Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- [*] MalFamily: ""
- [*] MalScore: 3.05
- [*] File Name: "Dridex_a177c6dc08457a93771ab177801f4596.exe"
- [*] File Size: 381952
- [*] File Type: "PE32 executable (console) Intel 80386, for MS Windows"
- [*] SHA256: "93129fefaa42061ae09972c9c5b35f8d38655a099706c2d938f3cb9fadb43d05"
- [*] MD5: "a177c6dc08457a93771ab177801f4596"
- [*] SHA1: "c5b5f1f59f180bf6bbfca7ae86c665b76169be78"
- [*] SHA512: "4afe0931a17d8e57951d633b3e1d35447c9546e42e6f5f4e285ffa41d8a4e42112767ae7f43c8f8c5d5ab5368c0ade7908cbd16b636f24e419a8f89f441d96d7"
- [*] CRC32: "2FC0DB62"
- [*] SSDEEP: "6144:wNfJVsxPPXRWF1Lm22LmRW6o5OkrlpJ3okt7tLJefhh2NK2:CHsxPPXwFFm22B6LGLBAhINK"
- [*] Process Execution: [
- "Dridex_a177c6dc08457a93771ab177801f4596.exe"
- ]
- [*] Signatures Detected: [
- {
- "Description": "Creates RWX memory",
- "Details": []
- },
- {
- "Description": "File has been identified by 7 Antiviruses on VirusTotal as malicious",
- "Details": [
- {
- "FireEye": "Generic.mg.a177c6dc08457a93"
- },
- {
- "Trapmine": "malicious.high.ml.score"
- },
- {
- "Microsoft": "Trojan:Win32/Wacatac.B!ml"
- },
- {
- "Endgame": "malicious (high confidence)"
- },
- {
- "Acronis": "suspicious"
- },
- {
- "Rising": "Malware.Heuristic.MLite(80%) (AI-LITE:Mr3NoWNO4bXzcgVSu3a/dg)"
- },
- {
- "CrowdStrike": "win/malicious_confidence_70% (D)"
- }
- ]
- },
- {
- "Description": "Performs some HTTP requests",
- "Details": [
- {
- "url": "http://ocsp.digicert.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBTfqhLjKLEJQZPin0KCzkdAQpVYowQUsT7DaQP4v0cB1JgmGggC72NkK8MCEAPxtOFfOoLxFJZ4s9fYR1w%3D"
- },
- {
- "url": "http://ocsp.digicert.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBSPwl%2BrBFlJbvzLXU1bGW08VysJ2wQUj%2Bh%2B8G0yagAFI8dwl2o6kP9r6tQCEA%2BdzSc7B3UzA8k03selSwo%3D"
- },
- {
- "url": "http://ocsp.digicert.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBSPwl%2BrBFlJbvzLXU1bGW08VysJ2wQUj%2Bh%2B8G0yagAFI8dwl2o6kP9r6tQCEAaJg2QslT5G973OQUPxM8E%3D"
- },
- {
- "url": "http://ocsp.pki.goog/GTSGIAG3/MFEwTzBNMEswSTAJBgUrDgMCGgUABBT27bBjYjKBmjX2jXWgnQJKEapsrQQUd8K4UJpndnaxLcKG0IOgfqZ%2BuksCEDoV9Mh%2FtNM5k9Pus79K5eQ%3D"
- },
- {
- "url": "http://ocsp.digicert.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBTBL0V27RVZ7LBduom%2FnYB45SPUEwQU5Z1ZMIJHWMys%2BghUNoZ7OrUETfACEAi4elAbvpzaLRZNPjlRv1U%3D"
- },
- {
- "url": "http://ocsp.comodoca.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBReAhtobFzTvhaRmVeJ38QUchY9AwQUu69%2BAj36pvE8hI6t7jiY7NkyMtQCEDaCXn%2B1pIGTfvbRc2u5PKY%3D"
- },
- {
- "url": "http://ocsp.pki.goog/GTSGIAG3/MFEwTzBNMEswSTAJBgUrDgMCGgUABBT27bBjYjKBmjX2jXWgnQJKEapsrQQUd8K4UJpndnaxLcKG0IOgfqZ%2BuksCEEpXWRnDaZSEY67E8B6coDU%3D"
- },
- {
- "url": "http://ocsp.digicert.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBSnR4FoxLLkI7vkvsUIFlZt%2BlGH3gQUWsS5eyoKo6XqcQPAYPkt9mV1DlgCEAwVvkoVuwkDyQGx1sJlMC8%3D"
- },
- {
- "url": "http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab"
- },
- {
- "url": "http://ocsp.digicert.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBTBL0V27RVZ7LBduom%2FnYB45SPUEwQU5Z1ZMIJHWMys%2BghUNoZ7OrUETfACEA8sEMlbBsCTf7jUSfg%2BhWk%3D"
- },
- {
- "url": "http://ocsp.digicert.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBT3xL4LQLXDRDM9P665TW442vrsUQQUReuir%2FSSy4IxLVGLp6chnfNtyA8CEAQJGBtf1btmdVNDtW%2BVUAg%3D"
- },
- {
- "url": "http://ocsp.digicert.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBTBL0V27RVZ7LBduom%2FnYB45SPUEwQU5Z1ZMIJHWMys%2BghUNoZ7OrUETfACEAiIzVJfGSRETRSlgpHeuVI%3D"
- },
- {
- "url": "http://ocsp.pki.goog/GTSGIAG3/MFEwTzBNMEswSTAJBgUrDgMCGgUABBT27bBjYjKBmjX2jXWgnQJKEapsrQQUd8K4UJpndnaxLcKG0IOgfqZ%2BuksCEH4PjD8bD0NfJXpoX0ln6s4%3D"
- },
- {
- "url": "http://ocsp.pki.goog/GTSGIAG3/MFEwTzBNMEswSTAJBgUrDgMCGgUABBT27bBjYjKBmjX2jXWgnQJKEapsrQQUd8K4UJpndnaxLcKG0IOgfqZ%2BuksCEHQnb7Tt0tUhlRVnnq4nPN8%3D"
- },
- {
- "url": "http://ocsp.digicert.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBSnR4FoxLLkI7vkvsUIFlZt%2BlGH3gQUWsS5eyoKo6XqcQPAYPkt9mV1DlgCEAM%2B1e2gZdG4yR38%2BSpsm9g%3D"
- },
- {
- "url": "http://ocsp.pki.goog/GTSGIAG3/MFEwTzBNMEswSTAJBgUrDgMCGgUABBT27bBjYjKBmjX2jXWgnQJKEapsrQQUd8K4UJpndnaxLcKG0IOgfqZ%2BuksCEHAHFVlJElKyLEMbtWWDIbo%3D"
- },
- {
- "url": "http://ocsp.msocsp.com/MFQwUjBQME4wTDAJBgUrDgMCGgUABBRPC1vZt9qvn7bzY3Iidtbhla4mKQQUWIif1tycSCK3FD7%2FhIjo5oX%2F%2Bn0CE3sAAGyvV14%2FmEPDgh0AAAAAbK8%3D"
- },
- {
- "url": "http://ocsp.thawte.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBQwF4prw9S7mCbCEHD%2Fyl6nWPkczAQUe1tFz6%2FOy3r9MZIaarbzRutXSFACEEeXTXhzpbyrDS%2BzcBkvzl4%3D"
- },
- {
- "url": "http://ocsp.usertrust.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBR8sWZUnKvbRO5iJhat9GV793rVlAQUrb2YejS0Jvf6xCZU7wO94CTLVBoCECdm7lbrSfOOq9dwovyE3iI%3D"
- },
- {
- "url": "http://th.symcd.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRsif7263KedmR2MLuYKv9%2BWQCtWAQU1A1lP3q9NMb%2BR%2BdMDcC98t4Vq3ECEBT4%2FdFn%2BSQCsVcLXcSVyBU%3D"
- },
- {
- "url": "http://ocsp.digicert.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBSAUQYBMq2awn1Rh6Doh%2FsBYgFV7gQUA95QNVbRTLtm8KPiGxvDl7I90VUCEAH9o%2BtuynXIiEOLckvPvJE%3D"
- },
- {
- "url": "http://ocsp.digicert.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBSAUQYBMq2awn1Rh6Doh%2FsBYgFV7gQUA95QNVbRTLtm8KPiGxvDl7I90VUCEAVG%2Fhgj9%2BGUHaOfzhTEYXM%3D"
- },
- {
- "url": "http://ocsp.pki.goog/gsr2/ME4wTDBKMEgwRjAJBgUrDgMCGgUABBTgXIsxbvr2lBkPpoIEVRE6gHlCnAQUm%2BIHV2ccHsBqBt5ZtJot39wZhi4CDQHjqTAc%2FHIGOD%2BaUx0%3D"
- },
- {
- "url": "http://redirector.gvt1.com/edgedl/release2/chrome/APHZtEIErdMX_75.0.3770.100/75.0.3770.100_73.0.3683.86_chrome_updater.exe"
- },
- {
- "url": "http://r5---sn-tt1e7n7k.gvt1.com/edgedl/release2/chrome/APHZtEIErdMX_75.0.3770.100/75.0.3770.100_73.0.3683.86_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1e7n7k&ms=nvh&mt=1560970174&mv=m&pl=24&shardbypass=yes"
- }
- ]
- }
- ]
- [*] Started Service: []
- [*] Executed Commands: []
- [*] Mutexes: [
- "DBWinMutex"
- ]
- [*] Modified Files: []
- [*] Deleted Files: []
- [*] Modified Registry Keys: []
- [*] Deleted Registry Keys: []
- [*] DNS Communications: []
- [*] Domains: []
- [*] Network Communication - ICMP: []
- [*] Network Communication - HTTP: [
- {
- "count": 1,
- "body": "",
- "uri": "http://ocsp.digicert.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBTfqhLjKLEJQZPin0KCzkdAQpVYowQUsT7DaQP4v0cB1JgmGggC72NkK8MCEAPxtOFfOoLxFJZ4s9fYR1w%3D",
- "user-agent": "Microsoft-CryptoAPI/6.1",
- "method": "GET",
- "host": "ocsp.digicert.com",
- "version": "1.1",
- "path": "/MFEwTzBNMEswSTAJBgUrDgMCGgUABBTfqhLjKLEJQZPin0KCzkdAQpVYowQUsT7DaQP4v0cB1JgmGggC72NkK8MCEAPxtOFfOoLxFJZ4s9fYR1w%3D",
- "data": "GET /MFEwTzBNMEswSTAJBgUrDgMCGgUABBTfqhLjKLEJQZPin0KCzkdAQpVYowQUsT7DaQP4v0cB1JgmGggC72NkK8MCEAPxtOFfOoLxFJZ4s9fYR1w%3D HTTP/1.1\r\nCache-Control: max-age = 128165\r\nConnection: Keep-Alive\r\nAccept: */*\r\nIf-Modified-Since: Sat, 23 Mar 2019 11:02:13 GMT\r\nIf-None-Match: \"5c961235-1d7\"\r\nUser-Agent: Microsoft-CryptoAPI/6.1\r\nHost: ocsp.digicert.com\r\n\r\n",
- "port": 80
- },
- {
- "count": 1,
- "body": "",
- "uri": "http://ocsp.digicert.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBSPwl%2BrBFlJbvzLXU1bGW08VysJ2wQUj%2Bh%2B8G0yagAFI8dwl2o6kP9r6tQCEA%2BdzSc7B3UzA8k03selSwo%3D",
- "user-agent": "Microsoft-CryptoAPI/6.1",
- "method": "GET",
- "host": "ocsp.digicert.com",
- "version": "1.1",
- "path": "/MFEwTzBNMEswSTAJBgUrDgMCGgUABBSPwl%2BrBFlJbvzLXU1bGW08VysJ2wQUj%2Bh%2B8G0yagAFI8dwl2o6kP9r6tQCEA%2BdzSc7B3UzA8k03selSwo%3D",
- "data": "GET /MFEwTzBNMEswSTAJBgUrDgMCGgUABBSPwl%2BrBFlJbvzLXU1bGW08VysJ2wQUj%2Bh%2B8G0yagAFI8dwl2o6kP9r6tQCEA%2BdzSc7B3UzA8k03selSwo%3D HTTP/1.1\r\nConnection: Keep-Alive\r\nAccept: */*\r\nUser-Agent: Microsoft-CryptoAPI/6.1\r\nHost: ocsp.digicert.com\r\n\r\n",
- "port": 80
- },
- {
- "count": 1,
- "body": "",
- "uri": "http://ocsp.digicert.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBSPwl%2BrBFlJbvzLXU1bGW08VysJ2wQUj%2Bh%2B8G0yagAFI8dwl2o6kP9r6tQCEAaJg2QslT5G973OQUPxM8E%3D",
- "user-agent": "Microsoft-CryptoAPI/6.1",
- "method": "GET",
- "host": "ocsp.digicert.com",
- "version": "1.1",
- "path": "/MFEwTzBNMEswSTAJBgUrDgMCGgUABBSPwl%2BrBFlJbvzLXU1bGW08VysJ2wQUj%2Bh%2B8G0yagAFI8dwl2o6kP9r6tQCEAaJg2QslT5G973OQUPxM8E%3D",
- "data": "GET /MFEwTzBNMEswSTAJBgUrDgMCGgUABBSPwl%2BrBFlJbvzLXU1bGW08VysJ2wQUj%2Bh%2B8G0yagAFI8dwl2o6kP9r6tQCEAaJg2QslT5G973OQUPxM8E%3D HTTP/1.1\r\nCache-Control: max-age = 143038\r\nConnection: Keep-Alive\r\nAccept: */*\r\nIf-Modified-Since: Sat, 23 Mar 2019 15:00:07 GMT\r\nIf-None-Match: \"5c9649f7-1d7\"\r\nUser-Agent: Microsoft-CryptoAPI/6.1\r\nHost: ocsp.digicert.com\r\n\r\n",
- "port": 80
- },
- {
- "count": 1,
- "body": "",
- "uri": "http://ocsp.pki.goog/GTSGIAG3/MFEwTzBNMEswSTAJBgUrDgMCGgUABBT27bBjYjKBmjX2jXWgnQJKEapsrQQUd8K4UJpndnaxLcKG0IOgfqZ%2BuksCEDoV9Mh%2FtNM5k9Pus79K5eQ%3D",
- "user-agent": "Microsoft-CryptoAPI/6.1",
- "method": "GET",
- "host": "ocsp.pki.goog",
- "version": "1.1",
- "path": "/GTSGIAG3/MFEwTzBNMEswSTAJBgUrDgMCGgUABBT27bBjYjKBmjX2jXWgnQJKEapsrQQUd8K4UJpndnaxLcKG0IOgfqZ%2BuksCEDoV9Mh%2FtNM5k9Pus79K5eQ%3D",
- "data": "GET /GTSGIAG3/MFEwTzBNMEswSTAJBgUrDgMCGgUABBT27bBjYjKBmjX2jXWgnQJKEapsrQQUd8K4UJpndnaxLcKG0IOgfqZ%2BuksCEDoV9Mh%2FtNM5k9Pus79K5eQ%3D HTTP/1.1\r\nCache-Control: max-age = 86400\r\nConnection: Keep-Alive\r\nAccept: */*\r\nUser-Agent: Microsoft-CryptoAPI/6.1\r\nHost: ocsp.pki.goog\r\n\r\n",
- "port": 80
- },
- {
- "count": 1,
- "body": "",
- "uri": "http://ocsp.digicert.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBTBL0V27RVZ7LBduom%2FnYB45SPUEwQU5Z1ZMIJHWMys%2BghUNoZ7OrUETfACEAi4elAbvpzaLRZNPjlRv1U%3D",
- "user-agent": "Microsoft-CryptoAPI/6.1",
- "method": "GET",
- "host": "ocsp.digicert.com",
- "version": "1.1",
- "path": "/MFEwTzBNMEswSTAJBgUrDgMCGgUABBTBL0V27RVZ7LBduom%2FnYB45SPUEwQU5Z1ZMIJHWMys%2BghUNoZ7OrUETfACEAi4elAbvpzaLRZNPjlRv1U%3D",
- "data": "GET /MFEwTzBNMEswSTAJBgUrDgMCGgUABBTBL0V27RVZ7LBduom%2FnYB45SPUEwQU5Z1ZMIJHWMys%2BghUNoZ7OrUETfACEAi4elAbvpzaLRZNPjlRv1U%3D HTTP/1.1\r\nCache-Control: max-age = 89056\r\nConnection: Keep-Alive\r\nAccept: */*\r\nIf-Modified-Since: Fri, 22 Mar 2019 18:30:24 GMT\r\nIf-None-Match: \"5c9529c0-1d7\"\r\nUser-Agent: Microsoft-CryptoAPI/6.1\r\nHost: ocsp.digicert.com\r\n\r\n",
- "port": 80
- },
- {
- "count": 1,
- "body": "",
- "uri": "http://crl.microsoft.com/pki/crl/products/MicrosoftTimeStampPCA.crl",
- "user-agent": "Microsoft-CryptoAPI/6.1",
- "method": "GET",
- "host": "crl.microsoft.com",
- "version": "1.1",
- "path": "/pki/crl/products/MicrosoftTimeStampPCA.crl",
- "data": "GET /pki/crl/products/MicrosoftTimeStampPCA.crl HTTP/1.1\r\nConnection: Keep-Alive\r\nAccept: */*\r\nIf-Modified-Since: Sat, 16 Feb 2019 02:02:49 GMT\r\nUser-Agent: Microsoft-CryptoAPI/6.1\r\nHost: crl.microsoft.com\r\n\r\n",
- "port": 80
- },
- {
- "count": 1,
- "body": "",
- "uri": "http://ocsp.comodoca.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBReAhtobFzTvhaRmVeJ38QUchY9AwQUu69%2BAj36pvE8hI6t7jiY7NkyMtQCEDaCXn%2B1pIGTfvbRc2u5PKY%3D",
- "user-agent": "Microsoft-CryptoAPI/6.1",
- "method": "GET",
- "host": "ocsp.comodoca.com",
- "version": "1.1",
- "path": "/MFEwTzBNMEswSTAJBgUrDgMCGgUABBReAhtobFzTvhaRmVeJ38QUchY9AwQUu69%2BAj36pvE8hI6t7jiY7NkyMtQCEDaCXn%2B1pIGTfvbRc2u5PKY%3D",
- "data": "GET /MFEwTzBNMEswSTAJBgUrDgMCGgUABBReAhtobFzTvhaRmVeJ38QUchY9AwQUu69%2BAj36pvE8hI6t7jiY7NkyMtQCEDaCXn%2B1pIGTfvbRc2u5PKY%3D HTTP/1.1\r\nCache-Control: max-age = 94804\r\nConnection: Keep-Alive\r\nAccept: */*\r\nIf-Modified-Since: Mon, 11 Mar 2019 04:19:13 GMT\r\nUser-Agent: Microsoft-CryptoAPI/6.1\r\nHost: ocsp.comodoca.com\r\n\r\n",
- "port": 80
- },
- {
- "count": 1,
- "body": "",
- "uri": "http://ocsp.pki.goog/GTSGIAG3/MFEwTzBNMEswSTAJBgUrDgMCGgUABBT27bBjYjKBmjX2jXWgnQJKEapsrQQUd8K4UJpndnaxLcKG0IOgfqZ%2BuksCEEpXWRnDaZSEY67E8B6coDU%3D",
- "user-agent": "Microsoft-CryptoAPI/6.1",
- "method": "GET",
- "host": "ocsp.pki.goog",
