Analysis

  • max time kernel
    150s
  • max time network
    147s
  • platform
    windows10-1703_x64
  • resource
    win10-20240221-en
  • resource tags

    arch:x64arch:x86image:win10-20240221-enlocale:en-usos:windows10-1703-x64system
  • submitted
    18-03-2024 12:45

General

  • Target

    https://drive.google.com/file/d/12gwImk1shFaL4tb5QbtNVGte6qey4yju/view?usp=sharing

Score
10/10

Malware Config

Signatures

  • Detected google phishing page
  • Legitimate hosting services abused for malware hosting/C2 1 TTPs 5 IoCs
  • Drops file in Windows directory 4 IoCs
  • Modifies Internet Explorer settings 1 TTPs 2 IoCs
  • Modifies registry class 64 IoCs
  • Suspicious behavior: MapViewOfSection 5 IoCs
  • Suspicious use of AdjustPrivilegeToken 4 IoCs
  • Suspicious use of SetWindowsHookEx 4 IoCs
  • Suspicious use of WriteProcessMemory 48 IoCs

Processes

  • C:\Windows\system32\LaunchWinApp.exe
    "C:\Windows\system32\LaunchWinApp.exe" "https://drive.google.com/file/d/12gwImk1shFaL4tb5QbtNVGte6qey4yju/view?usp=sharing"
    1⤵
      PID:5040
    • C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
      "C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe" -ServerName:MicrosoftEdge.AppXdnhjhccw3zf0j06tkg3jtqr00qdm0khc.mca
      1⤵
      • Drops file in Windows directory
      • Modifies registry class
      • Suspicious use of SetWindowsHookEx
      PID:3328
    • C:\Windows\system32\browser_broker.exe
      C:\Windows\system32\browser_broker.exe -Embedding
      1⤵
      • Modifies Internet Explorer settings
      PID:1864
    • C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
      "C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
      1⤵
      • Suspicious behavior: MapViewOfSection
      • Suspicious use of SetWindowsHookEx
      • Suspicious use of WriteProcessMemory
      PID:3892
    • C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
      "C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
      1⤵
      • Drops file in Windows directory
      • Modifies Internet Explorer settings
      • Modifies registry class
      • Suspicious use of AdjustPrivilegeToken
      • Suspicious use of SetWindowsHookEx
      PID:3252
    • C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
      "C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
      1⤵
      • Drops file in Windows directory
      • Modifies registry class
      PID:608
    • C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
      "C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
      1⤵
      • Modifies registry class
      PID:4512

