Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Resubmissions
17/03/2025, 08:46 UTC
250317-kpcdasvyhs 1017/03/2025, 08:43 UTC
250317-kmnzbaymv3 1017/03/2025, 08:41 UTC
250317-klen9avycv 417/03/2025, 08:37 UTC
250317-kjddeavxfw 4Analysis
-
max time kernel
137s -
max time network
138s -
platform
windows11-21h2_x64 -
resource
win11-20250314-en -
resource tags
-
submitted
17/03/2025, 08:43 UTC
Errors
Reason
Machine shutdown
General
-
Target
https://github.com/Da2dalus/The-MALWARE-Repo/archive/refs/heads/master.zip
Score
10/10
Malware Config
Signatures
-
Mimikatz
mimikatz is an open source tool to dump credentials on Windows.
-
Mimikatz family
-
Troldesh family
-
Troldesh, Shade, Encoder.858
Troldesh is a ransomware spread by malspam.
-
mimikatz is an open source tool to dump credentials on Windows 1 IoCs
-
Executes dropped EXE 2 IoCs
-
Loads dropped DLL 1 IoCs
-
Reads user/profile data of web browsers 3 TTPs
Infostealers often target stored browser data, which can include saved credentials etc.
-
Adds Run key to start application 2 TTPs 1 IoCs
-
Writes to the Master Boot Record (MBR) 1 TTPs 3 IoCs
Bootkits write to the MBR to gain persistence at a level below the operating system.
-
UPX packed file 5 IoCs
Detects executables packed with UPX/modified UPX open source packer.
-
Drops file in Program Files directory 53 IoCs
-
Drops file in Windows directory 14 IoCs
-
Browser Information Discovery 1 TTPs
Enumerate browser information.
-
System Location Discovery: System Language Discovery 1 TTPs 7 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Enumerates system info in registry 2 TTPs 3 IoCs
-
Modifies data under HKEY_USERS 17 IoCs
-
Modifies registry class 2 IoCs
-
NTFS ADS 1 IoCs
-
Scheduled Task/Job: Scheduled Task 1 TTPs 1 IoCs
Schtasks is often used by malware for persistence or to perform post-infection execution.
-
Suspicious behavior: EnumeratesProcesses 15 IoCs
-
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 14 IoCs
-
Suspicious use of AdjustPrivilegeToken 5 IoCs
-
Suspicious use of FindShellTrayWindow 64 IoCs
-
Suspicious use of SendNotifyMessage 12 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
-
Suspicious use of WriteProcessMemory 64 IoCs
Processes
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --start-maximized --single-argument https://github.com/Da2dalus/The-MALWARE-Repo/archive/refs/heads/master.zip1⤵
- Drops file in Windows directory
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Modifies registry class
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=133.0.6943.99 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 --annotation=prod=Edge --annotation=ver=133.0.3065.69 --initial-client-data=0x240,0x244,0x248,0x23c,0x2f4,0x7ffc75f4f208,0x7ffc75f4f214,0x7ffc75f4f2202⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --string-annotations --always-read-main-dll --field-trial-handle=1920,i,7714401277941798121,6914554688310655062,262144 --variations-seed-version --mojo-platform-channel-handle=2340 /prefetch:112⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --string-annotations --gpu-preferences=UAAAAAAAAADgAAAEAAAAAAAAAAAAAAAAAABgAAEAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAEAAAAAAAAAAIAAAAAAAAAAgAAAAAAAAA --always-read-main-dll --field-trial-handle=2288,i,7714401277941798121,6914554688310655062,262144 --variations-seed-version --mojo-platform-channel-handle=2284 /prefetch:22⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --string-annotations --always-read-main-dll --field-trial-handle=1892,i,7714401277941798121,6914554688310655062,262144 --variations-seed-version --mojo-platform-channel-handle=2600 /prefetch:132⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --always-read-main-dll --field-trial-handle=3372,i,7714401277941798121,6914554688310655062,262144 --variations-seed-version --mojo-platform-channel-handle=3464 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --always-read-main-dll --field-trial-handle=3380,i,7714401277941798121,6914554688310655062,262144 --variations-seed-version --mojo-platform-channel-handle=3468 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4892,i,7714401277941798121,6914554688310655062,262144 --variations-seed-version --mojo-platform-channel-handle=4928 /prefetch:142⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=entity_extraction_service.mojom.Extractor --lang=en-US --service-sandbox-type=entity_extraction --onnx-enabled-for-ee --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4900,i,7714401277941798121,6914554688310655062,262144 --variations-seed-version --mojo-platform-channel-handle=4984 /prefetch:142⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --lang=en-US --service-sandbox-type=collections --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5548,i,7714401277941798121,6914554688310655062,262144 --variations-seed-version --mojo-platform-channel-handle=5492 /prefetch:142⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --always-read-main-dll --field-trial-handle=5556,i,7714401277941798121,6914554688310655062,262144 --variations-seed-version --mojo-platform-channel-handle=5572 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=PooledProcess2 --lang=en-US --service-sandbox-type=utility --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5836,i,7714401277941798121,6914554688310655062,262144 --variations-seed-version --mojo-platform-channel-handle=5868 /prefetch:142⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.ProfileImport --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6284,i,7714401277941798121,6914554688310655062,262144 --variations-seed-version --mojo-platform-channel-handle=6300 /prefetch:142⤵
-
C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\cookie_exporter.execookie_exporter.exe --cookie-json=11283⤵
-
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe"C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6356,i,7714401277941798121,6914554688310655062,262144 --variations-seed-version --mojo-platform-channel-handle=6456 /prefetch:142⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe"C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6356,i,7714401277941798121,6914554688310655062,262144 --variations-seed-version --mojo-platform-channel-handle=6456 /prefetch:142⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --instant-process --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --always-read-main-dll --field-trial-handle=6460,i,7714401277941798121,6914554688310655062,262144 --variations-seed-version --mojo-platform-channel-handle=4720 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --always-read-main-dll --field-trial-handle=6788,i,7714401277941798121,6914554688310655062,262144 --variations-seed-version --mojo-platform-channel-handle=3660 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --always-read-main-dll --field-trial-handle=3680,i,7714401277941798121,6914554688310655062,262144 --variations-seed-version --mojo-platform-channel-handle=7096 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --always-read-main-dll --field-trial-handle=7188,i,7714401277941798121,6914554688310655062,262144 --variations-seed-version --mojo-platform-channel-handle=7216 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --always-read-main-dll --field-trial-handle=3620,i,7714401277941798121,6914554688310655062,262144 --variations-seed-version --mojo-platform-channel-handle=7524 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=568,i,7714401277941798121,6914554688310655062,262144 --variations-seed-version --mojo-platform-channel-handle=6632 /prefetch:142⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=7156,i,7714401277941798121,6914554688310655062,262144 --variations-seed-version --mojo-platform-channel-handle=6320 /prefetch:142⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5600,i,7714401277941798121,6914554688310655062,262144 --variations-seed-version --mojo-platform-channel-handle=7172 /prefetch:142⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --always-read-main-dll --field-trial-handle=7328,i,7714401277941798121,6914554688310655062,262144 --variations-seed-version --mojo-platform-channel-handle=7208 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --always-read-main-dll --field-trial-handle=7564,i,7714401277941798121,6914554688310655062,262144 --variations-seed-version --mojo-platform-channel-handle=7276 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --always-read-main-dll --field-trial-handle=7492,i,7714401277941798121,6914554688310655062,262144 --variations-seed-version --mojo-platform-channel-handle=4956 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --always-read-main-dll --field-trial-handle=6156,i,7714401277941798121,6914554688310655062,262144 --variations-seed-version --mojo-platform-channel-handle=4980 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --always-read-main-dll --field-trial-handle=7652,i,7714401277941798121,6914554688310655062,262144 --variations-seed-version --mojo-platform-channel-handle=5664 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_search_indexer.mojom.SearchIndexerInterfaceBroker --lang=en-US --service-sandbox-type=search_indexer --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=7204,i,7714401277941798121,6914554688310655062,262144 --variations-seed-version --mojo-platform-channel-handle=7300 /prefetch:142⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5544,i,7714401277941798121,6914554688310655062,262144 --variations-seed-version --mojo-platform-channel-handle=7348 /prefetch:142⤵
- NTFS ADS
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=7348,i,7714401277941798121,6914554688310655062,262144 --variations-seed-version --mojo-platform-channel-handle=5044 /prefetch:142⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5880,i,7714401277941798121,6914554688310655062,262144 --variations-seed-version --mojo-platform-channel-handle=4532 /prefetch:142⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --string-annotations --gpu-preferences=UAAAAAAAAADoAAAEAAAAAAAAAAAAAAAAAABgAAEAAAAAAAAAAAAAAAAAAABCAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAEAAAAAAAAAAIAAAAAAAAAAgAAAAAAAAA --always-read-main-dll --field-trial-handle=7332,i,7714401277941798121,6914554688310655062,262144 --variations-seed-version --mojo-platform-channel-handle=4944 /prefetch:102⤵
- Suspicious behavior: EnumeratesProcesses
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\elevation_service.exe"C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\elevation_service.exe"1⤵
-
C:\Windows\System32\rundll32.exeC:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding1⤵
-
C:\Users\Admin\Downloads\The-MALWARE-Repo-master\The-MALWARE-Repo-master\Ransomware\NotPetya.exe"C:\Users\Admin\Downloads\The-MALWARE-Repo-master\The-MALWARE-Repo-master\Ransomware\NotPetya.exe"1⤵
- Drops file in Windows directory
- System Location Discovery: System Language Discovery
- Suspicious use of SetWindowsHookEx
-
C:\Windows\SysWOW64\rundll32.exe"C:\Windows\System32\rundll32.exe" C:\Windows\perfc.dat #12⤵
- Loads dropped DLL
- Writes to the Master Boot Record (MBR)
- Drops file in Program Files directory
- Drops file in Windows directory
- System Location Discovery: System Language Discovery
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of AdjustPrivilegeToken
-
C:\Windows\SysWOW64\cmd.exe/c schtasks /Create /SC once /TN "" /TR "C:\Windows\system32\shutdown.exe /r /f" /ST 09:483⤵
- System Location Discovery: System Language Discovery
-
C:\Windows\SysWOW64\schtasks.exeschtasks /Create /SC once /TN "" /TR "C:\Windows\system32\shutdown.exe /r /f" /ST 09:484⤵
- System Location Discovery: System Language Discovery
- Scheduled Task/Job: Scheduled Task
-
-
-
C:\Users\Admin\AppData\Local\Temp\476F.tmp"C:\Users\Admin\AppData\Local\Temp\476F.tmp" \\.\pipe\{60BF20B1-9422-43FD-B386-884A39E3607C}3⤵
- Executes dropped EXE
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of AdjustPrivilegeToken
-
-
-
C:\Users\Admin\Downloads\The-MALWARE-Repo-master\The-MALWARE-Repo-master\Ransomware\NoMoreRansom.exe"C:\Users\Admin\Downloads\The-MALWARE-Repo-master\The-MALWARE-Repo-master\Ransomware\NoMoreRansom.exe"1⤵
- Adds Run key to start application
- System Location Discovery: System Language Discovery
- Suspicious behavior: EnumeratesProcesses
-
C:\Users\Admin\Downloads\The-MALWARE-Repo-master\The-MALWARE-Repo-master\Ransomware\PowerPoint.exe"C:\Users\Admin\Downloads\The-MALWARE-Repo-master\The-MALWARE-Repo-master\Ransomware\PowerPoint.exe"1⤵
- Writes to the Master Boot Record (MBR)
- System Location Discovery: System Language Discovery
-
C:\Users\Admin\AppData\Local\Temp\sys3.exeC:\Users\Admin\AppData\Local\Temp\\sys3.exe2⤵
- Executes dropped EXE
- Writes to the Master Boot Record (MBR)
- System Location Discovery: System Language Discovery
- Suspicious use of AdjustPrivilegeToken
-
-
C:\Windows\system32\LogonUI.exe"LogonUI.exe" /flags:0x4 /state0:0xa39d1855 /state1:0x41c64e6d1⤵
- Drops file in Windows directory
- Modifies data under HKEY_USERS
- Suspicious use of SetWindowsHookEx
Network
-
DNSgithub.comRemote address:8.8.8.8:53Requestgithub.comIN AResponsegithub.comIN A20.26.156.215 -
DNSgithub.comRemote address:8.8.8.8:53Requestgithub.comIN UnknownResponse
-
DNSedge.microsoft.comRemote address:8.8.8.8:53Requestedge.microsoft.comIN AResponseedge.microsoft.comIN CNAMEedge-domain.trafficmanager.netedge-domain.trafficmanager.netIN CNAMEedge-microsoft-com.dual-a-0036.a-msedge.netedge-microsoft-com.dual-a-0036.a-msedge.netIN CNAMEdual-a-0036.a-msedge.netdual-a-0036.a-msedge.netIN A13.107.21.239dual-a-0036.a-msedge.netIN A204.79.197.239
-
DNSedge.microsoft.comRemote address:8.8.8.8:53Requestedge.microsoft.comIN UnknownResponseedge.microsoft.comIN CNAMEedge-domain.trafficmanager.netedge-domain.trafficmanager.netIN CNAMEedge-microsoft-com.dual-a-0036.a-msedge.netedge-microsoft-com.dual-a-0036.a-msedge.netIN CNAMEdual-a-0036.a-msedge.net
-
DNSedge.microsoft.comRemote address:8.8.8.8:53Requestedge.microsoft.comIN AResponseedge.microsoft.comIN CNAMEedge-domain.trafficmanager.netedge-domain.trafficmanager.netIN CNAMEedge-microsoft-com.dual-a-0036.a-msedge.netedge-microsoft-com.dual-a-0036.a-msedge.netIN CNAMEdual-a-0036.a-msedge.netdual-a-0036.a-msedge.netIN A13.107.21.239dual-a-0036.a-msedge.netIN A204.79.197.239
-
DNSedge.microsoft.comRemote address:8.8.8.8:53Requestedge.microsoft.comIN UnknownResponseedge.microsoft.comIN CNAMEedge-domain.trafficmanager.netedge-domain.trafficmanager.netIN CNAMEedge-microsoft-com.dual-a-0036.a-msedge.net
-
GEThttp://edge.microsoft.com/browsernetworktime/time/1/current?cup2key=2:QdSHV7UuCQJP73EAUks2JWDmYP2anL-Suwc4vmQwPyc&cup2hreq=e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855Remote address:13.107.21.239:80RequestGET /browsernetworktime/time/1/current?cup2key=2:QdSHV7UuCQJP73EAUks2JWDmYP2anL-Suwc4vmQwPyc&cup2hreq=e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP/1.1
Host: edge.microsoft.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Sec-Mesh-Client-Edge-Version: 133.0.3065.69
Sec-Mesh-Client-Edge-Channel: stable
Sec-Mesh-Client-OS: Windows
Sec-Mesh-Client-OS-Version: 10.0.22000
Sec-Mesh-Client-Arch: x86_64
Sec-Mesh-Client-WebView: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36 Edg/133.0.0.0
Accept-Encoding: gzip, deflate
ResponseHTTP/1.1 200 OK
Cache-Control: no-store, must-revalidate, no-cache, max-age=0
Pragma: no-cache
Content-Length: 100
Content-Type: application/json
Content-Encoding: gzip
Expires: Mon, 01 Jan 1990 00:00:00 GMT
X-Frame-Options: sameorigin
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
x-cup-server-proof: 3045022100AADB660BE1F7C18C6A37B0BD7CBEBDB5EEC03A806C2B13C59E83D9A73959BAC70220546260B4DE6677A4E2B8083D7C0C451589A94F4E09C45DA81BC68B48A040812F:e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Content-Disposition: attachment; filename='json.txt'
X-Cache: CONFIG_NOCACHE
X-MSEdge-Ref: Ref A: 2FC8314047C5471DB725ECA5F296CB44 Ref B: FRA31EDGE0818 Ref C: 2025-03-17T08:43:25Z
Date: Mon, 17 Mar 2025 08:43:25 GMT
-
DNSapi.edgeoffer.microsoft.comRemote address:8.8.8.8:53Requestapi.edgeoffer.microsoft.comIN AResponseapi.edgeoffer.microsoft.comIN CNAMEbingadsedgeextension-prod.trafficmanager.netbingadsedgeextension-prod.trafficmanager.netIN CNAMEbingadsedgeextension-prod-europe.azurewebsites.netbingadsedgeextension-prod-europe.azurewebsites.netIN CNAMEssl.bingadsedgeextension-prod-europe.azurewebsites.netssl.bingadsedgeextension-prod-europe.azurewebsites.netIN A94.245.104.56
-
DNSapi.edgeoffer.microsoft.comRemote address:8.8.8.8:53Requestapi.edgeoffer.microsoft.comIN UnknownResponseapi.edgeoffer.microsoft.comIN CNAMEbingadsedgeextension-prod.trafficmanager.netbingadsedgeextension-prod.trafficmanager.netIN CNAMEbingadsedgeextension-prod-europe.azurewebsites.netbingadsedgeextension-prod-europe.azurewebsites.netIN CNAMEssl.bingadsedgeextension-prod-europe.azurewebsites.net
-
DNScodeload.github.comRemote address:8.8.8.8:53Requestcodeload.github.comIN AResponsecodeload.github.comIN A20.26.156.216
-
DNScodeload.github.comRemote address:8.8.8.8:53Requestcodeload.github.comIN UnknownResponse
-
DNSedge.microsoft.comRemote address:8.8.8.8:53Requestedge.microsoft.comIN AResponseedge.microsoft.comIN CNAMEedge-domain.trafficmanager.netedge-domain.trafficmanager.netIN CNAMEedge-microsoft-com.dual-a-0036.a-msedge.netedge-microsoft-com.dual-a-0036.a-msedge.netIN CNAMEdual-a-0036.a-msedge.netdual-a-0036.a-msedge.netIN A13.107.21.239dual-a-0036.a-msedge.netIN A204.79.197.239
-
DNSedge.microsoft.comRemote address:8.8.8.8:53Requestedge.microsoft.comIN UnknownResponseedge.microsoft.comIN CNAMEedge-domain.trafficmanager.netedge-domain.trafficmanager.netIN CNAMEedge-microsoft-com.dual-a-0036.a-msedge.net
-
DNSedgeassetservice.azureedge.netRemote address:8.8.8.8:53Requestedgeassetservice.azureedge.netIN AResponseedgeassetservice.azureedge.netIN CNAMEedgeassetservice.afd.azureedge.netedgeassetservice.afd.azureedge.netIN CNAMEazureedge-t-prod.trafficmanager.netazureedge-t-prod.trafficmanager.netIN CNAMEshed.dual-low.s-part-0036.t-0009.t-msedge.netshed.dual-low.s-part-0036.t-0009.t-msedge.netIN CNAMEs-part-0036.t-0009.t-msedge.nets-part-0036.t-0009.t-msedge.netIN A13.107.246.64
-
DNSedgeassetservice.azureedge.netRemote address:8.8.8.8:53Requestedgeassetservice.azureedge.netIN UnknownResponseedgeassetservice.azureedge.netIN CNAMEedgeassetservice.afd.azureedge.netedgeassetservice.afd.azureedge.netIN CNAMEazureedge-t-prod.trafficmanager.netazureedge-t-prod.trafficmanager.netIN CNAMEshed.dual-low.s-part-0036.t-0009.t-msedge.netshed.dual-low.s-part-0036.t-0009.t-msedge.netIN CNAMEazurefd-t-fb-prod.trafficmanager.netazurefd-t-fb-prod.trafficmanager.netIN CNAMEdual.s-part-0036.t-0009.fb-t-msedge.netdual.s-part-0036.t-0009.fb-t-msedge.netIN CNAMEs-part-0036.t-0009.fb-t-msedge.net
-
DNSntp.msn.comRemote address:8.8.8.8:53Requestntp.msn.comIN AResponsentp.msn.comIN CNAMEwww-msn-com.a-0003.a-msedge.netwww-msn-com.a-0003.a-msedge.netIN CNAMEa-0003.a-msedge.neta-0003.a-msedge.netIN A204.79.197.203
-
DNSntp.msn.comRemote address:8.8.8.8:53Requestntp.msn.comIN UnknownResponsentp.msn.comIN CNAMEwww-msn-com.a-0003.a-msedge.netwww-msn-com.a-0003.a-msedge.netIN CNAMEa-0003.a-msedge.net
-
DNSimg-s-msn-com.akamaized.netRemote address:8.8.8.8:53Requestimg-s-msn-com.akamaized.netIN AResponseimg-s-msn-com.akamaized.netIN CNAMEa1834.dscg2.akamai.neta1834.dscg2.akamai.netIN A104.77.160.68a1834.dscg2.akamai.netIN A104.77.160.77a1834.dscg2.akamai.netIN A104.77.160.83a1834.dscg2.akamai.netIN A104.77.160.69a1834.dscg2.akamai.netIN A104.77.160.79a1834.dscg2.akamai.netIN A104.77.160.95a1834.dscg2.akamai.netIN A104.77.160.80a1834.dscg2.akamai.netIN A104.77.160.84a1834.dscg2.akamai.netIN A104.77.160.88
-
DNSimg-s-msn-com.akamaized.netRemote address:8.8.8.8:53Requestimg-s-msn-com.akamaized.netIN UnknownResponseimg-s-msn-com.akamaized.netIN CNAMEa1834.dscg2.akamai.net
-
DNSsb.scorecardresearch.comRemote address:8.8.8.8:53Requestsb.scorecardresearch.comIN AResponsesb.scorecardresearch.comIN A52.222.169.99sb.scorecardresearch.comIN A52.222.169.27sb.scorecardresearch.comIN A52.222.169.76sb.scorecardresearch.comIN A52.222.169.106
-
DNSsb.scorecardresearch.comRemote address:8.8.8.8:53Requestsb.scorecardresearch.comIN UnknownResponse
-
DNSth.bing.comRemote address:8.8.8.8:53Requestth.bing.comIN AResponseth.bing.comIN CNAMEp-th.bing.com.trafficmanager.netp-th.bing.com.trafficmanager.netIN CNAMEth.bing.com.edgekey.netth.bing.com.edgekey.netIN CNAMEe86303.dscx.akamaiedge.nete86303.dscx.akamaiedge.netIN A88.221.135.42e86303.dscx.akamaiedge.netIN A88.221.135.40e86303.dscx.akamaiedge.netIN A88.221.135.41e86303.dscx.akamaiedge.netIN A88.221.135.35e86303.dscx.akamaiedge.netIN A88.221.135.51e86303.dscx.akamaiedge.netIN A88.221.135.49e86303.dscx.akamaiedge.netIN A88.221.135.34e86303.dscx.akamaiedge.netIN A88.221.135.50e86303.dscx.akamaiedge.netIN A88.221.135.48
-
DNSth.bing.comRemote address:8.8.8.8:53Requestth.bing.comIN UnknownResponseth.bing.comIN CNAMEp-th.bing.com.trafficmanager.netp-th.bing.com.trafficmanager.netIN CNAMEth.bing.com.edgekey.netth.bing.com.edgekey.netIN CNAMEe86303.dscx.akamaiedge.net
-
DNSassets.msn.comRemote address:8.8.8.8:53Requestassets.msn.comIN AResponseassets.msn.comIN CNAMEassets.msn.com.edgesuite.netassets.msn.com.edgesuite.netIN CNAMEa233.dscd.akamai.neta233.dscd.akamai.netIN A104.77.160.94a233.dscd.akamai.netIN A104.77.160.86a233.dscd.akamai.netIN A104.77.160.90a233.dscd.akamai.netIN A104.77.160.75a233.dscd.akamai.netIN A104.77.160.76a233.dscd.akamai.netIN A104.77.160.69a233.dscd.akamai.netIN A104.77.160.91a233.dscd.akamai.netIN A104.77.160.72a233.dscd.akamai.netIN A104.77.160.71
-
DNSassets.msn.comRemote address:8.8.8.8:53Requestassets.msn.comIN UnknownResponseassets.msn.comIN CNAMEassets.msn.com.edgesuite.netassets.msn.com.edgesuite.netIN CNAMEa233.dscd.akamai.net
-
DNSc.msn.comRemote address:8.8.8.8:53Requestc.msn.comIN AResponsec.msn.comIN CNAMEc-msn-pme.trafficmanager.netc-msn-pme.trafficmanager.netIN A13.74.129.1
-
DNSc.msn.comRemote address:8.8.8.8:53Requestc.msn.comIN UnknownResponsec.msn.comIN CNAMEc-msn-pme.trafficmanager.net
-
DNSc.bing.comRemote address:8.8.8.8:53Requestc.bing.comIN AResponsec.bing.comIN CNAMEc-bing-com.ax-0001.ax-msedge.netc-bing-com.ax-0001.ax-msedge.netIN CNAMEax-0001.ax-msedge.netax-0001.ax-msedge.netIN A150.171.27.10ax-0001.ax-msedge.netIN A150.171.28.10
-
DNSc.bing.comRemote address:8.8.8.8:53Requestc.bing.comIN UnknownResponsec.bing.comIN CNAMEc-bing-com.ax-0001.ax-msedge.netc-bing-com.ax-0001.ax-msedge.netIN CNAMEax-0001.ax-msedge.net
-
DNSbrowser.events.data.msn.comRemote address:8.8.8.8:53Requestbrowser.events.data.msn.comIN AResponsebrowser.events.data.msn.comIN CNAMEglobal.asimov.events.data.trafficmanager.netglobal.asimov.events.data.trafficmanager.netIN CNAMEonedscolprdwus07.westus.cloudapp.azure.comonedscolprdwus07.westus.cloudapp.azure.comIN A20.189.173.8
-
DNSbrowser.events.data.msn.comRemote address:8.8.8.8:53Requestbrowser.events.data.msn.comIN UnknownResponsebrowser.events.data.msn.comIN CNAMEglobal.asimov.events.data.trafficmanager.netglobal.asimov.events.data.trafficmanager.netIN CNAMEonedscolprdcus14.centralus.cloudapp.azure.com
-
DNSsrtb.msn.comRemote address:8.8.8.8:53Requestsrtb.msn.comIN AResponsesrtb.msn.comIN CNAMEwww.msn.comwww.msn.comIN CNAMEwww-msn-com.a-0003.a-msedge.netwww-msn-com.a-0003.a-msedge.netIN CNAMEa-0003.a-msedge.neta-0003.a-msedge.netIN A204.79.197.203
-
DNSsrtb.msn.comRemote address:8.8.8.8:53Requestsrtb.msn.comIN UnknownResponsesrtb.msn.comIN CNAMEwww.msn.comwww.msn.comIN CNAMEwww-msn-com.a-0003.a-msedge.net
-
DNSr.bing.comRemote address:8.8.8.8:53Requestr.bing.comIN AResponser.bing.comIN CNAMEp-static.bing.trafficmanager.netp-static.bing.trafficmanager.netIN CNAMEr.bing.com.edgekey.netr.bing.com.edgekey.netIN CNAMEe86303.dscx.akamaiedge.nete86303.dscx.akamaiedge.netIN A88.221.135.43e86303.dscx.akamaiedge.netIN A88.221.135.40e86303.dscx.akamaiedge.netIN A88.221.135.26e86303.dscx.akamaiedge.netIN A88.221.135.32e86303.dscx.akamaiedge.netIN A88.221.135.35e86303.dscx.akamaiedge.netIN A88.221.135.27e86303.dscx.akamaiedge.netIN A88.221.135.42e86303.dscx.akamaiedge.netIN A88.221.135.41e86303.dscx.akamaiedge.netIN A88.221.135.48
-
DNSr.bing.comRemote address:8.8.8.8:53Requestr.bing.comIN UnknownResponser.bing.comIN CNAMEp-static.bing.trafficmanager.netp-static.bing.trafficmanager.netIN CNAMEr.bing.com.edgekey.netr.bing.com.edgekey.netIN CNAMEe86303.dscx.akamaiedge.net
-
DNSr.msftstatic.comRemote address:8.8.8.8:53Requestr.msftstatic.comIN AResponser.msftstatic.comIN CNAMEr-msftstatic-com.a-0016.a-msedge.netr-msftstatic-com.a-0016.a-msedge.netIN CNAMEa-0016.a-msedge.neta-0016.a-msedge.netIN A204.79.197.219
-
DNSr.msftstatic.comRemote address:8.8.8.8:53Requestr.msftstatic.comIN UnknownResponser.msftstatic.comIN CNAMEr-msftstatic-com.a-0016.a-msedge.net
-
DNSecn.dev.virtualearth.netRemote address:8.8.8.8:53Requestecn.dev.virtualearth.netIN AResponseecn.dev.virtualearth.netIN CNAMEssl2.tiles.virtualearth.net.edgekey.netssl2.tiles.virtualearth.net.edgekey.netIN CNAMEe4113.dscd.akamaiedge.nete4113.dscd.akamaiedge.netIN A23.192.24.182
-
DNSecn.dev.virtualearth.netRemote address:8.8.8.8:53Requestecn.dev.virtualearth.netIN UnknownResponseecn.dev.virtualearth.netIN CNAMEssl2.tiles.virtualearth.net.edgekey.netssl2.tiles.virtualearth.net.edgekey.netIN CNAMEe4113.dscd.akamaiedge.net
-
DNSr.bing.comRemote address:8.8.8.8:53Requestr.bing.comIN AResponser.bing.comIN CNAMEp-static.bing.trafficmanager.netp-static.bing.trafficmanager.netIN CNAMEr.bing.com.edgekey.netr.bing.com.edgekey.netIN CNAMEe86303.dscx.akamaiedge.nete86303.dscx.akamaiedge.netIN A88.221.134.249e86303.dscx.akamaiedge.netIN A95.101.143.183e86303.dscx.akamaiedge.netIN A88.221.135.0e86303.dscx.akamaiedge.netIN A95.101.143.210e86303.dscx.akamaiedge.netIN A88.221.134.248e86303.dscx.akamaiedge.netIN A95.101.143.211e86303.dscx.akamaiedge.netIN A88.221.134.251e86303.dscx.akamaiedge.netIN A95.101.143.219e86303.dscx.akamaiedge.netIN A95.101.143.218
-
DNSr.bing.comRemote address:8.8.8.8:53Requestr.bing.comIN UnknownResponser.bing.comIN CNAMEp-static.bing.trafficmanager.netp-static.bing.trafficmanager.netIN CNAMEr.bing.com.edgekey.netr.bing.com.edgekey.netIN CNAMEe86303.dscx.akamaiedge.net
-
DNSth.bing.comRemote address:8.8.8.8:53Requestth.bing.comIN AResponseth.bing.comIN CNAMEp-th.bing.com.trafficmanager.netp-th.bing.com.trafficmanager.netIN CNAMEth.bing.com.edgekey.netth.bing.com.edgekey.netIN CNAMEe86303.dscx.akamaiedge.nete86303.dscx.akamaiedge.netIN A88.221.134.249e86303.dscx.akamaiedge.netIN A95.101.143.219e86303.dscx.akamaiedge.netIN A88.221.135.0e86303.dscx.akamaiedge.netIN A88.221.135.2e86303.dscx.akamaiedge.netIN A88.221.135.3e86303.dscx.akamaiedge.netIN A88.221.134.251e86303.dscx.akamaiedge.netIN A95.101.143.218e86303.dscx.akamaiedge.netIN A88.221.134.248e86303.dscx.akamaiedge.netIN A95.101.143.211
-
DNSth.bing.comRemote address:8.8.8.8:53Requestth.bing.comIN UnknownResponseth.bing.comIN CNAMEp-th.bing.com.trafficmanager.netp-th.bing.com.trafficmanager.netIN CNAMEth.bing.com.edgekey.netth.bing.com.edgekey.netIN CNAMEe86303.dscx.akamaiedge.net
-
DNStse2.mm.bing.netRemote address:8.8.8.8:53Requesttse2.mm.bing.netIN AResponsetse2.mm.bing.netIN CNAMEmm-mm.bing.net.trafficmanager.netmm-mm.bing.net.trafficmanager.netIN CNAMEax-0001.ax-msedge.netax-0001.ax-msedge.netIN A150.171.27.10ax-0001.ax-msedge.netIN A150.171.28.10
-
DNStse2.mm.bing.netRemote address:8.8.8.8:53Requesttse2.mm.bing.netIN UnknownResponsetse2.mm.bing.netIN CNAMEmm-mm.bing.net.trafficmanager.netmm-mm.bing.net.trafficmanager.netIN CNAMEax-0001.ax-msedge.net
-
DNSlogin.microsoftonline.comRemote address:8.8.8.8:53Requestlogin.microsoftonline.comIN AResponselogin.microsoftonline.comIN CNAMElogin.mso.msidentity.comlogin.mso.msidentity.comIN CNAMEak.privatelink.msidentity.comak.privatelink.msidentity.comIN CNAMEwww.tm.a.prd.aadg.trafficmanager.netwww.tm.a.prd.aadg.trafficmanager.netIN A40.126.32.68www.tm.a.prd.aadg.trafficmanager.netIN A40.126.32.138www.tm.a.prd.aadg.trafficmanager.netIN A20.190.160.20www.tm.a.prd.aadg.trafficmanager.netIN A20.190.160.3www.tm.a.prd.aadg.trafficmanager.netIN A20.190.160.65www.tm.a.prd.aadg.trafficmanager.netIN A20.190.160.64www.tm.a.prd.aadg.trafficmanager.netIN A20.190.160.2www.tm.a.prd.aadg.trafficmanager.netIN A40.126.32.140
-
DNSlogin.microsoftonline.comRemote address:8.8.8.8:53Requestlogin.microsoftonline.comIN UnknownResponselogin.microsoftonline.comIN CNAMElogin.mso.msidentity.comlogin.mso.msidentity.comIN CNAMEak.privatelink.msidentity.comak.privatelink.msidentity.comIN CNAMEwww.tm.a.prd.aadg.trafficmanager.net
-
DNSedge-consumer-static.azureedge.netRemote address:8.8.8.8:53Requestedge-consumer-static.azureedge.netIN AResponseedge-consumer-static.azureedge.netIN CNAMEedge-consumer-static.afd.azureedge.netedge-consumer-static.afd.azureedge.netIN CNAMEazureedge-t-prod.trafficmanager.netazureedge-t-prod.trafficmanager.netIN CNAMEshed.dual-low.s-part-0036.t-0009.t-msedge.netshed.dual-low.s-part-0036.t-0009.t-msedge.netIN CNAMEs-part-0036.t-0009.t-msedge.nets-part-0036.t-0009.t-msedge.netIN A13.107.246.64
-
DNSedge-consumer-static.azureedge.netRemote address:8.8.8.8:53Requestedge-consumer-static.azureedge.netIN UnknownResponseedge-consumer-static.azureedge.netIN CNAMEedge-consumer-static.afd.azureedge.netedge-consumer-static.afd.azureedge.netIN CNAMEazureedge-t-prod.trafficmanager.netazureedge-t-prod.trafficmanager.netIN CNAMEshed.dual-low.s-part-0036.t-0009.t-msedge.netshed.dual-low.s-part-0036.t-0009.t-msedge.netIN CNAMEs-part-0036.t-0009.t-msedge.net
-
DNSwww.pornhub.comRemote address:8.8.8.8:53Requestwww.pornhub.comIN AResponsewww.pornhub.comIN CNAMEpornhub.compornhub.comIN A66.254.114.41
-
DNSwww.pornhub.comRemote address:8.8.8.8:53Requestwww.pornhub.comIN UnknownResponsewww.pornhub.comIN CNAMEpornhub.com
-
DNSstatic.trafficjunky.comRemote address:8.8.8.8:53Requeststatic.trafficjunky.comIN AResponsestatic.trafficjunky.comIN CNAMEstatic.trafficjunky.com.sds.rncdn7.comstatic.trafficjunky.com.sds.rncdn7.comIN A64.210.156.20static.trafficjunky.com.sds.rncdn7.comIN A64.210.156.19static.trafficjunky.com.sds.rncdn7.comIN A64.210.156.21static.trafficjunky.com.sds.rncdn7.comIN A64.210.156.18static.trafficjunky.com.sds.rncdn7.comIN A64.210.156.16static.trafficjunky.com.sds.rncdn7.comIN A64.210.156.23static.trafficjunky.com.sds.rncdn7.comIN A64.210.156.17static.trafficjunky.com.sds.rncdn7.comIN A64.210.156.22
-
DNSstatic.trafficjunky.comRemote address:8.8.8.8:53Requeststatic.trafficjunky.comIN UnknownResponsestatic.trafficjunky.comIN CNAMEstatic.trafficjunky.com.sds.rncdn7.com
-
DNSei.phncdn.comRemote address:8.8.8.8:53Requestei.phncdn.comIN AResponseei.phncdn.comIN CNAMEei.phncdn.com.sds.rncdn7.comei.phncdn.com.sds.rncdn7.comIN A64.210.156.17ei.phncdn.com.sds.rncdn7.comIN A64.210.156.22ei.phncdn.com.sds.rncdn7.comIN A64.210.156.18ei.phncdn.com.sds.rncdn7.comIN A64.210.156.21ei.phncdn.com.sds.rncdn7.comIN A64.210.156.16ei.phncdn.com.sds.rncdn7.comIN A64.210.156.20ei.phncdn.com.sds.rncdn7.comIN A64.210.156.19ei.phncdn.com.sds.rncdn7.comIN A64.210.156.23
-
DNSei.phncdn.comRemote address:8.8.8.8:53Requestei.phncdn.comIN UnknownResponseei.phncdn.comIN CNAMEei.phncdn.com.sds.rncdn7.com
-
DNSmedia.trafficjunky.netRemote address:8.8.8.8:53Requestmedia.trafficjunky.netIN AResponsemedia.trafficjunky.netIN CNAMEmedia.trafficjunky.net.sds.rncdn7.commedia.trafficjunky.net.sds.rncdn7.comIN A64.210.156.16media.trafficjunky.net.sds.rncdn7.comIN A64.210.156.17media.trafficjunky.net.sds.rncdn7.comIN A64.210.156.19media.trafficjunky.net.sds.rncdn7.comIN A64.210.156.18media.trafficjunky.net.sds.rncdn7.comIN A64.210.156.21media.trafficjunky.net.sds.rncdn7.comIN A64.210.156.20media.trafficjunky.net.sds.rncdn7.comIN A64.210.156.23media.trafficjunky.net.sds.rncdn7.comIN A64.210.156.22
-
DNSmedia.trafficjunky.netRemote address:8.8.8.8:53Requestmedia.trafficjunky.netIN UnknownResponsemedia.trafficjunky.netIN CNAMEmedia.trafficjunky.net.sds.rncdn7.com
-
DNScdn1-smallimg.phncdn.comRemote address:8.8.8.8:53Requestcdn1-smallimg.phncdn.comIN AResponsecdn1-smallimg.phncdn.comIN CNAMEsmallimg.phncdn.comsmallimg.phncdn.comIN A66.254.114.156
-
DNScdn1-smallimg.phncdn.comRemote address:8.8.8.8:53Requestcdn1-smallimg.phncdn.comIN UnknownResponsecdn1-smallimg.phncdn.comIN CNAMEsmallimg.phncdn.com
-
DNSss.phncdn.comRemote address:8.8.8.8:53Requestss.phncdn.comIN AResponsess.phncdn.comIN CNAMEss.phncdn.com.sds.rncdn7.comss.phncdn.com.sds.rncdn7.comIN A64.210.156.16ss.phncdn.com.sds.rncdn7.comIN A64.210.156.18ss.phncdn.com.sds.rncdn7.comIN A64.210.156.17ss.phncdn.com.sds.rncdn7.comIN A64.210.156.22ss.phncdn.com.sds.rncdn7.comIN A64.210.156.23ss.phncdn.com.sds.rncdn7.comIN A64.210.156.20ss.phncdn.com.sds.rncdn7.comIN A64.210.156.21ss.phncdn.com.sds.rncdn7.comIN A64.210.156.19
-
DNSss.phncdn.comRemote address:8.8.8.8:53Requestss.phncdn.comIN UnknownResponsess.phncdn.comIN CNAMEss.phncdn.com.sds.rncdn7.com
-
DNSa.adtng.comRemote address:8.8.8.8:53Requesta.adtng.comIN AResponsea.adtng.comIN A66.254.114.171
-
DNSa.adtng.comRemote address:8.8.8.8:53Requesta.adtng.comIN UnknownResponse
-
DNSedge.microsoft.comRemote address:8.8.8.8:53Requestedge.microsoft.comIN AResponseedge.microsoft.comIN CNAMEedge-domain.trafficmanager.netedge-domain.trafficmanager.netIN CNAMEedge-microsoft-com.dual-a-0036.a-msedge.netedge-microsoft-com.dual-a-0036.a-msedge.netIN CNAMEdual-a-0036.a-msedge.netdual-a-0036.a-msedge.netIN A13.107.21.239dual-a-0036.a-msedge.netIN A204.79.197.239
-
DNSedge.microsoft.comRemote address:8.8.8.8:53Requestedge.microsoft.comIN UnknownResponseedge.microsoft.comIN CNAMEedge-domain.trafficmanager.netedge-domain.trafficmanager.netIN CNAMEedge-microsoft-com.dual-a-0036.a-msedge.net
-
DNSht-cdn2.adtng.comRemote address:8.8.8.8:53Requestht-cdn2.adtng.comIN AResponseht-cdn2.adtng.comIN CNAMEht-cdn2.adtng.com.sds.rncdn7.comht-cdn2.adtng.com.sds.rncdn7.comIN A64.210.156.23ht-cdn2.adtng.com.sds.rncdn7.comIN A64.210.156.22ht-cdn2.adtng.com.sds.rncdn7.comIN A64.210.156.19ht-cdn2.adtng.com.sds.rncdn7.comIN A64.210.156.20ht-cdn2.adtng.com.sds.rncdn7.comIN A64.210.156.16ht-cdn2.adtng.com.sds.rncdn7.comIN A64.210.156.18ht-cdn2.adtng.com.sds.rncdn7.comIN A64.210.156.21ht-cdn2.adtng.com.sds.rncdn7.comIN A64.210.156.17
-
DNSht-cdn2.adtng.comRemote address:8.8.8.8:53Requestht-cdn2.adtng.comIN UnknownResponseht-cdn2.adtng.comIN CNAMEht-cdn2.adtng.com.sds.rncdn7.com
-
DNSregion1.google-analytics.comRemote address:8.8.8.8:53Requestregion1.google-analytics.comIN AResponseregion1.google-analytics.comIN A216.239.32.36region1.google-analytics.comIN A216.239.34.36
-
DNSregion1.google-analytics.comRemote address:8.8.8.8:53Requestregion1.google-analytics.comIN UnknownResponse
-
DNShw-cdn2.adtng.comRemote address:8.8.8.8:53Requesthw-cdn2.adtng.comIN AResponsehw-cdn2.adtng.comIN CNAMEt.sni.global.fastly.nett.sni.global.fastly.netIN A151.101.67.52t.sni.global.fastly.netIN A151.101.195.52t.sni.global.fastly.netIN A151.101.131.52t.sni.global.fastly.netIN A151.101.3.52
-
DNShw-cdn2.adtng.comRemote address:8.8.8.8:53Requesthw-cdn2.adtng.comIN UnknownResponsehw-cdn2.adtng.comIN CNAMEt.sni.global.fastly.net
-
DNSstorage.googleapis.comRemote address:8.8.8.8:53Requeststorage.googleapis.comIN AResponsestorage.googleapis.comIN A142.250.200.27storage.googleapis.comIN A142.250.187.219storage.googleapis.comIN A172.217.169.91storage.googleapis.comIN A216.58.201.123storage.googleapis.comIN A216.58.212.251storage.googleapis.comIN A172.217.16.251storage.googleapis.comIN A142.250.180.27storage.googleapis.comIN A142.250.178.27storage.googleapis.comIN A172.217.169.59storage.googleapis.comIN A216.58.213.27storage.googleapis.comIN A216.58.204.91storage.googleapis.comIN A142.250.179.251storage.googleapis.comIN A172.217.169.27storage.googleapis.comIN A142.250.187.251storage.googleapis.comIN A142.250.200.59
-
DNSstorage.googleapis.comRemote address:8.8.8.8:53Requeststorage.googleapis.comIN UnknownResponse
-
DNSstatic.edge.microsoftapp.netRemote address:8.8.8.8:53Requeststatic.edge.microsoftapp.netIN AResponsestatic.edge.microsoftapp.netIN CNAMEedge-cloud-resource-static.azureedge.netedge-cloud-resource-static.azureedge.netIN CNAMEedge-cloud-resource-static.afd.azureedge.netedge-cloud-resource-static.afd.azureedge.netIN CNAMEazureedge-t-prod.trafficmanager.netazureedge-t-prod.trafficmanager.netIN CNAMEshed.dual-low.s-part-0036.t-0009.t-msedge.netshed.dual-low.s-part-0036.t-0009.t-msedge.netIN CNAMEs-part-0036.t-0009.t-msedge.nets-part-0036.t-0009.t-msedge.netIN A13.107.246.64
-
DNSstatic.edge.microsoftapp.netRemote address:8.8.8.8:53Requeststatic.edge.microsoftapp.netIN UnknownResponsestatic.edge.microsoftapp.netIN CNAMEedge-cloud-resource-static.azureedge.netedge-cloud-resource-static.azureedge.netIN CNAMEedge-cloud-resource-static.afd.azureedge.netedge-cloud-resource-static.afd.azureedge.netIN CNAMEazureedge-t-prod.trafficmanager.netazureedge-t-prod.trafficmanager.netIN CNAMEshed.dual-low.s-part-0036.t-0009.t-msedge.netshed.dual-low.s-part-0036.t-0009.t-msedge.netIN CNAMEs-part-0036.t-0009.t-msedge.net
-
HEADhttp://msedge.b.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/2a0d597c-a09c-4400-be86-87596dd2e696?P1=1742398250&P2=404&P3=2&P4=GJiYttRlo4nV%2bbCGVsyCQPNQ%2fgfG3lTrF69fB%2buqLvaFKrpLmBcD46lOxkAAKupfAnvEa48IdLbzXknjxRBY6w%3d%3dRemote address:91.81.130.134:80RequestHEAD /filestreamingservice/files/2a0d597c-a09c-4400-be86-87596dd2e696?P1=1742398250&P2=404&P3=2&P4=GJiYttRlo4nV%2bbCGVsyCQPNQ%2fgfG3lTrF69fB%2buqLvaFKrpLmBcD46lOxkAAKupfAnvEa48IdLbzXknjxRBY6w%3d%3d HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
User-Agent: Microsoft BITS/7.8
Host: msedge.b.tlu.dl.delivery.mp.microsoft.com
ResponseHTTP/1.1 200 OK
Date: Mon, 17 Mar 2025 08:44:30 GMT
Content-Type: application/x-chrome-extension
Content-Length: 6252
Connection: keep-alive
Age: 434
Cache-Control: public, max-age=17280000
Etag: "3AWVl34DSMJKHl2C217ukEQM0Mw="
Last-Modified: Mon, 11 Nov 2024 00:17:54 GMT
MS-CorrelationId: 205c2916-df22-4c46-a28e-6c2dc505958d
MS-CV: 7cqM8pKkVUu2bUpF.0
MS-RequestId: 018c4aa9-70c6-4132-bed1-45eaba10281e
X-AspNet-Version: 4.0.30319
X-AspNetMvc-Version: 5.3
X-Cache: HIT
X-CCC: it
X-CID: 9
X-Powered-By: ASP.NET
X-Powered-By: ARR/3.0
X-Powered-By: ASP.NET
Ocn-Cache-Status: HIT
Ocn-Requestid: 100000080e7bff30-4401127585-1
Ocn-Served-By: QLT
Accept-Ranges: bytes
Server: Qwilt
X-OC-Service-Type: lo
-
GEThttp://msedge.b.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/2a0d597c-a09c-4400-be86-87596dd2e696?P1=1742398250&P2=404&P3=2&P4=GJiYttRlo4nV%2bbCGVsyCQPNQ%2fgfG3lTrF69fB%2buqLvaFKrpLmBcD46lOxkAAKupfAnvEa48IdLbzXknjxRBY6w%3d%3dRemote address:91.81.130.134:80RequestGET /filestreamingservice/files/2a0d597c-a09c-4400-be86-87596dd2e696?P1=1742398250&P2=404&P3=2&P4=GJiYttRlo4nV%2bbCGVsyCQPNQ%2fgfG3lTrF69fB%2buqLvaFKrpLmBcD46lOxkAAKupfAnvEa48IdLbzXknjxRBY6w%3d%3d HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
If-Unmodified-Since: Mon, 11 Nov 2024 00:17:54 GMT
Range: bytes=0-1119
User-Agent: Microsoft BITS/7.8
Host: msedge.b.tlu.dl.delivery.mp.microsoft.com
ResponseHTTP/1.1 206 Partial Content
Date: Mon, 17 Mar 2025 08:44:30 GMT
Content-Type: application/x-chrome-extension
Content-Length: 1120
Connection: keep-alive
Age: 434
Cache-Control: public, max-age=17280000
Etag: "3AWVl34DSMJKHl2C217ukEQM0Mw="
Last-Modified: Mon, 11 Nov 2024 00:17:54 GMT
MS-CorrelationId: 205c2916-df22-4c46-a28e-6c2dc505958d
MS-CV: 7cqM8pKkVUu2bUpF.0
MS-RequestId: 018c4aa9-70c6-4132-bed1-45eaba10281e
X-AspNet-Version: 4.0.30319
X-AspNetMvc-Version: 5.3
X-Cache: HIT
X-CCC: it
X-CID: 9
X-Powered-By: ASP.NET
X-Powered-By: ARR/3.0
X-Powered-By: ASP.NET
Ocn-Cache-Status: HIT
Ocn-Requestid: 100000080e7c00f8-4401127585-2
Ocn-Served-By: QLT
Content-Range: bytes 0-1119/6252
Server: Qwilt
X-OC-Service-Type: lo
-
GEThttp://msedge.b.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/2a0d597c-a09c-4400-be86-87596dd2e696?P1=1742398250&P2=404&P3=2&P4=GJiYttRlo4nV%2bbCGVsyCQPNQ%2fgfG3lTrF69fB%2buqLvaFKrpLmBcD46lOxkAAKupfAnvEa48IdLbzXknjxRBY6w%3d%3dRemote address:91.81.130.134:80RequestGET /filestreamingservice/files/2a0d597c-a09c-4400-be86-87596dd2e696?P1=1742398250&P2=404&P3=2&P4=GJiYttRlo4nV%2bbCGVsyCQPNQ%2fgfG3lTrF69fB%2buqLvaFKrpLmBcD46lOxkAAKupfAnvEa48IdLbzXknjxRBY6w%3d%3d HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
If-Unmodified-Since: Mon, 11 Nov 2024 00:17:54 GMT
Range: bytes=1120-1139
User-Agent: Microsoft BITS/7.8
Host: msedge.b.tlu.dl.delivery.mp.microsoft.com
ResponseHTTP/1.1 206 Partial Content
Date: Mon, 17 Mar 2025 08:44:36 GMT
Content-Type: application/x-chrome-extension
Content-Length: 20
Connection: keep-alive
Age: 434
Cache-Control: public, max-age=17280000
Etag: "3AWVl34DSMJKHl2C217ukEQM0Mw="
Last-Modified: Mon, 11 Nov 2024 00:17:54 GMT
MS-CorrelationId: 205c2916-df22-4c46-a28e-6c2dc505958d
MS-CV: 7cqM8pKkVUu2bUpF.0
MS-RequestId: 018c4aa9-70c6-4132-bed1-45eaba10281e
X-AspNet-Version: 4.0.30319
X-AspNetMvc-Version: 5.3
X-Cache: HIT
X-CCC: it
X-CID: 9
X-Powered-By: ASP.NET
X-Powered-By: ARR/3.0
X-Powered-By: ASP.NET
Ocn-Cache-Status: HIT
Ocn-Requestid: 100000080e7c89d7-4401127585-3
Ocn-Served-By: QLT
Content-Range: bytes 1120-1139/6252
Server: Qwilt
X-OC-Service-Type: lo
-
GEThttp://msedge.b.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/2a0d597c-a09c-4400-be86-87596dd2e696?P1=1742398250&P2=404&P3=2&P4=GJiYttRlo4nV%2bbCGVsyCQPNQ%2fgfG3lTrF69fB%2buqLvaFKrpLmBcD46lOxkAAKupfAnvEa48IdLbzXknjxRBY6w%3d%3dRemote address:91.81.130.134:80RequestGET /filestreamingservice/files/2a0d597c-a09c-4400-be86-87596dd2e696?P1=1742398250&P2=404&P3=2&P4=GJiYttRlo4nV%2bbCGVsyCQPNQ%2fgfG3lTrF69fB%2buqLvaFKrpLmBcD46lOxkAAKupfAnvEa48IdLbzXknjxRBY6w%3d%3d HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
If-Unmodified-Since: Mon, 11 Nov 2024 00:17:54 GMT
Range: bytes=1140-1252
User-Agent: Microsoft BITS/7.8
Host: msedge.b.tlu.dl.delivery.mp.microsoft.com
ResponseHTTP/1.1 206 Partial Content
Date: Mon, 17 Mar 2025 08:44:42 GMT
Content-Type: application/x-chrome-extension
Content-Length: 113
Connection: keep-alive
Age: 434
Cache-Control: public, max-age=17280000
Etag: "3AWVl34DSMJKHl2C217ukEQM0Mw="
Last-Modified: Mon, 11 Nov 2024 00:17:54 GMT
MS-CorrelationId: 205c2916-df22-4c46-a28e-6c2dc505958d
MS-CV: 7cqM8pKkVUu2bUpF.0
MS-RequestId: 018c4aa9-70c6-4132-bed1-45eaba10281e
X-AspNet-Version: 4.0.30319
X-AspNetMvc-Version: 5.3
X-Cache: HIT
X-CCC: it
X-CID: 9
X-Powered-By: ASP.NET
X-Powered-By: ARR/3.0
X-Powered-By: ASP.NET
Ocn-Cache-Status: HIT
Ocn-Requestid: 100000080e7d0e44-4401127585-4
Ocn-Served-By: QLT
Content-Range: bytes 1140-1252/6252
Server: Qwilt
X-OC-Service-Type: lo
-
GEThttp://msedge.b.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/2a0d597c-a09c-4400-be86-87596dd2e696?P1=1742398250&P2=404&P3=2&P4=GJiYttRlo4nV%2bbCGVsyCQPNQ%2fgfG3lTrF69fB%2buqLvaFKrpLmBcD46lOxkAAKupfAnvEa48IdLbzXknjxRBY6w%3d%3dRemote address:91.81.130.134:80RequestGET /filestreamingservice/files/2a0d597c-a09c-4400-be86-87596dd2e696?P1=1742398250&P2=404&P3=2&P4=GJiYttRlo4nV%2bbCGVsyCQPNQ%2fgfG3lTrF69fB%2buqLvaFKrpLmBcD46lOxkAAKupfAnvEa48IdLbzXknjxRBY6w%3d%3d HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
If-Unmodified-Since: Mon, 11 Nov 2024 00:17:54 GMT
Range: bytes=1253-5361
User-Agent: Microsoft BITS/7.8
Host: msedge.b.tlu.dl.delivery.mp.microsoft.com
ResponseHTTP/1.1 206 Partial Content
Date: Mon, 17 Mar 2025 08:44:48 GMT
Content-Type: application/x-chrome-extension
Content-Length: 4109
Connection: keep-alive
Age: 434
Cache-Control: public, max-age=17280000
Etag: "3AWVl34DSMJKHl2C217ukEQM0Mw="
Last-Modified: Mon, 11 Nov 2024 00:17:54 GMT
MS-CorrelationId: 205c2916-df22-4c46-a28e-6c2dc505958d
MS-CV: 7cqM8pKkVUu2bUpF.0
MS-RequestId: 018c4aa9-70c6-4132-bed1-45eaba10281e
X-AspNet-Version: 4.0.30319
X-AspNetMvc-Version: 5.3
X-Cache: HIT
X-CCC: it
X-CID: 9
X-Powered-By: ASP.NET
X-Powered-By: ARR/3.0
X-Powered-By: ASP.NET
Ocn-Cache-Status: HIT
Ocn-Requestid: 100000080e7d9b9e-4401127585-5
Ocn-Served-By: QLT
Content-Range: bytes 1253-5361/6252
Server: Qwilt
X-OC-Service-Type: lo
-
GEThttp://msedge.b.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/2a0d597c-a09c-4400-be86-87596dd2e696?P1=1742398250&P2=404&P3=2&P4=GJiYttRlo4nV%2bbCGVsyCQPNQ%2fgfG3lTrF69fB%2buqLvaFKrpLmBcD46lOxkAAKupfAnvEa48IdLbzXknjxRBY6w%3d%3dRemote address:91.81.130.134:80RequestGET /filestreamingservice/files/2a0d597c-a09c-4400-be86-87596dd2e696?P1=1742398250&P2=404&P3=2&P4=GJiYttRlo4nV%2bbCGVsyCQPNQ%2fgfG3lTrF69fB%2buqLvaFKrpLmBcD46lOxkAAKupfAnvEa48IdLbzXknjxRBY6w%3d%3d HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
If-Unmodified-Since: Mon, 11 Nov 2024 00:17:54 GMT
Range: bytes=5362-6251
User-Agent: Microsoft BITS/7.8
Host: msedge.b.tlu.dl.delivery.mp.microsoft.com
ResponseHTTP/1.1 206 Partial Content
Date: Mon, 17 Mar 2025 08:44:49 GMT
Content-Type: application/x-chrome-extension
Content-Length: 890
Connection: keep-alive
Age: 434
Cache-Control: public, max-age=17280000
Etag: "3AWVl34DSMJKHl2C217ukEQM0Mw="
Last-Modified: Mon, 11 Nov 2024 00:17:54 GMT
MS-CorrelationId: 205c2916-df22-4c46-a28e-6c2dc505958d
MS-CV: 7cqM8pKkVUu2bUpF.0
MS-RequestId: 018c4aa9-70c6-4132-bed1-45eaba10281e
X-AspNet-Version: 4.0.30319
X-AspNetMvc-Version: 5.3
X-Cache: HIT
X-CCC: it
X-CID: 9
X-Powered-By: ASP.NET
X-Powered-By: ARR/3.0
X-Powered-By: ASP.NET
Ocn-Cache-Status: HIT
Ocn-Requestid: 100000080e7db2d1-4401127585-6
Ocn-Served-By: QLT
Content-Range: bytes 5362-6251/6252
Server: Qwilt
X-OC-Service-Type: lo
-
HEADhttp://msedge.b.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/51e2aa9e-0a9d-4432-95ba-449f08b06e7d?P1=1742805759&P2=404&P3=2&P4=MezMIk4mM0yYhCXTLloInF6tuCoiC%2fHIvyxs4W2WArki6ROEBiVfYYDB8UdxJhx8bwxgfDSFDUVGba6THzj%2bpg%3d%3dRemote address:91.81.130.134:80RequestHEAD /filestreamingservice/files/51e2aa9e-0a9d-4432-95ba-449f08b06e7d?P1=1742805759&P2=404&P3=2&P4=MezMIk4mM0yYhCXTLloInF6tuCoiC%2fHIvyxs4W2WArki6ROEBiVfYYDB8UdxJhx8bwxgfDSFDUVGba6THzj%2bpg%3d%3d HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
User-Agent: Microsoft BITS/7.8
Host: msedge.b.tlu.dl.delivery.mp.microsoft.com
ResponseHTTP/1.1 200 OK
Date: Mon, 17 Mar 2025 08:45:14 GMT
Content-Type: application/x-chrome-extension
Content-Length: 178844
Connection: keep-alive
Cache-Control: public, max-age=17280000
Last-Modified: Mon, 17 Mar 2025 07:46:05 GMT
ETag: "CjBXyQgSs5Rbiu4Qz9rGMYyL7sg="
X-AspNetMvc-Version: 5.3
MS-CorrelationId: 920835c4-2998-48e4-8775-713c566cd493
MS-RequestId: ed8b1684-7861-463f-aa55-dee43274849e
MS-CV: QjUNvwBMl0Osm34F.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
X-Powered-By: ARR/3.0
X-Powered-By: ASP.NET
X-CID: 9
X-CCC: it
Ocn-Cache-Status: HIT
Ocn-Requestid: 100000080e7fdb6a-4401127585-7
Ocn-Served-By: QLT
Accept-Ranges: bytes
Server: Qwilt
X-OC-Service-Type: lo
-
GEThttp://msedge.b.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/51e2aa9e-0a9d-4432-95ba-449f08b06e7d?P1=1742805759&P2=404&P3=2&P4=MezMIk4mM0yYhCXTLloInF6tuCoiC%2fHIvyxs4W2WArki6ROEBiVfYYDB8UdxJhx8bwxgfDSFDUVGba6THzj%2bpg%3d%3dRemote address:91.81.130.134:80RequestGET /filestreamingservice/files/51e2aa9e-0a9d-4432-95ba-449f08b06e7d?P1=1742805759&P2=404&P3=2&P4=MezMIk4mM0yYhCXTLloInF6tuCoiC%2fHIvyxs4W2WArki6ROEBiVfYYDB8UdxJhx8bwxgfDSFDUVGba6THzj%2bpg%3d%3d HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
If-Unmodified-Since: Mon, 17 Mar 2025 07:46:05 GMT
Range: bytes=0-37794
User-Agent: Microsoft BITS/7.8
Host: msedge.b.tlu.dl.delivery.mp.microsoft.com
ResponseHTTP/1.1 206 Partial Content
Date: Mon, 17 Mar 2025 08:45:14 GMT
Content-Type: application/x-chrome-extension
Content-Length: 37795
Connection: keep-alive
Cache-Control: public, max-age=17280000
Last-Modified: Mon, 17 Mar 2025 07:46:05 GMT
ETag: "CjBXyQgSs5Rbiu4Qz9rGMYyL7sg="
X-AspNetMvc-Version: 5.3
MS-CorrelationId: 920835c4-2998-48e4-8775-713c566cd493
MS-RequestId: ed8b1684-7861-463f-aa55-dee43274849e
MS-CV: QjUNvwBMl0Osm34F.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
X-Powered-By: ARR/3.0
X-Powered-By: ASP.NET
X-CID: 9
X-CCC: it
Ocn-Cache-Status: HIT
Ocn-Requestid: 100000080e7fdd82-4401127585-8
Ocn-Served-By: QLT
Content-Range: bytes 0-37794/178844
Server: Qwilt
X-OC-Service-Type: lo
-
GEThttp://msedge.b.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/51e2aa9e-0a9d-4432-95ba-449f08b06e7d?P1=1742805759&P2=404&P3=2&P4=MezMIk4mM0yYhCXTLloInF6tuCoiC%2fHIvyxs4W2WArki6ROEBiVfYYDB8UdxJhx8bwxgfDSFDUVGba6THzj%2bpg%3d%3dRemote address:91.81.130.134:80RequestGET /filestreamingservice/files/51e2aa9e-0a9d-4432-95ba-449f08b06e7d?P1=1742805759&P2=404&P3=2&P4=MezMIk4mM0yYhCXTLloInF6tuCoiC%2fHIvyxs4W2WArki6ROEBiVfYYDB8UdxJhx8bwxgfDSFDUVGba6THzj%2bpg%3d%3d HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
If-Unmodified-Since: Mon, 17 Mar 2025 07:46:05 GMT
Range: bytes=37795-133660
User-Agent: Microsoft BITS/7.8
Host: msedge.b.tlu.dl.delivery.mp.microsoft.com
ResponseHTTP/1.1 206 Partial Content
Date: Mon, 17 Mar 2025 08:45:15 GMT
Content-Type: application/x-chrome-extension
Content-Length: 95866
Connection: keep-alive
Cache-Control: public, max-age=17280000
Last-Modified: Mon, 17 Mar 2025 07:46:05 GMT
ETag: "CjBXyQgSs5Rbiu4Qz9rGMYyL7sg="
X-AspNetMvc-Version: 5.3
MS-CorrelationId: 920835c4-2998-48e4-8775-713c566cd493
MS-RequestId: ed8b1684-7861-463f-aa55-dee43274849e
MS-CV: QjUNvwBMl0Osm34F.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
X-Powered-By: ARR/3.0
X-Powered-By: ASP.NET
X-CID: 9
X-CCC: it
Ocn-Cache-Status: HIT
Ocn-Requestid: 100000080e7ff4f8-4401127585-9
Ocn-Served-By: QLT
Content-Range: bytes 37795-133660/178844
Server: Qwilt
X-OC-Service-Type: lo
-
GEThttp://msedge.b.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/51e2aa9e-0a9d-4432-95ba-449f08b06e7d?P1=1742805759&P2=404&P3=2&P4=MezMIk4mM0yYhCXTLloInF6tuCoiC%2fHIvyxs4W2WArki6ROEBiVfYYDB8UdxJhx8bwxgfDSFDUVGba6THzj%2bpg%3d%3dRemote address:91.81.130.134:80RequestGET /filestreamingservice/files/51e2aa9e-0a9d-4432-95ba-449f08b06e7d?P1=1742805759&P2=404&P3=2&P4=MezMIk4mM0yYhCXTLloInF6tuCoiC%2fHIvyxs4W2WArki6ROEBiVfYYDB8UdxJhx8bwxgfDSFDUVGba6THzj%2bpg%3d%3d HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
If-Unmodified-Since: Mon, 17 Mar 2025 07:46:05 GMT
Range: bytes=133661-149705
User-Agent: Microsoft BITS/7.8
Host: msedge.b.tlu.dl.delivery.mp.microsoft.com
ResponseHTTP/1.1 206 Partial Content
Date: Mon, 17 Mar 2025 08:45:17 GMT
Content-Type: application/x-chrome-extension
Content-Length: 16045
Connection: keep-alive
Cache-Control: public, max-age=17280000
Last-Modified: Mon, 17 Mar 2025 07:46:05 GMT
ETag: "CjBXyQgSs5Rbiu4Qz9rGMYyL7sg="
X-AspNetMvc-Version: 5.3
MS-CorrelationId: 920835c4-2998-48e4-8775-713c566cd493
MS-RequestId: ed8b1684-7861-463f-aa55-dee43274849e
MS-CV: QjUNvwBMl0Osm34F.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
X-Powered-By: ARR/3.0
X-Powered-By: ASP.NET
X-CID: 9
X-CCC: it
Ocn-Cache-Status: HIT
Ocn-Requestid: 100000080e8023bd-4401127585-10
Ocn-Served-By: QLT
Content-Range: bytes 133661-149705/178844
Server: Qwilt
X-OC-Service-Type: lo
-
GEThttp://msedge.b.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/51e2aa9e-0a9d-4432-95ba-449f08b06e7d?P1=1742805759&P2=404&P3=2&P4=MezMIk4mM0yYhCXTLloInF6tuCoiC%2fHIvyxs4W2WArki6ROEBiVfYYDB8UdxJhx8bwxgfDSFDUVGba6THzj%2bpg%3d%3dRemote address:91.81.130.134:80RequestGET /filestreamingservice/files/51e2aa9e-0a9d-4432-95ba-449f08b06e7d?P1=1742805759&P2=404&P3=2&P4=MezMIk4mM0yYhCXTLloInF6tuCoiC%2fHIvyxs4W2WArki6ROEBiVfYYDB8UdxJhx8bwxgfDSFDUVGba6THzj%2bpg%3d%3d HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
If-Unmodified-Since: Mon, 17 Mar 2025 07:46:05 GMT
Range: bytes=149706-178843
User-Agent: Microsoft BITS/7.8
Host: msedge.b.tlu.dl.delivery.mp.microsoft.com
ResponseHTTP/1.1 206 Partial Content
Date: Mon, 17 Mar 2025 08:45:18 GMT
Content-Type: application/x-chrome-extension
Content-Length: 29138
Connection: keep-alive
Cache-Control: public, max-age=17280000
Last-Modified: Mon, 17 Mar 2025 07:46:05 GMT
ETag: "CjBXyQgSs5Rbiu4Qz9rGMYyL7sg="
X-AspNetMvc-Version: 5.3
MS-CorrelationId: 920835c4-2998-48e4-8775-713c566cd493
MS-RequestId: ed8b1684-7861-463f-aa55-dee43274849e
MS-CV: QjUNvwBMl0Osm34F.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
X-Powered-By: ARR/3.0
X-Powered-By: ASP.NET
X-CID: 9
X-CCC: it
Ocn-Cache-Status: HIT
Ocn-Requestid: 100000080e803aaf-4401127585-11
Ocn-Served-By: QLT
Content-Range: bytes 149706-178843/178844
Server: Qwilt
X-OC-Service-Type: lo
-
DNSaefd.nelreports.netRemote address:8.8.8.8:53Requestaefd.nelreports.netIN AResponseaefd.nelreports.netIN CNAMEaefd.nelreports.net.akamaized.netaefd.nelreports.net.akamaized.netIN CNAMEa1851.dscg2.akamai.neta1851.dscg2.akamai.netIN A104.77.160.79a1851.dscg2.akamai.netIN A104.77.160.71a1851.dscg2.akamai.netIN A104.77.160.84a1851.dscg2.akamai.netIN A104.77.160.75
-
DNSaefd.nelreports.netRemote address:8.8.8.8:53Requestaefd.nelreports.netIN UnknownResponseaefd.nelreports.netIN CNAMEaefd.nelreports.net.akamaized.netaefd.nelreports.net.akamaized.netIN CNAMEa1851.dscg2.akamai.net
-
DNSedge.microsoft.comRemote address:8.8.8.8:53Requestedge.microsoft.comIN AResponseedge.microsoft.comIN CNAMEedge-domain.trafficmanager.netedge-domain.trafficmanager.netIN CNAMEedge-microsoft-com.ax-0002.ax-msedge.netedge-microsoft-com.ax-0002.ax-msedge.netIN CNAMEax-0002.ax-msedge.netax-0002.ax-msedge.netIN A150.171.28.11ax-0002.ax-msedge.netIN A150.171.27.11
-
DNSedge.microsoft.comRemote address:8.8.8.8:53Requestedge.microsoft.comIN UnknownResponseedge.microsoft.comIN CNAMEedge-domain.trafficmanager.netedge-domain.trafficmanager.netIN CNAMEedge-microsoft-com.dual-a-0036.a-msedge.netedge-microsoft-com.dual-a-0036.a-msedge.netIN CNAMEdual-a-0036.a-msedge.net
-
13.107.21.239:80http://edge.microsoft.com/browsernetworktime/time/1/current?cup2key=2:QdSHV7UuCQJP73EAUks2JWDmYP2anL-Suwc4vmQwPyc&cup2hreq=e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855http
HTTP Request
GET http://edge.microsoft.com/browsernetworktime/time/1/current?cup2key=2:QdSHV7UuCQJP73EAUks2JWDmYP2anL-Suwc4vmQwPyc&cup2hreq=e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855HTTP Response
200 -
20.26.156.215:443github.comtls -
13.107.21.239:443edge.microsoft.comtls
-
94.245.104.56:443api.edgeoffer.microsoft.com -
94.245.104.56:443api.edgeoffer.microsoft.comtls
-
20.26.156.216:443codeload.github.com
-
20.26.156.216:443codeload.github.comtls
-
13.107.21.239:443edge.microsoft.comtls
-
88.221.135.58:443www.bing.comtls
-
13.107.21.239:443edge.microsoft.comtls
-
13.107.246.64:443edgeassetservice.azureedge.nettls
-
13.107.246.64:443edgeassetservice.azureedge.net
-
13.107.246.64:443edgeassetservice.azureedge.net
-
13.107.246.64:443edgeassetservice.azureedge.nettls
-
104.77.160.94:443assets.msn.comtls
-
104.77.160.94:443assets.msn.comtls
-
95.101.143.177:443www.bing.comtls
-
104.77.160.94:443assets.msn.comtls
-
13.74.129.1:443c.msn.comtls
-
150.171.27.10:443c.bing.comtls
-
88.221.135.42:443th.bing.comtls
-
52.222.169.99:443sb.scorecardresearch.comtls -
104.77.160.68:443img-s-msn-com.akamaized.nettls
-
20.189.173.8:443browser.events.data.msn.comtls
-
88.221.135.43:443r.bing.comtls
-
88.221.135.43:443r.bing.comtls
-
204.79.197.219:443r.msftstatic.comtls
-
204.79.197.219:443r.msftstatic.comtls
-
23.192.24.182:443ecn.dev.virtualearth.nettls
-
88.221.134.249:443r.bing.comtls
-
88.221.134.249:443r.bing.comtls
-
88.221.134.249:443th.bing.comtls
-
88.221.134.249:443th.bing.comtls
-
150.171.27.10:443tse2.mm.bing.nettls
-
40.126.32.68:443login.microsoftonline.comtls -
13.107.246.64:443edge-consumer-static.azureedge.nettls
-
66.254.114.41:443www.pornhub.comtls
-
66.254.114.41:443www.pornhub.comtls
-
64.210.156.20:443static.trafficjunky.comtls
-
64.210.156.20:443static.trafficjunky.comtls
-
64.210.156.17:443ei.phncdn.comtls
-
64.210.156.17:443ei.phncdn.comtls
-
64.210.156.17:443ei.phncdn.comtls
-
64.210.156.17:443ei.phncdn.comtls
-
64.210.156.17:443ei.phncdn.comtls
-
64.210.156.17:443ei.phncdn.comtls
-
64.210.156.16:443media.trafficjunky.nettls
-
66.254.114.156:443cdn1-smallimg.phncdn.comtls
-
64.210.156.17:443ei.phncdn.comtls
-
66.254.114.171:443a.adtng.comtls
-
13.107.21.239:443edge.microsoft.comtls
-
64.210.156.23:443ht-cdn2.adtng.comtls
-
64.210.156.23:443ht-cdn2.adtng.comtls
-
64.210.156.23:443ht-cdn2.adtng.comtls
-
216.239.32.36:443region1.google-analytics.comtls
-
151.101.67.52:443hw-cdn2.adtng.comtls
-
64.210.156.20:443static.trafficjunky.comtls
-
142.250.200.27:443storage.googleapis.comtls
-
13.107.246.64:443static.edge.microsoftapp.nettls
-
13.107.21.239:443edge.microsoft.comtls
-
91.81.130.134:80http://msedge.b.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/51e2aa9e-0a9d-4432-95ba-449f08b06e7d?P1=1742805759&P2=404&P3=2&P4=MezMIk4mM0yYhCXTLloInF6tuCoiC%2fHIvyxs4W2WArki6ROEBiVfYYDB8UdxJhx8bwxgfDSFDUVGba6THzj%2bpg%3d%3dhttp
HTTP Request
HEAD http://msedge.b.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/2a0d597c-a09c-4400-be86-87596dd2e696?P1=1742398250&P2=404&P3=2&P4=GJiYttRlo4nV%2bbCGVsyCQPNQ%2fgfG3lTrF69fB%2buqLvaFKrpLmBcD46lOxkAAKupfAnvEa48IdLbzXknjxRBY6w%3d%3dHTTP Response
200HTTP Request
GET http://msedge.b.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/2a0d597c-a09c-4400-be86-87596dd2e696?P1=1742398250&P2=404&P3=2&P4=GJiYttRlo4nV%2bbCGVsyCQPNQ%2fgfG3lTrF69fB%2buqLvaFKrpLmBcD46lOxkAAKupfAnvEa48IdLbzXknjxRBY6w%3d%3dHTTP Response
206HTTP Request
GET http://msedge.b.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/2a0d597c-a09c-4400-be86-87596dd2e696?P1=1742398250&P2=404&P3=2&P4=GJiYttRlo4nV%2bbCGVsyCQPNQ%2fgfG3lTrF69fB%2buqLvaFKrpLmBcD46lOxkAAKupfAnvEa48IdLbzXknjxRBY6w%3d%3dHTTP Response
206HTTP Request
GET http://msedge.b.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/2a0d597c-a09c-4400-be86-87596dd2e696?P1=1742398250&P2=404&P3=2&P4=GJiYttRlo4nV%2bbCGVsyCQPNQ%2fgfG3lTrF69fB%2buqLvaFKrpLmBcD46lOxkAAKupfAnvEa48IdLbzXknjxRBY6w%3d%3dHTTP Response
206HTTP Request
GET http://msedge.b.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/2a0d597c-a09c-4400-be86-87596dd2e696?P1=1742398250&P2=404&P3=2&P4=GJiYttRlo4nV%2bbCGVsyCQPNQ%2fgfG3lTrF69fB%2buqLvaFKrpLmBcD46lOxkAAKupfAnvEa48IdLbzXknjxRBY6w%3d%3dHTTP Response
206HTTP Request
GET http://msedge.b.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/2a0d597c-a09c-4400-be86-87596dd2e696?P1=1742398250&P2=404&P3=2&P4=GJiYttRlo4nV%2bbCGVsyCQPNQ%2fgfG3lTrF69fB%2buqLvaFKrpLmBcD46lOxkAAKupfAnvEa48IdLbzXknjxRBY6w%3d%3dHTTP Response
206HTTP Request
HEAD http://msedge.b.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/51e2aa9e-0a9d-4432-95ba-449f08b06e7d?P1=1742805759&P2=404&P3=2&P4=MezMIk4mM0yYhCXTLloInF6tuCoiC%2fHIvyxs4W2WArki6ROEBiVfYYDB8UdxJhx8bwxgfDSFDUVGba6THzj%2bpg%3d%3dHTTP Response
200HTTP Request
GET http://msedge.b.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/51e2aa9e-0a9d-4432-95ba-449f08b06e7d?P1=1742805759&P2=404&P3=2&P4=MezMIk4mM0yYhCXTLloInF6tuCoiC%2fHIvyxs4W2WArki6ROEBiVfYYDB8UdxJhx8bwxgfDSFDUVGba6THzj%2bpg%3d%3dHTTP Response
206HTTP Request
GET http://msedge.b.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/51e2aa9e-0a9d-4432-95ba-449f08b06e7d?P1=1742805759&P2=404&P3=2&P4=MezMIk4mM0yYhCXTLloInF6tuCoiC%2fHIvyxs4W2WArki6ROEBiVfYYDB8UdxJhx8bwxgfDSFDUVGba6THzj%2bpg%3d%3dHTTP Response
206HTTP Request
GET http://msedge.b.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/51e2aa9e-0a9d-4432-95ba-449f08b06e7d?P1=1742805759&P2=404&P3=2&P4=MezMIk4mM0yYhCXTLloInF6tuCoiC%2fHIvyxs4W2WArki6ROEBiVfYYDB8UdxJhx8bwxgfDSFDUVGba6THzj%2bpg%3d%3dHTTP Response
206HTTP Request
GET http://msedge.b.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/51e2aa9e-0a9d-4432-95ba-449f08b06e7d?P1=1742805759&P2=404&P3=2&P4=MezMIk4mM0yYhCXTLloInF6tuCoiC%2fHIvyxs4W2WArki6ROEBiVfYYDB8UdxJhx8bwxgfDSFDUVGba6THzj%2bpg%3d%3dHTTP Response
206 -
104.77.160.79:443aefd.nelreports.nettls
-
104.77.160.79:443aefd.nelreports.nettls
-
204.79.197.203:445srtb.msn.com
-
10.127.0.1:445 -
95.101.143.177:445www.bing.com
-
104.77.160.94:445assets.msn.com
-
10.127.0.0:445
-
204.79.197.203:139srtb.msn.com
-
10.127.0.1:139
-
95.101.143.177:139www.bing.com
-
104.77.160.94:139assets.msn.com
-
10.127.0.0:139
-
10.127.0.1:445
-
10.127.0.1:139
-
10.127.0.2:445
-
10.127.0.2:139
-
10.127.0.3:445
-
86.59.21.38:443 -
127.0.0.1:50979
-
10.127.0.3:139
-
10.127.0.4:445
-
10.127.0.4:139
-
10.127.0.5:445
-
150.171.27.10:445tse2.mm.bing.net
-
88.221.135.42:445r.bing.com
-
104.77.160.68:445img-s-msn-com.akamaized.net
-
10.127.0.5:139
-
104.77.160.68:139img-s-msn-com.akamaized.net
-
88.221.135.42:139r.bing.com
-
150.171.27.10:139tse2.mm.bing.net
-
10.127.0.6:445
-
8.8.8.8:53github.comdns
DNS Request
github.com
DNS Response
20.26.156.215
-
8.8.8.8:53github.comdns
DNS Request
github.com
-
8.8.8.8:53edge.microsoft.comdns
DNS Request
edge.microsoft.com
DNS Response
13.107.21.239204.79.197.239
-
8.8.8.8:53edge.microsoft.comdns
DNS Request
edge.microsoft.com
-
8.8.8.8:53edge.microsoft.comdns
DNS Request
edge.microsoft.com
DNS Response
13.107.21.239204.79.197.239
-
8.8.8.8:53edge.microsoft.comdns
DNS Request
edge.microsoft.com
-
8.8.8.8:53api.edgeoffer.microsoft.comdns
DNS Request
api.edgeoffer.microsoft.com
DNS Response
94.245.104.56
-
8.8.8.8:53api.edgeoffer.microsoft.comdns
DNS Request
api.edgeoffer.microsoft.com
-
8.8.8.8:53codeload.github.comdns
DNS Request
codeload.github.com
DNS Response
20.26.156.216
-
8.8.8.8:53codeload.github.comdns
DNS Request
codeload.github.com
-
8.8.8.8:53edge.microsoft.comdns
DNS Request
edge.microsoft.com
DNS Response
13.107.21.239204.79.197.239
-
8.8.8.8:53edge.microsoft.comdns
DNS Request
edge.microsoft.com
-
8.8.8.8:53edgeassetservice.azureedge.netdns
DNS Request
edgeassetservice.azureedge.net
DNS Response
13.107.246.64
-
8.8.8.8:53edgeassetservice.azureedge.netdns
DNS Request
edgeassetservice.azureedge.net
-
224.0.0.251:5353
-
88.221.135.58:443www.bing.comhttps
-
8.8.8.8:53ntp.msn.comdns
DNS Request
ntp.msn.com
DNS Response
204.79.197.203
-
8.8.8.8:53ntp.msn.comdns
DNS Request
ntp.msn.com
-
8.8.8.8:53img-s-msn-com.akamaized.netdns
DNS Request
img-s-msn-com.akamaized.net
DNS Response
104.77.160.68104.77.160.77104.77.160.83104.77.160.69104.77.160.79104.77.160.95104.77.160.80104.77.160.84104.77.160.88
-
8.8.8.8:53img-s-msn-com.akamaized.netdns
DNS Request
img-s-msn-com.akamaized.net
-
8.8.8.8:53sb.scorecardresearch.comdns
DNS Request
sb.scorecardresearch.com
DNS Response
52.222.169.9952.222.169.2752.222.169.7652.222.169.106
-
8.8.8.8:53sb.scorecardresearch.comdns
DNS Request
sb.scorecardresearch.com
-
8.8.8.8:53th.bing.comdns
DNS Request
th.bing.com
DNS Response
88.221.135.4288.221.135.4088.221.135.4188.221.135.3588.221.135.5188.221.135.4988.221.135.3488.221.135.5088.221.135.48
-
8.8.8.8:53th.bing.comdns
DNS Request
th.bing.com
-
8.8.8.8:53assets.msn.comdns
DNS Request
assets.msn.com
DNS Response
104.77.160.94104.77.160.86104.77.160.90104.77.160.75104.77.160.76104.77.160.69104.77.160.91104.77.160.72104.77.160.71
-
8.8.8.8:53assets.msn.comdns
DNS Request
assets.msn.com
-
8.8.8.8:53c.msn.comdns
DNS Request
c.msn.com
DNS Response
13.74.129.1
-
8.8.8.8:53c.msn.comdns
DNS Request
c.msn.com
-
8.8.8.8:53c.bing.comdns
DNS Request
c.bing.com
DNS Response
150.171.27.10150.171.28.10
-
8.8.8.8:53c.bing.comdns
DNS Request
c.bing.com
-
104.77.160.94:443assets.msn.comhttps
-
8.8.8.8:53browser.events.data.msn.comdns
DNS Request
browser.events.data.msn.com
DNS Response
20.189.173.8
-
8.8.8.8:53browser.events.data.msn.comdns
DNS Request
browser.events.data.msn.com
-
104.77.160.94:443assets.msn.comhttps
-
104.77.160.68:443img-s-msn-com.akamaized.nethttps
-
8.8.8.8:53srtb.msn.comdns
DNS Request
srtb.msn.com
DNS Response
204.79.197.203
-
8.8.8.8:53srtb.msn.comdns
DNS Request
srtb.msn.com
-
8.8.8.8:53r.bing.comdns
DNS Request
r.bing.com
DNS Response
88.221.135.4388.221.135.4088.221.135.2688.221.135.3288.221.135.3588.221.135.2788.221.135.4288.221.135.4188.221.135.48
-
8.8.8.8:53r.bing.comdns
DNS Request
r.bing.com
-
8.8.8.8:53r.msftstatic.comdns
DNS Request
r.msftstatic.com
DNS Response
204.79.197.219
-
8.8.8.8:53r.msftstatic.comdns
DNS Request
r.msftstatic.com
-
95.101.143.177:443www.bing.comhttps
-
8.8.8.8:53ecn.dev.virtualearth.netdns
DNS Request
ecn.dev.virtualearth.net
DNS Response
23.192.24.182
-
8.8.8.8:53ecn.dev.virtualearth.netdns
DNS Request
ecn.dev.virtualearth.net
-
88.221.135.42:443r.bing.comhttps
-
8.8.8.8:53r.bing.comdns
DNS Request
r.bing.com
DNS Response
88.221.134.24995.101.143.18388.221.135.095.101.143.21088.221.134.24895.101.143.21188.221.134.25195.101.143.21995.101.143.218
-
8.8.8.8:53r.bing.comdns
DNS Request
r.bing.com
-
8.8.8.8:53th.bing.comdns
DNS Request
th.bing.com
DNS Response
88.221.134.24995.101.143.21988.221.135.088.221.135.288.221.135.388.221.134.25195.101.143.21888.221.134.24895.101.143.211
-
8.8.8.8:53th.bing.comdns
DNS Request
th.bing.com
-
8.8.8.8:53tse2.mm.bing.netdns
DNS Request
tse2.mm.bing.net
DNS Response
150.171.27.10150.171.28.10
-
8.8.8.8:53tse2.mm.bing.netdns
DNS Request
tse2.mm.bing.net
-
88.221.134.249:443th.bing.comhttps
-
88.221.134.249:443th.bing.comhttps
-
8.8.8.8:53login.microsoftonline.comdns
DNS Request
login.microsoftonline.com
DNS Response
40.126.32.6840.126.32.13820.190.160.2020.190.160.320.190.160.6520.190.160.6420.190.160.240.126.32.140
-
8.8.8.8:53login.microsoftonline.comdns
DNS Request
login.microsoftonline.com
-
8.8.8.8:53edge-consumer-static.azureedge.netdns
DNS Request
edge-consumer-static.azureedge.net
DNS Response
13.107.246.64
-
8.8.8.8:53edge-consumer-static.azureedge.netdns
DNS Request
edge-consumer-static.azureedge.net
-
8.8.8.8:53www.pornhub.comdns
DNS Request
www.pornhub.com
DNS Response
66.254.114.41
-
8.8.8.8:53www.pornhub.comdns
DNS Request
www.pornhub.com
-
8.8.8.8:53static.trafficjunky.comdns
DNS Request
static.trafficjunky.com
DNS Response
64.210.156.2064.210.156.1964.210.156.2164.210.156.1864.210.156.1664.210.156.2364.210.156.1764.210.156.22
-
8.8.8.8:53static.trafficjunky.comdns
DNS Request
static.trafficjunky.com
-
8.8.8.8:53ei.phncdn.comdns
DNS Request
ei.phncdn.com
DNS Response
64.210.156.1764.210.156.2264.210.156.1864.210.156.2164.210.156.1664.210.156.2064.210.156.1964.210.156.23
-
8.8.8.8:53ei.phncdn.comdns
DNS Request
ei.phncdn.com
-
8.8.8.8:53media.trafficjunky.netdns
DNS Request
media.trafficjunky.net
DNS Response
64.210.156.1664.210.156.1764.210.156.1964.210.156.1864.210.156.2164.210.156.2064.210.156.2364.210.156.22
-
8.8.8.8:53media.trafficjunky.netdns
DNS Request
media.trafficjunky.net
-
8.8.8.8:53cdn1-smallimg.phncdn.comdns
DNS Request
cdn1-smallimg.phncdn.com
DNS Response
66.254.114.156
-
8.8.8.8:53cdn1-smallimg.phncdn.comdns
DNS Request
cdn1-smallimg.phncdn.com
-
8.8.8.8:53ss.phncdn.comdns
DNS Request
ss.phncdn.com
DNS Response
64.210.156.1664.210.156.1864.210.156.1764.210.156.2264.210.156.2364.210.156.2064.210.156.2164.210.156.19
-
8.8.8.8:53ss.phncdn.comdns
DNS Request
ss.phncdn.com
-
8.8.8.8:53a.adtng.comdns
DNS Request
a.adtng.com
DNS Response
66.254.114.171
-
8.8.8.8:53a.adtng.comdns
DNS Request
a.adtng.com
-
8.8.8.8:53edge.microsoft.comdns
DNS Request
edge.microsoft.com
DNS Response
13.107.21.239204.79.197.239
-
8.8.8.8:53edge.microsoft.comdns
DNS Request
edge.microsoft.com
-
8.8.8.8:53ht-cdn2.adtng.comdns
DNS Request
ht-cdn2.adtng.com
DNS Response
64.210.156.2364.210.156.2264.210.156.1964.210.156.2064.210.156.1664.210.156.1864.210.156.2164.210.156.17
-
8.8.8.8:53ht-cdn2.adtng.comdns
DNS Request
ht-cdn2.adtng.com
-
8.8.8.8:53region1.google-analytics.comdns
DNS Request
region1.google-analytics.com
DNS Response
216.239.32.36216.239.34.36
-
8.8.8.8:53region1.google-analytics.comdns
DNS Request
region1.google-analytics.com
-
8.8.8.8:53hw-cdn2.adtng.comdns
DNS Request
hw-cdn2.adtng.com
DNS Response
151.101.67.52151.101.195.52151.101.131.52151.101.3.52
-
8.8.8.8:53hw-cdn2.adtng.comdns
DNS Request
hw-cdn2.adtng.com
-
8.8.8.8:53storage.googleapis.comdns
DNS Request
storage.googleapis.com
DNS Response
142.250.200.27142.250.187.219172.217.169.91216.58.201.123216.58.212.251172.217.16.251142.250.180.27142.250.178.27172.217.169.59216.58.213.27216.58.204.91142.250.179.251172.217.169.27142.250.187.251142.250.200.59
-
8.8.8.8:53storage.googleapis.comdns
DNS Request
storage.googleapis.com
-
142.250.200.27:443storage.googleapis.comhttps
-
216.239.32.36:443region1.google-analytics.comhttps
-
8.8.8.8:53static.edge.microsoftapp.netdns
DNS Request
static.edge.microsoftapp.net
DNS Response
13.107.246.64
-
8.8.8.8:53static.edge.microsoftapp.netdns
DNS Request
static.edge.microsoftapp.net
-
8.8.8.8:53aefd.nelreports.netdns
DNS Request
aefd.nelreports.net
DNS Response
104.77.160.79104.77.160.71104.77.160.84104.77.160.75
-
8.8.8.8:53aefd.nelreports.netdns
DNS Request
aefd.nelreports.net
-
8.8.8.8:53edge.microsoft.comdns
DNS Request
edge.microsoft.com
DNS Response
150.171.28.11150.171.27.11
-
8.8.8.8:53edge.microsoft.comdns
DNS Request
edge.microsoft.com
-
10.127.0.1:443https
-
95.101.143.177:443www.bing.comhttps
-
104.77.160.94:443assets.msn.comhttps
-
2.16.34.91:443www.bing.comhttps
-
104.77.160.68:443img-s-msn-com.akamaized.nethttps
-
88.221.135.42:443r.bing.comhttps
-
150.171.27.10:443tse2.mm.bing.nethttps
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Pre-OS Boot
1Bootkit
1Scheduled Task/Job
1Scheduled Task
1Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Scheduled Task/Job
1Scheduled Task
1Credential Access
Credentials from Password Stores
1Credentials from Web Browsers
1Unsecured Credentials
1Credentials In Files
1Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
55KB
MD5e8c5f09dd0b04c805f966d1898c393fa
SHA1ed190e343b675b0a9a5d110e1f16c52a268fb46b
SHA25624736a29607e978e8d304dec9dee7fa924c780c46b8397761e828202847d240d
SHA5125e38868d8daf43c7c30f1a0eac45d9b38de4b13f3afef515054fd15bc765d585a9ae9d166f8496d0f481a1916de90cf825afbe293c8417dcd0fa949516e02129
-
Filesize
280B
MD5509e630f2aea0919b6158790ecedff06
SHA1ba9a6adff6f624a938f6ac99ece90fdeadcb47e7
SHA256067308f8a68703d3069336cb4231478addc400f1b5cbb95a5948e87d9dc4f78b
SHA5121cb2680d3b8ddef287547c26f32be407feae3346a8664288de38fe6157fb4aeceb72f780fd21522417298e1639b721b96846d381da34a5eb1f3695e8e6ef7264
-
Filesize
6KB
MD549df6cd696e8ee5a5956f93188cb0973
SHA142c3b7dd9e393cb941201fe76731453969a2053c
SHA256915429565c40eac335559fc237aa6e695c5120445a613f591672d06d3a85881d
SHA5124ff5f78d9ab7bfecbaebbe5e70238aa261fe91f054879096138ee56b66ac385cafb254be0d9bf2cefbcfc680925af44c9707d63ec843ce602be56a7dd620a788
-
Filesize
3KB
MD5b502baa6133d541a9885ea02069337a2
SHA16b32d0f58df7a37eca08cd0211b3fb00768ada09
SHA2567df83304de0693a19b66f85daacbb2b716009b14f755ac8755b50f4d7aafae01
SHA5127b02b3b9eb7c152b95d75d76a626952bfed0b2b7288fa1d35d2aa64947c7e8ed0567a41c299ea48edaf919f5d35358e0dda70da441425e7ad3bcc0cc6a51cff4
-
Filesize
2B
MD599914b932bd37a50b983c5e7c90ae93b
SHA1bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
SHA25644136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
SHA51227c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd
-
Filesize
107KB
MD540e2018187b61af5be8caf035fb72882
SHA172a0b7bcb454b6b727bf90da35879b3e9a70621e
SHA256b3efd9d75856016510dd0bdb5e22359925cee7f2056b3cde6411c55ae8ae8ee5
SHA512a21b8f3f7d646909d6aed605ad5823269f52fda1255aa9bb4d4643e165a7b11935572bf9e0a6a324874f99c20a6f3b6d1e457c7ccd30adcac83c15febc063d12
-
Filesize
6KB
MD5affa335d2c0cf866e232ebff935d067c
SHA10fbeb8d00b4354aa99af4882a0de605db877fcab
SHA2562c8f397fa7dba0d48f336d6583eb3ac9e038e556822f3e89d08ff1bb18765d74
SHA512e4932abb2ab4f85c0d8a3733470b7c4e305abb05d2078aa6886c53635cbefcb1486e7892af1a16e05e3fbaf7e8c4f63224af00fbf25de885f8da9032eb993aef
-
Filesize
2B
MD5d751713988987e9331980363e24189ce
SHA197d170e1550eee4afc0af065b78cda302a97674c
SHA2564f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
SHA512b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af
-
Filesize
211B
MD52f3f807c62d3fd7e81bcbec6dab22326
SHA19afac4ad6fd29f20a4b23eac55341abc69f25470
SHA25623a9053342b794a4418421a2b573bd4e1a91276bf8c0831e039029e4af95d7ad
SHA5120774437570164d7a58d9f5ae29865fb19a160f6fe3d4847015a3641ab5166169c6eaf726545558e5f4983cd9e666d0a0568b3fb9e3223f487616e40f6be1c9e9
-
Filesize
40B
MD520d4b8fa017a12a108c87f540836e250
SHA11ac617fac131262b6d3ce1f52f5907e31d5f6f00
SHA2566028bd681dbf11a0a58dde8a0cd884115c04caa59d080ba51bde1b086ce0079d
SHA512507b2b8a8a168ff8f2bdafa5d9d341c44501a5f17d9f63f3d43bd586bc9e8ae33221887869fa86f845b7d067cb7d2a7009efd71dda36e03a40a74fee04b86856
-
Filesize
18KB
MD50267016e6f9f5b878ba981bf61880110
SHA19c53546355f02a5c86cc6be4bc20c826f3a306f7
SHA256b312b30d6aec6c2d90db639f55ab8b39772ffda19e3c00965e08a15780ddb596
SHA512d3649546b57b80ee0f3b7685dbf061c653853ba1a61bfba5bd70dcb5620e4886aab00bf6b62c6df1d80e2a37cffb0d25bf24c9c8b5b4ed9d3ab6f7cd1d7f0d04
-
Filesize
19KB
MD50a662b03dbcd903210dd8074c342fadf
SHA1791959c22d5d55979589aeccc201b953d089e41f
SHA25658097fe3ab9f5db961caab4496b8d2f85236b19c6606be775a3baa51d6371857
SHA5129703ff12ff7126dccb74a873df45a48a6f7d0fed8880c9f4c198dc06388d0ade06e749c372d6b6fbfc8e041ea88d73b6605eea04608d9622f09066a83cd4f915
-
Filesize
16KB
MD5584812cdd9f4e37b340023537197bb89
SHA1e6e6a03514816102a134b4e59f4ec6813ce28ca5
SHA2564710e62e1361127eef18885e7a9337705adfbf7a98f92b2344aafeefc804a6e4
SHA512f2e51e56b04fadd432d0620296f71319619a8a19e6a166a633bd46cd65c576d06b7dc8140f4b691f9901b776ad57e3c432155204cfc9aed1f9dba003bfafd62b
-
Filesize
37KB
MD595a7c615b97b757558c7882fd46833af
SHA12d4e1c163977aad084d534c41afbf0c3ea43cece
SHA256498fa4434e64f70a533d90398ce3e92a9602ee16f6f7c9c22ef101fa4edba74f
SHA512fc8983b60766fce79f04f1d9d77686b535ae786dc739f521aa0fd87c6e213524f5e7bd716e50cdb4aee701e915814b948a6e0b759d9d4b048420e11fcbb0563c
-
Filesize
72B
MD57ca74dfbb7ee31423d74102b290dff41
SHA10f3786feb2a6284b9edb47ce03d21cf2f1841512
SHA256b2a8a4915bc866523f49bbedcae879730f33bdc4d6dc0cff7de6421a09abf6be
SHA5120247dadd17732224ba8f5a260bccc0ec317e89d0f8b80b795fe6ce2ecbae86179f94d8e17806d43e4c902491e0d810246a4e81405024d9870f38863ce06940b7
-
Filesize
72B
MD543ddc9742e26d2ff78561fbed4b2b14b
SHA196927143b7119948c2063a2b661fb4184ad02733
SHA2562e90cb7889944a61af3934cabf294daf4a3279dfc0ed6af0a138f4959ad4c81f
SHA512ecd619a37618ba11464a1b02a17eb84d1374251c47b270d40d973e032a329e8ece74ac7e9c62fd58c3a16be86f13631f90fe432beafa6e7917e8d8eb827a3c38
-
Filesize
1KB
MD5000a9e06538bbeb3b43f6d0d9d5b9f23
SHA155cb50fe8bccc84f01000b112f140799730b9e9c
SHA256bbcfe622c85e0cb6803ef9df3223a5b8767fa32cd60c5a2d7df96cafc188bbc4
SHA512304e98febc5d2ac4d11d42078cfeb20ea9262124e1543213aa22349b9cf0cadbc89014ee227a3700e46c6438c1c32d32f8dc9242d558351d79dcc6d517e462b6
-
Filesize
2KB
MD540d504490350c47a1897ac953204ce98
SHA184a785d9d5f5fdc3c16e7b1e8170a721854fd53f
SHA25690d13716b7689800c4387dff57e6bfd10e45286e8e5fcb411095214b7d490a6a
SHA512c5272f85688f9ddafb925754605a82379785e593eaad1deca0f4d5685831b5c1e1a62b4f592140a8fdbe1a95a6ebba05788b8494d64effce2ad8f5d4ef2df3bb
-
Filesize
1KB
MD542a0e6dddac7d56ee10b67c846d4962b
SHA1749fe1889454d780b84dbfcda6130352e4c2f15c
SHA25656a438caef8ae41ca77c858a6d8cd12d251f1ac21a5b8077f4992d9979944a62
SHA5128c8e52f9e18ef3edc58934352930d5f6576dec44d3c535523b80684e6e5481d5fb32f1b91f8705e79141907f70252c1efb44b023d87cd6517b113d43416a57e0
-
Filesize
253B
MD5bf131dc9de85e384c49144c9755e7557
SHA1f751351aa017cf9327551d85742ed416c67f7ce1
SHA256f6e56b1016221d260467417d62cf327b0d3e184e7ce885b26fcc5aa1eb9f0193
SHA5126558785ef74ca2163be07b7873f938ba115dc7d0bc5d0f67661f78ee674b8466dc4f5476ea4f6c9f544d0b8fc5dc56458fce77236a6fa3cf2e55b89f8f5f66c5
-
Filesize
72B
MD5f7bf107f2d1a5fa0482819ffe7c059a1
SHA1efd993eea3b0c81e3d26a92a683b0f2da7bac097
SHA256c14bb82d7304ea1b370ede79c2622c1611107c73e67b19c99e0700dd69b92d6c
SHA512229af81d470a4a7498d0ad4498f0c5f3856a26c30c0ef6a8b88e633cb81a74432c3257456b71b0ef787ec4fbc9cc3d3acfd5fd8a6a6063688b5342a32977d9bf
-
Filesize
192B
MD580cf4593acdc581b2dfb619a0552dedd
SHA130ceab7658c93bdfcc95a714ad5578bfdbc139a3
SHA25636e46a5c314ef017a2f9c752d0d0e07e16f660c78e611583bca5bcf4e40ecfad
SHA512e27a0f8f0efa975624eecaf6235de9c011c474474e4ac8c184797e1124ccd67ad13cdb1976979acd717664bf4165f9964cdfd2af148667b8d5b5f2dc6a26073e
-
Filesize
48B
MD5eeceac048e0e6019094eb8181cc78a72
SHA1d77f6dbc6d2d12e4086f234f4912b9363872008c
SHA25662179555ab1d84c71519cac94f6a6057f54b970515edddf85bd915be7f077ce9
SHA5122a17d166ba44bd2a24a29b39b76e84c2cac64eb810e22e4073c4b534d0e8d962c2672f8bb792878cb095faa266661df89a11bcc7735713cc3c2dab5d8c861a66
-
Filesize
23KB
MD592a31bb2eef25b497c0a4a9b6c4a074b
SHA1ef5c06b784a92796fae1736d45c211f2a8f483b9
SHA256be7f19299f0d62751bb3f738a0308f70e88d124744cacd649d556409b9795140
SHA5126bc162b37c253e7716db62f30c75fe0d0267493fe83ec905d433782603e69e63aac7d5960be0cef87223b100a6631ec478127815138b8e86f5bcd2f005ef167e
-
Filesize
462B
MD57c2c36d136f4eda8ab3ff7885a6d56a5
SHA1adc1005b896fc0ee8e013e85d57448dcd79a7732
SHA2569531e7e1fec34a3414a3422d0a3fb23f3c427bcf4b19c40cb9ae359f856bb1a9
SHA512a3fc8ffa767e1c237ebb83453ac5805cd17b25560b8f8ea1e4146a215ce6dafe1e70e83e39502d48d8fbb7d2a7b10034f90eb9e451bf2b3fc5d3407a59c40865
-
Filesize
50KB
MD51d0c2977f0e62ad3df570695c70ee2c3
SHA1344e6003901b850a1788162268f855fd183e6951
SHA256d3a8a7e7de224f0502a6d8002297774170fa235df33412cd43baf04001434436
SHA512d3da7919ee87601be19f10530d46e98d277cfc5948e5b77b425c258e2c1ca8faa3e2f4ec46d8b2466835557d95367827185049ba7b69121e877ad6ed586288a5
-
Filesize
50KB
MD546ec649fed3693ff1da955d51bd71123
SHA1885ee4d5caffc30246d464d6931c2fe851e60076
SHA25624c8c85b4dc7bf12f3d24f7b4be10508f7c0aec564d628f740199ce6b657fa86
SHA51243f459c9768d567e9bbd828f01c1fe7dde19c99c724f9b0def1d67e88d1939313426885f8374f1816fd293f7982b8f3428c6cf9950ef6d4c3c1027f40be6ce3d
-
Filesize
41KB
MD539dd8d215622c8d84162a97432f4aee4
SHA16081a48d62a80ca85085aea98aa5050c3ce01ca8
SHA256b0c7facb595f3a21ea2ebf1913386668869e4284808ae5ca126eed4e6ef52c2c
SHA51270571d26319d266e5788eb953b38fc46fcf46468bd086db7785684866462944ce57c660ee90c28b52e1a195c23834a1b60a66337add51b1ca8e69243840bae4f
-
Filesize
50KB
MD5598318093c8867805d6841222e342bf9
SHA10bde29a849e408f71f7f67b52f9ca1bd7870b13d
SHA2565f79bc33cd8fb2cc04870d6ba9013326b45a47ced4310bd18719c0fcc7731956
SHA5123768f1f9a0d599043211a9a9a1f85761e6b8cbffdd42c9168080f329069bef174f51e5da840b5b782aebff8b303e831f103e1fc616c3b830a9851fc897d39de3
-
Filesize
392B
MD5dad9b6270ee397e2b8e7d0ae3c8ca5b9
SHA19943d4a62443725801169a1279f933a0eaa1dccb
SHA2563dac1a7fcd1288106df7ffef656bf3cdb70f7a73cbf1a77f841ddd9a66f94717
SHA51284854fda1a345d2f8c3be23831ba6596ba561674c186542fc0545203e8564a1bd10065b59ae41200f6b952c15b0b0bf3511bbbf02fd2f72fc4f7880100ee74b0
-
Filesize
392B
MD5f8737d6abac49dab2bd61522f2694ea5
SHA19455454336f167fd2f89f67b2d6dc1d7bfde44b8
SHA256a0a7adf4759366fd70b5f2d18b35142586eae1ef0233ce2b65e4c262c39d1c4e
SHA512538e5f3ffd6cadb728680c0c9d86cfbac60df4479f414179b84dceda8f46bf474aef192786b38e2b993b94f016a00269df4f365e183d2a60c9426e3c0a16d4b7
-
Filesize
392B
MD5a94078c036215885f6a423d5ea64902e
SHA1d8e65734e2a31922e92e09c1ec49115a7e6bc384
SHA256293b72d07fdaea83f96098e245797cac6dd9cc4dc3d275fdf1a9c8a6da027810
SHA51274848bbbb7fc3d94d62dea2a64b8fd5286294f8cefc1105d1a09889a75b52bcba20a09873efe1e4c32d6b6f5f563671b61b706753a61c395f2904e78acea2ab6
-
Filesize
631KB
MD5094ca661fb20ae7e5c26df780e0f7ecd
SHA10cc79e2fdf43962d9597b7eec7b34c8983c3562c
SHA25676f100a3d96cddfbad67460eb0db1a8877a53c8a1881888b208011cd3a9d5726
SHA512088ca8996eb3bd02f5561b026a9e36755c915d19eb9ae768ee3949491059b1c7e34117b72828d843131df50456c6a162eb2cffe74fd38c273708cd4ac6fda53e
-
Filesize
55KB
MD57e37ab34ecdcc3e77e24522ddfd4852d
SHA138e2855e11e353cedf9a8a4f2f2747f1c5c07fcf
SHA25602ef73bd2458627ed7b397ec26ee2de2e92c71a0e7588f78734761d8edbdcd9f
SHA5121b037a2aa8bf951d2ffe2f724aa0b2fbb39c2173215806ba0327bda7b096301d887f9bb7db46f9e04584b16aa6b1aaeaf67f0ecf5f20eb02ceac27c8753ca587
-
Filesize
136KB
MD570108103a53123201ceb2e921fcfe83c
SHA1c71799a6a6d09ee758b04cdf90a4ab76fbd2a7e3
SHA2569c3f8df80193c085912c9950c58051ae77c321975784cc069ceacd4f57d5861d
SHA512996701c65eee7f781c2d22dce63f4a95900f36b97a99dcf833045bce239a08b3c2f6326b3a808431cdab92d59161dd80763e44126578e160d79b7095175d276b
-
Filesize
98B
MD52671b44933c49155e153242c601b1f65
SHA1bd248015ff65c1b6d07c773111013f107c98c048
SHA2568b93dcfe006da7c3fba43a9f8ae8bc4e7c77cbee15a95649c74da28667a60fe4
SHA5121195fcbd5e18c2dc9556f89b4542ed65950400272bafa0ace3420b85ef31727e63829ab4befa513d18095a2659bf234296130575fbde2522c757f541db3e4b51
-
Filesize
26B
MD5fbccf14d504b7b2dbcb5a5bda75bd93b
SHA1d59fc84cdd5217c6cf74785703655f78da6b582b
SHA256eacd09517ce90d34ba562171d15ac40d302f0e691b439f91be1b6406e25f5913
SHA512aa1d2b1ea3c9de3ccadb319d4e3e3276a2f27dd1a5244fe72de2b6f94083dddc762480482c5c2e53f803cd9e3973ddefc68966f974e124307b5043e654443b98
-
Filesize
1KB
MD5ee002cb9e51bb8dfa89640a406a1090a
SHA149ee3ad535947d8821ffdeb67ffc9bc37d1ebbb2
SHA2563dbd2c90050b652d63656481c3e5871c52261575292db77d4ea63419f187a55b
SHA512d1fdcc436b8ca8c68d4dc7077f84f803a535bf2ce31d9eb5d0c466b62d6567b2c59974995060403ed757e92245db07e70c6bddbf1c3519fed300cc5b9bf9177c
-
Filesize
85B
MD5c3419069a1c30140b77045aba38f12cf
SHA111920f0c1e55cadc7d2893d1eebb268b3459762a
SHA256db9a702209807ba039871e542e8356219f342a8d9c9ca34bcd9a86727f4a3a0f
SHA512c5e95a4e9f5919cb14f4127539c4353a55c5f68062bf6f95e1843b6690cebed3c93170badb2412b7fb9f109a620385b0ae74783227d6813f26ff8c29074758a1
-
Filesize
118B
MD5acb8ebb43624ece8dd7964092455d2b7
SHA17c61f04b419f927f98120afa18d8553513e2a0f6
SHA25655b2b1fd2a563b240179fde6335370f5e22068ada77b5dc5af50bbc379c72953
SHA5128e6c135aa19d6d21b32c6e9c0727ccf3df7e8dfcaf49e3f0ce55af9b53748188949746d69d17cdafd9d77511b1550d970289912a33b3d9c4daed8837762d91c3
-
Filesize
353KB
MD571b6a493388e7d0b40c83ce903bc6b04
SHA134f917aaba5684fbe56d3c57d48ef2a1aa7cf06d
SHA256027cc450ef5f8c5f653329641ec1fed91f694e0d229928963b30f6b0d7d3a745
SHA512072205eca5099d9269f358fe534b370ff21a4f12d7938d6d2e2713f69310f0698e53b8aff062849f0b2a521f68bee097c1840993825d2a5a3aa8cf4145911c6f
-
Filesize
1.9MB
-
Filesize
1.9MB
-
Filesize
1.9MB
-
Filesize
1.9MB
-
Filesize
1.9MB
-
Filesize
144KB
-
Filesize
144KB
-
Filesize
376KB
-
Filesize
376KB
-
Filesize
376KB
-
Filesize
376KB
-
Filesize
376KB