- "version": "1.1",
- "path": "/GTSGIAG3/MFEwTzBNMEswSTAJBgUrDgMCGgUABBT27bBjYjKBmjX2jXWgnQJKEapsrQQUd8K4UJpndnaxLcKG0IOgfqZ%2BuksCEEpXWRnDaZSEY67E8B6coDU%3D",
- "data": "GET /GTSGIAG3/MFEwTzBNMEswSTAJBgUrDgMCGgUABBT27bBjYjKBmjX2jXWgnQJKEapsrQQUd8K4UJpndnaxLcKG0IOgfqZ%2BuksCEEpXWRnDaZSEY67E8B6coDU%3D HTTP/1.1\r\nCache-Control: max-age = 86400\r\nConnection: Keep-Alive\r\nAccept: */*\r\nUser-Agent: Microsoft-CryptoAPI/6.1\r\nHost: ocsp.pki.goog\r\n\r\n",
- "port": 80
- },
- {
- "count": 1,
- "body": "",
- "uri": "http://ocsp.digicert.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBSnR4FoxLLkI7vkvsUIFlZt%2BlGH3gQUWsS5eyoKo6XqcQPAYPkt9mV1DlgCEAwVvkoVuwkDyQGx1sJlMC8%3D",
- "user-agent": "Microsoft-CryptoAPI/6.1",
- "method": "GET",
- "host": "ocsp.digicert.com",
- "version": "1.1",
- "path": "/MFEwTzBNMEswSTAJBgUrDgMCGgUABBSnR4FoxLLkI7vkvsUIFlZt%2BlGH3gQUWsS5eyoKo6XqcQPAYPkt9mV1DlgCEAwVvkoVuwkDyQGx1sJlMC8%3D",
- "data": "GET /MFEwTzBNMEswSTAJBgUrDgMCGgUABBSnR4FoxLLkI7vkvsUIFlZt%2BlGH3gQUWsS5eyoKo6XqcQPAYPkt9mV1DlgCEAwVvkoVuwkDyQGx1sJlMC8%3D HTTP/1.1\r\nCache-Control: max-age = 108232\r\nConnection: Keep-Alive\r\nAccept: */*\r\nIf-Modified-Since: Fri, 22 Mar 2019 23:50:01 GMT\r\nIf-None-Match: \"5c9574a9-1d7\"\r\nUser-Agent: Microsoft-CryptoAPI/6.1\r\nHost: ocsp.digicert.com\r\n\r\n",
- "port": 80
- },
- {
- "count": 1,
- "body": "",
- "uri": "http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab",
- "user-agent": "Microsoft-CryptoAPI/6.1",
- "method": "GET",
- "host": "www.download.windowsupdate.com",
- "version": "1.1",
- "path": "/msdownload/update/v3/static/trustedr/en/authrootstl.cab",
- "data": "GET /msdownload/update/v3/static/trustedr/en/authrootstl.cab HTTP/1.1\r\nCache-Control: max-age = 86400\r\nConnection: Keep-Alive\r\nAccept: */*\r\nIf-Modified-Since: Fri, 22 Feb 2019 16:53:13 GMT\r\nIf-None-Match: \"80e22c19cfcad41:0\"\r\nUser-Agent: Microsoft-CryptoAPI/6.1\r\nHost: www.download.windowsupdate.com\r\n\r\n",
- "port": 80
- },
- {
- "count": 1,
- "body": "",
- "uri": "http://crl.microsoft.com/pki/crl/products/MicCodSigPCA_08-31-2010.crl",
- "user-agent": "Microsoft-CryptoAPI/6.1",
- "method": "GET",
- "host": "crl.microsoft.com",
- "version": "1.1",
- "path": "/pki/crl/products/MicCodSigPCA_08-31-2010.crl",
- "data": "GET /pki/crl/products/MicCodSigPCA_08-31-2010.crl HTTP/1.1\r\nConnection: Keep-Alive\r\nAccept: */*\r\nIf-Modified-Since: Thu, 14 Feb 2019 06:01:18 GMT\r\nUser-Agent: Microsoft-CryptoAPI/6.1\r\nHost: crl.microsoft.com\r\n\r\n",
- "port": 80
- },
- {
- "count": 1,
- "body": "",
- "uri": "http://ocsp.digicert.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBTBL0V27RVZ7LBduom%2FnYB45SPUEwQU5Z1ZMIJHWMys%2BghUNoZ7OrUETfACEA8sEMlbBsCTf7jUSfg%2BhWk%3D",
- "user-agent": "Microsoft-CryptoAPI/6.1",
- "method": "GET",
- "host": "ocsp.digicert.com",
- "version": "1.1",
- "path": "/MFEwTzBNMEswSTAJBgUrDgMCGgUABBTBL0V27RVZ7LBduom%2FnYB45SPUEwQU5Z1ZMIJHWMys%2BghUNoZ7OrUETfACEA8sEMlbBsCTf7jUSfg%2BhWk%3D",
- "data": "GET /MFEwTzBNMEswSTAJBgUrDgMCGgUABBTBL0V27RVZ7LBduom%2FnYB45SPUEwQU5Z1ZMIJHWMys%2BghUNoZ7OrUETfACEA8sEMlbBsCTf7jUSfg%2BhWk%3D HTTP/1.1\r\nCache-Control: max-age = 93156\r\nConnection: Keep-Alive\r\nAccept: */*\r\nIf-Modified-Since: Sat, 16 Mar 2019 04:40:45 GMT\r\nIf-None-Match: \"5c8c7e4d-1d7\"\r\nUser-Agent: Microsoft-CryptoAPI/6.1\r\nHost: ocsp.digicert.com\r\n\r\n",
- "port": 80
- },
- {
- "count": 1,
- "body": "",
- "uri": "http://ocsp.digicert.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBT3xL4LQLXDRDM9P665TW442vrsUQQUReuir%2FSSy4IxLVGLp6chnfNtyA8CEAQJGBtf1btmdVNDtW%2BVUAg%3D",
- "user-agent": "Microsoft-CryptoAPI/6.1",
- "method": "GET",
- "host": "ocsp.digicert.com",
- "version": "1.1",
- "path": "/MFEwTzBNMEswSTAJBgUrDgMCGgUABBT3xL4LQLXDRDM9P665TW442vrsUQQUReuir%2FSSy4IxLVGLp6chnfNtyA8CEAQJGBtf1btmdVNDtW%2BVUAg%3D",
- "data": "GET /MFEwTzBNMEswSTAJBgUrDgMCGgUABBT3xL4LQLXDRDM9P665TW442vrsUQQUReuir%2FSSy4IxLVGLp6chnfNtyA8CEAQJGBtf1btmdVNDtW%2BVUAg%3D HTTP/1.1\r\nCache-Control: max-age = 149079\r\nConnection: Keep-Alive\r\nAccept: */*\r\nIf-Modified-Since: Sat, 23 Mar 2019 11:10:47 GMT\r\nIf-None-Match: \"5c961437-1d7\"\r\nUser-Agent: Microsoft-CryptoAPI/6.1\r\nHost: ocsp.digicert.com\r\n\r\n",
- "port": 80
- },
- {
- "count": 1,
- "body": "",
- "uri": "http://ocsp.digicert.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBTBL0V27RVZ7LBduom%2FnYB45SPUEwQU5Z1ZMIJHWMys%2BghUNoZ7OrUETfACEAiIzVJfGSRETRSlgpHeuVI%3D",
- "user-agent": "Microsoft-CryptoAPI/6.1",
- "method": "GET",
- "host": "ocsp.digicert.com",
- "version": "1.1",
- "path": "/MFEwTzBNMEswSTAJBgUrDgMCGgUABBTBL0V27RVZ7LBduom%2FnYB45SPUEwQU5Z1ZMIJHWMys%2BghUNoZ7OrUETfACEAiIzVJfGSRETRSlgpHeuVI%3D",
- "data": "GET /MFEwTzBNMEswSTAJBgUrDgMCGgUABBTBL0V27RVZ7LBduom%2FnYB45SPUEwQU5Z1ZMIJHWMys%2BghUNoZ7OrUETfACEAiIzVJfGSRETRSlgpHeuVI%3D HTTP/1.1\r\nCache-Control: max-age = 148251\r\nConnection: Keep-Alive\r\nAccept: */*\r\nIf-Modified-Since: Sat, 16 Mar 2019 18:10:24 GMT\r\nIf-None-Match: \"5c8d3c10-1d7\"\r\nUser-Agent: Microsoft-CryptoAPI/6.1\r\nHost: ocsp.digicert.com\r\n\r\n",
- "port": 80
- },
- {
- "count": 1,
- "body": "",
- "uri": "http://ocsp.pki.goog/GTSGIAG3/MFEwTzBNMEswSTAJBgUrDgMCGgUABBT27bBjYjKBmjX2jXWgnQJKEapsrQQUd8K4UJpndnaxLcKG0IOgfqZ%2BuksCEH4PjD8bD0NfJXpoX0ln6s4%3D",
- "user-agent": "Microsoft-CryptoAPI/6.1",
- "method": "GET",
- "host": "ocsp.pki.goog",
- "version": "1.1",
- "path": "/GTSGIAG3/MFEwTzBNMEswSTAJBgUrDgMCGgUABBT27bBjYjKBmjX2jXWgnQJKEapsrQQUd8K4UJpndnaxLcKG0IOgfqZ%2BuksCEH4PjD8bD0NfJXpoX0ln6s4%3D",
- "data": "GET /GTSGIAG3/MFEwTzBNMEswSTAJBgUrDgMCGgUABBT27bBjYjKBmjX2jXWgnQJKEapsrQQUd8K4UJpndnaxLcKG0IOgfqZ%2BuksCEH4PjD8bD0NfJXpoX0ln6s4%3D HTTP/1.1\r\nCache-Control: max-age = 86400\r\nConnection: Keep-Alive\r\nAccept: */*\r\nUser-Agent: Microsoft-CryptoAPI/6.1\r\nHost: ocsp.pki.goog\r\n\r\n",
- "port": 80
- },
- {
- "count": 1,
- "body": "",
- "uri": "http://ocsp.pki.goog/GTSGIAG3/MFEwTzBNMEswSTAJBgUrDgMCGgUABBT27bBjYjKBmjX2jXWgnQJKEapsrQQUd8K4UJpndnaxLcKG0IOgfqZ%2BuksCEHQnb7Tt0tUhlRVnnq4nPN8%3D",
- "user-agent": "Microsoft-CryptoAPI/6.1",
- "method": "GET",
- "host": "ocsp.pki.goog",
- "version": "1.1",
- "path": "/GTSGIAG3/MFEwTzBNMEswSTAJBgUrDgMCGgUABBT27bBjYjKBmjX2jXWgnQJKEapsrQQUd8K4UJpndnaxLcKG0IOgfqZ%2BuksCEHQnb7Tt0tUhlRVnnq4nPN8%3D",
- "data": "GET /GTSGIAG3/MFEwTzBNMEswSTAJBgUrDgMCGgUABBT27bBjYjKBmjX2jXWgnQJKEapsrQQUd8K4UJpndnaxLcKG0IOgfqZ%2BuksCEHQnb7Tt0tUhlRVnnq4nPN8%3D HTTP/1.1\r\nCache-Control: max-age = 86400\r\nConnection: Keep-Alive\r\nAccept: */*\r\nUser-Agent: Microsoft-CryptoAPI/6.1\r\nHost: ocsp.pki.goog\r\n\r\n",
- "port": 80
- },
- {
- "count": 1,
- "body": "",
- "uri": "http://ocsp.digicert.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBSnR4FoxLLkI7vkvsUIFlZt%2BlGH3gQUWsS5eyoKo6XqcQPAYPkt9mV1DlgCEAM%2B1e2gZdG4yR38%2BSpsm9g%3D",
- "user-agent": "Microsoft-CryptoAPI/6.1",
- "method": "GET",
- "host": "ocsp.digicert.com",
- "version": "1.1",
- "path": "/MFEwTzBNMEswSTAJBgUrDgMCGgUABBSnR4FoxLLkI7vkvsUIFlZt%2BlGH3gQUWsS5eyoKo6XqcQPAYPkt9mV1DlgCEAM%2B1e2gZdG4yR38%2BSpsm9g%3D",
- "data": "GET /MFEwTzBNMEswSTAJBgUrDgMCGgUABBSnR4FoxLLkI7vkvsUIFlZt%2BlGH3gQUWsS5eyoKo6XqcQPAYPkt9mV1DlgCEAM%2B1e2gZdG4yR38%2BSpsm9g%3D HTTP/1.1\r\nCache-Control: max-age = 126990\r\nConnection: Keep-Alive\r\nAccept: */*\r\nIf-Modified-Since: Sat, 23 Mar 2019 10:41:16 GMT\r\nIf-None-Match: \"5c960d4c-1d7\"\r\nUser-Agent: Microsoft-CryptoAPI/6.1\r\nHost: ocsp.digicert.com\r\n\r\n",
- "port": 80
- },
- {
- "count": 1,
- "body": "",
- "uri": "http://ocsp.pki.goog/GTSGIAG3/MFEwTzBNMEswSTAJBgUrDgMCGgUABBT27bBjYjKBmjX2jXWgnQJKEapsrQQUd8K4UJpndnaxLcKG0IOgfqZ%2BuksCEHAHFVlJElKyLEMbtWWDIbo%3D",
- "user-agent": "Microsoft-CryptoAPI/6.1",
- "method": "GET",
- "host": "ocsp.pki.goog",
- "version": "1.1",
- "path": "/GTSGIAG3/MFEwTzBNMEswSTAJBgUrDgMCGgUABBT27bBjYjKBmjX2jXWgnQJKEapsrQQUd8K4UJpndnaxLcKG0IOgfqZ%2BuksCEHAHFVlJElKyLEMbtWWDIbo%3D",
- "data": "GET /GTSGIAG3/MFEwTzBNMEswSTAJBgUrDgMCGgUABBT27bBjYjKBmjX2jXWgnQJKEapsrQQUd8K4UJpndnaxLcKG0IOgfqZ%2BuksCEHAHFVlJElKyLEMbtWWDIbo%3D HTTP/1.1\r\nCache-Control: max-age = 86400\r\nConnection: Keep-Alive\r\nAccept: */*\r\nUser-Agent: Microsoft-CryptoAPI/6.1\r\nHost: ocsp.pki.goog\r\n\r\n",
- "port": 80
- },
- {
- "count": 1,
- "body": "",
- "uri": "http://ocsp.msocsp.com/MFQwUjBQME4wTDAJBgUrDgMCGgUABBRPC1vZt9qvn7bzY3Iidtbhla4mKQQUWIif1tycSCK3FD7%2FhIjo5oX%2F%2Bn0CE3sAAGyvV14%2FmEPDgh0AAAAAbK8%3D",
- "user-agent": "Microsoft-CryptoAPI/6.1",
- "method": "GET",
- "host": "ocsp.msocsp.com",
- "version": "1.1",
- "path": "/MFQwUjBQME4wTDAJBgUrDgMCGgUABBRPC1vZt9qvn7bzY3Iidtbhla4mKQQUWIif1tycSCK3FD7%2FhIjo5oX%2F%2Bn0CE3sAAGyvV14%2FmEPDgh0AAAAAbK8%3D",
- "data": "GET /MFQwUjBQME4wTDAJBgUrDgMCGgUABBRPC1vZt9qvn7bzY3Iidtbhla4mKQQUWIif1tycSCK3FD7%2FhIjo5oX%2F%2Bn0CE3sAAGyvV14%2FmEPDgh0AAAAAbK8%3D HTTP/1.1\r\nConnection: Keep-Alive\r\nAccept: */*\r\nIf-Modified-Since: Sat, 23 Mar 2019 17:46:18 GMT\r\nIf-None-Match: \"dd54d75d4688b8dc62b087df4e04af258704c48b\"\r\nUser-Agent: Microsoft-CryptoAPI/6.1\r\nHost: ocsp.msocsp.com\r\n\r\n",
- "port": 80
- },
- {
- "count": 1,
- "body": "",
- "uri": "http://ocsp.thawte.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBQwF4prw9S7mCbCEHD%2Fyl6nWPkczAQUe1tFz6%2FOy3r9MZIaarbzRutXSFACEEeXTXhzpbyrDS%2BzcBkvzl4%3D",
- "user-agent": "Microsoft-CryptoAPI/6.1",
- "method": "GET",
- "host": "ocsp.thawte.com",
- "version": "1.1",
- "path": "/MFEwTzBNMEswSTAJBgUrDgMCGgUABBQwF4prw9S7mCbCEHD%2Fyl6nWPkczAQUe1tFz6%2FOy3r9MZIaarbzRutXSFACEEeXTXhzpbyrDS%2BzcBkvzl4%3D",
- "data": "GET /MFEwTzBNMEswSTAJBgUrDgMCGgUABBQwF4prw9S7mCbCEHD%2Fyl6nWPkczAQUe1tFz6%2FOy3r9MZIaarbzRutXSFACEEeXTXhzpbyrDS%2BzcBkvzl4%3D HTTP/1.1\r\nCache-Control: max-age = 320712\r\nConnection: Keep-Alive\r\nAccept: */*\r\nIf-Modified-Since: Wed, 20 Mar 2019 11:42:01 GMT\r\nUser-Agent: Microsoft-CryptoAPI/6.1\r\nHost: ocsp.thawte.com\r\n\r\n",
- "port": 80
- },
- {
- "count": 1,
- "body": "",
- "uri": "http://ocsp.usertrust.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBR8sWZUnKvbRO5iJhat9GV793rVlAQUrb2YejS0Jvf6xCZU7wO94CTLVBoCECdm7lbrSfOOq9dwovyE3iI%3D",
- "user-agent": "Microsoft-CryptoAPI/6.1",
- "method": "GET",
- "host": "ocsp.usertrust.com",
- "version": "1.1",
- "path": "/MFEwTzBNMEswSTAJBgUrDgMCGgUABBR8sWZUnKvbRO5iJhat9GV793rVlAQUrb2YejS0Jvf6xCZU7wO94CTLVBoCECdm7lbrSfOOq9dwovyE3iI%3D",
- "data": "GET /MFEwTzBNMEswSTAJBgUrDgMCGgUABBR8sWZUnKvbRO5iJhat9GV793rVlAQUrb2YejS0Jvf6xCZU7wO94CTLVBoCECdm7lbrSfOOq9dwovyE3iI%3D HTTP/1.1\r\nCache-Control: max-age = 94765\r\nConnection: Keep-Alive\r\nAccept: */*\r\nIf-Modified-Since: Mon, 11 Mar 2019 04:19:13 GMT\r\nUser-Agent: Microsoft-CryptoAPI/6.1\r\nHost: ocsp.usertrust.com\r\n\r\n",
- "port": 80
- },
- {
- "count": 1,
- "body": "",
- "uri": "http://th.symcd.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRsif7263KedmR2MLuYKv9%2BWQCtWAQU1A1lP3q9NMb%2BR%2BdMDcC98t4Vq3ECEBT4%2FdFn%2BSQCsVcLXcSVyBU%3D",
- "user-agent": "Microsoft-CryptoAPI/6.1",
- "method": "GET",
- "host": "th.symcd.com",
- "version": "1.1",
- "path": "/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRsif7263KedmR2MLuYKv9%2BWQCtWAQU1A1lP3q9NMb%2BR%2BdMDcC98t4Vq3ECEBT4%2FdFn%2BSQCsVcLXcSVyBU%3D",
- "data": "GET /MFEwTzBNMEswSTAJBgUrDgMCGgUABBRsif7263KedmR2MLuYKv9%2BWQCtWAQU1A1lP3q9NMb%2BR%2BdMDcC98t4Vq3ECEBT4%2FdFn%2BSQCsVcLXcSVyBU%3D HTTP/1.1\r\nCache-Control: max-age = 386377\r\nConnection: Keep-Alive\r\nAccept: */*\r\nIf-Modified-Since: Thu, 21 Mar 2019 05:58:32 GMT\r\nUser-Agent: Microsoft-CryptoAPI/6.1\r\nHost: th.symcd.com\r\n\r\n",
- "port": 80
- },
- {
- "count": 1,
- "body": "",
- "uri": "http://ocsp.digicert.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBSAUQYBMq2awn1Rh6Doh%2FsBYgFV7gQUA95QNVbRTLtm8KPiGxvDl7I90VUCEAH9o%2BtuynXIiEOLckvPvJE%3D",
- "user-agent": "Microsoft-CryptoAPI/6.1",
- "method": "GET",
- "host": "ocsp.digicert.com",