    Network

    • flag-us
      DNS
      drive.google.com
      MicrosoftEdge.exe
      Remote address:
      8.8.8.8:53
      Request
      drive.google.com
      IN A
      Response
      drive.google.com
      IN A
      142.250.179.142
    • flag-us
      DNS
      0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.8.0.8.0.8.0.8.0.ip6.arpa
      Remote address:
      8.8.8.8:53
      Request
      0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.8.0.8.0.8.0.8.0.ip6.arpa
      IN PTR
      Response
    • flag-us
      DNS
      0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.8.0.8.0.8.0.8.0.ip6.arpa
      Remote address:
      8.8.8.8:53
      Request
      0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.8.0.8.0.8.0.8.0.ip6.arpa
      IN PTR
    • flag-nl
      GET
      https://drive.google.com/file/d/12gwImk1shFaL4tb5QbtNVGte6qey4yju/view?usp=sharing
      MicrosoftEdgeCP.exe
      Remote address:
      142.250.179.142:443
      Request
      GET /file/d/12gwImk1shFaL4tb5QbtNVGte6qey4yju/view?usp=sharing HTTP/2.0
      host: drive.google.com
      accept: text/html, application/xhtml+xml, image/jxr, */*
      accept-language: en-US
      user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
      accept-encoding: gzip, deflate, br
      Response
      HTTP/2.0 200
      content-type: text/html; charset=utf-8
      vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
      x-robots-tag: noindex, nofollow, nosnippet
      cache-control: no-cache, no-store, max-age=0, must-revalidate
      pragma: no-cache
      expires: Mon, 01 Jan 1990 00:00:00 GMT
      date: Mon, 18 Mar 2024 12:45:49 GMT
      content-encoding: gzip
      p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
      content-security-policy: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/docs-tt
      referrer-policy: origin
      x-content-type-options: nosniff
      x-frame-options: SAMEORIGIN
      x-xss-protection: 1; mode=block
      server: GSE
      set-cookie: NID=512=NBph5Q7Tsh3_aozILIboYvsSy9BiSqrMN3CXL1Xr0NObnh1vOp_HsDvYgYQVMjfE_-UxkrAVcqqnGWb6yiSwS8UbWwwSE78_pM4BIWXrDZ0BV_70D7JU8DFPTIVfsuS6JQKRBcvOC6S5UxTsZWgiff-0uwA-T8THQrYZtIwFYMI; expires=Tue, 17-Sep-2024 12:45:49 GMT; path=/; domain=.google.com; Secure; HttpOnly
      alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
    • flag-nl
      GET
      https://drive.google.com/auth_warmup
      MicrosoftEdgeCP.exe
      Remote address:
      142.250.179.142:443
      Request
      GET /auth_warmup HTTP/2.0
      host: drive.google.com
      accept: text/html, application/xhtml+xml, image/jxr, */*
      referer: https://drive.google.com/
      accept-language: en-US
      user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
      accept-encoding: gzip, deflate, br
      cookie: NID=512=NBph5Q7Tsh3_aozILIboYvsSy9BiSqrMN3CXL1Xr0NObnh1vOp_HsDvYgYQVMjfE_-UxkrAVcqqnGWb6yiSwS8UbWwwSE78_pM4BIWXrDZ0BV_70D7JU8DFPTIVfsuS6JQKRBcvOC6S5UxTsZWgiff-0uwA-T8THQrYZtIwFYMI
      Response
      HTTP/2.0 200
      content-type: text/html; charset=utf-8
      vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
      cache-control: no-cache, no-store, max-age=0, must-revalidate
      pragma: no-cache
      expires: Mon, 01 Jan 1990 00:00:00 GMT
      date: Mon, 18 Mar 2024 12:45:54 GMT
      strict-transport-security: max-age=31536000
      content-security-policy: script-src 'unsafe-inline' https: http:;object-src 'none';base-uri 'self';report-uri /_/DriveOsidBootstrap/cspreport;worker-src 'self'
      content-security-policy: require-trusted-types-for 'script';report-uri /_/DriveOsidBootstrap/cspreport
      permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
      accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
      cross-origin-opener-policy: same-origin
      cross-origin-resource-policy: same-site
      reporting-endpoints: default="/_/DriveOsidBootstrap/web-reports?context=eJzjEtHikmJw1pBi2O7jweKUPoM1CIiFeDia3j9Yzyawo-HHLCYAl_4K5Q"
      server: ESF
      content-length: 0
      x-xss-protection: 0
      x-content-type-options: nosniff
      alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
    • flag-nl
      GET
      https://drive.google.com/drivesharing/clientmodel?id=12gwImk1shFaL4tb5QbtNVGte6qey4yju&foreignService=texmex&authuser=0&origin=https%3A%2F%2Fdrive.google.com
      MicrosoftEdgeCP.exe
      Remote address:
      142.250.179.142:443
      Request
      GET /drivesharing/clientmodel?id=12gwImk1shFaL4tb5QbtNVGte6qey4yju&foreignService=texmex&authuser=0&origin=https%3A%2F%2Fdrive.google.com HTTP/2.0
      host: drive.google.com
      accept: text/html, application/xhtml+xml, image/jxr, */*
      referer: https://drive.google.com/
      accept-language: en-US
      user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
      accept-encoding: gzip, deflate, br
      cookie: NID=512=NBph5Q7Tsh3_aozILIboYvsSy9BiSqrMN3CXL1Xr0NObnh1vOp_HsDvYgYQVMjfE_-UxkrAVcqqnGWb6yiSwS8UbWwwSE78_pM4BIWXrDZ0BV_70D7JU8DFPTIVfsuS6JQKRBcvOC6S5UxTsZWgiff-0uwA-T8THQrYZtIwFYMI
      Response
      HTTP/2.0 302
      content-type: application/binary
      x-frame-options: ALLOW-FROM https://drive.google.com
      content-security-policy: frame-ancestors https://drive.google.com
      content-security-policy: script-src 'unsafe-inline' https: http:;object-src 'none';base-uri 'self';report-uri /drivesharing/_/DriveShareDialogUi/cspreport;worker-src 'self'
      content-security-policy: require-trusted-types-for 'script';report-uri /drivesharing/_/DriveShareDialogUi/cspreport
      vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
      location: https://accounts.google.com/ServiceLogin?passive=1209600&osid=1&continue=https://drive.google.com/drivesharing/clientmodel?id%3D12gwImk1shFaL4tb5QbtNVGte6qey4yju%26foreignService%3Dtexmex%26authuser%3D0%26origin%3Dhttps://drive.google.com&followup=https://drive.google.com/drivesharing/clientmodel?id%3D12gwImk1shFaL4tb5QbtNVGte6qey4yju%26foreignService%3Dtexmex%26authuser%3D0%26origin%3Dhttps://drive.google.com
      strict-transport-security: max-age=31536000
      cross-origin-resource-policy: same-site
      permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
      accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
      cross-origin-opener-policy: same-origin
      date: Mon, 18 Mar 2024 12:45:54 GMT
      server: ESF
      content-length: 0
      x-xss-protection: 0
      x-content-type-options: nosniff
      alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
    • flag-nl
      GET
      https://drive.google.com/uc?id=12gwImk1shFaL4tb5QbtNVGte6qey4yju&export=download
      MicrosoftEdgeCP.exe
      Remote address:
      142.250.179.142:443
      Request
      GET /uc?id=12gwImk1shFaL4tb5QbtNVGte6qey4yju&export=download HTTP/2.0
      host: drive.google.com
      accept: text/html, application/xhtml+xml, image/jxr, */*
      accept-language: en-US
      referer: https://drive.google.com/
      user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
      accept-encoding: gzip, deflate, br
      cookie: NID=512=NBph5Q7Tsh3_aozILIboYvsSy9BiSqrMN3CXL1Xr0NObnh1vOp_HsDvYgYQVMjfE_-UxkrAVcqqnGWb6yiSwS8UbWwwSE78_pM4BIWXrDZ0BV_70D7JU8DFPTIVfsuS6JQKRBcvOC6S5UxTsZWgiff-0uwA-T8THQrYZtIwFYMI; OGPC=19010599-1:
      Response
      HTTP/2.0 200
      content-type: text/html; charset=utf-8
      cache-control: no-cache, no-store, max-age=0, must-revalidate
      pragma: no-cache
      expires: Mon, 01 Jan 1990 00:00:00 GMT
      date: Mon, 18 Mar 2024 12:46:15 GMT
      strict-transport-security: max-age=31536000
      content-security-policy: require-trusted-types-for 'script';report-uri /_/DriveUntrustedContentHttp/cspreport
      content-security-policy: script-src 'unsafe-inline' https: http:;object-src 'none';base-uri 'self';report-uri /_/DriveUntrustedContentHttp/cspreport;worker-src 'self'
      accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
      permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
      cross-origin-opener-policy: same-origin
      reporting-endpoints: default="/_/DriveUntrustedContentHttp/web-reports?context=eJzjUtHikmJw1pBi2O7jwfJ6z3TW90BsvXc6qz0QO6XPYA0CYiEejunvH6xnE7jx9dk5JgC3HBN3"
      content-encoding: gzip
      server: ESF
      x-xss-protection: 0
      x-frame-options: SAMEORIGIN
      x-content-type-options: nosniff
      alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
    • flag-us
      DNS
      142.179.250.142.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      142.179.250.142.in-addr.arpa
      IN PTR
      Response
      142.179.250.142.in-addr.arpa
      IN PTR
      ams17s10-in-f141e100net
    • flag-us
      DNS
      173.178.17.96.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      173.178.17.96.in-addr.arpa
      IN PTR
      Response
      173.178.17.96.in-addr.arpa
      IN PTR
      a96-17-178-173deploystaticakamaitechnologiescom
    • flag-us
      DNS
      35.215.58.216.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      35.215.58.216.in-addr.arpa
      IN PTR
      Response
      35.215.58.216.in-addr.arpa
      IN PTR
      par21s17-in-f31e100net
    • flag-us
      DNS
      42.36.251.142.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      42.36.251.142.in-addr.arpa
      IN PTR
      Response
      42.36.251.142.in-addr.arpa
      IN PTR
      ams17s12-in-f101e100net
    • flag-us
      DNS
      3.214.58.216.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      3.214.58.216.in-addr.arpa
      IN PTR
      Response
      3.214.58.216.in-addr.arpa
      IN PTR
      ams17s09-in-f31e100net
      3.214.58.216.in-addr.arpa
      IN PTR
      lhr26s05-in-f3�F
      3.214.58.216.in-addr.arpa
      IN PTR
      �]
    • flag-nl
      GET
      https://drive.google.com/favicon.ico
      MicrosoftEdge.exe
      Remote address:
      142.250.179.142:443
      Request
      GET /favicon.ico HTTP/2.0
      host: drive.google.com
      accept: */*
      accept-encoding: gzip, deflate, br
      user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
      dnt: 1
      Response
      HTTP/2.0 302
      location: https://ssl.gstatic.com/images/branding/product/1x/drive_2020q4_32dp.png
      cache-control: private
      cross-origin-resource-policy: cross-origin
      content-type: text/html; charset=UTF-8
      x-content-type-options: nosniff
      date: Mon, 18 Mar 2024 12:45:57 GMT
      server: sffe
      content-length: 269
      x-xss-protection: 0
      alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
    • flag-us
      DNS
      ssl.gstatic.com
      MicrosoftEdge.exe
      Remote address:
      8.8.8.8:53
      Request
      ssl.gstatic.com
      IN A
      Response
      ssl.gstatic.com
      IN A
      216.58.214.67
    • flag-fr
      GET
      https://ssl.gstatic.com/docs/common/viewer/v3/v-sprite56.svg
      MicrosoftEdgeCP.exe
      Remote address:
      216.58.214.67:443
      Request
      GET /docs/common/viewer/v3/v-sprite56.svg HTTP/2.0
      host: ssl.gstatic.com
      accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5
      referer: https://drive.google.com/
      accept-language: en-US
      user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
      accept-encoding: gzip, deflate, br
      Response
      HTTP/2.0 200
      accept-ranges: bytes
      content-encoding: br
      content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/docs
      cross-origin-resource-policy: cross-origin
      cross-origin-opener-policy-report-only: same-origin; report-to="docs"
      report-to: {"group":"docs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/docs"}]}
      content-length: 50079
      x-content-type-options: nosniff
      server: sffe
      x-xss-protection: 0
      date: Thu, 14 Mar 2024 20:07:59 GMT
      expires: Fri, 14 Mar 2025 20:07:59 GMT
      cache-control: public, max-age=31536000
      last-modified: Thu, 15 Feb 2024 22:18:00 GMT
      content-type: image/svg+xml
      vary: Accept-Encoding, Origin
      age: 319077
      alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
    • flag-fr
      GET
      https://ssl.gstatic.com/docs/common/cleardot.gif?zx=t46wvie4qya4
      MicrosoftEdgeCP.exe
      Remote address:
      216.58.214.67:443
      Request
      GET /docs/common/cleardot.gif?zx=t46wvie4qya4 HTTP/2.0
      host: ssl.gstatic.com
      accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5
      referer: https://drive.google.com/
      accept-language: en-US
      user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
      accept-encoding: gzip, deflate, br
      Response
      HTTP/2.0 200
      accept-ranges: bytes
      content-type: image/gif
      vary: Origin
      content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/docs
      cross-origin-resource-policy: cross-origin
      cross-origin-opener-policy-report-only: same-origin; report-to="docs"
      report-to: {"group":"docs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/docs"}]}
      content-length: 43
      date: Mon, 18 Mar 2024 12:45:56 GMT
      expires: Tue, 18 Mar 2025 12:45:56 GMT
      cache-control: public, max-age=31536000
      last-modified: Thu, 02 Nov 2023 22:48:00 GMT
      x-content-type-options: nosniff
      server: sffe
      x-xss-protection: 0
      alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
    • flag-fr
      GET
      https://ssl.gstatic.com/docs/common/cleardot.gif?zx=bu6j1oduc2me
      MicrosoftEdgeCP.exe
      Remote address:
      216.58.214.67:443
      Request
      GET /docs/common/cleardot.gif?zx=bu6j1oduc2me HTTP/2.0
      host: ssl.gstatic.com
      accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5
      referer: https://drive.google.com/
      accept-language: en-US
      user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
      accept-encoding: gzip, deflate, br
      Response
      HTTP/2.0 200
      accept-ranges: bytes
      content-type: image/gif
      vary: Origin
      content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/docs
      cross-origin-resource-policy: cross-origin
      cross-origin-opener-policy-report-only: same-origin; report-to="docs"
      report-to: {"group":"docs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/docs"}]}
      content-length: 43
      date: Mon, 18 Mar 2024 12:46:21 GMT
      expires: Tue, 18 Mar 2025 12:46:21 GMT
      cache-control: public, max-age=31536000
      last-modified: Thu, 02 Nov 2023 22:48:00 GMT
      x-content-type-options: nosniff
      server: sffe
      x-xss-protection: 0
      alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
    • flag-fr
      GET
      https://ssl.gstatic.com/docs/common/cleardot.gif?zx=gdz8hjd655bo
      MicrosoftEdgeCP.exe
      Remote address:
      216.58.214.67:443
      Request
      GET /docs/common/cleardot.gif?zx=gdz8hjd655bo HTTP/2.0
      host: ssl.gstatic.com
      accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5
      referer: https://drive.google.com/
      accept-language: en-US
      user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
      accept-encoding: gzip, deflate, br
      Response
      HTTP/2.0 200
      accept-ranges: bytes
      content-type: image/gif
      vary: Origin
      content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/docs
      cross-origin-resource-policy: cross-origin
      cross-origin-opener-policy-report-only: same-origin; report-to="docs"
      report-to: {"group":"docs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/docs"}]}
      content-length: 43
      date: Mon, 18 Mar 2024 12:46:52 GMT
      expires: Tue, 18 Mar 2025 12:46:52 GMT
      cache-control: public, max-age=31536000
      last-modified: Thu, 02 Nov 2023 22:48:00 GMT
      x-content-type-options: nosniff
      server: sffe
      x-xss-protection: 0
      alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
    • flag-fr
      GET
      https://ssl.gstatic.com/docs/common/cleardot.gif?zx=smrusif3dzin
      MicrosoftEdgeCP.exe
      Remote address:
      216.58.214.67:443
      Request
      GET /docs/common/cleardot.gif?zx=smrusif3dzin HTTP/2.0
      host: ssl.gstatic.com
      accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5
      referer: https://drive.google.com/
      accept-language: en-US
      user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
      accept-encoding: gzip, deflate, br
      Response
      HTTP/2.0 200
      accept-ranges: bytes
      content-type: image/gif
      vary: Origin
      content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/docs
      cross-origin-resource-policy: cross-origin
      cross-origin-opener-policy-report-only: same-origin; report-to="docs"
      report-to: {"group":"docs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/docs"}]}
      content-length: 43
      date: Mon, 18 Mar 2024 12:47:29 GMT
      expires: Tue, 18 Mar 2025 12:47:29 GMT
      cache-control: public, max-age=31536000
      last-modified: Thu, 02 Nov 2023 22:48:00 GMT
      x-content-type-options: nosniff
      server: sffe
      x-xss-protection: 0
      alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
    • flag-us
      DNS
      ogs.google.com
      MicrosoftEdgeCP.exe
      Remote address:
      8.8.8.8:53
      Request
      ogs.google.com
      IN A
      Response
      ogs.google.com
      IN CNAME
      www3.l.google.com
      www3.l.google.com
      IN A
      172.217.20.206
    • flag-us
      DNS
      ogs.google.com
      MicrosoftEdgeCP.exe
      Remote address:
      8.8.8.8:53
      Request
      ogs.google.com
      IN A
    • flag-us
      DNS
      apis.google.com
      MicrosoftEdgeCP.exe
      Remote address:
      8.8.8.8:53
      Request
      apis.google.com
      IN A
      Response
      apis.google.com
      IN CNAME
      plus.l.google.com
      plus.l.google.com
      IN A
      172.217.18.206
    • flag-fr
      GET
      https://apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.uvrmm4sgViM.O/m=client/exm=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-soQ1xukOpN46EKPUFps9DoQSPjw/cb=gapi.loaded_1
      MicrosoftEdgeCP.exe
      Remote address:
      172.217.18.206:443
      Request
      GET /_/scs/abc-static/_/js/k=gapi.gapi.en.uvrmm4sgViM.O/m=client/exm=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-soQ1xukOpN46EKPUFps9DoQSPjw/cb=gapi.loaded_1 HTTP/2.0
      host: apis.google.com
      accept: application/javascript, */*;q=0.8
      referer: https://drive.google.com/
      accept-language: en-US
      user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
      accept-encoding: gzip, deflate, br
      cookie: NID=512=NBph5Q7Tsh3_aozILIboYvsSy9BiSqrMN3CXL1Xr0NObnh1vOp_HsDvYgYQVMjfE_-UxkrAVcqqnGWb6yiSwS8UbWwwSE78_pM4BIWXrDZ0BV_70D7JU8DFPTIVfsuS6JQKRBcvOC6S5UxTsZWgiff-0uwA-T8THQrYZtIwFYMI
      Response
      HTTP/2.0 200
      accept-ranges: bytes
      content-encoding: gzip
      access-control-allow-origin: *
      content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
      cross-origin-resource-policy: cross-origin
      cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
      report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
      content-length: 40748
      x-content-type-options: nosniff
      server: sffe
      x-xss-protection: 0
      date: Thu, 14 Mar 2024 19:58:51 GMT
      expires: Fri, 14 Mar 2025 19:58:51 GMT
      cache-control: public, max-age=31536000
      last-modified: Fri, 01 Mar 2024 15:11:18 GMT
      content-type: text/javascript; charset=UTF-8
      vary: Accept-Encoding
      age: 319624
      alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
    • flag-fr
      GET
      https://apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.uvrmm4sgViM.O/m=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-soQ1xukOpN46EKPUFps9DoQSPjw/cb=gapi.loaded_0
      MicrosoftEdgeCP.exe
      Remote address:
      172.217.18.206:443
      Request
      GET /_/scs/abc-static/_/js/k=gapi.gapi.en.uvrmm4sgViM.O/m=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-soQ1xukOpN46EKPUFps9DoQSPjw/cb=gapi.loaded_0 HTTP/2.0
      host: apis.google.com
      accept: application/javascript, */*;q=0.8
      referer: https://drive.google.com/
      accept-language: en-US
      user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
      accept-encoding: gzip, deflate, br
      cookie: NID=512=NBph5Q7Tsh3_aozILIboYvsSy9BiSqrMN3CXL1Xr0NObnh1vOp_HsDvYgYQVMjfE_-UxkrAVcqqnGWb6yiSwS8UbWwwSE78_pM4BIWXrDZ0BV_70D7JU8DFPTIVfsuS6JQKRBcvOC6S5UxTsZWgiff-0uwA-T8THQrYZtIwFYMI
      Response
      HTTP/2.0 200
      accept-ranges: bytes
      content-encoding: gzip
      access-control-allow-origin: *
      content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
      cross-origin-resource-policy: cross-origin
      cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
      report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
      content-length: 70524
      x-content-type-options: nosniff
      server: sffe
      x-xss-protection: 0
      date: Thu, 14 Mar 2024 20:03:04 GMT
      expires: Fri, 14 Mar 2025 20:03:04 GMT
      cache-control: public, max-age=31536000
      last-modified: Fri, 01 Mar 2024 15:11:18 GMT
      content-type: text/javascript; charset=UTF-8
      vary: Accept-Encoding
      age: 319371
      alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
    • flag-fr
      GET
      https://apis.google.com/js/googleapis.proxy.js?onload=startup
      MicrosoftEdgeCP.exe
      Remote address:
      172.217.18.206:443
      Request
      GET /js/googleapis.proxy.js?onload=startup HTTP/2.0
      host: apis.google.com
      accept: application/javascript, */*;q=0.8
      referer: https://content.googleapis.com/static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.gapi.en.uvrmm4sgViM.O%2Fd%3D1%2Frs%3DAHpOoo-soQ1xukOpN46EKPUFps9DoQSPjw%2Fm%3D__features__
      accept-language: en-US
      user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
      accept-encoding: gzip, deflate, br
      cookie: NID=512=NBph5Q7Tsh3_aozILIboYvsSy9BiSqrMN3CXL1Xr0NObnh1vOp_HsDvYgYQVMjfE_-UxkrAVcqqnGWb6yiSwS8UbWwwSE78_pM4BIWXrDZ0BV_70D7JU8DFPTIVfsuS6JQKRBcvOC6S5UxTsZWgiff-0uwA-T8THQrYZtIwFYMI
      Response
      HTTP/2.0 200
      accept-ranges: bytes
      vary: Accept-Encoding
      content-encoding: gzip
      content-type: text/javascript
      access-control-allow-origin: *
      content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
      cross-origin-resource-policy: cross-origin
      cross-origin-opener-policy: same-origin; report-to="gapi-team"
      report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
      timing-allow-origin: *
      content-length: 5895
      date: Mon, 18 Mar 2024 12:45:57 GMT
      expires: Mon, 18 Mar 2024 12:45:57 GMT
      cache-control: private, max-age=1800, stale-while-revalidate=1800
      etag: "97531c7107028fa4"
      x-content-type-options: nosniff
      server: sffe
      x-xss-protection: 0
      alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
    • flag-fr
      GET
      https://apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.uvrmm4sgViM.O/m=googleapis_proxy/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-soQ1xukOpN46EKPUFps9DoQSPjw/cb=gapi.loaded_0?le=scs
      MicrosoftEdgeCP.exe
      Remote address:
      172.217.18.206:443
      Request
      GET /_/scs/abc-static/_/js/k=gapi.gapi.en.uvrmm4sgViM.O/m=googleapis_proxy/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-soQ1xukOpN46EKPUFps9DoQSPjw/cb=gapi.loaded_0?le=scs HTTP/2.0
      host: apis.google.com
      accept: application/javascript, */*;q=0.8
      referer: https://content.googleapis.com/static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.gapi.en.uvrmm4sgViM.O%2Fd%3D1%2Frs%3DAHpOoo-soQ1xukOpN46EKPUFps9DoQSPjw%2Fm%3D__features__
      accept-language: en-US
      user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
      accept-encoding: gzip, deflate, br
      cookie: NID=512=NBph5Q7Tsh3_aozILIboYvsSy9BiSqrMN3CXL1Xr0NObnh1vOp_HsDvYgYQVMjfE_-UxkrAVcqqnGWb6yiSwS8UbWwwSE78_pM4BIWXrDZ0BV_70D7JU8DFPTIVfsuS6JQKRBcvOC6S5UxTsZWgiff-0uwA-T8THQrYZtIwFYMI
      Response
      HTTP/2.0 200
      accept-ranges: bytes
      content-encoding: gzip
      access-control-allow-origin: *
      content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
      cross-origin-resource-policy: cross-origin
      cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
      report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
      content-length: 27780
      x-content-type-options: nosniff
      server: sffe
      x-xss-protection: 0
      date: Thu, 14 Mar 2024 20:09:42 GMT
      expires: Fri, 14 Mar 2025 20:09:42 GMT
      cache-control: public, max-age=31536000
      last-modified: Fri, 01 Mar 2024 15:11:18 GMT
      content-type: text/javascript; charset=UTF-8
      vary: Accept-Encoding
      age: 318975
      alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
    • flag-us
      DNS
      accounts.google.com
      MicrosoftEdgeCP.exe
      Remote address:
      8.8.8.8:53
      Request
      accounts.google.com
      IN A
      Response
      accounts.google.com
      IN A
      209.85.203.84
    • flag-ie
      GET
      https://accounts.google.com/ServiceLogin?passive=1209600&osid=1&continue=https://drive.google.com/drivesharing/clientmodel?id%3D12gwImk1shFaL4tb5QbtNVGte6qey4yju%26foreignService%3Dtexmex%26authuser%3D0%26origin%3Dhttps://drive.google.com&followup=https://drive.google.com/drivesharing/clientmodel?id%3D12gwImk1shFaL4tb5QbtNVGte6qey4yju%26foreignService%3Dtexmex%26authuser%3D0%26origin%3Dhttps://drive.google.com
      MicrosoftEdgeCP.exe
      Remote address:
      209.85.203.84:443
      Request
      GET /ServiceLogin?passive=1209600&osid=1&continue=https://drive.google.com/drivesharing/clientmodel?id%3D12gwImk1shFaL4tb5QbtNVGte6qey4yju%26foreignService%3Dtexmex%26authuser%3D0%26origin%3Dhttps://drive.google.com&followup=https://drive.google.com/drivesharing/clientmodel?id%3D12gwImk1shFaL4tb5QbtNVGte6qey4yju%26foreignService%3Dtexmex%26authuser%3D0%26origin%3Dhttps://drive.google.com HTTP/2.0
      host: accounts.google.com
      accept: text/html, application/xhtml+xml, image/jxr, */*
      referer: https://drive.google.com/
      accept-language: en-US
      user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
      accept-encoding: gzip, deflate, br
      cookie: NID=512=NBph5Q7Tsh3_aozILIboYvsSy9BiSqrMN3CXL1Xr0NObnh1vOp_HsDvYgYQVMjfE_-UxkrAVcqqnGWb6yiSwS8UbWwwSE78_pM4BIWXrDZ0BV_70D7JU8DFPTIVfsuS6JQKRBcvOC6S5UxTsZWgiff-0uwA-T8THQrYZtIwFYMI
      Response
      HTTP/2.0 302
      content-type: application/binary
      set-cookie: __Host-GAPS=1:FGE4Ij5GIKc1WdyF_qzvmC-vPpwfig:eQfY8ZcbLfYB6LdX; Expires=Wed, 18-Mar-2026 12:45:56 GMT; Path=/; Secure; HttpOnly; Priority=HIGH
      cache-control: no-cache, no-store, max-age=0, must-revalidate
      pragma: no-cache
      expires: Mon, 01 Jan 1990 00:00:00 GMT
      date: Mon, 18 Mar 2024 12:45:56 GMT
      location: https://accounts.google.com/InteractiveLogin?continue=https://drive.google.com/drivesharing/clientmodel?id%3D12gwImk1shFaL4tb5QbtNVGte6qey4yju%26foreignService%3Dtexmex%26authuser%3D0%26origin%3Dhttps://drive.google.com&followup=https://drive.google.com/drivesharing/clientmodel?id%3D12gwImk1shFaL4tb5QbtNVGte6qey4yju%26foreignService%3Dtexmex%26authuser%3D0%26origin%3Dhttps://drive.google.com&osid=1&passive=1209600&ifkv=ARZ0qKJAacSg9JS6Btd3detbDdV7JgZ_-qThJEgAFFboVCRcuhYqHMD516wNKZCaUKKVrFjy_cEDZA
      strict-transport-security: max-age=31536000; includeSubDomains
      cross-origin-resource-policy: cross-origin
      cross-origin-opener-policy: unsafe-none
      content-security-policy: require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport
      content-security-policy: script-src 'unsafe-inline' https: http:;object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self'
      accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
      permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
      server: ESF
      content-length: 0
      x-xss-protection: 0
      x-content-type-options: nosniff
      alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
    • flag-ie
      GET
      https://accounts.google.com/InteractiveLogin?continue=https://drive.google.com/drivesharing/clientmodel?id%3D12gwImk1shFaL4tb5QbtNVGte6qey4yju%26foreignService%3Dtexmex%26authuser%3D0%26origin%3Dhttps://drive.google.com&followup=https://drive.google.com/drivesharing/clientmodel?id%3D12gwImk1shFaL4tb5QbtNVGte6qey4yju%26foreignService%3Dtexmex%26authuser%3D0%26origin%3Dhttps://drive.google.com&osid=1&passive=1209600&ifkv=ARZ0qKJAacSg9JS6Btd3detbDdV7JgZ_-qThJEgAFFboVCRcuhYqHMD516wNKZCaUKKVrFjy_cEDZA
      MicrosoftEdgeCP.exe
      Remote address:
      209.85.203.84:443
      Request
      GET /InteractiveLogin?continue=https://drive.google.com/drivesharing/clientmodel?id%3D12gwImk1shFaL4tb5QbtNVGte6qey4yju%26foreignService%3Dtexmex%26authuser%3D0%26origin%3Dhttps://drive.google.com&followup=https://drive.google.com/drivesharing/clientmodel?id%3D12gwImk1shFaL4tb5QbtNVGte6qey4yju%26foreignService%3Dtexmex%26authuser%3D0%26origin%3Dhttps://drive.google.com&osid=1&passive=1209600&ifkv=ARZ0qKJAacSg9JS6Btd3detbDdV7JgZ_-qThJEgAFFboVCRcuhYqHMD516wNKZCaUKKVrFjy_cEDZA HTTP/2.0
      host: accounts.google.com
      accept: text/html, application/xhtml+xml, image/jxr, */*
      referer: https://drive.google.com/
      accept-language: en-US
      user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
      accept-encoding: gzip, deflate, br
      cookie: NID=512=NBph5Q7Tsh3_aozILIboYvsSy9BiSqrMN3CXL1Xr0NObnh1vOp_HsDvYgYQVMjfE_-UxkrAVcqqnGWb6yiSwS8UbWwwSE78_pM4BIWXrDZ0BV_70D7JU8DFPTIVfsuS6JQKRBcvOC6S5UxTsZWgiff-0uwA-T8THQrYZtIwFYMI; __Host-GAPS=1:FGE4Ij5GIKc1WdyF_qzvmC-vPpwfig:eQfY8ZcbLfYB6LdX
      Response
      HTTP/2.0 302
      content-type: text/html; charset=UTF-8
      set-cookie: __Host-GAPS=1:VJDSBAjWCEWlngFrcga1XlwUSfidLg:2n3EAsXSQLN52xWN;Path=/;Expires=Wed, 18-Mar-2026 12:45:57 GMT;Secure;HttpOnly;Priority=HIGH
      x-frame-options: DENY
      cache-control: no-cache, no-store, max-age=0, must-revalidate
      pragma: no-cache
      expires: Mon, 01 Jan 1990 00:00:00 GMT
      date: Mon, 18 Mar 2024 12:45:57 GMT
      location: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fdrive.google.com%2Fdrivesharing%2Fclientmodel%3Fid%3D12gwImk1shFaL4tb5QbtNVGte6qey4yju%26foreignService%3Dtexmex%26authuser%3D0%26origin%3Dhttps%3A%2F%2Fdrive.google.com&followup=https%3A%2F%2Fdrive.google.com%2Fdrivesharing%2Fclientmodel%3Fid%3D12gwImk1shFaL4tb5QbtNVGte6qey4yju%26foreignService%3Dtexmex%26authuser%3D0%26origin%3Dhttps%3A%2F%2Fdrive.google.com&ifkv=ARZ0qKKFmRoMfzdq5lc0veCTVB0IJLP8MM53GLvKZMin88R4HzCcHedY-WqAemPDSU7EFDUjEy_lNw&osid=1&passive=1209600&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-1207659268%3A1710765957416607&theme=mn&ddm=0
      strict-transport-security: max-age=31536000; includeSubDomains
      content-security-policy: require-trusted-types-for 'script';report-uri /cspreport
      content-security-policy: script-src 'unsafe-inline' 'unsafe-eval' https: http:;object-src 'none';base-uri 'self';report-uri /cspreport
      report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
      cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
      content-encoding: gzip
      x-content-type-options: nosniff
      x-xss-protection: 1; mode=block
      content-length: 503
      server: GSE
      alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
    • flag-ie
      GET
      https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fdrive.google.com%2Fdrivesharing%2Fclientmodel%3Fid%3D12gwImk1shFaL4tb5QbtNVGte6qey4yju%26foreignService%3Dtexmex%26authuser%3D0%26origin%3Dhttps%3A%2F%2Fdrive.google.com&followup=https%3A%2F%2Fdrive.google.com%2Fdrivesharing%2Fclientmodel%3Fid%3D12gwImk1shFaL4tb5QbtNVGte6qey4yju%26foreignService%3Dtexmex%26authuser%3D0%26origin%3Dhttps%3A%2F%2Fdrive.google.com&ifkv=ARZ0qKKFmRoMfzdq5lc0veCTVB0IJLP8MM53GLvKZMin88R4HzCcHedY-WqAemPDSU7EFDUjEy_lNw&osid=1&passive=1209600&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-1207659268%3A1710765957416607&theme=mn&ddm=0
      MicrosoftEdgeCP.exe
      Remote address:
      209.85.203.84:443
      Request
      GET /v3/signin/identifier?continue=https%3A%2F%2Fdrive.google.com%2Fdrivesharing%2Fclientmodel%3Fid%3D12gwImk1shFaL4tb5QbtNVGte6qey4yju%26foreignService%3Dtexmex%26authuser%3D0%26origin%3Dhttps%3A%2F%2Fdrive.google.com&followup=https%3A%2F%2Fdrive.google.com%2Fdrivesharing%2Fclientmodel%3Fid%3D12gwImk1shFaL4tb5QbtNVGte6qey4yju%26foreignService%3Dtexmex%26authuser%3D0%26origin%3Dhttps%3A%2F%2Fdrive.google.com&ifkv=ARZ0qKKFmRoMfzdq5lc0veCTVB0IJLP8MM53GLvKZMin88R4HzCcHedY-WqAemPDSU7EFDUjEy_lNw&osid=1&passive=1209600&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-1207659268%3A1710765957416607&theme=mn&ddm=0 HTTP/2.0
      host: accounts.google.com
      accept: text/html, application/xhtml+xml, image/jxr, */*
      referer: https://drive.google.com/
      accept-language: en-US
      user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
      accept-encoding: gzip, deflate, br
      cookie: NID=512=NBph5Q7Tsh3_aozILIboYvsSy9BiSqrMN3CXL1Xr0NObnh1vOp_HsDvYgYQVMjfE_-UxkrAVcqqnGWb6yiSwS8UbWwwSE78_pM4BIWXrDZ0BV_70D7JU8DFPTIVfsuS6JQKRBcvOC6S5UxTsZWgiff-0uwA-T8THQrYZtIwFYMI; __Host-GAPS=1:VJDSBAjWCEWlngFrcga1XlwUSfidLg:2n3EAsXSQLN52xWN
      Response
      HTTP/2.0 200
      content-type: text/html; charset=utf-8
      x-frame-options: DENY
      vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
      x-auto-login: realm=com.google&args=continue%3Dhttps://drive.google.com/drivesharing/clientmodel?id%253D12gwImk1shFaL4tb5QbtNVGte6qey4yju%2526foreignService%253Dtexmex%2526authuser%253D0%2526origin%253Dhttps://drive.google.com
      x-ua-compatible: IE=edge
      cache-control: no-cache, no-store, max-age=0, must-revalidate
      pragma: no-cache
      expires: Mon, 01 Jan 1990 00:00:00 GMT
      date: Mon, 18 Mar 2024 12:45:57 GMT
      strict-transport-security: max-age=31536000; includeSubDomains
      content-security-policy: script-src 'unsafe-inline' https: http:;object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self'
      content-security-policy: require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport
      cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi"
      report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi"}]}
      cross-origin-resource-policy: same-site
      accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
      permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
      reporting-endpoints: default="/v3/signin/_/AccountsSignInUi/web-reports?context=eJzjWsCoxSXF4KwhxbBHaReTY-wTJlcgntv9lGkhEC9__5RpNRDHrHrGlADEB-OeMx0F4rcJL5g-AnFr6wumTiDe3POCaTsQT-N5yTQLiI9sf8l0AojffXnJxPP1JZMEEGsA8XYfDxa-ddNZVYBYd_101lAglv81nVUZiJ3SZ7AGAbFP_QzWGCBuvXmOdSoQC_FwtL5_sJ5N4MaVeQeYAGABT2g"
      content-encoding: gzip
      server: ESF
      x-xss-protection: 0
      x-content-type-options: nosniff
      alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
    • flag-fr
      GET
      https://ssl.gstatic.com/images/branding/product/1x/drive_2020q4_32dp.png
      MicrosoftEdge.exe
      Remote address:
      216.58.214.67:443
      Request
      GET /images/branding/product/1x/drive_2020q4_32dp.png HTTP/2.0
      host: ssl.gstatic.com
      accept: */*
      accept-encoding: gzip, deflate, br
      user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
      dnt: 1
      Response
      HTTP/2.0 200
      accept-ranges: bytes
      cross-origin-resource-policy: cross-origin
      cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
      report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
      content-length: 831
      x-content-type-options: nosniff
      server: sffe
      x-xss-protection: 0
      date: Thu, 14 Mar 2024 20:06:34 GMT
      expires: Fri, 14 Mar 2025 20:06:34 GMT
      cache-control: public, max-age=31536000
      last-modified: Fri, 21 Aug 2020 00:15:00 GMT
      content-type: image/png
      vary: Origin
      age: 319163
      alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
    • flag-fr
      GET
      https://ssl.gstatic.com/docs/doclist/images/drive_2022q3_32dp.png
      MicrosoftEdge.exe
      Remote address:
      216.58.214.67:443
      Request
      GET /docs/doclist/images/drive_2022q3_32dp.png HTTP/2.0
      host: ssl.gstatic.com
      accept: */*
      accept-encoding: gzip, deflate, br
      user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
      dnt: 1
      Response
      HTTP/2.0 200
      accept-ranges: bytes
      content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/docs
      cross-origin-resource-policy: cross-origin
      cross-origin-opener-policy-report-only: same-origin; report-to="docs"
      report-to: {"group":"docs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/docs"}]}
      content-length: 1594
      x-content-type-options: nosniff
      server: sffe
      x-xss-protection: 0
      date: Thu, 14 Mar 2024 20:03:21 GMT
      expires: Fri, 14 Mar 2025 20:03:21 GMT
      cache-control: public, max-age=31536000
      last-modified: Thu, 20 Jul 2023 22:48:00 GMT
      content-type: image/png
      vary: Origin
      age: 319374
      alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
    • flag-us
      DNS
      163.214.58.216.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      163.214.58.216.in-addr.arpa
      IN PTR
      Response
      163.214.58.216.in-addr.arpa
      IN PTR
      par10s42-in-f31e100net
      163.214.58.216.in-addr.arpa
      IN PTR
      mad01s26-in-f3�H
      163.214.58.216.in-addr.arpa
      IN PTR
      mad01s26-in-f163�H
    • flag-us
      DNS
      206.18.217.172.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      206.18.217.172.in-addr.arpa
      IN PTR
      Response
      206.18.217.172.in-addr.arpa
      IN PTR
      ham02s14-in-f2061e100net
      206.18.217.172.in-addr.arpa
      IN PTR
      par10s38-in-f14�J
    • flag-us
      DNS
      drive-thirdparty.googleusercontent.com
      MicrosoftEdgeCP.exe
      Remote address:
      8.8.8.8:53
      Request
      drive-thirdparty.googleusercontent.com
      IN A
      Response
      drive-thirdparty.googleusercontent.com
      IN CNAME
      googlehosted.l.googleusercontent.com
      googlehosted.l.googleusercontent.com
      IN A
      172.217.168.193
    • flag-nl
      GET
      https://drive-thirdparty.googleusercontent.com/16/type/application/x-msdownload
      MicrosoftEdgeCP.exe
      Remote address:
      172.217.168.193:443
      Request
      GET /16/type/application/x-msdownload HTTP/2.0
      host: drive-thirdparty.googleusercontent.com
      accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5
      referer: https://drive.google.com/
      accept-language: en-US
      user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
      accept-encoding: gzip, deflate, br
      Response
      HTTP/2.0 200
      accept-ranges: bytes
      content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-drive-dev-apps
      cross-origin-resource-policy: cross-origin
      cross-origin-opener-policy: same-origin; report-to="apps-drive-dev-apps"
      report-to: {"group":"apps-drive-dev-apps","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-drive-dev-apps"}]}
      content-length: 524
      x-content-type-options: nosniff
      server: sffe
      x-xss-protection: 0
      date: Mon, 18 Mar 2024 12:15:57 GMT
      expires: Mon, 18 Mar 2024 13:15:57 GMT
      cache-control: public, max-age=3600
      age: 1798
      last-modified: Tue, 16 Jul 2019 16:03:11 GMT
      content-type: image/png
      vary: Origin
      alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
    • flag-fr
      GET
      https://ogs.google.com/widget/callout?prid=19016402&pgid=19010599&puid=53bd5e343198ee56&cce=1&dc=1&origin=https%3A%2F%2Fdrive.google.com&cn=callout&pid=25&spid=25&hl=en
      MicrosoftEdgeCP.exe
      Remote address:
      172.217.20.206:443
      Request
      GET /widget/callout?prid=19016402&pgid=19010599&puid=53bd5e343198ee56&cce=1&dc=1&origin=https%3A%2F%2Fdrive.google.com&cn=callout&pid=25&spid=25&hl=en HTTP/2.0
      host: ogs.google.com
      accept: text/html, application/xhtml+xml, image/jxr, */*
      referer: https://drive.google.com/
      accept-language: en-US
      user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
      accept-encoding: gzip, deflate, br
      cookie: NID=512=NBph5Q7Tsh3_aozILIboYvsSy9BiSqrMN3CXL1Xr0NObnh1vOp_HsDvYgYQVMjfE_-UxkrAVcqqnGWb6yiSwS8UbWwwSE78_pM4BIWXrDZ0BV_70D7JU8DFPTIVfsuS6JQKRBcvOC6S5UxTsZWgiff-0uwA-T8THQrYZtIwFYMI
      Response
      HTTP/2.0 200
      content-type: text/html; charset=utf-8
      x-frame-options: ALLOW-FROM https://drive.google.com
      content-security-policy: frame-ancestors https://drive.google.com
      content-security-policy: require-trusted-types-for 'script';report-uri /_/OneGoogleWidgetUi/cspreport
      content-security-policy: script-src 'unsafe-inline' https: http:;object-src 'none';base-uri 'self';report-uri /_/OneGoogleWidgetUi/cspreport;worker-src 'self'
      vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
      x-ua-compatible: IE=edge
      expires: Mon, 18 Mar 2024 12:45:56 GMT
      date: Mon, 18 Mar 2024 12:45:56 GMT
      cache-control: private, max-age=3600
      strict-transport-security: max-age=31536000
      cross-origin-opener-policy: same-origin
      cross-origin-resource-policy: same-site
      permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
      cross-origin-embedder-policy-report-only: require-corp; report-to="CoepOneGoogleWidgetUi"
      report-to: {"group":"CoepOneGoogleWidgetUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/OneGoogleWidgetUi"}]}
      accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
      reporting-endpoints: default="/_/OneGoogleWidgetUi/web-reports?context=eJzjctHikmJw1pBiKFj5gundl5dMPF9fMkkAsQYQ862bzqoCxLrrp7OGArFT-gzWICD2qZ_BGgPErTfPsU4FYiEejpb3D9azCZz4PPcyIwBKMSIU"
      content-encoding: gzip
      server: ESF
      x-xss-protection: 0
      x-content-type-options: nosniff
      alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
    • flag-us
      DNS
      content.googleapis.com
      MicrosoftEdgeCP.exe
      Remote address:
      8.8.8.8:53
      Request
      content.googleapis.com
      IN A
      Response
      content.googleapis.com
      IN A
      142.250.201.170
      content.googleapis.com
      IN A
      172.217.18.202
      content.googleapis.com
      IN A
      216.58.214.74
      content.googleapis.com
      IN A
      142.250.74.234
      content.googleapis.com
      IN A
      142.250.75.234
      content.googleapis.com
      IN A
      216.58.214.170
      content.googleapis.com
      IN A
      172.217.20.170
      content.googleapis.com
      IN A
      172.217.20.202
      content.googleapis.com
      IN A
      216.58.213.74
      content.googleapis.com
      IN A
      142.250.179.74
      content.googleapis.com
      IN A
      142.250.179.106
      content.googleapis.com
      IN A
      142.250.178.138
    • flag-us
      DNS
      blobcomments-pa.clients6.google.com
      MicrosoftEdgeCP.exe
      Remote address:
      8.8.8.8:53
      Request
      blobcomments-pa.clients6.google.com
      IN A
      Response
      blobcomments-pa.clients6.google.com
      IN A
      172.217.23.202
    • flag-fr
      GET
      https://content.googleapis.com/static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.gapi.en.uvrmm4sgViM.O%2Fd%3D1%2Frs%3DAHpOoo-soQ1xukOpN46EKPUFps9DoQSPjw%2Fm%3D__features__
      MicrosoftEdgeCP.exe
      Remote address:
      142.250.201.170:443
      Request
      GET /static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.gapi.en.uvrmm4sgViM.O%2Fd%3D1%2Frs%3DAHpOoo-soQ1xukOpN46EKPUFps9DoQSPjw%2Fm%3D__features__ HTTP/2.0
      host: content.googleapis.com
      accept: text/html, application/xhtml+xml, image/jxr, */*
      referer: https://drive.google.com/
      accept-language: en-US
      user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
      accept-encoding: gzip, deflate, br
      Response
      HTTP/2.0 200
      accept-ranges: bytes
      vary: Accept-Encoding
      content-type: text/html
      content-security-policy: script-src 'nonce-QEThrD5ttnvyCQjOMgYXVA' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/apiserving; base-uri 'none'
      content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apiserving
      cross-origin-resource-policy: cross-origin
      cross-origin-opener-policy-report-only: same-origin; report-to="apiserving"
      report-to: {"group":"apiserving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apiserving"}]}
      content-length: 271
      date: Mon, 18 Mar 2024 12:45:56 GMT
      pragma: no-cache
      expires: Fri, 01 Jan 1990 00:00:00 GMT
      cache-control: no-cache, must-revalidate
      last-modified: Tue, 12 Mar 2024 05:08:00 GMT
      x-content-type-options: nosniff
      cross-origin-embedder-policy: require-corp; report-to="apiserving"
      content-encoding: gzip
      server: sffe
      x-xss-protection: 0
      alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
    • flag-fr
      GET
      https://content.googleapis.com/drive/v2beta/files/12gwImk1shFaL4tb5QbtNVGte6qey4yju?fields=alternateLink%2CcopyRequiresWriterPermission%2CcreatedDate%2Cdescription%2CdriveId%2CfileSize%2CiconLink%2Cid%2Clabels(starred%2C%20trashed)%2ClastViewedByMeDate%2CmodifiedDate%2Cshared%2CteamDriveId%2CabuseNoticeReason%2ClabelInfo%2CuserPermission(id%2Cname%2CemailAddress%2Cdomain%2Crole%2CadditionalRoles%2CphotoLink%2Ctype%2CwithLink)%2Cpermissions(id%2Cname%2CemailAddress%2Cdomain%2Crole%2CadditionalRoles%2CphotoLink%2Ctype%2CwithLink)%2Cparents(id)%2Ccapabilities(canMoveItemWithinDrive%2CcanMoveItemOutOfDrive%2CcanMoveItemOutOfTeamDrive%2CcanAddChildren%2CcanDownload%2CcanComment%2CcanEdit%2CcanInitiateEsignature%2CcanMoveChildrenWithinDrive%2CcanMoveItemIntoTeamDrive%2CcanRename%2CcanRemoveChildren)%2Ckind&supportsTeamDrives=true&includeBadgedLabels=true&enforceSingleParent=true&key=AIzaSyC1eQ1xj69IdTMeii5r7brs3R90eck-m7k
      MicrosoftEdgeCP.exe
      Remote address:
      142.250.201.170:443
      Request
      GET /drive/v2beta/files/12gwImk1shFaL4tb5QbtNVGte6qey4yju?fields=alternateLink%2CcopyRequiresWriterPermission%2CcreatedDate%2Cdescription%2CdriveId%2CfileSize%2CiconLink%2Cid%2Clabels(starred%2C%20trashed)%2ClastViewedByMeDate%2CmodifiedDate%2Cshared%2CteamDriveId%2CabuseNoticeReason%2ClabelInfo%2CuserPermission(id%2Cname%2CemailAddress%2Cdomain%2Crole%2CadditionalRoles%2CphotoLink%2Ctype%2CwithLink)%2Cpermissions(id%2Cname%2CemailAddress%2Cdomain%2Crole%2CadditionalRoles%2CphotoLink%2Ctype%2CwithLink)%2Cparents(id)%2Ccapabilities(canMoveItemWithinDrive%2CcanMoveItemOutOfDrive%2CcanMoveItemOutOfTeamDrive%2CcanAddChildren%2CcanDownload%2CcanComment%2CcanEdit%2CcanInitiateEsignature%2CcanMoveChildrenWithinDrive%2CcanMoveItemIntoTeamDrive%2CcanRename%2CcanRemoveChildren)%2Ckind&supportsTeamDrives=true&includeBadgedLabels=true&enforceSingleParent=true&key=AIzaSyC1eQ1xj69IdTMeii5r7brs3R90eck-m7k HTTP/2.0
      host: content.googleapis.com
      accept: */*
      referer: https://content.googleapis.com/static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.gapi.en.uvrmm4sgViM.O%2Fd%3D1%2Frs%3DAHpOoo-soQ1xukOpN46EKPUFps9DoQSPjw%2Fm%3D__features__
      accept-language: en-US
      x-clientdetails: appVersion=5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F52.0.2743.116%20Safari%2F537.36%20Edge%2F15.15063&platform=Win32&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F52.0.2743.116%20Safari%2F537.36%20Edge%2F15.15063
      x-goog-encode-response-if-executable: base64
      x-requested-with: XMLHttpRequest
      x-javascript-user-agent: google-api-javascript-client/1.1.0
      x-goog-authuser: 0
      x-origin: https://drive.google.com
      x-referer: https://drive.google.com
      accept-encoding: gzip, deflate, br
      user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
      Response
      HTTP/2.0 200
      etag: "lQPnShsmYM1CJUcMBWA_dFuKA1g"
      expires: Mon, 01 Jan 1990 00:00:00 GMT
      pragma: no-cache
      vary: Origin, X-Origin
      date: Mon, 18 Mar 2024 12:45:59 GMT
      cache-control: no-cache, no-store, max-age=0, must-revalidate
      content-type: application/json; charset=UTF-8
      content-encoding: gzip
      server: ESF
      content-length: 659
      x-xss-protection: 0
      x-frame-options: SAMEORIGIN
      x-content-type-options: nosniff
      alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
    • flag-fr
      POST
      https://content.googleapis.com/drive/v2internal/viewerimpressions?key=AIzaSyC1eQ1xj69IdTMeii5r7brs3R90eck-m7k&alt=json
      MicrosoftEdgeCP.exe
      Remote address:
      142.250.201.170:443
      Request
      POST /drive/v2internal/viewerimpressions?key=AIzaSyC1eQ1xj69IdTMeii5r7brs3R90eck-m7k&alt=json HTTP/2.0
      host: content.googleapis.com
      accept: */*
      origin: https://content.googleapis.com
      referer: https://content.googleapis.com/static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.gapi.en.uvrmm4sgViM.O%2Fd%3D1%2Frs%3DAHpOoo-soQ1xukOpN46EKPUFps9DoQSPjw%2Fm%3D__features__
      accept-language: en-US
      x-clientdetails: appVersion=5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F52.0.2743.116%20Safari%2F537.36%20Edge%2F15.15063&platform=Win32&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F52.0.2743.116%20Safari%2F537.36%20Edge%2F15.15063
      x-goog-encode-response-if-executable: base64
      content-type: application/json
      x-requested-with: XMLHttpRequest
      x-javascript-user-agent: google-api-javascript-client/1.1.0
      x-goog-authuser: 0
      x-origin: https://drive.google.com
      x-referer: https://drive.google.com
      accept-encoding: gzip, deflate, br
      user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
      content-length: 550
      cache-control: no-cache
      Response
      HTTP/2.0 204
      etag: "vyGp6PvFo4RvsFtPoIWeCReyIC8"
      vary: Origin, X-Origin
      cache-control: no-cache, no-store, max-age=0, must-revalidate
      expires: Mon, 01 Jan 1990 00:00:00 GMT
      date: Mon, 18 Mar 2024 12:45:59 GMT
      pragma: no-cache
      content-type: text/html
      server: ESF
      content-length: 0
      x-xss-protection: 0
      x-frame-options: SAMEORIGIN
      x-content-type-options: nosniff
      alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
    • flag-fr
      POST
      https://content.googleapis.com/drive/v2internal/viewerimpressions?key=AIzaSyC1eQ1xj69IdTMeii5r7brs3R90eck-m7k&alt=json
      MicrosoftEdgeCP.exe
      Remote address:
      142.250.201.170:443
      Request
      POST /drive/v2internal/viewerimpressions?key=AIzaSyC1eQ1xj69IdTMeii5r7brs3R90eck-m7k&alt=json HTTP/2.0
      host: content.googleapis.com
      accept: */*
      origin: https://content.googleapis.com
      referer: https://content.googleapis.com/static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.gapi.en.uvrmm4sgViM.O%2Fd%3D1%2Frs%3DAHpOoo-soQ1xukOpN46EKPUFps9DoQSPjw%2Fm%3D__features__
      accept-language: en-US
      x-clientdetails: appVersion=5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F52.0.2743.116%20Safari%2F537.36%20Edge%2F15.15063&platform=Win32&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F52.0.2743.116%20Safari%2F537.36%20Edge%2F15.15063
      x-goog-encode-response-if-executable: base64
      content-type: application/json
      x-requested-with: XMLHttpRequest
      x-javascript-user-agent: google-api-javascript-client/1.1.0
      x-goog-authuser: 0
      x-origin: https://drive.google.com
      x-referer: https://drive.google.com
      accept-encoding: gzip, deflate, br
      user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
      content-length: 755
      cache-control: no-cache
      Response
      HTTP/2.0 204
      etag: "vyGp6PvFo4RvsFtPoIWeCReyIC8"
      expires: Mon, 01 Jan 1990 00:00:00 GMT
      cache-control: no-cache, no-store, max-age=0, must-revalidate
      pragma: no-cache
      vary: Origin, X-Origin
      date: Mon, 18 Mar 2024 12:45:59 GMT
      content-type: text/html
      server: ESF
      content-length: 0
      x-xss-protection: 0
      x-frame-options: SAMEORIGIN
      x-content-type-options: nosniff
      alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
    • flag-fr
      POST
      https://content.googleapis.com/drive/v2internal/viewerimpressions?key=AIzaSyC1eQ1xj69IdTMeii5r7brs3R90eck-m7k&alt=json
      MicrosoftEdgeCP.exe
      Remote address:
      142.250.201.170:443
      Request
      POST /drive/v2internal/viewerimpressions?key=AIzaSyC1eQ1xj69IdTMeii5r7brs3R90eck-m7k&alt=json HTTP/2.0
      host: content.googleapis.com
      accept: */*
      origin: https://content.googleapis.com
      referer: https://content.googleapis.com/static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.gapi.en.uvrmm4sgViM.O%2Fd%3D1%2Frs%3DAHpOoo-soQ1xukOpN46EKPUFps9DoQSPjw%2Fm%3D__features__
      accept-language: en-US
      x-clientdetails: appVersion=5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F52.0.2743.116%20Safari%2F537.36%20Edge%2F15.15063&platform=Win32&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F52.0.2743.116%20Safari%2F537.36%20Edge%2F15.15063
      x-goog-encode-response-if-executable: base64
      content-type: application/json
      x-requested-with: XMLHttpRequest
      x-javascript-user-agent: google-api-javascript-client/1.1.0
      x-goog-authuser: 0
      x-origin: https://drive.google.com
      x-referer: https://drive.google.com
      accept-encoding: gzip, deflate, br
      user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
      content-length: 1209
      cache-control: no-cache
      Response
      HTTP/2.0 403
      content-type: application/json; charset=UTF-8
      content-encoding: gzip
      date: Mon, 18 Mar 2024 12:46:26 GMT
      server: ESF
      cache-control: private
      content-length: 500
      x-xss-protection: 0
      x-frame-options: SAMEORIGIN
      x-content-type-options: nosniff
      alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
    • flag-nl
      OPTIONS
      https://blobcomments-pa.clients6.google.com/v1/metadata?docId=12gwImk1shFaL4tb5QbtNVGte6qey4yju&revisionId=0B4qb_Rs23mkwcU5CRTcycXJ2OUpmaVFOODFCTndpUjNBamJ3PQ&userLocale=en&timeZoneId=Etc%2FGMT&documentResourceKey.resourceKey&forceImportEnabled=true&key=AIzaSyCMp6sr4oTC18AWkE2Ii4UBZHTHEpGZWZM&%24unique=gc797
      MicrosoftEdgeCP.exe
      Remote address:
      172.217.23.202:443
      Request
      OPTIONS /v1/metadata?docId=12gwImk1shFaL4tb5QbtNVGte6qey4yju&revisionId=0B4qb_Rs23mkwcU5CRTcycXJ2OUpmaVFOODFCTndpUjNBamJ3PQ&userLocale=en&timeZoneId=Etc%2FGMT&documentResourceKey.resourceKey&forceImportEnabled=true&key=AIzaSyCMp6sr4oTC18AWkE2Ii4UBZHTHEpGZWZM&%24unique=gc797 HTTP/2.0
      host: blobcomments-pa.clients6.google.com
      accept: */*
      origin: https://drive.google.com
      referer: https://drive.google.com/
      accept-language: en-US
      user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
      access-control-request-headers: X-Goog-AuthUser, X-JavaScript-User-Agent, X-Requested-With, X-Goog-Encode-Response-If-Executable, X-ClientDetails
      access-control-request-method: GET
      accept-encoding: gzip, deflate, br
      content-length: 0
      cache-control: no-cache
      Response
      HTTP/2.0 200
      access-control-allow-origin: https://drive.google.com
      vary: origin
      vary: referer
      vary: x-origin
      access-control-allow-credentials: true
      access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
      access-control-allow-headers: X-Goog-AuthUser, X-JavaScript-User-Agent, X-Requested-With, X-Goog-Encode-Response-If-Executable, X-ClientDetails
      access-control-max-age: 3600
      date: Mon, 18 Mar 2024 12:45:57 GMT
      content-type: text/html
      server: ESF
      content-length: 0
      x-xss-protection: 0
      x-frame-options: SAMEORIGIN
      x-content-type-options: nosniff
      alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
    • flag-nl
      GET
      https://blobcomments-pa.clients6.google.com/v1/metadata?docId=12gwImk1shFaL4tb5QbtNVGte6qey4yju&revisionId=0B4qb_Rs23mkwcU5CRTcycXJ2OUpmaVFOODFCTndpUjNBamJ3PQ&userLocale=en&timeZoneId=Etc%2FGMT&documentResourceKey.resourceKey&forceImportEnabled=true&key=AIzaSyCMp6sr4oTC18AWkE2Ii4UBZHTHEpGZWZM&%24unique=gc797
      MicrosoftEdgeCP.exe
      Remote address:
      172.217.23.202:443
      Request
      GET /v1/metadata?docId=12gwImk1shFaL4tb5QbtNVGte6qey4yju&revisionId=0B4qb_Rs23mkwcU5CRTcycXJ2OUpmaVFOODFCTndpUjNBamJ3PQ&userLocale=en&timeZoneId=Etc%2FGMT&documentResourceKey.resourceKey&forceImportEnabled=true&key=AIzaSyCMp6sr4oTC18AWkE2Ii4UBZHTHEpGZWZM&%24unique=gc797 HTTP/2.0
      host: blobcomments-pa.clients6.google.com
      accept: */*
      origin: https://drive.google.com
      referer: https://drive.google.com/
      accept-language: en-US
      user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
      x-goog-authuser: 0
      x-javascript-user-agent: google-api-javascript-client/1.1.0
      x-requested-with: XMLHttpRequest
      x-goog-encode-response-if-executable: base64
      x-clientdetails: appVersion=5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F52.0.2743.116%20Safari%2F537.36%20Edge%2F15.15063&platform=Win32&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F52.0.2743.116%20Safari%2F537.36%20Edge%2F15.15063
      accept-encoding: gzip, deflate, br
      Response
      HTTP/2.0 200
      content-type: application/json; charset=UTF-8
      strict-transport-security: max-age=10886400; includeSubdomains
      vary: Origin
      vary: X-Origin
      vary: Referer
      content-encoding: gzip
      date: Mon, 18 Mar 2024 12:45:57 GMT
      server: ESF
      cache-control: private
      content-length: 778
      x-xss-protection: 0
      x-frame-options: SAMEORIGIN
      x-content-type-options: nosniff
      access-control-allow-origin: https://drive.google.com
      access-control-allow-credentials: true
      access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
      alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
    • flag-us
      DNS
      193.168.217.172.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      193.168.217.172.in-addr.arpa
      IN PTR
      Response
      193.168.217.172.in-addr.arpa
      IN PTR
      ams16s32-in-f11e100net
    • flag-us
      DNS
      67.214.58.216.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      67.214.58.216.in-addr.arpa
      IN PTR
      Response
      67.214.58.216.in-addr.arpa
      IN PTR
      fra15s10-in-f671e100net
      67.214.58.216.in-addr.arpa
      IN PTR
      par10s39-in-f3�H
      67.214.58.216.in-addr.arpa
      IN PTR
      fra15s10-in-f3�H
    • flag-us
      DNS
      206.20.217.172.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      206.20.217.172.in-addr.arpa
      IN PTR
      Response
      206.20.217.172.in-addr.arpa
      IN PTR
      waw02s08-in-f2061e100net
      206.20.217.172.in-addr.arpa
      IN PTR
      par10s50-in-f14�J
      206.20.217.172.in-addr.arpa
      IN PTR
      waw02s08-in-f14�J
    • flag-us
      DNS
      170.201.250.142.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      170.201.250.142.in-addr.arpa
      IN PTR
      Response
      170.201.250.142.in-addr.arpa
      IN PTR
      par21s23-in-f101e100net
    • flag-us
      DNS
      84.203.85.209.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      84.203.85.209.in-addr.arpa
      IN PTR
      Response
      84.203.85.209.in-addr.arpa
      IN PTR
      dh-in-f841e100net
    • flag-us
      DNS
      84.203.85.209.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      84.203.85.209.in-addr.arpa
      IN PTR
    • flag-us
      DNS
      202.23.217.172.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      202.23.217.172.in-addr.arpa
      IN PTR
      Response
      202.23.217.172.in-addr.arpa
      IN PTR
      prg03s05-in-f101e100net
      202.23.217.172.in-addr.arpa
      IN PTR
      ams16s37-in-f10�I
      202.23.217.172.in-addr.arpa
      IN PTR
      prg03s05-in-f202�I
    • flag-us
      DNS
      202.23.217.172.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      202.23.217.172.in-addr.arpa
      IN PTR
    • flag-us
      DNS
      www.google.com
      MicrosoftEdgeCP.exe
      Remote address:
      8.8.8.8:53
      Request
      www.google.com
      IN A
      Response
      www.google.com
      IN A
      216.58.213.68
    • flag-fr
      GET
      https://www.google.com/images/hpp/Chrome_Owned_96x96.png
      MicrosoftEdgeCP.exe
      Remote address:
      216.58.213.68:443
      Request
      GET /images/hpp/Chrome_Owned_96x96.png HTTP/2.0
      host: www.google.com
      accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5
      referer: https://ogs.google.com/
      accept-language: en-US
      user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
      accept-encoding: gzip, deflate, br
      cookie: NID=512=NBph5Q7Tsh3_aozILIboYvsSy9BiSqrMN3CXL1Xr0NObnh1vOp_HsDvYgYQVMjfE_-UxkrAVcqqnGWb6yiSwS8UbWwwSE78_pM4BIWXrDZ0BV_70D7JU8DFPTIVfsuS6JQKRBcvOC6S5UxTsZWgiff-0uwA-T8THQrYZtIwFYMI
      Response
      HTTP/2.0 200
      accept-ranges: bytes
      content-type: image/png
      cross-origin-resource-policy: cross-origin
      cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
      report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
      content-length: 6177
      date: Mon, 18 Mar 2024 12:45:58 GMT
      expires: Mon, 18 Mar 2024 12:45:58 GMT
      cache-control: private, max-age=31536000
      last-modified: Tue, 22 Oct 2019 18:30:00 GMT
      x-content-type-options: nosniff
      server: sffe
      x-xss-protection: 0
      alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
    • flag-us
      DNS
      68.213.58.216.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      68.213.58.216.in-addr.arpa
      IN PTR
      Response
      68.213.58.216.in-addr.arpa
      IN PTR
      par21s18-in-f41e100net
      68.213.58.216.in-addr.arpa
      IN PTR
      lhr25s01-in-f4�G
      68.213.58.216.in-addr.arpa
      IN PTR
      lhr25s01-in-f68�G
    • flag-us
      DNS
      lh3.googleusercontent.com
      MicrosoftEdgeCP.exe
      Remote address:
      8.8.8.8:53
      Request
      lh3.googleusercontent.com
      IN A
      Response
      lh3.googleusercontent.com
      IN CNAME
      googlehosted.l.googleusercontent.com
      googlehosted.l.googleusercontent.com
      IN A
      142.250.178.129
    • flag-fr
      GET
      https://lh3.googleusercontent.com/a/ACg8ocLmWKsCMTrUv9pXRH9oIfnacHuGORkL-PdViCi0hG6T=s64
      MicrosoftEdgeCP.exe
      Remote address:
      142.250.178.129:443
      Request
      GET /a/ACg8ocLmWKsCMTrUv9pXRH9oIfnacHuGORkL-PdViCi0hG6T=s64 HTTP/2.0
      host: lh3.googleusercontent.com
      accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5
      referer: https://drive.google.com/
      accept-language: en-US
      user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
      accept-encoding: gzip, deflate, br
      Response
      HTTP/2.0 200
      content-type: image/png
      vary: Origin
      access-control-allow-origin: *
      timing-allow-origin: *
      access-control-expose-headers: Content-Length
      expires: Tue, 19 Mar 2024 12:45:59 GMT
      cache-control: public, max-age=86400, no-transform
      content-disposition: inline;filename="unnamed.png"
      x-content-type-options: nosniff
      date: Mon, 18 Mar 2024 12:45:59 GMT
      server: fife
      content-length: 685
      x-xss-protection: 0
      alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
    • flag-us
      DNS
      129.178.250.142.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      129.178.250.142.in-addr.arpa
      IN PTR
      Response
      129.178.250.142.in-addr.arpa
      IN PTR
      par21s22-in-f11e100net
    • flag-us
      DNS
      194.178.17.96.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      194.178.17.96.in-addr.arpa
      IN PTR
      Response
      194.178.17.96.in-addr.arpa
      IN PTR
      a96-17-178-194deploystaticakamaitechnologiescom
    • flag-us
      DNS
      161.19.199.152.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      161.19.199.152.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      200.197.79.204.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      200.197.79.204.in-addr.arpa
      IN PTR
      Response
      200.197.79.204.in-addr.arpa
      IN PTR
      a-0001a-msedgenet
    • flag-us
      DNS
      240.221.184.93.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      240.221.184.93.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      114.110.16.96.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      114.110.16.96.in-addr.arpa
      IN PTR
      Response
      114.110.16.96.in-addr.arpa
      IN PTR
      a96-16-110-114deploystaticakamaitechnologiescom
    • flag-us
      DNS
      www.microsoft.com
      MicrosoftEdge.exe
      Remote address:
      8.8.8.8:53
      Request
      www.microsoft.com
      IN A
      Response
      www.microsoft.com
      IN CNAME
      www.microsoft.com-c-3.edgekey.net
      www.microsoft.com-c-3.edgekey.net
      IN CNAME
      www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net
      www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net
      IN CNAME
      e13678.dscb.akamaiedge.net
      e13678.dscb.akamaiedge.net
      IN A
      92.123.241.137
    • flag-gb
      GET
      https://www.bing.com/cortanaassist/rules?cc=US&version=6
      MicrosoftEdge.exe
      Remote address:
      92.123.128.173:443
      Request
      GET /cortanaassist/rules?cc=US&version=6 HTTP/2.0
      host: www.bing.com
      accept: */*
      accept-encoding: gzip, deflate, br
      user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
      dnt: 1
    • flag-us
      DNS
      137.241.123.92.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      137.241.123.92.in-addr.arpa
      IN PTR
      Response
      137.241.123.92.in-addr.arpa
      IN PTR
      a92-123-241-137deploystaticakamaitechnologiescom
    • flag-us
      DNS
      173.128.123.92.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      173.128.123.92.in-addr.arpa
      IN PTR
      Response
      173.128.123.92.in-addr.arpa
      IN PTR
      a92-123-128-173deploystaticakamaitechnologiescom
    • flag-us
      DNS
      43.229.111.52.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      43.229.111.52.in-addr.arpa
      IN PTR
      Response
    • 142.250.179.142:443
      drive.google.com
      tls, http2
      MicrosoftEdgeCP.exe
      1.5kB
      7.7kB
      19
      14
    • 142.250.179.142:443
      https://drive.google.com/uc?id=12gwImk1shFaL4tb5QbtNVGte6qey4yju&export=download
      tls, http2
      MicrosoftEdgeCP.exe
      4.7kB
      43.3kB
      66
      59

      HTTP Request

      GET https://drive.google.com/file/d/12gwImk1shFaL4tb5QbtNVGte6qey4yju/view?usp=sharing

      HTTP Response

      200

      HTTP Request

      GET https://drive.google.com/auth_warmup

      HTTP Response

      200

      HTTP Request

      GET https://drive.google.com/drivesharing/clientmodel?id=12gwImk1shFaL4tb5QbtNVGte6qey4yju&foreignService=texmex&authuser=0&origin=https%3A%2F%2Fdrive.google.com

      HTTP Response

      302

      HTTP Request

      GET https://drive.google.com/uc?id=12gwImk1shFaL4tb5QbtNVGte6qey4yju&export=download

      HTTP Response

      200
    • 142.250.179.142:443
      https://drive.google.com/favicon.ico
      tls, http2
      MicrosoftEdge.exe
      2.4kB
      8.6kB
      27
      18

      HTTP Request

      GET https://drive.google.com/favicon.ico

      HTTP Response

      302
    • 142.250.179.142:443
      drive.google.com
      tls, http2
      MicrosoftEdge.exe
      1.4kB
      7.1kB
      14
      10
    • 216.58.214.67:443
      https://ssl.gstatic.com/docs/common/cleardot.gif?zx=smrusif3dzin
      tls, http2
      MicrosoftEdgeCP.exe
      4.9kB
      60.1kB
      76
      66

      HTTP Request

      GET https://ssl.gstatic.com/docs/common/viewer/v3/v-sprite56.svg

      HTTP Request

      GET https://ssl.gstatic.com/docs/common/cleardot.gif?zx=t46wvie4qya4

      HTTP Response

      200

      HTTP Response

      200

      HTTP Request

      GET https://ssl.gstatic.com/docs/common/cleardot.gif?zx=bu6j1oduc2me

      HTTP Response

      200

      HTTP Request

      GET https://ssl.gstatic.com/docs/common/cleardot.gif?zx=gdz8hjd655bo

      HTTP Response

      200

      HTTP Request

      GET https://ssl.gstatic.com/docs/common/cleardot.gif?zx=smrusif3dzin

      HTTP Response

      200
    • 216.58.214.67:443
      ssl.gstatic.com
      tls, http2
      MicrosoftEdgeCP.exe
      1.7kB
      5.1kB
      19
      12
    • 172.217.18.206:443
      https://apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.uvrmm4sgViM.O/m=googleapis_proxy/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-soQ1xukOpN46EKPUFps9DoQSPjw/cb=gapi.loaded_0?le=scs
      tls, http2
      MicrosoftEdgeCP.exe
      8.8kB
      160.0kB
      141
      134

      HTTP Request

      GET https://apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.uvrmm4sgViM.O/m=client/exm=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-soQ1xukOpN46EKPUFps9DoQSPjw/cb=gapi.loaded_1

      HTTP Request

      GET https://apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.uvrmm4sgViM.O/m=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-soQ1xukOpN46EKPUFps9DoQSPjw/cb=gapi.loaded_0

      HTTP Response

      200

      HTTP Response

      200

      HTTP Request

      GET https://apis.google.com/js/googleapis.proxy.js?onload=startup

      HTTP Response

      200

      HTTP Request

      GET https://apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.uvrmm4sgViM.O/m=googleapis_proxy/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-soQ1xukOpN46EKPUFps9DoQSPjw/cb=gapi.loaded_0?le=scs

      HTTP Response

      200
    • 172.217.18.206:443
      apis.google.com
      tls, http2
      MicrosoftEdgeCP.exe
      2.0kB
      5.4kB
      21
      14
    • 209.85.203.84:443
      https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fdrive.google.com%2Fdrivesharing%2Fclientmodel%3Fid%3D12gwImk1shFaL4tb5QbtNVGte6qey4yju%26foreignService%3Dtexmex%26authuser%3D0%26origin%3Dhttps%3A%2F%2Fdrive.google.com&followup=https%3A%2F%2Fdrive.google.com%2Fdrivesharing%2Fclientmodel%3Fid%3D12gwImk1shFaL4tb5QbtNVGte6qey4yju%26foreignService%3Dtexmex%26authuser%3D0%26origin%3Dhttps%3A%2F%2Fdrive.google.com&ifkv=ARZ0qKKFmRoMfzdq5lc0veCTVB0IJLP8MM53GLvKZMin88R4HzCcHedY-WqAemPDSU7EFDUjEy_lNw&osid=1&passive=1209600&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-1207659268%3A1710765957416607&theme=mn&ddm=0
      tls, http2
      MicrosoftEdgeCP.exe
      7.8kB
      124.4kB
      115
      109

      HTTP Request

      GET https://accounts.google.com/ServiceLogin?passive=1209600&osid=1&continue=https://drive.google.com/drivesharing/clientmodel?id%3D12gwImk1shFaL4tb5QbtNVGte6qey4yju%26foreignService%3Dtexmex%26authuser%3D0%26origin%3Dhttps://drive.google.com&followup=https://drive.google.com/drivesharing/clientmodel?id%3D12gwImk1shFaL4tb5QbtNVGte6qey4yju%26foreignService%3Dtexmex%26authuser%3D0%26origin%3Dhttps://drive.google.com

      HTTP Response

      302

      HTTP Request

      GET https://accounts.google.com/InteractiveLogin?continue=https://drive.google.com/drivesharing/clientmodel?id%3D12gwImk1shFaL4tb5QbtNVGte6qey4yju%26foreignService%3Dtexmex%26authuser%3D0%26origin%3Dhttps://drive.google.com&followup=https://drive.google.com/drivesharing/clientmodel?id%3D12gwImk1shFaL4tb5QbtNVGte6qey4yju%26foreignService%3Dtexmex%26authuser%3D0%26origin%3Dhttps://drive.google.com&osid=1&passive=1209600&ifkv=ARZ0qKJAacSg9JS6Btd3detbDdV7JgZ_-qThJEgAFFboVCRcuhYqHMD516wNKZCaUKKVrFjy_cEDZA

      HTTP Response

      302

      HTTP Request

      GET https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fdrive.google.com%2Fdrivesharing%2Fclientmodel%3Fid%3D12gwImk1shFaL4tb5QbtNVGte6qey4yju%26foreignService%3Dtexmex%26authuser%3D0%26origin%3Dhttps%3A%2F%2Fdrive.google.com&followup=https%3A%2F%2Fdrive.google.com%2Fdrivesharing%2Fclientmodel%3Fid%3D12gwImk1shFaL4tb5QbtNVGte6qey4yju%26foreignService%3Dtexmex%26authuser%3D0%26origin%3Dhttps%3A%2F%2Fdrive.google.com&ifkv=ARZ0qKKFmRoMfzdq5lc0veCTVB0IJLP8MM53GLvKZMin88R4HzCcHedY-WqAemPDSU7EFDUjEy_lNw&osid=1&passive=1209600&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-1207659268%3A1710765957416607&theme=mn&ddm=0

      HTTP Response

      200
    • 209.85.203.84:443
      accounts.google.com
      tls, http2
      MicrosoftEdgeCP.exe
      1.2kB
      5.1kB
      17
      12
    • 216.58.214.67:443
      https://ssl.gstatic.com/docs/doclist/images/drive_2022q3_32dp.png
      tls, http2
      MicrosoftEdge.exe
      2.0kB
      9.0kB
      27
      20

      HTTP Request

      GET https://ssl.gstatic.com/images/branding/product/1x/drive_2020q4_32dp.png

      HTTP Response

      200

      HTTP Request

      GET https://ssl.gstatic.com/docs/doclist/images/drive_2022q3_32dp.png

      HTTP Response

      200
    • 216.58.214.67:443
      ssl.gstatic.com
      tls, http2
      MicrosoftEdge.exe
      1.1kB
      5.3kB
      16
      12
    • 172.217.168.193:443
      https://drive-thirdparty.googleusercontent.com/16/type/application/x-msdownload
      tls, http2
      MicrosoftEdgeCP.exe
      1.8kB
      11.4kB
      23
      19

      HTTP Request

      GET https://drive-thirdparty.googleusercontent.com/16/type/application/x-msdownload

      HTTP Response

      200
    • 172.217.168.193:443
      drive-thirdparty.googleusercontent.com
      tls, http2
      MicrosoftEdgeCP.exe
      1.3kB
      10.1kB
      19
      15
    • 172.217.20.206:443
      https://ogs.google.com/widget/callout?prid=19016402&pgid=19010599&puid=53bd5e343198ee56&cce=1&dc=1&origin=https%3A%2F%2Fdrive.google.com&cn=callout&pid=25&spid=25&hl=en
      tls, http2
      MicrosoftEdgeCP.exe
      2.3kB
      21.5kB
      29
      24

      HTTP Request

      GET https://ogs.google.com/widget/callout?prid=19016402&pgid=19010599&puid=53bd5e343198ee56&cce=1&dc=1&origin=https%3A%2F%2Fdrive.google.com&cn=callout&pid=25&spid=25&hl=en

      HTTP Response

      200
    • 172.217.20.206:443
      ogs.google.com
      tls, http2
      MicrosoftEdgeCP.exe
      1.4kB
      7.7kB
      18
      13
    • 142.250.201.170:443
      content.googleapis.com
      tls
      MicrosoftEdgeCP.exe
      1.3kB
      5.0kB
      13
      10
    • 142.250.201.170:443
      https://content.googleapis.com/drive/v2internal/viewerimpressions?key=AIzaSyC1eQ1xj69IdTMeii5r7brs3R90eck-m7k&alt=json
      tls, http2
      MicrosoftEdgeCP.exe
      9.0kB
      10.6kB
      48
      38

      HTTP Request

      GET https://content.googleapis.com/static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.gapi.en.uvrmm4sgViM.O%2Fd%3D1%2Frs%3DAHpOoo-soQ1xukOpN46EKPUFps9DoQSPjw%2Fm%3D__features__

      HTTP Response

      200

      HTTP Request

      GET https://content.googleapis.com/drive/v2beta/files/12gwImk1shFaL4tb5QbtNVGte6qey4yju?fields=alternateLink%2CcopyRequiresWriterPermission%2CcreatedDate%2Cdescription%2CdriveId%2CfileSize%2CiconLink%2Cid%2Clabels(starred%2C%20trashed)%2ClastViewedByMeDate%2CmodifiedDate%2Cshared%2CteamDriveId%2CabuseNoticeReason%2ClabelInfo%2CuserPermission(id%2Cname%2CemailAddress%2Cdomain%2Crole%2CadditionalRoles%2CphotoLink%2Ctype%2CwithLink)%2Cpermissions(id%2Cname%2CemailAddress%2Cdomain%2Crole%2CadditionalRoles%2CphotoLink%2Ctype%2CwithLink)%2Cparents(id)%2Ccapabilities(canMoveItemWithinDrive%2CcanMoveItemOutOfDrive%2CcanMoveItemOutOfTeamDrive%2CcanAddChildren%2CcanDownload%2CcanComment%2CcanEdit%2CcanInitiateEsignature%2CcanMoveChildrenWithinDrive%2CcanMoveItemIntoTeamDrive%2CcanRename%2CcanRemoveChildren)%2Ckind&supportsTeamDrives=true&includeBadgedLabels=true&enforceSingleParent=true&key=AIzaSyC1eQ1xj69IdTMeii5r7brs3R90eck-m7k

      HTTP Request

      POST https://content.googleapis.com/drive/v2internal/viewerimpressions?key=AIzaSyC1eQ1xj69IdTMeii5r7brs3R90eck-m7k&alt=json

      HTTP Request

      POST https://content.googleapis.com/drive/v2internal/viewerimpressions?key=AIzaSyC1eQ1xj69IdTMeii5r7brs3R90eck-m7k&alt=json

      HTTP Response

      200

      HTTP Response

      204

      HTTP Response

      204

      HTTP Request

      POST https://content.googleapis.com/drive/v2internal/viewerimpressions?key=AIzaSyC1eQ1xj69IdTMeii5r7brs3R90eck-m7k&alt=json

      HTTP Response

      403
    • 172.217.23.202:443
      https://blobcomments-pa.clients6.google.com/v1/metadata?docId=12gwImk1shFaL4tb5QbtNVGte6qey4yju&revisionId=0B4qb_Rs23mkwcU5CRTcycXJ2OUpmaVFOODFCTndpUjNBamJ3PQ&userLocale=en&timeZoneId=Etc%2FGMT&documentResourceKey.resourceKey&forceImportEnabled=true&key=AIzaSyCMp6sr4oTC18AWkE2Ii4UBZHTHEpGZWZM&%24unique=gc797
      tls, http2
      MicrosoftEdgeCP.exe
      3.1kB
      13.0kB
      32
      27

      HTTP Request

      OPTIONS https://blobcomments-pa.clients6.google.com/v1/metadata?docId=12gwImk1shFaL4tb5QbtNVGte6qey4yju&revisionId=0B4qb_Rs23mkwcU5CRTcycXJ2OUpmaVFOODFCTndpUjNBamJ3PQ&userLocale=en&timeZoneId=Etc%2FGMT&documentResourceKey.resourceKey&forceImportEnabled=true&key=AIzaSyCMp6sr4oTC18AWkE2Ii4UBZHTHEpGZWZM&%24unique=gc797

      HTTP Response

      200

      HTTP Request

      GET https://blobcomments-pa.clients6.google.com/v1/metadata?docId=12gwImk1shFaL4tb5QbtNVGte6qey4yju&revisionId=0B4qb_Rs23mkwcU5CRTcycXJ2OUpmaVFOODFCTndpUjNBamJ3PQ&userLocale=en&timeZoneId=Etc%2FGMT&documentResourceKey.resourceKey&forceImportEnabled=true&key=AIzaSyCMp6sr4oTC18AWkE2Ii4UBZHTHEpGZWZM&%24unique=gc797

      HTTP Response

      200
    • 172.217.23.202:443
      blobcomments-pa.clients6.google.com
      tls, http2
      MicrosoftEdgeCP.exe
      1.3kB
      10.8kB
      19
      15
    • 216.58.213.68:443
      www.google.com
      tls, http2
      MicrosoftEdgeCP.exe
      1.1kB
      5.1kB
      16
      12
    • 216.58.213.68:443
      https://www.google.com/images/hpp/Chrome_Owned_96x96.png
      tls, http2
      MicrosoftEdgeCP.exe
      2.0kB
      12.3kB
      25
      20

      HTTP Request

      GET https://www.google.com/images/hpp/Chrome_Owned_96x96.png

      HTTP Response

      200
    • 142.250.178.129:443
      lh3.googleusercontent.com
      tls, http2
      MicrosoftEdgeCP.exe
      1.3kB
      10.1kB
      19
      15
    • 142.250.178.129:443
      https://lh3.googleusercontent.com/a/ACg8ocLmWKsCMTrUv9pXRH9oIfnacHuGORkL-PdViCi0hG6T=s64
      tls, http2
      MicrosoftEdgeCP.exe
      2.0kB
      11.3kB
      26
      19

      HTTP Request

      GET https://lh3.googleusercontent.com/a/ACg8ocLmWKsCMTrUv9pXRH9oIfnacHuGORkL-PdViCi0hG6T=s64

      HTTP Response

      200
    • 204.79.197.200:443
      ieonline.microsoft.com
      tls, http2
      MicrosoftEdge.exe
      1.4kB
      9.0kB
      18
      15
    • 92.123.128.173:443
      https://www.bing.com/cortanaassist/rules?cc=US&version=6
      tls, http2
      MicrosoftEdge.exe
      3.3kB
      59.7kB
      57
      51

      HTTP Request

      GET https://www.bing.com/cortanaassist/rules?cc=US&version=6
    • 92.123.128.173:443
      www.bing.com
      tls, http2
      MicrosoftEdge.exe
      1.4kB
      4.8kB
      18
      12
    • 8.8.8.8:53
      drive.google.com
      dns
      MicrosoftEdge.exe
      62 B
      78 B
      1
      1

      DNS Request

      drive.google.com

      DNS Response

      142.250.179.142

    • 8.8.8.8:53
      0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.8.0.8.0.8.0.8.0.ip6.arpa
      dns
      236 B
      182 B
      2
      1

      DNS Request

      0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.8.0.8.0.8.0.8.0.ip6.arpa

      DNS Request

      0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.8.0.8.0.8.0.8.0.ip6.arpa

    • 8.8.8.8:53
      142.179.250.142.in-addr.arpa
      dns
      74 B
      113 B
      1
      1

      DNS Request

      142.179.250.142.in-addr.arpa

    • 8.8.8.8:53
      173.178.17.96.in-addr.arpa
      dns
      72 B
      137 B
      1
      1

      DNS Request

      173.178.17.96.in-addr.arpa

    • 8.8.8.8:53
      35.215.58.216.in-addr.arpa
      dns
      72 B
      110 B
      1
      1

      DNS Request

      35.215.58.216.in-addr.arpa

    • 8.8.8.8:53
      42.36.251.142.in-addr.arpa
      dns
      72 B
      111 B
      1
      1

      DNS Request

      42.36.251.142.in-addr.arpa

    • 8.8.8.8:53
      3.214.58.216.in-addr.arpa
      dns
      71 B
      152 B
      1
      1

      DNS Request

      3.214.58.216.in-addr.arpa

    • 8.8.8.8:53
      ssl.gstatic.com
      dns
      MicrosoftEdge.exe
      61 B
      77 B
      1
      1

      DNS Request

      ssl.gstatic.com

      DNS Response

      216.58.214.67

    • 8.8.8.8:53
      ogs.google.com
      dns
      MicrosoftEdgeCP.exe
      120 B
      97 B
      2
      1

      DNS Request

      ogs.google.com

      DNS Request

      ogs.google.com

      DNS Response

      172.217.20.206

    • 8.8.8.8:53
      apis.google.com
      dns
      MicrosoftEdgeCP.exe
      61 B
      98 B
      1
      1

      DNS Request

      apis.google.com

      DNS Response

      172.217.18.206

    • 8.8.8.8:53
      accounts.google.com
      dns
      MicrosoftEdgeCP.exe
      65 B
      81 B
      1
      1

      DNS Request

      accounts.google.com

      DNS Response

      209.85.203.84

    • 8.8.8.8:53
      163.214.58.216.in-addr.arpa
      dns
      73 B
      171 B
      1
      1

      DNS Request

      163.214.58.216.in-addr.arpa

    • 8.8.8.8:53
      206.18.217.172.in-addr.arpa
      dns
      73 B
      143 B
      1
      1

      DNS Request

      206.18.217.172.in-addr.arpa

    • 8.8.8.8:53
      drive-thirdparty.googleusercontent.com
      dns
      MicrosoftEdgeCP.exe
      84 B
      129 B
      1
      1

      DNS Request

      drive-thirdparty.googleusercontent.com

      DNS Response

      172.217.168.193

    • 8.8.8.8:53
      content.googleapis.com
      dns
      MicrosoftEdgeCP.exe
      68 B
      260 B
      1
      1

      DNS Request

      content.googleapis.com

      DNS Response

      142.250.201.170
      172.217.18.202
      216.58.214.74
      142.250.74.234
      142.250.75.234
      216.58.214.170
      172.217.20.170
      172.217.20.202
      216.58.213.74
      142.250.179.74
      142.250.179.106
      142.250.178.138

    • 8.8.8.8:53
      blobcomments-pa.clients6.google.com
      dns
      MicrosoftEdgeCP.exe
      81 B
      97 B
      1
      1

      DNS Request

      blobcomments-pa.clients6.google.com

      DNS Response

      172.217.23.202

    • 8.8.8.8:53
      193.168.217.172.in-addr.arpa
      dns
      74 B
      112 B
      1
      1

      DNS Request

      193.168.217.172.in-addr.arpa

    • 8.8.8.8:53
      67.214.58.216.in-addr.arpa
      dns
      72 B
      169 B
      1
      1

      DNS Request

      67.214.58.216.in-addr.arpa

    • 8.8.8.8:53
      206.20.217.172.in-addr.arpa
      dns
      73 B
      173 B
      1
      1

      DNS Request

      206.20.217.172.in-addr.arpa

    • 8.8.8.8:53
      170.201.250.142.in-addr.arpa
      dns
      74 B
      113 B
      1
      1

      DNS Request

      170.201.250.142.in-addr.arpa

    • 8.8.8.8:53
      84.203.85.209.in-addr.arpa
      dns
      144 B
      105 B
      2
      1

      DNS Request

      84.203.85.209.in-addr.arpa

      DNS Request

      84.203.85.209.in-addr.arpa

    • 8.8.8.8:53
      202.23.217.172.in-addr.arpa
      dns
      146 B
      173 B
      2
      1

      DNS Request

      202.23.217.172.in-addr.arpa

      DNS Request

      202.23.217.172.in-addr.arpa

    • 8.8.8.8:53
      www.google.com
      dns
      MicrosoftEdgeCP.exe
      60 B
      76 B
      1
      1

      DNS Request

      www.google.com

      DNS Response

      216.58.213.68

    • 8.8.8.8:53
      68.213.58.216.in-addr.arpa
      dns
      72 B
      169 B
      1
      1

      DNS Request

      68.213.58.216.in-addr.arpa

    • 8.8.8.8:53
      lh3.googleusercontent.com
      dns
      MicrosoftEdgeCP.exe
      71 B
      116 B
      1
      1

      DNS Request

      lh3.googleusercontent.com

      DNS Response

      142.250.178.129

    • 8.8.8.8:53
      129.178.250.142.in-addr.arpa
      dns
      74 B
      112 B
      1
      1

      DNS Request

      129.178.250.142.in-addr.arpa

    • 8.8.8.8:53
      194.178.17.96.in-addr.arpa
      dns
      72 B
      137 B
      1
      1

      DNS Request

      194.178.17.96.in-addr.arpa

    • 8.8.8.8:53
      161.19.199.152.in-addr.arpa
      dns
      73 B
      144 B
      1
      1

      DNS Request

      161.19.199.152.in-addr.arpa

    • 8.8.8.8:53
      200.197.79.204.in-addr.arpa
      dns
      73 B
      106 B
      1
      1

      DNS Request

      200.197.79.204.in-addr.arpa

    • 8.8.8.8:53
      240.221.184.93.in-addr.arpa
      dns
      73 B
      144 B
      1
      1

      DNS Request

      240.221.184.93.in-addr.arpa

    • 8.8.8.8:53
      114.110.16.96.in-addr.arpa
      dns
      72 B
      137 B
      1
      1

      DNS Request

      114.110.16.96.in-addr.arpa

    • 8.8.8.8:53
      www.microsoft.com
      dns
      MicrosoftEdge.exe
      63 B
      230 B
      1
      1

      DNS Request

      www.microsoft.com

      DNS Response

      92.123.241.137

    • 8.8.8.8:53
      137.241.123.92.in-addr.arpa
      dns
      73 B
      139 B
      1
      1

      DNS Request

      137.241.123.92.in-addr.arpa

    • 8.8.8.8:53
      173.128.123.92.in-addr.arpa
      dns
      73 B
      139 B
      1
      1

      DNS Request

      173.128.123.92.in-addr.arpa

    • 8.8.8.8:53
      43.229.111.52.in-addr.arpa
      dns
      72 B
      158 B
      1
      1

      DNS Request

      43.229.111.52.in-addr.arpa

    MITRE ATT&CK Enterprise v15

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\57C8EDB95DF3F0AD4EE2DC2B8CFD4157

      Filesize

      4KB

      MD5

      1bfe591a4fe3d91b03cdf26eaacd8f89

      SHA1

      719c37c320f518ac168c86723724891950911cea

      SHA256

      9cf94355051bf0f4a45724ca20d1cc02f76371b963ab7d1e38bd8997737b13d8

      SHA512

      02f88da4b610678c31664609bcfa9d61db8d0b0617649981af948f670f41a6207b4ec19fecce7385a24e0c609cbbf3f2b79a8acaf09a03c2c432cc4dce75e9db

    • C:\Users\Admin\AppData\Local\MicrosoftEdge\SharedCacheContainers\MicrosoftEdge_iecompat\IECompatData.xml

      Filesize

      74KB

      MD5

      d4fc49dc14f63895d997fa4940f24378

      SHA1

      3efb1437a7c5e46034147cbbc8db017c69d02c31

      SHA256

      853d2f4eb81c9fdcea2ee079f6faf98214b111b77cdf68709b38989d123890f1

      SHA512

      cc60d79b4afe5007634ac21dc4bc92081880be4c0d798a1735b63b27e936c02f399964f744dc73711987f01e8a1064b02a4867dd6cac27538e5fbe275cc61e0a

    • C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\RY4Z9P88\cb=gapi[2].js

      Filesize

      76KB

      MD5

      27b9b84fbfb8daa2fb4bee12be7581fa

      SHA1

      74ef64d31aceb8e6053268b5e965fcf3c1bb9543

      SHA256

      c0591837fe846cfe29ec11880096615e267cfcd46abc9ec4632b4b9c49a554ff

      SHA512

      2643134bae82ac683739498d953295969a7bc63b6e3c60ed6c72ad0841aad0306e96ad008b4a5a690ed846186bcac6459fc28a2c9118cbfc689377f45397644a

    • C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\MicrosoftEdge\Cache\3SZYD0W1\drive_2022q3_32dp[1].png

      Filesize

      1KB

      MD5

      c66f20f2e39eb2f6a0a4cdbe0d955e5f

      SHA1

      575ef086ce461e0ef83662e3acb3c1a789ebb0a8

      SHA256

      2ab9cd0ffdddf7bf060620ae328fe626bfa2c004739adedb74ec894faf9bee31

      SHA512

      b9c44a2113fb078d83e968dc0af2e78995bb6dd4ca25abff31e9ab180849c5de3036b69931cca295ac64155d5b168b634e35b7699f3fe65d4a30e9058a2639bd

    • C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\MicrosoftEdge\Cache\5T23N6JQ\suggestions[1].en-US

      Filesize

      17KB

      MD5

      5a34cb996293fde2cb7a4ac89587393a

      SHA1

      3c96c993500690d1a77873cd62bc639b3a10653f

      SHA256

      c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

      SHA512

      e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

    • C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\MicrosoftEdge\Cache\8JCPZCIB\drive_2020q4_32dp[1].png

      Filesize

      831B

      MD5

      916c9bcccf19525ad9d3cd1514008746

      SHA1

      9ccce6978d2417927b5150ffaac22f907ff27b6e

      SHA256

      358e814139d3ed8469b36935a071be6696ccad7dd9bdbfdb80c052b068ae2a50

      SHA512

      b73c1a81997abe12dba4ae1fa38f070079448c3798e7161c9262ccba6ee6a91e8a243f0e4888c8aef33ce1cf83818fc44c85ae454a522a079d08121cd8628d00

    • memory/608-270-0x0000020C23490000-0x0000020C23492000-memory.dmp

      Filesize

      8KB

    • memory/608-284-0x0000020C237A0000-0x0000020C237A2000-memory.dmp

      Filesize

      8KB

    • memory/608-110-0x0000020C238E0000-0x0000020C239E0000-memory.dmp

      Filesize

      1024KB

    • memory/608-115-0x0000020C22750000-0x0000020C22752000-memory.dmp

      Filesize

      8KB

    • memory/608-128-0x0000020C23A60000-0x0000020C23B60000-memory.dmp

      Filesize

      1024KB

    • memory/608-173-0x0000020C22B90000-0x0000020C22B92000-memory.dmp

      Filesize

      8KB

    • memory/608-177-0x0000020C22BB0000-0x0000020C22BB2000-memory.dmp

      Filesize

      8KB

    • memory/608-183-0x0000020C22C70000-0x0000020C22C72000-memory.dmp

      Filesize

      8KB

    • memory/608-186-0x0000020C22E30000-0x0000020C22E32000-memory.dmp

      Filesize

      8KB

    • memory/608-221-0x0000020C230A0000-0x0000020C230A2000-memory.dmp

      Filesize

      8KB

    • memory/608-226-0x0000020C230D0000-0x0000020C230D2000-memory.dmp

      Filesize

      8KB

    • memory/608-267-0x0000020C232F0000-0x0000020C232F2000-memory.dmp

      Filesize

      8KB

    • memory/608-82-0x0000020C20820000-0x0000020C20840000-memory.dmp

      Filesize

      128KB

    • memory/608-276-0x0000020C234B0000-0x0000020C234B2000-memory.dmp

      Filesize

      8KB

    • memory/608-281-0x0000020C234F0000-0x0000020C234F2000-memory.dmp

      Filesize

      8KB

    • memory/608-94-0x0000020C2AB80000-0x0000020C2ABA0000-memory.dmp

      Filesize

      128KB

    • memory/608-288-0x0000020C237B0000-0x0000020C237B2000-memory.dmp

      Filesize

      8KB

    • memory/608-291-0x0000020C239F0000-0x0000020C239F2000-memory.dmp

      Filesize

      8KB

    • memory/608-295-0x0000020C23A10000-0x0000020C23A12000-memory.dmp

      Filesize

      8KB

    • memory/608-300-0x0000020C23B70000-0x0000020C23B72000-memory.dmp

      Filesize

      8KB

    • memory/608-307-0x0000020C23BB0000-0x0000020C23BB2000-memory.dmp

      Filesize

      8KB

    • memory/608-321-0x0000020C23E00000-0x0000020C23E02000-memory.dmp

      Filesize

      8KB

    • memory/608-325-0x0000020C23E40000-0x0000020C23E43000-memory.dmp

      Filesize

      12KB

    • memory/608-333-0x0000020C23E90000-0x0000020C23E92000-memory.dmp

      Filesize

      8KB

    • memory/608-338-0x0000020C23EB0000-0x0000020C23EB2000-memory.dmp

      Filesize

      8KB

    • memory/608-341-0x0000020C240D0000-0x0000020C240D2000-memory.dmp

      Filesize

      8KB

    • memory/608-92-0x0000020C25910000-0x0000020C25912000-memory.dmp

      Filesize

      8KB

    • memory/608-90-0x0000020C24810000-0x0000020C24812000-memory.dmp

      Filesize

      8KB

    • memory/608-86-0x0000020C224F0000-0x0000020C224F2000-memory.dmp

      Filesize

      8KB

    • memory/3328-0-0x000001A9B2020000-0x000001A9B2030000-memory.dmp

      Filesize

      64KB

    • memory/3328-35-0x000001A9B25D0000-0x000001A9B25D2000-memory.dmp

      Filesize

      8KB

    • memory/3328-16-0x000001A9B2880000-0x000001A9B2890000-memory.dmp

      Filesize

      64KB

    We care about your privacy.

    This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.