Exes_eac184e4116963435e584167c6e9b10d_exe_json.json

1.  
2. [*] MalFamily: "Malicious"
3.  
4. [*] MalScore: 10.0
5.  
6. [*] File Name: "Exes_eac184e4116963435e584167c6e9b10d.exe"
7. [*] File Size: 387584
8. [*] File Type: "PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows"
9. [*] SHA256: "aebc04b627d7b0000c1caddecca58620a716fc66c41cd27b664f7de49ef5ceb2"
10. [*] MD5: "eac184e4116963435e584167c6e9b10d"
11. [*] SHA1: "69dcb40dd477dde3124a13a0563d47322367ae58"
12. [*] SHA512: "9e0875a7a2d0e7b71a72a391bd6deaad4cb4640c725418489be7fe812854bbcbbfac5c398b3244109342b81a0e7c1b8fa1870ce5114c8a2d6242d8fdd0f9208c"
13. [*] CRC32: "424496B3"
14. [*] SSDEEP: "6144:B2jxPUm4zduxOR2gcgvFkq6oMkjcNoFA5uzJTSGxhEh8uiXj:8tUm4kxc2hwkkcNQrJ+GuiT"
15.  
16. [*] Process Execution: [
17. "Exes_eac184e4116963435e584167c6e9b10d.exe"
18. ]
19.  
20. [*] Signatures Detected: [
21. {
22. "Description": "Performs some HTTP requests",
23. "Details": [
24. {
25. "url": "http://ocsp.digicert.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBTfqhLjKLEJQZPin0KCzkdAQpVYowQUsT7DaQP4v0cB1JgmGggC72NkK8MCEAPxtOFfOoLxFJZ4s9fYR1w%3D"
26. },
27. {
28. "url": "http://ocsp.digicert.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBSPwl%2BrBFlJbvzLXU1bGW08VysJ2wQUj%2Bh%2B8G0yagAFI8dwl2o6kP9r6tQCEA%2BdzSc7B3UzA8k03selSwo%3D"
29. },
30. {
31. "url": "http://ocsp.digicert.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBSPwl%2BrBFlJbvzLXU1bGW08VysJ2wQUj%2Bh%2B8G0yagAFI8dwl2o6kP9r6tQCEAaJg2QslT5G973OQUPxM8E%3D"
32. },
33. {
34. "url": "http://ocsp.pki.goog/GTSGIAG3/MFEwTzBNMEswSTAJBgUrDgMCGgUABBT27bBjYjKBmjX2jXWgnQJKEapsrQQUd8K4UJpndnaxLcKG0IOgfqZ%2BuksCEDoV9Mh%2FtNM5k9Pus79K5eQ%3D"
35. },
36. {
37. "url": "http://ocsp.digicert.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBTBL0V27RVZ7LBduom%2FnYB45SPUEwQU5Z1ZMIJHWMys%2BghUNoZ7OrUETfACEAi4elAbvpzaLRZNPjlRv1U%3D"
38. },
39. {
40. "url": "http://ocsp.comodoca.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBReAhtobFzTvhaRmVeJ38QUchY9AwQUu69%2BAj36pvE8hI6t7jiY7NkyMtQCEDaCXn%2B1pIGTfvbRc2u5PKY%3D"
41. },
42. {
43. "url": "http://ocsp.pki.goog/GTSGIAG3/MFEwTzBNMEswSTAJBgUrDgMCGgUABBT27bBjYjKBmjX2jXWgnQJKEapsrQQUd8K4UJpndnaxLcKG0IOgfqZ%2BuksCEEpXWRnDaZSEY67E8B6coDU%3D"
44. },
45. {
46. "url": "http://ocsp.digicert.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBSnR4FoxLLkI7vkvsUIFlZt%2BlGH3gQUWsS5eyoKo6XqcQPAYPkt9mV1DlgCEAwVvkoVuwkDyQGx1sJlMC8%3D"
47. },
48. {
49. "url": "http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab"
50. },
51. {
52. "url": "http://ocsp.digicert.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBTBL0V27RVZ7LBduom%2FnYB45SPUEwQU5Z1ZMIJHWMys%2BghUNoZ7OrUETfACEA8sEMlbBsCTf7jUSfg%2BhWk%3D"
53. },
54. {
55. "url": "http://ocsp.digicert.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBT3xL4LQLXDRDM9P665TW442vrsUQQUReuir%2FSSy4IxLVGLp6chnfNtyA8CEAQJGBtf1btmdVNDtW%2BVUAg%3D"
56. },
57. {
58. "url": "http://ocsp.digicert.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBTBL0V27RVZ7LBduom%2FnYB45SPUEwQU5Z1ZMIJHWMys%2BghUNoZ7OrUETfACEAiIzVJfGSRETRSlgpHeuVI%3D"
59. },
60. {
61. "url": "http://ocsp.pki.goog/GTSGIAG3/MFEwTzBNMEswSTAJBgUrDgMCGgUABBT27bBjYjKBmjX2jXWgnQJKEapsrQQUd8K4UJpndnaxLcKG0IOgfqZ%2BuksCEH4PjD8bD0NfJXpoX0ln6s4%3D"
62. },
63. {
64. "url": "http://ocsp.pki.goog/GTSGIAG3/MFEwTzBNMEswSTAJBgUrDgMCGgUABBT27bBjYjKBmjX2jXWgnQJKEapsrQQUd8K4UJpndnaxLcKG0IOgfqZ%2BuksCEHQnb7Tt0tUhlRVnnq4nPN8%3D"
65. },
66. {
67. "url": "http://ocsp.digicert.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBSnR4FoxLLkI7vkvsUIFlZt%2BlGH3gQUWsS5eyoKo6XqcQPAYPkt9mV1DlgCEAM%2B1e2gZdG4yR38%2BSpsm9g%3D"
68. },
69. {
70. "url": "http://ocsp.pki.goog/GTSGIAG3/MFEwTzBNMEswSTAJBgUrDgMCGgUABBT27bBjYjKBmjX2jXWgnQJKEapsrQQUd8K4UJpndnaxLcKG0IOgfqZ%2BuksCEHAHFVlJElKyLEMbtWWDIbo%3D"
71. },
72. {
73. "url": "http://ocsp.msocsp.com/MFQwUjBQME4wTDAJBgUrDgMCGgUABBRPC1vZt9qvn7bzY3Iidtbhla4mKQQUWIif1tycSCK3FD7%2FhIjo5oX%2F%2Bn0CE3sAAGyvV14%2FmEPDgh0AAAAAbK8%3D"
74. },
75. {
76. "url": "http://ocsp.thawte.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBQwF4prw9S7mCbCEHD%2Fyl6nWPkczAQUe1tFz6%2FOy3r9MZIaarbzRutXSFACEEeXTXhzpbyrDS%2BzcBkvzl4%3D"
77. },
78. {
79. "url": "http://ocsp.usertrust.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBR8sWZUnKvbRO5iJhat9GV793rVlAQUrb2YejS0Jvf6xCZU7wO94CTLVBoCECdm7lbrSfOOq9dwovyE3iI%3D"
80. },
81. {
82. "url": "http://th.symcd.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRsif7263KedmR2MLuYKv9%2BWQCtWAQU1A1lP3q9NMb%2BR%2BdMDcC98t4Vq3ECEBT4%2FdFn%2BSQCsVcLXcSVyBU%3D"
83. },
84. {
85. "url": "http://ocsp.digicert.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBSAUQYBMq2awn1Rh6Doh%2FsBYgFV7gQUA95QNVbRTLtm8KPiGxvDl7I90VUCEAH9o%2BtuynXIiEOLckvPvJE%3D"
86. },
87. {
88. "url": "http://ocsp.digicert.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBSAUQYBMq2awn1Rh6Doh%2FsBYgFV7gQUA95QNVbRTLtm8KPiGxvDl7I90VUCEAVG%2Fhgj9%2BGUHaOfzhTEYXM%3D"
89. },
90. {
91. "url": "http://ocsp.pki.goog/gsr2/ME4wTDBKMEgwRjAJBgUrDgMCGgUABBTgXIsxbvr2lBkPpoIEVRE6gHlCnAQUm%2BIHV2ccHsBqBt5ZtJot39wZhi4CDQHjqTAc%2FHIGOD%2BaUx0%3D"
92. },
93. {
94. "url": "http://redirector.gvt1.com/edgedl/release2/chrome/ANcTHgjx95-y_74.0.3729.169/74.0.3729.169_73.0.3683.86_chrome_updater.exe"
95. },
96. {
97. "url": "http://r5---sn-a5meknl7.gvt1.com/edgedl/release2/chrome/ANcTHgjx95-y_74.0.3729.169/74.0.3729.169_73.0.3683.86_chrome_updater.exe?cms_redirect=yes&mip=172.83.40.106&mm=28&mn=sn-a5meknl7&ms=nvh&mt=1560808362&mv=m&pl=24&shardbypass=yes"
98. }
99. ]
100. },
101. {
102. "Description": "The binary likely contains encrypted or compressed data.",
103. "Details": [
104. {
105. "section": "name: .rsrc, entropy: 7.71, characteristics: IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ, raw_size: 0x00039a00, virtual_size: 0x00039858"
106. }
107. ]
108. },
109. {
110. "Description": "Anomalous .NET characteristics",
111. "Details": [
112. {
113. "anomalous_version": "Assembly version is set to 0"
114. }
115. ]
116. },
117. {
118. "Description": "File has been identified by 19 Antiviruses on VirusTotal as malicious",
119. "Details": [
120. {
121. "FireEye": "Generic.mg.eac184e411696343"
122. },
123. {
124. "McAfee": "Artemis!EAC184E41169"
125. },
126. {
127. "Cylance": "Unsafe"
128. },
129. {
130. "Cybereason": "malicious.dd477d"
131. },
132. {
133. "Symantec": "ML.Attribute.HighConfidence"
134. },
135. {
136. "APEX": "Malicious"
137. },
138. {
139. "Kaspersky": "HEUR:Trojan.MSIL.Crypt.gen"
140. },
141. {
142. "Endgame": "malicious (high confidence)"
143. },
144. {
145. "Invincea": "heuristic"
146. },
147. {
148. "McAfee-GW-Edition": "BehavesLike.Win32.Generic.fh"
149. },
150. {
151. "SentinelOne": "DFI - Malicious PE"
152. },
153. {
154. "Microsoft": "Trojan:Win32/Fuery.C!cl"
155. },
156. {
157. "ZoneAlarm": "HEUR:Trojan.MSIL.Crypt.gen"
158. },
159. {
160. "ESET-NOD32": "a variant of MSIL/Kryptik.RUC"
161. },
162. {
163. "Acronis": "suspicious"
164. },
165. {
166. "TrendMicro-HouseCall": "BKDR_HPXORSIL.SM"
167. },
168. {
169. "Fortinet": "MSIL/GenKryptik.DGKT!tr"
170. },
171. {
172. "CrowdStrike": "win/malicious_confidence_100% (D)"
173. },
174. {
175. "Qihoo-360": "HEUR/QVM03.0.DA41.Malware.Gen"
176. }
177. ]
178. },
179. {
180. "Description": "Anomalous binary characteristics",
181. "Details": [
182. {
183. "anomaly": "Actual checksum does not match that reported in PE header"
184. }
185. ]
186. }
187. ]
188.  
189. [*] Started Service: []
190.  
191. [*] Executed Commands: []
192.  
193. [*] Mutexes: []
194.  
195. [*] Modified Files: []
196.  
197. [*] Deleted Files: []
198.  
199. [*] Modified Registry Keys: []
200.  
201. [*] Deleted Registry Keys: []
202.  
203. [*] DNS Communications: []
204.  
205. [*] Domains: []
206.  
207. [*] Network Communication - ICMP: []
208.  
209. [*] Network Communication - HTTP: [
210. {
211. "count": 1,
212. "body": "",
213. "uri": "http://ocsp.digicert.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBTfqhLjKLEJQZPin0KCzkdAQpVYowQUsT7DaQP4v0cB1JgmGggC72NkK8MCEAPxtOFfOoLxFJZ4s9fYR1w%3D",
214. "user-agent": "Microsoft-CryptoAPI/6.1",
215. "method": "GET",
216. "host": "ocsp.digicert.com",
217. "version": "1.1",
218. "path": "/MFEwTzBNMEswSTAJBgUrDgMCGgUABBTfqhLjKLEJQZPin0KCzkdAQpVYowQUsT7DaQP4v0cB1JgmGggC72NkK8MCEAPxtOFfOoLxFJZ4s9fYR1w%3D",
219. "data": "GET /MFEwTzBNMEswSTAJBgUrDgMCGgUABBTfqhLjKLEJQZPin0KCzkdAQpVYowQUsT7DaQP4v0cB1JgmGggC72NkK8MCEAPxtOFfOoLxFJZ4s9fYR1w%3D HTTP/1.1\r\nCache-Control: max-age = 128165\r\nConnection: Keep-Alive\r\nAccept: */*\r\nIf-Modified-Since: Sat, 23 Mar 2019 11:02:13 GMT\r\nIf-None-Match: \"5c961235-1d7\"\r\nUser-Agent: Microsoft-CryptoAPI/6.1\r\nHost: ocsp.digicert.com\r\n\r\n",
220. "port": 80
221. },
222. {
223. "count": 1,
224. "body": "",
225. "uri": "http://ocsp.digicert.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBSPwl%2BrBFlJbvzLXU1bGW08VysJ2wQUj%2Bh%2B8G0yagAFI8dwl2o6kP9r6tQCEA%2BdzSc7B3UzA8k03selSwo%3D",
226. "user-agent": "Microsoft-CryptoAPI/6.1",
227. "method": "GET",
228. "host": "ocsp.digicert.com",
229. "version": "1.1",
230. "path": "/MFEwTzBNMEswSTAJBgUrDgMCGgUABBSPwl%2BrBFlJbvzLXU1bGW08VysJ2wQUj%2Bh%2B8G0yagAFI8dwl2o6kP9r6tQCEA%2BdzSc7B3UzA8k03selSwo%3D",
231. "data": "GET /MFEwTzBNMEswSTAJBgUrDgMCGgUABBSPwl%2BrBFlJbvzLXU1bGW08VysJ2wQUj%2Bh%2B8G0yagAFI8dwl2o6kP9r6tQCEA%2BdzSc7B3UzA8k03selSwo%3D HTTP/1.1\r\nConnection: Keep-Alive\r\nAccept: */*\r\nUser-Agent: Microsoft-CryptoAPI/6.1\r\nHost: ocsp.digicert.com\r\n\r\n",
232. "port": 80
233. },
234. {
235. "count": 1,
236. "body": "",
237. "uri": "http://ocsp.digicert.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBSPwl%2BrBFlJbvzLXU1bGW08VysJ2wQUj%2Bh%2B8G0yagAFI8dwl2o6kP9r6tQCEAaJg2QslT5G973OQUPxM8E%3D",
238. "user-agent": "Microsoft-CryptoAPI/6.1",
239. "method": "GET",
240. "host": "ocsp.digicert.com",
241. "version": "1.1",
242. "path": "/MFEwTzBNMEswSTAJBgUrDgMCGgUABBSPwl%2BrBFlJbvzLXU1bGW08VysJ2wQUj%2Bh%2B8G0yagAFI8dwl2o6kP9r6tQCEAaJg2QslT5G973OQUPxM8E%3D",
243. "data": "GET /MFEwTzBNMEswSTAJBgUrDgMCGgUABBSPwl%2BrBFlJbvzLXU1bGW08VysJ2wQUj%2Bh%2B8G0yagAFI8dwl2o6kP9r6tQCEAaJg2QslT5G973OQUPxM8E%3D HTTP/1.1\r\nCache-Control: max-age = 143038\r\nConnection: Keep-Alive\r\nAccept: */*\r\nIf-Modified-Since: Sat, 23 Mar 2019 15:00:07 GMT\r\nIf-None-Match: \"5c9649f7-1d7\"\r\nUser-Agent: Microsoft-CryptoAPI/6.1\r\nHost: ocsp.digicert.com\r\n\r\n",
244. "port": 80
245. },
246. {
247. "count": 1,
248. "body": "",
249. "uri": "http://ocsp.pki.goog/GTSGIAG3/MFEwTzBNMEswSTAJBgUrDgMCGgUABBT27bBjYjKBmjX2jXWgnQJKEapsrQQUd8K4UJpndnaxLcKG0IOgfqZ%2BuksCEDoV9Mh%2FtNM5k9Pus79K5eQ%3D",