- "version": "1.1",
- "path": "/MFEwTzBNMEswSTAJBgUrDgMCGgUABBSAUQYBMq2awn1Rh6Doh%2FsBYgFV7gQUA95QNVbRTLtm8KPiGxvDl7I90VUCEAH9o%2BtuynXIiEOLckvPvJE%3D",
- "data": "GET /MFEwTzBNMEswSTAJBgUrDgMCGgUABBSAUQYBMq2awn1Rh6Doh%2FsBYgFV7gQUA95QNVbRTLtm8KPiGxvDl7I90VUCEAH9o%2BtuynXIiEOLckvPvJE%3D HTTP/1.1\r\nCache-Control: max-age = 142986\r\nConnection: Keep-Alive\r\nAccept: */*\r\nIf-Modified-Since: Tue, 28 May 2019 07:40:28 GMT\r\nIf-None-Match: \"5cece5ec-1d7\"\r\nUser-Agent: Microsoft-CryptoAPI/6.1\r\nHost: ocsp.digicert.com\r\n\r\n",
- "port": 80
- },
- {
- "count": 1,
- "body": "",
- "uri": "http://ocsp.digicert.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBSAUQYBMq2awn1Rh6Doh%2FsBYgFV7gQUA95QNVbRTLtm8KPiGxvDl7I90VUCEAVG%2Fhgj9%2BGUHaOfzhTEYXM%3D",
- "user-agent": "Microsoft-CryptoAPI/6.1",
- "method": "GET",
- "host": "ocsp.digicert.com",
- "version": "1.1",
- "path": "/MFEwTzBNMEswSTAJBgUrDgMCGgUABBSAUQYBMq2awn1Rh6Doh%2FsBYgFV7gQUA95QNVbRTLtm8KPiGxvDl7I90VUCEAVG%2Fhgj9%2BGUHaOfzhTEYXM%3D",
- "data": "GET /MFEwTzBNMEswSTAJBgUrDgMCGgUABBSAUQYBMq2awn1Rh6Doh%2FsBYgFV7gQUA95QNVbRTLtm8KPiGxvDl7I90VUCEAVG%2Fhgj9%2BGUHaOfzhTEYXM%3D HTTP/1.1\r\nCache-Control: max-age = 161796\r\nConnection: Keep-Alive\r\nAccept: */*\r\nIf-Modified-Since: Tue, 28 May 2019 13:00:33 GMT\r\nIf-None-Match: \"5ced30f1-1d7\"\r\nUser-Agent: Microsoft-CryptoAPI/6.1\r\nHost: ocsp.digicert.com\r\n\r\n",
- "port": 80
- },
- {
- "count": 1,
- "body": "",
- "uri": "http://ocsp.pki.goog/gsr2/ME4wTDBKMEgwRjAJBgUrDgMCGgUABBTgXIsxbvr2lBkPpoIEVRE6gHlCnAQUm%2BIHV2ccHsBqBt5ZtJot39wZhi4CDQHjqTAc%2FHIGOD%2BaUx0%3D",
- "user-agent": "Microsoft-CryptoAPI/6.1",
- "method": "GET",
- "host": "ocsp.pki.goog",
- "version": "1.1",
- "path": "/gsr2/ME4wTDBKMEgwRjAJBgUrDgMCGgUABBTgXIsxbvr2lBkPpoIEVRE6gHlCnAQUm%2BIHV2ccHsBqBt5ZtJot39wZhi4CDQHjqTAc%2FHIGOD%2BaUx0%3D",
- "data": "GET /gsr2/ME4wTDBKMEgwRjAJBgUrDgMCGgUABBTgXIsxbvr2lBkPpoIEVRE6gHlCnAQUm%2BIHV2ccHsBqBt5ZtJot39wZhi4CDQHjqTAc%2FHIGOD%2BaUx0%3D HTTP/1.1\r\nCache-Control: max-age = 86400\r\nConnection: Keep-Alive\r\nAccept: */*\r\nUser-Agent: Microsoft-CryptoAPI/6.1\r\nHost: ocsp.pki.goog\r\n\r\n",
- "port": 80
- },
- {
- "count": 1,
- "body": "",
- "uri": "http://crl.microsoft.com/pki/crl/products/microsoftrootcert.crl",
- "user-agent": "Microsoft-CryptoAPI/6.1",
- "method": "GET",
- "host": "crl.microsoft.com",
- "version": "1.1",
- "path": "/pki/crl/products/microsoftrootcert.crl",
- "data": "GET /pki/crl/products/microsoftrootcert.crl HTTP/1.1\r\nConnection: Keep-Alive\r\nAccept: */*\r\nIf-Modified-Since: Thu, 07 Mar 2019 06:00:16 GMT\r\nUser-Agent: Microsoft-CryptoAPI/6.1\r\nHost: crl.microsoft.com\r\n\r\n",
- "port": 80
- },
- {
- "count": 1,
- "body": "",
- "uri": "http://redirector.gvt1.com/edgedl/release2/chrome/APHZtEIErdMX_75.0.3770.100/75.0.3770.100_73.0.3683.86_chrome_updater.exe",
- "user-agent": "Microsoft BITS/7.5",
- "method": "HEAD",
- "host": "redirector.gvt1.com",
- "version": "1.1",
- "path": "/edgedl/release2/chrome/APHZtEIErdMX_75.0.3770.100/75.0.3770.100_73.0.3683.86_chrome_updater.exe",
- "data": "HEAD /edgedl/release2/chrome/APHZtEIErdMX_75.0.3770.100/75.0.3770.100_73.0.3683.86_chrome_updater.exe HTTP/1.1\r\nConnection: Keep-Alive\r\nAccept: */*\r\nAccept-Encoding: identity\r\nUser-Agent: Microsoft BITS/7.5\r\nX-Old-UID: cnt=0\r\nX-Last-HR: 0x0\r\nX-Last-HTTP-Status-Code: 0\r\nX-Retry-Count: 0\r\nX-HTTP-Attempts: 1\r\nHost: redirector.gvt1.com\r\n\r\n",
- "port": 80
- },
- {
- "count": 1,
- "body": "",
- "uri": "http://r5---sn-tt1e7n7k.gvt1.com/edgedl/release2/chrome/APHZtEIErdMX_75.0.3770.100/75.0.3770.100_73.0.3683.86_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1e7n7k&ms=nvh&mt=1560970174&mv=m&pl=24&shardbypass=yes",
- "user-agent": "Microsoft BITS/7.5",
- "method": "HEAD",
- "host": "r5---sn-tt1e7n7k.gvt1.com",
- "version": "1.1",
- "path": "/edgedl/release2/chrome/APHZtEIErdMX_75.0.3770.100/75.0.3770.100_73.0.3683.86_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1e7n7k&ms=nvh&mt=1560970174&mv=m&pl=24&shardbypass=yes",
- "data": "HEAD /edgedl/release2/chrome/APHZtEIErdMX_75.0.3770.100/75.0.3770.100_73.0.3683.86_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1e7n7k&ms=nvh&mt=1560970174&mv=m&pl=24&shardbypass=yes HTTP/1.1\r\nConnection: Keep-Alive\r\nAccept: */*\r\nAccept-Encoding: identity\r\nUser-Agent: Microsoft BITS/7.5\r\nX-Old-UID: cnt=0\r\nX-Last-HR: 0x0\r\nX-Last-HTTP-Status-Code: 0\r\nX-Retry-Count: 0\r\nX-HTTP-Attempts: 1\r\nHost: r5---sn-tt1e7n7k.gvt1.com\r\n\r\n",
- "port": 80
- },
- {
- "count": 1,
- "body": "",
- "uri": "http://r5---sn-tt1e7n7k.gvt1.com/edgedl/release2/chrome/APHZtEIErdMX_75.0.3770.100/75.0.3770.100_73.0.3683.86_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1e7n7k&ms=nvh&mt=1560970174&mv=m&pl=24&shardbypass=yes",
- "user-agent": "Microsoft BITS/7.5",
- "method": "GET",
- "host": "r5---sn-tt1e7n7k.gvt1.com",
- "version": "1.1",
- "path": "/edgedl/release2/chrome/APHZtEIErdMX_75.0.3770.100/75.0.3770.100_73.0.3683.86_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1e7n7k&ms=nvh&mt=1560970174&mv=m&pl=24&shardbypass=yes",
- "data": "GET /edgedl/release2/chrome/APHZtEIErdMX_75.0.3770.100/75.0.3770.100_73.0.3683.86_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1e7n7k&ms=nvh&mt=1560970174&mv=m&pl=24&shardbypass=yes HTTP/1.1\r\nConnection: Keep-Alive\r\nAccept: */*\r\nAccept-Encoding: identity\r\nIf-Unmodified-Since: Tue, 18 Jun 2019 04:17:17 GMT\r\nRange: bytes=0-6922\r\nUser-Agent: Microsoft BITS/7.5\r\nX-Old-UID: cnt=0\r\nX-Last-HR: 0x0\r\nX-Last-HTTP-Status-Code: 0\r\nX-Retry-Count: 0\r\nX-HTTP-Attempts: 1\r\nHost: r5---sn-tt1e7n7k.gvt1.com\r\n\r\n",
- "port": 80
- },
- {
- "count": 1,
- "body": "",
- "uri": "http://r5---sn-tt1e7n7k.gvt1.com/edgedl/release2/chrome/APHZtEIErdMX_75.0.3770.100/75.0.3770.100_73.0.3683.86_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1e7n7k&ms=nvh&mt=1560970174&mv=m&pl=24&shardbypass=yes",
- "user-agent": "Microsoft BITS/7.5",
- "method": "GET",
- "host": "r5---sn-tt1e7n7k.gvt1.com",
- "version": "1.1",
- "path": "/edgedl/release2/chrome/APHZtEIErdMX_75.0.3770.100/75.0.3770.100_73.0.3683.86_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1e7n7k&ms=nvh&mt=1560970174&mv=m&pl=24&shardbypass=yes",
- "data": "GET /edgedl/release2/chrome/APHZtEIErdMX_75.0.3770.100/75.0.3770.100_73.0.3683.86_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1e7n7k&ms=nvh&mt=1560970174&mv=m&pl=24&shardbypass=yes HTTP/1.1\r\nConnection: Keep-Alive\r\nAccept: */*\r\nAccept-Encoding: identity\r\nIf-Unmodified-Since: Tue, 18 Jun 2019 04:17:17 GMT\r\nRange: bytes=6923-16822\r\nUser-Agent: Microsoft BITS/7.5\r\nX-Old-UID: cnt=0\r\nX-Last-HR: 0x0\r\nX-Last-HTTP-Status-Code: 0\r\nX-Retry-Count: 0\r\nX-HTTP-Attempts: 1\r\nHost: r5---sn-tt1e7n7k.gvt1.com\r\n\r\n",
- "port": 80
- },
- {
- "count": 1,
- "body": "",
- "uri": "http://r5---sn-tt1e7n7k.gvt1.com/edgedl/release2/chrome/APHZtEIErdMX_75.0.3770.100/75.0.3770.100_73.0.3683.86_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1e7n7k&ms=nvh&mt=1560970174&mv=m&pl=24&shardbypass=yes",
- "user-agent": "Microsoft BITS/7.5",
- "method": "GET",
- "host": "r5---sn-tt1e7n7k.gvt1.com",
- "version": "1.1",
- "path": "/edgedl/release2/chrome/APHZtEIErdMX_75.0.3770.100/75.0.3770.100_73.0.3683.86_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1e7n7k&ms=nvh&mt=1560970174&mv=m&pl=24&shardbypass=yes",
- "data": "GET /edgedl/release2/chrome/APHZtEIErdMX_75.0.3770.100/75.0.3770.100_73.0.3683.86_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1e7n7k&ms=nvh&mt=1560970174&mv=m&pl=24&shardbypass=yes HTTP/1.1\r\nConnection: Keep-Alive\r\nAccept: */*\r\nAccept-Encoding: identity\r\nIf-Unmodified-Since: Tue, 18 Jun 2019 04:17:17 GMT\r\nRange: bytes=16823-26586\r\nUser-Agent: Microsoft BITS/7.5\r\nX-Old-UID: cnt=0\r\nX-Last-HR: 0x0\r\nX-Last-HTTP-Status-Code: 0\r\nX-Retry-Count: 0\r\nX-HTTP-Attempts: 1\r\nHost: r5---sn-tt1e7n7k.gvt1.com\r\n\r\n",
- "port": 80
- },
- {
- "count": 1,
- "body": "",
- "uri": "http://r5---sn-tt1e7n7k.gvt1.com/edgedl/release2/chrome/APHZtEIErdMX_75.0.3770.100/75.0.3770.100_73.0.3683.86_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1e7n7k&ms=nvh&mt=1560970174&mv=m&pl=24&shardbypass=yes",
- "user-agent": "Microsoft BITS/7.5",
- "method": "GET",
- "host": "r5---sn-tt1e7n7k.gvt1.com",
- "version": "1.1",
- "path": "/edgedl/release2/chrome/APHZtEIErdMX_75.0.3770.100/75.0.3770.100_73.0.3683.86_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1e7n7k&ms=nvh&mt=1560970174&mv=m&pl=24&shardbypass=yes",
- "data": "GET /edgedl/release2/chrome/APHZtEIErdMX_75.0.3770.100/75.0.3770.100_73.0.3683.86_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1e7n7k&ms=nvh&mt=1560970174&mv=m&pl=24&shardbypass=yes HTTP/1.1\r\nConnection: Keep-Alive\r\nAccept: */*\r\nAccept-Encoding: identity\r\nIf-Unmodified-Since: Tue, 18 Jun 2019 04:17:17 GMT\r\nRange: bytes=26587-43833\r\nUser-Agent: Microsoft BITS/7.5\r\nX-Old-UID: cnt=0\r\nX-Last-HR: 0x0\r\nX-Last-HTTP-Status-Code: 0\r\nX-Retry-Count: 0\r\nX-HTTP-Attempts: 1\r\nHost: r5---sn-tt1e7n7k.gvt1.com\r\n\r\n",
- "port": 80
- },
- {
- "count": 1,
- "body": "",
- "uri": "http://r5---sn-tt1e7n7k.gvt1.com/edgedl/release2/chrome/APHZtEIErdMX_75.0.3770.100/75.0.3770.100_73.0.3683.86_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1e7n7k&ms=nvh&mt=1560970174&mv=m&pl=24&shardbypass=yes",
- "user-agent": "Microsoft BITS/7.5",
- "method": "GET",
- "host": "r5---sn-tt1e7n7k.gvt1.com",
- "version": "1.1",
- "path": "/edgedl/release2/chrome/APHZtEIErdMX_75.0.3770.100/75.0.3770.100_73.0.3683.86_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1e7n7k&ms=nvh&mt=1560970174&mv=m&pl=24&shardbypass=yes",
- "data": "GET /edgedl/release2/chrome/APHZtEIErdMX_75.0.3770.100/75.0.3770.100_73.0.3683.86_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1e7n7k&ms=nvh&mt=1560970174&mv=m&pl=24&shardbypass=yes HTTP/1.1\r\nConnection: Keep-Alive\r\nAccept: */*\r\nAccept-Encoding: identity\r\nIf-Unmodified-Since: Tue, 18 Jun 2019 04:17:17 GMT\r\nRange: bytes=43834-57087\r\nUser-Agent: Microsoft BITS/7.5\r\nX-Old-UID: cnt=0\r\nX-Last-HR: 0x0\r\nX-Last-HTTP-Status-Code: 0\r\nX-Retry-Count: 0\r\nX-HTTP-Attempts: 1\r\nHost: r5---sn-tt1e7n7k.gvt1.com\r\n\r\n",
- "port": 80
- },
- {
- "count": 1,
- "body": "",
- "uri": "http://r5---sn-tt1e7n7k.gvt1.com/edgedl/release2/chrome/APHZtEIErdMX_75.0.3770.100/75.0.3770.100_73.0.3683.86_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1e7n7k&ms=nvh&mt=1560970174&mv=m&pl=24&shardbypass=yes",
- "user-agent": "Microsoft BITS/7.5",
- "method": "GET",
- "host": "r5---sn-tt1e7n7k.gvt1.com",
- "version": "1.1",
- "path": "/edgedl/release2/chrome/APHZtEIErdMX_75.0.3770.100/75.0.3770.100_73.0.3683.86_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1e7n7k&ms=nvh&mt=1560970174&mv=m&pl=24&shardbypass=yes",
- "data": "GET /edgedl/release2/chrome/APHZtEIErdMX_75.0.3770.100/75.0.3770.100_73.0.3683.86_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1e7n7k&ms=nvh&mt=1560970174&mv=m&pl=24&shardbypass=yes HTTP/1.1\r\nConnection: Keep-Alive\r\nAccept: */*\r\nAccept-Encoding: identity\r\nIf-Unmodified-Since: Tue, 18 Jun 2019 04:17:17 GMT\r\nRange: bytes=57088-85284\r\nUser-Agent: Microsoft BITS/7.5\r\nX-Old-UID: cnt=0\r\nX-Last-HR: 0x0\r\nX-Last-HTTP-Status-Code: 0\r\nX-Retry-Count: 0\r\nX-HTTP-Attempts: 1\r\nHost: r5---sn-tt1e7n7k.gvt1.com\r\n\r\n",
- "port": 80
- },
- {
- "count": 1,
- "body": "",
- "uri": "http://r5---sn-tt1e7n7k.gvt1.com/edgedl/release2/chrome/APHZtEIErdMX_75.0.3770.100/75.0.3770.100_73.0.3683.86_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1e7n7k&ms=nvh&mt=1560970174&mv=m&pl=24&shardbypass=yes",
- "user-agent": "Microsoft BITS/7.5",
- "method": "GET",
- "host": "r5---sn-tt1e7n7k.gvt1.com",
- "version": "1.1",
- "path": "/edgedl/release2/chrome/APHZtEIErdMX_75.0.3770.100/75.0.3770.100_73.0.3683.86_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1e7n7k&ms=nvh&mt=1560970174&mv=m&pl=24&shardbypass=yes",
- "data": "GET /edgedl/release2/chrome/APHZtEIErdMX_75.0.3770.100/75.0.3770.100_73.0.3683.86_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1e7n7k&ms=nvh&mt=1560970174&mv=m&pl=24&shardbypass=yes HTTP/1.1\r\nConnection: Keep-Alive\r\nAccept: */*\r\nAccept-Encoding: identity\r\nIf-Unmodified-Since: Tue, 18 Jun 2019 04:17:17 GMT\r\nRange: bytes=85285-138603\r\nUser-Agent: Microsoft BITS/7.5\r\nX-Old-UID: cnt=0\r\nX-Last-HR: 0x0\r\nX-Last-HTTP-Status-Code: 0\r\nX-Retry-Count: 0\r\nX-HTTP-Attempts: 1\r\nHost: r5---sn-tt1e7n7k.gvt1.com\r\n\r\n",
- "port": 80
- },
- {
- "count": 1,
- "body": "",
- "uri": "http://r5---sn-tt1e7n7k.gvt1.com/edgedl/release2/chrome/APHZtEIErdMX_75.0.3770.100/75.0.3770.100_73.0.3683.86_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1e7n7k&ms=nvh&mt=1560970174&mv=m&pl=24&shardbypass=yes",
- "user-agent": "Microsoft BITS/7.5",
- "method": "GET",
- "host": "r5---sn-tt1e7n7k.gvt1.com",
- "version": "1.1",
- "path": "/edgedl/release2/chrome/APHZtEIErdMX_75.0.3770.100/75.0.3770.100_73.0.3683.86_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1e7n7k&ms=nvh&mt=1560970174&mv=m&pl=24&shardbypass=yes",
- "data": "GET /edgedl/release2/chrome/APHZtEIErdMX_75.0.3770.100/75.0.3770.100_73.0.3683.86_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1e7n7k&ms=nvh&mt=1560970174&mv=m&pl=24&shardbypass=yes HTTP/1.1\r\nConnection: Keep-Alive\r\nAccept: */*\r\nAccept-Encoding: identity\r\nIf-Unmodified-Since: Tue, 18 Jun 2019 04:17:17 GMT\r\nRange: bytes=138604-210035\r\nUser-Agent: Microsoft BITS/7.5\r\nX-Old-UID: cnt=0\r\nX-Last-HR: 0x0\r\nX-Last-HTTP-Status-Code: 0\r\nX-Retry-Count: 0\r\nX-HTTP-Attempts: 1\r\nHost: r5---sn-tt1e7n7k.gvt1.com\r\n\r\n",
- "port": 80
- },
- {
- "count": 1,
- "body": "",
- "uri": "http://r5---sn-tt1e7n7k.gvt1.com/edgedl/release2/chrome/APHZtEIErdMX_75.0.3770.100/75.0.3770.100_73.0.3683.86_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1e7n7k&ms=nvh&mt=1560970174&mv=m&pl=24&shardbypass=yes",
- "user-agent": "Microsoft BITS/7.5",
- "method": "GET",
- "host": "r5---sn-tt1e7n7k.gvt1.com",
- "version": "1.1",
- "path": "/edgedl/release2/chrome/APHZtEIErdMX_75.0.3770.100/75.0.3770.100_73.0.3683.86_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1e7n7k&ms=nvh&mt=1560970174&mv=m&pl=24&shardbypass=yes",
- "data": "GET /edgedl/release2/chrome/APHZtEIErdMX_75.0.3770.100/75.0.3770.100_73.0.3683.86_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1e7n7k&ms=nvh&mt=1560970174&mv=m&pl=24&shardbypass=yes HTTP/1.1\r\nConnection: Keep-Alive\r\nAccept: */*\r\nAccept-Encoding: identity\r\nIf-Unmodified-Since: Tue, 18 Jun 2019 04:17:17 GMT\r\nRange: bytes=210036-302711\r\nUser-Agent: Microsoft BITS/7.5\r\nX-Old-UID: cnt=0\r\nX-Last-HR: 0x0\r\nX-Last-HTTP-Status-Code: 0\r\nX-Retry-Count: 0\r\nX-HTTP-Attempts: 1\r\nHost: r5---sn-tt1e7n7k.gvt1.com\r\n\r\n",
- "port": 80
- },
- {
- "count": 1,
- "body": "",
- "uri": "http://r5---sn-tt1e7n7k.gvt1.com/edgedl/release2/chrome/APHZtEIErdMX_75.0.3770.100/75.0.3770.100_73.0.3683.86_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1e7n7k&ms=nvh&mt=1560970174&mv=m&pl=24&shardbypass=yes",
- "user-agent": "Microsoft BITS/7.5",
- "method": "GET",
- "host": "r5---sn-tt1e7n7k.gvt1.com",
- "version": "1.1",
- "path": "/edgedl/release2/chrome/APHZtEIErdMX_75.0.3770.100/75.0.3770.100_73.0.3683.86_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1e7n7k&ms=nvh&mt=1560970174&mv=m&pl=24&shardbypass=yes",
- "data": "GET /edgedl/release2/chrome/APHZtEIErdMX_75.0.3770.100/75.0.3770.100_73.0.3683.86_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1e7n7k&ms=nvh&mt=1560970174&mv=m&pl=24&shardbypass=yes HTTP/1.1\r\nConnection: Keep-Alive\r\nAccept: */*\r\nAccept-Encoding: identity\r\nIf-Unmodified-Since: Tue, 18 Jun 2019 04:17:17 GMT\r\nRange: bytes=302712-422232\r\nUser-Agent: Microsoft BITS/7.5\r\nX-Old-UID: cnt=0\r\nX-Last-HR: 0x0\r\nX-Last-HTTP-Status-Code: 0\r\nX-Retry-Count: 0\r\nX-HTTP-Attempts: 1\r\nHost: r5---sn-tt1e7n7k.gvt1.com\r\n\r\n",
- "port": 80
- },
- {
- "count": 1,
- "body": "",
- "uri": "http://r5---sn-tt1e7n7k.gvt1.com/edgedl/release2/chrome/APHZtEIErdMX_75.0.3770.100/75.0.3770.100_73.0.3683.86_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1e7n7k&ms=nvh&mt=1560970174&mv=m&pl=24&shardbypass=yes",
- "user-agent": "Microsoft BITS/7.5",
- "method": "GET",
- "host": "r5---sn-tt1e7n7k.gvt1.com",
- "version": "1.1",
- "path": "/edgedl/release2/chrome/APHZtEIErdMX_75.0.3770.100/75.0.3770.100_73.0.3683.86_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1e7n7k&ms=nvh&mt=1560970174&mv=m&pl=24&shardbypass=yes",
- "data": "GET /edgedl/release2/chrome/APHZtEIErdMX_75.0.3770.100/75.0.3770.100_73.0.3683.86_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1e7n7k&ms=nvh&mt=1560970174&mv=m&pl=24&shardbypass=yes HTTP/1.1\r\nConnection: Keep-Alive\r\nAccept: */*\r\nAccept-Encoding: identity\r\nIf-Unmodified-Since: Tue, 18 Jun 2019 04:17:17 GMT\r\nRange: bytes=422233-578356\r\nUser-Agent: Microsoft BITS/7.5\r\nX-Old-UID: cnt=0\r\nX-Last-HR: 0x0\r\nX-Last-HTTP-Status-Code: 0\r\nX-Retry-Count: 0\r\nX-HTTP-Attempts: 1\r\nHost: r5---sn-tt1e7n7k.gvt1.com\r\n\r\n",
- "port": 80
- },
- {
- "count": 1,
- "body": "",
- "uri": "http://r5---sn-tt1e7n7k.gvt1.com/edgedl/release2/chrome/APHZtEIErdMX_75.0.3770.100/75.0.3770.100_73.0.3683.86_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1e7n7k&ms=nvh&mt=1560970174&mv=m&pl=24&shardbypass=yes",
- "user-agent": "Microsoft BITS/7.5",
- "method": "GET",
- "host": "r5---sn-tt1e7n7k.gvt1.com",
- "version": "1.1",
- "path": "/edgedl/release2/chrome/APHZtEIErdMX_75.0.3770.100/75.0.3770.100_73.0.3683.86_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1e7n7k&ms=nvh&mt=1560970174&mv=m&pl=24&shardbypass=yes",
- "data": "GET /edgedl/release2/chrome/APHZtEIErdMX_75.0.3770.100/75.0.3770.100_73.0.3683.86_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1e7n7k&ms=nvh&mt=1560970174&mv=m&pl=24&shardbypass=yes HTTP/1.1\r\nConnection: Keep-Alive\r\nAccept: */*\r\nAccept-Encoding: identity\r\nIf-Unmodified-Since: Tue, 18 Jun 2019 04:17:17 GMT\r\nRange: bytes=578357-782477\r\nUser-Agent: Microsoft BITS/7.5\r\nX-Old-UID: cnt=0\r\nX-Last-HR: 0x0\r\nX-Last-HTTP-Status-Code: 0\r\nX-Retry-Count: 0\r\nX-HTTP-Attempts: 1\r\nHost: r5---sn-tt1e7n7k.gvt1.com\r\n\r\n",
- "port": 80
- },
- {
- "count": 1,
- "body": "",
- "uri": "http://r5---sn-tt1e7n7k.gvt1.com/edgedl/release2/chrome/APHZtEIErdMX_75.0.3770.100/75.0.3770.100_73.0.3683.86_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1e7n7k&ms=nvh&mt=1560970174&mv=m&pl=24&shardbypass=yes",
- "user-agent": "Microsoft BITS/7.5",
- "method": "GET",
- "host": "r5---sn-tt1e7n7k.gvt1.com",
- "version": "1.1",
- "path": "/edgedl/release2/chrome/APHZtEIErdMX_75.0.3770.100/75.0.3770.100_73.0.3683.86_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1e7n7k&ms=nvh&mt=1560970174&mv=m&pl=24&shardbypass=yes",
- "data": "GET /edgedl/release2/chrome/APHZtEIErdMX_75.0.3770.100/75.0.3770.100_73.0.3683.86_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1e7n7k&ms=nvh&mt=1560970174&mv=m&pl=24&shardbypass=yes HTTP/1.1\r\nConnection: Keep-Alive\r\nAccept: */*\r\nAccept-Encoding: identity\r\nIf-Unmodified-Since: Tue, 18 Jun 2019 04:17:17 GMT\r\nRange: bytes=782478-1049508\r\nUser-Agent: Microsoft BITS/7.5\r\nX-Old-UID: cnt=0\r\nX-Last-HR: 0x0\r\nX-Last-HTTP-Status-Code: 0\r\nX-Retry-Count: 0\r\nX-HTTP-Attempts: 1\r\nHost: r5---sn-tt1e7n7k.gvt1.com\r\n\r\n",
- "port": 80
- },
- {
- "count": 1,
- "body": "",
- "uri": "http://r5---sn-tt1e7n7k.gvt1.com/edgedl/release2/chrome/APHZtEIErdMX_75.0.3770.100/75.0.3770.100_73.0.3683.86_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1e7n7k&ms=nvh&mt=1560970174&mv=m&pl=24&shardbypass=yes",
- "user-agent": "Microsoft BITS/7.5",
- "method": "GET",
- "host": "r5---sn-tt1e7n7k.gvt1.com",
- "version": "1.1",
- "path": "/edgedl/release2/chrome/APHZtEIErdMX_75.0.3770.100/75.0.3770.100_73.0.3683.86_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1e7n7k&ms=nvh&mt=1560970174&mv=m&pl=24&shardbypass=yes",
- "data": "GET /edgedl/release2/chrome/APHZtEIErdMX_75.0.3770.100/75.0.3770.100_73.0.3683.86_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1e7n7k&ms=nvh&mt=1560970174&mv=m&pl=24&shardbypass=yes HTTP/1.1\r\nConnection: Keep-Alive\r\nAccept: */*\r\nAccept-Encoding: identity\r\nIf-Unmodified-Since: Tue, 18 Jun 2019 04:17:17 GMT\r\nRange: bytes=1049509-1396905\r\nUser-Agent: Microsoft BITS/7.5\r\nX-Old-UID: cnt=0\r\nX-Last-HR: 0x0\r\nX-Last-HTTP-Status-Code: 0\r\nX-Retry-Count: 0\r\nX-HTTP-Attempts: 1\r\nHost: r5---sn-tt1e7n7k.gvt1.com\r\n\r\n",
- "port": 80
- },
- {
- "count": 1,
- "body": "",
- "uri": "http://r5---sn-tt1e7n7k.gvt1.com/edgedl/release2/chrome/APHZtEIErdMX_75.0.3770.100/75.0.3770.100_73.0.3683.86_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1e7n7k&ms=nvh&mt=1560970174&mv=m&pl=24&shardbypass=yes",
- "user-agent": "Microsoft BITS/7.5",
- "method": "GET",
- "host": "r5---sn-tt1e7n7k.gvt1.com",
- "version": "1.1",
- "path": "/edgedl/release2/chrome/APHZtEIErdMX_75.0.3770.100/75.0.3770.100_73.0.3683.86_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1e7n7k&ms=nvh&mt=1560970174&mv=m&pl=24&shardbypass=yes",
- "data": "GET /edgedl/release2/chrome/APHZtEIErdMX_75.0.3770.100/75.0.3770.100_73.0.3683.86_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1e7n7k&ms=nvh&mt=1560970174&mv=m&pl=24&shardbypass=yes HTTP/1.1\r\nConnection: Keep-Alive\r\nAccept: */*\r\nAccept-Encoding: identity\r\nIf-Unmodified-Since: Tue, 18 Jun 2019 04:17:17 GMT\r\nRange: bytes=1396906-1928000\r\nUser-Agent: Microsoft BITS/7.5\r\nX-Old-UID: cnt=0\r\nX-Last-HR: 0x0\r\nX-Last-HTTP-Status-Code: 0\r\nX-Retry-Count: 0\r\nX-HTTP-Attempts: 1\r\nHost: r5---sn-tt1e7n7k.gvt1.com\r\n\r\n",
- "port": 80
- },
- {
- "count": 1,
- "body": "",
- "uri": "http://r5---sn-tt1e7n7k.gvt1.com/edgedl/release2/chrome/APHZtEIErdMX_75.0.3770.100/75.0.3770.100_73.0.3683.86_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1e7n7k&ms=nvh&mt=1560970174&mv=m&pl=24&shardbypass=yes",
- "user-agent": "Microsoft BITS/7.5",
- "method": "GET",
- "host": "r5---sn-tt1e7n7k.gvt1.com",
- "version": "1.1",
- "path": "/edgedl/release2/chrome/APHZtEIErdMX_75.0.3770.100/75.0.3770.100_73.0.3683.86_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1e7n7k&ms=nvh&mt=1560970174&mv=m&pl=24&shardbypass=yes",
- "data": "GET /edgedl/release2/chrome/APHZtEIErdMX_75.0.3770.100/75.0.3770.100_73.0.3683.86_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1e7n7k&ms=nvh&mt=1560970174&mv=m&pl=24&shardbypass=yes HTTP/1.1\r\nConnection: Keep-Alive\r\nAccept: */*\r\nAccept-Encoding: identity\r\nIf-Unmodified-Since: Tue, 18 Jun 2019 04:17:17 GMT\r\nRange: bytes=1928001-2521994\r\nUser-Agent: Microsoft BITS/7.5\r\nX-Old-UID: cnt=0\r\nX-Last-HR: 0x0\r\nX-Last-HTTP-Status-Code: 0\r\nX-Retry-Count: 0\r\nX-HTTP-Attempts: 1\r\nHost: r5---sn-tt1e7n7k.gvt1.com\r\n\r\n",
- "port": 80
- },
- {
- "count": 1,
- "body": "",
- "uri": "http://r5---sn-tt1e7n7k.gvt1.com/edgedl/release2/chrome/APHZtEIErdMX_75.0.3770.100/75.0.3770.100_73.0.3683.86_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1e7n7k&ms=nvh&mt=1560970174&mv=m&pl=24&shardbypass=yes",
- "user-agent": "Microsoft BITS/7.5",
- "method": "GET",
- "host": "r5---sn-tt1e7n7k.gvt1.com",
- "version": "1.1",
- "path": "/edgedl/release2/chrome/APHZtEIErdMX_75.0.3770.100/75.0.3770.100_73.0.3683.86_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1e7n7k&ms=nvh&mt=1560970174&mv=m&pl=24&shardbypass=yes",
