Resubmissions
05/09/2024, 15:52 UTC
240905-tbbpaavcpc 605/09/2024, 15:49 UTC
240905-s9jbcatfkl 613/07/2024, 12:36 UTC
240713-ps1mhstaje 6Analysis
-
max time kernel
1799s -
max time network
1576s -
platform
windows10-1703_x64 -
resource
win10-20240404-en -
resource tags
arch:x64arch:x86image:win10-20240404-enlocale:en-usos:windows10-1703-x64system -
submitted
13/07/2024, 12:36 UTC
Static task
static1
URLScan task
urlscan1
Behavioral task
behavioral1
Sample
https://drive.google.com/file/d/1lcS3silVTAliDy5z1KBAZU2rb7vUg-AF/view?usp=sharing
Resource
win10-20240404-en
Behavioral task
behavioral2
Sample
https://drive.google.com/file/d/1lcS3silVTAliDy5z1KBAZU2rb7vUg-AF/view?usp=sharing
Resource
android-x64-arm64-20240624-en
General
-
Target
https://drive.google.com/file/d/1lcS3silVTAliDy5z1KBAZU2rb7vUg-AF/view?usp=sharing
Malware Config
Signatures
-
Legitimate hosting services abused for malware hosting/C2 1 TTPs 3 IoCs
flow ioc 1 drive.google.com 2 drive.google.com 3 drive.google.com -
Drops file in Windows directory 4 IoCs
description ioc Process File created C:\Windows\rescache\_merged\3720402701\1568373884.pri MicrosoftEdge.exe File created C:\Windows\rescache\_merged\3720402701\1568373884.pri MicrosoftEdgeCP.exe File created C:\Windows\rescache\_merged\3720402701\1568373884.pri MicrosoftEdgeCP.exe File opened for modification C:\Windows\Debug\ESE.TXT MicrosoftEdge.exe -
description ioc Process Key created \REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000\Software\Microsoft\Internet Explorer\Main browser_broker.exe Key created \REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000\Software\Microsoft\Internet Explorer\Main MicrosoftEdgeCP.exe -
Modifies registry class 64 IoCs
description ioc Process Set value (int) \REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\GPU\DXFeatureLevel = "0" MicrosoftEdge.exe Key created \REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\GPU MicrosoftEdgeCP.exe Set value (int) \REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\002\ACGStatus\ACGPolicyState = "8" MicrosoftEdgeCP.exe Set value (int) \REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\121\Internet Settings\Cache\Content\CacheLimit = "256000" MicrosoftEdgeCP.exe Key created \REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Software\Microsoft\SystemCertificates\CA MicrosoftEdge.exe Set value (str) \REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\GPU\AdapterInfo = "vendorId=\"0x10de\",deviceID=\"0x8c\",subSysID=\"0x0\",revision=\"0x0\",version=\"10.0.15063.0\"hypervisor=\"No Hypervisor (No SLAT)\"" MicrosoftEdgeCP.exe Key created \REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\002\ACGStatus MicrosoftEdgeCP.exe Key created \REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\002\Internet Explorer\EdpDomStorage\Total MicrosoftEdgeCP.exe Set value (int) \REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\002\Internet Explorer\DOMStorage\www.bing.com\ = "132" MicrosoftEdgeCP.exe Key created \REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\GPU MicrosoftEdgeCP.exe Key created \REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\121\CIStatus MicrosoftEdgeCP.exe Set value (data) \REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\FlipAhead\Meta\generator$blogger MicrosoftEdge.exe Key created \REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Software\Microsoft\SystemCertificates\Root\Certificates MicrosoftEdge.exe Set value (int) \REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\BrowserEmulation\CVListDOSTime = "0" MicrosoftEdge.exe Set value (data) \REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\CIStatus\CIStatusTimestamp = 69100d7021d5da01 MicrosoftEdge.exe Set value (int) \REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\GPU\Wow64-DeviceId = "0" MicrosoftEdge.exe Set value (int) \REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\002\Internet Explorer\DOMStorage\bing.com\NumberOfSubdomains = "0" MicrosoftEdgeCP.exe Key created \REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Software\Microsoft\SystemCertificates\CA\Certificates MicrosoftEdge.exe Set value (int) \REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Recovery\Active\{7427D8FF-ADFF-423F-B5FA-0019268BDF91} = "0" MicrosoftEdge.exe Set value (int) \REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\GPU\DeviceId = "0" MicrosoftEdge.exe Set value (int) \REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\BrowserEmulation\CVListXMLVersionHigh = "0" MicrosoftEdge.exe Key created \REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\Main MicrosoftEdgeCP.exe Set value (int) \REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Main\DisallowDefaultBrowserPrompt = "0" MicrosoftEdge.exe Set value (int) \REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\002\Internet Explorer\DOMStorage\Total\ = "701" MicrosoftEdgeCP.exe Set value (data) \REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\TabbedBrowsing\NewTabPage\ProcessingFlag = 30960a7021d5da01 MicrosoftEdge.exe Set value (str) \REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\DomainSuggestion\FileNames\en-US = "en-US.1" MicrosoftEdge.exe Set value (int) \REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\BrowserEmulation\CVListXMLVersionLow = "0" MicrosoftEdge.exe Key created \REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\004\Internet Settings\Cache\Cookies MicrosoftEdgeCP.exe Set value (data) \REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\FlipAhead\Meta\generator$http://www.typepad.com/ MicrosoftEdge.exe Set value (int) \REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Protected - It is a violation of Windows Policy to modify = "1" MicrosoftEdge.exe Set value (int) \REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Recovery\PendingRecovery\Active = "1" MicrosoftEdge.exe Key created \REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\002\Internet Explorer\DOMStorage\Total MicrosoftEdgeCP.exe Set value (str) \REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\004\Internet Settings\Cache\Content\CachePrefix MicrosoftEdgeCP.exe Set value (str) \REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\004\Internet Settings\Cache\Cookies\CachePrefix = "Cookie:" MicrosoftEdgeCP.exe Key created \REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\004\Internet Settings\Cache\History MicrosoftEdgeCP.exe Set value (data) \REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\CIStatus\CIStatusTimestamp = 27c20c7621d5da01 MicrosoftEdge.exe Set value (int) \REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\GPU\Wow64-VersionLow = "0" MicrosoftEdge.exe Set value (data) \REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Protected - It is a violation of Windows Policy to modify = 01000000cbe47d0963dcd30285115bd3ec1d9aebfbf40e87c77b0a4370c339737458b6487355d19e682abebe8b476ec6597b20846b407057349fe0b7ea35 MicrosoftEdge.exe Set value (int) \REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\DomainSuggestion\NextUpdateDate = "427639193" MicrosoftEdge.exe Key created \REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\IETld\LowMic MicrosoftEdge.exe Set value (int) \REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\GPU\Wow64-SubSysId = "0" MicrosoftEdge.exe Key created \REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\004\Internet Settings\Cache MicrosoftEdgeCP.exe Set value (int) \REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\121\Internet Settings\Cache\Cookies\CacheLimit = "1" MicrosoftEdgeCP.exe Set value (int) \REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\121\Internet Settings\Cache\History\CacheLimit = "1" MicrosoftEdgeCP.exe Key created \REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge MicrosoftEdge.exe Set value (data) \REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\FlipAhead\Meta\generator$vBulletin 3 MicrosoftEdge.exe Key created \REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Software\Microsoft\SystemCertificates\TrustedPeople MicrosoftEdge.exe Key created \REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Software\Microsoft\SystemCertificates\trust\CRLs MicrosoftEdge.exe Key created \REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\BrowserEmulation\LowMic MicrosoftEdge.exe Set value (int) \REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\ACGStatus\ACGPolicyState = "8" MicrosoftEdgeCP.exe Key created \REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\004\Internet Settings\Cache\Extensible Cache MicrosoftEdgeCP.exe Key created \REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Recovery\Active MicrosoftEdge.exe Set value (int) \REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Recovery\PendingRecovery\ReadingStorePending = "1" MicrosoftEdge.exe Key created \REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\002\Internet Explorer\DOMStorage\bing.com MicrosoftEdgeCP.exe Key created \REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Software\Microsoft\SystemCertificates\CA\CTLs MicrosoftEdge.exe Key created \REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\002\Internet Explorer\DomStorageState MicrosoftEdgeCP.exe Key created \REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Software\Microsoft\SystemCertificates\Root\CTLs MicrosoftEdge.exe Key created \REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\004\ACGStatus MicrosoftEdgeCP.exe Key created \REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\HistoryJournalCertificate MicrosoftEdgeCP.exe Key created \REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Software\Microsoft\SystemCertificates\TrustedPeople\CRLs MicrosoftEdge.exe Set value (int) \REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\HistoryJournalCertificate\NextUpdateDate = "427655787" MicrosoftEdge.exe Set value (data) \REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\DataStore\LastCleanup = b4a4406121d5da01 MicrosoftEdge.exe Key created \REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Software\Microsoft\SystemCertificates\CA\CRLs MicrosoftEdge.exe Key created \REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Protected - It is a violation of Windows Policy to modify MicrosoftEdge.exe -
Suspicious behavior: MapViewOfSection 6 IoCs
pid Process 4660 MicrosoftEdgeCP.exe 4660 MicrosoftEdgeCP.exe 4660 MicrosoftEdgeCP.exe 4660 MicrosoftEdgeCP.exe 4660 MicrosoftEdgeCP.exe 4660 MicrosoftEdgeCP.exe -
Suspicious use of AdjustPrivilegeToken 4 IoCs
description pid Process Token: SeDebugPrivilege 1616 MicrosoftEdgeCP.exe Token: SeDebugPrivilege 1616 MicrosoftEdgeCP.exe Token: SeDebugPrivilege 1616 MicrosoftEdgeCP.exe Token: SeDebugPrivilege 1616 MicrosoftEdgeCP.exe -
Suspicious use of SetWindowsHookEx 5 IoCs
pid Process 2196 MicrosoftEdge.exe 4660 MicrosoftEdgeCP.exe 1616 MicrosoftEdgeCP.exe 4660 MicrosoftEdgeCP.exe 1888 MicrosoftEdgeCP.exe -
Suspicious use of WriteProcessMemory 8 IoCs
description pid Process procid_target PID 4660 wrote to memory of 3848 4660 MicrosoftEdgeCP.exe 78 PID 4660 wrote to memory of 3848 4660 MicrosoftEdgeCP.exe 78 PID 4660 wrote to memory of 3848 4660 MicrosoftEdgeCP.exe 78 PID 4660 wrote to memory of 3848 4660 MicrosoftEdgeCP.exe 78 PID 4660 wrote to memory of 3848 4660 MicrosoftEdgeCP.exe 78 PID 4660 wrote to memory of 3848 4660 MicrosoftEdgeCP.exe 78 PID 4660 wrote to memory of 3848 4660 MicrosoftEdgeCP.exe 78 PID 4660 wrote to memory of 3848 4660 MicrosoftEdgeCP.exe 78
Processes
-
C:\Windows\system32\LaunchWinApp.exe"C:\Windows\system32\LaunchWinApp.exe" "https://drive.google.com/file/d/1lcS3silVTAliDy5z1KBAZU2rb7vUg-AF/view?usp=sharing"1⤵PID:4768
-
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe" -ServerName:MicrosoftEdge.AppXdnhjhccw3zf0j06tkg3jtqr00qdm0khc.mca1⤵
- Drops file in Windows directory
- Modifies registry class
- Suspicious use of SetWindowsHookEx
PID:2196
-
C:\Windows\system32\browser_broker.exeC:\Windows\system32\browser_broker.exe -Embedding1⤵
- Modifies Internet Explorer settings
PID:708
-
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca1⤵
- Suspicious behavior: MapViewOfSection
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:4660
-
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca1⤵
- Drops file in Windows directory
- Modifies Internet Explorer settings
- Modifies registry class
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of SetWindowsHookEx
PID:1616
-
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca1⤵
- Drops file in Windows directory
- Modifies registry class
PID:3848
-
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca1⤵
- Modifies registry class
- Suspicious use of SetWindowsHookEx
PID:1888
-
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca1⤵
- Modifies registry class
PID:5848
Network
-
Remote address:8.8.8.8:53Requestdrive.google.comIN AResponsedrive.google.comIN A172.217.16.238
-