250. "user-agent": "Microsoft-CryptoAPI/6.1",
251. "method": "GET",
252. "host": "ocsp.pki.goog",
253. "version": "1.1",
254. "path": "/GTSGIAG3/MFEwTzBNMEswSTAJBgUrDgMCGgUABBT27bBjYjKBmjX2jXWgnQJKEapsrQQUd8K4UJpndnaxLcKG0IOgfqZ%2BuksCEDoV9Mh%2FtNM5k9Pus79K5eQ%3D",
255. "data": "GET /GTSGIAG3/MFEwTzBNMEswSTAJBgUrDgMCGgUABBT27bBjYjKBmjX2jXWgnQJKEapsrQQUd8K4UJpndnaxLcKG0IOgfqZ%2BuksCEDoV9Mh%2FtNM5k9Pus79K5eQ%3D HTTP/1.1\r\nCache-Control: max-age = 86400\r\nConnection: Keep-Alive\r\nAccept: */*\r\nUser-Agent: Microsoft-CryptoAPI/6.1\r\nHost: ocsp.pki.goog\r\n\r\n",
256. "port": 80
257. },
258. {
259. "count": 1,
260. "body": "",
261. "uri": "http://ocsp.digicert.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBTBL0V27RVZ7LBduom%2FnYB45SPUEwQU5Z1ZMIJHWMys%2BghUNoZ7OrUETfACEAi4elAbvpzaLRZNPjlRv1U%3D",
262. "user-agent": "Microsoft-CryptoAPI/6.1",
263. "method": "GET",
264. "host": "ocsp.digicert.com",
265. "version": "1.1",
266. "path": "/MFEwTzBNMEswSTAJBgUrDgMCGgUABBTBL0V27RVZ7LBduom%2FnYB45SPUEwQU5Z1ZMIJHWMys%2BghUNoZ7OrUETfACEAi4elAbvpzaLRZNPjlRv1U%3D",
267. "data": "GET /MFEwTzBNMEswSTAJBgUrDgMCGgUABBTBL0V27RVZ7LBduom%2FnYB45SPUEwQU5Z1ZMIJHWMys%2BghUNoZ7OrUETfACEAi4elAbvpzaLRZNPjlRv1U%3D HTTP/1.1\r\nCache-Control: max-age = 89056\r\nConnection: Keep-Alive\r\nAccept: */*\r\nIf-Modified-Since: Fri, 22 Mar 2019 18:30:24 GMT\r\nIf-None-Match: \"5c9529c0-1d7\"\r\nUser-Agent: Microsoft-CryptoAPI/6.1\r\nHost: ocsp.digicert.com\r\n\r\n",
268. "port": 80
269. },
270. {
271. "count": 1,
272. "body": "",
273. "uri": "http://crl.microsoft.com/pki/crl/products/MicrosoftTimeStampPCA.crl",
274. "user-agent": "Microsoft-CryptoAPI/6.1",
275. "method": "GET",
276. "host": "crl.microsoft.com",
277. "version": "1.1",
278. "path": "/pki/crl/products/MicrosoftTimeStampPCA.crl",
279. "data": "GET /pki/crl/products/MicrosoftTimeStampPCA.crl HTTP/1.1\r\nConnection: Keep-Alive\r\nAccept: */*\r\nIf-Modified-Since: Sat, 16 Feb 2019 02:02:49 GMT\r\nUser-Agent: Microsoft-CryptoAPI/6.1\r\nHost: crl.microsoft.com\r\n\r\n",
280. "port": 80
281. },
282. {
283. "count": 1,
284. "body": "",
285. "uri": "http://ocsp.comodoca.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBReAhtobFzTvhaRmVeJ38QUchY9AwQUu69%2BAj36pvE8hI6t7jiY7NkyMtQCEDaCXn%2B1pIGTfvbRc2u5PKY%3D",
286. "user-agent": "Microsoft-CryptoAPI/6.1",
287. "method": "GET",
288. "host": "ocsp.comodoca.com",
289. "version": "1.1",
290. "path": "/MFEwTzBNMEswSTAJBgUrDgMCGgUABBReAhtobFzTvhaRmVeJ38QUchY9AwQUu69%2BAj36pvE8hI6t7jiY7NkyMtQCEDaCXn%2B1pIGTfvbRc2u5PKY%3D",
291. "data": "GET /MFEwTzBNMEswSTAJBgUrDgMCGgUABBReAhtobFzTvhaRmVeJ38QUchY9AwQUu69%2BAj36pvE8hI6t7jiY7NkyMtQCEDaCXn%2B1pIGTfvbRc2u5PKY%3D HTTP/1.1\r\nCache-Control: max-age = 94804\r\nConnection: Keep-Alive\r\nAccept: */*\r\nIf-Modified-Since: Mon, 11 Mar 2019 04:19:13 GMT\r\nUser-Agent: Microsoft-CryptoAPI/6.1\r\nHost: ocsp.comodoca.com\r\n\r\n",
292. "port": 80
293. },
294. {
295. "count": 1,
296. "body": "",
297. "uri": "http://ocsp.pki.goog/GTSGIAG3/MFEwTzBNMEswSTAJBgUrDgMCGgUABBT27bBjYjKBmjX2jXWgnQJKEapsrQQUd8K4UJpndnaxLcKG0IOgfqZ%2BuksCEEpXWRnDaZSEY67E8B6coDU%3D",
298. "user-agent": "Microsoft-CryptoAPI/6.1",
299. "method": "GET",
300. "host": "ocsp.pki.goog",
301. "version": "1.1",
302. "path": "/GTSGIAG3/MFEwTzBNMEswSTAJBgUrDgMCGgUABBT27bBjYjKBmjX2jXWgnQJKEapsrQQUd8K4UJpndnaxLcKG0IOgfqZ%2BuksCEEpXWRnDaZSEY67E8B6coDU%3D",
303. "data": "GET /GTSGIAG3/MFEwTzBNMEswSTAJBgUrDgMCGgUABBT27bBjYjKBmjX2jXWgnQJKEapsrQQUd8K4UJpndnaxLcKG0IOgfqZ%2BuksCEEpXWRnDaZSEY67E8B6coDU%3D HTTP/1.1\r\nCache-Control: max-age = 86400\r\nConnection: Keep-Alive\r\nAccept: */*\r\nUser-Agent: Microsoft-CryptoAPI/6.1\r\nHost: ocsp.pki.goog\r\n\r\n",
304. "port": 80
305. },
306. {
307. "count": 1,
308. "body": "",
309. "uri": "http://ocsp.digicert.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBSnR4FoxLLkI7vkvsUIFlZt%2BlGH3gQUWsS5eyoKo6XqcQPAYPkt9mV1DlgCEAwVvkoVuwkDyQGx1sJlMC8%3D",
310. "user-agent": "Microsoft-CryptoAPI/6.1",
311. "method": "GET",
312. "host": "ocsp.digicert.com",
313. "version": "1.1",
314. "path": "/MFEwTzBNMEswSTAJBgUrDgMCGgUABBSnR4FoxLLkI7vkvsUIFlZt%2BlGH3gQUWsS5eyoKo6XqcQPAYPkt9mV1DlgCEAwVvkoVuwkDyQGx1sJlMC8%3D",
315. "data": "GET /MFEwTzBNMEswSTAJBgUrDgMCGgUABBSnR4FoxLLkI7vkvsUIFlZt%2BlGH3gQUWsS5eyoKo6XqcQPAYPkt9mV1DlgCEAwVvkoVuwkDyQGx1sJlMC8%3D HTTP/1.1\r\nCache-Control: max-age = 108232\r\nConnection: Keep-Alive\r\nAccept: */*\r\nIf-Modified-Since: Fri, 22 Mar 2019 23:50:01 GMT\r\nIf-None-Match: \"5c9574a9-1d7\"\r\nUser-Agent: Microsoft-CryptoAPI/6.1\r\nHost: ocsp.digicert.com\r\n\r\n",
316. "port": 80
317. },
318. {
319. "count": 1,
320. "body": "",
321. "uri": "http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab",
322. "user-agent": "Microsoft-CryptoAPI/6.1",
323. "method": "GET",
324. "host": "www.download.windowsupdate.com",
325. "version": "1.1",
326. "path": "/msdownload/update/v3/static/trustedr/en/authrootstl.cab",
327. "data": "GET /msdownload/update/v3/static/trustedr/en/authrootstl.cab HTTP/1.1\r\nCache-Control: max-age = 86400\r\nConnection: Keep-Alive\r\nAccept: */*\r\nIf-Modified-Since: Fri, 22 Feb 2019 16:53:13 GMT\r\nIf-None-Match: \"80e22c19cfcad41:0\"\r\nUser-Agent: Microsoft-CryptoAPI/6.1\r\nHost: www.download.windowsupdate.com\r\n\r\n",
328. "port": 80
329. },
330. {
331. "count": 1,
332. "body": "",
333. "uri": "http://crl.microsoft.com/pki/crl/products/MicCodSigPCA_08-31-2010.crl",
334. "user-agent": "Microsoft-CryptoAPI/6.1",
335. "method": "GET",
336. "host": "crl.microsoft.com",
337. "version": "1.1",
338. "path": "/pki/crl/products/MicCodSigPCA_08-31-2010.crl",
339. "data": "GET /pki/crl/products/MicCodSigPCA_08-31-2010.crl HTTP/1.1\r\nConnection: Keep-Alive\r\nAccept: */*\r\nIf-Modified-Since: Thu, 14 Feb 2019 06:01:18 GMT\r\nUser-Agent: Microsoft-CryptoAPI/6.1\r\nHost: crl.microsoft.com\r\n\r\n",
340. "port": 80
341. },
342. {
343. "count": 1,
344. "body": "",
345. "uri": "http://ocsp.digicert.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBTBL0V27RVZ7LBduom%2FnYB45SPUEwQU5Z1ZMIJHWMys%2BghUNoZ7OrUETfACEA8sEMlbBsCTf7jUSfg%2BhWk%3D",
346. "user-agent": "Microsoft-CryptoAPI/6.1",
347. "method": "GET",
348. "host": "ocsp.digicert.com",
349. "version": "1.1",
350. "path": "/MFEwTzBNMEswSTAJBgUrDgMCGgUABBTBL0V27RVZ7LBduom%2FnYB45SPUEwQU5Z1ZMIJHWMys%2BghUNoZ7OrUETfACEA8sEMlbBsCTf7jUSfg%2BhWk%3D",
351. "data": "GET /MFEwTzBNMEswSTAJBgUrDgMCGgUABBTBL0V27RVZ7LBduom%2FnYB45SPUEwQU5Z1ZMIJHWMys%2BghUNoZ7OrUETfACEA8sEMlbBsCTf7jUSfg%2BhWk%3D HTTP/1.1\r\nCache-Control: max-age = 93156\r\nConnection: Keep-Alive\r\nAccept: */*\r\nIf-Modified-Since: Sat, 16 Mar 2019 04:40:45 GMT\r\nIf-None-Match: \"5c8c7e4d-1d7\"\r\nUser-Agent: Microsoft-CryptoAPI/6.1\r\nHost: ocsp.digicert.com\r\n\r\n",
352. "port": 80
353. },
354. {
355. "count": 1,
356. "body": "",
357. "uri": "http://ocsp.digicert.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBT3xL4LQLXDRDM9P665TW442vrsUQQUReuir%2FSSy4IxLVGLp6chnfNtyA8CEAQJGBtf1btmdVNDtW%2BVUAg%3D",
358. "user-agent": "Microsoft-CryptoAPI/6.1",
359. "method": "GET",
360. "host": "ocsp.digicert.com",
361. "version": "1.1",
362. "path": "/MFEwTzBNMEswSTAJBgUrDgMCGgUABBT3xL4LQLXDRDM9P665TW442vrsUQQUReuir%2FSSy4IxLVGLp6chnfNtyA8CEAQJGBtf1btmdVNDtW%2BVUAg%3D",
363. "data": "GET /MFEwTzBNMEswSTAJBgUrDgMCGgUABBT3xL4LQLXDRDM9P665TW442vrsUQQUReuir%2FSSy4IxLVGLp6chnfNtyA8CEAQJGBtf1btmdVNDtW%2BVUAg%3D HTTP/1.1\r\nCache-Control: max-age = 149079\r\nConnection: Keep-Alive\r\nAccept: */*\r\nIf-Modified-Since: Sat, 23 Mar 2019 11:10:47 GMT\r\nIf-None-Match: \"5c961437-1d7\"\r\nUser-Agent: Microsoft-CryptoAPI/6.1\r\nHost: ocsp.digicert.com\r\n\r\n",
364. "port": 80
365. },
366. {
367. "count": 1,
368. "body": "",
369. "uri": "http://ocsp.digicert.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBTBL0V27RVZ7LBduom%2FnYB45SPUEwQU5Z1ZMIJHWMys%2BghUNoZ7OrUETfACEAiIzVJfGSRETRSlgpHeuVI%3D",
370. "user-agent": "Microsoft-CryptoAPI/6.1",
371. "method": "GET",
372. "host": "ocsp.digicert.com",
373. "version": "1.1",
374. "path": "/MFEwTzBNMEswSTAJBgUrDgMCGgUABBTBL0V27RVZ7LBduom%2FnYB45SPUEwQU5Z1ZMIJHWMys%2BghUNoZ7OrUETfACEAiIzVJfGSRETRSlgpHeuVI%3D",
375. "data": "GET /MFEwTzBNMEswSTAJBgUrDgMCGgUABBTBL0V27RVZ7LBduom%2FnYB45SPUEwQU5Z1ZMIJHWMys%2BghUNoZ7OrUETfACEAiIzVJfGSRETRSlgpHeuVI%3D HTTP/1.1\r\nCache-Control: max-age = 148251\r\nConnection: Keep-Alive\r\nAccept: */*\r\nIf-Modified-Since: Sat, 16 Mar 2019 18:10:24 GMT\r\nIf-None-Match: \"5c8d3c10-1d7\"\r\nUser-Agent: Microsoft-CryptoAPI/6.1\r\nHost: ocsp.digicert.com\r\n\r\n",
376. "port": 80
377. },
378. {
379. "count": 1,
380. "body": "",
381. "uri": "http://ocsp.pki.goog/GTSGIAG3/MFEwTzBNMEswSTAJBgUrDgMCGgUABBT27bBjYjKBmjX2jXWgnQJKEapsrQQUd8K4UJpndnaxLcKG0IOgfqZ%2BuksCEH4PjD8bD0NfJXpoX0ln6s4%3D",
382. "user-agent": "Microsoft-CryptoAPI/6.1",
383. "method": "GET",
384. "host": "ocsp.pki.goog",
385. "version": "1.1",
386. "path": "/GTSGIAG3/MFEwTzBNMEswSTAJBgUrDgMCGgUABBT27bBjYjKBmjX2jXWgnQJKEapsrQQUd8K4UJpndnaxLcKG0IOgfqZ%2BuksCEH4PjD8bD0NfJXpoX0ln6s4%3D",
387. "data": "GET /GTSGIAG3/MFEwTzBNMEswSTAJBgUrDgMCGgUABBT27bBjYjKBmjX2jXWgnQJKEapsrQQUd8K4UJpndnaxLcKG0IOgfqZ%2BuksCEH4PjD8bD0NfJXpoX0ln6s4%3D HTTP/1.1\r\nCache-Control: max-age = 86400\r\nConnection: Keep-Alive\r\nAccept: */*\r\nUser-Agent: Microsoft-CryptoAPI/6.1\r\nHost: ocsp.pki.goog\r\n\r\n",
388. "port": 80
389. },
390. {
391. "count": 1,
392. "body": "",
393. "uri": "http://ocsp.pki.goog/GTSGIAG3/MFEwTzBNMEswSTAJBgUrDgMCGgUABBT27bBjYjKBmjX2jXWgnQJKEapsrQQUd8K4UJpndnaxLcKG0IOgfqZ%2BuksCEHQnb7Tt0tUhlRVnnq4nPN8%3D",
394. "user-agent": "Microsoft-CryptoAPI/6.1",
395. "method": "GET",
396. "host": "ocsp.pki.goog",
397. "version": "1.1",
398. "path": "/GTSGIAG3/MFEwTzBNMEswSTAJBgUrDgMCGgUABBT27bBjYjKBmjX2jXWgnQJKEapsrQQUd8K4UJpndnaxLcKG0IOgfqZ%2BuksCEHQnb7Tt0tUhlRVnnq4nPN8%3D",
399. "data": "GET /GTSGIAG3/MFEwTzBNMEswSTAJBgUrDgMCGgUABBT27bBjYjKBmjX2jXWgnQJKEapsrQQUd8K4UJpndnaxLcKG0IOgfqZ%2BuksCEHQnb7Tt0tUhlRVnnq4nPN8%3D HTTP/1.1\r\nCache-Control: max-age = 86400\r\nConnection: Keep-Alive\r\nAccept: */*\r\nUser-Agent: Microsoft-CryptoAPI/6.1\r\nHost: ocsp.pki.goog\r\n\r\n",
400. "port": 80
401. },
402. {
403. "count": 1,
404. "body": "",
405. "uri": "http://ocsp.digicert.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBSnR4FoxLLkI7vkvsUIFlZt%2BlGH3gQUWsS5eyoKo6XqcQPAYPkt9mV1DlgCEAM%2B1e2gZdG4yR38%2BSpsm9g%3D",
406. "user-agent": "Microsoft-CryptoAPI/6.1",
407. "method": "GET",
408. "host": "ocsp.digicert.com",