- "data": "GET /edgedl/release2/chrome/APHZtEIErdMX_75.0.3770.100/75.0.3770.100_73.0.3683.86_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1e7n7k&ms=nvh&mt=1560970174&mv=m&pl=24&shardbypass=yes HTTP/1.1\r\nConnection: Keep-Alive\r\nAccept: */*\r\nAccept-Encoding: identity\r\nIf-Unmodified-Since: Tue, 18 Jun 2019 04:17:17 GMT\r\nRange: bytes=2521995-3590863\r\nUser-Agent: Microsoft BITS/7.5\r\nX-Old-UID: cnt=0\r\nX-Last-HR: 0x0\r\nX-Last-HTTP-Status-Code: 0\r\nX-Retry-Count: 0\r\nX-HTTP-Attempts: 1\r\nHost: r5---sn-tt1e7n7k.gvt1.com\r\n\r\n",
- "port": 80
- },
- {
- "count": 1,
- "body": "",
- "uri": "http://r5---sn-tt1e7n7k.gvt1.com/edgedl/release2/chrome/APHZtEIErdMX_75.0.3770.100/75.0.3770.100_73.0.3683.86_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1e7n7k&ms=nvh&mt=1560970174&mv=m&pl=24&shardbypass=yes",
- "user-agent": "Microsoft BITS/7.5",
- "method": "GET",
- "host": "r5---sn-tt1e7n7k.gvt1.com",
- "version": "1.1",
- "path": "/edgedl/release2/chrome/APHZtEIErdMX_75.0.3770.100/75.0.3770.100_73.0.3683.86_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1e7n7k&ms=nvh&mt=1560970174&mv=m&pl=24&shardbypass=yes",
- "data": "GET /edgedl/release2/chrome/APHZtEIErdMX_75.0.3770.100/75.0.3770.100_73.0.3683.86_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1e7n7k&ms=nvh&mt=1560970174&mv=m&pl=24&shardbypass=yes HTTP/1.1\r\nConnection: Keep-Alive\r\nAccept: */*\r\nAccept-Encoding: identity\r\nIf-Unmodified-Since: Tue, 18 Jun 2019 04:17:17 GMT\r\nRange: bytes=3590864-4781304\r\nUser-Agent: Microsoft BITS/7.5\r\nX-Old-UID: cnt=0\r\nX-Last-HR: 0x0\r\nX-Last-HTTP-Status-Code: 0\r\nX-Retry-Count: 0\r\nX-HTTP-Attempts: 1\r\nHost: r5---sn-tt1e7n7k.gvt1.com\r\n\r\n",
- "port": 80
- },
- {
- "count": 1,
- "body": "",
- "uri": "http://r5---sn-tt1e7n7k.gvt1.com/edgedl/release2/chrome/APHZtEIErdMX_75.0.3770.100/75.0.3770.100_73.0.3683.86_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1e7n7k&ms=nvh&mt=1560970174&mv=m&pl=24&shardbypass=yes",
- "user-agent": "Microsoft BITS/7.5",
- "method": "GET",
- "host": "r5---sn-tt1e7n7k.gvt1.com",
- "version": "1.1",
- "path": "/edgedl/release2/chrome/APHZtEIErdMX_75.0.3770.100/75.0.3770.100_73.0.3683.86_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1e7n7k&ms=nvh&mt=1560970174&mv=m&pl=24&shardbypass=yes",
- "data": "GET /edgedl/release2/chrome/APHZtEIErdMX_75.0.3770.100/75.0.3770.100_73.0.3683.86_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1e7n7k&ms=nvh&mt=1560970174&mv=m&pl=24&shardbypass=yes HTTP/1.1\r\nConnection: Keep-Alive\r\nAccept: */*\r\nAccept-Encoding: identity\r\nIf-Unmodified-Since: Tue, 18 Jun 2019 04:17:17 GMT\r\nRange: bytes=4781305-5622176\r\nUser-Agent: Microsoft BITS/7.5\r\nX-Old-UID: cnt=0\r\nX-Last-HR: 0x0\r\nX-Last-HTTP-Status-Code: 0\r\nX-Retry-Count: 0\r\nX-HTTP-Attempts: 1\r\nHost: r5---sn-tt1e7n7k.gvt1.com\r\n\r\n",
- "port": 80
- },
- {
- "count": 1,
- "body": "",
- "uri": "http://r5---sn-tt1e7n7k.gvt1.com/edgedl/release2/chrome/APHZtEIErdMX_75.0.3770.100/75.0.3770.100_73.0.3683.86_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1e7n7k&ms=nvh&mt=1560970174&mv=m&pl=24&shardbypass=yes",
- "user-agent": "Microsoft BITS/7.5",
- "method": "GET",
- "host": "r5---sn-tt1e7n7k.gvt1.com",
- "version": "1.1",
- "path": "/edgedl/release2/chrome/APHZtEIErdMX_75.0.3770.100/75.0.3770.100_73.0.3683.86_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1e7n7k&ms=nvh&mt=1560970174&mv=m&pl=24&shardbypass=yes",
- "data": "GET /edgedl/release2/chrome/APHZtEIErdMX_75.0.3770.100/75.0.3770.100_73.0.3683.86_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1e7n7k&ms=nvh&mt=1560970174&mv=m&pl=24&shardbypass=yes HTTP/1.1\r\nConnection: Keep-Alive\r\nAccept: */*\r\nAccept-Encoding: identity\r\nIf-Unmodified-Since: Tue, 18 Jun 2019 04:17:17 GMT\r\nRange: bytes=5622177-7263744\r\nUser-Agent: Microsoft BITS/7.5\r\nX-Old-UID: cnt=0\r\nX-Last-HR: 0x0\r\nX-Last-HTTP-Status-Code: 0\r\nX-Retry-Count: 0\r\nX-HTTP-Attempts: 1\r\nHost: r5---sn-tt1e7n7k.gvt1.com\r\n\r\n",
- "port": 80
- },
- {
- "count": 1,
- "body": "",
- "uri": "http://r5---sn-tt1e7n7k.gvt1.com/edgedl/release2/chrome/APHZtEIErdMX_75.0.3770.100/75.0.3770.100_73.0.3683.86_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1e7n7k&ms=nvh&mt=1560970174&mv=m&pl=24&shardbypass=yes",
- "user-agent": "Microsoft BITS/7.5",
- "method": "GET",
- "host": "r5---sn-tt1e7n7k.gvt1.com",
- "version": "1.1",
- "path": "/edgedl/release2/chrome/APHZtEIErdMX_75.0.3770.100/75.0.3770.100_73.0.3683.86_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1e7n7k&ms=nvh&mt=1560970174&mv=m&pl=24&shardbypass=yes",
- "data": "GET /edgedl/release2/chrome/APHZtEIErdMX_75.0.3770.100/75.0.3770.100_73.0.3683.86_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1e7n7k&ms=nvh&mt=1560970174&mv=m&pl=24&shardbypass=yes HTTP/1.1\r\nConnection: Keep-Alive\r\nAccept: */*\r\nAccept-Encoding: identity\r\nIf-Unmodified-Since: Tue, 18 Jun 2019 04:17:17 GMT\r\nRange: bytes=7263745-8914456\r\nUser-Agent: Microsoft BITS/7.5\r\nX-Old-UID: cnt=0\r\nX-Last-HR: 0x0\r\nX-Last-HTTP-Status-Code: 0\r\nX-Retry-Count: 0\r\nX-HTTP-Attempts: 1\r\nHost: r5---sn-tt1e7n7k.gvt1.com\r\n\r\n",
- "port": 80
- },
- {
- "count": 1,
- "body": "",
- "uri": "http://r5---sn-tt1e7n7k.gvt1.com/edgedl/release2/chrome/APHZtEIErdMX_75.0.3770.100/75.0.3770.100_73.0.3683.86_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1e7n7k&ms=nvh&mt=1560970174&mv=m&pl=24&shardbypass=yes",
- "user-agent": "Microsoft BITS/7.5",
- "method": "GET",
- "host": "r5---sn-tt1e7n7k.gvt1.com",
- "version": "1.1",
- "path": "/edgedl/release2/chrome/APHZtEIErdMX_75.0.3770.100/75.0.3770.100_73.0.3683.86_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1e7n7k&ms=nvh&mt=1560970174&mv=m&pl=24&shardbypass=yes",
- "data": "GET /edgedl/release2/chrome/APHZtEIErdMX_75.0.3770.100/75.0.3770.100_73.0.3683.86_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1e7n7k&ms=nvh&mt=1560970174&mv=m&pl=24&shardbypass=yes HTTP/1.1\r\nConnection: Keep-Alive\r\nAccept: */*\r\nAccept-Encoding: identity\r\nIf-Unmodified-Since: Tue, 18 Jun 2019 04:17:17 GMT\r\nRange: bytes=8914457-9907016\r\nUser-Agent: Microsoft BITS/7.5\r\nX-Old-UID: cnt=0\r\nX-Last-HR: 0x0\r\nX-Last-HTTP-Status-Code: 0\r\nX-Retry-Count: 0\r\nX-HTTP-Attempts: 1\r\nHost: r5---sn-tt1e7n7k.gvt1.com\r\n\r\n",
- "port": 80
- },
- {
- "count": 1,
- "body": "",
- "uri": "http://r5---sn-tt1e7n7k.gvt1.com/edgedl/release2/chrome/APHZtEIErdMX_75.0.3770.100/75.0.3770.100_73.0.3683.86_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1e7n7k&ms=nvh&mt=1560970174&mv=m&pl=24&shardbypass=yes",
- "user-agent": "Microsoft BITS/7.5",
- "method": "GET",
- "host": "r5---sn-tt1e7n7k.gvt1.com",
- "version": "1.1",
- "path": "/edgedl/release2/chrome/APHZtEIErdMX_75.0.3770.100/75.0.3770.100_73.0.3683.86_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1e7n7k&ms=nvh&mt=1560970174&mv=m&pl=24&shardbypass=yes",
- "data": "GET /edgedl/release2/chrome/APHZtEIErdMX_75.0.3770.100/75.0.3770.100_73.0.3683.86_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1e7n7k&ms=nvh&mt=1560970174&mv=m&pl=24&shardbypass=yes HTTP/1.1\r\nConnection: Keep-Alive\r\nAccept: */*\r\nAccept-Encoding: identity\r\nIf-Unmodified-Since: Tue, 18 Jun 2019 04:17:17 GMT\r\nRange: bytes=9907017-11088710\r\nUser-Agent: Microsoft BITS/7.5\r\nX-Old-UID: cnt=0\r\nX-Last-HR: 0x0\r\nX-Last-HTTP-Status-Code: 0\r\nX-Retry-Count: 0\r\nX-HTTP-Attempts: 1\r\nHost: r5---sn-tt1e7n7k.gvt1.com\r\n\r\n",
- "port": 80
- },
- {
- "count": 1,
- "body": "",
- "uri": "http://r5---sn-tt1e7n7k.gvt1.com/edgedl/release2/chrome/APHZtEIErdMX_75.0.3770.100/75.0.3770.100_73.0.3683.86_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1e7n7k&ms=nvh&mt=1560970174&mv=m&pl=24&shardbypass=yes",
- "user-agent": "Microsoft BITS/7.5",
- "method": "GET",
- "host": "r5---sn-tt1e7n7k.gvt1.com",
- "version": "1.1",
- "path": "/edgedl/release2/chrome/APHZtEIErdMX_75.0.3770.100/75.0.3770.100_73.0.3683.86_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1e7n7k&ms=nvh&mt=1560970174&mv=m&pl=24&shardbypass=yes",
- "data": "GET /edgedl/release2/chrome/APHZtEIErdMX_75.0.3770.100/75.0.3770.100_73.0.3683.86_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1e7n7k&ms=nvh&mt=1560970174&mv=m&pl=24&shardbypass=yes HTTP/1.1\r\nConnection: Keep-Alive\r\nAccept: */*\r\nAccept-Encoding: identity\r\nIf-Unmodified-Since: Tue, 18 Jun 2019 04:17:17 GMT\r\nRange: bytes=11088711-12887669\r\nUser-Agent: Microsoft BITS/7.5\r\nX-Old-UID: cnt=0\r\nX-Last-HR: 0x0\r\nX-Last-HTTP-Status-Code: 0\r\nX-Retry-Count: 0\r\nX-HTTP-Attempts: 1\r\nHost: r5---sn-tt1e7n7k.gvt1.com\r\n\r\n",
- "port": 80
- },
- {
- "count": 1,
- "body": "",
- "uri": "http://r5---sn-tt1e7n7k.gvt1.com/edgedl/release2/chrome/APHZtEIErdMX_75.0.3770.100/75.0.3770.100_73.0.3683.86_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1e7n7k&ms=nvh&mt=1560970174&mv=m&pl=24&shardbypass=yes",
- "user-agent": "Microsoft BITS/7.5",
- "method": "GET",
- "host": "r5---sn-tt1e7n7k.gvt1.com",
- "version": "1.1",
- "path": "/edgedl/release2/chrome/APHZtEIErdMX_75.0.3770.100/75.0.3770.100_73.0.3683.86_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1e7n7k&ms=nvh&mt=1560970174&mv=m&pl=24&shardbypass=yes",
- "data": "GET /edgedl/release2/chrome/APHZtEIErdMX_75.0.3770.100/75.0.3770.100_73.0.3683.86_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1e7n7k&ms=nvh&mt=1560970174&mv=m&pl=24&shardbypass=yes HTTP/1.1\r\nConnection: Keep-Alive\r\nAccept: */*\r\nAccept-Encoding: identity\r\nIf-Unmodified-Since: Tue, 18 Jun 2019 04:17:17 GMT\r\nRange: bytes=12887670-14051237\r\nUser-Agent: Microsoft BITS/7.5\r\nX-Old-UID: cnt=0\r\nX-Last-HR: 0x0\r\nX-Last-HTTP-Status-Code: 0\r\nX-Retry-Count: 0\r\nX-HTTP-Attempts: 1\r\nHost: r5---sn-tt1e7n7k.gvt1.com\r\n\r\n",
- "port": 80
- },
- {
- "count": 1,
- "body": "",
- "uri": "http://r5---sn-tt1e7n7k.gvt1.com/edgedl/release2/chrome/APHZtEIErdMX_75.0.3770.100/75.0.3770.100_73.0.3683.86_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1e7n7k&ms=nvh&mt=1560970174&mv=m&pl=24&shardbypass=yes",
- "user-agent": "Microsoft BITS/7.5",
- "method": "GET",
- "host": "r5---sn-tt1e7n7k.gvt1.com",
- "version": "1.1",
- "path": "/edgedl/release2/chrome/APHZtEIErdMX_75.0.3770.100/75.0.3770.100_73.0.3683.86_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1e7n7k&ms=nvh&mt=1560970174&mv=m&pl=24&shardbypass=yes",
- "data": "GET /edgedl/release2/chrome/APHZtEIErdMX_75.0.3770.100/75.0.3770.100_73.0.3683.86_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1e7n7k&ms=nvh&mt=1560970174&mv=m&pl=24&shardbypass=yes HTTP/1.1\r\nConnection: Keep-Alive\r\nAccept: */*\r\nAccept-Encoding: identity\r\nIf-Unmodified-Since: Tue, 18 Jun 2019 04:17:17 GMT\r\nRange: bytes=14051238-15385053\r\nUser-Agent: Microsoft BITS/7.5\r\nX-Old-UID: cnt=0\r\nX-Last-HR: 0x0\r\nX-Last-HTTP-Status-Code: 0\r\nX-Retry-Count: 0\r\nX-HTTP-Attempts: 1\r\nHost: r5---sn-tt1e7n7k.gvt1.com\r\n\r\n",
- "port": 80
- },
- {
- "count": 1,
- "body": "",
- "uri": "http://r5---sn-tt1e7n7k.gvt1.com/edgedl/release2/chrome/APHZtEIErdMX_75.0.3770.100/75.0.3770.100_73.0.3683.86_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1e7n7k&ms=nvh&mt=1560970174&mv=m&pl=24&shardbypass=yes",
- "user-agent": "Microsoft BITS/7.5",
- "method": "GET",
- "host": "r5---sn-tt1e7n7k.gvt1.com",
- "version": "1.1",
- "path": "/edgedl/release2/chrome/APHZtEIErdMX_75.0.3770.100/75.0.3770.100_73.0.3683.86_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1e7n7k&ms=nvh&mt=1560970174&mv=m&pl=24&shardbypass=yes",
- "data": "GET /edgedl/release2/chrome/APHZtEIErdMX_75.0.3770.100/75.0.3770.100_73.0.3683.86_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1e7n7k&ms=nvh&mt=1560970174&mv=m&pl=24&shardbypass=yes HTTP/1.1\r\nConnection: Keep-Alive\r\nAccept: */*\r\nAccept-Encoding: identity\r\nIf-Unmodified-Since: Tue, 18 Jun 2019 04:17:17 GMT\r\nRange: bytes=15385054-16641646\r\nUser-Agent: Microsoft BITS/7.5\r\nX-Old-UID: cnt=0\r\nX-Last-HR: 0x0\r\nX-Last-HTTP-Status-Code: 0\r\nX-Retry-Count: 0\r\nX-HTTP-Attempts: 1\r\nHost: r5---sn-tt1e7n7k.gvt1.com\r\n\r\n",
- "port": 80
- },
- {
- "count": 1,
- "body": "",
