| Source: unknown | TCP traffic detected without corresponding DNS query: 52.182.143.211 |
| Source: unknown | TCP traffic detected without corresponding DNS query: 52.182.143.211 |
| Source: unknown | TCP traffic detected without corresponding DNS query: 52.182.143.211 |
| Source: unknown | TCP traffic detected without corresponding DNS query: 52.182.143.211 |
| Source: unknown | TCP traffic detected without corresponding DNS query: 52.182.143.211 |
| Source: unknown | TCP traffic detected without corresponding DNS query: 52.182.143.211 |
| Source: unknown | TCP traffic detected without corresponding DNS query: 52.182.143.211 |
| Source: unknown | TCP traffic detected without corresponding DNS query: 142.250.184.195 |
| Source: unknown | TCP traffic detected without corresponding DNS query: 142.250.184.195 |
| Source: unknown | TCP traffic detected without corresponding DNS query: 3.167.152.24 |
| Source: unknown | TCP traffic detected without corresponding DNS query: 3.167.152.24 |
| Source: unknown | TCP traffic detected without corresponding DNS query: 3.167.152.24 |
| Source: unknown | TCP traffic detected without corresponding DNS query: 23.209.72.30 |
| Source: unknown | TCP traffic detected without corresponding DNS query: 23.209.72.30 |
| Source: unknown | TCP traffic detected without corresponding DNS query: 23.209.72.30 |
| Source: unknown | TCP traffic detected without corresponding DNS query: 23.209.72.30 |
| Source: unknown | TCP traffic detected without corresponding DNS query: 23.209.72.30 |
| Source: unknown | TCP traffic detected without corresponding DNS query: 23.209.72.30 |
| Source: unknown | TCP traffic detected without corresponding DNS query: 20.189.173.5 |
| Source: unknown | TCP traffic detected without corresponding DNS query: 20.189.173.5 |
| Source: unknown | TCP traffic detected without corresponding DNS query: 20.189.173.5 |
| Source: unknown | TCP traffic detected without corresponding DNS query: 23.209.72.30 |
| Source: unknown | TCP traffic detected without corresponding DNS query: 23.209.72.30 |
| Source: unknown | TCP traffic detected without corresponding DNS query: 23.209.72.30 |
| Source: unknown | TCP traffic detected without corresponding DNS query: 23.209.72.30 |
| Source: unknown | TCP traffic detected without corresponding DNS query: 23.209.72.30 |
| Source: unknown | TCP traffic detected without corresponding DNS query: 23.209.72.30 |
| Source: unknown | TCP traffic detected without corresponding DNS query: 3.167.152.24 |
| Source: unknown | TCP traffic detected without corresponding DNS query: 3.167.152.24 |
| Source: unknown | TCP traffic detected without corresponding DNS query: 3.167.152.24 |
| Source: unknown | TCP traffic detected without corresponding DNS query: 23.44.201.32 |
| Source: unknown | TCP traffic detected without corresponding DNS query: 23.44.201.32 |
| Source: unknown | TCP traffic detected without corresponding DNS query: 23.44.201.32 |
| Source: unknown | TCP traffic detected without corresponding DNS query: 23.44.201.32 |
| Source: unknown | TCP traffic detected without corresponding DNS query: 23.44.201.32 |
| Source: unknown | TCP traffic detected without corresponding DNS query: 23.44.201.32 |
| Source: unknown | TCP traffic detected without corresponding DNS query: 204.79.197.219 |
| Source: unknown | TCP traffic detected without corresponding DNS query: 204.79.197.219 |
| Source: unknown | TCP traffic detected without corresponding DNS query: 204.79.197.219 |
| Source: unknown | TCP traffic detected without corresponding DNS query: 204.79.197.219 |
| Source: unknown | TCP traffic detected without corresponding DNS query: 204.79.197.219 |
| Source: unknown | TCP traffic detected without corresponding DNS query: 204.79.197.219 |
| Source: unknown | TCP traffic detected without corresponding DNS query: 20.189.173.5 |
| Source: unknown | TCP traffic detected without corresponding DNS query: 20.189.173.5 |
| Source: unknown | TCP traffic detected without corresponding DNS query: 20.189.173.5 |
| Source: unknown | TCP traffic detected without corresponding DNS query: 20.189.173.5 |
| Source: unknown | TCP traffic detected without corresponding DNS query: 20.189.173.5 |
| Source: unknown | TCP traffic detected without corresponding DNS query: 20.189.173.5 |
| Source: unknown | TCP traffic detected without corresponding DNS query: 20.189.173.5 |
| Source: unknown | TCP traffic detected without corresponding DNS query: 20.189.173.5 |
| Source: global traffic | HTTP traffic detected: GET /complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=&oit=0&oft=1&pgcl=20&gs_rn=42&sugkey=AIzaSyA2KlwBX3mkFo30om9LUFYQhpqLoa_BNhE HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CLbgygE=Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9 |
| Source: global traffic | HTTP traffic detected: GET /async/ddljson?async=ntp:2 HTTP/1.1Host: www.google.comConnection: keep-aliveSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9 |
| Source: global traffic | HTTP traffic detected: GET /async/newtab_ogb?hl=en-US&async=fixed:0 HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CLbgygE=Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9 |
| Source: global traffic | HTTP traffic detected: GET /async/newtab_promos HTTP/1.1Host: www.google.comConnection: keep-aliveSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9 |
| Source: global traffic | HTTP traffic detected: GET /mail/?tab=rm&ogbl HTTP/1.1Host: mail.google.comConnection: keep-alivesec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7X-Browser-Channel: stableX-Browser-Year: 2025X-Browser-Validation: wTKGXmLo+sPWz1JKKbFzUyHly1Q=X-Browser-Copyright: Copyright 2025 Google LLC. All rights reserved.X-Client-Data: CLbgygE=Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: NID=522=FkgT0r8W3vmIrO3HICJpTguYUdHuqb5U3AbkIriNn2oSeDID-vBRgnRCtzxteQ6d49sSfOjAEG5bMM_BlA4ia_gBeXCJoiIY1RWq9YocuwfjFAzEvqnpJPthYMX78iQYuY6RKoQCOUfAfczyeyGsE3Pm2y9-bSj-anYh-rsU-Msnd4PSOvbQiinbSLO1J3gbUIne1NrZ6A |
| Source: global traffic | HTTP traffic detected: GET /mail/u/0/?tab=rm&ogbl HTTP/1.1Host: mail.google.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7X-Browser-Channel: stableX-Browser-Year: 2025X-Browser-Validation: wTKGXmLo+sPWz1JKKbFzUyHly1Q=X-Browser-Copyright: Copyright 2025 Google LLC. All rights reserved.X-Client-Data: CLbgygE=Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: documentsec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: NID=522=FkgT0r8W3vmIrO3HICJpTguYUdHuqb5U3AbkIriNn2oSeDID-vBRgnRCtzxteQ6d49sSfOjAEG5bMM_BlA4ia_gBeXCJoiIY1RWq9YocuwfjFAzEvqnpJPthYMX78iQYuY6RKoQCOUfAfczyeyGsE3Pm2y9-bSj-anYh-rsU-Msnd4PSOvbQiinbSLO1J3gbUIne1NrZ6A |
