.net
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: script
Referer: https://feedback.smartscreen.microsoft.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Content-Type: text/javascript; charset=utf-8
Date: Wed, 25 Dec 2024 19:03:36 GMT
Cache-Control: public
Content-Encoding: gzip
Expires: Mon, 22 Dec 2025 14:11:21 GMT
Last-Modified: Sun, 22 Dec 2024 14:11:21 GMT
Set-Cookie: ARRAffinity=28266f4629777913c365665d6cc1c67e368d161b0caa20d9651df831f4b3f244;Path=/;HttpOnly;Secure;Domain=securityintelligencecenter-westus.azurewebsites.net
Set-Cookie: ARRAffinitySameSite=28266f4629777913c365665d6cc1c67e368d161b0caa20d9651df831f4b3f244;Path=/;HttpOnly;SameSite=None;Secure;Domain=securityintelligencecenter-westus.azurewebsites.net
Vary: User-Agent,Accept-Encoding
Request-Context: appId=cid-v1:5f4e9a6c-0f63-4df4-b5bf-5df7206a5c64
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
-
Remote address:40.118.255.59:443RequestGET /Content/icon_err.gif HTTP/1.1
Host: securityintelligencecenter-westus.azurewebsites.net
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://feedback.smartscreen.microsoft.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: ARRAffinitySameSite=eaf37f543c9aac90e7eb6257f01f589d8e7661b7c17b044b9abf3063a84d4ab0
ResponseHTTP/1.1 200 OK
Content-Type: image/gif
Date: Wed, 25 Dec 2024 19:03:37 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
ETag: "0beca4c2325db1:0"
Last-Modified: Wed, 23 Oct 2024 08:12:28 GMT
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
-
Remote address:40.118.255.59:443RequestGET /Content/jqueryui HTTP/1.1
Host: securityintelligencecenter-westus.azurewebsites.net
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: text/css,*/*;q=0.1
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: style
Referer: https://feedback.smartscreen.microsoft.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Date: Wed, 25 Dec 2024 19:03:36 GMT
Cache-Control: public
Content-Encoding: gzip
Expires: Mon, 22 Dec 2025 14:12:35 GMT
Last-Modified: Sun, 22 Dec 2024 14:12:35 GMT
Set-Cookie: ARRAffinity=28266f4629777913c365665d6cc1c67e368d161b0caa20d9651df831f4b3f244;Path=/;HttpOnly;Secure;Domain=securityintelligencecenter-westus.azurewebsites.net
Set-Cookie: ARRAffinitySameSite=28266f4629777913c365665d6cc1c67e368d161b0caa20d9651df831f4b3f244;Path=/;HttpOnly;SameSite=None;Secure;Domain=securityintelligencecenter-westus.azurewebsites.net
Vary: User-Agent,Accept-Encoding
Request-Context: appId=cid-v1:5f4e9a6c-0f63-4df4-b5bf-5df7206a5c64
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
-
GEThttps://securityintelligencecenter-westus.azurewebsites.net/Content/hig_progcircle_animated.gifmsedge.exeRemote address:40.118.255.59:443RequestGET /Content/hig_progcircle_animated.gif HTTP/1.1
Host: securityintelligencecenter-westus.azurewebsites.net
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://feedback.smartscreen.microsoft.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: ARRAffinitySameSite=eaf37f543c9aac90e7eb6257f01f589d8e7661b7c17b044b9abf3063a84d4ab0
ResponseHTTP/1.1 200 OK
Content-Type: image/gif
Date: Wed, 25 Dec 2024 19:03:37 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
ETag: "0beca4c2325db1:0"
Last-Modified: Wed, 23 Oct 2024 08:12:28 GMT
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
-
Remote address:40.118.255.59:443RequestGET /Content/site HTTP/1.1
Host: securityintelligencecenter-westus.azurewebsites.net
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: text/css,*/*;q=0.1
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: style
Referer: https://feedback.smartscreen.microsoft.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Date: Wed, 25 Dec 2024 19:03:37 GMT
Cache-Control: public
Content-Encoding: gzip
Expires: Mon, 22 Dec 2025 14:11:19 GMT
Last-Modified: Sun, 22 Dec 2024 14:11:19 GMT
Set-Cookie: ARRAffinity=88bd1351d12d551dd343b3f1eece647bd090858e8c735ab5ee90c7be22f40c20;Path=/;HttpOnly;Secure;Domain=securityintelligencecenter-westus.azurewebsites.net
Set-Cookie: ARRAffinitySameSite=88bd1351d12d551dd343b3f1eece647bd090858e8c735ab5ee90c7be22f40c20;Path=/;HttpOnly;SameSite=None;Secure;Domain=securityintelligencecenter-westus.azurewebsites.net
Vary: User-Agent,Accept-Encoding
Request-Context: appId=cid-v1:5f4e9a6c-0f63-4df4-b5bf-5df7206a5c64
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
-
Remote address:40.118.255.59:443RequestGET /bundles/jqueryui HTTP/1.1
Host: securityintelligencecenter-westus.azurewebsites.net
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: script
Referer: https://feedback.smartscreen.microsoft.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Content-Type: text/javascript
Date: Wed, 25 Dec 2024 19:03:37 GMT
Cache-Control: public
Expires: Mon, 22 Dec 2025 14:11:17 GMT
Last-Modified: Sun, 22 Dec 2024 14:11:17 GMT
Set-Cookie: ARRAffinity=88bd1351d12d551dd343b3f1eece647bd090858e8c735ab5ee90c7be22f40c20;Path=/;HttpOnly;Secure;Domain=securityintelligencecenter-westus.azurewebsites.net
Set-Cookie: ARRAffinitySameSite=88bd1351d12d551dd343b3f1eece647bd090858e8c735ab5ee90c7be22f40c20;Path=/;HttpOnly;SameSite=None;Secure;Domain=securityintelligencecenter-westus.azurewebsites.net
Vary: User-Agent
Request-Context: appId=cid-v1:5f4e9a6c-0f63-4df4-b5bf-5df7206a5c64
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
-
Remote address:40.118.255.59:443RequestGET /bundles/bootstrap HTTP/1.1
Host: securityintelligencecenter-westus.azurewebsites.net
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: script
Referer: https://feedback.smartscreen.microsoft.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Content-Type: text/javascript; charset=utf-8
Date: Wed, 25 Dec 2024 19:03:36 GMT
Cache-Control: public
Content-Encoding: gzip
Expires: Mon, 22 Dec 2025 14:13:43 GMT
Last-Modified: Sun, 22 Dec 2024 14:13:43 GMT
Set-Cookie: ARRAffinity=eaf37f543c9aac90e7eb6257f01f589d8e7661b7c17b044b9abf3063a84d4ab0;Path=/;HttpOnly;Secure;Domain=securityintelligencecenter-westus.azurewebsites.net
Set-Cookie: ARRAffinitySameSite=eaf37f543c9aac90e7eb6257f01f589d8e7661b7c17b044b9abf3063a84d4ab0;Path=/;HttpOnly;SameSite=None;Secure;Domain=securityintelligencecenter-westus.azurewebsites.net
Vary: User-Agent,Accept-Encoding
Request-Context: appId=cid-v1:5f4e9a6c-0f63-4df4-b5bf-5df7206a5c64
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
-
Remote address:40.118.255.59:443RequestGET /Scripts/HIP/hipmgr.js HTTP/1.1
Host: securityintelligencecenter-westus.azurewebsites.net
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: script
Referer: https://feedback.smartscreen.microsoft.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: ARRAffinitySameSite=eaf37f543c9aac90e7eb6257f01f589d8e7661b7c17b044b9abf3063a84d4ab0
ResponseHTTP/1.1 200 OK
Content-Type: application/x-javascript
Date: Wed, 25 Dec 2024 19:03:36 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
Content-Encoding: gzip
ETag: "09c4672325db1:0"
Last-Modified: Wed, 23 Oct 2024 08:13:12 GMT
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
-
Remote address:40.118.255.59:443RequestGET /content/30x30_sad.png HTTP/1.1
Host: securityintelligencecenter-westus.azurewebsites.net
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://feedback.smartscreen.microsoft.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: ARRAffinitySameSite=eaf37f543c9aac90e7eb6257f01f589d8e7661b7c17b044b9abf3063a84d4ab0
ResponseHTTP/1.1 200 OK
Content-Type: image/png
Date: Wed, 25 Dec 2024 19:03:37 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
ETag: "0beca4c2325db1:0"
Last-Modified: Wed, 23 Oct 2024 08:12:28 GMT
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
-
Remote address:40.118.255.59:443RequestGET /bundles/jquery HTTP/1.1
Host: securityintelligencecenter-westus.azurewebsites.net
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: script
Referer: https://feedback.smartscreen.microsoft.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Date: Wed, 25 Dec 2024 19:03:36 GMT
Cache-Control: public
Content-Encoding: gzip
Expires: Mon, 22 Dec 2025 14:11:24 GMT
Last-Modified: Sun, 22 Dec 2024 14:11:24 GMT
Set-Cookie: ARRAffinity=28266f4629777913c365665d6cc1c67e368d161b0caa20d9651df831f4b3f244;Path=/;HttpOnly;Secure;Domain=securityintelligencecenter-westus.azurewebsites.net
Set-Cookie: ARRAffinitySameSite=28266f4629777913c365665d6cc1c67e368d161b0caa20d9651df831f4b3f244;Path=/;HttpOnly;SameSite=None;Secure;Domain=securityintelligencecenter-westus.azurewebsites.net
Transfer-Encoding: chunked
Vary: User-Agent,Accept-Encoding
Request-Context: appId=cid-v1:5f4e9a6c-0f63-4df4-b5bf-5df7206a5c64
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
-
Remote address:40.118.255.59:443RequestGET /content/30x30_happy.png HTTP/1.1
Host: securityintelligencecenter-westus.azurewebsites.net
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://feedback.smartscreen.microsoft.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: ARRAffinitySameSite=eaf37f543c9aac90e7eb6257f01f589d8e7661b7c17b044b9abf3063a84d4ab0
ResponseHTTP/1.1 200 OK
Content-Type: image/png
Date: Wed, 25 Dec 2024 19:03:37 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
ETag: "0beca4c2325db1:0"
Last-Modified: Wed, 23 Oct 2024 08:12:28 GMT
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
-
Remote address:13.107.246.64:443RequestGET /meversion?partner=webframework&market=en-us HTTP/2.0
host: mem.gfx.ms
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://feedback.smartscreen.microsoft.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
ResponseHTTP/2.0 200
content-type: application/javascript
vary: Accept-Encoding
cache-control: public, no-transform, max-age=43200
expires: Wed, 25 Dec 2024 11:54:10 GMT
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
x-ua-compatible: IE=edge
strict-transport-security: max-age=31536000; includeSubDomains
x-azure-ref: 20241225T190336Z-r1d8dc5d876cpdwbhC1LONf7r80000000hpg000000007arh
x-fd-int-roxy-purgeid: 0
x-cache: TCP_HIT
content-encoding: br
-
Remote address:13.107.246.64:443RequestGET /meversion?partner=MSSecurityPortal&market=en-us&uhf=1 HTTP/2.0
host: mem.gfx.ms
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://feedback.smartscreen.microsoft.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
ResponseHTTP/2.0 200
content-type: application/javascript