- "uri": "http://r5---sn-tt1e7n7k.gvt1.com/edgedl/release2/chrome/APHZtEIErdMX_75.0.3770.100/75.0.3770.100_73.0.3683.86_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1e7n7k&ms=nvh&mt=1560970174&mv=m&pl=24&shardbypass=yes",
- "user-agent": "Microsoft BITS/7.5",
- "method": "GET",
- "host": "r5---sn-tt1e7n7k.gvt1.com",
- "version": "1.1",
- "path": "/edgedl/release2/chrome/APHZtEIErdMX_75.0.3770.100/75.0.3770.100_73.0.3683.86_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1e7n7k&ms=nvh&mt=1560970174&mv=m&pl=24&shardbypass=yes",
- "data": "GET /edgedl/release2/chrome/APHZtEIErdMX_75.0.3770.100/75.0.3770.100_73.0.3683.86_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1e7n7k&ms=nvh&mt=1560970174&mv=m&pl=24&shardbypass=yes HTTP/1.1\r\nConnection: Keep-Alive\r\nAccept: */*\r\nAccept-Encoding: identity\r\nIf-Unmodified-Since: Tue, 18 Jun 2019 04:17:17 GMT\r\nRange: bytes=16641647-18551038\r\nUser-Agent: Microsoft BITS/7.5\r\nX-Old-UID: cnt=0\r\nX-Last-HR: 0x0\r\nX-Last-HTTP-Status-Code: 0\r\nX-Retry-Count: 0\r\nX-HTTP-Attempts: 1\r\nHost: r5---sn-tt1e7n7k.gvt1.com\r\n\r\n",
- "port": 80
- },
- {
- "count": 1,
- "body": "",
- "uri": "http://r5---sn-tt1e7n7k.gvt1.com/edgedl/release2/chrome/APHZtEIErdMX_75.0.3770.100/75.0.3770.100_73.0.3683.86_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1e7n7k&ms=nvh&mt=1560970174&mv=m&pl=24&shardbypass=yes",
- "user-agent": "Microsoft BITS/7.5",
- "method": "GET",
- "host": "r5---sn-tt1e7n7k.gvt1.com",
- "version": "1.1",
- "path": "/edgedl/release2/chrome/APHZtEIErdMX_75.0.3770.100/75.0.3770.100_73.0.3683.86_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1e7n7k&ms=nvh&mt=1560970174&mv=m&pl=24&shardbypass=yes",
- "data": "GET /edgedl/release2/chrome/APHZtEIErdMX_75.0.3770.100/75.0.3770.100_73.0.3683.86_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1e7n7k&ms=nvh&mt=1560970174&mv=m&pl=24&shardbypass=yes HTTP/1.1\r\nConnection: Keep-Alive\r\nAccept: */*\r\nAccept-Encoding: identity\r\nIf-Unmodified-Since: Tue, 18 Jun 2019 04:17:17 GMT\r\nRange: bytes=18551039-20326851\r\nUser-Agent: Microsoft BITS/7.5\r\nX-Old-UID: cnt=0\r\nX-Last-HR: 0x0\r\nX-Last-HTTP-Status-Code: 0\r\nX-Retry-Count: 0\r\nX-HTTP-Attempts: 1\r\nHost: r5---sn-tt1e7n7k.gvt1.com\r\n\r\n",
- "port": 80
- },
- {
- "count": 1,
- "body": "",
- "uri": "http://r5---sn-tt1e7n7k.gvt1.com/edgedl/release2/chrome/APHZtEIErdMX_75.0.3770.100/75.0.3770.100_73.0.3683.86_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1e7n7k&ms=nvh&mt=1560970174&mv=m&pl=24&shardbypass=yes",
- "user-agent": "Microsoft BITS/7.5",
- "method": "GET",
- "host": "r5---sn-tt1e7n7k.gvt1.com",
- "version": "1.1",
- "path": "/edgedl/release2/chrome/APHZtEIErdMX_75.0.3770.100/75.0.3770.100_73.0.3683.86_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1e7n7k&ms=nvh&mt=1560970174&mv=m&pl=24&shardbypass=yes",
- "data": "GET /edgedl/release2/chrome/APHZtEIErdMX_75.0.3770.100/75.0.3770.100_73.0.3683.86_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1e7n7k&ms=nvh&mt=1560970174&mv=m&pl=24&shardbypass=yes HTTP/1.1\r\nConnection: Keep-Alive\r\nAccept: */*\r\nAccept-Encoding: identity\r\nIf-Unmodified-Since: Tue, 18 Jun 2019 04:17:17 GMT\r\nRange: bytes=20326852-21487504\r\nUser-Agent: Microsoft BITS/7.5\r\nX-Old-UID: cnt=0\r\nX-Last-HR: 0x0\r\nX-Last-HTTP-Status-Code: 0\r\nX-Retry-Count: 0\r\nX-HTTP-Attempts: 1\r\nHost: r5---sn-tt1e7n7k.gvt1.com\r\n\r\n",
- "port": 80
- },
- {
- "count": 1,
- "body": "",
- "uri": "http://r5---sn-tt1e7n7k.gvt1.com/edgedl/release2/chrome/APHZtEIErdMX_75.0.3770.100/75.0.3770.100_73.0.3683.86_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1e7n7k&ms=nvh&mt=1560970174&mv=m&pl=24&shardbypass=yes",
- "user-agent": "Microsoft BITS/7.5",
- "method": "GET",
- "host": "r5---sn-tt1e7n7k.gvt1.com",
- "version": "1.1",
- "path": "/edgedl/release2/chrome/APHZtEIErdMX_75.0.3770.100/75.0.3770.100_73.0.3683.86_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1e7n7k&ms=nvh&mt=1560970174&mv=m&pl=24&shardbypass=yes",
- "data": "GET /edgedl/release2/chrome/APHZtEIErdMX_75.0.3770.100/75.0.3770.100_73.0.3683.86_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1e7n7k&ms=nvh&mt=1560970174&mv=m&pl=24&shardbypass=yes HTTP/1.1\r\nConnection: Keep-Alive\r\nAccept: */*\r\nAccept-Encoding: identity\r\nIf-Unmodified-Since: Tue, 18 Jun 2019 04:17:17 GMT\r\nRange: bytes=21487505-22542505\r\nUser-Agent: Microsoft BITS/7.5\r\nX-Old-UID: cnt=0\r\nX-Last-HR: 0x0\r\nX-Last-HTTP-Status-Code: 0\r\nX-Retry-Count: 0\r\nX-HTTP-Attempts: 1\r\nHost: r5---sn-tt1e7n7k.gvt1.com\r\n\r\n",
- "port": 80
- },
- {
- "count": 1,
- "body": "",
- "uri": "http://r5---sn-tt1e7n7k.gvt1.com/edgedl/release2/chrome/APHZtEIErdMX_75.0.3770.100/75.0.3770.100_73.0.3683.86_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1e7n7k&ms=nvh&mt=1560970174&mv=m&pl=24&shardbypass=yes",
- "user-agent": "Microsoft BITS/7.5",
- "method": "GET",
- "host": "r5---sn-tt1e7n7k.gvt1.com",
- "version": "1.1",
- "path": "/edgedl/release2/chrome/APHZtEIErdMX_75.0.3770.100/75.0.3770.100_73.0.3683.86_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1e7n7k&ms=nvh&mt=1560970174&mv=m&pl=24&shardbypass=yes",
- "data": "GET /edgedl/release2/chrome/APHZtEIErdMX_75.0.3770.100/75.0.3770.100_73.0.3683.86_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1e7n7k&ms=nvh&mt=1560970174&mv=m&pl=24&shardbypass=yes HTTP/1.1\r\nConnection: Keep-Alive\r\nAccept: */*\r\nAccept-Encoding: identity\r\nIf-Unmodified-Since: Tue, 18 Jun 2019 04:17:17 GMT\r\nRange: bytes=22542506-23599052\r\nUser-Agent: Microsoft BITS/7.5\r\nX-Old-UID: cnt=0\r\nX-Last-HR: 0x0\r\nX-Last-HTTP-Status-Code: 0\r\nX-Retry-Count: 0\r\nX-HTTP-Attempts: 1\r\nHost: r5---sn-tt1e7n7k.gvt1.com\r\n\r\n",
- "port": 80
- },
- {
- "count": 1,
- "body": "",
- "uri": "http://r5---sn-tt1e7n7k.gvt1.com/edgedl/release2/chrome/APHZtEIErdMX_75.0.3770.100/75.0.3770.100_73.0.3683.86_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1e7n7k&ms=nvh&mt=1560970174&mv=m&pl=24&shardbypass=yes",
- "user-agent": "Microsoft BITS/7.5",
- "method": "GET",
- "host": "r5---sn-tt1e7n7k.gvt1.com",
- "version": "1.1",
- "path": "/edgedl/release2/chrome/APHZtEIErdMX_75.0.3770.100/75.0.3770.100_73.0.3683.86_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1e7n7k&ms=nvh&mt=1560970174&mv=m&pl=24&shardbypass=yes",
- "data": "GET /edgedl/release2/chrome/APHZtEIErdMX_75.0.3770.100/75.0.3770.100_73.0.3683.86_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1e7n7k&ms=nvh&mt=1560970174&mv=m&pl=24&shardbypass=yes HTTP/1.1\r\nConnection: Keep-Alive\r\nAccept: */*\r\nAccept-Encoding: identity\r\nIf-Unmodified-Since: Tue, 18 Jun 2019 04:17:17 GMT\r\nRange: bytes=23599053-24756655\r\nUser-Agent: Microsoft BITS/7.5\r\nX-Old-UID: cnt=0\r\nX-Last-HR: 0x0\r\nX-Last-HTTP-Status-Code: 0\r\nX-Retry-Count: 0\r\nX-HTTP-Attempts: 1\r\nHost: r5---sn-tt1e7n7k.gvt1.com\r\n\r\n",
- "port": 80
- },
- {
- "count": 1,
- "body": "",
- "uri": "http://r5---sn-tt1e7n7k.gvt1.com/edgedl/release2/chrome/APHZtEIErdMX_75.0.3770.100/75.0.3770.100_73.0.3683.86_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1e7n7k&ms=nvh&mt=1560970174&mv=m&pl=24&shardbypass=yes",
- "user-agent": "Microsoft BITS/7.5",
- "method": "GET",
- "host": "r5---sn-tt1e7n7k.gvt1.com",
- "version": "1.1",
- "path": "/edgedl/release2/chrome/APHZtEIErdMX_75.0.3770.100/75.0.3770.100_73.0.3683.86_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1e7n7k&ms=nvh&mt=1560970174&mv=m&pl=24&shardbypass=yes",
- "data": "GET /edgedl/release2/chrome/APHZtEIErdMX_75.0.3770.100/75.0.3770.100_73.0.3683.86_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1e7n7k&ms=nvh&mt=1560970174&mv=m&pl=24&shardbypass=yes HTTP/1.1\r\nConnection: Keep-Alive\r\nAccept: */*\r\nAccept-Encoding: identity\r\nIf-Unmodified-Since: Tue, 18 Jun 2019 04:17:17 GMT\r\nRange: bytes=24756656-26438926\r\nUser-Agent: Microsoft BITS/7.5\r\nX-Old-UID: cnt=0\r\nX-Last-HR: 0x0\r\nX-Last-HTTP-Status-Code: 0\r\nX-Retry-Count: 0\r\nX-HTTP-Attempts: 1\r\nHost: r5---sn-tt1e7n7k.gvt1.com\r\n\r\n",
- "port": 80
- },
- {
- "count": 1,
- "body": "",
- "uri": "http://r5---sn-tt1e7n7k.gvt1.com/edgedl/release2/chrome/APHZtEIErdMX_75.0.3770.100/75.0.3770.100_73.0.3683.86_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1e7n7k&ms=nvh&mt=1560970174&mv=m&pl=24&shardbypass=yes",
- "user-agent": "Microsoft BITS/7.5",
- "method": "GET",
- "host": "r5---sn-tt1e7n7k.gvt1.com",
- "version": "1.1",
- "path": "/edgedl/release2/chrome/APHZtEIErdMX_75.0.3770.100/75.0.3770.100_73.0.3683.86_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1e7n7k&ms=nvh&mt=1560970174&mv=m&pl=24&shardbypass=yes",
- "data": "GET /edgedl/release2/chrome/APHZtEIErdMX_75.0.3770.100/75.0.3770.100_73.0.3683.86_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1e7n7k&ms=nvh&mt=1560970174&mv=m&pl=24&shardbypass=yes HTTP/1.1\r\nConnection: Keep-Alive\r\nAccept: */*\r\nAccept-Encoding: identity\r\nIf-Unmodified-Since: Tue, 18 Jun 2019 04:17:17 GMT\r\nRange: bytes=26438927-28060582\r\nUser-Agent: Microsoft BITS/7.5\r\nX-Old-UID: cnt=0\r\nX-Last-HR: 0x0\r\nX-Last-HTTP-Status-Code: 0\r\nX-Retry-Count: 0\r\nX-HTTP-Attempts: 1\r\nHost: r5---sn-tt1e7n7k.gvt1.com\r\n\r\n",
- "port": 80
- },
- {
- "count": 1,
- "body": "",
- "uri": "http://r5---sn-tt1e7n7k.gvt1.com/edgedl/release2/chrome/APHZtEIErdMX_75.0.3770.100/75.0.3770.100_73.0.3683.86_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1e7n7k&ms=nvh&mt=1560970174&mv=m&pl=24&shardbypass=yes",
- "user-agent": "Microsoft BITS/7.5",
- "method": "GET",
- "host": "r5---sn-tt1e7n7k.gvt1.com",
- "version": "1.1",
- "path": "/edgedl/release2/chrome/APHZtEIErdMX_75.0.3770.100/75.0.3770.100_73.0.3683.86_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1e7n7k&ms=nvh&mt=1560970174&mv=m&pl=24&shardbypass=yes",
- "data": "GET /edgedl/release2/chrome/APHZtEIErdMX_75.0.3770.100/75.0.3770.100_73.0.3683.86_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1e7n7k&ms=nvh&mt=1560970174&mv=m&pl=24&shardbypass=yes HTTP/1.1\r\nConnection: Keep-Alive\r\nAccept: */*\r\nAccept-Encoding: identity\r\nIf-Unmodified-Since: Tue, 18 Jun 2019 04:17:17 GMT\r\nRange: bytes=28060583-29778765\r\nUser-Agent: Microsoft BITS/7.5\r\nX-Old-UID: cnt=0\r\nX-Last-HR: 0x0\r\nX-Last-HTTP-Status-Code: 0\r\nX-Retry-Count: 0\r\nX-HTTP-Attempts: 1\r\nHost: r5---sn-tt1e7n7k.gvt1.com\r\n\r\n",
- "port": 80
- },
- {
- "count": 1,
- "body": "",
- "uri": "http://r5---sn-tt1e7n7k.gvt1.com/edgedl/release2/chrome/APHZtEIErdMX_75.0.3770.100/75.0.3770.100_73.0.3683.86_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1e7n7k&ms=nvh&mt=1560970174&mv=m&pl=24&shardbypass=yes",
- "user-agent": "Microsoft BITS/7.5",
- "method": "GET",
- "host": "r5---sn-tt1e7n7k.gvt1.com",
- "version": "1.1",
- "path": "/edgedl/release2/chrome/APHZtEIErdMX_75.0.3770.100/75.0.3770.100_73.0.3683.86_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1e7n7k&ms=nvh&mt=1560970174&mv=m&pl=24&shardbypass=yes",
- "data": "GET /edgedl/release2/chrome/APHZtEIErdMX_75.0.3770.100/75.0.3770.100_73.0.3683.86_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1e7n7k&ms=nvh&mt=1560970174&mv=m&pl=24&shardbypass=yes HTTP/1.1\r\nConnection: Keep-Alive\r\nAccept: */*\r\nAccept-Encoding: identity\r\nIf-Unmodified-Since: Tue, 18 Jun 2019 04:17:17 GMT\r\nRange: bytes=29778766-30837092\r\nUser-Agent: Microsoft BITS/7.5\r\nX-Old-UID: cnt=0\r\nX-Last-HR: 0x0\r\nX-Last-HTTP-Status-Code: 0\r\nX-Retry-Count: 0\r\nX-HTTP-Attempts: 1\r\nHost: r5---sn-tt1e7n7k.gvt1.com\r\n\r\n",
- "port": 80
- },
- {
- "count": 1,
- "body": "",
- "uri": "http://r5---sn-tt1e7n7k.gvt1.com/edgedl/release2/chrome/APHZtEIErdMX_75.0.3770.100/75.0.3770.100_73.0.3683.86_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1e7n7k&ms=nvh&mt=1560970174&mv=m&pl=24&shardbypass=yes",
- "user-agent": "Microsoft BITS/7.5",
- "method": "GET",
- "host": "r5---sn-tt1e7n7k.gvt1.com",
- "version": "1.1",
- "path": "/edgedl/release2/chrome/APHZtEIErdMX_75.0.3770.100/75.0.3770.100_73.0.3683.86_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1e7n7k&ms=nvh&mt=1560970174&mv=m&pl=24&shardbypass=yes",
- "data": "GET /edgedl/release2/chrome/APHZtEIErdMX_75.0.3770.100/75.0.3770.100_73.0.3683.86_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1e7n7k&ms=nvh&mt=1560970174&mv=m&pl=24&shardbypass=yes HTTP/1.1\r\nConnection: Keep-Alive\r\nAccept: */*\r\nAccept-Encoding: identity\r\nIf-Unmodified-Since: Tue, 18 Jun 2019 04:17:17 GMT\r\nRange: bytes=30837093-32761086\r\nUser-Agent: Microsoft BITS/7.5\r\nX-Old-UID: cnt=0\r\nX-Last-HR: 0x0\r\nX-Last-HTTP-Status-Code: 0\r\nX-Retry-Count: 0\r\nX-HTTP-Attempts: 1\r\nHost: r5---sn-tt1e7n7k.gvt1.com\r\n\r\n",
- "port": 80
- },
- {
- "count": 1,
- "body": "",
- "uri": "http://r5---sn-tt1e7n7k.gvt1.com/edgedl/release2/chrome/APHZtEIErdMX_75.0.3770.100/75.0.3770.100_73.0.3683.86_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1e7n7k&ms=nvh&mt=1560970174&mv=m&pl=24&shardbypass=yes",
- "user-agent": "Microsoft BITS/7.5",
- "method": "GET",
- "host": "r5---sn-tt1e7n7k.gvt1.com",
- "version": "1.1",
- "path": "/edgedl/release2/chrome/APHZtEIErdMX_75.0.3770.100/75.0.3770.100_73.0.3683.86_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1e7n7k&ms=nvh&mt=1560970174&mv=m&pl=24&shardbypass=yes",
- "data": "GET /edgedl/release2/chrome/APHZtEIErdMX_75.0.3770.100/75.0.3770.100_73.0.3683.86_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1e7n7k&ms=nvh&mt=1560970174&mv=m&pl=24&shardbypass=yes HTTP/1.1\r\nConnection: Keep-Alive\r\nAccept: */*\r\nAccept-Encoding: identity\r\nIf-Unmodified-Since: Tue, 18 Jun 2019 04:17:17 GMT\r\nRange: bytes=32761087-33549055\r\nUser-Agent: Microsoft BITS/7.5\r\nX-Old-UID: cnt=0\r\nX-Last-HR: 0x0\r\nX-Last-HTTP-Status-Code: 0\r\nX-Retry-Count: 0\r\nX-HTTP-Attempts: 1\r\nHost: r5---sn-tt1e7n7k.gvt1.com\r\n\r\n",
- "port": 80
- }
- ]
- [*] Network Communication - SMTP: []
- [*] Network Communication - Hosts: []
- [*] Network Communication - IRC: []
- [*] Static Analysis: {
- "pe": {
- "peid_signatures": null,
- "imports": [
- {
- "imports": [
- {
- "name": "ExitProcess",
- "address": "0x42d000"
- },
- {
- "name": "lstrlenA",
- "address": "0x42d004"
- },
- {
- "name": "DebugActiveProcessStop",
- "address": "0x42d008"
- },
- {
- "name": "LockFile",
- "address": "0x42d00c"
- },
- {
- "name": "GetModuleHandleW",
- "address": "0x42d010"
- },
- {
- "name": "GetTickCount",
- "address": "0x42d014"
- },
- {
- "name": "GetBinaryTypeA",
- "address": "0x42d018"
- },
- {
- "name": "Module32First",
- "address": "0x42d01c"
- },
- {
- "name": "EnterCriticalSection",
- "address": "0x42d020"
- },
- {
- "name": "LocalAlloc",
- "address": "0x42d024"
- },
- {
- "name": "GetNumberFormatW",
- "address": "0x42d028"
- },
- {
- "name": "VirtualProtect",
- "address": "0x42d02c"
- },
- {
- "name": "CreateToolhelp32Snapshot",
- "address": "0x42d030"
- },
- {
- "name": "PeekConsoleInputA",
- "address": "0x42d034"
- },
- {
- "name": "CloseHandle",
- "address": "0x42d038"
- },
- {
- "name": "ReadConsoleW",
- "address": "0x42d03c"
- },
- {
- "name": "ReadFile",
- "address": "0x42d040"
- },
- {
- "name": "FlushFileBuffers",
- "address": "0x42d044"
- },
- {
- "name": "GetStringTypeW",
- "address": "0x42d048"
- },
- {
- "name": "EncodePointer",
- "address": "0x42d04c"
- },
- {
- "name": "DecodePointer",
- "address": "0x42d050"
- },
- {
- "name": "IsDebuggerPresent",
- "address": "0x42d054"
- },
- {
- "name": "IsProcessorFeaturePresent",
- "address": "0x42d058"
- },
- {
- "name": "GetCommandLineA",
- "address": "0x42d05c"
- },
- {
- "name": "RaiseException",
- "address": "0x42d060"
- },
- {
- "name": "RtlUnwind",
- "address": "0x42d064"
- },
- {
- "name": "LeaveCriticalSection",
- "address": "0x42d068"
- },
- {
- "name": "GetLastError",
- "address": "0x42d06c"
- },
- {
- "name": "GetModuleHandleExW",
- "address": "0x42d070"
- },
- {
- "name": "GetProcAddress",
- "address": "0x42d074"
- },
- {
- "name": "AreFileApisANSI",
- "address": "0x42d078"
- },
- {
- "name": "MultiByteToWideChar",
- "address": "0x42d07c"
- },
- {
- "name": "WideCharToMultiByte",
- "address": "0x42d080"
- },
- {
- "name": "HeapSize",
- "address": "0x42d084"
- },
- {
- "name": "HeapFree",
- "address": "0x42d088"
- },
- {
- "name": "UnhandledExceptionFilter",
- "address": "0x42d08c"
- },
- {
- "name": "SetUnhandledExceptionFilter",
- "address": "0x42d090"
- },
- {
- "name": "SetLastError",
- "address": "0x42d094"
- },
- {
- "name": "InitializeCriticalSectionAndSpinCount",
- "address": "0x42d098"
- },
- {
- "name": "CreateEventW",
- "address": "0x42d09c"
- },
- {
- "name": "Sleep",
- "address": "0x42d0a0"
- },
- {
- "name": "GetCurrentProcess",
- "address": "0x42d0a4"
- },
- {
- "name": "TerminateProcess",
- "address": "0x42d0a8"
- },
- {
- "name": "TlsAlloc",
- "address": "0x42d0ac"
- },
- {
- "name": "TlsGetValue",
- "address": "0x42d0b0"
- },
- {
- "name": "TlsSetValue",
- "address": "0x42d0b4"
- },
- {
- "name": "TlsFree",
- "address": "0x42d0b8"
- },
- {
- "name": "GetStartupInfoW",
- "address": "0x42d0bc"
- },
- {
- "name": "CreateSemaphoreW",
- "address": "0x42d0c0"
- },
- {
- "name": "HeapAlloc",
- "address": "0x42d0c4"
- },
- {
- "name": "GetCurrentThread",
- "address": "0x42d0c8"
- },
- {
- "name": "GetCurrentThreadId",
- "address": "0x42d0cc"
- },
- {
- "name": "GetProcessHeap",
- "address": "0x42d0d0"
- },
- {
- "name": "GetStdHandle",
- "address": "0x42d0d4"
- },
- {
- "name": "GetFileType",
- "address": "0x42d0d8"
- },
- {
- "name": "DeleteCriticalSection",
- "address": "0x42d0dc"
- },
- {
- "name": "GetModuleFileNameA",
- "address": "0x42d0e0"
- },
- {
- "name": "WriteFile",
- "address": "0x42d0e4"
- },
- {
- "name": "GetModuleFileNameW",
- "address": "0x42d0e8"
- },
- {
- "name": "QueryPerformanceCounter",
- "address": "0x42d0ec"
- },
- {
- "name": "GetCurrentProcessId",
- "address": "0x42d0f0"
- },
- {
- "name": "GetSystemTimeAsFileTime",
- "address": "0x42d0f4"
- },
- {
- "name": "GetEnvironmentStringsW",
- "address": "0x42d0f8"
- },
- {
- "name": "FreeEnvironmentStringsW",
- "address": "0x42d0fc"
- },
- {
- "name": "GetConsoleCP",
- "address": "0x42d100"
- },
- {
- "name": "GetConsoleMode",
- "address": "0x42d104"
- },
- {
- "name": "SetFilePointerEx",
- "address": "0x42d108"
- },
- {
- "name": "IsValidCodePage",
- "address": "0x42d10c"
- },
- {
- "name": "GetACP",
- "address": "0x42d110"
- },
- {
- "name": "GetOEMCP",
- "address": "0x42d114"
- },
- {
- "name": "GetCPInfo",
- "address": "0x42d118"
- },
- {
- "name": "FatalAppExitA",
- "address": "0x42d11c"
- },
- {
- "name": "SetConsoleCtrlHandler",
- "address": "0x42d120"
- },
- {
- "name": "FreeLibrary",
- "address": "0x42d124"
- },
- {
- "name": "LoadLibraryExW",
- "address": "0x42d128"
- },
- {
- "name": "HeapReAlloc",
- "address": "0x42d12c"
- },
- {
- "name": "GetDateFormatW",
- "address": "0x42d130"
- },
- {
- "name": "GetTimeFormatW",
- "address": "0x42d134"
- },
- {
- "name": "CompareStringW",
- "address": "0x42d138"
- },
- {
- "name": "LCMapStringW",
- "address": "0x42d13c"
- },
- {
- "name": "GetLocaleInfoW",
- "address": "0x42d140"
- },
- {
- "name": "IsValidLocale",
- "address": "0x42d144"
- },
- {
- "name": "GetUserDefaultLCID",
- "address": "0x42d148"
- },
- {
- "name": "EnumSystemLocalesW",
- "address": "0x42d14c"
- },
- {
- "name": "OutputDebugStringW",
- "address": "0x42d150"
- },
- {
- "name": "SetStdHandle",
- "address": "0x42d154"
- },
- {
- "name": "WriteConsoleW",
- "address": "0x42d158"
- },
- {
- "name": "CreateFileW",
- "address": "0x42d15c"
- }
- ],
- "dll": "KERNEL32.dll"
- },
- {
- "imports": [
- {
- "name": "GetMonitorInfoA",
- "address": "0x42d164"
- },
- {
- "name": "InSendMessageEx",
- "address": "0x42d168"
- },
- {
- "name": "ToAscii",
- "address": "0x42d16c"
- }
- ],
- "dll": "USER32.dll"
- }
- ],
- "digital_signers": null,
- "exported_dll_name": "bupek.exe",
- "actual_checksum": "0x00069481",
- "overlay": null,
- "imagebase": "0x00400000",
- "reported_checksum": "0x00069481",
- "icon_hash": null,
- "entrypoint": "0x00403ad3",
- "timestamp": "2018-01-25 08:25:36",
- "osversion": "5.1",
- "sections": [
- {
- "name": ".text",
- "characteristics": "IMAGE_SCN_CNT_CODE|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ",
- "virtual_address": "0x00001000",
- "size_of_data": "0x0002bc00",
- "entropy": "6.68",
- "raw_address": "0x00000400",
- "virtual_size": "0x0002ba9d",
- "characteristics_raw": "0x60000020"
- },
- {
- "name": ".rdata",
- "characteristics": "IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ",
- "virtual_address": "0x0002d000",
- "size_of_data": "0x00029600",
- "entropy": "6.40",
- "raw_address": "0x0002c000",
- "virtual_size": "0x00029582",
- "characteristics_raw": "0x40000040"
- },
- {
- "name": ".data",
- "characteristics": "IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE",
- "virtual_address": "0x00057000",
- "size_of_data": "0x00001e00",
- "entropy": "3.10",
- "raw_address": "0x00055600",
- "virtual_size": "0x00804d8c",
- "characteristics_raw": "0xc0000040"
- },
- {
- "name": ".rsrc",
- "characteristics": "IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ",
- "virtual_address": "0x0085c000",
- "size_of_data": "0x00003e00",
- "entropy": "5.99",
- "raw_address": "0x00057400",
- "virtual_size": "0x00003cb8",
- "characteristics_raw": "0x40000040"
- },
- {
- "name": ".reloc",
- "characteristics": "IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_DISCARDABLE|IMAGE_SCN_MEM_READ",
- "virtual_address": "0x00860000",
- "size_of_data": "0x00002200",
- "entropy": "6.64",
- "raw_address": "0x0005b200",
- "virtual_size": "0x000021b8",
- "characteristics_raw": "0x42000040"
- }
- ],
- "resources": [],
- "dirents": [
- {
- "virtual_address": "0x00055cf0",
- "name": "IMAGE_DIRECTORY_ENTRY_EXPORT",
- "size": "0x00000049"
- },
- {
- "virtual_address": "0x00055d3c",
- "name": "IMAGE_DIRECTORY_ENTRY_IMPORT",
- "size": "0x0000003c"
- },
- {
- "virtual_address": "0x0085c000",
- "name": "IMAGE_DIRECTORY_ENTRY_RESOURCE",
- "size": "0x00003cb8"
- },
- {
- "virtual_address": "0x00000000",
- "name": "IMAGE_DIRECTORY_ENTRY_EXCEPTION",
- "size": "0x00000000"
- },
- {
- "virtual_address": "0x00000000",
- "name": "IMAGE_DIRECTORY_ENTRY_SECURITY",
- "size": "0x00000000"
- },
- {
- "virtual_address": "0x00860000",
- "name": "IMAGE_DIRECTORY_ENTRY_BASERELOC",
- "size": "0x000021b8"
- },
- {
- "virtual_address": "0x0002d1d0",
- "name": "IMAGE_DIRECTORY_ENTRY_DEBUG",
- "size": "0x00000038"
- },
- {
- "virtual_address": "0x00000000",
- "name": "IMAGE_DIRECTORY_ENTRY_COPYRIGHT",
- "size": "0x00000000"
- },
- {
- "virtual_address": "0x00000000",
- "name": "IMAGE_DIRECTORY_ENTRY_GLOBALPTR",
- "size": "0x00000000"
- },
- {
- "virtual_address": "0x00000000",
- "name": "IMAGE_DIRECTORY_ENTRY_TLS",
- "size": "0x00000000"
- },
- {
- "virtual_address": "0x00000000",
- "name": "IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG",
- "size": "0x00000000"
- },
- {
- "virtual_address": "0x00000000",
- "name": "IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT",
- "size": "0x00000000"
- },
- {
- "virtual_address": "0x0002d000",
- "name": "IMAGE_DIRECTORY_ENTRY_IAT",
- "size": "0x00000174"
- },
- {
- "virtual_address": "0x00000000",
- "name": "IMAGE_DIRECTORY_ENTRY_DELAY_IMPORT",
- "size": "0x00000000"
- },
- {
- "virtual_address": "0x00000000",
- "name": "IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR",
- "size": "0x00000000"
- },
- {
- "virtual_address": "0x00000000",
- "name": "IMAGE_DIRECTORY_ENTRY_RESERVED",
- "size": "0x00000000"
- }
- ],
- "exports": [
- {
- "ordinal": 1,
- "name": "MyFunc165@@4",
- "address": "0x42c4f0"
- }
- ],
- "guest_signers": {},
- "imphash": "a9de0ae653d70388f1053417ed3bfb9b",
- "icon_fuzzy": null,
- "icon": null,
