chimera | hxxp://google[.]com

Analysis

max time kernel
266s
max time network
268s
platform
windows10-2004_x64
resource
win10v2004-20241007-en
resource tags

arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
submitted
04/01/2025, 04:59 UTC

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

http://google.com

Score

10^/10

chimera discovery ransomware spyware stealer

Malware Config

Signatures

Chimera 64 IoCs

Ransomware which infects local and network files, often distributed via Dropbox links.

ransomware chimera

description	ioc	Process
File created	C:\Program Files\Microsoft Office\root\Licenses16\YOUR_FILES_ARE_ENCRYPTED.HTML	HawkEye.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\my-recent-files\js\nls\fr-ma\YOUR_FILES_ARE_ENCRYPTED.HTML	HawkEye.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\generic-rhp-app\js\nls\root\YOUR_FILES_ARE_ENCRYPTED.HTML	HawkEye.exe
File created	C:\Program Files\Microsoft Office\root\Office16\ADDINS\EduWorks Data Streamer Add-In\YOUR_FILES_ARE_ENCRYPTED.HTML	HawkEye.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\digsig\js\nls\ro-ro\YOUR_FILES_ARE_ENCRYPTED.HTML	HawkEye.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\search-summary\js\nls\sl-si\YOUR_FILES_ARE_ENCRYPTED.HTML	HawkEye.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\sign-services-auth\js\nls\zh-cn\YOUR_FILES_ARE_ENCRYPTED.HTML	HawkEye.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\add-account\images\YOUR_FILES_ARE_ENCRYPTED.HTML	HawkEye.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\add-account\js\nls\fi-fi\YOUR_FILES_ARE_ENCRYPTED.HTML	HawkEye.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\task-handler\js\nls\pt-br\YOUR_FILES_ARE_ENCRYPTED.HTML	HawkEye.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\ob-preview\js\nls\sv-se\YOUR_FILES_ARE_ENCRYPTED.HTML	HawkEye.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\sign-services-auth\js\nls\hr-hr\YOUR_FILES_ARE_ENCRYPTED.HTML	HawkEye.exe
File created	C:\Program Files\Microsoft Office\root\Templates\Presentation Designs\YOUR_FILES_ARE_ENCRYPTED.HTML	HawkEye.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\sample-files\js\YOUR_FILES_ARE_ENCRYPTED.HTML	HawkEye.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\exportpdfupsell-app\js\YOUR_FILES_ARE_ENCRYPTED.HTML	HawkEye.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\my-computer\js\nls\ca-es\YOUR_FILES_ARE_ENCRYPTED.HTML	HawkEye.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\app-center\js\nls\pt-br\YOUR_FILES_ARE_ENCRYPTED.HTML	HawkEye.exe
File created	C:\Program Files\Java\jdk-1.8\YOUR_FILES_ARE_ENCRYPTED.HTML	HawkEye.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\activity-badge\js\nls\zh-cn\YOUR_FILES_ARE_ENCRYPTED.HTML	HawkEye.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\editpdf\js\nls\da-dk\YOUR_FILES_ARE_ENCRYPTED.HTML	HawkEye.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\sign-services-auth\js\nls\sl-si\YOUR_FILES_ARE_ENCRYPTED.HTML	HawkEye.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\desktop-connector-files\js\nls\en-gb\YOUR_FILES_ARE_ENCRYPTED.HTML	HawkEye.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\core\dev\nls\zh-cn\YOUR_FILES_ARE_ENCRYPTED.HTML	HawkEye.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\editpdf\js\nls\sl-si\YOUR_FILES_ARE_ENCRYPTED.HTML	HawkEye.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\createpdfupsell-app\js\nls\nb-no\YOUR_FILES_ARE_ENCRYPTED.HTML	HawkEye.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\tracked-send\js\plugins\tracked-send\js\home-view\YOUR_FILES_ARE_ENCRYPTED.HTML	HawkEye.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\sign-services-auth\js\nls\nl-nl\YOUR_FILES_ARE_ENCRYPTED.HTML	HawkEye.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\reviews\js\nls\it-it\YOUR_FILES_ARE_ENCRYPTED.HTML	HawkEye.exe
File created	C:\Program Files\VideoLAN\VLC\lua\http\css\ui-lightness\images\YOUR_FILES_ARE_ENCRYPTED.HTML	HawkEye.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\tracked-send\js\plugins\tracked-send\js\nls\fr-fr\YOUR_FILES_ARE_ENCRYPTED.HTML	HawkEye.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\digsig\js\nls\en-il\YOUR_FILES_ARE_ENCRYPTED.HTML	HawkEye.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\exportpdfupsell-app\images\YOUR_FILES_ARE_ENCRYPTED.HTML	HawkEye.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\my-computer\js\nls\pl-pl\YOUR_FILES_ARE_ENCRYPTED.HTML	HawkEye.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\walk-through\js\nls\nl-nl\YOUR_FILES_ARE_ENCRYPTED.HTML	HawkEye.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\scan-files\js\nls\fi-fi\YOUR_FILES_ARE_ENCRYPTED.HTML	HawkEye.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\tracked-send\js\plugins\tracked-send\js\nls\ro-ro\YOUR_FILES_ARE_ENCRYPTED.HTML	HawkEye.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\add-account\js\nls\de-de\YOUR_FILES_ARE_ENCRYPTED.HTML	HawkEye.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\uss-search\js\nls\cs-cz\YOUR_FILES_ARE_ENCRYPTED.HTML	HawkEye.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\add-account\js\nls\zh-tw\YOUR_FILES_ARE_ENCRYPTED.HTML	HawkEye.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\reviews\js\nls\en-il\YOUR_FILES_ARE_ENCRYPTED.HTML	HawkEye.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\send-for-sign\js\nls\nb-no\YOUR_FILES_ARE_ENCRYPTED.HTML	HawkEye.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\add-account\images\themes\dark\YOUR_FILES_ARE_ENCRYPTED.HTML	HawkEye.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\unified-share\js\nls\it-it\YOUR_FILES_ARE_ENCRYPTED.HTML	HawkEye.exe
File created	C:\Program Files\Java\jre-1.8\lib\security\policy\limited\YOUR_FILES_ARE_ENCRYPTED.HTML	HawkEye.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\my-computer\js\nls\en-gb\YOUR_FILES_ARE_ENCRYPTED.HTML	HawkEye.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\sign-services-auth\js\nls\cs-cz\YOUR_FILES_ARE_ENCRYPTED.HTML	HawkEye.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\uss-search\js\nls\nb-no\YOUR_FILES_ARE_ENCRYPTED.HTML	HawkEye.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\my-recent-files\js\nls\ro-ro\YOUR_FILES_ARE_ENCRYPTED.HTML	HawkEye.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\send-for-sign\js\nls\he-il\YOUR_FILES_ARE_ENCRYPTED.HTML	HawkEye.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\my-files\js\nls\da-dk\YOUR_FILES_ARE_ENCRYPTED.HTML	HawkEye.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\my-files\js\nls\it-it\YOUR_FILES_ARE_ENCRYPTED.HTML	HawkEye.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\on-boarding\js\nls\sv-se\YOUR_FILES_ARE_ENCRYPTED.HTML	HawkEye.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\tracked-send\js\plugins\tracked-send\js\nls\es-es\YOUR_FILES_ARE_ENCRYPTED.HTML	HawkEye.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\unified-share\js\nls\da-dk\YOUR_FILES_ARE_ENCRYPTED.HTML	HawkEye.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\digsig\images\YOUR_FILES_ARE_ENCRYPTED.HTML	HawkEye.exe
File created	C:\Program Files\Microsoft Office\root\Office16\1033\DataServices\YOUR_FILES_ARE_ENCRYPTED.HTML	HawkEye.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app\dev\nls\sk-sk\YOUR_FILES_ARE_ENCRYPTED.HTML	HawkEye.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\my-computer-select\js\nls\ru-ru\YOUR_FILES_ARE_ENCRYPTED.HTML	HawkEye.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\activity-badge\js\nls\ja-jp\YOUR_FILES_ARE_ENCRYPTED.HTML	HawkEye.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\signatures\js\nls\ca-es\YOUR_FILES_ARE_ENCRYPTED.HTML	HawkEye.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\unified-share\js\nls\sv-se\YOUR_FILES_ARE_ENCRYPTED.HTML	HawkEye.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\images\themes\dark\YOUR_FILES_ARE_ENCRYPTED.HTML	HawkEye.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\scan-files\js\nls\hr-hr\YOUR_FILES_ARE_ENCRYPTED.HTML	HawkEye.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\generic-rhp-app\js\nls\YOUR_FILES_ARE_ENCRYPTED.HTML	HawkEye.exe

Chimera Ransomware Loader DLL 1 IoCs

Drops/unpacks executable file which resembles Chimera's Loader.dll.

ransomware

resource	yara_rule
behavioral1/memory/3904-618-0x0000000010000000-0x0000000010010000-memory.dmp	chimera_loader_dll

Chimera family
chimera
Renames multiple (3259) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
ransomware
Downloads MZ/PE file

Executes dropped EXE 7 IoCs

pid	Process
3904	HawkEye.exe
1876	HawkEye.exe
1872	HawkEye.exe
4184	HawkEye.exe
3520	HawkEye.exe
2784	HawkEye.exe
4532	HawkEye.exe

Reads user/profile data of web browsers 3 TTPs
Infostealers often target stored browser data, which can include saved credentials etc.
spyware stealer

Data from Local System
T1005

Credentials In Files
T1552.001

Credentials from Web Browsers
T1555.003

Drops desktop.ini file(s) 27 IoCs

description	ioc	Process
File opened for modification	C:\Program Files (x86)\desktop.ini	HawkEye.exe
File opened for modification	C:\Users\Admin\Saved Games\desktop.ini	HawkEye.exe
File opened for modification	C:\Users\Public\AccountPictures\desktop.ini	HawkEye.exe
File opened for modification	C:\Users\Public\Music\desktop.ini	HawkEye.exe
File opened for modification	C:\Users\Admin\Pictures\Camera Roll\desktop.ini	HawkEye.exe
File opened for modification	C:\Users\Admin\3D Objects\desktop.ini	HawkEye.exe
File opened for modification	C:\Users\Admin\Contacts\desktop.ini	HawkEye.exe
File opened for modification	C:\Users\Public\Desktop\desktop.ini	HawkEye.exe
File opened for modification	C:\Users\Admin\Favorites\Links\desktop.ini	HawkEye.exe
File opened for modification	C:\Users\Admin\Searches\desktop.ini	HawkEye.exe
File opened for modification	C:\Users\Public\Libraries\desktop.ini	HawkEye.exe
File opened for modification	C:\Users\Admin\Videos\desktop.ini	HawkEye.exe
File opened for modification	C:\Users\Admin\Documents\desktop.ini	HawkEye.exe
File opened for modification	C:\Users\Admin\Links\desktop.ini	HawkEye.exe
File opened for modification	C:\Users\Admin\Music\desktop.ini	HawkEye.exe
File opened for modification	C:\Users\Admin\OneDrive\desktop.ini	HawkEye.exe
File opened for modification	C:\Users\Public\Pictures\desktop.ini	HawkEye.exe
File opened for modification	C:\Users\Public\Videos\desktop.ini	HawkEye.exe
File opened for modification	C:\Users\Public\Documents\desktop.ini	HawkEye.exe
File opened for modification	C:\Users\Public\Downloads\desktop.ini	HawkEye.exe
File opened for modification	C:\Users\Admin\Pictures\desktop.ini	HawkEye.exe
File opened for modification	C:\Users\Public\desktop.ini	HawkEye.exe
File opened for modification	C:\Program Files\desktop.ini	HawkEye.exe
File opened for modification	C:\Users\Admin\Desktop\desktop.ini	HawkEye.exe
File opened for modification	C:\Users\Admin\Downloads\desktop.ini	HawkEye.exe
File opened for modification	C:\Users\Admin\Favorites\desktop.ini	HawkEye.exe
File opened for modification	C:\Users\Admin\Pictures\Saved Pictures\desktop.ini	HawkEye.exe

Legitimate hosting services abused for malware hosting/C2 1 TTPs 2 IoCs

Web Service

T1102

flow	ioc
123	raw.githubusercontent.com
122	raw.githubusercontent.com

Looks up external IP address via web service 1 IoCs

Uses a legitimate IP lookup service to find the infected system's external IP.

flow	ioc
125	bot.whatismyipaddress.com

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File opened for modification	C:\Program Files\WindowsApps\Microsoft.Office.OneNote_16001.12026.20112.0_x64__8wekyb3d8bbwe\images\OneNoteSectionWideTile.scale-400.png	HawkEye.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19071.19011.0_neutral_split.scale-100_8wekyb3d8bbwe\Assets\MoviesAnywhereLogoWithTextDark.scale-100.png	HawkEye.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\sample-files\assets\Sample Files\Adobe Sign White Paper.pdf	HawkEye.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\my-files\js\nls\pt-br\ui-strings.js	HawkEye.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.BingWeather_4.25.20211.0_x64__8wekyb3d8bbwe\Assets\AppTiles\WeatherIcons\30x30\182.png	HawkEye.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.4.8204.0_neutral_split.scale-125_8wekyb3d8bbwe\Win10\MicrosoftSolitaireAppList.scale-125.png	HawkEye.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.ScreenSketch_10.1907.2471.0_x64__8wekyb3d8bbwe\Assets\ScreenSketchSquare44x44Logo.targetsize-48_altform-unplated_devicefamily-colorfulunplated.png	HawkEye.exe
File opened for modification	C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\images\contrast-white\LinkedInboxMediumTile.scale-100.png	HawkEye.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\signatures\images\nub.png	HawkEye.exe
File opened for modification	C:\Program Files\Microsoft Office\root\Document Themes 16\Theme Colors\Green Yellow.xml	HawkEye.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\combinepdf\js\nls\ui-strings.js	HawkEye.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\send-for-sign\images\themes\dark\faf_icons.png	HawkEye.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\tracked-send\images\themes\dark\adc_logo.png	HawkEye.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\reviews\js\nls\pl-pl\ui-strings.js	HawkEye.exe
File opened for modification	C:\Program Files\Microsoft Office\root\Office16\sdxs\FA000000027\assets\Icons\Edit@3x.png	HawkEye.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.Office.OneNote_16001.12026.20112.0_x64__8wekyb3d8bbwe\images\contrast-black\OneNoteNewNoteMedTile.scale-125.png	HawkEye.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.XboxApp_48.49.31001.0_x64__8wekyb3d8bbwe\Assets\GamesXboxHubAppList.targetsize-256_altform-unplated_contrast-white.png	HawkEye.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\exportpdfupsell-app\images\rhp_world_icon.png	HawkEye.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.53.77.0_x64__kzf8qxf38zg5c\Assets\Audio\Skype_File_Transfer_Failed.m4a	HawkEye.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\exportpdfupsell-app\js\nls\zh-tw\YOUR_FILES_ARE_ENCRYPTED.HTML	HawkEye.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\generic-rhp-app\js\plugin.js	HawkEye.exe
File opened for modification	C:\Program Files\Microsoft Office\root\Office16\sdxs\FA000000027\assets\Icons\CancelFluent@3x.png	HawkEye.exe
File opened for modification	C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.DesktopAppInstaller_1.0.30251.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\AppPackageStoreLogo.scale-125.png	HawkEye.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.HEIFImageExtension_1.0.22742.0_x64__8wekyb3d8bbwe\Assets\contrast-black\SplashScreen.scale-100_contrast-black.png	HawkEye.exe
File opened for modification	C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\images\contrast-black\Dismiss.scale-64.png	HawkEye.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.WindowsFeedbackHub_1.1907.3152.0_x64__8wekyb3d8bbwe\Assets\InsiderHubAppList.targetsize-24_contrast-black.png	HawkEye.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\core\dev\nls\zh-cn\ui-strings.js	HawkEye.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\my-computer\js\nls\en-gb\ui-strings.js	HawkEye.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\uss-search\js\nls\nl-nl\YOUR_FILES_ARE_ENCRYPTED.HTML	HawkEye.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.WindowsMaps_5.1906.1972.0_x64__8wekyb3d8bbwe\Assets\Images\LayersControl\Road.png	HawkEye.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.XboxApp_48.49.31001.0_x64__8wekyb3d8bbwe\Assets\GamesXboxHubAppList.targetsize-32_altform-unplated.png	HawkEye.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.WindowsStore_11910.1002.5.0_x64__8wekyb3d8bbwe\Resources\RetailDemo\data\en-us\1.jpg	HawkEye.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\desktop-connector-files\js\nls\pt-br\YOUR_FILES_ARE_ENCRYPTED.HTML	HawkEye.exe
File opened for modification	C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsCalculator_10.1906.55.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\CalculatorAppList.contrast-white_scale-125.png	HawkEye.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_1.1911.21713.0_x64__8wekyb3d8bbwe\Assets\Store\StoreLogo.scale-125.png	HawkEye.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.Microsoft3DViewer_6.1908.2042.0_x64__8wekyb3d8bbwe\Assets\Square44x44Logo.targetsize-80.png	HawkEye.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.Office.OneNote_16001.12026.20112.0_x64__8wekyb3d8bbwe\images\OneNoteSectionMedTile.scale-150.png	HawkEye.exe
File opened for modification	C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsCamera_2018.826.98.0_neutral_split.scale-200_8wekyb3d8bbwe\Assets\WindowsIcons\WindowsCameraSmallTile.scale-200.png	HawkEye.exe
File opened for modification	C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\images\contrast-white\HxMailWideTile.scale-150.png	HawkEye.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.WindowsMaps_5.1906.1972.0_x64__8wekyb3d8bbwe\Assets\SecondaryTiles\Transit\contrast-white\WideTile.scale-200.png	HawkEye.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.WindowsMaps_5.1906.1972.0_x64__8wekyb3d8bbwe\Assets\SecondaryTiles\Directions\Home\RTL\contrast-black\MedTile.scale-200.png	HawkEye.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\app-center\js\nls\nl-nl\ui-strings.js	HawkEye.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\combinepdf\js\YOUR_FILES_ARE_ENCRYPTED.HTML	HawkEye.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\send-for-sign\js\nls\hu-hu\ui-strings.js	HawkEye.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\send-for-sign\js\nls\uk-ua\ui-strings.js	HawkEye.exe
File opened for modification	C:\Program Files\Windows Media Player\Media Renderer\DMR_120.png	HawkEye.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.HEIFImageExtension_1.0.22742.0_x64__8wekyb3d8bbwe\Assets\contrast-white\AppList.targetsize-60_altform-unplated_contrast-white.png	HawkEye.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.WebMediaExtensions_1.0.20875.0_x64__8wekyb3d8bbwe\Assets\AppList.targetsize-16_altform-unplated.png	HawkEye.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19071.12548.0_x64__8wekyb3d8bbwe\AppCS\Assets\FaceReco_Illustration_Cancel_SM.png	HawkEye.exe
File opened for modification	C:\Program Files\AssertSplit.xlsx	HawkEye.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.BingWeather_4.25.20211.0_x64__8wekyb3d8bbwe\Assets\AppTiles\WeatherImages\210x173\30.jpg	HawkEye.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\tracked-send\js\plugins\tracked-send\js\tool\plugin.js	HawkEye.exe
File opened for modification	C:\Program Files\Microsoft Office\root\Office16\sdxs\FA000000027\assets\Icons\HintBarEllipses.16.White@2x.png	HawkEye.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.BingWeather_4.25.20211.0_x64__8wekyb3d8bbwe\Assets\AppTiles\Spacer\8px.png	HawkEye.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.30251.0_x64__8wekyb3d8bbwe\Assets\contrast-black\AppPackageAppList.targetsize-80_altform-unplated_contrast-black.png	HawkEye.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.WebMediaExtensions_1.0.20875.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\contrast-black\WideTile.scale-125_contrast-black.png	HawkEye.exe
File opened for modification	C:\Program Files\Microsoft Office\root\Office16\LivePersonaCard\images\default\linkedin_ghost_profile.png	HawkEye.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.VP9VideoExtensions_1.0.22681.0_x64__8wekyb3d8bbwe\Assets\contrast-black\AppList.targetsize-30_altform-unplated_contrast-black.png	HawkEye.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\images\themes\dark\organize.svg	HawkEye.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.HEIFImageExtension_1.0.22742.0_x64__8wekyb3d8bbwe\Assets\AppList.targetsize-80_altform-unplated.png	HawkEye.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.ScreenSketch_10.1907.2471.0_neutral_split.scale-100_8wekyb3d8bbwe\Assets\ScreenSketchSplashScreen.scale-100_contrast-white.png	HawkEye.exe
File opened for modification	C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\images\contrast-white\OutlookMailWideTile.scale-100.png	HawkEye.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.WindowsMaps_5.1906.1972.0_neutral_split.scale-100_8wekyb3d8bbwe\Assets\SecondaryTiles\Work\contrast-white\LargeTile.scale-100.png	HawkEye.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\images\win8-scrollbar\arrow-up.gif	HawkEye.exe

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

System Location Discovery: System Language Discovery 1 TTPs 8 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	IEXPLORE.EXE
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	HawkEye.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	HawkEye.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	HawkEye.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	HawkEye.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	HawkEye.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	HawkEye.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	HawkEye.exe

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Modifies Internet Explorer settings 1 TTPs 23 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Set value (int)	\REGISTRY\USER\S-1-5-21-2878641211-696417878-3864914810-1000\SOFTWARE\Microsoft\Internet Explorer\VersionManager\LastCheckForUpdateHighDateTime = "31153766"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2878641211-696417878-3864914810-1000\SOFTWARE\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2878641211-696417878-3864914810-1000\SOFTWARE\Microsoft\Internet Explorer\Recovery\AdminActive\{334CC0F0-CA59-11EF-B319-FA9F886F8D04} = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2878641211-696417878-3864914810-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	IEXPLORE.EXE
Set value (str)	\REGISTRY\USER\S-1-5-21-2878641211-696417878-3864914810-1000\SOFTWARE\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-2878641211-696417878-3864914810-1000\SOFTWARE\Microsoft\Internet Explorer\IESettingSync\SlowSettingTypesChanged = "2"	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-2878641211-696417878-3864914810-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2878641211-696417878-3864914810-1000\SOFTWARE\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2878641211-696417878-3864914810-1000\SOFTWARE\Microsoft\Internet Explorer\GPU\AdapterInfo = "vendorId=\"0x10de\",deviceID=\"0x8c\",subSysID=\"0x0\",revision=\"0x0\",version=\"10.0.19041.546\"hypervisor=\"No Hypervisor (No SLAT)\""	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-2878641211-696417878-3864914810-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2878641211-696417878-3864914810-1000\Software\Microsoft\Internet Explorer\IESettingSync	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-2878641211-696417878-3864914810-1000\SOFTWARE\Microsoft\Internet Explorer\VersionManager\LastUpdateHighDateTime = "31153766"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2878641211-696417878-3864914810-1000\SOFTWARE\Microsoft\Internet Explorer\VersionManager\LastTTLHighDateTime = "50"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2878641211-696417878-3864914810-1000\Software\Microsoft\Internet Explorer\Main	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2878641211-696417878-3864914810-1000\Software\Microsoft\Internet Explorer\Main	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-2878641211-696417878-3864914810-1000\Software\Microsoft\Internet Explorer\GPU	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-2878641211-696417878-3864914810-1000\SOFTWARE\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2878641211-696417878-3864914810-1000\SOFTWARE\Microsoft\Internet Explorer\VersionManager\LastTTLLowDateTime = "1251635200"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2878641211-696417878-3864914810-1000\SOFTWARE\Microsoft\Internet Explorer\VersionManager\LastCheckForUpdateLowDateTime = "129376086"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2878641211-696417878-3864914810-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2878641211-696417878-3864914810-1000\SOFTWARE\Microsoft\Internet Explorer\Main\FullScreen = "no"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2878641211-696417878-3864914810-1000\Software\Microsoft\Internet Explorer\VersionManager	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2878641211-696417878-3864914810-1000\SOFTWARE\Microsoft\Internet Explorer\VersionManager\LastUpdateLowDateTime = "129376086"	iexplore.exe

NTFS ADS 1 IoCs

description	ioc	Process
File opened for modification	C:\Users\Admin\Downloads\Unconfirmed 548962.crdownload:SmartScreen	msedge.exe

Suspicious behavior: EnumeratesProcesses 12 IoCs

pid	Process
2020	msedge.exe
2020	msedge.exe
3960	msedge.exe
3960	msedge.exe
3620	identity_helper.exe
3620	identity_helper.exe
2108	msedge.exe
2108	msedge.exe
2108	msedge.exe
2108	msedge.exe
4588	msedge.exe
4588	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 17 IoCs

pid	Process
3960	msedge.exe
3960	msedge.exe
3960	msedge.exe
3960	msedge.exe
3960	msedge.exe
3960	msedge.exe
3960	msedge.exe
3960	msedge.exe
3960	msedge.exe
3960	msedge.exe
3960	msedge.exe
3960	msedge.exe
3960	msedge.exe
3960	msedge.exe
3960	msedge.exe
3960	msedge.exe
3960	msedge.exe

Suspicious use of AdjustPrivilegeToken 7 IoCs

description	pid	Process
Token: SeDebugPrivilege	3904	HawkEye.exe
Token: SeDebugPrivilege	1876	HawkEye.exe
Token: SeDebugPrivilege	1872	HawkEye.exe
Token: SeDebugPrivilege	4184	HawkEye.exe
Token: SeDebugPrivilege	3520	HawkEye.exe
Token: SeDebugPrivilege	2784	HawkEye.exe
Token: SeDebugPrivilege	4532	HawkEye.exe

Suspicious use of FindShellTrayWindow 38 IoCs

pid	Process
3960	msedge.exe
3960	msedge.exe
3960	msedge.exe
3960	msedge.exe
3960	msedge.exe
3960	msedge.exe
3960	msedge.exe
3960	msedge.exe
3960	msedge.exe
3960	msedge.exe
3960	msedge.exe
3960	msedge.exe
3960	msedge.exe
3960	msedge.exe
3960	msedge.exe
3960	msedge.exe
3960	msedge.exe
3960	msedge.exe
3960	msedge.exe
3960	msedge.exe
3960	msedge.exe
3960	msedge.exe
3960	msedge.exe
3960	msedge.exe
3960	msedge.exe
3960	msedge.exe
3960	msedge.exe
3960	msedge.exe
3960	msedge.exe
3960	msedge.exe
3960	msedge.exe
3960	msedge.exe
3960	msedge.exe
3960	msedge.exe
3960	msedge.exe
3960	msedge.exe
3960	msedge.exe
1872	iexplore.exe

Suspicious use of SendNotifyMessage 26 IoCs

pid	Process
3960	msedge.exe
3960	msedge.exe
3960	msedge.exe
3960	msedge.exe
3960	msedge.exe
3960	msedge.exe
3960	msedge.exe
3960	msedge.exe
3960	msedge.exe
3960	msedge.exe
3960	msedge.exe
3960	msedge.exe
3960	msedge.exe
3960	msedge.exe
3960	msedge.exe
3960	msedge.exe
3960	msedge.exe
3960	msedge.exe
3960	msedge.exe
3960	msedge.exe
3960	msedge.exe
3960	msedge.exe
3960	msedge.exe
3960	msedge.exe
3960	msedge.exe
3960	msedge.exe

Suspicious use of SetWindowsHookEx 4 IoCs

pid	Process
1872	iexplore.exe
1872	iexplore.exe
3800	IEXPLORE.EXE
3800	IEXPLORE.EXE

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 3960 wrote to memory of 4620	3960	msedge.exe	83
PID 3960 wrote to memory of 4620	3960	msedge.exe	83
PID 3960 wrote to memory of 536	3960	msedge.exe	84
PID 3960 wrote to memory of 536	3960	msedge.exe	84
PID 3960 wrote to memory of 536	3960	msedge.exe	84
PID 3960 wrote to memory of 536	3960	msedge.exe	84
PID 3960 wrote to memory of 536	3960	msedge.exe	84
PID 3960 wrote to memory of 536	3960	msedge.exe	84
PID 3960 wrote to memory of 536	3960	msedge.exe	84
PID 3960 wrote to memory of 536	3960	msedge.exe	84
PID 3960 wrote to memory of 536	3960	msedge.exe	84
PID 3960 wrote to memory of 536	3960	msedge.exe	84
PID 3960 wrote to memory of 536	3960	msedge.exe	84
PID 3960 wrote to memory of 536	3960	msedge.exe	84
PID 3960 wrote to memory of 536	3960	msedge.exe	84
PID 3960 wrote to memory of 536	3960	msedge.exe	84
PID 3960 wrote to memory of 536	3960	msedge.exe	84
PID 3960 wrote to memory of 536	3960	msedge.exe	84
PID 3960 wrote to memory of 536	3960	msedge.exe	84
PID 3960 wrote to memory of 536	3960	msedge.exe	84
PID 3960 wrote to memory of 536	3960	msedge.exe	84
PID 3960 wrote to memory of 536	3960	msedge.exe	84
PID 3960 wrote to memory of 536	3960	msedge.exe	84
PID 3960 wrote to memory of 536	3960	msedge.exe	84
PID 3960 wrote to memory of 536	3960	msedge.exe	84
PID 3960 wrote to memory of 536	3960	msedge.exe	84
PID 3960 wrote to memory of 536	3960	msedge.exe	84
PID 3960 wrote to memory of 536	3960	msedge.exe	84
PID 3960 wrote to memory of 536	3960	msedge.exe	84
PID 3960 wrote to memory of 536	3960	msedge.exe	84
PID 3960 wrote to memory of 536	3960	msedge.exe	84
PID 3960 wrote to memory of 536	3960	msedge.exe	84
PID 3960 wrote to memory of 536	3960	msedge.exe	84
PID 3960 wrote to memory of 536	3960	msedge.exe	84
PID 3960 wrote to memory of 536	3960	msedge.exe	84
PID 3960 wrote to memory of 536	3960	msedge.exe	84
PID 3960 wrote to memory of 536	3960	msedge.exe	84
PID 3960 wrote to memory of 536	3960	msedge.exe	84
PID 3960 wrote to memory of 536	3960	msedge.exe	84
PID 3960 wrote to memory of 536	3960	msedge.exe	84
PID 3960 wrote to memory of 536	3960	msedge.exe	84
PID 3960 wrote to memory of 536	3960	msedge.exe	84
PID 3960 wrote to memory of 2020	3960	msedge.exe	85
PID 3960 wrote to memory of 2020	3960	msedge.exe	85
PID 3960 wrote to memory of 2080	3960	msedge.exe	86
PID 3960 wrote to memory of 2080	3960	msedge.exe	86
PID 3960 wrote to memory of 2080	3960	msedge.exe	86
PID 3960 wrote to memory of 2080	3960	msedge.exe	86
PID 3960 wrote to memory of 2080	3960	msedge.exe	86
PID 3960 wrote to memory of 2080	3960	msedge.exe	86
PID 3960 wrote to memory of 2080	3960	msedge.exe	86
PID 3960 wrote to memory of 2080	3960	msedge.exe	86
PID 3960 wrote to memory of 2080	3960	msedge.exe	86
PID 3960 wrote to memory of 2080	3960	msedge.exe	86
PID 3960 wrote to memory of 2080	3960	msedge.exe	86
PID 3960 wrote to memory of 2080	3960	msedge.exe	86
PID 3960 wrote to memory of 2080	3960	msedge.exe	86
PID 3960 wrote to memory of 2080	3960	msedge.exe	86
PID 3960 wrote to memory of 2080	3960	msedge.exe	86
PID 3960 wrote to memory of 2080	3960	msedge.exe	86
PID 3960 wrote to memory of 2080	3960	msedge.exe	86
PID 3960 wrote to memory of 2080	3960	msedge.exe	86
PID 3960 wrote to memory of 2080	3960	msedge.exe	86
PID 3960 wrote to memory of 2080	3960	msedge.exe	86

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --start-maximized --single-argument http://google.com
1⤵
- Enumerates system info in registry
- NTFS ADS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:3960
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0x40,0x108,0x7ffd94b946f8,0x7ffd94b94708,0x7ffd94b94718
  2⤵
  PID:4620
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2108,6627361881452571153,12906593246976399619,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2124 /prefetch:2
  2⤵
  PID:536
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2108,6627361881452571153,12906593246976399619,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2176 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2020
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2108,6627361881452571153,12906593246976399619,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2588 /prefetch:8
  2⤵
  PID:2080
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,6627361881452571153,12906593246976399619,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3288 /prefetch:1
  2⤵
  PID:2808
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,6627361881452571153,12906593246976399619,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3300 /prefetch:1
  2⤵
  PID:4940
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,6627361881452571153,12906593246976399619,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4708 /prefetch:1
  2⤵
  PID:1684
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2108,6627361881452571153,12906593246976399619,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5108 /prefetch:8
  2⤵
  PID:2492
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2108,6627361881452571153,12906593246976399619,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5108 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3620
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,6627361881452571153,12906593246976399619,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2364 /prefetch:1
  2⤵
  PID:368
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,6627361881452571153,12906593246976399619,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2092 /prefetch:1
  2⤵
  PID:1528
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,6627361881452571153,12906593246976399619,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5872 /prefetch:1
  2⤵
  PID:836
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,6627361881452571153,12906593246976399619,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5900 /prefetch:1
  2⤵
  PID:1236
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,6627361881452571153,12906593246976399619,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3132 /prefetch:1
  2⤵
  PID:1568
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,6627361881452571153,12906593246976399619,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5360 /prefetch:1
  2⤵
  PID:1140
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,6627361881452571153,12906593246976399619,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5764 /prefetch:1
  2⤵
  PID:2068
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,6627361881452571153,12906593246976399619,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5260 /prefetch:1
  2⤵
  PID:2740
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,6627361881452571153,12906593246976399619,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5880 /prefetch:1
  2⤵
  PID:3060
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,6627361881452571153,12906593246976399619,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5868 /prefetch:1
  2⤵
  PID:4504
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,6627361881452571153,12906593246976399619,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5588 /prefetch:1
  2⤵
  PID:4840
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,6627361881452571153,12906593246976399619,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5476 /prefetch:1
  2⤵
  PID:4552
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,6627361881452571153,12906593246976399619,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5364 /prefetch:1
  2⤵
  PID:4596
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2108,6627361881452571153,12906593246976399619,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=4768 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2108
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=2108,6627361881452571153,12906593246976399619,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=1332 /prefetch:8
  2⤵
  PID:4160
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,6627361881452571153,12906593246976399619,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6244 /prefetch:1
  2⤵
  PID:3128
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=2108,6627361881452571153,12906593246976399619,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=6736 /prefetch:8
  2⤵
  PID:1752
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2108,6627361881452571153,12906593246976399619,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6960 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4588
- C:\Users\Admin\Downloads\HawkEye.exe
  "C:\Users\Admin\Downloads\HawkEye.exe"
  2⤵
  - Chimera
  - Executes dropped EXE
  - Drops desktop.ini file(s)
  - Drops file in Program Files directory
  - System Location Discovery: System Language Discovery
  - Suspicious use of AdjustPrivilegeToken
  PID:3904
- - C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" -k "C:\Users\Admin\Downloads\YOUR_FILES_ARE_ENCRYPTED.HTML"
    3⤵
    - Modifies Internet Explorer settings
    - Suspicious use of FindShellTrayWindow
    - Suspicious use of SetWindowsHookEx
    PID:1872
  - - C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1872 CREDAT:17410 /prefetch:2
      4⤵
      System Location Discovery: System Language Discovery
      Modifies Internet Explorer settings
      Suspicious use of SetWindowsHookEx
      PID:3800
- C:\Users\Admin\Downloads\HawkEye.exe
  "C:\Users\Admin\Downloads\HawkEye.exe"
  2⤵
  - Executes dropped EXE
  - System Location Discovery: System Language Discovery
  - Suspicious use of AdjustPrivilegeToken
  PID:1876
- C:\Users\Admin\Downloads\HawkEye.exe
  "C:\Users\Admin\Downloads\HawkEye.exe"
  2⤵
  - Executes dropped EXE
  - System Location Discovery: System Language Discovery
  - Suspicious use of AdjustPrivilegeToken
  PID:1872
- C:\Users\Admin\Downloads\HawkEye.exe
  "C:\Users\Admin\Downloads\HawkEye.exe"
  2⤵
  - Executes dropped EXE
  - System Location Discovery: System Language Discovery
  - Suspicious use of AdjustPrivilegeToken
  PID:4184
- C:\Users\Admin\Downloads\HawkEye.exe
  "C:\Users\Admin\Downloads\HawkEye.exe"
  2⤵
  - Executes dropped EXE
  - System Location Discovery: System Language Discovery
  - Suspicious use of AdjustPrivilegeToken
  PID:3520
- C:\Users\Admin\Downloads\HawkEye.exe
  "C:\Users\Admin\Downloads\HawkEye.exe"
  2⤵
  - Executes dropped EXE
  - System Location Discovery: System Language Discovery
  - Suspicious use of AdjustPrivilegeToken
  PID:2784
- C:\Users\Admin\Downloads\HawkEye.exe
  "C:\Users\Admin\Downloads\HawkEye.exe"
  2⤵
  - Executes dropped EXE
  - System Location Discovery: System Language Discovery
  - Suspicious use of AdjustPrivilegeToken
  PID:4532

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2912

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2112

Network

DNS

google.com

msedge.exe

Remote address:

8.8.8.8:53

Request

google.com

IN A

Response

google.com

IN A

142.250.180.14
GET

http://google.com/

msedge.exe

Remote address:

142.250.180.14:80

Request

GET / HTTP/1.1
Host: google.com
Connection: keep-alive
DNT: 1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 302 Found

Location: http://www.google.com/sorry/index?continue=http://google.com/&q=EgS117BTGKeA47sGIjCzS7qYmzS-PKvdJ4Z0n12AmoLAxcyLdwK8jUskggNBme-qBeLEMYBSQXovvjmnDu8yAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM
x-hallmonitor-challenge: CgsIqIDjuwYQ5ruTTBIEtdewUw
Content-Type: text/html; charset=UTF-8
Content-Security-Policy-Report-Only: object-src 'none';base-uri 'self';script-src 'nonce-AA3Sux0yaaxryuIEKc-_BA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other-hp
Cross-Origin-Opener-Policy: same-origin-allow-popups; report-to="gws"
Report-To: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
Permissions-Policy: unload=()
Date: Sat, 04 Jan 2025 04:59:20 GMT
Server: gws
Content-Length: 392
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
Set-Cookie: AEC=AZ6Zc-W9PlTjtFM9wxMfi58LTKYDq_aHkPGeWEVxnosu5MW3pjPyuZqxShg; expires=Thu, 03-Jul-2025 04:59:20 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=lax
DNS

www.google.com

msedge.exe

Remote address:

8.8.8.8:53

Request

www.google.com

IN A

Response

www.google.com

IN A

142.250.187.196
GET

http://www.google.com/sorry/index?continue=http://google.com/&q=EgS117BTGKeA47sGIjCzS7qYmzS-PKvdJ4Z0n12AmoLAxcyLdwK8jUskggNBme-qBeLEMYBSQXovvjmnDu8yAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM

msedge.exe

Remote address:

142.250.187.196:80

Request

GET /sorry/index?continue=http://google.com/&q=EgS117BTGKeA47sGIjCzS7qYmzS-PKvdJ4Z0n12AmoLAxcyLdwK8jUskggNBme-qBeLEMYBSQXovvjmnDu8yAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM HTTP/1.1
Host: www.google.com
Connection: keep-alive
DNT: 1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 429 Too Many Requests

Date: Sat, 04 Jan 2025 04:59:20 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Content-Type: text/html
Server: HTTP server (unknown)
Content-Length: 3063
X-XSS-Protection: 0
GET

http://www.google.com/favicon.ico

msedge.exe

Remote address:

142.250.187.196:80

Request

GET /favicon.ico HTTP/1.1
Host: www.google.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://www.google.com/sorry/index?continue=http://google.com/&q=EgS117BTGKeA47sGIjCzS7qYmzS-PKvdJ4Z0n12AmoLAxcyLdwK8jUskggNBme-qBeLEMYBSQXovvjmnDu8yAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Accept-Ranges: bytes
Content-Encoding: gzip
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="static-on-bigtable"
Report-To: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
Content-Length: 1494
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Thu, 02 Jan 2025 23:28:36 GMT
Expires: Fri, 10 Jan 2025 23:28:36 GMT
Cache-Control: public, max-age=691200
Last-Modified: Tue, 22 Oct 2019 18:30:00 GMT
Content-Type: image/x-icon
Vary: Accept-Encoding
Age: 106246
DNS

232.168.11.51.in-addr.arpa

Remote address:

8.8.8.8:53

Request

232.168.11.51.in-addr.arpa

IN PTR

Response
GET

https://www.google.com/recaptcha/api.js

msedge.exe

Remote address:

142.250.187.196:443

Request

GET /recaptcha/api.js HTTP/2.0
host: www.google.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: http://www.google.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfwuyUTAAAAAOAmoS0fdqijC2PbbdH4kjq62Y1b&co=aHR0cDovL3d3dy5nb29nbGUuY29tOjgw&hl=en&v=zIriijn3uj5Vpknvt_LnfNbF&size=normal&s=vCoQzz22v3QLofGjZCZD7OQdTjEcuBfsDIo5LAkjhZt7h8g6U0LIi4uBGXyWbbhkBbn0lipI8ZMeLtdYrb0DLprQHayNcZ1ykwjphMTOvgr5L1hsJrCm5oFVpOFUWgyeUsh6wccUfUNmKkhXEcF0ZlQd2nymY_3i25v-z551jLjx5tiLyghov6KYnDCX9yiEZHrlEHQAyT8uPfkNxZqV1O7PGGFHzBAKFmedZp5tLhBMnSl0cG5dvw1p2nkIpSvxGB2C_dG-HF6HvGtXTcW6kpVi2icpptI&cb=4k8vy2nhfxz7

msedge.exe

Remote address:

142.250.187.196:443

Request

GET /recaptcha/api2/anchor?ar=1&k=6LfwuyUTAAAAAOAmoS0fdqijC2PbbdH4kjq62Y1b&co=aHR0cDovL3d3dy5nb29nbGUuY29tOjgw&hl=en&v=zIriijn3uj5Vpknvt_LnfNbF&size=normal&s=vCoQzz22v3QLofGjZCZD7OQdTjEcuBfsDIo5LAkjhZt7h8g6U0LIi4uBGXyWbbhkBbn0lipI8ZMeLtdYrb0DLprQHayNcZ1ykwjphMTOvgr5L1hsJrCm5oFVpOFUWgyeUsh6wccUfUNmKkhXEcF0ZlQd2nymY_3i25v-z551jLjx5tiLyghov6KYnDCX9yiEZHrlEHQAyT8uPfkNxZqV1O7PGGFHzBAKFmedZp5tLhBMnSl0cG5dvw1p2nkIpSvxGB2C_dG-HF6HvGtXTcW6kpVi2icpptI&cb=4k8vy2nhfxz7 HTTP/2.0
host: www.google.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.google.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
DNS

support.google.com

msedge.exe

Remote address:

8.8.8.8:53

Request

support.google.com

IN A

Response

support.google.com

IN A

172.217.169.14
DNS

196.187.250.142.in-addr.arpa

Remote address:

8.8.8.8:53

Request

196.187.250.142.in-addr.arpa

IN PTR

Response

196.187.250.142.in-addr.arpa

IN PTR

lhr25s33-in-f41e100net
DNS

8.153.16.2.in-addr.arpa

Remote address:

8.8.8.8:53

Request

8.153.16.2.in-addr.arpa

IN PTR

Response

8.153.16.2.in-addr.arpa

IN PTR

a2-16-153-8deploystaticakamaitechnologiescom
DNS

133.32.126.40.in-addr.arpa

Remote address:

8.8.8.8:53

Request

133.32.126.40.in-addr.arpa

IN PTR

Response
DNS

227.187.250.142.in-addr.arpa

Remote address:

8.8.8.8:53

Request

227.187.250.142.in-addr.arpa

IN PTR

Response

227.187.250.142.in-addr.arpa

IN PTR

lhr25s34-in-f31e100net
DNS

95.221.229.192.in-addr.arpa

Remote address:

8.8.8.8:53

Request

95.221.229.192.in-addr.arpa

IN PTR

Response
DNS

195.187.250.142.in-addr.arpa

Remote address:

8.8.8.8:53

Request

195.187.250.142.in-addr.arpa

IN PTR

Response

195.187.250.142.in-addr.arpa

IN PTR

lhr25s33-in-f31e100net
DNS

133.211.185.52.in-addr.arpa

Remote address:

8.8.8.8:53

Request

133.211.185.52.in-addr.arpa

IN PTR

Response
DNS

196.249.167.52.in-addr.arpa

Remote address:

8.8.8.8:53

Request

196.249.167.52.in-addr.arpa

IN PTR

Response
DNS

197.87.175.4.in-addr.arpa

Remote address:

8.8.8.8:53

Request

197.87.175.4.in-addr.arpa

IN PTR

Response
DNS

198.187.3.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

198.187.3.20.in-addr.arpa

IN PTR

Response
DNS

22.236.111.52.in-addr.arpa

Remote address:

8.8.8.8:53

Request

22.236.111.52.in-addr.arpa

IN PTR

Response
GET

https://www.bing.com/qbox?query=vi&language=en-US&pt=EdgBox&cvid=64ee3a2dc60c4392b2e0a454ecd64ada&ig=e5fa7023ed0f428797284f5587f1ed82&oit=1&cp=2&pgcl=4

msedge.exe

Remote address:

95.101.143.219:443

Request

GET /qbox?query=vi&language=en-US&pt=EdgBox&cvid=64ee3a2dc60c4392b2e0a454ecd64ada&ig=e5fa7023ed0f428797284f5587f1ed82&oit=1&cp=2&pgcl=4 HTTP/2.0
host: www.bing.com
sec-fetch-site: none
sec-fetch-mode: no-cors
sec-fetch-dest: empty
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 459
content-type: application/json; charset=utf-8
cache-control: public, max-age=300
content-encoding: br
vary: Accept-Encoding
x-eventid: 6778c08776034b1c9a81d5ddd28e1b19
useragentreductionoptout: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
content-security-policy: script-src https: 'strict-dynamic' 'report-sample' 'wasm-unsafe-eval' 'nonce-eN/++8t9rJFS5owIwHt/py4JhE7MO6izDEfUe0f8+7I='; base-uri 'self';report-to csp-endpoint
report-to: {"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
p3p: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
date: Sat, 04 Jan 2025 05:00:55 GMT
set-cookie: MUID=3C2424A4B34B6DCA1E7F31CEB2656C43; domain=.bing.com; expires=Thu, 29-Jan-2026 05:00:55 GMT; path=/; secure; SameSite=None
set-cookie: MUIDB=3C2424A4B34B6DCA1E7F31CEB2656C43; expires=Thu, 29-Jan-2026 05:00:55 GMT; path=/; HttpOnly
set-cookie: _EDGE_S=F=1&SID=1E6083A17A1862E80DB896CB7B3663F0; domain=.bing.com; path=/; HttpOnly
set-cookie: _EDGE_V=1; domain=.bing.com; expires=Thu, 29-Jan-2026 05:00:55 GMT; path=/; HttpOnly
set-cookie: USRLOC=HS=1; domain=.bing.com; expires=Thu, 29-Jan-2026 05:00:55 GMT; path=/; secure; HttpOnly; SameSite=None
set-cookie: SRCHD=AF=NOFORM; domain=.bing.com; expires=Thu, 29-Jan-2026 05:00:55 GMT; path=/; secure; SameSite=None
set-cookie: SRCHUID=V=2&GUID=9183033F1D5C4C67AC9ED8DF361958A8&dmnchg=1; domain=.bing.com; expires=Thu, 29-Jan-2026 05:00:55 GMT; path=/; secure; SameSite=None
set-cookie: SRCHUSR=DOB=20250104; domain=.bing.com; expires=Thu, 29-Jan-2026 05:00:55 GMT; path=/; secure; SameSite=None
set-cookie: SRCHHPGUSR=SRCHLANG=en; domain=.bing.com; expires=Thu, 29-Jan-2026 05:00:55 GMT; path=/; secure; SameSite=None
set-cookie: _SS=SID=1E6083A17A1862E80DB896CB7B3663F0; domain=.bing.com; path=/; secure; SameSite=None
alt-svc: h3=":443"; ma=93600
x-cdn-traceid: 0.d78f655f.1735966855.874c42c
GET

https://www.bing.com/qbox?query=vir&language=en-US&pt=EdgBox&cvid=64ee3a2dc60c4392b2e0a454ecd64ada&ig=7052f34f26c040deaa6b309feebf7b97&oit=1&cp=3&pgcl=4

msedge.exe

Remote address:

95.101.143.219:443

Request

GET /qbox?query=vir&language=en-US&pt=EdgBox&cvid=64ee3a2dc60c4392b2e0a454ecd64ada&ig=7052f34f26c040deaa6b309feebf7b97&oit=1&cp=3&pgcl=4 HTTP/2.0
host: www.bing.com
sec-fetch-site: none
sec-fetch-mode: no-cors
sec-fetch-dest: empty
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 444
content-type: application/json; charset=utf-8
cache-control: public, max-age=300
content-encoding: br
vary: Accept-Encoding
x-eventid: 6778c0873bbc4177addbd3eefc0a1b8d
useragentreductionoptout: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
content-security-policy: script-src https: 'strict-dynamic' 'report-sample' 'wasm-unsafe-eval' 'nonce-1C4nnazx+bSV/EOEo84D/r/bOadWmMJFJ4NCqI80dvY='; base-uri 'self';report-to csp-endpoint
report-to: {"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
p3p: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
date: Sat, 04 Jan 2025 05:00:55 GMT
set-cookie: MUID=3F8777D91B1F6B29146462B31AE56A44; domain=.bing.com; expires=Thu, 29-Jan-2026 05:00:55 GMT; path=/; secure; SameSite=None
set-cookie: MUIDB=3F8777D91B1F6B29146462B31AE56A44; expires=Thu, 29-Jan-2026 05:00:55 GMT; path=/; HttpOnly
set-cookie: _EDGE_S=F=1&SID=0517FB32D737667906D9EE58D6CD67FB; domain=.bing.com; path=/; HttpOnly
set-cookie: _EDGE_V=1; domain=.bing.com; expires=Thu, 29-Jan-2026 05:00:55 GMT; path=/; HttpOnly
set-cookie: USRLOC=HS=1; domain=.bing.com; expires=Thu, 29-Jan-2026 05:00:55 GMT; path=/; secure; HttpOnly; SameSite=None
set-cookie: SRCHD=AF=NOFORM; domain=.bing.com; expires=Thu, 29-Jan-2026 05:00:55 GMT; path=/; secure; SameSite=None
set-cookie: SRCHUID=V=2&GUID=EDF224CDA4E24AB7A10D1E2E103D95CF&dmnchg=1; domain=.bing.com; expires=Thu, 29-Jan-2026 05:00:55 GMT; path=/; secure; SameSite=None
set-cookie: SRCHUSR=DOB=20250104; domain=.bing.com; expires=Thu, 29-Jan-2026 05:00:55 GMT; path=/; secure; SameSite=None
set-cookie: SRCHHPGUSR=SRCHLANG=en; domain=.bing.com; expires=Thu, 29-Jan-2026 05:00:55 GMT; path=/; secure; SameSite=None
set-cookie: _SS=SID=0517FB32D737667906D9EE58D6CD67FB; domain=.bing.com; path=/; secure; SameSite=None
alt-svc: h3=":443"; ma=93600
x-cdn-traceid: 0.d78f655f.1735966855.874c511
GET

https://www.bing.com/qbox?query=viru&language=en-US&pt=EdgBox&cvid=64ee3a2dc60c4392b2e0a454ecd64ada&ig=445d3835da6147ecaa27dd128d9f8723&oit=1&cp=4&pgcl=4

msedge.exe

Remote address:

95.101.143.219:443

Request

GET /qbox?query=viru&language=en-US&pt=EdgBox&cvid=64ee3a2dc60c4392b2e0a454ecd64ada&ig=445d3835da6147ecaa27dd128d9f8723&oit=1&cp=4&pgcl=4 HTTP/2.0
host: www.bing.com
sec-fetch-site: none
sec-fetch-mode: no-cors
sec-fetch-dest: empty
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 323
content-type: application/json; charset=utf-8
cache-control: public, max-age=300
content-encoding: br
vary: Accept-Encoding
x-eventid: 6778c08829294514a1c86e24183f5d21
useragentreductionoptout: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
content-security-policy: script-src https: 'strict-dynamic' 'report-sample' 'wasm-unsafe-eval' 'nonce-HaBphtRSZE0PbUJuk1ktWFQsBT9oFLLntnV2dox6i58='; base-uri 'self';report-to csp-endpoint
report-to: {"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
p3p: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
date: Sat, 04 Jan 2025 05:00:56 GMT
set-cookie: MUID=221DFEB534A861AB3790EBDF353A6024; domain=.bing.com; expires=Thu, 29-Jan-2026 05:00:56 GMT; path=/; secure; SameSite=None
set-cookie: MUIDB=221DFEB534A861AB3790EBDF353A6024; expires=Thu, 29-Jan-2026 05:00:56 GMT; path=/; HttpOnly
set-cookie: _EDGE_S=F=1&SID=11DC89F6A5DD6E8610E59C9CA44F6FA9; domain=.bing.com; path=/; HttpOnly
set-cookie: _EDGE_V=1; domain=.bing.com; expires=Thu, 29-Jan-2026 05:00:56 GMT; path=/; HttpOnly
set-cookie: USRLOC=HS=1; domain=.bing.com; expires=Thu, 29-Jan-2026 05:00:56 GMT; path=/; secure; HttpOnly; SameSite=None
set-cookie: SRCHD=AF=NOFORM; domain=.bing.com; expires=Thu, 29-Jan-2026 05:00:56 GMT; path=/; secure; SameSite=None
set-cookie: SRCHUID=V=2&GUID=1B77D6FFEF9A476098DE733D5745A4D8&dmnchg=1; domain=.bing.com; expires=Thu, 29-Jan-2026 05:00:56 GMT; path=/; secure; SameSite=None
set-cookie: SRCHUSR=DOB=20250104; domain=.bing.com; expires=Thu, 29-Jan-2026 05:00:56 GMT; path=/; secure; SameSite=None
set-cookie: SRCHHPGUSR=SRCHLANG=en; domain=.bing.com; expires=Thu, 29-Jan-2026 05:00:56 GMT; path=/; secure; SameSite=None
set-cookie: _SS=SID=11DC89F6A5DD6E8610E59C9CA44F6FA9; domain=.bing.com; path=/; secure; SameSite=None
alt-svc: h3=":443"; ma=93600
x-cdn-traceid: 0.d78f655f.1735966856.874c613
GET

https://www.bing.com/qbox?query=virus&language=en-US&pt=EdgBox&cvid=64ee3a2dc60c4392b2e0a454ecd64ada&ig=ee457246000b400cac210ee08d1f839c&oit=1&cp=5&pgcl=4

msedge.exe

Remote address:

95.101.143.219:443

Request

GET /qbox?query=virus&language=en-US&pt=EdgBox&cvid=64ee3a2dc60c4392b2e0a454ecd64ada&ig=ee457246000b400cac210ee08d1f839c&oit=1&cp=5&pgcl=4 HTTP/2.0
host: www.bing.com
sec-fetch-site: none
sec-fetch-mode: no-cors
sec-fetch-dest: empty
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 316
content-type: application/json; charset=utf-8
cache-control: public, max-age=300
content-encoding: br
vary: Accept-Encoding
x-eventid: 6778c0883ffc4ca3a1733c59a3352270
useragentreductionoptout: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
content-security-policy: script-src https: 'strict-dynamic' 'report-sample' 'wasm-unsafe-eval' 'nonce-LdmjAaPVzuEMUpKfEDus5KZuAb/Gp3LRCnq4pOIfAj4='; base-uri 'self';report-to csp-endpoint
report-to: {"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
p3p: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
date: Sat, 04 Jan 2025 05:00:56 GMT
set-cookie: MUID=2474E8480D2C623C3AF9FD220CA56368; domain=.bing.com; expires=Thu, 29-Jan-2026 05:00:56 GMT; path=/; secure; SameSite=None
set-cookie: MUIDB=2474E8480D2C623C3AF9FD220CA56368; expires=Thu, 29-Jan-2026 05:00:56 GMT; path=/; HttpOnly
set-cookie: _EDGE_S=F=1&SID=39F7C65482B063EE3A9FD33E833962AC; domain=.bing.com; path=/; HttpOnly
set-cookie: _EDGE_V=1; domain=.bing.com; expires=Thu, 29-Jan-2026 05:00:56 GMT; path=/; HttpOnly
set-cookie: USRLOC=HS=1; domain=.bing.com; expires=Thu, 29-Jan-2026 05:00:56 GMT; path=/; secure; HttpOnly; SameSite=None
set-cookie: SRCHD=AF=NOFORM; domain=.bing.com; expires=Thu, 29-Jan-2026 05:00:56 GMT; path=/; secure; SameSite=None
set-cookie: SRCHUID=V=2&GUID=64EC55E5DA2A4ED4AAD1EDE943A3112A&dmnchg=1; domain=.bing.com; expires=Thu, 29-Jan-2026 05:00:56 GMT; path=/; secure; SameSite=None
set-cookie: SRCHUSR=DOB=20250104; domain=.bing.com; expires=Thu, 29-Jan-2026 05:00:56 GMT; path=/; secure; SameSite=None
set-cookie: SRCHHPGUSR=SRCHLANG=en; domain=.bing.com; expires=Thu, 29-Jan-2026 05:00:56 GMT; path=/; secure; SameSite=None
set-cookie: _SS=SID=39F7C65482B063EE3A9FD33E833962AC; domain=.bing.com; path=/; secure; SameSite=None
alt-svc: h3=":443"; ma=93600
x-cdn-traceid: 0.d78f655f.1735966856.874c762
GET

https://www.bing.com/qbox?query=virus+&language=en-US&pt=EdgBox&cvid=64ee3a2dc60c4392b2e0a454ecd64ada&ig=082f011a1a424ab4829ebf9179735045&oit=1&cp=6&pgcl=4

msedge.exe

Remote address:

95.101.143.219:443

Request

GET /qbox?query=virus+&language=en-US&pt=EdgBox&cvid=64ee3a2dc60c4392b2e0a454ecd64ada&ig=082f011a1a424ab4829ebf9179735045&oit=1&cp=6&pgcl=4 HTTP/2.0
host: www.bing.com
sec-fetch-site: none
sec-fetch-mode: no-cors
sec-fetch-dest: empty
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 283
content-type: application/json; charset=utf-8
cache-control: public, max-age=300
content-encoding: br
vary: Accept-Encoding
x-eventid: 6778c088cea941739da751801a9d08f0
useragentreductionoptout: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
content-security-policy: script-src https: 'strict-dynamic' 'report-sample' 'wasm-unsafe-eval' 'nonce-BE9rRM0SXRRmpAJ/G09cSktJ6oNLXTErF13HM4Gb9mE='; base-uri 'self';report-to csp-endpoint
report-to: {"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
p3p: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
date: Sat, 04 Jan 2025 05:00:56 GMT
set-cookie: MUID=23270695B08267923A6B13FFB1D266D4; domain=.bing.com; expires=Thu, 29-Jan-2026 05:00:56 GMT; path=/; secure; SameSite=None
set-cookie: MUIDB=23270695B08267923A6B13FFB1D266D4; expires=Thu, 29-Jan-2026 05:00:56 GMT; path=/; HttpOnly
set-cookie: _EDGE_S=F=1&SID=19F5C38416F36CE72110D6EE17A36D78; domain=.bing.com; path=/; HttpOnly
set-cookie: _EDGE_V=1; domain=.bing.com; expires=Thu, 29-Jan-2026 05:00:56 GMT; path=/; HttpOnly
set-cookie: USRLOC=HS=1; domain=.bing.com; expires=Thu, 29-Jan-2026 05:00:56 GMT; path=/; secure; HttpOnly; SameSite=None
set-cookie: SRCHD=AF=NOFORM; domain=.bing.com; expires=Thu, 29-Jan-2026 05:00:56 GMT; path=/; secure; SameSite=None
set-cookie: SRCHUID=V=2&GUID=C9177187EB4741368F28F0FA3014C28E&dmnchg=1; domain=.bing.com; expires=Thu, 29-Jan-2026 05:00:56 GMT; path=/; secure; SameSite=None
set-cookie: SRCHUSR=DOB=20250104; domain=.bing.com; expires=Thu, 29-Jan-2026 05:00:56 GMT; path=/; secure; SameSite=None
set-cookie: SRCHHPGUSR=SRCHLANG=en; domain=.bing.com; expires=Thu, 29-Jan-2026 05:00:56 GMT; path=/; secure; SameSite=None
set-cookie: _SS=SID=19F5C38416F36CE72110D6EE17A36D78; domain=.bing.com; path=/; secure; SameSite=None
alt-svc: h3=":443"; ma=93600
x-cdn-traceid: 0.d78f655f.1735966856.874c862
GET

https://www.bing.com/search?q=virus+download&cvid=64ee3a2dc60c4392b2e0a454ecd64ada&aqs=edge.4.69i57j0l6.4251j0j4&FORM=ANAB01&PC=U531

msedge.exe

Remote address:

95.101.143.219:443

Request

GET /search?q=virus+download&cvid=64ee3a2dc60c4392b2e0a454ecd64ada&aqs=edge.4.69i57j0l6.4251j0j4&FORM=ANAB01&PC=U531 HTTP/2.0
host: www.bing.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
dnt: 1
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: text/html; charset=utf-8
cache-control: private, max-age=0
content-encoding: br
expires: Sat, 04 Jan 2025 04:59:59 GMT
vary: Accept-Encoding
x-eventid: 6778c08b9cec494cb76afc4c5a12c96e
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, ECT, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
useragentreductionoptout: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: script-src https: 'strict-dynamic' 'report-sample' 'wasm-unsafe-eval' 'nonce-4O6/CKC9a1aLTB8Nk234gZzJ7ZhJwOudeq/5DpUSlE0='; base-uri 'self';report-to csp-endpoint
report-to: {"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingserp&ndcParam=QWthbWFp"}]}
report-to: {"group":"crossorigin-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingserp"}]}
p3p: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.01,"failure_fraction":1.0,"include_subdomains":true}
cross-origin-embedder-policy-report-only: 'require-corp; report-to=\"crossorigin-errors\"'
cross-origin-opener-policy-report-only: 'same-origin; report-to=\"crossorigin-errors\"'
date: Sat, 04 Jan 2025 05:00:59 GMT
set-cookie: MUID=3B406B6AF21B62053DD77E00F377634B; domain=.bing.com; expires=Thu, 29-Jan-2026 05:00:59 GMT; path=/; secure; SameSite=None
set-cookie: MUIDB=3B406B6AF21B62053DD77E00F377634B; expires=Thu, 29-Jan-2026 05:00:59 GMT; path=/; HttpOnly
set-cookie: _EDGE_S=F=1&SID=0E7AE11C3C4A6FE33003F4763D266EE2; domain=.bing.com; path=/; HttpOnly
set-cookie: _EDGE_V=1; domain=.bing.com; expires=Thu, 29-Jan-2026 05:00:59 GMT; path=/; HttpOnly
set-cookie: USRLOC=HS=1; domain=.bing.com; expires=Thu, 29-Jan-2026 05:00:59 GMT; path=/; secure; HttpOnly; SameSite=None
set-cookie: _SS=PC=U531&SID=0E7AE11C3C4A6FE33003F4763D266EE2; domain=.bing.com; path=/; secure; SameSite=None
set-cookie: SRCHS=PC=U531; domain=.bing.com; path=/; secure; SameSite=None
set-cookie: SRCHD=AF=ANAB01; domain=.bing.com; expires=Thu, 29-Jan-2026 05:00:59 GMT; path=/; secure; SameSite=None
set-cookie: SRCHUID=V=2&GUID=E38AAEEFBAA84E6BBDE5B51739698DBE&dmnchg=1; domain=.bing.com; expires=Thu, 29-Jan-2026 05:00:59 GMT; path=/; secure; SameSite=None
set-cookie: SRCHUSR=DOB=20250104; domain=.bing.com; expires=Thu, 29-Jan-2026 05:00:59 GMT; path=/; secure; SameSite=None
set-cookie: SRCHHPGUSR=SRCHLANG=en; domain=.bing.com; expires=Thu, 29-Jan-2026 05:00:59 GMT; path=/; secure; SameSite=None
alt-svc: h3=":443"; ma=93600
x-cdn-traceid: 0.d78f655f.1735966859.874d36b
set-cookie: ak_bmsc=E4F717C62D6A03B55FE517A8758AAA35~000000000000000000000000000000~YAAQ149lX2nJJiiUAQAA1CGwLxowCFng3+AW5wE/0o+C0HCcGM8ZGE2iL/QiVQv5fx2BLuEMcPtkyZOcimwKvqhmjOV78DVtjMKBBIkOVWW/h2j37B1KaOsdxZAihsg8GT51p/358UMalk0weGYdLwMv60D/8uqodMb/DsQj7LJzMHsCWJIPJnXpFYli2FtjCDH9nfNZ0MaUnrAoZPzDTIF6O0FrhkmPHjyO9I+9twq6oaYEnZbn3ObA0n6MQBh/9/hFAw/GUCq9/p3+fvQdiXBhEp4LsEor2ta3D8PYK52XeoYZhH55hiTMLEBU1/dqhWoAbCeMw6mpDiFi5LnUJCLQkeuNVw1gvIiPWR2maT+ZTBkBov6hi6R5KQ8YdpyUfV12Dz5w4yd0; Domain=.bing.com; Path=/; Expires=Sat, 04 Jan 2025 07:00:59 GMT; Max-Age=7200
GET

https://www.bing.com/sa/simg/Roboto_Regular.woff2

msedge.exe

Remote address:

95.101.143.219:443

Request

GET /sa/simg/Roboto_Regular.woff2 HTTP/2.0
host: www.bing.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://www.bing.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
dnt: 1
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: font
referer: https://www.bing.com/search?q=virus+download&cvid=64ee3a2dc60c4392b2e0a454ecd64ada&aqs=edge.4.69i57j0l6.4251j0j4&FORM=ANAB01&PC=U531
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: MUID=3B406B6AF21B62053DD77E00F377634B
cookie: MUIDB=3B406B6AF21B62053DD77E00F377634B
cookie: _EDGE_S=F=1&SID=0E7AE11C3C4A6FE33003F4763D266EE2
cookie: _EDGE_V=1
cookie: USRLOC=HS=1
cookie: _SS=PC=U531&SID=0E7AE11C3C4A6FE33003F4763D266EE2
cookie: SRCHS=PC=U531
cookie: SRCHD=AF=ANAB01
cookie: SRCHUID=V=2&GUID=E38AAEEFBAA84E6BBDE5B51739698DBE&dmnchg=1
cookie: SRCHUSR=DOB=20250104
cookie: SRCHHPGUSR=SRCHLANG=en
cookie: ak_bmsc=E4F717C62D6A03B55FE517A8758AAA35~000000000000000000000000000000~YAAQ149lX2nJJiiUAQAA1CGwLxowCFng3+AW5wE/0o+C0HCcGM8ZGE2iL/QiVQv5fx2BLuEMcPtkyZOcimwKvqhmjOV78DVtjMKBBIkOVWW/h2j37B1KaOsdxZAihsg8GT51p/358UMalk0weGYdLwMv60D/8uqodMb/DsQj7LJzMHsCWJIPJnXpFYli2FtjCDH9nfNZ0MaUnrAoZPzDTIF6O0FrhkmPHjyO9I+9twq6oaYEnZbn3ObA0n6MQBh/9/hFAw/GUCq9/p3+fvQdiXBhEp4LsEor2ta3D8PYK52XeoYZhH55hiTMLEBU1/dqhWoAbCeMw6mpDiFi5LnUJCLQkeuNVw1gvIiPWR2maT+ZTBkBov6hi6R5KQ8YdpyUfV12Dz5w4yd0

Response

HTTP/2.0 200

content-length: 15344
content-type: font/woff2
cache-control: public, max-age=15552000
last-modified: Mon, 01 Jan 1601 00:00:00 GMT
x-eventid: 661aafd86e0b4a0c8792a1f83cd446ca
useragentreductionoptout: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
content-security-policy-report-only: script-src https: 'strict-dynamic' 'report-sample' 'nonce-3vTAQNKq8Us8FU4N1YKatO/0vBvTusxxyorbrP2yIH8='; base-uri 'self';report-to csp-endpoint
report-to: {"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
date: Sat, 04 Jan 2025 05:00:59 GMT
alt-svc: h3=":443"; ma=93600
x-cdn-traceid: 0.d78f655f.1735966859.874d3e3
GET

https://www.bing.com/sa/simg/Roboto_Semibold.woff2

msedge.exe

Remote address:

95.101.143.219:443

Request

GET /sa/simg/Roboto_Semibold.woff2 HTTP/2.0
host: www.bing.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://www.bing.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
dnt: 1
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: font
referer: https://www.bing.com/search?q=virus+download&cvid=64ee3a2dc60c4392b2e0a454ecd64ada&aqs=edge.4.69i57j0l6.4251j0j4&FORM=ANAB01&PC=U531
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: MUID=3B406B6AF21B62053DD77E00F377634B
cookie: MUIDB=3B406B6AF21B62053DD77E00F377634B
cookie: _EDGE_S=F=1&SID=0E7AE11C3C4A6FE33003F4763D266EE2
cookie: _EDGE_V=1
cookie: USRLOC=HS=1
cookie: _SS=PC=U531&SID=0E7AE11C3C4A6FE33003F4763D266EE2
cookie: SRCHS=PC=U531
cookie: SRCHD=AF=ANAB01
cookie: SRCHUID=V=2&GUID=E38AAEEFBAA84E6BBDE5B51739698DBE&dmnchg=1
cookie: SRCHUSR=DOB=20250104
cookie: SRCHHPGUSR=SRCHLANG=en
cookie: ak_bmsc=E4F717C62D6A03B55FE517A8758AAA35~000000000000000000000000000000~YAAQ149lX2nJJiiUAQAA1CGwLxowCFng3+AW5wE/0o+C0HCcGM8ZGE2iL/QiVQv5fx2BLuEMcPtkyZOcimwKvqhmjOV78DVtjMKBBIkOVWW/h2j37B1KaOsdxZAihsg8GT51p/358UMalk0weGYdLwMv60D/8uqodMb/DsQj7LJzMHsCWJIPJnXpFYli2FtjCDH9nfNZ0MaUnrAoZPzDTIF6O0FrhkmPHjyO9I+9twq6oaYEnZbn3ObA0n6MQBh/9/hFAw/GUCq9/p3+fvQdiXBhEp4LsEor2ta3D8PYK52XeoYZhH55hiTMLEBU1/dqhWoAbCeMw6mpDiFi5LnUJCLQkeuNVw1gvIiPWR2maT+ZTBkBov6hi6R5KQ8YdpyUfV12Dz5w4yd0

Response

HTTP/2.0 200

content-length: 15436
content-type: font/woff2
cache-control: public, max-age=15552000
last-modified: Mon, 01 Jan 1601 00:00:00 GMT
x-eventid: 661b7fb4a5a64a25bfe52f31cdb238a2
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
useragentreductionoptout: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
content-security-policy-report-only: script-src https: 'strict-dynamic' 'report-sample' 'nonce-Dc7XB6hZwYD7vh6hxGugqMXoa2v2PSgRTnvZk3RerSA='; base-uri 'self';report-to csp-endpoint
report-to: {"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
date: Sat, 04 Jan 2025 05:00:59 GMT
alt-svc: h3=":443"; ma=93600
x-cdn-traceid: 0.d78f655f.1735966859.874d3e8
GET

https://www.bing.com/rp/kAwiv9gc4HPfHSU3xUQp2Xqm5wA.png

msedge.exe

Remote address:

95.101.143.219:443

Request

GET /rp/kAwiv9gc4HPfHSU3xUQp2Xqm5wA.png HTTP/2.0
host: www.bing.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.bing.com/search?q=virus+download&cvid=64ee3a2dc60c4392b2e0a454ecd64ada&aqs=edge.4.69i57j0l6.4251j0j4&FORM=ANAB01&PC=U531
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: MUID=3B406B6AF21B62053DD77E00F377634B
cookie: MUIDB=3B406B6AF21B62053DD77E00F377634B
cookie: _EDGE_S=F=1&SID=0E7AE11C3C4A6FE33003F4763D266EE2
cookie: _EDGE_V=1
cookie: USRLOC=HS=1
cookie: _SS=PC=U531&SID=0E7AE11C3C4A6FE33003F4763D266EE2
cookie: SRCHS=PC=U531
cookie: SRCHD=AF=ANAB01
cookie: SRCHUID=V=2&GUID=E38AAEEFBAA84E6BBDE5B51739698DBE&dmnchg=1
cookie: SRCHUSR=DOB=20250104
cookie: SRCHHPGUSR=SRCHLANG=en
cookie: ak_bmsc=E4F717C62D6A03B55FE517A8758AAA35~000000000000000000000000000000~YAAQ149lX2nJJiiUAQAA1CGwLxowCFng3+AW5wE/0o+C0HCcGM8ZGE2iL/QiVQv5fx2BLuEMcPtkyZOcimwKvqhmjOV78DVtjMKBBIkOVWW/h2j37B1KaOsdxZAihsg8GT51p/358UMalk0weGYdLwMv60D/8uqodMb/DsQj7LJzMHsCWJIPJnXpFYli2FtjCDH9nfNZ0MaUnrAoZPzDTIF6O0FrhkmPHjyO9I+9twq6oaYEnZbn3ObA0n6MQBh/9/hFAw/GUCq9/p3+fvQdiXBhEp4LsEor2ta3D8PYK52XeoYZhH55hiTMLEBU1/dqhWoAbCeMw6mpDiFi5LnUJCLQkeuNVw1gvIiPWR2maT+ZTBkBov6hi6R5KQ8YdpyUfV12Dz5w4yd0

Response

HTTP/2.0 200

last-modified: Tue, 24 Sep 2024 06:53:27 GMT
etag: 0x8DCDC6597B401F0
cache-control: public, no-transform, max-age=28165
expires: Sat, 04 Jan 2025 07:50:32 GMT
akamai-grn: 0.4c1a1202.1735948867.2b99d367
timing-allow-origin: *
akamai-amd-bc-debug: [a=92.122.211.94,b=229449523,c=c,d=1731610315,h=304,k=2,l=0,n=GB_EN_LONDON,o=20940,r=2]
content-length: 9310
content-type: image/png
content-md5: GUexVzkiHrDbJxwd2PleRg==
x-ms-request-id: 490b4d38-e01e-005f-1926-15186e000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
date: Sat, 04 Jan 2025 05:00:59 GMT
alt-svc: h3=":443"; ma=93600
x-cdn-traceid: 0.d78f655f.1735966859.874d422
GET

https://www.bing.com/fd/ls/l?IG=68C350558AEC472DBCCE420047970621&CID=3B406B6AF21B62053DD77E00F377634B&Type=Event.ClientInst&DATA=[{%22T%22:%22CI.HeaderScopeOrder%22,%22FID%22:%22CI%22,%22Name%22:%22ScopeMapOrderValue%22,%22Text%22:%220%3A0%2C1%3A1%2C6%3A2%2C2%3A3%2C3%3A4%2C4%3A5%2C5%3A6%22}]

msedge.exe

Remote address:

95.101.143.219:443

Request

GET /fd/ls/l?IG=68C350558AEC472DBCCE420047970621&CID=3B406B6AF21B62053DD77E00F377634B&Type=Event.ClientInst&DATA=[{%22T%22:%22CI.HeaderScopeOrder%22,%22FID%22:%22CI%22,%22Name%22:%22ScopeMapOrderValue%22,%22Text%22:%220%3A0%2C1%3A1%2C6%3A2%2C2%3A3%2C3%3A4%2C4%3A5%2C5%3A6%22}] HTTP/2.0
host: www.bing.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.bing.com/search?q=virus+download&cvid=64ee3a2dc60c4392b2e0a454ecd64ada&aqs=edge.4.69i57j0l6.4251j0j4&FORM=ANAB01&PC=U531
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: MUID=3B406B6AF21B62053DD77E00F377634B
cookie: MUIDB=3B406B6AF21B62053DD77E00F377634B
cookie: _EDGE_S=F=1&SID=0E7AE11C3C4A6FE33003F4763D266EE2
cookie: _EDGE_V=1
cookie: USRLOC=HS=1
cookie: _SS=PC=U531&SID=0E7AE11C3C4A6FE33003F4763D266EE2
cookie: SRCHS=PC=U531
cookie: SRCHD=AF=ANAB01
cookie: SRCHUID=V=2&GUID=E38AAEEFBAA84E6BBDE5B51739698DBE&dmnchg=1
cookie: SRCHUSR=DOB=20250104
cookie: SRCHHPGUSR=SRCHLANG=en
cookie: ak_bmsc=E4F717C62D6A03B55FE517A8758AAA35~000000000000000000000000000000~YAAQ149lX2nJJiiUAQAA1CGwLxowCFng3+AW5wE/0o+C0HCcGM8ZGE2iL/QiVQv5fx2BLuEMcPtkyZOcimwKvqhmjOV78DVtjMKBBIkOVWW/h2j37B1KaOsdxZAihsg8GT51p/358UMalk0weGYdLwMv60D/8uqodMb/DsQj7LJzMHsCWJIPJnXpFYli2FtjCDH9nfNZ0MaUnrAoZPzDTIF6O0FrhkmPHjyO9I+9twq6oaYEnZbn3ObA0n6MQBh/9/hFAw/GUCq9/p3+fvQdiXBhEp4LsEor2ta3D8PYK52XeoYZhH55hiTMLEBU1/dqhWoAbCeMw6mpDiFi5LnUJCLQkeuNVw1gvIiPWR2maT+ZTBkBov6hi6R5KQ8YdpyUfV12Dz5w4yd0

Response

HTTP/2.0 200

content-length: 0
access-control-allow-origin: *
date: Sat, 04 Jan 2025 05:01:00 GMT
alt-svc: h3=":443"; ma=93600
x-cdn-traceid: 0.d78f655f.1735966860.874d551
GET

https://www.bing.com/fd/ls/l?IG=68C350558AEC472DBCCE420047970621&CID=3B406B6AF21B62053DD77E00F377634B&Type=Event.CPT&DATA={%22pp%22:{%22S%22:%22L%22,%22FC%22:22,%22BC%22:280,%22SE%22:-1,%22TC%22:-1,%22H%22:374,%22BP%22:441,%22CT%22:443,%22IL%22:5},%22ad%22:[43,194,1263,609,1263,2898,0],%22net%22:%22undefined%22}&P=SERP&DA=DUBE01

msedge.exe

Remote address:

95.101.143.219:443

Request

GET /fd/ls/l?IG=68C350558AEC472DBCCE420047970621&CID=3B406B6AF21B62053DD77E00F377634B&Type=Event.CPT&DATA={%22pp%22:{%22S%22:%22L%22,%22FC%22:22,%22BC%22:280,%22SE%22:-1,%22TC%22:-1,%22H%22:374,%22BP%22:441,%22CT%22:443,%22IL%22:5},%22ad%22:[43,194,1263,609,1263,2898,0],%22net%22:%22undefined%22}&P=SERP&DA=DUBE01 HTTP/2.0
host: www.bing.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.bing.com/search?q=virus+download&cvid=64ee3a2dc60c4392b2e0a454ecd64ada&aqs=edge.4.69i57j0l6.4251j0j4&FORM=ANAB01&PC=U531
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: MUID=3B406B6AF21B62053DD77E00F377634B
cookie: MUIDB=3B406B6AF21B62053DD77E00F377634B
cookie: _EDGE_S=F=1&SID=0E7AE11C3C4A6FE33003F4763D266EE2
cookie: _EDGE_V=1
cookie: USRLOC=HS=1
cookie: _SS=PC=U531&SID=0E7AE11C3C4A6FE33003F4763D266EE2
cookie: SRCHS=PC=U531
cookie: SRCHD=AF=ANAB01
cookie: SRCHUID=V=2&GUID=E38AAEEFBAA84E6BBDE5B51739698DBE&dmnchg=1
cookie: SRCHUSR=DOB=20250104
cookie: SRCHHPGUSR=SRCHLANG=en
cookie: ak_bmsc=E4F717C62D6A03B55FE517A8758AAA35~000000000000000000000000000000~YAAQ149lX2nJJiiUAQAA1CGwLxowCFng3+AW5wE/0o+C0HCcGM8ZGE2iL/QiVQv5fx2BLuEMcPtkyZOcimwKvqhmjOV78DVtjMKBBIkOVWW/h2j37B1KaOsdxZAihsg8GT51p/358UMalk0weGYdLwMv60D/8uqodMb/DsQj7LJzMHsCWJIPJnXpFYli2FtjCDH9nfNZ0MaUnrAoZPzDTIF6O0FrhkmPHjyO9I+9twq6oaYEnZbn3ObA0n6MQBh/9/hFAw/GUCq9/p3+fvQdiXBhEp4LsEor2ta3D8PYK52XeoYZhH55hiTMLEBU1/dqhWoAbCeMw6mpDiFi5LnUJCLQkeuNVw1gvIiPWR2maT+ZTBkBov6hi6R5KQ8YdpyUfV12Dz5w4yd0

Response

HTTP/2.0 200

expires: Tue, 17 Dec 2024 11:35:19 GMT
last-modified: Wed, 20 Nov 2024 06:08:28 GMT
etag: 0x8DD0929C09196E1
cache-control: public, no-transform, max-age=356929
content-length: 7650
content-type: text/javascript; charset=utf-8
content-encoding: br
content-md5: x2EwVHeB7ANtgfiXW7B0ZQ==
x-ms-request-id: cc00ee3a-201e-006b-5776-3bb7c6000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
akamai-grn: 0.646e5668.1732138139.51dd4d4
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
timing-allow-origin: *
date: Sat, 04 Jan 2025 05:01:00 GMT
alt-svc: h3=":443"; ma=93600
x-cdn-traceid: 0.d78f655f.1735966860.874d5da
POST

https://www.bing.com/fd/ls/lsp.aspx?

msedge.exe

Remote address:

95.101.143.219:443

Request

POST /fd/ls/lsp.aspx? HTTP/2.0
host: www.bing.com
content-length: 353
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
content-type: text/plain;charset=UTF-8
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
accept: */*
origin: https://www.bing.com
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://www.bing.com/search?q=virus+download&cvid=64ee3a2dc60c4392b2e0a454ecd64ada&aqs=edge.4.69i57j0l6.4251j0j4&FORM=ANAB01&PC=U531
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: MUID=3B406B6AF21B62053DD77E00F377634B
cookie: MUIDB=3B406B6AF21B62053DD77E00F377634B
cookie: _EDGE_S=F=1&SID=0E7AE11C3C4A6FE33003F4763D266EE2
cookie: _EDGE_V=1
cookie: USRLOC=HS=1
cookie: _SS=PC=U531&SID=0E7AE11C3C4A6FE33003F4763D266EE2
cookie: SRCHS=PC=U531
cookie: SRCHD=AF=ANAB01
cookie: SRCHUID=V=2&GUID=E38AAEEFBAA84E6BBDE5B51739698DBE&dmnchg=1
cookie: SRCHUSR=DOB=20250104
cookie: SRCHHPGUSR=SRCHLANG=en
cookie: ak_bmsc=E4F717C62D6A03B55FE517A8758AAA35~000000000000000000000000000000~YAAQ149lX2nJJiiUAQAA1CGwLxowCFng3+AW5wE/0o+C0HCcGM8ZGE2iL/QiVQv5fx2BLuEMcPtkyZOcimwKvqhmjOV78DVtjMKBBIkOVWW/h2j37B1KaOsdxZAihsg8GT51p/358UMalk0weGYdLwMv60D/8uqodMb/DsQj7LJzMHsCWJIPJnXpFYli2FtjCDH9nfNZ0MaUnrAoZPzDTIF6O0FrhkmPHjyO9I+9twq6oaYEnZbn3ObA0n6MQBh/9/hFAw/GUCq9/p3+fvQdiXBhEp4LsEor2ta3D8PYK52XeoYZhH55hiTMLEBU1/dqhWoAbCeMw6mpDiFi5LnUJCLQkeuNVw1gvIiPWR2maT+ZTBkBov6hi6R5KQ8YdpyUfV12Dz5w4yd0

Response

HTTP/2.0 200

content-length: 4286
content-type: image/x-icon
cache-control: public, max-age=15552000
last-modified: Mon, 01 Jan 1601 00:00:00 GMT
x-eventid: 6672dcd073a742838654c3093e6e7562
useragentreductionoptout: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
date: Sat, 04 Jan 2025 05:01:00 GMT
alt-svc: h3=":443"; ma=93600
x-cdn-traceid: 0.d78f655f.1735966860.874d5e2
GET

https://www.bing.com/rp/5A_wVM0BDlqDmkBnZeuIpN6wkcA.br.js

msedge.exe

Remote address:

95.101.143.219:443

Request

GET /rp/5A_wVM0BDlqDmkBnZeuIpN6wkcA.br.js HTTP/2.0
host: www.bing.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://www.bing.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
dnt: 1
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://www.bing.com/search?q=virus+download&cvid=64ee3a2dc60c4392b2e0a454ecd64ada&aqs=edge.4.69i57j0l6.4251j0j4&FORM=ANAB01&PC=U531
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: MUID=3B406B6AF21B62053DD77E00F377634B
cookie: MUIDB=3B406B6AF21B62053DD77E00F377634B
cookie: _EDGE_S=F=1&SID=0E7AE11C3C4A6FE33003F4763D266EE2
cookie: _EDGE_V=1
cookie: USRLOC=HS=1
cookie: _SS=PC=U531&SID=0E7AE11C3C4A6FE33003F4763D266EE2
cookie: SRCHS=PC=U531
cookie: SRCHD=AF=ANAB01
cookie: SRCHUID=V=2&GUID=E38AAEEFBAA84E6BBDE5B51739698DBE&dmnchg=1
cookie: SRCHUSR=DOB=20250104
cookie: SRCHHPGUSR=SRCHLANG=en
cookie: ak_bmsc=E4F717C62D6A03B55FE517A8758AAA35~000000000000000000000000000000~YAAQ149lX2nJJiiUAQAA1CGwLxowCFng3+AW5wE/0o+C0HCcGM8ZGE2iL/QiVQv5fx2BLuEMcPtkyZOcimwKvqhmjOV78DVtjMKBBIkOVWW/h2j37B1KaOsdxZAihsg8GT51p/358UMalk0weGYdLwMv60D/8uqodMb/DsQj7LJzMHsCWJIPJnXpFYli2FtjCDH9nfNZ0MaUnrAoZPzDTIF6O0FrhkmPHjyO9I+9twq6oaYEnZbn3ObA0n6MQBh/9/hFAw/GUCq9/p3+fvQdiXBhEp4LsEor2ta3D8PYK52XeoYZhH55hiTMLEBU1/dqhWoAbCeMw6mpDiFi5LnUJCLQkeuNVw1gvIiPWR2maT+ZTBkBov6hi6R5KQ8YdpyUfV12Dz5w4yd0

Response

HTTP/2.0 200

content-length: 0
access-control-allow-origin: *
date: Sat, 04 Jan 2025 05:01:00 GMT
alt-svc: h3=":443"; ma=93600
x-cdn-traceid: 0.d78f655f.1735966860.874d5d1
GET

https://www.bing.com/sa/simg/favicon-trans-bg-blue-mg.ico

msedge.exe

Remote address:

95.101.143.219:443

Request

GET /sa/simg/favicon-trans-bg-blue-mg.ico HTTP/2.0
host: www.bing.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.bing.com/search?q=virus+download&cvid=64ee3a2dc60c4392b2e0a454ecd64ada&aqs=edge.4.69i57j0l6.4251j0j4&FORM=ANAB01&PC=U531
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: MUID=3B406B6AF21B62053DD77E00F377634B
cookie: MUIDB=3B406B6AF21B62053DD77E00F377634B
cookie: _EDGE_S=F=1&SID=0E7AE11C3C4A6FE33003F4763D266EE2
cookie: _EDGE_V=1
cookie: USRLOC=HS=1
cookie: _SS=PC=U531&SID=0E7AE11C3C4A6FE33003F4763D266EE2
cookie: SRCHS=PC=U531
cookie: SRCHD=AF=ANAB01
cookie: SRCHUID=V=2&GUID=E38AAEEFBAA84E6BBDE5B51739698DBE&dmnchg=1
cookie: SRCHUSR=DOB=20250104
cookie: SRCHHPGUSR=SRCHLANG=en
cookie: ak_bmsc=E4F717C62D6A03B55FE517A8758AAA35~000000000000000000000000000000~YAAQ149lX2nJJiiUAQAA1CGwLxowCFng3+AW5wE/0o+C0HCcGM8ZGE2iL/QiVQv5fx2BLuEMcPtkyZOcimwKvqhmjOV78DVtjMKBBIkOVWW/h2j37B1KaOsdxZAihsg8GT51p/358UMalk0weGYdLwMv60D/8uqodMb/DsQj7LJzMHsCWJIPJnXpFYli2FtjCDH9nfNZ0MaUnrAoZPzDTIF6O0FrhkmPHjyO9I+9twq6oaYEnZbn3ObA0n6MQBh/9/hFAw/GUCq9/p3+fvQdiXBhEp4LsEor2ta3D8PYK52XeoYZhH55hiTMLEBU1/dqhWoAbCeMw6mpDiFi5LnUJCLQkeuNVw1gvIiPWR2maT+ZTBkBov6hi6R5KQ8YdpyUfV12Dz5w4yd0

Response

HTTP/2.0 204

access-control-allow-origin: *
date: Sat, 04 Jan 2025 05:01:00 GMT
alt-svc: h3=":443"; ma=93600
x-cdn-traceid: 0.d78f655f.1735966860.874d5d5
GET

https://www.bing.com/rewardsapp/widgetassets/prod/medallion/1.1.2/js/widget.js?t=250103

msedge.exe

Remote address:

95.101.143.219:443

Request

GET /rewardsapp/widgetassets/prod/medallion/1.1.2/js/widget.js?t=250103 HTTP/2.0
host: www.bing.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.bing.com/search?q=virus+download&cvid=64ee3a2dc60c4392b2e0a454ecd64ada&aqs=edge.4.69i57j0l6.4251j0j4&FORM=ANAB01&PC=U531
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: MUID=3B406B6AF21B62053DD77E00F377634B
cookie: MUIDB=3B406B6AF21B62053DD77E00F377634B
cookie: _EDGE_S=F=1&SID=0E7AE11C3C4A6FE33003F4763D266EE2
cookie: _EDGE_V=1
cookie: USRLOC=HS=1
cookie: _SS=PC=U531&SID=0E7AE11C3C4A6FE33003F4763D266EE2
cookie: SRCHS=PC=U531
cookie: SRCHD=AF=ANAB01
cookie: SRCHUID=V=2&GUID=E38AAEEFBAA84E6BBDE5B51739698DBE&dmnchg=1
cookie: SRCHUSR=DOB=20250104
cookie: SRCHHPGUSR=SRCHLANG=en
cookie: ak_bmsc=E4F717C62D6A03B55FE517A8758AAA35~000000000000000000000000000000~YAAQ149lX2nJJiiUAQAA1CGwLxowCFng3+AW5wE/0o+C0HCcGM8ZGE2iL/QiVQv5fx2BLuEMcPtkyZOcimwKvqhmjOV78DVtjMKBBIkOVWW/h2j37B1KaOsdxZAihsg8GT51p/358UMalk0weGYdLwMv60D/8uqodMb/DsQj7LJzMHsCWJIPJnXpFYli2FtjCDH9nfNZ0MaUnrAoZPzDTIF6O0FrhkmPHjyO9I+9twq6oaYEnZbn3ObA0n6MQBh/9/hFAw/GUCq9/p3+fvQdiXBhEp4LsEor2ta3D8PYK52XeoYZhH55hiTMLEBU1/dqhWoAbCeMw6mpDiFi5LnUJCLQkeuNVw1gvIiPWR2maT+ZTBkBov6hi6R5KQ8YdpyUfV12Dz5w4yd0

Response

HTTP/2.0 200

content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=21600
content-encoding: br
last-modified: Wed, 13 Nov 2024 18:09:46 GMT
vary: Accept-Encoding
x-ms-request-id: fa38875e-401e-005b-1fb5-5d5eb0000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
x-azure-ref: 20250103T080000Z-18576787c4552442hC1DB1sa740000000n7g0000000067hh
x-fd-int-roxy-purgeid: 0
x-ceto-ref: 67779900b7374aa6b4b3feceba79194a|AFD:67779900b7374aa6b4b3feceba79194a|2025-01-03T08:00:00.748Z
content-length: 48856
date: Sat, 04 Jan 2025 05:01:00 GMT
alt-svc: h3=":443"; ma=93600
x-cdn-traceid: 0.d78f655f.1735966860.874d60f
GET

https://www.bing.com/rp/em88jYr3ZOv7yX3AqoOU5z8EEnA.png

msedge.exe

Remote address:

95.101.143.219:443

Request

GET /rp/em88jYr3ZOv7yX3AqoOU5z8EEnA.png HTTP/2.0
host: www.bing.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.bing.com/search?q=virus+download&cvid=64ee3a2dc60c4392b2e0a454ecd64ada&aqs=edge.4.69i57j0l6.4251j0j4&FORM=ANAB01&PC=U531
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: MUID=3B406B6AF21B62053DD77E00F377634B
cookie: MUIDB=3B406B6AF21B62053DD77E00F377634B
cookie: _EDGE_S=F=1&SID=0E7AE11C3C4A6FE33003F4763D266EE2
cookie: _EDGE_V=1
cookie: USRLOC=HS=1
cookie: _SS=PC=U531&SID=0E7AE11C3C4A6FE33003F4763D266EE2
cookie: SRCHS=PC=U531
cookie: SRCHD=AF=ANAB01
cookie: SRCHUID=V=2&GUID=E38AAEEFBAA84E6BBDE5B51739698DBE&dmnchg=1
cookie: SRCHUSR=DOB=20250104
cookie: ak_bmsc=E4F717C62D6A03B55FE517A8758AAA35~000000000000000000000000000000~YAAQ149lX2nJJiiUAQAA1CGwLxowCFng3+AW5wE/0o+C0HCcGM8ZGE2iL/QiVQv5fx2BLuEMcPtkyZOcimwKvqhmjOV78DVtjMKBBIkOVWW/h2j37B1KaOsdxZAihsg8GT51p/358UMalk0weGYdLwMv60D/8uqodMb/DsQj7LJzMHsCWJIPJnXpFYli2FtjCDH9nfNZ0MaUnrAoZPzDTIF6O0FrhkmPHjyO9I+9twq6oaYEnZbn3ObA0n6MQBh/9/hFAw/GUCq9/p3+fvQdiXBhEp4LsEor2ta3D8PYK52XeoYZhH55hiTMLEBU1/dqhWoAbCeMw6mpDiFi5LnUJCLQkeuNVw1gvIiPWR2maT+ZTBkBov6hi6R5KQ8YdpyUfV12Dz5w4yd0
cookie: SRCHHPGUSR=SRCHLANG=en&DM=0

Response

HTTP/2.0 200

expires: Thu, 28 Nov 2024 10:42:30 GMT
last-modified: Tue, 24 Sep 2024 06:45:05 GMT
etag: 0x8DCDC646C9AF5F4
cache-control: public, no-transform, max-age=314721
akamai-grn: 0.a3777b5c.1728974494.ceaeeaa
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
content-length: 1929
content-type: image/png
content-md5: TBVfy13T2kZEUa0kC23mBg==
x-ms-request-id: 1d60634c-401e-0052-2736-1bf762000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
date: Sat, 04 Jan 2025 05:01:00 GMT
alt-svc: h3=":443"; ma=93600
x-cdn-traceid: 0.d78f655f.1735966860.874d613
GET

https://www.bing.com/geolocation/write?isDevLoc=false&lat=51.519901275634766&lon=-0.10880059748888016&dispName=London%252C%2520Greater%2520London&isEff=1&effLocType=1&clientsid=undefined

msedge.exe

Remote address:

95.101.143.219:443

Request

GET /geolocation/write?isDevLoc=false&lat=51.519901275634766&lon=-0.10880059748888016&dispName=London%252C%2520Greater%2520London&isEff=1&effLocType=1&clientsid=undefined HTTP/2.0
host: www.bing.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.bing.com/search?q=virus+download&cvid=64ee3a2dc60c4392b2e0a454ecd64ada&aqs=edge.4.69i57j0l6.4251j0j4&FORM=ANAB01&PC=U531
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: MUID=3B406B6AF21B62053DD77E00F377634B
cookie: MUIDB=3B406B6AF21B62053DD77E00F377634B
cookie: _EDGE_S=F=1&SID=0E7AE11C3C4A6FE33003F4763D266EE2
cookie: _EDGE_V=1
cookie: USRLOC=HS=1
cookie: _SS=PC=U531&SID=0E7AE11C3C4A6FE33003F4763D266EE2
cookie: SRCHS=PC=U531
cookie: SRCHD=AF=ANAB01
cookie: SRCHUID=V=2&GUID=E38AAEEFBAA84E6BBDE5B51739698DBE&dmnchg=1
cookie: SRCHUSR=DOB=20250104
cookie: ak_bmsc=E4F717C62D6A03B55FE517A8758AAA35~000000000000000000000000000000~YAAQ149lX2nJJiiUAQAA1CGwLxowCFng3+AW5wE/0o+C0HCcGM8ZGE2iL/QiVQv5fx2BLuEMcPtkyZOcimwKvqhmjOV78DVtjMKBBIkOVWW/h2j37B1KaOsdxZAihsg8GT51p/358UMalk0weGYdLwMv60D/8uqodMb/DsQj7LJzMHsCWJIPJnXpFYli2FtjCDH9nfNZ0MaUnrAoZPzDTIF6O0FrhkmPHjyO9I+9twq6oaYEnZbn3ObA0n6MQBh/9/hFAw/GUCq9/p3+fvQdiXBhEp4LsEor2ta3D8PYK52XeoYZhH55hiTMLEBU1/dqhWoAbCeMw6mpDiFi5LnUJCLQkeuNVw1gvIiPWR2maT+ZTBkBov6hi6R5KQ8YdpyUfV12Dz5w4yd0
cookie: SRCHHPGUSR=SRCHLANG=en&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=2898&DPR=1.0&UTC=0

Response

HTTP/2.0 200

cache-control: private
content-length: 1
content-type: text/html
content-encoding: br
vary: Accept-Encoding
p3p: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
x-eventid: 6778c08c539e479d874d629ff5011a64
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, ECT, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
useragentreductionoptout: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
content-security-policy: script-src https: 'strict-dynamic' 'report-sample' 'wasm-unsafe-eval' 'nonce-NVPD71jbPKBpYsFQ4e/7n2NSmc6AYNRzToWnkVj+nRs='; base-uri 'self';report-to csp-endpoint
report-to: {"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
x-msedge-ref: Ref A: 2164BD9D340E4C228CB664AE3A3DE4EC Ref B: LON601060101040 Ref C: 2025-01-04T05:01:00Z
date: Sat, 04 Jan 2025 05:01:00 GMT
set-cookie: MUIDB=3B406B6AF21B62053DD77E00F377634B; expires=Thu, 29-Jan-2026 05:01:00 GMT; path=/; HttpOnly
set-cookie: SRCHHPGUSR=SRCHLANG=en&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=2898&DPR=1.0&UTC=0&PV=10.0; domain=.bing.com; expires=Thu, 29-Jan-2026 05:01:00 GMT; path=/; secure; SameSite=None
set-cookie: USRLOC=HS=1&ELOC=LAT=51.519901275634766|LON=-0.10880059748888016|N=London%2C%20Greater%20London|ELT=1|; domain=.bing.com; expires=Thu, 29-Jan-2026 05:01:00 GMT; path=/; secure; HttpOnly; SameSite=None
set-cookie: SRCHS=; domain=.bing.com; expires=Thu, 01-Jan-1970 08:00:00 GMT; path=/; secure; SameSite=None
set-cookie: SRCHS=; expires=Thu, 01-Jan-1970 08:00:00 GMT; path=/; secure; SameSite=None
alt-svc: h3=":443"; ma=93600
x-cdn-traceid: 0.d78f655f.1735966860.874d628
GET

https://www.bing.com/fd/ls/l?IG=68C350558AEC472DBCCE420047970621&CID=3B406B6AF21B62053DD77E00F377634B&TYPE=Event.ClientInst&DATA=%5B%7B%22T%22%3A%22CI.Init%22%2C%22TS%22%3A1735966859668%2C%22Name%22%3A%22Base%22%2C%22FID%22%3A%22CI%22%7D%2C%7B%22Rtt%22%3A%22100%22%2C%22Downlink%22%3A%223.9%22%2C%22T%22%3A%22CI.NetworkPerformance%22%2C%22TS%22%3A1735966859668%2C%22Name%22%3A%22timinginfo%22%2C%22FID%22%3A%22NetworkPerformanceDetails%22%7D%2C%7B%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1735966859679%2C%22Name%22%3A%220%22%2C%22FID%22%3A%22EdgeSpoofing%22%7D%2C%7B%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1735966859682%2C%22Name%22%3A%220%22%2C%22FID%22%3A%22DM%22%7D%5D

msedge.exe

Remote address:

95.101.143.219:443

Request

GET /fd/ls/l?IG=68C350558AEC472DBCCE420047970621&CID=3B406B6AF21B62053DD77E00F377634B&TYPE=Event.ClientInst&DATA=%5B%7B%22T%22%3A%22CI.Init%22%2C%22TS%22%3A1735966859668%2C%22Name%22%3A%22Base%22%2C%22FID%22%3A%22CI%22%7D%2C%7B%22Rtt%22%3A%22100%22%2C%22Downlink%22%3A%223.9%22%2C%22T%22%3A%22CI.NetworkPerformance%22%2C%22TS%22%3A1735966859668%2C%22Name%22%3A%22timinginfo%22%2C%22FID%22%3A%22NetworkPerformanceDetails%22%7D%2C%7B%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1735966859679%2C%22Name%22%3A%220%22%2C%22FID%22%3A%22EdgeSpoofing%22%7D%2C%7B%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1735966859682%2C%22Name%22%3A%220%22%2C%22FID%22%3A%22DM%22%7D%5D HTTP/2.0
host: www.bing.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.bing.com/search?q=virus+download&cvid=64ee3a2dc60c4392b2e0a454ecd64ada&aqs=edge.4.69i57j0l6.4251j0j4&FORM=ANAB01&PC=U531
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: MUID=3B406B6AF21B62053DD77E00F377634B
cookie: MUIDB=3B406B6AF21B62053DD77E00F377634B
cookie: _EDGE_S=F=1&SID=0E7AE11C3C4A6FE33003F4763D266EE2
cookie: _EDGE_V=1
cookie: USRLOC=HS=1
cookie: _SS=PC=U531&SID=0E7AE11C3C4A6FE33003F4763D266EE2
cookie: SRCHS=PC=U531
cookie: SRCHD=AF=ANAB01
cookie: SRCHUID=V=2&GUID=E38AAEEFBAA84E6BBDE5B51739698DBE&dmnchg=1
cookie: SRCHUSR=DOB=20250104
cookie: ak_bmsc=E4F717C62D6A03B55FE517A8758AAA35~000000000000000000000000000000~YAAQ149lX2nJJiiUAQAA1CGwLxowCFng3+AW5wE/0o+C0HCcGM8ZGE2iL/QiVQv5fx2BLuEMcPtkyZOcimwKvqhmjOV78DVtjMKBBIkOVWW/h2j37B1KaOsdxZAihsg8GT51p/358UMalk0weGYdLwMv60D/8uqodMb/DsQj7LJzMHsCWJIPJnXpFYli2FtjCDH9nfNZ0MaUnrAoZPzDTIF6O0FrhkmPHjyO9I+9twq6oaYEnZbn3ObA0n6MQBh/9/hFAw/GUCq9/p3+fvQdiXBhEp4LsEor2ta3D8PYK52XeoYZhH55hiTMLEBU1/dqhWoAbCeMw6mpDiFi5LnUJCLQkeuNVw1gvIiPWR2maT+ZTBkBov6hi6R5KQ8YdpyUfV12Dz5w4yd0
cookie: SRCHHPGUSR=SRCHLANG=en&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=2898&DPR=1.0&UTC=0

Response

HTTP/2.0 200

last-modified: Tue, 24 Sep 2024 06:17:12 GMT
etag: 0x8DCDC608780CE8B
content-length: 512
content-type: image/svg+xml
content-md5: G0HPjgI1nZPfetni3YDkOw==
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: bfe80271-601e-0028-1e2e-179d2f000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cache-control: public, no-transform, max-age=237319
expires: Mon, 06 Jan 2025 22:56:19 GMT
date: Sat, 04 Jan 2025 05:01:00 GMT
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.d78f655f.1735966860.874d67d
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://www.bing.com/fd/ls/l?IG=68C350558AEC472DBCCE420047970621&CID=3B406B6AF21B62053DD77E00F377634B&TYPE=Event.ClientInst&DATA=%5B%7B%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1735966859683%2C%22Name%22%3A%220%22%2C%22FID%22%3A%22DARKMODE%22%7D%5D

msedge.exe

Remote address:

95.101.143.219:443

Request

GET /fd/ls/l?IG=68C350558AEC472DBCCE420047970621&CID=3B406B6AF21B62053DD77E00F377634B&TYPE=Event.ClientInst&DATA=%5B%7B%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1735966859683%2C%22Name%22%3A%220%22%2C%22FID%22%3A%22DARKMODE%22%7D%5D HTTP/2.0
host: www.bing.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.bing.com/search?q=virus+download&cvid=64ee3a2dc60c4392b2e0a454ecd64ada&aqs=edge.4.69i57j0l6.4251j0j4&FORM=ANAB01&PC=U531
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: MUID=3B406B6AF21B62053DD77E00F377634B
cookie: MUIDB=3B406B6AF21B62053DD77E00F377634B
cookie: _EDGE_S=F=1&SID=0E7AE11C3C4A6FE33003F4763D266EE2
cookie: _EDGE_V=1
cookie: USRLOC=HS=1
cookie: _SS=PC=U531&SID=0E7AE11C3C4A6FE33003F4763D266EE2
cookie: SRCHS=PC=U531
cookie: SRCHD=AF=ANAB01
cookie: SRCHUID=V=2&GUID=E38AAEEFBAA84E6BBDE5B51739698DBE&dmnchg=1
cookie: SRCHUSR=DOB=20250104
cookie: ak_bmsc=E4F717C62D6A03B55FE517A8758AAA35~000000000000000000000000000000~YAAQ149lX2nJJiiUAQAA1CGwLxowCFng3+AW5wE/0o+C0HCcGM8ZGE2iL/QiVQv5fx2BLuEMcPtkyZOcimwKvqhmjOV78DVtjMKBBIkOVWW/h2j37B1KaOsdxZAihsg8GT51p/358UMalk0weGYdLwMv60D/8uqodMb/DsQj7LJzMHsCWJIPJnXpFYli2FtjCDH9nfNZ0MaUnrAoZPzDTIF6O0FrhkmPHjyO9I+9twq6oaYEnZbn3ObA0n6MQBh/9/hFAw/GUCq9/p3+fvQdiXBhEp4LsEor2ta3D8PYK52XeoYZhH55hiTMLEBU1/dqhWoAbCeMw6mpDiFi5LnUJCLQkeuNVw1gvIiPWR2maT+ZTBkBov6hi6R5KQ8YdpyUfV12Dz5w4yd0
cookie: SRCHHPGUSR=SRCHLANG=en&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=2898&DPR=1.0&UTC=0

Response

HTTP/2.0 200

last-modified: Tue, 24 Sep 2024 06:02:04 GMT
etag: 0x8DCDC5E6A2D8636
content-length: 349
content-type: image/svg+xml
content-md5: iRh5eBPrKqjGuvgWi/nStw==
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 853c015d-c01e-0061-6298-16ae4f000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cache-control: public, no-transform, max-age=102886
expires: Sun, 05 Jan 2025 09:35:46 GMT
date: Sat, 04 Jan 2025 05:01:00 GMT
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.d78f655f.1735966860.874d680
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://www.bing.com/fd/ls/l?IG=68C350558AEC472DBCCE420047970621&CID=3B406B6AF21B62053DD77E00F377634B&Type=Event.ClientInst&DATA=[{%22T%22:%22Info%22,%22FID%22:%22CI%22,%22Name%22:%22ClientDimNotSent%22,%22Text%22:%221%22}]

msedge.exe

Remote address:

95.101.143.219:443

Request

GET /fd/ls/l?IG=68C350558AEC472DBCCE420047970621&CID=3B406B6AF21B62053DD77E00F377634B&Type=Event.ClientInst&DATA=[{%22T%22:%22Info%22,%22FID%22:%22CI%22,%22Name%22:%22ClientDimNotSent%22,%22Text%22:%221%22}] HTTP/2.0
host: www.bing.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.bing.com/search?q=virus+download&cvid=64ee3a2dc60c4392b2e0a454ecd64ada&aqs=edge.4.69i57j0l6.4251j0j4&FORM=ANAB01&PC=U531
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: MUID=3B406B6AF21B62053DD77E00F377634B
cookie: MUIDB=3B406B6AF21B62053DD77E00F377634B
cookie: _EDGE_S=F=1&SID=0E7AE11C3C4A6FE33003F4763D266EE2
cookie: _EDGE_V=1
cookie: USRLOC=HS=1
cookie: _SS=PC=U531&SID=0E7AE11C3C4A6FE33003F4763D266EE2
cookie: SRCHS=PC=U531
cookie: SRCHD=AF=ANAB01
cookie: SRCHUID=V=2&GUID=E38AAEEFBAA84E6BBDE5B51739698DBE&dmnchg=1
cookie: SRCHUSR=DOB=20250104
cookie: ak_bmsc=E4F717C62D6A03B55FE517A8758AAA35~000000000000000000000000000000~YAAQ149lX2nJJiiUAQAA1CGwLxowCFng3+AW5wE/0o+C0HCcGM8ZGE2iL/QiVQv5fx2BLuEMcPtkyZOcimwKvqhmjOV78DVtjMKBBIkOVWW/h2j37B1KaOsdxZAihsg8GT51p/358UMalk0weGYdLwMv60D/8uqodMb/DsQj7LJzMHsCWJIPJnXpFYli2FtjCDH9nfNZ0MaUnrAoZPzDTIF6O0FrhkmPHjyO9I+9twq6oaYEnZbn3ObA0n6MQBh/9/hFAw/GUCq9/p3+fvQdiXBhEp4LsEor2ta3D8PYK52XeoYZhH55hiTMLEBU1/dqhWoAbCeMw6mpDiFi5LnUJCLQkeuNVw1gvIiPWR2maT+ZTBkBov6hi6R5KQ8YdpyUfV12Dz5w4yd0
cookie: SRCHHPGUSR=SRCHLANG=en&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=2898&DPR=1.0&UTC=0

Response

HTTP/2.0 200

content-type: image/png
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
content-length: 944
cache-control: public, max-age=1060205
date: Sat, 04 Jan 2025 05:01:00 GMT
x-cache: TCP_MEM_HIT from a95-101-143-215.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.d78f655f.1735966860.874d683
x-check-cacheable: YES
GET

https://www.bing.com/fd/ls/l?IG=68C350558AEC472DBCCE420047970621&CID=3B406B6AF21B62053DD77E00F377634B&Type=Event.ClientInst&DATA=[{%22T%22:%22Info%22,%22FID%22:%22CI%22,%22Name%22:%22HasRR%22,%22Text%22:%221%22}]

msedge.exe

Remote address:

95.101.143.219:443

Request

GET /fd/ls/l?IG=68C350558AEC472DBCCE420047970621&CID=3B406B6AF21B62053DD77E00F377634B&Type=Event.ClientInst&DATA=[{%22T%22:%22Info%22,%22FID%22:%22CI%22,%22Name%22:%22HasRR%22,%22Text%22:%221%22}] HTTP/2.0
host: www.bing.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.bing.com/search?q=virus+download&cvid=64ee3a2dc60c4392b2e0a454ecd64ada&aqs=edge.4.69i57j0l6.4251j0j4&FORM=ANAB01&PC=U531
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: MUID=3B406B6AF21B62053DD77E00F377634B
cookie: MUIDB=3B406B6AF21B62053DD77E00F377634B
cookie: _EDGE_S=F=1&SID=0E7AE11C3C4A6FE33003F4763D266EE2
cookie: _EDGE_V=1
cookie: USRLOC=HS=1
cookie: _SS=PC=U531&SID=0E7AE11C3C4A6FE33003F4763D266EE2
cookie: SRCHS=PC=U531
cookie: SRCHD=AF=ANAB01
cookie: SRCHUID=V=2&GUID=E38AAEEFBAA84E6BBDE5B51739698DBE&dmnchg=1
cookie: SRCHUSR=DOB=20250104
cookie: ak_bmsc=E4F717C62D6A03B55FE517A8758AAA35~000000000000000000000000000000~YAAQ149lX2nJJiiUAQAA1CGwLxowCFng3+AW5wE/0o+C0HCcGM8ZGE2iL/QiVQv5fx2BLuEMcPtkyZOcimwKvqhmjOV78DVtjMKBBIkOVWW/h2j37B1KaOsdxZAihsg8GT51p/358UMalk0weGYdLwMv60D/8uqodMb/DsQj7LJzMHsCWJIPJnXpFYli2FtjCDH9nfNZ0MaUnrAoZPzDTIF6O0FrhkmPHjyO9I+9twq6oaYEnZbn3ObA0n6MQBh/9/hFAw/GUCq9/p3+fvQdiXBhEp4LsEor2ta3D8PYK52XeoYZhH55hiTMLEBU1/dqhWoAbCeMw6mpDiFi5LnUJCLQkeuNVw1gvIiPWR2maT+ZTBkBov6hi6R5KQ8YdpyUfV12Dz5w4yd0
cookie: SRCHHPGUSR=SRCHLANG=en&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=2898&DPR=1.0&UTC=0

Response

HTTP/2.0 200

content-type: image/png
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
content-length: 944
cache-control: public, max-age=1059684
date: Sat, 04 Jan 2025 05:01:00 GMT
x-cache: TCP_MEM_HIT from a95-101-143-215.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.d78f655f.1735966860.874d684
x-check-cacheable: YES
GET

https://www.bing.com/fd/ls/l?IG=68C350558AEC472DBCCE420047970621&CID=3B406B6AF21B62053DD77E00F377634B&TYPE=Event.ClientInst&DATA=%5B%7B%22width%22%3A%221280%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1735966859684%2C%22Name%22%3A%22M%22%2C%22FID%22%3A%22BRW%22%7D%2C%7B%22height%22%3A%22609%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1735966859685%2C%22Name%22%3A%22S%22%2C%22FID%22%3A%22BRH%22%7D%2C%7B%22RawDPR%22%3A%221.0%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1735966859691%2C%22Name%22%3A%221.0%22%2C%22FID%22%3A%22DPR%22%7D%2C%7B%22T%22%3A%22CI.SCArrST%22%2C%22TS%22%3A1735966859693%2C%22Name%22%3A472%2C%22FID%22%3A%22SCArrST%22%7D%2C%7B%22Namespace%22%3A%22SearchHarder%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1735966859694%2C%22Name%22%3A%22ButtonVisible%22%2C%22FID%22%3A%22SearchHarderEntryPoint%22%7D%2C%7B%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1735966859699%2C%22Name%22%3A%22VisibleOrDelayed%22%2C%22FID%22%3A%22BottomBanner%22%7D%2C%7B%22ID%22%3A%2263245%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1735966859699%2C%22Name%22%3A%22BottomBanner%22%2C%22FID%22%3A%22Mcp%22%7D%2C%7B%22T%22%3A%22CI.BNP%22%2C%22TS%22%3A1735966859699%2C%22Name%22%3A%22bnp.notif.shown%22%2C%22FID%22%3A%2263245%22%7D%2C%7B%22T%22%3A%22CI.BNP%22%2C%22TS%22%3A1735966859700%2C%22Name%22%3A%22InitializationStarted%22%2C%22FID%22%3A%2263245%22%7D%2C%7B%22T%22%3A%22CI.BNP%22%2C%22TS%22%3A1735966859700%2C%22Name%22%3A%22bnp.embed.ready%22%2C%22FID%22%3A%2263245%22%7D%2C%7B%22ID%22%3A%2263245%22%2C%22T%22%3A%22CI.BNPUxAssetIndex%22%2C%22TS%22%3A1735966859700%2C%22Name%22%3A0%2C%22FID%22%3A%22BNP%22%7D%2C%7B%22T%22%3A%22CI.BNP%22%2C%22TS%22%3A1735966859701%2C%22Name%22%3A1263%2C%22FID%22%3A%22ViewPortWidth%22%7D%2C%7B%22T%22%3A%22CI.BNP%22%2C%22TS%22%3A1735966859701%2C%22Name%22%3A%22OfferIdMissing%22%2C%22FID%22%3A%22BNPOfferId%22%7D%2C%7B%22T%22%3A%22CI.EffectiveLocation%22%2C%22TS%22%3A1735966859702%2C%22Name%22%3A%22tryWriteEffectiveLocation%22%2C%22FID%22%3A%22EffectiveLocation%22%7D%5D

msedge.exe

Remote address:

95.101.143.219:443

Request

GET /fd/ls/l?IG=68C350558AEC472DBCCE420047970621&CID=3B406B6AF21B62053DD77E00F377634B&TYPE=Event.ClientInst&DATA=%5B%7B%22width%22%3A%221280%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1735966859684%2C%22Name%22%3A%22M%22%2C%22FID%22%3A%22BRW%22%7D%2C%7B%22height%22%3A%22609%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1735966859685%2C%22Name%22%3A%22S%22%2C%22FID%22%3A%22BRH%22%7D%2C%7B%22RawDPR%22%3A%221.0%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1735966859691%2C%22Name%22%3A%221.0%22%2C%22FID%22%3A%22DPR%22%7D%2C%7B%22T%22%3A%22CI.SCArrST%22%2C%22TS%22%3A1735966859693%2C%22Name%22%3A472%2C%22FID%22%3A%22SCArrST%22%7D%2C%7B%22Namespace%22%3A%22SearchHarder%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1735966859694%2C%22Name%22%3A%22ButtonVisible%22%2C%22FID%22%3A%22SearchHarderEntryPoint%22%7D%2C%7B%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1735966859699%2C%22Name%22%3A%22VisibleOrDelayed%22%2C%22FID%22%3A%22BottomBanner%22%7D%2C%7B%22ID%22%3A%2263245%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1735966859699%2C%22Name%22%3A%22BottomBanner%22%2C%22FID%22%3A%22Mcp%22%7D%2C%7B%22T%22%3A%22CI.BNP%22%2C%22TS%22%3A1735966859699%2C%22Name%22%3A%22bnp.notif.shown%22%2C%22FID%22%3A%2263245%22%7D%2C%7B%22T%22%3A%22CI.BNP%22%2C%22TS%22%3A1735966859700%2C%22Name%22%3A%22InitializationStarted%22%2C%22FID%22%3A%2263245%22%7D%2C%7B%22T%22%3A%22CI.BNP%22%2C%22TS%22%3A1735966859700%2C%22Name%22%3A%22bnp.embed.ready%22%2C%22FID%22%3A%2263245%22%7D%2C%7B%22ID%22%3A%2263245%22%2C%22T%22%3A%22CI.BNPUxAssetIndex%22%2C%22TS%22%3A1735966859700%2C%22Name%22%3A0%2C%22FID%22%3A%22BNP%22%7D%2C%7B%22T%22%3A%22CI.BNP%22%2C%22TS%22%3A1735966859701%2C%22Name%22%3A1263%2C%22FID%22%3A%22ViewPortWidth%22%7D%2C%7B%22T%22%3A%22CI.BNP%22%2C%22TS%22%3A1735966859701%2C%22Name%22%3A%22OfferIdMissing%22%2C%22FID%22%3A%22BNPOfferId%22%7D%2C%7B%22T%22%3A%22CI.EffectiveLocation%22%2C%22TS%22%3A1735966859702%2C%22Name%22%3A%22tryWriteEffectiveLocation%22%2C%22FID%22%3A%22EffectiveLocation%22%7D%5D HTTP/2.0
host: www.bing.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.bing.com/search?q=virus+download&cvid=64ee3a2dc60c4392b2e0a454ecd64ada&aqs=edge.4.69i57j0l6.4251j0j4&FORM=ANAB01&PC=U531
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: MUID=3B406B6AF21B62053DD77E00F377634B
cookie: MUIDB=3B406B6AF21B62053DD77E00F377634B
cookie: _EDGE_S=F=1&SID=0E7AE11C3C4A6FE33003F4763D266EE2
cookie: _EDGE_V=1
cookie: USRLOC=HS=1
cookie: _SS=PC=U531&SID=0E7AE11C3C4A6FE33003F4763D266EE2
cookie: SRCHS=PC=U531
cookie: SRCHD=AF=ANAB01
cookie: SRCHUID=V=2&GUID=E38AAEEFBAA84E6BBDE5B51739698DBE&dmnchg=1
cookie: SRCHUSR=DOB=20250104
cookie: ak_bmsc=E4F717C62D6A03B55FE517A8758AAA35~000000000000000000000000000000~YAAQ149lX2nJJiiUAQAA1CGwLxowCFng3+AW5wE/0o+C0HCcGM8ZGE2iL/QiVQv5fx2BLuEMcPtkyZOcimwKvqhmjOV78DVtjMKBBIkOVWW/h2j37B1KaOsdxZAihsg8GT51p/358UMalk0weGYdLwMv60D/8uqodMb/DsQj7LJzMHsCWJIPJnXpFYli2FtjCDH9nfNZ0MaUnrAoZPzDTIF6O0FrhkmPHjyO9I+9twq6oaYEnZbn3ObA0n6MQBh/9/hFAw/GUCq9/p3+fvQdiXBhEp4LsEor2ta3D8PYK52XeoYZhH55hiTMLEBU1/dqhWoAbCeMw6mpDiFi5LnUJCLQkeuNVw1gvIiPWR2maT+ZTBkBov6hi6R5KQ8YdpyUfV12Dz5w4yd0
cookie: SRCHHPGUSR=SRCHLANG=en&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=2898&DPR=1.0&UTC=0

Response

HTTP/2.0 200

content-type: image/png
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
content-length: 1822
cache-control: public, max-age=2361602
date: Sat, 04 Jan 2025 05:01:00 GMT
x-cache: TCP_HIT from a95-101-143-215.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.d78f655f.1735966860.874d681
x-check-cacheable: YES
GET

https://r.bing.com/rp/NbA_o5_JH0GEi8eQ-UOtARHo4pE.svg

msedge.exe

Remote address:

95.101.143.219:443

Request

GET /rp/NbA_o5_JH0GEi8eQ-UOtARHo4pE.svg HTTP/2.0
host: r.bing.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: MUID=3B406B6AF21B62053DD77E00F377634B
cookie: _EDGE_S=F=1&SID=0E7AE11C3C4A6FE33003F4763D266EE2
cookie: _EDGE_V=1
cookie: USRLOC=HS=1
cookie: _SS=PC=U531&SID=0E7AE11C3C4A6FE33003F4763D266EE2
cookie: SRCHS=PC=U531
cookie: SRCHD=AF=ANAB01
cookie: SRCHUID=V=2&GUID=E38AAEEFBAA84E6BBDE5B51739698DBE&dmnchg=1
cookie: SRCHUSR=DOB=20250104
cookie: ak_bmsc=E4F717C62D6A03B55FE517A8758AAA35~000000000000000000000000000000~YAAQ149lX2nJJiiUAQAA1CGwLxowCFng3+AW5wE/0o+C0HCcGM8ZGE2iL/QiVQv5fx2BLuEMcPtkyZOcimwKvqhmjOV78DVtjMKBBIkOVWW/h2j37B1KaOsdxZAihsg8GT51p/358UMalk0weGYdLwMv60D/8uqodMb/DsQj7LJzMHsCWJIPJnXpFYli2FtjCDH9nfNZ0MaUnrAoZPzDTIF6O0FrhkmPHjyO9I+9twq6oaYEnZbn3ObA0n6MQBh/9/hFAw/GUCq9/p3+fvQdiXBhEp4LsEor2ta3D8PYK52XeoYZhH55hiTMLEBU1/dqhWoAbCeMw6mpDiFi5LnUJCLQkeuNVw1gvIiPWR2maT+ZTBkBov6hi6R5KQ8YdpyUfV12Dz5w4yd0
cookie: SRCHHPGUSR=SRCHLANG=en&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=2898&DPR=1.0&UTC=0

Response

HTTP/2.0 200

content-length: 0
access-control-allow-origin: *
date: Sat, 04 Jan 2025 05:01:00 GMT
alt-svc: h3=":443"; ma=93600
x-cdn-traceid: 0.d78f655f.1735966860.874d66a
GET

https://r.bing.com/rp/Dl3Mgy5b8mZk0rO25YbvLM3bp7Q.svg

msedge.exe

Remote address:

95.101.143.219:443

Request

GET /rp/Dl3Mgy5b8mZk0rO25YbvLM3bp7Q.svg HTTP/2.0
host: r.bing.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: MUID=3B406B6AF21B62053DD77E00F377634B
cookie: _EDGE_S=F=1&SID=0E7AE11C3C4A6FE33003F4763D266EE2
cookie: _EDGE_V=1
cookie: USRLOC=HS=1
cookie: _SS=PC=U531&SID=0E7AE11C3C4A6FE33003F4763D266EE2
cookie: SRCHS=PC=U531
cookie: SRCHD=AF=ANAB01
cookie: SRCHUID=V=2&GUID=E38AAEEFBAA84E6BBDE5B51739698DBE&dmnchg=1
cookie: SRCHUSR=DOB=20250104
cookie: ak_bmsc=E4F717C62D6A03B55FE517A8758AAA35~000000000000000000000000000000~YAAQ149lX2nJJiiUAQAA1CGwLxowCFng3+AW5wE/0o+C0HCcGM8ZGE2iL/QiVQv5fx2BLuEMcPtkyZOcimwKvqhmjOV78DVtjMKBBIkOVWW/h2j37B1KaOsdxZAihsg8GT51p/358UMalk0weGYdLwMv60D/8uqodMb/DsQj7LJzMHsCWJIPJnXpFYli2FtjCDH9nfNZ0MaUnrAoZPzDTIF6O0FrhkmPHjyO9I+9twq6oaYEnZbn3ObA0n6MQBh/9/hFAw/GUCq9/p3+fvQdiXBhEp4LsEor2ta3D8PYK52XeoYZhH55hiTMLEBU1/dqhWoAbCeMw6mpDiFi5LnUJCLQkeuNVw1gvIiPWR2maT+ZTBkBov6hi6R5KQ8YdpyUfV12Dz5w4yd0
cookie: SRCHHPGUSR=SRCHLANG=en&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=2898&DPR=1.0&UTC=0

Response

HTTP/2.0 200

content-type: image/png
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
content-length: 1967
cache-control: public, max-age=2237423
date: Sat, 04 Jan 2025 05:01:00 GMT
x-cache: TCP_HIT from a95-101-143-215.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.d78f655f.1735966860.874d682
x-check-cacheable: YES
GET

https://th.bing.com/th?id=ODLS.b4a40212-560b-4e49-a115-50716e96c1fa&w=32&h=32&o=6&pid=AdsPlus

msedge.exe

Remote address:

95.101.143.219:443

Request

GET /th?id=ODLS.b4a40212-560b-4e49-a115-50716e96c1fa&w=32&h=32&o=6&pid=AdsPlus HTTP/2.0
host: th.bing.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: MUID=3B406B6AF21B62053DD77E00F377634B
cookie: _EDGE_S=F=1&SID=0E7AE11C3C4A6FE33003F4763D266EE2
cookie: _EDGE_V=1
cookie: USRLOC=HS=1
cookie: _SS=PC=U531&SID=0E7AE11C3C4A6FE33003F4763D266EE2
cookie: SRCHS=PC=U531
cookie: SRCHD=AF=ANAB01
cookie: SRCHUID=V=2&GUID=E38AAEEFBAA84E6BBDE5B51739698DBE&dmnchg=1
cookie: SRCHUSR=DOB=20250104
cookie: ak_bmsc=E4F717C62D6A03B55FE517A8758AAA35~000000000000000000000000000000~YAAQ149lX2nJJiiUAQAA1CGwLxowCFng3+AW5wE/0o+C0HCcGM8ZGE2iL/QiVQv5fx2BLuEMcPtkyZOcimwKvqhmjOV78DVtjMKBBIkOVWW/h2j37B1KaOsdxZAihsg8GT51p/358UMalk0weGYdLwMv60D/8uqodMb/DsQj7LJzMHsCWJIPJnXpFYli2FtjCDH9nfNZ0MaUnrAoZPzDTIF6O0FrhkmPHjyO9I+9twq6oaYEnZbn3ObA0n6MQBh/9/hFAw/GUCq9/p3+fvQdiXBhEp4LsEor2ta3D8PYK52XeoYZhH55hiTMLEBU1/dqhWoAbCeMw6mpDiFi5LnUJCLQkeuNVw1gvIiPWR2maT+ZTBkBov6hi6R5KQ8YdpyUfV12Dz5w4yd0
cookie: SRCHHPGUSR=SRCHLANG=en&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=2898&DPR=1.0&UTC=0

Response

HTTP/2.0 200

content-length: 0
access-control-allow-origin: *
date: Sat, 04 Jan 2025 05:01:00 GMT
alt-svc: h3=":443"; ma=93600
x-cdn-traceid: 0.d78f655f.1735966860.874d67a
GET

https://th.bing.com/th?id=ODLS.b8cf4d43-c110-4f2d-8a21-74cf67c788bf&w=32&h=32&qlt=90&pcl=fffffa&o=6&pid=1.2

msedge.exe

Remote address:

95.101.143.219:443

Request

GET /th?id=ODLS.b8cf4d43-c110-4f2d-8a21-74cf67c788bf&w=32&h=32&qlt=90&pcl=fffffa&o=6&pid=1.2 HTTP/2.0
host: th.bing.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: MUID=3B406B6AF21B62053DD77E00F377634B
cookie: _EDGE_S=F=1&SID=0E7AE11C3C4A6FE33003F4763D266EE2
cookie: _EDGE_V=1
cookie: USRLOC=HS=1
cookie: _SS=PC=U531&SID=0E7AE11C3C4A6FE33003F4763D266EE2
cookie: SRCHS=PC=U531
cookie: SRCHD=AF=ANAB01
cookie: SRCHUID=V=2&GUID=E38AAEEFBAA84E6BBDE5B51739698DBE&dmnchg=1
cookie: SRCHUSR=DOB=20250104
cookie: ak_bmsc=E4F717C62D6A03B55FE517A8758AAA35~000000000000000000000000000000~YAAQ149lX2nJJiiUAQAA1CGwLxowCFng3+AW5wE/0o+C0HCcGM8ZGE2iL/QiVQv5fx2BLuEMcPtkyZOcimwKvqhmjOV78DVtjMKBBIkOVWW/h2j37B1KaOsdxZAihsg8GT51p/358UMalk0weGYdLwMv60D/8uqodMb/DsQj7LJzMHsCWJIPJnXpFYli2FtjCDH9nfNZ0MaUnrAoZPzDTIF6O0FrhkmPHjyO9I+9twq6oaYEnZbn3ObA0n6MQBh/9/hFAw/GUCq9/p3+fvQdiXBhEp4LsEor2ta3D8PYK52XeoYZhH55hiTMLEBU1/dqhWoAbCeMw6mpDiFi5LnUJCLQkeuNVw1gvIiPWR2maT+ZTBkBov6hi6R5KQ8YdpyUfV12Dz5w4yd0
cookie: SRCHHPGUSR=SRCHLANG=en&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=2898&DPR=1.0&UTC=0

Response

HTTP/2.0 200

content-length: 0
access-control-allow-origin: *
date: Sat, 04 Jan 2025 05:01:00 GMT
alt-svc: h3=":443"; ma=93600
x-cdn-traceid: 0.d78f655f.1735966860.874d679
GET

https://th.bing.com/th?id=ODLS.3bc1a8a9-5d72-433e-aea7-1fd5fa3fea80&w=32&h=32&qlt=91&pcl=fffffa&o=6&pid=1.2

msedge.exe

Remote address:

95.101.143.219:443

Request

GET /th?id=ODLS.3bc1a8a9-5d72-433e-aea7-1fd5fa3fea80&w=32&h=32&qlt=91&pcl=fffffa&o=6&pid=1.2 HTTP/2.0
host: th.bing.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: MUID=3B406B6AF21B62053DD77E00F377634B
cookie: _EDGE_S=F=1&SID=0E7AE11C3C4A6FE33003F4763D266EE2
cookie: _EDGE_V=1
cookie: USRLOC=HS=1
cookie: _SS=PC=U531&SID=0E7AE11C3C4A6FE33003F4763D266EE2
cookie: SRCHS=PC=U531
cookie: SRCHD=AF=ANAB01
cookie: SRCHUID=V=2&GUID=E38AAEEFBAA84E6BBDE5B51739698DBE&dmnchg=1
cookie: SRCHUSR=DOB=20250104
cookie: ak_bmsc=E4F717C62D6A03B55FE517A8758AAA35~000000000000000000000000000000~YAAQ149lX2nJJiiUAQAA1CGwLxowCFng3+AW5wE/0o+C0HCcGM8ZGE2iL/QiVQv5fx2BLuEMcPtkyZOcimwKvqhmjOV78DVtjMKBBIkOVWW/h2j37B1KaOsdxZAihsg8GT51p/358UMalk0weGYdLwMv60D/8uqodMb/DsQj7LJzMHsCWJIPJnXpFYli2FtjCDH9nfNZ0MaUnrAoZPzDTIF6O0FrhkmPHjyO9I+9twq6oaYEnZbn3ObA0n6MQBh/9/hFAw/GUCq9/p3+fvQdiXBhEp4LsEor2ta3D8PYK52XeoYZhH55hiTMLEBU1/dqhWoAbCeMw6mpDiFi5LnUJCLQkeuNVw1gvIiPWR2maT+ZTBkBov6hi6R5KQ8YdpyUfV12Dz5w4yd0
cookie: SRCHHPGUSR=SRCHLANG=en&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=2898&DPR=1.0&UTC=0

Response

HTTP/2.0 200

content-length: 0
access-control-allow-origin: *
date: Sat, 04 Jan 2025 05:01:00 GMT
alt-svc: h3=":443"; ma=93600
x-cdn-traceid: 0.d78f655f.1735966860.874d67c
GET

https://th.bing.com/th?id=ODLS.3bc1a8a9-5d72-433e-aea7-1fd5fa3fea80&w=32&h=32&qlt=92&pcl=fffffa&o=6&pid=1.2

msedge.exe

Remote address:

95.101.143.219:443

Request

GET /th?id=ODLS.3bc1a8a9-5d72-433e-aea7-1fd5fa3fea80&w=32&h=32&qlt=92&pcl=fffffa&o=6&pid=1.2 HTTP/2.0
host: th.bing.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: MUID=3B406B6AF21B62053DD77E00F377634B
cookie: _EDGE_S=F=1&SID=0E7AE11C3C4A6FE33003F4763D266EE2
cookie: _EDGE_V=1
cookie: USRLOC=HS=1
cookie: _SS=PC=U531&SID=0E7AE11C3C4A6FE33003F4763D266EE2
cookie: SRCHS=PC=U531
cookie: SRCHD=AF=ANAB01
cookie: SRCHUID=V=2&GUID=E38AAEEFBAA84E6BBDE5B51739698DBE&dmnchg=1
cookie: SRCHUSR=DOB=20250104
cookie: ak_bmsc=E4F717C62D6A03B55FE517A8758AAA35~000000000000000000000000000000~YAAQ149lX2nJJiiUAQAA1CGwLxowCFng3+AW5wE/0o+C0HCcGM8ZGE2iL/QiVQv5fx2BLuEMcPtkyZOcimwKvqhmjOV78DVtjMKBBIkOVWW/h2j37B1KaOsdxZAihsg8GT51p/358UMalk0weGYdLwMv60D/8uqodMb/DsQj7LJzMHsCWJIPJnXpFYli2FtjCDH9nfNZ0MaUnrAoZPzDTIF6O0FrhkmPHjyO9I+9twq6oaYEnZbn3ObA0n6MQBh/9/hFAw/GUCq9/p3+fvQdiXBhEp4LsEor2ta3D8PYK52XeoYZhH55hiTMLEBU1/dqhWoAbCeMw6mpDiFi5LnUJCLQkeuNVw1gvIiPWR2maT+ZTBkBov6hi6R5KQ8YdpyUfV12Dz5w4yd0
cookie: SRCHHPGUSR=SRCHLANG=en&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=2898&DPR=1.0&UTC=0

Response

HTTP/2.0 200

content-length: 0
access-control-allow-origin: *
date: Sat, 04 Jan 2025 05:01:00 GMT
alt-svc: h3=":443"; ma=93600
x-cdn-traceid: 0.d78f655f.1735966860.874d67b
GET

https://th.bing.com/th?id=OIP.otud5WEcN-GtUOQ1pG48ZwAAAA&w=80&h=80&c=1&vt=10&bgcl=d9f509&r=0&o=6&pid=5.1

msedge.exe

Remote address:

95.101.143.219:443

Request

GET /th?id=OIP.otud5WEcN-GtUOQ1pG48ZwAAAA&w=80&h=80&c=1&vt=10&bgcl=d9f509&r=0&o=6&pid=5.1 HTTP/2.0
host: th.bing.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: MUID=3B406B6AF21B62053DD77E00F377634B
cookie: _EDGE_S=F=1&SID=0E7AE11C3C4A6FE33003F4763D266EE2
cookie: _EDGE_V=1
cookie: USRLOC=HS=1
cookie: _SS=PC=U531&SID=0E7AE11C3C4A6FE33003F4763D266EE2
cookie: SRCHS=PC=U531
cookie: SRCHD=AF=ANAB01
cookie: SRCHUID=V=2&GUID=E38AAEEFBAA84E6BBDE5B51739698DBE&dmnchg=1
cookie: SRCHUSR=DOB=20250104
cookie: ak_bmsc=E4F717C62D6A03B55FE517A8758AAA35~000000000000000000000000000000~YAAQ149lX2nJJiiUAQAA1CGwLxowCFng3+AW5wE/0o+C0HCcGM8ZGE2iL/QiVQv5fx2BLuEMcPtkyZOcimwKvqhmjOV78DVtjMKBBIkOVWW/h2j37B1KaOsdxZAihsg8GT51p/358UMalk0weGYdLwMv60D/8uqodMb/DsQj7LJzMHsCWJIPJnXpFYli2FtjCDH9nfNZ0MaUnrAoZPzDTIF6O0FrhkmPHjyO9I+9twq6oaYEnZbn3ObA0n6MQBh/9/hFAw/GUCq9/p3+fvQdiXBhEp4LsEor2ta3D8PYK52XeoYZhH55hiTMLEBU1/dqhWoAbCeMw6mpDiFi5LnUJCLQkeuNVw1gvIiPWR2maT+ZTBkBov6hi6R5KQ8YdpyUfV12Dz5w4yd0
cookie: SRCHHPGUSR=SRCHLANG=en&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=2898&DPR=1.0&UTC=0

Response

HTTP/2.0 200

content-type: image/jpeg
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
content-length: 873
cache-control: public, max-age=5183977
date: Sat, 04 Jan 2025 05:01:00 GMT
x-cache: TCP_MISS from a95-101-143-215.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.d78f655f.1735966860.874d687
x-check-cacheable: YES
GET

https://th.bing.com/th?q=Free+Virus+Download&w=34&h=34&c=7&rs=1&qlt=90&p=0&o=5&pid=1.7&mkt=en-GB&cc=GB&setlang=en&adlt=moderate&t=1

msedge.exe

Remote address:

95.101.143.219:443

Request

GET /th?q=Free+Virus+Download&w=34&h=34&c=7&rs=1&qlt=90&p=0&o=5&pid=1.7&mkt=en-GB&cc=GB&setlang=en&adlt=moderate&t=1 HTTP/2.0
host: th.bing.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: MUID=3B406B6AF21B62053DD77E00F377634B
cookie: _EDGE_S=F=1&SID=0E7AE11C3C4A6FE33003F4763D266EE2
cookie: _EDGE_V=1
cookie: USRLOC=HS=1
cookie: _SS=PC=U531&SID=0E7AE11C3C4A6FE33003F4763D266EE2
cookie: SRCHS=PC=U531
cookie: SRCHD=AF=ANAB01
cookie: SRCHUID=V=2&GUID=E38AAEEFBAA84E6BBDE5B51739698DBE&dmnchg=1
cookie: SRCHUSR=DOB=20250104
cookie: ak_bmsc=E4F717C62D6A03B55FE517A8758AAA35~000000000000000000000000000000~YAAQ149lX2nJJiiUAQAA1CGwLxowCFng3+AW5wE/0o+C0HCcGM8ZGE2iL/QiVQv5fx2BLuEMcPtkyZOcimwKvqhmjOV78DVtjMKBBIkOVWW/h2j37B1KaOsdxZAihsg8GT51p/358UMalk0weGYdLwMv60D/8uqodMb/DsQj7LJzMHsCWJIPJnXpFYli2FtjCDH9nfNZ0MaUnrAoZPzDTIF6O0FrhkmPHjyO9I+9twq6oaYEnZbn3ObA0n6MQBh/9/hFAw/GUCq9/p3+fvQdiXBhEp4LsEor2ta3D8PYK52XeoYZhH55hiTMLEBU1/dqhWoAbCeMw6mpDiFi5LnUJCLQkeuNVw1gvIiPWR2maT+ZTBkBov6hi6R5KQ8YdpyUfV12Dz5w4yd0
cookie: SRCHHPGUSR=SRCHLANG=en&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=2898&DPR=1.0&UTC=0

Response

HTTP/2.0 200

content-type: image/jpeg
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
content-length: 1710
cache-control: public, max-age=1209566
date: Sat, 04 Jan 2025 05:01:00 GMT
x-cache: TCP_MISS from a95-101-143-215.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.d78f655f.1735966860.874d686
x-check-cacheable: YES
GET

https://th.bing.com/th?q=Install+Virus&w=34&h=34&c=7&rs=1&qlt=90&p=0&o=5&pid=1.7&mkt=en-GB&cc=GB&setlang=en&adlt=moderate&t=1

msedge.exe

Remote address:

95.101.143.219:443

Request

GET /th?q=Install+Virus&w=34&h=34&c=7&rs=1&qlt=90&p=0&o=5&pid=1.7&mkt=en-GB&cc=GB&setlang=en&adlt=moderate&t=1 HTTP/2.0
host: th.bing.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: MUID=3B406B6AF21B62053DD77E00F377634B
cookie: _EDGE_S=F=1&SID=0E7AE11C3C4A6FE33003F4763D266EE2
cookie: _EDGE_V=1
cookie: _SS=PC=U531&SID=0E7AE11C3C4A6FE33003F4763D266EE2
cookie: SRCHD=AF=ANAB01
cookie: SRCHUID=V=2&GUID=E38AAEEFBAA84E6BBDE5B51739698DBE&dmnchg=1
cookie: SRCHUSR=DOB=20250104
cookie: ak_bmsc=E4F717C62D6A03B55FE517A8758AAA35~000000000000000000000000000000~YAAQ149lX2nJJiiUAQAA1CGwLxowCFng3+AW5wE/0o+C0HCcGM8ZGE2iL/QiVQv5fx2BLuEMcPtkyZOcimwKvqhmjOV78DVtjMKBBIkOVWW/h2j37B1KaOsdxZAihsg8GT51p/358UMalk0weGYdLwMv60D/8uqodMb/DsQj7LJzMHsCWJIPJnXpFYli2FtjCDH9nfNZ0MaUnrAoZPzDTIF6O0FrhkmPHjyO9I+9twq6oaYEnZbn3ObA0n6MQBh/9/hFAw/GUCq9/p3+fvQdiXBhEp4LsEor2ta3D8PYK52XeoYZhH55hiTMLEBU1/dqhWoAbCeMw6mpDiFi5LnUJCLQkeuNVw1gvIiPWR2maT+ZTBkBov6hi6R5KQ8YdpyUfV12Dz5w4yd0
cookie: SRCHHPGUSR=SRCHLANG=en&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=2898&DPR=1.0&UTC=0&PV=10.0
cookie: USRLOC=HS=1&ELOC=LAT=51.519901275634766|LON=-0.10880059748888016|N=London%2C%20Greater%20London|ELT=1|

Response

HTTP/2.0 200

content-type: image/jpeg
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
content-length: 685
cache-control: public, max-age=2180083
date: Sat, 04 Jan 2025 05:01:00 GMT
x-cache: TCP_HIT from a95-101-143-215.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.d78f655f.1735966860.874d6d8
x-check-cacheable: YES
GET

https://th.bing.com/th?q=Downloading+Viruses&w=34&h=34&c=7&rs=1&qlt=90&p=0&o=5&pid=1.7&mkt=en-GB&cc=GB&setlang=en&adlt=moderate&t=1

msedge.exe

Remote address:

95.101.143.219:443

Request

GET /th?q=Downloading+Viruses&w=34&h=34&c=7&rs=1&qlt=90&p=0&o=5&pid=1.7&mkt=en-GB&cc=GB&setlang=en&adlt=moderate&t=1 HTTP/2.0
host: th.bing.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: MUID=3B406B6AF21B62053DD77E00F377634B
cookie: _EDGE_S=F=1&SID=0E7AE11C3C4A6FE33003F4763D266EE2
cookie: _EDGE_V=1
cookie: _SS=PC=U531&SID=0E7AE11C3C4A6FE33003F4763D266EE2
cookie: SRCHD=AF=ANAB01
cookie: SRCHUID=V=2&GUID=E38AAEEFBAA84E6BBDE5B51739698DBE&dmnchg=1
cookie: SRCHUSR=DOB=20250104
cookie: ak_bmsc=E4F717C62D6A03B55FE517A8758AAA35~000000000000000000000000000000~YAAQ149lX2nJJiiUAQAA1CGwLxowCFng3+AW5wE/0o+C0HCcGM8ZGE2iL/QiVQv5fx2BLuEMcPtkyZOcimwKvqhmjOV78DVtjMKBBIkOVWW/h2j37B1KaOsdxZAihsg8GT51p/358UMalk0weGYdLwMv60D/8uqodMb/DsQj7LJzMHsCWJIPJnXpFYli2FtjCDH9nfNZ0MaUnrAoZPzDTIF6O0FrhkmPHjyO9I+9twq6oaYEnZbn3ObA0n6MQBh/9/hFAw/GUCq9/p3+fvQdiXBhEp4LsEor2ta3D8PYK52XeoYZhH55hiTMLEBU1/dqhWoAbCeMw6mpDiFi5LnUJCLQkeuNVw1gvIiPWR2maT+ZTBkBov6hi6R5KQ8YdpyUfV12Dz5w4yd0
cookie: SRCHHPGUSR=SRCHLANG=en&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=2898&DPR=1.0&UTC=0&PV=10.0
cookie: USRLOC=HS=1&ELOC=LAT=51.519901275634766|LON=-0.10880059748888016|N=London%2C%20Greater%20London|ELT=1|

Response

HTTP/2.0 200

content-type: image/png
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
content-length: 616
cache-control: public, max-age=579729
date: Sat, 04 Jan 2025 05:01:00 GMT
x-cache: TCP_MEM_HIT from a95-101-143-215.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.d78f655f.1735966860.874d6d9
x-check-cacheable: YES
GET

https://th.bing.com/th?q=Virus+Download+to+Crash+Computer&w=34&h=34&c=7&rs=1&qlt=90&p=0&o=5&pid=1.7&mkt=en-GB&cc=GB&setlang=en&adlt=moderate&t=1

msedge.exe

Remote address:

95.101.143.219:443

Request

GET /th?q=Virus+Download+to+Crash+Computer&w=34&h=34&c=7&rs=1&qlt=90&p=0&o=5&pid=1.7&mkt=en-GB&cc=GB&setlang=en&adlt=moderate&t=1 HTTP/2.0
host: th.bing.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: MUID=3B406B6AF21B62053DD77E00F377634B
cookie: _EDGE_S=F=1&SID=0E7AE11C3C4A6FE33003F4763D266EE2
cookie: _EDGE_V=1
cookie: _SS=PC=U531&SID=0E7AE11C3C4A6FE33003F4763D266EE2
cookie: SRCHD=AF=ANAB01
cookie: SRCHUID=V=2&GUID=E38AAEEFBAA84E6BBDE5B51739698DBE&dmnchg=1
cookie: SRCHUSR=DOB=20250104
cookie: ak_bmsc=E4F717C62D6A03B55FE517A8758AAA35~000000000000000000000000000000~YAAQ149lX2nJJiiUAQAA1CGwLxowCFng3+AW5wE/0o+C0HCcGM8ZGE2iL/QiVQv5fx2BLuEMcPtkyZOcimwKvqhmjOV78DVtjMKBBIkOVWW/h2j37B1KaOsdxZAihsg8GT51p/358UMalk0weGYdLwMv60D/8uqodMb/DsQj7LJzMHsCWJIPJnXpFYli2FtjCDH9nfNZ0MaUnrAoZPzDTIF6O0FrhkmPHjyO9I+9twq6oaYEnZbn3ObA0n6MQBh/9/hFAw/GUCq9/p3+fvQdiXBhEp4LsEor2ta3D8PYK52XeoYZhH55hiTMLEBU1/dqhWoAbCeMw6mpDiFi5LnUJCLQkeuNVw1gvIiPWR2maT+ZTBkBov6hi6R5KQ8YdpyUfV12Dz5w4yd0
cookie: SRCHHPGUSR=SRCHLANG=en&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=2898&DPR=1.0&UTC=0&PV=10.0
cookie: USRLOC=HS=1&ELOC=LAT=51.519901275634766|LON=-0.10880059748888016|N=London%2C%20Greater%20London|ELT=1|

Response

HTTP/2.0 200

content-type: image/jpeg
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
content-length: 892
cache-control: public, max-age=5184000
date: Sat, 04 Jan 2025 05:01:00 GMT
x-cache: TCP_MISS from a95-101-143-215.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.d78f655f.1735966860.874d6ca
x-check-cacheable: YES
GET

https://th.bing.com/th?q=Download+Virus+exe&w=34&h=34&c=7&rs=1&qlt=90&p=0&o=5&pid=1.7&mkt=en-GB&cc=GB&setlang=en&adlt=moderate&t=1

msedge.exe

Remote address:

95.101.143.219:443

Request

GET /th?q=Download+Virus+exe&w=34&h=34&c=7&rs=1&qlt=90&p=0&o=5&pid=1.7&mkt=en-GB&cc=GB&setlang=en&adlt=moderate&t=1 HTTP/2.0
host: th.bing.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: MUID=3B406B6AF21B62053DD77E00F377634B
cookie: _EDGE_S=F=1&SID=0E7AE11C3C4A6FE33003F4763D266EE2
cookie: _EDGE_V=1
cookie: _SS=PC=U531&SID=0E7AE11C3C4A6FE33003F4763D266EE2
cookie: SRCHD=AF=ANAB01
cookie: SRCHUID=V=2&GUID=E38AAEEFBAA84E6BBDE5B51739698DBE&dmnchg=1
cookie: SRCHUSR=DOB=20250104
cookie: ak_bmsc=E4F717C62D6A03B55FE517A8758AAA35~000000000000000000000000000000~YAAQ149lX2nJJiiUAQAA1CGwLxowCFng3+AW5wE/0o+C0HCcGM8ZGE2iL/QiVQv5fx2BLuEMcPtkyZOcimwKvqhmjOV78DVtjMKBBIkOVWW/h2j37B1KaOsdxZAihsg8GT51p/358UMalk0weGYdLwMv60D/8uqodMb/DsQj7LJzMHsCWJIPJnXpFYli2FtjCDH9nfNZ0MaUnrAoZPzDTIF6O0FrhkmPHjyO9I+9twq6oaYEnZbn3ObA0n6MQBh/9/hFAw/GUCq9/p3+fvQdiXBhEp4LsEor2ta3D8PYK52XeoYZhH55hiTMLEBU1/dqhWoAbCeMw6mpDiFi5LnUJCLQkeuNVw1gvIiPWR2maT+ZTBkBov6hi6R5KQ8YdpyUfV12Dz5w4yd0
cookie: SRCHHPGUSR=SRCHLANG=en&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=2898&DPR=1.0&UTC=0&PV=10.0
cookie: USRLOC=HS=1&ELOC=LAT=51.519901275634766|LON=-0.10880059748888016|N=London%2C%20Greater%20London|ELT=1|

Response

HTTP/2.0 200

content-type: image/jpeg
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
content-length: 1009
cache-control: public, max-age=5184000
date: Sat, 04 Jan 2025 05:01:00 GMT
x-cache: TCP_MISS from a95-101-143-215.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.d78f655f.1735966860.874d6cc
x-check-cacheable: YES
GET

https://th.bing.com/th?id=OADD2.8177802323804_1LGHINVZF4GI3ZBHQO&w=32&h=32&o=6&pid=21.2

msedge.exe

Remote address:

95.101.143.219:443

Request

GET /th?id=OADD2.8177802323804_1LGHINVZF4GI3ZBHQO&w=32&h=32&o=6&pid=21.2 HTTP/2.0
host: th.bing.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: MUID=3B406B6AF21B62053DD77E00F377634B
cookie: _EDGE_S=F=1&SID=0E7AE11C3C4A6FE33003F4763D266EE2
cookie: _EDGE_V=1
cookie: _SS=PC=U531&SID=0E7AE11C3C4A6FE33003F4763D266EE2
cookie: SRCHD=AF=ANAB01
cookie: SRCHUID=V=2&GUID=E38AAEEFBAA84E6BBDE5B51739698DBE&dmnchg=1
cookie: SRCHUSR=DOB=20250104
cookie: ak_bmsc=E4F717C62D6A03B55FE517A8758AAA35~000000000000000000000000000000~YAAQ149lX2nJJiiUAQAA1CGwLxowCFng3+AW5wE/0o+C0HCcGM8ZGE2iL/QiVQv5fx2BLuEMcPtkyZOcimwKvqhmjOV78DVtjMKBBIkOVWW/h2j37B1KaOsdxZAihsg8GT51p/358UMalk0weGYdLwMv60D/8uqodMb/DsQj7LJzMHsCWJIPJnXpFYli2FtjCDH9nfNZ0MaUnrAoZPzDTIF6O0FrhkmPHjyO9I+9twq6oaYEnZbn3ObA0n6MQBh/9/hFAw/GUCq9/p3+fvQdiXBhEp4LsEor2ta3D8PYK52XeoYZhH55hiTMLEBU1/dqhWoAbCeMw6mpDiFi5LnUJCLQkeuNVw1gvIiPWR2maT+ZTBkBov6hi6R5KQ8YdpyUfV12Dz5w4yd0
cookie: SRCHHPGUSR=SRCHLANG=en&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=2898&DPR=1.0&UTC=0&PV=10.0
cookie: USRLOC=HS=1&ELOC=LAT=51.519901275634766|LON=-0.10880059748888016|N=London%2C%20Greater%20London|ELT=1|

Response

HTTP/2.0 200

content-type: image/jpeg
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
content-length: 921
cache-control: public, max-age=5184000
date: Sat, 04 Jan 2025 05:01:00 GMT
x-cache: TCP_MISS from a95-101-143-215.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.d78f655f.1735966860.874d6d4
x-check-cacheable: YES
GET

https://th.bing.com/th?id=ODLS.A2450BEC-5595-40BA-9F13-D9EC6AB74B9F&w=32&h=32&o=6&pid=AdsPlus

msedge.exe

Remote address:

95.101.143.219:443

Request

GET /th?id=ODLS.A2450BEC-5595-40BA-9F13-D9EC6AB74B9F&w=32&h=32&o=6&pid=AdsPlus HTTP/2.0
host: th.bing.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: MUID=3B406B6AF21B62053DD77E00F377634B
cookie: _EDGE_S=F=1&SID=0E7AE11C3C4A6FE33003F4763D266EE2
cookie: _EDGE_V=1
cookie: _SS=PC=U531&SID=0E7AE11C3C4A6FE33003F4763D266EE2
cookie: SRCHD=AF=ANAB01
cookie: SRCHUID=V=2&GUID=E38AAEEFBAA84E6BBDE5B51739698DBE&dmnchg=1
cookie: SRCHUSR=DOB=20250104
cookie: ak_bmsc=E4F717C62D6A03B55FE517A8758AAA35~000000000000000000000000000000~YAAQ149lX2nJJiiUAQAA1CGwLxowCFng3+AW5wE/0o+C0HCcGM8ZGE2iL/QiVQv5fx2BLuEMcPtkyZOcimwKvqhmjOV78DVtjMKBBIkOVWW/h2j37B1KaOsdxZAihsg8GT51p/358UMalk0weGYdLwMv60D/8uqodMb/DsQj7LJzMHsCWJIPJnXpFYli2FtjCDH9nfNZ0MaUnrAoZPzDTIF6O0FrhkmPHjyO9I+9twq6oaYEnZbn3ObA0n6MQBh/9/hFAw/GUCq9/p3+fvQdiXBhEp4LsEor2ta3D8PYK52XeoYZhH55hiTMLEBU1/dqhWoAbCeMw6mpDiFi5LnUJCLQkeuNVw1gvIiPWR2maT+ZTBkBov6hi6R5KQ8YdpyUfV12Dz5w4yd0
cookie: SRCHHPGUSR=SRCHLANG=en&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=2898&DPR=1.0&UTC=0&PV=10.0
cookie: USRLOC=HS=1&ELOC=LAT=51.519901275634766|LON=-0.10880059748888016|N=London%2C%20Greater%20London|ELT=1|

Response

HTTP/2.0 200

content-type: image/jpeg
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
content-length: 1022
cache-control: public, max-age=5184000
date: Sat, 04 Jan 2025 05:01:00 GMT
x-cache: TCP_MISS from a95-101-143-215.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.d78f655f.1735966860.874d6d5
x-check-cacheable: YES
GET

https://www.bing.com/fd/ls/l?IG=68C350558AEC472DBCCE420047970621&CID=3B406B6AF21B62053DD77E00F377634B&TYPE=Event.ClientInst&DATA=%5B%7B%22T%22%3A%22CI.EffectiveLocation%22%2C%22TS%22%3A1735966859885%2C%22Name%22%3A%22WriteEffectiveLocationSuccess%22%2C%22FID%22%3A%22EffectiveLocation%22%7D%5D

msedge.exe

Remote address:

95.101.143.219:443

Request

GET /fd/ls/l?IG=68C350558AEC472DBCCE420047970621&CID=3B406B6AF21B62053DD77E00F377634B&TYPE=Event.ClientInst&DATA=%5B%7B%22T%22%3A%22CI.EffectiveLocation%22%2C%22TS%22%3A1735966859885%2C%22Name%22%3A%22WriteEffectiveLocationSuccess%22%2C%22FID%22%3A%22EffectiveLocation%22%7D%5D HTTP/2.0
host: www.bing.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.bing.com/search?q=virus+download&cvid=64ee3a2dc60c4392b2e0a454ecd64ada&aqs=edge.4.69i57j0l6.4251j0j4&FORM=ANAB01&PC=U531
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: MUID=3B406B6AF21B62053DD77E00F377634B
cookie: _EDGE_S=F=1&SID=0E7AE11C3C4A6FE33003F4763D266EE2
cookie: _EDGE_V=1
cookie: _SS=PC=U531&SID=0E7AE11C3C4A6FE33003F4763D266EE2
cookie: SRCHD=AF=ANAB01
cookie: SRCHUID=V=2&GUID=E38AAEEFBAA84E6BBDE5B51739698DBE&dmnchg=1
cookie: SRCHUSR=DOB=20250104
cookie: ak_bmsc=E4F717C62D6A03B55FE517A8758AAA35~000000000000000000000000000000~YAAQ149lX2nJJiiUAQAA1CGwLxowCFng3+AW5wE/0o+C0HCcGM8ZGE2iL/QiVQv5fx2BLuEMcPtkyZOcimwKvqhmjOV78DVtjMKBBIkOVWW/h2j37B1KaOsdxZAihsg8GT51p/358UMalk0weGYdLwMv60D/8uqodMb/DsQj7LJzMHsCWJIPJnXpFYli2FtjCDH9nfNZ0MaUnrAoZPzDTIF6O0FrhkmPHjyO9I+9twq6oaYEnZbn3ObA0n6MQBh/9/hFAw/GUCq9/p3+fvQdiXBhEp4LsEor2ta3D8PYK52XeoYZhH55hiTMLEBU1/dqhWoAbCeMw6mpDiFi5LnUJCLQkeuNVw1gvIiPWR2maT+ZTBkBov6hi6R5KQ8YdpyUfV12Dz5w4yd0
cookie: MUIDB=3B406B6AF21B62053DD77E00F377634B
cookie: SRCHHPGUSR=SRCHLANG=en&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=2898&DPR=1.0&UTC=0&PV=10.0
cookie: USRLOC=HS=1&ELOC=LAT=51.519901275634766|LON=-0.10880059748888016|N=London%2C%20Greater%20London|ELT=1|

Response

HTTP/2.0 200

content-length: 0
access-control-allow-origin: *
date: Sat, 04 Jan 2025 05:01:00 GMT
alt-svc: h3=":443"; ma=93600
x-cdn-traceid: 0.d78f655f.1735966860.874d6df
GET

https://th.bing.com/th?id=ODLS.c5277814-36b2-4ba7-9571-9f7f6e6a1395&w=32&h=32&o=6&pid=AdsPlus

msedge.exe

Remote address:

95.101.143.219:443

Request

GET /th?id=ODLS.c5277814-36b2-4ba7-9571-9f7f6e6a1395&w=32&h=32&o=6&pid=AdsPlus HTTP/2.0
host: th.bing.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: MUID=3B406B6AF21B62053DD77E00F377634B
cookie: _EDGE_S=F=1&SID=0E7AE11C3C4A6FE33003F4763D266EE2
cookie: _EDGE_V=1
cookie: _SS=PC=U531&SID=0E7AE11C3C4A6FE33003F4763D266EE2
cookie: SRCHD=AF=ANAB01
cookie: SRCHUID=V=2&GUID=E38AAEEFBAA84E6BBDE5B51739698DBE&dmnchg=1
cookie: SRCHUSR=DOB=20250104
cookie: ak_bmsc=E4F717C62D6A03B55FE517A8758AAA35~000000000000000000000000000000~YAAQ149lX2nJJiiUAQAA1CGwLxowCFng3+AW5wE/0o+C0HCcGM8ZGE2iL/QiVQv5fx2BLuEMcPtkyZOcimwKvqhmjOV78DVtjMKBBIkOVWW/h2j37B1KaOsdxZAihsg8GT51p/358UMalk0weGYdLwMv60D/8uqodMb/DsQj7LJzMHsCWJIPJnXpFYli2FtjCDH9nfNZ0MaUnrAoZPzDTIF6O0FrhkmPHjyO9I+9twq6oaYEnZbn3ObA0n6MQBh/9/hFAw/GUCq9/p3+fvQdiXBhEp4LsEor2ta3D8PYK52XeoYZhH55hiTMLEBU1/dqhWoAbCeMw6mpDiFi5LnUJCLQkeuNVw1gvIiPWR2maT+ZTBkBov6hi6R5KQ8YdpyUfV12Dz5w4yd0
cookie: SRCHHPGUSR=SRCHLANG=en&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=2898&DPR=1.0&UTC=0&PV=10.0
cookie: USRLOC=HS=1&ELOC=LAT=51.519901275634766|LON=-0.10880059748888016|N=London%2C%20Greater%20London|ELT=1|

Response

HTTP/2.0 200

content-type: image/png
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
content-length: 935
cache-control: public, max-age=2587004
date: Sat, 04 Jan 2025 05:01:00 GMT
x-cache: TCP_MEM_HIT from a95-101-143-215.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.d78f655f.1735966860.874d74f
x-check-cacheable: YES
GET

https://www.bing.com/fd/ls/l?IG=68C350558AEC472DBCCE420047970621&CID=3B406B6AF21B62053DD77E00F377634B&Type=Event.ClientInst&DATA=[{%22T%22:%22CI.SERPSB%22,%22FID%22:%22CI%22,%22Name%22:%22CharCount%22,%22Text%22:%2214%22}]

msedge.exe

Remote address:

95.101.143.219:443

Request

GET /fd/ls/l?IG=68C350558AEC472DBCCE420047970621&CID=3B406B6AF21B62053DD77E00F377634B&Type=Event.ClientInst&DATA=[{%22T%22:%22CI.SERPSB%22,%22FID%22:%22CI%22,%22Name%22:%22CharCount%22,%22Text%22:%2214%22}] HTTP/2.0
host: www.bing.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.bing.com/search?q=virus+download&cvid=64ee3a2dc60c4392b2e0a454ecd64ada&aqs=edge.4.69i57j0l6.4251j0j4&FORM=ANAB01&PC=U531
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: MUID=3B406B6AF21B62053DD77E00F377634B
cookie: _EDGE_S=F=1&SID=0E7AE11C3C4A6FE33003F4763D266EE2
cookie: _EDGE_V=1
cookie: _SS=PC=U531&SID=0E7AE11C3C4A6FE33003F4763D266EE2
cookie: SRCHD=AF=ANAB01
cookie: SRCHUID=V=2&GUID=E38AAEEFBAA84E6BBDE5B51739698DBE&dmnchg=1
cookie: SRCHUSR=DOB=20250104
cookie: ak_bmsc=E4F717C62D6A03B55FE517A8758AAA35~000000000000000000000000000000~YAAQ149lX2nJJiiUAQAA1CGwLxowCFng3+AW5wE/0o+C0HCcGM8ZGE2iL/QiVQv5fx2BLuEMcPtkyZOcimwKvqhmjOV78DVtjMKBBIkOVWW/h2j37B1KaOsdxZAihsg8GT51p/358UMalk0weGYdLwMv60D/8uqodMb/DsQj7LJzMHsCWJIPJnXpFYli2FtjCDH9nfNZ0MaUnrAoZPzDTIF6O0FrhkmPHjyO9I+9twq6oaYEnZbn3ObA0n6MQBh/9/hFAw/GUCq9/p3+fvQdiXBhEp4LsEor2ta3D8PYK52XeoYZhH55hiTMLEBU1/dqhWoAbCeMw6mpDiFi5LnUJCLQkeuNVw1gvIiPWR2maT+ZTBkBov6hi6R5KQ8YdpyUfV12Dz5w4yd0
cookie: MUIDB=3B406B6AF21B62053DD77E00F377634B
cookie: SRCHHPGUSR=SRCHLANG=en&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=2898&DPR=1.0&UTC=0&PV=10.0
cookie: USRLOC=HS=1&ELOC=LAT=51.519901275634766|LON=-0.10880059748888016|N=London%2C%20Greater%20London|ELT=1|

Response

HTTP/2.0 200

content-length: 0
access-control-allow-origin: *
date: Sat, 04 Jan 2025 05:01:01 GMT
alt-svc: h3=":443"; ma=93600
x-cdn-traceid: 0.d78f655f.1735966861.874d8af
GET

https://www.bing.com/fd/ls/l?IG=68C350558AEC472DBCCE420047970621&CID=3B406B6AF21B62053DD77E00F377634B&Type=Event.ClientInst&DATA=[{%22T%22:%22CI.SERPSB%22,%22FID%22:%22CI%22,%22Name%22:%22LandingRows%22,%22Text%22:%221%22}]

msedge.exe

Remote address:

95.101.143.219:443

Request

GET /fd/ls/l?IG=68C350558AEC472DBCCE420047970621&CID=3B406B6AF21B62053DD77E00F377634B&Type=Event.ClientInst&DATA=[{%22T%22:%22CI.SERPSB%22,%22FID%22:%22CI%22,%22Name%22:%22LandingRows%22,%22Text%22:%221%22}] HTTP/2.0
host: www.bing.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.bing.com/search?q=virus+download&cvid=64ee3a2dc60c4392b2e0a454ecd64ada&aqs=edge.4.69i57j0l6.4251j0j4&FORM=ANAB01&PC=U531
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: MUID=3B406B6AF21B62053DD77E00F377634B
cookie: _EDGE_S=F=1&SID=0E7AE11C3C4A6FE33003F4763D266EE2
cookie: _EDGE_V=1
cookie: _SS=PC=U531&SID=0E7AE11C3C4A6FE33003F4763D266EE2
cookie: SRCHD=AF=ANAB01
cookie: SRCHUID=V=2&GUID=E38AAEEFBAA84E6BBDE5B51739698DBE&dmnchg=1
cookie: SRCHUSR=DOB=20250104
cookie: ak_bmsc=E4F717C62D6A03B55FE517A8758AAA35~000000000000000000000000000000~YAAQ149lX2nJJiiUAQAA1CGwLxowCFng3+AW5wE/0o+C0HCcGM8ZGE2iL/QiVQv5fx2BLuEMcPtkyZOcimwKvqhmjOV78DVtjMKBBIkOVWW/h2j37B1KaOsdxZAihsg8GT51p/358UMalk0weGYdLwMv60D/8uqodMb/DsQj7LJzMHsCWJIPJnXpFYli2FtjCDH9nfNZ0MaUnrAoZPzDTIF6O0FrhkmPHjyO9I+9twq6oaYEnZbn3ObA0n6MQBh/9/hFAw/GUCq9/p3+fvQdiXBhEp4LsEor2ta3D8PYK52XeoYZhH55hiTMLEBU1/dqhWoAbCeMw6mpDiFi5LnUJCLQkeuNVw1gvIiPWR2maT+ZTBkBov6hi6R5KQ8YdpyUfV12Dz5w4yd0
cookie: MUIDB=3B406B6AF21B62053DD77E00F377634B
cookie: SRCHHPGUSR=SRCHLANG=en&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=2898&DPR=1.0&UTC=0&PV=10.0
cookie: USRLOC=HS=1&ELOC=LAT=51.519901275634766|LON=-0.10880059748888016|N=London%2C%20Greater%20London|ELT=1|

Response

HTTP/2.0 200

content-length: 0
access-control-allow-origin: *
date: Sat, 04 Jan 2025 05:01:01 GMT
alt-svc: h3=":443"; ma=93600
x-cdn-traceid: 0.d78f655f.1735966861.874d8b0
GET

https://www.bing.com/images/sbi?mmasync=1&ig=68C350558AEC472DBCCE420047970621&iid=.5101&ptn=Web&ep=0&iconpl=1

msedge.exe

Remote address:

95.101.143.219:443

Request

GET /images/sbi?mmasync=1&ig=68C350558AEC472DBCCE420047970621&iid=.5101&ptn=Web&ep=0&iconpl=1 HTTP/2.0
host: www.bing.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.bing.com/search?q=virus+download&cvid=64ee3a2dc60c4392b2e0a454ecd64ada&aqs=edge.4.69i57j0l6.4251j0j4&FORM=ANAB01&PC=U531
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: MUID=3B406B6AF21B62053DD77E00F377634B
cookie: _EDGE_S=F=1&SID=0E7AE11C3C4A6FE33003F4763D266EE2
cookie: _EDGE_V=1
cookie: _SS=PC=U531&SID=0E7AE11C3C4A6FE33003F4763D266EE2
cookie: SRCHD=AF=ANAB01
cookie: SRCHUID=V=2&GUID=E38AAEEFBAA84E6BBDE5B51739698DBE&dmnchg=1
cookie: SRCHUSR=DOB=20250104
cookie: ak_bmsc=E4F717C62D6A03B55FE517A8758AAA35~000000000000000000000000000000~YAAQ149lX2nJJiiUAQAA1CGwLxowCFng3+AW5wE/0o+C0HCcGM8ZGE2iL/QiVQv5fx2BLuEMcPtkyZOcimwKvqhmjOV78DVtjMKBBIkOVWW/h2j37B1KaOsdxZAihsg8GT51p/358UMalk0weGYdLwMv60D/8uqodMb/DsQj7LJzMHsCWJIPJnXpFYli2FtjCDH9nfNZ0MaUnrAoZPzDTIF6O0FrhkmPHjyO9I+9twq6oaYEnZbn3ObA0n6MQBh/9/hFAw/GUCq9/p3+fvQdiXBhEp4LsEor2ta3D8PYK52XeoYZhH55hiTMLEBU1/dqhWoAbCeMw6mpDiFi5LnUJCLQkeuNVw1gvIiPWR2maT+ZTBkBov6hi6R5KQ8YdpyUfV12Dz5w4yd0
cookie: MUIDB=3B406B6AF21B62053DD77E00F377634B
cookie: SRCHHPGUSR=SRCHLANG=en&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=2898&DPR=1.0&UTC=0&PV=10.0
cookie: USRLOC=HS=1&ELOC=LAT=51.519901275634766|LON=-0.10880059748888016|N=London%2C%20Greater%20London|ELT=1|

Response

HTTP/2.0 200

content-length: 16043
content-type: text/html; charset=utf-8
cache-control: private
content-encoding: br
vary: Accept-Encoding
x-eventid: 6778c08d378e4accbf5659550af52ed1
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, ECT, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
useragentreductionoptout: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
content-security-policy: script-src https: 'strict-dynamic' 'report-sample' 'wasm-unsafe-eval' 'nonce-seydMmZn1QPEOu2WRDyIBd4quxUmdL43EetMmd4JReM='; base-uri 'self';report-to csp-endpoint
report-to: {"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
p3p: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
date: Sat, 04 Jan 2025 05:01:01 GMT
set-cookie: SRCHHPGUSR=SRCHLANG=en&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=2898&DPR=1.0&UTC=0&PV=10.0; domain=.bing.com; expires=Thu, 29-Jan-2026 05:01:01 GMT; path=/; secure; SameSite=None
alt-svc: h3=":443"; ma=93600
x-cdn-traceid: 0.d78f655f.1735966861.874d8e0
GET

https://www.bing.com/fd/ls/l?IG=68C350558AEC472DBCCE420047970621&CID=3B406B6AF21B62053DD77E00F377634B&TYPE=Event.ClientInst&DATA=%5B%7B%22Namespace%22%3A%22SearchHarder%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1735966860103%2C%22Name%22%3A%22ButtonVisible%22%2C%22FID%22%3A%22SearchHarderEntryPoint%22%7D%2C%7B%22T%22%3A%22CI.ClientInst%22%2C%22TS%22%3A1735966860374%2C%22Name%22%3A%22OrgId%22%2C%22FID%22%3A%22NoSignInAttempt%22%7D%2C%7B%22Time%22%3A1428%2C%22time%22%3A1432%2C%22T%22%3A%22CI.Latency%22%2C%22TS%22%3A1735966860388%2C%22Name%22%3A%22Loaded%22%2C%22FID%22%3A%22HP%22%7D%5D

msedge.exe

Remote address:

95.101.143.219:443

Request

GET /fd/ls/l?IG=68C350558AEC472DBCCE420047970621&CID=3B406B6AF21B62053DD77E00F377634B&TYPE=Event.ClientInst&DATA=%5B%7B%22Namespace%22%3A%22SearchHarder%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1735966860103%2C%22Name%22%3A%22ButtonVisible%22%2C%22FID%22%3A%22SearchHarderEntryPoint%22%7D%2C%7B%22T%22%3A%22CI.ClientInst%22%2C%22TS%22%3A1735966860374%2C%22Name%22%3A%22OrgId%22%2C%22FID%22%3A%22NoSignInAttempt%22%7D%2C%7B%22Time%22%3A1428%2C%22time%22%3A1432%2C%22T%22%3A%22CI.Latency%22%2C%22TS%22%3A1735966860388%2C%22Name%22%3A%22Loaded%22%2C%22FID%22%3A%22HP%22%7D%5D HTTP/2.0
host: www.bing.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.bing.com/search?q=virus+download&cvid=64ee3a2dc60c4392b2e0a454ecd64ada&aqs=edge.4.69i57j0l6.4251j0j4&FORM=ANAB01&PC=U531
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: MUID=3B406B6AF21B62053DD77E00F377634B
cookie: _EDGE_S=F=1&SID=0E7AE11C3C4A6FE33003F4763D266EE2
cookie: _EDGE_V=1
cookie: _SS=PC=U531&SID=0E7AE11C3C4A6FE33003F4763D266EE2
cookie: SRCHD=AF=ANAB01
cookie: SRCHUID=V=2&GUID=E38AAEEFBAA84E6BBDE5B51739698DBE&dmnchg=1
cookie: ak_bmsc=E4F717C62D6A03B55FE517A8758AAA35~000000000000000000000000000000~YAAQ149lX2nJJiiUAQAA1CGwLxowCFng3+AW5wE/0o+C0HCcGM8ZGE2iL/QiVQv5fx2BLuEMcPtkyZOcimwKvqhmjOV78DVtjMKBBIkOVWW/h2j37B1KaOsdxZAihsg8GT51p/358UMalk0weGYdLwMv60D/8uqodMb/DsQj7LJzMHsCWJIPJnXpFYli2FtjCDH9nfNZ0MaUnrAoZPzDTIF6O0FrhkmPHjyO9I+9twq6oaYEnZbn3ObA0n6MQBh/9/hFAw/GUCq9/p3+fvQdiXBhEp4LsEor2ta3D8PYK52XeoYZhH55hiTMLEBU1/dqhWoAbCeMw6mpDiFi5LnUJCLQkeuNVw1gvIiPWR2maT+ZTBkBov6hi6R5KQ8YdpyUfV12Dz5w4yd0
cookie: MUIDB=3B406B6AF21B62053DD77E00F377634B
cookie: SRCHHPGUSR=SRCHLANG=en&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=2898&DPR=1.0&UTC=0&PV=10.0
cookie: USRLOC=HS=1&ELOC=LAT=51.519901275634766|LON=-0.10880059748888016|N=London%2C%20Greater%20London|ELT=1|
cookie: SRCHUSR=DOB=20250104&T=1735966859000

Response

HTTP/2.0 200

content-length: 0
access-control-allow-origin: *
date: Sat, 04 Jan 2025 05:01:01 GMT
alt-svc: h3=":443"; ma=93600
x-cdn-traceid: 0.d78f655f.1735966861.874d963
GET

https://www.bing.com/fd/ls/l?IG=68C350558AEC472DBCCE420047970621&CID=3B406B6AF21B62053DD77E00F377634B&TYPE=Event.ClientInst&DATA=%5B%7B%22comp%22%3A%22loaded%22%2C%22time%22%3A1441%2C%22T%22%3A%22CI.Data%22%2C%22TS%22%3A1735966860389%2C%22Name%22%3A%22speech%22%2C%22FID%22%3A%22HP%22%7D%5D

msedge.exe

Remote address:

95.101.143.219:443

Request

GET /fd/ls/l?IG=68C350558AEC472DBCCE420047970621&CID=3B406B6AF21B62053DD77E00F377634B&TYPE=Event.ClientInst&DATA=%5B%7B%22comp%22%3A%22loaded%22%2C%22time%22%3A1441%2C%22T%22%3A%22CI.Data%22%2C%22TS%22%3A1735966860389%2C%22Name%22%3A%22speech%22%2C%22FID%22%3A%22HP%22%7D%5D HTTP/2.0
host: www.bing.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.bing.com/search?q=virus+download&cvid=64ee3a2dc60c4392b2e0a454ecd64ada&aqs=edge.4.69i57j0l6.4251j0j4&FORM=ANAB01&PC=U531
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: MUID=3B406B6AF21B62053DD77E00F377634B
cookie: _EDGE_S=F=1&SID=0E7AE11C3C4A6FE33003F4763D266EE2
cookie: _EDGE_V=1
cookie: _SS=PC=U531&SID=0E7AE11C3C4A6FE33003F4763D266EE2
cookie: SRCHD=AF=ANAB01
cookie: SRCHUID=V=2&GUID=E38AAEEFBAA84E6BBDE5B51739698DBE&dmnchg=1
cookie: ak_bmsc=E4F717C62D6A03B55FE517A8758AAA35~000000000000000000000000000000~YAAQ149lX2nJJiiUAQAA1CGwLxowCFng3+AW5wE/0o+C0HCcGM8ZGE2iL/QiVQv5fx2BLuEMcPtkyZOcimwKvqhmjOV78DVtjMKBBIkOVWW/h2j37B1KaOsdxZAihsg8GT51p/358UMalk0weGYdLwMv60D/8uqodMb/DsQj7LJzMHsCWJIPJnXpFYli2FtjCDH9nfNZ0MaUnrAoZPzDTIF6O0FrhkmPHjyO9I+9twq6oaYEnZbn3ObA0n6MQBh/9/hFAw/GUCq9/p3+fvQdiXBhEp4LsEor2ta3D8PYK52XeoYZhH55hiTMLEBU1/dqhWoAbCeMw6mpDiFi5LnUJCLQkeuNVw1gvIiPWR2maT+ZTBkBov6hi6R5KQ8YdpyUfV12Dz5w4yd0
cookie: MUIDB=3B406B6AF21B62053DD77E00F377634B
cookie: SRCHHPGUSR=SRCHLANG=en&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=2898&DPR=1.0&UTC=0&PV=10.0
cookie: USRLOC=HS=1&ELOC=LAT=51.519901275634766|LON=-0.10880059748888016|N=London%2C%20Greater%20London|ELT=1|
cookie: SRCHUSR=DOB=20250104&T=1735966859000

Response

HTTP/2.0 200

content-length: 0
access-control-allow-origin: *
date: Sat, 04 Jan 2025 05:01:01 GMT
alt-svc: h3=":443"; ma=93600
x-cdn-traceid: 0.d78f655f.1735966861.874d962
GET

https://www.bing.com/fd/ls/l?IG=68C350558AEC472DBCCE420047970621&CID=3B406B6AF21B62053DD77E00F377634B&TYPE=Event.ClientInst&DATA=%5B%7B%22micComponent%22%3A%22rendered%22%2C%22time%22%3A1442%2C%22T%22%3A%22CI.Data%22%2C%22TS%22%3A1735966860390%2C%22Name%22%3A%22speech%22%2C%22FID%22%3A%22HP%22%7D%5D

msedge.exe

Remote address:

95.101.143.219:443

Request

GET /fd/ls/l?IG=68C350558AEC472DBCCE420047970621&CID=3B406B6AF21B62053DD77E00F377634B&TYPE=Event.ClientInst&DATA=%5B%7B%22micComponent%22%3A%22rendered%22%2C%22time%22%3A1442%2C%22T%22%3A%22CI.Data%22%2C%22TS%22%3A1735966860390%2C%22Name%22%3A%22speech%22%2C%22FID%22%3A%22HP%22%7D%5D HTTP/2.0
host: www.bing.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.bing.com/search?q=virus+download&cvid=64ee3a2dc60c4392b2e0a454ecd64ada&aqs=edge.4.69i57j0l6.4251j0j4&FORM=ANAB01&PC=U531
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: MUID=3B406B6AF21B62053DD77E00F377634B
cookie: _EDGE_S=F=1&SID=0E7AE11C3C4A6FE33003F4763D266EE2
cookie: _EDGE_V=1
cookie: _SS=PC=U531&SID=0E7AE11C3C4A6FE33003F4763D266EE2
cookie: SRCHD=AF=ANAB01
cookie: SRCHUID=V=2&GUID=E38AAEEFBAA84E6BBDE5B51739698DBE&dmnchg=1
cookie: ak_bmsc=E4F717C62D6A03B55FE517A8758AAA35~000000000000000000000000000000~YAAQ149lX2nJJiiUAQAA1CGwLxowCFng3+AW5wE/0o+C0HCcGM8ZGE2iL/QiVQv5fx2BLuEMcPtkyZOcimwKvqhmjOV78DVtjMKBBIkOVWW/h2j37B1KaOsdxZAihsg8GT51p/358UMalk0weGYdLwMv60D/8uqodMb/DsQj7LJzMHsCWJIPJnXpFYli2FtjCDH9nfNZ0MaUnrAoZPzDTIF6O0FrhkmPHjyO9I+9twq6oaYEnZbn3ObA0n6MQBh/9/hFAw/GUCq9/p3+fvQdiXBhEp4LsEor2ta3D8PYK52XeoYZhH55hiTMLEBU1/dqhWoAbCeMw6mpDiFi5LnUJCLQkeuNVw1gvIiPWR2maT+ZTBkBov6hi6R5KQ8YdpyUfV12Dz5w4yd0
cookie: MUIDB=3B406B6AF21B62053DD77E00F377634B
cookie: SRCHHPGUSR=SRCHLANG=en&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=2898&DPR=1.0&UTC=0&PV=10.0
cookie: USRLOC=HS=1&ELOC=LAT=51.519901275634766|LON=-0.10880059748888016|N=London%2C%20Greater%20London|ELT=1|
cookie: SRCHUSR=DOB=20250104&T=1735966859000

Response

HTTP/2.0 200

content-length: 0
access-control-allow-origin: *
date: Sat, 04 Jan 2025 05:01:01 GMT
alt-svc: h3=":443"; ma=93600
x-cdn-traceid: 0.d78f655f.1735966861.874d96b
POST

https://www.bing.com/rewardsapp/ncheader?ver=52505552&IID=SERP.5056&IG=68C350558AEC472DBCCE420047970621

msedge.exe

Remote address:

95.101.143.219:443

Request

POST /rewardsapp/ncheader?ver=52505552&IID=SERP.5056&IG=68C350558AEC472DBCCE420047970621 HTTP/2.0
host: www.bing.com
content-length: 4
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
content-type: application/x-www-form-urlencoded
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
accept: */*
origin: https://www.bing.com
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.bing.com/search?q=virus+download&cvid=64ee3a2dc60c4392b2e0a454ecd64ada&aqs=edge.4.69i57j0l6.4251j0j4&FORM=ANAB01&PC=U531
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: MUID=3B406B6AF21B62053DD77E00F377634B
cookie: _EDGE_S=F=1&SID=0E7AE11C3C4A6FE33003F4763D266EE2
cookie: _EDGE_V=1
cookie: _SS=PC=U531&SID=0E7AE11C3C4A6FE33003F4763D266EE2
cookie: SRCHD=AF=ANAB01
cookie: SRCHUID=V=2&GUID=E38AAEEFBAA84E6BBDE5B51739698DBE&dmnchg=1
cookie: ak_bmsc=E4F717C62D6A03B55FE517A8758AAA35~000000000000000000000000000000~YAAQ149lX2nJJiiUAQAA1CGwLxowCFng3+AW5wE/0o+C0HCcGM8ZGE2iL/QiVQv5fx2BLuEMcPtkyZOcimwKvqhmjOV78DVtjMKBBIkOVWW/h2j37B1KaOsdxZAihsg8GT51p/358UMalk0weGYdLwMv60D/8uqodMb/DsQj7LJzMHsCWJIPJnXpFYli2FtjCDH9nfNZ0MaUnrAoZPzDTIF6O0FrhkmPHjyO9I+9twq6oaYEnZbn3ObA0n6MQBh/9/hFAw/GUCq9/p3+fvQdiXBhEp4LsEor2ta3D8PYK52XeoYZhH55hiTMLEBU1/dqhWoAbCeMw6mpDiFi5LnUJCLQkeuNVw1gvIiPWR2maT+ZTBkBov6hi6R5KQ8YdpyUfV12Dz5w4yd0
cookie: MUIDB=3B406B6AF21B62053DD77E00F377634B
cookie: SRCHHPGUSR=SRCHLANG=en&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=2898&DPR=1.0&UTC=0&PV=10.0
cookie: USRLOC=HS=1&ELOC=LAT=51.519901275634766|LON=-0.10880059748888016|N=London%2C%20Greater%20London|ELT=1|
cookie: SRCHUSR=DOB=20250104&T=1735966859000

Response

HTTP/2.0 200

last-modified: Tue, 24 Sep 2024 06:46:34 GMT
etag: 0x8DCDC64A18F365B
content-length: 671
content-type: image/svg+xml
content-md5: 2e0aQjQvN2lVcUGQcPjoGA==
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 08fd2788-101e-0005-299e-161eef000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cache-control: public, no-transform, max-age=144389
expires: Sun, 05 Jan 2025 21:07:30 GMT
date: Sat, 04 Jan 2025 05:01:01 GMT
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.d78f655f.1735966861.874d990
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/fdVZU4ttbw8NDRm6H3I5BW3_vCo.svg

msedge.exe

Remote address:

95.101.143.219:443

Request

GET /rp/fdVZU4ttbw8NDRm6H3I5BW3_vCo.svg HTTP/2.0
host: r.bing.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: MUID=3B406B6AF21B62053DD77E00F377634B
cookie: _EDGE_S=F=1&SID=0E7AE11C3C4A6FE33003F4763D266EE2
cookie: _EDGE_V=1
cookie: _SS=PC=U531&SID=0E7AE11C3C4A6FE33003F4763D266EE2
cookie: SRCHD=AF=ANAB01
cookie: SRCHUID=V=2&GUID=E38AAEEFBAA84E6BBDE5B51739698DBE&dmnchg=1
cookie: ak_bmsc=E4F717C62D6A03B55FE517A8758AAA35~000000000000000000000000000000~YAAQ149lX2nJJiiUAQAA1CGwLxowCFng3+AW5wE/0o+C0HCcGM8ZGE2iL/QiVQv5fx2BLuEMcPtkyZOcimwKvqhmjOV78DVtjMKBBIkOVWW/h2j37B1KaOsdxZAihsg8GT51p/358UMalk0weGYdLwMv60D/8uqodMb/DsQj7LJzMHsCWJIPJnXpFYli2FtjCDH9nfNZ0MaUnrAoZPzDTIF6O0FrhkmPHjyO9I+9twq6oaYEnZbn3ObA0n6MQBh/9/hFAw/GUCq9/p3+fvQdiXBhEp4LsEor2ta3D8PYK52XeoYZhH55hiTMLEBU1/dqhWoAbCeMw6mpDiFi5LnUJCLQkeuNVw1gvIiPWR2maT+ZTBkBov6hi6R5KQ8YdpyUfV12Dz5w4yd0
cookie: USRLOC=HS=1&ELOC=LAT=51.519901275634766|LON=-0.10880059748888016|N=London%2C%20Greater%20London|ELT=1|
cookie: SRCHHPGUSR=SRCHLANG=en&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=2898&DPR=1.0&UTC=0&PV=10.0
cookie: SRCHUSR=DOB=20250104&T=1735966859000

Response

HTTP/2.0 200

content-length: 1101
content-type: image/svg+xml
content-md5: kc0Rz8ymXPrOlhUyaNcfYw==
last-modified: Fri, 12 Aug 2022 20:45:00 GMT
etag: 0x8DA7CA3867FC831
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: adc41e54-901e-0086-2e09-15d69f000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
akamai-grn: 0.097b1060.1686747743.2aab8902
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
akamai-grn: 0.097b1060.1686747764.2aac12e8
akamai-grn: 0.2a7b1060.1687568922.2d70b24a
akamai-grn: 0.3d7b1060.1689052474.2206a8cd
akamai-grn: 0.21aedd58.1689771282.bd10a3b
cache-control: public, no-transform, max-age=7757881
expires: Thu, 03 Apr 2025 23:59:02 GMT
date: Sat, 04 Jan 2025 05:01:01 GMT
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.d78f655f.1735966861.874d993
timing-allow-origin: *
GET

https://r.bing.com/rp/4L4QdyjTv0HYE2Ig2ol9eYoqxg8.svg

msedge.exe

Remote address:

95.101.143.219:443

Request

GET /rp/4L4QdyjTv0HYE2Ig2ol9eYoqxg8.svg HTTP/2.0
host: r.bing.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: MUID=3B406B6AF21B62053DD77E00F377634B
cookie: _EDGE_S=F=1&SID=0E7AE11C3C4A6FE33003F4763D266EE2
cookie: _EDGE_V=1
cookie: _SS=PC=U531&SID=0E7AE11C3C4A6FE33003F4763D266EE2
cookie: SRCHD=AF=ANAB01
cookie: SRCHUID=V=2&GUID=E38AAEEFBAA84E6BBDE5B51739698DBE&dmnchg=1
cookie: ak_bmsc=E4F717C62D6A03B55FE517A8758AAA35~000000000000000000000000000000~YAAQ149lX2nJJiiUAQAA1CGwLxowCFng3+AW5wE/0o+C0HCcGM8ZGE2iL/QiVQv5fx2BLuEMcPtkyZOcimwKvqhmjOV78DVtjMKBBIkOVWW/h2j37B1KaOsdxZAihsg8GT51p/358UMalk0weGYdLwMv60D/8uqodMb/DsQj7LJzMHsCWJIPJnXpFYli2FtjCDH9nfNZ0MaUnrAoZPzDTIF6O0FrhkmPHjyO9I+9twq6oaYEnZbn3ObA0n6MQBh/9/hFAw/GUCq9/p3+fvQdiXBhEp4LsEor2ta3D8PYK52XeoYZhH55hiTMLEBU1/dqhWoAbCeMw6mpDiFi5LnUJCLQkeuNVw1gvIiPWR2maT+ZTBkBov6hi6R5KQ8YdpyUfV12Dz5w4yd0
cookie: USRLOC=HS=1&ELOC=LAT=51.519901275634766|LON=-0.10880059748888016|N=London%2C%20Greater%20London|ELT=1|
cookie: SRCHHPGUSR=SRCHLANG=en&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=2898&DPR=1.0&UTC=0&PV=10.0
cookie: SRCHUSR=DOB=20250104&T=1735966859000

Response

HTTP/2.0 200

last-modified: Tue, 24 Sep 2024 06:05:25 GMT
etag: 0x8DCDC5EE1BFCC0A
content-length: 282
content-type: image/svg+xml
content-md5: 44eVtjQVTsH/Qca82lTuUg==
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: e9a57e31-701e-001e-2a97-15307d000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cache-control: public, no-transform, max-age=43755
expires: Sat, 04 Jan 2025 17:10:16 GMT
date: Sat, 04 Jan 2025 05:01:01 GMT
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.d78f655f.1735966861.874d994
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/Fsa_OI0AplCnVoXGca8ALOo0S0s.svg

msedge.exe

Remote address:

95.101.143.219:443

Request

GET /rp/Fsa_OI0AplCnVoXGca8ALOo0S0s.svg HTTP/2.0
host: r.bing.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: MUID=3B406B6AF21B62053DD77E00F377634B
cookie: _EDGE_S=F=1&SID=0E7AE11C3C4A6FE33003F4763D266EE2
cookie: _EDGE_V=1
cookie: _SS=PC=U531&SID=0E7AE11C3C4A6FE33003F4763D266EE2
cookie: SRCHD=AF=ANAB01
cookie: SRCHUID=V=2&GUID=E38AAEEFBAA84E6BBDE5B51739698DBE&dmnchg=1
cookie: ak_bmsc=E4F717C62D6A03B55FE517A8758AAA35~000000000000000000000000000000~YAAQ149lX2nJJiiUAQAA1CGwLxowCFng3+AW5wE/0o+C0HCcGM8ZGE2iL/QiVQv5fx2BLuEMcPtkyZOcimwKvqhmjOV78DVtjMKBBIkOVWW/h2j37B1KaOsdxZAihsg8GT51p/358UMalk0weGYdLwMv60D/8uqodMb/DsQj7LJzMHsCWJIPJnXpFYli2FtjCDH9nfNZ0MaUnrAoZPzDTIF6O0FrhkmPHjyO9I+9twq6oaYEnZbn3ObA0n6MQBh/9/hFAw/GUCq9/p3+fvQdiXBhEp4LsEor2ta3D8PYK52XeoYZhH55hiTMLEBU1/dqhWoAbCeMw6mpDiFi5LnUJCLQkeuNVw1gvIiPWR2maT+ZTBkBov6hi6R5KQ8YdpyUfV12Dz5w4yd0
cookie: USRLOC=HS=1&ELOC=LAT=51.519901275634766|LON=-0.10880059748888016|N=London%2C%20Greater%20London|ELT=1|
cookie: SRCHHPGUSR=SRCHLANG=en&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=2898&DPR=1.0&UTC=0&PV=10.0
cookie: SRCHUSR=DOB=20250104&T=1735966859000

Response

HTTP/2.0 200

content-length: 964
content-type: image/svg+xml
content-md5: iOPtPdfu4TP3P/udNrBLbw==
last-modified: Mon, 15 Aug 2022 20:49:31 GMT
etag: 0x8DA7EFFA703EB5F
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: b8d4fb37-c01e-008b-0cf0-081e4b000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
akamai-grn: 0.0a7b1060.1686747743.231c1613
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
akamai-grn: 0.157b1060.1686747764.1d5c2bc1
akamai-grn: 0.1b7b1060.1687776384.1457d6ce
cache-control: public, no-transform, max-age=12010160
expires: Fri, 23 May 2025 05:10:21 GMT
date: Sat, 04 Jan 2025 05:01:01 GMT
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.d78f655f.1735966861.874d996
timing-allow-origin: *
GET

https://r.bing.com/rp/UYtUYDcn1oZlFG-YfBPz59zejYI.svg

msedge.exe

Remote address:

95.101.143.219:443

Request

GET /rp/UYtUYDcn1oZlFG-YfBPz59zejYI.svg HTTP/2.0
host: r.bing.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: MUID=3B406B6AF21B62053DD77E00F377634B
cookie: _EDGE_S=F=1&SID=0E7AE11C3C4A6FE33003F4763D266EE2
cookie: _EDGE_V=1
cookie: _SS=PC=U531&SID=0E7AE11C3C4A6FE33003F4763D266EE2
cookie: SRCHD=AF=ANAB01
cookie: SRCHUID=V=2&GUID=E38AAEEFBAA84E6BBDE5B51739698DBE&dmnchg=1
cookie: ak_bmsc=E4F717C62D6A03B55FE517A8758AAA35~000000000000000000000000000000~YAAQ149lX2nJJiiUAQAA1CGwLxowCFng3+AW5wE/0o+C0HCcGM8ZGE2iL/QiVQv5fx2BLuEMcPtkyZOcimwKvqhmjOV78DVtjMKBBIkOVWW/h2j37B1KaOsdxZAihsg8GT51p/358UMalk0weGYdLwMv60D/8uqodMb/DsQj7LJzMHsCWJIPJnXpFYli2FtjCDH9nfNZ0MaUnrAoZPzDTIF6O0FrhkmPHjyO9I+9twq6oaYEnZbn3ObA0n6MQBh/9/hFAw/GUCq9/p3+fvQdiXBhEp4LsEor2ta3D8PYK52XeoYZhH55hiTMLEBU1/dqhWoAbCeMw6mpDiFi5LnUJCLQkeuNVw1gvIiPWR2maT+ZTBkBov6hi6R5KQ8YdpyUfV12Dz5w4yd0
cookie: USRLOC=HS=1&ELOC=LAT=51.519901275634766|LON=-0.10880059748888016|N=London%2C%20Greater%20London|ELT=1|
cookie: SRCHHPGUSR=SRCHLANG=en&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=2898&DPR=1.0&UTC=0&PV=10.0
cookie: SRCHUSR=DOB=20250104&T=1735966859000

Response

HTTP/2.0 200

last-modified: Tue, 24 Sep 2024 06:54:00 GMT
etag: 0x8DCDC65AB4005D8
content-length: 1391
content-type: image/svg+xml
content-md5: YgWAZX6KRbSnuEULjaXNMg==
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 5749eeb9-001e-001a-67d2-15c5ff000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cache-control: public, no-transform, max-age=330512
expires: Wed, 08 Jan 2025 00:49:33 GMT
date: Sat, 04 Jan 2025 05:01:01 GMT
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.d78f655f.1735966861.874d997
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/kiGH9ukZK6Q4hvtDtwwVc1yvueg.svg

msedge.exe

Remote address:

95.101.143.219:443

Request

GET /rp/kiGH9ukZK6Q4hvtDtwwVc1yvueg.svg HTTP/2.0
host: r.bing.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: MUID=3B406B6AF21B62053DD77E00F377634B
cookie: _EDGE_S=F=1&SID=0E7AE11C3C4A6FE33003F4763D266EE2
cookie: _EDGE_V=1
cookie: _SS=PC=U531&SID=0E7AE11C3C4A6FE33003F4763D266EE2
cookie: SRCHD=AF=ANAB01
cookie: SRCHUID=V=2&GUID=E38AAEEFBAA84E6BBDE5B51739698DBE&dmnchg=1
cookie: ak_bmsc=E4F717C62D6A03B55FE517A8758AAA35~000000000000000000000000000000~YAAQ149lX2nJJiiUAQAA1CGwLxowCFng3+AW5wE/0o+C0HCcGM8ZGE2iL/QiVQv5fx2BLuEMcPtkyZOcimwKvqhmjOV78DVtjMKBBIkOVWW/h2j37B1KaOsdxZAihsg8GT51p/358UMalk0weGYdLwMv60D/8uqodMb/DsQj7LJzMHsCWJIPJnXpFYli2FtjCDH9nfNZ0MaUnrAoZPzDTIF6O0FrhkmPHjyO9I+9twq6oaYEnZbn3ObA0n6MQBh/9/hFAw/GUCq9/p3+fvQdiXBhEp4LsEor2ta3D8PYK52XeoYZhH55hiTMLEBU1/dqhWoAbCeMw6mpDiFi5LnUJCLQkeuNVw1gvIiPWR2maT+ZTBkBov6hi6R5KQ8YdpyUfV12Dz5w4yd0
cookie: USRLOC=HS=1&ELOC=LAT=51.519901275634766|LON=-0.10880059748888016|N=London%2C%20Greater%20London|ELT=1|
cookie: SRCHHPGUSR=SRCHLANG=en&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=2898&DPR=1.0&UTC=0&PV=10.0
cookie: SRCHUSR=DOB=20250104&T=1735966859000

Response

HTTP/2.0 200

last-modified: Tue, 24 Sep 2024 06:49:39 GMT
etag: 0x8DCDC650FC3D927
content-length: 3791
content-type: image/jpeg
content-md5: KZpHmi9/HzDQlUXKjMXRYg==
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: d82f5a4c-d01e-0057-7a67-17031d000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cache-control: public, no-transform, max-age=382535
expires: Wed, 08 Jan 2025 15:16:36 GMT
date: Sat, 04 Jan 2025 05:01:01 GMT
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.d78f655f.1735966861.874d99a
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/KC_nX2_tPPyFvVw1RK20Yu1FyDk.svg

msedge.exe

Remote address:

95.101.143.219:443

Request

GET /rp/KC_nX2_tPPyFvVw1RK20Yu1FyDk.svg HTTP/2.0
host: r.bing.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: MUID=3B406B6AF21B62053DD77E00F377634B
cookie: _EDGE_S=F=1&SID=0E7AE11C3C4A6FE33003F4763D266EE2
cookie: _EDGE_V=1
cookie: _SS=PC=U531&SID=0E7AE11C3C4A6FE33003F4763D266EE2
cookie: SRCHD=AF=ANAB01
cookie: SRCHUID=V=2&GUID=E38AAEEFBAA84E6BBDE5B51739698DBE&dmnchg=1
cookie: ak_bmsc=E4F717C62D6A03B55FE517A8758AAA35~000000000000000000000000000000~YAAQ149lX2nJJiiUAQAA1CGwLxowCFng3+AW5wE/0o+C0HCcGM8ZGE2iL/QiVQv5fx2BLuEMcPtkyZOcimwKvqhmjOV78DVtjMKBBIkOVWW/h2j37B1KaOsdxZAihsg8GT51p/358UMalk0weGYdLwMv60D/8uqodMb/DsQj7LJzMHsCWJIPJnXpFYli2FtjCDH9nfNZ0MaUnrAoZPzDTIF6O0FrhkmPHjyO9I+9twq6oaYEnZbn3ObA0n6MQBh/9/hFAw/GUCq9/p3+fvQdiXBhEp4LsEor2ta3D8PYK52XeoYZhH55hiTMLEBU1/dqhWoAbCeMw6mpDiFi5LnUJCLQkeuNVw1gvIiPWR2maT+ZTBkBov6hi6R5KQ8YdpyUfV12Dz5w4yd0
cookie: USRLOC=HS=1&ELOC=LAT=51.519901275634766|LON=-0.10880059748888016|N=London%2C%20Greater%20London|ELT=1|
cookie: SRCHHPGUSR=SRCHLANG=en&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=2898&DPR=1.0&UTC=0&PV=10.0
cookie: SRCHUSR=DOB=20250104&T=1735966859000

Response

HTTP/2.0 200

last-modified: Tue, 24 Sep 2024 06:17:16 GMT
etag: 0x8DCDC6089E98574
content-length: 1111
content-type: image/svg+xml
content-md5: wEyINKyRgCGG5s5neuSonQ==
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 032018d0-501e-006f-1448-174244000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cache-control: public, no-transform, max-age=229401
expires: Mon, 06 Jan 2025 20:44:22 GMT
date: Sat, 04 Jan 2025 05:01:01 GMT
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.d78f655f.1735966861.874d999
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/NnFHhz2jL6yzChtIhaB5IIVKY5k.svg

msedge.exe

Remote address:

95.101.143.219:443

Request

GET /rp/NnFHhz2jL6yzChtIhaB5IIVKY5k.svg HTTP/2.0
host: r.bing.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: MUID=3B406B6AF21B62053DD77E00F377634B
cookie: _EDGE_S=F=1&SID=0E7AE11C3C4A6FE33003F4763D266EE2
cookie: _EDGE_V=1
cookie: _SS=PC=U531&SID=0E7AE11C3C4A6FE33003F4763D266EE2
cookie: SRCHD=AF=ANAB01
cookie: SRCHUID=V=2&GUID=E38AAEEFBAA84E6BBDE5B51739698DBE&dmnchg=1
cookie: ak_bmsc=E4F717C62D6A03B55FE517A8758AAA35~000000000000000000000000000000~YAAQ149lX2nJJiiUAQAA1CGwLxowCFng3+AW5wE/0o+C0HCcGM8ZGE2iL/QiVQv5fx2BLuEMcPtkyZOcimwKvqhmjOV78DVtjMKBBIkOVWW/h2j37B1KaOsdxZAihsg8GT51p/358UMalk0weGYdLwMv60D/8uqodMb/DsQj7LJzMHsCWJIPJnXpFYli2FtjCDH9nfNZ0MaUnrAoZPzDTIF6O0FrhkmPHjyO9I+9twq6oaYEnZbn3ObA0n6MQBh/9/hFAw/GUCq9/p3+fvQdiXBhEp4LsEor2ta3D8PYK52XeoYZhH55hiTMLEBU1/dqhWoAbCeMw6mpDiFi5LnUJCLQkeuNVw1gvIiPWR2maT+ZTBkBov6hi6R5KQ8YdpyUfV12Dz5w4yd0
cookie: USRLOC=HS=1&ELOC=LAT=51.519901275634766|LON=-0.10880059748888016|N=London%2C%20Greater%20London|ELT=1|
cookie: SRCHHPGUSR=SRCHLANG=en&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=2898&DPR=1.0&UTC=0&PV=10.0
cookie: SRCHUSR=DOB=20250104&T=1735966859000

Response

HTTP/2.0 200

last-modified: Tue, 24 Sep 2024 05:54:04 GMT
etag: 0x8DCDC5D4C424AE8
content-length: 5387
content-type: image/jpeg
content-md5: adFid0+JT/i5IDMON2t6Yg==
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 233d1204-101e-0068-1d1a-16b4c1000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cache-control: public, no-transform, max-age=154348
expires: Sun, 05 Jan 2025 23:53:29 GMT
date: Sat, 04 Jan 2025 05:01:01 GMT
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.d78f655f.1735966861.874d99f
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/hx-eea1zqtCz4K0bW2uH_oN7Fs4.jpg

msedge.exe

Remote address:

95.101.143.219:443

Request

GET /rp/hx-eea1zqtCz4K0bW2uH_oN7Fs4.jpg HTTP/2.0
host: r.bing.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: MUID=3B406B6AF21B62053DD77E00F377634B
cookie: _EDGE_S=F=1&SID=0E7AE11C3C4A6FE33003F4763D266EE2
cookie: _EDGE_V=1
cookie: _SS=PC=U531&SID=0E7AE11C3C4A6FE33003F4763D266EE2
cookie: SRCHD=AF=ANAB01
cookie: SRCHUID=V=2&GUID=E38AAEEFBAA84E6BBDE5B51739698DBE&dmnchg=1
cookie: ak_bmsc=E4F717C62D6A03B55FE517A8758AAA35~000000000000000000000000000000~YAAQ149lX2nJJiiUAQAA1CGwLxowCFng3+AW5wE/0o+C0HCcGM8ZGE2iL/QiVQv5fx2BLuEMcPtkyZOcimwKvqhmjOV78DVtjMKBBIkOVWW/h2j37B1KaOsdxZAihsg8GT51p/358UMalk0weGYdLwMv60D/8uqodMb/DsQj7LJzMHsCWJIPJnXpFYli2FtjCDH9nfNZ0MaUnrAoZPzDTIF6O0FrhkmPHjyO9I+9twq6oaYEnZbn3ObA0n6MQBh/9/hFAw/GUCq9/p3+fvQdiXBhEp4LsEor2ta3D8PYK52XeoYZhH55hiTMLEBU1/dqhWoAbCeMw6mpDiFi5LnUJCLQkeuNVw1gvIiPWR2maT+ZTBkBov6hi6R5KQ8YdpyUfV12Dz5w4yd0
cookie: USRLOC=HS=1&ELOC=LAT=51.519901275634766|LON=-0.10880059748888016|N=London%2C%20Greater%20London|ELT=1|
cookie: SRCHHPGUSR=SRCHLANG=en&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=2898&DPR=1.0&UTC=0&PV=10.0
cookie: SRCHUSR=DOB=20250104&T=1735966859000

Response

HTTP/2.0 200

last-modified: Tue, 24 Sep 2024 06:05:48 GMT
etag: 0x8DCDC5EEFB0049C
content-length: 6817
content-type: image/jpeg
content-md5: DEHuMbBOl4tIgtF2kPA6Og==
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 42a58b94-c01e-0048-0d59-17d80d000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cache-control: public, no-transform, max-age=267700
expires: Tue, 07 Jan 2025 07:22:41 GMT
date: Sat, 04 Jan 2025 05:01:01 GMT
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.d78f655f.1735966861.874d9a0
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/95z5wMy4UcfbSSSlSw780vQ5jKA.jpg

msedge.exe

Remote address:

95.101.143.219:443

Request

GET /rp/95z5wMy4UcfbSSSlSw780vQ5jKA.jpg HTTP/2.0
host: r.bing.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: MUID=3B406B6AF21B62053DD77E00F377634B
cookie: _EDGE_S=F=1&SID=0E7AE11C3C4A6FE33003F4763D266EE2
cookie: _EDGE_V=1
cookie: _SS=PC=U531&SID=0E7AE11C3C4A6FE33003F4763D266EE2
cookie: SRCHD=AF=ANAB01
cookie: SRCHUID=V=2&GUID=E38AAEEFBAA84E6BBDE5B51739698DBE&dmnchg=1
cookie: ak_bmsc=E4F717C62D6A03B55FE517A8758AAA35~000000000000000000000000000000~YAAQ149lX2nJJiiUAQAA1CGwLxowCFng3+AW5wE/0o+C0HCcGM8ZGE2iL/QiVQv5fx2BLuEMcPtkyZOcimwKvqhmjOV78DVtjMKBBIkOVWW/h2j37B1KaOsdxZAihsg8GT51p/358UMalk0weGYdLwMv60D/8uqodMb/DsQj7LJzMHsCWJIPJnXpFYli2FtjCDH9nfNZ0MaUnrAoZPzDTIF6O0FrhkmPHjyO9I+9twq6oaYEnZbn3ObA0n6MQBh/9/hFAw/GUCq9/p3+fvQdiXBhEp4LsEor2ta3D8PYK52XeoYZhH55hiTMLEBU1/dqhWoAbCeMw6mpDiFi5LnUJCLQkeuNVw1gvIiPWR2maT+ZTBkBov6hi6R5KQ8YdpyUfV12Dz5w4yd0
cookie: USRLOC=HS=1&ELOC=LAT=51.519901275634766|LON=-0.10880059748888016|N=London%2C%20Greater%20London|ELT=1|
cookie: SRCHHPGUSR=SRCHLANG=en&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=2898&DPR=1.0&UTC=0&PV=10.0
cookie: SRCHUSR=DOB=20250104&T=1735966859000

Response

HTTP/2.0 200

last-modified: Tue, 24 Sep 2024 06:55:51 GMT
etag: 0x8DCDC65ED9B19A0
content-length: 4409
content-type: image/jpeg
content-md5: qYoIvbmbhCLJ3J1v3ZOHww==
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 45485c09-401e-003f-3bb0-155d4c000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cache-control: public, no-transform, max-age=113552
expires: Sun, 05 Jan 2025 12:33:33 GMT
date: Sat, 04 Jan 2025 05:01:01 GMT
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.d78f655f.1735966861.874d9a1
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/GJDmKr3_TS3Qpm6KEL9UKUQKUO4.jpg

msedge.exe

Remote address:

95.101.143.219:443

Request

GET /rp/GJDmKr3_TS3Qpm6KEL9UKUQKUO4.jpg HTTP/2.0
host: r.bing.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: MUID=3B406B6AF21B62053DD77E00F377634B
cookie: _EDGE_S=F=1&SID=0E7AE11C3C4A6FE33003F4763D266EE2
cookie: _EDGE_V=1
cookie: _SS=PC=U531&SID=0E7AE11C3C4A6FE33003F4763D266EE2
cookie: SRCHD=AF=ANAB01
cookie: SRCHUID=V=2&GUID=E38AAEEFBAA84E6BBDE5B51739698DBE&dmnchg=1
cookie: ak_bmsc=E4F717C62D6A03B55FE517A8758AAA35~000000000000000000000000000000~YAAQ149lX2nJJiiUAQAA1CGwLxowCFng3+AW5wE/0o+C0HCcGM8ZGE2iL/QiVQv5fx2BLuEMcPtkyZOcimwKvqhmjOV78DVtjMKBBIkOVWW/h2j37B1KaOsdxZAihsg8GT51p/358UMalk0weGYdLwMv60D/8uqodMb/DsQj7LJzMHsCWJIPJnXpFYli2FtjCDH9nfNZ0MaUnrAoZPzDTIF6O0FrhkmPHjyO9I+9twq6oaYEnZbn3ObA0n6MQBh/9/hFAw/GUCq9/p3+fvQdiXBhEp4LsEor2ta3D8PYK52XeoYZhH55hiTMLEBU1/dqhWoAbCeMw6mpDiFi5LnUJCLQkeuNVw1gvIiPWR2maT+ZTBkBov6hi6R5KQ8YdpyUfV12Dz5w4yd0
cookie: USRLOC=HS=1&ELOC=LAT=51.519901275634766|LON=-0.10880059748888016|N=London%2C%20Greater%20London|ELT=1|
cookie: SRCHHPGUSR=SRCHLANG=en&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=2898&DPR=1.0&UTC=0&PV=10.0
cookie: SRCHUSR=DOB=20250104&T=1735966859000

Response

HTTP/2.0 200

last-modified: Tue, 24 Sep 2024 06:43:17 GMT
etag: 0x8DCDC642C51AEC8
content-length: 4934
content-type: image/jpeg
content-md5: /aLOrgZ5YRk35ucfcBo2qw==
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: eb80deab-601e-0023-48af-16855b000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cache-control: public, no-transform, max-age=212381
expires: Mon, 06 Jan 2025 16:00:42 GMT
date: Sat, 04 Jan 2025 05:01:01 GMT
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.d78f655f.1735966861.874d9a2
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/ln5TQq6AIWfcBlduDk-5bnaJMpY.jpg

msedge.exe

Remote address:

95.101.143.219:443

Request

GET /rp/ln5TQq6AIWfcBlduDk-5bnaJMpY.jpg HTTP/2.0
host: r.bing.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: MUID=3B406B6AF21B62053DD77E00F377634B
cookie: _EDGE_S=F=1&SID=0E7AE11C3C4A6FE33003F4763D266EE2
cookie: _EDGE_V=1
cookie: _SS=PC=U531&SID=0E7AE11C3C4A6FE33003F4763D266EE2
cookie: SRCHD=AF=ANAB01
cookie: SRCHUID=V=2&GUID=E38AAEEFBAA84E6BBDE5B51739698DBE&dmnchg=1
cookie: ak_bmsc=E4F717C62D6A03B55FE517A8758AAA35~000000000000000000000000000000~YAAQ149lX2nJJiiUAQAA1CGwLxowCFng3+AW5wE/0o+C0HCcGM8ZGE2iL/QiVQv5fx2BLuEMcPtkyZOcimwKvqhmjOV78DVtjMKBBIkOVWW/h2j37B1KaOsdxZAihsg8GT51p/358UMalk0weGYdLwMv60D/8uqodMb/DsQj7LJzMHsCWJIPJnXpFYli2FtjCDH9nfNZ0MaUnrAoZPzDTIF6O0FrhkmPHjyO9I+9twq6oaYEnZbn3ObA0n6MQBh/9/hFAw/GUCq9/p3+fvQdiXBhEp4LsEor2ta3D8PYK52XeoYZhH55hiTMLEBU1/dqhWoAbCeMw6mpDiFi5LnUJCLQkeuNVw1gvIiPWR2maT+ZTBkBov6hi6R5KQ8YdpyUfV12Dz5w4yd0
cookie: USRLOC=HS=1&ELOC=LAT=51.519901275634766|LON=-0.10880059748888016|N=London%2C%20Greater%20London|ELT=1|
cookie: SRCHHPGUSR=SRCHLANG=en&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=2898&DPR=1.0&UTC=0&PV=10.0
cookie: SRCHUSR=DOB=20250104&T=1735966859000

Response

HTTP/2.0 200

last-modified: Tue, 24 Sep 2024 06:55:56 GMT
etag: 0x8DCDC65F09D13C1
content-length: 5944
content-type: image/jpeg
content-md5: 9ucNopg0mtlCFfC0podQNw==
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: c1644b07-101e-002c-4b21-1868ad000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cache-control: public, no-transform, max-age=147786
expires: Sun, 05 Jan 2025 22:04:07 GMT
date: Sat, 04 Jan 2025 05:01:01 GMT
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.d78f655f.1735966861.874d9a4
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/dbmNS45xQvD1diApY1T2HExvOo8.jpg

msedge.exe

Remote address:

95.101.143.219:443

Request

GET /rp/dbmNS45xQvD1diApY1T2HExvOo8.jpg HTTP/2.0
host: r.bing.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: MUID=3B406B6AF21B62053DD77E00F377634B
cookie: _EDGE_S=F=1&SID=0E7AE11C3C4A6FE33003F4763D266EE2
cookie: _EDGE_V=1
cookie: _SS=PC=U531&SID=0E7AE11C3C4A6FE33003F4763D266EE2
cookie: SRCHD=AF=ANAB01
cookie: SRCHUID=V=2&GUID=E38AAEEFBAA84E6BBDE5B51739698DBE&dmnchg=1
cookie: ak_bmsc=E4F717C62D6A03B55FE517A8758AAA35~000000000000000000000000000000~YAAQ149lX2nJJiiUAQAA1CGwLxowCFng3+AW5wE/0o+C0HCcGM8ZGE2iL/QiVQv5fx2BLuEMcPtkyZOcimwKvqhmjOV78DVtjMKBBIkOVWW/h2j37B1KaOsdxZAihsg8GT51p/358UMalk0weGYdLwMv60D/8uqodMb/DsQj7LJzMHsCWJIPJnXpFYli2FtjCDH9nfNZ0MaUnrAoZPzDTIF6O0FrhkmPHjyO9I+9twq6oaYEnZbn3ObA0n6MQBh/9/hFAw/GUCq9/p3+fvQdiXBhEp4LsEor2ta3D8PYK52XeoYZhH55hiTMLEBU1/dqhWoAbCeMw6mpDiFi5LnUJCLQkeuNVw1gvIiPWR2maT+ZTBkBov6hi6R5KQ8YdpyUfV12Dz5w4yd0
cookie: USRLOC=HS=1&ELOC=LAT=51.519901275634766|LON=-0.10880059748888016|N=London%2C%20Greater%20London|ELT=1|
cookie: SRCHHPGUSR=SRCHLANG=en&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=2898&DPR=1.0&UTC=0&PV=10.0
cookie: SRCHUSR=DOB=20250104&T=1735966859000

Response

HTTP/2.0 200

last-modified: Tue, 24 Sep 2024 06:58:31 GMT
etag: 0x8DCDC664D1860E2
content-length: 3814
content-type: image/jpeg
content-md5: KBVwYR+JIZqXDyWJ+YoJ2w==
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 3ec8f7ea-901e-0072-119f-199bae000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cache-control: public, no-transform, max-age=429593
expires: Thu, 09 Jan 2025 04:20:54 GMT
date: Sat, 04 Jan 2025 05:01:01 GMT
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.d78f655f.1735966861.874d9a5
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/cfeVf2-uV0hUo3ToTbLjztuomWk.jpg

msedge.exe

Remote address:

95.101.143.219:443

Request

GET /rp/cfeVf2-uV0hUo3ToTbLjztuomWk.jpg HTTP/2.0
host: r.bing.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: MUID=3B406B6AF21B62053DD77E00F377634B
cookie: _EDGE_S=F=1&SID=0E7AE11C3C4A6FE33003F4763D266EE2
cookie: _EDGE_V=1
cookie: _SS=PC=U531&SID=0E7AE11C3C4A6FE33003F4763D266EE2
cookie: SRCHD=AF=ANAB01
cookie: SRCHUID=V=2&GUID=E38AAEEFBAA84E6BBDE5B51739698DBE&dmnchg=1
cookie: ak_bmsc=E4F717C62D6A03B55FE517A8758AAA35~000000000000000000000000000000~YAAQ149lX2nJJiiUAQAA1CGwLxowCFng3+AW5wE/0o+C0HCcGM8ZGE2iL/QiVQv5fx2BLuEMcPtkyZOcimwKvqhmjOV78DVtjMKBBIkOVWW/h2j37B1KaOsdxZAihsg8GT51p/358UMalk0weGYdLwMv60D/8uqodMb/DsQj7LJzMHsCWJIPJnXpFYli2FtjCDH9nfNZ0MaUnrAoZPzDTIF6O0FrhkmPHjyO9I+9twq6oaYEnZbn3ObA0n6MQBh/9/hFAw/GUCq9/p3+fvQdiXBhEp4LsEor2ta3D8PYK52XeoYZhH55hiTMLEBU1/dqhWoAbCeMw6mpDiFi5LnUJCLQkeuNVw1gvIiPWR2maT+ZTBkBov6hi6R5KQ8YdpyUfV12Dz5w4yd0
cookie: USRLOC=HS=1&ELOC=LAT=51.519901275634766|LON=-0.10880059748888016|N=London%2C%20Greater%20London|ELT=1|
cookie: SRCHHPGUSR=SRCHLANG=en&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=2898&DPR=1.0&UTC=0&PV=10.0
cookie: SRCHUSR=DOB=20250104&T=1735966859000

Response

HTTP/2.0 200

content-length: 769
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
content-encoding: br
expires: -1
pragma: no-cache
vary: Accept-Encoding
x-eventid: 6778c08d2fb444ba93908685914a9e5d
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, ECT, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
useragentreductionoptout: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
content-security-policy: script-src https: 'strict-dynamic' 'report-sample' 'wasm-unsafe-eval' 'nonce-z80xbk4P7LjutawPjan0A6fQZ2eVszj/UYZnAGkGoRU='; base-uri 'self';report-to csp-endpoint
report-to: {"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
p3p: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
x-ceto-ref: 6778c08d2fb444ba93908685914a9e5d|AFD:6778c08d2fb444ba93908685914a9e5d|2025-01-04T05:01:01.157Z
date: Sat, 04 Jan 2025 05:01:01 GMT
set-cookie: _C_ETH=1; domain=.bing.com; path=/; secure; httponly
set-cookie: _C_Auth=
alt-svc: h3=":443"; ma=93600
x-cdn-traceid: 0.d78f655f.1735966861.874d983
GET

https://r.bing.com/rp/lvCKZ07bEYtoYmY62ifMzVa0RIE.jpg

msedge.exe

Remote address:

95.101.143.219:443

Request

GET /rp/lvCKZ07bEYtoYmY62ifMzVa0RIE.jpg HTTP/2.0
host: r.bing.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: MUID=3B406B6AF21B62053DD77E00F377634B
cookie: _EDGE_S=F=1&SID=0E7AE11C3C4A6FE33003F4763D266EE2
cookie: _EDGE_V=1
cookie: _SS=PC=U531&SID=0E7AE11C3C4A6FE33003F4763D266EE2
cookie: SRCHD=AF=ANAB01
cookie: SRCHUID=V=2&GUID=E38AAEEFBAA84E6BBDE5B51739698DBE&dmnchg=1
cookie: ak_bmsc=E4F717C62D6A03B55FE517A8758AAA35~000000000000000000000000000000~YAAQ149lX2nJJiiUAQAA1CGwLxowCFng3+AW5wE/0o+C0HCcGM8ZGE2iL/QiVQv5fx2BLuEMcPtkyZOcimwKvqhmjOV78DVtjMKBBIkOVWW/h2j37B1KaOsdxZAihsg8GT51p/358UMalk0weGYdLwMv60D/8uqodMb/DsQj7LJzMHsCWJIPJnXpFYli2FtjCDH9nfNZ0MaUnrAoZPzDTIF6O0FrhkmPHjyO9I+9twq6oaYEnZbn3ObA0n6MQBh/9/hFAw/GUCq9/p3+fvQdiXBhEp4LsEor2ta3D8PYK52XeoYZhH55hiTMLEBU1/dqhWoAbCeMw6mpDiFi5LnUJCLQkeuNVw1gvIiPWR2maT+ZTBkBov6hi6R5KQ8YdpyUfV12Dz5w4yd0
cookie: USRLOC=HS=1&ELOC=LAT=51.519901275634766|LON=-0.10880059748888016|N=London%2C%20Greater%20London|ELT=1|
cookie: SRCHHPGUSR=SRCHLANG=en&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=2898&DPR=1.0&UTC=0&PV=10.0
cookie: SRCHUSR=DOB=20250104&T=1735966859000

Response

HTTP/2.0 200

last-modified: Tue, 24 Sep 2024 06:41:55 GMT
etag: 0x8DCDC63FB5BC9CB
content-length: 4547
content-type: image/jpeg
content-md5: eu9Mz25HuboDg2XNPR9Wkw==
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 09ffe763-201e-0024-1c98-1673de000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cache-control: public, no-transform, max-age=60071
expires: Sat, 04 Jan 2025 21:42:12 GMT
date: Sat, 04 Jan 2025 05:01:01 GMT
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.d78f655f.1735966861.874d9a3
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/ni3MyKKVu9pK0SgY6gb6Z2NOGpg.jpg

msedge.exe

Remote address:

95.101.143.219:443

Request

GET /rp/ni3MyKKVu9pK0SgY6gb6Z2NOGpg.jpg HTTP/2.0
host: r.bing.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: MUID=3B406B6AF21B62053DD77E00F377634B
cookie: _EDGE_S=F=1&SID=0E7AE11C3C4A6FE33003F4763D266EE2
cookie: _EDGE_V=1
cookie: _SS=PC=U531&SID=0E7AE11C3C4A6FE33003F4763D266EE2
cookie: SRCHD=AF=ANAB01
cookie: SRCHUID=V=2&GUID=E38AAEEFBAA84E6BBDE5B51739698DBE&dmnchg=1
cookie: ak_bmsc=E4F717C62D6A03B55FE517A8758AAA35~000000000000000000000000000000~YAAQ149lX2nJJiiUAQAA1CGwLxowCFng3+AW5wE/0o+C0HCcGM8ZGE2iL/QiVQv5fx2BLuEMcPtkyZOcimwKvqhmjOV78DVtjMKBBIkOVWW/h2j37B1KaOsdxZAihsg8GT51p/358UMalk0weGYdLwMv60D/8uqodMb/DsQj7LJzMHsCWJIPJnXpFYli2FtjCDH9nfNZ0MaUnrAoZPzDTIF6O0FrhkmPHjyO9I+9twq6oaYEnZbn3ObA0n6MQBh/9/hFAw/GUCq9/p3+fvQdiXBhEp4LsEor2ta3D8PYK52XeoYZhH55hiTMLEBU1/dqhWoAbCeMw6mpDiFi5LnUJCLQkeuNVw1gvIiPWR2maT+ZTBkBov6hi6R5KQ8YdpyUfV12Dz5w4yd0
cookie: USRLOC=HS=1&ELOC=LAT=51.519901275634766|LON=-0.10880059748888016|N=London%2C%20Greater%20London|ELT=1|
cookie: SRCHHPGUSR=SRCHLANG=en&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=2898&DPR=1.0&UTC=0&PV=10.0
cookie: SRCHUSR=DOB=20250104&T=1735966859000

Response

HTTP/2.0 200

last-modified: Mon, 15 Aug 2022 17:39:27 GMT
etag: 0x8DA7EE519EF54EF
akamai-grn: 0.19fd4817.1699775190.19e2dda6
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
content-length: 726
content-type: image/svg+xml
content-md5: ZgHkolq4RyA+EBWzJRSxbA==
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: d46b8e76-f01e-0020-517e-0a9bf6000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
akamai-grn: 0.1efd4817.1701123842.3b4e7f5b
cache-control: public, no-transform, max-age=9571730
expires: Thu, 24 Apr 2025 23:49:51 GMT
date: Sat, 04 Jan 2025 05:01:01 GMT
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.d78f655f.1735966861.874d998
timing-allow-origin: *
POST

https://www.bing.com/rewardsapp/reportActivity?IG=68C350558AEC472DBCCE420047970621&IID=SERP.5066&q=virus+download&cvid=64ee3a2dc60c4392b2e0a454ecd64ada&aqs=edge.4.69i57j0l6.4251j0j4&FORM=ANAB01&PC=U531

msedge.exe

Remote address:

95.101.143.219:443

Request

POST /rewardsapp/reportActivity?IG=68C350558AEC472DBCCE420047970621&IID=SERP.5066&q=virus+download&cvid=64ee3a2dc60c4392b2e0a454ecd64ada&aqs=edge.4.69i57j0l6.4251j0j4&FORM=ANAB01&PC=U531 HTTP/2.0
host: www.bing.com
content-length: 164
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
content-type: application/x-www-form-urlencoded
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
accept: */*
origin: https://www.bing.com
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.bing.com/search?q=virus+download&cvid=64ee3a2dc60c4392b2e0a454ecd64ada&aqs=edge.4.69i57j0l6.4251j0j4&FORM=ANAB01&PC=U531
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: MUID=3B406B6AF21B62053DD77E00F377634B
cookie: _EDGE_S=F=1&SID=0E7AE11C3C4A6FE33003F4763D266EE2
cookie: _EDGE_V=1
cookie: _SS=PC=U531&SID=0E7AE11C3C4A6FE33003F4763D266EE2
cookie: SRCHD=AF=ANAB01
cookie: SRCHUID=V=2&GUID=E38AAEEFBAA84E6BBDE5B51739698DBE&dmnchg=1
cookie: ak_bmsc=E4F717C62D6A03B55FE517A8758AAA35~000000000000000000000000000000~YAAQ149lX2nJJiiUAQAA1CGwLxowCFng3+AW5wE/0o+C0HCcGM8ZGE2iL/QiVQv5fx2BLuEMcPtkyZOcimwKvqhmjOV78DVtjMKBBIkOVWW/h2j37B1KaOsdxZAihsg8GT51p/358UMalk0weGYdLwMv60D/8uqodMb/DsQj7LJzMHsCWJIPJnXpFYli2FtjCDH9nfNZ0MaUnrAoZPzDTIF6O0FrhkmPHjyO9I+9twq6oaYEnZbn3ObA0n6MQBh/9/hFAw/GUCq9/p3+fvQdiXBhEp4LsEor2ta3D8PYK52XeoYZhH55hiTMLEBU1/dqhWoAbCeMw6mpDiFi5LnUJCLQkeuNVw1gvIiPWR2maT+ZTBkBov6hi6R5KQ8YdpyUfV12Dz5w4yd0
cookie: MUIDB=3B406B6AF21B62053DD77E00F377634B
cookie: USRLOC=HS=1&ELOC=LAT=51.519901275634766|LON=-0.10880059748888016|N=London%2C%20Greater%20London|ELT=1|
cookie: SRCHHPGUSR=SRCHLANG=en&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=2898&DPR=1.0&UTC=0&PV=10.0
cookie: SRCHUSR=DOB=20250104&T=1735966859000

Response

HTTP/2.0 200

content-length: 990
content-type: text/html; charset=utf-8
cache-control: no-cache
content-encoding: br
expires: -1
pragma: no-cache
vary: Accept-Encoding
x-eventid: 6778c08d61dd40dfad235d1b428581ff
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, ECT, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
useragentreductionoptout: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
content-security-policy: script-src https: 'strict-dynamic' 'report-sample' 'wasm-unsafe-eval' 'nonce-26iGpMgTtBmu2E6VR8puazMfo6cQs/fb6S9k+lld7B0='; base-uri 'self';report-to csp-endpoint
report-to: {"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
p3p: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
x-ceto-ref: 6778c08d61dd40dfad235d1b428581ff|AFD:6778c08d61dd40dfad235d1b428581ff|2025-01-04T05:01:01.203Z
date: Sat, 04 Jan 2025 05:01:01 GMT
set-cookie: _C_ETH=1; domain=.bing.com; path=/; secure; httponly
set-cookie: _C_Auth=
set-cookie: _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2025-01-03T08:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2025-01-04T05:01:01.2211900+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=; domain=.bing.com; expires=Sun, 04-Jan-2026 05:01:01 GMT; path=/; secure; SameSite=None
set-cookie: _Rwho=u=d&ts=2025-01-04; domain=.bing.com; path=/; secure; HttpOnly; SameSite=None
set-cookie: _SS=PC=U531&SID=0E7AE11C3C4A6FE33003F4763D266EE2&R=3&RB=0&GB=0&RG=200&RP=0; domain=.bing.com; path=/; secure; SameSite=None
alt-svc: h3=":443"; ma=93600
x-cdn-traceid: 0.d78f655f.1735966861.874d9af
GET

https://r.bing.com/rp/c4ruj6QGsmSnOG64gJJnnnYDa44.br.css

msedge.exe

Remote address:

95.101.143.219:443

Request

GET /rp/c4ruj6QGsmSnOG64gJJnnnYDa44.br.css HTTP/2.0
host: r.bing.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/css,*/*;q=0.1
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: style
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: MUID=3B406B6AF21B62053DD77E00F377634B
cookie: _EDGE_S=F=1&SID=0E7AE11C3C4A6FE33003F4763D266EE2
cookie: _EDGE_V=1
cookie: _SS=PC=U531&SID=0E7AE11C3C4A6FE33003F4763D266EE2
cookie: SRCHD=AF=ANAB01
cookie: SRCHUID=V=2&GUID=E38AAEEFBAA84E6BBDE5B51739698DBE&dmnchg=1
cookie: ak_bmsc=E4F717C62D6A03B55FE517A8758AAA35~000000000000000000000000000000~YAAQ149lX2nJJiiUAQAA1CGwLxowCFng3+AW5wE/0o+C0HCcGM8ZGE2iL/QiVQv5fx2BLuEMcPtkyZOcimwKvqhmjOV78DVtjMKBBIkOVWW/h2j37B1KaOsdxZAihsg8GT51p/358UMalk0weGYdLwMv60D/8uqodMb/DsQj7LJzMHsCWJIPJnXpFYli2FtjCDH9nfNZ0MaUnrAoZPzDTIF6O0FrhkmPHjyO9I+9twq6oaYEnZbn3ObA0n6MQBh/9/hFAw/GUCq9/p3+fvQdiXBhEp4LsEor2ta3D8PYK52XeoYZhH55hiTMLEBU1/dqhWoAbCeMw6mpDiFi5LnUJCLQkeuNVw1gvIiPWR2maT+ZTBkBov6hi6R5KQ8YdpyUfV12Dz5w4yd0
cookie: USRLOC=HS=1&ELOC=LAT=51.519901275634766|LON=-0.10880059748888016|N=London%2C%20Greater%20London|ELT=1|
cookie: SRCHHPGUSR=SRCHLANG=en&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=2898&DPR=1.0&UTC=0&PV=10.0
cookie: SRCHUSR=DOB=20250104&T=1735966859000
cookie: _C_ETH=1

Response

HTTP/2.0 200

last-modified: Tue, 24 Sep 2024 06:41:12 GMT
etag: 0x8DCDC63E1AC19C2
content-length: 324
content-type: text/css
content-encoding: br
content-md5: zul1ioyI5qjKzvVMsqd8eQ==
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 78028e9b-b01e-0021-58f1-1687a1000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cache-control: public, no-transform, max-age=72202
expires: Sun, 05 Jan 2025 01:04:23 GMT
date: Sat, 04 Jan 2025 05:01:01 GMT
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.d78f655f.1735966861.874da15
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/5-y8FBmAkXLBZZghI-X94CRnsqg.br.css

msedge.exe

Remote address:

95.101.143.219:443

Request

GET /rp/5-y8FBmAkXLBZZghI-X94CRnsqg.br.css HTTP/2.0
host: r.bing.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/css,*/*;q=0.1
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: style
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: MUID=3B406B6AF21B62053DD77E00F377634B
cookie: _EDGE_S=F=1&SID=0E7AE11C3C4A6FE33003F4763D266EE2
cookie: _EDGE_V=1
cookie: _SS=PC=U531&SID=0E7AE11C3C4A6FE33003F4763D266EE2
cookie: SRCHD=AF=ANAB01
cookie: SRCHUID=V=2&GUID=E38AAEEFBAA84E6BBDE5B51739698DBE&dmnchg=1
cookie: ak_bmsc=E4F717C62D6A03B55FE517A8758AAA35~000000000000000000000000000000~YAAQ149lX2nJJiiUAQAA1CGwLxowCFng3+AW5wE/0o+C0HCcGM8ZGE2iL/QiVQv5fx2BLuEMcPtkyZOcimwKvqhmjOV78DVtjMKBBIkOVWW/h2j37B1KaOsdxZAihsg8GT51p/358UMalk0weGYdLwMv60D/8uqodMb/DsQj7LJzMHsCWJIPJnXpFYli2FtjCDH9nfNZ0MaUnrAoZPzDTIF6O0FrhkmPHjyO9I+9twq6oaYEnZbn3ObA0n6MQBh/9/hFAw/GUCq9/p3+fvQdiXBhEp4LsEor2ta3D8PYK52XeoYZhH55hiTMLEBU1/dqhWoAbCeMw6mpDiFi5LnUJCLQkeuNVw1gvIiPWR2maT+ZTBkBov6hi6R5KQ8YdpyUfV12Dz5w4yd0
cookie: USRLOC=HS=1&ELOC=LAT=51.519901275634766|LON=-0.10880059748888016|N=London%2C%20Greater%20London|ELT=1|
cookie: SRCHHPGUSR=SRCHLANG=en&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=2898&DPR=1.0&UTC=0&PV=10.0
cookie: SRCHUSR=DOB=20250104&T=1735966859000
cookie: _C_ETH=1

Response

HTTP/2.0 200

last-modified: Mon, 14 Oct 2024 19:40:29 GMT
etag: 0x8DCEC880F396E3D
content-type: text/css
content-md5: Twb1SQrgn66TMkCHmLv8IQ==
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 83142a0a-b01e-006e-6f86-1e43b9000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
content-encoding: gzip
content-length: 301
cache-control: public, no-transform, max-age=316501
expires: Tue, 07 Jan 2025 20:56:02 GMT
date: Sat, 04 Jan 2025 05:01:01 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.d78f655f.1735966861.874da2b
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/17Kbwo14aoBIPkSeISAgHKajyeA.br.css

msedge.exe

Remote address:

95.101.143.219:443

Request

GET /rp/17Kbwo14aoBIPkSeISAgHKajyeA.br.css HTTP/2.0
host: r.bing.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/css,*/*;q=0.1
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: style
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: MUID=3B406B6AF21B62053DD77E00F377634B
cookie: _EDGE_S=F=1&SID=0E7AE11C3C4A6FE33003F4763D266EE2
cookie: _EDGE_V=1
cookie: _SS=PC=U531&SID=0E7AE11C3C4A6FE33003F4763D266EE2
cookie: SRCHD=AF=ANAB01
cookie: SRCHUID=V=2&GUID=E38AAEEFBAA84E6BBDE5B51739698DBE&dmnchg=1
cookie: ak_bmsc=E4F717C62D6A03B55FE517A8758AAA35~000000000000000000000000000000~YAAQ149lX2nJJiiUAQAA1CGwLxowCFng3+AW5wE/0o+C0HCcGM8ZGE2iL/QiVQv5fx2BLuEMcPtkyZOcimwKvqhmjOV78DVtjMKBBIkOVWW/h2j37B1KaOsdxZAihsg8GT51p/358UMalk0weGYdLwMv60D/8uqodMb/DsQj7LJzMHsCWJIPJnXpFYli2FtjCDH9nfNZ0MaUnrAoZPzDTIF6O0FrhkmPHjyO9I+9twq6oaYEnZbn3ObA0n6MQBh/9/hFAw/GUCq9/p3+fvQdiXBhEp4LsEor2ta3D8PYK52XeoYZhH55hiTMLEBU1/dqhWoAbCeMw6mpDiFi5LnUJCLQkeuNVw1gvIiPWR2maT+ZTBkBov6hi6R5KQ8YdpyUfV12Dz5w4yd0
cookie: USRLOC=HS=1&ELOC=LAT=51.519901275634766|LON=-0.10880059748888016|N=London%2C%20Greater%20London|ELT=1|
cookie: SRCHHPGUSR=SRCHLANG=en&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=2898&DPR=1.0&UTC=0&PV=10.0
cookie: SRCHUSR=DOB=20250104&T=1735966859000
cookie: _C_ETH=1

Response

HTTP/2.0 200

last-modified: Mon, 14 Oct 2024 19:29:57 GMT
etag: 0x8DCEC86967FA2A4
content-type: text/css; charset=utf-8
content-md5: yxQVEL8D2yYKzOkWuxDcBg==
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 8c7a6c74-e01e-0054-6fe1-20001a000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
content-encoding: gzip
content-length: 375
cache-control: public, no-transform, max-age=99230
expires: Sun, 05 Jan 2025 08:34:51 GMT
date: Sat, 04 Jan 2025 05:01:01 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.d78f655f.1735966861.874da2c
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/vDjLjnEkXEuH2C8u3tT0A004qwQ.br.css

msedge.exe

Remote address:

95.101.143.219:443

Request

GET /rp/vDjLjnEkXEuH2C8u3tT0A004qwQ.br.css HTTP/2.0
host: r.bing.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/css,*/*;q=0.1
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: style
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: MUID=3B406B6AF21B62053DD77E00F377634B
cookie: _EDGE_S=F=1&SID=0E7AE11C3C4A6FE33003F4763D266EE2
cookie: _EDGE_V=1
cookie: _SS=PC=U531&SID=0E7AE11C3C4A6FE33003F4763D266EE2
cookie: SRCHD=AF=ANAB01
cookie: SRCHUID=V=2&GUID=E38AAEEFBAA84E6BBDE5B51739698DBE&dmnchg=1
cookie: ak_bmsc=E4F717C62D6A03B55FE517A8758AAA35~000000000000000000000000000000~YAAQ149lX2nJJiiUAQAA1CGwLxowCFng3+AW5wE/0o+C0HCcGM8ZGE2iL/QiVQv5fx2BLuEMcPtkyZOcimwKvqhmjOV78DVtjMKBBIkOVWW/h2j37B1KaOsdxZAihsg8GT51p/358UMalk0weGYdLwMv60D/8uqodMb/DsQj7LJzMHsCWJIPJnXpFYli2FtjCDH9nfNZ0MaUnrAoZPzDTIF6O0FrhkmPHjyO9I+9twq6oaYEnZbn3ObA0n6MQBh/9/hFAw/GUCq9/p3+fvQdiXBhEp4LsEor2ta3D8PYK52XeoYZhH55hiTMLEBU1/dqhWoAbCeMw6mpDiFi5LnUJCLQkeuNVw1gvIiPWR2maT+ZTBkBov6hi6R5KQ8YdpyUfV12Dz5w4yd0
cookie: USRLOC=HS=1&ELOC=LAT=51.519901275634766|LON=-0.10880059748888016|N=London%2C%20Greater%20London|ELT=1|
cookie: SRCHHPGUSR=SRCHLANG=en&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=2898&DPR=1.0&UTC=0&PV=10.0
cookie: SRCHUSR=DOB=20250104&T=1735966859000
cookie: _C_ETH=1

Response

HTTP/2.0 200

last-modified: Tue, 24 Sep 2024 07:10:08 GMT
etag: 0x8DCDC67EC841DCF
content-length: 1343
content-type: text/css
content-encoding: br
content-md5: DnViWNsgH/Vlo3SrH5gEzg==
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: b0d2f135-b01e-004c-1989-192d8f000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cache-control: public, no-transform, max-age=370954
expires: Wed, 08 Jan 2025 12:03:35 GMT
date: Sat, 04 Jan 2025 05:01:01 GMT
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.d78f655f.1735966861.874da2d
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://www.bing.com/fd/ls/l?BF=MSJ1&IG=68C350558AEC472DBCCE420047970621&TYPE=Event.ClientInst&DATA=[{%22T%22:%22CI.BF%22,%22X%22:1}]

msedge.exe

Remote address:

95.101.143.219:443

Request

GET /fd/ls/l?BF=MSJ1&IG=68C350558AEC472DBCCE420047970621&TYPE=Event.ClientInst&DATA=[{%22T%22:%22CI.BF%22,%22X%22:1}] HTTP/2.0
host: www.bing.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.bing.com/search?q=virus+download&cvid=64ee3a2dc60c4392b2e0a454ecd64ada&aqs=edge.4.69i57j0l6.4251j0j4&FORM=ANAB01&PC=U531
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: MUID=3B406B6AF21B62053DD77E00F377634B
cookie: _EDGE_S=F=1&SID=0E7AE11C3C4A6FE33003F4763D266EE2
cookie: _EDGE_V=1
cookie: SRCHD=AF=ANAB01
cookie: SRCHUID=V=2&GUID=E38AAEEFBAA84E6BBDE5B51739698DBE&dmnchg=1
cookie: ak_bmsc=E4F717C62D6A03B55FE517A8758AAA35~000000000000000000000000000000~YAAQ149lX2nJJiiUAQAA1CGwLxowCFng3+AW5wE/0o+C0HCcGM8ZGE2iL/QiVQv5fx2BLuEMcPtkyZOcimwKvqhmjOV78DVtjMKBBIkOVWW/h2j37B1KaOsdxZAihsg8GT51p/358UMalk0weGYdLwMv60D/8uqodMb/DsQj7LJzMHsCWJIPJnXpFYli2FtjCDH9nfNZ0MaUnrAoZPzDTIF6O0FrhkmPHjyO9I+9twq6oaYEnZbn3ObA0n6MQBh/9/hFAw/GUCq9/p3+fvQdiXBhEp4LsEor2ta3D8PYK52XeoYZhH55hiTMLEBU1/dqhWoAbCeMw6mpDiFi5LnUJCLQkeuNVw1gvIiPWR2maT+ZTBkBov6hi6R5KQ8YdpyUfV12Dz5w4yd0
cookie: MUIDB=3B406B6AF21B62053DD77E00F377634B
cookie: USRLOC=HS=1&ELOC=LAT=51.519901275634766|LON=-0.10880059748888016|N=London%2C%20Greater%20London|ELT=1|
cookie: SRCHUSR=DOB=20250104&T=1735966859000
cookie: _C_ETH=1
cookie: _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2025-01-03T08:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2025-01-04T05:01:01.2211900+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=
cookie: _Rwho=u=d&ts=2025-01-04
cookie: _SS=PC=U531&SID=0E7AE11C3C4A6FE33003F4763D266EE2&R=3&RB=0&GB=0&RG=200&RP=0
cookie: SRCHHPGUSR=SRCHLANG=en&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=2898&DPR=1.0&UTC=0&PV=10.0&EXLTT=1

Response

HTTP/2.0 200

content-length: 0
access-control-allow-origin: *
date: Sat, 04 Jan 2025 05:01:01 GMT
alt-svc: h3=":443"; ma=93600
x-cdn-traceid: 0.d78f655f.1735966861.874dada
GET

https://www.bing.com/fd/ls/l?BF=MSJ0&IG=68C350558AEC472DBCCE420047970621&TYPE=Event.ClientInst&DATA=[{%22T%22:%22CI.BF%22,%22X%22:0}]

msedge.exe

Remote address:

95.101.143.219:443

Request

GET /fd/ls/l?BF=MSJ0&IG=68C350558AEC472DBCCE420047970621&TYPE=Event.ClientInst&DATA=[{%22T%22:%22CI.BF%22,%22X%22:0}] HTTP/2.0
host: www.bing.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.bing.com/search?q=virus+download&cvid=64ee3a2dc60c4392b2e0a454ecd64ada&aqs=edge.4.69i57j0l6.4251j0j4&FORM=ANAB01&PC=U531
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: MUID=3B406B6AF21B62053DD77E00F377634B
cookie: _EDGE_S=F=1&SID=0E7AE11C3C4A6FE33003F4763D266EE2
cookie: _EDGE_V=1
cookie: SRCHD=AF=ANAB01
cookie: SRCHUID=V=2&GUID=E38AAEEFBAA84E6BBDE5B51739698DBE&dmnchg=1
cookie: ak_bmsc=E4F717C62D6A03B55FE517A8758AAA35~000000000000000000000000000000~YAAQ149lX2nJJiiUAQAA1CGwLxowCFng3+AW5wE/0o+C0HCcGM8ZGE2iL/QiVQv5fx2BLuEMcPtkyZOcimwKvqhmjOV78DVtjMKBBIkOVWW/h2j37B1KaOsdxZAihsg8GT51p/358UMalk0weGYdLwMv60D/8uqodMb/DsQj7LJzMHsCWJIPJnXpFYli2FtjCDH9nfNZ0MaUnrAoZPzDTIF6O0FrhkmPHjyO9I+9twq6oaYEnZbn3ObA0n6MQBh/9/hFAw/GUCq9/p3+fvQdiXBhEp4LsEor2ta3D8PYK52XeoYZhH55hiTMLEBU1/dqhWoAbCeMw6mpDiFi5LnUJCLQkeuNVw1gvIiPWR2maT+ZTBkBov6hi6R5KQ8YdpyUfV12Dz5w4yd0
cookie: MUIDB=3B406B6AF21B62053DD77E00F377634B
cookie: USRLOC=HS=1&ELOC=LAT=51.519901275634766|LON=-0.10880059748888016|N=London%2C%20Greater%20London|ELT=1|
cookie: SRCHUSR=DOB=20250104&T=1735966859000
cookie: _C_ETH=1
cookie: _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2025-01-03T08:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2025-01-04T05:01:01.2211900+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=
cookie: _Rwho=u=d&ts=2025-01-04
cookie: _SS=PC=U531&SID=0E7AE11C3C4A6FE33003F4763D266EE2&R=3&RB=0&GB=0&RG=200&RP=0
cookie: SRCHHPGUSR=SRCHLANG=en&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=2898&DPR=1.0&UTC=0&PV=10.0&EXLTT=1

Response

HTTP/2.0 200

content-length: 0
access-control-allow-origin: *
date: Sat, 04 Jan 2025 05:01:01 GMT
alt-svc: h3=":443"; ma=93600
x-cdn-traceid: 0.d78f655f.1735966861.874dadb
POST

https://www.bing.com/fd/ls/lsp.aspx

msedge.exe

Remote address:

95.101.143.219:443

Request

POST /fd/ls/lsp.aspx HTTP/2.0
host: www.bing.com
content-length: 375
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
content-type: text/xml
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
accept: */*
origin: https://www.bing.com
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.bing.com/search?q=virus+download&cvid=64ee3a2dc60c4392b2e0a454ecd64ada&aqs=edge.4.69i57j0l6.4251j0j4&FORM=ANAB01&PC=U531
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: MUID=3B406B6AF21B62053DD77E00F377634B
cookie: _EDGE_S=F=1&SID=0E7AE11C3C4A6FE33003F4763D266EE2
cookie: _EDGE_V=1
cookie: SRCHD=AF=ANAB01
cookie: SRCHUID=V=2&GUID=E38AAEEFBAA84E6BBDE5B51739698DBE&dmnchg=1
cookie: ak_bmsc=E4F717C62D6A03B55FE517A8758AAA35~000000000000000000000000000000~YAAQ149lX2nJJiiUAQAA1CGwLxowCFng3+AW5wE/0o+C0HCcGM8ZGE2iL/QiVQv5fx2BLuEMcPtkyZOcimwKvqhmjOV78DVtjMKBBIkOVWW/h2j37B1KaOsdxZAihsg8GT51p/358UMalk0weGYdLwMv60D/8uqodMb/DsQj7LJzMHsCWJIPJnXpFYli2FtjCDH9nfNZ0MaUnrAoZPzDTIF6O0FrhkmPHjyO9I+9twq6oaYEnZbn3ObA0n6MQBh/9/hFAw/GUCq9/p3+fvQdiXBhEp4LsEor2ta3D8PYK52XeoYZhH55hiTMLEBU1/dqhWoAbCeMw6mpDiFi5LnUJCLQkeuNVw1gvIiPWR2maT+ZTBkBov6hi6R5KQ8YdpyUfV12Dz5w4yd0
cookie: MUIDB=3B406B6AF21B62053DD77E00F377634B
cookie: USRLOC=HS=1&ELOC=LAT=51.519901275634766|LON=-0.10880059748888016|N=London%2C%20Greater%20London|ELT=1|
cookie: SRCHUSR=DOB=20250104&T=1735966859000
cookie: _C_ETH=1
cookie: _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2025-01-03T08:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2025-01-04T05:01:01.2211900+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=
cookie: _Rwho=u=d&ts=2025-01-04
cookie: _SS=PC=U531&SID=0E7AE11C3C4A6FE33003F4763D266EE2&R=3&RB=0&GB=0&RG=200&RP=0
cookie: SRCHHPGUSR=SRCHLANG=en&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=2898&DPR=1.0&UTC=0&PV=10.0&EXLTT=1

Response

HTTP/2.0 204

access-control-allow-origin: *
date: Sat, 04 Jan 2025 05:01:01 GMT
alt-svc: h3=":443"; ma=93600
x-cdn-traceid: 0.d78f655f.1735966861.874db50
GET

https://www.bing.com/aes/c.gif?type=mv&tids=113,115,117&rg=3ff36ee753a44a948fb833edc7ed2a8a&reqver=1.0

msedge.exe

Remote address:

95.101.143.219:443

Request

GET /aes/c.gif?type=mv&tids=113,115,117&rg=3ff36ee753a44a948fb833edc7ed2a8a&reqver=1.0 HTTP/2.0
host: www.bing.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.bing.com/search?q=virus+download&cvid=64ee3a2dc60c4392b2e0a454ecd64ada&aqs=edge.4.69i57j0l6.4251j0j4&FORM=ANAB01&PC=U531
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: MUID=3B406B6AF21B62053DD77E00F377634B
cookie: _EDGE_S=F=1&SID=0E7AE11C3C4A6FE33003F4763D266EE2
cookie: _EDGE_V=1
cookie: SRCHD=AF=ANAB01
cookie: SRCHUID=V=2&GUID=E38AAEEFBAA84E6BBDE5B51739698DBE&dmnchg=1
cookie: ak_bmsc=E4F717C62D6A03B55FE517A8758AAA35~000000000000000000000000000000~YAAQ149lX2nJJiiUAQAA1CGwLxowCFng3+AW5wE/0o+C0HCcGM8ZGE2iL/QiVQv5fx2BLuEMcPtkyZOcimwKvqhmjOV78DVtjMKBBIkOVWW/h2j37B1KaOsdxZAihsg8GT51p/358UMalk0weGYdLwMv60D/8uqodMb/DsQj7LJzMHsCWJIPJnXpFYli2FtjCDH9nfNZ0MaUnrAoZPzDTIF6O0FrhkmPHjyO9I+9twq6oaYEnZbn3ObA0n6MQBh/9/hFAw/GUCq9/p3+fvQdiXBhEp4LsEor2ta3D8PYK52XeoYZhH55hiTMLEBU1/dqhWoAbCeMw6mpDiFi5LnUJCLQkeuNVw1gvIiPWR2maT+ZTBkBov6hi6R5KQ8YdpyUfV12Dz5w4yd0
cookie: MUIDB=3B406B6AF21B62053DD77E00F377634B
cookie: USRLOC=HS=1&ELOC=LAT=51.519901275634766|LON=-0.10880059748888016|N=London%2C%20Greater%20London|ELT=1|
cookie: SRCHUSR=DOB=20250104&T=1735966859000
cookie: _C_ETH=1
cookie: _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2025-01-03T08:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2025-01-04T05:01:01.2211900+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=
cookie: _Rwho=u=d&ts=2025-01-04
cookie: _SS=PC=U531&SID=0E7AE11C3C4A6FE33003F4763D266EE2&R=3&RB=0&GB=0&RG=200&RP=0
cookie: SRCHHPGUSR=SRCHLANG=en&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=2898&DPR=1.0&UTC=0&PV=10.0&EXLTT=1

Response

HTTP/2.0 200

cache-control: private,no-store
pragma: no-cache
vary: Origin
p3p: CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 47FAACE1AB0B4238A5FDF53E8D819929 Ref B: LON601060106025 Ref C: 2025-01-04T05:01:01Z
content-length: 0
date: Sat, 04 Jan 2025 05:01:01 GMT
alt-svc: h3=":443"; ma=93600
x-cdn-traceid: 0.d78f655f.1735966861.874db52
POST

https://www.bing.com/orgid/idtoken/conditional

msedge.exe

Remote address:

95.101.143.219:443

Request

POST /orgid/idtoken/conditional HTTP/2.0
host: www.bing.com
content-length: 693
cache-control: max-age=0
ect: 4g
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-arch: "x86"
sec-ch-ua-platform: "Windows"
sec-ch-ua-platform-version: "10.0"
sec-ch-ua-model: ""
origin: https://login.microsoftonline.com
upgrade-insecure-requests: 1
dnt: 1
content-type: application/x-www-form-urlencoded
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://login.microsoftonline.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: MUID=3B406B6AF21B62053DD77E00F377634B
cookie: SRCHD=AF=ANAB01
cookie: SRCHUID=V=2&GUID=E38AAEEFBAA84E6BBDE5B51739698DBE&dmnchg=1
cookie: USRLOC=HS=1&ELOC=LAT=51.519901275634766|LON=-0.10880059748888016|N=London%2C%20Greater%20London|ELT=1|
cookie: SRCHUSR=DOB=20250104&T=1735966859000
cookie: _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2025-01-03T08:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2025-01-04T05:01:01.2211900+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=
cookie: _Rwho=u=d&ts=2025-01-04
cookie: _SS=PC=U531&SID=0E7AE11C3C4A6FE33003F4763D266EE2&R=3&RB=0&GB=0&RG=200&RP=0
cookie: SRCHHPGUSR=SRCHLANG=en&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=2898&DPR=1.0&UTC=0&PV=10.0&EXLTT=1

Response

HTTP/2.0 200

cache-control: private
content-length: 1
content-type: text/html
content-encoding: br
vary: Accept-Encoding
p3p: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
x-eventid: 6778c08d478c47ee9fc6a65296e3a318
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, ECT, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
useragentreductionoptout: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
content-security-policy: script-src https: 'strict-dynamic' 'report-sample' 'wasm-unsafe-eval' 'nonce-dGEyvi8kYGGke7/hGkxPwPzNUJBnrgNd288hN5m7/xo='; base-uri 'self';report-to csp-endpoint
report-to: {"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
x-msedge-ref: Ref A: 75BAB6A07290479C881A836E9AC8347D Ref B: LON601060108062 Ref C: 2025-01-04T05:01:01Z
date: Sat, 04 Jan 2025 05:01:01 GMT
set-cookie: MUIDB=3B406B6AF21B62053DD77E00F377634B; expires=Thu, 29-Jan-2026 05:01:01 GMT; path=/; HttpOnly
set-cookie: _EDGE_S=SID=26B9202A3C8960C0104B35403D8F617D; domain=.bing.com; path=/; HttpOnly
alt-svc: h3=":443"; ma=93600
x-cdn-traceid: 0.d78f655f.1735966861.874dc34
GET

https://www.bing.com/fd/ls/l?IG=68C350558AEC472DBCCE420047970621&CID=3B406B6AF21B62053DD77E00F377634B&Type=Event.ClientInst&DATA=[{%22T%22:%22CI.FeedbackInit%22,%22FID%22:%22CI%22,%22Name%22:%22Feedback%22,%22Text%22:%22sb_feedback%22}]

msedge.exe

Remote address:

95.101.143.219:443

Request

GET /fd/ls/l?IG=68C350558AEC472DBCCE420047970621&CID=3B406B6AF21B62053DD77E00F377634B&Type=Event.ClientInst&DATA=[{%22T%22:%22CI.FeedbackInit%22,%22FID%22:%22CI%22,%22Name%22:%22Feedback%22,%22Text%22:%22sb_feedback%22}] HTTP/2.0
host: www.bing.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.bing.com/search?q=virus+download&cvid=64ee3a2dc60c4392b2e0a454ecd64ada&aqs=edge.4.69i57j0l6.4251j0j4&FORM=ANAB01&PC=U531
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: MUID=3B406B6AF21B62053DD77E00F377634B
cookie: _EDGE_S=F=1&SID=0E7AE11C3C4A6FE33003F4763D266EE2
cookie: _EDGE_V=1
cookie: SRCHD=AF=ANAB01
cookie: SRCHUID=V=2&GUID=E38AAEEFBAA84E6BBDE5B51739698DBE&dmnchg=1
cookie: ak_bmsc=E4F717C62D6A03B55FE517A8758AAA35~000000000000000000000000000000~YAAQ149lX2nJJiiUAQAA1CGwLxowCFng3+AW5wE/0o+C0HCcGM8ZGE2iL/QiVQv5fx2BLuEMcPtkyZOcimwKvqhmjOV78DVtjMKBBIkOVWW/h2j37B1KaOsdxZAihsg8GT51p/358UMalk0weGYdLwMv60D/8uqodMb/DsQj7LJzMHsCWJIPJnXpFYli2FtjCDH9nfNZ0MaUnrAoZPzDTIF6O0FrhkmPHjyO9I+9twq6oaYEnZbn3ObA0n6MQBh/9/hFAw/GUCq9/p3+fvQdiXBhEp4LsEor2ta3D8PYK52XeoYZhH55hiTMLEBU1/dqhWoAbCeMw6mpDiFi5LnUJCLQkeuNVw1gvIiPWR2maT+ZTBkBov6hi6R5KQ8YdpyUfV12Dz5w4yd0
cookie: MUIDB=3B406B6AF21B62053DD77E00F377634B
cookie: USRLOC=HS=1&ELOC=LAT=51.519901275634766|LON=-0.10880059748888016|N=London%2C%20Greater%20London|ELT=1|
cookie: SRCHUSR=DOB=20250104&T=1735966859000
cookie: _C_ETH=1
cookie: _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2025-01-03T08:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2025-01-04T05:01:01.2211900+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=
cookie: _Rwho=u=d&ts=2025-01-04
cookie: _SS=PC=U531&SID=0E7AE11C3C4A6FE33003F4763D266EE2&R=3&RB=0&GB=0&RG=200&RP=0
cookie: SRCHHPGUSR=SRCHLANG=en&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=2898&DPR=1.0&UTC=0&PV=10.0&EXLTT=1

Response

HTTP/2.0 200

content-length: 0
access-control-allow-origin: *
date: Sat, 04 Jan 2025 05:01:01 GMT
alt-svc: h3=":443"; ma=93600
x-cdn-traceid: 0.d78f655f.1735966861.874dc51
POST

https://www.bing.com/fd/ls/lsp.aspx?

msedge.exe

Remote address:

95.101.143.219:443

Request

POST /fd/ls/lsp.aspx? HTTP/2.0
host: www.bing.com
content-length: 265
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
content-type: text/plain;charset=UTF-8
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
accept: */*
origin: https://www.bing.com
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://www.bing.com/search?q=virus+download&cvid=64ee3a2dc60c4392b2e0a454ecd64ada&aqs=edge.4.69i57j0l6.4251j0j4&FORM=ANAB01&PC=U531
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: MUID=3B406B6AF21B62053DD77E00F377634B
cookie: _EDGE_S=F=1&SID=0E7AE11C3C4A6FE33003F4763D266EE2
cookie: _EDGE_V=1
cookie: SRCHD=AF=ANAB01
cookie: SRCHUID=V=2&GUID=E38AAEEFBAA84E6BBDE5B51739698DBE&dmnchg=1
cookie: ak_bmsc=E4F717C62D6A03B55FE517A8758AAA35~000000000000000000000000000000~YAAQ149lX2nJJiiUAQAA1CGwLxowCFng3+AW5wE/0o+C0HCcGM8ZGE2iL/QiVQv5fx2BLuEMcPtkyZOcimwKvqhmjOV78DVtjMKBBIkOVWW/h2j37B1KaOsdxZAihsg8GT51p/358UMalk0weGYdLwMv60D/8uqodMb/DsQj7LJzMHsCWJIPJnXpFYli2FtjCDH9nfNZ0MaUnrAoZPzDTIF6O0FrhkmPHjyO9I+9twq6oaYEnZbn3ObA0n6MQBh/9/hFAw/GUCq9/p3+fvQdiXBhEp4LsEor2ta3D8PYK52XeoYZhH55hiTMLEBU1/dqhWoAbCeMw6mpDiFi5LnUJCLQkeuNVw1gvIiPWR2maT+ZTBkBov6hi6R5KQ8YdpyUfV12Dz5w4yd0
cookie: MUIDB=3B406B6AF21B62053DD77E00F377634B
cookie: USRLOC=HS=1&ELOC=LAT=51.519901275634766|LON=-0.10880059748888016|N=London%2C%20Greater%20London|ELT=1|
cookie: SRCHUSR=DOB=20250104&T=1735966859000
cookie: _C_ETH=1
cookie: _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2025-01-03T08:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2025-01-04T05:01:01.2211900+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=
cookie: _Rwho=u=d&ts=2025-01-04
cookie: _SS=PC=U531&SID=0E7AE11C3C4A6FE33003F4763D266EE2&R=3&RB=0&GB=0&RG=200&RP=0
cookie: SRCHHPGUSR=SRCHLANG=en&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=2898&DPR=1.0&UTC=0&PV=10.0&EXLTT=1

Response

HTTP/2.0 204

access-control-allow-origin: *
date: Sat, 04 Jan 2025 05:01:01 GMT
alt-svc: h3=":443"; ma=93600
x-cdn-traceid: 0.d78f655f.1735966861.874dc64
GET

https://www.bing.com/fd/ls/l?IG=68C350558AEC472DBCCE420047970621&CID=3B406B6AF21B62053DD77E00F377634B&TYPE=Event.ClientInst&DATA=%5B%7B%22correlationId%22%3A%226778c08b9cec494cb76afc4c5a12c96e%22%2C%22T%22%3A%22CI.acclink%22%2C%22TS%22%3A1735966860412%2C%22Name%22%3A%22loadJsModule%22%2C%22FID%22%3A%22init%22%7D%2C%7B%22correlationId%22%3A%226778c08b9cec494cb76afc4c5a12c96e%22%2C%22T%22%3A%22CI.acclink%22%2C%22TS%22%3A1735966860412%2C%22Name%22%3A%22undirectflow%22%2C%22FID%22%3A%22init%22%7D%2C%7B%22T%22%3A%22CI.OpalUpsell%22%2C%22TS%22%3A1735966860476%2C%22Name%22%3A%22Show%22%2C%22FID%22%3A%22%22%7D%2C%7B%22T%22%3A%22CI.OpalUpsell%22%2C%22TS%22%3A1735966860476%2C%22Name%22%3A%22ShowBubble%22%2C%22FID%22%3A%22%22%7D%2C%7B%22osBuildVersion%22%3A%5B%2210%22%2C%220%22%2C%2219041%22%5D%2C%22isWin11OrHigher%22%3A%22false%22%2C%22fullOsBuild%22%3A%2210.0.19041%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1735966860527%2C%22Name%22%3A%22OSBuild%22%2C%22FID%22%3A%22OSBuild%22%7D%2C%7B%22Namespace%22%3A%22SearchHarder%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1735966860609%2C%22Name%22%3A%22ButtonVisible%22%2C%22FID%22%3A%22SearchHarderEntryPoint%22%7D%2C%7B%22T%22%3A%22CI.Tab%22%2C%22TS%22%3A1735966860755%2C%22Name%22%3A%221%22%2C%22FID%22%3A%22count%22%7D%2C%7B%22SuppressingFeature%22%3A%22lgVidAns%22%2C%22T%22%3A%22CI.LeftGutterUtility%22%2C%22TS%22%3A1735966860985%2C%22Name%22%3A%22LGSuppressed%22%2C%22FID%22%3A%22lgVidAns%22%7D%2C%7B%22T%22%3A%22CI.DevLoc%22%2C%22TS%22%3A1735966861042%2C%22Name%22%3A%22PromptDevLoc%22%2C%22FID%22%3A%22AutoPrompt%22%7D%5D

msedge.exe

Remote address:

95.101.143.219:443

Request

GET /fd/ls/l?IG=68C350558AEC472DBCCE420047970621&CID=3B406B6AF21B62053DD77E00F377634B&TYPE=Event.ClientInst&DATA=%5B%7B%22correlationId%22%3A%226778c08b9cec494cb76afc4c5a12c96e%22%2C%22T%22%3A%22CI.acclink%22%2C%22TS%22%3A1735966860412%2C%22Name%22%3A%22loadJsModule%22%2C%22FID%22%3A%22init%22%7D%2C%7B%22correlationId%22%3A%226778c08b9cec494cb76afc4c5a12c96e%22%2C%22T%22%3A%22CI.acclink%22%2C%22TS%22%3A1735966860412%2C%22Name%22%3A%22undirectflow%22%2C%22FID%22%3A%22init%22%7D%2C%7B%22T%22%3A%22CI.OpalUpsell%22%2C%22TS%22%3A1735966860476%2C%22Name%22%3A%22Show%22%2C%22FID%22%3A%22%22%7D%2C%7B%22T%22%3A%22CI.OpalUpsell%22%2C%22TS%22%3A1735966860476%2C%22Name%22%3A%22ShowBubble%22%2C%22FID%22%3A%22%22%7D%2C%7B%22osBuildVersion%22%3A%5B%2210%22%2C%220%22%2C%2219041%22%5D%2C%22isWin11OrHigher%22%3A%22false%22%2C%22fullOsBuild%22%3A%2210.0.19041%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1735966860527%2C%22Name%22%3A%22OSBuild%22%2C%22FID%22%3A%22OSBuild%22%7D%2C%7B%22Namespace%22%3A%22SearchHarder%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1735966860609%2C%22Name%22%3A%22ButtonVisible%22%2C%22FID%22%3A%22SearchHarderEntryPoint%22%7D%2C%7B%22T%22%3A%22CI.Tab%22%2C%22TS%22%3A1735966860755%2C%22Name%22%3A%221%22%2C%22FID%22%3A%22count%22%7D%2C%7B%22SuppressingFeature%22%3A%22lgVidAns%22%2C%22T%22%3A%22CI.LeftGutterUtility%22%2C%22TS%22%3A1735966860985%2C%22Name%22%3A%22LGSuppressed%22%2C%22FID%22%3A%22lgVidAns%22%7D%2C%7B%22T%22%3A%22CI.DevLoc%22%2C%22TS%22%3A1735966861042%2C%22Name%22%3A%22PromptDevLoc%22%2C%22FID%22%3A%22AutoPrompt%22%7D%5D HTTP/2.0
host: www.bing.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.bing.com/search?q=virus+download&cvid=64ee3a2dc60c4392b2e0a454ecd64ada&aqs=edge.4.69i57j0l6.4251j0j4&FORM=ANAB01&PC=U531
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: MUID=3B406B6AF21B62053DD77E00F377634B
cookie: _EDGE_S=F=1&SID=0E7AE11C3C4A6FE33003F4763D266EE2
cookie: _EDGE_V=1
cookie: SRCHD=AF=ANAB01
cookie: SRCHUID=V=2&GUID=E38AAEEFBAA84E6BBDE5B51739698DBE&dmnchg=1
cookie: ak_bmsc=E4F717C62D6A03B55FE517A8758AAA35~000000000000000000000000000000~YAAQ149lX2nJJiiUAQAA1CGwLxowCFng3+AW5wE/0o+C0HCcGM8ZGE2iL/QiVQv5fx2BLuEMcPtkyZOcimwKvqhmjOV78DVtjMKBBIkOVWW/h2j37B1KaOsdxZAihsg8GT51p/358UMalk0weGYdLwMv60D/8uqodMb/DsQj7LJzMHsCWJIPJnXpFYli2FtjCDH9nfNZ0MaUnrAoZPzDTIF6O0FrhkmPHjyO9I+9twq6oaYEnZbn3ObA0n6MQBh/9/hFAw/GUCq9/p3+fvQdiXBhEp4LsEor2ta3D8PYK52XeoYZhH55hiTMLEBU1/dqhWoAbCeMw6mpDiFi5LnUJCLQkeuNVw1gvIiPWR2maT+ZTBkBov6hi6R5KQ8YdpyUfV12Dz5w4yd0
cookie: MUIDB=3B406B6AF21B62053DD77E00F377634B
cookie: USRLOC=HS=1&ELOC=LAT=51.519901275634766|LON=-0.10880059748888016|N=London%2C%20Greater%20London|ELT=1|
cookie: SRCHUSR=DOB=20250104&T=1735966859000
cookie: _C_ETH=1
cookie: _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2025-01-03T08:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2025-01-04T05:01:01.2211900+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=
cookie: _Rwho=u=d&ts=2025-01-04
cookie: _SS=PC=U531&SID=0E7AE11C3C4A6FE33003F4763D266EE2&R=3&RB=0&GB=0&RG=200&RP=0
cookie: dsc=order=ShopOrderDefault
cookie: SRCHHPGUSR=SRCHLANG=en&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=2898&DPR=1.0&UTC=0&PV=10.0&EXLTT=1&HV=1735966861

Response

HTTP/2.0 200

content-type: image/jpeg
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
content-length: 13473
cache-control: public, max-age=1078046
date: Sat, 04 Jan 2025 05:01:01 GMT
x-cache: TCP_HIT from a95-101-143-215.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.d78f655f.1735966861.874dc82
x-check-cacheable: YES
GET

https://www.bing.com/fd/ls/l?IG=68C350558AEC472DBCCE420047970621&CID=3B406B6AF21B62053DD77E00F377634B&TYPE=Event.ClientInst&DATA=%5B%7B%22T%22%3A%22CI.DevLoc%22%2C%22TS%22%3A1735966861042%2C%22Name%22%3A%22Perm_Available%22%2C%22FID%22%3A%22AutoPrompt%22%7D%5D

msedge.exe

Remote address:

95.101.143.219:443

Request

GET /fd/ls/l?IG=68C350558AEC472DBCCE420047970621&CID=3B406B6AF21B62053DD77E00F377634B&TYPE=Event.ClientInst&DATA=%5B%7B%22T%22%3A%22CI.DevLoc%22%2C%22TS%22%3A1735966861042%2C%22Name%22%3A%22Perm_Available%22%2C%22FID%22%3A%22AutoPrompt%22%7D%5D HTTP/2.0
host: www.bing.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.bing.com/search?q=virus+download&cvid=64ee3a2dc60c4392b2e0a454ecd64ada&aqs=edge.4.69i57j0l6.4251j0j4&FORM=ANAB01&PC=U531
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: MUID=3B406B6AF21B62053DD77E00F377634B
cookie: _EDGE_S=F=1&SID=0E7AE11C3C4A6FE33003F4763D266EE2
cookie: _EDGE_V=1
cookie: SRCHD=AF=ANAB01
cookie: SRCHUID=V=2&GUID=E38AAEEFBAA84E6BBDE5B51739698DBE&dmnchg=1
cookie: ak_bmsc=E4F717C62D6A03B55FE517A8758AAA35~000000000000000000000000000000~YAAQ149lX2nJJiiUAQAA1CGwLxowCFng3+AW5wE/0o+C0HCcGM8ZGE2iL/QiVQv5fx2BLuEMcPtkyZOcimwKvqhmjOV78DVtjMKBBIkOVWW/h2j37B1KaOsdxZAihsg8GT51p/358UMalk0weGYdLwMv60D/8uqodMb/DsQj7LJzMHsCWJIPJnXpFYli2FtjCDH9nfNZ0MaUnrAoZPzDTIF6O0FrhkmPHjyO9I+9twq6oaYEnZbn3ObA0n6MQBh/9/hFAw/GUCq9/p3+fvQdiXBhEp4LsEor2ta3D8PYK52XeoYZhH55hiTMLEBU1/dqhWoAbCeMw6mpDiFi5LnUJCLQkeuNVw1gvIiPWR2maT+ZTBkBov6hi6R5KQ8YdpyUfV12Dz5w4yd0
cookie: MUIDB=3B406B6AF21B62053DD77E00F377634B
cookie: USRLOC=HS=1&ELOC=LAT=51.519901275634766|LON=-0.10880059748888016|N=London%2C%20Greater%20London|ELT=1|
cookie: SRCHUSR=DOB=20250104&T=1735966859000
cookie: _C_ETH=1
cookie: _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2025-01-03T08:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2025-01-04T05:01:01.2211900+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=
cookie: _Rwho=u=d&ts=2025-01-04
cookie: _SS=PC=U531&SID=0E7AE11C3C4A6FE33003F4763D266EE2&R=3&RB=0&GB=0&RG=200&RP=0
cookie: dsc=order=ShopOrderDefault
cookie: SRCHHPGUSR=SRCHLANG=en&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=2898&DPR=1.0&UTC=0&PV=10.0&EXLTT=1&HV=1735966861

Response

HTTP/2.0 200

cache-control: public, max-age=2592000
content-type: image/jpeg
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QWthbWFp"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
content-length: 30477
date: Sat, 04 Jan 2025 05:01:01 GMT
alt-svc: h3=":443"; ma=93600
x-cdn-traceid: 0.d78f655f.1735966861.874dc83
GET

https://www.bing.com/fd/ls/l?IG=68C350558AEC472DBCCE420047970621&CID=3B406B6AF21B62053DD77E00F377634B&TYPE=Event.ClientInst&DATA=%5B%7B%22Text%22%3A%220%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1735966861062%2C%22Name%22%3A%22web%22%2C%22FID%22%3A%22DynScopeRank%22%7D%2C%7B%22Text%22%3A%221%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1735966861062%2C%22Name%22%3A%22conv%22%2C%22FID%22%3A%22DynScopeRank%22%7D%2C%7B%22Text%22%3A%222%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1735966861062%2C%22Name%22%3A%22shop%22%2C%22FID%22%3A%22DynScopeRank%22%7D%2C%7B%22Text%22%3A%223%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1735966861062%2C%22Name%22%3A%22images%22%2C%22FID%22%3A%22DynScopeRank%22%7D%2C%7B%22Text%22%3A%224%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1735966861062%2C%22Name%22%3A%22video%22%2C%22FID%22%3A%22DynScopeRank%22%7D%2C%7B%22Text%22%3A%225%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1735966861062%2C%22Name%22%3A%22local%22%2C%22FID%22%3A%22DynScopeRank%22%7D%2C%7B%22Text%22%3A%226%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1735966861062%2C%22Name%22%3A%22news%22%2C%22FID%22%3A%22DynScopeRank%22%7D%2C%7B%22Text%22%3A%227%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1735966861062%2C%22Name%22%3A%22flights%22%2C%22FID%22%3A%22DynScopeRank%22%7D%2C%7B%22Text%22%3A%228%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1735966861062%2C%22Name%22%3A%22travelhub%22%2C%22FID%22%3A%22DynScopeRank%22%7D%2C%7B%22Text%22%3A%229%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1735966861062%2C%22Name%22%3A%22hotels%22%2C%22FID%22%3A%22DynScopeRank%22%7D%2C%7B%22Text%22%3A%2210%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1735966861062%2C%22Name%22%3A%22realestate%22%2C%22FID%22%3A%22DynScopeRank%22%7D%5D

msedge.exe

Remote address:

95.101.143.219:443

Request

GET /fd/ls/l?IG=68C350558AEC472DBCCE420047970621&CID=3B406B6AF21B62053DD77E00F377634B&TYPE=Event.ClientInst&DATA=%5B%7B%22Text%22%3A%220%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1735966861062%2C%22Name%22%3A%22web%22%2C%22FID%22%3A%22DynScopeRank%22%7D%2C%7B%22Text%22%3A%221%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1735966861062%2C%22Name%22%3A%22conv%22%2C%22FID%22%3A%22DynScopeRank%22%7D%2C%7B%22Text%22%3A%222%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1735966861062%2C%22Name%22%3A%22shop%22%2C%22FID%22%3A%22DynScopeRank%22%7D%2C%7B%22Text%22%3A%223%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1735966861062%2C%22Name%22%3A%22images%22%2C%22FID%22%3A%22DynScopeRank%22%7D%2C%7B%22Text%22%3A%224%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1735966861062%2C%22Name%22%3A%22video%22%2C%22FID%22%3A%22DynScopeRank%22%7D%2C%7B%22Text%22%3A%225%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1735966861062%2C%22Name%22%3A%22local%22%2C%22FID%22%3A%22DynScopeRank%22%7D%2C%7B%22Text%22%3A%226%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1735966861062%2C%22Name%22%3A%22news%22%2C%22FID%22%3A%22DynScopeRank%22%7D%2C%7B%22Text%22%3A%227%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1735966861062%2C%22Name%22%3A%22flights%22%2C%22FID%22%3A%22DynScopeRank%22%7D%2C%7B%22Text%22%3A%228%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1735966861062%2C%22Name%22%3A%22travelhub%22%2C%22FID%22%3A%22DynScopeRank%22%7D%2C%7B%22Text%22%3A%229%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1735966861062%2C%22Name%22%3A%22hotels%22%2C%22FID%22%3A%22DynScopeRank%22%7D%2C%7B%22Text%22%3A%2210%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1735966861062%2C%22Name%22%3A%22realestate%22%2C%22FID%22%3A%22DynScopeRank%22%7D%5D HTTP/2.0
host: www.bing.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.bing.com/search?q=virus+download&cvid=64ee3a2dc60c4392b2e0a454ecd64ada&aqs=edge.4.69i57j0l6.4251j0j4&FORM=ANAB01&PC=U531
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: MUID=3B406B6AF21B62053DD77E00F377634B
cookie: _EDGE_S=F=1&SID=0E7AE11C3C4A6FE33003F4763D266EE2
cookie: _EDGE_V=1
cookie: SRCHD=AF=ANAB01
cookie: SRCHUID=V=2&GUID=E38AAEEFBAA84E6BBDE5B51739698DBE&dmnchg=1
cookie: ak_bmsc=E4F717C62D6A03B55FE517A8758AAA35~000000000000000000000000000000~YAAQ149lX2nJJiiUAQAA1CGwLxowCFng3+AW5wE/0o+C0HCcGM8ZGE2iL/QiVQv5fx2BLuEMcPtkyZOcimwKvqhmjOV78DVtjMKBBIkOVWW/h2j37B1KaOsdxZAihsg8GT51p/358UMalk0weGYdLwMv60D/8uqodMb/DsQj7LJzMHsCWJIPJnXpFYli2FtjCDH9nfNZ0MaUnrAoZPzDTIF6O0FrhkmPHjyO9I+9twq6oaYEnZbn3ObA0n6MQBh/9/hFAw/GUCq9/p3+fvQdiXBhEp4LsEor2ta3D8PYK52XeoYZhH55hiTMLEBU1/dqhWoAbCeMw6mpDiFi5LnUJCLQkeuNVw1gvIiPWR2maT+ZTBkBov6hi6R5KQ8YdpyUfV12Dz5w4yd0
cookie: MUIDB=3B406B6AF21B62053DD77E00F377634B
cookie: USRLOC=HS=1&ELOC=LAT=51.519901275634766|LON=-0.10880059748888016|N=London%2C%20Greater%20London|ELT=1|
cookie: SRCHUSR=DOB=20250104&T=1735966859000
cookie: _C_ETH=1
cookie: _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2025-01-03T08:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2025-01-04T05:01:01.2211900+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=
cookie: _Rwho=u=d&ts=2025-01-04
cookie: _SS=PC=U531&SID=0E7AE11C3C4A6FE33003F4763D266EE2&R=3&RB=0&GB=0&RG=200&RP=0
cookie: dsc=order=ShopOrderDefault
cookie: SRCHHPGUSR=SRCHLANG=en&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=2898&DPR=1.0&UTC=0&PV=10.0&EXLTT=1&HV=1735966861

Response

HTTP/2.0 200

cache-control: private
content-length: 1
content-type: text/html
content-encoding: br
vary: Accept-Encoding
p3p: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
x-eventid: 6778c08d5efa4250a2900735cc3ce644
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, ECT, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
useragentreductionoptout: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
content-security-policy: script-src https: 'strict-dynamic' 'report-sample' 'wasm-unsafe-eval' 'nonce-gF3ltjwSFuaSKVgGY+ZwzPzJ0w2/Jy/n8A4bBOq32sE='; base-uri 'self';report-to csp-endpoint
report-to: {"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
x-msedge-ref: Ref A: 6EBC6BA8CF7A4F908D49D21DE8D0B371 Ref B: LON601060108052 Ref C: 2025-01-04T05:01:01Z
date: Sat, 04 Jan 2025 05:01:01 GMT
set-cookie: MUIDB=3B406B6AF21B62053DD77E00F377634B; expires=Thu, 29-Jan-2026 05:01:01 GMT; path=/; HttpOnly
set-cookie: USRLOC=HS=1&ELOC=LAT=51.519901275634766|LON=-0.10880059748888016|N=London%2C%20Greater%20London|ELT=1|&BLOCK=TS=250104050101; domain=.bing.com; expires=Thu, 29-Jan-2026 05:01:01 GMT; path=/; secure; HttpOnly; SameSite=None
alt-svc: h3=":443"; ma=93600
x-cdn-traceid: 0.d78f655f.1735966861.874dc89
GET

https://www.bing.com/fd/ls/l?IG=68C350558AEC472DBCCE420047970621&CID=3B406B6AF21B62053DD77E00F377634B&TYPE=Event.ClientInst&DATA=%5B%7B%22Fallback%22%3A%221%22%2C%22IsRewardUser%22%3A%22%22%2C%22IsAutoOpenFlyout%22%3A%22%22%2C%22SuppressionReason%22%3A%22NoTrigger%3AMuidTrialNotEnoughPoints%22%2C%22FID%22%3A%22ModernRewardsFlyout%22%2C%22EventName%22%3A%22AutoOpenFlyoutFired%22%2C%22T%22%3A%22CI.Init%22%2C%22TS%22%3A1735966861062%2C%22Name%22%3A%22AutoOpenFlyoutFired%22%7D%5D

msedge.exe

Remote address:

95.101.143.219:443

Request

GET /fd/ls/l?IG=68C350558AEC472DBCCE420047970621&CID=3B406B6AF21B62053DD77E00F377634B&TYPE=Event.ClientInst&DATA=%5B%7B%22Fallback%22%3A%221%22%2C%22IsRewardUser%22%3A%22%22%2C%22IsAutoOpenFlyout%22%3A%22%22%2C%22SuppressionReason%22%3A%22NoTrigger%3AMuidTrialNotEnoughPoints%22%2C%22FID%22%3A%22ModernRewardsFlyout%22%2C%22EventName%22%3A%22AutoOpenFlyoutFired%22%2C%22T%22%3A%22CI.Init%22%2C%22TS%22%3A1735966861062%2C%22Name%22%3A%22AutoOpenFlyoutFired%22%7D%5D HTTP/2.0
host: www.bing.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.bing.com/search?q=virus+download&cvid=64ee3a2dc60c4392b2e0a454ecd64ada&aqs=edge.4.69i57j0l6.4251j0j4&FORM=ANAB01&PC=U531
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: MUID=3B406B6AF21B62053DD77E00F377634B
cookie: _EDGE_S=F=1&SID=0E7AE11C3C4A6FE33003F4763D266EE2
cookie: _EDGE_V=1
cookie: SRCHD=AF=ANAB01
cookie: SRCHUID=V=2&GUID=E38AAEEFBAA84E6BBDE5B51739698DBE&dmnchg=1
cookie: ak_bmsc=E4F717C62D6A03B55FE517A8758AAA35~000000000000000000000000000000~YAAQ149lX2nJJiiUAQAA1CGwLxowCFng3+AW5wE/0o+C0HCcGM8ZGE2iL/QiVQv5fx2BLuEMcPtkyZOcimwKvqhmjOV78DVtjMKBBIkOVWW/h2j37B1KaOsdxZAihsg8GT51p/358UMalk0weGYdLwMv60D/8uqodMb/DsQj7LJzMHsCWJIPJnXpFYli2FtjCDH9nfNZ0MaUnrAoZPzDTIF6O0FrhkmPHjyO9I+9twq6oaYEnZbn3ObA0n6MQBh/9/hFAw/GUCq9/p3+fvQdiXBhEp4LsEor2ta3D8PYK52XeoYZhH55hiTMLEBU1/dqhWoAbCeMw6mpDiFi5LnUJCLQkeuNVw1gvIiPWR2maT+ZTBkBov6hi6R5KQ8YdpyUfV12Dz5w4yd0
cookie: MUIDB=3B406B6AF21B62053DD77E00F377634B
cookie: USRLOC=HS=1&ELOC=LAT=51.519901275634766|LON=-0.10880059748888016|N=London%2C%20Greater%20London|ELT=1|
cookie: SRCHUSR=DOB=20250104&T=1735966859000
cookie: _C_ETH=1
cookie: _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2025-01-03T08:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2025-01-04T05:01:01.2211900+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=
cookie: _Rwho=u=d&ts=2025-01-04
cookie: _SS=PC=U531&SID=0E7AE11C3C4A6FE33003F4763D266EE2&R=3&RB=0&GB=0&RG=200&RP=0
cookie: dsc=order=ShopOrderDefault
cookie: SRCHHPGUSR=SRCHLANG=en&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=2898&DPR=1.0&UTC=0&PV=10.0&EXLTT=1&HV=1735966861

Response

HTTP/2.0 200

content-length: 0
access-control-allow-origin: *
date: Sat, 04 Jan 2025 05:01:01 GMT
alt-svc: h3=":443"; ma=93600
x-cdn-traceid: 0.d78f655f.1735966861.874dc7e
GET

https://th.bing.com/th?id=OVP.4NUdTIdaDS1ch-hbwNeS-wHgFo&w=608&h=342&c=7&rs=1&qlt=90&o=6&pid=1.7

msedge.exe

Remote address:

95.101.143.219:443

Request

GET /th?id=OVP.4NUdTIdaDS1ch-hbwNeS-wHgFo&w=608&h=342&c=7&rs=1&qlt=90&o=6&pid=1.7 HTTP/2.0
host: th.bing.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: MUID=3B406B6AF21B62053DD77E00F377634B
cookie: _EDGE_S=F=1&SID=0E7AE11C3C4A6FE33003F4763D266EE2
cookie: _EDGE_V=1
cookie: SRCHD=AF=ANAB01
cookie: SRCHUID=V=2&GUID=E38AAEEFBAA84E6BBDE5B51739698DBE&dmnchg=1
cookie: ak_bmsc=E4F717C62D6A03B55FE517A8758AAA35~000000000000000000000000000000~YAAQ149lX2nJJiiUAQAA1CGwLxowCFng3+AW5wE/0o+C0HCcGM8ZGE2iL/QiVQv5fx2BLuEMcPtkyZOcimwKvqhmjOV78DVtjMKBBIkOVWW/h2j37B1KaOsdxZAihsg8GT51p/358UMalk0weGYdLwMv60D/8uqodMb/DsQj7LJzMHsCWJIPJnXpFYli2FtjCDH9nfNZ0MaUnrAoZPzDTIF6O0FrhkmPHjyO9I+9twq6oaYEnZbn3ObA0n6MQBh/9/hFAw/GUCq9/p3+fvQdiXBhEp4LsEor2ta3D8PYK52XeoYZhH55hiTMLEBU1/dqhWoAbCeMw6mpDiFi5LnUJCLQkeuNVw1gvIiPWR2maT+ZTBkBov6hi6R5KQ8YdpyUfV12Dz5w4yd0
cookie: USRLOC=HS=1&ELOC=LAT=51.519901275634766|LON=-0.10880059748888016|N=London%2C%20Greater%20London|ELT=1|
cookie: SRCHUSR=DOB=20250104&T=1735966859000
cookie: _C_ETH=1
cookie: _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2025-01-03T08:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2025-01-04T05:01:01.2211900+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=
cookie: _Rwho=u=d&ts=2025-01-04
cookie: _SS=PC=U531&SID=0E7AE11C3C4A6FE33003F4763D266EE2&R=3&RB=0&GB=0&RG=200&RP=0
cookie: dsc=order=ShopOrderDefault
cookie: SRCHHPGUSR=SRCHLANG=en&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=2898&DPR=1.0&UTC=0&PV=10.0&EXLTT=1&HV=1735966861

Response

HTTP/2.0 200

content-length: 0
access-control-allow-origin: *
date: Sat, 04 Jan 2025 05:01:01 GMT
alt-svc: h3=":443"; ma=93600
x-cdn-traceid: 0.d78f655f.1735966861.874dc7f
GET

https://th.bing.com/th?id=OVP.KEJlnOfnSJEp5nu-lGrTyQHgFo&w=197&h=110&c=7&rs=1&qlt=90&o=6&pid=1.7

msedge.exe

Remote address:

95.101.143.219:443

Request

GET /th?id=OVP.KEJlnOfnSJEp5nu-lGrTyQHgFo&w=197&h=110&c=7&rs=1&qlt=90&o=6&pid=1.7 HTTP/2.0
host: th.bing.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: MUID=3B406B6AF21B62053DD77E00F377634B
cookie: _EDGE_S=F=1&SID=0E7AE11C3C4A6FE33003F4763D266EE2
cookie: _EDGE_V=1
cookie: SRCHD=AF=ANAB01
cookie: SRCHUID=V=2&GUID=E38AAEEFBAA84E6BBDE5B51739698DBE&dmnchg=1
cookie: ak_bmsc=E4F717C62D6A03B55FE517A8758AAA35~000000000000000000000000000000~YAAQ149lX2nJJiiUAQAA1CGwLxowCFng3+AW5wE/0o+C0HCcGM8ZGE2iL/QiVQv5fx2BLuEMcPtkyZOcimwKvqhmjOV78DVtjMKBBIkOVWW/h2j37B1KaOsdxZAihsg8GT51p/358UMalk0weGYdLwMv60D/8uqodMb/DsQj7LJzMHsCWJIPJnXpFYli2FtjCDH9nfNZ0MaUnrAoZPzDTIF6O0FrhkmPHjyO9I+9twq6oaYEnZbn3ObA0n6MQBh/9/hFAw/GUCq9/p3+fvQdiXBhEp4LsEor2ta3D8PYK52XeoYZhH55hiTMLEBU1/dqhWoAbCeMw6mpDiFi5LnUJCLQkeuNVw1gvIiPWR2maT+ZTBkBov6hi6R5KQ8YdpyUfV12Dz5w4yd0
cookie: USRLOC=HS=1&ELOC=LAT=51.519901275634766|LON=-0.10880059748888016|N=London%2C%20Greater%20London|ELT=1|
cookie: SRCHUSR=DOB=20250104&T=1735966859000
cookie: _C_ETH=1
cookie: _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2025-01-03T08:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2025-01-04T05:01:01.2211900+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=
cookie: _Rwho=u=d&ts=2025-01-04
cookie: _SS=PC=U531&SID=0E7AE11C3C4A6FE33003F4763D266EE2&R=3&RB=0&GB=0&RG=200&RP=0
cookie: dsc=order=ShopOrderDefault
cookie: SRCHHPGUSR=SRCHLANG=en&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=2898&DPR=1.0&UTC=0&PV=10.0&EXLTT=1&HV=1735966861

Response

HTTP/2.0 200

content-length: 0
access-control-allow-origin: *
date: Sat, 04 Jan 2025 05:01:01 GMT
alt-svc: h3=":443"; ma=93600
x-cdn-traceid: 0.d78f655f.1735966861.874dc80
GET

https://www.bing.com/th?id=OADD2.7284297676182_15L4A8GIHLMNPZ7P8I&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=296&h=154&rs=0&qlt=100

msedge.exe

Remote address:

95.101.143.219:443

Request

GET /th?id=OADD2.7284297676182_15L4A8GIHLMNPZ7P8I&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=296&h=154&rs=0&qlt=100 HTTP/2.0
host: www.bing.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.bing.com/search?q=virus+download&cvid=64ee3a2dc60c4392b2e0a454ecd64ada&aqs=edge.4.69i57j0l6.4251j0j4&FORM=ANAB01&PC=U531
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: MUID=3B406B6AF21B62053DD77E00F377634B
cookie: _EDGE_S=F=1&SID=0E7AE11C3C4A6FE33003F4763D266EE2
cookie: _EDGE_V=1
cookie: SRCHD=AF=ANAB01
cookie: SRCHUID=V=2&GUID=E38AAEEFBAA84E6BBDE5B51739698DBE&dmnchg=1
cookie: ak_bmsc=E4F717C62D6A03B55FE517A8758AAA35~000000000000000000000000000000~YAAQ149lX2nJJiiUAQAA1CGwLxowCFng3+AW5wE/0o+C0HCcGM8ZGE2iL/QiVQv5fx2BLuEMcPtkyZOcimwKvqhmjOV78DVtjMKBBIkOVWW/h2j37B1KaOsdxZAihsg8GT51p/358UMalk0weGYdLwMv60D/8uqodMb/DsQj7LJzMHsCWJIPJnXpFYli2FtjCDH9nfNZ0MaUnrAoZPzDTIF6O0FrhkmPHjyO9I+9twq6oaYEnZbn3ObA0n6MQBh/9/hFAw/GUCq9/p3+fvQdiXBhEp4LsEor2ta3D8PYK52XeoYZhH55hiTMLEBU1/dqhWoAbCeMw6mpDiFi5LnUJCLQkeuNVw1gvIiPWR2maT+ZTBkBov6hi6R5KQ8YdpyUfV12Dz5w4yd0
cookie: MUIDB=3B406B6AF21B62053DD77E00F377634B
cookie: USRLOC=HS=1&ELOC=LAT=51.519901275634766|LON=-0.10880059748888016|N=London%2C%20Greater%20London|ELT=1|
cookie: SRCHUSR=DOB=20250104&T=1735966859000
cookie: _C_ETH=1
cookie: _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2025-01-03T08:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2025-01-04T05:01:01.2211900+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=
cookie: _Rwho=u=d&ts=2025-01-04
cookie: _SS=PC=U531&SID=0E7AE11C3C4A6FE33003F4763D266EE2&R=3&RB=0&GB=0&RG=200&RP=0
cookie: dsc=order=ShopOrderDefault
cookie: SRCHHPGUSR=SRCHLANG=en&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=2898&DPR=1.0&UTC=0&PV=10.0&EXLTT=1&HV=1735966861

Response

HTTP/2.0 200

content-length: 0
access-control-allow-origin: *
date: Sat, 04 Jan 2025 05:01:01 GMT
alt-svc: h3=":443"; ma=93600
x-cdn-traceid: 0.d78f655f.1735966861.874dc8a
GET

https://www.bing.com/geolocation/write?isBlocked=true&sid=0E7AE11C3C4A6FE33003F4763D266EE2&clientsid=undefined

msedge.exe

Remote address:

95.101.143.219:443

Request

GET /geolocation/write?isBlocked=true&sid=0E7AE11C3C4A6FE33003F4763D266EE2&clientsid=undefined HTTP/2.0
host: www.bing.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.bing.com/search?q=virus+download&cvid=64ee3a2dc60c4392b2e0a454ecd64ada&aqs=edge.4.69i57j0l6.4251j0j4&FORM=ANAB01&PC=U531
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: MUID=3B406B6AF21B62053DD77E00F377634B
cookie: _EDGE_S=F=1&SID=0E7AE11C3C4A6FE33003F4763D266EE2
cookie: _EDGE_V=1
cookie: SRCHD=AF=ANAB01
cookie: SRCHUID=V=2&GUID=E38AAEEFBAA84E6BBDE5B51739698DBE&dmnchg=1
cookie: ak_bmsc=E4F717C62D6A03B55FE517A8758AAA35~000000000000000000000000000000~YAAQ149lX2nJJiiUAQAA1CGwLxowCFng3+AW5wE/0o+C0HCcGM8ZGE2iL/QiVQv5fx2BLuEMcPtkyZOcimwKvqhmjOV78DVtjMKBBIkOVWW/h2j37B1KaOsdxZAihsg8GT51p/358UMalk0weGYdLwMv60D/8uqodMb/DsQj7LJzMHsCWJIPJnXpFYli2FtjCDH9nfNZ0MaUnrAoZPzDTIF6O0FrhkmPHjyO9I+9twq6oaYEnZbn3ObA0n6MQBh/9/hFAw/GUCq9/p3+fvQdiXBhEp4LsEor2ta3D8PYK52XeoYZhH55hiTMLEBU1/dqhWoAbCeMw6mpDiFi5LnUJCLQkeuNVw1gvIiPWR2maT+ZTBkBov6hi6R5KQ8YdpyUfV12Dz5w4yd0
cookie: MUIDB=3B406B6AF21B62053DD77E00F377634B
cookie: USRLOC=HS=1&ELOC=LAT=51.519901275634766|LON=-0.10880059748888016|N=London%2C%20Greater%20London|ELT=1|
cookie: SRCHUSR=DOB=20250104&T=1735966859000
cookie: _C_ETH=1
cookie: _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2025-01-03T08:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2025-01-04T05:01:01.2211900+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=
cookie: _Rwho=u=d&ts=2025-01-04
cookie: _SS=PC=U531&SID=0E7AE11C3C4A6FE33003F4763D266EE2&R=3&RB=0&GB=0&RG=200&RP=0
cookie: dsc=order=ShopOrderDefault
cookie: SRCHHPGUSR=SRCHLANG=en&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=2898&DPR=1.0&UTC=0&PV=10.0&EXLTT=1&HV=1735966861

Response

HTTP/2.0 200

content-length: 0
access-control-allow-origin: *
date: Sat, 04 Jan 2025 05:01:01 GMT
alt-svc: h3=":443"; ma=93600
x-cdn-traceid: 0.d78f655f.1735966861.874dc8b
GET

https://www.bing.com/fd/ls/l?IG=68C350558AEC472DBCCE420047970621&CID=3B406B6AF21B62053DD77E00F377634B&TYPE=Event.ClientInst&DATA=%5B%7B%22T%22%3A%22CI.DevLoc%22%2C%22TS%22%3A1735966861070%2C%22Name%22%3A%22Perm_Denied%22%2C%22FID%22%3A%22AutoPrompt%22%7D%5D

msedge.exe

Remote address:

95.101.143.219:443

Request

GET /fd/ls/l?IG=68C350558AEC472DBCCE420047970621&CID=3B406B6AF21B62053DD77E00F377634B&TYPE=Event.ClientInst&DATA=%5B%7B%22T%22%3A%22CI.DevLoc%22%2C%22TS%22%3A1735966861070%2C%22Name%22%3A%22Perm_Denied%22%2C%22FID%22%3A%22AutoPrompt%22%7D%5D HTTP/2.0
host: www.bing.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.bing.com/search?q=virus+download&cvid=64ee3a2dc60c4392b2e0a454ecd64ada&aqs=edge.4.69i57j0l6.4251j0j4&FORM=ANAB01&PC=U531
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: MUID=3B406B6AF21B62053DD77E00F377634B
cookie: _EDGE_S=F=1&SID=0E7AE11C3C4A6FE33003F4763D266EE2
cookie: _EDGE_V=1
cookie: SRCHD=AF=ANAB01
cookie: SRCHUID=V=2&GUID=E38AAEEFBAA84E6BBDE5B51739698DBE&dmnchg=1
cookie: ak_bmsc=E4F717C62D6A03B55FE517A8758AAA35~000000000000000000000000000000~YAAQ149lX2nJJiiUAQAA1CGwLxowCFng3+AW5wE/0o+C0HCcGM8ZGE2iL/QiVQv5fx2BLuEMcPtkyZOcimwKvqhmjOV78DVtjMKBBIkOVWW/h2j37B1KaOsdxZAihsg8GT51p/358UMalk0weGYdLwMv60D/8uqodMb/DsQj7LJzMHsCWJIPJnXpFYli2FtjCDH9nfNZ0MaUnrAoZPzDTIF6O0FrhkmPHjyO9I+9twq6oaYEnZbn3ObA0n6MQBh/9/hFAw/GUCq9/p3+fvQdiXBhEp4LsEor2ta3D8PYK52XeoYZhH55hiTMLEBU1/dqhWoAbCeMw6mpDiFi5LnUJCLQkeuNVw1gvIiPWR2maT+ZTBkBov6hi6R5KQ8YdpyUfV12Dz5w4yd0
cookie: MUIDB=3B406B6AF21B62053DD77E00F377634B
cookie: USRLOC=HS=1&ELOC=LAT=51.519901275634766|LON=-0.10880059748888016|N=London%2C%20Greater%20London|ELT=1|
cookie: SRCHUSR=DOB=20250104&T=1735966859000
cookie: _C_ETH=1
cookie: _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2025-01-03T08:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2025-01-04T05:01:01.2211900+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=
cookie: _Rwho=u=d&ts=2025-01-04
cookie: _SS=PC=U531&SID=0E7AE11C3C4A6FE33003F4763D266EE2&R=3&RB=0&GB=0&RG=200&RP=0
cookie: dsc=order=ShopOrderDefault
cookie: SRCHHPGUSR=SRCHLANG=en&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=2898&DPR=1.0&UTC=0&PV=10.0&EXLTT=1&HV=1735966861

Response

HTTP/2.0 200

content-length: 0
access-control-allow-origin: *
date: Sat, 04 Jan 2025 05:01:01 GMT
alt-svc: h3=":443"; ma=93600
x-cdn-traceid: 0.d78f655f.1735966861.874dc7c
GET

https://www.bing.com/fd/ls/l?IG=68C350558AEC472DBCCE420047970621&CID=3B406B6AF21B62053DD77E00F377634B&TYPE=Event.ClientInst&DATA=%5B%7B%22T%22%3A%22CI.DevLoc%22%2C%22TS%22%3A1735966861070%2C%22Name%22%3A%22block%22%2C%22FID%22%3A%22AutoPrompt%22%7D%5D

msedge.exe

Remote address:

95.101.143.219:443

Request

GET /fd/ls/l?IG=68C350558AEC472DBCCE420047970621&CID=3B406B6AF21B62053DD77E00F377634B&TYPE=Event.ClientInst&DATA=%5B%7B%22T%22%3A%22CI.DevLoc%22%2C%22TS%22%3A1735966861070%2C%22Name%22%3A%22block%22%2C%22FID%22%3A%22AutoPrompt%22%7D%5D HTTP/2.0
host: www.bing.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.bing.com/search?q=virus+download&cvid=64ee3a2dc60c4392b2e0a454ecd64ada&aqs=edge.4.69i57j0l6.4251j0j4&FORM=ANAB01&PC=U531
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: MUID=3B406B6AF21B62053DD77E00F377634B
cookie: _EDGE_S=F=1&SID=0E7AE11C3C4A6FE33003F4763D266EE2
cookie: _EDGE_V=1
cookie: SRCHD=AF=ANAB01
cookie: SRCHUID=V=2&GUID=E38AAEEFBAA84E6BBDE5B51739698DBE&dmnchg=1
cookie: ak_bmsc=E4F717C62D6A03B55FE517A8758AAA35~000000000000000000000000000000~YAAQ149lX2nJJiiUAQAA1CGwLxowCFng3+AW5wE/0o+C0HCcGM8ZGE2iL/QiVQv5fx2BLuEMcPtkyZOcimwKvqhmjOV78DVtjMKBBIkOVWW/h2j37B1KaOsdxZAihsg8GT51p/358UMalk0weGYdLwMv60D/8uqodMb/DsQj7LJzMHsCWJIPJnXpFYli2FtjCDH9nfNZ0MaUnrAoZPzDTIF6O0FrhkmPHjyO9I+9twq6oaYEnZbn3ObA0n6MQBh/9/hFAw/GUCq9/p3+fvQdiXBhEp4LsEor2ta3D8PYK52XeoYZhH55hiTMLEBU1/dqhWoAbCeMw6mpDiFi5LnUJCLQkeuNVw1gvIiPWR2maT+ZTBkBov6hi6R5KQ8YdpyUfV12Dz5w4yd0
cookie: MUIDB=3B406B6AF21B62053DD77E00F377634B
cookie: USRLOC=HS=1&ELOC=LAT=51.519901275634766|LON=-0.10880059748888016|N=London%2C%20Greater%20London|ELT=1|
cookie: SRCHUSR=DOB=20250104&T=1735966859000
cookie: _C_ETH=1
cookie: _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2025-01-03T08:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2025-01-04T05:01:01.2211900+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=
cookie: _Rwho=u=d&ts=2025-01-04
cookie: _SS=PC=U531&SID=0E7AE11C3C4A6FE33003F4763D266EE2&R=3&RB=0&GB=0&RG=200&RP=0
cookie: dsc=order=ShopOrderDefault
cookie: SRCHHPGUSR=SRCHLANG=en&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=2898&DPR=1.0&UTC=0&PV=10.0&EXLTT=1&HV=1735966861

Response

HTTP/2.0 200

content-type: image/jpeg
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
content-length: 83160
x-check-cacheable: YES
cache-control: public, max-age=1075853
date: Sat, 04 Jan 2025 05:01:01 GMT
x-cache: TCP_MISS from a95-101-143-215.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.d78f655f.1735966861.874dc81
GET

https://www.bing.com/fd/ls/l?IG=68C350558AEC472DBCCE420047970621&CID=3B406B6AF21B62053DD77E00F377634B&TYPE=Event.ClientInst&DATA=%5B%7B%22T%22%3A%22CI.DevLoc%22%2C%22TS%22%3A1735966861070%2C%22Name%22%3A%22tryBlock%22%2C%22FID%22%3A%22AutoPrompt%22%7D%5D

msedge.exe

Remote address:

95.101.143.219:443

Request

GET /fd/ls/l?IG=68C350558AEC472DBCCE420047970621&CID=3B406B6AF21B62053DD77E00F377634B&TYPE=Event.ClientInst&DATA=%5B%7B%22T%22%3A%22CI.DevLoc%22%2C%22TS%22%3A1735966861070%2C%22Name%22%3A%22tryBlock%22%2C%22FID%22%3A%22AutoPrompt%22%7D%5D HTTP/2.0
host: www.bing.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.bing.com/search?q=virus+download&cvid=64ee3a2dc60c4392b2e0a454ecd64ada&aqs=edge.4.69i57j0l6.4251j0j4&FORM=ANAB01&PC=U531
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: MUID=3B406B6AF21B62053DD77E00F377634B
cookie: _EDGE_S=F=1&SID=0E7AE11C3C4A6FE33003F4763D266EE2
cookie: _EDGE_V=1
cookie: SRCHD=AF=ANAB01
cookie: SRCHUID=V=2&GUID=E38AAEEFBAA84E6BBDE5B51739698DBE&dmnchg=1
cookie: ak_bmsc=E4F717C62D6A03B55FE517A8758AAA35~000000000000000000000000000000~YAAQ149lX2nJJiiUAQAA1CGwLxowCFng3+AW5wE/0o+C0HCcGM8ZGE2iL/QiVQv5fx2BLuEMcPtkyZOcimwKvqhmjOV78DVtjMKBBIkOVWW/h2j37B1KaOsdxZAihsg8GT51p/358UMalk0weGYdLwMv60D/8uqodMb/DsQj7LJzMHsCWJIPJnXpFYli2FtjCDH9nfNZ0MaUnrAoZPzDTIF6O0FrhkmPHjyO9I+9twq6oaYEnZbn3ObA0n6MQBh/9/hFAw/GUCq9/p3+fvQdiXBhEp4LsEor2ta3D8PYK52XeoYZhH55hiTMLEBU1/dqhWoAbCeMw6mpDiFi5LnUJCLQkeuNVw1gvIiPWR2maT+ZTBkBov6hi6R5KQ8YdpyUfV12Dz5w4yd0
cookie: MUIDB=3B406B6AF21B62053DD77E00F377634B
cookie: USRLOC=HS=1&ELOC=LAT=51.519901275634766|LON=-0.10880059748888016|N=London%2C%20Greater%20London|ELT=1|
cookie: SRCHUSR=DOB=20250104&T=1735966859000
cookie: _C_ETH=1
cookie: _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2025-01-03T08:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2025-01-04T05:01:01.2211900+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=
cookie: _Rwho=u=d&ts=2025-01-04
cookie: _SS=PC=U531&SID=0E7AE11C3C4A6FE33003F4763D266EE2&R=3&RB=0&GB=0&RG=200&RP=0
cookie: dsc=order=ShopOrderDefault
cookie: SRCHHPGUSR=SRCHLANG=en&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=2898&DPR=1.0&UTC=0&PV=10.0&EXLTT=1&HV=1735966861

Response

HTTP/2.0 200

content-length: 0
access-control-allow-origin: *
date: Sat, 04 Jan 2025 05:01:01 GMT
alt-svc: h3=":443"; ma=93600
x-cdn-traceid: 0.d78f655f.1735966861.874dc8c
GET

https://www.bing.com/fd/ls/l?IG=68C350558AEC472DBCCE420047970621&CID=3B406B6AF21B62053DD77E00F377634B&TYPE=Event.ClientInst&DATA=%5B%7B%22T%22%3A%22CI.ASBundleLoad%22%2C%22TS%22%3A1735966861138%2C%22Name%22%3A%22AutoSuggestBootstrap%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22LoadTime%22%3A%22750%22%2C%22T%22%3A%22CI.AutosuggestBootstrapLoaded%22%2C%22TS%22%3A1735966861142%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22LoadTime%22%3A%222190%22%2C%22T%22%3A%22CI.AutosuggestJSBundleLoaded%22%2C%22TS%22%3A1735966861142%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22T%22%3A%22CI.DevLoc%22%2C%22TS%22%3A1735966861172%2C%22Name%22%3A%22BlockSuccess%22%2C%22FID%22%3A%22AutoPrompt%22%7D%5D

msedge.exe

Remote address:

95.101.143.219:443

Request

GET /fd/ls/l?IG=68C350558AEC472DBCCE420047970621&CID=3B406B6AF21B62053DD77E00F377634B&TYPE=Event.ClientInst&DATA=%5B%7B%22T%22%3A%22CI.ASBundleLoad%22%2C%22TS%22%3A1735966861138%2C%22Name%22%3A%22AutoSuggestBootstrap%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22LoadTime%22%3A%22750%22%2C%22T%22%3A%22CI.AutosuggestBootstrapLoaded%22%2C%22TS%22%3A1735966861142%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22LoadTime%22%3A%222190%22%2C%22T%22%3A%22CI.AutosuggestJSBundleLoaded%22%2C%22TS%22%3A1735966861142%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22T%22%3A%22CI.DevLoc%22%2C%22TS%22%3A1735966861172%2C%22Name%22%3A%22BlockSuccess%22%2C%22FID%22%3A%22AutoPrompt%22%7D%5D HTTP/2.0
host: www.bing.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.bing.com/search?q=virus+download&cvid=64ee3a2dc60c4392b2e0a454ecd64ada&aqs=edge.4.69i57j0l6.4251j0j4&FORM=ANAB01&PC=U531
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: MUID=3B406B6AF21B62053DD77E00F377634B
cookie: _EDGE_S=F=1&SID=0E7AE11C3C4A6FE33003F4763D266EE2
cookie: _EDGE_V=1
cookie: SRCHD=AF=ANAB01
cookie: SRCHUID=V=2&GUID=E38AAEEFBAA84E6BBDE5B51739698DBE&dmnchg=1
cookie: ak_bmsc=E4F717C62D6A03B55FE517A8758AAA35~000000000000000000000000000000~YAAQ149lX2nJJiiUAQAA1CGwLxowCFng3+AW5wE/0o+C0HCcGM8ZGE2iL/QiVQv5fx2BLuEMcPtkyZOcimwKvqhmjOV78DVtjMKBBIkOVWW/h2j37B1KaOsdxZAihsg8GT51p/358UMalk0weGYdLwMv60D/8uqodMb/DsQj7LJzMHsCWJIPJnXpFYli2FtjCDH9nfNZ0MaUnrAoZPzDTIF6O0FrhkmPHjyO9I+9twq6oaYEnZbn3ObA0n6MQBh/9/hFAw/GUCq9/p3+fvQdiXBhEp4LsEor2ta3D8PYK52XeoYZhH55hiTMLEBU1/dqhWoAbCeMw6mpDiFi5LnUJCLQkeuNVw1gvIiPWR2maT+ZTBkBov6hi6R5KQ8YdpyUfV12Dz5w4yd0
cookie: MUIDB=3B406B6AF21B62053DD77E00F377634B
cookie: SRCHUSR=DOB=20250104&T=1735966859000
cookie: _C_ETH=1
cookie: _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2025-01-03T08:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2025-01-04T05:01:01.2211900+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=
cookie: _Rwho=u=d&ts=2025-01-04
cookie: _SS=PC=U531&SID=0E7AE11C3C4A6FE33003F4763D266EE2&R=3&RB=0&GB=0&RG=200&RP=0
cookie: dsc=order=ShopOrderDefault
cookie: SRCHHPGUSR=SRCHLANG=en&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=2898&DPR=1.0&UTC=0&PV=10.0&EXLTT=1&HV=1735966861&WTS=63871563659
cookie: USRLOC=HS=1&ELOC=LAT=51.519901275634766|LON=-0.10880059748888016|N=London%2C%20Greater%20London|ELT=1|&BLOCK=TS=250104050101

Response

HTTP/2.0 200

content-length: 0
access-control-allow-origin: *
date: Sat, 04 Jan 2025 05:01:01 GMT
alt-svc: h3=":443"; ma=93600
x-cdn-traceid: 0.d78f655f.1735966861.874dcd5
GET

https://www.bing.com/secure/Passport.aspx?popup=1&ssl=1

msedge.exe

Remote address:

95.101.143.219:443

Request

GET /secure/Passport.aspx?popup=1&ssl=1 HTTP/2.0
host: www.bing.com
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
ect: 4g
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-arch: "x86"
sec-ch-ua-platform: "Windows"
sec-ch-ua-platform-version: "10.0"
sec-ch-ua-model: ""
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: MUID=3B406B6AF21B62053DD77E00F377634B
cookie: _EDGE_S=F=1&SID=0E7AE11C3C4A6FE33003F4763D266EE2
cookie: _EDGE_V=1
cookie: SRCHD=AF=ANAB01
cookie: SRCHUID=V=2&GUID=E38AAEEFBAA84E6BBDE5B51739698DBE&dmnchg=1
cookie: ak_bmsc=E4F717C62D6A03B55FE517A8758AAA35~000000000000000000000000000000~YAAQ149lX2nJJiiUAQAA1CGwLxowCFng3+AW5wE/0o+C0HCcGM8ZGE2iL/QiVQv5fx2BLuEMcPtkyZOcimwKvqhmjOV78DVtjMKBBIkOVWW/h2j37B1KaOsdxZAihsg8GT51p/358UMalk0weGYdLwMv60D/8uqodMb/DsQj7LJzMHsCWJIPJnXpFYli2FtjCDH9nfNZ0MaUnrAoZPzDTIF6O0FrhkmPHjyO9I+9twq6oaYEnZbn3ObA0n6MQBh/9/hFAw/GUCq9/p3+fvQdiXBhEp4LsEor2ta3D8PYK52XeoYZhH55hiTMLEBU1/dqhWoAbCeMw6mpDiFi5LnUJCLQkeuNVw1gvIiPWR2maT+ZTBkBov6hi6R5KQ8YdpyUfV12Dz5w4yd0
cookie: MUIDB=3B406B6AF21B62053DD77E00F377634B
cookie: SRCHUSR=DOB=20250104&T=1735966859000
cookie: _C_ETH=1
cookie: _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2025-01-03T08:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2025-01-04T05:01:01.2211900+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=
cookie: _Rwho=u=d&ts=2025-01-04
cookie: _SS=PC=U531&SID=0E7AE11C3C4A6FE33003F4763D266EE2&R=3&RB=0&GB=0&RG=200&RP=0
cookie: dsc=order=ShopOrderDefault
cookie: SRCHHPGUSR=SRCHLANG=en&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=2898&DPR=1.0&UTC=0&PV=10.0&EXLTT=1&HV=1735966861&WTS=63871563659
cookie: USRLOC=HS=1&ELOC=LAT=51.519901275634766|LON=-0.10880059748888016|N=London%2C%20Greater%20London|ELT=1|&BLOCK=TS=250104050101

Response

HTTP/2.0 200

cache-control: no-cache,no-store
pragma: no-cache
content-length: 235
content-type: text/html; charset=utf-8
content-encoding: br
expires: Thu, 01 Jan 1970 00:00:00 GMT
vary: Accept-Encoding
p3p: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
x-eventid: 6778c08e9ce74a40b74f1d4475d99a2e
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, ECT, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
useragentreductionoptout: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
content-security-policy: script-src https: 'strict-dynamic' 'report-sample' 'wasm-unsafe-eval' 'nonce-pqhVkxaMgt6F0CTXZ+52Uin1DfGFyeZ2BNv2gmqH8hY='; base-uri 'self';report-to csp-endpoint
report-to: {"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
x-msedge-ref: Ref A: CEA911A73D0F40249549763BED2EBC6B Ref B: LON601060101025 Ref C: 2025-01-04T05:01:02Z
date: Sat, 04 Jan 2025 05:01:02 GMT
set-cookie: .MSA.Auth=; expires=Thu, 01 Jan 1970 00:00:00 GMT; domain=.bing.com; path=/; secure; samesite=lax; httponly
set-cookie: MUIDB=3B406B6AF21B62053DD77E00F377634B; expires=Thu, 29-Jan-2026 05:01:02 GMT; path=/; HttpOnly
alt-svc: h3=":443"; ma=93600
x-cdn-traceid: 0.d78f655f.1735966862.874dec3
GET

https://www.bing.com/ipv6test/test?FORM=MONITR

msedge.exe

Remote address:

95.101.143.219:443

Request

GET /ipv6test/test?FORM=MONITR HTTP/2.0
host: www.bing.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.bing.com/search?q=virus+download&cvid=64ee3a2dc60c4392b2e0a454ecd64ada&aqs=edge.4.69i57j0l6.4251j0j4&FORM=ANAB01&PC=U531
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: MUID=3B406B6AF21B62053DD77E00F377634B
cookie: _EDGE_S=F=1&SID=0E7AE11C3C4A6FE33003F4763D266EE2
cookie: _EDGE_V=1
cookie: SRCHD=AF=ANAB01
cookie: SRCHUID=V=2&GUID=E38AAEEFBAA84E6BBDE5B51739698DBE&dmnchg=1
cookie: ak_bmsc=E4F717C62D6A03B55FE517A8758AAA35~000000000000000000000000000000~YAAQ149lX2nJJiiUAQAA1CGwLxowCFng3+AW5wE/0o+C0HCcGM8ZGE2iL/QiVQv5fx2BLuEMcPtkyZOcimwKvqhmjOV78DVtjMKBBIkOVWW/h2j37B1KaOsdxZAihsg8GT51p/358UMalk0weGYdLwMv60D/8uqodMb/DsQj7LJzMHsCWJIPJnXpFYli2FtjCDH9nfNZ0MaUnrAoZPzDTIF6O0FrhkmPHjyO9I+9twq6oaYEnZbn3ObA0n6MQBh/9/hFAw/GUCq9/p3+fvQdiXBhEp4LsEor2ta3D8PYK52XeoYZhH55hiTMLEBU1/dqhWoAbCeMw6mpDiFi5LnUJCLQkeuNVw1gvIiPWR2maT+ZTBkBov6hi6R5KQ8YdpyUfV12Dz5w4yd0
cookie: MUIDB=3B406B6AF21B62053DD77E00F377634B
cookie: SRCHUSR=DOB=20250104&T=1735966859000
cookie: _C_ETH=1
cookie: _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2025-01-03T08:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2025-01-04T05:01:01.2211900+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=
cookie: _Rwho=u=d&ts=2025-01-04
cookie: _SS=PC=U531&SID=0E7AE11C3C4A6FE33003F4763D266EE2&R=3&RB=0&GB=0&RG=200&RP=0
cookie: dsc=order=ShopOrderDefault
cookie: SRCHHPGUSR=SRCHLANG=en&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=2898&DPR=1.0&UTC=0&PV=10.0&EXLTT=1&HV=1735966861&WTS=63871563659
cookie: USRLOC=HS=1&ELOC=LAT=51.519901275634766|LON=-0.10880059748888016|N=London%2C%20Greater%20London|ELT=1|&BLOCK=TS=250104050101

Response

HTTP/2.0 200

content-length: 64
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.bing.com
cache-control: no-cache, no-store, must-revalidate
content-encoding: br
expires: -1
pragma: no-cache
vary: Accept-Encoding
x-eventid: 6778c08e607149d295525c25efc6c008
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, ECT, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
useragentreductionoptout: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
content-security-policy: script-src https: 'strict-dynamic' 'report-sample' 'wasm-unsafe-eval' 'nonce-1qetPK2iEtaSyFlfjViexD3idamPWz/wKJUF3GwTRQo='; base-uri 'self';report-to csp-endpoint
report-to: {"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
p3p: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
date: Sat, 04 Jan 2025 05:01:02 GMT
alt-svc: h3=":443"; ma=93600
x-cdn-traceid: 0.d78f655f.1735966862.874e0bd
POST

https://www.bing.com/fd/ls/lsp.aspx

msedge.exe

Remote address:

95.101.143.219:443

Request

POST /fd/ls/lsp.aspx HTTP/2.0
host: www.bing.com
content-length: 20353
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
content-type: text/xml
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
accept: */*
origin: https://www.bing.com
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.bing.com/search?q=virus+download&cvid=64ee3a2dc60c4392b2e0a454ecd64ada&aqs=edge.4.69i57j0l6.4251j0j4&FORM=ANAB01&PC=U531
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: MUID=3B406B6AF21B62053DD77E00F377634B
cookie: _EDGE_S=F=1&SID=0E7AE11C3C4A6FE33003F4763D266EE2
cookie: _EDGE_V=1
cookie: SRCHD=AF=ANAB01
cookie: SRCHUID=V=2&GUID=E38AAEEFBAA84E6BBDE5B51739698DBE&dmnchg=1
cookie: ak_bmsc=E4F717C62D6A03B55FE517A8758AAA35~000000000000000000000000000000~YAAQ149lX2nJJiiUAQAA1CGwLxowCFng3+AW5wE/0o+C0HCcGM8ZGE2iL/QiVQv5fx2BLuEMcPtkyZOcimwKvqhmjOV78DVtjMKBBIkOVWW/h2j37B1KaOsdxZAihsg8GT51p/358UMalk0weGYdLwMv60D/8uqodMb/DsQj7LJzMHsCWJIPJnXpFYli2FtjCDH9nfNZ0MaUnrAoZPzDTIF6O0FrhkmPHjyO9I+9twq6oaYEnZbn3ObA0n6MQBh/9/hFAw/GUCq9/p3+fvQdiXBhEp4LsEor2ta3D8PYK52XeoYZhH55hiTMLEBU1/dqhWoAbCeMw6mpDiFi5LnUJCLQkeuNVw1gvIiPWR2maT+ZTBkBov6hi6R5KQ8YdpyUfV12Dz5w4yd0
cookie: MUIDB=3B406B6AF21B62053DD77E00F377634B
cookie: SRCHUSR=DOB=20250104&T=1735966859000
cookie: _C_ETH=1
cookie: _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2025-01-03T08:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2025-01-04T05:01:01.2211900+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=
cookie: _Rwho=u=d&ts=2025-01-04
cookie: _SS=PC=U531&SID=0E7AE11C3C4A6FE33003F4763D266EE2&R=3&RB=0&GB=0&RG=200&RP=0
cookie: dsc=order=ShopOrderDefault
cookie: SRCHHPGUSR=SRCHLANG=en&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=2898&DPR=1.0&UTC=0&PV=10.0&EXLTT=1&HV=1735966861&WTS=63871563659
cookie: USRLOC=HS=1&ELOC=LAT=51.519901275634766|LON=-0.10880059748888016|N=London%2C%20Greater%20London|ELT=1|&BLOCK=TS=250104050101
cookie: ipv6=hit=1735970462143&t=4

Response

HTTP/2.0 204

access-control-allow-origin: *
date: Sat, 04 Jan 2025 05:01:03 GMT
alt-svc: h3=":443"; ma=93600
x-cdn-traceid: 0.d78f655f.1735966863.874e395
POST

https://www.bing.com/fd/ls/GLinkPingPost.aspx?IG=68C350558AEC472DBCCE420047970621&ID=SERP,5861.1&url=javascript%3A%20void(0)

msedge.exe

Remote address:

95.101.143.219:443

Request

POST /fd/ls/GLinkPingPost.aspx?IG=68C350558AEC472DBCCE420047970621&ID=SERP,5861.1&url=javascript%3A%20void(0) HTTP/2.0
host: www.bing.com
content-length: 0
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
content-type: text/plain;charset=UTF-8
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
accept: */*
origin: https://www.bing.com
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://www.bing.com/search?q=virus+download&cvid=64ee3a2dc60c4392b2e0a454ecd64ada&aqs=edge.4.69i57j0l6.4251j0j4&FORM=ANAB01&PC=U531
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: MUID=3B406B6AF21B62053DD77E00F377634B
cookie: _EDGE_S=F=1&SID=0E7AE11C3C4A6FE33003F4763D266EE2
cookie: _EDGE_V=1
cookie: SRCHD=AF=ANAB01
cookie: SRCHUID=V=2&GUID=E38AAEEFBAA84E6BBDE5B51739698DBE&dmnchg=1
cookie: ak_bmsc=E4F717C62D6A03B55FE517A8758AAA35~000000000000000000000000000000~YAAQ149lX2nJJiiUAQAA1CGwLxowCFng3+AW5wE/0o+C0HCcGM8ZGE2iL/QiVQv5fx2BLuEMcPtkyZOcimwKvqhmjOV78DVtjMKBBIkOVWW/h2j37B1KaOsdxZAihsg8GT51p/358UMalk0weGYdLwMv60D/8uqodMb/DsQj7LJzMHsCWJIPJnXpFYli2FtjCDH9nfNZ0MaUnrAoZPzDTIF6O0FrhkmPHjyO9I+9twq6oaYEnZbn3ObA0n6MQBh/9/hFAw/GUCq9/p3+fvQdiXBhEp4LsEor2ta3D8PYK52XeoYZhH55hiTMLEBU1/dqhWoAbCeMw6mpDiFi5LnUJCLQkeuNVw1gvIiPWR2maT+ZTBkBov6hi6R5KQ8YdpyUfV12Dz5w4yd0
cookie: MUIDB=3B406B6AF21B62053DD77E00F377634B
cookie: SRCHUSR=DOB=20250104&T=1735966859000
cookie: _C_ETH=1
cookie: _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2025-01-03T08:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2025-01-04T05:01:01.2211900+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=
cookie: _Rwho=u=d&ts=2025-01-04
cookie: _SS=PC=U531&SID=0E7AE11C3C4A6FE33003F4763D266EE2&R=3&RB=0&GB=0&RG=200&RP=0
cookie: dsc=order=ShopOrderDefault
cookie: SRCHHPGUSR=SRCHLANG=en&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=2898&DPR=1.0&UTC=0&PV=10.0&EXLTT=1&HV=1735966861&WTS=63871563659
cookie: USRLOC=HS=1&ELOC=LAT=51.519901275634766|LON=-0.10880059748888016|N=London%2C%20Greater%20London|ELT=1|&BLOCK=TS=250104050101
cookie: ipv6=hit=1735970462143&t=4

Response

HTTP/2.0 200

cache-control: private
p3p: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
access-control-allow-origin: *
x-eventid: 6778c0913dae470b8e448760ec9e6354
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, ECT, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
useragentreductionoptout: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
content-security-policy: script-src https: 'strict-dynamic' 'report-sample' 'wasm-unsafe-eval' 'nonce-jyvfC0ybolNg8R3+sTCGqVxQEgwnbTRwoT9U008KfGg='; base-uri 'self';report-to csp-endpoint
report-to: {"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
x-msedge-ref: Ref A: AAEFE32FC7F3473C84DD29D8B38A2E6A Ref B: LON601060106023 Ref C: 2025-01-04T05:01:05Z
content-length: 0
date: Sat, 04 Jan 2025 05:01:05 GMT
set-cookie: MUIDB=3B406B6AF21B62053DD77E00F377634B; expires=Thu, 29-Jan-2026 05:01:05 GMT; path=/; HttpOnly
alt-svc: h3=":443"; ma=93600
x-cdn-traceid: 0.d78f655f.1735966865.874ec9c
POST

https://www.bing.com/fd/ls/lsp.aspx

msedge.exe

Remote address:

95.101.143.219:443

Request

POST /fd/ls/lsp.aspx HTTP/2.0
host: www.bing.com
content-length: 1077
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
content-type: text/xml
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
accept: */*
origin: https://www.bing.com
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.bing.com/search?q=virus+download&cvid=64ee3a2dc60c4392b2e0a454ecd64ada&aqs=edge.4.69i57j0l6.4251j0j4&FORM=ANAB01&PC=U531
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: MUID=3B406B6AF21B62053DD77E00F377634B
cookie: _EDGE_S=F=1&SID=0E7AE11C3C4A6FE33003F4763D266EE2
cookie: _EDGE_V=1
cookie: SRCHD=AF=ANAB01
cookie: SRCHUID=V=2&GUID=E38AAEEFBAA84E6BBDE5B51739698DBE&dmnchg=1
cookie: ak_bmsc=E4F717C62D6A03B55FE517A8758AAA35~000000000000000000000000000000~YAAQ149lX2nJJiiUAQAA1CGwLxowCFng3+AW5wE/0o+C0HCcGM8ZGE2iL/QiVQv5fx2BLuEMcPtkyZOcimwKvqhmjOV78DVtjMKBBIkOVWW/h2j37B1KaOsdxZAihsg8GT51p/358UMalk0weGYdLwMv60D/8uqodMb/DsQj7LJzMHsCWJIPJnXpFYli2FtjCDH9nfNZ0MaUnrAoZPzDTIF6O0FrhkmPHjyO9I+9twq6oaYEnZbn3ObA0n6MQBh/9/hFAw/GUCq9/p3+fvQdiXBhEp4LsEor2ta3D8PYK52XeoYZhH55hiTMLEBU1/dqhWoAbCeMw6mpDiFi5LnUJCLQkeuNVw1gvIiPWR2maT+ZTBkBov6hi6R5KQ8YdpyUfV12Dz5w4yd0
cookie: MUIDB=3B406B6AF21B62053DD77E00F377634B
cookie: SRCHUSR=DOB=20250104&T=1735966859000
cookie: _C_ETH=1
cookie: _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2025-01-03T08:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2025-01-04T05:01:01.2211900+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=
cookie: _Rwho=u=d&ts=2025-01-04
cookie: _SS=PC=U531&SID=0E7AE11C3C4A6FE33003F4763D266EE2&R=3&RB=0&GB=0&RG=200&RP=0
cookie: dsc=order=ShopOrderDefault
cookie: SRCHHPGUSR=SRCHLANG=en&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=2898&DPR=1.0&UTC=0&PV=10.0&EXLTT=1&HV=1735966861&WTS=63871563659
cookie: USRLOC=HS=1&ELOC=LAT=51.519901275634766|LON=-0.10880059748888016|N=London%2C%20Greater%20London|ELT=1|&BLOCK=TS=250104050101
cookie: ipv6=hit=1735970462143&t=4

Response

HTTP/2.0 204

access-control-allow-origin: *
date: Sat, 04 Jan 2025 05:01:07 GMT
alt-svc: h3=":443"; ma=93600
x-cdn-traceid: 0.d78f655f.1735966867.874f276
POST

https://www.bing.com/fd/ls/lsp.aspx

msedge.exe

Remote address:

95.101.143.219:443

Request

POST /fd/ls/lsp.aspx HTTP/2.0
host: www.bing.com
content-length: 539
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
content-type: text/xml
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
accept: */*
origin: https://www.bing.com
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.bing.com/search?q=virus+download&cvid=64ee3a2dc60c4392b2e0a454ecd64ada&aqs=edge.4.69i57j0l6.4251j0j4&FORM=ANAB01&PC=U531
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: MUID=3B406B6AF21B62053DD77E00F377634B
cookie: _EDGE_S=F=1&SID=0E7AE11C3C4A6FE33003F4763D266EE2
cookie: _EDGE_V=1
cookie: SRCHD=AF=ANAB01
cookie: SRCHUID=V=2&GUID=E38AAEEFBAA84E6BBDE5B51739698DBE&dmnchg=1
cookie: ak_bmsc=E4F717C62D6A03B55FE517A8758AAA35~000000000000000000000000000000~YAAQ149lX2nJJiiUAQAA1CGwLxowCFng3+AW5wE/0o+C0HCcGM8ZGE2iL/QiVQv5fx2BLuEMcPtkyZOcimwKvqhmjOV78DVtjMKBBIkOVWW/h2j37B1KaOsdxZAihsg8GT51p/358UMalk0weGYdLwMv60D/8uqodMb/DsQj7LJzMHsCWJIPJnXpFYli2FtjCDH9nfNZ0MaUnrAoZPzDTIF6O0FrhkmPHjyO9I+9twq6oaYEnZbn3ObA0n6MQBh/9/hFAw/GUCq9/p3+fvQdiXBhEp4LsEor2ta3D8PYK52XeoYZhH55hiTMLEBU1/dqhWoAbCeMw6mpDiFi5LnUJCLQkeuNVw1gvIiPWR2maT+ZTBkBov6hi6R5KQ8YdpyUfV12Dz5w4yd0
cookie: MUIDB=3B406B6AF21B62053DD77E00F377634B
cookie: SRCHUSR=DOB=20250104&T=1735966859000
cookie: _C_ETH=1
cookie: _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2025-01-03T08:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2025-01-04T05:01:01.2211900+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=
cookie: _Rwho=u=d&ts=2025-01-04
cookie: _SS=PC=U531&SID=0E7AE11C3C4A6FE33003F4763D266EE2&R=3&RB=0&GB=0&RG=200&RP=0
cookie: dsc=order=ShopOrderDefault
cookie: SRCHHPGUSR=SRCHLANG=en&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=2898&DPR=1.0&UTC=0&PV=10.0&EXLTT=1&HV=1735966861&WTS=63871563659
cookie: USRLOC=HS=1&ELOC=LAT=51.519901275634766|LON=-0.10880059748888016|N=London%2C%20Greater%20London|ELT=1|&BLOCK=TS=250104050101
cookie: ipv6=hit=1735970462143&t=4

Response

HTTP/2.0 204

access-control-allow-origin: *
date: Sat, 04 Jan 2025 05:01:08 GMT
alt-svc: h3=":443"; ma=93600
x-cdn-traceid: 0.d78f655f.1735966868.874f5be
POST

https://www.bing.com/fd/ls/lsp.aspx

msedge.exe

Remote address:

95.101.143.219:443

Request

POST /fd/ls/lsp.aspx HTTP/2.0
host: www.bing.com
content-length: 556
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
content-type: text/xml
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
accept: */*
origin: https://www.bing.com
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.bing.com/search?q=virus+download&cvid=64ee3a2dc60c4392b2e0a454ecd64ada&aqs=edge.4.69i57j0l6.4251j0j4&FORM=ANAB01&PC=U531
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: MUID=3B406B6AF21B62053DD77E00F377634B
cookie: _EDGE_S=F=1&SID=0E7AE11C3C4A6FE33003F4763D266EE2
cookie: _EDGE_V=1
cookie: SRCHD=AF=ANAB01
cookie: SRCHUID=V=2&GUID=E38AAEEFBAA84E6BBDE5B51739698DBE&dmnchg=1
cookie: ak_bmsc=E4F717C62D6A03B55FE517A8758AAA35~000000000000000000000000000000~YAAQ149lX2nJJiiUAQAA1CGwLxowCFng3+AW5wE/0o+C0HCcGM8ZGE2iL/QiVQv5fx2BLuEMcPtkyZOcimwKvqhmjOV78DVtjMKBBIkOVWW/h2j37B1KaOsdxZAihsg8GT51p/358UMalk0weGYdLwMv60D/8uqodMb/DsQj7LJzMHsCWJIPJnXpFYli2FtjCDH9nfNZ0MaUnrAoZPzDTIF6O0FrhkmPHjyO9I+9twq6oaYEnZbn3ObA0n6MQBh/9/hFAw/GUCq9/p3+fvQdiXBhEp4LsEor2ta3D8PYK52XeoYZhH55hiTMLEBU1/dqhWoAbCeMw6mpDiFi5LnUJCLQkeuNVw1gvIiPWR2maT+ZTBkBov6hi6R5KQ8YdpyUfV12Dz5w4yd0
cookie: MUIDB=3B406B6AF21B62053DD77E00F377634B
cookie: SRCHUSR=DOB=20250104&T=1735966859000
cookie: _C_ETH=1
cookie: _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2025-01-03T08:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2025-01-04T05:01:01.2211900+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=
cookie: _Rwho=u=d&ts=2025-01-04
cookie: _SS=PC=U531&SID=0E7AE11C3C4A6FE33003F4763D266EE2&R=3&RB=0&GB=0&RG=200&RP=0
cookie: dsc=order=ShopOrderDefault
cookie: SRCHHPGUSR=SRCHLANG=en&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=2898&DPR=1.0&UTC=0&PV=10.0&EXLTT=1&HV=1735966861&WTS=63871563659
cookie: USRLOC=HS=1&ELOC=LAT=51.519901275634766|LON=-0.10880059748888016|N=London%2C%20Greater%20London|ELT=1|&BLOCK=TS=250104050101
cookie: ipv6=hit=1735970462143&t=4

Response

HTTP/2.0 204

access-control-allow-origin: *
date: Sat, 04 Jan 2025 05:01:09 GMT
alt-svc: h3=":443"; ma=93600
x-cdn-traceid: 0.d78f655f.1735966869.874f99f
POST

https://www.bing.com/fd/ls/GLinkPingPost.aspx?IG=68C350558AEC472DBCCE420047970621&ID=SERP,5250.2&url=https%3A%2F%2Fwww.bing.com%2Fck%2Fa%3F!%26%26p%3De341625de7bf306485a47c33ee5cc3a82d0583e435546c103ca5b1eeba78703aJmltdHM9MTczNTg2MjQwMA%26ptn%3D3%26ver%3D2%26hsh%3D4%26fclid%3D3b406b6a-f21b-6205-3dd7-7e00f377634b%26psq%3Dvirus%2Bdownload%26u%3Da1aHR0cHM6Ly9naXRodWIuY29tL0RhMmRhbHVzL1RoZS1NQUxXQVJFLVJlcG8%26ntb%3D1

msedge.exe

Remote address:

95.101.143.219:443

Request

POST /fd/ls/GLinkPingPost.aspx?IG=68C350558AEC472DBCCE420047970621&ID=SERP,5250.2&url=https%3A%2F%2Fwww.bing.com%2Fck%2Fa%3F!%26%26p%3De341625de7bf306485a47c33ee5cc3a82d0583e435546c103ca5b1eeba78703aJmltdHM9MTczNTg2MjQwMA%26ptn%3D3%26ver%3D2%26hsh%3D4%26fclid%3D3b406b6a-f21b-6205-3dd7-7e00f377634b%26psq%3Dvirus%2Bdownload%26u%3Da1aHR0cHM6Ly9naXRodWIuY29tL0RhMmRhbHVzL1RoZS1NQUxXQVJFLVJlcG8%26ntb%3D1 HTTP/2.0
host: www.bing.com
content-length: 0
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
content-type: text/plain;charset=UTF-8
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
accept: */*
origin: https://www.bing.com
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://www.bing.com/search?q=virus+download&cvid=64ee3a2dc60c4392b2e0a454ecd64ada&aqs=edge.4.69i57j0l6.4251j0j4&FORM=ANAB01&PC=U531
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: MUID=3B406B6AF21B62053DD77E00F377634B
cookie: _EDGE_S=F=1&SID=0E7AE11C3C4A6FE33003F4763D266EE2
cookie: _EDGE_V=1
cookie: SRCHD=AF=ANAB01
cookie: SRCHUID=V=2&GUID=E38AAEEFBAA84E6BBDE5B51739698DBE&dmnchg=1
cookie: ak_bmsc=E4F717C62D6A03B55FE517A8758AAA35~000000000000000000000000000000~YAAQ149lX2nJJiiUAQAA1CGwLxowCFng3+AW5wE/0o+C0HCcGM8ZGE2iL/QiVQv5fx2BLuEMcPtkyZOcimwKvqhmjOV78DVtjMKBBIkOVWW/h2j37B1KaOsdxZAihsg8GT51p/358UMalk0weGYdLwMv60D/8uqodMb/DsQj7LJzMHsCWJIPJnXpFYli2FtjCDH9nfNZ0MaUnrAoZPzDTIF6O0FrhkmPHjyO9I+9twq6oaYEnZbn3ObA0n6MQBh/9/hFAw/GUCq9/p3+fvQdiXBhEp4LsEor2ta3D8PYK52XeoYZhH55hiTMLEBU1/dqhWoAbCeMw6mpDiFi5LnUJCLQkeuNVw1gvIiPWR2maT+ZTBkBov6hi6R5KQ8YdpyUfV12Dz5w4yd0
cookie: MUIDB=3B406B6AF21B62053DD77E00F377634B
cookie: SRCHUSR=DOB=20250104&T=1735966859000
cookie: _C_ETH=1
cookie: _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2025-01-03T08:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2025-01-04T05:01:01.2211900+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=
cookie: _Rwho=u=d&ts=2025-01-04
cookie: _SS=PC=U531&SID=0E7AE11C3C4A6FE33003F4763D266EE2&R=3&RB=0&GB=0&RG=200&RP=0
cookie: dsc=order=ShopOrderDefault
cookie: SRCHHPGUSR=SRCHLANG=en&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=2898&DPR=1.0&UTC=0&PV=10.0&EXLTT=1&HV=1735966861&WTS=63871563659
cookie: USRLOC=HS=1&ELOC=LAT=51.519901275634766|LON=-0.10880059748888016|N=London%2C%20Greater%20London|ELT=1|&BLOCK=TS=250104050101
cookie: ipv6=hit=1735970462143&t=4

Response

HTTP/2.0 200

cache-control: private
p3p: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
access-control-allow-origin: *
x-eventid: 6778c099da274eddb0ed9ff500c30991
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, ECT, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
useragentreductionoptout: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
content-security-policy: script-src https: 'strict-dynamic' 'report-sample' 'wasm-unsafe-eval' 'nonce-OmflthzjcsOhlJkXOi5iLKBzF2BO/uZijqQ5a60o62c='; base-uri 'self';report-to csp-endpoint
report-to: {"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
x-msedge-ref: Ref A: 6EF38C4D0FF0486192F5C5D68DE768E9 Ref B: LON601060102029 Ref C: 2025-01-04T05:01:13Z
content-length: 0
date: Sat, 04 Jan 2025 05:01:13 GMT
set-cookie: MUIDB=3B406B6AF21B62053DD77E00F377634B; expires=Thu, 29-Jan-2026 05:01:13 GMT; path=/; HttpOnly
alt-svc: h3=":443"; ma=93600
x-cdn-traceid: 0.d78f655f.1735966873.8750716
GET

https://www.bing.com/ck/a?!&&p=e341625de7bf306485a47c33ee5cc3a82d0583e435546c103ca5b1eeba78703aJmltdHM9MTczNTg2MjQwMA&ptn=3&ver=2&hsh=4&fclid=3b406b6a-f21b-6205-3dd7-7e00f377634b&psq=virus+download&u=a1aHR0cHM6Ly9naXRodWIuY29tL0RhMmRhbHVzL1RoZS1NQUxXQVJFLVJlcG8&ntb=1

msedge.exe

Remote address:

95.101.143.219:443

Request

GET /ck/a?!&&p=e341625de7bf306485a47c33ee5cc3a82d0583e435546c103ca5b1eeba78703aJmltdHM9MTczNTg2MjQwMA&ptn=3&ver=2&hsh=4&fclid=3b406b6a-f21b-6205-3dd7-7e00f377634b&psq=virus+download&u=a1aHR0cHM6Ly9naXRodWIuY29tL0RhMmRhbHVzL1RoZS1NQUxXQVJFLVJlcG8&ntb=1 HTTP/2.0
host: www.bing.com
ect: 4g
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-arch: "x86"
sec-ch-ua-platform: "Windows"
sec-ch-ua-platform-version: "10.0"
sec-ch-ua-model: ""
dnt: 1
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
referer: https://www.bing.com/search?q=virus+download&cvid=64ee3a2dc60c4392b2e0a454ecd64ada&aqs=edge.4.69i57j0l6.4251j0j4&FORM=ANAB01&PC=U531
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: MUID=3B406B6AF21B62053DD77E00F377634B
cookie: _EDGE_S=F=1&SID=0E7AE11C3C4A6FE33003F4763D266EE2
cookie: _EDGE_V=1
cookie: SRCHD=AF=ANAB01
cookie: SRCHUID=V=2&GUID=E38AAEEFBAA84E6BBDE5B51739698DBE&dmnchg=1
cookie: ak_bmsc=E4F717C62D6A03B55FE517A8758AAA35~000000000000000000000000000000~YAAQ149lX2nJJiiUAQAA1CGwLxowCFng3+AW5wE/0o+C0HCcGM8ZGE2iL/QiVQv5fx2BLuEMcPtkyZOcimwKvqhmjOV78DVtjMKBBIkOVWW/h2j37B1KaOsdxZAihsg8GT51p/358UMalk0weGYdLwMv60D/8uqodMb/DsQj7LJzMHsCWJIPJnXpFYli2FtjCDH9nfNZ0MaUnrAoZPzDTIF6O0FrhkmPHjyO9I+9twq6oaYEnZbn3ObA0n6MQBh/9/hFAw/GUCq9/p3+fvQdiXBhEp4LsEor2ta3D8PYK52XeoYZhH55hiTMLEBU1/dqhWoAbCeMw6mpDiFi5LnUJCLQkeuNVw1gvIiPWR2maT+ZTBkBov6hi6R5KQ8YdpyUfV12Dz5w4yd0
cookie: MUIDB=3B406B6AF21B62053DD77E00F377634B
cookie: SRCHUSR=DOB=20250104&T=1735966859000
cookie: _C_ETH=1
cookie: _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2025-01-03T08:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2025-01-04T05:01:01.2211900+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=
cookie: _Rwho=u=d&ts=2025-01-04
cookie: _SS=PC=U531&SID=0E7AE11C3C4A6FE33003F4763D266EE2&R=3&RB=0&GB=0&RG=200&RP=0
cookie: dsc=order=ShopOrderDefault
cookie: SRCHHPGUSR=SRCHLANG=en&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=2898&DPR=1.0&UTC=0&PV=10.0&EXLTT=1&HV=1735966861&WTS=63871563659
cookie: USRLOC=HS=1&ELOC=LAT=51.519901275634766|LON=-0.10880059748888016|N=London%2C%20Greater%20London|ELT=1|&BLOCK=TS=250104050101
cookie: ipv6=hit=1735970462143&t=4

Response

HTTP/2.0 200

cache-control: no-cache, must-revalidate
pragma: no-cache
content-length: 1200
content-type: text/html; charset=UTF-8
content-encoding: gzip
expires: Fri, 01 Jan 1990 00:00:00 GMT
vary: Accept-Encoding
access-control-allow-origin: *
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 32635B72032748CFBB93BCD58D525DF7 Ref B: LON601060101025 Ref C: 2025-01-04T05:01:13Z
date: Sat, 04 Jan 2025 05:01:13 GMT
set-cookie: MSPTC=cIvokP_9jjXFUOMQTRzJwiGZHELTfRbMCvSYsuioq44; domain=.bing.com; expires=Thu, 29-Jan-2026 05:01:13 GMT; path=/; Partitioned; secure; SameSite=None
alt-svc: h3=":443"; ma=93600
x-cdn-traceid: 0.d78f655f.1735966873.87507a8
POST

https://www.bing.com/fd/ls/lsp.aspx

msedge.exe

Remote address:

95.101.143.219:443

Request

POST /fd/ls/lsp.aspx HTTP/2.0
host: www.bing.com
content-length: 285
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
content-type: text/xml
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
accept: */*
origin: https://www.bing.com
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.bing.com/search?q=virus+download&cvid=64ee3a2dc60c4392b2e0a454ecd64ada&aqs=edge.4.69i57j0l6.4251j0j4&FORM=ANAB01&PC=U531
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: MUID=3B406B6AF21B62053DD77E00F377634B
cookie: _EDGE_S=F=1&SID=0E7AE11C3C4A6FE33003F4763D266EE2
cookie: _EDGE_V=1
cookie: SRCHD=AF=ANAB01
cookie: SRCHUID=V=2&GUID=E38AAEEFBAA84E6BBDE5B51739698DBE&dmnchg=1
cookie: ak_bmsc=E4F717C62D6A03B55FE517A8758AAA35~000000000000000000000000000000~YAAQ149lX2nJJiiUAQAA1CGwLxowCFng3+AW5wE/0o+C0HCcGM8ZGE2iL/QiVQv5fx2BLuEMcPtkyZOcimwKvqhmjOV78DVtjMKBBIkOVWW/h2j37B1KaOsdxZAihsg8GT51p/358UMalk0weGYdLwMv60D/8uqodMb/DsQj7LJzMHsCWJIPJnXpFYli2FtjCDH9nfNZ0MaUnrAoZPzDTIF6O0FrhkmPHjyO9I+9twq6oaYEnZbn3ObA0n6MQBh/9/hFAw/GUCq9/p3+fvQdiXBhEp4LsEor2ta3D8PYK52XeoYZhH55hiTMLEBU1/dqhWoAbCeMw6mpDiFi5LnUJCLQkeuNVw1gvIiPWR2maT+ZTBkBov6hi6R5KQ8YdpyUfV12Dz5w4yd0
cookie: MUIDB=3B406B6AF21B62053DD77E00F377634B
cookie: SRCHUSR=DOB=20250104&T=1735966859000
cookie: _C_ETH=1
cookie: _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2025-01-03T08:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2025-01-04T05:01:01.2211900+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=
cookie: _Rwho=u=d&ts=2025-01-04
cookie: _SS=PC=U531&SID=0E7AE11C3C4A6FE33003F4763D266EE2&R=3&RB=0&GB=0&RG=200&RP=0
cookie: dsc=order=ShopOrderDefault
cookie: SRCHHPGUSR=SRCHLANG=en&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=2898&DPR=1.0&UTC=0&PV=10.0&EXLTT=1&HV=1735966861&WTS=63871563659
cookie: USRLOC=HS=1&ELOC=LAT=51.519901275634766|LON=-0.10880059748888016|N=London%2C%20Greater%20London|ELT=1|&BLOCK=TS=250104050101
cookie: ipv6=hit=1735970462143&t=4

Response

HTTP/2.0 204

access-control-allow-origin: *
date: Sat, 04 Jan 2025 05:01:13 GMT
alt-svc: h3=":443"; ma=93600
x-cdn-traceid: 0.d78f655f.1735966873.87507be
POST

https://www.bing.com/fd/ls/lsp.aspx

msedge.exe

Remote address:

95.101.143.219:443

Request

POST /fd/ls/lsp.aspx HTTP/2.0
host: www.bing.com
content-length: 1011
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
content-type: text/plain
ect: 4g
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
accept: */*
origin: https://www.bing.com
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://www.bing.com/search?q=virus+download&cvid=64ee3a2dc60c4392b2e0a454ecd64ada&aqs=edge.4.69i57j0l6.4251j0j4&FORM=ANAB01&PC=U531
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: MUID=3B406B6AF21B62053DD77E00F377634B
cookie: _EDGE_S=F=1&SID=0E7AE11C3C4A6FE33003F4763D266EE2
cookie: _EDGE_V=1
cookie: SRCHD=AF=ANAB01
cookie: SRCHUID=V=2&GUID=E38AAEEFBAA84E6BBDE5B51739698DBE&dmnchg=1
cookie: ak_bmsc=E4F717C62D6A03B55FE517A8758AAA35~000000000000000000000000000000~YAAQ149lX2nJJiiUAQAA1CGwLxowCFng3+AW5wE/0o+C0HCcGM8ZGE2iL/QiVQv5fx2BLuEMcPtkyZOcimwKvqhmjOV78DVtjMKBBIkOVWW/h2j37B1KaOsdxZAihsg8GT51p/358UMalk0weGYdLwMv60D/8uqodMb/DsQj7LJzMHsCWJIPJnXpFYli2FtjCDH9nfNZ0MaUnrAoZPzDTIF6O0FrhkmPHjyO9I+9twq6oaYEnZbn3ObA0n6MQBh/9/hFAw/GUCq9/p3+fvQdiXBhEp4LsEor2ta3D8PYK52XeoYZhH55hiTMLEBU1/dqhWoAbCeMw6mpDiFi5LnUJCLQkeuNVw1gvIiPWR2maT+ZTBkBov6hi6R5KQ8YdpyUfV12Dz5w4yd0
cookie: MUIDB=3B406B6AF21B62053DD77E00F377634B
cookie: SRCHUSR=DOB=20250104&T=1735966859000
cookie: _C_ETH=1
cookie: _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2025-01-03T08:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2025-01-04T05:01:01.2211900+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=
cookie: _Rwho=u=d&ts=2025-01-04
cookie: _SS=PC=U531&SID=0E7AE11C3C4A6FE33003F4763D266EE2&R=3&RB=0&GB=0&RG=200&RP=0
cookie: dsc=order=ShopOrderDefault
cookie: SRCHHPGUSR=SRCHLANG=en&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=2898&DPR=1.0&UTC=0&PV=10.0&EXLTT=1&HV=1735966861&WTS=63871563659
cookie: USRLOC=HS=1&ELOC=LAT=51.519901275634766|LON=-0.10880059748888016|N=London%2C%20Greater%20London|ELT=1|&BLOCK=TS=250104050101
cookie: ipv6=hit=1735970462143&t=4

Response

HTTP/2.0 204

access-control-allow-origin: *
date: Sat, 04 Jan 2025 05:01:13 GMT
alt-svc: h3=":443"; ma=93600
x-cdn-traceid: 0.d78f655f.1735966873.87507c0
GET

https://www.bing.com/favicon.ico

msedge.exe

Remote address:

95.101.143.219:443

Request

GET /favicon.ico HTTP/2.0
host: www.bing.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.bing.com/search?q=virus+download&cvid=64ee3a2dc60c4392b2e0a454ecd64ada&aqs=edge.4.69i57j0l6.4251j0j4&FORM=ANAB01&PC=U531
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: MUID=3B406B6AF21B62053DD77E00F377634B
cookie: _EDGE_S=F=1&SID=0E7AE11C3C4A6FE33003F4763D266EE2
cookie: _EDGE_V=1
cookie: SRCHD=AF=ANAB01
cookie: SRCHUID=V=2&GUID=E38AAEEFBAA84E6BBDE5B51739698DBE&dmnchg=1
cookie: ak_bmsc=E4F717C62D6A03B55FE517A8758AAA35~000000000000000000000000000000~YAAQ149lX2nJJiiUAQAA1CGwLxowCFng3+AW5wE/0o+C0HCcGM8ZGE2iL/QiVQv5fx2BLuEMcPtkyZOcimwKvqhmjOV78DVtjMKBBIkOVWW/h2j37B1KaOsdxZAihsg8GT51p/358UMalk0weGYdLwMv60D/8uqodMb/DsQj7LJzMHsCWJIPJnXpFYli2FtjCDH9nfNZ0MaUnrAoZPzDTIF6O0FrhkmPHjyO9I+9twq6oaYEnZbn3ObA0n6MQBh/9/hFAw/GUCq9/p3+fvQdiXBhEp4LsEor2ta3D8PYK52XeoYZhH55hiTMLEBU1/dqhWoAbCeMw6mpDiFi5LnUJCLQkeuNVw1gvIiPWR2maT+ZTBkBov6hi6R5KQ8YdpyUfV12Dz5w4yd0
cookie: MUIDB=3B406B6AF21B62053DD77E00F377634B
cookie: SRCHUSR=DOB=20250104&T=1735966859000
cookie: _C_ETH=1
cookie: _RwBf=r=0&ilt=1&ihpd=0&ispd=1&rc=3&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2025-01-03T08:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&ard=0001-01-01T00:00:00.0000000&rwdbt=0&rwflt=0&rwaul2=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2025-01-04T05:01:01.2211900+00:00&rwred=0&wls=&wlb=&wle=&ccp=&cpt=&lka=0&lkt=0&aad=0&TH=
cookie: _Rwho=u=d&ts=2025-01-04
cookie: _SS=PC=U531&SID=0E7AE11C3C4A6FE33003F4763D266EE2&R=3&RB=0&GB=0&RG=200&RP=0
cookie: dsc=order=ShopOrderDefault
cookie: SRCHHPGUSR=SRCHLANG=en&DM=0&BRW=M&BRH=S&CW=1280&CH=609&SCW=1263&SCH=2898&DPR=1.0&UTC=0&PV=10.0&EXLTT=1&HV=1735966861&WTS=63871563659
cookie: USRLOC=HS=1&ELOC=LAT=51.519901275634766|LON=-0.10880059748888016|N=London%2C%20Greater%20London|ELT=1|&BLOCK=TS=250104050101
cookie: ipv6=hit=1735970462143&t=4
cookie: MSPTC=cIvokP_9jjXFUOMQTRzJwiGZHELTfRbMCvSYsuioq44

Response

HTTP/2.0 200

cache-control: public, max-age=15552000
content-length: 4286
content-type: image/x-icon
last-modified: Mon, 01 Jan 1601 00:00:00 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: FF7F9C6CB1714EC59EFAB3D4C612DCB2 Ref B: LTSEDGE1121 Ref C: 2023-01-04T16:48:40Z
date: Sat, 04 Jan 2025 05:01:13 GMT
alt-svc: h3=":443"; ma=93600
x-cdn-traceid: 0.d78f655f.1735966873.875080f
DNS

219.143.101.95.in-addr.arpa

Remote address:

8.8.8.8:53

Request

219.143.101.95.in-addr.arpa

IN PTR

Response

219.143.101.95.in-addr.arpa

IN PTR

a95-101-143-219deploystaticakamaitechnologiescom
DNS

th.bing.com

msedge.exe

Remote address:

8.8.8.8:53

Request

th.bing.com

IN A

Response

th.bing.com

IN CNAME

p-th.bing.com.trafficmanager.net

p-th.bing.com.trafficmanager.net

IN CNAME

th.bing.com.edgekey.net

th.bing.com.edgekey.net

IN CNAME

e86303.dscx.akamaiedge.net

e86303.dscx.akamaiedge.net

IN A

95.101.143.201

e86303.dscx.akamaiedge.net

IN A

95.101.143.219
DNS

r.bing.com

msedge.exe

Remote address:

8.8.8.8:53

Request

r.bing.com

IN A

Response

r.bing.com

IN CNAME

p-static.bing.trafficmanager.net

p-static.bing.trafficmanager.net

IN CNAME

r.bing.com.edgekey.net

r.bing.com.edgekey.net

IN CNAME

e86303.dscx.akamaiedge.net

e86303.dscx.akamaiedge.net

IN A

95.101.143.201

e86303.dscx.akamaiedge.net

IN A

95.101.143.219
GET

https://r.bing.com/rp/rkc4dXUuTwYj-GlQG8osxg1V2gE.br.css

msedge.exe

Remote address:

95.101.143.201:443

Request

GET /rp/rkc4dXUuTwYj-GlQG8osxg1V2gE.br.css HTTP/2.0
host: r.bing.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://www.bing.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: application/signed-exchange;v=b3;q=0.9,*/*;q=0.8
purpose: prefetch
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 7580
content-type: text/css
content-encoding: br
content-md5: bvn3bcoADdO+/AIh2nRUjg==
last-modified: Tue, 31 Dec 2024 03:34:44 GMT
etag: 0x8DD294C11620E10
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 636af61d-701e-0073-650b-5e9a53000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
akamai-grn: 0.966c645f.1735941631.79749
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
cache-control: public, no-transform, max-age=393272
expires: Wed, 08 Jan 2025 18:15:32 GMT
date: Sat, 04 Jan 2025 05:01:00 GMT
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.c58f655f.1735966860.3a566ed
timing-allow-origin: *
GET

https://r.bing.com/rp/83zI0hMJWlilJFob8oEJ4_0I6j4.br.js

msedge.exe

Remote address:

95.101.143.201:443

Request

GET /rp/83zI0hMJWlilJFob8oEJ4_0I6j4.br.js HTTP/2.0
host: r.bing.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://www.bing.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

last-modified: Thu, 10 Oct 2024 00:28:03 GMT
etag: 0x8DCE8C2678A65ED
akamai-grn: 0.46367a5c.1734358589.f926089
content-length: 2425
content-type: text/javascript; charset=utf-8
content-encoding: br
content-md5: QLqZvnBZLjc5NijnEXP26w==
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 2f4507f6-101e-0027-2cde-1a70d9000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
cache-control: public, no-transform, max-age=387717
expires: Wed, 08 Jan 2025 16:42:57 GMT
date: Sat, 04 Jan 2025 05:01:00 GMT
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.c58f655f.1735966860.3a56775
timing-allow-origin: *
GET

https://r.bing.com/rp/HndC9IrfiOmnQLZpq0bxaPUIDII.br.js

msedge.exe

Remote address:

95.101.143.201:443

Request

GET /rp/HndC9IrfiOmnQLZpq0bxaPUIDII.br.js HTTP/2.0
host: r.bing.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://www.bing.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

last-modified: Thu, 14 Nov 2024 09:56:24 GMT
etag: 0x8DD0492999C1FC5
content-length: 8977
content-type: text/javascript; charset=utf-8
content-encoding: br
content-md5: 7P/1lM50lR5NLXB84B2f6A==
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: e3b1b5a9-f01e-0040-2d9c-39c37e000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cache-control: public, no-transform, max-age=284673
expires: Tue, 07 Jan 2025 12:05:33 GMT
date: Sat, 04 Jan 2025 05:01:00 GMT
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.c58f655f.1735966860.3a56778
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/KLrSbzDKMog0mCiPcB9iwoEvlE4.br.js

msedge.exe

Remote address:

95.101.143.201:443

Request

GET /rp/KLrSbzDKMog0mCiPcB9iwoEvlE4.br.js HTTP/2.0
host: r.bing.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://www.bing.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

last-modified: Thu, 10 Oct 2024 00:29:02 GMT
etag: 0x8DCE8C28AC2EAB8
content-length: 2634
content-type: text/javascript; charset=utf-8
content-encoding: br
content-md5: YP0IUbsZfddh5LfrNKc0vw==
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 27aa3268-301e-0074-5e0d-236cd6000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
akamai-grn: 0.b8901002.1731409690.944a9f97
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
cache-control: public, no-transform, max-age=428548
expires: Thu, 09 Jan 2025 04:03:28 GMT
date: Sat, 04 Jan 2025 05:01:00 GMT
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.c58f655f.1735966860.3a56780
timing-allow-origin: *
GET

https://r.bing.com/rp/TaNyfCzxqBX9l7QZbgZUegopTuI.br.js

msedge.exe

Remote address:

95.101.143.201:443

Request

GET /rp/TaNyfCzxqBX9l7QZbgZUegopTuI.br.js HTTP/2.0
host: r.bing.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://www.bing.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

last-modified: Tue, 24 Sep 2024 06:26:40 GMT
etag: 0x8DCDC61D9BDA003
content-length: 932
content-type: text/javascript; charset=utf-8
content-encoding: br
content-md5: 4vFQ72ZNf8ORyGv0/A7BUA==
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 837d4e76-501e-0002-1798-16e86a000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cache-control: public, no-transform, max-age=102361
expires: Sun, 05 Jan 2025 09:27:01 GMT
date: Sat, 04 Jan 2025 05:01:00 GMT
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.c58f655f.1735966860.3a56791
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/cfKt7bw67nxWZkkgOIRReDE3rQI.br.js

msedge.exe

Remote address:

95.101.143.201:443

Request

GET /rp/cfKt7bw67nxWZkkgOIRReDE3rQI.br.js HTTP/2.0
host: r.bing.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://www.bing.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

last-modified: Thu, 10 Oct 2024 00:32:42 GMT
etag: 0x8DCE8C30DC01669
content-type: text/javascript; charset=utf-8
content-md5: e7f/zlZuzAgnEk3uqGLnHQ==
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 88ed3102-e01e-0076-31fe-1a6e2c000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
content-encoding: gzip
content-length: 264
vary: Accept-Encoding
cache-control: public, no-transform, max-age=401668
expires: Wed, 08 Jan 2025 20:35:28 GMT
date: Sat, 04 Jan 2025 05:01:00 GMT
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.c58f655f.1735966860.3a56792
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/6O1CvNJpGB5T4QGvosksEhnIbo4.br.js

msedge.exe

Remote address:

95.101.143.201:443

Request

GET /rp/6O1CvNJpGB5T4QGvosksEhnIbo4.br.js HTTP/2.0
host: r.bing.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://www.bing.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 1184
content-type: text/javascript; charset=utf-8
content-encoding: br
content-md5: vG1h+ad2ByVr1L4MKJZ7kQ==
last-modified: Mon, 16 Dec 2024 11:02:51 GMT
etag: 0x8DD1DC12F5170F5
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 9a7b2d54-b01e-0008-57e1-4ff1e3000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cache-control: public, no-transform, max-age=391197
expires: Wed, 08 Jan 2025 17:40:57 GMT
date: Sat, 04 Jan 2025 05:01:00 GMT
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.c58f655f.1735966860.3a56793
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/K3hC1_cQXGFr6cxRJVWYpzZJaAM.br.js

msedge.exe

Remote address:

95.101.143.201:443

Request

GET /rp/K3hC1_cQXGFr6cxRJVWYpzZJaAM.br.js HTTP/2.0
host: r.bing.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://www.bing.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

last-modified: Tue, 24 Sep 2024 06:11:30 GMT
etag: 0x8DCDC5FBB9234C6
content-type: text/javascript; charset=utf-8
content-md5: bJNwzHWywBuWP28bX2mBGQ==
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 605d44c1-701e-003c-2bf1-155e4b000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
content-encoding: gzip
content-length: 425
cache-control: public, no-transform, max-age=129987
expires: Sun, 05 Jan 2025 17:07:27 GMT
date: Sat, 04 Jan 2025 05:01:00 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.c58f655f.1735966860.3a56794
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/n23ANye7L3wtUcgKxoGHb7_ezc4.br.js

msedge.exe

Remote address:

95.101.143.201:443

Request

GET /rp/n23ANye7L3wtUcgKxoGHb7_ezc4.br.js HTTP/2.0
host: r.bing.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://www.bing.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

last-modified: Thu, 10 Oct 2024 00:32:51 GMT
etag: 0x8DCE8C3132785D7
content-length: 5065
content-type: text/javascript; charset=utf-8
content-encoding: br
content-md5: zen1RFa4GLG9w/XJIRfohw==
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 4527fc94-701e-001e-76de-1a307d000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cache-control: public, no-transform, max-age=153974
expires: Sun, 05 Jan 2025 23:47:14 GMT
date: Sat, 04 Jan 2025 05:01:00 GMT
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.c58f655f.1735966860.3a56795
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/DmYomXZ0p9--syG1mm6CnQwvRHg.br.js

msedge.exe

Remote address:

95.101.143.201:443

Request

GET /rp/DmYomXZ0p9--syG1mm6CnQwvRHg.br.js HTTP/2.0
host: r.bing.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://www.bing.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

last-modified: Thu, 10 Oct 2024 00:29:32 GMT
etag: 0x8DCE8C29C4714A6
akamai-grn: 0.521a1202.1731531555.6ac5c988
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
content-length: 64359
content-type: text/javascript; charset=utf-8
content-encoding: br
content-md5: yBOhuH8WUdZCzcrV/Ken2A==
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 1f3ed3c1-401e-0059-09df-1aef16000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cache-control: public, no-transform, max-age=194252
expires: Mon, 06 Jan 2025 10:58:32 GMT
date: Sat, 04 Jan 2025 05:01:00 GMT
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.c58f655f.1735966860.3a56796
timing-allow-origin: *
GET

https://r.bing.com/rp/2VYJBWEs9lbV3Q50EXL7TNnGBog.br.js

msedge.exe

Remote address:

95.101.143.201:443

Request

GET /rp/2VYJBWEs9lbV3Q50EXL7TNnGBog.br.js HTTP/2.0
host: r.bing.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://www.bing.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

last-modified: Tue, 24 Sep 2024 06:55:01 GMT
etag: 0x8DCDC65D005C0E0
content-type: text/javascript; charset=utf-8
content-md5: l5PXwpOyUFdqY44wmnrCag==
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: b4e3ce2a-b01e-0047-3072-1535fb000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
content-encoding: gzip
content-length: 467
cache-control: public, no-transform, max-age=202087
expires: Mon, 06 Jan 2025 13:09:07 GMT
date: Sat, 04 Jan 2025 05:01:00 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.c58f655f.1735966860.3a56798
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/lLk8XmbdNzzlnPRzVzDhaF9yjqw.br.js

msedge.exe

Remote address:

95.101.143.201:443

Request

GET /rp/lLk8XmbdNzzlnPRzVzDhaF9yjqw.br.js HTTP/2.0
host: r.bing.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://www.bing.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

last-modified: Tue, 24 Sep 2024 06:06:53 GMT
etag: 0x8DCDC5F1663B480
content-length: 714
content-type: text/javascript; charset=utf-8
content-encoding: br
content-md5: wQmZQwuzNQKGWvk013IgpA==
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 6610645e-101e-002c-1bc2-1768ad000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cache-control: public, no-transform, max-age=228948
expires: Mon, 06 Jan 2025 20:36:48 GMT
date: Sat, 04 Jan 2025 05:01:00 GMT
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.c58f655f.1735966860.3a56799
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/Gyuq2bqitqDJM0BeAkbKXGlQXNw.br.js

msedge.exe

Remote address:

95.101.143.201:443

Request

GET /rp/Gyuq2bqitqDJM0BeAkbKXGlQXNw.br.js HTTP/2.0
host: r.bing.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://www.bing.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

last-modified: Tue, 24 Sep 2024 06:57:19 GMT
etag: 0x8DCDC66220B7293
content-length: 806
content-type: text/javascript; charset=utf-8
content-encoding: br
content-md5: hRrTe9xFPcEQGLGPgVvjhw==
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 3ebc0f95-601e-0028-0205-169d2f000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cache-control: public, no-transform, max-age=70282
expires: Sun, 05 Jan 2025 00:32:22 GMT
date: Sat, 04 Jan 2025 05:01:00 GMT
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.c58f655f.1735966860.3a5679a
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/n21aGRCN5EKHB3qObygw029dyNU.br.js

msedge.exe

Remote address:

95.101.143.201:443

Request

GET /rp/n21aGRCN5EKHB3qObygw029dyNU.br.js HTTP/2.0
host: r.bing.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://www.bing.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

last-modified: Tue, 24 Sep 2024 05:52:56 GMT
etag: 0x8DCDC5D2377F40E
content-length: 156
content-type: text/javascript; charset=utf-8
content-encoding: br
content-md5: 0ApKmxnWdlgJ/r3VvxbmFQ==
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 2e3e1981-a01e-0058-3dc9-17eeeb000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cache-control: public, no-transform, max-age=131829
expires: Sun, 05 Jan 2025 17:38:09 GMT
date: Sat, 04 Jan 2025 05:01:00 GMT
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.c58f655f.1735966860.3a5679b
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/8CgcSSLayxEVUBf0swP_bQGMId8.br.js

msedge.exe

Remote address:

95.101.143.201:443

Request

GET /rp/8CgcSSLayxEVUBf0swP_bQGMId8.br.js HTTP/2.0
host: r.bing.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://www.bing.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

last-modified: Tue, 24 Sep 2024 06:29:34 GMT
etag: 0x8DCDC6241BA29EA
content-type: text/javascript; charset=utf-8
content-md5: xl2SFLZCQEcsZUNAUSfMmA==
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: ca734619-801e-006d-1b17-1540be000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
content-encoding: gzip
content-length: 393
cache-control: public, no-transform, max-age=48926
expires: Sat, 04 Jan 2025 18:36:26 GMT
date: Sat, 04 Jan 2025 05:01:00 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.c58f655f.1735966860.3a5679c
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/V_fBQ_iVmAgE_Ta_T-6BNXc0ZY4.br.js

msedge.exe

Remote address:

95.101.143.201:443

Request

GET /rp/V_fBQ_iVmAgE_Ta_T-6BNXc0ZY4.br.js HTTP/2.0
host: r.bing.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://www.bing.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

last-modified: Tue, 24 Sep 2024 05:55:43 GMT
etag: 0x8DCDC5D86C3D99C
content-length: 308
content-type: text/javascript; charset=utf-8
content-encoding: br
content-md5: rimZQyGjXssDEnuSlgMaJA==
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: bf18684d-701e-0078-63bc-188227000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cache-control: public, no-transform, max-age=120002
expires: Sun, 05 Jan 2025 14:21:02 GMT
date: Sat, 04 Jan 2025 05:01:00 GMT
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.c58f655f.1735966860.3a5679d
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/9xGNA8UskvA9WHF58zbLOHZ5HvI.br.js

msedge.exe

Remote address:

95.101.143.201:443

Request

GET /rp/9xGNA8UskvA9WHF58zbLOHZ5HvI.br.js HTTP/2.0
host: r.bing.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://www.bing.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

last-modified: Tue, 24 Sep 2024 06:36:19 GMT
etag: 0x8DCDC63331FF483
content-length: 312
content-type: text/javascript; charset=utf-8
content-encoding: br
content-md5: Ij6CMW7d9STrT+a4Nf7dFA==
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: cbc4fcef-801e-004f-35b8-162e88000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cache-control: public, no-transform, max-age=90006
expires: Sun, 05 Jan 2025 06:01:06 GMT
date: Sat, 04 Jan 2025 05:01:00 GMT
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.c58f655f.1735966860.3a5679e
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/_2I169N92jVtSc_VEsV0nma5sRY.br.js

msedge.exe

Remote address:

95.101.143.201:443

Request

GET /rp/_2I169N92jVtSc_VEsV0nma5sRY.br.js HTTP/2.0
host: r.bing.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://www.bing.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

last-modified: Tue, 24 Sep 2024 06:47:07 GMT
etag: 0x8DCDC64B5831289
content-length: 492
content-type: text/javascript; charset=utf-8
content-encoding: br
content-md5: rSmdN6tN5TS/1yEQ8Z6pNA==
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 7b418c73-801e-0022-3518-1684a6000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cache-control: public, no-transform, max-age=97385
expires: Sun, 05 Jan 2025 08:04:05 GMT
date: Sat, 04 Jan 2025 05:01:00 GMT
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.c58f655f.1735966860.3a5679f
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/gKwIRAF4fg7noG1zyeUz8x3Jdhc.br.js

msedge.exe

Remote address:

95.101.143.201:443

Request

GET /rp/gKwIRAF4fg7noG1zyeUz8x3Jdhc.br.js HTTP/2.0
host: r.bing.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://www.bing.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

last-modified: Thu, 10 Oct 2024 00:34:27 GMT
etag: 0x8DCE8C34C6E86D0
akamai-grn: 0.4c1a1202.1735103564.cd0d27e3
content-length: 1532
content-type: text/javascript; charset=utf-8
content-encoding: br
content-md5: 5WRb79OLEOB99g79FkaKhA==
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 88c6955a-701e-005a-3a0b-36ec11000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
cache-control: public, no-transform, max-age=88790
expires: Sun, 05 Jan 2025 05:40:50 GMT
date: Sat, 04 Jan 2025 05:01:00 GMT
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.c58f655f.1735966860.3a567a0
timing-allow-origin: *
GET

https://r.bing.com/rp/zL4sntecq0RmP6dobtS9Rd5WRvU.br.js

msedge.exe

Remote address:

95.101.143.201:443

Request

GET /rp/zL4sntecq0RmP6dobtS9Rd5WRvU.br.js HTTP/2.0
host: r.bing.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://www.bing.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

last-modified: Tue, 24 Sep 2024 07:02:01 GMT
etag: 0x8DCDC66CA2704F8
content-length: 635
content-type: text/javascript; charset=utf-8
content-encoding: br
content-md5: cbryIH17LuJqgju0sWrerw==
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 4c8af66e-001e-0033-6cab-16b3bd000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cache-control: public, no-transform, max-age=198247
expires: Mon, 06 Jan 2025 12:05:07 GMT
date: Sat, 04 Jan 2025 05:01:00 GMT
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.c58f655f.1735966860.3a567a1
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/psgXZvzYJMEW2ydikIk493Va1d4.br.js

msedge.exe

Remote address:

95.101.143.201:443

Request

GET /rp/psgXZvzYJMEW2ydikIk493Va1d4.br.js HTTP/2.0
host: r.bing.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://www.bing.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 399
content-type: application/x-javascript; charset=utf-8
server: Kestrel
access-control-allow-headers: *
access-control-allow-origin: *
content-encoding: br
last-modified: Fri, 20 Dec 2024 06:44:39 GMT
x-eventid: 67699eb273614b2d93eb4878e6953733
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, ECT, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
useragentreductionoptout: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
x-as-instrumentationoptions: AppServerLoggingMaster=1
x-as-machinename: DUBEEAP00010627
x-as-suppresssetcookie: 1
content-security-policy: script-src https: 'strict-dynamic' 'report-sample' 'wasm-unsafe-eval' 'nonce-B2FakQPSVuC5inHhZ5I4nAMvk1nM+WS3fGneoFZ6XI0='; base-uri 'self';report-to csp-endpoint
report-to: {"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingrms"}]}
cross-origin-resource-policy: cross-origin
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.75}
cache-control: public, max-age=371139
expires: Wed, 08 Jan 2025 12:06:39 GMT
date: Sat, 04 Jan 2025 05:01:00 GMT
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.c58f655f.1735966860.3a567a3
timing-allow-origin: *
GET

https://r.bing.com/rs/6r/x2/nj/nt6a1ZR520utsLoZmSYgwxdOPgI.js?or=w

msedge.exe

Remote address:

95.101.143.201:443

Request

GET /rs/6r/x2/nj/nt6a1ZR520utsLoZmSYgwxdOPgI.js?or=w HTTP/2.0
host: r.bing.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://www.bing.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

last-modified: Mon, 16 Dec 2024 04:25:34 GMT
etag: 0x8DD1D89AF04AAB6
content-length: 69606
content-type: text/javascript; charset=utf-8
content-encoding: br
content-md5: ad+ATQX4spqIJ4t9WC3SeQ==
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 47eff3ad-c01e-0025-7ee1-4f7223000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
akamai-grn: 0.bf8f655f.1734384147.1666a470
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
cache-control: public, no-transform, max-age=97493
expires: Sun, 05 Jan 2025 08:05:53 GMT
date: Sat, 04 Jan 2025 05:01:00 GMT
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.c58f655f.1735966860.3a56797
timing-allow-origin: *
GET

https://r.bing.com/rp/5L3iD467J3iJWEPwIjxlK0MMDpY.br.js

msedge.exe

Remote address:

95.101.143.201:443

Request

GET /rp/5L3iD467J3iJWEPwIjxlK0MMDpY.br.js HTTP/2.0
host: r.bing.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://www.bing.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

last-modified: Mon, 14 Oct 2024 19:41:54 GMT
etag: 0x8DCEC884215D06E
content-length: 772
content-type: text/javascript; charset=utf-8
content-encoding: br
content-md5: yaTET5I1fmUKhVemn0wu5w==
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: e27a8b4b-b01e-002a-217c-1e9fd5000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cache-control: public, no-transform, max-age=59193
expires: Sat, 04 Jan 2025 21:27:33 GMT
date: Sat, 04 Jan 2025 05:01:00 GMT
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.c58f655f.1735966860.3a567a4
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/c-kfqLSd-OD-g3VtLKozRdXMO14.br.js

msedge.exe

Remote address:

95.101.143.201:443

Request

GET /rp/c-kfqLSd-OD-g3VtLKozRdXMO14.br.js HTTP/2.0
host: r.bing.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://www.bing.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

last-modified: Thu, 10 Oct 2024 00:32:37 GMT
etag: 0x8DCE8C30A6A61DD
content-length: 7058
content-type: text/javascript; charset=utf-8
content-encoding: br
content-md5: /nrOcgcgG+7k8yxsmx1J4Q==
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 4805e060-e01e-005f-4dde-1a186e000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cache-control: public, no-transform, max-age=397180
expires: Wed, 08 Jan 2025 19:20:40 GMT
date: Sat, 04 Jan 2025 05:01:00 GMT
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.c58f655f.1735966860.3a567a5
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/K_V1CARn2Q2lTs5njJKUvUkHyi4.br.js

msedge.exe

Remote address:

95.101.143.201:443

Request

GET /rp/K_V1CARn2Q2lTs5njJKUvUkHyi4.br.js HTTP/2.0
host: r.bing.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://www.bing.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

last-modified: Tue, 24 Sep 2024 06:12:13 GMT
etag: 0x8DCDC5FD53B2D55
akamai-grn: 0.77d37a5c.1733909843.18c53f05
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
content-length: 140
content-type: text/javascript; charset=utf-8
content-encoding: br
content-md5: zk7Mu+IZ+1Afv84KFZt8XQ==
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 678b32bb-e01e-005f-480a-17186e000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cache-control: public, no-transform, max-age=397612
expires: Wed, 08 Jan 2025 19:27:52 GMT
date: Sat, 04 Jan 2025 05:01:00 GMT
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.c58f655f.1735966860.3a567ab
timing-allow-origin: *
GET

https://r.bing.com/rp/dUzSc2TJEdHviToK914Fg1aekPA.br.js

msedge.exe

Remote address:

95.101.143.201:443

Request

GET /rp/dUzSc2TJEdHviToK914Fg1aekPA.br.js HTTP/2.0
host: r.bing.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://www.bing.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

last-modified: Thu, 10 Oct 2024 00:32:36 GMT
etag: 0x8DCE8C30A28A766
content-length: 1707
content-type: text/javascript; charset=utf-8
content-encoding: br
content-md5: MkbY3tM5BoIJgMyWXEttiw==
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: e3c807ce-a01e-0053-0ade-1af69f000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
akamai-grn: 0.a1777b5c.1731632077.1360387
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
cache-control: public, no-transform, max-age=76362
expires: Sun, 05 Jan 2025 02:13:42 GMT
date: Sat, 04 Jan 2025 05:01:00 GMT
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.c58f655f.1735966860.3a567ac
timing-allow-origin: *
GET

https://r.bing.com/rp/8LIV7VPMYjV_ya4Ggnu8LBWQIQQ.br.js

msedge.exe

Remote address:

95.101.143.201:443

Request

GET /rp/8LIV7VPMYjV_ya4Ggnu8LBWQIQQ.br.js HTTP/2.0
host: r.bing.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://www.bing.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

last-modified: Tue, 24 Sep 2024 05:53:26 GMT
etag: 0x8DCDC5D351B0B64
akamai-grn: 0.3c367a5c.1734130313.11f3cc16
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
content-length: 626
content-type: text/javascript; charset=utf-8
content-encoding: br
content-md5: 6Xn7G4GYLjqWVjZYfi42LQ==
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 942ab205-401e-0070-59f5-179954000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cache-control: public, no-transform, max-age=63729
expires: Sat, 04 Jan 2025 22:43:09 GMT
date: Sat, 04 Jan 2025 05:01:00 GMT
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.c58f655f.1735966860.3a567ad
timing-allow-origin: *
GET

https://r.bing.com/rp/JTnIefOMiNK7DX11D7RY8i0_PKc.br.js

msedge.exe

Remote address:

95.101.143.201:443

Request

GET /rp/JTnIefOMiNK7DX11D7RY8i0_PKc.br.js HTTP/2.0
host: r.bing.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://www.bing.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

last-modified: Tue, 24 Sep 2024 06:10:36 GMT
etag: 0x8DCDC5F9B563C48
content-length: 168
content-type: text/javascript; charset=utf-8
content-encoding: br
content-md5: 10AmaEgXjFITcl8HP2hwyQ==
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 7603ac22-901e-0036-1f5b-1547c2000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cache-control: public, no-transform, max-age=81817
expires: Sun, 05 Jan 2025 03:44:37 GMT
date: Sat, 04 Jan 2025 05:01:00 GMT
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.c58f655f.1735966860.3a567ae
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/_Bf8WbhrPNleVJdfG-L0A8nld9c.br.js

msedge.exe

Remote address:

95.101.143.201:443

Request

GET /rp/_Bf8WbhrPNleVJdfG-L0A8nld9c.br.js HTTP/2.0
host: r.bing.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://www.bing.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

last-modified: Tue, 24 Sep 2024 06:36:36 GMT
etag: 0x8DCDC633D5EAA6A
akamai-grn: 0.3b367a5c.1734356121.f0fcb09
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
content-length: 282
content-type: text/javascript; charset=utf-8
content-encoding: br
content-md5: ZsrYRIS4X28M0gd5bb2Heg==
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: b2debb41-001e-0038-08c0-18abc9000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cache-control: public, no-transform, max-age=231263
expires: Mon, 06 Jan 2025 21:15:23 GMT
date: Sat, 04 Jan 2025 05:01:00 GMT
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.c58f655f.1735966860.3a567af
timing-allow-origin: *
GET

https://r.bing.com/rp/NfTD8Ovh04Y_Ni14YxqYB8R_2_Q.br.js

msedge.exe

Remote address:

95.101.143.201:443

Request

GET /rp/NfTD8Ovh04Y_Ni14YxqYB8R_2_Q.br.js HTTP/2.0
host: r.bing.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://www.bing.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

last-modified: Tue, 24 Sep 2024 06:17:19 GMT
etag: 0x8DCDC608BA54CA4
content-length: 462
content-type: text/javascript; charset=utf-8
content-encoding: br
content-md5: fr82fvtvcsicFIwsSPlj7g==
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 7833081e-501e-006f-0ec0-154244000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cache-control: public, no-transform, max-age=114993
expires: Sun, 05 Jan 2025 12:57:33 GMT
date: Sat, 04 Jan 2025 05:01:00 GMT
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.c58f655f.1735966860.3a567b0
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rs/6r/ku/jnc,nj/cNbseG2vlUH2ubvgjbDJtgTzQPo.js?or=w

msedge.exe

Remote address:

95.101.143.201:443

Request

GET /rs/6r/ku/jnc,nj/cNbseG2vlUH2ubvgjbDJtgTzQPo.js?or=w HTTP/2.0
host: r.bing.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://www.bing.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 241
content-type: application/x-javascript; charset=utf-8
server: Kestrel
access-control-allow-headers: *
access-control-allow-origin: *
content-encoding: br
last-modified: Mon, 23 Sep 2024 23:41:33 GMT
x-eventid: 671e9ade67c64afba6fb8118feece63c
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, ECT, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
useragentreductionoptout: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
x-as-instrumentationoptions: AppServerLoggingMaster=1
x-as-machinename: DUBEEAP0000E12C
x-as-suppresssetcookie: 1
content-security-policy: script-src https: 'strict-dynamic' 'report-sample' 'wasm-unsafe-eval' 'nonce-tslw9CbmAj3DVBOLLS03zESL3g+97Ufqa0RwxZYyWho='; base-uri 'self';report-to csp-endpoint
report-to: {"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingrms"}]}
cross-origin-resource-policy: cross-origin
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.75}
cache-control: public, max-age=101042
expires: Sun, 05 Jan 2025 09:05:02 GMT
date: Sat, 04 Jan 2025 05:01:00 GMT
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.c58f655f.1735966860.3a567b1
timing-allow-origin: *
GET

https://r.bing.com/rp/fRSNKQanUHk53F1a1Bi8UA71Qt4.br.js

msedge.exe

Remote address:

95.101.143.201:443

Request

GET /rp/fRSNKQanUHk53F1a1Bi8UA71Qt4.br.js HTTP/2.0
host: r.bing.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://www.bing.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

last-modified: Tue, 24 Sep 2024 06:46:13 GMT
etag: 0x8DCDC6494C9BF9A
content-length: 174
content-type: text/javascript; charset=utf-8
content-encoding: br
content-md5: +jWBJey2nJqR+pG7G7E28A==
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 7fcf8c82-301e-003b-4d01-17a8ce000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cache-control: public, no-transform, max-age=106571
expires: Sun, 05 Jan 2025 10:37:11 GMT
date: Sat, 04 Jan 2025 05:01:00 GMT
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.c58f655f.1735966860.3a567b2
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/mOy7YpeLJ3c40BBAFNUI6SmOUTY.br.js

msedge.exe

Remote address:

95.101.143.201:443

Request

GET /rp/mOy7YpeLJ3c40BBAFNUI6SmOUTY.br.js HTTP/2.0
host: r.bing.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://www.bing.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

last-modified: Tue, 24 Sep 2024 06:56:27 GMT
etag: 0x8DCDC66034C9278
content-length: 507
content-type: text/javascript; charset=utf-8
content-encoding: br
content-md5: Tm502hkAmxWuxzxBM7uX9A==
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: ac5bfa43-f01e-002d-2a9a-156950000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cache-control: public, no-transform, max-age=60290
expires: Sat, 04 Jan 2025 21:45:50 GMT
date: Sat, 04 Jan 2025 05:01:00 GMT
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.c58f655f.1735966860.3a567b3
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/6mZmj1db42G_jniFgdT7MCvBgyA.br.js

msedge.exe

Remote address:

95.101.143.201:443

Request

GET /rp/6mZmj1db42G_jniFgdT7MCvBgyA.br.js HTTP/2.0
host: r.bing.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://www.bing.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

last-modified: Tue, 24 Sep 2024 05:51:04 GMT
etag: 0x8DCDC5CE09E00D2
content-type: text/javascript; charset=utf-8
content-md5: kdgVpI0X+oWcnOv0ZCUuIA==
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: c27362a4-801e-0066-350e-1658ca000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
content-encoding: gzip
content-length: 415
cache-control: public, no-transform, max-age=57491
expires: Sat, 04 Jan 2025 20:59:11 GMT
date: Sat, 04 Jan 2025 05:01:00 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.c58f655f.1735966860.3a567b4
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/iY8PAEydb3lbGfuJiuA9ICzXgY8.br.js

msedge.exe

Remote address:

95.101.143.201:443

Request

GET /rp/iY8PAEydb3lbGfuJiuA9ICzXgY8.br.js HTTP/2.0
host: r.bing.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://www.bing.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

last-modified: Tue, 24 Sep 2024 06:50:43 GMT
etag: 0x8DCDC6535F306CD
content-length: 490
content-type: text/javascript; charset=utf-8
content-encoding: br
content-md5: 3vstlq/a5ZcE98e8La1vPw==
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 78ea1ccb-501e-006f-68f7-174244000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cache-control: public, no-transform, max-age=105654
expires: Sun, 05 Jan 2025 10:21:54 GMT
date: Sat, 04 Jan 2025 05:01:00 GMT
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.c58f655f.1735966860.3a567b5
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/UftfQbYuKvGGEUHPU3QGHYd90Z8.br.js

msedge.exe

Remote address:

95.101.143.201:443

Request

GET /rp/UftfQbYuKvGGEUHPU3QGHYd90Z8.br.js HTTP/2.0
host: r.bing.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://www.bing.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

last-modified: Tue, 24 Sep 2024 06:28:19 GMT
etag: 0x8DCDC62149C3678
content-length: 386
content-type: text/javascript; charset=utf-8
content-encoding: br
content-md5: 6W4GJTTFhKoLN+eXDWPo3Q==
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: e335d78d-401e-0052-2671-15f762000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cache-control: public, no-transform, max-age=198260
expires: Mon, 06 Jan 2025 12:05:20 GMT
date: Sat, 04 Jan 2025 05:01:00 GMT
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.c58f655f.1735966860.3a567b6
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/yZjAz6-B4hIBhJ6D3nAyY_Ebn44.br.js

msedge.exe

Remote address:

95.101.143.201:443

Request

GET /rp/yZjAz6-B4hIBhJ6D3nAyY_Ebn44.br.js HTTP/2.0
host: r.bing.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://www.bing.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

last-modified: Tue, 24 Sep 2024 07:15:09 GMT
etag: 0x8DCDC689FBBE351
content-length: 213
content-type: text/javascript; charset=utf-8
content-encoding: br
content-md5: WEjo6St2+BsB3AUDglK12Q==
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: b22d7820-f01e-0004-0f96-151f12000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cache-control: public, no-transform, max-age=85645
expires: Sun, 05 Jan 2025 04:48:25 GMT
date: Sat, 04 Jan 2025 05:01:00 GMT
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.c58f655f.1735966860.3a567b7
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/zlfm-hC70pZAs62UVTTl3KShKOE.br.js

msedge.exe

Remote address:

95.101.143.201:443

Request

GET /rp/zlfm-hC70pZAs62UVTTl3KShKOE.br.js HTTP/2.0
host: r.bing.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://www.bing.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

last-modified: Tue, 24 Sep 2024 07:16:51 GMT
etag: 0x8DCDC68DCA5DDA0
content-length: 446
content-type: text/javascript; charset=utf-8
content-encoding: br
content-md5: wMjND6gwy3LKsXBo8Ww74w==
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 7ce62b61-701e-003c-35fd-145e4b000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cache-control: public, no-transform, max-age=190422
expires: Mon, 06 Jan 2025 09:54:42 GMT
date: Sat, 04 Jan 2025 05:01:00 GMT
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.c58f655f.1735966860.3a567b8
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/DWZSY9SRnkHaYWjJ109REMim90A.br.js

msedge.exe

Remote address:

95.101.143.201:443

Request

GET /rp/DWZSY9SRnkHaYWjJ109REMim90A.br.js HTTP/2.0
host: r.bing.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://www.bing.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

last-modified: Thu, 10 Oct 2024 00:28:47 GMT
etag: 0x8DCE8C2817D87DF
akamai-grn: 0.521a1202.1735726851.93ac161e
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
content-length: 12101
content-type: text/javascript; charset=utf-8
content-encoding: br
content-md5: 63v18faN7ozJ98XstK/S+w==
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 44d1c45a-101e-002c-1bde-1a68ad000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cache-control: public, no-transform, max-age=190852
expires: Mon, 06 Jan 2025 10:01:52 GMT
date: Sat, 04 Jan 2025 05:01:00 GMT
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.c58f655f.1735966860.3a567b9
timing-allow-origin: *
GET

https://r.bing.com/rp/9uYIRoQB-ThMq970XKGeKvrMhL0.br.js

msedge.exe

Remote address:

95.101.143.201:443

Request

GET /rp/9uYIRoQB-ThMq970XKGeKvrMhL0.br.js HTTP/2.0
host: r.bing.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://www.bing.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

last-modified: Thu, 10 Oct 2024 00:28:16 GMT
etag: 0x8DCE8C26ED294B5
content-length: 65123
content-type: text/javascript; charset=utf-8
content-encoding: br
content-md5: ImVBVQpRkRw3Uhb3GEk/ZQ==
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 5ecfd2e8-701e-0015-5bde-1a2809000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cache-control: public, no-transform, max-age=324990
expires: Tue, 07 Jan 2025 23:17:30 GMT
date: Sat, 04 Jan 2025 05:01:00 GMT
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.c58f655f.1735966860.3a567ba
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/bdiAPlmUnJhdap3y8myDMEGlF4w.br.js

msedge.exe

Remote address:

95.101.143.201:443

Request

GET /rp/bdiAPlmUnJhdap3y8myDMEGlF4w.br.js HTTP/2.0
host: r.bing.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://www.bing.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

last-modified: Thu, 10 Oct 2024 00:31:13 GMT
etag: 0x8DCE8C2D89FAB3C
akamai-grn: 0.b5777b5c.1733825370.75fc16e
content-type: text/javascript; charset=utf-8
content-md5: G9Suce+Oaa1LX/2Nx9LctQ==
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 221f2fc7-501e-006f-3c09-1b4244000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
content-encoding: gzip
content-length: 19997
vary: Accept-Encoding
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
cache-control: public, no-transform, max-age=71930
expires: Sun, 05 Jan 2025 00:59:50 GMT
date: Sat, 04 Jan 2025 05:01:00 GMT
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.c58f655f.1735966860.3a567bb
timing-allow-origin: *
GET

https://r.bing.com/rp/WwTHOlBv_iLBpZXNWkp-HzVHgrM.br.js

msedge.exe

Remote address:

95.101.143.201:443

Request

GET /rp/WwTHOlBv_iLBpZXNWkp-HzVHgrM.br.js HTTP/2.0
host: r.bing.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://www.bing.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

last-modified: Thu, 10 Oct 2024 00:31:17 GMT
etag: 0x8DCE8C2DB362309
content-length: 3498
content-type: text/javascript; charset=utf-8
content-encoding: br
content-md5: qFAs4wCMzQBOlKg9KBk6eA==
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 1c8cd8dc-201e-0060-74de-1aafb2000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cache-control: public, no-transform, max-age=73503
expires: Sun, 05 Jan 2025 01:26:03 GMT
date: Sat, 04 Jan 2025 05:01:00 GMT
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.c58f655f.1735966860.3a567bc
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/CcMXS8Oo0OUnUE0LzYK9AFJ6la8.br.js

msedge.exe

Remote address:

95.101.143.201:443

Request

GET /rp/CcMXS8Oo0OUnUE0LzYK9AFJ6la8.br.js HTTP/2.0
host: r.bing.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://www.bing.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

last-modified: Tue, 24 Sep 2024 06:00:06 GMT
etag: 0x8DCDC5E23EBB645
content-type: text/javascript; charset=utf-8
content-md5: rqa21C4TqvhBKaqsPZN5dA==
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 3e65cb90-701e-005a-0f05-18ec11000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
content-encoding: gzip
content-length: 808
cache-control: public, no-transform, max-age=228012
expires: Mon, 06 Jan 2025 20:21:12 GMT
date: Sat, 04 Jan 2025 05:01:00 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.c58f655f.1735966860.3a567bd
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/1Jz2vFBGshGz47SHAQMwptTnpB0.br.js

msedge.exe

Remote address:

95.101.143.201:443

Request

GET /rp/1Jz2vFBGshGz47SHAQMwptTnpB0.br.js HTTP/2.0
host: r.bing.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://www.bing.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

last-modified: Mon, 14 Oct 2024 19:30:41 GMT
etag: 0x8DCEC86B0CE8A0B
content-length: 328
content-type: text/javascript; charset=utf-8
content-encoding: br
content-md5: 15JqyZBsCgkATXocOIdHMw==
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: cae10e54-701e-003c-20be-205e4b000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cache-control: public, no-transform, max-age=188723
expires: Mon, 06 Jan 2025 09:26:23 GMT
date: Sat, 04 Jan 2025 05:01:00 GMT
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.c58f655f.1735966860.3a567be
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/Cah4LahmcqZwMC9LQrNkz-q8yNA.br.js

msedge.exe

Remote address:

95.101.143.201:443

Request

GET /rp/Cah4LahmcqZwMC9LQrNkz-q8yNA.br.js HTTP/2.0
host: r.bing.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://www.bing.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

last-modified: Tue, 24 Sep 2024 06:00:08 GMT
etag: 0x8DCDC5E250561B1
content-length: 476
content-type: text/javascript; charset=utf-8
content-encoding: br
content-md5: dIetyGvEY3rWVcsphG5z6g==
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: f5164213-c01e-0048-32a8-14d80d000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cache-control: public, no-transform, max-age=371007
expires: Wed, 08 Jan 2025 12:04:27 GMT
date: Sat, 04 Jan 2025 05:01:00 GMT
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.c58f655f.1735966860.3a567bf
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/7q76z2PhZYQSlMklnpUZ4ZrWoeg.br.js

msedge.exe

Remote address:

95.101.143.201:443

Request

GET /rp/7q76z2PhZYQSlMklnpUZ4ZrWoeg.br.js HTTP/2.0
host: r.bing.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://www.bing.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

last-modified: Tue, 24 Sep 2024 05:52:30 GMT
etag: 0x8DCDC5D13CD0771
content-length: 310
content-type: text/javascript; charset=utf-8
content-encoding: br
content-md5: L5ADL4PV6f4x84onM+3pfQ==
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 3f330063-901e-0072-7fe6-159bae000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cache-control: public, no-transform, max-age=253772
expires: Tue, 07 Jan 2025 03:30:32 GMT
date: Sat, 04 Jan 2025 05:01:00 GMT
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.c58f655f.1735966860.3a567c0
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/MnlneN-7se6Sb8r2rU60mRHbccg.br.js

msedge.exe

Remote address:

95.101.143.201:443

Request

GET /rp/MnlneN-7se6Sb8r2rU60mRHbccg.br.js HTTP/2.0
host: r.bing.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://www.bing.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

last-modified: Tue, 24 Sep 2024 06:16:07 GMT
etag: 0x8DCDC6060BC5610
content-length: 247
content-type: text/javascript; charset=utf-8
content-encoding: br
content-md5: pDodX6p5WFhmpgGbyxGATg==
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: bd9fef0a-201e-0042-15cd-14c184000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cache-control: public, no-transform, max-age=137932
expires: Sun, 05 Jan 2025 19:19:52 GMT
date: Sat, 04 Jan 2025 05:01:00 GMT
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.c58f655f.1735966860.3a567c1
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/HqDsKR6xyRoUSYXXRfEdLVt772I.br.js

msedge.exe

Remote address:

95.101.143.201:443

Request

GET /rp/HqDsKR6xyRoUSYXXRfEdLVt772I.br.js HTTP/2.0
host: r.bing.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://www.bing.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

last-modified: Tue, 24 Sep 2024 06:08:01 GMT
etag: 0x8DCDC5F3F15CCC5
content-length: 304
content-type: text/javascript; charset=utf-8
content-encoding: br
content-md5: PX2MCYqpUzo58j8uZ/WgUQ==
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 04108e64-601e-000a-1875-17f319000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cache-control: public, no-transform, max-age=182731
expires: Mon, 06 Jan 2025 07:46:31 GMT
date: Sat, 04 Jan 2025 05:01:00 GMT
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.c58f655f.1735966860.3a567c2
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/u2MYL4Uj-EK9FdZPToQOipi2q40.br.js

msedge.exe

Remote address:

95.101.143.201:443

Request

GET /rp/u2MYL4Uj-EK9FdZPToQOipi2q40.br.js HTTP/2.0
host: r.bing.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://www.bing.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

last-modified: Tue, 24 Sep 2024 07:08:12 GMT
etag: 0x8DCDC67A73161B2
content-length: 485
content-type: text/javascript; charset=utf-8
content-encoding: br
content-md5: rEFXJrf0kyk8MofTblrrHg==
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 0ab25424-801e-000b-7a6d-16f2e4000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cache-control: public, no-transform, max-age=121713
expires: Sun, 05 Jan 2025 14:49:33 GMT
date: Sat, 04 Jan 2025 05:01:00 GMT
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.c58f655f.1735966860.3a567c3
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/IzifzVeZAFUPAOVXA0p1w_tvqEA.br.js

msedge.exe

Remote address:

95.101.143.201:443

Request

GET /rp/IzifzVeZAFUPAOVXA0p1w_tvqEA.br.js HTTP/2.0
host: r.bing.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://www.bing.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

last-modified: Fri, 06 Dec 2024 21:14:03 GMT
etag: 0x8DD163AE97BF649
content-length: 318
content-type: text/javascript; charset=utf-8
content-encoding: br
content-md5: CPKqpyd3O29Qao9K5FGPzQ==
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: bbcea579-c01e-0043-446a-48c079000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
akamai-grn: 0.9e777b5c.1733568767.12d6c659
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
cache-control: public, no-transform, max-age=310284
expires: Tue, 07 Jan 2025 19:12:24 GMT
date: Sat, 04 Jan 2025 05:01:00 GMT
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.c58f655f.1735966860.3a567c4
timing-allow-origin: *
GET

https://r.bing.com/rp/qFV8REKe2pPY9NqiNskjmDxjgdc.br.js

msedge.exe

Remote address:

95.101.143.201:443

Request

GET /rp/qFV8REKe2pPY9NqiNskjmDxjgdc.br.js HTTP/2.0
host: r.bing.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://www.bing.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

last-modified: Tue, 24 Sep 2024 07:02:23 GMT
etag: 0x8DCDC66D6FEC879
content-length: 1092
content-type: text/javascript; charset=utf-8
content-encoding: br
content-md5: v56DnyZo0+Ho77B8f6GoyA==
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: a08c9759-401e-0034-262f-174538000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cache-control: public, no-transform, max-age=318807
expires: Tue, 07 Jan 2025 21:34:27 GMT
date: Sat, 04 Jan 2025 05:01:00 GMT
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.c58f655f.1735966860.3a567c5
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/rbBaKhtkLVke-4PIWp9e6AV5_kg.br.js

msedge.exe

Remote address:

95.101.143.201:443

Request

GET /rp/rbBaKhtkLVke-4PIWp9e6AV5_kg.br.js HTTP/2.0
host: r.bing.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://www.bing.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

last-modified: Tue, 24 Sep 2024 07:04:52 GMT
etag: 0x8DCDC672FE75D26
content-type: text/javascript; charset=utf-8
content-md5: JYNnUW1D/Qe7hGsFi8+mBQ==
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 49b287de-b01e-0065-7294-165bcd000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
content-encoding: gzip
content-length: 437
cache-control: public, no-transform, max-age=99304
expires: Sun, 05 Jan 2025 08:36:04 GMT
date: Sat, 04 Jan 2025 05:01:00 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.c58f655f.1735966860.3a567c6
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/wJ4ypLxMemRfvxvJkUCpuYEBwew.br.js

msedge.exe

Remote address:

95.101.143.201:443

Request

GET /rp/wJ4ypLxMemRfvxvJkUCpuYEBwew.br.js HTTP/2.0
host: r.bing.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://www.bing.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

last-modified: Thu, 10 Oct 2024 00:33:23 GMT
etag: 0x8DCE8C3263B07E9
content-type: text/javascript; charset=utf-8
content-md5: 80z3xDtWBrHD/WXVZ9HXMQ==
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 1cee5333-201e-0060-39fe-1aafb2000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
content-encoding: gzip
content-length: 887
cache-control: public, no-transform, max-age=118814
expires: Sun, 05 Jan 2025 14:01:14 GMT
date: Sat, 04 Jan 2025 05:01:00 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.c58f655f.1735966860.3a567c7
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/RvRBoZ5KQDNHwbHfo-_ZBZIoYQo.br.js

msedge.exe

Remote address:

95.101.143.201:443

Request

GET /rp/RvRBoZ5KQDNHwbHfo-_ZBZIoYQo.br.js HTTP/2.0
host: r.bing.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://www.bing.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

last-modified: Tue, 24 Sep 2024 06:24:00 GMT
etag: 0x8DCDC617A7BA9F4
content-length: 792
content-type: text/javascript; charset=utf-8
content-encoding: br
content-md5: 3LAdJkykvHw5zfSSu6AY7w==
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: b3b09a98-601e-0001-234c-19eb6d000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cache-control: public, no-transform, max-age=20720
expires: Sat, 04 Jan 2025 10:46:20 GMT
date: Sat, 04 Jan 2025 05:01:00 GMT
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.c58f655f.1735966860.3a567c8
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/bzAVZoOHiaJeSbLoUcTPF4HPvJQ.br.js

msedge.exe

Remote address:

95.101.143.201:443

Request

GET /rp/bzAVZoOHiaJeSbLoUcTPF4HPvJQ.br.js HTTP/2.0
host: r.bing.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://www.bing.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

last-modified: Thu, 10 Oct 2024 00:32:28 GMT
etag: 0x8DCE8C305642E82
akamai-grn: 0.cd8f655f.1735638269.30d625b
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
content-length: 1453
content-type: text/javascript; charset=utf-8
content-encoding: br
content-md5: o0P31pAM8ZjqucLAMWUkZQ==
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 87018ea0-e01e-005f-5e2d-23186e000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cache-control: public, no-transform, max-age=103179
expires: Sun, 05 Jan 2025 09:40:39 GMT
date: Sat, 04 Jan 2025 05:01:00 GMT
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.c58f655f.1735966860.3a567c9
timing-allow-origin: *
GET

https://r.bing.com/rp/3s0czFTJyV5b3KCC7geWICWvvPs.br.js

msedge.exe

Remote address:

95.101.143.201:443

Request

GET /rp/3s0czFTJyV5b3KCC7geWICWvvPs.br.js HTTP/2.0
host: r.bing.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://www.bing.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

last-modified: Mon, 14 Oct 2024 19:37:29 GMT
etag: 0x8DCEC87A3ED1870
content-length: 1320
content-type: text/javascript; charset=utf-8
content-encoding: br
content-md5: F/FfhRxYlnuZTsg2+6i7VA==
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 4286f8ac-f01e-000f-2cda-210766000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cache-control: public, no-transform, max-age=226214
expires: Mon, 06 Jan 2025 19:51:14 GMT
date: Sat, 04 Jan 2025 05:01:00 GMT
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.c58f655f.1735966860.3a567cd
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/wNhUjm3kl_kvyfrio44J6j1zdYo.br.js

msedge.exe

Remote address:

95.101.143.201:443

Request

GET /rp/wNhUjm3kl_kvyfrio44J6j1zdYo.br.js HTTP/2.0
host: r.bing.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://www.bing.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

last-modified: Tue, 24 Sep 2024 07:11:33 GMT
etag: 0x8DCDC681EDAC2C8
content-length: 245
content-type: text/javascript; charset=utf-8
content-encoding: br
content-md5: ItmcJflzfwBqUrBIYlGXpQ==
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 261a5bac-401e-0034-7fb8-1b4538000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cache-control: public, no-transform, max-age=60851
expires: Sat, 04 Jan 2025 21:55:11 GMT
date: Sat, 04 Jan 2025 05:01:00 GMT
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.c58f655f.1735966860.3a567ce
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/gfI083AUtzdZuPReAN6CvS-Ca98.br.js

msedge.exe

Remote address:

95.101.143.201:443

Request

GET /rp/gfI083AUtzdZuPReAN6CvS-Ca98.br.js HTTP/2.0
host: r.bing.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://www.bing.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

last-modified: Thu, 10 Oct 2024 00:33:01 GMT
etag: 0x8DCE8C3193D5444
content-length: 9007
content-type: text/javascript; charset=utf-8
content-encoding: br
content-md5: K6mYdssyGKO2Fe2fyESYTg==
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: c2a1a5f9-c01e-0007-4fde-1a1c15000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
akamai-grn: 0.4c1a1202.1728548709.3c91120b
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
cache-control: public, no-transform, max-age=200689
expires: Mon, 06 Jan 2025 12:45:49 GMT
date: Sat, 04 Jan 2025 05:01:00 GMT
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.c58f655f.1735966860.3a567cf
timing-allow-origin: *
GET

https://r.bing.com/rp/R5OIlHZUEYWuNhJa46yx5Wir2pM.br.js

msedge.exe

Remote address:

95.101.143.201:443

Request

GET /rp/R5OIlHZUEYWuNhJa46yx5Wir2pM.br.js HTTP/2.0
host: r.bing.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://www.bing.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

last-modified: Tue, 24 Sep 2024 06:22:38 GMT
etag: 0x8DCDC6149E5871E
content-length: 585
content-type: text/javascript; charset=utf-8
content-encoding: br
content-md5: sbJ/BFEx86eoWqpF1v/OBg==
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 150042bc-501e-0002-6231-16e86a000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cache-control: public, no-transform, max-age=36481
expires: Sat, 04 Jan 2025 15:09:01 GMT
date: Sat, 04 Jan 2025 05:01:00 GMT
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.c58f655f.1735966860.3a567d0
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/2uwtCbrcHmq7VZthjm2jjm8hlTk.br.js

msedge.exe

Remote address:

95.101.143.201:443

Request

GET /rp/2uwtCbrcHmq7VZthjm2jjm8hlTk.br.js HTTP/2.0
host: r.bing.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://www.bing.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

last-modified: Thu, 17 Oct 2024 18:45:59 GMT
etag: 0x8DCEEDBF16716B4
content-type: text/javascript; charset=utf-8
content-md5: /wEAo+jqTIFShGVUYgIPGQ==
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: e8234102-301e-0019-6874-21c6f8000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
content-encoding: gzip
content-length: 581
cache-control: public, no-transform, max-age=151022
expires: Sun, 05 Jan 2025 22:58:02 GMT
date: Sat, 04 Jan 2025 05:01:00 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.c58f655f.1735966860.3a567d1
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/UJFGe_i3c1Lxhghza2lclR7CxpI.br.js

msedge.exe

Remote address:

95.101.143.201:443

Request

GET /rp/UJFGe_i3c1Lxhghza2lclR7CxpI.br.js HTTP/2.0
host: r.bing.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://www.bing.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 2766
content-type: text/javascript; charset=utf-8
content-encoding: br
content-md5: PkRqI9V277fNVfDgucCJ9w==
last-modified: Tue, 24 Dec 2024 04:00:18 GMT
etag: 0x8DD23CF7AB70C0C
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 2502f060-c01e-0061-3f0b-5eae4f000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
akamai-grn: 0.d4c71002.1735941632.215d3fc
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
cache-control: public, no-transform, max-age=393231
expires: Wed, 08 Jan 2025 18:14:51 GMT
date: Sat, 04 Jan 2025 05:01:00 GMT
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.c58f655f.1735966860.3a567d2
timing-allow-origin: *
GET

https://r.bing.com/rp/gGRPwribt8XPTQXpd2zkMD5o04w.br.js

msedge.exe

Remote address:

95.101.143.201:443

Request

GET /rp/gGRPwribt8XPTQXpd2zkMD5o04w.br.js HTTP/2.0
host: r.bing.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://www.bing.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

last-modified: Tue, 24 Sep 2024 06:47:16 GMT
etag: 0x8DCDC64BACB4BE8
content-type: text/javascript; charset=utf-8
content-md5: I/KVjWbAxZXfBeLqiVYi3w==
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: a0015b35-401e-0034-3bef-164538000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
content-encoding: gzip
content-length: 542
cache-control: public, no-transform, max-age=260061
expires: Tue, 07 Jan 2025 05:15:21 GMT
date: Sat, 04 Jan 2025 05:01:00 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.c58f655f.1735966860.3a567d3
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/mRnHl5xOMNMCkNGN3wISIz0ETug.br.js

msedge.exe

Remote address:

95.101.143.201:443

Request

GET /rp/mRnHl5xOMNMCkNGN3wISIz0ETug.br.js HTTP/2.0
host: r.bing.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://www.bing.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

last-modified: Fri, 22 Nov 2024 10:55:37 GMT
etag: 0x8DD0AE432F16745
content-length: 2290
content-type: text/javascript; charset=utf-8
content-encoding: br
content-md5: 0OgEsUc5afhLPnQZRYj75Q==
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 980edd47-f01e-0004-5908-3d1f12000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
akamai-grn: 0.d78f655f.1732309894.b56e24a
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
cache-control: public, no-transform, max-age=289372
expires: Tue, 07 Jan 2025 13:23:52 GMT
date: Sat, 04 Jan 2025 05:01:00 GMT
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.c58f655f.1735966860.3a567d4
timing-allow-origin: *
GET

https://r.bing.com/rp/X9zPQVZQzKFTYze2B2WNn1LJCS4.br.js

msedge.exe

Remote address:

95.101.143.201:443

Request

GET /rp/X9zPQVZQzKFTYze2B2WNn1LJCS4.br.js HTTP/2.0
host: r.bing.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://www.bing.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

last-modified: Tue, 24 Sep 2024 06:32:07 GMT
etag: 0x8DCDC629CF7A282
content-length: 172
content-type: text/javascript; charset=utf-8
content-encoding: br
content-md5: TLwZhqYro/p02/6N++ZW5g==
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: c41191e3-201e-0006-43ea-181de8000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cache-control: public, no-transform, max-age=31234
expires: Sat, 04 Jan 2025 13:41:34 GMT
date: Sat, 04 Jan 2025 05:01:00 GMT
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.c58f655f.1735966860.3a567d5
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/1u_LY-3P7BIagPGDkiUCRzkKi-0.br.js

msedge.exe

Remote address:

95.101.143.201:443

Request

GET /rp/1u_LY-3P7BIagPGDkiUCRzkKi-0.br.js HTTP/2.0
host: r.bing.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://www.bing.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

last-modified: Mon, 04 Nov 2024 04:21:32 GMT
etag: 0x8DCFC8829FC5441
content-type: text/javascript; charset=utf-8
content-md5: Db92/67CtFF0jljsKqPMeQ==
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 970268eb-501e-0002-421c-2fe86a000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
content-encoding: gzip
content-length: 482
cache-control: public, no-transform, max-age=186774
expires: Mon, 06 Jan 2025 08:53:54 GMT
date: Sat, 04 Jan 2025 05:01:00 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.c58f655f.1735966860.3a567d6
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/8aj_I6fSAQ2HauP0CPPAfDwa2j8.br.js

msedge.exe

Remote address:

95.101.143.201:443

Request

GET /rp/8aj_I6fSAQ2HauP0CPPAfDwa2j8.br.js HTTP/2.0
host: r.bing.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://www.bing.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

last-modified: Tue, 24 Sep 2024 05:53:13 GMT
etag: 0x8DCDC5D2D7EB1BF
content-length: 320
content-type: text/javascript; charset=utf-8
content-encoding: br
content-md5: DXeqkh2i/zZTwJ5wkgDOdw==
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 1e7cfa86-601e-000a-34f6-17f319000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cache-control: public, no-transform, max-age=304189
expires: Tue, 07 Jan 2025 17:30:49 GMT
date: Sat, 04 Jan 2025 05:01:00 GMT
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.c58f655f.1735966860.3a567d7
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/LTCT2zdUcB3ayDDUpC7BI5zxXuE.br.js

msedge.exe

Remote address:

95.101.143.201:443

Request

GET /rp/LTCT2zdUcB3ayDDUpC7BI5zxXuE.br.js HTTP/2.0
host: r.bing.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://www.bing.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

last-modified: Tue, 24 Sep 2024 06:14:00 GMT
etag: 0x8DCDC6014B09FF0
content-length: 542
content-type: text/javascript; charset=utf-8
content-encoding: br
content-md5: Jc7Bnfc4/wV22XT5OjPjLg==
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 96271d35-101e-002c-405a-1768ad000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cache-control: public, no-transform, max-age=43097
expires: Sat, 04 Jan 2025 16:59:17 GMT
date: Sat, 04 Jan 2025 05:01:00 GMT
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.c58f655f.1735966860.3a567de
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rs/6r/sQ/jnc,nj/2RFgnacsz6nPw9vvxd8AGFyaQr8.js?or=w

msedge.exe

Remote address:

95.101.143.201:443

Request

GET /rs/6r/sQ/jnc,nj/2RFgnacsz6nPw9vvxd8AGFyaQr8.js?or=w HTTP/2.0
host: r.bing.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://www.bing.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 248
content-type: application/x-javascript; charset=utf-8
server: Kestrel
access-control-allow-headers: *
access-control-allow-origin: *
content-encoding: gzip
last-modified: Fri, 20 Dec 2024 06:44:41 GMT
x-eventid: 676b57d50bd047c6b5cd7cc97aeb8073
useragentreductionoptout: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
x-as-instrumentationoptions: AppServerLoggingMaster=1
x-as-machinename: DUBEEAP0000E0AC
x-as-suppresssetcookie: 1
content-security-policy: script-src https: 'strict-dynamic' 'report-sample' 'wasm-unsafe-eval' 'nonce-WvxxHvAyivQBEpxKwJ888XdS8lmGb2wV5D9QLGTXlnc='; base-uri 'self';
cross-origin-resource-policy: cross-origin
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.75}
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingrms"}]}
cache-control: public, max-age=330847
expires: Wed, 08 Jan 2025 00:55:07 GMT
date: Sat, 04 Jan 2025 05:01:00 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.c58f655f.1735966860.3a567df
timing-allow-origin: *
GET

https://r.bing.com/rp/HdiojNH85n4iu87NAQvDH5bKMnM.br.js

msedge.exe

Remote address:

95.101.143.201:443

Request

GET /rp/HdiojNH85n4iu87NAQvDH5bKMnM.br.js HTTP/2.0
host: r.bing.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://www.bing.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

last-modified: Tue, 24 Sep 2024 06:07:47 GMT
etag: 0x8DCDC5F365A1AB8
content-length: 200
content-type: text/javascript; charset=utf-8
content-encoding: br
content-md5: xGpjcATT83Cyo4MSw4SamQ==
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 5a3b44f6-001e-0011-7337-16dd8b000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cache-control: public, no-transform, max-age=52107
expires: Sat, 04 Jan 2025 19:29:27 GMT
date: Sat, 04 Jan 2025 05:01:00 GMT
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.c58f655f.1735966860.3a567e0
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/s_KB_GYETp6JptI_mOoLcYDN4OY.br.js

msedge.exe

Remote address:

95.101.143.201:443

Request

GET /rp/s_KB_GYETp6JptI_mOoLcYDN4OY.br.js HTTP/2.0
host: r.bing.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://www.bing.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

last-modified: Tue, 24 Sep 2024 07:06:02 GMT
etag: 0x8DCDC675996C0F4
content-length: 1824
content-type: text/javascript; charset=utf-8
content-encoding: br
content-md5: 3Tj2RpIK8rOoXP8XXxZasg==
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: a214c601-b01e-002a-5c3c-179fd5000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cache-control: public, no-transform, max-age=275401
expires: Tue, 07 Jan 2025 09:31:01 GMT
date: Sat, 04 Jan 2025 05:01:00 GMT
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.c58f655f.1735966860.3a567e1
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/hSAjq6w-jLSduDuFCKOr-TOJIA4.br.js

msedge.exe

Remote address:

95.101.143.201:443

Request

GET /rp/hSAjq6w-jLSduDuFCKOr-TOJIA4.br.js HTTP/2.0
host: r.bing.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://www.bing.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 1228
content-type: text/javascript; charset=utf-8
content-encoding: br
content-md5: xGZmFvLovaV+vrOPPwbS7g==
last-modified: Mon, 23 Dec 2024 09:08:42 GMT
etag: 0x8DD23316609C95F
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 601ec1cb-b01e-006e-470b-5e43b9000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cache-control: public, no-transform, max-age=393175
expires: Wed, 08 Jan 2025 18:13:55 GMT
date: Sat, 04 Jan 2025 05:01:00 GMT
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.c58f655f.1735966860.3a567e2
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/WPedHfV8dQrn4qkif5azDZSqmn8.br.js

msedge.exe

Remote address:

95.101.143.201:443

Request

GET /rp/WPedHfV8dQrn4qkif5azDZSqmn8.br.js HTTP/2.0
host: r.bing.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://www.bing.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

last-modified: Tue, 24 Sep 2024 06:31:17 GMT
etag: 0x8DCDC627F380DA7
akamai-grn: 0.4c1a1202.1733907895.8b8f492
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
content-type: text/javascript; charset=utf-8
content-md5: 1Rf0xX8VNREaPigiNASk/Q==
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: e6aac681-201e-0042-1314-16c184000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
content-encoding: gzip
content-length: 632
cache-control: public, no-transform, max-age=156828
expires: Mon, 06 Jan 2025 00:34:48 GMT
date: Sat, 04 Jan 2025 05:01:00 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.c58f655f.1735966860.3a567e3
timing-allow-origin: *
GET

https://r.bing.com/rp/ARkHhpPGNjemsh-1_dUh9nylFLg.br.js

msedge.exe

Remote address:

95.101.143.201:443

Request

GET /rp/ARkHhpPGNjemsh-1_dUh9nylFLg.br.js HTTP/2.0
host: r.bing.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://www.bing.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 2059
content-type: text/javascript; charset=utf-8
content-encoding: br
content-md5: HxxeWmLbbUeUU8XtzzROdA==
last-modified: Wed, 25 Dec 2024 10:47:01 GMT
etag: 0x8DD24D176A0510A
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 442f1300-d01e-0057-0b0b-5e031d000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
akamai-grn: 0.9b777b5c.1735941355.11033ba2
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
cache-control: public, no-transform, max-age=393245
expires: Wed, 08 Jan 2025 18:15:05 GMT
date: Sat, 04 Jan 2025 05:01:00 GMT
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.c58f655f.1735966860.3a567e4
timing-allow-origin: *
GET

https://r.bing.com/rp/5jOFZTRZRQNYEniUpjuVlRlTSUA.br.js

msedge.exe

Remote address:

95.101.143.201:443

Request

GET /rp/5jOFZTRZRQNYEniUpjuVlRlTSUA.br.js HTTP/2.0
host: r.bing.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://www.bing.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

last-modified: Mon, 14 Oct 2024 19:42:33 GMT
etag: 0x8DCEC88590A49A7
content-length: 1737
content-type: text/javascript; charset=utf-8
content-encoding: br
content-md5: ADAJbopPIaunlKI/GZphBw==
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 0bf2c36c-f01e-004b-491d-23db0a000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cache-control: public, no-transform, max-age=48950
expires: Sat, 04 Jan 2025 18:36:50 GMT
date: Sat, 04 Jan 2025 05:01:00 GMT
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.c58f655f.1735966860.3a567e5
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/8BLbyUK5EaqCuzmCEcf9-meevmE.br.js

msedge.exe

Remote address:

95.101.143.201:443

Request

GET /rp/8BLbyUK5EaqCuzmCEcf9-meevmE.br.js HTTP/2.0
host: r.bing.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://www.bing.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

last-modified: Thu, 10 Oct 2024 00:28:12 GMT
etag: 0x8DCE8C26CBEA77D
content-length: 1934
content-type: text/javascript; charset=utf-8
content-encoding: br
content-md5: NwHEJrwNKfNaWOfUurgsUQ==
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 44d1d951-101e-002c-01de-1a68ad000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
akamai-grn: 0.521a1202.1730789205.321550f1
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
cache-control: public, no-transform, max-age=66836
expires: Sat, 04 Jan 2025 23:34:56 GMT
date: Sat, 04 Jan 2025 05:01:00 GMT
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.c58f655f.1735966860.3a567e6
timing-allow-origin: *
GET

https://r.bing.com/rp/YOfvioAlqeLJzUxJ3VRDJvFPi5Q.br.js

msedge.exe

Remote address:

95.101.143.201:443

Request

GET /rp/YOfvioAlqeLJzUxJ3VRDJvFPi5Q.br.js HTTP/2.0
host: r.bing.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://www.bing.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

last-modified: Thu, 10 Oct 2024 00:30:47 GMT
etag: 0x8DCE8C2C92E361F
content-length: 1979
content-type: text/javascript; charset=utf-8
content-encoding: br
content-md5: oCgEakDIKvDIYdA4zfrHhQ==
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 2670e517-b01e-006e-0df3-3243b9000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
akamai-grn: 0.b6901002.1731335752.14eb9c7
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
cache-control: public, no-transform, max-age=274552
expires: Tue, 07 Jan 2025 09:16:52 GMT
date: Sat, 04 Jan 2025 05:01:00 GMT
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.c58f655f.1735966860.3a567e7
timing-allow-origin: *
GET

https://r.bing.com/rp/7LkHIwasTuL6tufzeF3vEaazAxw.br.js

msedge.exe

Remote address:

95.101.143.201:443

Request

GET /rp/7LkHIwasTuL6tufzeF3vEaazAxw.br.js HTTP/2.0
host: r.bing.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://www.bing.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

last-modified: Tue, 24 Sep 2024 05:51:54 GMT
etag: 0x8DCDC5CFE789590
content-length: 1462
content-type: text/javascript; charset=utf-8
content-encoding: br
content-md5: YsxphTS643oFtIWrwjg5mA==
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 1d9838cf-b01e-002a-6ae9-149fd5000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cache-control: public, no-transform, max-age=167043
expires: Mon, 06 Jan 2025 03:25:03 GMT
date: Sat, 04 Jan 2025 05:01:00 GMT
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.c58f655f.1735966860.3a567e8
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/MCwdqGFTwqu20jt3177s57V4wZk.br.js

msedge.exe

Remote address:

95.101.143.201:443

Request

GET /rp/MCwdqGFTwqu20jt3177s57V4wZk.br.js HTTP/2.0
host: r.bing.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://www.bing.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

last-modified: Tue, 24 Sep 2024 06:14:44 GMT
etag: 0x8DCDC602EF80ACF
content-length: 92
content-type: text/javascript; charset=utf-8
content-encoding: br
content-md5: 6CIgOkytlGCbuuRvU1ESHg==
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 12652374-701e-0078-01eb-148227000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
akamai-grn: 0.b3777b5c.1727904385.ccaa679
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
cache-control: public, no-transform, max-age=79526
expires: Sun, 05 Jan 2025 03:06:26 GMT
date: Sat, 04 Jan 2025 05:01:00 GMT
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.c58f655f.1735966860.3a567e9
timing-allow-origin: *
GET

https://r.bing.com/rp/dDiRViGCXHkOBl6zHkdBDLk0yFg.br.js

msedge.exe

Remote address:

95.101.143.201:443

Request

GET /rp/dDiRViGCXHkOBl6zHkdBDLk0yFg.br.js HTTP/2.0
host: r.bing.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://www.bing.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

last-modified: Tue, 19 Nov 2024 04:13:15 GMT
etag: 0x8DD08507D665276
content-length: 955
content-type: text/javascript; charset=utf-8
content-encoding: br
content-md5: Kk0u9e/SalHwM0LSYxaS+g==
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: a67788bb-101e-0063-1eab-3aacb5000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
akamai-grn: 0.521a1202.1732053803.7ae27a55
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
cache-control: public, no-transform, max-age=247398
expires: Tue, 07 Jan 2025 01:44:18 GMT
date: Sat, 04 Jan 2025 05:01:00 GMT
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.c58f655f.1735966860.3a567ea
timing-allow-origin: *
GET

https://r.bing.com/rp/WvsAjDpxGd1ajigH6cH78uvLzBI.br.js

msedge.exe

Remote address:

95.101.143.201:443

Request

GET /rp/WvsAjDpxGd1ajigH6cH78uvLzBI.br.js HTTP/2.0
host: r.bing.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://www.bing.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 2931
content-type: text/javascript; charset=utf-8
content-encoding: br
content-md5: boJho9/dRbdiRsm7aBhA/Q==
last-modified: Wed, 25 Dec 2024 10:47:01 GMT
etag: 0x8DD24D176C8BA41
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 305a5264-a01e-0035-5c0b-5e44c5000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cache-control: public, no-transform, max-age=393132
expires: Wed, 08 Jan 2025 18:13:12 GMT
date: Sat, 04 Jan 2025 05:01:00 GMT
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.c58f655f.1735966860.3a567ef
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/qY42f0yZJzcOD6Gr6zubromZGRk.br.js

msedge.exe

Remote address:

95.101.143.201:443

Request

GET /rp/qY42f0yZJzcOD6Gr6zubromZGRk.br.js HTTP/2.0
host: r.bing.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://www.bing.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

last-modified: Thu, 10 Oct 2024 00:34:24 GMT
etag: 0x8DCE8C34A2EADC0
content-length: 2391
content-type: text/javascript; charset=utf-8
content-encoding: br
content-md5: UYaER6ThZGEud/Muajg45w==
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 02bb88ce-801e-006d-6dde-1a40be000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cache-control: public, no-transform, max-age=128494
expires: Sun, 05 Jan 2025 16:42:34 GMT
date: Sat, 04 Jan 2025 05:01:00 GMT
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.c58f655f.1735966860.3a567f0
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/g7NRXrmIjF1z4aM0YyGzJ3H8Tsc.br.js

msedge.exe

Remote address:

95.101.143.201:443

Request

GET /rp/g7NRXrmIjF1z4aM0YyGzJ3H8Tsc.br.js HTTP/2.0
host: r.bing.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://www.bing.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 11666
content-type: text/javascript; charset=utf-8
content-encoding: br
content-md5: b3MnZ0xA07I002VvYczIQQ==
last-modified: Mon, 23 Dec 2024 09:08:43 GMT
etag: 0x8DD2331661F49C1
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 50ba17c0-f01e-002d-5d0b-5e6950000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
akamai-grn: 0.521a1202.1735942274.e4be103f
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
cache-control: public, no-transform, max-age=393292
expires: Wed, 08 Jan 2025 18:15:52 GMT
date: Sat, 04 Jan 2025 05:01:00 GMT
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.c58f655f.1735966860.3a567f1
timing-allow-origin: *
GET

https://r.bing.com/rp/RMRjctrz--TNvbEliu0umBztyAQ.br.js

msedge.exe

Remote address:

95.101.143.201:443

Request

GET /rp/RMRjctrz--TNvbEliu0umBztyAQ.br.js HTTP/2.0
host: r.bing.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://www.bing.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

last-modified: Thu, 10 Oct 2024 00:30:57 GMT
etag: 0x8DCE8C2CF400D7F
content-type: text/javascript; charset=utf-8
content-md5: DTDL0ta8Z4w5qdHa9ZUG/Q==
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: b7db009a-d01e-005c-08fe-1a1b69000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
content-encoding: gzip
content-length: 2636
vary: Accept-Encoding
cache-control: public, no-transform, max-age=198104
expires: Mon, 06 Jan 2025 12:02:44 GMT
date: Sat, 04 Jan 2025 05:01:00 GMT
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.c58f655f.1735966860.3a567f2
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/6juFsmmZTw2skj7CvpgreXtsgqM.br.js

msedge.exe

Remote address:

95.101.143.201:443

Request

GET /rp/6juFsmmZTw2skj7CvpgreXtsgqM.br.js HTTP/2.0
host: r.bing.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://www.bing.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

last-modified: Tue, 24 Sep 2024 05:51:03 GMT
etag: 0x8DCDC5CDFF72AD3
content-length: 512
content-type: text/javascript; charset=utf-8
content-encoding: br
content-md5: V1kiVXzIRqmzPm5TrNimoA==
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: c2d94308-501e-006f-4b98-164244000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cache-control: public, no-transform, max-age=114173
expires: Sun, 05 Jan 2025 12:43:53 GMT
date: Sat, 04 Jan 2025 05:01:00 GMT
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.c58f655f.1735966860.3a567f3
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/CuoJ-XSESmq5e-S0atX4JdNgEbQ.br.js

msedge.exe

Remote address:

95.101.143.201:443

Request

GET /rp/CuoJ-XSESmq5e-S0atX4JdNgEbQ.br.js HTTP/2.0
host: r.bing.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://www.bing.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

last-modified: Tue, 24 Sep 2024 06:00:56 GMT
etag: 0x8DCDC5E41B5114A
akamai-grn: 0.3d367a5c.1734111191.a2e801d
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
content-length: 259
content-type: text/javascript; charset=utf-8
content-encoding: br
content-md5: jDpfrkHEWPKiRt+7YgCBFw==
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: f2c08729-201e-002f-4333-186baa000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cache-control: public, no-transform, max-age=188547
expires: Mon, 06 Jan 2025 09:23:27 GMT
date: Sat, 04 Jan 2025 05:01:00 GMT
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.c58f655f.1735966860.3a567f4
timing-allow-origin: *
GET

https://r.bing.com/rp/jJ4Nh5QSrSxNeZCoXz6QBAA-1pM.br.js

msedge.exe

Remote address:

95.101.143.201:443

Request

GET /rp/jJ4Nh5QSrSxNeZCoXz6QBAA-1pM.br.js HTTP/2.0
host: r.bing.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://www.bing.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

last-modified: Thu, 14 Nov 2024 09:56:33 GMT
etag: 0x8DD04929EE8EC69
content-type: text/javascript; charset=utf-8
content-md5: IYJzFG4gYZ14vnQdqTao+A==
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: f577b370-d01e-0018-6efe-36c705000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
content-encoding: gzip
content-length: 1268
cache-control: public, no-transform, max-age=100743
expires: Sun, 05 Jan 2025 09:00:03 GMT
date: Sat, 04 Jan 2025 05:01:00 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.c58f655f.1735966860.3a567f5
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/d2AC6-r9l7SefnJ0q5_pqEqXQEg.br.js

msedge.exe

Remote address:

95.101.143.201:443

Request

GET /rp/d2AC6-r9l7SefnJ0q5_pqEqXQEg.br.js HTTP/2.0
host: r.bing.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://www.bing.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

last-modified: Tue, 24 Sep 2024 06:42:16 GMT
etag: 0x8DCDC6407C1A310
akamai-grn: 0.8e777b5c.1733908120.93fd018
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
content-length: 268
content-type: text/javascript; charset=utf-8
content-encoding: br
content-md5: d0XbHvHNCWhJPrqJh3iUoQ==
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 331cfc95-901e-0014-30a9-1429f4000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cache-control: public, no-transform, max-age=141546
expires: Sun, 05 Jan 2025 20:20:06 GMT
date: Sat, 04 Jan 2025 05:01:00 GMT
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.c58f655f.1735966860.3a567fe
timing-allow-origin: *
GET

https://r.bing.com/rp/4a2l6ts7ENpX5gGW0kp5U2iD6h8.br.js

msedge.exe

Remote address:

95.101.143.201:443

Request

GET /rp/4a2l6ts7ENpX5gGW0kp5U2iD6h8.br.js HTTP/2.0
host: r.bing.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://www.bing.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

last-modified: Mon, 14 Oct 2024 19:39:05 GMT
etag: 0x8DCEC87DD067940
akamai-grn: 0.3a367a5c.1734346335.d86a23f
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
content-length: 658
content-type: text/javascript; charset=utf-8
content-encoding: br
content-md5: hmcBay1BgAVA4sBe4FzXJg==
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 0f1608e3-701e-0078-7e5d-318227000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cache-control: public, no-transform, max-age=326214
expires: Tue, 07 Jan 2025 23:37:54 GMT
date: Sat, 04 Jan 2025 05:01:00 GMT
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.c58f655f.1735966860.3a567ff
timing-allow-origin: *
GET

https://r.bing.com/rp/eKvcHdnNwo1WcxoSioV4ztnfZk8.br.js

msedge.exe

Remote address:

95.101.143.201:443

Request

GET /rp/eKvcHdnNwo1WcxoSioV4ztnfZk8.br.js HTTP/2.0
host: r.bing.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://www.bing.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

last-modified: Tue, 24 Sep 2024 06:44:16 GMT
etag: 0x8DCDC644F5E5FC5
akamai-grn: 0.d78f655f.1734116692.6b4a4b1
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
content-length: 1076
content-type: text/javascript; charset=utf-8
content-encoding: br
content-md5: oqLg+91b3FmpcS7e8iKMsQ==
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 5ae0b016-001e-0011-7a69-16dd8b000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cache-control: public, no-transform, max-age=147874
expires: Sun, 05 Jan 2025 22:05:34 GMT
date: Sat, 04 Jan 2025 05:01:00 GMT
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.c58f655f.1735966860.3a56800
timing-allow-origin: *
GET

https://r.bing.com/rp/Sv8bO2oxkbGjZh6Pe_GKzG1DtDU.br.js

msedge.exe

Remote address:

95.101.143.201:443

Request

GET /rp/Sv8bO2oxkbGjZh6Pe_GKzG1DtDU.br.js HTTP/2.0
host: r.bing.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://www.bing.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

last-modified: Fri, 13 Dec 2024 07:56:08 GMT
etag: 0x8DD1B4B9A365000
content-length: 474
content-type: text/javascript; charset=utf-8
content-encoding: br
content-md5: p/3mO7vALd9wD5esEzLGZw==
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: f8018f31-b01e-002a-1085-4d9fd5000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cache-control: public, no-transform, max-age=102489
expires: Sun, 05 Jan 2025 09:29:09 GMT
date: Sat, 04 Jan 2025 05:01:00 GMT
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.c58f655f.1735966860.3a56801
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/-2EVJNDwymhr08bVch00GwpjiDA.br.js

msedge.exe

Remote address:

95.101.143.201:443

Request

GET /rp/-2EVJNDwymhr08bVch00GwpjiDA.br.js HTTP/2.0
host: r.bing.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://www.bing.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

last-modified: Mon, 14 Oct 2024 19:24:23 GMT
etag: 0x8DCEC85CF372642
akamai-grn: 0.41367a5c.1734567131.ae45cb7
content-length: 1043
content-type: text/javascript; charset=utf-8
content-encoding: br
content-md5: PkxdhPHrMXZXxfqaK/YI3w==
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 6a67d116-b01e-0047-6073-1e35fb000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
cache-control: public, no-transform, max-age=254945
expires: Tue, 07 Jan 2025 03:50:05 GMT
date: Sat, 04 Jan 2025 05:01:00 GMT
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.c58f655f.1735966860.3a56802
timing-allow-origin: *
GET

https://r.bing.com/rp/lwgCOY8rCo0Ub0btSshwRlT9HWI.br.js

msedge.exe

Remote address:

95.101.143.201:443

Request

GET /rp/lwgCOY8rCo0Ub0btSshwRlT9HWI.br.js HTTP/2.0
host: r.bing.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://www.bing.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

last-modified: Tue, 24 Sep 2024 07:09:09 GMT
etag: 0x8DCDC67C959D1C6
content-length: 230
content-type: text/javascript; charset=utf-8
content-encoding: br
content-md5: e8o72fCkQwkU95GMyH4alQ==
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 6d410038-901e-0050-24ab-17f598000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cache-control: public, no-transform, max-age=106381
expires: Sun, 05 Jan 2025 10:34:02 GMT
date: Sat, 04 Jan 2025 05:01:01 GMT
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.c58f655f.1735966861.3a56aa4
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/ulJ3ckR0YcGpvIX6xhO4prJhEQQ.br.js

msedge.exe

Remote address:

95.101.143.201:443

Request

GET /rp/ulJ3ckR0YcGpvIX6xhO4prJhEQQ.br.js HTTP/2.0
host: r.bing.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://www.bing.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

last-modified: Wed, 09 Oct 2024 06:47:11 GMT
etag: 0x8DCE82E33DB4289
content-length: 263
content-type: text/javascript; charset=utf-8
content-encoding: br
content-md5: kSd0hTdqYlIKxD09mZrqMA==
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 19451da4-501e-0046-6040-1a3406000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cache-control: public, no-transform, max-age=422289
expires: Thu, 09 Jan 2025 02:19:10 GMT
date: Sat, 04 Jan 2025 05:01:01 GMT
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.c58f655f.1735966861.3a56aa3
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/ivu0QwP26BHIJjH_DSqboRdhsO0.br.js

msedge.exe

Remote address:

95.101.143.201:443

Request

GET /rp/ivu0QwP26BHIJjH_DSqboRdhsO0.br.js HTTP/2.0
host: r.bing.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://www.bing.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

last-modified: Thu, 14 Nov 2024 09:56:27 GMT
etag: 0x8DD04929B4990FB
content-length: 3910
content-type: text/javascript; charset=utf-8
content-encoding: br
content-md5: PtU28jG6dGjHkVaL3KCYNw==
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: d0661e89-601e-0001-5ebb-36eb6d000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
akamai-grn: 0.4c1a1202.1731633549.1b47e7a9
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
cache-control: public, no-transform, max-age=305866
expires: Tue, 07 Jan 2025 17:58:47 GMT
date: Sat, 04 Jan 2025 05:01:01 GMT
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.c58f655f.1735966861.3a56afd
timing-allow-origin: *
GET

https://r.bing.com/rp/rSGsMdC73uduuQlIQndCFjDqLb0.br.js

msedge.exe

Remote address:

95.101.143.201:443

Request

GET /rp/rSGsMdC73uduuQlIQndCFjDqLb0.br.js HTTP/2.0
host: r.bing.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://www.bing.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

last-modified: Fri, 06 Dec 2024 06:22:02 GMT
etag: 0x8DD15BE4C6397FE
content-length: 26625
content-type: text/javascript; charset=utf-8
content-encoding: br
content-md5: XepiajoIzA8mdkJ+Qn60Zw==
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 3e7e202c-d01e-0018-5612-48c705000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cache-control: public, no-transform, max-age=306083
expires: Tue, 07 Jan 2025 18:02:24 GMT
date: Sat, 04 Jan 2025 05:01:01 GMT
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.c58f655f.1735966861.3a56cd1
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
GET

https://r.bing.com/rp/VKotk_QDV7V7jdYhLvGcrJlzHyE.br.js

msedge.exe

Remote address:

95.101.143.201:443

Request

GET /rp/VKotk_QDV7V7jdYhLvGcrJlzHyE.br.js HTTP/2.0
host: r.bing.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://www.bing.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

last-modified: Thu, 19 Dec 2024 07:35:51 GMT
etag: 0x8DD1FFFC369A694
content-length: 13175
content-type: text/javascript; charset=utf-8
content-encoding: br
content-md5: P40kHkuCONKLasanvjGRrw==
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: db369e47-001e-0033-7847-52b3bd000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
akamai-grn: 0.b9777b5c.1734647892.11159358
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
cache-control: public, no-transform, max-age=237288
expires: Mon, 06 Jan 2025 22:55:49 GMT
date: Sat, 04 Jan 2025 05:01:01 GMT
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.c58f655f.1735966861.3a56cd4
timing-allow-origin: *
DNS

201.143.101.95.in-addr.arpa

Remote address:

8.8.8.8:53

Request

201.143.101.95.in-addr.arpa

IN PTR

Response

201.143.101.95.in-addr.arpa

IN PTR

a95-101-143-201deploystaticakamaitechnologiescom
DNS

login.microsoftonline.com

msedge.exe

Remote address:

8.8.8.8:53

Request

login.microsoftonline.com

IN A

Response

login.microsoftonline.com

IN CNAME

login.mso.msidentity.com

login.mso.msidentity.com

IN CNAME

ak.privatelink.msidentity.com

ak.privatelink.msidentity.com

IN CNAME

www.tm.ak.prd.aadg.akadns.net

www.tm.ak.prd.aadg.akadns.net

IN A

20.190.160.20

www.tm.ak.prd.aadg.akadns.net

IN A

40.126.32.134

www.tm.ak.prd.aadg.akadns.net

IN A

40.126.32.68

www.tm.ak.prd.aadg.akadns.net

IN A

20.190.160.17

www.tm.ak.prd.aadg.akadns.net

IN A

40.126.32.140

www.tm.ak.prd.aadg.akadns.net

IN A

40.126.32.74

www.tm.ak.prd.aadg.akadns.net

IN A

40.126.32.72

www.tm.ak.prd.aadg.akadns.net

IN A

40.126.32.133
GET

https://login.microsoftonline.com/common/oauth2/authorize?client_id=9ea1ad79-fdb6-4f9a-8bc3-2b70f96e34c7&response_type=id_token+code&nonce=df3d6a2f-753b-41e4-94b9-5abdd29f9d55&redirect_uri=https%3a%2f%2fwww.bing.com%2forgid%2fidtoken%2fconditional&scope=openid%20email%20profile%209ea1ad79-fdb6-4f9a-8bc3-2b70f96e34c7/.default&response_mode=form_post&instance_aware=true&msafed=0&prompt=none&state=%7b%22ig%22%3a%2268C350558AEC472DBCCE420047970621%22%7d

msedge.exe

Remote address:

20.190.160.20:443

Request

GET /common/oauth2/authorize?client_id=9ea1ad79-fdb6-4f9a-8bc3-2b70f96e34c7&response_type=id_token+code&nonce=df3d6a2f-753b-41e4-94b9-5abdd29f9d55&redirect_uri=https%3a%2f%2fwww.bing.com%2forgid%2fidtoken%2fconditional&scope=openid%20email%20profile%209ea1ad79-fdb6-4f9a-8bc3-2b70f96e34c7/.default&response_mode=form_post&instance_aware=true&msafed=0&prompt=none&state=%7b%22ig%22%3a%2268C350558AEC472DBCCE420047970621%22%7d HTTP/2.0
host: login.microsoftonline.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: no-store, no-cache
pragma: no-cache
content-type: text/html; charset=utf-8
content-encoding: gzip
expires: -1
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
p3p: CP="DSP CUR OTPi IND OTRi ONL FIN"
x-ms-request-id: 0cbab647-4f1a-4b6f-9577-c28ae837ac01
x-ms-ests-server: 2.1.19683.3 - SEC ProdSlices
report-to: {"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+ams2"}]}
nel: {"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
x-ms-srs: 1.P
referrer-policy: strict-origin-when-cross-origin
content-security-policy-report-only: object-src 'none'; base-uri 'self'; script-src 'self' 'nonce-94IdAuEux_ehArtpd0-rnw' 'unsafe-inline' 'unsafe-eval' https://*.msauth.net https://*.msftauth.net https://*.msftauthimages.net https://*.msauthimages.net https://*.msidentity.com https://*.microsoftonline-p.com https://*.microsoftazuread-sso.com https://*.azureedge.net https://*.outlook.com https://*.office.com https://*.office365.com https://*.microsoft.com https://*.bing.com 'report-sample'; img-src 'self' data: https://*.msauth.net https://*.msftauth.net https://*.msftauthimages.net https://*.msauthimages.net https://*.msidentity.com https://*.microsoftonline-p.com https://*.microsoftazuread-sso.com https://*.azureedge.net https://*.outlook.com https://*.office.com https://*.office365.com https://*.microsoft.com https://*.bing.com 'report-sample'; report-uri https://csp.microsoft.com/report/ESTS-UX-All
x-xss-protection: 0
set-cookie: buid=1.ATAAMe_N-B6jSkuT5F9XHpElWnmtoZ62_ZpPi8MrcPluNMcBAAAwAA.AQABGgEAAADW6jl31mB3T7ugrWTT8pFeOXQusVD3apuCbX22E5xz-La_P7U5dcOoutGe8GLYXpqAhMWY0aiMdj2zbrJv_jc-CMStmM2UWq93E1vkf7FW-haB6T_nYmerzrlMzZrXQq0gAA; expires=Mon, 03-Feb-2025 05:01:01 GMT; path=/; secure; HttpOnly; SameSite=None
set-cookie: fpc=AhbAan0LfqVOkfK2C2exp5GCeMQLAQAAAIy3Ct8OAAAA; expires=Mon, 03-Feb-2025 05:01:01 GMT; path=/; secure; HttpOnly; SameSite=None
set-cookie: esctx=PAQABBwEAAADW6jl31mB3T7ugrWTT8pFeLHzldZCngbKcGq_GSiP4OGMDISVRHiMq1iR5oYEjv67S3bn3bgD4XLnZP9-lKlXGmRX4-_wCWTyuEiEwI7funM8uFVRtv7GYxCi_c5fWy-UwZbKvFEkTko7AQgfQUToYe9n_RiPDL3EzyYPJiEcptcaQZ_h2Kwv0Gd1qcjD0FhcgAA; domain=.login.microsoftonline.com; path=/; secure; HttpOnly; SameSite=None
set-cookie: x-ms-gateway-slice=estsfd; path=/; secure; samesite=none; httponly
set-cookie: stsservicecookie=estsfd; path=/; secure; samesite=none; httponly
date: Sat, 04 Jan 2025 05:01:01 GMT
content-length: 697
DNS

20.160.190.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

20.160.190.20.in-addr.arpa

IN PTR

Response
DNS

73.31.126.40.in-addr.arpa

Remote address:

8.8.8.8:53

Request

73.31.126.40.in-addr.arpa

IN PTR

Response
DNS

237.21.107.13.in-addr.arpa

Remote address:

8.8.8.8:53

Request

237.21.107.13.in-addr.arpa

IN PTR

Response
DNS

github.com

msedge.exe

Remote address:

8.8.8.8:53

Request

github.com

IN A

Response

github.com

IN A

20.26.156.215
GET

https://github.com/Da2dalus/The-MALWARE-Repo

msedge.exe

Remote address:

20.26.156.215:443

Request

GET /Da2dalus/The-MALWARE-Repo HTTP/2.0
host: github.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

server: GitHub.com
date: Sat, 04 Jan 2025 05:01:13 GMT
content-type: text/html; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
etag: W/"e1d0e3cc90370a7e5fb6d0f29642caee"
cache-control: max-age=0, private, must-revalidate
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
content-encoding: gzip
set-cookie: _gh_sess=qSTJHmFU1m7qknq%2Brcf9OK4yelXIzvYG9aA%2F3XrXNla6vLnvZXdBP8zVvxVXpHxNF9Bpx9JbgaOTtUGQz33yQWqTbcq6gPorBhpV%2FEhzkjG8CLsEWws7ukjU3CpNxIhKjCghT1BXy47YQstaw5%2F17nrRhPFORyLKQDe1zWvF4JcJ382PskvfvnHOXLN3gk9d1IixFsW6XqyCSm1HQMYzNBa95VefRcR3uRxQZcY%2F46E%2F9I26UbIrrNPIrI1WQ%2Fwj7%2Br9ApEcUrHOHxlbD3eLvA%3D%3D--187yTKHF4UbNAJdZ--mLgkHO2rrn2wNbxqiTrcTg%3D%3D; Path=/; HttpOnly; Secure; SameSite=Lax
set-cookie: _octo=GH1.1.1477616909.1735966873; Path=/; Domain=github.com; Expires=Sun, 04 Jan 2026 05:01:13 GMT; Secure; SameSite=Lax
set-cookie: logged_in=no; Path=/; Domain=github.com; Expires=Sun, 04 Jan 2026 05:01:13 GMT; HttpOnly; Secure; SameSite=Lax
accept-ranges: bytes
x-github-request-id: F62F:8CFA4:53915E0:67DD97D:6778C099
GET

https://github.com/Da2dalus/The-MALWARE-Repo/security/overall-count

msedge.exe

Remote address:

20.26.156.215:443

Request

GET /Da2dalus/The-MALWARE-Repo/security/overall-count HTTP/2.0
host: github.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
accept: text/fragment+html
dnt: 1
x-requested-with: XMLHttpRequest
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _gh_sess=qSTJHmFU1m7qknq%2Brcf9OK4yelXIzvYG9aA%2F3XrXNla6vLnvZXdBP8zVvxVXpHxNF9Bpx9JbgaOTtUGQz33yQWqTbcq6gPorBhpV%2FEhzkjG8CLsEWws7ukjU3CpNxIhKjCghT1BXy47YQstaw5%2F17nrRhPFORyLKQDe1zWvF4JcJ382PskvfvnHOXLN3gk9d1IixFsW6XqyCSm1HQMYzNBa95VefRcR3uRxQZcY%2F46E%2F9I26UbIrrNPIrI1WQ%2Fwj7%2Br9ApEcUrHOHxlbD3eLvA%3D%3D--187yTKHF4UbNAJdZ--mLgkHO2rrn2wNbxqiTrcTg%3D%3D
cookie: _octo=GH1.1.1477616909.1735966873
cookie: logged_in=no

Response

HTTP/2.0 200

server: GitHub.com
date: Sat, 04 Jan 2025 05:01:15 GMT
content-type: text/fragment+html; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
cache-control: max-age=14400, private
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
content-encoding: gzip
accept-ranges: bytes
content-length: 20
x-github-request-id: F62F:8CFA4:539164E:67DDA03:6778C099
GET

https://github.com/Da2dalus/The-MALWARE-Repo/hovercards/citation/sidebar_partial?tree_name=master

msedge.exe

Remote address:

20.26.156.215:443

Request

GET /Da2dalus/The-MALWARE-Repo/hovercards/citation/sidebar_partial?tree_name=master HTTP/2.0
host: github.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
accept: text/html
dnt: 1
x-requested-with: XMLHttpRequest
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _gh_sess=qSTJHmFU1m7qknq%2Brcf9OK4yelXIzvYG9aA%2F3XrXNla6vLnvZXdBP8zVvxVXpHxNF9Bpx9JbgaOTtUGQz33yQWqTbcq6gPorBhpV%2FEhzkjG8CLsEWws7ukjU3CpNxIhKjCghT1BXy47YQstaw5%2F17nrRhPFORyLKQDe1zWvF4JcJ382PskvfvnHOXLN3gk9d1IixFsW6XqyCSm1HQMYzNBa95VefRcR3uRxQZcY%2F46E%2F9I26UbIrrNPIrI1WQ%2Fwj7%2Br9ApEcUrHOHxlbD3eLvA%3D%3D--187yTKHF4UbNAJdZ--mLgkHO2rrn2wNbxqiTrcTg%3D%3D
cookie: _octo=GH1.1.1477616909.1735966873
cookie: logged_in=no

Response

HTTP/2.0 204

server: GitHub.com
date: Sat, 04 Jan 2025 05:01:15 GMT
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
cache-control: no-cache
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
x-github-request-id: F62F:8CFA4:539164E:67DDA04:6778C09A
GET

https://github.com/Da2dalus/The-MALWARE-Repo/used_by_list

msedge.exe

Remote address:

20.26.156.215:443

Request

GET /Da2dalus/The-MALWARE-Repo/used_by_list HTTP/2.0
host: github.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
accept: text/fragment+html
dnt: 1
x-requested-with: XMLHttpRequest
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _gh_sess=qSTJHmFU1m7qknq%2Brcf9OK4yelXIzvYG9aA%2F3XrXNla6vLnvZXdBP8zVvxVXpHxNF9Bpx9JbgaOTtUGQz33yQWqTbcq6gPorBhpV%2FEhzkjG8CLsEWws7ukjU3CpNxIhKjCghT1BXy47YQstaw5%2F17nrRhPFORyLKQDe1zWvF4JcJ382PskvfvnHOXLN3gk9d1IixFsW6XqyCSm1HQMYzNBa95VefRcR3uRxQZcY%2F46E%2F9I26UbIrrNPIrI1WQ%2Fwj7%2Br9ApEcUrHOHxlbD3eLvA%3D%3D--187yTKHF4UbNAJdZ--mLgkHO2rrn2wNbxqiTrcTg%3D%3D
cookie: _octo=GH1.1.1477616909.1735966873
cookie: logged_in=no

Response

HTTP/2.0 200

server: GitHub.com
date: Sat, 04 Jan 2025 05:01:15 GMT
content-type: text/plain; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
cache-control: no-cache
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
content-encoding: gzip
accept-ranges: bytes
content-length: 20
x-github-request-id: F62F:8CFA4:539164E:67DDA05:6778C09A
GET

https://github.com/Da2dalus/The-MALWARE-Repo/latest-commit/master

msedge.exe

Remote address:

20.26.156.215:443

Request

GET /Da2dalus/The-MALWARE-Repo/latest-commit/master HTTP/2.0
host: github.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: application/json
accept: application/json
x-requested-with: XMLHttpRequest
github-verified-fetch: true
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _gh_sess=qSTJHmFU1m7qknq%2Brcf9OK4yelXIzvYG9aA%2F3XrXNla6vLnvZXdBP8zVvxVXpHxNF9Bpx9JbgaOTtUGQz33yQWqTbcq6gPorBhpV%2FEhzkjG8CLsEWws7ukjU3CpNxIhKjCghT1BXy47YQstaw5%2F17nrRhPFORyLKQDe1zWvF4JcJ382PskvfvnHOXLN3gk9d1IixFsW6XqyCSm1HQMYzNBa95VefRcR3uRxQZcY%2F46E%2F9I26UbIrrNPIrI1WQ%2Fwj7%2Br9ApEcUrHOHxlbD3eLvA%3D%3D--187yTKHF4UbNAJdZ--mLgkHO2rrn2wNbxqiTrcTg%3D%3D
cookie: _octo=GH1.1.1477616909.1735966873
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light

Response

HTTP/2.0 200

server: GitHub.com
date: Sat, 04 Jan 2025 05:01:15 GMT
content-type: application/json; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
etag: W/"adc2c0d060742993a54f31416bc951e3"
cache-control: max-age=0, private, must-revalidate
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
content-encoding: gzip
accept-ranges: bytes
content-length: 79
x-github-request-id: F62F:8CFA4:5391666:67DDA20:6778C09B
GET

https://github.com/Da2dalus/The-MALWARE-Repo/refs?type=branch

msedge.exe

Remote address:

20.26.156.215:443

Request

GET /Da2dalus/The-MALWARE-Repo/refs?type=branch HTTP/2.0
host: github.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
accept: application/json
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _gh_sess=qSTJHmFU1m7qknq%2Brcf9OK4yelXIzvYG9aA%2F3XrXNla6vLnvZXdBP8zVvxVXpHxNF9Bpx9JbgaOTtUGQz33yQWqTbcq6gPorBhpV%2FEhzkjG8CLsEWws7ukjU3CpNxIhKjCghT1BXy47YQstaw5%2F17nrRhPFORyLKQDe1zWvF4JcJ382PskvfvnHOXLN3gk9d1IixFsW6XqyCSm1HQMYzNBa95VefRcR3uRxQZcY%2F46E%2F9I26UbIrrNPIrI1WQ%2Fwj7%2Br9ApEcUrHOHxlbD3eLvA%3D%3D--187yTKHF4UbNAJdZ--mLgkHO2rrn2wNbxqiTrcTg%3D%3D
cookie: _octo=GH1.1.1477616909.1735966873
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light

Response

HTTP/2.0 200

server: GitHub.com
date: Sat, 04 Jan 2025 05:01:15 GMT
content-type: application/json; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
etag: W/"57dd3ff551f8b3d10b3856a048bab63c"
cache-control: max-age=0, private, must-revalidate
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
content-encoding: gzip
accept-ranges: bytes
content-length: 53
x-github-request-id: F62F:8CFA4:5391666:67DDA23:6778C09B
GET

https://github.com/Da2dalus/The-MALWARE-Repo/tree-commit-info/master

msedge.exe

Remote address:

20.26.156.215:443

Request

GET /Da2dalus/The-MALWARE-Repo/tree-commit-info/master HTTP/2.0
host: github.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: application/json
accept: application/json
x-requested-with: XMLHttpRequest
github-verified-fetch: true
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _gh_sess=qSTJHmFU1m7qknq%2Brcf9OK4yelXIzvYG9aA%2F3XrXNla6vLnvZXdBP8zVvxVXpHxNF9Bpx9JbgaOTtUGQz33yQWqTbcq6gPorBhpV%2FEhzkjG8CLsEWws7ukjU3CpNxIhKjCghT1BXy47YQstaw5%2F17nrRhPFORyLKQDe1zWvF4JcJ382PskvfvnHOXLN3gk9d1IixFsW6XqyCSm1HQMYzNBa95VefRcR3uRxQZcY%2F46E%2F9I26UbIrrNPIrI1WQ%2Fwj7%2Br9ApEcUrHOHxlbD3eLvA%3D%3D--187yTKHF4UbNAJdZ--mLgkHO2rrn2wNbxqiTrcTg%3D%3D
cookie: _octo=GH1.1.1477616909.1735966873
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light

Response

HTTP/2.0 200

server: GitHub.com
date: Sat, 04 Jan 2025 05:01:15 GMT
content-type: application/json; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
etag: W/"ced17b2112827c8d5577d524acbe58b5"
cache-control: max-age=0, private, must-revalidate
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
content-encoding: gzip
accept-ranges: bytes
content-length: 632
x-github-request-id: F62F:8CFA4:5391666:67DDA1F:6778C09B
GET

https://github.com/Da2dalus/The-MALWARE-Repo/branch-and-tag-count

msedge.exe

Remote address:

20.26.156.215:443

Request

GET /Da2dalus/The-MALWARE-Repo/branch-and-tag-count HTTP/2.0
host: github.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: application/json
accept: application/json
x-requested-with: XMLHttpRequest
github-verified-fetch: true
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _gh_sess=qSTJHmFU1m7qknq%2Brcf9OK4yelXIzvYG9aA%2F3XrXNla6vLnvZXdBP8zVvxVXpHxNF9Bpx9JbgaOTtUGQz33yQWqTbcq6gPorBhpV%2FEhzkjG8CLsEWws7ukjU3CpNxIhKjCghT1BXy47YQstaw5%2F17nrRhPFORyLKQDe1zWvF4JcJ382PskvfvnHOXLN3gk9d1IixFsW6XqyCSm1HQMYzNBa95VefRcR3uRxQZcY%2F46E%2F9I26UbIrrNPIrI1WQ%2Fwj7%2Br9ApEcUrHOHxlbD3eLvA%3D%3D--187yTKHF4UbNAJdZ--mLgkHO2rrn2wNbxqiTrcTg%3D%3D
cookie: _octo=GH1.1.1477616909.1735966873
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light

Response

HTTP/2.0 200

server: GitHub.com
date: Sat, 04 Jan 2025 05:01:14 GMT
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
cache-control: max-age=604800, public
etag: W/"c75e05794d72230a695e880f1a6c83a4"
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
content-type: application/manifest+json; charset=utf-8
content-encoding: gzip
accept-ranges: bytes
content-length: 474
x-github-request-id: F62F:8CFA4:539166D:67DDA2D:6778C09B
GET

https://github.com/manifest.json

msedge.exe

Remote address:

20.26.156.215:443

Request

GET /manifest.json HTTP/2.0
host: github.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: manifest
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _gh_sess=qSTJHmFU1m7qknq%2Brcf9OK4yelXIzvYG9aA%2F3XrXNla6vLnvZXdBP8zVvxVXpHxNF9Bpx9JbgaOTtUGQz33yQWqTbcq6gPorBhpV%2FEhzkjG8CLsEWws7ukjU3CpNxIhKjCghT1BXy47YQstaw5%2F17nrRhPFORyLKQDe1zWvF4JcJ382PskvfvnHOXLN3gk9d1IixFsW6XqyCSm1HQMYzNBa95VefRcR3uRxQZcY%2F46E%2F9I26UbIrrNPIrI1WQ%2Fwj7%2Br9ApEcUrHOHxlbD3eLvA%3D%3D--187yTKHF4UbNAJdZ--mLgkHO2rrn2wNbxqiTrcTg%3D%3D
cookie: _octo=GH1.1.1477616909.1735966873
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 200

server: GitHub.com
date: Sat, 04 Jan 2025 05:01:15 GMT
content-type: application/json; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
etag: W/"07da86d5c2d3c431a0aa2221ab777c22"
cache-control: max-age=0, private, must-revalidate
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
content-encoding: gzip
accept-ranges: bytes
content-length: 1218
x-github-request-id: F62F:8CFA4:5391666:67DDA21:6778C09B
GET

https://github.com/Da2dalus/The-MALWARE-Repo/tree/master/Botnets/FritzFrog

msedge.exe

Remote address:

20.26.156.215:443

Request

GET /Da2dalus/The-MALWARE-Repo/tree/master/Botnets/FritzFrog HTTP/2.0
host: github.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
accept: text/html, application/xhtml+xml, application/json
dnt: 1
turbo-visit: true
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
x-react-app-name: repos-overview
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _gh_sess=qSTJHmFU1m7qknq%2Brcf9OK4yelXIzvYG9aA%2F3XrXNla6vLnvZXdBP8zVvxVXpHxNF9Bpx9JbgaOTtUGQz33yQWqTbcq6gPorBhpV%2FEhzkjG8CLsEWws7ukjU3CpNxIhKjCghT1BXy47YQstaw5%2F17nrRhPFORyLKQDe1zWvF4JcJ382PskvfvnHOXLN3gk9d1IixFsW6XqyCSm1HQMYzNBa95VefRcR3uRxQZcY%2F46E%2F9I26UbIrrNPIrI1WQ%2Fwj7%2Br9ApEcUrHOHxlbD3eLvA%3D%3D--187yTKHF4UbNAJdZ--mLgkHO2rrn2wNbxqiTrcTg%3D%3D
cookie: _octo=GH1.1.1477616909.1735966873
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 200

server: GitHub.com
date: Sat, 04 Jan 2025 05:01:26 GMT
content-type: text/html; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
etag: W/"506df76e69793fc23e74d83ddf8fc661"
cache-control: max-age=0, private, must-revalidate
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
content-encoding: gzip
x-html-safe: f355d345aaad762c8e0397f3b9960804b9024d5a6d82cb489786774f50ec4f62
accept-ranges: bytes
x-github-request-id: F62F:8CFA4:5391A16:67DDEC9:6778C09B
GET

https://github.com/Da2dalus/The-MALWARE-Repo/latest-commit/master/Botnets/FritzFrog

msedge.exe

Remote address:

20.26.156.215:443

Request

GET /Da2dalus/The-MALWARE-Repo/latest-commit/master/Botnets/FritzFrog HTTP/2.0
host: github.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: application/json
accept: application/json
x-requested-with: XMLHttpRequest
github-verified-fetch: true
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/tree/master/Botnets/FritzFrog
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _gh_sess=qSTJHmFU1m7qknq%2Brcf9OK4yelXIzvYG9aA%2F3XrXNla6vLnvZXdBP8zVvxVXpHxNF9Bpx9JbgaOTtUGQz33yQWqTbcq6gPorBhpV%2FEhzkjG8CLsEWws7ukjU3CpNxIhKjCghT1BXy47YQstaw5%2F17nrRhPFORyLKQDe1zWvF4JcJ382PskvfvnHOXLN3gk9d1IixFsW6XqyCSm1HQMYzNBa95VefRcR3uRxQZcY%2F46E%2F9I26UbIrrNPIrI1WQ%2Fwj7%2Br9ApEcUrHOHxlbD3eLvA%3D%3D--187yTKHF4UbNAJdZ--mLgkHO2rrn2wNbxqiTrcTg%3D%3D
cookie: _octo=GH1.1.1477616909.1735966873
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 200

server: GitHub.com
date: Sat, 04 Jan 2025 05:01:26 GMT
content-type: application/json; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
etag: W/"862701dfc1e7e24eed9026340b864b94"
cache-control: max-age=0, private, must-revalidate
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
content-encoding: gzip
accept-ranges: bytes
content-length: 940
x-github-request-id: F62F:8CFA4:5391A5B:67DDF26:6778C0A6
GET

https://github.com/Da2dalus/The-MALWARE-Repo/tree-commit-info/master/Botnets/FritzFrog

msedge.exe

Remote address:

20.26.156.215:443

Request

GET /Da2dalus/The-MALWARE-Repo/tree-commit-info/master/Botnets/FritzFrog HTTP/2.0
host: github.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: application/json
accept: application/json
x-requested-with: XMLHttpRequest
github-verified-fetch: true
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/tree/master/Botnets/FritzFrog
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _gh_sess=qSTJHmFU1m7qknq%2Brcf9OK4yelXIzvYG9aA%2F3XrXNla6vLnvZXdBP8zVvxVXpHxNF9Bpx9JbgaOTtUGQz33yQWqTbcq6gPorBhpV%2FEhzkjG8CLsEWws7ukjU3CpNxIhKjCghT1BXy47YQstaw5%2F17nrRhPFORyLKQDe1zWvF4JcJ382PskvfvnHOXLN3gk9d1IixFsW6XqyCSm1HQMYzNBa95VefRcR3uRxQZcY%2F46E%2F9I26UbIrrNPIrI1WQ%2Fwj7%2Br9ApEcUrHOHxlbD3eLvA%3D%3D--187yTKHF4UbNAJdZ--mLgkHO2rrn2wNbxqiTrcTg%3D%3D
cookie: _octo=GH1.1.1477616909.1735966873
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 200

server: GitHub.com
date: Sat, 04 Jan 2025 05:01:26 GMT
content-type: application/json; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
etag: W/"3b1ec0bc5e0864a5815defaffc90db22"
cache-control: max-age=0, private, must-revalidate
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
content-encoding: gzip
accept-ranges: bytes
content-length: 181
x-github-request-id: F62F:8CFA4:5391A5B:67DDF27:6778C0A6
GET

https://github.com/Da2dalus/The-MALWARE-Repo/deferred-metadata/master/Botnets/FritzFrog

msedge.exe

Remote address:

20.26.156.215:443

Request

GET /Da2dalus/The-MALWARE-Repo/deferred-metadata/master/Botnets/FritzFrog HTTP/2.0
host: github.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: application/json
accept: application/json
x-requested-with: XMLHttpRequest
github-verified-fetch: true
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/tree/master/Botnets/FritzFrog
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _gh_sess=qSTJHmFU1m7qknq%2Brcf9OK4yelXIzvYG9aA%2F3XrXNla6vLnvZXdBP8zVvxVXpHxNF9Bpx9JbgaOTtUGQz33yQWqTbcq6gPorBhpV%2FEhzkjG8CLsEWws7ukjU3CpNxIhKjCghT1BXy47YQstaw5%2F17nrRhPFORyLKQDe1zWvF4JcJ382PskvfvnHOXLN3gk9d1IixFsW6XqyCSm1HQMYzNBa95VefRcR3uRxQZcY%2F46E%2F9I26UbIrrNPIrI1WQ%2Fwj7%2Br9ApEcUrHOHxlbD3eLvA%3D%3D--187yTKHF4UbNAJdZ--mLgkHO2rrn2wNbxqiTrcTg%3D%3D
cookie: _octo=GH1.1.1477616909.1735966873
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 200

server: GitHub.com
date: Sat, 04 Jan 2025 05:01:26 GMT
content-type: application/json; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
etag: W/"c1f194401096172c1c40c464ed58f6de"
cache-control: max-age=0, private, must-revalidate
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
content-encoding: gzip
accept-ranges: bytes
content-length: 450
x-github-request-id: F62F:8CFA4:5391A5B:67DDF25:6778C0A6
GET

https://github.com/Da2dalus/The-MALWARE-Repo/commit/04c2652b7dabecab72b1018429f775575e1b6b9b/hovercard?subject=repository%3A271970028&current_path=%2FDa2dalus%2FThe-MALWARE-Repo%2Ftree%2Fmaster%2FBotnets%2FFritzFrog

msedge.exe

Remote address:

20.26.156.215:443

Request

GET /Da2dalus/The-MALWARE-Repo/commit/04c2652b7dabecab72b1018429f775575e1b6b9b/hovercard?subject=repository%3A271970028&current_path=%2FDa2dalus%2FThe-MALWARE-Repo%2Ftree%2Fmaster%2FBotnets%2FFritzFrog HTTP/2.0
host: github.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
x-requested-with: XMLHttpRequest
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/tree/master/Botnets/FritzFrog
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _gh_sess=qSTJHmFU1m7qknq%2Brcf9OK4yelXIzvYG9aA%2F3XrXNla6vLnvZXdBP8zVvxVXpHxNF9Bpx9JbgaOTtUGQz33yQWqTbcq6gPorBhpV%2FEhzkjG8CLsEWws7ukjU3CpNxIhKjCghT1BXy47YQstaw5%2F17nrRhPFORyLKQDe1zWvF4JcJ382PskvfvnHOXLN3gk9d1IixFsW6XqyCSm1HQMYzNBa95VefRcR3uRxQZcY%2F46E%2F9I26UbIrrNPIrI1WQ%2Fwj7%2Br9ApEcUrHOHxlbD3eLvA%3D%3D--187yTKHF4UbNAJdZ--mLgkHO2rrn2wNbxqiTrcTg%3D%3D
cookie: _octo=GH1.1.1477616909.1735966873
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 200

server: GitHub.com
date: Sat, 04 Jan 2025 05:01:39 GMT
content-type: text/html; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
etag: W/"f1bc87c40240bb3d0790b7c62abadec6"
cache-control: max-age=0, private, must-revalidate
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
content-encoding: gzip
x-html-safe: f355d345aaad762c8e0397f3b9960804b9024d5a6d82cb489786774f50ec4f62
accept-ranges: bytes
content-length: 1362
x-github-request-id: F62F:8CFA4:5391E08:67DE3EF:6778C0A6
GET

https://github.com/Da2dalus/The-MALWARE-Repo

msedge.exe

Remote address:

20.26.156.215:443

Request

GET /Da2dalus/The-MALWARE-Repo HTTP/2.0
host: github.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
accept: text/html, application/xhtml+xml
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
turbo-frame: repo-content-turbo-frame
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/tree/master/Botnets/FritzFrog
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _gh_sess=qSTJHmFU1m7qknq%2Brcf9OK4yelXIzvYG9aA%2F3XrXNla6vLnvZXdBP8zVvxVXpHxNF9Bpx9JbgaOTtUGQz33yQWqTbcq6gPorBhpV%2FEhzkjG8CLsEWws7ukjU3CpNxIhKjCghT1BXy47YQstaw5%2F17nrRhPFORyLKQDe1zWvF4JcJ382PskvfvnHOXLN3gk9d1IixFsW6XqyCSm1HQMYzNBa95VefRcR3uRxQZcY%2F46E%2F9I26UbIrrNPIrI1WQ%2Fwj7%2Br9ApEcUrHOHxlbD3eLvA%3D%3D--187yTKHF4UbNAJdZ--mLgkHO2rrn2wNbxqiTrcTg%3D%3D
cookie: _octo=GH1.1.1477616909.1735966873
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC
if-none-match: W/"e1d0e3cc90370a7e5fb6d0f29642caee"

Response

HTTP/2.0 200

server: GitHub.com
date: Sat, 04 Jan 2025 05:02:01 GMT
content-type: text/html; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
etag: W/"761f480a0f4522e81cdf65423cbae807"
cache-control: max-age=0, private, must-revalidate
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
content-encoding: gzip
x-html-safe: f355d345aaad762c8e0397f3b9960804b9024d5a6d82cb489786774f50ec4f62
accept-ranges: bytes
x-github-request-id: F62F:8CFA4:539254D:67DED6B:6778C0B3
GET

https://github.com/Da2dalus/The-MALWARE-Repo/latest-commit/master

msedge.exe

Remote address:

20.26.156.215:443

Request

GET /Da2dalus/The-MALWARE-Repo/latest-commit/master HTTP/2.0
host: github.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: application/json
accept: application/json
x-requested-with: XMLHttpRequest
github-verified-fetch: true
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _gh_sess=qSTJHmFU1m7qknq%2Brcf9OK4yelXIzvYG9aA%2F3XrXNla6vLnvZXdBP8zVvxVXpHxNF9Bpx9JbgaOTtUGQz33yQWqTbcq6gPorBhpV%2FEhzkjG8CLsEWws7ukjU3CpNxIhKjCghT1BXy47YQstaw5%2F17nrRhPFORyLKQDe1zWvF4JcJ382PskvfvnHOXLN3gk9d1IixFsW6XqyCSm1HQMYzNBa95VefRcR3uRxQZcY%2F46E%2F9I26UbIrrNPIrI1WQ%2Fwj7%2Br9ApEcUrHOHxlbD3eLvA%3D%3D--187yTKHF4UbNAJdZ--mLgkHO2rrn2wNbxqiTrcTg%3D%3D
cookie: _octo=GH1.1.1477616909.1735966873
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC
if-none-match: W/"ced17b2112827c8d5577d524acbe58b5"

Response

HTTP/2.0 304

server: GitHub.com
date: Sat, 04 Jan 2025 05:02:01 GMT
content-type: application/json; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
etag: W/"57dd3ff551f8b3d10b3856a048bab63c"
cache-control: max-age=0, private, must-revalidate
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
content-encoding: gzip
x-github-request-id: F62F:8CFA4:53925AC:67DEDDD:6778C0C9
GET

https://github.com/Da2dalus/The-MALWARE-Repo/tree-commit-info/master

msedge.exe

Remote address:

20.26.156.215:443

Request

GET /Da2dalus/The-MALWARE-Repo/tree-commit-info/master HTTP/2.0
host: github.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: application/json
accept: application/json
x-requested-with: XMLHttpRequest
github-verified-fetch: true
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _gh_sess=qSTJHmFU1m7qknq%2Brcf9OK4yelXIzvYG9aA%2F3XrXNla6vLnvZXdBP8zVvxVXpHxNF9Bpx9JbgaOTtUGQz33yQWqTbcq6gPorBhpV%2FEhzkjG8CLsEWws7ukjU3CpNxIhKjCghT1BXy47YQstaw5%2F17nrRhPFORyLKQDe1zWvF4JcJ382PskvfvnHOXLN3gk9d1IixFsW6XqyCSm1HQMYzNBa95VefRcR3uRxQZcY%2F46E%2F9I26UbIrrNPIrI1WQ%2Fwj7%2Br9ApEcUrHOHxlbD3eLvA%3D%3D--187yTKHF4UbNAJdZ--mLgkHO2rrn2wNbxqiTrcTg%3D%3D
cookie: _octo=GH1.1.1477616909.1735966873
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC
if-none-match: W/"07da86d5c2d3c431a0aa2221ab777c22"

Response

HTTP/2.0 304

server: GitHub.com
date: Sat, 04 Jan 2025 05:02:01 GMT
content-type: application/json; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
etag: W/"07da86d5c2d3c431a0aa2221ab777c22"
cache-control: max-age=0, private, must-revalidate
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
content-encoding: gzip
x-github-request-id: F62F:8CFA4:53925AB:67DEDDC:6778C0C9
GET

https://github.com/Da2dalus/The-MALWARE-Repo/branch-and-tag-count

msedge.exe

Remote address:

20.26.156.215:443

Request

GET /Da2dalus/The-MALWARE-Repo/branch-and-tag-count HTTP/2.0
host: github.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: application/json
accept: application/json
x-requested-with: XMLHttpRequest
github-verified-fetch: true
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _gh_sess=qSTJHmFU1m7qknq%2Brcf9OK4yelXIzvYG9aA%2F3XrXNla6vLnvZXdBP8zVvxVXpHxNF9Bpx9JbgaOTtUGQz33yQWqTbcq6gPorBhpV%2FEhzkjG8CLsEWws7ukjU3CpNxIhKjCghT1BXy47YQstaw5%2F17nrRhPFORyLKQDe1zWvF4JcJ382PskvfvnHOXLN3gk9d1IixFsW6XqyCSm1HQMYzNBa95VefRcR3uRxQZcY%2F46E%2F9I26UbIrrNPIrI1WQ%2Fwj7%2Br9ApEcUrHOHxlbD3eLvA%3D%3D--187yTKHF4UbNAJdZ--mLgkHO2rrn2wNbxqiTrcTg%3D%3D
cookie: _octo=GH1.1.1477616909.1735966873
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC
if-none-match: W/"57dd3ff551f8b3d10b3856a048bab63c"

Response

HTTP/2.0 304

server: GitHub.com
date: Sat, 04 Jan 2025 05:02:01 GMT
content-type: application/json; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
etag: W/"ced17b2112827c8d5577d524acbe58b5"
cache-control: max-age=0, private, must-revalidate
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
content-encoding: gzip
x-github-request-id: F62F:8CFA4:53925AB:67DEDDB:6778C0C9
GET

https://github.com/Da2dalus/The-MALWARE-Repo/hovercards/citation/sidebar_partial?tree_name=master

msedge.exe

Remote address:

20.26.156.215:443

Request

GET /Da2dalus/The-MALWARE-Repo/hovercards/citation/sidebar_partial?tree_name=master HTTP/2.0
host: github.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
accept: text/html
dnt: 1
x-requested-with: XMLHttpRequest
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _gh_sess=qSTJHmFU1m7qknq%2Brcf9OK4yelXIzvYG9aA%2F3XrXNla6vLnvZXdBP8zVvxVXpHxNF9Bpx9JbgaOTtUGQz33yQWqTbcq6gPorBhpV%2FEhzkjG8CLsEWws7ukjU3CpNxIhKjCghT1BXy47YQstaw5%2F17nrRhPFORyLKQDe1zWvF4JcJ382PskvfvnHOXLN3gk9d1IixFsW6XqyCSm1HQMYzNBa95VefRcR3uRxQZcY%2F46E%2F9I26UbIrrNPIrI1WQ%2Fwj7%2Br9ApEcUrHOHxlbD3eLvA%3D%3D--187yTKHF4UbNAJdZ--mLgkHO2rrn2wNbxqiTrcTg%3D%3D
cookie: _octo=GH1.1.1477616909.1735966873
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 204

server: GitHub.com
date: Sat, 04 Jan 2025 05:02:01 GMT
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
cache-control: no-cache
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
x-github-request-id: F62F:8CFA4:53925AF:67DEDE4:6778C0C9
GET

https://github.com/Da2dalus/The-MALWARE-Repo/used_by_list

msedge.exe

Remote address:

20.26.156.215:443

Request

GET /Da2dalus/The-MALWARE-Repo/used_by_list HTTP/2.0
host: github.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
accept: text/fragment+html
dnt: 1
x-requested-with: XMLHttpRequest
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _gh_sess=qSTJHmFU1m7qknq%2Brcf9OK4yelXIzvYG9aA%2F3XrXNla6vLnvZXdBP8zVvxVXpHxNF9Bpx9JbgaOTtUGQz33yQWqTbcq6gPorBhpV%2FEhzkjG8CLsEWws7ukjU3CpNxIhKjCghT1BXy47YQstaw5%2F17nrRhPFORyLKQDe1zWvF4JcJ382PskvfvnHOXLN3gk9d1IixFsW6XqyCSm1HQMYzNBa95VefRcR3uRxQZcY%2F46E%2F9I26UbIrrNPIrI1WQ%2Fwj7%2Br9ApEcUrHOHxlbD3eLvA%3D%3D--187yTKHF4UbNAJdZ--mLgkHO2rrn2wNbxqiTrcTg%3D%3D
cookie: _octo=GH1.1.1477616909.1735966873
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 200

server: GitHub.com
date: Sat, 04 Jan 2025 05:02:01 GMT
content-type: text/plain; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
cache-control: no-cache
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
content-encoding: gzip
accept-ranges: bytes
content-length: 20
x-github-request-id: F62F:8CFA4:53925AF:67DEDE5:6778C0C9
GET

https://github.com/Da2dalus/The-MALWARE-Repo/tree/master/Spyware

msedge.exe

Remote address:

20.26.156.215:443

Request

GET /Da2dalus/The-MALWARE-Repo/tree/master/Spyware HTTP/2.0
host: github.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
accept: text/html, application/xhtml+xml, application/json
dnt: 1
turbo-visit: true
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
x-react-app-name: repos-overview
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _gh_sess=qSTJHmFU1m7qknq%2Brcf9OK4yelXIzvYG9aA%2F3XrXNla6vLnvZXdBP8zVvxVXpHxNF9Bpx9JbgaOTtUGQz33yQWqTbcq6gPorBhpV%2FEhzkjG8CLsEWws7ukjU3CpNxIhKjCghT1BXy47YQstaw5%2F17nrRhPFORyLKQDe1zWvF4JcJ382PskvfvnHOXLN3gk9d1IixFsW6XqyCSm1HQMYzNBa95VefRcR3uRxQZcY%2F46E%2F9I26UbIrrNPIrI1WQ%2Fwj7%2Br9ApEcUrHOHxlbD3eLvA%3D%3D--187yTKHF4UbNAJdZ--mLgkHO2rrn2wNbxqiTrcTg%3D%3D
cookie: _octo=GH1.1.1477616909.1735966873
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 200

server: GitHub.com
date: Sat, 04 Jan 2025 05:02:13 GMT
content-type: text/html; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
etag: W/"8315c75f4b9e32a53ae221324ed5270b"
cache-control: max-age=0, private, must-revalidate
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
content-encoding: gzip
x-html-safe: f355d345aaad762c8e0397f3b9960804b9024d5a6d82cb489786774f50ec4f62
accept-ranges: bytes
x-github-request-id: F62F:8CFA4:53929A7:67DF2CB:6778C0C9
GET

https://github.com/Da2dalus/The-MALWARE-Repo/latest-commit/master/Spyware

msedge.exe

Remote address:

20.26.156.215:443

Request

GET /Da2dalus/The-MALWARE-Repo/latest-commit/master/Spyware HTTP/2.0
host: github.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: application/json
accept: application/json
x-requested-with: XMLHttpRequest
github-verified-fetch: true
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/tree/master/Spyware
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _gh_sess=qSTJHmFU1m7qknq%2Brcf9OK4yelXIzvYG9aA%2F3XrXNla6vLnvZXdBP8zVvxVXpHxNF9Bpx9JbgaOTtUGQz33yQWqTbcq6gPorBhpV%2FEhzkjG8CLsEWws7ukjU3CpNxIhKjCghT1BXy47YQstaw5%2F17nrRhPFORyLKQDe1zWvF4JcJ382PskvfvnHOXLN3gk9d1IixFsW6XqyCSm1HQMYzNBa95VefRcR3uRxQZcY%2F46E%2F9I26UbIrrNPIrI1WQ%2Fwj7%2Br9ApEcUrHOHxlbD3eLvA%3D%3D--187yTKHF4UbNAJdZ--mLgkHO2rrn2wNbxqiTrcTg%3D%3D
cookie: _octo=GH1.1.1477616909.1735966873
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 200

server: GitHub.com
date: Sat, 04 Jan 2025 05:02:13 GMT
content-type: application/json; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
etag: W/"a270d70c09d0b1cd5f9447ce22a0b288"
cache-control: max-age=0, private, must-revalidate
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
content-encoding: gzip
accept-ranges: bytes
content-length: 549
x-github-request-id: F62F:8CFA4:53929C9:67DF313:6778C0D5
GET

https://github.com/Da2dalus/The-MALWARE-Repo/tree-commit-info/master/Spyware

msedge.exe

Remote address:

20.26.156.215:443

Request

GET /Da2dalus/The-MALWARE-Repo/tree-commit-info/master/Spyware HTTP/2.0
host: github.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: application/json
accept: application/json
x-requested-with: XMLHttpRequest
github-verified-fetch: true
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/tree/master/Spyware
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _gh_sess=qSTJHmFU1m7qknq%2Brcf9OK4yelXIzvYG9aA%2F3XrXNla6vLnvZXdBP8zVvxVXpHxNF9Bpx9JbgaOTtUGQz33yQWqTbcq6gPorBhpV%2FEhzkjG8CLsEWws7ukjU3CpNxIhKjCghT1BXy47YQstaw5%2F17nrRhPFORyLKQDe1zWvF4JcJ382PskvfvnHOXLN3gk9d1IixFsW6XqyCSm1HQMYzNBa95VefRcR3uRxQZcY%2F46E%2F9I26UbIrrNPIrI1WQ%2Fwj7%2Br9ApEcUrHOHxlbD3eLvA%3D%3D--187yTKHF4UbNAJdZ--mLgkHO2rrn2wNbxqiTrcTg%3D%3D
cookie: _octo=GH1.1.1477616909.1735966873
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 200

server: GitHub.com
date: Sat, 04 Jan 2025 05:02:13 GMT
content-type: application/json; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
etag: W/"3b1ec0bc5e0864a5815defaffc90db22"
cache-control: max-age=0, private, must-revalidate
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
content-encoding: gzip
accept-ranges: bytes
content-length: 181
x-github-request-id: F62F:8CFA4:53929CA:67DF314:6778C0D5
GET

https://github.com/Da2dalus/The-MALWARE-Repo/deferred-metadata/master/Spyware

msedge.exe

Remote address:

20.26.156.215:443

Request

GET /Da2dalus/The-MALWARE-Repo/deferred-metadata/master/Spyware HTTP/2.0
host: github.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: application/json
accept: application/json
x-requested-with: XMLHttpRequest
github-verified-fetch: true
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/tree/master/Spyware
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _gh_sess=qSTJHmFU1m7qknq%2Brcf9OK4yelXIzvYG9aA%2F3XrXNla6vLnvZXdBP8zVvxVXpHxNF9Bpx9JbgaOTtUGQz33yQWqTbcq6gPorBhpV%2FEhzkjG8CLsEWws7ukjU3CpNxIhKjCghT1BXy47YQstaw5%2F17nrRhPFORyLKQDe1zWvF4JcJ382PskvfvnHOXLN3gk9d1IixFsW6XqyCSm1HQMYzNBa95VefRcR3uRxQZcY%2F46E%2F9I26UbIrrNPIrI1WQ%2Fwj7%2Br9ApEcUrHOHxlbD3eLvA%3D%3D--187yTKHF4UbNAJdZ--mLgkHO2rrn2wNbxqiTrcTg%3D%3D
cookie: _octo=GH1.1.1477616909.1735966873
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 200

server: GitHub.com
date: Sat, 04 Jan 2025 05:02:13 GMT
content-type: application/json; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
etag: W/"696181f8293023bd4bd075dfd4e92f6d"
cache-control: max-age=0, private, must-revalidate
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
content-encoding: gzip
accept-ranges: bytes
content-length: 443
x-github-request-id: F62F:8CFA4:53929C9:67DF312:6778C0D5
GET

https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Spyware/HawkEye.exe

msedge.exe

Remote address:

20.26.156.215:443

Request

GET /Da2dalus/The-MALWARE-Repo/blob/master/Spyware/HawkEye.exe HTTP/2.0
host: github.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: application/json
x-requested-with: XMLHttpRequest
x-react-router: json
x-github-target: dotcom
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Spyware/HawkEye.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _gh_sess=qSTJHmFU1m7qknq%2Brcf9OK4yelXIzvYG9aA%2F3XrXNla6vLnvZXdBP8zVvxVXpHxNF9Bpx9JbgaOTtUGQz33yQWqTbcq6gPorBhpV%2FEhzkjG8CLsEWws7ukjU3CpNxIhKjCghT1BXy47YQstaw5%2F17nrRhPFORyLKQDe1zWvF4JcJ382PskvfvnHOXLN3gk9d1IixFsW6XqyCSm1HQMYzNBa95VefRcR3uRxQZcY%2F46E%2F9I26UbIrrNPIrI1WQ%2Fwj7%2Br9ApEcUrHOHxlbD3eLvA%3D%3D--187yTKHF4UbNAJdZ--mLgkHO2rrn2wNbxqiTrcTg%3D%3D
cookie: _octo=GH1.1.1477616909.1735966873
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 200

server: GitHub.com
date: Sat, 04 Jan 2025 05:02:21 GMT
content-type: application/json; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
etag: W/"cf43f020d70137e1804aa25adef39be0"
cache-control: max-age=0, private, must-revalidate
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
content-encoding: gzip
accept-ranges: bytes
content-length: 1869
x-github-request-id: F62F:8CFA4:5392C45:67DF630:6778C0D5
GET

https://github.com/Da2dalus/The-MALWARE-Repo/latest-commit/master/Spyware/HawkEye.exe

msedge.exe

Remote address:

20.26.156.215:443

Request

GET /Da2dalus/The-MALWARE-Repo/latest-commit/master/Spyware/HawkEye.exe HTTP/2.0
host: github.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: application/json
accept: application/json
x-requested-with: XMLHttpRequest
github-verified-fetch: true
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Spyware/HawkEye.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _gh_sess=qSTJHmFU1m7qknq%2Brcf9OK4yelXIzvYG9aA%2F3XrXNla6vLnvZXdBP8zVvxVXpHxNF9Bpx9JbgaOTtUGQz33yQWqTbcq6gPorBhpV%2FEhzkjG8CLsEWws7ukjU3CpNxIhKjCghT1BXy47YQstaw5%2F17nrRhPFORyLKQDe1zWvF4JcJ382PskvfvnHOXLN3gk9d1IixFsW6XqyCSm1HQMYzNBa95VefRcR3uRxQZcY%2F46E%2F9I26UbIrrNPIrI1WQ%2Fwj7%2Br9ApEcUrHOHxlbD3eLvA%3D%3D--187yTKHF4UbNAJdZ--mLgkHO2rrn2wNbxqiTrcTg%3D%3D
cookie: _octo=GH1.1.1477616909.1735966873
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 200

server: GitHub.com
date: Sat, 04 Jan 2025 05:02:21 GMT
content-type: application/json; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
etag: W/"3b1ec0bc5e0864a5815defaffc90db22"
cache-control: max-age=0, private, must-revalidate
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
content-encoding: gzip
accept-ranges: bytes
content-length: 181
x-github-request-id: F62F:8CFA4:5392C57:67DF649:6778C0DD
GET

https://github.com/Da2dalus/The-MALWARE-Repo/deferred-metadata/master/Spyware/HawkEye.exe

msedge.exe

Remote address:

20.26.156.215:443

Request

GET /Da2dalus/The-MALWARE-Repo/deferred-metadata/master/Spyware/HawkEye.exe HTTP/2.0
host: github.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: application/json
accept: application/json
x-requested-with: XMLHttpRequest
github-verified-fetch: true
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Spyware/HawkEye.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _gh_sess=qSTJHmFU1m7qknq%2Brcf9OK4yelXIzvYG9aA%2F3XrXNla6vLnvZXdBP8zVvxVXpHxNF9Bpx9JbgaOTtUGQz33yQWqTbcq6gPorBhpV%2FEhzkjG8CLsEWws7ukjU3CpNxIhKjCghT1BXy47YQstaw5%2F17nrRhPFORyLKQDe1zWvF4JcJ382PskvfvnHOXLN3gk9d1IixFsW6XqyCSm1HQMYzNBa95VefRcR3uRxQZcY%2F46E%2F9I26UbIrrNPIrI1WQ%2Fwj7%2Br9ApEcUrHOHxlbD3eLvA%3D%3D--187yTKHF4UbNAJdZ--mLgkHO2rrn2wNbxqiTrcTg%3D%3D
cookie: _octo=GH1.1.1477616909.1735966873
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 200

server: GitHub.com
date: Sat, 04 Jan 2025 05:02:21 GMT
content-type: application/json; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
etag: W/"696181f8293023bd4bd075dfd4e92f6d"
cache-control: max-age=0, private, must-revalidate
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
content-encoding: gzip
accept-ranges: bytes
content-length: 443
x-github-request-id: F62F:8CFA4:5392C57:67DF648:6778C0DD
GET

https://github.com/Da2dalus/The-MALWARE-Repo/raw/refs/heads/master/Spyware/HawkEye.exe

msedge.exe

Remote address:

20.26.156.215:443

Request

GET /Da2dalus/The-MALWARE-Repo/raw/refs/heads/master/Spyware/HawkEye.exe HTTP/2.0
host: github.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Spyware/HawkEye.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _gh_sess=qSTJHmFU1m7qknq%2Brcf9OK4yelXIzvYG9aA%2F3XrXNla6vLnvZXdBP8zVvxVXpHxNF9Bpx9JbgaOTtUGQz33yQWqTbcq6gPorBhpV%2FEhzkjG8CLsEWws7ukjU3CpNxIhKjCghT1BXy47YQstaw5%2F17nrRhPFORyLKQDe1zWvF4JcJ382PskvfvnHOXLN3gk9d1IixFsW6XqyCSm1HQMYzNBa95VefRcR3uRxQZcY%2F46E%2F9I26UbIrrNPIrI1WQ%2Fwj7%2Br9ApEcUrHOHxlbD3eLvA%3D%3D--187yTKHF4UbNAJdZ--mLgkHO2rrn2wNbxqiTrcTg%3D%3D
cookie: _octo=GH1.1.1477616909.1735966873
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 302

server: GitHub.com
date: Sat, 04 Jan 2025 05:02:25 GMT
content-type: text/html; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
access-control-allow-origin:
location: https://raw.githubusercontent.com/Da2dalus/The-MALWARE-Repo/refs/heads/master/Spyware/HawkEye.exe
cache-control: no-cache
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
content-length: 0
x-github-request-id: F62F:8CFA4:5392D54:67DF796:6778C0DD
DNS

avatars.githubusercontent.com

msedge.exe

Remote address:

8.8.8.8:53

Request

avatars.githubusercontent.com

IN A

Response

avatars.githubusercontent.com

IN A

185.199.110.133

avatars.githubusercontent.com

IN A

185.199.111.133

avatars.githubusercontent.com

IN A

185.199.109.133

avatars.githubusercontent.com

IN A

185.199.108.133
DNS

github.githubassets.com

msedge.exe

Remote address:

8.8.8.8:53

Request

github.githubassets.com

IN A

Response

github.githubassets.com

IN A

185.199.111.154

github.githubassets.com

IN A

185.199.109.154

github.githubassets.com

IN A

185.199.108.154

github.githubassets.com

IN A

185.199.110.154
GET

https://avatars.githubusercontent.com/u/63458929?s=64&v=4

msedge.exe

Remote address:

185.199.110.133:443

Request

GET /u/63458929?s=64&v=4 HTTP/2.0
host: avatars.githubusercontent.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: max-age=300
content-security-policy: default-src 'none'
content-type: image/png
etag: "e25efc2f3c542a995df70f85198b7fd6184be4700ec9756e00c0a8fd9e7a124c"
last-modified: Sat, 06 Dec 2014 07:54:23 GMT
strict-transport-security: max-age=31557600
timing-allow-origin: https://github.com
x-content-type-options: nosniff
x-frame-options: deny
x-github-tenant:
x-xss-protection: 1; mode=block
x-github-request-id: 5B3B:322CD7:7578D:9438A:6757FCB9
accept-ranges: bytes
date: Sat, 04 Jan 2025 05:01:14 GMT
via: 1.1 varnish
x-served-by: cache-lcy-eglc8600025-LCY
x-cache: HIT
x-cache-hits: 0
x-timer: S1735966874.280077,VS0,VE1
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-fastly-request-id: 9d7ca9a609a09952c24a86f45a6c1560ff1967d5
expires: Sat, 04 Jan 2025 05:06:14 GMT
source-age: 2147297
vary: Authorization,Accept-Encoding
content-length: 1505
GET

https://avatars.githubusercontent.com/u/123590232?s=64&v=4

msedge.exe

Remote address:

185.199.110.133:443

Request

GET /u/123590232?s=64&v=4 HTTP/2.0
host: avatars.githubusercontent.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: max-age=300
content-security-policy: default-src 'none'
content-type: image/jpeg
etag: "1d9f1acf397d81e762e9ede9d36dd95eb2e889d8dc41c4f240aa17ffcd5ff02f"
last-modified: Thu, 20 Jul 2023 19:54:24 GMT
strict-transport-security: max-age=31557600
timing-allow-origin: https://github.com
x-content-type-options: nosniff
x-frame-options: deny
x-github-tenant:
x-xss-protection: 1; mode=block
x-github-request-id: 14BF:331E78:9DF6F6:D30628:6774ADD8
accept-ranges: bytes
date: Sat, 04 Jan 2025 05:01:14 GMT
via: 1.1 varnish
x-served-by: cache-lcy-eglc8600025-LCY
x-cache: HIT
x-cache-hits: 0
x-timer: S1735966874.280568,VS0,VE1
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-fastly-request-id: 6809cff3dcc89ede6430d7839bb30403853f4728
expires: Sat, 04 Jan 2025 05:06:14 GMT
source-age: 266944
vary: Authorization,Accept-Encoding
content-length: 1266
GET

https://avatars.githubusercontent.com/u/63458929?v=4&size=40

msedge.exe

Remote address:

185.199.110.133:443

Request

GET /u/63458929?v=4&size=40 HTTP/2.0
host: avatars.githubusercontent.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: max-age=300
content-security-policy: default-src 'none'
content-type: image/png
etag: "e25efc2f3c542a995df70f85198b7fd6184be4700ec9756e00c0a8fd9e7a124c"
last-modified: Mon, 22 Dec 2014 15:51:20 GMT
strict-transport-security: max-age=31557600
timing-allow-origin: https://github.com
x-content-type-options: nosniff
x-frame-options: deny
x-github-tenant:
x-xss-protection: 1; mode=block
x-github-request-id: CC03:D4B17:14EB06:1B8FBD:676A3908
accept-ranges: bytes
date: Sat, 04 Jan 2025 05:01:15 GMT
via: 1.1 varnish
x-served-by: cache-lcy-eglc8600025-LCY
x-cache: HIT
x-cache-hits: 0
x-timer: S1735966875.485500,VS0,VE1
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-fastly-request-id: 253f28220c0f744110b1a5b16b2c7fc38cdc1d26
expires: Sat, 04 Jan 2025 05:06:15 GMT
source-age: 952209
vary: Authorization,Accept-Encoding
content-length: 1505
GET

https://avatars.githubusercontent.com/u/63458929?s=32&v=4

msedge.exe

Remote address:

185.199.110.133:443

Request

GET /u/63458929?s=32&v=4 HTTP/2.0
host: avatars.githubusercontent.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://github.com/Da2dalus/The-MALWARE-Repo/tree/master/Botnets/FritzFrog
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: max-age=300
content-security-policy: default-src 'none'
content-type: image/png
etag: "e25efc2f3c542a995df70f85198b7fd6184be4700ec9756e00c0a8fd9e7a124c"
last-modified: Mon, 22 Dec 2014 15:51:20 GMT
strict-transport-security: max-age=31557600
timing-allow-origin: https://github.com
x-content-type-options: nosniff
x-frame-options: deny
x-github-tenant:
x-xss-protection: 1; mode=block
x-github-request-id: FD01:34933:911892:C2A538:67740DEB
accept-ranges: bytes
date: Sat, 04 Jan 2025 05:01:39 GMT
via: 1.1 varnish
x-served-by: cache-lcy-eglc8600025-LCY
x-cache: HIT
x-cache-hits: 0
x-timer: S1735966899.408218,VS0,VE1
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-fastly-request-id: 48f9d8e332f7cc8cf4e02545aff9fbc0f0f5f101
expires: Sat, 04 Jan 2025 05:06:39 GMT
source-age: 307910
vary: Authorization,Accept-Encoding
content-length: 1505
DNS

github-cloud.s3.amazonaws.com

msedge.exe

Remote address:

8.8.8.8:53

Request

github-cloud.s3.amazonaws.com

IN A

Response

github-cloud.s3.amazonaws.com

IN CNAME

s3-1-w.amazonaws.com

s3-1-w.amazonaws.com

IN CNAME

s3-w.us-east-1.amazonaws.com

s3-w.us-east-1.amazonaws.com

IN A

52.217.132.41

s3-w.us-east-1.amazonaws.com

IN A

54.231.195.73

s3-w.us-east-1.amazonaws.com

IN A

52.216.88.251

s3-w.us-east-1.amazonaws.com

IN A

54.231.198.73

s3-w.us-east-1.amazonaws.com

IN A

54.231.172.169

s3-w.us-east-1.amazonaws.com

IN A

3.5.25.103

s3-w.us-east-1.amazonaws.com

IN A

3.5.29.249

s3-w.us-east-1.amazonaws.com

IN A

52.216.38.233
GET

https://github.githubassets.com/assets/light-0cfd1fd8509e.css

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/light-0cfd1fd8509e.css HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: text/css,*/*;q=0.1
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: style
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: text/css
last-modified: Wed, 18 Dec 2024 14:30:02 GMT
etag: "0x8DD1F7075BC9820"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 04 Jan 2025 05:01:14 GMT
age: 1327961
x-served-by: cache-iad-kcgs7200091-IAD, cache-lon420107-LON
x-cache: HIT, HIT
x-cache-hits: 62, 14523
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 032b9a1a53f008266786634a10d9a4f2419a638b
content-length: 18441
GET

https://github.githubassets.com/assets/primer-react.797c8ec006b327590422.module.css

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/primer-react.797c8ec006b327590422.module.css HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: text/css,*/*;q=0.1
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: style
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: text/css
last-modified: Fri, 20 Dec 2024 19:37:11 GMT
etag: "0x8DD212DB320AE8E"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 04 Jan 2025 05:01:14 GMT
age: 1236339
x-served-by: cache-iad-kiad7000146-IAD, cache-lon420107-LON
x-cache: HIT, HIT
x-cache-hits: 129, 12795
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 353aaf87391c7141e7e8d0671befd6af1a881bea
content-length: 38143
GET

https://github.githubassets.com/assets/global-47b8b2ca21ae.css

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/global-47b8b2ca21ae.css HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: text/css,*/*;q=0.1
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: style
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: text/css
last-modified: Wed, 20 Nov 2024 21:24:18 GMT
etag: "0x8DD09A9B15EC064"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 04 Jan 2025 05:01:14 GMT
age: 2609618
x-served-by: cache-iad-kiad7000161-IAD, cache-lon420107-LON
x-cache: HIT, HIT
x-cache-hits: 70, 22516
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: c75b61f519fce64a40004fbeb3a7dac77c305376
content-length: 6899
GET

https://github.githubassets.com/assets/repos-overview.9cc263aa0716ce801059.module.css

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/repos-overview.9cc263aa0716ce801059.module.css HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: text/css,*/*;q=0.1
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: style
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: text/css
last-modified: Tue, 22 Oct 2024 14:40:08 GMT
etag: "0x8DCF2A76D2FB21D"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 04 Jan 2025 05:01:14 GMT
age: 6304100
x-served-by: cache-iad-kiad7000028-IAD, cache-lon420107-LON
x-cache: HIT, HIT
x-cache-hits: 81, 11153
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 5925e23e116897a468554ddaac86aa844de33485
content-length: 222
GET

https://github.githubassets.com/assets/primer-4430d3c2c150.css

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/primer-4430d3c2c150.css HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: text/css,*/*;q=0.1
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: style
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: text/css
last-modified: Tue, 17 Dec 2024 18:43:31 GMT
etag: "0x8DD1ECAB43210B5"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 04 Jan 2025 05:01:14 GMT
age: 1315957
x-served-by: cache-iad-kjyo7100094-IAD, cache-lon420107-LON
x-cache: HIT, HIT
x-cache-hits: 55, 12986
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 308d581268cebcfe02f8bac130eaa7e0412ebe12
content-length: 39148
GET

https://github.githubassets.com/assets/code-9e1913b328be.css

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/code-9e1913b328be.css HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: text/css,*/*;q=0.1
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: style
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: text/css
last-modified: Wed, 20 Nov 2024 21:24:16 GMT
etag: "0x8DD09A9B01484BC"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 04 Jan 2025 05:01:14 GMT
age: 2609615
x-served-by: cache-iad-kiad7000027-IAD, cache-lon420107-LON
x-cache: HIT, HIT
x-cache-hits: 421, 22721
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: ff8cddf5cfea935835d743b341fbe4e4c9be7705
content-length: 6985
GET

https://github.githubassets.com/assets/primer-primitives-953961b66e63.css

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/primer-primitives-953961b66e63.css HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: text/css,*/*;q=0.1
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: style
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: text/css
last-modified: Fri, 06 Dec 2024 20:56:32 GMT
etag: "0x8DD16387725931D"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 04 Jan 2025 05:01:14 GMT
age: 2119160
x-served-by: cache-iad-kjyo7100112-IAD, cache-lon420107-LON
x-cache: HIT, HIT
x-cache-hits: 5, 14220
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 385edcc944b01b4c16035448933e16392743f9ba
content-length: 5163
GET

https://github.githubassets.com/assets/dark-d782f59290e2.css

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/dark-d782f59290e2.css HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: text/css,*/*;q=0.1
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: style
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: text/css
last-modified: Wed, 11 Dec 2024 17:38:33 GMT
etag: "0x8DD1A0AA2CE9848"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 04 Jan 2025 05:01:14 GMT
age: 1957493
x-served-by: cache-iad-kcgs7200156-IAD, cache-lon420107-LON
x-cache: HIT, HIT
x-cache-hits: 14, 21435
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 736e8c30df0fc18408335ba38b3d8a677cbdb63a
content-length: 2591
GET

https://github.githubassets.com/assets/github-e72829f5538b.css

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/github-e72829f5538b.css HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: text/css,*/*;q=0.1
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: style
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: text/css
last-modified: Fri, 13 Dec 2024 19:44:51 GMT
etag: "0x8DD1BAE9C74ED39"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 04 Jan 2025 05:01:14 GMT
age: 1505903
x-served-by: cache-iad-kcgs7200070-IAD, cache-lon420107-LON
x-cache: HIT, HIT
x-cache-hits: 20, 16231
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 48e59a7fced376ffe3fa784f0fa862166dfc9854
content-length: 21280
GET

https://github.githubassets.com/assets/repository-d031bcc14e1b.css

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/repository-d031bcc14e1b.css HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: text/css,*/*;q=0.1
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: style
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: text/css
last-modified: Tue, 26 Nov 2024 21:12:56 GMT
etag: "0x8DD0E5F193AF82C"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 04 Jan 2025 05:01:14 GMT
age: 2633903
x-served-by: cache-iad-kjyo7100144-IAD, cache-lon420107-LON
x-cache: HIT, HIT
x-cache-hits: 38, 18096
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 47e062ad3981443b9aef9146ccccb466378a5ab0
content-length: 5150
GET

https://github.githubassets.com/assets/notifications-subscriptions-menu.1bcff9205c241e99cff2.module.css

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/notifications-subscriptions-menu.1bcff9205c241e99cff2.module.css HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: text/css,*/*;q=0.1
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: style
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: text/css
last-modified: Mon, 26 Aug 2024 16:36:17 GMT
etag: "0x8DCC5ED35736954"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 04 Jan 2025 05:01:14 GMT
age: 4542005
x-served-by: cache-iad-kjyo7100115-IAD, cache-lon420107-LON
x-cache: HIT, HIT
x-cache-hits: 44, 16421
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: d89b923e2b48ec122ce0e6f32502a670cabf61df
content-length: 479
GET

https://github.githubassets.com/assets/wp-runtime-7c7cbcadd2c9.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/wp-runtime-7c7cbcadd2c9.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Fri, 03 Jan 2025 19:47:15 GMT
etag: "0x8DD2C2F6CCE7AEB"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 04 Jan 2025 05:01:14 GMT
age: 23328
x-served-by: cache-iad-kcgs7200045-IAD, cache-lon420107-LON
x-cache: HIT, HIT
x-cache-hits: 14, 239
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 6af5677efb62725dff4512e2a7b77e78e8decaed
content-length: 14084
GET

https://github.githubassets.com/assets/vendors-node_modules_oddbird_popover-polyfill_dist_popover_js-9da652f58479.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/vendors-node_modules_oddbird_popover-polyfill_dist_popover_js-9da652f58479.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Thu, 05 Dec 2024 15:49:16 GMT
etag: "0x8DD15445FBFE222"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 04 Jan 2025 05:01:14 GMT
age: 2287129
x-served-by: cache-iad-kiad7000130-IAD, cache-lon420107-LON
x-cache: HIT, HIT
x-cache-hits: 3083, 23331
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 66273da57de2fd4bb2780939131500f641a8b575
content-length: 4848
GET

https://github.githubassets.com/assets/vendors-node_modules_github_arianotify-polyfill_ariaNotify-polyfill_js-node_modules_github_mi-3abb8f-d7e6bc799724.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/vendors-node_modules_github_arianotify-polyfill_ariaNotify-polyfill_js-node_modules_github_mi-3abb8f-d7e6bc799724.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Tue, 12 Nov 2024 14:39:55 GMT
etag: "0x8DD0327E029647C"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 04 Jan 2025 05:01:14 GMT
age: 2287128
x-served-by: cache-iad-kiad7000023-IAD, cache-lon420107-LON
x-cache: HIT, HIT
x-cache-hits: 59, 23255
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: b1d13941a41dc18fdfb28e4879456cee694872c6
content-length: 3080
GET

https://github.githubassets.com/assets/ui_packages_failbot_failbot_ts-c551691a8183.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/ui_packages_failbot_failbot_ts-c551691a8183.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Wed, 11 Dec 2024 22:19:04 GMT
etag: "0x8DD1A31D2913996"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 04 Jan 2025 05:01:14 GMT
age: 1582904
x-served-by: cache-iad-kcgs7200056-IAD, cache-lon420107-LON
x-cache: HIT, HIT
x-cache-hits: 13, 16582
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: c35c0c656af5e416953af82fab059b5cd6d87c12
content-length: 3629
GET

https://github.githubassets.com/assets/environment-7b93e0f0c8ff.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/environment-7b93e0f0c8ff.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Mon, 25 Nov 2024 14:39:36 GMT
etag: "0x8DD0D5EFC4A53FF"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 04 Jan 2025 05:01:14 GMT
age: 2730940
x-served-by: cache-iad-kiad7000134-IAD, cache-lon420107-LON
x-cache: HIT, HIT
x-cache-hits: 23, 22485
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 2e918776e54ac03b61d08157e9c41fe11a7abb28
content-length: 735
GET

https://github.githubassets.com/assets/vendors-node_modules_primer_behaviors_dist_esm_index_mjs-ea2a5d75d580.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/vendors-node_modules_primer_behaviors_dist_esm_index_mjs-ea2a5d75d580.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Tue, 12 Nov 2024 00:52:41 GMT
etag: "0x8DD02B4500CD2AA"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 04 Jan 2025 05:01:14 GMT
age: 2287128
x-served-by: cache-iad-kjyo7100040-IAD, cache-lon420107-LON
x-cache: HIT, HIT
x-cache-hits: 59, 23331
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 4f9936189b307bcac31be124816e31c155748ddd
content-length: 5756
GET

https://github.githubassets.com/assets/vendors-node_modules_github_selector-observer_dist_index_esm_js-f690fd9ae3d5.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/vendors-node_modules_github_selector-observer_dist_index_esm_js-f690fd9ae3d5.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Thu, 08 Aug 2024 18:12:13 GMT
etag: "0x8DCB7D5A12F8D41"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 04 Jan 2025 05:01:14 GMT
age: 3939922
x-served-by: cache-iad-kiad7000168-IAD, cache-lon420107-LON
x-cache: HIT, HIT
x-cache-hits: 6967, 21893
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 4c47cec2da89e6e2fbf7f19fdbcaa7457df351e5
content-length: 3284
GET

https://github.githubassets.com/assets/vendors-node_modules_github_relative-time-element_dist_index_js-f6da4b3fa34c.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/vendors-node_modules_github_relative-time-element_dist_index_js-f6da4b3fa34c.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Mon, 09 Dec 2024 18:22:05 GMT
etag: "0x8DD187E625ACB6B"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 04 Jan 2025 05:01:14 GMT
age: 2172871
x-served-by: cache-iad-kiad7000085-IAD, cache-lon420107-LON
x-cache: HIT, HIT
x-cache-hits: 64, 24136
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: b39bad36394b10a05cf532684cf8c6bf0e0e656c
content-length: 4645
GET

https://github.githubassets.com/assets/vendors-node_modules_github_auto-complete-element_dist_index_js-node_modules_github_catalyst_-8e9f78-a74b4e0a8a6b.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/vendors-node_modules_github_auto-complete-element_dist_index_js-node_modules_github_catalyst_-8e9f78-a74b4e0a8a6b.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Tue, 10 Dec 2024 19:56:20 GMT
etag: "0x8DD1954B7817C15"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 04 Jan 2025 05:01:14 GMT
age: 1356512
x-served-by: cache-iad-kjyo7100066-IAD, cache-lon420107-LON
x-cache: HIT, HIT
x-cache-hits: 21, 14365
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 8d60947bfab0be67cf70e30c88d8136314893a49
content-length: 3683
GET

https://github.githubassets.com/assets/vendors-node_modules_github_text-expander-element_dist_index_js-78748950cb0c.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/vendors-node_modules_github_text-expander-element_dist_index_js-78748950cb0c.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Mon, 25 Nov 2024 14:39:52 GMT
etag: "0x8DD0D5F05CBAB3B"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 04 Jan 2025 05:01:14 GMT
age: 2730940
x-served-by: cache-iad-kiad7000130-IAD, cache-lon420107-LON
x-cache: HIT, HIT
x-cache-hits: 23, 22762
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 3560ae6415771edf33fbf6777a6d289601dfe25a
content-length: 6786
GET

https://github.githubassets.com/assets/vendors-node_modules_github_filter-input-element_dist_index_js-node_modules_github_remote-inp-b5f1d7-a1760ffda83d.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/vendors-node_modules_github_filter-input-element_dist_index_js-node_modules_github_remote-inp-b5f1d7-a1760ffda83d.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Thu, 19 Dec 2024 17:24:30 GMT
etag: "0x8DD2051FF28CC62"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 04 Jan 2025 05:01:14 GMT
age: 1315957
x-served-by: cache-iad-kjyo7100035-IAD, cache-lon420107-LON
x-cache: HIT, HIT
x-cache-hits: 55, 13049
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 568b0017e4019be162f178af84a2da1631072da1
content-length: 27463
GET

https://github.githubassets.com/assets/vendors-node_modules_github_markdown-toolbar-element_dist_index_js-ceef33f593fa.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/vendors-node_modules_github_markdown-toolbar-element_dist_index_js-ceef33f593fa.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Mon, 25 Nov 2024 15:32:27 GMT
etag: "0x8DD0D665E0F9ED8"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 04 Jan 2025 05:01:14 GMT
age: 2287128
x-served-by: cache-iad-kcgs7200078-IAD, cache-lon420107-LON
x-cache: HIT, HIT
x-cache-hits: 59, 23385
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 682dc7e556057ca707930b02dbc0ac4901699628
content-length: 5379
GET

https://github.githubassets.com/assets/vendors-node_modules_github_file-attachment-element_dist_index_js-node_modules_primer_view-co-c44a69-c6d035fa8dc8.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/vendors-node_modules_github_file-attachment-element_dist_index_js-node_modules_primer_view-co-c44a69-c6d035fa8dc8.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Tue, 12 Nov 2024 00:52:41 GMT
etag: "0x8DD02B4500C5DFD"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 04 Jan 2025 05:01:14 GMT
age: 2287128
x-served-by: cache-iad-kiad7000164-IAD, cache-lon420107-LON
x-cache: HIT, HIT
x-cache-hits: 59, 23358
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 949c7195d6c029dc3714e28ac5ef6ebeab8e2c27
content-length: 4311
GET

https://github.githubassets.com/assets/github-elements-f991cfab5105.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/github-elements-f991cfab5105.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Wed, 18 Dec 2024 20:13:06 GMT
etag: "0x8DD1FA062B76FEE"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 04 Jan 2025 05:01:14 GMT
age: 1356512
x-served-by: cache-iad-kjyo7100051-IAD, cache-lon420107-LON
x-cache: HIT, HIT
x-cache-hits: 21, 14391
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 2b72fd013fef9787e1942e51bff9af5b1baaa926
content-length: 4964
GET

https://github.githubassets.com/assets/element-registry-68317a5dae9a.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/element-registry-68317a5dae9a.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Tue, 12 Nov 2024 00:52:41 GMT
etag: "0x8DD02B4500E579D"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 04 Jan 2025 05:01:14 GMT
age: 2287128
x-served-by: cache-iad-kjyo7100066-IAD, cache-lon420107-LON
x-cache: HIT, HIT
x-cache-hits: 59, 23494
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: f483dffdf54727edb44f81168583c07d3a28d2e5
content-length: 3918
GET

https://github.githubassets.com/assets/vendors-node_modules_braintree_browser-detection_dist_browser-detection_js-node_modules_githu-bb80ec-7f43298e364b.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/vendors-node_modules_braintree_browser-detection_dist_browser-detection_js-node_modules_githu-bb80ec-7f43298e364b.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Thu, 19 Dec 2024 17:24:25 GMT
etag: "0x8DD2051FC564485"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 04 Jan 2025 05:01:14 GMT
age: 1315957
x-served-by: cache-iad-kjyo7100112-IAD, cache-lon420107-LON
x-cache: HIT, HIT
x-cache-hits: 55, 12893
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 9f58c80afb342c836d13f51cbbedcf2b60aa6308
content-length: 9522
GET

https://github.githubassets.com/assets/vendors-node_modules_lit-html_lit-html_js-be8cb88f481b.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/vendors-node_modules_lit-html_lit-html_js-be8cb88f481b.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Fri, 20 Dec 2024 15:26:09 GMT
etag: "0x8DD210AA1713CDB"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 04 Jan 2025 05:01:14 GMT
age: 728443
x-served-by: cache-iad-kiad7000120-IAD, cache-lon420107-LON
x-cache: HIT, HIT
x-cache-hits: 103, 8371
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 944f13c669a1b53158d03ca5a190aa49e89728f7
content-length: 7899
GET

https://github.githubassets.com/assets/vendors-node_modules_github_mini-throttle_dist_index_js-node_modules_morphdom_dist_morphdom-e-7c534c-a4a1922eb55f.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/vendors-node_modules_github_mini-throttle_dist_index_js-node_modules_morphdom_dist_morphdom-e-7c534c-a4a1922eb55f.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Tue, 12 Nov 2024 00:52:41 GMT
etag: "0x8DD02B44FAF168F"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 04 Jan 2025 05:01:14 GMT
age: 2287128
x-served-by: cache-iad-kiad7000037-IAD, cache-lon420107-LON
x-cache: HIT, HIT
x-cache-hits: 59, 23435
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 0adbad4656d99af9f2e802fbb739ad06d53887c3
content-length: 2385
GET

https://github.githubassets.com/assets/vendors-node_modules_github_turbo_dist_turbo_es2017-esm_js-e3cbe28f1638.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/vendors-node_modules_github_turbo_dist_turbo_es2017-esm_js-e3cbe28f1638.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Tue, 12 Nov 2024 00:52:40 GMT
etag: "0x8DD02B44F3EF886"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 04 Jan 2025 05:01:14 GMT
age: 2287129
x-served-by: cache-iad-kcgs7200145-IAD, cache-lon420107-LON
x-cache: HIT, HIT
x-cache-hits: 59, 23526
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 1b738c720de372778be88d5e742d3e42f4fdaf5b
content-length: 4851
GET

https://github.githubassets.com/assets/vendors-node_modules_github_remote-form_dist_index_js-node_modules_delegated-events_dist_inde-893f9f-6cf3320416b8.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/vendors-node_modules_github_remote-form_dist_index_js-node_modules_delegated-events_dist_inde-893f9f-6cf3320416b8.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Thu, 05 Dec 2024 15:49:17 GMT
etag: "0x8DD15446030C279"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 04 Jan 2025 05:01:14 GMT
age: 2287129
x-served-by: cache-iad-kiad7000040-IAD, cache-lon420107-LON
x-cache: HIT, HIT
x-cache-hits: 59, 23925
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: b98567e2c1b4ef38296e084ce44808115f21c72c
content-length: 18635
GET

https://github.githubassets.com/assets/vendors-node_modules_color-convert_index_js-e3180fe3bcb3.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/vendors-node_modules_color-convert_index_js-e3180fe3bcb3.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Thu, 05 Dec 2024 15:49:17 GMT
etag: "0x8DD1544602F3D8E"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 04 Jan 2025 05:01:14 GMT
age: 1515691
x-served-by: cache-iad-kiad7000100-IAD, cache-lon420107-LON
x-cache: HIT, HIT
x-cache-hits: 59, 14050
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 8f15ee0bf91ae8bb5f0ef9e0a68cd900b38a937e
content-length: 19397
GET

https://github.githubassets.com/assets/vendors-node_modules_github_quote-selection_dist_index_js-node_modules_github_session-resume_-69cfcc-833249ee3034.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/vendors-node_modules_github_quote-selection_dist_index_js-node_modules_github_session-resume_-69cfcc-833249ee3034.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Thu, 08 Aug 2024 18:12:13 GMT
etag: "0x8DCB7D5A12F3F7D"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 04 Jan 2025 05:01:14 GMT
age: 3268787
x-served-by: cache-iad-kcgs7200153-IAD, cache-lon420107-LON
x-cache: HIT, HIT
x-cache-hits: 6809, 22037
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 0befbb8dcb315772cc0b7377a25ffbd54a349c80
content-length: 3816
GET

https://github.githubassets.com/assets/ui_packages_updatable-content_updatable-content_ts-863ef5872a03.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/ui_packages_updatable-content_updatable-content_ts-863ef5872a03.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Tue, 10 Dec 2024 09:56:04 GMT
etag: "0x8DD1900DC86F5C7"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 04 Jan 2025 05:01:14 GMT
age: 2051031
x-served-by: cache-iad-kcgs7200058-IAD, cache-lon420107-LON
x-cache: HIT, HIT
x-cache-hits: 5, 22918
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 352220711356ddf4640e8da4f9a3801d9cccc739
content-length: 3407
GET

https://github.githubassets.com/assets/app_assets_modules_github_behaviors_task-list_ts-app_assets_modules_github_sso_ts-ui_packages-900dde-917d4bda1f1a.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/app_assets_modules_github_behaviors_task-list_ts-app_assets_modules_github_sso_ts-ui_packages-900dde-917d4bda1f1a.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Mon, 09 Dec 2024 17:45:32 GMT
etag: "0x8DD1879474B8D64"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 04 Jan 2025 05:01:14 GMT
age: 2092550
x-served-by: cache-iad-kcgs7200057-IAD, cache-lon420107-LON
x-cache: HIT, HIT
x-cache-hits: 27, 23224
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 47bab81c2cd8eb08a816de086de01ab478b3dd2f
content-length: 4452
GET

https://github.githubassets.com/assets/app_assets_modules_github_sticky-scroll-into-view_ts-7cbef09a422c.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/app_assets_modules_github_sticky-scroll-into-view_ts-7cbef09a422c.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Tue, 15 Oct 2024 16:12:32 GMT
etag: "0x8DCED342CC2D5FC"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 04 Jan 2025 05:01:14 GMT
age: 4568293
x-served-by: cache-iad-kcgs7200039-IAD, cache-lon420107-LON
x-cache: HIT, HIT
x-cache-hits: 55, 22226
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 9af09d360d63a9335a09fbd1b843f7d154a4319e
content-length: 3363
GET

https://github.githubassets.com/assets/app_assets_modules_github_behaviors_ajax-error_ts-app_assets_modules_github_behaviors_include-d0d0a6-b41aeef03499.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/app_assets_modules_github_behaviors_ajax-error_ts-app_assets_modules_github_behaviors_include-d0d0a6-b41aeef03499.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Tue, 10 Dec 2024 22:28:17 GMT
etag: "0x8DD1969F1BFDB43"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 04 Jan 2025 05:01:14 GMT
age: 2092550
x-served-by: cache-iad-kjyo7100119-IAD, cache-lon420107-LON
x-cache: HIT, HIT
x-cache-hits: 27, 23297
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: b7466cf0122566f8fadc26154be139f7ac5c6e25
content-length: 6141
GET

https://github.githubassets.com/assets/app_assets_modules_github_behaviors_commenting_edit_ts-app_assets_modules_github_behaviors_ht-83c235-fb43816ab83c.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/app_assets_modules_github_behaviors_commenting_edit_ts-app_assets_modules_github_behaviors_ht-83c235-fb43816ab83c.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Tue, 19 Nov 2024 17:47:26 GMT
etag: "0x8DD08C23B22EDF8"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 04 Jan 2025 05:01:14 GMT
age: 3910287
x-served-by: cache-iad-kiad7000141-IAD, cache-lon420107-LON
x-cache: HIT, HIT
x-cache-hits: 35, 22365
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 1cb88999d7dc7a528493da872641a47a2c5c630a
content-length: 4143
GET

https://github.githubassets.com/assets/behaviors-a6abce982f3f.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/behaviors-a6abce982f3f.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Mon, 25 Nov 2024 14:39:53 GMT
etag: "0x8DD0D5F064BBD59"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 04 Jan 2025 05:01:14 GMT
age: 2677275
x-served-by: cache-iad-kiad7000150-IAD, cache-lon420107-LON
x-cache: HIT, HIT
x-cache-hits: 12, 12404
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 561ff22dbf5617f0b23639c9dedce4b73887cab4
content-length: 4975
GET

https://github.githubassets.com/assets/vendors-node_modules_delegated-events_dist_index_js-node_modules_github_catalyst_lib_index_js-f6223d90c7ba.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/vendors-node_modules_delegated-events_dist_index_js-node_modules_github_catalyst_lib_index_js-f6223d90c7ba.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Thu, 19 Dec 2024 22:25:52 GMT
etag: "0x8DD207C18FC3FA9"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 04 Jan 2025 05:01:14 GMT
age: 1299471
x-served-by: cache-iad-kjyo7100114-IAD, cache-lon420107-LON
x-cache: HIT, HIT
x-cache-hits: 65, 14007
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: fc00b3aa709ac69d046a9d444f66968f9d3e9f9b
content-length: 60145
GET

https://github.githubassets.com/assets/notifications-global-cfcd9f4f0f23.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/notifications-global-cfcd9f4f0f23.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Mon, 25 Nov 2024 14:39:27 GMT
etag: "0x8DD0D5EF6E1B53E"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 04 Jan 2025 05:01:14 GMT
age: 2730940
x-served-by: cache-iad-kcgs7200138-IAD, cache-lon420107-LON
x-cache: HIT, HIT
x-cache-hits: 23, 22695
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 7b8b50afa5dac053e83f84c1764ac69412ba8ae5
content-length: 3083
GET

https://github.githubassets.com/assets/vendors-node_modules_virtualized-list_es_index_js-node_modules_github_template-parts_lib_index_js-96453a51f920.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/vendors-node_modules_virtualized-list_es_index_js-node_modules_github_template-parts_lib_index_js-96453a51f920.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Thu, 08 Aug 2024 18:12:15 GMT
etag: "0x8DCB7D5A25F63A1"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 04 Jan 2025 05:01:14 GMT
age: 3935573
x-served-by: cache-iad-kiad7000040-IAD, cache-lon420107-LON
x-cache: HIT, HIT
x-cache-hits: 11174, 16008
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: a95e9256b1207c851791c2248f1445e7d81320f2
content-length: 3888
GET

https://github.githubassets.com/assets/vendors-node_modules_github_remote-form_dist_index_js-node_modules_delegated-events_dist_inde-70450e-eecf0d50276f.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/vendors-node_modules_github_remote-form_dist_index_js-node_modules_delegated-events_dist_inde-70450e-eecf0d50276f.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Thu, 05 Dec 2024 15:49:11 GMT
etag: "0x8DD15445D10CB59"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 04 Jan 2025 05:01:14 GMT
age: 2287129
x-served-by: cache-iad-kcgs7200049-IAD, cache-lon420107-LON
x-cache: HIT, HIT
x-cache-hits: 59, 23425
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 06989ae2d4654705bb5c3e72fad01b46099aa7fc
content-length: 3027
GET

https://github.githubassets.com/assets/app_assets_modules_github_ref-selector_ts-842c74d2eab4.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/app_assets_modules_github_ref-selector_ts-842c74d2eab4.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Wed, 11 Dec 2024 22:19:00 GMT
etag: "0x8DD1A31D010928E"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 04 Jan 2025 05:01:14 GMT
age: 1582898
x-served-by: cache-iad-kiad7000113-IAD, cache-lon420107-LON
x-cache: HIT, HIT
x-cache-hits: 8, 12588
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 4960520ccdfc4a783f102bac1d91e4d2a455e87a
content-length: 4986
GET

https://github.githubassets.com/assets/codespaces-a493a4b9528f.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/codespaces-a493a4b9528f.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Fri, 13 Dec 2024 17:20:12 GMT
etag: "0x8DD1B9A66F92367"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 04 Jan 2025 05:01:14 GMT
age: 1582904
x-served-by: cache-iad-kcgs7200070-IAD, cache-lon420107-LON
x-cache: HIT, HIT
x-cache-hits: 13, 18952
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 9e881f9136906155dca73902e9ccd2c30f8e8f77
content-length: 108340
GET

https://github.githubassets.com/assets/vendors-node_modules_github_filter-input-element_dist_index_js-node_modules_github_remote-inp-3eebbd-0763620ad7bf.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/vendors-node_modules_github_filter-input-element_dist_index_js-node_modules_github_remote-inp-3eebbd-0763620ad7bf.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Tue, 12 Nov 2024 00:52:38 GMT
etag: "0x8DD02B44DEAF90D"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 04 Jan 2025 05:01:14 GMT
age: 2287129
x-served-by: cache-iad-kjyo7100051-IAD, cache-lon420107-LON
x-cache: HIT, HIT
x-cache-hits: 59, 25536
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 006336fa5f74273fc8d4ab77bd4cb65c6ef3cb79
content-length: 54804
GET

https://github.githubassets.com/assets/vendors-node_modules_github_mini-throttle_dist_decorators_js-node_modules_delegated-events_di-e161aa-9d41fb1b6c9e.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/vendors-node_modules_github_mini-throttle_dist_decorators_js-node_modules_delegated-events_di-e161aa-9d41fb1b6c9e.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Thu, 19 Dec 2024 17:20:57 GMT
etag: "0x8DD205180915E18"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 04 Jan 2025 05:01:14 GMT
age: 1331666
x-served-by: cache-iad-kjyo7100141-IAD, cache-lon420107-LON
x-cache: HIT, HIT
x-cache-hits: 6, 14948
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 5013e68c8cc6bc7f0d0ff058ce3f79247ddb2107
content-length: 40640
GET

https://github.githubassets.com/assets/vendors-node_modules_github_file-attachment-element_dist_index_js-node_modules_github_remote--3c9c82-7238cfcdaa51.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/vendors-node_modules_github_file-attachment-element_dist_index_js-node_modules_github_remote--3c9c82-7238cfcdaa51.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Sat, 16 Nov 2024 19:35:21 GMT
etag: "0x8DD0675CF86BAD9"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 04 Jan 2025 05:01:14 GMT
age: 2287112
x-served-by: cache-iad-kiad7000054-IAD, cache-lon420107-LON
x-cache: HIT, HIT
x-cache-hits: 34, 14600
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: c0c37cf205a779abe4fa72f7c08fe2ca1d344293
content-length: 4341
GET

https://github.githubassets.com/assets/repositories-f3093651fb0e.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/repositories-f3093651fb0e.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Mon, 25 Nov 2024 15:32:27 GMT
etag: "0x8DD0D665E7C17D4"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 04 Jan 2025 05:01:14 GMT
age: 2287112
x-served-by: cache-iad-kcgs7200094-IAD, cache-lon420107-LON
x-cache: HIT, HIT
x-cache-hits: 32, 14123
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: f64797aa8cce9e17628629dd471a9cb4cc6d1a9a
content-length: 2646
GET

https://github.githubassets.com/assets/vendors-node_modules_github_mini-throttle_dist_index_js-node_modules_github_catalyst_lib_inde-dbbea9-26cce2010167.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/vendors-node_modules_github_mini-throttle_dist_index_js-node_modules_github_catalyst_lib_inde-dbbea9-26cce2010167.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Wed, 11 Dec 2024 22:19:01 GMT
etag: "0x8DD1A31D0950C44"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 04 Jan 2025 05:01:14 GMT
age: 1582899
x-served-by: cache-iad-kiad7000130-IAD, cache-lon420107-LON
x-cache: HIT, HIT
x-cache-hits: 10, 10352
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: cfa729642be561840313e2d66a3ec62c3f75944c
content-length: 3489
GET

https://github.githubassets.com/assets/code-menu-b5f092ec4b30.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/code-menu-b5f092ec4b30.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Tue, 10 Dec 2024 22:28:27 GMT
etag: "0x8DD1969F7D55965"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 04 Jan 2025 05:01:14 GMT
age: 2092550
x-served-by: cache-iad-kcgs7200176-IAD, cache-lon420107-LON
x-cache: HIT, HIT
x-cache-hits: 12, 13534
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 17d49de8dcc17c4f51c3ad76401f95fad5538ae9
content-length: 16144
GET

https://github.githubassets.com/assets/primer-react-753dc87b1e29.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/primer-react-753dc87b1e29.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Wed, 02 Oct 2024 18:46:02 GMT
etag: "0x8DCE3127730EEAF"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 04 Jan 2025 05:01:14 GMT
age: 5442398
x-served-by: cache-iad-kiad7000161-IAD, cache-lon420107-LON
x-cache: HIT, HIT
x-cache-hits: 29034, 24701
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: bc9d6ac6994c369603a83123c1614ac3462f9792
content-length: 90797
GET

https://github.githubassets.com/assets/react-core-accb67f1350f.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/react-core-accb67f1350f.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Thu, 05 Dec 2024 15:49:16 GMT
etag: "0x8DD15445FC3AE69"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 04 Jan 2025 05:01:14 GMT
age: 2287113
x-served-by: cache-iad-kcgs7200159-IAD, cache-lon420107-LON
x-cache: HIT, HIT
x-cache-hits: 39, 15246
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 99e8f26cc6f997e28bd65dce5b33460768df7459
content-length: 6126
GET

https://github.githubassets.com/assets/react-lib-2131e17288a8.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/react-lib-2131e17288a8.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Thu, 05 Dec 2024 15:49:16 GMT
etag: "0x8DD15445FC02FE8"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 04 Jan 2025 05:01:14 GMT
age: 2287112
x-served-by: cache-iad-kiad7000022-IAD, cache-lon420107-LON
x-cache: HIT, HIT
x-cache-hits: 30, 13348
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 4de78b1158e8c49be90aab1da3b02d531b8d0d39
content-length: 3500
GET

https://github.githubassets.com/assets/octicons-react-45c3a19dd792.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/octicons-react-45c3a19dd792.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Thu, 05 Dec 2024 15:49:07 GMT
etag: "0x8DD15445A24BD36"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 04 Jan 2025 05:01:14 GMT
age: 2287112
x-served-by: cache-iad-kcgs7200068-IAD, cache-lon420107-LON
x-cache: HIT, HIT
x-cache-hits: 28, 12854
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 55f455ca41102be20c5520a4df9d478035592afe
content-length: 5491
GET

https://github.githubassets.com/assets/vendors-node_modules_tanstack_query-core_build_modern_queryClient_js-e6f07a7e80b7.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/vendors-node_modules_tanstack_query-core_build_modern_queryClient_js-e6f07a7e80b7.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Thu, 05 Dec 2024 15:49:17 GMT
etag: "0x8DD154460870CCD"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 04 Jan 2025 05:01:14 GMT
age: 2287129
x-served-by: cache-iad-kjyo7100114-IAD, cache-lon420107-LON
x-cache: HIT, HIT
x-cache-hits: 59, 24842
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: aab11bfd0a403f7873140f8a3b6843f1babbf464
content-length: 7079
GET

https://github.githubassets.com/assets/vendors-node_modules_emotion_is-prop-valid_dist_emotion-is-prop-valid_esm_js-node_modules_emo-37e3d5-92730c05e718.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/vendors-node_modules_emotion_is-prop-valid_dist_emotion-is-prop-valid_esm_js-node_modules_emo-37e3d5-92730c05e718.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Thu, 05 Dec 2024 15:49:16 GMT
etag: "0x8DD15445FBEF8D2"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 04 Jan 2025 05:01:14 GMT
age: 2287129
x-served-by: cache-iad-kiad7000052-IAD, cache-lon420107-LON
x-cache: HIT, HIT
x-cache-hits: 59, 24965
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 44c9f9146374a4185790701ddac4b5afde7df5e5
content-length: 9716
GET

https://github.githubassets.com/assets/vendors-node_modules_github_mini-throttle_dist_index_js-node_modules_stacktrace-parser_dist_s-e7dcdd-f7cc96ebae76.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/vendors-node_modules_github_mini-throttle_dist_index_js-node_modules_stacktrace-parser_dist_s-e7dcdd-f7cc96ebae76.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Thu, 05 Dec 2024 15:49:17 GMT
etag: "0x8DD1544602C817F"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 04 Jan 2025 05:01:14 GMT
age: 2287128
x-served-by: cache-iad-kjyo7100132-IAD, cache-lon420107-LON
x-cache: HIT, HIT
x-cache-hits: 59, 24806
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: a1aa824e4935ccdff9e2bcd084b4644bc665201c
content-length: 5120
GET

https://github.githubassets.com/assets/vendors-node_modules_oddbird_popover-polyfill_dist_popover-fn_js-55fea94174bf.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/vendors-node_modules_oddbird_popover-polyfill_dist_popover-fn_js-55fea94174bf.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Mon, 09 Dec 2024 13:29:38 GMT
etag: "0x8DD185587B55AC2"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 04 Jan 2025 05:01:14 GMT
age: 2102362
x-served-by: cache-iad-kcgs7200080-IAD, cache-lon420107-LON
x-cache: HIT, HIT
x-cache-hits: 15, 16712
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 19970f7bf1c8a33f1f39c9a3a0e02b3f4d563b4c
content-length: 5400
GET

https://github.githubassets.com/assets/notifications-subscriptions-menu-51601778bd8d.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/notifications-subscriptions-menu-51601778bd8d.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Tue, 12 Nov 2024 14:39:55 GMT
etag: "0x8DD0327E025E5FB"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 04 Jan 2025 05:01:14 GMT
age: 2287129
x-served-by: cache-iad-kcgs7200172-IAD, cache-lon420107-LON
x-cache: HIT, HIT
x-cache-hits: 59, 24743
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 5b721e74c8f48ecffd7b5f52d36b7512f990145f
content-length: 3077
GET

https://github.githubassets.com/assets/ui_packages_ui-commands_ui-commands_ts-df3b47d86af0.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/ui_packages_ui-commands_ui-commands_ts-df3b47d86af0.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Wed, 18 Dec 2024 21:21:05 GMT
etag: "0x8DD1FA9E1A14879"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 04 Jan 2025 05:01:14 GMT
age: 1331666
x-served-by: cache-iad-kjyo7100061-IAD, cache-lon420107-LON
x-cache: HIT, HIT
x-cache-hits: 6, 13823
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 5e83b33be7048978f3e2b9278937a348bd8aeefd
content-length: 6241
GET

https://github.githubassets.com/assets/keyboard-shortcuts-dialog-958cae8ecd6c.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/keyboard-shortcuts-dialog-958cae8ecd6c.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Thu, 05 Dec 2024 15:49:17 GMT
etag: "0x8DD1544602C33B7"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 04 Jan 2025 05:01:14 GMT
age: 2286614
x-served-by: cache-iad-kjyo7100030-IAD, cache-lon420107-LON
x-cache: HIT, HIT
x-cache-hits: 74, 19888
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: c10bb747c1309f3b8ff2b32fba13ed7a137d094d
content-length: 5246
GET

https://github.githubassets.com/assets/vendors-node_modules_github_remote-form_dist_index_js-node_modules_delegated-events_dist_inde-94fd67-73b675cf164a.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/vendors-node_modules_github_remote-form_dist_index_js-node_modules_delegated-events_dist_inde-94fd67-73b675cf164a.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Mon, 09 Dec 2024 13:29:36 GMT
etag: "0x8DD185586577B2A"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 04 Jan 2025 05:01:14 GMT
age: 2102372
x-served-by: cache-iad-kcgs7200178-IAD, cache-lon420107-LON
x-cache: HIT, HIT
x-cache-hits: 36, 21923
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 57523925e45b160281e9121755ad9aadc8630011
content-length: 6212
GET

https://github.githubassets.com/assets/sessions-5d6426bbf16a.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/sessions-5d6426bbf16a.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Mon, 25 Nov 2024 15:32:22 GMT
etag: "0x8DD0D665B346AD3"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 04 Jan 2025 05:01:14 GMT
age: 2286614
x-served-by: cache-iad-kiad7000020-IAD, cache-lon420107-LON
x-cache: HIT, HIT
x-cache-hits: 73, 19883
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 3d814842930386fe11a045b7e4d1818ed45f78ab
content-length: 4152
GET

https://github.githubassets.com/assets/vendors-node_modules_dompurify_dist_purify_js-b89b98661809.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/vendors-node_modules_dompurify_dist_purify_js-b89b98661809.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Tue, 12 Nov 2024 14:39:52 GMT
etag: "0x8DD0327DE7A8BE3"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 04 Jan 2025 05:01:14 GMT
age: 2287128
x-served-by: cache-iad-kiad7000107-IAD, cache-lon420107-LON
x-cache: HIT, HIT
x-cache-hits: 49, 15164
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 35dd8d02e4bdf14598760c806f3692fa8c82ed67
content-length: 8037
GET

https://github.githubassets.com/assets/vendors-node_modules_tanstack_query-core_build_modern_queryObserver_js-node_modules_tanstack_-defd52-843b41414e0e.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/vendors-node_modules_tanstack_query-core_build_modern_queryObserver_js-node_modules_tanstack_-defd52-843b41414e0e.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Tue, 12 Nov 2024 14:39:55 GMT
etag: "0x8DD0327E029647C"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 04 Jan 2025 05:01:14 GMT
age: 2287128
x-served-by: cache-iad-kcgs7200065-IAD, cache-lon420107-LON
x-cache: HIT, HIT
x-cache-hits: 33, 13971
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 7c4e6f0f86d9682170879de0b7a8606efab25586
content-length: 3412
GET

https://github.githubassets.com/assets/vendors-node_modules_github_hydro-analytics-client_dist_analytics-client_js-node_modules_gith-9002b0-881da98a8b00.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/vendors-node_modules_github_hydro-analytics-client_dist_analytics-client_js-node_modules_gith-9002b0-881da98a8b00.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Thu, 19 Dec 2024 15:00:11 GMT
etag: "0x8DD203DD5F27E62"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 04 Jan 2025 05:01:14 GMT
age: 1327960
x-served-by: cache-iad-kiad7000167-IAD, cache-lon420107-LON
x-cache: HIT, HIT
x-cache-hits: 60, 8391
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 5dded9214845984727024aecede8943cafbb521c
content-length: 5296
GET

https://github.githubassets.com/assets/ui_packages_aria-live_aria-live_ts-ui_packages_promise-with-resolvers-polyfill_promise-with-r-014121-a7926fdcecf7.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/ui_packages_aria-live_aria-live_ts-ui_packages_promise-with-resolvers-polyfill_promise-with-r-014121-a7926fdcecf7.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Tue, 10 Dec 2024 22:28:29 GMT
etag: "0x8DD1969F8C0ACAB"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 04 Jan 2025 05:01:14 GMT
age: 2092550
x-served-by: cache-iad-kjyo7100053-IAD, cache-lon420107-LON
x-cache: HIT, HIT
x-cache-hits: 19, 14962
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: b84e0a60f384f93d9fd163dfff70162f64a63784
content-length: 3123
GET

https://github.githubassets.com/assets/ui_packages_paths_index_ts-4e4d706da555.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/ui_packages_paths_index_ts-4e4d706da555.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Thu, 19 Dec 2024 03:47:22 GMT
etag: "0x8DD1FDFD884F18B"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 04 Jan 2025 05:01:14 GMT
age: 1327961
x-served-by: cache-iad-kjyo7100151-IAD, cache-lon420107-LON
x-cache: HIT, HIT
x-cache-hits: 59, 12831
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 38d0dcfd12c129d51055a28f59b26df601fe2ea7
content-length: 5898
GET

https://github.githubassets.com/assets/ui_packages_ref-selector_RefSelector_tsx-42e7f6cf3ca8.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/ui_packages_ref-selector_RefSelector_tsx-42e7f6cf3ca8.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Fri, 27 Dec 2024 14:01:14 GMT
etag: "0x8DD267EED013DC4"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 04 Jan 2025 05:01:14 GMT
age: 48571
x-served-by: cache-iad-kjyo7100130-IAD, cache-lon420107-LON
x-cache: HIT, HIT
x-cache-hits: 15, 553
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 1ca334292c1a5f8afe4540a47bedcc205211559f
content-length: 6308
GET

https://github.githubassets.com/assets/ui_packages_code-view-shared_hooks_use-canonical-object_ts-ui_packages_code-view-shared_hooks-503c34-7dfba50d2c16.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/ui_packages_code-view-shared_hooks_use-canonical-object_ts-ui_packages_code-view-shared_hooks-503c34-7dfba50d2c16.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Thu, 19 Dec 2024 15:00:09 GMT
etag: "0x8DD203DD4E9D962"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 04 Jan 2025 05:01:14 GMT
age: 1327960
x-served-by: cache-iad-kiad7000060-IAD, cache-lon420107-LON
x-cache: HIT, HIT
x-cache-hits: 60, 8481
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: fca395c9a42bedbdf4420448afdb520654be8b4c
content-length: 20760
GET

https://github.githubassets.com/assets/ui_packages_commit-attribution_index_ts-ui_packages_commit-checks-status_index_ts-ui_packages-56ee79-b20e64ad06f9.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/ui_packages_commit-attribution_index_ts-ui_packages_commit-checks-status_index_ts-ui_packages-56ee79-b20e64ad06f9.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Thu, 19 Dec 2024 20:30:30 GMT
etag: "0x8DD206BFB52D2F5"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 04 Jan 2025 05:01:14 GMT
age: 1320001
x-served-by: cache-iad-kiad7000036-IAD, cache-lon420107-LON
x-cache: HIT, HIT
x-cache-hits: 53, 7421
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: b428a3109ffd43b1183d970fae33c63092ddcd4c
content-length: 15659
GET

https://github.githubassets.com/assets/repos-overview-e21499fb8264.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/repos-overview-e21499fb8264.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Fri, 13 Dec 2024 20:46:29 GMT
etag: "0x8DD1BB73845185D"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 04 Jan 2025 05:01:14 GMT
age: 1243589
x-served-by: cache-iad-kjyo7100037-IAD, cache-lon420107-LON
x-cache: HIT, HIT
x-cache-hits: 76, 6871
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 0fafd9ea1ff8fee6534e159ae5019927a289cbbb
content-length: 9211
GET

https://github.githubassets.com/assets/chunk-app_components_primer_experimental_select-panel-element_ts-4becf93aa968.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/chunk-app_components_primer_experimental_select-panel-element_ts-4becf93aa968.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Wed, 11 Dec 2024 22:19:00 GMT
etag: "0x8DD1A31D05E5B2D"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 04 Jan 2025 05:01:14 GMT
age: 1582903
x-served-by: cache-iad-kiad7000168-IAD, cache-lon420107-LON
x-cache: HIT, HIT
x-cache-hits: 13, 15869
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: eb3d5e9a2b6141911a1bfb1670f1e78bcf3d6ab2
content-length: 7760
GET

https://github.githubassets.com/assets/chunk-app_components_primer_experimental_toggle-switch-element_ts-04349cb42240.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/chunk-app_components_primer_experimental_toggle-switch-element_ts-04349cb42240.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Tue, 12 Nov 2024 00:52:32 GMT
etag: "0x8DD02B44A573252"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 04 Jan 2025 05:01:14 GMT
age: 2287129
x-served-by: cache-iad-kcgs7200111-IAD, cache-lon420107-LON
x-cache: HIT, HIT
x-cache-hits: 58, 22115
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: b124b922c23883cebaafb47e016e7147503600fc
content-length: 543
GET

https://github.githubassets.com/assets/chunk-app_components_search_custom-scopes-element_ts-e27cda452715.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/chunk-app_components_search_custom-scopes-element_ts-e27cda452715.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Thu, 05 Dec 2024 15:49:06 GMT
etag: "0x8DD154459929787"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 04 Jan 2025 05:01:14 GMT
age: 2287128
x-served-by: cache-iad-kiad7000145-IAD, cache-lon420107-LON
x-cache: HIT, HIT
x-cache-hits: 54, 20518
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 10a3d3d140d4747fa386ad9c73b105126365689b
content-length: 4066
GET

https://github.githubassets.com/assets/chunk-vendors-node_modules_github_mini-throttle_dist_index_js-node_modules_github_combobox-nav_dist-b7767a-9ad7d4eda3d9.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/chunk-vendors-node_modules_github_mini-throttle_dist_index_js-node_modules_github_combobox-nav_dist-b7767a-9ad7d4eda3d9.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Fri, 06 Dec 2024 19:19:22 GMT
etag: "0x8DD162AE3C55516"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 04 Jan 2025 05:01:14 GMT
age: 1356512
x-served-by: cache-iad-kiad7000044-IAD, cache-lon420107-LON
x-cache: HIT, HIT
x-cache-hits: 21, 12654
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 28f2184486f8c0f3bccc64b28991a6270b08c1b5
content-length: 6323
GET

https://github.githubassets.com/assets/ui_packages_query-builder-element_query-builder-element_ts-405952f48873.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/ui_packages_query-builder-element_query-builder-element_ts-405952f48873.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Fri, 06 Dec 2024 19:19:33 GMT
etag: "0x8DD162AEA51054B"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 04 Jan 2025 05:01:14 GMT
age: 1356512
x-served-by: cache-iad-kiad7000077-IAD, cache-lon420107-LON
x-cache: HIT, HIT
x-cache-hits: 21, 12700
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 6e554f0a0c8bda721d07afbb681ce3c3ec4b7912
content-length: 7440
GET

https://github.githubassets.com/assets/app_assets_modules_github_blob-anchor_ts-ui_packages_code-nav_code-nav_ts-ui_packages_filter--8253c1-f38cdfca9137.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/app_assets_modules_github_blob-anchor_ts-ui_packages_code-nav_code-nav_ts-ui_packages_filter--8253c1-f38cdfca9137.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Tue, 12 Nov 2024 14:39:20 GMT
etag: "0x8DD0327CB20BA64"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 04 Jan 2025 05:01:14 GMT
age: 2287129
x-served-by: cache-iad-kjyo7100077-IAD, cache-lon420107-LON
x-cache: HIT, HIT
x-cache-hits: 54, 20983
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: b83e4f920561e3e24ea314753bd5e77a81718eb4
content-length: 5382
GET

https://github.githubassets.com/assets/chunk-ui_packages_hydro-analytics_hydro-analytics_ts-ui_packages_jump-to-element_model_ts-201ddaee8e7d.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/chunk-ui_packages_hydro-analytics_hydro-analytics_ts-ui_packages_jump-to-element_model_ts-201ddaee8e7d.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Wed, 11 Dec 2024 22:19:01 GMT
etag: "0x8DD1A31D08393AD"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 04 Jan 2025 05:01:14 GMT
age: 1525093
x-served-by: cache-iad-kjyo7100056-IAD, cache-lon420107-LON
x-cache: HIT, HIT
x-cache-hits: 80, 14520
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: c03840647280147360e3421350cc9137567aaad2
content-length: 4436
GET

https://github.githubassets.com/assets/chunk-app_components_search_qbsearch-input-element_ts-343b1f8e02e1.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/chunk-app_components_search_qbsearch-input-element_ts-343b1f8e02e1.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Thu, 12 Dec 2024 15:17:53 GMT
etag: "0x8DD1AC026545DBA"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 04 Jan 2025 05:01:14 GMT
age: 1356512
x-served-by: cache-iad-kiad7000126-IAD, cache-lon420107-LON
x-cache: HIT, HIT
x-cache-hits: 21, 12737
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 62eab77508cfa6074225c892a50afc47ffbfbfb7
content-length: 16643
GET

https://github.githubassets.com/assets/chunk-ui_packages_cookie-consent-link-element_element-entry_ts-0ade2bf7a852.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/chunk-ui_packages_cookie-consent-link-element_element-entry_ts-0ade2bf7a852.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Fri, 06 Dec 2024 19:19:21 GMT
etag: "0x8DD162AE37E62AA"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 04 Jan 2025 05:01:14 GMT
age: 1356512
x-served-by: cache-iad-kjyo7100125-IAD, cache-lon420107-LON
x-cache: HIT, HIT
x-cache-hits: 21, 13349
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 8e13b6fbe1ab56dbac3ad2ddf503e9a06bbf8f53
content-length: 2920
GET

https://github.githubassets.com/assets/chunk-ui_packages_ghcc-consent-element_element-entry_ts-28a44339e296.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/chunk-ui_packages_ghcc-consent-element_element-entry_ts-28a44339e296.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Fri, 06 Dec 2024 19:19:22 GMT
etag: "0x8DD162AE3BCFA12"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 04 Jan 2025 05:01:14 GMT
age: 1356512
x-served-by: cache-iad-kcgs7200085-IAD, cache-lon420107-LON
x-cache: HIT, HIT
x-cache-hits: 21, 13370
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 43972598987e4d05e6c712505e24aaa2aa3fb0e9
content-length: 3165
GET

https://github.githubassets.com/assets/chunk-vendors-node_modules_github_mini-throttle_dist_index_js-node_modules_github_combobox-nav_dist-5f477b-eeb221e8a5a3.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/chunk-vendors-node_modules_github_mini-throttle_dist_index_js-node_modules_github_combobox-nav_dist-5f477b-eeb221e8a5a3.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Fri, 06 Dec 2024 19:19:22 GMT
etag: "0x8DD162AE3BAD98C"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 04 Jan 2025 05:01:14 GMT
age: 1356512
x-served-by: cache-iad-kiad7000114-IAD, cache-lon420107-LON
x-cache: HIT, HIT
x-cache-hits: 21, 12669
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: c588a9256216e8bd880a629f26951fae389db4f4
content-length: 5020
GET

https://github.githubassets.com/assets/chunk-ui_packages_hydro-analytics_hydro-analytics_ts-ui_packages_query-builder-element_element-entry_ts-bb301b3aed11.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/chunk-ui_packages_hydro-analytics_hydro-analytics_ts-ui_packages_query-builder-element_element-entry_ts-bb301b3aed11.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Wed, 18 Dec 2024 13:39:03 GMT
etag: "0x8DD1F695643DD5B"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 04 Jan 2025 05:01:14 GMT
age: 1356512
x-served-by: cache-iad-kcgs7200121-IAD, cache-lon420107-LON
x-cache: HIT, HIT
x-cache-hits: 21, 12618
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: f02f30d7c8d30324f9bbbde046366753c922603c
content-length: 2523
GET

https://github.githubassets.com/assets/chunk-ui_packages_webauthn-get-element_element-entry_ts-0937e3810b98.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/chunk-ui_packages_webauthn-get-element_element-entry_ts-0937e3810b98.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Fri, 06 Dec 2024 19:19:22 GMT
etag: "0x8DD162AE3BC3790"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 04 Jan 2025 05:01:15 GMT
age: 1356513
x-served-by: cache-iad-kiad7000163-IAD, cache-lon420107-LON
x-cache: HIT, HIT
x-cache-hits: 21, 13551
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: c784b33b79715439b2347ba3e6690cb24551b560
content-length: 2790
GET

https://github.githubassets.com/assets/chunk-ui_packages_code-view-shared_components_files-search_FileResultsList_tsx-9889e76b905e.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/chunk-ui_packages_code-view-shared_components_files-search_FileResultsList_tsx-9889e76b905e.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Mon, 09 Dec 2024 13:29:32 GMT
etag: "0x8DD185583E1EC04"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 04 Jan 2025 05:01:15 GMT
age: 2102362
x-served-by: cache-iad-kjyo7100065-IAD, cache-lon420107-LON
x-cache: HIT, HIT
x-cache-hits: 13, 10675
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 6d6a668a31a22d83ab36ead1457830af2c071b3c
content-length: 5069
GET

https://github.githubassets.com/assets/chunk-vendors-node_modules_consent-banner_dist_consent-banner_js-362ca569b596.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/chunk-vendors-node_modules_consent-banner_dist_consent-banner_js-362ca569b596.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Tue, 12 Nov 2024 00:52:32 GMT
etag: "0x8DD02B44AD10969"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 04 Jan 2025 05:01:15 GMT
age: 2287128
x-served-by: cache-iad-kjyo7100146-IAD, cache-lon420107-LON
x-cache: HIT, HIT
x-cache-hits: 43, 21493
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: cf8428f58425eeb5c3a6def4203dafaf65fe4c98
content-length: 9421
GET

https://github.githubassets.com/assets/react-code-view.6b587a69b593e23c3657.module.css

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/react-code-view.6b587a69b593e23c3657.module.css HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: text/css,*/*;q=0.1
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: style
referer: https://github.com/Da2dalus/The-MALWARE-Repo/tree/master/Botnets/FritzFrog
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: text/css
last-modified: Thu, 07 Nov 2024 20:35:22 GMT
etag: "0x8DCFF6BB3DAE07C"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 04 Jan 2025 05:01:26 GMT
age: 2640592
x-served-by: cache-iad-kjyo7100022-IAD, cache-lon420107-LON
x-cache: HIT, HIT
x-cache-hits: 25, 5989
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 377e137b74f2e56437e588aec3b04ff7990f8efe
content-length: 1101
GET

https://github.githubassets.com/assets/vendors-node_modules_lodash-es__Stack_js-node_modules_lodash-es__Uint8Array_js-node_modules_l-4faaa6-10d8eea337ce.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/vendors-node_modules_lodash-es__Stack_js-node_modules_lodash-es__Uint8Array_js-node_modules_l-4faaa6-10d8eea337ce.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/tree/master/Botnets/FritzFrog
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Tue, 12 Nov 2024 00:52:41 GMT
etag: "0x8DD02B4500E09CE"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 04 Jan 2025 05:01:26 GMT
age: 2287125
x-served-by: cache-iad-kcgs7200047-IAD, cache-lon420107-LON
x-cache: HIT, HIT
x-cache-hits: 58, 7960
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 6ea9c7732ce264014f266add385889e185b7608d
content-length: 2137
GET

https://github.githubassets.com/assets/vendors-node_modules_lodash-es__baseIsEqual_js-8929eb9718d5.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/vendors-node_modules_lodash-es__baseIsEqual_js-8929eb9718d5.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/tree/master/Botnets/FritzFrog
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Mon, 16 Sep 2024 23:19:54 GMT
etag: "0x8DCD6A6128E8C4A"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 04 Jan 2025 05:01:26 GMT
age: 5227812
x-served-by: cache-iad-kiad7000157-IAD, cache-lon420107-LON
x-cache: HIT, HIT
x-cache-hits: 16360, 7410
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: b659e3d6b5e2e059ee78a6b2e52492e9a03b4a4e
content-length: 2209
GET

https://github.githubassets.com/assets/ui_packages_code-view-shared_utilities_web-worker_ts-ui_packages_code-view-shared_worker-jobs-cdcae1-f0dc8f3ae3e0.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/ui_packages_code-view-shared_utilities_web-worker_ts-ui_packages_code-view-shared_worker-jobs-cdcae1-f0dc8f3ae3e0.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/tree/master/Botnets/FritzFrog
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Wed, 18 Dec 2024 23:32:35 GMT
etag: "0x8DD1FBC40608B0C"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 04 Jan 2025 05:01:26 GMT
age: 1320015
x-served-by: cache-iad-kiad7000168-IAD, cache-lon420107-LON
x-cache: HIT, HIT
x-cache-hits: 54, 3672
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: f3010deaf300bbd387302ac15e47e4422a7c479f
content-length: 13672
GET

https://github.githubassets.com/assets/ui_packages_document-metadata_document-metadata_ts-ui_packages_repos-file-tree-view_repos-fil-5db355-d0627efd6544.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/ui_packages_document-metadata_document-metadata_ts-ui_packages_repos-file-tree-view_repos-fil-5db355-d0627efd6544.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/tree/master/Botnets/FritzFrog
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Tue, 10 Dec 2024 01:09:57 GMT
etag: "0x8DD18B75D2F881B"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 04 Jan 2025 05:01:26 GMT
age: 2102384
x-served-by: cache-iad-kjyo7100101-IAD, cache-lon420107-LON
x-cache: HIT, HIT
x-cache-hits: 18, 6217
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 892839310d08d7b2d4baa544b47fce732ffa4bd5
content-length: 9430
GET

https://github.githubassets.com/assets/react-code-view-46a8d3dce54e.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/react-code-view-46a8d3dce54e.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/tree/master/Botnets/FritzFrog
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Fri, 20 Dec 2024 12:51:26 GMT
etag: "0x8DD20F504464C08"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 04 Jan 2025 05:01:26 GMT
age: 1254898
x-served-by: cache-iad-kjyo7100131-IAD, cache-lon420107-LON
x-cache: HIT, HIT
x-cache-hits: 28, 3546
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 526aa39e38ed6951c12d8957ac747c8fbce85215
content-length: 67047
DNS

user-images.githubusercontent.com

msedge.exe

Remote address:

8.8.8.8:53

Request

user-images.githubusercontent.com

IN A

Response

user-images.githubusercontent.com

IN A

185.199.108.133

user-images.githubusercontent.com

IN A

185.199.111.133

user-images.githubusercontent.com

IN A

185.199.109.133

user-images.githubusercontent.com

IN A

185.199.110.133
DNS

215.156.26.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

215.156.26.20.in-addr.arpa

IN PTR

Response
DNS

133.110.199.185.in-addr.arpa

Remote address:

8.8.8.8:53

Request

133.110.199.185.in-addr.arpa

IN PTR

Response

133.110.199.185.in-addr.arpa

IN PTR

cdn-185-199-110-133githubcom
DNS

133.110.199.185.in-addr.arpa

Remote address:

8.8.8.8:53

Request

133.110.199.185.in-addr.arpa

IN PTR

Response

133.110.199.185.in-addr.arpa

IN PTR

cdn-185-199-110-133githubcom
DNS

154.111.199.185.in-addr.arpa

Remote address:

8.8.8.8:53

Request

154.111.199.185.in-addr.arpa

IN PTR

Response

154.111.199.185.in-addr.arpa

IN PTR

cdn-185-199-111-154githubcom
DNS

collector.github.com

msedge.exe

Remote address:

8.8.8.8:53

Request

collector.github.com

IN A

Response

collector.github.com

IN CNAME

glb-db52c2cf8be544.github.com

glb-db52c2cf8be544.github.com

IN A

140.82.113.21
GET

https://github.githubassets.com/favicons/favicon.svg

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /favicons/favicon.svg HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: image/png
content-md5: YDrNCDxuYozaAYS2sPzvIQ==
last-modified: Wed, 14 Aug 2024 19:49:39 GMT
etag: "0x8DCBC9A3C0EF02F"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 04 Jan 2025 05:01:15 GMT
age: 4318347
x-served-by: cache-iad-kiad7000023-IAD, cache-lcy-eglc8600079-LCY
x-cache: HIT, HIT
x-cache-hits: 381, 17247
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: c07e29135a0d1a8bf18cb4d50284d364a0c1224b
content-length: 14426
GET

https://github.githubassets.com/assets/apple-touch-icon-144x144-b882e354c005.png

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/apple-touch-icon-144x144-b882e354c005.png HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: image/svg+xml
content-md5: bYAvaN8MCaSZfP0o7q/Z/w==
last-modified: Wed, 14 Aug 2024 19:18:58 GMT
etag: "0x8DCBC95F2647EDF"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 04 Jan 2025 05:01:15 GMT
age: 97
x-served-by: cache-iad-kiad7000081-IAD, cache-lcy-eglc8600079-LCY
x-cache: HIT, HIT
x-cache-hits: 1250203, 1
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: eacd19249a7473d8bb09c8a134a8f71f938f580a
content-length: 959
GET

https://github.githubassets.com/favicons/favicon.png

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /favicons/favicon.png HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: image/png
content-md5: NG4JRxNi8pB1EKMYEhKc0g==
last-modified: Wed, 14 Aug 2024 19:18:46 GMT
etag: "0x8DCBC95EB57AC96"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 04 Jan 2025 05:01:15 GMT
age: 127
x-served-by: cache-iad-kiad7000070-IAD, cache-lcy-eglc8600079-LCY
x-cache: HIT, HIT
x-cache-hits: 3627102, 1
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 33ae058c9fd757a280f890a81cf30283b84de961
content-length: 958
DNS

api.github.com

msedge.exe

Remote address:

8.8.8.8:53

Request

api.github.com

IN A

Response

api.github.com

IN A

20.26.156.210
POST

https://collector.github.com/github/collect

msedge.exe

Remote address:

140.82.113.21:443

Request

POST /github/collect HTTP/2.0
host: collector.github.com
content-length: 1045
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: text/plain;charset=UTF-8
accept: */*
origin: https://github.com
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _octo=GH1.1.1477616909.1735966873
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 204

date: Sat, 04 Jan 2025 05:01:15 GMT
access-control-allow-methods: POST,OPTIONS
access-control-allow-headers: Content-Type
access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: no-cache
x-runtime: 0.002223
strict-transport-security: max-age=631138519
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-github-backend: Kubernetes
x-github-request-id: F973:3F8B1C:85BF1A:C0C0A1:6778C09B
POST

https://collector.github.com/github/collect

msedge.exe

Remote address:

140.82.113.21:443

Request

POST /github/collect HTTP/2.0
host: collector.github.com
content-length: 1325
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: text/plain;charset=UTF-8
accept: */*
origin: https://github.com
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _octo=GH1.1.1477616909.1735966873
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 204

date: Sat, 04 Jan 2025 05:01:15 GMT
access-control-allow-methods: POST,OPTIONS
access-control-allow-headers: Content-Type
access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: no-cache
x-runtime: 0.003445
strict-transport-security: max-age=631138519
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-github-backend: Kubernetes
x-github-request-id: F973:3F8B1C:85BF1A:C0C0A2:6778C09B
POST

https://collector.github.com/github/collect

msedge.exe

Remote address:

140.82.113.21:443

Request

POST /github/collect HTTP/2.0
host: collector.github.com
content-length: 1379
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: text/plain;charset=UTF-8
accept: */*
origin: https://github.com
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _octo=GH1.1.1477616909.1735966873
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 204

date: Sat, 04 Jan 2025 05:01:25 GMT
access-control-allow-methods: POST,OPTIONS
access-control-allow-headers: Content-Type
access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: no-cache
x-runtime: 0.003104
strict-transport-security: max-age=631138519
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-github-backend: Kubernetes
x-github-request-id: F973:3F8B1C:85C689:C0CC52:6778C09B
POST

https://collector.github.com/github/collect

msedge.exe

Remote address:

140.82.113.21:443

Request

POST /github/collect HTTP/2.0
host: collector.github.com
content-length: 1544
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: text/plain;charset=UTF-8
accept: */*
origin: https://github.com
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _octo=GH1.1.1477616909.1735966873
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 204

date: Sat, 04 Jan 2025 05:01:26 GMT
access-control-allow-methods: POST,OPTIONS
access-control-allow-headers: Content-Type
access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: no-cache
x-runtime: 0.002706
strict-transport-security: max-age=631138519
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-github-backend: Kubernetes
x-github-request-id: F973:3F8B1C:85C6B0:C0CC8E:6778C0A5
POST

https://collector.github.com/github/collect

msedge.exe

Remote address:

140.82.113.21:443

Request

POST /github/collect HTTP/2.0
host: collector.github.com
content-length: 1124
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: text/plain;charset=UTF-8
accept: */*
origin: https://github.com
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/tree/master/Botnets/FritzFrog
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _octo=GH1.1.1477616909.1735966873
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 204

date: Sat, 04 Jan 2025 05:01:26 GMT
access-control-allow-methods: POST,OPTIONS
access-control-allow-headers: Content-Type
access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: no-cache
x-runtime: 0.002984
strict-transport-security: max-age=631138519
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-github-backend: Kubernetes
x-github-request-id: F973:3F8B1C:85C729:C0CD46:6778C0A6
POST

https://collector.github.com/github/collect

msedge.exe

Remote address:

140.82.113.21:443

Request

POST /github/collect HTTP/2.0
host: collector.github.com
content-length: 1544
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: text/plain;charset=UTF-8
accept: */*
origin: https://github.com
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/tree/master/Botnets/FritzFrog
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _octo=GH1.1.1477616909.1735966873
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 204

date: Sat, 04 Jan 2025 05:01:27 GMT
access-control-allow-methods: POST,OPTIONS
access-control-allow-headers: Content-Type
access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: no-cache
x-runtime: 0.003574
strict-transport-security: max-age=631138519
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-github-backend: Kubernetes
x-github-request-id: F973:3F8B1C:85C774:C0CDC6:6778C0A6
POST

https://collector.github.com/github/collect

msedge.exe

Remote address:

140.82.113.21:443

Request

POST /github/collect HTTP/2.0
host: collector.github.com
content-length: 1113
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: text/plain;charset=UTF-8
accept: */*
origin: https://github.com
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _octo=GH1.1.1477616909.1735966873
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 204

date: Sat, 04 Jan 2025 05:02:01 GMT
access-control-allow-methods: POST,OPTIONS
access-control-allow-headers: Content-Type
access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: no-cache
x-runtime: 0.003687
strict-transport-security: max-age=631138519
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-github-backend: Kubernetes
x-github-request-id: F973:3F8B1C:85E147:C0F663:6778C0A7
POST

https://collector.github.com/github/collect

msedge.exe

Remote address:

140.82.113.21:443

Request

POST /github/collect HTTP/2.0
host: collector.github.com
content-length: 1485
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: text/plain;charset=UTF-8
accept: */*
origin: https://github.com
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _octo=GH1.1.1477616909.1735966873
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 204

date: Sat, 04 Jan 2025 05:02:01 GMT
access-control-allow-methods: POST,OPTIONS
access-control-allow-headers: Content-Type
access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: no-cache
x-runtime: 0.002733
strict-transport-security: max-age=631138519
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-github-backend: Kubernetes
x-github-request-id: F973:3F8B1C:85E150:C0F675:6778C0C9
POST

https://collector.github.com/github/collect

msedge.exe

Remote address:

140.82.113.21:443

Request

POST /github/collect HTTP/2.0
host: collector.github.com
content-length: 1104
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: text/plain;charset=UTF-8
accept: */*
origin: https://github.com
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/tree/master/Spyware
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _octo=GH1.1.1477616909.1735966873
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 204

date: Sat, 04 Jan 2025 05:02:13 GMT
access-control-allow-methods: POST,OPTIONS
access-control-allow-headers: Content-Type
access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: no-cache
x-runtime: 0.002402
strict-transport-security: max-age=631138519
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-github-backend: Kubernetes
x-github-request-id: F973:3F8B1C:85EAC3:C104FF:6778C0C9
POST

https://collector.github.com/github/collect

msedge.exe

Remote address:

140.82.113.21:443

Request

POST /github/collect HTTP/2.0
host: collector.github.com
content-length: 1514
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: text/plain;charset=UTF-8
accept: */*
origin: https://github.com
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/tree/master/Spyware
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _octo=GH1.1.1477616909.1735966873
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 204

date: Sat, 04 Jan 2025 05:02:13 GMT
access-control-allow-methods: POST,OPTIONS
access-control-allow-headers: Content-Type
access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: no-cache
x-runtime: 0.001871
strict-transport-security: max-age=631138519
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-github-backend: Kubernetes
x-github-request-id: F973:3F8B1C:85EAD8:C1051A:6778C0D5
POST

https://collector.github.com/github/collect

msedge.exe

Remote address:

140.82.113.21:443

Request

POST /github/collect HTTP/2.0
host: collector.github.com
content-length: 1142
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: text/plain;charset=UTF-8
accept: */*
origin: https://github.com
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Spyware/HawkEye.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _octo=GH1.1.1477616909.1735966873
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 204

date: Sat, 04 Jan 2025 05:02:21 GMT
access-control-allow-methods: POST,OPTIONS
access-control-allow-headers: Content-Type
access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: no-cache
x-runtime: 0.002631
strict-transport-security: max-age=631138519
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-github-backend: Kubernetes
x-github-request-id: F973:3F8B1C:85EFF5:C10D6B:6778C0D5
POST

https://collector.github.com/github/collect

msedge.exe

Remote address:

140.82.113.21:443

Request

POST /github/collect HTTP/2.0
host: collector.github.com
content-length: 1148
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: text/plain;charset=UTF-8
accept: */*
origin: https://github.com
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Spyware/HawkEye.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _octo=GH1.1.1477616909.1735966873
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 204

date: Sat, 04 Jan 2025 05:02:21 GMT
access-control-allow-methods: POST,OPTIONS
access-control-allow-headers: Content-Type
access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: no-cache
x-runtime: 0.002445
strict-transport-security: max-age=631138519
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-github-backend: Kubernetes
x-github-request-id: F973:3F8B1C:85EFFA:C10D73:6778C0DD
POST

https://collector.github.com/github/collect

msedge.exe

Remote address:

140.82.113.21:443

Request

POST /github/collect HTTP/2.0
host: collector.github.com
content-length: 1551
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: text/plain;charset=UTF-8
accept: */*
origin: https://github.com
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Spyware/HawkEye.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _octo=GH1.1.1477616909.1735966873
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 204

date: Sat, 04 Jan 2025 05:02:21 GMT
access-control-allow-methods: POST,OPTIONS
access-control-allow-headers: Content-Type
access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: no-cache
x-runtime: 0.003337
strict-transport-security: max-age=631138519
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-github-backend: Kubernetes
x-github-request-id: F973:3F8B1C:85F00F:C10D96:6778C0DD
POST

https://api.github.com/_private/browser/stats

msedge.exe

Remote address:

20.26.156.210:443

Request

POST /_private/browser/stats HTTP/2.0
host: api.github.com
content-length: 5689
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: text/plain;charset=UTF-8
accept: */*
origin: https://github.com
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _octo=GH1.1.1477616909.1735966873
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 200

date: Sat, 04 Jan 2025 05:01:15 GMT
content-type: text/plain
content-length: 0
cache-control: no-cache
x-ratelimit-limit: 60
x-ratelimit-remaining: 60
x-ratelimit-reset: 1735970475
x-ratelimit-used: 0
x-ratelimit-resource: core
x-github-media-type: github.v3; format=json
x-github-api-version-selected: 2022-11-28
access-control-expose-headers: ETag, Link, Location, Retry-After, X-GitHub-OTP, X-RateLimit-Limit, X-RateLimit-Remaining, X-RateLimit-Used, X-RateLimit-Resource, X-RateLimit-Reset, X-OAuth-Scopes, X-Accepted-OAuth-Scopes, X-Poll-Interval, X-GitHub-Media-Type, X-GitHub-SSO, X-GitHub-Request-Id, Deprecation, Sunset
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
content-security-policy: default-src 'none'
vary: Accept-Encoding, Accept, X-Requested-With
server: github.com
x-github-request-id: EF14:331B49:36A30CC:44290B4:6778C09B
POST

https://api.github.com/_private/browser/stats

msedge.exe

Remote address:

20.26.156.210:443

Request

POST /_private/browser/stats HTTP/2.0
host: api.github.com
content-length: 275
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: text/plain;charset=UTF-8
accept: */*
origin: https://github.com
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _octo=GH1.1.1477616909.1735966873
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 200

date: Sat, 04 Jan 2025 05:01:25 GMT
content-type: text/plain
content-length: 0
cache-control: no-cache
x-ratelimit-limit: 60
x-ratelimit-remaining: 60
x-ratelimit-reset: 1735970485
x-ratelimit-used: 0
x-ratelimit-resource: core
x-github-media-type: github.v3; format=json
x-github-api-version-selected: 2022-11-28
access-control-expose-headers: ETag, Link, Location, Retry-After, X-GitHub-OTP, X-RateLimit-Limit, X-RateLimit-Remaining, X-RateLimit-Used, X-RateLimit-Resource, X-RateLimit-Reset, X-OAuth-Scopes, X-Accepted-OAuth-Scopes, X-Poll-Interval, X-GitHub-Media-Type, X-GitHub-SSO, X-GitHub-Request-Id, Deprecation, Sunset
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
content-security-policy: default-src 'none'
vary: Accept-Encoding, Accept, X-Requested-With
server: github.com
x-github-request-id: EF14:331B49:36A3367:44293F8:6778C09B
POST

https://api.github.com/_private/browser/stats

msedge.exe

Remote address:

20.26.156.210:443

Request

POST /_private/browser/stats HTTP/2.0
host: api.github.com
content-length: 1448
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: text/plain;charset=UTF-8
accept: */*
origin: https://github.com
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/tree/master/Botnets/FritzFrog
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _octo=GH1.1.1477616909.1735966873
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 200

date: Sat, 04 Jan 2025 05:01:32 GMT
content-type: text/plain
content-length: 0
cache-control: no-cache
x-ratelimit-limit: 60
x-ratelimit-remaining: 60
x-ratelimit-reset: 1735970492
x-ratelimit-used: 0
x-ratelimit-resource: core
x-github-media-type: github.v3; format=json
x-github-api-version-selected: 2022-11-28
access-control-expose-headers: ETag, Link, Location, Retry-After, X-GitHub-OTP, X-RateLimit-Limit, X-RateLimit-Remaining, X-RateLimit-Used, X-RateLimit-Resource, X-RateLimit-Reset, X-OAuth-Scopes, X-Accepted-OAuth-Scopes, X-Poll-Interval, X-GitHub-Media-Type, X-GitHub-SSO, X-GitHub-Request-Id, Deprecation, Sunset
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
content-security-policy: default-src 'none'
vary: Accept-Encoding, Accept, X-Requested-With
server: github.com
x-github-request-id: EF14:331B49:36A3520:4429629:6778C0A5
POST

https://api.github.com/_private/browser/stats

msedge.exe

Remote address:

20.26.156.210:443

Request

POST /_private/browser/stats HTTP/2.0
host: api.github.com
content-length: 747
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: text/plain;charset=UTF-8
accept: */*
origin: https://github.com
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _octo=GH1.1.1477616909.1735966873
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 200

date: Sat, 04 Jan 2025 05:02:01 GMT
content-type: text/plain
content-length: 0
cache-control: no-cache
x-ratelimit-limit: 60
x-ratelimit-remaining: 60
x-ratelimit-reset: 1735970521
x-ratelimit-used: 0
x-ratelimit-resource: core
x-github-media-type: github.v3; format=json
x-github-api-version-selected: 2022-11-28
access-control-expose-headers: ETag, Link, Location, Retry-After, X-GitHub-OTP, X-RateLimit-Limit, X-RateLimit-Remaining, X-RateLimit-Used, X-RateLimit-Resource, X-RateLimit-Reset, X-OAuth-Scopes, X-Accepted-OAuth-Scopes, X-Poll-Interval, X-GitHub-Media-Type, X-GitHub-SSO, X-GitHub-Request-Id, Deprecation, Sunset
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
content-security-policy: default-src 'none'
vary: Accept-Encoding, Accept, X-Requested-With
server: github.com
x-github-request-id: EF14:331B49:36A3B0D:4429DF2:6778C0AC
POST

https://api.github.com/_private/browser/stats

msedge.exe

Remote address:

20.26.156.210:443

Request

POST /_private/browser/stats HTTP/2.0
host: api.github.com
content-length: 1348
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: text/plain;charset=UTF-8
accept: */*
origin: https://github.com
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/tree/master/Spyware
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _octo=GH1.1.1477616909.1735966873
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 200

date: Sat, 04 Jan 2025 05:02:13 GMT
content-type: text/plain
content-length: 0
cache-control: no-cache
x-ratelimit-limit: 60
x-ratelimit-remaining: 60
x-ratelimit-reset: 1735970533
x-ratelimit-used: 0
x-ratelimit-resource: core
x-github-media-type: github.v3; format=json
x-github-api-version-selected: 2022-11-28
access-control-expose-headers: ETag, Link, Location, Retry-After, X-GitHub-OTP, X-RateLimit-Limit, X-RateLimit-Remaining, X-RateLimit-Used, X-RateLimit-Resource, X-RateLimit-Reset, X-OAuth-Scopes, X-Accepted-OAuth-Scopes, X-Poll-Interval, X-GitHub-Media-Type, X-GitHub-SSO, X-GitHub-Request-Id, Deprecation, Sunset
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
content-security-policy: default-src 'none'
vary: Accept-Encoding, Accept, X-Requested-With
server: github.com
x-github-request-id: EF14:331B49:36A3D89:442A119:6778C0CA
POST

https://api.github.com/_private/browser/stats

msedge.exe

Remote address:

20.26.156.210:443

Request

POST /_private/browser/stats HTTP/2.0
host: api.github.com
content-length: 424
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: text/plain;charset=UTF-8
accept: */*
origin: https://github.com
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Spyware/HawkEye.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _octo=GH1.1.1477616909.1735966873
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 200

date: Sat, 04 Jan 2025 05:02:26 GMT
content-type: text/plain
content-length: 0
cache-control: no-cache
x-ratelimit-limit: 60
x-ratelimit-remaining: 60
x-ratelimit-reset: 1735970546
x-ratelimit-used: 0
x-ratelimit-resource: core
x-github-media-type: github.v3; format=json
x-github-api-version-selected: 2022-11-28
access-control-expose-headers: ETag, Link, Location, Retry-After, X-GitHub-OTP, X-RateLimit-Limit, X-RateLimit-Remaining, X-RateLimit-Used, X-RateLimit-Resource, X-RateLimit-Reset, X-OAuth-Scopes, X-Accepted-OAuth-Scopes, X-Poll-Interval, X-GitHub-Media-Type, X-GitHub-SSO, X-GitHub-Request-Id, Deprecation, Sunset
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
content-security-policy: default-src 'none'
vary: Accept-Encoding, Accept, X-Requested-With
server: github.com
x-github-request-id: EF14:331B49:36A3FEA:442A443:6778C0D5
DNS

21.113.82.140.in-addr.arpa

Remote address:

8.8.8.8:53

Request

21.113.82.140.in-addr.arpa

IN PTR

Response

21.113.82.140.in-addr.arpa

IN PTR

lb-140-82-113-21-iadgithubcom
DNS

210.156.26.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

210.156.26.20.in-addr.arpa

IN PTR

Response
DNS

74.239.69.13.in-addr.arpa

Remote address:

8.8.8.8:53

Request

74.239.69.13.in-addr.arpa

IN PTR

Response
DNS

raw.githubusercontent.com

msedge.exe

Remote address:

8.8.8.8:53

Request

raw.githubusercontent.com

IN A

Response

raw.githubusercontent.com

IN A

185.199.108.133

raw.githubusercontent.com

IN A

185.199.111.133

raw.githubusercontent.com

IN A

185.199.110.133

raw.githubusercontent.com

IN A

185.199.109.133
GET

https://raw.githubusercontent.com/Da2dalus/The-MALWARE-Repo/refs/heads/master/Spyware/HawkEye.exe

msedge.exe

Remote address:

185.199.108.133:443

Request

GET /Da2dalus/The-MALWARE-Repo/refs/heads/master/Spyware/HawkEye.exe HTTP/2.0
host: raw.githubusercontent.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://github.com
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Spyware/HawkEye.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: max-age=300
content-security-policy: default-src 'none'; style-src 'unsafe-inline'; sandbox
content-type: application/octet-stream
etag: W/"c3609ae6f02bad5fd38620994c776964b67bb54a1158de57760422b957966bde"
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: deny
x-xss-protection: 1; mode=block
x-github-request-id: CA97:29FA6:E1DE14:12DDF51:6778C0E0
accept-ranges: bytes
date: Sat, 04 Jan 2025 05:02:25 GMT
via: 1.1 varnish
x-served-by: cache-lon420095-LON
x-cache: MISS
x-cache-hits: 0
x-timer: S1735966945.434911,VS0,VE137
vary: Authorization,Accept-Encoding,Origin
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-fastly-request-id: e086a766592bca868e3458c1a583993aa44e9afe
expires: Sat, 04 Jan 2025 05:07:25 GMT
source-age: 0
content-length: 237568
DNS

133.108.199.185.in-addr.arpa

Remote address:

8.8.8.8:53

Request

133.108.199.185.in-addr.arpa

IN PTR

Response

133.108.199.185.in-addr.arpa

IN PTR

cdn-185-199-108-133githubcom
DNS

bot.whatismyipaddress.com

HawkEye.exe

Remote address:

8.8.8.8:53

Request

bot.whatismyipaddress.com

IN A

Response
DNS

www.veryicon.com

IEXPLORE.EXE

Remote address:

8.8.8.8:53

Request

www.veryicon.com

IN A

Response

www.veryicon.com

IN A

104.21.11.28

www.veryicon.com

IN A

172.67.165.22
GET

http://fonts.googleapis.com/css?family=Audiowide

IEXPLORE.EXE

Remote address:

216.58.204.74:80

Request

GET /css?family=Audiowide HTTP/1.1
Accept: text/css, */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: fonts.googleapis.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Content-Type: text/css; charset=utf-8
Vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Expires: Sat, 04 Jan 2025 05:03:16 GMT
Date: Sat, 04 Jan 2025 05:03:16 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin-allow-popups
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
GET

http://www.veryicon.com/icon/png/Flag/Flag%204/Germany.png

IEXPLORE.EXE

Remote address:

104.21.11.28:80

Request

GET /icon/png/Flag/Flag%204/Germany.png HTTP/1.1
Accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: www.veryicon.com
Connection: Keep-Alive

Response

HTTP/1.1 301 Moved Permanently

Date: Sat, 04 Jan 2025 05:03:16 GMT
Content-Type: text/html
Content-Length: 167
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sat, 04 Jan 2025 06:03:16 GMT
Location: https://www.veryicon.com/icon/png/Flag/Flag%204/Germany.png
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5lU2rjuIkLZsqIyRoxQJ7HJvn9OHYbsiICXPjs3i8AsIR%2FqX5SjyWFdrdLlgIvkNxgjBrLpUg7ipeN9yXdCHeBB2glFEh8l8tJRZf8M8evjtQZOi066H%2BdAkD7Vf6l%2B6%2F%2BTn"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
Server: cloudflare
CF-RAY: 8fc8ae6038a9bd80-LHR
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=59436&min_rtt=59436&rtt_var=29718&sent=1&recv=3&lost=0&retrans=0&sent_bytes=0&recv_bytes=310&delivery_rate=0&cwnd=249&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"
GET

http://www.veryicon.com/icon/png/Flag/Flag%204/United%20Kingdom.png

IEXPLORE.EXE

Remote address:

104.21.11.28:80

Request

GET /icon/png/Flag/Flag%204/United%20Kingdom.png HTTP/1.1
Accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: www.veryicon.com
Connection: Keep-Alive

Response

HTTP/1.1 301 Moved Permanently

Date: Sat, 04 Jan 2025 05:03:16 GMT
Content-Type: text/html
Content-Length: 167
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sat, 04 Jan 2025 06:03:16 GMT
Location: https://www.veryicon.com/icon/png/Flag/Flag%204/United%20Kingdom.png
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4ZQhwOc2Fh5L4HIY1FXr5M904lG5s%2BNo1FKiPA90%2F1aapqGSyEeRIJ5PaTtfl1XKAVst82nqm2UYOXm8zBq0BkLrOzgEugYL7oeVfzUTvKECWxQyy3c11QddyAmzCMN0e0da"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
Server: cloudflare
CF-RAY: 8fc8ae6039f6ef15-LHR
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=59071&min_rtt=59071&rtt_var=29535&sent=1&recv=3&lost=0&retrans=0&sent_bytes=0&recv_bytes=319&delivery_rate=0&cwnd=240&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"
GET

https://www.veryicon.com/icon/png/Flag/Flag%204/United%20Kingdom.png

IEXPLORE.EXE

Remote address:

104.21.11.28:443

Request

GET /icon/png/Flag/Flag%204/United%20Kingdom.png HTTP/2.0
host: www.veryicon.com
accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko
accept-encoding: gzip, deflate

Response

HTTP/2.0 200

date: Sat, 04 Jan 2025 05:03:17 GMT
content-type: image/png
content-length: 1340
last-modified: Tue, 16 Apr 2019 12:40:37 GMT
etag: "1d4f451976395bc"
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qE8s603G65BvgwqIK5w4O%2Bdv9ycRvRkya1qjNRNG3cleqdwIuwLEOQJnJCD0P6qlJH5sK5iQL2TtO7P1cDR9RTE54LNW2cFrwq0MPF7ou0qYBeW07FYJ0Cf96S6Zl9jaRk3t"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 8fc8ae639c04416b-LHR
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=59439&min_rtt=58997&rtt_var=5461&sent=9&recv=14&lost=0&retrans=0&sent_bytes=3404&recv_bytes=692&delivery_rate=68304&cwnd=222&unsent_bytes=0&cid=654627f9fd32f14c&ts=687&x=0"
GET

https://www.veryicon.com/icon/png/Flag/Flag%204/Germany.png

IEXPLORE.EXE

Remote address:

104.21.11.28:443

Request

GET /icon/png/Flag/Flag%204/Germany.png HTTP/2.0
host: www.veryicon.com
accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko
accept-encoding: gzip, deflate

Response

HTTP/2.0 200

date: Sat, 04 Jan 2025 05:03:17 GMT
content-type: image/png
content-length: 3739
last-modified: Tue, 16 Apr 2019 12:40:36 GMT
etag: "1d4f45196caf49b"
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ynhCKKh3Dg6IE8PLfPdaBLtQfDTgd9OPpt8E9NkKonnIUuI%2FonSEQM0%2FlXb2WoIwrRzEY3x019tnj%2BHOewkOKLw7EjRWxCPG3BXmpR2mTSN4HwypSMG15r6GWyj4vIriIkBJ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 8fc8ae639c03416b-LHR
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=59439&min_rtt=58997&rtt_var=5461&sent=13&recv=14&lost=0&retrans=0&sent_bytes=5517&recv_bytes=692&delivery_rate=68304&cwnd=222&unsent_bytes=0&cid=654627f9fd32f14c&ts=691&x=0"
DNS

i.imgur.com

IEXPLORE.EXE

Remote address:

8.8.8.8:53

Request

i.imgur.com

IN A

Response

i.imgur.com

IN CNAME

ipv4.imgur.map.fastly.net

ipv4.imgur.map.fastly.net

IN A

199.232.192.193

ipv4.imgur.map.fastly.net

IN A

199.232.196.193
DNS

c.pki.goog

IEXPLORE.EXE

Remote address:

8.8.8.8:53

Request

c.pki.goog

IN A

Response

c.pki.goog

IN CNAME

pki-goog.l.google.com

pki-goog.l.google.com

IN A

142.250.178.3
GET

http://i.imgur.com/zHNCk2e.gif

IEXPLORE.EXE

Remote address:

199.232.192.193:80

Request

GET /zHNCk2e.gif HTTP/1.1
Accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: i.imgur.com
Connection: Keep-Alive

Response

HTTP/1.1 301 Moved Permanently

Connection: close
Content-Length: 0
Retry-After: 0
Location: https://i.imgur.com/zHNCk2e.gif
Accept-Ranges: bytes
Date: Sat, 04 Jan 2025 05:03:16 GMT
X-Served-By: cache-lon420084-LON
X-Cache: HIT
X-Cache-Hits: 0
X-Timer: S1735966997.874260,VS0,VE0
Strict-Transport-Security: max-age=300
Access-Control-Allow-Methods: GET, OPTIONS
Access-Control-Allow-Origin: *
Server: cat factory 1.0
GET

http://c.pki.goog/r/gsr1.crl

IEXPLORE.EXE

Remote address:

142.250.178.3:80

Request

GET /r/gsr1.crl HTTP/1.1
Connection: Keep-Alive
Accept: */*
User-Agent: Microsoft-CryptoAPI/10.0
Host: c.pki.goog

Response

HTTP/1.1 200 OK

Accept-Ranges: bytes
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cacerts
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="cacerts"
Report-To: {"group":"cacerts","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cacerts"}]}
Content-Length: 1739
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Sat, 04 Jan 2025 04:18:55 GMT
Expires: Sat, 04 Jan 2025 05:08:55 GMT
Cache-Control: public, max-age=3000
Age: 2661
Last-Modified: Mon, 07 Oct 2024 07:18:00 GMT
Content-Type: application/pkix-crl
Vary: Accept-Encoding
GET

http://c.pki.goog/r/r4.crl

IEXPLORE.EXE

Remote address:

142.250.178.3:80

Request

GET /r/r4.crl HTTP/1.1
Connection: Keep-Alive
Accept: */*
User-Agent: Microsoft-CryptoAPI/10.0
Host: c.pki.goog

Response

HTTP/1.1 200 OK

Accept-Ranges: bytes
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cacerts
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="cacerts"
Report-To: {"group":"cacerts","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cacerts"}]}
Content-Length: 436
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Sat, 04 Jan 2025 04:47:48 GMT
Expires: Sat, 04 Jan 2025 05:37:48 GMT
Cache-Control: public, max-age=3000
Age: 928
Last-Modified: Thu, 25 Jul 2024 14:48:00 GMT
Content-Type: application/pkix-crl
Vary: Accept-Encoding
GET

http://fonts.gstatic.com/s/audiowide/v20/l7gdbjpo0cum0ckerWCdlg_I.woff

IEXPLORE.EXE

Remote address:

142.250.187.195:80

Request

GET /s/audiowide/v20/l7gdbjpo0cum0ckerWCdlg_I.woff HTTP/1.1
Accept: */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko
Origin: file:
Accept-Encoding: gzip, deflate
Host: fonts.gstatic.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Accept-Ranges: bytes
Content-Type: font/woff
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 17832
Date: Sat, 04 Jan 2025 05:03:16 GMT
Expires: Sun, 04 Jan 2026 05:03:16 GMT
Cache-Control: public, max-age=31536000
Last-Modified: Thu, 24 Aug 2023 20:44:07 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
GET

https://i.imgur.com/zHNCk2e.gif

IEXPLORE.EXE

Remote address:

199.232.192.193:443

Request

GET /zHNCk2e.gif HTTP/2.0
host: i.imgur.com
accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko
accept-encoding: gzip, deflate

Response

HTTP/2.0 200

content-type: image/gif
last-modified: Sat, 19 Oct 2013 15:05:36 GMT
etag: "071b5a717594fd473a331a24ccf83e3e"
x-amz-cf-pop: IAD12-P4
x-amz-cf-id: RSA9vTXVVN4Nk5-rDmPuTcLV5_4TmyhgeyWoM3Ya8NkRDDpgZKJCdQ==
cache-control: public, max-age=31536000
accept-ranges: bytes
age: 1444462
date: Sat, 04 Jan 2025 05:03:17 GMT
x-served-by: cache-iad-kiad7000031-IAD, cache-lcy-eglc8600083-LCY
x-cache: Miss from cloudfront, HIT, HIT
x-cache-hits: 11, 0
x-timer: S1735966998.542793,VS0,VE1
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
server: cat factory 1.0
x-content-type-options: nosniff
content-length: 1555
DNS

28.11.21.104.in-addr.arpa

Remote address:

8.8.8.8:53

Request

28.11.21.104.in-addr.arpa

IN PTR

Response
DNS

3.178.250.142.in-addr.arpa

Remote address:

8.8.8.8:53

Request

3.178.250.142.in-addr.arpa

IN PTR

Response

3.178.250.142.in-addr.arpa

IN PTR

lhr48s27-in-f31e100net
DNS

193.192.232.199.in-addr.arpa

Remote address:

8.8.8.8:53

Request

193.192.232.199.in-addr.arpa

IN PTR

Response
DNS

23.149.64.172.in-addr.arpa

Remote address:

8.8.8.8:53

Request

23.149.64.172.in-addr.arpa

IN PTR

Response

142.250.180.14:80

http://google.com/

http

msedge.exe

902 B
1.9kB
10
10

HTTP Request

GET http://google.com/

HTTP Response

302
142.250.180.14:80

google.com

msedge.exe

236 B
144 B
5
3
142.250.187.196:80

http://www.google.com/favicon.ico

http

msedge.exe

1.8kB
6.1kB
13
13

HTTP Request

GET http://www.google.com/sorry/index?continue=http://google.com/&q=EgS117BTGKeA47sGIjCzS7qYmzS-PKvdJ4Z0n12AmoLAxcyLdwK8jUskggNBme-qBeLEMYBSQXovvjmnDu8yAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM

HTTP Response

429

HTTP Request

GET http://www.google.com/favicon.ico

HTTP Response

200
142.250.187.196:443

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfwuyUTAAAAAOAmoS0fdqijC2PbbdH4kjq62Y1b&co=aHR0cDovL3d3dy5nb29nbGUuY29tOjgw&hl=en&v=zIriijn3uj5Vpknvt_LnfNbF&size=normal&s=vCoQzz22v3QLofGjZCZD7OQdTjEcuBfsDIo5LAkjhZt7h8g6U0LIi4uBGXyWbbhkBbn0lipI8ZMeLtdYrb0DLprQHayNcZ1ykwjphMTOvgr5L1hsJrCm5oFVpOFUWgyeUsh6wccUfUNmKkhXEcF0ZlQd2nymY_3i25v-z551jLjx5tiLyghov6KYnDCX9yiEZHrlEHQAyT8uPfkNxZqV1O7PGGFHzBAKFmedZp5tLhBMnSl0cG5dvw1p2nkIpSvxGB2C_dG-HF6HvGtXTcW6kpVi2icpptI&cb=4k8vy2nhfxz7

tls, http2

msedge.exe

3.2kB
40.4kB
33
48

HTTP Request

GET https://www.google.com/recaptcha/api.js

HTTP Request

GET https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfwuyUTAAAAAOAmoS0fdqijC2PbbdH4kjq62Y1b&co=aHR0cDovL3d3dy5nb29nbGUuY29tOjgw&hl=en&v=zIriijn3uj5Vpknvt_LnfNbF&size=normal&s=vCoQzz22v3QLofGjZCZD7OQdTjEcuBfsDIo5LAkjhZt7h8g6U0LIi4uBGXyWbbhkBbn0lipI8ZMeLtdYrb0DLprQHayNcZ1ykwjphMTOvgr5L1hsJrCm5oFVpOFUWgyeUsh6wccUfUNmKkhXEcF0ZlQd2nymY_3i25v-z551jLjx5tiLyghov6KYnDCX9yiEZHrlEHQAyT8uPfkNxZqV1O7PGGFHzBAKFmedZp5tLhBMnSl0cG5dvw1p2nkIpSvxGB2C_dG-HF6HvGtXTcW6kpVi2icpptI&cb=4k8vy2nhfxz7
95.101.143.219:443

https://www.bing.com/favicon.ico

tls, http2

msedge.exe

76.4kB
577.5kB
488
589

HTTP Request

GET https://www.bing.com/qbox?query=vi&language=en-US&pt=EdgBox&cvid=64ee3a2dc60c4392b2e0a454ecd64ada&ig=e5fa7023ed0f428797284f5587f1ed82&oit=1&cp=2&pgcl=4

HTTP Response

200

HTTP Request

GET https://www.bing.com/qbox?query=vir&language=en-US&pt=EdgBox&cvid=64ee3a2dc60c4392b2e0a454ecd64ada&ig=7052f34f26c040deaa6b309feebf7b97&oit=1&cp=3&pgcl=4

HTTP Response

200

HTTP Request

GET https://www.bing.com/qbox?query=viru&language=en-US&pt=EdgBox&cvid=64ee3a2dc60c4392b2e0a454ecd64ada&ig=445d3835da6147ecaa27dd128d9f8723&oit=1&cp=4&pgcl=4

HTTP Response

200

HTTP Request

GET https://www.bing.com/qbox?query=virus&language=en-US&pt=EdgBox&cvid=64ee3a2dc60c4392b2e0a454ecd64ada&ig=ee457246000b400cac210ee08d1f839c&oit=1&cp=5&pgcl=4

HTTP Response

200

HTTP Request

GET https://www.bing.com/qbox?query=virus+&language=en-US&pt=EdgBox&cvid=64ee3a2dc60c4392b2e0a454ecd64ada&ig=082f011a1a424ab4829ebf9179735045&oit=1&cp=6&pgcl=4

HTTP Response

200

HTTP Request

GET https://www.bing.com/search?q=virus+download&cvid=64ee3a2dc60c4392b2e0a454ecd64ada&aqs=edge.4.69i57j0l6.4251j0j4&FORM=ANAB01&PC=U531

HTTP Response

200

HTTP Request

GET https://www.bing.com/sa/simg/Roboto_Regular.woff2

HTTP Request

GET https://www.bing.com/sa/simg/Roboto_Semibold.woff2

HTTP Request

GET https://www.bing.com/rp/kAwiv9gc4HPfHSU3xUQp2Xqm5wA.png

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://www.bing.com/fd/ls/l?IG=68C350558AEC472DBCCE420047970621&CID=3B406B6AF21B62053DD77E00F377634B&Type=Event.ClientInst&DATA=[{%22T%22:%22CI.HeaderScopeOrder%22,%22FID%22:%22CI%22,%22Name%22:%22ScopeMapOrderValue%22,%22Text%22:%220%3A0%2C1%3A1%2C6%3A2%2C2%3A3%2C3%3A4%2C4%3A5%2C5%3A6%22}]

HTTP Response

200

HTTP Request

GET https://www.bing.com/fd/ls/l?IG=68C350558AEC472DBCCE420047970621&CID=3B406B6AF21B62053DD77E00F377634B&Type=Event.CPT&DATA={%22pp%22:{%22S%22:%22L%22,%22FC%22:22,%22BC%22:280,%22SE%22:-1,%22TC%22:-1,%22H%22:374,%22BP%22:441,%22CT%22:443,%22IL%22:5},%22ad%22:[43,194,1263,609,1263,2898,0],%22net%22:%22undefined%22}&P=SERP&DA=DUBE01

HTTP Request

POST https://www.bing.com/fd/ls/lsp.aspx?

HTTP Request

GET https://www.bing.com/rp/5A_wVM0BDlqDmkBnZeuIpN6wkcA.br.js

HTTP Request

GET https://www.bing.com/sa/simg/favicon-trans-bg-blue-mg.ico

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

204

HTTP Request

GET https://www.bing.com/rewardsapp/widgetassets/prod/medallion/1.1.2/js/widget.js?t=250103

HTTP Request

GET https://www.bing.com/rp/em88jYr3ZOv7yX3AqoOU5z8EEnA.png

HTTP Request

GET https://www.bing.com/geolocation/write?isDevLoc=false&lat=51.519901275634766&lon=-0.10880059748888016&dispName=London%252C%2520Greater%2520London&isEff=1&effLocType=1&clientsid=undefined

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://www.bing.com/fd/ls/l?IG=68C350558AEC472DBCCE420047970621&CID=3B406B6AF21B62053DD77E00F377634B&TYPE=Event.ClientInst&DATA=%5B%7B%22T%22%3A%22CI.Init%22%2C%22TS%22%3A1735966859668%2C%22Name%22%3A%22Base%22%2C%22FID%22%3A%22CI%22%7D%2C%7B%22Rtt%22%3A%22100%22%2C%22Downlink%22%3A%223.9%22%2C%22T%22%3A%22CI.NetworkPerformance%22%2C%22TS%22%3A1735966859668%2C%22Name%22%3A%22timinginfo%22%2C%22FID%22%3A%22NetworkPerformanceDetails%22%7D%2C%7B%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1735966859679%2C%22Name%22%3A%220%22%2C%22FID%22%3A%22EdgeSpoofing%22%7D%2C%7B%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1735966859682%2C%22Name%22%3A%220%22%2C%22FID%22%3A%22DM%22%7D%5D

HTTP Request

GET https://www.bing.com/fd/ls/l?IG=68C350558AEC472DBCCE420047970621&CID=3B406B6AF21B62053DD77E00F377634B&TYPE=Event.ClientInst&DATA=%5B%7B%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1735966859683%2C%22Name%22%3A%220%22%2C%22FID%22%3A%22DARKMODE%22%7D%5D

HTTP Request

GET https://www.bing.com/fd/ls/l?IG=68C350558AEC472DBCCE420047970621&CID=3B406B6AF21B62053DD77E00F377634B&Type=Event.ClientInst&DATA=[{%22T%22:%22Info%22,%22FID%22:%22CI%22,%22Name%22:%22ClientDimNotSent%22,%22Text%22:%221%22}]

HTTP Request

GET https://www.bing.com/fd/ls/l?IG=68C350558AEC472DBCCE420047970621&CID=3B406B6AF21B62053DD77E00F377634B&Type=Event.ClientInst&DATA=[{%22T%22:%22Info%22,%22FID%22:%22CI%22,%22Name%22:%22HasRR%22,%22Text%22:%221%22}]

HTTP Request

GET https://www.bing.com/fd/ls/l?IG=68C350558AEC472DBCCE420047970621&CID=3B406B6AF21B62053DD77E00F377634B&TYPE=Event.ClientInst&DATA=%5B%7B%22width%22%3A%221280%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1735966859684%2C%22Name%22%3A%22M%22%2C%22FID%22%3A%22BRW%22%7D%2C%7B%22height%22%3A%22609%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1735966859685%2C%22Name%22%3A%22S%22%2C%22FID%22%3A%22BRH%22%7D%2C%7B%22RawDPR%22%3A%221.0%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1735966859691%2C%22Name%22%3A%221.0%22%2C%22FID%22%3A%22DPR%22%7D%2C%7B%22T%22%3A%22CI.SCArrST%22%2C%22TS%22%3A1735966859693%2C%22Name%22%3A472%2C%22FID%22%3A%22SCArrST%22%7D%2C%7B%22Namespace%22%3A%22SearchHarder%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1735966859694%2C%22Name%22%3A%22ButtonVisible%22%2C%22FID%22%3A%22SearchHarderEntryPoint%22%7D%2C%7B%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1735966859699%2C%22Name%22%3A%22VisibleOrDelayed%22%2C%22FID%22%3A%22BottomBanner%22%7D%2C%7B%22ID%22%3A%2263245%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1735966859699%2C%22Name%22%3A%22BottomBanner%22%2C%22FID%22%3A%22Mcp%22%7D%2C%7B%22T%22%3A%22CI.BNP%22%2C%22TS%22%3A1735966859699%2C%22Name%22%3A%22bnp.notif.shown%22%2C%22FID%22%3A%2263245%22%7D%2C%7B%22T%22%3A%22CI.BNP%22%2C%22TS%22%3A1735966859700%2C%22Name%22%3A%22InitializationStarted%22%2C%22FID%22%3A%2263245%22%7D%2C%7B%22T%22%3A%22CI.BNP%22%2C%22TS%22%3A1735966859700%2C%22Name%22%3A%22bnp.embed.ready%22%2C%22FID%22%3A%2263245%22%7D%2C%7B%22ID%22%3A%2263245%22%2C%22T%22%3A%22CI.BNPUxAssetIndex%22%2C%22TS%22%3A1735966859700%2C%22Name%22%3A0%2C%22FID%22%3A%22BNP%22%7D%2C%7B%22T%22%3A%22CI.BNP%22%2C%22TS%22%3A1735966859701%2C%22Name%22%3A1263%2C%22FID%22%3A%22ViewPortWidth%22%7D%2C%7B%22T%22%3A%22CI.BNP%22%2C%22TS%22%3A1735966859701%2C%22Name%22%3A%22OfferIdMissing%22%2C%22FID%22%3A%22BNPOfferId%22%7D%2C%7B%22T%22%3A%22CI.EffectiveLocation%22%2C%22TS%22%3A1735966859702%2C%22Name%22%3A%22tryWriteEffectiveLocation%22%2C%22FID%22%3A%22EffectiveLocation%22%7D%5D

HTTP Request

GET https://r.bing.com/rp/NbA_o5_JH0GEi8eQ-UOtARHo4pE.svg

HTTP Request

GET https://r.bing.com/rp/Dl3Mgy5b8mZk0rO25YbvLM3bp7Q.svg

HTTP Request

GET https://th.bing.com/th?id=ODLS.b4a40212-560b-4e49-a115-50716e96c1fa&w=32&h=32&o=6&pid=AdsPlus

HTTP Request

GET https://th.bing.com/th?id=ODLS.b8cf4d43-c110-4f2d-8a21-74cf67c788bf&w=32&h=32&qlt=90&pcl=fffffa&o=6&pid=1.2

HTTP Request

GET https://th.bing.com/th?id=ODLS.3bc1a8a9-5d72-433e-aea7-1fd5fa3fea80&w=32&h=32&qlt=91&pcl=fffffa&o=6&pid=1.2

HTTP Request

GET https://th.bing.com/th?id=ODLS.3bc1a8a9-5d72-433e-aea7-1fd5fa3fea80&w=32&h=32&qlt=92&pcl=fffffa&o=6&pid=1.2

HTTP Request

GET https://th.bing.com/th?id=OIP.otud5WEcN-GtUOQ1pG48ZwAAAA&w=80&h=80&c=1&vt=10&bgcl=d9f509&r=0&o=6&pid=5.1

HTTP Request

GET https://th.bing.com/th?q=Free+Virus+Download&w=34&h=34&c=7&rs=1&qlt=90&p=0&o=5&pid=1.7&mkt=en-GB&cc=GB&setlang=en&adlt=moderate&t=1

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://th.bing.com/th?q=Install+Virus&w=34&h=34&c=7&rs=1&qlt=90&p=0&o=5&pid=1.7&mkt=en-GB&cc=GB&setlang=en&adlt=moderate&t=1

HTTP Request

GET https://th.bing.com/th?q=Downloading+Viruses&w=34&h=34&c=7&rs=1&qlt=90&p=0&o=5&pid=1.7&mkt=en-GB&cc=GB&setlang=en&adlt=moderate&t=1

HTTP Response

200

HTTP Request

GET https://th.bing.com/th?q=Virus+Download+to+Crash+Computer&w=34&h=34&c=7&rs=1&qlt=90&p=0&o=5&pid=1.7&mkt=en-GB&cc=GB&setlang=en&adlt=moderate&t=1

HTTP Request

GET https://th.bing.com/th?q=Download+Virus+exe&w=34&h=34&c=7&rs=1&qlt=90&p=0&o=5&pid=1.7&mkt=en-GB&cc=GB&setlang=en&adlt=moderate&t=1

HTTP Request

GET https://th.bing.com/th?id=OADD2.8177802323804_1LGHINVZF4GI3ZBHQO&w=32&h=32&o=6&pid=21.2

HTTP Request

GET https://th.bing.com/th?id=ODLS.A2450BEC-5595-40BA-9F13-D9EC6AB74B9F&w=32&h=32&o=6&pid=AdsPlus

HTTP Request

GET https://www.bing.com/fd/ls/l?IG=68C350558AEC472DBCCE420047970621&CID=3B406B6AF21B62053DD77E00F377634B&TYPE=Event.ClientInst&DATA=%5B%7B%22T%22%3A%22CI.EffectiveLocation%22%2C%22TS%22%3A1735966859885%2C%22Name%22%3A%22WriteEffectiveLocationSuccess%22%2C%22FID%22%3A%22EffectiveLocation%22%7D%5D

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://th.bing.com/th?id=ODLS.c5277814-36b2-4ba7-9571-9f7f6e6a1395&w=32&h=32&o=6&pid=AdsPlus

HTTP Response

200

HTTP Request

GET https://www.bing.com/fd/ls/l?IG=68C350558AEC472DBCCE420047970621&CID=3B406B6AF21B62053DD77E00F377634B&Type=Event.ClientInst&DATA=[{%22T%22:%22CI.SERPSB%22,%22FID%22:%22CI%22,%22Name%22:%22CharCount%22,%22Text%22:%2214%22}]

HTTP Request

GET https://www.bing.com/fd/ls/l?IG=68C350558AEC472DBCCE420047970621&CID=3B406B6AF21B62053DD77E00F377634B&Type=Event.ClientInst&DATA=[{%22T%22:%22CI.SERPSB%22,%22FID%22:%22CI%22,%22Name%22:%22LandingRows%22,%22Text%22:%221%22}]

HTTP Request

GET https://www.bing.com/images/sbi?mmasync=1&ig=68C350558AEC472DBCCE420047970621&iid=.5101&ptn=Web&ep=0&iconpl=1

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://www.bing.com/fd/ls/l?IG=68C350558AEC472DBCCE420047970621&CID=3B406B6AF21B62053DD77E00F377634B&TYPE=Event.ClientInst&DATA=%5B%7B%22Namespace%22%3A%22SearchHarder%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1735966860103%2C%22Name%22%3A%22ButtonVisible%22%2C%22FID%22%3A%22SearchHarderEntryPoint%22%7D%2C%7B%22T%22%3A%22CI.ClientInst%22%2C%22TS%22%3A1735966860374%2C%22Name%22%3A%22OrgId%22%2C%22FID%22%3A%22NoSignInAttempt%22%7D%2C%7B%22Time%22%3A1428%2C%22time%22%3A1432%2C%22T%22%3A%22CI.Latency%22%2C%22TS%22%3A1735966860388%2C%22Name%22%3A%22Loaded%22%2C%22FID%22%3A%22HP%22%7D%5D

HTTP Request

GET https://www.bing.com/fd/ls/l?IG=68C350558AEC472DBCCE420047970621&CID=3B406B6AF21B62053DD77E00F377634B&TYPE=Event.ClientInst&DATA=%5B%7B%22comp%22%3A%22loaded%22%2C%22time%22%3A1441%2C%22T%22%3A%22CI.Data%22%2C%22TS%22%3A1735966860389%2C%22Name%22%3A%22speech%22%2C%22FID%22%3A%22HP%22%7D%5D

HTTP Request

GET https://www.bing.com/fd/ls/l?IG=68C350558AEC472DBCCE420047970621&CID=3B406B6AF21B62053DD77E00F377634B&TYPE=Event.ClientInst&DATA=%5B%7B%22micComponent%22%3A%22rendered%22%2C%22time%22%3A1442%2C%22T%22%3A%22CI.Data%22%2C%22TS%22%3A1735966860390%2C%22Name%22%3A%22speech%22%2C%22FID%22%3A%22HP%22%7D%5D

HTTP Response

200

HTTP Request

POST https://www.bing.com/rewardsapp/ncheader?ver=52505552&IID=SERP.5056&IG=68C350558AEC472DBCCE420047970621

HTTP Request

GET https://r.bing.com/rp/fdVZU4ttbw8NDRm6H3I5BW3_vCo.svg

HTTP Request

GET https://r.bing.com/rp/4L4QdyjTv0HYE2Ig2ol9eYoqxg8.svg

HTTP Request

GET https://r.bing.com/rp/Fsa_OI0AplCnVoXGca8ALOo0S0s.svg

HTTP Request

GET https://r.bing.com/rp/UYtUYDcn1oZlFG-YfBPz59zejYI.svg

HTTP Request

GET https://r.bing.com/rp/kiGH9ukZK6Q4hvtDtwwVc1yvueg.svg

HTTP Request

GET https://r.bing.com/rp/KC_nX2_tPPyFvVw1RK20Yu1FyDk.svg

HTTP Request

GET https://r.bing.com/rp/NnFHhz2jL6yzChtIhaB5IIVKY5k.svg

HTTP Request

GET https://r.bing.com/rp/hx-eea1zqtCz4K0bW2uH_oN7Fs4.jpg

HTTP Request

GET https://r.bing.com/rp/95z5wMy4UcfbSSSlSw780vQ5jKA.jpg

HTTP Request

GET https://r.bing.com/rp/GJDmKr3_TS3Qpm6KEL9UKUQKUO4.jpg

HTTP Request

GET https://r.bing.com/rp/ln5TQq6AIWfcBlduDk-5bnaJMpY.jpg

HTTP Request

GET https://r.bing.com/rp/dbmNS45xQvD1diApY1T2HExvOo8.jpg

HTTP Request

GET https://r.bing.com/rp/cfeVf2-uV0hUo3ToTbLjztuomWk.jpg

HTTP Request

GET https://r.bing.com/rp/lvCKZ07bEYtoYmY62ifMzVa0RIE.jpg

HTTP Request

GET https://r.bing.com/rp/ni3MyKKVu9pK0SgY6gb6Z2NOGpg.jpg

HTTP Request

POST https://www.bing.com/rewardsapp/reportActivity?IG=68C350558AEC472DBCCE420047970621&IID=SERP.5066&q=virus+download&cvid=64ee3a2dc60c4392b2e0a454ecd64ada&aqs=edge.4.69i57j0l6.4251j0j4&FORM=ANAB01&PC=U531

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/c4ruj6QGsmSnOG64gJJnnnYDa44.br.css

HTTP Request

GET https://r.bing.com/rp/5-y8FBmAkXLBZZghI-X94CRnsqg.br.css

HTTP Request

GET https://r.bing.com/rp/17Kbwo14aoBIPkSeISAgHKajyeA.br.css

HTTP Request

GET https://r.bing.com/rp/vDjLjnEkXEuH2C8u3tT0A004qwQ.br.css

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://www.bing.com/fd/ls/l?BF=MSJ1&IG=68C350558AEC472DBCCE420047970621&TYPE=Event.ClientInst&DATA=[{%22T%22:%22CI.BF%22,%22X%22:1}]

HTTP Request

GET https://www.bing.com/fd/ls/l?BF=MSJ0&IG=68C350558AEC472DBCCE420047970621&TYPE=Event.ClientInst&DATA=[{%22T%22:%22CI.BF%22,%22X%22:0}]

HTTP Request

POST https://www.bing.com/fd/ls/lsp.aspx

HTTP Request

GET https://www.bing.com/aes/c.gif?type=mv&tids=113,115,117&rg=3ff36ee753a44a948fb833edc7ed2a8a&reqver=1.0

HTTP Response

200

HTTP Response

200

HTTP Response

204

HTTP Response

200

HTTP Request

POST https://www.bing.com/orgid/idtoken/conditional

HTTP Request

GET https://www.bing.com/fd/ls/l?IG=68C350558AEC472DBCCE420047970621&CID=3B406B6AF21B62053DD77E00F377634B&Type=Event.ClientInst&DATA=[{%22T%22:%22CI.FeedbackInit%22,%22FID%22:%22CI%22,%22Name%22:%22Feedback%22,%22Text%22:%22sb_feedback%22}]

HTTP Request

POST https://www.bing.com/fd/ls/lsp.aspx?

HTTP Request

GET https://www.bing.com/fd/ls/l?IG=68C350558AEC472DBCCE420047970621&CID=3B406B6AF21B62053DD77E00F377634B&TYPE=Event.ClientInst&DATA=%5B%7B%22correlationId%22%3A%226778c08b9cec494cb76afc4c5a12c96e%22%2C%22T%22%3A%22CI.acclink%22%2C%22TS%22%3A1735966860412%2C%22Name%22%3A%22loadJsModule%22%2C%22FID%22%3A%22init%22%7D%2C%7B%22correlationId%22%3A%226778c08b9cec494cb76afc4c5a12c96e%22%2C%22T%22%3A%22CI.acclink%22%2C%22TS%22%3A1735966860412%2C%22Name%22%3A%22undirectflow%22%2C%22FID%22%3A%22init%22%7D%2C%7B%22T%22%3A%22CI.OpalUpsell%22%2C%22TS%22%3A1735966860476%2C%22Name%22%3A%22Show%22%2C%22FID%22%3A%22%22%7D%2C%7B%22T%22%3A%22CI.OpalUpsell%22%2C%22TS%22%3A1735966860476%2C%22Name%22%3A%22ShowBubble%22%2C%22FID%22%3A%22%22%7D%2C%7B%22osBuildVersion%22%3A%5B%2210%22%2C%220%22%2C%2219041%22%5D%2C%22isWin11OrHigher%22%3A%22false%22%2C%22fullOsBuild%22%3A%2210.0.19041%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1735966860527%2C%22Name%22%3A%22OSBuild%22%2C%22FID%22%3A%22OSBuild%22%7D%2C%7B%22Namespace%22%3A%22SearchHarder%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1735966860609%2C%22Name%22%3A%22ButtonVisible%22%2C%22FID%22%3A%22SearchHarderEntryPoint%22%7D%2C%7B%22T%22%3A%22CI.Tab%22%2C%22TS%22%3A1735966860755%2C%22Name%22%3A%221%22%2C%22FID%22%3A%22count%22%7D%2C%7B%22SuppressingFeature%22%3A%22lgVidAns%22%2C%22T%22%3A%22CI.LeftGutterUtility%22%2C%22TS%22%3A1735966860985%2C%22Name%22%3A%22LGSuppressed%22%2C%22FID%22%3A%22lgVidAns%22%7D%2C%7B%22T%22%3A%22CI.DevLoc%22%2C%22TS%22%3A1735966861042%2C%22Name%22%3A%22PromptDevLoc%22%2C%22FID%22%3A%22AutoPrompt%22%7D%5D

HTTP Request

GET https://www.bing.com/fd/ls/l?IG=68C350558AEC472DBCCE420047970621&CID=3B406B6AF21B62053DD77E00F377634B&TYPE=Event.ClientInst&DATA=%5B%7B%22T%22%3A%22CI.DevLoc%22%2C%22TS%22%3A1735966861042%2C%22Name%22%3A%22Perm_Available%22%2C%22FID%22%3A%22AutoPrompt%22%7D%5D

HTTP Request

GET https://www.bing.com/fd/ls/l?IG=68C350558AEC472DBCCE420047970621&CID=3B406B6AF21B62053DD77E00F377634B&TYPE=Event.ClientInst&DATA=%5B%7B%22Text%22%3A%220%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1735966861062%2C%22Name%22%3A%22web%22%2C%22FID%22%3A%22DynScopeRank%22%7D%2C%7B%22Text%22%3A%221%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1735966861062%2C%22Name%22%3A%22conv%22%2C%22FID%22%3A%22DynScopeRank%22%7D%2C%7B%22Text%22%3A%222%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1735966861062%2C%22Name%22%3A%22shop%22%2C%22FID%22%3A%22DynScopeRank%22%7D%2C%7B%22Text%22%3A%223%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1735966861062%2C%22Name%22%3A%22images%22%2C%22FID%22%3A%22DynScopeRank%22%7D%2C%7B%22Text%22%3A%224%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1735966861062%2C%22Name%22%3A%22video%22%2C%22FID%22%3A%22DynScopeRank%22%7D%2C%7B%22Text%22%3A%225%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1735966861062%2C%22Name%22%3A%22local%22%2C%22FID%22%3A%22DynScopeRank%22%7D%2C%7B%22Text%22%3A%226%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1735966861062%2C%22Name%22%3A%22news%22%2C%22FID%22%3A%22DynScopeRank%22%7D%2C%7B%22Text%22%3A%227%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1735966861062%2C%22Name%22%3A%22flights%22%2C%22FID%22%3A%22DynScopeRank%22%7D%2C%7B%22Text%22%3A%228%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1735966861062%2C%22Name%22%3A%22travelhub%22%2C%22FID%22%3A%22DynScopeRank%22%7D%2C%7B%22Text%22%3A%229%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1735966861062%2C%22Name%22%3A%22hotels%22%2C%22FID%22%3A%22DynScopeRank%22%7D%2C%7B%22Text%22%3A%2210%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1735966861062%2C%22Name%22%3A%22realestate%22%2C%22FID%22%3A%22DynScopeRank%22%7D%5D

HTTP Request

GET https://www.bing.com/fd/ls/l?IG=68C350558AEC472DBCCE420047970621&CID=3B406B6AF21B62053DD77E00F377634B&TYPE=Event.ClientInst&DATA=%5B%7B%22Fallback%22%3A%221%22%2C%22IsRewardUser%22%3A%22%22%2C%22IsAutoOpenFlyout%22%3A%22%22%2C%22SuppressionReason%22%3A%22NoTrigger%3AMuidTrialNotEnoughPoints%22%2C%22FID%22%3A%22ModernRewardsFlyout%22%2C%22EventName%22%3A%22AutoOpenFlyoutFired%22%2C%22T%22%3A%22CI.Init%22%2C%22TS%22%3A1735966861062%2C%22Name%22%3A%22AutoOpenFlyoutFired%22%7D%5D

HTTP Request

GET https://th.bing.com/th?id=OVP.4NUdTIdaDS1ch-hbwNeS-wHgFo&w=608&h=342&c=7&rs=1&qlt=90&o=6&pid=1.7

HTTP Request

GET https://th.bing.com/th?id=OVP.KEJlnOfnSJEp5nu-lGrTyQHgFo&w=197&h=110&c=7&rs=1&qlt=90&o=6&pid=1.7

HTTP Request

GET https://www.bing.com/th?id=OADD2.7284297676182_15L4A8GIHLMNPZ7P8I&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=296&h=154&rs=0&qlt=100

HTTP Request

GET https://www.bing.com/geolocation/write?isBlocked=true&sid=0E7AE11C3C4A6FE33003F4763D266EE2&clientsid=undefined

HTTP Request

GET https://www.bing.com/fd/ls/l?IG=68C350558AEC472DBCCE420047970621&CID=3B406B6AF21B62053DD77E00F377634B&TYPE=Event.ClientInst&DATA=%5B%7B%22T%22%3A%22CI.DevLoc%22%2C%22TS%22%3A1735966861070%2C%22Name%22%3A%22Perm_Denied%22%2C%22FID%22%3A%22AutoPrompt%22%7D%5D

HTTP Request

GET https://www.bing.com/fd/ls/l?IG=68C350558AEC472DBCCE420047970621&CID=3B406B6AF21B62053DD77E00F377634B&TYPE=Event.ClientInst&DATA=%5B%7B%22T%22%3A%22CI.DevLoc%22%2C%22TS%22%3A1735966861070%2C%22Name%22%3A%22block%22%2C%22FID%22%3A%22AutoPrompt%22%7D%5D

HTTP Request

GET https://www.bing.com/fd/ls/l?IG=68C350558AEC472DBCCE420047970621&CID=3B406B6AF21B62053DD77E00F377634B&TYPE=Event.ClientInst&DATA=%5B%7B%22T%22%3A%22CI.DevLoc%22%2C%22TS%22%3A1735966861070%2C%22Name%22%3A%22tryBlock%22%2C%22FID%22%3A%22AutoPrompt%22%7D%5D

HTTP Response

200

HTTP Response

200

HTTP Response

204

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://www.bing.com/fd/ls/l?IG=68C350558AEC472DBCCE420047970621&CID=3B406B6AF21B62053DD77E00F377634B&TYPE=Event.ClientInst&DATA=%5B%7B%22T%22%3A%22CI.ASBundleLoad%22%2C%22TS%22%3A1735966861138%2C%22Name%22%3A%22AutoSuggestBootstrap%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22LoadTime%22%3A%22750%22%2C%22T%22%3A%22CI.AutosuggestBootstrapLoaded%22%2C%22TS%22%3A1735966861142%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22LoadTime%22%3A%222190%22%2C%22T%22%3A%22CI.AutosuggestJSBundleLoaded%22%2C%22TS%22%3A1735966861142%2C%22Name%22%3A%22PerfInst%22%2C%22FID%22%3A%22AS%22%7D%2C%7B%22T%22%3A%22CI.DevLoc%22%2C%22TS%22%3A1735966861172%2C%22Name%22%3A%22BlockSuccess%22%2C%22FID%22%3A%22AutoPrompt%22%7D%5D

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://www.bing.com/secure/Passport.aspx?popup=1&ssl=1

HTTP Response

200

HTTP Request

GET https://www.bing.com/ipv6test/test?FORM=MONITR

HTTP Response

200

HTTP Request

POST https://www.bing.com/fd/ls/lsp.aspx

HTTP Response

204

HTTP Request

POST https://www.bing.com/fd/ls/GLinkPingPost.aspx?IG=68C350558AEC472DBCCE420047970621&ID=SERP,5861.1&url=javascript%3A%20void(0)

HTTP Response

200

HTTP Request

POST https://www.bing.com/fd/ls/lsp.aspx

HTTP Response

204

HTTP Request

POST https://www.bing.com/fd/ls/lsp.aspx

HTTP Response

204

HTTP Request

POST https://www.bing.com/fd/ls/lsp.aspx

HTTP Response

204

HTTP Request

POST https://www.bing.com/fd/ls/GLinkPingPost.aspx?IG=68C350558AEC472DBCCE420047970621&ID=SERP,5250.2&url=https%3A%2F%2Fwww.bing.com%2Fck%2Fa%3F!%26%26p%3De341625de7bf306485a47c33ee5cc3a82d0583e435546c103ca5b1eeba78703aJmltdHM9MTczNTg2MjQwMA%26ptn%3D3%26ver%3D2%26hsh%3D4%26fclid%3D3b406b6a-f21b-6205-3dd7-7e00f377634b%26psq%3Dvirus%2Bdownload%26u%3Da1aHR0cHM6Ly9naXRodWIuY29tL0RhMmRhbHVzL1RoZS1NQUxXQVJFLVJlcG8%26ntb%3D1

HTTP Response

200

HTTP Request

GET https://www.bing.com/ck/a?!&&p=e341625de7bf306485a47c33ee5cc3a82d0583e435546c103ca5b1eeba78703aJmltdHM9MTczNTg2MjQwMA&ptn=3&ver=2&hsh=4&fclid=3b406b6a-f21b-6205-3dd7-7e00f377634b&psq=virus+download&u=a1aHR0cHM6Ly9naXRodWIuY29tL0RhMmRhbHVzL1RoZS1NQUxXQVJFLVJlcG8&ntb=1

HTTP Request

POST https://www.bing.com/fd/ls/lsp.aspx

HTTP Request

POST https://www.bing.com/fd/ls/lsp.aspx

HTTP Response

200

HTTP Response

204

HTTP Response

204

HTTP Request

GET https://www.bing.com/favicon.ico

HTTP Response

200
95.101.143.219:443

www.bing.com

tls, http2

msedge.exe

1.1kB
5.2kB
10
13
95.101.143.201:443

r.bing.com

tls, http2

msedge.exe

1.2kB
5.2kB
13
13
95.101.143.201:443

https://r.bing.com/rp/VKotk_QDV7V7jdYhLvGcrJlzHyE.br.js

tls, http2

msedge.exe

22.2kB
481.9kB
299
381

HTTP Request

GET https://r.bing.com/rp/rkc4dXUuTwYj-GlQG8osxg1V2gE.br.css

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/83zI0hMJWlilJFob8oEJ4_0I6j4.br.js

HTTP Request

GET https://r.bing.com/rp/HndC9IrfiOmnQLZpq0bxaPUIDII.br.js

HTTP Request

GET https://r.bing.com/rp/KLrSbzDKMog0mCiPcB9iwoEvlE4.br.js

HTTP Request

GET https://r.bing.com/rp/TaNyfCzxqBX9l7QZbgZUegopTuI.br.js

HTTP Request

GET https://r.bing.com/rp/cfKt7bw67nxWZkkgOIRReDE3rQI.br.js

HTTP Request

GET https://r.bing.com/rp/6O1CvNJpGB5T4QGvosksEhnIbo4.br.js

HTTP Request

GET https://r.bing.com/rp/K3hC1_cQXGFr6cxRJVWYpzZJaAM.br.js

HTTP Request

GET https://r.bing.com/rp/n23ANye7L3wtUcgKxoGHb7_ezc4.br.js

HTTP Request

GET https://r.bing.com/rp/DmYomXZ0p9--syG1mm6CnQwvRHg.br.js

HTTP Request

GET https://r.bing.com/rp/2VYJBWEs9lbV3Q50EXL7TNnGBog.br.js

HTTP Request

GET https://r.bing.com/rp/lLk8XmbdNzzlnPRzVzDhaF9yjqw.br.js

HTTP Request

GET https://r.bing.com/rp/Gyuq2bqitqDJM0BeAkbKXGlQXNw.br.js

HTTP Request

GET https://r.bing.com/rp/n21aGRCN5EKHB3qObygw029dyNU.br.js

HTTP Request

GET https://r.bing.com/rp/8CgcSSLayxEVUBf0swP_bQGMId8.br.js

HTTP Request

GET https://r.bing.com/rp/V_fBQ_iVmAgE_Ta_T-6BNXc0ZY4.br.js

HTTP Request

GET https://r.bing.com/rp/9xGNA8UskvA9WHF58zbLOHZ5HvI.br.js

HTTP Request

GET https://r.bing.com/rp/_2I169N92jVtSc_VEsV0nma5sRY.br.js

HTTP Request

GET https://r.bing.com/rp/gKwIRAF4fg7noG1zyeUz8x3Jdhc.br.js

HTTP Request

GET https://r.bing.com/rp/zL4sntecq0RmP6dobtS9Rd5WRvU.br.js

HTTP Request

GET https://r.bing.com/rp/psgXZvzYJMEW2ydikIk493Va1d4.br.js

HTTP Request

GET https://r.bing.com/rs/6r/x2/nj/nt6a1ZR520utsLoZmSYgwxdOPgI.js?or=w

HTTP Request

GET https://r.bing.com/rp/5L3iD467J3iJWEPwIjxlK0MMDpY.br.js

HTTP Request

GET https://r.bing.com/rp/c-kfqLSd-OD-g3VtLKozRdXMO14.br.js

HTTP Request

GET https://r.bing.com/rp/K_V1CARn2Q2lTs5njJKUvUkHyi4.br.js

HTTP Request

GET https://r.bing.com/rp/dUzSc2TJEdHviToK914Fg1aekPA.br.js

HTTP Request

GET https://r.bing.com/rp/8LIV7VPMYjV_ya4Ggnu8LBWQIQQ.br.js

HTTP Request

GET https://r.bing.com/rp/JTnIefOMiNK7DX11D7RY8i0_PKc.br.js

HTTP Request

GET https://r.bing.com/rp/_Bf8WbhrPNleVJdfG-L0A8nld9c.br.js

HTTP Request

GET https://r.bing.com/rp/NfTD8Ovh04Y_Ni14YxqYB8R_2_Q.br.js

HTTP Request

GET https://r.bing.com/rs/6r/ku/jnc,nj/cNbseG2vlUH2ubvgjbDJtgTzQPo.js?or=w

HTTP Request

GET https://r.bing.com/rp/fRSNKQanUHk53F1a1Bi8UA71Qt4.br.js

HTTP Request

GET https://r.bing.com/rp/mOy7YpeLJ3c40BBAFNUI6SmOUTY.br.js

HTTP Request

GET https://r.bing.com/rp/6mZmj1db42G_jniFgdT7MCvBgyA.br.js

HTTP Request

GET https://r.bing.com/rp/iY8PAEydb3lbGfuJiuA9ICzXgY8.br.js

HTTP Request

GET https://r.bing.com/rp/UftfQbYuKvGGEUHPU3QGHYd90Z8.br.js

HTTP Request

GET https://r.bing.com/rp/yZjAz6-B4hIBhJ6D3nAyY_Ebn44.br.js

HTTP Request

GET https://r.bing.com/rp/zlfm-hC70pZAs62UVTTl3KShKOE.br.js

HTTP Request

GET https://r.bing.com/rp/DWZSY9SRnkHaYWjJ109REMim90A.br.js

HTTP Request

GET https://r.bing.com/rp/9uYIRoQB-ThMq970XKGeKvrMhL0.br.js

HTTP Request

GET https://r.bing.com/rp/bdiAPlmUnJhdap3y8myDMEGlF4w.br.js

HTTP Request

GET https://r.bing.com/rp/WwTHOlBv_iLBpZXNWkp-HzVHgrM.br.js

HTTP Request

GET https://r.bing.com/rp/CcMXS8Oo0OUnUE0LzYK9AFJ6la8.br.js

HTTP Request

GET https://r.bing.com/rp/1Jz2vFBGshGz47SHAQMwptTnpB0.br.js

HTTP Request

GET https://r.bing.com/rp/Cah4LahmcqZwMC9LQrNkz-q8yNA.br.js

HTTP Request

GET https://r.bing.com/rp/7q76z2PhZYQSlMklnpUZ4ZrWoeg.br.js

HTTP Request

GET https://r.bing.com/rp/MnlneN-7se6Sb8r2rU60mRHbccg.br.js

HTTP Request

GET https://r.bing.com/rp/HqDsKR6xyRoUSYXXRfEdLVt772I.br.js

HTTP Request

GET https://r.bing.com/rp/u2MYL4Uj-EK9FdZPToQOipi2q40.br.js

HTTP Request

GET https://r.bing.com/rp/IzifzVeZAFUPAOVXA0p1w_tvqEA.br.js

HTTP Request

GET https://r.bing.com/rp/qFV8REKe2pPY9NqiNskjmDxjgdc.br.js

HTTP Request

GET https://r.bing.com/rp/rbBaKhtkLVke-4PIWp9e6AV5_kg.br.js

HTTP Request

GET https://r.bing.com/rp/wJ4ypLxMemRfvxvJkUCpuYEBwew.br.js

HTTP Request

GET https://r.bing.com/rp/RvRBoZ5KQDNHwbHfo-_ZBZIoYQo.br.js

HTTP Request

GET https://r.bing.com/rp/bzAVZoOHiaJeSbLoUcTPF4HPvJQ.br.js

HTTP Request

GET https://r.bing.com/rp/3s0czFTJyV5b3KCC7geWICWvvPs.br.js

HTTP Request

GET https://r.bing.com/rp/wNhUjm3kl_kvyfrio44J6j1zdYo.br.js

HTTP Request

GET https://r.bing.com/rp/gfI083AUtzdZuPReAN6CvS-Ca98.br.js

HTTP Request

GET https://r.bing.com/rp/R5OIlHZUEYWuNhJa46yx5Wir2pM.br.js

HTTP Request

GET https://r.bing.com/rp/2uwtCbrcHmq7VZthjm2jjm8hlTk.br.js

HTTP Request

GET https://r.bing.com/rp/UJFGe_i3c1Lxhghza2lclR7CxpI.br.js

HTTP Request

GET https://r.bing.com/rp/gGRPwribt8XPTQXpd2zkMD5o04w.br.js

HTTP Request

GET https://r.bing.com/rp/mRnHl5xOMNMCkNGN3wISIz0ETug.br.js

HTTP Request

GET https://r.bing.com/rp/X9zPQVZQzKFTYze2B2WNn1LJCS4.br.js

HTTP Request

GET https://r.bing.com/rp/1u_LY-3P7BIagPGDkiUCRzkKi-0.br.js

HTTP Request

GET https://r.bing.com/rp/8aj_I6fSAQ2HauP0CPPAfDwa2j8.br.js

HTTP Request

GET https://r.bing.com/rp/LTCT2zdUcB3ayDDUpC7BI5zxXuE.br.js

HTTP Request

GET https://r.bing.com/rs/6r/sQ/jnc,nj/2RFgnacsz6nPw9vvxd8AGFyaQr8.js?or=w

HTTP Request

GET https://r.bing.com/rp/HdiojNH85n4iu87NAQvDH5bKMnM.br.js

HTTP Request

GET https://r.bing.com/rp/s_KB_GYETp6JptI_mOoLcYDN4OY.br.js

HTTP Request

GET https://r.bing.com/rp/hSAjq6w-jLSduDuFCKOr-TOJIA4.br.js

HTTP Request

GET https://r.bing.com/rp/WPedHfV8dQrn4qkif5azDZSqmn8.br.js

HTTP Request

GET https://r.bing.com/rp/ARkHhpPGNjemsh-1_dUh9nylFLg.br.js

HTTP Request

GET https://r.bing.com/rp/5jOFZTRZRQNYEniUpjuVlRlTSUA.br.js

HTTP Request

GET https://r.bing.com/rp/8BLbyUK5EaqCuzmCEcf9-meevmE.br.js

HTTP Request

GET https://r.bing.com/rp/YOfvioAlqeLJzUxJ3VRDJvFPi5Q.br.js

HTTP Request

GET https://r.bing.com/rp/7LkHIwasTuL6tufzeF3vEaazAxw.br.js

HTTP Request

GET https://r.bing.com/rp/MCwdqGFTwqu20jt3177s57V4wZk.br.js

HTTP Request

GET https://r.bing.com/rp/dDiRViGCXHkOBl6zHkdBDLk0yFg.br.js

HTTP Request

GET https://r.bing.com/rp/WvsAjDpxGd1ajigH6cH78uvLzBI.br.js

HTTP Request

GET https://r.bing.com/rp/qY42f0yZJzcOD6Gr6zubromZGRk.br.js

HTTP Request

GET https://r.bing.com/rp/g7NRXrmIjF1z4aM0YyGzJ3H8Tsc.br.js

HTTP Request

GET https://r.bing.com/rp/RMRjctrz--TNvbEliu0umBztyAQ.br.js

HTTP Request

GET https://r.bing.com/rp/6juFsmmZTw2skj7CvpgreXtsgqM.br.js

HTTP Request

GET https://r.bing.com/rp/CuoJ-XSESmq5e-S0atX4JdNgEbQ.br.js

HTTP Request

GET https://r.bing.com/rp/jJ4Nh5QSrSxNeZCoXz6QBAA-1pM.br.js

HTTP Request

GET https://r.bing.com/rp/d2AC6-r9l7SefnJ0q5_pqEqXQEg.br.js

HTTP Request

GET https://r.bing.com/rp/4a2l6ts7ENpX5gGW0kp5U2iD6h8.br.js

HTTP Request

GET https://r.bing.com/rp/eKvcHdnNwo1WcxoSioV4ztnfZk8.br.js

HTTP Request

GET https://r.bing.com/rp/Sv8bO2oxkbGjZh6Pe_GKzG1DtDU.br.js

HTTP Request

GET https://r.bing.com/rp/-2EVJNDwymhr08bVch00GwpjiDA.br.js

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/lwgCOY8rCo0Ub0btSshwRlT9HWI.br.js

HTTP Request

GET https://r.bing.com/rp/ulJ3ckR0YcGpvIX6xhO4prJhEQQ.br.js

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/ivu0QwP26BHIJjH_DSqboRdhsO0.br.js

HTTP Response

200

HTTP Request

GET https://r.bing.com/rp/rSGsMdC73uduuQlIQndCFjDqLb0.br.js

HTTP Request

GET https://r.bing.com/rp/VKotk_QDV7V7jdYhLvGcrJlzHyE.br.js

HTTP Response

200

HTTP Response

200
95.101.143.201:443

th.bing.com

tls, http2

msedge.exe

1.0kB
5.1kB
9
11
95.101.143.201:443

th.bing.com

tls, http2

msedge.exe

1.1kB
5.2kB
12
13
20.190.160.20:443

https://login.microsoftonline.com/common/oauth2/authorize?client_id=9ea1ad79-fdb6-4f9a-8bc3-2b70f96e34c7&response_type=id_token+code&nonce=df3d6a2f-753b-41e4-94b9-5abdd29f9d55&redirect_uri=https%3a%2f%2fwww.bing.com%2forgid%2fidtoken%2fconditional&scope=openid%20email%20profile%209ea1ad79-fdb6-4f9a-8bc3-2b70f96e34c7/.default&response_mode=form_post&instance_aware=true&msafed=0&prompt=none&state=%7b%22ig%22%3a%2268C350558AEC472DBCCE420047970621%22%7d

tls, http2

msedge.exe

2.7kB
7.8kB
15
15

HTTP Request

GET https://login.microsoftonline.com/common/oauth2/authorize?client_id=9ea1ad79-fdb6-4f9a-8bc3-2b70f96e34c7&response_type=id_token+code&nonce=df3d6a2f-753b-41e4-94b9-5abdd29f9d55&redirect_uri=https%3a%2f%2fwww.bing.com%2forgid%2fidtoken%2fconditional&scope=openid%20email%20profile%209ea1ad79-fdb6-4f9a-8bc3-2b70f96e34c7/.default&response_mode=form_post&instance_aware=true&msafed=0&prompt=none&state=%7b%22ig%22%3a%2268C350558AEC472DBCCE420047970621%22%7d

HTTP Response

200
20.26.156.215:443

github.com

tls

msedge.exe

1.1kB
4.0kB
11
8
20.26.156.215:443

https://github.com/Da2dalus/The-MALWARE-Repo/raw/refs/heads/master/Spyware/HawkEye.exe

tls, http2

msedge.exe

12.8kB
300.3kB
173
280

HTTP Request

GET https://github.com/Da2dalus/The-MALWARE-Repo

HTTP Response

200

HTTP Request

GET https://github.com/Da2dalus/The-MALWARE-Repo/security/overall-count

HTTP Request

GET https://github.com/Da2dalus/The-MALWARE-Repo/hovercards/citation/sidebar_partial?tree_name=master

HTTP Request

GET https://github.com/Da2dalus/The-MALWARE-Repo/used_by_list

HTTP Response

200

HTTP Response

204

HTTP Response

200

HTTP Request

GET https://github.com/Da2dalus/The-MALWARE-Repo/latest-commit/master

HTTP Request

GET https://github.com/Da2dalus/The-MALWARE-Repo/refs?type=branch

HTTP Request

GET https://github.com/Da2dalus/The-MALWARE-Repo/tree-commit-info/master

HTTP Request

GET https://github.com/Da2dalus/The-MALWARE-Repo/branch-and-tag-count

HTTP Request

GET https://github.com/manifest.json

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://github.com/Da2dalus/The-MALWARE-Repo/tree/master/Botnets/FritzFrog

HTTP Response

200

HTTP Request

GET https://github.com/Da2dalus/The-MALWARE-Repo/latest-commit/master/Botnets/FritzFrog

HTTP Request

GET https://github.com/Da2dalus/The-MALWARE-Repo/tree-commit-info/master/Botnets/FritzFrog

HTTP Request

GET https://github.com/Da2dalus/The-MALWARE-Repo/deferred-metadata/master/Botnets/FritzFrog

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://github.com/Da2dalus/The-MALWARE-Repo/commit/04c2652b7dabecab72b1018429f775575e1b6b9b/hovercard?subject=repository%3A271970028&current_path=%2FDa2dalus%2FThe-MALWARE-Repo%2Ftree%2Fmaster%2FBotnets%2FFritzFrog

HTTP Response

200

HTTP Request

GET https://github.com/Da2dalus/The-MALWARE-Repo

HTTP Response

200

HTTP Request

GET https://github.com/Da2dalus/The-MALWARE-Repo/latest-commit/master

HTTP Request

GET https://github.com/Da2dalus/The-MALWARE-Repo/tree-commit-info/master

HTTP Request

GET https://github.com/Da2dalus/The-MALWARE-Repo/branch-and-tag-count

HTTP Request

GET https://github.com/Da2dalus/The-MALWARE-Repo/hovercards/citation/sidebar_partial?tree_name=master

HTTP Request

GET https://github.com/Da2dalus/The-MALWARE-Repo/used_by_list

HTTP Response

304

HTTP Response

304

HTTP Response

304

HTTP Response

204

HTTP Response

200

HTTP Request

GET https://github.com/Da2dalus/The-MALWARE-Repo/tree/master/Spyware

HTTP Response

200

HTTP Request

GET https://github.com/Da2dalus/The-MALWARE-Repo/latest-commit/master/Spyware

HTTP Request

GET https://github.com/Da2dalus/The-MALWARE-Repo/tree-commit-info/master/Spyware

HTTP Request

GET https://github.com/Da2dalus/The-MALWARE-Repo/deferred-metadata/master/Spyware

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Spyware/HawkEye.exe

HTTP Response

200

HTTP Request

GET https://github.com/Da2dalus/The-MALWARE-Repo/latest-commit/master/Spyware/HawkEye.exe

HTTP Request

GET https://github.com/Da2dalus/The-MALWARE-Repo/deferred-metadata/master/Spyware/HawkEye.exe

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://github.com/Da2dalus/The-MALWARE-Repo/raw/refs/heads/master/Spyware/HawkEye.exe

HTTP Response

302
185.199.110.133:443

https://avatars.githubusercontent.com/u/63458929?s=32&v=4

tls, http2

msedge.exe

2.4kB
13.2kB
22
29

HTTP Request

GET https://avatars.githubusercontent.com/u/63458929?s=64&v=4

HTTP Request

GET https://avatars.githubusercontent.com/u/123590232?s=64&v=4

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://avatars.githubusercontent.com/u/63458929?v=4&size=40

HTTP Response

200

HTTP Request

GET https://avatars.githubusercontent.com/u/63458929?s=32&v=4

HTTP Response

200
185.199.111.154:443

https://github.githubassets.com/assets/react-code-view-46a8d3dce54e.js

tls, http2

msedge.exe

38.0kB
1.1MB
586
929

HTTP Request

GET https://github.githubassets.com/assets/light-0cfd1fd8509e.css

HTTP Request

GET https://github.githubassets.com/assets/primer-react.797c8ec006b327590422.module.css

HTTP Request

GET https://github.githubassets.com/assets/global-47b8b2ca21ae.css

HTTP Request

GET https://github.githubassets.com/assets/repos-overview.9cc263aa0716ce801059.module.css

HTTP Request

GET https://github.githubassets.com/assets/primer-4430d3c2c150.css

HTTP Request

GET https://github.githubassets.com/assets/code-9e1913b328be.css

HTTP Request

GET https://github.githubassets.com/assets/primer-primitives-953961b66e63.css

HTTP Request

GET https://github.githubassets.com/assets/dark-d782f59290e2.css

HTTP Request

GET https://github.githubassets.com/assets/github-e72829f5538b.css

HTTP Request

GET https://github.githubassets.com/assets/repository-d031bcc14e1b.css

HTTP Request

GET https://github.githubassets.com/assets/notifications-subscriptions-menu.1bcff9205c241e99cff2.module.css

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://github.githubassets.com/assets/wp-runtime-7c7cbcadd2c9.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_oddbird_popover-polyfill_dist_popover_js-9da652f58479.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_github_arianotify-polyfill_ariaNotify-polyfill_js-node_modules_github_mi-3abb8f-d7e6bc799724.js

HTTP Request

GET https://github.githubassets.com/assets/ui_packages_failbot_failbot_ts-c551691a8183.js

HTTP Request

GET https://github.githubassets.com/assets/environment-7b93e0f0c8ff.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_primer_behaviors_dist_esm_index_mjs-ea2a5d75d580.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_github_selector-observer_dist_index_esm_js-f690fd9ae3d5.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_github_relative-time-element_dist_index_js-f6da4b3fa34c.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_github_auto-complete-element_dist_index_js-node_modules_github_catalyst_-8e9f78-a74b4e0a8a6b.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_github_text-expander-element_dist_index_js-78748950cb0c.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_github_filter-input-element_dist_index_js-node_modules_github_remote-inp-b5f1d7-a1760ffda83d.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_github_markdown-toolbar-element_dist_index_js-ceef33f593fa.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_github_file-attachment-element_dist_index_js-node_modules_primer_view-co-c44a69-c6d035fa8dc8.js

HTTP Request

GET https://github.githubassets.com/assets/github-elements-f991cfab5105.js

HTTP Request

GET https://github.githubassets.com/assets/element-registry-68317a5dae9a.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_braintree_browser-detection_dist_browser-detection_js-node_modules_githu-bb80ec-7f43298e364b.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_lit-html_lit-html_js-be8cb88f481b.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_github_mini-throttle_dist_index_js-node_modules_morphdom_dist_morphdom-e-7c534c-a4a1922eb55f.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_github_turbo_dist_turbo_es2017-esm_js-e3cbe28f1638.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_github_remote-form_dist_index_js-node_modules_delegated-events_dist_inde-893f9f-6cf3320416b8.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_color-convert_index_js-e3180fe3bcb3.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_github_quote-selection_dist_index_js-node_modules_github_session-resume_-69cfcc-833249ee3034.js

HTTP Request

GET https://github.githubassets.com/assets/ui_packages_updatable-content_updatable-content_ts-863ef5872a03.js

HTTP Request

GET https://github.githubassets.com/assets/app_assets_modules_github_behaviors_task-list_ts-app_assets_modules_github_sso_ts-ui_packages-900dde-917d4bda1f1a.js

HTTP Request

GET https://github.githubassets.com/assets/app_assets_modules_github_sticky-scroll-into-view_ts-7cbef09a422c.js

HTTP Request

GET https://github.githubassets.com/assets/app_assets_modules_github_behaviors_ajax-error_ts-app_assets_modules_github_behaviors_include-d0d0a6-b41aeef03499.js

HTTP Request

GET https://github.githubassets.com/assets/app_assets_modules_github_behaviors_commenting_edit_ts-app_assets_modules_github_behaviors_ht-83c235-fb43816ab83c.js

HTTP Request

GET https://github.githubassets.com/assets/behaviors-a6abce982f3f.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_delegated-events_dist_index_js-node_modules_github_catalyst_lib_index_js-f6223d90c7ba.js

HTTP Request

GET https://github.githubassets.com/assets/notifications-global-cfcd9f4f0f23.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_virtualized-list_es_index_js-node_modules_github_template-parts_lib_index_js-96453a51f920.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_github_remote-form_dist_index_js-node_modules_delegated-events_dist_inde-70450e-eecf0d50276f.js

HTTP Request

GET https://github.githubassets.com/assets/app_assets_modules_github_ref-selector_ts-842c74d2eab4.js

HTTP Request

GET https://github.githubassets.com/assets/codespaces-a493a4b9528f.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_github_filter-input-element_dist_index_js-node_modules_github_remote-inp-3eebbd-0763620ad7bf.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_github_mini-throttle_dist_decorators_js-node_modules_delegated-events_di-e161aa-9d41fb1b6c9e.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_github_file-attachment-element_dist_index_js-node_modules_github_remote--3c9c82-7238cfcdaa51.js

HTTP Request

GET https://github.githubassets.com/assets/repositories-f3093651fb0e.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_github_mini-throttle_dist_index_js-node_modules_github_catalyst_lib_inde-dbbea9-26cce2010167.js

HTTP Request

GET https://github.githubassets.com/assets/code-menu-b5f092ec4b30.js

HTTP Request

GET https://github.githubassets.com/assets/primer-react-753dc87b1e29.js

HTTP Request

GET https://github.githubassets.com/assets/react-core-accb67f1350f.js

HTTP Request

GET https://github.githubassets.com/assets/react-lib-2131e17288a8.js

HTTP Request

GET https://github.githubassets.com/assets/octicons-react-45c3a19dd792.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_tanstack_query-core_build_modern_queryClient_js-e6f07a7e80b7.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_emotion_is-prop-valid_dist_emotion-is-prop-valid_esm_js-node_modules_emo-37e3d5-92730c05e718.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_github_mini-throttle_dist_index_js-node_modules_stacktrace-parser_dist_s-e7dcdd-f7cc96ebae76.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_oddbird_popover-polyfill_dist_popover-fn_js-55fea94174bf.js

HTTP Request

GET https://github.githubassets.com/assets/notifications-subscriptions-menu-51601778bd8d.js

HTTP Request

GET https://github.githubassets.com/assets/ui_packages_ui-commands_ui-commands_ts-df3b47d86af0.js

HTTP Request

GET https://github.githubassets.com/assets/keyboard-shortcuts-dialog-958cae8ecd6c.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_github_remote-form_dist_index_js-node_modules_delegated-events_dist_inde-94fd67-73b675cf164a.js

HTTP Request

GET https://github.githubassets.com/assets/sessions-5d6426bbf16a.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_dompurify_dist_purify_js-b89b98661809.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_tanstack_query-core_build_modern_queryObserver_js-node_modules_tanstack_-defd52-843b41414e0e.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_github_hydro-analytics-client_dist_analytics-client_js-node_modules_gith-9002b0-881da98a8b00.js

HTTP Request

GET https://github.githubassets.com/assets/ui_packages_aria-live_aria-live_ts-ui_packages_promise-with-resolvers-polyfill_promise-with-r-014121-a7926fdcecf7.js

HTTP Request

GET https://github.githubassets.com/assets/ui_packages_paths_index_ts-4e4d706da555.js

HTTP Request

GET https://github.githubassets.com/assets/ui_packages_ref-selector_RefSelector_tsx-42e7f6cf3ca8.js

HTTP Request

GET https://github.githubassets.com/assets/ui_packages_code-view-shared_hooks_use-canonical-object_ts-ui_packages_code-view-shared_hooks-503c34-7dfba50d2c16.js

HTTP Request

GET https://github.githubassets.com/assets/ui_packages_commit-attribution_index_ts-ui_packages_commit-checks-status_index_ts-ui_packages-56ee79-b20e64ad06f9.js

HTTP Request

GET https://github.githubassets.com/assets/repos-overview-e21499fb8264.js

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://github.githubassets.com/assets/chunk-app_components_primer_experimental_select-panel-element_ts-4becf93aa968.js

HTTP Request

GET https://github.githubassets.com/assets/chunk-app_components_primer_experimental_toggle-switch-element_ts-04349cb42240.js

HTTP Request

GET https://github.githubassets.com/assets/chunk-app_components_search_custom-scopes-element_ts-e27cda452715.js

HTTP Request

GET https://github.githubassets.com/assets/chunk-vendors-node_modules_github_mini-throttle_dist_index_js-node_modules_github_combobox-nav_dist-b7767a-9ad7d4eda3d9.js

HTTP Request

GET https://github.githubassets.com/assets/ui_packages_query-builder-element_query-builder-element_ts-405952f48873.js

HTTP Request

GET https://github.githubassets.com/assets/app_assets_modules_github_blob-anchor_ts-ui_packages_code-nav_code-nav_ts-ui_packages_filter--8253c1-f38cdfca9137.js

HTTP Request

GET https://github.githubassets.com/assets/chunk-ui_packages_hydro-analytics_hydro-analytics_ts-ui_packages_jump-to-element_model_ts-201ddaee8e7d.js

HTTP Request

GET https://github.githubassets.com/assets/chunk-app_components_search_qbsearch-input-element_ts-343b1f8e02e1.js

HTTP Request

GET https://github.githubassets.com/assets/chunk-ui_packages_cookie-consent-link-element_element-entry_ts-0ade2bf7a852.js

HTTP Request

GET https://github.githubassets.com/assets/chunk-ui_packages_ghcc-consent-element_element-entry_ts-28a44339e296.js

HTTP Request

GET https://github.githubassets.com/assets/chunk-vendors-node_modules_github_mini-throttle_dist_index_js-node_modules_github_combobox-nav_dist-5f477b-eeb221e8a5a3.js

HTTP Request

GET https://github.githubassets.com/assets/chunk-ui_packages_hydro-analytics_hydro-analytics_ts-ui_packages_query-builder-element_element-entry_ts-bb301b3aed11.js

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://github.githubassets.com/assets/chunk-ui_packages_webauthn-get-element_element-entry_ts-0937e3810b98.js

HTTP Response

200

HTTP Request

GET https://github.githubassets.com/assets/chunk-ui_packages_code-view-shared_components_files-search_FileResultsList_tsx-9889e76b905e.js

HTTP Request

GET https://github.githubassets.com/assets/chunk-vendors-node_modules_consent-banner_dist_consent-banner_js-362ca569b596.js

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://github.githubassets.com/assets/react-code-view.6b587a69b593e23c3657.module.css

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_lodash-es__Stack_js-node_modules_lodash-es__Uint8Array_js-node_modules_l-4faaa6-10d8eea337ce.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_lodash-es__baseIsEqual_js-8929eb9718d5.js

HTTP Request

GET https://github.githubassets.com/assets/ui_packages_code-view-shared_utilities_web-worker_ts-ui_packages_code-view-shared_worker-jobs-cdcae1-f0dc8f3ae3e0.js

HTTP Request

GET https://github.githubassets.com/assets/ui_packages_document-metadata_document-metadata_ts-ui_packages_repos-file-tree-view_repos-fil-5db355-d0627efd6544.js

HTTP Request

GET https://github.githubassets.com/assets/react-code-view-46a8d3dce54e.js

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200
185.199.111.154:443

github.githubassets.com

tls

msedge.exe

885 B
5.8kB
8
9
185.199.111.154:443

github.githubassets.com

tls

msedge.exe

885 B
5.8kB
8
9
185.199.111.154:443

github.githubassets.com

tls

msedge.exe

885 B
5.8kB
8
9
185.199.111.154:443

github.githubassets.com

tls

msedge.exe

885 B
5.8kB
8
9
185.199.111.154:443

github.githubassets.com

tls

msedge.exe

885 B
5.8kB
8
9
185.199.110.133:443

avatars.githubusercontent.com

tls

msedge.exe

1.0kB
4.7kB
11
9
185.199.111.154:443

https://github.githubassets.com/favicons/favicon.png

tls, http2

msedge.exe

2.4kB
24.2kB
26
31

HTTP Request

GET https://github.githubassets.com/favicons/favicon.svg

HTTP Request

GET https://github.githubassets.com/assets/apple-touch-icon-144x144-b882e354c005.png

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://github.githubassets.com/favicons/favicon.png

HTTP Response

200
140.82.113.21:443

collector.github.com

tls

msedge.exe

1.0kB
4.6kB
10
8
140.82.113.21:443

https://collector.github.com/github/collect

tls, http2

msedge.exe

22.2kB
13.3kB
57
54

HTTP Request

POST https://collector.github.com/github/collect

HTTP Request

POST https://collector.github.com/github/collect

HTTP Response

204

HTTP Response

204

HTTP Request

POST https://collector.github.com/github/collect

HTTP Response

204

HTTP Request

POST https://collector.github.com/github/collect

HTTP Response

204

HTTP Request

POST https://collector.github.com/github/collect

HTTP Response

204

HTTP Request

POST https://collector.github.com/github/collect

HTTP Response

204

HTTP Request

POST https://collector.github.com/github/collect

HTTP Request

POST https://collector.github.com/github/collect

HTTP Response

204

HTTP Response

204

HTTP Request

POST https://collector.github.com/github/collect

HTTP Request

POST https://collector.github.com/github/collect

HTTP Response

204

HTTP Response

204

HTTP Request

POST https://collector.github.com/github/collect

HTTP Request

POST https://collector.github.com/github/collect

HTTP Request

POST https://collector.github.com/github/collect

HTTP Response

204

HTTP Response

204

HTTP Response

204
20.26.156.210:443

https://api.github.com/_private/browser/stats

tls, http2

msedge.exe

14.1kB
11.9kB
45
48

HTTP Request

POST https://api.github.com/_private/browser/stats

HTTP Response

200

HTTP Request

POST https://api.github.com/_private/browser/stats

HTTP Response

200

HTTP Request

POST https://api.github.com/_private/browser/stats

HTTP Response

200

HTTP Request

POST https://api.github.com/_private/browser/stats

HTTP Response

200

HTTP Request

POST https://api.github.com/_private/browser/stats

HTTP Response

200

HTTP Request

POST https://api.github.com/_private/browser/stats

HTTP Response

200
185.199.108.133:443

https://raw.githubusercontent.com/Da2dalus/The-MALWARE-Repo/refs/heads/master/Spyware/HawkEye.exe

tls, http2

msedge.exe

5.7kB
252.0kB
100
191

HTTP Request

GET https://raw.githubusercontent.com/Da2dalus/The-MALWARE-Repo/refs/heads/master/Spyware/HawkEye.exe

HTTP Response

200
95.165.168.168:8444

HawkEye.exe

260 B
5
216.58.204.74:80

http://fonts.googleapis.com/css?family=Audiowide

http

IEXPLORE.EXE

482 B
889 B
5
4

HTTP Request

GET http://fonts.googleapis.com/css?family=Audiowide

HTTP Response

200
216.58.204.74:80

fonts.googleapis.com

IEXPLORE.EXE

98 B
52 B
2
1
104.21.11.28:80

http://www.veryicon.com/icon/png/Flag/Flag%204/Germany.png

http

IEXPLORE.EXE

494 B
1.2kB
4
3

HTTP Request

GET http://www.veryicon.com/icon/png/Flag/Flag%204/Germany.png

HTTP Response

301
104.21.11.28:80

http://www.veryicon.com/icon/png/Flag/Flag%204/United%20Kingdom.png

http

IEXPLORE.EXE

503 B
1.3kB
4
3

HTTP Request

GET http://www.veryicon.com/icon/png/Flag/Flag%204/United%20Kingdom.png

HTTP Response

301
104.21.11.28:443

https://www.veryicon.com/icon/png/Flag/Flag%204/Germany.png

tls, http2

IEXPLORE.EXE

1.7kB
10.6kB
23
19

HTTP Request

GET https://www.veryicon.com/icon/png/Flag/Flag%204/United%20Kingdom.png

HTTP Request

GET https://www.veryicon.com/icon/png/Flag/Flag%204/Germany.png

HTTP Response

200

HTTP Response

200
104.21.11.28:443

www.veryicon.com

tls, http2

IEXPLORE.EXE

907 B
3.7kB
11
8
199.232.192.193:80

http://i.imgur.com/zHNCk2e.gif

http

IEXPLORE.EXE

604 B
645 B
7
5

HTTP Request

GET http://i.imgur.com/zHNCk2e.gif

HTTP Response

301
199.232.192.193:80

i.imgur.com

IEXPLORE.EXE

150 B
104 B
3
2
142.250.178.3:80

http://c.pki.goog/r/r4.crl

http

IEXPLORE.EXE

510 B
3.8kB
6
5

HTTP Request

GET http://c.pki.goog/r/gsr1.crl

HTTP Response

200

HTTP Request

GET http://c.pki.goog/r/r4.crl

HTTP Response

200
158.222.211.81:8080

HawkEye.exe

260 B
5
142.250.187.195:80

fonts.gstatic.com

IEXPLORE.EXE

98 B
52 B
2
1
142.250.187.195:80

http://fonts.gstatic.com/s/audiowide/v20/l7gdbjpo0cum0ckerWCdlg_I.woff

http

IEXPLORE.EXE

1.1kB
19.2kB
17
16

HTTP Request

GET http://fonts.gstatic.com/s/audiowide/v20/l7gdbjpo0cum0ckerWCdlg_I.woff

HTTP Response

200
199.232.192.193:443

https://i.imgur.com/zHNCk2e.gif

tls, http2

IEXPLORE.EXE

1.3kB
8.5kB
17
16

HTTP Request

GET https://i.imgur.com/zHNCk2e.gif

HTTP Response

200
95.165.168.168:8444

HawkEye.exe

104 B
2

8.8.8.8:53

google.com

dns

msedge.exe

56 B
72 B
1
1

DNS Request

google.com

DNS Response

142.250.180.14
8.8.8.8:53

www.google.com

dns

msedge.exe

60 B
76 B
1
1

DNS Request

www.google.com

DNS Response

142.250.187.196
8.8.8.8:53

232.168.11.51.in-addr.arpa

dns

72 B
158 B
1
1

DNS Request

232.168.11.51.in-addr.arpa
8.8.8.8:53

support.google.com

dns

msedge.exe

64 B
80 B
1
1

DNS Request

support.google.com

DNS Response

172.217.169.14
142.250.187.196:443

www.google.com

https

msedge.exe

64.7kB
442.7kB
153
375
8.8.8.8:53

196.187.250.142.in-addr.arpa

dns

74 B
112 B
1
1

DNS Request

196.187.250.142.in-addr.arpa
8.8.8.8:53

8.153.16.2.in-addr.arpa

dns

69 B
131 B
1
1

DNS Request

8.153.16.2.in-addr.arpa
8.8.8.8:53

133.32.126.40.in-addr.arpa

dns

72 B
158 B
1
1

DNS Request

133.32.126.40.in-addr.arpa
8.8.8.8:53

227.187.250.142.in-addr.arpa

dns

74 B
112 B
1
1

DNS Request

227.187.250.142.in-addr.arpa
8.8.8.8:53

95.221.229.192.in-addr.arpa

dns

73 B
144 B
1
1

DNS Request

95.221.229.192.in-addr.arpa
8.8.8.8:53

195.187.250.142.in-addr.arpa

dns

74 B
112 B
1
1

DNS Request

195.187.250.142.in-addr.arpa
224.0.0.251:5353

582 B
9
8.8.8.8:53

133.211.185.52.in-addr.arpa

dns

73 B
147 B
1
1

DNS Request

133.211.185.52.in-addr.arpa
8.8.8.8:53

196.249.167.52.in-addr.arpa

dns

73 B
147 B
1
1

DNS Request

196.249.167.52.in-addr.arpa
8.8.8.8:53

197.87.175.4.in-addr.arpa

dns

71 B
157 B
1
1

DNS Request

197.87.175.4.in-addr.arpa
8.8.8.8:53

198.187.3.20.in-addr.arpa

dns

71 B
157 B
1
1

DNS Request

198.187.3.20.in-addr.arpa
8.8.8.8:53

22.236.111.52.in-addr.arpa

dns

72 B
158 B
1
1

DNS Request

22.236.111.52.in-addr.arpa
8.8.8.8:53

219.143.101.95.in-addr.arpa

dns

73 B
139 B
1
1

DNS Request

219.143.101.95.in-addr.arpa
8.8.8.8:53

th.bing.com

dns

msedge.exe

57 B
206 B
1
1

DNS Request

th.bing.com

DNS Response

95.101.143.201

95.101.143.219
8.8.8.8:53

r.bing.com

dns

msedge.exe

56 B
204 B
1
1

DNS Request

r.bing.com

DNS Response

95.101.143.201

95.101.143.219
8.8.8.8:53

201.143.101.95.in-addr.arpa

dns

73 B
139 B
1
1

DNS Request

201.143.101.95.in-addr.arpa
8.8.8.8:53

login.microsoftonline.com

dns

msedge.exe

71 B
306 B
1
1

DNS Request

login.microsoftonline.com

DNS Response

20.190.160.20

40.126.32.134

40.126.32.68

20.190.160.17

40.126.32.140

40.126.32.74

40.126.32.72

40.126.32.133
8.8.8.8:53

20.160.190.20.in-addr.arpa

dns

72 B
158 B
1
1

DNS Request

20.160.190.20.in-addr.arpa
8.8.8.8:53

73.31.126.40.in-addr.arpa

dns

71 B
157 B
1
1

DNS Request

73.31.126.40.in-addr.arpa
8.8.8.8:53

237.21.107.13.in-addr.arpa

dns

72 B
158 B
1
1

DNS Request

237.21.107.13.in-addr.arpa
8.8.8.8:53

github.com

dns

msedge.exe

56 B
72 B
1
1

DNS Request

github.com

DNS Response

20.26.156.215
8.8.8.8:53

avatars.githubusercontent.com

dns

msedge.exe

75 B
139 B
1
1

DNS Request

avatars.githubusercontent.com

DNS Response

185.199.110.133

185.199.111.133

185.199.109.133

185.199.108.133
8.8.8.8:53

github.githubassets.com

dns

msedge.exe

69 B
133 B
1
1

DNS Request

github.githubassets.com

DNS Response

185.199.111.154

185.199.109.154

185.199.108.154

185.199.110.154
8.8.8.8:53

github-cloud.s3.amazonaws.com

dns

msedge.exe

75 B
253 B
1
1

DNS Request

github-cloud.s3.amazonaws.com

DNS Response

52.217.132.41

54.231.195.73

52.216.88.251

54.231.198.73

54.231.172.169

3.5.25.103

3.5.29.249

52.216.38.233
8.8.8.8:53

user-images.githubusercontent.com

dns

msedge.exe

79 B
143 B
1
1

DNS Request

user-images.githubusercontent.com

DNS Response

185.199.108.133

185.199.111.133

185.199.109.133

185.199.110.133
8.8.8.8:53

215.156.26.20.in-addr.arpa

dns

72 B
158 B
1
1

DNS Request

215.156.26.20.in-addr.arpa
8.8.8.8:53

133.110.199.185.in-addr.arpa

dns

148 B
236 B
2
2

DNS Request

133.110.199.185.in-addr.arpa

DNS Request

133.110.199.185.in-addr.arpa
8.8.8.8:53

154.111.199.185.in-addr.arpa

dns

74 B
118 B
1
1

DNS Request

154.111.199.185.in-addr.arpa
8.8.8.8:53

collector.github.com

dns

msedge.exe

66 B
115 B
1
1

DNS Request

collector.github.com

DNS Response

140.82.113.21
8.8.8.8:53

api.github.com

dns

msedge.exe

60 B
76 B
1
1

DNS Request

api.github.com

DNS Response

20.26.156.210
8.8.8.8:53

21.113.82.140.in-addr.arpa

dns

72 B
117 B
1
1

DNS Request

21.113.82.140.in-addr.arpa
8.8.8.8:53

210.156.26.20.in-addr.arpa

dns

72 B
158 B
1
1

DNS Request

210.156.26.20.in-addr.arpa
8.8.8.8:53

74.239.69.13.in-addr.arpa

dns

71 B
145 B
1
1

DNS Request

74.239.69.13.in-addr.arpa
8.8.8.8:53

raw.githubusercontent.com

dns

msedge.exe

71 B
135 B
1
1

DNS Request

raw.githubusercontent.com

DNS Response

185.199.108.133

185.199.111.133

185.199.110.133

185.199.109.133
8.8.8.8:53

133.108.199.185.in-addr.arpa

dns

74 B
118 B
1
1

DNS Request

133.108.199.185.in-addr.arpa
8.8.8.8:53

bot.whatismyipaddress.com

dns

HawkEye.exe

71 B
130 B
1
1

DNS Request

bot.whatismyipaddress.com
8.8.8.8:53

www.veryicon.com

dns

IEXPLORE.EXE

62 B
94 B
1
1

DNS Request

www.veryicon.com

DNS Response

104.21.11.28

172.67.165.22
8.8.8.8:53

i.imgur.com

dns

IEXPLORE.EXE

57 B
128 B
1
1

DNS Request

i.imgur.com

DNS Response

199.232.192.193

199.232.196.193
8.8.8.8:53

c.pki.goog

dns

IEXPLORE.EXE

56 B
107 B
1
1

DNS Request

c.pki.goog

DNS Response

142.250.178.3
8.8.8.8:53

28.11.21.104.in-addr.arpa

dns

71 B
133 B
1
1

DNS Request

28.11.21.104.in-addr.arpa
8.8.8.8:53

3.178.250.142.in-addr.arpa

dns

72 B
110 B
1
1

DNS Request

3.178.250.142.in-addr.arpa
8.8.8.8:53

193.192.232.199.in-addr.arpa

dns

74 B
128 B
1
1

DNS Request

193.192.232.199.in-addr.arpa
8.8.8.8:53

23.149.64.172.in-addr.arpa

dns

72 B
134 B
1
1

DNS Request

23.149.64.172.in-addr.arpa

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Credentials from Password Stores

T1555

Credentials from Web Browsers

T1555.003

Unsecured Credentials

T1552

Credentials In Files

T1552.001

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Data from Local System

T1005

Command and Control

Web Service

T1102

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Program Files\Java\jdk-1.8\jre\lib\YOUR_FILES_ARE_ENCRYPTED.HTML

Filesize
4KB

MD5
92c67a63284dc49da787e567dbdb348a

SHA1
d9dddd47eb637e6c4ec76a0a9f8b69a0cb2af034

SHA256
be45c80a225429f132a4b9d8d210a8d8c1faabd987d710f9b695e55aa09001ae

SHA512
6a79f36c338d55c6fc0ced4b86227fff07e19d62b1b8af0d4f05cb758d70b57760138a6f113532e2dd6683005cd7d314eba38a4b22a878f0f095cb30b4a2e4e4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\CLR_v2.0_32\UsageLogs\HawkEye.exe.log

Filesize
20B

MD5
b3ac9d09e3a47d5fd00c37e075a70ecb

SHA1
ad14e6d0e07b00bd10d77a06d68841b20675680b

SHA256
7a23c6e7ccd8811ecdf038d3a89d5c7d68ed37324bae2d4954125d9128fa9432

SHA512
09b609ee1061205aa45b3c954efc6c1a03c8fd6b3011ff88cf2c060e19b1d7fd51ee0cb9d02a39310125f3a66aa0146261bdee3d804f472034df711bc942e316

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
8749e21d9d0a17dac32d5aa2027f7a75

SHA1
a5d555f8b035c7938a4a864e89218c0402ab7cde

SHA256
915193bd331ee9ea7c750398a37fbb552b8c5a1d90edec6293688296bda6f304

SHA512
c645a41180ed01e854f197868283f9b40620dbbc813a1c122f6870db574ebc1c4917da4d320bdfd1cc67f23303a2c6d74e4f36dd9d3ffcfa92d3dfca3b7ca31a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
34d2c4f40f47672ecdf6f66fea242f4a

SHA1
4bcad62542aeb44cae38a907d8b5a8604115ada2

SHA256
b214e3affb02a2ea4469a8bbdfa8a179e7cc57cababd83b4bafae9cdbe23fa33

SHA512
50fba54ec95d694211a005d0e3e6cf5b5677efa16989cbf854207a1a67e3a139f32b757c6f2ce824a48f621440b93fde60ad1dc790fcec4b76edddd0d92a75d6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\85f0ad54-ad9b-47eb-b76a-f089cf93026d.tmp

Filesize
7KB

MD5
a6f62fca0c7626cd0d0d8fbbb712c55e

SHA1
c617aef66cf9d9fa716f1e00b8b1d4761481cf53

SHA256
bb995e2b851ece5df02335c45d68ad2a31ec2327574493df15e8171ea5929ce2

SHA512
a0ba46c23307b3f052d2cf522636a6497925b8e31ac4911f50b203458937f30a73e00d00a5c92a2836b8193bd094361e103e8614c40fc4e52f74026d6f162de9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\896f848e-38f6-4117-b662-93f4771ebb47.tmp

Filesize
814B

MD5
98ac45f370fdbc9f77e2c32f1ca41bdf

SHA1
af54d729bac6bd96936aa0b9ad513374650ac099

SHA256
04042bcaf1af7fbde02790ae40f590d3804454ccd5bd2a5079fa2f94a50e6186

SHA512
021cc1f528e8df31229b2cf281c62c48a341c9636d86df30d0f9f889999450f71bd4b68b1f7d60385a962c5d0068abf5c44fb4dd16998e93f4a4f01ad39a1621

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\97fd50a0-25c8-4f2d-a34e-7494c63718de.tmp

Filesize
1KB

MD5
d8c499fd8d6441a9011565e4a40a6c23

SHA1
e3b065128247bc051e936491f11332794a185658

SHA256
2217cb67cba5b4c31c872eb29f8d3dc5fa2961feca8583af247a06218a13567e

SHA512
27ff06cd6dd86ee36525a38f91c1e647cc16b6f26bb0f04f005af13047521a283c41dce8aaa4f65273a0ee2ef0283b7ab1756eb9fe08e2daf1e64221833eab22

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000003

Filesize
215KB

MD5
d79b35ccf8e6af6714eb612714349097

SHA1
eb3ccc9ed29830df42f3fd129951cb8b791aaf98

SHA256
c8459799169b81fdab64d028a9ebb058ea2d0ad5feb33a11f6a45a54a5ccc365

SHA512
f4be1c1e192a700139d7cff5059af81c0234ed5f032796036a1a4879b032ce4eedd16a121bbf776f17bc84a0012846f467ad48b46db4008841c25b779c7d8f5a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000016

Filesize
18KB

MD5
7d54dd3fa3c51a1609e97e814ed449a0

SHA1
860bdd97dcd771d4ce96662a85c9328f95b17639

SHA256
7a258cd27f674e03eafc4f11af7076fb327d0202ce7a0a0e95a01fb33c989247

SHA512
17791e03584e77f2a6a03a7e3951bdc3220cd4c723a1f3be5d9b8196c5746a342a85226fcd0dd60031d3c3001c6bdfee0dcc21d7921ea2912225054d7f75c896

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
144B

MD5
cebe26773da379c34aa485c61aa0e321

SHA1
8d36b3cec0331a0989dc7782ee248cc17a2ecced

SHA256
26c427d713e1f8cfd3e3c672c7cdde4c16245464ba4c38fc1b13b956f889935b

SHA512
ab0c2ef3f0c7cfafe4a1fa3a4e2fd9a74892e980bd220f2d1e2a2f93397505773206516e556fb0facb8f2e1c59d448c5c8d00b6698ca96a38d0f36cc46f05aa9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
144B

MD5
bef5624386062719b9b7bb2edcc2080d

SHA1
3005b111ae97482a7a1c92c2d6f35db01996c457

SHA256
32e82a2c9110716a2a5d8f8af6665d664d1a3a8ef41fcf58f11cf30ff277f829

SHA512
af088e88a6c04cf8b9043e167e9cc7697f4b024523296e63280422a027451df541db3ac4c981654fd7f9adf6affb4bcd316168bc42f0ff7a770c4cc1cae53aa7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
3KB

MD5
67dba0c546f899f2f4ab801596018ecc

SHA1
4f81c260f23aabba4f6affa46f30e3dd86fb4285

SHA256
3c164bc900687e3d513787dc4d3d8e4e34cf53c37a4ea72e9eb10008dbbee4f8

SHA512
d7b6fb08bc4969be2a4ce7697629592086ca1ba13704794a4e4231461bcd604906bab424ebab28514ea5e8bbf5447c809cd7ecbc4e5e4db5d154713f94401257

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
3KB

MD5
0031b5f70bd36333303401d68ac54e35

SHA1
0a4fa097e2d92f13cce3faa57fa3c552522c9fb9

SHA256
cd48ad208ba24f5d44a8a9b8803b235011a5ceedd8800d2b32465c07a635f6bc

SHA512
030ce2cf298f501e38cdd3c00efc883209a7159b72ac348ac5ab43644d02a9870914c19801423af7856f0bea6f610c8e184c951559b308eef319679febfd3941

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
f359603ccdd0f94e061b32e9c52c7d1a

SHA1
a6a0d7ea89f455ccd6094710a36fdd8e99a8cf5a

SHA256
50972f71c3ec3824c5210da2e015de7f5e30daa38e57b1a892114108a693396c

SHA512
5c9f7c049f8a23b205f0fa3f32bb0d7cd8c551078e401d8e8cd3807891f4247fa62dcdab3afdc0cc8737d47ff358b749b245d720533dd4fa394fb12ca5e8d5d4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
50e03fe5809879a77df6a1ad1c685387

SHA1
eae982b31ed47c12508e5f96da7edd376ceb58cc

SHA256
2e8a2f4aa60269229ef64e76baaae51775f713637cd42f74009ca4e4e93f989a

SHA512
125ab0bb5058e56453b8d3bb4487a64a8534c551f970a9fe57f98b27729140582300edf52b660f0e38d1174d496a04d626b53e5f0ac7c4366337ccbaaedd2078

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
07727abff622c57d195f85c38437200b

SHA1
ada3b626421d30756142ed148048a47bef9e8338

SHA256
206f3ee97d59095eec7e984e7bd2e11a6e9f0d81f2a8324405667c527e538e3e

SHA512
c89c5e3f62d5bbbdb421c9ca9b3a7a970ab9cff7b9130e9980e3855680e768b4cf126c42ea5e884793f0e2847c26f7650bd7c237f9cface828f41e3d15702956

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
fc6625b48b79947f51cda40fc78c089f

SHA1
81dd718728bbff0043185b078d160d6484b33dae

SHA256
e8a7d803665fed85f5b25c2e07784367b1f62a9f1862c728d048c0dd7491b43b

SHA512
36a12225ef0d5a35fef07c2fc616abf1c1db960d29131d455b38323a27d8536673e0a43c8edf442454237a11c7d1789a659d945ffe8824c22e493a852e4c2c48

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
7d2e7b18eb8d1fcee83f9134d38fc401

SHA1
f3b9dd589c350c929393002872738e803a8e5e64

SHA256
326a02445307a9f15ff4796add8b3c0139af3d9480c08c56e1be8bf37e55d167

SHA512
8e6998dfd31f91217e023ccc69eb9659899217506424530d2f9a5a0910a086790724dbae265f1984da6a1cbadc4fd05223b223c678e8c1ba81cf1405eaf52d5e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
2cf0bcd757838d05fbd18398b9434e43

SHA1
dc27d6a95026e358e73def6f4795b1a018d771ff

SHA256
e34f1779e298da5d913642fb05c6e206791ca92121419c5b11b26f85f93ebc88

SHA512
7a36e8955eda2b1ce9d642ff82c2a235f71c03fb3399ec38ca80561cd63fc4fae31c493602f34a1f6a4d2fc0169886f5672129597330870405b18fa3d2998319

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
8cdf0054158410e6c7e8849a0d12b9ff

SHA1
74b58bfae69f016eb7dab7143904898dbeff0c35

SHA256
78bb42242f8be186135d7cbc774be8d2d2d6dee95cbcb3699de408d20319c10a

SHA512
7a191bb33f2c960446d4e456ba6319bd4a839b9bbbbf4fd3bdd96b9c31d85b8c9790f3bada6719032df08b5d67211329941ab80b2865b8aa1c688651c6cccf0d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
47129762cd3719d13195cbdf1a30b8f9

SHA1
79efb492ea146d04f157e70a87e0f957d09bb712

SHA256
188ab48704ee5dfc3ea2ead17d39c285c40cee2745f0d0f0511200e0b1853bc6

SHA512
28b58218237e867f286a32be3e7f07e022c8603a52cc5b61ede5410d4013519de0f25392a5961d84697594dcb69dbb9c06d3fa097d77ffeddf5aa026b499e609

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
5224d7cbbfb243ec9803b6f8c800da62

SHA1
fe385d59d31efdce964c3ebfdd0eb04cb81220a4

SHA256
4d922f661c14f29ddb72a5c0244e2faa451a7aad1bbd0a4fa035c95ea917eb23

SHA512
7f65caa6d519f880138d0c281c6992699bf2d9fe330f739cc1d4eb01865c496574c43a0fcd4fb5ec34fbda8bacc996e7a5714af3f026f32113a9e205f6dd6867

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
d776d1d48641c2a67bf4045edcfadeb5

SHA1
930dbefae04e3c6a9b7a0fd3e5132422fa6c5c9e

SHA256
13ff0a76c9f8f2042f1408540826a7fe5e7acdc92ded12f0ebb1df2dba76ca43

SHA512
fe71c15b370c25934a122743133692d4e18fb919c8ac720a56db86dc23052757e29fdf5ddb61601ac84d0c9027efc0a7665613321a716784cccf9dbfba2abbb1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe598aa2.TMP

Filesize
536B

MD5
688d59542de10a7e5d132f641c15f1a0

SHA1
e1cb9590ef4c19c6340b770e75911508fea9f978

SHA256
4ed074fdf765e3cf62e3fe6a027e6b427a97d37c17369b7bbd230de54f8245eb

SHA512
398a1335b9d59b8c2de98417bec1fc518aa995c7ec73259cbfcbd2e4ce9fb293b3234f927a814cde5527a8a3706042d0b771f308da634409374c4b4af76d9f81

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
28e9320f7c1c89f44fcd6bd47fd8c7fd

SHA1
38990104e522b890a309e9cdb600ebc58d5541c9

SHA256
b294400a64e04246e7594b7b6973f68a6d6dc2a2eb677a4df353a0803c9ce353

SHA512
ec957a621d31e079a0734452794683b427fefaf3c6c4e8c1f80f812594f72b76565bdfe948dc87fd7ec2c7ca2ad6cd874a9803f674fc41d4fa50e2ec9212c8a8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
c78009f648410333067b865af1d3bbe4

SHA1
11dae6a81c5830db06b55a0744a80cc506ec057a

SHA256
03b7f6d6870b3c5b9659b6b4510ad3eb26d47affcd27abe37f2683e16fdc9656

SHA512
beff51f8a177d5dc5154a6bb8ee59613f29c9821061881a3c1fc5797f151307021f206fc52b02ef12a0b48d96be16d4c0833c99d475322aa1b926a1eff8ebf35

Download Submit
C:\Users\Admin\Downloads\Unconfirmed 548962.crdownload

Filesize
232KB

MD5
60fabd1a2509b59831876d5e2aa71a6b

SHA1
8b91f3c4f721cb04cc4974fc91056f397ae78faa

SHA256
1dacdc296fd6ef6ba817b184cce9901901c47c01d849adfa4222bfabfed61838

SHA512
3e842a7d47b32942adb936cae13293eddf1a6b860abcfe7422d0fb73098264cc95656b5c6d9980fad1bf8b5c277cd846c26acaba1bef441582caf34eb1e5295a

Download Submit
memory/3904-618-0x0000000010000000-0x0000000010010000-memory.dmp

Filesize
64KB

Download
memory/3904-622-0x0000000005670000-0x000000000568A000-memory.dmp

Filesize
104KB

Download

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Request

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Request

HTTP Request

HTTP Response

HTTP Response

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Response

HTTP Response

HTTP Response

HTTP Response

HTTP Request

HTTP Request

HTTP Request

HTTP Response

HTTP Response

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Response

HTTP Response

HTTP Response

HTTP Response

HTTP Response

HTTP Response

HTTP Response

HTTP Response

HTTP Response

HTTP Response

HTTP Response

HTTP Response

HTTP Response

HTTP Request

HTTP Request

HTTP Response

HTTP Request

HTTP Request

HTTP Request