vary: Accept-Encoding
cache-control: public, no-transform, max-age=7200
expires: Wed, 25 Dec 2024 19:48:13 GMT
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
x-ua-compatible: IE=edge
strict-transport-security: max-age=31536000; includeSubDomains
x-azure-ref: 20241225T190337Z-r1d8dc5d876cpdwbhC1LONf7r80000000hpg000000007aws
x-fd-int-roxy-purgeid: 0
x-cache-info: L1_T2
x-cache: TCP_HIT
content-encoding: br
-
GEThttps://assets.onestore.ms/cdnfiles/external/mwf/long/v1/v1.25.1/css/mwf-west-european-default.min.cssmsedge.exeRemote address:23.214.139.72:443RequestGET /cdnfiles/external/mwf/long/v1/v1.25.1/css/mwf-west-european-default.min.css HTTP/2.0
host: assets.onestore.ms
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/css,*/*;q=0.1
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: style
referer: https://feedback.smartscreen.microsoft.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
ResponseHTTP/2.0 200
vary: Accept-Encoding
last-modified: Wed, 04 Oct 2017 00:06:30 GMT
etag: "0x8D50ABBC4313109"
x-ms-lease-state: available
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-lease-status,x-ms-lease-state,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-azure-ref: 20241225T190336Z-r1d8dc5d8768ffzthC1LON4hx80000000hrg00000000x2bh
x-fd-int-roxy-purgeid: 0
accept-ranges: bytes
content-encoding: gzip
cache-control: max-age=31536000
date: Wed, 25 Dec 2024 19:03:36 GMT
content-length: 15057
x-content-type-options: nosniff
-
GEThttps://assets.onestore.ms/cdnfiles/external/mwf/long/v1/v1.25.1/css/uhf-west-european-default.min.cssmsedge.exeRemote address:23.214.139.72:443RequestGET /cdnfiles/external/mwf/long/v1/v1.25.1/css/uhf-west-european-default.min.css HTTP/2.0
host: assets.onestore.ms
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/css,*/*;q=0.1
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: style
referer: https://feedback.smartscreen.microsoft.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
ResponseHTTP/2.0 200
vary: Accept-Encoding
last-modified: Wed, 04 Oct 2017 00:06:31 GMT
etag: "0x8D50ABBC4B1D494"
x-ms-lease-state: available
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-lease-status,x-ms-lease-state,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-azure-ref: 20241225T190336Z-r1d8dc5d8768ffzthC1LON4hx80000000hs000000000tczz
x-fd-int-roxy-purgeid: 0
accept-ranges: bytes
content-encoding: gzip
cache-control: max-age=31536000
date: Wed, 25 Dec 2024 19:03:36 GMT
x-content-type-options: nosniff
-
GEThttps://assets.onestore.ms/cdnfiles/external/mwf/long/v1/v1.25.1/scripts/mwf-main.var.min.jsmsedge.exeRemote address:23.214.139.72:443RequestGET /cdnfiles/external/mwf/long/v1/v1.25.1/scripts/mwf-main.var.min.js HTTP/2.0
host: assets.onestore.ms
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://feedback.smartscreen.microsoft.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
ResponseHTTP/2.0 200
vary: Accept-Encoding
last-modified: Wed, 04 Oct 2017 00:06:20 GMT
etag: "0x8D50ABBBE258E40"
x-ms-lease-state: available
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-lease-status,x-ms-lease-state,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-azure-ref: 20241225T190336Z-r1d8dc5d876fdcwthC1LON53380000000hz0000000007x4m
x-fd-int-roxy-purgeid: 0
accept-ranges: bytes
content-encoding: gzip
cache-control: max-age=31536000
date: Wed, 25 Dec 2024 19:03:36 GMT
x-content-type-options: nosniff
-
Remote address:8.8.8.8:53Request131.109.18.2.in-addr.arpaIN PTRResponse131.109.18.2.in-addr.arpaIN PTRa2-18-109-131deploystaticakamaitechnologiescom
-
Remote address:8.8.8.8:53Request72.139.214.23.in-addr.arpaIN PTRResponse72.139.214.23.in-addr.arpaIN PTRa23-214-139-72deploystaticakamaitechnologiescom
-
Remote address:8.8.8.8:53Request64.246.107.13.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Requestjs.monitor.azure.comIN AResponsejs.monitor.azure.comIN CNAMEaijscdn2-bwfdfxezdubebtb0.z01.azurefd.netaijscdn2-bwfdfxezdubebtb0.z01.azurefd.netIN CNAMEstar-azurefd-prod.trafficmanager.netstar-azurefd-prod.trafficmanager.netIN CNAMEshed.dual-low.s-part-0036.t-0009.t-msedge.netshed.dual-low.s-part-0036.t-0009.t-msedge.netIN CNAMEs-part-0036.t-0009.t-msedge.nets-part-0036.t-0009.t-msedge.netIN A13.107.246.64
-
Remote address:8.8.8.8:53Request50.23.12.20.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Request198.187.3.20.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Requestfd.api.iris.microsoft.comIN AResponsefd.api.iris.microsoft.comIN CNAMEfd-api-iris.trafficmanager.netfd-api-iris.trafficmanager.netIN CNAMEiris-de-prod-azsc-v2-neu-b.northeurope.cloudapp.azure.comiris-de-prod-azsc-v2-neu-b.northeurope.cloudapp.azure.comIN A20.223.36.55
-