- "pdbpath": "C:\\cereyitocibi\\riwegeyuseyowadufu.pdb\\x00tmp_1417221033\\bin\\bupek.pdb\\x00\\x00\\x00\\x00\\x00\\xab\\x00\\x00\\x00\\xab\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x008\\x87E",
- "imported_dll_count": 2,
- "versioninfo": []
- }
- }
- [*] Resolved APIs: [
- "kernel32.dll.FlsAlloc",
- "kernel32.dll.FlsFree",
- "kernel32.dll.FlsGetValue",
- "kernel32.dll.FlsSetValue",
- "kernel32.dll.InitializeCriticalSectionEx",
- "kernel32.dll.CreateEventExW",
- "kernel32.dll.CreateSemaphoreExW",
- "kernel32.dll.SetThreadStackGuarantee",
- "kernel32.dll.CreateThreadpoolTimer",
- "kernel32.dll.SetThreadpoolTimer",
- "kernel32.dll.WaitForThreadpoolTimerCallbacks",
- "kernel32.dll.CloseThreadpoolTimer",
- "kernel32.dll.CreateThreadpoolWait",
- "kernel32.dll.SetThreadpoolWait",
- "kernel32.dll.CloseThreadpoolWait",
- "kernel32.dll.FlushProcessWriteBuffers",
- "kernel32.dll.FreeLibraryWhenCallbackReturns",
- "kernel32.dll.GetCurrentProcessorNumber",
- "kernel32.dll.GetLogicalProcessorInformation",
- "kernel32.dll.CreateSymbolicLinkW",
- "kernel32.dll.EnumSystemLocalesEx",
- "kernel32.dll.CompareStringEx",
- "kernel32.dll.GetDateFormatEx",
- "kernel32.dll.GetLocaleInfoEx",
- "kernel32.dll.GetTimeFormatEx",
- "kernel32.dll.GetUserDefaultLocaleName",
- "kernel32.dll.IsValidLocaleName",
- "kernel32.dll.LCMapStringEx",
- "kernel32.dll.GetTickCount64",
- "kernel32.dll.GlobalAlloc",
- "kernel32.dll.GetLastError",
- "kernel32.dll.Sleep",
- "kernel32.dll.CreateToolhelp32Snapshot",
- "kernel32.dll.Module32First",
- "kernel32.dll.CloseHandle",
- "kernel32.dll.LoadLibraryA",
- "kernel32.dll.VirtualAlloc",
- "kernel32.dll.VirtualProtect",
- "kernel32.dll.VirtualFree",
- "kernel32.dll.GetVersionExA",
- "kernel32.dll.TerminateProcess",
- "kernel32.dll.ExitProcess",
- "kernel32.dll.SetErrorMode",
- "kernel32.dll.FreeConsole",
- "kernel32.dll.OutputDebugStringW",
- "msvcr100.dll.atexit"
- ]
- [*] Static Analysis: {
- "pe": {
- "peid_signatures": null,
- "imports": [
- {
- "imports": [
- {
- "name": "ExitProcess",
- "address": "0x42d000"
- },
- {
- "name": "lstrlenA",
- "address": "0x42d004"
- },
- {
- "name": "DebugActiveProcessStop",
- "address": "0x42d008"
- },
- {
- "name": "LockFile",
- "address": "0x42d00c"
- },
- {
- "name": "GetModuleHandleW",
- "address": "0x42d010"
- },
- {
- "name": "GetTickCount",
- "address": "0x42d014"
- },
- {
- "name": "GetBinaryTypeA",
- "address": "0x42d018"
- },
- {
- "name": "Module32First",
- "address": "0x42d01c"
- },
- {
- "name": "EnterCriticalSection",
- "address": "0x42d020"
- },
- {
- "name": "LocalAlloc",
- "address": "0x42d024"
- },
- {
- "name": "GetNumberFormatW",
- "address": "0x42d028"
- },
- {
- "name": "VirtualProtect",
- "address": "0x42d02c"
- },
- {
- "name": "CreateToolhelp32Snapshot",
- "address": "0x42d030"
- },
- {
- "name": "PeekConsoleInputA",
- "address": "0x42d034"
- },
- {
- "name": "CloseHandle",
- "address": "0x42d038"
- },
- {
- "name": "ReadConsoleW",
- "address": "0x42d03c"
- },
- {
- "name": "ReadFile",
- "address": "0x42d040"
- },
- {
- "name": "FlushFileBuffers",
- "address": "0x42d044"
- },
- {
- "name": "GetStringTypeW",
- "address": "0x42d048"
- },
- {
- "name": "EncodePointer",
- "address": "0x42d04c"
- },
- {
- "name": "DecodePointer",
- "address": "0x42d050"
- },
- {
- "name": "IsDebuggerPresent",
- "address": "0x42d054"
- },
- {
- "name": "IsProcessorFeaturePresent",
- "address": "0x42d058"
- },
- {
- "name": "GetCommandLineA",
- "address": "0x42d05c"
- },
- {
- "name": "RaiseException",
- "address": "0x42d060"
- },
- {
- "name": "RtlUnwind",
- "address": "0x42d064"
- },
- {
- "name": "LeaveCriticalSection",
- "address": "0x42d068"
- },
- {
- "name": "GetLastError",
- "address": "0x42d06c"
- },
- {
- "name": "GetModuleHandleExW",
- "address": "0x42d070"
- },
- {
- "name": "GetProcAddress",
- "address": "0x42d074"
- },
- {
- "name": "AreFileApisANSI",
- "address": "0x42d078"
- },
- {
- "name": "MultiByteToWideChar",
- "address": "0x42d07c"
- },
- {
- "name": "WideCharToMultiByte",
- "address": "0x42d080"
- },
- {
- "name": "HeapSize",
- "address": "0x42d084"
- },
- {
- "name": "HeapFree",
- "address": "0x42d088"
- },
- {
- "name": "UnhandledExceptionFilter",
- "address": "0x42d08c"
- },
- {
- "name": "SetUnhandledExceptionFilter",
- "address": "0x42d090"
- },
- {
- "name": "SetLastError",
- "address": "0x42d094"
- },
- {
- "name": "InitializeCriticalSectionAndSpinCount",
- "address": "0x42d098"
- },
- {
- "name": "CreateEventW",
- "address": "0x42d09c"
- },
- {
- "name": "Sleep",
- "address": "0x42d0a0"
- },
- {
- "name": "GetCurrentProcess",
- "address": "0x42d0a4"
- },
- {
- "name": "TerminateProcess",
- "address": "0x42d0a8"
- },
- {
- "name": "TlsAlloc",
- "address": "0x42d0ac"
- },
- {
- "name": "TlsGetValue",
- "address": "0x42d0b0"
- },
- {
- "name": "TlsSetValue",
- "address": "0x42d0b4"
- },
- {
- "name": "TlsFree",
- "address": "0x42d0b8"
- },
- {
- "name": "GetStartupInfoW",
- "address": "0x42d0bc"
- },
- {
- "name": "CreateSemaphoreW",
- "address": "0x42d0c0"
- },
- {
- "name": "HeapAlloc",
- "address": "0x42d0c4"
- },
- {
- "name": "GetCurrentThread",
- "address": "0x42d0c8"
- },
- {
- "name": "GetCurrentThreadId",
- "address": "0x42d0cc"
- },
- {
- "name": "GetProcessHeap",
- "address": "0x42d0d0"
- },
- {
- "name": "GetStdHandle",
- "address": "0x42d0d4"
- },
- {
- "name": "GetFileType",
- "address": "0x42d0d8"
- },
- {
- "name": "DeleteCriticalSection",
- "address": "0x42d0dc"
- },
- {
- "name": "GetModuleFileNameA",
- "address": "0x42d0e0"
- },
- {
- "name": "WriteFile",
- "address": "0x42d0e4"
- },
- {
- "name": "GetModuleFileNameW",
- "address": "0x42d0e8"
- },
- {
- "name": "QueryPerformanceCounter",
- "address": "0x42d0ec"
- },
- {
- "name": "GetCurrentProcessId",
- "address": "0x42d0f0"
- },
- {
- "name": "GetSystemTimeAsFileTime",
- "address": "0x42d0f4"
- },
- {
- "name": "GetEnvironmentStringsW",
- "address": "0x42d0f8"
- },
- {
- "name": "FreeEnvironmentStringsW",
- "address": "0x42d0fc"
- },
- {
- "name": "GetConsoleCP",
- "address": "0x42d100"
- },
- {
- "name": "GetConsoleMode",
- "address": "0x42d104"
- },
- {
- "name": "SetFilePointerEx",
- "address": "0x42d108"
- },
- {
- "name": "IsValidCodePage",
- "address": "0x42d10c"
- },
- {
- "name": "GetACP",
- "address": "0x42d110"
- },
- {
- "name": "GetOEMCP",
- "address": "0x42d114"
- },
- {
- "name": "GetCPInfo",
- "address": "0x42d118"
- },
- {
- "name": "FatalAppExitA",
- "address": "0x42d11c"
- },
- {
- "name": "SetConsoleCtrlHandler",
- "address": "0x42d120"
- },
- {
- "name": "FreeLibrary",
- "address": "0x42d124"
- },
- {
- "name": "LoadLibraryExW",
- "address": "0x42d128"
- },
- {
- "name": "HeapReAlloc",
- "address": "0x42d12c"
- },
- {
- "name": "GetDateFormatW",
- "address": "0x42d130"
- },
- {
- "name": "GetTimeFormatW",
- "address": "0x42d134"
- },
- {
- "name": "CompareStringW",
- "address": "0x42d138"
- },
- {
- "name": "LCMapStringW",
- "address": "0x42d13c"
- },
- {
- "name": "GetLocaleInfoW",
- "address": "0x42d140"
- },
- {
- "name": "IsValidLocale",
- "address": "0x42d144"
- },
- {
- "name": "GetUserDefaultLCID",
- "address": "0x42d148"
- },
- {
- "name": "EnumSystemLocalesW",
- "address": "0x42d14c"
- },
- {
- "name": "OutputDebugStringW",
- "address": "0x42d150"
- },
- {
- "name": "SetStdHandle",
- "address": "0x42d154"
- },
- {
- "name": "WriteConsoleW",
- "address": "0x42d158"
- },
- {
- "name": "CreateFileW",
- "address": "0x42d15c"
- }
- ],
- "dll": "KERNEL32.dll"
- },
- {
- "imports": [
- {
- "name": "GetMonitorInfoA",
- "address": "0x42d164"
- },
- {
- "name": "InSendMessageEx",
- "address": "0x42d168"
- },
- {
- "name": "ToAscii",
- "address": "0x42d16c"
- }
- ],
- "dll": "USER32.dll"
- }
- ],
- "digital_signers": null,
- "exported_dll_name": "bupek.exe",
- "actual_checksum": "0x00069481",
- "overlay": null,
- "imagebase": "0x00400000",
- "reported_checksum": "0x00069481",
- "icon_hash": null,
- "entrypoint": "0x00403ad3",
- "timestamp": "2018-01-25 08:25:36",
- "osversion": "5.1",
- "sections": [
- {
- "name": ".text",
- "characteristics": "IMAGE_SCN_CNT_CODE|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ",
- "virtual_address": "0x00001000",
- "size_of_data": "0x0002bc00",
- "entropy": "6.68",
- "raw_address": "0x00000400",
- "virtual_size": "0x0002ba9d",
- "characteristics_raw": "0x60000020"
- },
- {
- "name": ".rdata",
- "characteristics": "IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ",
- "virtual_address": "0x0002d000",
- "size_of_data": "0x00029600",
- "entropy": "6.40",
- "raw_address": "0x0002c000",
- "virtual_size": "0x00029582",
- "characteristics_raw": "0x40000040"
- },
- {
- "name": ".data",
- "characteristics": "IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE",
- "virtual_address": "0x00057000",
- "size_of_data": "0x00001e00",
- "entropy": "3.10",
- "raw_address": "0x00055600",
- "virtual_size": "0x00804d8c",
- "characteristics_raw": "0xc0000040"
- },
- {
- "name": ".rsrc",
- "characteristics": "IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ",
- "virtual_address": "0x0085c000",
- "size_of_data": "0x00003e00",
- "entropy": "5.99",
- "raw_address": "0x00057400",
- "virtual_size": "0x00003cb8",
- "characteristics_raw": "0x40000040"
- },
- {
- "name": ".reloc",
- "characteristics": "IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_DISCARDABLE|IMAGE_SCN_MEM_READ",
- "virtual_address": "0x00860000",
- "size_of_data": "0x00002200",
- "entropy": "6.64",
- "raw_address": "0x0005b200",
- "virtual_size": "0x000021b8",
- "characteristics_raw": "0x42000040"
- }
- ],
- "resources": [],
- "dirents": [
- {
- "virtual_address": "0x00055cf0",
- "name": "IMAGE_DIRECTORY_ENTRY_EXPORT",
- "size": "0x00000049"
- },
- {
- "virtual_address": "0x00055d3c",
- "name": "IMAGE_DIRECTORY_ENTRY_IMPORT",
- "size": "0x0000003c"
- },
- {
- "virtual_address": "0x0085c000",
- "name": "IMAGE_DIRECTORY_ENTRY_RESOURCE",
- "size": "0x00003cb8"
- },
- {
- "virtual_address": "0x00000000",
- "name": "IMAGE_DIRECTORY_ENTRY_EXCEPTION",
- "size": "0x00000000"
- },
- {
- "virtual_address": "0x00000000",
- "name": "IMAGE_DIRECTORY_ENTRY_SECURITY",
- "size": "0x00000000"
- },
- {
- "virtual_address": "0x00860000",
- "name": "IMAGE_DIRECTORY_ENTRY_BASERELOC",
- "size": "0x000021b8"
- },
- {
- "virtual_address": "0x0002d1d0",
- "name": "IMAGE_DIRECTORY_ENTRY_DEBUG",
- "size": "0x00000038"
- },
- {
- "virtual_address": "0x00000000",
- "name": "IMAGE_DIRECTORY_ENTRY_COPYRIGHT",
- "size": "0x00000000"
- },
- {
- "virtual_address": "0x00000000",
- "name": "IMAGE_DIRECTORY_ENTRY_GLOBALPTR",
- "size": "0x00000000"
- },
- {
- "virtual_address": "0x00000000",
- "name": "IMAGE_DIRECTORY_ENTRY_TLS",
- "size": "0x00000000"
- },
- {
- "virtual_address": "0x00000000",
- "name": "IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG",
- "size": "0x00000000"
- },
- {
- "virtual_address": "0x00000000",
- "name": "IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT",
- "size": "0x00000000"
- },
- {
- "virtual_address": "0x0002d000",
- "name": "IMAGE_DIRECTORY_ENTRY_IAT",
- "size": "0x00000174"
- },
- {
- "virtual_address": "0x00000000",
- "name": "IMAGE_DIRECTORY_ENTRY_DELAY_IMPORT",
- "size": "0x00000000"
- },
- {
- "virtual_address": "0x00000000",
- "name": "IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR",
- "size": "0x00000000"
- },
- {
- "virtual_address": "0x00000000",
- "name": "IMAGE_DIRECTORY_ENTRY_RESERVED",
- "size": "0x00000000"
- }
- ],
- "exports": [
- {
- "ordinal": 1,
- "name": "MyFunc165@@4",
- "address": "0x42c4f0"
- }
- ],
- "guest_signers": {},
- "imphash": "a9de0ae653d70388f1053417ed3bfb9b",
- "icon_fuzzy": null,
- "icon": null,
- "pdbpath": "C:\\cereyitocibi\\riwegeyuseyowadufu.pdb\\x00tmp_1417221033\\bin\\bupek.pdb\\x00\\x00\\x00\\x00\\x00\\xab\\x00\\x00\\x00\\xab\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x008\\x87E",
- "imported_dll_count": 2,
- "versioninfo": []
- }
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement