Analysis

  • max time kernel
    144s
  • max time network
    150s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20250313-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20250313-enlocale:en-usos:windows10-2004-x64system
  • submitted
    22/03/2025, 06:59 UTC

General

  • Target

    2025-03-22_8fa787e817cf01cfdb0b287de2ee39c9_amadey_teslacrypt.exe

  • Size

    251KB

  • MD5

    8fa787e817cf01cfdb0b287de2ee39c9

  • SHA1

    37f6f0b73983d7d61a5393ded3ffd3eec5f6f0b8

  • SHA256

    4dbd942433b4510cec4998e8447aef56c776753d6b23c3690e19fc6d573fc8af

  • SHA512

    5d6f734eb82254b303f81776dc161d4409597c986298ed0e95f0fe4752a16a0fb07d95823adeb6943fa7d11a801cbef53b1cf19168a3ce8af3cea86f12a3468e

  • SSDEEP

    3072:iLhtgSlZAeKoNhb64VzKRJWpLXOe/TYUAk/M2lH0+6m6MU0N/nr+rtnd9mTRpcr:qsxWp9TYUzX6Zm6MU0N6gXcr

Malware Config

Extracted

Path

C:\ebea8a0c5b7ebb8dc5b60da7\_ReCoVeRy_+jndgx.txt

Family

teslacrypt

Ransom Note
NOT YOUR LANGUAGE? USE https://translate.google.com What happened to your files ? All of your files were protected by a strong encryption with RSA4096 More information about the encryption keys using RSA4096 can be found here: http://en.wikipedia.org/wiki/RSA_(cryptosystem) How did this happen ? !!! Specially for your PC was generated personal RSA4096 Key , both public and private. !!! ALL YOUR FILES were encrypted with the public key, which has been transferred to your computer via the Internet. !!! Decrypting of your files is only possible with the help of the private key and decrypt program , which is on our Secret Server What do I do ? So , there are two ways you can choose: wait for a miracle and get your price doubled, or start obtaining BITCOIN NOW! , and restore your data easy way If You have really valuable data, you better not waste your time, because there is no other way to get your files, except make a payment For more specific instructions, please visit your personal home page, there are a few different addresses pointing to your page below: 1 - http://sondr5344ygfweyjbfkw4fhsefv.heliofetch.at/9FEFE98BC0BFB9AA 2 - http://gfkuwflbhsjdabnu4nfukerfqwlfwr4rw.ringbalor.com/9FEFE98BC0BFB9AA 3 - http://oehknf74ohqlfnpq9rhfgcq93g.hateflux.com/9FEFE98BC0BFB9AA If for some reasons the addresses are not available, follow these steps: 1 - Download and install tor-browser: http://www.torproject.org/projects/torbrowser.html.en 2 - After a successful installation, run the browser 3 - Type in the address bar: xlowfznrg4wf7dli.onion/9FEFE98BC0BFB9AA 4 - Follow the instructions on the site IMPORTANT INFORMATION Your personal pages http://sondr5344ygfweyjbfkw4fhsefv.heliofetch.at/9FEFE98BC0BFB9AA http://gfkuwflbhsjdabnu4nfukerfqwlfwr4rw.ringbalor.com/9FEFE98BC0BFB9AA http://oehknf74ohqlfnpq9rhfgcq93g.hateflux.com/9FEFE98BC0BFB9AA Your personal page Tor-Browser xlowfznrg4wf7dli.ONION/9FEFE98BC0BFB9AA
URLs

http://sondr5344ygfweyjbfkw4fhsefv.heliofetch.at/9FEFE98BC0BFB9AA

http://gfkuwflbhsjdabnu4nfukerfqwlfwr4rw.ringbalor.com/9FEFE98BC0BFB9AA

http://oehknf74ohqlfnpq9rhfgcq93g.hateflux.com/9FEFE98BC0BFB9AA

http://xlowfznrg4wf7dli.ONION/9FEFE98BC0BFB9AA

Signatures

  • TeslaCrypt, AlphaCrypt

    Ransomware based on CryptoLocker. Shut down by the developers in 2016.

  • Teslacrypt family
  • Deletes shadow copies 3 TTPs

    Ransomware often targets backup files to inhibit system recovery.

  • Renames multiple (887) files with added filename extension

    This suggests ransomware activity of encrypting all the files on the system.

  • Checks computer location settings 2 TTPs 2 IoCs

    Looks up country code configured in the registry, likely geofence.

  • Drops startup file 6 IoCs
  • Executes dropped EXE 1 IoCs
  • Reads user/profile data of web browsers 3 TTPs

    Infostealers often target stored browser data, which can include saved credentials etc.

  • Adds Run key to start application 2 TTPs 1 IoCs
  • Indicator Removal: File Deletion 1 TTPs

    Adversaries may delete files left behind by the actions of their intrusion activity.

  • Drops file in Program Files directory 64 IoCs
  • Drops file in Windows directory 2 IoCs
  • Browser Information Discovery 1 TTPs

    Enumerate browser information.

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • System Location Discovery: System Language Discovery 1 TTPs 5 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

  • Checks processor information in registry 2 TTPs 2 IoCs

    Processor information is often read in order to detect sandboxing environments.

  • Enumerates system info in registry 2 TTPs 3 IoCs
  • Modifies data under HKEY_USERS 2 IoCs
  • Modifies registry class 3 IoCs
  • Opens file in notepad (likely ransom note) 1 IoCs
  • Suspicious behavior: EnumeratesProcesses 64 IoCs
  • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 3 IoCs
  • Suspicious use of AdjustPrivilegeToken 64 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of WriteProcessMemory 64 IoCs
  • System policy modification 1 TTPs 2 IoCs
  • Uses Volume Shadow Copy service COM API

    The Volume Shadow Copy service is used to manage backups/snapshots.

Processes

  • C:\Users\Admin\AppData\Local\Temp\2025-03-22_8fa787e817cf01cfdb0b287de2ee39c9_amadey_teslacrypt.exe
    "C:\Users\Admin\AppData\Local\Temp\2025-03-22_8fa787e817cf01cfdb0b287de2ee39c9_amadey_teslacrypt.exe"
    1⤵
    • Checks computer location settings
    • Drops file in Windows directory
    • System Location Discovery: System Language Discovery
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of WriteProcessMemory
    PID:3268
    • C:\Windows\xdpxegnijily.exe
      C:\Windows\xdpxegnijily.exe
      2⤵
      • Checks computer location settings
      • Drops startup file
      • Executes dropped EXE
      • Adds Run key to start application
      • Drops file in Program Files directory
      • System Location Discovery: System Language Discovery
      • Modifies registry class
      • Suspicious behavior: EnumeratesProcesses
      • Suspicious use of AdjustPrivilegeToken
      • Suspicious use of WriteProcessMemory
      • System policy modification
      PID:3120
      • C:\Windows\System32\wbem\WMIC.exe
        "C:\Windows\System32\wbem\WMIC.exe" shadowcopy delete /nointeractive
        3⤵
        • Suspicious use of AdjustPrivilegeToken
        PID:2892
      • C:\Windows\SysWOW64\NOTEPAD.EXE
        "C:\Windows\system32\NOTEPAD.EXE" C:\Users\Admin\Desktop\_ReCoVeRy_.TXT
        3⤵
        • System Location Discovery: System Language Discovery
        • Opens file in notepad (likely ransom note)
        PID:4220
      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\Desktop\_ReCoVeRy_.HTM
        3⤵
        • Checks processor information in registry
        • Enumerates system info in registry
        • Modifies data under HKEY_USERS
        • Modifies registry class
        • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
        • Suspicious use of FindShellTrayWindow
        • Suspicious use of WriteProcessMemory
        PID:5044
        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=133.0.6943.99 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 --annotation=prod=Edge --annotation=ver=133.0.3065.69 --initial-client-data=0x2c8,0x2cc,0x2d0,0x2c4,0x338,0x7ffdece6f208,0x7ffdece6f214,0x7ffdece6f220
          4⤵
            PID:448
          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --string-annotations --always-read-main-dll --field-trial-handle=1720,i,13525470731441489335,9416220373873421158,262144 --variations-seed-version --mojo-platform-channel-handle=2564 /prefetch:3
            4⤵
              PID:4416
            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --string-annotations --gpu-preferences=UAAAAAAAAADgAAAEAAAAAAAAAAAAAAAAAABgAAEAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAEAAAAAAAAAAIAAAAAAAAAAgAAAAAAAAA --always-read-main-dll --field-trial-handle=1580,i,13525470731441489335,9416220373873421158,262144 --variations-seed-version --mojo-platform-channel-handle=2492 /prefetch:2
              4⤵
                PID:224
              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --string-annotations --always-read-main-dll --field-trial-handle=1384,i,13525470731441489335,9416220373873421158,262144 --variations-seed-version --mojo-platform-channel-handle=2572 /prefetch:8
                4⤵
                  PID:3880
                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --always-read-main-dll --field-trial-handle=3476,i,13525470731441489335,9416220373873421158,262144 --variations-seed-version --mojo-platform-channel-handle=3548 /prefetch:1
                  4⤵
                    PID:2808
                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --always-read-main-dll --field-trial-handle=3484,i,13525470731441489335,9416220373873421158,262144 --variations-seed-version --mojo-platform-channel-handle=3552 /prefetch:1
                    4⤵
                      PID:5260
                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=PooledProcess2 --lang=en-US --service-sandbox-type=utility --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5008,i,13525470731441489335,9416220373873421158,262144 --variations-seed-version --mojo-platform-channel-handle=4996 /prefetch:8
                      4⤵
                        PID:5048
                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5004,i,13525470731441489335,9416220373873421158,262144 --variations-seed-version --mojo-platform-channel-handle=5012 /prefetch:8
                        4⤵
                          PID:3660
                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=entity_extraction_service.mojom.Extractor --lang=en-US --service-sandbox-type=entity_extraction --onnx-enabled-for-ee --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4288,i,13525470731441489335,9416220373873421158,262144 --variations-seed-version --mojo-platform-channel-handle=5104 /prefetch:8
                          4⤵
                            PID:5784
                          • C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe
                            "C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5676,i,13525470731441489335,9416220373873421158,262144 --variations-seed-version --mojo-platform-channel-handle=5744 /prefetch:8
                            4⤵
                              PID:2252
                            • C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe
                              "C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5676,i,13525470731441489335,9416220373873421158,262144 --variations-seed-version --mojo-platform-channel-handle=5744 /prefetch:8
                              4⤵
                                PID:4496
                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5892,i,13525470731441489335,9416220373873421158,262144 --variations-seed-version --mojo-platform-channel-handle=5828 /prefetch:8
                                4⤵
                                  PID:4560
                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=PooledProcess2 --lang=en-US --service-sandbox-type=utility --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6004,i,13525470731441489335,9416220373873421158,262144 --variations-seed-version --mojo-platform-channel-handle=5952 /prefetch:8
                                  4⤵
                                    PID:2036
                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6152,i,13525470731441489335,9416220373873421158,262144 --variations-seed-version --mojo-platform-channel-handle=6176 /prefetch:8
                                    4⤵
                                      PID:5544
                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=PooledProcess2 --lang=en-US --service-sandbox-type=utility --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6156,i,13525470731441489335,9416220373873421158,262144 --variations-seed-version --mojo-platform-channel-handle=6168 /prefetch:8
                                      4⤵
                                        PID:928
                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5824,i,13525470731441489335,9416220373873421158,262144 --variations-seed-version --mojo-platform-channel-handle=5804 /prefetch:8
                                        4⤵
                                          PID:5132
                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6268,i,13525470731441489335,9416220373873421158,262144 --variations-seed-version --mojo-platform-channel-handle=6296 /prefetch:8
                                          4⤵
                                            PID:2056
                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6308,i,13525470731441489335,9416220373873421158,262144 --variations-seed-version --mojo-platform-channel-handle=6196 /prefetch:8
                                            4⤵
                                              PID:1048
                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_search_indexer.mojom.SearchIndexerInterfaceBroker --lang=en-US --service-sandbox-type=search_indexer --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5048,i,13525470731441489335,9416220373873421158,262144 --variations-seed-version --mojo-platform-channel-handle=5012 /prefetch:8
                                              4⤵
                                                PID:1104
                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=2340,i,13525470731441489335,9416220373873421158,262144 --variations-seed-version --mojo-platform-channel-handle=5688 /prefetch:8
                                                4⤵
                                                  PID:1896
                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5640,i,13525470731441489335,9416220373873421158,262144 --variations-seed-version --mojo-platform-channel-handle=5104 /prefetch:8
                                                  4⤵
                                                    PID:5224
                                                • C:\Windows\System32\wbem\WMIC.exe
                                                  "C:\Windows\System32\wbem\WMIC.exe" shadowcopy delete /nointeractive
                                                  3⤵
                                                  • Suspicious use of AdjustPrivilegeToken
                                                  PID:4392
                                                • C:\Windows\SysWOW64\cmd.exe
                                                  "C:\Windows\system32\cmd.exe" /c DEL C:\Windows\XDPXEG~1.EXE
                                                  3⤵
                                                  • System Location Discovery: System Language Discovery
                                                  PID:1848
                                              • C:\Windows\SysWOW64\cmd.exe
                                                "C:\Windows\system32\cmd.exe" /c DEL C:\Users\Admin\AppData\Local\Temp\2025-0~1.EXE
                                                2⤵
                                                • System Location Discovery: System Language Discovery
                                                PID:4220
                                            • C:\Windows\system32\vssvc.exe
                                              C:\Windows\system32\vssvc.exe
                                              1⤵
                                              • Suspicious use of AdjustPrivilegeToken
                                              PID:4832
                                            • C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\elevation_service.exe
                                              "C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\elevation_service.exe"
                                              1⤵
                                                PID:6104