| Source: global traffic | HTTP traffic detected: GET /edge/ntp?locale=en-GB&title=New%20tab&dsp=1&sp=Bing&isFREModalBackground=1&startpage=1&PC=U531 HTTP/1.1Host: ntp.msn.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"sec-ch-ua-platform-version: "10.0.0"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7sec-edge-ntp: {"back_block":0,"bg_cur":{},"bg_img_typ":"bing","exp":["msQuickLinksDefaultOneRow","msShoppingWebAssistOnNtp","msShoppingHistogramsOnNtp","msEnableWinHPNewTabBackButtonFocusAndClose","msCustomMaxQuickLinks","msMaxQuickLinksAt20","msAllowThemeInstallationFromChromeStore","msEdgeSplitWindowLinkMode"],"feed":0,"feed_dis":"onscroll","layout":1,"quick_links_opt":1,"sel_feed_piv":"","show_greet":true,"vt_opened":false}Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8 |
| Source: global traffic | HTTP traffic detected: GET /crx/blobs/Ad_brx23lef_cW590ESOTTAroOhZ9si0XFJIUC52j2ILHW1VLB5ou6c0RgLWwGr1aRJJZ0WPNyiPBYgIpWfykvhKW-6BLzMRsp9ykw5f6ReBQmPpO6WB9pcSJPfykLTHDjYAxlKa5bf72z8tHS5eXuTavTP1h4WZBjSs/GHBMNNJOOEKPMOECNNNILNNBDLOLHKHI_1_89_1_0.crx HTTP/1.1Host: clients2.googleusercontent.comConnection: keep-aliveSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8 |
| Source: global traffic | HTTP traffic detected: GET /bundles/v1/edgeChromium/latest/SSR-extension.867cdfd625d830718faf.js HTTP/1.1Host: ntp.msn.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://ntp.msn.comsec-ch-viewport-height: 876sec-ch-ua-arch: "x86"sec-ch-viewport-width: 1232sec-ch-ua-platform-version: "10.0.0"downlink: 1.45sec-ch-ua-full-version-list: "Microsoft Edge";v="117.0.2045.47", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.132"sec-ch-ua-bitness: "64"sec-ch-ua-model: ""sec-ch-prefers-color-scheme: lightsec-ch-ua-platform: "Windows"device-memory: 8rtt: 100sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-full-version: "117.0.2045.47"sec-ch-dpr: 1ect: 4gAccept: */*sec-edge-ntp: {"back_block":0,"bg_cur":{},"bg_img_typ":"bing","exp":["msQuickLinksDefaultOneRow","msShoppingWebAssistOnNtp","msShoppingHistogramsOnNtp","msEnableWinHPNewTabBackButtonFocusAndClose","msCustomMaxQuickLinks","msMaxQuickLinksAt20","msAllowThemeInstallationFromChromeStore","msEdgeSplitWindowLinkMode"],"feed":0,"feed_dis":"onscroll","layout":1,"quick_links_opt":1,"sel_feed_piv":"","show_greet":true,"vt_opened":false}Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://ntp.msn.com/edge/ntp?locale=en-GB&title=New%20tab&dsp=1&sp=Bing&isFREModalBackground=1&startpage=1&PC=U531Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8Cookie: _C_ETH=1; sptmarket=en-GB||us|en-us|en-us|en||cf=8|RefA=457FEFFAB8114968991F906B3BDDD711.RefC=2025-03-10T08:17:50Z; USRLOC=; MUID=3F7F921E0E686A2D1D8887B50F8F6B10; MUIDB=3F7F921E0E686A2D1D8887B50F8F6B10; _EDGE_S=F=1&SID=0901E925449567A4196EFC8E4594669A; _EDGE_V=1 |
| Source: global traffic | HTTP traffic detected: GET /bundles/v1/edgeChromium/latest/web-worker.948ffa5ea2d441a35f55.js HTTP/1.1Host: ntp.msn.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-viewport-height: 876sec-ch-ua-arch: "x86"sec-ch-viewport-width: 1232sec-ch-ua-platform-version: "10.0.0"downlink: 1.45sec-ch-ua-bitness: "64"sec-ch-ua-full-version-list: "Microsoft Edge";v="117.0.2045.47", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.132"sec-ch-ua-model: ""sec-ch-prefers-color-scheme: lightsec-ch-ua-platform: "Windows"device-memory: 8rtt: 100sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-full-version: "117.0.2045.47"sec-ch-dpr: 1ect: 4gAccept: */*sec-edge-ntp: {"back_block":0,"bg_cur":{},"bg_img_typ":"bing","exp":["msQuickLinksDefaultOneRow","msShoppingWebAssistOnNtp","msShoppingHistogramsOnNtp","msEnableWinHPNewTabBackButtonFocusAndClose","msCustomMaxQuickLinks","msMaxQuickLinksAt20","msAllowThemeInstallationFromChromeStore","msEdgeSplitWindowLinkMode"],"feed":0,"feed_dis":"onscroll","layout":1,"quick_links_opt":1,"sel_feed_piv":"","show_greet":true,"vt_opened":false}Sec-Fetch-Site: same-originSec-Fetch-Mode: same-originSec-Fetch-Dest: workerReferer: https://ntp.msn.com/edge/ntp?locale=en-GB&title=New%20tab&dsp=1&sp=Bing&isFREModalBackground=1&startpage=1&PC=U531Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8Cookie: _C_ETH=1; sptmarket=en-GB||us|en-us|en-us|en||cf=8|RefA=457FEFFAB8114968991F906B3BDDD711.RefC=2025-03-10T08:17:50Z; USRLOC=; MUID=3F7F921E0E686A2D1D8887B50F8F6B10; MUIDB=3F7F921E0E686A2D1D8887B50F8F6B10; _EDGE_S=F=1&SID=0901E925449567A4196EFC8E4594669A; _EDGE_V=1 |
| Source: global traffic | HTTP traffic detected: GET /bundles/v1/edgeChromium/latest/vendors.5d0f28115e15fcff20c5.js HTTP/1.1Host: assets.msn.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://ntp.msn.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8 |
| Source: global traffic | HTTP traffic detected: GET /bundles/v1/edgeChromium/latest/microsoft.4fa8815283fe3d88a934.js HTTP/1.1Host: assets.msn.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://ntp.msn.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8 |
| Source: global traffic | HTTP traffic detected: GET /bundles/v1/edgeChromium/latest/common.a1e626d952b002612af0.js HTTP/1.1Host: assets.msn.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://ntp.msn.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8 |
| Source: global traffic | HTTP traffic detected: GET /bundles/v1/edgeChromium/latest/experience.c64f021441815c638c7a.js HTTP/1.1Host: assets.msn.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://ntp.msn.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8 |
| Source: global traffic | HTTP traffic detected: GET /K7gBWtmhy68WKHPlgviywLLiG6N8Fn6L3QYXTO9z2-6s_MvxJCarKFUMl5cYV7e1m9_3hXuKJMsvdylGv6ejDR19QcykUgCRvwv7=e365-pa-nu-rw-w1416 HTTP/1.1Host: lh3.googleusercontent.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8X-Client-Data: CLbgygE=Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageSec-Fetch-Storage-Access: activeReferer: https://workspace.google.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9 |
| Source: global traffic | HTTP traffic detected: GET /B-JUuwlvmpEkNNeTdTeQ13avafYuETIqkiz-U7VtPnmEWzE6GPmDbgutVn-9WvHC_YBthyho2gZhi49shb1YeT9riCtm-D5T8O8Pww=e365-pa-nu-s0-rw HTTP/1.1Host: lh3.googleusercontent.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8X-Client-Data: CLbgygE=Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageSec-Fetch-Storage-Access: activeReferer: https://workspace.google.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9 |
| Source: global traffic | HTTP traffic detected: GET /statics/icons/favicon_newtabpage.png HTTP/1.1Host: assets.msn.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8Cookie: _C_ETH=1; USRLOC=; MUID=3F7F921E0E686A2D1D8887B50F8F6B10; _EDGE_S=F=1&SID=0901E925449567A4196EFC8E4594669A; _EDGE_V=1 |
| Source: global traffic | HTTP traffic detected: GET /edge/ntp?locale=en-GB&title=New+tab&enableForceCache=true HTTP/1.1Host: ntp.msn.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-viewport-height: 876sec-ch-ua-arch: "x86"sec-ch-viewport-width: 1232sec-ch-ua-platform-version: "10.0.0"downlink: 1.35sec-ch-ua-bitness: "64"sec-ch-ua-full-version-list: "Microsoft Edge";v="117.0.2045.47", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.132"sec-ch-ua-model: ""sec-ch-prefers-color-scheme: lightsec-ch-ua-platform: "Windows"device-memory: 8rtt: 350sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-full-version: "117.0.2045.47"sec-ch-dpr: 1ect: 3gAccept: */*sec-edge-ntp: {"back_block":0,"bg_cur":{},"bg_img_typ":"bing","exp":["msQuickLinksDefaultOneRow","msShoppingWebAssistOnNtp","msShoppingHistogramsOnNtp","msEnableWinHPNewTabBackButtonFocusAndClose","msCustomMaxQuickLinks","msMaxQuickLinksAt20","msAllowThemeInstallationFromChromeStore","msEdgeSplitWindowLinkMode"],"feed":0,"feed_dis":"onscroll","layout":1,"quick_links_opt":1,"sel_feed_piv":"","show_greet":true,"vt_opened":false}Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://ntp.msn.com/edge/ntp?locale=en-GB&title=New%20tab&dsp=1&sp=Bing&isFREModalBackground=1&startpage=1&PC=U531Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8Cookie: _C_Auth=; pglt-edgeChromium-dhp=547; sptmarket=en-GB||us|en-us|en-us|en||cf=8|RefA=457FEFFAB8114968991F906B3BDDD711.RefC=2025-03-10T08:17:50Z; USRLOC=; MUID=3F7F921E0E686A2D1D8887B50F8F6B10; MUIDB=3F7F921E0E686A2D1D8887B50F8F6B10; _EDGE_S=F=1&SID=0901E925449567A4196EFC8E4594669A; _EDGE_V=1; MicrosoftApplicationsTelemetryDeviceId=660c5ea0-74e2-4604-8104-6822c5f2eb34; ai_session=xZksWZOgmxmRAYzLDBECIs|1741594678511|1741594678511; sptmarket_restored=en-GB||us|en-us|en-us|en||cf=8|RefA=457FEFFAB8114968991F906B3BDDD711.RefC=2025-03-10T08:17:50Z |
| Source: global traffic | HTTP traffic detected: GET /edge/ntp/service-worker.js?bundles=latest&riverAgeMinutes=2880&navAgeMinutes=2880&networkTimeoutSeconds=5&bgTaskNetworkTimeoutSeconds=8&ssrBasePageNavAgeMinutes=360&enableEmptySectionRoute=true&enableNavPreload=true&enableFallbackVerticalsFeed=true&noCacheLayoutTemplates=true&cacheSSRBasePageResponse=true&enableStaticAdsRouting=true&enableWidgetsRegion=true HTTP/1.1Host: ntp.msn.comConnection: keep-aliveCache-Control: max-age=0Accept: */*Service-Worker: scriptUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-edge-ntp: {"back_block":0,"bg_cur":{"configIndex":26,"imageId":"BB1msOZ4","provider":"CMSImage","userSelected":false},"bg_img_typ":"bing","exp":["msQuickLinksDefaultOneRow","msShoppingWebAssistOnNtp","msShoppingHistogramsOnNtp","msEnableWinHPNewTabBackButtonFocusAndClose","msCustomMaxQuickLinks","msMaxQuickLinksAt20","msAllowThemeInstallationFromChromeStore","msEdgeSplitWindowLinkMode"],"feed":0,"feed_dis":"onscroll","layout":1,"quick_links_opt":1,"sel_feed_piv":"myFeed","show_greet":true,"vt_opened":false,"wpo_nx":{"v":"2","wgt":{"src":"default"}}}Sec-Fetch-Site: same-originSec-Fetch-Mode: same-originSec-Fetch-Dest: serviceworkerReferer: https://ntp.msn.com/edge/ntp?locale=en-GB&title=New%20tab&dsp=1&sp=Bing&isFREModalBackground=1&startpage=1&PC=U531Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8Cookie: _C_Auth=; pglt-edgeChromium-dhp=547; sptmarket=en-GB||us|en-us|en-us|en||cf=8|RefA=457FEFFAB8114968991F906B3BDDD711.RefC=2025-03-10T08:17:50Z; USRLOC=; MUID=3F7F921E0E686A2D1D8887B50F8F6B10; MUIDB=3F7F921E0E686A2D1D8887B50F8F6B10; _EDGE_S=F=1&SID=0901E925449567A4196EFC8E4594669A; _EDGE_V=1; MicrosoftApplicationsTelemetryDeviceId=660c5ea0-74e2-4604-8104-6822c5f2eb34; ai_session=xZksWZOgmxmRAYzLDBECIs|1741594678511|1741594678511; sptmarket_restored=en-GB||us|en-us|en-us|en||cf=8|RefA=457FEFFAB8114968991F906B3BDDD711.RefC=2025-03-10T08:17:50Z |
| Source: global traffic | HTTP traffic detected: GET /JRoicK7FUvw3SOlEKLZ1HwWnR2dPKVn0iHL0CdC7lsBxM0L-TrNho8xrUE9Aj4d3SaQMUCeMAUr8dkxck89lc9PGT1yu5f8yjunfGw=e365-pa-nu-s0-rw HTTP/1.1Host: lh3.googleusercontent.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8X-Client-Data: CLbgygE=Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageSec-Fetch-Storage-Access: activeReferer: https://workspace.google.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9 |
| Source: global traffic | HTTP traffic detected: GET /6Z8m5bsD3e8tEjCe2FhSG5v2CFOmtqBf_ZaXKuan1x9O0HEFIrgTmeU2htAwOUW9ihicsTpgL3EAI1M3DLSWj-rWhWkTtnRt_Lmf=e365-pa-nu-s0-rw HTTP/1.1Host: lh3.googleusercontent.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8X-Client-Data: CLbgygE=Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageSec-Fetch-Storage-Access: activeReferer: https://workspace.google.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9 |
| Source: global traffic | HTTP traffic detected: GET /BR_gXTPBQrwb4aTeTpBYAMSpl_xOZieCCxX_5Awuir3UOuPsWK1J-zdPZyIEZAxwLO6tnX_Ea_3wKAnqkEYn0Wj9zGnt6m4ZqAI=e365-pa-nu-s0-rw HTTP/1.1Host: lh3.googleusercontent.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8X-Client-Data: CLbgygE=Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageSec-Fetch-Storage-Access: activeReferer: https://workspace.google.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9 |
| Source: global traffic | HTTP traffic detected: GET /HP1YfjeevslFsDg0wS4rzRNiNXkhLYhW1Sa_0MaFCEsopR1YxAjbegobuqAMscHd93ikHlKQBiTc_WlQWU9qmqp_Dx9qmBPfz6E=e365-pa-nu-s0-rw HTTP/1.1Host: lh3.googleusercontent.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8X-Client-Data: CLbgygE=Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageSec-Fetch-Storage-Access: activeReferer: https://workspace.google.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9 |
| Source: global traffic | HTTP traffic detected: GET /apc/trans.gif?0cb0e541ca5d8d09aadbaac317f907a3 HTTP/1.1Referer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/InitAccept: image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5Accept-Language: en-CHAccept-Encoding: gzip, deflate, brUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.7.19041; 10.0.0.0.19045.2006) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045Host: 59290a93187cec89553460d975d13fdc.clo.footprintdns.comConnection: Keep-Alive |
| Source: global traffic | HTTP traffic detected: GET /j73UcrFihOUZ-WL-asfh7KViJVGHmWyf8t8qC_PPEXUxpFvBo72oh5IgVUgqpJP7_tbu__rmcvI7QNOy40N7CEs2DraTv6Xl7cY=e365-pa-nu-s0-rw HTTP/1.1Host: lh3.googleusercontent.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8X-Client-Data: CLbgygE=Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageSec-Fetch-Storage-Access: activeReferer: https://workspace.google.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9 |
| Source: global traffic | HTTP traffic detected: GET /8cHO7WaYQsOObHs3PA0_7Au93UCIvvRzCoYA6XSZMd1W3TGBRQtJgroL6ruN_4TmIuyiCWqgwlhZz4IZaZfcVc3Q9o-Eykla3VLcOA=e365-pa-nu-s0-rw HTTP/1.1Host: lh3.googleusercontent.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8X-Client-Data: CLbgygE=Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageSec-Fetch-Storage-Access: activeReferer: https://workspace.google.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9 |