409. "version": "1.1",
410. "path": "/MFEwTzBNMEswSTAJBgUrDgMCGgUABBSnR4FoxLLkI7vkvsUIFlZt%2BlGH3gQUWsS5eyoKo6XqcQPAYPkt9mV1DlgCEAM%2B1e2gZdG4yR38%2BSpsm9g%3D",
411. "data": "GET /MFEwTzBNMEswSTAJBgUrDgMCGgUABBSnR4FoxLLkI7vkvsUIFlZt%2BlGH3gQUWsS5eyoKo6XqcQPAYPkt9mV1DlgCEAM%2B1e2gZdG4yR38%2BSpsm9g%3D HTTP/1.1\r\nCache-Control: max-age = 126990\r\nConnection: Keep-Alive\r\nAccept: */*\r\nIf-Modified-Since: Sat, 23 Mar 2019 10:41:16 GMT\r\nIf-None-Match: \"5c960d4c-1d7\"\r\nUser-Agent: Microsoft-CryptoAPI/6.1\r\nHost: ocsp.digicert.com\r\n\r\n",
412. "port": 80
413. },
414. {
415. "count": 1,
416. "body": "",
417. "uri": "http://ocsp.pki.goog/GTSGIAG3/MFEwTzBNMEswSTAJBgUrDgMCGgUABBT27bBjYjKBmjX2jXWgnQJKEapsrQQUd8K4UJpndnaxLcKG0IOgfqZ%2BuksCEHAHFVlJElKyLEMbtWWDIbo%3D",
418. "user-agent": "Microsoft-CryptoAPI/6.1",
419. "method": "GET",
420. "host": "ocsp.pki.goog",
421. "version": "1.1",
422. "path": "/GTSGIAG3/MFEwTzBNMEswSTAJBgUrDgMCGgUABBT27bBjYjKBmjX2jXWgnQJKEapsrQQUd8K4UJpndnaxLcKG0IOgfqZ%2BuksCEHAHFVlJElKyLEMbtWWDIbo%3D",
423. "data": "GET /GTSGIAG3/MFEwTzBNMEswSTAJBgUrDgMCGgUABBT27bBjYjKBmjX2jXWgnQJKEapsrQQUd8K4UJpndnaxLcKG0IOgfqZ%2BuksCEHAHFVlJElKyLEMbtWWDIbo%3D HTTP/1.1\r\nCache-Control: max-age = 86400\r\nConnection: Keep-Alive\r\nAccept: */*\r\nUser-Agent: Microsoft-CryptoAPI/6.1\r\nHost: ocsp.pki.goog\r\n\r\n",
424. "port": 80
425. },
426. {
427. "count": 1,
428. "body": "",
429. "uri": "http://ocsp.msocsp.com/MFQwUjBQME4wTDAJBgUrDgMCGgUABBRPC1vZt9qvn7bzY3Iidtbhla4mKQQUWIif1tycSCK3FD7%2FhIjo5oX%2F%2Bn0CE3sAAGyvV14%2FmEPDgh0AAAAAbK8%3D",
430. "user-agent": "Microsoft-CryptoAPI/6.1",
431. "method": "GET",
432. "host": "ocsp.msocsp.com",
433. "version": "1.1",
434. "path": "/MFQwUjBQME4wTDAJBgUrDgMCGgUABBRPC1vZt9qvn7bzY3Iidtbhla4mKQQUWIif1tycSCK3FD7%2FhIjo5oX%2F%2Bn0CE3sAAGyvV14%2FmEPDgh0AAAAAbK8%3D",
435. "data": "GET /MFQwUjBQME4wTDAJBgUrDgMCGgUABBRPC1vZt9qvn7bzY3Iidtbhla4mKQQUWIif1tycSCK3FD7%2FhIjo5oX%2F%2Bn0CE3sAAGyvV14%2FmEPDgh0AAAAAbK8%3D HTTP/1.1\r\nConnection: Keep-Alive\r\nAccept: */*\r\nIf-Modified-Since: Sat, 23 Mar 2019 17:46:18 GMT\r\nIf-None-Match: \"dd54d75d4688b8dc62b087df4e04af258704c48b\"\r\nUser-Agent: Microsoft-CryptoAPI/6.1\r\nHost: ocsp.msocsp.com\r\n\r\n",
436. "port": 80
437. },
438. {
439. "count": 1,
440. "body": "",
441. "uri": "http://ocsp.thawte.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBQwF4prw9S7mCbCEHD%2Fyl6nWPkczAQUe1tFz6%2FOy3r9MZIaarbzRutXSFACEEeXTXhzpbyrDS%2BzcBkvzl4%3D",
442. "user-agent": "Microsoft-CryptoAPI/6.1",
443. "method": "GET",
444. "host": "ocsp.thawte.com",
445. "version": "1.1",
446. "path": "/MFEwTzBNMEswSTAJBgUrDgMCGgUABBQwF4prw9S7mCbCEHD%2Fyl6nWPkczAQUe1tFz6%2FOy3r9MZIaarbzRutXSFACEEeXTXhzpbyrDS%2BzcBkvzl4%3D",
447. "data": "GET /MFEwTzBNMEswSTAJBgUrDgMCGgUABBQwF4prw9S7mCbCEHD%2Fyl6nWPkczAQUe1tFz6%2FOy3r9MZIaarbzRutXSFACEEeXTXhzpbyrDS%2BzcBkvzl4%3D HTTP/1.1\r\nCache-Control: max-age = 320712\r\nConnection: Keep-Alive\r\nAccept: */*\r\nIf-Modified-Since: Wed, 20 Mar 2019 11:42:01 GMT\r\nUser-Agent: Microsoft-CryptoAPI/6.1\r\nHost: ocsp.thawte.com\r\n\r\n",
448. "port": 80
449. },
450. {
451. "count": 1,
452. "body": "",
453. "uri": "http://ocsp.usertrust.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBR8sWZUnKvbRO5iJhat9GV793rVlAQUrb2YejS0Jvf6xCZU7wO94CTLVBoCECdm7lbrSfOOq9dwovyE3iI%3D",
454. "user-agent": "Microsoft-CryptoAPI/6.1",
455. "method": "GET",
456. "host": "ocsp.usertrust.com",
457. "version": "1.1",
458. "path": "/MFEwTzBNMEswSTAJBgUrDgMCGgUABBR8sWZUnKvbRO5iJhat9GV793rVlAQUrb2YejS0Jvf6xCZU7wO94CTLVBoCECdm7lbrSfOOq9dwovyE3iI%3D",
459. "data": "GET /MFEwTzBNMEswSTAJBgUrDgMCGgUABBR8sWZUnKvbRO5iJhat9GV793rVlAQUrb2YejS0Jvf6xCZU7wO94CTLVBoCECdm7lbrSfOOq9dwovyE3iI%3D HTTP/1.1\r\nCache-Control: max-age = 94765\r\nConnection: Keep-Alive\r\nAccept: */*\r\nIf-Modified-Since: Mon, 11 Mar 2019 04:19:13 GMT\r\nUser-Agent: Microsoft-CryptoAPI/6.1\r\nHost: ocsp.usertrust.com\r\n\r\n",
460. "port": 80
461. },
462. {
463. "count": 1,
464. "body": "",
465. "uri": "http://th.symcd.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRsif7263KedmR2MLuYKv9%2BWQCtWAQU1A1lP3q9NMb%2BR%2BdMDcC98t4Vq3ECEBT4%2FdFn%2BSQCsVcLXcSVyBU%3D",
466. "user-agent": "Microsoft-CryptoAPI/6.1",
467. "method": "GET",
468. "host": "th.symcd.com",
469. "version": "1.1",
470. "path": "/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRsif7263KedmR2MLuYKv9%2BWQCtWAQU1A1lP3q9NMb%2BR%2BdMDcC98t4Vq3ECEBT4%2FdFn%2BSQCsVcLXcSVyBU%3D",
471. "data": "GET /MFEwTzBNMEswSTAJBgUrDgMCGgUABBRsif7263KedmR2MLuYKv9%2BWQCtWAQU1A1lP3q9NMb%2BR%2BdMDcC98t4Vq3ECEBT4%2FdFn%2BSQCsVcLXcSVyBU%3D HTTP/1.1\r\nCache-Control: max-age = 386377\r\nConnection: Keep-Alive\r\nAccept: */*\r\nIf-Modified-Since: Thu, 21 Mar 2019 05:58:32 GMT\r\nUser-Agent: Microsoft-CryptoAPI/6.1\r\nHost: th.symcd.com\r\n\r\n",
472. "port": 80
473. },
474. {
475. "count": 1,
476. "body": "",
477. "uri": "http://ocsp.digicert.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBSAUQYBMq2awn1Rh6Doh%2FsBYgFV7gQUA95QNVbRTLtm8KPiGxvDl7I90VUCEAH9o%2BtuynXIiEOLckvPvJE%3D",
478. "user-agent": "Microsoft-CryptoAPI/6.1",
479. "method": "GET",
480. "host": "ocsp.digicert.com",
481. "version": "1.1",
482. "path": "/MFEwTzBNMEswSTAJBgUrDgMCGgUABBSAUQYBMq2awn1Rh6Doh%2FsBYgFV7gQUA95QNVbRTLtm8KPiGxvDl7I90VUCEAH9o%2BtuynXIiEOLckvPvJE%3D",
483. "data": "GET /MFEwTzBNMEswSTAJBgUrDgMCGgUABBSAUQYBMq2awn1Rh6Doh%2FsBYgFV7gQUA95QNVbRTLtm8KPiGxvDl7I90VUCEAH9o%2BtuynXIiEOLckvPvJE%3D HTTP/1.1\r\nCache-Control: max-age = 142986\r\nConnection: Keep-Alive\r\nAccept: */*\r\nIf-Modified-Since: Tue, 28 May 2019 07:40:28 GMT\r\nIf-None-Match: \"5cece5ec-1d7\"\r\nUser-Agent: Microsoft-CryptoAPI/6.1\r\nHost: ocsp.digicert.com\r\n\r\n",
484. "port": 80
485. },
486. {
487. "count": 1,
488. "body": "",
489. "uri": "http://ocsp.digicert.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBSAUQYBMq2awn1Rh6Doh%2FsBYgFV7gQUA95QNVbRTLtm8KPiGxvDl7I90VUCEAVG%2Fhgj9%2BGUHaOfzhTEYXM%3D",
490. "user-agent": "Microsoft-CryptoAPI/6.1",
491. "method": "GET",
492. "host": "ocsp.digicert.com",
493. "version": "1.1",
494. "path": "/MFEwTzBNMEswSTAJBgUrDgMCGgUABBSAUQYBMq2awn1Rh6Doh%2FsBYgFV7gQUA95QNVbRTLtm8KPiGxvDl7I90VUCEAVG%2Fhgj9%2BGUHaOfzhTEYXM%3D",
495. "data": "GET /MFEwTzBNMEswSTAJBgUrDgMCGgUABBSAUQYBMq2awn1Rh6Doh%2FsBYgFV7gQUA95QNVbRTLtm8KPiGxvDl7I90VUCEAVG%2Fhgj9%2BGUHaOfzhTEYXM%3D HTTP/1.1\r\nCache-Control: max-age = 161796\r\nConnection: Keep-Alive\r\nAccept: */*\r\nIf-Modified-Since: Tue, 28 May 2019 13:00:33 GMT\r\nIf-None-Match: \"5ced30f1-1d7\"\r\nUser-Agent: Microsoft-CryptoAPI/6.1\r\nHost: ocsp.digicert.com\r\n\r\n",
496. "port": 80
497. },
498. {
499. "count": 1,
500. "body": "",
501. "uri": "http://ocsp.pki.goog/gsr2/ME4wTDBKMEgwRjAJBgUrDgMCGgUABBTgXIsxbvr2lBkPpoIEVRE6gHlCnAQUm%2BIHV2ccHsBqBt5ZtJot39wZhi4CDQHjqTAc%2FHIGOD%2BaUx0%3D",
502. "user-agent": "Microsoft-CryptoAPI/6.1",
503. "method": "GET",
504. "host": "ocsp.pki.goog",
505. "version": "1.1",
506. "path": "/gsr2/ME4wTDBKMEgwRjAJBgUrDgMCGgUABBTgXIsxbvr2lBkPpoIEVRE6gHlCnAQUm%2BIHV2ccHsBqBt5ZtJot39wZhi4CDQHjqTAc%2FHIGOD%2BaUx0%3D",
507. "data": "GET /gsr2/ME4wTDBKMEgwRjAJBgUrDgMCGgUABBTgXIsxbvr2lBkPpoIEVRE6gHlCnAQUm%2BIHV2ccHsBqBt5ZtJot39wZhi4CDQHjqTAc%2FHIGOD%2BaUx0%3D HTTP/1.1\r\nCache-Control: max-age = 86400\r\nConnection: Keep-Alive\r\nAccept: */*\r\nUser-Agent: Microsoft-CryptoAPI/6.1\r\nHost: ocsp.pki.goog\r\n\r\n",
508. "port": 80
509. },
510. {
511. "count": 1,
512. "body": "",
513. "uri": "http://crl.microsoft.com/pki/crl/products/microsoftrootcert.crl",
514. "user-agent": "Microsoft-CryptoAPI/6.1",
515. "method": "GET",
516. "host": "crl.microsoft.com",
517. "version": "1.1",
518. "path": "/pki/crl/products/microsoftrootcert.crl",
519. "data": "GET /pki/crl/products/microsoftrootcert.crl HTTP/1.1\r\nConnection: Keep-Alive\r\nAccept: */*\r\nIf-Modified-Since: Thu, 07 Mar 2019 06:00:16 GMT\r\nUser-Agent: Microsoft-CryptoAPI/6.1\r\nHost: crl.microsoft.com\r\n\r\n",
520. "port": 80
521. },
522. {
523. "count": 1,
524. "body": "",
525. "uri": "http://redirector.gvt1.com/edgedl/release2/chrome/ANcTHgjx95-y_74.0.3729.169/74.0.3729.169_73.0.3683.86_chrome_updater.exe",
526. "user-agent": "Microsoft BITS/7.5",
527. "method": "HEAD",
528. "host": "redirector.gvt1.com",
529. "version": "1.1",
530. "path": "/edgedl/release2/chrome/ANcTHgjx95-y_74.0.3729.169/74.0.3729.169_73.0.3683.86_chrome_updater.exe",
531. "data": "HEAD /edgedl/release2/chrome/ANcTHgjx95-y_74.0.3729.169/74.0.3729.169_73.0.3683.86_chrome_updater.exe HTTP/1.1\r\nConnection: Keep-Alive\r\nAccept: */*\r\nAccept-Encoding: identity\r\nUser-Agent: Microsoft BITS/7.5\r\nX-Old-UID: cnt=0\r\nX-Last-HR: 0x0\r\nX-Last-HTTP-Status-Code: 0\r\nX-Retry-Count: 0\r\nX-HTTP-Attempts: 1\r\nHost: redirector.gvt1.com\r\n\r\n",
532. "port": 80
533. },
534. {
535. "count": 1,
536. "body": "",
537. "uri": "http://r5---sn-a5meknl7.gvt1.com/edgedl/release2/chrome/ANcTHgjx95-y_74.0.3729.169/74.0.3729.169_73.0.3683.86_chrome_updater.exe?cms_redirect=yes&mip=172.83.40.106&mm=28&mn=sn-a5meknl7&ms=nvh&mt=1560808362&mv=m&pl=24&shardbypass=yes",
538. "user-agent": "Microsoft BITS/7.5",
539. "method": "HEAD",
540. "host": "r5---sn-a5meknl7.gvt1.com",
541. "version": "1.1",
542. "path": "/edgedl/release2/chrome/ANcTHgjx95-y_74.0.3729.169/74.0.3729.169_73.0.3683.86_chrome_updater.exe?cms_redirect=yes&mip=172.83.40.106&mm=28&mn=sn-a5meknl7&ms=nvh&mt=1560808362&mv=m&pl=24&shardbypass=yes",
543. "data": "HEAD /edgedl/release2/chrome/ANcTHgjx95-y_74.0.3729.169/74.0.3729.169_73.0.3683.86_chrome_updater.exe?cms_redirect=yes&mip=172.83.40.106&mm=28&mn=sn-a5meknl7&ms=nvh&mt=1560808362&mv=m&pl=24&shardbypass=yes HTTP/1.1\r\nConnection: Keep-Alive\r\nAccept: */*\r\nAccept-Encoding: identity\r\nUser-Agent: Microsoft BITS/7.5\r\nX-Old-UID: cnt=0\r\nX-Last-HR: 0x0\r\nX-Last-HTTP-Status-Code: 0\r\nX-Retry-Count: 0\r\nX-HTTP-Attempts: 1\r\nHost: r5---sn-a5meknl7.gvt1.com\r\n\r\n",
544. "port": 80
545. },
546. {
547. "count": 1,
548. "body": "",
549. "uri": "http://r5---sn-a5meknl7.gvt1.com/edgedl/release2/chrome/ANcTHgjx95-y_74.0.3729.169/74.0.3729.169_73.0.3683.86_chrome_updater.exe?cms_redirect=yes&mip=172.83.40.106&mm=28&mn=sn-a5meknl7&ms=nvh&mt=1560808362&mv=m&pl=24&shardbypass=yes",
550. "user-agent": "Microsoft BITS/7.5",
551. "method": "GET",
552. "host": "r5---sn-a5meknl7.gvt1.com",
553. "version": "1.1",
554. "path": "/edgedl/release2/chrome/ANcTHgjx95-y_74.0.3729.169/74.0.3729.169_73.0.3683.86_chrome_updater.exe?cms_redirect=yes&mip=172.83.40.106&mm=28&mn=sn-a5meknl7&ms=nvh&mt=1560808362&mv=m&pl=24&shardbypass=yes",
555. "data": "GET /edgedl/release2/chrome/ANcTHgjx95-y_74.0.3729.169/74.0.3729.169_73.0.3683.86_chrome_updater.exe?cms_redirect=yes&mip=172.83.40.106&mm=28&mn=sn-a5meknl7&ms=nvh&mt=1560808362&mv=m&pl=24&shardbypass=yes HTTP/1.1\r\nConnection: Keep-Alive\r\nAccept: */*\r\nAccept-Encoding: identity\r\nIf-Unmodified-Since: Tue, 21 May 2019 04:56:27 GMT\r\nRange: bytes=0-6797\r\nUser-Agent: Microsoft BITS/7.5\r\nX-Old-UID: cnt=0\r\nX-Last-HR: 0x0\r\nX-Last-HTTP-Status-Code: 0\r\nX-Retry-Count: 0\r\nX-HTTP-Attempts: 1\r\nHost: r5---sn-a5meknl7.gvt1.com\r\n\r\n",
556. "port": 80
557. },
558. {
559. "count": 1,
560. "body": "",
561. "uri": "http://r5---sn-a5meknl7.gvt1.com/edgedl/release2/chrome/ANcTHgjx95-y_74.0.3729.169/74.0.3729.169_73.0.3683.86_chrome_updater.exe?cms_redirect=yes&mip=172.83.40.106&mm=28&mn=sn-a5meknl7&ms=nvh&mt=1560808362&mv=m&pl=24&shardbypass=yes",
562. "user-agent": "Microsoft BITS/7.5",
563. "method": "GET",
564. "host": "r5---sn-a5meknl7.gvt1.com",
565. "version": "1.1",
566. "path": "/edgedl/release2/chrome/ANcTHgjx95-y_74.0.3729.169/74.0.3729.169_73.0.3683.86_chrome_updater.exe?cms_redirect=yes&mip=172.83.40.106&mm=28&mn=sn-a5meknl7&ms=nvh&mt=1560808362&mv=m&pl=24&shardbypass=yes",
567. "data": "GET /edgedl/release2/chrome/ANcTHgjx95-y_74.0.3729.169/74.0.3729.169_73.0.3683.86_chrome_updater.exe?cms_redirect=yes&mip=172.83.40.106&mm=28&mn=sn-a5meknl7&ms=nvh&mt=1560808362&mv=m&pl=24&shardbypass=yes HTTP/1.1\r\nConnection: Keep-Alive\r\nAccept: */*\r\nAccept-Encoding: identity\r\nIf-Unmodified-Since: Tue, 21 May 2019 04:56:27 GMT\r\nRange: bytes=6798-16888\r\nUser-Agent: Microsoft BITS/7.5\r\nX-Old-UID: cnt=0\r\nX-Last-HR: 0x0\r\nX-Last-HTTP-Status-Code: 0\r\nX-Retry-Count: 0\r\nX-HTTP-Attempts: 1\r\nHost: r5---sn-a5meknl7.gvt1.com\r\n\r\n",
568. "port": 80
569. },
570. {
571. "count": 1,
572. "body": "",
573. "uri": "http://r5---sn-a5meknl7.gvt1.com/edgedl/release2/chrome/ANcTHgjx95-y_74.0.3729.169/74.0.3729.169_73.0.3683.86_chrome_updater.exe?cms_redirect=yes&mip=172.83.40.106&mm=28&mn=sn-a5meknl7&ms=nvh&mt=1560808362&mv=m&pl=24&shardbypass=yes",
574. "user-agent": "Microsoft BITS/7.5",
575. "method": "GET",
576. "host": "r5---sn-a5meknl7.gvt1.com",
577. "version": "1.1",
578. "path": "/edgedl/release2/chrome/ANcTHgjx95-y_74.0.3729.169/74.0.3729.169_73.0.3683.86_chrome_updater.exe?cms_redirect=yes&mip=172.83.40.106&mm=28&mn=sn-a5meknl7&ms=nvh&mt=1560808362&mv=m&pl=24&shardbypass=yes",
579. "data": "GET /edgedl/release2/chrome/ANcTHgjx95-y_74.0.3729.169/74.0.3729.169_73.0.3683.86_chrome_updater.exe?cms_redirect=yes&mip=172.83.40.106&mm=28&mn=sn-a5meknl7&ms=nvh&mt=1560808362&mv=m&pl=24&shardbypass=yes HTTP/1.1\r\nConnection: Keep-Alive\r\nAccept: */*\r\nAccept-Encoding: identity\r\nIf-Unmodified-Since: Tue, 21 May 2019 04:56:27 GMT\r\nRange: bytes=16889-27617\r\nUser-Agent: Microsoft BITS/7.5\r\nX-Old-UID: cnt=0\r\nX-Last-HR: 0x0\r\nX-Last-HTTP-Status-Code: 0\r\nX-Retry-Count: 0\r\nX-HTTP-Attempts: 1\r\nHost: r5---sn-a5meknl7.gvt1.com\r\n\r\n",
580. "port": 80
581. },
582. {
583. "count": 1,
584. "body": "",
585. "uri": "http://r5---sn-a5meknl7.gvt1.com/edgedl/release2/chrome/ANcTHgjx95-y_74.0.3729.169/74.0.3729.169_73.0.3683.86_chrome_updater.exe?cms_redirect=yes&mip=172.83.40.106&mm=28&mn=sn-a5meknl7&ms=nvh&mt=1560808362&mv=m&pl=24&shardbypass=yes",
586. "user-agent": "Microsoft BITS/7.5",
587. "method": "GET",
588. "host": "r5---sn-a5meknl7.gvt1.com",
589. "version": "1.1",
590. "path": "/edgedl/release2/chrome/ANcTHgjx95-y_74.0.3729.169/74.0.3729.169_73.0.3683.86_chrome_updater.exe?cms_redirect=yes&mip=172.83.40.106&mm=28&mn=sn-a5meknl7&ms=nvh&mt=1560808362&mv=m&pl=24&shardbypass=yes",
591. "data": "GET /edgedl/release2/chrome/ANcTHgjx95-y_74.0.3729.169/74.0.3729.169_73.0.3683.86_chrome_updater.exe?cms_redirect=yes&mip=172.83.40.106&mm=28&mn=sn-a5meknl7&ms=nvh&mt=1560808362&mv=m&pl=24&shardbypass=yes HTTP/1.1\r\nConnection: Keep-Alive\r\nAccept: */*\r\nAccept-Encoding: identity\r\nIf-Unmodified-Since: Tue, 21 May 2019 04:56:27 GMT\r\nRange: bytes=27618-38081\r\nUser-Agent: Microsoft BITS/7.5\r\nX-Old-UID: cnt=0\r\nX-Last-HR: 0x0\r\nX-Last-HTTP-Status-Code: 0\r\nX-Retry-Count: 0\r\nX-HTTP-Attempts: 1\r\nHost: r5---sn-a5meknl7.gvt1.com\r\n\r\n",
592. "port": 80
593. },
594. {
595. "count": 1,
596. "body": "",
597. "uri": "http://r5---sn-a5meknl7.gvt1.com/edgedl/release2/chrome/ANcTHgjx95-y_74.0.3729.169/74.0.3729.169_73.0.3683.86_chrome_updater.exe?cms_redirect=yes&mip=172.83.40.106&mm=28&mn=sn-a5meknl7&ms=nvh&mt=1560808362&mv=m&pl=24&shardbypass=yes",
598. "user-agent": "Microsoft BITS/7.5",
599. "method": "GET",
600. "host": "r5---sn-a5meknl7.gvt1.com",
601. "version": "1.1",
602. "path": "/edgedl/release2/chrome/ANcTHgjx95-y_74.0.3729.169/74.0.3729.169_73.0.3683.86_chrome_updater.exe?cms_redirect=yes&mip=172.83.40.106&mm=28&mn=sn-a5meknl7&ms=nvh&mt=1560808362&mv=m&pl=24&shardbypass=yes",
603. "data": "GET /edgedl/release2/chrome/ANcTHgjx95-y_74.0.3729.169/74.0.3729.169_73.0.3683.86_chrome_updater.exe?cms_redirect=yes&mip=172.83.40.106&mm=28&mn=sn-a5meknl7&ms=nvh&mt=1560808362&mv=m&pl=24&shardbypass=yes HTTP/1.1\r\nConnection: Keep-Alive\r\nAccept: */*\r\nAccept-Encoding: identity\r\nIf-Unmodified-Since: Tue, 21 May 2019 04:56:27 GMT\r\nRange: bytes=38082-60789\r\nUser-Agent: Microsoft BITS/7.5\r\nX-Old-UID: cnt=0\r\nX-Last-HR: 0x0\r\nX-Last-HTTP-Status-Code: 0\r\nX-Retry-Count: 0\r\nX-HTTP-Attempts: 1\r\nHost: r5---sn-a5meknl7.gvt1.com\r\n\r\n",
604. "port": 80
605. },
606. {
607. "count": 1,
608. "body": "",
609. "uri": "http://r5---sn-a5meknl7.gvt1.com/edgedl/release2/chrome/ANcTHgjx95-y_74.0.3729.169/74.0.3729.169_73.0.3683.86_chrome_updater.exe?cms_redirect=yes&mip=172.83.40.106&mm=28&mn=sn-a5meknl7&ms=nvh&mt=1560808362&mv=m&pl=24&shardbypass=yes",
610. "user-agent": "Microsoft BITS/7.5",
611. "method": "GET",
612. "host": "r5---sn-a5meknl7.gvt1.com",
613. "version": "1.1",
614. "path": "/edgedl/release2/chrome/ANcTHgjx95-y_74.0.3729.169/74.0.3729.169_73.0.3683.86_chrome_updater.exe?cms_redirect=yes&mip=172.83.40.106&mm=28&mn=sn-a5meknl7&ms=nvh&mt=1560808362&mv=m&pl=24&shardbypass=yes",
615. "data": "GET /edgedl/release2/chrome/ANcTHgjx95-y_74.0.3729.169/74.0.3729.169_73.0.3683.86_chrome_updater.exe?cms_redirect=yes&mip=172.83.40.106&mm=28&mn=sn-a5meknl7&ms=nvh&mt=1560808362&mv=m&pl=24&shardbypass=yes HTTP/1.1\r\nConnection: Keep-Alive\r\nAccept: */*\r\nAccept-Encoding: identity\r\nIf-Unmodified-Since: Tue, 21 May 2019 04:56:27 GMT\r\nRange: bytes=60790-107702\r\nUser-Agent: Microsoft BITS/7.5\r\nX-Old-UID: cnt=0\r\nX-Last-HR: 0x0\r\nX-Last-HTTP-Status-Code: 0\r\nX-Retry-Count: 0\r\nX-HTTP-Attempts: 1\r\nHost: r5---sn-a5meknl7.gvt1.com\r\n\r\n",
616. "port": 80
617. },
618. {
619. "count": 1,
620. "body": "",
621. "uri": "http://r5---sn-a5meknl7.gvt1.com/edgedl/release2/chrome/ANcTHgjx95-y_74.0.3729.169/74.0.3729.169_73.0.3683.86_chrome_updater.exe?cms_redirect=yes&mip=172.83.40.106&mm=28&mn=sn-a5meknl7&ms=nvh&mt=1560808362&mv=m&pl=24&shardbypass=yes",
622. "user-agent": "Microsoft BITS/7.5",
623. "method": "GET",
624. "host": "r5---sn-a5meknl7.gvt1.com",
625. "version": "1.1",
626. "path": "/edgedl/release2/chrome/ANcTHgjx95-y_74.0.3729.169/74.0.3729.169_73.0.3683.86_chrome_updater.exe?cms_redirect=yes&mip=172.83.40.106&mm=28&mn=sn-a5meknl7&ms=nvh&mt=1560808362&mv=m&pl=24&shardbypass=yes",
627. "data": "GET /edgedl/release2/chrome/ANcTHgjx95-y_74.0.3729.169/74.0.3729.169_73.0.3683.86_chrome_updater.exe?cms_redirect=yes&mip=172.83.40.106&mm=28&mn=sn-a5meknl7&ms=nvh&mt=1560808362&mv=m&pl=24&shardbypass=yes HTTP/1.1\r\nConnection: Keep-Alive\r\nAccept: */*\r\nAccept-Encoding: identity\r\nIf-Unmodified-Since: Tue, 21 May 2019 04:56:27 GMT\r\nRange: bytes=107703-199798\r\nUser-Agent: Microsoft BITS/7.5\r\nX-Old-UID: cnt=0\r\nX-Last-HR: 0x0\r\nX-Last-HTTP-Status-Code: 0\r\nX-Retry-Count: 0\r\nX-HTTP-Attempts: 1\r\nHost: r5---sn-a5meknl7.gvt1.com\r\n\r\n",
628. "port": 80
629. },
630. {
631. "count": 1,
632. "body": "",
633. "uri": "http://r5---sn-a5meknl7.gvt1.com/edgedl/release2/chrome/ANcTHgjx95-y_74.0.3729.169/74.0.3729.169_73.0.3683.86_chrome_updater.exe?cms_redirect=yes&mip=172.83.40.106&mm=28&mn=sn-a5meknl7&ms=nvh&mt=1560808362&mv=m&pl=24&shardbypass=yes",
634. "user-agent": "Microsoft BITS/7.5",
635. "method": "GET",
636. "host": "r5---sn-a5meknl7.gvt1.com",
637. "version": "1.1",
638. "path": "/edgedl/release2/chrome/ANcTHgjx95-y_74.0.3729.169/74.0.3729.169_73.0.3683.86_chrome_updater.exe?cms_redirect=yes&mip=172.83.40.106&mm=28&mn=sn-a5meknl7&ms=nvh&mt=1560808362&mv=m&pl=24&shardbypass=yes",
639. "data": "GET /edgedl/release2/chrome/ANcTHgjx95-y_74.0.3729.169/74.0.3729.169_73.0.3683.86_chrome_updater.exe?cms_redirect=yes&mip=172.83.40.106&mm=28&mn=sn-a5meknl7&ms=nvh&mt=1560808362&mv=m&pl=24&shardbypass=yes HTTP/1.1\r\nConnection: Keep-Alive\r\nAccept: */*\r\nAccept-Encoding: identity\r\nIf-Unmodified-Since: Tue, 21 May 2019 04:56:27 GMT\r\nRange: bytes=199799-358644\r\nUser-Agent: Microsoft BITS/7.5\r\nX-Old-UID: cnt=0\r\nX-Last-HR: 0x0\r\nX-Last-HTTP-Status-Code: 0\r\nX-Retry-Count: 0\r\nX-HTTP-Attempts: 1\r\nHost: r5---sn-a5meknl7.gvt1.com\r\n\r\n",
640. "port": 80
641. },
642. {
643. "count": 1,
644. "body": "",
645. "uri": "http://r5---sn-a5meknl7.gvt1.com/edgedl/release2/chrome/ANcTHgjx95-y_74.0.3729.169/74.0.3729.169_73.0.3683.86_chrome_updater.exe?cms_redirect=yes&mip=172.83.40.106&mm=28&mn=sn-a5meknl7&ms=nvh&mt=1560808362&mv=m&pl=24&shardbypass=yes",
646. "user-agent": "Microsoft BITS/7.5",
647. "method": "GET",
648. "host": "r5---sn-a5meknl7.gvt1.com",
649. "version": "1.1",
650. "path": "/edgedl/release2/chrome/ANcTHgjx95-y_74.0.3729.169/74.0.3729.169_73.0.3683.86_chrome_updater.exe?cms_redirect=yes&mip=172.83.40.106&mm=28&mn=sn-a5meknl7&ms=nvh&mt=1560808362&mv=m&pl=24&shardbypass=yes",
651. "data": "GET /edgedl/release2/chrome/ANcTHgjx95-y_74.0.3729.169/74.0.3729.169_73.0.3683.86_chrome_updater.exe?cms_redirect=yes&mip=172.83.40.106&mm=28&mn=sn-a5meknl7&ms=nvh&mt=1560808362&mv=m&pl=24&shardbypass=yes HTTP/1.1\r\nConnection: Keep-Alive\r\nAccept: */*\r\nAccept-Encoding: identity\r\nIf-Unmodified-Since: Tue, 21 May 2019 04:56:27 GMT\r\nRange: bytes=358645-538556\r\nUser-Agent: Microsoft BITS/7.5\r\nX-Old-UID: cnt=0\r\nX-Last-HR: 0x0\r\nX-Last-HTTP-Status-Code: 0\r\nX-Retry-Count: 0\r\nX-HTTP-Attempts: 1\r\nHost: r5---sn-a5meknl7.gvt1.com\r\n\r\n",
652. "port": 80
653. },
654. {
655. "count": 1,
656. "body": "",