                                              Network

                                              • flag-us
                                                DNS
                                                g.bing.com
                                                Remote address:
                                                8.8.8.8:53
                                                Request
                                                g.bing.com
                                                IN A
                                                Response
                                                g.bing.com
                                                IN CNAME
                                                g-bing-com.ax-0001.ax-msedge.net
                                                g-bing-com.ax-0001.ax-msedge.net
                                                IN CNAME
                                                ax-0001.ax-msedge.net
                                                ax-0001.ax-msedge.net
                                                IN A
                                                150.171.27.10
                                                ax-0001.ax-msedge.net
                                                IN A
                                                150.171.28.10
                                              • flag-us
                                                GET
                                                https://g.bing.com/neg/0?action=emptycreativeimpression&adUnitId=11730597&publisherId=251978541&rid=14807ccca04d4a68b42c21ec8bb4289e&localId=w:BDEEEA66-9FF9-032D-B4CB-199BE88F3227&deviceId=6896216899373042&anid=
                                                Remote address:
                                                150.171.27.10:443
                                                Request
                                                GET /neg/0?action=emptycreativeimpression&adUnitId=11730597&publisherId=251978541&rid=14807ccca04d4a68b42c21ec8bb4289e&localId=w:BDEEEA66-9FF9-032D-B4CB-199BE88F3227&deviceId=6896216899373042&anid= HTTP/2.0
                                                host: g.bing.com
                                                accept-encoding: gzip, deflate
                                                user-agent: WindowsShellClient/9.0.40929.0 (Windows)
                                                Response
                                                HTTP/2.0 204
                                                cache-control: no-cache, must-revalidate
                                                pragma: no-cache
                                                expires: Fri, 01 Jan 1990 00:00:00 GMT
                                                set-cookie: MUID=1BDD843826D36FC1073D918F27F46E0F; domain=.bing.com; expires=Thu, 16-Apr-2026 07:00:00 GMT; path=/; SameSite=None; Secure; Priority=High;
                                                strict-transport-security: max-age=31536000; includeSubDomains; preload
                                                access-control-allow-origin: *
                                                x-cache: CONFIG_NOCACHE
                                                accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
                                                x-msedge-ref: Ref A: 94B09BD4D1CA4AD6BD07C931C762F5FF Ref B: LON04EDGE0609 Ref C: 2025-03-22T07:00:00Z
                                                date: Sat, 22 Mar 2025 06:59:59 GMT
                                              • flag-us
                                                GET
                                                https://g.bing.com/neg/0?action=emptycreative&adUnitId=11730597&publisherId=251978541&rid=14807ccca04d4a68b42c21ec8bb4289e&localId=w:BDEEEA66-9FF9-032D-B4CB-199BE88F3227&deviceId=6896216899373042&anid=
                                                Remote address:
                                                150.171.27.10:443
                                                Request
                                                GET /neg/0?action=emptycreative&adUnitId=11730597&publisherId=251978541&rid=14807ccca04d4a68b42c21ec8bb4289e&localId=w:BDEEEA66-9FF9-032D-B4CB-199BE88F3227&deviceId=6896216899373042&anid= HTTP/2.0
                                                host: g.bing.com
                                                accept-encoding: gzip, deflate
                                                user-agent: WindowsShellClient/9.0.40929.0 (Windows)
                                                cookie: MUID=1BDD843826D36FC1073D918F27F46E0F
                                                Response
                                                HTTP/2.0 204
                                                cache-control: no-cache, must-revalidate
                                                pragma: no-cache
                                                expires: Fri, 01 Jan 1990 00:00:00 GMT
                                                set-cookie: MSPTC=FFLYZYpnlAEWpP8tRZEYs9pXfQ8wMXc2EyK1P5GEhJo; domain=.bing.com; expires=Thu, 16-Apr-2026 07:00:00 GMT; path=/; Partitioned; secure; SameSite=None
                                                strict-transport-security: max-age=31536000; includeSubDomains; preload
                                                access-control-allow-origin: *
                                                x-cache: CONFIG_NOCACHE
                                                accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
                                                x-msedge-ref: Ref A: 90AE6211381D41D9A82A4E54BAC21F45 Ref B: LON04EDGE0609 Ref C: 2025-03-22T07:00:00Z
                                                date: Sat, 22 Mar 2025 07:00:00 GMT
                                              • flag-us
                                                GET
                                                https://g.bing.com/neg/0?action=emptycreativeimpression&adUnitId=11730597&publisherId=251978541&rid=14807ccca04d4a68b42c21ec8bb4289e&localId=w:BDEEEA66-9FF9-032D-B4CB-199BE88F3227&deviceId=6896216899373042&anid=
                                                Remote address:
                                                150.171.27.10:443
                                                Request
                                                GET /neg/0?action=emptycreativeimpression&adUnitId=11730597&publisherId=251978541&rid=14807ccca04d4a68b42c21ec8bb4289e&localId=w:BDEEEA66-9FF9-032D-B4CB-199BE88F3227&deviceId=6896216899373042&anid= HTTP/2.0
                                                host: g.bing.com
                                                accept-encoding: gzip, deflate
                                                user-agent: WindowsShellClient/9.0.40929.0 (Windows)
                                                cookie: MUID=1BDD843826D36FC1073D918F27F46E0F; MSPTC=FFLYZYpnlAEWpP8tRZEYs9pXfQ8wMXc2EyK1P5GEhJo
                                                Response
                                                HTTP/2.0 204
                                                cache-control: no-cache, must-revalidate
                                                pragma: no-cache
                                                expires: Fri, 01 Jan 1990 00:00:00 GMT
                                                strict-transport-security: max-age=31536000; includeSubDomains; preload
                                                access-control-allow-origin: *
                                                x-cache: CONFIG_NOCACHE
                                                accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
                                                x-msedge-ref: Ref A: 8D6B7B4B80DB44EAB7B605A94B847997 Ref B: LON04EDGE0609 Ref C: 2025-03-22T07:00:00Z
                                                date: Sat, 22 Mar 2025 07:00:00 GMT
                                              • flag-us
                                                DNS
                                                conspec.us
                                                xdpxegnijily.exe
                                                Remote address:
                                                8.8.8.8:53
                                                Request
                                                conspec.us
                                                IN A
                                                Response
                                                conspec.us
                                                IN A
                                                15.197.225.128
                                                conspec.us
                                                IN A
                                                3.33.251.168
                                              • flag-us
                                                POST
                                                http://conspec.us/wp-content/plugins/nextgen-galleryOLD/products/photocrati_nextgen/modules/i18n/wstr.php
                                                xdpxegnijily.exe
                                                Remote address:
                                                15.197.225.128:80
                                                Request
                                                POST /wp-content/plugins/nextgen-galleryOLD/products/photocrati_nextgen/modules/i18n/wstr.php HTTP/1.1
                                                Content-Type: application/x-www-form-urlencoded
                                                User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; Trident/7.0; Touch; rv:11.0) like Gecko
                                                Host: conspec.us
                                                Content-Length: 645
                                                Cache-Control: no-cache
                                                Response
                                                HTTP/1.1 405 Not Allowed
                                                Server: awselb/2.0
                                                Date: Sat, 22 Mar 2025 07:00:00 GMT
                                                Content-Length: 0
                                                Connection: keep-alive
                                                WAFRule: 0
                                              • flag-us
                                                POST
                                                http://conspec.us/wp-content/plugins/nextgen-galleryOLD/products/photocrati_nextgen/modules/i18n/wstr.php
                                                xdpxegnijily.exe
                                                Remote address:
                                                15.197.225.128:80
                                                Request
                                                POST /wp-content/plugins/nextgen-galleryOLD/products/photocrati_nextgen/modules/i18n/wstr.php HTTP/1.1
                                                Content-Type: application/x-www-form-urlencoded
                                                User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; Trident/7.0; Touch; rv:11.0) like Gecko
                                                Host: conspec.us
                                                Content-Length: 645
                                                Cache-Control: no-cache
                                                Response
                                                HTTP/1.1 405 Not Allowed
                                                Server: awselb/2.0
                                                Date: Sat, 22 Mar 2025 07:00:54 GMT
                                                Content-Length: 0
                                                Connection: keep-alive
                                                WAFRule: 0
                                              • flag-us
                                                DNS
                                                tmfilms.net
                                                xdpxegnijily.exe
                                                Remote address:
                                                8.8.8.8:53
                                                Request
                                                tmfilms.net
                                                IN A
                                                Response
                                                tmfilms.net
                                                IN A
                                                103.224.182.215
                                              • flag-us
                                                POST
                                                http://tmfilms.net/wp-content/plugins/binary.php
                                                xdpxegnijily.exe
                                                Remote address:
                                                103.224.182.215:80
                                                Request
                                                POST /wp-content/plugins/binary.php HTTP/1.1
                                                Content-Type: application/x-www-form-urlencoded
                                                User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; Trident/7.0; Touch; rv:11.0) like Gecko
                                                Host: tmfilms.net
                                                Content-Length: 645
                                                Cache-Control: no-cache
                                                Response
                                                HTTP/1.1 302 Found
                                                date: Sat, 22 Mar 2025 07:00:01 GMT
                                                server: Apache
                                                set-cookie: __tad=1742626801.8235917; expires=Tue, 20-Mar-2035 07:00:01 GMT; Max-Age=315360000
                                                location: http://ww25.tmfilms.net/wp-content/plugins/binary.php?subid1=20250322-1800-0119-881b-9170b7a8b1ae
                                                content-length: 2
                                                content-type: text/html; charset=UTF-8
                                                connection: close
                                              • flag-us
                                                DNS
                                                ww25.tmfilms.net
                                                xdpxegnijily.exe
                                                Remote address:
                                                8.8.8.8:53
                                                Request
                                                ww25.tmfilms.net
                                                IN A
                                                Response
                                                ww25.tmfilms.net
                                                IN CNAME
                                                77026.bodis.com
                                                77026.bodis.com
                                                IN A
                                                199.59.243.228
                                              • flag-us
                                                GET
                                                http://ww25.tmfilms.net/wp-content/plugins/binary.php?subid1=20250322-1800-0119-881b-9170b7a8b1ae
                                                xdpxegnijily.exe
                                                Remote address:
                                                199.59.243.228:80
                                                Request
                                                GET /wp-content/plugins/binary.php?subid1=20250322-1800-0119-881b-9170b7a8b1ae HTTP/1.1
                                                User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; Trident/7.0; Touch; rv:11.0) like Gecko
                                                Cache-Control: no-cache
                                                Host: ww25.tmfilms.net
                                                Connection: Keep-Alive
                                                Cookie: __tad=1742626801.8235917
                                                Response
                                                HTTP/1.1 200 OK
                                                date: Sat, 22 Mar 2025 07:00:00 GMT
                                                content-type: text/html; charset=utf-8
                                                content-length: 1210
                                                x-request-id: 8c36f730-9e0f-489c-a07e-8623d81102db
                                                cache-control: no-store, max-age=0
                                                accept-ch: sec-ch-prefers-color-scheme
                                                critical-ch: sec-ch-prefers-color-scheme
                                                vary: sec-ch-prefers-color-scheme
                                                x-adblock-key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANDrp2lz7AOmADaN8tA50LsWcjLFyQFcb/P2Txc58oYOeILb3vBw7J6f4pamkAQVSQuqYsKx3YzdUHCvbVZvFUsCAwEAAQ==_IBMbT3puqM1NZj4mGvuxFDocNNYDaf5z1LtcfUpRA1JMS18+PpCh0i8NdcAnLioVqZ5eDw1LmZBhpvi0lpvzZw==
                                                set-cookie: parking_session=8c36f730-9e0f-489c-a07e-8623d81102db; expires=Sat, 22 Mar 2025 07:15:01 GMT; path=/
                                              • flag-us
                                                DNS
                                                iqinternal.com
                                                xdpxegnijily.exe
                                                Remote address:
                                                8.8.8.8:53
                                                Request
                                                iqinternal.com
                                                IN A
                                                Response
                                              • flag-us
                                                DNS
                                                goktugyeli.com
                                                xdpxegnijily.exe
                                                Remote address:
                                                8.8.8.8:53
                                                Request
                                                goktugyeli.com
                                                IN A
                                                Response
                                              • flag-us
                                                DNS
                                                saludaonline.com
                                                xdpxegnijily.exe
                                                Remote address:
                                                8.8.8.8:53
                                                Request
                                                saludaonline.com
                                                IN A
                                                Response
                                              • flag-us
                                                DNS
                                                newculturemediablog.com
                                                xdpxegnijily.exe
                                                Remote address:
                                                8.8.8.8:53
                                                Request
                                                newculturemediablog.com
                                                IN A
                                                Response
                                              • flag-us
                                                DNS
                                                tse1.mm.bing.net
                                                Remote address:
                                                8.8.8.8:53
                                                Request
                                                tse1.mm.bing.net
                                                IN A
                                                Response
                                                tse1.mm.bing.net
                                                IN CNAME
                                                mm-mm.bing.net.trafficmanager.net
                                                mm-mm.bing.net.trafficmanager.net
                                                IN CNAME
                                                ax-0001.ax-msedge.net
                                                ax-0001.ax-msedge.net
                                                IN A
                                                150.171.28.10
                                                ax-0001.ax-msedge.net
                                                IN A
                                                150.171.27.10
                                              • flag-us
                                                GET
                                                https://tse1.mm.bing.net/th?id=OADD2.10239356742545_1KNYU9T4JPR3SHFV1&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90
                                                Remote address:
                                                150.171.28.10:443
                                                Request
                                                GET /th?id=OADD2.10239356742545_1KNYU9T4JPR3SHFV1&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90 HTTP/2.0
                                                host: tse1.mm.bing.net
                                                accept: */*
                                                accept-encoding: gzip, deflate, br
                                                user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
                                                Response
                                                HTTP/2.0 200
                                                cache-control: public, max-age=2592000
                                                content-length: 664785
                                                content-type: image/jpeg
                                                x-cache: TCP_HIT
                                                access-control-allow-origin: *
                                                access-control-allow-headers: *
                                                access-control-allow-methods: GET, POST, OPTIONS
                                                timing-allow-origin: *
                                                report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
                                                nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
                                                accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
                                                x-msedge-ref: Ref A: DD5C87FB19704423A41583DE5135011D Ref B: LON04EDGE0918 Ref C: 2025-03-22T07:00:35Z
                                                date: Sat, 22 Mar 2025 07:00:35 GMT
                                              • flag-us
                                                GET
                                                https://tse1.mm.bing.net/th?id=OADD2.10239340418535_1J3FI1BHYFKNLDX7C&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90
                                                Remote address:
                                                150.171.28.10:443
                                                Request
                                                GET /th?id=OADD2.10239340418535_1J3FI1BHYFKNLDX7C&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90 HTTP/2.0
                                                host: tse1.mm.bing.net
                                                accept: */*
                                                accept-encoding: gzip, deflate, br
                                                user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
                                                Response
                                                HTTP/2.0 200
                                                cache-control: public, max-age=2592000
                                                content-length: 663266
                                                content-type: image/jpeg
                                                x-cache: TCP_HIT
                                                access-control-allow-origin: *
                                                access-control-allow-headers: *
                                                access-control-allow-methods: GET, POST, OPTIONS
                                                timing-allow-origin: *
                                                report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
                                                nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
                                                accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
                                                x-msedge-ref: Ref A: BAAA42A36D3E452A98CE8DFAE24E9FDF Ref B: LON04EDGE0918 Ref C: 2025-03-22T07:00:35Z
                                                date: Sat, 22 Mar 2025 07:00:35 GMT
                                              • flag-us
                                                GET
                                                https://tse1.mm.bing.net/th?id=OADD2.10239360607351_1LWNG3EPOKCB0ST8C&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90
                                                Remote address:
                                                150.171.28.10:443
                                                Request
                                                GET /th?id=OADD2.10239360607351_1LWNG3EPOKCB0ST8C&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90 HTTP/2.0
                                                host: tse1.mm.bing.net
                                                accept: */*
                                                accept-encoding: gzip, deflate, br
                                                user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
                                                Response
                                                HTTP/2.0 200
                                                cache-control: public, max-age=2592000
                                                content-length: 675918
                                                content-type: image/jpeg
                                                x-cache: TCP_HIT
                                                access-control-allow-origin: *
                                                access-control-allow-headers: *
                                                access-control-allow-methods: GET, POST, OPTIONS
                                                timing-allow-origin: *
                                                report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
                                                nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
                                                accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
                                                x-msedge-ref: Ref A: 455DBD5873F3464394D5DE31F70F2DB0 Ref B: LON04EDGE0918 Ref C: 2025-03-22T07:00:35Z
                                                date: Sat, 22 Mar 2025 07:00:35 GMT
                                              • flag-us
                                                GET
                                                https://tse1.mm.bing.net/th?id=OADD2.10239360607350_1DIIHMLKOJP4KM45O&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90
                                                Remote address:
                                                150.171.28.10:443
                                                Request
                                                GET /th?id=OADD2.10239360607350_1DIIHMLKOJP4KM45O&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90 HTTP/2.0
                                                host: tse1.mm.bing.net
                                                accept: */*
                                                accept-encoding: gzip, deflate, br
                                                user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
                                                Response
                                                HTTP/2.0 200
                                                cache-control: public, max-age=2592000
                                                content-length: 248362
                                                content-type: image/jpeg
                                                x-cache: TCP_HIT
                                                access-control-allow-origin: *
                                                access-control-allow-headers: *
                                                access-control-allow-methods: GET, POST, OPTIONS
                                                timing-allow-origin: *
                                                report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
                                                nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
                                                accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
                                                x-msedge-ref: Ref A: 8F507F5B5BAF47FF80E8E04AA4F9FD6F Ref B: LON04EDGE0918 Ref C: 2025-03-22T07:00:35Z
                                                date: Sat, 22 Mar 2025 07:00:35 GMT
                                              • flag-us
                                                GET
                                                https://tse1.mm.bing.net/th?id=OADD2.10239356744296_15VBZP2MRT6FYDL3E&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90
                                                Remote address:
                                                150.171.28.10:443
                                                Request
                                                GET /th?id=OADD2.10239356744296_15VBZP2MRT6FYDL3E&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90 HTTP/2.0
                                                host: tse1.mm.bing.net
                                                accept: */*
                                                accept-encoding: gzip, deflate, br
                                                user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
                                                Response
                                                HTTP/2.0 200
                                                cache-control: public, max-age=2592000
                                                content-length: 542449
                                                content-type: image/jpeg
                                                x-cache: TCP_HIT
                                                access-control-allow-origin: *
                                                access-control-allow-headers: *
                                                access-control-allow-methods: GET, POST, OPTIONS
                                                timing-allow-origin: *
                                                report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
                                                nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
                                                accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
                                                x-msedge-ref: Ref A: C26CE8E7687648B099A5FED0D009CFF9 Ref B: LON04EDGE0918 Ref C: 2025-03-22T07:00:35Z
                                                date: Sat, 22 Mar 2025 07:00:35 GMT
                                              • flag-us
                                                GET
                                                https://tse1.mm.bing.net/th?id=OADD2.10239340418536_1RXQC5FWNJZBHVB3M&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90
                                                Remote address:
                                                150.171.28.10:443
                                                Request
                                                GET /th?id=OADD2.10239340418536_1RXQC5FWNJZBHVB3M&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90 HTTP/2.0
                                                host: tse1.mm.bing.net
                                                accept: */*
                                                accept-encoding: gzip, deflate, br
                                                user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
                                                Response
                                                HTTP/2.0 200
                                                cache-control: public, max-age=2592000
                                                content-length: 383560
                                                content-type: image/jpeg
                                                x-cache: TCP_HIT
                                                access-control-allow-origin: *
                                                access-control-allow-headers: *
                                                access-control-allow-methods: GET, POST, OPTIONS
                                                timing-allow-origin: *
                                                report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
                                                nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
                                                accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
                                                x-msedge-ref: Ref A: 95A5D8F8329C4F9087A5CFD61FAB91F5 Ref B: LON04EDGE0918 Ref C: 2025-03-22T07:00:36Z
                                                date: Sat, 22 Mar 2025 07:00:35 GMT
                                              • flag-us
                                                POST
                                                http://tmfilms.net/wp-content/plugins/binary.php
                                                xdpxegnijily.exe
                                                Remote address:
                                                103.224.182.215:80
                                                Request
                                                POST /wp-content/plugins/binary.php HTTP/1.1
                                                Content-Type: application/x-www-form-urlencoded
                                                User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; Trident/7.0; Touch; rv:11.0) like Gecko
                                                Host: tmfilms.net
                                                Content-Length: 645
                                                Cache-Control: no-cache
                                                Cookie: __tad=1742626801.8235917
                                                Response
                                                HTTP/1.1 302 Found
                                                date: Sat, 22 Mar 2025 07:00:54 GMT
                                                server: Apache
                                                location: http://ww25.tmfilms.net/wp-content/plugins/binary.php?subid1=20250322-1800-54a4-93b8-db3432342c53
                                                content-length: 2
                                                content-type: text/html; charset=UTF-8
                                                connection: close
                                              • flag-us
                                                GET
                                                http://ww25.tmfilms.net/wp-content/plugins/binary.php?subid1=20250322-1800-54a4-93b8-db3432342c53
                                                xdpxegnijily.exe
                                                Remote address:
                                                199.59.243.228:80
                                                Request
                                                GET /wp-content/plugins/binary.php?subid1=20250322-1800-54a4-93b8-db3432342c53 HTTP/1.1
                                                User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; Trident/7.0; Touch; rv:11.0) like Gecko
                                                Cache-Control: no-cache
                                                Host: ww25.tmfilms.net
                                                Connection: Keep-Alive
                                                Cookie: __tad=1742626801.8235917; parking_session=8c36f730-9e0f-489c-a07e-8623d81102db
                                                Response
                                                HTTP/1.1 200 OK
                                                date: Sat, 22 Mar 2025 07:00:54 GMT
                                                content-type: text/html; charset=utf-8
                                                content-length: 1210
                                                x-request-id: 07dd635d-042b-453c-b84f-e81fc2a69345
                                                cache-control: no-store, max-age=0
                                                accept-ch: sec-ch-prefers-color-scheme
                                                critical-ch: sec-ch-prefers-color-scheme
                                                vary: sec-ch-prefers-color-scheme
                                                x-adblock-key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANDrp2lz7AOmADaN8tA50LsWcjLFyQFcb/P2Txc58oYOeILb3vBw7J6f4pamkAQVSQuqYsKx3YzdUHCvbVZvFUsCAwEAAQ==_gKUu6Uxb92Ou8aEL8LgRr+Emxdpmz05t8mlsjbHQH2Uo7/hpmD6Iu7DUvCrB+EYYz2Tajyn5+C3Pj4o4Pnm4HA==
                                                set-cookie: parking_session=8c36f730-9e0f-489c-a07e-8623d81102db; expires=Sat, 22 Mar 2025 07:15:54 GMT
                                              • flag-us
                                                DNS
                                                edge.microsoft.com
                                                msedge.exe
                                                Remote address:
                                                8.8.8.8:53
                                                Request
                                                edge.microsoft.com
                                                IN A
                                                Response
                                                edge.microsoft.com
                                                IN CNAME
                                                edge-domain.trafficmanager.net
                                                edge-domain.trafficmanager.net
                                                IN CNAME
                                                edge-microsoft-com.dual-a-0036.a-msedge.net
                                                edge-microsoft-com.dual-a-0036.a-msedge.net
                                                IN CNAME
                                                dual-a-0036.a-msedge.net
                                                dual-a-0036.a-msedge.net
                                                IN A
                                                204.79.197.239
                                                dual-a-0036.a-msedge.net
                                                IN A
                                                13.107.21.239
                                              • flag-us
                                                DNS
                                                edge.microsoft.com
                                                msedge.exe
                                                Remote address:
                                                8.8.8.8:53
                                                Request
                                                edge.microsoft.com
                                                IN Unknown
                                                Response
                                                edge.microsoft.com
                                                IN CNAME