| Source: global traffic | HTTP traffic detected: GET /97jr7pwEwgh798nQbvvzK4f8wt6snOzQJZRSsUilwQ3KCAWgVxIf4VhcindgwZR3kodbQkYDtgx2IBR8fiaDf2G5g3d4uPm3P3kv=e365-pa-nu-s0-rw HTTP/1.1Host: lh3.googleusercontent.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8X-Client-Data: CLbgygE=Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageSec-Fetch-Storage-Access: activeReferer: https://workspace.google.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9 |
| Source: global traffic | HTTP traffic detected: GET /complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=on&oit=1&cp=2&pgcl=4&gs_rn=42&psi=XMYDe_v5wIJmQWDO&sugkey=AIzaSyA2KlwBX3mkFo30om9LUFYQhpqLoa_BNhE HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CLbgygE=Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: NID=522=FkgT0r8W3vmIrO3HICJpTguYUdHuqb5U3AbkIriNn2oSeDID-vBRgnRCtzxteQ6d49sSfOjAEG5bMM_BlA4ia_gBeXCJoiIY1RWq9YocuwfjFAzEvqnpJPthYMX78iQYuY6RKoQCOUfAfczyeyGsE3Pm2y9-bSj-anYh-rsU-Msnd4PSOvbQiinbSLO1J3gbUIne1NrZ6A |
| Source: global traffic | HTTP traffic detected: GET /ZNfku9avhseOyG8BQM4xo-Xrmruq-7jwT212-MiDDhHoDc5ohbGWdFXvvLS5VsZFFzMZPYE7czHtboeNvwvRwdNqEd16W_K56Mav=e365-pa-nu-s0-rw HTTP/1.1Host: lh3.googleusercontent.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8X-Client-Data: CLbgygE=Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageSec-Fetch-Storage-Access: activeReferer: https://workspace.google.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9 |
| Source: global traffic | HTTP traffic detected: GET /R5STxzbIpvScTy6zXwFT5KT716R579-24F0ZMHsNccGGOOphFjSrp7PCVhvwjua8-OwBATUy0KymKmYKpmxtvJWxY3H1V2hWkibbtA=e365-pa-nu-s0-rw HTTP/1.1Host: lh3.googleusercontent.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8X-Client-Data: CLbgygE=Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageSec-Fetch-Storage-Access: activeReferer: https://workspace.google.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9 |
| Source: global traffic | HTTP traffic detected: GET /314Y9Xqp426C0uZ2_YyIA4RjFNDpENzU5mz2VAC6Cnm-ODSFqnC3Bf2QBzmzmzKs6exkTTf8KEBPGgc-kg5ZPx8a8s40VFcz4g06Zw=e365-pa-nu-s0-rw HTTP/1.1Host: lh3.googleusercontent.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8X-Client-Data: CLbgygE=Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageSec-Fetch-Storage-Access: activeReferer: https://workspace.google.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9 |
| Source: global traffic | HTTP traffic detected: GET /GMG_2DCdgywtwJVXgpp1kVNghkDmrw6xjWVWGUEw7OUIoGl7QVgU3zXJU5sJA6WaZxm2dyd2dqLyH5YjZX28EttWJvXKu18tdVgYdQ=e365-pa-nu-s0-rw HTTP/1.1Host: lh3.googleusercontent.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8X-Client-Data: CLbgygE=Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageSec-Fetch-Storage-Access: activeReferer: https://workspace.google.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9 |
| Source: global traffic | HTTP traffic detected: GET /complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=onedrive&oit=1&cp=8&pgcl=4&gs_rn=42&psi=XMYDe_v5wIJmQWDO&sugkey=AIzaSyA2KlwBX3mkFo30om9LUFYQhpqLoa_BNhE HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CLbgygE=Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: NID=522=FkgT0r8W3vmIrO3HICJpTguYUdHuqb5U3AbkIriNn2oSeDID-vBRgnRCtzxteQ6d49sSfOjAEG5bMM_BlA4ia_gBeXCJoiIY1RWq9YocuwfjFAzEvqnpJPthYMX78iQYuY6RKoQCOUfAfczyeyGsE3Pm2y9-bSj-anYh-rsU-Msnd4PSOvbQiinbSLO1J3gbUIne1NrZ6A |
| Source: global traffic | HTTP traffic detected: GET /search?q=onedrive&oq=onedrive&pf=cs&sourceid=chrome&ie=UTF-8 HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Purpose: prefetchSec-Purpose: prefetchAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7X-Browser-Channel: stableX-Browser-Year: 2025X-Browser-Validation: wTKGXmLo+sPWz1JKKbFzUyHly1Q=X-Browser-Copyright: Copyright 2025 Google LLC. All rights reserved.X-Client-Data: CLbgygE=Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: NID=522=FkgT0r8W3vmIrO3HICJpTguYUdHuqb5U3AbkIriNn2oSeDID-vBRgnRCtzxteQ6d49sSfOjAEG5bMM_BlA4ia_gBeXCJoiIY1RWq9YocuwfjFAzEvqnpJPthYMX78iQYuY6RKoQCOUfAfczyeyGsE3Pm2y9-bSj-anYh-rsU-Msnd4PSOvbQiinbSLO1J3gbUIne1NrZ6A |
| Source: global traffic | HTTP traffic detected: GET /search?q=onedrive&oq=onedrive&gs_lcrp=EgZjaHJvbWUyDAgAEEUYORixAxiABDIKCAEQABixAxiABDIKCAIQABixAxiABDIKCAMQABixAxiABDIKCAQQABixAxiABDIKCAUQABixAxiABDIHCAYQABiABDIKCAcQABixAxiABDIHCAgQABiABDIKCAkQABixAxiABKgCALACAQ&sourceid=chrome&ie=UTF-8&sei=VKDOZ9q1GrCL9u8P7o2A0Qk HTTP/1.1Host: www.google.comConnection: keep-alivertt: 550downlink: 1.3sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0sec-ch-ua-full-version: "134.0.6998.36"sec-ch-ua-arch: "x86"sec-ch-ua-platform: "Windows"sec-ch-ua-platform-version: "10.0.0"sec-ch-ua-model: ""sec-ch-ua-bitness: "64"sec-ch-ua-wow64: ?0sec-ch-ua-full-version-list: "Chromium";v="134.0.6998.36", "Not:A-Brand";v="24.0.0.0", "Google Chrome";v="134.0.6998.36"sec-ch-ua-form-factors: "Desktop"sec-ch-prefers-color-scheme: lightUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Sec-Purpose: prefetch;prerenderPurpose: prefetchAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7X-Browser-Channel: stableX-Browser-Year: 2025X-Browser-Validation: wTKGXmLo+sPWz1JKKbFzUyHly1Q=X-Browser-Copyright: Copyright 2025 Google LLC. All rights reserved.X-Client-Data: CLbgygE=Sec-Fetch-Site: same-originSec-Fetch-Mode: navigateSec-Fetch-Dest: documentReferer: https://www.google.com/search?q=onedrive&oq=onedrive&gs_lcrp=EgZjaHJvbWUyDAgAEEUYORixAxiABDIKCAEQABixAxiABDIKCAIQABixAxiABDIKCAMQABixAxiABDIKCAQQABixAxiABDIKCAUQABixAxiABDIHCAYQABiABDIKCAcQABixAxiABDIHCAgQABiABDIKCAkQABixAxiABKgCALACAQ&sourceid=chrome&ie=UTF-8Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: AEC=AVcja2fLLMIFWE01i2o4Gc7HFl29i1qzAxYUPO2eXbqXsXtQU86Q5vf50A; NID=522=QGapd-seU84dnol3YP8RWOD_ul22fdFIAKbPVJe3weRicRio3usfajkjoGVxEN5CsihQ6ntAVbp51582OrUv9HNdibCPxk3qo-df0zrBh14otC2K_Ah33HwzHNrSA31O8cVB8mYpa-r1ar2r3WQIbJbrykB468ekCk7gQNBCVTkDi8kShy8Q0g6bJ8XQfnbXFyr1FQm2PP-ix4Cxy2yJdbs; SG_SS=*iraatu7yAAaUZktqtGZ9PNUIgUYrME4EADQBEArZ1FeKjuDY077-I6ZvVJxnuwhA_Q5M1UqeAymPy9XIyVVkGI9JWGZ4G7Q3WECNSzyWPQAAAEdtAAAAClcBB0EANfKUY9bQEh_889kHJQFr_mpO4bSKaQ1pbmTB-tMuibi_IX0r13dfFl7pvEcHC-aZv80-VPqPpgJxUup4NvZk_t4SkDhxwjF6SgDlBubJxwaO1Q0jdElZZlEmuzLh1iOJsQexKB3_ld2pJ6Cr8gecM1t3zQjNWPPQIRGmqUtKpE6RU6pk3KrT8m9s9Q9KZmTheNhGZJ2b7k-Xr5RJ2cSZDer-Gx_q4GIXfk-V8UNXpkr3sRcP2HodMx21sQh2-rOq0sCTH1L7PiTy1x66GNRO5o |
Edit tour
loaddll32.exe (PID: 6920 cmdline: 
conhost.exe (PID: 6928 cmdline: 
rundll32.exe (PID: 6996 cmdline: 
WerFault.exe (PID: 7072 cmdline: 
chrome.exe (PID: 6724 cmdline: 
Acrobat.exe (PID: 7368 cmdline: 
AcroCEF.exe (PID: 7616 cmdline: 
EXCEL.EXE (PID: 7572 cmdline: 
msedge.exe (PID: 2200 cmdline: 
ONENOTE.EXE (PID: 8692 cmdline: 