GEThttps://drive.google.com/file/d/1lcS3silVTAliDy5z1KBAZU2rb7vUg-AF/view?usp=sharingMicrosoftEdgeCP.exeRemote address:172.217.16.238:443RequestGET /file/d/1lcS3silVTAliDy5z1KBAZU2rb7vUg-AF/view?usp=sharing HTTP/2.0
host: drive.google.com
accept: text/html, application/xhtml+xml, image/jxr, */*
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
accept-encoding: gzip, deflate, br
ResponseHTTP/2.0 200
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-robots-tag: noindex, nofollow, nosnippet
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 13 Jul 2024 12:37:03 GMT
content-encoding: gzip
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-security-policy: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/docs-tt
referrer-policy: origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
server: GSE
set-cookie: NID=515=eA5zcXWzDeEDLJlQ3w6wE9Qan9cgupRtptolkKTDLFPpg52H62_dKi5ee1RhX7YVAKpiEEE-5xelRzb7SckvCQNqNz-8X4QojQYKUMlvldhTfrZWtQBnFfesnFPOfWOmCouMY3_8FGPEqefkLJIZq5QAg2YZalT-pX5htkwZRtM; expires=Sun, 12-Jan-2025 12:37:03 GMT; path=/; domain=.google.com; Secure; HttpOnly
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
-
Remote address:172.217.16.238:443RequestGET /auth_warmup HTTP/2.0
host: drive.google.com
accept: text/html, application/xhtml+xml, image/jxr, */*
referer: https://drive.google.com/
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
accept-encoding: gzip, deflate, br
cookie: NID=515=eA5zcXWzDeEDLJlQ3w6wE9Qan9cgupRtptolkKTDLFPpg52H62_dKi5ee1RhX7YVAKpiEEE-5xelRzb7SckvCQNqNz-8X4QojQYKUMlvldhTfrZWtQBnFfesnFPOfWOmCouMY3_8FGPEqefkLJIZq5QAg2YZalT-pX5htkwZRtM
ResponseHTTP/2.0 200
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 13 Jul 2024 12:37:05 GMT
strict-transport-security: max-age=31536000
cross-origin-opener-policy: same-origin
content-security-policy: script-src 'unsafe-inline' https: http:;object-src 'none';base-uri 'self';report-uri /_/DriveOsidBootstrap/cspreport;worker-src 'self'
content-security-policy: require-trusted-types-for 'script';report-uri /_/DriveOsidBootstrap/cspreport
cross-origin-resource-policy: same-site
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
reporting-endpoints: default="/_/DriveOsidBootstrap/web-reports?context=eJzjktDikmLw05BicEqfwRoCxEsiLrIeSbzIKsTD8fHlyS1sAgsmzW9iVFJNyi-MTynKLEvNKCkpSCzILE4tKkstijcyMDIxMDcw0TMwii8wAAD-wRpn"
server: ESF
content-length: 0
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
-
Remote address:172.217.16.238:443RequestGET /file/d/1lcS3silVTAliDy5z1KBAZU2rb7vUg-AF/view HTTP/2.0
host: drive.google.com
accept: text/html, application/xhtml+xml, image/jxr, */*
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
accept-encoding: gzip, deflate, br
cookie: NID=515=eA5zcXWzDeEDLJlQ3w6wE9Qan9cgupRtptolkKTDLFPpg52H62_dKi5ee1RhX7YVAKpiEEE-5xelRzb7SckvCQNqNz-8X4QojQYKUMlvldhTfrZWtQBnFfesnFPOfWOmCouMY3_8FGPEqefkLJIZq5QAg2YZalT-pX5htkwZRtM; OGPC=19010599-1:
ResponseHTTP/2.0 200
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-robots-tag: noindex, nofollow, nosnippet
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 13 Jul 2024 12:37:21 GMT
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/docs-tt
referrer-policy: origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
-
Remote address:172.217.16.238:443RequestGET /auth_warmup HTTP/2.0
host: drive.google.com
accept: text/html, application/xhtml+xml, image/jxr, */*
referer: https://drive.google.com/
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
accept-encoding: gzip, deflate, br
cookie: NID=515=eA5zcXWzDeEDLJlQ3w6wE9Qan9cgupRtptolkKTDLFPpg52H62_dKi5ee1RhX7YVAKpiEEE-5xelRzb7SckvCQNqNz-8X4QojQYKUMlvldhTfrZWtQBnFfesnFPOfWOmCouMY3_8FGPEqefkLJIZq5QAg2YZalT-pX5htkwZRtM; OGPC=19010599-1:
ResponseHTTP/2.0 200
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 13 Jul 2024 12:37:22 GMT
strict-transport-security: max-age=31536000
cross-origin-opener-policy: same-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-security-policy: require-trusted-types-for 'script';report-uri /_/DriveOsidBootstrap/cspreport
content-security-policy: script-src 'unsafe-inline' https: http:;object-src 'none';base-uri 'self';report-uri /_/DriveOsidBootstrap/cspreport;worker-src 'self'
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-resource-policy: same-site
reporting-endpoints: default="/_/DriveOsidBootstrap/web-reports?context=eJzjktDikmLw05BicEqfwRoCxEsiLrIeSbzIKsTD0fTq5BY2gRvnGyYzKakm5RfGpxRllqVmlJQUJBZkFqcWlaUWxRsZGJkYmBuY6BkYxRcYAAD67hph"
server: ESF
content-length: 0
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
-
Remote address:172.217.16.238:443RequestGET /file/d/1lcS3silVTAliDy5z1KBAZU2rb7vUg-AF/view HTTP/2.0
host: drive.google.com
accept: text/html, application/xhtml+xml, image/jxr, */*
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
accept-encoding: gzip, deflate, br
cookie: NID=515=eA5zcXWzDeEDLJlQ3w6wE9Qan9cgupRtptolkKTDLFPpg52H62_dKi5ee1RhX7YVAKpiEEE-5xelRzb7SckvCQNqNz-8X4QojQYKUMlvldhTfrZWtQBnFfesnFPOfWOmCouMY3_8FGPEqefkLJIZq5QAg2YZalT-pX5htkwZRtM; OGPC=19010599-2:
ResponseHTTP/2.0 200
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-robots-tag: noindex, nofollow, nosnippet
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 13 Jul 2024 12:37:37 GMT
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/docs-tt
referrer-policy: origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
-
Remote address:172.217.16.238:443RequestGET /auth_warmup HTTP/2.0
host: drive.google.com
accept: text/html, application/xhtml+xml, image/jxr, */*
referer: https://drive.google.com/
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
accept-encoding: gzip, deflate, br
cookie: NID=515=eA5zcXWzDeEDLJlQ3w6wE9Qan9cgupRtptolkKTDLFPpg52H62_dKi5ee1RhX7YVAKpiEEE-5xelRzb7SckvCQNqNz-8X4QojQYKUMlvldhTfrZWtQBnFfesnFPOfWOmCouMY3_8FGPEqefkLJIZq5QAg2YZalT-pX5htkwZRtM; OGPC=19010599-2:
ResponseHTTP/2.0 200
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 13 Jul 2024 12:37:38 GMT
strict-transport-security: max-age=31536000
cross-origin-opener-policy: same-origin
content-security-policy: script-src 'unsafe-inline' https: http:;object-src 'none';base-uri 'self';report-uri /_/DriveOsidBootstrap/cspreport;worker-src 'self'
content-security-policy: require-trusted-types-for 'script';report-uri /_/DriveOsidBootstrap/cspreport
cross-origin-resource-policy: same-site
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
reporting-endpoints: default="/_/DriveOsidBootstrap/web-reports?context=eJzjktDikmLw05BicEqfwRoCxEsiLrIeSbzIKsTNMenVyS1sAg8OH4pRUk3KL4xPKcosS80oKSlILMgsTi0qSy2KNzIwMjEwNzDRMzCKLzAAAPGKGnU"
server: ESF
content-length: 0
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
-
Remote address:8.8.8.8:53Request238.16.217.172.in-addr.arpaIN PTRResponse238.16.217.172.in-addr.arpaIN PTRlhr48s28-in-f141e100net238.16.217.172.in-addr.arpaIN PTRmad08s04-in-f14�I
-
Remote address:8.8.8.8:53Request172.214.232.199.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Requestc.pki.googIN AResponsec.pki.googIN CNAMEpki-goog.l.google.compki-goog.l.google.comIN A216.58.201.99
-
Remote address:216.58.201.99:80RequestGET /r/r1.crl HTTP/1.1
Connection: Keep-Alive
Accept: */*
User-Agent: Microsoft-CryptoAPI/10.0
Host: c.pki.goog
ResponseHTTP/1.1 200 OK
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cacerts
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="cacerts"
Report-To: {"group":"cacerts","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cacerts"}]}
Content-Length: 854
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Sat, 13 Jul 2024 12:25:37 GMT
Expires: Sat, 13 Jul 2024 13:15:37 GMT
Cache-Control: public, max-age=3000
Age: 685
Last-Modified: Wed, 01 Nov 2023 07:48:00 GMT
Content-Type: application/pkix-crl
Vary: Accept-Encoding
-
Remote address:8.8.8.8:53Requesto.pki.googIN AResponseo.pki.googIN CNAMEpki-goog.l.google.compki-goog.l.google.comIN A216.58.201.99
-
GEThttp://o.pki.goog/wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQDJocJI3cuzOAqV4KAdwn94MicrosoftEdgeCP.exeRemote address:216.58.201.99:80RequestGET /wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQDJocJI3cuzOAqV4KAdwn94 HTTP/1.1
Connection: Keep-Alive
Accept: */*
User-Agent: Microsoft-CryptoAPI/10.0
Host: o.pki.goog
ResponseHTTP/1.1 200 OK
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
Date: Sat, 13 Jul 2024 11:46:37 GMT
Cache-Control: public, max-age=14400
Content-Type: application/ocsp-response
Age: 3025
-
GEThttp://o.pki.goog/wr2/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEHViWUaptL4MEEkSmq4OScg%3DMicrosoftEdgeCP.exeRemote address:216.58.201.99:80RequestGET /wr2/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEHViWUaptL4MEEkSmq4OScg%3D HTTP/1.1
Connection: Keep-Alive
Accept: */*
User-Agent: Microsoft-CryptoAPI/10.0
Host: o.pki.goog
ResponseHTTP/1.1 200 OK
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
Date: Sat, 13 Jul 2024 12:13:01 GMT
Cache-Control: public, max-age=14400
Content-Type: application/ocsp-response
Age: 1442
-
GEThttp://o.pki.goog/wr2/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEBPKCljAPb1mEswGJPYk28M%3DMicrosoftEdgeCP.exeRemote address:216.58.201.99:80RequestGET /wr2/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEBPKCljAPb1mEswGJPYk28M%3D HTTP/1.1
Connection: Keep-Alive
Accept: */*
User-Agent: Microsoft-CryptoAPI/10.0
Host: o.pki.goog
ResponseHTTP/1.1 200 OK
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
Date: Sat, 13 Jul 2024 12:36:15 GMT
Cache-Control: public, max-age=14400
Content-Type: application/ocsp-response
Age: 49
-
Remote address:8.8.8.8:53Request99.201.58.216.in-addr.arpaIN PTRResponse99.201.58.216.in-addr.arpaIN PTRlhr48s48-in-f31e100net99.201.58.216.in-addr.arpaIN PTRprg03s02-in-f3�G99.201.58.216.in-addr.arpaIN PTRprg03s02-in-f99�G
-
GEThttp://o.pki.goog/wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQC1wDSQwr%2F7UxDebtw0D9JJMicrosoftEdgeCP.exeRemote address:216.58.201.99:80RequestGET /wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQC1wDSQwr%2F7UxDebtw0D9JJ HTTP/1.1
Connection: Keep-Alive
Accept: */*
User-Agent: Microsoft-CryptoAPI/10.0
Host: o.pki.goog
ResponseHTTP/1.1 200 OK
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
Date: Sat, 13 Jul 2024 12:00:44 GMT
Cache-Control: public, max-age=14400
Content-Type: application/ocsp-response
Age: 2179
-
GEThttp://o.pki.goog/wr2/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACECgq3UEYFscUCqLPFQqi4C0%3DMicrosoftEdgeCP.exeRemote address:216.58.201.99:80RequestGET /wr2/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACECgq3UEYFscUCqLPFQqi4C0%3D HTTP/1.1
Connection: Keep-Alive
Accept: */*
User-Agent: Microsoft-CryptoAPI/10.0
Host: o.pki.goog
ResponseHTTP/1.1 200 OK
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
Date: Sat, 13 Jul 2024 11:38:39 GMT
Cache-Control: public, max-age=14400
Content-Type: application/ocsp-response
Age: 3506
-
Remote address:8.8.8.8:53Request74.204.58.216.in-addr.arpaIN PTRResponse74.204.58.216.in-addr.arpaIN PTRlhr25s13-in-f101e100net74.204.58.216.in-addr.arpaIN PTRlhr48s49-in-f10�H74.204.58.216.in-addr.arpaIN PTRlhr25s13-in-f74�H
-
Remote address:8.8.8.8:53Requestogs.google.comIN AResponseogs.google.comIN CNAMEwww3.l.google.comwww3.l.google.comIN A172.217.169.46
-
Remote address:8.8.8.8:53Requestogads-pa.googleapis.comIN AResponseogads-pa.googleapis.comIN A142.250.178.10ogads-pa.googleapis.comIN A172.217.16.234ogads-pa.googleapis.comIN A142.250.200.10ogads-pa.googleapis.comIN A142.250.179.234ogads-pa.googleapis.comIN A142.250.180.10ogads-pa.googleapis.comIN A142.250.200.42ogads-pa.googleapis.comIN A142.250.187.234ogads-pa.googleapis.comIN A142.250.187.202ogads-pa.googleapis.comIN A172.217.169.74ogads-pa.googleapis.comIN A216.58.201.106ogads-pa.googleapis.comIN A216.58.204.74ogads-pa.googleapis.comIN A216.58.212.202
-
Remote address:8.8.8.8:53Requestapis.google.comIN AResponseapis.google.comIN CNAMEplus.l.google.complus.l.google.comIN A142.250.187.238
-
GEThttps://ogs.google.com/widget/callout?prid=19016402&pgid=19010599&puid=e75463737693f8c9&cce=1&dc=1&origin=https%3A%2F%2Fdrive.google.com&cn=callout&pid=25&spid=25&hl=en-GB&dm=MicrosoftEdgeCP.exeRemote address:172.217.169.46:443RequestGET /widget/callout?prid=19016402&pgid=19010599&puid=e75463737693f8c9&cce=1&dc=1&origin=https%3A%2F%2Fdrive.google.com&cn=callout&pid=25&spid=25&hl=en-GB&dm= HTTP/2.0
host: ogs.google.com
accept: text/html, application/xhtml+xml, image/jxr, */*
referer: https://drive.google.com/
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
accept-encoding: gzip, deflate, br
cookie: NID=515=eA5zcXWzDeEDLJlQ3w6wE9Qan9cgupRtptolkKTDLFPpg52H62_dKi5ee1RhX7YVAKpiEEE-5xelRzb7SckvCQNqNz-8X4QojQYKUMlvldhTfrZWtQBnFfesnFPOfWOmCouMY3_8FGPEqefkLJIZq5QAg2YZalT-pX5htkwZRtM
ResponseHTTP/2.0 200
x-frame-options: ALLOW-FROM https://drive.google.com
content-security-policy: frame-ancestors https://drive.google.com
content-security-policy: script-src 'unsafe-inline' https: http:;object-src 'none';base-uri 'self';report-uri /_/OneGoogleWidgetUi/cspreport;worker-src 'self'
content-security-policy: require-trusted-types-for 'script';report-uri /_/OneGoogleWidgetUi/cspreport
x-ua-compatible: IE=edge
expires: Sat, 13 Jul 2024 12:37:04 GMT
date: Sat, 13 Jul 2024 12:37:04 GMT
cache-control: private, max-age=3600
strict-transport-security: max-age=31536000
cross-origin-opener-policy: same-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-embedder-policy-report-only: require-corp; report-to="CoepOneGoogleWidgetUi"
report-to: {"group":"CoepOneGoogleWidgetUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/OneGoogleWidgetUi"}]}
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-resource-policy: same-site
reporting-endpoints: default="/_/OneGoogleWidgetUi/web-reports?context=eJzjstHikmLw05BiKFj5gkni60smDSB2Sp_BGgTEPvUzWGOAuPXmOdapQJz07zxrERAvibjIeijxIqsQD8eHlye3sAn8WLmvmVlJLSm_MD4_LzU9Pz89JzWjpKSgOLWoLLUo3sjAyMTA3MBcz8A4vsAAAGmALVQ"
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
-
GEThttps://ogs.google.com/widget/callout?prid=19016402&pgid=19010599&puid=e75463737693f8c9&cce=1&dc=1&origin=https%3A%2F%2Fdrive.google.com&cn=callout&pid=25&spid=25&hl=en-GB&dm=MicrosoftEdgeCP.exeRemote address:172.217.169.46:443RequestGET /widget/callout?prid=19016402&pgid=19010599&puid=e75463737693f8c9&cce=1&dc=1&origin=https%3A%2F%2Fdrive.google.com&cn=callout&pid=25&spid=25&hl=en-GB&dm= HTTP/2.0
host: ogs.google.com
accept: text/html, application/xhtml+xml, image/jxr, */*
referer: https://drive.google.com/
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
accept-encoding: gzip, deflate, br
cookie: NID=515=eA5zcXWzDeEDLJlQ3w6wE9Qan9cgupRtptolkKTDLFPpg52H62_dKi5ee1RhX7YVAKpiEEE-5xelRzb7SckvCQNqNz-8X4QojQYKUMlvldhTfrZWtQBnFfesnFPOfWOmCouMY3_8FGPEqefkLJIZq5QAg2YZalT-pX5htkwZRtM; OGPC=19010599-2:; OTZ=7642837_56_56__56_
ResponseHTTP/2.0 200
x-frame-options: ALLOW-FROM https://drive.google.com
content-security-policy: frame-ancestors https://drive.google.com
content-security-policy: script-src 'unsafe-inline' https: http:;object-src 'none';base-uri 'self';report-uri /_/OneGoogleWidgetUi/cspreport;worker-src 'self'
content-security-policy: require-trusted-types-for 'script';report-uri /_/OneGoogleWidgetUi/cspreport
x-ua-compatible: IE=edge
expires: Sat, 13 Jul 2024 12:37:37 GMT
date: Sat, 13 Jul 2024 12:37:37 GMT
cache-control: private, max-age=3600
strict-transport-security: max-age=31536000
cross-origin-opener-policy: same-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-embedder-policy-report-only: require-corp; report-to="CoepOneGoogleWidgetUi"
report-to: {"group":"CoepOneGoogleWidgetUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/OneGoogleWidgetUi"}]}
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-resource-policy: same-site
reporting-endpoints: default="/_/OneGoogleWidgetUi/web-reports?context=eJzjstHikmLw05BiKFj5gkni60smDSB2Sp_BGgTEPvUzWGOAuPXmOdapQJz07zxrERAvibjIeijxIqsQD8fEVye3sAlM-PzrGZOSWlJ-YXx-Xmp6fn56TmpGSUlBcWpRWWpRvJGBkYmBuYG5noFxfIEBAGteLXY"
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
-
OPTIONShttps://ogads-pa.googleapis.com/$rpc/google.internal.onegoogle.asyncdata.v1.AsyncDataService/GetAsyncDataMicrosoftEdgeCP.exeRemote address:142.250.178.10:443RequestOPTIONS /$rpc/google.internal.onegoogle.asyncdata.v1.AsyncDataService/GetAsyncData HTTP/2.0
host: ogads-pa.googleapis.com
accept: */*
origin: https://drive.google.com
referer: https://drive.google.com/
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
access-control-request-headers: X-Goog-Api-Key, Content-Type, X-User-Agent
access-control-request-method: POST
accept-encoding: gzip, deflate, br
content-length: 0
cache-control: no-cache
ResponseHTTP/2.0 200
vary: origin
vary: referer
vary: x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: X-Goog-Api-Key, Content-Type, X-User-Agent
access-control-max-age: 3600
date: Sat, 13 Jul 2024 12:37:04 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
server-timing: gfet4t7; dur=6
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
-
POSThttps://ogads-pa.googleapis.com/$rpc/google.internal.onegoogle.asyncdata.v1.AsyncDataService/GetAsyncDataMicrosoftEdgeCP.exeRemote address:142.250.178.10:443RequestPOST /$rpc/google.internal.onegoogle.asyncdata.v1.AsyncDataService/GetAsyncData HTTP/2.0
host: ogads-pa.googleapis.com
accept: */*
origin: https://drive.google.com
referer: https://drive.google.com/
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
x-goog-api-key: AIzaSyCbsbvGCe7C9mCtdaTycZB2eUFuzsYKG_E
content-type: application/json+protobuf
x-user-agent: grpc-web-javascript/0.1
accept-encoding: gzip, deflate, br
content-length: 154
cache-control: no-cache
ResponseHTTP/2.0 200
vary: Origin
vary: X-Origin
vary: Referer
content-encoding: gzip
date: Sat, 13 Jul 2024 12:37:04 GMT
server: ESF
cache-control: private
content-length: 30
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://drive.google.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
server-timing: gfet4t7; dur=16
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
-
OPTIONShttps://ogads-pa.googleapis.com/$rpc/google.internal.onegoogle.asyncdata.v1.AsyncDataService/GetAsyncDataMicrosoftEdgeCP.exeRemote address:142.250.178.10:443RequestOPTIONS /$rpc/google.internal.onegoogle.asyncdata.v1.AsyncDataService/GetAsyncData HTTP/2.0
host: ogads-pa.googleapis.com
accept: */*
origin: https://drive.google.com
referer: https://drive.google.com/
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
access-control-request-headers: X-Goog-Api-Key, Content-Type, X-User-Agent
access-control-request-method: POST
accept-encoding: gzip, deflate, br
content-length: 0
cache-control: no-cache
ResponseHTTP/2.0 200
vary: origin
vary: referer
vary: x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: X-Goog-Api-Key, Content-Type, X-User-Agent
access-control-max-age: 3600
date: Sat, 13 Jul 2024 12:37:22 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
server-timing: gfet4t7; dur=8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
-
POSThttps://ogads-pa.googleapis.com/$rpc/google.internal.onegoogle.asyncdata.v1.AsyncDataService/GetAsyncDataMicrosoftEdgeCP.exeRemote address:142.250.178.10:443RequestPOST /$rpc/google.internal.onegoogle.asyncdata.v1.AsyncDataService/GetAsyncData HTTP/2.0
host: ogads-pa.googleapis.com
accept: */*
origin: https://drive.google.com
referer: https://drive.google.com/
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
x-goog-api-key: AIzaSyCbsbvGCe7C9mCtdaTycZB2eUFuzsYKG_E
content-type: application/json+protobuf
x-user-agent: grpc-web-javascript/0.1
accept-encoding: gzip, deflate, br
content-length: 153
cache-control: no-cache
ResponseHTTP/2.0 200
vary: Origin
vary: X-Origin
vary: Referer
content-encoding: gzip
date: Sat, 13 Jul 2024 12:37:22 GMT
server: ESF
cache-control: private
content-length: 30
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://drive.google.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
server-timing: gfet4t7; dur=16
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
-
OPTIONShttps://ogads-pa.googleapis.com/$rpc/google.internal.onegoogle.asyncdata.v1.AsyncDataService/GetAsyncDataMicrosoftEdgeCP.exeRemote address:142.250.178.10:443RequestOPTIONS /$rpc/google.internal.onegoogle.asyncdata.v1.AsyncDataService/GetAsyncData HTTP/2.0
host: ogads-pa.googleapis.com
accept: */*
origin: https://drive.google.com
referer: https://drive.google.com/
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
access-control-request-headers: X-Goog-Api-Key, Content-Type, X-User-Agent
access-control-request-method: POST
accept-encoding: gzip, deflate, br
content-length: 0
cache-control: no-cache
ResponseHTTP/2.0 200
vary: origin
vary: referer
vary: x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: X-Goog-Api-Key, Content-Type, X-User-Agent
access-control-max-age: 3600
date: Sat, 13 Jul 2024 12:37:37 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
server-timing: gfet4t7; dur=6
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
-
POSThttps://ogads-pa.googleapis.com/$rpc/google.internal.onegoogle.asyncdata.v1.AsyncDataService/GetAsyncDataMicrosoftEdgeCP.exeRemote address:142.250.178.10:443RequestPOST /$rpc/google.internal.onegoogle.asyncdata.v1.AsyncDataService/GetAsyncData HTTP/2.0
host: ogads-pa.googleapis.com
accept: */*
origin: https://drive.google.com
referer: https://drive.google.com/
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
x-goog-api-key: AIzaSyCbsbvGCe7C9mCtdaTycZB2eUFuzsYKG_E
content-type: application/json+protobuf
x-user-agent: grpc-web-javascript/0.1
accept-encoding: gzip, deflate, br
content-length: 153
cache-control: no-cache
ResponseHTTP/2.0 200
vary: Origin
vary: X-Origin
vary: Referer
content-encoding: gzip
date: Sat, 13 Jul 2024 12:37:37 GMT
server: ESF
cache-control: private
content-length: 30
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://drive.google.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
server-timing: gfet4t7; dur=17
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
-
GEThttps://apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.iZZZ0XsR8bM.O/m=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/am=AAAQ/rs=AHpOoo_0-97nH_2IxP0suYF105-PdJv4zg/cb=gapi.loaded_0MicrosoftEdgeCP.exeRemote address:142.250.187.238:443RequestGET /_/scs/abc-static/_/js/k=gapi.gapi.en.iZZZ0XsR8bM.O/m=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/am=AAAQ/rs=AHpOoo_0-97nH_2IxP0suYF105-PdJv4zg/cb=gapi.loaded_0 HTTP/2.0
host: apis.google.com
accept: application/javascript, */*;q=0.8
referer: https://drive.google.com/
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
accept-encoding: gzip, deflate, br
cookie: NID=515=eA5zcXWzDeEDLJlQ3w6wE9Qan9cgupRtptolkKTDLFPpg52H62_dKi5ee1RhX7YVAKpiEEE-5xelRzb7SckvCQNqNz-8X4QojQYKUMlvldhTfrZWtQBnFfesnFPOfWOmCouMY3_8FGPEqefkLJIZq5QAg2YZalT-pX5htkwZRtM
ResponseHTTP/2.0 200
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-length: 42359
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 10 Jul 2024 10:19:08 GMT
expires: Thu, 10 Jul 2025 10:19:08 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 06 Jun 2024 15:13:25 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 267476
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
-
GEThttps://apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.iZZZ0XsR8bM.O/m=client/exm=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/am=AAAQ/rs=AHpOoo_0-97nH_2IxP0suYF105-PdJv4zg/cb=gapi.loaded_1MicrosoftEdgeCP.exeRemote address:142.250.187.238:443RequestGET /_/scs/abc-static/_/js/k=gapi.gapi.en.iZZZ0XsR8bM.O/m=client/exm=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/am=AAAQ/rs=AHpOoo_0-97nH_2IxP0suYF105-PdJv4zg/cb=gapi.loaded_1 HTTP/2.0
host: apis.google.com
accept: application/javascript, */*;q=0.8
referer: https://drive.google.com/
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
accept-encoding: gzip, deflate, br
cookie: NID=515=eA5zcXWzDeEDLJlQ3w6wE9Qan9cgupRtptolkKTDLFPpg52H62_dKi5ee1RhX7YVAKpiEEE-5xelRzb7SckvCQNqNz-8X4QojQYKUMlvldhTfrZWtQBnFfesnFPOfWOmCouMY3_8FGPEqefkLJIZq5QAg2YZalT-pX5htkwZRtM
ResponseHTTP/2.0 200
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-length: 71920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 10 Jul 2024 10:19:09 GMT
expires: Thu, 10 Jul 2025 10:19:09 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 06 Jun 2024 15:13:25 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 267476
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
-
GEThttps://apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.iZZZ0XsR8bM.O/m=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/am=AAAQ/rs=AHpOoo_0-97nH_2IxP0suYF105-PdJv4zg/cb=gapi.loaded_0MicrosoftEdgeCP.exeRemote address:142.250.187.238:443RequestGET /_/scs/abc-static/_/js/k=gapi.gapi.en.iZZZ0XsR8bM.O/m=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/am=AAAQ/rs=AHpOoo_0-97nH_2IxP0suYF105-PdJv4zg/cb=gapi.loaded_0 HTTP/2.0
host: apis.google.com
accept: application/javascript, */*;q=0.8
referer: https://drive.google.com/
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
accept-encoding: gzip, deflate, br
if-modified-since: Thu, 06 Jun 2024 15:13:25 GMT
cookie: NID=515=eA5zcXWzDeEDLJlQ3w6wE9Qan9cgupRtptolkKTDLFPpg52H62_dKi5ee1RhX7YVAKpiEEE-5xelRzb7SckvCQNqNz-8X4QojQYKUMlvldhTfrZWtQBnFfesnFPOfWOmCouMY3_8FGPEqefkLJIZq5QAg2YZalT-pX5htkwZRtM; OGPC=19010599-2:
ResponseHTTP/2.0 304
expires: Thu, 10 Jul 2025 10:19:08 GMT
last-modified: Thu, 06 Jun 2024 15:13:25 GMT
cache-control: public, max-age=31536000
vary: Accept-Encoding
age: 267509
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
-
GEThttps://apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.iZZZ0XsR8bM.O/m=client/exm=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/am=AAAQ/rs=AHpOoo_0-97nH_2IxP0suYF105-PdJv4zg/cb=gapi.loaded_1MicrosoftEdgeCP.exeRemote address:142.250.187.238:443RequestGET /_/scs/abc-static/_/js/k=gapi.gapi.en.iZZZ0XsR8bM.O/m=client/exm=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/am=AAAQ/rs=AHpOoo_0-97nH_2IxP0suYF105-PdJv4zg/cb=gapi.loaded_1 HTTP/2.0
host: apis.google.com
accept: application/javascript, */*;q=0.8
referer: https://drive.google.com/
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
accept-encoding: gzip, deflate, br
if-modified-since: Thu, 06 Jun 2024 15:13:25 GMT
cookie: NID=515=eA5zcXWzDeEDLJlQ3w6wE9Qan9cgupRtptolkKTDLFPpg52H62_dKi5ee1RhX7YVAKpiEEE-5xelRzb7SckvCQNqNz-8X4QojQYKUMlvldhTfrZWtQBnFfesnFPOfWOmCouMY3_8FGPEqefkLJIZq5QAg2YZalT-pX5htkwZRtM; OGPC=19010599-2:
ResponseHTTP/2.0 304
expires: Thu, 10 Jul 2025 10:19:09 GMT
last-modified: Thu, 06 Jun 2024 15:13:25 GMT
cache-control: public, max-age=31536000
vary: Accept-Encoding
age: 267509
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
-
Remote address:8.8.8.8:53Requestssl.gstatic.comIN AResponsessl.gstatic.comIN A216.58.204.67
-
Remote address:216.58.204.67:443RequestGET /images/branding/product/1x/drive_2020q4_32dp.png HTTP/2.0
host: ssl.gstatic.com
accept: */*
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
dnt: 1
ResponseHTTP/2.0 200
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 831
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 12 Jul 2024 04:25:56 GMT
expires: Sat, 12 Jul 2025 04:25:56 GMT
cache-control: public, max-age=31536000
age: 115869
last-modified: Fri, 21 Aug 2020 00:15:00 GMT
content-type: image/png
vary: Origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
-
GEThttp://ocsp.pki.goog/gsr1/MFEwTzBNMEswSTAJBgUrDgMCGgUABBS3V7W2nAf4FiMTjpDJKg6%2BMgGqMQQUYHtmGkUNl8qJUC99BM00qP%2F8%2FUsCEHe9DWzbNvka6iEPxPBY0w0%3DMicrosoftEdge.exeRemote address:216.58.201.99:80RequestGET /gsr1/MFEwTzBNMEswSTAJBgUrDgMCGgUABBS3V7W2nAf4FiMTjpDJKg6%2BMgGqMQQUYHtmGkUNl8qJUC99BM00qP%2F8%2FUsCEHe9DWzbNvka6iEPxPBY0w0%3D HTTP/1.1
Connection: Keep-Alive
Accept: */*
User-Agent: Microsoft-CryptoAPI/10.0
Host: ocsp.pki.goog
ResponseHTTP/1.1 200 OK
Content-Length: 1446
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
Date: Sat, 13 Jul 2024 12:16:36 GMT
Cache-Control: public, max-age=14400
Content-Type: application/ocsp-response
Age: 1229
-
Remote address:216.58.201.99:80RequestGET /r/r1.crl HTTP/1.1
Connection: Keep-Alive
Accept: */*
User-Agent: Microsoft-CryptoAPI/10.0
Host: c.pki.goog
ResponseHTTP/1.1 200 OK
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cacerts
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="cacerts"
Report-To: {"group":"cacerts","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cacerts"}]}
Content-Length: 854
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Sat, 13 Jul 2024 12:25:37 GMT
Expires: Sat, 13 Jul 2024 13:15:37 GMT
Cache-Control: public, max-age=3000
Age: 688
Last-Modified: Wed, 01 Nov 2023 07:48:00 GMT
Content-Type: application/pkix-crl
Vary: Accept-Encoding
-
Remote address:8.8.8.8:53Request46.169.217.172.in-addr.arpaIN PTRResponse46.169.217.172.in-addr.arpaIN PTRlhr48s08-in-f141e100net
-
Remote address:8.8.8.8:53Request10.178.250.142.in-addr.arpaIN PTRResponse10.178.250.142.in-addr.arpaIN PTRlhr48s27-in-f101e100net
-
Remote address:8.8.8.8:53Request238.187.250.142.in-addr.arpaIN PTRResponse238.187.250.142.in-addr.arpaIN PTRlhr25s34-in-f141e100net
-
Remote address:8.8.8.8:53Request67.204.58.216.in-addr.arpaIN PTRResponse67.204.58.216.in-addr.arpaIN PTRlhr25s13-in-f671e100net67.204.58.216.in-addr.arpaIN PTRlhr25s13-in-f3�H67.204.58.216.in-addr.arpaIN PTRlhr48s49-in-f3�H
-
Remote address:8.8.8.8:53Requestwww.google.comIN AResponsewww.google.comIN A142.250.180.4
-
GEThttp://o.pki.goog/wr2/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEHViWUaptL4MEEkSmq4OScg%3DMicrosoftEdge.exeRemote address:216.58.201.99:80RequestGET /wr2/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEHViWUaptL4MEEkSmq4OScg%3D HTTP/1.1
Connection: Keep-Alive
Accept: */*
User-Agent: Microsoft-CryptoAPI/10.0
Host: o.pki.goog
ResponseHTTP/1.1 200 OK
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
Date: Sat, 13 Jul 2024 12:13:01 GMT
Cache-Control: public, max-age=14400
Content-Type: application/ocsp-response
Age: 1444
-
Remote address:142.250.180.4:443RequestGET /images/hpp/Chrome_Owned_96x96.png HTTP/2.0
host: www.google.com
accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5
referer: https://ogs.google.com/
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
accept-encoding: gzip, deflate, br
cookie: NID=515=eA5zcXWzDeEDLJlQ3w6wE9Qan9cgupRtptolkKTDLFPpg52H62_dKi5ee1RhX7YVAKpiEEE-5xelRzb7SckvCQNqNz-8X4QojQYKUMlvldhTfrZWtQBnFfesnFPOfWOmCouMY3_8FGPEqefkLJIZq5QAg2YZalT-pX5htkwZRtM
ResponseHTTP/2.0 200
content-type: image/png
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 6177
date: Sat, 13 Jul 2024 12:37:05 GMT
expires: Sat, 13 Jul 2024 12:37:05 GMT
cache-control: private, max-age=31536000
last-modified: Tue, 22 Oct 2019 18:30:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
-
Remote address:142.250.180.4:443RequestGET /images/hpp/Chrome_Owned_96x96.png HTTP/2.0
host: www.google.com
accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5
referer: https://ogs.google.com/
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
accept-encoding: gzip, deflate, br
if-modified-since: Tue, 22 Oct 2019 18:30:00 GMT
cookie: NID=515=eA5zcXWzDeEDLJlQ3w6wE9Qan9cgupRtptolkKTDLFPpg52H62_dKi5ee1RhX7YVAKpiEEE-5xelRzb7SckvCQNqNz-8X4QojQYKUMlvldhTfrZWtQBnFfesnFPOfWOmCouMY3_8FGPEqefkLJIZq5QAg2YZalT-pX5htkwZRtM; OGPC=19010599-2:
ResponseHTTP/2.0 304
date: Sat, 13 Jul 2024 12:37:37 GMT
expires: Sat, 13 Jul 2024 12:37:37 GMT
cache-control: private, max-age=31536000
last-modified: Tue, 22 Oct 2019 18:30:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
-
Remote address:8.8.8.8:53Request4.180.250.142.in-addr.arpaIN PTRResponse4.180.250.142.in-addr.arpaIN PTRlhr25s32-in-f41e100net
-
Remote address:95.101.129.194:443RequestGET /partner/warmup.gif HTTP/2.0
host: www.bing.com
accept: */*
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
accept-encoding: gzip, deflate, br
ResponseHTTP/2.0 200
pragma: no-cache
content-length: 43
content-type: image/gif
expires: -1
x-eventid: 6692750079a647678bbd92bcb325c6c8
useragentreductionoptout: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 538C1EB7C1CE498E9A23FC75282BD50E Ref B: LON04EDGE0714 Ref C: 2024-07-13T12:37:20Z
date: Sat, 13 Jul 2024 12:37:20 GMT
set-cookie: MUID=35E6F3658A6E6307268DE7DE8B49624C; domain=.bing.com; expires=Thu, 07-Aug-2025 12:37:20 GMT; path=/; secure; SameSite=None
set-cookie: MUIDB=35E6F3658A6E6307268DE7DE8B49624C; expires=Thu, 07-Aug-2025 12:37:20 GMT; path=/; HttpOnly
set-cookie: _EDGE_S=F=1&SID=1D0C0C1ADDC361A6197E18A1DCE460C2; domain=.bing.com; path=/; HttpOnly
set-cookie: _EDGE_V=1; domain=.bing.com; expires=Thu, 07-Aug-2025 12:37:20 GMT; path=/; HttpOnly
alt-svc: h3=":443"; ma=93600
x-cdn-traceid: 0.be81655f.1720874240.5bdaa779
-
Remote address:95.101.129.194:443RequestGET /AS/API/IEOneBox/V2/Init?setlang=en-US HTTP/2.0
host: www.bing.com
accept: text/html, application/xhtml+xml, image/jxr, */*
accept-language: en-US
x-device-enableregulatorypsm: 0
x-device-enablecpsm: 0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; ServiceUI 9) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
accept-encoding: gzip, deflate, br
ResponseHTTP/2.0 200
content-type: text/html; charset=utf-8
cache-control: private
content-encoding: gzip
vary: Accept-Encoding
x-eventid: 669275004b1549a7aa08f48541ce1255
useragentreductionoptout: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
p3p: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
x-ua-compatible: IE=edge
date: Sat, 13 Jul 2024 12:37:20 GMT
set-cookie: MUID=1453BD4F2F7864720A24A9F42E5C6508; domain=.bing.com; expires=Thu, 07-Aug-2025 12:37:20 GMT; path=/; secure; SameSite=None
set-cookie: MUIDB=1453BD4F2F7864720A24A9F42E5C6508; expires=Thu, 07-Aug-2025 12:37:20 GMT; path=/; HttpOnly
set-cookie: _EDGE_S=F=1&SID=1AE78FB331536C680F099B0830776DFB; domain=.bing.com; path=/; HttpOnly
set-cookie: _EDGE_V=1; domain=.bing.com; expires=Thu, 07-Aug-2025 12:37:20 GMT; path=/; HttpOnly
set-cookie: SRCHD=AF=NOFORM; domain=.bing.com; expires=Thu, 07-Aug-2025 12:37:20 GMT; path=/
set-cookie: SRCHUID=V=2&GUID=842C88B634C14B8DAD6897E2F2778125&dmnchg=1; domain=.bing.com; expires=Thu, 07-Aug-2025 12:37:20 GMT; path=/
set-cookie: SRCHUSR=DOB=20240713; domain=.bing.com; expires=Thu, 07-Aug-2025 12:37:20 GMT; path=/
set-cookie: SRCHHPGUSR=SRCHLANG=en; domain=.bing.com; expires=Thu, 07-Aug-2025 12:37:20 GMT; path=/
set-cookie: _SS=SID=1AE78FB331536C680F099B0830776DFB; domain=.bing.com; path=/
alt-svc: h3=":443"; ma=93600
x-cdn-traceid: 0.be81655f.1720874240.5bdaaf64
-
GEThttps://www.bing.com/rb/19/cir3,ortl,cc,nc/CURp3kyiJ3q2QPJQD9GNCSYEwOg.css?bu=C9gIigOJBLIJmQiDCLgGWFinBLAEMicrosoftEdgeCP.exeRemote address:95.101.129.194:443RequestGET /rb/19/cir3,ortl,cc,nc/CURp3kyiJ3q2QPJQD9GNCSYEwOg.css?bu=C9gIigOJBLIJmQiDCLgGWFinBLAE HTTP/2.0
host: www.bing.com
accept: text/css, */*
referer: https://www.bing.com/AS/API/IEOneBox/V2/Init?setlang=en-US
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; ServiceUI 9) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
accept-encoding: gzip, deflate, br
cookie: MUID=1453BD4F2F7864720A24A9F42E5C6508; _EDGE_S=F=1&SID=1AE78FB331536C680F099B0830776DFB; _EDGE_V=1; SRCHD=AF=NOFORM; SRCHUID=V=2&GUID=842C88B634C14B8DAD6897E2F2778125&dmnchg=1; SRCHUSR=DOB=20240713; SRCHHPGUSR=SRCHLANG=en; _SS=SID=1AE78FB331536C680F099B0830776DFB; MUIDB=1453BD4F2F7864720A24A9F42E5C6508
ResponseHTTP/2.0 200
content-type: text/css; charset=utf-8
access-control-allow-headers: *
access-control-allow-origin: *
cache-control: public, max-age=432000
content-encoding: br
last-modified: Thu, 28 Oct 2010 04:13:30 GMT
vary: Accept-Encoding
x-eventid: 668ccaa0def0465985cb24e38d01fb16
useragentreductionoptout: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.75}
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingrms"}]}
date: Sat, 13 Jul 2024 12:37:20 GMT
alt-svc: h3=":443"; ma=93600
x-cdn-traceid: 0.be81655f.1720874240.5bdab239
-
GEThttps://www.bing.com/rb/19/cir3,ortl,cc,nc/0WZIXiT2IZFlCIs25VMUQk4O_uU.css?bu=BrkCPqICS1i-AgMicrosoftEdgeCP.exeRemote address:95.101.129.194:443RequestGET /rb/19/cir3,ortl,cc,nc/0WZIXiT2IZFlCIs25VMUQk4O_uU.css?bu=BrkCPqICS1i-Ag HTTP/2.0
host: www.bing.com
accept: text/css, */*
referer: https://www.bing.com/AS/API/IEOneBox/V2/Init?setlang=en-US
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; ServiceUI 9) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
accept-encoding: gzip, deflate, br
cookie: MUID=1453BD4F2F7864720A24A9F42E5C6508; _EDGE_S=F=1&SID=1AE78FB331536C680F099B0830776DFB; _EDGE_V=1; SRCHD=AF=NOFORM; SRCHUID=V=2&GUID=842C88B634C14B8DAD6897E2F2778125&dmnchg=1; SRCHUSR=DOB=20240713; SRCHHPGUSR=SRCHLANG=en; _SS=SID=1AE78FB331536C680F099B0830776DFB; MUIDB=1453BD4F2F7864720A24A9F42E5C6508
ResponseHTTP/2.0 200
content-type: application/x-javascript; charset=utf-8
access-control-allow-headers: *
access-control-allow-origin: *
cache-control: public, max-age=432000
content-encoding: br
last-modified: Thu, 04 Jul 2024 13:14:32 GMT
vary: Accept-Encoding
x-eventid: 668c899dada94838bae32bad9e82ce79
useragentreductionoptout: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.75}
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingrms"}]}
date: Sat, 13 Jul 2024 12:37:20 GMT
alt-svc: h3=":443"; ma=93600
x-cdn-traceid: 0.be81655f.1720874240.5bdab23a
-
GEThttps://www.bing.com/rb/3E/ortl,cc,nc/4-xJy3tX6bM2BGl5zKioiEcQ1TU.css?bu=A4gCjAKPAgMicrosoftEdgeCP.exeRemote address:95.101.129.194:443RequestGET /rb/3E/ortl,cc,nc/4-xJy3tX6bM2BGl5zKioiEcQ1TU.css?bu=A4gCjAKPAg HTTP/2.0
host: www.bing.com
accept: text/css, */*
referer: https://www.bing.com/AS/API/IEOneBox/V2/Init?setlang=en-US
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; ServiceUI 9) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
accept-encoding: gzip, deflate, br
cookie: MUID=1453BD4F2F7864720A24A9F42E5C6508; _EDGE_S=F=1&SID=1AE78FB331536C680F099B0830776DFB; _EDGE_V=1; SRCHD=AF=NOFORM; SRCHUID=V=2&GUID=842C88B634C14B8DAD6897E2F2778125&dmnchg=1; SRCHUSR=DOB=20240713; SRCHHPGUSR=SRCHLANG=en; _SS=SID=1AE78FB331536C680F099B0830776DFB; MUIDB=1453BD4F2F7864720A24A9F42E5C6508
ResponseHTTP/2.0 200
content-length: 3140
content-type: text/javascript; charset=utf-8
content-encoding: gzip
content-md5: az+rhZn9p058dpqAVhuB8Q==
last-modified: Tue, 16 Jan 2024 20:09:16 GMT
etag: 0x8DC16CF040314FA
x-ms-request-id: 1f1f333f-a01e-00ad-0dcd-9a095f000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
akamai-amd-bc-debug: [a=92.122.211.87,b=265389802,c=c,d=1720849432,h=200,k=1,l=0,n=GB_EN_LONDON,o=20940,r=2,p=3140]
date: Sat, 13 Jul 2024 12:37:20 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=93600
x-cdn-traceid: 0.be81655f.1720874240.5bdab23b
-
GEThttps://www.bing.com/rb/4N/jnc,nj/hvX0ykSrU8C4zxFiqXS8rnDCGiM.js?bu=D4ksyCr8Adgq2ircKt4qgyuQLNgr9ynWEfEr9ye1KwMicrosoftEdgeCP.exeRemote address:95.101.129.194:443RequestGET /rb/4N/jnc,nj/hvX0ykSrU8C4zxFiqXS8rnDCGiM.js?bu=D4ksyCr8Adgq2ircKt4qgyuQLNgr9ynWEfEr9ye1Kw HTTP/2.0
host: www.bing.com
accept: application/javascript, */*;q=0.8
referer: https://www.bing.com/AS/API/IEOneBox/V2/Init?setlang=en-US
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; ServiceUI 9) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
origin: https://www.bing.com
accept-encoding: gzip, deflate, br
ResponseHTTP/2.0 200
cache-control: public, max-age=432000
x-eventid: 668ce931c9da400d9bf73a229399f502
useragentreductionoptout: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
content-length: 4901
content-type: text/css; charset=utf-8
access-control-allow-headers: *
access-control-allow-origin: *
content-encoding: br
vary: Accept-Encoding
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.75}
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingrms"}]}
date: Sat, 13 Jul 2024 12:37:20 GMT
alt-svc: h3=":443"; ma=93600
x-cdn-traceid: 0.be81655f.1720874240.5bdab237
-
Remote address:95.101.129.194:443RequestGET /rp/lZfFRIZsGLf3poBW6xAz2KFILkI.gz.js HTTP/2.0
host: www.bing.com
accept: application/javascript, */*;q=0.8
referer: https://www.bing.com/AS/API/IEOneBox/V2/Init?setlang=en-US
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; ServiceUI 9) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
origin: https://www.bing.com
accept-encoding: gzip, deflate, br
ResponseHTTP/2.0 200
content-type: text/css; charset=utf-8
access-control-allow-headers: *
access-control-allow-origin: *
cache-control: public, max-age=432000
content-encoding: br
last-modified: Wed, 03 Nov 2010 17:43:35 GMT
vary: Accept-Encoding
x-eventid: 6682f8c645164ca596d967f119f9b6ab
useragentreductionoptout: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.75}
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingrms"}]}
date: Sat, 13 Jul 2024 12:37:20 GMT
alt-svc: h3=":443"; ma=93600
x-cdn-traceid: 0.be81655f.1720874240.5bdab238
-
Remote address:95.101.129.194:443RequestGET /rp/6wzJBpbyuAoCS5bfkKiW0Aw2R6o.gz.js HTTP/2.0
host: www.bing.com
accept: application/javascript, */*;q=0.8
referer: https://www.bing.com/AS/API/IEOneBox/V2/Init?setlang=en-US
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; ServiceUI 9) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
origin: https://www.bing.com
accept-encoding: gzip, deflate, br
ResponseHTTP/2.0 200
content-length: 30744
content-type: text/javascript; charset=utf-8
content-encoding: gzip
content-md5: ckQMIJkxhKmvUzx6lypM+w==
last-modified: Mon, 01 May 2023 19:03:00 GMT
etag: 0x8DB4A76AEAF78B0
x-ms-request-id: 58bf1de9-801e-0067-0f8b-26f0ad000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
akamai-amd-bc-debug: [a=2.16.128.15,b=448117318,c=c,d=1720774383,h=200,k=2,l=0,n=GB_EN_LONDON,o=20940,r=2,p=30744]
date: Sat, 13 Jul 2024 12:37:20 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=93600
x-cdn-traceid: 0.be81655f.1720874240.5bdab27b
-
Remote address:95.101.129.194:443RequestGET /rp/DicRs1X5x7sMwnmwcxBuO2kpGeI.gz.js HTTP/2.0
host: www.bing.com
accept: application/javascript, */*;q=0.8
referer: https://www.bing.com/AS/API/IEOneBox/V2/Init?setlang=en-US
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; ServiceUI 9) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
origin: https://www.bing.com
accept-encoding: gzip, deflate, br
ResponseHTTP/2.0 200
etag: 0x8DB4A76C293B96D
cache-control: public, no-transform, max-age=428415
expires: Tue, 16 Jul 2024 13:07:04 GMT
akamai-grn: 0.b2777b5c.1720706809.55a03b6
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
content-length: 3782
content-type: text/javascript; charset=utf-8
content-encoding: gzip
content-md5: KDfeRVwk5HSPaHRNeOVNSA==
x-ms-request-id: 06ea5fbf-501e-0088-6b85-cfe1a5000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
vary: Accept-Encoding
date: Sat, 13 Jul 2024 12:37:20 GMT
alt-svc: h3=":443"; ma=93600
x-cdn-traceid: 0.be81655f.1720874240.5bdab281
-
Remote address:95.101.129.194:443RequestGET /rp/L3qgZ2pA6whKnPPHkQnZ2_d8WVo.gz.js HTTP/2.0
host: www.bing.com
accept: application/javascript, */*;q=0.8
referer: https://www.bing.com/AS/API/IEOneBox/V2/Init?setlang=en-US
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; ServiceUI 9) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
origin: https://www.bing.com
accept-encoding: gzip, deflate, br
ResponseHTTP/2.0 200
content-length: 2740
content-type: text/javascript; charset=utf-8
content-encoding: gzip
content-md5: Iiqeb0LJKqyR2JzDblFzqg==
last-modified: Mon, 01 May 2023 19:02:49 GMT
etag: 0x8DB4A76A84F60BD
x-ms-request-id: 8bd5f29e-a01e-0078-6fc6-a2a754000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
akamai-amd-bc-debug: [a=2.17.209.38,b=63951291,c=c,d=1720845527,h=200,k=1,l=0,n=GB_EN_LONDON,o=20940,r=2,p=2740]
date: Sat, 13 Jul 2024 12:37:20 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=93600
x-cdn-traceid: 0.be81655f.1720874240.5bdab279
-
Remote address:95.101.129.194:443RequestGET /rp/IOwhK4uDW4Sh2EVXk1BBw5OkHPY.gz.js HTTP/2.0
host: www.bing.com
accept: application/javascript, */*;q=0.8
referer: https://www.bing.com/AS/API/IEOneBox/V2/Init?setlang=en-US
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; ServiceUI 9) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
origin: https://www.bing.com
accept-encoding: gzip, deflate, br
ResponseHTTP/2.0 200
etag: 0x8DB4A76AF96D917
cache-control: public, no-transform, max-age=432000
expires: Tue, 16 Jul 2024 15:53:57 GMT
akamai-grn: 0.9e8e7b5c.1720713237.1136a9a
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
content-length: 632
content-type: text/javascript; charset=utf-8
content-encoding: gzip
content-md5: vN/bJ41atswBaXroy1h7EA==
x-ms-request-id: a898c79c-c01e-008a-2035-b25f1d000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
vary: Accept-Encoding
date: Sat, 13 Jul 2024 12:37:20 GMT
alt-svc: h3=":443"; ma=93600
x-cdn-traceid: 0.be81655f.1720874240.5bdab27c
-
Remote address:95.101.129.194:443RequestGET /rp/dcb-PwRbjINh_Wg-9pEP8tD_qO4.gz.js HTTP/2.0
host: www.bing.com
accept: application/javascript, */*;q=0.8
referer: https://www.bing.com/AS/API/IEOneBox/V2/Init?setlang=en-US
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; ServiceUI 9) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
origin: https://www.bing.com
accept-encoding: gzip, deflate, br
ResponseHTTP/2.0 200
etag: 0x8DB4A76B1D1C4D5
cache-control: public, no-transform, max-age=428459
expires: Thu, 18 Jul 2024 02:44:23 GMT
akamai-grn: 0.521a1202.1720842204.a2979d0c
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
content-length: 7056
content-type: text/javascript; charset=utf-8
content-encoding: gzip
content-md5: HULyKB2vmYoLN6zt1rirNQ==
x-ms-request-id: 57b2d03d-f01e-0007-5cb9-b768cf000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
vary: Accept-Encoding
date: Sat, 13 Jul 2024 12:37:20 GMT
alt-svc: h3=":443"; ma=93600
x-cdn-traceid: 0.be81655f.1720874240.5bdab27d
-
Remote address:95.101.129.194:443RequestGET /rp/t4xaeuTBmu-Lp_KEbPyZVrfX8yw.gz.js HTTP/2.0
host: www.bing.com
accept: application/javascript, */*;q=0.8
referer: https://www.bing.com/AS/API/IEOneBox/V2/Init?setlang=en-US
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; ServiceUI 9) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
origin: https://www.bing.com
accept-encoding: gzip, deflate, br
ResponseHTTP/2.0 200
etag: 0x8DB4A76C1F875F8
cache-control: public, no-transform, max-age=431738
expires: Thu, 18 Jul 2024 06:31:07 GMT
akamai-grn: 0.b5777b5c.1720852529.50d940b
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
content-length: 12040
content-type: text/javascript; charset=utf-8
content-encoding: gzip
content-md5: yGKm/4jn78W7vO8Nkej9uA==
x-ms-request-id: 10c998a2-c01e-00b5-2788-c997be000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
akamai-amd-bc-debug: [a=23.72.226.204,b=781171525,c=c,d=1719603494,h=200,k=1,l=8,n=FR_IDF_PARIS,o=20940,r=9,p=12040,j=[[a=10.72.226.221,b=781171525,c=p,d=1719603494,h=200,k=1,l=7,m=0,r=8]]],[a=23.72.226.221,b=548814872,c=p,d=1719603494,h=200,k=1,l=0,n=FR_IDF_PARIS,o=20940,r=1,p=12040]
vary: Accept-Encoding
date: Sat, 13 Jul 2024 12:37:20 GMT
alt-svc: h3=":443"; ma=93600
x-cdn-traceid: 0.be81655f.1720874240.5bdab27f
-
Remote address:95.101.129.194:443RequestGET /rp/7DRnJ-ywpuG7tVaukb2LDibhBUg.gz.js HTTP/2.0
host: www.bing.com
accept: application/javascript, */*;q=0.8
referer: https://www.bing.com/AS/API/IEOneBox/V2/Init?setlang=en-US
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; ServiceUI 9) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
origin: https://www.bing.com
accept-encoding: gzip, deflate, br
ResponseHTTP/2.0 200
etag: 0x8DB4A76AA10009F
cache-control: public, no-transform, max-age=428249
expires: Tue, 16 Jul 2024 15:27:19 GMT
akamai-grn: 0.a0777b5c.1720715390.b0d6810
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
content-length: 13433
content-type: text/javascript; charset=utf-8
content-encoding: gzip
content-md5: 0vIIx74xnsdqiNqpWLtnnQ==
x-ms-request-id: 10bf0ac5-401e-0002-043a-bcba14000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
vary: Accept-Encoding
date: Sat, 13 Jul 2024 12:37:20 GMT
alt-svc: h3=":443"; ma=93600
x-cdn-traceid: 0.be81655f.1720874240.5bdab280
-
Remote address:95.101.129.194:443RequestGET /rp/ss3d0sJoMnwEPabtwPxYd3-17LU.gz.js HTTP/2.0
host: www.bing.com
accept: application/javascript, */*;q=0.8
referer: https://www.bing.com/AS/API/IEOneBox/V2/Init?setlang=en-US
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; ServiceUI 9) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
origin: https://www.bing.com
accept-encoding: gzip, deflate, br
ResponseHTTP/2.0 200
etag: 0x8DB4A76BFB74FD8
cache-control: public, no-transform, max-age=395375
expires: Mon, 15 Jul 2024 10:15:53 GMT
akamai-grn: 0.4eba1302.1720643178.5203b0a0
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
content-length: 56177
content-type: text/javascript; charset=utf-8
content-encoding: gzip
content-md5: nfKKYcA5I3caM/oIeNO/Fg==
x-ms-request-id: ee4ac5f3-701e-0036-477c-cb89dc000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
vary: Accept-Encoding
date: Sat, 13 Jul 2024 12:37:20 GMT
alt-svc: h3=":443"; ma=93600
x-cdn-traceid: 0.be81655f.1720874240.5bdab27e
-
Remote address:95.101.129.194:443RequestGET /manifest/IEOneBox_V2.appcache?setlang=en-US HTTP/2.0
host: www.bing.com
accept: */*
referer: https://www.bing.com/AS/API/IEOneBox/V2/Init?setlang=en-US
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; ServiceUI 9) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
origin: https://www.bing.com
accept-encoding: gzip, deflate, br
cookie: MUID=1453BD4F2F7864720A24A9F42E5C6508; _EDGE_S=F=1&SID=1AE78FB331536C680F099B0830776DFB; _EDGE_V=1; SRCHD=AF=NOFORM; SRCHUID=V=2&GUID=842C88B634C14B8DAD6897E2F2778125&dmnchg=1; SRCHUSR=DOB=20240713; SRCHHPGUSR=SRCHLANG=en; _SS=SID=1AE78FB331536C680F099B0830776DFB&CPID=1720874240338&AC=0&CPH=f8861136; MUIDB=1453BD4F2F7864720A24A9F42E5C6508
ResponseHTTP/2.0 200
content-length: 2618
content-type: text/javascript; charset=utf-8
content-encoding: gzip
content-md5: wMwAXfgJrnRDMLOqAzXt9g==
last-modified: Fri, 28 Jun 2024 23:03:43 GMT
etag: 0x8DC97C68EE2C854
x-ms-request-id: 762ace49-d01e-0010-17ec-c9c1c4000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
akamai-amd-bc-debug: [a=2.16.128.20,b=20709442,c=c,d=1720809059,h=200,k=1,l=17,n=GB_EN_LONDON,o=20940,r=18,p=2618,j=[[a=10.16.128.100,b=20709442,c=p,d=1720809059,h=200,k=1,l=16,m=0,r=17]]],[a=2.16.128.100,b=830933170,c=p,d=1720809059,h=200,k=16,l=0,n=GB_EN_LONDON,o=20940,r=16,p=2618]
date: Sat, 13 Jul 2024 12:37:21 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=93600
x-cdn-traceid: 0.be81655f.1720874241.5bdab84c
-
Remote address:95.101.129.194:443RequestGET /rp/T216orvW6yyZuj72fNrfvtY47FI.gz.js HTTP/2.0
host: www.bing.com
accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5
referer: https://www.bing.com/AS/API/IEOneBox/V2/Init?setlang=en-US
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; ServiceUI 9) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
accept-encoding: gzip, deflate, br
cookie: MUID=1453BD4F2F7864720A24A9F42E5C6508; _EDGE_S=F=1&SID=1AE78FB331536C680F099B0830776DFB; _EDGE_V=1; SRCHD=AF=NOFORM; SRCHUID=V=2&GUID=842C88B634C14B8DAD6897E2F2778125&dmnchg=1; SRCHUSR=DOB=20240713; SRCHHPGUSR=SRCHLANG=en; _SS=SID=1AE78FB331536C680F099B0830776DFB&CPID=1720874240338&AC=0&CPH=f8861136; MUIDB=1453BD4F2F7864720A24A9F42E5C6508
ResponseHTTP/2.0 200
content-length: 197
content-type: text/javascript; charset=utf-8
content-encoding: gzip
content-md5: vDXcSV+KdbhtCq4Z6ChaXg==
last-modified: Mon, 01 May 2023 19:03:17 GMT
etag: 0x8DB4A76B9220C70
x-ms-request-id: 31d59ace-801e-0050-641d-b0c6fc000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
akamai-amd-bc-debug: [a=2.16.128.63,b=670142257,c=c,d=1720770775,h=200,k=2,l=53,n=GB_EN_LONDON,o=20940,r=55,p=197,j=[[a=10.16.128.68,b=670142257,c=p,d=1720770775,h=200,k=1,l=52,m=0,r=53]]],[a=2.16.128.68,b=738814118,c=p,d=1720770775,h=200,k=14,l=17,n=GB_EN_LONDON,o=20940,r=31,p=197,j=[[a=20.209.161.1,b=738814118,c=o,d=1720770775,h=304,k=1,l=12,m=0,r=13,p=0,t=cus]]]
date: Sat, 13 Jul 2024 12:37:21 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=93600
x-cdn-traceid: 0.be81655f.1720874241.5bdab84f
-
Remote address:95.101.129.194:443RequestGET /rp/WAAHGo-kP0xCDM16LGm9-alzHb8.gz.js HTTP/2.0
host: www.bing.com
accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5
referer: https://www.bing.com/AS/API/IEOneBox/V2/Init?setlang=en-US
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; ServiceUI 9) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
accept-encoding: gzip, deflate, br
cookie: MUID=1453BD4F2F7864720A24A9F42E5C6508; _EDGE_S=F=1&SID=1AE78FB331536C680F099B0830776DFB; _EDGE_V=1; SRCHD=AF=NOFORM; SRCHUID=V=2&GUID=842C88B634C14B8DAD6897E2F2778125&dmnchg=1; SRCHUSR=DOB=20240713; SRCHHPGUSR=SRCHLANG=en; _SS=SID=1AE78FB331536C680F099B0830776DFB&CPID=1720874240338&AC=0&CPH=f8861136; MUIDB=1453BD4F2F7864720A24A9F42E5C6508
ResponseHTTP/2.0 200
content-type: text/cache-manifest; charset=utf-8
cache-control: private
content-encoding: gzip
vary: Accept-Encoding
x-eventid: 66927501ead8457db6f5c8c2f027d392
useragentreductionoptout: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
p3p: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
date: Sat, 13 Jul 2024 12:37:21 GMT
set-cookie: SRCHHPGUSR=SRCHLANG=en&IPMH=0fdbc3ff&IPMID=1720874240338; domain=.bing.com; expires=Thu, 07-Aug-2025 12:37:21 GMT; path=/
alt-svc: h3=":443"; ma=93600
x-cdn-traceid: 0.be81655f.1720874241.5bdab825
-
Remote address:95.101.129.194:443RequestPOST /AS/IEOneBox/xls.aspx HTTP/2.0
host: www.bing.com
accept: */*
origin: https://www.bing.com
referer: https://www.bing.com/AS/API/IEOneBox/V2/Init?setlang=en-US
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; ServiceUI 9) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
content-type: text/xml
x-msedge-externalexptype: JointCoord
x-msedge-externalexp: null
accept-encoding: gzip, deflate, br
content-length: 435
cache-control: no-cache
cookie: MUID=1453BD4F2F7864720A24A9F42E5C6508; _EDGE_S=F=1&SID=1AE78FB331536C680F099B0830776DFB; _EDGE_V=1; SRCHD=AF=NOFORM; SRCHUID=V=2&GUID=842C88B634C14B8DAD6897E2F2778125&dmnchg=1; SRCHUSR=DOB=20240713; SRCHHPGUSR=SRCHLANG=en&IPMH=0fdbc3ff&IPMID=1720874240338; _SS=SID=1AE78FB331536C680F099B0830776DFB&CPID=1720874240338&AC=0&CPH=f8861136; MUIDB=1453BD4F2F7864720A24A9F42E5C6508
ResponseHTTP/2.0 404
content-type: text/html; charset=utf-8
cache-control: private
content-encoding: gzip
vary: Accept-Encoding
x-eventid: 66927501cc734500b6740c58926f1e96
useragentreductionoptout: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
p3p: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
x-ua-compatible: IE=edge
date: Sat, 13 Jul 2024 12:37:21 GMT
alt-svc: h3=":443"; ma=93600
x-cdn-traceid: 0.be81655f.1720874241.5bdabbe2
-
Remote address:95.101.129.194:443RequestGET /AS/API/IEOneBox/V2/Init?setlang=en-US HTTP/2.0
host: www.bing.com
accept: */*
referer: https://www.bing.com/AS/API/IEOneBox/V2/Init?setlang=en-US
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; ServiceUI 9) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
accept-encoding: gzip, deflate, br
cookie: MUID=1453BD4F2F7864720A24A9F42E5C6508; _EDGE_S=F=1&SID=1AE78FB331536C680F099B0830776DFB; _EDGE_V=1; SRCHD=AF=NOFORM; SRCHUID=V=2&GUID=842C88B634C14B8DAD6897E2F2778125&dmnchg=1; SRCHUSR=DOB=20240713; SRCHHPGUSR=SRCHLANG=en&IPMH=0fdbc3ff&IPMID=1720874240338; _SS=SID=1AE78FB331536C680F099B0830776DFB&CPID=1720874240338&AC=0&CPH=f8861136; MUIDB=1453BD4F2F7864720A24A9F42E5C6508
ResponseHTTP/2.0 404
content-type: text/html; charset=utf-8
cache-control: private
content-encoding: gzip
vary: Accept-Encoding
x-eventid: 66927501f8344be2b8383ec06647f8c0
useragentreductionoptout: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
p3p: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
x-error-page: 404-custom
date: Sat, 13 Jul 2024 12:37:21 GMT
alt-svc: h3=":443"; ma=93600
x-cdn-traceid: 0.be81655f.1720874241.5bdabbaa
-
GEThttps://www.bing.com/AS/API/IEOneBox/V2/Suggestions?qry=&cc=US&setlang=en-US&cp=0&cvid=a45f80f45d2e4fa684a95f887058d625&ig=3c5d21ccd4b5461b94e2afe30e799bf8MicrosoftEdgeCP.exeRemote address:95.101.129.194:443RequestGET /AS/API/IEOneBox/V2/Suggestions?qry=&cc=US&setlang=en-US&cp=0&cvid=a45f80f45d2e4fa684a95f887058d625&ig=3c5d21ccd4b5461b94e2afe30e799bf8 HTTP/2.0
host: www.bing.com
accept: */*
referer: https://www.bing.com/AS/API/IEOneBox/V2/Init?setlang=en-US
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; ServiceUI 9) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
x-device-isoptin: false
x-search-cortanaavailablecapabilities: SpeechLanguage
x-autosuggest-contentwidth: 296
x-search-rpstoken: NA
authorization: Bearer NA
x-bm-clientfeatures: SmallerAnswers
accept-encoding: gzip, deflate, br
cookie: MUID=1453BD4F2F7864720A24A9F42E5C6508; _EDGE_S=F=1&SID=1AE78FB331536C680F099B0830776DFB; _EDGE_V=1; SRCHD=AF=NOFORM; SRCHUID=V=2&GUID=842C88B634C14B8DAD6897E2F2778125&dmnchg=1; SRCHUSR=DOB=20240713; SRCHHPGUSR=SRCHLANG=en&IPMH=0fdbc3ff&IPMID=1720874240338; _SS=SID=1AE78FB331536C680F099B0830776DFB&CPID=1720874240338&AC=0&CPH=f8861136; MUIDB=1453BD4F2F7864720A24A9F42E5C6508
ResponseHTTP/2.0 200
content-type: application/json; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
expires: -1
pragma: no-cache
vary: Accept-Encoding
x-eventid: 66927501d14747bcbc80998c82e919a9
useragentreductionoptout: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
p3p: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
date: Sat, 13 Jul 2024 12:37:21 GMT
alt-svc: h3=":443"; ma=93600
x-cdn-traceid: 0.be81655f.1720874241.5bdabbe3
-
Remote address:95.101.129.194:443RequestPOST /AS/IEOneBox/xls.aspx HTTP/2.0
host: www.bing.com
accept: */*
origin: https://www.bing.com
referer: https://www.bing.com/AS/API/IEOneBox/V2/Init?setlang=en-US
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; ServiceUI 9) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
content-type: text/xml
x-msedge-externalexptype: JointCoord
x-msedge-externalexp: null
accept-encoding: gzip, deflate, br
content-length: 3110
cache-control: no-cache
cookie: MUID=1453BD4F2F7864720A24A9F42E5C6508; _EDGE_S=F=1&SID=1AE78FB331536C680F099B0830776DFB; _EDGE_V=1; SRCHD=AF=NOFORM; SRCHUID=V=2&GUID=842C88B634C14B8DAD6897E2F2778125&dmnchg=1; SRCHUSR=DOB=20240713; SRCHHPGUSR=SRCHLANG=en&IPMH=0fdbc3ff&IPMID=1720874240338; _SS=SID=1AE78FB331536C680F099B0830776DFB&CPID=1720874240627&AC=0&CPH=f8861136; MUIDB=1453BD4F2F7864720A24A9F42E5C6508
ResponseHTTP/2.0 404
content-type: text/html; charset=utf-8
cache-control: private
content-encoding: gzip
vary: Accept-Encoding
x-eventid: 6692750692d64467998658b2e67f1dbc
useragentreductionoptout: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
p3p: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
x-error-page: 404-custom
date: Sat, 13 Jul 2024 12:37:26 GMT
alt-svc: h3=":443"; ma=93600
x-cdn-traceid: 0.be81655f.1720874246.5bdb3a3f
-
Remote address:95.101.129.194:443RequestPOST /AS/IEOneBox/xls.aspx HTTP/2.0
host: www.bing.com
accept: */*
origin: https://www.bing.com
referer: https://www.bing.com/AS/API/IEOneBox/V2/Init?setlang=en-US
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; ServiceUI 9) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
content-type: text/xml
x-msedge-externalexptype: JointCoord
x-msedge-externalexp: null
accept-encoding: gzip, deflate, br
content-length: 810
cache-control: no-cache
cookie: MUID=1453BD4F2F7864720A24A9F42E5C6508; _EDGE_S=F=1&SID=1AE78FB331536C680F099B0830776DFB; _EDGE_V=1; SRCHD=AF=NOFORM; SRCHUID=V=2&GUID=842C88B634C14B8DAD6897E2F2778125&dmnchg=1; SRCHUSR=DOB=20240713; SRCHHPGUSR=SRCHLANG=en&IPMH=0fdbc3ff&IPMID=1720874240338; _SS=SID=1AE78FB331536C680F099B0830776DFB&CPID=1720874240627&AC=0&CPH=f8861136; MUIDB=1453BD4F2F7864720A24A9F42E5C6508
ResponseHTTP/2.0 404
content-type: text/html; charset=utf-8
cache-control: private
content-encoding: gzip
vary: Accept-Encoding
x-eventid: 6692750761974f02a439cfed01053511
useragentreductionoptout: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
p3p: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
x-error-page: 404-custom
date: Sat, 13 Jul 2024 12:37:27 GMT
alt-svc: h3=":443"; ma=93600
x-cdn-traceid: 0.be81655f.1720874247.5bdb57d6
-
Remote address:95.101.129.194:443RequestPOST /AS/IEOneBox/xls.aspx HTTP/2.0
host: www.bing.com
accept: */*
origin: https://www.bing.com
referer: https://www.bing.com/AS/API/IEOneBox/V2/Init?setlang=en-US
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; ServiceUI 9) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
content-type: text/xml
x-msedge-externalexptype: JointCoord
x-msedge-externalexp: null
accept-encoding: gzip, deflate, br
content-length: 2125
cache-control: no-cache
cookie: MUID=1453BD4F2F7864720A24A9F42E5C6508; _EDGE_S=F=1&SID=1AE78FB331536C680F099B0830776DFB; _EDGE_V=1; SRCHD=AF=NOFORM; SRCHUID=V=2&GUID=842C88B634C14B8DAD6897E2F2778125&dmnchg=1; SRCHUSR=DOB=20240713; SRCHHPGUSR=SRCHLANG=en&IPMH=0fdbc3ff&IPMID=1720874240338; _SS=SID=1AE78FB331536C680F099B0830776DFB&CPID=1720874240627&AC=0&CPH=f8861136; MUIDB=1453BD4F2F7864720A24A9F42E5C6508
ResponseHTTP/2.0 404
content-type: text/html; charset=utf-8
cache-control: private
content-encoding: gzip
vary: Accept-Encoding
x-eventid: 66927508ef4d4507b3d8d56027de4af5
useragentreductionoptout: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
p3p: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
x-error-page: 404-custom
date: Sat, 13 Jul 2024 12:37:28 GMT
alt-svc: h3=":443"; ma=93600
x-cdn-traceid: 0.be81655f.1720874248.5bdb7818
-
Remote address:95.101.129.194:443RequestPOST /AS/IEOneBox/xls.aspx HTTP/2.0
host: www.bing.com
accept: */*
origin: https://www.bing.com
referer: https://www.bing.com/AS/API/IEOneBox/V2/Init?setlang=en-US
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; ServiceUI 9) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
content-type: text/xml
x-msedge-externalexptype: JointCoord
x-msedge-externalexp: null
accept-encoding: gzip, deflate, br
content-length: 399
cache-control: no-cache
cookie: MUID=1453BD4F2F7864720A24A9F42E5C6508; _EDGE_S=F=1&SID=1AE78FB331536C680F099B0830776DFB; _EDGE_V=1; SRCHD=AF=NOFORM; SRCHUID=V=2&GUID=842C88B634C14B8DAD6897E2F2778125&dmnchg=1; SRCHUSR=DOB=20240713; SRCHHPGUSR=SRCHLANG=en&IPMH=0fdbc3ff&IPMID=1720874240338; _SS=SID=1AE78FB331536C680F099B0830776DFB&CPID=1720874240627&AC=0&CPH=f8861136; MUIDB=1453BD4F2F7864720A24A9F42E5C6508
ResponseHTTP/2.0 404
content-type: text/html; charset=utf-8
cache-control: private
content-encoding: gzip
vary: Accept-Encoding
x-eventid: 6692750938504a44bfc8710a30d7a6d0
useragentreductionoptout: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
p3p: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
x-error-page: 404-custom
date: Sat, 13 Jul 2024 12:37:29 GMT
alt-svc: h3=":443"; ma=93600
x-cdn-traceid: 0.be81655f.1720874249.5bdb9446
-
Remote address:95.101.129.194:443RequestPOST /AS/IEOneBox/xls.aspx HTTP/2.0
host: www.bing.com
accept: */*
origin: https://www.bing.com
referer: https://www.bing.com/AS/API/IEOneBox/V2/Init?setlang=en-US
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; ServiceUI 9) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
content-type: text/xml
x-msedge-externalexptype: JointCoord
x-msedge-externalexp: null
accept-encoding: gzip, deflate, br
content-length: 510
cache-control: no-cache
cookie: MUID=1453BD4F2F7864720A24A9F42E5C6508; _EDGE_S=F=1&SID=1AE78FB331536C680F099B0830776DFB; _EDGE_V=1; SRCHD=AF=NOFORM; SRCHUID=V=2&GUID=842C88B634C14B8DAD6897E2F2778125&dmnchg=1; SRCHUSR=DOB=20240713; SRCHHPGUSR=SRCHLANG=en&IPMH=0fdbc3ff&IPMID=1720874240338; _SS=SID=1AE78FB331536C680F099B0830776DFB&CPID=1720874240627&AC=0&CPH=f8861136; MUIDB=1453BD4F2F7864720A24A9F42E5C6508
ResponseHTTP/2.0 404
content-type: text/html; charset=utf-8
cache-control: private
content-encoding: gzip
vary: Accept-Encoding
x-eventid: 6692750a0a9b4a47bc696bd28b8857aa
useragentreductionoptout: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
p3p: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
x-error-page: 404-custom
date: Sat, 13 Jul 2024 12:37:30 GMT
alt-svc: h3=":443"; ma=93600
x-cdn-traceid: 0.be81655f.1720874250.5bdbae78
-
Remote address:95.101.129.194:443RequestPOST /AS/IEOneBox/xls.aspx HTTP/2.0
host: www.bing.com
accept: */*
origin: https://www.bing.com
referer: https://www.bing.com/AS/API/IEOneBox/V2/Init?setlang=en-US
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; ServiceUI 9) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
content-type: text/xml
x-msedge-externalexptype: JointCoord
x-msedge-externalexp: null
accept-encoding: gzip, deflate, br
content-length: 1617
cache-control: no-cache
cookie: MUID=1453BD4F2F7864720A24A9F42E5C6508; _EDGE_S=F=1&SID=1AE78FB331536C680F099B0830776DFB; _EDGE_V=1; SRCHD=AF=NOFORM; SRCHUID=V=2&GUID=842C88B634C14B8DAD6897E2F2778125&dmnchg=1; SRCHUSR=DOB=20240713; SRCHHPGUSR=SRCHLANG=en&IPMH=0fdbc3ff&IPMID=1720874240338; _SS=SID=1AE78FB331536C680F099B0830776DFB&CPID=1720874240627&AC=0&CPH=f8861136; MUIDB=1453BD4F2F7864720A24A9F42E5C6508
ResponseHTTP/2.0 404
content-type: text/html; charset=utf-8
cache-control: private
content-encoding: gzip
vary: Accept-Encoding
x-eventid: 6692750beaff4fd4a29eea75b186f89d
useragentreductionoptout: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
p3p: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
x-error-page: 404-custom
date: Sat, 13 Jul 2024 12:37:31 GMT
alt-svc: h3=":443"; ma=93600
x-cdn-traceid: 0.be81655f.1720874251.5bdbc995
-
Remote address:95.101.129.194:443RequestPOST /AS/IEOneBox/xls.aspx HTTP/2.0
host: www.bing.com
accept: */*
origin: https://www.bing.com
referer: https://www.bing.com/AS/API/IEOneBox/V2/Init?setlang=en-US
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; ServiceUI 9) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
content-type: text/xml
x-msedge-externalexptype: JointCoord
x-msedge-externalexp: null
accept-encoding: gzip, deflate, br
content-length: 590
cache-control: no-cache
cookie: MUID=1453BD4F2F7864720A24A9F42E5C6508; _EDGE_S=F=1&SID=1AE78FB331536C680F099B0830776DFB; _EDGE_V=1; SRCHD=AF=NOFORM; SRCHUID=V=2&GUID=842C88B634C14B8DAD6897E2F2778125&dmnchg=1; SRCHUSR=DOB=20240713; SRCHHPGUSR=SRCHLANG=en&IPMH=0fdbc3ff&IPMID=1720874240338; _SS=SID=1AE78FB331536C680F099B0830776DFB&CPID=1720874240627&AC=0&CPH=f8861136; MUIDB=1453BD4F2F7864720A24A9F42E5C6508
ResponseHTTP/2.0 404
content-type: text/html; charset=utf-8
cache-control: private
content-encoding: gzip
vary: Accept-Encoding
x-eventid: 6692750dafa7442cbc2384c409d14568
useragentreductionoptout: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
p3p: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
x-error-page: 404-custom
date: Sat, 13 Jul 2024 12:37:33 GMT
alt-svc: h3=":443"; ma=93600
x-cdn-traceid: 0.be81655f.1720874253.5bdbe3bb
-
Remote address:95.101.129.194:443RequestPOST /AS/IEOneBox/xls.aspx HTTP/2.0
host: www.bing.com
accept: */*
origin: https://www.bing.com
referer: https://www.bing.com/AS/API/IEOneBox/V2/Init?setlang=en-US
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; ServiceUI 9) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
content-type: text/xml
x-msedge-externalexptype: JointCoord
x-msedge-externalexp: null
accept-encoding: gzip, deflate, br
content-length: 1202
cache-control: no-cache
cookie: MUID=1453BD4F2F7864720A24A9F42E5C6508; _EDGE_S=F=1&SID=1AE78FB331536C680F099B0830776DFB; _EDGE_V=1; SRCHD=AF=NOFORM; SRCHUID=V=2&GUID=842C88B634C14B8DAD6897E2F2778125&dmnchg=1; SRCHUSR=DOB=20240713; SRCHHPGUSR=SRCHLANG=en&IPMH=0fdbc3ff&IPMID=1720874240338; _SS=SID=1AE78FB331536C680F099B0830776DFB&CPID=1720874240627&AC=0&CPH=f8861136; MUIDB=1453BD4F2F7864720A24A9F42E5C6508
ResponseHTTP/2.0 404
content-type: text/html; charset=utf-8
cache-control: private
content-encoding: gzip
vary: Accept-Encoding
x-eventid: 6692750e37d942179937528e2beb5cd2
useragentreductionoptout: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
p3p: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
x-error-page: 404-custom
date: Sat, 13 Jul 2024 12:37:34 GMT
alt-svc: h3=":443"; ma=93600
x-cdn-traceid: 0.be81655f.1720874254.5bdc0e40
-
Remote address:8.8.8.8:53Request194.129.101.95.in-addr.arpaIN PTRResponse194.129.101.95.in-addr.arpaIN PTRa95-101-129-194deploystaticakamaitechnologiescom
-
Remote address:8.8.8.8:53Request172.210.232.199.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Request161.19.199.152.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Requestwww.microsoft.comIN AResponsewww.microsoft.comIN CNAMEwww.microsoft.com-c-3.edgekey.netwww.microsoft.com-c-3.edgekey.netIN CNAMEwww.microsoft.com-c-3.edgekey.net.globalredir.akadns.netwww.microsoft.com-c-3.edgekey.net.globalredir.akadns.netIN CNAMEe13678.dscb.akamaiedge.nete13678.dscb.akamaiedge.netIN A95.100.245.144
-
Remote address:8.8.8.8:53Request200.197.79.204.in-addr.arpaIN PTRResponse200.197.79.204.in-addr.arpaIN PTRa-0001a-msedgenet
-
Remote address:8.8.8.8:53Request57.110.18.2.in-addr.arpaIN PTRResponse57.110.18.2.in-addr.arpaIN PTRa2-18-110-57deploystaticakamaitechnologiescom
-
Remote address:95.101.129.194:443RequestGET /cortanaassist/rules?cc=US&version=6 HTTP/2.0
host: www.bing.com
accept: */*
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
dnt: 1
-
Remote address:8.8.8.8:53Request144.245.100.95.in-addr.arpaIN PTRResponse144.245.100.95.in-addr.arpaIN PTRa95-100-245-144deploystaticakamaitechnologiescom
-
Remote address:8.8.8.8:53Request11.227.111.52.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Request131.72.42.20.in-addr.arpaIN PTRResponse
-
1.4kB 7.4kB 17 13
-
8.1kB 103.3kB 122 117
HTTP Request
GET https://drive.google.com/file/d/1lcS3silVTAliDy5z1KBAZU2rb7vUg-AF/view?usp=sharingHTTP Response
200HTTP Request
GET https://drive.google.com/auth_warmupHTTP Response
200HTTP Request
GET https://drive.google.com/file/d/1lcS3silVTAliDy5z1KBAZU2rb7vUg-AF/viewHTTP Response
200HTTP Request
GET https://drive.google.com/auth_warmupHTTP Response
200HTTP Request
GET https://drive.google.com/file/d/1lcS3silVTAliDy5z1KBAZU2rb7vUg-AF/viewHTTP Response
200HTTP Request
GET https://drive.google.com/auth_warmupHTTP Response
200 -
395 B 1.8kB 6 5
HTTP Request
GET http://c.pki.goog/r/r1.crlHTTP Response
200 -
216.58.201.99:80http://o.pki.goog/wr2/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEBPKCljAPb1mEswGJPYk28M%3DhttpMicrosoftEdgeCP.exe1.2kB 2.4kB 10 6
HTTP Request
GET http://o.pki.goog/wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQDJocJI3cuzOAqV4KAdwn94HTTP Response
200HTTP Request
GET http://o.pki.goog/wr2/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEHViWUaptL4MEEkSmq4OScg%3DHTTP Response
200HTTP Request
GET http://o.pki.goog/wr2/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEBPKCljAPb1mEswGJPYk28M%3DHTTP Response
200 -
216.58.201.99:80http://o.pki.goog/wr2/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACECgq3UEYFscUCqLPFQqi4C0%3DhttpMicrosoftEdgeCP.exe832 B 1.6kB 8 5
HTTP Request
GET http://o.pki.goog/wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQC1wDSQwr%2F7UxDebtw0D9JJHTTP Response
200HTTP Request
GET http://o.pki.goog/wr2/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACECgq3UEYFscUCqLPFQqi4C0%3DHTTP Response
200 -
172.217.169.46:443https://ogs.google.com/widget/callout?prid=19016402&pgid=19010599&puid=e75463737693f8c9&cce=1&dc=1&origin=https%3A%2F%2Fdrive.google.com&cn=callout&pid=25&spid=25&hl=en-GB&dm=tls, http2MicrosoftEdgeCP.exe3.0kB 32.2kB 40 36
HTTP Request
GET https://ogs.google.com/widget/callout?prid=19016402&pgid=19010599&puid=e75463737693f8c9&cce=1&dc=1&origin=https%3A%2F%2Fdrive.google.com&cn=callout&pid=25&spid=25&hl=en-GB&dm=HTTP Response
200HTTP Request
GET https://ogs.google.com/widget/callout?prid=19016402&pgid=19010599&puid=e75463737693f8c9&cce=1&dc=1&origin=https%3A%2F%2Fdrive.google.com&cn=callout&pid=25&spid=25&hl=en-GB&dm=HTTP Response
200 -
1.1kB 7.4kB 16 12
-
1.1kB 5.3kB 15 11
-
142.250.178.10:443https://ogads-pa.googleapis.com/$rpc/google.internal.onegoogle.asyncdata.v1.AsyncDataService/GetAsyncDatatls, http2MicrosoftEdgeCP.exe4.6kB 9.5kB 55 50
HTTP Request
OPTIONS https://ogads-pa.googleapis.com/$rpc/google.internal.onegoogle.asyncdata.v1.AsyncDataService/GetAsyncDataHTTP Response
200HTTP Request
POST https://ogads-pa.googleapis.com/$rpc/google.internal.onegoogle.asyncdata.v1.AsyncDataService/GetAsyncDataHTTP Response
200HTTP Request
OPTIONS https://ogads-pa.googleapis.com/$rpc/google.internal.onegoogle.asyncdata.v1.AsyncDataService/GetAsyncDataHTTP Response
200HTTP Request
POST https://ogads-pa.googleapis.com/$rpc/google.internal.onegoogle.asyncdata.v1.AsyncDataService/GetAsyncDataHTTP Response
200HTTP Request
OPTIONS https://ogads-pa.googleapis.com/$rpc/google.internal.onegoogle.asyncdata.v1.AsyncDataService/GetAsyncDataHTTP Response
200HTTP Request
POST https://ogads-pa.googleapis.com/$rpc/google.internal.onegoogle.asyncdata.v1.AsyncDataService/GetAsyncDataHTTP Response
200 -
1.1kB 4.9kB 14 10
-
142.250.187.238:443https://apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.iZZZ0XsR8bM.O/m=client/exm=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/am=AAAQ/rs=AHpOoo_0-97nH_2IxP0suYF105-PdJv4zg/cb=gapi.loaded_1tls, http2MicrosoftEdgeCP.exe6.7kB 126.7kB 113 108
HTTP Request
GET https://apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.iZZZ0XsR8bM.O/m=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/am=AAAQ/rs=AHpOoo_0-97nH_2IxP0suYF105-PdJv4zg/cb=gapi.loaded_0HTTP Response
200HTTP Request
GET https://apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.iZZZ0XsR8bM.O/m=client/exm=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/am=AAAQ/rs=AHpOoo_0-97nH_2IxP0suYF105-PdJv4zg/cb=gapi.loaded_1HTTP Response
200HTTP Request
GET https://apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.iZZZ0XsR8bM.O/m=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/am=AAAQ/rs=AHpOoo_0-97nH_2IxP0suYF105-PdJv4zg/cb=gapi.loaded_0HTTP Response
304HTTP Request
GET https://apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.iZZZ0XsR8bM.O/m=client/exm=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/am=AAAQ/rs=AHpOoo_0-97nH_2IxP0suYF105-PdJv4zg/cb=gapi.loaded_1HTTP Response
304 -
1.0kB 4.9kB 14 10
-
216.58.204.67:443https://ssl.gstatic.com/images/branding/product/1x/drive_2020q4_32dp.pngtls, http2MicrosoftEdge.exe1.5kB 6.4kB 19 13
HTTP Request
GET https://ssl.gstatic.com/images/branding/product/1x/drive_2020q4_32dp.pngHTTP Response
200 -
216.58.201.99:80http://ocsp.pki.goog/gsr1/MFEwTzBNMEswSTAJBgUrDgMCGgUABBS3V7W2nAf4FiMTjpDJKg6%2BMgGqMQQUYHtmGkUNl8qJUC99BM00qP%2F8%2FUsCEHe9DWzbNvka6iEPxPBY0w0%3DhttpMicrosoftEdge.exe515 B 1.9kB 6 5
HTTP Request
GET http://ocsp.pki.goog/gsr1/MFEwTzBNMEswSTAJBgUrDgMCGgUABBS3V7W2nAf4FiMTjpDJKg6%2BMgGqMQQUYHtmGkUNl8qJUC99BM00qP%2F8%2FUsCEHe9DWzbNvka6iEPxPBY0w0%3DHTTP Response
200 -
395 B 1.8kB 6 5
HTTP Request
GET http://c.pki.goog/r/r1.crlHTTP Response
200 -
216.58.201.99:80http://o.pki.goog/wr2/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEHViWUaptL4MEEkSmq4OScg%3DhttpMicrosoftEdge.exe511 B 884 B 6 4
HTTP Request
GET http://o.pki.goog/wr2/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEHViWUaptL4MEEkSmq4OScg%3DHTTP Response
200 -
142.250.180.4:443https://www.google.com/images/hpp/Chrome_Owned_96x96.pngtls, http2MicrosoftEdgeCP.exe2.4kB 12.4kB 28 24
HTTP Request
GET https://www.google.com/images/hpp/Chrome_Owned_96x96.pngHTTP Response
200HTTP Request
GET https://www.google.com/images/hpp/Chrome_Owned_96x96.pngHTTP Response
304 -
1.1kB 4.8kB 14 10
-
1.5kB 6.0kB 19 17
HTTP Request
GET https://www.bing.com/partner/warmup.gifHTTP Response
200 -
1.2kB 4.9kB 16 15
-
27.1kB 230.6kB 246 227
HTTP Request
GET https://www.bing.com/AS/API/IEOneBox/V2/Init?setlang=en-USHTTP Response
200HTTP Request
GET https://www.bing.com/rb/19/cir3,ortl,cc,nc/CURp3kyiJ3q2QPJQD9GNCSYEwOg.css?bu=C9gIigOJBLIJmQiDCLgGWFinBLAEHTTP Request
GET https://www.bing.com/rb/19/cir3,ortl,cc,nc/0WZIXiT2IZFlCIs25VMUQk4O_uU.css?bu=BrkCPqICS1i-AgHTTP Request
GET https://www.bing.com/rb/3E/ortl,cc,nc/4-xJy3tX6bM2BGl5zKioiEcQ1TU.css?bu=A4gCjAKPAgHTTP Request
GET https://www.bing.com/rb/4N/jnc,nj/hvX0ykSrU8C4zxFiqXS8rnDCGiM.js?bu=D4ksyCr8Adgq2ircKt4qgyuQLNgr9ynWEfEr9ye1KwHTTP Request
GET https://www.bing.com/rp/lZfFRIZsGLf3poBW6xAz2KFILkI.gz.jsHTTP Request
GET https://www.bing.com/rp/6wzJBpbyuAoCS5bfkKiW0Aw2R6o.gz.jsHTTP Request
GET https://www.bing.com/rp/DicRs1X5x7sMwnmwcxBuO2kpGeI.gz.jsHTTP Request
GET https://www.bing.com/rp/L3qgZ2pA6whKnPPHkQnZ2_d8WVo.gz.jsHTTP Request
GET https://www.bing.com/rp/IOwhK4uDW4Sh2EVXk1BBw5OkHPY.gz.jsHTTP Request
GET https://www.bing.com/rp/dcb-PwRbjINh_Wg-9pEP8tD_qO4.gz.jsHTTP Request
GET https://www.bing.com/rp/t4xaeuTBmu-Lp_KEbPyZVrfX8yw.gz.jsHTTP Request
GET https://www.bing.com/rp/7DRnJ-ywpuG7tVaukb2LDibhBUg.gz.jsHTTP Request
GET https://www.bing.com/rp/ss3d0sJoMnwEPabtwPxYd3-17LU.gz.jsHTTP Response
200HTTP Response
200HTTP Response
200HTTP Response
200HTTP Response
200HTTP Response
200HTTP Response
200HTTP Response
200HTTP Response
200HTTP Response
200HTTP Response
200HTTP Response
200HTTP Response
200HTTP Request
GET https://www.bing.com/manifest/IEOneBox_V2.appcache?setlang=en-USHTTP Request
GET https://www.bing.com/rp/T216orvW6yyZuj72fNrfvtY47FI.gz.jsHTTP Request
GET https://www.bing.com/rp/WAAHGo-kP0xCDM16LGm9-alzHb8.gz.jsHTTP Response
200HTTP Response
200HTTP Response
200HTTP Request
POST https://www.bing.com/AS/IEOneBox/xls.aspxHTTP Request
GET https://www.bing.com/AS/API/IEOneBox/V2/Init?setlang=en-USHTTP Request
GET https://www.bing.com/AS/API/IEOneBox/V2/Suggestions?qry=&cc=US&setlang=en-US&cp=0&cvid=a45f80f45d2e4fa684a95f887058d625&ig=3c5d21ccd4b5461b94e2afe30e799bf8HTTP Response
404HTTP Response
404HTTP Response
200HTTP Request
POST https://www.bing.com/AS/IEOneBox/xls.aspxHTTP Response
404HTTP Request
POST https://www.bing.com/AS/IEOneBox/xls.aspxHTTP Response
404HTTP Request
POST https://www.bing.com/AS/IEOneBox/xls.aspxHTTP Response
404HTTP Request
POST https://www.bing.com/AS/IEOneBox/xls.aspxHTTP Response
404HTTP Request
POST https://www.bing.com/AS/IEOneBox/xls.aspxHTTP Response
404HTTP Request
POST https://www.bing.com/AS/IEOneBox/xls.aspxHTTP Response
404HTTP Request
POST https://www.bing.com/AS/IEOneBox/xls.aspxHTTP Response
404HTTP Request
POST https://www.bing.com/AS/IEOneBox/xls.aspxHTTP Response
404 -
1.1kB 4.8kB 14 13
-
1.2kB 8.2kB 15 15
-
1.1kB 4.8kB 14 13
-
95.101.129.194:443https://www.bing.com/cortanaassist/rules?cc=US&version=6tls, http2MicrosoftEdge.exe3.4kB 64.5kB 60 57
HTTP Request
GET https://www.bing.com/cortanaassist/rules?cc=US&version=6 -
46 B 1
-
62 B 78 B 1 1
DNS Request
drive.google.com
DNS Response
172.217.16.238
-
73 B 142 B 1 1
DNS Request
238.16.217.172.in-addr.arpa
-
74 B 128 B 1 1
DNS Request
172.214.232.199.in-addr.arpa
-
56 B 107 B 1 1
DNS Request
c.pki.goog
DNS Response
216.58.201.99
-
56 B 107 B 1 1
DNS Request
o.pki.goog
DNS Response
216.58.201.99
-
72 B 169 B 1 1
DNS Request
99.201.58.216.in-addr.arpa
-
72 B 171 B 1 1
DNS Request
74.204.58.216.in-addr.arpa
-
60 B 97 B 1 1
DNS Request
ogs.google.com
DNS Response
172.217.169.46
-
69 B 261 B 1 1
DNS Request
ogads-pa.googleapis.com
DNS Response
142.250.178.10172.217.16.234142.250.200.10142.250.179.234142.250.180.10142.250.200.42142.250.187.234142.250.187.202172.217.169.74216.58.201.106216.58.204.74216.58.212.202
-
61 B 98 B 1 1
DNS Request
apis.google.com
DNS Response
142.250.187.238
-
61 B 77 B 1 1
DNS Request
ssl.gstatic.com
DNS Response
216.58.204.67
-
73 B 112 B 1 1
DNS Request
46.169.217.172.in-addr.arpa
-
73 B 112 B 1 1
DNS Request
10.178.250.142.in-addr.arpa
-
74 B 113 B 1 1
DNS Request
238.187.250.142.in-addr.arpa
-
72 B 169 B 1 1
DNS Request
67.204.58.216.in-addr.arpa
-
60 B 76 B 1 1
DNS Request
www.google.com
DNS Response
142.250.180.4
-
72 B 110 B 1 1
DNS Request
4.180.250.142.in-addr.arpa
-
73 B 139 B 1 1
DNS Request
194.129.101.95.in-addr.arpa
-
74 B 128 B 1 1
DNS Request
172.210.232.199.in-addr.arpa
-
73 B 144 B 1 1
DNS Request
161.19.199.152.in-addr.arpa
-
63 B 230 B 1 1
DNS Request
www.microsoft.com
DNS Response
95.100.245.144
-
73 B 106 B 1 1
DNS Request
200.197.79.204.in-addr.arpa
-
70 B 133 B 1 1
DNS Request
57.110.18.2.in-addr.arpa
-
73 B 139 B 1 1
DNS Request
144.245.100.95.in-addr.arpa
-
72 B 158 B 1 1
DNS Request
11.227.111.52.in-addr.arpa
-
71 B 157 B 1 1
DNS Request
131.72.42.20.in-addr.arpa
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
74KB
MD5d4fc49dc14f63895d997fa4940f24378
SHA13efb1437a7c5e46034147cbbc8db017c69d02c31
SHA256853d2f4eb81c9fdcea2ee079f6faf98214b111b77cdf68709b38989d123890f1
SHA512cc60d79b4afe5007634ac21dc4bc92081880be4c0d798a1735b63b27e936c02f399964f744dc73711987f01e8a1064b02a4867dd6cac27538e5fbe275cc61e0a
-
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\836QWWK9\KFOlCnqEu92Fr1MmWUlfBBc4[1].woff2
Filesize15KB
MD5037d830416495def72b7881024c14b7b
SHA1619389190b3cafafb5db94113990350acc8a0278
SHA2561d5b7c64458f4af91dcfee0354be47adde1f739b5aded03a7ab6068a1bb6ca97
SHA512c8d2808945a9bf2e6ad36c7749313467ff390f195448c326c4d4d7a4a635a11e2ddf4d0779be2db274f1d1d9d022b1f837294f1e12c9f87e3eac8a95cfd8872f
-
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\836QWWK9\KFOmCnqEu92Fr1Mu4mxK[1].woff2
Filesize14KB
MD55d4aeb4e5f5ef754e307d7ffaef688bd
SHA106db651cdf354c64a7383ea9c77024ef4fb4cef8
SHA2563e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
SHA5127eb7c301df79d35a6a521fae9d3dccc0a695d3480b4d34c7d262dd0c67abec8437ed40e2920625e98aaeafba1d908dec69c3b07494ec7c29307de49e91c2ef48
-
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\836QWWK9\css[1].css
Filesize800B
MD5567b2a9c2ff51e07119f91ab83539d8c
SHA1c9bb920b539877ba8dd54b72461b5ce74e98aad8
SHA256155036a4145981ebfcb13621ed3579dce388b21a9b24d35b398cde98ddef0bee
SHA512d4253d572168cb7260da40174ae184a49bef79828de91397ed0c2cc9702872a512cfbc8c3a038e8b0a0e8766fd83cd94196156f4b823cf211c1719892ec22e8b
-
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\836QWWK9\m=MpJwZc,UUJqVe,sy6,s39S4,syn,pw70Gc[1].js
Filesize6KB
MD5f7cc41e23f4431fe5cd81036f3866191
SHA1f4274641b9e020ba69a3d7118d22ad000703f0ff
SHA2567375c4f82a9c02079a8cff46ed6fa0851528dfe6046316ac3604c5d49246f799
SHA5129e6e4bf1775ce6b2f966f30f2de39f910ef49405102d054eb9971888cceca152d32c6dcfec50c6520073f87c0904044a470f2a62f117530f6e290aac83af8355
-
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\836QWWK9\m=bm51tf[1].js
Filesize1KB
MD5a58539aa41f955500e64828c1e561fea
SHA119de8213e2031dc3405fd488c649c86b79c0d381
SHA256d77fa5c107089d856a824d4979539f76675adc1ed9d41749ab8e2eeddcdb1848
SHA512cb7a9bc0dc878a8b46e53f536559a94f2f74ee851d3e94e7e613eb0ac36fc51c6afd5cd3dc66b90e02ae9b9f6335d111f951660e3fcba8f8a7ccf285b68155c6
-
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\IRG9ZAR4\KFOkCnqEu92Fr1Mu51xIIzI[1].woff2
Filesize16KB
MD5d8bcbe724fd6f4ba44d0ee6a2675890f
SHA1d276fd769bcb675f8efe42ebe3003c1d3255f985
SHA256aa4650a411dfe1c9beb794ffaf08c7909cdfbb05672d79b3a9976672cbba75ec
SHA51223f757ea3afe6febe1e8ea935f0ee8690e1b1b1da511788b529cc2fc38f7e454153cdba6f84a6a0e19b294e5311625a03617cf98aac150f17b88a53f3ed8b72a
-
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\IRG9ZAR4\css2[1].css
Filesize609B
MD5c9416551b401e8ddc4cd642b1348d60c
SHA175d238de4bcef07ec6afd81fa38a91a3a55adc2a
SHA256cb7b5b067f94b97f8e98d0c0d0e2ef2add7725527ad7ea726ff7d6702f1eff9a
SHA512b7b3054284b982026adc743f27da8d89050546049471cba9e380086a56dc01749041e237b932e187b566445bdc380ef3938c4f7932e33a6005344f7ccb14d5c9
-
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\IRG9ZAR4\lazy.min[1].js
Filesize118KB
MD548989d542f51150a3a87a272ada40cff
SHA10d7b19c4626abe902c480e4e7891d9dbdbd4b7a3
SHA256eaa70b79b657e5997b465f24c770db49638dcadac9aebe8ed36c11e219c5c69c
SHA51210b2957c0489ec4d896ae027ae7952687ce0b56101687ad62f230b19219bfa34b05c129983c2c9763cdda9b398137e1a163dfbcade11154738415f83cd623a5c
-
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\IRG9ZAR4\m=RqjULd[1].js
Filesize18KB
MD5641b0e49b459415b43fdb70f297fd24e
SHA18abc7a49fa2386f87e06497c4f9660fb81487845
SHA25618b95011caf08f1e7021c3d8089c10b981601760c97f693d762c4c0ec75ab3be
SHA512ee340ccd86967fc40a9984250740d29b05094664cf155f91c1f94d9a0bf386552213838cbb521d60feb82ffc655cbfd16a2a91708cfda48c96728b40cfbe9f25
-
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\IRG9ZAR4\m=_b,_tp[1].js
Filesize184KB
MD5c4b4310e6e9da7a4d80249ba89921b5e
SHA1cbe58c50c390ffe7af986e5ea68f0e74db028591
SHA2561ef082fd3fd33d421d9196d21cc26a14769cbe8705c31964938277af11a847f9
SHA51243120a3e5384f67a1f81015fe5de9c79dc9818cfa6777985cf6a3fe2f0422aa056485fbef32b25a567065232535264b54cd40e9083d1fa4975f4e92904a9868b
-
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\IRG9ZAR4\m=v,wb[1].js
Filesize1.7MB
MD547db1ee4e315f43945b17394c537a344
SHA1f00c803f0ba179d38af5ded0564ced44f30616d4
SHA2563178a22c4e87243ffee7f19d52770540f9d920b3450d3c43f31804bbf99f1064
SHA5128886bc75cca043353f2dfce3cf3896d5c3d7299c6ed9f00a844e51f4dbfb0075b8d2993828bbeb08b9598f924bdc51376cf8fb66b76675f103f75ec9f15a006e
-
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\WJ79JOJ6\06KGOAW2.js
Filesize248KB
MD5798710e792077e28736d2fd9e9caf2da
SHA1c69d2d431f4dd11219f9cc75acc9ae389b53ee91
SHA2563765ad455bece4411f9dd9448c968d5c817992a14bf0c24c1e8468da93fb728e
SHA5129a85cfe383c44d9de2eacffbd1cdb30b189e75a98e3fc2d2c6041c39fe6f6e29b27864901c1b9e623f7240bc72f91d79f3affdd8de5307430087e0225ef824c1
-
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\WJ79JOJ6\callout[1].htm
Filesize31KB
MD561ba12be81819bc60f1d99d5781d6a30
SHA1780183482d6c1315f48f9b77d82ea13c7edfa6b6
SHA256eb73ed4f945310bee831f6d59138171582047af4f1dd9982c7108f30a7e1a51e
SHA512b094ea806582a3875572c86e4a8b5cb41c5259e35c1e456c4d1f1c4199b8e56a576e694d27d37d150eff66f9f1ad97cfecfe48f4c94652a90464f7932c2de56d
-
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\WJ79JOJ6\cb=gapi[1].js
Filesize122KB
MD5c8f70ecf911eb38bf7baa1157d661e30
SHA182dce89c697c1dae3290764a2c3a36bd83ed2756
SHA2569f661df876d6cdd9b5a68ca4b4523ffb2d53c291cfa521c0b9b3ca64c1637210
SHA512e5eb7eb530f6584435a0c74da78a1acebf96554c9989c39cc22d09029d6ff0cf3193c53e3dd658bbc0264b2b00a40c6be1874521dcd120c9ee181e2075dffe84
-
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\WJ79JOJ6\rs=AA2YrTuab1saMfPg0iiAR9TwFTm87PY2ug[1].css
Filesize2KB
MD53c858584931dfde71af9afbaad898d3b
SHA156a2e336ac0dbd7c842b882ea3fc1e9162e3a729
SHA256d18929a68760eca65d614eeaad306a3fdf3262a47e0836e01062d3ceca027e52
SHA5127305a38ddeb60e08d206dc9101d981cc3f139455d67c930db6258773201cc3340703e6a0a2e85d8e32ed623d34bb4abac02e9694a32f952e17b50e88b0019ea5
-
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\WJ79JOJ6\rs=AA2YrTvDBln1pR0UoOkMQQVWxWs0xeKWyw[1].js
Filesize226KB
MD567a30532bb9f06a5cf2eb989103a8237
SHA175e9da0305b5fdf6a5f87085a3eb8aef935050f9
SHA25600e074d7e7471c1e182512356ee7dd03755e9f5d4e4aada3f7816afc46d94e04
SHA5128f476a80178fcc5cb0be565dc8c02577357087bdf803cd760b24952fa013c713ffea3d75a3e4d7834d238deb3b5389e623744534583246e26adb1f761ac82bee
-
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\WWQI7LX5\KFOlCnqEu92Fr1MmEU9fBBc4[1].woff2
Filesize15KB
MD5285467176f7fe6bb6a9c6873b3dad2cc
SHA1ea04e4ff5142ddd69307c183def721a160e0a64e
SHA2565a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
SHA5125f9bb763406ea8ce978ec675bd51a0263e9547021ea71188dbd62f0212eb00c1421b750d3b94550b50425bebff5f881c41299f6a33bbfa12fb1ff18c12bc7ff1
-
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\WWQI7LX5\KFOlCnqEu92Fr1MmSU5fBBc4[1].woff2
Filesize15KB
MD555536c8e9e9a532651e3cf374f290ea3
SHA1ff3a9b8ae317896cbbcbadfbe615d671bd1d32a2
SHA256eca8ffa764a66cd084800e2e71c4176ef089ebd805515664a6cb8d4fb3b598bf
SHA5121346654c8293a2f38dd425ad44a2aa0ed2feab224388ab4e38fb99082769bbd14d67d74cac3ce6e39a562a0812f9bce0a623be233f9632dcb8d5d358e42f2186
-
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\WWQI7LX5\cb=gapi[1].js
Filesize204KB
MD53a82a498dddba2d7f6ffae8e61f6270c
SHA1c04dec610fbefad4ffd41c2d72bc084115ac6230
SHA256c02f7cf91aa3bb01ac3f3dc1ade67747c2df91f330f9aea81f6529162cdbcbcc
SHA512316567310a1704d9e47e570bd519106ce625f9e70e99432101be3552f60700f5a1ae5786c3afe1eca729f55c1aa584b70137ea6c6066dd330b9b929946d16713
-
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\WWQI7LX5\m=Wt6vjf,hhhU8,FCpbqb,ws9Tlc,WhJNk[1].js
Filesize15KB
MD54f612c1958c18e3a3fcfbefa38d0127a
SHA1d61bded82248cc5c7f63ef93abfc181e1000077e
SHA2563db6c98bf823b59c96e02ef5b8851f15f3b7cf54e3c020d0787abdf067609544
SHA512ed3883628a3a3ed4f03165099baa106654d606f9039079aa6e46053fd05264877f64c19b275f092f93d456660d5c981cf3858199f2a6e43373ff1514426e6cbb
-
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\WWQI7LX5\rs=AO0039sMyZxaqRFt4HMiVvRp_6eumjfA7Q[1].css
Filesize2.2MB
MD517fcf6186626c743c192757c11a0c777
SHA1d1158d503d9c456736636c4c78bcc17008ec2900
SHA256c32bb4952e79f75e7665b8b415964f4616bcc24739b5eed21ce5226660c6aa7b
SHA5126d34e0e3727261eb34f8f319694aeac2f641b332b694a2a45f4f041532b1d4f66d3219cf7c5156f15c0cff093a1eef60fff1a66edda2bc0591b2b148bcd74c4d
-
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!002\MicrosoftEdge\User\Default\DOMStore\FR9BN32Y\www.bing[1].xml
Filesize1KB
MD58e7c2034ddc836fbe0263457e82173cf
SHA1459111bf3af6b08a81490b0f7b1dc9ab48b10c3e
SHA25665ad11e288abfe9cfcf18d2b1acd66130a6d991de342719076723cb850e600ea
SHA512078fcdc5366d2a3cb2a5f1763910ad8e05717876909663b0ffc76c2c9dc68f7674ba6fa7add9dc6e3d802df1fe03d7f19d7483cca578d137fef2d4b7fa42cd2e
-
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!002\Microsoft\CryptnetUrlCache\Content\57C8EDB95DF3F0AD4EE2DC2B8CFD4157
Filesize4KB
MD51bfe591a4fe3d91b03cdf26eaacd8f89
SHA1719c37c320f518ac168c86723724891950911cea
SHA2569cf94355051bf0f4a45724ca20d1cc02f76371b963ab7d1e38bd8997737b13d8
SHA51202f88da4b610678c31664609bcfa9d61db8d0b0617649981af948f670f41a6207b4ec19fecce7385a24e0c609cbbf3f2b79a8acaf09a03c2c432cc4dce75e9db
-
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\MicrosoftEdge\Cache\HHFC1QXP\drive_2020q4_32dp[1].png
Filesize831B
MD5916c9bcccf19525ad9d3cd1514008746
SHA19ccce6978d2417927b5150ffaac22f907ff27b6e
SHA256358e814139d3ed8469b36935a071be6696ccad7dd9bdbfdb80c052b068ae2a50
SHA512b73c1a81997abe12dba4ae1fa38f070079448c3798e7161c9262ccba6ee6a91e8a243f0e4888c8aef33ce1cf83818fc44c85ae454a522a079d08121cd8628d00
-
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\MicrosoftEdge\Cache\Q8Z4HTQM\suggestions[1].en-US
Filesize17KB
MD55a34cb996293fde2cb7a4ac89587393a
SHA13c96c993500690d1a77873cd62bc639b3a10653f
SHA256c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad
SHA512e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee