Overview

overview

6

Static

static

1

URLScan

urlscan

1

https://drive.google...

windows10-1703-x64

Analysis

  • max time kernel
    83s
  • max time network
    84s
  • platform
    windows10-1703_x64
  • resource
    win10-20240404-en
  • resource tags

    arch:x64arch:x86image:win10-20240404-enlocale:en-usos:windows10-1703-x64system
  • submitted
    07/08/2024, 22:36 UTC

Sharing

Copy URL
Twitter E-mail

Errors

Reason
Machine shutdown
Report Analysis Logs

General

  • Target

    https://drive.google.com/file/d/1b6qB1WVdoi9qrL2lftt0YIRygYNVeIJh/view

Score
6/10

Malware Config

Signatures

  • Legitimate hosting services abused for malware hosting/C2 1 TTPs 3 IoCs
  • Drops file in Windows directory 5 IoCs
  • Modifies Internet Explorer settings 1 TTPs 2 IoCs
    adwarespyware
  • Modifies data under HKEY_USERS 15 IoCs
  • Modifies registry class 64 IoCs
  • Suspicious behavior: MapViewOfSection 8 IoCs
  • Suspicious use of AdjustPrivilegeToken 8 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 13 IoCs

Processes

  • C:\Windows\system32\LaunchWinApp.exe
    "C:\Windows\system32\LaunchWinApp.exe" "https://drive.google.com/file/d/1b6qB1WVdoi9qrL2lftt0YIRygYNVeIJh/view"
    1⤵
      PID:2008
    • C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
      "C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe" -ServerName:MicrosoftEdge.AppXdnhjhccw3zf0j06tkg3jtqr00qdm0khc.mca
      1⤵
      • Drops file in Windows directory
      • Modifies registry class
      • Suspicious use of AdjustPrivilegeToken
      • Suspicious use of SetWindowsHookEx
      PID:3588
    • C:\Windows\system32\browser_broker.exe
      C:\Windows\system32\browser_broker.exe -Embedding
      1⤵
      • Modifies Internet Explorer settings
      PID:60
    • C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
      "C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
      1⤵
      • Modifies registry class
      • Suspicious behavior: MapViewOfSection
      • Suspicious use of SetWindowsHookEx
      • Suspicious use of WriteProcessMemory
      PID:4376
    • C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
      "C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
      1⤵
      • Drops file in Windows directory
      • Modifies Internet Explorer settings
      • Modifies registry class
      • Suspicious use of AdjustPrivilegeToken
      • Suspicious use of SetWindowsHookEx
      PID:4068
    • C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
      "C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
      1⤵
      • Drops file in Windows directory
      • Modifies registry class
      PID:4916
    • C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
      "C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
      1⤵
      • Drops file in Windows directory
      • Modifies registry class
      • Suspicious use of SetWindowsHookEx
      PID:2944
    • C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
      "C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
      1⤵
      • Modifies registry class
      PID:6128
    • \??\c:\windows\system32\svchost.exe
      c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s DeviceAssociationService
      1⤵
      • Suspicious use of AdjustPrivilegeToken
      • Suspicious use of WriteProcessMemory
      PID:4968
      • C:\Windows\system32\dashost.exe
        dashost.exe {6540f46c-40e2-4284-ac69efeb5d133fe0}
        2⤵
          PID:5164
      • C:\Windows\system32\LogonUI.exe
        "LogonUI.exe" /flags:0x0 /state0:0xa3a81055 /state1:0x41c64e6d
        1⤵
        • Modifies data under HKEY_USERS
        • Suspicious use of SetWindowsHookEx
        PID:3212

      Network

      • flag-us
        DNS
        drive.google.com
        MicrosoftEdgeCP.exe
        Remote address:
        8.8.8.8:53
        Request
        drive.google.com
        IN A
        Response
        drive.google.com
        IN A
        172.217.168.206
      • flag-nl
        GET
        https://drive.google.com/file/d/1b6qB1WVdoi9qrL2lftt0YIRygYNVeIJh/view
        MicrosoftEdgeCP.exe
        Remote address:
        172.217.168.206:443
        Request
        GET /file/d/1b6qB1WVdoi9qrL2lftt0YIRygYNVeIJh/view HTTP/2.0
        host: drive.google.com
        accept: text/html, application/xhtml+xml, image/jxr, */*
        accept-language: en-US
        user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
        accept-encoding: gzip, deflate, br
        Response
        HTTP/2.0 200
        content-type: text/html; charset=utf-8
        vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
        x-robots-tag: noindex, nofollow, nosnippet
        cache-control: no-cache, no-store, max-age=0, must-revalidate
        pragma: no-cache
        expires: Mon, 01 Jan 1990 00:00:00 GMT
        date: Wed, 07 Aug 2024 22:36:42 GMT
        content-encoding: gzip
        p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
        content-security-policy: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/docs-tt
        referrer-policy: origin
        x-content-type-options: nosniff
        x-frame-options: SAMEORIGIN
        x-xss-protection: 1; mode=block
        server: GSE
        set-cookie: NID=516=Yo_WmMTkv-_WYIALgGOChfKkl9UAAplfYalxTwOG1-zviF_-xMrokYZB92ZNUt1D54fNqh0fVeu-8WYNH3dzXeOHsCJA_cuc4MxupA61k2Idfb9wUeynXdhXyxlfQuRGDR3MueZw9UbO8RlY6yNfUeT2AKPyEJ93hIbVP5D_BiA; expires=Thu, 06-Feb-2025 22:36:41 GMT; path=/; domain=.google.com; Secure; HttpOnly
        alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
      • flag-nl
        GET
        https://drive.google.com/auth_warmup
        MicrosoftEdgeCP.exe
        Remote address:
        172.217.168.206:443
        Request
        GET /auth_warmup HTTP/2.0
        host: drive.google.com
        accept: text/html, application/xhtml+xml, image/jxr, */*
        referer: https://drive.google.com/
        accept-language: en-US
        user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
        accept-encoding: gzip, deflate, br
        cookie: NID=516=Yo_WmMTkv-_WYIALgGOChfKkl9UAAplfYalxTwOG1-zviF_-xMrokYZB92ZNUt1D54fNqh0fVeu-8WYNH3dzXeOHsCJA_cuc4MxupA61k2Idfb9wUeynXdhXyxlfQuRGDR3MueZw9UbO8RlY6yNfUeT2AKPyEJ93hIbVP5D_BiA
        Response
        HTTP/2.0 200
        content-type: text/html; charset=utf-8
        vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
        cache-control: no-cache, no-store, max-age=0, must-revalidate
        pragma: no-cache
        expires: Mon, 01 Jan 1990 00:00:00 GMT
        date: Wed, 07 Aug 2024 22:36:43 GMT
        strict-transport-security: max-age=31536000
        accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
        content-security-policy: script-src 'unsafe-inline' https: http:;object-src 'none';base-uri 'self';report-uri /_/DriveOsidBootstrap/cspreport;worker-src 'self'
        content-security-policy: require-trusted-types-for 'script';report-uri /_/DriveOsidBootstrap/cspreport
        cross-origin-opener-policy: same-origin
        cross-origin-resource-policy: same-site
        permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
        reporting-endpoints: default="/_/DriveOsidBootstrap/web-reports?context=eJzjktDikmJw0ZBicEqfwRoCxEsiLrIeSbzIKsTD8fvt-a1sAhuOTmtiVlJNyi-MTynKLEvNKCkpSCzILE4tKkstijcyMDIxsDAw1DMwii8wAAAKGBqs"
        server: ESF
        content-length: 0
        x-xss-protection: 0
        x-content-type-options: nosniff
        alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
      • flag-nl
        GET
        https://drive.google.com/file/d/1b6qB1WVdoi9qrL2lftt0YIRygYNVeIJh/view
        MicrosoftEdgeCP.exe
        Remote address:
        172.217.168.206:443
        Request
        GET /file/d/1b6qB1WVdoi9qrL2lftt0YIRygYNVeIJh/view HTTP/2.0
        host: drive.google.com
        accept: text/html, application/xhtml+xml, image/jxr, */*
        accept-language: en-US
        user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
        accept-encoding: gzip, deflate, br
        cookie: NID=516=Yo_WmMTkv-_WYIALgGOChfKkl9UAAplfYalxTwOG1-zviF_-xMrokYZB92ZNUt1D54fNqh0fVeu-8WYNH3dzXeOHsCJA_cuc4MxupA61k2Idfb9wUeynXdhXyxlfQuRGDR3MueZw9UbO8RlY6yNfUeT2AKPyEJ93hIbVP5D_BiA; OGPC=19010599-1:
        Response
        HTTP/2.0 200
        content-type: text/html; charset=utf-8
        vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
        x-robots-tag: noindex, nofollow, nosnippet
        cache-control: no-cache, no-store, max-age=0, must-revalidate
        pragma: no-cache
        expires: Mon, 01 Jan 1990 00:00:00 GMT
        date: Wed, 07 Aug 2024 22:36:59 GMT
        content-encoding: gzip
        content-security-policy: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/docs-tt
        referrer-policy: origin
        x-content-type-options: nosniff
        x-frame-options: SAMEORIGIN
        x-xss-protection: 1; mode=block
        server: GSE
        alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
      • flag-nl
        GET
        https://drive.google.com/auth_warmup
        MicrosoftEdgeCP.exe
        Remote address:
        172.217.168.206:443
        Request
        GET /auth_warmup HTTP/2.0
        host: drive.google.com
        accept: text/html, application/xhtml+xml, image/jxr, */*
        referer: https://drive.google.com/
        accept-language: en-US
        user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
        accept-encoding: gzip, deflate, br
        cookie: NID=516=Yo_WmMTkv-_WYIALgGOChfKkl9UAAplfYalxTwOG1-zviF_-xMrokYZB92ZNUt1D54fNqh0fVeu-8WYNH3dzXeOHsCJA_cuc4MxupA61k2Idfb9wUeynXdhXyxlfQuRGDR3MueZw9UbO8RlY6yNfUeT2AKPyEJ93hIbVP5D_BiA; OGPC=19010599-1:
        Response
        HTTP/2.0 200
        content-type: text/html; charset=utf-8
        vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
        cache-control: no-cache, no-store, max-age=0, must-revalidate
        pragma: no-cache
        expires: Mon, 01 Jan 1990 00:00:00 GMT
        date: Wed, 07 Aug 2024 22:37:00 GMT
        strict-transport-security: max-age=31536000
        accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
        content-security-policy: require-trusted-types-for 'script';report-uri /_/DriveOsidBootstrap/cspreport
        content-security-policy: script-src 'unsafe-inline' https: http:;object-src 'none';base-uri 'self';report-uri /_/DriveOsidBootstrap/cspreport;worker-src 'self'
        permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
        cross-origin-resource-policy: same-site
        cross-origin-opener-policy: same-origin
        reporting-endpoints: default="/_/DriveOsidBootstrap/web-reports?context=eJzjktDikmJw0ZBicEqfwRoCxEsiLrIeSbzIKsTD0fPu_FY2gR0H93QwK6km5RfGpxRllqVmlJQUJBZkFqcWlaUWxRsZGJkYWBgY6hkYxRcYAAD8chpu"
        server: ESF
        content-length: 0
        x-xss-protection: 0
        x-content-type-options: nosniff
        alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
      • flag-us
        DNS
        c.pki.goog
        MicrosoftEdge.exe
        Remote address:
        8.8.8.8:53
        Request
        c.pki.goog
        IN A
        Response
        c.pki.goog
        IN CNAME
        pki-goog.l.google.com
        pki-goog.l.google.com
        IN A
        142.250.179.131
      • flag-nl
        GET
        http://c.pki.goog/r/r1.crl
        MicrosoftEdgeCP.exe
        Remote address:
        142.250.179.131:80
        Request
        GET /r/r1.crl HTTP/1.1
        Connection: Keep-Alive
        Accept: */*
        User-Agent: Microsoft-CryptoAPI/10.0
        Host: c.pki.goog
        Response
        HTTP/1.1 200 OK
        Accept-Ranges: bytes
        Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cacerts
        Cross-Origin-Resource-Policy: cross-origin
        Cross-Origin-Opener-Policy: same-origin; report-to="cacerts"
        Report-To: {"group":"cacerts","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cacerts"}]}
        Content-Length: 854
        X-Content-Type-Options: nosniff
        Server: sffe
        X-XSS-Protection: 0
        Date: Wed, 07 Aug 2024 22:33:47 GMT
        Expires: Wed, 07 Aug 2024 23:23:47 GMT
        Cache-Control: public, max-age=3000
        Age: 174
        Last-Modified: Thu, 25 Jul 2024 14:48:00 GMT
        Content-Type: application/pkix-crl
        Vary: Accept-Encoding
      • flag-us
        DNS
        o.pki.goog
        MicrosoftEdge.exe
        Remote address:
        8.8.8.8:53
        Request
        o.pki.goog
        IN A
        Response
        o.pki.goog
        IN CNAME
        pki-goog.l.google.com
        pki-goog.l.google.com
        IN A
        142.250.179.131
      • flag-nl
        GET
        http://o.pki.goog/wr2/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEHGN%2BKTRSIp4CcztJxB9gYQ%3D
        MicrosoftEdgeCP.exe
        Remote address:
        142.250.179.131:80
        Request
        GET /wr2/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEHGN%2BKTRSIp4CcztJxB9gYQ%3D HTTP/1.1
        Connection: Keep-Alive
        Accept: */*
        User-Agent: Microsoft-CryptoAPI/10.0
        Host: o.pki.goog
        Response
        HTTP/1.1 200 OK
        Server: ocsp_responder
        Content-Length: 471
        X-XSS-Protection: 0
        X-Frame-Options: SAMEORIGIN
        Date: Wed, 07 Aug 2024 22:02:54 GMT
        Cache-Control: public, max-age=14400
        Content-Type: application/ocsp-response
        Age: 2027
      • flag-nl
        GET
        http://o.pki.goog/wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQCjHbN8Q48ByBJsBZfEZOeO
        MicrosoftEdgeCP.exe
        Remote address:
        142.250.179.131:80
        Request
        GET /wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQCjHbN8Q48ByBJsBZfEZOeO HTTP/1.1
        Connection: Keep-Alive
        Accept: */*
        User-Agent: Microsoft-CryptoAPI/10.0
        Host: o.pki.goog
        Response
        HTTP/1.1 200 OK
        Server: ocsp_responder
        Content-Length: 472
        X-XSS-Protection: 0
        X-Frame-Options: SAMEORIGIN
        Date: Wed, 07 Aug 2024 22:03:32 GMT
        Cache-Control: public, max-age=14400
        Content-Type: application/ocsp-response
        Age: 1990
      • flag-nl
        GET
        http://o.pki.goog/wr2/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEENjNo17UXCzCoB93MsCZlg%3D
        MicrosoftEdgeCP.exe
        Remote address:
        142.250.179.131:80
        Request
        GET /wr2/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEENjNo17UXCzCoB93MsCZlg%3D HTTP/1.1
        Connection: Keep-Alive
        Accept: */*
        User-Agent: Microsoft-CryptoAPI/10.0
        Host: o.pki.goog
        Response
        HTTP/1.1 200 OK
        Server: ocsp_responder
        Content-Length: 471
        X-XSS-Protection: 0
        X-Frame-Options: SAMEORIGIN
        Date: Wed, 07 Aug 2024 22:34:00 GMT
        Cache-Control: public, max-age=14400
        Content-Type: application/ocsp-response
        Age: 163
      • flag-us
        DNS
        206.168.217.172.in-addr.arpa
        Remote address:
        8.8.8.8:53
        Request
        206.168.217.172.in-addr.arpa
        IN PTR
        Response
        206.168.217.172.in-addr.arpa
        IN PTR
        ams16s32-in-f141e100net
      • flag-us
        DNS
        172.214.232.199.in-addr.arpa
        Remote address:
        8.8.8.8:53
        Request
        172.214.232.199.in-addr.arpa
        IN PTR
        Response
      • flag-us
        DNS
        131.179.250.142.in-addr.arpa
        Remote address:
        8.8.8.8:53
        Request
        131.179.250.142.in-addr.arpa
        IN PTR
        Response
        131.179.250.142.in-addr.arpa
        IN PTR
        ams17s10-in-f31e100net
      • flag-nl
        GET
        http://o.pki.goog/wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQDAezvzBOn2FxIghPLaMkP6
        MicrosoftEdgeCP.exe
        Remote address:
        142.250.179.131:80
        Request
        GET /wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQDAezvzBOn2FxIghPLaMkP6 HTTP/1.1
        Connection: Keep-Alive
        Accept: */*
        User-Agent: Microsoft-CryptoAPI/10.0
        Host: o.pki.goog
        Response
        HTTP/1.1 200 OK
        Server: ocsp_responder
        Content-Length: 472
        X-XSS-Protection: 0
        X-Frame-Options: SAMEORIGIN
        Date: Wed, 07 Aug 2024 22:22:55 GMT
        Cache-Control: public, max-age=14400
        Content-Type: application/ocsp-response
        Age: 827
      • flag-nl
        GET
        http://o.pki.goog/wr2/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEGSmfK2o2tshCmPh6FdfeUg%3D
        MicrosoftEdgeCP.exe
        Remote address:
        142.250.179.131:80
        Request
        GET /wr2/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEGSmfK2o2tshCmPh6FdfeUg%3D HTTP/1.1
        Connection: Keep-Alive
        Accept: */*
        User-Agent: Microsoft-CryptoAPI/10.0
        Host: o.pki.goog
        Response
        HTTP/1.1 200 OK
        Server: ocsp_responder
        Content-Length: 471
        X-XSS-Protection: 0
        X-Frame-Options: SAMEORIGIN
        Date: Wed, 07 Aug 2024 22:26:07 GMT
        Cache-Control: public, max-age=14400
        Content-Type: application/ocsp-response
        Age: 637
      • flag-us
        DNS
        42.36.251.142.in-addr.arpa
        Remote address:
        8.8.8.8:53
        Request
        42.36.251.142.in-addr.arpa
        IN PTR
        Response
        42.36.251.142.in-addr.arpa
        IN PTR
        ams17s12-in-f101e100net
      • flag-us
        DNS
        ogs.google.com
        MicrosoftEdgeCP.exe
        Remote address:
        8.8.8.8:53
        Request
        ogs.google.com
        IN A
        Response
        ogs.google.com
        IN CNAME
        www3.l.google.com
        www3.l.google.com
        IN A
        142.250.179.174
      • flag-us
        DNS
        apis.google.com
        MicrosoftEdgeCP.exe
        Remote address:
        8.8.8.8:53
        Request
        apis.google.com
        IN A
        Response
        apis.google.com
        IN CNAME
        plus.l.google.com
        plus.l.google.com
        IN A
        142.251.36.14
      • flag-us
        DNS
        ogads-pa.googleapis.com
        MicrosoftEdgeCP.exe
        Remote address:
        8.8.8.8:53
        Request
        ogads-pa.googleapis.com
        IN A
        Response
        ogads-pa.googleapis.com
        IN A
        142.250.179.202
        ogads-pa.googleapis.com
        IN A
        142.250.179.138
        ogads-pa.googleapis.com
        IN A
        172.217.23.202
        ogads-pa.googleapis.com
        IN A
        142.250.179.170
        ogads-pa.googleapis.com
        IN A
        142.251.39.106
        ogads-pa.googleapis.com
        IN A
        142.251.36.10
        ogads-pa.googleapis.com
        IN A
        142.251.36.42
        ogads-pa.googleapis.com
        IN A
        172.217.168.234
        ogads-pa.googleapis.com
        IN A
        216.58.208.106
      • flag-nl
        GET
        https://ogs.google.com/widget/callout?prid=19016402&pgid=19010599&puid=e75463737693f8c9&cce=1&dc=1&origin=https%3A%2F%2Fdrive.google.com&cn=callout&pid=25&spid=25&hl=en-GB&dm=
        MicrosoftEdgeCP.exe
        Remote address:
        142.250.179.174:443
        Request
        GET /widget/callout?prid=19016402&pgid=19010599&puid=e75463737693f8c9&cce=1&dc=1&origin=https%3A%2F%2Fdrive.google.com&cn=callout&pid=25&spid=25&hl=en-GB&dm= HTTP/2.0
        host: ogs.google.com
        accept: text/html, application/xhtml+xml, image/jxr, */*
        referer: https://drive.google.com/
        accept-language: en-US
        user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
        accept-encoding: gzip, deflate, br
        cookie: NID=516=Yo_WmMTkv-_WYIALgGOChfKkl9UAAplfYalxTwOG1-zviF_-xMrokYZB92ZNUt1D54fNqh0fVeu-8WYNH3dzXeOHsCJA_cuc4MxupA61k2Idfb9wUeynXdhXyxlfQuRGDR3MueZw9UbO8RlY6yNfUeT2AKPyEJ93hIbVP5D_BiA
        Response
        HTTP/2.0 200
        content-type: text/html; charset=utf-8
        x-frame-options: ALLOW-FROM https://drive.google.com
        content-security-policy: frame-ancestors https://drive.google.com
        content-security-policy: require-trusted-types-for 'script';report-uri /_/OneGoogleWidgetUi/cspreport
        content-security-policy: script-src 'unsafe-inline' https: http:;object-src 'none';base-uri 'self';report-uri /_/OneGoogleWidgetUi/cspreport;worker-src 'self'
        x-ua-compatible: IE=edge
        expires: Wed, 07 Aug 2024 22:36:43 GMT
        date: Wed, 07 Aug 2024 22:36:43 GMT
        cache-control: private, max-age=3600
        strict-transport-security: max-age=31536000
        cross-origin-embedder-policy-report-only: require-corp; report-to="CoepOneGoogleWidgetUi"
        report-to: {"group":"CoepOneGoogleWidgetUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/OneGoogleWidgetUi"}]}
        cross-origin-opener-policy: same-origin
        permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
        cross-origin-resource-policy: same-site
        accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
        reporting-endpoints: default="/_/OneGoogleWidgetUi/web-reports?context=eJzjctHikmJw0ZBiKFj5gkni60smNSB2Sp_BGgDEPvUzWKOAuPXmOdbJQJz07zxrARAvibjIeiDxIquhwiVWeyAW4uH4_fb8VjaBF0eb1jIqqSXlF8bn56Wm5-en56RmlJQUFKcWlaUWxRsZGJkYWBiY6BkYxxcYAAC8ki-w"
        content-encoding: gzip
        server: ESF
        x-xss-protection: 0
        x-content-type-options: nosniff
        alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
      • flag-nl
        GET
        https://ogs.google.com/widget/callout?prid=19016402&pgid=19010599&puid=e75463737693f8c9&cce=1&dc=1&origin=https%3A%2F%2Fdrive.google.com&cn=callout&pid=25&spid=25&hl=en-GB&dm=
        MicrosoftEdgeCP.exe
        Remote address:
        142.250.179.174:443
        Request
        GET /widget/callout?prid=19016402&pgid=19010599&puid=e75463737693f8c9&cce=1&dc=1&origin=https%3A%2F%2Fdrive.google.com&cn=callout&pid=25&spid=25&hl=en-GB&dm= HTTP/2.0
        host: ogs.google.com
        accept: text/html, application/xhtml+xml, image/jxr, */*
        referer: https://drive.google.com/
        accept-language: en-US
        user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
        accept-encoding: gzip, deflate, br
        cookie: NID=516=Yo_WmMTkv-_WYIALgGOChfKkl9UAAplfYalxTwOG1-zviF_-xMrokYZB92ZNUt1D54fNqh0fVeu-8WYNH3dzXeOHsCJA_cuc4MxupA61k2Idfb9wUeynXdhXyxlfQuRGDR3MueZw9UbO8RlY6yNfUeT2AKPyEJ93hIbVP5D_BiA; OGPC=19010599-1:; OTZ=7679437_56_56__56_
        Response
        HTTP/2.0 200
        content-type: text/html; charset=utf-8
        x-frame-options: ALLOW-FROM https://drive.google.com
        content-security-policy: frame-ancestors https://drive.google.com
        content-security-policy: require-trusted-types-for 'script';report-uri /_/OneGoogleWidgetUi/cspreport
        content-security-policy: script-src 'unsafe-inline' https: http:;object-src 'none';base-uri 'self';report-uri /_/OneGoogleWidgetUi/cspreport;worker-src 'self'
        x-ua-compatible: IE=edge
        expires: Wed, 07 Aug 2024 22:37:00 GMT
        date: Wed, 07 Aug 2024 22:37:00 GMT
        cache-control: private, max-age=3600
        strict-transport-security: max-age=31536000
        accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
        permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
        cross-origin-opener-policy: same-origin
        cross-origin-embedder-policy-report-only: require-corp; report-to="CoepOneGoogleWidgetUi"
        report-to: {"group":"CoepOneGoogleWidgetUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/OneGoogleWidgetUi"}]}
        cross-origin-resource-policy: same-site
        reporting-endpoints: default="/_/OneGoogleWidgetUi/web-reports?context=eJzjctHikmJw0ZBiKFj5gkni60smNSB2Sp_BGgDEPvUzWKOAuPXmOdbJQJz07zxrARAvibjIeiDxIquhwiVWeyAW4uHoeXd-K5vAhe_7pzAqqSXlF8bn56Wm5-en56RmlJQUFKcWlaUWxRsZGJkYWBiY6BkYxxcYAACxLC-A"
        content-encoding: gzip
        server: ESF
        x-xss-protection: 0
        x-content-type-options: nosniff
        alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
      • flag-us
        DNS
        ssl.gstatic.com
        MicrosoftEdge.exe
        Remote address:
        8.8.8.8:53
        Request
        ssl.gstatic.com
        IN A
        Response
        ssl.gstatic.com
        IN A
        142.250.179.131
      • flag-nl
        GET
        https://apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.MGCxJbnW_Xw.O/m=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/am=AAAg/rs=AHpOoo9xa4htLEVH9xe6c4ToUehtTaLWvA/cb=gapi.loaded_0
        MicrosoftEdgeCP.exe
        Remote address:
        142.251.36.14:443
        Request
        GET /_/scs/abc-static/_/js/k=gapi.gapi.en.MGCxJbnW_Xw.O/m=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/am=AAAg/rs=AHpOoo9xa4htLEVH9xe6c4ToUehtTaLWvA/cb=gapi.loaded_0 HTTP/2.0
        host: apis.google.com
        accept: application/javascript, */*;q=0.8
        referer: https://drive.google.com/
        accept-language: en-US
        user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
        accept-encoding: gzip, deflate, br
        cookie: NID=516=Yo_WmMTkv-_WYIALgGOChfKkl9UAAplfYalxTwOG1-zviF_-xMrokYZB92ZNUt1D54fNqh0fVeu-8WYNH3dzXeOHsCJA_cuc4MxupA61k2Idfb9wUeynXdhXyxlfQuRGDR3MueZw9UbO8RlY6yNfUeT2AKPyEJ93hIbVP5D_BiA
        Response
        HTTP/2.0 200
        accept-ranges: bytes
        content-encoding: gzip
        access-control-allow-origin: *
        content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
        cross-origin-resource-policy: cross-origin
        cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
        report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
        content-length: 42226
        x-content-type-options: nosniff
        server: sffe
        x-xss-protection: 0
        date: Sat, 03 Aug 2024 04:05:19 GMT
        expires: Sun, 03 Aug 2025 04:05:19 GMT
        cache-control: public, max-age=31536000
        age: 412284
        last-modified: Thu, 11 Jul 2024 18:45:34 GMT
        content-type: text/javascript; charset=UTF-8
        vary: Accept-Encoding
        alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
      • flag-nl
        GET
        https://apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.MGCxJbnW_Xw.O/m=client/exm=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/am=AAAg/rs=AHpOoo9xa4htLEVH9xe6c4ToUehtTaLWvA/cb=gapi.loaded_1
        MicrosoftEdgeCP.exe
        Remote address:
        142.251.36.14:443
        Request
        GET /_/scs/abc-static/_/js/k=gapi.gapi.en.MGCxJbnW_Xw.O/m=client/exm=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/am=AAAg/rs=AHpOoo9xa4htLEVH9xe6c4ToUehtTaLWvA/cb=gapi.loaded_1 HTTP/2.0
        host: apis.google.com
        accept: application/javascript, */*;q=0.8
        referer: https://drive.google.com/
        accept-language: en-US
        user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
        accept-encoding: gzip, deflate, br
        cookie: NID=516=Yo_WmMTkv-_WYIALgGOChfKkl9UAAplfYalxTwOG1-zviF_-xMrokYZB92ZNUt1D54fNqh0fVeu-8WYNH3dzXeOHsCJA_cuc4MxupA61k2Idfb9wUeynXdhXyxlfQuRGDR3MueZw9UbO8RlY6yNfUeT2AKPyEJ93hIbVP5D_BiA
        Response
        HTTP/2.0 200
        accept-ranges: bytes
        content-encoding: gzip
        access-control-allow-origin: *
        content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
        cross-origin-resource-policy: cross-origin
        cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
        report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
        content-length: 72718
        x-content-type-options: nosniff
        server: sffe
        x-xss-protection: 0
        date: Sun, 04 Aug 2024 20:46:10 GMT
        expires: Mon, 04 Aug 2025 20:46:10 GMT
        cache-control: public, max-age=31536000
        age: 265833
        last-modified: Thu, 11 Jul 2024 18:45:34 GMT
        content-type: text/javascript; charset=UTF-8
        vary: Accept-Encoding
        alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
      • flag-nl
        GET
        https://apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.MGCxJbnW_Xw.O/m=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/am=AAAg/rs=AHpOoo9xa4htLEVH9xe6c4ToUehtTaLWvA/cb=gapi.loaded_0
        MicrosoftEdgeCP.exe
        Remote address:
        142.251.36.14:443
        Request
        GET /_/scs/abc-static/_/js/k=gapi.gapi.en.MGCxJbnW_Xw.O/m=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/am=AAAg/rs=AHpOoo9xa4htLEVH9xe6c4ToUehtTaLWvA/cb=gapi.loaded_0 HTTP/2.0
        host: apis.google.com
        accept: application/javascript, */*;q=0.8
        referer: https://drive.google.com/
        accept-language: en-US
        user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
        accept-encoding: gzip, deflate, br
        if-modified-since: Thu, 11 Jul 2024 18:45:34 GMT
        cookie: NID=516=Yo_WmMTkv-_WYIALgGOChfKkl9UAAplfYalxTwOG1-zviF_-xMrokYZB92ZNUt1D54fNqh0fVeu-8WYNH3dzXeOHsCJA_cuc4MxupA61k2Idfb9wUeynXdhXyxlfQuRGDR3MueZw9UbO8RlY6yNfUeT2AKPyEJ93hIbVP5D_BiA; OGPC=19010599-1:
        Response
        HTTP/2.0 304
        date: Sat, 03 Aug 2024 04:05:19 GMT
        expires: Sun, 03 Aug 2025 04:05:19 GMT
        age: 412301
        last-modified: Thu, 11 Jul 2024 18:45:34 GMT
        cache-control: public, max-age=31536000
        vary: Accept-Encoding
        alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
      • flag-nl
        GET
        https://apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.MGCxJbnW_Xw.O/m=client/exm=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/am=AAAg/rs=AHpOoo9xa4htLEVH9xe6c4ToUehtTaLWvA/cb=gapi.loaded_1
        MicrosoftEdgeCP.exe
        Remote address:
        142.251.36.14:443
        Request
        GET /_/scs/abc-static/_/js/k=gapi.gapi.en.MGCxJbnW_Xw.O/m=client/exm=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/am=AAAg/rs=AHpOoo9xa4htLEVH9xe6c4ToUehtTaLWvA/cb=gapi.loaded_1 HTTP/2.0
        host: apis.google.com
        accept: application/javascript, */*;q=0.8
        referer: https://drive.google.com/
        accept-language: en-US
        user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
        accept-encoding: gzip, deflate, br
        if-modified-since: Thu, 11 Jul 2024 18:45:34 GMT
        cookie: NID=516=Yo_WmMTkv-_WYIALgGOChfKkl9UAAplfYalxTwOG1-zviF_-xMrokYZB92ZNUt1D54fNqh0fVeu-8WYNH3dzXeOHsCJA_cuc4MxupA61k2Idfb9wUeynXdhXyxlfQuRGDR3MueZw9UbO8RlY6yNfUeT2AKPyEJ93hIbVP5D_BiA; OGPC=19010599-1:
        Response
        HTTP/2.0 304
        date: Sun, 04 Aug 2024 20:46:10 GMT
        expires: Mon, 04 Aug 2025 20:46:10 GMT
        age: 265850
        last-modified: Thu, 11 Jul 2024 18:45:34 GMT
        cache-control: public, max-age=31536000
        vary: Accept-Encoding
        alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
      • flag-nl
        OPTIONS
        https://ogads-pa.googleapis.com/$rpc/google.internal.onegoogle.asyncdata.v1.AsyncDataService/GetAsyncData
        MicrosoftEdgeCP.exe
        Remote address:
        142.250.179.202:443
        Request
        OPTIONS /$rpc/google.internal.onegoogle.asyncdata.v1.AsyncDataService/GetAsyncData HTTP/2.0
        host: ogads-pa.googleapis.com
        accept: */*
        origin: https://drive.google.com
        referer: https://drive.google.com/
        accept-language: en-US
        user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
        access-control-request-headers: X-Goog-Api-Key, Content-Type, X-User-Agent
        access-control-request-method: POST
        accept-encoding: gzip, deflate, br
        content-length: 0
        cache-control: no-cache
        Response
        HTTP/2.0 200
        access-control-allow-origin: https://drive.google.com
        vary: origin
        vary: referer
        vary: x-origin
        access-control-allow-credentials: true
        access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
        access-control-allow-headers: X-Goog-Api-Key, Content-Type, X-User-Agent
        access-control-max-age: 3600
        date: Wed, 07 Aug 2024 22:36:43 GMT
        content-type: text/html
        server: ESF
        content-length: 0
        x-xss-protection: 0
        x-frame-options: SAMEORIGIN
        x-content-type-options: nosniff
        server-timing: gfet4t7; dur=4
        alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
      • flag-nl
        POST
        https://ogads-pa.googleapis.com/$rpc/google.internal.onegoogle.asyncdata.v1.AsyncDataService/GetAsyncData
        MicrosoftEdgeCP.exe
        Remote address:
        142.250.179.202:443
        Request
        POST /$rpc/google.internal.onegoogle.asyncdata.v1.AsyncDataService/GetAsyncData HTTP/2.0
        host: ogads-pa.googleapis.com
        accept: */*
        origin: https://drive.google.com
        referer: https://drive.google.com/
        accept-language: en-US
        user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
        x-goog-api-key: AIzaSyCbsbvGCe7C9mCtdaTycZB2eUFuzsYKG_E
        content-type: application/json+protobuf
        x-user-agent: grpc-web-javascript/0.1
        accept-encoding: gzip, deflate, br
        content-length: 142
        cache-control: no-cache
        Response
        HTTP/2.0 200
        content-type: application/json+protobuf; charset=UTF-8
        vary: Origin
        vary: X-Origin
        vary: Referer
        content-encoding: gzip
        date: Wed, 07 Aug 2024 22:36:43 GMT
        server: ESF
        cache-control: private
        content-length: 30
        x-xss-protection: 0
        x-frame-options: SAMEORIGIN
        x-content-type-options: nosniff
        access-control-allow-origin: https://drive.google.com
        access-control-allow-credentials: true
        access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
        server-timing: gfet4t7; dur=11
        alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
      • flag-nl
        OPTIONS
        https://ogads-pa.googleapis.com/$rpc/google.internal.onegoogle.asyncdata.v1.AsyncDataService/GetAsyncData
        MicrosoftEdgeCP.exe
        Remote address:
        142.250.179.202:443
        Request
        OPTIONS /$rpc/google.internal.onegoogle.asyncdata.v1.AsyncDataService/GetAsyncData HTTP/2.0
        host: ogads-pa.googleapis.com
        accept: */*
        origin: https://drive.google.com
        referer: https://drive.google.com/
        accept-language: en-US
        user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
        access-control-request-headers: X-Goog-Api-Key, Content-Type, X-User-Agent
        access-control-request-method: POST
        accept-encoding: gzip, deflate, br
        content-length: 0
        cache-control: no-cache
        Response
        HTTP/2.0 200
        access-control-allow-origin: https://drive.google.com
        vary: origin
        vary: referer
        vary: x-origin
        access-control-allow-credentials: true
        access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
        access-control-allow-headers: X-Goog-Api-Key, Content-Type, X-User-Agent
        access-control-max-age: 3600
        date: Wed, 07 Aug 2024 22:37:00 GMT
        content-type: text/html
        server: ESF
        content-length: 0
        x-xss-protection: 0
        x-frame-options: SAMEORIGIN
        x-content-type-options: nosniff
        server-timing: gfet4t7; dur=4
        alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
      • flag-nl
        POST
        https://ogads-pa.googleapis.com/$rpc/google.internal.onegoogle.asyncdata.v1.AsyncDataService/GetAsyncData
        MicrosoftEdgeCP.exe
        Remote address:
        142.250.179.202:443
        Request
        POST /$rpc/google.internal.onegoogle.asyncdata.v1.AsyncDataService/GetAsyncData HTTP/2.0
        host: ogads-pa.googleapis.com
        accept: */*
        origin: https://drive.google.com
        referer: https://drive.google.com/
        accept-language: en-US
        user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
        x-goog-api-key: AIzaSyCbsbvGCe7C9mCtdaTycZB2eUFuzsYKG_E
        content-type: application/json+protobuf
        x-user-agent: grpc-web-javascript/0.1
        accept-encoding: gzip, deflate, br
        content-length: 153
        cache-control: no-cache
        Response
        HTTP/2.0 200
        content-type: application/json+protobuf; charset=UTF-8
        vary: Origin
        vary: X-Origin
        vary: Referer
        content-encoding: gzip
        date: Wed, 07 Aug 2024 22:37:00 GMT
        server: ESF
        cache-control: private
        content-length: 30
        x-xss-protection: 0
        x-frame-options: SAMEORIGIN
        x-content-type-options: nosniff
        access-control-allow-origin: https://drive.google.com
        access-control-allow-credentials: true
        access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
        server-timing: gfet4t7; dur=12
        alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
      • flag-nl
        GET
        http://ocsp.pki.goog/gsr1/MFEwTzBNMEswSTAJBgUrDgMCGgUABBS3V7W2nAf4FiMTjpDJKg6%2BMgGqMQQUYHtmGkUNl8qJUC99BM00qP%2F8%2FUsCEHe9DWzbNvka6iEPxPBY0w0%3D
        MicrosoftEdge.exe
        Remote address:
        142.250.179.131:80
        Request
        GET /gsr1/MFEwTzBNMEswSTAJBgUrDgMCGgUABBS3V7W2nAf4FiMTjpDJKg6%2BMgGqMQQUYHtmGkUNl8qJUC99BM00qP%2F8%2FUsCEHe9DWzbNvka6iEPxPBY0w0%3D HTTP/1.1
        Connection: Keep-Alive
        Accept: */*
        User-Agent: Microsoft-CryptoAPI/10.0
        Host: ocsp.pki.goog
        Response
        HTTP/1.1 200 OK
        Server: ocsp_responder
        Content-Length: 1446
        X-XSS-Protection: 0
        X-Frame-Options: SAMEORIGIN
        Date: Wed, 07 Aug 2024 22:23:08 GMT
        Cache-Control: public, max-age=14400
        Content-Type: application/ocsp-response
        Age: 815
      • flag-us
        DNS
        3.36.251.142.in-addr.arpa
        Remote address:
        8.8.8.8:53
        Request
        3.36.251.142.in-addr.arpa
        IN PTR
        Response
        3.36.251.142.in-addr.arpa
        IN PTR
        ams15s44-in-f31e100net
      • flag-us
        DNS
        174.179.250.142.in-addr.arpa
        Remote address:
        8.8.8.8:53
        Request
        174.179.250.142.in-addr.arpa
        IN PTR
        Response
        174.179.250.142.in-addr.arpa
        IN PTR
        ams15s41-in-f141e100net
      • flag-us
        DNS
        14.36.251.142.in-addr.arpa
        Remote address:
        8.8.8.8:53
        Request
        14.36.251.142.in-addr.arpa
        IN PTR
        Response
        14.36.251.142.in-addr.arpa
        IN PTR
        ams15s44-in-f141e100net
      • flag-us
        DNS
        202.179.250.142.in-addr.arpa
        Remote address:
        8.8.8.8:53
        Request
        202.179.250.142.in-addr.arpa
        IN PTR
        Response
        202.179.250.142.in-addr.arpa
        IN PTR
        ams15s42-in-f101e100net
      • flag-nl
        GET
        http://c.pki.goog/r/r1.crl
        MicrosoftEdge.exe
        Remote address:
        142.250.179.131:80
        Request
        GET /r/r1.crl HTTP/1.1
        Connection: Keep-Alive
        Accept: */*
        User-Agent: Microsoft-CryptoAPI/10.0
        Host: c.pki.goog
        Response
        HTTP/1.1 200 OK
        Accept-Ranges: bytes
        Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cacerts
        Cross-Origin-Resource-Policy: cross-origin
        Cross-Origin-Opener-Policy: same-origin; report-to="cacerts"
        Report-To: {"group":"cacerts","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cacerts"}]}
        Content-Length: 854
        X-Content-Type-Options: nosniff
        Server: sffe
        X-XSS-Protection: 0
        Date: Wed, 07 Aug 2024 22:33:47 GMT
        Expires: Wed, 07 Aug 2024 23:23:47 GMT
        Cache-Control: public, max-age=3000
        Age: 176
        Last-Modified: Thu, 25 Jul 2024 14:48:00 GMT
        Content-Type: application/pkix-crl
        Vary: Accept-Encoding
      • flag-us
        DNS
        www.google.com
        MicrosoftEdgeCP.exe
        Remote address:
        8.8.8.8:53
        Request
        www.google.com
        IN A
        Response
        www.google.com
        IN A
        142.250.179.196
      • flag-nl
        GET
        http://o.pki.goog/wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQDAezvzBOn2FxIghPLaMkP6
        MicrosoftEdge.exe
        Remote address:
        142.250.179.131:80
        Request
        GET /wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQDAezvzBOn2FxIghPLaMkP6 HTTP/1.1
        Connection: Keep-Alive
        Accept: */*
        User-Agent: Microsoft-CryptoAPI/10.0
        Host: o.pki.goog
        Response
        HTTP/1.1 200 OK
        Server: ocsp_responder
        Content-Length: 472
        X-XSS-Protection: 0
        X-Frame-Options: SAMEORIGIN
        Date: Wed, 07 Aug 2024 22:22:55 GMT
        Cache-Control: public, max-age=14400
        Content-Type: application/ocsp-response
        Age: 828
      • flag-nl
        GET
        https://www.google.com/images/hpp/Chrome_Owned_96x96.png
        MicrosoftEdgeCP.exe
        Remote address:
        142.250.179.196:443
        Request
        GET /images/hpp/Chrome_Owned_96x96.png HTTP/2.0
        host: www.google.com
        accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5
        referer: https://ogs.google.com/
        accept-language: en-US
        user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
        accept-encoding: gzip, deflate, br
        cookie: NID=516=Yo_WmMTkv-_WYIALgGOChfKkl9UAAplfYalxTwOG1-zviF_-xMrokYZB92ZNUt1D54fNqh0fVeu-8WYNH3dzXeOHsCJA_cuc4MxupA61k2Idfb9wUeynXdhXyxlfQuRGDR3MueZw9UbO8RlY6yNfUeT2AKPyEJ93hIbVP5D_BiA
        Response
        HTTP/2.0 200
        accept-ranges: bytes
        content-type: image/png
        cross-origin-resource-policy: cross-origin
        cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
        report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
        content-length: 6177
        date: Wed, 07 Aug 2024 22:36:44 GMT
        expires: Wed, 07 Aug 2024 22:36:44 GMT
        cache-control: private, max-age=31536000
        last-modified: Tue, 22 Oct 2019 18:30:00 GMT
        x-content-type-options: nosniff
        server: sffe
        x-xss-protection: 0
        alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
      • flag-nl
        GET
        https://www.google.com/images/hpp/Chrome_Owned_96x96.png
        MicrosoftEdgeCP.exe
        Remote address:
        142.250.179.196:443
        Request
        GET /images/hpp/Chrome_Owned_96x96.png HTTP/2.0
        host: www.google.com
        accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5
        referer: https://ogs.google.com/
        accept-language: en-US
        user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
        accept-encoding: gzip, deflate, br
        if-modified-since: Tue, 22 Oct 2019 18:30:00 GMT
        cookie: NID=516=Yo_WmMTkv-_WYIALgGOChfKkl9UAAplfYalxTwOG1-zviF_-xMrokYZB92ZNUt1D54fNqh0fVeu-8WYNH3dzXeOHsCJA_cuc4MxupA61k2Idfb9wUeynXdhXyxlfQuRGDR3MueZw9UbO8RlY6yNfUeT2AKPyEJ93hIbVP5D_BiA; OGPC=19010599-1:
        Response
        HTTP/2.0 304
        cross-origin-resource-policy: cross-origin
        date: Wed, 07 Aug 2024 22:37:00 GMT
        expires: Wed, 07 Aug 2024 22:37:00 GMT
        cache-control: private, max-age=31536000
        last-modified: Tue, 22 Oct 2019 18:30:00 GMT
        x-content-type-options: nosniff
        server: sffe
        x-xss-protection: 0
        alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
      • flag-us
        DNS
        196.179.250.142.in-addr.arpa
        Remote address:
        8.8.8.8:53
        Request
        196.179.250.142.in-addr.arpa
        IN PTR
        Response
        196.179.250.142.in-addr.arpa
        IN PTR
        ams15s42-in-f41e100net
      • flag-us
        DNS
        www.msn.com
        MicrosoftEdge.exe
        Remote address:
        8.8.8.8:53
        Request
        www.msn.com
        IN A
        Response
        www.msn.com
        IN CNAME
        www-msn-com.a-0003.a-msedge.net
        www-msn-com.a-0003.a-msedge.net
        IN CNAME
        a-0003.a-msedge.net
        a-0003.a-msedge.net
        IN A
        204.79.197.203
      • flag-us
        DNS
        assets.msn.com
        MicrosoftEdgeCP.exe
        Remote address:
        8.8.8.8:53
        Request
        assets.msn.com
        IN A
        Response
        assets.msn.com
        IN CNAME
        assets.msn.com.edgekey.net
        assets.msn.com.edgekey.net
        IN CNAME
        e28578.d.akamaiedge.net
        e28578.d.akamaiedge.net
        IN A
        2.18.40.160
        e28578.d.akamaiedge.net
        IN A
        2.18.40.151
        e28578.d.akamaiedge.net
        IN A
        2.18.40.158
        e28578.d.akamaiedge.net
        IN A
        2.18.40.162
        e28578.d.akamaiedge.net
        IN A
        2.18.40.139
        e28578.d.akamaiedge.net
        IN A
        2.18.40.145
        e28578.d.akamaiedge.net
        IN A
        2.18.40.152
        e28578.d.akamaiedge.net
        IN A
        2.18.40.157
        e28578.d.akamaiedge.net
        IN A
        2.18.40.147
      • flag-fr
        GET
        https://assets.msn.com/bundles/v1/edge/latest/microsoft.8aa91a5fe4f5d8517ae1.js
        MicrosoftEdgeCP.exe
        Remote address:
        2.18.40.160:443
        Request
        GET /bundles/v1/edge/latest/microsoft.8aa91a5fe4f5d8517ae1.js HTTP/2.0
        host: assets.msn.com
        accept: application/javascript, */*;q=0.8
        referer: https://www.msn.com/spartan/dhp?locale=en-US&market=US&enableregulatorypsm=0&enablecpsm=0&ishostisolationenforced=0&targetexperience=default
        accept-language: en-US
        user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; ServiceUI 9) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
        origin: https://www.msn.com
        accept-encoding: gzip, deflate, br
        Response
        HTTP/2.0 200
        content-length: 53557
        content-md5: YrPejprI4tG+2X4ekLKlAg==
        last-modified: Mon, 26 Jul 2021 22:19:35 GMT
        etag: 0x8D9508373717114
        server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
        x-ms-request-id: ddc68391-001e-004b-4f14-609cb8000000
        x-ms-version: 2009-09-19
        x-ms-lease-status: unlocked
        x-ms-blob-type: BlockBlob
        content-encoding: br
        date: Wed, 07 Aug 2024 22:36:56 GMT
        akamai-request-bc: [a=2.16.116.224,b=637941761,c=g,n=FR_PAC_MARSEILLE,o=20940]
        server-timing: clientrtt; dur=64, clienttt; dur=1, origin; dur=0, cdntime; dur=1, wpo;dur=0,1s;dur=0
        akamai-cache-status: Hit from child
        content-type: application/javascript
        akamai-server-ip: 2.16.116.224
        akamai-request-id: 26063801
        access-control-allow-credentials: true
        access-control-allow-origin: https://www.msn.com
        report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
        nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.1}
        cache-control: public, no-transform, max-age=31535892
        timing-allow-origin: *
        akamai-grn: 0.e0741002.1723070216.26063801
        vary: Origin
      • flag-fr
        GET
        https://assets.msn.com/bundles/v1/edge/latest/vendors.c47bf4f4981f23895ddb.js
        MicrosoftEdgeCP.exe
        Remote address:
        2.18.40.160:443
        Request
        GET /bundles/v1/edge/latest/vendors.c47bf4f4981f23895ddb.js HTTP/2.0
        host: assets.msn.com
        accept: application/javascript, */*;q=0.8
        referer: https://www.msn.com/spartan/dhp?locale=en-US&market=US&enableregulatorypsm=0&enablecpsm=0&ishostisolationenforced=0&targetexperience=default
        accept-language: en-US
        user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; ServiceUI 9) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
        origin: https://www.msn.com
        accept-encoding: gzip, deflate, br
        Response
        HTTP/2.0 200
        content-length: 161886
        content-md5: 4Qqx/5ghQW9cUY3TgpoINQ==
        last-modified: Mon, 26 Jul 2021 22:18:30 GMT
        etag: 0x8D950834C94BC27
        server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
        x-ms-request-id: 722428a1-601e-00b1-65c1-5837f8000000
        x-ms-version: 2009-09-19
        x-ms-lease-status: unlocked
        x-ms-blob-type: BlockBlob
        content-encoding: br
        date: Wed, 07 Aug 2024 22:36:56 GMT
        akamai-request-bc: [a=2.16.116.224,b=637941762,c=g,n=FR_PAC_MARSEILLE,o=20940]
        server-timing: clientrtt; dur=64, clienttt; dur=2, origin; dur=0, cdntime; dur=2, wpo;dur=0,1s;dur=0
        akamai-cache-status: Hit from child
        content-type: application/javascript
        akamai-server-ip: 2.16.116.224
        akamai-request-id: 26063802
        access-control-allow-credentials: true
        access-control-allow-origin: https://www.msn.com
        report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
        nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.1}
        cache-control: public, no-transform, max-age=31535892
        timing-allow-origin: *
        akamai-grn: 0.e0741002.1723070216.26063802
        vary: Origin
      • flag-fr
        GET
        https://assets.msn.com/bundles/v1/edge/latest/common.5dd7cff85de67632bfd7.js
        MicrosoftEdgeCP.exe
        Remote address:
        2.18.40.160:443
        Request
        GET /bundles/v1/edge/latest/common.5dd7cff85de67632bfd7.js HTTP/2.0
        host: assets.msn.com
        accept: application/javascript, */*;q=0.8
        referer: https://www.msn.com/spartan/dhp?locale=en-US&market=US&enableregulatorypsm=0&enablecpsm=0&ishostisolationenforced=0&targetexperience=default
        accept-language: en-US
        user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; ServiceUI 9) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
        origin: https://www.msn.com
        accept-encoding: gzip, deflate, br
        Response
        HTTP/2.0 200
        content-length: 33972
        content-md5: YzySdh8ykm7KVsyrxDpMLg==
        last-modified: Mon, 26 Jul 2021 22:18:52 GMT
        etag: 0x8D9508359704919
        server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
        x-ms-request-id: 38d3c032-901e-008a-4088-5333fe000000
        x-ms-version: 2009-09-19
        x-ms-lease-status: unlocked
        x-ms-blob-type: BlockBlob
        content-encoding: br
        date: Wed, 07 Aug 2024 22:36:56 GMT
        akamai-request-bc: [a=2.16.116.224,b=637941760,c=g,n=FR_PAC_MARSEILLE,o=20940]
        server-timing: clientrtt; dur=64, clienttt; dur=2, origin; dur=0, cdntime; dur=2, wpo;dur=0,1s;dur=0
        akamai-cache-status: Hit from child
        content-type: application/javascript
        akamai-server-ip: 2.16.116.224
        akamai-request-id: 26063800
        access-control-allow-credentials: true
        access-control-allow-origin: https://www.msn.com
        report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
        nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.1}
        cache-control: public, no-transform, max-age=31535892
        timing-allow-origin: *
        akamai-grn: 0.e0741002.1723070215.26063800
        vary: Origin
      • flag-fr
        GET
        https://assets.msn.com/staticsb/statics/latest/oneTrust/1.9/scripttemplates/otSDKStub.js
        MicrosoftEdgeCP.exe
        Remote address:
        2.18.40.160:443
        Request
        GET /staticsb/statics/latest/oneTrust/1.9/scripttemplates/otSDKStub.js HTTP/2.0
        host: assets.msn.com
        accept: application/javascript, */*;q=0.8
        referer: https://www.msn.com/spartan/dhp?locale=en-US&market=US&enableregulatorypsm=0&enablecpsm=0&ishostisolationenforced=0&targetexperience=default
        accept-language: en-US
        user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; ServiceUI 9) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
        accept-encoding: gzip, deflate, br
        cookie: USRLOC=; MUID=2F4059FD64FC652A38734DAA6550643D; _EDGE_V=1; OptanonConsent=isGpcEnabled=0&datestamp=Thu+Apr+04+2024+13%3A33%3A41+GMT%2B0000+(Coordinated+Universal+Time)&version=202310.2.0&browserGpcFlag=0&isIABGlobal=false
        Response
        HTTP/2.0 200
        content-type: application/javascript
        content-md5: SrH4iQ0luJkTRyZ3V7l1ZA==
        last-modified: Wed, 07 Aug 2024 00:44:38 GMT
        etag: 0x8DCB67A1DBA9706
        server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
        x-ms-request-id: c56d7810-a01e-008b-12eb-e85e72000000
        x-ms-version: 2009-09-19
        x-ms-lease-status: unlocked
        x-ms-blob-type: BlockBlob
        content-encoding: gzip
        content-length: 7369
        date: Wed, 07 Aug 2024 22:36:56 GMT
        akamai-request-bc: [a=2.16.116.224,b=637941763,c=g,n=FR_PAC_MARSEILLE,o=20940]
        server-timing: clientrtt; dur=64, clienttt; dur=0, origin; dur=0, cdntime; dur=0, wpo;dur=0,1s;dur=0
        akamai-cache-status: Hit from child
        akamai-server-ip: 2.16.116.224
        akamai-request-id: 26063803
        cache-control: public, max-age=1209600
        report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
        nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.1}
        timing-allow-origin: *
        akamai-grn: 0.e0741002.1723070216.26063803
        vary: Origin
      • flag-fr
        GET
        https://assets.msn.com/staticsb/statics/latest/oneTrust/1.9/consent/55a804ab-e5c6-4b97-9319-86263d365d28/55a804ab-e5c6-4b97-9319-86263d365d28.json
        MicrosoftEdgeCP.exe
        Remote address:
        2.18.40.160:443
        Request
        GET /staticsb/statics/latest/oneTrust/1.9/consent/55a804ab-e5c6-4b97-9319-86263d365d28/55a804ab-e5c6-4b97-9319-86263d365d28.json HTTP/2.0
        host: assets.msn.com
        accept: */*
        origin: https://www.msn.com
        referer: https://www.msn.com/spartan/dhp?locale=en-US&market=US&enableregulatorypsm=0&enablecpsm=0&ishostisolationenforced=0&targetexperience=default
        accept-language: en-US
        user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; ServiceUI 9) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
        accept-encoding: gzip, deflate, br
        Response
        HTTP/2.0 200
        content-type: application/json
        content-md5: tBDiswOqCRnxNKBPFOr30w==
        last-modified: Wed, 07 Aug 2024 00:44:51 GMT
        etag: 0x8DCB67A25A3D4AA
        server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
        x-ms-request-id: 00699b4c-201e-0001-1d81-e8e4a1000000
        x-ms-version: 2009-09-19
        x-ms-lease-status: unlocked
        x-ms-blob-type: BlockBlob
        content-encoding: gzip
        date: Wed, 07 Aug 2024 22:36:56 GMT
        content-length: 1854
        akamai-request-bc: [a=2.16.116.224,b=637945511,c=g,n=FR_PAC_MARSEILLE,o=20940]
        server-timing: clientrtt; dur=64, clienttt; dur=1, origin; dur=0, cdntime; dur=1, wpo;dur=0,1s;dur=0
        akamai-cache-status: Hit from child
        akamai-server-ip: 2.16.116.224
        akamai-request-id: 260646a7
        access-control-allow-credentials: true
        access-control-allow-origin: https://www.msn.com
        cache-control: public, max-age=1209600
        report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
        nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.1}
        timing-allow-origin: *
        akamai-grn: 0.e0741002.1723070216.260646a7
        vary: Origin
      • flag-fr
        GET
        https://assets.msn.com/staticsb/statics/latest/oneTrust/1.9/scripttemplates/202310.2.0/otBannerSdk.js
        MicrosoftEdgeCP.exe
        Remote address:
        2.18.40.160:443
        Request
        GET /staticsb/statics/latest/oneTrust/1.9/scripttemplates/202310.2.0/otBannerSdk.js HTTP/2.0
        host: assets.msn.com
        accept: application/javascript, */*;q=0.8
        referer: https://www.msn.com/spartan/dhp?locale=en-US&market=US&enableregulatorypsm=0&enablecpsm=0&ishostisolationenforced=0&targetexperience=default
        accept-language: en-US
        user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; ServiceUI 9) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
        accept-encoding: gzip, deflate, br
        cookie: USRLOC=; MUID=2F4059FD64FC652A38734DAA6550643D; _EDGE_V=1; OptanonConsent=isGpcEnabled=0&datestamp=Thu+Apr+04+2024+13%3A33%3A41+GMT%2B0000+(Coordinated+Universal+Time)&version=202310.2.0&browserGpcFlag=0&isIABGlobal=false
        Response
        HTTP/2.0 200
        content-type: application/javascript
        content-md5: lAfvoXufoJKI/4M+6xEcxw==
        last-modified: Wed, 07 Aug 2024 00:44:51 GMT
        etag: 0x8DCB67A25B305D0
        server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
        x-ms-request-id: 0213804f-701e-00b5-6a87-e8286f000000
        x-ms-version: 2009-09-19
        x-ms-lease-status: unlocked
        x-ms-blob-type: BlockBlob
        content-encoding: gzip
        date: Wed, 07 Aug 2024 22:36:56 GMT
        content-length: 105160
        akamai-request-bc: [a=2.16.116.224,b=637946264,c=g,n=FR_PAC_MARSEILLE,o=20940]
        server-timing: clientrtt; dur=64, clienttt; dur=0, origin; dur=0, cdntime; dur=0, wpo;dur=0,1s;dur=0
        akamai-cache-status: Hit from child
        akamai-server-ip: 2.16.116.224
        akamai-request-id: 26064998
        cache-control: public, max-age=1209600
        report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
        nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.1}
        timing-allow-origin: *
        akamai-grn: 0.e0741002.1723070216.26064998
        vary: Origin
      • flag-fr
        GET
        https://assets.msn.com/staticsb/statics/latest/oneTrust/1.9/scripttemplates/202310.2.0/otTCF.js
        MicrosoftEdgeCP.exe
        Remote address:
        2.18.40.160:443
        Request
        GET /staticsb/statics/latest/oneTrust/1.9/scripttemplates/202310.2.0/otTCF.js HTTP/2.0
        host: assets.msn.com
        accept: application/javascript, */*;q=0.8
        referer: https://www.msn.com/spartan/dhp?locale=en-US&market=US&enableregulatorypsm=0&enablecpsm=0&ishostisolationenforced=0&targetexperience=default
        accept-language: en-US
        user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; ServiceUI 9) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
        accept-encoding: gzip, deflate, br
        cookie: USRLOC=; MUID=2F4059FD64FC652A38734DAA6550643D; _EDGE_V=1; OptanonConsent=isGpcEnabled=0&datestamp=Thu+Apr+04+2024+13%3A33%3A41+GMT%2B0000+(Coordinated+Universal+Time)&version=202310.2.0&browserGpcFlag=0&isIABGlobal=false
        Response
        HTTP/2.0 200
        content-type: application/javascript
        content-md5: zMe9/U/sQ7tOLuJUcFr2+Q==
        last-modified: Wed, 07 Aug 2024 00:44:43 GMT
        etag: 0x8DCB67A21006D40
        server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
        x-ms-request-id: 50ea3c17-801e-0059-4672-e875ec000000
        x-ms-version: 2009-09-19
        x-ms-lease-status: unlocked
        x-ms-blob-type: BlockBlob
        content-encoding: gzip
        date: Wed, 07 Aug 2024 22:36:56 GMT
        content-length: 11711
        akamai-request-bc: [a=2.16.116.224,b=637947189,c=g,n=FR_PAC_MARSEILLE,o=20940]
        server-timing: clientrtt; dur=64, clienttt; dur=0, origin; dur=0, cdntime; dur=0, wpo;dur=0,1s;dur=0
        akamai-cache-status: Hit from child
        akamai-server-ip: 2.16.116.224
        akamai-request-id: 26064d35
        cache-control: public, max-age=1209600
        report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
        nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.1}
        timing-allow-origin: *
        akamai-grn: 0.e0741002.1723070216.26064d35
        vary: Origin
      • flag-fr
        GET
        https://assets.msn.com/staticsb/statics/latest/oneTrust/1.9/consent/55a804ab-e5c6-4b97-9319-86263d365d28/e51556d4-5848-4a4b-a5e2-bc98431e1bf7/en-gb.json
        MicrosoftEdgeCP.exe
        Remote address:
        2.18.40.160:443
        Request
        GET /staticsb/statics/latest/oneTrust/1.9/consent/55a804ab-e5c6-4b97-9319-86263d365d28/e51556d4-5848-4a4b-a5e2-bc98431e1bf7/en-gb.json HTTP/2.0
        host: assets.msn.com
        accept: */*
        origin: https://www.msn.com
        referer: https://www.msn.com/spartan/dhp?locale=en-US&market=US&enableregulatorypsm=0&enablecpsm=0&ishostisolationenforced=0&targetexperience=default
        accept-language: en-US
        user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; ServiceUI 9) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
        accept-encoding: gzip, deflate, br
        Response
        HTTP/2.0 200
        content-type: application/json
        content-md5: Z3GVmx0mQbhR0PePNnG6TQ==
        last-modified: Wed, 07 Aug 2024 00:44:54 GMT
        etag: 0x8DCB67A27AB3E6A
        server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
        x-ms-request-id: cc6eb33c-601e-007e-7ef3-e86228000000
        x-ms-version: 2009-09-19
        x-ms-lease-status: unlocked
        x-ms-blob-type: BlockBlob
        content-encoding: gzip
        content-length: 20340
        date: Wed, 07 Aug 2024 22:36:56 GMT
        akamai-request-bc: [a=2.16.116.224,b=637947342,c=g,n=FR_PAC_MARSEILLE,o=20940]
        server-timing: clientrtt; dur=64, clienttt; dur=0, origin; dur=0, cdntime; dur=0, wpo;dur=0,1s;dur=0
        akamai-cache-status: Hit from child
        akamai-server-ip: 2.16.116.224
        akamai-request-id: 26064dce
        access-control-allow-credentials: true
        access-control-allow-origin: https://www.msn.com
        cache-control: public, max-age=1209600
        report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
        nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.1}
        timing-allow-origin: *
        akamai-grn: 0.e0741002.1723070216.26064dce
        vary: Origin
      • flag-fr
        GET
        https://assets.msn.com/staticsb/statics/latest/oneTrust/1.9/consent/55a804ab-e5c6-4b97-9319-86263d365d28/iab2V2Data.json
        MicrosoftEdgeCP.exe
        Remote address:
        2.18.40.160:443
        Request
        GET /staticsb/statics/latest/oneTrust/1.9/consent/55a804ab-e5c6-4b97-9319-86263d365d28/iab2V2Data.json HTTP/2.0
        host: assets.msn.com
        accept: */*
        origin: https://www.msn.com
        referer: https://www.msn.com/spartan/dhp?locale=en-US&market=US&enableregulatorypsm=0&enablecpsm=0&ishostisolationenforced=0&targetexperience=default
        accept-language: en-US
        user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; ServiceUI 9) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
        accept-encoding: gzip, deflate, br
        Response
        HTTP/2.0 200
        content-type: application/json
        content-md5: iB7GIl1dfVgN/rIFCQoYvg==
        last-modified: Wed, 07 Aug 2024 00:44:55 GMT
        etag: 0x8DCB67A2820FB47
        server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
        x-ms-request-id: 0051a5bd-901e-0076-0b6a-e83135000000
        x-ms-version: 2009-09-19
        x-ms-lease-status: unlocked
        x-ms-blob-type: BlockBlob
        content-encoding: gzip
        content-length: 67471
        date: Wed, 07 Aug 2024 22:36:56 GMT
        akamai-request-bc: [a=2.16.116.224,b=637947344,c=g,n=FR_PAC_MARSEILLE,o=20940]
        server-timing: clientrtt; dur=64, clienttt; dur=0, origin; dur=0, cdntime; dur=0, wpo;dur=0,1s;dur=0
        akamai-cache-status: Hit from child
        akamai-server-ip: 2.16.116.224
        akamai-request-id: 26064dd0
        access-control-allow-credentials: true
        access-control-allow-origin: https://www.msn.com
        cache-control: public, max-age=1209600
        report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
        nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.1}
        timing-allow-origin: *
        akamai-grn: 0.e0741002.1723070216.26064dd0
        vary: Origin
      • flag-us
        GET
        https://www.msn.com/bundles/v1/edge/latest/manifest.appcache?locale=en-US&market=US&enableregulatorypsm=0&enablecpsm=0&ishostisolationenforced=0&targetexperience=default
        MicrosoftEdgeCP.exe
        Remote address:
        204.79.197.203:443
        Request
        GET /bundles/v1/edge/latest/manifest.appcache?locale=en-US&market=US&enableregulatorypsm=0&enablecpsm=0&ishostisolationenforced=0&targetexperience=default HTTP/2.0
        host: www.msn.com
        accept: */*
        referer: https://www.msn.com/spartan/dhp?locale=en-US&market=US&enableregulatorypsm=0&enablecpsm=0&ishostisolationenforced=0&targetexperience=default
        accept-language: en-US
        user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; ServiceUI 9) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
        origin: https://www.msn.com
        accept-encoding: gzip, deflate, br
        cookie: USRLOC=; MUID=2F4059FD64FC652A38734DAA6550643D; _EDGE_V=1; OptanonConsent=isGpcEnabled=0&datestamp=Thu+Apr+04+2024+13%3A33%3A41+GMT%2B0000+(Coordinated+Universal+Time)&version=202310.2.0&browserGpcFlag=0&isIABGlobal=false; sptmarket=en-US|US|gb|en-gb|en-gb|en||RefA=A6289F252C6A4FCAA15D56DAD82D0F7E.RefC=2024-04-04T13:33:41Z; MUIDB=2F4059FD64FC652A38734DAA6550643D
        Response
        HTTP/2.0 200
        cache-control: public, no-transform, max-age=31535892
        content-length: 27593
        content-type: application/javascript
        content-encoding: br
        content-md5: 1RRmuxKE8GUY/7LTdiUWtQ==
        last-modified: Mon, 26 Jul 2021 22:19:35 GMT
        etag: 0x8D95083735E33E4
        vary: Origin
        x-cache: TCP_HIT
        x-ms-request-id: f72f0749-501e-0056-54e2-dbf381000000
        x-ms-version: 2009-09-19
        x-ms-lease-status: unlocked
        x-ms-blob-type: BlockBlob
        akamai-request-bc: [a=92.123.26.71,b=750188670,c=g,n=GB_EN_LONDON,o=20940]
        server-timing: clientrtt; dur=3, clienttt; dur=0, origin; dur=0, cdntime; dur=0, wpo;dur=0,1s;dur=0
        akamai-cache-status: Hit from child
        akamai-server-ip: 92.123.26.71
        akamai-request-id: 2cb6f87e
        report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
        nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.1}
        timing-allow-origin: *
        akamai-grn: 0.471a7b5c.1722054121.2cb6f87e
        x-cid: 7
        x-ccc: GB
        accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
        x-msedge-ref: Ref A: 89F384D6CC62483FB20D7525198453A0 Ref B: LON04EDGE1208 Ref C: 2024-08-07T22:36:56Z
        date: Wed, 07 Aug 2024 22:36:56 GMT
      • flag-us
        GET
        https://www.msn.com/bundles/v1/edge/latest/web-worker.440858f9fe4973b6d967.js
        MicrosoftEdgeCP.exe
        Remote address:
        204.79.197.203:443
        Request
        GET /bundles/v1/edge/latest/web-worker.440858f9fe4973b6d967.js HTTP/2.0
        host: www.msn.com
        accept: application/javascript, */*;q=0.8
        referer: https://www.msn.com/spartan/dhp?locale=en-US&market=US&enableregulatorypsm=0&enablecpsm=0&ishostisolationenforced=0&targetexperience=default
        accept-language: en-US
        user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; ServiceUI 9) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
        accept-encoding: gzip, deflate, br
        cookie: USRLOC=; MUID=2F4059FD64FC652A38734DAA6550643D; _EDGE_V=1; OptanonConsent=isGpcEnabled=0&datestamp=Thu+Apr+04+2024+13%3A33%3A41+GMT%2B0000+(Coordinated+Universal+Time)&version=202310.2.0&browserGpcFlag=0&isIABGlobal=false; sptmarket=en-US|US|gb|en-gb|en-gb|en||RefA=A6289F252C6A4FCAA15D56DAD82D0F7E.RefC=2024-04-04T13:33:41Z; MUIDB=2F4059FD64FC652A38734DAA6550643D
        Response
        HTTP/2.0 200
        cache-control: no-cache, no-store, no-transform
        content-length: 70
        content-type: text/cache-manifest
        content-encoding: gzip
        content-md5: Rqmsx87pIMK1GFYNCRhAAQ==
        last-modified: Mon, 26 Jul 2021 22:20:05 GMT
        etag: 0x8D9508385701DBF
        vary: Origin
        x-ms-request-id: 8e5159e9-801e-003b-4b75-fc6eb8000000
        x-ms-version: 2009-09-19
        x-ms-lease-status: unlocked
        x-ms-blob-type: BlockBlob
        akamai-request-bc: [a=92.123.26.125,b=66348583,c=g,n=GB_EN_LONDON,o=20940]
        server-timing: clientrtt; dur=1, clienttt; dur=6, origin; dur=0, cdntime; dur=6, wpo;dur=0,1s;dur=0
        akamai-cache-status: RefreshHit from child, Hit from parent
        akamai-server-ip: 92.123.26.125
        akamai-request-id: 3f46627
        access-control-allow-credentials: true
        access-control-allow-origin: https://www.msn.com
        report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
        nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.1}
        timing-allow-origin: *
        akamai-grn: 0.7d1a7b5c.1723070216.3f46627
        x-cache: CONFIG_NOCACHE
        accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
        x-msedge-ref: Ref A: 17AE6355CC604E479F3B0550645AD4A8 Ref B: LON04EDGE1208 Ref C: 2024-08-07T22:36:56Z
        date: Wed, 07 Aug 2024 22:36:56 GMT
      • flag-us
        DNS
        160.40.18.2.in-addr.arpa
        Remote address:
        8.8.8.8:53
        Request
        160.40.18.2.in-addr.arpa
        IN PTR
        Response
        160.40.18.2.in-addr.arpa
        IN PTR
        a2-18-40-160deploystaticakamaitechnologiescom
      • flag-us
        DNS
        browser.events.data.msn.com
        MicrosoftEdgeCP.exe
        Remote address:
        8.8.8.8:53
        Request
        browser.events.data.msn.com
        IN A
        Response
        browser.events.data.msn.com
        IN CNAME
        global.asimov.events.data.trafficmanager.net
        global.asimov.events.data.trafficmanager.net
        IN CNAME
        onedscolprdeus04.eastus.cloudapp.azure.com
        onedscolprdeus04.eastus.cloudapp.azure.com
        IN A
        52.168.112.67
      • flag-us
        GET
        https://www.msn.com/favicon.ico
        MicrosoftEdge.exe
        Remote address:
        204.79.197.203:443
        Request
        GET /favicon.ico HTTP/2.0
        host: www.msn.com
        accept: */*
        accept-encoding: gzip, deflate, br
        user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
        dnt: 1
        Response
        HTTP/2.0 200
        cache-control: public, max-age=604800
        content-length: 781
        content-type: image/x-icon
        content-encoding: gzip
        content-md5: hMyXfQ6xSBZkgbAdhBjjdQ==
        last-modified: Wed, 07 Aug 2024 00:44:35 GMT
        etag: 0x8DCB67A1C259283
        vary: Origin
        x-ms-request-id: e960d734-a01e-0100-52cc-e84570000000
        x-ms-version: 2009-09-19
        x-ms-lease-status: unlocked
        x-ms-blob-type: BlockBlob
        akamai-request-bc: [a=92.123.26.36,b=120464667,c=g,n=GB_EN_LONDON,o=20940]
        server-timing: clientrtt; dur=1, clienttt; dur=0, origin; dur=0, cdntime; dur=0, wpo;dur=0,1s;dur=0
        akamai-cache-status: Hit from child
        akamai-server-ip: 92.123.26.36
        akamai-request-id: 72e251b
        report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
        nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.1}
        timing-allow-origin: *
        akamai-grn: 0.241a7b5c.1723070217.72e251b
        x-cache: CONFIG_NOCACHE
        accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
        x-msedge-ref: Ref A: 435B990136AC4C01A8B7088C9B6AB26E Ref B: LON04EDGE0716 Ref C: 2024-08-07T22:36:57Z
        date: Wed, 07 Aug 2024 22:36:56 GMT
      • flag-us
        POST
        https://browser.events.data.msn.com/OneCollector/1.0?cors=true&content-type=application%2Fx-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-2.2.2&apikey=0ded60c75e44443aa3484c42c1c43fe8-9fc57d3f-fdac-4bcf-b927-75eafe60192e-7279&upload-time=1712237622000&w=0&anoncknm=app_anon
        MicrosoftEdgeCP.exe
        Remote address:
        52.168.112.67:443
        Request
        POST /OneCollector/1.0?cors=true&content-type=application%2Fx-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-2.2.2&apikey=0ded60c75e44443aa3484c42c1c43fe8-9fc57d3f-fdac-4bcf-b927-75eafe60192e-7279&upload-time=1712237622000&w=0&anoncknm=app_anon HTTP/2.0
        host: browser.events.data.msn.com
        origin: https://www.msn.com
        referer: https://www.msn.com/spartan/dhp?locale=en-US&market=US&enableregulatorypsm=0&enablecpsm=0&ishostisolationenforced=0&targetexperience=default
        user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; ServiceUI 9) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
        content-type: text/plain;charset=UTF-8
        accept-language: en-US
        accept: */*
        accept-encoding: gzip, deflate, br
        content-length: 3206
        cache-control: no-cache
        cookie: USRLOC=; MUID=2F4059FD64FC652A38734DAA6550643D; _EDGE_V=1; OptanonConsent=isGpcEnabled=0&datestamp=Thu+Apr+04+2024+13%3A33%3A41+GMT%2B0000+(Coordinated+Universal+Time)&version=202310.2.0&browserGpcFlag=0&isIABGlobal=false
        Response
        HTTP/2.0 200
        content-length: 153
        content-type: application/json
        server: Microsoft-HTTPAPI/2.0
        strict-transport-security: max-age=31536000
        p3p: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
        set-cookie: MC1=GUID=b41bf86874a3490a871d2b76f6442a58&HASH=b41b&LV=202408&V=4&LU=1723070217200; Domain=.microsoft.com; Expires=Thu, 07 Aug 2025 22:36:57 GMT; Path=/;Secure; SameSite=None
        set-cookie: MS0=1c6185fd173e4f49a53f2cd06ca2f185; Domain=.microsoft.com; Expires=Wed, 07 Aug 2024 23:06:57 GMT; Path=/;Secure; SameSite=None
        time-delta-millis: 10832595200
        access-control-allow-headers: P3P,Set-Cookie,time-delta-millis
        access-control-allow-methods: POST
        access-control-allow-credentials: true
        access-control-allow-origin: https://www.msn.com
        access-control-expose-headers: time-delta-millis
        date: Wed, 07 Aug 2024 22:36:56 GMT
      • flag-us
        POST
        https://browser.events.data.msn.com/OneCollector/1.0?cors=true&content-type=application%2Fx-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-2.2.2&apikey=0ded60c75e44443aa3484c42c1c43fe8-9fc57d3f-fdac-4bcf-b927-75eafe60192e-7279&upload-time=1712237622000&w=0&anoncknm=app_anon
        MicrosoftEdgeCP.exe
        Remote address:
        52.168.112.67:443
        Request
        POST /OneCollector/1.0?cors=true&content-type=application%2Fx-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-2.2.2&apikey=0ded60c75e44443aa3484c42c1c43fe8-9fc57d3f-fdac-4bcf-b927-75eafe60192e-7279&upload-time=1712237622000&w=0&anoncknm=app_anon HTTP/2.0
        host: browser.events.data.msn.com
        origin: https://www.msn.com
        referer: https://www.msn.com/spartan/dhp?locale=en-US&market=US&enableregulatorypsm=0&enablecpsm=0&ishostisolationenforced=0&targetexperience=default
        user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; ServiceUI 9) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
        content-type: text/plain;charset=UTF-8
        accept-language: en-US
        accept: */*
        accept-encoding: gzip, deflate, br
        content-length: 3815
        cache-control: no-cache
        cookie: USRLOC=; MUID=2F4059FD64FC652A38734DAA6550643D; _EDGE_V=1; OptanonConsent=isGpcEnabled=0&datestamp=Thu+Apr+04+2024+13%3A33%3A41+GMT%2B0000+(Coordinated+Universal+Time)&version=202310.2.0&browserGpcFlag=0&isIABGlobal=false
        Response
        HTTP/2.0 200
        content-length: 153
        content-type: application/json
        server: Microsoft-HTTPAPI/2.0
        strict-transport-security: max-age=31536000
        p3p: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
        set-cookie: MC1=GUID=1b12d712a15a4c308e2008b6bc66dcbe&HASH=1b12&LV=202408&V=4&LU=1723070217200; Domain=.microsoft.com; Expires=Thu, 07 Aug 2025 22:36:57 GMT; Path=/;Secure; SameSite=None
        set-cookie: MS0=c21646ca05134975b048bd76ff8776f7; Domain=.microsoft.com; Expires=Wed, 07 Aug 2024 23:06:57 GMT; Path=/;Secure; SameSite=None
        time-delta-millis: 10832595200
        access-control-allow-headers: P3P,Set-Cookie,time-delta-millis
        access-control-allow-methods: POST
        access-control-allow-credentials: true
        access-control-allow-origin: https://www.msn.com
        access-control-expose-headers: time-delta-millis
        date: Wed, 07 Aug 2024 22:36:56 GMT
      • flag-us
        POST
        https://browser.events.data.msn.com/OneCollector/1.0?cors=true&content-type=application%2Fx-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-2.2.2&apikey=0ded60c75e44443aa3484c42c1c43fe8-9fc57d3f-fdac-4bcf-b927-75eafe60192e-7279&upload-time=1712237622000&w=0&anoncknm=app_anon
        MicrosoftEdgeCP.exe
        Remote address:
        52.168.112.67:443
        Request
        POST /OneCollector/1.0?cors=true&content-type=application%2Fx-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-2.2.2&apikey=0ded60c75e44443aa3484c42c1c43fe8-9fc57d3f-fdac-4bcf-b927-75eafe60192e-7279&upload-time=1712237622000&w=0&anoncknm=app_anon HTTP/2.0
        host: browser.events.data.msn.com
        origin: https://www.msn.com
        referer: https://www.msn.com/spartan/dhp?locale=en-US&market=US&enableregulatorypsm=0&enablecpsm=0&ishostisolationenforced=0&targetexperience=default
        user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; ServiceUI 9) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
        content-type: text/plain;charset=UTF-8
        accept-language: en-US
        accept: */*
        accept-encoding: gzip, deflate, br
        content-length: 7124
        cache-control: no-cache
        cookie: USRLOC=; MUID=2F4059FD64FC652A38734DAA6550643D; _EDGE_V=1; OptanonConsent=isGpcEnabled=0&datestamp=Thu+Apr+04+2024+13%3A33%3A41+GMT%2B0000+(Coordinated+Universal+Time)&version=202310.2.0&browserGpcFlag=0&isIABGlobal=false
        Response
        HTTP/2.0 200
        content-length: 153
        content-type: application/json
        server: Microsoft-HTTPAPI/2.0
        strict-transport-security: max-age=31536000
        p3p: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
        set-cookie: MC1=GUID=cba9a7c8da9346bc86a5adc5b7ee7de7&HASH=cba9&LV=202408&V=4&LU=1723070217200; Domain=.microsoft.com; Expires=Thu, 07 Aug 2025 22:36:57 GMT; Path=/;Secure; SameSite=None
        set-cookie: MS0=84758dbba1144a1f9a853530d25dc835; Domain=.microsoft.com; Expires=Wed, 07 Aug 2024 23:06:57 GMT; Path=/;Secure; SameSite=None
        time-delta-millis: 10832595200
        access-control-allow-headers: P3P,Set-Cookie,time-delta-millis
        access-control-allow-methods: POST
        access-control-allow-credentials: true
        access-control-allow-origin: https://www.msn.com
        access-control-expose-headers: time-delta-millis
        date: Wed, 07 Aug 2024 22:36:56 GMT
      • flag-us
        DNS
        67.112.168.52.in-addr.arpa
        Remote address:
        8.8.8.8:53
        Request
        67.112.168.52.in-addr.arpa
        IN PTR
        Response
      • flag-us
        DNS
        161.19.199.152.in-addr.arpa
        Remote address:
        8.8.8.8:53
        Request
        161.19.199.152.in-addr.arpa
        IN PTR
        Response
      • flag-us
        DNS
        c.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.2.0.f.f.ip6.arpa
        Remote address:
        8.8.8.8:53
        Request
        c.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.2.0.f.f.ip6.arpa
        IN PTR
        Response
      • flag-us
        DNS
        0.205.248.87.in-addr.arpa
        Remote address:
        8.8.8.8:53
        Request
        0.205.248.87.in-addr.arpa
        IN PTR
        Response
        0.205.248.87.in-addr.arpa
        IN PTR
        https-87-248-205-0lgwllnwnet
      • flag-us
        DNS
        23.236.111.52.in-addr.arpa
        Remote address:
        8.8.8.8:53
        Request
        23.236.111.52.in-addr.arpa
        IN PTR
        Response
      • 172.217.168.206:443
        drive.google.com
        tls, http2
        MicrosoftEdgeCP.exe
        1.1kB
         7.4kB
         15
        11
      • 172.217.168.206:443
        https://drive.google.com/auth_warmup
        tls, http2
        MicrosoftEdgeCP.exe
        5.2kB
         71.5kB
         85
        80

        HTTP Request

        GET https://drive.google.com/file/d/1b6qB1WVdoi9qrL2lftt0YIRygYNVeIJh/view

        HTTP Response

        200

        HTTP Request

        GET https://drive.google.com/auth_warmup

        HTTP Response

        200

        HTTP Request

        GET https://drive.google.com/file/d/1b6qB1WVdoi9qrL2lftt0YIRygYNVeIJh/view

        HTTP Response

        200

        HTTP Request

        GET https://drive.google.com/auth_warmup

        HTTP Response

        200
      • 142.250.179.131:80
        http://c.pki.goog/r/r1.crl
        http
        MicrosoftEdgeCP.exe
        349 B
         1.7kB
         5
        4

        HTTP Request

        GET http://c.pki.goog/r/r1.crl

        HTTP Response

        200
      • 142.250.179.131:80
        http://o.pki.goog/wr2/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEENjNo17UXCzCoB93MsCZlg%3D
        http
        MicrosoftEdgeCP.exe
        1.1kB
         2.3kB
         9
        5

        HTTP Request

        GET http://o.pki.goog/wr2/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEHGN%2BKTRSIp4CcztJxB9gYQ%3D

        HTTP Response

        200

        HTTP Request

        GET http://o.pki.goog/wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQCjHbN8Q48ByBJsBZfEZOeO

        HTTP Response

        200

        HTTP Request

        GET http://o.pki.goog/wr2/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEENjNo17UXCzCoB93MsCZlg%3D

        HTTP Response

        200
      • 142.250.179.131:80
        http://o.pki.goog/wr2/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEGSmfK2o2tshCmPh6FdfeUg%3D
        http
        MicrosoftEdgeCP.exe
        784 B
         1.6kB
         7
        4

        HTTP Request

        GET http://o.pki.goog/wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQDAezvzBOn2FxIghPLaMkP6

        HTTP Response

        200

        HTTP Request

        GET http://o.pki.goog/wr2/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEGSmfK2o2tshCmPh6FdfeUg%3D

        HTTP Response

        200
      • 142.250.179.174:443
        https://ogs.google.com/widget/callout?prid=19016402&pgid=19010599&puid=e75463737693f8c9&cce=1&dc=1&origin=https%3A%2F%2Fdrive.google.com&cn=callout&pid=25&spid=25&hl=en-GB&dm=
        tls, http2
        MicrosoftEdgeCP.exe
        3.0kB
         31.9kB
         39
        35

        HTTP Request

        GET https://ogs.google.com/widget/callout?prid=19016402&pgid=19010599&puid=e75463737693f8c9&cce=1&dc=1&origin=https%3A%2F%2Fdrive.google.com&cn=callout&pid=25&spid=25&hl=en-GB&dm=

        HTTP Response

        200

        HTTP Request

        GET https://ogs.google.com/widget/callout?prid=19016402&pgid=19010599&puid=e75463737693f8c9&cce=1&dc=1&origin=https%3A%2F%2Fdrive.google.com&cn=callout&pid=25&spid=25&hl=en-GB&dm=

        HTTP Response

        200
      • 142.250.179.174:443
        ogs.google.com
        tls, http2
        MicrosoftEdgeCP.exe
        1.1kB
         7.4kB
         15
        11
      • 142.251.36.14:443
        apis.google.com
        tls, http2
        MicrosoftEdgeCP.exe
        1.0kB
         4.8kB
         13
        9
      • 142.251.36.14:443
        https://apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.MGCxJbnW_Xw.O/m=client/exm=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/am=AAAg/rs=AHpOoo9xa4htLEVH9xe6c4ToUehtTaLWvA/cb=gapi.loaded_1
        tls, http2
        MicrosoftEdgeCP.exe
        6.6kB
         127.3kB
         111
        106

        HTTP Request

        GET https://apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.MGCxJbnW_Xw.O/m=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/am=AAAg/rs=AHpOoo9xa4htLEVH9xe6c4ToUehtTaLWvA/cb=gapi.loaded_0

        HTTP Response

        200

        HTTP Request

        GET https://apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.MGCxJbnW_Xw.O/m=client/exm=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/am=AAAg/rs=AHpOoo9xa4htLEVH9xe6c4ToUehtTaLWvA/cb=gapi.loaded_1

        HTTP Response

        200

        HTTP Request

        GET https://apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.MGCxJbnW_Xw.O/m=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/am=AAAg/rs=AHpOoo9xa4htLEVH9xe6c4ToUehtTaLWvA/cb=gapi.loaded_0

        HTTP Response

        304

        HTTP Request

        GET https://apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.MGCxJbnW_Xw.O/m=client/exm=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/am=AAAg/rs=AHpOoo9xa4htLEVH9xe6c4ToUehtTaLWvA/cb=gapi.loaded_1

        HTTP Response

        304
      • 142.250.179.202:443
        ogads-pa.googleapis.com
        tls, http2
        MicrosoftEdgeCP.exe
        1.1kB
         5.2kB
         14
        10
      • 142.250.179.202:443
        https://ogads-pa.googleapis.com/$rpc/google.internal.onegoogle.asyncdata.v1.AsyncDataService/GetAsyncData
        tls, http2
        MicrosoftEdgeCP.exe
        3.5kB
         7.9kB
         40
        32

        HTTP Request

        OPTIONS https://ogads-pa.googleapis.com/$rpc/google.internal.onegoogle.asyncdata.v1.AsyncDataService/GetAsyncData

        HTTP Response

        200

        HTTP Request

        POST https://ogads-pa.googleapis.com/$rpc/google.internal.onegoogle.asyncdata.v1.AsyncDataService/GetAsyncData

        HTTP Response

        200

        HTTP Request

        OPTIONS https://ogads-pa.googleapis.com/$rpc/google.internal.onegoogle.asyncdata.v1.AsyncDataService/GetAsyncData

        HTTP Response

        200

        HTTP Request

        POST https://ogads-pa.googleapis.com/$rpc/google.internal.onegoogle.asyncdata.v1.AsyncDataService/GetAsyncData

        HTTP Response

        200
      • 142.250.179.131:80
        http://ocsp.pki.goog/gsr1/MFEwTzBNMEswSTAJBgUrDgMCGgUABBS3V7W2nAf4FiMTjpDJKg6%2BMgGqMQQUYHtmGkUNl8qJUC99BM00qP%2F8%2FUsCEHe9DWzbNvka6iEPxPBY0w0%3D
        http
        MicrosoftEdge.exe
        469 B
         1.9kB
         5
        4

        HTTP Request

        GET http://ocsp.pki.goog/gsr1/MFEwTzBNMEswSTAJBgUrDgMCGgUABBS3V7W2nAf4FiMTjpDJKg6%2BMgGqMQQUYHtmGkUNl8qJUC99BM00qP%2F8%2FUsCEHe9DWzbNvka6iEPxPBY0w0%3D

        HTTP Response

        200
      • 142.250.179.131:80
        http://c.pki.goog/r/r1.crl
        http
        MicrosoftEdge.exe
        349 B
         1.7kB
         5
        4

        HTTP Request

        GET http://c.pki.goog/r/r1.crl

        HTTP Response

        200
      • 142.250.179.131:80
        http://o.pki.goog/wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQDAezvzBOn2FxIghPLaMkP6
        http
        MicrosoftEdge.exe
        463 B
         844 B
         5
        3

        HTTP Request

        GET http://o.pki.goog/wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQDAezvzBOn2FxIghPLaMkP6

        HTTP Response

        200
      • 142.250.179.196:443
        https://www.google.com/images/hpp/Chrome_Owned_96x96.png
        tls, http2
        MicrosoftEdgeCP.exe
        2.4kB
         12.4kB
         27
        23

        HTTP Request

        GET https://www.google.com/images/hpp/Chrome_Owned_96x96.png

        HTTP Response

        200

        HTTP Request

        GET https://www.google.com/images/hpp/Chrome_Owned_96x96.png

        HTTP Response

        304
      • 142.250.179.196:443
        www.google.com
        tls, http2
        MicrosoftEdgeCP.exe
        1.0kB
         4.8kB
         13
        9
      • 2.18.40.160:443
        https://assets.msn.com/staticsb/statics/latest/oneTrust/1.9/consent/55a804ab-e5c6-4b97-9319-86263d365d28/iab2V2Data.json
        tls, http2
        MicrosoftEdgeCP.exe
        19.0kB
         491.3kB
         374
        366

        HTTP Request

        GET https://assets.msn.com/bundles/v1/edge/latest/microsoft.8aa91a5fe4f5d8517ae1.js

        HTTP Request

        GET https://assets.msn.com/bundles/v1/edge/latest/vendors.c47bf4f4981f23895ddb.js

        HTTP Request

        GET https://assets.msn.com/bundles/v1/edge/latest/common.5dd7cff85de67632bfd7.js

        HTTP Request

        GET https://assets.msn.com/staticsb/statics/latest/oneTrust/1.9/scripttemplates/otSDKStub.js

        HTTP Response

        200

        HTTP Response

        200

        HTTP Response

        200

        HTTP Response

        200

        HTTP Request

        GET https://assets.msn.com/staticsb/statics/latest/oneTrust/1.9/consent/55a804ab-e5c6-4b97-9319-86263d365d28/55a804ab-e5c6-4b97-9319-86263d365d28.json

        HTTP Response

        200

        HTTP Request

        GET https://assets.msn.com/staticsb/statics/latest/oneTrust/1.9/scripttemplates/202310.2.0/otBannerSdk.js

        HTTP Response

        200

        HTTP Request

        GET https://assets.msn.com/staticsb/statics/latest/oneTrust/1.9/scripttemplates/202310.2.0/otTCF.js

        HTTP Request

        GET https://assets.msn.com/staticsb/statics/latest/oneTrust/1.9/consent/55a804ab-e5c6-4b97-9319-86263d365d28/e51556d4-5848-4a4b-a5e2-bc98431e1bf7/en-gb.json

        HTTP Request

        GET https://assets.msn.com/staticsb/statics/latest/oneTrust/1.9/consent/55a804ab-e5c6-4b97-9319-86263d365d28/iab2V2Data.json

        HTTP Response

        200

        HTTP Response

        200

        HTTP Response

        200
      • 2.18.40.160:443
        assets.msn.com
        tls, http2
        MicrosoftEdgeCP.exe
        1.1kB
         4.6kB
         15
        14
      • 2.18.40.160:443
        assets.msn.com
        tls, http2
        MicrosoftEdgeCP.exe
        1.1kB
         4.6kB
         15
        14
      • 2.18.40.160:443
        assets.msn.com
        tls, http2
        MicrosoftEdgeCP.exe
        1.2kB
         4.6kB
         16
        14
      • 204.79.197.203:443
        https://www.msn.com/bundles/v1/edge/latest/web-worker.440858f9fe4973b6d967.js
        tls, http2
        MicrosoftEdgeCP.exe
        3.0kB
         37.1kB
         38
        35

        HTTP Request

        GET https://www.msn.com/bundles/v1/edge/latest/manifest.appcache?locale=en-US&market=US&enableregulatorypsm=0&enablecpsm=0&ishostisolationenforced=0&targetexperience=default

        HTTP Request

        GET https://www.msn.com/bundles/v1/edge/latest/web-worker.440858f9fe4973b6d967.js

        HTTP Response

        200

        HTTP Response

        200
      • 204.79.197.203:443
        www.msn.com
        tls, http2
        MicrosoftEdgeCP.exe
        1.2kB
         6.9kB
         15
        13
      • 204.79.197.203:443
        https://www.msn.com/favicon.ico
        tls, http2
        MicrosoftEdge.exe
        1.7kB
         8.7kB
         18
        14

        HTTP Request

        GET https://www.msn.com/favicon.ico

        HTTP Response

        200
      • 204.79.197.203:443
        www.msn.com
        tls, http2
        MicrosoftEdge.exe
        1.3kB
         6.9kB
         15
        13
      • 52.168.112.67:443
        browser.events.data.msn.com
        tls, http2
        MicrosoftEdgeCP.exe
        1.2kB
         6.9kB
         15
        11
      • 52.168.112.67:443
        https://browser.events.data.msn.com/OneCollector/1.0?cors=true&content-type=application%2Fx-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-2.2.2&apikey=0ded60c75e44443aa3484c42c1c43fe8-9fc57d3f-fdac-4bcf-b927-75eafe60192e-7279&upload-time=1712237622000&w=0&anoncknm=app_anon
        tls, http2
        MicrosoftEdgeCP.exe
        17.1kB
         9.1kB
         32
        23

        HTTP Request

        POST https://browser.events.data.msn.com/OneCollector/1.0?cors=true&content-type=application%2Fx-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-2.2.2&apikey=0ded60c75e44443aa3484c42c1c43fe8-9fc57d3f-fdac-4bcf-b927-75eafe60192e-7279&upload-time=1712237622000&w=0&anoncknm=app_anon

        HTTP Request

        POST https://browser.events.data.msn.com/OneCollector/1.0?cors=true&content-type=application%2Fx-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-2.2.2&apikey=0ded60c75e44443aa3484c42c1c43fe8-9fc57d3f-fdac-4bcf-b927-75eafe60192e-7279&upload-time=1712237622000&w=0&anoncknm=app_anon

        HTTP Request

        POST https://browser.events.data.msn.com/OneCollector/1.0?cors=true&content-type=application%2Fx-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-2.2.2&apikey=0ded60c75e44443aa3484c42c1c43fe8-9fc57d3f-fdac-4bcf-b927-75eafe60192e-7279&upload-time=1712237622000&w=0&anoncknm=app_anon

        HTTP Response

        200

        HTTP Response

        200

        HTTP Response

        200
      • 52.168.112.67:443
        browser.events.data.msn.com
        tls, http2
        MicrosoftEdgeCP.exe
        1.2kB
         6.9kB
         15
        11
      • 8.8.8.8:53
        drive.google.com
        dns
        MicrosoftEdgeCP.exe
        62 B
         78 B
         1
        1

        DNS Request

        drive.google.com

        DNS Response

        172.217.168.206

      • 8.8.8.8:53
        c.pki.goog
        dns
        MicrosoftEdge.exe
        56 B
         107 B
         1
        1

        DNS Request

        c.pki.goog

        DNS Response

        142.250.179.131

      • 8.8.8.8:53
        o.pki.goog
        dns
        MicrosoftEdge.exe
        56 B
         107 B
         1
        1

        DNS Request

        o.pki.goog

        DNS Response

        142.250.179.131

      • 8.8.8.8:53
        206.168.217.172.in-addr.arpa
        dns
        74 B
         113 B
         1
        1

        DNS Request

        206.168.217.172.in-addr.arpa

      • 8.8.8.8:53
        172.214.232.199.in-addr.arpa
        dns
        74 B
         128 B
         1
        1

        DNS Request

        172.214.232.199.in-addr.arpa

      • 8.8.8.8:53
        131.179.250.142.in-addr.arpa
        dns
        74 B
         112 B
         1
        1

        DNS Request

        131.179.250.142.in-addr.arpa

      • 8.8.8.8:53
        42.36.251.142.in-addr.arpa
        dns
        72 B
         111 B
         1
        1

        DNS Request

        42.36.251.142.in-addr.arpa

      • 8.8.8.8:53
        ogs.google.com
        dns
        MicrosoftEdgeCP.exe
        60 B
         97 B
         1
        1

        DNS Request

        ogs.google.com

        DNS Response

        142.250.179.174

      • 8.8.8.8:53
        apis.google.com
        dns
        MicrosoftEdgeCP.exe
        61 B
         98 B
         1
        1

        DNS Request

        apis.google.com

        DNS Response

        142.251.36.14

      • 8.8.8.8:53
        ogads-pa.googleapis.com
        dns
        MicrosoftEdgeCP.exe
        69 B
         213 B
         1
        1

        DNS Request

        ogads-pa.googleapis.com

        DNS Response

        142.250.179.202
        142.250.179.138
        172.217.23.202
        142.250.179.170
        142.251.39.106
        142.251.36.10
        142.251.36.42
        172.217.168.234
        216.58.208.106

      • 8.8.8.8:53
        ssl.gstatic.com
        dns
        MicrosoftEdge.exe
        61 B
         77 B
         1
        1

        DNS Request

        ssl.gstatic.com

        DNS Response

        142.250.179.131

      • 8.8.8.8:53
        3.36.251.142.in-addr.arpa
        dns
        71 B
         109 B
         1
        1

        DNS Request

        3.36.251.142.in-addr.arpa

      • 8.8.8.8:53
        174.179.250.142.in-addr.arpa
        dns
        74 B
         113 B
         1
        1

        DNS Request

        174.179.250.142.in-addr.arpa

      • 8.8.8.8:53
        14.36.251.142.in-addr.arpa
        dns
        72 B
         111 B
         1
        1

        DNS Request

        14.36.251.142.in-addr.arpa

      • 8.8.8.8:53
        202.179.250.142.in-addr.arpa
        dns
        74 B
         113 B
         1
        1

        DNS Request

        202.179.250.142.in-addr.arpa

      • 8.8.8.8:53
        www.google.com
        dns
        MicrosoftEdgeCP.exe
        60 B
         76 B
         1
        1

        DNS Request

        www.google.com

        DNS Response

        142.250.179.196

      • 8.8.8.8:53
        196.179.250.142.in-addr.arpa
        dns
        74 B
         112 B
         1
        1

        DNS Request

        196.179.250.142.in-addr.arpa

      • 8.8.8.8:53
        www.msn.com
        dns
        MicrosoftEdge.exe
        57 B
         132 B
         1
        1

        DNS Request

        www.msn.com

        DNS Response

        204.79.197.203

      • 8.8.8.8:53
        assets.msn.com
        dns
        MicrosoftEdgeCP.exe
        60 B
         278 B
         1
        1

        DNS Request

        assets.msn.com

        DNS Response

        2.18.40.160
        2.18.40.151
        2.18.40.158
        2.18.40.162
        2.18.40.139
        2.18.40.145
        2.18.40.152
        2.18.40.157
        2.18.40.147

      • 8.8.8.8:53
        160.40.18.2.in-addr.arpa
        dns
        70 B
         133 B
         1
        1

        DNS Request

        160.40.18.2.in-addr.arpa

      • 8.8.8.8:53
        browser.events.data.msn.com
        dns
        MicrosoftEdgeCP.exe
        73 B
         200 B
         1
        1

        DNS Request

        browser.events.data.msn.com

        DNS Response

        52.168.112.67

      • 8.8.8.8:53
        67.112.168.52.in-addr.arpa
        dns
        72 B
         146 B
         1
        1

        DNS Request

        67.112.168.52.in-addr.arpa

      • 8.8.8.8:53
        161.19.199.152.in-addr.arpa
        dns
        73 B
         144 B
         1
        1

        DNS Request

        161.19.199.152.in-addr.arpa

      • 8.8.8.8:53
        c.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.2.0.f.f.ip6.arpa
        dns
        118 B
         182 B
         1
        1

        DNS Request

        c.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.2.0.f.f.ip6.arpa

      • 8.8.8.8:53
        0.205.248.87.in-addr.arpa
        dns
        71 B
         116 B
         1
        1

        DNS Request

        0.205.248.87.in-addr.arpa

      • 8.8.8.8:53
        23.236.111.52.in-addr.arpa
        dns
        72 B
         158 B
         1
        1

        DNS Request

        23.236.111.52.in-addr.arpa

      • 8.8.8.8:53

      MITRE ATT&CK Enterprise v15

      Replay Monitor

      Loading Replay Monitor...

      Downloads

      • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\XCFODRP5\edgecompatviewlist[1].xml
        Filesize

        74KB

        MD5

        d4fc49dc14f63895d997fa4940f24378

        SHA1

        3efb1437a7c5e46034147cbbc8db017c69d02c31

        SHA256

        853d2f4eb81c9fdcea2ee079f6faf98214b111b77cdf68709b38989d123890f1

        SHA512

        cc60d79b4afe5007634ac21dc4bc92081880be4c0d798a1735b63b27e936c02f399964f744dc73711987f01e8a1064b02a4867dd6cac27538e5fbe275cc61e0a

        Download Submit

      • C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\3V3Q2AI7\cb=gapi[1].js
        Filesize

        122KB

        MD5

        7d41ce8af12a1020f76d0d4620a30b79

        SHA1

        913cdcd6daf53cecb2639d9a451c4f1f88071d9e

        SHA256

        2b4ae5731b6361fef2a0b2ea0d005ca674d5cfa837628dc8acf4140b2c8b3843

        SHA512

        f42cd6041d26407cb75ab57788a71aab626d3a94c50a2a4a04dcb6c89fb728695c44054c0dd79e3c2824bfa9188d6ca8e7a3cb71e6eef7f645f93839147ae0f0

        Download Submit

      • C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\3V3Q2AI7\rs=AA2YrTuZHf1FxnWSuni4yfYFm7DJbfG-0A[1].css
        Filesize

        3KB

        MD5

        4a4d3a159fc9c6ab57f5ed0aec76bab4

        SHA1

        04e1c402d2bed76ebf56abfe0f8cff5cb71d5745

        SHA256

        9aa721ae44d67d37aa0bd34944a23885eec90ce7ff3dde2137a7cda5315f7619

        SHA512

        be845b422cfb7ce4c3e661df6313019705e1d53c1b0122d15ef871465c95b81ef37ae984b06e04b651a189e4939eabc38b6945896225f551c3ffbe2f8699d07d

        Download Submit

      • C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\3V3Q2AI7\rs=AA2YrTuhs7wI50davzC4wzhH8Do425_T2w[1].js
        Filesize

        226KB

        MD5

        db05977cedef14745ba783fc0e40ca71

        SHA1

        a516910f03a80ccebdf79564d0297e9398a1ea5a

        SHA256

        2c21ab473d1360421bf4413bc9c955c9dc9cd498286b0f48d0506f542ae4cbb9

        SHA512

        bf2ed1ca1392ae5717b8795d1a3b2484be432cc49ab3b95ff5ced36bac27b2b4c99f0eab26074ffb17257ffdf6cf8ae70b91ce1aa894d88c8cd9bb4a43f9b56f

        Download Submit

      • C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\9OWBHTOV\KFOlCnqEu92Fr1MmWUlfBBc4[1].woff2
        Filesize

        15KB

        MD5

        037d830416495def72b7881024c14b7b

        SHA1

        619389190b3cafafb5db94113990350acc8a0278

        SHA256

        1d5b7c64458f4af91dcfee0354be47adde1f739b5aded03a7ab6068a1bb6ca97

        SHA512

        c8d2808945a9bf2e6ad36c7749313467ff390f195448c326c4d4d7a4a635a11e2ddf4d0779be2db274f1d1d9d022b1f837294f1e12c9f87e3eac8a95cfd8872f

        Download Submit

      • C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\9OWBHTOV\css[1].css
        Filesize

        800B

        MD5

        70c68652f820a1f9bb3545003bb8af67

        SHA1

        91e38bedbf9024f34b0a3fd5211b2d3608ac839e

        SHA256

        133f0fed047d2bbf088f16379d699d60665ea1d8792c588fcb2c0d1f6d2fde7f

        SHA512

        a07bfd5a0c553ea233255956bf99d0a0ed10d0255d64d215193c8c8782572c40b710769b42483e464a667ae2c4a0981a2cb25238d0e0bbebfcc4a39ddffbb5dd

        Download Submit

      • C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\9OWBHTOV\m=_b,_tp[1].js
        Filesize

        185KB

        MD5

        efc2feda97c69fa08fc9acd50978323f

        SHA1

        8e6870f89f89244c8c760021e572228c72ffc9a7

        SHA256

        2fc64c5fceda55ff5620124facbe4c97429ff3a4b4824c1274757fdfb925a2db

        SHA512

        b9e6407366449c024286a8311a12f2cf495875f47fb1aaacd335559c50f5a1e5ec0e388d0c35c2a4456a9d54b6b7b625372b3d194307501c45305962a2a2c45e

        Download Submit

      • C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\9OWBHTOV\m=v,wb[1].js
        Filesize

        1.8MB

        MD5

        815e48dcbbc27d8ad4ef542c94d0e478

        SHA1

        e354505bafe3718c2c7da2b6eb3ab42d55a3195e

        SHA256

        6659b873e6612a7d124925ef3ab488eb16aae6168df07eab1ee120d8a3fe59fa

        SHA512

        050a6612f9b1583f3e33c7c97a518439b2d9bae562457439ddbb17c21cc200ea3ae27c5a96f45e11693f74909c14b5e86a0f45a8666b493438f4b9e095bb9172

        Download Submit

      • C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\9OWBHTOV\rs=AO0039snslbYrNryBRt7i8qj5hZ5UpWU3Q[1].css
        Filesize

        2.3MB

        MD5

        8de9fffcea9fbd60deb7c260639ddd53

        SHA1

        f5096b47dab6569e3fb9459de3370736e48f1678

        SHA256

        432e70ebc941bb683048d65e0282ed9652c9058b9d11e49ae5baf35b54a8e993

        SHA512

        3de97f2eebaf9e5d18f665a9b2a0601cebcf089e077c835d08599d96a6f10c6b2fae7d7fc025cf5e0913e1fabc56af2e73be538dafa87534b1c1867d9a9c7be0

        Download Submit

      • C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\OTARACJE\KFOlCnqEu92Fr1MmEU9fBBc4[1].woff2
        Filesize

        15KB

        MD5

        285467176f7fe6bb6a9c6873b3dad2cc

        SHA1

        ea04e4ff5142ddd69307c183def721a160e0a64e

        SHA256

        5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

        SHA512

        5f9bb763406ea8ce978ec675bd51a0263e9547021ea71188dbd62f0212eb00c1421b750d3b94550b50425bebff5f881c41299f6a33bbfa12fb1ff18c12bc7ff1

        Download Submit

      • C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\OTARACJE\KFOlCnqEu92Fr1MmSU5fBBc4[1].woff2
        Filesize

        15KB

        MD5

        55536c8e9e9a532651e3cf374f290ea3

        SHA1

        ff3a9b8ae317896cbbcbadfbe615d671bd1d32a2

        SHA256

        eca8ffa764a66cd084800e2e71c4176ef089ebd805515664a6cb8d4fb3b598bf

        SHA512

        1346654c8293a2f38dd425ad44a2aa0ed2feab224388ab4e38fb99082769bbd14d67d74cac3ce6e39a562a0812f9bce0a623be233f9632dcb8d5d358e42f2186

        Download Submit

      • C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\OTARACJE\cb=gapi[1].js
        Filesize

        206KB

        MD5

        01aca6d674132913ecbc9db2b2d9ad03

        SHA1

        c9fb646739e2ed2e18869867e3fcdd9364ff046f

        SHA256

        f41d574aeffffe2094c610397398b37da40813e31cded45f92037c49295f4d15

        SHA512

        c96ab1a80f2db279ea53f8bedbd1b2feb17c3ac7ff29181235883d78b065fca21c59c832b04bb6c50fc6cd56287f5fb7977a1d9a2dfb5c7ac45443d86f56bbd0

        Download Submit

      • C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\OTARACJE\css2[1].css
        Filesize

        609B

        MD5

        c9416551b401e8ddc4cd642b1348d60c

        SHA1

        75d238de4bcef07ec6afd81fa38a91a3a55adc2a

        SHA256

        cb7b5b067f94b97f8e98d0c0d0e2ef2add7725527ad7ea726ff7d6702f1eff9a

        SHA512

        b7b3054284b982026adc743f27da8d89050546049471cba9e380086a56dc01749041e237b932e187b566445bdc380ef3938c4f7932e33a6005344f7ccb14d5c9

        Download Submit

      • C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\OTARACJE\m=MpJwZc,UUJqVe,sy6,s39S4,syn,pw70Gc[1].js
        Filesize

        6KB

        MD5

        fd11c6ecbfff1def3629662fb3b973d5

        SHA1

        ce7af3298b19a7495e8bbc463e8e404f68920117

        SHA256

        ae792fc369868c53895c2051ac1a2256ca99b29a1c0d2ec301c697fc695b661e

        SHA512

        bbec488d4cfeddd7d9ffd64bafdfdbb1b917f8aef6ec35d0af5647eba92e7ea0a448236532281701c2f2543682d5f22f3fb32cbdcde604ff05072fcb8125cfe8

        Download Submit

      • C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\OTARACJE\m=bm51tf[1].js
        Filesize

        1KB

        MD5

        49e0675418a3349085e5d3fb1dbf723f

        SHA1

        960a887efd741f050b7d136246cb792a5e8f1406

        SHA256

        a649ebf5a81a1d2c6be748c79fc0081ab40bba095308e6e4a8dab7493182ca80

        SHA512

        a84df3fd421f41b757b0087bacc2852f6ee82dddf15839dbced55d2456687b0129ae18476795f5222bb111168fdbd35d9e11cbd9f8f72d173fa55d1243eea759

        Download Submit

      • C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\RSC41JKB\KFOkCnqEu92Fr1Mu51xIIzI[1].woff2
        Filesize

        16KB

        MD5

        d8bcbe724fd6f4ba44d0ee6a2675890f

        SHA1

        d276fd769bcb675f8efe42ebe3003c1d3255f985

        SHA256

        aa4650a411dfe1c9beb794ffaf08c7909cdfbb05672d79b3a9976672cbba75ec

        SHA512

        23f757ea3afe6febe1e8ea935f0ee8690e1b1b1da511788b529cc2fc38f7e454153cdba6f84a6a0e19b294e5311625a03617cf98aac150f17b88a53f3ed8b72a

        Download Submit

      • C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\RSC41JKB\KFOmCnqEu92Fr1Mu4mxK[1].woff2
        Filesize

        14KB

        MD5

        5d4aeb4e5f5ef754e307d7ffaef688bd

        SHA1

        06db651cdf354c64a7383ea9c77024ef4fb4cef8

        SHA256

        3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

        SHA512

        7eb7c301df79d35a6a521fae9d3dccc0a695d3480b4d34c7d262dd0c67abec8437ed40e2920625e98aaeafba1d908dec69c3b07494ec7c29307de49e91c2ef48

        Download Submit

      • C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\RSC41JKB\lazy.min[1].js
        Filesize

        117KB

        MD5

        8d24ed27706b0ae1c5e66d0bbc654bae

        SHA1

        67747fb79c6724a2fa28dd22e36f0ed25ae17798

        SHA256

        c15542b3f57d74bb469cfeae96cc5f815918e430e3f2a36f2215f11da717eabe

        SHA512

        451ab7153152b96620cefba5f03855045b95d9e8a2f8b9b5e1a6612cfc4a5af50a9f464fbf0d23eba47472d609bcae9b237651ee05a75b689232f8064456128d

        Download Submit

      • C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\RSC41JKB\m=RqjULd[1].js
        Filesize

        21KB

        MD5

        85430beeb4994ade9e37ac8d4517b925

        SHA1

        8ef4fcdd9c89b191ca969a0d71cf4d5f8bf8699c

        SHA256

        ff79813acf59609d8928663453291afcaba58c4b436e5e0cb2bc5ade39b9e24b

        SHA512

        1ec2bfb06b1df4f986f51a97a716892f1e01ca70e7a551d5ec23a68d51487d7c0efb94c1fca961de43251e590737639407975285bd8c051e95c6825e4c6c65f9

        Download Submit

      • C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!002\Microsoft\CryptnetUrlCache\Content\57C8EDB95DF3F0AD4EE2DC2B8CFD4157
        Filesize

        4KB

        MD5

        1bfe591a4fe3d91b03cdf26eaacd8f89

        SHA1

        719c37c320f518ac168c86723724891950911cea

        SHA256

        9cf94355051bf0f4a45724ca20d1cc02f76371b963ab7d1e38bd8997737b13d8

        SHA512

        02f88da4b610678c31664609bcfa9d61db8d0b0617649981af948f670f41a6207b4ec19fecce7385a24e0c609cbbf3f2b79a8acaf09a03c2c432cc4dce75e9db

        Download Submit

      • C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\MicrosoftEdge\Cache\19YL7BCN\drive_2020q4_32dp[1].png
        Filesize

        831B

        MD5

        916c9bcccf19525ad9d3cd1514008746

        SHA1

        9ccce6978d2417927b5150ffaac22f907ff27b6e

        SHA256

        358e814139d3ed8469b36935a071be6696ccad7dd9bdbfdb80c052b068ae2a50

        SHA512

        b73c1a81997abe12dba4ae1fa38f070079448c3798e7161c9262ccba6ee6a91e8a243f0e4888c8aef33ce1cf83818fc44c85ae454a522a079d08121cd8628d00

        Download Submit

      • C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\MicrosoftEdge\Cache\BOIM7VU5\favicon[1].ico
        Filesize

        758B

        MD5

        84cc977d0eb148166481b01d8418e375

        SHA1

        00e2461bcd67d7ba511db230415000aefbd30d2d

        SHA256

        bbf8da37d92138cc08ffeec8e3379c334988d5ae99f4415579999bfbbb57a66c

        SHA512

        f47a507077f9173fb07ec200c2677ba5f783d645be100f12efe71f701a74272a98e853c4fab63740d685853935d545730992d0004c9d2fe8e1965445cab509c3

        Download Submit

      • C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\Temp\~DFCF4A2B460421C8DF.TMP
        Filesize

        20KB

        MD5

        7cc1686b11fe19f17c4651515fb46f8d

        SHA1

        d1da273fef7839b44e1376fa2c354a2b72f8afd7

        SHA256

        828e0c204d8db3a289442d7ac162b465f21cfba3ea8ec1d60f36a52c50432299

        SHA512

        8aa8b878ad71c5e7ceb472b33ba790676b1d3f8e195e670c840e66bb4f3f285bbd045dae74420a8e9dcc8617a8f43faeb4330ed8545f5c46cbca184a4ff0d998

        Download Submit

      • memory/3588-17-0x0000017652330000-0x0000017652340000-memory.dmp

        Filesize

        64KB

        Download

      • memory/3588-0-0x0000017652220000-0x0000017652230000-memory.dmp

        Filesize

        64KB

        Download

      • memory/3588-35-0x000001764F6A0000-0x000001764F6A2000-memory.dmp

        Filesize

        8KB

        Download

      • memory/4068-44-0x000002BFC2080000-0x000002BFC2180000-memory.dmp

        Filesize

        1024KB

        Download

      • memory/4068-45-0x000002BFC2080000-0x000002BFC2180000-memory.dmp

        Filesize

        1024KB

        Download

      • memory/4916-321-0x0000029C415F0000-0x0000029C41600000-memory.dmp

        Filesize

        64KB

        Download

      • memory/4916-84-0x0000029C53E50000-0x0000029C53E52000-memory.dmp

        Filesize

        8KB

        Download

      • memory/4916-320-0x0000029C415F0000-0x0000029C41600000-memory.dmp

        Filesize

        64KB

        Download

      • memory/4916-323-0x0000029C415F0000-0x0000029C41600000-memory.dmp

        Filesize

        64KB

        Download

      • memory/4916-301-0x0000029C415F0000-0x0000029C41600000-memory.dmp

        Filesize

        64KB

        Download

      • memory/4916-175-0x0000029C55E80000-0x0000029C55F80000-memory.dmp

        Filesize

        1024KB

        Download

      • memory/4916-128-0x0000029C5E1A0000-0x0000029C5E1C0000-memory.dmp

        Filesize

        128KB

        Download

      • memory/4916-319-0x0000029C415F0000-0x0000029C41600000-memory.dmp

        Filesize

        64KB

        Download

      • memory/4916-86-0x0000029C53E70000-0x0000029C53E72000-memory.dmp

        Filesize

        8KB

        Download

      • memory/4916-88-0x0000029C53E90000-0x0000029C53E92000-memory.dmp

        Filesize

        8KB

        Download

      • memory/4916-63-0x0000029C41A40000-0x0000029C41B40000-memory.dmp

        Filesize

        1024KB

        Download

      • memory/4916-318-0x0000029C415F0000-0x0000029C41600000-memory.dmp

        Filesize

        64KB

        Download

      • memory/4916-317-0x0000029C415F0000-0x0000029C41600000-memory.dmp

        Filesize

        64KB

        Download

      • memory/4916-316-0x0000029C415F0000-0x0000029C41600000-memory.dmp

        Filesize

        64KB

        Download

      • memory/4916-314-0x0000029C415F0000-0x0000029C41600000-memory.dmp

        Filesize

        64KB

        Download

      • memory/4916-313-0x0000029C415F0000-0x0000029C41600000-memory.dmp

        Filesize

        64KB

        Download

      We care about your privacy.

      This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.