Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

39505bf9b6...97.exe

windows7-x64

10

39505bf9b6...97.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    147s
  • max time network
    153s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20250207-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20250207-enlocale:en-usos:windows10-2004-x64system
  • submitted
    08/02/2025, 03:09 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    39505bf9b61e4886a5e886d9ec0b50f00ce691c8c7c6934fdb62a90ee0eb7997.exe

  • Size

    101KB

  • MD5

    7e7c78851deff9d56a07aa149014f4f0

  • SHA1

    5f4caa9c70e3aa6994c76a416a3192b272879475

  • SHA256

    39505bf9b61e4886a5e886d9ec0b50f00ce691c8c7c6934fdb62a90ee0eb7997

  • SHA512

    0e07c6c400472d4322c438efc1e3a2e528dc764ee342baaddd25e75db4a3005d717f0e6d4b975eba6a7acb8483515f7e82b0887dbf0d42679c4c83c68fe00625

  • SSDEEP

    1536:JxqjQ+P04wsmJCgQ5eVOH9SNI5bj/OWVsqXl9ikVruPWVRDFaNIp1kbgwyr:sr85CAVOHUNIbj/OYlXqe1EIbkbgnr

Score
10/10
neshtaxwormdiscoverypersistenceratspywarestealertrojan

Malware Config

Extracted

Family

xworm

C2

127.0.0.1:6000

74.249.113.208:6000
Attributes
  • install_file

    USB.exe

Signatures

  • Detect Neshta payload 5 IoCs
  • Detect Xworm Payload 2 IoCs
  • Neshta

    Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.

    persistencespywareneshta
  • Neshta family
    neshta
  • Xworm

    Xworm is a remote access trojan written in C#.

    trojanratxworm
  • Xworm family
    xworm
  • Downloads MZ/PE file 1 IoCs
  • Checks computer location settings 2 TTPs 1 IoCs

    Looks up country code configured in the registry, likely geofence.

  • Executes dropped EXE 1 IoCs
  • Modifies system executable filetype association 2 TTPs 1 IoCs
    persistence
  • Reads user/profile data of web browsers 3 TTPs

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer
  • Drops file in Program Files directory 64 IoCs
  • Drops file in Windows directory 1 IoCs
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • System Location Discovery: System Language Discovery 1 TTPs 2 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • System Network Configuration Discovery: Internet Connection Discovery 1 TTPs 1 IoCs

    Adversaries may check for Internet connectivity on compromised systems.

    discovery
  • Modifies registry class 1 IoCs
  • Suspicious use of AdjustPrivilegeToken 1 IoCs
  • Suspicious use of WriteProcessMemory 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\39505bf9b61e4886a5e886d9ec0b50f00ce691c8c7c6934fdb62a90ee0eb7997.exe
    "C:\Users\Admin\AppData\Local\Temp\39505bf9b61e4886a5e886d9ec0b50f00ce691c8c7c6934fdb62a90ee0eb7997.exe"
    1⤵
    • Checks computer location settings
    • Modifies system executable filetype association
    • Drops file in Program Files directory
    • Drops file in Windows directory
    • System Location Discovery: System Language Discovery
    • Modifies registry class
    • Suspicious use of WriteProcessMemory
    PID:1808
    • C:\Users\Admin\AppData\Local\Temp\3582-490\39505bf9b61e4886a5e886d9ec0b50f00ce691c8c7c6934fdb62a90ee0eb7997.exe
      "C:\Users\Admin\AppData\Local\Temp\3582-490\39505bf9b61e4886a5e886d9ec0b50f00ce691c8c7c6934fdb62a90ee0eb7997.exe"
      2⤵
      • Executes dropped EXE
      • Suspicious use of AdjustPrivilegeToken
      PID:2028
  • C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
    "C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xOTUuNDMiIHNoZWxsX3ZlcnNpb249IjEuMy4xOTUuNDMiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7MUY3REI5RDItMURDQS00MEE4LTkzN0EtOENGMzRCN0FGMTFCfSIgdXNlcmlkPSJ7RTkxOUQzRUItNEM0NS00RTBELTk3QzYtMzNBOEE1RUVDNEVCfSIgaW5zdGFsbHNvdXJjZT0ibGltaXRlZCIgcmVxdWVzdGlkPSJ7MDY3OUZGRUEtQzRGQi00NDUzLUFCRTEtMEE0QkJDRkVFQjdDfSIgZGVkdXA9ImNyIiBkb21haW5qb2luZWQ9IjAiPjxodyBsb2dpY2FsX2NwdXM9IjIiIHBoeXNtZW1vcnk9IjQiIGRpc2tfdHlwZT0iMiIgc3NlPSIxIiBzc2UyPSIxIiBzc2UzPSIxIiBzc3NlMz0iMSIgc3NlNDE9IjEiIHNzZTQyPSIxIiBhdng9IjEiLz48b3MgcGxhdGZvcm09IndpbiIgdmVyc2lvbj0iMTAuMC4xOTA0MS4xMjg4IiBzcD0iIiBhcmNoPSJ4NjQiIHByb2R1Y3RfdHlwZT0iNDgiIGlzX3dpcD0iMCIgaXNfaW5fbG9ja2Rvd25fbW9kZT0iMCIvPjxvZW0gcHJvZHVjdF9tYW51ZmFjdHVyZXI9IiIgcHJvZHVjdF9uYW1lPSIiLz48ZXhwIGV0YWc9IiZxdW90O0UreGJBejZZNnNVMTI4OWJTNnFsNFZSTGJramZCVUdUTUpzanJIcjQ0aUk9JnF1b3Q7Ii8-PGFwcCBhcHBpZD0iezhBNjlEMzQ1LUQ1NjQtNDYzYy1BRkYxLUE2OUQ5RTUzMEY5Nn0iIHZlcnNpb249IjEyMy4wLjYzMTIuMTIzIiBuZXh0dmVyc2lvbj0iIiBsYW5nPSJlbiIgYnJhbmQ9IkdHTFMiIGNsaWVudD0iIiBpbnN0YWxsYWdlPSIxIiBpbnN0YWxsZGF0ZXRpbWU9IjE3Mzg5NDY4MzAiIG9vYmVfaW5zdGFsbF90aW1lPSIxMzM4MzQxOTE0Njg3NjAwMDAiPjxldmVudCBldmVudHR5cGU9IjMxIiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIyMTc5ODYyIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSI0ODMyNjE2OTM4Ii8-PC9hcHA-PC9yZXF1ZXN0Pg
    1⤵
    • System Location Discovery: System Language Discovery
    • System Network Configuration Discovery: Internet Connection Discovery
    PID:4484