GEThttps://fd.api.iris.microsoft.com/v4/api/selection?&asid=D5D7CC4114E6445F814E74DF0E5D5D1D&nct=1&placement=88000677&bcnt=30&country=US&locale=en-US&poptin=0&fmt=json&clr=cdmlite&arch=AMD64&concp=0&d3dfl=D3D_FEATURE_LEVEL_12_1&devfam=Windows.Desktop&devosver=10.0.19044.4529&dinst=1733929104&dmret=0&drgng=244&flightbranch=&flightring=Retail&localid=w%3AB7C09116-BCFB-468D-0635-1EA4A327AC18&osbranch=vb_release&oslocale=en-US&osret=1&ossku=EnterpriseS&osskuid=125&prccn=2&prccs=4192&prcmf=AuthenticAMD&procm=Intel%20Core%20Processor%20%28Broadwell%29&ram=4095&tinst=Client&tl=1&pat=0&smc=0&sac=0&disphorzres=1280&dispsize=14.7&dispvertres=720&ldisphorzres=1280&ldispvertres=720&moncnt=1&cpdsk=241361&frdsk=20469&lo=20404&tsu=20404Remote address:20.223.36.55:443RequestGET /v4/api/selection?&asid=D5D7CC4114E6445F814E74DF0E5D5D1D&nct=1&placement=88000677&bcnt=30&country=US&locale=en-US&poptin=0&fmt=json&clr=cdmlite&arch=AMD64&concp=0&d3dfl=D3D_FEATURE_LEVEL_12_1&devfam=Windows.Desktop&devosver=10.0.19044.4529&dinst=1733929104&dmret=0&drgng=244&flightbranch=&flightring=Retail&localid=w%3AB7C09116-BCFB-468D-0635-1EA4A327AC18&osbranch=vb_release&oslocale=en-US&osret=1&ossku=EnterpriseS&osskuid=125&prccn=2&prccs=4192&prcmf=AuthenticAMD&procm=Intel%20Core%20Processor%20%28Broadwell%29&ram=4095&tinst=Client&tl=1&pat=0&smc=0&sac=0&disphorzres=1280&dispsize=14.7&dispvertres=720&ldisphorzres=1280&ldispvertres=720&moncnt=1&cpdsk=241361&frdsk=20469&lo=20404&tsu=20404 HTTP/2.0
host: fd.api.iris.microsoft.com
accept-encoding: gzip, deflate
x-sdk-hw-token: t=EwDoAppeBAAUGoFunEzxzyai/T0i5tnZAAR1eX0AAd8rsB4HdQUYyjK6QuGP6B3fuXrNEtfV6ydKb1NVfupt4XKO37415F6slfr3UkyQFFjusCNJ2FFOmzQI1CHMPORSOTXQNsaLh8HcivdJ7we5drw50QOfRBWYH2apBQ/xZhn1QBAyssh5qtYt8pXSBI8zpzhLyfb8jrRKZGVyOlbee+QTUO+hDnT4yyB6LWJ+mq2QEli79C4cqPoJpgIgZkVJovYpjhOXBfoLGjO93sF5/pe2jibtxC8FiD6tznphh89Et31PLYihHoA4vSbKILuD09T/JHLyTQAWrJPq+mbV/YOcIUZOK7x7H0bg2t9i9cCNpsFl65Vmq9j9LhQkN6YQZgAAEBCVJQ7udxGEn++UNeUP+NOwAVMTN0D1pmK1SyvXQrD750UoYWeHvVevHt/NMha0i8ZeAbk+3rkk3qXupNWl1CS5Qqof9ZO917YQqW8bGwYWgom16i1pHDPSfZy6nwuGcBX7P8wMEnTjNsi6LobI+NN4RiI0VzQrmLg9mduAF7i7TkGLdUqc3w9XmLxZwFf46mugMKoQ4+vEYv/0tF8e0uPUXOwwAEFavWUy6oAOkCBiifVbzepScmU7qB22PxUl+lX97IkHIwMWT6w3A0zgflrLoqCC1PR3lYY4E1p7HIO4dsrcaB2XincX7hE1QuBZHtPfLaAm2J1HDw+l8Z4Ze7gZhH1u/3xpO8MeoN3we09g5ThtoHlStnCEypjxpOPR1VyP0YzqTQdvPRS0NR652QJQxhcE1AOpIqw4zMoHeJrm3yqpyT7TbBNHUqGouI394aI03is5xNDTGkf/am/7E79avn+JRrglCdoNvrg5Ru4cPWcStKFv5bdLvam0NFtLVpwgDSbhTEhGoFT4QRP7cG/d/YXVBG8ka3U4oEc8+nKnX0Nfb4cvMjEsv4SyD51xzAGuTAvHuZXik+z0cYMwquWZNdoB&p=
ResponseHTTP/2.0 200
pragma: no-cache
content-length: 131
content-type: application/json; charset=utf-8
expires: Mon, 01 Jan 0001 00:00:00 GMT
server: Microsoft-IIS/10.0
arc-rsp-dbg: [{"DcoPlusDebug":"Status: Ok"},{"OPTOUTSTATE":"256"},{"REGIONALPOLICY":"0"}]
accept-ch: UA, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform, UA-Platform-Version
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 25 Dec 2024 19:03:47 GMT
-
Remote address:8.8.8.8:53Request55.36.223.20.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Request181.129.81.91.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Request81.144.22.2.in-addr.arpaIN PTRResponse81.144.22.2.in-addr.arpaIN PTRa2-22-144-81deploystaticakamaitechnologiescom
-
Remote address:8.8.8.8:53Request29.243.111.52.in-addr.arpaIN PTRResponse
-
98 B 80 B 2 2
-
98 B 80 B 2 2
-
147.45.44.92:80http://steamcoummunilty.com/73407a502e570642110306530e025557101703710c51424050721502244003104357514346552107575b500151520307500307125002410a09515e1451740a29046f6376042ahttpmsedge.exe14.8kB 214.2kB 130 173
HTTP Request
GET http://steamcoummunilty.com/tradeoffer/new/?partner=149270605216&token=hK3VWGgLHTTP Response
200HTTP Request
POST http://steamcoummunilty.com/73407a502e570642110306530e025557101703710c51424050721502244003104357514346552107575b500151520307500307125002410a09515e1451740a29046f6376042aHTTP Response
201HTTP Request
GET http://steamcoummunilty.com/73407a502e57065f0d06074e.jsHTTP Response
200HTTP Request
GET http://steamcoummunilty.com/73407a502e5706510616315f1501705d0c545850HTTP Response
200HTTP Request
GET http://steamcoummunilty.com/tradeoffer/new/?partner=149270605216&token=hK3VWGgLHTTP Response
304HTTP Request
POST http://steamcoummunilty.com/73407a502e570642110306530e025557101703710c51424050721502244003104357514346552107575b500151520307500307125002410a09515e1451740a29046f6376042aHTTP Response
201 -
147.45.44.92:80http://steamcoummunilty.com/tradeoffer/new/?partner=149270605216&token=hK3VWGgLhttpmsedge.exe4.8kB 1.4kB 18 14
HTTP Request
GET http://steamcoummunilty.com/tradeoffer/new/?partner=149270605216&token=hK3VWGgLHTTP Response
304HTTP Request
POST http://steamcoummunilty.com/73407a502e570642110306530e025557101703710c51424050721502244003104357514346552107575b500151520307500307125002410a09515e1451740a29046f6376042aHTTP Response
502HTTP Request
GET http://steamcoummunilty.com/tradeoffer/new/?partner=149270605216&token=hK3VWGgLHTTP Response
502 -
51.11.108.188:443https://nav.smartscreen.microsoft.com/api/browser/edge/telemetrytls, httpmsedge.exe11.3kB 9.4kB 24 19
HTTP Request
POST https://nav.smartscreen.microsoft.com/api/browser/edge/navigate/2HTTP Response
200HTTP Request
POST https://nav.smartscreen.microsoft.com/api/browser/edge/telemetryHTTP Response
200HTTP Request
POST https://nav.smartscreen.microsoft.com/api/browser/edge/telemetryHTTP Response
200 -
51.11.108.188:443https://nav.smartscreen.microsoft.com/api/browser/edge/navigate/2tls, httpmsedge.exe8.2kB 10.4kB 22 17
HTTP Request
POST https://nav.smartscreen.microsoft.com/api/browser/edge/navigate/2HTTP Response
200HTTP Request
POST https://nav.smartscreen.microsoft.com/api/browser/edge/telemetryHTTP Response
200HTTP Request
POST https://nav.smartscreen.microsoft.com/api/browser/edge/navigate/2HTTP Response
200 -
51.11.108.188:443https://nav.smartscreen.microsoft.com/api/browser/edge/navigate/2tls, httpmsedge.exe5.0kB 9.1kB 17 14
HTTP Request
POST https://nav.smartscreen.microsoft.com/api/browser/edge/actionsHTTP Response
200HTTP Request
POST https://nav.smartscreen.microsoft.com/api/browser/edge/navigate/2HTTP Response
200 -
943 B 3.3kB 8 6
-
943 B 3.3kB 8 6
-
104.18.42.105:443https://community.cloudflare.steamstatic.com/economy/image/-9a81dlWLwJ2UUGcVs_nsVtzdOEdtWwKGZZLQHTxDZ7I56KU0Zwwo4NUX4oFJZEHLbXH5ApeO4YmlhxYQknCRvCo04DEVlxkKgpopb3wflFf0vL3YyhL4s-Jk5KOkvnLPr7Vn35cppMo3OqWpN-j0VLj_0A6NWGidY_AcVQ7aA3QqVTvw73m08Tp6c7Pz3B9-n51hsB870M/96fx96ftls, http2msedge.exe8.3kB 225.7kB 127 185
HTTP Request
GET https://community.cloudflare.steamstatic.com/public/javascript/prototype-1.7.js?v=.55t44gwuwgvw&_cdn=cloudflareHTTP Request
GET https://community.cloudflare.steamstatic.com/public/javascript/scriptaculous/_combined.js?v=OeNIgrpEF8tL&l=english&_cdn=cloudflare&load=effects,controls,slider,dragdropHTTP Request
GET https://community.cloudflare.steamstatic.com/public/javascript/global.js?v=ocpubhdPGXdc&l=english&_cdn=cloudflareHTTP Request
GET https://community.cloudflare.steamstatic.com/public/javascript/jquery-1.11.1.min.js?v=.isFTSRckeNhC&_cdn=cloudflareHTTP Request
GET https://community.cloudflare.steamstatic.com/public/shared/javascript/tooltip.js?v=.9Z1XDV02xrml&_cdn=cloudflareHTTP Request
GET https://community.cloudflare.steamstatic.com/public/shared/javascript/shared_global.js?v=R2JmKYDaxby2&l=english&_cdn=cloudflareHTTP Request
GET https://community.cloudflare.steamstatic.com/public/javascript/economy_trade.js?v=_S8IrXmFV6F8&l=english&_cdn=cloudflareHTTP Request
GET https://community.cloudflare.steamstatic.com/public/javascript/economy_common.js?v=tsXdRVB0yEaR&l=english&_cdn=cloudflareHTTP Request
GET https://community.cloudflare.steamstatic.com/public/javascript/modalv2.js?v=dfMhuy-Lrpyo&l=english&_cdn=cloudflareHTTP Request
GET https://community.cloudflare.steamstatic.com/public/shared/javascript/shared_responsive_adapter.js?v=TbBMCK37KgCo&l=english&_cdn=cloudflareHTTP Request
GET https://community.cloudflare.steamstatic.com/public/javascript/economy_tradeoffer.js?v=mqM2FYA-LOuH&l=english&_cdn=cloudflareHTTP Response
200HTTP Response
200HTTP Response
200HTTP Response
200HTTP Response
200HTTP Response
200HTTP Response
200HTTP Response
200HTTP Response
200HTTP Response
200HTTP Response
200HTTP Request
GET https://community.cloudflare.steamstatic.com/economy/image/-9a81dlWLwJ2UUGcVs_nsVtzdOEdtWwKGZZLQHTxDZ7I56KU0Zwwo4NUX4oFJZEHLbXH5ApeO4YmlhxYQknCRvCo04DEVlxkKgpopb3wflFf0vL3YyhL4s-Jk5KOkvnLPr7Vn35cppMo3OqWpN-j0VLj_0A6NWGidY_AcVQ7aA3QqVTvw73m08Tp6c7Pz3B9-n51hsB870M/96fx96f -
943 B 3.3kB 8 6
-
943 B 3.3kB 8 6
-
943 B 3.3kB 8 6
-
1.1kB 23.0kB 16 23
HTTP Request
GET http://www.google-analytics.com/analytics.jsHTTP Response
200 -
51.140.242.104:443https://data-edge.smartscreen.microsoft.com/windows/browser/edge/data/bloomfilter/x?pushCert=false&os=10.0.19044.4529.vb_releasetls, httpmsedge.exe9.8kB 274.3kB 114 207
HTTP Request
POST https://data-edge.smartscreen.microsoft.com/api/browser/edge/data/settingsHTTP Response
200HTTP Request
POST https://data-edge.smartscreen.microsoft.com/api/browser/edge/data/settingsHTTP Response
200HTTP Request
GET https://data-edge.smartscreen.microsoft.com/windows/browser/edge/data/bloomfilter/x?pushCert=false&os=10.0.19044.4529.vb_releaseHTTP Response
304 -
51.140.242.104:443https://data-edge.smartscreen.microsoft.com/windows/browser/edge/data/toptraffic?pushCert=false&os=10.0.19044.4529.vb_releasetls, httpmsedge.exe9.8kB 486.5kB 194 355
HTTP Request
GET https://data-edge.smartscreen.microsoft.com/windows/browser/edge/data/toptraffic?pushCert=false&os=10.0.19044.4529.vb_releaseHTTP Response
200 -
51.140.242.104:443https://data-edge.smartscreen.microsoft.com/windows/browser/edge/data/toptraffic?pushCert=false&os=10.0.19044.4529.vb_releasetls, httpmsedge.exe2.9kB 11.5kB 18 15
HTTP Request
GET https://data-edge.smartscreen.microsoft.com/windows/browser/edge/data/bloomfilter/x?pushCert=false&os=10.0.19044.4529.vb_releaseHTTP Response
200HTTP Request
GET https://data-edge.smartscreen.microsoft.com/windows/browser/edge/data/toptraffic?pushCert=false&os=10.0.19044.4529.vb_releaseHTTP Response
304 -
1.1kB 913 B 8 8
-
3.7kB 86.3kB 42 68
HTTP Request
GET https://steamcommunity.com/favicon.icoHTTP Response
200HTTP Request
GET https://steamcommunity.com/favicon.icoHTTP Response
200 -
40.118.255.59:443https://feedback.smartscreen.microsoft.com/en-us/wdsi/api/hipchallenge/visual/fb/849968391fc040e6bd55fe027d120bc7tls, httpmsedge.exe5.2kB 34.8kB 26 36
HTTP Request
POST https://feedback.smartscreen.microsoft.com/feedback.aspxHTTP Response
200HTTP Request
GET https://feedback.smartscreen.microsoft.com/Content/mslogo.pngHTTP Response
200HTTP Request
GET https://feedback.smartscreen.microsoft.com/en-us/wdsi/api/hipchallenge/visual/fb/849968391fc040e6bd55fe027d120bc7 -
1.6kB 6.7kB 10 10
-
2.18.109.131:443https://www.microsoft.com/onerfstatics/marketingsites-wcus-prod/shell/_scrf/js/themes=default/54-af9f9f/d4-fb1f57/e1-a50eee/e7-954872/d8-97d509/f0-251fe2/46-be1318/77-04a268/11-240c7b/63-077520/a4-34de62/f9-a5b2ce/db-bc0148/dc-7e9864/6d-c07ea1/6f-dafe8c/f6-aa5278/73-a24d00/6d-1e7ed0/b7-cadaa7/c4-898cf2/ca-40b7b0/4e-ee3a55/3e-f5c39b/c3-6454d7/f9-7592d3/d0-e64f3e/92-10345d/79-499886/7e-cda2d3/58-ab4971/74-d51c79/e0-3c9860/de-884374/1f-100dea/33-abe4df/2b-8e0ae6?ver=2.0&_cf=02242021_3231&iife=1tls, http2msedge.exe3.5kB 70.2kB 40 64
HTTP Request
GET https://www.microsoft.com/onerfstatics/marketingsites-wcus-prod/west-european/shell/_scrf/css/themes=default.device=uplevel_web_pc/1b-9d8ed9/c9-be0100/a6-e969ef/43-9f2e7c/82-8b5456/a0-5d3913/52-918540/ca-ae3ce4?ver=2.0&_cf=02242021_3231HTTP Request
GET https://www.microsoft.com/onerfstatics/marketingsites-wcus-prod/shell/_scrf/js/themes=default/54-af9f9f/d4-fb1f57/e1-a50eee/e7-954872/d8-97d509/f0-251fe2/46-be1318/77-04a268/11-240c7b/63-077520/a4-34de62/f9-a5b2ce/db-bc0148/dc-7e9864/6d-c07ea1/6f-dafe8c/f6-aa5278/73-a24d00/6d-1e7ed0/b7-cadaa7/c4-898cf2/ca-40b7b0/4e-ee3a55/3e-f5c39b/c3-6454d7/f9-7592d3/d0-e64f3e/92-10345d/79-499886/7e-cda2d3/58-ab4971/74-d51c79/e0-3c9860/de-884374/1f-100dea/33-abe4df/2b-8e0ae6?ver=2.0&_cf=02242021_3231&iife=1HTTP Response
200HTTP Response
200 -
1.1kB 7.3kB 12 12
-
4.0kB 91.5kB 52 78
HTTP Request
GET https://wcpstatic.microsoft.com/mscc/lib/v2/wcp-consent.jsHTTP Response
200 -
40.118.255.59:443https://securityintelligencecenter-westus.azurewebsites.net/Content/mslogo.pngtls, httpmsedge.exe4.7kB 38.3kB 26 34
HTTP Request
GET https://securityintelligencecenter-westus.azurewebsites.net/Content/bootstrapHTTP Response
200HTTP Request
GET https://securityintelligencecenter-westus.azurewebsites.net/Content/mslogo.pngHTTP Response
200 -
40.118.255.59:443https://securityintelligencecenter-westus.azurewebsites.net/Content/icon_err.giftls, httpmsedge.exe4.9kB 17.0kB 19 20
HTTP Request
GET https://securityintelligencecenter-westus.azurewebsites.net/bundles/modernizrHTTP Response
200HTTP Request
GET https://securityintelligencecenter-westus.azurewebsites.net/bundles/siteHTTP Response
200HTTP Request
GET https://securityintelligencecenter-westus.azurewebsites.net/Content/icon_err.gifHTTP Response
200 -
40.118.255.59:443https://securityintelligencecenter-westus.azurewebsites.net/Content/hig_progcircle_animated.giftls, httpmsedge.exe4.5kB 25.2kB 22 25
HTTP Request
GET https://securityintelligencecenter-westus.azurewebsites.net/Content/jqueryuiHTTP Response
200HTTP Request
GET https://securityintelligencecenter-westus.azurewebsites.net/Content/hig_progcircle_animated.gifHTTP Response
200 -
40.118.255.59:443https://securityintelligencecenter-westus.azurewebsites.net/Content/sitetls, httpmsedge.exe3.3kB 9.2kB 13 13
HTTP Request
GET https://securityintelligencecenter-westus.azurewebsites.net/Content/siteHTTP Response
200 -
40.118.255.59:443https://securityintelligencecenter-westus.azurewebsites.net/content/30x30_sad.pngtls, httpmsedge.exe6.1kB 38.1kB 29 38
HTTP Request
GET https://securityintelligencecenter-westus.azurewebsites.net/bundles/jqueryuiHTTP Response
200HTTP Request
GET https://securityintelligencecenter-westus.azurewebsites.net/bundles/bootstrapHTTP Response
200HTTP Request
GET https://securityintelligencecenter-westus.azurewebsites.net/Scripts/HIP/hipmgr.jsHTTP Response
200HTTP Request
GET https://securityintelligencecenter-westus.azurewebsites.net/content/30x30_sad.pngHTTP Response
200 -
40.118.255.59:443https://securityintelligencecenter-westus.azurewebsites.net/content/30x30_happy.pngtls, httpmsedge.exe7.9kB 241.0kB 97 180
HTTP Request
GET https://securityintelligencecenter-westus.azurewebsites.net/bundles/jqueryHTTP Response
200HTTP Request
GET https://securityintelligencecenter-westus.azurewebsites.net/content/30x30_happy.pngHTTP Response
200 -
13.107.246.64:443https://mem.gfx.ms/meversion?partner=MSSecurityPortal&market=en-us&uhf=1tls, http2msedge.exe3.2kB 34.3kB 32 41
HTTP Request
GET https://mem.gfx.ms/meversion?partner=webframework&market=en-usHTTP Response
200HTTP Request
GET https://mem.gfx.ms/meversion?partner=MSSecurityPortal&market=en-us&uhf=1HTTP Response
200 -
1.1kB 6.7kB 11 11
-
23.214.139.72:443https://assets.onestore.ms/cdnfiles/external/mwf/long/v1/v1.25.1/scripts/mwf-main.var.min.jstls, http2msedge.exe5.2kB 166.3kB 82 133
HTTP Request
GET https://assets.onestore.ms/cdnfiles/external/mwf/long/v1/v1.25.1/css/mwf-west-european-default.min.cssHTTP Request
GET https://assets.onestore.ms/cdnfiles/external/mwf/long/v1/v1.25.1/css/uhf-west-european-default.min.cssHTTP Request
GET https://assets.onestore.ms/cdnfiles/external/mwf/long/v1/v1.25.1/scripts/mwf-main.var.min.jsHTTP Response
200HTTP Response
200HTTP Response
200 -
1.1kB 6.7kB 11 11
-
1.1kB 7.4kB 11 14
-
2.7kB 8.5kB 14 16
-
2.8kB 8.5kB 15 18
-
466 B 372 B 10 8
-
20.223.36.55:443https://fd.api.iris.microsoft.com/v4/api/selection?&asid=D5D7CC4114E6445F814E74DF0E5D5D1D&nct=1&placement=88000677&bcnt=30&country=US&locale=en-US&poptin=0&fmt=json&clr=cdmlite&arch=AMD64&concp=0&d3dfl=D3D_FEATURE_LEVEL_12_1&devfam=Windows.Desktop&devosver=10.0.19044.4529&dinst=1733929104&dmret=0&drgng=244&flightbranch=&flightring=Retail&localid=w%3AB7C09116-BCFB-468D-0635-1EA4A327AC18&osbranch=vb_release&oslocale=en-US&osret=1&ossku=EnterpriseS&osskuid=125&prccn=2&prccs=4192&prcmf=AuthenticAMD&procm=Intel%20Core%20Processor%20%28Broadwell%29&ram=4095&tinst=Client&tl=1&pat=0&smc=0&sac=0&disphorzres=1280&dispsize=14.7&dispvertres=720&ldisphorzres=1280&ldispvertres=720&moncnt=1&cpdsk=241361&frdsk=20469&lo=20404&tsu=20404tls, http22.7kB 7.4kB 18 12
HTTP Request
GET https://fd.api.iris.microsoft.com/v4/api/selection?&asid=D5D7CC4114E6445F814E74DF0E5D5D1D&nct=1&placement=88000677&bcnt=30&country=US&locale=en-US&poptin=0&fmt=json&clr=cdmlite&arch=AMD64&concp=0&d3dfl=D3D_FEATURE_LEVEL_12_1&devfam=Windows.Desktop&devosver=10.0.19044.4529&dinst=1733929104&dmret=0&drgng=244&flightbranch=&flightring=Retail&localid=w%3AB7C09116-BCFB-468D-0635-1EA4A327AC18&osbranch=vb_release&oslocale=en-US&osret=1&ossku=EnterpriseS&osskuid=125&prccn=2&prccs=4192&prcmf=AuthenticAMD&procm=Intel%20Core%20Processor%20%28Broadwell%29&ram=4095&tinst=Client&tl=1&pat=0&smc=0&sac=0&disphorzres=1280&dispsize=14.7&dispvertres=720&ldisphorzres=1280&ldispvertres=720&moncnt=1&cpdsk=241361&frdsk=20469&lo=20404&tsu=20404HTTP Response
200
-
66 B 82 B 1 1
DNS Request
steamcoummunilty.com
DNS Response
147.45.44.92
-
72 B 158 B 1 1
DNS Request
14.160.190.20.in-addr.arpa
-
146 B 147 B 2 1
DNS Request
217.106.137.52.in-addr.arpa
DNS Request
217.106.137.52.in-addr.arpa
-
71 B 126 B 1 1
DNS Request
92.44.45.147.in-addr.arpa
-
75 B 191 B 1 1
DNS Request
nav.smartscreen.microsoft.com
DNS Response
51.11.108.188
-
82 B 114 B 1 1
DNS Request
community.cloudflare.steamstatic.com
DNS Response
104.18.42.105172.64.145.151
-
73 B 144 B 1 1
DNS Request
95.221.229.192.in-addr.arpa
-
72 B 158 B 1 1
DNS Request
188.108.11.51.in-addr.arpa
-
74 B 128 B 1 1
DNS Request
172.210.232.199.in-addr.arpa
-
81 B 198 B 1 1
DNS Request
data-edge.smartscreen.microsoft.com
DNS Response
51.140.242.104
-
72 B 134 B 1 1
DNS Request
105.42.18.104.in-addr.arpa
-
74 B 113 B 1 1
DNS Request
110.179.250.142.in-addr.arpa
-
73 B 147 B 1 1
DNS Request
104.242.140.51.in-addr.arpa
-
73 B 106 B 1 1
DNS Request
203.197.79.204.in-addr.arpa
-
586 B 9
-
70 B 144 B 1 1
DNS Request
58.55.71.13.in-addr.arpa
-
64 B 80 B 1 1
DNS Request
steamcommunity.com
DNS Response
23.214.143.155
-
73 B 139 B 1 1
DNS Request
155.143.214.23.in-addr.arpa
-
80 B 371 B 1 1
DNS Request
feedback.smartscreen.microsoft.com
DNS Response
40.118.255.59
-
72 B 146 B 1 1
DNS Request
59.255.118.40.in-addr.arpa
-
63 B 230 B 1 1
DNS Request
www.microsoft.com
DNS Response
2.18.109.131
-
69 B 251 B 1 1
DNS Request
wcpstatic.microsoft.com
DNS Response
13.107.246.64
-
97 B 228 B 1 1
DNS Request
securityintelligencecenter-westus.azurewebsites.net
DNS Response
40.118.255.59
-
64 B 201 B 1 1
DNS Request
assets.onestore.ms
DNS Response
23.214.139.72
-
56 B 268 B 1 1
DNS Request
mem.gfx.ms
DNS Response
13.107.246.64
-
71 B 135 B 1 1
DNS Request
131.109.18.2.in-addr.arpa
-
72 B 137 B 1 1
DNS Request
72.139.214.23.in-addr.arpa
-
72 B 158 B 1 1
DNS Request
64.246.107.13.in-addr.arpa
-
66 B 254 B 1 1
DNS Request
js.monitor.azure.com
DNS Response
13.107.246.64
-
70 B 156 B 1 1
DNS Request
50.23.12.20.in-addr.arpa
-
71 B 157 B 1 1
DNS Request
198.187.3.20.in-addr.arpa
-
71 B 199 B 1 1
DNS Request
fd.api.iris.microsoft.com
DNS Response
20.223.36.55
-
71 B 157 B 1 1
DNS Request
55.36.223.20.in-addr.arpa
-
72 B 147 B 1 1
DNS Request
181.129.81.91.in-addr.arpa
-
70 B 133 B 1 1
DNS Request
81.144.22.2.in-addr.arpa
-
72 B 158 B 1 1
DNS Request
29.243.111.52.in-addr.arpa
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
152B
MD5aee441ff140ecb5de1df316f0a7338cd
SHA182f998907a111d858c67644e9f61d3b32b4cd009
SHA2565944b21c8bdfb7c6cb0da452f8904a164cc951c6a4bb3a306eaebcad2d611d67
SHA51254a2c1d4c8791ebc6324c1be052b7b73cbd74057d0ea46400cfd8e60f9a884ade60d838777eba7001cf44c924f63cba1a9708a6c71bf966f63f988c49ca70d31
-
Filesize
152B
MD5821b1728a915eae981ab4a4a3e4ce0d1
SHA18ba13520c913e33462c653614aece1b6e3c660a2
SHA25636c38bde1e74c5ee75878f275a411e528c00eaa3091e7c4adfa65b8b7d28fb3b
SHA512b8fd54808711878ed567f474f174db662e2457b6c246f625e148944532c70d94d87e96ef6febfb657895dd0eadc25906c9106fa75c6b2d3bd37ca6786f03a8b7
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\453e7772-fbd9-4346-bf43-4b214d9515a9.tmp
Filesize5KB
MD5726dd66d38d424df544e36ee3705ca78
SHA12f124939c9ccbc4a6ae6ff08749c6ab8bf0ffb2e
SHA2566e2a0922985d885d8ba00dfb2b77d43d52045a7cb2991b7c668450fec39ccc63
SHA512dc32f615a88a246bdc2c093c044e2cb09024f35df74fd975becd892eab3be9ca87f789aaaf9ebd860667ae74f7866de457c3639e4b1cda7cb87b5daa80d8f8a7
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
Filesize48B
MD561b4317e8598b44504a46c12ff57bb99
SHA1adb5069406ac062eb2398f6e737879e01cefc648
SHA256da165a9ee73d92d69b6ae5832b6ffcdd9357a92b4636ccf4752ad1820e24aaeb
SHA512344677bc2fb9b2bb038431e54d217a47db04c0f3f9058905004143b3254a2e0e3837fba0648e5030ecd92b891c50a1091dce3f50a1d6bb44ef6b1a4c584ed74f
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
Filesize168B
MD554d4337062c7421fd1af9e490f4655fb
SHA197b8d68a0c868ae7f50b770333fe222534e668f4
SHA256a4f8e09db8d1344e007740bc7d5dfdff475d984d06b9c5beadf3a8a2a0407ced
SHA51278da7315bf9956861360e98ed33c8f66e8d4bac1aa2356f75d1523fd9426fd5b08d5153402e378777d6d86e1a078e4a86b8fab9d15ade034f09e6caaf6cf54c4
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
Filesize408B
MD57fc80a25f5531836fa033aa7b4050bea
SHA171a876ac9e2d6eb195d689307f34a91b4c441e42
SHA2564bee466f88b2b5a2c46ba351d5209a9f13a2a93ef3bfb6a69ac25dd0187b1584
SHA512b9b4c798235041454b55197413ae893e80809857e79fd93648e093a4ccd643602faaea646f2cb6512c59a5a344855eb8839a888d27f22331508389776db8fea7
-
Filesize
70KB
MD5e5e3377341056643b0494b6842c0b544
SHA1d53fd8e256ec9d5cef8ef5387872e544a2df9108
SHA256e23040951e464b53b84b11c3466bbd4707a009018819f9ad2a79d1b0b309bc25
SHA51283f09e48d009a5cf83fa9aa8f28187f7f4202c84e2d0d6e5806c468f4a24b2478b73077381d2a21c89aa64884df3c56e8dc94eb4ad2d6a8085ac2feb1e26c2ef
-
Filesize
41B
MD55af87dfd673ba2115e2fcf5cfdb727ab
SHA1d5b5bbf396dc291274584ef71f444f420b6056f1
SHA256f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4
SHA512de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b
-
Filesize
504B
MD50e0586c707e62f9d951daa6787fdea23
SHA1d16d2c5cac04ffd3ee950044b0a6c6b1a4fd3f5e
SHA256c10f9a1ee79ebe7c0cf212a51f2ecb9a0426d563e0b4aa9b7658c97d95de6444
SHA512772eccbbc10235cce830377b4d2c4779dfff447bd6df8e4010839bb3d95cc0ace4190d170cd8e26481f6dc04f5fc9dfc7ca4d546651199343bb505df65371b0a
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State~RFe58722d.TMP
Filesize59B
MD52800881c775077e1c4b6e06bf4676de4
SHA12873631068c8b3b9495638c865915be822442c8b
SHA256226eec4486509917aa336afebd6ff65777b75b65f1fb06891d2a857a9421a974
SHA512e342407ab65cc68f1b3fd706cd0a37680a0864ffd30a6539730180ede2cdcd732cc97ae0b9ef7db12da5c0f83e429df0840dbf7596aca859a0301665e517377b
-
Filesize
5KB
MD52d73c694ed027d874bdb0ee2a5e7a4e2
SHA17bb41a2dc5dfb29f4f1a2f03c4407f77d8a43af9
SHA25638612dba27c998b40fea29d722fa2734efb301c8ad3f286cf9fdcad01142c8f3
SHA512f39ebed326dc2ea871f5074ff702c3ef597d4f536b814e50fc300e592cfa49a4a85d31e277b45592365a04eb47d79c6e89e859a4552b1cdb31fe276f25376c42
-
Filesize
6KB
MD564e1a14db5db15d8fd877cbb426350cf
SHA169e7600a386d260054214536b052d21ca57b0e60
SHA25671915211f0d3e562bed8764ff5e84749c68da7da6e5f016c1af5130f5499147c
SHA51272f639b6d98f878aadd62b1b7d14ed1fb27f841f70b130dc697c69174baaa5c6cd9b268b86e959ebbf3073072df2d654b7e536c17d6dfa7dc4305ae961598568
-
Filesize
6KB
MD528158bf68e99450249d171386b9bb0e4
SHA105d06efe43abe7e5f7f07cb295a5c18907ea2241
SHA25603892f14b227dfc98526af021b3c0332145ffca730fd74733a9305636264d2df
SHA5121d4ce87c29278f74a620ea6510ba4f2ecd1089f591f1874679b4e233d5d391c54acde1a504176cde9726c4a3d533cb783f247d34bc8a2217d8723a0d7ed7b98f
-
Filesize
24KB
MD540054cb73dd68fcf513186a36e7b28b1
SHA1782f64c46affe72bd6b334c69aae88aa32216b2d
SHA256136f61f0d620207ec049ca6889378a9e89d998a6ef15fbd2a8095482d8d88118
SHA5128689097b5b94b64af0be6b51f176041b25f5464bae229b7344df07a29893d5f13498c3f88f6448b956baa7accb460e31f5ffec6eda35f31b0587b5b0a1e63c76
-
Filesize
24KB
MD5729df10a7e0b722edf6673d36f2040a3
SHA1d082d92cb6eb8c0d79c9ea7e67e8b4828c5ea02b
SHA256e2c498352af617d6d1106ea4d53c59fadc993a1f432068307250cdd0be68f7c0
SHA5121619048945ed9b48ab2568dc546adf5173f2c60d03ee74f4616c3ffafe7182052b760feea19ce288799448c0f613b5e5592e5c547417fd7705997663439e3270
-
Filesize
16B
MD5206702161f94c5cd39fadd03f4014d98
SHA1bd8bfc144fb5326d21bd1531523d9fb50e1b600a
SHA2561005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167
SHA5120af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145
-
Filesize
16B
MD546295cac801e5d4857d09837238a6394
SHA144e0fa1b517dbf802b18faf0785eeea6ac51594b
SHA2560f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443
SHA5128969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23
-
Filesize
8KB
MD55046c818f5ed2aed59875202d6c92b19
SHA1126b7658044d0f92b6756d9e7609b9e7a94b8c26
SHA256a1c9ae8401f243058527c4127393fb98a1b2e47d62f00d1880ac3796342e7e9f
SHA5120fcd588f513c9cc21c505979a1c9187a55c1f401ad7c1fe161475e4a8ef253c9d94c5b9ea23a3291f73dc84db012353045eb40e25ddc079b288a10eddcee7695
-
Filesize
10KB
MD5627a9bd3b1ce24979bbe3f210b2d1ffc
SHA1e5e63d99d209a9e762b3e39c513b4ed3ea0bfe32
SHA25677f68aecf763a9e96de47636c8df77fcee833128b024b3d070fed82583ad88b9
SHA51218c8909e4b28109b7d71b40f85ddce0844a080650fd68292ab16f9d0ff22a851a3ceb1655147f4fa7f57221877dc4e320c7a81e5e9553b8d4499afbf005e5362
-
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms
Filesize3KB
MD5385454714977de2e3fb88d14d37995a7
SHA10d648bfdacdc21982a81cbe684d52365e114510c
SHA256b89384058d840b59464d6bb9da62150e9aa1315c2b2953a74b58882e67bb7f25
SHA512bd362c0a2ebee183b11996e5c3a70c9063ea0cda07f5a99773b7e7f4d60a9d658c88eb1bc3a1bcfd995a23ddb50349e0646b0784989faed89721dbe1f85f5095
-
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms
Filesize3KB
MD5be1ed43eaba3dc364339645f066e72df
SHA18270356ec13ee3b8fbf83ca20fa073f42491f00f
SHA256add5ba3573823b4bad92e0b6a307490ba2fa47075b8a319e3931adad1a17786c
SHA51286ff951b5f4a262f49c6c9eb6090a2c8453968809e7142ed67d1ed9ae59a93a39fbd3b3205dd4248bbb0dbbeb71c1bc40147b879edc17d0c546f72ec8990c42e