6b375c48ad15457b59515cb32a1654772fb18d7f1f5b2921c359975150bd89ef

System Information Discovery

description	ioc	Process
Key value queried	\REGISTRY\USER\S-1-5-21-2503671516-4119152987-701077851-1000\Control Panel\International\Geo\Nation	Code.exe
Key value queried	\REGISTRY\USER\S-1-5-21-2503671516-4119152987-701077851-1000\Control Panel\International\Geo\Nation	Microsoft.VisualStudio.Reliability.Monitor.exe
Key value queried	\REGISTRY\USER\S-1-5-21-2503671516-4119152987-701077851-1000\Control Panel\International\Geo\Nation	Microsoft.VisualStudio.Code.ServiceHost.exe
Key value queried	\REGISTRY\USER\S-1-5-21-2503671516-4119152987-701077851-1000\Control Panel\International\Geo\Nation	Code.exe
Key value queried	\REGISTRY\USER\S-1-5-21-2503671516-4119152987-701077851-1000\Control Panel\International\Geo\Nation	Code.exe
Key value queried	\REGISTRY\USER\S-1-5-21-2503671516-4119152987-701077851-1000\Control Panel\International\Geo\Nation	Code.exe
Key value queried	\REGISTRY\USER\S-1-5-21-2503671516-4119152987-701077851-1000\Control Panel\International\Geo\Nation	Microsoft.CodeAnalysis.LanguageServer.exe
Key value queried	\REGISTRY\USER\S-1-5-21-2503671516-4119152987-701077851-1000\Control Panel\International\Geo\Nation	Microsoft.ServiceHub.Controller.exe
Key value queried	\REGISTRY\USER\S-1-5-21-2503671516-4119152987-701077851-1000\Control Panel\International\Geo\Nation	Code.exe
Key value queried	\REGISTRY\USER\S-1-5-21-2503671516-4119152987-701077851-1000\Control Panel\International\Geo\Nation	Code.exe
Key value queried	\REGISTRY\USER\S-1-5-21-2503671516-4119152987-701077851-1000\Control Panel\International\Geo\Nation	Code.exe
Key value queried	\REGISTRY\USER\S-1-5-21-2503671516-4119152987-701077851-1000\Control Panel\International\Geo\Nation	Microsoft.CodeAnalysis.LanguageServer.exe
Key value queried	\REGISTRY\USER\S-1-5-21-2503671516-4119152987-701077851-1000\Control Panel\International\Geo\Nation	dotnet.exe
Key value queried	\REGISTRY\USER\S-1-5-21-2503671516-4119152987-701077851-1000\Control Panel\International\Geo\Nation	Code.exe
Key value queried	\REGISTRY\USER\S-1-5-21-2503671516-4119152987-701077851-1000\Control Panel\International\Geo\Nation	Code.exe
Key value queried	\REGISTRY\USER\S-1-5-21-2503671516-4119152987-701077851-1000\Control Panel\International\Geo\Nation	Code.exe
Key value queried	\REGISTRY\USER\S-1-5-21-2503671516-4119152987-701077851-1000\Control Panel\International\Geo\Nation	Code.exe
Key value queried	\REGISTRY\USER\S-1-5-21-2503671516-4119152987-701077851-1000\Control Panel\International\Geo\Nation	Microsoft.ServiceHub.Controller.exe
Key value queried	\REGISTRY\USER\S-1-5-21-2503671516-4119152987-701077851-1000\Control Panel\International\Geo\Nation	Microsoft.VisualStudio.Code.ServiceHost.exe
Key value queried	\REGISTRY\USER\S-1-5-21-2503671516-4119152987-701077851-1000\Control Panel\International\Geo\Nation	Microsoft.CodeAnalysis.LanguageServer.exe
Key value queried	\REGISTRY\USER\S-1-5-21-2503671516-4119152987-701077851-1000\Control Panel\International\Geo\Nation	VSCodeUserSetup-x64-1.96.3.tmp
Key value queried	\REGISTRY\USER\S-1-5-21-2503671516-4119152987-701077851-1000\Control Panel\International\Geo\Nation	Code.exe
Key value queried	\REGISTRY\USER\S-1-5-21-2503671516-4119152987-701077851-1000\Control Panel\International\Geo\Nation	Microsoft.VisualStudio.Reliability.Monitor.exe
Key value queried	\REGISTRY\USER\S-1-5-21-2503671516-4119152987-701077851-1000\Control Panel\International\Geo\Nation	Microsoft.VisualStudio.Code.ServiceHost.exe
Key value queried	\REGISTRY\USER\S-1-5-21-2503671516-4119152987-701077851-1000\Control Panel\International\Geo\Nation	Code.exe
Key value queried	\REGISTRY\USER\S-1-5-21-2503671516-4119152987-701077851-1000\Control Panel\International\Geo\Nation	Code.exe
Key value queried	\REGISTRY\USER\S-1-5-21-2503671516-4119152987-701077851-1000\Control Panel\International\Geo\Nation	Code.exe
Key value queried	\REGISTRY\USER\S-1-5-21-2503671516-4119152987-701077851-1000\Control Panel\International\Geo\Nation	Code.exe
Key value queried	\REGISTRY\USER\S-1-5-21-2503671516-4119152987-701077851-1000\Control Panel\International\Geo\Nation	Code.exe
Key value queried	\REGISTRY\USER\S-1-5-21-2503671516-4119152987-701077851-1000\Control Panel\International\Geo\Nation	Microsoft.VisualStudio.Code.Server.exe
Key value queried	\REGISTRY\USER\S-1-5-21-2503671516-4119152987-701077851-1000\Control Panel\International\Geo\Nation	dotnet.exe
Key value queried	\REGISTRY\USER\S-1-5-21-2503671516-4119152987-701077851-1000\Control Panel\International\Geo\Nation	Code.exe
Key value queried	\REGISTRY\USER\S-1-5-21-2503671516-4119152987-701077851-1000\Control Panel\International\Geo\Nation	Code.exe
Key value queried	\REGISTRY\USER\S-1-5-21-2503671516-4119152987-701077851-1000\Control Panel\International\Geo\Nation	Code.exe
Key value queried	\REGISTRY\USER\S-1-5-21-2503671516-4119152987-701077851-1000\Control Panel\International\Geo\Nation	dotnet.exe
Key value queried	\REGISTRY\USER\S-1-5-21-2503671516-4119152987-701077851-1000\Control Panel\International\Geo\Nation	dotnet-sdk-9.0.102-win-x64.exe
Key value queried	\REGISTRY\USER\S-1-5-21-2503671516-4119152987-701077851-1000\Control Panel\International\Geo\Nation	Code.exe
Key value queried	\REGISTRY\USER\S-1-5-21-2503671516-4119152987-701077851-1000\Control Panel\International\Geo\Nation	Code.exe
Key value queried	\REGISTRY\USER\S-1-5-21-2503671516-4119152987-701077851-1000\Control Panel\International\Geo\Nation	Code.exe
Key value queried	\REGISTRY\USER\S-1-5-21-2503671516-4119152987-701077851-1000\Control Panel\International\Geo\Nation	Code.exe
Key value queried	\REGISTRY\USER\S-1-5-21-2503671516-4119152987-701077851-1000\Control Panel\International\Geo\Nation	Microsoft.CodeAnalysis.LanguageServer.exe
Key value queried	\REGISTRY\USER\S-1-5-21-2503671516-4119152987-701077851-1000\Control Panel\International\Geo\Nation	Microsoft.VisualStudio.Code.Server.exe
Key value queried	\REGISTRY\USER\S-1-5-21-2503671516-4119152987-701077851-1000\Control Panel\International\Geo\Nation	Microsoft.VisualStudio.Code.ServiceHost.exe
Key value queried	\REGISTRY\USER\S-1-5-21-2503671516-4119152987-701077851-1000\Control Panel\International\Geo\Nation	Code.exe
Key value queried	\REGISTRY\USER\S-1-5-21-2503671516-4119152987-701077851-1000\Control Panel\International\Geo\Nation	Code.exe
Key value queried	\REGISTRY\USER\S-1-5-21-2503671516-4119152987-701077851-1000\Control Panel\International\Geo\Nation	Code.exe

Executes dropped EXE 64 IoCs

pid	Process
4880	VSCodeUserSetup-x64-1.96.3.exe
5916	VSCodeUserSetup-x64-1.96.3.tmp
5364	Code.exe
3268	Code.exe
4012	Code.exe
2120	Code.exe
1760	Code.exe
6028	Code.exe
4332	Code.exe
3856	Code.exe
6276	Code.exe
6252	code-tunnel.exe
7068	Code.exe
6176	vsce-sign.exe
6676	Code.exe
6712	Code.exe
6884	vsce-sign.exe
6988	vsce-sign.exe
3256	vsce-sign.exe
7160	vsce-sign.exe
6568	vsce-sign.exe
4036	vsce-sign.exe
2800	vsce-sign.exe
5348	vsce-sign.exe
7368	vsce-sign.exe
10648	Code.exe
10716	Code.exe
10552	Code.exe
10344	Code.exe
10996	Code.exe
10976	Code.exe
11828	vsce-sign.exe
7680	Code.exe
2148	Code.exe
12244	Code.exe
10700	Code.exe
10720	Code.exe
9868	Microsoft.CodeAnalysis.LanguageServer.exe
1576	Code.exe
10276	Code.exe
11056	Code.exe
9600	Code.exe
7380	Code.exe
8220	Code.exe
8428	Code.exe
6556	Code.exe
11940	Code.exe
8736	Code.exe
11604	Code.exe
3228	code-tunnel.exe
7600	Code.exe
1916	Code.exe
8792	Code.exe
11480	rg.exe
9260	rg.exe
9380	rg.exe
3404	rg.exe
12048	rg.exe
9564	Microsoft.CodeAnalysis.LanguageServer.exe
10612	rg.exe
8800	Code.exe
8608	escape-node-job.exe
7772	Microsoft.VisualStudio.Code.Server.exe
8716	Microsoft.ServiceHub.Controller.exe

Loads dropped DLL 64 IoCs

pid	Process
5364	Code.exe
3268	Code.exe
4012	Code.exe
3268	Code.exe
3268	Code.exe
3268	Code.exe
3268	Code.exe
5364	Code.exe
5364	Code.exe
5364	Code.exe
5364	Code.exe
5364	Code.exe
5364	Code.exe
5364	Code.exe
5364	Code.exe
2120	Code.exe
1760	Code.exe
4332	Code.exe
6028	Code.exe
3856	Code.exe
6028	Code.exe
6276	Code.exe
4332	Code.exe
5364	Code.exe
7068	Code.exe
6676	Code.exe
6712	Code.exe
10648	Code.exe
10648	Code.exe
10716	Code.exe
10552	Code.exe
10344	Code.exe
10996	Code.exe
10976	Code.exe
4332	Code.exe
4332	Code.exe
4332	Code.exe
2148	Code.exe
12244	Code.exe
10700	Code.exe
10720	Code.exe
2148	Code.exe
10700	Code.exe
10700	Code.exe
10700	Code.exe
10700	Code.exe
2148	Code.exe
9868	Microsoft.CodeAnalysis.LanguageServer.exe
9868	Microsoft.CodeAnalysis.LanguageServer.exe
9868	Microsoft.CodeAnalysis.LanguageServer.exe
9868	Microsoft.CodeAnalysis.LanguageServer.exe
9868	Microsoft.CodeAnalysis.LanguageServer.exe
9868	Microsoft.CodeAnalysis.LanguageServer.exe
9868	Microsoft.CodeAnalysis.LanguageServer.exe
9868	Microsoft.CodeAnalysis.LanguageServer.exe
9868	Microsoft.CodeAnalysis.LanguageServer.exe
9868	Microsoft.CodeAnalysis.LanguageServer.exe
9868	Microsoft.CodeAnalysis.LanguageServer.exe
9868	Microsoft.CodeAnalysis.LanguageServer.exe
9868	Microsoft.CodeAnalysis.LanguageServer.exe
9868	Microsoft.CodeAnalysis.LanguageServer.exe
9868	Microsoft.CodeAnalysis.LanguageServer.exe
9868	Microsoft.CodeAnalysis.LanguageServer.exe
9868	Microsoft.CodeAnalysis.LanguageServer.exe

Modifies file permissions 1 TTPs 1 IoCs

File and Directory Permissions Modification

T1222

pid	Process
3268	icacls.exe

Adds Run key to start application 2 TTPs 1 IoCs

persistence

Registry Run Keys / Startup Folder

T1547.001

Modify Registry

T1112

description	ioc	Process
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\RunOnce\{f38c80ed-7c21-42c4-a9d2-58226fd818b3} = "\"C:\\ProgramData\\Package Cache\\{f38c80ed-7c21-42c4-a9d2-58226fd818b3}\\dotnet-sdk-9.0.102-win-x64.exe\" /burn.runonce"	dotnet-sdk-9.0.102-win-x64.exe

Checks installed software on the system 1 TTPs
Looks up Uninstall key entries in the registry to enumerate software on the system.
discovery

Query Registry
T1012

Enumerates connected drives 3 TTPs 23 IoCs

Attempts to read the root path of hard drives other than the default C: drive.

Query Registry

Peripheral Device Discovery

T1120

System Information Discovery

description	ioc	Process
File opened (read-only)	\??\E:	msiexec.exe
File opened (read-only)	\??\I:	msiexec.exe
File opened (read-only)	\??\L:	msiexec.exe
File opened (read-only)	\??\N:	msiexec.exe
File opened (read-only)	\??\Q:	msiexec.exe
File opened (read-only)	\??\B:	msiexec.exe
File opened (read-only)	\??\M:	msiexec.exe
File opened (read-only)	\??\R:	msiexec.exe
File opened (read-only)	\??\S:	msiexec.exe
File opened (read-only)	\??\T:	msiexec.exe
File opened (read-only)	\??\U:	msiexec.exe
File opened (read-only)	\??\Z:	msiexec.exe
File opened (read-only)	\??\A:	msiexec.exe
File opened (read-only)	\??\H:	msiexec.exe
File opened (read-only)	\??\J:	msiexec.exe
File opened (read-only)	\??\K:	msiexec.exe
File opened (read-only)	\??\P:	msiexec.exe
File opened (read-only)	\??\W:	msiexec.exe
File opened (read-only)	\??\G:	msiexec.exe
File opened (read-only)	\??\O:	msiexec.exe
File opened (read-only)	\??\V:	msiexec.exe
File opened (read-only)	\??\X:	msiexec.exe
File opened (read-only)	\??\Y:	msiexec.exe

Legitimate hosting services abused for malware hosting/C2 1 TTPs 5 IoCs

Web Service

T1102

flow	ioc
381	raw.githubusercontent.com
382	raw.githubusercontent.com
383	raw.githubusercontent.com
507	raw.githubusercontent.com
508	raw.githubusercontent.com

Network Service Discovery 1 TTPs 8 IoCs

Attempt to gather information on host's network.

Network Service Discovery

T1046

pid	Process
4936	dotnet.exe
9980	dotnet.exe
5348	vsce-sign.exe
7368	vsce-sign.exe
9868	Microsoft.CodeAnalysis.LanguageServer.exe
9564	Microsoft.CodeAnalysis.LanguageServer.exe
9020	dotnet.exe
9324	Microsoft.CodeAnalysis.LanguageServer.exe

Network Share Discovery 1 TTPs
Attempt to gather information on host network.
discovery

Network Share Discovery
T1135
Detected potential entity reuse from brand MICROSOFT.
phishing microsoft

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File created	C:\Program Files\dotnet\sdk\9.0.102\FSharp\it\FSharp.Core.resources.dll	msiexec.exe
File created	C:\Program Files\dotnet\sdk\9.0.102\cs\NuGet.Credentials.resources.dll	msiexec.exe
File created	C:\Program Files\dotnet\packs\Microsoft.AspNetCore.App.Ref\9.0.1\analyzers\dotnet\cs\Microsoft.AspNetCore.App.CodeFixes.dll	msiexec.exe
File created	C:\Program Files\dotnet\sdk\9.0.102\DotnetTools\dotnet-format\System.Composition.Convention.dll	msiexec.exe
File created	C:\Program Files\dotnet\sdk\9.0.102\Sdks\Microsoft.SourceLink.Common\tools\net\zh-Hant\Microsoft.SourceLink.Common.resources.dll	msiexec.exe
File created	C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App\9.0.1\fr\PresentationFramework.resources.dll	msiexec.exe
File created	C:\Program Files\dotnet\sdk\9.0.102\Sdks\Microsoft.NET.Sdk\analyzers\build\config\analysislevelinteroperability_5_all_warnaserror.globalconfig	msiexec.exe
File created	C:\Program Files\dotnet\sdk\9.0.102\Containers\tasks\net472\ja\Microsoft.NET.Build.Containers.resources.dll	msiexec.exe
File created	C:\Program Files\dotnet\sdk\9.0.102\Sdks\Microsoft.NET.Sdk\analyzers\build\config\analysislevelnaming_5_all.globalconfig	msiexec.exe
File created	C:\Program Files\dotnet\sdk\9.0.102\Containers\tasks\net9.0\ko\Microsoft.NET.Build.Containers.resources.dll	msiexec.exe
File created	C:\Program Files\dotnet\sdk\9.0.102\Sdks\Microsoft.NET.Sdk\analyzers\build\config\analysislevelreliability_6_all_warnaserror.globalconfig	msiexec.exe
File created	C:\Program Files\dotnet\packs\Microsoft.NETCore.App.Ref\9.0.1\ref\net9.0\System.IO.FileSystem.AccessControl.xml	msiexec.exe
File created	C:\Program Files\dotnet\packs\NETStandard.Library.Ref\2.1.0\ref\netstandard2.1\System.Buffers.dll	msiexec.exe
File created	C:\Program Files\dotnet\sdk\9.0.102\DotnetTools\dotnet-watch\9.0.102-servicing.24611.3\tools\net9.0\any\Microsoft.CodeAnalysis.Elfie.dll	msiexec.exe
File created	C:\Program Files\dotnet\sdk\9.0.102\Sdks\Microsoft.SourceLink.GitHub\tools\netframework\it\Microsoft.SourceLink.GitHub.resources.dll	msiexec.exe
File created	C:\Program Files\dotnet\sdk\9.0.102\ja\NuGet.DependencyResolver.Core.resources.dll	msiexec.exe
File created	C:\Program Files\dotnet\shared\Microsoft.AspNetCore.App\9.0.1\Microsoft.AspNetCore.Http.dll	msiexec.exe
File created	C:\Program Files\dotnet\packs\Microsoft.NETCore.App.Ref\9.0.1\ref\net9.0\System.Text.Encoding.dll	msiexec.exe
File created	C:\Program Files\dotnet\packs\NETStandard.Library.Ref\2.1.0\ref\netstandard2.1\System.Threading.Thread.dll	msiexec.exe
File created	C:\Program Files\dotnet\sdk\9.0.102\de\Microsoft.TestPlatform.CoreUtilities.resources.dll	msiexec.exe
File created	C:\Program Files\dotnet\packs\Microsoft.AspNetCore.App.Ref\9.0.1\ref\net9.0\Microsoft.Extensions.Http.dll	msiexec.exe
File created	C:\Program Files\dotnet\sdk\9.0.102\Containers\containerize\tr\System.CommandLine.resources.dll	msiexec.exe
File created	C:\Program Files\dotnet\sdk\9.0.102\Sdks\Microsoft.SourceLink.Bitbucket.Git\tools\net\it\Microsoft.SourceLink.Bitbucket.Git.resources.dll	msiexec.exe
File created	C:\Program Files\dotnet\sdk\9.0.102\DotnetTools\dotnet-format\System.Security.Cryptography.Xml.dll	msiexec.exe
File created	C:\Program Files\dotnet\sdk\9.0.102\Sdks\Microsoft.NET.Sdk\analyzers\build\config\analysislevelperformance_10_all.globalconfig	msiexec.exe
File created	C:\Program Files\dotnet\packs\Microsoft.NETCore.App.Ref\9.0.1\ref\net9.0\System.Runtime.Serialization.Xml.xml	msiexec.exe
File created	C:\Program Files\dotnet\packs\Microsoft.WindowsDesktop.App.Ref\9.0.1\ref\net9.0\System.Windows.Forms.Primitives.xml	msiexec.exe
File created	C:\Program Files\dotnet\sdk\9.0.102\Sdks\Microsoft.NET.Sdk\analyzers\build\config\analysislevelperformance_8_default_warnaserror.globalconfig	msiexec.exe
File created	C:\Program Files\dotnet\sdk\9.0.102\DotnetTools\dotnet-format\pt-BR\Microsoft.CodeAnalysis.CSharp.resources.dll	msiexec.exe
File created	C:\Program Files\dotnet\sdk\9.0.102\DotnetTools\dotnet-watch\9.0.102-servicing.24611.3\tools\net9.0\any\BuildHost-net472\System.Threading.Tasks.Extensions.dll	msiexec.exe
File created	C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App\9.0.1\zh-Hans\Microsoft.VisualBasic.Forms.resources.dll	msiexec.exe
File created	C:\Program Files\dotnet\packs\Microsoft.AspNetCore.App.Ref\9.0.1\ref\net9.0\Microsoft.AspNetCore.Mvc.ViewFeatures.dll	msiexec.exe
File created	C:\Program Files\dotnet\sdk\9.0.102\FSharp\System.Security.Cryptography.Xml.dll	msiexec.exe
File created	C:\Program Files\dotnet\shared\Microsoft.NETCore.App\9.0.1\clrgc.dll	msiexec.exe
File created	C:\Program Files\dotnet\packs\Microsoft.AspNetCore.App.Ref\9.0.1\analyzers\dotnet\roslyn4.4\cs\tr\Microsoft.Extensions.Options.SourceGeneration.resources.dll	msiexec.exe
File created	C:\Program Files\dotnet\sdk\9.0.102\Sdks\Microsoft.NET.Sdk\tools\net9.0\fr\Microsoft.DotNet.ApiCompat.Task.resources.dll	msiexec.exe
File created	C:\Program Files\dotnet\sdk\9.0.102\Containers\tasks\net9.0\Microsoft.NET.Build.Containers.deps.json	msiexec.exe
File created	C:\Program Files\dotnet\sdk\9.0.102\es\Microsoft.DotNet.Cli.Sln.Internal.resources.dll	msiexec.exe
File created	C:\Program Files\dotnet\shared\Microsoft.NETCore.App\9.0.1\System.Buffers.dll	msiexec.exe
File created	C:\Program Files\dotnet\packs\Microsoft.NETCore.App.Ref\9.0.1\analyzers\dotnet\cs\pt-BR\System.Text.Json.SourceGeneration.resources.dll	msiexec.exe
File created	C:\Program Files\dotnet\sdk\9.0.102\TestHostNetFramework\pt-BR\Microsoft.TestPlatform.CoreUtilities.resources.dll	msiexec.exe
File created	C:\Program Files\dotnet\sdk\9.0.102\Sdks\Microsoft.NET.Sdk.Publish\targets\PublishTargets\Microsoft.NET.Sdk.Publish.Kudu.targets	msiexec.exe
File created	C:\Program Files\dotnet\sdk\9.0.102\Sdks\Microsoft.Build.Tasks.Git\tools\net\zh-Hans\Microsoft.Build.Tasks.Git.resources.dll	msiexec.exe
File created	C:\Program Files\dotnet\sdk\9.0.102\Sdks\Microsoft.SourceLink.AzureRepos.Git\tools\net\fr\Microsoft.SourceLink.AzureRepos.Git.resources.dll	msiexec.exe
File created	C:\Program Files\dotnet\packs\Microsoft.NETCore.App.Ref\9.0.1\ref\net9.0\System.Diagnostics.Tools.dll	msiexec.exe
File created	C:\Program Files\dotnet\packs\Microsoft.NETCore.App.Ref\9.0.1\ref\net9.0\System.Net.Mail.xml	msiexec.exe
File created	C:\Program Files\dotnet\sdk\9.0.102\Microsoft\Microsoft.NET.Build.Extensions\net461\lib\System.Xml.XDocument.dll	msiexec.exe
File created	C:\Program Files\dotnet\shared\Microsoft.AspNetCore.App\9.0.1\THIRD-PARTY-NOTICES.txt	msiexec.exe
File created	C:\Program Files\dotnet\packs\Microsoft.AspNetCore.App.Ref\9.0.1\ref\net9.0\Microsoft.AspNetCore.Authentication.Abstractions.dll	msiexec.exe
File created	C:\Program Files\dotnet\sdk\9.0.102\Sdks\Microsoft.SourceLink.Bitbucket.Git\tools\netframework\es\Microsoft.SourceLink.Bitbucket.Git.resources.dll	msiexec.exe
File created	C:\Program Files\dotnet\sdk\9.0.102\Sdks\Microsoft.NET.Sdk\analyzers\build\config\analysislevelinteroperability_5_minimum_warnaserror.globalconfig	msiexec.exe
File created	C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App\9.0.1\pl\System.Windows.Input.Manipulations.resources.dll	msiexec.exe
File created	C:\Program Files\dotnet\sdk\9.0.102\FSharp\runtimes\win\lib\net9.0\System.Diagnostics.EventLog.Messages.dll	msiexec.exe
File created	C:\Program Files\dotnet\sdk\9.0.102\DotnetTools\dotnet-watch\9.0.102-servicing.24611.3\tools\net9.0\any\zh-Hans\Microsoft.CodeAnalysis.Workspaces.resources.dll	msiexec.exe
File created	C:\Program Files\dotnet\sdk\9.0.102\Sdks\Microsoft.NET.Sdk\analyzers\pt-BR\Microsoft.CodeAnalysis.NetAnalyzers.resources.dll	msiexec.exe
File created	C:\Program Files\dotnet\sdk\9.0.102\DotnetTools\dotnet-format\zh-Hans\dotnet-format.resources.dll	msiexec.exe
File created	C:\Program Files\dotnet\packs\Microsoft.NETCore.App.Ref\9.0.1\ref\net9.0\System.Net.Requests.dll	msiexec.exe
File created	C:\Program Files\dotnet\packs\Microsoft.NETCore.App.Ref\9.0.1\ref\net9.0\System.Security.SecureString.dll	msiexec.exe
File created	C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App\9.0.1\zh-Hant\PresentationUI.resources.dll	msiexec.exe
File created	C:\Program Files\dotnet\shared\Microsoft.AspNetCore.App\9.0.1\Microsoft.Extensions.Caching.Abstractions.dll	msiexec.exe
File created	C:\Program Files\dotnet\sdk\9.0.102\Sdks\Microsoft.NET.Sdk\analyzers\build\config\analysislevelglobalization_8_recommended_warnaserror.globalconfig	msiexec.exe
File created	C:\Program Files\dotnet\sdk\9.0.102\fr\Microsoft.TestPlatform.CommunicationUtilities.resources.dll	msiexec.exe
File created	C:\Program Files\dotnet\sdk\9.0.102\Sdks\Microsoft.NET.Sdk\analyzers\build\config\analysislevelnaming_10_none.globalconfig	msiexec.exe
File created	C:\Program Files\dotnet\packs\Microsoft.WindowsDesktop.App.Ref\9.0.1\ref\net9.0\System.Windows.Input.Manipulations.dll	msiexec.exe

Drops file in Windows directory 64 IoCs

description	ioc	Process
File created	C:\Windows\Installer\e5f95ea.msi	msiexec.exe
File created	C:\Windows\Installer\e5f960c.msi	msiexec.exe
File created	C:\Windows\Installer\SourceHash{ED4843DF-A375-4522-AAC8-81456F595023}	msiexec.exe
File opened for modification	C:\Windows\Installer\MSIDC69.tmp	msiexec.exe
File created	C:\Windows\Installer\inprogressinstallinfo.ipi	msiexec.exe
File created	C:\Windows\Installer\e5f95c2.msi	msiexec.exe
File created	C:\Windows\Installer\SourceHash{A7036CFB-B403-4598-85FF-D397ABB88173}	msiexec.exe
File created	C:\Windows\Installer\SourceHash{736FFE9E-6571-4059-B73D-F97F07E9F98D}	msiexec.exe
File opened for modification	C:\Windows\Installer\MSID03E.tmp	msiexec.exe
File created	C:\Windows\Installer\e5f9612.msi	msiexec.exe
File opened for modification	C:\Windows\Installer\e5f962b.msi	msiexec.exe
File opened for modification	C:\Windows\SystemTemp	Code.exe
File created	C:\Windows\Installer\e5f95c1.msi	msiexec.exe
File opened for modification	C:\Windows\Installer\MSIAFF2.tmp	msiexec.exe
File created	C:\Windows\Installer\e5f9616.msi	msiexec.exe
File created	C:\Windows\Installer\SourceHash{3147923D-653F-4494-8FDC-3738E733EDB3}	msiexec.exe
File created	C:\Windows\Installer\e5f9626.msi	msiexec.exe
File opened for modification	C:\Windows\Installer\e5f95bb.msi	msiexec.exe
File created	C:\Windows\Installer\e5f95e5.msi	msiexec.exe
File opened for modification	C:\Windows\Installer\e5f95ea.msi	msiexec.exe
File created	C:\Windows\Installer\e5f95fd.msi	msiexec.exe
File opened for modification	C:\Windows\Installer\e5f95fe.msi	msiexec.exe
File opened for modification	C:\Windows\Installer\e5f9630.msi	msiexec.exe
File opened for modification	C:\Windows\Installer\e5f9635.msi	msiexec.exe
File opened for modification	C:\Windows\Installer\e5f95d6.msi	msiexec.exe
File created	C:\Windows\Installer\e5f95db.msi	msiexec.exe
File created	C:\Windows\Installer\SourceHash{76737228-5B3F-4431-9C02-BC3C1B25198B}	msiexec.exe
File opened for modification	C:\Windows\Installer\MSIC4CC.tmp	msiexec.exe
File created	C:\Windows\Installer\SourceHash{3BF99384-85F0-49DC-A595-3B5785EB053D}	msiexec.exe
File opened for modification	C:\Windows\SystemTemp	Code.exe
File opened for modification	C:\Windows\Installer\$PatchCache$\Managed\63337BB296F4141479799EDBF63E89A0\64.8.8795	msiexec.exe
File opened for modification	C:\Windows\Installer\e5f95d1.msi	msiexec.exe
File created	C:\Windows\Installer\SourceHash{D495A8C6-191D-4CE2-91B3-05AC7A46052F}	msiexec.exe
File created	C:\Windows\Installer\e5f960d.msi	msiexec.exe
File opened for modification	C:\Windows\Installer\MSIEAC8.tmp	msiexec.exe
File opened for modification	C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.log	msiexec.exe
File created	C:\Windows\Installer\$PatchCache$\Managed\63337BB296F4141479799EDBF63E89A0\64.8.8795\fileCoreHostExe	msiexec.exe
File created	C:\Windows\Installer\e5f95e9.msi	msiexec.exe
File opened for modification	C:\Windows\Installer\MSIBFE8.tmp	msiexec.exe
File opened for modification	C:\Windows\SystemTemp	Code.exe
File opened for modification	C:\Windows\Installer\MSI9DD1.tmp	msiexec.exe
File created	C:\Windows\Installer\e5f95bb.msi	msiexec.exe
File opened for modification	C:\Windows\Installer\MSIB4D8.tmp	msiexec.exe
File created	C:\Windows\Installer\SourceHash{99053FAE-3A7C-381D-948A-6F614864781D}	msiexec.exe
File opened for modification	C:\Windows\Installer\MSID390.tmp	msiexec.exe
File created	C:\Windows\Installer\SourceHash{332C3F8D-8B59-3ED7-86F4-F052497D83A1}	msiexec.exe
File opened for modification	C:\Windows\Installer\MSIADBD.tmp	msiexec.exe
File opened for modification	C:\Windows\Installer\MSIAF36.tmp	msiexec.exe
File opened for modification	C:\Windows\Installer\MSIC579.tmp	msiexec.exe
File opened for modification	C:\Windows\Installer\MSID169.tmp	msiexec.exe
File opened for modification	C:\Windows\Installer\MSIDE12.tmp	msiexec.exe
File opened for modification	C:\Windows\Installer\MSIA1AE.tmp	msiexec.exe
File opened for modification	C:\Windows\Installer\$PatchCache$\Managed\63337BB296F4141479799EDBF63E89A0\64.8.8795\fileCoreHostExe	msiexec.exe
File opened for modification	C:\Windows\Installer\MSIABE5.tmp	msiexec.exe
File opened for modification	C:\Windows\Installer\e5f95c7.msi	msiexec.exe
File created	C:\Windows\Installer\e5f95d5.msi	msiexec.exe
File opened for modification	C:\Windows\Installer\MSID908.tmp	msiexec.exe
File opened for modification	C:\Windows\Installer\e5f9617.msi	msiexec.exe
File opened for modification	C:\Windows\Installer\MSIA110.tmp	msiexec.exe
File opened for modification	C:\Windows\Installer\MSID341.tmp	msiexec.exe
File created	C:\Windows\Installer\e5f9607.msi	msiexec.exe
File opened for modification	C:\Windows\Installer\MSICF13.tmp	msiexec.exe
File created	C:\Windows\Installer\e5f963f.msi	msiexec.exe
File created	C:\Windows\Installer\SourceHash{ABB11EA1-8B33-4442-BF21-1CBFC3607489}	msiexec.exe

Subvert Trust Controls: Mark-of-the-Web Bypass 1 TTPs 1 IoCs

When files are downloaded from the Internet, they are tagged with a hidden NTFS Alternate Data Stream (ADS) named Zone.Identifier with a specific value known as the MOTW.

defense_evasion

SIP and Trust Provider Hijacking

T1553.003

description	ioc	Process
File created	C:\Users\Admin\Downloads\VSCodeUserSetup-x64-1.96.3.exe:Zone.Identifier	firefox.exe

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Command and Scripting Interpreter: PowerShell 1 TTPs 8 IoCs

Using powershell.exe command.

execution

PowerShell

T1059.001

pid	Process
10984	powershell.exe
1404	powershell.exe
9316	powershell.exe
10376	powershell.exe
1724	powershell.exe
4944	powershell.exe
12228	powershell.exe
10484	powershell.exe

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

System Location Discovery: System Language Discovery 1 TTPs 41 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	MsiExec.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	MsiExec.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	MsiExec.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	MsiExec.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	MsiExec.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	powershell.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\Nls\Language	Microsoft.CodeAnalysis.LanguageServer.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\Nls\Language	Microsoft.VisualStudio.Code.Server.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	MsiExec.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	MsiExec.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	MsiExec.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	VSCodeUserSetup-x64-1.96.3.tmp
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\Nls\Language	Microsoft.CodeAnalysis.LanguageServer.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	MsiExec.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	MsiExec.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	MsiExec.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\Nls\Language	Microsoft.VisualStudio.Code.Server.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	dotnet-sdk-9.0.102-win-x64.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	dotnet-sdk-9.0.102-win-x64.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	MsiExec.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	MsiExec.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	MsiExec.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	MsiExec.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	MsiExec.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\Nls\Language	Microsoft.CodeAnalysis.LanguageServer.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	MsiExec.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	MsiExec.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	MsiExec.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	VSCodeUserSetup-x64-1.96.3.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	MsiExec.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	MsiExec.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	MsiExec.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	MsiExec.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	MsiExec.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	MsiExec.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	dotnet-sdk-9.0.102-win-x64.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	MsiExec.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	MsiExec.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	MsiExec.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	MsiExec.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	MsiExec.exe

System Time Discovery 1 TTPs 64 IoCs

Adversary may gather the system time and/or time zone settings from a local or remote system.

System Time Discovery

T1124

pid	Process
10484	cmd.exe
8888	cmd.exe
8972	dotnet.exe
6660	dotnet.exe
9024	dotnet.exe
7872	cmd.exe
11008	dotnet.exe
7340	cmd.exe
6472	cmd.exe
4528	dotnet.exe
8780	dotnet.exe
5676	dotnet.exe
9688	cmd.exe
6324	Microsoft.VisualStudio.Code.ServiceHost.exe
8188	Microsoft.CodeAnalysis.LanguageServer.exe
9744	cmd.exe
9544	cmd.exe
9996	cmd.exe
6184	dotnet.exe
8172	cmd.exe
1556	dotnet.exe
1712	dotnet.exe
7576	dotnet.exe
10732	dotnet.exe
8676	cmd.exe
11212	dotnet.exe
4352	cmd.exe
10820	Microsoft.CodeAnalysis.Workspaces.MSBuild.BuildHost.exe
7624	cmd.exe
10452	cmd.exe
1404	powershell.exe
8636	cmd.exe
9428	cmd.exe
9932	dotnet.exe
11912	cmd.exe
9612	dotnet.exe
9084	dotnet.exe
8176	cmd.exe
7248	dotnet.exe
4440	cmd.exe
5328	dotnet.exe
6308	dotnet.exe
2052	cmd.exe
8560	cmd.exe
5680	dotnet.exe
2856	dotnet.exe
9456	Microsoft.VisualStudio.Code.ServiceHost.exe
7972	cmd.exe
9024	dotnet.exe
12024	dotnet.exe
10484	powershell.exe
6816	cmd.exe
3916	cmd.exe
11180	cmd.exe
11012	dotnet.exe
1112	dotnet.exe
8980	cmd.exe
8432	cmd.exe
8508	dotnet.exe
7912	dotnet.exe
10180	cmd.exe
7460	dotnet.exe
7516	cmd.exe
6176	vsce-sign.exe

Checks processor information in registry 2 TTPs 46 IoCs

Processor information is often read in order to detect sandboxing environments.

Query Registry

System Information Discovery

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString	Microsoft.CodeAnalysis.LanguageServer.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\1\ProcessorNameString	Code.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz	Microsoft.CodeAnalysis.LanguageServer.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString	Code.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0	Microsoft.VisualStudio.Code.Server.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\1\~MHz	Code.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString	Microsoft.VisualStudio.Code.Server.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\1\~MHz	Code.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz	Microsoft.VisualStudio.Code.Server.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0	Microsoft.CodeAnalysis.LanguageServer.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0	Microsoft.VisualStudio.Code.Server.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\2	Code.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0	firefox.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0	Code.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz	Code.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString	Code.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\1	Code.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\1\~MHz	Code.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0	Microsoft.CodeAnalysis.LanguageServer.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz	Code.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString	Microsoft.CodeAnalysis.LanguageServer.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz	firefox.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\1	Code.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString	Microsoft.CodeAnalysis.LanguageServer.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz	firefox.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0	Code.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz	Code.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\1	Code.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\2	Code.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString	Code.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz	Microsoft.VisualStudio.Code.Server.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\1\ProcessorNameString	Code.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0	Microsoft.CodeAnalysis.LanguageServer.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString	Microsoft.VisualStudio.Code.Server.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0	Code.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\1\ProcessorNameString	Code.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\2	Code.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz	Microsoft.CodeAnalysis.LanguageServer.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz	Microsoft.CodeAnalysis.LanguageServer.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz	firefox.exe

Enumerates system info in registry 2 TTPs 9 IoCs

Query Registry

System Information Discovery

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Kills process with taskkill 64 IoCs

evasion

pid	Process
2632	taskkill.exe
5328	taskkill.exe
8256	taskkill.exe
11040	taskkill.exe
12020	taskkill.exe
8520	taskkill.exe
8104	taskkill.exe
11936	taskkill.exe
8328	taskkill.exe
10708	taskkill.exe
11216	taskkill.exe
6968	taskkill.exe
7408	taskkill.exe
8464	taskkill.exe
10460	taskkill.exe
12060	taskkill.exe
11152	taskkill.exe
7484	taskkill.exe
2836	taskkill.exe
10208	taskkill.exe
6504	taskkill.exe
10452	taskkill.exe
8664	taskkill.exe
11340	taskkill.exe
9852	taskkill.exe
7252	taskkill.exe
8864	taskkill.exe
12056	taskkill.exe
9520	taskkill.exe
8688	taskkill.exe
10112	taskkill.exe
6616	taskkill.exe
8368	taskkill.exe
11920	taskkill.exe
10232	taskkill.exe
11036	taskkill.exe
6460	taskkill.exe
6936	taskkill.exe
8280	taskkill.exe
6932	taskkill.exe
10452	taskkill.exe
11224	taskkill.exe
9748	taskkill.exe
10220	taskkill.exe
11028	taskkill.exe
10148	taskkill.exe
9780	taskkill.exe
9992	taskkill.exe
5280	taskkill.exe
7532	taskkill.exe
5576	taskkill.exe
6220	taskkill.exe
7284	taskkill.exe
6840	taskkill.exe
10968	taskkill.exe
11732	taskkill.exe
1476	taskkill.exe
10492	taskkill.exe
10788	taskkill.exe
5720	taskkill.exe
6912	taskkill.exe
9932	taskkill.exe
6820	taskkill.exe
6920	taskkill.exe

Modifies data under HKEY_USERS 62 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\29	msiexec.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\2f	msiexec.exe
Key deleted	\REGISTRY\USER\.DEFAULT\SOFTWARE\CLASSES\LOCAL SETTINGS\MUICACHE\36	msiexec.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\39	msiexec.exe
Key deleted	\REGISTRY\USER\.DEFAULT\SOFTWARE\CLASSES\LOCAL SETTINGS\MUICACHE\3C	msiexec.exe
Key deleted	\REGISTRY\USER\.DEFAULT\SOFTWARE\CLASSES\LOCAL SETTINGS\MUICACHE\3F	msiexec.exe
Key deleted	\REGISTRY\USER\.DEFAULT\SOFTWARE\CLASSES\LOCAL SETTINGS\MUICACHE\30	msiexec.exe
Key deleted	\REGISTRY\USER\.DEFAULT\SOFTWARE\CLASSES\LOCAL SETTINGS\MUICACHE\37	msiexec.exe
Key created	\REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\DeveloperTools	dotnet.exe
Set value (str)	\REGISTRY\USER\.DEFAULT\Software\Microsoft\DeveloperTools\deviceid = "d2d8b80b-f0ac-4267-aca1-884ebb137652"	dotnet.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\27	msiexec.exe
Key deleted	\REGISTRY\USER\.DEFAULT\SOFTWARE\CLASSES\LOCAL SETTINGS\MUICACHE\39	msiexec.exe
Key deleted	\REGISTRY\USER\.DEFAULT\SOFTWARE\CLASSES\LOCAL SETTINGS\MUICACHE\42	msiexec.exe
Key deleted	\REGISTRY\USER\.DEFAULT\SOFTWARE\CLASSES\LOCAL SETTINGS\MUICACHE\2D	msiexec.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\31	msiexec.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\43	msiexec.exe
Key deleted	\REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\26	msiexec.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\2c	msiexec.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\2d	msiexec.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\32	msiexec.exe
Key deleted	\REGISTRY\USER\.DEFAULT\SOFTWARE\CLASSES\LOCAL SETTINGS\MUICACHE\33	msiexec.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\37	msiexec.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\38	msiexec.exe
Key deleted	\REGISTRY\USER\.DEFAULT\SOFTWARE\CLASSES\LOCAL SETTINGS\MUICACHE\27	msiexec.exe
Key deleted	\REGISTRY\USER\.DEFAULT\SOFTWARE\CLASSES\LOCAL SETTINGS\MUICACHE\2A	msiexec.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\3c	msiexec.exe
Key deleted	\REGISTRY\USER\.DEFAULT\SOFTWARE\CLASSES\LOCAL SETTINGS\MUICACHE\2E	msiexec.exe
Key deleted	\REGISTRY\USER\.DEFAULT\SOFTWARE\CLASSES\LOCAL SETTINGS\MUICACHE\32	msiexec.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\36	msiexec.exe
Key deleted	\REGISTRY\USER\.DEFAULT\SOFTWARE\CLASSES\LOCAL SETTINGS\MUICACHE\3D	msiexec.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\42	msiexec.exe
Key deleted	\REGISTRY\USER\.DEFAULT\SOFTWARE\CLASSES\LOCAL SETTINGS\MUICACHE\28	msiexec.exe
Key deleted	\REGISTRY\USER\.DEFAULT\SOFTWARE\CLASSES\LOCAL SETTINGS\MUICACHE\29	msiexec.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\2e	msiexec.exe
Key deleted	\REGISTRY\USER\.DEFAULT\SOFTWARE\CLASSES\LOCAL SETTINGS\MUICACHE\2F	msiexec.exe
Key deleted	\REGISTRY\USER\.DEFAULT\SOFTWARE\CLASSES\LOCAL SETTINGS\MUICACHE\40	msiexec.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\30	msiexec.exe
Key deleted	\REGISTRY\USER\.DEFAULT\SOFTWARE\CLASSES\LOCAL SETTINGS\MUICACHE\3E	msiexec.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\3e	msiexec.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\35	msiexec.exe
Key deleted	\REGISTRY\USER\.DEFAULT\SOFTWARE\CLASSES\LOCAL SETTINGS\MUICACHE\3B	msiexec.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\41	msiexec.exe
Key deleted	\REGISTRY\USER\.DEFAULT\SOFTWARE\CLASSES\LOCAL SETTINGS\MUICACHE\41\52C64B7E	msiexec.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\3a	msiexec.exe
Key deleted	\REGISTRY\USER\.DEFAULT\SOFTWARE\CLASSES\LOCAL SETTINGS\MUICACHE\3A	msiexec.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\3b	msiexec.exe
Key deleted	\REGISTRY\USER\.DEFAULT\SOFTWARE\CLASSES\LOCAL SETTINGS\MUICACHE\2B	msiexec.exe
Key deleted	\REGISTRY\USER\.DEFAULT\SOFTWARE\CLASSES\LOCAL SETTINGS\MUICACHE\2C	msiexec.exe
Key deleted	\REGISTRY\USER\.DEFAULT\SOFTWARE\CLASSES\LOCAL SETTINGS\MUICACHE\31	msiexec.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\33	msiexec.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\3d	msiexec.exe
Key deleted	\REGISTRY\USER\.DEFAULT\SOFTWARE\CLASSES\LOCAL SETTINGS\MUICACHE\26\52C64B7E	msiexec.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\2b	msiexec.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\34	msiexec.exe
Key deleted	\REGISTRY\USER\.DEFAULT\SOFTWARE\CLASSES\LOCAL SETTINGS\MUICACHE\35	msiexec.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\3f	msiexec.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\40	msiexec.exe
Key deleted	\REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\41	msiexec.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\28	msiexec.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\2a	msiexec.exe
Key deleted	\REGISTRY\USER\.DEFAULT\SOFTWARE\CLASSES\LOCAL SETTINGS\MUICACHE\34	msiexec.exe
Key deleted	\REGISTRY\USER\.DEFAULT\SOFTWARE\CLASSES\LOCAL SETTINGS\MUICACHE\38	msiexec.exe

Modifies registry class 64 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-2503671516-4119152987-701077851-1000_Classes\.wxi\OpenWithProgids	VSCodeUserSetup-x64-1.96.3.tmp
Set value (str)	\REGISTRY\USER\S-1-5-21-2503671516-4119152987-701077851-1000_Classes\Applications\Code.exe\shell\open\Icon = "\"C:\\Users\\Admin\\AppData\\Local\\Programs\\Microsoft VS Code\\Code.exe\""	VSCodeUserSetup-x64-1.96.3.tmp
Set value (int)	\REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\BFC6307A304B895458FF3D79BA8B1837\Version = "402681297"	msiexec.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\E9EFF637175695047BD39FF7709E9FD8\SourceList\Media	msiexec.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\65EB95FC413B71B43B2CB8177986D165\SourceList\PackageName = "250dac7f9982e125eb665370a4d2d401-x64.msi"	msiexec.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2503671516-4119152987-701077851-1000_Classes\.diff\OpenWithProgids\VSCode.diff	VSCodeUserSetup-x64-1.96.3.tmp
Set value (str)	\REGISTRY\USER\S-1-5-21-2503671516-4119152987-701077851-1000_Classes\VSCode.mdoc\DefaultIcon\ = "C:\\Users\\Admin\\AppData\\Local\\Programs\\Microsoft VS Code\\resources\\app\\resources\\win32\\markdown.ico"	VSCodeUserSetup-x64-1.96.3.tmp
Key created	\REGISTRY\USER\S-1-5-21-2503671516-4119152987-701077851-1000_Classes\.pyi\OpenWithProgids	VSCodeUserSetup-x64-1.96.3.tmp
Set value (str)	\REGISTRY\USER\S-1-5-21-2503671516-4119152987-701077851-1000_Classes\VSCode.pyi\AppUserModelID = "Microsoft.VisualStudioCode"	VSCodeUserSetup-x64-1.96.3.tmp
Key created	\REGISTRY\USER\S-1-5-21-2503671516-4119152987-701077851-1000_Classes\VSCode.rs\shell\open	VSCodeUserSetup-x64-1.96.3.tmp
Key created	\REGISTRY\USER\S-1-5-21-2503671516-4119152987-701077851-1000_Classes\.svgz\OpenWithProgids	VSCodeUserSetup-x64-1.96.3.tmp
Set value (str)	\REGISTRY\USER\S-1-5-21-2503671516-4119152987-701077851-1000_Classes\Directory\Background\shell\VSCode\command\ = "\"C:\\Users\\Admin\\AppData\\Local\\Programs\\Microsoft VS Code\\Code.exe\" \"%V\""	VSCodeUserSetup-x64-1.96.3.tmp
Set value (str)	\REGISTRY\USER\S-1-5-21-2503671516-4119152987-701077851-1000_Classes\.fsscript\OpenWithProgids\VSCode.fsscript	VSCodeUserSetup-x64-1.96.3.tmp
Key created	\REGISTRY\USER\S-1-5-21-2503671516-4119152987-701077851-1000_Classes\.less	VSCodeUserSetup-x64-1.96.3.tmp
Key created	\REGISTRY\USER\S-1-5-21-2503671516-4119152987-701077851-1000_Classes\VSCode.ps1\shell\open\command	VSCodeUserSetup-x64-1.96.3.tmp
Set value (int)	\REGISTRY\USER\S-1-5-21-2503671516-4119152987-701077851-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\3\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\LogicalViewMode = "1"	Code.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Features\D8F3C23395B87DE3684F0F2594D7381A\FT_DepProvider	msiexec.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2503671516-4119152987-701077851-1000_Classes\VSCode.aspx\shell\open\Icon = "\"C:\\Users\\Admin\\AppData\\Local\\Programs\\Microsoft VS Code\\Code.exe\""	VSCodeUserSetup-x64-1.96.3.tmp
Set value (str)	\REGISTRY\USER\S-1-5-21-2503671516-4119152987-701077851-1000_Classes\VSCode.containerfile\shell\open\command\ = "\"C:\\Users\\Admin\\AppData\\Local\\Programs\\Microsoft VS Code\\Code.exe\" \"%1\""	VSCodeUserSetup-x64-1.96.3.tmp
Key created	\REGISTRY\USER\S-1-5-21-2503671516-4119152987-701077851-1000_Classes\VSCode.handlebars\shell\open\command	VSCodeUserSetup-x64-1.96.3.tmp
Key created	\REGISTRY\USER\S-1-5-21-2503671516-4119152987-701077851-1000_Classes\.less\OpenWithProgids	VSCodeUserSetup-x64-1.96.3.tmp
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\0FDA5EBAC1D43BA4596269530B53D71D	msiexec.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\82273767F3B51344C920CBC3B15291B8\SourceList\Net\1 = "C:\\ProgramData\\Package Cache\\{76737228-5B3F-4431-9C02-BC3C1B25198B}v35.0.7\\"	msiexec.exe
Key created	\REGISTRY\USER\S-1-5-21-2503671516-4119152987-701077851-1000_Classes\.pl\OpenWithProgids	VSCodeUserSetup-x64-1.96.3.tmp
Set value (str)	\REGISTRY\USER\S-1-5-21-2503671516-4119152987-701077851-1000_Classes\VSCode.txt\shell\open\Icon = "\"C:\\Users\\Admin\\AppData\\Local\\Programs\\Microsoft VS Code\\Code.exe\""	VSCodeUserSetup-x64-1.96.3.tmp
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\Installer\UpgradeCodes\94D2BECFCD01E073E912E7BC434C612C	msiexec.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2503671516-4119152987-701077851-1000_Classes\VSCode.jshintrc\AppUserModelID = "Microsoft.VisualStudioCode"	VSCodeUserSetup-x64-1.96.3.tmp
Key created	\REGISTRY\USER\S-1-5-21-2503671516-4119152987-701077851-1000_Classes\VSCode.lua\shell\open\command	VSCodeUserSetup-x64-1.96.3.tmp
Key created	\REGISTRY\USER\S-1-5-21-2503671516-4119152987-701077851-1000_Classes\.mkdn	VSCodeUserSetup-x64-1.96.3.tmp
Set value (str)	\REGISTRY\USER\S-1-5-21-2503671516-4119152987-701077851-1000_Classes\VSCode.plist\ = "Properties file Source File"	VSCodeUserSetup-x64-1.96.3.tmp
Key created	\REGISTRY\USER\S-1-5-21-2503671516-4119152987-701077851-1000_Classes\.xhtml	VSCodeUserSetup-x64-1.96.3.tmp
Set value (str)	\REGISTRY\USER\S-1-5-21-2503671516-4119152987-701077851-1000_Classes\VSCode.ascx\ = "ASCX Source File"	VSCodeUserSetup-x64-1.96.3.tmp
Key created	\REGISTRY\USER\S-1-5-21-2503671516-4119152987-701077851-1000_Classes\VSCode.asp\shell\open	VSCodeUserSetup-x64-1.96.3.tmp
Set value (str)	\REGISTRY\USER\S-1-5-21-2503671516-4119152987-701077851-1000_Classes\VSCode.gitconfig\DefaultIcon\ = "C:\\Users\\Admin\\AppData\\Local\\Programs\\Microsoft VS Code\\resources\\app\\resources\\win32\\config.ico"	VSCodeUserSetup-x64-1.96.3.tmp
Key created	\REGISTRY\MACHINE\Software\Classes\Installer\Dependencies\NetCore_Templates_9.0_36.8.53199_x64	dotnet-sdk-9.0.102-win-x64.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Dependencies\Microsoft.NET.Sdk.Aspire,8.0.100,8.2.2,x64\ = "{2E5C5364-621F-4F22-8B81-18524D6F0361}"	msiexec.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\Installer\UpgradeCodes\2974ACF0A7D8B1B35B6B251434DF9DA8	msiexec.exe
Set value (int)	\REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\F6ABEA8F2E626544888227E05FF9EDC0\Language = "1033"	msiexec.exe
Key created	\REGISTRY\USER\S-1-5-21-2503671516-4119152987-701077851-1000_Classes\VSCode.asp\shell\open\command	VSCodeUserSetup-x64-1.96.3.tmp
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Dependencies\Dotnet_CLI_SharedHost_9.0_x64\Version = "72.4.26282"	msiexec.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\57C84C618D24A6E448B5322370251409	msiexec.exe
Key created	\REGISTRY\USER\S-1-5-21-2503671516-4119152987-701077851-1000_Classes\VSCode.bashrc	VSCodeUserSetup-x64-1.96.3.tmp
Set value (str)	\REGISTRY\USER\S-1-5-21-2503671516-4119152987-701077851-1000_Classes\VSCode.json\shell\open\Icon = "\"C:\\Users\\Admin\\AppData\\Local\\Programs\\Microsoft VS Code\\Code.exe\""	VSCodeUserSetup-x64-1.96.3.tmp
Key created	\REGISTRY\USER\S-1-5-21-2503671516-4119152987-701077851-1000_Classes\VSCode.xhtml\DefaultIcon	VSCodeUserSetup-x64-1.96.3.tmp
Set value (int)	\REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\A80DA75CFF3B1A6439C38309B2C797FA\Version = "1207985834"	msiexec.exe
Key created	\REGISTRY\USER\S-1-5-21-2503671516-4119152987-701077851-1000_Classes\.cmake\OpenWithProgids	VSCodeUserSetup-x64-1.96.3.tmp
Key created	\REGISTRY\USER\S-1-5-21-2503671516-4119152987-701077851-1000_Classes\.dockerfile	VSCodeUserSetup-x64-1.96.3.tmp
Key created	\REGISTRY\USER\S-1-5-21-2503671516-4119152987-701077851-1000_Classes\VSCode.hh\DefaultIcon	VSCodeUserSetup-x64-1.96.3.tmp
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\7B72E2FB1B98B5D4D86081EFCF198ABC\SourceList\Net\1 = "C:\\ProgramData\\Package Cache\\{BF2E27B7-89B1-4D5B-8D06-18FEFC91A8CB}v72.4.26276\\"	msiexec.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Features\FD3484DE573A2254AA8C1854F6950532	msiexec.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\A80DA75CFF3B1A6439C38309B2C797FA\SourceList\Media	msiexec.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2503671516-4119152987-701077851-1000_Classes\.c\OpenWithProgids\VSCode.c	VSCodeUserSetup-x64-1.96.3.tmp
Set value (str)	\REGISTRY\USER\S-1-5-21-2503671516-4119152987-701077851-1000_Classes\VSCode.clj\shell\open\command\ = "\"C:\\Users\\Admin\\AppData\\Local\\Programs\\Microsoft VS Code\\Code.exe\" \"%1\""	VSCodeUserSetup-x64-1.96.3.tmp
Key created	\REGISTRY\USER\S-1-5-21-2503671516-4119152987-701077851-1000_Classes\.code-workspace\OpenWithProgids	VSCodeUserSetup-x64-1.96.3.tmp
Set value (str)	\REGISTRY\USER\S-1-5-21-2503671516-4119152987-701077851-1000_Classes\VSCode.mdtext\shell\open\command\ = "\"C:\\Users\\Admin\\AppData\\Local\\Programs\\Microsoft VS Code\\Code.exe\" \"%1\""	VSCodeUserSetup-x64-1.96.3.tmp
Set value (str)	\REGISTRY\USER\S-1-5-21-2503671516-4119152987-701077851-1000_Classes\VSCode.r\shell\open\command\ = "\"C:\\Users\\Admin\\AppData\\Local\\Programs\\Microsoft VS Code\\Code.exe\" \"%1\""	VSCodeUserSetup-x64-1.96.3.tmp
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Dependencies\netstandard_targeting_pack_24.0.28113_x64\Version = "24.0.28113"	msiexec.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\Installer\UpgradeCodes\E6C6E1F643BEF123BBC28258DFCE6CC0\48399FB30F58CD945A59B37558BE50D3	msiexec.exe
Key created	\REGISTRY\USER\S-1-5-21-2503671516-4119152987-701077851-1000_Classes\VSCode.editorconfig\DefaultIcon	VSCodeUserSetup-x64-1.96.3.tmp
Set value (str)	\REGISTRY\USER\S-1-5-21-2503671516-4119152987-701077851-1000_Classes\VSCode.edn\ = "Extensible Data Notation Source File"	VSCodeUserSetup-x64-1.96.3.tmp
Set value (str)	\REGISTRY\USER\S-1-5-21-2503671516-4119152987-701077851-1000_Classes\VSCode.jav\ = "Java Source File"	VSCodeUserSetup-x64-1.96.3.tmp
Key created	\REGISTRY\USER\S-1-5-21-2503671516-4119152987-701077851-1000_Classes\VSCode.tex\shell\open	VSCodeUserSetup-x64-1.96.3.tmp
Set value (int)	\REGISTRY\USER\S-1-5-21-2503671516-4119152987-701077851-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\3\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\FFlags = "1092616193"	Code.exe
Set value (int)	\REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\8D5B79C8D4281C14F8D17BB071803DBD\Language = "1033"	msiexec.exe

Modifies system certificate store 2 TTPs 5 IoCs

evasion spyware trojan

Install Root Certificate

T1553.004

Modify Registry

T1112

description	ioc	Process
Set value (data)	\REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\DDFB16CD4931C973A2037D3FC83A4D7D775D05E4\Blob = 0f00000001000000300000004ea1b34b10b982a96a38915843507820ad632c6aad8343e337b34d660cd8366fa154544ae80668ae1fdf3931d57e1996530000000100000040000000303e301f06096086480186fd6c020130123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c0090000000100000034000000303206082b0601050507030206082b0601050507030306082b0601050507030406082b0601050507030106082b060105050703080b00000001000000320000004400690067006900430065007200740020005400720075007300740065006400200052006f006f0074002000470034000000620000000100000020000000552f7bdcf1a7af9e6ce672017f4f12abf77240c78e761ac203d1d9d20ac89988140000000100000014000000ecd7e382d2715d644cdf2e673fe7ba98ae1c0f4f1d0000000100000010000000a86dc6a233eb339610f3ed414927c559030000000100000014000000ddfb16cd4931c973a2037d3fc83a4d7d775d05e42000000001000000940500003082059030820378a0030201020210059b1b579e8e2132e23907bda777755c300d06092a864886f70d01010c05003062310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d3121301f060355040313184469676943657274205472757374656420526f6f74204734301e170d3133303830313132303030305a170d3338303131353132303030305a3062310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d3121301f060355040313184469676943657274205472757374656420526f6f7420473430820222300d06092a864886f70d01010105000382020f003082020a0282020100bfe6907368debbe45d4a3c3022306933ecc2a7252ec9213df28ad859c2e129a73d58ab769acdae7b1b840dc4301ff31ba43816eb56c6976d1dabb279f2ca11d2e45fd6053c520f521fc69e15a57ebe9fa95716595572af689370c2b2ba75996a733294d11044102edf82f30784e6743b6d71e22d0c1bee20d5c9201d63292dceec5e4ec893f821619b34eb05c65eec5b1abcebc9cfcdac34405fb17a66ee77c848a86657579f54588e0c2bb74fa730d956eeca7b5de3adc94f5ee535e731cbda935edc8e8f80dab69198409079c378c7b6b1c4b56a183803108dd8d437a42e057d88f5823e109170ab55824132d7db04732a6e91017c214cd4bcae1b03755d7866d93a31449a3340bf08d75a49a4c2e6a9a067dda427bca14f39b5115817f7245c468f64f7c169887698763d595d4276878997697a48f0e0a2121b669a74cade4b1ee70e63aee6d4ef92923a9e3ddc00e4452589b69a44192b7ec094b4d2616deb33d9c5df4b0400cc7d1c95c38ff721b2b211b7bb7ff2d58c702c4160aab1631844951a76627ef680b0fbe864a633d18907e1bdb7e643a418b8a67701e10f940c211db2542925896ce50e52514774be26acb64175de7aac5f8d3fc9bcd34111125be51050eb31c5ca72162209df7c4c753f63ec215fc420516b6fb1ab868b4fc2d6455f9d20fca11ec5c08fa2b17e0a2699f5e4692f981d2df5d9a9b21de51b0203010001a3423040300f0603551d130101ff040530030101ff300e0603551d0f0101ff040403020186301d0603551d0e04160414ecd7e382d2715d644cdf2e673fe7ba98ae1c0f4f300d06092a864886f70d01010c05000382020100bb61d97da96cbe17c4911bc3a1a2008de364680f56cf77ae70f9fd9a4a99b9c9785c0c0c5fe4e61429560b36495d4463e0ad9c9618661b230d3d79e96d6bd654f8d23cc14340ae1d50f552fc903bbb9899696bc7c1a7a868a427dc9df927ae3085b9f6674d3a3e8f5939225344ebc85d03caed507a7d62210a80c87366d1a005605fe8a5b4a7afa8f76d359c7c5a8ad6a23899f3788bf44dd2200bde04ee8c9b4781720dc01432ef30592eaee071f256e46a976f92506d968d687a9ab236147a06f224b9091150d708b1b8897a8423614229e5a3cda22041d7d19c64d9ea26a18b14d74c19b25041713d3f4d7023860c4adc81d2cc3294840d0809971c4fc0ee6b207430d2e03934108521150108e85532de7149d92817504de6be4dd175acd0cafb41b843a5aad3c305444f2c369be2fae245b823536c066f67557f46b54c3f6e285a7926d2a4a86297d21ee2ed4a8bbc1bfd474a0ddf67667eb25b41d03be4f43bf40463e9efc2540051a08a2ac9ce78ccd5ea870418b3ceaf4988aff39299b6b3e6610fd28500e7501ae41b959d19a1b99cb19bb1001eefd00f4f426cc90abcee43fa3a71a5c84d26a535fd895dbc85621d32d2a02b54ed9a57c1dbfa10cf19b78b4a1b8f01b6279553e8b6896d5bbc68d423e88b51a256f9f0a680a0d61eb3bc0f0f537529aaea1377e4de8c8121ad07104711ad873d07d175bccff3667e	vsce-sign.exe
Set value (data)	\REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\DDFB16CD4931C973A2037D3FC83A4D7D775D05E4\Blob = 190000000100000010000000ffac207997bb2cfe865570179ee037b9030000000100000014000000ddfb16cd4931c973a2037d3fc83a4d7d775d05e41d0000000100000010000000a86dc6a233eb339610f3ed414927c559140000000100000014000000ecd7e382d2715d644cdf2e673fe7ba98ae1c0f4f620000000100000020000000552f7bdcf1a7af9e6ce672017f4f12abf77240c78e761ac203d1d9d20ac899880b00000001000000320000004400690067006900430065007200740020005400720075007300740065006400200052006f006f0074002000470034000000090000000100000034000000303206082b0601050507030206082b0601050507030306082b0601050507030406082b0601050507030106082b06010505070308530000000100000040000000303e301f06096086480186fd6c020130123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c00f00000001000000300000004ea1b34b10b982a96a38915843507820ad632c6aad8343e337b34d660cd8366fa154544ae80668ae1fdf3931d57e19962000000001000000940500003082059030820378a0030201020210059b1b579e8e2132e23907bda777755c300d06092a864886f70d01010c05003062310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d3121301f060355040313184469676943657274205472757374656420526f6f74204734301e170d3133303830313132303030305a170d3338303131353132303030305a3062310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d3121301f060355040313184469676943657274205472757374656420526f6f7420473430820222300d06092a864886f70d01010105000382020f003082020a0282020100bfe6907368debbe45d4a3c3022306933ecc2a7252ec9213df28ad859c2e129a73d58ab769acdae7b1b840dc4301ff31ba43816eb56c6976d1dabb279f2ca11d2e45fd6053c520f521fc69e15a57ebe9fa95716595572af689370c2b2ba75996a733294d11044102edf82f30784e6743b6d71e22d0c1bee20d5c9201d63292dceec5e4ec893f821619b34eb05c65eec5b1abcebc9cfcdac34405fb17a66ee77c848a86657579f54588e0c2bb74fa730d956eeca7b5de3adc94f5ee535e731cbda935edc8e8f80dab69198409079c378c7b6b1c4b56a183803108dd8d437a42e057d88f5823e109170ab55824132d7db04732a6e91017c214cd4bcae1b03755d7866d93a31449a3340bf08d75a49a4c2e6a9a067dda427bca14f39b5115817f7245c468f64f7c169887698763d595d4276878997697a48f0e0a2121b669a74cade4b1ee70e63aee6d4ef92923a9e3ddc00e4452589b69a44192b7ec094b4d2616deb33d9c5df4b0400cc7d1c95c38ff721b2b211b7bb7ff2d58c702c4160aab1631844951a76627ef680b0fbe864a633d18907e1bdb7e643a418b8a67701e10f940c211db2542925896ce50e52514774be26acb64175de7aac5f8d3fc9bcd34111125be51050eb31c5ca72162209df7c4c753f63ec215fc420516b6fb1ab868b4fc2d6455f9d20fca11ec5c08fa2b17e0a2699f5e4692f981d2df5d9a9b21de51b0203010001a3423040300f0603551d130101ff040530030101ff300e0603551d0f0101ff040403020186301d0603551d0e04160414ecd7e382d2715d644cdf2e673fe7ba98ae1c0f4f300d06092a864886f70d01010c05000382020100bb61d97da96cbe17c4911bc3a1a2008de364680f56cf77ae70f9fd9a4a99b9c9785c0c0c5fe4e61429560b36495d4463e0ad9c9618661b230d3d79e96d6bd654f8d23cc14340ae1d50f552fc903bbb9899696bc7c1a7a868a427dc9df927ae3085b9f6674d3a3e8f5939225344ebc85d03caed507a7d62210a80c87366d1a005605fe8a5b4a7afa8f76d359c7c5a8ad6a23899f3788bf44dd2200bde04ee8c9b4781720dc01432ef30592eaee071f256e46a976f92506d968d687a9ab236147a06f224b9091150d708b1b8897a8423614229e5a3cda22041d7d19c64d9ea26a18b14d74c19b25041713d3f4d7023860c4adc81d2cc3294840d0809971c4fc0ee6b207430d2e03934108521150108e85532de7149d92817504de6be4dd175acd0cafb41b843a5aad3c305444f2c369be2fae245b823536c066f67557f46b54c3f6e285a7926d2a4a86297d21ee2ed4a8bbc1bfd474a0ddf67667eb25b41d03be4f43bf40463e9efc2540051a08a2ac9ce78ccd5ea870418b3ceaf4988aff39299b6b3e6610fd28500e7501ae41b959d19a1b99cb19bb1001eefd00f4f426cc90abcee43fa3a71a5c84d26a535fd895dbc85621d32d2a02b54ed9a57c1dbfa10cf19b78b4a1b8f01b6279553e8b6896d5bbc68d423e88b51a256f9f0a680a0d61eb3bc0f0f537529aaea1377e4de8c8121ad07104711ad873d07d175bccff3667e	vsce-sign.exe
Set value (data)	\REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\DDFB16CD4931C973A2037D3FC83A4D7D775D05E4\Blob = 04000000010000001000000078f2fcaa601f2fb4ebc937ba532e75490f00000001000000300000004ea1b34b10b982a96a38915843507820ad632c6aad8343e337b34d660cd8366fa154544ae80668ae1fdf3931d57e1996530000000100000040000000303e301f06096086480186fd6c020130123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c0090000000100000034000000303206082b0601050507030206082b0601050507030306082b0601050507030406082b0601050507030106082b060105050703080b00000001000000320000004400690067006900430065007200740020005400720075007300740065006400200052006f006f0074002000470034000000620000000100000020000000552f7bdcf1a7af9e6ce672017f4f12abf77240c78e761ac203d1d9d20ac89988140000000100000014000000ecd7e382d2715d644cdf2e673fe7ba98ae1c0f4f1d0000000100000010000000a86dc6a233eb339610f3ed414927c559030000000100000014000000ddfb16cd4931c973a2037d3fc83a4d7d775d05e4190000000100000010000000ffac207997bb2cfe865570179ee037b92000000001000000940500003082059030820378a0030201020210059b1b579e8e2132e23907bda777755c300d06092a864886f70d01010c05003062310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d3121301f060355040313184469676943657274205472757374656420526f6f74204734301e170d3133303830313132303030305a170d3338303131353132303030305a3062310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d3121301f060355040313184469676943657274205472757374656420526f6f7420473430820222300d06092a864886f70d01010105000382020f003082020a0282020100bfe6907368debbe45d4a3c3022306933ecc2a7252ec9213df28ad859c2e129a73d58ab769acdae7b1b840dc4301ff31ba43816eb56c6976d1dabb279f2ca11d2e45fd6053c520f521fc69e15a57ebe9fa95716595572af689370c2b2ba75996a733294d11044102edf82f30784e6743b6d71e22d0c1bee20d5c9201d63292dceec5e4ec893f821619b34eb05c65eec5b1abcebc9cfcdac34405fb17a66ee77c848a86657579f54588e0c2bb74fa730d956eeca7b5de3adc94f5ee535e731cbda935edc8e8f80dab69198409079c378c7b6b1c4b56a183803108dd8d437a42e057d88f5823e109170ab55824132d7db04732a6e91017c214cd4bcae1b03755d7866d93a31449a3340bf08d75a49a4c2e6a9a067dda427bca14f39b5115817f7245c468f64f7c169887698763d595d4276878997697a48f0e0a2121b669a74cade4b1ee70e63aee6d4ef92923a9e3ddc00e4452589b69a44192b7ec094b4d2616deb33d9c5df4b0400cc7d1c95c38ff721b2b211b7bb7ff2d58c702c4160aab1631844951a76627ef680b0fbe864a633d18907e1bdb7e643a418b8a67701e10f940c211db2542925896ce50e52514774be26acb64175de7aac5f8d3fc9bcd34111125be51050eb31c5ca72162209df7c4c753f63ec215fc420516b6fb1ab868b4fc2d6455f9d20fca11ec5c08fa2b17e0a2699f5e4692f981d2df5d9a9b21de51b0203010001a3423040300f0603551d130101ff040530030101ff300e0603551d0f0101ff040403020186301d0603551d0e04160414ecd7e382d2715d644cdf2e673fe7ba98ae1c0f4f300d06092a864886f70d01010c05000382020100bb61d97da96cbe17c4911bc3a1a2008de364680f56cf77ae70f9fd9a4a99b9c9785c0c0c5fe4e61429560b36495d4463e0ad9c9618661b230d3d79e96d6bd654f8d23cc14340ae1d50f552fc903bbb9899696bc7c1a7a868a427dc9df927ae3085b9f6674d3a3e8f5939225344ebc85d03caed507a7d62210a80c87366d1a005605fe8a5b4a7afa8f76d359c7c5a8ad6a23899f3788bf44dd2200bde04ee8c9b4781720dc01432ef30592eaee071f256e46a976f92506d968d687a9ab236147a06f224b9091150d708b1b8897a8423614229e5a3cda22041d7d19c64d9ea26a18b14d74c19b25041713d3f4d7023860c4adc81d2cc3294840d0809971c4fc0ee6b207430d2e03934108521150108e85532de7149d92817504de6be4dd175acd0cafb41b843a5aad3c305444f2c369be2fae245b823536c066f67557f46b54c3f6e285a7926d2a4a86297d21ee2ed4a8bbc1bfd474a0ddf67667eb25b41d03be4f43bf40463e9efc2540051a08a2ac9ce78ccd5ea870418b3ceaf4988aff39299b6b3e6610fd28500e7501ae41b959d19a1b99cb19bb1001eefd00f4f426cc90abcee43fa3a71a5c84d26a535fd895dbc85621d32d2a02b54ed9a57c1dbfa10cf19b78b4a1b8f01b6279553e8b6896d5bbc68d423e88b51a256f9f0a680a0d61eb3bc0f0f537529aaea1377e4de8c8121ad07104711ad873d07d175bccff3667e	vsce-sign.exe
Set value (data)	\REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\DDFB16CD4931C973A2037D3FC83A4D7D775D05E4\Blob = 5c000000010000000400000000100000190000000100000010000000ffac207997bb2cfe865570179ee037b9030000000100000014000000ddfb16cd4931c973a2037d3fc83a4d7d775d05e41d0000000100000010000000a86dc6a233eb339610f3ed414927c559140000000100000014000000ecd7e382d2715d644cdf2e673fe7ba98ae1c0f4f620000000100000020000000552f7bdcf1a7af9e6ce672017f4f12abf77240c78e761ac203d1d9d20ac899880b00000001000000320000004400690067006900430065007200740020005400720075007300740065006400200052006f006f0074002000470034000000090000000100000034000000303206082b0601050507030206082b0601050507030306082b0601050507030406082b0601050507030106082b06010505070308530000000100000040000000303e301f06096086480186fd6c020130123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c00f00000001000000300000004ea1b34b10b982a96a38915843507820ad632c6aad8343e337b34d660cd8366fa154544ae80668ae1fdf3931d57e199604000000010000001000000078f2fcaa601f2fb4ebc937ba532e75492000000001000000940500003082059030820378a0030201020210059b1b579e8e2132e23907bda777755c300d06092a864886f70d01010c05003062310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d3121301f060355040313184469676943657274205472757374656420526f6f74204734301e170d3133303830313132303030305a170d3338303131353132303030305a3062310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d3121301f060355040313184469676943657274205472757374656420526f6f7420473430820222300d06092a864886f70d01010105000382020f003082020a0282020100bfe6907368debbe45d4a3c3022306933ecc2a7252ec9213df28ad859c2e129a73d58ab769acdae7b1b840dc4301ff31ba43816eb56c6976d1dabb279f2ca11d2e45fd6053c520f521fc69e15a57ebe9fa95716595572af689370c2b2ba75996a733294d11044102edf82f30784e6743b6d71e22d0c1bee20d5c9201d63292dceec5e4ec893f821619b34eb05c65eec5b1abcebc9cfcdac34405fb17a66ee77c848a86657579f54588e0c2bb74fa730d956eeca7b5de3adc94f5ee535e731cbda935edc8e8f80dab69198409079c378c7b6b1c4b56a183803108dd8d437a42e057d88f5823e109170ab55824132d7db04732a6e91017c214cd4bcae1b03755d7866d93a31449a3340bf08d75a49a4c2e6a9a067dda427bca14f39b5115817f7245c468f64f7c169887698763d595d4276878997697a48f0e0a2121b669a74cade4b1ee70e63aee6d4ef92923a9e3ddc00e4452589b69a44192b7ec094b4d2616deb33d9c5df4b0400cc7d1c95c38ff721b2b211b7bb7ff2d58c702c4160aab1631844951a76627ef680b0fbe864a633d18907e1bdb7e643a418b8a67701e10f940c211db2542925896ce50e52514774be26acb64175de7aac5f8d3fc9bcd34111125be51050eb31c5ca72162209df7c4c753f63ec215fc420516b6fb1ab868b4fc2d6455f9d20fca11ec5c08fa2b17e0a2699f5e4692f981d2df5d9a9b21de51b0203010001a3423040300f0603551d130101ff040530030101ff300e0603551d0f0101ff040403020186301d0603551d0e04160414ecd7e382d2715d644cdf2e673fe7ba98ae1c0f4f300d06092a864886f70d01010c05000382020100bb61d97da96cbe17c4911bc3a1a2008de364680f56cf77ae70f9fd9a4a99b9c9785c0c0c5fe4e61429560b36495d4463e0ad9c9618661b230d3d79e96d6bd654f8d23cc14340ae1d50f552fc903bbb9899696bc7c1a7a868a427dc9df927ae3085b9f6674d3a3e8f5939225344ebc85d03caed507a7d62210a80c87366d1a005605fe8a5b4a7afa8f76d359c7c5a8ad6a23899f3788bf44dd2200bde04ee8c9b4781720dc01432ef30592eaee071f256e46a976f92506d968d687a9ab236147a06f224b9091150d708b1b8897a8423614229e5a3cda22041d7d19c64d9ea26a18b14d74c19b25041713d3f4d7023860c4adc81d2cc3294840d0809971c4fc0ee6b207430d2e03934108521150108e85532de7149d92817504de6be4dd175acd0cafb41b843a5aad3c305444f2c369be2fae245b823536c066f67557f46b54c3f6e285a7926d2a4a86297d21ee2ed4a8bbc1bfd474a0ddf67667eb25b41d03be4f43bf40463e9efc2540051a08a2ac9ce78ccd5ea870418b3ceaf4988aff39299b6b3e6610fd28500e7501ae41b959d19a1b99cb19bb1001eefd00f4f426cc90abcee43fa3a71a5c84d26a535fd895dbc85621d32d2a02b54ed9a57c1dbfa10cf19b78b4a1b8f01b6279553e8b6896d5bbc68d423e88b51a256f9f0a680a0d61eb3bc0f0f537529aaea1377e4de8c8121ad07104711ad873d07d175bccff3667e	vsce-sign.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\DDFB16CD4931C973A2037D3FC83A4D7D775D05E4	vsce-sign.exe

NTFS ADS 2 IoCs

description	ioc	Process
File created	C:\Users\Admin\Downloads\VSCodeUserSetup-x64-1.96.3.exe:Zone.Identifier	firefox.exe
File opened for modification	C:\Users\Admin\Downloads\Unconfirmed 136936.crdownload:SmartScreen	msedge.exe

Suspicious behavior: EnumeratesProcesses 64 IoCs

pid	Process
4944	powershell.exe
4944	powershell.exe
4944	powershell.exe
5916	VSCodeUserSetup-x64-1.96.3.tmp
5916	VSCodeUserSetup-x64-1.96.3.tmp
10648	Code.exe
10648	Code.exe
7916	msedge.exe
7916	msedge.exe
8120	msedge.exe
8120	msedge.exe
8480	msedge.exe
8480	msedge.exe
6452	msedge.exe
6452	msedge.exe
11420	identity_helper.exe
11420	identity_helper.exe
12100	msedge.exe
12100	msedge.exe
12184	powershell.exe
12184	powershell.exe
12184	powershell.exe
12228	powershell.exe
12228	powershell.exe
12228	powershell.exe
10484	powershell.exe
10484	powershell.exe
10484	powershell.exe
11412	powershell.exe
11412	powershell.exe
11412	powershell.exe
10984	powershell.exe
10984	powershell.exe
10984	powershell.exe
1404	powershell.exe
1404	powershell.exe
1404	powershell.exe
8832	Code.exe
8832	Code.exe
8100	msedge.exe
8100	msedge.exe
7592	msedge.exe
7592	msedge.exe
10844	identity_helper.exe
10844	identity_helper.exe
5352	msedge.exe
5352	msedge.exe
11192	msiexec.exe
11192	msiexec.exe
11192	msiexec.exe
11192	msiexec.exe
11192	msiexec.exe
11192	msiexec.exe
11192	msiexec.exe
11192	msiexec.exe
11192	msiexec.exe
11192	msiexec.exe
11192	msiexec.exe
11192	msiexec.exe
11192	msiexec.exe
11192	msiexec.exe
11192	msiexec.exe
11192	msiexec.exe
11192	msiexec.exe

Suspicious behavior: GetForegroundWindowSpam 2 IoCs

pid	Process
6352	OpenWith.exe
9600	Code.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 19 IoCs

pid	Process
8120	msedge.exe
8120	msedge.exe
6452	msedge.exe
6452	msedge.exe
6452	msedge.exe
6452	msedge.exe
6452	msedge.exe
6452	msedge.exe
6452	msedge.exe
6452	msedge.exe
7592	msedge.exe
7592	msedge.exe
7592	msedge.exe
7592	msedge.exe
7592	msedge.exe
7592	msedge.exe
7592	msedge.exe
7592	msedge.exe
7592	msedge.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeRestorePrivilege	4668	7zFM.exe
Token: 35	4668	7zFM.exe
Token: SeSecurityPrivilege	4668	7zFM.exe
Token: SeDebugPrivilege	1200	firefox.exe
Token: SeDebugPrivilege	1200	firefox.exe
Token: SeDebugPrivilege	5916	VSCodeUserSetup-x64-1.96.3.tmp
Token: SeDebugPrivilege	5916	VSCodeUserSetup-x64-1.96.3.tmp
Token: SeDebugPrivilege	5916	VSCodeUserSetup-x64-1.96.3.tmp
Token: SeDebugPrivilege	4944	powershell.exe
Token: SeDebugPrivilege	5916	VSCodeUserSetup-x64-1.96.3.tmp
Token: SeDebugPrivilege	5916	VSCodeUserSetup-x64-1.96.3.tmp
Token: SeDebugPrivilege	5916	VSCodeUserSetup-x64-1.96.3.tmp
Token: SeDebugPrivilege	5916	VSCodeUserSetup-x64-1.96.3.tmp
Token: SeDebugPrivilege	5916	VSCodeUserSetup-x64-1.96.3.tmp
Token: SeDebugPrivilege	5916	VSCodeUserSetup-x64-1.96.3.tmp
Token: SeDebugPrivilege	5916	VSCodeUserSetup-x64-1.96.3.tmp
Token: SeShutdownPrivilege	5364	Code.exe
Token: SeCreatePagefilePrivilege	5364	Code.exe
Token: SeShutdownPrivilege	5364	Code.exe
Token: SeCreatePagefilePrivilege	5364	Code.exe
Token: SeShutdownPrivilege	5364	Code.exe
Token: SeCreatePagefilePrivilege	5364	Code.exe
Token: SeDebugPrivilege	5364	Code.exe
Token: SeDebugPrivilege	5364	Code.exe
Token: SeShutdownPrivilege	5364	Code.exe
Token: SeCreatePagefilePrivilege	5364	Code.exe
Token: SeShutdownPrivilege	5364	Code.exe
Token: SeCreatePagefilePrivilege	5364	Code.exe
Token: SeShutdownPrivilege	5364	Code.exe
Token: SeCreatePagefilePrivilege	5364	Code.exe
Token: SeShutdownPrivilege	5364	Code.exe
Token: SeCreatePagefilePrivilege	5364	Code.exe
Token: SeShutdownPrivilege	5364	Code.exe
Token: SeCreatePagefilePrivilege	5364	Code.exe
Token: SeShutdownPrivilege	5364	Code.exe
Token: SeCreatePagefilePrivilege	5364	Code.exe
Token: SeShutdownPrivilege	5364	Code.exe
Token: SeCreatePagefilePrivilege	5364	Code.exe
Token: SeShutdownPrivilege	5364	Code.exe
Token: SeCreatePagefilePrivilege	5364	Code.exe
Token: SeShutdownPrivilege	5364	Code.exe
Token: SeCreatePagefilePrivilege	5364	Code.exe
Token: SeShutdownPrivilege	5364	Code.exe
Token: SeCreatePagefilePrivilege	5364	Code.exe
Token: SeShutdownPrivilege	5364	Code.exe
Token: SeCreatePagefilePrivilege	5364	Code.exe
Token: SeShutdownPrivilege	5364	Code.exe
Token: SeCreatePagefilePrivilege	5364	Code.exe
Token: SeShutdownPrivilege	5364	Code.exe
Token: SeCreatePagefilePrivilege	5364	Code.exe
Token: SeShutdownPrivilege	5364	Code.exe
Token: SeCreatePagefilePrivilege	5364	Code.exe
Token: SeShutdownPrivilege	5364	Code.exe
Token: SeCreatePagefilePrivilege	5364	Code.exe
Token: SeShutdownPrivilege	5364	Code.exe
Token: SeCreatePagefilePrivilege	5364	Code.exe
Token: SeShutdownPrivilege	5364	Code.exe
Token: SeCreatePagefilePrivilege	5364	Code.exe
Token: SeShutdownPrivilege	5364	Code.exe
Token: SeCreatePagefilePrivilege	5364	Code.exe
Token: SeShutdownPrivilege	5364	Code.exe
Token: SeCreatePagefilePrivilege	5364	Code.exe
Token: SeShutdownPrivilege	5364	Code.exe
Token: SeCreatePagefilePrivilege	5364	Code.exe

Suspicious use of FindShellTrayWindow 64 IoCs

pid	Process
4668	7zFM.exe
4668	7zFM.exe
1200	firefox.exe
1200	firefox.exe
1200	firefox.exe
1200	firefox.exe
1200	firefox.exe
1200	firefox.exe
1200	firefox.exe
1200	firefox.exe
1200	firefox.exe
1200	firefox.exe
1200	firefox.exe
1200	firefox.exe
1200	firefox.exe
1200	firefox.exe
1200	firefox.exe
1200	firefox.exe
1200	firefox.exe
1200	firefox.exe
1200	firefox.exe
1200	firefox.exe
1200	firefox.exe
1200	firefox.exe
1200	firefox.exe
5916	VSCodeUserSetup-x64-1.96.3.tmp
5364	Code.exe
8120	msedge.exe
8120	msedge.exe
6452	msedge.exe
6452	msedge.exe
6452	msedge.exe
6452	msedge.exe
6452	msedge.exe
6452	msedge.exe
6452	msedge.exe
6452	msedge.exe
6452	msedge.exe
6452	msedge.exe
6452	msedge.exe
6452	msedge.exe
6452	msedge.exe
6452	msedge.exe
6452	msedge.exe
6452	msedge.exe
6452	msedge.exe
6452	msedge.exe
6452	msedge.exe
6452	msedge.exe
6452	msedge.exe
6452	msedge.exe
6452	msedge.exe
6452	msedge.exe
6452	msedge.exe
6452	msedge.exe
6452	msedge.exe
6452	msedge.exe
6452	msedge.exe
6452	msedge.exe
6452	msedge.exe
6452	msedge.exe
6452	msedge.exe
6452	msedge.exe
6452	msedge.exe

Suspicious use of SendNotifyMessage 22 IoCs

pid	Process
1200	firefox.exe
1200	firefox.exe
1200	firefox.exe
1200	firefox.exe
1200	firefox.exe
1200	firefox.exe
1200	firefox.exe
1200	firefox.exe
1200	firefox.exe
1200	firefox.exe
1200	firefox.exe
1200	firefox.exe
1200	firefox.exe
1200	firefox.exe
1200	firefox.exe
1200	firefox.exe
1200	firefox.exe
1200	firefox.exe
1200	firefox.exe
1200	firefox.exe
1200	firefox.exe
1200	firefox.exe

Suspicious use of SetWindowsHookEx 26 IoCs

pid	Process
1200	firefox.exe
1200	firefox.exe
1200	firefox.exe
1200	firefox.exe
6352	OpenWith.exe
6352	OpenWith.exe
6352	OpenWith.exe
6352	OpenWith.exe
6352	OpenWith.exe
6352	OpenWith.exe
6352	OpenWith.exe
6352	OpenWith.exe
6352	OpenWith.exe
6352	OpenWith.exe
6352	OpenWith.exe
6352	OpenWith.exe
6352	OpenWith.exe
6352	OpenWith.exe
6352	OpenWith.exe
6352	OpenWith.exe
6352	OpenWith.exe
6352	OpenWith.exe
6352	OpenWith.exe
6352	OpenWith.exe
6352	OpenWith.exe
9600	Code.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 1564 wrote to memory of 1200	1564	firefox.exe	88
PID 1564 wrote to memory of 1200	1564	firefox.exe	88
PID 1564 wrote to memory of 1200	1564	firefox.exe	88
PID 1564 wrote to memory of 1200	1564	firefox.exe	88
PID 1564 wrote to memory of 1200	1564	firefox.exe	88
PID 1564 wrote to memory of 1200	1564	firefox.exe	88
PID 1564 wrote to memory of 1200	1564	firefox.exe	88
PID 1564 wrote to memory of 1200	1564	firefox.exe	88
PID 1564 wrote to memory of 1200	1564	firefox.exe	88
PID 1564 wrote to memory of 1200	1564	firefox.exe	88
PID 1564 wrote to memory of 1200	1564	firefox.exe	88
PID 1200 wrote to memory of 1232	1200	firefox.exe	89
PID 1200 wrote to memory of 1232	1200	firefox.exe	89
PID 1200 wrote to memory of 1232	1200	firefox.exe	89
PID 1200 wrote to memory of 1232	1200	firefox.exe	89
PID 1200 wrote to memory of 1232	1200	firefox.exe	89
PID 1200 wrote to memory of 1232	1200	firefox.exe	89
PID 1200 wrote to memory of 1232	1200	firefox.exe	89
PID 1200 wrote to memory of 1232	1200	firefox.exe	89
PID 1200 wrote to memory of 1232	1200	firefox.exe	89
PID 1200 wrote to memory of 1232	1200	firefox.exe	89
PID 1200 wrote to memory of 1232	1200	firefox.exe	89
PID 1200 wrote to memory of 1232	1200	firefox.exe	89
PID 1200 wrote to memory of 1232	1200	firefox.exe	89
PID 1200 wrote to memory of 1232	1200	firefox.exe	89
PID 1200 wrote to memory of 1232	1200	firefox.exe	89
PID 1200 wrote to memory of 1232	1200	firefox.exe	89
PID 1200 wrote to memory of 1232	1200	firefox.exe	89
PID 1200 wrote to memory of 1232	1200	firefox.exe	89
PID 1200 wrote to memory of 1232	1200	firefox.exe	89
PID 1200 wrote to memory of 1232	1200	firefox.exe	89
PID 1200 wrote to memory of 1232	1200	firefox.exe	89
PID 1200 wrote to memory of 1232	1200	firefox.exe	89
PID 1200 wrote to memory of 1232	1200	firefox.exe	89
PID 1200 wrote to memory of 1232	1200	firefox.exe	89
PID 1200 wrote to memory of 1232	1200	firefox.exe	89
PID 1200 wrote to memory of 1232	1200	firefox.exe	89
PID 1200 wrote to memory of 1232	1200	firefox.exe	89
PID 1200 wrote to memory of 1232	1200	firefox.exe	89
PID 1200 wrote to memory of 1232	1200	firefox.exe	89
PID 1200 wrote to memory of 1232	1200	firefox.exe	89
PID 1200 wrote to memory of 1232	1200	firefox.exe	89
PID 1200 wrote to memory of 1232	1200	firefox.exe	89
PID 1200 wrote to memory of 1232	1200	firefox.exe	89
PID 1200 wrote to memory of 1232	1200	firefox.exe	89
PID 1200 wrote to memory of 1232	1200	firefox.exe	89
PID 1200 wrote to memory of 1232	1200	firefox.exe	89
PID 1200 wrote to memory of 1232	1200	firefox.exe	89
PID 1200 wrote to memory of 1232	1200	firefox.exe	89
PID 1200 wrote to memory of 1232	1200	firefox.exe	89
PID 1200 wrote to memory of 1232	1200	firefox.exe	89
PID 1200 wrote to memory of 1232	1200	firefox.exe	89
PID 1200 wrote to memory of 1232	1200	firefox.exe	89
PID 1200 wrote to memory of 1232	1200	firefox.exe	89
PID 1200 wrote to memory of 1232	1200	firefox.exe	89
PID 1200 wrote to memory of 1232	1200	firefox.exe	89
PID 1200 wrote to memory of 5028	1200	firefox.exe	90
PID 1200 wrote to memory of 5028	1200	firefox.exe	90
PID 1200 wrote to memory of 5028	1200	firefox.exe	90
PID 1200 wrote to memory of 5028	1200	firefox.exe	90
PID 1200 wrote to memory of 5028	1200	firefox.exe	90
PID 1200 wrote to memory of 5028	1200	firefox.exe	90
PID 1200 wrote to memory of 5028	1200	firefox.exe	90
PID 1200 wrote to memory of 5028	1200	firefox.exe	90

Uses Task Scheduler COM API 1 TTPs
The Task Scheduler COM API can be used to schedule applications to run on boot or at set times.
persistence

Query Registry
T1012
Uses Volume Shadow Copy WMI provider
The Volume Shadow Copy service is used to manage backups/snapshots.
ransomware
Uses Volume Shadow Copy service COM API
The Volume Shadow Copy service is used to manage backups/snapshots.
ransomware

C:\Program Files\7-Zip\7zFM.exe
"C:\Program Files\7-Zip\7zFM.exe" "C:\Users\Admin\AppData\Local\Temp\Fableborne-Crypto-Bot-Crypto-Game-Auto-Farm-Clicker-Cheat-Token-Hack-Api-fableborne.zip"
1⤵
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
PID:4668

C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:1564
- C:\Program Files\Mozilla Firefox\firefox.exe
  "C:\Program Files\Mozilla Firefox\firefox.exe"
  2⤵
  - Subvert Trust Controls: Mark-of-the-Web Bypass
  - Checks processor information in registry
  - NTFS ADS
  - Suspicious use of AdjustPrivilegeToken
  - Suspicious use of FindShellTrayWindow
  - Suspicious use of SendNotifyMessage
  - Suspicious use of SetWindowsHookEx
  - Suspicious use of WriteProcessMemory
  PID:1200
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=1964 -parentBuildID 20240401114208 -prefsHandle 1880 -prefMapHandle 1872 -prefsLen 27137 -prefMapSize 244658 -appDir "C:\Program Files\Mozilla Firefox\browser" - {8daec4e0-ca89-41f8-84ab-b79782eba184} 1200 "\\.\pipe\gecko-crash-server-pipe.1200" gpu
    3⤵
    PID:1232
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=2372 -parentBuildID 20240401114208 -prefsHandle 2364 -prefMapHandle 2360 -prefsLen 27015 -prefMapSize 244658 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {130ebdc2-fd12-4a6b-8f07-a4dba811f9dd} 1200 "\\.\pipe\gecko-crash-server-pipe.1200" socket
    3⤵
    PID:5028
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=2964 -childID 1 -isForBrowser -prefsHandle 2988 -prefMapHandle 3000 -prefsLen 22698 -prefMapSize 244658 -jsInitHandle 1264 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {7d4a906d-0b98-4a27-9bfc-55128e1bd8ab} 1200 "\\.\pipe\gecko-crash-server-pipe.1200" tab
    3⤵
    PID:1908
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=4016 -childID 2 -isForBrowser -prefsHandle 4008 -prefMapHandle 4004 -prefsLen 32389 -prefMapSize 244658 -jsInitHandle 1264 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {8365e695-80d1-4256-a0c1-0399832017fc} 1200 "\\.\pipe\gecko-crash-server-pipe.1200" tab
    3⤵
    PID:4664
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=4948 -parentBuildID 20240401114208 -sandboxingKind 0 -prefsHandle 4944 -prefMapHandle 4936 -prefsLen 32389 -prefMapSize 244658 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {428f68d1-2b85-4d58-af2f-6a3e82280793} 1200 "\\.\pipe\gecko-crash-server-pipe.1200" utility
    3⤵
    - Checks processor information in registry
    PID:844
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=4032 -childID 3 -isForBrowser -prefsHandle 2784 -prefMapHandle 1384 -prefsLen 27257 -prefMapSize 244658 -jsInitHandle 1264 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {a2c1eedc-42a8-4d4e-93c1-56291eeefe4f} 1200 "\\.\pipe\gecko-crash-server-pipe.1200" tab
    3⤵
    PID:4788
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5672 -childID 4 -isForBrowser -prefsHandle 1540 -prefMapHandle 1408 -prefsLen 27257 -prefMapSize 244658 -jsInitHandle 1264 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {58b6782f-ed1f-4fd3-a5a0-3a98343089b4} 1200 "\\.\pipe\gecko-crash-server-pipe.1200" tab
    3⤵
    PID:3540
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5828 -childID 5 -isForBrowser -prefsHandle 5836 -prefMapHandle 5844 -prefsLen 27257 -prefMapSize 244658 -jsInitHandle 1264 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {b0225fd5-909e-42fb-af47-f1ead562fb7a} 1200 "\\.\pipe\gecko-crash-server-pipe.1200" tab
    3⤵
    PID:3684
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5696 -childID 6 -isForBrowser -prefsHandle 5704 -prefMapHandle 5708 -prefsLen 27257 -prefMapSize 244658 -jsInitHandle 1264 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {94d28896-4440-4e72-be54-32b949750d55} 1200 "\\.\pipe\gecko-crash-server-pipe.1200" tab
    3⤵
    PID:220
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=6068 -parentBuildID 20240401114208 -prefsHandle 6220 -prefMapHandle 5624 -prefsLen 32642 -prefMapSize 244658 -appDir "C:\Program Files\Mozilla Firefox\browser" - {5e8af98c-24cf-4aed-9bf4-02249d925bb4} 1200 "\\.\pipe\gecko-crash-server-pipe.1200" rdd
    3⤵
    PID:5724
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5616 -parentBuildID 20240401114208 -sandboxingKind 1 -prefsHandle 5588 -prefMapHandle 5628 -prefsLen 32642 -prefMapSize 244658 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {cd125c3c-7598-4ba3-8b3a-d4e659291efb} 1200 "\\.\pipe\gecko-crash-server-pipe.1200" utility
    3⤵
    - Checks processor information in registry
    PID:5732
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5552 -childID 7 -isForBrowser -prefsHandle 6332 -prefMapHandle 5592 -prefsLen 27257 -prefMapSize 244658 -jsInitHandle 1264 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {68aaad07-d5f5-46a9-b917-57943c669e0a} 1200 "\\.\pipe\gecko-crash-server-pipe.1200" tab
    3⤵
    PID:5928
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5988 -childID 8 -isForBrowser -prefsHandle 5688 -prefMapHandle 6036 -prefsLen 27257 -prefMapSize 244658 -jsInitHandle 1264 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {cd6a8ecd-60ca-4a31-8f96-3dac481cae1f} 1200 "\\.\pipe\gecko-crash-server-pipe.1200" tab
    3⤵
    PID:5416
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5860 -childID 9 -isForBrowser -prefsHandle 6608 -prefMapHandle 6616 -prefsLen 27257 -prefMapSize 244658 -jsInitHandle 1264 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {d1a6d836-0e11-4d0f-927b-b410443fc609} 1200 "\\.\pipe\gecko-crash-server-pipe.1200" tab
    3⤵
    PID:5436
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=6808 -childID 10 -isForBrowser -prefsHandle 6636 -prefMapHandle 6640 -prefsLen 27257 -prefMapSize 244658 -jsInitHandle 1264 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {37b54e92-b820-4a74-901e-7785017de243} 1200 "\\.\pipe\gecko-crash-server-pipe.1200" tab
    3⤵
    PID:5696
- - C:\Users\Admin\Downloads\VSCodeUserSetup-x64-1.96.3.exe
    "C:\Users\Admin\Downloads\VSCodeUserSetup-x64-1.96.3.exe"
    3⤵
    - Executes dropped EXE
    - System Location Discovery: System Language Discovery
    PID:4880
  - - C:\Users\Admin\AppData\Local\Temp\is-NR1FU.tmp\VSCodeUserSetup-x64-1.96.3.tmp
      "C:\Users\Admin\AppData\Local\Temp\is-NR1FU.tmp\VSCodeUserSetup-x64-1.96.3.tmp" /SL5="$B0264,103871940,828416,C:\Users\Admin\Downloads\VSCodeUserSetup-x64-1.96.3.exe"
      4⤵
      Checks computer location settings
      Executes dropped EXE
      System Location Discovery: System Language Discovery
      Modifies registry class
      Suspicious behavior: EnumeratesProcesses
      Suspicious use of AdjustPrivilegeToken
      Suspicious use of FindShellTrayWindow
      PID:5916
    - - C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -Command "Get-WmiObject Win32_Process | Where-Object { $_.ExecutablePath -eq 'C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\bin\code-tunnel.exe' } | Select @{Name='Id'; Expression={$_.ProcessId}} | Stop-Process -Force"
        5⤵
        Command and Scripting Interpreter: PowerShell
        System Location Discovery: System Language Discovery
        Suspicious behavior: EnumeratesProcesses
        Suspicious use of AdjustPrivilegeToken
        
        PID:4944
    - - C:\Windows\system32\icacls.exe
        
        "C:\Windows\system32\icacls.exe" "C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code" /inheritancelevel:r /grant:r "*S-1-5-18:(OI)(CI)F" /grant:r "*S-1-5-32-544:(OI)(CI)F" /grant:r "*S-1-5-11:(OI)(CI)RX" /grant:r "*S-1-5-32-545:(OI)(CI)RX" /grant:r "*S-1-3-0:(OI)(CI)F" /grant:r "Admin:(OI)(CI)F"
        5⤵
        Modifies file permissions
        
        PID:3268
    - - C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe
        
        "C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe"
        5⤵
        Checks computer location settings
        Executes dropped EXE
        Loads dropped DLL
        Drops file in Windows directory
        Checks processor information in registry
        Suspicious use of AdjustPrivilegeToken
        Suspicious use of FindShellTrayWindow
        
        PID:5364
      - C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe
        
        "C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe" --type=gpu-process --user-data-dir="C:\Users\Admin\AppData\Roaming\Code" --gpu-preferences=UAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAAAAAAABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAEAAAAAAAAAAIAAAAAAAAAAgAAAAAAAAA --field-trial-handle=1816,i,7572927676434762253,4390245065614849917,262144 --disable-features=CalculateNativeWinOcclusion,PlzDedicatedWorker,SpareRendererForSitePerProcess,WinDelaySpellcheckServiceInit,WinRetrieveSuggestionsOnlyOnDemand --variations-seed-version --mojo-platform-channel-handle=1808 /prefetch:2
        6⤵
        Executes dropped EXE
        Loads dropped DLL
        
        PID:3268
      - C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe
        
        "C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --user-data-dir="C:\Users\Admin\AppData\Roaming\Code" --standard-schemes=vscode-webview,vscode-file --enable-sandbox --secure-schemes=vscode-webview,vscode-file --cors-schemes=vscode-webview,vscode-file --fetch-schemes=vscode-webview,vscode-file --service-worker-schemes=vscode-webview --code-cache-schemes=vscode-webview,vscode-file --field-trial-handle=2000,i,7572927676434762253,4390245065614849917,262144 --disable-features=CalculateNativeWinOcclusion,PlzDedicatedWorker,SpareRendererForSitePerProcess,WinDelaySpellcheckServiceInit,WinRetrieveSuggestionsOnlyOnDemand --variations-seed-version --mojo-platform-channel-handle=1828 /prefetch:3
        6⤵
        Executes dropped EXE
        Loads dropped DLL
        
        PID:4012
      - C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe
        
        "C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe" --type=renderer --user-data-dir="C:\Users\Admin\AppData\Roaming\Code" --standard-schemes=vscode-webview,vscode-file --enable-sandbox --secure-schemes=vscode-webview,vscode-file --cors-schemes=vscode-webview,vscode-file --fetch-schemes=vscode-webview,vscode-file --service-worker-schemes=vscode-webview --code-cache-schemes=vscode-webview,vscode-file --app-user-model-id=Microsoft.VisualStudioCode --app-path="C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\resources\app" --enable-sandbox --enable-blink-features=HighlightAPI --disable-blink-features=FontMatchingCTMigration,StandardizedBrowserZoom, --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=4 --field-trial-handle=3320,i,7572927676434762253,4390245065614849917,262144 --disable-features=CalculateNativeWinOcclusion,PlzDedicatedWorker,SpareRendererForSitePerProcess,WinDelaySpellcheckServiceInit,WinRetrieveSuggestionsOnlyOnDemand --variations-seed-version --mojo-platform-channel-handle=3316 --vscode-window-config=vscode:2d436cb0-1c2b-4f6b-8f62-9242d5c94014 /prefetch:1
        6⤵
        Checks computer location settings
        Executes dropped EXE
        Loads dropped DLL
        
        PID:2120
      - C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe
        
        "C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe" --type=utility --utility-sub-type=node.mojom.NodeService --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --user-data-dir="C:\Users\Admin\AppData\Roaming\Code" --standard-schemes=vscode-webview,vscode-file --enable-sandbox --secure-schemes=vscode-webview,vscode-file --cors-schemes=vscode-webview,vscode-file --fetch-schemes=vscode-webview,vscode-file --service-worker-schemes=vscode-webview --code-cache-schemes=vscode-webview,vscode-file --field-trial-handle=3796,i,7572927676434762253,4390245065614849917,262144 --disable-features=CalculateNativeWinOcclusion,PlzDedicatedWorker,SpareRendererForSitePerProcess,WinDelaySpellcheckServiceInit,WinRetrieveSuggestionsOnlyOnDemand --variations-seed-version --mojo-platform-channel-handle=3800 /prefetch:8
        6⤵
        Checks computer location settings
        Executes dropped EXE
        Loads dropped DLL
        
        PID:1760
        
        \??\c:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\bin\code-tunnel.exe
        
        "c:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\bin\code-tunnel.exe" tunnel status
        7⤵
        Executes dropped EXE
        
        PID:6252
        
        \??\c:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\resources\app\node_modules\@vscode\vsce-sign\bin\vsce-sign.exe
        
        "c:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\resources\app\node_modules\@vscode\vsce-sign\bin\vsce-sign.exe" verify --package c:\Users\Admin\AppData\Roaming\Code\CachedExtensionVSIXs\ms-dotnettools.vscode-dotnet-runtime-2.2.5 --signaturearchive c:\Users\Admin\AppData\Roaming\Code\CachedExtensionVSIXs\ms-dotnettools.vscode-dotnet-runtime-2.2.5.sigzip
        7⤵
        Executes dropped EXE
        System Time Discovery
        
        PID:6176
        
        \??\c:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\resources\app\node_modules\@vscode\vsce-sign\bin\vsce-sign.exe
        
        "c:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\resources\app\node_modules\@vscode\vsce-sign\bin\vsce-sign.exe" verify --package c:\Users\Admin\AppData\Roaming\Code\CachedExtensionVSIXs\ms-toolsai.vscode-jupyter-cell-tags-0.1.9 --signaturearchive c:\Users\Admin\AppData\Roaming\Code\CachedExtensionVSIXs\ms-toolsai.vscode-jupyter-cell-tags-0.1.9.sigzip
        7⤵
        Executes dropped EXE
        Modifies system certificate store
        
        PID:6884
        
        \??\c:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\resources\app\node_modules\@vscode\vsce-sign\bin\vsce-sign.exe
        
        "c:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\resources\app\node_modules\@vscode\vsce-sign\bin\vsce-sign.exe" verify --package c:\Users\Admin\AppData\Roaming\Code\CachedExtensionVSIXs\ms-toolsai.jupyter-keymap-1.1.2 --signaturearchive c:\Users\Admin\AppData\Roaming\Code\CachedExtensionVSIXs\ms-toolsai.jupyter-keymap-1.1.2.sigzip
        7⤵
        Executes dropped EXE
        
        PID:6988
        
        \??\c:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\resources\app\node_modules\@vscode\vsce-sign\bin\vsce-sign.exe
        
        "c:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\resources\app\node_modules\@vscode\vsce-sign\bin\vsce-sign.exe" verify --package c:\Users\Admin\AppData\Roaming\Code\CachedExtensionVSIXs\ms-dotnettools.vscode-dotnet-pack-1.0.13 --signaturearchive c:\Users\Admin\AppData\Roaming\Code\CachedExtensionVSIXs\ms-dotnettools.vscode-dotnet-pack-1.0.13.sigzip
        7⤵
        Executes dropped EXE
        
        PID:3256
        
        \??\c:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\resources\app\node_modules\@vscode\vsce-sign\bin\vsce-sign.exe
        
        "c:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\resources\app\node_modules\@vscode\vsce-sign\bin\vsce-sign.exe" verify --package c:\Users\Admin\AppData\Roaming\Code\CachedExtensionVSIXs\ms-dotnettools.dotnet-interactive-vscode-1.0.5568010 --signaturearchive c:\Users\Admin\AppData\Roaming\Code\CachedExtensionVSIXs\ms-dotnettools.dotnet-interactive-vscode-1.0.5568010.sigzip
        7⤵
        Executes dropped EXE
        
        PID:7160
        
        \??\c:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\resources\app\node_modules\@vscode\vsce-sign\bin\vsce-sign.exe
        
        "c:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\resources\app\node_modules\@vscode\vsce-sign\bin\vsce-sign.exe" verify --package c:\Users\Admin\AppData\Roaming\Code\CachedExtensionVSIXs\ms-toolsai.vscode-jupyter-slideshow-0.1.6 --signaturearchive c:\Users\Admin\AppData\Roaming\Code\CachedExtensionVSIXs\ms-toolsai.vscode-jupyter-slideshow-0.1.6.sigzip
        7⤵
        Executes dropped EXE
        
        PID:6568
        
        \??\c:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\resources\app\node_modules\@vscode\vsce-sign\bin\vsce-sign.exe
        
        "c:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\resources\app\node_modules\@vscode\vsce-sign\bin\vsce-sign.exe" verify --package c:\Users\Admin\AppData\Roaming\Code\CachedExtensionVSIXs\ms-toolsai.jupyter-renderers-1.0.21 --signaturearchive c:\Users\Admin\AppData\Roaming\Code\CachedExtensionVSIXs\ms-toolsai.jupyter-renderers-1.0.21.sigzip
        7⤵
        Executes dropped EXE
        
        PID:4036
        
        \??\c:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\resources\app\node_modules\@vscode\vsce-sign\bin\vsce-sign.exe
        
        "c:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\resources\app\node_modules\@vscode\vsce-sign\bin\vsce-sign.exe" verify --package c:\Users\Admin\AppData\Roaming\Code\CachedExtensionVSIXs\ms-toolsai.jupyter-2024.11.0-win32-x64 --signaturearchive c:\Users\Admin\AppData\Roaming\Code\CachedExtensionVSIXs\ms-toolsai.jupyter-2024.11.0-win32-x64.sigzip
        7⤵
        Executes dropped EXE
        
        PID:2800
        
        \??\c:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\resources\app\node_modules\@vscode\vsce-sign\bin\vsce-sign.exe
        
        "c:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\resources\app\node_modules\@vscode\vsce-sign\bin\vsce-sign.exe" verify --package c:\Users\Admin\AppData\Roaming\Code\CachedExtensionVSIXs\ionide.ionide-fsharp-7.22.0 --signaturearchive c:\Users\Admin\AppData\Roaming\Code\CachedExtensionVSIXs\ionide.ionide-fsharp-7.22.0.sigzip
        7⤵
        Executes dropped EXE
        Network Service Discovery
        
        PID:5348
        
        \??\c:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\resources\app\node_modules\@vscode\vsce-sign\bin\vsce-sign.exe
        
        "c:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\resources\app\node_modules\@vscode\vsce-sign\bin\vsce-sign.exe" verify --package c:\Users\Admin\AppData\Roaming\Code\CachedExtensionVSIXs\ms-dotnettools.csharp-2.61.28-win32-x64 --signaturearchive c:\Users\Admin\AppData\Roaming\Code\CachedExtensionVSIXs\ms-dotnettools.csharp-2.61.28-win32-x64.sigzip
        7⤵
        Executes dropped EXE
        Network Service Discovery
        
        PID:7368
        
        \??\c:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\resources\app\node_modules\@vscode\vsce-sign\bin\vsce-sign.exe
        
        "c:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\resources\app\node_modules\@vscode\vsce-sign\bin\vsce-sign.exe" verify --package c:\Users\Admin\AppData\Roaming\Code\CachedExtensionVSIXs\ms-dotnettools.csdevkit-1.15.34-win32-x64 --signaturearchive c:\Users\Admin\AppData\Roaming\Code\CachedExtensionVSIXs\ms-dotnettools.csdevkit-1.15.34-win32-x64.sigzip
        7⤵
        Executes dropped EXE
        
        PID:11828
      - C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe
        
        "C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe" --type=utility --utility-sub-type=node.mojom.NodeService --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --user-data-dir="C:\Users\Admin\AppData\Roaming\Code" --standard-schemes=vscode-webview,vscode-file --enable-sandbox --secure-schemes=vscode-webview,vscode-file --cors-schemes=vscode-webview,vscode-file --fetch-schemes=vscode-webview,vscode-file --service-worker-schemes=vscode-webview --code-cache-schemes=vscode-webview,vscode-file --field-trial-handle=3828,i,7572927676434762253,4390245065614849917,262144 --disable-features=CalculateNativeWinOcclusion,PlzDedicatedWorker,SpareRendererForSitePerProcess,WinDelaySpellcheckServiceInit,WinRetrieveSuggestionsOnlyOnDemand --variations-seed-version --mojo-platform-channel-handle=3820 /prefetch:8
        6⤵
        Executes dropped EXE
        Loads dropped DLL
        
        PID:6028
      - C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe
        
        "C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe" --type=utility --utility-sub-type=node.mojom.NodeService --lang=en-US --service-sandbox-type=none --dns-result-order=ipv4first --inspect-port=0 --video-capture-use-gpu-memory-buffer --user-data-dir="C:\Users\Admin\AppData\Roaming\Code" --standard-schemes=vscode-webview,vscode-file --enable-sandbox --secure-schemes=vscode-webview,vscode-file --cors-schemes=vscode-webview,vscode-file --fetch-schemes=vscode-webview,vscode-file --service-worker-schemes=vscode-webview --code-cache-schemes=vscode-webview,vscode-file --field-trial-handle=3924,i,7572927676434762253,4390245065614849917,262144 --disable-features=CalculateNativeWinOcclusion,PlzDedicatedWorker,SpareRendererForSitePerProcess,WinDelaySpellcheckServiceInit,WinRetrieveSuggestionsOnlyOnDemand --variations-seed-version --mojo-platform-channel-handle=3904 /prefetch:8
        6⤵
        Checks computer location settings
        Executes dropped EXE
        Loads dropped DLL
        
        PID:4332
        
        C:\Windows\system32\cmd.exe
        
        C:\Windows\system32\cmd.exe /d /s /c "dotnet --info"
        7⤵
        
        PID:8920
        
        C:\Program Files\dotnet\dotnet.exe
        
        dotnet --info
        8⤵
        
        PID:9128
        
        C:\Windows\system32\cmd.exe
        
        C:\Windows\system32\cmd.exe /d /s /c "dotnet --list-runtimes"
        7⤵
        System Time Discovery
        
        PID:8980
        
        C:\Program Files\dotnet\dotnet.exe
        
        dotnet --list-runtimes
        8⤵
        System Time Discovery
        
        PID:9084
        
        C:\Windows\system32\cmd.exe
        
        C:\Windows\system32\cmd.exe /d /s /c "echo %PATH%"
        7⤵
        
        PID:9072
        
        C:\Windows\system32\taskkill.exe
        
        taskkill /pid 9072 /f /t
        7⤵
        
        PID:9060
        
        C:\Windows\system32\cmd.exe
        
        C:\Windows\system32\cmd.exe /d /s /c "where where"
        7⤵
        
        PID:11236
        
        C:\Windows\system32\where.exe
        
        where where
        8⤵
        
        PID:9116
        
        C:\Windows\system32\taskkill.exe
        
        taskkill /pid 11236 /f /t
        7⤵
        
        PID:12052
        
        C:\Windows\system32\cmd.exe
        
        C:\Windows\system32\cmd.exe /d /s /c "where dotnet"
        7⤵
        
        PID:12056
        
        C:\Windows\system32\where.exe
        
        where dotnet
        8⤵
        
        PID:3404
        
        C:\Windows\system32\taskkill.exe
        
        taskkill /pid 12056 /f /t
        7⤵
        
        PID:2272
        
        C:\Windows\system32\cmd.exe
        
        C:\Windows\system32\cmd.exe /d /s /c "chcp 65001"
        7⤵
        
        PID:8960
        
        C:\Windows\system32\chcp.com
        
        chcp 65001
        8⤵
        
        PID:7900
        
        C:\Windows\system32\taskkill.exe
        
        taskkill /pid 8960 /f /t
        7⤵
        Kills process with taskkill
        
        PID:8104
        
        C:\Windows\system32\cmd.exe
        
        C:\Windows\system32\cmd.exe /d /s /c "chcp 65001 | "C:\Program Files\dotnet\dotnet.exe" --list-runtimes"
        7⤵
        System Time Discovery
        
        PID:8176
        
        C:\Windows\system32\chcp.com
        
        chcp 65001
        8⤵
        
        PID:7588
        
        C:\Program Files\dotnet\dotnet.exe
        
        "C:\Program Files\dotnet\dotnet.exe" --list-runtimes
        8⤵
        System Time Discovery
        
        PID:7576
        
        C:\Windows\system32\taskkill.exe
        
        taskkill /pid 8176 /f /t
        7⤵
        
        PID:8188
        
        C:\Windows\system32\cmd.exe
        
        C:\Windows\system32\cmd.exe /d /s /c "chcp 65001"
        7⤵
        
        PID:6172
        
        C:\Windows\system32\chcp.com
        
        chcp 65001
        8⤵
        
        PID:9740
        
        C:\Windows\system32\taskkill.exe
        
        taskkill /pid 6172 /f /t
        7⤵
        Kills process with taskkill
        
        PID:9748
        
        C:\Windows\system32\cmd.exe
        
        C:\Windows\system32\cmd.exe /d /s /c "chcp 65001 | "C:\Program Files\dotnet\dotnet.exe" --list-runtimes"
        7⤵
        System Time Discovery
        
        PID:9744
        
        C:\Windows\system32\chcp.com
        
        chcp 65001
        8⤵
        
        PID:9692
        
        C:\Program Files\dotnet\dotnet.exe
        
        "C:\Program Files\dotnet\dotnet.exe" --list-runtimes
        8⤵
        
        PID:9532
        
        C:\Windows\system32\taskkill.exe
        
        taskkill /pid 9744 /f /t
        7⤵
        Kills process with taskkill
        
        PID:2836
        
        C:\Windows\system32\cmd.exe
        
        C:\Windows\system32\cmd.exe /d /s /c ""C:\Program Files\dotnet\dotnet.exe" --info"
        7⤵
        
        PID:7268
        
        C:\Program Files\dotnet\dotnet.exe
        
        "C:\Program Files\dotnet\dotnet.exe" --info
        8⤵
        
        PID:9888
        
        C:\Windows\system32\taskkill.exe
        
        taskkill /pid 7268 /f /t
        7⤵
        Kills process with taskkill
        
        PID:9932
        
        C:\Windows\system32\cmd.exe
        
        C:\Windows\system32\cmd.exe /d /s /c "chcp 65001"
        7⤵
        
        PID:9940
        
        C:\Windows\system32\chcp.com
        
        chcp 65001
        8⤵
        
        PID:10036
        
        C:\Windows\system32\taskkill.exe
        
        taskkill /pid 9940 /f /t
        7⤵
        
        PID:9908
        
        C:\Windows\system32\cmd.exe
        
        C:\Windows\system32\cmd.exe /d /s /c "chcp 65001 | "C:\Program Files\dotnet\dotnet.exe" --list-sdks"
        7⤵
        
        PID:10056
        
        C:\Windows\system32\chcp.com
        
        chcp 65001
        8⤵
        
        PID:10088
        
        C:\Program Files\dotnet\dotnet.exe
        
        "C:\Program Files\dotnet\dotnet.exe" --list-sdks
        8⤵
        
        PID:10064
        
        C:\Windows\system32\taskkill.exe
        
        taskkill /pid 10056 /f /t
        7⤵
        Kills process with taskkill
        
        PID:10112
        
        C:\Windows\system32\cmd.exe
        
        C:\Windows\system32\cmd.exe /d /s /c "echo %PATH%"
        7⤵
        
        PID:10156
        
        C:\Windows\system32\taskkill.exe
        
        taskkill /pid 10156 /f /t
        7⤵
        Kills process with taskkill
        
        PID:10208
        
        C:\Windows\system32\cmd.exe
        
        C:\Windows\system32\cmd.exe /d /s /c "where where"
        7⤵
        
        PID:10168
        
        C:\Windows\system32\where.exe
        
        where where
        8⤵
        
        PID:10932
        
        C:\Windows\system32\taskkill.exe
        
        taskkill /pid 10168 /f /t
        7⤵
        Kills process with taskkill
        
        PID:11036
        
        C:\Windows\system32\cmd.exe
        
        C:\Windows\system32\cmd.exe /d /s /c "where dotnet"
        7⤵
        
        PID:10956
        
        C:\Windows\system32\where.exe
        
        where dotnet
        8⤵
        
        PID:11000
        
        C:\Windows\system32\taskkill.exe
        
        taskkill /pid 10956 /f /t
        7⤵
        
        PID:5356
        
        C:\Windows\system32\cmd.exe
        
        C:\Windows\system32\cmd.exe /d /s /c "chcp 65001"
        7⤵
        
        PID:7204
        
        C:\Windows\system32\chcp.com
        
        chcp 65001
        8⤵
        
        PID:7292
        
        C:\Windows\system32\taskkill.exe
        
        taskkill /pid 7204 /f /t
        7⤵
        
        PID:7784
        
        C:\Windows\system32\cmd.exe
        
        C:\Windows\system32\cmd.exe /d /s /c "chcp 65001 | "C:\Program Files\dotnet\dotnet.exe" --list-runtimes"
        7⤵
        System Time Discovery
        
        PID:7624
        
        C:\Windows\system32\chcp.com
        
        chcp 65001
        8⤵
        
        PID:2844
        
        C:\Program Files\dotnet\dotnet.exe
        
        "C:\Program Files\dotnet\dotnet.exe" --list-runtimes
        8⤵
        System Time Discovery
        
        PID:7248
        
        C:\Windows\system32\taskkill.exe
        
        taskkill /pid 7624 /f /t
        7⤵
        Kills process with taskkill
        
        PID:6460
        
        C:\Windows\system32\cmd.exe
        
        C:\Windows\system32\cmd.exe /d /s /c "chcp 65001"
        7⤵
        
        PID:7344
        
        C:\Windows\system32\chcp.com
        
        chcp 65001
        8⤵
        
        PID:7400
        
        C:\Windows\system32\taskkill.exe
        
        taskkill /pid 7344 /f /t
        7⤵
        
        PID:8424
        
        C:\Windows\system32\cmd.exe
        
        C:\Windows\system32\cmd.exe /d /s /c "chcp 65001 | "C:\Program Files\dotnet\dotnet.exe" --list-runtimes"
        7⤵
        System Time Discovery
        
        PID:8432
        
        C:\Windows\system32\chcp.com
        
        chcp 65001
        8⤵
        
        PID:8032
        
        C:\Program Files\dotnet\dotnet.exe
        
        "C:\Program Files\dotnet\dotnet.exe" --list-runtimes
        8⤵
        
        PID:8808
        
        C:\Windows\system32\taskkill.exe
        
        taskkill /pid 8432 /f /t
        7⤵
        Kills process with taskkill
        
        PID:8368
        
        C:\Windows\system32\cmd.exe
        
        C:\Windows\system32\cmd.exe /d /s /c "chcp 65001"
        7⤵
        
        PID:7076
        
        C:\Windows\system32\chcp.com
        
        chcp 65001
        8⤵
        
        PID:8496
        
        C:\Windows\system32\taskkill.exe
        
        taskkill /pid 7076 /f /t
        7⤵
        
        PID:11292
        
        C:\Windows\system32\cmd.exe
        
        C:\Windows\system32\cmd.exe /d /s /c "chcp 65001 | "C:\Program Files\dotnet\dotnet.exe" --list-runtimes"
        7⤵
        
        PID:4800
        
        C:\Windows\system32\chcp.com
        
        chcp 65001
        8⤵
        
        PID:11712
        
        C:\Program Files\dotnet\dotnet.exe
        
        "C:\Program Files\dotnet\dotnet.exe" --list-runtimes
        8⤵
        
        PID:6552
        
        C:\Windows\system32\taskkill.exe
        
        taskkill /pid 4800 /f /t
        7⤵
        
        PID:5488
        
        C:\Windows\system32\cmd.exe
        
        C:\Windows\system32\cmd.exe /d /s /c ""C:\Program Files\dotnet\dotnet.exe" --info"
        7⤵
        
        PID:8200
        
        C:\Program Files\dotnet\dotnet.exe
        
        "C:\Program Files\dotnet\dotnet.exe" --info
        8⤵
        
        PID:11772
        
        C:\Windows\system32\taskkill.exe
        
        taskkill /pid 8200 /f /t
        7⤵
        Kills process with taskkill
        
        PID:11936
        
        C:\Windows\system32\cmd.exe
        
        C:\Windows\system32\cmd.exe /d /s /c "chcp 65001"
        7⤵
        
        PID:11944
        
        C:\Windows\system32\chcp.com
        
        chcp 65001
        8⤵
        
        PID:11804
        
        C:\Windows\system32\taskkill.exe
        
        taskkill /pid 11944 /f /t
        7⤵
        
        PID:11996
        
        C:\Windows\system32\cmd.exe
        
        C:\Windows\system32\cmd.exe /d /s /c "chcp 65001 | "C:\Program Files\dotnet\dotnet.exe" --list-sdks"
        7⤵
        
        PID:11832
        
        C:\Windows\System32\Conhost.exe
        
        \??\C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
        8⤵
        
        PID:11828
        
        C:\Windows\system32\chcp.com
        
        chcp 65001
        8⤵
        
        PID:12172
        
        C:\Program Files\dotnet\dotnet.exe
        
        "C:\Program Files\dotnet\dotnet.exe" --list-sdks
        8⤵
        
        PID:11916
        
        C:\Windows\system32\taskkill.exe
        
        taskkill /pid 11832 /f /t
        7⤵
        
        PID:11892
        
        C:\Windows\system32\cmd.exe
        
        C:\Windows\system32\cmd.exe /d /s /c "C:\Windows\System32\reg.exe query HKEY_LOCAL_MACHINE\SOFTWARE\dotnet\Setup\InstalledVersions\x64\sharedhost /v Path"
        7⤵
        
        PID:11880
        
        C:\Windows\System32\reg.exe
        
        C:\Windows\System32\reg.exe query HKEY_LOCAL_MACHINE\SOFTWARE\dotnet\Setup\InstalledVersions\x64\sharedhost /v Path
        8⤵
        
        PID:2112
        
        C:\Windows\system32\taskkill.exe
        
        taskkill /pid 11880 /f /t
        7⤵
        Kills process with taskkill
        
        PID:6820
        
        C:\Windows\system32\cmd.exe
        
        C:\Windows\system32\cmd.exe /d /s /c "chcp 65001"
        7⤵
        
        PID:5248
        
        C:\Windows\system32\chcp.com
        
        chcp 65001
        8⤵
        
        PID:1444
        
        C:\Windows\system32\taskkill.exe
        
        taskkill /pid 5248 /f /t
        7⤵
        
        PID:9600
        
        C:\Windows\system32\cmd.exe
        
        C:\Windows\system32\cmd.exe /d /s /c "chcp 65001 | "C:\Program Files\dotnet\dotnet.exe" --list-runtimes"
        7⤵
        System Time Discovery
        
        PID:4440
        
        C:\Windows\system32\chcp.com
        
        chcp 65001
        8⤵
        
        PID:3916
        
        C:\Program Files\dotnet\dotnet.exe
        
        "C:\Program Files\dotnet\dotnet.exe" --list-runtimes
        8⤵
        System Time Discovery
        
        PID:8508
        
        C:\Windows\system32\taskkill.exe
        
        taskkill /pid 4440 /f /t
        7⤵
        Kills process with taskkill
        
        PID:2632
        
        C:\Windows\system32\cmd.exe
        
        C:\Windows\system32\cmd.exe /d /s /c "chcp 65001"
        7⤵
        
        PID:11148
        
        C:\Windows\system32\chcp.com
        
        chcp 65001
        8⤵
        
        PID:4368
        
        C:\Windows\system32\taskkill.exe
        
        taskkill /pid 11148 /f /t
        7⤵
        Kills process with taskkill
        
        PID:10492
        
        C:\Windows\system32\cmd.exe
        
        C:\Windows\system32\cmd.exe /d /s /c "chcp 65001 | "C:\Program Files\dotnet\dotnet.exe" --list-runtimes"
        7⤵
        System Time Discovery
        
        PID:10484
        
        C:\Windows\system32\chcp.com
        
        chcp 65001
        8⤵
        
        PID:1892
        
        C:\Program Files\dotnet\dotnet.exe
        
        "C:\Program Files\dotnet\dotnet.exe" --list-runtimes
        8⤵
        System Time Discovery
        
        PID:10732
        
        C:\Windows\system32\taskkill.exe
        
        taskkill /pid 10484 /f /t
        7⤵
        Kills process with taskkill
        
        PID:10788
        
        C:\Windows\system32\cmd.exe
        
        C:\Windows\system32\cmd.exe /d /s /c ""C:\Program Files\dotnet\dotnet.exe" --info"
        7⤵
        
        PID:10784
        
        C:\Program Files\dotnet\dotnet.exe
        
        "C:\Program Files\dotnet\dotnet.exe" --info
        8⤵
        
        PID:1244
        
        C:\Windows\system32\taskkill.exe
        
        taskkill /pid 10784 /f /t
        7⤵
        
        PID:10736
        
        C:\Windows\system32\cmd.exe
        
        C:\Windows\system32\cmd.exe /d /s /c "chcp 65001"
        7⤵
        
        PID:10560
        
        C:\Windows\system32\chcp.com
        
        chcp 65001
        8⤵
        
        PID:6712
        
        C:\Windows\system32\taskkill.exe
        
        taskkill /pid 10560 /f /t
        7⤵
        
        PID:8080
        
        C:\Windows\system32\cmd.exe
        
        C:\Windows\system32\cmd.exe /d /s /c "chcp 65001 | "C:\Program Files\dotnet\dotnet.exe" --list-sdks"
        7⤵
        
        PID:3012
        
        C:\Windows\system32\chcp.com
        
        chcp 65001
        8⤵
        
        PID:10688
        
        C:\Program Files\dotnet\dotnet.exe
        
        "C:\Program Files\dotnet\dotnet.exe" --list-sdks
        8⤵
        
        PID:5832
        
        C:\Windows\system32\taskkill.exe
        
        taskkill /pid 3012 /f /t
        7⤵
        Kills process with taskkill
        
        PID:5328
        
        C:\Windows\system32\reg.exe
        
        C:\Windows\system32\reg.exe query "HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings"
        7⤵
        
        PID:2228
        
        C:\Windows\system32\cmd.exe
        
        C:\Windows\system32\cmd.exe /d /s /c "echo %PATH%"
        7⤵
        
        PID:5620
        
        C:\Windows\system32\taskkill.exe
        
        taskkill /pid 5620 /f /t
        7⤵
        
        PID:10852
        
        C:\Windows\system32\cmd.exe
        
        C:\Windows\system32\cmd.exe /d /s /c "where where"
        7⤵
        
        PID:10716
        
        C:\Windows\system32\where.exe
        
        where where
        8⤵
        
        PID:2092
        
        C:\Windows\system32\taskkill.exe
        
        taskkill /pid 10716 /f /t
        7⤵
        
        PID:7452
        
        C:\Windows\system32\cmd.exe
        
        C:\Windows\system32\cmd.exe /d /s /c "where dotnet"
        7⤵
        
        PID:5640
        
        C:\Windows\system32\where.exe
        
        where dotnet
        8⤵
        
        PID:4480
        
        C:\Windows\system32\taskkill.exe
        
        taskkill /pid 5640 /f /t
        7⤵
        
        PID:6232
        
        C:\Windows\system32\cmd.exe
        
        C:\Windows\system32\cmd.exe /d /s /c "chcp 65001"
        7⤵
        
        PID:12008
        
        C:\Windows\system32\chcp.com
        
        chcp 65001
        8⤵
        
        PID:10280
        
        C:\Windows\system32\taskkill.exe
        
        taskkill /pid 12008 /f /t
        7⤵
        Kills process with taskkill
        
        PID:10460
        
        C:\Windows\system32\cmd.exe
        
        C:\Windows\system32\cmd.exe /d /s /c "chcp 65001 | "C:\Program Files\dotnet\dotnet.exe" --list-runtimes"
        7⤵
        System Time Discovery
        
        PID:10452
        
        C:\Windows\system32\chcp.com
        
        chcp 65001
        8⤵
        
        PID:6412
        
        C:\Program Files\dotnet\dotnet.exe
        
        "C:\Program Files\dotnet\dotnet.exe" --list-runtimes
        8⤵
        System Time Discovery
        
        PID:7912
        
        C:\Windows\system32\taskkill.exe
        
        taskkill /pid 10452 /f /t
        7⤵
        
        PID:7932
        
        C:\Windows\system32\cmd.exe
        
        C:\Windows\system32\cmd.exe /d /s /c "chcp 65001"
        7⤵
        
        PID:7940
        
        C:\Windows\system32\chcp.com
        
        chcp 65001
        8⤵
        
        PID:9300
        
        C:\Windows\system32\taskkill.exe
        
        taskkill /pid 7940 /f /t
        7⤵
        
        PID:8772
        
        C:\Windows\system32\cmd.exe
        
        C:\Windows\system32\cmd.exe /d /s /c "chcp 65001 | "C:\Program Files\dotnet\dotnet.exe" --list-runtimes"
        7⤵
        System Time Discovery
        
        PID:8676
        
        C:\Windows\system32\chcp.com
        
        chcp 65001
        8⤵
        
        PID:11192
        
        C:\Program Files\dotnet\dotnet.exe
        
        "C:\Program Files\dotnet\dotnet.exe" --list-runtimes
        8⤵
        
        PID:11204
        
        C:\Windows\system32\taskkill.exe
        
        taskkill /pid 8676 /f /t
        7⤵
        
        PID:6560
        
        C:\Windows\system32\cmd.exe
        
        C:\Windows\system32\cmd.exe /d /s /c ""C:\Program Files\dotnet\dotnet.exe" --info"
        7⤵
        
        PID:4880
        
        C:\Program Files\dotnet\dotnet.exe
        
        "C:\Program Files\dotnet\dotnet.exe" --info
        8⤵
        
        PID:6176
        
        C:\Windows\system32\taskkill.exe
        
        taskkill /pid 4880 /f /t
        7⤵
        Kills process with taskkill
        
        PID:6932
        
        C:\Windows\system32\cmd.exe
        
        C:\Windows\system32\cmd.exe /d /s /c "chcp 65001"
        7⤵
        
        PID:6968
        
        C:\Windows\system32\chcp.com
        
        chcp 65001
        8⤵
        
        PID:8748
        
        C:\Windows\system32\taskkill.exe
        
        taskkill /pid 6968 /f /t
        7⤵
        Kills process with taskkill
        
        PID:6616
        
        C:\Windows\system32\cmd.exe
        
        C:\Windows\system32\cmd.exe /d /s /c "chcp 65001 | "C:\Program Files\dotnet\dotnet.exe" --list-sdks"
        7⤵
        
        PID:7092
        
        C:\Windows\system32\chcp.com
        
        chcp 65001
        8⤵
        
        PID:7068
        
        C:\Program Files\dotnet\dotnet.exe
        
        "C:\Program Files\dotnet\dotnet.exe" --list-sdks
        8⤵
        
        PID:6800
        
        C:\Windows\system32\taskkill.exe
        
        taskkill /pid 7092 /f /t
        7⤵
        
        PID:6788
        
        C:\Windows\system32\cmd.exe
        
        C:\Windows\system32\cmd.exe /d /s /c "echo %PATH%"
        7⤵
        
        PID:6364
        
        C:\Windows\system32\taskkill.exe
        
        taskkill /pid 6364 /f /t
        7⤵
        
        PID:7340
        
        C:\Windows\system32\cmd.exe
        
        C:\Windows\system32\cmd.exe /d /s /c "where where"
        7⤵
        
        PID:1416
        
        C:\Windows\system32\where.exe
        
        where where
        8⤵
        
        PID:5384
        
        C:\Windows\system32\taskkill.exe
        
        taskkill /pid 1416 /f /t
        7⤵
        
        PID:6732
        
        C:\Windows\system32\cmd.exe
        
        C:\Windows\system32\cmd.exe /d /s /c "where dotnet"
        7⤵
        
        PID:6624
        
        C:\Windows\system32\where.exe
        
        where dotnet
        8⤵
        
        PID:11248
        
        C:\Windows\system32\taskkill.exe
        
        taskkill /pid 6624 /f /t
        7⤵
        
        PID:7672
        
        C:\Windows\system32\cmd.exe
        
        C:\Windows\system32\cmd.exe /d /s /c "chcp 65001"
        7⤵
        
        PID:7664
        
        C:\Windows\system32\chcp.com
        
        chcp 65001
        8⤵
        
        PID:9008
        
        C:\Windows\system32\taskkill.exe
        
        taskkill /pid 7664 /f /t
        7⤵
        Kills process with taskkill
        
        PID:8864
        
        C:\Windows\System32\Conhost.exe
        
        \??\C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
        8⤵
        
        PID:8848
        
        C:\Windows\system32\cmd.exe
        
        C:\Windows\system32\cmd.exe /d /s /c "chcp 65001 | "C:\Program Files\dotnet\dotnet.exe" --list-runtimes"
        7⤵
        System Time Discovery
        
        PID:8888
        
        C:\Windows\system32\chcp.com
        
        chcp 65001
        8⤵
        
        PID:8892
        
        C:\Program Files\dotnet\dotnet.exe
        
        "C:\Program Files\dotnet\dotnet.exe" --list-runtimes
        8⤵
        System Time Discovery
        
        PID:8972
        
        C:\Windows\system32\taskkill.exe
        
        taskkill /pid 8888 /f /t
        7⤵
        
        PID:9132
        
        C:\Windows\system32\cmd.exe
        
        C:\Windows\system32\cmd.exe /d /s /c "chcp 65001"
        7⤵
        
        PID:9056
        
        C:\Windows\system32\chcp.com
        
        chcp 65001
        8⤵
        
        PID:7820
        
        C:\Windows\system32\taskkill.exe
        
        taskkill /pid 9056 /f /t
        7⤵
        
        PID:9116
        
        C:\Windows\system32\cmd.exe
        
        C:\Windows\system32\cmd.exe /d /s /c "chcp 65001 | "C:\Program Files\dotnet\dotnet.exe" --list-runtimes"
        7⤵
        System Time Discovery
        
        PID:9544
        
        C:\Windows\system32\chcp.com
        
        chcp 65001
        8⤵
        
        PID:12040
        
        C:\Program Files\dotnet\dotnet.exe
        
        "C:\Program Files\dotnet\dotnet.exe" --list-runtimes
        8⤵
        System Time Discovery
        
        PID:12024
        
        C:\Windows\system32\taskkill.exe
        
        taskkill /pid 9544 /f /t
        7⤵
        Kills process with taskkill
        
        PID:12060
        
        C:\Windows\system32\cmd.exe
        
        C:\Windows\system32\cmd.exe /d /s /c "chcp 65001"
        7⤵
        
        PID:4824
        
        C:\Windows\system32\chcp.com
        
        chcp 65001
        8⤵
        
        PID:8124
        
        C:\Windows\system32\taskkill.exe
        
        taskkill /pid 4824 /f /t
        7⤵
        
        PID:8960
        
        C:\Windows\system32\cmd.exe
        
        C:\Windows\system32\cmd.exe /d /s /c "chcp 65001 | "C:\Program Files\dotnet\dotnet.exe" --list-runtimes"
        7⤵
        
        PID:8660
        
        C:\Windows\system32\chcp.com
        
        chcp 65001
        8⤵
        
        PID:9584
        
        C:\Program Files\dotnet\dotnet.exe
        
        "C:\Program Files\dotnet\dotnet.exe" --list-runtimes
        8⤵
        System Time Discovery
        
        PID:6308
        
        C:\Windows\system32\taskkill.exe
        
        taskkill /pid 8660 /f /t
        7⤵
        
        PID:6384
        
        C:\Windows\system32\cmd.exe
        
        C:\Windows\system32\cmd.exe /d /s /c ""C:\Program Files\dotnet\dotnet.exe" --info"
        7⤵
        
        PID:7576
        
        C:\Program Files\dotnet\dotnet.exe
        
        "C:\Program Files\dotnet\dotnet.exe" --info
        8⤵
        
        PID:9244
        
        C:\Windows\system32\taskkill.exe
        
        taskkill /pid 7576 /f /t
        7⤵
        
        PID:7040
        
        C:\Windows\system32\cmd.exe
        
        C:\Windows\system32\cmd.exe /d /s /c "chcp 65001"
        7⤵
        
        PID:9704
        
        C:\Windows\system32\chcp.com
        
        chcp 65001
        8⤵
        
        PID:9804
        
        C:\Windows\system32\taskkill.exe
        
        taskkill /pid 9704 /f /t
        7⤵
        Kills process with taskkill
        
        PID:9780
        
        C:\Windows\system32\cmd.exe
        
        C:\Windows\system32\cmd.exe /d /s /c "chcp 65001 | "C:\Program Files\dotnet\dotnet.exe" --list-sdks"
        7⤵
        
        PID:7948
        
        C:\Windows\system32\chcp.com
        
        chcp 65001
        8⤵
        
        PID:9892
        
        C:\Program Files\dotnet\dotnet.exe
        
        "C:\Program Files\dotnet\dotnet.exe" --list-sdks
        8⤵
        
        PID:9916
        
        C:\Windows\system32\taskkill.exe
        
        taskkill /pid 7948 /f /t
        7⤵
        Kills process with taskkill
        
        PID:9852
        
        C:\Windows\system32\cmd.exe
        
        C:\Windows\system32\cmd.exe /d /s /c "C:\Windows\System32\reg.exe query HKEY_LOCAL_MACHINE\SOFTWARE\dotnet\Setup\InstalledVersions\x64\sharedhost /v Path"
        7⤵
        
        PID:9924
        
        C:\Windows\System32\reg.exe
        
        C:\Windows\System32\reg.exe query HKEY_LOCAL_MACHINE\SOFTWARE\dotnet\Setup\InstalledVersions\x64\sharedhost /v Path
        8⤵
        
        PID:9952
        
        C:\Windows\system32\taskkill.exe
        
        taskkill /pid 9924 /f /t
        7⤵
        
        PID:10004
        
        C:\Windows\system32\cmd.exe
        
        C:\Windows\system32\cmd.exe /d /s /c "chcp 65001"
        7⤵
        
        PID:10020
        
        C:\Windows\system32\chcp.com
        
        chcp 65001
        8⤵
        
        PID:9968
        
        C:\Windows\system32\taskkill.exe
        
        taskkill /pid 10020 /f /t
        7⤵
        
        PID:10000
        
        C:\Windows\system32\cmd.exe
        
        C:\Windows\system32\cmd.exe /d /s /c "chcp 65001 | "C:\Program Files\dotnet\dotnet.exe" --list-runtimes"
        7⤵
        System Time Discovery
        
        PID:9996
        
        C:\Windows\system32\chcp.com
        
        chcp 65001
        8⤵
        
        PID:1108
        
        C:\Program Files\dotnet\dotnet.exe
        
        "C:\Program Files\dotnet\dotnet.exe" --list-runtimes
        8⤵
        System Time Discovery
        
        PID:1112
        
        C:\Windows\system32\taskkill.exe
        
        taskkill /pid 9996 /f /t
        7⤵
        Kills process with taskkill
        
        PID:10220
        
        C:\Windows\system32\cmd.exe
        
        C:\Windows\system32\cmd.exe /d /s /c "chcp 65001"
        7⤵
        
        PID:10224
        
        C:\Windows\system32\chcp.com
        
        chcp 65001
        8⤵
        
        PID:10928
        
        C:\Windows\system32\taskkill.exe
        
        taskkill /pid 10224 /f /t
        7⤵
        
        PID:5872
        
        C:\Windows\system32\cmd.exe
        
        C:\Windows\system32\cmd.exe /d /s /c "chcp 65001 | "C:\Program Files\dotnet\dotnet.exe" --list-runtimes"
        7⤵
        
        PID:10936
        
        C:\Windows\system32\chcp.com
        
        chcp 65001
        8⤵
        
        PID:10952
        
        C:\Program Files\dotnet\dotnet.exe
        
        "C:\Program Files\dotnet\dotnet.exe" --list-runtimes
        8⤵
        System Time Discovery
        
        PID:11008
        
        C:\Windows\system32\taskkill.exe
        
        taskkill /pid 10936 /f /t
        7⤵
        Kills process with taskkill
        
        PID:10968
        
        C:\Windows\system32\cmd.exe
        
        C:\Windows\system32\cmd.exe /d /s /c ""C:\Program Files\dotnet\dotnet.exe" --info"
        7⤵
        
        PID:5988
        
        C:\Program Files\dotnet\dotnet.exe
        
        "C:\Program Files\dotnet\dotnet.exe" --info
        8⤵
        
        PID:7608
        
        C:\Windows\system32\taskkill.exe
        
        taskkill /pid 5988 /f /t
        7⤵
        
        PID:7172
        
        C:\Windows\system32\cmd.exe
        
        C:\Windows\system32\cmd.exe /d /s /c "chcp 65001"
        7⤵
        
        PID:7276
        
        C:\Windows\system32\chcp.com
        
        chcp 65001
        8⤵
        
        PID:7324
        
        C:\Windows\system32\taskkill.exe
        
        taskkill /pid 7276 /f /t
        7⤵
        
        PID:7720
        
        C:\Windows\system32\cmd.exe
        
        C:\Windows\system32\cmd.exe /d /s /c "chcp 65001 | "C:\Program Files\dotnet\dotnet.exe" --list-sdks"
        7⤵
        
        PID:7260
        
        C:\Windows\system32\chcp.com
        
        chcp 65001
        8⤵
        
        PID:7392
        
        C:\Program Files\dotnet\dotnet.exe
        
        "C:\Program Files\dotnet\dotnet.exe" --list-sdks
        8⤵
        
        PID:7344
        
        C:\Windows\system32\taskkill.exe
        
        taskkill /pid 7260 /f /t
        7⤵
        Kills process with taskkill
        
        PID:8256
        
        C:\Windows\system32\reg.exe
        
        C:\Windows\system32\reg.exe query "HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings"
        7⤵
        
        PID:8268
        
        C:\Windows\system32\reg.exe
        
        C:\Windows\system32\reg.exe query "HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings"
        7⤵
        
        PID:8736
        
        C:\Windows\system32\reg.exe
        
        C:\Windows\system32\reg.exe query "HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings"
        7⤵
        
        PID:11984
        
        C:\Windows\system32\reg.exe
        
        C:\Windows\system32\reg.exe query "HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings"
        7⤵
        
        PID:11960
        
        C:\Windows\system32\cmd.exe
        
        C:\Windows\system32\cmd.exe /d /s /c "powershell.exe"
        7⤵
        
        PID:11816
        
        C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
        
        powershell.exe
        8⤵
        Suspicious behavior: EnumeratesProcesses
        
        PID:12184
        
        C:\Windows\system32\taskkill.exe
        
        taskkill /pid 11816 /f /t
        7⤵
        
        PID:12216
        
        C:\Windows\system32\cmd.exe
        
        C:\Windows\system32\cmd.exe /d /s /c "powershell.exe -command $ExecutionContext.SessionState.LanguageMode"
        7⤵
        
        PID:12132
        
        C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
        
        powershell.exe -command $ExecutionContext.SessionState.LanguageMode
        8⤵
        Command and Scripting Interpreter: PowerShell
        Suspicious behavior: EnumeratesProcesses
        
        PID:12228
        
        C:\Windows\system32\cmd.exe
        
        C:\Windows\system32\cmd.exe /d /s /c "powershell.exe -NoProfile -NonInteractive -NoLogo -ExecutionPolicy unrestricted -Command "& { [Net.ServicePointManager]::SecurityProtocol = [Net.ServicePointManager]::SecurityProtocol -bor [Net.SecurityProtocolType]::Tls12; & 'c:\Users\Admin\.vscode\extensions\ms-dotnettools.vscode-dotnet-runtime-2.2.5\dist\install scripts\dotnet-install.ps1' -InstallDir 'c:\Users\Admin\AppData\Roaming\Code\User\globalStorage\ms-dotnettools.vscode-dotnet-runtime\.dotnet\8.0.12~x64' -Version 8.0.12 -Verbose -Runtime dotnet -Architecture x64 }""
        7⤵
        System Time Discovery
        
        PID:9428
        
        C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
        
        powershell.exe -NoProfile -NonInteractive -NoLogo -ExecutionPolicy unrestricted -Command "& { [Net.ServicePointManager]::SecurityProtocol = [Net.ServicePointManager]::SecurityProtocol -bor [Net.SecurityProtocolType]::Tls12; & 'c:\Users\Admin\.vscode\extensions\ms-dotnettools.vscode-dotnet-runtime-2.2.5\dist\install scripts\dotnet-install.ps1' -InstallDir 'c:\Users\Admin\AppData\Roaming\Code\User\globalStorage\ms-dotnettools.vscode-dotnet-runtime\.dotnet\8.0.12~x64' -Version 8.0.12 -Verbose -Runtime dotnet -Architecture x64 }"
        8⤵
        Blocklisted process makes network request
        Command and Scripting Interpreter: PowerShell
        System Time Discovery
        Suspicious behavior: EnumeratesProcesses
        
        PID:10484
        
        \??\c:\Users\Admin\.vscode\extensions\ms-dotnettools.csharp-2.61.28-win32-x64\.roslyn\Microsoft.CodeAnalysis.LanguageServer.exe
        
        c:\Users\Admin\.vscode\extensions\ms-dotnettools.csharp-2.61.28-win32-x64\.roslyn\Microsoft.CodeAnalysis.LanguageServer.exe --logLevel Information --razorSourceGenerator c:\Users\Admin\.vscode\extensions\ms-dotnettools.csharp-2.61.28-win32-x64\.razor\Microsoft.CodeAnalysis.Razor.Compiler.dll --razorDesignTimePath c:\Users\Admin\.vscode\extensions\ms-dotnettools.csharp-2.61.28-win32-x64\.razor\Targets\Microsoft.NET.Sdk.Razor.DesignTime.targets --devKitDependencyPath c:\Users\Admin\.vscode\extensions\ms-dotnettools.csharp-2.61.28-win32-x64\.roslynDevKit\Microsoft.VisualStudio.LanguageServices.DevKit.dll --sessionId 3646b101-cc8a-4644-9088-c7e64f0364ab1737053303318 --extension c:\Users\Admin\.vscode\extensions\ms-dotnettools.csharp-2.61.28-win32-x64\.xamlTools\Microsoft.VisualStudio.DesignTools.CodeAnalysis.dll --extension c:\Users\Admin\.vscode\extensions\ms-dotnettools.csharp-2.61.28-win32-x64\.xamlTools\Microsoft.VisualStudio.DesignTools.CodeAnalysis.Diagnostics.dll --telemetryLevel all --extensionLogDirectory c:\Users\Admin\AppData\Roaming\Code\logs\20250116T184821\window1\exthost\ms-dotnettools.csharp
        7⤵
        Checks computer location settings
        Executes dropped EXE
        Loads dropped DLL
        Network Service Discovery
        System Location Discovery: System Language Discovery
        Checks processor information in registry
        
        PID:9868
        
        C:\Windows\SYSTEM32\getmac.exe
        
        "getmac"
        8⤵
        
        PID:9968
        
        C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe
        
        "C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe" "c:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\resources\app\extensions\json-language-features\server\dist\node\jsonServerMain" --node-ipc --clientProcessId=4332
        7⤵
        Executes dropped EXE
        
        PID:1576
        
        C:\Program Files\dotnet\dotnet.exe
        
        dotnet --info
        7⤵
        
        PID:10860
      - C:\Windows\system32\cmd.exe
        
        C:\Windows\system32\cmd.exe /d /s /c "wsl.exe -l -q"
        6⤵
        
        PID:5356
      - C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe
        
        "C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe" --type=renderer --user-data-dir="C:\Users\Admin\AppData\Roaming\Code" --standard-schemes=vscode-webview,vscode-file --enable-sandbox --secure-schemes=vscode-webview,vscode-file --cors-schemes=vscode-webview,vscode-file --fetch-schemes=vscode-webview,vscode-file --service-worker-schemes=vscode-webview --code-cache-schemes=vscode-webview,vscode-file --app-user-model-id=Microsoft.VisualStudioCode --app-path="C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\resources\app" --enable-sandbox --enable-blink-features=HighlightAPI --disable-blink-features=FontMatchingCTMigration,StandardizedBrowserZoom, --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --field-trial-handle=4072,i,7572927676434762253,4390245065614849917,262144 --disable-features=CalculateNativeWinOcclusion,PlzDedicatedWorker,SpareRendererForSitePerProcess,WinDelaySpellcheckServiceInit,WinRetrieveSuggestionsOnlyOnDemand --variations-seed-version --mojo-platform-channel-handle=4080 --vscode-window-config=vscode:2d436cb0-1c2b-4f6b-8f62-9242d5c94014 /prefetch:1
        6⤵
        Checks computer location settings
        Executes dropped EXE
        Loads dropped DLL
        
        PID:3856
      - C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe
        
        "C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe" --type=renderer --user-data-dir="C:\Users\Admin\AppData\Roaming\Code" --standard-schemes=vscode-webview,vscode-file --enable-sandbox --secure-schemes=vscode-webview,vscode-file --cors-schemes=vscode-webview,vscode-file --fetch-schemes=vscode-webview,vscode-file --service-worker-schemes=vscode-webview --code-cache-schemes=vscode-webview,vscode-file --app-user-model-id=Microsoft.VisualStudioCode --app-path="C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\resources\app" --enable-sandbox --enable-blink-features=HighlightAPI --disable-blink-features=FontMatchingCTMigration,StandardizedBrowserZoom, --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --field-trial-handle=4412,i,7572927676434762253,4390245065614849917,262144 --disable-features=CalculateNativeWinOcclusion,PlzDedicatedWorker,SpareRendererForSitePerProcess,WinDelaySpellcheckServiceInit,WinRetrieveSuggestionsOnlyOnDemand --variations-seed-version --mojo-platform-channel-handle=4416 --vscode-window-config=vscode:2d436cb0-1c2b-4f6b-8f62-9242d5c94014 /prefetch:1
        6⤵
        Checks computer location settings
        Executes dropped EXE
        Loads dropped DLL
        
        PID:6276
      - C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe
        
        "C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe" --type=renderer --user-data-dir="C:\Users\Admin\AppData\Roaming\Code" --standard-schemes=vscode-webview,vscode-file --enable-sandbox --secure-schemes=vscode-webview,vscode-file --cors-schemes=vscode-webview,vscode-file --fetch-schemes=vscode-webview,vscode-file --service-worker-schemes=vscode-webview --code-cache-schemes=vscode-webview,vscode-file --app-user-model-id=Microsoft.VisualStudioCode --app-path="C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\resources\app" --enable-sandbox --enable-blink-features=HighlightAPI --disable-blink-features=FontMatchingCTMigration,StandardizedBrowserZoom, --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --field-trial-handle=4008,i,7572927676434762253,4390245065614849917,262144 --disable-features=CalculateNativeWinOcclusion,PlzDedicatedWorker,SpareRendererForSitePerProcess,WinDelaySpellcheckServiceInit,WinRetrieveSuggestionsOnlyOnDemand --variations-seed-version --mojo-platform-channel-handle=3888 --vscode-window-config=vscode:2d436cb0-1c2b-4f6b-8f62-9242d5c94014 /prefetch:1
        6⤵
        Checks computer location settings
        Executes dropped EXE
        Loads dropped DLL
        
        PID:7068
      - C:\Windows\system32\cmd.exe
        
        C:\Windows\system32\cmd.exe /d /s /c "wsl.exe -l -q"
        6⤵
        
        PID:6332
        
        C:\Windows\system32\wsl.exe
        
        wsl.exe -l -q
        7⤵
        
        PID:6636
      - C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe
        
        "C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe" --type=renderer --user-data-dir="C:\Users\Admin\AppData\Roaming\Code" --standard-schemes=vscode-webview,vscode-file --enable-sandbox --secure-schemes=vscode-webview,vscode-file --cors-schemes=vscode-webview,vscode-file --fetch-schemes=vscode-webview,vscode-file --service-worker-schemes=vscode-webview --code-cache-schemes=vscode-webview,vscode-file --app-user-model-id=Microsoft.VisualStudioCode --app-path="C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\resources\app" --enable-sandbox --enable-blink-features=HighlightAPI --disable-blink-features=FontMatchingCTMigration,StandardizedBrowserZoom, --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --field-trial-handle=4048,i,7572927676434762253,4390245065614849917,262144 --disable-features=CalculateNativeWinOcclusion,PlzDedicatedWorker,SpareRendererForSitePerProcess,WinDelaySpellcheckServiceInit,WinRetrieveSuggestionsOnlyOnDemand --variations-seed-version --mojo-platform-channel-handle=4108 --vscode-window-config=vscode:2d436cb0-1c2b-4f6b-8f62-9242d5c94014 /prefetch:1
        6⤵
        Checks computer location settings
        Executes dropped EXE
        Loads dropped DLL
        
        PID:6676
      - C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe
        
        "C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe" --type=renderer --user-data-dir="C:\Users\Admin\AppData\Roaming\Code" --standard-schemes=vscode-webview,vscode-file --enable-sandbox --secure-schemes=vscode-webview,vscode-file --cors-schemes=vscode-webview,vscode-file --fetch-schemes=vscode-webview,vscode-file --service-worker-schemes=vscode-webview --code-cache-schemes=vscode-webview,vscode-file --app-user-model-id=Microsoft.VisualStudioCode --app-path="C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\resources\app" --enable-sandbox --enable-blink-features=HighlightAPI --disable-blink-features=FontMatchingCTMigration,StandardizedBrowserZoom, --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --field-trial-handle=4000,i,7572927676434762253,4390245065614849917,262144 --disable-features=CalculateNativeWinOcclusion,PlzDedicatedWorker,SpareRendererForSitePerProcess,WinDelaySpellcheckServiceInit,WinRetrieveSuggestionsOnlyOnDemand --variations-seed-version --mojo-platform-channel-handle=3984 --vscode-window-config=vscode:2d436cb0-1c2b-4f6b-8f62-9242d5c94014 /prefetch:1
        6⤵
        Checks computer location settings
        Executes dropped EXE
        Loads dropped DLL
        
        PID:6712
      - C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe
        
        "C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.4355 --user-data-dir="C:\Users\Admin\AppData\Roaming\Code" --gpu-preferences=UAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAAAAAAAhAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAEAAAAAAAAAAIAAAAAAAAAAgAAAAAAAAA --field-trial-handle=4108,i,7572927676434762253,4390245065614849917,262144 --disable-features=CalculateNativeWinOcclusion,PlzDedicatedWorker,SpareRendererForSitePerProcess,WinDelaySpellcheckServiceInit,WinRetrieveSuggestionsOnlyOnDemand --variations-seed-version --mojo-platform-channel-handle=4528 /prefetch:8
        6⤵
        Executes dropped EXE
        Loads dropped DLL
        Suspicious behavior: EnumeratesProcesses
        
        PID:10648
      - C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe
        
        "C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe" --type=renderer --user-data-dir="C:\Users\Admin\AppData\Roaming\Code" --standard-schemes=vscode-webview,vscode-file --enable-sandbox --secure-schemes=vscode-webview,vscode-file --cors-schemes=vscode-webview,vscode-file --fetch-schemes=vscode-webview,vscode-file --service-worker-schemes=vscode-webview --code-cache-schemes=vscode-webview,vscode-file --app-user-model-id=Microsoft.VisualStudioCode --app-path="C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\resources\app" --enable-sandbox --enable-blink-features=HighlightAPI --disable-blink-features=FontMatchingCTMigration,StandardizedBrowserZoom, --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --field-trial-handle=3976,i,7572927676434762253,4390245065614849917,262144 --disable-features=CalculateNativeWinOcclusion,PlzDedicatedWorker,SpareRendererForSitePerProcess,WinDelaySpellcheckServiceInit,WinRetrieveSuggestionsOnlyOnDemand --variations-seed-version --mojo-platform-channel-handle=4444 --vscode-window-config=vscode:2d436cb0-1c2b-4f6b-8f62-9242d5c94014 /prefetch:1
        6⤵
        Checks computer location settings
        Executes dropped EXE
        Loads dropped DLL
        
        PID:10716
      - C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe
        
        "C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe" --type=renderer --user-data-dir="C:\Users\Admin\AppData\Roaming\Code" --standard-schemes=vscode-webview,vscode-file --enable-sandbox --secure-schemes=vscode-webview,vscode-file --cors-schemes=vscode-webview,vscode-file --fetch-schemes=vscode-webview,vscode-file --service-worker-schemes=vscode-webview --code-cache-schemes=vscode-webview,vscode-file --app-user-model-id=Microsoft.VisualStudioCode --app-path="C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\resources\app" --enable-sandbox --enable-blink-features=HighlightAPI --disable-blink-features=FontMatchingCTMigration,StandardizedBrowserZoom, --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --field-trial-handle=4912,i,7572927676434762253,4390245065614849917,262144 --disable-features=CalculateNativeWinOcclusion,PlzDedicatedWorker,SpareRendererForSitePerProcess,WinDelaySpellcheckServiceInit,WinRetrieveSuggestionsOnlyOnDemand --variations-seed-version --mojo-platform-channel-handle=4908 --vscode-window-config=vscode:2d436cb0-1c2b-4f6b-8f62-9242d5c94014 /prefetch:1
        6⤵
        Checks computer location settings
        Executes dropped EXE
        Loads dropped DLL
        
        PID:10552
      - C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe
        
        "C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe" --type=renderer --user-data-dir="C:\Users\Admin\AppData\Roaming\Code" --standard-schemes=vscode-webview,vscode-file --enable-sandbox --secure-schemes=vscode-webview,vscode-file --cors-schemes=vscode-webview,vscode-file --fetch-schemes=vscode-webview,vscode-file --service-worker-schemes=vscode-webview --code-cache-schemes=vscode-webview,vscode-file --app-user-model-id=Microsoft.VisualStudioCode --app-path="C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\resources\app" --enable-sandbox --enable-blink-features=HighlightAPI --disable-blink-features=FontMatchingCTMigration,StandardizedBrowserZoom, --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --field-trial-handle=4444,i,7572927676434762253,4390245065614849917,262144 --disable-features=CalculateNativeWinOcclusion,PlzDedicatedWorker,SpareRendererForSitePerProcess,WinDelaySpellcheckServiceInit,WinRetrieveSuggestionsOnlyOnDemand --variations-seed-version --mojo-platform-channel-handle=4640 --vscode-window-config=vscode:2d436cb0-1c2b-4f6b-8f62-9242d5c94014 /prefetch:1
        6⤵
        Checks computer location settings
        Executes dropped EXE
        Loads dropped DLL
        
        PID:10344
      - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://marketplace.visualstudio.com/items?itemName=ms-dotnettools.csdevkit
        6⤵
        Enumerates system info in registry
        Suspicious behavior: EnumeratesProcesses
        Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
        Suspicious use of FindShellTrayWindow
        
        PID:8120
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x140,0x144,0x148,0x11c,0x14c,0x7ffb70be46f8,0x7ffb70be4708,0x7ffb70be4718
        7⤵
        
        PID:7880
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2136,17525615422706978323,14299705920869106469,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2128 /prefetch:2
        7⤵
        
        PID:7924
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2136,17525615422706978323,14299705920869106469,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2392 /prefetch:3
        7⤵
        Suspicious behavior: EnumeratesProcesses
        
        PID:7916
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2136,17525615422706978323,14299705920869106469,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2952 /prefetch:8
        7⤵
        
        PID:9552
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,17525615422706978323,14299705920869106469,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3748 /prefetch:1
        7⤵
        
        PID:8780
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,17525615422706978323,14299705920869106469,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3756 /prefetch:1
        7⤵
        
        PID:8672
      - C:\Windows\system32\cmd.exe
        
        C:\Windows\system32\cmd.exe /d /s /c "wsl.exe -l -q"
        6⤵
        
        PID:10116
        
        C:\Windows\system32\wsl.exe
        
        wsl.exe -l -q
        7⤵
        
        PID:10208
      - C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe
        
        "C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe" --type=renderer --user-data-dir="C:\Users\Admin\AppData\Roaming\Code" --standard-schemes=vscode-webview,vscode-file --enable-sandbox --secure-schemes=vscode-webview,vscode-file --cors-schemes=vscode-webview,vscode-file --fetch-schemes=vscode-webview,vscode-file --service-worker-schemes=vscode-webview --code-cache-schemes=vscode-webview,vscode-file --app-user-model-id=Microsoft.VisualStudioCode --app-path="C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\resources\app" --enable-sandbox --enable-blink-features=HighlightAPI --disable-blink-features=FontMatchingCTMigration,StandardizedBrowserZoom, --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --field-trial-handle=4560,i,7572927676434762253,4390245065614849917,262144 --disable-features=CalculateNativeWinOcclusion,PlzDedicatedWorker,SpareRendererForSitePerProcess,WinDelaySpellcheckServiceInit,WinRetrieveSuggestionsOnlyOnDemand --variations-seed-version --mojo-platform-channel-handle=4460 --vscode-window-config=vscode:2d436cb0-1c2b-4f6b-8f62-9242d5c94014 /prefetch:1
        6⤵
        Executes dropped EXE
        Loads dropped DLL
        
        PID:10996
      - C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe
        
        "C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe" --type=renderer --user-data-dir="C:\Users\Admin\AppData\Roaming\Code" --standard-schemes=vscode-webview,vscode-file --enable-sandbox --secure-schemes=vscode-webview,vscode-file --cors-schemes=vscode-webview,vscode-file --fetch-schemes=vscode-webview,vscode-file --service-worker-schemes=vscode-webview --code-cache-schemes=vscode-webview,vscode-file --app-user-model-id=Microsoft.VisualStudioCode --app-path="C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\resources\app" --enable-sandbox --enable-blink-features=HighlightAPI --disable-blink-features=FontMatchingCTMigration,StandardizedBrowserZoom, --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --field-trial-handle=5044,i,7572927676434762253,4390245065614849917,262144 --disable-features=CalculateNativeWinOcclusion,PlzDedicatedWorker,SpareRendererForSitePerProcess,WinDelaySpellcheckServiceInit,WinRetrieveSuggestionsOnlyOnDemand --variations-seed-version --mojo-platform-channel-handle=4448 --vscode-window-config=vscode:2d436cb0-1c2b-4f6b-8f62-9242d5c94014 /prefetch:1
        6⤵
        Checks computer location settings
        Executes dropped EXE
        Loads dropped DLL
        
        PID:10976
      - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://marketplace.visualstudio.com/_apis/public/gallery/publishers/ms-dotnettools/vsextensions/vscode-dotnet-pack/1.0.13/vspackage
        6⤵
        Enumerates system info in registry
        Suspicious behavior: EnumeratesProcesses
        Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
        Suspicious use of FindShellTrayWindow
        
        PID:6452
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x144,0x148,0x14c,0x120,0x150,0x7ffb70be46f8,0x7ffb70be4708,0x7ffb70be4718
        7⤵
        
        PID:7368
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2216,12594766186304029984,8215065265703533909,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2232 /prefetch:2
        7⤵
        
        PID:8448
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2216,12594766186304029984,8215065265703533909,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2284 /prefetch:3
        7⤵
        Suspicious behavior: EnumeratesProcesses
        
        PID:8480
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2216,12594766186304029984,8215065265703533909,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=3040 /prefetch:8
        7⤵
        
        PID:8684
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2216,12594766186304029984,8215065265703533909,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3408 /prefetch:1
        7⤵
        
        PID:8736
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2216,12594766186304029984,8215065265703533909,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3416 /prefetch:1
        7⤵
        
        PID:9228
        
        C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2216,12594766186304029984,8215065265703533909,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5460 /prefetch:8
        7⤵
        
        PID:11296
        
        C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2216,12594766186304029984,8215065265703533909,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5460 /prefetch:8
        7⤵
        Suspicious behavior: EnumeratesProcesses
        
        PID:11420
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=2216,12594766186304029984,8215065265703533909,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=5756 /prefetch:8
        7⤵
        
        PID:11520
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2216,12594766186304029984,8215065265703533909,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5780 /prefetch:1
        7⤵
        
        PID:11528
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2216,12594766186304029984,8215065265703533909,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5536 /prefetch:1
        7⤵
        
        PID:1492
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2216,12594766186304029984,8215065265703533909,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4116 /prefetch:1
        7⤵
        
        PID:5148
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2216,12594766186304029984,8215065265703533909,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3620 /prefetch:1
        7⤵
        
        PID:3664
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2216,12594766186304029984,8215065265703533909,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4424 /prefetch:1
        7⤵
        
        PID:6956
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2216,12594766186304029984,8215065265703533909,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6524 /prefetch:1
        7⤵
        
        PID:6980
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2216,12594766186304029984,8215065265703533909,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5152 /prefetch:8
        7⤵
        Suspicious behavior: EnumeratesProcesses
        
        PID:12100
      - C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe
        
        "C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe" --type=renderer --user-data-dir="C:\Users\Admin\AppData\Roaming\Code" --standard-schemes=vscode-webview,vscode-file --enable-sandbox --secure-schemes=vscode-webview,vscode-file --cors-schemes=vscode-webview,vscode-file --fetch-schemes=vscode-webview,vscode-file --service-worker-schemes=vscode-webview --code-cache-schemes=vscode-webview,vscode-file --app-user-model-id=Microsoft.VisualStudioCode --app-path="C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\resources\app" --enable-sandbox --enable-blink-features=HighlightAPI --disable-blink-features=FontMatchingCTMigration,StandardizedBrowserZoom, --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --field-trial-handle=4988,i,7572927676434762253,4390245065614849917,262144 --disable-features=CalculateNativeWinOcclusion,PlzDedicatedWorker,SpareRendererForSitePerProcess,WinDelaySpellcheckServiceInit,WinRetrieveSuggestionsOnlyOnDemand --variations-seed-version --mojo-platform-channel-handle=5024 --vscode-window-config=vscode:2d436cb0-1c2b-4f6b-8f62-9242d5c94014 /prefetch:1
        6⤵
        Executes dropped EXE
        
        PID:7680
      - C:\Windows\system32\cmd.exe
        
        C:\Windows\system32\cmd.exe /d /s /c "wsl.exe -l -q"
        6⤵
        
        PID:8888
        
        C:\Windows\system32\wsl.exe
        
        wsl.exe -l -q
        7⤵
        
        PID:8848
      - C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe
        
        "C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe" --type=renderer --user-data-dir="C:\Users\Admin\AppData\Roaming\Code" --standard-schemes=vscode-webview,vscode-file --enable-sandbox --secure-schemes=vscode-webview,vscode-file --cors-schemes=vscode-webview,vscode-file --fetch-schemes=vscode-webview,vscode-file --service-worker-schemes=vscode-webview --code-cache-schemes=vscode-webview,vscode-file --app-user-model-id=Microsoft.VisualStudioCode --app-path="C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\resources\app" --enable-sandbox --enable-blink-features=HighlightAPI --disable-blink-features=FontMatchingCTMigration,StandardizedBrowserZoom, --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --field-trial-handle=4608,i,7572927676434762253,4390245065614849917,262144 --disable-features=CalculateNativeWinOcclusion,PlzDedicatedWorker,SpareRendererForSitePerProcess,WinDelaySpellcheckServiceInit,WinRetrieveSuggestionsOnlyOnDemand --variations-seed-version --mojo-platform-channel-handle=4676 --vscode-window-config=vscode:2d436cb0-1c2b-4f6b-8f62-9242d5c94014 /prefetch:1
        6⤵
        Checks computer location settings
        Executes dropped EXE
        
        PID:10276
      - C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe
        
        "C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe" --type=utility --utility-sub-type=node.mojom.NodeService --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --user-data-dir="C:\Users\Admin\AppData\Roaming\Code" --standard-schemes=vscode-webview,vscode-file --enable-sandbox --secure-schemes=vscode-webview,vscode-file --cors-schemes=vscode-webview,vscode-file --fetch-schemes=vscode-webview,vscode-file --service-worker-schemes=vscode-webview --code-cache-schemes=vscode-webview,vscode-file --field-trial-handle=5004,i,7572927676434762253,4390245065614849917,262144 --disable-features=CalculateNativeWinOcclusion,PlzDedicatedWorker,SpareRendererForSitePerProcess,WinDelaySpellcheckServiceInit,WinRetrieveSuggestionsOnlyOnDemand --variations-seed-version --mojo-platform-channel-handle=4736 /prefetch:8
        6⤵
        Executes dropped EXE
        
        PID:11056

C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
1⤵
PID:11168

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:188

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:10536

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:9460

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:7076

C:\Windows\system32\OpenWith.exe
C:\Windows\system32\OpenWith.exe -Embedding
1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:6352
- C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe
  "C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe" "C:\Users\Admin\Downloads\ms-dotnettools.vscode-dotnet-pack-1.0.13.vsix"
  2⤵
  - Checks computer location settings
  - Executes dropped EXE
  - Loads dropped DLL
  PID:2148
- - C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe
    "C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe" --type=crashpad-handler --user-data-dir=C:\Users\Admin\AppData\Roaming\Code /prefetch:4 --no-rate-limit --monitor-self-annotation=ptype=crashpad-handler --database=C:\Users\Admin\AppData\Roaming\Code\Crashpad --url=appcenter://code?aid=a4e3233c-699c-46ec-b4f4-9c2a77254662&uid=ef6f41dd-eeff-4493-850f-f698dd9de73c&iid=ef6f41dd-eeff-4493-850f-f698dd9de73c&sid=ef6f41dd-eeff-4493-850f-f698dd9de73c --annotation=_companyName=Microsoft --annotation=_productName=VSCode --annotation=_version=1.96.3 --annotation=plat=Win64 --annotation=prod=Electron --annotation=ver=32.2.6 --initial-client-data=0x48c,0x490,0x494,0x488,0x498,0x7ff7a38060b8,0x7ff7a38060c4,0x7ff7a38060d0
    3⤵
    - Executes dropped EXE
    - Loads dropped DLL
    PID:12244
- - C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe
    "C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe" --type=gpu-process --user-data-dir="C:\Users\Admin\AppData\Roaming\Code" --gpu-preferences=UAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAAAAAAABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAEAAAAAAAAAAIAAAAAAAAAAgAAAAAAAAA --field-trial-handle=1832,i,2210030981294759295,11176676617823758961,262144 --disable-features=CalculateNativeWinOcclusion,PlzDedicatedWorker,SpareRendererForSitePerProcess,WinDelaySpellcheckServiceInit,WinRetrieveSuggestionsOnlyOnDemand --variations-seed-version --mojo-platform-channel-handle=1824 /prefetch:2
    3⤵
    - Executes dropped EXE
    - Loads dropped DLL
    PID:10700
- - C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe
    "C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --user-data-dir="C:\Users\Admin\AppData\Roaming\Code" --standard-schemes=vscode-webview,vscode-file --enable-sandbox --secure-schemes=vscode-webview,vscode-file --cors-schemes=vscode-webview,vscode-file --fetch-schemes=vscode-webview,vscode-file --service-worker-schemes=vscode-webview --code-cache-schemes=vscode-webview,vscode-file --field-trial-handle=2360,i,2210030981294759295,11176676617823758961,262144 --disable-features=CalculateNativeWinOcclusion,PlzDedicatedWorker,SpareRendererForSitePerProcess,WinDelaySpellcheckServiceInit,WinRetrieveSuggestionsOnlyOnDemand --variations-seed-version --mojo-platform-channel-handle=2356 /prefetch:3
    3⤵
    - Executes dropped EXE
    - Loads dropped DLL
    PID:10720

C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe
"C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe" "C:\Users\Admin\Desktop\Fableborne-Crypto-Bot-Crypto-Game-Auto-Farm-Clicker-Cheat-Token-Hack-Api-fableborne\Fableborne-Robot.sln"
1⤵
- Checks computer location settings
- Executes dropped EXE
- Drops file in Windows directory
- Checks processor information in registry
- Modifies registry class
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:9600
- C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe
  "C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe" --type=crashpad-handler --user-data-dir=C:\Users\Admin\AppData\Roaming\Code /prefetch:4 --no-rate-limit --monitor-self-annotation=ptype=crashpad-handler --database=C:\Users\Admin\AppData\Roaming\Code\Crashpad --url=appcenter://code?aid=a4e3233c-699c-46ec-b4f4-9c2a77254662&uid=ef6f41dd-eeff-4493-850f-f698dd9de73c&iid=ef6f41dd-eeff-4493-850f-f698dd9de73c&sid=ef6f41dd-eeff-4493-850f-f698dd9de73c --annotation=_companyName=Microsoft --annotation=_productName=VSCode --annotation=_version=1.96.3 --annotation=plat=Win64 --annotation=prod=Electron --annotation=ver=32.2.6 --initial-client-data=0x474,0x478,0x47c,0x470,0x480,0x7ff7a38060b8,0x7ff7a38060c4,0x7ff7a38060d0
  2⤵
  - Executes dropped EXE
  PID:7380
- C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe
  "C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe" --type=gpu-process --user-data-dir="C:\Users\Admin\AppData\Roaming\Code" --gpu-preferences=UAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAAAAAAABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAEAAAAAAAAAAIAAAAAAAAAAgAAAAAAAAA --field-trial-handle=1848,i,1042497478286513560,8234979831247775611,262144 --disable-features=CalculateNativeWinOcclusion,PlzDedicatedWorker,SpareRendererForSitePerProcess,WinDelaySpellcheckServiceInit,WinRetrieveSuggestionsOnlyOnDemand --variations-seed-version --mojo-platform-channel-handle=1836 /prefetch:2
  2⤵
  - Executes dropped EXE
  PID:8220
- C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe
  "C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --user-data-dir="C:\Users\Admin\AppData\Roaming\Code" --standard-schemes=vscode-webview,vscode-file --enable-sandbox --secure-schemes=vscode-webview,vscode-file --cors-schemes=vscode-webview,vscode-file --fetch-schemes=vscode-webview,vscode-file --service-worker-schemes=vscode-webview --code-cache-schemes=vscode-webview,vscode-file --field-trial-handle=2364,i,1042497478286513560,8234979831247775611,262144 --disable-features=CalculateNativeWinOcclusion,PlzDedicatedWorker,SpareRendererForSitePerProcess,WinDelaySpellcheckServiceInit,WinRetrieveSuggestionsOnlyOnDemand --variations-seed-version --mojo-platform-channel-handle=2360 /prefetch:3
  2⤵
  - Executes dropped EXE
  PID:8428
- C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe
  "C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe" --type=renderer --user-data-dir="C:\Users\Admin\AppData\Roaming\Code" --standard-schemes=vscode-webview,vscode-file --enable-sandbox --secure-schemes=vscode-webview,vscode-file --cors-schemes=vscode-webview,vscode-file --fetch-schemes=vscode-webview,vscode-file --service-worker-schemes=vscode-webview --code-cache-schemes=vscode-webview,vscode-file --app-user-model-id=Microsoft.VisualStudioCode --app-path="C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\resources\app" --enable-sandbox --enable-blink-features=HighlightAPI --disable-blink-features=FontMatchingCTMigration,StandardizedBrowserZoom, --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=4 --field-trial-handle=3184,i,1042497478286513560,8234979831247775611,262144 --disable-features=CalculateNativeWinOcclusion,PlzDedicatedWorker,SpareRendererForSitePerProcess,WinDelaySpellcheckServiceInit,WinRetrieveSuggestionsOnlyOnDemand --variations-seed-version --mojo-platform-channel-handle=3180 --vscode-window-config=vscode:1b32411e-8e39-4e46-9049-ed4722a54b49 /prefetch:1
  2⤵
  - Checks computer location settings
  - Executes dropped EXE
  PID:6556
- C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe
  "C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe" --type=utility --utility-sub-type=node.mojom.NodeService --lang=en-US --service-sandbox-type=none --dns-result-order=ipv4first --inspect-port=0 --video-capture-use-gpu-memory-buffer --user-data-dir="C:\Users\Admin\AppData\Roaming\Code" --standard-schemes=vscode-webview,vscode-file --enable-sandbox --secure-schemes=vscode-webview,vscode-file --cors-schemes=vscode-webview,vscode-file --fetch-schemes=vscode-webview,vscode-file --service-worker-schemes=vscode-webview --code-cache-schemes=vscode-webview,vscode-file --field-trial-handle=2640,i,1042497478286513560,8234979831247775611,262144 --disable-features=CalculateNativeWinOcclusion,PlzDedicatedWorker,SpareRendererForSitePerProcess,WinDelaySpellcheckServiceInit,WinRetrieveSuggestionsOnlyOnDemand --variations-seed-version --mojo-platform-channel-handle=2652 /prefetch:8
  2⤵
  - Checks computer location settings
  - Executes dropped EXE
  PID:11940
- C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe
  "C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe" --type=utility --utility-sub-type=node.mojom.NodeService --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --user-data-dir="C:\Users\Admin\AppData\Roaming\Code" --standard-schemes=vscode-webview,vscode-file --enable-sandbox --secure-schemes=vscode-webview,vscode-file --cors-schemes=vscode-webview,vscode-file --fetch-schemes=vscode-webview,vscode-file --service-worker-schemes=vscode-webview --code-cache-schemes=vscode-webview,vscode-file --field-trial-handle=3900,i,1042497478286513560,8234979831247775611,262144 --disable-features=CalculateNativeWinOcclusion,PlzDedicatedWorker,SpareRendererForSitePerProcess,WinDelaySpellcheckServiceInit,WinRetrieveSuggestionsOnlyOnDemand --variations-seed-version --mojo-platform-channel-handle=3852 /prefetch:8
  2⤵
  - Checks computer location settings
  - Executes dropped EXE
  PID:8736
- - \??\c:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\bin\code-tunnel.exe
    "c:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\bin\code-tunnel.exe" tunnel status
    3⤵
    - Executes dropped EXE
    PID:3228
- C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe
  "C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe" --type=utility --utility-sub-type=node.mojom.NodeService --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --user-data-dir="C:\Users\Admin\AppData\Roaming\Code" --standard-schemes=vscode-webview,vscode-file --enable-sandbox --secure-schemes=vscode-webview,vscode-file --cors-schemes=vscode-webview,vscode-file --fetch-schemes=vscode-webview,vscode-file --service-worker-schemes=vscode-webview --code-cache-schemes=vscode-webview,vscode-file --field-trial-handle=3952,i,1042497478286513560,8234979831247775611,262144 --disable-features=CalculateNativeWinOcclusion,PlzDedicatedWorker,SpareRendererForSitePerProcess,WinDelaySpellcheckServiceInit,WinRetrieveSuggestionsOnlyOnDemand --variations-seed-version --mojo-platform-channel-handle=3948 /prefetch:8
  2⤵
  - Executes dropped EXE
  PID:11604
- C:\Windows\system32\cmd.exe
  C:\Windows\system32\cmd.exe /d /s /c "wsl.exe -l -q"
  2⤵
  PID:2668
- - C:\Windows\system32\wsl.exe
    wsl.exe -l -q
    3⤵
    PID:8504
- C:\Windows\system32\cmd.exe
  C:\Windows\system32\cmd.exe /d /s /c "wsl.exe -l -q"
  2⤵
  PID:2092
- - C:\Windows\system32\wsl.exe
    wsl.exe -l -q
    3⤵
    PID:1420
- C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe
  "C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe" --type=utility --utility-sub-type=node.mojom.NodeService --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --user-data-dir="C:\Users\Admin\AppData\Roaming\Code" --standard-schemes=vscode-webview,vscode-file --enable-sandbox --secure-schemes=vscode-webview,vscode-file --cors-schemes=vscode-webview,vscode-file --fetch-schemes=vscode-webview,vscode-file --service-worker-schemes=vscode-webview --code-cache-schemes=vscode-webview,vscode-file --field-trial-handle=3820,i,1042497478286513560,8234979831247775611,262144 --disable-features=CalculateNativeWinOcclusion,PlzDedicatedWorker,SpareRendererForSitePerProcess,WinDelaySpellcheckServiceInit,WinRetrieveSuggestionsOnlyOnDemand --variations-seed-version --mojo-platform-channel-handle=3848 /prefetch:8
  2⤵
  - Executes dropped EXE
  PID:7600
- C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe
  "C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe" --type=utility --utility-sub-type=node.mojom.NodeService --lang=en-US --service-sandbox-type=none --dns-result-order=ipv4first --inspect-port=0 --video-capture-use-gpu-memory-buffer --user-data-dir="C:\Users\Admin\AppData\Roaming\Code" --standard-schemes=vscode-webview,vscode-file --enable-sandbox --secure-schemes=vscode-webview,vscode-file --cors-schemes=vscode-webview,vscode-file --fetch-schemes=vscode-webview,vscode-file --service-worker-schemes=vscode-webview --code-cache-schemes=vscode-webview,vscode-file --field-trial-handle=4008,i,1042497478286513560,8234979831247775611,262144 --disable-features=CalculateNativeWinOcclusion,PlzDedicatedWorker,SpareRendererForSitePerProcess,WinDelaySpellcheckServiceInit,WinRetrieveSuggestionsOnlyOnDemand --variations-seed-version --mojo-platform-channel-handle=3856 /prefetch:8
  2⤵
  - Checks computer location settings
  - Executes dropped EXE
  PID:1916
- - \??\c:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\resources\app\node_modules\@vscode\ripgrep\bin\rg.exe
    "c:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\resources\app\node_modules\@vscode\ripgrep\bin\rg.exe" --files --hidden --case-sensitive --no-require-git -g **/*.fs -g **/*.fsproj -g **/*.fsx -g **/*.sln -g !**/.git -g !**/.svn -g !**/.hg -g !**/CVS -g !**/.DS_Store -g !**/Thumbs.db -g !**/node_modules -g !**/bower_components -g !**/*.code-search --no-ignore-parent --follow --quiet --no-config --no-ignore-global
    3⤵
    - Executes dropped EXE
    PID:11480
- - \??\c:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\resources\app\node_modules\@vscode\ripgrep\bin\rg.exe
    "c:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\resources\app\node_modules\@vscode\ripgrep\bin\rg.exe" --files --hidden --case-sensitive --no-require-git -g **/*.csproj -g !**/.git -g !**/.svn -g !**/.hg -g !**/CVS -g !**/.DS_Store -g !**/Thumbs.db -g !**/node_modules -g !**/bower_components -g !**/*.code-search --no-ignore-parent --follow --quiet --no-config --no-ignore-global
    3⤵
    - Executes dropped EXE
    PID:9260
- - \??\c:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\resources\app\node_modules\@vscode\ripgrep\bin\rg.exe
    "c:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\resources\app\node_modules\@vscode\ripgrep\bin\rg.exe" --files --hidden --case-sensitive --no-require-git -g **/*.{csproj,csx,cake} -g !**/.git -g !**/.svn -g !**/.hg -g !**/CVS -g !**/.DS_Store -g !**/Thumbs.db -g !**/node_modules -g !**/bower_components -g !**/*.code-search --no-ignore-parent --follow --quiet --no-config --no-ignore-global
    3⤵
    - Executes dropped EXE
    PID:9380
- - C:\Windows\system32\cmd.exe
    cmd /C where dotnet
    3⤵
    PID:8324
  - - C:\Windows\system32\where.exe
      where dotnet
      4⤵
      PID:8468
- - C:\Windows\system32\cmd.exe
    cmd /C where dotnet
    3⤵
    PID:9208
  - - C:\Windows\system32\where.exe
      where dotnet
      4⤵
      PID:8068
- - C:\Windows\system32\cmd.exe
    C:\Windows\system32\cmd.exe /d /s /c "echo %PATH%"
    3⤵
    PID:6492
- - C:\Windows\system32\taskkill.exe
    taskkill /pid 6492 /f /t
    3⤵
    PID:12256
- - C:\Windows\system32\cmd.exe
    C:\Windows\system32\cmd.exe /d /s /c "where where"
    3⤵
    PID:11340
  - - C:\Windows\system32\where.exe
      where where
      4⤵
      PID:1264
- - C:\Windows\system32\taskkill.exe
    taskkill /pid 11340 /f /t
    3⤵
    PID:7016
- - C:\Windows\system32\cmd.exe
    C:\Windows\system32\cmd.exe /d /s /c "where dotnet"
    3⤵
    PID:6864
  - - C:\Windows\system32\where.exe
      where dotnet
      4⤵
      PID:6636
- - C:\Windows\system32\taskkill.exe
    taskkill /pid 6864 /f /t
    3⤵
    PID:7104
- - C:\Windows\system32\cmd.exe
    C:\Windows\system32\cmd.exe /d /s /c "chcp 65001"
    3⤵
    PID:6724
  - - C:\Windows\system32\chcp.com
      chcp 65001
      4⤵
      PID:6800
- - C:\Windows\system32\taskkill.exe
    taskkill /pid 6724 /f /t
    3⤵
    PID:6740
- - C:\Windows\system32\cmd.exe
    C:\Windows\system32\cmd.exe /d /s /c "chcp 65001 | "C:\Program Files\dotnet\dotnet.exe" --list-runtimes"
    3⤵
    - System Time Discovery
    PID:2052
  - - C:\Windows\system32\chcp.com
      chcp 65001
      4⤵
      PID:8520
  - - C:\Program Files\dotnet\dotnet.exe
      "C:\Program Files\dotnet\dotnet.exe" --list-runtimes
      4⤵
      PID:1176
- - C:\Windows\system32\taskkill.exe
    taskkill /pid 2052 /f /t
    3⤵
    - Kills process with taskkill
    PID:6920
- - C:\Windows\system32\cmd.exe
    C:\Windows\system32\cmd.exe /d /s /c "chcp 65001"
    3⤵
    PID:7116
  - - C:\Windows\system32\chcp.com
      chcp 65001
      4⤵
      PID:8668
- - C:\Windows\system32\taskkill.exe
    taskkill /pid 7116 /f /t
    3⤵
    PID:6124
- - C:\Windows\system32\cmd.exe
    C:\Windows\system32\cmd.exe /d /s /c "chcp 65001 | "C:\Program Files\dotnet\dotnet.exe" --list-runtimes"
    3⤵
    - System Time Discovery
    PID:6816
  - - C:\Windows\system32\chcp.com
      chcp 65001
      4⤵
      PID:6700
  - - C:\Program Files\dotnet\dotnet.exe
      "C:\Program Files\dotnet\dotnet.exe" --list-runtimes
      4⤵
      System Time Discovery
      PID:11212
- - C:\Windows\system32\taskkill.exe
    taskkill /pid 6816 /f /t
    3⤵
    - Kills process with taskkill
    PID:11224
- - C:\Windows\system32\cmd.exe
    C:\Windows\system32\cmd.exe /d /s /c ""C:\Program Files\dotnet\dotnet.exe" --info"
    3⤵
    PID:11208
  - - C:\Program Files\dotnet\dotnet.exe
      "C:\Program Files\dotnet\dotnet.exe" --info
      4⤵
      PID:7676
- - C:\Windows\system32\taskkill.exe
    taskkill /pid 11208 /f /t
    3⤵
    PID:7692
- - C:\Windows\system32\cmd.exe
    C:\Windows\system32\cmd.exe /d /s /c "chcp 65001"
    3⤵
    PID:7644
  - - C:\Windows\system32\chcp.com
      chcp 65001
      4⤵
      PID:8964
- - C:\Windows\system32\taskkill.exe
    taskkill /pid 7644 /f /t
    3⤵
    PID:7512
- - C:\Windows\system32\cmd.exe
    C:\Windows\system32\cmd.exe /d /s /c "chcp 65001 | "C:\Program Files\dotnet\dotnet.exe" --list-sdks"
    3⤵
    PID:9044
  - - C:\Windows\system32\chcp.com
      chcp 65001
      4⤵
      PID:12104
  - - C:\Program Files\dotnet\dotnet.exe
      "C:\Program Files\dotnet\dotnet.exe" --list-sdks
      4⤵
      PID:7584
- - C:\Windows\system32\taskkill.exe
    taskkill /pid 9044 /f /t
    3⤵
    - Kills process with taskkill
    PID:5576
- - C:\Windows\system32\cmd.exe
    C:\Windows\system32\cmd.exe /d /s /c "echo %PATH%"
    3⤵
    PID:9100
- - C:\Windows\system32\taskkill.exe
    taskkill /pid 9100 /f /t
    3⤵
    PID:12028
- - C:\Windows\system32\cmd.exe
    C:\Windows\system32\cmd.exe /d /s /c "where where"
    3⤵
    PID:7828
  - - C:\Windows\system32\where.exe
      where where
      4⤵
      PID:12012
- - C:\Windows\system32\taskkill.exe
    taskkill /pid 7828 /f /t
    3⤵
    - Kills process with taskkill
    PID:12056
- - C:\Windows\system32\cmd.exe
    C:\Windows\system32\cmd.exe /d /s /c "where dotnet"
    3⤵
    PID:6708
  - - C:\Windows\system32\where.exe
      where dotnet
      4⤵
      PID:6148
- - C:\Windows\system32\taskkill.exe
    taskkill /pid 6708 /f /t
    3⤵
    - Kills process with taskkill
    PID:6220
- - C:\Windows\system32\cmd.exe
    C:\Windows\system32\cmd.exe /d /s /c "chcp 65001"
    3⤵
    PID:11592
  - - C:\Windows\system32\chcp.com
      chcp 65001
      4⤵
      PID:8072
- - C:\Windows\system32\taskkill.exe
    taskkill /pid 11592 /f /t
    3⤵
    - Kills process with taskkill
    PID:9520
- - C:\Windows\system32\cmd.exe
    C:\Windows\system32\cmd.exe /d /s /c "chcp 65001 | "C:\Program Files\dotnet\dotnet.exe" --list-runtimes"
    3⤵
    PID:9804
  - - C:\Windows\system32\chcp.com
      chcp 65001
      4⤵
      PID:9560
  - - C:\Program Files\dotnet\dotnet.exe
      "C:\Program Files\dotnet\dotnet.exe" --list-runtimes
      4⤵
      PID:10780
- - C:\Windows\system32\taskkill.exe
    taskkill /pid 9804 /f /t
    3⤵
    PID:5140
- - C:\Windows\system32\cmd.exe
    C:\Windows\system32\cmd.exe /d /s /c "chcp 65001"
    3⤵
    PID:10516
  - - C:\Windows\system32\chcp.com
      chcp 65001
      4⤵
      PID:9720
- - C:\Windows\system32\taskkill.exe
    taskkill /pid 10516 /f /t
    3⤵
    PID:9864
- - C:\Windows\system32\cmd.exe
    C:\Windows\system32\cmd.exe /d /s /c "chcp 65001 | "C:\Program Files\dotnet\dotnet.exe" --list-runtimes"
    3⤵
    PID:9916
  - - C:\Windows\system32\chcp.com
      chcp 65001
      4⤵
      PID:9888
  - - C:\Program Files\dotnet\dotnet.exe
      "C:\Program Files\dotnet\dotnet.exe" --list-runtimes
      4⤵
      PID:9912
- - C:\Windows\system32\taskkill.exe
    taskkill /pid 9916 /f /t
    3⤵
    - Kills process with taskkill
    PID:11732
- - C:\Windows\system32\cmd.exe
    C:\Windows\system32\cmd.exe /d /s /c "chcp 65001"
    3⤵
    PID:9972
  - - C:\Windows\system32\chcp.com
      chcp 65001
      4⤵
      PID:10216
- - C:\Windows\system32\taskkill.exe
    taskkill /pid 9972 /f /t
    3⤵
    PID:10096
- - C:\Windows\system32\cmd.exe
    C:\Windows\system32\cmd.exe /d /s /c "chcp 65001 | "C:\Program Files\dotnet\dotnet.exe" --list-runtimes"
    3⤵
    - System Time Discovery
    PID:10180
  - - C:\Windows\system32\chcp.com
      chcp 65001
      4⤵
      PID:11348
  - - C:\Program Files\dotnet\dotnet.exe
      "C:\Program Files\dotnet\dotnet.exe" --list-runtimes
      4⤵
      PID:11368
- - C:\Windows\system32\taskkill.exe
    taskkill /pid 10180 /f /t
    3⤵
    PID:1752
- - C:\Windows\system32\cmd.exe
    C:\Windows\system32\cmd.exe /d /s /c ""C:\Program Files\dotnet\dotnet.exe" --info"
    3⤵
    PID:10992
  - - C:\Program Files\dotnet\dotnet.exe
      "C:\Program Files\dotnet\dotnet.exe" --info
      4⤵
      PID:10128
- - C:\Windows\system32\taskkill.exe
    taskkill /pid 10992 /f /t
    3⤵
    - Kills process with taskkill
    PID:7284
- - C:\Windows\system32\cmd.exe
    C:\Windows\system32\cmd.exe /d /s /c "chcp 65001"
    3⤵
    PID:10936
  - - C:\Windows\system32\chcp.com
      chcp 65001
      4⤵
      PID:11052
- - C:\Windows\system32\taskkill.exe
    taskkill /pid 10936 /f /t
    3⤵
    PID:7760
- - C:\Windows\system32\cmd.exe
    C:\Windows\system32\cmd.exe /d /s /c "chcp 65001 | "C:\Program Files\dotnet\dotnet.exe" --list-sdks"
    3⤵
    PID:7640
  - - C:\Windows\system32\chcp.com
      chcp 65001
      4⤵
      PID:7332
  - - C:\Program Files\dotnet\dotnet.exe
      "C:\Program Files\dotnet\dotnet.exe" --list-sdks
      4⤵
      PID:5816
- - C:\Windows\system32\taskkill.exe
    taskkill /pid 7640 /f /t
    3⤵
    PID:7248
- - C:\Windows\system32\cmd.exe
    C:\Windows\system32\cmd.exe /d /s /c "C:\Windows\System32\reg.exe query HKEY_LOCAL_MACHINE\SOFTWARE\dotnet\Setup\InstalledVersions\x64\sharedhost /v Path"
    3⤵
    PID:1612
  - - C:\Windows\System32\reg.exe
      C:\Windows\System32\reg.exe query HKEY_LOCAL_MACHINE\SOFTWARE\dotnet\Setup\InstalledVersions\x64\sharedhost /v Path
      4⤵
      PID:7924
- - C:\Windows\system32\taskkill.exe
    taskkill /pid 1612 /f /t
    3⤵
    - Kills process with taskkill
    PID:9992
- - C:\Windows\system32\cmd.exe
    C:\Windows\system32\cmd.exe /d /s /c "chcp 65001"
    3⤵
    PID:10044
  - - C:\Windows\system32\chcp.com
      chcp 65001
      4⤵
      PID:10924
- - C:\Windows\system32\taskkill.exe
    taskkill /pid 10044 /f /t
    3⤵
    PID:7764
- - C:\Windows\system32\cmd.exe
    C:\Windows\system32\cmd.exe /d /s /c "chcp 65001 | "C:\Program Files\dotnet\dotnet.exe" --list-runtimes"
    3⤵
    PID:7708
  - - C:\Windows\system32\chcp.com
      chcp 65001
      4⤵
      PID:7624
  - - C:\Program Files\dotnet\dotnet.exe
      "C:\Program Files\dotnet\dotnet.exe" --list-runtimes
      4⤵
      PID:7404
- - C:\Windows\system32\taskkill.exe
    taskkill /pid 7708 /f /t
    3⤵
    - Kills process with taskkill
    PID:7408
- - C:\Windows\system32\cmd.exe
    C:\Windows\system32\cmd.exe /d /s /c "chcp 65001"
    3⤵
    PID:3052
  - - C:\Windows\system32\chcp.com
      chcp 65001
      4⤵
      PID:5688
- - C:\Windows\system32\taskkill.exe
    taskkill /pid 3052 /f /t
    3⤵
    PID:7480
- - C:\Windows\system32\cmd.exe
    C:\Windows\system32\cmd.exe /d /s /c "chcp 65001 | "C:\Program Files\dotnet\dotnet.exe" --list-runtimes"
    3⤵
    - System Time Discovery
    PID:7340
  - - C:\Windows\system32\chcp.com
      chcp 65001
      4⤵
      PID:7324
  - - C:\Program Files\dotnet\dotnet.exe
      "C:\Program Files\dotnet\dotnet.exe" --list-runtimes
      4⤵
      System Time Discovery
      PID:9932
- - C:\Windows\system32\taskkill.exe
    taskkill /pid 7340 /f /t
    3⤵
    - Kills process with taskkill
    PID:7252
- - C:\Windows\system32\cmd.exe
    C:\Windows\system32\cmd.exe /d /s /c ""C:\Program Files\dotnet\dotnet.exe" --info"
    3⤵
    PID:9980
  - - C:\Program Files\dotnet\dotnet.exe
      "C:\Program Files\dotnet\dotnet.exe" --info
      4⤵
      PID:5396
- - C:\Windows\system32\taskkill.exe
    taskkill /pid 9980 /f /t
    3⤵
    PID:3440
- - C:\Windows\system32\cmd.exe
    C:\Windows\system32\cmd.exe /d /s /c "chcp 65001"
    3⤵
    PID:5916
  - - C:\Windows\system32\chcp.com
      chcp 65001
      4⤵
      PID:5748
- - C:\Windows\system32\taskkill.exe
    taskkill /pid 5916 /f /t
    3⤵
    PID:2420
- - C:\Windows\system32\cmd.exe
    C:\Windows\system32\cmd.exe /d /s /c "chcp 65001 | "C:\Program Files\dotnet\dotnet.exe" --list-sdks"
    3⤵
    PID:5344
  - - C:\Windows\system32\chcp.com
      chcp 65001
      4⤵
      PID:10904
  - - C:\Program Files\dotnet\dotnet.exe
      "C:\Program Files\dotnet\dotnet.exe" --list-sdks
      4⤵
      PID:5284
- - C:\Windows\system32\taskkill.exe
    taskkill /pid 5344 /f /t
    3⤵
    PID:5172
- - C:\Windows\system32\reg.exe
    C:\Windows\system32\reg.exe query "HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings"
    3⤵
    PID:4828
- - C:\Windows\system32\cmd.exe
    C:\Windows\system32\cmd.exe /d /s /c "echo %PATH%"
    3⤵
    PID:3268
- - C:\Windows\system32\taskkill.exe
    taskkill /pid 3268 /f /t
    3⤵
    PID:3824
- - C:\Windows\system32\cmd.exe
    C:\Windows\system32\cmd.exe /d /s /c "where where"
    3⤵
    PID:5424
  - - C:\Windows\system32\where.exe
      where where
      4⤵
      PID:5668
- - C:\Windows\system32\taskkill.exe
    taskkill /pid 5424 /f /t
    3⤵
    - Kills process with taskkill
    PID:5280
- - C:\Windows\system32\cmd.exe
    C:\Windows\system32\cmd.exe /d /s /c "where dotnet"
    3⤵
    PID:3776
  - - C:\Windows\system32\where.exe
      where dotnet
      4⤵
      PID:7348
- - C:\Windows\system32\taskkill.exe
    taskkill /pid 3776 /f /t
    3⤵
    PID:1784
- - C:\Windows\system32\cmd.exe
    C:\Windows\system32\cmd.exe /d /s /c "chcp 65001"
    3⤵
    PID:6360
  - - C:\Windows\system32\chcp.com
      chcp 65001
      4⤵
      PID:6872
- - C:\Windows\system32\taskkill.exe
    taskkill /pid 6360 /f /t
    3⤵
    PID:11928
- - C:\Windows\system32\cmd.exe
    C:\Windows\system32\cmd.exe /d /s /c "chcp 65001 | "C:\Program Files\dotnet\dotnet.exe" --list-runtimes"
    3⤵
    - System Time Discovery
    PID:6472
  - - C:\Windows\system32\chcp.com
      chcp 65001
      4⤵
      PID:12156
  - - C:\Program Files\dotnet\dotnet.exe
      "C:\Program Files\dotnet\dotnet.exe" --list-runtimes
      4⤵
      PID:12236
- - C:\Windows\system32\taskkill.exe
    taskkill /pid 6472 /f /t
    3⤵
    PID:6868
- - C:\Windows\system32\cmd.exe
    C:\Windows\system32\cmd.exe /d /s /c "chcp 65001"
    3⤵
    PID:8512
  - - C:\Windows\system32\chcp.com
      chcp 65001
      4⤵
      PID:1020
- - C:\Windows\system32\taskkill.exe
    taskkill /pid 8512 /f /t
    3⤵
    - Kills process with taskkill
    PID:11152
- - C:\Windows\system32\cmd.exe
    C:\Windows\system32\cmd.exe /d /s /c "chcp 65001 | "C:\Program Files\dotnet\dotnet.exe" --list-runtimes"
    3⤵
    - System Time Discovery
    PID:3916
  - - C:\Windows\system32\chcp.com
      chcp 65001
      4⤵
      PID:10748
  - - C:\Program Files\dotnet\dotnet.exe
      "C:\Program Files\dotnet\dotnet.exe" --list-runtimes
      4⤵
      System Time Discovery
      PID:6184
- - C:\Windows\system32\taskkill.exe
    taskkill /pid 3916 /f /t
    3⤵
    PID:6228
- - C:\Windows\system32\cmd.exe
    C:\Windows\system32\cmd.exe /d /s /c ""C:\Program Files\dotnet\dotnet.exe" --info"
    3⤵
    PID:9284
  - - C:\Program Files\dotnet\dotnet.exe
      "C:\Program Files\dotnet\dotnet.exe" --info
      4⤵
      PID:2128
- - C:\Windows\system32\taskkill.exe
    taskkill /pid 9284 /f /t
    3⤵
    PID:60
- - C:\Windows\system32\cmd.exe
    C:\Windows\system32\cmd.exe /d /s /c "chcp 65001"
    3⤵
    PID:10368
  - - C:\Windows\system32\chcp.com
      chcp 65001
      4⤵
      PID:6640
- - C:\Windows\system32\taskkill.exe
    taskkill /pid 10368 /f /t
    3⤵
    - Kills process with taskkill
    PID:1476
- - C:\Windows\system32\cmd.exe
    C:\Windows\system32\cmd.exe /d /s /c "chcp 65001 | "C:\Program Files\dotnet\dotnet.exe" --list-sdks"
    3⤵
    PID:2092
  - - C:\Windows\system32\chcp.com
      chcp 65001
      4⤵
      PID:756
  - - C:\Program Files\dotnet\dotnet.exe
      "C:\Program Files\dotnet\dotnet.exe" --list-sdks
      4⤵
      PID:10688
- - C:\Windows\system32\taskkill.exe
    taskkill /pid 2092 /f /t
    3⤵
    - Kills process with taskkill
    PID:11040
- - C:\Windows\system32\cmd.exe
    C:\Windows\system32\cmd.exe /d /s /c "echo %PATH%"
    3⤵
    PID:10540
- - C:\Windows\system32\taskkill.exe
    taskkill /pid 10540 /f /t
    3⤵
    PID:10604
- - C:\Windows\system32\cmd.exe
    C:\Windows\system32\cmd.exe /d /s /c "where where"
    3⤵
    PID:10912
  - - C:\Windows\system32\where.exe
      where where
      4⤵
      PID:11716
- - C:\Windows\system32\taskkill.exe
    taskkill /pid 10912 /f /t
    3⤵
    PID:6092
- - C:\Windows\system32\cmd.exe
    C:\Windows\system32\cmd.exe /d /s /c "where dotnet"
    3⤵
    PID:2632
  - - C:\Windows\system32\where.exe
      where dotnet
      4⤵
      PID:7024
- - C:\Windows\system32\taskkill.exe
    taskkill /pid 2632 /f /t
    3⤵
    - Kills process with taskkill
    PID:12020
- - C:\Windows\system32\cmd.exe
    C:\Windows\system32\cmd.exe /d /s /c "chcp 65001"
    3⤵
    PID:5548
  - - C:\Windows\system32\chcp.com
      chcp 65001
      4⤵
      PID:10728
- - C:\Windows\system32\taskkill.exe
    taskkill /pid 5548 /f /t
    3⤵
    - Kills process with taskkill
    PID:11920
- - C:\Windows\system32\cmd.exe
    C:\Windows\system32\cmd.exe /d /s /c "chcp 65001 | "C:\Program Files\dotnet\dotnet.exe" --list-runtimes"
    3⤵
    - System Time Discovery
    PID:11912
  - - C:\Windows\system32\chcp.com
      chcp 65001
      4⤵
      PID:7504
  - - C:\Program Files\dotnet\dotnet.exe
      "C:\Program Files\dotnet\dotnet.exe" --list-runtimes
      4⤵
      System Time Discovery
      PID:7460
- - C:\Windows\system32\taskkill.exe
    taskkill /pid 11912 /f /t
    3⤵
    - Kills process with taskkill
    PID:7532
- - C:\Windows\system32\cmd.exe
    C:\Windows\system32\cmd.exe /d /s /c "chcp 65001"
    3⤵
    PID:1744
  - - C:\Windows\system32\chcp.com
      chcp 65001
      4⤵
      PID:12212
- - C:\Windows\system32\taskkill.exe
    taskkill /pid 1744 /f /t
    3⤵
    PID:7544
- - C:\Windows\system32\cmd.exe
    C:\Windows\system32\cmd.exe /d /s /c "chcp 65001 | "C:\Program Files\dotnet\dotnet.exe" --list-runtimes"
    3⤵
    PID:6048
  - - C:\Windows\system32\chcp.com
      chcp 65001
      4⤵
      PID:6832
  - - C:\Program Files\dotnet\dotnet.exe
      "C:\Program Files\dotnet\dotnet.exe" --list-runtimes
      4⤵
      System Time Discovery
      PID:4528
- - C:\Windows\system32\taskkill.exe
    taskkill /pid 6048 /f /t
    3⤵
    - Kills process with taskkill
    PID:10452
- - C:\Windows\system32\cmd.exe
    C:\Windows\system32\cmd.exe /d /s /c "chcp 65001"
    3⤵
    PID:9300
  - - C:\Windows\system32\chcp.com
      chcp 65001
      4⤵
      PID:9236
- - C:\Windows\system32\taskkill.exe
    taskkill /pid 9300 /f /t
    3⤵
    PID:11560
- - C:\Windows\system32\cmd.exe
    C:\Windows\system32\cmd.exe /d /s /c "chcp 65001 | "C:\Program Files\dotnet\dotnet.exe" --list-runtimes"
    3⤵
    - System Time Discovery
    PID:8172
  - - C:\Windows\system32\chcp.com
      chcp 65001
      4⤵
      PID:8640
  - - C:\Program Files\dotnet\dotnet.exe
      "C:\Program Files\dotnet\dotnet.exe" --list-runtimes
      4⤵
      System Time Discovery
      PID:5676
- - C:\Windows\system32\taskkill.exe
    taskkill /pid 8172 /f /t
    3⤵
    PID:9368
- - C:\Windows\system32\cmd.exe
    C:\Windows\system32\cmd.exe /d /s /c ""C:\Program Files\dotnet\dotnet.exe" --info"
    3⤵
    PID:8228
  - - C:\Program Files\dotnet\dotnet.exe
      "C:\Program Files\dotnet\dotnet.exe" --info
      4⤵
      PID:11540
- - C:\Windows\system32\taskkill.exe
    taskkill /pid 8228 /f /t
    3⤵
    PID:6252
- - C:\Windows\system32\cmd.exe
    C:\Windows\system32\cmd.exe /d /s /c "chcp 65001"
    3⤵
    PID:9828
  - - C:\Windows\system32\chcp.com
      chcp 65001
      4⤵
      PID:6288
- - C:\Windows\system32\taskkill.exe
    taskkill /pid 9828 /f /t
    3⤵
    PID:9196
- - C:\Windows\system32\cmd.exe
    C:\Windows\system32\cmd.exe /d /s /c "chcp 65001 | "C:\Program Files\dotnet\dotnet.exe" --list-sdks"
    3⤵
    PID:8296
  - - C:\Windows\system32\chcp.com
      chcp 65001
      4⤵
      PID:11424
  - - C:\Program Files\dotnet\dotnet.exe
      "C:\Program Files\dotnet\dotnet.exe" --list-sdks
      4⤵
      PID:11440
- - C:\Windows\system32\taskkill.exe
    taskkill /pid 8296 /f /t
    3⤵
    - Kills process with taskkill
    PID:6936
- - C:\Windows\system32\cmd.exe
    C:\Windows\system32\cmd.exe /d /s /c "C:\Windows\System32\reg.exe query HKEY_LOCAL_MACHINE\SOFTWARE\dotnet\Setup\InstalledVersions\x64\sharedhost /v Path"
    3⤵
    PID:4240
  - - C:\Windows\System32\reg.exe
      C:\Windows\System32\reg.exe query HKEY_LOCAL_MACHINE\SOFTWARE\dotnet\Setup\InstalledVersions\x64\sharedhost /v Path
      4⤵
      PID:8460
- - C:\Windows\system32\taskkill.exe
    taskkill /pid 4240 /f /t
    3⤵
    - Kills process with taskkill
    PID:8280
- - C:\Windows\system32\cmd.exe
    C:\Windows\system32\cmd.exe /d /s /c "chcp 65001"
    3⤵
    PID:8468
  - - C:\Windows\system32\chcp.com
      chcp 65001
      4⤵
      PID:9604
- - C:\Windows\system32\taskkill.exe
    taskkill /pid 8468 /f /t
    3⤵
    - Kills process with taskkill
    PID:8464
- - C:\Windows\system32\cmd.exe
    C:\Windows\system32\cmd.exe /d /s /c "chcp 65001 | "C:\Program Files\dotnet\dotnet.exe" --list-runtimes"
    3⤵
    - System Time Discovery
    PID:8560
  - - C:\Windows\system32\chcp.com
      chcp 65001
      4⤵
      PID:6392
  - - C:\Program Files\dotnet\dotnet.exe
      "C:\Program Files\dotnet\dotnet.exe" --list-runtimes
      4⤵
      PID:188
- - C:\Windows\system32\taskkill.exe
    taskkill /pid 8560 /f /t
    3⤵
    - Kills process with taskkill
    PID:6968
- - C:\Windows\system32\cmd.exe
    C:\Windows\system32\cmd.exe /d /s /c "chcp 65001"
    3⤵
    PID:6584
  - - C:\Windows\system32\chcp.com
      chcp 65001
      4⤵
      PID:6672
- - C:\Windows\system32\taskkill.exe
    taskkill /pid 6584 /f /t
    3⤵
    PID:7092
  - - C:\Windows\System32\Conhost.exe
      \??\C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
      4⤵
      PID:6724
- - C:\Windows\system32\cmd.exe
    C:\Windows\system32\cmd.exe /d /s /c "chcp 65001 | "C:\Program Files\dotnet\dotnet.exe" --list-runtimes"
    3⤵
    PID:6344
  - - C:\Windows\system32\chcp.com
      chcp 65001
      4⤵
      PID:6588
  - - C:\Program Files\dotnet\dotnet.exe
      "C:\Program Files\dotnet\dotnet.exe" --list-runtimes
      4⤵
      System Time Discovery
      PID:2856
- - C:\Windows\system32\taskkill.exe
    taskkill /pid 6344 /f /t
    3⤵
    - Kills process with taskkill
    PID:8520
- - C:\Windows\system32\cmd.exe
    C:\Windows\system32\cmd.exe /d /s /c ""C:\Program Files\dotnet\dotnet.exe" --info"
    3⤵
    PID:2052
  - - C:\Program Files\dotnet\dotnet.exe
      "C:\Program Files\dotnet\dotnet.exe" --info
      4⤵
      PID:6648
- - C:\Windows\system32\taskkill.exe
    taskkill /pid 2052 /f /t
    3⤵
    PID:5844
- - C:\Windows\system32\cmd.exe
    C:\Windows\system32\cmd.exe /d /s /c "chcp 65001"
    3⤵
    PID:6276
  - - C:\Windows\System32\Conhost.exe
      \??\C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
      4⤵
      PID:8668
  - - C:\Windows\system32\chcp.com
      chcp 65001
      4⤵
      PID:6844
- - C:\Windows\system32\taskkill.exe
    taskkill /pid 6276 /f /t
    3⤵
    - Kills process with taskkill
    PID:5720
- - C:\Windows\system32\cmd.exe
    C:\Windows\system32\cmd.exe /d /s /c "chcp 65001 | "C:\Program Files\dotnet\dotnet.exe" --list-sdks"
    3⤵
    PID:7492
  - - C:\Windows\system32\chcp.com
      chcp 65001
      4⤵
      PID:7688
  - - C:\Program Files\dotnet\dotnet.exe
      "C:\Program Files\dotnet\dotnet.exe" --list-sdks
      4⤵
      PID:9020
- - C:\Windows\system32\taskkill.exe
    taskkill /pid 7492 /f /t
    3⤵
    PID:7472
- - C:\Windows\system32\reg.exe
    C:\Windows\system32\reg.exe query "HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings"
    3⤵
    PID:6340
- - C:\Windows\system32\cmd.exe
    cmd /C where dotnet
    3⤵
    PID:8996
  - - C:\Windows\System32\Conhost.exe
      \??\C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
      4⤵
      PID:7644
  - - C:\Windows\system32\where.exe
      where dotnet
      4⤵
      PID:9608
- - C:\Program Files\dotnet\dotnet.exe
    "C:\Program Files\dotnet\dotnet.exe" --version
    3⤵
    PID:9544
- - \??\c:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\resources\app\node_modules\@vscode\ripgrep\bin\rg.exe
    "c:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\resources\app\node_modules\@vscode\ripgrep\bin\rg.exe" --files --hidden --case-sensitive --no-require-git -g **/*.{csproj} -g !**/.git -g !**/.svn -g !**/.hg -g !**/CVS -g !**/.DS_Store -g !**/Thumbs.db -g !**/node_modules/** --no-ignore --follow --no-config --no-ignore-global
    3⤵
    - Executes dropped EXE
    PID:3404
- - \??\c:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\resources\app\node_modules\@vscode\ripgrep\bin\rg.exe
    "c:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\resources\app\node_modules\@vscode\ripgrep\bin\rg.exe" --files --hidden --case-sensitive --no-require-git -g **/*.sln -g !**/.git -g !**/.svn -g !**/.hg -g !**/CVS -g !**/.DS_Store -g !**/Thumbs.db -g !**/{node_modules,obj,bin}/** --no-ignore --follow --no-config --no-ignore-global
    3⤵
    - Executes dropped EXE
    PID:12048
- - C:\Program Files\dotnet\dotnet.exe
    dotnet --info
    3⤵
    PID:8100
- - C:\Program Files\dotnet\dotnet.exe
    dotnet --list-runtimes
    3⤵
    PID:7456
- - C:\Windows\system32\reg.exe
    C:\Windows\system32\reg.exe query "HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings"
    3⤵
    PID:8924
- - \??\c:\Users\Admin\.vscode\extensions\ms-dotnettools.csharp-2.61.28-win32-x64\.roslyn\Microsoft.CodeAnalysis.LanguageServer.exe
    c:\Users\Admin\.vscode\extensions\ms-dotnettools.csharp-2.61.28-win32-x64\.roslyn\Microsoft.CodeAnalysis.LanguageServer.exe --logLevel Information --razorSourceGenerator c:\Users\Admin\.vscode\extensions\ms-dotnettools.csharp-2.61.28-win32-x64\.razor\Microsoft.CodeAnalysis.Razor.Compiler.dll --razorDesignTimePath c:\Users\Admin\.vscode\extensions\ms-dotnettools.csharp-2.61.28-win32-x64\.razor\Targets\Microsoft.NET.Sdk.Razor.DesignTime.targets --devKitDependencyPath c:\Users\Admin\.vscode\extensions\ms-dotnettools.csharp-2.61.28-win32-x64\.roslynDevKit\Microsoft.VisualStudio.LanguageServices.DevKit.dll --sessionId 9e95c7c2-ab25-40da-89f7-aa01dbafe4dc1737053559438 --extension c:\Users\Admin\.vscode\extensions\ms-dotnettools.csharp-2.61.28-win32-x64\.xamlTools\Microsoft.VisualStudio.DesignTools.CodeAnalysis.dll --extension c:\Users\Admin\.vscode\extensions\ms-dotnettools.csharp-2.61.28-win32-x64\.xamlTools\Microsoft.VisualStudio.DesignTools.CodeAnalysis.Diagnostics.dll --telemetryLevel all --extensionLogDirectory c:\Users\Admin\AppData\Roaming\Code\logs\20250116T185204\window1\exthost\ms-dotnettools.csharp
    3⤵
    - Checks computer location settings
    - Executes dropped EXE
    - Network Service Discovery
    - System Location Discovery: System Language Discovery
    - Checks processor information in registry
    PID:9564
- - \??\c:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\resources\app\node_modules\@vscode\ripgrep\bin\rg.exe
    "c:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\resources\app\node_modules\@vscode\ripgrep\bin\rg.exe" --files --hidden --case-sensitive --no-require-git -g **/*.{cshtml,razor} -g !**/.git -g !**/.svn -g !**/.hg -g !**/CVS -g !**/.DS_Store -g !**/Thumbs.db --no-ignore --follow --no-config --no-ignore-global
    3⤵
    - Executes dropped EXE
    PID:10612
- - C:\Windows\system32\reg.exe
    C:\Windows\system32\reg.exe query "HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings"
    3⤵
    PID:1892
- - C:\Windows\system32\reg.exe
    C:\Windows\system32\reg.exe query "HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings"
    3⤵
    PID:10020
- - C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe
    "C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe" "c:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\resources\app\extensions\markdown-language-features\dist\serverWorkerMain" --node-ipc --clientProcessId=1916
    3⤵
    - Executes dropped EXE
    PID:8800
- - C:\Windows\system32\cmd.exe
    C:\Windows\system32\cmd.exe /d /s /c "powershell.exe"
    3⤵
    PID:10060
  - - C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
      powershell.exe
      4⤵
      Suspicious behavior: EnumeratesProcesses
      PID:11412
- - C:\Windows\system32\taskkill.exe
    taskkill /pid 10060 /f /t
    3⤵
    - Kills process with taskkill
    PID:11028
  - - C:\Windows\System32\Conhost.exe
      \??\C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
      4⤵
      PID:10936
- - C:\Windows\system32\cmd.exe
    C:\Windows\system32\cmd.exe /d /s /c "powershell.exe -command $ExecutionContext.SessionState.LanguageMode"
    3⤵
    PID:11024
  - - C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
      powershell.exe -command $ExecutionContext.SessionState.LanguageMode
      4⤵
      Command and Scripting Interpreter: PowerShell
      Suspicious behavior: EnumeratesProcesses
      PID:10984
- - C:\Windows\system32\cmd.exe
    C:\Windows\system32\cmd.exe /d /s /c "powershell.exe -NoProfile -NonInteractive -NoLogo -ExecutionPolicy unrestricted -Command "& { [Net.ServicePointManager]::SecurityProtocol = [Net.ServicePointManager]::SecurityProtocol -bor [Net.SecurityProtocolType]::Tls12; & 'c:\Users\Admin\.vscode\extensions\ms-dotnettools.vscode-dotnet-runtime-2.2.5\dist\install scripts\dotnet-install.ps1' -InstallDir 'c:\Users\Admin\AppData\Roaming\Code\User\globalStorage\ms-dotnettools.vscode-dotnet-runtime\.dotnet\8.0.12~x64~aspnetcore' -Version 8.0.12 -Verbose -Runtime aspnetcore -Architecture x64 }""
    3⤵
    PID:560
  - - C:\Windows\System32\Conhost.exe
      \??\C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
      4⤵
      PID:7924
  - - C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
      powershell.exe -NoProfile -NonInteractive -NoLogo -ExecutionPolicy unrestricted -Command "& { [Net.ServicePointManager]::SecurityProtocol = [Net.ServicePointManager]::SecurityProtocol -bor [Net.SecurityProtocolType]::Tls12; & 'c:\Users\Admin\.vscode\extensions\ms-dotnettools.vscode-dotnet-runtime-2.2.5\dist\install scripts\dotnet-install.ps1' -InstallDir 'c:\Users\Admin\AppData\Roaming\Code\User\globalStorage\ms-dotnettools.vscode-dotnet-runtime\.dotnet\8.0.12~x64~aspnetcore' -Version 8.0.12 -Verbose -Runtime aspnetcore -Architecture x64 }"
      4⤵
      Blocklisted process makes network request
      Command and Scripting Interpreter: PowerShell
      System Time Discovery
      Suspicious behavior: EnumeratesProcesses
      PID:1404
- - C:\Windows\system32\where.exe
    where.exe dotnet
    3⤵
    PID:9540
- - \??\c:\Users\Admin\.vscode\extensions\ms-dotnettools.csdevkit-1.15.34-win32-x64\components\vs-green-server\platforms\win32-x64\node_modules\@microsoft\visualstudio-code-launcher.win32-x64\escape-node-job.exe
    c:\Users\Admin\.vscode\extensions\ms-dotnettools.csdevkit-1.15.34-win32-x64\components\vs-green-server\platforms\win32-x64\node_modules\@microsoft\visualstudio-code-launcher.win32-x64\escape-node-job c:\Users\Admin\.vscode\extensions\ms-dotnettools.csdevkit-1.15.34-win32-x64\components\vs-green-server\platforms\win32-x64\node_modules\@microsoft\visualstudio-server.win32-x64\Microsoft.VisualStudio.Code.Server --serviceHubConfigPath c:\Users\Admin\.vscode\extensions\ms-dotnettools.csdevkit-1.15.34-win32-x64\components\servicehub\servicehub.config.json --pipe \\.\pipe\2bf281ac-5446-43ed-a68d-9ce39f7deb6f --pipe-server \\.\pipe\fed0dacc-daa3-464d-bea0-afcdfb64bdb9 --log-directory c:\Users\Admin\AppData\Roaming\Code\logs\20250116T185204\window1\exthost\ms-dotnettools.csdevkit --log-verbosity Information --vscodeSessionId 9e95c7c2-ab25-40da-89f7-aa01dbafe4dc1737053559438 --vscodeTelemetryLevel all --cache-directory c:\Users\Admin\.vscode\extensions\ms-dotnettools.csdevkit-1.15.34-win32-x64\cache --component c:\Users\Admin\.vscode\extensions\ms-dotnettools.csdevkit-1.15.34-win32-x64\components\CPS\platforms\win32-x64\node_modules\@microsoft\msbuild-dependencies.win32-x64 c:\Users\Admin\.vscode\extensions\ms-dotnettools.csdevkit-1.15.34-win32-x64\components\CPS\platforms\win32-x64\node_modules\@microsoft\visualstudio-projectsystem-buildhost-rpc.win32-x64 c:\Users\Admin\.vscode\extensions\ms-dotnettools.csdevkit-1.15.34-win32-x64\components\CPS\platforms\win32-x64\node_modules\@microsoft\visualstudio-projectsystem-buildhost.win32-x64 c:\Users\Admin\.vscode\extensions\ms-dotnettools.csdevkit-1.15.34-win32-x64\components\CPS\platforms\win32-x64\node_modules\@microsoft\visualstudio-projectsystem-server.win32-x64 c:\Users\Admin\.vscode\extensions\ms-dotnettools.csdevkit-1.15.34-win32-x64\components\dotnet-project-system\node_modules\@microsoft\microsoft.visualstudio.projectsystem.managed c:\Users\Admin\.vscode\extensions\ms-dotnettools.csdevkit-1.15.34-win32-x64\components\dotnet-project-system-vscode\node_modules\@microsoft\vscode.projectsystem.managed c:\Users\Admin\.vscode\extensions\ms-dotnettools.csdevkit-1.15.34-win32-x64\components\dotnet-project-system-vscode\node_modules\@microsoft\vscode.templateengine c:\Users\Admin\.vscode\extensions\ms-dotnettools.csdevkit-1.15.34-win32-x64\components\roslyn-visualstudio-languageservices-devkit\node_modules\@microsoft\visualstudio-languageservices-devkit c:\Users\Admin\.vscode\extensions\ms-dotnettools.csdevkit-1.15.34-win32-x64\components\vs-code-coverage\platforms\win32-x64\node_modules\@microsoft\coverage-services.win32-x64 c:\Users\Admin\.vscode\extensions\ms-dotnettools.csdevkit-1.15.34-win32-x64\components\vs-green-server\platforms\win32-x64\node_modules\@microsoft\servicehub-controller-net60.win32-x64 c:\Users\Admin\.vscode\extensions\ms-dotnettools.csdevkit-1.15.34-win32-x64\components\vs-green-server\platforms\win32-x64\node_modules\@microsoft\visualstudio-code-launcher.win32-x64 c:\Users\Admin\.vscode\extensions\ms-dotnettools.csdevkit-1.15.34-win32-x64\components\vs-green-server\platforms\win32-x64\node_modules\@microsoft\visualstudio-code-servicehost.win32-x64 c:\Users\Admin\.vscode\extensions\ms-dotnettools.csdevkit-1.15.34-win32-x64\components\vs-green-server\platforms\win32-x64\node_modules\@microsoft\visualstudio-reliability-monitor.win32-x64 c:\Users\Admin\.vscode\extensions\ms-dotnettools.csdevkit-1.15.34-win32-x64\components\vs-green-server\platforms\win32-x64\node_modules\@microsoft\visualstudio-server-samples-sayhello.win32-x64 c:\Users\Admin\.vscode\extensions\ms-dotnettools.csdevkit-1.15.34-win32-x64\components\vs-green-server\platforms\win32-x64\node_modules\@microsoft\visualstudio-server-shared.win32-x64 c:\Users\Admin\.vscode\extensions\ms-dotnettools.csdevkit-1.15.34-win32-x64\components\vs-green-server\platforms\win32-x64\node_modules\@microsoft\visualstudio-server.win32-x64 c:\Users\Admin\.vscode\extensions\ms-dotnettools.csdevkit-1.15.34-win32-x64\components\VSDebugCore\platforms\win32-x64\node_modules\@microsoft\visualstudio-debugger-devkit.win32-x64 c:\Users\Admin\.vscode\extensions\ms-dotnettools.csdevkit-1.15.34-win32-x64\components\VSUnitTesting\platforms\win32-x64\node_modules\@microsoft\visualstudio-testwindow-vscode-service.win32-x64 c:\Users\Admin\.vscode\extensions\ms-dotnettools.csdevkit-1.15.34-win32-x64\components\WebTools\node_modules\@microsoft\vscode.webtools
    3⤵
    - Executes dropped EXE
    PID:8608
  - - \??\c:\Users\Admin\.vscode\extensions\ms-dotnettools.csdevkit-1.15.34-win32-x64\components\vs-green-server\platforms\win32-x64\node_modules\@microsoft\visualstudio-server.win32-x64\Microsoft.VisualStudio.Code.Server.exe
      "c:\Users\Admin\.vscode\extensions\ms-dotnettools.csdevkit-1.15.34-win32-x64\components\vs-green-server\platforms\win32-x64\node_modules\@microsoft\visualstudio-server.win32-x64\Microsoft.VisualStudio.Code.Server" --serviceHubConfigPath c:\Users\Admin\.vscode\extensions\ms-dotnettools.csdevkit-1.15.34-win32-x64\components\servicehub\servicehub.config.json --pipe \\.\pipe\2bf281ac-5446-43ed-a68d-9ce39f7deb6f --pipe-server \\.\pipe\fed0dacc-daa3-464d-bea0-afcdfb64bdb9 --log-directory c:\Users\Admin\AppData\Roaming\Code\logs\20250116T185204\window1\exthost\ms-dotnettools.csdevkit --log-verbosity Information --vscodeSessionId 9e95c7c2-ab25-40da-89f7-aa01dbafe4dc1737053559438 --vscodeTelemetryLevel all --cache-directory c:\Users\Admin\.vscode\extensions\ms-dotnettools.csdevkit-1.15.34-win32-x64\cache --component c:\Users\Admin\.vscode\extensions\ms-dotnettools.csdevkit-1.15.34-win32-x64\components\CPS\platforms\win32-x64\node_modules\@microsoft\msbuild-dependencies.win32-x64 c:\Users\Admin\.vscode\extensions\ms-dotnettools.csdevkit-1.15.34-win32-x64\components\CPS\platforms\win32-x64\node_modules\@microsoft\visualstudio-projectsystem-buildhost-rpc.win32-x64 c:\Users\Admin\.vscode\extensions\ms-dotnettools.csdevkit-1.15.34-win32-x64\components\CPS\platforms\win32-x64\node_modules\@microsoft\visualstudio-projectsystem-buildhost.win32-x64 c:\Users\Admin\.vscode\extensions\ms-dotnettools.csdevkit-1.15.34-win32-x64\components\CPS\platforms\win32-x64\node_modules\@microsoft\visualstudio-projectsystem-server.win32-x64 c:\Users\Admin\.vscode\extensions\ms-dotnettools.csdevkit-1.15.34-win32-x64\components\dotnet-project-system\node_modules\@microsoft\microsoft.visualstudio.projectsystem.managed c:\Users\Admin\.vscode\extensions\ms-dotnettools.csdevkit-1.15.34-win32-x64\components\dotnet-project-system-vscode\node_modules\@microsoft\vscode.projectsystem.managed c:\Users\Admin\.vscode\extensions\ms-dotnettools.csdevkit-1.15.34-win32-x64\components\dotnet-project-system-vscode\node_modules\@microsoft\vscode.templateengine c:\Users\Admin\.vscode\extensions\ms-dotnettools.csdevkit-1.15.34-win32-x64\components\roslyn-visualstudio-languageservices-devkit\node_modules\@microsoft\visualstudio-languageservices-devkit c:\Users\Admin\.vscode\extensions\ms-dotnettools.csdevkit-1.15.34-win32-x64\components\vs-code-coverage\platforms\win32-x64\node_modules\@microsoft\coverage-services.win32-x64 c:\Users\Admin\.vscode\extensions\ms-dotnettools.csdevkit-1.15.34-win32-x64\components\vs-green-server\platforms\win32-x64\node_modules\@microsoft\servicehub-controller-net60.win32-x64 c:\Users\Admin\.vscode\extensions\ms-dotnettools.csdevkit-1.15.34-win32-x64\components\vs-green-server\platforms\win32-x64\node_modules\@microsoft\visualstudio-code-launcher.win32-x64 c:\Users\Admin\.vscode\extensions\ms-dotnettools.csdevkit-1.15.34-win32-x64\components\vs-green-server\platforms\win32-x64\node_modules\@microsoft\visualstudio-code-servicehost.win32-x64 c:\Users\Admin\.vscode\extensions\ms-dotnettools.csdevkit-1.15.34-win32-x64\components\vs-green-server\platforms\win32-x64\node_modules\@microsoft\visualstudio-reliability-monitor.win32-x64 c:\Users\Admin\.vscode\extensions\ms-dotnettools.csdevkit-1.15.34-win32-x64\components\vs-green-server\platforms\win32-x64\node_modules\@microsoft\visualstudio-server-samples-sayhello.win32-x64 c:\Users\Admin\.vscode\extensions\ms-dotnettools.csdevkit-1.15.34-win32-x64\components\vs-green-server\platforms\win32-x64\node_modules\@microsoft\visualstudio-server-shared.win32-x64 c:\Users\Admin\.vscode\extensions\ms-dotnettools.csdevkit-1.15.34-win32-x64\components\vs-green-server\platforms\win32-x64\node_modules\@microsoft\visualstudio-server.win32-x64 c:\Users\Admin\.vscode\extensions\ms-dotnettools.csdevkit-1.15.34-win32-x64\components\VSDebugCore\platforms\win32-x64\node_modules\@microsoft\visualstudio-debugger-devkit.win32-x64 c:\Users\Admin\.vscode\extensions\ms-dotnettools.csdevkit-1.15.34-win32-x64\components\VSUnitTesting\platforms\win32-x64\node_modules\@microsoft\visualstudio-testwindow-vscode-service.win32-x64 c:\Users\Admin\.vscode\extensions\ms-dotnettools.csdevkit-1.15.34-win32-x64\components\WebTools\node_modules\@microsoft\vscode.webtools
      4⤵
      Checks computer location settings
      Executes dropped EXE
      System Location Discovery: System Language Discovery
      Checks processor information in registry
      PID:7772
    - - \??\c:\Users\Admin\.vscode\extensions\ms-dotnettools.csdevkit-1.15.34-win32-x64\components\vs-green-server\platforms\win32-x64\node_modules\@microsoft\servicehub-controller-net60.win32-x64\Microsoft.ServiceHub.Controller.exe
        
        "c:\Users\Admin\.vscode\extensions\ms-dotnettools.csdevkit-1.15.34-win32-x64\components\vs-green-server\platforms\win32-x64\node_modules\@microsoft\servicehub-controller-net60.win32-x64/Microsoft.ServiceHub.Controller" f1d0e2dbe5ea1a180173a4f84a22fe1c533b71a2bbc0f0f92e4d51096612bfd0 /ControllerCooldownTimeout:30000 "/TelemetrySession:{\"TelemetryLevel\":\"all\",\"IsOptedIn\":false,\"HostName\":\"Default\",\"AppInsightsInstrumentationKey\":null,\"AsimovInstrumentationKey\":null,\"CollectorApiKey\":\"0c6ae279ed8443289764825290e4f9e2-1a736e7c-1324-4338-be46-fc2a58ae4d14-7255\",\"AppId\":1010,\"UserId\":\"4bcc34a8-75ff-4e4e-aad4-a4700fb1a713\",\"Id\":\"9e95c7c2-ab25-40da-89f7-aa01dbafe4dc1737053559438\",\"ProcessStartTime\":133815271790900961,\"SkuName\":null,\"VSExeVersion\":null,\"BucketFiltersToEnableWatsonForFaults\":[],\"BucketFiltersToAddDumpsToFaults\":[]}"
        5⤵
        Checks computer location settings
        Executes dropped EXE
        
        PID:8716
      - \??\c:\Users\Admin\.vscode\extensions\ms-dotnettools.csdevkit-1.15.34-win32-x64\components\vs-green-server\platforms\win32-x64\node_modules\@microsoft\visualstudio-code-servicehost.win32-x64\Microsoft.VisualStudio.Code.ServiceHost.exe
        
        "c:\Users\Admin\.vscode\extensions\ms-dotnettools.csdevkit-1.15.34-win32-x64\components\vs-green-server\platforms\win32-x64\node_modules\@microsoft\visualstudio-code-servicehost.win32-x64\Microsoft.VisualStudio.Code.ServiceHost.exe" dotnet.projectSystem$C94B8CFE-E3FD-4BAF-A941-2866DBB566FE net.pipe://8716D13DE4DDA0BAB84A189C34255ECD2DA4 "/TelemetrySession:{\"TelemetryLevel\":\"all\",\"IsOptedIn\":false,\"HostName\":\"Default\",\"AppInsightsInstrumentationKey\":null,\"AsimovInstrumentationKey\":null,\"CollectorApiKey\":\"0c6ae279ed8443289764825290e4f9e2-1a736e7c-1324-4338-be46-fc2a58ae4d14-7255\",\"AppId\":1010,\"UserId\":\"4bcc34a8-75ff-4e4e-aad4-a4700fb1a713\",\"Id\":\"9e95c7c2-ab25-40da-89f7-aa01dbafe4dc1737053559438\",\"ProcessStartTime\":133815271790900961,\"SkuName\":null,\"VSExeVersion\":null,\"BucketFiltersToEnableWatsonForFaults\":[],\"BucketFiltersToAddDumpsToFaults\":[]}"
        6⤵
        Checks computer location settings
        
        PID:8296
        
        C:\Program Files\dotnet\dotnet.exe
        
        "C:\Program Files\dotnet\dotnet.exe" "c:\Users\Admin\.vscode\extensions\ms-dotnettools.csdevkit-1.15.34-win32-x64\components\CPS\platforms\win32-x64\node_modules\@microsoft\visualstudio-projectsystem-buildhost.win32-x64/Microsoft.VisualStudio.ProjectSystem.Server.BuildHost.dll"
        7⤵
        
        PID:10812
        
        C:\Program Files\dotnet\dotnet.exe
        
        "C:\Program Files\dotnet\dotnet.exe" --info
        7⤵
        
        PID:7140
      - \??\c:\Users\Admin\.vscode\extensions\ms-dotnettools.csdevkit-1.15.34-win32-x64\components\vs-green-server\platforms\win32-x64\node_modules\@microsoft\visualstudio-code-servicehost.win32-x64\Microsoft.VisualStudio.Code.ServiceHost.exe
        
        "c:\Users\Admin\.vscode\extensions\ms-dotnettools.csdevkit-1.15.34-win32-x64\components\vs-green-server\platforms\win32-x64\node_modules\@microsoft\visualstudio-code-servicehost.win32-x64/Microsoft.VisualStudio.Code.ServiceHost.exe" dotnet$C94B8CFE-E3FD-4BAF-A941-2866DBB566FE net.pipe://8716D13DE4DDA0BAB84A189C34255ECD2DA4 "/TelemetrySession:{\"TelemetryLevel\":\"all\",\"IsOptedIn\":false,\"HostName\":\"Default\",\"AppInsightsInstrumentationKey\":null,\"AsimovInstrumentationKey\":null,\"CollectorApiKey\":\"0c6ae279ed8443289764825290e4f9e2-1a736e7c-1324-4338-be46-fc2a58ae4d14-7255\",\"AppId\":1010,\"UserId\":\"4bcc34a8-75ff-4e4e-aad4-a4700fb1a713\",\"Id\":\"9e95c7c2-ab25-40da-89f7-aa01dbafe4dc1737053559438\",\"ProcessStartTime\":133815271790900961,\"SkuName\":null,\"VSExeVersion\":null,\"BucketFiltersToEnableWatsonForFaults\":[],\"BucketFiltersToAddDumpsToFaults\":[]}"
        6⤵
        Checks computer location settings
        System Time Discovery
        
        PID:9456
- - \??\c:\Users\Admin\.vscode\extensions\ms-dotnettools.csdevkit-1.15.34-win32-x64\components\vs-green-server\platforms\win32-x64\node_modules\@microsoft\visualstudio-code-launcher.win32-x64\escape-node-job.exe
    c:\Users\Admin\.vscode\extensions\ms-dotnettools.csdevkit-1.15.34-win32-x64\components\vs-green-server\platforms\win32-x64\node_modules\@microsoft\visualstudio-code-launcher.win32-x64\escape-node-job c:\Users\Admin\.vscode\extensions\ms-dotnettools.csdevkit-1.15.34-win32-x64\components\vs-green-server\platforms\win32-x64\node_modules\@microsoft\visualstudio-reliability-monitor.win32-x64\Microsoft.VisualStudio.Reliability.Monitor --vscodeSessionId 9e95c7c2-ab25-40da-89f7-aa01dbafe4dc1737053559438 --vscodeTelemetryLevel all
    3⤵
    PID:9228
  - - C:\Windows\System32\Conhost.exe
      \??\C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
      4⤵
      PID:9828
  - - \??\c:\Users\Admin\.vscode\extensions\ms-dotnettools.csdevkit-1.15.34-win32-x64\components\vs-green-server\platforms\win32-x64\node_modules\@microsoft\visualstudio-reliability-monitor.win32-x64\Microsoft.VisualStudio.Reliability.Monitor.exe
      "c:\Users\Admin\.vscode\extensions\ms-dotnettools.csdevkit-1.15.34-win32-x64\components\vs-green-server\platforms\win32-x64\node_modules\@microsoft\visualstudio-reliability-monitor.win32-x64\Microsoft.VisualStudio.Reliability.Monitor" --vscodeSessionId 9e95c7c2-ab25-40da-89f7-aa01dbafe4dc1737053559438 --vscodeTelemetryLevel all
      4⤵
      Checks computer location settings
      PID:11444
- - C:\Program Files\dotnet\dotnet.exe
    dotnet.exe restore C:\Users\Admin\Desktop\Fableborne-Crypto-Bot-Crypto-Game-Auto-Farm-Clicker-Cheat-Token-Hack-Api-fableborne\Fableborne-Robot.sln --interactive
    3⤵
    PID:9376
- - \??\c:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\resources\app\node_modules\@vscode\ripgrep\bin\rg.exe
    "c:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\resources\app\node_modules\@vscode\ripgrep\bin\rg.exe" --files --hidden --case-sensitive --no-require-git -g **/package.json -g !**/.git -g !**/.svn -g !**/.hg -g !**/CVS -g !**/.DS_Store -g !**/Thumbs.db --no-ignore --follow --no-config --no-ignore-global
    3⤵
    PID:4828
- - \??\c:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\resources\app\node_modules\@vscode\ripgrep\bin\rg.exe
    "c:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\resources\app\node_modules\@vscode\ripgrep\bin\rg.exe" --files --hidden --case-sensitive --no-require-git -g **/tsconfig*.json -g !**/.git -g !**/.svn -g !**/.hg -g !**/CVS -g !**/.DS_Store -g !**/Thumbs.db -g !**/{node_modules,.*}/** --no-ignore --follow --no-config --no-ignore-global
    3⤵
    PID:10452
- - \??\c:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\resources\app\node_modules\@vscode\ripgrep\bin\rg.exe
    "c:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\resources\app\node_modules\@vscode\ripgrep\bin\rg.exe" --files --hidden --case-sensitive --no-require-git -g **/package.json -g !**/.git -g !**/.svn -g !**/.hg -g !**/CVS -g !**/.DS_Store -g !**/Thumbs.db -g !**/{node_modules,.vscode-test}/** --no-ignore --follow --no-config --no-ignore-global
    3⤵
    PID:7532
- - C:\Program Files\dotnet\dotnet.exe
    dotnet build C:\Users\Admin\Desktop\Fableborne-Crypto-Bot-Crypto-Game-Auto-Farm-Clicker-Cheat-Token-Hack-Api-fableborne\Fableborne-Robot.sln /property:GenerateFullPaths=true /consoleloggerparameters:NoSummary /p:Configuration=Debug "/p:Platform=\"Any CPU\""
    3⤵
    PID:12040
- - \??\c:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\resources\app\node_modules\@vscode\ripgrep\bin\rg.exe
    "c:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\resources\app\node_modules\@vscode\ripgrep\bin\rg.exe" --files --hidden --case-sensitive --no-require-git -g **/tsconfig*.json -g !**/.git -g !**/.svn -g !**/.hg -g !**/CVS -g !**/.DS_Store -g !**/Thumbs.db -g !**/{node_modules,.*}/** --no-ignore --follow --no-config --no-ignore-global
    3⤵
    PID:9200
- C:\Windows\system32\cmd.exe
  C:\Windows\system32\cmd.exe /d /s /c "wsl.exe -l -q"
  2⤵
  PID:10280
- C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe
  "C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe" --type=renderer --user-data-dir="C:\Users\Admin\AppData\Roaming\Code" --standard-schemes=vscode-webview,vscode-file --enable-sandbox --secure-schemes=vscode-webview,vscode-file --cors-schemes=vscode-webview,vscode-file --fetch-schemes=vscode-webview,vscode-file --service-worker-schemes=vscode-webview --code-cache-schemes=vscode-webview,vscode-file --app-user-model-id=Microsoft.VisualStudioCode --app-path="C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\resources\app" --enable-sandbox --enable-blink-features=HighlightAPI --disable-blink-features=FontMatchingCTMigration,StandardizedBrowserZoom, --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --field-trial-handle=4436,i,1042497478286513560,8234979831247775611,262144 --disable-features=CalculateNativeWinOcclusion,PlzDedicatedWorker,SpareRendererForSitePerProcess,WinDelaySpellcheckServiceInit,WinRetrieveSuggestionsOnlyOnDemand --variations-seed-version --mojo-platform-channel-handle=4452 --vscode-window-config=vscode:1b32411e-8e39-4e46-9049-ed4722a54b49 /prefetch:1
  2⤵
  - Checks computer location settings
  - Executes dropped EXE
  PID:8792
- C:\Windows\system32\cmd.exe
  C:\Windows\system32\cmd.exe /d /s /c "wsl.exe -l -q"
  2⤵
  PID:9196
- - C:\Windows\system32\wsl.exe
    wsl.exe -l -q
    3⤵
    PID:8724
- C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe
  "C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.4355 --user-data-dir="C:\Users\Admin\AppData\Roaming\Code" --gpu-preferences=UAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAAAAAAAhAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAEAAAAAAAAAAIAAAAAAAAAAgAAAAAAAAA --field-trial-handle=4752,i,1042497478286513560,8234979831247775611,262144 --disable-features=CalculateNativeWinOcclusion,PlzDedicatedWorker,SpareRendererForSitePerProcess,WinDelaySpellcheckServiceInit,WinRetrieveSuggestionsOnlyOnDemand --variations-seed-version --mojo-platform-channel-handle=4956 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:8832
- C:\Windows\system32\cmd.exe
  C:\Windows\system32\cmd.exe /d /s /c "wsl.exe -l -q"
  2⤵
  PID:11156
- - C:\Windows\system32\wsl.exe
    wsl.exe -l -q
    3⤵
    PID:11232
- C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe
  "C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe" --type=utility --utility-sub-type=node.mojom.NodeService --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --user-data-dir="C:\Users\Admin\AppData\Roaming\Code" --standard-schemes=vscode-webview,vscode-file --enable-sandbox --secure-schemes=vscode-webview,vscode-file --cors-schemes=vscode-webview,vscode-file --fetch-schemes=vscode-webview,vscode-file --service-worker-schemes=vscode-webview --code-cache-schemes=vscode-webview,vscode-file --field-trial-handle=4360,i,1042497478286513560,8234979831247775611,262144 --disable-features=CalculateNativeWinOcclusion,PlzDedicatedWorker,SpareRendererForSitePerProcess,WinDelaySpellcheckServiceInit,WinRetrieveSuggestionsOnlyOnDemand --variations-seed-version --mojo-platform-channel-handle=2832 /prefetch:8
  2⤵
  PID:7676
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://aka.ms/dotnet/download
  2⤵
  - Enumerates system info in registry
  - NTFS ADS
  - Suspicious behavior: EnumeratesProcesses
  - Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
  PID:7592
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x12c,0x130,0x134,0x108,0x138,0x7ffb70be46f8,0x7ffb70be4708,0x7ffb70be4718
    3⤵
    PID:7968
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2128,16657411992022038372,6370228117836545291,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2144 /prefetch:2
    3⤵
    PID:4812
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2128,16657411992022038372,6370228117836545291,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2288 /prefetch:3
    3⤵
    - Suspicious behavior: EnumeratesProcesses
    PID:8100
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2128,16657411992022038372,6370228117836545291,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2860 /prefetch:8
    3⤵
    PID:9532
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,16657411992022038372,6370228117836545291,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3440 /prefetch:1
    3⤵
    PID:9920
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,16657411992022038372,6370228117836545291,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3452 /prefetch:1
    3⤵
    PID:9976
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,16657411992022038372,6370228117836545291,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5304 /prefetch:1
    3⤵
    PID:5228
- - C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2128,16657411992022038372,6370228117836545291,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5752 /prefetch:8
    3⤵
    PID:7324
- - C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2128,16657411992022038372,6370228117836545291,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5752 /prefetch:8
    3⤵
    - Suspicious behavior: EnumeratesProcesses
    PID:10844
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,16657411992022038372,6370228117836545291,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6140 /prefetch:1
    3⤵
    PID:5292
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,16657411992022038372,6370228117836545291,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6120 /prefetch:1
    3⤵
    PID:3268
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,16657411992022038372,6370228117836545291,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3452 /prefetch:1
    3⤵
    PID:5760
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,16657411992022038372,6370228117836545291,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5884 /prefetch:1
    3⤵
    PID:5636
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=2128,16657411992022038372,6370228117836545291,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=5304 /prefetch:8
    3⤵
    PID:8196
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=2128,16657411992022038372,6370228117836545291,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5180 /prefetch:8
    3⤵
    PID:1692
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,16657411992022038372,6370228117836545291,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2792 /prefetch:1
    3⤵
    PID:740
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,16657411992022038372,6370228117836545291,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5436 /prefetch:1
    3⤵
    PID:10508
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2128,16657411992022038372,6370228117836545291,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6024 /prefetch:8
    3⤵
    - Suspicious behavior: EnumeratesProcesses
    PID:5352
- - C:\Users\Admin\Downloads\dotnet-sdk-9.0.102-win-x64.exe
    "C:\Users\Admin\Downloads\dotnet-sdk-9.0.102-win-x64.exe"
    3⤵
    - System Location Discovery: System Language Discovery
    PID:11912
  - - C:\Windows\Temp\{C76C9967-95C7-4E1A-81BA-FB9CF4076616}\.cr\dotnet-sdk-9.0.102-win-x64.exe
      "C:\Windows\Temp\{C76C9967-95C7-4E1A-81BA-FB9CF4076616}\.cr\dotnet-sdk-9.0.102-win-x64.exe" -burn.clean.room="C:\Users\Admin\Downloads\dotnet-sdk-9.0.102-win-x64.exe" -burn.filehandle.attached=716 -burn.filehandle.self=500
      4⤵
      Checks computer location settings
      System Location Discovery: System Language Discovery
      PID:1492
    - - C:\Windows\Temp\{D00420EB-9A84-412B-A58E-CCBAFDE0F80F}\.be\dotnet-sdk-9.0.102-win-x64.exe
        
        "C:\Windows\Temp\{D00420EB-9A84-412B-A58E-CCBAFDE0F80F}\.be\dotnet-sdk-9.0.102-win-x64.exe" -q -burn.elevated BurnPipe.{2969173D-1D64-423B-AE79-E907F364A2E3} {F052F49D-FA0A-4DEB-81E6-270F93C5891D} 1492
        5⤵
        Adds Run key to start application
        System Location Discovery: System Language Discovery
        Modifies registry class
        
        PID:7412
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2128,16657411992022038372,6370228117836545291,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.4355 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2040 /prefetch:2
    3⤵
    PID:11644

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:9680

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:11100

C:\Windows\system32\msiexec.exe
C:\Windows\system32\msiexec.exe /V
1⤵
- Enumerates connected drives
- Drops file in Program Files directory
- Drops file in Windows directory
- Modifies data under HKEY_USERS
- Modifies registry class
- Suspicious behavior: EnumeratesProcesses
PID:11192
- C:\Windows\syswow64\MsiExec.exe
  C:\Windows\syswow64\MsiExec.exe -Embedding 72B9124EF7CED516E38B6AA94F13F75F
  2⤵
  - System Location Discovery: System Language Discovery
  PID:8328
- C:\Windows\syswow64\MsiExec.exe
  C:\Windows\syswow64\MsiExec.exe -Embedding D93269F856F7B277EDF69AF0DD73BCBB
  2⤵
  - System Location Discovery: System Language Discovery
  PID:684
- C:\Windows\syswow64\MsiExec.exe
  C:\Windows\syswow64\MsiExec.exe -Embedding 7EE25D1D90E8BB9DBE528350A81B6239
  2⤵
  - System Location Discovery: System Language Discovery
  PID:4592
- C:\Windows\syswow64\MsiExec.exe
  C:\Windows\syswow64\MsiExec.exe -Embedding 12559B101258385DF9F7937439283FB2
  2⤵
  - System Location Discovery: System Language Discovery
  PID:8832
- C:\Windows\syswow64\MsiExec.exe
  C:\Windows\syswow64\MsiExec.exe -Embedding 99865285809EE1501519ED8ACA2EF05C
  2⤵
  - System Location Discovery: System Language Discovery
  PID:3020
- C:\Windows\syswow64\MsiExec.exe
  C:\Windows\syswow64\MsiExec.exe -Embedding 8A7D82856301CDEDC17D818516117BA9
  2⤵
  - System Location Discovery: System Language Discovery
  PID:6164
- C:\Windows\syswow64\MsiExec.exe
  C:\Windows\syswow64\MsiExec.exe -Embedding 6A6300A0808A917CCB6F9AF2A95CF274
  2⤵
  - System Location Discovery: System Language Discovery
  PID:6848
- C:\Windows\syswow64\MsiExec.exe
  C:\Windows\syswow64\MsiExec.exe -Embedding 4318803266D79A6E7661DC908F4A48B6
  2⤵
  - System Location Discovery: System Language Discovery
  PID:1244
- C:\Windows\syswow64\MsiExec.exe
  C:\Windows\syswow64\MsiExec.exe -Embedding 9651C7C2C688DA4DE79615E9D9136CDD
  2⤵
  - System Location Discovery: System Language Discovery
  PID:11432
- C:\Windows\syswow64\MsiExec.exe
  C:\Windows\syswow64\MsiExec.exe -Embedding BF1289525978A129474451A00B0DF990
  2⤵
  - System Location Discovery: System Language Discovery
  PID:9320
- C:\Windows\syswow64\MsiExec.exe
  C:\Windows\syswow64\MsiExec.exe -Embedding 3F88C186AA9E62367092838E0C4B1ADA
  2⤵
  - System Location Discovery: System Language Discovery
  PID:9396
- C:\Windows\syswow64\MsiExec.exe
  C:\Windows\syswow64\MsiExec.exe -Embedding 1F192D3C765F29729FE92688F23C5C73
  2⤵
  - System Location Discovery: System Language Discovery
  PID:10136
- C:\Windows\syswow64\MsiExec.exe
  C:\Windows\syswow64\MsiExec.exe -Embedding 83F2E4762C890AC9B45516599F4BE0F0
  2⤵
  - System Location Discovery: System Language Discovery
  PID:7620
- C:\Windows\syswow64\MsiExec.exe
  C:\Windows\syswow64\MsiExec.exe -Embedding 1F7636DB0CFC89B3B8EAC6204B64926D
  2⤵
  - System Location Discovery: System Language Discovery
  PID:9932
- C:\Windows\syswow64\MsiExec.exe
  C:\Windows\syswow64\MsiExec.exe -Embedding F500DECB950D162EAB6DE22B2ACC59B7
  2⤵
  - System Location Discovery: System Language Discovery
  PID:5812
- C:\Windows\syswow64\MsiExec.exe
  C:\Windows\syswow64\MsiExec.exe -Embedding 603C2EF58B4E8265F4BE7BB0F6F57204
  2⤵
  - System Location Discovery: System Language Discovery
  PID:10888
- C:\Windows\syswow64\MsiExec.exe
  C:\Windows\syswow64\MsiExec.exe -Embedding 68ED09DA42E7A458A51E3D25BF3EF953
  2⤵
  - System Location Discovery: System Language Discovery
  PID:3020
- C:\Windows\syswow64\MsiExec.exe
  C:\Windows\syswow64\MsiExec.exe -Embedding FB5034CE12566DB80140335F287A9A76
  2⤵
  - System Location Discovery: System Language Discovery
  PID:5680
- C:\Windows\syswow64\MsiExec.exe
  C:\Windows\syswow64\MsiExec.exe -Embedding 4193D50B7D890B95CBAC2538CAEB0FA4
  2⤵
  - System Location Discovery: System Language Discovery
  PID:9232
- C:\Windows\syswow64\MsiExec.exe
  C:\Windows\syswow64\MsiExec.exe -Embedding C64D44727CD089F6290C8FB9C24E455B
  2⤵
  - System Location Discovery: System Language Discovery
  PID:11084
- C:\Windows\syswow64\MsiExec.exe
  C:\Windows\syswow64\MsiExec.exe -Embedding D7E58702746C28CF94DE5684E14E6C4C
  2⤵
  - System Location Discovery: System Language Discovery
  PID:4544
- C:\Windows\syswow64\MsiExec.exe
  C:\Windows\syswow64\MsiExec.exe -Embedding C31F45232F9D6C74867AC4F360FAF72B
  2⤵
  - System Location Discovery: System Language Discovery
  PID:7128
- C:\Windows\syswow64\MsiExec.exe
  C:\Windows\syswow64\MsiExec.exe -Embedding 2F4A963C051003617399BB52A7199691
  2⤵
  - System Location Discovery: System Language Discovery
  PID:6916
- C:\Windows\syswow64\MsiExec.exe
  C:\Windows\syswow64\MsiExec.exe -Embedding CCE3635E1D09AA20DA1BC910D5F5AE09
  2⤵
  - System Location Discovery: System Language Discovery
  PID:1588
- C:\Windows\syswow64\MsiExec.exe
  C:\Windows\syswow64\MsiExec.exe -Embedding 1E04455F88F02C596DC337DD5B733D4B
  2⤵
  - System Location Discovery: System Language Discovery
  PID:5692
- C:\Windows\syswow64\MsiExec.exe
  C:\Windows\syswow64\MsiExec.exe -Embedding 130A251B6BC745448031A7FBF3B5D744
  2⤵
  - System Location Discovery: System Language Discovery
  PID:11688
- C:\Windows\syswow64\MsiExec.exe
  C:\Windows\syswow64\MsiExec.exe -Embedding 38ED7F03E9185D28598A17C785FB0B03
  2⤵
  - System Location Discovery: System Language Discovery
  PID:8368
- C:\Windows\syswow64\MsiExec.exe
  C:\Windows\syswow64\MsiExec.exe -Embedding 8E94389EDB8E208EE77654862CEBA7B6
  2⤵
  - System Location Discovery: System Language Discovery
  PID:11760
- C:\Windows\syswow64\MsiExec.exe
  C:\Windows\syswow64\MsiExec.exe -Embedding FE83FC267CF34D5D93BEBFD10680DE8D E Global\MSI0000
  2⤵
  - System Location Discovery: System Language Discovery
  PID:7332
- - C:\Program Files\dotnet\dotnet.exe
    "C:\Program Files\dotnet\\dotnet.exe" exec "C:\Program Files\dotnet\\sdk\9.0.102\dotnet.dll" internal-reportinstallsuccess "C:\Users\Admin\Downloads\dotnet-sdk-9.0.102-win-x64.exe"
    3⤵
    - Modifies data under HKEY_USERS
    PID:12064
  - - C:\Windows\system32\getmac.exe
      "C:\Windows\system32\getmac.exe"
      4⤵
      PID:7160
  - - C:\Windows\system32\getmac.exe
      "C:\Windows\system32\getmac.exe"
      4⤵
      PID:1400
  - - C:\Windows\system32\getmac.exe
      "C:\Windows\system32\getmac.exe"
      4⤵
      PID:7000
  - - C:\Windows\system32\getmac.exe
      "C:\Windows\system32\getmac.exe"
      4⤵
      PID:7784
  - - C:\Windows\system32\getmac.exe
      "C:\Windows\system32\getmac.exe"
      4⤵
      PID:4884
- C:\Windows\syswow64\MsiExec.exe
  C:\Windows\syswow64\MsiExec.exe -Embedding 961923394E51AB519BE911B4B520FDF5
  2⤵
  - System Location Discovery: System Language Discovery
  PID:6968

C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe
"C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe" "C:\Users\Admin\Desktop\Fableborne-Crypto-Bot-Crypto-Game-Auto-Farm-Clicker-Cheat-Token-Hack-Api-fableborne"
1⤵
- Checks computer location settings
- Drops file in Windows directory
- Checks processor information in registry
PID:6736
- C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe
  "C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe" --type=crashpad-handler --user-data-dir=C:\Users\Admin\AppData\Roaming\Code /prefetch:4 --no-rate-limit --monitor-self-annotation=ptype=crashpad-handler --database=C:\Users\Admin\AppData\Roaming\Code\Crashpad --url=appcenter://code?aid=a4e3233c-699c-46ec-b4f4-9c2a77254662&uid=ef6f41dd-eeff-4493-850f-f698dd9de73c&iid=ef6f41dd-eeff-4493-850f-f698dd9de73c&sid=ef6f41dd-eeff-4493-850f-f698dd9de73c --annotation=_companyName=Microsoft --annotation=_productName=VSCode --annotation=_version=1.96.3 --annotation=plat=Win64 --annotation=prod=Electron --annotation=ver=32.2.6 --initial-client-data=0x474,0x478,0x47c,0x470,0x480,0x7ff7a38060b8,0x7ff7a38060c4,0x7ff7a38060d0
  2⤵
  PID:1588
- C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe
  "C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe" --type=gpu-process --user-data-dir="C:\Users\Admin\AppData\Roaming\Code" --gpu-preferences=UAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAAAAAAABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAEAAAAAAAAAAIAAAAAAAAAAgAAAAAAAAA --field-trial-handle=1864,i,1472132166568719020,17995705908167431790,262144 --disable-features=CalculateNativeWinOcclusion,PlzDedicatedWorker,SpareRendererForSitePerProcess,WinDelaySpellcheckServiceInit,WinRetrieveSuggestionsOnlyOnDemand --variations-seed-version --mojo-platform-channel-handle=1856 /prefetch:2
  2⤵
  PID:11168
- C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe
  "C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --user-data-dir="C:\Users\Admin\AppData\Roaming\Code" --standard-schemes=vscode-webview,vscode-file --enable-sandbox --secure-schemes=vscode-webview,vscode-file --cors-schemes=vscode-webview,vscode-file --fetch-schemes=vscode-webview,vscode-file --service-worker-schemes=vscode-webview --code-cache-schemes=vscode-webview,vscode-file --field-trial-handle=2096,i,1472132166568719020,17995705908167431790,262144 --disable-features=CalculateNativeWinOcclusion,PlzDedicatedWorker,SpareRendererForSitePerProcess,WinDelaySpellcheckServiceInit,WinRetrieveSuggestionsOnlyOnDemand --variations-seed-version --mojo-platform-channel-handle=1984 /prefetch:3
  2⤵
  PID:9304
- C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe
  "C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe" --type=renderer --user-data-dir="C:\Users\Admin\AppData\Roaming\Code" --standard-schemes=vscode-webview,vscode-file --enable-sandbox --secure-schemes=vscode-webview,vscode-file --cors-schemes=vscode-webview,vscode-file --fetch-schemes=vscode-webview,vscode-file --service-worker-schemes=vscode-webview --code-cache-schemes=vscode-webview,vscode-file --app-user-model-id=Microsoft.VisualStudioCode --app-path="C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\resources\app" --enable-sandbox --enable-blink-features=HighlightAPI --disable-blink-features=FontMatchingCTMigration,StandardizedBrowserZoom, --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=4 --field-trial-handle=3200,i,1472132166568719020,17995705908167431790,262144 --disable-features=CalculateNativeWinOcclusion,PlzDedicatedWorker,SpareRendererForSitePerProcess,WinDelaySpellcheckServiceInit,WinRetrieveSuggestionsOnlyOnDemand --variations-seed-version --mojo-platform-channel-handle=3196 --vscode-window-config=vscode:3152b197-90a5-4f1d-8232-65aacd30a896 /prefetch:1
  2⤵
  - Checks computer location settings
  PID:11656
- C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe
  "C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe" --type=utility --utility-sub-type=node.mojom.NodeService --lang=en-US --service-sandbox-type=none --dns-result-order=ipv4first --inspect-port=0 --video-capture-use-gpu-memory-buffer --user-data-dir="C:\Users\Admin\AppData\Roaming\Code" --standard-schemes=vscode-webview,vscode-file --enable-sandbox --secure-schemes=vscode-webview,vscode-file --cors-schemes=vscode-webview,vscode-file --fetch-schemes=vscode-webview,vscode-file --service-worker-schemes=vscode-webview --code-cache-schemes=vscode-webview,vscode-file --field-trial-handle=3840,i,1472132166568719020,17995705908167431790,262144 --disable-features=CalculateNativeWinOcclusion,PlzDedicatedWorker,SpareRendererForSitePerProcess,WinDelaySpellcheckServiceInit,WinRetrieveSuggestionsOnlyOnDemand --variations-seed-version --mojo-platform-channel-handle=3844 /prefetch:8
  2⤵
  - Checks computer location settings
  PID:4424
- - \??\c:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\resources\app\node_modules\@vscode\ripgrep\bin\rg.exe
    "c:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\resources\app\node_modules\@vscode\ripgrep\bin\rg.exe" --files --hidden --case-sensitive --no-require-git -g **/*.fs -g **/*.fsproj -g **/*.fsx -g **/*.sln -g !**/.git -g !**/.svn -g !**/.hg -g !**/CVS -g !**/.DS_Store -g !**/Thumbs.db -g !**/node_modules -g !**/bower_components -g !**/*.code-search --no-ignore-parent --follow --quiet --no-config --no-ignore-global
    3⤵
    PID:10612
- - \??\c:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\resources\app\node_modules\@vscode\ripgrep\bin\rg.exe
    "c:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\resources\app\node_modules\@vscode\ripgrep\bin\rg.exe" --files --hidden --case-sensitive --no-require-git -g **/*.csproj -g !**/.git -g !**/.svn -g !**/.hg -g !**/CVS -g !**/.DS_Store -g !**/Thumbs.db -g !**/node_modules -g !**/bower_components -g !**/*.code-search --no-ignore-parent --follow --quiet --no-config --no-ignore-global
    3⤵
    PID:10868
- - \??\c:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\resources\app\node_modules\@vscode\ripgrep\bin\rg.exe
    "c:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\resources\app\node_modules\@vscode\ripgrep\bin\rg.exe" --files --hidden --case-sensitive --no-require-git -g **/*.{csproj,csx,cake} -g !**/.git -g !**/.svn -g !**/.hg -g !**/CVS -g !**/.DS_Store -g !**/Thumbs.db -g !**/node_modules -g !**/bower_components -g !**/*.code-search --no-ignore-parent --follow --quiet --no-config --no-ignore-global
    3⤵
    PID:11372
- - C:\Windows\system32\cmd.exe
    cmd /C where dotnet
    3⤵
    PID:2132
  - - C:\Windows\system32\where.exe
      where dotnet
      4⤵
      PID:6864
- - C:\Windows\system32\cmd.exe
    cmd /C where dotnet
    3⤵
    PID:7140
  - - C:\Windows\system32\where.exe
      where dotnet
      4⤵
      PID:724
- - C:\Windows\system32\cmd.exe
    C:\Windows\system32\cmd.exe /d /s /c "echo %PATH%"
    3⤵
    PID:2828
- - C:\Windows\system32\taskkill.exe
    taskkill /pid 2828 /f /t
    3⤵
    PID:2856
- - C:\Windows\system32\cmd.exe
    C:\Windows\system32\cmd.exe /d /s /c "where where"
    3⤵
    PID:3028
  - - C:\Windows\system32\where.exe
      where where
      4⤵
      PID:6248
- - C:\Windows\system32\taskkill.exe
    taskkill /pid 3028 /f /t
    3⤵
    - Kills process with taskkill
    PID:10708
- - C:\Windows\system32\cmd.exe
    C:\Windows\system32\cmd.exe /d /s /c "where dotnet"
    3⤵
    PID:6200
  - - C:\Windows\system32\where.exe
      where dotnet
      4⤵
      PID:7008
- - C:\Windows\system32\taskkill.exe
    taskkill /pid 6200 /f /t
    3⤵
    - Kills process with taskkill
    PID:6840
- - C:\Windows\system32\cmd.exe
    C:\Windows\system32\cmd.exe /d /s /c "chcp 65001"
    3⤵
    PID:7100
  - - C:\Windows\system32\chcp.com
      chcp 65001
      4⤵
      PID:6660
- - C:\Windows\system32\taskkill.exe
    taskkill /pid 7100 /f /t
    3⤵
    - Kills process with taskkill
    PID:11216
- - C:\Windows\system32\cmd.exe
    C:\Windows\system32\cmd.exe /d /s /c "chcp 65001 | "C:\Program Files\dotnet\dotnet.exe" --list-runtimes"
    3⤵
    - System Time Discovery
    PID:8636
  - - C:\Windows\system32\chcp.com
      chcp 65001
      4⤵
      PID:7280
  - - C:\Program Files\dotnet\dotnet.exe
      "C:\Program Files\dotnet\dotnet.exe" --list-runtimes
      4⤵
      System Time Discovery
      PID:1556
- - C:\Windows\system32\taskkill.exe
    taskkill /pid 8636 /f /t
    3⤵
    - Kills process with taskkill
    PID:6912
- - C:\Windows\system32\cmd.exe
    C:\Windows\system32\cmd.exe /d /s /c "chcp 65001"
    3⤵
    PID:1536
  - - C:\Windows\system32\chcp.com
      chcp 65001
      4⤵
      PID:1988
- - C:\Windows\system32\taskkill.exe
    taskkill /pid 1536 /f /t
    3⤵
    PID:1164
- - C:\Windows\system32\cmd.exe
    C:\Windows\system32\cmd.exe /d /s /c "chcp 65001 | "C:\Program Files\dotnet\dotnet.exe" --list-runtimes"
    3⤵
    - System Time Discovery
    PID:7972
  - - C:\Windows\system32\chcp.com
      chcp 65001
      4⤵
      PID:9152
  - - C:\Program Files\dotnet\dotnet.exe
      "C:\Program Files\dotnet\dotnet.exe" --list-runtimes
      4⤵
      PID:3844
- - C:\Windows\system32\taskkill.exe
    taskkill /pid 7972 /f /t
    3⤵
    PID:4804
- - C:\Windows\system32\cmd.exe
    C:\Windows\system32\cmd.exe /d /s /c ""C:\Program Files\dotnet\dotnet.exe" --info"
    3⤵
    PID:396
  - - C:\Program Files\dotnet\dotnet.exe
      "C:\Program Files\dotnet\dotnet.exe" --info
      4⤵
      PID:7692
- - C:\Windows\system32\taskkill.exe
    taskkill /pid 396 /f /t
    3⤵
    - Kills process with taskkill
    PID:6504
- - C:\Windows\system32\cmd.exe
    C:\Windows\system32\cmd.exe /d /s /c "echo %PATH%"
    3⤵
    PID:1476
- - C:\Windows\system32\taskkill.exe
    taskkill /pid 1476 /f /t
    3⤵
    PID:7284
- - C:\Windows\system32\cmd.exe
    C:\Windows\system32\cmd.exe /d /s /c "where where"
    3⤵
    PID:10604
  - - C:\Windows\system32\where.exe
      where where
      4⤵
      PID:9072
- - C:\Windows\system32\taskkill.exe
    taskkill /pid 10604 /f /t
    3⤵
    - Kills process with taskkill
    PID:10452
- - C:\Windows\system32\cmd.exe
    C:\Windows\system32\cmd.exe /d /s /c "where dotnet"
    3⤵
    PID:9052
  - - C:\Windows\system32\where.exe
      where dotnet
      4⤵
      PID:8956
- - C:\Windows\system32\taskkill.exe
    taskkill /pid 9052 /f /t
    3⤵
    PID:11208
- - C:\Windows\system32\cmd.exe
    C:\Windows\system32\cmd.exe /d /s /c "chcp 65001"
    3⤵
    PID:11232
  - - C:\Windows\system32\chcp.com
      chcp 65001
      4⤵
      PID:7648
- - C:\Windows\system32\taskkill.exe
    taskkill /pid 11232 /f /t
    3⤵
    - Kills process with taskkill
    PID:8688
- - C:\Windows\system32\cmd.exe
    C:\Windows\system32\cmd.exe /d /s /c "chcp 65001 | "C:\Program Files\dotnet\dotnet.exe" --list-runtimes"
    3⤵
    - System Time Discovery
    PID:4352
  - - C:\Windows\system32\chcp.com
      chcp 65001
      4⤵
      PID:10732
  - - C:\Program Files\dotnet\dotnet.exe
      "C:\Program Files\dotnet\dotnet.exe" --list-runtimes
      4⤵
      System Time Discovery
      PID:9024
- - C:\Windows\system32\taskkill.exe
    taskkill /pid 4352 /f /t
    3⤵
    PID:7104
- - C:\Windows\system32\cmd.exe
    C:\Windows\system32\cmd.exe /d /s /c "chcp 65001"
    3⤵
    PID:1616
  - - C:\Windows\system32\chcp.com
      chcp 65001
      4⤵
      PID:9584
- - C:\Windows\system32\taskkill.exe
    taskkill /pid 1616 /f /t
    3⤵
    PID:7456
- - C:\Windows\system32\cmd.exe
    C:\Windows\system32\cmd.exe /d /s /c "chcp 65001 | "C:\Program Files\dotnet\dotnet.exe" --list-runtimes"
    3⤵
    - System Time Discovery
    PID:9688
  - - C:\Windows\system32\chcp.com
      chcp 65001
      4⤵
      PID:6564
  - - C:\Program Files\dotnet\dotnet.exe
      "C:\Program Files\dotnet\dotnet.exe" --list-runtimes
      4⤵
      PID:8780
- - C:\Windows\system32\taskkill.exe
    taskkill /pid 9688 /f /t
    3⤵
    - Kills process with taskkill
    PID:10232
- - C:\Windows\system32\cmd.exe
    C:\Windows\system32\cmd.exe /d /s /c ""C:\Program Files\dotnet\dotnet.exe" --info"
    3⤵
    PID:7176
  - - C:\Program Files\dotnet\dotnet.exe
      "C:\Program Files\dotnet\dotnet.exe" --info
      4⤵
      PID:2936
- - C:\Windows\system32\taskkill.exe
    taskkill /pid 7176 /f /t
    3⤵
    PID:4616
- - C:\Windows\system32\cmd.exe
    cmd /C where dotnet
    3⤵
    PID:6292
  - - C:\Windows\system32\where.exe
      where dotnet
      4⤵
      PID:3176
- - C:\Program Files\dotnet\dotnet.exe
    "C:\Program Files\dotnet\dotnet.exe" --version
    3⤵
    PID:220
- - C:\Program Files\dotnet\dotnet.exe
    "C:\Program Files\dotnet\dotnet.exe" c:\Users\Admin\.vscode\extensions\ionide.ionide-fsharp-7.22.0\bin\net9.0\fsautocomplete.dll --state-directory c:\Users\Admin\AppData\Roaming\Code\User\workspaceStorage\8db0ad62c8bee7cc17490750f532a1bc\Ionide.Ionide-fsharp
    3⤵
    - Network Service Discovery
    PID:9020
  - - C:\Program Files\dotnet\dotnet.exe
      "C:\Program Files\dotnet\dotnet.exe" --version
      4⤵
      PID:10460
  - - C:\Program Files\dotnet\dotnet.exe
      "C:\Program Files\dotnet\dotnet.exe" --list-sdks
      4⤵
      PID:5284
  - - C:\Program Files\dotnet\dotnet.exe
      "C:\Program Files\dotnet\dotnet.exe" --version
      4⤵
      PID:5044
  - - C:\Program Files\dotnet\dotnet.exe
      "C:\Program Files\dotnet\dotnet.exe" --list-sdks
      4⤵
      PID:8348
  - - C:\Program Files\dotnet\dotnet.exe
      "C:\Program Files\dotnet\dotnet.exe" --version
      4⤵
      PID:7824
  - - C:\Program Files\dotnet\dotnet.exe
      "C:\Program Files\dotnet\dotnet.exe" --list-sdks
      4⤵
      PID:848
  - - C:\Program Files\dotnet\dotnet.exe
      "C:\Program Files\dotnet\dotnet.exe" --version
      4⤵
      PID:8020
  - - C:\Program Files\dotnet\dotnet.exe
      "C:\Program Files\dotnet\dotnet.exe" --list-sdks
      4⤵
      PID:8116
  - - C:\Program Files\dotnet\dotnet.exe
      "C:\Program Files\dotnet\dotnet.exe" --version
      4⤵
      PID:9488
  - - C:\Program Files\dotnet\dotnet.exe
      "C:\Program Files\dotnet\dotnet.exe" --list-sdks
      4⤵
      PID:10496
- - \??\c:\Users\Admin\.vscode\extensions\ms-dotnettools.csharp-2.61.28-win32-x64\.roslyn\Microsoft.CodeAnalysis.LanguageServer.exe
    c:\Users\Admin\.vscode\extensions\ms-dotnettools.csharp-2.61.28-win32-x64\.roslyn\Microsoft.CodeAnalysis.LanguageServer.exe --logLevel Information --razorSourceGenerator c:\Users\Admin\.vscode\extensions\ms-dotnettools.csharp-2.61.28-win32-x64\.razor\Microsoft.CodeAnalysis.Razor.Compiler.dll --razorDesignTimePath c:\Users\Admin\.vscode\extensions\ms-dotnettools.csharp-2.61.28-win32-x64\.razor\Targets\Microsoft.NET.Sdk.Razor.DesignTime.targets --devKitDependencyPath c:\Users\Admin\.vscode\extensions\ms-dotnettools.csharp-2.61.28-win32-x64\.roslynDevKit\Microsoft.VisualStudio.LanguageServices.DevKit.dll --sessionId 4be5313b-637a-4f04-a4bd-9153435a30a41737053817515 --extension c:\Users\Admin\.vscode\extensions\ms-dotnettools.csharp-2.61.28-win32-x64\.xamlTools\Microsoft.VisualStudio.DesignTools.CodeAnalysis.dll --extension c:\Users\Admin\.vscode\extensions\ms-dotnettools.csharp-2.61.28-win32-x64\.xamlTools\Microsoft.VisualStudio.DesignTools.CodeAnalysis.Diagnostics.dll --telemetryLevel all --extensionLogDirectory c:\Users\Admin\AppData\Roaming\Code\logs\20250116T185657\window1\exthost\ms-dotnettools.csharp
    3⤵
    - Checks computer location settings
    - Network Service Discovery
    - System Location Discovery: System Language Discovery
    - Checks processor information in registry
    PID:9324
- - C:\Program Files\dotnet\dotnet.exe
    dotnet --info
    3⤵
    PID:12276
- - \??\c:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\resources\app\node_modules\@vscode\ripgrep\bin\rg.exe
    "c:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\resources\app\node_modules\@vscode\ripgrep\bin\rg.exe" --files --hidden --case-sensitive --no-require-git -g **/*.{cshtml,razor} -g !**/.git -g !**/.svn -g !**/.hg -g !**/CVS -g !**/.DS_Store -g !**/Thumbs.db --no-ignore --follow --no-config --no-ignore-global
    3⤵
    PID:11960
- - C:\Program Files\dotnet\dotnet.exe
    dotnet --list-runtimes
    3⤵
    - System Time Discovery
    PID:1712
- - C:\Windows\system32\reg.exe
    C:\Windows\system32\reg.exe query "HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings"
    3⤵
    PID:1048
- - C:\Windows\system32\where.exe
    where.exe dotnet
    3⤵
    PID:9512
- - C:\Program Files\dotnet\dotnet.exe
    dotnet --version
    3⤵
    PID:9624
- - \??\c:\Users\Admin\.vscode\extensions\ms-dotnettools.csdevkit-1.15.34-win32-x64\components\vs-green-server\platforms\win32-x64\node_modules\@microsoft\visualstudio-code-launcher.win32-x64\escape-node-job.exe
    c:\Users\Admin\.vscode\extensions\ms-dotnettools.csdevkit-1.15.34-win32-x64\components\vs-green-server\platforms\win32-x64\node_modules\@microsoft\visualstudio-code-launcher.win32-x64\escape-node-job c:\Users\Admin\.vscode\extensions\ms-dotnettools.csdevkit-1.15.34-win32-x64\components\vs-green-server\platforms\win32-x64\node_modules\@microsoft\visualstudio-server.win32-x64\Microsoft.VisualStudio.Code.Server --serviceHubConfigPath c:\Users\Admin\.vscode\extensions\ms-dotnettools.csdevkit-1.15.34-win32-x64\components\servicehub\servicehub.config.json --pipe \\.\pipe\4e944285-1d7d-433d-868b-2be64032305d --pipe-server \\.\pipe\9c5f8f76-c8d6-4eb6-93ab-be356dd3b200 --log-directory c:\Users\Admin\AppData\Roaming\Code\logs\20250116T185657\window1\exthost\ms-dotnettools.csdevkit --log-verbosity Information --vscodeSessionId 4be5313b-637a-4f04-a4bd-9153435a30a41737053817515 --vscodeTelemetryLevel all --cache-directory c:\Users\Admin\.vscode\extensions\ms-dotnettools.csdevkit-1.15.34-win32-x64\cache --component c:\Users\Admin\.vscode\extensions\ms-dotnettools.csdevkit-1.15.34-win32-x64\components\CPS\platforms\win32-x64\node_modules\@microsoft\msbuild-dependencies.win32-x64 c:\Users\Admin\.vscode\extensions\ms-dotnettools.csdevkit-1.15.34-win32-x64\components\CPS\platforms\win32-x64\node_modules\@microsoft\visualstudio-projectsystem-buildhost-rpc.win32-x64 c:\Users\Admin\.vscode\extensions\ms-dotnettools.csdevkit-1.15.34-win32-x64\components\CPS\platforms\win32-x64\node_modules\@microsoft\visualstudio-projectsystem-buildhost.win32-x64 c:\Users\Admin\.vscode\extensions\ms-dotnettools.csdevkit-1.15.34-win32-x64\components\CPS\platforms\win32-x64\node_modules\@microsoft\visualstudio-projectsystem-server.win32-x64 c:\Users\Admin\.vscode\extensions\ms-dotnettools.csdevkit-1.15.34-win32-x64\components\dotnet-project-system\node_modules\@microsoft\microsoft.visualstudio.projectsystem.managed c:\Users\Admin\.vscode\extensions\ms-dotnettools.csdevkit-1.15.34-win32-x64\components\dotnet-project-system-vscode\node_modules\@microsoft\vscode.projectsystem.managed c:\Users\Admin\.vscode\extensions\ms-dotnettools.csdevkit-1.15.34-win32-x64\components\dotnet-project-system-vscode\node_modules\@microsoft\vscode.templateengine c:\Users\Admin\.vscode\extensions\ms-dotnettools.csdevkit-1.15.34-win32-x64\components\roslyn-visualstudio-languageservices-devkit\node_modules\@microsoft\visualstudio-languageservices-devkit c:\Users\Admin\.vscode\extensions\ms-dotnettools.csdevkit-1.15.34-win32-x64\components\vs-code-coverage\platforms\win32-x64\node_modules\@microsoft\coverage-services.win32-x64 c:\Users\Admin\.vscode\extensions\ms-dotnettools.csdevkit-1.15.34-win32-x64\components\vs-green-server\platforms\win32-x64\node_modules\@microsoft\servicehub-controller-net60.win32-x64 c:\Users\Admin\.vscode\extensions\ms-dotnettools.csdevkit-1.15.34-win32-x64\components\vs-green-server\platforms\win32-x64\node_modules\@microsoft\visualstudio-code-launcher.win32-x64 c:\Users\Admin\.vscode\extensions\ms-dotnettools.csdevkit-1.15.34-win32-x64\components\vs-green-server\platforms\win32-x64\node_modules\@microsoft\visualstudio-code-servicehost.win32-x64 c:\Users\Admin\.vscode\extensions\ms-dotnettools.csdevkit-1.15.34-win32-x64\components\vs-green-server\platforms\win32-x64\node_modules\@microsoft\visualstudio-reliability-monitor.win32-x64 c:\Users\Admin\.vscode\extensions\ms-dotnettools.csdevkit-1.15.34-win32-x64\components\vs-green-server\platforms\win32-x64\node_modules\@microsoft\visualstudio-server-samples-sayhello.win32-x64 c:\Users\Admin\.vscode\extensions\ms-dotnettools.csdevkit-1.15.34-win32-x64\components\vs-green-server\platforms\win32-x64\node_modules\@microsoft\visualstudio-server-shared.win32-x64 c:\Users\Admin\.vscode\extensions\ms-dotnettools.csdevkit-1.15.34-win32-x64\components\vs-green-server\platforms\win32-x64\node_modules\@microsoft\visualstudio-server.win32-x64 c:\Users\Admin\.vscode\extensions\ms-dotnettools.csdevkit-1.15.34-win32-x64\components\VSDebugCore\platforms\win32-x64\node_modules\@microsoft\visualstudio-debugger-devkit.win32-x64 c:\Users\Admin\.vscode\extensions\ms-dotnettools.csdevkit-1.15.34-win32-x64\components\VSUnitTesting\platforms\win32-x64\node_modules\@microsoft\visualstudio-testwindow-vscode-service.win32-x64 c:\Users\Admin\.vscode\extensions\ms-dotnettools.csdevkit-1.15.34-win32-x64\components\WebTools\node_modules\@microsoft\vscode.webtools
    3⤵
    PID:10044
  - - \??\c:\Users\Admin\.vscode\extensions\ms-dotnettools.csdevkit-1.15.34-win32-x64\components\vs-green-server\platforms\win32-x64\node_modules\@microsoft\visualstudio-server.win32-x64\Microsoft.VisualStudio.Code.Server.exe
      "c:\Users\Admin\.vscode\extensions\ms-dotnettools.csdevkit-1.15.34-win32-x64\components\vs-green-server\platforms\win32-x64\node_modules\@microsoft\visualstudio-server.win32-x64\Microsoft.VisualStudio.Code.Server" --serviceHubConfigPath c:\Users\Admin\.vscode\extensions\ms-dotnettools.csdevkit-1.15.34-win32-x64\components\servicehub\servicehub.config.json --pipe \\.\pipe\4e944285-1d7d-433d-868b-2be64032305d --pipe-server \\.\pipe\9c5f8f76-c8d6-4eb6-93ab-be356dd3b200 --log-directory c:\Users\Admin\AppData\Roaming\Code\logs\20250116T185657\window1\exthost\ms-dotnettools.csdevkit --log-verbosity Information --vscodeSessionId 4be5313b-637a-4f04-a4bd-9153435a30a41737053817515 --vscodeTelemetryLevel all --cache-directory c:\Users\Admin\.vscode\extensions\ms-dotnettools.csdevkit-1.15.34-win32-x64\cache --component c:\Users\Admin\.vscode\extensions\ms-dotnettools.csdevkit-1.15.34-win32-x64\components\CPS\platforms\win32-x64\node_modules\@microsoft\msbuild-dependencies.win32-x64 c:\Users\Admin\.vscode\extensions\ms-dotnettools.csdevkit-1.15.34-win32-x64\components\CPS\platforms\win32-x64\node_modules\@microsoft\visualstudio-projectsystem-buildhost-rpc.win32-x64 c:\Users\Admin\.vscode\extensions\ms-dotnettools.csdevkit-1.15.34-win32-x64\components\CPS\platforms\win32-x64\node_modules\@microsoft\visualstudio-projectsystem-buildhost.win32-x64 c:\Users\Admin\.vscode\extensions\ms-dotnettools.csdevkit-1.15.34-win32-x64\components\CPS\platforms\win32-x64\node_modules\@microsoft\visualstudio-projectsystem-server.win32-x64 c:\Users\Admin\.vscode\extensions\ms-dotnettools.csdevkit-1.15.34-win32-x64\components\dotnet-project-system\node_modules\@microsoft\microsoft.visualstudio.projectsystem.managed c:\Users\Admin\.vscode\extensions\ms-dotnettools.csdevkit-1.15.34-win32-x64\components\dotnet-project-system-vscode\node_modules\@microsoft\vscode.projectsystem.managed c:\Users\Admin\.vscode\extensions\ms-dotnettools.csdevkit-1.15.34-win32-x64\components\dotnet-project-system-vscode\node_modules\@microsoft\vscode.templateengine c:\Users\Admin\.vscode\extensions\ms-dotnettools.csdevkit-1.15.34-win32-x64\components\roslyn-visualstudio-languageservices-devkit\node_modules\@microsoft\visualstudio-languageservices-devkit c:\Users\Admin\.vscode\extensions\ms-dotnettools.csdevkit-1.15.34-win32-x64\components\vs-code-coverage\platforms\win32-x64\node_modules\@microsoft\coverage-services.win32-x64 c:\Users\Admin\.vscode\extensions\ms-dotnettools.csdevkit-1.15.34-win32-x64\components\vs-green-server\platforms\win32-x64\node_modules\@microsoft\servicehub-controller-net60.win32-x64 c:\Users\Admin\.vscode\extensions\ms-dotnettools.csdevkit-1.15.34-win32-x64\components\vs-green-server\platforms\win32-x64\node_modules\@microsoft\visualstudio-code-launcher.win32-x64 c:\Users\Admin\.vscode\extensions\ms-dotnettools.csdevkit-1.15.34-win32-x64\components\vs-green-server\platforms\win32-x64\node_modules\@microsoft\visualstudio-code-servicehost.win32-x64 c:\Users\Admin\.vscode\extensions\ms-dotnettools.csdevkit-1.15.34-win32-x64\components\vs-green-server\platforms\win32-x64\node_modules\@microsoft\visualstudio-reliability-monitor.win32-x64 c:\Users\Admin\.vscode\extensions\ms-dotnettools.csdevkit-1.15.34-win32-x64\components\vs-green-server\platforms\win32-x64\node_modules\@microsoft\visualstudio-server-samples-sayhello.win32-x64 c:\Users\Admin\.vscode\extensions\ms-dotnettools.csdevkit-1.15.34-win32-x64\components\vs-green-server\platforms\win32-x64\node_modules\@microsoft\visualstudio-server-shared.win32-x64 c:\Users\Admin\.vscode\extensions\ms-dotnettools.csdevkit-1.15.34-win32-x64\components\vs-green-server\platforms\win32-x64\node_modules\@microsoft\visualstudio-server.win32-x64 c:\Users\Admin\.vscode\extensions\ms-dotnettools.csdevkit-1.15.34-win32-x64\components\VSDebugCore\platforms\win32-x64\node_modules\@microsoft\visualstudio-debugger-devkit.win32-x64 c:\Users\Admin\.vscode\extensions\ms-dotnettools.csdevkit-1.15.34-win32-x64\components\VSUnitTesting\platforms\win32-x64\node_modules\@microsoft\visualstudio-testwindow-vscode-service.win32-x64 c:\Users\Admin\.vscode\extensions\ms-dotnettools.csdevkit-1.15.34-win32-x64\components\WebTools\node_modules\@microsoft\vscode.webtools
      4⤵
      Checks computer location settings
      System Location Discovery: System Language Discovery
      Checks processor information in registry
      PID:12156
    - - \??\c:\Users\Admin\.vscode\extensions\ms-dotnettools.csdevkit-1.15.34-win32-x64\components\vs-green-server\platforms\win32-x64\node_modules\@microsoft\servicehub-controller-net60.win32-x64\Microsoft.ServiceHub.Controller.exe
        
        "c:\Users\Admin\.vscode\extensions\ms-dotnettools.csdevkit-1.15.34-win32-x64\components\vs-green-server\platforms\win32-x64\node_modules\@microsoft\servicehub-controller-net60.win32-x64/Microsoft.ServiceHub.Controller" e3bcfd8c8500394baa9c5cd50ae10c1ba6c4d693f051152b806e622f689309e4 /ControllerCooldownTimeout:30000 "/TelemetrySession:{\"TelemetryLevel\":\"all\",\"IsOptedIn\":false,\"HostName\":\"Default\",\"AppInsightsInstrumentationKey\":null,\"AsimovInstrumentationKey\":null,\"CollectorApiKey\":\"0c6ae279ed8443289764825290e4f9e2-1a736e7c-1324-4338-be46-fc2a58ae4d14-7255\",\"AppId\":1010,\"UserId\":\"4bcc34a8-75ff-4e4e-aad4-a4700fb1a713\",\"Id\":\"4be5313b-637a-4f04-a4bd-9153435a30a41737053817515\",\"ProcessStartTime\":133815274254652010,\"SkuName\":null,\"VSExeVersion\":null,\"BucketFiltersToEnableWatsonForFaults\":[],\"BucketFiltersToAddDumpsToFaults\":[]}"
        5⤵
        Checks computer location settings
        
        PID:2924
      - \??\c:\Users\Admin\.vscode\extensions\ms-dotnettools.csdevkit-1.15.34-win32-x64\components\vs-green-server\platforms\win32-x64\node_modules\@microsoft\visualstudio-code-servicehost.win32-x64\Microsoft.VisualStudio.Code.ServiceHost.exe
        
        "c:\Users\Admin\.vscode\extensions\ms-dotnettools.csdevkit-1.15.34-win32-x64\components\vs-green-server\platforms\win32-x64\node_modules\@microsoft\visualstudio-code-servicehost.win32-x64/Microsoft.VisualStudio.Code.ServiceHost.exe" dotnet$C94B8CFE-E3FD-4BAF-A941-2866DBB566FE net.pipe://2924DEC2C82EA48F3F6FEA3DDA779E2C71A2 "/TelemetrySession:{\"TelemetryLevel\":\"all\",\"IsOptedIn\":false,\"HostName\":\"Default\",\"AppInsightsInstrumentationKey\":null,\"AsimovInstrumentationKey\":null,\"CollectorApiKey\":\"0c6ae279ed8443289764825290e4f9e2-1a736e7c-1324-4338-be46-fc2a58ae4d14-7255\",\"AppId\":1010,\"UserId\":\"4bcc34a8-75ff-4e4e-aad4-a4700fb1a713\",\"Id\":\"4be5313b-637a-4f04-a4bd-9153435a30a41737053817515\",\"ProcessStartTime\":133815274254652010,\"SkuName\":null,\"VSExeVersion\":null,\"BucketFiltersToEnableWatsonForFaults\":[],\"BucketFiltersToAddDumpsToFaults\":[]}"
        6⤵
        Checks computer location settings
        
        PID:6824
      - \??\c:\Users\Admin\.vscode\extensions\ms-dotnettools.csdevkit-1.15.34-win32-x64\components\vs-green-server\platforms\win32-x64\node_modules\@microsoft\visualstudio-code-servicehost.win32-x64\Microsoft.VisualStudio.Code.ServiceHost.exe
        
        "c:\Users\Admin\.vscode\extensions\ms-dotnettools.csdevkit-1.15.34-win32-x64\components\vs-green-server\platforms\win32-x64\node_modules\@microsoft\visualstudio-code-servicehost.win32-x64\Microsoft.VisualStudio.Code.ServiceHost.exe" dotnet.projectSystem$C94B8CFE-E3FD-4BAF-A941-2866DBB566FE net.pipe://2924DEC2C82EA48F3F6FEA3DDA779E2C71A2 "/TelemetrySession:{\"TelemetryLevel\":\"all\",\"IsOptedIn\":false,\"HostName\":\"Default\",\"AppInsightsInstrumentationKey\":null,\"AsimovInstrumentationKey\":null,\"CollectorApiKey\":\"0c6ae279ed8443289764825290e4f9e2-1a736e7c-1324-4338-be46-fc2a58ae4d14-7255\",\"AppId\":1010,\"UserId\":\"4bcc34a8-75ff-4e4e-aad4-a4700fb1a713\",\"Id\":\"4be5313b-637a-4f04-a4bd-9153435a30a41737053817515\",\"ProcessStartTime\":133815274254652010,\"SkuName\":null,\"VSExeVersion\":null,\"BucketFiltersToEnableWatsonForFaults\":[],\"BucketFiltersToAddDumpsToFaults\":[]}"
        6⤵
        Checks computer location settings
        System Time Discovery
        
        PID:6324
        
        C:\Program Files\dotnet\dotnet.exe
        
        "C:\Program Files\dotnet\dotnet.exe" "c:\Users\Admin\.vscode\extensions\ms-dotnettools.csdevkit-1.15.34-win32-x64\components\CPS\platforms\win32-x64\node_modules\@microsoft\visualstudio-projectsystem-buildhost.win32-x64/Microsoft.VisualStudio.ProjectSystem.Server.BuildHost.dll"
        7⤵
        
        PID:4416
- - \??\c:\Users\Admin\.vscode\extensions\ms-dotnettools.csdevkit-1.15.34-win32-x64\components\vs-green-server\platforms\win32-x64\node_modules\@microsoft\visualstudio-code-launcher.win32-x64\escape-node-job.exe
    c:\Users\Admin\.vscode\extensions\ms-dotnettools.csdevkit-1.15.34-win32-x64\components\vs-green-server\platforms\win32-x64\node_modules\@microsoft\visualstudio-code-launcher.win32-x64\escape-node-job c:\Users\Admin\.vscode\extensions\ms-dotnettools.csdevkit-1.15.34-win32-x64\components\vs-green-server\platforms\win32-x64\node_modules\@microsoft\visualstudio-reliability-monitor.win32-x64\Microsoft.VisualStudio.Reliability.Monitor --vscodeSessionId 4be5313b-637a-4f04-a4bd-9153435a30a41737053817515 --vscodeTelemetryLevel all
    3⤵
    PID:8512
  - - \??\c:\Users\Admin\.vscode\extensions\ms-dotnettools.csdevkit-1.15.34-win32-x64\components\vs-green-server\platforms\win32-x64\node_modules\@microsoft\visualstudio-reliability-monitor.win32-x64\Microsoft.VisualStudio.Reliability.Monitor.exe
      "c:\Users\Admin\.vscode\extensions\ms-dotnettools.csdevkit-1.15.34-win32-x64\components\vs-green-server\platforms\win32-x64\node_modules\@microsoft\visualstudio-reliability-monitor.win32-x64\Microsoft.VisualStudio.Reliability.Monitor" --vscodeSessionId 4be5313b-637a-4f04-a4bd-9153435a30a41737053817515 --vscodeTelemetryLevel all
      4⤵
      Checks computer location settings
      PID:1020
- - C:\Program Files\dotnet\dotnet.exe
    dotnet.exe restore C:\Users\Admin\Desktop\Fableborne-Crypto-Bot-Crypto-Game-Auto-Farm-Clicker-Cheat-Token-Hack-Api-fableborne\Fableborne-Robot.sln --interactive
    3⤵
    - Checks computer location settings
    PID:12120
- - C:\Windows\system32\cmd.exe
    cmd /C where dotnet
    3⤵
    PID:3852
  - - C:\Windows\system32\where.exe
      where dotnet
      4⤵
      PID:7468
- - C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe
    "C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe" "c:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\resources\app\extensions\json-language-features\server\dist\node\jsonServerMain" --node-ipc --clientProcessId=4424
    3⤵
    PID:6984
- C:\Windows\system32\cmd.exe
  C:\Windows\system32\cmd.exe /d /s /c "wsl.exe -l -q"
  2⤵
  PID:12188
- C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe
  "C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe" --type=utility --utility-sub-type=node.mojom.NodeService --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --user-data-dir="C:\Users\Admin\AppData\Roaming\Code" --standard-schemes=vscode-webview,vscode-file --enable-sandbox --secure-schemes=vscode-webview,vscode-file --cors-schemes=vscode-webview,vscode-file --fetch-schemes=vscode-webview,vscode-file --service-worker-schemes=vscode-webview --code-cache-schemes=vscode-webview,vscode-file --field-trial-handle=3852,i,1472132166568719020,17995705908167431790,262144 --disable-features=CalculateNativeWinOcclusion,PlzDedicatedWorker,SpareRendererForSitePerProcess,WinDelaySpellcheckServiceInit,WinRetrieveSuggestionsOnlyOnDemand --variations-seed-version --mojo-platform-channel-handle=3880 /prefetch:8
  2⤵
  - Checks computer location settings
  PID:12176
- - \??\c:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\bin\code-tunnel.exe
    "c:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\bin\code-tunnel.exe" tunnel status
    3⤵
    PID:10516
- C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe
  "C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe" --type=utility --utility-sub-type=node.mojom.NodeService --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --user-data-dir="C:\Users\Admin\AppData\Roaming\Code" --standard-schemes=vscode-webview,vscode-file --enable-sandbox --secure-schemes=vscode-webview,vscode-file --cors-schemes=vscode-webview,vscode-file --fetch-schemes=vscode-webview,vscode-file --service-worker-schemes=vscode-webview --code-cache-schemes=vscode-webview,vscode-file --field-trial-handle=3952,i,1472132166568719020,17995705908167431790,262144 --disable-features=CalculateNativeWinOcclusion,PlzDedicatedWorker,SpareRendererForSitePerProcess,WinDelaySpellcheckServiceInit,WinRetrieveSuggestionsOnlyOnDemand --variations-seed-version --mojo-platform-channel-handle=3872 /prefetch:8
  2⤵
  PID:12172
- C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe
  "C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe" --type=utility --utility-sub-type=node.mojom.NodeService --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --user-data-dir="C:\Users\Admin\AppData\Roaming\Code" --standard-schemes=vscode-webview,vscode-file --enable-sandbox --secure-schemes=vscode-webview,vscode-file --cors-schemes=vscode-webview,vscode-file --fetch-schemes=vscode-webview,vscode-file --service-worker-schemes=vscode-webview --code-cache-schemes=vscode-webview,vscode-file --field-trial-handle=4040,i,1472132166568719020,17995705908167431790,262144 --disable-features=CalculateNativeWinOcclusion,PlzDedicatedWorker,SpareRendererForSitePerProcess,WinDelaySpellcheckServiceInit,WinRetrieveSuggestionsOnlyOnDemand --variations-seed-version --mojo-platform-channel-handle=4036 /prefetch:8
  2⤵
  PID:6756
- - C:\Windows\system32\conhost.exe
    \\?\C:\Windows\system32\conhost.exe --headless --width 89 --height 11 --signal 0x3c8 --server 0x3c0
    3⤵
    PID:10372
- - C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
    C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe -noexit -command "try { . \"c:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\resources\app\out\vs\workbench\contrib\terminal\common\scripts\shellIntegration.ps1\" } catch {}"
    3⤵
    - Command and Scripting Interpreter: PowerShell
    PID:9316
- - C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe
    "C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe" "c:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\resources\app\node_modules\node-pty\lib\conpty_console_list_agent" 9316
    3⤵
    PID:9228
- - C:\Windows\system32\conhost.exe
    \\?\C:\Windows\system32\conhost.exe --headless --width 98 --height 11 --signal 0x454 --server 0x450
    3⤵
    PID:2632
- - C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
    C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe -noexit -command "try { . \"c:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\resources\app\out\vs\workbench\contrib\terminal\common\scripts\shellIntegration.ps1\" } catch {}"
    3⤵
    - Command and Scripting Interpreter: PowerShell
    PID:10376
- - C:\Windows\system32\conhost.exe
    \\?\C:\Windows\system32\conhost.exe --headless --inheritcursor --width 80 --height 11 --signal 0x380 --server 0x47c
    3⤵
    PID:12084
- - C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
    C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe -Command & 'C:\Program Files\dotnet\dotnet.exe' build Fableborne-Robot.sln
    3⤵
    - Command and Scripting Interpreter: PowerShell
    PID:1724
  - - C:\Program Files\dotnet\dotnet.exe
      "C:\Program Files\dotnet\dotnet.exe" build Fableborne-Robot.sln
      4⤵
      Checks computer location settings
      PID:1488
- C:\Windows\system32\cmd.exe
  C:\Windows\system32\cmd.exe /d /s /c "wsl.exe -l -q"
  2⤵
  PID:4840
- - C:\Windows\system32\wsl.exe
    wsl.exe -l -q
    3⤵
    PID:5456
- C:\Windows\system32\cmd.exe
  C:\Windows\system32\cmd.exe /d /s /c "wsl.exe -l -q"
  2⤵
  PID:6688
- C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe
  "C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe" --type=utility --utility-sub-type=node.mojom.NodeService --lang=en-US --service-sandbox-type=none --dns-result-order=ipv4first --inspect-port=0 --video-capture-use-gpu-memory-buffer --user-data-dir="C:\Users\Admin\AppData\Roaming\Code" --standard-schemes=vscode-webview,vscode-file --enable-sandbox --secure-schemes=vscode-webview,vscode-file --cors-schemes=vscode-webview,vscode-file --fetch-schemes=vscode-webview,vscode-file --service-worker-schemes=vscode-webview --code-cache-schemes=vscode-webview,vscode-file --field-trial-handle=4436,i,1472132166568719020,17995705908167431790,262144 --disable-features=CalculateNativeWinOcclusion,PlzDedicatedWorker,SpareRendererForSitePerProcess,WinDelaySpellcheckServiceInit,WinRetrieveSuggestionsOnlyOnDemand --variations-seed-version --mojo-platform-channel-handle=4432 /prefetch:8
  2⤵
  - Checks computer location settings
  PID:7196
- - \??\c:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\resources\app\node_modules\@vscode\ripgrep\bin\rg.exe
    "c:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\resources\app\node_modules\@vscode\ripgrep\bin\rg.exe" --files --hidden --case-sensitive --no-require-git -g **/*.fs -g **/*.fsproj -g **/*.fsx -g **/*.sln -g !**/.git -g !**/.svn -g !**/.hg -g !**/CVS -g !**/.DS_Store -g !**/Thumbs.db -g !**/node_modules -g !**/bower_components -g !**/*.code-search --no-ignore-parent --follow --quiet --no-config --no-ignore-global
    3⤵
    PID:9984
- - \??\c:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\resources\app\node_modules\@vscode\ripgrep\bin\rg.exe
    "c:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\resources\app\node_modules\@vscode\ripgrep\bin\rg.exe" --files --hidden --case-sensitive --no-require-git -g **/*.csproj -g !**/.git -g !**/.svn -g !**/.hg -g !**/CVS -g !**/.DS_Store -g !**/Thumbs.db -g !**/node_modules -g !**/bower_components -g !**/*.code-search --no-ignore-parent --follow --quiet --no-config --no-ignore-global
    3⤵
    PID:9436
- - \??\c:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\resources\app\node_modules\@vscode\ripgrep\bin\rg.exe
    "c:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\resources\app\node_modules\@vscode\ripgrep\bin\rg.exe" --files --hidden --case-sensitive --no-require-git -g **/*.{csproj,csx,cake} -g !**/.git -g !**/.svn -g !**/.hg -g !**/CVS -g !**/.DS_Store -g !**/Thumbs.db -g !**/node_modules -g !**/bower_components -g !**/*.code-search --no-ignore-parent --follow --quiet --no-config --no-ignore-global
    3⤵
    PID:10620
- - C:\Windows\system32\cmd.exe
    C:\Windows\system32\cmd.exe /d /s /c "echo %PATH%"
    3⤵
    PID:6188
- - C:\Windows\system32\taskkill.exe
    taskkill /pid 6188 /f /t
    3⤵
    PID:4320
- - C:\Windows\system32\cmd.exe
    C:\Windows\system32\cmd.exe /d /s /c "where where"
    3⤵
    PID:10408
  - - C:\Windows\system32\where.exe
      where where
      4⤵
      PID:8524
- - C:\Windows\system32\taskkill.exe
    taskkill /pid 10408 /f /t
    3⤵
    PID:8392
- - C:\Windows\system32\cmd.exe
    C:\Windows\system32\cmd.exe /d /s /c "where dotnet"
    3⤵
    PID:6648
  - - C:\Windows\system32\where.exe
      where dotnet
      4⤵
      PID:924
- - C:\Windows\system32\taskkill.exe
    taskkill /pid 6648 /f /t
    3⤵
    PID:10324
- - C:\Windows\system32\cmd.exe
    C:\Windows\system32\cmd.exe /d /s /c "chcp 65001"
    3⤵
    PID:7116
  - - C:\Windows\system32\chcp.com
      chcp 65001
      4⤵
      PID:5256
- - C:\Windows\system32\taskkill.exe
    taskkill /pid 7116 /f /t
    3⤵
    - Kills process with taskkill
    PID:8664
- - C:\Windows\system32\cmd.exe
    C:\Windows\system32\cmd.exe /d /s /c "chcp 65001 | "C:\Program Files\dotnet\dotnet.exe" --list-runtimes"
    3⤵
    - System Time Discovery
    PID:11180
  - - C:\Windows\system32\chcp.com
      chcp 65001
      4⤵
      PID:7020
  - - C:\Program Files\dotnet\dotnet.exe
      "C:\Program Files\dotnet\dotnet.exe" --list-runtimes
      4⤵
      System Time Discovery
      PID:6660
- - C:\Windows\system32\taskkill.exe
    taskkill /pid 11180 /f /t
    3⤵
    - Kills process with taskkill
    PID:11340
- - C:\Windows\system32\cmd.exe
    C:\Windows\system32\cmd.exe /d /s /c "chcp 65001"
    3⤵
    PID:1556
  - - C:\Windows\system32\chcp.com
      chcp 65001
      4⤵
      PID:8592
- - C:\Windows\system32\taskkill.exe
    taskkill /pid 1556 /f /t
    3⤵
    - Kills process with taskkill
    PID:8328
- - C:\Windows\system32\cmd.exe
    C:\Windows\system32\cmd.exe /d /s /c "chcp 65001 | "C:\Program Files\dotnet\dotnet.exe" --list-runtimes"
    3⤵
    PID:1988
  - - C:\Windows\system32\chcp.com
      chcp 65001
      4⤵
      PID:7972
  - - C:\Program Files\dotnet\dotnet.exe
      "C:\Program Files\dotnet\dotnet.exe" --list-runtimes
      4⤵
      System Time Discovery
      PID:9612
- - C:\Windows\system32\taskkill.exe
    taskkill /pid 1988 /f /t
    3⤵
    PID:9312
- - C:\Windows\system32\cmd.exe
    C:\Windows\system32\cmd.exe /d /s /c ""C:\Program Files\dotnet\dotnet.exe" --info"
    3⤵
    PID:8332
  - - C:\Program Files\dotnet\dotnet.exe
      "C:\Program Files\dotnet\dotnet.exe" --info
      4⤵
      PID:9220
- - C:\Windows\system32\taskkill.exe
    taskkill /pid 8332 /f /t
    3⤵
    - Kills process with taskkill
    PID:7484
- - C:\Windows\system32\cmd.exe
    C:\Windows\system32\cmd.exe /d /s /c "echo %PATH%"
    3⤵
    PID:6868
- - C:\Windows\system32\taskkill.exe
    taskkill /pid 6868 /f /t
    3⤵
    PID:1476
- - C:\Windows\system32\cmd.exe
    C:\Windows\system32\cmd.exe /d /s /c "where where"
    3⤵
    PID:6600
  - - C:\Windows\system32\where.exe
      where where
      4⤵
      PID:7252
- - C:\Windows\system32\taskkill.exe
    taskkill /pid 6600 /f /t
    3⤵
    PID:9028
- - C:\Windows\system32\cmd.exe
    C:\Windows\system32\cmd.exe /d /s /c "where dotnet"
    3⤵
    PID:9144
  - - C:\Windows\system32\where.exe
      where dotnet
      4⤵
      PID:6808
- - C:\Windows\system32\taskkill.exe
    taskkill /pid 9144 /f /t
    3⤵
    PID:6092
- - C:\Windows\system32\cmd.exe
    C:\Windows\system32\cmd.exe /d /s /c "chcp 65001"
    3⤵
    PID:8908
  - - C:\Windows\system32\chcp.com
      chcp 65001
      4⤵
      PID:11156
- - C:\Windows\system32\taskkill.exe
    taskkill /pid 8908 /f /t
    3⤵
    PID:6304
- - C:\Windows\system32\cmd.exe
    C:\Windows\system32\cmd.exe /d /s /c "chcp 65001 | "C:\Program Files\dotnet\dotnet.exe" --list-runtimes"
    3⤵
    PID:1708
  - - C:\Windows\system32\chcp.com
      chcp 65001
      4⤵
      PID:12072
  - - C:\Program Files\dotnet\dotnet.exe
      "C:\Program Files\dotnet\dotnet.exe" --list-runtimes
      4⤵
      System Time Discovery
      PID:9024
- - C:\Windows\system32\taskkill.exe
    taskkill /pid 1708 /f /t
    3⤵
    PID:4748
- - C:\Windows\system32\cmd.exe
    C:\Windows\system32\cmd.exe /d /s /c "chcp 65001"
    3⤵
    PID:9476
  - - C:\Windows\system32\chcp.com
      chcp 65001
      4⤵
      PID:5664
- - C:\Windows\system32\taskkill.exe
    taskkill /pid 9476 /f /t
    3⤵
    PID:10564
- - C:\Windows\system32\cmd.exe
    C:\Windows\system32\cmd.exe /d /s /c "chcp 65001 | "C:\Program Files\dotnet\dotnet.exe" --list-runtimes"
    3⤵
    - System Time Discovery
    PID:7872
  - - C:\Windows\system32\chcp.com
      chcp 65001
      4⤵
      PID:6260
  - - C:\Program Files\dotnet\dotnet.exe
      "C:\Program Files\dotnet\dotnet.exe" --list-runtimes
      4⤵
      System Time Discovery
      PID:8780
- - C:\Windows\system32\taskkill.exe
    taskkill /pid 7872 /f /t
    3⤵
    - Kills process with taskkill
    PID:10148
- - C:\Windows\system32\cmd.exe
    C:\Windows\system32\cmd.exe /d /s /c ""C:\Program Files\dotnet\dotnet.exe" --info"
    3⤵
    PID:5992
  - - C:\Program Files\dotnet\dotnet.exe
      "C:\Program Files\dotnet\dotnet.exe" --info
      4⤵
      PID:11008
- - C:\Windows\system32\taskkill.exe
    taskkill /pid 5992 /f /t
    3⤵
    PID:2936
- - C:\Windows\system32\cmd.exe
    cmd /C where dotnet
    3⤵
    PID:724
  - - C:\Windows\system32\where.exe
      where dotnet
      4⤵
      PID:1164
- - \??\c:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\resources\app\node_modules\@vscode\ripgrep\bin\rg.exe
    "c:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\resources\app\node_modules\@vscode\ripgrep\bin\rg.exe" --files --hidden --case-sensitive --no-require-git -g **/*.{cshtml,razor} -g !**/.git -g !**/.svn -g !**/.hg -g !**/CVS -g !**/.DS_Store -g !**/Thumbs.db --no-ignore --follow --no-config --no-ignore-global
    3⤵
    PID:7620
- - \??\c:\Users\Admin\.vscode\extensions\ms-dotnettools.csharp-2.61.28-win32-x64\.roslyn\Microsoft.CodeAnalysis.LanguageServer.exe
    c:\Users\Admin\.vscode\extensions\ms-dotnettools.csharp-2.61.28-win32-x64\.roslyn\Microsoft.CodeAnalysis.LanguageServer.exe --logLevel Information --razorSourceGenerator c:\Users\Admin\.vscode\extensions\ms-dotnettools.csharp-2.61.28-win32-x64\.razor\Microsoft.CodeAnalysis.Razor.Compiler.dll --razorDesignTimePath c:\Users\Admin\.vscode\extensions\ms-dotnettools.csharp-2.61.28-win32-x64\.razor\Targets\Microsoft.NET.Sdk.Razor.DesignTime.targets --telemetryLevel all --extensionLogDirectory c:\Users\Admin\AppData\Roaming\Code\logs\20250116T185657\window1\exthost\ms-dotnettools.csharp
    3⤵
    - Checks computer location settings
    - System Time Discovery
    PID:8188
  - - C:\Program Files\dotnet\dotnet.exe
      "dotnet.exe" --roll-forward LatestMajor c:\Users\Admin\.vscode\extensions\ms-dotnettools.csharp-2.61.28-win32-x64\.roslyn\BuildHost-netcore\Microsoft.CodeAnalysis.Workspaces.MSBuild.BuildHost.dll --pipe 5657e72d-95df-4dee-8cf5-d451fd0c08dd --property RazorDesignTimeTargets=c:\Users\Admin\.vscode\extensions\ms-dotnettools.csharp-2.61.28-win32-x64\.razor\Targets\Microsoft.NET.Sdk.Razor.DesignTime.targets --locale en-US
      4⤵
      System Time Discovery
      PID:5680
  - - C:\Program Files\dotnet\dotnet.exe
      "dotnet.exe" --roll-forward LatestMajor c:\Users\Admin\.vscode\extensions\ms-dotnettools.csharp-2.61.28-win32-x64\.roslyn\BuildHost-netcore\Microsoft.CodeAnalysis.Workspaces.MSBuild.BuildHost.dll --pipe fc454f10-90c0-46e3-8cec-4b3bd1c1e0ba --property RazorDesignTimeTargets=c:\Users\Admin\.vscode\extensions\ms-dotnettools.csharp-2.61.28-win32-x64\.razor\Targets\Microsoft.NET.Sdk.Razor.DesignTime.targets --locale en-US
      4⤵
      System Time Discovery
      PID:5328
  - - \??\c:\Users\Admin\.vscode\extensions\ms-dotnettools.csharp-2.61.28-win32-x64\.roslyn\BuildHost-net472\Microsoft.CodeAnalysis.Workspaces.MSBuild.BuildHost.exe
      "c:\Users\Admin\.vscode\extensions\ms-dotnettools.csharp-2.61.28-win32-x64\.roslyn\BuildHost-net472\Microsoft.CodeAnalysis.Workspaces.MSBuild.BuildHost.exe" --pipe 032ba277-ed02-4554-8933-b419940fe69f --property RazorDesignTimeTargets=c:\Users\Admin\.vscode\extensions\ms-dotnettools.csharp-2.61.28-win32-x64\.razor\Targets\Microsoft.NET.Sdk.Razor.DesignTime.targets --locale en-US
      4⤵
      System Time Discovery
      PID:10820
  - - C:\Program Files\dotnet\dotnet.exe
      "C:\Program Files\dotnet\dotnet.exe" restore c:\Users\Admin\Desktop\Fableborne-Crypto-Bot-Crypto-Game-Auto-Farm-Clicker-Cheat-Token-Hack-Api-fableborne\Fableborne-AutoPlay\Form11\Form1.csproj
      4⤵
      Checks computer location settings
      PID:5380
  - - C:\Program Files\dotnet\dotnet.exe
      "dotnet.exe" --roll-forward LatestMajor c:\Users\Admin\.vscode\extensions\ms-dotnettools.csharp-2.61.28-win32-x64\.roslyn\BuildHost-netcore\Microsoft.CodeAnalysis.Workspaces.MSBuild.BuildHost.dll --pipe 902fa847-3897-4231-ae51-7454ab351b6f --property RazorDesignTimeTargets=c:\Users\Admin\.vscode\extensions\ms-dotnettools.csharp-2.61.28-win32-x64\.razor\Targets\Microsoft.NET.Sdk.Razor.DesignTime.targets --locale en-US
      4⤵
      Network Service Discovery
      PID:9980
- - C:\Windows\system32\cmd.exe
    cmd /C where dotnet
    3⤵
    PID:5080
  - - C:\Windows\system32\where.exe
      where dotnet
      4⤵
      PID:5836
- - C:\Windows\system32\cmd.exe
    cmd /C where dotnet
    3⤵
    PID:8084
  - - C:\Windows\system32\where.exe
      where dotnet
      4⤵
      PID:5804
- - C:\Program Files\dotnet\dotnet.exe
    "C:\Program Files\dotnet\dotnet.exe" --version
    3⤵
    PID:11524
- - C:\Program Files\dotnet\dotnet.exe
    "C:\Program Files\dotnet\dotnet.exe" c:\Users\Admin\.vscode\extensions\ionide.ionide-fsharp-7.22.0\bin\net9.0\fsautocomplete.dll --state-directory c:\Users\Admin\AppData\Roaming\Code\User\workspaceStorage\8db0ad62c8bee7cc17490750f532a1bc\Ionide.Ionide-fsharp
    3⤵
    - Network Service Discovery
    PID:4936
  - - C:\Program Files\dotnet\dotnet.exe
      "C:\Program Files\dotnet\dotnet.exe" --version
      4⤵
      PID:10416
  - - C:\Program Files\dotnet\dotnet.exe
      "C:\Program Files\dotnet\dotnet.exe" --list-sdks
      4⤵
      PID:1712
  - - C:\Program Files\dotnet\dotnet.exe
      "C:\Program Files\dotnet\dotnet.exe" --version
      4⤵
      PID:5292
  - - C:\Program Files\dotnet\dotnet.exe
      "C:\Program Files\dotnet\dotnet.exe" --list-sdks
      4⤵
      PID:3184
  - - C:\Program Files\dotnet\dotnet.exe
      "C:\Program Files\dotnet\dotnet.exe" --version
      4⤵
      PID:7920
  - - C:\Program Files\dotnet\dotnet.exe
      "C:\Program Files\dotnet\dotnet.exe" --list-sdks
      4⤵
      PID:6848
  - - C:\Program Files\dotnet\dotnet.exe
      "C:\Program Files\dotnet\dotnet.exe" --version
      4⤵
      PID:10344
  - - C:\Program Files\dotnet\dotnet.exe
      "C:\Program Files\dotnet\dotnet.exe" --list-sdks
      4⤵
      PID:3412
  - - C:\Program Files\dotnet\dotnet.exe
      "C:\Program Files\dotnet\dotnet.exe" --version
      4⤵
      PID:7704
  - - C:\Program Files\dotnet\dotnet.exe
      "C:\Program Files\dotnet\dotnet.exe" --list-sdks
      4⤵
      PID:10492
- - \??\c:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\resources\app\node_modules\@vscode\ripgrep\bin\rg.exe
    "c:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\resources\app\node_modules\@vscode\ripgrep\bin\rg.exe" --files --hidden --case-sensitive --no-require-git -g **/*.sln -g !**/.git -g !**/.svn -g !**/.hg -g !**/CVS -g !**/.DS_Store -g !**/Thumbs.db -g !**/node_modules/** --no-ignore --follow --no-config --no-ignore-global
    3⤵
    PID:3376
- - C:\Windows\system32\cmd.exe
    C:\Windows\system32\cmd.exe /d /s /c "dotnet --info"
    3⤵
    PID:7272
  - - C:\Program Files\dotnet\dotnet.exe
      dotnet --info
      4⤵
      PID:6540
- - C:\Windows\system32\cmd.exe
    C:\Windows\system32\cmd.exe /d /s /c "dotnet --list-runtimes"
    3⤵
    - System Time Discovery
    PID:7516
  - - C:\Program Files\dotnet\dotnet.exe
      dotnet --list-runtimes
      4⤵
      System Time Discovery
      PID:11012
- - C:\Windows\system32\cmd.exe
    C:\Windows\system32\cmd.exe /d /s /c "%windir%\System32\REG.exe QUERY HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography /v MachineGuid"
    3⤵
    PID:8500
  - - C:\Windows\System32\reg.exe
      C:\Windows\System32\REG.exe QUERY HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography /v MachineGuid
      4⤵
      PID:9852
- - C:\Windows\system32\cmd.exe
    cmd /C where dotnet
    3⤵
    PID:4892
  - - C:\Windows\system32\where.exe
      where dotnet
      4⤵
      PID:5020
- - C:\Windows\system32\cmd.exe
    cmd /C where dotnet
    3⤵
    PID:10164
  - - C:\Windows\system32\where.exe
      where dotnet
      4⤵
      PID:5716
- - \??\c:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\resources\app\node_modules\@vscode\ripgrep\bin\rg.exe
    "c:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\resources\app\node_modules\@vscode\ripgrep\bin\rg.exe" --files --hidden --case-sensitive --no-require-git -g **/package.json -g !**/.git -g !**/.svn -g !**/.hg -g !**/CVS -g !**/.DS_Store -g !**/Thumbs.db --no-ignore --follow --no-config --no-ignore-global
    3⤵
    PID:5400
- - C:\Windows\system32\cmd.exe
    cmd /C where dotnet
    3⤵
    PID:7936
  - - C:\Windows\system32\where.exe
      where dotnet
      4⤵
      PID:2728
- - \??\c:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\resources\app\node_modules\@vscode\ripgrep\bin\rg.exe
    "c:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\resources\app\node_modules\@vscode\ripgrep\bin\rg.exe" --files --hidden --case-sensitive --no-require-git -g **/tsconfig*.json -g !**/.git -g !**/.svn -g !**/.hg -g !**/CVS -g !**/.DS_Store -g !**/Thumbs.db -g !**/{node_modules,.*}/** --no-ignore --follow --no-config --no-ignore-global
    3⤵
    PID:10520
- - \??\c:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\resources\app\node_modules\@vscode\ripgrep\bin\rg.exe
    "c:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\resources\app\node_modules\@vscode\ripgrep\bin\rg.exe" --files --hidden --case-sensitive --no-require-git -g **/package.json -g !**/.git -g !**/.svn -g !**/.hg -g !**/CVS -g !**/.DS_Store -g !**/Thumbs.db -g !**/{node_modules,.vscode-test}/** --no-ignore --follow --no-config --no-ignore-global
    3⤵
    PID:8516
- - C:\Windows\system32\cmd.exe
    cmd /C where dotnet
    3⤵
    PID:7336
  - - C:\Windows\system32\where.exe
      where dotnet
      4⤵
      PID:4796
- - \??\c:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\resources\app\node_modules\@vscode\ripgrep\bin\rg.exe
    "c:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\resources\app\node_modules\@vscode\ripgrep\bin\rg.exe" --files --hidden --case-sensitive --no-require-git -g **/tsconfig*.json -g !**/.git -g !**/.svn -g !**/.hg -g !**/CVS -g !**/.DS_Store -g !**/Thumbs.db -g !**/{node_modules,.*}/** --no-ignore --follow --no-config --no-ignore-global
    3⤵
    PID:6800
- - C:\Windows\system32\cmd.exe
    cmd /C where dotnet
    3⤵
    PID:5276
  - - C:\Windows\system32\where.exe
      where dotnet
      4⤵
      PID:9116
- - \??\c:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\resources\app\node_modules\@vscode\ripgrep\bin\rg.exe
    "c:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\resources\app\node_modules\@vscode\ripgrep\bin\rg.exe" --files --hidden --case-sensitive --no-require-git -g **/tsconfig*.json -g !**/.git -g !**/.svn -g !**/.hg -g !**/CVS -g !**/.DS_Store -g !**/Thumbs.db -g !**/{node_modules,.*}/** --no-ignore --follow --no-config --no-ignore-global
    3⤵
    PID:10948
- C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe
  "C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe" --type=utility --utility-sub-type=node.mojom.NodeService --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --user-data-dir="C:\Users\Admin\AppData\Roaming\Code" --standard-schemes=vscode-webview,vscode-file --enable-sandbox --secure-schemes=vscode-webview,vscode-file --cors-schemes=vscode-webview,vscode-file --fetch-schemes=vscode-webview,vscode-file --service-worker-schemes=vscode-webview --code-cache-schemes=vscode-webview,vscode-file --field-trial-handle=4600,i,1472132166568719020,17995705908167431790,262144 --disable-features=CalculateNativeWinOcclusion,PlzDedicatedWorker,SpareRendererForSitePerProcess,WinDelaySpellcheckServiceInit,WinRetrieveSuggestionsOnlyOnDemand --variations-seed-version --mojo-platform-channel-handle=4588 /prefetch:8
  2⤵
  PID:6580
- C:\Windows\system32\cmd.exe
  C:\Windows\system32\cmd.exe /d /s /c "wsl.exe -l -q"
  2⤵
  PID:9236
- - C:\Windows\system32\wsl.exe
    wsl.exe -l -q
    3⤵
    PID:11000
- C:\Windows\system32\cmd.exe
  C:\Windows\system32\cmd.exe /d /s /c "wsl.exe -l -q"
  2⤵
  PID:10508
- - C:\Windows\system32\wsl.exe
    wsl.exe -l -q
    3⤵
    PID:10332
- C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe
  "C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.4355 --user-data-dir="C:\Users\Admin\AppData\Roaming\Code" --gpu-preferences=UAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAAAAAAAhAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAEAAAAAAAAAAIAAAAAAAAAAgAAAAAAAAA --field-trial-handle=3992,i,1472132166568719020,17995705908167431790,262144 --disable-features=CalculateNativeWinOcclusion,PlzDedicatedWorker,SpareRendererForSitePerProcess,WinDelaySpellcheckServiceInit,WinRetrieveSuggestionsOnlyOnDemand --variations-seed-version --mojo-platform-channel-handle=2656 /prefetch:8
  2⤵
  PID:11608
- C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe
  "C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe" --type=renderer --user-data-dir="C:\Users\Admin\AppData\Roaming\Code" --standard-schemes=vscode-webview,vscode-file --enable-sandbox --secure-schemes=vscode-webview,vscode-file --cors-schemes=vscode-webview,vscode-file --fetch-schemes=vscode-webview,vscode-file --service-worker-schemes=vscode-webview --code-cache-schemes=vscode-webview,vscode-file --app-user-model-id=Microsoft.VisualStudioCode --app-path="C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\resources\app" --enable-sandbox --enable-blink-features=HighlightAPI --disable-blink-features=FontMatchingCTMigration,StandardizedBrowserZoom, --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --field-trial-handle=3740,i,1472132166568719020,17995705908167431790,262144 --disable-features=CalculateNativeWinOcclusion,PlzDedicatedWorker,SpareRendererForSitePerProcess,WinDelaySpellcheckServiceInit,WinRetrieveSuggestionsOnlyOnDemand --variations-seed-version --mojo-platform-channel-handle=3744 --vscode-window-config=vscode:3152b197-90a5-4f1d-8232-65aacd30a896 /prefetch:1
  2⤵
  - Checks computer location settings
  PID:11728

Network

DNS

7.98.22.2.in-addr.arpa

Code.exe

Remote address:

8.8.8.8:53

Request

7.98.22.2.in-addr.arpa

IN PTR

Response

7.98.22.2.in-addr.arpa

IN PTR

a2-22-98-7deploystaticakamaitechnologiescom
DNS

github.com

Code.exe

Remote address:

8.8.8.8:53

Request

github.com

IN Unknown

Response
DNS

76.32.126.40.in-addr.arpa

Remote address:

8.8.8.8:53

Request

76.32.126.40.in-addr.arpa

IN PTR

Response
DNS

checkappexec.microsoft.com

Remote address:

8.8.8.8:53

Request

checkappexec.microsoft.com

IN A

Response

checkappexec.microsoft.com

IN CNAME

prod-atm-wds-apprep.trafficmanager.net

prod-atm-wds-apprep.trafficmanager.net

IN CNAME

prod-agic-uw-1.ukwest.cloudapp.azure.com

prod-agic-uw-1.ukwest.cloudapp.azure.com

IN A

51.140.242.104
POST

https://checkappexec.microsoft.com/windows/shell/actions

Remote address:

51.140.242.104:443

Request

POST /windows/shell/actions HTTP/2.0
host: checkappexec.microsoft.com
accept-encoding: gzip, deflate
user-agent: SmartScreen/2814751014982010
authorization: SmartScreenHash eyJhdXRoSWQiOiJhZGZmZjVhZC1lZjllLTQzYTYtYjFhMy0yYWQ0MjY3YWVlZDUiLCJoYXNoIjoiRW5TbmxlQmxTdUk9Iiwia2V5IjoiWDF1eHZncTRhVGFwVzFLRUdWa0Fldz09In0=
content-length: 1161
content-type: application/json; charset=utf-8
cache-control: no-cache

Response

HTTP/2.0 200

date: Thu, 16 Jan 2025 18:47:13 GMT
content-type: application/json; charset=utf-8
content-length: 183
server: Kestrel
cache-control: max-age=0, private
request-context: appId=cid-v1:365e21c6-df19-4b1c-a612-b572489ace31
DNS

www.mozilla.org

firefox.exe

Remote address:

8.8.8.8:53

Request

www.mozilla.org

IN A

Response

www.mozilla.org

IN CNAME

www-mozilla.fastly-edge.com

www-mozilla.fastly-edge.com

IN A

151.101.131.19

www-mozilla.fastly-edge.com

IN A

151.101.67.19

www-mozilla.fastly-edge.com

IN A

151.101.195.19

www-mozilla.fastly-edge.com

IN A

151.101.3.19
GET

https://www.mozilla.org/firefox/welcome/21/

firefox.exe

Remote address:

151.101.131.19:443

Request

GET /firefox/welcome/21/ HTTP/2.0
host: www.mozilla.org
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
upgrade-insecure-requests: 1
sec-fetch-dest: document
sec-fetch-mode: navigate
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 302

server: granian
content-type: text/html; charset=utf-8
location: /en-US/firefox/welcome/21/
x-backend-server: bedrock-7f68c64994-dm8kz.gcp-us-west1
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cross-origin-opener-policy: same-origin
via: 1.1 google, 1.1 varnish
accept-ranges: bytes
date: Thu, 16 Jan 2025 18:47:14 GMT
age: 2489
x-served-by: cache-lcy-eglc8600084-LCY
x-cache: HIT
x-cache-hits: 1
x-timer: S1737053234.195933,VS0,VE2
vary: Accept-Language
content-length: 0
GET

https://www.mozilla.org/en-US/firefox/welcome/21/

firefox.exe

Remote address:

151.101.131.19:443

Request

GET /en-US/firefox/welcome/21/ HTTP/2.0
host: www.mozilla.org
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
upgrade-insecure-requests: 1
sec-fetch-dest: document
sec-fetch-mode: navigate
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

server: granian
content-type: text/html; charset=utf-8
x-frame-options: DENY
content-security-policy: img-src *.mozilla.org *.mozilla.net www.google-analytics.com images.ctfassets.net *.mozilla.com 'self' www.googletagmanager.com data:; frame-ancestors 'none'; font-src 'self' *.mozilla.org *.mozilla.net *.mozilla.com; script-src www.youtube.com js.stripe.com *.mozilla.org *.mozilla.net www.google-analytics.com tagmanager.google.com *.mozilla.com s.ytimg.com 'self' 'unsafe-inline' 'unsafe-eval' www.googletagmanager.com; frame-src www.youtube.com js.stripe.com *.mozilla.org *.mozilla.net www.google-analytics.com *.mozilla.com 'self' accounts.firefox.com www.googletagmanager.com; child-src www.youtube.com js.stripe.com *.mozilla.org *.mozilla.net www.google-analytics.com *.mozilla.com 'self' accounts.firefox.com www.googletagmanager.com; connect-src stage.cjms.nonprod.cloudops.mozgcp.net *.mozilla.org *.mozilla.net www.google-analytics.com *.mozilla.com cjms.services.mozilla.com 'self' https://accounts.firefox.com/ region1.google-analytics.com sentry.prod.mozaws.net o1069899.ingest.sentry.io o1069899.sentry.io www.googletagmanager.com; default-src 'self' *.mozilla.org *.mozilla.net *.mozilla.com; upgrade-insecure-requests; style-src *.mozilla.org *.mozilla.net *.mozilla.com 'self' 'unsafe-inline'
content-security-policy-report-only: img-src *.mozilla.org *.mozilla.net www.google-analytics.com images.ctfassets.net *.mozilla.com 'self' www.googletagmanager.com data:; frame-ancestors 'none'; font-src 'self' *.mozilla.org *.mozilla.net *.mozilla.com; script-src www.youtube.com js.stripe.com *.mozilla.org *.mozilla.net www.google-analytics.com tagmanager.google.com *.mozilla.com s.ytimg.com 'self' 'unsafe-inline' 'unsafe-eval' www.googletagmanager.com; frame-src www.youtube.com js.stripe.com *.mozilla.org *.mozilla.net www.google-analytics.com *.mozilla.com 'self' accounts.firefox.com www.googletagmanager.com; media-src 'self' assets.mozilla.net videos.cdn.mozilla.net; base-uri 'none'; child-src www.youtube.com js.stripe.com *.mozilla.org *.mozilla.net www.google-analytics.com *.mozilla.com 'self' accounts.firefox.com www.googletagmanager.com; connect-src stage.cjms.nonprod.cloudops.mozgcp.net *.mozilla.org *.mozilla.net www.google-analytics.com *.mozilla.com cjms.services.mozilla.com 'self' https://accounts.firefox.com/ region1.google-analytics.com sentry.prod.mozaws.net o1069899.ingest.sentry.io o1069899.sentry.io www.googletagmanager.com; default-src 'self'; upgrade-insecure-requests; style-src *.mozilla.org *.mozilla.net *.mozilla.com 'self'; object-src 'none'
cache-control: max-age=600
expires: Thu, 16 Jan 2025 05:31:31 GMT
x-clacks-overhead: GNU Terry Pratchett
content-language: en-US
etag: "9e8e6bd6e746793f738f7feb9264414f"
x-backend-server: bedrock-7f68c64994-s82ld.gcp-us-west1
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cross-origin-opener-policy: same-origin
via: 1.1 google, 1.1 varnish
content-encoding: br
accept-ranges: bytes
date: Thu, 16 Jan 2025 18:47:14 GMT
age: 99
x-served-by: cache-lcy-eglc8600084-LCY
x-cache: HIT
x-cache-hits: 1
x-timer: S1737053234.296867,VS0,VE1
vary: Accept-Encoding
content-length: 6099
GET

https://www.mozilla.org/media/js/site.b49d941e3374.js

firefox.exe

Remote address:

151.101.131.19:443

Request

GET /media/js/site.b49d941e3374.js HTTP/2.0
host: www.mozilla.org
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://www.mozilla.org/en-US/firefox/welcome/21/
sec-fetch-dest: script
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

expires: Fri, 06 Dec 2024 20:55:17 GMT
last-modified: Fri, 06 Dec 2024 19:50:35 GMT
etag: "77a146bcaf17a36a99bcd9699951f44e"
x-goog-generation: 1733514635615093
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 4280
x-goog-meta-goog-reserved-file-mtime: 1733514602
content-type: text/css
x-goog-hash: crc32c=Pvc2kw==
x-goog-hash: md5=d6FGvK8Xo2qZvNlpmVH0Tg==
x-goog-storage-class: STANDARD
access-control-expose-headers: *
x-guploader-uploadid: AFiumC6yDmUTP9bZn2XPfo9s6TPLQHtp-lftUIHIzVYfDw-31Nvui17yq3vY1vCf2WAP-Ydj8T8U979FuQ
server: UploadServer
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=315360000, public, immutable
accept-ranges: bytes
date: Thu, 16 Jan 2025 18:47:14 GMT
age: 465377
access-control-allow-origin: https://prod.cms.bedrock.prod.webservices.mozgcp.net
x-served-by: cache-bfi-krnt7300041-BFI, cache-lcy-eglc8600084-LCY
x-cache: HIT, HIT
x-cache-hits: 5, 2766
x-timer: S1737053234.465913,VS0,VE0
content-length: 4280
GET

https://www.mozilla.org/media/css/m24-root.77a146bcaf17.css

firefox.exe

Remote address:

151.101.131.19:443

Request

GET /media/css/m24-root.77a146bcaf17.css HTTP/2.0
host: www.mozilla.org
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: text/css,*/*;q=0.1
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://www.mozilla.org/en-US/firefox/welcome/21/
sec-fetch-dest: style
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

x-guploader-uploadid: AFiumC5qoyRV_xqs97BFXIYWjzHphlRpOG8ncCAfRstOOChYTxq7vPO_G6TVeSO_ReoypQZBzvXAPj4
x-goog-generation: 1733837360340772
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 5895
x-goog-meta-goog-reserved-file-mtime: 1733837258
x-goog-hash: crc32c=60FKGQ==
x-goog-hash: md5=tJ2UHjN0uFrhrv9GUPRd3Q==
x-goog-storage-class: STANDARD
access-control-expose-headers: *
server: UploadServer
expires: Sat, 21 Dec 2024 13:56:53 GMT
last-modified: Tue, 17 Dec 2024 23:38:58 GMT
etag: "b49d941e3374b85ae1aeff4650f45ddd"
content-type: text/javascript
content-encoding: br
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=315360000, public, immutable
accept-ranges: bytes
date: Thu, 16 Jan 2025 18:47:14 GMT
age: 2181021
access-control-allow-origin: https://prod.cms.bedrock.prod.webservices.mozgcp.net
x-served-by: cache-bfi-kbfi7400094-BFI, cache-lcy-eglc8600084-LCY
x-cache: HIT, HIT
x-cache-hits: 24, 4219
x-timer: S1737053234.465916,VS0,VE0
vary: Accept-Encoding
content-length: 2051
GET

https://www.mozilla.org/media/css/m24-navigation-and-footer.e8f9c32ba5aa.css

firefox.exe

Remote address:

151.101.131.19:443

Request

GET /media/css/m24-navigation-and-footer.e8f9c32ba5aa.css HTTP/2.0
host: www.mozilla.org
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: text/css,*/*;q=0.1
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://www.mozilla.org/en-US/firefox/welcome/21/
sec-fetch-dest: style
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

x-guploader-uploadid: AFIdbgSubpoCHNsHAWV2grIQooraliVXFusbLP98L6_vVINZAXXZy_SKdwzQIQMnUuIJ7Kcw
expires: Mon, 13 Jan 2025 15:07:08 GMT
last-modified: Mon, 13 Jan 2025 14:01:21 GMT
etag: "e8f9c32ba5aa777732eb28d0ed89dc65"
x-goog-generation: 1736776881293912
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 37717
x-goog-meta-goog-reserved-file-mtime: 1736776839
content-type: text/css
x-goog-hash: crc32c=vpgJ+w==
x-goog-hash: md5=6PnDK6Wqd3cy6yjQ7YncZQ==
x-goog-storage-class: STANDARD
access-control-expose-headers: *
server: UploadServer
content-encoding: br
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=315360000, public, immutable
accept-ranges: bytes
date: Thu, 16 Jan 2025 18:47:14 GMT
age: 189606
access-control-allow-origin: https://prod.cms.bedrock.prod.webservices.mozgcp.net
x-served-by: cache-bfi-krnt7300049-BFI, cache-lcy-eglc8600084-LCY
x-cache: HIT, HIT
x-cache-hits: 27, 3999
x-timer: S1737053234.468545,VS0,VE0
vary: Accept-Encoding
content-length: 5024
GET

https://www.mozilla.org/media/css/protocol-firefox.e581097aaf66.css

firefox.exe

Remote address:

151.101.131.19:443

Request

GET /media/css/protocol-firefox.e581097aaf66.css HTTP/2.0
host: www.mozilla.org
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: text/css,*/*;q=0.1
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://www.mozilla.org/en-US/firefox/welcome/21/
sec-fetch-dest: style
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

x-guploader-uploadid: AFIdbgT-lKOFa_5Pyn2dVrHQ0TclHUuVTecaSa_ojS4EQs0hpir-ze-IDk1BWrlIfZ2Kd2Y2
expires: Mon, 13 Jan 2025 15:07:08 GMT
last-modified: Mon, 13 Jan 2025 14:01:22 GMT
etag: "e581097aaf662199b921ccc6d941b07c"
x-goog-generation: 1736776882882721
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 90937
x-goog-meta-goog-reserved-file-mtime: 1736776839
content-type: text/css
x-goog-hash: crc32c=7Y0vTw==
x-goog-hash: md5=5YEJeq9mIZm5IczG2UGwfA==
x-goog-storage-class: STANDARD
access-control-expose-headers: *
server: UploadServer
content-encoding: br
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=315360000, public, immutable
accept-ranges: bytes
date: Thu, 16 Jan 2025 18:47:14 GMT
age: 189606
access-control-allow-origin: https://prod.cms.bedrock.prod.webservices.mozgcp.net
x-served-by: cache-bfi-krnt7300086-BFI, cache-lcy-eglc8600084-LCY
x-cache: HIT, HIT
x-cache-hits: 19, 2522
x-timer: S1737053234.471148,VS0,VE0
vary: Accept-Encoding
content-length: 11975
GET

https://www.mozilla.org/media/css/protocol-picto.cfee40a3cd36.css

firefox.exe

Remote address:

151.101.131.19:443

Request

GET /media/css/protocol-picto.cfee40a3cd36.css HTTP/2.0
host: www.mozilla.org
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: text/css,*/*;q=0.1
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://www.mozilla.org/en-US/firefox/welcome/21/
sec-fetch-dest: style
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

x-goog-generation: 1732278617594750
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 4030
x-goog-meta-goog-reserved-file-mtime: 1732278575
x-goog-hash: crc32c=2139kw==
x-goog-hash: md5=z+5Ao8028DVHdkyI+iygkg==
x-goog-storage-class: STANDARD
access-control-expose-headers: *
x-guploader-uploadid: AFiumC7QcyszmDzoLKYanEhXjtIp9dJef2waB2PywRLvQysEcrV3nhDGdEK6ZYFdOsokWfam8jVttqHDXw
server: UploadServer
expires: Tue, 26 Nov 2024 01:45:43 GMT
last-modified: Mon, 25 Nov 2024 09:35:57 GMT
etag: "cfee40a3cd36f03547764c88fa2ca092"
content-type: text/css
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=315360000, public, immutable
accept-ranges: bytes
date: Thu, 16 Jan 2025 18:47:14 GMT
age: 833699
access-control-allow-origin: https://prod.cms.bedrock.prod.webservices.mozgcp.net
x-served-by: cache-bfi-krnt7300050-BFI, cache-lcy-eglc8600084-LCY
x-cache: HIT, HIT
x-cache-hits: 79, 111
x-timer: S1737053234.475332,VS0,VE0
content-length: 4030
GET

https://www.mozilla.org/media/css/firefox_welcome_page19_to_24.3bad9ee2f487.css

firefox.exe

Remote address:

151.101.131.19:443

Request

GET /media/css/firefox_welcome_page19_to_24.3bad9ee2f487.css HTTP/2.0
host: www.mozilla.org
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: text/css,*/*;q=0.1
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://www.mozilla.org/en-US/firefox/welcome/21/
sec-fetch-dest: style
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

x-goog-generation: 1730716181455966
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1377
x-goog-meta-goog-reserved-file-mtime: 1730716110
x-goog-hash: crc32c=UD4tow==
x-goog-hash: md5=tbfIhfj6+ouFjjEJUgeQAw==
x-goog-storage-class: STANDARD
access-control-expose-headers: *
x-guploader-uploadid: AHmUCY1Lek5s62fiFdqHSkFyjmYLs_KQ_fHJ3FFqQ8nRu2tR_hmPqvM7fX-EEGuLhYN2Q-X9cwMbtQAKZw
server: UploadServer
expires: Mon, 04 Nov 2024 15:30:45 GMT
last-modified: Mon, 04 Nov 2024 10:29:41 GMT
etag: "b5b7c885f8fafa8b858e310952079003"
content-type: text/javascript
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=315360000, public, immutable
accept-ranges: bytes
date: Thu, 16 Jan 2025 18:47:14 GMT
age: 2045437
access-control-allow-origin: https://prod.cms.bedrock.prod.webservices.mozgcp.net
x-served-by: cache-bfi-kbfi7400091-BFI, cache-lcy-eglc8600084-LCY
x-cache: HIT, HIT
x-cache-hits: 4, 3086
x-timer: S1737053234.480107,VS0,VE0
content-length: 1377
GET

https://www.mozilla.org/media/js/gtm-snippet.b5b7c885f8fa.js

firefox.exe

Remote address:

151.101.131.19:443

Request

GET /media/js/gtm-snippet.b5b7c885f8fa.js HTTP/2.0
host: www.mozilla.org
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://www.mozilla.org/en-US/firefox/welcome/21/
sec-fetch-dest: script
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

x-goog-generation: 1730716169454808
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 12219
x-goog-meta-goog-reserved-file-mtime: 1730716108
x-goog-hash: crc32c=u+doZg==
x-goog-hash: md5=87GIcbZX6/sbDrvyY/zVKQ==
x-goog-storage-class: STANDARD
access-control-expose-headers: *
x-guploader-uploadid: AHmUCY2AjYUVvep3CiPW7pd6_AWZjJ1fZ9PLU-gpM9AopaoijT2arRrDEXFzP8jYNnrdsyaMchY
server: UploadServer
expires: Tue, 05 Nov 2024 16:24:55 GMT
last-modified: Mon, 04 Nov 2024 10:29:29 GMT
etag: "f3b18871b657ebfb1b0ebbf263fcd529"
content-type: image/svg+xml
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=315360000, public, immutable
accept-ranges: bytes
date: Thu, 16 Jan 2025 18:47:14 GMT
age: 742719
access-control-allow-origin: https://prod.cms.bedrock.prod.webservices.mozgcp.net
x-served-by: cache-bfi-kbfi7400093-BFI, cache-lcy-eglc8600084-LCY
x-cache: HIT, HIT
x-cache-hits: 10, 2211
x-timer: S1737053234.482927,VS0,VE0
content-length: 12219
GET

https://www.mozilla.org/media/img/logos/firefox/logo-word-hor.f3b18871b657.svg

firefox.exe

Remote address:

151.101.131.19:443

Request

GET /media/img/logos/firefox/logo-word-hor.f3b18871b657.svg HTTP/2.0
host: www.mozilla.org
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: image/avif,image/webp,*/*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://www.mozilla.org/en-US/firefox/welcome/21/
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

x-guploader-uploadid: AFIdbgQhjpkqwVHKV_mZQidIDiv1p6SmNsWGloCf8yZPXwEYxBPNzh2MvAacTNaddjfj501S
expires: Mon, 13 Jan 2025 15:07:08 GMT
last-modified: Mon, 13 Jan 2025 14:02:31 GMT
etag: "ca22623b11b10587e367017837790711"
x-goog-generation: 1736776951943546
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 55826
x-goog-meta-goog-reserved-file-mtime: 1736776839
content-type: text/javascript
x-goog-hash: crc32c=iDKTcA==
x-goog-hash: md5=yiJiOxGxBYfjZwF4N3kHEQ==
x-goog-storage-class: STANDARD
access-control-expose-headers: *
server: UploadServer
content-encoding: br
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=315360000, public, immutable
accept-ranges: bytes
date: Thu, 16 Jan 2025 18:47:14 GMT
age: 191454
access-control-allow-origin: https://prod.cms.bedrock.prod.webservices.mozgcp.net
x-served-by: cache-bfi-krnt7300108-BFI, cache-lcy-eglc8600084-LCY
x-cache: HIT, HIT
x-cache-hits: 24, 4416
x-timer: S1737053234.483991,VS0,VE0
vary: Accept-Encoding
content-length: 17901
GET

https://www.mozilla.org/media/js/sentry.ca22623b11b1.js

firefox.exe

Remote address:

151.101.131.19:443

Request

GET /media/js/sentry.ca22623b11b1.js HTTP/2.0
host: www.mozilla.org
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://www.mozilla.org/en-US/firefox/welcome/21/
sec-fetch-dest: script
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

x-goog-generation: 1730716141244462
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 5172
x-goog-meta-goog-reserved-file-mtime: 1730716110
x-goog-hash: crc32c=DLs7pA==
x-goog-hash: md5=O62e4vSH6qlnotDzyeiM0w==
x-goog-storage-class: STANDARD
access-control-expose-headers: *
x-guploader-uploadid: AHmUCY25MoVBNiiLsRJHX4d6tWWol8wqxqLBXZyfB3epEFVMA6eg3BJvGTvzR-U6iS3m7_Ing8A
server: UploadServer
expires: Fri, 08 Nov 2024 17:05:50 GMT
last-modified: Thu, 07 Nov 2024 23:32:26 GMT
etag: "3bad9ee2f487eaa967a2d0f3c9e88cd3"
content-type: text/css
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=315360000, public, immutable
accept-ranges: bytes
date: Thu, 16 Jan 2025 18:47:14 GMT
age: 466892
access-control-allow-origin: https://prod.cms.bedrock.prod.webservices.mozgcp.net
x-served-by: cache-bfi-kbfi7400024-BFI, cache-lcy-eglc8600084-LCY
x-cache: HIT, HIT
x-cache-hits: 5, 1
x-timer: S1737053234.482288,VS0,VE2
content-length: 5172
GET

https://www.mozilla.org/media/js/lib.7cb1e204ce21.js

firefox.exe

Remote address:

151.101.131.19:443

Request

GET /media/js/lib.7cb1e204ce21.js HTTP/2.0
host: www.mozilla.org
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://www.mozilla.org/en-US/firefox/welcome/21/
sec-fetch-dest: script
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

x-goog-generation: 1730716181645098
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 17305
x-goog-meta-goog-reserved-file-mtime: 1730716110
x-goog-hash: crc32c=lR7rmw==
x-goog-hash: md5=fLHiBM4hqPvrEUegp0jEig==
x-goog-storage-class: STANDARD
access-control-expose-headers: *
x-guploader-uploadid: AHmUCY0-zS6HDdS0NDjbs0x12JFQCfiQHksSKDm4m392pWWtgeJG7NhbNCs0vHpmtk8tClk5PP2Qk6ZIUw
server: UploadServer
expires: Mon, 04 Nov 2024 15:48:47 GMT
last-modified: Mon, 04 Nov 2024 10:29:41 GMT
etag: "7cb1e204ce21a8fbeb1147a0a748c48a"
content-type: text/javascript
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=315360000, public, immutable
accept-ranges: bytes
date: Thu, 16 Jan 2025 18:47:14 GMT
age: 2634546
access-control-allow-origin: https://prod.cms.bedrock.prod.webservices.mozgcp.net
x-served-by: cache-bfi-kbfi7400118-BFI, cache-lcy-eglc8600084-LCY
x-cache: HIT, HIT
x-cache-hits: 57, 4864
x-timer: S1737053234.485388,VS0,VE0
content-length: 17305
GET

https://www.mozilla.org/media/js/fxa.6cacc544775b.js

firefox.exe

Remote address:

151.101.131.19:443

Request

GET /media/js/fxa.6cacc544775b.js HTTP/2.0
host: www.mozilla.org
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://www.mozilla.org/en-US/firefox/welcome/21/
sec-fetch-dest: script
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

x-goog-generation: 1730716181386986
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 7221
x-goog-meta-goog-reserved-file-mtime: 1730716110
x-goog-hash: crc32c=Y7tP8A==
x-goog-hash: md5=bKzFRHdbEzbNo1TvfgGK6w==
x-goog-storage-class: STANDARD
access-control-expose-headers: *
x-guploader-uploadid: AHmUCY0halAU52g2RwY0Jdy8qjxhS7j0aH1VmAhVGJL3fXE-DDpr-dxMX0G-U1NaAV4zIUVIrNM
server: UploadServer
expires: Mon, 04 Nov 2024 15:16:31 GMT
last-modified: Mon, 04 Nov 2024 10:29:41 GMT
etag: "6cacc544775b1336cda354ef7e018aeb"
content-type: text/javascript
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=315360000, public, immutable
accept-ranges: bytes
date: Thu, 16 Jan 2025 18:47:14 GMT
age: 1365728
access-control-allow-origin: https://prod.cms.bedrock.prod.webservices.mozgcp.net
x-served-by: cache-bfi-krnt7300093-BFI, cache-lcy-eglc8600084-LCY
x-cache: HIT, HIT
x-cache-hits: 11, 4819
x-timer: S1737053234.485974,VS0,VE0
content-length: 7221
GET

https://www.mozilla.org/media/js/data.438fd3539700.js

firefox.exe

Remote address:

151.101.131.19:443

Request

GET /media/js/data.438fd3539700.js HTTP/2.0
host: www.mozilla.org
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://www.mozilla.org/en-US/firefox/welcome/21/
sec-fetch-dest: script
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

expires: Fri, 08 Nov 2024 17:45:39 GMT
last-modified: Thu, 07 Nov 2024 23:33:30 GMT
etag: "438fd3539700c54c0513d446b8124dbb"
x-goog-generation: 1731022410810439
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 5325
x-goog-meta-goog-reserved-file-mtime: 1731022303
content-type: text/javascript
x-goog-hash: crc32c=B2n5vA==
x-goog-hash: md5=Q4/TU5cAxUwFE9RGuBJNuw==
x-goog-storage-class: STANDARD
access-control-expose-headers: *
x-guploader-uploadid: AHmUCY0h3u4r8HHY56ctBe8UdlRZ-OykMdejGVOlSSa1gqY2R5Sk96hPeTqMo3-KI3yN59RntNY
server: UploadServer
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=315360000, public, immutable
accept-ranges: bytes
date: Thu, 16 Jan 2025 18:47:14 GMT
age: 1413651
access-control-allow-origin: https://prod.cms.bedrock.prod.webservices.mozgcp.net
x-served-by: cache-bfi-krnt7300069-BFI, cache-lcy-eglc8600084-LCY
x-cache: HIT, HIT
x-cache-hits: 3, 4830
x-timer: S1737053234.490806,VS0,VE0
content-length: 5325
GET

https://www.mozilla.org/media/js/m24-ui.daf79f0fefd7.js

firefox.exe

Remote address:

151.101.131.19:443

Request

GET /media/js/m24-ui.daf79f0fefd7.js HTTP/2.0
host: www.mozilla.org
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://www.mozilla.org/en-US/firefox/welcome/21/
sec-fetch-dest: script
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

x-guploader-uploadid: AFiumC46P8QHm_akq4GHb5PhA5zlJUfto4y_uoVOsEC1HHmuiK-osTIzjZh_7wFsxWw2GacSwgrBvxE
expires: Mon, 16 Dec 2024 19:59:45 GMT
last-modified: Mon, 16 Dec 2024 18:55:15 GMT
etag: "daf79f0fefd7be0f0f68aed173907bf5"
x-goog-generation: 1734375315265078
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 14624
x-goog-meta-goog-reserved-file-mtime: 1734375203
content-type: text/javascript
x-goog-hash: crc32c=biMa/Q==
x-goog-hash: md5=2vefD+/Xvg8PaK7Rc5B79Q==
x-goog-storage-class: STANDARD
access-control-expose-headers: *
server: UploadServer
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=315360000, public, immutable
accept-ranges: bytes
date: Thu, 16 Jan 2025 18:47:14 GMT
age: 2677649
access-control-allow-origin: https://prod.cms.bedrock.prod.webservices.mozgcp.net
x-served-by: cache-bfi-krnt7300084-BFI, cache-lcy-eglc8600084-LCY
x-cache: HIT, HIT
x-cache-hits: 18, 5407
x-timer: S1737053234.492336,VS0,VE0
content-length: 14624
GET

https://www.mozilla.org/media/js/glean.ff7106b49b39.js

firefox.exe

Remote address:

151.101.131.19:443

Request

GET /media/js/glean.ff7106b49b39.js HTTP/2.0
host: www.mozilla.org
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://www.mozilla.org/en-US/firefox/welcome/21/
sec-fetch-dest: script
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

x-guploader-uploadid: AFIdbgQv65VJO8aXv4BaXT87CtvQJjTapISqlqArJfJ6IQqBjYBbmEBFHx0o3pI6YNYXV_y9
expires: Mon, 13 Jan 2025 15:07:08 GMT
last-modified: Mon, 13 Jan 2025 14:02:29 GMT
etag: "ff7106b49b396ba7025f9d469b0d7851"
x-goog-generation: 1736776949652874
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 61345
x-goog-meta-goog-reserved-file-mtime: 1736776839
content-type: text/javascript
x-goog-hash: crc32c=Uhl8KQ==
x-goog-hash: md5=/3EGtJs5a6cCX51Gmw14UQ==
x-goog-storage-class: STANDARD
access-control-expose-headers: *
server: UploadServer
content-encoding: br
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=315360000, public, immutable
accept-ranges: bytes
date: Thu, 16 Jan 2025 18:47:14 GMT
age: 223988
access-control-allow-origin: https://prod.cms.bedrock.prod.webservices.mozgcp.net
x-served-by: cache-bfi-kbfi7400028-BFI, cache-lcy-eglc8600084-LCY
x-cache: HIT, HIT
x-cache-hits: 24, 5714
x-timer: S1737053234.497889,VS0,VE0
vary: Accept-Encoding
content-length: 18877
GET

https://www.mozilla.org/media/js/firefox_welcome_page19_to_24.87e13c35e608.js

firefox.exe

Remote address:

151.101.131.19:443

Request

GET /media/js/firefox_welcome_page19_to_24.87e13c35e608.js HTTP/2.0
host: www.mozilla.org
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://www.mozilla.org/en-US/firefox/welcome/21/
sec-fetch-dest: script
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

expires: Fri, 08 Nov 2024 17:45:42 GMT
last-modified: Thu, 07 Nov 2024 23:33:32 GMT
etag: "87e13c35e608573c041d42795b4e2294"
x-goog-generation: 1731022412190558
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 265
x-goog-meta-goog-reserved-file-mtime: 1731022303
content-type: text/javascript
x-goog-hash: crc32c=A378Jg==
x-goog-hash: md5=h+E8NeYIVzwEHUJ5W04ilA==
x-goog-storage-class: STANDARD
access-control-expose-headers: *
x-guploader-uploadid: AHmUCY3RSHNi4y8xvIoYqWS-9bS99E5K7uhv18paMqN-R_8JQEXBN97i_9yrdmui9ae7UqZ_Ai3RSo9t0w
server: UploadServer
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=315360000, public, immutable
accept-ranges: bytes
date: Thu, 16 Jan 2025 18:47:14 GMT
age: 2037502
access-control-allow-origin: https://prod.cms.bedrock.prod.webservices.mozgcp.net
x-served-by: cache-bfi-krnt7300096-BFI, cache-lcy-eglc8600084-LCY
x-cache: HIT, HIT
x-cache-hits: 5, 1
x-timer: S1737053234.499619,VS0,VE1
content-length: 265
GET

https://www.mozilla.org/media/js/consent-banner.f74bb4c07d16.js

firefox.exe

Remote address:

151.101.131.19:443

Request

GET /media/js/consent-banner.f74bb4c07d16.js HTTP/2.0
host: www.mozilla.org
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://www.mozilla.org/en-US/firefox/welcome/21/
sec-fetch-dest: script
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

expires: Fri, 08 Nov 2024 17:45:39 GMT
last-modified: Thu, 07 Nov 2024 23:33:30 GMT
etag: "f74bb4c07d16eb6f0550a1c79647c1d0"
x-goog-generation: 1731022410661045
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 5903
x-goog-meta-goog-reserved-file-mtime: 1731022303
content-type: text/javascript
x-goog-hash: crc32c=oq9ixQ==
x-goog-hash: md5=90u0wH0W628FUKHHlkfB0A==
x-goog-storage-class: STANDARD
access-control-expose-headers: *
x-guploader-uploadid: AHmUCY0_PNthlDkcfeABGk-i__Y3IX0oAjNmBRaMCxcoXZ3sWVLKo37ZrBSGCo2kMe3iGiwW8XE_bR37YA
server: UploadServer
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=315360000, public, immutable
accept-ranges: bytes
date: Thu, 16 Jan 2025 18:47:14 GMT
age: 483838
access-control-allow-origin: https://prod.cms.bedrock.prod.webservices.mozgcp.net
x-served-by: cache-bfi-krnt7300103-BFI, cache-lcy-eglc8600084-LCY
x-cache: HIT, HIT
x-cache-hits: 3, 4841
x-timer: S1737053235.501188,VS0,VE0
content-length: 5903
GET

https://www.mozilla.org/media/protocol/fonts/Inter-Bold.0564381b22b2.woff2

firefox.exe

Remote address:

151.101.131.19:443

Request

GET /media/protocol/fonts/Inter-Bold.0564381b22b2.woff2 HTTP/2.0
host: www.mozilla.org
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
accept-language: en-US,en;q=0.5
accept-encoding: identity
referer: https://www.mozilla.org/media/css/protocol-firefox.e581097aaf66.css
sec-fetch-dest: font
sec-fetch-mode: cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

expires: Fri, 08 Nov 2024 17:45:39 GMT
last-modified: Thu, 07 Nov 2024 23:33:35 GMT
etag: "0564381b22b2c4760eb15bef0691993a"
x-goog-generation: 1731022415418380
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 95928
x-goog-meta-goog-reserved-file-mtime: 1731022301
content-type: font/woff2
x-goog-hash: crc32c=5fNudw==
x-goog-hash: md5=BWQ4GyKyxHYOsVvvBpGZOg==
x-goog-storage-class: STANDARD
access-control-expose-headers: *
x-guploader-uploadid: AHmUCY3ZLagCi4RuM-l3V6GLofYowzO_CeyiWu_HfbDtfleff39inysRHH5-_5J4F_EsQ0imuX8
server: UploadServer
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=315360000, public, immutable
accept-ranges: bytes
date: Thu, 16 Jan 2025 18:47:14 GMT
age: 2647678
access-control-allow-origin: https://prod.cms.bedrock.prod.webservices.mozgcp.net
x-served-by: cache-bfi-krnt7300114-BFI, cache-lcy-eglc8600084-LCY
x-cache: HIT, HIT
x-cache-hits: 13, 2163
x-timer: S1737053235.603495,VS0,VE0
content-length: 95928
GET

https://www.mozilla.org/media/protocol/img/icons/social/x/white.7f50edd82090.svg

firefox.exe

Remote address:

151.101.131.19:443

Request

GET /media/protocol/img/icons/social/x/white.7f50edd82090.svg HTTP/2.0
host: www.mozilla.org
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: image/avif,image/webp,*/*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://www.mozilla.org/media/css/m24-navigation-and-footer.e8f9c32ba5aa.css
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

x-goog-generation: 1729175716402999
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 336
x-goog-meta-goog-reserved-file-mtime: 1729175608
x-goog-hash: crc32c=qQGVgQ==
x-goog-hash: md5=f1Dt2CCQvIdrG7PYQNBEsA==
x-goog-storage-class: STANDARD
x-guploader-uploadid: AHmUCY15Wxlka6vmQ0E25cYUqsKo6B9jFmY_GKANDGfTu85Fco149Zex4JU3tBZ17gMpVSgACDc
server: UploadServer
access-control-expose-headers: *
expires: Mon, 04 Nov 2024 15:28:37 GMT
last-modified: Mon, 04 Nov 2024 10:29:47 GMT
etag: "7f50edd82090bc876b1bb3d840d044b0"
content-type: image/svg+xml
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=315360000, public, immutable
accept-ranges: bytes
date: Thu, 16 Jan 2025 18:47:14 GMT
age: 2034630
access-control-allow-origin: https://prod.cms.bedrock.prod.webservices.mozgcp.net
x-served-by: cache-bfi-kbfi7400031-BFI, cache-lcy-eglc8600084-LCY
x-cache: HIT, HIT
x-cache-hits: 15, 4282
x-timer: S1737053235.606751,VS0,VE0
content-length: 336
GET

https://www.mozilla.org/media/protocol/img/icons/social/instagram/white.a7014a6150b3.svg

firefox.exe

Remote address:

151.101.131.19:443

Request

GET /media/protocol/img/icons/social/instagram/white.a7014a6150b3.svg HTTP/2.0
host: www.mozilla.org
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: image/avif,image/webp,*/*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://www.mozilla.org/media/css/m24-navigation-and-footer.e8f9c32ba5aa.css
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

x-goog-generation: 1730716187500003
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1509
x-goog-meta-goog-reserved-file-mtime: 1730716108
x-goog-hash: crc32c=NgPSCw==
x-goog-hash: md5=pwFKYVCz8VeyJWUKGpT4hQ==
x-goog-storage-class: STANDARD
access-control-expose-headers: *
x-guploader-uploadid: AHmUCY06dIFWRGFZx5ODIgZNoTHaU9SA2ZnIpn8IZCOHweHoMWQVSyf-5KYrJ-gV2KpcUCwUPFEoSTXuiA
server: UploadServer
expires: Mon, 04 Nov 2024 15:48:49 GMT
last-modified: Mon, 04 Nov 2024 10:29:47 GMT
etag: "a7014a6150b3f157b225650a1a94f885"
content-type: image/svg+xml
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=315360000, public, immutable
accept-ranges: bytes
date: Thu, 16 Jan 2025 18:47:14 GMT
age: 2050759
access-control-allow-origin: https://prod.cms.bedrock.prod.webservices.mozgcp.net
x-served-by: cache-bfi-kbfi7400031-BFI, cache-lcy-eglc8600084-LCY
x-cache: HIT, HIT
x-cache-hits: 34, 4262
x-timer: S1737053235.607443,VS0,VE0
content-length: 1509
GET

https://www.mozilla.org/media/protocol/img/icons/social/linkedin/white.cdc0e910cc1e.svg

firefox.exe

Remote address:

151.101.131.19:443

Request

GET /media/protocol/img/icons/social/linkedin/white.cdc0e910cc1e.svg HTTP/2.0
host: www.mozilla.org
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: image/avif,image/webp,*/*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://www.mozilla.org/media/css/m24-navigation-and-footer.e8f9c32ba5aa.css
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

expires: Fri, 08 Nov 2024 17:45:40 GMT
last-modified: Thu, 07 Nov 2024 23:33:41 GMT
etag: "cdc0e910cc1e8f7529c50c8cbb448da0"
x-goog-generation: 1731022421470105
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 528
x-goog-meta-goog-reserved-file-mtime: 1731022300
content-type: image/svg+xml
x-goog-hash: crc32c=ssNfMA==
x-goog-hash: md5=zcDpEMwej3UpxQyMu0SNoA==
x-goog-storage-class: STANDARD
access-control-expose-headers: *
x-guploader-uploadid: AHmUCY16ZvPi4e90XWWU4gvPNOmUUx43gGx9eMkRwi7oVHINnLpqVhJmjljQASzam6Rp0IK9s_lBOIPqnw
server: UploadServer
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=315360000, public, immutable
accept-ranges: bytes
date: Thu, 16 Jan 2025 18:47:14 GMT
age: 1426292
access-control-allow-origin: https://prod.cms.bedrock.prod.webservices.mozgcp.net
x-served-by: cache-bfi-krnt7300100-BFI, cache-lcy-eglc8600084-LCY
x-cache: HIT, HIT
x-cache-hits: 8, 4284
x-timer: S1737053235.646843,VS0,VE0
content-length: 528
GET

https://www.mozilla.org/media/protocol/img/icons/social/tiktok/white.599403de7ac0.svg

firefox.exe

Remote address:

151.101.131.19:443

Request

GET /media/protocol/img/icons/social/tiktok/white.599403de7ac0.svg HTTP/2.0
host: www.mozilla.org
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: image/avif,image/webp,*/*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://www.mozilla.org/media/css/m24-navigation-and-footer.e8f9c32ba5aa.css
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

x-goog-generation: 1730305430258618
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 688
x-goog-meta-goog-reserved-file-mtime: 1730305348
x-goog-hash: crc32c=0/PXBQ==
x-goog-hash: md5=WZQD3nrA/OgqNXVzUHbxAg==
x-goog-storage-class: STANDARD
access-control-expose-headers: *
x-guploader-uploadid: AHmUCY2pKsM0QESnhVY07cg9hBo6zhRTS0BBEkzjWxcX0ObwC9MZc-9HEJfV6XzVDF07kw1pPok
server: UploadServer
expires: Mon, 04 Nov 2024 15:02:20 GMT
last-modified: Mon, 04 Nov 2024 10:29:47 GMT
etag: "599403de7ac0fce82a3575735076f102"
content-type: image/svg+xml
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=315360000, public, immutable
accept-ranges: bytes
date: Thu, 16 Jan 2025 18:47:14 GMT
age: 2023452
access-control-allow-origin: https://prod.cms.bedrock.prod.webservices.mozgcp.net
x-served-by: cache-bfi-kbfi7400118-BFI, cache-lcy-eglc8600084-LCY
x-cache: HIT, HIT
x-cache-hits: 16, 4292
x-timer: S1737053235.663713,VS0,VE0
content-length: 688
GET

https://www.mozilla.org/media/protocol/img/icons/social/spotify/white.aa5334e85bae.svg

firefox.exe

Remote address:

151.101.131.19:443

Request

GET /media/protocol/img/icons/social/spotify/white.aa5334e85bae.svg HTTP/2.0
host: www.mozilla.org
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: image/avif,image/webp,*/*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://www.mozilla.org/media/css/m24-navigation-and-footer.e8f9c32ba5aa.css
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

x-goog-generation: 1729862786120905
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 677
x-goog-meta-goog-reserved-file-mtime: 1729862674
x-goog-hash: crc32c=YU0IUQ==
x-goog-hash: md5=qlM06Fuupxh8Lh2J+NyQzA==
x-goog-storage-class: STANDARD
access-control-expose-headers: *
x-guploader-uploadid: AHmUCY1Qy3V8fDQz8SCz8K6yCfMrTFVkSMoMG94VQ2O4LFnviEqWc5erAGCqny2xjXo_5qu05dM
server: UploadServer
expires: Mon, 04 Nov 2024 15:48:49 GMT
last-modified: Mon, 04 Nov 2024 10:29:47 GMT
etag: "aa5334e85baea7187c2e1d89f8dc90cc"
content-type: image/svg+xml
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=315360000, public, immutable
accept-ranges: bytes
date: Thu, 16 Jan 2025 18:47:14 GMT
age: 1429358
access-control-allow-origin: https://prod.cms.bedrock.prod.webservices.mozgcp.net
x-served-by: cache-bfi-krnt7300023-BFI, cache-lcy-eglc8600084-LCY
x-cache: HIT, HIT
x-cache-hits: 136, 4280
x-timer: S1737053235.712481,VS0,VE0
content-length: 677
GET

https://www.mozilla.org/media/protocol/img/icons/social/youtube/white.4f314c43c69d.svg

firefox.exe

Remote address:

151.101.131.19:443

Request

GET /media/protocol/img/icons/social/youtube/white.4f314c43c69d.svg HTTP/2.0
host: www.mozilla.org
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: image/avif,image/webp,*/*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://www.mozilla.org/media/css/m24-navigation-and-footer.e8f9c32ba5aa.css
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

x-goog-generation: 1725999573743219
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 472
x-goog-meta-goog-reserved-file-mtime: 1725999459
x-goog-hash: crc32c=FcwtWA==
x-goog-hash: md5=TzFMQ8adgn0lO609uyKYXA==
x-goog-storage-class: STANDARD
x-guploader-uploadid: AHmUCY0uopcvCYTxjihD10DFgtNwk4qje25TXRe8YqKYn1KwtzDr5Igc4oh59LVhls0gRuOWIRM
server: UploadServer
access-control-expose-headers: *
expires: Mon, 04 Nov 2024 14:54:16 GMT
last-modified: Mon, 04 Nov 2024 10:29:47 GMT
etag: "4f314c43c69d827d253bad3dbb22985c"
content-type: image/svg+xml
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=315360000, public, immutable
accept-ranges: bytes
date: Thu, 16 Jan 2025 18:47:14 GMT
age: 1439300
access-control-allow-origin: https://prod.cms.bedrock.prod.webservices.mozgcp.net
x-served-by: cache-bfi-krnt7300046-BFI, cache-lcy-eglc8600084-LCY
x-cache: HIT, HIT
x-cache-hits: 64, 4267
x-timer: S1737053235.713333,VS0,VE0
content-length: 472
GET

https://www.mozilla.org/media/img/icons/m24-small/globe-white.a76258f6a4cc.svg

firefox.exe

Remote address:

151.101.131.19:443

Request

GET /media/img/icons/m24-small/globe-white.a76258f6a4cc.svg HTTP/2.0
host: www.mozilla.org
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: image/avif,image/webp,*/*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://www.mozilla.org/media/css/m24-navigation-and-footer.e8f9c32ba5aa.css
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

expires: Fri, 06 Dec 2024 20:55:19 GMT
last-modified: Fri, 06 Dec 2024 19:51:00 GMT
etag: "3aab868855c7c2facfd1131b0b31015f"
x-goog-generation: 1733514660876872
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 183
x-goog-meta-goog-reserved-file-mtime: 1733514601
content-type: image/svg+xml
x-goog-hash: crc32c=o3yX4A==
x-goog-hash: md5=OquGiFXHwvrP0RMbCzEBXw==
x-goog-storage-class: STANDARD
access-control-expose-headers: *
x-guploader-uploadid: AFiumC7_GwtG4OcrVkzLSteSpwedug5Dj-WYAcfw1NX17TX_-JLql3yqxUooyjvWI2TIa03sOiIDZa5A_A
server: UploadServer
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=315360000, public, immutable
accept-ranges: bytes
date: Thu, 16 Jan 2025 18:47:14 GMT
age: 1427189
access-control-allow-origin: https://prod.cms.bedrock.prod.webservices.mozgcp.net
x-served-by: cache-bfi-krnt7300092-BFI, cache-lcy-eglc8600084-LCY
x-cache: HIT, HIT
x-cache-hits: 4, 4361
x-timer: S1737053235.721896,VS0,VE0
content-length: 183
GET

https://www.mozilla.org/media/img/icons/m24-small/down-caret-white.3aab868855c7.svg

firefox.exe

Remote address:

151.101.131.19:443

Request

GET /media/img/icons/m24-small/down-caret-white.3aab868855c7.svg HTTP/2.0
host: www.mozilla.org
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: image/avif,image/webp,*/*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://www.mozilla.org/media/css/m24-navigation-and-footer.e8f9c32ba5aa.css
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

expires: Fri, 06 Dec 2024 20:55:19 GMT
last-modified: Fri, 06 Dec 2024 19:51:01 GMT
etag: "a76258f6a4cc46b2eed6225b15e90f96"
x-goog-generation: 1733514661025634
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 778
x-goog-meta-goog-reserved-file-mtime: 1733514601
content-type: image/svg+xml
x-goog-hash: crc32c=0MhJAg==
x-goog-hash: md5=p2JY9qTMRrLu1iJbFekPlg==
x-goog-storage-class: STANDARD
access-control-expose-headers: *
x-guploader-uploadid: AFiumC7RqEyfDfBbID4WEmwefwMGAaWjyPruxsiVJrHkmNAxm20JI7pYAu0cikRiwDw7um_26Uo
server: UploadServer
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=315360000, public, immutable
accept-ranges: bytes
date: Thu, 16 Jan 2025 18:47:14 GMT
age: 1429358
access-control-allow-origin: https://prod.cms.bedrock.prod.webservices.mozgcp.net
x-served-by: cache-bfi-kbfi7400081-BFI, cache-lcy-eglc8600084-LCY
x-cache: HIT, HIT
x-cache-hits: 4, 4390
x-timer: S1737053235.721703,VS0,VE0
content-length: 778
GET

https://www.mozilla.org/media/protocol/fonts/Inter-Regular.d55e957612a3.woff2

firefox.exe

Remote address:

151.101.131.19:443

Request

GET /media/protocol/fonts/Inter-Regular.d55e957612a3.woff2 HTTP/2.0
host: www.mozilla.org
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
accept-language: en-US,en;q=0.5
accept-encoding: identity
referer: https://www.mozilla.org/media/css/protocol-firefox.e581097aaf66.css
sec-fetch-dest: font
sec-fetch-mode: cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

expires: Fri, 08 Nov 2024 17:45:40 GMT
last-modified: Thu, 07 Nov 2024 23:33:35 GMT
etag: "d55e957612a3b2a373925d920f4af6b1"
x-goog-generation: 1731022415608542
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 88816
x-goog-meta-goog-reserved-file-mtime: 1731022301
content-type: font/woff2
x-goog-hash: crc32c=2hy73A==
x-goog-hash: md5=1V6VdhKjsqNzkl2SD0r2sQ==
x-goog-storage-class: STANDARD
access-control-expose-headers: *
x-guploader-uploadid: AHmUCY2OqZpcsChGRd9Gm0qxhwn8cr4hBRQefkZlr60zFRXB0tm3heRMbD5kjcYLR1FBw4vM6fNbBVhqxQ
server: UploadServer
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=315360000, public, immutable
accept-ranges: bytes
date: Thu, 16 Jan 2025 18:47:14 GMT
age: 1434510
access-control-allow-origin: https://prod.cms.bedrock.prod.webservices.mozgcp.net
x-served-by: cache-bfi-krnt7300091-BFI, cache-lcy-eglc8600084-LCY
x-cache: HIT, HIT
x-cache-hits: 7, 2101
x-timer: S1737053235.753029,VS0,VE0
content-length: 88816
GET

https://www.mozilla.org/media/protocol/fonts/Metropolis-Bold.6a80125e795a.woff2

firefox.exe

Remote address:

151.101.131.19:443

Request

GET /media/protocol/fonts/Metropolis-Bold.6a80125e795a.woff2 HTTP/2.0
host: www.mozilla.org
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
accept-language: en-US,en;q=0.5
accept-encoding: identity
referer: https://www.mozilla.org/media/css/protocol-firefox.e581097aaf66.css
sec-fetch-dest: font
sec-fetch-mode: cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

expires: Wed, 04 Dec 2024 22:11:28 GMT
last-modified: Wed, 04 Dec 2024 20:15:31 GMT
etag: "c9ce5296db657f9f585c68890e99c39f"
x-goog-generation: 1733343331621829
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 26260
x-goog-meta-goog-reserved-file-mtime: 1733343287
content-type: font/woff2
x-goog-hash: crc32c=yAx31Q==
x-goog-hash: md5=yc5Slttlf59YXGiJDpnDnw==
x-goog-storage-class: STANDARD
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
x-guploader-uploadid: AFiumC5vmJvAeWRXsJFErghWiEG4iEHmMornYYXEv6Uni1jeZMAhYx5Rvv9fGXo37GpQQdxWzXE
server: UploadServer
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=315360000, public, immutable
accept-ranges: bytes
date: Thu, 16 Jan 2025 18:47:14 GMT
age: 2055849
access-control-allow-origin: https://prod.cms.bedrock.prod.webservices.mozgcp.net
x-served-by: cache-bfi-krnt7300073-BFI, cache-lcy-eglc8600084-LCY
x-cache: HIT, HIT
x-cache-hits: 12, 4346
x-timer: S1737053235.771902,VS0,VE0
content-length: 26260
GET

https://www.mozilla.org/media/fonts/m24/mozilla-text/MozillaText-SemiBold.c9ce5296db65.woff2

firefox.exe

Remote address:

151.101.131.19:443

Request

GET /media/fonts/m24/mozilla-text/MozillaText-SemiBold.c9ce5296db65.woff2 HTTP/2.0
host: www.mozilla.org
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
accept-language: en-US,en;q=0.5
accept-encoding: identity
referer: https://www.mozilla.org/media/css/m24-root.77a146bcaf17.css
sec-fetch-dest: font
sec-fetch-mode: cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

expires: Fri, 08 Nov 2024 17:45:40 GMT
last-modified: Thu, 07 Nov 2024 23:33:35 GMT
etag: "6a80125e795aa81c6f251aa83e44062b"
x-goog-generation: 1731022415569053
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 16728
x-goog-meta-goog-reserved-file-mtime: 1731022301
content-type: font/woff2
x-goog-hash: crc32c=lWtUXA==
x-goog-hash: md5=aoASXnlaqBxvJRqoPkQGKw==
x-goog-storage-class: STANDARD
access-control-expose-headers: *
x-guploader-uploadid: AHmUCY2HL6XqeuWIbDAn5DrK9hwp7-prmgGYb9GRQ53i2_IzZ2u2PznZXWHKrvEiqEx8RdGVFOUDJGmx5w
server: UploadServer
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=315360000, public, immutable
accept-ranges: bytes
date: Thu, 16 Jan 2025 18:47:14 GMT
age: 2022330
access-control-allow-origin: https://prod.cms.bedrock.prod.webservices.mozgcp.net
x-served-by: cache-bfi-krnt7300081-BFI, cache-lcy-eglc8600084-LCY
x-cache: HIT, HIT
x-cache-hits: 4, 2181
x-timer: S1737053235.772601,VS0,VE0
content-length: 16728
GET

https://www.mozilla.org/media/fonts/m24/mozilla-text/MozillaText-Regular.3fa5c88b0954.woff2

firefox.exe

Remote address:

151.101.131.19:443

Request

GET /media/fonts/m24/mozilla-text/MozillaText-Regular.3fa5c88b0954.woff2 HTTP/2.0
host: www.mozilla.org
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
accept-language: en-US,en;q=0.5
accept-encoding: identity
referer: https://www.mozilla.org/media/css/m24-root.77a146bcaf17.css
sec-fetch-dest: font
sec-fetch-mode: cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

expires: Wed, 04 Dec 2024 22:11:28 GMT
last-modified: Wed, 04 Dec 2024 20:15:31 GMT
etag: "3fa5c88b095446f313c63d4b24bbffa0"
x-goog-generation: 1733343331673358
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 26192
x-goog-meta-goog-reserved-file-mtime: 1733343287
content-type: font/woff2
x-goog-hash: crc32c=28WjSg==
x-goog-hash: md5=P6XIiwlURvMTxj1LJLv/oA==
x-goog-storage-class: STANDARD
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
x-guploader-uploadid: AFiumC712cXVahqS46rB0x39MjpVvaD5zBFupz6-NGzoI0tC8FES1v_HBiCizhxCWs7zUHenyzgE67QEfQ
server: UploadServer
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=315360000, public, immutable
accept-ranges: bytes
date: Thu, 16 Jan 2025 18:47:14 GMT
age: 2054047
access-control-allow-origin: https://prod.cms.bedrock.prod.webservices.mozgcp.net
x-served-by: cache-bfi-kbfi7400027-BFI, cache-lcy-eglc8600084-LCY
x-cache: HIT, HIT
x-cache-hits: 12, 4298
x-timer: S1737053235.774566,VS0,VE0
content-length: 26192
GET

https://www.mozilla.org/media/img/firefox/welcome/page20-21/back-up.b351cf7c2c5c.svg

firefox.exe

Remote address:

151.101.131.19:443

Request

GET /media/img/firefox/welcome/page20-21/back-up.b351cf7c2c5c.svg HTTP/2.0
host: www.mozilla.org
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: image/avif,image/webp,*/*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://www.mozilla.org/en-US/firefox/welcome/21/
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

expires: Wed, 27 Nov 2024 04:52:51 GMT
last-modified: Mon, 25 Nov 2024 09:36:11 GMT
etag: "b351cf7c2c5c6c4cb8ca7d4c87cf9b8d"
x-goog-generation: 1732527371210244
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 451
x-goog-meta-goog-reserved-file-mtime: 1732527322
content-type: image/svg+xml
x-goog-hash: crc32c=6u6obg==
x-goog-hash: md5=s1HPfCxcbEy4yn1Mh8+bjQ==
x-goog-storage-class: STANDARD
access-control-expose-headers: *
x-guploader-uploadid: AFiumC4MF7QpqG7XuDxbfqPEEYAX7d74SrVTFryycZyMbXAllKwWKLLVzXFu9AFiZtIOrUMVAfoPlw2GEA
server: UploadServer
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=315360000, public, immutable
accept-ranges: bytes
date: Thu, 16 Jan 2025 18:47:14 GMT
age: 1433210
access-control-allow-origin: https://prod.cms.bedrock.prod.webservices.mozgcp.net
x-served-by: cache-bfi-kbfi7400044-BFI, cache-lcy-eglc8600084-LCY
x-cache: HIT, HIT
x-cache-hits: 28, 1
x-timer: S1737053235.785759,VS0,VE2
content-length: 451
GET

https://www.mozilla.org/media/img/firefox/welcome/page20-21/add-ons.809f56bff087.svg

firefox.exe

Remote address:

151.101.131.19:443

Request

GET /media/img/firefox/welcome/page20-21/add-ons.809f56bff087.svg HTTP/2.0
host: www.mozilla.org
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: image/avif,image/webp,*/*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://www.mozilla.org/en-US/firefox/welcome/21/
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

expires: Mon, 11 Nov 2024 14:11:16 GMT
last-modified: Fri, 08 Nov 2024 20:07:57 GMT
etag: "809f56bff08721ea127dd5beb7868861"
x-goog-generation: 1731096477365294
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1012
x-goog-meta-goog-reserved-file-mtime: 1731096409
content-type: image/svg+xml
x-goog-hash: crc32c=5ObDyw==
x-goog-hash: md5=gJ9Wv/CHIeoSfdW+t4aIYQ==
x-goog-storage-class: STANDARD
access-control-expose-headers: *
x-guploader-uploadid: AHmUCY2VqJpiKH3Y_PL8msRsVuCjEXnkduQysq_5HgnltKZoGpoXrIohi2eftltQl4UQ2A85QXRRD5I8hw
server: UploadServer
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=315360000, public, immutable
accept-ranges: bytes
date: Thu, 16 Jan 2025 18:47:14 GMT
age: 1429589
access-control-allow-origin: https://prod.cms.bedrock.prod.webservices.mozgcp.net
x-served-by: cache-bfi-krnt7300066-BFI, cache-lcy-eglc8600084-LCY
x-cache: HIT, HIT
x-cache-hits: 15, 1
x-timer: S1737053235.786735,VS0,VE2
content-length: 1012
GET

https://www.mozilla.org/media/img/firefox/welcome/page20-21/community.bf0cb1c38902.svg

firefox.exe

Remote address:

151.101.131.19:443

Request

GET /media/img/firefox/welcome/page20-21/community.bf0cb1c38902.svg HTTP/2.0
host: www.mozilla.org
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: image/avif,image/webp,*/*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://www.mozilla.org/en-US/firefox/welcome/21/
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

expires: Mon, 11 Nov 2024 14:11:16 GMT
last-modified: Fri, 08 Nov 2024 20:07:57 GMT
etag: "bf0cb1c389027f75af50b39848de917a"
x-goog-generation: 1731096477195663
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 896
x-goog-meta-goog-reserved-file-mtime: 1731096409
content-type: image/svg+xml
x-goog-hash: crc32c=ajmDfg==
x-goog-hash: md5=vwyxw4kCf3WvULOYSN6Reg==
x-goog-storage-class: STANDARD
access-control-expose-headers: *
x-guploader-uploadid: AHmUCY1StwjRkgOko2XubfUs-KE18Zz92dl10xwKPkOtabWoHVJqFB0v1Xyfc5cPhZycsc3rtDo
server: UploadServer
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=315360000, public, immutable
accept-ranges: bytes
date: Thu, 16 Jan 2025 18:47:14 GMT
age: 1423178
access-control-allow-origin: https://prod.cms.bedrock.prod.webservices.mozgcp.net
x-served-by: cache-bfi-kbfi7400108-BFI, cache-lcy-eglc8600084-LCY
x-cache: HIT, HIT
x-cache-hits: 23, 1
x-timer: S1737053235.788378,VS0,VE2
content-length: 896
GET

https://www.mozilla.org/media/img/favicons/firefox/browser/favicon-196x196.59e3822720be.png

firefox.exe

Remote address:

151.101.131.19:443

Request

GET /media/img/favicons/firefox/browser/favicon-196x196.59e3822720be.png HTTP/2.0
host: www.mozilla.org
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: image/avif,image/webp,*/*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://www.mozilla.org/en-US/firefox/welcome/21/
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

expires: Fri, 08 Nov 2024 17:45:39 GMT
last-modified: Thu, 07 Nov 2024 23:32:38 GMT
etag: "59e3822720bedcc45ca5e6e6d3220ea9"
x-goog-generation: 1731022358512287
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 8050
x-goog-meta-goog-reserved-file-mtime: 1731022301
content-type: image/png
x-goog-hash: crc32c=ACeoNw==
x-goog-hash: md5=WeOCJyC+3MRcpebm0yIOqQ==
x-goog-storage-class: STANDARD
access-control-expose-headers: *
x-guploader-uploadid: AHmUCY3PuzyciJ0OwxWlmKawQgyY3D8QgFLNDswsZK3glFrOH0SRNC_qbdOfe4DZC_I-4n68J5RrunUPww
server: UploadServer
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=315360000, public, immutable
accept-ranges: bytes
date: Thu, 16 Jan 2025 18:47:14 GMT
age: 1451958
access-control-allow-origin: https://prod.cms.bedrock.prod.webservices.mozgcp.net
x-served-by: cache-bfi-krnt7300105-BFI, cache-lcy-eglc8600084-LCY
x-cache: HIT, HIT
x-cache-hits: 10, 2300
x-timer: S1737053235.897339,VS0,VE0
content-length: 8050
GET

https://www.mozilla.org/media/img/favicons/firefox/browser/favicon.f093404c0135.ico

firefox.exe

Remote address:

151.101.131.19:443

Request

GET /media/img/favicons/firefox/browser/favicon.f093404c0135.ico HTTP/2.0
host: www.mozilla.org
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: image/avif,image/webp,*/*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://www.mozilla.org/en-US/firefox/welcome/21/
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

x-goog-generation: 1727094498247922
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 15086
x-goog-meta-goog-reserved-file-mtime: 1727094460
x-goog-hash: crc32c=E9h0Yg==
x-goog-hash: md5=8JNATAE1nK2dDy+1FLZCgQ==
x-goog-storage-class: STANDARD
x-guploader-uploadid: AHmUCY0HEALdknxb4izlSAPvGfr1bWDceA-lmMVzeAv8q7s-DFOP_K4xaomQ8sCKLBJnuLwqIKo
server: UploadServer
access-control-expose-headers: *
expires: Fri, 08 Nov 2024 17:45:40 GMT
last-modified: Thu, 07 Nov 2024 23:32:38 GMT
etag: "f093404c01359cad9d0f2fb514b64281"
content-type: image/vnd.microsoft.icon
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=315360000, public, immutable
accept-ranges: bytes
date: Thu, 16 Jan 2025 18:47:14 GMT
age: 1448801
access-control-allow-origin: https://prod.cms.bedrock.prod.webservices.mozgcp.net
x-served-by: cache-bfi-kbfi7400080-BFI, cache-lcy-eglc8600084-LCY
x-cache: HIT, HIT
x-cache-hits: 4, 2407
x-timer: S1737053235.897509,VS0,VE0
content-length: 15086
DNS

www-mozilla.fastly-edge.com

firefox.exe

Remote address:

8.8.8.8:53

Request

www-mozilla.fastly-edge.com

IN A

Response

www-mozilla.fastly-edge.com

IN A

151.101.3.19

www-mozilla.fastly-edge.com

IN A

151.101.131.19

www-mozilla.fastly-edge.com

IN A

151.101.195.19

www-mozilla.fastly-edge.com

IN A

151.101.67.19
DNS

spocs.getpocket.com

firefox.exe

Remote address:

8.8.8.8:53

Request

spocs.getpocket.com

IN A

Response

spocs.getpocket.com

IN CNAME

prod.ads.prod.webservices.mozgcp.net

prod.ads.prod.webservices.mozgcp.net

IN A

34.117.188.166
DNS

www-mozilla.fastly-edge.com

firefox.exe

Remote address:

8.8.8.8:53

Request

www-mozilla.fastly-edge.com

IN AAAA

Response

www-mozilla.fastly-edge.com

IN AAAA

2a04:4e42:200::787

www-mozilla.fastly-edge.com

IN AAAA

2a04:4e42::787

www-mozilla.fastly-edge.com

IN AAAA

2a04:4e42:600::787

www-mozilla.fastly-edge.com

IN AAAA

2a04:4e42:400::787
DNS

shavar.prod.mozaws.net

firefox.exe

Remote address:

8.8.8.8:53

Request

shavar.prod.mozaws.net

IN A

Response

shavar.prod.mozaws.net

IN A

52.10.38.63

shavar.prod.mozaws.net

IN A

34.211.10.3

shavar.prod.mozaws.net

IN A

35.83.62.143
DNS

prod.content-signature-chains.prod.webservices.mozgcp.net

firefox.exe

Remote address:

8.8.8.8:53

Request

prod.content-signature-chains.prod.webservices.mozgcp.net

IN A

Response

prod.content-signature-chains.prod.webservices.mozgcp.net

IN A

34.160.144.191
DNS

prod.ads.prod.webservices.mozgcp.net

firefox.exe

Remote address:

8.8.8.8:53

Request

prod.ads.prod.webservices.mozgcp.net

IN A

Response

prod.ads.prod.webservices.mozgcp.net

IN A

34.117.188.166
DNS

104.242.140.51.in-addr.arpa

Remote address:

8.8.8.8:53

Request

104.242.140.51.in-addr.arpa

IN PTR

Response
DNS

83.210.23.2.in-addr.arpa

Remote address:

8.8.8.8:53

Request

83.210.23.2.in-addr.arpa

IN PTR

Response

83.210.23.2.in-addr.arpa

IN PTR

a2-23-210-83deploystaticakamaitechnologiescom
DNS

19.131.101.151.in-addr.arpa

Remote address:

8.8.8.8:53

Request

19.131.101.151.in-addr.arpa

IN PTR

Response
DNS

prod.ads.prod.webservices.mozgcp.net

firefox.exe

Remote address:

8.8.8.8:53

Request

prod.ads.prod.webservices.mozgcp.net

IN AAAA

Response
DNS

prod.content-signature-chains.prod.webservices.mozgcp.net

firefox.exe

Remote address:

8.8.8.8:53

Request

prod.content-signature-chains.prod.webservices.mozgcp.net

IN AAAA

Response

prod.content-signature-chains.prod.webservices.mozgcp.net

IN AAAA

2600:1901:0:92a9::
DNS

shavar.prod.mozaws.net

firefox.exe

Remote address:

8.8.8.8:53

Request

shavar.prod.mozaws.net

IN AAAA

Response
DNS

prod.remote-settings.prod.webservices.mozgcp.net

firefox.exe

Remote address:

8.8.8.8:53

Request

prod.remote-settings.prod.webservices.mozgcp.net

IN A

Response

prod.remote-settings.prod.webservices.mozgcp.net

IN A

34.149.100.209
DNS

prod.remote-settings.prod.webservices.mozgcp.net

firefox.exe

Remote address:

8.8.8.8:53

Request

prod.remote-settings.prod.webservices.mozgcp.net

IN AAAA

Response
DNS

firefox-api-proxy.cdn.mozilla.net

firefox.exe

Remote address:

8.8.8.8:53

Request

firefox-api-proxy.cdn.mozilla.net

IN A

Response

firefox-api-proxy.cdn.mozilla.net

IN CNAME

firefox-api-proxy-prod.pocket.prod.cloudops.mozgcp.net

firefox-api-proxy-prod.pocket.prod.cloudops.mozgcp.net

IN A

34.149.97.1
DNS

firefox-api-proxy-prod.pocket.prod.cloudops.mozgcp.net

firefox.exe

Remote address:

8.8.8.8:53

Request

firefox-api-proxy-prod.pocket.prod.cloudops.mozgcp.net

IN A

Response

firefox-api-proxy-prod.pocket.prod.cloudops.mozgcp.net

IN A

34.149.97.1
DNS

firefox-api-proxy-prod.pocket.prod.cloudops.mozgcp.net

firefox.exe

Remote address:

8.8.8.8:53

Request

firefox-api-proxy-prod.pocket.prod.cloudops.mozgcp.net

IN AAAA

Response

firefox-api-proxy-prod.pocket.prod.cloudops.mozgcp.net

IN AAAA

2600:1901:0:74e4::
DNS

143.62.83.35.in-addr.arpa

Remote address:

8.8.8.8:53

Request

143.62.83.35.in-addr.arpa

IN PTR

Response

143.62.83.35.in-addr.arpa

IN PTR

ec2-35-83-62-143 us-west-2compute amazonawscom
DNS

www.google.com

firefox.exe

Remote address:

8.8.8.8:53

Request

www.google.com

IN A

Response

www.google.com

IN A

142.250.187.196
GET

https://www.google.com/search?client=firefox-b-d&q=vs+code

firefox.exe

Remote address:

142.250.187.196:443

Request

GET /search?client=firefox-b-d&q=vs+code HTTP/2.0
host: www.google.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
upgrade-insecure-requests: 1
sec-fetch-dest: document
sec-fetch-mode: navigate
sec-fetch-site: none
sec-fetch-user: ?1
te: trailers

Response

HTTP/2.0 429

date: Thu, 16 Jan 2025 18:47:18 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-store, no-cache, must-revalidate
content-type: text/html
server: HTTP server (unknown)
content-length: 3195
content-type: text/html
content-length: 3195
GET

https://www.google.com/sorry/index?continue=https://www.google.com/search%3Fclient%3Dfirefox-b-d%26q%3Dvs%2Bcode&q=EgS117BTGLaopbwGIjBH_f8B0FYbJEGr_GfRFceMPvENHl24yTVP6cd7bpBa-GcFPGLwBcZ1EQvZPD4cJ4kyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM

firefox.exe

Remote address:

142.250.187.196:443

Request

GET /sorry/index?continue=https://www.google.com/search%3Fclient%3Dfirefox-b-d%26q%3Dvs%2Bcode&q=EgS117BTGLaopbwGIjBH_f8B0FYbJEGr_GfRFceMPvENHl24yTVP6cd7bpBa-GcFPGLwBcZ1EQvZPD4cJ4kyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM HTTP/2.0
host: www.google.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
cookie: AEC=AZ6Zc-WSxGuWsqaBrhzXaEqtqITfXojxVf05L_EZ91DOqd2r-xxWkbnb5Q
cookie: __Secure-ENID=25.SE=YyBcBDiov2eBmDmYi5uxvjfu1fXqLY-aN56uD33-ZJeKZEnR17F1DHtkhPhPqQuSdR2K-5f5gjXaHqvb97SzhBsUYaPQBMoxtSyYwQ7OVWXioCWt2i6h9qEdqGdTdsEd45FWnu13aFF8tGW_-yDwvNiC_IStKn0NUtIkS6tldRoNLgJT-gNLJu5Na1LNBF8l45M5wYFV_GNyHQ7gHA
upgrade-insecure-requests: 1
sec-fetch-dest: document
sec-fetch-mode: navigate
sec-fetch-site: none
sec-fetch-user: ?1
te: trailers
DNS

www.google.com

firefox.exe

Remote address:

8.8.8.8:53

Request

www.google.com

IN A

Response

www.google.com

IN A

142.250.187.196
DNS

www.google.com

firefox.exe

Remote address:

8.8.8.8:53

Request

www.google.com

IN AAAA

Response

www.google.com

IN AAAA

2a00:1450:4009:81f::2004
DNS

196.187.250.142.in-addr.arpa

Remote address:

8.8.8.8:53

Request

196.187.250.142.in-addr.arpa

IN PTR

Response

196.187.250.142.in-addr.arpa

IN PTR

lhr25s33-in-f41e100net
DNS

227.187.250.142.in-addr.arpa

Remote address:

8.8.8.8:53

Request

227.187.250.142.in-addr.arpa

IN PTR

Response

227.187.250.142.in-addr.arpa

IN PTR

lhr25s34-in-f31e100net
DNS

195.187.250.142.in-addr.arpa

Remote address:

8.8.8.8:53

Request

195.187.250.142.in-addr.arpa

IN PTR

Response

195.187.250.142.in-addr.arpa

IN PTR

lhr25s33-in-f31e100net
DNS

visualstudio.microsoft.com

firefox.exe

Remote address:

8.8.8.8:53

Request

visualstudio.microsoft.com

IN A

Response

visualstudio.microsoft.com

IN CNAME

visualstudio.microsoft.com-c.edgekey.net

visualstudio.microsoft.com-c.edgekey.net

IN CNAME

visualstudio.microsoft.com-c.edgekey.net.globalredir.akadns.net

visualstudio.microsoft.com-c.edgekey.net.globalredir.akadns.net

IN CNAME

e19210.b.akamaiedge.net

e19210.b.akamaiedge.net

IN A

2.22.247.97
GET

http://visualstudio.microsoft.com/

firefox.exe

Remote address:

2.22.247.97:80

Request

GET / HTTP/1.1
Host: visualstudio.microsoft.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

Response

HTTP/1.1 301 Moved Permanently

Server: AkamaiGHost
Content-Length: 0
Location: https://visualstudio.microsoft.com/
Date: Thu, 16 Jan 2025 18:47:28 GMT
Connection: keep-alive
X-Frame-Options: SAMEORIGIN
Feature-Policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; fullscreen 'self' https://www.youtube.com https://mediastream.microsoft.com; payment 'none'
Referrer-Policy: no-referrer-when-downgrade
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Content-Security-Policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https:
DNS

e19210.b.akamaiedge.net

firefox.exe

Remote address:

8.8.8.8:53

Request

e19210.b.akamaiedge.net

IN A

Response

e19210.b.akamaiedge.net

IN A

2.22.247.97
DNS

e19210.b.akamaiedge.net

firefox.exe

Remote address:

8.8.8.8:53

Request

e19210.b.akamaiedge.net

IN AAAA

Response
GET

https://visualstudio.microsoft.com/

firefox.exe

Remote address:

2.22.247.97:443

Request

GET / HTTP/2.0
host: visualstudio.microsoft.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
upgrade-insecure-requests: 1
sec-fetch-dest: document
sec-fetch-mode: navigate
sec-fetch-site: none
sec-fetch-user: ?1
te: trailers

Response

HTTP/2.0 200

server: nginx
content-type: text/html; charset=UTF-8
x-powered-by: WP Engine
link: <https://visualstudio.microsoft.com/>; rel=shortlink
x-cacheable: bot
x-cache-group: bot
access-control-allow-origin: https://cdn-assets-prod.s3.amazonaws.com
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'self'; fullscreen 'self'; payment 'none'
content-encoding: gzip
content-length: 60988
cache-control: must-revalidate, max-age=10800
date: Thu, 16 Jan 2025 18:47:29 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; fullscreen 'self' https://www.youtube.com https://mediastream.microsoft.com; payment 'none'
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https:
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
GET

https://visualstudio.microsoft.com/wp-content/plugins/vscom-fusion-extension/css/vscom-swimlane.css?ver=6.7.1

firefox.exe

Remote address:

2.22.247.97:443

Request

GET /wp-content/plugins/vscom-fusion-extension/css/vscom-swimlane.css?ver=6.7.1 HTTP/2.0
host: visualstudio.microsoft.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: text/css,*/*;q=0.1
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://visualstudio.microsoft.com/
sec-fetch-dest: style
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

server: nginx
content-type: text/css
last-modified: Tue, 09 Jul 2024 18:27:15 GMT
etag: W/"668d8103-39f7"
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'self'; fullscreen 'self'; payment 'none'
content-encoding: gzip
content-length: 2525
date: Thu, 16 Jan 2025 18:47:29 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; fullscreen 'self' https://www.youtube.com https://mediastream.microsoft.com; payment 'none'
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https:
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
GET

https://visualstudio.microsoft.com/wp-content/plugins/microsoft-uhf/assets/microsoft-uhf.css?ver=2.2

firefox.exe

Remote address:

2.22.247.97:443

Request

GET /wp-content/plugins/microsoft-uhf/assets/microsoft-uhf.css?ver=2.2 HTTP/2.0
host: visualstudio.microsoft.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: text/css,*/*;q=0.1
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://visualstudio.microsoft.com/
sec-fetch-dest: style
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

server: nginx
content-type: text/css
last-modified: Thu, 03 Nov 2022 17:56:34 GMT
etag: W/"636400d2-1198"
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'self'; fullscreen 'self'; payment 'none'
content-encoding: gzip
content-length: 953
date: Thu, 16 Jan 2025 18:47:29 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; fullscreen 'self' https://www.youtube.com https://mediastream.microsoft.com; payment 'none'
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https:
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
GET

https://visualstudio.microsoft.com/wp-content/plugins/vscom-fusion-extension/css/vscom-video-player.min.css?ver=1667498194

firefox.exe

Remote address:

2.22.247.97:443

Request

GET /wp-content/plugins/vscom-fusion-extension/css/vscom-video-player.min.css?ver=1667498194 HTTP/2.0
host: visualstudio.microsoft.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: text/css,*/*;q=0.1
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://visualstudio.microsoft.com/
sec-fetch-dest: style
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

server: nginx
content-type: text/css
last-modified: Tue, 11 Apr 2023 18:21:38 GMT
etag: W/"6435a532-5a6"
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'self'; fullscreen 'self'; payment 'none'
content-encoding: gzip
content-length: 434
date: Thu, 16 Jan 2025 18:47:29 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; fullscreen 'self' https://www.youtube.com https://mediastream.microsoft.com; payment 'none'
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https:
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
GET

https://visualstudio.microsoft.com/wp-content/plugins/vscom-fusion-extension/css/vscom-feature-hero.min.css?ver=1681237298

firefox.exe

Remote address:

2.22.247.97:443

Request

GET /wp-content/plugins/vscom-fusion-extension/css/vscom-feature-hero.min.css?ver=1681237298 HTTP/2.0
host: visualstudio.microsoft.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: text/css,*/*;q=0.1
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://visualstudio.microsoft.com/
sec-fetch-dest: style
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

server: nginx
content-type: text/css
last-modified: Mon, 30 Dec 2024 18:09:10 GMT
etag: W/"6772e1c6-3b03"
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'self'; fullscreen 'self'; payment 'none'
content-encoding: gzip
content-length: 2277
date: Thu, 16 Jan 2025 18:47:29 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; fullscreen 'self' https://www.youtube.com https://mediastream.microsoft.com; payment 'none'
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https:
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
GET

https://visualstudio.microsoft.com/wp-content/plugins/vscom-fusion-extension/css/vscom-builder-tabs.min.css?ver=1735582150

firefox.exe

Remote address:

2.22.247.97:443

Request

GET /wp-content/plugins/vscom-fusion-extension/css/vscom-builder-tabs.min.css?ver=1735582150 HTTP/2.0
host: visualstudio.microsoft.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: text/css,*/*;q=0.1
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://visualstudio.microsoft.com/
sec-fetch-dest: style
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

server: nginx
content-type: text/css
last-modified: Wed, 19 Apr 2023 17:06:55 GMT
etag: W/"64401faf-1ad9"
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'self'; fullscreen 'self'; payment 'none'
content-encoding: gzip
content-length: 1152
date: Thu, 16 Jan 2025 18:47:29 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; fullscreen 'self' https://www.youtube.com https://mediastream.microsoft.com; payment 'none'
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https:
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
GET

https://visualstudio.microsoft.com/wp-content/plugins/vscom-fusion-extension/css/vscom-single-box.min.css?ver=1681924015

firefox.exe

Remote address:

2.22.247.97:443

Request

GET /wp-content/plugins/vscom-fusion-extension/css/vscom-single-box.min.css?ver=1681924015 HTTP/2.0
host: visualstudio.microsoft.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: text/css,*/*;q=0.1
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://visualstudio.microsoft.com/
sec-fetch-dest: style
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

server: nginx
content-type: text/css
last-modified: Tue, 11 Jul 2023 16:32:11 GMT
etag: W/"64ad840b-11c8"
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'self'; fullscreen 'self'; payment 'none'
content-encoding: gzip
content-length: 1086
cache-control: public, max-age=31242599
date: Thu, 16 Jan 2025 18:47:29 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; fullscreen 'self' https://www.youtube.com https://mediastream.microsoft.com; payment 'none'
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https:
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
GET

https://visualstudio.microsoft.com/wp-content/plugins/vscom-fusion-extension/css/vscom-icon-cloud.min.css?ver=1670949096

firefox.exe

Remote address:

2.22.247.97:443

Request

GET /wp-content/plugins/vscom-fusion-extension/css/vscom-icon-cloud.min.css?ver=1670949096 HTTP/2.0
host: visualstudio.microsoft.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: text/css,*/*;q=0.1
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://visualstudio.microsoft.com/
sec-fetch-dest: style
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

server: nginx
content-type: text/css
last-modified: Tue, 13 Dec 2022 16:31:36 GMT
etag: W/"6398a8e8-8e7"
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'self'; fullscreen 'self'; payment 'none'
content-encoding: gzip
content-length: 697
date: Thu, 16 Jan 2025 18:47:29 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; fullscreen 'self' https://www.youtube.com https://mediastream.microsoft.com; payment 'none'
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https:
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
GET

https://visualstudio.microsoft.com/wp-content/plugins/vscom-fusion-extension/css/vscom-collage.min.css?ver=1670949096

firefox.exe

Remote address:

2.22.247.97:443

Request

GET /wp-content/plugins/vscom-fusion-extension/css/vscom-collage.min.css?ver=1670949096 HTTP/2.0
host: visualstudio.microsoft.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: text/css,*/*;q=0.1
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://visualstudio.microsoft.com/
sec-fetch-dest: style
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

server: nginx
content-type: text/css
last-modified: Tue, 13 Dec 2022 16:31:36 GMT
etag: W/"6398a8e8-606"
x-wpe-request-id: 2d3c507c7e1aab04e91b1793304d54a1
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'self'; fullscreen 'self'; payment 'none'
content-encoding: gzip
content-length: 469
date: Thu, 16 Jan 2025 18:47:29 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; fullscreen 'self' https://www.youtube.com https://mediastream.microsoft.com; payment 'none'
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https:
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
GET

https://visualstudio.microsoft.com/wp-content/plugins/vscom-fusion-extension/css/vscom-extension-cards.min.css?ver=1712777490

firefox.exe

Remote address:

2.22.247.97:443

Request

GET /wp-content/plugins/vscom-fusion-extension/css/vscom-extension-cards.min.css?ver=1712777490 HTTP/2.0
host: visualstudio.microsoft.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: text/css,*/*;q=0.1
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://visualstudio.microsoft.com/
sec-fetch-dest: style
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

server: nginx
content-type: text/css
last-modified: Wed, 10 Apr 2024 19:31:30 GMT
etag: W/"6616e912-2327"
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'self'; fullscreen 'self'; payment 'none'
content-encoding: gzip
content-length: 2012
date: Thu, 16 Jan 2025 18:47:29 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; fullscreen 'self' https://www.youtube.com https://mediastream.microsoft.com; payment 'none'
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https:
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
GET

https://visualstudio.microsoft.com/wp-content/plugins/vscom-fusion-extension/css/vscom-video-carousel.min.css?ver=1736452972

firefox.exe

Remote address:

2.22.247.97:443

Request

GET /wp-content/plugins/vscom-fusion-extension/css/vscom-video-carousel.min.css?ver=1736452972 HTTP/2.0
host: visualstudio.microsoft.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: text/css,*/*;q=0.1
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://visualstudio.microsoft.com/
sec-fetch-dest: style
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

server: nginx
content-type: text/css
last-modified: Thu, 09 Jan 2025 20:02:52 GMT
etag: W/"67802b6c-1219"
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'self'; fullscreen 'self'; payment 'none'
content-encoding: gzip
content-length: 978
date: Thu, 16 Jan 2025 18:47:29 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; fullscreen 'self' https://www.youtube.com https://mediastream.microsoft.com; payment 'none'
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https:
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
GET

https://visualstudio.microsoft.com/wp-content/plugins/fabric-icon-manager//assets/css/vscom-icons.css?ver=1660768558

firefox.exe

Remote address:

2.22.247.97:443

Request

GET /wp-content/plugins/fabric-icon-manager//assets/css/vscom-icons.css?ver=1660768558 HTTP/2.0
host: visualstudio.microsoft.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: text/css,*/*;q=0.1
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://visualstudio.microsoft.com/
sec-fetch-dest: style
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

server: nginx
content-type: text/css
last-modified: Mon, 13 Jan 2025 04:58:10 GMT
etag: W/"67849d62-8caae"
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'self'; fullscreen 'self'; payment 'none'
content-encoding: gzip
content-length: 80210
date: Thu, 16 Jan 2025 18:47:29 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; fullscreen 'self' https://www.youtube.com https://mediastream.microsoft.com; payment 'none'
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https:
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
GET

https://visualstudio.microsoft.com/wp-content/uploads/fusion-styles/01f4b874d13e53a477abac6bfaecdb85.min.css?ver=3.11.11

firefox.exe

Remote address:

2.22.247.97:443

Request

GET /wp-content/uploads/fusion-styles/01f4b874d13e53a477abac6bfaecdb85.min.css?ver=3.11.11 HTTP/2.0
host: visualstudio.microsoft.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: text/css,*/*;q=0.1
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://visualstudio.microsoft.com/
sec-fetch-dest: style
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

server: nginx
content-type: text/css
last-modified: Thu, 27 Apr 2023 16:33:48 GMT
etag: W/"644aa3ec-94b"
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'self'; fullscreen 'self'; payment 'none'
content-encoding: gzip
content-length: 622
date: Thu, 16 Jan 2025 18:47:29 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; fullscreen 'self' https://www.youtube.com https://mediastream.microsoft.com; payment 'none'
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https:
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
GET

https://visualstudio.microsoft.com/wp-content/plugins/fusion-builder/assets/css/media/tabs-lg-min.min.css?ver=7.11.11

firefox.exe

Remote address:

2.22.247.97:443

Request

GET /wp-content/plugins/fusion-builder/assets/css/media/tabs-lg-min.min.css?ver=7.11.11 HTTP/2.0
host: visualstudio.microsoft.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: text/css,*/*;q=0.1
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://visualstudio.microsoft.com/
sec-fetch-dest: style
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

server: nginx
content-type: text/css
last-modified: Thu, 03 Nov 2022 17:56:49 GMT
etag: W/"636400e1-100a"
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'self'; fullscreen 'self'; payment 'none'
content-encoding: gzip
content-length: 767
date: Thu, 16 Jan 2025 18:47:29 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; fullscreen 'self' https://www.youtube.com https://mediastream.microsoft.com; payment 'none'
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https:
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
GET

https://visualstudio.microsoft.com/wp-content/themes/Avada/assets/css/media/min-shbp.min.css?ver=7.11.11

firefox.exe

Remote address:

2.22.247.97:443

Request

GET /wp-content/themes/Avada/assets/css/media/min-shbp.min.css?ver=7.11.11 HTTP/2.0
host: visualstudio.microsoft.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: text/css,*/*;q=0.1
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://visualstudio.microsoft.com/
sec-fetch-dest: style
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

server: nginx
content-type: text/css
last-modified: Thu, 03 Nov 2022 17:56:49 GMT
etag: W/"636400e1-40c"
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'self'; fullscreen 'self'; payment 'none'
content-encoding: gzip
content-length: 301
date: Thu, 16 Jan 2025 18:47:29 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; fullscreen 'self' https://www.youtube.com https://mediastream.microsoft.com; payment 'none'
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https:
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
GET

https://visualstudio.microsoft.com/wp-content/themes/Avada/assets/css/media/min-shbp-header-legacy.min.css?ver=7.11.11

firefox.exe

Remote address:

2.22.247.97:443

Request

GET /wp-content/themes/Avada/assets/css/media/min-shbp-header-legacy.min.css?ver=7.11.11 HTTP/2.0
host: visualstudio.microsoft.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: text/css,*/*;q=0.1
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://visualstudio.microsoft.com/
sec-fetch-dest: style
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

server: nginx
content-type: text/css
last-modified: Tue, 14 Jan 2025 18:26:01 GMT
etag: W/"6786ac39-282a0"
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'self'; fullscreen 'self'; payment 'none'
content-encoding: gzip
content-length: 24607
cache-control: public, max-age=31362036
date: Thu, 16 Jan 2025 18:47:29 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; fullscreen 'self' https://www.youtube.com https://mediastream.microsoft.com; payment 'none'
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https:
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
GET

https://visualstudio.microsoft.com/wp-content/themes/Avada/assets/css/media/min-sh-cbp.min.css?ver=7.11.11

firefox.exe

Remote address:

2.22.247.97:443

Request

GET /wp-content/themes/Avada/assets/css/media/min-sh-cbp.min.css?ver=7.11.11 HTTP/2.0
host: visualstudio.microsoft.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: text/css,*/*;q=0.1
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://visualstudio.microsoft.com/
sec-fetch-dest: style
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

server: nginx
content-type: text/css
last-modified: Wed, 21 Aug 2024 17:12:46 GMT
etag: W/"66c6200e-13290"
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'self'; fullscreen 'self'; payment 'none'
content-encoding: gzip
content-length: 14613
cache-control: public, max-age=30936336
date: Thu, 16 Jan 2025 18:47:29 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; fullscreen 'self' https://www.youtube.com https://mediastream.microsoft.com; payment 'none'
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https:
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
GET

https://visualstudio.microsoft.com/wp-content/themes/Avada-Child-Theme/modern-styles.min.css?1736879161

firefox.exe

Remote address:

2.22.247.97:443

Request

GET /wp-content/themes/Avada-Child-Theme/modern-styles.min.css?1736879161 HTTP/2.0
host: visualstudio.microsoft.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: text/css,*/*;q=0.1
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://visualstudio.microsoft.com/
sec-fetch-dest: style
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

server: nginx
content-type: text/css
last-modified: Thu, 03 Nov 2022 17:56:24 GMT
etag: "636400c8-9c"
x-wpe-request-id: 705025dbe3157b9c91fa55338d0a9558
access-control-allow-origin: *
accept-ranges: bytes
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'self'; fullscreen 'self'; payment 'none'
content-encoding: gzip
content-length: 146
cache-control: public, max-age=30936409
date: Thu, 16 Jan 2025 18:47:29 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; fullscreen 'self' https://www.youtube.com https://mediastream.microsoft.com; payment 'none'
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https:
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
GET

https://visualstudio.microsoft.com/wp-content/plugins/vscom-asset-minification/assets/css/vscom-dist.min.css?1724260366

firefox.exe

Remote address:

2.22.247.97:443

Request

GET /wp-content/plugins/vscom-asset-minification/assets/css/vscom-dist.min.css?1724260366 HTTP/2.0
host: visualstudio.microsoft.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: text/css,*/*;q=0.1
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://visualstudio.microsoft.com/
sec-fetch-dest: style
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

server: nginx
content-type: application/javascript
last-modified: Mon, 28 Aug 2023 17:14:23 GMT
etag: W/"64ecd5ef-15601"
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'self'; fullscreen 'self'; payment 'none'
content-encoding: gzip
content-length: 30633
cache-control: public, max-age=30936418
date: Thu, 16 Jan 2025 18:47:29 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; fullscreen 'self' https://www.youtube.com https://mediastream.microsoft.com; payment 'none'
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https:
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
GET

https://visualstudio.microsoft.com/wp-content/plugins/vscom-asset-minification/assets/css/en.min.css?1667498184

firefox.exe

Remote address:

2.22.247.97:443

Request

GET /wp-content/plugins/vscom-asset-minification/assets/css/en.min.css?1667498184 HTTP/2.0
host: visualstudio.microsoft.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: text/css,*/*;q=0.1
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://visualstudio.microsoft.com/
sec-fetch-dest: style
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

server: nginx
content-type: application/javascript
last-modified: Tue, 07 Feb 2023 18:44:44 GMT
etag: W/"63e29c1c-48a"
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'self'; fullscreen 'self'; payment 'none'
content-encoding: gzip
content-length: 406
cache-control: public, max-age=30936509
date: Thu, 16 Jan 2025 18:47:29 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; fullscreen 'self' https://www.youtube.com https://mediastream.microsoft.com; payment 'none'
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https:
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
GET

https://visualstudio.microsoft.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

firefox.exe

Remote address:

2.22.247.97:443

Request

GET /wp-includes/js/jquery/jquery.min.js?ver=3.7.1 HTTP/2.0
host: visualstudio.microsoft.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://visualstudio.microsoft.com/
sec-fetch-dest: script
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

server: nginx
content-type: text/css
last-modified: Wed, 17 Aug 2022 20:35:58 GMT
etag: W/"62fd512e-2c64"
x-wpe-request-id: a0e264bd258d36afa40bdcc4a7567b16
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'self'; fullscreen 'self'; payment 'none'
content-encoding: gzip
content-length: 2693
date: Thu, 16 Jan 2025 18:47:29 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; fullscreen 'self' https://www.youtube.com https://mediastream.microsoft.com; payment 'none'
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https:
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
GET

https://visualstudio.microsoft.com/wp-content/plugins/vscom-utility-plugin/js/utility.min.js?ver=1675795484

firefox.exe

Remote address:

2.22.247.97:443

Request

GET /wp-content/plugins/vscom-utility-plugin/js/utility.min.js?ver=1675795484 HTTP/2.0
host: visualstudio.microsoft.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://visualstudio.microsoft.com/
sec-fetch-dest: script
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

server: nginx
content-type: text/css
last-modified: Thu, 03 Nov 2022 17:56:49 GMT
etag: "636400e1-30"
access-control-allow-origin: *
accept-ranges: bytes
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'self'; fullscreen 'self'; payment 'none'
content-encoding: gzip
content-length: 66
date: Thu, 16 Jan 2025 18:47:29 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; fullscreen 'self' https://www.youtube.com https://mediastream.microsoft.com; payment 'none'
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https:
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
GET

https://visualstudio.microsoft.com/wp-content/plugins/vscom-fusion-extension/js/vscom-icon-cloud.min.js?ver=1670949097

firefox.exe

Remote address:

2.22.247.97:443

Request

GET /wp-content/plugins/vscom-fusion-extension/js/vscom-icon-cloud.min.js?ver=1670949097 HTTP/2.0
host: visualstudio.microsoft.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://visualstudio.microsoft.com/
sec-fetch-dest: script
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

server: nginx
content-type: application/javascript
last-modified: Tue, 13 Dec 2022 16:31:37 GMT
etag: "6398a8e9-fa"
x-wpe-request-id: 8ac915e58ec9d148f877a33b8bd4a6a3
access-control-allow-origin: *
accept-ranges: bytes
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'self'; fullscreen 'self'; payment 'none'
content-encoding: gzip
content-length: 190
cache-control: public, max-age=30936461
date: Thu, 16 Jan 2025 18:47:29 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; fullscreen 'self' https://www.youtube.com https://mediastream.microsoft.com; payment 'none'
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https:
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
GET

https://visualstudio.microsoft.com/wp-content/plugins/vscom-fusion-extension/js/vscom-collage.min.js?ver=1670949097

firefox.exe

Remote address:

2.22.247.97:443

Request

GET /wp-content/plugins/vscom-fusion-extension/js/vscom-collage.min.js?ver=1670949097 HTTP/2.0
host: visualstudio.microsoft.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://visualstudio.microsoft.com/
sec-fetch-dest: script
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

server: nginx
content-type: image/svg+xml
last-modified: Tue, 12 Jul 2022 14:15:12 GMT
etag: W/"62cd81f0-118"
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'self'; fullscreen 'self'; payment 'none'
content-encoding: gzip
content-length: 233
cache-control: public, max-age=30936404
date: Thu, 16 Jan 2025 18:47:29 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; fullscreen 'self' https://www.youtube.com https://mediastream.microsoft.com; payment 'none'
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https:
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
GET

https://visualstudio.microsoft.com/wp-content/uploads/2021/10/Product-Icon.svg

firefox.exe

Remote address:

2.22.247.97:443

Request

GET /wp-content/uploads/2021/10/Product-Icon.svg HTTP/2.0
host: visualstudio.microsoft.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: image/avif,image/webp,*/*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://visualstudio.microsoft.com/
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

server: nginx
content-type: image/svg+xml
last-modified: Tue, 12 Jul 2022 14:15:37 GMT
etag: W/"62cd8209-2345"
x-wpe-request-id: fdef38be529397a0b5ecf7164bb0d64c
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'self'; fullscreen 'self'; payment 'none'
content-encoding: gzip
content-length: 2392
cache-control: public, max-age=30936468
date: Thu, 16 Jan 2025 18:47:29 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; fullscreen 'self' https://www.youtube.com https://mediastream.microsoft.com; payment 'none'
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https:
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
GET

https://visualstudio.microsoft.com/wp-content/uploads/2022/03/Windows.svg

firefox.exe

Remote address:

2.22.247.97:443

Request

GET /wp-content/uploads/2022/03/Windows.svg HTTP/2.0
host: visualstudio.microsoft.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: image/avif,image/webp,*/*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://visualstudio.microsoft.com/
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

server: nginx
content-type: application/javascript
last-modified: Tue, 13 Dec 2022 16:31:37 GMT
etag: "6398a8e9-53"
access-control-allow-origin: *
accept-ranges: bytes
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'self'; fullscreen 'self'; payment 'none'
content-encoding: gzip
content-length: 98
cache-control: public, max-age=31482042
date: Thu, 16 Jan 2025 18:47:29 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; fullscreen 'self' https://www.youtube.com https://mediastream.microsoft.com; payment 'none'
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https:
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
GET

https://visualstudio.microsoft.com/wp-content/uploads/2019/09/vs-code-responsive-01-1.png

firefox.exe

Remote address:

2.22.247.97:443

Request

GET /wp-content/uploads/2019/09/vs-code-responsive-01-1.png HTTP/2.0
host: visualstudio.microsoft.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: image/avif,image/webp,*/*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://visualstudio.microsoft.com/
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

server: nginx
content-type: image/png
last-modified: Tue, 12 Jul 2022 14:16:28 GMT
etag: "62cd823c-10d9"
x-wpe-request-id: 2b72cb4d25729f22b7d0bac4fcd07ec8
access-control-allow-origin: *
accept-ranges: bytes
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'self'; fullscreen 'self'; payment 'none'
content-encoding: gzip
content-length: 4336
cache-control: public, max-age=30936372
date: Thu, 16 Jan 2025 18:47:29 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; fullscreen 'self' https://www.youtube.com https://mediastream.microsoft.com; payment 'none'
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https:
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
GET

https://visualstudio.microsoft.com/wp-content/uploads/2021/10/apple_logo.svg

firefox.exe

Remote address:

2.22.247.97:443

Request

GET /wp-content/uploads/2021/10/apple_logo.svg HTTP/2.0
host: visualstudio.microsoft.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: image/avif,image/webp,*/*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://visualstudio.microsoft.com/
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

server: nginx
content-type: image/svg+xml
last-modified: Tue, 12 Jul 2022 14:15:48 GMT
etag: W/"62cd8214-2e7"
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'self'; fullscreen 'self'; payment 'none'
content-encoding: gzip
content-length: 466
cache-control: public, max-age=30936380
date: Thu, 16 Jan 2025 18:47:29 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; fullscreen 'self' https://www.youtube.com https://mediastream.microsoft.com; payment 'none'
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https:
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
GET

https://visualstudio.microsoft.com/wp-content/uploads/2022/03/Linux.svg

firefox.exe

Remote address:

2.22.247.97:443

Request

GET /wp-content/uploads/2022/03/Linux.svg HTTP/2.0
host: visualstudio.microsoft.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: image/avif,image/webp,*/*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://visualstudio.microsoft.com/
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

server: nginx
content-type: image/svg+xml
last-modified: Tue, 12 Jul 2022 14:15:08 GMT
etag: W/"62cd81ec-3889"
x-wpe-request-id: cb06694f2cafef1cee00d78246fce820
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'self'; fullscreen 'self'; payment 'none'
content-encoding: gzip
content-length: 5868
cache-control: public, max-age=30936474
date: Thu, 16 Jan 2025 18:47:29 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; fullscreen 'self' https://www.youtube.com https://mediastream.microsoft.com; payment 'none'
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https:
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
GET

https://visualstudio.microsoft.com/wp-content/themes/Avada-Child-Theme/assets/img/vscom-img-placeholder.png

firefox.exe

Remote address:

2.22.247.97:443

Request

GET /wp-content/themes/Avada-Child-Theme/assets/img/vscom-img-placeholder.png HTTP/2.0
host: visualstudio.microsoft.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: image/avif,image/webp,*/*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://visualstudio.microsoft.com/
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

server: nginx
content-type: image/png
last-modified: Thu, 03 Nov 2022 17:56:46 GMT
etag: "636400de-3a82"
access-control-allow-origin: *
accept-ranges: bytes
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'self'; fullscreen 'self'; payment 'none'
content-encoding: gzip
content-length: 1155
cache-control: public, max-age=30936344
date: Thu, 16 Jan 2025 18:47:29 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; fullscreen 'self' https://www.youtube.com https://mediastream.microsoft.com; payment 'none'
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https:
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
GET

https://visualstudio.microsoft.com/wp-content/uploads/2024/11/BlogForAmandaResize2-scaled.webp

firefox.exe

Remote address:

2.22.247.97:443

Request

GET /wp-content/uploads/2024/11/BlogForAmandaResize2-scaled.webp HTTP/2.0
host: visualstudio.microsoft.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: image/avif,image/webp,*/*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://visualstudio.microsoft.com/
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

server: nginx
content-type: image/webp
last-modified: Mon, 18 Nov 2024 19:44:40 GMT
etag: "673b9928-1350c"
access-control-allow-origin: *
accept-ranges: bytes
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'self'; fullscreen 'self'; payment 'none'
vary: Accept-Encoding
content-encoding: gzip
cache-control: public, max-age=30936405
date: Thu, 16 Jan 2025 18:47:29 GMT
content-length: 73924
x-frame-options: SAMEORIGIN
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; fullscreen 'self' https://www.youtube.com https://mediastream.microsoft.com; payment 'none'
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https:
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
GET

https://visualstudio.microsoft.com/wp-content/uploads/2024/11/githubadomain.webp

firefox.exe

Remote address:

2.22.247.97:443

Request

GET /wp-content/uploads/2024/11/githubadomain.webp HTTP/2.0
host: visualstudio.microsoft.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: image/avif,image/webp,*/*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://visualstudio.microsoft.com/
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

server: nginx
content-type: image/webp
last-modified: Mon, 18 Nov 2024 19:09:36 GMT
etag: "673b90f0-a30e"
access-control-allow-origin: *
accept-ranges: bytes
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'self'; fullscreen 'self'; payment 'none'
content-encoding: gzip
content-length: 41775
cache-control: public, max-age=30936533
date: Thu, 16 Jan 2025 18:47:29 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; fullscreen 'self' https://www.youtube.com https://mediastream.microsoft.com; payment 'none'
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https:
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
GET

https://visualstudio.microsoft.com/wp-content/uploads/2024/10/Carousel-Main.webp

firefox.exe

Remote address:

2.22.247.97:443

Request

GET /wp-content/uploads/2024/10/Carousel-Main.webp HTTP/2.0
host: visualstudio.microsoft.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: image/avif,image/webp,*/*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://visualstudio.microsoft.com/
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

server: nginx
content-type: image/svg+xml
last-modified: Wed, 15 Jan 2025 01:47:26 GMT
etag: W/"678713ae-28ee"
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'self'; fullscreen 'self'; payment 'none'
content-encoding: gzip
content-length: 7171
cache-control: public, max-age=31442924
date: Thu, 16 Jan 2025 18:47:29 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; fullscreen 'self' https://www.youtube.com https://mediastream.microsoft.com; payment 'none'
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https:
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
GET

https://visualstudio.microsoft.com/wp-content/uploads/2025/01/githutb-actions-preview.png

firefox.exe

Remote address:

2.22.247.97:443

Request

GET /wp-content/uploads/2025/01/githutb-actions-preview.png HTTP/2.0
host: visualstudio.microsoft.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: image/avif,image/webp,*/*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://visualstudio.microsoft.com/
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

server: nginx
content-type: image/webp
last-modified: Wed, 02 Oct 2024 16:01:17 GMT
etag: "66fd6e4d-154dc"
access-control-allow-origin: *
accept-ranges: bytes
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'self'; fullscreen 'self'; payment 'none'
content-encoding: gzip
content-length: 87308
cache-control: public, max-age=30936356
date: Thu, 16 Jan 2025 18:47:29 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; fullscreen 'self' https://www.youtube.com https://mediastream.microsoft.com; payment 'none'
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https:
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
GET

https://visualstudio.microsoft.com/wp-content/uploads/2025/01/GitHub-actions-icon.svg

firefox.exe

Remote address:

2.22.247.97:443

Request

GET /wp-content/uploads/2025/01/GitHub-actions-icon.svg HTTP/2.0
host: visualstudio.microsoft.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: image/avif,image/webp,*/*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://visualstudio.microsoft.com/
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

server: nginx
content-type: image/svg+xml
last-modified: Wed, 15 Jan 2025 01:47:26 GMT
etag: W/"678713ae-112f"
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'self'; fullscreen 'self'; payment 'none'
content-encoding: gzip
content-length: 2246
cache-control: public, max-age=31443036
date: Thu, 16 Jan 2025 18:47:29 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; fullscreen 'self' https://www.youtube.com https://mediastream.microsoft.com; payment 'none'
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https:
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
GET

https://visualstudio.microsoft.com/wp-content/uploads/2025/01/Markdown-Editor-preview.png

firefox.exe

Remote address:

2.22.247.97:443

Request

GET /wp-content/uploads/2025/01/Markdown-Editor-preview.png HTTP/2.0
host: visualstudio.microsoft.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: image/avif,image/webp,*/*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://visualstudio.microsoft.com/
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

server: nginx
content-type: image/svg+xml
last-modified: Fri, 04 Aug 2023 22:22:39 GMT
etag: W/"64cd7a2f-12ef"
x-wpe-request-id: 716513e2e453b339c8181db29558b13c
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'self'; fullscreen 'self'; payment 'none'
content-encoding: gzip
content-length: 2808
cache-control: public, max-age=30937352
date: Thu, 16 Jan 2025 18:47:29 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; fullscreen 'self' https://www.youtube.com https://mediastream.microsoft.com; payment 'none'
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https:
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
GET

https://visualstudio.microsoft.com/wp-content/uploads/2025/01/Markdown-Editor-icon.svg

firefox.exe

Remote address:

2.22.247.97:443

Request

GET /wp-content/uploads/2025/01/Markdown-Editor-icon.svg HTTP/2.0
host: visualstudio.microsoft.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: image/avif,image/webp,*/*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://visualstudio.microsoft.com/
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

server: nginx
content-type: image/png
last-modified: Wed, 15 Jan 2025 01:47:27 GMT
etag: "678713af-44f77"
access-control-allow-origin: *
accept-ranges: bytes
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'self'; fullscreen 'self'; payment 'none'
content-encoding: gzip
content-length: 280444
cache-control: public, max-age=31443047
date: Thu, 16 Jan 2025 18:47:29 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; fullscreen 'self' https://www.youtube.com https://mediastream.microsoft.com; payment 'none'
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https:
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
GET

https://visualstudio.microsoft.com/wp-content/uploads/2023/08/VisualStudioThemePack.webp

firefox.exe

Remote address:

2.22.247.97:443

Request

GET /wp-content/uploads/2023/08/VisualStudioThemePack.webp HTTP/2.0
host: visualstudio.microsoft.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: image/avif,image/webp,*/*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://visualstudio.microsoft.com/
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

server: nginx
content-type: application/javascript
last-modified: Thu, 03 Nov 2022 17:56:34 GMT
etag: W/"636400d2-209"
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'self'; fullscreen 'self'; payment 'none'
content-encoding: gzip
content-length: 316
cache-control: public, max-age=30936424
date: Thu, 16 Jan 2025 18:47:29 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; fullscreen 'self' https://www.youtube.com https://mediastream.microsoft.com; payment 'none'
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https:
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
GET

https://visualstudio.microsoft.com/wp-content/uploads/2023/08/ThemePack_Icon.svg

firefox.exe

Remote address:

2.22.247.97:443

Request

GET /wp-content/uploads/2023/08/ThemePack_Icon.svg HTTP/2.0
host: visualstudio.microsoft.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: image/avif,image/webp,*/*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://visualstudio.microsoft.com/
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

server: nginx
content-type: text/css
last-modified: Mon, 08 Jan 2024 17:59:49 GMT
etag: W/"659c3815-6b45"
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'self'; fullscreen 'self'; payment 'none'
content-encoding: gzip
content-length: 3669
cache-control: public, max-age=31481984
date: Thu, 16 Jan 2025 18:47:29 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; fullscreen 'self' https://www.youtube.com https://mediastream.microsoft.com; payment 'none'
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https:
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
GET

https://visualstudio.microsoft.com/wp-content/uploads/2025/01/SQLite-SQL-Server-preview.png

firefox.exe

Remote address:

2.22.247.97:443

Request

GET /wp-content/uploads/2025/01/SQLite-SQL-Server-preview.png HTTP/2.0
host: visualstudio.microsoft.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: image/avif,image/webp,*/*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://visualstudio.microsoft.com/
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

server: nginx
content-type: image/png
last-modified: Wed, 15 Jan 2025 01:47:28 GMT
etag: "678713b0-474e8"
access-control-allow-origin: *
accept-ranges: bytes
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'self'; fullscreen 'self'; payment 'none'
content-encoding: gzip
content-length: 290069
cache-control: public, max-age=31442958
date: Thu, 16 Jan 2025 18:47:29 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; fullscreen 'self' https://www.youtube.com https://mediastream.microsoft.com; payment 'none'
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https:
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
GET

https://visualstudio.microsoft.com/wp-content/uploads/2025/01/SQLite-SQL-Server-icon.svg

firefox.exe

Remote address:

2.22.247.97:443

Request

GET /wp-content/uploads/2025/01/SQLite-SQL-Server-icon.svg HTTP/2.0
host: visualstudio.microsoft.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: image/avif,image/webp,*/*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://visualstudio.microsoft.com/
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

server: nginx
content-type: image/png
last-modified: Wed, 15 Jan 2025 01:47:29 GMT
etag: "678713b1-c4c18"
access-control-allow-origin: *
accept-ranges: bytes
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'self'; fullscreen 'self'; payment 'none'
content-encoding: gzip
content-length: 805415
cache-control: public, max-age=31442992
date: Thu, 16 Jan 2025 18:47:29 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; fullscreen 'self' https://www.youtube.com https://mediastream.microsoft.com; payment 'none'
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https:
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
GET

https://visualstudio.microsoft.com/wp-content/uploads/2022/11/Launch.svg

firefox.exe

Remote address:

2.22.247.97:443

Request

GET /wp-content/uploads/2022/11/Launch.svg HTTP/2.0
host: visualstudio.microsoft.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: image/avif,image/webp,*/*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://visualstudio.microsoft.com/
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

server: nginx
content-type: application/javascript
last-modified: Mon, 31 Jul 2023 17:00:24 GMT
etag: W/"64c7e8a8-f17"
x-wpe-request-id: f616c4c3c6d4d9c64361fbb02ac4b8b1
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'self'; fullscreen 'self'; payment 'none'
content-encoding: gzip
content-length: 1145
cache-control: public, max-age=30936410
date: Thu, 16 Jan 2025 18:47:29 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; fullscreen 'self' https://www.youtube.com https://mediastream.microsoft.com; payment 'none'
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https:
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
GET

https://visualstudio.microsoft.com/wp-content/uploads/2023/01/alaska.png

firefox.exe

Remote address:

2.22.247.97:443

Request

GET /wp-content/uploads/2023/01/alaska.png HTTP/2.0
host: visualstudio.microsoft.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: image/avif,image/webp,*/*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://visualstudio.microsoft.com/
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

server: nginx
content-type: application/javascript
last-modified: Tue, 13 Dec 2022 16:31:37 GMT
etag: W/"6398a8e9-166d"
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'self'; fullscreen 'self'; payment 'none'
content-encoding: gzip
content-length: 1243
cache-control: public, max-age=31242653
date: Thu, 16 Jan 2025 18:47:29 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; fullscreen 'self' https://www.youtube.com https://mediastream.microsoft.com; payment 'none'
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https:
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
GET

https://visualstudio.microsoft.com/wp-content/uploads/2023/01/dc-water.png

firefox.exe

Remote address:

2.22.247.97:443

Request

GET /wp-content/uploads/2023/01/dc-water.png HTTP/2.0
host: visualstudio.microsoft.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: image/avif,image/webp,*/*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://visualstudio.microsoft.com/
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

server: nginx
content-type: application/javascript
last-modified: Thu, 03 Aug 2023 18:13:44 GMT
etag: W/"64cbee58-a73"
x-wpe-request-id: a8cef1f593ce6d04ae4d12f57d94da91
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'self'; fullscreen 'self'; payment 'none'
content-encoding: gzip
content-length: 1150
cache-control: public, max-age=30936452
date: Thu, 16 Jan 2025 18:47:29 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; fullscreen 'self' https://www.youtube.com https://mediastream.microsoft.com; payment 'none'
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https:
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
GET

https://visualstudio.microsoft.com//wp-content/uploads/2023/01/chipotle.png

firefox.exe

Remote address:

2.22.247.97:443

Request

GET //wp-content/uploads/2023/01/chipotle.png HTTP/2.0
host: visualstudio.microsoft.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: image/avif,image/webp,*/*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://visualstudio.microsoft.com/
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

server: nginx
content-type: application/javascript
last-modified: Mon, 30 Dec 2024 18:36:55 GMT
etag: W/"6772e847-721fc"
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'self'; fullscreen 'self'; payment 'none'
content-encoding: gzip
content-length: 120838
cache-control: public, max-age=30936491
date: Thu, 16 Jan 2025 18:47:29 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; fullscreen 'self' https://www.youtube.com https://mediastream.microsoft.com; payment 'none'
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https:
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
GET

https://visualstudio.microsoft.com/wp-content/uploads/2023/01/real-madrid.png

firefox.exe

Remote address:

2.22.247.97:443

Request

GET /wp-content/uploads/2023/01/real-madrid.png HTTP/2.0
host: visualstudio.microsoft.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: image/avif,image/webp,*/*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://visualstudio.microsoft.com/
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

server: nginx
content-type: application/javascript
last-modified: Thu, 03 Nov 2022 17:56:46 GMT
etag: W/"636400de-5d2"
x-wpe-request-id: 78e322493713bd116ec97b6723d69111
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'self'; fullscreen 'self'; payment 'none'
content-encoding: gzip
content-length: 496
cache-control: public, max-age=30936305
date: Thu, 16 Jan 2025 18:47:29 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; fullscreen 'self' https://www.youtube.com https://mediastream.microsoft.com; payment 'none'
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https:
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
GET

https://visualstudio.microsoft.com/wp-content/uploads/2023/01/godaddy.png

firefox.exe

Remote address:

2.22.247.97:443

Request

GET /wp-content/uploads/2023/01/godaddy.png HTTP/2.0
host: visualstudio.microsoft.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: image/avif,image/webp,*/*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://visualstudio.microsoft.com/
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

server: nginx
content-type: image/webp
last-modified: Fri, 04 Aug 2023 22:22:39 GMT
etag: "64cd7a2f-a912"
x-wpe-request-id: 89bc38710bf3f67a23943dbc43e8aa0e
access-control-allow-origin: *
accept-ranges: bytes
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'self'; fullscreen 'self'; payment 'none'
content-encoding: gzip
content-length: 43315
cache-control: public, max-age=30936473
date: Thu, 16 Jan 2025 18:47:29 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; fullscreen 'self' https://www.youtube.com https://mediastream.microsoft.com; payment 'none'
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https:
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
GET

https://visualstudio.microsoft.com/wp-content/uploads/2023/01/ge-aviation.png

firefox.exe

Remote address:

2.22.247.97:443

Request

GET /wp-content/uploads/2023/01/ge-aviation.png HTTP/2.0
host: visualstudio.microsoft.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: image/avif,image/webp,*/*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://visualstudio.microsoft.com/
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

server: nginx
content-type: image/svg+xml
last-modified: Wed, 15 Jan 2025 01:47:26 GMT
etag: W/"678713ae-359c"
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'self'; fullscreen 'self'; payment 'none'
content-encoding: gzip
content-length: 9628
cache-control: public, max-age=31443078
date: Thu, 16 Jan 2025 18:47:29 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; fullscreen 'self' https://www.youtube.com https://mediastream.microsoft.com; payment 'none'
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https:
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
GET

https://visualstudio.microsoft.com/wp-content/uploads/2023/01/pegasus-one.png

firefox.exe

Remote address:

2.22.247.97:443

Request

GET /wp-content/uploads/2023/01/pegasus-one.png HTTP/2.0
host: visualstudio.microsoft.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: image/avif,image/webp,*/*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://visualstudio.microsoft.com/
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

server: nginx
content-type: image/svg+xml
last-modified: Mon, 12 Dec 2022 20:35:20 GMT
etag: W/"63979088-dde"
x-wpe-request-id: adc033c454275a1e10fafae3083d93be
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'self'; fullscreen 'self'; payment 'none'
content-encoding: gzip
content-length: 1311
cache-control: public, max-age=30936424
date: Thu, 16 Jan 2025 18:47:29 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; fullscreen 'self' https://www.youtube.com https://mediastream.microsoft.com; payment 'none'
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https:
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
GET

https://visualstudio.microsoft.com/wp-content/uploads/2023/01/UPS.png

firefox.exe

Remote address:

2.22.247.97:443

Request

GET /wp-content/uploads/2023/01/UPS.png HTTP/2.0
host: visualstudio.microsoft.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: image/avif,image/webp,*/*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://visualstudio.microsoft.com/
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

server: nginx
content-type: image/png
last-modified: Tue, 17 Jan 2023 21:16:42 GMT
etag: "63c7103a-3d2f"
x-wpe-request-id: c27042fb73128e4a580f3a5828e14336
access-control-allow-origin: *
accept-ranges: bytes
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'self'; fullscreen 'self'; payment 'none'
content-encoding: gzip
content-length: 14610
cache-control: public, max-age=30936454
date: Thu, 16 Jan 2025 18:47:29 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; fullscreen 'self' https://www.youtube.com https://mediastream.microsoft.com; payment 'none'
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https:
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
GET

https://visualstudio.microsoft.com/wp-content/uploads/2023/01/rolls-royce.png

firefox.exe

Remote address:

2.22.247.97:443

Request

GET /wp-content/uploads/2023/01/rolls-royce.png HTTP/2.0
host: visualstudio.microsoft.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: image/avif,image/webp,*/*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://visualstudio.microsoft.com/
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

server: nginx
content-type: image/png
last-modified: Tue, 17 Jan 2023 21:20:31 GMT
etag: "63c7111f-384d"
x-wpe-request-id: fd9fa9771910bd65f2b9fbcc0cc9de44
access-control-allow-origin: *
accept-ranges: bytes
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'self'; fullscreen 'self'; payment 'none'
content-encoding: gzip
content-length: 13417
cache-control: public, max-age=30936531
date: Thu, 16 Jan 2025 18:47:29 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; fullscreen 'self' https://www.youtube.com https://mediastream.microsoft.com; payment 'none'
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https:
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
GET

https://visualstudio.microsoft.com/wp-content/uploads/2022/09/Apple_Opaque.svg

firefox.exe

Remote address:

2.22.247.97:443

Request

GET /wp-content/uploads/2022/09/Apple_Opaque.svg HTTP/2.0
host: visualstudio.microsoft.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: image/avif,image/webp,*/*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://visualstudio.microsoft.com/
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

server: nginx
content-type: image/png
last-modified: Tue, 17 Jan 2023 21:23:36 GMT
etag: "63c711d8-4513"
x-wpe-request-id: e2c93c83fc7b8eb1ea419adeb32563e7
access-control-allow-origin: *
accept-ranges: bytes
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'self'; fullscreen 'self'; payment 'none'
content-encoding: gzip
content-length: 16719
cache-control: public, max-age=30936394
date: Thu, 16 Jan 2025 18:47:29 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; fullscreen 'self' https://www.youtube.com https://mediastream.microsoft.com; payment 'none'
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https:
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
GET

https://visualstudio.microsoft.com/wp-content/uploads/2024/01/X-logo.svg

firefox.exe

Remote address:

2.22.247.97:443

Request

GET /wp-content/uploads/2024/01/X-logo.svg HTTP/2.0
host: visualstudio.microsoft.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: image/avif,image/webp,*/*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://visualstudio.microsoft.com/
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

server: nginx
content-type: image/png
last-modified: Tue, 17 Jan 2023 21:27:56 GMT
etag: "63c712dc-2b25"
access-control-allow-origin: *
accept-ranges: bytes
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'self'; fullscreen 'self'; payment 'none'
content-encoding: gzip
content-length: 10107
cache-control: public, max-age=30936509
date: Thu, 16 Jan 2025 18:47:29 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; fullscreen 'self' https://www.youtube.com https://mediastream.microsoft.com; payment 'none'
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https:
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
GET

https://visualstudio.microsoft.com/wp-content/uploads/2024/01/Facebook.svg

firefox.exe

Remote address:

2.22.247.97:443

Request

GET /wp-content/uploads/2024/01/Facebook.svg HTTP/2.0
host: visualstudio.microsoft.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: image/avif,image/webp,*/*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://visualstudio.microsoft.com/
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

server: nginx
content-type: image/png
last-modified: Tue, 17 Jan 2023 21:33:18 GMT
etag: "63c7141e-373f"
access-control-allow-origin: *
accept-ranges: bytes
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'self'; fullscreen 'self'; payment 'none'
content-encoding: gzip
content-length: 13038
cache-control: public, max-age=30936393
date: Thu, 16 Jan 2025 18:47:29 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; fullscreen 'self' https://www.youtube.com https://mediastream.microsoft.com; payment 'none'
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https:
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
GET

https://visualstudio.microsoft.com/wp-content/uploads/2024/01/Linkedin.svg

firefox.exe

Remote address:

2.22.247.97:443

Request

GET /wp-content/uploads/2024/01/Linkedin.svg HTTP/2.0
host: visualstudio.microsoft.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: image/avif,image/webp,*/*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://visualstudio.microsoft.com/
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

server: nginx
content-type: image/png
last-modified: Tue, 17 Jan 2023 21:36:51 GMT
etag: "63c714f3-37af"
x-wpe-request-id: 184434a5c4f93f89262ef0cd0ee9cf41
access-control-allow-origin: *
accept-ranges: bytes
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'self'; fullscreen 'self'; payment 'none'
content-encoding: gzip
content-length: 13204
cache-control: public, max-age=30936339
date: Thu, 16 Jan 2025 18:47:29 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; fullscreen 'self' https://www.youtube.com https://mediastream.microsoft.com; payment 'none'
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https:
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
GET

https://visualstudio.microsoft.com/wp-content/uploads/2024/01/Youtube.svg

firefox.exe

Remote address:

2.22.247.97:443

Request

GET /wp-content/uploads/2024/01/Youtube.svg HTTP/2.0
host: visualstudio.microsoft.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: image/avif,image/webp,*/*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://visualstudio.microsoft.com/
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

server: nginx
content-type: image/png
last-modified: Tue, 17 Jan 2023 21:40:19 GMT
etag: "63c715c3-34a3"
access-control-allow-origin: *
accept-ranges: bytes
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'self'; fullscreen 'self'; payment 'none'
content-encoding: gzip
content-length: 12564
cache-control: public, max-age=30936419
date: Thu, 16 Jan 2025 18:47:29 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; fullscreen 'self' https://www.youtube.com https://mediastream.microsoft.com; payment 'none'
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https:
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
GET

https://visualstudio.microsoft.com/wp-content/uploads/2024/10/Tiktok.svg

firefox.exe

Remote address:

2.22.247.97:443

Request

GET /wp-content/uploads/2024/10/Tiktok.svg HTTP/2.0
host: visualstudio.microsoft.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: image/avif,image/webp,*/*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://visualstudio.microsoft.com/
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

server: nginx
content-type: image/png
last-modified: Tue, 17 Jan 2023 21:45:03 GMT
etag: "63c716df-2d23"
access-control-allow-origin: *
accept-ranges: bytes
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'self'; fullscreen 'self'; payment 'none'
content-encoding: gzip
content-length: 10760
cache-control: public, max-age=30936362
date: Thu, 16 Jan 2025 18:47:29 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; fullscreen 'self' https://www.youtube.com https://mediastream.microsoft.com; payment 'none'
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https:
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
GET

https://visualstudio.microsoft.com/wp-content/plugins/vscom-fusion-extension/css/vscom-slider.min.css?ver=1704736789

firefox.exe

Remote address:

2.22.247.97:443

Request

GET /wp-content/plugins/vscom-fusion-extension/css/vscom-slider.min.css?ver=1704736789 HTTP/2.0
host: visualstudio.microsoft.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: text/css,*/*;q=0.1
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://visualstudio.microsoft.com/
sec-fetch-dest: style
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

server: nginx
content-type: image/png
last-modified: Tue, 17 Jan 2023 21:47:42 GMT
etag: "63c7177e-334c"
x-wpe-request-id: af4f4c8c2b5181423f3bd4fb909f290d
access-control-allow-origin: *
accept-ranges: bytes
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'self'; fullscreen 'self'; payment 'none'
content-encoding: gzip
content-length: 12364
cache-control: public, max-age=31246940
date: Thu, 16 Jan 2025 18:47:29 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; fullscreen 'self' https://www.youtube.com https://mediastream.microsoft.com; payment 'none'
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https:
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
GET

https://visualstudio.microsoft.com/wp-content/plugins/vscom-dom-ready-js/js/vscomDomReady.min.js?ver=1667498194

firefox.exe

Remote address:

2.22.247.97:443

Request

GET /wp-content/plugins/vscom-dom-ready-js/js/vscomDomReady.min.js?ver=1667498194 HTTP/2.0
host: visualstudio.microsoft.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://visualstudio.microsoft.com/
sec-fetch-dest: script
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

server: nginx
content-type: image/svg+xml
last-modified: Mon, 12 Dec 2022 20:38:32 GMT
etag: W/"63979148-2ee"
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'self'; fullscreen 'self'; payment 'none'
content-encoding: gzip
content-length: 466
cache-control: public, max-age=30936357
date: Thu, 16 Jan 2025 18:47:29 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; fullscreen 'self' https://www.youtube.com https://mediastream.microsoft.com; payment 'none'
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https:
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
GET

https://visualstudio.microsoft.com/wp-content/themes/Avada-Child-Theme/assets/js/common.min.js?1690822824

firefox.exe

Remote address:

2.22.247.97:443

Request

GET /wp-content/themes/Avada-Child-Theme/assets/js/common.min.js?1690822824 HTTP/2.0
host: visualstudio.microsoft.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://visualstudio.microsoft.com/
sec-fetch-dest: script
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

server: nginx
content-type: image/svg+xml
last-modified: Wed, 31 Jan 2024 21:09:01 GMT
etag: W/"65bab6ed-1dd"
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'self'; fullscreen 'self'; payment 'none'
content-encoding: gzip
content-length: 331
cache-control: public, max-age=30936335
date: Thu, 16 Jan 2025 18:47:29 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; fullscreen 'self' https://www.youtube.com https://mediastream.microsoft.com; payment 'none'
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https:
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
GET

https://visualstudio.microsoft.com/wp-content/plugins/vscom-fusion-extension/js/dropdown-menu.min.js?ver=6.7.1

firefox.exe

Remote address:

2.22.247.97:443

Request

GET /wp-content/plugins/vscom-fusion-extension/js/dropdown-menu.min.js?ver=6.7.1 HTTP/2.0
host: visualstudio.microsoft.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://visualstudio.microsoft.com/
sec-fetch-dest: script
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

server: nginx
content-type: image/svg+xml
last-modified: Wed, 31 Jan 2024 21:09:00 GMT
etag: W/"65bab6ec-382"
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'self'; fullscreen 'self'; payment 'none'
content-encoding: gzip
content-length: 444
cache-control: public, max-age=30936388
date: Thu, 16 Jan 2025 18:47:29 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; fullscreen 'self' https://www.youtube.com https://mediastream.microsoft.com; payment 'none'
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https:
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
GET

https://visualstudio.microsoft.com/wp-content/plugins/vscom-fusion-extension/js/vscom-extension-cards.min.js?ver=1691086424

firefox.exe

Remote address:

2.22.247.97:443

Request

GET /wp-content/plugins/vscom-fusion-extension/js/vscom-extension-cards.min.js?ver=1691086424 HTTP/2.0
host: visualstudio.microsoft.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://visualstudio.microsoft.com/
sec-fetch-dest: script
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

server: nginx
content-type: image/svg+xml
last-modified: Wed, 31 Jan 2024 21:09:00 GMT
etag: W/"65bab6ec-32d"
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'self'; fullscreen 'self'; payment 'none'
content-encoding: gzip
content-length: 448
cache-control: public, max-age=31481984
date: Thu, 16 Jan 2025 18:47:29 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; fullscreen 'self' https://www.youtube.com https://mediastream.microsoft.com; payment 'none'
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https:
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
GET

https://visualstudio.microsoft.com/wp-content/uploads/fusion-scripts/1cef6133aa19724cabe0c37e09d4cca8.min.js?ver=3.11.11

firefox.exe

Remote address:

2.22.247.97:443

Request

GET /wp-content/uploads/fusion-scripts/1cef6133aa19724cabe0c37e09d4cca8.min.js?ver=3.11.11 HTTP/2.0
host: visualstudio.microsoft.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://visualstudio.microsoft.com/
sec-fetch-dest: script
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

server: nginx
content-type: image/svg+xml
last-modified: Wed, 31 Jan 2024 21:09:01 GMT
etag: W/"65bab6ed-2e1"
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'self'; fullscreen 'self'; payment 'none'
content-encoding: gzip
content-length: 372
cache-control: public, max-age=30936410
date: Thu, 16 Jan 2025 18:47:29 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; fullscreen 'self' https://www.youtube.com https://mediastream.microsoft.com; payment 'none'
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https:
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
GET

https://visualstudio.microsoft.com/wp-content/themes/Avada-Child-Theme/assets/img/edit-outline.svg

firefox.exe

Remote address:

2.22.247.97:443

Request

GET /wp-content/themes/Avada-Child-Theme/assets/img/edit-outline.svg HTTP/2.0
host: visualstudio.microsoft.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: image/avif,image/webp,*/*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://visualstudio.microsoft.com/
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

server: nginx
content-type: image/svg+xml
last-modified: Thu, 24 Oct 2024 17:52:27 GMT
etag: W/"671a895b-6235"
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'self'; fullscreen 'self'; payment 'none'
content-encoding: gzip
content-length: 17392
cache-control: public, max-age=30936476
date: Thu, 16 Jan 2025 18:47:29 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; fullscreen 'self' https://www.youtube.com https://mediastream.microsoft.com; payment 'none'
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https:
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
GET

https://visualstudio.microsoft.com/wp-content/themes/Avada-Child-Theme/assets/js/vscom-usabilla-a11y.js

firefox.exe

Remote address:

2.22.247.97:443

Request

GET /wp-content/themes/Avada-Child-Theme/assets/js/vscom-usabilla-a11y.js HTTP/2.0
host: visualstudio.microsoft.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://visualstudio.microsoft.com/
sec-fetch-dest: script
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

server: nginx
content-type: image/svg+xml
last-modified: Thu, 03 Nov 2022 17:56:46 GMT
etag: W/"636400de-61d"
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'self'; fullscreen 'self'; payment 'none'
content-encoding: gzip
content-length: 731
cache-control: public, max-age=30936409
date: Thu, 16 Jan 2025 18:47:29 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; fullscreen 'self' https://www.youtube.com https://mediastream.microsoft.com; payment 'none'
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https:
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
GET

https://visualstudio.microsoft.com/wp-content/themes/Avada/assets/css/media/max-shbp-header-legacy.min.css?ver=7.11.11

firefox.exe

Remote address:

2.22.247.97:443

Request

GET /wp-content/themes/Avada/assets/css/media/max-shbp-header-legacy.min.css?ver=7.11.11 HTTP/2.0
host: visualstudio.microsoft.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: text/css,*/*;q=0.1
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://visualstudio.microsoft.com/
sec-fetch-dest: style
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

server: nginx
content-type: text/css
last-modified: Tue, 11 Jul 2023 16:32:11 GMT
etag: W/"64ad840b-1e96"
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'self'; fullscreen 'self'; payment 'none'
content-encoding: gzip
content-length: 1387
date: Thu, 16 Jan 2025 18:47:29 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; fullscreen 'self' https://www.youtube.com https://mediastream.microsoft.com; payment 'none'
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https:
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
GET

https://visualstudio.microsoft.com/wp-content/plugins/fusion-builder/assets/css/media/tabs-md.min.css?ver=7.11.11

firefox.exe

Remote address:

2.22.247.97:443

Request

GET /wp-content/plugins/fusion-builder/assets/css/media/tabs-md.min.css?ver=7.11.11 HTTP/2.0
host: visualstudio.microsoft.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: text/css,*/*;q=0.1
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://visualstudio.microsoft.com/
sec-fetch-dest: style
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

server: nginx
content-type: text/css
last-modified: Tue, 10 Jan 2023 17:34:26 GMT
etag: W/"63bda1a2-5f6"
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'self'; fullscreen 'self'; payment 'none'
content-encoding: gzip
content-length: 323
date: Thu, 16 Jan 2025 18:47:29 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; fullscreen 'self' https://www.youtube.com https://mediastream.microsoft.com; payment 'none'
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https:
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
GET

https://visualstudio.microsoft.com/wp-content/plugins/fusion-builder/assets/css/media/min-768-max-1024-p.min.css?ver=3.11.11

firefox.exe

Remote address:

2.22.247.97:443

Request

GET /wp-content/plugins/fusion-builder/assets/css/media/min-768-max-1024-p.min.css?ver=3.11.11 HTTP/2.0
host: visualstudio.microsoft.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: text/css,*/*;q=0.1
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://visualstudio.microsoft.com/
sec-fetch-dest: style
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

server: nginx
content-type: text/css
last-modified: Tue, 10 Jan 2023 17:34:12 GMT
etag: W/"63bda194-645"
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'self'; fullscreen 'self'; payment 'none'
content-encoding: gzip
content-length: 308
date: Thu, 16 Jan 2025 18:47:29 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; fullscreen 'self' https://www.youtube.com https://mediastream.microsoft.com; payment 'none'
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https:
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
GET

https://visualstudio.microsoft.com/wp-content/themes/Avada/assets/css/media/max-sh-cbp-social-sharing.min.css?ver=7.11.11

firefox.exe

Remote address:

2.22.247.97:443

Request

GET /wp-content/themes/Avada/assets/css/media/max-sh-cbp-social-sharing.min.css?ver=7.11.11 HTTP/2.0
host: visualstudio.microsoft.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: text/css,*/*;q=0.1
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://visualstudio.microsoft.com/
sec-fetch-dest: style
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

server: nginx
content-type: text/css
last-modified: Thu, 03 Nov 2022 17:56:49 GMT
etag: "636400e1-ba"
access-control-allow-origin: *
accept-ranges: bytes
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'self'; fullscreen 'self'; payment 'none'
content-encoding: gzip
content-length: 132
date: Thu, 16 Jan 2025 18:47:29 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; fullscreen 'self' https://www.youtube.com https://mediastream.microsoft.com; payment 'none'
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https:
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
GET

https://visualstudio.microsoft.com/wp-content/themes/Avada/assets/css/media/max-2c.min.css?ver=7.11.11

firefox.exe

Remote address:

2.22.247.97:443

Request

GET /wp-content/themes/Avada/assets/css/media/max-2c.min.css?ver=7.11.11 HTTP/2.0
host: visualstudio.microsoft.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: text/css,*/*;q=0.1
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://visualstudio.microsoft.com/
sec-fetch-dest: style
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

server: nginx
content-type: text/css
last-modified: Tue, 11 Jul 2023 16:32:06 GMT
etag: W/"64ad8406-7e3"
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'self'; fullscreen 'self'; payment 'none'
content-encoding: gzip
content-length: 371
date: Thu, 16 Jan 2025 18:47:29 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; fullscreen 'self' https://www.youtube.com https://mediastream.microsoft.com; payment 'none'
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https:
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
GET

https://visualstudio.microsoft.com/wp-content/themes/Avada/assets/css/media/max-sh-sbp.min.css?ver=7.11.11

firefox.exe

Remote address:

2.22.247.97:443

Request

GET /wp-content/themes/Avada/assets/css/media/max-sh-sbp.min.css?ver=7.11.11 HTTP/2.0
host: visualstudio.microsoft.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: text/css,*/*;q=0.1
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://visualstudio.microsoft.com/
sec-fetch-dest: style
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

server: nginx
content-type: text/css
last-modified: Thu, 03 Nov 2022 17:56:49 GMT
etag: "636400e1-ee"
access-control-allow-origin: *
accept-ranges: bytes
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'self'; fullscreen 'self'; payment 'none'
content-encoding: gzip
content-length: 145
date: Thu, 16 Jan 2025 18:47:29 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; fullscreen 'self' https://www.youtube.com https://mediastream.microsoft.com; payment 'none'
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https:
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
GET

https://visualstudio.microsoft.com/wp-content/plugins/fusion-builder/assets/css/media/fullwidth-md.min.css?ver=3.11.11

firefox.exe

Remote address:

2.22.247.97:443

Request

GET /wp-content/plugins/fusion-builder/assets/css/media/fullwidth-md.min.css?ver=3.11.11 HTTP/2.0
host: visualstudio.microsoft.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: text/css,*/*;q=0.1
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://visualstudio.microsoft.com/
cookie: MicrosoftApplicationsTelemetryDeviceId=aaf3ffe8-bb75-4ff0-9d39-084e1b8f248f
sec-fetch-dest: style
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

server: nginx
content-type: text/css
last-modified: Thu, 03 Nov 2022 17:56:24 GMT
etag: W/"636400c8-8b7"
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'self'; fullscreen 'self'; payment 'none'
content-encoding: gzip
content-length: 797
date: Thu, 16 Jan 2025 18:47:29 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; fullscreen 'self' https://www.youtube.com https://mediastream.microsoft.com; payment 'none'
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https:
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
GET

https://visualstudio.microsoft.com/wp-content/themes/Avada/assets/css/media/min-5c-max-6c.min.css?ver=7.11.11

firefox.exe

Remote address:

2.22.247.97:443

Request

GET /wp-content/themes/Avada/assets/css/media/min-5c-max-6c.min.css?ver=7.11.11 HTTP/2.0
host: visualstudio.microsoft.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: text/css,*/*;q=0.1
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://visualstudio.microsoft.com/
cookie: MicrosoftApplicationsTelemetryDeviceId=aaf3ffe8-bb75-4ff0-9d39-084e1b8f248f
sec-fetch-dest: style
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

server: nginx
content-type: text/css
last-modified: Thu, 03 Nov 2022 17:56:00 GMT
etag: W/"636400b0-13c1"
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'self'; fullscreen 'self'; payment 'none'
content-encoding: gzip
content-length: 817
date: Thu, 16 Jan 2025 18:47:29 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; fullscreen 'self' https://www.youtube.com https://mediastream.microsoft.com; payment 'none'
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https:
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
GET

https://visualstudio.microsoft.com/wp-content/plugins/vscom-core/assets/css/vscom-subsup.min.css?ver=1667498184

firefox.exe

Remote address:

2.22.247.97:443

Request

GET /wp-content/plugins/vscom-core/assets/css/vscom-subsup.min.css?ver=1667498184 HTTP/2.0
host: visualstudio.microsoft.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: text/css,*/*;q=0.1
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://visualstudio.microsoft.com/
cookie: MicrosoftApplicationsTelemetryDeviceId=aaf3ffe8-bb75-4ff0-9d39-084e1b8f248f
cookie: ai_session=3n6sBbR9Gd8poVAuRJW4ek|1737053248943|1737053248943
sec-fetch-dest: style
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

server: nginx
content-type: text/css
last-modified: Thu, 03 Nov 2022 17:56:49 GMT
etag: W/"636400e1-396"
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'self'; fullscreen 'self'; payment 'none'
content-encoding: gzip
content-length: 211
date: Thu, 16 Jan 2025 18:47:29 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; fullscreen 'self' https://www.youtube.com https://mediastream.microsoft.com; payment 'none'
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https:
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
GET

https://visualstudio.microsoft.com/wp-content/plugins/fusion-builder/assets/css/media/meta-md.min.css?ver=7.11.11

firefox.exe

Remote address:

2.22.247.97:443

Request

GET /wp-content/plugins/fusion-builder/assets/css/media/meta-md.min.css?ver=7.11.11 HTTP/2.0
host: visualstudio.microsoft.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: text/css,*/*;q=0.1
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://visualstudio.microsoft.com/
cookie: MicrosoftApplicationsTelemetryDeviceId=aaf3ffe8-bb75-4ff0-9d39-084e1b8f248f
cookie: ai_session=3n6sBbR9Gd8poVAuRJW4ek|1737053248943|1737053248943
sec-fetch-dest: style
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

server: nginx
content-type: text/css
last-modified: Thu, 03 Nov 2022 17:56:49 GMT
etag: W/"636400e1-247"
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'self'; fullscreen 'self'; payment 'none'
content-encoding: gzip
content-length: 259
date: Thu, 16 Jan 2025 18:47:29 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; fullscreen 'self' https://www.youtube.com https://mediastream.microsoft.com; payment 'none'
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https:
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
GET

https://visualstudio.microsoft.com/wp-content/themes/Avada/assets/css/media/max-main.min.css?ver=7.11.11

firefox.exe

Remote address:

2.22.247.97:443

Request

GET /wp-content/themes/Avada/assets/css/media/max-main.min.css?ver=7.11.11 HTTP/2.0
host: visualstudio.microsoft.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: text/css,*/*;q=0.1
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://visualstudio.microsoft.com/
cookie: MicrosoftApplicationsTelemetryDeviceId=aaf3ffe8-bb75-4ff0-9d39-084e1b8f248f
cookie: ai_session=3n6sBbR9Gd8poVAuRJW4ek|1737053248943|1737053248943
sec-fetch-dest: style
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

server: nginx
content-type: text/css
last-modified: Tue, 10 Jan 2023 17:34:12 GMT
etag: "63bda194-96"
access-control-allow-origin: *
accept-ranges: bytes
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'self'; fullscreen 'self'; payment 'none'
content-encoding: gzip
content-length: 113
date: Thu, 16 Jan 2025 18:47:29 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; fullscreen 'self' https://www.youtube.com https://mediastream.microsoft.com; payment 'none'
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https:
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
GET

https://visualstudio.microsoft.com/wp-content/themes/Avada/assets/css/media/max-sh-cbp.min.css?ver=7.11.11

firefox.exe

Remote address:

2.22.247.97:443

Request

GET /wp-content/themes/Avada/assets/css/media/max-sh-cbp.min.css?ver=7.11.11 HTTP/2.0
host: visualstudio.microsoft.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: text/css,*/*;q=0.1
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://visualstudio.microsoft.com/
cookie: MicrosoftApplicationsTelemetryDeviceId=aaf3ffe8-bb75-4ff0-9d39-084e1b8f248f
cookie: ai_session=3n6sBbR9Gd8poVAuRJW4ek|1737053248943|1737053248943
sec-fetch-dest: style
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

server: nginx
content-type: text/css
last-modified: Thu, 22 Feb 2024 19:18:20 GMT
etag: W/"65d79dfc-1f77"
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'self'; fullscreen 'self'; payment 'none'
content-encoding: gzip
content-length: 1940
date: Thu, 16 Jan 2025 18:47:29 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; fullscreen 'self' https://www.youtube.com https://mediastream.microsoft.com; payment 'none'
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https:
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
GET

https://visualstudio.microsoft.com/wp-content/themes/Avada/assets/css/media/max-sh-shbp.min.css?ver=7.11.11

firefox.exe

Remote address:

2.22.247.97:443

Request

GET /wp-content/themes/Avada/assets/css/media/max-sh-shbp.min.css?ver=7.11.11 HTTP/2.0
host: visualstudio.microsoft.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: text/css,*/*;q=0.1
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://visualstudio.microsoft.com/
cookie: MicrosoftApplicationsTelemetryDeviceId=aaf3ffe8-bb75-4ff0-9d39-084e1b8f248f
cookie: ai_session=3n6sBbR9Gd8poVAuRJW4ek|1737053248943|1737053248943
sec-fetch-dest: style
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

server: nginx
content-type: text/css
last-modified: Thu, 03 Nov 2022 17:56:49 GMT
etag: "636400e1-70"
access-control-allow-origin: *
accept-ranges: bytes
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'self'; fullscreen 'self'; payment 'none'
content-encoding: gzip
content-length: 90
date: Thu, 16 Jan 2025 18:47:29 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; fullscreen 'self' https://www.youtube.com https://mediastream.microsoft.com; payment 'none'
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https:
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
GET

https://visualstudio.microsoft.com/wp-content/themes/Avada/assets/css/media/min-2c-max-3c.min.css?ver=7.11.11

firefox.exe

Remote address:

2.22.247.97:443

Request

GET /wp-content/themes/Avada/assets/css/media/min-2c-max-3c.min.css?ver=7.11.11 HTTP/2.0
host: visualstudio.microsoft.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: text/css,*/*;q=0.1
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://visualstudio.microsoft.com/
cookie: MicrosoftApplicationsTelemetryDeviceId=aaf3ffe8-bb75-4ff0-9d39-084e1b8f248f
cookie: ai_session=3n6sBbR9Gd8poVAuRJW4ek|1737053248943|1737053248943
sec-fetch-dest: style
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

server: nginx
content-type: text/css
last-modified: Thu, 03 Nov 2022 17:56:49 GMT
etag: W/"636400e1-17b"
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'self'; fullscreen 'self'; payment 'none'
content-encoding: gzip
content-length: 174
date: Thu, 16 Jan 2025 18:47:29 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; fullscreen 'self' https://www.youtube.com https://mediastream.microsoft.com; payment 'none'
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https:
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
GET

https://visualstudio.microsoft.com/wp-content/themes/Avada/assets/css/media/min-768-max-1024-l.min.css?ver=7.11.11

firefox.exe

Remote address:

2.22.247.97:443

Request

GET /wp-content/themes/Avada/assets/css/media/min-768-max-1024-l.min.css?ver=7.11.11 HTTP/2.0
host: visualstudio.microsoft.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: text/css,*/*;q=0.1
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://visualstudio.microsoft.com/
cookie: MicrosoftApplicationsTelemetryDeviceId=aaf3ffe8-bb75-4ff0-9d39-084e1b8f248f
cookie: ai_session=3n6sBbR9Gd8poVAuRJW4ek|1737053248943|1737053248943
sec-fetch-dest: style
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

server: nginx
content-type: text/css
last-modified: Thu, 03 Nov 2022 17:56:00 GMT
etag: W/"636400b0-4bf"
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'self'; fullscreen 'self'; payment 'none'
content-encoding: gzip
content-length: 391
date: Thu, 16 Jan 2025 18:47:29 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; fullscreen 'self' https://www.youtube.com https://mediastream.microsoft.com; payment 'none'
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https:
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
GET

https://visualstudio.microsoft.com/wp-content/plugins/fusion-builder/assets/css/media/max-640.min.css?ver=3.11.11

firefox.exe

Remote address:

2.22.247.97:443

Request

GET /wp-content/plugins/fusion-builder/assets/css/media/max-640.min.css?ver=3.11.11 HTTP/2.0
host: visualstudio.microsoft.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: text/css,*/*;q=0.1
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://visualstudio.microsoft.com/
cookie: MicrosoftApplicationsTelemetryDeviceId=aaf3ffe8-bb75-4ff0-9d39-084e1b8f248f
cookie: ai_session=3n6sBbR9Gd8poVAuRJW4ek|1737053248943|1737053248943
sec-fetch-dest: style
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

server: nginx
content-type: text/css
last-modified: Thu, 03 Nov 2022 17:56:49 GMT
etag: W/"636400e1-79e"
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'self'; fullscreen 'self'; payment 'none'
content-encoding: gzip
content-length: 303
date: Thu, 16 Jan 2025 18:47:29 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; fullscreen 'self' https://www.youtube.com https://mediastream.microsoft.com; payment 'none'
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https:
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
GET

https://visualstudio.microsoft.com/wp-content/themes/Avada/assets/css/media/min-3c-max-4c.min.css?ver=7.11.11

firefox.exe

Remote address:

2.22.247.97:443

Request

GET /wp-content/themes/Avada/assets/css/media/min-3c-max-4c.min.css?ver=7.11.11 HTTP/2.0
host: visualstudio.microsoft.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: text/css,*/*;q=0.1
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://visualstudio.microsoft.com/
cookie: MicrosoftApplicationsTelemetryDeviceId=aaf3ffe8-bb75-4ff0-9d39-084e1b8f248f
cookie: ai_session=3n6sBbR9Gd8poVAuRJW4ek|1737053248943|1737053248943
sec-fetch-dest: style
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

server: nginx
content-type: text/css
last-modified: Thu, 03 Nov 2022 17:56:49 GMT
etag: W/"636400e1-373"
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'self'; fullscreen 'self'; payment 'none'
content-encoding: gzip
content-length: 169
date: Thu, 16 Jan 2025 18:47:29 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; fullscreen 'self' https://www.youtube.com https://mediastream.microsoft.com; payment 'none'
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https:
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
GET

https://visualstudio.microsoft.com/wp-content/themes/Avada/assets/css/media/min-768-max-1024-l-header-legacy.min.css?ver=7.11.11

firefox.exe

Remote address:

2.22.247.97:443

Request

GET /wp-content/themes/Avada/assets/css/media/min-768-max-1024-l-header-legacy.min.css?ver=7.11.11 HTTP/2.0
host: visualstudio.microsoft.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: text/css,*/*;q=0.1
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://visualstudio.microsoft.com/
cookie: MicrosoftApplicationsTelemetryDeviceId=aaf3ffe8-bb75-4ff0-9d39-084e1b8f248f
cookie: ai_session=3n6sBbR9Gd8poVAuRJW4ek|1737053248943|1737053248943
sec-fetch-dest: style
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

server: nginx
content-type: text/css
last-modified: Thu, 03 Nov 2022 17:56:49 GMT
etag: W/"636400e1-557"
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'self'; fullscreen 'self'; payment 'none'
content-encoding: gzip
content-length: 252
date: Thu, 16 Jan 2025 18:47:29 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; fullscreen 'self' https://www.youtube.com https://mediastream.microsoft.com; payment 'none'
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https:
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
GET

https://visualstudio.microsoft.com/wp-content/themes/Avada/assets/css/media/min-4c-max-5c.min.css?ver=7.11.11

firefox.exe

Remote address:

2.22.247.97:443

Request

GET /wp-content/themes/Avada/assets/css/media/min-4c-max-5c.min.css?ver=7.11.11 HTTP/2.0
host: visualstudio.microsoft.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: text/css,*/*;q=0.1
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://visualstudio.microsoft.com/
cookie: MicrosoftApplicationsTelemetryDeviceId=aaf3ffe8-bb75-4ff0-9d39-084e1b8f248f
cookie: ai_session=3n6sBbR9Gd8poVAuRJW4ek|1737053248943|1737053248943
sec-fetch-dest: style
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

server: nginx
content-type: text/css
last-modified: Thu, 03 Nov 2022 17:56:00 GMT
etag: "636400b0-e6"
access-control-allow-origin: *
accept-ranges: bytes
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'self'; fullscreen 'self'; payment 'none'
content-encoding: gzip
content-length: 112
date: Thu, 16 Jan 2025 18:47:29 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; fullscreen 'self' https://www.youtube.com https://mediastream.microsoft.com; payment 'none'
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https:
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
GET

https://visualstudio.microsoft.com/wp-content/plugins/fusion-builder/assets/css/media/max-2c.css?ver=3.11.11

firefox.exe

Remote address:

2.22.247.97:443

Request

GET /wp-content/plugins/fusion-builder/assets/css/media/max-2c.css?ver=3.11.11 HTTP/2.0
host: visualstudio.microsoft.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: text/css,*/*;q=0.1
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://visualstudio.microsoft.com/
cookie: MicrosoftApplicationsTelemetryDeviceId=aaf3ffe8-bb75-4ff0-9d39-084e1b8f248f
cookie: ai_session=3n6sBbR9Gd8poVAuRJW4ek|1737053248943|1737053248943
sec-fetch-dest: style
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

server: nginx
content-type: text/css
last-modified: Tue, 10 Jan 2023 17:34:12 GMT
etag: W/"63bda194-5ec"
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'self'; fullscreen 'self'; payment 'none'
content-encoding: gzip
content-length: 276
date: Thu, 16 Jan 2025 18:47:29 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; fullscreen 'self' https://www.youtube.com https://mediastream.microsoft.com; payment 'none'
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https:
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
GET

https://visualstudio.microsoft.com/wp-content/plugins/fusion-builder/assets/css/media/tabs-sm.min.css?ver=7.11.11

firefox.exe

Remote address:

2.22.247.97:443

Request

GET /wp-content/plugins/fusion-builder/assets/css/media/tabs-sm.min.css?ver=7.11.11 HTTP/2.0
host: visualstudio.microsoft.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: text/css,*/*;q=0.1
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://visualstudio.microsoft.com/
cookie: MicrosoftApplicationsTelemetryDeviceId=aaf3ffe8-bb75-4ff0-9d39-084e1b8f248f
cookie: ai_session=3n6sBbR9Gd8poVAuRJW4ek|1737053248943|1737053248943
sec-fetch-dest: style
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

server: nginx
content-type: text/css
last-modified: Thu, 03 Nov 2022 17:56:49 GMT
etag: "636400e1-60"
access-control-allow-origin: *
accept-ranges: bytes
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'self'; fullscreen 'self'; payment 'none'
content-encoding: gzip
content-length: 108
date: Thu, 16 Jan 2025 18:47:29 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; fullscreen 'self' https://www.youtube.com https://mediastream.microsoft.com; payment 'none'
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https:
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
GET

https://visualstudio.microsoft.com/wp-content/themes/Avada/assets/css/media/max-shbp.min.css?ver=7.11.11

firefox.exe

Remote address:

2.22.247.97:443

Request

GET /wp-content/themes/Avada/assets/css/media/max-shbp.min.css?ver=7.11.11 HTTP/2.0
host: visualstudio.microsoft.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: text/css,*/*;q=0.1
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://visualstudio.microsoft.com/
cookie: MicrosoftApplicationsTelemetryDeviceId=aaf3ffe8-bb75-4ff0-9d39-084e1b8f248f
cookie: ai_session=3n6sBbR9Gd8poVAuRJW4ek|1737053248943|1737053248943
sec-fetch-dest: style
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

server: nginx
content-type: text/css
last-modified: Thu, 03 Nov 2022 17:56:49 GMT
etag: W/"636400e1-711"
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'self'; fullscreen 'self'; payment 'none'
content-encoding: gzip
content-length: 280
date: Thu, 16 Jan 2025 18:47:29 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; fullscreen 'self' https://www.youtube.com https://mediastream.microsoft.com; payment 'none'
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https:
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
GET

https://visualstudio.microsoft.com/wp-content/plugins/fusion-builder/assets/css/media/tabs-lg-max.min.css?ver=7.11.11

firefox.exe

Remote address:

2.22.247.97:443

Request

GET /wp-content/plugins/fusion-builder/assets/css/media/tabs-lg-max.min.css?ver=7.11.11 HTTP/2.0
host: visualstudio.microsoft.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: text/css,*/*;q=0.1
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://visualstudio.microsoft.com/
cookie: MicrosoftApplicationsTelemetryDeviceId=aaf3ffe8-bb75-4ff0-9d39-084e1b8f248f
cookie: ai_session=3n6sBbR9Gd8poVAuRJW4ek|1737053248943|1737053248943
sec-fetch-dest: style
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

server: nginx
content-type: text/css
last-modified: Thu, 03 Nov 2022 17:56:49 GMT
etag: "636400e1-3e"
access-control-allow-origin: *
accept-ranges: bytes
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'self'; fullscreen 'self'; payment 'none'
content-encoding: gzip
content-length: 77
date: Thu, 16 Jan 2025 18:47:29 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; fullscreen 'self' https://www.youtube.com https://mediastream.microsoft.com; payment 'none'
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https:
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
GET

https://visualstudio.microsoft.com/wp-content/themes/Avada/assets/css/media/max-cbp.min.css?ver=7.11.11

firefox.exe

Remote address:

2.22.247.97:443

Request

GET /wp-content/themes/Avada/assets/css/media/max-cbp.min.css?ver=7.11.11 HTTP/2.0
host: visualstudio.microsoft.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: text/css,*/*;q=0.1
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://visualstudio.microsoft.com/
cookie: MicrosoftApplicationsTelemetryDeviceId=aaf3ffe8-bb75-4ff0-9d39-084e1b8f248f
cookie: ai_session=3n6sBbR9Gd8poVAuRJW4ek|1737053248943|1737053248943
sec-fetch-dest: style
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

server: nginx
content-type: text/css
last-modified: Tue, 10 Jan 2023 17:34:12 GMT
etag: "63bda194-9e"
access-control-allow-origin: *
accept-ranges: bytes
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'self'; fullscreen 'self'; payment 'none'
content-encoding: gzip
content-length: 111
date: Thu, 16 Jan 2025 18:47:29 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; fullscreen 'self' https://www.youtube.com https://mediastream.microsoft.com; payment 'none'
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https:
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
GET

https://visualstudio.microsoft.com/wp-content/plugins/fusion-builder/assets/css/media/min-2c-max-3c.css?ver=3.11.11

firefox.exe

Remote address:

2.22.247.97:443

Request

GET /wp-content/plugins/fusion-builder/assets/css/media/min-2c-max-3c.css?ver=3.11.11 HTTP/2.0
host: visualstudio.microsoft.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: text/css,*/*;q=0.1
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://visualstudio.microsoft.com/
cookie: MicrosoftApplicationsTelemetryDeviceId=aaf3ffe8-bb75-4ff0-9d39-084e1b8f248f
cookie: ai_session=3n6sBbR9Gd8poVAuRJW4ek|1737053248943|1737053248943
sec-fetch-dest: style
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

server: nginx
content-type: text/css
last-modified: Thu, 03 Nov 2022 17:56:49 GMT
etag: W/"636400e1-5c6f"
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'self'; fullscreen 'self'; payment 'none'
content-encoding: gzip
content-length: 2280
date: Thu, 16 Jan 2025 18:47:29 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; fullscreen 'self' https://www.youtube.com https://mediastream.microsoft.com; payment 'none'
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https:
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
GET

https://visualstudio.microsoft.com/wp-content/plugins/fusion-builder/assets/css/media/min-5c-max-6c.css?ver=3.11.11

firefox.exe

Remote address:

2.22.247.97:443

Request

GET /wp-content/plugins/fusion-builder/assets/css/media/min-5c-max-6c.css?ver=3.11.11 HTTP/2.0
host: visualstudio.microsoft.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: text/css,*/*;q=0.1
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://visualstudio.microsoft.com/
cookie: MicrosoftApplicationsTelemetryDeviceId=aaf3ffe8-bb75-4ff0-9d39-084e1b8f248f
cookie: ai_session=3n6sBbR9Gd8poVAuRJW4ek|1737053248943|1737053248943
sec-fetch-dest: style
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

server: nginx
content-type: text/css
last-modified: Thu, 03 Nov 2022 17:56:49 GMT
etag: "636400e1-90"
access-control-allow-origin: *
accept-ranges: bytes
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'self'; fullscreen 'self'; payment 'none'
content-encoding: gzip
content-length: 115
date: Thu, 16 Jan 2025 18:47:30 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; fullscreen 'self' https://www.youtube.com https://mediastream.microsoft.com; payment 'none'
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https:
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
GET

https://visualstudio.microsoft.com/wp-content/themes/Avada/assets/css/media/max-shbp-32.min.css?ver=7.11.11

firefox.exe

Remote address:

2.22.247.97:443

Request

GET /wp-content/themes/Avada/assets/css/media/max-shbp-32.min.css?ver=7.11.11 HTTP/2.0
host: visualstudio.microsoft.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: text/css,*/*;q=0.1
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://visualstudio.microsoft.com/
cookie: MicrosoftApplicationsTelemetryDeviceId=aaf3ffe8-bb75-4ff0-9d39-084e1b8f248f
cookie: ai_session=3n6sBbR9Gd8poVAuRJW4ek|1737053248943|1737053248943
sec-fetch-dest: style
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

server: nginx
content-type: text/css
last-modified: Tue, 10 Jan 2023 17:34:12 GMT
etag: W/"63bda194-366"
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'self'; fullscreen 'self'; payment 'none'
content-encoding: gzip
content-length: 343
date: Thu, 16 Jan 2025 18:47:30 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; fullscreen 'self' https://www.youtube.com https://mediastream.microsoft.com; payment 'none'
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https:
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
GET

https://visualstudio.microsoft.com/wp-content/plugins/fusion-builder/assets/css/media/meta-sm.min.css?ver=7.11.11

firefox.exe

Remote address:

2.22.247.97:443

Request

GET /wp-content/plugins/fusion-builder/assets/css/media/meta-sm.min.css?ver=7.11.11 HTTP/2.0
host: visualstudio.microsoft.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: text/css,*/*;q=0.1
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://visualstudio.microsoft.com/
cookie: MicrosoftApplicationsTelemetryDeviceId=aaf3ffe8-bb75-4ff0-9d39-084e1b8f248f
cookie: ai_session=3n6sBbR9Gd8poVAuRJW4ek|1737053248943|1737053248943
sec-fetch-dest: style
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

server: nginx
content-type: text/css
last-modified: Thu, 03 Nov 2022 17:56:00 GMT
etag: W/"636400b0-246"
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'self'; fullscreen 'self'; payment 'none'
content-encoding: gzip
content-length: 154
date: Thu, 16 Jan 2025 18:47:30 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; fullscreen 'self' https://www.youtube.com https://mediastream.microsoft.com; payment 'none'
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https:
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
GET

https://visualstudio.microsoft.com/wp-content/themes/Avada/assets/css/media/max-sh-shbp-header-legacy.min.css?ver=7.11.11

firefox.exe

Remote address:

2.22.247.97:443

Request

GET /wp-content/themes/Avada/assets/css/media/max-sh-shbp-header-legacy.min.css?ver=7.11.11 HTTP/2.0
host: visualstudio.microsoft.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: text/css,*/*;q=0.1
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://visualstudio.microsoft.com/
cookie: MicrosoftApplicationsTelemetryDeviceId=aaf3ffe8-bb75-4ff0-9d39-084e1b8f248f
cookie: ai_session=3n6sBbR9Gd8poVAuRJW4ek|1737053248943|1737053248943
sec-fetch-dest: style
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

server: nginx
content-type: text/css
last-modified: Thu, 03 Nov 2022 17:56:00 GMT
etag: W/"636400b0-138"
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'self'; fullscreen 'self'; payment 'none'
content-encoding: gzip
content-length: 122
date: Thu, 16 Jan 2025 18:47:30 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; fullscreen 'self' https://www.youtube.com https://mediastream.microsoft.com; payment 'none'
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https:
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
GET

https://visualstudio.microsoft.com/wp-content/plugins/fusion-builder/assets/css/media/min-4c-max-5c.css?ver=3.11.11

firefox.exe

Remote address:

2.22.247.97:443

Request

GET /wp-content/plugins/fusion-builder/assets/css/media/min-4c-max-5c.css?ver=3.11.11 HTTP/2.0
host: visualstudio.microsoft.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: text/css,*/*;q=0.1
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://visualstudio.microsoft.com/
cookie: MicrosoftApplicationsTelemetryDeviceId=aaf3ffe8-bb75-4ff0-9d39-084e1b8f248f
cookie: ai_session=3n6sBbR9Gd8poVAuRJW4ek|1737053248943|1737053248943
sec-fetch-dest: style
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

server: nginx
content-type: text/css
last-modified: Thu, 03 Nov 2022 17:56:00 GMT
etag: W/"636400b0-1f8"
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'self'; fullscreen 'self'; payment 'none'
content-encoding: gzip
content-length: 140
date: Thu, 16 Jan 2025 18:47:30 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; fullscreen 'self' https://www.youtube.com https://mediastream.microsoft.com; payment 'none'
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https:
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
GET

https://visualstudio.microsoft.com/wp-content/themes/Avada/assets/css/media/min-768-max-1024-p-header-legacy.min.css?ver=7.11.11

firefox.exe

Remote address:

2.22.247.97:443

Request

GET /wp-content/themes/Avada/assets/css/media/min-768-max-1024-p-header-legacy.min.css?ver=7.11.11 HTTP/2.0
host: visualstudio.microsoft.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: text/css,*/*;q=0.1
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://visualstudio.microsoft.com/
cookie: MicrosoftApplicationsTelemetryDeviceId=aaf3ffe8-bb75-4ff0-9d39-084e1b8f248f
cookie: ai_session=3n6sBbR9Gd8poVAuRJW4ek|1737053248943|1737053248943
sec-fetch-dest: style
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

server: nginx
content-type: text/css
last-modified: Thu, 03 Nov 2022 17:56:49 GMT
etag: W/"636400e1-630"
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'self'; fullscreen 'self'; payment 'none'
content-encoding: gzip
content-length: 272
date: Thu, 16 Jan 2025 18:47:30 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; fullscreen 'self' https://www.youtube.com https://mediastream.microsoft.com; payment 'none'
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https:
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
GET

https://visualstudio.microsoft.com/wp-content/plugins/fusion-builder/assets/css/media/image-sm.min.css?ver=7.11.11

firefox.exe

Remote address:

2.22.247.97:443

Request

GET /wp-content/plugins/fusion-builder/assets/css/media/image-sm.min.css?ver=7.11.11 HTTP/2.0
host: visualstudio.microsoft.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: text/css,*/*;q=0.1
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://visualstudio.microsoft.com/
cookie: MicrosoftApplicationsTelemetryDeviceId=aaf3ffe8-bb75-4ff0-9d39-084e1b8f248f
cookie: ai_session=3n6sBbR9Gd8poVAuRJW4ek|1737053248943|1737053248943
sec-fetch-dest: style
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

server: nginx
content-type: text/css
last-modified: Tue, 10 Jan 2023 17:34:13 GMT
etag: W/"63bda195-1a6"
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'self'; fullscreen 'self'; payment 'none'
content-encoding: gzip
content-length: 135
date: Thu, 16 Jan 2025 18:47:30 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; fullscreen 'self' https://www.youtube.com https://mediastream.microsoft.com; payment 'none'
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https:
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
GET

https://visualstudio.microsoft.com/wp-content/plugins/fusion-builder/assets/css/media/title-md.min.css?ver=3.11.11

firefox.exe

Remote address:

2.22.247.97:443

Request

GET /wp-content/plugins/fusion-builder/assets/css/media/title-md.min.css?ver=3.11.11 HTTP/2.0
host: visualstudio.microsoft.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: text/css,*/*;q=0.1
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://visualstudio.microsoft.com/
cookie: MicrosoftApplicationsTelemetryDeviceId=aaf3ffe8-bb75-4ff0-9d39-084e1b8f248f
cookie: ai_session=3n6sBbR9Gd8poVAuRJW4ek|1737053248943|1737053248943
sec-fetch-dest: style
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

server: nginx
content-type: text/css
last-modified: Thu, 30 Mar 2023 17:50:41 GMT
etag: W/"6425cbf1-2f9b"
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'self'; fullscreen 'self'; payment 'none'
content-encoding: gzip
content-length: 2399
date: Thu, 16 Jan 2025 18:47:30 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; fullscreen 'self' https://www.youtube.com https://mediastream.microsoft.com; payment 'none'
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https:
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
GET

https://visualstudio.microsoft.com/wp-content/themes/Avada/assets/css/media/min-768-max-1024-p.min.css?ver=7.11.11

firefox.exe

Remote address:

2.22.247.97:443

Request

GET /wp-content/themes/Avada/assets/css/media/min-768-max-1024-p.min.css?ver=7.11.11 HTTP/2.0
host: visualstudio.microsoft.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: text/css,*/*;q=0.1
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://visualstudio.microsoft.com/
cookie: MicrosoftApplicationsTelemetryDeviceId=aaf3ffe8-bb75-4ff0-9d39-084e1b8f248f
cookie: ai_session=3n6sBbR9Gd8poVAuRJW4ek|1737053248943|1737053248943
sec-fetch-dest: style
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

server: nginx
content-type: text/css
last-modified: Tue, 11 Jul 2023 16:32:06 GMT
etag: W/"64ad8406-7a2"
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'self'; fullscreen 'self'; payment 'none'
content-encoding: gzip
content-length: 581
date: Thu, 16 Jan 2025 18:47:30 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; fullscreen 'self' https://www.youtube.com https://mediastream.microsoft.com; payment 'none'
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https:
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
GET

https://visualstudio.microsoft.com/wp-content/plugins/fusion-builder/assets/css/media/max-sh-cbp.min.css?ver=3.11.11

firefox.exe

Remote address:

2.22.247.97:443

Request

GET /wp-content/plugins/fusion-builder/assets/css/media/max-sh-cbp.min.css?ver=3.11.11 HTTP/2.0
host: visualstudio.microsoft.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: text/css,*/*;q=0.1
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://visualstudio.microsoft.com/
cookie: MicrosoftApplicationsTelemetryDeviceId=aaf3ffe8-bb75-4ff0-9d39-084e1b8f248f
cookie: ai_session=3n6sBbR9Gd8poVAuRJW4ek|1737053248943|1737053248943
sec-fetch-dest: style
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

server: nginx
content-type: text/css
last-modified: Thu, 03 Nov 2022 17:55:59 GMT
etag: "636400af-4b"
access-control-allow-origin: *
accept-ranges: bytes
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'self'; fullscreen 'self'; payment 'none'
content-encoding: gzip
content-length: 85
date: Thu, 16 Jan 2025 18:47:30 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; fullscreen 'self' https://www.youtube.com https://mediastream.microsoft.com; payment 'none'
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https:
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
GET

https://visualstudio.microsoft.com/wp-content/plugins/fusion-builder/assets/css/media/max-1c.css?ver=3.11.11

firefox.exe

Remote address:

2.22.247.97:443

Request

GET /wp-content/plugins/fusion-builder/assets/css/media/max-1c.css?ver=3.11.11 HTTP/2.0
host: visualstudio.microsoft.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: text/css,*/*;q=0.1
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://visualstudio.microsoft.com/
cookie: MicrosoftApplicationsTelemetryDeviceId=aaf3ffe8-bb75-4ff0-9d39-084e1b8f248f
cookie: ai_session=3n6sBbR9Gd8poVAuRJW4ek|1737053248943|1737053248943
sec-fetch-dest: style
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

server: nginx
content-type: text/css
last-modified: Tue, 10 Jan 2023 17:34:12 GMT
etag: W/"63bda194-186"
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'self'; fullscreen 'self'; payment 'none'
content-encoding: gzip
content-length: 134
date: Thu, 16 Jan 2025 18:47:30 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; fullscreen 'self' https://www.youtube.com https://mediastream.microsoft.com; payment 'none'
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https:
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
GET

https://visualstudio.microsoft.com/wp-content/plugins/fusion-builder/assets/css/media/image-md.min.css?ver=7.11.11

firefox.exe

Remote address:

2.22.247.97:443

Request

GET /wp-content/plugins/fusion-builder/assets/css/media/image-md.min.css?ver=7.11.11 HTTP/2.0
host: visualstudio.microsoft.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: text/css,*/*;q=0.1
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://visualstudio.microsoft.com/
cookie: MicrosoftApplicationsTelemetryDeviceId=aaf3ffe8-bb75-4ff0-9d39-084e1b8f248f
cookie: ai_session=3n6sBbR9Gd8poVAuRJW4ek|1737053248943|1737053248943
sec-fetch-dest: style
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

server: nginx
content-type: text/css
last-modified: Tue, 11 Jul 2023 16:32:06 GMT
etag: W/"64ad8406-81a"
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'self'; fullscreen 'self'; payment 'none'
content-encoding: gzip
content-length: 380
date: Thu, 16 Jan 2025 18:47:30 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; fullscreen 'self' https://www.youtube.com https://mediastream.microsoft.com; payment 'none'
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https:
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
GET

https://visualstudio.microsoft.com/wp-content/plugins/fusion-builder/assets/css/media/fullwidth-sm.min.css?ver=3.11.11

firefox.exe

Remote address:

2.22.247.97:443

Request

GET /wp-content/plugins/fusion-builder/assets/css/media/fullwidth-sm.min.css?ver=3.11.11 HTTP/2.0
host: visualstudio.microsoft.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: text/css,*/*;q=0.1
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://visualstudio.microsoft.com/
cookie: MicrosoftApplicationsTelemetryDeviceId=aaf3ffe8-bb75-4ff0-9d39-084e1b8f248f
cookie: ai_session=3n6sBbR9Gd8poVAuRJW4ek|1737053248943|1737053248943
sec-fetch-dest: style
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

server: nginx
content-type: text/css
last-modified: Tue, 10 Jan 2023 17:34:26 GMT
etag: W/"63bda1a2-b45"
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'self'; fullscreen 'self'; payment 'none'
content-encoding: gzip
content-length: 957
date: Thu, 16 Jan 2025 18:47:30 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; fullscreen 'self' https://www.youtube.com https://mediastream.microsoft.com; payment 'none'
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https:
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
GET

https://visualstudio.microsoft.com/wp-content/plugins/fusion-builder/assets/css/media/section-separator-md.min.css?ver=3.11.11

firefox.exe

Remote address:

2.22.247.97:443

Request

GET /wp-content/plugins/fusion-builder/assets/css/media/section-separator-md.min.css?ver=3.11.11 HTTP/2.0
host: visualstudio.microsoft.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: text/css,*/*;q=0.1
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://visualstudio.microsoft.com/
cookie: MicrosoftApplicationsTelemetryDeviceId=aaf3ffe8-bb75-4ff0-9d39-084e1b8f248f
cookie: ai_session=3n6sBbR9Gd8poVAuRJW4ek|1737053248943|1737053248943
sec-fetch-dest: style
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

server: nginx
content-type: text/css
last-modified: Thu, 03 Nov 2022 17:56:49 GMT
etag: W/"636400e1-11e"
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'self'; fullscreen 'self'; payment 'none'
content-encoding: gzip
content-length: 184
date: Thu, 16 Jan 2025 18:47:30 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; fullscreen 'self' https://www.youtube.com https://mediastream.microsoft.com; payment 'none'
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https:
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
GET

https://visualstudio.microsoft.com/wp-content/themes/Avada/assets/css/media/max-sh-640.min.css?ver=7.11.11

firefox.exe

Remote address:

2.22.247.97:443

Request

GET /wp-content/themes/Avada/assets/css/media/max-sh-640.min.css?ver=7.11.11 HTTP/2.0
host: visualstudio.microsoft.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: text/css,*/*;q=0.1
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://visualstudio.microsoft.com/
cookie: MicrosoftApplicationsTelemetryDeviceId=aaf3ffe8-bb75-4ff0-9d39-084e1b8f248f
cookie: ai_session=3n6sBbR9Gd8poVAuRJW4ek|1737053248943|1737053248943
sec-fetch-dest: style
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

server: nginx
content-type: text/css
last-modified: Tue, 10 Jan 2023 17:34:12 GMT
etag: W/"63bda194-3d5"
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'self'; fullscreen 'self'; payment 'none'
content-encoding: gzip
content-length: 220
date: Thu, 16 Jan 2025 18:47:30 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; fullscreen 'self' https://www.youtube.com https://mediastream.microsoft.com; payment 'none'
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https:
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
GET

https://visualstudio.microsoft.com/wp-content/themes/Avada/assets/css/media/max-640.min.css?ver=7.11.11

firefox.exe

Remote address:

2.22.247.97:443

Request

GET /wp-content/themes/Avada/assets/css/media/max-640.min.css?ver=7.11.11 HTTP/2.0
host: visualstudio.microsoft.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: text/css,*/*;q=0.1
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://visualstudio.microsoft.com/
cookie: MicrosoftApplicationsTelemetryDeviceId=aaf3ffe8-bb75-4ff0-9d39-084e1b8f248f
cookie: ai_session=3n6sBbR9Gd8poVAuRJW4ek|1737053248943|1737053248943
sec-fetch-dest: style
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

server: nginx
content-type: text/css
last-modified: Tue, 10 Jan 2023 17:34:12 GMT
etag: W/"63bda194-2d7"
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'self'; fullscreen 'self'; payment 'none'
content-encoding: gzip
content-length: 211
date: Thu, 16 Jan 2025 18:47:30 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; fullscreen 'self' https://www.youtube.com https://mediastream.microsoft.com; payment 'none'
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https:
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
GET

https://visualstudio.microsoft.com/wp-content/plugins/fusion-builder/assets/css/media/layout-columns-sm.min.css?ver=3.11.11

firefox.exe

Remote address:

2.22.247.97:443

Request

GET /wp-content/plugins/fusion-builder/assets/css/media/layout-columns-sm.min.css?ver=3.11.11 HTTP/2.0
host: visualstudio.microsoft.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: text/css,*/*;q=0.1
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://visualstudio.microsoft.com/
cookie: MicrosoftApplicationsTelemetryDeviceId=aaf3ffe8-bb75-4ff0-9d39-084e1b8f248f
cookie: ai_session=3n6sBbR9Gd8poVAuRJW4ek|1737053248943|1737053248943
sec-fetch-dest: style
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

server: nginx
content-type: text/css
last-modified: Thu, 03 Nov 2022 17:56:49 GMT
etag: W/"636400e1-91b"
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'self'; fullscreen 'self'; payment 'none'
content-encoding: gzip
content-length: 726
date: Thu, 16 Jan 2025 18:47:30 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; fullscreen 'self' https://www.youtube.com https://mediastream.microsoft.com; payment 'none'
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https:
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
GET

https://visualstudio.microsoft.com/wp-content/themes/Avada/assets/css/media/max-shbp-18.min.css?ver=7.11.11

firefox.exe

Remote address:

2.22.247.97:443

Request

GET /wp-content/themes/Avada/assets/css/media/max-shbp-18.min.css?ver=7.11.11 HTTP/2.0
host: visualstudio.microsoft.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: text/css,*/*;q=0.1
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://visualstudio.microsoft.com/
cookie: MicrosoftApplicationsTelemetryDeviceId=aaf3ffe8-bb75-4ff0-9d39-084e1b8f248f
cookie: ai_session=3n6sBbR9Gd8poVAuRJW4ek|1737053248943|1737053248943
sec-fetch-dest: style
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

server: nginx
content-type: text/css
last-modified: Tue, 10 Jan 2023 17:34:12 GMT
etag: W/"63bda194-3b3"
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'self'; fullscreen 'self'; payment 'none'
content-encoding: gzip
content-length: 215
date: Thu, 16 Jan 2025 18:47:30 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; fullscreen 'self' https://www.youtube.com https://mediastream.microsoft.com; payment 'none'
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https:
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
GET

https://visualstudio.microsoft.com/wp-content/plugins/fusion-builder/assets/css/media/section-separator-sm.min.css?ver=3.11.11

firefox.exe

Remote address:

2.22.247.97:443

Request

GET /wp-content/plugins/fusion-builder/assets/css/media/section-separator-sm.min.css?ver=3.11.11 HTTP/2.0
host: visualstudio.microsoft.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: text/css,*/*;q=0.1
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://visualstudio.microsoft.com/
cookie: MicrosoftApplicationsTelemetryDeviceId=aaf3ffe8-bb75-4ff0-9d39-084e1b8f248f
cookie: ai_session=3n6sBbR9Gd8poVAuRJW4ek|1737053248943|1737053248943
sec-fetch-dest: style
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

server: nginx
content-type: text/css
last-modified: Tue, 11 Jul 2023 16:32:06 GMT
etag: W/"64ad8406-b73"
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'self'; fullscreen 'self'; payment 'none'
content-encoding: gzip
content-length: 565
date: Thu, 16 Jan 2025 18:47:30 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; fullscreen 'self' https://www.youtube.com https://mediastream.microsoft.com; payment 'none'
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https:
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
GET

https://visualstudio.microsoft.com/wp-content/plugins/fusion-builder/assets/css/media/layout-columns-md.min.css?ver=3.11.11

firefox.exe

Remote address:

2.22.247.97:443

Request

GET /wp-content/plugins/fusion-builder/assets/css/media/layout-columns-md.min.css?ver=3.11.11 HTTP/2.0
host: visualstudio.microsoft.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: text/css,*/*;q=0.1
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://visualstudio.microsoft.com/
cookie: MicrosoftApplicationsTelemetryDeviceId=aaf3ffe8-bb75-4ff0-9d39-084e1b8f248f
cookie: ai_session=3n6sBbR9Gd8poVAuRJW4ek|1737053248943|1737053248943
sec-fetch-dest: style
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

server: nginx
content-type: text/css
last-modified: Thu, 03 Nov 2022 17:56:00 GMT
etag: W/"636400b0-234"
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'self'; fullscreen 'self'; payment 'none'
content-encoding: gzip
content-length: 144
date: Thu, 16 Jan 2025 18:47:30 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; fullscreen 'self' https://www.youtube.com https://mediastream.microsoft.com; payment 'none'
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https:
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
GET

https://visualstudio.microsoft.com/wp-content/plugins/fusion-builder/assets/css/media/min-3c-max-4c.css?ver=3.11.11

firefox.exe

Remote address:

2.22.247.97:443

Request

GET /wp-content/plugins/fusion-builder/assets/css/media/min-3c-max-4c.css?ver=3.11.11 HTTP/2.0
host: visualstudio.microsoft.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: text/css,*/*;q=0.1
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://visualstudio.microsoft.com/
cookie: MicrosoftApplicationsTelemetryDeviceId=aaf3ffe8-bb75-4ff0-9d39-084e1b8f248f
cookie: ai_session=3n6sBbR9Gd8poVAuRJW4ek|1737053248943|1737053248943
sec-fetch-dest: style
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

server: nginx
content-type: text/css
last-modified: Thu, 03 Nov 2022 17:56:49 GMT
etag: W/"636400e1-3fd"
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'self'; fullscreen 'self'; payment 'none'
content-encoding: gzip
content-length: 214
date: Thu, 16 Jan 2025 18:47:30 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; fullscreen 'self' https://www.youtube.com https://mediastream.microsoft.com; payment 'none'
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https:
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
GET

https://visualstudio.microsoft.com/wp-content/plugins/fusion-builder/assets/css/media/title-sm.min.css?ver=3.11.11

firefox.exe

Remote address:

2.22.247.97:443

Request

GET /wp-content/plugins/fusion-builder/assets/css/media/title-sm.min.css?ver=3.11.11 HTTP/2.0
host: visualstudio.microsoft.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: text/css,*/*;q=0.1
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://visualstudio.microsoft.com/
cookie: MicrosoftApplicationsTelemetryDeviceId=aaf3ffe8-bb75-4ff0-9d39-084e1b8f248f
cookie: ai_session=3n6sBbR9Gd8poVAuRJW4ek|1737053248943|1737053248943
sec-fetch-dest: style
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

server: nginx
content-type: image/svg+xml
last-modified: Mon, 12 Dec 2022 20:35:27 GMT
etag: W/"6397908f-2f5"
x-wpe-request-id: 7ae72dda69bf86f0f119c53acab8f33d
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'self'; fullscreen 'self'; payment 'none'
content-encoding: gzip
content-length: 417
cache-control: public, max-age=30936513
date: Thu, 16 Jan 2025 18:47:30 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; fullscreen 'self' https://www.youtube.com https://mediastream.microsoft.com; payment 'none'
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https:
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
GET

https://visualstudio.microsoft.com/wp-content/themes/Avada/assets/css/media/max-1c.min.css?ver=7.11.11

firefox.exe

Remote address:

2.22.247.97:443

Request

GET /wp-content/themes/Avada/assets/css/media/max-1c.min.css?ver=7.11.11 HTTP/2.0
host: visualstudio.microsoft.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: text/css,*/*;q=0.1
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://visualstudio.microsoft.com/
cookie: MicrosoftApplicationsTelemetryDeviceId=aaf3ffe8-bb75-4ff0-9d39-084e1b8f248f
cookie: ai_session=3n6sBbR9Gd8poVAuRJW4ek|1737053248943|1737053248943
sec-fetch-dest: style
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

server: nginx
content-type: text/css
last-modified: Tue, 10 Jan 2023 17:34:13 GMT
etag: W/"63bda195-240"
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'self'; fullscreen 'self'; payment 'none'
content-encoding: gzip
content-length: 177
date: Thu, 16 Jan 2025 18:47:30 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; fullscreen 'self' https://www.youtube.com https://mediastream.microsoft.com; payment 'none'
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https:
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
GET

https://visualstudio.microsoft.com/wp-content/uploads/2024/05/VSCOM_hp_hero_bg.webp

firefox.exe

Remote address:

2.22.247.97:443

Request

GET /wp-content/uploads/2024/05/VSCOM_hp_hero_bg.webp HTTP/2.0
host: visualstudio.microsoft.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: image/avif,image/webp,*/*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://visualstudio.microsoft.com/wp-content/uploads/fusion-styles/01f4b874d13e53a477abac6bfaecdb85.min.css?ver=3.11.11
cookie: MicrosoftApplicationsTelemetryDeviceId=aaf3ffe8-bb75-4ff0-9d39-084e1b8f248f
cookie: ai_session=3n6sBbR9Gd8poVAuRJW4ek|1737053248943|1737053248943
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

server: nginx
content-type: image/webp
last-modified: Mon, 02 Dec 2024 22:30:59 GMT
etag: "674e3523-b8f0"
access-control-allow-origin: *
accept-ranges: bytes
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'self'; fullscreen 'self'; payment 'none'
vary: Accept-Encoding
content-encoding: gzip
cache-control: public, max-age=30936365
date: Thu, 16 Jan 2025 18:47:30 GMT
content-length: 47377
x-frame-options: SAMEORIGIN
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; fullscreen 'self' https://www.youtube.com https://mediastream.microsoft.com; payment 'none'
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https:
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
GET

https://visualstudio.microsoft.com/wp-content/uploads/2022/11/VSCOM-Shape.svg

firefox.exe

Remote address:

2.22.247.97:443

Request

GET /wp-content/uploads/2022/11/VSCOM-Shape.svg HTTP/2.0
host: visualstudio.microsoft.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: image/avif,image/webp,*/*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://visualstudio.microsoft.com/wp-content/uploads/fusion-styles/01f4b874d13e53a477abac6bfaecdb85.min.css?ver=3.11.11
cookie: MicrosoftApplicationsTelemetryDeviceId=aaf3ffe8-bb75-4ff0-9d39-084e1b8f248f
cookie: ai_session=3n6sBbR9Gd8poVAuRJW4ek|1737053248943|1737053248943
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

server: nginx
content-type: image/webp
last-modified: Mon, 18 Nov 2024 19:09:25 GMT
etag: "673b90e5-2e62"
access-control-allow-origin: *
accept-ranges: bytes
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'self'; fullscreen 'self'; payment 'none'
content-encoding: gzip
content-length: 10659
cache-control: public, max-age=30936520
date: Thu, 16 Jan 2025 18:47:30 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; fullscreen 'self' https://www.youtube.com https://mediastream.microsoft.com; payment 'none'
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https:
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
GET

https://visualstudio.microsoft.com/wp-content/uploads/2023/10/VSCODE-Shape-3.svg

firefox.exe

Remote address:

2.22.247.97:443

Request

GET /wp-content/uploads/2023/10/VSCODE-Shape-3.svg HTTP/2.0
host: visualstudio.microsoft.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: image/avif,image/webp,*/*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://visualstudio.microsoft.com/wp-content/uploads/fusion-styles/01f4b874d13e53a477abac6bfaecdb85.min.css?ver=3.11.11
cookie: MicrosoftApplicationsTelemetryDeviceId=aaf3ffe8-bb75-4ff0-9d39-084e1b8f248f
cookie: ai_session=3n6sBbR9Gd8poVAuRJW4ek|1737053248943|1737053248943
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

server: nginx
content-type: application/octet-stream
content-length: 1736
last-modified: Tue, 13 Dec 2022 16:31:38 GMT
etag: "6398a8ea-6c8"
x-wpe-request-id: 6baa5c4baa904b35584eca48d10d5658
access-control-allow-origin: *
accept-ranges: bytes
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'self'; fullscreen 'self'; payment 'none'
cache-control: public, max-age=30936372
date: Thu, 16 Jan 2025 18:47:30 GMT
x-frame-options: SAMEORIGIN
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; fullscreen 'self' https://www.youtube.com https://mediastream.microsoft.com; payment 'none'
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https:
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
GET

https://visualstudio.microsoft.com/wp-content/uploads/2024/12/gh-azure-bkg.webp

firefox.exe

Remote address:

2.22.247.97:443

Request

GET /wp-content/uploads/2024/12/gh-azure-bkg.webp HTTP/2.0
host: visualstudio.microsoft.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: image/avif,image/webp,*/*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://visualstudio.microsoft.com/
cookie: MicrosoftApplicationsTelemetryDeviceId=aaf3ffe8-bb75-4ff0-9d39-084e1b8f248f
cookie: ai_session=3n6sBbR9Gd8poVAuRJW4ek|1737053248943|1737053248943
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

server: nginx
content-type: text/css
last-modified: Tue, 11 Jul 2023 16:32:06 GMT
etag: W/"64ad8406-c8c"
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'self'; fullscreen 'self'; payment 'none'
content-encoding: gzip
content-length: 574
date: Thu, 16 Jan 2025 18:47:30 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; fullscreen 'self' https://www.youtube.com https://mediastream.microsoft.com; payment 'none'
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https:
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
GET

https://visualstudio.microsoft.com/wp-content/uploads/2024/11/githubadobg-scaled.webp

firefox.exe

Remote address:

2.22.247.97:443

Request

GET /wp-content/uploads/2024/11/githubadobg-scaled.webp HTTP/2.0
host: visualstudio.microsoft.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: image/avif,image/webp,*/*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://visualstudio.microsoft.com/
cookie: MicrosoftApplicationsTelemetryDeviceId=aaf3ffe8-bb75-4ff0-9d39-084e1b8f248f
cookie: ai_session=3n6sBbR9Gd8poVAuRJW4ek|1737053248943|1737053248943
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

server: nginx
content-type: image/svg+xml
last-modified: Mon, 12 Dec 2022 20:36:55 GMT
etag: W/"639790e7-199b"
x-wpe-request-id: 504c51b1cf0b4b7b982480d070d1b68a
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'self'; fullscreen 'self'; payment 'none'
content-encoding: gzip
content-length: 2542
cache-control: public, max-age=30936404
date: Thu, 16 Jan 2025 18:47:30 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; fullscreen 'self' https://www.youtube.com https://mediastream.microsoft.com; payment 'none'
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https:
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
GET

https://visualstudio.microsoft.com/wp-content/uploads/2024/10/Carousel-Background.webp

firefox.exe

Remote address:

2.22.247.97:443

Request

GET /wp-content/uploads/2024/10/Carousel-Background.webp HTTP/2.0
host: visualstudio.microsoft.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: image/avif,image/webp,*/*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://visualstudio.microsoft.com/
cookie: MicrosoftApplicationsTelemetryDeviceId=aaf3ffe8-bb75-4ff0-9d39-084e1b8f248f
cookie: ai_session=3n6sBbR9Gd8poVAuRJW4ek|1737053248943|1737053248943
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

server: nginx
content-type: image/webp
last-modified: Wed, 02 Oct 2024 16:01:04 GMT
etag: "66fd6e40-4ade"
access-control-allow-origin: *
accept-ranges: bytes
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'self'; fullscreen 'self'; payment 'none'
content-encoding: gzip
content-length: 19194
cache-control: public, max-age=31482046
date: Thu, 16 Jan 2025 18:47:30 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; fullscreen 'self' https://www.youtube.com https://mediastream.microsoft.com; payment 'none'
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https:
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
GET

https://visualstudio.microsoft.com/wp-content/uploads/2022/11/vscom-icon-cloud-bg.svg

firefox.exe

Remote address:

2.22.247.97:443

Request

GET /wp-content/uploads/2022/11/vscom-icon-cloud-bg.svg HTTP/2.0
host: visualstudio.microsoft.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: image/avif,image/webp,*/*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://visualstudio.microsoft.com/wp-content/uploads/fusion-styles/01f4b874d13e53a477abac6bfaecdb85.min.css?ver=3.11.11
cookie: MicrosoftApplicationsTelemetryDeviceId=aaf3ffe8-bb75-4ff0-9d39-084e1b8f248f
cookie: ai_session=3n6sBbR9Gd8poVAuRJW4ek|1737053248943|1737053248943
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

server: nginx
content-type: image/svg+xml
last-modified: Fri, 20 Oct 2023 00:01:44 GMT
etag: W/"6531c368-38e"
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'self'; fullscreen 'self'; payment 'none'
content-encoding: gzip
content-length: 458
cache-control: public, max-age=30936336
date: Thu, 16 Jan 2025 18:47:30 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; fullscreen 'self' https://www.youtube.com https://mediastream.microsoft.com; payment 'none'
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https:
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
GET

https://visualstudio.microsoft.com/wp-content/themes/Avada-Child-Theme/fonts/icons/vscom.ttf

firefox.exe

Remote address:

2.22.247.97:443

Request

GET /wp-content/themes/Avada-Child-Theme/fonts/icons/vscom.ttf HTTP/2.0
host: visualstudio.microsoft.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://visualstudio.microsoft.com/wp-content/themes/Avada-Child-Theme/modern-styles.min.css?1736879161
cookie: MicrosoftApplicationsTelemetryDeviceId=aaf3ffe8-bb75-4ff0-9d39-084e1b8f248f
cookie: ai_session=3n6sBbR9Gd8poVAuRJW4ek|1737053248943|1737053248943
sec-fetch-dest: font
sec-fetch-mode: cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

server: nginx
content-type: image/webp
last-modified: Mon, 20 May 2024 22:21:21 GMT
etag: "664bcce1-816fc"
access-control-allow-origin: *
accept-ranges: bytes
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'self'; fullscreen 'self'; payment 'none'
content-encoding: gzip
content-length: 530060
cache-control: public, max-age=30936519
date: Thu, 16 Jan 2025 18:47:30 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; fullscreen 'self' https://www.youtube.com https://mediastream.microsoft.com; payment 'none'
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https:
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
GET

https://visualstudio.microsoft.com/wp-content/uploads/2024/09/VS_CopilotMenu_Website_Animation_r5.mp4

firefox.exe

Remote address:

2.22.247.97:443

Request

GET /wp-content/uploads/2024/09/VS_CopilotMenu_Website_Animation_r5.mp4 HTTP/2.0
host: visualstudio.microsoft.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
accept-language: en-US,en;q=0.5
referer: https://visualstudio.microsoft.com/
range: bytes=0-
cookie: MicrosoftApplicationsTelemetryDeviceId=aaf3ffe8-bb75-4ff0-9d39-084e1b8f248f
cookie: ai_session=3n6sBbR9Gd8poVAuRJW4ek|1737053248943|1737053248943
sec-fetch-dest: video
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
accept-encoding: identity
te: trailers

Response

HTTP/2.0 206

server: nginx
content-type: video/mp4
last-modified: Thu, 05 Sep 2024 16:36:21 GMT
etag: "66d9de05-9317e8"
access-control-allow-origin: *
accept-ranges: bytes
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'self'; fullscreen 'self'; payment 'none'
cache-control: public, max-age=30936377
date: Thu, 16 Jan 2025 18:47:30 GMT
content-range: bytes 0-9639911/9639912
content-length: 9639912
x-frame-options: SAMEORIGIN
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; fullscreen 'self' https://www.youtube.com https://mediastream.microsoft.com; payment 'none'
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https:
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
GET

https://visualstudio.microsoft.com/wp-content/plugins/fabric-icon-manager//assets/fonts/VSCOMIcons.woff?1660768558

firefox.exe

Remote address:

2.22.247.97:443

Request

GET /wp-content/plugins/fabric-icon-manager//assets/fonts/VSCOMIcons.woff?1660768558 HTTP/2.0
host: visualstudio.microsoft.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
accept-language: en-US,en;q=0.5
accept-encoding: identity
referer: https://visualstudio.microsoft.com/wp-content/plugins/fabric-icon-manager//assets/css/vscom-icons.css?ver=1660768558
cookie: MicrosoftApplicationsTelemetryDeviceId=aaf3ffe8-bb75-4ff0-9d39-084e1b8f248f
cookie: ai_session=3n6sBbR9Gd8poVAuRJW4ek|1737053248943|1737053248943
sec-fetch-dest: font
sec-fetch-mode: cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

server: nginx
content-type: font/woff
content-length: 30372
last-modified: Wed, 17 Aug 2022 20:35:58 GMT
etag: "62fd512e-76a4"
access-control-allow-origin: *
accept-ranges: bytes
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'self'; fullscreen 'self'; payment 'none'
cache-control: public, max-age=30936491
date: Thu, 16 Jan 2025 18:47:30 GMT
x-frame-options: SAMEORIGIN
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; fullscreen 'self' https://www.youtube.com https://mediastream.microsoft.com; payment 'none'
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https:
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
GET

https://visualstudio.microsoft.com/wp-content/uploads/2022/05/Microsoft-120.png

firefox.exe

Remote address:

2.22.247.97:443

Request

GET /wp-content/uploads/2022/05/Microsoft-120.png HTTP/2.0
host: visualstudio.microsoft.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: image/avif,image/webp,*/*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://visualstudio.microsoft.com/
cookie: MicrosoftApplicationsTelemetryDeviceId=aaf3ffe8-bb75-4ff0-9d39-084e1b8f248f
cookie: ai_session=3n6sBbR9Gd8poVAuRJW4ek|1737053248943|1737053248943
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
te: trailers
GET

https://visualstudio.microsoft.com/wp-content/uploads/2017/02/Microsoft-favicon.png

firefox.exe

Remote address:

2.22.247.97:443

Request

GET /wp-content/uploads/2017/02/Microsoft-favicon.png HTTP/2.0
host: visualstudio.microsoft.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: image/avif,image/webp,*/*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://visualstudio.microsoft.com/
cookie: MicrosoftApplicationsTelemetryDeviceId=aaf3ffe8-bb75-4ff0-9d39-084e1b8f248f
cookie: ai_session=3n6sBbR9Gd8poVAuRJW4ek|1737053248943|1737053248943
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
te: trailers
GET

https://visualstudio.microsoft.com/wp-content/themes/Avada-Child-Theme/assets/js/classList.min.js?1667498206

firefox.exe

Remote address:

2.22.247.97:443

Request

GET /wp-content/themes/Avada-Child-Theme/assets/js/classList.min.js?1667498206 HTTP/2.0
host: visualstudio.microsoft.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://visualstudio.microsoft.com/
cookie: MicrosoftApplicationsTelemetryDeviceId=aaf3ffe8-bb75-4ff0-9d39-084e1b8f248f
cookie: ai_session=3n6sBbR9Gd8poVAuRJW4ek|1737053248943|1737053248943
cookie: MC1=GUID=3ccacde58a524d66a67b210c2ffc16f2&HASH=3cca&LV=202501&V=4&LU=1737053251518
cookie: MS0=33dedc871bdb4994973181b63e935963
cookie: MSFPC=GUID=3ccacde58a524d66a67b210c2ffc16f2&HASH=3cca&LV=202501&V=4&LU=1737053251518
sec-fetch-dest: script
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
te: trailers
GET

https://visualstudio.microsoft.com/wp-content/plugins/vscom-fusion-extension/js/ofi.min.js?1667498194

firefox.exe

Remote address:

2.22.247.97:443

Request

GET /wp-content/plugins/vscom-fusion-extension/js/ofi.min.js?1667498194 HTTP/2.0
host: visualstudio.microsoft.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://visualstudio.microsoft.com/
cookie: MicrosoftApplicationsTelemetryDeviceId=aaf3ffe8-bb75-4ff0-9d39-084e1b8f248f
cookie: ai_session=3n6sBbR9Gd8poVAuRJW4ek|1737053248943|1737053248943
cookie: MC1=GUID=3ccacde58a524d66a67b210c2ffc16f2&HASH=3cca&LV=202501&V=4&LU=1737053251518
cookie: MS0=33dedc871bdb4994973181b63e935963
cookie: MSFPC=GUID=3ccacde58a524d66a67b210c2ffc16f2&HASH=3cca&LV=202501&V=4&LU=1737053251518
sec-fetch-dest: script
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
te: trailers
GET

https://visualstudio.microsoft.com/wp-content/plugins/vscom-fusion-extension/js/video-player/mediaelement.min.js?1667498194

firefox.exe

Remote address:

2.22.247.97:443

Request

GET /wp-content/plugins/vscom-fusion-extension/js/video-player/mediaelement.min.js?1667498194 HTTP/2.0
host: visualstudio.microsoft.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://visualstudio.microsoft.com/
cookie: MicrosoftApplicationsTelemetryDeviceId=aaf3ffe8-bb75-4ff0-9d39-084e1b8f248f
cookie: ai_session=3n6sBbR9Gd8poVAuRJW4ek|1737053248943|1737053248943
cookie: MC1=GUID=3ccacde58a524d66a67b210c2ffc16f2&HASH=3cca&LV=202501&V=4&LU=1737053251518
cookie: MS0=33dedc871bdb4994973181b63e935963
cookie: MSFPC=GUID=3ccacde58a524d66a67b210c2ffc16f2&HASH=3cca&LV=202501&V=4&LU=1737053251518
sec-fetch-dest: script
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
te: trailers
GET

https://visualstudio.microsoft.com/wp-content/plugins/vscom-fusion-extension/js/slider/hammer.min.js?1667498194

firefox.exe

Remote address:

2.22.247.97:443

Request

GET /wp-content/plugins/vscom-fusion-extension/js/slider/hammer.min.js?1667498194 HTTP/2.0
host: visualstudio.microsoft.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://visualstudio.microsoft.com/
cookie: MicrosoftApplicationsTelemetryDeviceId=aaf3ffe8-bb75-4ff0-9d39-084e1b8f248f
cookie: ai_session=3n6sBbR9Gd8poVAuRJW4ek|1737053248943|1737053248943
cookie: MC1=GUID=3ccacde58a524d66a67b210c2ffc16f2&HASH=3cca&LV=202501&V=4&LU=1737053251518
cookie: MS0=33dedc871bdb4994973181b63e935963
cookie: MSFPC=GUID=3ccacde58a524d66a67b210c2ffc16f2&HASH=3cca&LV=202501&V=4&LU=1737053251518
sec-fetch-dest: script
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
te: trailers
GET

https://visualstudio.microsoft.com/wp-content/plugins/vscom-fusion-extension/js/slider/slider-devblogs-posts.min.js?1702925116

firefox.exe

Remote address:

2.22.247.97:443

Request

GET /wp-content/plugins/vscom-fusion-extension/js/slider/slider-devblogs-posts.min.js?1702925116 HTTP/2.0
host: visualstudio.microsoft.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://visualstudio.microsoft.com/
cookie: MicrosoftApplicationsTelemetryDeviceId=aaf3ffe8-bb75-4ff0-9d39-084e1b8f248f
cookie: ai_session=3n6sBbR9Gd8poVAuRJW4ek|1737053248943|1737053248943
cookie: MC1=GUID=3ccacde58a524d66a67b210c2ffc16f2&HASH=3cca&LV=202501&V=4&LU=1737053251518
cookie: MS0=33dedc871bdb4994973181b63e935963
cookie: MSFPC=GUID=3ccacde58a524d66a67b210c2ffc16f2&HASH=3cca&LV=202501&V=4&LU=1737053251518
sec-fetch-dest: script
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
te: trailers
GET

https://visualstudio.microsoft.com/wp-content/uploads/2022/11/VisualStudio.webp

firefox.exe

Remote address:

2.22.247.97:443

Request

GET /wp-content/uploads/2022/11/VisualStudio.webp HTTP/2.0
host: visualstudio.microsoft.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: image/avif,image/webp,*/*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://visualstudio.microsoft.com/
cookie: MicrosoftApplicationsTelemetryDeviceId=aaf3ffe8-bb75-4ff0-9d39-084e1b8f248f
cookie: ai_session=3n6sBbR9Gd8poVAuRJW4ek|1737053248943|1737053248943
cookie: MC1=GUID=3ccacde58a524d66a67b210c2ffc16f2&HASH=3cca&LV=202501&V=4&LU=1737053251518
cookie: MS0=33dedc871bdb4994973181b63e935963
cookie: MSFPC=GUID=3ccacde58a524d66a67b210c2ffc16f2&HASH=3cca&LV=202501&V=4&LU=1737053251518
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
te: trailers
GET

https://visualstudio.microsoft.com/wp-content/plugins/vscom-core/assets/js/vscom.min.js?1694020635

firefox.exe

Remote address:

2.22.247.97:443

Request

GET /wp-content/plugins/vscom-core/assets/js/vscom.min.js?1694020635 HTTP/2.0
host: visualstudio.microsoft.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://visualstudio.microsoft.com/
cookie: MicrosoftApplicationsTelemetryDeviceId=aaf3ffe8-bb75-4ff0-9d39-084e1b8f248f
cookie: ai_session=3n6sBbR9Gd8poVAuRJW4ek|1737053248943|1737053248943
cookie: MC1=GUID=3ccacde58a524d66a67b210c2ffc16f2&HASH=3cca&LV=202501&V=4&LU=1737053251518
cookie: MS0=33dedc871bdb4994973181b63e935963
cookie: MSFPC=GUID=3ccacde58a524d66a67b210c2ffc16f2&HASH=3cca&LV=202501&V=4&LU=1737053251518
sec-fetch-dest: script
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
te: trailers
GET

https://visualstudio.microsoft.com/wp-content/plugins/vscom-fusion-extension/js/vscom-video-player.min.js?1667498195

firefox.exe

Remote address:

2.22.247.97:443

Request

GET /wp-content/plugins/vscom-fusion-extension/js/vscom-video-player.min.js?1667498195 HTTP/2.0
host: visualstudio.microsoft.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://visualstudio.microsoft.com/
cookie: MicrosoftApplicationsTelemetryDeviceId=aaf3ffe8-bb75-4ff0-9d39-084e1b8f248f
cookie: ai_session=3n6sBbR9Gd8poVAuRJW4ek|1737053248943|1737053248943
cookie: MC1=GUID=3ccacde58a524d66a67b210c2ffc16f2&HASH=3cca&LV=202501&V=4&LU=1737053251518
cookie: MS0=33dedc871bdb4994973181b63e935963
cookie: MSFPC=GUID=3ccacde58a524d66a67b210c2ffc16f2&HASH=3cca&LV=202501&V=4&LU=1737053251518
sec-fetch-dest: script
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
te: trailers
GET

https://visualstudio.microsoft.com/wp-content/plugins/vscom-fusion-extension/js/slider/better-simple-slideshow.min.js?1702925116

firefox.exe

Remote address:

2.22.247.97:443

Request

GET /wp-content/plugins/vscom-fusion-extension/js/slider/better-simple-slideshow.min.js?1702925116 HTTP/2.0
host: visualstudio.microsoft.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://visualstudio.microsoft.com/
cookie: MicrosoftApplicationsTelemetryDeviceId=aaf3ffe8-bb75-4ff0-9d39-084e1b8f248f
cookie: ai_session=3n6sBbR9Gd8poVAuRJW4ek|1737053248943|1737053248943
cookie: MC1=GUID=3ccacde58a524d66a67b210c2ffc16f2&HASH=3cca&LV=202501&V=4&LU=1737053251518
cookie: MS0=33dedc871bdb4994973181b63e935963
cookie: MSFPC=GUID=3ccacde58a524d66a67b210c2ffc16f2&HASH=3cca&LV=202501&V=4&LU=1737053251518
sec-fetch-dest: script
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
te: trailers
GET

https://visualstudio.microsoft.com/wp-content/plugins/vscom-utility-plugin/json/home-devblogs.json

firefox.exe

Remote address:

2.22.247.97:443

Request

GET /wp-content/plugins/vscom-utility-plugin/json/home-devblogs.json HTTP/2.0
host: visualstudio.microsoft.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://visualstudio.microsoft.com/
content-type: application/json
cookie: MicrosoftApplicationsTelemetryDeviceId=aaf3ffe8-bb75-4ff0-9d39-084e1b8f248f
cookie: ai_session=3n6sBbR9Gd8poVAuRJW4ek|1737053248943|1737053248943
cookie: MC1=GUID=3ccacde58a524d66a67b210c2ffc16f2&HASH=3cca&LV=202501&V=4&LU=1737053251518
cookie: MS0=33dedc871bdb4994973181b63e935963
cookie: MSFPC=GUID=3ccacde58a524d66a67b210c2ffc16f2&HASH=3cca&LV=202501&V=4&LU=1737053251518
sec-fetch-dest: empty
sec-fetch-mode: cors
sec-fetch-site: same-origin
te: trailers
DNS

js.monitor.azure.com

msedge.exe

Remote address:

8.8.8.8:53

Request

js.monitor.azure.com

IN A

Response

js.monitor.azure.com

IN CNAME

aijscdn2-bwfdfxezdubebtb0.z01.azurefd.net

aijscdn2-bwfdfxezdubebtb0.z01.azurefd.net

IN CNAME

star-azurefd-prod.trafficmanager.net

star-azurefd-prod.trafficmanager.net

IN CNAME

shed.dual-low.s-part-0036.t-0009.t-msedge.net

shed.dual-low.s-part-0036.t-0009.t-msedge.net

IN CNAME

s-part-0036.t-0009.t-msedge.net

s-part-0036.t-0009.t-msedge.net

IN A

13.107.246.64
DNS

97.247.22.2.in-addr.arpa

Remote address:

8.8.8.8:53

Request

97.247.22.2.in-addr.arpa

IN PTR

Response

97.247.22.2.in-addr.arpa

IN PTR

a2-22-247-97deploystaticakamaitechnologiescom
DNS

browser.events.data.microsoft.com

msedge.exe

Remote address:

8.8.8.8:53

Request

browser.events.data.microsoft.com

IN A

Response

browser.events.data.microsoft.com

IN CNAME

browser.events.data.trafficmanager.net

browser.events.data.trafficmanager.net

IN CNAME

onedscolprdcus04.centralus.cloudapp.azure.com

onedscolprdcus04.centralus.cloudapp.azure.com

IN A

52.182.143.208
OPTIONS

https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0

firefox.exe

Remote address:

52.182.143.208:443

Request

OPTIONS /OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0 HTTP/2.0
host: browser.events.data.microsoft.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
access-control-request-method: POST
access-control-request-headers: apikey,cache-control,client-id,client-version,content-type,time-delta-to-apply-millis,upload-time
referer: https://visualstudio.microsoft.com/
origin: https://visualstudio.microsoft.com
sec-fetch-dest: empty
sec-fetch-mode: cors
sec-fetch-site: same-site
te: trailers

Response

HTTP/2.0 200

cache-control: public, 3600
content-length: 0
server: Microsoft-HTTPAPI/2.0
strict-transport-security: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: AuthMsaDeviceTicket,AuthXToken,Content-Encoding,Content-Type,Cache-Control,Client-Id,SDK-Name,sdk-version,apikey,x-apikey,client-version,upload-time,time-delta-to-apply-millis,client-time-epoch-millis,persistence-mode,reliability-mode,NoResponseBody
access-control-max-age: 3600
access-control-allow-origin: https://visualstudio.microsoft.com
date: Thu, 16 Jan 2025 18:47:30 GMT
POST

https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0

firefox.exe

Remote address:

52.182.143.208:443

Request

POST /OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0 HTTP/2.0
host: browser.events.data.microsoft.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://visualstudio.microsoft.com/
client-id: NO_AUTH
client-version: 1DS-Web-JS-3.2.18
apikey: f194a55d6cb942d9b0e5b604e01b609b-8c663a24-3636-4cc5-a2bf-267a92b4ee4f-7662
upload-time: 1737053250331
time-delta-to-apply-millis: use-collector-delta
cache-control: no-cache, no-store
content-type: application/x-json-stream
content-length: 1114
origin: https://visualstudio.microsoft.com
sec-fetch-dest: empty
sec-fetch-mode: cors
sec-fetch-site: same-site
te: trailers

Response

HTTP/2.0 200

content-length: 153
content-type: application/json
server: Microsoft-HTTPAPI/2.0
strict-transport-security: max-age=31536000
p3p: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
set-cookie: MC1=GUID=3ccacde58a524d66a67b210c2ffc16f2&HASH=3cca&LV=202501&V=4&LU=1737053251518; Domain=.microsoft.com; Expires=Fri, 16 Jan 2026 18:47:31 GMT; Path=/;Secure; SameSite=None
set-cookie: MS0=33dedc871bdb4994973181b63e935963; Domain=.microsoft.com; Expires=Thu, 16 Jan 2025 19:17:31 GMT; Path=/;Secure; SameSite=None
time-delta-millis: 1187
access-control-allow-headers: P3P,Set-Cookie,time-delta-millis
access-control-allow-methods: POST
access-control-allow-credentials: true
access-control-allow-origin: https://visualstudio.microsoft.com
access-control-expose-headers: time-delta-millis
date: Thu, 16 Jan 2025 18:47:30 GMT
OPTIONS

https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&ext.intweb.msfpc=GUID%3D3ccacde58a524d66a67b210c2ffc16f2%26HASH%3D3cca%26LV%3D202501%26V%3D4%26LU%3D1737053251518&w=0

firefox.exe

Remote address:

52.182.143.208:443

Request

OPTIONS /OneCollector/1.0/?cors=true&content-type=application/x-json-stream&ext.intweb.msfpc=GUID%3D3ccacde58a524d66a67b210c2ffc16f2%26HASH%3D3cca%26LV%3D202501%26V%3D4%26LU%3D1737053251518&w=0 HTTP/2.0
host: browser.events.data.microsoft.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
access-control-request-method: POST
access-control-request-headers: apikey,cache-control,client-id,client-version,content-type,time-delta-to-apply-millis,upload-time
referer: https://visualstudio.microsoft.com/
origin: https://visualstudio.microsoft.com
sec-fetch-dest: empty
sec-fetch-mode: cors
sec-fetch-site: same-site
te: trailers

Response

HTTP/2.0 200

cache-control: public, 3600
content-length: 0
server: Microsoft-HTTPAPI/2.0
strict-transport-security: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: AuthMsaDeviceTicket,AuthXToken,Content-Encoding,Content-Type,Cache-Control,Client-Id,SDK-Name,sdk-version,apikey,x-apikey,client-version,upload-time,time-delta-to-apply-millis,client-time-epoch-millis,persistence-mode,reliability-mode,NoResponseBody
access-control-max-age: 3600
access-control-allow-origin: https://visualstudio.microsoft.com
date: Thu, 16 Jan 2025 18:47:32 GMT
DNS

onedscolprdcus04.centralus.cloudapp.azure.com

firefox.exe

Remote address:

8.8.8.8:53

Request

onedscolprdcus04.centralus.cloudapp.azure.com

IN A

Response

onedscolprdcus04.centralus.cloudapp.azure.com

IN A

52.182.143.208
DNS

s-part-0036.t-0009.t-msedge.net

firefox.exe

Remote address:

8.8.8.8:53

Request

s-part-0036.t-0009.t-msedge.net

IN A

Response

s-part-0036.t-0009.t-msedge.net

IN A

13.107.246.64
DNS

www.microsoft.com

msedge.exe

Remote address:

8.8.8.8:53

Request

www.microsoft.com

IN A

Response

www.microsoft.com

IN CNAME

www.microsoft.com-c-3.edgekey.net

www.microsoft.com-c-3.edgekey.net

IN CNAME

www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net

www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net

IN CNAME

e13678.dscb.akamaiedge.net

e13678.dscb.akamaiedge.net

IN A

95.100.245.144
DNS

wcpstatic.microsoft.com

msedge.exe

Remote address:

8.8.8.8:53

Request

wcpstatic.microsoft.com

IN A

Response

wcpstatic.microsoft.com

IN CNAME

consentdeliveryfd.azurefd.net

consentdeliveryfd.azurefd.net

IN CNAME

firstparty-azurefd-prod.trafficmanager.net

firstparty-azurefd-prod.trafficmanager.net

IN CNAME

shed.dual-low.s-part-0036.t-0009.t-msedge.net

shed.dual-low.s-part-0036.t-0009.t-msedge.net

IN CNAME

s-part-0036.t-0009.t-msedge.net

s-part-0036.t-0009.t-msedge.net

IN A

13.107.246.64
DNS

cdn-dynmedia-1.microsoft.com

msedge.exe

Remote address:

8.8.8.8:53

Request

cdn-dynmedia-1.microsoft.com

IN A

Response

cdn-dynmedia-1.microsoft.com

IN CNAME

san-ion.secure4.scene7.com.edgekey.net

san-ion.secure4.scene7.com.edgekey.net

IN CNAME

e81481.dsca.akamaiedge.net

e81481.dsca.akamaiedge.net

IN A

184.28.198.218

e81481.dsca.akamaiedge.net

IN A

184.28.198.210
DNS

onedscolprdcus04.centralus.cloudapp.azure.com

firefox.exe

Remote address:

8.8.8.8:53

Request

onedscolprdcus04.centralus.cloudapp.azure.com

IN AAAA

Response
DNS

s-part-0036.t-0009.t-msedge.net

firefox.exe

Remote address:

8.8.8.8:53

Request

s-part-0036.t-0009.t-msedge.net

IN AAAA

Response

s-part-0036.t-0009.t-msedge.net

IN AAAA

2620:1ec:bdf::64
GET

https://www.microsoft.com/onerfstatics/marketingsites-eus-prod/west-european/shell/_scrf/css/themes=default.device=uplevel_web_pc/1b-9d8ed9/c9-be0100/a6-e969ef/43-9f2e7c/82-8b5456/a0-5d3913/52-918540/ca-ae3ce4?ver=2.0&_cf=02242021_3231

firefox.exe

Remote address:

95.100.245.144:443

Request

GET /onerfstatics/marketingsites-eus-prod/west-european/shell/_scrf/css/themes=default.device=uplevel_web_pc/1b-9d8ed9/c9-be0100/a6-e969ef/43-9f2e7c/82-8b5456/a0-5d3913/52-918540/ca-ae3ce4?ver=2.0&_cf=02242021_3231 HTTP/2.0
host: www.microsoft.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: text/css,*/*;q=0.1
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://visualstudio.microsoft.com/
sec-fetch-dest: style
sec-fetch-mode: no-cors
sec-fetch-site: same-site
te: trailers

Response

HTTP/2.0 200

content-type: text/css; charset=utf-8
last-modified: Thu, 05 Dec 2024 22:22:51 GMT
x-activity-id: ceef63eb-777b-4c20-8c43-4fb48736569e
x-appversion: 1.0.9090.33347
x-az: {did:92e7dc58ca2143cfb2c818b047cc5cd1, rid: OneDeployContainer, sn: marketingsites-prod-odwestcentralus, dt: 2018-05-03T20:14:23.4188992Z, bt: 2024-11-21T02:31:34.0000000Z}
ms-operation-id: 67e5795e2e12c90813fcf1f85ce73363
p3p: CP="CAO CONi OTR OUR DEM ONL"
x-content-type-options: nosniff
x-s1: 2024-12-05T22:22:51
x-s2: 2024-12-05T22:22:51
timing-allow-origin: *
access-control-allow-origin: *
access-control-allow-methods: HEAD,GET,POST,PATCH,PUT,OPTIONS
x-xss-protection: 1; mode=block
x-azure-ref: 20241205T230958Z-er1bd968f9clxgzshC1LONkw7g00000001zg000000010nxt
accept-ranges: bytes
content-encoding: gzip
content-length: 22805
cache-control: public, max-age=27920211
expires: Fri, 05 Dec 2025 22:24:20 GMT
date: Thu, 16 Jan 2025 18:47:29 GMT
vary: Accept-Encoding
tls_version: tls1.3
strict-transport-security: max-age=31536000
ms-cv: CASMicrosoftCV1764f092.0
ms-cv-esi: CASMicrosoftCV1764f092.0
x-rtag: RT
GET

https://www.microsoft.com/onerfstatics/marketingsites-eus-prod/shell/_scrf/js/themes=default/54-af9f9f/d4-fb1f57/e1-a50eee/e7-954872/d8-97d509/f0-251fe2/46-be1318/77-04a268/11-240c7b/63-077520/a4-34de62/f9-a5b2ce/db-bc0148/dc-7e9864/6d-c07ea1/6f-dafe8c/f6-aa5278/73-a24d00/6d-1e7ed0/b7-cadaa7/c4-898cf2/ca-40b7b0/4e-ee3a55/3e-f5c39b/c3-6454d7/f9-7592d3/d0-e64f3e/92-10345d/79-499886/7e-cda2d3/58-ab4971/74-d51c79/e0-3c9860/de-884374/1f-100dea/33-abe4df/2b-8e0ae6?ver=2.0&_cf=02242021_3231&iife=1

firefox.exe

Remote address:

95.100.245.144:443

Request

GET /onerfstatics/marketingsites-eus-prod/shell/_scrf/js/themes=default/54-af9f9f/d4-fb1f57/e1-a50eee/e7-954872/d8-97d509/f0-251fe2/46-be1318/77-04a268/11-240c7b/63-077520/a4-34de62/f9-a5b2ce/db-bc0148/dc-7e9864/6d-c07ea1/6f-dafe8c/f6-aa5278/73-a24d00/6d-1e7ed0/b7-cadaa7/c4-898cf2/ca-40b7b0/4e-ee3a55/3e-f5c39b/c3-6454d7/f9-7592d3/d0-e64f3e/92-10345d/79-499886/7e-cda2d3/58-ab4971/74-d51c79/e0-3c9860/de-884374/1f-100dea/33-abe4df/2b-8e0ae6?ver=2.0&_cf=02242021_3231&iife=1 HTTP/2.0
host: www.microsoft.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://visualstudio.microsoft.com/
sec-fetch-dest: script
sec-fetch-mode: no-cors
sec-fetch-site: same-site
te: trailers

Response

HTTP/2.0 200

content-type: text/javascript; charset=utf-8
last-modified: Thu, 05 Dec 2024 22:20:19 GMT
x-activity-id: 5808f47d-5af0-468a-9a30-fb51f9fcbf96
x-appversion: 1.0.9090.33347
x-az: {did:92e7dc58ca2143cfb2c818b047cc5cd1, rid: OneDeployContainer, sn: marketingsites-prod-odwestcentralus, dt: 2018-05-03T20:14:23.4188992Z, bt: 2024-11-21T02:31:34.0000000Z}
ms-operation-id: e1ce70ed9f8126eb60407fc78ed39ce8
p3p: CP="CAO CONi OTR OUR DEM ONL"
x-content-type-options: nosniff
x-s1: 2024-12-05T22:20:19
x-s2: 2024-12-05T22:20:19
timing-allow-origin: *
access-control-allow-origin: *
access-control-allow-methods: HEAD,GET,POST,PATCH,PUT,OPTIONS
x-xss-protection: 1; mode=block
x-azure-ref: 20241205T230537Z-er1bd968f9cq5llbhC1LONcy8w00000005p000000000xyw8
accept-ranges: bytes
content-encoding: gzip
content-length: 36170
cache-control: public, max-age=27919873
expires: Fri, 05 Dec 2025 22:18:42 GMT
date: Thu, 16 Jan 2025 18:47:29 GMT
vary: Accept-Encoding
tls_version: tls1.3
strict-transport-security: max-age=31536000
ms-cv: CASMicrosoftCV1764f0d0.0
ms-cv-esi: CASMicrosoftCV1764f0d0.0
x-rtag: RT
GET

https://www.microsoft.com/mwf/_h/v3.54/mwf.app/fonts/mwfmdl2-v3.54.woff

firefox.exe

Remote address:

95.100.245.144:443

Request

GET /mwf/_h/v3.54/mwf.app/fonts/mwfmdl2-v3.54.woff HTTP/2.0
host: www.microsoft.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
accept-language: en-US,en;q=0.5
accept-encoding: identity
origin: https://visualstudio.microsoft.com
referer: https://www.microsoft.com/onerfstatics/marketingsites-eus-prod/west-european/shell/_scrf/css/themes=default.device=uplevel_web_pc/1b-9d8ed9/c9-be0100/a6-e969ef/43-9f2e7c/82-8b5456/a0-5d3913/52-918540/ca-ae3ce4?ver=2.0&_cf=02242021_3231
sec-fetch-dest: font
sec-fetch-mode: cors
sec-fetch-site: same-site
te: trailers

Response

HTTP/2.0 200

content-type: application/font-woff
last-modified: Thu, 18 Jan 2024 19:15:17 GMT
x-activity-id: 81100bbf-4474-4741-96bd-ed084c018a2b
x-appversion: 1.0.8745.29656
x-az: {did:92e7dc58ca2143cfb2c818b047cc5cd1, rid: OneDeployContainer, sn: marketingsites-prod-odnortheurope, dt: 2018-05-03T20:14:23.4188992Z, bt: 2023-12-12T00:28:32.0000000Z}
ms-operation-id: 951dfc80b28cc641b012f6f423816fed
p3p: CP="CAO CONi OTR OUR DEM ONL"
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: HEAD,GET,POST,PATCH,PUT,OPTIONS
x-xss-protection: 1; mode=block
content-length: 26288
ak-forward-host:
ak-forward-host:
cache-control: public, max-age=26407414
expires: Tue, 18 Nov 2025 10:11:04 GMT
date: Thu, 16 Jan 2025 18:47:30 GMT
tls_version: tls1.3
strict-transport-security: max-age=31536000
ms-cv: CASMicrosoftCV1764f330.0
ms-cv-esi: CASMicrosoftCV1764f330.0
x-rtag: RT
DNS

e13678.dscb.akamaiedge.net

firefox.exe

Remote address:

8.8.8.8:53

Request

e13678.dscb.akamaiedge.net

IN A

Response

e13678.dscb.akamaiedge.net

IN A

95.100.245.144
GET

https://cdn-dynmedia-1.microsoft.com/is/image/microsoftcorp/UHFbanner-MSlogo2?fmt=png-alpha&bfc=off&qlt=100,1

firefox.exe

Remote address:

184.28.198.218:443

Request

GET /is/image/microsoftcorp/UHFbanner-MSlogo2?fmt=png-alpha&bfc=off&qlt=100,1 HTTP/2.0
host: cdn-dynmedia-1.microsoft.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: image/avif,image/webp,*/*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://visualstudio.microsoft.com/
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: same-site
te: trailers

Response

HTTP/2.0 200

access-control-allow-origin: *
last-modified: Thu, 19 Sep 2024 03:52:00 GMT
etag: "2d1230bfe59a90f39b8ef4ca4a83de63"
server: Unknown
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/png
content-length: 4429
expires: Thu, 16 Jan 2025 22:07:29 GMT
date: Thu, 16 Jan 2025 18:47:29 GMT
x-akamai-cache: Hit
akamai-grn: 0.cec61cb8.1737053249.1c88a8bf
DNS

e81481.dsca.akamaiedge.net

firefox.exe

Remote address:

8.8.8.8:53

Request

e81481.dsca.akamaiedge.net

IN A

Response

e81481.dsca.akamaiedge.net

IN A

184.28.198.218

e81481.dsca.akamaiedge.net

IN A

184.28.198.210
DNS

e81481.dsca.akamaiedge.net

firefox.exe

Remote address:

8.8.8.8:53

Request

e81481.dsca.akamaiedge.net

IN AAAA

Response

e81481.dsca.akamaiedge.net

IN AAAA

2a02:26f0:e8::6856:6f40

e81481.dsca.akamaiedge.net

IN AAAA

2a02:26f0:e8::6856:6f51
DNS

e13678.dscb.akamaiedge.net

firefox.exe

Remote address:

8.8.8.8:53

Request

e13678.dscb.akamaiedge.net

IN AAAA

Response

e13678.dscb.akamaiedge.net

IN AAAA

2a02:26f0:5900:4ab::356e

e13678.dscb.akamaiedge.net

IN AAAA

2a02:26f0:5900:498::356e

e13678.dscb.akamaiedge.net

IN AAAA

2a02:26f0:5900:4a4::356e

e13678.dscb.akamaiedge.net

IN AAAA

2a02:26f0:5900:4bb::356e
DNS

mem.gfx.ms

firefox.exe

Remote address:

8.8.8.8:53

Request

mem.gfx.ms

IN A

Response

mem.gfx.ms

IN CNAME

amcdnmsftuswe.azureedge.net

amcdnmsftuswe.azureedge.net

IN CNAME

amcdnmsftuswe.afd.azureedge.net

amcdnmsftuswe.afd.azureedge.net

IN CNAME

firstparty-azurefd-prod.trafficmanager.net

firstparty-azurefd-prod.trafficmanager.net

IN CNAME

shed.dual-low.s-part-0036.t-0009.t-msedge.net

shed.dual-low.s-part-0036.t-0009.t-msedge.net

IN CNAME

s-part-0036.t-0009.t-msedge.net

s-part-0036.t-0009.t-msedge.net

IN A

13.107.246.64
DNS

www.clarity.ms

firefox.exe

Remote address:

8.8.8.8:53

Request

www.clarity.ms

IN A

Response

www.clarity.ms

IN CNAME

clarity.azurefd.net

clarity.azurefd.net

IN CNAME

azurefd-t-prod.trafficmanager.net

azurefd-t-prod.trafficmanager.net

IN CNAME

shed.dual-low.s-part-0036.t-0009.t-msedge.net

shed.dual-low.s-part-0036.t-0009.t-msedge.net

IN CNAME

s-part-0036.t-0009.t-msedge.net

s-part-0036.t-0009.t-msedge.net

IN A

13.107.246.64
DNS

marketplace.visualstudio.com

msedge.exe

Remote address:

8.8.8.8:53

Request

marketplace.visualstudio.com

IN A

Response

marketplace.visualstudio.com

IN A

13.107.42.18
OPTIONS

https://marketplace.visualstudio.com/_apis/public/gallery/extensionquery

firefox.exe

Remote address:

13.107.42.18:443

Request

OPTIONS /_apis/public/gallery/extensionquery HTTP/2.0
host: marketplace.visualstudio.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
access-control-request-method: POST
access-control-request-headers: content-type
referer: https://visualstudio.microsoft.com/
origin: https://visualstudio.microsoft.com
sec-fetch-dest: empty
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

p3p: CP="CAO DSP COR ADMa DEV CONo TELo CUR PSA PSD TAI IVDo OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR LOC CNT"
x-tfs-processid: 391e6d11-6c5c-4d8a-a179-2b48a0bd8d0b
strict-transport-security: max-age=31536000; includeSubDomains
activityid: 0b6e0901-b722-4b39-ad35-a9e46656fe35
x-tfs-session: 0b6e0901-b722-4b39-ad35-a9e46656fe35
x-vss-e2eid: 0b6e0901-b722-4b39-ad35-a9e46656fe35
x-vss-senderdeploymentid: 2663b13f-50e3-a655-a159-22f6f4725fab
access-control-allow-origin: *
access-control-max-age: 3600
access-control-allow-methods: OPTIONS,GET,POST,PATCH,PUT,DELETE
access-control-expose-headers: ActivityId,X-TFS-Session,X-MS-ContinuationToken,X-VSS-GlobalMessage,ETag
access-control-allow-headers: content-type, authorization
x-content-type-options: nosniff
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 6A4222E48FA24321BEEDD860B97B1AD2 Ref B: LON04EDGE1220 Ref C: 2025-01-16T18:47:30Z
date: Thu, 16 Jan 2025 18:47:29 GMT
content-length: 0
POST

https://marketplace.visualstudio.com/_apis/public/gallery/extensionquery

firefox.exe

Remote address:

13.107.42.18:443

Request

POST /_apis/public/gallery/extensionquery HTTP/2.0
host: marketplace.visualstudio.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: application/json;api-version=7.1-preview.1
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
content-type: application/json
content-length: 634
origin: https://visualstudio.microsoft.com
referer: https://visualstudio.microsoft.com/
sec-fetch-dest: empty
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-length: 2647
content-type: application/json; charset=utf-8; api-version=7.1-preview.1
content-encoding: gzip
expires: -1
vary: Accept-Encoding
p3p: CP="CAO DSP COR ADMa DEV CONo TELo CUR PSA PSD TAI IVDo OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR LOC CNT"
set-cookie: VstsSession=%7B%22PersistentSessionId%22%3A%2217e0c65c-541f-47de-92fc-14a2331f2f08%22%2C%22PendingAuthenticationSessionId%22%3A%2200000000-0000-0000-0000-000000000000%22%2C%22CurrentAuthenticationSessionId%22%3A%2200000000-0000-0000-0000-000000000000%22%2C%22SignInState%22%3A%7B%7D%7D;SameSite=None; domain=.visualstudio.com; expires=Fri, 16-Jan-2026 18:47:30 GMT; path=/; secure; HttpOnly
x-tfs-processid: a9cb9539-a233-4ab3-8229-63ea938e1dd2
strict-transport-security: max-age=31536000; includeSubDomains
activityid: 4e2b83e7-2009-4d0a-a2cb-b074b75afc6b
x-tfs-session: 4e2b83e7-2009-4d0a-a2cb-b074b75afc6b
x-vss-e2eid: 4e2b83e7-2009-4d0a-a2cb-b074b75afc6b
x-vss-senderdeploymentid: 2663b13f-50e3-a655-a159-22f6f4725fab
access-control-allow-origin: *
access-control-max-age: 3600
access-control-allow-methods: OPTIONS,GET,POST,PATCH,PUT,DELETE
access-control-expose-headers: ActivityId,X-TFS-Session,X-MS-ContinuationToken,X-VSS-GlobalMessage,ETag
access-control-allow-headers: authorization
request-context: appId=cid-v1:84715e31-583a-4723-a46d-946169b2f4a8
access-control-expose-headers: Request-Context
x-content-type-options: nosniff
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 6AEE017ADF2F4457957CA79FEBA0910D Ref B: LON04EDGE1220 Ref C: 2025-01-16T18:47:30Z
date: Thu, 16 Jan 2025 18:47:30 GMT
DNS

marketplace.visualstudio.com

msedge.exe

Remote address:

8.8.8.8:53

Request

marketplace.visualstudio.com

IN A

Response

marketplace.visualstudio.com

IN A

13.107.42.18
DNS

marketplace.visualstudio.com

msedge.exe

Remote address:

8.8.8.8:53

Request

marketplace.visualstudio.com

IN AAAA

Response

marketplace.visualstudio.com

IN AAAA

2620:1ec:a92::175
DNS

64.246.107.13.in-addr.arpa

Remote address:

8.8.8.8:53

Request

64.246.107.13.in-addr.arpa

IN PTR

Response
DNS

144.245.100.95.in-addr.arpa

Remote address:

8.8.8.8:53

Request

144.245.100.95.in-addr.arpa

IN PTR

Response

144.245.100.95.in-addr.arpa

IN PTR

a95-100-245-144deploystaticakamaitechnologiescom
DNS

144.245.100.95.in-addr.arpa

Remote address:

8.8.8.8:53

Request

144.245.100.95.in-addr.arpa

IN PTR
DNS

218.198.28.184.in-addr.arpa

Remote address:

8.8.8.8:53

Request

218.198.28.184.in-addr.arpa

IN PTR

Response

218.198.28.184.in-addr.arpa

IN PTR

a184-28-198-218deploystaticakamaitechnologiescom
DNS

208.143.182.52.in-addr.arpa

Remote address:

8.8.8.8:53

Request

208.143.182.52.in-addr.arpa

IN PTR

Response
DNS

198.187.3.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

198.187.3.20.in-addr.arpa

IN PTR

Response
DNS

198.187.3.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

198.187.3.20.in-addr.arpa

IN PTR
DNS

18.42.107.13.in-addr.arpa

Remote address:

8.8.8.8:53

Request

18.42.107.13.in-addr.arpa

IN PTR

Response
DNS

56.163.245.4.in-addr.arpa

Remote address:

8.8.8.8:53

Request

56.163.245.4.in-addr.arpa

IN PTR

Response
DNS

u.clarity.ms

firefox.exe

Remote address:

8.8.8.8:53

Request

u.clarity.ms

IN A

Response

u.clarity.ms

IN CNAME

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com

IN A

4.227.249.197
POST

https://u.clarity.ms/collect

firefox.exe

Remote address:

4.227.249.197:443

Request

POST /collect HTTP/1.1
Host: u.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
Accept: application/x-clarity-gzip
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Length: 462
Origin: https://visualstudio.microsoft.com
Connection: keep-alive
Referer: https://visualstudio.microsoft.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

Response

HTTP/1.1 204 No Content

Server: nginx
Date: Thu, 16 Jan 2025 18:47:31 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://visualstudio.microsoft.com
Vary: Origin
Request-Context: appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81
POST

https://u.clarity.ms/collect

firefox.exe

Remote address:

4.227.249.197:443

Request

POST /collect HTTP/1.1
Host: u.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
Accept: application/x-clarity-gzip
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Length: 51705
Origin: https://visualstudio.microsoft.com
Connection: keep-alive
Referer: https://visualstudio.microsoft.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

Response

HTTP/1.1 204 No Content

Server: nginx
Date: Thu, 16 Jan 2025 18:47:33 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://visualstudio.microsoft.com
Vary: Origin
Request-Context: appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81
POST

https://u.clarity.ms/collect

firefox.exe

Remote address:

4.227.249.197:443

Request

POST /collect HTTP/1.1
Host: u.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
Accept: application/x-clarity-gzip
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Length: 16182
Origin: https://visualstudio.microsoft.com
Connection: keep-alive
Referer: https://visualstudio.microsoft.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

Response

HTTP/1.1 204 No Content

Server: nginx
Date: Thu, 16 Jan 2025 18:47:34 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://visualstudio.microsoft.com
Vary: Origin
Request-Context: appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81
POST

https://u.clarity.ms/collect

firefox.exe

Remote address:

4.227.249.197:443

Request

POST /collect HTTP/1.1
Host: u.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
Accept: application/x-clarity-gzip
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Length: 2260
Origin: https://visualstudio.microsoft.com
Connection: keep-alive
Referer: https://visualstudio.microsoft.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

Response

HTTP/1.1 204 No Content

Server: nginx
Date: Thu, 16 Jan 2025 18:47:40 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://visualstudio.microsoft.com
Vary: Origin
Request-Context: appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81
POST

https://u.clarity.ms/collect

firefox.exe

Remote address:

4.227.249.197:443

Request

POST /collect HTTP/1.1
Host: u.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
Accept: application/x-clarity-gzip
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Length: 1360
Origin: https://visualstudio.microsoft.com
Connection: keep-alive
Referer: https://visualstudio.microsoft.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

Response

HTTP/1.1 204 No Content

Server: nginx
Date: Thu, 16 Jan 2025 18:47:46 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://visualstudio.microsoft.com
Vary: Origin
Request-Context: appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81
POST

https://u.clarity.ms/collect

firefox.exe

Remote address:

4.227.249.197:443

Request

POST /collect HTTP/1.1
Host: u.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
Accept: application/x-clarity-gzip
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Length: 1562
Origin: https://visualstudio.microsoft.com
Connection: keep-alive
Referer: https://visualstudio.microsoft.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

Response

HTTP/1.1 204 No Content

Server: nginx
Date: Thu, 16 Jan 2025 18:47:53 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://visualstudio.microsoft.com
Vary: Origin
Request-Context: appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81
POST

https://u.clarity.ms/collect

firefox.exe

Remote address:

4.227.249.197:443

Request

POST /collect HTTP/1.1
Host: u.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
Accept: application/x-clarity-gzip
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Length: 1495
Origin: https://visualstudio.microsoft.com
Connection: keep-alive
Referer: https://visualstudio.microsoft.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

Response

HTTP/1.1 204 No Content

Server: nginx
Date: Thu, 16 Jan 2025 18:47:59 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://visualstudio.microsoft.com
Vary: Origin
Request-Context: appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81
DNS

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com

firefox.exe

Remote address:

8.8.8.8:53

Request

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com

IN A

Response

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com

IN A

4.227.249.197
DNS

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com

firefox.exe

Remote address:

8.8.8.8:53

Request

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com

IN A
DNS

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com

firefox.exe

Remote address:

8.8.8.8:53

Request

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com

IN AAAA

Response
POST

https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&ext.intweb.msfpc=GUID%3D3ccacde58a524d66a67b210c2ffc16f2%26HASH%3D3cca%26LV%3D202501%26V%3D4%26LU%3D1737053251518&w=0

firefox.exe

Remote address:

52.182.143.208:443

Request

POST /OneCollector/1.0/?cors=true&content-type=application/x-json-stream&ext.intweb.msfpc=GUID%3D3ccacde58a524d66a67b210c2ffc16f2%26HASH%3D3cca%26LV%3D202501%26V%3D4%26LU%3D1737053251518&w=0 HTTP/2.0
host: browser.events.data.microsoft.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://visualstudio.microsoft.com/
client-id: NO_AUTH
client-version: 1DS-Web-JS-3.2.18
apikey: f194a55d6cb942d9b0e5b604e01b609b-8c663a24-3636-4cc5-a2bf-267a92b4ee4f-7662
upload-time: 1737053252066
time-delta-to-apply-millis: 1187
cache-control: no-cache, no-store
content-type: application/x-json-stream
content-length: 4023
origin: https://visualstudio.microsoft.com
cookie: MC1=GUID=3ccacde58a524d66a67b210c2ffc16f2&HASH=3cca&LV=202501&V=4&LU=1737053251518
cookie: MS0=33dedc871bdb4994973181b63e935963
sec-fetch-dest: empty
sec-fetch-mode: cors
sec-fetch-site: same-site
te: trailers

Response

HTTP/2.0 200

content-length: 24
content-type: application/json
server: Microsoft-HTTPAPI/2.0
strict-transport-security: max-age=31536000
time-delta-millis: 1173
access-control-allow-headers: time-delta-millis
access-control-allow-methods: POST
access-control-allow-credentials: true
access-control-allow-origin: https://visualstudio.microsoft.com
access-control-expose-headers: time-delta-millis
date: Thu, 16 Jan 2025 18:47:32 GMT
POST

https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&ext.intweb.msfpc=GUID%3D3ccacde58a524d66a67b210c2ffc16f2%26HASH%3D3cca%26LV%3D202501%26V%3D4%26LU%3D1737053251518&w=0

firefox.exe

Remote address:

52.182.143.208:443

Request

POST /OneCollector/1.0/?cors=true&content-type=application/x-json-stream&ext.intweb.msfpc=GUID%3D3ccacde58a524d66a67b210c2ffc16f2%26HASH%3D3cca%26LV%3D202501%26V%3D4%26LU%3D1737053251518&w=0 HTTP/2.0
host: browser.events.data.microsoft.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://visualstudio.microsoft.com/
client-id: NO_AUTH
client-version: 1DS-Web-JS-3.2.18
apikey: f194a55d6cb942d9b0e5b604e01b609b-8c663a24-3636-4cc5-a2bf-267a92b4ee4f-7662
upload-time: 1737053253069
time-delta-to-apply-millis: 1187
cache-control: no-cache, no-store
content-type: application/x-json-stream
content-length: 30799
origin: https://visualstudio.microsoft.com
cookie: MC1=GUID=3ccacde58a524d66a67b210c2ffc16f2&HASH=3cca&LV=202501&V=4&LU=1737053251518
cookie: MS0=33dedc871bdb4994973181b63e935963
sec-fetch-dest: empty
sec-fetch-mode: cors
sec-fetch-site: same-site
te: trailers

Response

HTTP/2.0 200

content-length: 24
content-type: application/json
server: Microsoft-HTTPAPI/2.0
strict-transport-security: max-age=31536000
time-delta-millis: 998
access-control-allow-headers: time-delta-millis
access-control-allow-methods: POST
access-control-allow-credentials: true
access-control-allow-origin: https://visualstudio.microsoft.com
access-control-expose-headers: time-delta-millis
date: Thu, 16 Jan 2025 18:47:33 GMT
POST

https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&ext.intweb.msfpc=GUID%3D3ccacde58a524d66a67b210c2ffc16f2%26HASH%3D3cca%26LV%3D202501%26V%3D4%26LU%3D1737053251518&w=0

firefox.exe

Remote address:

52.182.143.208:443

Request

POST /OneCollector/1.0/?cors=true&content-type=application/x-json-stream&ext.intweb.msfpc=GUID%3D3ccacde58a524d66a67b210c2ffc16f2%26HASH%3D3cca%26LV%3D202501%26V%3D4%26LU%3D1737053251518&w=0 HTTP/2.0
host: browser.events.data.microsoft.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://visualstudio.microsoft.com/
client-id: NO_AUTH
client-version: 1DS-Web-JS-3.2.18
apikey: b8ffe739c47a401190627519795ca4d2-044a8309-9d4b-430b-9d47-6e87775cbab6-6888
upload-time: 1737053253957
time-delta-to-apply-millis: use-collector-delta
cache-control: no-cache, no-store
content-type: application/x-json-stream
content-length: 24184
origin: https://visualstudio.microsoft.com
cookie: MC1=GUID=3ccacde58a524d66a67b210c2ffc16f2&HASH=3cca&LV=202501&V=4&LU=1737053251518
cookie: MS0=33dedc871bdb4994973181b63e935963
sec-fetch-dest: empty
sec-fetch-mode: cors
sec-fetch-site: same-site
te: trailers

Response

HTTP/2.0 200

content-length: 25
content-type: application/json
server: Microsoft-HTTPAPI/2.0
strict-transport-security: max-age=31536000
time-delta-millis: 1001
access-control-allow-headers: time-delta-millis
access-control-allow-methods: POST
access-control-allow-credentials: true
access-control-allow-origin: https://visualstudio.microsoft.com
access-control-expose-headers: time-delta-millis
date: Thu, 16 Jan 2025 18:47:34 GMT
POST

https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.2.18&apikey=f194a55d6cb942d9b0e5b604e01b609b-8c663a24-3636-4cc5-a2bf-267a92b4ee4f-7662&upload-time=1737053256028&ext.intweb.msfpc=GUID%3D3ccacde58a524d66a67b210c2ffc16f2%26HASH%3D3cca%26LV%3D202501%26V%3D4%26LU%3D1737053251518&time-delta-to-apply-millis=1187&w=0&NoResponseBody=true

firefox.exe

Remote address:

52.182.143.208:443

Request

POST /OneCollector/1.0/?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.2.18&apikey=f194a55d6cb942d9b0e5b604e01b609b-8c663a24-3636-4cc5-a2bf-267a92b4ee4f-7662&upload-time=1737053256028&ext.intweb.msfpc=GUID%3D3ccacde58a524d66a67b210c2ffc16f2%26HASH%3D3cca%26LV%3D202501%26V%3D4%26LU%3D1737053251518&time-delta-to-apply-millis=1187&w=0&NoResponseBody=true HTTP/2.0
host: browser.events.data.microsoft.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://visualstudio.microsoft.com/
content-type: text/plain;charset=UTF-8
content-length: 1968
origin: https://visualstudio.microsoft.com
cookie: MC1=GUID=3ccacde58a524d66a67b210c2ffc16f2&HASH=3cca&LV=202501&V=4&LU=1737053251518
cookie: MS0=33dedc871bdb4994973181b63e935963
sec-fetch-dest: empty
sec-fetch-mode: no-cors
sec-fetch-site: same-site
te: trailers

Response

HTTP/2.0 204

content-length: 0
server: Microsoft-HTTPAPI/2.0
strict-transport-security: max-age=31536000
time-delta-millis: 1008
access-control-allow-headers: time-delta-millis
access-control-allow-methods: POST
access-control-allow-credentials: true
access-control-allow-origin: https://visualstudio.microsoft.com
access-control-expose-headers: time-delta-millis
date: Thu, 16 Jan 2025 18:47:36 GMT
POST

https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.2.18&apikey=f194a55d6cb942d9b0e5b604e01b609b-8c663a24-3636-4cc5-a2bf-267a92b4ee4f-7662&upload-time=1737053256481&ext.intweb.msfpc=GUID%3D3ccacde58a524d66a67b210c2ffc16f2%26HASH%3D3cca%26LV%3D202501%26V%3D4%26LU%3D1737053251518&time-delta-to-apply-millis=1187&w=0&NoResponseBody=true

firefox.exe

Remote address:

52.182.143.208:443

Request

POST /OneCollector/1.0/?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.2.18&apikey=f194a55d6cb942d9b0e5b604e01b609b-8c663a24-3636-4cc5-a2bf-267a92b4ee4f-7662&upload-time=1737053256481&ext.intweb.msfpc=GUID%3D3ccacde58a524d66a67b210c2ffc16f2%26HASH%3D3cca%26LV%3D202501%26V%3D4%26LU%3D1737053251518&time-delta-to-apply-millis=1187&w=0&NoResponseBody=true HTTP/2.0
host: browser.events.data.microsoft.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://visualstudio.microsoft.com/
content-type: text/plain;charset=UTF-8
content-length: 1218
origin: https://visualstudio.microsoft.com
cookie: MC1=GUID=3ccacde58a524d66a67b210c2ffc16f2&HASH=3cca&LV=202501&V=4&LU=1737053251518
cookie: MS0=33dedc871bdb4994973181b63e935963
sec-fetch-dest: empty
sec-fetch-mode: no-cors
sec-fetch-site: same-site
te: trailers

Response

HTTP/2.0 204

content-length: 0
server: Microsoft-HTTPAPI/2.0
strict-transport-security: max-age=31536000
time-delta-millis: 1055
access-control-allow-headers: time-delta-millis
access-control-allow-methods: POST
access-control-allow-credentials: true
access-control-allow-origin: https://visualstudio.microsoft.com
access-control-expose-headers: time-delta-millis
date: Thu, 16 Jan 2025 18:47:36 GMT
POST

https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.2.18&apikey=f194a55d6cb942d9b0e5b604e01b609b-8c663a24-3636-4cc5-a2bf-267a92b4ee4f-7662&upload-time=1737053320799&ext.intweb.msfpc=GUID%3D3ccacde58a524d66a67b210c2ffc16f2%26HASH%3D3cca%26LV%3D202501%26V%3D4%26LU%3D1737053251518&time-delta-to-apply-millis=1187&w=0&NoResponseBody=true

firefox.exe

Remote address:

52.182.143.208:443

Request

POST /OneCollector/1.0/?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.2.18&apikey=f194a55d6cb942d9b0e5b604e01b609b-8c663a24-3636-4cc5-a2bf-267a92b4ee4f-7662&upload-time=1737053320799&ext.intweb.msfpc=GUID%3D3ccacde58a524d66a67b210c2ffc16f2%26HASH%3D3cca%26LV%3D202501%26V%3D4%26LU%3D1737053251518&time-delta-to-apply-millis=1187&w=0&NoResponseBody=true HTTP/2.0
host: browser.events.data.microsoft.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://visualstudio.microsoft.com/
content-type: text/plain;charset=UTF-8
content-length: 4288
origin: https://visualstudio.microsoft.com
cookie: MC1=GUID=3ccacde58a524d66a67b210c2ffc16f2&HASH=3cca&LV=202501&V=4&LU=1737053251518
cookie: MS0=33dedc871bdb4994973181b63e935963
sec-fetch-dest: empty
sec-fetch-mode: no-cors
sec-fetch-site: same-site
te: trailers

Response

HTTP/2.0 204

content-length: 0
server: Microsoft-HTTPAPI/2.0
strict-transport-security: max-age=31536000
time-delta-millis: 1022
access-control-allow-headers: time-delta-millis
access-control-allow-methods: POST
access-control-allow-credentials: true
access-control-allow-origin: https://visualstudio.microsoft.com
access-control-expose-headers: time-delta-millis
date: Thu, 16 Jan 2025 18:48:41 GMT
DNS

197.249.227.4.in-addr.arpa

Remote address:

8.8.8.8:53

Request

197.249.227.4.in-addr.arpa

IN PTR

Response
DNS

app.vssps.visualstudio.com

firefox.exe

Remote address:

8.8.8.8:53

Request

app.vssps.visualstudio.com

IN A

Response

app.vssps.visualstudio.com

IN CNAME

vssps-visualstudio-com.l-0009.l-msedge.net

vssps-visualstudio-com.l-0009.l-msedge.net

IN CNAME

l-0009.l-msedge.net

l-0009.l-msedge.net

IN A

13.107.42.18
GET

https://app.vssps.visualstudio.com/_apis/profile/profiles/me?_=1737053248568

firefox.exe

Remote address:

13.107.42.18:443

Request

GET /_apis/profile/profiles/me?_=1737053248568 HTTP/2.0
host: app.vssps.visualstudio.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
origin: https://visualstudio.microsoft.com
referer: https://visualstudio.microsoft.com/
sec-fetch-dest: empty
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 302

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-length: 589
content-type: text/html; charset=utf-8
expires: -1
location: https://app.vssps.visualstudio.com/_signin?realm=app.vssps.visualstudio.com&reply_to=https%3A%2F%2Fapp.vssps.visualstudio.com%2F_apis%2Fprofile%2Fprofiles%2Fme%3F_%3D1737053248568&redirect=1&context=eyJodCI6MywiaGlkIjoiYTVjYTM1ZWItMTQ4ZS00Y2NkLWJiYjMtZDMxNTc2ZDc1OTU4IiwicXMiOnt9LCJyciI6IiIsInZoIjoiIiwiY3YiOiIiLCJjcyI6IiJ90#ctx=eyJTaWduSW5Db29raWVEb21haW5zIjpbImh0dHBzOi8vbG9naW4ubWljcm9zb2Z0b25saW5lLmNvbSIsImh0dHBzOi8vbG9naW4ubWljcm9zb2Z0b25saW5lLmNvbSJdfQ2
p3p: CP="CAO DSP COR ADMa DEV CONo TELo CUR PSA PSD TAI IVDo OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR LOC CNT"
set-cookie: VstsSession=%7B%22PersistentSessionId%22%3A%2274fe6182-042a-41c9-b9d5-999f6bcf4daa%22%2C%22PendingAuthenticationSessionId%22%3A%2200000000-0000-0000-0000-000000000000%22%2C%22CurrentAuthenticationSessionId%22%3A%2200000000-0000-0000-0000-000000000000%22%2C%22SignInState%22%3A%7B%7D%7D;SameSite=None; domain=.visualstudio.com; expires=Fri, 16-Jan-2026 18:47:32 GMT; path=/; secure; HttpOnly
www-authenticate: Basic realm="https://app.vssps.visualstudio.com/"
www-authenticate: Bearer
x-tfs-processid: e09bc306-ca4e-475a-ad9f-d8b0b956d691
strict-transport-security: max-age=31536000; includeSubDomains
activityid: 74cd16c2-1fdc-4f58-b015-e8d12973d4e0
x-tfs-session: 74cd16c2-1fdc-4f58-b015-e8d12973d4e0
x-vss-e2eid: 74cd16c2-1fdc-4f58-b015-e8d12973d4e0
x-vss-senderdeploymentid: a5ca35eb-148e-4ccd-bbb3-d31576d75958
access-control-allow-origin: https://visualstudio.microsoft.com
access-control-max-age: 3600
access-control-allow-methods: OPTIONS,GET,POST,PATCH,PUT,DELETE
access-control-expose-headers: ActivityId,X-TFS-Session,X-MS-ContinuationToken,X-VSS-GlobalMessage,ETag
access-control-allow-credentials: true
access-control-allow-headers: authorization
x-frame-options: SAMEORIGIN
x-tfs-fedauthrealm: https://app.vssps.visualstudio.com/
x-tfs-fedauthissuer: https://tfsprodch1acs01.accesscontrol.windows.net/v2/wsfederation
x-vss-authorizationendpoint: https://app.vssps.visualstudio.com/
x-vss-resourcetenant: 00000000-0000-0000-0000-000000000000
x-vss-s2stargetservice: 00000001-0000-8888-8000-000000000000/visualstudio.com
request-context: appId=cid-v1:20b3930f-73dc-453a-b660-e3891d782eef
access-control-expose-headers: Request-Context
x-content-type-options: nosniff
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: B8412043ACBD42DB952220722AEE994A Ref B: LON04EDGE1207 Ref C: 2025-01-16T18:47:32Z
date: Thu, 16 Jan 2025 18:47:32 GMT
GET

https://app.vssps.visualstudio.com/_signin?realm=app.vssps.visualstudio.com&reply_to=https%3A%2F%2Fapp.vssps.visualstudio.com%2F_apis%2Fprofile%2Fprofiles%2Fme%3F_%3D1737053248568&redirect=1&context=eyJodCI6MywiaGlkIjoiYTVjYTM1ZWItMTQ4ZS00Y2NkLWJiYjMtZDMxNTc2ZDc1OTU4IiwicXMiOnt9LCJyciI6IiIsInZoIjoiIiwiY3YiOiIiLCJjcyI6IiJ90

firefox.exe

Remote address:

13.107.42.18:443

Request

GET /_signin?realm=app.vssps.visualstudio.com&reply_to=https%3A%2F%2Fapp.vssps.visualstudio.com%2F_apis%2Fprofile%2Fprofiles%2Fme%3F_%3D1737053248568&redirect=1&context=eyJodCI6MywiaGlkIjoiYTVjYTM1ZWItMTQ4ZS00Y2NkLWJiYjMtZDMxNTc2ZDc1OTU4IiwicXMiOnt9LCJyciI6IiIsInZoIjoiIiwiY3YiOiIiLCJjcyI6IiJ90 HTTP/2.0
host: app.vssps.visualstudio.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
origin: https://visualstudio.microsoft.com
referer: https://visualstudio.microsoft.com/
cookie: VstsSession=%7B%22PersistentSessionId%22%3A%2274fe6182-042a-41c9-b9d5-999f6bcf4daa%22%2C%22PendingAuthenticationSessionId%22%3A%2200000000-0000-0000-0000-000000000000%22%2C%22CurrentAuthenticationSessionId%22%3A%2200000000-0000-0000-0000-000000000000%22%2C%22SignInState%22%3A%7B%7D%7D
sec-fetch-dest: empty
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 203

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-length: 15511
content-type: text/html; charset=utf-8
expires: -1
p3p: CP="CAO DSP COR ADMa DEV CONo TELo CUR PSA PSD TAI IVDo OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR LOC CNT"
set-cookie: VstsSession=%7B%22PersistentSessionId%22%3A%2274fe6182-042a-41c9-b9d5-999f6bcf4daa%22%2C%22PendingAuthenticationSessionId%22%3A%22de876965-a983-4c93-9293-0a32db101fd5%22%2C%22CurrentAuthenticationSessionId%22%3A%2200000000-0000-0000-0000-000000000000%22%2C%22SignInState%22%3A%7B%22app.vssps.visualstudio.com%22%3A%7B%22LastSignInTick%22%3A638726500528196468%2C%22SignInCount%22%3A1%7D%7D%7D;SameSite=None; domain=.visualstudio.com; expires=Fri, 16-Jan-2026 18:47:32 GMT; path=/; secure; HttpOnly
set-cookie: __RequestVerificationToken=WI3zrBX5Zo0hrSQP-QcsTjpqy1GwkMu0-fhgwQARyzZIzNd8jrVzPx8uhvI_gd7dcAL0k8-ZN4omSVL052N0nF28lgxwGIAkkBDco64PWzw1;SameSite=None; path=/; secure; HttpOnly
set-cookie: __RequestVerificationToken289cdf962-115c-468b-90e4-c34703f8e368=WI3zrBX5Zo0hrSQP-QcsTjpqy1GwkMu0-fhgwQARyzZIzNd8jrVzPx8uhvI_gd7dcAL0k8-ZN4omSVL052N0nF28lgxwGIAkkBDco64PWzw1;SameSite=None; path=/; secure; HttpOnly
x-tfs-processid: e09bc306-ca4e-475a-ad9f-d8b0b956d691
strict-transport-security: max-age=31536000; includeSubDomains
activityid: 74cd16fa-1fdc-4f58-b015-e8d12973d4e0
x-tfs-session: 74cd16fa-1fdc-4f58-b015-e8d12973d4e0
x-vss-e2eid: 74cd16fa-1fdc-4f58-b015-e8d12973d4e0
x-vss-senderdeploymentid: a5ca35eb-148e-4ccd-bbb3-d31576d75958
access-control-allow-origin: https://visualstudio.microsoft.com
access-control-max-age: 3600
access-control-allow-methods: OPTIONS,GET,POST,PATCH,PUT,DELETE
access-control-expose-headers: ActivityId,X-TFS-Session,X-MS-ContinuationToken,X-VSS-GlobalMessage,ETag
access-control-allow-credentials: true
access-control-allow-headers: authorization
x-tfs-location: /_signin?realm=app.vssps.visualstudio.com&reply_to=https%3A%2F%2Fapp.vssps.visualstudio.com%2F_apis%2Fprofile%2Fprofiles%2Fme%3F_%3D1737053248568&redirect=1&context=eyJodCI6MywiaGlkIjoiYTVjYTM1ZWItMTQ4ZS00Y2NkLWJiYjMtZDMxNTc2ZDc1OTU4IiwicXMiOnt9LCJyciI6IiIsInZoIjoiIiwiY3YiOiIiLCJjcyI6IiJ90
x-frame-options: SAMEORIGIN
request-context: appId=cid-v1:20b3930f-73dc-453a-b660-e3891d782eef
access-control-expose-headers: Request-Context
x-content-type-options: nosniff
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 2C81EF89F2834A8281AB435639BF14EB Ref B: LON04EDGE1207 Ref C: 2025-01-16T18:47:32Z
date: Thu, 16 Jan 2025 18:47:32 GMT
DNS

l-0009.l-msedge.net

firefox.exe

Remote address:

8.8.8.8:53

Request

l-0009.l-msedge.net

IN A

Response

l-0009.l-msedge.net

IN A

13.107.42.18
DNS

l-0009.l-msedge.net

firefox.exe

Remote address:

8.8.8.8:53

Request

l-0009.l-msedge.net

IN AAAA

Response

l-0009.l-msedge.net

IN AAAA

2620:1ec:21::18
DNS

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com

firefox.exe

Remote address:

8.8.8.8:53

Request

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com

IN A

Response

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com

IN A

4.227.249.197
DNS

devblogs.microsoft.com

firefox.exe

Remote address:

8.8.8.8:53

Request

devblogs.microsoft.com

IN A

Response

devblogs.microsoft.com

IN CNAME

devblogs.microsoft.com.edgekey.net

devblogs.microsoft.com.edgekey.net

IN CNAME

devblogs.microsoft.com.edgekey.net.globalredir.akadns.net

devblogs.microsoft.com.edgekey.net.globalredir.akadns.net

IN CNAME

e12062.dscb.akamaiedge.net

e12062.dscb.akamaiedge.net

IN A

2.22.138.112
DNS

browser.events.data.microsoft.com

msedge.exe

Remote address:

8.8.8.8:53

Request

browser.events.data.microsoft.com

IN A

Response

browser.events.data.microsoft.com

IN CNAME

browser.events.data.trafficmanager.net

browser.events.data.trafficmanager.net

IN CNAME

onedscolprdeus07.eastus.cloudapp.azure.com

onedscolprdeus07.eastus.cloudapp.azure.com

IN A

52.168.117.168
GET

https://devblogs.microsoft.com/visualstudio/wp-content/uploads/sites/4/2022/11/IMG_1377-96x96.jpg

firefox.exe

Remote address:

2.22.138.112:443

Request

GET /visualstudio/wp-content/uploads/sites/4/2022/11/IMG_1377-96x96.jpg HTTP/2.0
host: devblogs.microsoft.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: image/avif,image/webp,*/*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://visualstudio.microsoft.com/
cookie: MC1=GUID=3ccacde58a524d66a67b210c2ffc16f2&HASH=3cca&LV=202501&V=4&LU=1737053251518
cookie: MS0=33dedc871bdb4994973181b63e935963
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: same-site
te: trailers

Response

HTTP/2.0 200

server: nginx
content-type: image/jpeg
content-length: 1839
last-modified: Wed, 10 May 2023 22:38:27 GMT
etag: "645c1ce3-72f"
access-control-allow-origin: *
accept-ranges: bytes
cache-control: public, max-age=31531913
date: Thu, 16 Jan 2025 18:47:33 GMT
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; fullscreen 'self'; payment 'none'
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https:
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
GET

https://devblogs.microsoft.com/visualstudio/wp-content/uploads/sites/4/2021/09/62749798106__ECECFB6D-BD1F-4F2C-8B81-B273B5F1EA3B-96x96.jpg

firefox.exe

Remote address:

2.22.138.112:443

Request

GET /visualstudio/wp-content/uploads/sites/4/2021/09/62749798106__ECECFB6D-BD1F-4F2C-8B81-B273B5F1EA3B-96x96.jpg HTTP/2.0
host: devblogs.microsoft.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: image/avif,image/webp,*/*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://visualstudio.microsoft.com/
cookie: MC1=GUID=3ccacde58a524d66a67b210c2ffc16f2&HASH=3cca&LV=202501&V=4&LU=1737053251518
cookie: MS0=33dedc871bdb4994973181b63e935963
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: same-site
te: trailers

Response

HTTP/2.0 200

server: nginx
content-type: image/jpeg
content-length: 2542
last-modified: Tue, 21 Jun 2022 15:19:22 GMT
etag: "62b1e17a-9ee"
x-wpe-request-id: 6b25b7acad71b12156130b75ee564322
access-control-allow-origin: *
accept-ranges: bytes
cache-control: public, max-age=31531938
date: Thu, 16 Jan 2025 18:47:33 GMT
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; fullscreen 'self'; payment 'none'
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https:
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
GET

https://devblogs.microsoft.com/visualstudio/wp-content/themes/devblogs-evo/images/group-icon.png

firefox.exe

Remote address:

2.22.138.112:443

Request

GET /visualstudio/wp-content/themes/devblogs-evo/images/group-icon.png HTTP/2.0
host: devblogs.microsoft.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: image/avif,image/webp,*/*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://visualstudio.microsoft.com/
cookie: MC1=GUID=3ccacde58a524d66a67b210c2ffc16f2&HASH=3cca&LV=202501&V=4&LU=1737053251518
cookie: MS0=33dedc871bdb4994973181b63e935963
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: same-site
te: trailers

Response

HTTP/2.0 200

server: nginx
content-type: image/jpeg
content-length: 3430
last-modified: Tue, 19 Dec 2023 18:39:35 GMT
etag: "6581e367-d66"
access-control-allow-origin: *
accept-ranges: bytes
cache-control: public, max-age=31531985
date: Thu, 16 Jan 2025 18:47:33 GMT
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; fullscreen 'self'; payment 'none'
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https:
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
GET

https://devblogs.microsoft.com/visualstudio/wp-content/uploads/sites/4/2023/12/Mryam-96x96.jpg

firefox.exe

Remote address:

2.22.138.112:443

Request

GET /visualstudio/wp-content/uploads/sites/4/2023/12/Mryam-96x96.jpg HTTP/2.0
host: devblogs.microsoft.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: image/avif,image/webp,*/*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://visualstudio.microsoft.com/
cookie: MC1=GUID=3ccacde58a524d66a67b210c2ffc16f2&HASH=3cca&LV=202501&V=4&LU=1737053251518
cookie: MS0=33dedc871bdb4994973181b63e935963
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: same-site
te: trailers

Response

HTTP/2.0 404

server: nginx
content-type: text/html; charset=UTF-8
x-powered-by: WP Engine
access-control-allow-origin: https://dev.quantum.microsoft.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Content-Type, Authorization
link: <https://devblogs.microsoft.com/wp-json/>; rel="https://api.w.org/"
x-cacheable: CacheAlways: forever
x-xss-protection: 1; mode=block
content-encoding: gzip
content-length: 28943
cache-control: must-revalidate, max-age=600
expires: Thu, 16 Jan 2025 18:57:33 GMT
date: Thu, 16 Jan 2025 18:47:33 GMT
vary: Accept-Encoding
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; fullscreen 'self'; payment 'none'
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https:
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
DNS

e12062.dscb.akamaiedge.net

firefox.exe

Remote address:

8.8.8.8:53

Request

e12062.dscb.akamaiedge.net

IN A

Response

e12062.dscb.akamaiedge.net

IN A

2.22.138.112
DNS

onedscolprdeus07.eastus.cloudapp.azure.com

firefox.exe

Remote address:

8.8.8.8:53

Request

onedscolprdeus07.eastus.cloudapp.azure.com

IN A

Response

onedscolprdeus07.eastus.cloudapp.azure.com

IN A

52.168.117.168
DNS

e12062.dscb.akamaiedge.net

firefox.exe

Remote address:

8.8.8.8:53

Request

e12062.dscb.akamaiedge.net

IN AAAA

Response

e12062.dscb.akamaiedge.net

IN AAAA

2a02:26f0:5900:48c::2f1e

e12062.dscb.akamaiedge.net

IN AAAA

2a02:26f0:5900:4bb::2f1e
DNS

onedscolprdeus07.eastus.cloudapp.azure.com

firefox.exe

Remote address:

8.8.8.8:53

Request

onedscolprdeus07.eastus.cloudapp.azure.com

IN AAAA

Response
DNS

www.tm.v4.a.prd.aadg.akadns.net

firefox.exe

Remote address:

8.8.8.8:53

Request

www.tm.v4.a.prd.aadg.akadns.net

IN A

Response

www.tm.v4.a.prd.aadg.akadns.net

IN A

40.126.32.68

www.tm.v4.a.prd.aadg.akadns.net

IN A

20.190.160.14

www.tm.v4.a.prd.aadg.akadns.net

IN A

20.190.160.17

www.tm.v4.a.prd.aadg.akadns.net

IN A

40.126.32.72

www.tm.v4.a.prd.aadg.akadns.net

IN A

40.126.32.74

www.tm.v4.a.prd.aadg.akadns.net

IN A

40.126.32.76

www.tm.v4.a.prd.aadg.akadns.net

IN A

40.126.32.138

www.tm.v4.a.prd.aadg.akadns.net

IN A

20.190.160.20
DNS

www.tm.v4.a.prd.aadg.akadns.net

firefox.exe

Remote address:

8.8.8.8:53

Request

www.tm.v4.a.prd.aadg.akadns.net

IN AAAA

Response
DNS

112.138.22.2.in-addr.arpa

Remote address:

8.8.8.8:53

Request

112.138.22.2.in-addr.arpa

IN PTR

Response

112.138.22.2.in-addr.arpa

IN PTR

a2-22-138-112deploystaticakamaitechnologiescom
DNS

134.32.126.40.in-addr.arpa

Remote address:

8.8.8.8:53

Request

134.32.126.40.in-addr.arpa

IN PTR

Response
DNS

acctcdn.msauth.net

firefox.exe

Remote address:

8.8.8.8:53

Request

acctcdn.msauth.net

IN A

Response

acctcdn.msauth.net

IN CNAME

acctcdnmsftuswe2.azureedge.net

acctcdnmsftuswe2.azureedge.net

IN CNAME

acctcdnmsftuswe2.afd.azureedge.net

acctcdnmsftuswe2.afd.azureedge.net

IN CNAME

firstparty-azurefd-prod.trafficmanager.net

firstparty-azurefd-prod.trafficmanager.net

IN CNAME

shed.dual-low.s-part-0036.t-0009.t-msedge.net

shed.dual-low.s-part-0036.t-0009.t-msedge.net

IN CNAME

s-part-0036.t-0009.t-msedge.net

s-part-0036.t-0009.t-msedge.net

IN A

13.107.246.64
DNS

browser.events.data.microsoft.com

msedge.exe

Remote address:

8.8.8.8:53

Request

browser.events.data.microsoft.com

IN A

Response

browser.events.data.microsoft.com

IN CNAME

browser.events.data.trafficmanager.net

browser.events.data.trafficmanager.net

IN CNAME

onedscolprdwus09.westus.cloudapp.azure.com

onedscolprdwus09.westus.cloudapp.azure.com

IN A

20.189.173.10
DNS

onedscolprdwus09.westus.cloudapp.azure.com

firefox.exe

Remote address:

8.8.8.8:53

Request

onedscolprdwus09.westus.cloudapp.azure.com

IN A

Response

onedscolprdwus09.westus.cloudapp.azure.com

IN A

20.189.173.10
DNS

onedscolprdwus09.westus.cloudapp.azure.com

firefox.exe

Remote address:

8.8.8.8:53

Request

onedscolprdwus09.westus.cloudapp.azure.com

IN AAAA

Response
DNS

browser.events.data.microsoft.com

msedge.exe

Remote address:

8.8.8.8:53

Request

browser.events.data.microsoft.com

IN A

Response

browser.events.data.microsoft.com

IN CNAME

browser.events.data.trafficmanager.net

browser.events.data.trafficmanager.net

IN CNAME

onedscolprdweu14.westeurope.cloudapp.azure.com

onedscolprdweu14.westeurope.cloudapp.azure.com

IN A

52.178.17.235
DNS

code.visualstudio.com

firefox.exe

Remote address:

8.8.8.8:53

Request

code.visualstudio.com

IN A

Response

code.visualstudio.com

IN CNAME

afd-vscode-site-fd-prod-dvgdfjcmaka5a3fq.z01.azurefd.net

afd-vscode-site-fd-prod-dvgdfjcmaka5a3fq.z01.azurefd.net

IN CNAME

star-azurefd-prod.trafficmanager.net

star-azurefd-prod.trafficmanager.net

IN CNAME

shed.dual-low.s-part-0036.t-0009.t-msedge.net

shed.dual-low.s-part-0036.t-0009.t-msedge.net

IN CNAME

s-part-0036.t-0009.t-msedge.net

s-part-0036.t-0009.t-msedge.net

IN A

13.107.246.64
DNS

code.visualstudio.com

firefox.exe

Remote address:

8.8.8.8:53

Request

code.visualstudio.com

IN A

Response

code.visualstudio.com

IN CNAME

afd-vscode-site-fd-prod-dvgdfjcmaka5a3fq.z01.azurefd.net

afd-vscode-site-fd-prod-dvgdfjcmaka5a3fq.z01.azurefd.net

IN CNAME

star-azurefd-prod.trafficmanager.net

star-azurefd-prod.trafficmanager.net

IN CNAME

shed.dual-low.s-part-0036.t-0009.t-msedge.net

shed.dual-low.s-part-0036.t-0009.t-msedge.net

IN CNAME

s-part-0036.t-0009.t-msedge.net

s-part-0036.t-0009.t-msedge.net

IN A

13.107.246.64
DNS

onedscolprdweu14.westeurope.cloudapp.azure.com

firefox.exe

Remote address:

8.8.8.8:53

Request

onedscolprdweu14.westeurope.cloudapp.azure.com

IN A

Response

onedscolprdweu14.westeurope.cloudapp.azure.com

IN A

52.178.17.235
DNS

onedscolprdweu14.westeurope.cloudapp.azure.com

firefox.exe

Remote address:

8.8.8.8:53

Request

onedscolprdweu14.westeurope.cloudapp.azure.com

IN AAAA

Response
DNS

consentdeliveryfd.azurefd.net

firefox.exe

Remote address:

8.8.8.8:53

Request

consentdeliveryfd.azurefd.net

IN A

Response

consentdeliveryfd.azurefd.net

IN CNAME

firstparty-azurefd-prod.trafficmanager.net

firstparty-azurefd-prod.trafficmanager.net

IN CNAME

shed.dual-low.s-part-0036.t-0009.t-msedge.net

shed.dual-low.s-part-0036.t-0009.t-msedge.net

IN CNAME

s-part-0036.t-0009.t-msedge.net

s-part-0036.t-0009.t-msedge.net

IN A

13.107.246.64
GET

https://www.microsoft.com/en-us/videoplayer/embed/RE4M6Vx

firefox.exe

Remote address:

95.100.245.144:443

Request

GET /en-us/videoplayer/embed/RE4M6Vx HTTP/2.0
host: www.microsoft.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://code.visualstudio.com/
upgrade-insecure-requests: 1
sec-fetch-dest: iframe
sec-fetch-mode: navigate
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

content-type: text/html
content-md5: ouKqo2PK9UFYqcMHsTS91g==
last-modified: Tue, 03 Sep 2024 16:44:33 GMT
etag: 0x8DCCC37B03FB878
x-ms-request-id: 41223aa0-a01e-0070-398b-2894b6000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
vary: Accept-Encoding
content-encoding: gzip
date: Thu, 16 Jan 2025 18:47:37 GMT
content-length: 2378
tls_version: tls1.3
strict-transport-security: max-age=31536000
ms-cv: CASMicrosoftCV19cb6727.0
ms-cv-esi: CASMicrosoftCV19cb6727.0
set-cookie: akacd_OneRF=1744829257~rv=44~id=c9a1cd44f9564d40c7de2fc2887e3a59; path=/; Expires=Wed, 16 Apr 2025 18:47:37 GMT; Secure; SameSite=None
x-rtag: VP_PROD
GET

https://www.microsoft.com/videoplayer/lib/mwf/mwfmdl2-v3.54.woff2

firefox.exe

Remote address:

95.100.245.144:443

Request

GET /videoplayer/lib/mwf/mwfmdl2-v3.54.woff2 HTTP/2.0
host: www.microsoft.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://www.microsoft.com/en-us/videoplayer/embed/RE4M6Vx
cookie: akacd_OneRF=1744829257~rv=44~id=c9a1cd44f9564d40c7de2fc2887e3a59
sec-fetch-dest: font
sec-fetch-mode: cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

content-type: application/javascript
content-md5: 2QWbm9pD3EM+kqfv4KhP0Q==
last-modified: Thu, 12 Dec 2024 00:22:19 GMT
etag: 0x8DD1A430A545771
x-ms-request-id: 7e423bce-b01e-00b5-25fb-6053cd000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
vary: Accept-Encoding
content-encoding: gzip
date: Thu, 16 Jan 2025 18:47:38 GMT
content-length: 11392
tls_version: tls1.3
strict-transport-security: max-age=31536000
ms-cv: CASMicrosoftCV19cb67ff.0
ms-cv-esi: CASMicrosoftCV19cb67ff.0
x-rtag: VP_PROD
GET

https://www.microsoft.com/videoplayer/lib/mwf/slider.css

firefox.exe

Remote address:

95.100.245.144:443

Request

GET /videoplayer/lib/mwf/slider.css HTTP/2.0
host: www.microsoft.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: text/css,*/*;q=0.1
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://www.microsoft.com/en-us/videoplayer/embed/RE4M6Vx
cookie: akacd_OneRF=1744829257~rv=44~id=c9a1cd44f9564d40c7de2fc2887e3a59
sec-fetch-dest: style
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

content-type: text/css
content-md5: s3mPNUr4gfjB6LNacJrySg==
last-modified: Thu, 12 Dec 2024 00:22:27 GMT
etag: 0x8DD1A430F06F04D
x-ms-request-id: a92c9265-b01e-00c7-601a-685482000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
vary: Accept-Encoding
content-encoding: gzip
date: Thu, 16 Jan 2025 18:47:38 GMT
content-length: 26788
tls_version: tls1.3
strict-transport-security: max-age=31536000
ms-cv: CASMicrosoftCV19cb67f5.0
ms-cv-esi: CASMicrosoftCV19cb67f5.0
x-rtag: VP_PROD
GET

https://www.microsoft.com/videoplayer/lib/onerfstatics/default-theme.css

firefox.exe

Remote address:

95.100.245.144:443

Request

GET /videoplayer/lib/onerfstatics/default-theme.css HTTP/2.0
host: www.microsoft.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: text/css,*/*;q=0.1
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://www.microsoft.com/en-us/videoplayer/embed/RE4M6Vx
cookie: akacd_OneRF=1744829257~rv=44~id=c9a1cd44f9564d40c7de2fc2887e3a59
sec-fetch-dest: style
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

content-type: text/css
content-md5: en6abKfReABqk3pRD/oEiw==
last-modified: Thu, 12 Dec 2024 00:22:27 GMT
etag: 0x8DD1A430F0BA5EE
x-ms-request-id: da35d4a2-601e-00ac-324a-633333000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
vary: Accept-Encoding
content-encoding: gzip
date: Thu, 16 Jan 2025 18:47:38 GMT
content-length: 4721
tls_version: tls1.3
strict-transport-security: max-age=31536000
ms-cv: CASMicrosoftCV19cb67f9.0
ms-cv-esi: CASMicrosoftCV19cb67f9.0
x-rtag: VP_PROD
GET

https://www.microsoft.com/videoplayer/lib/css/index.css

firefox.exe

Remote address:

95.100.245.144:443

Request

GET /videoplayer/lib/css/index.css HTTP/2.0
host: www.microsoft.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: text/css,*/*;q=0.1
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://www.microsoft.com/en-us/videoplayer/embed/RE4M6Vx
cookie: akacd_OneRF=1744829257~rv=44~id=c9a1cd44f9564d40c7de2fc2887e3a59
sec-fetch-dest: style
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

content-type: application/javascript
content-md5: AsDxqsVT4nf6PCpC720jow==
last-modified: Thu, 12 Dec 2024 00:22:19 GMT
etag: 0x8DD1A430A5933F2
x-ms-request-id: b288ec64-301e-006a-409e-5df8b2000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
vary: Accept-Encoding
content-encoding: gzip
date: Thu, 16 Jan 2025 18:47:38 GMT
content-length: 9493
tls_version: tls1.3
strict-transport-security: max-age=31536000
ms-cv: CASMicrosoftCV19cb6804.0
ms-cv-esi: CASMicrosoftCV19cb6804.0
x-rtag: VP_PROD
GET

https://www.microsoft.com/videoplayer/lib/js/index.js

firefox.exe

Remote address:

95.100.245.144:443

Request

GET /videoplayer/lib/js/index.js HTTP/2.0
host: www.microsoft.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://www.microsoft.com/en-us/videoplayer/embed/RE4M6Vx
cookie: akacd_OneRF=1744829257~rv=44~id=c9a1cd44f9564d40c7de2fc2887e3a59
sec-fetch-dest: script
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

content-type: text/css
content-md5: Qx2IBKe6KsCZOpGWTxnIkA==
last-modified: Thu, 12 Dec 2024 00:22:16 GMT
etag: 0x8DD1A43086F69D4
x-ms-request-id: 4cd21df5-401e-0045-1069-63153c000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
vary: Accept-Encoding
content-encoding: gzip
date: Thu, 16 Jan 2025 18:47:38 GMT
content-length: 3189
tls_version: tls1.3
strict-transport-security: max-age=31536000
ms-cv: CASMicrosoftCV19cb67fd.0
ms-cv-esi: CASMicrosoftCV19cb67fd.0
x-rtag: VP_PROD
GET

https://www.microsoft.com/videoplayer/lib/js/page-bi-tags.js

firefox.exe

Remote address:

95.100.245.144:443

Request

GET /videoplayer/lib/js/page-bi-tags.js HTTP/2.0
host: www.microsoft.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://www.microsoft.com/en-us/videoplayer/embed/RE4M6Vx
cookie: akacd_OneRF=1744829257~rv=44~id=c9a1cd44f9564d40c7de2fc2887e3a59
sec-fetch-dest: script
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

content-type: application/javascript
content-md5: xai3kzuO/9Su9z/7nskVPQ==
last-modified: Thu, 12 Dec 2024 00:22:19 GMT
etag: 0x8DD1A430A5B7B4F
x-ms-request-id: 56ec41cc-e01e-008d-7356-631748000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
vary: Accept-Encoding
content-encoding: gzip
date: Thu, 16 Jan 2025 18:47:38 GMT
content-length: 15987
tls_version: tls1.3
strict-transport-security: max-age=31536000
ms-cv: CASMicrosoftCV19cb6803.0
ms-cv-esi: CASMicrosoftCV19cb6803.0
x-rtag: VP_PROD
GET

https://www.microsoft.com/videoplayer/lib/js/load-script.js

firefox.exe

Remote address:

95.100.245.144:443

Request

GET /videoplayer/lib/js/load-script.js HTTP/2.0
host: www.microsoft.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://www.microsoft.com/en-us/videoplayer/embed/RE4M6Vx
cookie: akacd_OneRF=1744829257~rv=44~id=c9a1cd44f9564d40c7de2fc2887e3a59
sec-fetch-dest: script
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

content-type: application/javascript
content-md5: m62B0OU+14GMKimhAuxujQ==
last-modified: Thu, 12 Dec 2024 00:22:27 GMT
etag: 0x8DD1A430F153817
x-ms-request-id: 158da2de-f01e-00cc-4666-4c4fac000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
x-edgeconnect-midmile-rtt: 9
x-edgeconnect-origin-mex-latency: 591
vary: Accept-Encoding
content-encoding: gzip
date: Thu, 16 Jan 2025 18:47:38 GMT
content-length: 50047
tls_version: tls1.3
strict-transport-security: max-age=31536000
ms-cv: CASMicrosoftCV19cb6813.0
ms-cv-esi: CASMicrosoftCV19cb6813.0
x-rtag: VP_PROD
GET

https://www.microsoft.com/videoplayer/lib/js/require.js

firefox.exe

Remote address:

95.100.245.144:443

Request

GET /videoplayer/lib/js/require.js HTTP/2.0
host: www.microsoft.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://www.microsoft.com/en-us/videoplayer/embed/RE4M6Vx
cookie: akacd_OneRF=1744829257~rv=44~id=c9a1cd44f9564d40c7de2fc2887e3a59
sec-fetch-dest: script
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

content-type: application/javascript
content-md5: TkaJTxiV8t1KCeqaNy0vwA==
last-modified: Thu, 12 Dec 2024 00:22:27 GMT
etag: 0x8DD1A430F120758
x-ms-request-id: c038bde4-f01e-00f3-243a-68870f000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
vary: Accept-Encoding
content-encoding: gzip
date: Thu, 16 Jan 2025 18:47:38 GMT
content-length: 108483
tls_version: tls1.3
strict-transport-security: max-age=31536000
ms-cv: CASMicrosoftCV19cb6815.0
ms-cv-esi: CASMicrosoftCV19cb6815.0
x-rtag: VP_PROD
GET

https://www.microsoft.com/videoplayer/lib/onerfstatics/onerfjquery-3.5.1.js

firefox.exe

Remote address:

95.100.245.144:443

Request

GET /videoplayer/lib/onerfstatics/onerfjquery-3.5.1.js HTTP/2.0
host: www.microsoft.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://www.microsoft.com/en-us/videoplayer/embed/RE4M6Vx
cookie: akacd_OneRF=1744829257~rv=44~id=c9a1cd44f9564d40c7de2fc2887e3a59
sec-fetch-dest: script
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

content-type: application/javascript
content-md5: IB7CaQ+7g9WImfRLrMCd7A==
last-modified: Thu, 12 Dec 2024 00:22:27 GMT
etag: 0x8DD1A430F098569
x-ms-request-id: 98361e2c-901e-00da-3621-68b97b000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
vary: Accept-Encoding
content-encoding: gzip
date: Thu, 16 Jan 2025 18:47:38 GMT
content-length: 28316
tls_version: tls1.3
strict-transport-security: max-age=31536000
ms-cv: CASMicrosoftCV19cb6817.0
ms-cv-esi: CASMicrosoftCV19cb6817.0
x-rtag: VP_PROD
GET

https://www.microsoft.com/videoplayer/lib/mscc/wcp-consent.js

firefox.exe

Remote address:

95.100.245.144:443

Request

GET /videoplayer/lib/mscc/wcp-consent.js HTTP/2.0
host: www.microsoft.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://www.microsoft.com/en-us/videoplayer/embed/RE4M6Vx
cookie: akacd_OneRF=1744829257~rv=44~id=c9a1cd44f9564d40c7de2fc2887e3a59
sec-fetch-dest: script
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

content-type: application/javascript
content-md5: kB8oKhV9MGOwVdSIwxBuuw==
last-modified: Thu, 12 Dec 2024 00:22:27 GMT
etag: 0x8DD1A430F00B5C1
x-ms-request-id: b64389f9-e01e-0056-201a-68d175000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
vary: Accept-Encoding
content-encoding: gzip
date: Thu, 16 Jan 2025 18:47:38 GMT
content-length: 28406
tls_version: tls1.3
strict-transport-security: max-age=31536000
ms-cv: CASMicrosoftCV19cb6814.0
ms-cv-esi: CASMicrosoftCV19cb6814.0
x-rtag: VP_PROD
GET

https://www.microsoft.com/videoplayer/lib/onerfstatics/onerfcomponentfactory.js

firefox.exe

Remote address:

95.100.245.144:443

Request

GET /videoplayer/lib/onerfstatics/onerfcomponentfactory.js HTTP/2.0
host: www.microsoft.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://www.microsoft.com/en-us/videoplayer/embed/RE4M6Vx
cookie: akacd_OneRF=1744829257~rv=44~id=c9a1cd44f9564d40c7de2fc2887e3a59
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

content-type: application/javascript
content-md5: 4DXw10jqbjK6kd0tuo9IFw==
last-modified: Thu, 12 Dec 2024 00:22:19 GMT
etag: 0x8DD1A430A5D9BC7
x-ms-request-id: 46bf2ec9-801e-006f-5776-622a69000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
vary: Accept-Encoding
content-encoding: gzip
date: Thu, 16 Jan 2025 18:47:38 GMT
content-length: 10787
tls_version: tls1.3
strict-transport-security: max-age=31536000
ms-cv: CASMicrosoftCV19cb684c.0
ms-cv-esi: CASMicrosoftCV19cb684c.0
x-rtag: VP_PROD
GET

https://www.microsoft.com/videoplayer/lib/onerfstatics/onerfonedsconfig.js

firefox.exe

Remote address:

95.100.245.144:443

Request

GET /videoplayer/lib/onerfstatics/onerfonedsconfig.js HTTP/2.0
host: www.microsoft.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://www.microsoft.com/en-us/videoplayer/embed/RE4M6Vx
cookie: akacd_OneRF=1744829257~rv=44~id=c9a1cd44f9564d40c7de2fc2887e3a59
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

content-type: application/javascript
content-md5: s3gzFmFPnK0w7s743vwZPA==
last-modified: Thu, 12 Dec 2024 00:22:19 GMT
etag: 0x8DD1A430A571377
x-ms-request-id: 80966f99-b01e-006c-5b44-67c6d6000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
vary: Accept-Encoding
content-encoding: gzip
date: Thu, 16 Jan 2025 18:47:38 GMT
content-length: 15373
tls_version: tls1.3
strict-transport-security: max-age=31536000
ms-cv: CASMicrosoftCV19cb684e.0
ms-cv-esi: CASMicrosoftCV19cb684e.0
x-rtag: VP_PROD
GET

https://www.microsoft.com/videoplayer/lib/mwf/slider.js

firefox.exe

Remote address:

95.100.245.144:443

Request

GET /videoplayer/lib/mwf/slider.js HTTP/2.0
host: www.microsoft.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://www.microsoft.com/en-us/videoplayer/embed/RE4M6Vx
cookie: akacd_OneRF=1744829257~rv=44~id=c9a1cd44f9564d40c7de2fc2887e3a59
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

content-type: application/javascript
content-md5: nujSjVHgcHSKzLWwzuABFw==
last-modified: Thu, 12 Dec 2024 00:22:19 GMT
etag: 0x8DD1A430A6203A5
x-ms-request-id: 98c67670-501e-00bf-70de-601ae4000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
vary: Accept-Encoding
content-encoding: gzip
date: Thu, 16 Jan 2025 18:47:38 GMT
content-length: 10633
tls_version: tls1.3
strict-transport-security: max-age=31536000
ms-cv: CASMicrosoftCV19cb684f.0
ms-cv-esi: CASMicrosoftCV19cb684f.0
x-rtag: VP_PROD
GET

https://www.microsoft.com/videoplayer/lib/js/require-config.js

firefox.exe

Remote address:

95.100.245.144:443

Request

GET /videoplayer/lib/js/require-config.js HTTP/2.0
host: www.microsoft.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://www.microsoft.com/en-us/videoplayer/embed/RE4M6Vx
cookie: akacd_OneRF=1744829257~rv=44~id=c9a1cd44f9564d40c7de2fc2887e3a59
sec-fetch-dest: script
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

content-length: 22904
content-type: application/octet-stream
content-md5: xlSmI62Quz3Ndp27rDTYYw==
last-modified: Thu, 12 Dec 2024 00:22:27 GMT
etag: 0x8DD1A430F02FD14
x-ms-request-id: aad4d29b-301e-0070-024c-637928000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
date: Thu, 16 Jan 2025 18:47:38 GMT
tls_version: tls1.3
strict-transport-security: max-age=31536000
ms-cv: CASMicrosoftCV19cb67f2.0
ms-cv-esi: CASMicrosoftCV19cb67f2.0
x-rtag: VP_PROD
GET

https://www.microsoft.com/videoplayer/lib/js/lazy-sizes.js

firefox.exe

Remote address:

95.100.245.144:443

Request

GET /videoplayer/lib/js/lazy-sizes.js HTTP/2.0
host: www.microsoft.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://www.microsoft.com/en-us/videoplayer/embed/RE4M6Vx
cookie: akacd_OneRF=1744829257~rv=44~id=c9a1cd44f9564d40c7de2fc2887e3a59
sec-fetch-dest: script
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

content-type: application/javascript
content-md5: Xr8gBM3MszhQSzsRN8HX8Q==
last-modified: Thu, 12 Dec 2024 00:22:27 GMT
etag: 0x8DD1A430F1BE751
x-ms-request-id: b9b36083-701e-002c-4c2c-612c70000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
vary: Accept-Encoding
content-encoding: gzip
date: Thu, 16 Jan 2025 18:47:38 GMT
content-length: 96987
tls_version: tls1.3
strict-transport-security: max-age=31536000
ms-cv: CASMicrosoftCV19cb6816.0
ms-cv-esi: CASMicrosoftCV19cb6816.0
x-rtag: VP_PROD
GET

https://www.microsoft.com/videoplayer/lib/js/vp-attributes.js

firefox.exe

Remote address:

95.100.245.144:443

Request

GET /videoplayer/lib/js/vp-attributes.js HTTP/2.0
host: www.microsoft.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://www.microsoft.com/en-us/videoplayer/embed/RE4M6Vx
cookie: akacd_OneRF=1744829257~rv=44~id=c9a1cd44f9564d40c7de2fc2887e3a59
sec-fetch-dest: script
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

content-type: application/javascript
content-md5: WtQwP7TbzY4GtUXuv2nXEA==
last-modified: Thu, 12 Dec 2024 00:22:19 GMT
etag: 0x8DD1A430A5FBC48
x-ms-request-id: 54c2b28a-101e-0007-65c3-654122000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
vary: Accept-Encoding
content-encoding: gzip
date: Thu, 16 Jan 2025 18:47:38 GMT
content-length: 17912
tls_version: tls1.3
strict-transport-security: max-age=31536000
ms-cv: CASMicrosoftCV19cb6812.0
ms-cv-esi: CASMicrosoftCV19cb6812.0
x-rtag: VP_PROD
GET

https://www.microsoft.com/videoplayer/lib/js/auto-play.js

firefox.exe

Remote address:

95.100.245.144:443

Request

GET /videoplayer/lib/js/auto-play.js HTTP/2.0
host: www.microsoft.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://www.microsoft.com/en-us/videoplayer/embed/RE4M6Vx
cookie: akacd_OneRF=1744829257~rv=44~id=c9a1cd44f9564d40c7de2fc2887e3a59
sec-fetch-dest: script
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

content-type: application/javascript
content-md5: UHzu0WrskUHaqPDnnR4xVA==
last-modified: Thu, 12 Dec 2024 00:22:19 GMT
etag: 0x8DD1A430A52100B
x-ms-request-id: a88d1f1a-c01e-0076-5b66-67a709000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
vary: Accept-Encoding
content-encoding: gzip
date: Thu, 16 Jan 2025 18:47:39 GMT
content-length: 11610
tls_version: tls1.3
strict-transport-security: max-age=31536000
ms-cv: CASMicrosoftCV19cb6850.0
ms-cv-esi: CASMicrosoftCV19cb6850.0
x-rtag: VP_PROD
GET

https://www.microsoft.com/videoplayer/lib/localization/en-us.json

firefox.exe

Remote address:

95.100.245.144:443

Request

GET /videoplayer/lib/localization/en-us.json HTTP/2.0
host: www.microsoft.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://www.microsoft.com/en-us/videoplayer/embed/RE4M6Vx
cookie: akacd_OneRF=1744829257~rv=44~id=c9a1cd44f9564d40c7de2fc2887e3a59
cookie: MC1=GUID=929c05b6464a4c0d9177e351fa44de37&HASH=929c&LV=202501&V=4&LU=1737053258725
cookie: MS0=c5b1a4984d34439aab06b6cce0c6c6a1
cookie: MicrosoftApplicationsTelemetryDeviceId=7547f7df-b21c-4217-bdf8-b34330ed6b74
sec-fetch-dest: empty
sec-fetch-mode: cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

content-type: application/json
content-md5: YI7ZTbvlORTnKE+dC/VrRg==
last-modified: Thu, 12 Dec 2024 00:22:22 GMT
etag: 0x8DD1A430C255E2B
x-ms-request-id: b233bee6-c01e-00f0-7a01-626bb0000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
vary: Accept-Encoding
content-encoding: gzip
date: Thu, 16 Jan 2025 18:47:48 GMT
content-length: 1471
tls_version: tls1.3
strict-transport-security: max-age=31536000
ms-cv: CASMicrosoftCV19cb912f.0
ms-cv-esi: CASMicrosoftCV19cb912f.0
x-rtag: VP_PROD
GET

https://www.microsoft.com/mwf/_h/v3.54/mwf.app/fonts/mwfmdl2-v3.54.woff2

firefox.exe

Remote address:

95.100.245.144:443

Request

GET /mwf/_h/v3.54/mwf.app/fonts/mwfmdl2-v3.54.woff2 HTTP/2.0
host: www.microsoft.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
accept-language: en-US,en;q=0.5
accept-encoding: identity
referer: https://www.microsoft.com/videoplayer/lib/mwf/slider.css
cookie: akacd_OneRF=1744829257~rv=44~id=c9a1cd44f9564d40c7de2fc2887e3a59
cookie: MC1=GUID=929c05b6464a4c0d9177e351fa44de37&HASH=929c&LV=202501&V=4&LU=1737053258725
cookie: MS0=c5b1a4984d34439aab06b6cce0c6c6a1
cookie: MicrosoftApplicationsTelemetryDeviceId=7547f7df-b21c-4217-bdf8-b34330ed6b74
sec-fetch-dest: font
sec-fetch-mode: cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

content-type: application/font-woff2
last-modified: Thu, 18 Jan 2024 08:42:04 GMT
x-activity-id: bef6c1e8-35e3-4b43-8e2b-be5cc2daf505
x-appversion: 1.0.8745.29656
x-az: {did:92e7dc58ca2143cfb2c818b047cc5cd1, rid: OneDeployContainer, sn: marketingsites-prod-odnortheurope, dt: 2018-05-03T20:14:23.4188992Z, bt: 2023-12-12T00:28:32.0000000Z}
ms-operation-id: b25f79f24452824498d02803dad0fa8d
p3p: CP="CAO CONi OTR OUR DEM ONL"
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: HEAD,GET,POST,PATCH,PUT,OPTIONS
x-xss-protection: 1; mode=block
content-length: 22904
ak-forward-host:
ak-forward-host:
cache-control: public, max-age=21524931
expires: Mon, 22 Sep 2025 21:56:39 GMT
date: Thu, 16 Jan 2025 18:47:48 GMT
tls_version: tls1.3
strict-transport-security: max-age=31536000
ms-cv: CASMicrosoftCV19cb925a.0
ms-cv-esi: CASMicrosoftCV19cb925a.0
x-rtag: RT
GET

https://www.microsoft.com/videoplayer/lib/onerfstatics/sc/5b/8d47f5.js

firefox.exe

Remote address:

95.100.245.144:443

Request

GET /videoplayer/lib/onerfstatics/sc/5b/8d47f5.js HTTP/2.0
host: www.microsoft.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://www.microsoft.com/en-us/videoplayer/embed/RE4M6Vx
cookie: akacd_OneRF=1744829257~rv=44~id=c9a1cd44f9564d40c7de2fc2887e3a59
cookie: MC1=GUID=929c05b6464a4c0d9177e351fa44de37&HASH=929c&LV=202501&V=4&LU=1737053258725
cookie: MS0=c5b1a4984d34439aab06b6cce0c6c6a1
cookie: MicrosoftApplicationsTelemetryDeviceId=7547f7df-b21c-4217-bdf8-b34330ed6b74
cookie: ai_session=p+4uhAx7evCbbCCCmcDtvS|1737053267616|1737053267616
sec-fetch-dest: script
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

content-type: application/javascript
content-md5: fYQ7hO8spkHJuAtWG0zX+Q==
last-modified: Thu, 12 Dec 2024 00:22:27 GMT
etag: 0x8DD1A430F1F1807
x-ms-request-id: 9269b019-601e-0077-782c-4cf50e000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
vary: Accept-Encoding
content-encoding: gzip
date: Thu, 16 Jan 2025 18:47:49 GMT
content-length: 72055
tls_version: tls1.3
strict-transport-security: max-age=31536000
ms-cv: CASMicrosoftCV19cb925b.0
ms-cv-esi: CASMicrosoftCV19cb925b.0
x-rtag: VP_PROD
OPTIONS

https://marketplace.visualstudio.com/_apis/public/gallery/extensionquery

firefox.exe

Remote address:

13.107.42.18:443

Request

OPTIONS /_apis/public/gallery/extensionquery HTTP/2.0
host: marketplace.visualstudio.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
access-control-request-method: POST
access-control-request-headers: content-type
referer: https://code.visualstudio.com/
origin: https://code.visualstudio.com
sec-fetch-dest: empty
sec-fetch-mode: cors
sec-fetch-site: same-site
te: trailers

Response

HTTP/2.0 200

p3p: CP="CAO DSP COR ADMa DEV CONo TELo CUR PSA PSD TAI IVDo OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR LOC CNT"
x-tfs-processid: a2b3f860-cf36-4840-87fe-7e7861cb6d49
strict-transport-security: max-age=31536000; includeSubDomains
activityid: 6f124d0d-73d3-4349-9080-48c1cec93efe
x-tfs-session: 6f124d0d-73d3-4349-9080-48c1cec93efe
x-vss-e2eid: 6f124d0d-73d3-4349-9080-48c1cec93efe
x-vss-senderdeploymentid: 2663b13f-50e3-a655-a159-22f6f4725fab
access-control-allow-origin: *
access-control-max-age: 3600
access-control-allow-methods: OPTIONS,GET,POST,PATCH,PUT,DELETE
access-control-expose-headers: ActivityId,X-TFS-Session,X-MS-ContinuationToken,X-VSS-GlobalMessage,ETag
access-control-allow-headers: content-type, authorization
x-content-type-options: nosniff
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 98F6A7337265481ABB6B167049ED1380 Ref B: LON04EDGE1017 Ref C: 2025-01-16T18:47:38Z
date: Thu, 16 Jan 2025 18:47:37 GMT
content-length: 0
POST

https://marketplace.visualstudio.com/_apis/public/gallery/extensionquery

firefox.exe

Remote address:

13.107.42.18:443

Request

POST /_apis/public/gallery/extensionquery HTTP/2.0
host: marketplace.visualstudio.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: application/json;api-version=3.0-preview.1
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
content-type: application/json
content-length: 332
origin: https://code.visualstudio.com
referer: https://code.visualstudio.com/
sec-fetch-dest: empty
sec-fetch-mode: cors
sec-fetch-site: same-site
te: trailers

Response

HTTP/2.0 200

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8; api-version=3.0-preview.1
content-encoding: gzip
expires: -1
vary: Accept-Encoding
p3p: CP="CAO DSP COR ADMa DEV CONo TELo CUR PSA PSD TAI IVDo OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR LOC CNT"
set-cookie: VstsSession=%7B%22PersistentSessionId%22%3A%224f39fc10-5a69-4357-bbad-45ffdee1f4f0%22%2C%22PendingAuthenticationSessionId%22%3A%2200000000-0000-0000-0000-000000000000%22%2C%22CurrentAuthenticationSessionId%22%3A%2200000000-0000-0000-0000-000000000000%22%2C%22SignInState%22%3A%7B%7D%7D;SameSite=None; domain=.visualstudio.com; expires=Fri, 16-Jan-2026 18:47:38 GMT; path=/; secure; HttpOnly
x-tfs-processid: 4b652710-4532-4c59-915c-7ed707cbfc49
strict-transport-security: max-age=31536000; includeSubDomains
activityid: 2635f738-b816-415c-a6fb-9b0412ad39d5
x-tfs-session: 2635f738-b816-415c-a6fb-9b0412ad39d5
x-vss-e2eid: 2635f738-b816-415c-a6fb-9b0412ad39d5
x-vss-senderdeploymentid: 2663b13f-50e3-a655-a159-22f6f4725fab
access-control-allow-origin: *
access-control-max-age: 3600
access-control-allow-methods: OPTIONS,GET,POST,PATCH,PUT,DELETE
access-control-expose-headers: ActivityId,X-TFS-Session,X-MS-ContinuationToken,X-VSS-GlobalMessage,ETag
access-control-allow-headers: authorization
request-context: appId=cid-v1:84715e31-583a-4723-a46d-946169b2f4a8
access-control-expose-headers: Request-Context
x-content-type-options: nosniff
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 458DAB9C422F48558B4E24CAECB2203F Ref B: LON04EDGE1017 Ref C: 2025-01-16T18:47:38Z
date: Thu, 16 Jan 2025 18:47:37 GMT
DNS

assets.onestore.ms

firefox.exe

Remote address:

8.8.8.8:53

Request

assets.onestore.ms

IN A

Response

assets.onestore.ms

IN CNAME

assets.onestore.ms.akadns.net

assets.onestore.ms.akadns.net

IN CNAME

assets.onestore.ms.edgekey.net

assets.onestore.ms.edgekey.net

IN CNAME

e10583.dspg.akamaiedge.net

e10583.dspg.akamaiedge.net

IN A

104.124.165.196
DNS

web.vortex.data.microsoft.com

firefox.exe

Remote address:

8.8.8.8:53

Request

web.vortex.data.microsoft.com

IN A

Response
DNS

microsoftwindows.112.2o7.net

firefox.exe

Remote address:

8.8.8.8:53

Request

microsoftwindows.112.2o7.net

IN A

Response

microsoftwindows.112.2o7.net

IN A

66.235.152.156

microsoftwindows.112.2o7.net

IN A

66.235.152.221

microsoftwindows.112.2o7.net

IN A

66.235.152.225
DNS

e10583.dspg.akamaiedge.net

firefox.exe

Remote address:

8.8.8.8:53

Request

e10583.dspg.akamaiedge.net

IN A

Response

e10583.dspg.akamaiedge.net

IN A

104.124.165.196
DNS

a1449.dscg2.akamai.net

firefox.exe

Remote address:

8.8.8.8:53

Request

a1449.dscg2.akamai.net

IN A

Response

a1449.dscg2.akamai.net

IN A

2.19.252.139

a1449.dscg2.akamai.net

IN A

2.19.252.134
DNS

microsoftwindows.112.2o7.net

firefox.exe

Remote address:

8.8.8.8:53

Request

microsoftwindows.112.2o7.net

IN A

Response

microsoftwindows.112.2o7.net

IN A

66.235.152.156

microsoftwindows.112.2o7.net

IN A

66.235.152.225

microsoftwindows.112.2o7.net

IN A

66.235.152.221
DNS

e10583.dspg.akamaiedge.net

firefox.exe

Remote address:

8.8.8.8:53

Request

e10583.dspg.akamaiedge.net

IN AAAA

Response

e10583.dspg.akamaiedge.net

IN AAAA

2a02:26f0:5d00:a99::2957

e10583.dspg.akamaiedge.net

IN AAAA

2a02:26f0:5d00:a84::2957
DNS

microsoftwindows.112.2o7.net

firefox.exe

Remote address:

8.8.8.8:53

Request

microsoftwindows.112.2o7.net

IN AAAA

Response
DNS

a1449.dscg2.akamai.net

firefox.exe

Remote address:

8.8.8.8:53

Request

a1449.dscg2.akamai.net

IN AAAA

Response

a1449.dscg2.akamai.net

IN AAAA

2a02:26f0:5d00:a::685b:471f

a1449.dscg2.akamai.net

IN AAAA

2a02:26f0:5d00:a::685b:470c
DNS

196.165.124.104.in-addr.arpa

Remote address:

8.8.8.8:53

Request

196.165.124.104.in-addr.arpa

IN PTR

Response

196.165.124.104.in-addr.arpa

IN PTR

a104-124-165-196deploystaticakamaitechnologiescom
DNS

139.252.19.2.in-addr.arpa

Remote address:

8.8.8.8:53

Request

139.252.19.2.in-addr.arpa

IN PTR

Response

139.252.19.2.in-addr.arpa

IN PTR

a2-19-252-139deploystaticakamaitechnologiescom
DNS

156.152.235.66.in-addr.arpa

Remote address:

8.8.8.8:53

Request

156.152.235.66.in-addr.arpa

IN PTR

Response

156.152.235.66.in-addr.arpa

IN PTR

ip-66-235-152-156dataadobedcnet
POST

https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-4.3.3&apikey=1a3eb3104447440391ad5f2a6ee06a0a-62879566-bc58-4741-9650-302bf2af703f-7103&upload-time=1737053257614&time-delta-to-apply-millis=use-collector-delta&w=0&NoResponseBody=true

firefox.exe

Remote address:

52.178.17.235:443

Request

POST /OneCollector/1.0/?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-4.3.3&apikey=1a3eb3104447440391ad5f2a6ee06a0a-62879566-bc58-4741-9650-302bf2af703f-7103&upload-time=1737053257614&time-delta-to-apply-millis=use-collector-delta&w=0&NoResponseBody=true HTTP/2.0
host: browser.events.data.microsoft.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
content-type: text/plain;charset=UTF-8
content-length: 2442
origin: https://code.visualstudio.com
referer: https://code.visualstudio.com/
sec-fetch-dest: empty
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 204

content-length: 0
server: Microsoft-HTTPAPI/2.0
strict-transport-security: max-age=31536000
p3p: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
set-cookie: MC1=GUID=4ac5d2a36ed04285a6a551df92a15bb1&HASH=4ac5&LV=202501&V=4&LU=1737053258725; Domain=.microsoft.com; Expires=Fri, 16 Jan 2026 18:47:38 GMT; Path=/;Secure; SameSite=None
set-cookie: MS0=d1a85840aebf49c49e4573d787840f48; Domain=.microsoft.com; Expires=Thu, 16 Jan 2025 19:17:38 GMT; Path=/;Secure; SameSite=None
time-delta-millis: 1111
access-control-allow-headers: P3P,Set-Cookie,time-delta-millis
access-control-allow-methods: POST
access-control-allow-credentials: true
access-control-allow-origin: https://code.visualstudio.com
access-control-expose-headers: time-delta-millis
date: Thu, 16 Jan 2025 18:47:38 GMT
POST

https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-4.3.3&apikey=1a3eb3104447440391ad5f2a6ee06a0a-62879566-bc58-4741-9650-302bf2af703f-7103&upload-time=1737053257616&w=0&NoResponseBody=true

firefox.exe

Remote address:

52.178.17.235:443

Request

POST /OneCollector/1.0/?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-4.3.3&apikey=1a3eb3104447440391ad5f2a6ee06a0a-62879566-bc58-4741-9650-302bf2af703f-7103&upload-time=1737053257616&w=0&NoResponseBody=true HTTP/2.0
host: browser.events.data.microsoft.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
content-type: text/plain;charset=UTF-8
content-length: 1052
origin: https://code.visualstudio.com
referer: https://code.visualstudio.com/
sec-fetch-dest: empty
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 204

content-length: 0
server: Microsoft-HTTPAPI/2.0
strict-transport-security: max-age=31536000
p3p: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
set-cookie: MC1=GUID=929c05b6464a4c0d9177e351fa44de37&HASH=929c&LV=202501&V=4&LU=1737053258725; Domain=.microsoft.com; Expires=Fri, 16 Jan 2026 18:47:38 GMT; Path=/;Secure; SameSite=None
set-cookie: MS0=c5b1a4984d34439aab06b6cce0c6c6a1; Domain=.microsoft.com; Expires=Thu, 16 Jan 2025 19:17:38 GMT; Path=/;Secure; SameSite=None
time-delta-millis: 1109
access-control-allow-headers: P3P,Set-Cookie,time-delta-millis
access-control-allow-methods: POST
access-control-allow-credentials: true
access-control-allow-origin: https://code.visualstudio.com
access-control-expose-headers: time-delta-millis
date: Thu, 16 Jan 2025 18:47:38 GMT
OPTIONS

https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0

firefox.exe

Remote address:

52.178.17.235:443

Request

OPTIONS /OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0 HTTP/2.0
host: browser.events.data.microsoft.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
access-control-request-method: POST
access-control-request-headers: apikey,cache-control,client-id,client-version,content-type,upload-time
referer: https://code.visualstudio.com/
origin: https://code.visualstudio.com
sec-fetch-dest: empty
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

cache-control: public, 3600
content-length: 0
server: Microsoft-HTTPAPI/2.0
strict-transport-security: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: AuthMsaDeviceTicket,AuthXToken,Content-Encoding,Content-Type,Cache-Control,Client-Id,SDK-Name,sdk-version,apikey,x-apikey,client-version,upload-time,time-delta-to-apply-millis,client-time-epoch-millis,persistence-mode,reliability-mode,NoResponseBody
access-control-max-age: 3600
access-control-allow-origin: https://code.visualstudio.com
date: Thu, 16 Jan 2025 18:47:39 GMT
POST

https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0

firefox.exe

Remote address:

52.178.17.235:443

Request

POST /OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0 HTTP/2.0
host: browser.events.data.microsoft.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
client-id: NO_AUTH
client-version: 1DS-Web-JS-4.3.3
apikey: 1a3eb3104447440391ad5f2a6ee06a0a-62879566-bc58-4741-9650-302bf2af703f-7103
upload-time: 1737053258735
cache-control: no-cache, no-store
content-type: application/x-json-stream
content-length: 1342
origin: https://code.visualstudio.com
referer: https://code.visualstudio.com/
cookie: MC1=GUID=929c05b6464a4c0d9177e351fa44de37&HASH=929c&LV=202501&V=4&LU=1737053258725
cookie: MS0=c5b1a4984d34439aab06b6cce0c6c6a1
sec-fetch-dest: empty
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

content-length: 153
content-type: application/json
server: Microsoft-HTTPAPI/2.0
strict-transport-security: max-age=31536000
time-delta-millis: 1350
access-control-allow-headers: time-delta-millis
access-control-allow-methods: POST
access-control-allow-credentials: true
access-control-allow-origin: https://code.visualstudio.com
access-control-expose-headers: time-delta-millis
date: Thu, 16 Jan 2025 18:47:39 GMT
POST

https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0

firefox.exe

Remote address:

52.178.17.235:443

Request

POST /OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0 HTTP/2.0
host: browser.events.data.microsoft.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
client-id: NO_AUTH
client-version: 1DS-Web-JS-4.3.3
apikey: 1a3eb3104447440391ad5f2a6ee06a0a-62879566-bc58-4741-9650-302bf2af703f-7103
upload-time: 1737053259760
time-delta-to-apply-millis: 1350
cache-control: no-cache, no-store
content-type: application/x-json-stream
content-length: 1050
origin: https://code.visualstudio.com
referer: https://code.visualstudio.com/
cookie: MC1=GUID=929c05b6464a4c0d9177e351fa44de37&HASH=929c&LV=202501&V=4&LU=1737053258725
cookie: MS0=c5b1a4984d34439aab06b6cce0c6c6a1
sec-fetch-dest: empty
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

content-length: 153
content-type: application/json
server: Microsoft-HTTPAPI/2.0
strict-transport-security: max-age=31536000
time-delta-millis: 997
access-control-allow-headers: time-delta-millis
access-control-allow-methods: POST
access-control-allow-credentials: true
access-control-allow-origin: https://code.visualstudio.com
access-control-expose-headers: time-delta-millis
date: Thu, 16 Jan 2025 18:47:40 GMT
OPTIONS

https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0

firefox.exe

Remote address:

52.178.17.235:443

Request

OPTIONS /OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0 HTTP/2.0
host: browser.events.data.microsoft.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
access-control-request-method: POST
access-control-request-headers: apikey,cache-control,client-id,client-version,content-type,time-delta-to-apply-millis,upload-time
referer: https://www.microsoft.com/
origin: https://www.microsoft.com
sec-fetch-dest: empty
sec-fetch-mode: cors
sec-fetch-site: same-site
te: trailers

Response

HTTP/2.0 200

cache-control: public, 3600
content-length: 0
server: Microsoft-HTTPAPI/2.0
strict-transport-security: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: AuthMsaDeviceTicket,AuthXToken,Content-Encoding,Content-Type,Cache-Control,Client-Id,SDK-Name,sdk-version,apikey,x-apikey,client-version,upload-time,time-delta-to-apply-millis,client-time-epoch-millis,persistence-mode,reliability-mode,NoResponseBody
access-control-max-age: 3600
access-control-allow-origin: https://www.microsoft.com
date: Thu, 16 Jan 2025 18:47:50 GMT
POST

https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0

firefox.exe

Remote address:

52.178.17.235:443

Request

POST /OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0 HTTP/2.0
host: browser.events.data.microsoft.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
client-id: NO_AUTH
client-version: 1DS-Web-JS-3.2.12
apikey: aacbcf0ee7614738b1ea4f99c23f2e82-63b77ecc-8c62-4513-aa1f-a12a5ed8c015-6865
upload-time: 1737053269638
time-delta-to-apply-millis: use-collector-delta
cache-control: no-cache, no-store
content-type: application/x-json-stream
content-length: 33673
origin: https://www.microsoft.com
referer: https://www.microsoft.com/
cookie: MC1=GUID=929c05b6464a4c0d9177e351fa44de37&HASH=929c&LV=202501&V=4&LU=1737053258725
cookie: MS0=c5b1a4984d34439aab06b6cce0c6c6a1
sec-fetch-dest: empty
sec-fetch-mode: cors
sec-fetch-site: same-site
te: trailers

Response

HTTP/2.0 200

content-length: 153
content-type: application/json
server: Microsoft-HTTPAPI/2.0
strict-transport-security: max-age=31536000
time-delta-millis: 1057
access-control-allow-headers: time-delta-millis
access-control-allow-methods: POST
access-control-allow-credentials: true
access-control-allow-origin: https://www.microsoft.com
access-control-expose-headers: time-delta-millis
date: Thu, 16 Jan 2025 18:47:50 GMT
POST

https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.2.12&apikey=aacbcf0ee7614738b1ea4f99c23f2e82-63b77ecc-8c62-4513-aa1f-a12a5ed8c015-6865&upload-time=1737053339658&ext.intweb.msfpc=GUID%3D929c05b6464a4c0d9177e351fa44de37%26HASH%3D929c%26LV%3D202501%26V%3D4%26LU%3D1737053258725&time-delta-to-apply-millis=1057&w=0&NoResponseBody=true

firefox.exe

Remote address:

52.178.17.235:443

Request

POST /OneCollector/1.0/?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.2.12&apikey=aacbcf0ee7614738b1ea4f99c23f2e82-63b77ecc-8c62-4513-aa1f-a12a5ed8c015-6865&upload-time=1737053339658&ext.intweb.msfpc=GUID%3D929c05b6464a4c0d9177e351fa44de37%26HASH%3D929c%26LV%3D202501%26V%3D4%26LU%3D1737053258725&time-delta-to-apply-millis=1057&w=0&NoResponseBody=true HTTP/2.0
host: browser.events.data.microsoft.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
content-type: text/plain;charset=UTF-8
content-length: 15629
origin: https://www.microsoft.com
referer: https://www.microsoft.com/
cookie: MC1=GUID=929c05b6464a4c0d9177e351fa44de37&HASH=929c&LV=202501&V=4&LU=1737053258725
cookie: MS0=c5b1a4984d34439aab06b6cce0c6c6a1
sec-fetch-dest: empty
sec-fetch-mode: no-cors
sec-fetch-site: same-site
te: trailers

Response

HTTP/2.0 204

content-length: 0
server: Microsoft-HTTPAPI/2.0
strict-transport-security: max-age=31536000
time-delta-millis: 982
access-control-allow-headers: time-delta-millis
access-control-allow-methods: POST
access-control-allow-credentials: true
access-control-allow-origin: https://www.microsoft.com
access-control-expose-headers: time-delta-millis
date: Thu, 16 Jan 2025 18:49:00 GMT
DNS

ms-python.gallerycdn.vsassets.io

firefox.exe

Remote address:

8.8.8.8:53

Request

ms-python.gallerycdn.vsassets.io

IN A

Response

ms-python.gallerycdn.vsassets.io

IN CNAME

market-prod-cdn.trafficmanager.net

market-prod-cdn.trafficmanager.net

IN CNAME

gallerycdn.vsassets.io.edgesuite.net

gallerycdn.vsassets.io.edgesuite.net

IN CNAME

a125.dscr.akamai.net

a125.dscr.akamai.net

IN A

88.221.134.219

a125.dscr.akamai.net

IN A

88.221.134.178

a125.dscr.akamai.net

IN A

88.221.134.225

a125.dscr.akamai.net

IN A

88.221.134.234
DNS

ms-vscode.gallerycdn.vsassets.io

firefox.exe

Remote address:

8.8.8.8:53

Request

ms-vscode.gallerycdn.vsassets.io

IN A

Response

ms-vscode.gallerycdn.vsassets.io

IN CNAME

market-prod-cdn.trafficmanager.net

market-prod-cdn.trafficmanager.net

IN CNAME

gallerycdn.vsassets.io.edgesuite.net

gallerycdn.vsassets.io.edgesuite.net

IN CNAME

a125.dscr.akamai.net

a125.dscr.akamai.net

IN A

88.221.134.178

a125.dscr.akamai.net

IN A

88.221.134.219

a125.dscr.akamai.net

IN A

88.221.134.234

a125.dscr.akamai.net

IN A

88.221.134.225
DNS

vscjava.gallerycdn.vsassets.io

firefox.exe

Remote address:

8.8.8.8:53

Request

vscjava.gallerycdn.vsassets.io

IN A

Response

vscjava.gallerycdn.vsassets.io

IN CNAME

market-prod-cdn.trafficmanager.net

market-prod-cdn.trafficmanager.net

IN CNAME

gallerycdn.vsassets.io.edgesuite.net

gallerycdn.vsassets.io.edgesuite.net

IN CNAME

a125.dscr.akamai.net

a125.dscr.akamai.net

IN A

88.221.134.225

a125.dscr.akamai.net

IN A

88.221.134.234

a125.dscr.akamai.net

IN A

88.221.134.219

a125.dscr.akamai.net

IN A

88.221.134.178
DNS

github.gallerycdn.vsassets.io

firefox.exe

Remote address:

8.8.8.8:53

Request

github.gallerycdn.vsassets.io

IN A

Response

github.gallerycdn.vsassets.io

IN CNAME

market-prod-cdn.trafficmanager.net

market-prod-cdn.trafficmanager.net

IN CNAME

gallerycdn.vsassets.io.edgesuite.net

gallerycdn.vsassets.io.edgesuite.net

IN CNAME

a125.dscr.akamai.net

a125.dscr.akamai.net

IN A

88.221.134.178

a125.dscr.akamai.net

IN A

88.221.134.208

a125.dscr.akamai.net

IN A

88.221.134.187
GET

https://ms-python.gallerycdn.vsassets.io/extensions/ms-python/python/2024.23.2025011501/1736963660551/Microsoft.VisualStudio.Services.Icons.Default

firefox.exe

Remote address:

88.221.134.219:443

Request

GET /extensions/ms-python/python/2024.23.2025011501/1736963660551/Microsoft.VisualStudio.Services.Icons.Default HTTP/1.1
Host: ms-python.gallerycdn.vsassets.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://code.visualstudio.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

Response

HTTP/1.1 200 OK

Cache-Control: public, max-age=31536000
Content-Length: 45588
Content-Type: image/png
Content-Encoding: gzip
Last-Modified: Wed, 15 Jan 2025 17:54:20 GMT
ETag: 0x8DD358DA38A2E05
x-ms-request-id: dcbb971c-c01e-006a-6777-671f27000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Date: Thu, 16 Jan 2025 18:47:38 GMT
Connection: keep-alive
Cross-Origin-Resource-Policy: cross-origin
DNS

a125.dscr.akamai.net

firefox.exe

Remote address:

8.8.8.8:53

Request

a125.dscr.akamai.net

IN A

Response

a125.dscr.akamai.net

IN A

88.221.134.225

a125.dscr.akamai.net

IN A

88.221.134.219

a125.dscr.akamai.net

IN A

88.221.134.178

a125.dscr.akamai.net

IN A

88.221.134.234
GET

https://vscjava.gallerycdn.vsassets.io/extensions/vscjava/vscode-java-pack/0.29.2024091906/1726729234947/Microsoft.VisualStudio.Services.Icons.Default

firefox.exe

Remote address:

88.221.134.225:443

Request

GET /extensions/vscjava/vscode-java-pack/0.29.2024091906/1726729234947/Microsoft.VisualStudio.Services.Icons.Default HTTP/1.1
Host: vscjava.gallerycdn.vsassets.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://code.visualstudio.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

Response

HTTP/1.1 200 OK

Cache-Control: public, max-age=31536000
Content-Length: 4189
Content-Type: image/png
Content-Encoding: gzip
Last-Modified: Thu, 19 Sep 2024 07:00:35 GMT
ETag: 0x8DCD878C28024D9
x-ms-request-id: 13b806b1-a01e-007c-2d43-60e9f0000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Date: Thu, 16 Jan 2025 18:47:38 GMT
Connection: keep-alive
Cross-Origin-Resource-Policy: cross-origin
GET

https://github.gallerycdn.vsassets.io/extensions/github/copilot/1.257.1316/1736991519557/Microsoft.VisualStudio.Services.Icons.Default

firefox.exe

Remote address:

88.221.134.178:443

Request

GET /extensions/github/copilot/1.257.1316/1736991519557/Microsoft.VisualStudio.Services.Icons.Default HTTP/1.1
Host: github.gallerycdn.vsassets.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://code.visualstudio.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

Response

HTTP/1.1 200 OK

Cache-Control: public, max-age=31536000
Content-Length: 7428
Content-Type: image/png
Content-Encoding: gzip
Last-Modified: Thu, 16 Jan 2025 01:38:39 GMT
ETag: 0x8DD35CE80D7975A
x-ms-request-id: e2624342-701e-0040-37b8-67c037000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Date: Thu, 16 Jan 2025 18:47:38 GMT
Connection: keep-alive
Cross-Origin-Resource-Policy: cross-origin
GET

https://ms-vscode.gallerycdn.vsassets.io/extensions/ms-vscode/cpptools/1.23.3/1736465135809/Microsoft.VisualStudio.Services.Icons.Default

firefox.exe

Remote address:

88.221.134.178:443

Request

GET /extensions/ms-vscode/cpptools/1.23.3/1736465135809/Microsoft.VisualStudio.Services.Icons.Default HTTP/1.1
Host: ms-vscode.gallerycdn.vsassets.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://code.visualstudio.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

Response

HTTP/1.1 200 OK

Cache-Control: public, max-age=31536000
Content-Length: 4815
Content-Type: image/png
Content-Encoding: gzip
Last-Modified: Thu, 09 Jan 2025 23:25:35 GMT
ETag: 0x8DD3104EBA2E792
x-ms-request-id: fa8a6cfb-801e-000c-26ee-6276ed000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Date: Thu, 16 Jan 2025 18:47:38 GMT
Connection: keep-alive
Cross-Origin-Resource-Policy: cross-origin
DNS

a125.dscr.akamai.net

firefox.exe

Remote address:

8.8.8.8:53

Request

a125.dscr.akamai.net

IN AAAA

Response

a125.dscr.akamai.net

IN AAAA

2a02:26f0:5900::1738:ee7a

a125.dscr.akamai.net

IN AAAA

2a02:26f0:5900::1738:ee6b
DNS

vscode.download.prss.microsoft.com

firefox.exe

Remote address:

8.8.8.8:53

Request

vscode.download.prss.microsoft.com

IN A

Response

vscode.download.prss.microsoft.com

IN CNAME

vscode.download.prss.microsoft.com.delivery.microsoft.com

vscode.download.prss.microsoft.com.delivery.microsoft.com

IN CNAME

sundry-f-net.trafficmanager.net

sundry-f-net.trafficmanager.net

IN CNAME

download.prss.microsoft.com.akamaized.net

download.prss.microsoft.com.akamaized.net

IN CNAME

a308.dscd.akamai.net

a308.dscd.akamai.net

IN A

2.18.190.171

a308.dscd.akamai.net

IN A

2.18.190.180
GET

https://vscode.download.prss.microsoft.com/dbazure/download/stable/91fbdddc47bc9c09064bf7acf133d22631cbf083/VSCodeUserSetup-x64-1.96.3.exe

firefox.exe

Remote address:

2.18.190.171:443

Request

GET /dbazure/download/stable/91fbdddc47bc9c09064bf7acf133d22631cbf083/VSCodeUserSetup-x64-1.96.3.exe HTTP/1.1
Host: vscode.download.prss.microsoft.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://code.visualstudio.com/
Connection: keep-alive
Cookie: MC1=GUID=3ccacde58a524d66a67b210c2ffc16f2&HASH=3cca&LV=202501&V=4&LU=1737053251518; MS0=33dedc871bdb4994973181b63e935963
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

Response

HTTP/1.1 200 OK

Content-Type: application/octet-stream
Server: Kestrel
Accept-Ranges: bytes
Cache-Control: public, max-age=259200
X-Ms-ApiVersion: Distribute 1.2
X-Ms-Region: prod-neu-z1
Content-Disposition: attachment; filename=VSCodeUserSetup-x64-1.96.3.exe; filename*=UTF-8''VSCodeUserSetup-x64-1.96.3.exe
Last-Modified: Thu, 09 Jan 2025 20:57:33 GMT
ETag: "0xE6AE04B77281274BCFDCEBEE91E5077EB49FA48344D8B9BC4874C4E75419AEC5"
Content-Length: 104947336
Date: Thu, 16 Jan 2025 18:47:39 GMT
Connection: keep-alive
X-OSID: 2
X-CID: 2
X-CCC: GB
DNS

a308.dscd.akamai.net

firefox.exe

Remote address:

8.8.8.8:53

Request

a308.dscd.akamai.net

IN A

Response

a308.dscd.akamai.net

IN A

2.18.190.171

a308.dscd.akamai.net

IN A

2.18.190.180
DNS

a308.dscd.akamai.net

firefox.exe

Remote address:

8.8.8.8:53

Request

a308.dscd.akamai.net

IN AAAA

Response

a308.dscd.akamai.net

IN AAAA

2a02:26f0:5900::b832:72a9

a308.dscd.akamai.net

IN AAAA

2a02:26f0:5900::b832:72a0
DNS

235.17.178.52.in-addr.arpa

Remote address:

8.8.8.8:53

Request

235.17.178.52.in-addr.arpa

IN PTR

Response
DNS

219.134.221.88.in-addr.arpa

Remote address:

8.8.8.8:53

Request

219.134.221.88.in-addr.arpa

IN PTR

Response

219.134.221.88.in-addr.arpa

IN PTR

a88-221-134-219deploystaticakamaitechnologiescom
DNS

225.134.221.88.in-addr.arpa

Remote address:

8.8.8.8:53

Request

225.134.221.88.in-addr.arpa

IN PTR

Response

225.134.221.88.in-addr.arpa

IN PTR

a88-221-134-225deploystaticakamaitechnologiescom
DNS

178.134.221.88.in-addr.arpa

Remote address:

8.8.8.8:53

Request

178.134.221.88.in-addr.arpa

IN PTR

Response

178.134.221.88.in-addr.arpa

IN PTR

a88-221-134-178deploystaticakamaitechnologiescom
DNS

171.190.18.2.in-addr.arpa

Remote address:

8.8.8.8:53

Request

171.190.18.2.in-addr.arpa

IN PTR

Response

171.190.18.2.in-addr.arpa

IN PTR

a2-18-190-171deploystaticakamaitechnologiescom
DNS

u.clarity.ms

firefox.exe

Remote address:

8.8.8.8:53

Request

u.clarity.ms

IN A

Response

u.clarity.ms

IN CNAME

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com

IN A

4.227.249.197
DNS

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com

firefox.exe

Remote address:

8.8.8.8:53

Request

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com

IN AAAA

Response
DNS

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com

firefox.exe

Remote address:

8.8.8.8:53

Request

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com

IN AAAA
DNS

location.services.mozilla.com

firefox.exe

Remote address:

8.8.8.8:53

Request

location.services.mozilla.com

IN A

Response

location.services.mozilla.com

IN CNAME

prod.classify-client.prod.webservices.mozgcp.net

prod.classify-client.prod.webservices.mozgcp.net

IN A

35.190.72.216
DNS

location.services.mozilla.com

firefox.exe

Remote address:

8.8.8.8:53

Request

location.services.mozilla.com

IN A
DNS

location.services.mozilla.com

firefox.exe

Remote address:

8.8.8.8:53

Request

location.services.mozilla.com

IN A
DNS

prod.balrog.prod.cloudops.mozgcp.net

firefox.exe

Remote address:

8.8.8.8:53

Request

prod.balrog.prod.cloudops.mozgcp.net

IN A

Response

prod.balrog.prod.cloudops.mozgcp.net

IN A

35.244.181.201
DNS

prod.balrog.prod.cloudops.mozgcp.net

firefox.exe

Remote address:

8.8.8.8:53

Request

prod.balrog.prod.cloudops.mozgcp.net

IN AAAA

Response
DNS

prod.balrog.prod.cloudops.mozgcp.net

firefox.exe

Remote address:

8.8.8.8:53

Request

prod.balrog.prod.cloudops.mozgcp.net

IN AAAA

Response
DNS

201.181.244.35.in-addr.arpa

Remote address:

8.8.8.8:53

Request

201.181.244.35.in-addr.arpa

IN PTR

Response

201.181.244.35.in-addr.arpa

IN PTR

20118124435bcgoogleusercontentcom
DNS

201.181.244.35.in-addr.arpa

Remote address:

8.8.8.8:53

Request

201.181.244.35.in-addr.arpa

IN PTR
DNS

prod.classify-client.prod.webservices.mozgcp.net

firefox.exe

Remote address:

8.8.8.8:53

Request

prod.classify-client.prod.webservices.mozgcp.net

IN A

Response

prod.classify-client.prod.webservices.mozgcp.net

IN A

35.190.72.216
DNS

prod.classify-client.prod.webservices.mozgcp.net

firefox.exe

Remote address:

8.8.8.8:53

Request

prod.classify-client.prod.webservices.mozgcp.net

IN A

Response

prod.classify-client.prod.webservices.mozgcp.net

IN A

35.190.72.216
DNS

prod.classify-client.prod.webservices.mozgcp.net

firefox.exe

Remote address:

8.8.8.8:53

Request

prod.classify-client.prod.webservices.mozgcp.net

IN AAAA

Response
DNS

ciscobinary.openh264.org

firefox.exe

Remote address:

8.8.8.8:53

Request

ciscobinary.openh264.org

IN A

Response

ciscobinary.openh264.org

IN CNAME

a21ed24aedde648804e7-228765c84088fef4ff5e70f2710398e9.r17.cf1.rackcdn.com

a21ed24aedde648804e7-228765c84088fef4ff5e70f2710398e9.r17.cf1.rackcdn.com

IN CNAME

a17.rackcdn.com

a17.rackcdn.com

IN CNAME

a17.rackcdn.com.mdc.edgesuite.net

a17.rackcdn.com.mdc.edgesuite.net

IN CNAME

a19.dscg10.akamai.net

a19.dscg10.akamai.net

IN A

88.221.134.209

a19.dscg10.akamai.net

IN A

88.221.134.155
DNS

redirector.gvt1.com

firefox.exe

Remote address:

8.8.8.8:53

Request

redirector.gvt1.com

IN A

Response

redirector.gvt1.com

IN A

142.250.180.14
GET

http://ciscobinary.openh264.org/openh264-win64-31c4d2e4a037526fd30d4e5c39f60885986cf865.zip

firefox.exe

Remote address:

88.221.134.209:80

Request

GET /openh264-win64-31c4d2e4a037526fd30d4e5c39f60885986cf865.zip HTTP/1.1
Host: ciscobinary.openh264.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive

Response

HTTP/1.1 200 OK

Last-Modified: Fri, 08 Nov 2024 02:37:54 GMT
ETag: 09372174e83dbbf696ee732fd2e875bb
Content-Length: 491284
Accept-Ranges: bytes
X-Timestamp: 1731033473.13891
Content-Type: application/zip
X-Trans-Id: txe2d6fd5524464f55a6fac-00673047f0dfw1
Cache-Control: public, max-age=189847
Expires: Sat, 18 Jan 2025 23:31:51 GMT
Date: Thu, 16 Jan 2025 18:47:44 GMT
Connection: keep-alive
DNS

a19.dscg10.akamai.net

firefox.exe

Remote address:

8.8.8.8:53

Request

a19.dscg10.akamai.net

IN A

Response

a19.dscg10.akamai.net

IN A

88.221.134.209

a19.dscg10.akamai.net

IN A

88.221.134.155
GET

https://redirector.gvt1.com/edgedl/widevine-cdm/4.10.2710.0-win-x64.zip

firefox.exe

Remote address:

142.250.180.14:443

Request

GET /edgedl/widevine-cdm/4.10.2710.0-win-x64.zip HTTP/2.0
host: redirector.gvt1.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
te: trailers
DNS

redirector.gvt1.com

firefox.exe

Remote address:

8.8.8.8:53

Request

redirector.gvt1.com

IN A

Response

redirector.gvt1.com

IN A

142.250.180.14
DNS

a19.dscg10.akamai.net

firefox.exe

Remote address:

8.8.8.8:53

Request

a19.dscg10.akamai.net

IN AAAA

Response

a19.dscg10.akamai.net

IN AAAA

2a02:26f0:a1::58dd:86d1

a19.dscg10.akamai.net

IN AAAA

2a02:26f0:a1::58dd:869b
DNS

redirector.gvt1.com

firefox.exe

Remote address:

8.8.8.8:53

Request

redirector.gvt1.com

IN AAAA

Response

redirector.gvt1.com

IN AAAA

2a00:1450:4009:81e::200e
DNS

redirector.gvt1.com

firefox.exe

Remote address:

8.8.8.8:53

Request

redirector.gvt1.com

IN AAAA

Response

redirector.gvt1.com

IN AAAA

2a00:1450:4009:81e::200e
DNS

redirector.gvt1.com

firefox.exe

Remote address:

8.8.8.8:53

Request

redirector.gvt1.com

IN AAAA
DNS

216.72.190.35.in-addr.arpa

Code.exe

Remote address:

8.8.8.8:53

Request

216.72.190.35.in-addr.arpa

IN PTR

Response

216.72.190.35.in-addr.arpa

IN PTR

2167219035bcgoogleusercontentcom
DNS

dynamsoft.gallerycdn.vsassets.io

Code.exe

Remote address:

8.8.8.8:53

Request

dynamsoft.gallerycdn.vsassets.io

IN Unknown

Response

dynamsoft.gallerycdn.vsassets.io

IN CNAME

market-prod-cdn.trafficmanager.net

market-prod-cdn.trafficmanager.net

IN CNAME

gallerycdn.vsassets.io.edgesuite.net

gallerycdn.vsassets.io.edgesuite.net

IN CNAME

a125.dscr.akamai.net
DNS

209.134.221.88.in-addr.arpa

Remote address:

8.8.8.8:53

Request

209.134.221.88.in-addr.arpa

IN PTR

Response

209.134.221.88.in-addr.arpa

IN PTR

a88-221-134-209deploystaticakamaitechnologiescom
DNS

14.180.250.142.in-addr.arpa

Remote address:

8.8.8.8:53

Request

14.180.250.142.in-addr.arpa

IN PTR

Response

14.180.250.142.in-addr.arpa

IN PTR

lhr25s32-in-f141e100net
DNS

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com

firefox.exe

Remote address:

8.8.8.8:53

Request

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com

IN A

Response

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com

IN A

4.227.249.197
DNS

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com

firefox.exe

Remote address:

8.8.8.8:53

Request

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com

IN AAAA

Response
DNS

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com

firefox.exe

Remote address:

8.8.8.8:53

Request

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com

IN AAAA
DNS

prod-video-cms-rt-microsoft-com.akamaized.net

firefox.exe

Remote address:

8.8.8.8:53

Request

prod-video-cms-rt-microsoft-com.akamaized.net

IN A

Response

prod-video-cms-rt-microsoft-com.akamaized.net

IN CNAME

a1985.g2.akamai.net

a1985.g2.akamai.net

IN A

2.19.252.141

a1985.g2.akamai.net

IN A

2.19.252.154
GET

https://prod-video-cms-rt-microsoft-com.akamaized.net/vhs/api/videos/RE4M6Vx?version=v1

firefox.exe

Remote address:

2.19.252.141:443

Request

GET /vhs/api/videos/RE4M6Vx?version=v1 HTTP/1.1
Host: prod-video-cms-rt-microsoft-com.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.microsoft.com
Connection: keep-alive
Referer: https://www.microsoft.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

Response

HTTP/1.1 200 OK

Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Content-Encoding: gzip
VideoShimDatacenter: eastus
VideoShimActivityId: 59077d12-7a87-4c22-b40f-c28b8726ca65
X-Powered-By: ASP.NET
Content-Length: 1108
Cache-Control: public, max-age=83
Expires: Thu, 16 Jan 2025 18:49:11 GMT
Date: Thu, 16 Jan 2025 18:47:48 GMT
Connection: keep-alive
Vary: Accept-Encoding
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
DNS

a1985.g2.akamai.net

firefox.exe

Remote address:

8.8.8.8:53

Request

a1985.g2.akamai.net

IN A

Response

a1985.g2.akamai.net

IN A

2.19.252.154

a1985.g2.akamai.net

IN A

2.19.252.141
DNS

a1985.g2.akamai.net

firefox.exe

Remote address:

8.8.8.8:53

Request

a1985.g2.akamai.net

IN AAAA

Response
DNS

141.252.19.2.in-addr.arpa

Remote address:

8.8.8.8:53

Request

141.252.19.2.in-addr.arpa

IN PTR

Response

141.252.19.2.in-addr.arpa

IN PTR

a2-19-252-141deploystaticakamaitechnologiescom
DNS

r4---sn-aigzrnsz.gvt1.com

firefox.exe

Remote address:

8.8.8.8:53

Request

r4---sn-aigzrnsz.gvt1.com

IN A

Response

r4---sn-aigzrnsz.gvt1.com

IN CNAME

r4.sn-aigzrnsz.gvt1.com

r4.sn-aigzrnsz.gvt1.com

IN A

74.125.175.169
GET

https://r4---sn-aigzrnsz.gvt1.com/edgedl/widevine-cdm/4.10.2710.0-win-x64.zip?cms_redirect=yes&met=1737053269,&mh=R8&mip=181.215.176.83&mm=28&mn=sn-aigzrnsz&ms=nvh&mt=1737052825&mv=m&mvi=4&pl=27&rmhost=r1---sn-aigzrnsz.gvt1.com&rms=nvh,nvh&shardbypass=sd&smhost=r2---sn-aigzrn7s.gvt1.com

firefox.exe

Remote address:

74.125.175.169:443

Request

GET /edgedl/widevine-cdm/4.10.2710.0-win-x64.zip?cms_redirect=yes&met=1737053269,&mh=R8&mip=181.215.176.83&mm=28&mn=sn-aigzrnsz&ms=nvh&mt=1737052825&mv=m&mvi=4&pl=27&rmhost=r1---sn-aigzrnsz.gvt1.com&rms=nvh,nvh&shardbypass=sd&smhost=r2---sn-aigzrn7s.gvt1.com HTTP/1.1
Host: r4---sn-aigzrnsz.gvt1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive

Response

HTTP/1.1 200 OK

Accept-Ranges: bytes
Cache-Control: public,max-age=86400
Content-Disposition: attachment
Content-Length: 14485862
Content-Security-Policy: default-src 'none'
Content-Type: application/zip
Etag: "1d3918c"
Server: downloads
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-Xss-Protection: 0
Date: Thu, 16 Jan 2025 16:11:00 GMT
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Last-Modified: Thu, 05 Oct 2023 00:56:47 GMT
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Vary: Origin
DNS

r4.sn-aigzrnsz.gvt1.com

firefox.exe

Remote address:

8.8.8.8:53

Request

r4.sn-aigzrnsz.gvt1.com

IN A

Response

r4.sn-aigzrnsz.gvt1.com

IN A

74.125.175.169
DNS

r4.sn-aigzrnsz.gvt1.com

firefox.exe

Remote address:

8.8.8.8:53

Request

r4.sn-aigzrnsz.gvt1.com

IN AAAA

Response

r4.sn-aigzrnsz.gvt1.com

IN AAAA

2a00:1450:4009:1b::9
DNS

169.175.125.74.in-addr.arpa

Remote address:

8.8.8.8:53

Request

169.175.125.74.in-addr.arpa

IN PTR

Response

169.175.125.74.in-addr.arpa

IN PTR

lhr48s34-in-f91e100net
DNS

browser.events.data.microsoft.com

msedge.exe

Remote address:

8.8.8.8:53

Request

browser.events.data.microsoft.com

IN A

Response

browser.events.data.microsoft.com

IN CNAME

browser.events.data.trafficmanager.net

browser.events.data.trafficmanager.net

IN CNAME

onedscolprdeus05.eastus.cloudapp.azure.com

onedscolprdeus05.eastus.cloudapp.azure.com

IN A

20.42.65.85
DNS

onedscolprdeus05.eastus.cloudapp.azure.com

firefox.exe

Remote address:

8.8.8.8:53

Request

onedscolprdeus05.eastus.cloudapp.azure.com

IN A

Response

onedscolprdeus05.eastus.cloudapp.azure.com

IN A

20.42.65.85
DNS

onedscolprdeus05.eastus.cloudapp.azure.com

firefox.exe

Remote address:

8.8.8.8:53

Request

onedscolprdeus05.eastus.cloudapp.azure.com

IN AAAA

Response
DNS

u.clarity.ms

firefox.exe

Remote address:

8.8.8.8:53

Request

u.clarity.ms

IN A

Response

u.clarity.ms

IN CNAME

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com

IN A

4.227.249.197
DNS

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com

firefox.exe

Remote address:

8.8.8.8:53

Request

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com

IN A

Response

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com

IN A

4.227.249.197
DNS

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com

firefox.exe

Remote address:

8.8.8.8:53

Request

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com

IN AAAA

Response
DNS

u.clarity.ms

firefox.exe

Remote address:

8.8.8.8:53

Request

u.clarity.ms

IN A

Response

u.clarity.ms

IN CNAME

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com

IN A

4.227.249.197
DNS

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com

firefox.exe

Remote address:

8.8.8.8:53

Request

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com

IN AAAA

Response
DNS

133.130.81.91.in-addr.arpa

Remote address:

8.8.8.8:53

Request

133.130.81.91.in-addr.arpa

IN PTR

Response
DNS

u.clarity.ms

firefox.exe

Remote address:

8.8.8.8:53

Request

u.clarity.ms

IN A

Response

u.clarity.ms

IN CNAME

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com

IN A

4.227.249.197
DNS

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com

firefox.exe

Remote address:

8.8.8.8:53

Request

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com

IN A

Response

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com

IN A

4.227.249.197
POST

https://u.clarity.ms/collect

firefox.exe

Remote address:

4.227.249.197:443

Request

POST /collect HTTP/1.1
Host: u.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
Accept: application/x-clarity-gzip
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Length: 1683
Origin: https://visualstudio.microsoft.com
Connection: keep-alive
Referer: https://visualstudio.microsoft.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

Response

HTTP/1.1 204 No Content

Server: nginx
Date: Thu, 16 Jan 2025 18:48:09 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://visualstudio.microsoft.com
Vary: Origin
Request-Context: appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81
DNS

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com

firefox.exe

Remote address:

8.8.8.8:53

Request

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com

IN AAAA

Response
DNS

u.clarity.ms

firefox.exe

Remote address:

8.8.8.8:53

Request

u.clarity.ms

IN A

Response

u.clarity.ms

IN CNAME

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com

IN A

4.227.249.197
DNS

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com

firefox.exe

Remote address:

8.8.8.8:53

Request

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com

IN A

Response

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com

IN A

4.227.249.197
DNS

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com

firefox.exe

Remote address:

8.8.8.8:53

Request

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com

IN AAAA

Response
DNS

default.exp-tas.com

Code.exe

Remote address:

8.8.8.8:53

Request

default.exp-tas.com

IN A

Response

default.exp-tas.com

IN CNAME

deault-exp-tas-com.e-0014.e-msedge.net

deault-exp-tas-com.e-0014.e-msedge.net

IN CNAME

e-0014.e-msedge.net

e-0014.e-msedge.net

IN A

13.107.5.93
DNS

default.exp-tas.com

Code.exe

Remote address:

8.8.8.8:53

Request

default.exp-tas.com

IN Unknown

Response

default.exp-tas.com

IN CNAME

deault-exp-tas-com.e-0014.e-msedge.net

deault-exp-tas-com.e-0014.e-msedge.net

IN CNAME

e-0014.e-msedge.net
DNS

93.5.107.13.in-addr.arpa

Remote address:

8.8.8.8:53

Request

93.5.107.13.in-addr.arpa

IN PTR

Response
DNS

main.vscode-cdn.net

Code.exe

Remote address:

8.8.8.8:53

Request

main.vscode-cdn.net

IN A

Response

main.vscode-cdn.net

IN CNAME

vscode-cdn.z01.azurefd.net

vscode-cdn.z01.azurefd.net

IN CNAME

star-azurefd-prod.trafficmanager.net

star-azurefd-prod.trafficmanager.net

IN CNAME

shed.dual-low.s-part-0036.t-0009.t-msedge.net

shed.dual-low.s-part-0036.t-0009.t-msedge.net

IN CNAME

s-part-0036.t-0009.t-msedge.net

s-part-0036.t-0009.t-msedge.net

IN A

13.107.246.64
DNS

main.vscode-cdn.net

Code.exe

Remote address:

8.8.8.8:53

Request

main.vscode-cdn.net

IN Unknown

Response

main.vscode-cdn.net

IN CNAME

vscode-cdn.z01.azurefd.net

vscode-cdn.z01.azurefd.net

IN CNAME

star-azurefd-prod.trafficmanager.net

star-azurefd-prod.trafficmanager.net

IN CNAME

shed.dual-low.s-part-0036.t-0009.t-msedge.net

shed.dual-low.s-part-0036.t-0009.t-msedge.net

IN CNAME

s-part-0036.t-0009.t-msedge.net
DNS

main.vscode-cdn.net

Code.exe

Remote address:

8.8.8.8:53

Request

main.vscode-cdn.net

IN A

Response

main.vscode-cdn.net

IN CNAME

vscode-cdn.z01.azurefd.net

vscode-cdn.z01.azurefd.net

IN CNAME

star-azurefd-prod.trafficmanager.net

star-azurefd-prod.trafficmanager.net

IN CNAME

shed.dual-low.s-part-0036.t-0009.t-msedge.net

shed.dual-low.s-part-0036.t-0009.t-msedge.net

IN CNAME

s-part-0036.t-0009.t-msedge.net

s-part-0036.t-0009.t-msedge.net

IN A

13.107.246.64
DNS

main.vscode-cdn.net

Code.exe

Remote address:

8.8.8.8:53

Request

main.vscode-cdn.net

IN Unknown

Response

main.vscode-cdn.net

IN CNAME

vscode-cdn.z01.azurefd.net

vscode-cdn.z01.azurefd.net

IN CNAME

star-azurefd-prod.trafficmanager.net

star-azurefd-prod.trafficmanager.net

IN CNAME

shed.dual-low.s-part-0036.t-0009.t-msedge.net

shed.dual-low.s-part-0036.t-0009.t-msedge.net

IN CNAME

s-part-0036.t-0009.t-msedge.net
DNS

marketplace.visualstudio.com

msedge.exe

Remote address:

8.8.8.8:53

Request

marketplace.visualstudio.com

IN A

Response

marketplace.visualstudio.com

IN A

13.107.42.18
DNS

132.10.212.52.in-addr.arpa

msedge.exe

Remote address:

8.8.8.8:53

Request

132.10.212.52.in-addr.arpa

IN PTR

Response

132.10.212.52.in-addr.arpa

IN PTR

ec2-52-212-10-132 eu-west-1compute amazonawscom
DNS

marketplace.visualstudio.com

msedge.exe

Remote address:

8.8.8.8:53

Request

marketplace.visualstudio.com

IN Unknown

Response
DNS

firefox-devtools.gallerycdn.vsassets.io

Code.exe

Remote address:

8.8.8.8:53

Request

firefox-devtools.gallerycdn.vsassets.io

IN A

Response

firefox-devtools.gallerycdn.vsassets.io

IN CNAME

market-prod-cdn.trafficmanager.net

market-prod-cdn.trafficmanager.net

IN CNAME

gallerycdn.vsassets.io.edgesuite.net

gallerycdn.vsassets.io.edgesuite.net

IN CNAME

a125.dscr.akamai.net

a125.dscr.akamai.net

IN A

88.221.134.203

a125.dscr.akamai.net

IN A

88.221.134.178

a125.dscr.akamai.net

IN A

88.221.134.208
DNS

firefox-devtools.gallerycdn.vsassets.io

Remote address:

8.8.8.8:53

Request

firefox-devtools.gallerycdn.vsassets.io

IN Unknown

Response

firefox-devtools.gallerycdn.vsassets.io

IN CNAME

market-prod-cdn.trafficmanager.net

market-prod-cdn.trafficmanager.net

IN CNAME

gallerycdn.vsassets.io.edgesuite.net

gallerycdn.vsassets.io.edgesuite.net

IN CNAME

a125.dscr.akamai.net
DNS

browser.events.data.microsoft.com

Remote address:

8.8.8.8:53

Request

browser.events.data.microsoft.com

IN A

Response

browser.events.data.microsoft.com

IN CNAME

browser.events.data.trafficmanager.net

browser.events.data.trafficmanager.net

IN CNAME

onedscolprdwus09.westus.cloudapp.azure.com

onedscolprdwus09.westus.cloudapp.azure.com

IN A

20.189.173.10
DNS

mobile.events.data.microsoft.com

Code.exe

Remote address:

8.8.8.8:53

Request

mobile.events.data.microsoft.com

IN A

Response

mobile.events.data.microsoft.com

IN CNAME

mobile.events.data.trafficmanager.net

mobile.events.data.trafficmanager.net

IN CNAME

onedscolprdweu10.westeurope.cloudapp.azure.com

onedscolprdweu10.westeurope.cloudapp.azure.com

IN A

20.50.201.204
DNS

mobile.events.data.microsoft.com

Code.exe

Remote address:

8.8.8.8:53

Request

mobile.events.data.microsoft.com

IN Unknown

Response

mobile.events.data.microsoft.com

IN CNAME

mobile.events.data.trafficmanager.net

mobile.events.data.trafficmanager.net

IN CNAME

onedscolprdeus05.eastus.cloudapp.azure.com
DNS

203.134.221.88.in-addr.arpa

Remote address:

8.8.8.8:53

Request

203.134.221.88.in-addr.arpa

IN PTR

Response

203.134.221.88.in-addr.arpa

IN PTR

a88-221-134-203deploystaticakamaitechnologiescom
DNS

u.clarity.ms

firefox.exe

Remote address:

8.8.8.8:53

Request

u.clarity.ms

IN A

Response

u.clarity.ms

IN CNAME

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com

IN A

4.227.249.197
DNS

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com

firefox.exe

Remote address:

8.8.8.8:53

Request

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com

IN A

Response

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com

IN A

4.227.249.197
POST

https://u.clarity.ms/collect

firefox.exe

Remote address:

4.227.249.197:443

Request

POST /collect HTTP/1.1
Host: u.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
Accept: application/x-clarity-gzip
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Length: 1498
Origin: https://visualstudio.microsoft.com
Connection: keep-alive
Referer: https://visualstudio.microsoft.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

Response

HTTP/1.1 204 No Content

Server: nginx
Date: Thu, 16 Jan 2025 18:48:31 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://visualstudio.microsoft.com
Vary: Origin
Request-Context: appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81
DNS

204.201.50.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

204.201.50.20.in-addr.arpa

IN PTR

Response
DNS

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com

firefox.exe

Remote address:

8.8.8.8:53

Request

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com

IN AAAA

Response
DNS

ms-toolsai.gallerycdn.vsassets.io

Code.exe

Remote address:

8.8.8.8:53

Request

ms-toolsai.gallerycdn.vsassets.io

IN A

Response

ms-toolsai.gallerycdn.vsassets.io

IN CNAME

market-prod-cdn.trafficmanager.net

market-prod-cdn.trafficmanager.net

IN CNAME

gallerycdn.vsassets.io.edgesuite.net

gallerycdn.vsassets.io.edgesuite.net

IN CNAME

a125.dscr.akamai.net

a125.dscr.akamai.net

IN A

88.221.134.208

a125.dscr.akamai.net

IN A

88.221.134.201

a125.dscr.akamai.net

IN A

88.221.134.178
DNS

ms-toolsai.gallerycdn.vsassets.io

Code.exe

Remote address:

8.8.8.8:53

Request

ms-toolsai.gallerycdn.vsassets.io

IN Unknown

Response

ms-toolsai.gallerycdn.vsassets.io

IN CNAME

market-prod-cdn.trafficmanager.net

market-prod-cdn.trafficmanager.net

IN CNAME

gallerycdn.vsassets.io.edgesuite.net

gallerycdn.vsassets.io.edgesuite.net

IN CNAME

a125.dscr.akamai.net
DNS

ms-vscode.gallerycdn.vsassets.io

firefox.exe

Remote address:

8.8.8.8:53

Request

ms-vscode.gallerycdn.vsassets.io

IN A

Response

ms-vscode.gallerycdn.vsassets.io

IN CNAME

market-prod-cdn.trafficmanager.net

market-prod-cdn.trafficmanager.net

IN CNAME

gallerycdn.vsassets.io.edgesuite.net

gallerycdn.vsassets.io.edgesuite.net

IN CNAME

a125.dscr.akamai.net

a125.dscr.akamai.net

IN A

88.221.134.178

a125.dscr.akamai.net

IN A

88.221.134.201

a125.dscr.akamai.net

IN A

88.221.134.208
DNS

ms-vscode.gallerycdn.vsassets.io

firefox.exe

Remote address:

8.8.8.8:53

Request

ms-vscode.gallerycdn.vsassets.io

IN Unknown

Response

ms-vscode.gallerycdn.vsassets.io

IN CNAME

market-prod-cdn.trafficmanager.net

market-prod-cdn.trafficmanager.net

IN CNAME

gallerycdn.vsassets.io.edgesuite.net

gallerycdn.vsassets.io.edgesuite.net

IN CNAME

a125.dscr.akamai.net
DNS

ms-python.gallerycdn.vsassets.io

firefox.exe

Remote address:

8.8.8.8:53

Request

ms-python.gallerycdn.vsassets.io

IN A

Response

ms-python.gallerycdn.vsassets.io

IN CNAME

market-prod-cdn.trafficmanager.net

market-prod-cdn.trafficmanager.net

IN CNAME

gallerycdn.vsassets.io.edgesuite.net

gallerycdn.vsassets.io.edgesuite.net

IN CNAME

a125.dscr.akamai.net

a125.dscr.akamai.net

IN A

88.221.134.203

a125.dscr.akamai.net

IN A

88.221.134.178

a125.dscr.akamai.net

IN A

88.221.134.208
DNS

ms-python.gallerycdn.vsassets.io

firefox.exe

Remote address:

8.8.8.8:53

Request

ms-python.gallerycdn.vsassets.io

IN Unknown

Response

ms-python.gallerycdn.vsassets.io

IN CNAME

market-prod-cdn.trafficmanager.net

market-prod-cdn.trafficmanager.net

IN CNAME

gallerycdn.vsassets.io.edgesuite.net

gallerycdn.vsassets.io.edgesuite.net

IN CNAME

a125.dscr.akamai.net
DNS

mobile.events.data.microsoft.com

Code.exe

Remote address:

8.8.8.8:53

Request

mobile.events.data.microsoft.com

IN A

Response

mobile.events.data.microsoft.com

IN CNAME

mobile.events.data.trafficmanager.net

mobile.events.data.trafficmanager.net

IN CNAME

onedscolprdweu10.westeurope.cloudapp.azure.com

onedscolprdweu10.westeurope.cloudapp.azure.com

IN A

20.50.201.204
DNS

208.134.221.88.in-addr.arpa

Remote address:

8.8.8.8:53

Request

208.134.221.88.in-addr.arpa

IN PTR

Response

208.134.221.88.in-addr.arpa

IN PTR

a88-221-134-208deploystaticakamaitechnologiescom
DNS

ritwickdey.gallerycdn.vsassets.io

Code.exe

Remote address:

8.8.8.8:53

Request

ritwickdey.gallerycdn.vsassets.io

IN A

Response

ritwickdey.gallerycdn.vsassets.io

IN CNAME

market-prod-cdn.trafficmanager.net

market-prod-cdn.trafficmanager.net

IN CNAME

gallerycdn.vsassets.io.edgesuite.net

gallerycdn.vsassets.io.edgesuite.net

IN CNAME

a125.dscr.akamai.net

a125.dscr.akamai.net

IN A

88.221.134.178

a125.dscr.akamai.net

IN A

88.221.134.203

a125.dscr.akamai.net

IN A

88.221.134.208
DNS

ritwickdey.gallerycdn.vsassets.io

Code.exe

Remote address:

8.8.8.8:53

Request

ritwickdey.gallerycdn.vsassets.io

IN Unknown

Response

ritwickdey.gallerycdn.vsassets.io

IN CNAME

market-prod-cdn.trafficmanager.net

market-prod-cdn.trafficmanager.net

IN CNAME

gallerycdn.vsassets.io.edgesuite.net

gallerycdn.vsassets.io.edgesuite.net

IN CNAME

a125.dscr.akamai.net
DNS

visualstudioexptteam.gallerycdn.vsassets.io

Code.exe

Remote address:

8.8.8.8:53

Request

visualstudioexptteam.gallerycdn.vsassets.io

IN A

Response

visualstudioexptteam.gallerycdn.vsassets.io

IN CNAME

market-prod-cdn.trafficmanager.net

market-prod-cdn.trafficmanager.net

IN CNAME

gallerycdn.vsassets.io.edgesuite.net

gallerycdn.vsassets.io.edgesuite.net

IN CNAME

a125.dscr.akamai.net

a125.dscr.akamai.net

IN A

88.221.134.208

a125.dscr.akamai.net

IN A

88.221.134.178

a125.dscr.akamai.net

IN A

88.221.134.203
DNS

visualstudioexptteam.gallerycdn.vsassets.io

Code.exe

Remote address:

8.8.8.8:53

Request

visualstudioexptteam.gallerycdn.vsassets.io

IN Unknown

Response

visualstudioexptteam.gallerycdn.vsassets.io

IN CNAME

market-prod-cdn.trafficmanager.net

market-prod-cdn.trafficmanager.net

IN CNAME

gallerycdn.vsassets.io.edgesuite.net

gallerycdn.vsassets.io.edgesuite.net

IN CNAME

a125.dscr.akamai.net
DNS

esbenp.gallerycdn.vsassets.io

Code.exe

Remote address:

8.8.8.8:53

Request

esbenp.gallerycdn.vsassets.io

IN A

Response

esbenp.gallerycdn.vsassets.io

IN CNAME

market-prod-cdn.trafficmanager.net

market-prod-cdn.trafficmanager.net

IN CNAME

gallerycdn.vsassets.io.edgesuite.net

gallerycdn.vsassets.io.edgesuite.net

IN CNAME

a125.dscr.akamai.net

a125.dscr.akamai.net

IN A

88.221.134.208

a125.dscr.akamai.net

IN A

88.221.134.178

a125.dscr.akamai.net

IN A

88.221.134.203
DNS

esbenp.gallerycdn.vsassets.io

Code.exe

Remote address:

8.8.8.8:53

Request

esbenp.gallerycdn.vsassets.io

IN Unknown

Response

esbenp.gallerycdn.vsassets.io

IN CNAME

market-prod-cdn.trafficmanager.net

market-prod-cdn.trafficmanager.net

IN CNAME

gallerycdn.vsassets.io.edgesuite.net

gallerycdn.vsassets.io.edgesuite.net

IN CNAME

a125.dscr.akamai.net
DNS

hars.gallerycdn.vsassets.io

Code.exe

Remote address:

8.8.8.8:53

Request

hars.gallerycdn.vsassets.io

IN A

Response

hars.gallerycdn.vsassets.io

IN CNAME

market-prod-cdn.trafficmanager.net

market-prod-cdn.trafficmanager.net

IN CNAME

gallerycdn.vsassets.io.edgesuite.net

gallerycdn.vsassets.io.edgesuite.net

IN CNAME

a125.dscr.akamai.net

a125.dscr.akamai.net

IN A

88.221.134.201

a125.dscr.akamai.net

IN A

88.221.134.178

a125.dscr.akamai.net

IN A

88.221.134.208
DNS

hars.gallerycdn.vsassets.io

Code.exe

Remote address:

8.8.8.8:53

Request

hars.gallerycdn.vsassets.io

IN Unknown

Response

hars.gallerycdn.vsassets.io

IN CNAME

market-prod-cdn.trafficmanager.net

market-prod-cdn.trafficmanager.net

IN CNAME

gallerycdn.vsassets.io.edgesuite.net

gallerycdn.vsassets.io.edgesuite.net

IN CNAME

a125.dscr.akamai.net
DNS

franneck94.gallerycdn.vsassets.io

Code.exe

Remote address:

8.8.8.8:53

Request

franneck94.gallerycdn.vsassets.io

IN A

Response

franneck94.gallerycdn.vsassets.io

IN CNAME

market-prod-cdn.trafficmanager.net

market-prod-cdn.trafficmanager.net

IN CNAME

gallerycdn.vsassets.io.edgesuite.net

gallerycdn.vsassets.io.edgesuite.net

IN CNAME

a125.dscr.akamai.net

a125.dscr.akamai.net

IN A

88.221.134.203

a125.dscr.akamai.net

IN A

88.221.134.178

a125.dscr.akamai.net

IN A

88.221.134.208
DNS

franneck94.gallerycdn.vsassets.io

Code.exe

Remote address:

8.8.8.8:53

Request

franneck94.gallerycdn.vsassets.io

IN Unknown

Response

franneck94.gallerycdn.vsassets.io

IN CNAME

market-prod-cdn.trafficmanager.net

market-prod-cdn.trafficmanager.net

IN CNAME

gallerycdn.vsassets.io.edgesuite.net

gallerycdn.vsassets.io.edgesuite.net

IN CNAME

a125.dscr.akamai.net
DNS

danielpinto8zz6.gallerycdn.vsassets.io

Code.exe

Remote address:

8.8.8.8:53

Request

danielpinto8zz6.gallerycdn.vsassets.io

IN A

Response

danielpinto8zz6.gallerycdn.vsassets.io

IN CNAME

market-prod-cdn.trafficmanager.net

market-prod-cdn.trafficmanager.net

IN CNAME

gallerycdn.vsassets.io.edgesuite.net

gallerycdn.vsassets.io.edgesuite.net

IN CNAME

a125.dscr.akamai.net

a125.dscr.akamai.net

IN A

88.221.134.208

a125.dscr.akamai.net

IN A

88.221.134.201

a125.dscr.akamai.net

IN A

88.221.134.178
DNS

danielpinto8zz6.gallerycdn.vsassets.io

Code.exe

Remote address:

8.8.8.8:53

Request

danielpinto8zz6.gallerycdn.vsassets.io

IN Unknown

Response

danielpinto8zz6.gallerycdn.vsassets.io

IN CNAME

market-prod-cdn.trafficmanager.net

market-prod-cdn.trafficmanager.net

IN CNAME

gallerycdn.vsassets.io.edgesuite.net

gallerycdn.vsassets.io.edgesuite.net

IN CNAME

a125.dscr.akamai.net
DNS

11.227.111.52.in-addr.arpa

Remote address:

8.8.8.8:53

Request

11.227.111.52.in-addr.arpa

IN PTR

Response
DNS

201.134.221.88.in-addr.arpa

Remote address:

8.8.8.8:53

Request

201.134.221.88.in-addr.arpa

IN PTR

Response

201.134.221.88.in-addr.arpa

IN PTR

a88-221-134-201deploystaticakamaitechnologiescom
DNS

kaysonwu.gallerycdn.vsassets.io

Code.exe

Remote address:

8.8.8.8:53

Request

kaysonwu.gallerycdn.vsassets.io

IN A

Response

kaysonwu.gallerycdn.vsassets.io

IN CNAME

market-prod-cdn.trafficmanager.net

market-prod-cdn.trafficmanager.net

IN CNAME

gallerycdn.vsassets.io.edgesuite.net

gallerycdn.vsassets.io.edgesuite.net

IN CNAME

a125.dscr.akamai.net

a125.dscr.akamai.net

IN A

88.221.134.201

a125.dscr.akamai.net

IN A

88.221.134.208

a125.dscr.akamai.net

IN A

88.221.134.178
DNS

kaysonwu.gallerycdn.vsassets.io

Code.exe

Remote address:

8.8.8.8:53

Request

kaysonwu.gallerycdn.vsassets.io

IN Unknown

Response

kaysonwu.gallerycdn.vsassets.io

IN CNAME

market-prod-cdn.trafficmanager.net

market-prod-cdn.trafficmanager.net

IN CNAME

gallerycdn.vsassets.io.edgesuite.net

gallerycdn.vsassets.io.edgesuite.net

IN CNAME

a125.dscr.akamai.net
DNS

brapifra.gallerycdn.vsassets.io

Code.exe

Remote address:

8.8.8.8:53

Request

brapifra.gallerycdn.vsassets.io

IN A

Response

brapifra.gallerycdn.vsassets.io

IN CNAME

market-prod-cdn.trafficmanager.net

market-prod-cdn.trafficmanager.net

IN CNAME

gallerycdn.vsassets.io.edgesuite.net

gallerycdn.vsassets.io.edgesuite.net

IN CNAME

a125.dscr.akamai.net

a125.dscr.akamai.net

IN A

88.221.134.178

a125.dscr.akamai.net

IN A

88.221.134.208

a125.dscr.akamai.net

IN A

88.221.134.203
DNS

brapifra.gallerycdn.vsassets.io

Code.exe

Remote address:

8.8.8.8:53

Request

brapifra.gallerycdn.vsassets.io

IN Unknown

Response

brapifra.gallerycdn.vsassets.io

IN CNAME

market-prod-cdn.trafficmanager.net

market-prod-cdn.trafficmanager.net

IN CNAME

gallerycdn.vsassets.io.edgesuite.net

gallerycdn.vsassets.io.edgesuite.net

IN CNAME

a125.dscr.akamai.net
DNS

jbenden.gallerycdn.vsassets.io

Code.exe

Remote address:

8.8.8.8:53

Request

jbenden.gallerycdn.vsassets.io

IN A

Response

jbenden.gallerycdn.vsassets.io

IN CNAME

market-prod-cdn.trafficmanager.net

market-prod-cdn.trafficmanager.net

IN CNAME

gallerycdn.vsassets.io.edgesuite.net

gallerycdn.vsassets.io.edgesuite.net

IN CNAME

a125.dscr.akamai.net

a125.dscr.akamai.net

IN A

88.221.134.178

a125.dscr.akamai.net

IN A

88.221.134.201

a125.dscr.akamai.net

IN A

88.221.134.208
DNS

jbenden.gallerycdn.vsassets.io

Code.exe

Remote address:

8.8.8.8:53

Request

jbenden.gallerycdn.vsassets.io

IN Unknown

Response

jbenden.gallerycdn.vsassets.io

IN CNAME

market-prod-cdn.trafficmanager.net

market-prod-cdn.trafficmanager.net

IN CNAME

gallerycdn.vsassets.io.edgesuite.net

gallerycdn.vsassets.io.edgesuite.net

IN CNAME

a125.dscr.akamai.net
DNS

jaycetyle.gallerycdn.vsassets.io

Code.exe

Remote address:

8.8.8.8:53

Request

jaycetyle.gallerycdn.vsassets.io

IN A

Response

jaycetyle.gallerycdn.vsassets.io

IN CNAME

market-prod-cdn.trafficmanager.net

market-prod-cdn.trafficmanager.net

IN CNAME

gallerycdn.vsassets.io.edgesuite.net

gallerycdn.vsassets.io.edgesuite.net

IN CNAME

a125.dscr.akamai.net

a125.dscr.akamai.net

IN A

88.221.134.208

a125.dscr.akamai.net

IN A

88.221.134.178

a125.dscr.akamai.net

IN A

88.221.134.201
DNS

jaycetyle.gallerycdn.vsassets.io

Code.exe

Remote address:

8.8.8.8:53

Request

jaycetyle.gallerycdn.vsassets.io

IN Unknown

Response

jaycetyle.gallerycdn.vsassets.io

IN CNAME

market-prod-cdn.trafficmanager.net

market-prod-cdn.trafficmanager.net

IN CNAME

gallerycdn.vsassets.io.edgesuite.net

gallerycdn.vsassets.io.edgesuite.net

IN CNAME

a125.dscr.akamai.net
DNS

leojhonsong.gallerycdn.vsassets.io

Code.exe

Remote address:

8.8.8.8:53

Request

leojhonsong.gallerycdn.vsassets.io

IN A

Response

leojhonsong.gallerycdn.vsassets.io

IN CNAME

market-prod-cdn.trafficmanager.net

market-prod-cdn.trafficmanager.net

IN CNAME

gallerycdn.vsassets.io.edgesuite.net

gallerycdn.vsassets.io.edgesuite.net

IN CNAME

a125.dscr.akamai.net

a125.dscr.akamai.net

IN A

88.221.134.178

a125.dscr.akamai.net

IN A

88.221.134.203

a125.dscr.akamai.net

IN A

88.221.134.208
DNS

leojhonsong.gallerycdn.vsassets.io

Code.exe

Remote address:

8.8.8.8:53

Request

leojhonsong.gallerycdn.vsassets.io

IN Unknown

Response

leojhonsong.gallerycdn.vsassets.io

IN CNAME

market-prod-cdn.trafficmanager.net

market-prod-cdn.trafficmanager.net

IN CNAME

gallerycdn.vsassets.io.edgesuite.net

gallerycdn.vsassets.io.edgesuite.net

IN CNAME

a125.dscr.akamai.net
DNS

browser.events.data.microsoft.com

msedge.exe

Remote address:

8.8.8.8:53

Request

browser.events.data.microsoft.com

IN A

Response

browser.events.data.microsoft.com

IN CNAME

browser.events.data.trafficmanager.net

browser.events.data.trafficmanager.net

IN CNAME

onedscolprdwus22.westus.cloudapp.azure.com

onedscolprdwus22.westus.cloudapp.azure.com

IN A

20.189.173.17
DNS

onedscolprdwus22.westus.cloudapp.azure.com

firefox.exe

Remote address:

8.8.8.8:53

Request

onedscolprdwus22.westus.cloudapp.azure.com

IN A

Response

onedscolprdwus22.westus.cloudapp.azure.com

IN A

20.189.173.17
DNS

onedscolprdwus22.westus.cloudapp.azure.com

firefox.exe

Remote address:

8.8.8.8:53

Request

onedscolprdwus22.westus.cloudapp.azure.com

IN AAAA

Response
DNS

u.clarity.ms

firefox.exe

Remote address:

8.8.8.8:53

Request

u.clarity.ms

IN A

Response

u.clarity.ms

IN CNAME

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com

IN A

4.227.249.197
DNS

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com

firefox.exe

Remote address:

8.8.8.8:53

Request

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com

IN A

Response

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com

IN A

4.227.249.197
POST

https://u.clarity.ms/collect

firefox.exe

Remote address:

4.227.249.197:443

Request

POST /collect HTTP/1.1
Host: u.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
Accept: application/x-clarity-gzip
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Length: 2030
Origin: https://visualstudio.microsoft.com
Connection: keep-alive
Referer: https://visualstudio.microsoft.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

Response

HTTP/1.1 204 No Content

Server: nginx
Date: Thu, 16 Jan 2025 18:48:43 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://visualstudio.microsoft.com
Vary: Origin
Request-Context: appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81
DNS

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com

firefox.exe

Remote address:

8.8.8.8:53

Request

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com

IN AAAA

Response
DNS

ms-dotnettools.gallerycdn.vsassets.io

msedge.exe

Remote address:

8.8.8.8:53

Request

ms-dotnettools.gallerycdn.vsassets.io

IN A

Response

ms-dotnettools.gallerycdn.vsassets.io

IN CNAME

market-prod-cdn.trafficmanager.net

market-prod-cdn.trafficmanager.net

IN CNAME

gallerycdn.vsassets.io.edgesuite.net

gallerycdn.vsassets.io.edgesuite.net

IN CNAME

a125.dscr.akamai.net

a125.dscr.akamai.net

IN A

88.221.134.225

a125.dscr.akamai.net

IN A

88.221.134.178

a125.dscr.akamai.net

IN A

88.221.134.219
DNS

ms-dotnettools.gallerycdn.vsassets.io

msedge.exe

Remote address:

8.8.8.8:53

Request

ms-dotnettools.gallerycdn.vsassets.io

IN Unknown

Response

ms-dotnettools.gallerycdn.vsassets.io

IN CNAME

market-prod-cdn.trafficmanager.net

market-prod-cdn.trafficmanager.net

IN CNAME

gallerycdn.vsassets.io.edgesuite.net

gallerycdn.vsassets.io.edgesuite.net

IN CNAME

a125.dscr.akamai.net
DNS

doggy8088.gallerycdn.vsassets.io

Code.exe

Remote address:

8.8.8.8:53

Request

doggy8088.gallerycdn.vsassets.io

IN A

Response

doggy8088.gallerycdn.vsassets.io

IN CNAME

market-prod-cdn.trafficmanager.net

market-prod-cdn.trafficmanager.net

IN CNAME

gallerycdn.vsassets.io.edgesuite.net

gallerycdn.vsassets.io.edgesuite.net

IN CNAME

a125.dscr.akamai.net

a125.dscr.akamai.net

IN A

88.221.134.219

a125.dscr.akamai.net

IN A

88.221.134.178

a125.dscr.akamai.net

IN A

88.221.134.225
DNS

doggy8088.gallerycdn.vsassets.io

Code.exe

Remote address:

8.8.8.8:53

Request

doggy8088.gallerycdn.vsassets.io

IN Unknown

Response

doggy8088.gallerycdn.vsassets.io

IN CNAME

market-prod-cdn.trafficmanager.net

market-prod-cdn.trafficmanager.net

IN CNAME

gallerycdn.vsassets.io.edgesuite.net

gallerycdn.vsassets.io.edgesuite.net

IN CNAME

a125.dscr.akamai.net
DNS

adrianwilczynski.gallerycdn.vsassets.io

Code.exe

Remote address:

8.8.8.8:53

Request

adrianwilczynski.gallerycdn.vsassets.io

IN A

Response

adrianwilczynski.gallerycdn.vsassets.io

IN CNAME

market-prod-cdn.trafficmanager.net

market-prod-cdn.trafficmanager.net

IN CNAME

gallerycdn.vsassets.io.edgesuite.net

gallerycdn.vsassets.io.edgesuite.net

IN CNAME

a125.dscr.akamai.net

a125.dscr.akamai.net

IN A

88.221.134.219

a125.dscr.akamai.net

IN A

88.221.134.178

a125.dscr.akamai.net

IN A

88.221.134.225
DNS

adrianwilczynski.gallerycdn.vsassets.io

Code.exe

Remote address:

8.8.8.8:53

Request

adrianwilczynski.gallerycdn.vsassets.io

IN Unknown

Response

adrianwilczynski.gallerycdn.vsassets.io

IN CNAME

market-prod-cdn.trafficmanager.net

market-prod-cdn.trafficmanager.net

IN CNAME

gallerycdn.vsassets.io.edgesuite.net

gallerycdn.vsassets.io.edgesuite.net

IN CNAME

a125.dscr.akamai.net
DNS

formulahendry.gallerycdn.vsassets.io

Code.exe

Remote address:

8.8.8.8:53

Request

formulahendry.gallerycdn.vsassets.io

IN A

Response

formulahendry.gallerycdn.vsassets.io

IN CNAME

market-prod-cdn.trafficmanager.net

market-prod-cdn.trafficmanager.net

IN CNAME

gallerycdn.vsassets.io.edgesuite.net

gallerycdn.vsassets.io.edgesuite.net

IN CNAME

a125.dscr.akamai.net

a125.dscr.akamai.net

IN A

88.221.134.178

a125.dscr.akamai.net

IN A

88.221.134.201

a125.dscr.akamai.net

IN A

88.221.134.208
DNS

formulahendry.gallerycdn.vsassets.io

Code.exe

Remote address:

8.8.8.8:53

Request

formulahendry.gallerycdn.vsassets.io

IN Unknown

Response

formulahendry.gallerycdn.vsassets.io

IN CNAME

market-prod-cdn.trafficmanager.net

market-prod-cdn.trafficmanager.net

IN CNAME

gallerycdn.vsassets.io.edgesuite.net

gallerycdn.vsassets.io.edgesuite.net

IN CNAME

a125.dscr.akamai.net
DNS

ms-dotnettools.gallerycdn.vsassets.io

msedge.exe

Remote address:

8.8.8.8:53

Request

ms-dotnettools.gallerycdn.vsassets.io

IN A

Response

ms-dotnettools.gallerycdn.vsassets.io

IN CNAME

market-prod-cdn.trafficmanager.net

market-prod-cdn.trafficmanager.net

IN CNAME

gallerycdn.vsassets.io.edgesuite.net

gallerycdn.vsassets.io.edgesuite.net

IN CNAME

a125.dscr.akamai.net

a125.dscr.akamai.net

IN A

88.221.134.208

a125.dscr.akamai.net

IN A

88.221.134.178

a125.dscr.akamai.net

IN A

88.221.134.201
DNS

ms-dotnettools.gallerycdn.vsassets.io

msedge.exe

Remote address:

8.8.8.8:53

Request

ms-dotnettools.gallerycdn.vsassets.io

IN Unknown

Response

ms-dotnettools.gallerycdn.vsassets.io

IN CNAME

market-prod-cdn.trafficmanager.net

market-prod-cdn.trafficmanager.net

IN CNAME

gallerycdn.vsassets.io.edgesuite.net

gallerycdn.vsassets.io.edgesuite.net

IN CNAME

a125.dscr.akamai.net
DNS

img.shields.io

Code.exe

Remote address:

8.8.8.8:53

Request

img.shields.io

IN A

Response

img.shields.io

IN A

104.21.80.27

img.shields.io

IN A

172.67.173.89
DNS

img.shields.io

Code.exe

Remote address:

8.8.8.8:53

Request

img.shields.io

IN Unknown

Response

img.shields.io

IN Unknown

h3h2hP�C�YGE� AE Sz��U�%�4BL(� �`4�u��"j�xZfcloudflare-ech.com &G05�C�Y&G07hP
DNS

raw.githubusercontent.com

msedge.exe

Remote address:

8.8.8.8:53

Request

raw.githubusercontent.com

IN A

Response

raw.githubusercontent.com

IN A

185.199.109.133

raw.githubusercontent.com

IN A

185.199.110.133

raw.githubusercontent.com

IN A

185.199.108.133

raw.githubusercontent.com

IN A

185.199.111.133
DNS

raw.githubusercontent.com

msedge.exe

Remote address:

8.8.8.8:53

Request

raw.githubusercontent.com

IN Unknown

Response
DNS

ms-dotnettools.gallery.vsassets.io

Code.exe

Remote address:

8.8.8.8:53

Request

ms-dotnettools.gallery.vsassets.io

IN A

Response

ms-dotnettools.gallery.vsassets.io

IN A

13.107.6.175
DNS

ms-dotnettools.gallery.vsassets.io

Code.exe

Remote address:

8.8.8.8:53

Request

ms-dotnettools.gallery.vsassets.io

IN Unknown

Response
DNS

27.80.21.104.in-addr.arpa

Remote address:

8.8.8.8:53

Request

27.80.21.104.in-addr.arpa

IN PTR

Response
DNS

133.109.199.185.in-addr.arpa

Remote address:

8.8.8.8:53

Request

133.109.199.185.in-addr.arpa

IN PTR

Response

133.109.199.185.in-addr.arpa

IN PTR

cdn-185-199-109-133githubcom
DNS

175.6.107.13.in-addr.arpa

Remote address:

8.8.8.8:53

Request

175.6.107.13.in-addr.arpa

IN PTR

Response
DNS

ionide.gallerycdn.vsassets.io

Code.exe

Remote address:

8.8.8.8:53

Request

ionide.gallerycdn.vsassets.io

IN A

Response

ionide.gallerycdn.vsassets.io

IN CNAME

market-prod-cdn.trafficmanager.net

market-prod-cdn.trafficmanager.net

IN CNAME

gallerycdn.vsassets.io.edgesuite.net

gallerycdn.vsassets.io.edgesuite.net

IN CNAME

a125.dscr.akamai.net

a125.dscr.akamai.net

IN A

88.221.134.225

a125.dscr.akamai.net

IN A

88.221.134.219

a125.dscr.akamai.net

IN A

88.221.134.186

a125.dscr.akamai.net

IN A

88.221.134.203
DNS

ionide.gallerycdn.vsassets.io

Code.exe

Remote address:

8.8.8.8:53

Request

ionide.gallerycdn.vsassets.io

IN Unknown

Response

ionide.gallerycdn.vsassets.io

IN CNAME

market-prod-cdn.trafficmanager.net

market-prod-cdn.trafficmanager.net

IN CNAME

gallerycdn.vsassets.io.edgesuite.net

gallerycdn.vsassets.io.edgesuite.net

IN CNAME

a125.dscr.akamai.net
DNS

marketplace.visualstudio.com

msedge.exe

Remote address:

8.8.8.8:53

Request

marketplace.visualstudio.com

IN A

Response

marketplace.visualstudio.com

IN A

13.107.42.18
DNS

marketplace.visualstudio.com

msedge.exe

Remote address:

8.8.8.8:53

Request

marketplace.visualstudio.com

IN Unknown

Response
DNS

ms-toolsai.gallerycdn.vsassets.io

Code.exe

Remote address:

8.8.8.8:53

Request

ms-toolsai.gallerycdn.vsassets.io

IN A

Response

ms-toolsai.gallerycdn.vsassets.io

IN CNAME

market-prod-cdn.trafficmanager.net

market-prod-cdn.trafficmanager.net

IN CNAME

gallerycdn.vsassets.io.edgesuite.net

gallerycdn.vsassets.io.edgesuite.net

IN CNAME

a125.dscr.akamai.net

a125.dscr.akamai.net

IN A

88.221.134.219

a125.dscr.akamai.net

IN A

88.221.134.225

a125.dscr.akamai.net

IN A

88.221.134.178
DNS

ms-toolsai.gallerycdn.vsassets.io

Code.exe

Remote address:

8.8.8.8:53

Request

ms-toolsai.gallerycdn.vsassets.io

IN Unknown

Response

ms-toolsai.gallerycdn.vsassets.io

IN CNAME

market-prod-cdn.trafficmanager.net

market-prod-cdn.trafficmanager.net

IN CNAME

gallerycdn.vsassets.io.edgesuite.net

gallerycdn.vsassets.io.edgesuite.net

IN CNAME

a125.dscr.akamai.net
DNS

ionide.gallerycdn.vsassets.io

Code.exe

Remote address:

8.8.8.8:53

Request

ionide.gallerycdn.vsassets.io

IN A

Response

ionide.gallerycdn.vsassets.io

IN CNAME

market-prod-cdn.trafficmanager.net

market-prod-cdn.trafficmanager.net

IN CNAME

gallerycdn.vsassets.io.edgesuite.net

gallerycdn.vsassets.io.edgesuite.net

IN CNAME

a125.dscr.akamai.net

a125.dscr.akamai.net

IN A

88.221.134.219

a125.dscr.akamai.net

IN A

88.221.134.186

a125.dscr.akamai.net

IN A

88.221.134.203

a125.dscr.akamai.net

IN A

88.221.134.225
DNS

ionide.gallerycdn.vsassets.io

Code.exe

Remote address:

8.8.8.8:53

Request

ionide.gallerycdn.vsassets.io

IN Unknown

Response

ionide.gallerycdn.vsassets.io

IN CNAME

market-prod-cdn.trafficmanager.net

market-prod-cdn.trafficmanager.net

IN CNAME

gallerycdn.vsassets.io.edgesuite.net

gallerycdn.vsassets.io.edgesuite.net

IN CNAME

a125.dscr.akamai.net
DNS

ms-toolsai.gallery.vsassets.io

Code.exe

Remote address:

8.8.8.8:53

Request

ms-toolsai.gallery.vsassets.io

IN A

Response

ms-toolsai.gallery.vsassets.io

IN A

13.107.6.175
DNS

ms-toolsai.gallery.vsassets.io

Code.exe

Remote address:

8.8.8.8:53

Request

ms-toolsai.gallery.vsassets.io

IN Unknown

Response
DNS

ionide.gallery.vsassets.io

Code.exe

Remote address:

8.8.8.8:53

Request

ionide.gallery.vsassets.io

IN A

Response

ionide.gallery.vsassets.io

IN A

13.107.6.175
DNS

ionide.gallery.vsassets.io

Code.exe

Remote address:

8.8.8.8:53

Request

ionide.gallery.vsassets.io

IN Unknown

Response
DNS

dennismaxjung.gallerycdn.vsassets.io

Code.exe

Remote address:

8.8.8.8:53

Request

dennismaxjung.gallerycdn.vsassets.io

IN A

Response

dennismaxjung.gallerycdn.vsassets.io

IN CNAME

market-prod-cdn.trafficmanager.net

market-prod-cdn.trafficmanager.net

IN CNAME

gallerycdn.vsassets.io.edgesuite.net

gallerycdn.vsassets.io.edgesuite.net

IN CNAME

a125.dscr.akamai.net

a125.dscr.akamai.net

IN A

88.221.134.219

a125.dscr.akamai.net

IN A

88.221.134.225

a125.dscr.akamai.net

IN A

88.221.134.203

a125.dscr.akamai.net

IN A

88.221.134.186
DNS

dennismaxjung.gallerycdn.vsassets.io

Code.exe

Remote address:

8.8.8.8:53

Request

dennismaxjung.gallerycdn.vsassets.io

IN Unknown

Response

dennismaxjung.gallerycdn.vsassets.io

IN CNAME

market-prod-cdn.trafficmanager.net

market-prod-cdn.trafficmanager.net

IN CNAME

gallerycdn.vsassets.io.edgesuite.net

gallerycdn.vsassets.io.edgesuite.net

IN CNAME

a125.dscr.akamai.net
DNS

u.clarity.ms

firefox.exe

Remote address:

8.8.8.8:53

Request

u.clarity.ms

IN A

Response

u.clarity.ms

IN CNAME

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com

IN A

4.227.249.197
DNS

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com

firefox.exe

Remote address:

8.8.8.8:53

Request

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com

IN A

Response

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com

IN A

4.227.249.197
POST

https://u.clarity.ms/collect

firefox.exe

Remote address:

4.227.249.197:443

Request

POST /collect HTTP/1.1
Host: u.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
Accept: application/x-clarity-gzip
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Length: 1819
Origin: https://visualstudio.microsoft.com
Connection: keep-alive
Referer: https://visualstudio.microsoft.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

Response

HTTP/1.1 204 No Content

Server: nginx
Date: Thu, 16 Jan 2025 18:48:57 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://visualstudio.microsoft.com
Vary: Origin
Request-Context: appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81
DNS

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com

firefox.exe

Remote address:

8.8.8.8:53

Request

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com

IN AAAA

Response
DNS

onedscolprdwus09.westus.cloudapp.azure.com

firefox.exe

Remote address:

8.8.8.8:53

Request

onedscolprdwus09.westus.cloudapp.azure.com

IN A

Response

onedscolprdwus09.westus.cloudapp.azure.com

IN A

20.189.173.10
DNS

onedscolprdwus09.westus.cloudapp.azure.com

firefox.exe

Remote address:

8.8.8.8:53

Request

onedscolprdwus09.westus.cloudapp.azure.com

IN AAAA

Response
DNS

u.clarity.ms

firefox.exe

Remote address:

8.8.8.8:53

Request

u.clarity.ms

IN A

Response

u.clarity.ms

IN CNAME

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com

IN A

4.227.249.197
DNS

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com

firefox.exe

Remote address:

8.8.8.8:53

Request

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com

IN A

Response

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com

IN A

4.227.249.197
DNS

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com

firefox.exe

Remote address:

8.8.8.8:53

Request

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com

IN A
DNS

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com

firefox.exe

Remote address:

8.8.8.8:53

Request

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com

IN AAAA

Response
POST

https://u.clarity.ms/collect

firefox.exe

Remote address:

4.227.249.197:443

Request

POST /collect HTTP/1.1
Host: u.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
Accept: application/x-clarity-gzip
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Length: 1960
Origin: https://visualstudio.microsoft.com
Connection: keep-alive
Referer: https://visualstudio.microsoft.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

Response

HTTP/1.1 204 No Content

Server: nginx
Date: Thu, 16 Jan 2025 18:49:11 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://visualstudio.microsoft.com
Vary: Origin
Request-Context: appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81
DNS

u.clarity.ms

firefox.exe

Remote address:

8.8.8.8:53

Request

u.clarity.ms

IN A

Response

u.clarity.ms

IN CNAME

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com

IN A

4.227.249.197
DNS

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com

firefox.exe

Remote address:

8.8.8.8:53

Request

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com

IN A

Response

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com

IN A

4.227.249.197
DNS

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com

firefox.exe

Remote address:

8.8.8.8:53

Request

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com

IN A

Response

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com

IN A

4.227.249.197
POST

https://u.clarity.ms/collect

firefox.exe

Remote address:

4.227.249.197:443

Request

POST /collect HTTP/1.1
Host: u.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
Accept: application/x-clarity-gzip
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Length: 1908
Origin: https://visualstudio.microsoft.com
Connection: keep-alive
Referer: https://visualstudio.microsoft.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

Response

HTTP/1.1 204 No Content

Server: nginx
Date: Thu, 16 Jan 2025 18:49:27 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://visualstudio.microsoft.com
Vary: Origin
Request-Context: appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81
DNS

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com

firefox.exe

Remote address:

8.8.8.8:53

Request

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com

IN AAAA

Response
DNS

mobile.events.data.microsoft.com

Code.exe

Remote address:

8.8.8.8:53

Request

mobile.events.data.microsoft.com

IN A

Response

mobile.events.data.microsoft.com

IN CNAME

mobile.events.data.trafficmanager.net

mobile.events.data.trafficmanager.net

IN CNAME

onedscolprdeus21.eastus.cloudapp.azure.com

onedscolprdeus21.eastus.cloudapp.azure.com

IN A

20.42.73.31
DNS

mobile.events.data.microsoft.com

Code.exe

Remote address:

8.8.8.8:53

Request

mobile.events.data.microsoft.com

IN Unknown

Response

mobile.events.data.microsoft.com

IN CNAME

mobile.events.data.trafficmanager.net

mobile.events.data.trafficmanager.net

IN CNAME

onedscolprdcus13.centralus.cloudapp.azure.com
DNS

9.73.50.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

9.73.50.20.in-addr.arpa

IN PTR

Response
DNS

go.microsoft.com

Remote address:

8.8.8.8:53

Request

go.microsoft.com

IN A

Response

go.microsoft.com

IN CNAME

go.microsoft.com.edgekey.net

go.microsoft.com.edgekey.net

IN CNAME

e11290.dspg.akamaiedge.net

e11290.dspg.akamaiedge.net

IN A

95.100.246.76
DNS

u.clarity.ms

firefox.exe

Remote address:

8.8.8.8:53

Request

u.clarity.ms

IN A

Response

u.clarity.ms

IN CNAME

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com

IN A

4.227.249.197
DNS

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com

firefox.exe

Remote address:

8.8.8.8:53

Request

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com

IN A

Response

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com

IN A

4.227.249.197
POST

https://u.clarity.ms/collect

firefox.exe

Remote address:

4.227.249.197:443

Request

POST /collect HTTP/1.1
Host: u.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
Accept: application/x-clarity-gzip
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Length: 1975
Origin: https://visualstudio.microsoft.com
Connection: keep-alive
Referer: https://visualstudio.microsoft.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

Response

HTTP/1.1 204 No Content

Server: nginx
Date: Thu, 16 Jan 2025 18:49:43 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://visualstudio.microsoft.com
Vary: Origin
Request-Context: appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81
DNS

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com

firefox.exe

Remote address:

8.8.8.8:53

Request

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com

IN AAAA

Response
DNS

u.clarity.ms

firefox.exe

Remote address:

8.8.8.8:53

Request

u.clarity.ms

IN A

Response

u.clarity.ms

IN CNAME

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com

IN A

4.227.249.197
DNS

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com

firefox.exe

Remote address:

8.8.8.8:53

Request

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com

IN A

Response

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com

IN A

4.227.249.197
POST

https://u.clarity.ms/collect

firefox.exe

Remote address:

4.227.249.197:443

Request

POST /collect HTTP/1.1
Host: u.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
Accept: application/x-clarity-gzip
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Length: 2189
Origin: https://visualstudio.microsoft.com
Connection: keep-alive
Referer: https://visualstudio.microsoft.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

Response

HTTP/1.1 204 No Content

Server: nginx
Date: Thu, 16 Jan 2025 18:50:00 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://visualstudio.microsoft.com
Vary: Origin
Request-Context: appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81
DNS

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com

firefox.exe

Remote address:

8.8.8.8:53

Request

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com

IN AAAA

Response
DNS

u.clarity.ms

firefox.exe

Remote address:

8.8.8.8:53

Request

u.clarity.ms

IN A

Response

u.clarity.ms

IN CNAME

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com

IN A

4.227.249.197
DNS

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com

firefox.exe

Remote address:

8.8.8.8:53

Request

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com

IN A

Response

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com

IN A

4.227.249.197
POST

https://u.clarity.ms/collect

firefox.exe

Remote address:

4.227.249.197:443

Request

POST /collect HTTP/1.1
Host: u.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
Accept: application/x-clarity-gzip
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Length: 2070
Origin: https://visualstudio.microsoft.com
Connection: keep-alive
Referer: https://visualstudio.microsoft.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

Response

HTTP/1.1 204 No Content

Server: nginx
Date: Thu, 16 Jan 2025 18:50:18 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://visualstudio.microsoft.com
Vary: Origin
Request-Context: appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81
DNS

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com

firefox.exe

Remote address:

8.8.8.8:53

Request

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com

IN AAAA

Response
DNS

nromanov.gallerycdn.vsassets.io

Code.exe

Remote address:

8.8.8.8:53

Request

nromanov.gallerycdn.vsassets.io

IN A

Response

nromanov.gallerycdn.vsassets.io

IN CNAME

market-prod-cdn.trafficmanager.net

market-prod-cdn.trafficmanager.net

IN CNAME

gallerycdn.vsassets.io.edgesuite.net

gallerycdn.vsassets.io.edgesuite.net

IN CNAME

a125.dscr.akamai.net

a125.dscr.akamai.net

IN A

88.221.134.201

a125.dscr.akamai.net

IN A

88.221.134.219

a125.dscr.akamai.net

IN A

88.221.134.208

a125.dscr.akamai.net

IN A

88.221.134.225
DNS

nromanov.gallerycdn.vsassets.io

Code.exe

Remote address:

8.8.8.8:53

Request

nromanov.gallerycdn.vsassets.io

IN Unknown

Response

nromanov.gallerycdn.vsassets.io

IN CNAME

market-prod-cdn.trafficmanager.net

market-prod-cdn.trafficmanager.net

IN CNAME

gallerycdn.vsassets.io.edgesuite.net

gallerycdn.vsassets.io.edgesuite.net

IN CNAME

a125.dscr.akamai.net
DNS

adrianwilczynski.gallerycdn.vsassets.io

Code.exe

Remote address:

8.8.8.8:53

Request

adrianwilczynski.gallerycdn.vsassets.io

IN A

Response

adrianwilczynski.gallerycdn.vsassets.io

IN CNAME

market-prod-cdn.trafficmanager.net

market-prod-cdn.trafficmanager.net

IN CNAME

gallerycdn.vsassets.io.edgesuite.net

gallerycdn.vsassets.io.edgesuite.net

IN CNAME

a125.dscr.akamai.net

a125.dscr.akamai.net

IN A

88.221.134.219

a125.dscr.akamai.net

IN A

88.221.134.201

a125.dscr.akamai.net

IN A

88.221.134.208

a125.dscr.akamai.net

IN A

88.221.134.225
DNS

adrianwilczynski.gallerycdn.vsassets.io

Code.exe

Remote address:

8.8.8.8:53

Request

adrianwilczynski.gallerycdn.vsassets.io

IN Unknown

Response

adrianwilczynski.gallerycdn.vsassets.io

IN CNAME

market-prod-cdn.trafficmanager.net

market-prod-cdn.trafficmanager.net

IN CNAME

gallerycdn.vsassets.io.edgesuite.net

gallerycdn.vsassets.io.edgesuite.net

IN CNAME

a125.dscr.akamai.net
DNS

murugaratham.gallerycdn.vsassets.io

Code.exe

Remote address:

8.8.8.8:53

Request

murugaratham.gallerycdn.vsassets.io

IN A

Response

murugaratham.gallerycdn.vsassets.io

IN CNAME

market-prod-cdn.trafficmanager.net

market-prod-cdn.trafficmanager.net

IN CNAME

gallerycdn.vsassets.io.edgesuite.net

gallerycdn.vsassets.io.edgesuite.net

IN CNAME

a125.dscr.akamai.net

a125.dscr.akamai.net

IN A

88.221.134.219

a125.dscr.akamai.net

IN A

88.221.134.225

a125.dscr.akamai.net

IN A

88.221.134.208

a125.dscr.akamai.net

IN A

88.221.134.201
DNS

murugaratham.gallerycdn.vsassets.io

Code.exe

Remote address:

8.8.8.8:53

Request

murugaratham.gallerycdn.vsassets.io

IN Unknown

Response

murugaratham.gallerycdn.vsassets.io

IN CNAME

market-prod-cdn.trafficmanager.net

market-prod-cdn.trafficmanager.net

IN CNAME

gallerycdn.vsassets.io.edgesuite.net

gallerycdn.vsassets.io.edgesuite.net

IN CNAME

a125.dscr.akamai.net
DNS

jashoo.gallerycdn.vsassets.io

Code.exe

Remote address:

8.8.8.8:53

Request

jashoo.gallerycdn.vsassets.io

IN A

Response

jashoo.gallerycdn.vsassets.io

IN CNAME

market-prod-cdn.trafficmanager.net

market-prod-cdn.trafficmanager.net

IN CNAME

gallerycdn.vsassets.io.edgesuite.net

gallerycdn.vsassets.io.edgesuite.net

IN CNAME

a125.dscr.akamai.net

a125.dscr.akamai.net

IN A

88.221.134.219

a125.dscr.akamai.net

IN A

88.221.134.208

a125.dscr.akamai.net

IN A

88.221.134.201

a125.dscr.akamai.net

IN A

88.221.134.225
DNS

jashoo.gallerycdn.vsassets.io

Code.exe

Remote address:

8.8.8.8:53

Request

jashoo.gallerycdn.vsassets.io

IN Unknown

Response

jashoo.gallerycdn.vsassets.io

IN CNAME

market-prod-cdn.trafficmanager.net

market-prod-cdn.trafficmanager.net

IN CNAME

gallerycdn.vsassets.io.edgesuite.net

gallerycdn.vsassets.io.edgesuite.net

IN CNAME

a125.dscr.akamai.net
DNS

mobile.events.data.microsoft.com

Code.exe

Remote address:

8.8.8.8:53

Request

mobile.events.data.microsoft.com

IN A

Response

mobile.events.data.microsoft.com

IN CNAME

mobile.events.data.trafficmanager.net

mobile.events.data.trafficmanager.net

IN CNAME

onedscolprdwus17.westus.cloudapp.azure.com

onedscolprdwus17.westus.cloudapp.azure.com

IN A

20.189.173.16
DNS

mobile.events.data.microsoft.com

Code.exe

Remote address:

8.8.8.8:53

Request

mobile.events.data.microsoft.com

IN Unknown

Response

mobile.events.data.microsoft.com

IN CNAME

mobile.events.data.trafficmanager.net

mobile.events.data.trafficmanager.net

IN CNAME

onedscolprdwus10.westus.cloudapp.azure.com
DNS

u.clarity.ms

firefox.exe

Remote address:

8.8.8.8:53

Request

u.clarity.ms

IN A

Response

u.clarity.ms

IN CNAME

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com

IN A

4.227.249.197
DNS

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com

firefox.exe

Remote address:

8.8.8.8:53

Request

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com

IN A

Response

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com

IN A

4.227.249.197
POST

https://u.clarity.ms/collect

firefox.exe

Remote address:

4.227.249.197:443

Request

POST /collect HTTP/1.1
Host: u.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
Accept: application/x-clarity-gzip
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Length: 2187
Origin: https://visualstudio.microsoft.com
Connection: keep-alive
Referer: https://visualstudio.microsoft.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

Response

HTTP/1.1 204 No Content

Server: nginx
Date: Thu, 16 Jan 2025 18:50:37 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://visualstudio.microsoft.com
Vary: Origin
Request-Context: appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81
DNS

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com

firefox.exe

Remote address:

8.8.8.8:53

Request

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com

IN AAAA

Response
DNS

ms-dotnettools.gallerycdn.vsassets.io

msedge.exe

Remote address:

8.8.8.8:53

Request

ms-dotnettools.gallerycdn.vsassets.io

IN A

Response

ms-dotnettools.gallerycdn.vsassets.io

IN CNAME

market-prod-cdn.trafficmanager.net

market-prod-cdn.trafficmanager.net

IN CNAME

gallerycdn.vsassets.io.edgesuite.net

gallerycdn.vsassets.io.edgesuite.net

IN CNAME

a125.dscr.akamai.net

a125.dscr.akamai.net

IN A

88.221.134.225

a125.dscr.akamai.net

IN A

88.221.134.219

a125.dscr.akamai.net

IN A

88.221.134.208

a125.dscr.akamai.net

IN A

88.221.134.201
DNS

ms-dotnettools.gallerycdn.vsassets.io

msedge.exe

Remote address:

8.8.8.8:53

Request

ms-dotnettools.gallerycdn.vsassets.io

IN Unknown

Response

ms-dotnettools.gallerycdn.vsassets.io

IN CNAME

market-prod-cdn.trafficmanager.net

market-prod-cdn.trafficmanager.net

IN CNAME

gallerycdn.vsassets.io.edgesuite.net

gallerycdn.vsassets.io.edgesuite.net

IN CNAME

a125.dscr.akamai.net
DNS

nav.smartscreen.microsoft.com

msedge.exe

Remote address:

8.8.8.8:53

Request

nav.smartscreen.microsoft.com

IN A

Response

nav.smartscreen.microsoft.com

IN CNAME

prod-atm-wds-nav.trafficmanager.net

prod-atm-wds-nav.trafficmanager.net

IN CNAME

prod-agic-us-2.uksouth.cloudapp.azure.com

prod-agic-us-2.uksouth.cloudapp.azure.com

IN A

172.165.69.228
DNS

marketplace.visualstudio.com

msedge.exe

Remote address:

8.8.8.8:53

Request

marketplace.visualstudio.com

IN A

Response

marketplace.visualstudio.com

IN A

13.107.42.18
POST

https://nav.smartscreen.microsoft.com/api/browser/edge/actions

msedge.exe

Remote address:

172.165.69.228:443

Request

POST /api/browser/edge/actions HTTP/1.1
Connection: Keep-Alive
Content-Type: application/json
Authorization: SmartScreenHash eyJhdXRoSWQiOiIzODFkZGQxZS1lNjAwLTQyZGUtOTRlZC04YzM0YmY3M2YxNmQiLCJoYXNoIjoialkxY0M2ZkRUTWc9Iiwia2V5IjoienRKNDRtbVN6K2VWMTBsdVVFaWhaQT09In0=
User-Agent: SmartScreen/281479409565696
Content-Length: 1272
Host: nav.smartscreen.microsoft.com

Response

HTTP/1.1 200 OK

Date: Thu, 16 Jan 2025 18:50:53 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 705
Connection: keep-alive
Server: Kestrel
Cache-Control: max-age=0, private
Request-Context: appId=cid-v1:7f05e9f0-1fe6-401c-8ae7-2478e40e2f1e
GET

https://marketplace.visualstudio.com/items?itemName=ms-dotnettools.csdevkit

msedge.exe

Remote address:

13.107.42.18:443

Request

GET /items?itemName=ms-dotnettools.csdevkit HTTP/2.0
host: marketplace.visualstudio.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
dnt: 1
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-length: 23023
content-type: text/html; charset=utf-8
content-encoding: gzip
expires: -1
vary: Accept-Encoding
p3p: CP="CAO DSP COR ADMa DEV CONo TELo CUR PSA PSD TAI IVDo OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR LOC CNT"
set-cookie: VstsSession=%7B%22PersistentSessionId%22%3A%22f82ec6dc-ddea-4090-83a8-370785e46c8a%22%2C%22PendingAuthenticationSessionId%22%3A%2200000000-0000-0000-0000-000000000000%22%2C%22CurrentAuthenticationSessionId%22%3A%2200000000-0000-0000-0000-000000000000%22%2C%22SignInState%22%3A%7B%7D%7D;SameSite=None; domain=.visualstudio.com; expires=Fri, 16-Jan-2026 18:50:53 GMT; path=/; secure; HttpOnly
set-cookie: Gallery-Service-UserIdentifier=e1830a69-731b-4a23-a3c3-f194f8fdd703; domain=.marketplace.visualstudio.com; expires=Fri, 16-Jan-2026 18:50:53 GMT; path=/; secure
x-tfs-processid: e2a94908-d56b-4c03-a0aa-072933f6f423
strict-transport-security: max-age=31536000; includeSubDomains
activityid: 70337b50-b10e-4ebd-9210-927f02796eb3
x-tfs-session: 70337b50-b10e-4ebd-9210-927f02796eb3
x-vss-e2eid: 70337b50-b10e-4ebd-9210-927f02796eb3
x-vss-senderdeploymentid: 2663b13f-50e3-a655-a159-22f6f4725fab
x-frame-options: SAMEORIGIN
content-security-policy: default-src 'none'; base-uri 'none'; font-src *.visualstudio.com *.dev.azure.com dev.azure.com *.vsassets.io vsassetscdn.azure.cn *.microsoft.com *.sharepointonline.com *.s-microsoft.com; style-src 'unsafe-inline' *.visualstudio.com *.dev.azure.com dev.azure.com cdn.vsassets.io vsassetscdn.azure.cn *.s-microsoft.com; connect-src *.visualstudio.com wss://*.visualstudio.com *.dev.azure.com dev.azure.com wss://*.dev.azure.com wss://dev.azure.com *.vsassets.io vsassetscdn.azure.cn *.blob.core.windows.net *.github.com web.vortex.data.microsoft.com dpm.demdex.net https://login.microsoftonline.com; img-src http: https: blob: data:; script-src 'unsafe-inline' *.visualstudio.com *.dev.azure.com dev.azure.com https://cdn.vsassets.io https://vsassetscdn.azure.cn *.ensighten.com *.microsoft.com *.google-analytics.com az725175.vo.msecnd.net *.s-microsoft.com *.googletagmanager.com *.google.com 'nonce-okgzjJzmeK0vW5/E1dnT9w=='; child-src * blob: tfs:; frame-src * blob: tfs:; worker-src * blob: tfs:; media-src http: https:;
request-context: appId=cid-v1:84715e31-583a-4723-a46d-946169b2f4a8
access-control-expose-headers: Request-Context
x-content-type-options: nosniff
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 48583E5388B1415CBC3F6A7F73A9A8EE Ref B: LON04EDGE0618 Ref C: 2025-01-16T18:50:53Z
date: Thu, 16 Jan 2025 18:50:52 GMT
GET

https://marketplace.visualstudio.com/_static/tfs/M248_20250109.5/_scripts/TFS/min/Gallery/Client/Common/ManageCookieDrop.js

msedge.exe

Remote address:

13.107.42.18:443

Request

GET /_static/tfs/M248_20250109.5/_scripts/TFS/min/Gallery/Client/Common/ManageCookieDrop.js HTTP/2.0
host: marketplace.visualstudio.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://marketplace.visualstudio.com/items?itemName=ms-dotnettools.csdevkit
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: VstsSession=%7B%22PersistentSessionId%22%3A%22f82ec6dc-ddea-4090-83a8-370785e46c8a%22%2C%22PendingAuthenticationSessionId%22%3A%2200000000-0000-0000-0000-000000000000%22%2C%22CurrentAuthenticationSessionId%22%3A%2200000000-0000-0000-0000-000000000000%22%2C%22SignInState%22%3A%7B%7D%7D
cookie: Gallery-Service-UserIdentifier=e1830a69-731b-4a23-a3c3-f194f8fdd703

Response

HTTP/2.0 200

cache-control: max-age=31536000
content-length: 885
content-type: application/javascript
content-encoding: gzip
last-modified: Thu, 21 Nov 2024 23:34:08 GMT
accept-ranges: bytes
etag: "0d823dc6d3cdb1:0"
vary: Accept-Encoding
p3p: CP="CAO DSP COR ADMa DEV CONo TELo CUR PSA PSD TAI IVDo OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR LOC CNT"
request-context: appId=cid-v1:84715e31-583a-4723-a46d-946169b2f4a8
access-control-expose-headers: Request-Context
x-content-type-options: nosniff
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 377B64EFEC5440CA9092EA4BC6F9BB76 Ref B: LON04EDGE0618 Ref C: 2025-01-16T18:50:54Z
date: Thu, 16 Jan 2025 18:50:53 GMT
GET

https://marketplace.visualstudio.com/_public/_Bundling/Content?bundle=vss-bundle-basejs-vx38JYf0FTtFkI9k88H54KYCLs9sIP_6xJwgWGnd-xvw=

msedge.exe

Remote address:

13.107.42.18:443

Request

GET /_public/_Bundling/Content?bundle=vss-bundle-basejs-vx38JYf0FTtFkI9k88H54KYCLs9sIP_6xJwgWGnd-xvw= HTTP/2.0
host: marketplace.visualstudio.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://marketplace.visualstudio.com/items?itemName=ms-dotnettools.csdevkit
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: VstsSession=%7B%22PersistentSessionId%22%3A%22f82ec6dc-ddea-4090-83a8-370785e46c8a%22%2C%22PendingAuthenticationSessionId%22%3A%2200000000-0000-0000-0000-000000000000%22%2C%22CurrentAuthenticationSessionId%22%3A%2200000000-0000-0000-0000-000000000000%22%2C%22SignInState%22%3A%7B%7D%7D
cookie: Gallery-Service-UserIdentifier=e1830a69-731b-4a23-a3c3-f194f8fdd703

Response

HTTP/2.0 200

cache-control: max-age=31536000
content-length: 302
content-type: application/javascript
content-encoding: gzip
last-modified: Thu, 21 Nov 2024 23:33:56 GMT
accept-ranges: bytes
etag: "0cafcd46d3cdb1:0"
vary: Accept-Encoding
p3p: CP="CAO DSP COR ADMa DEV CONo TELo CUR PSA PSD TAI IVDo OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR LOC CNT"
request-context: appId=cid-v1:84715e31-583a-4723-a46d-946169b2f4a8
access-control-expose-headers: Request-Context
x-content-type-options: nosniff
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 177BB0D6355041328E26F91457C386BE Ref B: LON04EDGE0618 Ref C: 2025-01-16T18:50:54Z
date: Thu, 16 Jan 2025 18:50:53 GMT
GET

https://marketplace.visualstudio.com/_public/_Bundling/Content?bundle=vss-bundle-common-vqskrZmqV9Y8Ba3TvxfO3_AsqhD5HzEWWv45nA_svAXw=

msedge.exe

Remote address:

13.107.42.18:443

Request

GET /_public/_Bundling/Content?bundle=vss-bundle-common-vqskrZmqV9Y8Ba3TvxfO3_AsqhD5HzEWWv45nA_svAXw= HTTP/2.0
host: marketplace.visualstudio.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://marketplace.visualstudio.com/items?itemName=ms-dotnettools.csdevkit
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: VstsSession=%7B%22PersistentSessionId%22%3A%22f82ec6dc-ddea-4090-83a8-370785e46c8a%22%2C%22PendingAuthenticationSessionId%22%3A%2200000000-0000-0000-0000-000000000000%22%2C%22CurrentAuthenticationSessionId%22%3A%2200000000-0000-0000-0000-000000000000%22%2C%22SignInState%22%3A%7B%7D%7D
cookie: Gallery-Service-UserIdentifier=e1830a69-731b-4a23-a3c3-f194f8fdd703

Response

HTTP/2.0 200

cache-control: public, max-age=31536000
content-type: text/javascript
content-encoding: gzip
expires: Fri, 16 Jan 2026 18:50:54 GMT
last-modified: Thu, 16 Jan 2025 18:50:54 GMT
vary: Accept-Encoding
p3p: CP="CAO DSP COR ADMa DEV CONo TELo CUR PSA PSD TAI IVDo OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR LOC CNT"
x-tfs-processid: e6f5766f-aeaa-435f-8afe-bf1e92db5a0b
strict-transport-security: max-age=31536000; includeSubDomains
activityid: 1be62ee1-03f7-46df-ac6a-e401c27562e5
x-tfs-session: 1be62ee1-03f7-46df-ac6a-e401c27562e5
x-vss-e2eid: 1be62ee1-03f7-46df-ac6a-e401c27562e5
x-vss-senderdeploymentid: 2663b13f-50e3-a655-a159-22f6f4725fab
access-control-allow-origin: *
request-context: appId=cid-v1:84715e31-583a-4723-a46d-946169b2f4a8
access-control-expose-headers: Request-Context
x-content-type-options: nosniff
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 26CBEC97A5BB4829B33175545044D658 Ref B: LON04EDGE0618 Ref C: 2025-01-16T18:50:54Z
date: Thu, 16 Jan 2025 18:50:53 GMT
GET

https://marketplace.visualstudio.com/_public/_Bundling/Content?bundle=vss-bundle-view-vVPMaRpLiCOGp4TBWGlu4-zO80PtmH_5C3ZBIduNiO04=

msedge.exe

Remote address:

13.107.42.18:443

Request

GET /_public/_Bundling/Content?bundle=vss-bundle-view-vVPMaRpLiCOGp4TBWGlu4-zO80PtmH_5C3ZBIduNiO04= HTTP/2.0
host: marketplace.visualstudio.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://marketplace.visualstudio.com/items?itemName=ms-dotnettools.csdevkit
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: VstsSession=%7B%22PersistentSessionId%22%3A%22f82ec6dc-ddea-4090-83a8-370785e46c8a%22%2C%22PendingAuthenticationSessionId%22%3A%2200000000-0000-0000-0000-000000000000%22%2C%22CurrentAuthenticationSessionId%22%3A%2200000000-0000-0000-0000-000000000000%22%2C%22SignInState%22%3A%7B%7D%7D
cookie: Gallery-Service-UserIdentifier=e1830a69-731b-4a23-a3c3-f194f8fdd703

Response

HTTP/2.0 200

cache-control: public, max-age=31536000
content-length: 56193
content-type: text/javascript
content-encoding: gzip
expires: Fri, 16 Jan 2026 18:50:54 GMT
last-modified: Thu, 16 Jan 2025 18:50:54 GMT
vary: Accept-Encoding
p3p: CP="CAO DSP COR ADMa DEV CONo TELo CUR PSA PSD TAI IVDo OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR LOC CNT"
x-tfs-processid: e2a94908-d56b-4c03-a0aa-072933f6f423
strict-transport-security: max-age=31536000; includeSubDomains
activityid: 70337ba4-b10e-4ebd-9210-927f02796eb3
x-tfs-session: 70337ba4-b10e-4ebd-9210-927f02796eb3
x-vss-e2eid: 70337ba4-b10e-4ebd-9210-927f02796eb3
x-vss-senderdeploymentid: 2663b13f-50e3-a655-a159-22f6f4725fab
access-control-allow-origin: *
request-context: appId=cid-v1:84715e31-583a-4723-a46d-946169b2f4a8
access-control-expose-headers: Request-Context
x-content-type-options: nosniff
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 75D3ECB4F6A84479B8FF013A4051E04A Ref B: LON04EDGE0618 Ref C: 2025-01-16T18:50:54Z
date: Thu, 16 Jan 2025 18:50:53 GMT
GET

https://marketplace.visualstudio.com/_static/tfs/M248_20250109.5/_scripts/TFS/min/Gallery/Client/Pages/VSSItemDetailsSSR/SSRModuleWrappers.js

msedge.exe

Remote address:

13.107.42.18:443

Request

GET /_static/tfs/M248_20250109.5/_scripts/TFS/min/Gallery/Client/Pages/VSSItemDetailsSSR/SSRModuleWrappers.js HTTP/2.0
host: marketplace.visualstudio.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://marketplace.visualstudio.com/items?itemName=ms-dotnettools.csdevkit
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: VstsSession=%7B%22PersistentSessionId%22%3A%22f82ec6dc-ddea-4090-83a8-370785e46c8a%22%2C%22PendingAuthenticationSessionId%22%3A%2200000000-0000-0000-0000-000000000000%22%2C%22CurrentAuthenticationSessionId%22%3A%2200000000-0000-0000-0000-000000000000%22%2C%22SignInState%22%3A%7B%7D%7D
cookie: Gallery-Service-UserIdentifier=e1830a69-731b-4a23-a3c3-f194f8fdd703

Response

HTTP/2.0 200

cache-control: public, max-age=31536000
content-type: text/javascript
content-encoding: gzip
expires: Fri, 16 Jan 2026 18:50:54 GMT
last-modified: Thu, 16 Jan 2025 18:50:54 GMT
vary: Accept-Encoding
p3p: CP="CAO DSP COR ADMa DEV CONo TELo CUR PSA PSD TAI IVDo OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR LOC CNT"
x-tfs-processid: eff2ea50-ab8b-474e-b536-5df039c49754
strict-transport-security: max-age=31536000; includeSubDomains
activityid: 6fa3f512-20a2-4f1f-9036-1e02de1abb59
x-tfs-session: 6fa3f512-20a2-4f1f-9036-1e02de1abb59
x-vss-e2eid: 6fa3f512-20a2-4f1f-9036-1e02de1abb59
x-vss-senderdeploymentid: 2663b13f-50e3-a655-a159-22f6f4725fab
access-control-allow-origin: *
request-context: appId=cid-v1:84715e31-583a-4723-a46d-946169b2f4a8
access-control-expose-headers: Request-Context
x-content-type-options: nosniff
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: D14E7740B3F24D8AA6D3FEA3211594FE Ref B: LON04EDGE0618 Ref C: 2025-01-16T18:50:54Z
date: Thu, 16 Jan 2025 18:50:53 GMT
GET

https://marketplace.visualstudio.com/_static/tfs/M248_20250109.5/App_Themes/Default/VSSItemDetailsSSR/VSSItemDetailsSSRMain.css

msedge.exe

Remote address:

13.107.42.18:443

Request

GET /_static/tfs/M248_20250109.5/App_Themes/Default/VSSItemDetailsSSR/VSSItemDetailsSSRMain.css HTTP/2.0
host: marketplace.visualstudio.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/css,*/*;q=0.1
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: style
referer: https://marketplace.visualstudio.com/items?itemName=ms-dotnettools.csdevkit
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: VstsSession=%7B%22PersistentSessionId%22%3A%22f82ec6dc-ddea-4090-83a8-370785e46c8a%22%2C%22PendingAuthenticationSessionId%22%3A%2200000000-0000-0000-0000-000000000000%22%2C%22CurrentAuthenticationSessionId%22%3A%2200000000-0000-0000-0000-000000000000%22%2C%22SignInState%22%3A%7B%7D%7D
cookie: Gallery-Service-UserIdentifier=e1830a69-731b-4a23-a3c3-f194f8fdd703

Response

HTTP/2.0 200

cache-control: max-age=31536000
content-length: 2607
content-type: text/css
content-encoding: gzip
last-modified: Thu, 21 Nov 2024 23:34:06 GMT
accept-ranges: bytes
etag: "0abf2da6d3cdb1:0"
vary: Accept-Encoding
p3p: CP="CAO DSP COR ADMa DEV CONo TELo CUR PSA PSD TAI IVDo OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR LOC CNT"
request-context: appId=cid-v1:84715e31-583a-4723-a46d-946169b2f4a8
access-control-expose-headers: Request-Context
x-content-type-options: nosniff
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 5ED84C628CC443EBA9098E8C2DBD1E9A Ref B: LON04EDGE0618 Ref C: 2025-01-16T18:50:56Z
date: Thu, 16 Jan 2025 18:50:55 GMT
POST

https://marketplace.visualstudio.com/_apis/public/gallery/extensionquery

msedge.exe

Remote address:

13.107.42.18:443

Request

POST /_apis/public/gallery/extensionquery HTTP/2.0
host: marketplace.visualstudio.com
content-length: 198
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: application/json
accept: application/json;api-version=7.2-preview.1;excludeUrls=true
x-requested-with: XMLHttpRequest
x-tfs-session: 70337b50-b10e-4ebd-9210-927f02796eb3
origin: https://marketplace.visualstudio.com
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://marketplace.visualstudio.com/items?itemName=ms-dotnettools.csdevkit
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: VstsSession=%7B%22PersistentSessionId%22%3A%22f82ec6dc-ddea-4090-83a8-370785e46c8a%22%2C%22PendingAuthenticationSessionId%22%3A%2200000000-0000-0000-0000-000000000000%22%2C%22CurrentAuthenticationSessionId%22%3A%2200000000-0000-0000-0000-000000000000%22%2C%22SignInState%22%3A%7B%7D%7D
cookie: Gallery-Service-UserIdentifier=e1830a69-731b-4a23-a3c3-f194f8fdd703

Response

HTTP/2.0 204

cache-control: no-cache
pragma: no-cache
expires: -1
p3p: CP="CAO DSP COR ADMa DEV CONo TELo CUR PSA PSD TAI IVDo OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR LOC CNT"
x-tfs-processid: eff2ea50-ab8b-474e-b536-5df039c49754
strict-transport-security: max-age=31536000; includeSubDomains
activityid: 6fa3f575-20a2-4f1f-9036-1e02de1abb59
x-tfs-session: 70337b50-b10e-4ebd-9210-927f02796eb3
x-vss-e2eid: 6fa3f575-20a2-4f1f-9036-1e02de1abb59
x-vss-senderdeploymentid: 2663b13f-50e3-a655-a159-22f6f4725fab
access-control-allow-origin: *
access-control-max-age: 3600
access-control-allow-methods: OPTIONS,GET,POST,PATCH,PUT,DELETE
access-control-expose-headers: ActivityId,X-TFS-Session,X-MS-ContinuationToken,X-VSS-GlobalMessage,ETag
access-control-allow-headers: authorization
request-context: appId=cid-v1:84715e31-583a-4723-a46d-946169b2f4a8
access-control-expose-headers: Request-Context
x-content-type-options: nosniff
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: BF3ED7183ED542779188FED17FD46162 Ref B: LON04EDGE0618 Ref C: 2025-01-16T18:50:56Z
date: Thu, 16 Jan 2025 18:50:55 GMT
POST

https://marketplace.visualstudio.com/_apis/customerintelligence/Events

msedge.exe

Remote address:

13.107.42.18:443

Request

POST /_apis/customerintelligence/Events HTTP/2.0
host: marketplace.visualstudio.com
content-length: 267
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: application/json
accept: */*;api-version=7.2-preview.1;excludeUrls=true
x-requested-with: XMLHttpRequest
x-tfs-session: 70337b50-b10e-4ebd-9210-927f02796eb3
origin: https://marketplace.visualstudio.com
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://marketplace.visualstudio.com/items?itemName=ms-dotnettools.csdevkit
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: VstsSession=%7B%22PersistentSessionId%22%3A%22f82ec6dc-ddea-4090-83a8-370785e46c8a%22%2C%22PendingAuthenticationSessionId%22%3A%2200000000-0000-0000-0000-000000000000%22%2C%22CurrentAuthenticationSessionId%22%3A%2200000000-0000-0000-0000-000000000000%22%2C%22SignInState%22%3A%7B%7D%7D
cookie: Gallery-Service-UserIdentifier=e1830a69-731b-4a23-a3c3-f194f8fdd703

Response

HTTP/2.0 200

cache-control: no-cache
pragma: no-cache
content-type: application/json; charset=utf-8; api-version=7.2-preview.1
content-encoding: gzip
expires: -1
vary: Accept-Encoding
p3p: CP="CAO DSP COR ADMa DEV CONo TELo CUR PSA PSD TAI IVDo OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR LOC CNT"
x-tfs-processid: e2a94908-d56b-4c03-a0aa-072933f6f423
strict-transport-security: max-age=31536000; includeSubDomains
activityid: 70337b91-b10e-4ebd-9210-927f02796eb3
x-tfs-session: 70337b50-b10e-4ebd-9210-927f02796eb3
x-vss-e2eid: 70337b91-b10e-4ebd-9210-927f02796eb3
x-vss-senderdeploymentid: 2663b13f-50e3-a655-a159-22f6f4725fab
access-control-allow-origin: *
access-control-max-age: 3600
access-control-allow-methods: OPTIONS,GET,POST,PATCH,PUT,DELETE
access-control-expose-headers: ActivityId,X-TFS-Session,X-MS-ContinuationToken,X-VSS-GlobalMessage,ETag
access-control-allow-headers: authorization
request-context: appId=cid-v1:84715e31-583a-4723-a46d-946169b2f4a8
access-control-expose-headers: Request-Context
x-content-type-options: nosniff
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 5F11AD1746EF41E0B48603ED1DF0F0E3 Ref B: LON04EDGE0618 Ref C: 2025-01-16T18:50:56Z
date: Thu, 16 Jan 2025 18:50:55 GMT
GET

https://marketplace.visualstudio.com/_static/tfs/M248_20250109.5/_content/Fonts/Icons/AzDevMDL2.woff

msedge.exe

Remote address:

13.107.42.18:443

Request

GET /_static/tfs/M248_20250109.5/_content/Fonts/Icons/AzDevMDL2.woff HTTP/2.0
host: marketplace.visualstudio.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://marketplace.visualstudio.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: font
referer: https://marketplace.visualstudio.com/_static/tfs/M248_20250109.5/App_Themes/Default/VSSItemDetailsSSR/VSSItemDetailsSSRMain.css
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: VstsSession=%7B%22PersistentSessionId%22%3A%22f82ec6dc-ddea-4090-83a8-370785e46c8a%22%2C%22PendingAuthenticationSessionId%22%3A%2200000000-0000-0000-0000-000000000000%22%2C%22CurrentAuthenticationSessionId%22%3A%2200000000-0000-0000-0000-000000000000%22%2C%22SignInState%22%3A%7B%7D%7D
cookie: Gallery-Service-UserIdentifier=e1830a69-731b-4a23-a3c3-f194f8fdd703

Response

HTTP/2.0 200

cache-control: max-age=31536000
content-length: 58692
content-type: application/font-woff
last-modified: Wed, 20 Nov 2024 03:04:34 GMT
accept-ranges: bytes
etag: "0dffecf83adb1:0"
p3p: CP="CAO DSP COR ADMa DEV CONo TELo CUR PSA PSD TAI IVDo OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR LOC CNT"
request-context: appId=cid-v1:84715e31-583a-4723-a46d-946169b2f4a8
access-control-expose-headers: Request-Context
x-content-type-options: nosniff
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 99533EA668DF41DEB3242075F07AF60B Ref B: LON04EDGE0618 Ref C: 2025-01-16T18:50:56Z
date: Thu, 16 Jan 2025 18:50:55 GMT
GET

https://marketplace.visualstudio.com/favicon.ico

msedge.exe

Remote address:

13.107.42.18:443

Request

GET /favicon.ico HTTP/2.0
host: marketplace.visualstudio.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://marketplace.visualstudio.com/items?itemName=ms-dotnettools.csdevkit
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: VstsSession=%7B%22PersistentSessionId%22%3A%22f82ec6dc-ddea-4090-83a8-370785e46c8a%22%2C%22PendingAuthenticationSessionId%22%3A%2200000000-0000-0000-0000-000000000000%22%2C%22CurrentAuthenticationSessionId%22%3A%2200000000-0000-0000-0000-000000000000%22%2C%22SignInState%22%3A%7B%7D%7D
cookie: Gallery-Service-UserIdentifier=e1830a69-731b-4a23-a3c3-f194f8fdd703

Response

HTTP/2.0 200

cache-control: max-age=31536000
content-length: 17174
content-type: image/x-icon
last-modified: Thu, 16 Jan 2025 16:48:51 GMT
accept-ranges: bytes
etag: "60717d853668db1:0"
p3p: CP="CAO DSP COR ADMa DEV CONo TELo CUR PSA PSD TAI IVDo OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR LOC CNT"
x-tfs-processid: eff2ea50-ab8b-474e-b536-5df039c49754
strict-transport-security: max-age=31536000; includeSubDomains
activityid: 6fa3f574-20a2-4f1f-9036-1e02de1abb59
x-tfs-session: 6fa3f574-20a2-4f1f-9036-1e02de1abb59
x-vss-e2eid: 6fa3f574-20a2-4f1f-9036-1e02de1abb59
x-vss-senderdeploymentid: 2663b13f-50e3-a655-a159-22f6f4725fab
request-context: appId=cid-v1:84715e31-583a-4723-a46d-946169b2f4a8
access-control-expose-headers: Request-Context
x-content-type-options: nosniff
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: B1FE94425E7A4D2284BC607891972C47 Ref B: LON04EDGE0618 Ref C: 2025-01-16T18:50:56Z
date: Thu, 16 Jan 2025 18:50:55 GMT
POST

https://marketplace.visualstudio.com/_apis/customerintelligence/Events

msedge.exe

Remote address:

13.107.42.18:443

Request

POST /_apis/customerintelligence/Events HTTP/2.0
host: marketplace.visualstudio.com
content-length: 439
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: application/json
accept: */*;api-version=7.2-preview.1;excludeUrls=true
x-requested-with: XMLHttpRequest
x-tfs-session: 70337b50-b10e-4ebd-9210-927f02796eb3
origin: https://marketplace.visualstudio.com
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://marketplace.visualstudio.com/items?itemName=ms-dotnettools.csdevkit
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: VstsSession=%7B%22PersistentSessionId%22%3A%22f82ec6dc-ddea-4090-83a8-370785e46c8a%22%2C%22PendingAuthenticationSessionId%22%3A%2200000000-0000-0000-0000-000000000000%22%2C%22CurrentAuthenticationSessionId%22%3A%2200000000-0000-0000-0000-000000000000%22%2C%22SignInState%22%3A%7B%7D%7D
cookie: Gallery-Service-UserIdentifier=e1830a69-731b-4a23-a3c3-f194f8fdd703
cookie: Market_SelectedTab=vscode

Response

HTTP/2.0 204

cache-control: no-cache
pragma: no-cache
expires: -1
p3p: CP="CAO DSP COR ADMa DEV CONo TELo CUR PSA PSD TAI IVDo OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR LOC CNT"
x-tfs-processid: e2a94908-d56b-4c03-a0aa-072933f6f423
strict-transport-security: max-age=31536000; includeSubDomains
activityid: 70337b95-b10e-4ebd-9210-927f02796eb3
x-tfs-session: 70337b50-b10e-4ebd-9210-927f02796eb3
x-vss-e2eid: 70337b95-b10e-4ebd-9210-927f02796eb3
x-vss-senderdeploymentid: 2663b13f-50e3-a655-a159-22f6f4725fab
access-control-allow-origin: *
access-control-max-age: 3600
access-control-allow-methods: OPTIONS,GET,POST,PATCH,PUT,DELETE
access-control-expose-headers: ActivityId,X-TFS-Session,X-MS-ContinuationToken,X-VSS-GlobalMessage,ETag
access-control-allow-headers: authorization
request-context: appId=cid-v1:84715e31-583a-4723-a46d-946169b2f4a8
access-control-expose-headers: Request-Context
x-content-type-options: nosniff
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: F1C175320A9D4A5D9F40F6B57283B72B Ref B: LON04EDGE0618 Ref C: 2025-01-16T18:50:56Z
date: Thu, 16 Jan 2025 18:50:55 GMT
POST

https://marketplace.visualstudio.com/_apis/public/gallery/publishers/ms-dotnettools/extensions/csdevkit/1.16.4/stats?statType=pageview&targetPlatform=linux-arm64

msedge.exe

Remote address:

13.107.42.18:443

Request

POST /_apis/public/gallery/publishers/ms-dotnettools/extensions/csdevkit/1.16.4/stats?statType=pageview&targetPlatform=linux-arm64 HTTP/2.0
host: marketplace.visualstudio.com
content-length: 0
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
accept: */*;api-version=7.2-preview.1;excludeUrls=true
dnt: 1
x-requested-with: XMLHttpRequest
sec-ch-ua-mobile: ?0
x-tfs-session: 70337b50-b10e-4ebd-9210-927f02796eb3
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
origin: https://marketplace.visualstudio.com
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://marketplace.visualstudio.com/items?itemName=ms-dotnettools.csdevkit
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: VstsSession=%7B%22PersistentSessionId%22%3A%22f82ec6dc-ddea-4090-83a8-370785e46c8a%22%2C%22PendingAuthenticationSessionId%22%3A%2200000000-0000-0000-0000-000000000000%22%2C%22CurrentAuthenticationSessionId%22%3A%2200000000-0000-0000-0000-000000000000%22%2C%22SignInState%22%3A%7B%7D%7D
cookie: Gallery-Service-UserIdentifier=e1830a69-731b-4a23-a3c3-f194f8fdd703
cookie: Market_SelectedTab=vscode

Response

HTTP/2.0 201

cache-control: no-cache
pragma: no-cache
expires: -1
p3p: CP="CAO DSP COR ADMa DEV CONo TELo CUR PSA PSD TAI IVDo OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR LOC CNT"
x-tfs-processid: 9bb5ad4d-ce18-4993-92c7-3bcbfba979c8
strict-transport-security: max-age=31536000; includeSubDomains
activityid: e103a8e9-727a-4c36-84e8-90bb3c202125
x-tfs-session: 70337b50-b10e-4ebd-9210-927f02796eb3
x-vss-e2eid: e103a8e9-727a-4c36-84e8-90bb3c202125
x-vss-senderdeploymentid: 2663b13f-50e3-a655-a159-22f6f4725fab
access-control-allow-origin: *
access-control-max-age: 3600
access-control-allow-methods: OPTIONS,GET,POST,PATCH,PUT,DELETE
access-control-expose-headers: ActivityId,X-TFS-Session,X-MS-ContinuationToken,X-VSS-GlobalMessage,ETag
access-control-allow-headers: authorization
request-context: appId=cid-v1:84715e31-583a-4723-a46d-946169b2f4a8
access-control-expose-headers: Request-Context
x-content-type-options: nosniff
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 1A5633C4086A48D494451335B03353F4 Ref B: LON04EDGE0618 Ref C: 2025-01-16T18:50:56Z
date: Thu, 16 Jan 2025 18:50:55 GMT
content-length: 0
GET

https://marketplace.visualstudio.com/_apis/public/gallery/extensions/7ad42776-8f7e-4214-bf67-4f0b518ef629/1.16.4/assets/Microsoft.VisualStudio.Services.Content.Details

msedge.exe

Remote address:

13.107.42.18:443

Request

GET /_apis/public/gallery/extensions/7ad42776-8f7e-4214-bf67-4f0b518ef629/1.16.4/assets/Microsoft.VisualStudio.Services.Content.Details HTTP/2.0
host: marketplace.visualstudio.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
accept: application/octet-stream;api-version=7.2-preview.1;excludeUrls=true
dnt: 1
sec-ch-ua-mobile: ?0
x-tfs-session: 70337b50-b10e-4ebd-9210-927f02796eb3
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://marketplace.visualstudio.com/items?itemName=ms-dotnettools.csdevkit
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: VstsSession=%7B%22PersistentSessionId%22%3A%22f82ec6dc-ddea-4090-83a8-370785e46c8a%22%2C%22PendingAuthenticationSessionId%22%3A%2200000000-0000-0000-0000-000000000000%22%2C%22CurrentAuthenticationSessionId%22%3A%2200000000-0000-0000-0000-000000000000%22%2C%22SignInState%22%3A%7B%7D%7D
cookie: Gallery-Service-UserIdentifier=e1830a69-731b-4a23-a3c3-f194f8fdd703
cookie: Market_SelectedTab=vscode

Response

HTTP/2.0 200

cache-control: no-cache
pragma: no-cache
content-type: text/markdown; api-version=7.2-preview.1
content-encoding: gzip
expires: -1
vary: Accept-Encoding
p3p: CP="CAO DSP COR ADMa DEV CONo TELo CUR PSA PSD TAI IVDo OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR LOC CNT"
x-tfs-processid: eff2ea50-ab8b-474e-b536-5df039c49754
strict-transport-security: max-age=31536000; includeSubDomains
activityid: 6fa3f571-20a2-4f1f-9036-1e02de1abb59
x-tfs-session: 70337b50-b10e-4ebd-9210-927f02796eb3
x-vss-e2eid: 6fa3f571-20a2-4f1f-9036-1e02de1abb59
x-vss-senderdeploymentid: 2663b13f-50e3-a655-a159-22f6f4725fab
content-disposition: attachment; filename=Microsoft.VisualStudio.Services.Content.Details; filename*=utf-8''Microsoft.VisualStudio.Services.Content.Details
request-context: appId=cid-v1:84715e31-583a-4723-a46d-946169b2f4a8
access-control-expose-headers: Request-Context
x-content-type-options: nosniff
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 7979D698B68E4CA5994D101DC6FEB089 Ref B: LON04EDGE0618 Ref C: 2025-01-16T18:50:56Z
date: Thu, 16 Jan 2025 18:50:55 GMT
POST

https://marketplace.visualstudio.com/_apis/customerintelligence/Events

msedge.exe

Remote address:

13.107.42.18:443

Request

POST /_apis/customerintelligence/Events HTTP/2.0
host: marketplace.visualstudio.com
content-length: 2097
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: application/json
accept: */*;api-version=7.2-preview.1;excludeUrls=true
x-requested-with: XMLHttpRequest
x-tfs-session: 70337b50-b10e-4ebd-9210-927f02796eb3
origin: https://marketplace.visualstudio.com
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://marketplace.visualstudio.com/items?itemName=ms-dotnettools.csdevkit
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: VstsSession=%7B%22PersistentSessionId%22%3A%22f82ec6dc-ddea-4090-83a8-370785e46c8a%22%2C%22PendingAuthenticationSessionId%22%3A%2200000000-0000-0000-0000-000000000000%22%2C%22CurrentAuthenticationSessionId%22%3A%2200000000-0000-0000-0000-000000000000%22%2C%22SignInState%22%3A%7B%7D%7D
cookie: Gallery-Service-UserIdentifier=e1830a69-731b-4a23-a3c3-f194f8fdd703
cookie: Market_SelectedTab=vscode

Response

HTTP/2.0 204

cache-control: no-cache
pragma: no-cache
expires: -1
p3p: CP="CAO DSP COR ADMa DEV CONo TELo CUR PSA PSD TAI IVDo OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR LOC CNT"
x-tfs-processid: e2a94908-d56b-4c03-a0aa-072933f6f423
strict-transport-security: max-age=31536000; includeSubDomains
activityid: 70337bf8-b10e-4ebd-9210-927f02796eb3
x-tfs-session: 70337b50-b10e-4ebd-9210-927f02796eb3
x-vss-e2eid: 70337bf8-b10e-4ebd-9210-927f02796eb3
x-vss-senderdeploymentid: 2663b13f-50e3-a655-a159-22f6f4725fab
access-control-allow-origin: *
access-control-max-age: 3600
access-control-allow-methods: OPTIONS,GET,POST,PATCH,PUT,DELETE
access-control-expose-headers: ActivityId,X-TFS-Session,X-MS-ContinuationToken,X-VSS-GlobalMessage,ETag
access-control-allow-headers: authorization
request-context: appId=cid-v1:84715e31-583a-4723-a46d-946169b2f4a8
access-control-expose-headers: Request-Context
x-content-type-options: nosniff
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 8F5B8BB7611B497C988D0CDA190C42B0 Ref B: LON04EDGE0618 Ref C: 2025-01-16T18:50:57Z
date: Thu, 16 Jan 2025 18:50:56 GMT
POST

https://nav.smartscreen.microsoft.com/api/browser/edge/navigate/2

msedge.exe

Remote address:

172.165.69.228:443

Request

POST /api/browser/edge/navigate/2 HTTP/1.1
Connection: Keep-Alive
Content-Type: application/json
Authorization: SmartScreenHash eyJhdXRoSWQiOiIzODFkZGQxZS1lNjAwLTQyZGUtOTRlZC04YzM0YmY3M2YxNmQiLCJoYXNoIjoiQU9TcG5aeHQ2VVU9Iiwia2V5IjoiQXRyZTk5a3ZOeGl4bytkWU5lNVJBUT09In0=
User-Agent: SmartScreen/281479409565696
Content-Length: 1706
Host: nav.smartscreen.microsoft.com

Response

HTTP/1.1 200 OK

Date: Thu, 16 Jan 2025 18:50:53 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 1589
Connection: keep-alive
Server: Kestrel
Cache-Control: max-age=0, private
Request-Context: appId=cid-v1:7f05e9f0-1fe6-401c-8ae7-2478e40e2f1e
DNS

data-edge.smartscreen.microsoft.com

msedge.exe

Remote address:

8.8.8.8:53

Request

data-edge.smartscreen.microsoft.com

IN A

Response

data-edge.smartscreen.microsoft.com

IN CNAME

prod-atm-wds-edge.trafficmanager.net

prod-atm-wds-edge.trafficmanager.net

IN CNAME

prod-agic-us-2.uksouth.cloudapp.azure.com

prod-agic-us-2.uksouth.cloudapp.azure.com

IN A

172.165.69.228
GET

https://data-edge.smartscreen.microsoft.com/windows/browser/edge/data/bloomfilter/x?pushCert=false&os=10.0.19044.4529.vb_release

msedge.exe

Remote address:

172.165.69.228:443

Request

GET /windows/browser/edge/data/bloomfilter/x?pushCert=false&os=10.0.19044.4529.vb_release HTTP/1.1
Connection: Keep-Alive
Accept: application/x-patch-bsdiff, application/octet-stream
Authorization: SmartScreenPlain eyJhdXRoSWQiOiIzODFkZGQxZS1lNjAwLTQyZGUtOTRlZC04YzM0YmY3M2YxNmQifQ==
If-None-Match: "636976985063396749.rel.v2"
User-Agent: SmartScreen/281479409565696
Host: data-edge.smartscreen.microsoft.com

Response

HTTP/1.1 200 OK

Date: Thu, 16 Jan 2025 18:50:54 GMT
Content-Type: application/octet-stream
Content-Length: 57
Connection: keep-alive
Server: Kestrel
Cache-Control: max-age=86400
ETag: "638343870221005468"
Request-Context: appId=cid-v1:7f05e9f0-1fe6-401c-8ae7-2478e40e2f1e
X-OI-Signature: v=1; a=sha384RSA; ha=SHA384; bh=j4KrExT8d8Sta+9XdhCezD7hBBI07nd+3ZBLADaghRr4d/09v4f5U/qTjaOMrTCA; b=lsxejbsmixGwcuFeAOZKmpd1SHTEllQasQG2+/CD0NsAyZxEvj92iSXg4oIFBkMR6T5zGsr6fweTH5vZVeI6ucDD38nLM9KMrq5eRa9TryJWqO+IbvAljMHNXvAljPK2LeRsDTWYDgopZyWBvWkXXjA1SYiG1lcZjqGoeYE3RGB1av+gzIm0UtuS6l4lOPKBfqrbhng5p43VJZlfWnRtpUA6WIQlA77TnCYXYS+4qby6/glkxz/n6Kqj2AdZiBom/dT2adpHR7dqyW17hHIDaB6CYkxr/l3tputKOQWMABAZujw6r0VSf1RPj+lK+udHaMb0ncnK76ykfpMb9T1YBA==; fp=37DBD367E84BB5891D0C8F421BAE3393C75DF49C; h=CACHE-CONTROL:ETAG;
X-OI-Cert: MIIIsgYJKoZIhvcNAQcCoIIIozCCCJ8CAQExADAPBgkqhkiG9w0BBwGgAgQAoIIIgzCCCH8wggZnoAMCAQICEzMAZA/bZ2MnRmHFGGYAAABkD9swDQYJKoZIhvcNAQEMBQAwXTELMAkGA1UEBhMCVVMxHjAcBgNVBAoTFU1pY3Jvc29mdCBDb3Jwb3JhdGlvbjEuMCwGA1UEAxMlTWljcm9zb2Z0IEF6dXJlIFJTQSBUTFMgSXNzdWluZyBDQSAwMzAeFw0yNDA2MTgwNjM2MDZaFw0yNTA2MTMwNjM2MDZaMHMxCzAJBgNVBAYTAlVTMQswCQYDVQQIEwJXQTEQMA4GA1UEBxMHUmVkbW9uZDEeMBwGA1UEChMVTWljcm9zb2Z0IENvcnBvcmF0aW9uMSUwIwYDVQQDExxjb250ZW50LnNtYXJ0c2NyZWVuLm1zZnQubmV0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzzSkQH8K/WmXFFOfz8yP+NDIscpRldMgdHZ/Kc816gbCpEP+JEDiY4fA5GNEIbjnvfJxC6LS2f9f0q2Vv3v71yMOrA5w+sy4xgZROMqneRk4OOdRpkAS7/3Fg4HC0vx9ShdXcPpReU/FjIW0qpT6wydh41qsQXlitOZCmEFUrwaZWVpMFiZ1NElT6U6wH0ZH9atQMkkpoTb9Y9bROgctEnT8Iq9Isfe36cpLL5CVekqtCQ4EkiCyZnnKTEZZ8Frx0/Sa+UAivfNwojP0hVjIuTXffBgp04oENcLI8TIWSrqy6dGs0NKKqfYjX3aC9wG4f5KuYVAHgvNqtPOyvnYIrQIDAQABo4IEIDCCBBwwggGABgorBgEEAdZ5AgQCBIIBcASCAWwBagB2AE51oydcmhDDOFts1N8/Uusd8OCOG41pwLH6ZLFimjnfAAABkCoYiY8AAAQDAEcwRQIgAdMMTb63gVYnA93mpW7SmMwqAZWx96ueTYwL6TehoBECIQDgkkNU+beS5FjNaivae5pgzvpfrYx0JJqV8rWCEXesOAB3AH1ZHhLheCp7HGFnfF79+NCHXBSgTpWeuQMv2Q6MLnm4AAABkCoYjA0AAAQDAEgwRgIhALuO/1PINtm1k6b1daoCuuaestz02CkQKf6HQ9v6a3UsAiEA2i/FtCybsSHYT5L6/qRDeoGDOgZUdwCjapONqMODHhMAdwDgkrP8DB3I52g2H95huZZNClJ4GYpy1nLEsE2lbW9UBAAAAZAqGIoQAAAEAwBIMEYCIQDxvx82pdAiRUD2+wC7nQfGjs3X1Q1Vfo12nl9h9jR9QwIhAIuN6A84evReztCG1eEZmf4BDesaQDgjPt0Dx2GVga2iMCcGCSsGAQQBgjcVCgQaMBgwCgYIKwYBBQUHAwIwCgYIKwYBBQUHAwEwPAYJKwYBBAGCNxUHBC8wLQYlKwYBBAGCNxUIh73XG4Hn60aCgZ0ujtAMh/DaHV2ChOVpgvOnPgIBZAIBJjCBtAYIKwYBBQUHAQEEgacwgaQwcwYIKwYBBQUHMAKGZ2h0dHA6Ly93d3cubWljcm9zb2Z0LmNvbS9wa2lvcHMvY2VydHMvTWljcm9zb2Z0JTIwQXp1cmUlMjBSU0ElMjBUTFMlMjBJc3N1aW5nJTIwQ0ElMjAwMyUyMC0lMjB4c2lnbi5jcnQwLQYIKwYBBQUHMAGGIWh0dHA6Ly9vbmVvY3NwLm1pY3Jvc29mdC5jb20vb2NzcDAdBgNVHQ4EFgQUmS0vRaxdPTaVZEkUoU59i8aa+iIwDgYDVR0PAQH/BAQDAgWgMCcGA1UdEQQgMB6CHGNvbnRlbnQuc21hcnRzY3JlZW4ubXNmdC5uZXQwDAYDVR0TAQH/BAIwADBqBgNVHR8EYzBhMF+gXaBbhllodHRwOi8vd3d3Lm1pY3Jvc29mdC5jb20vcGtpb3BzL2NybC9NaWNyb3NvZnQlMjBBenVyZSUyMFJTQSUyMFRMUyUyMElzc3VpbmclMjBDQSUyMDAzLmNybDBmBgNVHSAEXzBdMFEGDCsGAQQBgjdMg30BATBBMD8GCCsGAQUFBwIBFjNodHRwOi8vd3d3Lm1pY3Jvc29mdC5jb20vcGtpb3BzL0RvY3MvUmVwb3NpdG9yeS5odG0wCAYGZ4EMAQICMB8GA1UdIwQYMBaAFP4JcUBVBRBE2KSBdbieGulKBojIMB0GA1UdJQQWMBQGCCsGAQUFBwMCBggrBgEFBQcDATANBgkqhkiG9w0BAQwFAAOCAgEAe1QltG1CI1df9IjK1nJmDNk2IFLlAW9EAV78FbEhTeVYqvAiIlJAZL8lV69JbhjFOqrf4kI8K56Uy16JKHBh3ZVK9Sm2IjOYetFaWXEgr1CH0PRs9iSa93kqsCUwgFL8eOgQ2/4nlWyNzvJbWchTs52KcBHkR6QentlCaEYALNYI0E2uBPj9/5C0djhVZVaOngEM5Wv6XPdh6d3Oy0iwReCKoNVHHr1eT5dWC7R84uftsGYAgWiTMzAGX2gihswe10uDjS0F0KSHPUtaHo3iT68fgESlBSrdKNbutOl94eP2uhRxRr3aB+Sn5jUM/miiRPKBE+rDOHF/g1YQEXzmgm4G0EyItS9MJZ4mrwRaV4vpdcjZuQz3ymmMN6swnRTsXrOuOlP9QU/WhGVimpclYVPusGGi3Z65kSq55yOVyV15m3G+v2bBh+lM6jMLuCcnQeuFGI36+t1NFAvTS/AU6dfY7X93Xqc7yCBBgqliB5nefi30aW8AHA2dVKdti7v9w1S6SdPHEk/IbT2WUS8cVaS9gNtZNjQuL/FjrogLrr3BeXZpsBYZCxCa1f0ksMOboOmngZ3YMn9n57J19dZq7oqUkV5uoiv++qxOM3etzptUD9cEhMjLet0DWAof34ieFziSnUOKhoIZNwfSDnhAiGRl3ytKrZJMc8DYtZvak94xAA==
GET

https://data-edge.smartscreen.microsoft.com/windows/browser/edge/data/bloomfilter/x?pushCert=false&os=10.0.19044.4529.vb_release

msedge.exe

Remote address:

172.165.69.228:443

Request

GET /windows/browser/edge/data/bloomfilter/x?pushCert=false&os=10.0.19044.4529.vb_release HTTP/1.1
Connection: Keep-Alive
Accept: application/x-patch-bsdiff, application/octet-stream
Authorization: SmartScreenPlain eyJhdXRoSWQiOiIzODFkZGQxZS1lNjAwLTQyZGUtOTRlZC04YzM0YmY3M2YxNmQifQ==
If-None-Match: "638343870221005468"
User-Agent: SmartScreen/281479409565696
Host: data-edge.smartscreen.microsoft.com

Response

HTTP/1.1 304 Not Modified

Date: Thu, 16 Jan 2025 18:50:54 GMT
Content-Length: 0
Connection: keep-alive
Server: Kestrel
Cache-Control: max-age=86400
Request-Context: appId=cid-v1:7f05e9f0-1fe6-401c-8ae7-2478e40e2f1e
POST

https://data-edge.smartscreen.microsoft.com/api/browser/edge/data/settings

msedge.exe

Remote address:

172.165.69.228:443

Request

POST /api/browser/edge/data/settings HTTP/1.1
Connection: Keep-Alive
Content-Type: application/json; charset=utf-8
Accept: application/x-patch-bsdiff, application/octet-stream
Authorization: SmartScreenHash eyJhdXRoSWQiOiIzODFkZGQxZS1lNjAwLTQyZGUtOTRlZC04YzM0YmY3M2YxNmQiLCJoYXNoIjoiMmMvazQ0Zm0ya2M9Iiwia2V5IjoiZ0RMUDZkM2hUQ1g1NTJtRTc4cm53Zz09In0=
If-None-Match: "2.0-2f9188b68640dbf72295f9083a21d674a314721ef06f82db281cbcb052ff8ec1"
User-Agent: SmartScreen/281479409565696
Content-Length: 1321
Host: data-edge.smartscreen.microsoft.com

Response

HTTP/1.1 200 OK

Date: Thu, 16 Jan 2025 18:50:54 GMT
Content-Type: application/octet-stream
Content-Length: 129085
Connection: keep-alive
Server: Kestrel
ETag: "2.0-2f9188b68640dbf72295f9083a21d674a314721ef06f82db281cbcb052ff8ec1"
Request-Context: appId=cid-v1:7f05e9f0-1fe6-401c-8ae7-2478e40e2f1e
POST

https://data-edge.smartscreen.microsoft.com/api/browser/edge/data/settings

msedge.exe

Remote address:

172.165.69.228:443

Request

POST /api/browser/edge/data/settings HTTP/1.1
Connection: Keep-Alive
Content-Type: application/json; charset=utf-8
Accept: application/x-patch-bsdiff, application/octet-stream
Authorization: SmartScreenHash eyJhdXRoSWQiOiIzODFkZGQxZS1lNjAwLTQyZGUtOTRlZC04YzM0YmY3M2YxNmQiLCJoYXNoIjoialkxY0M2ZkRUTWc9Iiwia2V5IjoienRKNDRtbVN6K2VWMTBsdVVFaWhaQT09In0=
If-None-Match: "2.0-0"
User-Agent: SmartScreen/281479409565696
Content-Length: 1272
Host: data-edge.smartscreen.microsoft.com

Response

HTTP/1.1 200 OK

Date: Thu, 16 Jan 2025 18:50:54 GMT
Content-Type: application/octet-stream
Content-Length: 129085
Connection: keep-alive
Server: Kestrel
ETag: "2.0-2f9188b68640dbf72295f9083a21d674a314721ef06f82db281cbcb052ff8ec1"
Request-Context: appId=cid-v1:7f05e9f0-1fe6-401c-8ae7-2478e40e2f1e
GET

https://data-edge.smartscreen.microsoft.com/windows/browser/edge/data/toptraffic?pushCert=false&os=10.0.19044.4529.vb_release

msedge.exe

Remote address:

172.165.69.228:443

Request

GET /windows/browser/edge/data/toptraffic?pushCert=false&os=10.0.19044.4529.vb_release HTTP/1.1
Connection: Keep-Alive
Accept: application/x-patch-bsdiff, application/octet-stream
Authorization: SmartScreenPlain eyJhdXRoSWQiOiIzODFkZGQxZS1lNjAwLTQyZGUtOTRlZC04YzM0YmY3M2YxNmQifQ==
If-None-Match: "638004170464094982"
User-Agent: SmartScreen/281479409565696
Host: data-edge.smartscreen.microsoft.com

Response

HTTP/1.1 304 Not Modified

Date: Thu, 16 Jan 2025 18:50:54 GMT
Content-Length: 0
Connection: keep-alive
Server: Kestrel
Cache-Control: max-age=86400
Request-Context: appId=cid-v1:7f05e9f0-1fe6-401c-8ae7-2478e40e2f1e
GET

https://data-edge.smartscreen.microsoft.com/windows/browser/edge/data/toptraffic?pushCert=false&os=10.0.19044.4529.vb_release

msedge.exe

Remote address:

172.165.69.228:443

Request

GET /windows/browser/edge/data/toptraffic?pushCert=false&os=10.0.19044.4529.vb_release HTTP/1.1
Connection: Keep-Alive
Accept: application/x-patch-bsdiff, application/octet-stream
Authorization: SmartScreenPlain eyJhdXRoSWQiOiIzODFkZGQxZS1lNjAwLTQyZGUtOTRlZC04YzM0YmY3M2YxNmQifQ==
If-None-Match: "170540185939602997400506234197983529371"
User-Agent: SmartScreen/281479409565696
Host: data-edge.smartscreen.microsoft.com

Response

HTTP/1.1 200 OK

Date: Thu, 16 Jan 2025 18:50:54 GMT
Content-Type: application/octet-stream
Content-Length: 460992
Connection: keep-alive
Server: Kestrel
Cache-Control: max-age=86400
ETag: "638004170464094982"
Request-Context: appId=cid-v1:7f05e9f0-1fe6-401c-8ae7-2478e40e2f1e
X-OI-Signature: v=1; a=sha384RSA; ha=SHA384; bh=7csvs6wrK3NA5rU73eamx5vAWfaIbGGGGrCaQymgYIKtYElVZVn8FMwEOPvCPHsR; b=iLJvug2xVRHV/zRkTuEyY8Zm5DV1r2rcoFmtOqM4Th8e1UGMuxxCMsEl3V0m2DZ1ibIhJJXHkKq6VicNjkeGtE2XNLuXUg4Nt1+9AjYEtAzZZmF4g52u81VFXkPXAYwDAkuaWGEU1H35w7fv6AlvtPAdSa2GidI4us0RI8m8w0emxetz7h12azENRS2EkL1SmLqM1QA6gpadyCfwnzLR9jRyPC4iCtc4/Pk8DdunPJ80tS/A9XRjUXiBanugKBbt7rxXgPMKd/53Lx1dNJWhhRZdrIb1nui9Uz0C6J98qUNgxElxK1ih7UYNKU4qSWoO4vL6jWtpd+QWlKRX3g2gvQ==; fp=37DBD367E84BB5891D0C8F421BAE3393C75DF49C; h=CACHE-CONTROL:ETAG;
X-OI-Cert: MIIIsgYJKoZIhvcNAQcCoIIIozCCCJ8CAQExADAPBgkqhkiG9w0BBwGgAgQAoIIIgzCCCH8wggZnoAMCAQICEzMAZA/bZ2MnRmHFGGYAAABkD9swDQYJKoZIhvcNAQEMBQAwXTELMAkGA1UEBhMCVVMxHjAcBgNVBAoTFU1pY3Jvc29mdCBDb3Jwb3JhdGlvbjEuMCwGA1UEAxMlTWljcm9zb2Z0IEF6dXJlIFJTQSBUTFMgSXNzdWluZyBDQSAwMzAeFw0yNDA2MTgwNjM2MDZaFw0yNTA2MTMwNjM2MDZaMHMxCzAJBgNVBAYTAlVTMQswCQYDVQQIEwJXQTEQMA4GA1UEBxMHUmVkbW9uZDEeMBwGA1UEChMVTWljcm9zb2Z0IENvcnBvcmF0aW9uMSUwIwYDVQQDExxjb250ZW50LnNtYXJ0c2NyZWVuLm1zZnQubmV0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzzSkQH8K/WmXFFOfz8yP+NDIscpRldMgdHZ/Kc816gbCpEP+JEDiY4fA5GNEIbjnvfJxC6LS2f9f0q2Vv3v71yMOrA5w+sy4xgZROMqneRk4OOdRpkAS7/3Fg4HC0vx9ShdXcPpReU/FjIW0qpT6wydh41qsQXlitOZCmEFUrwaZWVpMFiZ1NElT6U6wH0ZH9atQMkkpoTb9Y9bROgctEnT8Iq9Isfe36cpLL5CVekqtCQ4EkiCyZnnKTEZZ8Frx0/Sa+UAivfNwojP0hVjIuTXffBgp04oENcLI8TIWSrqy6dGs0NKKqfYjX3aC9wG4f5KuYVAHgvNqtPOyvnYIrQIDAQABo4IEIDCCBBwwggGABgorBgEEAdZ5AgQCBIIBcASCAWwBagB2AE51oydcmhDDOFts1N8/Uusd8OCOG41pwLH6ZLFimjnfAAABkCoYiY8AAAQDAEcwRQIgAdMMTb63gVYnA93mpW7SmMwqAZWx96ueTYwL6TehoBECIQDgkkNU+beS5FjNaivae5pgzvpfrYx0JJqV8rWCEXesOAB3AH1ZHhLheCp7HGFnfF79+NCHXBSgTpWeuQMv2Q6MLnm4AAABkCoYjA0AAAQDAEgwRgIhALuO/1PINtm1k6b1daoCuuaestz02CkQKf6HQ9v6a3UsAiEA2i/FtCybsSHYT5L6/qRDeoGDOgZUdwCjapONqMODHhMAdwDgkrP8DB3I52g2H95huZZNClJ4GYpy1nLEsE2lbW9UBAAAAZAqGIoQAAAEAwBIMEYCIQDxvx82pdAiRUD2+wC7nQfGjs3X1Q1Vfo12nl9h9jR9QwIhAIuN6A84evReztCG1eEZmf4BDesaQDgjPt0Dx2GVga2iMCcGCSsGAQQBgjcVCgQaMBgwCgYIKwYBBQUHAwIwCgYIKwYBBQUHAwEwPAYJKwYBBAGCNxUHBC8wLQYlKwYBBAGCNxUIh73XG4Hn60aCgZ0ujtAMh/DaHV2ChOVpgvOnPgIBZAIBJjCBtAYIKwYBBQUHAQEEgacwgaQwcwYIKwYBBQUHMAKGZ2h0dHA6Ly93d3cubWljcm9zb2Z0LmNvbS9wa2lvcHMvY2VydHMvTWljcm9zb2Z0JTIwQXp1cmUlMjBSU0ElMjBUTFMlMjBJc3N1aW5nJTIwQ0ElMjAwMyUyMC0lMjB4c2lnbi5jcnQwLQYIKwYBBQUHMAGGIWh0dHA6Ly9vbmVvY3NwLm1pY3Jvc29mdC5jb20vb2NzcDAdBgNVHQ4EFgQUmS0vRaxdPTaVZEkUoU59i8aa+iIwDgYDVR0PAQH/BAQDAgWgMCcGA1UdEQQgMB6CHGNvbnRlbnQuc21hcnRzY3JlZW4ubXNmdC5uZXQwDAYDVR0TAQH/BAIwADBqBgNVHR8EYzBhMF+gXaBbhllodHRwOi8vd3d3Lm1pY3Jvc29mdC5jb20vcGtpb3BzL2NybC9NaWNyb3NvZnQlMjBBenVyZSUyMFJTQSUyMFRMUyUyMElzc3VpbmclMjBDQSUyMDAzLmNybDBmBgNVHSAEXzBdMFEGDCsGAQQBgjdMg30BATBBMD8GCCsGAQUFBwIBFjNodHRwOi8vd3d3Lm1pY3Jvc29mdC5jb20vcGtpb3BzL0RvY3MvUmVwb3NpdG9yeS5odG0wCAYGZ4EMAQICMB8GA1UdIwQYMBaAFP4JcUBVBRBE2KSBdbieGulKBojIMB0GA1UdJQQWMBQGCCsGAQUFBwMCBggrBgEFBQcDATANBgkqhkiG9w0BAQwFAAOCAgEAe1QltG1CI1df9IjK1nJmDNk2IFLlAW9EAV78FbEhTeVYqvAiIlJAZL8lV69JbhjFOqrf4kI8K56Uy16JKHBh3ZVK9Sm2IjOYetFaWXEgr1CH0PRs9iSa93kqsCUwgFL8eOgQ2/4nlWyNzvJbWchTs52KcBHkR6QentlCaEYALNYI0E2uBPj9/5C0djhVZVaOngEM5Wv6XPdh6d3Oy0iwReCKoNVHHr1eT5dWC7R84uftsGYAgWiTMzAGX2gihswe10uDjS0F0KSHPUtaHo3iT68fgESlBSrdKNbutOl94eP2uhRxRr3aB+Sn5jUM/miiRPKBE+rDOHF/g1YQEXzmgm4G0EyItS9MJZ4mrwRaV4vpdcjZuQz3ymmMN6swnRTsXrOuOlP9QU/WhGVimpclYVPusGGi3Z65kSq55yOVyV15m3G+v2bBh+lM6jMLuCcnQeuFGI36+t1NFAvTS/AU6dfY7X93Xqc7yCBBgqliB5nefi30aW8AHA2dVKdti7v9w1S6SdPHEk/IbT2WUS8cVaS9gNtZNjQuL/FjrogLrr3BeXZpsBYZCxCa1f0ksMOboOmngZ3YMn9n57J19dZq7oqUkV5uoiv++qxOM3etzptUD9cEhMjLet0DWAof34ieFziSnUOKhoIZNwfSDnhAiGRl3ytKrZJMc8DYtZvak94xAA==
DNS

wcpstatic.microsoft.com

msedge.exe

Remote address:

8.8.8.8:53

Request

wcpstatic.microsoft.com

IN A

Response

wcpstatic.microsoft.com

IN CNAME

consentdeliveryfd.azurefd.net

consentdeliveryfd.azurefd.net

IN CNAME

firstparty-azurefd-prod.trafficmanager.net

firstparty-azurefd-prod.trafficmanager.net

IN CNAME

shed.dual-low.s-part-0036.t-0009.t-msedge.net

shed.dual-low.s-part-0036.t-0009.t-msedge.net

IN CNAME

s-part-0036.t-0009.t-msedge.net

s-part-0036.t-0009.t-msedge.net

IN A

13.107.246.64
DNS

cdn.vsassets.io

msedge.exe

Remote address:

8.8.8.8:53

Request

cdn.vsassets.io

IN A

Response

cdn.vsassets.io

IN CNAME

vsassetscdnprod.trafficmanager.net

vsassetscdnprod.trafficmanager.net

IN CNAME

cdn.vsassets.io.edgesuite.net

cdn.vsassets.io.edgesuite.net

IN CNAME

a1430.dscd.akamai.net

a1430.dscd.akamai.net

IN A

2.18.190.174

a1430.dscd.akamai.net

IN A

2.18.190.176
GET

https://cdn.vsassets.io/v/M248_20250109.5/_content/Header/vs-logo.png

msedge.exe

Remote address:

2.18.190.174:443

Request

GET /v/M248_20250109.5/_content/Header/vs-logo.png HTTP/1.1
Host: cdn.vsassets.io
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://marketplace.visualstudio.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Length: 2631
Content-Type: image/png
Last-Modified: Mon, 13 Jan 2025 22:00:32 GMT
ETag: 0x8DD341DB3A50DBA
x-ms-request-id: 1fe0821f-001e-002f-560a-660998000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31290060
Date: Thu, 16 Jan 2025 18:50:54 GMT
Connection: keep-alive
Timing-Allow-Origin: *
Akamai-GRN: 0.aeb51202.1737053454.292c78f4
GET

https://cdn.vsassets.io/v/M248_20250109.5/_content/FullStar.svg

msedge.exe

Remote address:

2.18.190.174:443

Request

GET /v/M248_20250109.5/_content/FullStar.svg HTTP/1.1
Host: cdn.vsassets.io
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://marketplace.visualstudio.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Type: image/svg+xml
Last-Modified: Mon, 13 Jan 2025 22:00:32 GMT
ETag: 0x8DD341DB385347F
x-ms-request-id: 2a648d23-901e-0033-070d-66b5bf000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: public, max-age=31290924
Date: Thu, 16 Jan 2025 18:50:54 GMT
Content-Length: 1078
Connection: keep-alive
Timing-Allow-Origin: *
Akamai-GRN: 0.aeb51202.1737053454.292c7901
GET

https://cdn.vsassets.io/v/M248_20250109.5/_content/EmptyStarDark.svg

msedge.exe

Remote address:

2.18.190.174:443

Request

GET /v/M248_20250109.5/_content/EmptyStarDark.svg HTTP/1.1
Host: cdn.vsassets.io
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://marketplace.visualstudio.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Type: image/svg+xml
Last-Modified: Mon, 13 Jan 2025 22:00:32 GMT
ETag: 0x8DD341DB386011C
x-ms-request-id: a97c3430-c01e-0010-7f0f-66be44000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Content-Length: 1077
Cache-Control: public, max-age=31291822
Date: Thu, 16 Jan 2025 18:50:54 GMT
Connection: keep-alive
Vary: Accept-Encoding
Timing-Allow-Origin: *
Akamai-GRN: 0.aeb51202.1737053454.292c7db3
GET

https://cdn.vsassets.io/v/M248_20250109.5/_scripts/TFS/min/jQueryUI/focusable.js

msedge.exe

Remote address:

2.18.190.174:443

Request

GET /v/M248_20250109.5/_scripts/TFS/min/jQueryUI/focusable.js HTTP/1.1
Host: cdn.vsassets.io
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: script
Referer: https://marketplace.visualstudio.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Type: application/x-javascript
Last-Modified: Fri, 10 Jan 2025 07:23:26 GMT
ETag: 0x8DD3147ACDF68C3
x-ms-request-id: daa1a61d-401e-0067-1e46-643b05000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: public, max-age=31095827
Date: Thu, 16 Jan 2025 18:50:54 GMT
Content-Length: 572
Connection: keep-alive
Timing-Allow-Origin: *
Akamai-GRN: 0.aeb51202.1737053454.292c7eaa
GET

https://cdn.vsassets.io/v/M248_20250109.5/App_Themes/Default/ItemDetails/MetadataListContainer.css

msedge.exe

Remote address:

2.18.190.174:443

Request

GET /v/M248_20250109.5/App_Themes/Default/ItemDetails/MetadataListContainer.css HTTP/1.1
Host: cdn.vsassets.io
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: text/css,*/*;q=0.1
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: style
Referer: https://marketplace.visualstudio.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Type: text/css
Last-Modified: Mon, 13 Jan 2025 22:00:30 GMT
ETag: 0x8DD341DB2692274
x-ms-request-id: 2248e231-c01e-005f-6e0a-667a5c000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: public, max-age=31290007
Date: Thu, 16 Jan 2025 18:50:55 GMT
Content-Length: 443
Connection: keep-alive
Timing-Allow-Origin: *
Akamai-GRN: 0.aeb51202.1737053455.292c8b27
GET

https://cdn.vsassets.io/v/M248_20250109.5/App_Themes/Default/ItemDetails/ResourcesContainer.css

msedge.exe

Remote address:

2.18.190.174:443

Request

GET /v/M248_20250109.5/App_Themes/Default/ItemDetails/ResourcesContainer.css HTTP/1.1
Host: cdn.vsassets.io
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: text/css,*/*;q=0.1
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: style
Referer: https://marketplace.visualstudio.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Type: text/css
Last-Modified: Mon, 13 Jan 2025 22:00:30 GMT
ETag: 0x8DD341DB26F55CD
x-ms-request-id: 72b8e907-d01e-0059-490a-66e914000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: public, max-age=31289981
Date: Thu, 16 Jan 2025 18:50:55 GMT
Content-Length: 680
Connection: keep-alive
Timing-Allow-Origin: *
Akamai-GRN: 0.aeb51202.1737053455.292c8c2a
GET

https://cdn.vsassets.io/v/M248_20250109.5/App_Themes/Default/Shared/FlagControl.css

msedge.exe

Remote address:

2.18.190.174:443

Request

GET /v/M248_20250109.5/App_Themes/Default/Shared/FlagControl.css HTTP/1.1
Host: cdn.vsassets.io
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: text/css,*/*;q=0.1
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: style
Referer: https://marketplace.visualstudio.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Type: text/css
Last-Modified: Mon, 13 Jan 2025 22:00:31 GMT
ETag: 0x8DD341DB2B0DDAE
x-ms-request-id: e6aab080-801e-0041-4e0a-66c481000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: public, max-age=31289979
Date: Thu, 16 Jan 2025 18:50:55 GMT
Content-Length: 188
Connection: keep-alive
Timing-Allow-Origin: *
Akamai-GRN: 0.aeb51202.1737053455.292c8d87
GET

https://cdn.vsassets.io/v/M248_20250109.5/App_Themes/Default/ItemDetails/GithubDetails.css

msedge.exe

Remote address:

2.18.190.174:443

Request

GET /v/M248_20250109.5/App_Themes/Default/ItemDetails/GithubDetails.css HTTP/1.1
Host: cdn.vsassets.io
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: text/css,*/*;q=0.1
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: style
Referer: https://marketplace.visualstudio.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Type: text/css
Last-Modified: Mon, 13 Jan 2025 22:00:30 GMT
ETag: 0x8DD341DB262C96C
x-ms-request-id: 15065cc9-d01e-003f-390a-665b4e000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: public, max-age=31290005
Date: Thu, 16 Jan 2025 18:50:55 GMT
Content-Length: 361
Connection: keep-alive
Timing-Allow-Origin: *
Akamai-GRN: 0.aeb51202.1737053455.292c8fbd
GET

https://cdn.vsassets.io/v/M248_20250109.5/App_Themes/Default/RnR/ReviewDialog.css

msedge.exe

Remote address:

2.18.190.174:443

Request

GET /v/M248_20250109.5/App_Themes/Default/RnR/ReviewDialog.css HTTP/1.1
Host: cdn.vsassets.io
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: text/css,*/*;q=0.1
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: style
Referer: https://marketplace.visualstudio.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Type: text/css
Last-Modified: Mon, 13 Jan 2025 22:00:31 GMT
ETag: 0x8DD341DB2A5B7D3
x-ms-request-id: 6e6405b1-901e-0018-740a-66896f000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: public, max-age=31289958
Date: Thu, 16 Jan 2025 18:50:55 GMT
Content-Length: 574
Connection: keep-alive
Timing-Allow-Origin: *
Akamai-GRN: 0.aeb51202.1737053455.292c9174
GET

https://cdn.vsassets.io/v/M248_20250109.5/App_Themes/Default/Shared/VerifiedDomainIcon.css

msedge.exe

Remote address:

2.18.190.174:443

Request

GET /v/M248_20250109.5/App_Themes/Default/Shared/VerifiedDomainIcon.css HTTP/1.1
Host: cdn.vsassets.io
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: text/css,*/*;q=0.1
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: style
Referer: https://marketplace.visualstudio.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Type: text/css
Last-Modified: Mon, 13 Jan 2025 22:00:31 GMT
ETag: 0x8DD341DB2BE99FE
x-ms-request-id: b12c3438-601e-0033-020a-6609a3000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: public, max-age=31290013
Date: Thu, 16 Jan 2025 18:50:55 GMT
Content-Length: 289
Connection: keep-alive
Timing-Allow-Origin: *
Akamai-GRN: 0.aeb51202.1737053455.292c92cd
GET

https://cdn.vsassets.io/v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/CommandBar.js

msedge.exe

Remote address:

2.18.190.174:443

Request

GET /v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/CommandBar.js HTTP/1.1
Host: cdn.vsassets.io
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: script
Referer: https://marketplace.visualstudio.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Type: application/x-javascript
Last-Modified: Fri, 10 Jan 2025 07:23:27 GMT
ETag: 0x8DD3147AD6FE648
x-ms-request-id: de0f40d7-e01e-000c-1d12-666653000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: public, max-age=31293190
Date: Thu, 16 Jan 2025 18:50:55 GMT
Content-Length: 182
Connection: keep-alive
Timing-Allow-Origin: *
Akamai-GRN: 0.aeb51202.1737053455.292c93f9
GET

https://cdn.vsassets.io/v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/utilities/selection/index.js

msedge.exe

Remote address:

2.18.190.174:443

Request

GET /v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/utilities/selection/index.js HTTP/1.1
Host: cdn.vsassets.io
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: script
Referer: https://marketplace.visualstudio.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Type: application/x-javascript
Last-Modified: Fri, 10 Jan 2025 07:23:30 GMT
ETag: 0x8DD3147AF222CE0
x-ms-request-id: 72b8f9df-d01e-0059-490a-66e914000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: public, max-age=31290051
Date: Thu, 16 Jan 2025 18:50:55 GMT
Content-Length: 200
Connection: keep-alive
Timing-Allow-Origin: *
Akamai-GRN: 0.aeb51202.1737053455.292c952c
GET

https://cdn.vsassets.io/v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/components/Breadcrumb/index.js

msedge.exe

Remote address:

2.18.190.174:443

Request

GET /v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/components/Breadcrumb/index.js HTTP/1.1
Host: cdn.vsassets.io
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: script
Referer: https://marketplace.visualstudio.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Type: application/x-javascript
Last-Modified: Fri, 10 Jan 2025 07:23:28 GMT
ETag: 0x8DD3147ADB5BC90
x-ms-request-id: 921bf3a7-301e-0063-020a-66ce87000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: public, max-age=31290045
Date: Thu, 16 Jan 2025 18:50:55 GMT
Content-Length: 191
Connection: keep-alive
Timing-Allow-Origin: *
Akamai-GRN: 0.aeb51202.1737053455.292c96dc
GET

https://cdn.vsassets.io/v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/utilities/selection/SelectionZone.js

msedge.exe

Remote address:

2.18.190.174:443

Request

GET /v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/utilities/selection/SelectionZone.js HTTP/1.1
Host: cdn.vsassets.io
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: script
Referer: https://marketplace.visualstudio.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Type: application/x-javascript
Last-Modified: Fri, 10 Jan 2025 07:23:30 GMT
ETag: 0x8DD3147AF24F735
x-ms-request-id: e508d070-d01e-0004-370a-667d20000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: public, max-age=31289980
Date: Thu, 16 Jan 2025 18:50:55 GMT
Content-Length: 2363
Connection: keep-alive
Timing-Allow-Origin: *
Akamai-GRN: 0.aeb51202.1737053455.292c98bc
GET

https://cdn.vsassets.io/v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/components/Toggle/Toggle.js

msedge.exe

Remote address:

2.18.190.174:443

Request

GET /v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/components/Toggle/Toggle.js HTTP/1.1
Host: cdn.vsassets.io
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: script
Referer: https://marketplace.visualstudio.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Type: application/x-javascript
Last-Modified: Fri, 10 Jan 2025 07:23:30 GMT
ETag: 0x8DD3147AEF3E320
x-ms-request-id: 7f0fcec8-501e-005a-120a-6630ef000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: public, max-age=31290034
Date: Thu, 16 Jan 2025 18:50:55 GMT
Content-Length: 959
Connection: keep-alive
Timing-Allow-Origin: *
Akamai-GRN: 0.aeb51202.1737053455.292c99de
GET

https://cdn.vsassets.io/v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/components/Breadcrumb/Breadcrumb.base.js

msedge.exe

Remote address:

2.18.190.174:443

Request

GET /v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/components/Breadcrumb/Breadcrumb.base.js HTTP/1.1
Host: cdn.vsassets.io
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: script
Referer: https://marketplace.visualstudio.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Type: application/x-javascript
Last-Modified: Fri, 10 Jan 2025 07:23:28 GMT
ETag: 0x8DD3147ADB0F572
x-ms-request-id: 88df52c4-f01e-0075-390a-660f19000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: public, max-age=31290058
Date: Thu, 16 Jan 2025 18:50:55 GMT
Content-Length: 1420
Connection: keep-alive
Timing-Allow-Origin: *
Akamai-GRN: 0.aeb51202.1737053455.292c9b50
GET

https://cdn.vsassets.io/v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/components/Calendar/Calendar.types.js

msedge.exe

Remote address:

2.18.190.174:443

Request

GET /v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/components/Calendar/Calendar.types.js HTTP/1.1
Host: cdn.vsassets.io
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: script
Referer: https://marketplace.visualstudio.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Type: application/x-javascript
Last-Modified: Fri, 10 Jan 2025 07:23:28 GMT
ETag: 0x8DD3147ADB1889A
x-ms-request-id: b691857d-801e-003b-4d0a-6613ac000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: public, max-age=31290018
Date: Thu, 16 Jan 2025 18:50:55 GMT
Content-Length: 225
Connection: keep-alive
Timing-Allow-Origin: *
Akamai-GRN: 0.aeb51202.1737053455.292c9c8d
GET

https://cdn.vsassets.io/v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/components/DetailsList/DetailsList.scss.js

msedge.exe

Remote address:

2.18.190.174:443

Request

GET /v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/components/DetailsList/DetailsList.scss.js HTTP/1.1
Host: cdn.vsassets.io
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: script
Referer: https://marketplace.visualstudio.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Type: application/x-javascript
Last-Modified: Fri, 10 Jan 2025 07:23:28 GMT
ETag: 0x8DD3147ADF66D0B
x-ms-request-id: c29f20c9-301e-0058-670a-66e8e9000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: public, max-age=31290067
Date: Thu, 16 Jan 2025 18:50:55 GMT
Content-Length: 488
Connection: keep-alive
Timing-Allow-Origin: *
Akamai-GRN: 0.aeb51202.1737053455.292c9e44
GET

https://cdn.vsassets.io/v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/components/Check/Check.scss.js

msedge.exe

Remote address:

2.18.190.174:443

Request

GET /v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/components/Check/Check.scss.js HTTP/1.1
Host: cdn.vsassets.io
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: script
Referer: https://marketplace.visualstudio.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Type: application/x-javascript
Last-Modified: Fri, 10 Jan 2025 07:23:28 GMT
ETag: 0x8DD3147ADCE0064
x-ms-request-id: 72b90d5c-d01e-0059-490a-66e914000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: public, max-age=31289980
Date: Thu, 16 Jan 2025 18:50:55 GMT
Content-Length: 733
Connection: keep-alive
Timing-Allow-Origin: *
Akamai-GRN: 0.aeb51202.1737053455.292c9fc3
GET

https://cdn.vsassets.io/v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/Image.js

msedge.exe

Remote address:

2.18.190.174:443

Request

GET /v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/Image.js HTTP/1.1
Host: cdn.vsassets.io
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: script
Referer: https://marketplace.visualstudio.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Type: application/x-javascript
Last-Modified: Fri, 10 Jan 2025 07:23:27 GMT
ETag: 0x8DD3147AD7A0487
x-ms-request-id: 2f723243-901e-0055-390a-6607e5000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: public, max-age=31290035
Date: Thu, 16 Jan 2025 18:50:55 GMT
Content-Length: 176
Connection: keep-alive
Timing-Allow-Origin: *
Akamai-GRN: 0.aeb51202.1737053455.292ca12c
GET

https://cdn.vsassets.io/v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/utilities/dateMath/DateMath.js

msedge.exe

Remote address:

2.18.190.174:443

Request

GET /v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/utilities/dateMath/DateMath.js HTTP/1.1
Host: cdn.vsassets.io
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: script
Referer: https://marketplace.visualstudio.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Type: application/x-javascript
Last-Modified: Fri, 10 Jan 2025 07:23:30 GMT
ETag: 0x8DD3147AF04B5AF
x-ms-request-id: a966a7dd-c01e-0010-3a0b-66be44000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: public, max-age=31290274
Date: Thu, 16 Jan 2025 18:50:55 GMT
Content-Length: 1219
Connection: keep-alive
Timing-Allow-Origin: *
Akamai-GRN: 0.aeb51202.1737053455.292ca27c
GET

https://cdn.vsassets.io/v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/components/Check/index.js

msedge.exe

Remote address:

2.18.190.174:443

Request

GET /v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/components/Check/index.js HTTP/1.1
Host: cdn.vsassets.io
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: script
Referer: https://marketplace.visualstudio.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Type: application/x-javascript
Last-Modified: Fri, 10 Jan 2025 07:23:28 GMT
ETag: 0x8DD3147ADD192B7
x-ms-request-id: aef99bb5-601e-0059-2c0b-668d24000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: public, max-age=31290299
Date: Thu, 16 Jan 2025 18:50:55 GMT
Content-Length: 189
Connection: keep-alive
Timing-Allow-Origin: *
Akamai-GRN: 0.aeb51202.1737053455.292ca3ed
GET

https://cdn.vsassets.io/v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/components/Check/Check.js

msedge.exe

Remote address:

2.18.190.174:443

Request

GET /v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/components/Check/Check.js HTTP/1.1
Host: cdn.vsassets.io
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: script
Referer: https://marketplace.visualstudio.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Type: application/x-javascript
Last-Modified: Fri, 10 Jan 2025 07:23:28 GMT
ETag: 0x8DD3147ADCE59E6
x-ms-request-id: 4b3e5401-101e-0064-080b-66a790000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: public, max-age=31290288
Date: Thu, 16 Jan 2025 18:50:55 GMT
Content-Length: 203
Connection: keep-alive
Timing-Allow-Origin: *
Akamai-GRN: 0.aeb51202.1737053455.292ca513
GET

https://cdn.vsassets.io/v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/components/GroupedList/GroupedList.scss.js

msedge.exe

Remote address:

2.18.190.174:443

Request

GET /v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/components/GroupedList/GroupedList.scss.js HTTP/1.1
Host: cdn.vsassets.io
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: script
Referer: https://marketplace.visualstudio.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Type: application/x-javascript
Last-Modified: Fri, 10 Jan 2025 07:23:29 GMT
ETag: 0x8DD3147AE314B50
x-ms-request-id: 2817ecf2-801e-0004-380b-66db0f000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: public, max-age=31290336
Date: Thu, 16 Jan 2025 18:50:56 GMT
Content-Length: 407
Connection: keep-alive
Timing-Allow-Origin: *
Akamai-GRN: 0.aeb51202.1737053456.292ca665
GET

https://cdn.vsassets.io/v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/components/GroupedList/GroupHeader.js

msedge.exe

Remote address:

2.18.190.174:443

Request

GET /v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/components/GroupedList/GroupHeader.js HTTP/1.1
Host: cdn.vsassets.io
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: script
Referer: https://marketplace.visualstudio.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Type: application/x-javascript
Last-Modified: Fri, 10 Jan 2025 07:23:29 GMT
ETag: 0x8DD3147AE32C0C1
x-ms-request-id: 88305ae2-001e-0068-1b0b-663098000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: public, max-age=31290313
Date: Thu, 16 Jan 2025 18:50:56 GMT
Content-Length: 1165
Connection: keep-alive
Timing-Allow-Origin: *
Akamai-GRN: 0.aeb51202.1737053456.292ca7b7
GET

https://cdn.vsassets.io/v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/components/GroupedList/GroupHeader.scss.js

msedge.exe

Remote address:

2.18.190.174:443

Request

GET /v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/components/GroupedList/GroupHeader.scss.js HTTP/1.1
Host: cdn.vsassets.io
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: script
Referer: https://marketplace.visualstudio.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Type: application/x-javascript
Last-Modified: Fri, 10 Jan 2025 07:23:29 GMT
ETag: 0x8DD3147AE332B19
x-ms-request-id: 4c93ba3f-001e-0042-440b-66a3b6000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: public, max-age=31290284
Date: Thu, 16 Jan 2025 18:50:56 GMT
Content-Length: 1218
Connection: keep-alive
Timing-Allow-Origin: *
Akamai-GRN: 0.aeb51202.1737053456.292ca9b6
GET

https://cdn.vsassets.io/v/M248_20250109.5/_content/icon-social-email.svg

msedge.exe

Remote address:

2.18.190.174:443

Request

GET /v/M248_20250109.5/_content/icon-social-email.svg HTTP/1.1
Host: cdn.vsassets.io
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://marketplace.visualstudio.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Type: image/svg+xml
Last-Modified: Mon, 13 Jan 2025 22:00:32 GMT
ETag: 0x8DD341DB3881837
x-ms-request-id: cb0fba3b-d01e-0044-190b-66dc37000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: public, max-age=31290276
Date: Thu, 16 Jan 2025 18:50:56 GMT
Content-Length: 275
Connection: keep-alive
Timing-Allow-Origin: *
Akamai-GRN: 0.aeb51202.1737053456.292caaf0
GET

https://cdn.vsassets.io/v/M248_20250109.5/_content/Header/ImageSprite.png

msedge.exe

Remote address:

2.18.190.174:443

Request

GET /v/M248_20250109.5/_content/Header/ImageSprite.png HTTP/1.1
Host: cdn.vsassets.io
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://marketplace.visualstudio.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Length: 6309
Content-Type: image/png
Last-Modified: Mon, 13 Jan 2025 22:00:32 GMT
ETag: 0x8DD341DB3A2C02C
x-ms-request-id: 2248df42-c01e-005f-1d0a-667a5c000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31290062
Date: Thu, 16 Jan 2025 18:50:54 GMT
Connection: keep-alive
Timing-Allow-Origin: *
Akamai-GRN: 0.aeb51202.1737053454.292c7fc2
GET

https://cdn.vsassets.io/v/M248_20250109.5/_scripts/TFS/min/jQueryUI/version.js

msedge.exe

Remote address:

2.18.190.174:443

Request

GET /v/M248_20250109.5/_scripts/TFS/min/jQueryUI/version.js HTTP/1.1
Host: cdn.vsassets.io
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: script
Referer: https://marketplace.visualstudio.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Type: application/x-javascript
Last-Modified: Fri, 10 Jan 2025 07:23:27 GMT
ETag: 0x8DD3147ACF86C2C
x-ms-request-id: 41b96971-901e-002a-59e8-64fde7000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: public, max-age=31165130
Date: Thu, 16 Jan 2025 18:50:54 GMT
Content-Length: 147
Connection: keep-alive
Timing-Allow-Origin: *
Akamai-GRN: 0.aeb51202.1737053454.292c7fc8
GET

https://cdn.vsassets.io/v/M248_20250109.5/App_Themes/Default/ItemDetails/ScreenshotsCarousel.css

msedge.exe

Remote address:

2.18.190.174:443

Request

GET /v/M248_20250109.5/App_Themes/Default/ItemDetails/ScreenshotsCarousel.css HTTP/1.1
Host: cdn.vsassets.io
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: text/css,*/*;q=0.1
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: style
Referer: https://marketplace.visualstudio.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Type: text/css
Last-Modified: Mon, 13 Jan 2025 22:00:30 GMT
ETag: 0x8DD341DB26D4A56
x-ms-request-id: 8699d57e-b01e-0052-0e0a-662ae0000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Content-Length: 308
Cache-Control: public, max-age=31289998
Date: Thu, 16 Jan 2025 18:50:55 GMT
Connection: keep-alive
Vary: Accept-Encoding
Timing-Allow-Origin: *
Akamai-GRN: 0.aeb51202.1737053455.292c8aa8
GET

https://cdn.vsassets.io/v/M248_20250109.5/App_Themes/Default/Shared/LinkAsButton.css

msedge.exe

Remote address:

2.18.190.174:443

Request

GET /v/M248_20250109.5/App_Themes/Default/Shared/LinkAsButton.css HTTP/1.1
Host: cdn.vsassets.io
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: text/css,*/*;q=0.1
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: style
Referer: https://marketplace.visualstudio.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Type: text/css
Last-Modified: Mon, 13 Jan 2025 22:00:31 GMT
ETag: 0x8DD341DB2B930DA
x-ms-request-id: 78db6639-101e-0066-5b12-665ec8000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: public, max-age=31293252
Date: Thu, 16 Jan 2025 18:50:55 GMT
Content-Length: 100
Connection: keep-alive
Timing-Allow-Origin: *
Akamai-GRN: 0.aeb51202.1737053455.292c8bf7
GET

https://cdn.vsassets.io/v/M248_20250109.5/App_Themes/Default/QnA/AnswerContent.css

msedge.exe

Remote address:

2.18.190.174:443

Request

GET /v/M248_20250109.5/App_Themes/Default/QnA/AnswerContent.css HTTP/1.1
Host: cdn.vsassets.io
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: text/css,*/*;q=0.1
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: style
Referer: https://marketplace.visualstudio.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Type: text/css
Last-Modified: Mon, 13 Jan 2025 22:00:31 GMT
ETag: 0x8DD341DB2A22C07
x-ms-request-id: 1506580d-d01e-003f-3d0a-665b4e000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: public, max-age=31289990
Date: Thu, 16 Jan 2025 18:50:55 GMT
Content-Length: 276
Connection: keep-alive
Timing-Allow-Origin: *
Akamai-GRN: 0.aeb51202.1737053455.292c8d4e
GET

https://cdn.vsassets.io/v/M248_20250109.5/App_Themes/Default/ItemDetails/CapabilitiesContainer.css

msedge.exe

Remote address:

2.18.190.174:443

Request

GET /v/M248_20250109.5/App_Themes/Default/ItemDetails/CapabilitiesContainer.css HTTP/1.1
Host: cdn.vsassets.io
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: text/css,*/*;q=0.1
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: style
Referer: https://marketplace.visualstudio.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Type: text/css
Last-Modified: Mon, 13 Jan 2025 22:00:30 GMT
ETag: 0x8DD341DB2610CB2
x-ms-request-id: 0ee85511-601e-0052-160a-669550000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: public, max-age=31290061
Date: Thu, 16 Jan 2025 18:50:55 GMT
Content-Length: 99
Connection: keep-alive
Timing-Allow-Origin: *
Akamai-GRN: 0.aeb51202.1737053455.292c8ec3
GET

https://cdn.vsassets.io/v/M248_20250109.5/App_Themes/Default/ItemDetails/NewPricingCalculator.css

msedge.exe

Remote address:

2.18.190.174:443

Request

GET /v/M248_20250109.5/App_Themes/Default/ItemDetails/NewPricingCalculator.css HTTP/1.1
Host: cdn.vsassets.io
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: text/css,*/*;q=0.1
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: style
Referer: https://marketplace.visualstudio.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Type: text/css
Last-Modified: Mon, 13 Jan 2025 22:00:30 GMT
ETag: 0x8DD341DB26AC170
x-ms-request-id: edfca446-001e-003d-2a0a-6659b4000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: public, max-age=31289973
Date: Thu, 16 Jan 2025 18:50:55 GMT
Content-Length: 191
Connection: keep-alive
Timing-Allow-Origin: *
Akamai-GRN: 0.aeb51202.1737053455.292c9055
GET

https://cdn.vsassets.io/v/M248_20250109.5/App_Themes/Default/ItemDetails/OneClickInstallDialog.css

msedge.exe

Remote address:

2.18.190.174:443

Request

GET /v/M248_20250109.5/App_Themes/Default/ItemDetails/OneClickInstallDialog.css HTTP/1.1
Host: cdn.vsassets.io
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: text/css,*/*;q=0.1
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: style
Referer: https://marketplace.visualstudio.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Type: text/css
Last-Modified: Mon, 13 Jan 2025 22:00:30 GMT
ETag: 0x8DD341DB26C09CF
x-ms-request-id: c58d5268-e01e-001e-460a-66367f000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: public, max-age=31290004
Date: Thu, 16 Jan 2025 18:50:55 GMT
Content-Length: 206
Connection: keep-alive
Timing-Allow-Origin: *
Akamai-GRN: 0.aeb51202.1737053455.292c91f4
GET

https://cdn.vsassets.io/v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/Toggle.js

msedge.exe

Remote address:

2.18.190.174:443

Request

GET /v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/Toggle.js HTTP/1.1
Host: cdn.vsassets.io
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: script
Referer: https://marketplace.visualstudio.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Type: application/x-javascript
Last-Modified: Fri, 10 Jan 2025 07:23:28 GMT
ETag: 0x8DD3147AD94DEDE
x-ms-request-id: a7188fe6-d01e-007b-470a-668722000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: public, max-age=31290004
Date: Thu, 16 Jan 2025 18:50:55 GMT
Content-Length: 176
Connection: keep-alive
Timing-Allow-Origin: *
Akamai-GRN: 0.aeb51202.1737053455.292c9347
GET

https://cdn.vsassets.io/v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/Nav.js

msedge.exe

Remote address:

2.18.190.174:443

Request

GET /v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/Nav.js HTTP/1.1
Host: cdn.vsassets.io
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: script
Referer: https://marketplace.visualstudio.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Type: application/x-javascript
Last-Modified: Fri, 10 Jan 2025 07:23:27 GMT
ETag: 0x8DD3147AD813E98
x-ms-request-id: 546022cd-601e-0062-080a-66ab4a000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: public, max-age=31289957
Date: Thu, 16 Jan 2025 18:50:55 GMT
Content-Length: 174
Connection: keep-alive
Timing-Allow-Origin: *
Akamai-GRN: 0.aeb51202.1737053455.292c9492
GET

https://cdn.vsassets.io/v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/components/CommandBar/index.js

msedge.exe

Remote address:

2.18.190.174:443

Request

GET /v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/components/CommandBar/index.js HTTP/1.1
Host: cdn.vsassets.io
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: script
Referer: https://marketplace.visualstudio.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Type: application/x-javascript
Last-Modified: Fri, 10 Jan 2025 07:23:28 GMT
ETag: 0x8DD3147ADEE5EAB
x-ms-request-id: 5828954e-101e-0039-430a-66ad14000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: public, max-age=31290054
Date: Thu, 16 Jan 2025 18:50:55 GMT
Content-Length: 182
Connection: keep-alive
Timing-Allow-Origin: *
Akamai-GRN: 0.aeb51202.1737053455.292c95a4
GET

https://cdn.vsassets.io/v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/utilities/selection/interfaces.js

msedge.exe

Remote address:

2.18.190.174:443

Request

GET /v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/utilities/selection/interfaces.js HTTP/1.1
Host: cdn.vsassets.io
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: script
Referer: https://marketplace.visualstudio.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Type: application/x-javascript
Last-Modified: Fri, 10 Jan 2025 07:23:30 GMT
ETag: 0x8DD3147AF2183D4
x-ms-request-id: ddf2c92a-e01e-000c-040a-666653000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: public, max-age=31290005
Date: Thu, 16 Jan 2025 18:50:55 GMT
Content-Length: 291
Connection: keep-alive
Timing-Allow-Origin: *
Akamai-GRN: 0.aeb51202.1737053455.292c9843
GET

https://cdn.vsassets.io/v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/components/DetailsList/DetailsList.types.js

msedge.exe

Remote address:

2.18.190.174:443

Request

GET /v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/components/DetailsList/DetailsList.types.js HTTP/1.1
Host: cdn.vsassets.io
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: script
Referer: https://marketplace.visualstudio.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Type: application/x-javascript
Last-Modified: Fri, 10 Jan 2025 07:23:28 GMT
ETag: 0x8DD3147ADF572E2
x-ms-request-id: 91579223-301e-002e-310a-66041f000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: public, max-age=31290004
Date: Thu, 16 Jan 2025 18:50:55 GMT
Content-Length: 369
Connection: keep-alive
Timing-Allow-Origin: *
Akamai-GRN: 0.aeb51202.1737053455.292c9972
GET

https://cdn.vsassets.io/v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/components/ChoiceGroup/ChoiceGroup.js

msedge.exe

Remote address:

2.18.190.174:443

Request

GET /v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/components/ChoiceGroup/ChoiceGroup.js HTTP/1.1
Host: cdn.vsassets.io
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: script
Referer: https://marketplace.visualstudio.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Type: application/x-javascript
Last-Modified: Fri, 10 Jan 2025 07:23:28 GMT
ETag: 0x8DD3147ADD3FD13
x-ms-request-id: 24918795-001e-0060-130a-66cd80000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: public, max-age=31289980
Date: Thu, 16 Jan 2025 18:50:55 GMT
Content-Length: 1791
Connection: keep-alive
Timing-Allow-Origin: *
Akamai-GRN: 0.aeb51202.1737053455.292c9a8d
GET

https://cdn.vsassets.io/v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/components/DatePicker/DatePicker.js

msedge.exe

Remote address:

2.18.190.174:443

Request

GET /v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/components/DatePicker/DatePicker.js HTTP/1.1
Host: cdn.vsassets.io
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: script
Referer: https://marketplace.visualstudio.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Type: application/x-javascript
Last-Modified: Fri, 10 Jan 2025 07:23:28 GMT
ETag: 0x8DD3147ADF2B24B
x-ms-request-id: c52ab8de-401e-001b-6f0a-66680b000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: public, max-age=31289976
Date: Thu, 16 Jan 2025 18:50:55 GMT
Content-Length: 2488
Connection: keep-alive
Timing-Allow-Origin: *
Akamai-GRN: 0.aeb51202.1737053455.292c9c75
GET

https://cdn.vsassets.io/v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/components/DetailsList/DetailsRowCheck.scss.js

msedge.exe

Remote address:

2.18.190.174:443

Request

GET /v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/components/DetailsList/DetailsRowCheck.scss.js HTTP/1.1
Host: cdn.vsassets.io
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: script
Referer: https://marketplace.visualstudio.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Type: application/x-javascript
Last-Modified: Fri, 10 Jan 2025 07:23:28 GMT
ETag: 0x8DD3147AE011E39
x-ms-request-id: 8f6c55a9-401e-003a-060a-66af31000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: public, max-age=31290032
Date: Thu, 16 Jan 2025 18:50:55 GMT
Content-Length: 703
Connection: keep-alive
Timing-Allow-Origin: *
Akamai-GRN: 0.aeb51202.1737053455.292c9df3
GET

https://cdn.vsassets.io/v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/Check.js

msedge.exe

Remote address:

2.18.190.174:443

Request

GET /v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/Check.js HTTP/1.1
Host: cdn.vsassets.io
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: script
Referer: https://marketplace.visualstudio.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Type: application/x-javascript
Last-Modified: Fri, 10 Jan 2025 07:23:27 GMT
ETag: 0x8DD3147AD6DB94C
x-ms-request-id: e6aac648-801e-0041-470a-66c481000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: public, max-age=31290075
Date: Thu, 16 Jan 2025 18:50:55 GMT
Content-Length: 176
Connection: keep-alive
Timing-Allow-Origin: *
Akamai-GRN: 0.aeb51202.1737053455.292c9f9a
GET

https://cdn.vsassets.io/v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/components/Breadcrumb/Breadcrumb.styles.js

msedge.exe

Remote address:

2.18.190.174:443

Request

GET /v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/components/Breadcrumb/Breadcrumb.styles.js HTTP/1.1
Host: cdn.vsassets.io
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: script
Referer: https://marketplace.visualstudio.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Type: application/x-javascript
Last-Modified: Fri, 10 Jan 2025 07:23:28 GMT
ETag: 0x8DD3147ADAFF700
x-ms-request-id: 8f6c589b-401e-003a-550a-66af31000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: public, max-age=31290009
Date: Thu, 16 Jan 2025 18:50:55 GMT
Content-Length: 887
Connection: keep-alive
Timing-Allow-Origin: *
Akamai-GRN: 0.aeb51202.1737053455.292ca114
GET

https://cdn.vsassets.io/v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/utilities/dateValues/DateValues.js

msedge.exe

Remote address:

2.18.190.174:443

Request

GET /v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/utilities/dateValues/DateValues.js HTTP/1.1
Host: cdn.vsassets.io
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: script
Referer: https://marketplace.visualstudio.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Type: application/x-javascript
Last-Modified: Fri, 10 Jan 2025 07:23:30 GMT
ETag: 0x8DD3147AF04FF64
x-ms-request-id: eb08be08-501e-003c-3f0a-663c79000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: public, max-age=31290046
Date: Thu, 16 Jan 2025 18:50:55 GMT
Content-Length: 482
Connection: keep-alive
Timing-Allow-Origin: *
Akamai-GRN: 0.aeb51202.1737053455.292ca260
GET

https://cdn.vsassets.io/v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/components/DetailsList/DetailsHeader.scss.js

msedge.exe

Remote address:

2.18.190.174:443

Request

GET /v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/components/DetailsList/DetailsHeader.scss.js HTTP/1.1
Host: cdn.vsassets.io
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: script
Referer: https://marketplace.visualstudio.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Type: application/x-javascript
Last-Modified: Fri, 10 Jan 2025 07:23:28 GMT
ETag: 0x8DD3147ADF6AB89
x-ms-request-id: 95cc5767-f01e-0001-7e0b-66ed6f000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: public, max-age=31290292
Date: Thu, 16 Jan 2025 18:50:55 GMT
Content-Length: 1913
Connection: keep-alive
Timing-Allow-Origin: *
Akamai-GRN: 0.aeb51202.1737053455.292ca3bc
GET

https://cdn.vsassets.io/v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/utilities/dateValues/TimeConstants.js

msedge.exe

Remote address:

2.18.190.174:443

Request

GET /v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/utilities/dateValues/TimeConstants.js HTTP/1.1
Host: cdn.vsassets.io
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: script
Referer: https://marketplace.visualstudio.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Type: application/x-javascript
Last-Modified: Fri, 10 Jan 2025 07:23:30 GMT
ETag: 0x8DD3147AF0429FD
x-ms-request-id: 45502b7c-d01e-0009-320b-6613db000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: public, max-age=31290258
Date: Thu, 16 Jan 2025 18:50:55 GMT
Content-Length: 261
Connection: keep-alive
Timing-Allow-Origin: *
Akamai-GRN: 0.aeb51202.1737053455.292ca4f0
GET

https://cdn.vsassets.io/v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/components/Calendar/Calendar.js

msedge.exe

Remote address:

2.18.190.174:443

Request

GET /v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/components/Calendar/Calendar.js HTTP/1.1
Host: cdn.vsassets.io
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: script
Referer: https://marketplace.visualstudio.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Type: application/x-javascript
Last-Modified: Fri, 10 Jan 2025 07:23:28 GMT
ETag: 0x8DD3147ADBB5CA0
x-ms-request-id: 1e17a06e-701e-0046-710b-665634000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: public, max-age=31290247
Date: Thu, 16 Jan 2025 18:50:56 GMT
Content-Length: 1983
Connection: keep-alive
Timing-Allow-Origin: *
Akamai-GRN: 0.aeb51202.1737053456.292ca5f3
GET

https://cdn.vsassets.io/v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/components/Calendar/CalendarDay.js

msedge.exe

Remote address:

2.18.190.174:443

Request

GET /v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/components/Calendar/CalendarDay.js HTTP/1.1
Host: cdn.vsassets.io
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: script
Referer: https://marketplace.visualstudio.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Type: application/x-javascript
Last-Modified: Fri, 10 Jan 2025 07:23:28 GMT
ETag: 0x8DD3147ADB22191
x-ms-request-id: b12f8b0b-601e-0033-020b-6609a3000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: public, max-age=31290344
Date: Thu, 16 Jan 2025 18:50:56 GMT
Content-Length: 3437
Connection: keep-alive
Timing-Allow-Origin: *
Akamai-GRN: 0.aeb51202.1737053456.292ca762
GET

https://cdn.vsassets.io/v/M248_20250109.5/App_Themes/Default/Shared/Carousel.css

msedge.exe

Remote address:

2.18.190.174:443

Request

GET /v/M248_20250109.5/App_Themes/Default/Shared/Carousel.css HTTP/1.1
Host: cdn.vsassets.io
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: text/css,*/*;q=0.1
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: style
Referer: https://marketplace.visualstudio.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Type: text/css
Last-Modified: Mon, 13 Jan 2025 22:00:31 GMT
ETag: 0x8DD341DB2A87FB5
x-ms-request-id: 403feafe-c01e-0046-1e0a-663204000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: public, max-age=31290013
Date: Thu, 16 Jan 2025 18:50:54 GMT
Content-Length: 788
Connection: keep-alive
Timing-Allow-Origin: *
Akamai-GRN: 0.aeb51202.1737053454.292c8067
GET

https://cdn.vsassets.io/v/M248_20250109.5/App_Themes/Default/Shared/ReadMoreText.css

msedge.exe

Remote address:

2.18.190.174:443

Request

GET /v/M248_20250109.5/App_Themes/Default/Shared/ReadMoreText.css HTTP/1.1
Host: cdn.vsassets.io
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: text/css,*/*;q=0.1
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: style
Referer: https://marketplace.visualstudio.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Type: text/css
Last-Modified: Mon, 13 Jan 2025 22:00:31 GMT
ETag: 0x8DD341DB2C15C56
x-ms-request-id: 22353100-701e-002f-2c0a-665bc3000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: public, max-age=31289969
Date: Thu, 16 Jan 2025 18:50:55 GMT
Content-Length: 87
Connection: keep-alive
Timing-Allow-Origin: *
Akamai-GRN: 0.aeb51202.1737053455.292c8b52
GET

https://cdn.vsassets.io/v/M248_20250109.5/App_Themes/Default/QnA/AskQuestionDialog.css

msedge.exe

Remote address:

2.18.190.174:443

Request

GET /v/M248_20250109.5/App_Themes/Default/QnA/AskQuestionDialog.css HTTP/1.1
Host: cdn.vsassets.io
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: text/css,*/*;q=0.1
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: style
Referer: https://marketplace.visualstudio.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Type: text/css
Last-Modified: Mon, 13 Jan 2025 22:00:31 GMT
ETag: 0x8DD341DB2A0BC16
x-ms-request-id: aa9778ef-a01e-000b-4c0a-6690d6000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: public, max-age=31290060
Date: Thu, 16 Jan 2025 18:50:55 GMT
Content-Length: 343
Connection: keep-alive
Timing-Allow-Origin: *
Akamai-GRN: 0.aeb51202.1737053455.292c8c54
GET

https://cdn.vsassets.io/v/M248_20250109.5/App_Themes/Default/QnA/QnAItemRow.css

msedge.exe

Remote address:

2.18.190.174:443

Request

GET /v/M248_20250109.5/App_Themes/Default/QnA/QnAItemRow.css HTTP/1.1
Host: cdn.vsassets.io
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: text/css,*/*;q=0.1
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: style
Referer: https://marketplace.visualstudio.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Type: text/css
Last-Modified: Mon, 13 Jan 2025 22:00:31 GMT
ETag: 0x8DD341DB2A13AB8
x-ms-request-id: a9094046-a01e-0056-090a-6604e2000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: public, max-age=31290057
Date: Thu, 16 Jan 2025 18:50:55 GMT
Content-Length: 327
Connection: keep-alive
Timing-Allow-Origin: *
Akamai-GRN: 0.aeb51202.1737053455.292c8dce
GET

https://cdn.vsassets.io/v/M248_20250109.5/App_Themes/Default/ItemDetails/MoreInfoContainer.css

msedge.exe

Remote address:

2.18.190.174:443

Request

GET /v/M248_20250109.5/App_Themes/Default/ItemDetails/MoreInfoContainer.css HTTP/1.1
Host: cdn.vsassets.io
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: text/css,*/*;q=0.1
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: style
Referer: https://marketplace.visualstudio.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Type: text/css
Last-Modified: Mon, 13 Jan 2025 22:00:30 GMT
ETag: 0x8DD341DB2695615
x-ms-request-id: 3c07b799-c01e-0002-100a-66ee68000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: public, max-age=31290013
Date: Thu, 16 Jan 2025 18:50:55 GMT
Content-Length: 500
Connection: keep-alive
Timing-Allow-Origin: *
Akamai-GRN: 0.aeb51202.1737053455.292c8f37
GET

https://cdn.vsassets.io/v/M248_20250109.5/App_Themes/Default/RnR/RnRRow.css

msedge.exe

Remote address:

2.18.190.174:443

Request

GET /v/M248_20250109.5/App_Themes/Default/RnR/RnRRow.css HTTP/1.1
Host: cdn.vsassets.io
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: text/css,*/*;q=0.1
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: style
Referer: https://marketplace.visualstudio.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Type: text/css
Last-Modified: Mon, 13 Jan 2025 22:00:31 GMT
ETag: 0x8DD341DB2A563A2
x-ms-request-id: edca9b5a-601e-006e-670a-660327000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: public, max-age=31289972
Date: Thu, 16 Jan 2025 18:50:55 GMT
Content-Length: 570
Connection: keep-alive
Timing-Allow-Origin: *
Akamai-GRN: 0.aeb51202.1737053455.292c9101
GET

https://cdn.vsassets.io/v/M248_20250109.5/App_Themes/Default/Shared/MarketplaceCertifiedBadge.css

msedge.exe

Remote address:

2.18.190.174:443

Request

GET /v/M248_20250109.5/App_Themes/Default/Shared/MarketplaceCertifiedBadge.css HTTP/1.1
Host: cdn.vsassets.io
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: text/css,*/*;q=0.1
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: style
Referer: https://marketplace.visualstudio.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Type: text/css
Last-Modified: Mon, 13 Jan 2025 22:00:31 GMT
ETag: 0x8DD341DB2B83A2B
x-ms-request-id: be2e90f2-201e-0040-3b0a-665130000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: public, max-age=31289966
Date: Thu, 16 Jan 2025 18:50:55 GMT
Content-Length: 318
Connection: keep-alive
Timing-Allow-Origin: *
Akamai-GRN: 0.aeb51202.1737053455.292c924e
GET

https://cdn.vsassets.io/v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/Slider.js

msedge.exe

Remote address:

2.18.190.174:443

Request

GET /v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/Slider.js HTTP/1.1
Host: cdn.vsassets.io
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: script
Referer: https://marketplace.visualstudio.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Type: application/x-javascript
Last-Modified: Fri, 10 Jan 2025 07:23:28 GMT
ETag: 0x8DD3147AD947C5C
x-ms-request-id: 2248e8b8-c01e-005f-160a-667a5c000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: public, max-age=31290046
Date: Thu, 16 Jan 2025 18:50:55 GMT
Content-Length: 175
Connection: keep-alive
Timing-Allow-Origin: *
Akamai-GRN: 0.aeb51202.1737053455.292c9372
GET

https://cdn.vsassets.io/v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/DatePicker.js

msedge.exe

Remote address:

2.18.190.174:443

Request

GET /v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/DatePicker.js HTTP/1.1
Host: cdn.vsassets.io
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: script
Referer: https://marketplace.visualstudio.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Type: application/x-javascript
Last-Modified: Fri, 10 Jan 2025 07:23:27 GMT
ETag: 0x8DD3147AD72DB2E
x-ms-request-id: aed19d6c-e01e-0051-3e0a-66f267000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: public, max-age=31290012
Date: Thu, 16 Jan 2025 18:50:55 GMT
Content-Length: 181
Connection: keep-alive
Timing-Allow-Origin: *
Akamai-GRN: 0.aeb51202.1737053455.292c94d7
GET

https://cdn.vsassets.io/v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/components/ChoiceGroup/index.js

msedge.exe

Remote address:

2.18.190.174:443

Request

GET /v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/components/ChoiceGroup/index.js HTTP/1.1
Host: cdn.vsassets.io
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: script
Referer: https://marketplace.visualstudio.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Type: application/x-javascript
Last-Modified: Fri, 10 Jan 2025 07:23:28 GMT
ETag: 0x8DD3147ADD5C6BB
x-ms-request-id: 8699ec02-b01e-0052-480a-662ae0000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: public, max-age=31289988
Date: Thu, 16 Jan 2025 18:50:55 GMT
Content-Length: 182
Connection: keep-alive
Timing-Allow-Origin: *
Akamai-GRN: 0.aeb51202.1737053455.292c95f9
GET

https://cdn.vsassets.io/v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/utilities/selection/Selection.js

msedge.exe

Remote address:

2.18.190.174:443

Request

GET /v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/utilities/selection/Selection.js HTTP/1.1
Host: cdn.vsassets.io
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: script
Referer: https://marketplace.visualstudio.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Type: application/x-javascript
Last-Modified: Fri, 10 Jan 2025 07:23:30 GMT
ETag: 0x8DD3147AF21F916
x-ms-request-id: 1103b35d-101e-0000-070a-66ec92000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: public, max-age=31290020
Date: Thu, 16 Jan 2025 18:50:55 GMT
Content-Length: 1607
Connection: keep-alive
Timing-Allow-Origin: *
Akamai-GRN: 0.aeb51202.1737053455.292c9866
GET

https://cdn.vsassets.io/v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/components/DetailsList/DetailsRowCheck.js

msedge.exe

Remote address:

2.18.190.174:443

Request

GET /v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/components/DetailsList/DetailsRowCheck.js HTTP/1.1
Host: cdn.vsassets.io
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: script
Referer: https://marketplace.visualstudio.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Type: application/x-javascript
Last-Modified: Fri, 10 Jan 2025 07:23:28 GMT
ETag: 0x8DD3147ADF6841F
x-ms-request-id: 8e8f164c-b01e-0036-640a-6625f0000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: public, max-age=31290061
Date: Thu, 16 Jan 2025 18:50:55 GMT
Content-Length: 516
Connection: keep-alive
Timing-Allow-Origin: *
Akamai-GRN: 0.aeb51202.1737053455.292c9991
GET

https://cdn.vsassets.io/v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/components/Breadcrumb/Breadcrumb.js

msedge.exe

Remote address:

2.18.190.174:443

Request

GET /v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/components/Breadcrumb/Breadcrumb.js HTTP/1.1
Host: cdn.vsassets.io
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: script
Referer: https://marketplace.visualstudio.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Type: application/x-javascript
Last-Modified: Fri, 10 Jan 2025 07:23:28 GMT
ETag: 0x8DD3147ADB03A62
x-ms-request-id: 09583297-a01e-005d-260a-661c96000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: public, max-age=31290018
Date: Thu, 16 Jan 2025 18:50:55 GMT
Content-Length: 207
Connection: keep-alive
Timing-Allow-Origin: *
Akamai-GRN: 0.aeb51202.1737053455.292c9a9d
GET

https://cdn.vsassets.io/v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/components/List/List.types.js

msedge.exe

Remote address:

2.18.190.174:443

Request

GET /v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/components/List/List.types.js HTTP/1.1
Host: cdn.vsassets.io
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: script
Referer: https://marketplace.visualstudio.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Type: application/x-javascript
Last-Modified: Fri, 10 Jan 2025 07:23:29 GMT
ETag: 0x8DD3147AE6D41F1
x-ms-request-id: 5e20045e-301e-0068-3e0a-66d6f3000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: public, max-age=31289982
Date: Thu, 16 Jan 2025 18:50:55 GMT
Content-Length: 232
Connection: keep-alive
Timing-Allow-Origin: *
Akamai-GRN: 0.aeb51202.1737053455.292c9c54
GET

https://cdn.vsassets.io/v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/components/DetailsList/DetailsRow.scss.js

msedge.exe

Remote address:

2.18.190.174:443

Request

GET /v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/components/DetailsList/DetailsRow.scss.js HTTP/1.1
Host: cdn.vsassets.io
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: script
Referer: https://marketplace.visualstudio.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Type: application/x-javascript
Last-Modified: Fri, 10 Jan 2025 07:23:28 GMT
ETag: 0x8DD3147ADF773B4
x-ms-request-id: 7134fc83-d01e-000f-1e0a-666554000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: public, max-age=31289984
Date: Thu, 16 Jan 2025 18:50:55 GMT
Content-Length: 1688
Connection: keep-alive
Timing-Allow-Origin: *
Akamai-GRN: 0.aeb51202.1737053455.292c9dba
GET

https://cdn.vsassets.io/v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/utilities/decorators/withViewport.js

msedge.exe

Remote address:

2.18.190.174:443

Request

GET /v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/utilities/decorators/withViewport.js HTTP/1.1
Host: cdn.vsassets.io
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: script
Referer: https://marketplace.visualstudio.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Type: application/x-javascript
Last-Modified: Fri, 10 Jan 2025 07:23:30 GMT
ETag: 0x8DD3147AF06E084
x-ms-request-id: 408a8fad-501e-0051-120a-669657000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Content-Length: 766
Cache-Control: public, max-age=31289957
Date: Thu, 16 Jan 2025 18:50:55 GMT
Connection: keep-alive
Vary: Accept-Encoding
Timing-Allow-Origin: *
Akamai-GRN: 0.aeb51202.1737053455.292c9f71
GET

https://cdn.vsassets.io/v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/components/Slider/Slider.scss.js

msedge.exe

Remote address:

2.18.190.174:443

Request

GET /v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/components/Slider/Slider.scss.js HTTP/1.1
Host: cdn.vsassets.io
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: script
Referer: https://marketplace.visualstudio.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Type: application/x-javascript
Last-Modified: Fri, 10 Jan 2025 07:23:30 GMT
ETag: 0x8DD3147AEC9413F
x-ms-request-id: 317d5e11-e01e-0015-640a-662e0b000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: public, max-age=31290000
Date: Thu, 16 Jan 2025 18:50:55 GMT
Content-Length: 1434
Connection: keep-alive
Timing-Allow-Origin: *
Akamai-GRN: 0.aeb51202.1737053455.292ca10b
GET

https://cdn.vsassets.io/v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/components/Nav/Nav.styles.js

msedge.exe

Remote address:

2.18.190.174:443

Request

GET /v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/components/Nav/Nav.styles.js HTTP/1.1
Host: cdn.vsassets.io
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: script
Referer: https://marketplace.visualstudio.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Type: application/x-javascript
Last-Modified: Fri, 10 Jan 2025 07:23:29 GMT
ETag: 0x8DD3147AE6DB712
x-ms-request-id: 317bef68-401e-0057-6612-66051f000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: public, max-age=31293219
Date: Thu, 16 Jan 2025 18:50:55 GMT
Content-Length: 1300
Connection: keep-alive
Timing-Allow-Origin: *
Akamai-GRN: 0.aeb51202.1737053455.292ca24f
GET

https://cdn.vsassets.io/v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/components/GroupedList/GroupSpacer.scss.js

msedge.exe

Remote address:

2.18.190.174:443

Request

GET /v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/components/GroupedList/GroupSpacer.scss.js HTTP/1.1
Host: cdn.vsassets.io
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: script
Referer: https://marketplace.visualstudio.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Type: application/x-javascript
Last-Modified: Fri, 10 Jan 2025 07:23:29 GMT
ETag: 0x8DD3147AE42673E
x-ms-request-id: 1cb38385-101e-0019-010b-66a4ca000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: public, max-age=31290272
Date: Thu, 16 Jan 2025 18:50:55 GMT
Content-Length: 247
Connection: keep-alive
Timing-Allow-Origin: *
Akamai-GRN: 0.aeb51202.1737053455.292ca387
GET

https://cdn.vsassets.io/v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/components/Calendar/index.js

msedge.exe

Remote address:

2.18.190.174:443

Request

GET /v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/components/Calendar/index.js HTTP/1.1
Host: cdn.vsassets.io
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: script
Referer: https://marketplace.visualstudio.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Type: application/x-javascript
Last-Modified: Fri, 10 Jan 2025 07:23:28 GMT
ETag: 0x8DD3147ADCA2256
x-ms-request-id: 582d370f-101e-0039-440b-66ad14000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: public, max-age=31290308
Date: Thu, 16 Jan 2025 18:50:55 GMT
Content-Length: 188
Connection: keep-alive
Timing-Allow-Origin: *
Akamai-GRN: 0.aeb51202.1737053455.292ca4cd
GET

https://cdn.vsassets.io/v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/components/ResizeGroup/ResizeGroup.base.js

msedge.exe

Remote address:

2.18.190.174:443

Request

GET /v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/components/ResizeGroup/ResizeGroup.base.js HTTP/1.1
Host: cdn.vsassets.io
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: script
Referer: https://marketplace.visualstudio.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Type: application/x-javascript
Last-Modified: Fri, 10 Jan 2025 07:23:30 GMT
ETag: 0x8DD3147AEB6EEEE
x-ms-request-id: 965623d9-201e-006e-7e0b-6645bb000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: public, max-age=31290283
Date: Thu, 16 Jan 2025 18:50:55 GMT
Content-Length: 1395
Connection: keep-alive
Timing-Allow-Origin: *
Akamai-GRN: 0.aeb51202.1737053455.292ca5d1
GET

https://cdn.vsassets.io/v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/components/Calendar/CalendarMonth.js

msedge.exe

Remote address:

2.18.190.174:443

Request

GET /v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/components/Calendar/CalendarMonth.js HTTP/1.1
Host: cdn.vsassets.io
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: script
Referer: https://marketplace.visualstudio.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Type: application/x-javascript
Last-Modified: Fri, 10 Jan 2025 07:23:28 GMT
ETag: 0x8DD3147ADCA1067
x-ms-request-id: e3da0ad5-501e-0078-050b-66e015000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: public, max-age=31290385
Date: Thu, 16 Jan 2025 18:50:56 GMT
Content-Length: 1616
Connection: keep-alive
Timing-Allow-Origin: *
Akamai-GRN: 0.aeb51202.1737053456.292ca713
DNS

228.69.165.172.in-addr.arpa

Code.exe

Remote address:

8.8.8.8:53

Request

228.69.165.172.in-addr.arpa

IN PTR

Response
DNS

mobile.events.data.microsoft.com

Code.exe

Remote address:

8.8.8.8:53

Request

mobile.events.data.microsoft.com

IN A

Response

mobile.events.data.microsoft.com

IN CNAME

mobile.events.data.trafficmanager.net

mobile.events.data.trafficmanager.net

IN CNAME

onedscolprdcus14.centralus.cloudapp.azure.com

onedscolprdcus14.centralus.cloudapp.azure.com

IN A

104.208.16.90
DNS

174.190.18.2.in-addr.arpa

Remote address:

8.8.8.8:53

Request

174.190.18.2.in-addr.arpa

IN PTR

Response

174.190.18.2.in-addr.arpa

IN PTR

a2-18-190-174deploystaticakamaitechnologiescom
DNS

ms-dotnettools.gallerycdn.vsassets.io

msedge.exe

Remote address:

8.8.8.8:53

Request

ms-dotnettools.gallerycdn.vsassets.io

IN A

Response

ms-dotnettools.gallerycdn.vsassets.io

IN CNAME

market-prod-cdn.trafficmanager.net

market-prod-cdn.trafficmanager.net

IN CNAME

gallerycdn.vsassets.io.edgesuite.net

gallerycdn.vsassets.io.edgesuite.net

IN CNAME

a125.dscr.akamai.net

a125.dscr.akamai.net

IN A

88.221.134.178

a125.dscr.akamai.net

IN A

88.221.134.225

a125.dscr.akamai.net

IN A

88.221.134.219
GET

https://cdn.vsassets.io/v/M248_20250109.5/_content/Fonts/Icons/AzDevMDL2.woff

msedge.exe

Remote address:

2.18.190.174:443

Request

GET /v/M248_20250109.5/_content/Fonts/Icons/AzDevMDL2.woff HTTP/1.1
Host: cdn.vsassets.io
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
Origin: https://marketplace.visualstudio.com
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: */*
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: font
Referer: https://marketplace.visualstudio.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Type: application/octet-stream
Last-Modified: Fri, 10 Jan 2025 07:22:06 GMT
ETag: 0x8DD31477D2D7B82
x-ms-request-id: 10e5fac1-801e-002c-0a0a-666eaf000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: public, max-age=31290000
Date: Thu, 16 Jan 2025 18:50:54 GMT
Content-Length: 58708
Connection: keep-alive
Timing-Allow-Origin: *
Akamai-GRN: 0.aeb51202.1737053454.292c866b
GET

https://cdn.vsassets.io/v/M248_20250109.5/_content/Fonts/Icons/bowtie.woff

msedge.exe

Remote address:

2.18.190.174:443

Request

GET /v/M248_20250109.5/_content/Fonts/Icons/bowtie.woff HTTP/1.1
Host: cdn.vsassets.io
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
Origin: https://marketplace.visualstudio.com
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: */*
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: font
Referer: https://marketplace.visualstudio.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Type: application/octet-stream
Last-Modified: Fri, 10 Jan 2025 07:22:06 GMT
ETag: 0x8DD31477D2FC4CE
x-ms-request-id: 5251a369-601e-000f-261e-650164000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Content-Length: 44636
Cache-Control: public, max-age=31188367
Date: Thu, 16 Jan 2025 18:50:54 GMT
Connection: keep-alive
Vary: Accept-Encoding
Timing-Allow-Origin: *
Akamai-GRN: 0.aeb51202.1737053454.292c8673
DNS

github.com

msedge.exe

Remote address:

8.8.8.8:53

Request

github.com

IN A

Response

github.com

IN A

20.26.156.215
GET

https://ms-dotnettools.gallerycdn.vsassets.io/extensions/ms-dotnettools/csdevkit/1.16.4/1736874634085/Microsoft.VisualStudio.Services.Icons.Default

msedge.exe

Remote address:

88.221.134.178:443

Request

GET /extensions/ms-dotnettools/csdevkit/1.16.4/1736874634085/Microsoft.VisualStudio.Services.Icons.Default HTTP/1.1
Host: ms-dotnettools.gallerycdn.vsassets.io
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://marketplace.visualstudio.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Cache-Control: public, max-age=31536000
Content-Length: 32068
Content-Type: image/png
Content-Encoding: gzip
Last-Modified: Tue, 14 Jan 2025 17:10:34 GMT
ETag: 0x8DD34BE5BA00D44
x-ms-request-id: 5b3fe75d-d01e-0092-06a9-6643d9000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Date: Thu, 16 Jan 2025 18:50:54 GMT
Connection: keep-alive
Cross-Origin-Resource-Policy: cross-origin
GET

https://github.com/microsoft/vscode-dotnettools/blob/main/docs/media/07-add.existing.project.gif?raw=true

msedge.exe

Remote address:

20.26.156.215:443

Request

GET /microsoft/vscode-dotnettools/blob/main/docs/media/07-add.existing.project.gif?raw=true HTTP/2.0
host: github.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://marketplace.visualstudio.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

server: GitHub.com
date: Thu, 16 Jan 2025 18:50:54 GMT
content-type: text/html; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
location: https://github.com/microsoft/vscode-dotnettools/raw/refs/heads/main/docs/media/07-add.existing.project.gif
cache-control: no-cache
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
set-cookie: _gh_sess=23c44RLDpz0f2mhCimsnr1pUldY%2BjgTo1aZDm2aGMiCVYUCKU%2FVEH8NzsuZHC%2Buj2ISL8MVghwWCt95t%2F2fIW2NJZ0%2FhTL3XQRs8PbSX2JoF9ipk7xiVjQfIjtnudSkeAHW7PLQpL%2BSlb27tXF44ONbgv0Pgotj0tURZDIDwOkoJk6ZNIL%2FM29T3Cwrep8tziAw6dJ9eEfXd6uiLJtn4wvJbGPKv4osdFkUIBtaSWRDemvxq9eF%2FfmYH%2F7g2joCgHHq5HZmPq8TLUgbYYDDa2w%3D%3D--slUofwl4S6LqMn1K--AU5OCO%2FSjmT9gAcCOxIZOw%3D%3D; Path=/; HttpOnly; Secure; SameSite=Lax
set-cookie: _octo=GH1.1.928920059.1737053454; Path=/; Domain=github.com; Expires=Fri, 16 Jan 2026 18:50:54 GMT; Secure; SameSite=Lax
set-cookie: logged_in=no; Path=/; Domain=github.com; Expires=Fri, 16 Jan 2026 18:50:54 GMT; HttpOnly; Secure; SameSite=Lax
content-length: 0
x-github-request-id: EFF5:09E4:217D5F:265A5F:6789550E
GET

https://github.com/microsoft/vscode-dotnettools/blob/main/docs/media/TestRunning.gif?raw=true

msedge.exe

Remote address:

20.26.156.215:443

Request

GET /microsoft/vscode-dotnettools/blob/main/docs/media/TestRunning.gif?raw=true HTTP/2.0
host: github.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://marketplace.visualstudio.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

server: GitHub.com
date: Thu, 16 Jan 2025 18:50:55 GMT
content-type: text/html; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
location: https://github.com/microsoft/vscode-dotnettools/raw/refs/heads/main/docs/media/TestRunning.gif
cache-control: no-cache
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
set-cookie: _gh_sess=0YFWLK2emOAlTEj37bVGyRxdnXMjWLE0PTmgtQFHZSgPuUQ6%2FgCEclkuP%2F1jm0SdpDBLpiyfN%2B2drl8EqHTDKYnRh1ddYz6YryTuaMDsrYzkfO8CDmJCsbEZsdIAvMNkuyWfiMNZoPFDY4%2F8uI0t8fOn4Lxe8r3RG9X6ep1EgKZb7P6%2FEfDYG0xDw9%2FBKvrz8%2FKjR5GMywjwT3twd65Ca07Xkw6bKlGF%2BvLIY12gpVQrDxtHY88tqfXKvOS9v3uUwMnPhu4IYcuihjg6IljzVA%3D%3D--7YiQd%2FGA%2B1lORaS7--DWo%2BjRViBRraUTVNhXWaMA%3D%3D; Path=/; HttpOnly; Secure; SameSite=Lax
set-cookie: _octo=GH1.1.1566430679.1737053454; Path=/; Domain=github.com; Expires=Fri, 16 Jan 2026 18:50:54 GMT; Secure; SameSite=Lax
set-cookie: logged_in=no; Path=/; Domain=github.com; Expires=Fri, 16 Jan 2026 18:50:54 GMT; HttpOnly; Secure; SameSite=Lax
content-length: 0
x-github-request-id: EFF5:09E4:217D60:265A60:6789550E
GET

https://github.com/microsoft/vscode-dotnettools/raw/refs/heads/main/docs/media/07-add.existing.project.gif

msedge.exe

Remote address:

20.26.156.215:443

Request

GET /microsoft/vscode-dotnettools/raw/refs/heads/main/docs/media/07-add.existing.project.gif HTTP/2.0
host: github.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://marketplace.visualstudio.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

server: GitHub.com
date: Thu, 16 Jan 2025 18:50:55 GMT
content-type: text/html; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
access-control-allow-origin:
location: https://raw.githubusercontent.com/microsoft/vscode-dotnettools/refs/heads/main/docs/media/07-add.existing.project.gif
cache-control: no-cache
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
content-length: 0
x-github-request-id: EFF5:09E4:217D89:265A8E:6789550E
GET

https://github.com/microsoft/vscode-dotnettools/raw/refs/heads/main/docs/media/TestRunning.gif

msedge.exe

Remote address:

20.26.156.215:443

Request

GET /microsoft/vscode-dotnettools/raw/refs/heads/main/docs/media/TestRunning.gif HTTP/2.0
host: github.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://marketplace.visualstudio.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

server: GitHub.com
date: Thu, 16 Jan 2025 18:50:55 GMT
content-type: text/html; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
access-control-allow-origin:
location: https://raw.githubusercontent.com/microsoft/vscode-dotnettools/refs/heads/main/docs/media/TestRunning.gif
cache-control: no-cache
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
content-length: 0
x-github-request-id: EFF5:09E4:217D91:265A92:6789550F
GET

https://cdn.vsassets.io/v/M248_20250109.5/App_Themes/Default/QnA/ReadMoreContent.css

msedge.exe

Remote address:

2.18.190.174:443

Request

GET /v/M248_20250109.5/App_Themes/Default/QnA/ReadMoreContent.css HTTP/1.1
Host: cdn.vsassets.io
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: text/css,*/*;q=0.1
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: style
Referer: https://marketplace.visualstudio.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Type: text/css
Last-Modified: Mon, 13 Jan 2025 22:00:31 GMT
ETag: 0x8DD341DB2A438AE
x-ms-request-id: df1b4557-301e-0063-150a-66cbf3000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: public, max-age=31289939
Date: Thu, 16 Jan 2025 18:50:55 GMT
Content-Length: 164
Connection: keep-alive
Timing-Allow-Origin: *
Akamai-GRN: 0.aeb51202.1737053455.292c8e9e
GET

https://cdn.vsassets.io/v/M248_20250109.5/App_Themes/Default/ItemDetails/QnAAndRnRContainer.css

msedge.exe

Remote address:

2.18.190.174:443

Request

GET /v/M248_20250109.5/App_Themes/Default/ItemDetails/QnAAndRnRContainer.css HTTP/1.1
Host: cdn.vsassets.io
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: text/css,*/*;q=0.1
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: style
Referer: https://marketplace.visualstudio.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Type: text/css
Content-MD5: 1B2M2Y8AsgTpgAmY7PhCfg==
Last-Modified: Mon, 13 Jan 2025 22:00:30 GMT
ETag: 0x8DD341DB2679F7A
x-ms-request-id: df55374e-a01e-0061-650a-66754b000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: public, max-age=31289997
Date: Thu, 16 Jan 2025 18:50:55 GMT
Content-Length: 20
Connection: keep-alive
Timing-Allow-Origin: *
Akamai-GRN: 0.aeb51202.1737053455.292c8ea4
GET

https://cdn.vsassets.io/v/M248_20250109.5/App_Themes/Default/ItemDetails/ItemDetails.css

msedge.exe

Remote address:

2.18.190.174:443

Request

GET /v/M248_20250109.5/App_Themes/Default/ItemDetails/ItemDetails.css HTTP/1.1
Host: cdn.vsassets.io
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: text/css,*/*;q=0.1
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: style
Referer: https://marketplace.visualstudio.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Type: text/css
Last-Modified: Mon, 13 Jan 2025 22:00:30 GMT
ETag: 0x8DD341DB262A8BA
x-ms-request-id: e3ebb090-f01e-0013-1f0a-66bd43000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: public, max-age=31289974
Date: Thu, 16 Jan 2025 18:50:55 GMT
Content-Length: 646
Connection: keep-alive
Timing-Allow-Origin: *
Akamai-GRN: 0.aeb51202.1737053455.292c9007
GET

https://cdn.vsassets.io/v/M248_20250109.5/App_Themes/Default/ItemDetails/VersionHistoryContainer.css

msedge.exe

Remote address:

2.18.190.174:443

Request

GET /v/M248_20250109.5/App_Themes/Default/ItemDetails/VersionHistoryContainer.css HTTP/1.1
Host: cdn.vsassets.io
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: text/css,*/*;q=0.1
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: style
Referer: https://marketplace.visualstudio.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Type: text/css
Last-Modified: Mon, 13 Jan 2025 22:00:30 GMT
ETag: 0x8DD341DB27007E1
x-ms-request-id: 2248ed22-c01e-005f-5a0a-667a5c000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: public, max-age=31290055
Date: Thu, 16 Jan 2025 18:50:55 GMT
Content-Length: 849
Connection: keep-alive
Timing-Allow-Origin: *
Akamai-GRN: 0.aeb51202.1737053455.292c91c2
GET

https://cdn.vsassets.io/v/M248_20250109.5/App_Themes/Default/Shared/OptInBar.css

msedge.exe

Remote address:

2.18.190.174:443

Request

GET /v/M248_20250109.5/App_Themes/Default/Shared/OptInBar.css HTTP/1.1
Host: cdn.vsassets.io
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: text/css,*/*;q=0.1
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: style
Referer: https://marketplace.visualstudio.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Type: text/css
Last-Modified: Mon, 13 Jan 2025 22:00:31 GMT
ETag: 0x8DD341DB2BC22FB
x-ms-request-id: eb08a6b5-501e-003c-6e0a-663c79000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: public, max-age=31290051
Date: Thu, 16 Jan 2025 18:50:55 GMT
Content-Length: 102
Connection: keep-alive
Timing-Allow-Origin: *
Akamai-GRN: 0.aeb51202.1737053455.292c9314
GET

https://cdn.vsassets.io/v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/List.js

msedge.exe

Remote address:

2.18.190.174:443

Request

GET /v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/List.js HTTP/1.1
Host: cdn.vsassets.io
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: script
Referer: https://marketplace.visualstudio.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Type: application/x-javascript
Last-Modified: Fri, 10 Jan 2025 07:23:27 GMT
ETag: 0x8DD3147AD79B56C
x-ms-request-id: c081b113-401e-0001-6d0a-66895f000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: public, max-age=31289954
Date: Thu, 16 Jan 2025 18:50:55 GMT
Content-Length: 174
Connection: keep-alive
Timing-Allow-Origin: *
Akamai-GRN: 0.aeb51202.1737053455.292c9477
GET

https://cdn.vsassets.io/v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/components/Slider/index.js

msedge.exe

Remote address:

2.18.190.174:443

Request

GET /v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/components/Slider/index.js HTTP/1.1
Host: cdn.vsassets.io
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: script
Referer: https://marketplace.visualstudio.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Type: application/x-javascript
Last-Modified: Fri, 10 Jan 2025 07:23:30 GMT
ETag: 0x8DD3147AEC7DAED
x-ms-request-id: cfa49dcd-101e-0030-420a-66d288000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: public, max-age=31290005
Date: Thu, 16 Jan 2025 18:50:55 GMT
Content-Length: 188
Connection: keep-alive
Timing-Allow-Origin: *
Akamai-GRN: 0.aeb51202.1737053455.292c95ae
GET

https://cdn.vsassets.io/v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/components/DatePicker/index.js

msedge.exe

Remote address:

2.18.190.174:443

Request

GET /v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/components/DatePicker/index.js HTTP/1.1
Host: cdn.vsassets.io
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: script
Referer: https://marketplace.visualstudio.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Type: application/x-javascript
Last-Modified: Fri, 10 Jan 2025 07:23:28 GMT
ETag: 0x8DD3147ADF5FEB3
x-ms-request-id: f974aca4-f01e-0045-5f0a-663103000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: public, max-age=31289974
Date: Thu, 16 Jan 2025 18:50:55 GMT
Content-Length: 204
Connection: keep-alive
Timing-Allow-Origin: *
Akamai-GRN: 0.aeb51202.1737053455.292c9842
GET

https://cdn.vsassets.io/v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/components/DetailsList/DetailsRow.js

msedge.exe

Remote address:

2.18.190.174:443

Request

GET /v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/components/DetailsList/DetailsRow.js HTTP/1.1
Host: cdn.vsassets.io
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: script
Referer: https://marketplace.visualstudio.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Type: application/x-javascript
Last-Modified: Fri, 10 Jan 2025 07:23:28 GMT
ETag: 0x8DD3147ADF63226
x-ms-request-id: f8a8ea8d-b01e-0060-430a-66a9b0000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: public, max-age=31290074
Date: Thu, 16 Jan 2025 18:50:55 GMT
Content-Length: 2395
Connection: keep-alive
Timing-Allow-Origin: *
Akamai-GRN: 0.aeb51202.1737053455.292c9979
GET

https://cdn.vsassets.io/v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/components/CommandBar/CommandBar.js

msedge.exe

Remote address:

2.18.190.174:443

Request

GET /v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/components/CommandBar/CommandBar.js HTTP/1.1
Host: cdn.vsassets.io
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: script
Referer: https://marketplace.visualstudio.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Type: application/x-javascript
Last-Modified: Fri, 10 Jan 2025 07:23:28 GMT
ETag: 0x8DD3147ADEF414D
x-ms-request-id: e6aac111-801e-0041-600a-66c481000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: public, max-age=31289978
Date: Thu, 16 Jan 2025 18:50:55 GMT
Content-Length: 3049
Connection: keep-alive
Timing-Allow-Origin: *
Akamai-GRN: 0.aeb51202.1737053455.292c9a54
GET

https://cdn.vsassets.io/v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/components/List/List.js

msedge.exe

Remote address:

2.18.190.174:443

Request

GET /v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/components/List/List.js HTTP/1.1
Host: cdn.vsassets.io
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: script
Referer: https://marketplace.visualstudio.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Type: application/x-javascript
Last-Modified: Fri, 10 Jan 2025 07:23:29 GMT
ETag: 0x8DD3147AE6CBACD
x-ms-request-id: 1e9f73e5-c01e-0039-070a-66c806000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: public, max-age=31290027
Date: Thu, 16 Jan 2025 18:50:55 GMT
Content-Length: 3786
Connection: keep-alive
Timing-Allow-Origin: *
Akamai-GRN: 0.aeb51202.1737053455.292c9c1d
GET

https://cdn.vsassets.io/v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/GroupedList.js

msedge.exe

Remote address:

2.18.190.174:443

Request

GET /v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/GroupedList.js HTTP/1.1
Host: cdn.vsassets.io
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: script
Referer: https://marketplace.visualstudio.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Type: application/x-javascript
Last-Modified: Fri, 10 Jan 2025 07:23:27 GMT
ETag: 0x8DD3147AD77A484
x-ms-request-id: ce713c46-901e-0008-2b0a-664c07000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: public, max-age=31290024
Date: Thu, 16 Jan 2025 18:50:55 GMT
Content-Length: 181
Connection: keep-alive
Timing-Allow-Origin: *
Akamai-GRN: 0.aeb51202.1737053455.292c9db1
GET

https://cdn.vsassets.io/v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/utilities/groupedList/GroupedListUtility.js

msedge.exe

Remote address:

2.18.190.174:443

Request

GET /v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/utilities/groupedList/GroupedListUtility.js HTTP/1.1
Host: cdn.vsassets.io
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: script
Referer: https://marketplace.visualstudio.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Type: application/x-javascript
Last-Modified: Fri, 10 Jan 2025 07:23:30 GMT
ETag: 0x8DD3147AF073825
x-ms-request-id: 769a035f-801e-0058-0812-668cd9000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: public, max-age=31293235
Date: Thu, 16 Jan 2025 18:50:55 GMT
Content-Length: 253
Connection: keep-alive
Timing-Allow-Origin: *
Akamai-GRN: 0.aeb51202.1737053455.292c9f87
GET

https://cdn.vsassets.io/v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/components/CommandBar/CommandBar.scss.js

msedge.exe

Remote address:

2.18.190.174:443

Request

GET /v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/components/CommandBar/CommandBar.scss.js HTTP/1.1
Host: cdn.vsassets.io
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: script
Referer: https://marketplace.visualstudio.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Type: application/x-javascript
Last-Modified: Fri, 10 Jan 2025 07:23:28 GMT
ETag: 0x8DD3147ADEFC940
x-ms-request-id: 3cf6db31-201e-0011-2d0a-66bfb9000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: public, max-age=31290027
Date: Thu, 16 Jan 2025 18:50:55 GMT
Content-Length: 1926
Connection: keep-alive
Timing-Allow-Origin: *
Akamai-GRN: 0.aeb51202.1737053455.292ca10f
GET

https://cdn.vsassets.io/v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/Calendar.js

msedge.exe

Remote address:

2.18.190.174:443

Request

GET /v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/Calendar.js HTTP/1.1
Host: cdn.vsassets.io
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: script
Referer: https://marketplace.visualstudio.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Type: application/x-javascript
Last-Modified: Fri, 10 Jan 2025 07:23:27 GMT
ETag: 0x8DD3147AD64740F
x-ms-request-id: 04620ffb-e01e-002e-800a-660865000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: public, max-age=31290008
Date: Thu, 16 Jan 2025 18:50:55 GMT
Content-Length: 179
Connection: keep-alive
Timing-Allow-Origin: *
Akamai-GRN: 0.aeb51202.1737053455.292ca255
GET

https://cdn.vsassets.io/v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/components/GroupedList/index.js

msedge.exe

Remote address:

2.18.190.174:443

Request

GET /v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/components/GroupedList/index.js HTTP/1.1
Host: cdn.vsassets.io
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: script
Referer: https://marketplace.visualstudio.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Type: application/x-javascript
Last-Modified: Fri, 10 Jan 2025 07:23:29 GMT
ETag: 0x8DD3147AE456D53
x-ms-request-id: da15702a-a01e-0003-4b0b-66b76c000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: public, max-age=31290290
Date: Thu, 16 Jan 2025 18:50:55 GMT
Content-Length: 192
Connection: keep-alive
Timing-Allow-Origin: *
Akamai-GRN: 0.aeb51202.1737053455.292ca398
GET

https://cdn.vsassets.io/v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/components/GroupedList/GroupedList.js

msedge.exe

Remote address:

2.18.190.174:443

Request

GET /v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/components/GroupedList/GroupedList.js HTTP/1.1
Host: cdn.vsassets.io
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: script
Referer: https://marketplace.visualstudio.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Type: application/x-javascript
Last-Modified: Fri, 10 Jan 2025 07:23:29 GMT
ETag: 0x8DD3147AE32F00D
x-ms-request-id: 7260b53a-001e-006b-320b-66d5f4000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: public, max-age=31290333
Date: Thu, 16 Jan 2025 18:50:55 GMT
Content-Length: 1634
Connection: keep-alive
Timing-Allow-Origin: *
Akamai-GRN: 0.aeb51202.1737053455.292ca4f5
GET

https://cdn.vsassets.io/v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/components/GroupedList/GroupedListSection.js

msedge.exe

Remote address:

2.18.190.174:443

Request

GET /v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/components/GroupedList/GroupedListSection.js HTTP/1.1
Host: cdn.vsassets.io
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: script
Referer: https://marketplace.visualstudio.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Type: application/x-javascript
Last-Modified: Fri, 10 Jan 2025 07:23:29 GMT
ETag: 0x8DD3147AE31E346
x-ms-request-id: 8554ad65-501e-0043-360b-66c67b000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: public, max-age=31290330
Date: Thu, 16 Jan 2025 18:50:56 GMT
Content-Length: 1900
Connection: keep-alive
Timing-Allow-Origin: *
Akamai-GRN: 0.aeb51202.1737053456.292ca615
GET

https://cdn.vsassets.io/v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/components/Calendar/Calendar.scss.js

msedge.exe

Remote address:

2.18.190.174:443

Request

GET /v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/components/Calendar/Calendar.scss.js HTTP/1.1
Host: cdn.vsassets.io
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: script
Referer: https://marketplace.visualstudio.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Type: application/x-javascript
Last-Modified: Fri, 10 Jan 2025 07:23:28 GMT
ETag: 0x8DD3147ADC83729
x-ms-request-id: 22b1e0a7-b01e-006b-420b-66b1c4000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: public, max-age=31290324
Date: Thu, 16 Jan 2025 18:50:56 GMT
Content-Length: 3525
Connection: keep-alive
Timing-Allow-Origin: *
Akamai-GRN: 0.aeb51202.1737053456.292ca78f
GET

https://cdn.vsassets.io/v/M248_20250109.5/App_Themes/Default/QnA/QnAContainer.css

msedge.exe

Remote address:

2.18.190.174:443

Request

GET /v/M248_20250109.5/App_Themes/Default/QnA/QnAContainer.css HTTP/1.1
Host: cdn.vsassets.io
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: text/css,*/*;q=0.1
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: style
Referer: https://marketplace.visualstudio.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Type: text/css
Last-Modified: Mon, 13 Jan 2025 22:00:31 GMT
ETag: 0x8DD341DB2A0E3ED
x-ms-request-id: 99239e62-e01e-0007-010a-667e27000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: public, max-age=31289959
Date: Thu, 16 Jan 2025 18:50:55 GMT
Content-Length: 525
Connection: keep-alive
Timing-Allow-Origin: *
Akamai-GRN: 0.aeb51202.1737053455.292c8ed5
GET

https://cdn.vsassets.io/v/M248_20250109.5/App_Themes/Default/Gallery/vss-ui.css

msedge.exe

Remote address:

2.18.190.174:443

Request

GET /v/M248_20250109.5/App_Themes/Default/Gallery/vss-ui.css HTTP/1.1
Host: cdn.vsassets.io
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: text/css,*/*;q=0.1
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: style
Referer: https://marketplace.visualstudio.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Type: text/css
Last-Modified: Mon, 13 Jan 2025 22:00:30 GMT
ETag: 0x8DD341DB269A472
x-ms-request-id: eb6e1a26-201e-007c-7d0a-661597000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: public, max-age=31289961
Date: Thu, 16 Jan 2025 18:50:55 GMT
Content-Length: 7161
Connection: keep-alive
Timing-Allow-Origin: *
Akamai-GRN: 0.aeb51202.1737053455.292c8ed9
GET

https://cdn.vsassets.io/v/M248_20250109.5/App_Themes/Default/RnR/ReviewReply.css

msedge.exe

Remote address:

2.18.190.174:443

Request

GET /v/M248_20250109.5/App_Themes/Default/RnR/ReviewReply.css HTTP/1.1
Host: cdn.vsassets.io
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: text/css,*/*;q=0.1
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: style
Referer: https://marketplace.visualstudio.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Type: text/css
Last-Modified: Mon, 13 Jan 2025 22:00:31 GMT
ETag: 0x8DD341DB2A57C1D
x-ms-request-id: b1b32942-d01e-0069-2f0a-66d70e000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: public, max-age=31290113
Date: Thu, 16 Jan 2025 18:50:55 GMT
Content-Length: 345
Connection: keep-alive
Timing-Allow-Origin: *
Akamai-GRN: 0.aeb51202.1737053455.292c9061
GET

https://cdn.vsassets.io/v/M248_20250109.5/App_Themes/Default/ItemDetails/ItemDetailsTabContainer.css

msedge.exe

Remote address:

2.18.190.174:443

Request

GET /v/M248_20250109.5/App_Themes/Default/ItemDetails/ItemDetailsTabContainer.css HTTP/1.1
Host: cdn.vsassets.io
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: text/css,*/*;q=0.1
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: style
Referer: https://marketplace.visualstudio.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Type: text/css
Last-Modified: Mon, 13 Jan 2025 22:00:30 GMT
ETag: 0x8DD341DB26729A7
x-ms-request-id: 71aa0183-901e-0008-1e12-664c07000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: public, max-age=31293251
Date: Thu, 16 Jan 2025 18:50:55 GMT
Content-Length: 248
Connection: keep-alive
Timing-Allow-Origin: *
Akamai-GRN: 0.aeb51202.1737053455.292c91e4
GET

https://cdn.vsassets.io/v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/DetailsList.js

msedge.exe

Remote address:

2.18.190.174:443

Request

GET /v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/DetailsList.js HTTP/1.1
Host: cdn.vsassets.io
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: script
Referer: https://marketplace.visualstudio.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Type: application/x-javascript
Last-Modified: Fri, 10 Jan 2025 07:23:27 GMT
ETag: 0x8DD3147AD765B81
x-ms-request-id: 78174e2c-c01e-0009-5d0a-66f61c000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: public, max-age=31289961
Date: Thu, 16 Jan 2025 18:50:55 GMT
Content-Length: 182
Connection: keep-alive
Timing-Allow-Origin: *
Akamai-GRN: 0.aeb51202.1737053455.292c931f
GET

https://cdn.vsassets.io/v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/Breadcrumb.js

msedge.exe

Remote address:

2.18.190.174:443

Request

GET /v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/Breadcrumb.js HTTP/1.1
Host: cdn.vsassets.io
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: script
Referer: https://marketplace.visualstudio.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Type: application/x-javascript
Last-Modified: Fri, 10 Jan 2025 07:23:27 GMT
ETag: 0x8DD3147AD612340
x-ms-request-id: 63e34f9a-e01e-0002-230a-66e8b0000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: public, max-age=31290010
Date: Thu, 16 Jan 2025 18:50:55 GMT
Content-Length: 181
Connection: keep-alive
Timing-Allow-Origin: *
Akamai-GRN: 0.aeb51202.1737053455.292c9483
GET

https://cdn.vsassets.io/v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/components/Toggle/index.js

msedge.exe

Remote address:

2.18.190.174:443

Request

GET /v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/components/Toggle/index.js HTTP/1.1
Host: cdn.vsassets.io
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: script
Referer: https://marketplace.visualstudio.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Type: application/x-javascript
Last-Modified: Fri, 10 Jan 2025 07:23:30 GMT
ETag: 0x8DD3147AEEABB5C
x-ms-request-id: 0988153b-501e-0007-4e0a-661a17000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: public, max-age=31290048
Date: Thu, 16 Jan 2025 18:50:55 GMT
Content-Length: 177
Connection: keep-alive
Timing-Allow-Origin: *
Akamai-GRN: 0.aeb51202.1737053455.292c9595
GET

https://cdn.vsassets.io/v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/components/List/index.js

msedge.exe

Remote address:

2.18.190.174:443

Request

GET /v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/components/List/index.js HTTP/1.1
Host: cdn.vsassets.io
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: script
Referer: https://marketplace.visualstudio.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Type: application/x-javascript
Last-Modified: Fri, 10 Jan 2025 07:23:29 GMT
ETag: 0x8DD3147AE6D2919
x-ms-request-id: 137fd9e7-001e-005b-710a-66ebee000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: public, max-age=31289970
Date: Thu, 16 Jan 2025 18:50:55 GMT
Content-Length: 187
Connection: keep-alive
Timing-Allow-Origin: *
Akamai-GRN: 0.aeb51202.1737053455.292c9837
GET

https://cdn.vsassets.io/v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/components/DetailsList/DetailsList.js

msedge.exe

Remote address:

2.18.190.174:443

Request

GET /v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/components/DetailsList/DetailsList.js HTTP/1.1
Host: cdn.vsassets.io
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: script
Referer: https://marketplace.visualstudio.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Type: application/x-javascript
Last-Modified: Fri, 10 Jan 2025 07:23:28 GMT
ETag: 0x8DD3147ADF58181
x-ms-request-id: 404002a4-c01e-0046-6e0a-663204000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: public, max-age=31290059
Date: Thu, 16 Jan 2025 18:50:55 GMT
Content-Length: 4664
Connection: keep-alive
Timing-Allow-Origin: *
Akamai-GRN: 0.aeb51202.1737053455.292c996b
GET

https://cdn.vsassets.io/v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/components/Slider/Slider.base.js

msedge.exe

Remote address:

2.18.190.174:443

Request

GET /v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/components/Slider/Slider.base.js HTTP/1.1
Host: cdn.vsassets.io
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: script
Referer: https://marketplace.visualstudio.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Type: application/x-javascript
Last-Modified: Fri, 10 Jan 2025 07:23:30 GMT
ETag: 0x8DD3147AEC984DA
x-ms-request-id: f1997bde-b01e-0042-160a-66c786000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: public, max-age=31289997
Date: Thu, 16 Jan 2025 18:50:55 GMT
Content-Length: 1873
Connection: keep-alive
Timing-Allow-Origin: *
Akamai-GRN: 0.aeb51202.1737053455.292c9a52
GET

https://cdn.vsassets.io/v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/components/Nav/Nav.base.js

msedge.exe

Remote address:

2.18.190.174:443

Request

GET /v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/components/Nav/Nav.base.js HTTP/1.1
Host: cdn.vsassets.io
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: script
Referer: https://marketplace.visualstudio.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Type: application/x-javascript
Last-Modified: Fri, 10 Jan 2025 07:23:29 GMT
ETag: 0x8DD3147AE7F129D
x-ms-request-id: 0dc12b8c-401e-000b-390a-66ad63000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: public, max-age=31290034
Date: Thu, 16 Jan 2025 18:50:55 GMT
Content-Length: 2031
Connection: keep-alive
Timing-Allow-Origin: *
Akamai-GRN: 0.aeb51202.1737053455.292c9bed
GET

https://cdn.vsassets.io/v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/components/DetailsList/DetailsRowFields.js

msedge.exe

Remote address:

2.18.190.174:443

Request

GET /v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/components/DetailsList/DetailsRowFields.js HTTP/1.1
Host: cdn.vsassets.io
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: script
Referer: https://marketplace.visualstudio.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Type: application/x-javascript
Last-Modified: Fri, 10 Jan 2025 07:23:28 GMT
ETag: 0x8DD3147AE04A997
x-ms-request-id: 591cc439-d01e-0036-760a-66db78000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: public, max-age=31290003
Date: Thu, 16 Jan 2025 18:50:55 GMT
Content-Length: 787
Connection: keep-alive
Timing-Allow-Origin: *
Akamai-GRN: 0.aeb51202.1737053455.292c9da5
GET

https://cdn.vsassets.io/v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/utilities/dragdrop/DragDropHelper.js

msedge.exe

Remote address:

2.18.190.174:443

Request

GET /v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/utilities/dragdrop/DragDropHelper.js HTTP/1.1
Host: cdn.vsassets.io
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: script
Referer: https://marketplace.visualstudio.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Type: application/x-javascript
Last-Modified: Fri, 10 Jan 2025 07:23:30 GMT
ETag: 0x8DD3147AF05A5AB
x-ms-request-id: 0ee86acc-601e-0052-2a0a-669550000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: public, max-age=31290056
Date: Thu, 16 Jan 2025 18:50:55 GMT
Content-Length: 1659
Connection: keep-alive
Timing-Allow-Origin: *
Akamai-GRN: 0.aeb51202.1737053455.292c9f66
GET

https://cdn.vsassets.io/v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/components/Slider/Slider.styles.js

msedge.exe

Remote address:

2.18.190.174:443

Request

GET /v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/components/Slider/Slider.styles.js HTTP/1.1
Host: cdn.vsassets.io
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: script
Referer: https://marketplace.visualstudio.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Type: application/x-javascript
Last-Modified: Fri, 10 Jan 2025 07:23:30 GMT
ETag: 0x8DD3147AECA4ED3
x-ms-request-id: b707a286-901e-0008-030a-6693d1000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: public, max-age=31289960
Date: Thu, 16 Jan 2025 18:50:55 GMT
Content-Length: 370
Connection: keep-alive
Timing-Allow-Origin: *
Akamai-GRN: 0.aeb51202.1737053455.292ca101
GET

https://cdn.vsassets.io/v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/ResizeGroup.js

msedge.exe

Remote address:

2.18.190.174:443

Request

GET /v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/ResizeGroup.js HTTP/1.1
Host: cdn.vsassets.io
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: script
Referer: https://marketplace.visualstudio.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Type: application/x-javascript
Last-Modified: Fri, 10 Jan 2025 07:23:28 GMT
ETag: 0x8DD3147AD9214C6
x-ms-request-id: f6df7e08-501e-0065-570a-66f84c000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: public, max-age=31290014
Date: Thu, 16 Jan 2025 18:50:55 GMT
Content-Length: 181
Connection: keep-alive
Timing-Allow-Origin: *
Akamai-GRN: 0.aeb51202.1737053455.292ca240
GET

https://cdn.vsassets.io/v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/FocusTrapZone.js

msedge.exe

Remote address:

2.18.190.174:443

Request

GET /v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/FocusTrapZone.js HTTP/1.1
Host: cdn.vsassets.io
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: script
Referer: https://marketplace.visualstudio.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Type: application/x-javascript
Last-Modified: Fri, 10 Jan 2025 07:23:27 GMT
ETag: 0x8DD3147AD76CC72
x-ms-request-id: 12ade66e-101e-0074-290b-6662f8000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: public, max-age=31290325
Date: Thu, 16 Jan 2025 18:50:55 GMT
Content-Length: 181
Connection: keep-alive
Timing-Allow-Origin: *
Akamai-GRN: 0.aeb51202.1737053455.292ca36b
GET

https://cdn.vsassets.io/v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/components/ResizeGroup/index.js

msedge.exe

Remote address:

2.18.190.174:443

Request

GET /v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/components/ResizeGroup/index.js HTTP/1.1
Host: cdn.vsassets.io
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: script
Referer: https://marketplace.visualstudio.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Type: application/x-javascript
Last-Modified: Fri, 10 Jan 2025 07:23:29 GMT
ETag: 0x8DD3147AEAD2B0A
x-ms-request-id: 00818b3f-f01e-0023-710b-668359000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: public, max-age=31290258
Date: Thu, 16 Jan 2025 18:50:55 GMT
Content-Length: 192
Connection: keep-alive
Timing-Allow-Origin: *
Akamai-GRN: 0.aeb51202.1737053455.292ca4c4
GET

https://cdn.vsassets.io/v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/components/ResizeGroup/ResizeGroup.js

msedge.exe

Remote address:

2.18.190.174:443

Request

GET /v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/components/ResizeGroup/ResizeGroup.js HTTP/1.1
Host: cdn.vsassets.io
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: script
Referer: https://marketplace.visualstudio.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Type: application/x-javascript
Last-Modified: Fri, 10 Jan 2025 07:23:30 GMT
ETag: 0x8DD3147AEBB6947
x-ms-request-id: eb89aa2a-201e-007c-0812-661597000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: public, max-age=31293149
Date: Thu, 16 Jan 2025 18:50:55 GMT
Content-Length: 212
Connection: keep-alive
Timing-Allow-Origin: *
Akamai-GRN: 0.aeb51202.1737053455.292ca5cb
GET

https://cdn.vsassets.io/v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/components/ResizeGroup/ResizeGroup.styles.js

msedge.exe

Remote address:

2.18.190.174:443

Request

GET /v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/components/ResizeGroup/ResizeGroup.styles.js HTTP/1.1
Host: cdn.vsassets.io
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: script
Referer: https://marketplace.visualstudio.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Type: application/x-javascript
Last-Modified: Fri, 10 Jan 2025 07:23:30 GMT
ETag: 0x8DD3147AEBC9F6B
x-ms-request-id: a1d6054b-101e-005d-690b-6678a6000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: public, max-age=31290267
Date: Thu, 16 Jan 2025 18:50:56 GMT
Content-Length: 276
Connection: keep-alive
Timing-Allow-Origin: *
Akamai-GRN: 0.aeb51202.1737053456.292ca708
GET

https://cdn.vsassets.io/v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/components/GroupedList/GroupFooter.js

msedge.exe

Remote address:

2.18.190.174:443

Request

GET /v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/components/GroupedList/GroupFooter.js HTTP/1.1
Host: cdn.vsassets.io
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: script
Referer: https://marketplace.visualstudio.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Type: application/x-javascript
Last-Modified: Fri, 10 Jan 2025 07:23:29 GMT
ETag: 0x8DD3147AE30EE8F
x-ms-request-id: 776408f0-701e-0002-360b-668a58000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: public, max-age=31290333
Date: Thu, 16 Jan 2025 18:50:56 GMT
Content-Length: 392
Connection: keep-alive
Timing-Allow-Origin: *
Akamai-GRN: 0.aeb51202.1737053456.292ca905
GET

https://cdn.vsassets.io/v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/components/GroupedList/GroupFooter.scss.js

msedge.exe

Remote address:

2.18.190.174:443

Request

GET /v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/components/GroupedList/GroupFooter.scss.js HTTP/1.1
Host: cdn.vsassets.io
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: script
Referer: https://marketplace.visualstudio.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Type: application/x-javascript
Last-Modified: Fri, 10 Jan 2025 07:23:29 GMT
ETag: 0x8DD3147AE318242
x-ms-request-id: b94c5ac3-001e-0047-250b-663d53000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: public, max-age=31290358
Date: Thu, 16 Jan 2025 18:50:56 GMT
Content-Length: 277
Connection: keep-alive
Timing-Allow-Origin: *
Akamai-GRN: 0.aeb51202.1737053456.292caa66
GET

https://cdn.vsassets.io/v/M248_20250109.5/_content/icon-social-twitter.svg

msedge.exe

Remote address:

2.18.190.174:443

Request

GET /v/M248_20250109.5/_content/icon-social-twitter.svg HTTP/1.1
Host: cdn.vsassets.io
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://marketplace.visualstudio.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Type: image/svg+xml
Last-Modified: Mon, 13 Jan 2025 22:00:32 GMT
ETag: 0x8DD341DB385E915
x-ms-request-id: e5ad43f9-801e-0017-0f0b-6648c1000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: public, max-age=31290306
Date: Thu, 16 Jan 2025 18:50:56 GMT
Content-Length: 528
Connection: keep-alive
Timing-Allow-Origin: *
Akamai-GRN: 0.aeb51202.1737053456.292cac14
GET

https://cdn.vsassets.io/v/M248_20250109.5/App_Themes/Default/ItemDetails/ItemDetailsMarkdown.css

msedge.exe

Remote address:

2.18.190.174:443

Request

GET /v/M248_20250109.5/App_Themes/Default/ItemDetails/ItemDetailsMarkdown.css HTTP/1.1
Host: cdn.vsassets.io
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: text/css,*/*;q=0.1
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: style
Referer: https://marketplace.visualstudio.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Type: text/css
Last-Modified: Mon, 13 Jan 2025 22:00:30 GMT
ETag: 0x8DD341DB263971A
x-ms-request-id: aab5c808-601e-0023-3c0a-66cccb000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: public, max-age=31289970
Date: Thu, 16 Jan 2025 18:50:55 GMT
Content-Length: 176
Connection: keep-alive
Timing-Allow-Origin: *
Akamai-GRN: 0.aeb51202.1737053455.292c9023
GET

https://cdn.vsassets.io/v/M248_20250109.5/App_Themes/Default/Acquisition/Steps/BuyCustomizationEditControl.css

msedge.exe

Remote address:

2.18.190.174:443

Request

GET /v/M248_20250109.5/App_Themes/Default/Acquisition/Steps/BuyCustomizationEditControl.css HTTP/1.1
Host: cdn.vsassets.io
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: text/css,*/*;q=0.1
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: style
Referer: https://marketplace.visualstudio.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Type: text/css
Last-Modified: Mon, 13 Jan 2025 22:00:30 GMT
ETag: 0x8DD341DB2539C8B
x-ms-request-id: bf0d7bd4-c01e-006f-3f0a-664446000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: public, max-age=31290003
Date: Thu, 16 Jan 2025 18:50:55 GMT
Content-Length: 375
Connection: keep-alive
Timing-Allow-Origin: *
Akamai-GRN: 0.aeb51202.1737053455.292c9044
GET

https://cdn.vsassets.io/v/M248_20250109.5/App_Themes/Default/RnR/RnRContainer.css

msedge.exe

Remote address:

2.18.190.174:443

Request

GET /v/M248_20250109.5/App_Themes/Default/RnR/RnRContainer.css HTTP/1.1
Host: cdn.vsassets.io
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: text/css,*/*;q=0.1
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: style
Referer: https://marketplace.visualstudio.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Type: text/css
Last-Modified: Mon, 13 Jan 2025 22:00:31 GMT
ETag: 0x8DD341DB2A3A571
x-ms-request-id: 69101662-b01e-003d-720a-663d84000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: public, max-age=31289967
Date: Thu, 16 Jan 2025 18:50:55 GMT
Content-Length: 540
Connection: keep-alive
Timing-Allow-Origin: *
Akamai-GRN: 0.aeb51202.1737053455.292c91c6
GET

https://cdn.vsassets.io/v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/Selection.js

msedge.exe

Remote address:

2.18.190.174:443

Request

GET /v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/Selection.js HTTP/1.1
Host: cdn.vsassets.io
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: script
Referer: https://marketplace.visualstudio.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Type: application/x-javascript
Last-Modified: Fri, 10 Jan 2025 07:23:28 GMT
ETag: 0x8DD3147AD95AA92
x-ms-request-id: f0e709f5-901e-0011-3d0a-66db89000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: public, max-age=31289978
Date: Thu, 16 Jan 2025 18:50:55 GMT
Content-Length: 176
Connection: keep-alive
Timing-Allow-Origin: *
Akamai-GRN: 0.aeb51202.1737053455.292c9316
GET

https://cdn.vsassets.io/v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/ChoiceGroup.js

msedge.exe

Remote address:

2.18.190.174:443

Request

GET /v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/ChoiceGroup.js HTTP/1.1
Host: cdn.vsassets.io
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: script
Referer: https://marketplace.visualstudio.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Type: application/x-javascript
Last-Modified: Fri, 10 Jan 2025 07:23:27 GMT
ETag: 0x8DD3147AD6DF26A
x-ms-request-id: ca85f00e-601e-0026-550a-667726000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: public, max-age=31289953
Date: Thu, 16 Jan 2025 18:50:55 GMT
Content-Length: 180
Connection: keep-alive
Timing-Allow-Origin: *
Akamai-GRN: 0.aeb51202.1737053455.292c9476
GET

https://cdn.vsassets.io/v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/components/DetailsList/index.js

msedge.exe

Remote address:

2.18.190.174:443

Request

GET /v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/components/DetailsList/index.js HTTP/1.1
Host: cdn.vsassets.io
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: script
Referer: https://marketplace.visualstudio.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Type: application/x-javascript
Last-Modified: Fri, 10 Jan 2025 07:23:28 GMT
ETag: 0x8DD3147ADF0DAD2
x-ms-request-id: cc08558b-f01e-0067-430a-665f35000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: public, max-age=31290007
Date: Thu, 16 Jan 2025 18:50:55 GMT
Content-Length: 251
Connection: keep-alive
Timing-Allow-Origin: *
Akamai-GRN: 0.aeb51202.1737053455.292c958b
GET

https://cdn.vsassets.io/v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/components/Nav/index.js

msedge.exe

Remote address:

2.18.190.174:443

Request

GET /v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/components/Nav/index.js HTTP/1.1
Host: cdn.vsassets.io
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: script
Referer: https://marketplace.visualstudio.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Type: application/x-javascript
Last-Modified: Fri, 10 Jan 2025 07:23:29 GMT
ETag: 0x8DD3147AE794449
x-ms-request-id: b5e9fe63-001e-0006-150a-667fda000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: public, max-age=31289962
Date: Thu, 16 Jan 2025 18:50:55 GMT
Content-Length: 186
Connection: keep-alive
Timing-Allow-Origin: *
Akamai-GRN: 0.aeb51202.1737053455.292c9811
GET

https://cdn.vsassets.io/v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/components/GroupedList/GroupedList.types.js

msedge.exe

Remote address:

2.18.190.174:443

Request

GET /v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/components/GroupedList/GroupedList.types.js HTTP/1.1
Host: cdn.vsassets.io
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: script
Referer: https://marketplace.visualstudio.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Type: application/x-javascript
Last-Modified: Fri, 10 Jan 2025 07:23:29 GMT
ETag: 0x8DD3147AE31CAAC
x-ms-request-id: 3bb99ec1-b01e-001f-730a-6653b2000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: public, max-age=31290001
Date: Thu, 16 Jan 2025 18:50:55 GMT
Content-Length: 229
Connection: keep-alive
Timing-Allow-Origin: *
Akamai-GRN: 0.aeb51202.1737053455.292c9913
GET

https://cdn.vsassets.io/v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/components/Slider/Slider.js

msedge.exe

Remote address:

2.18.190.174:443

Request

GET /v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/components/Slider/Slider.js HTTP/1.1
Host: cdn.vsassets.io
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: script
Referer: https://marketplace.visualstudio.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Type: application/x-javascript
Last-Modified: Fri, 10 Jan 2025 07:23:30 GMT
ETag: 0x8DD3147AEC8CF27
x-ms-request-id: cf84ac00-b01e-0020-740a-662daf000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: public, max-age=31290057
Date: Thu, 16 Jan 2025 18:50:55 GMT
Content-Length: 202
Connection: keep-alive
Timing-Allow-Origin: *
Akamai-GRN: 0.aeb51202.1737053455.292c9a2d
GET

https://cdn.vsassets.io/v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/components/Nav/Nav.js

msedge.exe

Remote address:

2.18.190.174:443

Request

GET /v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/components/Nav/Nav.js HTTP/1.1
Host: cdn.vsassets.io
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: script
Referer: https://marketplace.visualstudio.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Type: application/x-javascript
Last-Modified: Fri, 10 Jan 2025 07:23:29 GMT
ETag: 0x8DD3147AE81AF23
x-ms-request-id: e9064700-301e-0073-530a-660e9b000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: public, max-age=31290083
Date: Thu, 16 Jan 2025 18:50:55 GMT
Content-Length: 201
Connection: keep-alive
Timing-Allow-Origin: *
Akamai-GRN: 0.aeb51202.1737053455.292c9bad
GET

https://cdn.vsassets.io/v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/components/GroupedList/GroupSpacer.js

msedge.exe

Remote address:

2.18.190.174:443

Request

GET /v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/components/GroupedList/GroupSpacer.js HTTP/1.1
Host: cdn.vsassets.io
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: script
Referer: https://marketplace.visualstudio.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Type: application/x-javascript
Last-Modified: Fri, 10 Jan 2025 07:23:29 GMT
ETag: 0x8DD3147AE3C274D
x-ms-request-id: bea0a6e8-701e-004d-610a-6699e4000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: public, max-age=31290027
Date: Thu, 16 Jan 2025 18:50:55 GMT
Content-Length: 279
Connection: keep-alive
Timing-Allow-Origin: *
Akamai-GRN: 0.aeb51202.1737053455.292c9d82
GET

https://cdn.vsassets.io/v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/components/DetailsList/DetailsHeader.js

msedge.exe

Remote address:

2.18.190.174:443

Request

GET /v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/components/DetailsList/DetailsHeader.js HTTP/1.1
Host: cdn.vsassets.io
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: script
Referer: https://marketplace.visualstudio.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Type: application/x-javascript
Last-Modified: Fri, 10 Jan 2025 07:23:28 GMT
ETag: 0x8DD3147ADF6F572
x-ms-request-id: e0700363-a01e-0066-1d0a-663af8000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: public, max-age=31290032
Date: Thu, 16 Jan 2025 18:50:55 GMT
Content-Length: 3244
Connection: keep-alive
Timing-Allow-Origin: *
Akamai-GRN: 0.aeb51202.1737053455.292c9f39
GET

https://cdn.vsassets.io/v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/components/Toggle/Toggle.classNames.js

msedge.exe

Remote address:

2.18.190.174:443

Request

GET /v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/components/Toggle/Toggle.classNames.js HTTP/1.1
Host: cdn.vsassets.io
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: script
Referer: https://marketplace.visualstudio.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Type: application/x-javascript
Last-Modified: Fri, 10 Jan 2025 07:23:30 GMT
ETag: 0x8DD3147AEF8AD2A
x-ms-request-id: df3b1439-301e-0063-5412-66cbf3000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: public, max-age=31293157
Date: Thu, 16 Jan 2025 18:50:55 GMT
Content-Length: 1049
Connection: keep-alive
Timing-Allow-Origin: *
Akamai-GRN: 0.aeb51202.1737053455.292ca0b7
GET

https://cdn.vsassets.io/v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/components/ChoiceGroup/ChoiceGroup.scss.js

msedge.exe

Remote address:

2.18.190.174:443

Request

GET /v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/components/ChoiceGroup/ChoiceGroup.scss.js HTTP/1.1
Host: cdn.vsassets.io
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: script
Referer: https://marketplace.visualstudio.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Type: application/x-javascript
Last-Modified: Fri, 10 Jan 2025 07:23:28 GMT
ETag: 0x8DD3147ADD47798
x-ms-request-id: 007dd248-f01e-0023-760a-668359000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: public, max-age=31289975
Date: Thu, 16 Jan 2025 18:50:55 GMT
Content-Length: 2681
Connection: keep-alive
Timing-Allow-Origin: *
Akamai-GRN: 0.aeb51202.1737053455.292ca1ab
GET

https://cdn.vsassets.io/v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/components/DatePicker/DatePicker.scss.js

msedge.exe

Remote address:

2.18.190.174:443

Request

GET /v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/components/DatePicker/DatePicker.scss.js HTTP/1.1
Host: cdn.vsassets.io
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: script
Referer: https://marketplace.visualstudio.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Type: application/x-javascript
Last-Modified: Fri, 10 Jan 2025 07:23:28 GMT
ETag: 0x8DD3147ADF4062E
x-ms-request-id: e90965a2-301e-0073-040b-660e9b000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: public, max-age=31290272
Date: Thu, 16 Jan 2025 18:50:55 GMT
Content-Length: 561
Connection: keep-alive
Timing-Allow-Origin: *
Akamai-GRN: 0.aeb51202.1737053455.292ca33d
GET

https://cdn.vsassets.io/v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/components/Image/index.js

msedge.exe

Remote address:

2.18.190.174:443

Request

GET /v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/components/Image/index.js HTTP/1.1
Host: cdn.vsassets.io
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: script
Referer: https://marketplace.visualstudio.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Type: application/x-javascript
Last-Modified: Fri, 10 Jan 2025 07:23:29 GMT
ETag: 0x8DD3147AE4FF788
x-ms-request-id: 224bd9dc-c01e-005f-7b0b-667a5c000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: public, max-age=31290327
Date: Thu, 16 Jan 2025 18:50:55 GMT
Content-Length: 198
Connection: keep-alive
Timing-Allow-Origin: *
Akamai-GRN: 0.aeb51202.1737053455.292ca486
GET

https://cdn.vsassets.io/v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/components/Check/Check.base.js

msedge.exe

Remote address:

2.18.190.174:443

Request

GET /v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/components/Check/Check.base.js HTTP/1.1
Host: cdn.vsassets.io
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: script
Referer: https://marketplace.visualstudio.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Type: application/x-javascript
Last-Modified: Fri, 10 Jan 2025 07:23:28 GMT
ETag: 0x8DD3147ADCE5526
x-ms-request-id: f8d6e05f-701e-002b-6a0b-66fc1a000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: public, max-age=31290258
Date: Thu, 16 Jan 2025 18:50:55 GMT
Content-Length: 501
Connection: keep-alive
Timing-Allow-Origin: *
Akamai-GRN: 0.aeb51202.1737053455.292ca59d
GET

https://cdn.vsassets.io/v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/components/Check/Check.styles.js

msedge.exe

Remote address:

2.18.190.174:443

Request

GET /v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/components/Check/Check.styles.js HTTP/1.1
Host: cdn.vsassets.io
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: script
Referer: https://marketplace.visualstudio.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Type: application/x-javascript
Last-Modified: Fri, 10 Jan 2025 07:23:28 GMT
ETag: 0x8DD3147ADD266AC
x-ms-request-id: c49d7c35-d01e-002d-050b-660b62000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: public, max-age=31290275
Date: Thu, 16 Jan 2025 18:50:56 GMT
Content-Length: 741
Connection: keep-alive
Timing-Allow-Origin: *
Akamai-GRN: 0.aeb51202.1737053456.292ca6dc
GET

https://cdn.vsassets.io/v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/components/GroupedList/GroupShowAll.js

msedge.exe

Remote address:

2.18.190.174:443

Request

GET /v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/components/GroupedList/GroupShowAll.js HTTP/1.1
Host: cdn.vsassets.io
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: script
Referer: https://marketplace.visualstudio.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Type: application/x-javascript
Last-Modified: Fri, 10 Jan 2025 07:23:29 GMT
ETag: 0x8DD3147AE34FA5C
x-ms-request-id: c792668e-a01e-004f-210b-664cba000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: public, max-age=31290323
Date: Thu, 16 Jan 2025 18:50:56 GMT
Content-Length: 499
Connection: keep-alive
Timing-Allow-Origin: *
Akamai-GRN: 0.aeb51202.1737053456.292ca8c0
GET

https://cdn.vsassets.io/v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/components/GroupedList/GroupShowAll.scss.js

msedge.exe

Remote address:

2.18.190.174:443

Request

GET /v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/components/GroupedList/GroupShowAll.scss.js HTTP/1.1
Host: cdn.vsassets.io
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: script
Referer: https://marketplace.visualstudio.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Type: application/x-javascript
Last-Modified: Fri, 10 Jan 2025 07:23:29 GMT
ETag: 0x8DD3147AE3386CD
x-ms-request-id: f670b656-f01e-0031-0c0b-66d375000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: public, max-age=31290274
Date: Thu, 16 Jan 2025 18:50:56 GMT
Content-Length: 289
Connection: keep-alive
Timing-Allow-Origin: *
Akamai-GRN: 0.aeb51202.1737053456.292caa3c
GET

https://cdn.vsassets.io/v/M248_20250109.5/_content/icon-social-facebook.svg

msedge.exe

Remote address:

2.18.190.174:443

Request

GET /v/M248_20250109.5/_content/icon-social-facebook.svg HTTP/1.1
Host: cdn.vsassets.io
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://marketplace.visualstudio.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Type: image/svg+xml
Last-Modified: Mon, 13 Jan 2025 22:00:32 GMT
ETag: 0x8DD341DB3866463
x-ms-request-id: f8acd56a-b01e-0060-0b0b-66a9b0000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: public, max-age=31290350
Date: Thu, 16 Jan 2025 18:50:56 GMT
Content-Length: 618
Connection: keep-alive
Timing-Allow-Origin: *
Akamai-GRN: 0.aeb51202.1737053456.292cabf7
DNS

raw.githubusercontent.com

msedge.exe

Remote address:

8.8.8.8:53

Request

raw.githubusercontent.com

IN A

Response

raw.githubusercontent.com

IN A

185.199.108.133

raw.githubusercontent.com

IN A

185.199.111.133

raw.githubusercontent.com

IN A

185.199.110.133

raw.githubusercontent.com

IN A

185.199.109.133
GET

https://raw.githubusercontent.com/microsoft/vscode-dotnettools/refs/heads/main/docs/media/07-add.existing.project.gif

msedge.exe

Remote address:

185.199.108.133:443

Request

GET /microsoft/vscode-dotnettools/refs/heads/main/docs/media/07-add.existing.project.gif HTTP/2.0
host: raw.githubusercontent.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://marketplace.visualstudio.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: max-age=300
content-security-policy: default-src 'none'; style-src 'unsafe-inline'; sandbox
content-type: image/gif
etag: W/"88dc7dcab6550de5e86cc257a8f7979813f02875494b609314434d5cf5f5bee0"
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: deny
x-xss-protection: 1; mode=block
x-github-request-id: B9E5:364492:3A08A:4E1EE:677DE80F
accept-ranges: bytes
date: Thu, 16 Jan 2025 18:50:55 GMT
via: 1.1 varnish
x-served-by: cache-lon420136-LON
x-cache: HIT
x-cache-hits: 1
x-timer: S1737053455.422322,VS0,VE1
vary: Authorization,Accept-Encoding,Origin
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-fastly-request-id: bdfd9f238c503cea02d525dc97c7fd68a77f7047
expires: Thu, 16 Jan 2025 18:55:55 GMT
source-age: 286
content-length: 189682
GET

https://raw.githubusercontent.com/microsoft/vscode-dotnettools/refs/heads/main/docs/media/TestRunning.gif

msedge.exe

Remote address:

185.199.108.133:443

Request

GET /microsoft/vscode-dotnettools/refs/heads/main/docs/media/TestRunning.gif HTTP/2.0
host: raw.githubusercontent.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://marketplace.visualstudio.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: max-age=300
content-security-policy: default-src 'none'; style-src 'unsafe-inline'; sandbox
content-type: image/gif
etag: W/"a05be69417608be583ec9f40d4d1ee1e2d4154d0bb026b08501ae1742621225c"
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: deny
x-xss-protection: 1; mode=block
x-github-request-id: 168B:296AFC:AEAD7:F5744:67863E86
accept-ranges: bytes
date: Thu, 16 Jan 2025 18:50:55 GMT
via: 1.1 varnish
x-served-by: cache-lon420136-LON
x-cache: HIT
x-cache-hits: 1
x-timer: S1737053455.422413,VS0,VE2
vary: Authorization,Accept-Encoding,Origin
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-fastly-request-id: afb7f1b0bc899d2bb23fa3843a46938552960a8c
expires: Thu, 16 Jan 2025 18:55:55 GMT
source-age: 286
content-length: 835559
DNS

215.156.26.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

215.156.26.20.in-addr.arpa

IN PTR

Response
DNS

133.108.199.185.in-addr.arpa

Remote address:

8.8.8.8:53

Request

133.108.199.185.in-addr.arpa

IN PTR

Response

133.108.199.185.in-addr.arpa

IN PTR

cdn-185-199-108-133githubcom
DNS

u.clarity.ms

firefox.exe

Remote address:

8.8.8.8:53

Request

u.clarity.ms

IN A

Response

u.clarity.ms

IN CNAME

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com

IN A

4.227.249.197
DNS

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com

firefox.exe

Remote address:

8.8.8.8:53

Request

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com

IN A

Response

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com

IN A

4.227.249.197
POST

https://u.clarity.ms/collect

firefox.exe

Remote address:

4.227.249.197:443

Request

POST /collect HTTP/1.1
Host: u.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
Accept: application/x-clarity-gzip
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Length: 2192
Origin: https://visualstudio.microsoft.com
Connection: keep-alive
Referer: https://visualstudio.microsoft.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

Response

HTTP/1.1 204 No Content

Server: nginx
Date: Thu, 16 Jan 2025 18:50:58 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://visualstudio.microsoft.com
Vary: Origin
Request-Context: appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81
DNS

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com

firefox.exe

Remote address:

8.8.8.8:53

Request

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com

IN AAAA

Response
DNS

marketplace.visualstudio.com

msedge.exe

Remote address:

8.8.8.8:53

Request

marketplace.visualstudio.com

IN A

Response

marketplace.visualstudio.com

IN A

13.107.42.18
DNS

marketplace.visualstudio.com

msedge.exe

Remote address:

8.8.8.8:53

Request

marketplace.visualstudio.com

IN Unknown

Response
DNS

msoffice.gallerycdn.vsassets.io

Code.exe

Remote address:

8.8.8.8:53

Request

msoffice.gallerycdn.vsassets.io

IN A

Response

msoffice.gallerycdn.vsassets.io

IN CNAME

market-prod-cdn.trafficmanager.net

market-prod-cdn.trafficmanager.net

IN CNAME

gallerycdn.vsassets.io.edgesuite.net

gallerycdn.vsassets.io.edgesuite.net

IN CNAME

a125.dscr.akamai.net

a125.dscr.akamai.net

IN A

88.221.134.178

a125.dscr.akamai.net

IN A

88.221.134.219

a125.dscr.akamai.net

IN A

88.221.134.225
DNS

msoffice.gallerycdn.vsassets.io

Code.exe

Remote address:

8.8.8.8:53

Request

msoffice.gallerycdn.vsassets.io

IN Unknown

Response

msoffice.gallerycdn.vsassets.io

IN CNAME

market-prod-cdn.trafficmanager.net

market-prod-cdn.trafficmanager.net

IN CNAME

gallerycdn.vsassets.io.edgesuite.net

gallerycdn.vsassets.io.edgesuite.net

IN CNAME

a125.dscr.akamai.net
DNS

sohibe.gallerycdn.vsassets.io

Code.exe

Remote address:

8.8.8.8:53

Request

sohibe.gallerycdn.vsassets.io

IN A

Response

sohibe.gallerycdn.vsassets.io

IN CNAME

market-prod-cdn.trafficmanager.net

market-prod-cdn.trafficmanager.net

IN CNAME

gallerycdn.vsassets.io.edgesuite.net

gallerycdn.vsassets.io.edgesuite.net

IN CNAME

a125.dscr.akamai.net

a125.dscr.akamai.net

IN A

88.221.134.208

a125.dscr.akamai.net

IN A

88.221.134.178

a125.dscr.akamai.net

IN A

88.221.134.153

a125.dscr.akamai.net

IN A

88.221.134.201
DNS

sohibe.gallerycdn.vsassets.io

Code.exe

Remote address:

8.8.8.8:53

Request

sohibe.gallerycdn.vsassets.io

IN Unknown

Response

sohibe.gallerycdn.vsassets.io

IN CNAME

market-prod-cdn.trafficmanager.net

market-prod-cdn.trafficmanager.net

IN CNAME

gallerycdn.vsassets.io.edgesuite.net

gallerycdn.vsassets.io.edgesuite.net

IN CNAME

a125.dscr.akamai.net
DNS

hellomuthu23.gallerycdn.vsassets.io

Code.exe

Remote address:

8.8.8.8:53

Request

hellomuthu23.gallerycdn.vsassets.io

IN A

Response

hellomuthu23.gallerycdn.vsassets.io

IN CNAME

market-prod-cdn.trafficmanager.net

market-prod-cdn.trafficmanager.net

IN CNAME

gallerycdn.vsassets.io.edgesuite.net

gallerycdn.vsassets.io.edgesuite.net

IN CNAME

a125.dscr.akamai.net

a125.dscr.akamai.net

IN A

88.221.134.178

a125.dscr.akamai.net

IN A

88.221.134.225

a125.dscr.akamai.net

IN A

88.221.134.219
DNS

hellomuthu23.gallerycdn.vsassets.io

Code.exe

Remote address:

8.8.8.8:53

Request

hellomuthu23.gallerycdn.vsassets.io

IN Unknown

Response

hellomuthu23.gallerycdn.vsassets.io

IN CNAME

market-prod-cdn.trafficmanager.net

market-prod-cdn.trafficmanager.net

IN CNAME

gallerycdn.vsassets.io.edgesuite.net

gallerycdn.vsassets.io.edgesuite.net

IN CNAME

a125.dscr.akamai.net
DNS

dynamsoft.gallerycdn.vsassets.io

Code.exe

Remote address:

8.8.8.8:53

Request

dynamsoft.gallerycdn.vsassets.io

IN A

Response

dynamsoft.gallerycdn.vsassets.io

IN CNAME

market-prod-cdn.trafficmanager.net

market-prod-cdn.trafficmanager.net

IN CNAME

gallerycdn.vsassets.io.edgesuite.net

gallerycdn.vsassets.io.edgesuite.net

IN CNAME

a125.dscr.akamai.net

a125.dscr.akamai.net

IN A

88.221.134.201

a125.dscr.akamai.net

IN A

88.221.134.153

a125.dscr.akamai.net

IN A

88.221.134.208

a125.dscr.akamai.net

IN A

88.221.134.178
DNS

miot.gallerycdn.vsassets.io

Code.exe

Remote address:

8.8.8.8:53

Request

miot.gallerycdn.vsassets.io

IN A

Response

miot.gallerycdn.vsassets.io

IN CNAME

market-prod-cdn.trafficmanager.net

market-prod-cdn.trafficmanager.net

IN CNAME

gallerycdn.vsassets.io.edgesuite.net

gallerycdn.vsassets.io.edgesuite.net

IN CNAME

a125.dscr.akamai.net

a125.dscr.akamai.net

IN A

88.221.134.208

a125.dscr.akamai.net

IN A

88.221.134.201

a125.dscr.akamai.net

IN A

88.221.134.153

a125.dscr.akamai.net

IN A

88.221.134.178
DNS

miot.gallerycdn.vsassets.io

Code.exe

Remote address:

8.8.8.8:53

Request

miot.gallerycdn.vsassets.io

IN Unknown

Response

miot.gallerycdn.vsassets.io

IN CNAME

market-prod-cdn.trafficmanager.net

market-prod-cdn.trafficmanager.net

IN CNAME

gallerycdn.vsassets.io.edgesuite.net

gallerycdn.vsassets.io.edgesuite.net

IN CNAME

a125.dscr.akamai.net
DNS

daadaadaah.gallerycdn.vsassets.io

Code.exe

Remote address:

8.8.8.8:53

Request

daadaadaah.gallerycdn.vsassets.io

IN A

Response

daadaadaah.gallerycdn.vsassets.io

IN CNAME

market-prod-cdn.trafficmanager.net

market-prod-cdn.trafficmanager.net

IN CNAME

gallerycdn.vsassets.io.edgesuite.net

gallerycdn.vsassets.io.edgesuite.net

IN CNAME

a125.dscr.akamai.net

a125.dscr.akamai.net

IN A

88.221.134.208

a125.dscr.akamai.net

IN A

88.221.134.178

a125.dscr.akamai.net

IN A

88.221.134.201

a125.dscr.akamai.net

IN A

88.221.134.153
DNS

daadaadaah.gallerycdn.vsassets.io

Code.exe

Remote address:

8.8.8.8:53

Request

daadaadaah.gallerycdn.vsassets.io

IN Unknown

Response

daadaadaah.gallerycdn.vsassets.io

IN CNAME

market-prod-cdn.trafficmanager.net

market-prod-cdn.trafficmanager.net

IN CNAME

gallerycdn.vsassets.io.edgesuite.net

gallerycdn.vsassets.io.edgesuite.net

IN CNAME

a125.dscr.akamai.net
DNS

ms-dotnettools.gallerycdn.vsassets.io

msedge.exe

Remote address:

8.8.8.8:53

Request

ms-dotnettools.gallerycdn.vsassets.io

IN A

Response

ms-dotnettools.gallerycdn.vsassets.io

IN CNAME

market-prod-cdn.trafficmanager.net

market-prod-cdn.trafficmanager.net

IN CNAME

gallerycdn.vsassets.io.edgesuite.net

gallerycdn.vsassets.io.edgesuite.net

IN CNAME

a125.dscr.akamai.net

a125.dscr.akamai.net

IN A

88.221.134.178

a125.dscr.akamai.net

IN A

88.221.134.208

a125.dscr.akamai.net

IN A

88.221.134.153

a125.dscr.akamai.net

IN A

88.221.134.201
DNS

ms-dotnettools.gallerycdn.vsassets.io

msedge.exe

Remote address:

8.8.8.8:53

Request

ms-dotnettools.gallerycdn.vsassets.io

IN Unknown

Response

ms-dotnettools.gallerycdn.vsassets.io

IN CNAME

market-prod-cdn.trafficmanager.net

market-prod-cdn.trafficmanager.net

IN CNAME

gallerycdn.vsassets.io.edgesuite.net

gallerycdn.vsassets.io.edgesuite.net

IN CNAME

a125.dscr.akamai.net
DNS

marketplace.visualstudio.com

msedge.exe

Remote address:

8.8.8.8:53

Request

marketplace.visualstudio.com

IN A

Response

marketplace.visualstudio.com

IN A

13.107.42.18
DNS

marketplace.visualstudio.com

msedge.exe

Remote address:

8.8.8.8:53

Request

marketplace.visualstudio.com

IN Unknown

Response
DNS

github.com

msedge.exe

Remote address:

8.8.8.8:53

Request

github.com

IN A

Response

github.com

IN A

20.26.156.215
DNS

ms-dotnettools.gallery.vsassets.io

Code.exe

Remote address:

8.8.8.8:53

Request

ms-dotnettools.gallery.vsassets.io

IN A

Response

ms-dotnettools.gallery.vsassets.io

IN A

13.107.6.175
DNS

ms-dotnettools.gallery.vsassets.io

Code.exe

Remote address:

8.8.8.8:53

Request

ms-dotnettools.gallery.vsassets.io

IN Unknown

Response
DNS

westus2-0.in.applicationinsights.azure.com

Code.exe

Remote address:

8.8.8.8:53

Request

westus2-0.in.applicationinsights.azure.com

IN A

Response

westus2-0.in.applicationinsights.azure.com

IN CNAME

westus2-0.in.ai.monitor.azure.com

westus2-0.in.ai.monitor.azure.com

IN CNAME

westus2-0.in.ai.privatelink.monitor.azure.com

westus2-0.in.ai.privatelink.monitor.azure.com

IN CNAME

gig-ai-prod-westus2-0.trafficmanager.net

gig-ai-prod-westus2-0.trafficmanager.net

IN CNAME

gig-ai-prod-wus2-01-app-v4-tag.westus2.cloudapp.azure.com

gig-ai-prod-wus2-01-app-v4-tag.westus2.cloudapp.azure.com

IN A

20.9.155.148
DNS

dotnetcli.blob.core.windows.net

Code.exe

Remote address:

8.8.8.8:53

Request

dotnetcli.blob.core.windows.net

IN A

Response

dotnetcli.blob.core.windows.net

IN CNAME

blob.sjc20prdstr25a.store.core.windows.net

blob.sjc20prdstr25a.store.core.windows.net

IN A

20.60.81.165
DNS

default.exp-tas.com

Code.exe

Remote address:

8.8.8.8:53

Request

default.exp-tas.com

IN A

Response

default.exp-tas.com

IN CNAME

deault-exp-tas-com.e-0014.e-msedge.net

deault-exp-tas-com.e-0014.e-msedge.net

IN CNAME

e-0014.e-msedge.net

e-0014.e-msedge.net

IN A

13.107.5.93
DNS

mobile.events.data.microsoft.com

Code.exe

Remote address:

8.8.8.8:53

Request

mobile.events.data.microsoft.com

IN A

Response

mobile.events.data.microsoft.com

IN CNAME

mobile.events.data.trafficmanager.net

mobile.events.data.trafficmanager.net

IN CNAME

onedscolprdwus12.westus.cloudapp.azure.com

onedscolprdwus12.westus.cloudapp.azure.com

IN A

20.189.173.13
DNS

mobile.events.data.microsoft.com

Code.exe

Remote address:

8.8.8.8:53

Request

mobile.events.data.microsoft.com

IN Unknown

Response

mobile.events.data.microsoft.com

IN CNAME

mobile.events.data.trafficmanager.net

mobile.events.data.trafficmanager.net

IN CNAME

onedscolprdeus13.eastus.cloudapp.azure.com
DNS

148.155.9.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

148.155.9.20.in-addr.arpa

IN PTR

Response
DNS

165.81.60.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

165.81.60.20.in-addr.arpa

IN PTR

Response
DNS

www.microsoft.com

msedge.exe

Remote address:

8.8.8.8:53

Request

www.microsoft.com

IN A

Response

www.microsoft.com

IN CNAME

www.microsoft.com-c-3.edgekey.net

www.microsoft.com-c-3.edgekey.net

IN CNAME

www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net

www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net

IN CNAME

e13678.dscb.akamaiedge.net

e13678.dscb.akamaiedge.net

IN A

95.100.245.144
DNS

www.microsoft.com

msedge.exe

Remote address:

8.8.8.8:53

Request

www.microsoft.com

IN A

Response

www.microsoft.com

IN CNAME

www.microsoft.com-c-3.edgekey.net

www.microsoft.com-c-3.edgekey.net

IN CNAME

www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net

www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net

IN CNAME

e13678.dscb.akamaiedge.net

e13678.dscb.akamaiedge.net

IN A

95.100.245.144
DNS

mobile.events.data.microsoft.com

Code.exe

Remote address:

8.8.8.8:53

Request

mobile.events.data.microsoft.com

IN A

Response

mobile.events.data.microsoft.com

IN CNAME

mobile.events.data.trafficmanager.net

mobile.events.data.trafficmanager.net

IN CNAME

onedscolprdcus10.centralus.cloudapp.azure.com

onedscolprdcus10.centralus.cloudapp.azure.com

IN A

52.182.143.210
DNS

dot.net

Code.exe

Remote address:

8.8.8.8:53

Request

dot.net

IN A

Response

dot.net

IN A

20.112.250.133

dot.net

IN A

20.70.246.20

dot.net

IN A

20.236.44.162

dot.net

IN A

20.231.239.246

dot.net

IN A

20.76.201.171
DNS

210.143.182.52.in-addr.arpa

Remote address:

8.8.8.8:53

Request

210.143.182.52.in-addr.arpa

IN PTR

Response
DNS

builds.dotnet.microsoft.com

powershell.exe

Remote address:

8.8.8.8:53

Request

builds.dotnet.microsoft.com

IN A

Response

builds.dotnet.microsoft.com

IN CNAME

dotnetcli.trafficmanager.net

dotnetcli.trafficmanager.net

IN CNAME

dotnetcli-f0e9dzh5e5eze7cd.b02.azurefd.net

dotnetcli-f0e9dzh5e5eze7cd.b02.azurefd.net

IN CNAME

shed.dual-low.s-part-0036.t-0009.t-msedge.net

shed.dual-low.s-part-0036.t-0009.t-msedge.net

IN CNAME

s-part-0036.t-0009.t-msedge.net

s-part-0036.t-0009.t-msedge.net

IN A

13.107.246.64
DNS

133.250.112.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

133.250.112.20.in-addr.arpa

IN PTR

Response
DNS

mobile.events.data.microsoft.com

Code.exe

Remote address:

8.8.8.8:53

Request

mobile.events.data.microsoft.com

IN A

Response

mobile.events.data.microsoft.com

IN CNAME

mobile.events.data.trafficmanager.net

mobile.events.data.trafficmanager.net

IN CNAME

onedscolprdeus13.eastus.cloudapp.azure.com

onedscolprdeus13.eastus.cloudapp.azure.com

IN A

52.168.117.170
DNS

170.117.168.52.in-addr.arpa

Remote address:

8.8.8.8:53

Request

170.117.168.52.in-addr.arpa

IN PTR

Response
DNS

ci.dot.net

powershell.exe

Remote address:

8.8.8.8:53

Request

ci.dot.net

IN A

Response

ci.dot.net

IN CNAME

dotnetbuilds-bgf9bthjbvdca2ar.b02.azurefd.net

dotnetbuilds-bgf9bthjbvdca2ar.b02.azurefd.net

IN CNAME

shed.dual-low.s-part-0036.t-0009.t-msedge.net

shed.dual-low.s-part-0036.t-0009.t-msedge.net

IN CNAME

s-part-0036.t-0009.t-msedge.net

s-part-0036.t-0009.t-msedge.net

IN A

13.107.246.64
DNS

u.clarity.ms

Request

u.clarity.ms

IN A

Response

u.clarity.ms

IN CNAME

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com

IN A

4.227.249.197
DNS

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com

Request

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com

IN A

Response

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com

IN A

4.227.249.197
POST

https://u.clarity.ms/collect

Request

POST /collect HTTP/1.1
Host: u.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
Accept: application/x-clarity-gzip
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Length: 2294
Origin: https://visualstudio.microsoft.com
Connection: keep-alive
Referer: https://visualstudio.microsoft.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

Response

HTTP/1.1 204 No Content

Server: nginx
Date: Thu, 16 Jan 2025 18:51:41 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://visualstudio.microsoft.com
Vary: Origin
Request-Context: appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81
DNS

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com

Request

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com

IN AAAA

Response
DNS

aka.ms

Request

aka.ms

IN A

Response

aka.ms

IN A

104.72.73.152
GET

https://aka.ms/vstelemetry/pub/Default/v2/dyntelconfig.json

Request

GET /vstelemetry/pub/Default/v2/dyntelconfig.json HTTP/1.1
Host: aka.ms
Connection: Keep-Alive
Accept-Encoding: gzip, deflate

Response

HTTP/1.1 301 Moved Permanently

Content-Length: 0
Server: Kestrel
Location: https://vsdyntel-mscdn-crdedkcgdmafc8fj.b01.azurefd.net/pub/Default/v2/dyntelconfig.json
Request-Context: appId=cid-v1:d94c0f68-64bf-4036-8409-a0e761bb7ee1
X-Response-Cache-Status: True
Expires: Thu, 16 Jan 2025 18:51:48 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Thu, 16 Jan 2025 18:51:48 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
GET

https://aka.ms/vstelemetry/pub/Default/v2/dyntelconfig.json

Request

GET /vstelemetry/pub/Default/v2/dyntelconfig.json HTTP/1.1
Host: aka.ms
Connection: Keep-Alive
Accept-Encoding: gzip, deflate

Response

HTTP/1.1 301 Moved Permanently

Content-Length: 0
Server: Kestrel
Location: https://vsdyntel-mscdn-crdedkcgdmafc8fj.b01.azurefd.net/pub/Default/v2/dyntelconfig.json
Request-Context: appId=cid-v1:d94c0f68-64bf-4036-8409-a0e761bb7ee1
X-Response-Cache-Status: True
Expires: Thu, 16 Jan 2025 18:51:50 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Thu, 16 Jan 2025 18:51:50 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
DNS

vsdyntel-mscdn-crdedkcgdmafc8fj.b01.azurefd.net

Request

vsdyntel-mscdn-crdedkcgdmafc8fj.b01.azurefd.net

IN A

Response

vsdyntel-mscdn-crdedkcgdmafc8fj.b01.azurefd.net

IN CNAME

shed.dual-low.s-part-0036.t-0009.t-msedge.net

shed.dual-low.s-part-0036.t-0009.t-msedge.net

IN CNAME

s-part-0036.t-0009.t-msedge.net

s-part-0036.t-0009.t-msedge.net

IN A

13.107.246.64
DNS

mobile.events.data.microsoft.com

Request

mobile.events.data.microsoft.com

IN A

Response

mobile.events.data.microsoft.com

IN CNAME

mobile.events.data.trafficmanager.net

mobile.events.data.trafficmanager.net

IN CNAME

onedscolprdwus02.westus.cloudapp.azure.com

onedscolprdwus02.westus.cloudapp.azure.com

IN A

20.189.173.3
DNS

152.73.72.104.in-addr.arpa

Request

152.73.72.104.in-addr.arpa

IN PTR

Response

152.73.72.104.in-addr.arpa

IN PTR

a104-72-73-152deploystaticakamaitechnologiescom
DNS

westus2-0.in.applicationinsights.azure.com

Request

westus2-0.in.applicationinsights.azure.com

IN A

Response

westus2-0.in.applicationinsights.azure.com

IN CNAME

westus2-0.in.ai.monitor.azure.com

westus2-0.in.ai.monitor.azure.com

IN CNAME

westus2-0.in.ai.privatelink.monitor.azure.com

westus2-0.in.ai.privatelink.monitor.azure.com

IN CNAME

gig-ai-prod-westus2-0.trafficmanager.net

gig-ai-prod-westus2-0.trafficmanager.net

IN CNAME

gig-ai-prod-wus2-0-app-v4-tag.westus2.cloudapp.azure.com

gig-ai-prod-wus2-0-app-v4-tag.westus2.cloudapp.azure.com

IN A

20.9.155.145
DNS

3.173.189.20.in-addr.arpa

Request

3.173.189.20.in-addr.arpa

IN PTR

Response
DNS

145.155.9.20.in-addr.arpa

Request

145.155.9.20.in-addr.arpa

IN PTR

Response
DNS

mobile.events.data.microsoft.com

Request

mobile.events.data.microsoft.com

IN A

Response

mobile.events.data.microsoft.com

IN CNAME

mobile.events.data.trafficmanager.net

mobile.events.data.trafficmanager.net

IN CNAME

onedscolprdwus02.westus.cloudapp.azure.com

onedscolprdwus02.westus.cloudapp.azure.com

IN A

20.189.173.3
DNS

default.exp-tas.com

Request

default.exp-tas.com

IN A

Response

default.exp-tas.com

IN CNAME

deault-exp-tas-com.e-0014.e-msedge.net

deault-exp-tas-com.e-0014.e-msedge.net

IN CNAME

e-0014.e-msedge.net

e-0014.e-msedge.net

IN A

13.107.5.93
DNS

default.exp-tas.com

Request

default.exp-tas.com

IN Unknown

Response

default.exp-tas.com

IN CNAME

deault-exp-tas-com.e-0014.e-msedge.net

deault-exp-tas-com.e-0014.e-msedge.net

IN CNAME

e-0014.e-msedge.net
DNS

u.clarity.ms

Request

u.clarity.ms

IN A

Response

u.clarity.ms

IN CNAME

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com

IN A

4.227.249.197
DNS

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com

Request

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com

IN A

Response

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com

IN A

4.227.249.197
POST

https://u.clarity.ms/collect

Request

POST /collect HTTP/1.1
Host: u.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
Accept: application/x-clarity-gzip
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Length: 2221
Origin: https://visualstudio.microsoft.com
Connection: keep-alive
Referer: https://visualstudio.microsoft.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

Response

HTTP/1.1 204 No Content

Server: nginx
Date: Thu, 16 Jan 2025 18:52:07 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://visualstudio.microsoft.com
Vary: Origin
Request-Context: appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81
DNS

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com

Request

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com

IN AAAA

Response
DNS

main.vscode-cdn.net

Request

main.vscode-cdn.net

IN A

Response

main.vscode-cdn.net

IN CNAME

vscode-cdn.z01.azurefd.net

vscode-cdn.z01.azurefd.net

IN CNAME

star-azurefd-prod.trafficmanager.net

star-azurefd-prod.trafficmanager.net

IN CNAME

shed.dual-low.s-part-0036.t-0009.t-msedge.net

shed.dual-low.s-part-0036.t-0009.t-msedge.net

IN CNAME

s-part-0036.t-0009.t-msedge.net

s-part-0036.t-0009.t-msedge.net

IN A

13.107.246.64
DNS

main.vscode-cdn.net

Request

main.vscode-cdn.net

IN Unknown

Response

main.vscode-cdn.net

IN CNAME

vscode-cdn.z01.azurefd.net

vscode-cdn.z01.azurefd.net

IN CNAME

star-azurefd-prod.trafficmanager.net

star-azurefd-prod.trafficmanager.net

IN CNAME

shed.dual-low.s-part-0036.t-0009.t-msedge.net
DNS

www.vscode-unpkg.net

Request

www.vscode-unpkg.net

IN A

Response

www.vscode-unpkg.net

IN CNAME

vscode-unpkg-gvgaavacadd3anb4.z01.azurefd.net

vscode-unpkg-gvgaavacadd3anb4.z01.azurefd.net

IN CNAME

star-azurefd-prod.trafficmanager.net

star-azurefd-prod.trafficmanager.net

IN CNAME

shed.dual-low.s-part-0036.t-0009.t-msedge.net

shed.dual-low.s-part-0036.t-0009.t-msedge.net

IN CNAME

s-part-0036.t-0009.t-msedge.net

s-part-0036.t-0009.t-msedge.net

IN A

13.107.246.64
DNS

www.vscode-unpkg.net

Request

www.vscode-unpkg.net

IN Unknown

Response

www.vscode-unpkg.net

IN CNAME

vscode-unpkg-gvgaavacadd3anb4.z01.azurefd.net

vscode-unpkg-gvgaavacadd3anb4.z01.azurefd.net

IN CNAME

star-azurefd-prod.trafficmanager.net

star-azurefd-prod.trafficmanager.net

IN CNAME

shed.dual-low.s-part-0036.t-0009.t-msedge.net

shed.dual-low.s-part-0036.t-0009.t-msedge.net

IN CNAME

s-part-0036.t-0009.t-msedge.net
DNS

mobile.events.data.microsoft.com

Request

mobile.events.data.microsoft.com

IN A

Response

mobile.events.data.microsoft.com

IN CNAME

mobile.events.data.trafficmanager.net

mobile.events.data.trafficmanager.net

IN CNAME

onedscolprdwus11.westus.cloudapp.azure.com

onedscolprdwus11.westus.cloudapp.azure.com

IN A

20.189.173.12
DNS

mobile.events.data.microsoft.com

Request

mobile.events.data.microsoft.com

IN Unknown

Response

mobile.events.data.microsoft.com

IN CNAME

mobile.events.data.trafficmanager.net

mobile.events.data.trafficmanager.net

IN CNAME

onedscolprdaus03.australiasoutheast.cloudapp.azure.com
DNS

mobile.events.data.microsoft.com

Request

mobile.events.data.microsoft.com

IN A

Response

mobile.events.data.microsoft.com

IN CNAME

mobile.events.data.trafficmanager.net

mobile.events.data.trafficmanager.net

IN CNAME

onedscolprdcus05.centralus.cloudapp.azure.com

onedscolprdcus05.centralus.cloudapp.azure.com

IN A

20.44.10.123
DNS

123.10.44.20.in-addr.arpa

Request

123.10.44.20.in-addr.arpa

IN PTR

Response
DNS

u.clarity.ms

Request

u.clarity.ms

IN A

Response

u.clarity.ms

IN CNAME

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com

IN A

4.227.249.197
DNS

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com

Request

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com

IN A

Response

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com

IN A

4.227.249.197
POST

https://u.clarity.ms/collect

Request

POST /collect HTTP/1.1
Host: u.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
Accept: application/x-clarity-gzip
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Length: 2248
Origin: https://visualstudio.microsoft.com
Connection: keep-alive
Referer: https://visualstudio.microsoft.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

Response

HTTP/1.1 204 No Content

Server: nginx
Date: Thu, 16 Jan 2025 18:52:34 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://visualstudio.microsoft.com
Vary: Origin
Request-Context: appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81
DNS

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com

Request

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com

IN AAAA

Response
DNS

westus2-0.in.applicationinsights.azure.com

Request

westus2-0.in.applicationinsights.azure.com

IN A

Response

westus2-0.in.applicationinsights.azure.com

IN CNAME

westus2-0.in.ai.monitor.azure.com

westus2-0.in.ai.monitor.azure.com

IN CNAME

westus2-0.in.ai.privatelink.monitor.azure.com

westus2-0.in.ai.privatelink.monitor.azure.com

IN CNAME

gig-ai-prod-westus2-0.trafficmanager.net

gig-ai-prod-westus2-0.trafficmanager.net

IN CNAME

gig-ai-prod-wus2-02-app-v4-tag.westus2.cloudapp.azure.com

gig-ai-prod-wus2-02-app-v4-tag.westus2.cloudapp.azure.com

IN A

20.9.155.150
DNS

dotnetcli.blob.core.windows.net

Request

dotnetcli.blob.core.windows.net

IN A

Response

dotnetcli.blob.core.windows.net

IN CNAME

blob.sjc20prdstr25a.store.core.windows.net

blob.sjc20prdstr25a.store.core.windows.net

IN A

20.60.81.165
DNS

default.exp-tas.com

Request

default.exp-tas.com

IN A

Response

default.exp-tas.com

IN CNAME

deault-exp-tas-com.e-0014.e-msedge.net

deault-exp-tas-com.e-0014.e-msedge.net

IN CNAME

e-0014.e-msedge.net

e-0014.e-msedge.net

IN A

13.107.5.93
DNS

150.155.9.20.in-addr.arpa

Request

150.155.9.20.in-addr.arpa

IN PTR

Response
DNS

mobile.events.data.microsoft.com

Request

mobile.events.data.microsoft.com

IN A

Response

mobile.events.data.microsoft.com

IN CNAME

mobile.events.data.trafficmanager.net

mobile.events.data.trafficmanager.net

IN CNAME

onedscolprdeus21.eastus.cloudapp.azure.com

onedscolprdeus21.eastus.cloudapp.azure.com

IN A

20.42.73.31
DNS

mobile.events.data.microsoft.com

Request

mobile.events.data.microsoft.com

IN A

Response

mobile.events.data.microsoft.com

IN CNAME

mobile.events.data.trafficmanager.net

mobile.events.data.trafficmanager.net

IN CNAME

onedscolprdeus21.eastus.cloudapp.azure.com

onedscolprdeus21.eastus.cloudapp.azure.com

IN A

20.42.73.31
DNS

config.edge.skype.com

Request

config.edge.skype.com

IN A

Response

config.edge.skype.com

IN CNAME

config.edge.skype.com.trafficmanager.net

config.edge.skype.com.trafficmanager.net

IN CNAME

l-0007.config.skype.com

l-0007.config.skype.com

IN CNAME

config-edge-skype.l-0007.l-msedge.net

config-edge-skype.l-0007.l-msedge.net

IN CNAME

l-0007.l-msedge.net

l-0007.l-msedge.net

IN A

13.107.42.16
DNS

config.edge.skype.com

Request

config.edge.skype.com

IN A
DNS

aka.ms

Request

aka.ms

IN A

Response

aka.ms

IN A

2.17.6.114
GET

https://aka.ms/vstelemetry/pub/Default/v2/dyntelconfig.json

Request

GET /vstelemetry/pub/Default/v2/dyntelconfig.json HTTP/1.1
Host: aka.ms
Connection: Keep-Alive
Accept-Encoding: gzip, deflate

Response

HTTP/1.1 301 Moved Permanently

Content-Length: 0
Server: Kestrel
Location: https://vsdyntel-mscdn-crdedkcgdmafc8fj.b01.azurefd.net/pub/Default/v2/dyntelconfig.json
Request-Context: appId=cid-v1:d94c0f68-64bf-4036-8409-a0e761bb7ee1
X-Response-Cache-Status: True
Expires: Thu, 16 Jan 2025 18:52:50 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Thu, 16 Jan 2025 18:52:50 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
GET

https://aka.ms/vstelemetry/pub/Default/v2/dyntelconfig.json

Request

GET /vstelemetry/pub/Default/v2/dyntelconfig.json HTTP/1.1
Host: aka.ms
Connection: Keep-Alive
Accept-Encoding: gzip, deflate

Response

HTTP/1.1 301 Moved Permanently

Content-Length: 0
Server: Kestrel
Location: https://vsdyntel-mscdn-crdedkcgdmafc8fj.b01.azurefd.net/pub/Default/v2/dyntelconfig.json
Request-Context: appId=cid-v1:d94c0f68-64bf-4036-8409-a0e761bb7ee1
X-Response-Cache-Status: True
Expires: Thu, 16 Jan 2025 18:52:58 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Thu, 16 Jan 2025 18:52:58 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
DNS

www.microsoft.com

Request

www.microsoft.com

IN A

Response

www.microsoft.com

IN CNAME

www.microsoft.com-c-3.edgekey.net

www.microsoft.com-c-3.edgekey.net

IN CNAME

www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net

www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net

IN CNAME

e13678.dscb.akamaiedge.net

e13678.dscb.akamaiedge.net

IN A

95.100.245.144
DNS

31.73.42.20.in-addr.arpa

Request

31.73.42.20.in-addr.arpa

IN PTR

Response
DNS

114.6.17.2.in-addr.arpa

Request

114.6.17.2.in-addr.arpa

IN PTR

Response

114.6.17.2.in-addr.arpa

IN PTR

a2-17-6-114deploystaticakamaitechnologiescom
DNS

vsdyntel-mscdn-crdedkcgdmafc8fj.b01.azurefd.net

Request

vsdyntel-mscdn-crdedkcgdmafc8fj.b01.azurefd.net

IN A

Response

vsdyntel-mscdn-crdedkcgdmafc8fj.b01.azurefd.net

IN CNAME

shed.dual-low.s-part-0036.t-0009.t-msedge.net

shed.dual-low.s-part-0036.t-0009.t-msedge.net

IN CNAME

s-part-0036.t-0009.t-msedge.net

s-part-0036.t-0009.t-msedge.net

IN A

13.107.246.64
DNS

builds.dotnet.microsoft.com

Request

builds.dotnet.microsoft.com

IN A

Response

builds.dotnet.microsoft.com

IN CNAME

dotnetcli.trafficmanager.net

dotnetcli.trafficmanager.net

IN CNAME

builds.dotnet.microsoft.com.edgesuite.net

builds.dotnet.microsoft.com.edgesuite.net

IN CNAME

a441.dscd.akamai.net

a441.dscd.akamai.net

IN A

2.18.190.168

a441.dscd.akamai.net

IN A

2.18.190.174
DNS

builds.dotnet.microsoft.com

Request

builds.dotnet.microsoft.com

IN A

Response

builds.dotnet.microsoft.com

IN CNAME

dotnetcli.trafficmanager.net

dotnetcli.trafficmanager.net

IN CNAME

builds.dotnet.microsoft.com.edgesuite.net

builds.dotnet.microsoft.com.edgesuite.net

IN CNAME

a441.dscd.akamai.net

a441.dscd.akamai.net

IN A

2.18.190.168

a441.dscd.akamai.net

IN A

2.18.190.174
DNS

mobile.events.data.microsoft.com

Request

mobile.events.data.microsoft.com

IN A

Response

mobile.events.data.microsoft.com

IN CNAME

mobile.events.data.trafficmanager.net

mobile.events.data.trafficmanager.net

IN CNAME

onedscolprdwus01.westus.cloudapp.azure.com

onedscolprdwus01.westus.cloudapp.azure.com

IN A

20.189.173.2
DNS

mobile.events.data.microsoft.com

Request

mobile.events.data.microsoft.com

IN A

Response

mobile.events.data.microsoft.com

IN CNAME

mobile.events.data.trafficmanager.net

mobile.events.data.trafficmanager.net

IN CNAME

onedscolprdaus03.australiasoutheast.cloudapp.azure.com

onedscolprdaus03.australiasoutheast.cloudapp.azure.com

IN A

104.46.162.227
DNS

168.190.18.2.in-addr.arpa

Request

168.190.18.2.in-addr.arpa

IN PTR

Response

168.190.18.2.in-addr.arpa

IN PTR

a2-18-190-168deploystaticakamaitechnologiescom
DNS

168.190.18.2.in-addr.arpa

Request

168.190.18.2.in-addr.arpa

IN PTR

Response

168.190.18.2.in-addr.arpa

IN PTR

a2-18-190-168deploystaticakamaitechnologiescom
DNS

2.173.189.20.in-addr.arpa

Request

2.173.189.20.in-addr.arpa

IN PTR

Response
GET

https://builds.dotnet.microsoft.com/dotnet/aspnetcore/Runtime/8.0.12/aspnetcore-productVersion.txt

Request

GET /dotnet/aspnetcore/Runtime/8.0.12/aspnetcore-productVersion.txt HTTP/1.1
Host: builds.dotnet.microsoft.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Content-Type: application/octet-stream
Content-MD5: WPhIjvLSUHtV0yAdB+x8WQ==
Last-Modified: Tue, 14 Jan 2025 18:04:18 GMT
ETag: 0x8DD34C5DD7D8F7E
x-ms-request-id: e597f2c6-601e-0064-78b8-6694f8000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Thu, 16 Jan 2025 18:52:53 GMT
Content-Length: 8
Connection: keep-alive
Akamai-GRN: 0.a8b51202.1737053573.19a1d8e2
DNS

ci.dot.net

Request

ci.dot.net

IN A

Response

ci.dot.net

IN CNAME

dotnetbuilds-bgf9bthjbvdca2ar.b02.azurefd.net

dotnetbuilds-bgf9bthjbvdca2ar.b02.azurefd.net

IN CNAME

shed.dual-low.s-part-0036.t-0009.t-msedge.net

shed.dual-low.s-part-0036.t-0009.t-msedge.net

IN CNAME

s-part-0036.t-0009.t-msedge.net

s-part-0036.t-0009.t-msedge.net

IN A

13.107.246.64
GET

https://builds.dotnet.microsoft.com/dotnet/aspnetcore/Runtime/8.0.12/aspnetcore-runtime-8.0.12-win-x64.zip

Request

GET /dotnet/aspnetcore/Runtime/8.0.12/aspnetcore-runtime-8.0.12-win-x64.zip HTTP/1.1
Host: builds.dotnet.microsoft.com

Response

HTTP/1.1 200 OK

Content-Type: application/octet-stream
x-ms-request-id: 928d0560-201e-0065-5ddd-66cb24000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Last-Modified: Tue, 14 Jan 2025 18:04:20 GMT
ETag: 0x8DD34C5DEE06E1E
Content-Length: 45456545
Date: Thu, 16 Jan 2025 18:52:55 GMT
Connection: keep-alive
Akamai-GRN: 0.a8b51202.1737053575.19a20025
HEAD

https://builds.dotnet.microsoft.com/dotnet/aspnetcore/Runtime/8.0.12/aspnetcore-runtime-8.0.12-win-x64.zip

Request

HEAD /dotnet/aspnetcore/Runtime/8.0.12/aspnetcore-runtime-8.0.12-win-x64.zip HTTP/1.1
User-Agent: Mozilla/5.0 (Windows NT; Windows NT 10.0; en-US) WindowsPowerShell/5.1.19041.4522
Host: builds.dotnet.microsoft.com

Response

HTTP/1.1 200 OK

Content-Type: application/octet-stream
Content-MD5: mzWCOf6Gxh5/tV3Gf/HNXA==
Last-Modified: Tue, 14 Jan 2025 18:04:20 GMT
ETag: 0x8DD34C5DEE06E1E
x-ms-request-id: 928d170c-201e-0065-31dd-66cb24000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Thu, 16 Jan 2025 18:52:58 GMT
Connection: keep-alive
Content-Length: 45456545
Akamai-GRN: 0.a8b51202.1737053578.19a24a06
DNS

mobile.events.data.microsoft.com

Request

mobile.events.data.microsoft.com

IN A

Response

mobile.events.data.microsoft.com

IN CNAME

mobile.events.data.trafficmanager.net

mobile.events.data.trafficmanager.net

IN CNAME

onedscolprdwus01.westus.cloudapp.azure.com

onedscolprdwus01.westus.cloudapp.azure.com

IN A

20.189.173.2
DNS

aka.ms

Request

aka.ms

IN A

Response

aka.ms

IN A

104.72.73.152
POST

https://mobile.events.data.microsoft.com/OneCollector/1.0

Request

POST /OneCollector/1.0 HTTP/1.1
Host: mobile.events.data.microsoft.com
x-apikey: 0c6ae279ed8443289764825290e4f9e2-1a736e7c-1324-4338-be46-fc2a58ae4d14-7255
sdk-version: VSTelemetryAPI
NoResponseBody: false
Connection: Keep-Alive
Content-Type: application/x-json-stream; charset=utf-8
Content-Encoding: gzip
Content-Length: 6242

Response

HTTP/1.1 200 OK

Content-Length: 10
Content-Type: application/json
Server: Microsoft-HTTPAPI/2.0
Strict-Transport-Security: max-age=31536000
time-delta-millis: 61612
Access-Control-Allow-Headers: time-delta-millis
Access-Control-Allow-Methods: POST
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: time-delta-millis
Date: Thu, 16 Jan 2025 18:53:01 GMT
POST

https://mobile.events.data.microsoft.com/OneCollector/1.0

Request

POST /OneCollector/1.0 HTTP/1.1
Host: mobile.events.data.microsoft.com
x-apikey: 0c6ae279ed8443289764825290e4f9e2-1a736e7c-1324-4338-be46-fc2a58ae4d14-7255
sdk-version: VSTelemetryAPI
NoResponseBody: false
Connection: Keep-Alive
Content-Type: application/x-json-stream; charset=utf-8
Content-Encoding: gzip
Content-Length: 2176

Response

HTTP/1.1 200 OK

Content-Length: 9
Content-Type: application/json
Server: Microsoft-HTTPAPI/2.0
Strict-Transport-Security: max-age=31536000
time-delta-millis: 11215
Access-Control-Allow-Headers: time-delta-millis
Access-Control-Allow-Methods: POST
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: time-delta-millis
Date: Thu, 16 Jan 2025 18:53:11 GMT
POST

https://mobile.events.data.microsoft.com/OneCollector/1.0

Request

POST /OneCollector/1.0 HTTP/1.1
Host: mobile.events.data.microsoft.com
x-apikey: 0c6ae279ed8443289764825290e4f9e2-1a736e7c-1324-4338-be46-fc2a58ae4d14-7255
sdk-version: VSTelemetryAPI
NoResponseBody: false
Connection: Keep-Alive
Content-Type: application/x-json-stream; charset=utf-8
Content-Encoding: gzip
Content-Length: 3761

Response

HTTP/1.1 200 OK

Content-Length: 10
Content-Type: application/json
Server: Microsoft-HTTPAPI/2.0
Strict-Transport-Security: max-age=31536000
time-delta-millis: 17859
Access-Control-Allow-Headers: time-delta-millis
Access-Control-Allow-Methods: POST
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: time-delta-millis
Date: Thu, 16 Jan 2025 18:53:21 GMT
POST

https://mobile.events.data.microsoft.com/OneCollector/1.0

Request

POST /OneCollector/1.0 HTTP/1.1
Host: mobile.events.data.microsoft.com
x-apikey: 0c6ae279ed8443289764825290e4f9e2-1a736e7c-1324-4338-be46-fc2a58ae4d14-7255
sdk-version: VSTelemetryAPI
NoResponseBody: false
Connection: Keep-Alive
Content-Type: application/x-json-stream; charset=utf-8
Content-Encoding: gzip
Content-Length: 1519

Response

HTTP/1.1 200 OK

Content-Length: 9
Content-Type: application/json
Server: Microsoft-HTTPAPI/2.0
Strict-Transport-Security: max-age=31536000
time-delta-millis: 26664
Access-Control-Allow-Headers: time-delta-millis
Access-Control-Allow-Methods: POST
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: time-delta-millis
Date: Thu, 16 Jan 2025 18:53:33 GMT
POST

https://mobile.events.data.microsoft.com/OneCollector/1.0

Request

POST /OneCollector/1.0 HTTP/1.1
Host: mobile.events.data.microsoft.com
x-apikey: 0c6ae279ed8443289764825290e4f9e2-1a736e7c-1324-4338-be46-fc2a58ae4d14-7255
sdk-version: VSTelemetryAPI
NoResponseBody: false
Connection: Keep-Alive
Content-Type: application/x-json-stream; charset=utf-8
Content-Encoding: gzip
Content-Length: 5573

Response

HTTP/1.1 200 OK

Content-Length: 10
Content-Type: application/json
Server: Microsoft-HTTPAPI/2.0
Strict-Transport-Security: max-age=31536000
time-delta-millis: 19278
Access-Control-Allow-Headers: time-delta-millis
Access-Control-Allow-Methods: POST
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: time-delta-millis
Date: Thu, 16 Jan 2025 18:53:35 GMT
POST

https://mobile.events.data.microsoft.com/OneCollector/1.0

Request

POST /OneCollector/1.0 HTTP/1.1
Host: mobile.events.data.microsoft.com
x-apikey: 0c6ae279ed8443289764825290e4f9e2-1a736e7c-1324-4338-be46-fc2a58ae4d14-7255
sdk-version: VSTelemetryAPI
NoResponseBody: false
Connection: Keep-Alive
Content-Type: application/x-json-stream; charset=utf-8
Content-Encoding: gzip
Content-Length: 1137

Response

HTTP/1.1 200 OK

Content-Length: 9
Content-Type: application/json
Server: Microsoft-HTTPAPI/2.0
Strict-Transport-Security: max-age=31536000
time-delta-millis: 52501
Access-Control-Allow-Headers: time-delta-millis
Access-Control-Allow-Methods: POST
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: time-delta-millis
Date: Thu, 16 Jan 2025 18:53:53 GMT
POST

https://mobile.events.data.microsoft.com/OneCollector/1.0

Request

POST /OneCollector/1.0 HTTP/1.1
Host: mobile.events.data.microsoft.com
x-apikey: 0c6ae279ed8443289764825290e4f9e2-1a736e7c-1324-4338-be46-fc2a58ae4d14-7255
sdk-version: VSTelemetryAPI
NoResponseBody: false
Connection: Keep-Alive
Content-Type: application/x-json-stream; charset=utf-8
Content-Encoding: gzip
Content-Length: 1151

Response

HTTP/1.1 200 OK

Content-Length: 9
Content-Type: application/json
Server: Microsoft-HTTPAPI/2.0
Strict-Transport-Security: max-age=31536000
time-delta-millis: 26781
Access-Control-Allow-Headers: time-delta-millis
Access-Control-Allow-Methods: POST
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: time-delta-millis
Date: Thu, 16 Jan 2025 18:54:33 GMT
GET

https://aka.ms/vstelemetry/pub/Default/v2/dyntelconfig.json

Request

GET /vstelemetry/pub/Default/v2/dyntelconfig.json HTTP/1.1
Host: aka.ms
Connection: Keep-Alive
Accept-Encoding: gzip, deflate

Response

HTTP/1.1 301 Moved Permanently

Content-Length: 0
Server: Kestrel
Location: https://vsdyntel-mscdn-crdedkcgdmafc8fj.b01.azurefd.net/pub/Default/v2/dyntelconfig.json
Request-Context: appId=cid-v1:d94c0f68-64bf-4036-8409-a0e761bb7ee1
X-Response-Cache-Status: True
Expires: Thu, 16 Jan 2025 18:53:00 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Thu, 16 Jan 2025 18:53:00 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
GET

https://aka.ms/vssettings/pub/RemoteSettings/Default.json

Request

GET /vssettings/pub/RemoteSettings/Default.json HTTP/1.1
Host: aka.ms
Connection: Keep-Alive
Accept-Encoding: gzip, deflate

Response

HTTP/1.1 301 Moved Permanently

Content-Length: 0
Server: Kestrel
Location: https://vssettings-mscdn-g9f2agc5atd3g4dh.b01.azurefd.net/pub/RemoteSettings/Default.json
Request-Context: appId=cid-v1:d94c0f68-64bf-4036-8409-a0e761bb7ee1
X-Response-Cache-Status: True
Expires: Thu, 16 Jan 2025 18:53:00 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Thu, 16 Jan 2025 18:53:00 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
DNS

u.clarity.ms

Request

u.clarity.ms

IN A

Response

u.clarity.ms

IN CNAME

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com

IN A

4.227.249.197
DNS

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com

Request

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com

IN A

Response

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com

IN A

4.227.249.197
POST

https://u.clarity.ms/collect

Request

POST /collect HTTP/1.1
Host: u.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
Accept: application/x-clarity-gzip
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Length: 2279
Origin: https://visualstudio.microsoft.com
Connection: keep-alive
Referer: https://visualstudio.microsoft.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

Response

HTTP/1.1 400 Bad Request

Server: nginx
Date: Thu, 16 Jan 2025 18:53:00 GMT
Content-Length: 0
Connection: keep-alive
POST

https://u.clarity.ms/collect

Request

POST /collect HTTP/1.1
Host: u.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 18476
Origin: https://visualstudio.microsoft.com
Connection: keep-alive
Referer: https://visualstudio.microsoft.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

Response

HTTP/1.1 400 Bad Request

Server: nginx
Date: Thu, 16 Jan 2025 18:53:01 GMT
Content-Length: 0
Connection: keep-alive
POST

https://u.clarity.ms/collect

Request

POST /collect HTTP/1.1
Host: u.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 18476
Origin: https://visualstudio.microsoft.com
Connection: keep-alive
Referer: https://visualstudio.microsoft.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

Response

HTTP/1.1 400 Bad Request

Server: nginx
Date: Thu, 16 Jan 2025 18:53:01 GMT
Content-Length: 0
Connection: keep-alive
POST

https://u.clarity.ms/collect

Request

POST /collect HTTP/1.1
Host: u.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 233
Origin: https://visualstudio.microsoft.com
Connection: keep-alive
Referer: https://visualstudio.microsoft.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

Response

HTTP/1.1 400 Bad Request

Server: nginx
Date: Thu, 16 Jan 2025 18:53:01 GMT
Content-Length: 0
Connection: keep-alive
DNS

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com

Request

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com

IN AAAA

Response
GET

https://aka.ms/vstelemetry/pub/Default/v2/dyntelconfig.json

Request

GET /vstelemetry/pub/Default/v2/dyntelconfig.json HTTP/1.1
Host: aka.ms
Connection: Keep-Alive
Accept-Encoding: gzip, deflate

Response

HTTP/1.1 301 Moved Permanently

Content-Length: 0
Server: Kestrel
Location: https://vsdyntel-mscdn-crdedkcgdmafc8fj.b01.azurefd.net/pub/Default/v2/dyntelconfig.json
Request-Context: appId=cid-v1:d94c0f68-64bf-4036-8409-a0e761bb7ee1
X-Response-Cache-Status: True
Expires: Thu, 16 Jan 2025 18:53:01 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Thu, 16 Jan 2025 18:53:01 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
GET

https://aka.ms/vstelemetry/pub/Default/v2/dyntelconfig.json

Request

GET /vstelemetry/pub/Default/v2/dyntelconfig.json HTTP/1.1
Host: aka.ms
Connection: Keep-Alive
Accept-Encoding: gzip, deflate

Response

HTTP/1.1 301 Moved Permanently

Content-Length: 0
Server: Kestrel
Location: https://vsdyntel-mscdn-crdedkcgdmafc8fj.b01.azurefd.net/pub/Default/v2/dyntelconfig.json
Request-Context: appId=cid-v1:d94c0f68-64bf-4036-8409-a0e761bb7ee1
X-Response-Cache-Status: True
Expires: Thu, 16 Jan 2025 18:53:07 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Thu, 16 Jan 2025 18:53:07 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
DNS

vssettings-mscdn-g9f2agc5atd3g4dh.b01.azurefd.net

Request

vssettings-mscdn-g9f2agc5atd3g4dh.b01.azurefd.net

IN A

Response

vssettings-mscdn-g9f2agc5atd3g4dh.b01.azurefd.net

IN CNAME

shed.dual-low.s-part-0036.t-0009.t-msedge.net

shed.dual-low.s-part-0036.t-0009.t-msedge.net

IN CNAME

s-part-0036.t-0009.t-msedge.net

s-part-0036.t-0009.t-msedge.net

IN A

13.107.246.64
DNS

vssettings-mscdn-g9f2agc5atd3g4dh.b01.azurefd.net

Request

vssettings-mscdn-g9f2agc5atd3g4dh.b01.azurefd.net

IN A

Response

vssettings-mscdn-g9f2agc5atd3g4dh.b01.azurefd.net

IN CNAME

shed.dual-low.s-part-0036.t-0009.t-msedge.net

shed.dual-low.s-part-0036.t-0009.t-msedge.net

IN CNAME

s-part-0036.t-0009.t-msedge.net

s-part-0036.t-0009.t-msedge.net

IN A

13.107.246.64
DNS

targetednotifications-tm.trafficmanager.net

Request

targetednotifications-tm.trafficmanager.net

IN A

Response

targetednotifications-tm.trafficmanager.net

IN CNAME

tn-api-prod-southcentralus.azurewebsites.net

tn-api-prod-southcentralus.azurewebsites.net

IN CNAME

waws-prod-sn1-111.sip.azurewebsites.windows.net

waws-prod-sn1-111.sip.azurewebsites.windows.net

IN CNAME

waws-prod-sn1-111.southcentralus.cloudapp.azure.com

waws-prod-sn1-111.southcentralus.cloudapp.azure.com

IN A

13.85.16.224
DNS

targetednotifications-tm.trafficmanager.net

Request

targetednotifications-tm.trafficmanager.net

IN A

Response

targetednotifications-tm.trafficmanager.net

IN CNAME

tn-api-prod-southcentralus.azurewebsites.net

tn-api-prod-southcentralus.azurewebsites.net

IN CNAME

waws-prod-sn1-111.sip.azurewebsites.windows.net

waws-prod-sn1-111.sip.azurewebsites.windows.net

IN CNAME

waws-prod-sn1-111.southcentralus.cloudapp.azure.com

waws-prod-sn1-111.southcentralus.cloudapp.azure.com

IN A

13.85.16.224
DNS

u.clarity.ms

Request

u.clarity.ms

IN A

Response

u.clarity.ms

IN CNAME

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com

IN A

4.227.249.197
POST

https://targetednotifications-tm.trafficmanager.net/api/values

Request

POST /api/values HTTP/1.1
Host: targetednotifications-tm.trafficmanager.net
Connection: Keep-Alive
Content-Type: application/json
Content-Length: 592

Response

HTTP/1.1 200 OK

Content-Length: 55
Content-Type: application/json; charset=utf-8
Date: Thu, 16 Jan 2025 18:53:01 GMT
Server: Microsoft-IIS/10.0
Access-Control-Expose-Headers: Request-Context
Cache-Control: no-cache
Expires: -1
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-AspNet-Version: 4.0.30319
Request-Context: appId=cid-v1:696cc391-ae63-4fbb-8162-a3ab06268d85
Arr-Disable-Session-Affinity: true
X-Content-Type-Options: nosniff
DNS

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com

Request

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com

IN A

Response

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com

IN A

4.227.249.197
DNS

76.246.100.95.in-addr.arpa

Request

76.246.100.95.in-addr.arpa

IN PTR

Response

76.246.100.95.in-addr.arpa

IN PTR

a95-100-246-76deploystaticakamaitechnologiescom
DNS

224.16.85.13.in-addr.arpa

Request

224.16.85.13.in-addr.arpa

IN PTR

Response
DNS

aka.ms

Request

aka.ms

IN A

Response

aka.ms

IN A

104.72.73.152
GET

https://aka.ms/vstelemetry/pub/Default/v2/dyntelconfig.json

Request

GET /vstelemetry/pub/Default/v2/dyntelconfig.json HTTP/1.1
Host: aka.ms
Connection: Keep-Alive
Accept-Encoding: gzip, deflate

Response

HTTP/1.1 301 Moved Permanently

Content-Length: 0
Server: Kestrel
Location: https://vsdyntel-mscdn-crdedkcgdmafc8fj.b01.azurefd.net/pub/Default/v2/dyntelconfig.json
Request-Context: appId=cid-v1:d94c0f68-64bf-4036-8409-a0e761bb7ee1
X-Response-Cache-Status: True
Expires: Thu, 16 Jan 2025 18:53:02 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Thu, 16 Jan 2025 18:53:02 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
GET

https://aka.ms/vstelemetry/pub/Default/v2/dyntelconfig.json

Request

GET /vstelemetry/pub/Default/v2/dyntelconfig.json HTTP/1.1
Host: aka.ms
Connection: Keep-Alive
Accept-Encoding: gzip, deflate

Response

HTTP/1.1 301 Moved Permanently

Content-Length: 0
Server: Kestrel
Location: https://vsdyntel-mscdn-crdedkcgdmafc8fj.b01.azurefd.net/pub/Default/v2/dyntelconfig.json
Request-Context: appId=cid-v1:d94c0f68-64bf-4036-8409-a0e761bb7ee1
X-Response-Cache-Status: True
Expires: Thu, 16 Jan 2025 18:53:02 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Thu, 16 Jan 2025 18:53:02 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
GET

https://aka.ms/vstelemetry/pub/Default/v2/dyntelconfig.json

Request

GET /vstelemetry/pub/Default/v2/dyntelconfig.json HTTP/1.1
Host: aka.ms
Connection: Keep-Alive
Accept-Encoding: gzip, deflate

Response

HTTP/1.1 301 Moved Permanently

Content-Length: 0
Server: Kestrel
Location: https://vsdyntel-mscdn-crdedkcgdmafc8fj.b01.azurefd.net/pub/Default/v2/dyntelconfig.json
Request-Context: appId=cid-v1:d94c0f68-64bf-4036-8409-a0e761bb7ee1
X-Response-Cache-Status: True
Expires: Thu, 16 Jan 2025 18:53:02 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Thu, 16 Jan 2025 18:53:02 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
GET

https://aka.ms/vstelemetry/pub/Default/v2/dyntelconfig.json

Request

GET /vstelemetry/pub/Default/v2/dyntelconfig.json HTTP/1.1
Host: aka.ms
Connection: Keep-Alive
Accept-Encoding: gzip, deflate

Response

HTTP/1.1 301 Moved Permanently

Content-Length: 0
Server: Kestrel
Location: https://vsdyntel-mscdn-crdedkcgdmafc8fj.b01.azurefd.net/pub/Default/v2/dyntelconfig.json
Request-Context: appId=cid-v1:d94c0f68-64bf-4036-8409-a0e761bb7ee1
X-Response-Cache-Status: True
Expires: Thu, 16 Jan 2025 18:53:02 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Thu, 16 Jan 2025 18:53:02 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
GET

https://aka.ms/vstelemetry/pub/Default/v2/dyntelconfig.json

Request

GET /vstelemetry/pub/Default/v2/dyntelconfig.json HTTP/1.1
Host: aka.ms
Connection: Keep-Alive
Accept-Encoding: gzip, deflate

Response

HTTP/1.1 301 Moved Permanently

Content-Length: 0
Server: Kestrel
Location: https://vsdyntel-mscdn-crdedkcgdmafc8fj.b01.azurefd.net/pub/Default/v2/dyntelconfig.json
Request-Context: appId=cid-v1:d94c0f68-64bf-4036-8409-a0e761bb7ee1
X-Response-Cache-Status: True
Expires: Thu, 16 Jan 2025 18:53:02 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Thu, 16 Jan 2025 18:53:02 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
GET

https://aka.ms/vstelemetry/pub/Default/v2/dyntelconfig.json

Request

GET /vstelemetry/pub/Default/v2/dyntelconfig.json HTTP/1.1
Host: aka.ms
Connection: Keep-Alive
Accept-Encoding: gzip, deflate

Response

HTTP/1.1 301 Moved Permanently

Content-Length: 0
Server: Kestrel
Location: https://vsdyntel-mscdn-crdedkcgdmafc8fj.b01.azurefd.net/pub/Default/v2/dyntelconfig.json
Request-Context: appId=cid-v1:d94c0f68-64bf-4036-8409-a0e761bb7ee1
X-Response-Cache-Status: True
Expires: Thu, 16 Jan 2025 18:53:06 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Thu, 16 Jan 2025 18:53:06 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
GET

https://aka.ms/vstelemetry/pub/Default/v2/dyntelconfig.json

Request

GET /vstelemetry/pub/Default/v2/dyntelconfig.json HTTP/1.1
Host: aka.ms
Connection: Keep-Alive
Accept-Encoding: gzip, deflate

Response

HTTP/1.1 301 Moved Permanently

Content-Length: 0
Server: Kestrel
Location: https://vsdyntel-mscdn-crdedkcgdmafc8fj.b01.azurefd.net/pub/Default/v2/dyntelconfig.json
Request-Context: appId=cid-v1:d94c0f68-64bf-4036-8409-a0e761bb7ee1
X-Response-Cache-Status: True
Expires: Thu, 16 Jan 2025 18:53:15 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Thu, 16 Jan 2025 18:53:15 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
GET

https://aka.ms/vstelemetry/pub/Default/v2/dyntelconfig.json

Request

GET /vstelemetry/pub/Default/v2/dyntelconfig.json HTTP/1.1
Host: aka.ms
Connection: Keep-Alive
Accept-Encoding: gzip, deflate

Response

HTTP/1.1 301 Moved Permanently

Content-Length: 0
Server: Kestrel
Location: https://vsdyntel-mscdn-crdedkcgdmafc8fj.b01.azurefd.net/pub/Default/v2/dyntelconfig.json
Request-Context: appId=cid-v1:d94c0f68-64bf-4036-8409-a0e761bb7ee1
X-Response-Cache-Status: True
Expires: Thu, 16 Jan 2025 18:53:04 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Thu, 16 Jan 2025 18:53:04 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
GET

https://aka.ms/vstelemetry/pub/Default/v2/dyntelconfig.json

Request

GET /vstelemetry/pub/Default/v2/dyntelconfig.json HTTP/1.1
Host: aka.ms
Connection: Keep-Alive
Accept-Encoding: gzip, deflate

Response

HTTP/1.1 301 Moved Permanently

Content-Length: 0
Server: Kestrel
Location: https://vsdyntel-mscdn-crdedkcgdmafc8fj.b01.azurefd.net/pub/Default/v2/dyntelconfig.json
Request-Context: appId=cid-v1:d94c0f68-64bf-4036-8409-a0e761bb7ee1
X-Response-Cache-Status: True
Expires: Thu, 16 Jan 2025 18:53:08 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Thu, 16 Jan 2025 18:53:08 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
GET

https://aka.ms/vstelemetry/pub/Default/v2/dyntelconfig.json

Request

GET /vstelemetry/pub/Default/v2/dyntelconfig.json HTTP/1.1
Host: aka.ms
Connection: Keep-Alive
Accept-Encoding: gzip, deflate

Response

HTTP/1.1 301 Moved Permanently

Content-Length: 0
Server: Kestrel
Location: https://vsdyntel-mscdn-crdedkcgdmafc8fj.b01.azurefd.net/pub/Default/v2/dyntelconfig.json
Request-Context: appId=cid-v1:d94c0f68-64bf-4036-8409-a0e761bb7ee1
X-Response-Cache-Status: True
Expires: Thu, 16 Jan 2025 18:53:16 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Thu, 16 Jan 2025 18:53:16 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
DNS

westus2-0.in.applicationinsights.azure.com

Request

westus2-0.in.applicationinsights.azure.com

IN A

Response

westus2-0.in.applicationinsights.azure.com

IN CNAME

westus2-0.in.ai.monitor.azure.com

westus2-0.in.ai.monitor.azure.com

IN CNAME

westus2-0.in.ai.privatelink.monitor.azure.com

westus2-0.in.ai.privatelink.monitor.azure.com

IN CNAME

gig-ai-prod-westus2-0.trafficmanager.net

gig-ai-prod-westus2-0.trafficmanager.net

IN CNAME

gig-ai-prod-wus2-02-app-v4-tag.westus2.cloudapp.azure.com

gig-ai-prod-wus2-02-app-v4-tag.westus2.cloudapp.azure.com

IN A

20.9.155.150
GET

https://aka.ms/vssettings/pub/RemoteSettings/Default.json

Request

GET /vssettings/pub/RemoteSettings/Default.json HTTP/1.1
Host: aka.ms
Connection: Keep-Alive
Accept-Encoding: gzip, deflate

Response

HTTP/1.1 301 Moved Permanently

Content-Length: 0
Server: Kestrel
Location: https://vssettings-mscdn-g9f2agc5atd3g4dh.b01.azurefd.net/pub/RemoteSettings/Default.json
Request-Context: appId=cid-v1:d94c0f68-64bf-4036-8409-a0e761bb7ee1
X-Response-Cache-Status: True
Expires: Thu, 16 Jan 2025 18:53:10 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Thu, 16 Jan 2025 18:53:10 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
DNS

vssettings-mscdn-g9f2agc5atd3g4dh.b01.azurefd.net

Request

vssettings-mscdn-g9f2agc5atd3g4dh.b01.azurefd.net

IN A

Response

vssettings-mscdn-g9f2agc5atd3g4dh.b01.azurefd.net

IN CNAME

shed.dual-low.s-part-0036.t-0009.t-msedge.net

shed.dual-low.s-part-0036.t-0009.t-msedge.net

IN CNAME

s-part-0036.t-0009.t-msedge.net

s-part-0036.t-0009.t-msedge.net

IN A

13.107.246.64
GET

https://aka.ms/vstelemetry/pub/Default/v2/dyntelconfig.json

Request

GET /vstelemetry/pub/Default/v2/dyntelconfig.json HTTP/1.1
Host: aka.ms
Connection: Keep-Alive
Accept-Encoding: gzip, deflate

Response

HTTP/1.1 301 Moved Permanently

Content-Length: 0
Server: Kestrel
Location: https://vsdyntel-mscdn-crdedkcgdmafc8fj.b01.azurefd.net/pub/Default/v2/dyntelconfig.json
Request-Context: appId=cid-v1:d94c0f68-64bf-4036-8409-a0e761bb7ee1
X-Response-Cache-Status: True
Expires: Thu, 16 Jan 2025 18:53:12 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Thu, 16 Jan 2025 18:53:12 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
DNS

vsdyntel-mscdn-crdedkcgdmafc8fj.b01.azurefd.net

Request

vsdyntel-mscdn-crdedkcgdmafc8fj.b01.azurefd.net

IN A

Response

vsdyntel-mscdn-crdedkcgdmafc8fj.b01.azurefd.net

IN CNAME

shed.dual-low.s-part-0036.t-0009.t-msedge.net

shed.dual-low.s-part-0036.t-0009.t-msedge.net

IN CNAME

s-part-0036.t-0009.t-msedge.net

s-part-0036.t-0009.t-msedge.net

IN A

13.107.246.64
DNS

mobile.events.data.microsoft.com

Request

mobile.events.data.microsoft.com

IN A
DNS

mobile.events.data.microsoft.com

Request

mobile.events.data.microsoft.com

IN Unknown
DNS

mobile.events.data.microsoft.com

Request

mobile.events.data.microsoft.com

IN A

Response

mobile.events.data.microsoft.com

IN CNAME

mobile.events.data.trafficmanager.net

mobile.events.data.trafficmanager.net

IN CNAME

onedscolprdfrc04.francecentral.cloudapp.azure.com

onedscolprdfrc04.francecentral.cloudapp.azure.com

IN A

51.11.192.50
DNS

mobile.events.data.microsoft.com

Request

mobile.events.data.microsoft.com

IN Unknown
DNS

mobile.events.data.microsoft.com

Request

mobile.events.data.microsoft.com

IN A

Response

mobile.events.data.microsoft.com

IN CNAME

mobile.events.data.trafficmanager.net

mobile.events.data.trafficmanager.net

IN CNAME

onedscolprdwus22.westus.cloudapp.azure.com

onedscolprdwus22.westus.cloudapp.azure.com

IN A

20.189.173.17
DNS

mobile.events.data.microsoft.com

Request

mobile.events.data.microsoft.com

IN A
POST

https://mobile.events.data.microsoft.com/OneCollector/1.0

Request

POST /OneCollector/1.0 HTTP/1.1
Host: mobile.events.data.microsoft.com
x-apikey: 0c6ae279ed8443289764825290e4f9e2-1a736e7c-1324-4338-be46-fc2a58ae4d14-7255
sdk-version: VSTelemetryAPI
NoResponseBody: false
Connection: Keep-Alive
Content-Type: application/x-json-stream; charset=utf-8
Content-Encoding: gzip
Content-Length: 1905

Response

HTTP/1.1 200 OK

Content-Length: 9
Content-Type: application/json
Server: Microsoft-HTTPAPI/2.0
Strict-Transport-Security: max-age=31536000
time-delta-millis: 30591
Access-Control-Allow-Headers: time-delta-millis
Access-Control-Allow-Methods: POST
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: time-delta-millis
Date: Thu, 16 Jan 2025 18:53:46 GMT
POST

https://mobile.events.data.microsoft.com/OneCollector/1.0

Request

POST /OneCollector/1.0 HTTP/1.1
Host: mobile.events.data.microsoft.com
x-apikey: 0c6ae279ed8443289764825290e4f9e2-1a736e7c-1324-4338-be46-fc2a58ae4d14-7255
sdk-version: VSTelemetryAPI
NoResponseBody: false
Connection: Keep-Alive
Content-Type: application/x-json-stream; charset=utf-8
Content-Encoding: gzip
Content-Length: 1140

Response

HTTP/1.1 200 OK

Content-Length: 9
Content-Type: application/json
Server: Microsoft-HTTPAPI/2.0
Strict-Transport-Security: max-age=31536000
time-delta-millis: 45853
Access-Control-Allow-Headers: time-delta-millis
Access-Control-Allow-Methods: POST
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: time-delta-millis
Date: Thu, 16 Jan 2025 18:53:46 GMT
POST

https://mobile.events.data.microsoft.com/OneCollector/1.0

Request

POST /OneCollector/1.0 HTTP/1.1
Host: mobile.events.data.microsoft.com
x-apikey: 0c6ae279ed8443289764825290e4f9e2-1a736e7c-1324-4338-be46-fc2a58ae4d14-7255
sdk-version: VSTelemetryAPI
NoResponseBody: false
Connection: Keep-Alive
Content-Type: application/x-json-stream; charset=utf-8
Content-Encoding: gzip
Content-Length: 1719

Response

HTTP/1.1 200 OK

Content-Length: 9
Content-Type: application/json
Server: Microsoft-HTTPAPI/2.0
Strict-Transport-Security: max-age=31536000
time-delta-millis: 32771
Access-Control-Allow-Headers: time-delta-millis
Access-Control-Allow-Methods: POST
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: time-delta-millis
Date: Thu, 16 Jan 2025 18:53:47 GMT
DNS

17.173.189.20.in-addr.arpa

Request

17.173.189.20.in-addr.arpa

IN PTR

Response
DNS

mobile.events.data.microsoft.com

Request

mobile.events.data.microsoft.com

IN A

Response

mobile.events.data.microsoft.com

IN CNAME

mobile.events.data.trafficmanager.net

mobile.events.data.trafficmanager.net

IN CNAME

onedscolprdeus07.eastus.cloudapp.azure.com

onedscolprdeus07.eastus.cloudapp.azure.com

IN A

52.168.117.168
DNS

mobile.events.data.microsoft.com

Request

mobile.events.data.microsoft.com

IN A
DNS

mobile.events.data.microsoft.com

Request

mobile.events.data.microsoft.com

IN A
POST

https://mobile.events.data.microsoft.com/OneCollector/1.0

Request

POST /OneCollector/1.0 HTTP/1.1
Host: mobile.events.data.microsoft.com
x-apikey: 0c6ae279ed8443289764825290e4f9e2-1a736e7c-1324-4338-be46-fc2a58ae4d14-7255
sdk-version: VSTelemetryAPI
NoResponseBody: false
Connection: Keep-Alive
Content-Type: application/x-json-stream; charset=utf-8
Content-Encoding: gzip
Content-Length: 2461

Response

HTTP/1.1 200 OK

Content-Length: 10
Content-Type: application/json
Server: Microsoft-HTTPAPI/2.0
Strict-Transport-Security: max-age=31536000
time-delta-millis: 44705
Access-Control-Allow-Headers: time-delta-millis
Access-Control-Allow-Methods: POST
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: time-delta-millis
Date: Thu, 16 Jan 2025 18:53:47 GMT
DNS

168.117.168.52.in-addr.arpa

Request

168.117.168.52.in-addr.arpa

IN PTR

Response
DNS

prod.balrog.prod.cloudops.mozgcp.net

Request

prod.balrog.prod.cloudops.mozgcp.net

IN A

Response

prod.balrog.prod.cloudops.mozgcp.net

IN A

35.244.181.201
DNS

prod.balrog.prod.cloudops.mozgcp.net

Request

prod.balrog.prod.cloudops.mozgcp.net

IN AAAA

Response
DNS

prod.remote-settings.prod.webservices.mozgcp.net

Request

prod.remote-settings.prod.webservices.mozgcp.net

IN A

Response

prod.remote-settings.prod.webservices.mozgcp.net

IN A

34.149.100.209
DNS

prod.remote-settings.prod.webservices.mozgcp.net

Request

prod.remote-settings.prod.webservices.mozgcp.net

IN AAAA

Response
DNS

prod.remote-settings.prod.webservices.mozgcp.net

Request

prod.remote-settings.prod.webservices.mozgcp.net

IN AAAA
DNS

prod.content-signature-chains.prod.webservices.mozgcp.net

Request

prod.content-signature-chains.prod.webservices.mozgcp.net

IN A

Response

prod.content-signature-chains.prod.webservices.mozgcp.net

IN A

34.160.144.191
DNS

prod.content-signature-chains.prod.webservices.mozgcp.net

Request

prod.content-signature-chains.prod.webservices.mozgcp.net

IN AAAA

Response

prod.content-signature-chains.prod.webservices.mozgcp.net

IN AAAA

2600:1901:0:92a9::
DNS

aka.ms

Request

aka.ms

IN A

Response

aka.ms

IN A

23.192.18.9
DNS

aka.ms

Request

aka.ms

IN A
DNS

nav.smartscreen.microsoft.com

Request

nav.smartscreen.microsoft.com

IN A

Response

nav.smartscreen.microsoft.com

IN CNAME

prod-atm-wds-nav.trafficmanager.net

prod-atm-wds-nav.trafficmanager.net

IN CNAME

prod-agic-us-2.uksouth.cloudapp.azure.com

prod-agic-us-2.uksouth.cloudapp.azure.com

IN A

172.165.69.228
POST

https://nav.smartscreen.microsoft.com/api/browser/edge/actions

Request

POST /api/browser/edge/actions HTTP/1.1
Connection: Keep-Alive
Content-Type: application/json
Authorization: SmartScreenHash eyJhdXRoSWQiOiIzODFkZGQxZS1lNjAwLTQyZGUtOTRlZC04YzM0YmY3M2YxNmQiLCJoYXNoIjoiR0ZYcFVnOHNhUnM9Iiwia2V5IjoibTFrL3dJVjRCcG9SS3pCS2tHcTJvdz09In0=
User-Agent: SmartScreen/281479409565696
Content-Length: 1307
Host: nav.smartscreen.microsoft.com

Response

HTTP/1.1 200 OK

Date: Thu, 16 Jan 2025 18:54:21 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 193
Connection: keep-alive
Server: Kestrel
Cache-Control: max-age=0, private
Request-Context: appId=cid-v1:7f05e9f0-1fe6-401c-8ae7-2478e40e2f1e
POST

https://nav.smartscreen.microsoft.com/api/browser/edge/navigate/2

Request

POST /api/browser/edge/navigate/2 HTTP/1.1
Connection: Keep-Alive
Content-Type: application/json
Authorization: SmartScreenHash eyJhdXRoSWQiOiIzODFkZGQxZS1lNjAwLTQyZGUtOTRlZC04YzM0YmY3M2YxNmQiLCJoYXNoIjoiVmxTc3hSUE40S009Iiwia2V5IjoiMG1NWmptdnppNkxlN1dmSG00RFVMUT09In0=
User-Agent: SmartScreen/281479409565696
Content-Length: 2069
Host: nav.smartscreen.microsoft.com

Response

HTTP/1.1 200 OK

Date: Thu, 16 Jan 2025 18:54:59 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 1146
Connection: keep-alive
Server: Kestrel
Cache-Control: max-age=0, private
Request-Context: appId=cid-v1:7f05e9f0-1fe6-401c-8ae7-2478e40e2f1e
POST

https://nav.smartscreen.microsoft.com/api/browser/edge/downloadcomplete/1

Request

POST /api/browser/edge/downloadcomplete/1 HTTP/1.1
Connection: Keep-Alive
Content-Type: application/json
Authorization: SmartScreenHash eyJhdXRoSWQiOiIzODFkZGQxZS1lNjAwLTQyZGUtOTRlZC04YzM0YmY3M2YxNmQiLCJoYXNoIjoiL3V0SDQ5eFhkMGc9Iiwia2V5IjoiTXlhK2VCTWVoRXp0TnUzQTExdkhBQT09In0=
User-Agent: SmartScreen/281479409565696
Content-Length: 15971
Host: nav.smartscreen.microsoft.com

Response

HTTP/1.1 200 OK

Date: Thu, 16 Jan 2025 18:55:56 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 881
Connection: keep-alive
Server: Kestrel
Cache-Control: max-age=0, private
Request-Context: appId=cid-v1:7f05e9f0-1fe6-401c-8ae7-2478e40e2f1e
POST

https://nav.smartscreen.microsoft.com/api/browser/edge/navigate/2

Request

POST /api/browser/edge/navigate/2 HTTP/1.1
Connection: Keep-Alive
Content-Type: application/json
Authorization: SmartScreenHash eyJhdXRoSWQiOiIzODFkZGQxZS1lNjAwLTQyZGUtOTRlZC04YzM0YmY3M2YxNmQiLCJoYXNoIjoibTNvR3hTbG9xYlk9Iiwia2V5IjoiZTZhRTBVUUYydnBkb01ETmZCa3g1UT09In0=
User-Agent: SmartScreen/281479409565696
Content-Length: 1686
Host: nav.smartscreen.microsoft.com

Response

HTTP/1.1 200 OK

Date: Thu, 16 Jan 2025 18:54:22 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 789
Connection: keep-alive
Server: Kestrel
Cache-Control: max-age=0, private
Request-Context: appId=cid-v1:7f05e9f0-1fe6-401c-8ae7-2478e40e2f1e
POST

https://nav.smartscreen.microsoft.com/api/browser/edge/download/2

Request

POST /api/browser/edge/download/2 HTTP/1.1
Connection: Keep-Alive
Content-Type: application/json
Authorization: SmartScreenHash eyJhdXRoSWQiOiIzODFkZGQxZS1lNjAwLTQyZGUtOTRlZC04YzM0YmY3M2YxNmQiLCJoYXNoIjoiSWRmRkpRNjBBQzQ9Iiwia2V5IjoicVBDTnhZQ3l1YzJiRkdEZ0Y0RWxXUT09In0=
User-Agent: SmartScreen/281479409565696
Content-Length: 1886
Host: nav.smartscreen.microsoft.com

Response

HTTP/1.1 200 OK

Date: Thu, 16 Jan 2025 18:55:02 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 1061
Connection: keep-alive
Server: Kestrel
Cache-Control: max-age=0, private
Request-Context: appId=cid-v1:7f05e9f0-1fe6-401c-8ae7-2478e40e2f1e
GET

https://aka.ms/dotnet/download

Request

GET /dotnet/download HTTP/1.1
Host: aka.ms
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
DNT: 1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 301 Moved Permanently

Content-Length: 0
Server: Kestrel
Location: https://dotnet.microsoft.com/download/dotnet?cid=getdotnetcorecli
Request-Context: appId=cid-v1:d94c0f68-64bf-4036-8409-a0e761bb7ee1
X-Response-Cache-Status: True
Expires: Thu, 16 Jan 2025 18:54:22 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Thu, 16 Jan 2025 18:54:22 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
DNS

9.18.192.23.in-addr.arpa

Request

9.18.192.23.in-addr.arpa

IN PTR

Response

9.18.192.23.in-addr.arpa

IN PTR

a23-192-18-9deploystaticakamaitechnologiescom
DNS

9.18.192.23.in-addr.arpa

Request

9.18.192.23.in-addr.arpa

IN PTR
DNS

9.18.192.23.in-addr.arpa

Request

9.18.192.23.in-addr.arpa

IN PTR
DNS

9.18.192.23.in-addr.arpa

Request

9.18.192.23.in-addr.arpa

IN PTR
DNS

dotnet.microsoft.com

Request

dotnet.microsoft.com

IN A

Response

dotnet.microsoft.com

IN CNAME

dotnetwebsite.azurefd.net

dotnetwebsite.azurefd.net

IN CNAME

firstparty-azurefd-prod.trafficmanager.net

firstparty-azurefd-prod.trafficmanager.net

IN CNAME

shed.dual-low.s-part-0036.t-0009.t-msedge.net

shed.dual-low.s-part-0036.t-0009.t-msedge.net

IN CNAME

s-part-0036.t-0009.t-msedge.net

s-part-0036.t-0009.t-msedge.net

IN A

13.107.246.64
DNS

dotnet.microsoft.com

Request

dotnet.microsoft.com

IN A
DNS

js.monitor.azure.com

Request

js.monitor.azure.com

IN A

Response

js.monitor.azure.com

IN CNAME

aijscdn2-bwfdfxezdubebtb0.z01.azurefd.net

aijscdn2-bwfdfxezdubebtb0.z01.azurefd.net

IN CNAME

star-azurefd-prod.trafficmanager.net

star-azurefd-prod.trafficmanager.net

IN CNAME

shed.dual-low.s-part-0036.t-0009.t-msedge.net

shed.dual-low.s-part-0036.t-0009.t-msedge.net

IN CNAME

s-part-0036.t-0009.t-msedge.net

s-part-0036.t-0009.t-msedge.net

IN A

13.107.246.64
DNS

js.monitor.azure.com

Request

js.monitor.azure.com

IN A
DNS

www.microsoft.com

Request

www.microsoft.com

IN A

Response

www.microsoft.com

IN CNAME

www.microsoft.com-c-3.edgekey.net

www.microsoft.com-c-3.edgekey.net

IN CNAME

www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net

www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net

IN CNAME

e13678.dscb.akamaiedge.net

e13678.dscb.akamaiedge.net

IN A

95.100.245.144
GET

https://www.microsoft.com/onerfstatics/marketingsites-eus-prod/west-european/shell/_scrf/css/themes=default.device=uplevel_web_pc/1b-9d8ed9/c9-be0100/a6-e969ef/43-9f2e7c/82-8b5456/a0-5d3913/52-918540/ca-ae3ce4?ver=2.0&_cf=02242021_3231

Request

GET /onerfstatics/marketingsites-eus-prod/west-european/shell/_scrf/css/themes=default.device=uplevel_web_pc/1b-9d8ed9/c9-be0100/a6-e969ef/43-9f2e7c/82-8b5456/a0-5d3913/52-918540/ca-ae3ce4?ver=2.0&_cf=02242021_3231 HTTP/2.0
host: www.microsoft.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/css,*/*;q=0.1
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: style
referer: https://dotnet.microsoft.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: text/css; charset=utf-8
last-modified: Thu, 05 Dec 2024 22:22:51 GMT
x-activity-id: ceef63eb-777b-4c20-8c43-4fb48736569e
x-appversion: 1.0.9090.33347
x-az: {did:92e7dc58ca2143cfb2c818b047cc5cd1, rid: OneDeployContainer, sn: marketingsites-prod-odwestcentralus, dt: 2018-05-03T20:14:23.4188992Z, bt: 2024-11-21T02:31:34.0000000Z}
ms-operation-id: 67e5795e2e12c90813fcf1f85ce73363
p3p: CP="CAO CONi OTR OUR DEM ONL"
x-content-type-options: nosniff
x-s1: 2024-12-05T22:22:51
x-s2: 2024-12-05T22:22:51
timing-allow-origin: *
access-control-allow-origin: *
access-control-allow-methods: HEAD,GET,POST,PATCH,PUT,OPTIONS
x-xss-protection: 1; mode=block
x-azure-ref: 20241205T230958Z-er1bd968f9clxgzshC1LONkw7g00000001zg000000010nxt
accept-ranges: bytes
content-encoding: gzip
content-length: 22805
cache-control: public, max-age=27919761
expires: Fri, 05 Dec 2025 22:23:46 GMT
date: Thu, 16 Jan 2025 18:54:25 GMT
vary: Accept-Encoding
tls_version: tls1.3
strict-transport-security: max-age=31536000
ms-cv: CASMicrosoftCV18862578.0
ms-cv-esi: CASMicrosoftCV18862578.0
x-rtag: RT
GET

https://www.microsoft.com/onerfstatics/marketingsites-eus-prod/shell/_scrf/js/themes=default/54-af9f9f/d4-fb1f57/e1-a50eee/e7-954872/d8-97d509/f0-251fe2/46-be1318/77-04a268/11-240c7b/63-077520/a4-34de62/f9-a5b2ce/db-bc0148/dc-7e9864/6d-c07ea1/6f-dafe8c/f6-aa5278/73-a24d00/6d-1e7ed0/b7-cadaa7/c4-898cf2/ca-40b7b0/4e-ee3a55/3e-f5c39b/c3-6454d7/f9-7592d3/d0-e64f3e/92-10345d/79-499886/7e-cda2d3/58-ab4971/74-d51c79/e0-3c9860/de-884374/1f-100dea/33-abe4df/2b-8e0ae6?ver=2.0&_cf=02242021_3231&iife=1

Request

GET /onerfstatics/marketingsites-eus-prod/shell/_scrf/js/themes=default/54-af9f9f/d4-fb1f57/e1-a50eee/e7-954872/d8-97d509/f0-251fe2/46-be1318/77-04a268/11-240c7b/63-077520/a4-34de62/f9-a5b2ce/db-bc0148/dc-7e9864/6d-c07ea1/6f-dafe8c/f6-aa5278/73-a24d00/6d-1e7ed0/b7-cadaa7/c4-898cf2/ca-40b7b0/4e-ee3a55/3e-f5c39b/c3-6454d7/f9-7592d3/d0-e64f3e/92-10345d/79-499886/7e-cda2d3/58-ab4971/74-d51c79/e0-3c9860/de-884374/1f-100dea/33-abe4df/2b-8e0ae6?ver=2.0&_cf=02242021_3231&iife=1 HTTP/2.0
host: www.microsoft.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://dotnet.microsoft.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: text/javascript; charset=utf-8
last-modified: Thu, 05 Dec 2024 22:20:19 GMT
x-activity-id: 5808f47d-5af0-468a-9a30-fb51f9fcbf96
x-appversion: 1.0.9090.33347
x-az: {did:92e7dc58ca2143cfb2c818b047cc5cd1, rid: OneDeployContainer, sn: marketingsites-prod-odwestcentralus, dt: 2018-05-03T20:14:23.4188992Z, bt: 2024-11-21T02:31:34.0000000Z}
ms-operation-id: e1ce70ed9f8126eb60407fc78ed39ce8
p3p: CP="CAO CONi OTR OUR DEM ONL"
x-content-type-options: nosniff
x-s1: 2024-12-05T22:20:19
x-s2: 2024-12-05T22:20:19
timing-allow-origin: *
access-control-allow-origin: *
access-control-allow-methods: HEAD,GET,POST,PATCH,PUT,OPTIONS
x-xss-protection: 1; mode=block
x-azure-ref: 20241205T230537Z-er1bd968f9cq5llbhC1LONcy8w00000005p000000000xyw8
accept-ranges: bytes
content-encoding: gzip
content-length: 36170
cache-control: public, max-age=27919503
expires: Fri, 05 Dec 2025 22:19:31 GMT
date: Thu, 16 Jan 2025 18:54:28 GMT
vary: Accept-Encoding
tls_version: tls1.3
strict-transport-security: max-age=31536000
ms-cv: CASMicrosoftCV18863336.0
ms-cv-esi: CASMicrosoftCV18863336.0
x-rtag: RT
DNS

wcpstatic.microsoft.com

Request

wcpstatic.microsoft.com

IN A

Response

wcpstatic.microsoft.com

IN CNAME

consentdeliveryfd.azurefd.net

consentdeliveryfd.azurefd.net

IN CNAME

firstparty-azurefd-prod.trafficmanager.net

firstparty-azurefd-prod.trafficmanager.net

IN CNAME

shed.dual-low.s-part-0036.t-0009.t-msedge.net

shed.dual-low.s-part-0036.t-0009.t-msedge.net

IN CNAME

s-part-0036.t-0009.t-msedge.net

s-part-0036.t-0009.t-msedge.net

IN A

13.107.246.64
DNS

cdn-dynmedia-1.microsoft.com

Request

cdn-dynmedia-1.microsoft.com

IN A

Response

cdn-dynmedia-1.microsoft.com

IN CNAME

san-ion.secure4.scene7.com.edgekey.net

san-ion.secure4.scene7.com.edgekey.net

IN CNAME

e81481.dsca.akamaiedge.net

e81481.dsca.akamaiedge.net

IN A

184.28.198.208

e81481.dsca.akamaiedge.net

IN A

184.28.198.218
GET

https://cdn-dynmedia-1.microsoft.com/is/image/microsoftcorp/UHFbanner-MSlogo?fmt=png-alpha&bfc=off&qlt=100,1

Request

GET /is/image/microsoftcorp/UHFbanner-MSlogo?fmt=png-alpha&bfc=off&qlt=100,1 HTTP/2.0
host: cdn-dynmedia-1.microsoft.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://dotnet.microsoft.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

access-control-allow-origin: *
last-modified: Thu, 19 Sep 2024 03:52:00 GMT
etag: "d596565ec1f100a507cc0d5f663b6d57"
server: Unknown
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/png
content-length: 4565
expires: Fri, 17 Jan 2025 00:03:21 GMT
date: Thu, 16 Jan 2025 18:54:28 GMT
x-akamai-cache: Hit
akamai-grn: 0.ccc61cb8.1737053668.22c98410
DNS

target.microsoft.com

Request

target.microsoft.com

IN A

Response

target.microsoft.com

IN CNAME

microsoftmscompoc.tt.omtrdc.net

microsoftmscompoc.tt.omtrdc.net

IN CNAME

adobetarget.data.adobedc.net

adobetarget.data.adobedc.net

IN A

66.235.152.225

adobetarget.data.adobedc.net

IN A

66.235.152.221

adobetarget.data.adobedc.net

IN A

66.235.152.156
DNS

microsoftmscompoc.tt.omtrdc.net

Request

microsoftmscompoc.tt.omtrdc.net

IN A

Response

microsoftmscompoc.tt.omtrdc.net

IN CNAME

adobetarget.data.adobedc.net

adobetarget.data.adobedc.net

IN A

66.235.152.221

adobetarget.data.adobedc.net

IN A

66.235.152.225

adobetarget.data.adobedc.net

IN A

66.235.152.156
DNS

w.usabilla.com

Request

w.usabilla.com

IN A

Response

w.usabilla.com

IN A

52.212.10.132

w.usabilla.com

IN A

52.208.23.65

w.usabilla.com

IN A

34.248.33.110
GET

https://w.usabilla.com/71e348d38aa1.js?lv=1

Request

GET /71e348d38aa1.js?lv=1 HTTP/2.0
host: w.usabilla.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://dotnet.microsoft.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 16 Jan 2025 18:54:28 GMT
content-type: text/javascript
content-length: 11746
cache-control: public,max-age=0
content-encoding: gzip
etag: "00f759f9cb266d4b511e037df8e1189c"
pragma: no-cache
x-widget-server: 2.1
GET

https://www.microsoft.com/mwf/_h/v3.54/mwf.app/fonts/mwfmdl2-v3.54.woff

Request

GET /mwf/_h/v3.54/mwf.app/fonts/mwfmdl2-v3.54.woff HTTP/2.0
host: www.microsoft.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://dotnet.microsoft.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: font
referer: https://www.microsoft.com/onerfstatics/marketingsites-eus-prod/west-european/shell/_scrf/css/themes=default.device=uplevel_web_pc/1b-9d8ed9/c9-be0100/a6-e969ef/43-9f2e7c/82-8b5456/a0-5d3913/52-918540/ca-ae3ce4?ver=2.0&_cf=02242021_3231
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: application/font-woff
last-modified: Thu, 18 Jan 2024 19:15:17 GMT
x-activity-id: 81100bbf-4474-4741-96bd-ed084c018a2b
x-appversion: 1.0.8745.29656
x-az: {did:92e7dc58ca2143cfb2c818b047cc5cd1, rid: OneDeployContainer, sn: marketingsites-prod-odnortheurope, dt: 2018-05-03T20:14:23.4188992Z, bt: 2023-12-12T00:28:32.0000000Z}
ms-operation-id: 951dfc80b28cc641b012f6f423816fed
p3p: CP="CAO CONi OTR OUR DEM ONL"
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: HEAD,GET,POST,PATCH,PUT,OPTIONS
x-xss-protection: 1; mode=block
content-length: 26288
ak-forward-host:
ak-forward-host:
ak-forward-host:
ak-forward-host:
cache-control: public, max-age=24339708
expires: Sat, 25 Oct 2025 11:56:16 GMT
date: Thu, 16 Jan 2025 18:54:28 GMT
tls_version: tls1.3
strict-transport-security: max-age=31536000
ms-cv: CASMicrosoftCVb388e0eb.0
ms-cv-esi: CASMicrosoftCVb388e0eb.0
x-rtag: RT
DNS

crt.rootg2.amazontrust.com

Request

crt.rootg2.amazontrust.com

IN A

Response

crt.rootg2.amazontrust.com

IN A

3.164.163.87

crt.rootg2.amazontrust.com

IN A

3.164.163.59

crt.rootg2.amazontrust.com

IN A

3.164.163.127

crt.rootg2.amazontrust.com

IN A

3.164.163.90
DNS

crt.rootg2.amazontrust.com

Request

crt.rootg2.amazontrust.com

IN A

Response

crt.rootg2.amazontrust.com

IN A

3.164.163.127

crt.rootg2.amazontrust.com

IN A

3.164.163.59

crt.rootg2.amazontrust.com

IN A

3.164.163.87

crt.rootg2.amazontrust.com

IN A

3.164.163.90
GET

http://crt.rootg2.amazontrust.com/rootg2.cer

Request

GET /rootg2.cer HTTP/1.1
Connection: Keep-Alive
Accept: */*
User-Agent: Microsoft-CryptoAPI/10.0
Host: crt.rootg2.amazontrust.com

Response

HTTP/1.1 200 OK

Content-Type: binary/octet-stream
Content-Length: 1145
Connection: keep-alive
Last-Modified: Tue, 07 Jan 2025 14:19:51 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: __nkkvrUd91hvvE1i0oKHwwDOJeuANAS
Accept-Ranges: bytes
Server: AmazonS3
Date: Thu, 16 Jan 2025 15:52:07 GMT
ETag: "c6150925cfea5941ddc7ff2a0a506692"
X-Cache: Hit from cloudfront
Via: 1.1 1c1d512354972cc42a652b20e307f0de.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: CDG55-P3
X-Amz-Cf-Id: jA4MG1NSRH_M9FDfohxxY7sUDZbWv33NSxBK6_rbpqHlOB142C7t4A==
Age: 10942
DNS

westus2-0.in.applicationinsights.azure.com

Request

westus2-0.in.applicationinsights.azure.com

IN A

Response

westus2-0.in.applicationinsights.azure.com

IN CNAME

westus2-0.in.ai.monitor.azure.com

westus2-0.in.ai.monitor.azure.com

IN CNAME

westus2-0.in.ai.privatelink.monitor.azure.com

westus2-0.in.ai.privatelink.monitor.azure.com

IN CNAME

gig-ai-prod-westus2-0.trafficmanager.net

gig-ai-prod-westus2-0.trafficmanager.net

IN CNAME

gig-ai-prod-wus2-0-app-v4-tag.westus2.cloudapp.azure.com

gig-ai-prod-wus2-0-app-v4-tag.westus2.cloudapp.azure.com

IN A

20.9.155.145
OPTIONS

https://westus2-0.in.applicationinsights.azure.com//v2/track

Request

OPTIONS //v2/track HTTP/2.0
host: westus2-0.in.applicationinsights.azure.com
accept: */*
access-control-request-method: POST
access-control-request-headers: content-type
origin: https://dotnet.microsoft.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-fetch-mode: cors
sec-fetch-site: cross-site
sec-fetch-dest: empty
referer: https://dotnet.microsoft.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 204

server: Microsoft-HTTPAPI/2.0
strict-transport-security: max-age=31536000
access-control-allow-origin: *
access-control-allow-headers: Origin,X-Requested-With,Content-Name,Content-Type,Accept,Cache-Control,Sdk-Context,X-Set-Cross-Origin-Resource-Policy,Content-Encoding
access-control-allow-methods: POST
access-control-max-age: 3600
date: Thu, 16 Jan 2025 18:54:28 GMT
POST

https://westus2-0.in.applicationinsights.azure.com//v2/track

Request

POST //v2/track HTTP/2.0
host: westus2-0.in.applicationinsights.azure.com
content-length: 2483
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: application/json
accept: */*
origin: https://dotnet.microsoft.com
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://dotnet.microsoft.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: application/json; charset=utf-8
server: Microsoft-HTTPAPI/2.0
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
access-control-allow-origin: *
date: Thu, 16 Jan 2025 18:54:29 GMT
POST

https://westus2-0.in.applicationinsights.azure.com//v2/track

Request

POST //v2/track HTTP/2.0
host: westus2-0.in.applicationinsights.azure.com
content-length: 2595
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: application/json
accept: */*
origin: https://dotnet.microsoft.com
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://dotnet.microsoft.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: application/json; charset=utf-8
server: Microsoft-HTTPAPI/2.0
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
access-control-allow-origin: *
date: Thu, 16 Jan 2025 18:54:33 GMT
DNS

d6tizftlrpuof.cloudfront.net

Request

d6tizftlrpuof.cloudfront.net

IN A

Response

d6tizftlrpuof.cloudfront.net

IN A

3.165.112.28

d6tizftlrpuof.cloudfront.net

IN A

3.165.112.206

d6tizftlrpuof.cloudfront.net

IN A

3.165.112.207

d6tizftlrpuof.cloudfront.net

IN A

3.165.112.147
DNS

208.198.28.184.in-addr.arpa

Request

208.198.28.184.in-addr.arpa

IN PTR

Response

208.198.28.184.in-addr.arpa

IN PTR

a184-28-198-208deploystaticakamaitechnologiescom
DNS

87.163.164.3.in-addr.arpa

Request

87.163.164.3.in-addr.arpa

IN PTR

Response

87.163.164.3.in-addr.arpa

IN PTR

server-3-164-163-87cdg55r cloudfrontnet
DNS

50.201.222.52.in-addr.arpa

Request

50.201.222.52.in-addr.arpa

IN PTR

Response

50.201.222.52.in-addr.arpa

IN PTR

server-52-222-201-50cdg50r cloudfrontnet
GET

https://d6tizftlrpuof.cloudfront.net/themes/production/microsoft-net-button-bd8edd6aee4a2cdd05bc7f6ed668f1d6.png

Request

GET /themes/production/microsoft-net-button-bd8edd6aee4a2cdd05bc7f6ed668f1d6.png HTTP/1.1
Host: d6tizftlrpuof.cloudfront.net
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://dotnet.microsoft.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Type: image/png
Content-Length: 2174
Connection: keep-alive
Date: Tue, 10 Dec 2024 19:57:04 GMT
Last-Modified: Fri, 02 Dec 2022 15:04:46 GMT
ETag: "bd8edd6aee4a2cdd05bc7f6ed668f1d6"
x-amz-server-side-encryption: AES256
Cache-Control: max-age=315360000, no-transform, public
x-amz-version-id: V20rrCmiFxceoks5UsO5QxekQ_Hunnz_
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Hit from cloudfront
Via: 1.1 43f36fe628062371b0e7725538b714ac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: CDG50-P3
X-Amz-Cf-Id: p_F05TMQG9lwz3sk-7owexGDlJOH6syrrpPbFHHnaITLrmRnsRkkdw==
Age: 3193046
DNS

28.112.165.3.in-addr.arpa

Request

28.112.165.3.in-addr.arpa

IN PTR

Response

28.112.165.3.in-addr.arpa

IN PTR

server-3-165-112-28cdg50r cloudfrontnet
DNS

browser.events.data.microsoft.com

Request

browser.events.data.microsoft.com

IN A

Response

browser.events.data.microsoft.com

IN CNAME

browser.events.data.trafficmanager.net

browser.events.data.trafficmanager.net

IN CNAME

onedscolprdwus15.westus.cloudapp.azure.com

onedscolprdwus15.westus.cloudapp.azure.com

IN A

20.189.173.18
OPTIONS

https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0

Request

OPTIONS /OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0 HTTP/2.0
host: browser.events.data.microsoft.com
accept: */*
access-control-request-method: POST
access-control-request-headers: apikey,cache-control,client-id,client-version,content-type,time-delta-to-apply-millis,upload-time
origin: https://dotnet.microsoft.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-fetch-mode: cors
sec-fetch-site: same-site
sec-fetch-dest: empty
referer: https://dotnet.microsoft.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, 3600
content-length: 0
server: Microsoft-HTTPAPI/2.0
strict-transport-security: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: AuthMsaDeviceTicket,AuthXToken,Content-Encoding,Content-Type,Cache-Control,Client-Id,SDK-Name,sdk-version,apikey,x-apikey,client-version,upload-time,time-delta-to-apply-millis,client-time-epoch-millis,persistence-mode,reliability-mode,NoResponseBody
access-control-max-age: 3600
access-control-allow-origin: https://dotnet.microsoft.com
date: Thu, 16 Jan 2025 18:54:31 GMT
OPTIONS

https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&ext.intweb.msfpc=GUID%3De57c52262d4948248ebd9efe1474ca47%26HASH%3De57c%26LV%3D202501%26V%3D4%26LU%3D1737053672625&w=0

Request

OPTIONS /OneCollector/1.0/?cors=true&content-type=application/x-json-stream&ext.intweb.msfpc=GUID%3De57c52262d4948248ebd9efe1474ca47%26HASH%3De57c%26LV%3D202501%26V%3D4%26LU%3D1737053672625&w=0 HTTP/2.0
host: browser.events.data.microsoft.com
accept: */*
access-control-request-method: POST
access-control-request-headers: apikey,cache-control,client-id,client-version,content-type,time-delta-to-apply-millis,upload-time
origin: https://dotnet.microsoft.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-fetch-mode: cors
sec-fetch-site: same-site
sec-fetch-dest: empty
referer: https://dotnet.microsoft.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, 3600
content-length: 0
server: Microsoft-HTTPAPI/2.0
strict-transport-security: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: AuthMsaDeviceTicket,AuthXToken,Content-Encoding,Content-Type,Cache-Control,Client-Id,SDK-Name,sdk-version,apikey,x-apikey,client-version,upload-time,time-delta-to-apply-millis,client-time-epoch-millis,persistence-mode,reliability-mode,NoResponseBody
access-control-max-age: 3600
access-control-allow-origin: https://dotnet.microsoft.com
date: Thu, 16 Jan 2025 18:54:36 GMT
POST

https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0

Request

POST /OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0 HTTP/2.0
host: browser.events.data.microsoft.com
content-length: 2430
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
upload-time: 1737053670057
dnt: 1
sec-ch-ua-mobile: ?0
client-version: 1DS-Web-JS-4.3.3
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
time-delta-to-apply-millis: use-collector-delta
content-type: application/x-json-stream
cache-control: no-cache, no-store
apikey: e3ba54439927461eaab706781b1d0014-e62140b3-6cb4-4e4d-8a44-0c1d27f9ba6e-7393
client-id: NO_AUTH
accept: */*
origin: https://dotnet.microsoft.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://dotnet.microsoft.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 153
content-type: application/json
server: Microsoft-HTTPAPI/2.0
strict-transport-security: max-age=31536000
p3p: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
set-cookie: MC1=GUID=cc3441a8a2714f8896113e3739658dab&HASH=cc34&LV=202501&V=4&LU=1737053672625; Domain=.microsoft.com; Expires=Fri, 16 Jan 2026 18:54:32 GMT; Path=/;Secure; SameSite=None
set-cookie: MS0=3b39e2d3bd17450eba65233c8d812aea; Domain=.microsoft.com; Expires=Thu, 16 Jan 2025 19:24:32 GMT; Path=/;Secure; SameSite=None
time-delta-millis: 1123
access-control-allow-headers: P3P,Set-Cookie,time-delta-millis
access-control-allow-methods: POST
access-control-allow-credentials: true
access-control-allow-origin: https://dotnet.microsoft.com
access-control-expose-headers: time-delta-millis
date: Thu, 16 Jan 2025 18:54:32 GMT
POST

https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-4.3.3&apikey=e3ba54439927461eaab706781b1d0014-e62140b3-6cb4-4e4d-8a44-0c1d27f9ba6e-7393&upload-time=1737053671502&w=0

Request

POST /OneCollector/1.0/?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-4.3.3&apikey=e3ba54439927461eaab706781b1d0014-e62140b3-6cb4-4e4d-8a44-0c1d27f9ba6e-7393&upload-time=1737053671502&w=0 HTTP/2.0
host: browser.events.data.microsoft.com
content-length: 1133
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: text/plain;charset=UTF-8
accept: */*
origin: https://dotnet.microsoft.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://dotnet.microsoft.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 153
content-type: application/json
server: Microsoft-HTTPAPI/2.0
strict-transport-security: max-age=31536000
p3p: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
set-cookie: MC1=GUID=e57c52262d4948248ebd9efe1474ca47&HASH=e57c&LV=202501&V=4&LU=1737053672625; Domain=.microsoft.com; Expires=Fri, 16 Jan 2026 18:54:32 GMT; Path=/;Secure; SameSite=None
set-cookie: MS0=3f12347a46a04d439807609c3f61c14a; Domain=.microsoft.com; Expires=Thu, 16 Jan 2025 19:24:32 GMT; Path=/;Secure; SameSite=None
time-delta-millis: 1219
access-control-allow-headers: P3P,Set-Cookie,time-delta-millis
access-control-allow-methods: POST
access-control-allow-credentials: true
access-control-allow-origin: https://dotnet.microsoft.com
access-control-expose-headers: time-delta-millis
date: Thu, 16 Jan 2025 18:54:32 GMT
POST

https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-4.3.3&apikey=e3ba54439927461eaab706781b1d0014-e62140b3-6cb4-4e4d-8a44-0c1d27f9ba6e-7393&upload-time=1737053671406&time-delta-to-apply-millis=use-collector-delta&w=0

Request

POST /OneCollector/1.0/?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-4.3.3&apikey=e3ba54439927461eaab706781b1d0014-e62140b3-6cb4-4e4d-8a44-0c1d27f9ba6e-7393&upload-time=1737053671406&time-delta-to-apply-millis=use-collector-delta&w=0 HTTP/2.0
host: browser.events.data.microsoft.com
content-length: 1294
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: text/plain;charset=UTF-8
accept: */*
origin: https://dotnet.microsoft.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://dotnet.microsoft.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 153
content-type: application/json
server: Microsoft-HTTPAPI/2.0
strict-transport-security: max-age=31536000
p3p: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
set-cookie: MC1=GUID=ee688769f07342268b621b6178da3e9a&HASH=ee68&LV=202501&V=4&LU=1737053672625; Domain=.microsoft.com; Expires=Fri, 16 Jan 2026 18:54:32 GMT; Path=/;Secure; SameSite=None
set-cookie: MS0=a49a49c7aabf4f4482861bc087acb104; Domain=.microsoft.com; Expires=Thu, 16 Jan 2025 19:24:32 GMT; Path=/;Secure; SameSite=None
time-delta-millis: 2568
access-control-allow-headers: P3P,Set-Cookie,time-delta-millis
access-control-allow-methods: POST
access-control-allow-credentials: true
access-control-allow-origin: https://dotnet.microsoft.com
access-control-expose-headers: time-delta-millis
date: Thu, 16 Jan 2025 18:54:32 GMT
POST

https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-4.3.3&apikey=e3ba54439927461eaab706781b1d0014-e62140b3-6cb4-4e4d-8a44-0c1d27f9ba6e-7393&upload-time=1737053671499&time-delta-to-apply-millis=use-collector-delta&w=0&NoResponseBody=true

Request

POST /OneCollector/1.0/?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-4.3.3&apikey=e3ba54439927461eaab706781b1d0014-e62140b3-6cb4-4e4d-8a44-0c1d27f9ba6e-7393&upload-time=1737053671499&time-delta-to-apply-millis=use-collector-delta&w=0&NoResponseBody=true HTTP/2.0
host: browser.events.data.microsoft.com
content-length: 3891
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: text/plain;charset=UTF-8
accept: */*
origin: https://dotnet.microsoft.com
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://dotnet.microsoft.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 204

content-length: 0
server: Microsoft-HTTPAPI/2.0
strict-transport-security: max-age=31536000
p3p: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
set-cookie: MC1=GUID=1647df96c9ad45f58d8bf4fb51899213&HASH=1647&LV=202501&V=4&LU=1737053672625; Domain=.microsoft.com; Expires=Fri, 16 Jan 2026 18:54:32 GMT; Path=/;Secure; SameSite=None
set-cookie: MS0=ac2be424f9e0445d81a2641452709dee; Domain=.microsoft.com; Expires=Thu, 16 Jan 2025 19:24:32 GMT; Path=/;Secure; SameSite=None
time-delta-millis: 1126
access-control-allow-headers: P3P,Set-Cookie,time-delta-millis
access-control-allow-methods: POST
access-control-allow-credentials: true
access-control-allow-origin: https://dotnet.microsoft.com
access-control-expose-headers: time-delta-millis
date: Thu, 16 Jan 2025 18:54:32 GMT
POST

https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&ext.intweb.msfpc=GUID%3De57c52262d4948248ebd9efe1474ca47%26HASH%3De57c%26LV%3D202501%26V%3D4%26LU%3D1737053672625&w=0

Request

POST /OneCollector/1.0/?cors=true&content-type=application/x-json-stream&ext.intweb.msfpc=GUID%3De57c52262d4948248ebd9efe1474ca47%26HASH%3De57c%26LV%3D202501%26V%3D4%26LU%3D1737053672625&w=0 HTTP/2.0
host: browser.events.data.microsoft.com
content-length: 2747
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
upload-time: 1737053675372
dnt: 1
sec-ch-ua-mobile: ?0
client-version: 1DS-Web-JS-4.3.3
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
time-delta-to-apply-millis: use-collector-delta
content-type: application/x-json-stream
cache-control: no-cache, no-store
apikey: e3ba54439927461eaab706781b1d0014-e62140b3-6cb4-4e4d-8a44-0c1d27f9ba6e-7393
client-id: NO_AUTH
accept: */*
origin: https://dotnet.microsoft.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://dotnet.microsoft.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: MC1=GUID=1647df96c9ad45f58d8bf4fb51899213&HASH=1647&LV=202501&V=4&LU=1737053672625
cookie: MS0=ac2be424f9e0445d81a2641452709dee

Response

HTTP/2.0 200

content-length: 24
content-type: application/json
server: Microsoft-HTTPAPI/2.0
strict-transport-security: max-age=31536000
time-delta-millis: 1582
access-control-allow-headers: time-delta-millis
access-control-allow-methods: POST
access-control-allow-credentials: true
access-control-allow-origin: https://dotnet.microsoft.com
access-control-expose-headers: time-delta-millis
date: Thu, 16 Jan 2025 18:54:36 GMT
POST

https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-4.3.3&apikey=e3ba54439927461eaab706781b1d0014-e62140b3-6cb4-4e4d-8a44-0c1d27f9ba6e-7393&upload-time=1737053676292&ext.intweb.msfpc=GUID%3De57c52262d4948248ebd9efe1474ca47%26HASH%3De57c%26LV%3D202501%26V%3D4%26LU%3D1737053672625&time-delta-to-apply-millis=1582&w=0

Request

POST /OneCollector/1.0/?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-4.3.3&apikey=e3ba54439927461eaab706781b1d0014-e62140b3-6cb4-4e4d-8a44-0c1d27f9ba6e-7393&upload-time=1737053676292&ext.intweb.msfpc=GUID%3De57c52262d4948248ebd9efe1474ca47%26HASH%3De57c%26LV%3D202501%26V%3D4%26LU%3D1737053672625&time-delta-to-apply-millis=1582&w=0 HTTP/2.0
host: browser.events.data.microsoft.com
content-length: 1709
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: text/plain;charset=UTF-8
accept: */*
origin: https://dotnet.microsoft.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://dotnet.microsoft.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: MC1=GUID=1647df96c9ad45f58d8bf4fb51899213&HASH=1647&LV=202501&V=4&LU=1737053672625
cookie: MS0=ac2be424f9e0445d81a2641452709dee

Response

HTTP/2.0 200

content-length: 24
content-type: application/json
server: Microsoft-HTTPAPI/2.0
strict-transport-security: max-age=31536000
time-delta-millis: 1069
access-control-allow-headers: time-delta-millis
access-control-allow-methods: POST
access-control-allow-credentials: true
access-control-allow-origin: https://dotnet.microsoft.com
access-control-expose-headers: time-delta-millis
date: Thu, 16 Jan 2025 18:54:37 GMT
POST

https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-4.3.3&apikey=e3ba54439927461eaab706781b1d0014-e62140b3-6cb4-4e4d-8a44-0c1d27f9ba6e-7393&upload-time=1737053676368&ext.intweb.msfpc=GUID%3De57c52262d4948248ebd9efe1474ca47%26HASH%3De57c%26LV%3D202501%26V%3D4%26LU%3D1737053672625&time-delta-to-apply-millis=1582&w=0&NoResponseBody=true

Request

POST /OneCollector/1.0/?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-4.3.3&apikey=e3ba54439927461eaab706781b1d0014-e62140b3-6cb4-4e4d-8a44-0c1d27f9ba6e-7393&upload-time=1737053676368&ext.intweb.msfpc=GUID%3De57c52262d4948248ebd9efe1474ca47%26HASH%3De57c%26LV%3D202501%26V%3D4%26LU%3D1737053672625&time-delta-to-apply-millis=1582&w=0&NoResponseBody=true HTTP/2.0
host: browser.events.data.microsoft.com
content-length: 1286
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: text/plain;charset=UTF-8
accept: */*
origin: https://dotnet.microsoft.com
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://dotnet.microsoft.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: MC1=GUID=1647df96c9ad45f58d8bf4fb51899213&HASH=1647&LV=202501&V=4&LU=1737053672625
cookie: MS0=ac2be424f9e0445d81a2641452709dee

Response

HTTP/2.0 200

content-length: 24
content-type: application/json
server: Microsoft-HTTPAPI/2.0
strict-transport-security: max-age=31536000
time-delta-millis: 2055
access-control-allow-headers: Connection,time-delta-millis
access-control-allow-methods: POST
access-control-allow-credentials: true
access-control-allow-origin: https://dotnet.microsoft.com
access-control-expose-headers: time-delta-millis
date: Thu, 16 Jan 2025 18:54:38 GMT
POST

https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-4.3.3&apikey=e3ba54439927461eaab706781b1d0014-e62140b3-6cb4-4e4d-8a44-0c1d27f9ba6e-7393&upload-time=1737053676369&ext.intweb.msfpc=GUID%3De57c52262d4948248ebd9efe1474ca47%26HASH%3De57c%26LV%3D202501%26V%3D4%26LU%3D1737053672625&time-delta-to-apply-millis=1582&w=0

Request

POST /OneCollector/1.0/?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-4.3.3&apikey=e3ba54439927461eaab706781b1d0014-e62140b3-6cb4-4e4d-8a44-0c1d27f9ba6e-7393&upload-time=1737053676369&ext.intweb.msfpc=GUID%3De57c52262d4948248ebd9efe1474ca47%26HASH%3De57c%26LV%3D202501%26V%3D4%26LU%3D1737053672625&time-delta-to-apply-millis=1582&w=0 HTTP/2.0
host: browser.events.data.microsoft.com
content-length: 1197
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: text/plain;charset=UTF-8
accept: */*
origin: https://dotnet.microsoft.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://dotnet.microsoft.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: MC1=GUID=1647df96c9ad45f58d8bf4fb51899213&HASH=1647&LV=202501&V=4&LU=1737053672625
cookie: MS0=ac2be424f9e0445d81a2641452709dee

Response

HTTP/2.0 204

content-length: 0
server: Microsoft-HTTPAPI/2.0
strict-transport-security: max-age=31536000
time-delta-millis: 1962
access-control-allow-headers: Connection,time-delta-millis
access-control-allow-methods: POST
access-control-allow-credentials: true
access-control-allow-origin: https://dotnet.microsoft.com
access-control-expose-headers: time-delta-millis
date: Thu, 16 Jan 2025 18:54:38 GMT
DNS

18.173.189.20.in-addr.arpa

Request

18.173.189.20.in-addr.arpa

IN PTR

Response
POST

https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&ext.intweb.msfpc=GUID%3De57c52262d4948248ebd9efe1474ca47%26HASH%3De57c%26LV%3D202501%26V%3D4%26LU%3D1737053672625&w=0

Request

POST /OneCollector/1.0/?cors=true&content-type=application/x-json-stream&ext.intweb.msfpc=GUID%3De57c52262d4948248ebd9efe1474ca47%26HASH%3De57c%26LV%3D202501%26V%3D4%26LU%3D1737053672625&w=0 HTTP/2.0
host: browser.events.data.microsoft.com
content-length: 1419
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
upload-time: 1737053681738
dnt: 1
sec-ch-ua-mobile: ?0
client-version: 1DS-Web-JS-4.3.3
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
time-delta-to-apply-millis: 1582
content-type: application/x-json-stream
cache-control: no-cache, no-store
apikey: e3ba54439927461eaab706781b1d0014-e62140b3-6cb4-4e4d-8a44-0c1d27f9ba6e-7393
client-id: NO_AUTH
accept: */*
origin: https://dotnet.microsoft.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://dotnet.microsoft.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: MC1=GUID=1647df96c9ad45f58d8bf4fb51899213&HASH=1647&LV=202501&V=4&LU=1737053672625
cookie: MS0=ac2be424f9e0445d81a2641452709dee

Response

HTTP/2.0 200

content-length: 24
content-type: application/json
server: Microsoft-HTTPAPI/2.0
strict-transport-security: max-age=31536000
time-delta-millis: 3306
access-control-allow-headers: time-delta-millis
access-control-allow-methods: POST
access-control-allow-credentials: true
access-control-allow-origin: https://dotnet.microsoft.com
access-control-expose-headers: time-delta-millis
date: Thu, 16 Jan 2025 18:54:44 GMT
POST

https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&ext.intweb.msfpc=GUID%3De57c52262d4948248ebd9efe1474ca47%26HASH%3De57c%26LV%3D202501%26V%3D4%26LU%3D1737053672625&w=0

Request

POST /OneCollector/1.0/?cors=true&content-type=application/x-json-stream&ext.intweb.msfpc=GUID%3De57c52262d4948248ebd9efe1474ca47%26HASH%3De57c%26LV%3D202501%26V%3D4%26LU%3D1737053672625&w=0 HTTP/2.0
host: browser.events.data.microsoft.com
content-length: 2868
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
upload-time: 1737053705740
dnt: 1
sec-ch-ua-mobile: ?0
client-version: 1DS-Web-JS-4.3.3
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
time-delta-to-apply-millis: use-collector-delta
content-type: application/x-json-stream
cache-control: no-cache, no-store
apikey: e3ba54439927461eaab706781b1d0014-e62140b3-6cb4-4e4d-8a44-0c1d27f9ba6e-7393
client-id: NO_AUTH
accept: */*
origin: https://dotnet.microsoft.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://dotnet.microsoft.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: MC1=GUID=1647df96c9ad45f58d8bf4fb51899213&HASH=1647&LV=202501&V=4&LU=1737053672625
cookie: MS0=ac2be424f9e0445d81a2641452709dee

Response

HTTP/2.0 200

content-length: 24
content-type: application/json
server: Microsoft-HTTPAPI/2.0
strict-transport-security: max-age=31536000
time-delta-millis: 1042
access-control-allow-headers: time-delta-millis
access-control-allow-methods: POST
access-control-allow-credentials: true
access-control-allow-origin: https://dotnet.microsoft.com
access-control-expose-headers: time-delta-millis
date: Thu, 16 Jan 2025 18:55:07 GMT
POST

https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&ext.intweb.msfpc=GUID%3De57c52262d4948248ebd9efe1474ca47%26HASH%3De57c%26LV%3D202501%26V%3D4%26LU%3D1737053672625&w=0

Request

POST /OneCollector/1.0/?cors=true&content-type=application/x-json-stream&ext.intweb.msfpc=GUID%3De57c52262d4948248ebd9efe1474ca47%26HASH%3De57c%26LV%3D202501%26V%3D4%26LU%3D1737053672625&w=0 HTTP/2.0
host: browser.events.data.microsoft.com
content-length: 2720
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
upload-time: 1737053707112
dnt: 1
sec-ch-ua-mobile: ?0
client-version: 1DS-Web-JS-4.3.3
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
time-delta-to-apply-millis: 1042
content-type: application/x-json-stream
cache-control: no-cache, no-store
apikey: e3ba54439927461eaab706781b1d0014-e62140b3-6cb4-4e4d-8a44-0c1d27f9ba6e-7393
client-id: NO_AUTH
accept: */*
origin: https://dotnet.microsoft.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://dotnet.microsoft.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: MC1=GUID=1647df96c9ad45f58d8bf4fb51899213&HASH=1647&LV=202501&V=4&LU=1737053672625
cookie: MS0=ac2be424f9e0445d81a2641452709dee

Response

HTTP/2.0 200

content-length: 24
content-type: application/json
server: Microsoft-HTTPAPI/2.0
strict-transport-security: max-age=31536000
time-delta-millis: 1045
access-control-allow-headers: time-delta-millis
access-control-allow-methods: POST
access-control-allow-credentials: true
access-control-allow-origin: https://dotnet.microsoft.com
access-control-expose-headers: time-delta-millis
date: Thu, 16 Jan 2025 18:55:07 GMT
DNS

mobile.events.data.microsoft.com

Request

mobile.events.data.microsoft.com

IN A

Response

mobile.events.data.microsoft.com

IN CNAME

mobile.events.data.trafficmanager.net

mobile.events.data.trafficmanager.net

IN CNAME

onedscolprdcus20.centralus.cloudapp.azure.com

onedscolprdcus20.centralus.cloudapp.azure.com

IN A

104.208.16.95
DNS

mobile.events.data.microsoft.com

Request

mobile.events.data.microsoft.com

IN Unknown

Response

mobile.events.data.microsoft.com

IN CNAME

mobile.events.data.trafficmanager.net

mobile.events.data.trafficmanager.net

IN CNAME

onedscolprdeus06.eastus.cloudapp.azure.com
POST

https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&ext.intweb.msfpc=GUID%3De57c52262d4948248ebd9efe1474ca47%26HASH%3De57c%26LV%3D202501%26V%3D4%26LU%3D1737053672625&w=0

Request

POST /OneCollector/1.0/?cors=true&content-type=application/x-json-stream&ext.intweb.msfpc=GUID%3De57c52262d4948248ebd9efe1474ca47%26HASH%3De57c%26LV%3D202501%26V%3D4%26LU%3D1737053672625&w=0 HTTP/2.0
host: browser.events.data.microsoft.com
content-length: 1419
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
upload-time: 1737053694514
dnt: 1
sec-ch-ua-mobile: ?0
client-version: 1DS-Web-JS-4.3.3
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
time-delta-to-apply-millis: 1582
content-type: application/x-json-stream
cache-control: no-cache, no-store
apikey: e3ba54439927461eaab706781b1d0014-e62140b3-6cb4-4e4d-8a44-0c1d27f9ba6e-7393
client-id: NO_AUTH
accept: */*
origin: https://dotnet.microsoft.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://dotnet.microsoft.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: MC1=GUID=1647df96c9ad45f58d8bf4fb51899213&HASH=1647&LV=202501&V=4&LU=1737053672625
cookie: MS0=ac2be424f9e0445d81a2641452709dee

Response

HTTP/2.0 200

content-length: 24
content-type: application/json
server: Microsoft-HTTPAPI/2.0
strict-transport-security: max-age=31536000
time-delta-millis: 1803
access-control-allow-headers: time-delta-millis
access-control-allow-methods: POST
access-control-allow-credentials: true
access-control-allow-origin: https://dotnet.microsoft.com
access-control-expose-headers: time-delta-millis
date: Thu, 16 Jan 2025 18:54:55 GMT
POST

https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-4.3.3&apikey=e3ba54439927461eaab706781b1d0014-e62140b3-6cb4-4e4d-8a44-0c1d27f9ba6e-7393&upload-time=1737053696680&ext.intweb.msfpc=GUID%3De57c52262d4948248ebd9efe1474ca47%26HASH%3De57c%26LV%3D202501%26V%3D4%26LU%3D1737053672625&time-delta-to-apply-millis=1582&w=0&NoResponseBody=true

Request

POST /OneCollector/1.0/?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-4.3.3&apikey=e3ba54439927461eaab706781b1d0014-e62140b3-6cb4-4e4d-8a44-0c1d27f9ba6e-7393&upload-time=1737053696680&ext.intweb.msfpc=GUID%3De57c52262d4948248ebd9efe1474ca47%26HASH%3De57c%26LV%3D202501%26V%3D4%26LU%3D1737053672625&time-delta-to-apply-millis=1582&w=0&NoResponseBody=true HTTP/2.0
host: browser.events.data.microsoft.com
content-length: 1419
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: text/plain;charset=UTF-8
accept: */*
origin: https://dotnet.microsoft.com
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://dotnet.microsoft.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: MC1=GUID=1647df96c9ad45f58d8bf4fb51899213&HASH=1647&LV=202501&V=4&LU=1737053672625
cookie: MS0=ac2be424f9e0445d81a2641452709dee

Response

HTTP/2.0 204

content-length: 0
server: Microsoft-HTTPAPI/2.0
strict-transport-security: max-age=31536000
time-delta-millis: 1059
access-control-allow-headers: time-delta-millis
access-control-allow-methods: POST
access-control-allow-credentials: true
access-control-allow-origin: https://dotnet.microsoft.com
access-control-expose-headers: time-delta-millis
date: Thu, 16 Jan 2025 18:54:56 GMT
DNS

download.visualstudio.microsoft.com

Request

download.visualstudio.microsoft.com

IN A

Response

download.visualstudio.microsoft.com

IN CNAME

sundry-f-net.trafficmanager.net

sundry-f-net.trafficmanager.net

IN CNAME

fg.microsoft.map.fastly.net

fg.microsoft.map.fastly.net

IN A

199.232.214.172

fg.microsoft.map.fastly.net

IN A

199.232.210.172
GET

https://download.visualstudio.microsoft.com/download/pr/5f46239c-783c-4d49-a4a2-cd5b0a47ec51/9b72af54efd90a3874b63e4dd43855e7/dotnet-sdk-9.0.102-win-x64.exe

Request

GET /download/pr/5f46239c-783c-4d49-a4a2-cd5b0a47ec51/9b72af54efd90a3874b63e4dd43855e7/dotnet-sdk-9.0.102-win-x64.exe HTTP/1.1
Host: download.visualstudio.microsoft.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
Upgrade-Insecure-Requests: 1
DNT: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: document
Referer: https://dotnet.microsoft.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MC1=GUID=1647df96c9ad45f58d8bf4fb51899213&HASH=1647&LV=202501&V=4&LU=1737053672625; MS0=ac2be424f9e0445d81a2641452709dee

Response

HTTP/1.1 200 OK

Connection: keep-alive
Content-Length: 222049464
Content-Type: application/octet-stream
Cache-Control: public, max-age=259200
X-Ms-ApiVersion: Distribute 1.2
X-Ms-Region: prod-eus2-z1
Content-Disposition: attachment; filename=dotnet-sdk-9.0.102-win-x64.exe; filename*=UTF-8''dotnet-sdk-9.0.102-win-x64.exe
Last-Modified: Mon, 06 Jan 2025 20:57:03 GMT
ETag: "0x35C4817C24BF9BBA9BA12F5ED2BB79BBC9DECD7C5BE016DC332C22293F59E0FE"
X-OSID: 2
Accept-Ranges: bytes
Date: Thu, 16 Jan 2025 18:55:02 GMT
Via: 1.1 varnish
Age: 171012
X-Served-By: cache-lon4223-LON
X-Cache: HIT
X-Cache-Hits: 1
X-Timer: S1737053702.219209,VS0,VE1
X-CID: 3
X-CCC: GB
DNS

172.214.232.199.in-addr.arpa

Request

172.214.232.199.in-addr.arpa

IN PTR

Response
GET

https://d6tizftlrpuof.cloudfront.net/live/scripts/campaign-include/a5f669c28be1979ab5e2785121a6e10b/v2/slideout.coffee

Request

GET /live/scripts/campaign-include/a5f669c28be1979ab5e2785121a6e10b/v2/slideout.coffee HTTP/1.1
Host: d6tizftlrpuof.cloudfront.net
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: script
Referer: https://dotnet.microsoft.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Type: text/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 28 Feb 2023 08:55:01 GMT
Content-Encoding: gzip
x-amz-server-side-encryption: AES256
x-amz-version-id: yBzJZUAtQnDOQzu0QliAA1BBM1wv9rwa
Server: AmazonS3
Date: Thu, 16 Jan 2025 03:31:21 GMT
ETag: W/"a0bbca44d6ea98453e7b1140ac61f8a0"
Vary: accept-encoding
X-Cache: Hit from cloudfront
Via: 1.1 897af4c425069108aa4e11c73221e196.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: CDG50-P3
X-Amz-Cf-Id: mB22K3kfOSwCgvo4kozQteDdZ22tm8b6by9HzIeI6zVn1JO2t-HWjQ==
Age: 55420
GET

https://d6tizftlrpuof.cloudfront.net/live/i/5b05b10e10f3d3749a56ff54/c12bb78e35a84ab0c6f6932296f17644e93b092f.html?tags=right

Request

GET /live/i/5b05b10e10f3d3749a56ff54/c12bb78e35a84ab0c6f6932296f17644e93b092f.html?tags=right HTTP/1.1
Host: d6tizftlrpuof.cloudfront.net
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
Upgrade-Insecure-Requests: 1
DNT: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://dotnet.microsoft.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Date: Thu, 02 Jan 2025 01:10:03 GMT
Last-Modified: Tue, 18 Jun 2024 22:28:34 GMT
Content-Encoding: gzip
x-amz-server-side-encryption: AES256
Cache-Control: public, max-age=86400000
x-amz-version-id: w89SFxDWQorN2wWI_XfNFtEvh2_3LC24
Server: AmazonS3
ETag: W/"313c7dbac880d707704283f453f29bbe"
Vary: accept-encoding
X-Cache: Hit from cloudfront
Via: 1.1 897af4c425069108aa4e11c73221e196.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: CDG50-P3
X-Amz-Cf-Id: gWi-tfknIvSG9bPt-77HBpo4EcPBuucDOXc6pjTrrxc_p8oVbX5JGw==
Age: 1273503
GET

https://d6tizftlrpuof.cloudfront.net/themes/production/microsoft-net-net-theme-campaign-0b982e5e3bfe6b6f78ac7f3be8f28908.css

Request

GET /themes/production/microsoft-net-net-theme-campaign-0b982e5e3bfe6b6f78ac7f3be8f28908.css HTTP/1.1
Host: d6tizftlrpuof.cloudfront.net
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: text/css,*/*;q=0.1
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: style
Referer: https://d6tizftlrpuof.cloudfront.net/live/i/5b05b10e10f3d3749a56ff54/c12bb78e35a84ab0c6f6932296f17644e93b092f.html?tags=right
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Date: Mon, 09 Dec 2024 20:02:25 GMT
Last-Modified: Tue, 23 May 2023 12:42:23 GMT
Content-Encoding: gzip
x-amz-server-side-encryption: AES256
Cache-Control: max-age=315360000, no-transform, public
x-amz-version-id: aTFgnG09CtLrRX9mSgQbSdn9bpRqOQH1
Server: AmazonS3
ETag: W/"0b982e5e3bfe6b6f78ac7f3be8f28908"
Vary: accept-encoding
X-Cache: Hit from cloudfront
Via: 1.1 897af4c425069108aa4e11c73221e196.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: CDG50-P3
X-Amz-Cf-Id: WFWV8OXhzDfqlma5Pw-Rpz4GnbDX3QfHTTxCavoZXSaTgm4yqFBQcw==
Age: 3279161
GET

https://d6tizftlrpuof.cloudfront.net/vendor/1.6.5/angular.min.js

Request

GET /vendor/1.6.5/angular.min.js HTTP/1.1
Host: d6tizftlrpuof.cloudfront.net
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: script
Referer: https://d6tizftlrpuof.cloudfront.net/live/i/5b05b10e10f3d3749a56ff54/c12bb78e35a84ab0c6f6932296f17644e93b092f.html?tags=right
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Date: Sun, 29 Sep 2024 19:59:22 GMT
Last-Modified: Mon, 15 Oct 2018 13:12:21 GMT
ETag: W/"07a72b597f2fc10d6f88c8277d903d94"
Cache-Control: public, max-age=31536000
x-amz-version-id: vcdCWXCYksVKD7G3lFwbKc37p7539vVp
Server: AmazonS3
Content-Encoding: gzip
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 897af4c425069108aa4e11c73221e196.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: CDG50-P3
X-Amz-Cf-Id: SHjUYIaNDMdfDCVtVQ8QBL98PgC8-jmjBbDjU8WJ_i6UGbQvnUXxnQ==
Age: 9413744
GET

https://d6tizftlrpuof.cloudfront.net/live/campaign/js/24a5b93b0f.poll.js

Request

GET /live/campaign/js/24a5b93b0f.poll.js HTTP/1.1
Host: d6tizftlrpuof.cloudfront.net
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: script
Referer: https://d6tizftlrpuof.cloudfront.net/live/i/5b05b10e10f3d3749a56ff54/c12bb78e35a84ab0c6f6932296f17644e93b092f.html?tags=right
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Type: text/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 15 Nov 2022 13:49:21 GMT
Content-Encoding: gzip
x-amz-server-side-encryption: AES256
x-amz-version-id: 54brC8CNx_49Yd0S04vuc7v73_5cjOtS
Server: AmazonS3
Date: Thu, 16 Jan 2025 18:09:02 GMT
Cache-Control: public, max-age=3600
ETag: W/"24a5b93b0fad21ff3ee2913dea782761"
Vary: accept-encoding
X-Cache: Hit from cloudfront
Via: 1.1 897af4c425069108aa4e11c73221e196.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: CDG50-P3
X-Amz-Cf-Id: 7pkzaut_atpqcuBIyOr-0w-I9DOK3inI0WN_1U9QJmupsUUrV591Ew==
Age: 2764
GET

https://d6tizftlrpuof.cloudfront.net/themes/production/microsoft-net-net-theme-banner-logo-url-7035f9bbfae08939ebda03d9c2cdd905.png

Request

GET /themes/production/microsoft-net-net-theme-banner-logo-url-7035f9bbfae08939ebda03d9c2cdd905.png HTTP/1.1
Host: d6tizftlrpuof.cloudfront.net
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://d6tizftlrpuof.cloudfront.net/themes/production/microsoft-net-net-theme-campaign-0b982e5e3bfe6b6f78ac7f3be8f28908.css
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Type: image/png
Content-Length: 652
Connection: keep-alive
Date: Mon, 09 Dec 2024 20:02:25 GMT
Last-Modified: Tue, 23 May 2023 12:42:21 GMT
ETag: "7035f9bbfae08939ebda03d9c2cdd905"
x-amz-server-side-encryption: AES256
Cache-Control: max-age=315360000, no-transform, public
x-amz-version-id: t4T_UvG9OYNh7ANp62YSq58oBopW7Mq.
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Hit from cloudfront
Via: 1.1 897af4c425069108aa4e11c73221e196.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: CDG50-P3
X-Amz-Cf-Id: RDNMC46YLqGibXHrLUI9ungfqc_1sL28sHkB-sYcjzpFVQc0aR2Bvg==
Age: 3279161
GET

https://d6tizftlrpuof.cloudfront.net/themes/production/microsoft-net-net-theme-sprite-dc099a08698b27538c2aab9d1a1d3ae3.png

Request

GET /themes/production/microsoft-net-net-theme-sprite-dc099a08698b27538c2aab9d1a1d3ae3.png HTTP/1.1
Host: d6tizftlrpuof.cloudfront.net
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://d6tizftlrpuof.cloudfront.net/themes/production/microsoft-net-net-theme-campaign-0b982e5e3bfe6b6f78ac7f3be8f28908.css
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Type: image/png
Content-Length: 8309
Connection: keep-alive
Date: Mon, 09 Dec 2024 20:02:25 GMT
Last-Modified: Tue, 23 May 2023 12:42:22 GMT
ETag: "dc099a08698b27538c2aab9d1a1d3ae3"
x-amz-server-side-encryption: AES256
Cache-Control: max-age=315360000, no-transform, public
x-amz-version-id: JvVam3J7bdtf5XLkSP1P4B43jmbTYS7U
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Hit from cloudfront
Via: 1.1 615aa04bf9a7e415208a596e4a0a8c28.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: CDG50-P3
X-Amz-Cf-Id: h7zIx29hwuWi4KbF-FbdkEIwDpGZJYzAmPr-5qwfIuhi-mp3NOu4tQ==
Age: 3279162
DNS

westus2-0.in.applicationinsights.azure.com

Request

westus2-0.in.applicationinsights.azure.com

IN A

Response

westus2-0.in.applicationinsights.azure.com

IN CNAME

westus2-0.in.ai.monitor.azure.com

westus2-0.in.ai.monitor.azure.com

IN CNAME

westus2-0.in.ai.privatelink.monitor.azure.com

westus2-0.in.ai.privatelink.monitor.azure.com

IN CNAME

gig-ai-prod-westus2-0.trafficmanager.net

gig-ai-prod-westus2-0.trafficmanager.net

IN CNAME

gig-ai-prod-wus2-01-app-v4-tag.westus2.cloudapp.azure.com

gig-ai-prod-wus2-01-app-v4-tag.westus2.cloudapp.azure.com

IN A

20.9.155.148
POST

https://westus2-0.in.applicationinsights.azure.com//v2/track

Request

POST //v2/track HTTP/2.0
host: westus2-0.in.applicationinsights.azure.com
content-length: 1869
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: application/json
accept: */*
origin: https://dotnet.microsoft.com
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://dotnet.microsoft.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: application/json; charset=utf-8
server: Microsoft-HTTPAPI/2.0
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
access-control-allow-origin: *
date: Thu, 16 Jan 2025 18:55:37 GMT
DNS

browser.events.data.microsoft.com

Request

browser.events.data.microsoft.com

IN A

Response

browser.events.data.microsoft.com

IN CNAME

browser.events.data.trafficmanager.net

browser.events.data.trafficmanager.net

IN CNAME

onedscolprdwus10.westus.cloudapp.azure.com

onedscolprdwus10.westus.cloudapp.azure.com

IN A

20.189.173.11
DNS

mobile.events.data.microsoft.com

Request

mobile.events.data.microsoft.com

IN A

Response

mobile.events.data.microsoft.com

IN CNAME

mobile.events.data.trafficmanager.net

mobile.events.data.trafficmanager.net

IN CNAME

onedscolprdwus12.westus.cloudapp.azure.com

onedscolprdwus12.westus.cloudapp.azure.com

IN A

20.189.173.13
DNS

mobile.events.data.microsoft.com

Request

mobile.events.data.microsoft.com

IN A

Response

mobile.events.data.microsoft.com

IN CNAME

mobile.events.data.trafficmanager.net

mobile.events.data.trafficmanager.net

IN CNAME

onedscolprdweu12.westeurope.cloudapp.azure.com

onedscolprdweu12.westeurope.cloudapp.azure.com

IN A

13.69.116.109
DNS

default.exp-tas.com

Request

default.exp-tas.com

IN A

Response

default.exp-tas.com

IN CNAME

deault-exp-tas-com.e-0014.e-msedge.net

deault-exp-tas-com.e-0014.e-msedge.net

IN CNAME

e-0014.e-msedge.net

e-0014.e-msedge.net

IN A

13.107.5.93
DNS

default.exp-tas.com

Request

default.exp-tas.com

IN Unknown

Response

default.exp-tas.com

IN CNAME

deault-exp-tas-com.e-0014.e-msedge.net

deault-exp-tas-com.e-0014.e-msedge.net

IN CNAME

e-0014.e-msedge.net
DNS

main.vscode-cdn.net

Request

main.vscode-cdn.net

IN A

Response

main.vscode-cdn.net

IN CNAME

vscode-cdn.z01.azurefd.net

vscode-cdn.z01.azurefd.net

IN CNAME

star-azurefd-prod.trafficmanager.net

star-azurefd-prod.trafficmanager.net

IN CNAME

shed.dual-low.s-part-0036.t-0009.t-msedge.net

shed.dual-low.s-part-0036.t-0009.t-msedge.net

IN CNAME

s-part-0036.t-0009.t-msedge.net

s-part-0036.t-0009.t-msedge.net

IN A

13.107.246.64
DNS

main.vscode-cdn.net

Request

main.vscode-cdn.net

IN Unknown

Response

main.vscode-cdn.net

IN CNAME

vscode-cdn.z01.azurefd.net

vscode-cdn.z01.azurefd.net

IN CNAME

star-azurefd-prod.trafficmanager.net

star-azurefd-prod.trafficmanager.net

IN CNAME

shed.dual-low.s-part-0036.t-0009.t-msedge.net

shed.dual-low.s-part-0036.t-0009.t-msedge.net

IN CNAME

s-part-0036.t-0009.t-msedge.net
DNS

www.vscode-unpkg.net

Request

www.vscode-unpkg.net

IN A

Response

www.vscode-unpkg.net

IN CNAME

vscode-unpkg-gvgaavacadd3anb4.z01.azurefd.net

vscode-unpkg-gvgaavacadd3anb4.z01.azurefd.net

IN CNAME

star-azurefd-prod.trafficmanager.net

star-azurefd-prod.trafficmanager.net

IN CNAME

shed.dual-low.s-part-0036.t-0009.t-msedge.net

shed.dual-low.s-part-0036.t-0009.t-msedge.net

IN CNAME

s-part-0036.t-0009.t-msedge.net

s-part-0036.t-0009.t-msedge.net

IN A

13.107.246.64
DNS

www.vscode-unpkg.net

Request

www.vscode-unpkg.net

IN Unknown

Response

www.vscode-unpkg.net

IN CNAME

vscode-unpkg-gvgaavacadd3anb4.z01.azurefd.net

vscode-unpkg-gvgaavacadd3anb4.z01.azurefd.net

IN CNAME

star-azurefd-prod.trafficmanager.net

star-azurefd-prod.trafficmanager.net

IN CNAME

shed.dual-low.s-part-0036.t-0009.t-msedge.net
DNS

mobile.events.data.microsoft.com

Request

mobile.events.data.microsoft.com

IN Unknown

Response

mobile.events.data.microsoft.com

IN CNAME

mobile.events.data.trafficmanager.net

mobile.events.data.trafficmanager.net

IN CNAME

onedscolprdcus12.centralus.cloudapp.azure.com
DNS

90.16.208.104.in-addr.arpa

Request

90.16.208.104.in-addr.arpa

IN PTR

Response
DNS

westus2-0.in.applicationinsights.azure.com

Request

westus2-0.in.applicationinsights.azure.com

IN A

Response

westus2-0.in.applicationinsights.azure.com

IN CNAME

westus2-0.in.ai.monitor.azure.com

westus2-0.in.ai.monitor.azure.com

IN CNAME

westus2-0.in.ai.privatelink.monitor.azure.com

westus2-0.in.ai.privatelink.monitor.azure.com

IN CNAME

gig-ai-prod-westus2-0.trafficmanager.net

gig-ai-prod-westus2-0.trafficmanager.net

IN CNAME

gig-ai-prod-wus2-0-app-v4-tag.westus2.cloudapp.azure.com

gig-ai-prod-wus2-0-app-v4-tag.westus2.cloudapp.azure.com

IN A

20.9.155.145
DNS

default.exp-tas.com

Request

default.exp-tas.com

IN A

Response

default.exp-tas.com

IN CNAME

deault-exp-tas-com.e-0014.e-msedge.net

deault-exp-tas-com.e-0014.e-msedge.net

IN CNAME

e-0014.e-msedge.net

e-0014.e-msedge.net

IN A

13.107.5.93
DNS

mobile.events.data.microsoft.com

Request

mobile.events.data.microsoft.com

IN A

Response

mobile.events.data.microsoft.com

IN CNAME

mobile.events.data.trafficmanager.net

mobile.events.data.trafficmanager.net

IN CNAME

onedscolprdweu12.westeurope.cloudapp.azure.com

onedscolprdweu12.westeurope.cloudapp.azure.com

IN A

13.69.116.109
DNS

dotnetcli.blob.core.windows.net

Request

dotnetcli.blob.core.windows.net

IN A

Response

dotnetcli.blob.core.windows.net

IN CNAME

blob.sjc20prdstr25a.store.core.windows.net

blob.sjc20prdstr25a.store.core.windows.net

IN A

20.60.81.165
DNS

aka.ms

Request

aka.ms

IN A

Response

aka.ms

IN A

2.20.118.11
GET

https://aka.ms/vstelemetry/pub/Default/v2/dyntelconfig.json

Request

GET /vstelemetry/pub/Default/v2/dyntelconfig.json HTTP/1.1
Host: aka.ms
Connection: Keep-Alive
Accept-Encoding: gzip, deflate

Response

HTTP/1.1 301 Moved Permanently

Content-Length: 0
Server: Kestrel
Location: https://vsdyntel-mscdn-crdedkcgdmafc8fj.b01.azurefd.net/pub/Default/v2/dyntelconfig.json
Request-Context: appId=cid-v1:d94c0f68-64bf-4036-8409-a0e761bb7ee1
X-Response-Cache-Status: True
Expires: Thu, 16 Jan 2025 18:57:05 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Thu, 16 Jan 2025 18:57:05 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
GET

https://aka.ms/vstelemetry/pub/Default/v2/dyntelconfig.json

Request

GET /vstelemetry/pub/Default/v2/dyntelconfig.json HTTP/1.1
Host: aka.ms
Connection: Keep-Alive
Accept-Encoding: gzip, deflate

Response

HTTP/1.1 301 Moved Permanently

Content-Length: 0
Server: Kestrel
Location: https://vsdyntel-mscdn-crdedkcgdmafc8fj.b01.azurefd.net/pub/Default/v2/dyntelconfig.json
Request-Context: appId=cid-v1:d94c0f68-64bf-4036-8409-a0e761bb7ee1
X-Response-Cache-Status: True
Expires: Thu, 16 Jan 2025 18:57:11 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Thu, 16 Jan 2025 18:57:11 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
DNS

vsdyntel-mscdn-crdedkcgdmafc8fj.b01.azurefd.net

Request

vsdyntel-mscdn-crdedkcgdmafc8fj.b01.azurefd.net

IN A

Response

vsdyntel-mscdn-crdedkcgdmafc8fj.b01.azurefd.net

IN CNAME

shed.dual-low.s-part-0036.t-0009.t-msedge.net

shed.dual-low.s-part-0036.t-0009.t-msedge.net

IN CNAME

s-part-0036.t-0009.t-msedge.net

s-part-0036.t-0009.t-msedge.net

IN A

13.107.246.64
DNS

vsdyntel-mscdn-crdedkcgdmafc8fj.b01.azurefd.net

Request

vsdyntel-mscdn-crdedkcgdmafc8fj.b01.azurefd.net

IN A

Response

vsdyntel-mscdn-crdedkcgdmafc8fj.b01.azurefd.net

IN CNAME

shed.dual-low.s-part-0036.t-0009.t-msedge.net

shed.dual-low.s-part-0036.t-0009.t-msedge.net

IN CNAME

s-part-0036.t-0009.t-msedge.net

s-part-0036.t-0009.t-msedge.net

IN A

13.107.246.64
DNS

109.116.69.13.in-addr.arpa

Request

109.116.69.13.in-addr.arpa

IN PTR

Response
DNS

11.118.20.2.in-addr.arpa

Request

11.118.20.2.in-addr.arpa

IN PTR

Response

11.118.20.2.in-addr.arpa

IN PTR

a2-20-118-11deploystaticakamaitechnologiescom
POST

https://mobile.events.data.microsoft.com/OneCollector/1.0

Request

POST /OneCollector/1.0 HTTP/1.1
Host: mobile.events.data.microsoft.com
x-apikey: 0c6ae279ed8443289764825290e4f9e2-1a736e7c-1324-4338-be46-fc2a58ae4d14-7255
sdk-version: VSTelemetryAPI
NoResponseBody: false
Connection: Keep-Alive
Content-Type: application/x-json-stream; charset=utf-8
Content-Encoding: gzip
Content-Length: 3804

Response

HTTP/1.1 200 OK

Content-Length: 10
Content-Type: application/json
Server: Microsoft-HTTPAPI/2.0
Strict-Transport-Security: max-age=31536000
time-delta-millis: 18567
Access-Control-Allow-Headers: time-delta-millis
Access-Control-Allow-Methods: POST
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: time-delta-millis
Date: Thu, 16 Jan 2025 18:57:06 GMT
POST

https://mobile.events.data.microsoft.com/OneCollector/1.0

Request

POST /OneCollector/1.0 HTTP/1.1
Host: mobile.events.data.microsoft.com
x-apikey: 0c6ae279ed8443289764825290e4f9e2-1a736e7c-1324-4338-be46-fc2a58ae4d14-7255
sdk-version: VSTelemetryAPI
NoResponseBody: false
Connection: Keep-Alive
Content-Type: application/x-json-stream; charset=utf-8
Content-Encoding: gzip
Content-Length: 1634

Response

HTTP/1.1 200 OK

Content-Length: 9
Content-Type: application/json
Server: Microsoft-HTTPAPI/2.0
Strict-Transport-Security: max-age=31536000
time-delta-millis: 18612
Access-Control-Allow-Headers: time-delta-millis
Access-Control-Allow-Methods: POST
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: time-delta-millis
Date: Thu, 16 Jan 2025 18:57:06 GMT
POST

https://mobile.events.data.microsoft.com/OneCollector/1.0

Request

POST /OneCollector/1.0 HTTP/1.1
Host: mobile.events.data.microsoft.com
x-apikey: 0c6ae279ed8443289764825290e4f9e2-1a736e7c-1324-4338-be46-fc2a58ae4d14-7255
sdk-version: VSTelemetryAPI
NoResponseBody: false
Connection: Keep-Alive
Content-Type: application/x-json-stream; charset=utf-8
Content-Encoding: gzip
Content-Length: 1029

Response

HTTP/1.1 200 OK

Content-Length: 9
Content-Type: application/json
Server: Microsoft-HTTPAPI/2.0
Strict-Transport-Security: max-age=31536000
time-delta-millis: 18044
Access-Control-Allow-Headers: time-delta-millis
Access-Control-Allow-Methods: POST
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: time-delta-millis
Date: Thu, 16 Jan 2025 18:57:06 GMT
POST

https://mobile.events.data.microsoft.com/OneCollector/1.0

Request

POST /OneCollector/1.0 HTTP/1.1
Host: mobile.events.data.microsoft.com
x-apikey: 0c6ae279ed8443289764825290e4f9e2-1a736e7c-1324-4338-be46-fc2a58ae4d14-7255
sdk-version: VSTelemetryAPI
NoResponseBody: false
Connection: Keep-Alive
Content-Type: application/x-json-stream; charset=utf-8
Content-Encoding: gzip
Content-Length: 1029

Response

HTTP/1.1 200 OK

Content-Length: 9
Content-Type: application/json
Server: Microsoft-HTTPAPI/2.0
Strict-Transport-Security: max-age=31536000
time-delta-millis: 17049
Access-Control-Allow-Headers: time-delta-millis
Access-Control-Allow-Methods: POST
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: time-delta-millis
Date: Thu, 16 Jan 2025 18:57:06 GMT
POST

https://mobile.events.data.microsoft.com/OneCollector/1.0

Request

POST /OneCollector/1.0 HTTP/1.1
Host: mobile.events.data.microsoft.com
x-apikey: 0c6ae279ed8443289764825290e4f9e2-1a736e7c-1324-4338-be46-fc2a58ae4d14-7255
sdk-version: VSTelemetryAPI
NoResponseBody: false
Connection: Keep-Alive
Content-Type: application/x-json-stream; charset=utf-8
Content-Encoding: gzip
Content-Length: 1601

Response

HTTP/1.1 200 OK

Content-Length: 9
Content-Type: application/json
Server: Microsoft-HTTPAPI/2.0
Strict-Transport-Security: max-age=31536000
time-delta-millis: 16256
Access-Control-Allow-Headers: time-delta-millis
Access-Control-Allow-Methods: POST
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: time-delta-millis
Date: Thu, 16 Jan 2025 18:57:06 GMT
GET

https://aka.ms/vstelemetry/pub/Default/v2/dyntelconfig.json

Request

GET /vstelemetry/pub/Default/v2/dyntelconfig.json HTTP/1.1
Host: aka.ms
Connection: Keep-Alive
Accept-Encoding: gzip, deflate

Response

HTTP/1.1 301 Moved Permanently

Content-Length: 0
Server: Kestrel
Location: https://vsdyntel-mscdn-crdedkcgdmafc8fj.b01.azurefd.net/pub/Default/v2/dyntelconfig.json
Request-Context: appId=cid-v1:d94c0f68-64bf-4036-8409-a0e761bb7ee1
X-Response-Cache-Status: True
Expires: Thu, 16 Jan 2025 18:57:07 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Thu, 16 Jan 2025 18:57:07 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
GET

https://aka.ms/vssettings/pub/RemoteSettings/Default.json

Request

GET /vssettings/pub/RemoteSettings/Default.json HTTP/1.1
Host: aka.ms
Connection: Keep-Alive
Accept-Encoding: gzip, deflate

Response

HTTP/1.1 301 Moved Permanently

Content-Length: 0
Server: Kestrel
Location: https://vssettings-mscdn-g9f2agc5atd3g4dh.b01.azurefd.net/pub/RemoteSettings/Default.json
Request-Context: appId=cid-v1:d94c0f68-64bf-4036-8409-a0e761bb7ee1
X-Response-Cache-Status: True
Expires: Thu, 16 Jan 2025 18:57:07 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Thu, 16 Jan 2025 18:57:07 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
GET

https://aka.ms/vssettings/pub/RemoteSettings/Default.json

Request

GET /vssettings/pub/RemoteSettings/Default.json HTTP/1.1
Host: aka.ms
Connection: Keep-Alive
Accept-Encoding: gzip, deflate

Response

HTTP/1.1 301 Moved Permanently

Content-Length: 0
Server: Kestrel
Location: https://vssettings-mscdn-g9f2agc5atd3g4dh.b01.azurefd.net/pub/RemoteSettings/Default.json
Request-Context: appId=cid-v1:d94c0f68-64bf-4036-8409-a0e761bb7ee1
X-Response-Cache-Status: True
Expires: Thu, 16 Jan 2025 18:57:10 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Thu, 16 Jan 2025 18:57:10 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
GET

https://aka.ms/vstelemetry/pub/Default/v2/dyntelconfig.json

Request

GET /vstelemetry/pub/Default/v2/dyntelconfig.json HTTP/1.1
Host: aka.ms
Connection: Keep-Alive
Accept-Encoding: gzip, deflate

Response

HTTP/1.1 301 Moved Permanently

Content-Length: 0
Server: Kestrel
Location: https://vsdyntel-mscdn-crdedkcgdmafc8fj.b01.azurefd.net/pub/Default/v2/dyntelconfig.json
Request-Context: appId=cid-v1:d94c0f68-64bf-4036-8409-a0e761bb7ee1
X-Response-Cache-Status: True
Expires: Thu, 16 Jan 2025 18:57:12 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Thu, 16 Jan 2025 18:57:12 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
DNS

vssettings-mscdn-g9f2agc5atd3g4dh.b01.azurefd.net

Request

vssettings-mscdn-g9f2agc5atd3g4dh.b01.azurefd.net

IN A

Response

vssettings-mscdn-g9f2agc5atd3g4dh.b01.azurefd.net

IN CNAME

shed.dual-low.s-part-0036.t-0009.t-msedge.net

shed.dual-low.s-part-0036.t-0009.t-msedge.net

IN CNAME

s-part-0036.t-0009.t-msedge.net

s-part-0036.t-0009.t-msedge.net

IN A

13.107.246.64
GET

https://aka.ms/vstelemetry/pub/Default/v2/dyntelconfig.json

Request

GET /vstelemetry/pub/Default/v2/dyntelconfig.json HTTP/1.1
Host: aka.ms
Connection: Keep-Alive
Accept-Encoding: gzip, deflate

Response

HTTP/1.1 301 Moved Permanently

Content-Length: 0
Server: Kestrel
Location: https://vsdyntel-mscdn-crdedkcgdmafc8fj.b01.azurefd.net/pub/Default/v2/dyntelconfig.json
Request-Context: appId=cid-v1:d94c0f68-64bf-4036-8409-a0e761bb7ee1
X-Response-Cache-Status: True
Expires: Thu, 16 Jan 2025 18:57:07 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Thu, 16 Jan 2025 18:57:07 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
GET

https://aka.ms/vstelemetry/pub/Default/v2/dyntelconfig.json

Request

GET /vstelemetry/pub/Default/v2/dyntelconfig.json HTTP/1.1
Host: aka.ms
Connection: Keep-Alive
Accept-Encoding: gzip, deflate

Response

HTTP/1.1 301 Moved Permanently

Content-Length: 0
Server: Kestrel
Location: https://vsdyntel-mscdn-crdedkcgdmafc8fj.b01.azurefd.net/pub/Default/v2/dyntelconfig.json
Request-Context: appId=cid-v1:d94c0f68-64bf-4036-8409-a0e761bb7ee1
X-Response-Cache-Status: True
Expires: Thu, 16 Jan 2025 18:57:15 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Thu, 16 Jan 2025 18:57:15 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
DNS

targetednotifications-tm.trafficmanager.net

Request

targetednotifications-tm.trafficmanager.net

IN A

Response

targetednotifications-tm.trafficmanager.net

IN CNAME

tn-api-prod-southcentralus.azurewebsites.net

tn-api-prod-southcentralus.azurewebsites.net

IN CNAME

waws-prod-sn1-111.sip.azurewebsites.windows.net

waws-prod-sn1-111.sip.azurewebsites.windows.net

IN CNAME

waws-prod-sn1-111.southcentralus.cloudapp.azure.com

waws-prod-sn1-111.southcentralus.cloudapp.azure.com

IN A

13.85.16.224
DNS

targetednotifications-tm.trafficmanager.net

Request

targetednotifications-tm.trafficmanager.net

IN A

Response

targetednotifications-tm.trafficmanager.net

IN CNAME

tn-api-prod-southcentralus.azurewebsites.net

tn-api-prod-southcentralus.azurewebsites.net

IN CNAME

waws-prod-sn1-111.sip.azurewebsites.windows.net

waws-prod-sn1-111.sip.azurewebsites.windows.net

IN CNAME

waws-prod-sn1-111.southcentralus.cloudapp.azure.com

waws-prod-sn1-111.southcentralus.cloudapp.azure.com

IN A

13.85.16.224
DNS

mobile.events.data.microsoft.com

Request

mobile.events.data.microsoft.com

IN A

Response

mobile.events.data.microsoft.com

IN CNAME

mobile.events.data.trafficmanager.net

mobile.events.data.trafficmanager.net

IN CNAME

onedscolprdwus12.westus.cloudapp.azure.com

onedscolprdwus12.westus.cloudapp.azure.com

IN A

20.189.173.13
POST

https://targetednotifications-tm.trafficmanager.net/api/values

Request

POST /api/values HTTP/1.1
Host: targetednotifications-tm.trafficmanager.net
Connection: Keep-Alive
Content-Type: application/json
Content-Length: 592

Response

HTTP/1.1 200 OK

Content-Length: 55
Content-Type: application/json; charset=utf-8
Date: Thu, 16 Jan 2025 18:57:07 GMT
Server: Microsoft-IIS/10.0
Access-Control-Expose-Headers: Request-Context
Cache-Control: no-cache
Expires: -1
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-AspNet-Version: 4.0.30319
Request-Context: appId=cid-v1:696cc391-ae63-4fbb-8162-a3ab06268d85
Arr-Disable-Session-Affinity: true
X-Content-Type-Options: nosniff
DNS

13.173.189.20.in-addr.arpa

Request

13.173.189.20.in-addr.arpa

IN PTR

Response
GET

https://aka.ms/vstelemetry/pub/Default/v2/dyntelconfig.json

Request

GET /vstelemetry/pub/Default/v2/dyntelconfig.json HTTP/1.1
Host: aka.ms
Connection: Keep-Alive
Accept-Encoding: gzip, deflate

Response

HTTP/1.1 301 Moved Permanently

Content-Length: 0
Server: Kestrel
Location: https://vsdyntel-mscdn-crdedkcgdmafc8fj.b01.azurefd.net/pub/Default/v2/dyntelconfig.json
Request-Context: appId=cid-v1:d94c0f68-64bf-4036-8409-a0e761bb7ee1
X-Response-Cache-Status: True
Expires: Thu, 16 Jan 2025 18:57:09 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Thu, 16 Jan 2025 18:57:09 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
GET

https://aka.ms/vstelemetry/pub/Default/v2/dyntelconfig.json

Request

GET /vstelemetry/pub/Default/v2/dyntelconfig.json HTTP/1.1
Host: aka.ms
Connection: Keep-Alive
Accept-Encoding: gzip, deflate

Response

HTTP/1.1 301 Moved Permanently

Content-Length: 0
Server: Kestrel
Location: https://vsdyntel-mscdn-crdedkcgdmafc8fj.b01.azurefd.net/pub/Default/v2/dyntelconfig.json
Request-Context: appId=cid-v1:d94c0f68-64bf-4036-8409-a0e761bb7ee1
X-Response-Cache-Status: True
Expires: Thu, 16 Jan 2025 18:57:09 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Thu, 16 Jan 2025 18:57:09 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
GET

https://aka.ms/vstelemetry/pub/Default/v2/dyntelconfig.json

Request

GET /vstelemetry/pub/Default/v2/dyntelconfig.json HTTP/1.1
Host: aka.ms
Connection: Keep-Alive
Accept-Encoding: gzip, deflate

Response

HTTP/1.1 301 Moved Permanently

Content-Length: 0
Server: Kestrel
Location: https://vsdyntel-mscdn-crdedkcgdmafc8fj.b01.azurefd.net/pub/Default/v2/dyntelconfig.json
Request-Context: appId=cid-v1:d94c0f68-64bf-4036-8409-a0e761bb7ee1
X-Response-Cache-Status: True
Expires: Thu, 16 Jan 2025 18:57:09 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Thu, 16 Jan 2025 18:57:09 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
GET

https://aka.ms/vstelemetry/pub/Default/v2/dyntelconfig.json

Request

GET /vstelemetry/pub/Default/v2/dyntelconfig.json HTTP/1.1
Host: aka.ms
Connection: Keep-Alive
Accept-Encoding: gzip, deflate

Response

HTTP/1.1 301 Moved Permanently

Content-Length: 0
Server: Kestrel
Location: https://vsdyntel-mscdn-crdedkcgdmafc8fj.b01.azurefd.net/pub/Default/v2/dyntelconfig.json
Request-Context: appId=cid-v1:d94c0f68-64bf-4036-8409-a0e761bb7ee1
X-Response-Cache-Status: True
Expires: Thu, 16 Jan 2025 18:57:09 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Thu, 16 Jan 2025 18:57:09 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
GET

https://aka.ms/vstelemetry/pub/Default/v2/dyntelconfig.json

Request

GET /vstelemetry/pub/Default/v2/dyntelconfig.json HTTP/1.1
Host: aka.ms
Connection: Keep-Alive
Accept-Encoding: gzip, deflate

Response

HTTP/1.1 301 Moved Permanently

Content-Length: 0
Server: Kestrel
Location: https://vsdyntel-mscdn-crdedkcgdmafc8fj.b01.azurefd.net/pub/Default/v2/dyntelconfig.json
Request-Context: appId=cid-v1:d94c0f68-64bf-4036-8409-a0e761bb7ee1
X-Response-Cache-Status: True
Expires: Thu, 16 Jan 2025 18:57:10 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Thu, 16 Jan 2025 18:57:10 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
GET

https://aka.ms/vstelemetry/pub/Default/v2/dyntelconfig.json

Request

GET /vstelemetry/pub/Default/v2/dyntelconfig.json HTTP/1.1
Host: aka.ms
Connection: Keep-Alive
Accept-Encoding: gzip, deflate

Response

HTTP/1.1 301 Moved Permanently

Content-Length: 0
Server: Kestrel
Location: https://vsdyntel-mscdn-crdedkcgdmafc8fj.b01.azurefd.net/pub/Default/v2/dyntelconfig.json
Request-Context: appId=cid-v1:d94c0f68-64bf-4036-8409-a0e761bb7ee1
X-Response-Cache-Status: True
Expires: Thu, 16 Jan 2025 18:57:20 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Thu, 16 Jan 2025 18:57:20 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
GET

https://aka.ms/vstelemetry/pub/Default/v2/dyntelconfig.json

Request

GET /vstelemetry/pub/Default/v2/dyntelconfig.json HTTP/1.1
Host: aka.ms
Connection: Keep-Alive
Accept-Encoding: gzip, deflate

Response

HTTP/1.1 301 Moved Permanently

Content-Length: 0
Server: Kestrel
Location: https://vsdyntel-mscdn-crdedkcgdmafc8fj.b01.azurefd.net/pub/Default/v2/dyntelconfig.json
Request-Context: appId=cid-v1:d94c0f68-64bf-4036-8409-a0e761bb7ee1
X-Response-Cache-Status: True
Expires: Thu, 16 Jan 2025 18:57:22 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Thu, 16 Jan 2025 18:57:22 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
GET

https://aka.ms/vstelemetry/pub/Default/v2/dyntelconfig.json

Request

GET /vstelemetry/pub/Default/v2/dyntelconfig.json HTTP/1.1
Host: aka.ms
Connection: Keep-Alive
Accept-Encoding: gzip, deflate

Response

HTTP/1.1 301 Moved Permanently

Content-Length: 0
Server: Kestrel
Location: https://vsdyntel-mscdn-crdedkcgdmafc8fj.b01.azurefd.net/pub/Default/v2/dyntelconfig.json
Request-Context: appId=cid-v1:d94c0f68-64bf-4036-8409-a0e761bb7ee1
X-Response-Cache-Status: True
Expires: Thu, 16 Jan 2025 18:57:18 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Thu, 16 Jan 2025 18:57:18 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
GET

https://aka.ms/vstelemetry/pub/Default/v2/dyntelconfig.json

Request

GET /vstelemetry/pub/Default/v2/dyntelconfig.json HTTP/1.1
Host: aka.ms
Connection: Keep-Alive
Accept-Encoding: gzip, deflate

Response

HTTP/1.1 301 Moved Permanently

Content-Length: 0
Server: Kestrel
Location: https://vsdyntel-mscdn-crdedkcgdmafc8fj.b01.azurefd.net/pub/Default/v2/dyntelconfig.json
Request-Context: appId=cid-v1:d94c0f68-64bf-4036-8409-a0e761bb7ee1
X-Response-Cache-Status: True
Expires: Thu, 16 Jan 2025 18:57:19 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Thu, 16 Jan 2025 18:57:19 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
GET

https://aka.ms/vstelemetry/pub/Default/v2/dyntelconfig.json

Request

GET /vstelemetry/pub/Default/v2/dyntelconfig.json HTTP/1.1
Host: aka.ms
Connection: Keep-Alive
Accept-Encoding: gzip, deflate

Response

HTTP/1.1 301 Moved Permanently

Content-Length: 0
Server: Kestrel
Location: https://vsdyntel-mscdn-crdedkcgdmafc8fj.b01.azurefd.net/pub/Default/v2/dyntelconfig.json
Request-Context: appId=cid-v1:d94c0f68-64bf-4036-8409-a0e761bb7ee1
X-Response-Cache-Status: True
Expires: Thu, 16 Jan 2025 18:57:24 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Thu, 16 Jan 2025 18:57:24 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
DNS

dc.services.visualstudio.com

Request

dc.services.visualstudio.com

IN A

Response

dc.services.visualstudio.com

IN CNAME

dc.applicationinsights.microsoft.com

dc.applicationinsights.microsoft.com

IN CNAME

dc.applicationinsights.azure.com

dc.applicationinsights.azure.com

IN CNAME

global.in.ai.monitor.azure.com

global.in.ai.monitor.azure.com

IN CNAME

global.in.ai.privatelink.monitor.azure.com

global.in.ai.privatelink.monitor.azure.com

IN CNAME

dc.trafficmanager.net

dc.trafficmanager.net

IN CNAME

westeurope-global.in.applicationinsights.azure.com

westeurope-global.in.applicationinsights.azure.com

IN CNAME

gig-ai-prod-westeurope-global.trafficmanager.net

gig-ai-prod-westeurope-global.trafficmanager.net

IN CNAME

gig-ai-g-prod-westeurope-5-app-v4-tag.westeurope.cloudapp.azure.com

gig-ai-g-prod-westeurope-5-app-v4-tag.westeurope.cloudapp.azure.com

IN A

20.50.88.245
POST

https://dc.services.visualstudio.com/v2/track

Request

POST /v2/track HTTP/1.1
Host: dc.services.visualstudio.com
Content-Type: application/x-json-stream
Content-Encoding: gzip
Content-Length: 806
POST

https://dc.services.visualstudio.com/v2/track

Request

POST /v2/track HTTP/1.1
Host: dc.services.visualstudio.com
Content-Type: application/x-json-stream
Content-Encoding: gzip
Content-Length: 694
POST

https://dc.services.visualstudio.com/v2/track

Request

POST /v2/track HTTP/1.1
Host: dc.services.visualstudio.com
Content-Type: application/x-json-stream
Content-Encoding: gzip
Content-Length: 758
DNS

245.88.50.20.in-addr.arpa

Request

245.88.50.20.in-addr.arpa

IN PTR

Response
DNS

mobile.events.data.microsoft.com

Request

mobile.events.data.microsoft.com

IN A

Response

mobile.events.data.microsoft.com

IN CNAME

mobile.events.data.trafficmanager.net

mobile.events.data.trafficmanager.net

IN CNAME

onedscolprdcus23.centralus.cloudapp.azure.com

onedscolprdcus23.centralus.cloudapp.azure.com

IN A

104.208.16.92
DNS

92.16.208.104.in-addr.arpa

Request

92.16.208.104.in-addr.arpa

IN PTR

Response
DNS

mobile.events.data.microsoft.com

Request

mobile.events.data.microsoft.com

IN A

Response

mobile.events.data.microsoft.com

IN CNAME

mobile.events.data.trafficmanager.net

mobile.events.data.trafficmanager.net

IN CNAME

onedscolprdcus12.centralus.cloudapp.azure.com

onedscolprdcus12.centralus.cloudapp.azure.com

IN A

13.89.179.10
POST

https://mobile.events.data.microsoft.com/OneCollector/1.0

Request

POST /OneCollector/1.0 HTTP/1.1
Host: mobile.events.data.microsoft.com
x-apikey: 0c6ae279ed8443289764825290e4f9e2-1a736e7c-1324-4338-be46-fc2a58ae4d14-7255
sdk-version: VSTelemetryAPI
NoResponseBody: false
Connection: Keep-Alive
Content-Type: application/x-json-stream; charset=utf-8
Content-Encoding: gzip
Content-Length: 2230

