Network Analysis

POST /service/update2?cup2key=10:1895035685&cup2hreq=72915f2a185bd04d4a4507b96e78435e1e4d450e3fccbcf7802dca34e4dee720 HTTP/1.1 Cache-Control: no-cache Connection: Keep-Alive Pragma: no-cache User-Agent: Google Update/1.3.36.32;winhttp;cup-ecdsa X-Old-UID: cnt=0 X-Goog-Update-AppId: {430FD4D0-B729-4F61-AA34-91526481799D},{8A69D345-D564-463C-AFF1-A69D9E530F96} X-Goog-Update-Updater: Omaha-1.3.36.32 X-Goog-Update-Interactivity: bg X-Last-HR: 0x0 X-Last-HTTP-Status-Code: 0 X-Retry-Count: 0 X-HTTP-Attempts: 1 Content-Length: 1202 Host: update.googleapis.com

HTTP/1.1 200 OK Content-Security-Policy: script-src 'report-sample' 'nonce-OQoGDF4jRrKVV6Gnc+Rzfg' 'unsafe-inline' 'strict-dynamic' https: http:;object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/clientupdate-aus/1 Cache-Control: no-cache, no-store, max-age=0, must-revalidate Pragma: no-cache Expires: Mon, 01 Jan 1990 00:00:00 GMT Date: Thu, 27 May 2021 23:24:45 GMT X-Cup-Server-Proof: 3046022100d52cad3beb80b6a40a5387561afb1ab86dfe5ca83376683a84c7efe9f0999b60022100b6c0b78bf2dc607e0f106c7ca4f2694cb46806dc7e56a65764dff1e0f94e1339:72915f2a185bd04d4a4507b96e78435e1e4d450e3fccbcf7802dca34e4dee720 Content-Type: text/xml; charset=UTF-8 X-Daynum: 5260 X-Daystart: 59085 X-Content-Type-Options: nosniff X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1; mode=block Server: GSE Alt-Svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" Accept-Ranges: none Vary: Accept-Encoding Transfer-Encoding: chunked

HEAD /edgedl/release2/update2/AIUdiWYcaIvMz1IBNCM0PPo_1.3.36.82/GoogleUpdateSetup.exe HTTP/1.1 Connection: Keep-Alive Accept: */* Accept-Encoding: identity User-Agent: Microsoft BITS/7.5 X-Old-UID: cnt=0 X-Last-HR: 0x0 X-Last-HTTP-Status-Code: 0 X-Retry-Count: 0 X-HTTP-Attempts: 1 Host: redirector.gvt1.com

HTTP/1.1 302 Found Date: Thu, 27 May 2021 23:24:47 GMT Pragma: no-cache Expires: Fri, 01 Jan 1990 00:00:00 GMT Cache-Control: no-cache, must-revalidate X-Content-Type-Options: nosniff Location: http://r2---sn-3u-bh2z7.gvt1.com/edgedl/release2/update2/AIUdiWYcaIvMz1IBNCM0PPo_1.3.36.82/GoogleUpdateSetup.exe?cms_redirect=yes&mh=ms&mip=175.208.134.150&mm=28&mn=sn-3u-bh2z7&ms=nvh&mt=1622157617&mv=m&mvi=2&pl=18&shardbypass=yes Content-Type: text/html; charset=UTF-8 Server: ClientMapServer Content-Length: 467 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN

HEAD /edgedl/release2/update2/AIUdiWYcaIvMz1IBNCM0PPo_1.3.36.82/GoogleUpdateSetup.exe?cms_redirect=yes&mh=ms&mip=175.208.134.150&mm=28&mn=sn-3u-bh2z7&ms=nvh&mt=1622157617&mv=m&mvi=2&pl=18&shardbypass=yes HTTP/1.1 Connection: Keep-Alive Accept: */* Accept-Encoding: identity User-Agent: Microsoft BITS/7.5 X-Old-UID: cnt=0 X-Last-HR: 0x0 X-Last-HTTP-Status-Code: 0 X-Retry-Count: 0 X-HTTP-Attempts: 1 Host: r2---sn-3u-bh2z7.gvt1.com

HTTP/1.1 200 OK Accept-Ranges: bytes Cache-Control: public,max-age=86400 Content-Disposition: attachment Content-Length: 1310832 Content-Security-Policy: default-src 'none' Content-Type: application/octet-stream Etag: "9f6104" Server: downloads X-Content-Type-Options: nosniff X-Frame-Options: SAMEORIGIN X-Xss-Protection: 0 Date: Thu, 27 May 2021 04:31:16 GMT Alt-Svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" Last-Modified: Tue, 13 Apr 2021 03:03:58 GMT Connection: keep-alive Vary: Origin