Network

  • flag-us
    DNS
    g.bing.com
    Remote address:
    8.8.8.8:53
    Request
    g.bing.com
    IN A
    Response
    g.bing.com
    IN CNAME
    g-bing-com.ax-0001.ax-msedge.net
    g-bing-com.ax-0001.ax-msedge.net
    IN CNAME
    ax-0001.ax-msedge.net
    ax-0001.ax-msedge.net
    IN A
    150.171.28.10
    ax-0001.ax-msedge.net
    IN A
    150.171.27.10
  • flag-us
    GET
    https://g.bing.com/neg/0?action=emptycreativeimpression&adUnitId=11730597&publisherId=251978541&rid=e35e8decf40e466d8e85fae7c01739ec&localId=w:23783DC3-A089-EC8F-F8FF-C6E76D0A06B0&deviceId=6966574813950623&anid=
    Remote address:
    150.171.28.10:443
    Request
    GET /neg/0?action=emptycreativeimpression&adUnitId=11730597&publisherId=251978541&rid=e35e8decf40e466d8e85fae7c01739ec&localId=w:23783DC3-A089-EC8F-F8FF-C6E76D0A06B0&deviceId=6966574813950623&anid= HTTP/2.0
    host: g.bing.com
    accept-encoding: gzip, deflate
    user-agent: WindowsShellClient/9.0.40929.0 (Windows)
    Response
    HTTP/2.0 204
    cache-control: no-cache, must-revalidate
    pragma: no-cache
    expires: Fri, 01 Jan 1990 00:00:00 GMT
    set-cookie: MUID=1007568351B96D0D34FC430D50326CCE; domain=.bing.com; expires=Fri, 06-Mar-2026 14:12:51 GMT; path=/; SameSite=None; Secure; Priority=High;
    strict-transport-security: max-age=31536000; includeSubDomains; preload
    access-control-allow-origin: *
    x-cache: CONFIG_NOCACHE
    accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
    x-msedge-ref: Ref A: AA781A8B2BAF4FB0B7B98771F1D6E5CB Ref B: FRA31EDGE0213 Ref C: 2025-02-09T14:12:51Z
    date: Sun, 09 Feb 2025 14:12:51 GMT
  • flag-us
    GET
    https://g.bing.com/neg/0?action=emptycreative&adUnitId=11730597&publisherId=251978541&rid=e35e8decf40e466d8e85fae7c01739ec&localId=w:23783DC3-A089-EC8F-F8FF-C6E76D0A06B0&deviceId=6966574813950623&anid=
    Remote address:
    150.171.28.10:443
    Request
    GET /neg/0?action=emptycreative&adUnitId=11730597&publisherId=251978541&rid=e35e8decf40e466d8e85fae7c01739ec&localId=w:23783DC3-A089-EC8F-F8FF-C6E76D0A06B0&deviceId=6966574813950623&anid= HTTP/2.0
    host: g.bing.com
    accept-encoding: gzip, deflate
    user-agent: WindowsShellClient/9.0.40929.0 (Windows)
    cookie: MUID=1007568351B96D0D34FC430D50326CCE
    Response
    HTTP/2.0 204
    cache-control: no-cache, must-revalidate
    pragma: no-cache
    expires: Fri, 01 Jan 1990 00:00:00 GMT
    set-cookie: MSPTC=_M7ERgOEX0OmbXqe0Dkih-NNoN_LoMSveDXLgMDGBOg; domain=.bing.com; expires=Fri, 06-Mar-2026 14:12:51 GMT; path=/; Partitioned; secure; SameSite=None
    strict-transport-security: max-age=31536000; includeSubDomains; preload
    access-control-allow-origin: *
    x-cache: CONFIG_NOCACHE
    accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