Response

HTTP/1.1 200 OK

Content-Length: 9
Content-Type: application/json
Server: Microsoft-HTTPAPI/2.0
Strict-Transport-Security: max-age=31536000
time-delta-millis: 10706
Access-Control-Allow-Headers: time-delta-millis
Access-Control-Allow-Methods: POST
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: time-delta-millis
Date: Thu, 16 Jan 2025 18:57:17 GMT
DNS

westus2-0.in.applicationinsights.azure.com

Request

westus2-0.in.applicationinsights.azure.com

IN A

Response

westus2-0.in.applicationinsights.azure.com

IN CNAME

westus2-0.in.ai.monitor.azure.com

westus2-0.in.ai.monitor.azure.com

IN CNAME

westus2-0.in.ai.privatelink.monitor.azure.com

westus2-0.in.ai.privatelink.monitor.azure.com

IN CNAME

gig-ai-prod-westus2-0.trafficmanager.net

gig-ai-prod-westus2-0.trafficmanager.net

IN CNAME

gig-ai-prod-wus2-0-app-v4-tag.westus2.cloudapp.azure.com

gig-ai-prod-wus2-0-app-v4-tag.westus2.cloudapp.azure.com

IN A

20.9.155.145
DNS

10.179.89.13.in-addr.arpa

Request

10.179.89.13.in-addr.arpa

IN PTR

Response
DNS

mobile.events.data.microsoft.com

Request

mobile.events.data.microsoft.com

IN A

Response

mobile.events.data.microsoft.com

IN CNAME

mobile.events.data.trafficmanager.net

mobile.events.data.trafficmanager.net

IN CNAME

onedscolprdjpw02.japanwest.cloudapp.azure.com

onedscolprdjpw02.japanwest.cloudapp.azure.com

IN A

40.74.98.194
DNS

194.98.74.40.in-addr.arpa

Request

194.98.74.40.in-addr.arpa

IN PTR

Response
DNS

westus2-0.in.applicationinsights.azure.com

Request

westus2-0.in.applicationinsights.azure.com

IN A

Response

westus2-0.in.applicationinsights.azure.com

IN CNAME

westus2-0.in.ai.monitor.azure.com

westus2-0.in.ai.monitor.azure.com

IN CNAME

westus2-0.in.ai.privatelink.monitor.azure.com

westus2-0.in.ai.privatelink.monitor.azure.com

IN CNAME

gig-ai-prod-westus2-0.trafficmanager.net

gig-ai-prod-westus2-0.trafficmanager.net

IN CNAME

gig-ai-prod-wus2-0-app-v4-tag.westus2.cloudapp.azure.com

gig-ai-prod-wus2-0-app-v4-tag.westus2.cloudapp.azure.com

IN A

20.9.155.145
DNS

mobile.events.data.microsoft.com

Request

mobile.events.data.microsoft.com

IN A

Response

mobile.events.data.microsoft.com

IN CNAME

mobile.events.data.trafficmanager.net

mobile.events.data.trafficmanager.net

IN CNAME

onedscolprdcus12.centralus.cloudapp.azure.com

onedscolprdcus12.centralus.cloudapp.azure.com

IN A

13.89.179.10
DNS

mobile.events.data.microsoft.com

Request

mobile.events.data.microsoft.com

IN A

Response

mobile.events.data.microsoft.com

IN CNAME

mobile.events.data.trafficmanager.net

mobile.events.data.trafficmanager.net

IN CNAME

onedscolprdcus02.centralus.cloudapp.azure.com

onedscolprdcus02.centralus.cloudapp.azure.com

IN A

20.44.10.122
DNS

122.10.44.20.in-addr.arpa

Request

122.10.44.20.in-addr.arpa

IN PTR

Response
DNS

dc.services.visualstudio.com

Request

dc.services.visualstudio.com

IN A

Response

dc.services.visualstudio.com

IN CNAME

dc.applicationinsights.microsoft.com

dc.applicationinsights.microsoft.com

IN CNAME

dc.applicationinsights.azure.com

dc.applicationinsights.azure.com

IN CNAME

global.in.ai.monitor.azure.com

global.in.ai.monitor.azure.com

IN CNAME

global.in.ai.privatelink.monitor.azure.com

global.in.ai.privatelink.monitor.azure.com

IN CNAME

dc.trafficmanager.net

dc.trafficmanager.net

IN CNAME

westeurope-global.in.applicationinsights.azure.com

westeurope-global.in.applicationinsights.azure.com

IN CNAME

gig-ai-prod-westeurope-global.trafficmanager.net

gig-ai-prod-westeurope-global.trafficmanager.net

IN CNAME

gig-ai-g-prod-westeurope-3-app-v4-tag.westeurope.cloudapp.azure.com

gig-ai-g-prod-westeurope-3-app-v4-tag.westeurope.cloudapp.azure.com

IN A

20.50.88.238
DNS

238.88.50.20.in-addr.arpa

Request

238.88.50.20.in-addr.arpa

IN PTR

Response
DNS

mobile.events.data.microsoft.com

Request

mobile.events.data.microsoft.com

IN A

Response

mobile.events.data.microsoft.com

IN CNAME

mobile.events.data.trafficmanager.net

mobile.events.data.trafficmanager.net

IN CNAME

onedscolprdcus02.centralus.cloudapp.azure.com

onedscolprdcus02.centralus.cloudapp.azure.com

IN A

20.44.10.122
DNS

westus2-0.in.applicationinsights.azure.com

Request

westus2-0.in.applicationinsights.azure.com

IN A

Response

westus2-0.in.applicationinsights.azure.com

IN CNAME

westus2-0.in.ai.monitor.azure.com

westus2-0.in.ai.monitor.azure.com

IN CNAME

westus2-0.in.ai.privatelink.monitor.azure.com

westus2-0.in.ai.privatelink.monitor.azure.com

IN CNAME

gig-ai-prod-westus2-0.trafficmanager.net

gig-ai-prod-westus2-0.trafficmanager.net

IN CNAME

gig-ai-prod-wus2-0-app-v4-tag.westus2.cloudapp.azure.com

gig-ai-prod-wus2-0-app-v4-tag.westus2.cloudapp.azure.com

IN A

20.9.155.145
DNS

dc.services.visualstudio.com

Request

dc.services.visualstudio.com

IN A

Response

dc.services.visualstudio.com

IN CNAME

dc.applicationinsights.microsoft.com

dc.applicationinsights.microsoft.com

IN CNAME

dc.applicationinsights.azure.com

dc.applicationinsights.azure.com

IN CNAME

global.in.ai.monitor.azure.com

global.in.ai.monitor.azure.com

IN CNAME

global.in.ai.privatelink.monitor.azure.com

global.in.ai.privatelink.monitor.azure.com

IN CNAME

dc.trafficmanager.net

dc.trafficmanager.net

IN CNAME

westeurope-global.in.applicationinsights.azure.com

westeurope-global.in.applicationinsights.azure.com

IN CNAME

gig-ai-prod-westeurope-global.trafficmanager.net

gig-ai-prod-westeurope-global.trafficmanager.net

IN CNAME

gig-ai-g-prod-westeurope-7-app-v4-tag.westeurope.cloudapp.azure.com

gig-ai-g-prod-westeurope-7-app-v4-tag.westeurope.cloudapp.azure.com

IN A

20.50.88.235
POST

https://dc.services.visualstudio.com/v2/track

Request

POST /v2/track HTTP/1.1
Host: dc.services.visualstudio.com
Content-Type: application/x-json-stream
Content-Encoding: gzip
Content-Length: 806
POST

https://dc.services.visualstudio.com/v2/track

Request

POST /v2/track HTTP/1.1
Host: dc.services.visualstudio.com
Content-Type: application/x-json-stream
Content-Encoding: gzip
Content-Length: 758
POST

https://dc.services.visualstudio.com/v2/track

Request

POST /v2/track HTTP/1.1
Host: dc.services.visualstudio.com
Content-Type: application/x-json-stream
Content-Encoding: gzip
Content-Length: 694
DNS

api.nuget.org

Request

api.nuget.org

IN A

Response

api.nuget.org

IN CNAME

nugetapiprod.trafficmanager.net

nugetapiprod.trafficmanager.net

IN CNAME

api.nuget.org.edgesuite.net

api.nuget.org.edgesuite.net

IN CNAME

a2043.dscr.akamai.net

a2043.dscr.akamai.net

IN A

88.221.134.243

a2043.dscr.akamai.net

IN A

88.221.134.242
DNS

235.88.50.20.in-addr.arpa

Request

235.88.50.20.in-addr.arpa

IN PTR

Response
DNS

243.134.221.88.in-addr.arpa

Request

243.134.221.88.in-addr.arpa

IN PTR

Response

243.134.221.88.in-addr.arpa

IN PTR

a88-221-134-243deploystaticakamaitechnologiescom
DNS

mobile.events.data.microsoft.com

Request

mobile.events.data.microsoft.com

IN A

Response

mobile.events.data.microsoft.com

IN CNAME

mobile.events.data.trafficmanager.net

mobile.events.data.trafficmanager.net

IN CNAME

onedscolprdeus03.eastus.cloudapp.azure.com

onedscolprdeus03.eastus.cloudapp.azure.com

IN A

20.42.73.24
DNS

mobile.events.data.microsoft.com

Request

mobile.events.data.microsoft.com

IN Unknown

Response

mobile.events.data.microsoft.com

IN CNAME

mobile.events.data.trafficmanager.net

mobile.events.data.trafficmanager.net

IN CNAME

onedscolprdeus04.eastus.cloudapp.azure.com
DNS

mobile.events.data.microsoft.com

Request

mobile.events.data.microsoft.com

IN A
DNS

mobile.events.data.microsoft.com

Request

mobile.events.data.microsoft.com

IN Unknown
DNS

mobile.events.data.microsoft.com

Request

mobile.events.data.microsoft.com

IN A

Response

mobile.events.data.microsoft.com

IN CNAME

mobile.events.data.trafficmanager.net

mobile.events.data.trafficmanager.net

IN CNAME

onedscolprdeus21.eastus.cloudapp.azure.com

onedscolprdeus21.eastus.cloudapp.azure.com

IN A

20.42.73.31
DNS

mobile.events.data.microsoft.com

Request

mobile.events.data.microsoft.com

IN Unknown

Response

mobile.events.data.microsoft.com

IN CNAME

mobile.events.data.trafficmanager.net

mobile.events.data.trafficmanager.net

IN CNAME

onedscolprdeus09.eastus.cloudapp.azure.com
DNS

prod.remote-settings.prod.webservices.mozgcp.net

Request

prod.remote-settings.prod.webservices.mozgcp.net

IN A

Response

prod.remote-settings.prod.webservices.mozgcp.net

IN A

34.149.100.209
DNS

prod.remote-settings.prod.webservices.mozgcp.net

Request

prod.remote-settings.prod.webservices.mozgcp.net

IN AAAA

Response
DNS

main.vscode-cdn.net

Request

main.vscode-cdn.net

IN A

Response

main.vscode-cdn.net

IN CNAME

vscode-cdn.z01.azurefd.net

vscode-cdn.z01.azurefd.net

IN CNAME

star-azurefd-prod.trafficmanager.net

star-azurefd-prod.trafficmanager.net

IN CNAME

shed.dual-low.s-part-0036.t-0009.t-msedge.net

shed.dual-low.s-part-0036.t-0009.t-msedge.net

IN CNAME

s-part-0036.t-0009.t-msedge.net

s-part-0036.t-0009.t-msedge.net

IN A

13.107.246.64
DNS

main.vscode-cdn.net

Request

main.vscode-cdn.net

IN Unknown

Response

main.vscode-cdn.net

IN CNAME

vscode-cdn.z01.azurefd.net

vscode-cdn.z01.azurefd.net

IN CNAME

star-azurefd-prod.trafficmanager.net

star-azurefd-prod.trafficmanager.net

IN CNAME

shed.dual-low.s-part-0036.t-0009.t-msedge.net

shed.dual-low.s-part-0036.t-0009.t-msedge.net

IN CNAME

s-part-0036.t-0009.t-msedge.net

51.140.242.104:443

https://checkappexec.microsoft.com/windows/shell/actions

tls, http2

2.9kB
7.8kB
21
18

HTTP Request

POST https://checkappexec.microsoft.com/windows/shell/actions

HTTP Response

200
151.101.131.19:443

https://www.mozilla.org/media/img/favicons/firefox/browser/favicon.f093404c0135.ico

tls, http2

firefox.exe

10.1kB
463.4kB
112
389

HTTP Request

GET https://www.mozilla.org/firefox/welcome/21/

HTTP Response

302

HTTP Request

GET https://www.mozilla.org/en-US/firefox/welcome/21/

HTTP Response

200

HTTP Request

GET https://www.mozilla.org/media/js/site.b49d941e3374.js

HTTP Request

GET https://www.mozilla.org/media/css/m24-root.77a146bcaf17.css

HTTP Request

GET https://www.mozilla.org/media/css/m24-navigation-and-footer.e8f9c32ba5aa.css

HTTP Request

GET https://www.mozilla.org/media/css/protocol-firefox.e581097aaf66.css

HTTP Request

GET https://www.mozilla.org/media/css/protocol-picto.cfee40a3cd36.css

HTTP Request

GET https://www.mozilla.org/media/css/firefox_welcome_page19_to_24.3bad9ee2f487.css

HTTP Request

GET https://www.mozilla.org/media/js/gtm-snippet.b5b7c885f8fa.js

HTTP Request

GET https://www.mozilla.org/media/img/logos/firefox/logo-word-hor.f3b18871b657.svg

HTTP Request

GET https://www.mozilla.org/media/js/sentry.ca22623b11b1.js

HTTP Request

GET https://www.mozilla.org/media/js/lib.7cb1e204ce21.js

HTTP Request

GET https://www.mozilla.org/media/js/fxa.6cacc544775b.js

HTTP Request

GET https://www.mozilla.org/media/js/data.438fd3539700.js

HTTP Request

GET https://www.mozilla.org/media/js/m24-ui.daf79f0fefd7.js

HTTP Request

GET https://www.mozilla.org/media/js/glean.ff7106b49b39.js

HTTP Request

GET https://www.mozilla.org/media/js/firefox_welcome_page19_to_24.87e13c35e608.js

HTTP Request

GET https://www.mozilla.org/media/js/consent-banner.f74bb4c07d16.js

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://www.mozilla.org/media/protocol/fonts/Inter-Bold.0564381b22b2.woff2

HTTP Request

GET https://www.mozilla.org/media/protocol/img/icons/social/x/white.7f50edd82090.svg

HTTP Request

GET https://www.mozilla.org/media/protocol/img/icons/social/instagram/white.a7014a6150b3.svg

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://www.mozilla.org/media/protocol/img/icons/social/linkedin/white.cdc0e910cc1e.svg

HTTP Response

200

HTTP Request

GET https://www.mozilla.org/media/protocol/img/icons/social/tiktok/white.599403de7ac0.svg

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://www.mozilla.org/media/protocol/img/icons/social/spotify/white.aa5334e85bae.svg

HTTP Request

GET https://www.mozilla.org/media/protocol/img/icons/social/youtube/white.4f314c43c69d.svg

HTTP Request

GET https://www.mozilla.org/media/img/icons/m24-small/globe-white.a76258f6a4cc.svg

HTTP Request

GET https://www.mozilla.org/media/img/icons/m24-small/down-caret-white.3aab868855c7.svg

HTTP Request

GET https://www.mozilla.org/media/protocol/fonts/Inter-Regular.d55e957612a3.woff2

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://www.mozilla.org/media/protocol/fonts/Metropolis-Bold.6a80125e795a.woff2

HTTP Request

GET https://www.mozilla.org/media/fonts/m24/mozilla-text/MozillaText-SemiBold.c9ce5296db65.woff2

HTTP Request

GET https://www.mozilla.org/media/fonts/m24/mozilla-text/MozillaText-Regular.3fa5c88b0954.woff2

HTTP Request

GET https://www.mozilla.org/media/img/firefox/welcome/page20-21/back-up.b351cf7c2c5c.svg

HTTP Request

GET https://www.mozilla.org/media/img/firefox/welcome/page20-21/add-ons.809f56bff087.svg

HTTP Request

GET https://www.mozilla.org/media/img/firefox/welcome/page20-21/community.bf0cb1c38902.svg

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://www.mozilla.org/media/img/favicons/firefox/browser/favicon-196x196.59e3822720be.png

HTTP Request

GET https://www.mozilla.org/media/img/favicons/firefox/browser/favicon.f093404c0135.ico

HTTP Response

200

HTTP Response

200
151.101.131.19:443

www.mozilla.org

tls, http2

firefox.exe

1.5kB
3.9kB
13
12
127.0.0.1:49902

firefox.exe
34.149.97.1:443

firefox-api-proxy.cdn.mozilla.net

tls, http2

firefox.exe

1.8kB
4.4kB
16
13
127.0.0.1:49910

firefox.exe
142.250.187.196:443

https://www.google.com/sorry/index?continue=https://www.google.com/search%3Fclient%3Dfirefox-b-d%26q%3Dvs%2Bcode&q=EgS117BTGLaopbwGIjBH_f8B0FYbJEGr_GfRFceMPvENHl24yTVP6cd7bpBa-GcFPGLwBcZ1EQvZPD4cJ4kyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM

tls, http2

firefox.exe

2.7kB
11.1kB
19
28

HTTP Request

GET https://www.google.com/search?client=firefox-b-d&q=vs+code

HTTP Request

GET https://www.google.com/sorry/index?continue=https://www.google.com/search%3Fclient%3Dfirefox-b-d%26q%3Dvs%2Bcode&q=EgS117BTGLaopbwGIjBH_f8B0FYbJEGr_GfRFceMPvENHl24yTVP6cd7bpBa-GcFPGLwBcZ1EQvZPD4cJ4kyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM

HTTP Response

429
2.22.247.97:80

http://visualstudio.microsoft.com/

http

firefox.exe

1.1kB
1.4kB
17
15

HTTP Request

GET http://visualstudio.microsoft.com/

HTTP Response

301
2.22.247.97:80

visualstudio.microsoft.com

firefox.exe

190 B
92 B
4
2
2.22.247.97:443

https://visualstudio.microsoft.com/wp-content/plugins/vscom-utility-plugin/json/home-devblogs.json

tls, http2

firefox.exe

717.6kB
15.1MB
9489
11089

HTTP Request

GET https://visualstudio.microsoft.com/

HTTP Response

200

HTTP Request

GET https://visualstudio.microsoft.com/wp-content/plugins/vscom-fusion-extension/css/vscom-swimlane.css?ver=6.7.1

HTTP Request

GET https://visualstudio.microsoft.com/wp-content/plugins/microsoft-uhf/assets/microsoft-uhf.css?ver=2.2

HTTP Request

GET https://visualstudio.microsoft.com/wp-content/plugins/vscom-fusion-extension/css/vscom-video-player.min.css?ver=1667498194

HTTP Request

GET https://visualstudio.microsoft.com/wp-content/plugins/vscom-fusion-extension/css/vscom-feature-hero.min.css?ver=1681237298

HTTP Request

GET https://visualstudio.microsoft.com/wp-content/plugins/vscom-fusion-extension/css/vscom-builder-tabs.min.css?ver=1735582150

HTTP Request

GET https://visualstudio.microsoft.com/wp-content/plugins/vscom-fusion-extension/css/vscom-single-box.min.css?ver=1681924015

HTTP Request

GET https://visualstudio.microsoft.com/wp-content/plugins/vscom-fusion-extension/css/vscom-icon-cloud.min.css?ver=1670949096

HTTP Request

GET https://visualstudio.microsoft.com/wp-content/plugins/vscom-fusion-extension/css/vscom-collage.min.css?ver=1670949096

HTTP Request

GET https://visualstudio.microsoft.com/wp-content/plugins/vscom-fusion-extension/css/vscom-extension-cards.min.css?ver=1712777490

HTTP Request

GET https://visualstudio.microsoft.com/wp-content/plugins/vscom-fusion-extension/css/vscom-video-carousel.min.css?ver=1736452972

HTTP Request

GET https://visualstudio.microsoft.com/wp-content/plugins/fabric-icon-manager//assets/css/vscom-icons.css?ver=1660768558

HTTP Request

GET https://visualstudio.microsoft.com/wp-content/uploads/fusion-styles/01f4b874d13e53a477abac6bfaecdb85.min.css?ver=3.11.11

HTTP Request

GET https://visualstudio.microsoft.com/wp-content/plugins/fusion-builder/assets/css/media/tabs-lg-min.min.css?ver=7.11.11

HTTP Request

GET https://visualstudio.microsoft.com/wp-content/themes/Avada/assets/css/media/min-shbp.min.css?ver=7.11.11

HTTP Request

GET https://visualstudio.microsoft.com/wp-content/themes/Avada/assets/css/media/min-shbp-header-legacy.min.css?ver=7.11.11

HTTP Request

GET https://visualstudio.microsoft.com/wp-content/themes/Avada/assets/css/media/min-sh-cbp.min.css?ver=7.11.11

HTTP Request

GET https://visualstudio.microsoft.com/wp-content/themes/Avada-Child-Theme/modern-styles.min.css?1736879161

HTTP Request

GET https://visualstudio.microsoft.com/wp-content/plugins/vscom-asset-minification/assets/css/vscom-dist.min.css?1724260366

HTTP Request

GET https://visualstudio.microsoft.com/wp-content/plugins/vscom-asset-minification/assets/css/en.min.css?1667498184

HTTP Request

GET https://visualstudio.microsoft.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

HTTP Request

GET https://visualstudio.microsoft.com/wp-content/plugins/vscom-utility-plugin/js/utility.min.js?ver=1675795484

HTTP Request

GET https://visualstudio.microsoft.com/wp-content/plugins/vscom-fusion-extension/js/vscom-icon-cloud.min.js?ver=1670949097

HTTP Request

GET https://visualstudio.microsoft.com/wp-content/plugins/vscom-fusion-extension/js/vscom-collage.min.js?ver=1670949097

HTTP Request

GET https://visualstudio.microsoft.com/wp-content/uploads/2021/10/Product-Icon.svg

HTTP Request

GET https://visualstudio.microsoft.com/wp-content/uploads/2022/03/Windows.svg

HTTP Request

GET https://visualstudio.microsoft.com/wp-content/uploads/2019/09/vs-code-responsive-01-1.png

HTTP Request

GET https://visualstudio.microsoft.com/wp-content/uploads/2021/10/apple_logo.svg

HTTP Request

GET https://visualstudio.microsoft.com/wp-content/uploads/2022/03/Linux.svg

HTTP Response

200

HTTP Request

GET https://visualstudio.microsoft.com/wp-content/themes/Avada-Child-Theme/assets/img/vscom-img-placeholder.png

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://visualstudio.microsoft.com/wp-content/uploads/2024/11/BlogForAmandaResize2-scaled.webp

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://visualstudio.microsoft.com/wp-content/uploads/2024/11/githubadomain.webp

HTTP Request

GET https://visualstudio.microsoft.com/wp-content/uploads/2024/10/Carousel-Main.webp

HTTP Request

GET https://visualstudio.microsoft.com/wp-content/uploads/2025/01/githutb-actions-preview.png

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://visualstudio.microsoft.com/wp-content/uploads/2025/01/GitHub-actions-icon.svg

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://visualstudio.microsoft.com/wp-content/uploads/2025/01/Markdown-Editor-preview.png

HTTP Request

GET https://visualstudio.microsoft.com/wp-content/uploads/2025/01/Markdown-Editor-icon.svg

HTTP Request

GET https://visualstudio.microsoft.com/wp-content/uploads/2023/08/VisualStudioThemePack.webp

HTTP Request

GET https://visualstudio.microsoft.com/wp-content/uploads/2023/08/ThemePack_Icon.svg

HTTP Request

GET https://visualstudio.microsoft.com/wp-content/uploads/2025/01/SQLite-SQL-Server-preview.png

HTTP Request

GET https://visualstudio.microsoft.com/wp-content/uploads/2025/01/SQLite-SQL-Server-icon.svg

HTTP Request

GET https://visualstudio.microsoft.com/wp-content/uploads/2022/11/Launch.svg

HTTP Request

GET https://visualstudio.microsoft.com/wp-content/uploads/2023/01/alaska.png

HTTP Request

GET https://visualstudio.microsoft.com/wp-content/uploads/2023/01/dc-water.png

HTTP Request

GET https://visualstudio.microsoft.com//wp-content/uploads/2023/01/chipotle.png

HTTP Request

GET https://visualstudio.microsoft.com/wp-content/uploads/2023/01/real-madrid.png

HTTP Request

GET https://visualstudio.microsoft.com/wp-content/uploads/2023/01/godaddy.png

HTTP Request

GET https://visualstudio.microsoft.com/wp-content/uploads/2023/01/ge-aviation.png

HTTP Request

GET https://visualstudio.microsoft.com/wp-content/uploads/2023/01/pegasus-one.png

HTTP Request

GET https://visualstudio.microsoft.com/wp-content/uploads/2023/01/UPS.png

HTTP Request

GET https://visualstudio.microsoft.com/wp-content/uploads/2023/01/rolls-royce.png

HTTP Request

GET https://visualstudio.microsoft.com/wp-content/uploads/2022/09/Apple_Opaque.svg

HTTP Request

GET https://visualstudio.microsoft.com/wp-content/uploads/2024/01/X-logo.svg

HTTP Request

GET https://visualstudio.microsoft.com/wp-content/uploads/2024/01/Facebook.svg

HTTP Request

GET https://visualstudio.microsoft.com/wp-content/uploads/2024/01/Linkedin.svg

HTTP Request

GET https://visualstudio.microsoft.com/wp-content/uploads/2024/01/Youtube.svg

HTTP Request

GET https://visualstudio.microsoft.com/wp-content/uploads/2024/10/Tiktok.svg

HTTP Request

GET https://visualstudio.microsoft.com/wp-content/plugins/vscom-fusion-extension/css/vscom-slider.min.css?ver=1704736789

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://visualstudio.microsoft.com/wp-content/plugins/vscom-dom-ready-js/js/vscomDomReady.min.js?ver=1667498194

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://visualstudio.microsoft.com/wp-content/themes/Avada-Child-Theme/assets/js/common.min.js?1690822824

HTTP Request

GET https://visualstudio.microsoft.com/wp-content/plugins/vscom-fusion-extension/js/dropdown-menu.min.js?ver=6.7.1

HTTP Request

GET https://visualstudio.microsoft.com/wp-content/plugins/vscom-fusion-extension/js/vscom-extension-cards.min.js?ver=1691086424

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://visualstudio.microsoft.com/wp-content/uploads/fusion-scripts/1cef6133aa19724cabe0c37e09d4cca8.min.js?ver=3.11.11

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://visualstudio.microsoft.com/wp-content/themes/Avada-Child-Theme/assets/img/edit-outline.svg

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://visualstudio.microsoft.com/wp-content/themes/Avada-Child-Theme/assets/js/vscom-usabilla-a11y.js

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://visualstudio.microsoft.com/wp-content/themes/Avada/assets/css/media/max-shbp-header-legacy.min.css?ver=7.11.11

HTTP Request

GET https://visualstudio.microsoft.com/wp-content/plugins/fusion-builder/assets/css/media/tabs-md.min.css?ver=7.11.11

HTTP Request

GET https://visualstudio.microsoft.com/wp-content/plugins/fusion-builder/assets/css/media/min-768-max-1024-p.min.css?ver=3.11.11

HTTP Request

GET https://visualstudio.microsoft.com/wp-content/themes/Avada/assets/css/media/max-sh-cbp-social-sharing.min.css?ver=7.11.11

HTTP Request

GET https://visualstudio.microsoft.com/wp-content/themes/Avada/assets/css/media/max-2c.min.css?ver=7.11.11

HTTP Request

GET https://visualstudio.microsoft.com/wp-content/themes/Avada/assets/css/media/max-sh-sbp.min.css?ver=7.11.11

HTTP Request

GET https://visualstudio.microsoft.com/wp-content/plugins/fusion-builder/assets/css/media/fullwidth-md.min.css?ver=3.11.11

HTTP Request

GET https://visualstudio.microsoft.com/wp-content/themes/Avada/assets/css/media/min-5c-max-6c.min.css?ver=7.11.11

HTTP Request

GET https://visualstudio.microsoft.com/wp-content/plugins/vscom-core/assets/css/vscom-subsup.min.css?ver=1667498184

HTTP Request

GET https://visualstudio.microsoft.com/wp-content/plugins/fusion-builder/assets/css/media/meta-md.min.css?ver=7.11.11

HTTP Request

GET https://visualstudio.microsoft.com/wp-content/themes/Avada/assets/css/media/max-main.min.css?ver=7.11.11

HTTP Request

GET https://visualstudio.microsoft.com/wp-content/themes/Avada/assets/css/media/max-sh-cbp.min.css?ver=7.11.11

HTTP Request

GET https://visualstudio.microsoft.com/wp-content/themes/Avada/assets/css/media/max-sh-shbp.min.css?ver=7.11.11

HTTP Request

GET https://visualstudio.microsoft.com/wp-content/themes/Avada/assets/css/media/min-2c-max-3c.min.css?ver=7.11.11

HTTP Request

GET https://visualstudio.microsoft.com/wp-content/themes/Avada/assets/css/media/min-768-max-1024-l.min.css?ver=7.11.11

HTTP Request

GET https://visualstudio.microsoft.com/wp-content/plugins/fusion-builder/assets/css/media/max-640.min.css?ver=3.11.11

HTTP Request

GET https://visualstudio.microsoft.com/wp-content/themes/Avada/assets/css/media/min-3c-max-4c.min.css?ver=7.11.11

HTTP Request

GET https://visualstudio.microsoft.com/wp-content/themes/Avada/assets/css/media/min-768-max-1024-l-header-legacy.min.css?ver=7.11.11

HTTP Request

GET https://visualstudio.microsoft.com/wp-content/themes/Avada/assets/css/media/min-4c-max-5c.min.css?ver=7.11.11

HTTP Request

GET https://visualstudio.microsoft.com/wp-content/plugins/fusion-builder/assets/css/media/max-2c.css?ver=3.11.11

HTTP Request

GET https://visualstudio.microsoft.com/wp-content/plugins/fusion-builder/assets/css/media/tabs-sm.min.css?ver=7.11.11

HTTP Request

GET https://visualstudio.microsoft.com/wp-content/themes/Avada/assets/css/media/max-shbp.min.css?ver=7.11.11

HTTP Request

GET https://visualstudio.microsoft.com/wp-content/plugins/fusion-builder/assets/css/media/tabs-lg-max.min.css?ver=7.11.11

HTTP Request

GET https://visualstudio.microsoft.com/wp-content/themes/Avada/assets/css/media/max-cbp.min.css?ver=7.11.11

HTTP Request

GET https://visualstudio.microsoft.com/wp-content/plugins/fusion-builder/assets/css/media/min-2c-max-3c.css?ver=3.11.11

HTTP Response

200

HTTP Request

GET https://visualstudio.microsoft.com/wp-content/plugins/fusion-builder/assets/css/media/min-5c-max-6c.css?ver=3.11.11

HTTP Request

GET https://visualstudio.microsoft.com/wp-content/themes/Avada/assets/css/media/max-shbp-32.min.css?ver=7.11.11

HTTP Request

GET https://visualstudio.microsoft.com/wp-content/plugins/fusion-builder/assets/css/media/meta-sm.min.css?ver=7.11.11

HTTP Request

GET https://visualstudio.microsoft.com/wp-content/themes/Avada/assets/css/media/max-sh-shbp-header-legacy.min.css?ver=7.11.11

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://visualstudio.microsoft.com/wp-content/plugins/fusion-builder/assets/css/media/min-4c-max-5c.css?ver=3.11.11

HTTP Request

GET https://visualstudio.microsoft.com/wp-content/themes/Avada/assets/css/media/min-768-max-1024-p-header-legacy.min.css?ver=7.11.11

HTTP Request

GET https://visualstudio.microsoft.com/wp-content/plugins/fusion-builder/assets/css/media/image-sm.min.css?ver=7.11.11

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://visualstudio.microsoft.com/wp-content/plugins/fusion-builder/assets/css/media/title-md.min.css?ver=3.11.11

HTTP Request

GET https://visualstudio.microsoft.com/wp-content/themes/Avada/assets/css/media/min-768-max-1024-p.min.css?ver=7.11.11

HTTP Request

GET https://visualstudio.microsoft.com/wp-content/plugins/fusion-builder/assets/css/media/max-sh-cbp.min.css?ver=3.11.11

HTTP Request

GET https://visualstudio.microsoft.com/wp-content/plugins/fusion-builder/assets/css/media/max-1c.css?ver=3.11.11

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://visualstudio.microsoft.com/wp-content/plugins/fusion-builder/assets/css/media/image-md.min.css?ver=7.11.11

HTTP Response

200

HTTP Request

GET https://visualstudio.microsoft.com/wp-content/plugins/fusion-builder/assets/css/media/fullwidth-sm.min.css?ver=3.11.11

HTTP Request

GET https://visualstudio.microsoft.com/wp-content/plugins/fusion-builder/assets/css/media/section-separator-md.min.css?ver=3.11.11

HTTP Request

GET https://visualstudio.microsoft.com/wp-content/themes/Avada/assets/css/media/max-sh-640.min.css?ver=7.11.11

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://visualstudio.microsoft.com/wp-content/themes/Avada/assets/css/media/max-640.min.css?ver=7.11.11

HTTP Request

GET https://visualstudio.microsoft.com/wp-content/plugins/fusion-builder/assets/css/media/layout-columns-sm.min.css?ver=3.11.11

HTTP Request

GET https://visualstudio.microsoft.com/wp-content/themes/Avada/assets/css/media/max-shbp-18.min.css?ver=7.11.11

HTTP Request

GET https://visualstudio.microsoft.com/wp-content/plugins/fusion-builder/assets/css/media/section-separator-sm.min.css?ver=3.11.11

HTTP Request

GET https://visualstudio.microsoft.com/wp-content/plugins/fusion-builder/assets/css/media/layout-columns-md.min.css?ver=3.11.11

HTTP Request

GET https://visualstudio.microsoft.com/wp-content/plugins/fusion-builder/assets/css/media/min-3c-max-4c.css?ver=3.11.11

HTTP Request

GET https://visualstudio.microsoft.com/wp-content/plugins/fusion-builder/assets/css/media/title-sm.min.css?ver=3.11.11

HTTP Request

GET https://visualstudio.microsoft.com/wp-content/themes/Avada/assets/css/media/max-1c.min.css?ver=7.11.11

HTTP Request

GET https://visualstudio.microsoft.com/wp-content/uploads/2024/05/VSCOM_hp_hero_bg.webp

HTTP Request

GET https://visualstudio.microsoft.com/wp-content/uploads/2022/11/VSCOM-Shape.svg

HTTP Request

GET https://visualstudio.microsoft.com/wp-content/uploads/2023/10/VSCODE-Shape-3.svg

HTTP Request

GET https://visualstudio.microsoft.com/wp-content/uploads/2024/12/gh-azure-bkg.webp

HTTP Request

GET https://visualstudio.microsoft.com/wp-content/uploads/2024/11/githubadobg-scaled.webp

HTTP Request

GET https://visualstudio.microsoft.com/wp-content/uploads/2024/10/Carousel-Background.webp

HTTP Request

GET https://visualstudio.microsoft.com/wp-content/uploads/2022/11/vscom-icon-cloud-bg.svg

HTTP Request

GET https://visualstudio.microsoft.com/wp-content/themes/Avada-Child-Theme/fonts/icons/vscom.ttf

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://visualstudio.microsoft.com/wp-content/uploads/2024/09/VS_CopilotMenu_Website_Animation_r5.mp4

HTTP Response

200

HTTP Request

GET https://visualstudio.microsoft.com/wp-content/plugins/fabric-icon-manager//assets/fonts/VSCOMIcons.woff?1660768558

HTTP Response

206

HTTP Response

200

HTTP Request

GET https://visualstudio.microsoft.com/wp-content/uploads/2022/05/Microsoft-120.png

HTTP Request

GET https://visualstudio.microsoft.com/wp-content/uploads/2017/02/Microsoft-favicon.png

HTTP Request

GET https://visualstudio.microsoft.com/wp-content/themes/Avada-Child-Theme/assets/js/classList.min.js?1667498206

HTTP Request

GET https://visualstudio.microsoft.com/wp-content/plugins/vscom-fusion-extension/js/ofi.min.js?1667498194

HTTP Request

GET https://visualstudio.microsoft.com/wp-content/plugins/vscom-fusion-extension/js/video-player/mediaelement.min.js?1667498194

HTTP Request

GET https://visualstudio.microsoft.com/wp-content/plugins/vscom-fusion-extension/js/slider/hammer.min.js?1667498194

HTTP Request

GET https://visualstudio.microsoft.com/wp-content/plugins/vscom-fusion-extension/js/slider/slider-devblogs-posts.min.js?1702925116

HTTP Request

GET https://visualstudio.microsoft.com/wp-content/uploads/2022/11/VisualStudio.webp

HTTP Request

GET https://visualstudio.microsoft.com/wp-content/plugins/vscom-core/assets/js/vscom.min.js?1694020635

HTTP Request

GET https://visualstudio.microsoft.com/wp-content/plugins/vscom-fusion-extension/js/vscom-video-player.min.js?1667498195

HTTP Request

GET https://visualstudio.microsoft.com/wp-content/plugins/vscom-fusion-extension/js/slider/better-simple-slideshow.min.js?1702925116

HTTP Request

GET https://visualstudio.microsoft.com/wp-content/plugins/vscom-utility-plugin/json/home-devblogs.json
52.182.143.208:443

https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&ext.intweb.msfpc=GUID%3D3ccacde58a524d66a67b210c2ffc16f2%26HASH%3D3cca%26LV%3D202501%26V%3D4%26LU%3D1737053251518&w=0

tls, http2

firefox.exe

4.0kB
8.5kB
19
18

HTTP Request

OPTIONS https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0

HTTP Response

200

HTTP Request

POST https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0

HTTP Response

200

HTTP Request

OPTIONS https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&ext.intweb.msfpc=GUID%3D3ccacde58a524d66a67b210c2ffc16f2%26HASH%3D3cca%26LV%3D202501%26V%3D4%26LU%3D1737053251518&w=0

HTTP Response

200
95.100.245.144:443

https://www.microsoft.com/mwf/_h/v3.54/mwf.app/fonts/mwfmdl2-v3.54.woff

tls, http2

firefox.exe

3.8kB
98.4kB
34
93

HTTP Request

GET https://www.microsoft.com/onerfstatics/marketingsites-eus-prod/west-european/shell/_scrf/css/themes=default.device=uplevel_web_pc/1b-9d8ed9/c9-be0100/a6-e969ef/43-9f2e7c/82-8b5456/a0-5d3913/52-918540/ca-ae3ce4?ver=2.0&_cf=02242021_3231

HTTP Request

GET https://www.microsoft.com/onerfstatics/marketingsites-eus-prod/shell/_scrf/js/themes=default/54-af9f9f/d4-fb1f57/e1-a50eee/e7-954872/d8-97d509/f0-251fe2/46-be1318/77-04a268/11-240c7b/63-077520/a4-34de62/f9-a5b2ce/db-bc0148/dc-7e9864/6d-c07ea1/6f-dafe8c/f6-aa5278/73-a24d00/6d-1e7ed0/b7-cadaa7/c4-898cf2/ca-40b7b0/4e-ee3a55/3e-f5c39b/c3-6454d7/f9-7592d3/d0-e64f3e/92-10345d/79-499886/7e-cda2d3/58-ab4971/74-d51c79/e0-3c9860/de-884374/1f-100dea/33-abe4df/2b-8e0ae6?ver=2.0&_cf=02242021_3231&iife=1

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://www.microsoft.com/mwf/_h/v3.54/mwf.app/fonts/mwfmdl2-v3.54.woff

HTTP Response

200
184.28.198.218:443

https://cdn-dynmedia-1.microsoft.com/is/image/microsoftcorp/UHFbanner-MSlogo2?fmt=png-alpha&bfc=off&qlt=100,1

tls, http2

firefox.exe

2.3kB
11.6kB
21
29

HTTP Request

GET https://cdn-dynmedia-1.microsoft.com/is/image/microsoftcorp/UHFbanner-MSlogo2?fmt=png-alpha&bfc=off&qlt=100,1

HTTP Response

200
95.100.245.144:443

www.microsoft.com

tls, http2

firefox.exe

1.5kB
7.6kB
13
17
13.107.42.18:443

marketplace.visualstudio.com

tls, http2

firefox.exe

1.8kB
9.1kB
13
12
13.107.42.18:443

https://marketplace.visualstudio.com/_apis/public/gallery/extensionquery

tls, http2

firefox.exe

2.9kB
13.7kB
16
22

HTTP Request

OPTIONS https://marketplace.visualstudio.com/_apis/public/gallery/extensionquery

HTTP Response

200

HTTP Request

POST https://marketplace.visualstudio.com/_apis/public/gallery/extensionquery

HTTP Response

200
4.227.249.197:443

https://u.clarity.ms/collect

tls, http

firefox.exe

83.3kB
9.6kB
80
45

HTTP Request

POST https://u.clarity.ms/collect

HTTP Response

204

HTTP Request

POST https://u.clarity.ms/collect

HTTP Response

204

HTTP Request

POST https://u.clarity.ms/collect

HTTP Response

204

HTTP Request

POST https://u.clarity.ms/collect

HTTP Response

204

HTTP Request

POST https://u.clarity.ms/collect

HTTP Response

204

HTTP Request

POST https://u.clarity.ms/collect

HTTP Response

204

HTTP Request

POST https://u.clarity.ms/collect

HTTP Response

204
52.182.143.208:443

https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.2.18&apikey=f194a55d6cb942d9b0e5b604e01b609b-8c663a24-3636-4cc5-a2bf-267a92b4ee4f-7662&upload-time=1737053320799&ext.intweb.msfpc=GUID%3D3ccacde58a524d66a67b210c2ffc16f2%26HASH%3D3cca%26LV%3D202501%26V%3D4%26LU%3D1737053251518&time-delta-to-apply-millis=1187&w=0&NoResponseBody=true

tls, http2

firefox.exe

73.9kB
9.6kB
85
52

HTTP Request

POST https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&ext.intweb.msfpc=GUID%3D3ccacde58a524d66a67b210c2ffc16f2%26HASH%3D3cca%26LV%3D202501%26V%3D4%26LU%3D1737053251518&w=0

HTTP Response

200

HTTP Request

POST https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&ext.intweb.msfpc=GUID%3D3ccacde58a524d66a67b210c2ffc16f2%26HASH%3D3cca%26LV%3D202501%26V%3D4%26LU%3D1737053251518&w=0

HTTP Response

200

HTTP Request

POST https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&ext.intweb.msfpc=GUID%3D3ccacde58a524d66a67b210c2ffc16f2%26HASH%3D3cca%26LV%3D202501%26V%3D4%26LU%3D1737053251518&w=0

HTTP Response

200

HTTP Request

POST https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.2.18&apikey=f194a55d6cb942d9b0e5b604e01b609b-8c663a24-3636-4cc5-a2bf-267a92b4ee4f-7662&upload-time=1737053256028&ext.intweb.msfpc=GUID%3D3ccacde58a524d66a67b210c2ffc16f2%26HASH%3D3cca%26LV%3D202501%26V%3D4%26LU%3D1737053251518&time-delta-to-apply-millis=1187&w=0&NoResponseBody=true

HTTP Response

204

HTTP Request

POST https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.2.18&apikey=f194a55d6cb942d9b0e5b604e01b609b-8c663a24-3636-4cc5-a2bf-267a92b4ee4f-7662&upload-time=1737053256481&ext.intweb.msfpc=GUID%3D3ccacde58a524d66a67b210c2ffc16f2%26HASH%3D3cca%26LV%3D202501%26V%3D4%26LU%3D1737053251518&time-delta-to-apply-millis=1187&w=0&NoResponseBody=true

HTTP Response

204

HTTP Request

POST https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.2.18&apikey=f194a55d6cb942d9b0e5b604e01b609b-8c663a24-3636-4cc5-a2bf-267a92b4ee4f-7662&upload-time=1737053320799&ext.intweb.msfpc=GUID%3D3ccacde58a524d66a67b210c2ffc16f2%26HASH%3D3cca%26LV%3D202501%26V%3D4%26LU%3D1737053251518&time-delta-to-apply-millis=1187&w=0&NoResponseBody=true

HTTP Response

204
13.107.42.18:443

https://app.vssps.visualstudio.com/_signin?realm=app.vssps.visualstudio.com&reply_to=https%3A%2F%2Fapp.vssps.visualstudio.com%2F_apis%2Fprofile%2Fprofiles%2Fme%3F_%3D1737053248568&redirect=1&context=eyJodCI6MywiaGlkIjoiYTVjYTM1ZWItMTQ4ZS00Y2NkLWJiYjMtZDMxNTc2ZDc1OTU4IiwicXMiOnt9LCJyciI6IiIsInZoIjoiIiwiY3YiOiIiLCJjcyI6IiJ90

tls, http2

firefox.exe

2.7kB
29.5kB
19
39

HTTP Request

GET https://app.vssps.visualstudio.com/_apis/profile/profiles/me?_=1737053248568

HTTP Response

302

HTTP Request

GET https://app.vssps.visualstudio.com/_signin?realm=app.vssps.visualstudio.com&reply_to=https%3A%2F%2Fapp.vssps.visualstudio.com%2F_apis%2Fprofile%2Fprofiles%2Fme%3F_%3D1737053248568&redirect=1&context=eyJodCI6MywiaGlkIjoiYTVjYTM1ZWItMTQ4ZS00Y2NkLWJiYjMtZDMxNTc2ZDc1OTU4IiwicXMiOnt9LCJyciI6IiIsInZoIjoiIiwiY3YiOiIiLCJjcyI6IiJ90

HTTP Response

203
2.22.138.112:443

devblogs.microsoft.com

tls, http2

firefox.exe

1.6kB
5.1kB
14
13
2.22.138.112:443

https://devblogs.microsoft.com/visualstudio/wp-content/uploads/sites/4/2023/12/Mryam-96x96.jpg

tls, http2

firefox.exe

3.4kB
46.2kB
35
58

HTTP Request

GET https://devblogs.microsoft.com/visualstudio/wp-content/uploads/sites/4/2022/11/IMG_1377-96x96.jpg

HTTP Request

GET https://devblogs.microsoft.com/visualstudio/wp-content/uploads/sites/4/2021/09/62749798106__ECECFB6D-BD1F-4F2C-8B81-B273B5F1EA3B-96x96.jpg

HTTP Request

GET https://devblogs.microsoft.com/visualstudio/wp-content/themes/devblogs-evo/images/group-icon.png

HTTP Request

GET https://devblogs.microsoft.com/visualstudio/wp-content/uploads/sites/4/2023/12/Mryam-96x96.jpg

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

404
2.22.138.112:443

devblogs.microsoft.com

tls, http2

firefox.exe

1.4kB
5.1kB
11
12
2.22.138.112:443

devblogs.microsoft.com

tls, http2

firefox.exe

1.4kB
5.1kB
11
13
95.100.245.144:443

https://www.microsoft.com/videoplayer/lib/onerfstatics/sc/5b/8d47f5.js

tls, http2

firefox.exe

13.4kB
608.4kB
207
483

HTTP Request

GET https://www.microsoft.com/en-us/videoplayer/embed/RE4M6Vx

HTTP Response

200

HTTP Request

GET https://www.microsoft.com/videoplayer/lib/mwf/mwfmdl2-v3.54.woff2

HTTP Request

GET https://www.microsoft.com/videoplayer/lib/mwf/slider.css

HTTP Request

GET https://www.microsoft.com/videoplayer/lib/onerfstatics/default-theme.css

HTTP Request

GET https://www.microsoft.com/videoplayer/lib/css/index.css

HTTP Request

GET https://www.microsoft.com/videoplayer/lib/js/index.js

HTTP Request

GET https://www.microsoft.com/videoplayer/lib/js/page-bi-tags.js

HTTP Request

GET https://www.microsoft.com/videoplayer/lib/js/load-script.js

HTTP Request

GET https://www.microsoft.com/videoplayer/lib/js/require.js

HTTP Request

GET https://www.microsoft.com/videoplayer/lib/onerfstatics/onerfjquery-3.5.1.js

HTTP Request

GET https://www.microsoft.com/videoplayer/lib/mscc/wcp-consent.js

HTTP Request

GET https://www.microsoft.com/videoplayer/lib/onerfstatics/onerfcomponentfactory.js

HTTP Request

GET https://www.microsoft.com/videoplayer/lib/onerfstatics/onerfonedsconfig.js

HTTP Request

GET https://www.microsoft.com/videoplayer/lib/mwf/slider.js

HTTP Request

GET https://www.microsoft.com/videoplayer/lib/js/require-config.js

HTTP Request

GET https://www.microsoft.com/videoplayer/lib/js/lazy-sizes.js

HTTP Request

GET https://www.microsoft.com/videoplayer/lib/js/vp-attributes.js

HTTP Request

GET https://www.microsoft.com/videoplayer/lib/js/auto-play.js

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://www.microsoft.com/videoplayer/lib/localization/en-us.json

HTTP Response

200

HTTP Request

GET https://www.microsoft.com/mwf/_h/v3.54/mwf.app/fonts/mwfmdl2-v3.54.woff2

HTTP Request

GET https://www.microsoft.com/videoplayer/lib/onerfstatics/sc/5b/8d47f5.js

HTTP Response

200

HTTP Response

200
13.107.42.18:443

https://marketplace.visualstudio.com/_apis/public/gallery/extensionquery

tls, http2

firefox.exe

3.3kB
159.3kB
32
132

HTTP Request

OPTIONS https://marketplace.visualstudio.com/_apis/public/gallery/extensionquery

HTTP Response

200

HTTP Request

POST https://marketplace.visualstudio.com/_apis/public/gallery/extensionquery

HTTP Response

200
13.107.42.18:443

marketplace.visualstudio.com

tls, http2

firefox.exe

1.6kB
9.2kB
14
16
104.124.165.196:443

assets.onestore.ms

tls, http2

firefox.exe

1.7kB
7.1kB
14
18
66.235.152.156:443

microsoftwindows.112.2o7.net

tls, http2

firefox.exe

1.7kB
5.3kB
15
16
52.178.17.235:443

https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.2.12&apikey=aacbcf0ee7614738b1ea4f99c23f2e82-63b77ecc-8c62-4513-aa1f-a12a5ed8c015-6865&upload-time=1737053339658&ext.intweb.msfpc=GUID%3D929c05b6464a4c0d9177e351fa44de37%26HASH%3D929c%26LV%3D202501%26V%3D4%26LU%3D1737053258725&time-delta-to-apply-millis=1057&w=0&NoResponseBody=true

tls, http2

firefox.exe

63.7kB
10.7kB
75
47

HTTP Request

POST https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-4.3.3&apikey=1a3eb3104447440391ad5f2a6ee06a0a-62879566-bc58-4741-9650-302bf2af703f-7103&upload-time=1737053257614&time-delta-to-apply-millis=use-collector-delta&w=0&NoResponseBody=true

HTTP Request

POST https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-4.3.3&apikey=1a3eb3104447440391ad5f2a6ee06a0a-62879566-bc58-4741-9650-302bf2af703f-7103&upload-time=1737053257616&w=0&NoResponseBody=true

HTTP Response

204

HTTP Response

204

HTTP Request

OPTIONS https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0

HTTP Response

200

HTTP Request

POST https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0

HTTP Response

200

HTTP Request

POST https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0

HTTP Response

200

HTTP Request

OPTIONS https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0

HTTP Response

200

HTTP Request

POST https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0

HTTP Response

200

HTTP Request

POST https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.2.12&apikey=aacbcf0ee7614738b1ea4f99c23f2e82-63b77ecc-8c62-4513-aa1f-a12a5ed8c015-6865&upload-time=1737053339658&ext.intweb.msfpc=GUID%3D929c05b6464a4c0d9177e351fa44de37%26HASH%3D929c%26LV%3D202501%26V%3D4%26LU%3D1737053258725&time-delta-to-apply-millis=1057&w=0&NoResponseBody=true

HTTP Response

204
52.178.17.235:443

browser.events.data.microsoft.com

tls, http2

firefox.exe

1.6kB
7.1kB
13
12
88.221.134.219:443

https://ms-python.gallerycdn.vsassets.io/extensions/ms-python/python/2024.23.2025011501/1736963660551/Microsoft.VisualStudio.Services.Icons.Default

tls, http

firefox.exe

2.6kB
53.3kB
29
57

HTTP Request

GET https://ms-python.gallerycdn.vsassets.io/extensions/ms-python/python/2024.23.2025011501/1736963660551/Microsoft.VisualStudio.Services.Icons.Default

HTTP Response

200
88.221.134.225:443

https://vscjava.gallerycdn.vsassets.io/extensions/vscjava/vscode-java-pack/0.29.2024091906/1726729234947/Microsoft.VisualStudio.Services.Icons.Default

tls, http

firefox.exe

2.4kB
10.6kB
24
27

HTTP Request

GET https://vscjava.gallerycdn.vsassets.io/extensions/vscjava/vscode-java-pack/0.29.2024091906/1726729234947/Microsoft.VisualStudio.Services.Icons.Default

HTTP Response

200
88.221.134.178:443

https://github.gallerycdn.vsassets.io/extensions/github/copilot/1.257.1316/1736991519557/Microsoft.VisualStudio.Services.Icons.Default

tls, http

firefox.exe

2.4kB
14.0kB
24
29

HTTP Request

GET https://github.gallerycdn.vsassets.io/extensions/github/copilot/1.257.1316/1736991519557/Microsoft.VisualStudio.Services.Icons.Default

HTTP Response

200
88.221.134.178:443

https://ms-vscode.gallerycdn.vsassets.io/extensions/ms-vscode/cpptools/1.23.3/1736465135809/Microsoft.VisualStudio.Services.Icons.Default

tls, http

firefox.exe

2.3kB
11.3kB
22
27

HTTP Request

GET https://ms-vscode.gallerycdn.vsassets.io/extensions/ms-vscode/cpptools/1.23.3/1736465135809/Microsoft.VisualStudio.Services.Icons.Default

HTTP Response

200
2.18.190.171:443

https://vscode.download.prss.microsoft.com/dbazure/download/stable/91fbdddc47bc9c09064bf7acf133d22631cbf083/VSCodeUserSetup-x64-1.96.3.exe

tls, http

firefox.exe

4.9MB
113.3MB
70398
81261

HTTP Request

GET https://vscode.download.prss.microsoft.com/dbazure/download/stable/91fbdddc47bc9c09064bf7acf133d22631cbf083/VSCodeUserSetup-x64-1.96.3.exe

HTTP Response

200
35.190.72.216:443

location.services.mozilla.com

tls, http2

firefox.exe

2.1kB
4.4kB
18
15
88.221.134.209:80

http://ciscobinary.openh264.org/openh264-win64-31c4d2e4a037526fd30d4e5c39f60885986cf865.zip

http

firefox.exe

15.4kB
508.4kB
230
381

HTTP Request

GET http://ciscobinary.openh264.org/openh264-win64-31c4d2e4a037526fd30d4e5c39f60885986cf865.zip

HTTP Response

200
142.250.180.14:443

https://redirector.gvt1.com/edgedl/widevine-cdm/4.10.2710.0-win-x64.zip

tls, http2

firefox.exe

2.9kB
11.4kB
23
21

HTTP Request

GET https://redirector.gvt1.com/edgedl/widevine-cdm/4.10.2710.0-win-x64.zip
2.19.252.141:443

https://prod-video-cms-rt-microsoft-com.akamaized.net/vhs/api/videos/RE4M6Vx?version=v1

tls, http

firefox.exe

2.3kB
7.1kB
23
25

HTTP Request

GET https://prod-video-cms-rt-microsoft-com.akamaized.net/vhs/api/videos/RE4M6Vx?version=v1

HTTP Response

200
74.125.175.169:443

https://r4---sn-aigzrnsz.gvt1.com/edgedl/widevine-cdm/4.10.2710.0-win-x64.zip?cms_redirect=yes&met=1737053269,&mh=R8&mip=181.215.176.83&mm=28&mn=sn-aigzrnsz&ms=nvh&mt=1737052825&mv=m&mvi=4&pl=27&rmhost=r1---sn-aigzrnsz.gvt1.com&rms=nvh,nvh&shardbypass=sd&smhost=r2---sn-aigzrn7s.gvt1.com

tls, http

firefox.exe

431.7kB
15.9MB
6479
11429

HTTP Request

GET https://r4---sn-aigzrnsz.gvt1.com/edgedl/widevine-cdm/4.10.2710.0-win-x64.zip?cms_redirect=yes&met=1737053269,&mh=R8&mip=181.215.176.83&mm=28&mn=sn-aigzrnsz&ms=nvh&mt=1737052825&mv=m&mvi=4&pl=27&rmhost=r1---sn-aigzrnsz.gvt1.com&rms=nvh,nvh&shardbypass=sd&smhost=r2---sn-aigzrn7s.gvt1.com

HTTP Response

200
4.227.249.197:443

https://u.clarity.ms/collect

tls, http

firefox.exe

3.6kB
6.5kB
11
14

HTTP Request

POST https://u.clarity.ms/collect

HTTP Response

204
4.227.249.197:443

u.clarity.ms

tls

firefox.exe

3.7kB
6.5kB
11
14
13.107.5.93:443

default.exp-tas.com

tls

Code.exe

4.2kB
11.6kB
16
24
13.107.42.18:443

marketplace.visualstudio.com

tls

Code.exe

97.0kB
6.3MB
1684
4901
13.107.42.18:443

marketplace.visualstudio.com

Code.exe

98 B
52 B
2
1
88.221.134.203:443

firefox-devtools.gallerycdn.vsassets.io

tls

Code.exe

4.0kB
39.4kB
28
40
20.50.201.204:443

mobile.events.data.microsoft.com

tls

Code.exe

427.4kB
22.1kB
412
283
4.227.249.197:443

https://u.clarity.ms/collect

tls, http

firefox.exe

3.5kB
6.5kB
11
14

HTTP Request

POST https://u.clarity.ms/collect

HTTP Response

204
88.221.134.203:443

ms-python.gallerycdn.vsassets.io

tls

Code.exe

4.1kB
53.0kB
31
51
88.221.134.203:443

ms-python.gallerycdn.vsassets.io

tls

Code.exe

5.7kB
100.7kB
50
84
88.221.134.208:443

ms-toolsai.gallerycdn.vsassets.io

tls

Code.exe

6.2kB
158.3kB
61
125
88.221.134.208:443

ms-toolsai.gallerycdn.vsassets.io

tls

Code.exe

3.5kB
16.8kB
19
24
88.221.134.208:443

ms-toolsai.gallerycdn.vsassets.io

tls

Code.exe

5.7kB
158.3kB
52
125
88.221.134.178:443

ms-vscode.gallerycdn.vsassets.io

tls

Code.exe

5.1kB
22.4kB
24
31
20.50.201.204:443

mobile.events.data.microsoft.com

tls

Code.exe

2.8kB
5.6kB
11
10
88.221.134.178:443

ritwickdey.gallerycdn.vsassets.io

tls

Code.exe

3.4kB
8.9kB
17
19
88.221.134.208:443

esbenp.gallerycdn.vsassets.io

tls

Code.exe

3.4kB
11.4kB
18
20
88.221.134.208:443

visualstudioexptteam.gallerycdn.vsassets.io

tls

Code.exe

3.4kB
8.8kB
17
19
88.221.134.178:443

ms-vscode.gallerycdn.vsassets.io

tls

Code.exe

2.5kB
1.0kB
9
10
88.221.134.203:443

franneck94.gallerycdn.vsassets.io

tls

Code.exe

3.5kB
13.0kB
18
22
88.221.134.208:443

danielpinto8zz6.gallerycdn.vsassets.io

tls

Code.exe

4.6kB
31.7kB
26
37
88.221.134.201:443

hars.gallerycdn.vsassets.io

tls

Code.exe

3.6kB
26.2kB
23
32
88.221.134.201:443

kaysonwu.gallerycdn.vsassets.io

tls

Code.exe

3.6kB
20.3kB
21
27
88.221.134.178:443

brapifra.gallerycdn.vsassets.io

tls

Code.exe

3.4kB
6.5kB
16
17
88.221.134.178:443

jbenden.gallerycdn.vsassets.io

tls

Code.exe

3.4kB
15.3kB
19
24
88.221.134.208:443

jaycetyle.gallerycdn.vsassets.io

tls

Code.exe

3.9kB
46.4kB
29
46
88.221.134.178:443

leojhonsong.gallerycdn.vsassets.io

tls

Code.exe

4.1kB
49.5kB
31
49
4.227.249.197:443

https://u.clarity.ms/collect

tls, http

firefox.exe

4.0kB
6.5kB
11
14

HTTP Request

POST https://u.clarity.ms/collect

HTTP Response

204
88.221.134.219:443

doggy8088.gallerycdn.vsassets.io

tls

Code.exe

4.3kB
16.9kB
21
26
88.221.134.178:443

formulahendry.gallerycdn.vsassets.io

tls

Code.exe

3.4kB
16.0kB
18
24
88.221.134.178:443

formulahendry.gallerycdn.vsassets.io

tls

Code.exe

3.7kB
40.0kB
23
41
88.221.134.219:443

adrianwilczynski.gallerycdn.vsassets.io

tls

Code.exe

4.4kB
20.3kB
21
29
88.221.134.219:443

adrianwilczynski.gallerycdn.vsassets.io

tls

Code.exe

3.4kB
12.8kB
18
23
88.221.134.225:443

ms-dotnettools.gallerycdn.vsassets.io

tls

Code.exe

7.0kB
117.2kB
46
99
88.221.134.225:443

ms-dotnettools.gallerycdn.vsassets.io

tls

Code.exe

3.4kB
10.8kB
17
20
88.221.134.225:443

ms-dotnettools.gallerycdn.vsassets.io

tls

Code.exe

5.6kB
50.5kB
33
52
88.221.134.225:443

ms-dotnettools.gallerycdn.vsassets.io

tls

Code.exe

15.8kB
58.7kB
49
80
88.221.134.208:443

ms-dotnettools.gallerycdn.vsassets.io

tls

Code.exe

461.8kB
11.0MB
6648
7904
185.199.109.133:443

raw.githubusercontent.com

tls

Code.exe

17.2kB
1.7MB
316
1228
104.21.80.27:443

cloudflare-ech.com

tls

Code.exe

2.3kB
4.4kB
11
10
104.21.80.27:443

cloudflare-ech.com

tls

Code.exe

2.2kB
4.4kB
9
10
13.107.6.175:443

ms-dotnettools.gallery.vsassets.io

tls

Code.exe

6.1kB
17.8kB
32
37
88.221.134.225:443

ionide.gallerycdn.vsassets.io

tls

Code.exe

3.5kB
19.3kB
20
26
13.107.42.18:443

marketplace.visualstudio.com

tls

Code.exe

12.6kB
975.7kB
163
733
88.221.134.219:443

ms-toolsai.gallerycdn.vsassets.io

tls

Code.exe

295.7kB
8.2MB
4414
5912
88.221.134.219:443

ionide.gallerycdn.vsassets.io

tls

Code.exe

1.4MB
59.7MB
21957
42782
88.221.134.208:443

ms-dotnettools.gallerycdn.vsassets.io

tls

Code.exe

9.0MB
226.5MB
126339
162459
88.221.134.208:443

ms-dotnettools.gallerycdn.vsassets.io

tls

Code.exe

5.5kB
1.1kB
13
12
88.221.134.219:443

ms-toolsai.gallerycdn.vsassets.io

tls

Code.exe

10.5kB
203.1kB
139
159
88.221.134.219:443

ms-toolsai.gallerycdn.vsassets.io

tls

Code.exe

279.3kB
8.6MB
4308
6163
88.221.134.219:443

ms-toolsai.gallerycdn.vsassets.io

tls

Code.exe

7.8kB
95.6kB
75
82
88.221.134.219:443

ms-toolsai.gallerycdn.vsassets.io

tls

Code.exe

10.2kB
193.0kB
104
151
88.221.134.219:443

dennismaxjung.gallerycdn.vsassets.io

tls

Code.exe

3.5kB
25.9kB
20
31
88.221.134.208:443

ms-dotnettools.gallerycdn.vsassets.io

tls

Code.exe

5.3kB
5.1kB
15
14
4.227.249.197:443

https://u.clarity.ms/collect

tls, http

firefox.exe

3.8kB
6.8kB
12
15

HTTP Request

POST https://u.clarity.ms/collect

HTTP Response

204
88.221.134.208:443

ms-dotnettools.gallerycdn.vsassets.io

tls

Code.exe

6.2kB
969 B
11
9
4.227.249.197:443

u.clarity.ms

tls

firefox.exe

1.6kB
5.9kB
13
9
4.227.249.197:443

https://u.clarity.ms/collect

tls, http

firefox.exe

3.8kB
6.5kB
12
14

HTTP Request

POST https://u.clarity.ms/collect

HTTP Response

204
4.227.249.197:443

https://u.clarity.ms/collect

tls, http

firefox.exe

3.9kB
6.5kB
11
14

HTTP Request

POST https://u.clarity.ms/collect

HTTP Response

204
4.227.249.197:443

https://u.clarity.ms/collect

tls, http

firefox.exe

4.0kB
6.5kB
12
14

HTTP Request

POST https://u.clarity.ms/collect

HTTP Response

204
4.227.249.197:443

https://u.clarity.ms/collect

tls, http

firefox.exe

4.1kB
6.5kB
11
14

HTTP Request

POST https://u.clarity.ms/collect

HTTP Response

204
4.227.249.197:443

https://u.clarity.ms/collect

tls, http

firefox.exe

4.0kB
6.5kB
11
14

HTTP Request

POST https://u.clarity.ms/collect

HTTP Response

204
88.221.134.201:443

nromanov.gallerycdn.vsassets.io

tls

Code.exe

4.5kB
93.6kB
41
78
88.221.134.219:443

murugaratham.gallerycdn.vsassets.io

tls

Code.exe

3.4kB
16.2kB
18
22
88.221.134.219:443

jashoo.gallerycdn.vsassets.io

tls

Code.exe

3.2kB
6.6kB
14
16
4.227.249.197:443

https://u.clarity.ms/collect

tls, http

firefox.exe

4.2kB
6.5kB
12
14

HTTP Request

POST https://u.clarity.ms/collect

HTTP Response

204
172.165.69.228:443

https://nav.smartscreen.microsoft.com/api/browser/edge/actions

tls, http

msedge.exe

2.5kB
9.8kB
11
12

HTTP Request

POST https://nav.smartscreen.microsoft.com/api/browser/edge/actions

HTTP Response

200
13.107.42.18:443

https://marketplace.visualstudio.com/_apis/customerintelligence/Events

tls, http2

msedge.exe

13.7kB
1.1MB
144
875

HTTP Request

GET https://marketplace.visualstudio.com/items?itemName=ms-dotnettools.csdevkit

HTTP Response

200

HTTP Request

GET https://marketplace.visualstudio.com/_static/tfs/M248_20250109.5/_scripts/TFS/min/Gallery/Client/Common/ManageCookieDrop.js

HTTP Request

GET https://marketplace.visualstudio.com/_public/_Bundling/Content?bundle=vss-bundle-basejs-vx38JYf0FTtFkI9k88H54KYCLs9sIP_6xJwgWGnd-xvw=

HTTP Request

GET https://marketplace.visualstudio.com/_public/_Bundling/Content?bundle=vss-bundle-common-vqskrZmqV9Y8Ba3TvxfO3_AsqhD5HzEWWv45nA_svAXw=

HTTP Request

GET https://marketplace.visualstudio.com/_public/_Bundling/Content?bundle=vss-bundle-view-vVPMaRpLiCOGp4TBWGlu4-zO80PtmH_5C3ZBIduNiO04=

HTTP Request

GET https://marketplace.visualstudio.com/_static/tfs/M248_20250109.5/_scripts/TFS/min/Gallery/Client/Pages/VSSItemDetailsSSR/SSRModuleWrappers.js

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://marketplace.visualstudio.com/_static/tfs/M248_20250109.5/App_Themes/Default/VSSItemDetailsSSR/VSSItemDetailsSSRMain.css

HTTP Request

POST https://marketplace.visualstudio.com/_apis/public/gallery/extensionquery

HTTP Request

POST https://marketplace.visualstudio.com/_apis/customerintelligence/Events

HTTP Response

200

HTTP Request

GET https://marketplace.visualstudio.com/_static/tfs/M248_20250109.5/_content/Fonts/Icons/AzDevMDL2.woff

HTTP Request

GET https://marketplace.visualstudio.com/favicon.ico

HTTP Response

204

HTTP Response

200

HTTP Request

POST https://marketplace.visualstudio.com/_apis/customerintelligence/Events

HTTP Request

POST https://marketplace.visualstudio.com/_apis/public/gallery/publishers/ms-dotnettools/extensions/csdevkit/1.16.4/stats?statType=pageview&targetPlatform=linux-arm64

HTTP Request

GET https://marketplace.visualstudio.com/_apis/public/gallery/extensions/7ad42776-8f7e-4214-bf67-4f0b518ef629/1.16.4/assets/Microsoft.VisualStudio.Services.Content.Details

HTTP Response

200

HTTP Response

200

HTTP Response

204

HTTP Response

201

HTTP Response

200

HTTP Request

POST https://marketplace.visualstudio.com/_apis/customerintelligence/Events

HTTP Response

204
172.165.69.228:443

https://nav.smartscreen.microsoft.com/api/browser/edge/navigate/2

tls, http

msedge.exe

2.9kB
10.8kB
11
13

HTTP Request

POST https://nav.smartscreen.microsoft.com/api/browser/edge/navigate/2

HTTP Response

200
172.165.69.228:443

https://data-edge.smartscreen.microsoft.com/api/browser/edge/data/settings

tls, http

msedge.exe

4.6kB
146.6kB
33
111

HTTP Request

GET https://data-edge.smartscreen.microsoft.com/windows/browser/edge/data/bloomfilter/x?pushCert=false&os=10.0.19044.4529.vb_release

HTTP Response

200

HTTP Request

GET https://data-edge.smartscreen.microsoft.com/windows/browser/edge/data/bloomfilter/x?pushCert=false&os=10.0.19044.4529.vb_release

HTTP Response

304

HTTP Request

POST https://data-edge.smartscreen.microsoft.com/api/browser/edge/data/settings

HTTP Response

200
172.165.69.228:443

https://data-edge.smartscreen.microsoft.com/windows/browser/edge/data/toptraffic?pushCert=false&os=10.0.19044.4529.vb_release

tls, http

msedge.exe

3.8kB
142.6kB
28
108

HTTP Request

POST https://data-edge.smartscreen.microsoft.com/api/browser/edge/data/settings

HTTP Response

200

HTTP Request

GET https://data-edge.smartscreen.microsoft.com/windows/browser/edge/data/toptraffic?pushCert=false&os=10.0.19044.4529.vb_release

HTTP Response

304
172.165.69.228:443

https://data-edge.smartscreen.microsoft.com/windows/browser/edge/data/toptraffic?pushCert=false&os=10.0.19044.4529.vb_release

tls, http

msedge.exe

3.6kB
488.2kB
62
354

HTTP Request

GET https://data-edge.smartscreen.microsoft.com/windows/browser/edge/data/toptraffic?pushCert=false&os=10.0.19044.4529.vb_release

HTTP Response

200
2.18.190.174:443

https://cdn.vsassets.io/v/M248_20250109.5/_content/icon-social-email.svg

tls, http

msedge.exe

19.5kB
43.2kB
47
52

HTTP Request

GET https://cdn.vsassets.io/v/M248_20250109.5/_content/Header/vs-logo.png

HTTP Response

200

HTTP Request

GET https://cdn.vsassets.io/v/M248_20250109.5/_content/FullStar.svg

HTTP Response

200

HTTP Request

GET https://cdn.vsassets.io/v/M248_20250109.5/_content/EmptyStarDark.svg

HTTP Response

200

HTTP Request

GET https://cdn.vsassets.io/v/M248_20250109.5/_scripts/TFS/min/jQueryUI/focusable.js

HTTP Response

200

HTTP Request

GET https://cdn.vsassets.io/v/M248_20250109.5/App_Themes/Default/ItemDetails/MetadataListContainer.css

HTTP Response

200

HTTP Request

GET https://cdn.vsassets.io/v/M248_20250109.5/App_Themes/Default/ItemDetails/ResourcesContainer.css

HTTP Response

200

HTTP Request

GET https://cdn.vsassets.io/v/M248_20250109.5/App_Themes/Default/Shared/FlagControl.css

HTTP Response

200

HTTP Request

GET https://cdn.vsassets.io/v/M248_20250109.5/App_Themes/Default/ItemDetails/GithubDetails.css

HTTP Response

200

HTTP Request

GET https://cdn.vsassets.io/v/M248_20250109.5/App_Themes/Default/RnR/ReviewDialog.css

HTTP Response

200

HTTP Request

GET https://cdn.vsassets.io/v/M248_20250109.5/App_Themes/Default/Shared/VerifiedDomainIcon.css

HTTP Response

200

HTTP Request

GET https://cdn.vsassets.io/v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/CommandBar.js

HTTP Response

200

HTTP Request

GET https://cdn.vsassets.io/v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/utilities/selection/index.js

HTTP Response

200

HTTP Request

GET https://cdn.vsassets.io/v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/components/Breadcrumb/index.js

HTTP Response

200

HTTP Request

GET https://cdn.vsassets.io/v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/utilities/selection/SelectionZone.js

HTTP Response

200

HTTP Request

GET https://cdn.vsassets.io/v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/components/Toggle/Toggle.js

HTTP Response

200

HTTP Request

GET https://cdn.vsassets.io/v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/components/Breadcrumb/Breadcrumb.base.js

HTTP Response

200

HTTP Request

GET https://cdn.vsassets.io/v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/components/Calendar/Calendar.types.js

HTTP Response

200

HTTP Request

GET https://cdn.vsassets.io/v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/components/DetailsList/DetailsList.scss.js

HTTP Response

200

HTTP Request

GET https://cdn.vsassets.io/v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/components/Check/Check.scss.js

HTTP Response

200

HTTP Request

GET https://cdn.vsassets.io/v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/Image.js

HTTP Response

200

HTTP Request

GET https://cdn.vsassets.io/v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/utilities/dateMath/DateMath.js

HTTP Response

200

HTTP Request

GET https://cdn.vsassets.io/v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/components/Check/index.js

HTTP Response

200

HTTP Request

GET https://cdn.vsassets.io/v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/components/Check/Check.js

HTTP Response

200

HTTP Request

GET https://cdn.vsassets.io/v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/components/GroupedList/GroupedList.scss.js

HTTP Response

200

HTTP Request

GET https://cdn.vsassets.io/v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/components/GroupedList/GroupHeader.js

HTTP Response

200

HTTP Request

GET https://cdn.vsassets.io/v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/components/GroupedList/GroupHeader.scss.js

HTTP Response

200

HTTP Request

GET https://cdn.vsassets.io/v/M248_20250109.5/_content/icon-social-email.svg

HTTP Response

200
2.18.190.174:443

https://cdn.vsassets.io/v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/components/Calendar/CalendarDay.js

tls, http

msedge.exe

16.7kB
38.0kB
38
44

HTTP Request

GET https://cdn.vsassets.io/v/M248_20250109.5/_content/Header/ImageSprite.png

HTTP Response

200

HTTP Request

GET https://cdn.vsassets.io/v/M248_20250109.5/_scripts/TFS/min/jQueryUI/version.js

HTTP Response

200

HTTP Request

GET https://cdn.vsassets.io/v/M248_20250109.5/App_Themes/Default/ItemDetails/ScreenshotsCarousel.css

HTTP Response

200

HTTP Request

GET https://cdn.vsassets.io/v/M248_20250109.5/App_Themes/Default/Shared/LinkAsButton.css

HTTP Response

200

HTTP Request

GET https://cdn.vsassets.io/v/M248_20250109.5/App_Themes/Default/QnA/AnswerContent.css

HTTP Response

200

HTTP Request

GET https://cdn.vsassets.io/v/M248_20250109.5/App_Themes/Default/ItemDetails/CapabilitiesContainer.css

HTTP Response

200

HTTP Request

GET https://cdn.vsassets.io/v/M248_20250109.5/App_Themes/Default/ItemDetails/NewPricingCalculator.css

HTTP Response

200

HTTP Request

GET https://cdn.vsassets.io/v/M248_20250109.5/App_Themes/Default/ItemDetails/OneClickInstallDialog.css

HTTP Response

200

HTTP Request

GET https://cdn.vsassets.io/v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/Toggle.js

HTTP Response

200

HTTP Request

GET https://cdn.vsassets.io/v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/Nav.js

HTTP Response

200

HTTP Request

GET https://cdn.vsassets.io/v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/components/CommandBar/index.js

HTTP Response

200

HTTP Request

GET https://cdn.vsassets.io/v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/utilities/selection/interfaces.js

HTTP Response

200

HTTP Request

GET https://cdn.vsassets.io/v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/components/DetailsList/DetailsList.types.js

HTTP Response

200

HTTP Request

GET https://cdn.vsassets.io/v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/components/ChoiceGroup/ChoiceGroup.js

HTTP Response

200

HTTP Request

GET https://cdn.vsassets.io/v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/components/DatePicker/DatePicker.js

HTTP Response

200

HTTP Request

GET https://cdn.vsassets.io/v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/components/DetailsList/DetailsRowCheck.scss.js

HTTP Response

200

HTTP Request

GET https://cdn.vsassets.io/v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/Check.js

HTTP Response

200

HTTP Request

GET https://cdn.vsassets.io/v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/components/Breadcrumb/Breadcrumb.styles.js

HTTP Response

200

HTTP Request

GET https://cdn.vsassets.io/v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/utilities/dateValues/DateValues.js

HTTP Response

200

HTTP Request

GET https://cdn.vsassets.io/v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/components/DetailsList/DetailsHeader.scss.js

HTTP Response

200

HTTP Request

GET https://cdn.vsassets.io/v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/utilities/dateValues/TimeConstants.js

HTTP Response

200

HTTP Request

GET https://cdn.vsassets.io/v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/components/Calendar/Calendar.js

HTTP Response

200

HTTP Request

GET https://cdn.vsassets.io/v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/components/Calendar/CalendarDay.js

HTTP Response

200
2.18.190.174:443

https://cdn.vsassets.io/v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/components/Calendar/CalendarMonth.js

tls, http

msedge.exe

16.0kB
28.9kB
36
36

HTTP Request

GET https://cdn.vsassets.io/v/M248_20250109.5/App_Themes/Default/Shared/Carousel.css

HTTP Response

200

HTTP Request

GET https://cdn.vsassets.io/v/M248_20250109.5/App_Themes/Default/Shared/ReadMoreText.css

HTTP Response

200

HTTP Request

GET https://cdn.vsassets.io/v/M248_20250109.5/App_Themes/Default/QnA/AskQuestionDialog.css

HTTP Response

200

HTTP Request

GET https://cdn.vsassets.io/v/M248_20250109.5/App_Themes/Default/QnA/QnAItemRow.css

HTTP Response

200

HTTP Request

GET https://cdn.vsassets.io/v/M248_20250109.5/App_Themes/Default/ItemDetails/MoreInfoContainer.css

HTTP Response

200

HTTP Request

GET https://cdn.vsassets.io/v/M248_20250109.5/App_Themes/Default/RnR/RnRRow.css

HTTP Response

200

HTTP Request

GET https://cdn.vsassets.io/v/M248_20250109.5/App_Themes/Default/Shared/MarketplaceCertifiedBadge.css

HTTP Response

200

HTTP Request

GET https://cdn.vsassets.io/v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/Slider.js

HTTP Response

200

HTTP Request

GET https://cdn.vsassets.io/v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/DatePicker.js

HTTP Response

200

HTTP Request

GET https://cdn.vsassets.io/v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/components/ChoiceGroup/index.js

HTTP Response

200

HTTP Request

GET https://cdn.vsassets.io/v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/utilities/selection/Selection.js

HTTP Response

200

HTTP Request

GET https://cdn.vsassets.io/v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/components/DetailsList/DetailsRowCheck.js

HTTP Response

200

HTTP Request

GET https://cdn.vsassets.io/v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/components/Breadcrumb/Breadcrumb.js

HTTP Response

200

HTTP Request

GET https://cdn.vsassets.io/v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/components/List/List.types.js

HTTP Response

200

HTTP Request

GET https://cdn.vsassets.io/v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/components/DetailsList/DetailsRow.scss.js

HTTP Response

200

HTTP Request

GET https://cdn.vsassets.io/v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/utilities/decorators/withViewport.js

HTTP Response

200

HTTP Request

GET https://cdn.vsassets.io/v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/components/Slider/Slider.scss.js

HTTP Response

200

HTTP Request

GET https://cdn.vsassets.io/v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/components/Nav/Nav.styles.js

HTTP Response

200

HTTP Request

GET https://cdn.vsassets.io/v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/components/GroupedList/GroupSpacer.scss.js

HTTP Response

200

HTTP Request

GET https://cdn.vsassets.io/v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/components/Calendar/index.js

HTTP Response

200

HTTP Request

GET https://cdn.vsassets.io/v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/components/ResizeGroup/ResizeGroup.base.js

HTTP Response

200

HTTP Request

GET https://cdn.vsassets.io/v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/components/Calendar/CalendarMonth.js

HTTP Response

200
2.18.190.174:443

https://cdn.vsassets.io/v/M248_20250109.5/_content/Fonts/Icons/AzDevMDL2.woff

tls, http

msedge.exe

2.2kB
68.3kB
21
58

HTTP Request

GET https://cdn.vsassets.io/v/M248_20250109.5/_content/Fonts/Icons/AzDevMDL2.woff

HTTP Response

200
2.18.190.174:443

https://cdn.vsassets.io/v/M248_20250109.5/_content/Fonts/Icons/bowtie.woff

tls, http

msedge.exe

2.1kB
53.9kB
19
48

HTTP Request

GET https://cdn.vsassets.io/v/M248_20250109.5/_content/Fonts/Icons/bowtie.woff

HTTP Response

200
88.221.134.178:443

https://ms-dotnettools.gallerycdn.vsassets.io/extensions/ms-dotnettools/csdevkit/1.16.4/1736874634085/Microsoft.VisualStudio.Services.Icons.Default

tls, http

msedge.exe

2.0kB
38.8kB
15
36

HTTP Request

GET https://ms-dotnettools.gallerycdn.vsassets.io/extensions/ms-dotnettools/csdevkit/1.16.4/1736874634085/Microsoft.VisualStudio.Services.Icons.Default

HTTP Response

200
20.26.156.215:443

https://github.com/microsoft/vscode-dotnettools/raw/refs/heads/main/docs/media/TestRunning.gif

tls, http2

msedge.exe

2.4kB
21.6kB
20
27

HTTP Request

GET https://github.com/microsoft/vscode-dotnettools/blob/main/docs/media/07-add.existing.project.gif?raw=true

HTTP Request

GET https://github.com/microsoft/vscode-dotnettools/blob/main/docs/media/TestRunning.gif?raw=true

HTTP Response

302

HTTP Request

GET https://github.com/microsoft/vscode-dotnettools/raw/refs/heads/main/docs/media/07-add.existing.project.gif

HTTP Response

302

HTTP Request

GET https://github.com/microsoft/vscode-dotnettools/raw/refs/heads/main/docs/media/TestRunning.gif

HTTP Response

302

HTTP Response

302
20.26.156.215:443

github.com

tls

msedge.exe

1.0kB
4.0kB
10
8
2.18.190.174:443

https://cdn.vsassets.io/v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/components/Calendar/Calendar.scss.js

tls, http

msedge.exe

14.1kB
34.2kB
36
41

HTTP Request

GET https://cdn.vsassets.io/v/M248_20250109.5/App_Themes/Default/QnA/ReadMoreContent.css

HTTP Response

200

HTTP Request

GET https://cdn.vsassets.io/v/M248_20250109.5/App_Themes/Default/ItemDetails/QnAAndRnRContainer.css

HTTP Response

200

HTTP Request

GET https://cdn.vsassets.io/v/M248_20250109.5/App_Themes/Default/ItemDetails/ItemDetails.css

HTTP Response

200

HTTP Request

GET https://cdn.vsassets.io/v/M248_20250109.5/App_Themes/Default/ItemDetails/VersionHistoryContainer.css

HTTP Response

200

HTTP Request

GET https://cdn.vsassets.io/v/M248_20250109.5/App_Themes/Default/Shared/OptInBar.css

HTTP Response

200

HTTP Request

GET https://cdn.vsassets.io/v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/List.js

HTTP Response

200

HTTP Request

GET https://cdn.vsassets.io/v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/components/Slider/index.js

HTTP Response

200

HTTP Request

GET https://cdn.vsassets.io/v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/components/DatePicker/index.js

HTTP Response

200

HTTP Request

GET https://cdn.vsassets.io/v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/components/DetailsList/DetailsRow.js

HTTP Response

200

HTTP Request

GET https://cdn.vsassets.io/v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/components/CommandBar/CommandBar.js

HTTP Response

200

HTTP Request

GET https://cdn.vsassets.io/v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/components/List/List.js

HTTP Response

200

HTTP Request

GET https://cdn.vsassets.io/v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/GroupedList.js

HTTP Response

200

HTTP Request

GET https://cdn.vsassets.io/v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/utilities/groupedList/GroupedListUtility.js

HTTP Response

200

HTTP Request

GET https://cdn.vsassets.io/v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/components/CommandBar/CommandBar.scss.js

HTTP Response

200

HTTP Request

GET https://cdn.vsassets.io/v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/Calendar.js

HTTP Response

200

HTTP Request

GET https://cdn.vsassets.io/v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/components/GroupedList/index.js

HTTP Response

200

HTTP Request

GET https://cdn.vsassets.io/v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/components/GroupedList/GroupedList.js

HTTP Response

200

HTTP Request

GET https://cdn.vsassets.io/v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/components/GroupedList/GroupedListSection.js

HTTP Response

200

HTTP Request

GET https://cdn.vsassets.io/v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/components/Calendar/Calendar.scss.js

HTTP Response

200
2.18.190.174:443

https://cdn.vsassets.io/v/M248_20250109.5/_content/icon-social-twitter.svg

tls, http

msedge.exe

16.2kB
37.1kB
40
41

HTTP Request

GET https://cdn.vsassets.io/v/M248_20250109.5/App_Themes/Default/QnA/QnAContainer.css

HTTP Response

200

HTTP Request

GET https://cdn.vsassets.io/v/M248_20250109.5/App_Themes/Default/Gallery/vss-ui.css

HTTP Response

200

HTTP Request

GET https://cdn.vsassets.io/v/M248_20250109.5/App_Themes/Default/RnR/ReviewReply.css

HTTP Response

200

HTTP Request

GET https://cdn.vsassets.io/v/M248_20250109.5/App_Themes/Default/ItemDetails/ItemDetailsTabContainer.css

HTTP Response

200

HTTP Request

GET https://cdn.vsassets.io/v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/DetailsList.js

HTTP Response

200

HTTP Request

GET https://cdn.vsassets.io/v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/Breadcrumb.js

HTTP Response

200

HTTP Request

GET https://cdn.vsassets.io/v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/components/Toggle/index.js

HTTP Response

200

HTTP Request

GET https://cdn.vsassets.io/v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/components/List/index.js

HTTP Response

200

HTTP Request

GET https://cdn.vsassets.io/v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/components/DetailsList/DetailsList.js

HTTP Response

200

HTTP Request

GET https://cdn.vsassets.io/v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/components/Slider/Slider.base.js

HTTP Response

200

HTTP Request

GET https://cdn.vsassets.io/v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/components/Nav/Nav.base.js

HTTP Response

200

HTTP Request

GET https://cdn.vsassets.io/v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/components/DetailsList/DetailsRowFields.js

HTTP Response

200

HTTP Request

GET https://cdn.vsassets.io/v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/utilities/dragdrop/DragDropHelper.js

HTTP Response

200

HTTP Request

GET https://cdn.vsassets.io/v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/components/Slider/Slider.styles.js

HTTP Response

200

HTTP Request

GET https://cdn.vsassets.io/v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/ResizeGroup.js

HTTP Response

200

HTTP Request

GET https://cdn.vsassets.io/v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/FocusTrapZone.js

HTTP Response

200

HTTP Request

GET https://cdn.vsassets.io/v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/components/ResizeGroup/index.js

HTTP Response

200

HTTP Request

GET https://cdn.vsassets.io/v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/components/ResizeGroup/ResizeGroup.js

HTTP Response

200

HTTP Request

GET https://cdn.vsassets.io/v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/components/ResizeGroup/ResizeGroup.styles.js

HTTP Response

200

HTTP Request

GET https://cdn.vsassets.io/v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/components/GroupedList/GroupFooter.js

HTTP Response

200

HTTP Request

GET https://cdn.vsassets.io/v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/components/GroupedList/GroupFooter.scss.js

HTTP Response

200

HTTP Request

GET https://cdn.vsassets.io/v/M248_20250109.5/_content/icon-social-twitter.svg

HTTP Response

200
2.18.190.174:443

https://cdn.vsassets.io/v/M248_20250109.5/_content/icon-social-facebook.svg

tls, http

msedge.exe

15.3kB
33.1kB
36
40

HTTP Request

GET https://cdn.vsassets.io/v/M248_20250109.5/App_Themes/Default/ItemDetails/ItemDetailsMarkdown.css

HTTP Response

200

HTTP Request

GET https://cdn.vsassets.io/v/M248_20250109.5/App_Themes/Default/Acquisition/Steps/BuyCustomizationEditControl.css

HTTP Response

200

HTTP Request

GET https://cdn.vsassets.io/v/M248_20250109.5/App_Themes/Default/RnR/RnRContainer.css

HTTP Response

200

HTTP Request

GET https://cdn.vsassets.io/v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/Selection.js

HTTP Response

200

HTTP Request

GET https://cdn.vsassets.io/v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/ChoiceGroup.js

HTTP Response

200

HTTP Request

GET https://cdn.vsassets.io/v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/components/DetailsList/index.js

HTTP Response

200

HTTP Request

GET https://cdn.vsassets.io/v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/components/Nav/index.js

HTTP Response

200

HTTP Request

GET https://cdn.vsassets.io/v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/components/GroupedList/GroupedList.types.js

HTTP Response

200

HTTP Request

GET https://cdn.vsassets.io/v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/components/Slider/Slider.js

HTTP Response

200

HTTP Request

GET https://cdn.vsassets.io/v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/components/Nav/Nav.js

HTTP Response

200

HTTP Request

GET https://cdn.vsassets.io/v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/components/GroupedList/GroupSpacer.js

HTTP Response

200

HTTP Request

GET https://cdn.vsassets.io/v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/components/DetailsList/DetailsHeader.js

HTTP Response

200

HTTP Request

GET https://cdn.vsassets.io/v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/components/Toggle/Toggle.classNames.js

HTTP Response

200

HTTP Request

GET https://cdn.vsassets.io/v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/components/ChoiceGroup/ChoiceGroup.scss.js

HTTP Response

200

HTTP Request

GET https://cdn.vsassets.io/v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/components/DatePicker/DatePicker.scss.js

HTTP Response

200

HTTP Request

GET https://cdn.vsassets.io/v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/components/Image/index.js

HTTP Response

200

HTTP Request

GET https://cdn.vsassets.io/v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/components/Check/Check.base.js

HTTP Response

200

HTTP Request

GET https://cdn.vsassets.io/v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/components/Check/Check.styles.js

HTTP Response

200

HTTP Request

GET https://cdn.vsassets.io/v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/components/GroupedList/GroupShowAll.js

HTTP Response

200

HTTP Request

GET https://cdn.vsassets.io/v/M248_20250109.5/_scripts/TFS/min/OfficeFabric/components/GroupedList/GroupShowAll.scss.js

HTTP Response

200

HTTP Request

GET https://cdn.vsassets.io/v/M248_20250109.5/_content/icon-social-facebook.svg

HTTP Response

200
185.199.108.133:443

https://raw.githubusercontent.com/microsoft/vscode-dotnettools/refs/heads/main/docs/media/TestRunning.gif

tls, http2

msedge.exe

10.9kB
1.1MB
211
777

HTTP Request

GET https://raw.githubusercontent.com/microsoft/vscode-dotnettools/refs/heads/main/docs/media/07-add.existing.project.gif

HTTP Request

GET https://raw.githubusercontent.com/microsoft/vscode-dotnettools/refs/heads/main/docs/media/TestRunning.gif

HTTP Response

200

HTTP Response

200
185.199.108.133:443

raw.githubusercontent.com

msedge.exe

98 B
52 B
2
1
4.227.249.197:443

https://u.clarity.ms/collect

tls, http

firefox.exe

4.1kB
6.5kB
11
14

HTTP Request

POST https://u.clarity.ms/collect

HTTP Response

204
13.107.42.18:443

marketplace.visualstudio.com

tls

Code.exe

54.3kB
4.1MB
909
3178
88.221.134.178:443

msoffice.gallerycdn.vsassets.io

tls

Code.exe

4.2kB
97.1kB
35
79
88.221.134.178:443

hellomuthu23.gallerycdn.vsassets.io

tls

Code.exe

3.3kB
12.4kB
14
18
88.221.134.208:443

sohibe.gallerycdn.vsassets.io

tls

Code.exe

10.7kB
481.7kB
176
364
88.221.134.201:443

dynamsoft.gallerycdn.vsassets.io

tls

Code.exe

3.2kB
11.8kB
14
19
88.221.134.208:443

daadaadaah.gallerycdn.vsassets.io

tls

Code.exe

3.3kB
21.2kB
15
25
88.221.134.208:443

miot.gallerycdn.vsassets.io

tls

Code.exe

3.3kB
10.1kB
15
18
13.107.42.18:443

marketplace.visualstudio.com

tls

Code.exe

6.8kB
189.8kB
44
161
20.26.156.215:443

github.com

tls

Code.exe

3.7kB
21.8kB
22
30
20.26.156.215:443

github.com

tls

Code.exe

2.3kB
4.0kB
11
9
13.107.6.175:443

ms-dotnettools.gallery.vsassets.io

tls

Code.exe

4.6kB
2.1kB
14
15
13.107.42.18:443

marketplace.visualstudio.com

https

msedge.exe

45.0kB
5.1MB
926
3706
51.11.108.188:443

tls

msedge.exe

3.0kB
1.7kB
7
3
4.227.249.197:443

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com

tls

firefox.exe

163 B
191 B
3
4
51.11.108.188:443

msedge.exe

46 B
1
51.11.108.188:443

msedge.exe

46 B
1
20.9.155.148:443

westus2-0.in.applicationinsights.azure.com

tls

Code.exe

102.5kB
7.0kB
82
51
20.9.155.148:443

westus2-0.in.applicationinsights.azure.com

tls

Code.exe

106.3kB
7.2kB
85
55
20.9.155.148:443

westus2-0.in.applicationinsights.azure.com

tls

Code.exe

106.1kB
7.3kB
85
58
20.9.155.148:443

westus2-0.in.applicationinsights.azure.com

tls

Code.exe

106.4kB
7.3kB
85
58
20.9.155.148:443

westus2-0.in.applicationinsights.azure.com

tls

Code.exe

106.9kB
7.2kB
84
54
13.107.5.93:443

default.exp-tas.com

tls

Code.exe

1.9kB
6.6kB
10
13
20.60.81.165:443

dotnetcli.blob.core.windows.net

tls

Code.exe

2.3kB
21.5kB
17
25
20.60.81.165:443

dotnetcli.blob.core.windows.net

tls

Code.exe

2.3kB
21.5kB
17
25
13.107.5.93:443

default.exp-tas.com

tls

Code.exe

1.9kB
6.6kB
10
14
52.182.143.210:443

mobile.events.data.microsoft.com

tls

Code.exe

4.8kB
5.6kB
12
10
52.182.143.210:443

mobile.events.data.microsoft.com

tls

Code.exe

3.1kB
5.6kB
11
10
20.112.250.133:443

dot.net

tls

Code.exe

987 B
8.7kB
9
11
52.168.117.170:443

mobile.events.data.microsoft.com

tls

Code.exe

11.7kB
5.7kB
16
13
52.168.117.170:443

mobile.events.data.microsoft.com

tls

Code.exe

3.1kB
5.6kB
10
10

8.8.8.8:53

7.98.22.2.in-addr.arpa

dns

Code.exe

124 B
250 B
2
2

DNS Request

7.98.22.2.in-addr.arpa

DNS Request

github.com
8.8.8.8:53

76.32.126.40.in-addr.arpa

dns

71 B
157 B
1
1

DNS Request

76.32.126.40.in-addr.arpa
8.8.8.8:53

checkappexec.microsoft.com

dns

72 B
191 B
1
1

DNS Request

checkappexec.microsoft.com

DNS Response

51.140.242.104
8.8.8.8:53

www.mozilla.org

dns

firefox.exe

61 B
166 B
1
1

DNS Request

www.mozilla.org

DNS Response

151.101.131.19

151.101.67.19

151.101.195.19

151.101.3.19
8.8.8.8:53

www-mozilla.fastly-edge.com

dns

firefox.exe

73 B
137 B
1
1

DNS Request

www-mozilla.fastly-edge.com

DNS Response

151.101.3.19

151.101.131.19

151.101.195.19

151.101.67.19
8.8.8.8:53

spocs.getpocket.com

dns

firefox.exe

65 B
131 B
1
1

DNS Request

spocs.getpocket.com

DNS Response

34.117.188.166
8.8.8.8:53

www-mozilla.fastly-edge.com

dns

firefox.exe

73 B
185 B
1
1

DNS Request

www-mozilla.fastly-edge.com

DNS Response

2a04:4e42:200::787

2a04:4e42::787

2a04:4e42:600::787

2a04:4e42:400::787
8.8.8.8:53

shavar.prod.mozaws.net

dns

firefox.exe

68 B
116 B
1
1

DNS Request

shavar.prod.mozaws.net

DNS Response

52.10.38.63

34.211.10.3

35.83.62.143
8.8.8.8:53

prod.content-signature-chains.prod.webservices.mozgcp.net

dns

firefox.exe

103 B
119 B
1
1

DNS Request

prod.content-signature-chains.prod.webservices.mozgcp.net

DNS Response

34.160.144.191
8.8.8.8:53

prod.ads.prod.webservices.mozgcp.net

dns

firefox.exe

82 B
98 B
1
1

DNS Request

prod.ads.prod.webservices.mozgcp.net

DNS Response

34.117.188.166
8.8.8.8:53

104.242.140.51.in-addr.arpa

dns

73 B
147 B
1
1

DNS Request

104.242.140.51.in-addr.arpa
8.8.8.8:53

83.210.23.2.in-addr.arpa

dns

70 B
133 B
1
1

DNS Request

83.210.23.2.in-addr.arpa
8.8.8.8:53

19.131.101.151.in-addr.arpa

dns

73 B
133 B
1
1

DNS Request

19.131.101.151.in-addr.arpa
8.8.8.8:53

prod.ads.prod.webservices.mozgcp.net

dns

firefox.exe

82 B
175 B
1
1

DNS Request

prod.ads.prod.webservices.mozgcp.net
8.8.8.8:53

prod.content-signature-chains.prod.webservices.mozgcp.net

dns

firefox.exe

103 B
131 B
1
1

DNS Request

prod.content-signature-chains.prod.webservices.mozgcp.net

DNS Response

2600:1901:0:92a9::
8.8.8.8:53

shavar.prod.mozaws.net

dns

firefox.exe

68 B
153 B
1
1

DNS Request

shavar.prod.mozaws.net
8.8.8.8:53

prod.remote-settings.prod.webservices.mozgcp.net

dns

firefox.exe

94 B
110 B
1
1

DNS Request

prod.remote-settings.prod.webservices.mozgcp.net

DNS Response

34.149.100.209
8.8.8.8:53

prod.remote-settings.prod.webservices.mozgcp.net

dns

firefox.exe

94 B
187 B
1
1

DNS Request

prod.remote-settings.prod.webservices.mozgcp.net
8.8.8.8:53

firefox-api-proxy.cdn.mozilla.net

dns

firefox.exe

79 B
160 B
1
1

DNS Request

firefox-api-proxy.cdn.mozilla.net

DNS Response

34.149.97.1
34.149.97.1:443

firefox-api-proxy.cdn.mozilla.net

https

firefox.exe

2.1kB
13.2kB
7
14
8.8.8.8:53

firefox-api-proxy-prod.pocket.prod.cloudops.mozgcp.net

dns

firefox.exe

100 B
116 B
1
1

DNS Request

firefox-api-proxy-prod.pocket.prod.cloudops.mozgcp.net

DNS Response

34.149.97.1
8.8.8.8:53

firefox-api-proxy-prod.pocket.prod.cloudops.mozgcp.net

dns

firefox.exe

100 B
128 B
1
1

DNS Request

firefox-api-proxy-prod.pocket.prod.cloudops.mozgcp.net

DNS Response

2600:1901:0:74e4::
8.8.8.8:53

143.62.83.35.in-addr.arpa

dns

71 B
133 B
1
1

DNS Request

143.62.83.35.in-addr.arpa
8.8.8.8:53

www.google.com

dns

firefox.exe

60 B
76 B
1
1

DNS Request

www.google.com

DNS Response

142.250.187.196
8.8.8.8:53

www.google.com

dns

firefox.exe

60 B
76 B
1
1

DNS Request

www.google.com

DNS Response

142.250.187.196
8.8.8.8:53

www.google.com

dns

firefox.exe

60 B
88 B
1
1

DNS Request

www.google.com

DNS Response

2a00:1450:4009:81f::2004
8.8.8.8:53

196.187.250.142.in-addr.arpa

dns

74 B
112 B
1
1

DNS Request

196.187.250.142.in-addr.arpa
142.250.187.196:443

www.google.com

https

firefox.exe

7.6kB
55.7kB
27
57
8.8.8.8:53

227.187.250.142.in-addr.arpa

dns

74 B
112 B
1
1

DNS Request

227.187.250.142.in-addr.arpa
8.8.8.8:53

195.187.250.142.in-addr.arpa

dns

74 B
112 B
1
1

DNS Request

195.187.250.142.in-addr.arpa
8.8.8.8:53

visualstudio.microsoft.com

dns

firefox.exe

72 B
250 B
1
1

DNS Request

visualstudio.microsoft.com

DNS Response

2.22.247.97
8.8.8.8:53

e19210.b.akamaiedge.net

dns

firefox.exe

69 B
85 B
1
1

DNS Request

e19210.b.akamaiedge.net

DNS Response

2.22.247.97
8.8.8.8:53

e19210.b.akamaiedge.net

dns

firefox.exe

69 B
130 B
1
1

DNS Request

e19210.b.akamaiedge.net
8.8.8.8:53

js.monitor.azure.com

dns

msedge.exe

66 B
254 B
1
1

DNS Request

js.monitor.azure.com

DNS Response

13.107.246.64
8.8.8.8:53

97.247.22.2.in-addr.arpa

dns

70 B
133 B
1
1

DNS Request

97.247.22.2.in-addr.arpa
8.8.8.8:53

browser.events.data.microsoft.com

dns

msedge.exe

79 B
203 B
1
1

DNS Request

browser.events.data.microsoft.com

DNS Response

52.182.143.208
8.8.8.8:53

onedscolprdcus04.centralus.cloudapp.azure.com

dns

firefox.exe

91 B
107 B
1
1

DNS Request

onedscolprdcus04.centralus.cloudapp.azure.com

DNS Response

52.182.143.208
8.8.8.8:53

s-part-0036.t-0009.t-msedge.net

dns

firefox.exe

77 B
93 B
1
1

DNS Request

s-part-0036.t-0009.t-msedge.net

DNS Response

13.107.246.64
8.8.8.8:53

www.microsoft.com

dns

msedge.exe

63 B
230 B
1
1

DNS Request

www.microsoft.com

DNS Response

95.100.245.144
8.8.8.8:53

wcpstatic.microsoft.com

dns

msedge.exe

69 B
251 B
1
1

DNS Request

wcpstatic.microsoft.com

DNS Response

13.107.246.64
8.8.8.8:53

cdn-dynmedia-1.microsoft.com

dns

msedge.exe

74 B
195 B
1
1

DNS Request

cdn-dynmedia-1.microsoft.com

DNS Response

184.28.198.218

184.28.198.210
8.8.8.8:53

onedscolprdcus04.centralus.cloudapp.azure.com

dns

firefox.exe

91 B
162 B
1
1

DNS Request

onedscolprdcus04.centralus.cloudapp.azure.com
8.8.8.8:53

s-part-0036.t-0009.t-msedge.net

dns

firefox.exe

77 B
105 B
1
1

DNS Request

s-part-0036.t-0009.t-msedge.net

DNS Response

2620:1ec:bdf::64
8.8.8.8:53

e13678.dscb.akamaiedge.net

dns

firefox.exe

72 B
88 B
1
1

DNS Request

e13678.dscb.akamaiedge.net

DNS Response

95.100.245.144
8.8.8.8:53

e81481.dsca.akamaiedge.net

dns

firefox.exe

72 B
104 B
1
1

DNS Request

e81481.dsca.akamaiedge.net

DNS Response

184.28.198.218

184.28.198.210
8.8.8.8:53

e81481.dsca.akamaiedge.net

dns

firefox.exe

72 B
128 B
1
1

DNS Request

e81481.dsca.akamaiedge.net

DNS Response

2a02:26f0:e8::6856:6f40

2a02:26f0:e8::6856:6f51
8.8.8.8:53

e13678.dscb.akamaiedge.net

dns

firefox.exe

72 B
184 B
1
1

DNS Request

e13678.dscb.akamaiedge.net

DNS Response

2a02:26f0:5900:4ab::356e

2a02:26f0:5900:498::356e

2a02:26f0:5900:4a4::356e

2a02:26f0:5900:4bb::356e
8.8.8.8:53

mem.gfx.ms

dns

firefox.exe

56 B
268 B
1
1

DNS Request

mem.gfx.ms

DNS Response

13.107.246.64
8.8.8.8:53

www.clarity.ms

dns

firefox.exe

60 B
223 B
1
1

DNS Request

www.clarity.ms

DNS Response

13.107.246.64
8.8.8.8:53

marketplace.visualstudio.com

dns

msedge.exe

74 B
90 B
1
1

DNS Request

marketplace.visualstudio.com

DNS Response

13.107.42.18
8.8.8.8:53

marketplace.visualstudio.com

dns

msedge.exe

74 B
90 B
1
1

DNS Request

marketplace.visualstudio.com

DNS Response

13.107.42.18
8.8.8.8:53

marketplace.visualstudio.com

dns

msedge.exe

74 B
102 B
1
1

DNS Request

marketplace.visualstudio.com

DNS Response

2620:1ec:a92::175
8.8.8.8:53

64.246.107.13.in-addr.arpa

dns

72 B
158 B
1
1

DNS Request

64.246.107.13.in-addr.arpa
8.8.8.8:53

144.245.100.95.in-addr.arpa

dns

146 B
139 B
2
1

DNS Request

144.245.100.95.in-addr.arpa

DNS Request

144.245.100.95.in-addr.arpa
8.8.8.8:53

218.198.28.184.in-addr.arpa

dns

73 B
139 B
1
1

DNS Request

218.198.28.184.in-addr.arpa
8.8.8.8:53

208.143.182.52.in-addr.arpa

dns

73 B
147 B
1
1

DNS Request

208.143.182.52.in-addr.arpa
8.8.8.8:53

198.187.3.20.in-addr.arpa

dns

142 B
157 B
2
1

DNS Request

198.187.3.20.in-addr.arpa

DNS Request

198.187.3.20.in-addr.arpa
8.8.8.8:53

18.42.107.13.in-addr.arpa

dns

71 B
157 B
1
1

DNS Request

18.42.107.13.in-addr.arpa
8.8.8.8:53

56.163.245.4.in-addr.arpa

dns

71 B
157 B
1
1

DNS Request

56.163.245.4.in-addr.arpa
8.8.8.8:53

u.clarity.ms

dns

firefox.exe

58 B
137 B
1
1

DNS Request

u.clarity.ms

DNS Response

4.227.249.197
8.8.8.8:53

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com

dns

firefox.exe

190 B
111 B
2
1

DNS Request

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com

DNS Request

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com

DNS Response

4.227.249.197
8.8.8.8:53

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com

dns

firefox.exe

95 B
166 B
1
1

DNS Request

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com
8.8.8.8:53

197.249.227.4.in-addr.arpa

dns

72 B
158 B
1
1

DNS Request

197.249.227.4.in-addr.arpa
8.8.8.8:53

app.vssps.visualstudio.com

dns

firefox.exe

72 B
158 B
1
1

DNS Request

app.vssps.visualstudio.com

DNS Response

13.107.42.18
8.8.8.8:53

l-0009.l-msedge.net

dns

firefox.exe

65 B
81 B
1
1

DNS Request

l-0009.l-msedge.net

DNS Response

13.107.42.18
8.8.8.8:53

l-0009.l-msedge.net

dns

firefox.exe

65 B
93 B
1
1

DNS Request

l-0009.l-msedge.net

DNS Response

2620:1ec:21::18
8.8.8.8:53

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com

dns

firefox.exe

95 B
111 B
1
1

DNS Request

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com

DNS Response

4.227.249.197
8.8.8.8:53

devblogs.microsoft.com

dns

firefox.exe

68 B
237 B
1
1

DNS Request

devblogs.microsoft.com

DNS Response

2.22.138.112
8.8.8.8:53

browser.events.data.microsoft.com

dns

msedge.exe

79 B
200 B
1
1

DNS Request

browser.events.data.microsoft.com

DNS Response

52.168.117.168
8.8.8.8:53

e12062.dscb.akamaiedge.net

dns

firefox.exe

72 B
88 B
1
1

DNS Request

e12062.dscb.akamaiedge.net

DNS Response

2.22.138.112
8.8.8.8:53

onedscolprdeus07.eastus.cloudapp.azure.com

dns

firefox.exe

88 B
104 B
1
1

DNS Request

onedscolprdeus07.eastus.cloudapp.azure.com

DNS Response

52.168.117.168
8.8.8.8:53

e12062.dscb.akamaiedge.net

dns

firefox.exe

72 B
128 B
1
1

DNS Request

e12062.dscb.akamaiedge.net

DNS Response

2a02:26f0:5900:48c::2f1e

2a02:26f0:5900:4bb::2f1e
8.8.8.8:53

onedscolprdeus07.eastus.cloudapp.azure.com

dns

firefox.exe

88 B
159 B
1
1

DNS Request

onedscolprdeus07.eastus.cloudapp.azure.com
8.8.8.8:53

www.tm.v4.a.prd.aadg.akadns.net

dns

firefox.exe

77 B
205 B
1
1

DNS Request

www.tm.v4.a.prd.aadg.akadns.net

DNS Response

40.126.32.68

20.190.160.14

20.190.160.17

40.126.32.72

40.126.32.74

40.126.32.76

40.126.32.138

20.190.160.20
8.8.8.8:53

www.tm.v4.a.prd.aadg.akadns.net

dns

firefox.exe

77 B
143 B
1
1

DNS Request

www.tm.v4.a.prd.aadg.akadns.net
8.8.8.8:53

112.138.22.2.in-addr.arpa

dns

71 B
135 B
1
1

DNS Request

112.138.22.2.in-addr.arpa
8.8.8.8:53

134.32.126.40.in-addr.arpa

dns

72 B
158 B
1
1

DNS Request

134.32.126.40.in-addr.arpa
8.8.8.8:53

acctcdn.msauth.net

dns

firefox.exe

64 B
279 B
1
1

DNS Request

acctcdn.msauth.net

DNS Response

13.107.246.64
8.8.8.8:53

browser.events.data.microsoft.com

dns

msedge.exe

79 B
200 B
1
1

DNS Request

browser.events.data.microsoft.com

DNS Response

20.189.173.10
8.8.8.8:53

onedscolprdwus09.westus.cloudapp.azure.com

dns

firefox.exe

88 B
104 B
1
1

DNS Request

onedscolprdwus09.westus.cloudapp.azure.com

DNS Response

20.189.173.10
8.8.8.8:53

onedscolprdwus09.westus.cloudapp.azure.com

dns

firefox.exe

88 B
158 B
1
1

DNS Request

onedscolprdwus09.westus.cloudapp.azure.com
8.8.8.8:53

browser.events.data.microsoft.com

dns

msedge.exe

79 B
204 B
1
1

DNS Request

browser.events.data.microsoft.com

DNS Response

52.178.17.235
8.8.8.8:53

code.visualstudio.com

dns

firefox.exe

134 B
540 B
2
2

DNS Request

code.visualstudio.com

DNS Response

13.107.246.64

DNS Request

code.visualstudio.com

DNS Response

13.107.246.64
8.8.8.8:53

onedscolprdweu14.westeurope.cloudapp.azure.com

dns

firefox.exe

92 B
108 B
1
1

DNS Request

onedscolprdweu14.westeurope.cloudapp.azure.com

DNS Response

52.178.17.235
8.8.8.8:53

onedscolprdweu14.westeurope.cloudapp.azure.com

dns

firefox.exe

92 B
163 B
1
1

DNS Request

onedscolprdweu14.westeurope.cloudapp.azure.com
8.8.8.8:53

consentdeliveryfd.azurefd.net

dns

firefox.exe

75 B
214 B
1
1

DNS Request

consentdeliveryfd.azurefd.net

DNS Response

13.107.246.64
8.8.8.8:53

assets.onestore.ms

dns

firefox.exe

64 B
201 B
1
1

DNS Request

assets.onestore.ms

DNS Response

104.124.165.196
8.8.8.8:53

web.vortex.data.microsoft.com

dns

firefox.exe

75 B
148 B
1
1

DNS Request

web.vortex.data.microsoft.com
8.8.8.8:53

microsoftwindows.112.2o7.net

dns

firefox.exe

74 B
122 B
1
1

DNS Request

microsoftwindows.112.2o7.net

DNS Response

66.235.152.156

66.235.152.221

66.235.152.225
8.8.8.8:53

e10583.dspg.akamaiedge.net

dns

firefox.exe

72 B
88 B
1
1

DNS Request

e10583.dspg.akamaiedge.net

DNS Response

104.124.165.196
8.8.8.8:53

a1449.dscg2.akamai.net

dns

firefox.exe

68 B
100 B
1
1

DNS Request

a1449.dscg2.akamai.net

DNS Response

2.19.252.139

2.19.252.134
8.8.8.8:53

microsoftwindows.112.2o7.net

dns

firefox.exe

74 B
122 B
1
1

DNS Request

microsoftwindows.112.2o7.net

DNS Response

66.235.152.156

66.235.152.225

66.235.152.221
8.8.8.8:53

e10583.dspg.akamaiedge.net

dns

firefox.exe

72 B
128 B
1
1

DNS Request

e10583.dspg.akamaiedge.net

DNS Response

2a02:26f0:5d00:a99::2957

2a02:26f0:5d00:a84::2957
8.8.8.8:53

microsoftwindows.112.2o7.net

dns

firefox.exe

74 B
143 B
1
1

DNS Request

microsoftwindows.112.2o7.net
8.8.8.8:53

a1449.dscg2.akamai.net

dns

firefox.exe

68 B
124 B
1
1

DNS Request

a1449.dscg2.akamai.net

DNS Response

2a02:26f0:5d00:a::685b:471f

2a02:26f0:5d00:a::685b:470c
8.8.8.8:53

196.165.124.104.in-addr.arpa

dns

74 B
141 B
1
1

DNS Request

196.165.124.104.in-addr.arpa
8.8.8.8:53

139.252.19.2.in-addr.arpa

dns

71 B
135 B
1
1

DNS Request

139.252.19.2.in-addr.arpa
8.8.8.8:53

156.152.235.66.in-addr.arpa

dns

73 B
121 B
1
1

DNS Request

156.152.235.66.in-addr.arpa
8.8.8.8:53

ms-python.gallerycdn.vsassets.io

dns

firefox.exe

78 B
268 B
1
1

DNS Request

ms-python.gallerycdn.vsassets.io

DNS Response

88.221.134.219

88.221.134.178

88.221.134.225

88.221.134.234
8.8.8.8:53

ms-vscode.gallerycdn.vsassets.io

dns

firefox.exe

78 B
268 B
1
1

DNS Request

ms-vscode.gallerycdn.vsassets.io

DNS Response

88.221.134.178

88.221.134.219

88.221.134.234

88.221.134.225
8.8.8.8:53

vscjava.gallerycdn.vsassets.io

dns

firefox.exe

76 B
266 B
1
1

DNS Request

vscjava.gallerycdn.vsassets.io

DNS Response

88.221.134.225

88.221.134.234

88.221.134.219

88.221.134.178
8.8.8.8:53

github.gallerycdn.vsassets.io

dns

firefox.exe

75 B
249 B
1
1

DNS Request

github.gallerycdn.vsassets.io

DNS Response

88.221.134.178

88.221.134.208

88.221.134.187
8.8.8.8:53

a125.dscr.akamai.net

dns

firefox.exe

66 B
130 B
1
1

DNS Request

a125.dscr.akamai.net

DNS Response

88.221.134.225

88.221.134.219

88.221.134.178

88.221.134.234
8.8.8.8:53

a125.dscr.akamai.net

dns

firefox.exe

66 B
122 B
1
1

DNS Request

a125.dscr.akamai.net

DNS Response

2a02:26f0:5900::1738:ee7a

2a02:26f0:5900::1738:ee6b
8.8.8.8:53

vscode.download.prss.microsoft.com

dns

firefox.exe

80 B
298 B
1
1

DNS Request

vscode.download.prss.microsoft.com

DNS Response

2.18.190.171

2.18.190.180
8.8.8.8:53

a308.dscd.akamai.net

dns

firefox.exe

66 B
98 B
1
1

DNS Request

a308.dscd.akamai.net

DNS Response

2.18.190.171

2.18.190.180
8.8.8.8:53

a308.dscd.akamai.net

dns

firefox.exe

66 B
122 B
1
1

DNS Request

a308.dscd.akamai.net

DNS Response

2a02:26f0:5900::b832:72a9

2a02:26f0:5900::b832:72a0
8.8.8.8:53

235.17.178.52.in-addr.arpa

dns

72 B
146 B
1
1

DNS Request

235.17.178.52.in-addr.arpa
8.8.8.8:53

219.134.221.88.in-addr.arpa

dns

73 B
139 B
1
1

DNS Request

219.134.221.88.in-addr.arpa
8.8.8.8:53

225.134.221.88.in-addr.arpa

dns

73 B
139 B
1
1

DNS Request

225.134.221.88.in-addr.arpa
8.8.8.8:53

178.134.221.88.in-addr.arpa

dns

73 B
139 B
1
1

DNS Request

178.134.221.88.in-addr.arpa
8.8.8.8:53

171.190.18.2.in-addr.arpa

dns

71 B
135 B
1
1

DNS Request

171.190.18.2.in-addr.arpa
8.8.8.8:53

u.clarity.ms

dns

firefox.exe

58 B
137 B
1
1

DNS Request

u.clarity.ms

DNS Response

4.227.249.197
8.8.8.8:53

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com

dns

firefox.exe

190 B
166 B
2
1

DNS Request

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com

DNS Request

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com
8.8.8.8:53

location.services.mozilla.com

dns

firefox.exe

225 B
153 B
3
1

DNS Request

location.services.mozilla.com

DNS Request

location.services.mozilla.com

DNS Request

location.services.mozilla.com

DNS Response

35.190.72.216
8.8.8.8:53

prod.balrog.prod.cloudops.mozgcp.net

dns

firefox.exe

82 B
98 B
1
1

DNS Request

prod.balrog.prod.cloudops.mozgcp.net

DNS Response

35.244.181.201
8.8.8.8:53

prod.balrog.prod.cloudops.mozgcp.net

dns

firefox.exe

164 B
350 B
2
2

DNS Request

prod.balrog.prod.cloudops.mozgcp.net

DNS Request

prod.balrog.prod.cloudops.mozgcp.net
8.8.8.8:53

201.181.244.35.in-addr.arpa

dns

146 B
126 B
2
1

DNS Request

201.181.244.35.in-addr.arpa

DNS Request

201.181.244.35.in-addr.arpa
8.8.8.8:53

prod.classify-client.prod.webservices.mozgcp.net

dns

firefox.exe

188 B
220 B
2
2

DNS Request

prod.classify-client.prod.webservices.mozgcp.net

DNS Response

35.190.72.216

DNS Request

prod.classify-client.prod.webservices.mozgcp.net

DNS Response

35.190.72.216
35.190.72.216:443

prod.classify-client.prod.webservices.mozgcp.net

https

firefox.exe

2.0kB
4.6kB
7
8
8.8.8.8:53

prod.classify-client.prod.webservices.mozgcp.net

dns

firefox.exe

94 B
187 B
1
1

DNS Request

prod.classify-client.prod.webservices.mozgcp.net
8.8.8.8:53

ciscobinary.openh264.org

dns

firefox.exe

70 B
286 B
1
1

DNS Request

ciscobinary.openh264.org

DNS Response

88.221.134.209

88.221.134.155
8.8.8.8:53

redirector.gvt1.com

dns

firefox.exe

65 B
81 B
1
1

DNS Request

redirector.gvt1.com

DNS Response

142.250.180.14
8.8.8.8:53

a19.dscg10.akamai.net

dns

firefox.exe

67 B
99 B
1
1

DNS Request

a19.dscg10.akamai.net

DNS Response

88.221.134.209

88.221.134.155
8.8.8.8:53

redirector.gvt1.com

dns

firefox.exe

65 B
81 B
1
1

DNS Request

redirector.gvt1.com

DNS Response

142.250.180.14
8.8.8.8:53

a19.dscg10.akamai.net

dns

firefox.exe

67 B
123 B
1
1

DNS Request

a19.dscg10.akamai.net

DNS Response

2a02:26f0:a1::58dd:86d1

2a02:26f0:a1::58dd:869b
8.8.8.8:53

redirector.gvt1.com

dns

firefox.exe

195 B
186 B
3
2

DNS Request

redirector.gvt1.com

DNS Request

redirector.gvt1.com

DNS Response

2a00:1450:4009:81e::200e

DNS Request

redirector.gvt1.com

DNS Response

2a00:1450:4009:81e::200e
8.8.8.8:53

216.72.190.35.in-addr.arpa

dns

Code.exe

150 B
392 B
2
2

DNS Request

216.72.190.35.in-addr.arpa

DNS Request

dynamsoft.gallerycdn.vsassets.io
8.8.8.8:53

209.134.221.88.in-addr.arpa

dns

73 B
139 B
1
1

DNS Request

209.134.221.88.in-addr.arpa
8.8.8.8:53

14.180.250.142.in-addr.arpa

dns

73 B
112 B
1
1

DNS Request

14.180.250.142.in-addr.arpa
8.8.8.8:53

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com

dns

firefox.exe

95 B
111 B
1
1

DNS Request

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com

DNS Response

4.227.249.197
8.8.8.8:53

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com

dns

firefox.exe

190 B
166 B
2
1

DNS Request

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com

DNS Request

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com
8.8.8.8:53

prod-video-cms-rt-microsoft-com.akamaized.net

dns

firefox.exe

91 B
153 B
1
1

DNS Request

prod-video-cms-rt-microsoft-com.akamaized.net

DNS Response

2.19.252.141

2.19.252.154
8.8.8.8:53

a1985.g2.akamai.net

dns

firefox.exe

65 B
97 B
1
1

DNS Request

a1985.g2.akamai.net

DNS Response

2.19.252.154

2.19.252.141
8.8.8.8:53

a1985.g2.akamai.net

dns

firefox.exe

65 B
127 B
1
1

DNS Request

a1985.g2.akamai.net
8.8.8.8:53

141.252.19.2.in-addr.arpa

dns

71 B
135 B
1
1

DNS Request

141.252.19.2.in-addr.arpa
142.250.180.14:443

redirector.gvt1.com

https

firefox.exe

2.0kB
9.3kB
9
10
8.8.8.8:53

r4---sn-aigzrnsz.gvt1.com

dns

firefox.exe

71 B
116 B
1
1

DNS Request

r4---sn-aigzrnsz.gvt1.com

DNS Response

74.125.175.169
8.8.8.8:53

r4.sn-aigzrnsz.gvt1.com

dns

firefox.exe

69 B
85 B
1
1

DNS Request

r4.sn-aigzrnsz.gvt1.com

DNS Response

74.125.175.169
8.8.8.8:53

r4.sn-aigzrnsz.gvt1.com

dns

firefox.exe

69 B
97 B
1
1

DNS Request

r4.sn-aigzrnsz.gvt1.com

DNS Response

2a00:1450:4009:1b::9
8.8.8.8:53

169.175.125.74.in-addr.arpa

dns

73 B
111 B
1
1

DNS Request

169.175.125.74.in-addr.arpa
74.125.175.169:443

r4.sn-aigzrnsz.gvt1.com

https

firefox.exe

1.8kB
5.9kB
5
7
8.8.8.8:53

browser.events.data.microsoft.com

dns

msedge.exe

79 B
200 B
1
1

DNS Request

browser.events.data.microsoft.com

DNS Response

20.42.65.85
8.8.8.8:53

onedscolprdeus05.eastus.cloudapp.azure.com

dns

firefox.exe

88 B
104 B
1
1

DNS Request

onedscolprdeus05.eastus.cloudapp.azure.com

DNS Response

20.42.65.85
8.8.8.8:53

onedscolprdeus05.eastus.cloudapp.azure.com

dns

firefox.exe

88 B
159 B
1
1

DNS Request

onedscolprdeus05.eastus.cloudapp.azure.com
8.8.8.8:53

u.clarity.ms

dns

firefox.exe

58 B
137 B
1
1

DNS Request

u.clarity.ms

DNS Response

4.227.249.197
8.8.8.8:53

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com

dns

firefox.exe

95 B
111 B
1
1

DNS Request

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com

DNS Response

4.227.249.197
8.8.8.8:53

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com

dns

firefox.exe

95 B
166 B
1
1

DNS Request

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com
8.8.8.8:53

u.clarity.ms

dns

firefox.exe

58 B
137 B
1
1

DNS Request

u.clarity.ms

DNS Response

4.227.249.197
8.8.8.8:53

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com

dns

firefox.exe

95 B
166 B
1
1

DNS Request

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com
8.8.8.8:53

133.130.81.91.in-addr.arpa

dns

72 B
147 B
1
1

DNS Request

133.130.81.91.in-addr.arpa
8.8.8.8:53

u.clarity.ms

dns

firefox.exe

58 B
137 B
1
1

DNS Request

u.clarity.ms

DNS Response

4.227.249.197
8.8.8.8:53

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com

dns

firefox.exe

95 B
111 B
1
1

DNS Request

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com

DNS Response

4.227.249.197
8.8.8.8:53

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com

dns

firefox.exe

95 B
166 B
1
1

DNS Request

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com
8.8.8.8:53

u.clarity.ms

dns

firefox.exe

58 B
137 B
1
1

DNS Request

u.clarity.ms

DNS Response

4.227.249.197
8.8.8.8:53

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com

dns

firefox.exe

95 B
111 B
1
1

DNS Request

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com

DNS Response

4.227.249.197
8.8.8.8:53

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com

dns

firefox.exe

95 B
166 B
1
1

DNS Request

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com
8.8.8.8:53

default.exp-tas.com

dns

Code.exe

65 B
147 B
1
1

DNS Request

default.exp-tas.com

DNS Response

13.107.5.93
8.8.8.8:53

default.exp-tas.com

dns

Code.exe

65 B
188 B
1
1

DNS Request

default.exp-tas.com
8.8.8.8:53

93.5.107.13.in-addr.arpa

dns

70 B
156 B
1
1

DNS Request

93.5.107.13.in-addr.arpa
8.8.8.8:53

main.vscode-cdn.net

dns

Code.exe

65 B
235 B
1
1

DNS Request

main.vscode-cdn.net

DNS Response

13.107.246.64
8.8.8.8:53

main.vscode-cdn.net

dns

Code.exe

65 B
279 B
1
1

DNS Request

main.vscode-cdn.net
8.8.8.8:53

main.vscode-cdn.net

dns

Code.exe

65 B
235 B
1
1

DNS Request

main.vscode-cdn.net

DNS Response

13.107.246.64
8.8.8.8:53

main.vscode-cdn.net

dns

Code.exe

65 B
279 B
1
1

DNS Request

main.vscode-cdn.net
8.8.8.8:53

marketplace.visualstudio.com

dns

msedge.exe

146 B
225 B
2
2

DNS Request

marketplace.visualstudio.com

DNS Response

13.107.42.18

DNS Request

132.10.212.52.in-addr.arpa
8.8.8.8:53

marketplace.visualstudio.com

dns

msedge.exe

74 B
144 B
1
1

DNS Request

marketplace.visualstudio.com
8.8.8.8:53

firefox-devtools.gallerycdn.vsassets.io

dns

Code.exe

85 B
259 B
1
1

DNS Request

firefox-devtools.gallerycdn.vsassets.io

DNS Response

88.221.134.203

88.221.134.178

88.221.134.208
8.8.8.8:53

firefox-devtools.gallerycdn.vsassets.io

dns

164 B
475 B
2
2

DNS Request

firefox-devtools.gallerycdn.vsassets.io

DNS Request

browser.events.data.microsoft.com

DNS Response

20.189.173.10
8.8.8.8:53

mobile.events.data.microsoft.com

dns

Code.exe

78 B
202 B
1
1

DNS Request

mobile.events.data.microsoft.com

DNS Response

20.50.201.204
8.8.8.8:53

mobile.events.data.microsoft.com

dns

Code.exe

78 B
243 B
1
1

DNS Request

mobile.events.data.microsoft.com
8.8.8.8:53

203.134.221.88.in-addr.arpa

dns

73 B
139 B
1
1

DNS Request

203.134.221.88.in-addr.arpa
8.8.8.8:53

u.clarity.ms

dns

firefox.exe

58 B
137 B
1
1

DNS Request

u.clarity.ms

DNS Response

4.227.249.197
8.8.8.8:53

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com

dns

firefox.exe

95 B
111 B
1
1

DNS Request

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com

DNS Response

4.227.249.197
8.8.8.8:53

204.201.50.20.in-addr.arpa

dns

72 B
158 B
1
1

DNS Request

204.201.50.20.in-addr.arpa
8.8.8.8:53

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com

dns

firefox.exe

95 B
166 B
1
1

DNS Request

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com
8.8.8.8:53

ms-toolsai.gallerycdn.vsassets.io

dns

Code.exe

79 B
253 B
1
1

DNS Request

ms-toolsai.gallerycdn.vsassets.io

DNS Response

88.221.134.208

88.221.134.201

88.221.134.178
8.8.8.8:53

ms-toolsai.gallerycdn.vsassets.io

dns

Code.exe

79 B
269 B
1
1

DNS Request

ms-toolsai.gallerycdn.vsassets.io
8.8.8.8:53

ms-vscode.gallerycdn.vsassets.io

dns

firefox.exe

78 B
252 B
1
1

DNS Request

ms-vscode.gallerycdn.vsassets.io

DNS Response

88.221.134.178

88.221.134.201

88.221.134.208
8.8.8.8:53

ms-vscode.gallerycdn.vsassets.io

dns

firefox.exe

78 B
268 B
1
1

DNS Request

ms-vscode.gallerycdn.vsassets.io
8.8.8.8:53

ms-python.gallerycdn.vsassets.io

dns

firefox.exe

78 B
252 B
1
1

DNS Request

ms-python.gallerycdn.vsassets.io

DNS Response

88.221.134.203

88.221.134.178

88.221.134.208
8.8.8.8:53

ms-python.gallerycdn.vsassets.io

dns

firefox.exe

78 B
268 B
1
1

DNS Request

ms-python.gallerycdn.vsassets.io
8.8.8.8:53

mobile.events.data.microsoft.com

dns

Code.exe

78 B
202 B
1
1

DNS Request

mobile.events.data.microsoft.com

DNS Response

20.50.201.204
8.8.8.8:53

208.134.221.88.in-addr.arpa

dns

73 B
139 B
1
1

DNS Request

208.134.221.88.in-addr.arpa
8.8.8.8:53

ritwickdey.gallerycdn.vsassets.io

dns

Code.exe

79 B
253 B
1
1

DNS Request

ritwickdey.gallerycdn.vsassets.io

DNS Response

88.221.134.178

88.221.134.203

88.221.134.208
8.8.8.8:53

ritwickdey.gallerycdn.vsassets.io

dns

Code.exe

79 B
269 B
1
1

DNS Request

ritwickdey.gallerycdn.vsassets.io
8.8.8.8:53

visualstudioexptteam.gallerycdn.vsassets.io

dns

Code.exe

89 B
263 B
1
1

DNS Request

visualstudioexptteam.gallerycdn.vsassets.io

DNS Response

88.221.134.208

88.221.134.178

88.221.134.203
8.8.8.8:53

visualstudioexptteam.gallerycdn.vsassets.io

dns

Code.exe

89 B
279 B
1
1

DNS Request

visualstudioexptteam.gallerycdn.vsassets.io
8.8.8.8:53

esbenp.gallerycdn.vsassets.io

dns

Code.exe

75 B
249 B
1
1

DNS Request

esbenp.gallerycdn.vsassets.io

DNS Response

88.221.134.208

88.221.134.178

88.221.134.203
8.8.8.8:53

esbenp.gallerycdn.vsassets.io

dns

Code.exe

75 B
265 B
1
1

DNS Request

esbenp.gallerycdn.vsassets.io
8.8.8.8:53

hars.gallerycdn.vsassets.io

dns

Code.exe

73 B
247 B
1
1

DNS Request

hars.gallerycdn.vsassets.io

DNS Response

88.221.134.201

88.221.134.178

88.221.134.208
8.8.8.8:53

hars.gallerycdn.vsassets.io

dns

Code.exe

73 B
263 B
1
1

DNS Request

hars.gallerycdn.vsassets.io
8.8.8.8:53

franneck94.gallerycdn.vsassets.io

dns

Code.exe

79 B
253 B
1
1

DNS Request

franneck94.gallerycdn.vsassets.io

DNS Response

88.221.134.203

88.221.134.178

88.221.134.208
8.8.8.8:53

franneck94.gallerycdn.vsassets.io

dns

Code.exe

79 B
269 B
1
1

DNS Request

franneck94.gallerycdn.vsassets.io
8.8.8.8:53

danielpinto8zz6.gallerycdn.vsassets.io

dns

Code.exe

84 B
258 B
1
1

DNS Request

danielpinto8zz6.gallerycdn.vsassets.io

DNS Response

88.221.134.208

88.221.134.201

88.221.134.178
8.8.8.8:53

danielpinto8zz6.gallerycdn.vsassets.io

dns

Code.exe

84 B
274 B
1
1

DNS Request

danielpinto8zz6.gallerycdn.vsassets.io
8.8.8.8:53

11.227.111.52.in-addr.arpa

dns

72 B
158 B
1
1

DNS Request

11.227.111.52.in-addr.arpa
8.8.8.8:53

201.134.221.88.in-addr.arpa

dns

73 B
139 B
1
1

DNS Request

201.134.221.88.in-addr.arpa
8.8.8.8:53

kaysonwu.gallerycdn.vsassets.io

dns

Code.exe

77 B
251 B
1
1

DNS Request

kaysonwu.gallerycdn.vsassets.io

DNS Response

88.221.134.201

88.221.134.208

88.221.134.178
8.8.8.8:53

kaysonwu.gallerycdn.vsassets.io

dns

Code.exe

77 B
267 B
1
1

DNS Request

kaysonwu.gallerycdn.vsassets.io
8.8.8.8:53

brapifra.gallerycdn.vsassets.io

dns

Code.exe

77 B
251 B
1
1

DNS Request

brapifra.gallerycdn.vsassets.io

DNS Response

88.221.134.178

88.221.134.208

88.221.134.203
8.8.8.8:53

brapifra.gallerycdn.vsassets.io

dns

Code.exe

77 B
267 B
1
1

DNS Request

brapifra.gallerycdn.vsassets.io
8.8.8.8:53

jbenden.gallerycdn.vsassets.io

dns

Code.exe

76 B
250 B
1
1

DNS Request

jbenden.gallerycdn.vsassets.io

DNS Response

88.221.134.178

88.221.134.201

88.221.134.208
8.8.8.8:53

jbenden.gallerycdn.vsassets.io

dns

Code.exe

76 B
266 B
1
1

DNS Request

jbenden.gallerycdn.vsassets.io
8.8.8.8:53

jaycetyle.gallerycdn.vsassets.io

dns

Code.exe

78 B
252 B
1
1

DNS Request

jaycetyle.gallerycdn.vsassets.io

DNS Response

88.221.134.208

88.221.134.178

88.221.134.201
8.8.8.8:53

jaycetyle.gallerycdn.vsassets.io

dns

Code.exe

78 B
268 B
1
1

DNS Request

jaycetyle.gallerycdn.vsassets.io
8.8.8.8:53

leojhonsong.gallerycdn.vsassets.io

dns

Code.exe

80 B
254 B
1
1

DNS Request

leojhonsong.gallerycdn.vsassets.io

DNS Response

88.221.134.178

88.221.134.203

88.221.134.208
8.8.8.8:53

leojhonsong.gallerycdn.vsassets.io

dns

Code.exe

80 B
270 B
1
1

DNS Request

leojhonsong.gallerycdn.vsassets.io
8.8.8.8:53

browser.events.data.microsoft.com

dns

msedge.exe

79 B
200 B
1
1

DNS Request

browser.events.data.microsoft.com

DNS Response

20.189.173.17
8.8.8.8:53

onedscolprdwus22.westus.cloudapp.azure.com

dns

firefox.exe

88 B
104 B
1
1

DNS Request

onedscolprdwus22.westus.cloudapp.azure.com

DNS Response

20.189.173.17
8.8.8.8:53

onedscolprdwus22.westus.cloudapp.azure.com

dns

firefox.exe

88 B
158 B
1
1

DNS Request

onedscolprdwus22.westus.cloudapp.azure.com
8.8.8.8:53

u.clarity.ms

dns

firefox.exe

58 B
137 B
1
1

DNS Request

u.clarity.ms

DNS Response

4.227.249.197
8.8.8.8:53

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com

dns

firefox.exe

95 B
111 B
1
1

DNS Request

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com

DNS Response

4.227.249.197
8.8.8.8:53

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com

dns

firefox.exe

95 B
166 B
1
1

DNS Request

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com
8.8.8.8:53

ms-dotnettools.gallerycdn.vsassets.io

dns

msedge.exe

83 B
257 B
1
1

DNS Request

ms-dotnettools.gallerycdn.vsassets.io

DNS Response

88.221.134.225

88.221.134.178

88.221.134.219
8.8.8.8:53

ms-dotnettools.gallerycdn.vsassets.io

dns

msedge.exe

83 B
273 B
1
1

DNS Request

ms-dotnettools.gallerycdn.vsassets.io
8.8.8.8:53

doggy8088.gallerycdn.vsassets.io

dns

Code.exe

78 B
252 B
1
1

DNS Request

doggy8088.gallerycdn.vsassets.io

DNS Response

88.221.134.219

88.221.134.178

88.221.134.225
8.8.8.8:53

doggy8088.gallerycdn.vsassets.io

dns

Code.exe

78 B
268 B
1
1

DNS Request

doggy8088.gallerycdn.vsassets.io
8.8.8.8:53

adrianwilczynski.gallerycdn.vsassets.io

dns

Code.exe

85 B
259 B
1
1

DNS Request

adrianwilczynski.gallerycdn.vsassets.io

DNS Response

88.221.134.219

88.221.134.178

88.221.134.225
8.8.8.8:53

adrianwilczynski.gallerycdn.vsassets.io

dns

Code.exe

85 B
275 B
1
1

DNS Request

adrianwilczynski.gallerycdn.vsassets.io
8.8.8.8:53

formulahendry.gallerycdn.vsassets.io

dns

Code.exe

82 B
256 B
1
1

DNS Request

formulahendry.gallerycdn.vsassets.io

DNS Response

88.221.134.178

88.221.134.201

88.221.134.208
8.8.8.8:53

formulahendry.gallerycdn.vsassets.io

dns

Code.exe

82 B
272 B
1
1

DNS Request

formulahendry.gallerycdn.vsassets.io
8.8.8.8:53

ms-dotnettools.gallerycdn.vsassets.io

dns

msedge.exe

83 B
257 B
1
1

DNS Request

ms-dotnettools.gallerycdn.vsassets.io

DNS Response

88.221.134.208

88.221.134.178

88.221.134.201
8.8.8.8:53

ms-dotnettools.gallerycdn.vsassets.io

dns

msedge.exe

83 B
273 B
1
1

DNS Request

ms-dotnettools.gallerycdn.vsassets.io
8.8.8.8:53

img.shields.io

dns

Code.exe

60 B
92 B
1
1

DNS Request

img.shields.io

DNS Response

104.21.80.27

172.67.173.89
8.8.8.8:53

img.shields.io

dns

Code.exe

60 B
208 B
1
1

DNS Request

img.shields.io
8.8.8.8:53

raw.githubusercontent.com

dns

msedge.exe

71 B
135 B
1
1

DNS Request

raw.githubusercontent.com

DNS Response

185.199.109.133

185.199.110.133

185.199.108.133

185.199.111.133
8.8.8.8:53

raw.githubusercontent.com

dns

msedge.exe

71 B
136 B
1
1

DNS Request

raw.githubusercontent.com
104.21.80.27:443

img.shields.io

https

Code.exe

5.5kB
10.7kB
13
17
8.8.8.8:53

ms-dotnettools.gallery.vsassets.io

dns

Code.exe

80 B
96 B
1
1

DNS Request

ms-dotnettools.gallery.vsassets.io

DNS Response

13.107.6.175
8.8.8.8:53

ms-dotnettools.gallery.vsassets.io

dns

Code.exe

80 B
153 B
1
1

DNS Request

ms-dotnettools.gallery.vsassets.io
8.8.8.8:53

27.80.21.104.in-addr.arpa

dns

71 B
133 B
1
1

DNS Request

27.80.21.104.in-addr.arpa
8.8.8.8:53

133.109.199.185.in-addr.arpa

dns

74 B
118 B
1
1

DNS Request

133.109.199.185.in-addr.arpa
8.8.8.8:53

175.6.107.13.in-addr.arpa

dns

71 B
157 B
1
1

DNS Request

175.6.107.13.in-addr.arpa
8.8.8.8:53

ionide.gallerycdn.vsassets.io

dns

Code.exe

75 B
265 B
1
1

DNS Request

ionide.gallerycdn.vsassets.io

DNS Response

88.221.134.225

88.221.134.219

88.221.134.186

88.221.134.203
8.8.8.8:53

ionide.gallerycdn.vsassets.io

dns

Code.exe

75 B
265 B
1
1

DNS Request

ionide.gallerycdn.vsassets.io
8.8.8.8:53

marketplace.visualstudio.com

dns

msedge.exe

74 B
90 B
1
1

DNS Request

marketplace.visualstudio.com

DNS Response

13.107.42.18
8.8.8.8:53

marketplace.visualstudio.com

dns

msedge.exe

74 B
144 B
1
1

DNS Request

marketplace.visualstudio.com
8.8.8.8:53

ms-toolsai.gallerycdn.vsassets.io

dns

Code.exe

79 B
253 B
1
1

DNS Request

ms-toolsai.gallerycdn.vsassets.io

DNS Response

88.221.134.219

88.221.134.225

88.221.134.178
8.8.8.8:53

ms-toolsai.gallerycdn.vsassets.io

dns

Code.exe

79 B
269 B
1
1

DNS Request

ms-toolsai.gallerycdn.vsassets.io
8.8.8.8:53

ionide.gallerycdn.vsassets.io

dns

Code.exe

75 B
265 B
1
1

DNS Request

ionide.gallerycdn.vsassets.io

DNS Response

88.221.134.219

88.221.134.186

88.221.134.203

88.221.134.225
8.8.8.8:53

ionide.gallerycdn.vsassets.io

dns

Code.exe

75 B
265 B
1
1

DNS Request

ionide.gallerycdn.vsassets.io
8.8.8.8:53

ms-toolsai.gallery.vsassets.io

dns

Code.exe

76 B
92 B
1
1

DNS Request

ms-toolsai.gallery.vsassets.io

DNS Response

13.107.6.175
8.8.8.8:53

ms-toolsai.gallery.vsassets.io

dns

Code.exe

76 B
149 B
1
1

DNS Request

ms-toolsai.gallery.vsassets.io
8.8.8.8:53

ionide.gallery.vsassets.io

dns

Code.exe

72 B
88 B
1
1

DNS Request

ionide.gallery.vsassets.io

DNS Response

13.107.6.175
8.8.8.8:53

ionide.gallery.vsassets.io

dns

Code.exe

72 B
145 B
1
1

DNS Request

ionide.gallery.vsassets.io
8.8.8.8:53

dennismaxjung.gallerycdn.vsassets.io

dns

Code.exe

82 B
272 B
1
1

DNS Request

dennismaxjung.gallerycdn.vsassets.io

DNS Response

88.221.134.219

88.221.134.225

88.221.134.203

88.221.134.186
8.8.8.8:53

dennismaxjung.gallerycdn.vsassets.io

dns

Code.exe

82 B
272 B
1
1

DNS Request

dennismaxjung.gallerycdn.vsassets.io
8.8.8.8:53

u.clarity.ms

dns

firefox.exe

58 B
137 B
1
1

DNS Request

u.clarity.ms

DNS Response

4.227.249.197
8.8.8.8:53

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com

dns

firefox.exe

95 B
111 B
1
1

DNS Request

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com

DNS Response

4.227.249.197
8.8.8.8:53

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com

dns

firefox.exe

95 B
166 B
1
1

DNS Request

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com
8.8.8.8:53

onedscolprdwus09.westus.cloudapp.azure.com

dns

firefox.exe

88 B
104 B
1
1

DNS Request

onedscolprdwus09.westus.cloudapp.azure.com

DNS Response

20.189.173.10
8.8.8.8:53

onedscolprdwus09.westus.cloudapp.azure.com

dns

firefox.exe

88 B
158 B
1
1

DNS Request

onedscolprdwus09.westus.cloudapp.azure.com
8.8.8.8:53

u.clarity.ms

dns

firefox.exe

58 B
137 B
1
1

DNS Request

u.clarity.ms

DNS Response

4.227.249.197
8.8.8.8:53

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com

dns

firefox.exe

190 B
111 B
2
1

DNS Request

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com

DNS Request

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com

DNS Response

4.227.249.197
8.8.8.8:53

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com

dns

firefox.exe

95 B
166 B
1
1

DNS Request

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com
8.8.8.8:53

u.clarity.ms

dns

firefox.exe

58 B
137 B
1
1

DNS Request

u.clarity.ms

DNS Response

4.227.249.197
8.8.8.8:53

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com

dns

firefox.exe

190 B
222 B
2
2

DNS Request

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com

DNS Response

4.227.249.197

DNS Request

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com

DNS Response

4.227.249.197
8.8.8.8:53

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com

dns

firefox.exe

95 B
166 B
1
1

DNS Request

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com
8.8.8.8:53

mobile.events.data.microsoft.com

dns

Code.exe

78 B
198 B
1
1

DNS Request

mobile.events.data.microsoft.com

DNS Response

20.42.73.31
8.8.8.8:53

mobile.events.data.microsoft.com

dns

Code.exe

78 B
246 B
1
1

DNS Request

mobile.events.data.microsoft.com
8.8.8.8:53

9.73.50.20.in-addr.arpa

dns

131 B
312 B
2
2

DNS Request

9.73.50.20.in-addr.arpa

DNS Request

go.microsoft.com

DNS Response

95.100.246.76
8.8.8.8:53

u.clarity.ms

dns

firefox.exe

58 B
137 B
1
1

DNS Request

u.clarity.ms

DNS Response

4.227.249.197
8.8.8.8:53

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com

dns

firefox.exe

95 B
111 B
1
1

DNS Request

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com

DNS Response

4.227.249.197
8.8.8.8:53

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com

dns

firefox.exe

95 B
166 B
1
1

DNS Request

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com
8.8.8.8:53

u.clarity.ms

dns

firefox.exe

58 B
137 B
1
1

DNS Request

u.clarity.ms

DNS Response

4.227.249.197
8.8.8.8:53

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com

dns

firefox.exe

95 B
111 B
1
1

DNS Request

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com

DNS Response

4.227.249.197
8.8.8.8:53

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com

dns

firefox.exe

95 B
166 B
1
1

DNS Request

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com
8.8.8.8:53

u.clarity.ms

dns

firefox.exe

58 B
137 B
1
1

DNS Request

u.clarity.ms

DNS Response

4.227.249.197
8.8.8.8:53

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com

dns

firefox.exe

95 B
111 B
1
1

DNS Request

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com

DNS Response

4.227.249.197
8.8.8.8:53

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com

dns

firefox.exe

95 B
166 B
1
1

DNS Request

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com
8.8.8.8:53

nromanov.gallerycdn.vsassets.io

dns

Code.exe

77 B
267 B
1
1

DNS Request

nromanov.gallerycdn.vsassets.io

DNS Response

88.221.134.201

88.221.134.219

88.221.134.208

88.221.134.225
8.8.8.8:53

nromanov.gallerycdn.vsassets.io

dns

Code.exe

77 B
267 B
1
1

DNS Request

nromanov.gallerycdn.vsassets.io
8.8.8.8:53

adrianwilczynski.gallerycdn.vsassets.io

dns

Code.exe

85 B
275 B
1
1

DNS Request

adrianwilczynski.gallerycdn.vsassets.io

DNS Response

88.221.134.219

88.221.134.201

88.221.134.208

88.221.134.225
8.8.8.8:53

adrianwilczynski.gallerycdn.vsassets.io

dns

Code.exe

85 B
275 B
1
1

DNS Request

adrianwilczynski.gallerycdn.vsassets.io
8.8.8.8:53

murugaratham.gallerycdn.vsassets.io

dns

Code.exe

81 B
271 B
1
1

DNS Request

murugaratham.gallerycdn.vsassets.io

DNS Response

88.221.134.219

88.221.134.225

88.221.134.208

88.221.134.201
8.8.8.8:53

murugaratham.gallerycdn.vsassets.io

dns

Code.exe

81 B
271 B
1
1

DNS Request

murugaratham.gallerycdn.vsassets.io
8.8.8.8:53

jashoo.gallerycdn.vsassets.io

dns

Code.exe

75 B
265 B
1
1

DNS Request

jashoo.gallerycdn.vsassets.io

DNS Response

88.221.134.219

88.221.134.208

88.221.134.201

88.221.134.225
8.8.8.8:53

jashoo.gallerycdn.vsassets.io

dns

Code.exe

75 B
265 B
1
1

DNS Request

jashoo.gallerycdn.vsassets.io
8.8.8.8:53

mobile.events.data.microsoft.com

dns

Code.exe

78 B
198 B
1
1

DNS Request

mobile.events.data.microsoft.com

DNS Response

20.189.173.16
8.8.8.8:53

mobile.events.data.microsoft.com

dns

Code.exe

78 B
242 B
1
1

DNS Request

mobile.events.data.microsoft.com
8.8.8.8:53

u.clarity.ms

dns

firefox.exe

58 B
137 B
1
1

DNS Request

u.clarity.ms

DNS Response

4.227.249.197
8.8.8.8:53

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com

dns

firefox.exe

95 B
111 B
1
1

DNS Request

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com

DNS Response

4.227.249.197
8.8.8.8:53

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com

dns

firefox.exe

95 B
166 B
1
1

DNS Request

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com
8.8.8.8:53

ms-dotnettools.gallerycdn.vsassets.io

dns

msedge.exe

83 B
273 B
1
1

DNS Request

ms-dotnettools.gallerycdn.vsassets.io

DNS Response

88.221.134.225

88.221.134.219

88.221.134.208

88.221.134.201
8.8.8.8:53

ms-dotnettools.gallerycdn.vsassets.io

dns

msedge.exe

83 B
273 B
1
1

DNS Request

ms-dotnettools.gallerycdn.vsassets.io
8.8.8.8:53

nav.smartscreen.microsoft.com

dns

msedge.exe

75 B
192 B
1
1

DNS Request

nav.smartscreen.microsoft.com

DNS Response

172.165.69.228
8.8.8.8:53

marketplace.visualstudio.com

dns

msedge.exe

74 B
90 B
1
1

DNS Request

marketplace.visualstudio.com

DNS Response

13.107.42.18
8.8.8.8:53

data-edge.smartscreen.microsoft.com

dns

msedge.exe

81 B
199 B
1
1

DNS Request

data-edge.smartscreen.microsoft.com

DNS Response

172.165.69.228
8.8.8.8:53

wcpstatic.microsoft.com

dns

msedge.exe

69 B
251 B
1
1

DNS Request

wcpstatic.microsoft.com

DNS Response

13.107.246.64
8.8.8.8:53

cdn.vsassets.io

dns

msedge.exe

61 B
213 B
1
1

DNS Request

cdn.vsassets.io

DNS Response

2.18.190.174

2.18.190.176
8.8.8.8:53

228.69.165.172.in-addr.arpa

dns

Code.exe

151 B
360 B
2
2

DNS Request

228.69.165.172.in-addr.arpa

DNS Request

mobile.events.data.microsoft.com

DNS Response

104.208.16.90
8.8.8.8:53

174.190.18.2.in-addr.arpa

dns

71 B
135 B
1
1

DNS Request

174.190.18.2.in-addr.arpa
8.8.8.8:53

ms-dotnettools.gallerycdn.vsassets.io

dns

msedge.exe

83 B
257 B
1
1

DNS Request

ms-dotnettools.gallerycdn.vsassets.io

DNS Response

88.221.134.178

88.221.134.225

88.221.134.219
8.8.8.8:53

github.com

dns

msedge.exe

56 B
72 B
1
1

DNS Request

github.com

DNS Response

20.26.156.215
8.8.8.8:53

raw.githubusercontent.com

dns

msedge.exe

71 B
135 B
1
1

DNS Request

raw.githubusercontent.com

DNS Response

185.199.108.133

185.199.111.133

185.199.110.133

185.199.109.133
8.8.8.8:53

215.156.26.20.in-addr.arpa

dns

72 B
158 B
1
1

DNS Request

215.156.26.20.in-addr.arpa
8.8.8.8:53

133.108.199.185.in-addr.arpa

dns

74 B
118 B
1
1

DNS Request

133.108.199.185.in-addr.arpa
8.8.8.8:53

u.clarity.ms

dns

firefox.exe

58 B
137 B
1
1

DNS Request

u.clarity.ms

DNS Response

4.227.249.197
8.8.8.8:53

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com

dns

firefox.exe

95 B
111 B
1
1

DNS Request

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com

DNS Response

4.227.249.197
8.8.8.8:53

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com

dns

firefox.exe

95 B
166 B
1
1

DNS Request

clarity-ingest-eus-d-sc.eastus.cloudapp.azure.com
8.8.8.8:53

marketplace.visualstudio.com

dns

msedge.exe

74 B
90 B
1
1

DNS Request

marketplace.visualstudio.com

DNS Response

13.107.42.18
8.8.8.8:53

marketplace.visualstudio.com

dns

msedge.exe

74 B
144 B
1
1

DNS Request

marketplace.visualstudio.com
8.8.8.8:53

msoffice.gallerycdn.vsassets.io

dns

Code.exe

77 B
251 B
1
1

DNS Request

msoffice.gallerycdn.vsassets.io

DNS Response

88.221.134.178

88.221.134.219

88.221.134.225
8.8.8.8:53

msoffice.gallerycdn.vsassets.io

dns

Code.exe

77 B
267 B
1
1

DNS Request

msoffice.gallerycdn.vsassets.io
8.8.8.8:53

sohibe.gallerycdn.vsassets.io

dns

Code.exe

75 B
265 B
1
1

DNS Request

sohibe.gallerycdn.vsassets.io

DNS Response

88.221.134.208

88.221.134.178

88.221.134.153

88.221.134.201
8.8.8.8:53

sohibe.gallerycdn.vsassets.io

dns

Code.exe

75 B
265 B
1
1

DNS Request

sohibe.gallerycdn.vsassets.io
8.8.8.8:53

hellomuthu23.gallerycdn.vsassets.io

dns

Code.exe

81 B
255 B
1
1

DNS Request

hellomuthu23.gallerycdn.vsassets.io

DNS Response

88.221.134.178

88.221.134.225

88.221.134.219
8.8.8.8:53

hellomuthu23.gallerycdn.vsassets.io

dns

Code.exe

81 B
271 B
1
1

DNS Request

hellomuthu23.gallerycdn.vsassets.io
8.8.8.8:53

dynamsoft.gallerycdn.vsassets.io

dns

Code.exe

78 B
268 B
1
1

DNS Request

dynamsoft.gallerycdn.vsassets.io

DNS Response

88.221.134.201

88.221.134.153

88.221.134.208

88.221.134.178
8.8.8.8:53

miot.gallerycdn.vsassets.io

dns

Code.exe

73 B
263 B
1
1

DNS Request

miot.gallerycdn.vsassets.io

DNS Response

88.221.134.208

88.221.134.201

88.221.134.153

88.221.134.178
8.8.8.8:53

miot.gallerycdn.vsassets.io

dns

Code.exe

73 B
263 B
1
1

DNS Request

miot.gallerycdn.vsassets.io
8.8.8.8:53

daadaadaah.gallerycdn.vsassets.io

dns

Code.exe

79 B
269 B
1
1

DNS Request

daadaadaah.gallerycdn.vsassets.io

DNS Response

88.221.134.208

88.221.134.178

88.221.134.201

88.221.134.153
8.8.8.8:53

daadaadaah.gallerycdn.vsassets.io

dns

Code.exe

79 B
269 B
1
1

DNS Request

daadaadaah.gallerycdn.vsassets.io
8.8.8.8:53

ms-dotnettools.gallerycdn.vsassets.io

dns

msedge.exe

83 B
273 B
1
1

DNS Request

ms-dotnettools.gallerycdn.vsassets.io

DNS Response

88.221.134.178

88.221.134.208

88.221.134.153

88.221.134.201
8.8.8.8:53

ms-dotnettools.gallerycdn.vsassets.io

dns

msedge.exe

83 B
273 B
1
1

DNS Request

ms-dotnettools.gallerycdn.vsassets.io
8.8.8.8:53

marketplace.visualstudio.com

dns

msedge.exe

74 B
90 B
1
1

DNS Request

marketplace.visualstudio.com

DNS Response

13.107.42.18
8.8.8.8:53

marketplace.visualstudio.com

dns

msedge.exe

74 B
144 B
1
1

DNS Request

marketplace.visualstudio.com
8.8.8.8:53

github.com

dns

msedge.exe

56 B
72 B
1
1

DNS Request

github.com

DNS Response

20.26.156.215
8.8.8.8:53

ms-dotnettools.gallery.vsassets.io

dns

Code.exe

80 B
96 B
1
1

DNS Request

ms-dotnettools.gallery.vsassets.io

DNS Response

13.107.6.175
8.8.8.8:53

ms-dotnettools.gallery.vsassets.io

dns

Code.exe

80 B
153 B
1
1

DNS Request

ms-dotnettools.gallery.vsassets.io
8.8.8.8:53
8.8.8.8:53
8.8.8.8:53
224.0.0.251:5353

msedge.exe

461 B
7
8.8.8.8:53

westus2-0.in.applicationinsights.azure.com

dns

Code.exe

88 B
300 B
1
1

DNS Request

westus2-0.in.applicationinsights.azure.com

DNS Response

20.9.155.148
8.8.8.8:53

dotnetcli.blob.core.windows.net

dns

Code.exe

77 B
133 B
1
1

DNS Request

dotnetcli.blob.core.windows.net

DNS Response

20.60.81.165
8.8.8.8:53

default.exp-tas.com

dns

Code.exe

65 B
147 B
1
1

DNS Request

default.exp-tas.com

DNS Response

13.107.5.93
8.8.8.8:53

mobile.events.data.microsoft.com

dns

Code.exe

78 B
198 B
1
1

DNS Request

mobile.events.data.microsoft.com

DNS Response

20.189.173.13
8.8.8.8:53

mobile.events.data.microsoft.com

dns

Code.exe

78 B
243 B
1
1

DNS Request

mobile.events.data.microsoft.com
8.8.8.8:53

148.155.9.20.in-addr.arpa

dns

71 B
157 B
1
1

DNS Request

148.155.9.20.in-addr.arpa
8.8.8.8:53

165.81.60.20.in-addr.arpa

dns

71 B
157 B
1
1

DNS Request

165.81.60.20.in-addr.arpa
8.8.8.8:53

www.microsoft.com

dns

msedge.exe

63 B
230 B
1
1

DNS Request

www.microsoft.com

DNS Response

95.100.245.144
8.8.8.8:53

www.microsoft.com

dns

msedge.exe

63 B
230 B
1
1

DNS Request

www.microsoft.com

DNS Response

95.100.245.144
8.8.8.8:53

mobile.events.data.microsoft.com

dns

Code.exe

78 B
201 B
1
1

DNS Request

mobile.events.data.microsoft.com

DNS Response

52.182.143.210
8.8.8.8:53

dot.net

dns

Code.exe

53 B
133 B
1
1

DNS Request

dot.net

DNS Response

20.112.250.133

20.70.246.20

20.236.44.162

20.231.239.246

20.76.201.171
8.8.8.8:53

210.143.182.52.in-addr.arpa

dns

73 B
147 B
1
1

DNS Request

210.143.182.52.in-addr.arpa
8.8.8.8:53

builds.dotnet.microsoft.com

dns

powershell.exe

73 B
254 B
1
1

DNS Request

builds.dotnet.microsoft.com

DNS Response

13.107.246.64
8.8.8.8:53
8.8.8.8:53
8.8.8.8:53
8.8.8.8:53

133.250.112.20.in-addr.arpa

dns

73 B
159 B
1
1

DNS Request

133.250.112.20.in-addr.arpa
8.8.8.8:53

mobile.events.data.microsoft.com

dns

Code.exe

78 B
198 B
1
1

DNS Request

mobile.events.data.microsoft.com

DNS Response

52.168.117.170
8.8.8.8:53

170.117.168.52.in-addr.arpa

dns

73 B
147 B
1
1

DNS Request

170.117.168.52.in-addr.arpa
8.8.8.8:53

ci.dot.net

dns

powershell.exe

56 B
198 B
1
1

DNS Request

ci.dot.net

DNS Response

13.107.246.64

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

T1059

PowerShell

T1059.001

Persistence

Boot or Logon Autostart Execution

T1547

Registry Run Keys / Startup Folder

T1547.001

Privilege Escalation

Boot or Logon Autostart Execution

T1547

Registry Run Keys / Startup Folder

T1547.001

Defense Evasion

File and Directory Permissions Modification

T1222

Modify Registry

T1112

Subvert Trust Controls

T1553

Install Root Certificate

T1553.004

SIP and Trust Provider Hijacking

T1553.003

Credential Access

Discovery

Browser Information Discovery

T1217

Network Service Discovery

T1046

Network Share Discovery

T1135

Peripheral Device Discovery

T1120

Query Registry

System Information Discovery