657. "uri": "http://r5---sn-a5meknl7.gvt1.com/edgedl/release2/chrome/ANcTHgjx95-y_74.0.3729.169/74.0.3729.169_73.0.3683.86_chrome_updater.exe?cms_redirect=yes&mip=172.83.40.106&mm=28&mn=sn-a5meknl7&ms=nvh&mt=1560808362&mv=m&pl=24&shardbypass=yes",
658. "user-agent": "Microsoft BITS/7.5",
659. "method": "GET",
660. "host": "r5---sn-a5meknl7.gvt1.com",
661. "version": "1.1",
662. "path": "/edgedl/release2/chrome/ANcTHgjx95-y_74.0.3729.169/74.0.3729.169_73.0.3683.86_chrome_updater.exe?cms_redirect=yes&mip=172.83.40.106&mm=28&mn=sn-a5meknl7&ms=nvh&mt=1560808362&mv=m&pl=24&shardbypass=yes",
663. "data": "GET /edgedl/release2/chrome/ANcTHgjx95-y_74.0.3729.169/74.0.3729.169_73.0.3683.86_chrome_updater.exe?cms_redirect=yes&mip=172.83.40.106&mm=28&mn=sn-a5meknl7&ms=nvh&mt=1560808362&mv=m&pl=24&shardbypass=yes HTTP/1.1\r\nConnection: Keep-Alive\r\nAccept: */*\r\nAccept-Encoding: identity\r\nIf-Unmodified-Since: Tue, 21 May 2019 04:56:27 GMT\r\nRange: bytes=538557-901919\r\nUser-Agent: Microsoft BITS/7.5\r\nX-Old-UID: cnt=0\r\nX-Last-HR: 0x0\r\nX-Last-HTTP-Status-Code: 0\r\nX-Retry-Count: 0\r\nX-HTTP-Attempts: 1\r\nHost: r5---sn-a5meknl7.gvt1.com\r\n\r\n",
664. "port": 80
665. },
666. {
667. "count": 1,
668. "body": "",
669. "uri": "http://r5---sn-a5meknl7.gvt1.com/edgedl/release2/chrome/ANcTHgjx95-y_74.0.3729.169/74.0.3729.169_73.0.3683.86_chrome_updater.exe?cms_redirect=yes&mip=172.83.40.106&mm=28&mn=sn-a5meknl7&ms=nvh&mt=1560808362&mv=m&pl=24&shardbypass=yes",
670. "user-agent": "Microsoft BITS/7.5",
671. "method": "GET",
672. "host": "r5---sn-a5meknl7.gvt1.com",
673. "version": "1.1",
674. "path": "/edgedl/release2/chrome/ANcTHgjx95-y_74.0.3729.169/74.0.3729.169_73.0.3683.86_chrome_updater.exe?cms_redirect=yes&mip=172.83.40.106&mm=28&mn=sn-a5meknl7&ms=nvh&mt=1560808362&mv=m&pl=24&shardbypass=yes",
675. "data": "GET /edgedl/release2/chrome/ANcTHgjx95-y_74.0.3729.169/74.0.3729.169_73.0.3683.86_chrome_updater.exe?cms_redirect=yes&mip=172.83.40.106&mm=28&mn=sn-a5meknl7&ms=nvh&mt=1560808362&mv=m&pl=24&shardbypass=yes HTTP/1.1\r\nConnection: Keep-Alive\r\nAccept: */*\r\nAccept-Encoding: identity\r\nIf-Unmodified-Since: Tue, 21 May 2019 04:56:27 GMT\r\nRange: bytes=901920-1557461\r\nUser-Agent: Microsoft BITS/7.5\r\nX-Old-UID: cnt=0\r\nX-Last-HR: 0x0\r\nX-Last-HTTP-Status-Code: 0\r\nX-Retry-Count: 0\r\nX-HTTP-Attempts: 1\r\nHost: r5---sn-a5meknl7.gvt1.com\r\n\r\n",
676. "port": 80
677. },
678. {
679. "count": 1,
680. "body": "",
681. "uri": "http://r5---sn-a5meknl7.gvt1.com/edgedl/release2/chrome/ANcTHgjx95-y_74.0.3729.169/74.0.3729.169_73.0.3683.86_chrome_updater.exe?cms_redirect=yes&mip=172.83.40.106&mm=28&mn=sn-a5meknl7&ms=nvh&mt=1560808362&mv=m&pl=24&shardbypass=yes",
682. "user-agent": "Microsoft BITS/7.5",
683. "method": "GET",
684. "host": "r5---sn-a5meknl7.gvt1.com",
685. "version": "1.1",
686. "path": "/edgedl/release2/chrome/ANcTHgjx95-y_74.0.3729.169/74.0.3729.169_73.0.3683.86_chrome_updater.exe?cms_redirect=yes&mip=172.83.40.106&mm=28&mn=sn-a5meknl7&ms=nvh&mt=1560808362&mv=m&pl=24&shardbypass=yes",
687. "data": "GET /edgedl/release2/chrome/ANcTHgjx95-y_74.0.3729.169/74.0.3729.169_73.0.3683.86_chrome_updater.exe?cms_redirect=yes&mip=172.83.40.106&mm=28&mn=sn-a5meknl7&ms=nvh&mt=1560808362&mv=m&pl=24&shardbypass=yes HTTP/1.1\r\nConnection: Keep-Alive\r\nAccept: */*\r\nAccept-Encoding: identity\r\nIf-Unmodified-Since: Tue, 21 May 2019 04:56:27 GMT\r\nRange: bytes=1557462-2353802\r\nUser-Agent: Microsoft BITS/7.5\r\nX-Old-UID: cnt=0\r\nX-Last-HR: 0x0\r\nX-Last-HTTP-Status-Code: 0\r\nX-Retry-Count: 0\r\nX-HTTP-Attempts: 1\r\nHost: r5---sn-a5meknl7.gvt1.com\r\n\r\n",
688. "port": 80
689. },
690. {
691. "count": 1,
692. "body": "",
693. "uri": "http://r5---sn-a5meknl7.gvt1.com/edgedl/release2/chrome/ANcTHgjx95-y_74.0.3729.169/74.0.3729.169_73.0.3683.86_chrome_updater.exe?cms_redirect=yes&mip=172.83.40.106&mm=28&mn=sn-a5meknl7&ms=nvh&mt=1560808362&mv=m&pl=24&shardbypass=yes",
694. "user-agent": "Microsoft BITS/7.5",
695. "method": "GET",
696. "host": "r5---sn-a5meknl7.gvt1.com",
697. "version": "1.1",
698. "path": "/edgedl/release2/chrome/ANcTHgjx95-y_74.0.3729.169/74.0.3729.169_73.0.3683.86_chrome_updater.exe?cms_redirect=yes&mip=172.83.40.106&mm=28&mn=sn-a5meknl7&ms=nvh&mt=1560808362&mv=m&pl=24&shardbypass=yes",
699. "data": "GET /edgedl/release2/chrome/ANcTHgjx95-y_74.0.3729.169/74.0.3729.169_73.0.3683.86_chrome_updater.exe?cms_redirect=yes&mip=172.83.40.106&mm=28&mn=sn-a5meknl7&ms=nvh&mt=1560808362&mv=m&pl=24&shardbypass=yes HTTP/1.1\r\nConnection: Keep-Alive\r\nAccept: */*\r\nAccept-Encoding: identity\r\nIf-Unmodified-Since: Tue, 21 May 2019 04:56:27 GMT\r\nRange: bytes=2353803-3708379\r\nUser-Agent: Microsoft BITS/7.5\r\nX-Old-UID: cnt=0\r\nX-Last-HR: 0x0\r\nX-Last-HTTP-Status-Code: 0\r\nX-Retry-Count: 0\r\nX-HTTP-Attempts: 1\r\nHost: r5---sn-a5meknl7.gvt1.com\r\n\r\n",
700. "port": 80
701. },
702. {
703. "count": 1,
704. "body": "",
705. "uri": "http://r5---sn-a5meknl7.gvt1.com/edgedl/release2/chrome/ANcTHgjx95-y_74.0.3729.169/74.0.3729.169_73.0.3683.86_chrome_updater.exe?cms_redirect=yes&mip=172.83.40.106&mm=28&mn=sn-a5meknl7&ms=nvh&mt=1560808362&mv=m&pl=24&shardbypass=yes",
706. "user-agent": "Microsoft BITS/7.5",
707. "method": "GET",
708. "host": "r5---sn-a5meknl7.gvt1.com",
709. "version": "1.1",
710. "path": "/edgedl/release2/chrome/ANcTHgjx95-y_74.0.3729.169/74.0.3729.169_73.0.3683.86_chrome_updater.exe?cms_redirect=yes&mip=172.83.40.106&mm=28&mn=sn-a5meknl7&ms=nvh&mt=1560808362&mv=m&pl=24&shardbypass=yes",
711. "data": "GET /edgedl/release2/chrome/ANcTHgjx95-y_74.0.3729.169/74.0.3729.169_73.0.3683.86_chrome_updater.exe?cms_redirect=yes&mip=172.83.40.106&mm=28&mn=sn-a5meknl7&ms=nvh&mt=1560808362&mv=m&pl=24&shardbypass=yes HTTP/1.1\r\nConnection: Keep-Alive\r\nAccept: */*\r\nAccept-Encoding: identity\r\nIf-Unmodified-Since: Tue, 21 May 2019 04:56:27 GMT\r\nRange: bytes=3708380-5436987\r\nUser-Agent: Microsoft BITS/7.5\r\nX-Old-UID: cnt=0\r\nX-Last-HR: 0x0\r\nX-Last-HTTP-Status-Code: 0\r\nX-Retry-Count: 0\r\nX-HTTP-Attempts: 1\r\nHost: r5---sn-a5meknl7.gvt1.com\r\n\r\n",
712. "port": 80
713. },
714. {
715. "count": 1,
716. "body": "",
717. "uri": "http://r5---sn-a5meknl7.gvt1.com/edgedl/release2/chrome/ANcTHgjx95-y_74.0.3729.169/74.0.3729.169_73.0.3683.86_chrome_updater.exe?cms_redirect=yes&mip=172.83.40.106&mm=28&mn=sn-a5meknl7&ms=nvh&mt=1560808362&mv=m&pl=24&shardbypass=yes",
718. "user-agent": "Microsoft BITS/7.5",
719. "method": "GET",
720. "host": "r5---sn-a5meknl7.gvt1.com",
721. "version": "1.1",
722. "path": "/edgedl/release2/chrome/ANcTHgjx95-y_74.0.3729.169/74.0.3729.169_73.0.3683.86_chrome_updater.exe?cms_redirect=yes&mip=172.83.40.106&mm=28&mn=sn-a5meknl7&ms=nvh&mt=1560808362&mv=m&pl=24&shardbypass=yes",
723. "data": "GET /edgedl/release2/chrome/ANcTHgjx95-y_74.0.3729.169/74.0.3729.169_73.0.3683.86_chrome_updater.exe?cms_redirect=yes&mip=172.83.40.106&mm=28&mn=sn-a5meknl7&ms=nvh&mt=1560808362&mv=m&pl=24&shardbypass=yes HTTP/1.1\r\nConnection: Keep-Alive\r\nAccept: */*\r\nAccept-Encoding: identity\r\nIf-Unmodified-Since: Tue, 21 May 2019 04:56:27 GMT\r\nRange: bytes=5436988-6408272\r\nUser-Agent: Microsoft BITS/7.5\r\nX-Old-UID: cnt=0\r\nX-Last-HR: 0x0\r\nX-Last-HTTP-Status-Code: 0\r\nX-Retry-Count: 0\r\nX-HTTP-Attempts: 1\r\nHost: r5---sn-a5meknl7.gvt1.com\r\n\r\n",
724. "port": 80
725. },
726. {
727. "count": 1,
728. "body": "",
729. "uri": "http://r5---sn-a5meknl7.gvt1.com/edgedl/release2/chrome/ANcTHgjx95-y_74.0.3729.169/74.0.3729.169_73.0.3683.86_chrome_updater.exe?cms_redirect=yes&mip=172.83.40.106&mm=28&mn=sn-a5meknl7&ms=nvh&mt=1560808362&mv=m&pl=24&shardbypass=yes",
730. "user-agent": "Microsoft BITS/7.5",
731. "method": "GET",
732. "host": "r5---sn-a5meknl7.gvt1.com",
733. "version": "1.1",
734. "path": "/edgedl/release2/chrome/ANcTHgjx95-y_74.0.3729.169/74.0.3729.169_73.0.3683.86_chrome_updater.exe?cms_redirect=yes&mip=172.83.40.106&mm=28&mn=sn-a5meknl7&ms=nvh&mt=1560808362&mv=m&pl=24&shardbypass=yes",
735. "data": "GET /edgedl/release2/chrome/ANcTHgjx95-y_74.0.3729.169/74.0.3729.169_73.0.3683.86_chrome_updater.exe?cms_redirect=yes&mip=172.83.40.106&mm=28&mn=sn-a5meknl7&ms=nvh&mt=1560808362&mv=m&pl=24&shardbypass=yes HTTP/1.1\r\nConnection: Keep-Alive\r\nAccept: */*\r\nAccept-Encoding: identity\r\nIf-Unmodified-Since: Tue, 21 May 2019 04:56:27 GMT\r\nRange: bytes=6408273-7352396\r\nUser-Agent: Microsoft BITS/7.5\r\nX-Old-UID: cnt=0\r\nX-Last-HR: 0x0\r\nX-Last-HTTP-Status-Code: 0\r\nX-Retry-Count: 0\r\nX-HTTP-Attempts: 1\r\nHost: r5---sn-a5meknl7.gvt1.com\r\n\r\n",
736. "port": 80
737. },
738. {
739. "count": 1,
740. "body": "",
741. "uri": "http://r5---sn-a5meknl7.gvt1.com/edgedl/release2/chrome/ANcTHgjx95-y_74.0.3729.169/74.0.3729.169_73.0.3683.86_chrome_updater.exe?cms_redirect=yes&mip=172.83.40.106&mm=28&mn=sn-a5meknl7&ms=nvh&mt=1560808362&mv=m&pl=24&shardbypass=yes",
742. "user-agent": "Microsoft BITS/7.5",
743. "method": "GET",
744. "host": "r5---sn-a5meknl7.gvt1.com",
745. "version": "1.1",
746. "path": "/edgedl/release2/chrome/ANcTHgjx95-y_74.0.3729.169/74.0.3729.169_73.0.3683.86_chrome_updater.exe?cms_redirect=yes&mip=172.83.40.106&mm=28&mn=sn-a5meknl7&ms=nvh&mt=1560808362&mv=m&pl=24&shardbypass=yes",
747. "data": "GET /edgedl/release2/chrome/ANcTHgjx95-y_74.0.3729.169/74.0.3729.169_73.0.3683.86_chrome_updater.exe?cms_redirect=yes&mip=172.83.40.106&mm=28&mn=sn-a5meknl7&ms=nvh&mt=1560808362&mv=m&pl=24&shardbypass=yes HTTP/1.1\r\nConnection: Keep-Alive\r\nAccept: */*\r\nAccept-Encoding: identity\r\nIf-Unmodified-Since: Tue, 21 May 2019 04:56:27 GMT\r\nRange: bytes=7352397-8351051\r\nUser-Agent: Microsoft BITS/7.5\r\nX-Old-UID: cnt=0\r\nX-Last-HR: 0x0\r\nX-Last-HTTP-Status-Code: 0\r\nX-Retry-Count: 0\r\nX-HTTP-Attempts: 1\r\nHost: r5---sn-a5meknl7.gvt1.com\r\n\r\n",
748. "port": 80
749. },
750. {
751. "count": 1,
752. "body": "",
753. "uri": "http://r5---sn-a5meknl7.gvt1.com/edgedl/release2/chrome/ANcTHgjx95-y_74.0.3729.169/74.0.3729.169_73.0.3683.86_chrome_updater.exe?cms_redirect=yes&mip=172.83.40.106&mm=28&mn=sn-a5meknl7&ms=nvh&mt=1560808362&mv=m&pl=24&shardbypass=yes",
754. "user-agent": "Microsoft BITS/7.5",
755. "method": "GET",
756. "host": "r5---sn-a5meknl7.gvt1.com",
757. "version": "1.1",
758. "path": "/edgedl/release2/chrome/ANcTHgjx95-y_74.0.3729.169/74.0.3729.169_73.0.3683.86_chrome_updater.exe?cms_redirect=yes&mip=172.83.40.106&mm=28&mn=sn-a5meknl7&ms=nvh&mt=1560808362&mv=m&pl=24&shardbypass=yes",