                                                edge-domain.trafficmanager.net
                                                edge-domain.trafficmanager.net
                                                IN CNAME
                                                edge-microsoft-com.dual-a-0036.a-msedge.net
                                              • flag-us
                                                DNS
                                                iqinternal.com
                                                xdpxegnijily.exe
                                                Remote address:
                                                8.8.8.8:53
                                                Request
                                                iqinternal.com
                                                IN A
                                                Response
                                              • flag-us
                                                DNS
                                                edge.microsoft.com
                                                msedge.exe
                                                Remote address:
                                                8.8.8.8:53
                                                Request
                                                edge.microsoft.com
                                                IN A
                                                Response
                                                edge.microsoft.com
                                                IN CNAME
                                                edge-domain.trafficmanager.net
                                                edge-domain.trafficmanager.net
                                                IN CNAME
                                                edge-microsoft-com.ax-0002.ax-msedge.net
                                                edge-microsoft-com.ax-0002.ax-msedge.net
                                                IN CNAME
                                                ax-0002.ax-msedge.net
                                                ax-0002.ax-msedge.net
                                                IN A
                                                150.171.28.11
                                                ax-0002.ax-msedge.net
                                                IN A
                                                150.171.27.11
                                              • flag-us
                                                DNS
                                                edge.microsoft.com
                                                msedge.exe
                                                Remote address:
                                                8.8.8.8:53
                                                Request
                                                edge.microsoft.com
                                                IN Unknown
                                                Response
                                                edge.microsoft.com
                                                IN CNAME
                                                edge-domain.trafficmanager.net
                                                edge-domain.trafficmanager.net
                                                IN CNAME
                                                edge-microsoft-com.ax-0002.ax-msedge.net
                                              • flag-us
                                                DNS
                                                update.googleapis.com
                                                msedge.exe
                                                Remote address:
                                                8.8.8.8:53
                                                Request
                                                update.googleapis.com
                                                IN A
                                                Response
                                                update.googleapis.com
                                                IN A
                                                142.250.180.3
                                              • flag-us
                                                DNS
                                                update.googleapis.com
                                                msedge.exe
                                                Remote address:
                                                8.8.8.8:53
                                                Request
                                                update.googleapis.com
                                                IN Unknown
                                                Response
                                              • flag-us
                                                GET
                                                http://edge.microsoft.com/browsernetworktime/time/1/current?cup2key=2:T1x3UV-cdqA6yLwWwCTA7jH4iwoET_ljW8UyV2_sONs&cup2hreq=e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
                                                msedge.exe
                                                Remote address:
                                                204.79.197.239:80
                                                Request
                                                GET /browsernetworktime/time/1/current?cup2key=2:T1x3UV-cdqA6yLwWwCTA7jH4iwoET_ljW8UyV2_sONs&cup2hreq=e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP/1.1
                                                Host: edge.microsoft.com
                                                Connection: keep-alive
                                                Pragma: no-cache
                                                Cache-Control: no-cache
                                                Sec-Mesh-Client-Edge-Version: 133.0.3065.69
                                                Sec-Mesh-Client-Edge-Channel: stable
                                                Sec-Mesh-Client-OS: Windows
                                                Sec-Mesh-Client-OS-Version: 10.0.19041
                                                Sec-Mesh-Client-Arch: x86_64
                                                Sec-Mesh-Client-WebView: 0
                                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36 Edg/133.0.0.0
                                                Accept-Encoding: gzip, deflate
                                                Response
                                                HTTP/1.1 200 OK
                                                Cache-Control: no-store, must-revalidate, no-cache, max-age=0
                                                Pragma: no-cache
                                                Content-Length: 100
                                                Content-Type: application/json
                                                Content-Encoding: gzip
                                                Expires: Mon, 01 Jan 1990 00:00:00 GMT
                                                X-Frame-Options: sameorigin
                                                X-XSS-Protection: 1; mode=block
                                                X-Content-Type-Options: nosniff
                                                x-cup-server-proof: 304502206E553E7A3F58F20013309EB512E61918CBAF3F11157CC68DA516BDC0C6F3400C022100E74FB92B7D0A80D4D8040309AD0DE0C6963E75F9B56823F27F7EC01EB2B57FBE:e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
                                                Content-Disposition: attachment; filename='json.txt'
                                                X-Cache: CONFIG_NOCACHE
                                                X-MSEdge-Ref: Ref A: 543CF5C4DA864B19AAC509F4A04EDAE4 Ref B: LON04EDGE1018 Ref C: 2025-03-22T07:00:55Z
                                                Date: Sat, 22 Mar 2025 07:00:54 GMT
                                              • flag-us
                                                GET
                                                https://edge.microsoft.com/extensionwebstorebase/v1/crx?os=win&arch=x64&os_arch=x86_64&nacl_arch=x86-64&prod=edgecrx&prodchannel=&prodversion=133.0.3065.69&lang=en-US&acceptformat=crx3,puff&x=id%3Djmjflgjpcpepeafmmgdpfkogkghcpiha%26v%3D0.0.0.0%26installsource%3Dreinstall%26installedby%3Dother%26uc%26ping%3Dr%253D9%2526e%253D0%2526dr%253D1024
                                                msedge.exe
                                                Remote address:
                                                150.171.28.11:443
                                                Request
                                                GET /extensionwebstorebase/v1/crx?os=win&arch=x64&os_arch=x86_64&nacl_arch=x86-64&prod=edgecrx&prodchannel=&prodversion=133.0.3065.69&lang=en-US&acceptformat=crx3,puff&x=id%3Djmjflgjpcpepeafmmgdpfkogkghcpiha%26v%3D0.0.0.0%26installsource%3Dreinstall%26installedby%3Dother%26uc%26ping%3Dr%253D9%2526e%253D0%2526dr%253D1024 HTTP/2.0
                                                host: edge.microsoft.com
                                                edgefeatureflags: {"ExtensionUseNewStoreKeys":true,"UseHttpsForDownload":true}
                                                update-interactivity: fg
                                                ms-cv: 3DyH8Gn0cbqn8eidLr+5j2
                                                sec-fetch-site: none
                                                sec-fetch-mode: no-cors
                                                sec-fetch-dest: empty
                                                user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36 Edg/133.0.0.0
                                                accept-encoding: gzip, deflate, br, zstd
                                                accept-language: en-US,en;q=0.9
                                                priority: u=1, i
                                                Response
                                                HTTP/2.0 200
                                                cache-control: max-age=0, no-cache, no-store, must-revalidate
                                                content-length: 1462
                                                content-type: application/json; charset=utf-8
                                                content-security-policy: base-uri 'self';block-all-mixed-content;default-src 'self';img-src 'self';object-src 'none';script-src 'none';style-src 'self';upgrade-insecure-requests;
                                                x-cache: CONFIG_NOCACHE
                                                x-msedge-ref: Ref A: 9E7A68C80307439D8C16D64353A3ABC7 Ref B: LON04EDGE1122 Ref C: 2025-03-22T07:00:54Z
                                                date: Sat, 22 Mar 2025 07:00:54 GMT
                                              • flag-us
                                                GET
                                                https://edge.microsoft.com/serviceexperimentation/v3/?osname=win&channel=stable&osver=10.0.19041&devicefamily=desktop&installdate=1741877482&clientversion=133.0.3065.69&experimentationmode=2&scpguard=0&scpfull=0&scpver=0
                                                msedge.exe
                                                Remote address:
                                                150.171.28.11:443
                                                Request
                                                GET /serviceexperimentation/v3/?osname=win&channel=stable&osver=10.0.19041&devicefamily=desktop&installdate=1741877482&clientversion=133.0.3065.69&experimentationmode=2&scpguard=0&scpfull=0&scpver=0 HTTP/2.0
                                                host: edge.microsoft.com
                                                pragma: no-cache
                                                cache-control: no-cache
                                                sec-mesh-client-edge-version: 133.0.3065.69
                                                sec-mesh-client-edge-channel: stable
                                                sec-mesh-client-os: Windows
                                                sec-mesh-client-os-version: 10.0.19041
                                                sec-mesh-client-arch: x86_64
                                                sec-mesh-client-webview: 0
                                                x-client-data: eyIxIjoiMCIsIjIiOiIwIiwiMyI6IjAiLCI0IjoiLTY5MjMwMjcxODcxMTMzNTIzODkiLCI2Ijoic3RhYmxlIiwiOSI6ImRlc2t0b3AifQ==
                                                sec-fetch-site: none
                                                sec-fetch-mode: no-cors
                                                sec-fetch-dest: empty
                                                user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36 Edg/133.0.0.0
                                                accept-encoding: gzip, deflate, br, zstd
                                                accept-language: en-US,en;q=0.9
                                                priority: u=4, i
                                                Response
                                                HTTP/2.0 200
                                                cache-control: max-age=0, no-cache, no-store, must-revalidate
                                                content-length: 782
                                                content-type: text/xml; charset=utf-8
                                                x-cache: CONFIG_NOCACHE
                                                x-msedge-ref: Ref A: 573BBF0396814986821AC2621E14FF22 Ref B: LON04EDGE1122 Ref C: 2025-03-22T07:00:54Z
                                                date: Sat, 22 Mar 2025 07:00:54 GMT
                                              • flag-gb
                                                POST
                                                https://update.googleapis.com/service/update2/json?cup2key=14:3YnLXPVbScCzXDM0_ZWiGe24YKYrm793wkK62mVxtBs&cup2hreq=8be234a4bd81973c166516bc74996bb614d293f68921492e7345a59da91d3ca0
                                                msedge.exe
                                                Remote address:
                                                142.250.180.3:443
                                                Request
                                                POST /service/update2/json?cup2key=14:3YnLXPVbScCzXDM0_ZWiGe24YKYrm793wkK62mVxtBs&cup2hreq=8be234a4bd81973c166516bc74996bb614d293f68921492e7345a59da91d3ca0 HTTP/2.0
                                                host: update.googleapis.com
                                                content-length: 931
                                                x-goog-update-appid: ghbmnnjooekpmoecnnnilnnbdlolhkhi
                                                x-goog-update-interactivity: bg
                                                x-goog-update-updater: chromiumcrx-133.0.3065.69
                                                content-type: application/json
                                                sec-mesh-client-edge-version: 133.0.3065.69
                                                sec-mesh-client-edge-channel: stable
                                                sec-mesh-client-os: Windows
                                                sec-mesh-client-os-version: 10.0.19041
                                                sec-mesh-client-arch: x86_64
                                                sec-mesh-client-webview: 0
                                                sec-fetch-site: none
                                                sec-fetch-mode: no-cors
                                                sec-fetch-dest: empty
                                                user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36 Edg/133.0.0.0
                                                accept-encoding: gzip, deflate, br, zstd
                                                accept-language: en-US,en;q=0.9
                                                priority: u=4, i
                                              • flag-us
                                                DNS
                                                goktugyeli.com
                                                xdpxegnijily.exe
                                                Remote address:
                                                8.8.8.8:53
                                                Request
                                                goktugyeli.com
                                                IN A
                                                Response
                                              • flag-us
                                                DNS
                                                copilot.microsoft.com
                                                msedge.exe
                                                Remote address:
                                                8.8.8.8:53
                                                Request
                                                copilot.microsoft.com
                                                IN A
                                                Response
                                                copilot.microsoft.com
                                                IN CNAME
                                                copilot-copilot-msft-com.trafficmanager.net
                                                copilot-copilot-msft-com.trafficmanager.net
                                                IN CNAME
                                                copilot.microsoft.com.edgekey.net
                                                copilot.microsoft.com.edgekey.net
                                                IN CNAME
                                                e107108.dscx.akamaiedge.net
                                                e107108.dscx.akamaiedge.net
                                                IN A
                                                104.86.110.106
                                                e107108.dscx.akamaiedge.net
                                                IN A
                                                2.18.66.57
                                              • flag-us
                                                DNS
                                                copilot.microsoft.com
                                                msedge.exe
                                                Remote address:
                                                8.8.8.8:53
                                                Request
                                                copilot.microsoft.com
                                                IN Unknown
                                                Response
                                                copilot.microsoft.com
                                                IN CNAME
                                                copilot-copilot-msft-com.trafficmanager.net
                                                copilot-copilot-msft-com.trafficmanager.net
                                                IN CNAME
                                                copilot.microsoft.com.edgekey.net
                                                copilot.microsoft.com.edgekey.net
                                                IN CNAME
                                                e107108.dscx.akamaiedge.net
                                              • flag-us
                                                DNS
                                                api.edgeoffer.microsoft.com
                                                msedge.exe
                                                Remote address:
                                                8.8.8.8:53
                                                Request
                                                api.edgeoffer.microsoft.com
                                                IN A
                                                Response
                                                api.edgeoffer.microsoft.com
                                                IN CNAME
                                                bingadsedgeextension-prod.trafficmanager.net
                                                bingadsedgeextension-prod.trafficmanager.net
                                                IN CNAME
                                                bingadsedgeextension-prod-europe.azurewebsites.net
                                                bingadsedgeextension-prod-europe.azurewebsites.net
                                                IN CNAME
                                                ssl.bingadsedgeextension-prod-europe.azurewebsites.net
                                                ssl.bingadsedgeextension-prod-europe.azurewebsites.net
                                                IN A
                                                94.245.104.56
                                              • flag-us
                                                DNS
                                                api.edgeoffer.microsoft.com
                                                msedge.exe
                                                Remote address:
                                                8.8.8.8:53
                                                Request
                                                api.edgeoffer.microsoft.com
                                                IN Unknown
                                                Response
                                                api.edgeoffer.microsoft.com
                                                IN CNAME
                                                bingadsedgeextension-prod.trafficmanager.net
                                                bingadsedgeextension-prod.trafficmanager.net
                                                IN CNAME
                                                bingadsedgeextension-prod-europe.azurewebsites.net
                                                bingadsedgeextension-prod-europe.azurewebsites.net
                                                IN CNAME
                                                ssl.bingadsedgeextension-prod-europe.azurewebsites.net
                                              • flag-us
                                                DNS
                                                saludaonline.com
                                                xdpxegnijily.exe
                                                Remote address:
                                                8.8.8.8:53
                                                Request
                                                saludaonline.com
                                                IN A
                                                Response
                                              • flag-ie
                                                GET
                                                https://api.edgeoffer.microsoft.com/edgeoffer/pb/experiments?appId=edge-extensions&country=US
                                                msedge.exe
                                                Remote address:
                                                94.245.104.56:443
                                                Request
                                                GET /edgeoffer/pb/experiments?appId=edge-extensions&country=US HTTP/1.1
                                                Host: api.edgeoffer.microsoft.com
                                                Connection: keep-alive
                                                Sec-Fetch-Site: none
                                                Sec-Fetch-Mode: no-cors
                                                Sec-Fetch-Dest: empty
                                                Sec-Fetch-Storage-Access: active
                                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36 Edg/133.0.0.0
                                                Accept-Encoding: gzip, deflate, br, zstd
                                                Accept-Language: en-US,en;q=0.9
                                                Response
                                                HTTP/1.1 200 OK
                                                Content-Length: 0
                                                Content-Type: application/x-protobuf; charset=utf-8
                                                Date: Sat, 22 Mar 2025 07:00:54 GMT
                                                Server: Microsoft-IIS/10.0
                                                Set-Cookie: ARRAffinity=2facc78c6123c667617ce21b30d0d14a237b3ab3f15825bb2e1896f7deb8e455;Path=/;HttpOnly;Secure;Domain=api.edgeoffer.microsoft.com
                                                Set-Cookie: ARRAffinitySameSite=2facc78c6123c667617ce21b30d0d14a237b3ab3f15825bb2e1896f7deb8e455;Path=/;HttpOnly;SameSite=None;Secure;Domain=api.edgeoffer.microsoft.com
                                                Request-Context: appId=cid-v1:48af8e22-9427-456d-9a55-67a1e42a1bd9
                                                X-Powered-By: ASP.NET
                                              • flag-gb
                                                GET
                                                https://copilot.microsoft.com/c/api/user/eligibility
                                                msedge.exe
                                                Remote address:
                                                104.86.110.106:443
                                                Request
                                                GET /c/api/user/eligibility HTTP/2.0
                                                host: copilot.microsoft.com
                                                sec-fetch-site: none
                                                sec-fetch-mode: no-cors
                                                sec-fetch-dest: empty
                                                sec-fetch-storage-access: active
                                                user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36 Edg/133.0.0.0
                                                accept-encoding: gzip, deflate, br, zstd
                                                accept-language: en-US,en;q=0.9
                                                priority: u=4, i
                                                Response
                                                HTTP/2.0 200
                                                x-ceto-ref: 67de6027d0854a22b7ee66bd987c5684|AFD:67de6027d0854a22b7ee66bd987c5684|2025-03-22T07:00:55.075Z
                                                content-length: 0
                                                date: Sat, 22 Mar 2025 07:00:55 GMT
                                                alt-svc: h3=":443"; ma=93600
                                                x-cdn-traceid: 0.35421202.1742626855.129162e5
                                              • flag-us
                                                DNS
                                                newculturemediablog.com
                                                xdpxegnijily.exe
                                                Remote address:
                                                8.8.8.8:53
                                                Request
                                                newculturemediablog.com
                                                IN A
                                                Response
                                              • flag-us
                                                DNS
                                                msedgeextensions.sf.tlu.dl.delivery.mp.microsoft.com
                                                msedge.exe
                                                Remote address:
                                                8.8.8.8:53
                                                Request
                                                msedgeextensions.sf.tlu.dl.delivery.mp.microsoft.com
                                                IN A
                                                Response
                                                msedgeextensions.sf.tlu.dl.delivery.mp.microsoft.com
                                                IN CNAME
                                                star.sf.tlu.dl.delivery.mp.microsoft.com.delivery.microsoft.com
                                                star.sf.tlu.dl.delivery.mp.microsoft.com.delivery.microsoft.com
                                                IN CNAME
                                                cdp-f-ssl-tlu-net.trafficmanager.net
                                                cdp-f-ssl-tlu-net.trafficmanager.net
                                                IN CNAME
                                                star.sb.tlu.dl.delivery.mp.microsoft.com.edgesuite.net
                                                star.sb.tlu.dl.delivery.mp.microsoft.com.edgesuite.net
                                                IN CNAME
                                                a2033.dscd.akamai.net
                                                a2033.dscd.akamai.net
                                                IN A
                                                2.18.190.174
                                                a2033.dscd.akamai.net
                                                IN A
                                                2.18.190.170
                                              • flag-us
                                                DNS
                                                msedgeextensions.sf.tlu.dl.delivery.mp.microsoft.com
                                                msedge.exe
                                                Remote address:
                                                8.8.8.8:53
                                                Request
                                                msedgeextensions.sf.tlu.dl.delivery.mp.microsoft.com
                                                IN Unknown
                                                Response
                                                msedgeextensions.sf.tlu.dl.delivery.mp.microsoft.com
                                                IN CNAME
                                                star.sf.tlu.dl.delivery.mp.microsoft.com.delivery.microsoft.com
                                                star.sf.tlu.dl.delivery.mp.microsoft.com.delivery.microsoft.com
                                                IN CNAME
                                                cdp-f-ssl-tlu-net.trafficmanager.net
                                                cdp-f-ssl-tlu-net.trafficmanager.net
                                                IN CNAME
                                                star.sb.tlu.dl.delivery.mp.microsoft.com.edgesuite.net
                                                star.sb.tlu.dl.delivery.mp.microsoft.com.edgesuite.net
                                                IN CNAME
                                                a2033.dscd.akamai.net
                                              • flag-gb
                                                GET
                                                https://msedgeextensions.sf.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/bdc392b9-6b81-4aaa-b3ee-2fffd9562edb?P1=1743231655&P2=404&P3=2&P4=fUlQ%2bValn%2bOH3zUvmvUFZlkoDz9NUHN4UeOepIUV%2bUrEjypSk7QqvBqczUr9QfSCdF2TI%2bwMftamHa3i6kwOtw%3d%3d
                                                msedge.exe
                                                Remote address:
                                                2.18.190.174:443
                                                Request
                                                GET /filestreamingservice/files/bdc392b9-6b81-4aaa-b3ee-2fffd9562edb?P1=1743231655&P2=404&P3=2&P4=fUlQ%2bValn%2bOH3zUvmvUFZlkoDz9NUHN4UeOepIUV%2bUrEjypSk7QqvBqczUr9QfSCdF2TI%2bwMftamHa3i6kwOtw%3d%3d HTTP/2.0
                                                host: msedgeextensions.sf.tlu.dl.delivery.mp.microsoft.com
                                                ms-cv: 3DyH8Gn0cbqn8eidLr+5j2
                                                sec-fetch-site: none
                                                sec-fetch-mode: no-cors
                                                sec-fetch-dest: empty
                                                user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36 Edg/133.0.0.0
                                                accept-encoding: gzip, deflate, br, zstd
                                                accept-language: en-US,en;q=0.9
                                                priority: u=1, i
                                                Response
                                                HTTP/2.0 200
                                                content-type: application/x-chrome-extension
                                                last-modified: Wed, 24 Jan 2024 00:25:37 GMT
                                                accept-ranges: bytes
                                                etag: "Gv3jDkaZdFLRHkoq2781zOehQE8="
                                                server: Microsoft-IIS/10.0
                                                x-aspnetmvc-version: 5.3
                                                ms-correlationid: b28df9f1-dc3f-4ef4-9bdf-444e35c0efed
                                                ms-requestid: bf267a2c-d093-4aea-80c7-cab035dc081a
                                                ms-cv: vO+ovkxXWZJL+cB1R1PavD.0
                                                x-aspnet-version: 4.0.30319
                                                x-powered-by: ASP.NET
                                                x-powered-by: ARR/3.0
                                                x-powered-by: ASP.NET
                                                content-length: 11185
                                                cache-control: public, max-age=86400
                                                date: Sat, 22 Mar 2025 07:00:55 GMT
                                                alt-svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,quic=":443"; ma=93600; v="43"
                                                akamai-request-bc: [a=2.18.181.170,b=3722952119,c=g,n=GB_EN_LONDON,o=20940],[c=c,n=GB_EN_LONDON,o=20940]
                                                msregion:
                                                x-ccc:
                                                x-cid: 3
                                                akamai-grn: 0.aab51202.1742626855.dde7bdb7
                                                access-control-max-age: 86400
                                                access-control-allow-credentials: true
                                                access-control-expose-headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
                                                access-control-allow-headers: origin,range,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
                                                access-control-allow-methods: GET,POST,OPTIONS
                                                access-control-allow-origin: *
                                              • flag-us
                                                GET
                                                https://edge.microsoft.com/entityextractiontemplates/api/v1/assets/find-assets?name=domains_config_gz&version=3.*.*&channel=stable&key=d414dd4f9db345fa8003e32adc81b362
                                                msedge.exe
                                                Remote address:
                                                150.171.28.11:443
                                                Request
                                                GET /entityextractiontemplates/api/v1/assets/find-assets?name=domains_config_gz&version=3.*.*&channel=stable&key=d414dd4f9db345fa8003e32adc81b362 HTTP/2.0
                                                host: edge.microsoft.com
                                                edge-asset-group: EntityExtractionDomainsConfig
                                                sec-mesh-client-edge-version: 133.0.3065.69
                                                sec-mesh-client-edge-channel: stable
                                                sec-mesh-client-os: Windows
                                                sec-mesh-client-os-version: 10.0.19041
                                                sec-mesh-client-arch: x86_64
                                                sec-mesh-client-webview: 0
                                                sec-fetch-site: none
                                                sec-fetch-mode: no-cors
                                                sec-fetch-dest: empty
                                                user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36 Edg/133.0.0.0
                                                accept-encoding: gzip, deflate, br, zstd
                                                accept-language: en-US,en;q=0.9
                                                priority: u=4, i
                                                Response
                                                HTTP/2.0 200
                                                cache-control: public, max-age=3600
                                                content-length: 266
                                                content-type: application/json; charset=utf-8
                                                x-cache: TCP_HIT
                                                x-frame-options: sameorigin
                                                x-msedge-ref: Ref A: FA4E272131B64A8CAF746104DB795B7C Ref B: LON04EDGE0710 Ref C: 2025-03-22T07:00:56Z
                                                date: Sat, 22 Mar 2025 07:00:56 GMT
                                              • flag-us
                                                GET
                                                https://edge.microsoft.com/entityextractiontemplates/api/v1/assets/find-assets?name=arbitration_priority_list&version=24.*.*&channel=stable&key=d414dd4f9db345fa8003e32adc81b362
                                                msedge.exe
                                                Remote address:
                                                150.171.28.11:443
                                                Request
                                                GET /entityextractiontemplates/api/v1/assets/find-assets?name=arbitration_priority_list&version=24.*.*&channel=stable&key=d414dd4f9db345fa8003e32adc81b362 HTTP/2.0
                                                host: edge.microsoft.com
                                                edge-asset-group: ArbitrationService
                                                sec-fetch-site: none
                                                sec-fetch-mode: no-cors
                                                sec-fetch-dest: empty
                                                user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36 Edg/133.0.0.0
                                                accept-encoding: gzip, deflate, br, zstd
                                                accept-language: en-US,en;q=0.9
                                                priority: u=4, i
                                                Response
                                                HTTP/2.0 200
                                                cache-control: public, max-age=3600
                                                content-length: 271
                                                content-type: application/json; charset=utf-8
                                                x-cache: TCP_HIT
                                                x-frame-options: sameorigin
                                                x-msedge-ref: Ref A: E19DB1CBB0D94DB7881E3C9126255179 Ref B: LON04EDGE0710 Ref C: 2025-03-22T07:00:56Z
                                                date: Sat, 22 Mar 2025 07:00:56 GMT
                                              • flag-us
                                                GET
                                                https://edge.microsoft.com/entityextractiontemplates/api/v1/assets/find-assets?name=edge_hub_apps_manifest_gz&version=4.11.*&channel=stable&key=d414dd4f9db345fa8003e32adc81b362
                                                msedge.exe
                                                Remote address:
                                                150.171.28.11:443
                                                Request
                                                GET /entityextractiontemplates/api/v1/assets/find-assets?name=edge_hub_apps_manifest_gz&version=4.11.*&channel=stable&key=d414dd4f9db345fa8003e32adc81b362 HTTP/2.0
                                                host: edge.microsoft.com
                                                edge-asset-group: Shoreline
                                                sec-fetch-site: none
                                                sec-fetch-mode: no-cors
                                                sec-fetch-dest: empty
                                                user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36 Edg/133.0.0.0
                                                accept-encoding: gzip, deflate, br, zstd
                                                accept-language: en-US,en;q=0.9
                                                priority: u=4, i
                                                Response
                                                HTTP/2.0 200
                                                cache-control: public, max-age=3600
                                                content-length: 265
                                                content-type: application/json; charset=utf-8
                                                x-cache: TCP_HIT
                                                x-frame-options: sameorigin
                                                x-msedge-ref: Ref A: 1FC0F2ABFA324DD5881C7F58BF9F1199 Ref B: LON04EDGE0710 Ref C: 2025-03-22T07:00:56Z
                                                date: Sat, 22 Mar 2025 07:00:56 GMT
                                              • flag-gb
                                                GET
                                                https://www.bing.com/api/shopping/v1/user/shoppingsettings?EnabledServiceFeaturesv2=edgeServerUX.shopping.aablockth,edgeServerUX.shopping.block99,edgeServerUX.shopping.disableCashbackOnCouponCopy,edgeServerUX.shopping.enableColdStartCohort,edgeServerUX.shopping.highttaablocksrth,edgeServerUX.shopping.highttaablockth,edgeServerUX.shopping.migrateClippingToOmnibox,edgeServerUX.shopping.msEdgeShoppingCashbackDismissTimeout2s,edgeServerUX.shopping.nrtLogging,edgeServerUX.shopping.snDataFromOS,edgeServerUX.shopping.useExpSNData
                                                msedge.exe
                                                Remote address:
                                                2.18.66.48:443
                                                Request
                                                GET /api/shopping/v1/user/shoppingsettings?EnabledServiceFeaturesv2=edgeServerUX.shopping.aablockth,edgeServerUX.shopping.block99,edgeServerUX.shopping.disableCashbackOnCouponCopy,edgeServerUX.shopping.enableColdStartCohort,edgeServerUX.shopping.highttaablocksrth,edgeServerUX.shopping.highttaablockth,edgeServerUX.shopping.migrateClippingToOmnibox,edgeServerUX.shopping.msEdgeShoppingCashbackDismissTimeout2s,edgeServerUX.shopping.nrtLogging,edgeServerUX.shopping.snDataFromOS,edgeServerUX.shopping.useExpSNData HTTP/2.0
                                                host: www.bing.com
                                                cookie: ANON=
                                                cookie: MUID=
                                                cookie: _RwBf=
                                                cookie:
                                                x-client-data: eyIxIjoiMCIsIjIiOiIwIiwiMyI6IjAiLCI0IjoiLTY5MjMwMjcxODcxMTMzNTIzODkiLCI2Ijoic3RhYmxlIiwiOSI6ImRlc2t0b3AifQ==
                                                sec-fetch-site: none
                                                sec-fetch-mode: no-cors
                                                sec-fetch-dest: empty
                                                sec-fetch-storage-access: active
                                                user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36 Edg/133.0.0.0
                                                accept-encoding: gzip, deflate, br, zsdch, zstd
                                                accept-language: en-US,en;q=0.9
                                                priority: u=4, i
                                                Response
                                                HTTP/2.0 200
                                                cache-control: max-age=0, no-cache, no-store, must-revalidate
                                                content-type: application/json; charset=utf-8
                                                content-encoding: br
                                                vary: Accept-Encoding
                                                accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
                                                x-msedge-ref: Ref A: BDC0F4ADD78842C1BDC1B2914691E367 Ref B: LON04EDGE1221 Ref C: 2025-03-22T07:00:56Z
                                                date: Sat, 22 Mar 2025 07:00:57 GMT
                                                content-length: 425
                                                set-cookie: _EDGE_S=F=1&SID=3629B3C8ACBA60522BF2A67FAD5A61CA; path=/; httponly; domain=bing.com
                                                set-cookie: _EDGE_V=1; path=/; httponly; expires=Thu, 16-Apr-2026 07:00:56 GMT; domain=bing.com
                                                set-cookie: MUID=03548DB2C7F969DB1C5C9805C61968B4; samesite=none; path=/; secure; expires=Thu, 16-Apr-2026 07:00:56 GMT; domain=bing.com
                                                set-cookie: MUIDB=03548DB2C7F969DB1C5C9805C61968B4; path=/; httponly; expires=Thu, 16-Apr-2026 07:00:56 GMT
                                                alt-svc: h3=":443"; ma=93600
                                                x-cdn-traceid: 0.5d6e5668.1742626856.13b15db2
                                              • flag-us
                                                DNS
                                                edge.microsoft.com
                                                msedge.exe
                                                Remote address:
                                                8.8.8.8:53
                                                Request
                                                edge.microsoft.com
                                                IN A
                                                Response
                                                edge.microsoft.com
                                                IN CNAME
                                                edge-domain.trafficmanager.net
                                                edge-domain.trafficmanager.net
                                                IN CNAME
                                                edge-microsoft-com.dual-a-0036.a-msedge.net
                                                edge-microsoft-com.dual-a-0036.a-msedge.net
                                                IN CNAME
                                                dual-a-0036.a-msedge.net
                                                dual-a-0036.a-msedge.net
                                                IN A
                                                204.79.197.239
                                                dual-a-0036.a-msedge.net
                                                IN A
                                                13.107.21.239
                                              • flag-us
                                                DNS
                                                edge.microsoft.com
                                                msedge.exe
                                                Remote address:
                                                8.8.8.8:53
                                                Request
                                                edge.microsoft.com
                                                IN Unknown
                                                Response
                                                edge.microsoft.com
                                                IN CNAME
                                                edge-domain.trafficmanager.net
                                                edge-domain.trafficmanager.net
                                                IN CNAME
                                                edge-microsoft-com.ax-0002.ax-msedge.net
                                              • flag-us
                                                GET
                                                https://edge.microsoft.com/abusiveadblocking/api/v1/blocklist
                                                msedge.exe
                                                Remote address:
                                                204.79.197.239:443
                                                Request
                                                GET /abusiveadblocking/api/v1/blocklist HTTP/2.0
                                                host: edge.microsoft.com
                                                if-none-match: "5E25271B8190D943537AD3FDB50874FC133E8B4A00380E2A6A888D63386F728B"
                                                sec-mesh-client-edge-version: 133.0.3065.69
                                                sec-mesh-client-edge-channel: stable
                                                sec-mesh-client-os: Windows
                                                sec-mesh-client-os-version: 10.0.19041
                                                sec-mesh-client-arch: x86_64
                                                sec-mesh-client-webview: 0
                                                sec-fetch-site: none
                                                sec-fetch-mode: no-cors
                                                sec-fetch-dest: empty
                                                sec-fetch-storage-access: active
                                                user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36 Edg/133.0.0.0
                                                accept-encoding: gzip, deflate, br, zstd
                                                priority: u=4, i
                                                Response
                                                HTTP/2.0 304
                                                cache-control: public, max-age=43200
                                                content-type: application/json; charset=utf-8
                                                content-encoding: gzip
                                                etag: "5E25271B8190D943537AD3FDB50874FC133E8B4A00380E2A6A888D63386F728B"
                                                vary: Accept-Encoding
                                                x-cache: TCP_HIT
                                                x-mesh-client-ttl: 72
                                                strict-transport-security: max-age=0
                                                x-msedge-ref: Ref A: 30539E9AC75F45A3BBE0C79C0B4D20FC Ref B: LON04EDGE1014 Ref C: 2025-03-22T07:00:57Z
                                                date: Sat, 22 Mar 2025 07:00:56 GMT
                                              • flag-us
                                                DNS
                                                edgeassetservice.azureedge.net
                                                msedge.exe
                                                Remote address:
                                                8.8.8.8:53
                                                Request
                                                edgeassetservice.azureedge.net
                                                IN A
                                                Response
                                                edgeassetservice.azureedge.net
                                                IN CNAME
                                                edgeassetservice.afd.azureedge.net
                                                edgeassetservice.afd.azureedge.net
                                                IN CNAME
                                                azureedge-t-prod.trafficmanager.net
                                                azureedge-t-prod.trafficmanager.net
                                                IN CNAME
                                                shed.dual-low.s-part-0037.t-0009.t-msedge.net
                                                shed.dual-low.s-part-0037.t-0009.t-msedge.net
                                                IN CNAME
                                                s-part-0037.t-0009.t-msedge.net
                                                s-part-0037.t-0009.t-msedge.net
                                                IN A
                                                13.107.246.65
                                              • flag-us
                                                DNS
                                                edgeassetservice.azureedge.net
                                                msedge.exe
                                                Remote address:
                                                8.8.8.8:53
                                                Request
                                                edgeassetservice.azureedge.net
                                                IN Unknown
                                                Response
                                                edgeassetservice.azureedge.net
                                                IN CNAME
                                                edgeassetservice.afd.azureedge.net
                                                edgeassetservice.afd.azureedge.net
                                                IN CNAME
                                                azureedge-t-prod.trafficmanager.net
                                                azureedge-t-prod.trafficmanager.net
                                                IN CNAME
                                                shed.dual-low.s-part-0036.t-0009.t-msedge.net
                                                shed.dual-low.s-part-0036.t-0009.t-msedge.net
                                                IN CNAME
                                                s-part-0036.t-0009.t-msedge.net
                                              • flag-us
                                                GET
                                                https://edgeassetservice.azureedge.net/assets/arbitration_priority_list/24.0.4/asset?assetgroup=ArbitrationService
                                                msedge.exe
                                                Remote address:
                                                13.107.246.65:443
                                                Request
                                                GET /assets/arbitration_priority_list/24.0.4/asset?assetgroup=ArbitrationService HTTP/2.0
                                                host: edgeassetservice.azureedge.net
                                                edge-asset-group: ArbitrationService
                                                sec-fetch-site: none
                                                sec-fetch-mode: no-cors
                                                sec-fetch-dest: empty
                                                user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36 Edg/133.0.0.0
                                                accept-encoding: gzip, deflate, br, zstd
                                                accept-language: en-US,en;q=0.9
                                                priority: u=4, i
                                                Response
                                                HTTP/2.0 200
                                                date: Sat, 22 Mar 2025 07:00:57 GMT
                                                content-type: application/octet-stream
                                                content-length: 20242
                                                last-modified: Thu, 20 Mar 2025 17:16:21 GMT
                                                etag: 0x8DD67D2EF6CF554
                                                x-ms-request-id: 2594a8c7-701e-002c-74a1-9aea3a000000
                                                x-ms-version: 2009-09-19
                                                x-ms-lease-status: unlocked
                                                x-ms-blob-type: BlockBlob
                                                x-azure-ref: 20250322T070057Z-157d97d486cpwqn4hC1LONeh0c00000000z000000000dakp
                                                cache-control: public, max-age=604800
                                                x-fd-int-roxy-purgeid: 69316365
                                                x-cache: TCP_HIT
                                                accept-ranges: bytes
                                              • flag-us
                                                GET
                                                https://edge.microsoft.com/extensionwebstorebase/v1/logextensionreliability?success=true&cv=3DyH8Gn0cbqn8eidLr+5j2&errorString=&crxId=jmjflgjpcpepeafmmgdpfkogkghcpiha&os=win&arch=x64&os_arch=x86_64&nacl_arch=x86-64&prod=edgecrx&prodchannel=&prodversion=133.0.3065.69&lang=en-US&acceptformat=crx3,puff
                                                msedge.exe
                                                Remote address:
                                                204.79.197.239:443
                                                Request
                                                GET /extensionwebstorebase/v1/logextensionreliability?success=true&cv=3DyH8Gn0cbqn8eidLr+5j2&errorString=&crxId=jmjflgjpcpepeafmmgdpfkogkghcpiha&os=win&arch=x64&os_arch=x86_64&nacl_arch=x86-64&prod=edgecrx&prodchannel=&prodversion=133.0.3065.69&lang=en-US&acceptformat=crx3,puff HTTP/2.0
                                                host: edge.microsoft.com
                                                scenario: Update
                                                sec-fetch-site: none
                                                sec-fetch-mode: no-cors
                                                sec-fetch-dest: empty
                                                user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36 Edg/133.0.0.0
                                                accept-encoding: gzip, deflate, br, zstd
                                                priority: u=4, i
                                                Response
                                                HTTP/2.0 200
                                                cache-control: max-age=0, no-cache, no-store, must-revalidate
                                                content-type: text/plain; charset=utf-8
                                                x-cache: CONFIG_NOCACHE
                                                x-msedge-ref: Ref A: E6EE838194AA48E3B55020A1B29EAA90 Ref B: LON04EDGE0812 Ref C: 2025-03-22T07:00:57Z
                                                date: Sat, 22 Mar 2025 07:00:56 GMT
                                              • flag-us
                                                POST
                                                https://edge.microsoft.com/componentupdater/api/v1/update?cup2key=7:EhOjQpzbcvpe2-3H1yU_hbzHGmYY1K-nTpTEaiz4o-I&cup2hreq=f1a79c963c0de4c1e087ed16717a0279dcadc165faf4389c6a89e21651749aa9
                                                msedge.exe
                                                Remote address:
                                                204.79.197.239:443
                                                Request
                                                POST /componentupdater/api/v1/update?cup2key=7:EhOjQpzbcvpe2-3H1yU_hbzHGmYY1K-nTpTEaiz4o-I&cup2hreq=f1a79c963c0de4c1e087ed16717a0279dcadc165faf4389c6a89e21651749aa9 HTTP/2.0
                                                host: edge.microsoft.com
                                                content-length: 11808
                                                x-microsoft-update-appid: hjaimielcgmceiphgjjfddlgjklfpdei,llmidpclgepbgbgoecnhcmgfhmfplfao,jbfaflocpnkhbgcijpkiafdpbjkedane,hajigopbbjhghbfimgkfmpenfkclmohk,gllimckfbolmioaaihpppacjccghejen,mpicjakjneaggahlnmbojhjpnileolnb,omnckhpgfmaoelhddliebabpgblmmnjp,ndikpojcjlepofdkaaldkinkjbeeebkl,plbmmhnabegcabfbcejohgjpkamkddhn,alpjnmnfbgfkmmpcfpejmmoebdndedno,lfmeghnikdkbonehgjihjebgioakijgn,kmkacjgmmfchkbeglfbjjeidfckbnkca,ahmaebgpfccdhgidjaidaoojjcijckba,jcmcegpcehdchljeldgmmfbgcpnmgedo,kpfehajjjbbcifeehjgfgnabifknmdad,cllppcmmlnkggcmljjfigkcigaajjmid,oankkpibpaokgecfckkdkgaoafllipag,lkkdlcloifjinapabfonaibjijloebfb,fgbafbciocncjfbbonhocjaohoknlaco,mkcgfaeepibomfapiapjaceihcojnphg,eeobbhfgfagbclfofmgbdfoicabjdbkn,ojblfafjmiikbkepnnolpgbbhejhlcim,pbdgbpmpeenomngainidcjmopnklimmf,fppmbhmldokgmleojlplaaodlkibgikh,ohckeflnhegojcjlcpbfpciadgikcohk,pdfjdcjjjegpclfiilihfkmdfndkneei
                                                x-microsoft-update-interactivity: bg
                                                x-microsoft-update-service-cohort: 4967
                                                x-microsoft-update-updater: msedge-133.0.3065.69
                                                content-type: application/json
                                                sec-mesh-client-edge-version: 133.0.3065.69
                                                sec-mesh-client-edge-channel: stable
                                                sec-mesh-client-os: Windows
                                                sec-mesh-client-os-version: 10.0.19041
                                                sec-mesh-client-arch: x86_64
                                                sec-mesh-client-webview: 0
                                                x-client-data: COXnygE=
                                                sec-fetch-site: none
                                                sec-fetch-mode: no-cors
                                                sec-fetch-dest: empty
                                                user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36 Edg/133.0.0.0
                                                accept-encoding: gzip, deflate, br, zstd
                                                priority: u=4, i
                                                Response
                                                HTTP/2.0 200
                                                cache-control: no-store, must-revalidate, no-cache, max-age=0
                                                pragma: no-cache
                                                content-length: 4644
                                                content-type: application/json
                                                content-encoding: gzip
                                                expires: Mon, 01 Jan 1990 00:00:00 GMT
                                                etag: 3046022100A50181A59B13CC78390BFA31FD5998826FF71B80492AA74813FD9FDBDA43D926022100CCDC7746149EBCA3EE226896544D3F5B87C4A039F3C5B058D88FE6F48671490E:f1a79c963c0de4c1e087ed16717a0279dcadc165faf4389c6a89e21651749aa9
                                                x-frame-options: sameorigin
                                                x-content-type-options: nosniff
                                                x-xss-protection: 1; mode=block
                                                x-cup-server-proof: 3046022100A50181A59B13CC78390BFA31FD5998826FF71B80492AA74813FD9FDBDA43D926022100CCDC7746149EBCA3EE226896544D3F5B87C4A039F3C5B058D88FE6F48671490E:f1a79c963c0de4c1e087ed16717a0279dcadc165faf4389c6a89e21651749aa9
                                                x-cache: CONFIG_NOCACHE
                                                x-msedge-ref: Ref A: BE0E9A3A38C6407EACA817B94C3F5613 Ref B: LON04EDGE0812 Ref C: 2025-03-22T07:01:54Z
                                                date: Sat, 22 Mar 2025 07:01:54 GMT
                                              • flag-us
                                                POST
                                                https://edge.microsoft.com/componentupdater/api/v1/update
                                                msedge.exe
                                                Remote address:
                                                204.79.197.239:443
                                                Request
                                                POST /componentupdater/api/v1/update HTTP/2.0
                                                host: edge.microsoft.com
                                                content-length: 1460
                                                x-microsoft-update-service-cohort: 4967
                                                content-type: application/json
                                                sec-mesh-client-edge-version: 133.0.3065.69
                                                sec-mesh-client-edge-channel: stable
                                                sec-mesh-client-os: Windows
                                                sec-mesh-client-os-version: 10.0.19041
                                                sec-mesh-client-arch: x86_64
                                                sec-mesh-client-webview: 0
                                                x-client-data: COXnygE=
                                                sec-fetch-site: none
                                                sec-fetch-mode: no-cors
                                                sec-fetch-dest: empty
                                                user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36 Edg/133.0.0.0
                                                accept-encoding: gzip, deflate, br, zstd
                                                priority: u=4, i
                                                Response
                                                HTTP/2.0 200
                                                cache-control: no-store, must-revalidate, no-cache, max-age=0
                                                pragma: no-cache
                                                content-length: 177
                                                content-type: application/json
                                                content-encoding: gzip
                                                expires: Mon, 01 Jan 1990 00:00:00 GMT
                                                x-frame-options: sameorigin
                                                x-content-type-options: nosniff
                                                x-xss-protection: 1; mode=block
                                                x-cache: CONFIG_NOCACHE
                                                x-msedge-ref: Ref A: 7089918F4A6D4E89BDD86213B79003FA Ref B: LON04EDGE0812 Ref C: 2025-03-22T07:02:06Z
                                                date: Sat, 22 Mar 2025 07:02:06 GMT
                                              • flag-us
                                                POST
                                                https://edge.microsoft.com/componentupdater/api/v1/update
                                                msedge.exe
                                                Remote address:
                                                204.79.197.239:443
                                                Request
                                                POST /componentupdater/api/v1/update HTTP/2.0
                                                host: edge.microsoft.com
                                                content-length: 1453
                                                x-microsoft-update-service-cohort: 4967
                                                content-type: application/json
                                                sec-mesh-client-edge-version: 133.0.3065.69
                                                sec-mesh-client-edge-channel: stable
                                                sec-mesh-client-os: Windows
                                                sec-mesh-client-os-version: 10.0.19041
                                                sec-mesh-client-arch: x86_64
                                                sec-mesh-client-webview: 0
                                                x-client-data: COXnygE=
                                                sec-fetch-site: none
                                                sec-fetch-mode: no-cors
                                                sec-fetch-dest: empty
                                                user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36 Edg/133.0.0.0
                                                accept-encoding: gzip, deflate, br, zstd
                                                priority: u=4, i
                                                Response
                                                HTTP/2.0 200
                                                cache-control: no-store, must-revalidate, no-cache, max-age=0
                                                pragma: no-cache
                                                content-length: 179
                                                content-type: application/json
                                                content-encoding: gzip
                                                expires: Mon, 01 Jan 1990 00:00:00 GMT
                                                x-frame-options: sameorigin
                                                x-content-type-options: nosniff
                                                x-xss-protection: 1; mode=block
                                                x-cache: CONFIG_NOCACHE
                                                x-msedge-ref: Ref A: 014A1242FE664C62884C6A9305187B1C Ref B: LON04EDGE0812 Ref C: 2025-03-22T07:02:23Z
                                                date: Sat, 22 Mar 2025 07:02:23 GMT
                                              • flag-us
                                                DNS
                                                c.pki.goog
                                                Remote address:
                                                8.8.8.8:53
                                                Request
                                                c.pki.goog
                                                IN A
                                                Response
                                                c.pki.goog
                                                IN CNAME
                                                pki-goog.l.google.com
                                                pki-goog.l.google.com
                                                IN A
                                                142.250.180.3
                                              • flag-gb
                                                GET
                                                http://c.pki.goog/r/r1.crl
                                                Remote address:
                                                142.250.180.3:80
                                                Request
                                                GET /r/r1.crl HTTP/1.1
                                                Cache-Control: max-age = 3000
                                                Connection: Keep-Alive
                                                Accept: */*
                                                If-Modified-Since: Thu, 25 Jul 2024 14:48:00 GMT
                                                User-Agent: Microsoft-CryptoAPI/10.0
                                                Host: c.pki.goog
                                                Response
                                                HTTP/1.1 304 Not Modified
                                                Date: Sat, 22 Mar 2025 06:22:22 GMT
                                                Expires: Sat, 22 Mar 2025 07:12:22 GMT
                                                Last-Modified: Thu, 25 Jul 2024 14:48:00 GMT
                                                Cache-Control: public, max-age=3000
                                                Vary: Accept-Encoding
                                                Age: 2318
                                              • flag-us
                                                DNS
                                                edge-consumer-static.azureedge.net
                                                msedge.exe
                                                Remote address:
                                                8.8.8.8:53
                                                Request
                                                edge-consumer-static.azureedge.net
                                                IN A
                                                Response
                                                edge-consumer-static.azureedge.net
                                                IN CNAME
                                                edge-consumer-static.afd.azureedge.net
                                                edge-consumer-static.afd.azureedge.net
                                                IN CNAME
                                                azureedge-t-prod.trafficmanager.net
                                                azureedge-t-prod.trafficmanager.net
                                                IN CNAME
                                                shed.dual-low.s-part-0036.t-0009.t-msedge.net
                                                shed.dual-low.s-part-0036.t-0009.t-msedge.net
                                                IN CNAME
                                                s-part-0036.t-0009.t-msedge.net
                                                s-part-0036.t-0009.t-msedge.net
                                                IN A
                                                13.107.246.64
                                              • flag-us
                                                DNS
                                                edge-consumer-static.azureedge.net
                                                msedge.exe
                                                Remote address:
                                                8.8.8.8:53
                                                Request
                                                edge-consumer-static.azureedge.net
                                                IN Unknown
                                                Response
                                                edge-consumer-static.azureedge.net
                                                IN CNAME
                                                edge-consumer-static.afd.azureedge.net
                                                edge-consumer-static.afd.azureedge.net
                                                IN CNAME
                                                azureedge-t-prod.trafficmanager.net
                                                azureedge-t-prod.trafficmanager.net
                                                IN CNAME
                                                shed.dual-low.s-part-0036.t-0009.t-msedge.net
                                                shed.dual-low.s-part-0036.t-0009.t-msedge.net
                                                IN CNAME
                                                s-part-0036.t-0009.t-msedge.net
                                              • flag-us
                                                GET
                                                https://edge-consumer-static.azureedge.net/mouse-gesture/config.json
                                                msedge.exe
                                                Remote address:
                                                13.107.246.64:443
                                                Request
                                                GET /mouse-gesture/config.json HTTP/2.0
                                                host: edge-consumer-static.azureedge.net
                                                sec-fetch-site: none
                                                sec-fetch-mode: no-cors
                                                sec-fetch-dest: empty
                                                sec-fetch-storage-access: active
                                                user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36 Edg/133.0.0.0
                                                accept-encoding: gzip, deflate, br, zstd
                                                priority: u=4, i
                                                Response
                                                HTTP/2.0 200
                                                date: Sat, 22 Mar 2025 07:01:24 GMT
                                                content-type: application/json
                                                content-length: 101
                                                last-modified: Tue, 24 Oct 2023 08:27:00 GMT
                                                etag: 0x8DBD46AFE482320
                                                x-ms-request-id: cf69c985-401e-001c-3d59-94e017000000
                                                x-ms-version: 2009-09-19
                                                x-ms-lease-status: unlocked
                                                x-ms-blob-type: BlockBlob
                                                x-azure-ref: 20250322T070124Z-157d97d486c7zvgxhC1LONrzsg0000000mkg000000006r7q
                                                x-fd-int-roxy-purgeid: 83582889
                                                x-cache: TCP_HIT
                                                cache-control: public, max-age=432000
                                                accept-ranges: bytes
                                              • flag-us
                                                DNS
                                                static.edge.microsoftapp.net
                                                msedge.exe
                                                Remote address:
                                                8.8.8.8:53
                                                Request
                                                static.edge.microsoftapp.net
                                                IN A
                                                Response
                                                static.edge.microsoftapp.net
                                                IN CNAME
                                                edge-cloud-resource-static.azureedge.net
                                                edge-cloud-resource-static.azureedge.net
                                                IN CNAME
                                                edge-cloud-resource-static.afd.azureedge.net
                                                edge-cloud-resource-static.afd.azureedge.net
                                                IN CNAME
                                                azureedge-t-prod.trafficmanager.net
                                                azureedge-t-prod.trafficmanager.net
                                                IN CNAME
                                                shed.dual-low.s-part-0036.t-0009.t-msedge.net
                                                shed.dual-low.s-part-0036.t-0009.t-msedge.net
                                                IN CNAME
                                                s-part-0036.t-0009.t-msedge.net
                                                s-part-0036.t-0009.t-msedge.net
                                                IN A
                                                13.107.246.64
                                              • flag-us
                                                DNS
                                                static.edge.microsoftapp.net
                                                msedge.exe
                                                Remote address:
                                                8.8.8.8:53
                                                Request
                                                static.edge.microsoftapp.net
                                                IN Unknown
                                                Response
                                                static.edge.microsoftapp.net
                                                IN CNAME
                                                edge-cloud-resource-static.azureedge.net
                                                edge-cloud-resource-static.azureedge.net
                                                IN CNAME
                                                edge-cloud-resource-static.afd.azureedge.net
                                                edge-cloud-resource-static.afd.azureedge.net
                                                IN CNAME
                                                azureedge-t-prod.trafficmanager.net
                                                azureedge-t-prod.trafficmanager.net
                                                IN CNAME
                                                shed.dual-low.s-part-0036.t-0009.t-msedge.net
                                                shed.dual-low.s-part-0036.t-0009.t-msedge.net
                                                IN CNAME
                                                s-part-0036.t-0009.t-msedge.net
                                              • flag-us
                                                HEAD
                                                https://static.edge.microsoftapp.net/default/cloud_config_observers.json
                                                msedge.exe
                                                Remote address:
                                                13.107.246.64:443
                                                Request
                                                HEAD /default/cloud_config_observers.json HTTP/2.0
                                                host: static.edge.microsoftapp.net
                                                pragma: no-cache
                                                cache-control: no-cache
                                                sec-fetch-site: none
                                                sec-fetch-mode: no-cors
                                                sec-fetch-dest: empty
                                                user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36 Edg/133.0.0.0
                                                accept-encoding: gzip, deflate, br, zstd
                                                priority: u=4, i
                                                Response
                                                HTTP/2.0 200
                                                date: Sat, 22 Mar 2025 07:01:54 GMT
                                                content-type: application/json
                                                content-length: 493
                                                content-md5: GGsaCyXCYnduY1fUnwywjA==
                                                last-modified: Thu, 20 Mar 2025 10:04:25 GMT
                                                etag: 0x8DD67969883BED8
                                                x-ms-request-id: e1fe3aef-501e-006b-2f7f-99e9e2000000
                                                x-ms-version: 2009-09-19
                                                x-ms-lease-status: unlocked
                                                x-ms-blob-type: BlockBlob
                                                x-azure-ref: 20250322T070154Z-157d97d486ctt5hnhC1LONuk2w0000000an000000000bvph
                                                x-fd-int-roxy-purgeid: 83582889
                                                x-cache: TCP_HIT
                                                accept-ranges: bytes
                                              • flag-us
                                                GET
                                                https://static.edge.microsoftapp.net/default/cloud_config_observers.json
                                                msedge.exe
                                                Remote address:
                                                13.107.246.64:443
                                                Request
                                                GET /default/cloud_config_observers.json HTTP/2.0
                                                host: static.edge.microsoftapp.net
                                                sec-fetch-site: none
                                                sec-fetch-mode: no-cors
                                                sec-fetch-dest: empty
                                                user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36 Edg/133.0.0.0
                                                accept-encoding: gzip, deflate, br, zstd
                                                priority: u=4, i
                                                Response
                                                HTTP/2.0 200
                                                date: Sat, 22 Mar 2025 07:01:54 GMT
                                                content-type: application/json
                                                content-length: 493
                                                last-modified: Thu, 20 Mar 2025 10:04:25 GMT
                                                etag: 0x8DD67969883BED8
                                                x-ms-request-id: 2e9a347f-101e-0008-1385-997419000000
                                                x-ms-version: 2009-09-19
                                                x-ms-lease-status: unlocked
                                                x-ms-blob-type: BlockBlob
                                                x-azure-ref: 20250322T070154Z-157d97d486ctt5hnhC1LONuk2w0000000an000000000bvpp
                                                x-fd-int-roxy-purgeid: 83582889
                                                x-cache: TCP_HIT
                                                accept-ranges: bytes
                                              • flag-us
                                                DNS
                                                edge-mobile-static.azureedge.net
                                                msedge.exe
                                                Remote address:
                                                8.8.8.8:53
                                                Request
                                                edge-mobile-static.azureedge.net
                                                IN A
                                                Response
                                                edge-mobile-static.azureedge.net
                                                IN CNAME
                                                edge-mobile-static.afd.azureedge.net
                                                edge-mobile-static.afd.azureedge.net
                                                IN CNAME
                                                azureedge-t-prod.trafficmanager.net
                                                azureedge-t-prod.trafficmanager.net
                                                IN CNAME
                                                shed.dual-low.s-part-0036.t-0009.t-msedge.net
                                                shed.dual-low.s-part-0036.t-0009.t-msedge.net
                                                IN CNAME
                                                s-part-0036.t-0009.t-msedge.net
                                                s-part-0036.t-0009.t-msedge.net
                                                IN A
                                                13.107.246.64
                                              • flag-us
                                                DNS
                                                edge-mobile-static.azureedge.net
                                                msedge.exe
                                                Remote address:
                                                8.8.8.8:53
                                                Request
                                                edge-mobile-static.azureedge.net
                                                IN Unknown
                                                Response
                                                edge-mobile-static.azureedge.net
                                                IN CNAME
                                                edge-mobile-static.afd.azureedge.net
                                                edge-mobile-static.afd.azureedge.net
                                                IN CNAME
                                                azureedge-t-prod.trafficmanager.net
                                                azureedge-t-prod.trafficmanager.net
                                                IN CNAME
                                                shed.dual-low.s-part-0036.t-0009.t-msedge.net
                                              • flag-us
                                                DNS
                                                edge-cloud-resource-static.azureedge.net
                                                msedge.exe
                                                Remote address:
                                                8.8.8.8:53
                                                Request
                                                edge-cloud-resource-static.azureedge.net
                                                IN A
                                                Response
                                                edge-cloud-resource-static.azureedge.net
                                                IN CNAME
                                                edge-cloud-resource-static.afd.azureedge.net
                                                edge-cloud-resource-static.afd.azureedge.net
                                                IN CNAME
                                                azureedge-t-prod.trafficmanager.net
                                                azureedge-t-prod.trafficmanager.net
                                                IN CNAME
                                                shed.dual-low.s-part-0036.t-0009.t-msedge.net
                                                shed.dual-low.s-part-0036.t-0009.t-msedge.net
                                                IN CNAME
                                                s-part-0036.t-0009.t-msedge.net
                                                s-part-0036.t-0009.t-msedge.net
                                                IN A
                                                13.107.246.64
                                              • flag-us
                                                DNS
                                                edge-cloud-resource-static.azureedge.net
                                                msedge.exe
                                                Remote address:
                                                8.8.8.8:53
                                                Request
                                                edge-cloud-resource-static.azureedge.net
                                                IN Unknown
                                                Response
                                                edge-cloud-resource-static.azureedge.net
                                                IN CNAME
                                                edge-cloud-resource-static.afd.azureedge.net
                                                edge-cloud-resource-static.afd.azureedge.net
                                                IN CNAME
                                                azureedge-t-prod.trafficmanager.net
                                                azureedge-t-prod.trafficmanager.net
                                                IN CNAME
                                                shed.dual-low.s-part-0036.t-0009.t-msedge.net
                                                shed.dual-low.s-part-0036.t-0009.t-msedge.net
                                                IN CNAME
                                                s-part-0036.t-0009.t-msedge.net
                                              • flag-us
                                                GET
                                                https://edge-cloud-resource-static.azureedge.net/default/operation_config/default.json
                                                msedge.exe
                                                Remote address:
                                                13.107.246.64:443
                                                Request
                                                GET /default/operation_config/default.json HTTP/2.0
                                                host: edge-cloud-resource-static.azureedge.net
                                                sec-fetch-site: none
                                                sec-fetch-mode: no-cors
                                                sec-fetch-dest: empty
                                                user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36 Edg/133.0.0.0
                                                accept-encoding: gzip, deflate, br, zstd
                                                priority: u=4, i
                                                Response
                                                HTTP/2.0 200
                                                date: Sat, 22 Mar 2025 07:01:54 GMT
                                                content-type: application/json
                                                vary: Accept-Encoding
                                                last-modified: Thu, 20 Mar 2025 10:04:30 GMT
                                                x-ms-request-id: eb62cf0e-a01e-001d-3085-9963aa000000
                                                x-ms-version: 2009-09-19
                                                x-ms-lease-status: unlocked
                                                x-ms-blob-type: BlockBlob
                                                x-azure-ref: 20250322T070154Z-157d97d486cq99lqhC1LONfbzg0000000mx000000000egcs
                                                x-fd-int-roxy-purgeid: 83582889
                                                x-cache: TCP_HIT
                                                content-encoding: br
                                              • flag-us
                                                GET
                                                https://edge-mobile-static.azureedge.net/eccp/get?settenant=edge-config&setplatform=win&setmkt=en-US&setchannel=stable
                                                msedge.exe
                                                Remote address:
                                                13.107.246.64:443
                                                Request
                                                GET /eccp/get?settenant=edge-config&setplatform=win&setmkt=en-US&setchannel=stable HTTP/2.0
                                                host: edge-mobile-static.azureedge.net
                                                sec-fetch-site: none
                                                sec-fetch-mode: no-cors
                                                sec-fetch-dest: empty
                                                user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36 Edg/133.0.0.0
                                                accept-encoding: gzip, deflate, br, zstd
                                                priority: u=4, i
                                                Response
                                                HTTP/2.0 200
                                                date: Sat, 22 Mar 2025 07:01:54 GMT
                                                content-type: application/json
                                                vary: Accept-Encoding
                                                last-modified: Thu, 20 Mar 2025 10:42:43 GMT
                                                x-ms-request-id: 1a2d3612-b01e-006e-5fef-9917b5000000
                                                x-ms-version: 2009-09-19
                                                x-ms-lease-status: unlocked
                                                x-ms-blob-type: BlockBlob
                                                x-azure-ref: 20250322T070154Z-157d97d486c5tn77hC1LONq3uw0000000h10000000009avd
                                                x-fd-int-roxy-purgeid: 83582889
                                                x-cache: TCP_HIT
                                                content-encoding: br
                                              • flag-us
                                                DNS
                                                msedge.b.tlu.dl.delivery.mp.microsoft.com
                                                Remote address:
                                                8.8.8.8:53
                                                Request
                                                msedge.b.tlu.dl.delivery.mp.microsoft.com
                                                IN A
                                                Response
                                                msedge.b.tlu.dl.delivery.mp.microsoft.com
                                                IN CNAME
                                                star.b.tlu.dl.delivery.mp.microsoft.com.delivery.microsoft.com
                                                star.b.tlu.dl.delivery.mp.microsoft.com.delivery.microsoft.com
                                                IN CNAME
                                                cdp-f-tlu-net.trafficmanager.net
                                                cdp-f-tlu-net.trafficmanager.net
                                                IN CNAME
                                                fg.microsoft.map.fastly.net
                                                fg.microsoft.map.fastly.net
                                                IN A
                                                199.232.210.172
                                                fg.microsoft.map.fastly.net
                                                IN A
                                                199.232.214.172
                                              • flag-us
                                                HEAD
                                                http://msedge.b.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/2a0d597c-a09c-4400-be86-87596dd2e696?P1=1743011308&P2=404&P3=2&P4=hM9jDcQP%2f%2fUCZ6uGA7CXkDZvSGppghOGeWKnx%2bISDqQZb4Ic2ugwpaGHODvHFo1Y%2f6p%2fYWVcZPBD0Vxr%2b7j8TA%3d%3d
                                                Remote address:
                                                199.232.210.172:80
                                                Request
                                                HEAD /filestreamingservice/files/2a0d597c-a09c-4400-be86-87596dd2e696?P1=1743011308&P2=404&P3=2&P4=hM9jDcQP%2f%2fUCZ6uGA7CXkDZvSGppghOGeWKnx%2bISDqQZb4Ic2ugwpaGHODvHFo1Y%2f6p%2fYWVcZPBD0Vxr%2b7j8TA%3d%3d HTTP/1.1
                                                Connection: Keep-Alive
                                                Accept: */*
                                                Accept-Encoding: identity
                                                User-Agent: Microsoft BITS/7.8
                                                Host: msedge.b.tlu.dl.delivery.mp.microsoft.com
                                                Response
                                                HTTP/1.1 200 OK
                                                Connection: keep-alive
                                                Content-Length: 6252
                                                Cache-Control: public, max-age=17280000
                                                Content-Type: application/x-chrome-extension
                                                ETag: "3AWVl34DSMJKHl2C217ukEQM0Mw="
                                                Last-Modified: Mon, 11 Nov 2024 00:17:54 GMT
                                                MS-CorrelationId: a51b7417-6a19-42fa-9ac5-9728cd844a69
                                                MS-CV: Uhws1dIzmUy9z6OD.0
                                                MS-RequestId: cb9f760f-388b-496e-9f43-47f385abd2dc
                                                Accept-Ranges: bytes
                                                Date: Sat, 22 Mar 2025 07:01:59 GMT
                                                Via: 1.1 varnish
                                                Age: 4562597
                                                X-Served-By: cache-lcy-eglc8600038-LCY
                                                X-Cache: HIT
                                                X-Cache-Hits: 17852582
                                                X-Timer: S1742626919.042717,VS0,VE0
                                                X-CID: 3
                                                X-CCC: GB
                                              • flag-us
                                                GET
                                                http://msedge.b.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/2a0d597c-a09c-4400-be86-87596dd2e696?P1=1743011308&P2=404&P3=2&P4=hM9jDcQP%2f%2fUCZ6uGA7CXkDZvSGppghOGeWKnx%2bISDqQZb4Ic2ugwpaGHODvHFo1Y%2f6p%2fYWVcZPBD0Vxr%2b7j8TA%3d%3d
                                                Remote address:
                                                199.232.210.172:80
                                                Request
                                                GET /filestreamingservice/files/2a0d597c-a09c-4400-be86-87596dd2e696?P1=1743011308&P2=404&P3=2&P4=hM9jDcQP%2f%2fUCZ6uGA7CXkDZvSGppghOGeWKnx%2bISDqQZb4Ic2ugwpaGHODvHFo1Y%2f6p%2fYWVcZPBD0Vxr%2b7j8TA%3d%3d HTTP/1.1
                                                Connection: Keep-Alive
                                                Accept: */*
                                                Accept-Encoding: identity
                                                If-Unmodified-Since: Mon, 11 Nov 2024 00:17:54 GMT
                                                Range: bytes=0-1119
                                                User-Agent: Microsoft BITS/7.8
                                                Host: msedge.b.tlu.dl.delivery.mp.microsoft.com
                                                Response
                                                HTTP/1.1 206 Partial Content
                                                Connection: keep-alive
                                                Content-Length: 1120
                                                Cache-Control: public, max-age=17280000
                                                Content-Type: application/x-chrome-extension
                                                ETag: "3AWVl34DSMJKHl2C217ukEQM0Mw="
                                                Last-Modified: Mon, 11 Nov 2024 00:17:54 GMT
                                                MS-CorrelationId: a51b7417-6a19-42fa-9ac5-9728cd844a69
                                                MS-CV: Uhws1dIzmUy9z6OD.0
                                                MS-RequestId: cb9f760f-388b-496e-9f43-47f385abd2dc
                                                Accept-Ranges: bytes
                                                Date: Sat, 22 Mar 2025 07:01:59 GMT
                                                Via: 1.1 varnish
                                                Age: 4562597
                                                X-Served-By: cache-lcy-eglc8600038-LCY
                                                X-Cache: HIT
                                                X-Cache-Hits: 17852585
                                                X-Timer: S1742626919.109756,VS0,VE0
                                                X-CID: 3
                                                X-CCC: GB
                                                Content-Range: bytes 0-1119/6252
                                              • flag-us
                                                GET
                                                http://msedge.b.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/2a0d597c-a09c-4400-be86-87596dd2e696?P1=1743011308&P2=404&P3=2&P4=hM9jDcQP%2f%2fUCZ6uGA7CXkDZvSGppghOGeWKnx%2bISDqQZb4Ic2ugwpaGHODvHFo1Y%2f6p%2fYWVcZPBD0Vxr%2b7j8TA%3d%3d
                                                Remote address:
                                                199.232.210.172:80
                                                Request
                                                GET /filestreamingservice/files/2a0d597c-a09c-4400-be86-87596dd2e696?P1=1743011308&P2=404&P3=2&P4=hM9jDcQP%2f%2fUCZ6uGA7CXkDZvSGppghOGeWKnx%2bISDqQZb4Ic2ugwpaGHODvHFo1Y%2f6p%2fYWVcZPBD0Vxr%2b7j8TA%3d%3d HTTP/1.1
                                                Connection: Keep-Alive
                                                Accept: */*
                                                Accept-Encoding: identity
                                                If-Unmodified-Since: Mon, 11 Nov 2024 00:17:54 GMT
                                                Range: bytes=1120-2793
                                                User-Agent: Microsoft BITS/7.8
                                                Host: msedge.b.tlu.dl.delivery.mp.microsoft.com
                                                Response
                                                HTTP/1.1 206 Partial Content
                                                Connection: keep-alive
                                                Content-Length: 1674
                                                Cache-Control: public, max-age=17280000
                                                Content-Type: application/x-chrome-extension
                                                ETag: "3AWVl34DSMJKHl2C217ukEQM0Mw="
                                                Last-Modified: Mon, 11 Nov 2024 00:17:54 GMT
                                                MS-CorrelationId: a51b7417-6a19-42fa-9ac5-9728cd844a69
                                                MS-CV: Uhws1dIzmUy9z6OD.0
                                                MS-RequestId: cb9f760f-388b-496e-9f43-47f385abd2dc
                                                Accept-Ranges: bytes
                                                Date: Sat, 22 Mar 2025 07:02:02 GMT
                                                Via: 1.1 varnish
                                                Age: 4562600
                                                X-Served-By: cache-lcy-eglc8600038-LCY
                                                X-Cache: HIT
                                                X-Cache-Hits: 17852598
                                                X-Timer: S1742626922.233320,VS0,VE0
                                                X-CID: 3
                                                X-CCC: GB
                                                Content-Range: bytes 1120-2793/6252
                                              • flag-us
                                                GET
                                                http://msedge.b.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/2a0d597c-a09c-4400-be86-87596dd2e696?P1=1743011308&P2=404&P3=2&P4=hM9jDcQP%2f%2fUCZ6uGA7CXkDZvSGppghOGeWKnx%2bISDqQZb4Ic2ugwpaGHODvHFo1Y%2f6p%2fYWVcZPBD0Vxr%2b7j8TA%3d%3d
                                                Remote address:
                                                199.232.210.172:80
                                                Request
                                                GET /filestreamingservice/files/2a0d597c-a09c-4400-be86-87596dd2e696?P1=1743011308&P2=404&P3=2&P4=hM9jDcQP%2f%2fUCZ6uGA7CXkDZvSGppghOGeWKnx%2bISDqQZb4Ic2ugwpaGHODvHFo1Y%2f6p%2fYWVcZPBD0Vxr%2b7j8TA%3d%3d HTTP/1.1
                                                Connection: Keep-Alive
                                                Accept: */*
                                                Accept-Encoding: identity
                                                If-Unmodified-Since: Mon, 11 Nov 2024 00:17:54 GMT
                                                Range: bytes=2794-6251
                                                User-Agent: Microsoft BITS/7.8
                                                Host: msedge.b.tlu.dl.delivery.mp.microsoft.com
                                                Response
                                                HTTP/1.1 206 Partial Content
                                                Connection: keep-alive
                                                Content-Length: 3458
                                                Cache-Control: public, max-age=17280000
                                                Content-Type: application/x-chrome-extension
                                                ETag: "3AWVl34DSMJKHl2C217ukEQM0Mw="
                                                Last-Modified: Mon, 11 Nov 2024 00:17:54 GMT
                                                MS-CorrelationId: a51b7417-6a19-42fa-9ac5-9728cd844a69
                                                MS-CV: Uhws1dIzmUy9z6OD.0
                                                MS-RequestId: cb9f760f-388b-496e-9f43-47f385abd2dc
                                                Accept-Ranges: bytes
                                                Date: Sat, 22 Mar 2025 07:02:03 GMT
                                                Via: 1.1 varnish
                                                Age: 4562601
                                                X-Served-By: cache-lcy-eglc8600038-LCY
                                                X-Cache: HIT
                                                X-Cache-Hits: 17852605
                                                X-Timer: S1742626923.437414,VS0,VE0
                                                X-CID: 3
                                                X-CCC: GB
                                                Content-Range: bytes 2794-6251/6252
                                              • flag-us
                                                HEAD
                                                http://msedge.b.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/cd4e6fbf-c0e9-4dc2-9e3d-7f538bc7435a?P1=1743202846&P2=404&P3=2&P4=Wwrrd9ycY1hYAi6KRSKZa%2bRBs1K9l7GpmCRt0crXxFsfrV7SSL%2fbBaVYOCb3qFbCH2VCiAbAPdYtPBqsC3Gp3g%3d%3d
                                                Remote address:
                                                199.232.210.172:80
                                                Request
                                                HEAD /filestreamingservice/files/cd4e6fbf-c0e9-4dc2-9e3d-7f538bc7435a?P1=1743202846&P2=404&P3=2&P4=Wwrrd9ycY1hYAi6KRSKZa%2bRBs1K9l7GpmCRt0crXxFsfrV7SSL%2fbBaVYOCb3qFbCH2VCiAbAPdYtPBqsC3Gp3g%3d%3d HTTP/1.1
                                                Connection: Keep-Alive
                                                Accept: */*
                                                Accept-Encoding: identity
                                                User-Agent: Microsoft BITS/7.8
                                                Host: msedge.b.tlu.dl.delivery.mp.microsoft.com
                                                Response
                                                HTTP/1.1 200 OK
                                                Connection: keep-alive
                                                Content-Length: 7867
                                                Cache-Control: public, max-age=17280000
                                                Content-Type: application/x-chrome-extension
                                                Last-Modified: Fri, 21 Mar 2025 22:19:58 GMT
                                                ETag: "9iK7xPzAv8q985Zbm4Con5JxafU="
                                                MS-CorrelationId: 4164b8f0-e804-4235-ab4d-7a3e79220109
                                                MS-RequestId: 50f1d66c-fc5d-4668-b591-40eca375990c
                                                MS-CV: uZQngVX3/U2gB55V.0
                                                Accept-Ranges: bytes
                                                Date: Sat, 22 Mar 2025 07:02:19 GMT
                                                Via: 1.1 varnish
                                                Age: 30638
                                                X-Served-By: cache-lcy-eglc8600038-LCY
                                                X-Cache: HIT
                                                X-Cache-Hits: 204347
                                                X-Timer: S1742626939.318749,VS0,VE0
                                                X-CID: 3
                                                X-CCC: GB
                                              • flag-us
                                                GET
                                                http://msedge.b.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/cd4e6fbf-c0e9-4dc2-9e3d-7f538bc7435a?P1=1743202846&P2=404&P3=2&P4=Wwrrd9ycY1hYAi6KRSKZa%2bRBs1K9l7GpmCRt0crXxFsfrV7SSL%2fbBaVYOCb3qFbCH2VCiAbAPdYtPBqsC3Gp3g%3d%3d
                                                Remote address:
                                                199.232.210.172:80
                                                Request
                                                GET /filestreamingservice/files/cd4e6fbf-c0e9-4dc2-9e3d-7f538bc7435a?P1=1743202846&P2=404&P3=2&P4=Wwrrd9ycY1hYAi6KRSKZa%2bRBs1K9l7GpmCRt0crXxFsfrV7SSL%2fbBaVYOCb3qFbCH2VCiAbAPdYtPBqsC3Gp3g%3d%3d HTTP/1.1
                                                Connection: Keep-Alive
                                                Accept: */*
                                                Accept-Encoding: identity
                                                If-Unmodified-Since: Fri, 21 Mar 2025 22:19:58 GMT
                                                User-Agent: Microsoft BITS/7.8
                                                Host: msedge.b.tlu.dl.delivery.mp.microsoft.com
                                                Response
                                                HTTP/1.1 200 OK
                                                Connection: keep-alive
                                                Content-Length: 7867
                                                Cache-Control: public, max-age=17280000
                                                Content-Type: application/x-chrome-extension
                                                Last-Modified: Fri, 21 Mar 2025 22:19:58 GMT
                                                ETag: "9iK7xPzAv8q985Zbm4Con5JxafU="
                                                MS-CorrelationId: 4164b8f0-e804-4235-ab4d-7a3e79220109
                                                MS-RequestId: 50f1d66c-fc5d-4668-b591-40eca375990c
                                                MS-CV: uZQngVX3/U2gB55V.0
                                                Accept-Ranges: bytes
                                                Date: Sat, 22 Mar 2025 07:02:19 GMT
                                                Via: 1.1 varnish
                                                Age: 30638
                                                X-Served-By: cache-lcy-eglc8600038-LCY
                                                X-Cache: HIT
                                                X-Cache-Hits: 204350
                                                X-Timer: S1742626939.438749,VS0,VE0
                                                X-CID: 3
                                                X-CCC: GB
                                              • flag-us
                                                DNS
                                                edge.microsoft.com
                                                msedge.exe
                                                Remote address:
                                                8.8.8.8:53
                                                Request
                                                edge.microsoft.com
                                                IN A
                                                Response
                                                edge.microsoft.com
                                                IN CNAME
                                                edge-domain.trafficmanager.net
                                                edge-domain.trafficmanager.net
                                                IN CNAME
                                                edge-microsoft-com.ax-0002.ax-msedge.net
                                                edge-microsoft-com.ax-0002.ax-msedge.net
                                                IN CNAME
                                                ax-0002.ax-msedge.net
                                                ax-0002.ax-msedge.net
                                                IN A
                                                150.171.27.11
                                                ax-0002.ax-msedge.net
                                                IN A
                                                150.171.28.11
                                              • flag-us
                                                DNS
                                                edge.microsoft.com
                                                msedge.exe
                                                Remote address:
                                                8.8.8.8:53
                                                Request
                                                edge.microsoft.com
                                                IN Unknown
                                                Response
                                                edge.microsoft.com
                                                IN CNAME
                                                edge-domain.trafficmanager.net
                                                edge-domain.trafficmanager.net
                                                IN CNAME
                                                edge-microsoft-com.ax-0002.ax-msedge.net
                                                edge-microsoft-com.ax-0002.ax-msedge.net
                                                IN CNAME
                                                ax-0002.ax-msedge.net
                                              • flag-us
                                                DNS
                                                msedge.b.tlu.dl.delivery.mp.microsoft.com
                                                Remote address:
                                                8.8.8.8:53
                                                Request
                                                msedge.b.tlu.dl.delivery.mp.microsoft.com
                                                IN A
                                                Response
                                                msedge.b.tlu.dl.delivery.mp.microsoft.com
                                                IN CNAME
                                                star.b.tlu.dl.delivery.mp.microsoft.com.delivery.microsoft.com
                                                star.b.tlu.dl.delivery.mp.microsoft.com.delivery.microsoft.com
                                                IN CNAME
                                                cdp-f-tlu-net.trafficmanager.net
                                                cdp-f-tlu-net.trafficmanager.net
                                                IN CNAME
                                                fg.microsoft.map.fastly.net
                                                fg.microsoft.map.fastly.net
                                                IN A
                                                199.232.214.172
                                                fg.microsoft.map.fastly.net
                                                IN A
                                                199.232.210.172
                                              • 150.171.27.10:443
                                                https://g.bing.com/neg/0?action=emptycreativeimpression&adUnitId=11730597&publisherId=251978541&rid=14807ccca04d4a68b42c21ec8bb4289e&localId=w:BDEEEA66-9FF9-032D-B4CB-199BE88F3227&deviceId=6896216899373042&anid=
                                                tls, http2
                                                2.0kB
                                                9.4kB
                                                22
                                                19

                                                HTTP Request

                                                GET https://g.bing.com/neg/0?action=emptycreativeimpression&adUnitId=11730597&publisherId=251978541&rid=14807ccca04d4a68b42c21ec8bb4289e&localId=w:BDEEEA66-9FF9-032D-B4CB-199BE88F3227&deviceId=6896216899373042&anid=

                                                HTTP Response

                                                204

                                                HTTP Request

                                                GET https://g.bing.com/neg/0?action=emptycreative&adUnitId=11730597&publisherId=251978541&rid=14807ccca04d4a68b42c21ec8bb4289e&localId=w:BDEEEA66-9FF9-032D-B4CB-199BE88F3227&deviceId=6896216899373042&anid=

                                                HTTP Response

                                                204

                                                HTTP Request

                                                GET https://g.bing.com/neg/0?action=emptycreativeimpression&adUnitId=11730597&publisherId=251978541&rid=14807ccca04d4a68b42c21ec8bb4289e&localId=w:BDEEEA66-9FF9-032D-B4CB-199BE88F3227&deviceId=6896216899373042&anid=

                                                HTTP Response

                                                204
                                              • 15.197.225.128:80
                                                http://conspec.us/wp-content/plugins/nextgen-galleryOLD/products/photocrati_nextgen/modules/i18n/wstr.php
                                                http
                                                xdpxegnijily.exe
                                                2.2kB
                                                452 B
                                                7
                                                4

                                                HTTP Request

                                                POST http://conspec.us/wp-content/plugins/nextgen-galleryOLD/products/photocrati_nextgen/modules/i18n/wstr.php

                                                HTTP Response

                                                405

                                                HTTP Request

                                                POST http://conspec.us/wp-content/plugins/nextgen-galleryOLD/products/photocrati_nextgen/modules/i18n/wstr.php

                                                HTTP Response

                                                405
                                              • 103.224.182.215:80
                                                http://tmfilms.net/wp-content/plugins/binary.php
                                                http
                                                xdpxegnijily.exe
                                                1.2kB
                                                532 B
                                                6
                                                4

                                                HTTP Request

                                                POST http://tmfilms.net/wp-content/plugins/binary.php

                                                HTTP Response

                                                302
                                              • 199.59.243.228:80
                                                http://ww25.tmfilms.net/wp-content/plugins/binary.php?subid1=20250322-1800-0119-881b-9170b7a8b1ae
                                                http
                                                xdpxegnijily.exe
                                                655 B
                                                2.1kB
                                                8
                                                4

                                                HTTP Request

                                                GET http://ww25.tmfilms.net/wp-content/plugins/binary.php?subid1=20250322-1800-0119-881b-9170b7a8b1ae

                                                HTTP Response

                                                200
                                              • 150.171.28.10:443
                                                tse1.mm.bing.net
                                                tls, http2
                                                1.2kB
                                                6.9kB
                                                15
                                                13
                                              • 150.171.28.10:443
                                                https://tse1.mm.bing.net/th?id=OADD2.10239340418536_1RXQC5FWNJZBHVB3M&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90
                                                tls, http2
                                                115.7kB
                                                3.3MB
                                                2398
                                                2388

                                                HTTP Request

                                                GET https://tse1.mm.bing.net/th?id=OADD2.10239356742545_1KNYU9T4JPR3SHFV1&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90

                                                HTTP Request

                                                GET https://tse1.mm.bing.net/th?id=OADD2.10239340418535_1J3FI1BHYFKNLDX7C&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90

                                                HTTP Request

                                                GET https://tse1.mm.bing.net/th?id=OADD2.10239360607351_1LWNG3EPOKCB0ST8C&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90

                                                HTTP Request

                                                GET https://tse1.mm.bing.net/th?id=OADD2.10239360607350_1DIIHMLKOJP4KM45O&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90

                                                HTTP Request

                                                GET https://tse1.mm.bing.net/th?id=OADD2.10239356744296_15VBZP2MRT6FYDL3E&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90

                                                HTTP Response

                                                200

                                                HTTP Response

                                                200

                                                HTTP Response

                                                200

                                                HTTP Response

                                                200

                                                HTTP Response

                                                200

                                                HTTP Request

                                                GET https://tse1.mm.bing.net/th?id=OADD2.10239340418536_1RXQC5FWNJZBHVB3M&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90

                                                HTTP Response

                                                200
                                              • 150.171.28.10:443
                                                tse1.mm.bing.net
                                                tls, http2
                                                1.2kB
                                                6.9kB
                                                15
                                                13
                                              • 150.171.28.10:443
                                                tse1.mm.bing.net
                                                tls, http2
                                                1.2kB
                                                6.9kB
                                                15
                                                13
                                              • 150.171.28.10:443
                                                tse1.mm.bing.net
                                                tls, http2
                                                1.2kB
                                                6.9kB
                                                15
                                                13
                                              • 103.224.182.215:80
                                                http://tmfilms.net/wp-content/plugins/binary.php
                                                http
                                                xdpxegnijily.exe
                                                1.2kB
                                                436 B
                                                6
                                                4

                                                HTTP Request

                                                POST http://tmfilms.net/wp-content/plugins/binary.php

                                                HTTP Response

                                                302
                                              • 199.59.243.228:80
                                                http://ww25.tmfilms.net/wp-content/plugins/binary.php?subid1=20250322-1800-54a4-93b8-db3432342c53
                                                http
                                                xdpxegnijily.exe
                                                761 B
                                                2.8kB
                                                9
                                                6

                                                HTTP Request

                                                GET http://ww25.tmfilms.net/wp-content/plugins/binary.php?subid1=20250322-1800-54a4-93b8-db3432342c53

                                                HTTP Response

                                                200
                                              • 204.79.197.239:80
                                                http://edge.microsoft.com/browsernetworktime/time/1/current?cup2key=2:T1x3UV-cdqA6yLwWwCTA7jH4iwoET_ljW8UyV2_sONs&cup2hreq=e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
                                                http
                                                msedge.exe
                                                1.6kB
                                                1.1kB
                                                6
                                                5

                                                HTTP Request

                                                GET http://edge.microsoft.com/browsernetworktime/time/1/current?cup2key=2:T1x3UV-cdqA6yLwWwCTA7jH4iwoET_ljW8UyV2_sONs&cup2hreq=e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

                                                HTTP Response

                                                200
                                              • 150.171.28.11:443
                                                https://edge.microsoft.com/serviceexperimentation/v3/?osname=win&channel=stable&osver=10.0.19041&devicefamily=desktop&installdate=1741877482&clientversion=133.0.3065.69&experimentationmode=2&scpguard=0&scpfull=0&scpver=0
                                                tls, http2
                                                msedge.exe
                                                4.0kB
                                                10.2kB
                                                18
                                                21

                                                HTTP Request

                                                GET https://edge.microsoft.com/extensionwebstorebase/v1/crx?os=win&arch=x64&os_arch=x86_64&nacl_arch=x86-64&prod=edgecrx&prodchannel=&prodversion=133.0.3065.69&lang=en-US&acceptformat=crx3,puff&x=id%3Djmjflgjpcpepeafmmgdpfkogkghcpiha%26v%3D0.0.0.0%26installsource%3Dreinstall%26installedby%3Dother%26uc%26ping%3Dr%253D9%2526e%253D0%2526dr%253D1024

                                                HTTP Request

                                                GET https://edge.microsoft.com/serviceexperimentation/v3/?osname=win&channel=stable&osver=10.0.19041&devicefamily=desktop&installdate=1741877482&clientversion=133.0.3065.69&experimentationmode=2&scpguard=0&scpfull=0&scpver=0

                                                HTTP Response

                                                200

                                                HTTP Response

                                                200
                                              • 150.171.28.11:443
                                                edge.microsoft.com
                                                tls, http2
                                                msedge.exe
                                                2.4kB
                                                6.9kB
                                                10
                                                12
                                              • 142.250.180.3:443
                                                https://update.googleapis.com/service/update2/json?cup2key=14:3YnLXPVbScCzXDM0_ZWiGe24YKYrm793wkK62mVxtBs&cup2hreq=8be234a4bd81973c166516bc74996bb614d293f68921492e7345a59da91d3ca0
                                                tls, http2
                                                msedge.exe
                                                4.4kB
                                                8.5kB
                                                16
                                                18

                                                HTTP Request

                                                POST https://update.googleapis.com/service/update2/json?cup2key=14:3YnLXPVbScCzXDM0_ZWiGe24YKYrm793wkK62mVxtBs&cup2hreq=8be234a4bd81973c166516bc74996bb614d293f68921492e7345a59da91d3ca0
                                              • 94.245.104.56:443
                                                https://api.edgeoffer.microsoft.com/edgeoffer/pb/experiments?appId=edge-extensions&country=US
                                                tls, http
                                                msedge.exe
                                                3.5kB
                                                7.4kB
                                                12
                                                13

                                                HTTP Request

                                                GET https://api.edgeoffer.microsoft.com/edgeoffer/pb/experiments?appId=edge-extensions&country=US

                                                HTTP Response

                                                200
                                              • 104.86.110.106:443
                                                https://copilot.microsoft.com/c/api/user/eligibility
                                                tls, http2
                                                msedge.exe
                                                2.9kB
                                                5.5kB
                                                15
                                                17

                                                HTTP Request

                                                GET https://copilot.microsoft.com/c/api/user/eligibility

                                                HTTP Response

                                                200
                                              • 2.18.190.174:443
                                                https://msedgeextensions.sf.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/bdc392b9-6b81-4aaa-b3ee-2fffd9562edb?P1=1743231655&P2=404&P3=2&P4=fUlQ%2bValn%2bOH3zUvmvUFZlkoDz9NUHN4UeOepIUV%2bUrEjypSk7QqvBqczUr9QfSCdF2TI%2bwMftamHa3i6kwOtw%3d%3d
                                                tls, http2
                                                msedge.exe
                                                3.3kB
                                                20.2kB
                                                21
                                                28

                                                HTTP Request

                                                GET https://msedgeextensions.sf.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/bdc392b9-6b81-4aaa-b3ee-2fffd9562edb?P1=1743231655&P2=404&P3=2&P4=fUlQ%2bValn%2bOH3zUvmvUFZlkoDz9NUHN4UeOepIUV%2bUrEjypSk7QqvBqczUr9QfSCdF2TI%2bwMftamHa3i6kwOtw%3d%3d

                                                HTTP Response

                                                200
                                              • 2.18.66.48:443
                                                www.bing.com
                                                tls
                                                msedge.exe
                                                2.2kB
                                                4.4kB
                                                10
                                                7
                                              • 150.171.28.11:443
                                                edge.microsoft.com
                                                msedge.exe
                                                98 B
                                                52 B
                                                2
                                                1
                                              • 150.171.28.11:443
                                                https://edge.microsoft.com/entityextractiontemplates/api/v1/assets/find-assets?name=edge_hub_apps_manifest_gz&version=4.11.*&channel=stable&key=d414dd4f9db345fa8003e32adc81b362
                                                tls, http2
                                                msedge.exe
                                                4.1kB
                                                8.8kB
                                                19
                                                23

                                                HTTP Request

                                                GET https://edge.microsoft.com/entityextractiontemplates/api/v1/assets/find-assets?name=domains_config_gz&version=3.*.*&channel=stable&key=d414dd4f9db345fa8003e32adc81b362

                                                HTTP Request

                                                GET https://edge.microsoft.com/entityextractiontemplates/api/v1/assets/find-assets?name=arbitration_priority_list&version=24.*.*&channel=stable&key=d414dd4f9db345fa8003e32adc81b362

                                                HTTP Request

                                                GET https://edge.microsoft.com/entityextractiontemplates/api/v1/assets/find-assets?name=edge_hub_apps_manifest_gz&version=4.11.*&channel=stable&key=d414dd4f9db345fa8003e32adc81b362

                                                HTTP Response

                                                200

                                                HTTP Response

                                                200

                                                HTTP Response

                                                200
                                              • 2.18.66.48:443
                                                https://www.bing.com/api/shopping/v1/user/shoppingsettings?EnabledServiceFeaturesv2=edgeServerUX.shopping.aablockth,edgeServerUX.shopping.block99,edgeServerUX.shopping.disableCashbackOnCouponCopy,edgeServerUX.shopping.enableColdStartCohort,edgeServerUX.shopping.highttaablocksrth,edgeServerUX.shopping.highttaablockth,edgeServerUX.shopping.migrateClippingToOmnibox,edgeServerUX.shopping.msEdgeShoppingCashbackDismissTimeout2s,edgeServerUX.shopping.nrtLogging,edgeServerUX.shopping.snDataFromOS,edgeServerUX.shopping.useExpSNData
                                                tls, http2
                                                msedge.exe
                                                3.4kB
                                                6.6kB
                                                16
                                                16

                                                HTTP Request

                                                GET https://www.bing.com/api/shopping/v1/user/shoppingsettings?EnabledServiceFeaturesv2=edgeServerUX.shopping.aablockth,edgeServerUX.shopping.block99,edgeServerUX.shopping.disableCashbackOnCouponCopy,edgeServerUX.shopping.enableColdStartCohort,edgeServerUX.shopping.highttaablocksrth,edgeServerUX.shopping.highttaablockth,edgeServerUX.shopping.migrateClippingToOmnibox,edgeServerUX.shopping.msEdgeShoppingCashbackDismissTimeout2s,edgeServerUX.shopping.nrtLogging,edgeServerUX.shopping.snDataFromOS,edgeServerUX.shopping.useExpSNData

                                                HTTP Response

                                                200
                                              • 204.79.197.239:443
                                                https://edge.microsoft.com/abusiveadblocking/api/v1/blocklist
                                                tls, http2
                                                msedge.exe
                                                3.1kB
                                                7.4kB
                                                13
                                                17

                                                HTTP Request

                                                GET https://edge.microsoft.com/abusiveadblocking/api/v1/blocklist

                                                HTTP Response

                                                304
                                              • 13.107.246.65:443
                                                https://edgeassetservice.azureedge.net/assets/arbitration_priority_list/24.0.4/asset?assetgroup=ArbitrationService
                                                tls, http2
                                                msedge.exe
                                                4.4kB
                                                30.0kB
                                                33
                                                35

                                                HTTP Request

                                                GET https://edgeassetservice.azureedge.net/assets/arbitration_priority_list/24.0.4/asset?assetgroup=ArbitrationService

                                                HTTP Response

                                                200
                                              • 204.79.197.239:443
                                                https://edge.microsoft.com/componentupdater/api/v1/update
                                                tls, http2
                                                msedge.exe
                                                20.6kB
                                                15.0kB
                                                40
                                                49

                                                HTTP Request

                                                GET https://edge.microsoft.com/extensionwebstorebase/v1/logextensionreliability?success=true&cv=3DyH8Gn0cbqn8eidLr+5j2&errorString=&crxId=jmjflgjpcpepeafmmgdpfkogkghcpiha&os=win&arch=x64&os_arch=x86_64&nacl_arch=x86-64&prod=edgecrx&prodchannel=&prodversion=133.0.3065.69&lang=en-US&acceptformat=crx3,puff

                                                HTTP Response

                                                200

                                                HTTP Request

                                                POST https://edge.microsoft.com/componentupdater/api/v1/update?cup2key=7:EhOjQpzbcvpe2-3H1yU_hbzHGmYY1K-nTpTEaiz4o-I&cup2hreq=f1a79c963c0de4c1e087ed16717a0279dcadc165faf4389c6a89e21651749aa9

                                                HTTP Response

                                                200

                                                HTTP Request

                                                POST https://edge.microsoft.com/componentupdater/api/v1/update

                                                HTTP Response

                                                200

                                                HTTP Request

                                                POST https://edge.microsoft.com/componentupdater/api/v1/update

                                                HTTP Response

                                                200
                                              • 142.250.180.3:80
                                                http://c.pki.goog/r/r1.crl
                                                http
                                                476 B
                                                395 B
                                                6
                                                4

                                                HTTP Request

                                                GET http://c.pki.goog/r/r1.crl

                                                HTTP Response

                                                304
                                              • 13.107.246.64:443
                                                https://edge-consumer-static.azureedge.net/mouse-gesture/config.json
                                                tls, http2
                                                msedge.exe
                                                3.6kB
                                                9.0kB
                                                15
                                                16

                                                HTTP Request

                                                GET https://edge-consumer-static.azureedge.net/mouse-gesture/config.json

                                                HTTP Response

                                                200
                                              • 13.107.246.64:443
                                                https://static.edge.microsoftapp.net/default/cloud_config_observers.json
                                                tls, http2
                                                msedge.exe
                                                3.7kB
                                                9.7kB
                                                16
                                                18

                                                HTTP Request

                                                HEAD https://static.edge.microsoftapp.net/default/cloud_config_observers.json

                                                HTTP Response

                                                200

                                                HTTP Request

                                                GET https://static.edge.microsoftapp.net/default/cloud_config_observers.json

                                                HTTP Response

                                                200
                                              • 13.107.246.64:443
                                                https://edge-cloud-resource-static.azureedge.net/default/operation_config/default.json
                                                tls, http2
                                                msedge.exe
                                                3.4kB
                                                9.6kB
                                                14
                                                16

                                                HTTP Request

                                                GET https://edge-cloud-resource-static.azureedge.net/default/operation_config/default.json

                                                HTTP Response

                                                200
                                              • 13.107.246.64:443
                                                https://edge-mobile-static.azureedge.net/eccp/get?settenant=edge-config&setplatform=win&setmkt=en-US&setchannel=stable
                                                tls, http2
                                                msedge.exe
                                                3.6kB
                                                12.8kB
                                                16
                                                20

                                                HTTP Request

                                                GET https://edge-mobile-static.azureedge.net/eccp/get?settenant=edge-config&setplatform=win&setmkt=en-US&setchannel=stable

                                                HTTP Response

                                                200
                                              • 199.232.210.172:80
                                                http://msedge.b.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/cd4e6fbf-c0e9-4dc2-9e3d-7f538bc7435a?P1=1743202846&P2=404&P3=2&P4=Wwrrd9ycY1hYAi6KRSKZa%2bRBs1K9l7GpmCRt0crXxFsfrV7SSL%2fbBaVYOCb3qFbCH2VCiAbAPdYtPBqsC3Gp3g%3d%3d
                                                http
                                                3.2kB
                                                18.8kB
                                                17
                                                24

                                                HTTP Request

                                                HEAD http://msedge.b.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/2a0d597c-a09c-4400-be86-87596dd2e696?P1=1743011308&P2=404&P3=2&P4=hM9jDcQP%2f%2fUCZ6uGA7CXkDZvSGppghOGeWKnx%2bISDqQZb4Ic2ugwpaGHODvHFo1Y%2f6p%2fYWVcZPBD0Vxr%2b7j8TA%3d%3d

                                                HTTP Response

                                                200

                                                HTTP Request

                                                GET http://msedge.b.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/2a0d597c-a09c-4400-be86-87596dd2e696?P1=1743011308&P2=404&P3=2&P4=hM9jDcQP%2f%2fUCZ6uGA7CXkDZvSGppghOGeWKnx%2bISDqQZb4Ic2ugwpaGHODvHFo1Y%2f6p%2fYWVcZPBD0Vxr%2b7j8TA%3d%3d

                                                HTTP Response

                                                206

                                                HTTP Request

                                                GET http://msedge.b.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/2a0d597c-a09c-4400-be86-87596dd2e696?P1=1743011308&P2=404&P3=2&P4=hM9jDcQP%2f%2fUCZ6uGA7CXkDZvSGppghOGeWKnx%2bISDqQZb4Ic2ugwpaGHODvHFo1Y%2f6p%2fYWVcZPBD0Vxr%2b7j8TA%3d%3d

                                                HTTP Response

                                                206

                                                HTTP Request

                                                GET http://msedge.b.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/2a0d597c-a09c-4400-be86-87596dd2e696?P1=1743011308&P2=404&P3=2&P4=hM9jDcQP%2f%2fUCZ6uGA7CXkDZvSGppghOGeWKnx%2bISDqQZb4Ic2ugwpaGHODvHFo1Y%2f6p%2fYWVcZPBD0Vxr%2b7j8TA%3d%3d

                                                HTTP Response

                                                206

                                                HTTP Request

                                                HEAD http://msedge.b.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/cd4e6fbf-c0e9-4dc2-9e3d-7f538bc7435a?P1=1743202846&P2=404&P3=2&P4=Wwrrd9ycY1hYAi6KRSKZa%2bRBs1K9l7GpmCRt0crXxFsfrV7SSL%2fbBaVYOCb3qFbCH2VCiAbAPdYtPBqsC3Gp3g%3d%3d

                                                HTTP Response

                                                200

                                                HTTP Request

                                                GET http://msedge.b.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/cd4e6fbf-c0e9-4dc2-9e3d-7f538bc7435a?P1=1743202846&P2=404&P3=2&P4=Wwrrd9ycY1hYAi6KRSKZa%2bRBs1K9l7GpmCRt0crXxFsfrV7SSL%2fbBaVYOCb3qFbCH2VCiAbAPdYtPBqsC3Gp3g%3d%3d

                                                HTTP Response

                                                200
                                              • 8.8.8.8:53
                                                g.bing.com
                                                dns
                                                56 B
                                                148 B
                                                1
                                                1

                                                DNS Request

                                                g.bing.com

                                                DNS Response

                                                150.171.27.10
                                                150.171.28.10

                                              • 8.8.8.8:53
                                                conspec.us
                                                dns
                                                xdpxegnijily.exe
                                                56 B
                                                88 B
                                                1
                                                1

                                                DNS Request

                                                conspec.us

                                                DNS Response

                                                15.197.225.128
                                                3.33.251.168

                                              • 8.8.8.8:53
                                                tmfilms.net
                                                dns
                                                xdpxegnijily.exe
                                                57 B
                                                73 B
                                                1
                                                1

                                                DNS Request

                                                tmfilms.net

                                                DNS Response

                                                103.224.182.215

                                              • 8.8.8.8:53
                                                ww25.tmfilms.net
                                                dns
                                                xdpxegnijily.exe
                                                62 B
                                                107 B
                                                1
                                                1

                                                DNS Request

                                                ww25.tmfilms.net

                                                DNS Response

                                                199.59.243.228

                                              • 8.8.8.8:53
                                                iqinternal.com
                                                dns
                                                xdpxegnijily.exe
                                                60 B
                                                133 B
                                                1
                                                1

                                                DNS Request

                                                iqinternal.com

                                              • 8.8.8.8:53
                                                goktugyeli.com
                                                dns
                                                xdpxegnijily.exe
                                                60 B
                                                133 B
                                                1
                                                1

                                                DNS Request

                                                goktugyeli.com

                                              • 8.8.8.8:53
                                                saludaonline.com
                                                dns
                                                xdpxegnijily.exe
                                                62 B
                                                135 B
                                                1
                                                1

                                                DNS Request

                                                saludaonline.com

                                              • 8.8.8.8:53
                                                newculturemediablog.com
                                                dns
                                                xdpxegnijily.exe
                                                69 B
                                                142 B
                                                1
                                                1

                                                DNS Request

                                                newculturemediablog.com

                                              • 8.8.8.8:53
                                                tse1.mm.bing.net
                                                dns
                                                62 B
                                                170 B
                                                1
                                                1

                                                DNS Request

                                                tse1.mm.bing.net

                                                DNS Response

                                                150.171.28.10
                                                150.171.27.10

                                              • 8.8.8.8:53
                                                edge.microsoft.com
                                                dns
                                                msedge.exe
                                                64 B
                                                208 B
                                                1
                                                1

                                                DNS Request

                                                edge.microsoft.com

                                                DNS Response

                                                204.79.197.239
                                                13.107.21.239

                                              • 8.8.8.8:53
                                                edge.microsoft.com
                                                dns
                                                msedge.exe
                                                64 B
                                                209 B
                                                1
                                                1

                                                DNS Request

                                                edge.microsoft.com

                                              • 8.8.8.8:53
                                                iqinternal.com
                                                dns
                                                xdpxegnijily.exe
                                                60 B
                                                133 B
                                                1
                                                1

                                                DNS Request

                                                iqinternal.com

                                              • 8.8.8.8:53
                                                edge.microsoft.com
                                                dns
                                                msedge.exe
                                                64 B
                                                205 B
                                                1
                                                1

                                                DNS Request

                                                edge.microsoft.com

                                                DNS Response

                                                150.171.28.11
                                                150.171.27.11

                                              • 8.8.8.8:53
                                                edge.microsoft.com
                                                dns
                                                msedge.exe
                                                64 B
                                                206 B
                                                1
                                                1

                                                DNS Request

                                                edge.microsoft.com

                                              • 8.8.8.8:53
                                                update.googleapis.com
                                                dns
                                                msedge.exe
                                                67 B
                                                83 B
                                                1
                                                1

                                                DNS Request

                                                update.googleapis.com

                                                DNS Response

                                                142.250.180.3

                                              • 8.8.8.8:53
                                                update.googleapis.com
                                                dns
                                                msedge.exe
                                                67 B
                                                124 B
                                                1
                                                1

                                                DNS Request

                                                update.googleapis.com

                                              • 8.8.8.8:53
                                                goktugyeli.com
                                                dns
                                                xdpxegnijily.exe
                                                60 B
                                                133 B
                                                1
                                                1

                                                DNS Request

                                                goktugyeli.com

                                              • 8.8.8.8:53
                                                copilot.microsoft.com
                                                dns
                                                msedge.exe
                                                67 B
                                                238 B
                                                1
                                                1

                                                DNS Request

                                                copilot.microsoft.com

                                                DNS Response

                                                104.86.110.106
                                                2.18.66.57

                                              • 8.8.8.8:53
                                                copilot.microsoft.com
                                                dns
                                                msedge.exe
                                                67 B
                                                267 B
                                                1
                                                1

                                                DNS Request

                                                copilot.microsoft.com

                                              • 8.8.8.8:53
                                                api.edgeoffer.microsoft.com
                                                dns
                                                msedge.exe
                                                73 B
                                                226 B
                                                1
                                                1

                                                DNS Request

                                                api.edgeoffer.microsoft.com

                                                DNS Response

                                                94.245.104.56

                                              • 8.8.8.8:53
                                                api.edgeoffer.microsoft.com
                                                dns
                                                msedge.exe
                                                73 B
                                                271 B
                                                1
                                                1

                                                DNS Request

                                                api.edgeoffer.microsoft.com

                                              • 8.8.8.8:53
                                                saludaonline.com
                                                dns
                                                xdpxegnijily.exe
                                                62 B
                                                135 B
                                                1
                                                1

                                                DNS Request

                                                saludaonline.com

                                              • 8.8.8.8:53
                                                newculturemediablog.com
                                                dns
                                                xdpxegnijily.exe
                                                69 B
                                                142 B
                                                1
                                                1

                                                DNS Request

                                                newculturemediablog.com

                                              • 8.8.8.8:53
                                                msedgeextensions.sf.tlu.dl.delivery.mp.microsoft.com
                                                dns
                                                msedge.exe
                                                98 B
                                                341 B
                                                1
                                                1

                                                DNS Request

                                                msedgeextensions.sf.tlu.dl.delivery.mp.microsoft.com

                                                DNS Response

                                                2.18.190.174
                                                2.18.190.170

                                              • 8.8.8.8:53
                                                msedgeextensions.sf.tlu.dl.delivery.mp.microsoft.com
                                                dns
                                                msedge.exe
                                                98 B
                                                370 B
                                                1
                                                1

                                                DNS Request

                                                msedgeextensions.sf.tlu.dl.delivery.mp.microsoft.com

                                              • 8.8.8.8:53
                                                edge.microsoft.com
                                                dns
                                                msedge.exe
                                                64 B
                                                208 B
                                                1
                                                1

                                                DNS Request

                                                edge.microsoft.com

                                                DNS Response

                                                204.79.197.239
                                                13.107.21.239

                                              • 8.8.8.8:53
                                                edge.microsoft.com
                                                dns
                                                msedge.exe
                                                64 B
                                                206 B
                                                1
                                                1

                                                DNS Request

                                                edge.microsoft.com

                                              • 224.0.0.251:5353
                                                msedge.exe
                                                204 B
                                                3
                                              • 8.8.8.8:53
                                                edgeassetservice.azureedge.net
                                                dns
                                                msedge.exe
                                                76 B
                                                243 B
                                                1
                                                1

                                                DNS Request

                                                edgeassetservice.azureedge.net

                                                DNS Response

                                                13.107.246.65

                                              • 8.8.8.8:53
                                                edgeassetservice.azureedge.net
                                                dns
                                                msedge.exe
                                                76 B
                                                287 B
                                                1
                                                1

                                                DNS Request

                                                edgeassetservice.azureedge.net

                                              • 2.18.66.48:443
                                                www.bing.com
                                                https
                                                msedge.exe
                                                3.1kB
                                                6.8kB
                                                10
                                                14
                                              • 8.8.8.8:53
                                                c.pki.goog
                                                dns
                                                56 B
                                                107 B
                                                1
                                                1

                                                DNS Request

                                                c.pki.goog

                                                DNS Response

                                                142.250.180.3

                                              • 8.8.8.8:53
                                                edge-consumer-static.azureedge.net
                                                dns
                                                msedge.exe
                                                80 B
                                                251 B
                                                1
                                                1

                                                DNS Request

                                                edge-consumer-static.azureedge.net

                                                DNS Response

                                                13.107.246.64

                                              • 8.8.8.8:53
                                                edge-consumer-static.azureedge.net
                                                dns
                                                msedge.exe
                                                80 B
                                                295 B
                                                1
                                                1

                                                DNS Request

                                                edge-consumer-static.azureedge.net

                                              • 8.8.8.8:53
                                                static.edge.microsoftapp.net
                                                dns
                                                msedge.exe
                                                74 B
                                                302 B
                                                1
                                                1

                                                DNS Request

                                                static.edge.microsoftapp.net

                                                DNS Response

                                                13.107.246.64

                                              • 8.8.8.8:53
                                                static.edge.microsoftapp.net
                                                dns
                                                msedge.exe
                                                74 B
                                                346 B
                                                1
                                                1

                                                DNS Request

                                                static.edge.microsoftapp.net

                                              • 8.8.8.8:53
                                                edge-mobile-static.azureedge.net
                                                dns
                                                msedge.exe
                                                78 B
                                                247 B
                                                1
                                                1

                                                DNS Request

                                                edge-mobile-static.azureedge.net

                                                DNS Response

                                                13.107.246.64

                                              • 8.8.8.8:53
                                                edge-mobile-static.azureedge.net
                                                dns
                                                msedge.exe
                                                78 B
                                                277 B
                                                1
                                                1

                                                DNS Request

                                                edge-mobile-static.azureedge.net

                                              • 8.8.8.8:53
                                                edge-cloud-resource-static.azureedge.net
                                                dns
                                                msedge.exe
                                                86 B
                                                263 B
                                                1
                                                1

                                                DNS Request

                                                edge-cloud-resource-static.azureedge.net

                                                DNS Response

                                                13.107.246.64

                                              • 8.8.8.8:53
                                                edge-cloud-resource-static.azureedge.net
                                                dns
                                                msedge.exe
                                                86 B
                                                307 B
                                                1
                                                1

                                                DNS Request

                                                edge-cloud-resource-static.azureedge.net

                                              • 8.8.8.8:53
                                                msedge.b.tlu.dl.delivery.mp.microsoft.com
                                                dns
                                                87 B
                                                266 B
                                                1
                                                1

                                                DNS Request

                                                msedge.b.tlu.dl.delivery.mp.microsoft.com

                                                DNS Response

                                                199.232.210.172
                                                199.232.214.172

                                              • 2.18.66.65:443
                                                www.bing.com
                                                https
                                                msedge.exe
                                                3.0kB
                                                3.6kB
                                                7
                                                10
                                              • 8.8.8.8:53
                                                edge.microsoft.com
                                                dns
                                                msedge.exe
                                                64 B
                                                205 B
                                                1
                                                1

                                                DNS Request

                                                edge.microsoft.com

                                                DNS Response

                                                150.171.27.11
                                                150.171.28.11

                                              • 8.8.8.8:53
                                                edge.microsoft.com
                                                dns
                                                msedge.exe
                                                64 B
                                                220 B
                                                1
                                                1

                                                DNS Request

                                                edge.microsoft.com

                                              • 8.8.8.8:53
                                                msedge.b.tlu.dl.delivery.mp.microsoft.com
                                                dns
                                                87 B
                                                266 B
                                                1
                                                1

                                                DNS Request

                                                msedge.b.tlu.dl.delivery.mp.microsoft.com

                                                DNS Response

                                                199.232.214.172
                                                199.232.210.172

                                              MITRE ATT&CK Enterprise v15

                                              Replay Monitor

                                              Loading Replay Monitor...

                                              Downloads

                                              • C:\Program Files\Java\jre-1.8\THIRDPARTYLICENSEREADME-JAVAFX.txt

                                                Filesize

                                                560B

                                                MD5

                                                ba04f6a58daf12657c546a47f995b7a6

                                                SHA1

                                                ef9a1e050e848202214d71795d8c9f2d8dd48384

                                                SHA256

                                                f21ce90e98bcf437c94775800bc5bb97b95305fe93a3b5f3b560813820fe17f8

                                                SHA512

                                                2d68178b7e2dc9f9bb05722e3ca7913a9c8684099e8852a43d627a500a80f2a5fff0cf2d417a49976da9e15982f3f85476c9ccb493c90caf29a6a873f344d702

                                              • C:\Program Files\Java\jre-1.8\THIRDPARTYLICENSEREADME.txt

                                                Filesize

                                                560B

                                                MD5

                                                fd36078e3f6acbc17d8709484d0e6f71

                                                SHA1

                                                e257a85478071e9c133f5bd93d5da4c30675d4d8

                                                SHA256

                                                1a632930df005ea62b36a26996bfa3334c1b38ce45edea0f5521bbc590e98f47

                                                SHA512

                                                46065f265ae01646a8ba2c81a54830a635e43f678d2f12ade23473df0ffb5c98c3f9bebb2f5e014fa57b0d5bab0af8ad4a165bec498c60d945716f42df0724ba

                                              • C:\Program Files\Microsoft Office\root\Office16\1033\ClientSub2019_eula.txt

                                                Filesize

                                                416B

                                                MD5

                                                ceff33dab7961322d2574fe8c7916409

                                                SHA1

                                                a97c18f55e8e9292d46c85cdcca44d9ebec1f03d

                                                SHA256

                                                6915460220bd0f1d63a9736cf2f878705347eb0647088ad2a6b12eb8d3557f67

                                                SHA512

                                                010304b9bc8313d49af77ddd9e3b784c4b0fa39b4df06ebd3f69357c01431fcdb41664b038617ec73e67cb07126f12c42bfdf85fa50d100964fa69b9c8e5a312

                                              • C:\Program Files\chrome_Unpacker_BeginUnzipping5044_1981931487\LICENSE

                                                Filesize

                                                1KB

                                                MD5

                                                ee002cb9e51bb8dfa89640a406a1090a

                                                SHA1

                                                49ee3ad535947d8821ffdeb67ffc9bc37d1ebbb2

                                                SHA256

                                                3dbd2c90050b652d63656481c3e5871c52261575292db77d4ea63419f187a55b

                                                SHA512

                                                d1fdcc436b8ca8c68d4dc7077f84f803a535bf2ce31d9eb5d0c466b62d6567b2c59974995060403ed757e92245db07e70c6bddbf1c3519fed300cc5b9bf9177c

                                              • C:\Program Files\chrome_Unpacker_BeginUnzipping5044_1981931487\manifest.json

                                                Filesize

                                                79B

                                                MD5

                                                7f4b594a35d631af0e37fea02df71e72

                                                SHA1

                                                f7bc71621ea0c176ca1ab0a3c9fe52dbca116f57

                                                SHA256

                                                530882d7f535ae57a4906ca735b119c9e36480cbb780c7e8ad37c9c8fdf3d9b1

                                                SHA512

                                                bf3f92f5023f0fbad88526d919252a98db6d167e9ca3e15b94f7d71ded38a2cfb0409f57ef24708284ddd965bda2d3207cd99c008b1c9c8c93705fd66ac86360

                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

                                                Filesize

                                                280B

                                                MD5

                                                7b0736a36bad51260e5db322736df2e9

                                                SHA1

                                                30af14ed09d3f769230d67f51e0adb955833673e

                                                SHA256

                                                0d2adfd06d505b9020c292d30597083d808bfd90ddc0fe173def5db96832a087

                                                SHA512

                                                caabdc6a8601b93f3c082e6506b3c9efe2242b90e92e86306dc0bd4857d33343ba395325fabb21f5db562d3e3932f52f77de547f379072d0154efd5f1b1cdeb3

                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\DualEngine\SiteList-Enterprise.json

                                                Filesize

                                                2B

                                                MD5

                                                99914b932bd37a50b983c5e7c90ae93b

                                                SHA1

                                                bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

                                                SHA256

                                                44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

                                                SHA512

                                                27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha\1.2.1_0\content.js.mp3

                                                Filesize

                                                9KB

                                                MD5

                                                941274668b5d8385c4e20adfe22a9a29

                                                SHA1

                                                49d9dd755c61fe520169b8b0b2d75e3ecdba4ce0

                                                SHA256

                                                c0a57b3ec8656b0ed0f9afecf3b36156b3aa34143146e49e553590553cb94215

                                                SHA512

                                                03b35633c5d0b4259431b0fe3462c06c91449d7074b0c2f85741e3e118ea4a680a678362fd97204825a443e4406a05de416719705ae740e0fd49ffdc8f72909d

                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha\1.2.1_0\content_new.js.mp3

                                                Filesize

                                                10KB

                                                MD5

                                                4105b435c3261de2995e14468f484dda

                                                SHA1

                                                488fb2f68fa0d92e87de62ca5490139675d58b90

                                                SHA256

                                                c5077412c26001813aa435c0752b17189104fd5da6a3a39a47fa07acba4816e8

                                                SHA512

                                                dc736f5ad1349a50fcadf7fecf56d13ef76ed2802770ec4350bb9f3ed077139efda01a607fb11f82f987e2b8c34d50d05c274a744eb1fd559083d103d578b5af

                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha\1.2.1_1\content.js

                                                Filesize

                                                9KB

                                                MD5

                                                3d20584f7f6c8eac79e17cca4207fb79

                                                SHA1

                                                3c16dcc27ae52431c8cdd92fbaab0341524d3092

                                                SHA256

                                                0d40a5153cb66b5bde64906ca3ae750494098f68ad0b4d091256939eea243643

                                                SHA512

                                                315d1b4cc2e70c72d7eb7d51e0f304f6e64ac13ae301fd2e46d585243a6c936b2ad35a0964745d291ae9b317c316a29760b9b9782c88cc6a68599db531f87d59

                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\HubApps

                                                Filesize

                                                107KB

                                                MD5

                                                40e2018187b61af5be8caf035fb72882

                                                SHA1

                                                72a0b7bcb454b6b727bf90da35879b3e9a70621e

                                                SHA256

                                                b3efd9d75856016510dd0bdb5e22359925cee7f2056b3cde6411c55ae8ae8ee5

                                                SHA512

                                                a21b8f3f7d646909d6aed605ad5823269f52fda1255aa9bb4d4643e165a7b11935572bf9e0a6a324874f99c20a6f3b6d1e457c7ccd30adcac83c15febc063d12

                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\Network Persistent State

                                                Filesize

                                                2KB

                                                MD5

                                                248c9d8c1746b07573d48e77a12c93b2

                                                SHA1

                                                67adc1cf2feba00743d6250e2ec048f4184aee8e

                                                SHA256

                                                ee98f4debe0f122745c5de1fcf0cf08284ba870e63b916f6096773f8adb23ce7

                                                SHA512

                                                bee4e225c91ee47aa8bd7ab0474ad6766921a005bfb69d87fd9f2920c06782fb262e2b545ad3cf2de0f44c5f787f8efed291d965242001e8fc076dda0fa31e11

                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\SCT Auditing Pending Reports

                                                Filesize

                                                2B

                                                MD5

                                                d751713988987e9331980363e24189ce

                                                SHA1

                                                97d170e1550eee4afc0af065b78cda302a97674c

                                                SHA256

                                                4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

                                                SHA512

                                                b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\Sdch Dictionaries

                                                Filesize

                                                40B

                                                MD5

                                                20d4b8fa017a12a108c87f540836e250

                                                SHA1

                                                1ac617fac131262b6d3ce1f52f5907e31d5f6f00

                                                SHA256

                                                6028bd681dbf11a0a58dde8a0cd884115c04caa59d080ba51bde1b086ce0079d

                                                SHA512

                                                507b2b8a8a168ff8f2bdafa5d9d341c44501a5f17d9f63f3d43bd586bc9e8ae33221887869fa86f845b7d067cb7d2a7009efd71dda36e03a40a74fee04b86856

                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

                                                Filesize

                                                17KB

                                                MD5

                                                8b8cb48fbc8db08fae31b3be319f19b9

                                                SHA1

                                                6ab6f40b7b043ebf427f17f7b875b0d9ffb8e42f

                                                SHA256

                                                66fb60bb8b46da24854b1601fcc1170988edc9de79615a16ed7f548e8c4d2e7e

                                                SHA512

                                                ad4823b80c3858e879e25eb596df44115a82f45ede0707dd2e82911d01ff9ba25037d1818acff36ec1098ab7a4a6a531861dd2e0e5ccdefea9ab29bbe59d6d19

                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences

                                                Filesize

                                                36KB

                                                MD5

                                                963e35629fdebf78e33f4f8956a362ad

                                                SHA1

                                                f8b7f3df1229e1955c3d605135bc91ed1565740e

                                                SHA256

                                                186bf6443ad12e01974517be17dbaca401c74630d955953716507b24eb3b2713

                                                SHA512

                                                16409149eff1bbeb0c511f0c731154aca956602d76b3eb5d4e54f7e995332c35324b8b8d1cf81f4c203773b9979a7947cd81855dbebead7ad98a93db08a87d8b

                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\Logs\sync_diagnostic.log

                                                Filesize

                                                22KB

                                                MD5

                                                3693a1e89f0b4ac50b153a898aab7b1e

                                                SHA1

                                                f616919fcf215f4f1d0779476a41b7a52cf9dd52

                                                SHA256

                                                7ca2d287f20ca94fedae1007d9869a2f7639b90c9720359709e2d2bc9e137c41

                                                SHA512

                                                95fb60b6eed8c015b80b8a9572642faad54814275190cd2fd3b5ad7b376aa8abba5362d50b4de80a8bd3cb26cdb81b61d7f5e689207522f94bd20dbffc260808

                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Edge Cloud Config\CloudConfigLog

                                                Filesize

                                                465B

                                                MD5

                                                b8791c732f17171a1612538615bbeb69

                                                SHA1

                                                e68cb7e737b5098024d6649629cd8679c87cb5fe

                                                SHA256

                                                760aaa9bcc92622179af0e90b32d1d939042a3ef83cc7251c47d54328b652c8c

                                                SHA512

                                                50e99b0195b004d35cb3e64209ba4affbde2dfaf7ec358ffe170dcbc345207561fbea0042276a9720ace6874d18ee029c92e99378347313c7a3df4c2d5e676ac

                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Edge Cloud Config\CloudConfigLog

                                                Filesize

                                                22KB

                                                MD5

                                                a69b1a499a194b3fc246697bfefbd407

                                                SHA1

                                                ff04142d328401c59af16639d30f3240a1bd9dfa

                                                SHA256

                                                2acca1899c0421bfa89a1a2565c41d1dfe669bdc080ec567c548eb4329a07d48

                                                SHA512

                                                d3c9b55414194efdf75a8b60796b2076431d1b645a23fa3f315b82c308dfa6eb50b52470e0fbf5438838217ef4514afbd6a83f33428276e83aeabed5a0e67cab

                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Edge Cloud Config\CloudConfigLog

                                                Filesize

                                                896B

                                                MD5

                                                3150567f9a516def1ce9302ae31e824e

                                                SHA1

                                                b41b34441db45b8799b3136725ad6f24d41e6b95

                                                SHA256

                                                c54dad7a7831e3f7c2d65909a1592f3c8e875c10efde3387fc0b9a79f9894636

                                                SHA512

                                                a1adc28768428b77ab1799f611c89a73c94cf080cfb208680396fcadf70ada3af349fe29070d147968f10bfa5456588eef96e9fc4703a545729e190335a4fef9

                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Edge Cloud Config\OperationConfig

                                                Filesize

                                                19KB

                                                MD5

                                                41c1930548d8b99ff1dbb64ba7fecb3d

                                                SHA1

                                                d8acfeaf7c74e2b289be37687f886f50c01d4f2f

                                                SHA256

                                                16cee17a989167242dd7ee2755721e357dd23bcfcb61f5789cc19deafe7ca502

                                                SHA512

                                                a684d61324c71ac15f3a907788ab2150f61e7e2b2bf13ca08c14e9822b22336d0d45d9ff2a2a145aa7321d28d6b71408f9515131f8a1bd9f4927b105e6471b75

                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Edge Notifications\0.0.0.46\arbitration_metadata.txt.mp3

                                                Filesize

                                                344KB

                                                MD5

                                                d6c5bf7914ee4cfbe9270e9051c43695

                                                SHA1

                                                a8f2fc0cdaa900c3cd5c5f92412e150eb17723f4

                                                SHA256

                                                eab557af653aaf78819dc9a7a3028de0403ef8d3619c4541b6fca16dab9011ea

                                                SHA512

                                                bed8e85828a6c8d1134792634a4aa5e561380561638fa1d4d528eae2181bb37cbc777cbf0a0e9e82465edad8542e79f745b18dba510f3d2959b1ba56b924f083

                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

                                                Filesize

                                                49KB

                                                MD5

                                                19491c926beb5441d78c93d9c9d8f6b3

                                                SHA1

                                                e6e4128d1585f9dc34c1f710da1cfb61481fbcc1

                                                SHA256

                                                0ca2566a2487a382ee912a80e994652b5948a98db2010bbc0ae3572f46f93fbe

                                                SHA512

                                                d39592c68099e5fe45b6ed2b2a381bab7a283eb54f4f55e9bfdc0f6b509c241d0ab688ef2a3b7cf980df58d20712390d825ec8e072599b0186c801cf99b9442e

                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

                                                Filesize

                                                49KB

                                                MD5

                                                49b84c0a2ed655cca522532e325e1714

                                                SHA1

                                                09c6aa949f541c4a618b8a8df90f7b791355cbd8

                                                SHA256

                                                21d04f5138fad28b6032db278bc1f839f2889707a3d7e86a9d1c81575f0dab1a

                                                SHA512

                                                0357b65f8e63c1df0c8acfbae38ef7f9d2315166bcbe09c411bc00b06a481f75624aa352bc7e4463a0b62ca85af0ff99fe662a3b75c08ce23d1955573fad88a2

                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

                                                Filesize

                                                40KB

                                                MD5

                                                0bc9fa9f72bdcbaf4a1bbf5bfc2db8f6

                                                SHA1

                                                3b2fd54288f26b596cac2d6fdadd917761645bad

                                                SHA256

                                                675ab2b19db5871cc35d0680b872f14274a9cccbf95db4fb705bc39ba8045e17

                                                SHA512

                                                918622a5b564561ec38177cdbd045091aed623d98a58fd3d5c4f001b6c3ec32f2becdbe6e0916d3055f682d97d6f46a6ac43e3554c72f453a0d8b7b75b7288ed

                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\TrustTokenKeyCommitments\2025.1.17.1\keys.json

                                                Filesize

                                                6KB

                                                MD5

                                                bef4f9f856321c6dccb47a61f605e823

                                                SHA1

                                                8e60af5b17ed70db0505d7e1647a8bc9f7612939

                                                SHA256

                                                fd1847df25032c4eef34e045ba0333f9bd3cb38c14344f1c01b48f61f0cfd5c5

                                                SHA512

                                                bdec3e243a6f39bfea4130c85b162ea00a4974c6057cd06a05348ac54517201bbf595fcc7c22a4ab2c16212c6009f58df7445c40c82722ab4fa1c8d49d39755c

                                              • C:\Users\Admin\AppData\Local\Microsoft\TokenBroker\Cache\5a2a7058cf8d1e56c20e6b19a7c48eb2386d141b.tbres

                                                Filesize

                                                2KB

                                                MD5

                                                cf78fe01d11783c695f401ed28eb7470

                                                SHA1

                                                c6ce269b8a059e33e4741564e1f0dc04f1aaab8b

                                                SHA256

                                                3eb155e588f530abefb46a9c9fc3f7ae793fdfdcd24b55a3909864cbc767c709

                                                SHA512

                                                d1022f616109524235943c19f65a119bf17061fa0e417c76abddd9779416c316da038d1b00b9ef73174f4e116bf6d1202d901ace9339eaa8a6a427ee57672e56

                                              • C:\Users\Admin\AppData\Local\Packages\Microsoft.Windows.Search_cw5n1h2txyewy\LocalState\DeviceSearchCache\AppCache133863512399351925.txt

                                                Filesize

                                                77KB

                                                MD5

                                                2834027f9e20e3bd2880fffcb6646970

                                                SHA1

                                                845ef84dc355140fdff8e88493ce5a22baf5ae0e

                                                SHA256

                                                550ec350daf5b2f4287e73267dfb9009058569d3995f968d3963ce4c9d2eb606

                                                SHA512

                                                82dbdcbb5d3f5c75f897460e30c24165f7c91a7bceaf13715a6e8fe4e87e5dcc1b3e4e98767d6ffa4e27357b5224694c81dadf9c9bf1c0568d5187736a132b6f

                                              • C:\Users\Admin\AppData\Local\Packages\Microsoft.Windows.Search_cw5n1h2txyewy\LocalState\DeviceSearchCache\AppCache133863553978119774.txt

                                                Filesize

                                                87KB

                                                MD5

                                                0192cf8af64ef836cace24a0cbb8bdd0

                                                SHA1

                                                0e87064c3a46fc4c969bea60a38bd4a9d3bd99ca

                                                SHA256

                                                3355a37b31fe46dc4a3563b3e5877b1d78ac975e2f861cf1d20e73b91d5edfc2

                                                SHA512

                                                75bae6747b9fdb9f59708e31c7038008b95324e157d2b0ff581220108921409b4f33eddaa9f9c4a383a443608ee4e617d3be1db00c26f6347dd6f608fcd42e3e

                                              • C:\Users\Admin\AppData\Local\Temp\scoped_dir5044_1555314158\98869cde-cfcd-4d94-b4f2-9428f6c9d355.tmp

                                                Filesize

                                                10KB

                                                MD5

                                                78e47dda17341bed7be45dccfd89ac87

                                                SHA1

                                                1afde30e46997452d11e4a2adbbf35cce7a1404f

                                                SHA256

                                                67d161098be68cd24febc0c7b48f515f199dda72f20ae3bbb97fcf2542bb0550

                                                SHA512

                                                9574a66d3756540479dc955c4057144283e09cae11ce11ebce801053bb48e536e67dc823b91895a9e3ee8d3cb27c065d5e9030c39a26cbf3f201348385b418a5

                                              • C:\Windows\xdpxegnijily.exe

                                                Filesize

                                                251KB

                                                MD5

                                                8fa787e817cf01cfdb0b287de2ee39c9

                                                SHA1

                                                37f6f0b73983d7d61a5393ded3ffd3eec5f6f0b8

                                                SHA256

                                                4dbd942433b4510cec4998e8447aef56c776753d6b23c3690e19fc6d573fc8af

                                                SHA512

                                                5d6f734eb82254b303f81776dc161d4409597c986298ed0e95f0fe4752a16a0fb07d95823adeb6943fa7d11a801cbef53b1cf19168a3ce8af3cea86f12a3468e

                                              • C:\ebea8a0c5b7ebb8dc5b60da7\_ReCoVeRy_+jndgx.html

                                                Filesize

                                                11KB

                                                MD5

                                                4bfc3cc669548e0a87e56921083ccab6

                                                SHA1

                                                1dd8e0a37256ea43de944554e19f41734fe1e342

                                                SHA256

                                                baddb9a7445f64f9f1ca7588d811d70c69295a73228e5341b66ee3410c57f3d8

                                                SHA512

                                                d87ddf88033efeaf6d36b38c88196fc656a4ea733ffeb566329a8f2432f7e187689fa4dda20a7cc18a00adec6f0991bf9a597f9edc28cfb11e4d8406bec9446d

                                              • C:\ebea8a0c5b7ebb8dc5b60da7\_ReCoVeRy_+jndgx.png

                                                Filesize

                                                64KB

                                                MD5

                                                2a82aad25229334e5e38a210759f49e6

                                                SHA1

                                                1cb83c4d24dc1ddb1585cfc3939d02f3d5f4616e

                                                SHA256

                                                3cf57a82c9c27927b5b789515c0a27b8c06dc3a5ccb62c1e49ab9b3cbdb51343

                                                SHA512

                                                a23d9bc71c9116c24ce3e172bf2e583d4428210a062e74474fb2be94c8a9c1a68ce30864406f2bed772e4b362875197d97b8524e8b129738ee292f2b987d7a58

                                              • C:\ebea8a0c5b7ebb8dc5b60da7\_ReCoVeRy_+jndgx.txt

                                                Filesize

                                                1KB

                                                MD5

                                                a5eb95e83a23dfaf1b759a7e4580ebf4

                                                SHA1

                                                ea1824c3516ad31c3becae379aaa07037a03b4b9

                                                SHA256

                                                6c2fc3ac718aaa53603111968322535139165624e4cf73f6fa513f2cc000f7a2

                                                SHA512

                                                cf71af3412c7e651854a6b68acacc8e033101f9c6837ebd1ba4b67f4fa81d0c6376b8c2211fa06563d5a6e33b5e1c069057d4c17631f11e6b8c1fd5b9fb075f4

                                              We care about your privacy.

                                              This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.