759. "data": "GET /edgedl/release2/chrome/ANcTHgjx95-y_74.0.3729.169/74.0.3729.169_73.0.3683.86_chrome_updater.exe?cms_redirect=yes&mip=172.83.40.106&mm=28&mn=sn-a5meknl7&ms=nvh&mt=1560808362&mv=m&pl=24&shardbypass=yes HTTP/1.1\r\nConnection: Keep-Alive\r\nAccept: */*\r\nAccept-Encoding: identity\r\nIf-Unmodified-Since: Tue, 21 May 2019 04:56:27 GMT\r\nRange: bytes=8351052-9857327\r\nUser-Agent: Microsoft BITS/7.5\r\nX-Old-UID: cnt=0\r\nX-Last-HR: 0x0\r\nX-Last-HTTP-Status-Code: 0\r\nX-Retry-Count: 0\r\nX-HTTP-Attempts: 1\r\nHost: r5---sn-a5meknl7.gvt1.com\r\n\r\n",
760. "port": 80
761. },
762. {
763. "count": 1,
764. "body": "",
765. "uri": "http://r5---sn-a5meknl7.gvt1.com/edgedl/release2/chrome/ANcTHgjx95-y_74.0.3729.169/74.0.3729.169_73.0.3683.86_chrome_updater.exe?cms_redirect=yes&mip=172.83.40.106&mm=28&mn=sn-a5meknl7&ms=nvh&mt=1560808362&mv=m&pl=24&shardbypass=yes",
766. "user-agent": "Microsoft BITS/7.5",
767. "method": "GET",
768. "host": "r5---sn-a5meknl7.gvt1.com",
769. "version": "1.1",
770. "path": "/edgedl/release2/chrome/ANcTHgjx95-y_74.0.3729.169/74.0.3729.169_73.0.3683.86_chrome_updater.exe?cms_redirect=yes&mip=172.83.40.106&mm=28&mn=sn-a5meknl7&ms=nvh&mt=1560808362&mv=m&pl=24&shardbypass=yes",
771. "data": "GET /edgedl/release2/chrome/ANcTHgjx95-y_74.0.3729.169/74.0.3729.169_73.0.3683.86_chrome_updater.exe?cms_redirect=yes&mip=172.83.40.106&mm=28&mn=sn-a5meknl7&ms=nvh&mt=1560808362&mv=m&pl=24&shardbypass=yes HTTP/1.1\r\nConnection: Keep-Alive\r\nAccept: */*\r\nAccept-Encoding: identity\r\nIf-Unmodified-Since: Tue, 21 May 2019 04:56:27 GMT\r\nRange: bytes=9857328-10796425\r\nUser-Agent: Microsoft BITS/7.5\r\nX-Old-UID: cnt=0\r\nX-Last-HR: 0x0\r\nX-Last-HTTP-Status-Code: 0\r\nX-Retry-Count: 0\r\nX-HTTP-Attempts: 1\r\nHost: r5---sn-a5meknl7.gvt1.com\r\n\r\n",
772. "port": 80
773. },
774. {
775. "count": 1,
776. "body": "",
777. "uri": "http://r5---sn-a5meknl7.gvt1.com/edgedl/release2/chrome/ANcTHgjx95-y_74.0.3729.169/74.0.3729.169_73.0.3683.86_chrome_updater.exe?cms_redirect=yes&mip=172.83.40.106&mm=28&mn=sn-a5meknl7&ms=nvh&mt=1560808362&mv=m&pl=24&shardbypass=yes",
778. "user-agent": "Microsoft BITS/7.5",
779. "method": "GET",
780. "host": "r5---sn-a5meknl7.gvt1.com",
781. "version": "1.1",
782. "path": "/edgedl/release2/chrome/ANcTHgjx95-y_74.0.3729.169/74.0.3729.169_73.0.3683.86_chrome_updater.exe?cms_redirect=yes&mip=172.83.40.106&mm=28&mn=sn-a5meknl7&ms=nvh&mt=1560808362&mv=m&pl=24&shardbypass=yes",
783. "data": "GET /edgedl/release2/chrome/ANcTHgjx95-y_74.0.3729.169/74.0.3729.169_73.0.3683.86_chrome_updater.exe?cms_redirect=yes&mip=172.83.40.106&mm=28&mn=sn-a5meknl7&ms=nvh&mt=1560808362&mv=m&pl=24&shardbypass=yes HTTP/1.1\r\nConnection: Keep-Alive\r\nAccept: */*\r\nAccept-Encoding: identity\r\nIf-Unmodified-Since: Tue, 21 May 2019 04:56:27 GMT\r\nRange: bytes=10796426-12084576\r\nUser-Agent: Microsoft BITS/7.5\r\nX-Old-UID: cnt=0\r\nX-Last-HR: 0x0\r\nX-Last-HTTP-Status-Code: 0\r\nX-Retry-Count: 0\r\nX-HTTP-Attempts: 1\r\nHost: r5---sn-a5meknl7.gvt1.com\r\n\r\n",
784. "port": 80
785. },
786. {
787. "count": 1,
788. "body": "",
789. "uri": "http://r5---sn-a5meknl7.gvt1.com/edgedl/release2/chrome/ANcTHgjx95-y_74.0.3729.169/74.0.3729.169_73.0.3683.86_chrome_updater.exe?cms_redirect=yes&mip=172.83.40.106&mm=28&mn=sn-a5meknl7&ms=nvh&mt=1560808362&mv=m&pl=24&shardbypass=yes",
790. "user-agent": "Microsoft BITS/7.5",
791. "method": "GET",
792. "host": "r5---sn-a5meknl7.gvt1.com",
793. "version": "1.1",
794. "path": "/edgedl/release2/chrome/ANcTHgjx95-y_74.0.3729.169/74.0.3729.169_73.0.3683.86_chrome_updater.exe?cms_redirect=yes&mip=172.83.40.106&mm=28&mn=sn-a5meknl7&ms=nvh&mt=1560808362&mv=m&pl=24&shardbypass=yes",
795. "data": "GET /edgedl/release2/chrome/ANcTHgjx95-y_74.0.3729.169/74.0.3729.169_73.0.3683.86_chrome_updater.exe?cms_redirect=yes&mip=172.83.40.106&mm=28&mn=sn-a5meknl7&ms=nvh&mt=1560808362&mv=m&pl=24&shardbypass=yes HTTP/1.1\r\nConnection: Keep-Alive\r\nAccept: */*\r\nAccept-Encoding: identity\r\nIf-Unmodified-Since: Tue, 21 May 2019 04:56:27 GMT\r\nRange: bytes=12084577-12296959\r\nUser-Agent: Microsoft BITS/7.5\r\nX-Old-UID: cnt=0\r\nX-Last-HR: 0x0\r\nX-Last-HTTP-Status-Code: 0\r\nX-Retry-Count: 0\r\nX-HTTP-Attempts: 1\r\nHost: r5---sn-a5meknl7.gvt1.com\r\n\r\n",
796. "port": 80
797. }
798. ]
799.  
800. [*] Network Communication - SMTP: []
801.  
802. [*] Network Communication - Hosts: []
803.  
804. [*] Network Communication - IRC: []
805.  
806. [*] Static Analysis: {
807. "dotnet": {
808. "customattrs": [
809. {
810. "type": "TypeDef",
811. "name": "[System]System.ComponentModel.DefaultEventAttribute",
812. "value": "LoadingStateChang"
813. },
814. {
815. "type": "TypeDef",
816. "name": "[System]System.ComponentModel.DescriptionAttribute",
817. "value": "CefSharp ChromiumWebBrowser - Chromium Embedded Framework .Net wrapper. https://github.com/cefsharp/CefSha"
818. },
819. {
820. "type": "MethodDef",
821. "name": "[mscorlib]System.ObsoleteAttribute",
822. "value": "Should only be used by the WinForms Designer. Use the ChromiumWebBrowser(string, IRequestContext) constructor overload instea"
823. }
824. ],
825. "assemblyinfo": {
826. "version": "0.0.0.0",
827. "name": "gyHtbwEDdQxcJKxGma"
828. },
829. "assemblyrefs": [
830. {
831. "version": "4.0.0.0",
832. "name": "mscorlib"
833. },
834. {
835. "version": "4.0.0.0",
836. "name": "System"
837. },
838. {
839. "version": "4.0.0.0",
840. "name": "System.Web"
841. },
842. {
843. "version": "73.1.130.0",
844. "name": "CefSharp.Core"
845. },
846. {
847. "version": "4.0.0.0",
848. "name": "System.Design"
849. },
850. {
851. "version": "4.0.0.0",
852. "name": "System.Windows.Forms"
853. },
854. {
855. "version": "4.0.0.0",
856. "name": "System.Drawing"
857. },
858. {
859. "version": "73.1.130.0",
860. "name": "CefSharp"
861. }
862. ],
863. "typerefs": [
864. {
865. "typename": "CefSharp.AddressChangedEventArgs",
866. "assembly": "CefSharp"
867. },
868. {
869. "typename": "CefSharp.CefFocusSource",
870. "assembly": "CefSharp"
871. },
872. {
873. "typename": "CefSharp.CefSharpSettings",
874. "assembly": "CefSharp"
875. },
876. {
877. "typename": "CefSharp.ConsoleMessageEventArgs",
878. "assembly": "CefSharp"
879. },
880. {
881. "typename": "CefSharp.DefaultResourceHandlerFactory",
882. "assembly": "CefSharp"
883. },
884. {
885. "typename": "CefSharp.FrameLoadEndEventArgs",
886. "assembly": "CefSharp"
887. },
888. {
889. "typename": "CefSharp.FrameLoadStartEventArgs",
890. "assembly": "CefSharp"
891. },
892. {
893. "typename": "CefSharp.IAudioHandler",
894. "assembly": "CefSharp"
895. },
896. {
897. "typename": "CefSharp.IBrowser",
898. "assembly": "CefSharp"
899. },
900. {
901. "typename": "CefSharp.IBrowserHost",
902. "assembly": "CefSharp"
903. },
904. {
905. "typename": "CefSharp.IBrowserSettings",
906. "assembly": "CefSharp"
907. },
908. {
909. "typename": "CefSharp.IContextMenuHandler",
910. "assembly": "CefSharp"
911. },
912. {
913. "typename": "CefSharp.IDialogHandler",
914. "assembly": "CefSharp"
915. },
916. {
917. "typename": "CefSharp.IDisplayHandler",
918. "assembly": "CefSharp"
919. },
920. {
921. "typename": "CefSharp.IDownloadHandler",
922. "assembly": "CefSharp"
923. },
924. {
925. "typename": "CefSharp.IDragHandler",
926. "assembly": "CefSharp"
927. },
928. {
929. "typename": "CefSharp.IFindHandler",
930. "assembly": "CefSharp"
931. },
932. {
933. "typename": "CefSharp.IFocusHandler",
934. "assembly": "CefSharp"
935. },
936. {
937. "typename": "CefSharp.IFrame",
938. "assembly": "CefSharp"
939. },
940. {
941. "typename": "CefSharp.IJavascriptObjectRepository",
942. "assembly": "CefSharp"
943. },
944. {
945. "typename": "CefSharp.IJsDialogHandler",
946. "assembly": "CefSharp"
947. },
948. {
949. "typename": "CefSharp.IKeyboardHandler",
950. "assembly": "CefSharp"
951. },
952. {
953. "typename": "CefSharp.ILifeSpanHandler",
954. "assembly": "CefSharp"
955. },
956. {
957. "typename": "CefSharp.ILoadHandler",
958. "assembly": "CefSharp"
959. },
960. {
961. "typename": "CefSharp.IRenderProcessMessageHandler",
962. "assembly": "CefSharp"
963. },
964. {
965. "typename": "CefSharp.IRequestContext",
966. "assembly": "CefSharp"
967. },
968. {
969. "typename": "CefSharp.IRequestHandler",
970. "assembly": "CefSharp"
971. },
972. {
973. "typename": "CefSharp.IResourceHandlerFactory",
974. "assembly": "CefSharp"
975. },
976. {
977. "typename": "CefSharp.IWebBrowser",
978. "assembly": "CefSharp"
979. },
980. {
981. "typename": "CefSharp.IWindowInfo",
982. "assembly": "CefSharp"
983. },
984. {
985. "typename": "CefSharp.Internals.IBrowserAdapter",
986. "assembly": "CefSharp"
987. },
988. {
989. "typename": "CefSharp.Internals.IWebBrowserInternal",
990. "assembly": "CefSharp"
991. },
992. {
993. "typename": "CefSharp.Internals.IntPtrExtensions",
994. "assembly": "CefSharp"
995. },
996. {
997. "typename": "CefSharp.Internals.InternalWebBrowserExtensions",
998. "assembly": "CefSharp"
999. },
1000. {
1001. "typename": "CefSharp.Internals.JavascriptObjectRepository",
1002. "assembly": "CefSharp"
1003. },
1004. {
1005. "typename": "CefSharp.IsBrowserInitializedChangedEventArgs",
1006. "assembly": "CefSharp"
1007. },
1008. {
1009. "typename": "CefSharp.LoadErrorEventArgs",
1010. "assembly": "CefSharp"
1011. },
1012. {
1013. "typename": "CefSharp.LoadingStateChangedEventArgs",
1014. "assembly": "CefSharp"
1015. },
1016. {
1017. "typename": "CefSharp.StatusMessageEventArgs",
1018. "assembly": "CefSharp"
1019. },
1020. {
1021. "typename": "CefSharp.TitleChangedEventArgs",
1022. "assembly": "CefSharp"
1023. },
1024. {
1025. "typename": "CefSharp.WebBrowserExtensions",
1026. "assembly": "CefSharp"
1027. },
1028. {
1029. "typename": "CefSharp.AbstractCefSettings",
1030. "assembly": "CefSharp.Core"
1031. },
1032. {
1033. "typename": "CefSharp.BrowserSettings",
1034. "assembly": "CefSharp.Core"
1035. },
1036. {
1037. "typename": "CefSharp.Cef",
1038. "assembly": "CefSharp.Core"
1039. },
1040. {
1041. "typename": "CefSharp.ManagedCefBrowserAdapter",
1042. "assembly": "CefSharp.Core"
1043. },
1044. {
1045. "typename": "CefSharp.NativeMethodWrapper",
1046. "assembly": "CefSharp.Core"
1047. },
1048. {
1049. "typename": "CefSharp.RequestContext",
1050. "assembly": "CefSharp.Core"
1051. },
1052. {
1053. "typename": "CefSharp.WindowInfo",
1054. "assembly": "CefSharp.Core"
1055. },
1056. {
1057. "typename": "System.ComponentModel.BrowsableAttribute",
1058. "assembly": "System"
1059. },
1060. {
1061. "typename": "System.ComponentModel.Component",
1062. "assembly": "System"
1063. },
1064. {
1065. "typename": "System.ComponentModel.DefaultEventAttribute",
1066. "assembly": "System"
1067. },
1068. {
1069. "typename": "System.ComponentModel.DefaultValueAttribute",
1070. "assembly": "System"
1071. },
1072. {
1073. "typename": "System.ComponentModel.DescriptionAttribute",
1074. "assembly": "System"
1075. },
1076. {
1077. "typename": "System.ComponentModel.DesignerAttribute",
1078. "assembly": "System"
1079. },
1080. {
1081. "typename": "System.ComponentModel.EditorBrowsableAttribute",
1082. "assembly": "System"
1083. },
1084. {
1085. "typename": "System.ComponentModel.EditorBrowsableState",
1086. "assembly": "System"
1087. },
1088. {
1089. "typename": "System.Net.Cookie",
1090. "assembly": "System"
1091. },
1092. {
1093. "typename": "System.Windows.Forms.Design.ControlDesigner",
1094. "assembly": "System.Design"
1095. },
1096. {
1097. "typename": "System.Drawing.Brush",
1098. "assembly": "System.Drawing"
1099. },
1100. {
1101. "typename": "System.Drawing.Brushes",
1102. "assembly": "System.Drawing"
1103. },
1104. {
1105. "typename": "System.Drawing.Font",
1106. "assembly": "System.Drawing"
1107. },
1108. {
1109. "typename": "System.Drawing.Graphics",
1110. "assembly": "System.Drawing"
1111. },
1112. {
1113. "typename": "System.Drawing.Rectangle",
1114. "assembly": "System.Drawing"
1115. },
1116. {
1117. "typename": "System.Drawing.RectangleF",
1118. "assembly": "System.Drawing"
1119. },
1120. {
1121. "typename": "System.Drawing.StringAlignment",
1122. "assembly": "System.Drawing"
1123. },
1124. {
1125. "typename": "System.Drawing.StringFormat",
1126. "assembly": "System.Drawing"
1127. },
1128. {
1129. "typename": "System.Drawing.ToolboxBitmapAttribute",
1130. "assembly": "System.Drawing"
1131. },
1132. {
1133. "typename": "System.Web.HttpServerUtility",
1134. "assembly": "System.Web"
1135. },
1136. {
1137. "typename": "System.Windows.Forms.Application",
1138. "assembly": "System.Windows.Forms"
1139. },
1140. {
1141. "typename": "System.Windows.Forms.ContainerControl",
1142. "assembly": "System.Windows.Forms"
1143. },
1144. {
1145. "typename": "System.Windows.Forms.Control",
1146. "assembly": "System.Windows.Forms"
1147. },
1148. {
1149. "typename": "System.Windows.Forms.DockStyle",
1150. "assembly": "System.Windows.Forms"
1151. },
1152. {
1153. "typename": "System.Windows.Forms.DockingAttribute",
1154. "assembly": "System.Windows.Forms"
1155. },
1156. {
1157. "typename": "System.Windows.Forms.DockingBehavior",
1158. "assembly": "System.Windows.Forms"
1159. },
1160. {
1161. "typename": "System.Windows.Forms.Form",
1162. "assembly": "System.Windows.Forms"
1163. },
1164. {
1165. "typename": "System.Windows.Forms.FormWindowState",
1166. "assembly": "System.Windows.Forms"
1167. },
1168. {
1169. "typename": "System.Windows.Forms.IContainerControl",
1170. "assembly": "System.Windows.Forms"
1171. },
1172. {
1173. "typename": "System.Windows.Forms.Keys",
1174. "assembly": "System.Windows.Forms"
1175. },
1176. {
1177. "typename": "System.Windows.Forms.Message",
1178. "assembly": "System.Windows.Forms"
1179. },
1180. {
1181. "typename": "System.Windows.Forms.NativeWindow",
1182. "assembly": "System.Windows.Forms"
1183. },
1184. {
1185. "typename": "System.Windows.Forms.PaintEventArgs",
1186. "assembly": "System.Windows.Forms"
1187. },
1188. {
1189. "typename": "System.Action",
1190. "assembly": "mscorlib"
1191. },
1192. {
1193. "typename": "System.Collections.Generic.IEqualityComparer`1",
1194. "assembly": "mscorlib"
1195. },
1196. {
1197. "typename": "System.Collections.IDictionary",
1198. "assembly": "mscorlib"
1199. },
1200. {
1201. "typename": "System.Delegate",
1202. "assembly": "mscorlib"
1203. },
1204. {
1205. "typename": "System.Diagnostics.DebuggableAttribute",
1206. "assembly": "mscorlib"
1207. },
1208. {
1209. "typename": "System.Diagnostics.DebuggableAttribute/DebuggingModes",
1210. "assembly": "mscorlib"
1211. },
1212. {
1213. "typename": "System.EventArgs",
1214. "assembly": "mscorlib"
1215. },
1216. {
1217. "typename": "System.EventHandler",
1218. "assembly": "mscorlib"
1219. },
1220. {
1221. "typename": "System.EventHandler`1",
1222. "assembly": "mscorlib"
1223. },
1224. {
1225. "typename": "System.Exception",
1226. "assembly": "mscorlib"
1227. },
1228. {
1229. "typename": "System.IAsyncResult",
1230. "assembly": "mscorlib"
1231. },
1232. {
1233. "typename": "System.IDisposable",
1234. "assembly": "mscorlib"
1235. },
1236. {
1237. "typename": "System.IntPtr",
1238. "assembly": "mscorlib"
1239. },
1240. {
1241. "typename": "System.InvalidOperationException",
1242. "assembly": "mscorlib"
1243. },
1244. {
1245. "typename": "System.Object",
1246. "assembly": "mscorlib"
1247. },
1248. {
1249. "typename": "System.ObsoleteAttribute",
1250. "assembly": "mscorlib"
1251. },
1252. {
1253. "typename": "System.Reflection.Assembly",
1254. "assembly": "mscorlib"
1255. },
1256. {
1257. "typename": "System.Reflection.MethodBase",
1258. "assembly": "mscorlib"
1259. },
1260. {
1261. "typename": "System.Reflection.MethodInfo",
1262. "assembly": "mscorlib"
1263. },
1264. {
1265. "typename": "System.Runtime.CompilerServices.CompilationRelaxationsAttribute",
1266. "assembly": "mscorlib"
1267. },
1268. {
1269. "typename": "System.Runtime.CompilerServices.CompilerGeneratedAttribute",
1270. "assembly": "mscorlib"
1271. },
1272. {
1273. "typename": "System.Runtime.CompilerServices.ExtensionAttribute",
1274. "assembly": "mscorlib"
1275. },
1276. {
1277. "typename": "System.Runtime.CompilerServices.RuntimeCompatibilityAttribute",
1278. "assembly": "mscorlib"
1279. },
1280. {
1281. "typename": "System.Runtime.InteropServices.Marshal",
1282. "assembly": "mscorlib"
1283. },
1284. {
1285. "typename": "System.RuntimeTypeHandle",
1286. "assembly": "mscorlib"
1287. },
1288. {
1289. "typename": "System.String",
1290. "assembly": "mscorlib"
1291. },
1292. {
1293. "typename": "System.Threading.Interlocked",
1294. "assembly": "mscorlib"
1295. },
1296. {
1297. "typename": "System.Type",
1298. "assembly": "mscorlib"
1299. }
1300. ]
1301. },
1302. "pe": {
1303. "peid_signatures": null,
1304. "imports": [
1305. {
1306. "imports": [
1307. {
1308. "name": "_CorExeMain",
1309. "address": "0x402000"
1310. }
1311. ],
1312. "dll": "mscoree.dll"
1313. }
1314. ],
1315. "digital_signers": null,
1316. "exported_dll_name": null,
1317. "actual_checksum": "0x0005f426",
1318. "overlay": {
1319. "size": "0x00019000",
1320. "offset": "0x00045a00"
1321. },
1322. "imagebase": "0x00400000",
1323. "reported_checksum": "0x00049b5d",
1324. "icon_hash": null,
1325. "entrypoint": "0x0040db3e",
1326. "timestamp": "2019-05-07 22:19:29",
1327. "osversion": "4.0",
1328. "sections": [
1329. {
1330. "name": ".text",
1331. "characteristics": "IMAGE_SCN_CNT_CODE|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ",
1332. "virtual_address": "0x00002000",
1333. "size_of_data": "0x0000bc00",
1334. "entropy": "5.29",
1335. "raw_address": "0x00000200",
1336. "virtual_size": "0x0000bb44",
1337. "characteristics_raw": "0x60000020"
1338. },
1339. {
1340. "name": ".rsrc",
1341. "characteristics": "IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ",
1342. "virtual_address": "0x0000e000",
1343. "size_of_data": "0x00039a00",
1344. "entropy": "7.71",
1345. "raw_address": "0x0000be00",
1346. "virtual_size": "0x00039858",
1347. "characteristics_raw": "0x40000040"
1348. },
1349. {
1350. "name": ".reloc",
1351. "characteristics": "IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_DISCARDABLE|IMAGE_SCN_MEM_READ",
1352. "virtual_address": "0x00048000",
1353. "size_of_data": "0x00000200",
1354. "entropy": "0.08",
1355. "raw_address": "0x00045800",
1356. "virtual_size": "0x0000000c",
1357. "characteristics_raw": "0x42000040"
1358. }
1359. ],
1360. "resources": [],
1361. "dirents": [
1362. {
1363. "virtual_address": "0x00000000",
1364. "name": "IMAGE_DIRECTORY_ENTRY_EXPORT",
1365. "size": "0x00000000"
1366. },
1367. {
1368. "virtual_address": "0x0000dae8",
1369. "name": "IMAGE_DIRECTORY_ENTRY_IMPORT",
1370. "size": "0x00000053"
1371. },
1372. {
1373. "virtual_address": "0x0000e000",
1374. "name": "IMAGE_DIRECTORY_ENTRY_RESOURCE",
1375. "size": "0x00039858"
1376. },
1377. {
1378. "virtual_address": "0x00000000",
1379. "name": "IMAGE_DIRECTORY_ENTRY_EXCEPTION",
1380. "size": "0x00000000"
1381. },
1382. {
1383. "virtual_address": "0x00000000",
1384. "name": "IMAGE_DIRECTORY_ENTRY_SECURITY",
1385. "size": "0x00000000"
1386. },
1387. {
1388. "virtual_address": "0x00048000",
1389. "name": "IMAGE_DIRECTORY_ENTRY_BASERELOC",
1390. "size": "0x0000000c"
1391. },
1392. {
1393. "virtual_address": "0x0000da68",
1394. "name": "IMAGE_DIRECTORY_ENTRY_DEBUG",
1395. "size": "0x0000001c"
1396. },
1397. {
1398. "virtual_address": "0x00000000",
1399. "name": "IMAGE_DIRECTORY_ENTRY_COPYRIGHT",
1400. "size": "0x00000000"
1401. },
1402. {
1403. "virtual_address": "0x00000000",
1404. "name": "IMAGE_DIRECTORY_ENTRY_GLOBALPTR",
1405. "size": "0x00000000"
1406. },
1407. {
1408. "virtual_address": "0x00000000",
1409. "name": "IMAGE_DIRECTORY_ENTRY_TLS",
1410. "size": "0x00000000"
1411. },
1412. {
1413. "virtual_address": "0x00000000",
1414. "name": "IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG",
1415. "size": "0x00000000"
1416. },
1417. {
1418. "virtual_address": "0x00000000",
1419. "name": "IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT",
1420. "size": "0x00000000"
1421. },
1422. {
1423. "virtual_address": "0x00002000",
1424. "name": "IMAGE_DIRECTORY_ENTRY_IAT",
1425. "size": "0x00000008"
1426. },
1427. {
1428. "virtual_address": "0x00000000",
1429. "name": "IMAGE_DIRECTORY_ENTRY_DELAY_IMPORT",
1430. "size": "0x00000000"
1431. },
1432. {
1433. "virtual_address": "0x00002008",
1434. "name": "IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR",
1435. "size": "0x00000048"
1436. },
1437. {
1438. "virtual_address": "0x00000000",
1439. "name": "IMAGE_DIRECTORY_ENTRY_RESERVED",
1440. "size": "0x00000000"
1441. }
1442. ],
1443. "exports": [],
1444. "guest_signers": {},
1445. "imphash": "f34d5f2d4577ed6d9ceec516c1f5a744",
1446. "icon_fuzzy": null,
1447. "icon": null,
1448. "pdbpath": "C:\\xampp\\htdocs\\Aspire\\files\\keke_gyHtbwEDdQxcJKxG\\gyHtbwEDdQxcJKxGma.pdb",
1449. "imported_dll_count": 1,
1450. "versioninfo": []
1451. }
1452. }
1453.  
1454. [*] Resolved APIs: [
1455. "advapi32.dll.RegOpenKeyExW",
1456. "advapi32.dll.RegQueryInfoKeyW",
1457. "advapi32.dll.RegEnumKeyExW",
1458. "advapi32.dll.RegEnumValueW",
1459. "advapi32.dll.RegCloseKey",
1460. "advapi32.dll.RegQueryValueExW",
1461. "kernel32.dll.QueryActCtxW",
1462. "shlwapi.dll.UrlIsW"
1463. ]
1464.  
1465. [*] Static Analysis: {
1466. "dotnet": {
1467. "customattrs": [
1468. {
1469. "type": "TypeDef",
1470. "name": "[System]System.ComponentModel.DefaultEventAttribute",
1471. "value": "LoadingStateChang"
1472. },
1473. {
1474. "type": "TypeDef",
1475. "name": "[System]System.ComponentModel.DescriptionAttribute",
1476. "value": "CefSharp ChromiumWebBrowser - Chromium Embedded Framework .Net wrapper. https://github.com/cefsharp/CefSha"
1477. },
1478. {
1479. "type": "MethodDef",
1480. "name": "[mscorlib]System.ObsoleteAttribute",
1481. "value": "Should only be used by the WinForms Designer. Use the ChromiumWebBrowser(string, IRequestContext) constructor overload instea"
1482. }
1483. ],
1484. "assemblyinfo": {
1485. "version": "0.0.0.0",
1486. "name": "gyHtbwEDdQxcJKxGma"
1487. },
1488. "assemblyrefs": [
1489. {
1490. "version": "4.0.0.0",
1491. "name": "mscorlib"
1492. },
1493. {
1494. "version": "4.0.0.0",
1495. "name": "System"
1496. },
1497. {
1498. "version": "4.0.0.0",
1499. "name": "System.Web"
1500. },
1501. {
1502. "version": "73.1.130.0",
1503. "name": "CefSharp.Core"
1504. },
1505. {
1506. "version": "4.0.0.0",
1507. "name": "System.Design"
1508. },
1509. {
1510. "version": "4.0.0.0",
1511. "name": "System.Windows.Forms"
1512. },
1513. {
1514. "version": "4.0.0.0",
1515. "name": "System.Drawing"
1516. },
1517. {
1518. "version": "73.1.130.0",
1519. "name": "CefSharp"
1520. }
1521. ],
1522. "typerefs": [
1523. {
1524. "typename": "CefSharp.AddressChangedEventArgs",
1525. "assembly": "CefSharp"
1526. },
1527. {
1528. "typename": "CefSharp.CefFocusSource",
1529. "assembly": "CefSharp"
1530. },
1531. {
1532. "typename": "CefSharp.CefSharpSettings",
1533. "assembly": "CefSharp"
1534. },
1535. {
1536. "typename": "CefSharp.ConsoleMessageEventArgs",
1537. "assembly": "CefSharp"
1538. },
1539. {
1540. "typename": "CefSharp.DefaultResourceHandlerFactory",
1541. "assembly": "CefSharp"
1542. },
1543. {
1544. "typename": "CefSharp.FrameLoadEndEventArgs",
1545. "assembly": "CefSharp"
1546. },
1547. {
1548. "typename": "CefSharp.FrameLoadStartEventArgs",
1549. "assembly": "CefSharp"
1550. },
1551. {
1552. "typename": "CefSharp.IAudioHandler",
1553. "assembly": "CefSharp"
1554. },
1555. {
1556. "typename": "CefSharp.IBrowser",
1557. "assembly": "CefSharp"
1558. },
1559. {
1560. "typename": "CefSharp.IBrowserHost",
1561. "assembly": "CefSharp"
1562. },
1563. {
1564. "typename": "CefSharp.IBrowserSettings",
1565. "assembly": "CefSharp"
1566. },
1567. {
1568. "typename": "CefSharp.IContextMenuHandler",
1569. "assembly": "CefSharp"
1570. },
1571. {
1572. "typename": "CefSharp.IDialogHandler",
1573. "assembly": "CefSharp"
1574. },
1575. {
1576. "typename": "CefSharp.IDisplayHandler",
1577. "assembly": "CefSharp"
1578. },
1579. {
1580. "typename": "CefSharp.IDownloadHandler",
1581. "assembly": "CefSharp"
1582. },
1583. {
1584. "typename": "CefSharp.IDragHandler",
1585. "assembly": "CefSharp"
1586. },
1587. {
1588. "typename": "CefSharp.IFindHandler",
1589. "assembly": "CefSharp"
1590. },
1591. {
1592. "typename": "CefSharp.IFocusHandler",
1593. "assembly": "CefSharp"
1594. },
1595. {
1596. "typename": "CefSharp.IFrame",
1597. "assembly": "CefSharp"
1598. },
1599. {
1600. "typename": "CefSharp.IJavascriptObjectRepository",
1601. "assembly": "CefSharp"
1602. },
1603. {
1604. "typename": "CefSharp.IJsDialogHandler",
1605. "assembly": "CefSharp"
1606. },
1607. {
1608. "typename": "CefSharp.IKeyboardHandler",
1609. "assembly": "CefSharp"
1610. },
1611. {
1612. "typename": "CefSharp.ILifeSpanHandler",
1613. "assembly": "CefSharp"
1614. },
1615. {
1616. "typename": "CefSharp.ILoadHandler",
1617. "assembly": "CefSharp"
1618. },
1619. {
1620. "typename": "CefSharp.IRenderProcessMessageHandler",
1621. "assembly": "CefSharp"
1622. },
1623. {
1624. "typename": "CefSharp.IRequestContext",
1625. "assembly": "CefSharp"
1626. },
1627. {
1628. "typename": "CefSharp.IRequestHandler",
1629. "assembly": "CefSharp"
1630. },
1631. {
1632. "typename": "CefSharp.IResourceHandlerFactory",
1633. "assembly": "CefSharp"
1634. },
1635. {
1636. "typename": "CefSharp.IWebBrowser",
1637. "assembly": "CefSharp"
1638. },
1639. {
1640. "typename": "CefSharp.IWindowInfo",
1641. "assembly": "CefSharp"
1642. },
1643. {
1644. "typename": "CefSharp.Internals.IBrowserAdapter",
1645. "assembly": "CefSharp"
1646. },
1647. {
1648. "typename": "CefSharp.Internals.IWebBrowserInternal",
1649. "assembly": "CefSharp"
1650. },
1651. {
1652. "typename": "CefSharp.Internals.IntPtrExtensions",
1653. "assembly": "CefSharp"
1654. },
1655. {
1656. "typename": "CefSharp.Internals.InternalWebBrowserExtensions",
1657. "assembly": "CefSharp"
1658. },
1659. {
1660. "typename": "CefSharp.Internals.JavascriptObjectRepository",
1661. "assembly": "CefSharp"
1662. },
1663. {
1664. "typename": "CefSharp.IsBrowserInitializedChangedEventArgs",
1665. "assembly": "CefSharp"
1666. },
1667. {
1668. "typename": "CefSharp.LoadErrorEventArgs",
1669. "assembly": "CefSharp"
1670. },
1671. {
1672. "typename": "CefSharp.LoadingStateChangedEventArgs",
1673. "assembly": "CefSharp"
1674. },
1675. {
1676. "typename": "CefSharp.StatusMessageEventArgs",
1677. "assembly": "CefSharp"
1678. },
1679. {
1680. "typename": "CefSharp.TitleChangedEventArgs",
1681. "assembly": "CefSharp"
1682. },
1683. {
1684. "typename": "CefSharp.WebBrowserExtensions",
1685. "assembly": "CefSharp"
1686. },
1687. {
1688. "typename": "CefSharp.AbstractCefSettings",
1689. "assembly": "CefSharp.Core"
1690. },
1691. {
1692. "typename": "CefSharp.BrowserSettings",
1693. "assembly": "CefSharp.Core"
1694. },
1695. {
1696. "typename": "CefSharp.Cef",
1697. "assembly": "CefSharp.Core"
1698. },
1699. {
1700. "typename": "CefSharp.ManagedCefBrowserAdapter",
1701. "assembly": "CefSharp.Core"
1702. },
1703. {
1704. "typename": "CefSharp.NativeMethodWrapper",
1705. "assembly": "CefSharp.Core"
1706. },
1707. {
1708. "typename": "CefSharp.RequestContext",
1709. "assembly": "CefSharp.Core"
1710. },
1711. {
1712. "typename": "CefSharp.WindowInfo",
1713. "assembly": "CefSharp.Core"
1714. },
1715. {
1716. "typename": "System.ComponentModel.BrowsableAttribute",
1717. "assembly": "System"
1718. },
1719. {
1720. "typename": "System.ComponentModel.Component",
1721. "assembly": "System"
1722. },
1723. {
1724. "typename": "System.ComponentModel.DefaultEventAttribute",
1725. "assembly": "System"
1726. },
1727. {
1728. "typename": "System.ComponentModel.DefaultValueAttribute",
1729. "assembly": "System"
1730. },
1731. {
1732. "typename": "System.ComponentModel.DescriptionAttribute",
1733. "assembly": "System"
1734. },
1735. {
1736. "typename": "System.ComponentModel.DesignerAttribute",
1737. "assembly": "System"
1738. },
1739. {
1740. "typename": "System.ComponentModel.EditorBrowsableAttribute",
1741. "assembly": "System"
1742. },
1743. {
1744. "typename": "System.ComponentModel.EditorBrowsableState",
1745. "assembly": "System"
1746. },
1747. {
1748. "typename": "System.Net.Cookie",
1749. "assembly": "System"
1750. },
1751. {
1752. "typename": "System.Windows.Forms.Design.ControlDesigner",
1753. "assembly": "System.Design"
1754. },
1755. {
1756. "typename": "System.Drawing.Brush",
1757. "assembly": "System.Drawing"
1758. },
1759. {
1760. "typename": "System.Drawing.Brushes",
1761. "assembly": "System.Drawing"
1762. },
1763. {
1764. "typename": "System.Drawing.Font",
1765. "assembly": "System.Drawing"
1766. },
1767. {
1768. "typename": "System.Drawing.Graphics",
1769. "assembly": "System.Drawing"
1770. },
1771. {
1772. "typename": "System.Drawing.Rectangle",
1773. "assembly": "System.Drawing"
1774. },
1775. {
1776. "typename": "System.Drawing.RectangleF",
1777. "assembly": "System.Drawing"
1778. },
1779. {
1780. "typename": "System.Drawing.StringAlignment",
1781. "assembly": "System.Drawing"
1782. },
1783. {
1784. "typename": "System.Drawing.StringFormat",
1785. "assembly": "System.Drawing"
1786. },
1787. {
1788. "typename": "System.Drawing.ToolboxBitmapAttribute",
1789. "assembly": "System.Drawing"
1790. },
1791. {
1792. "typename": "System.Web.HttpServerUtility",
1793. "assembly": "System.Web"
1794. },
1795. {
1796. "typename": "System.Windows.Forms.Application",
1797. "assembly": "System.Windows.Forms"
1798. },
1799. {
1800. "typename": "System.Windows.Forms.ContainerControl",
1801. "assembly": "System.Windows.Forms"
1802. },
1803. {
1804. "typename": "System.Windows.Forms.Control",
1805. "assembly": "System.Windows.Forms"
1806. },
1807. {
1808. "typename": "System.Windows.Forms.DockStyle",
1809. "assembly": "System.Windows.Forms"
1810. },
1811. {
1812. "typename": "System.Windows.Forms.DockingAttribute",
1813. "assembly": "System.Windows.Forms"
1814. },
1815. {
1816. "typename": "System.Windows.Forms.DockingBehavior",
1817. "assembly": "System.Windows.Forms"
1818. },
1819. {
1820. "typename": "System.Windows.Forms.Form",
1821. "assembly": "System.Windows.Forms"
1822. },
1823. {
1824. "typename": "System.Windows.Forms.FormWindowState",
1825. "assembly": "System.Windows.Forms"
1826. },
1827. {
1828. "typename": "System.Windows.Forms.IContainerControl",
1829. "assembly": "System.Windows.Forms"
1830. },
1831. {
1832. "typename": "System.Windows.Forms.Keys",
1833. "assembly": "System.Windows.Forms"
1834. },
1835. {
1836. "typename": "System.Windows.Forms.Message",
1837. "assembly": "System.Windows.Forms"
1838. },
1839. {
1840. "typename": "System.Windows.Forms.NativeWindow",
1841. "assembly": "System.Windows.Forms"
1842. },
1843. {
1844. "typename": "System.Windows.Forms.PaintEventArgs",
1845. "assembly": "System.Windows.Forms"
1846. },
1847. {
1848. "typename": "System.Action",
1849. "assembly": "mscorlib"
1850. },
1851. {
1852. "typename": "System.Collections.Generic.IEqualityComparer`1",
1853. "assembly": "mscorlib"
1854. },
1855. {
1856. "typename": "System.Collections.IDictionary",
1857. "assembly": "mscorlib"
1858. },
1859. {
1860. "typename": "System.Delegate",
1861. "assembly": "mscorlib"
1862. },
1863. {
1864. "typename": "System.Diagnostics.DebuggableAttribute",
1865. "assembly": "mscorlib"
1866. },
1867. {
1868. "typename": "System.Diagnostics.DebuggableAttribute/DebuggingModes",
1869. "assembly": "mscorlib"
1870. },
1871. {
1872. "typename": "System.EventArgs",
1873. "assembly": "mscorlib"
1874. },
1875. {
1876. "typename": "System.EventHandler",
1877. "assembly": "mscorlib"
1878. },
1879. {
1880. "typename": "System.EventHandler`1",
1881. "assembly": "mscorlib"
1882. },
1883. {
1884. "typename": "System.Exception",
1885. "assembly": "mscorlib"
1886. },
1887. {
1888. "typename": "System.IAsyncResult",
1889. "assembly": "mscorlib"
1890. },
1891. {
1892. "typename": "System.IDisposable",
1893. "assembly": "mscorlib"
1894. },
1895. {
1896. "typename": "System.IntPtr",
1897. "assembly": "mscorlib"
1898. },
1899. {
1900. "typename": "System.InvalidOperationException",
1901. "assembly": "mscorlib"
1902. },
1903. {
1904. "typename": "System.Object",
1905. "assembly": "mscorlib"
1906. },
1907. {
1908. "typename": "System.ObsoleteAttribute",
1909. "assembly": "mscorlib"
1910. },
1911. {
1912. "typename": "System.Reflection.Assembly",
1913. "assembly": "mscorlib"
1914. },
1915. {
1916. "typename": "System.Reflection.MethodBase",
1917. "assembly": "mscorlib"
1918. },
1919. {
1920. "typename": "System.Reflection.MethodInfo",
1921. "assembly": "mscorlib"
1922. },
1923. {
1924. "typename": "System.Runtime.CompilerServices.CompilationRelaxationsAttribute",
1925. "assembly": "mscorlib"
1926. },
1927. {
1928. "typename": "System.Runtime.CompilerServices.CompilerGeneratedAttribute",
1929. "assembly": "mscorlib"
1930. },
1931. {
1932. "typename": "System.Runtime.CompilerServices.ExtensionAttribute",
1933. "assembly": "mscorlib"
1934. },
1935. {
1936. "typename": "System.Runtime.CompilerServices.RuntimeCompatibilityAttribute",
1937. "assembly": "mscorlib"
1938. },
1939. {
1940. "typename": "System.Runtime.InteropServices.Marshal",
1941. "assembly": "mscorlib"
1942. },
1943. {
1944. "typename": "System.RuntimeTypeHandle",
1945. "assembly": "mscorlib"
1946. },
1947. {
1948. "typename": "System.String",
1949. "assembly": "mscorlib"
1950. },
1951. {
1952. "typename": "System.Threading.Interlocked",
1953. "assembly": "mscorlib"
1954. },
1955. {
1956. "typename": "System.Type",
1957. "assembly": "mscorlib"
1958. }
1959. ]
1960. },
1961. "pe": {
1962. "peid_signatures": null,
1963. "imports": [
1964. {
1965. "imports": [
1966. {
1967. "name": "_CorExeMain",
1968. "address": "0x402000"
1969. }
1970. ],
1971. "dll": "mscoree.dll"
1972. }
1973. ],
1974. "digital_signers": null,
1975. "exported_dll_name": null,
1976. "actual_checksum": "0x0005f426",
1977. "overlay": {
1978. "size": "0x00019000",
1979. "offset": "0x00045a00"
1980. },
1981. "imagebase": "0x00400000",
1982. "reported_checksum": "0x00049b5d",
1983. "icon_hash": null,
1984. "entrypoint": "0x0040db3e",
1985. "timestamp": "2019-05-07 22:19:29",
1986. "osversion": "4.0",
1987. "sections": [
1988. {
1989. "name": ".text",
1990. "characteristics": "IMAGE_SCN_CNT_CODE|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ",
1991. "virtual_address": "0x00002000",
1992. "size_of_data": "0x0000bc00",
1993. "entropy": "5.29",
1994. "raw_address": "0x00000200",
1995. "virtual_size": "0x0000bb44",
1996. "characteristics_raw": "0x60000020"
1997. },
1998. {
1999. "name": ".rsrc",
2000. "characteristics": "IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ",
2001. "virtual_address": "0x0000e000",
2002. "size_of_data": "0x00039a00",
2003. "entropy": "7.71",
2004. "raw_address": "0x0000be00",
2005. "virtual_size": "0x00039858",
2006. "characteristics_raw": "0x40000040"
2007. },
2008. {
2009. "name": ".reloc",
2010. "characteristics": "IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_DISCARDABLE|IMAGE_SCN_MEM_READ",
2011. "virtual_address": "0x00048000",
2012. "size_of_data": "0x00000200",
2013. "entropy": "0.08",
2014. "raw_address": "0x00045800",
2015. "virtual_size": "0x0000000c",
2016. "characteristics_raw": "0x42000040"
2017. }
2018. ],
2019. "resources": [],
2020. "dirents": [
2021. {
2022. "virtual_address": "0x00000000",
2023. "name": "IMAGE_DIRECTORY_ENTRY_EXPORT",
2024. "size": "0x00000000"
2025. },
2026. {
2027. "virtual_address": "0x0000dae8",
2028. "name": "IMAGE_DIRECTORY_ENTRY_IMPORT",
2029. "size": "0x00000053"
2030. },
2031. {
2032. "virtual_address": "0x0000e000",
2033. "name": "IMAGE_DIRECTORY_ENTRY_RESOURCE",
2034. "size": "0x00039858"
2035. },
2036. {
2037. "virtual_address": "0x00000000",
2038. "name": "IMAGE_DIRECTORY_ENTRY_EXCEPTION",
2039. "size": "0x00000000"
2040. },
2041. {
2042. "virtual_address": "0x00000000",
2043. "name": "IMAGE_DIRECTORY_ENTRY_SECURITY",
2044. "size": "0x00000000"
2045. },
2046. {
2047. "virtual_address": "0x00048000",
2048. "name": "IMAGE_DIRECTORY_ENTRY_BASERELOC",
2049. "size": "0x0000000c"
2050. },
2051. {
2052. "virtual_address": "0x0000da68",
2053. "name": "IMAGE_DIRECTORY_ENTRY_DEBUG",
2054. "size": "0x0000001c"
2055. },
2056. {
2057. "virtual_address": "0x00000000",
2058. "name": "IMAGE_DIRECTORY_ENTRY_COPYRIGHT",
2059. "size": "0x00000000"
2060. },
2061. {
2062. "virtual_address": "0x00000000",
2063. "name": "IMAGE_DIRECTORY_ENTRY_GLOBALPTR",
2064. "size": "0x00000000"
2065. },
2066. {
2067. "virtual_address": "0x00000000",
2068. "name": "IMAGE_DIRECTORY_ENTRY_TLS",
2069. "size": "0x00000000"
2070. },
2071. {
2072. "virtual_address": "0x00000000",
2073. "name": "IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG",
2074. "size": "0x00000000"
2075. },
2076. {
2077. "virtual_address": "0x00000000",
2078. "name": "IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT",
2079. "size": "0x00000000"
2080. },
2081. {
2082. "virtual_address": "0x00002000",
2083. "name": "IMAGE_DIRECTORY_ENTRY_IAT",
2084. "size": "0x00000008"
2085. },
2086. {
2087. "virtual_address": "0x00000000",
2088. "name": "IMAGE_DIRECTORY_ENTRY_DELAY_IMPORT",
2089. "size": "0x00000000"
2090. },
2091. {
2092. "virtual_address": "0x00002008",
2093. "name": "IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR",
2094. "size": "0x00000048"
2095. },
2096. {
2097. "virtual_address": "0x00000000",
2098. "name": "IMAGE_DIRECTORY_ENTRY_RESERVED",
2099. "size": "0x00000000"
2100. }
2101. ],
2102. "exports": [],
2103. "guest_signers": {},
2104. "imphash": "f34d5f2d4577ed6d9ceec516c1f5a744",
2105. "icon_fuzzy": null,
2106. "icon": null,
2107. "pdbpath": "C:\\xampp\\htdocs\\Aspire\\files\\keke_gyHtbwEDdQxcJKxG\\gyHtbwEDdQxcJKxGma.pdb",
2108. "imported_dll_count": 1,
2109. "versioninfo": []
2110. }
2111. }