    x-msedge-ref: Ref A: 7E1C15F16E27482A9CEEB757A7EB800C Ref B: FRA31EDGE0213 Ref C: 2025-02-09T14:12:51Z
    date: Sun, 09 Feb 2025 14:12:51 GMT
  • flag-us
    GET
    https://g.bing.com/neg/0?action=emptycreativeimpression&adUnitId=11730597&publisherId=251978541&rid=e35e8decf40e466d8e85fae7c01739ec&localId=w:23783DC3-A089-EC8F-F8FF-C6E76D0A06B0&deviceId=6966574813950623&anid=
    Remote address:
    150.171.28.10:443
    Request
    GET /neg/0?action=emptycreativeimpression&adUnitId=11730597&publisherId=251978541&rid=e35e8decf40e466d8e85fae7c01739ec&localId=w:23783DC3-A089-EC8F-F8FF-C6E76D0A06B0&deviceId=6966574813950623&anid= HTTP/2.0
    host: g.bing.com
    accept-encoding: gzip, deflate
    user-agent: WindowsShellClient/9.0.40929.0 (Windows)
    cookie: MUID=1007568351B96D0D34FC430D50326CCE; MSPTC=_M7ERgOEX0OmbXqe0Dkih-NNoN_LoMSveDXLgMDGBOg
    Response
    HTTP/2.0 204
    cache-control: no-cache, must-revalidate
    pragma: no-cache
    expires: Fri, 01 Jan 1990 00:00:00 GMT
    strict-transport-security: max-age=31536000; includeSubDomains; preload
    access-control-allow-origin: *
    x-cache: CONFIG_NOCACHE
    accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
    x-msedge-ref: Ref A: 20E4B049806E4AAB956E9ED1CF9BBF1E Ref B: FRA31EDGE0213 Ref C: 2025-02-09T14:12:51Z
    date: Sun, 09 Feb 2025 14:12:51 GMT
  • flag-us
    DNS
    msedge.api.cdp.microsoft.com
    Remote address:
    8.8.8.8:53
    Request
    msedge.api.cdp.microsoft.com
    IN A
    Response
    msedge.api.cdp.microsoft.com
    IN CNAME
    api.cdp.microsoft.com
    api.cdp.microsoft.com
    IN CNAME
    glb.api.prod.dcat.dsp.trafficmanager.net
    glb.api.prod.dcat.dsp.trafficmanager.net
    IN A
    4.155.164.36
  • flag-us
    POST
    https://msedge.api.cdp.microsoft.com/api/v2/contents/Browser/namespaces/Default/names?action=batchupdates
    Remote address:
    4.155.164.36:443
    Request
    POST /api/v2/contents/Browser/namespaces/Default/names?action=batchupdates HTTP/2.0
    host: msedge.api.cdp.microsoft.com
    cache-control: no-cache
    pragma: no-cache
    content-type: application/json
    user-agent: Microsoft Edge Update/1.3.195.43;winhttp
    x-old-uid: {21430C21-34E0-43B9-8A61-08464A5E7863}; age=-1; cnt=2
    ms-correlationid: {1F7DB9D2-1DCA-40A8-937A-8CF34B7AF11B}
    ms-requestid: {7BA3FA0A-7F12-4441-A729-3CEE0AAC3B54}
    ms-cv: 0rl9H8odqECTeozzS3rxGw.0
    x-last-hr: 0x0
    x-last-http-status-code: 0
    x-retry-count: 0
    x-http-attempts: 1
    content-length: 2539
    Response
    HTTP/2.0 200
    content-type: text/plain; charset=utf-8
    content-type: application/json; charset=utf-8
    date: Sun, 09 Feb 2025 14:13:02 GMT
    content-length: 298
    ms-correlationid: 1f7db9d2-1dca-40a8-937a-8cf34b7af11b
    ms-requestid: 7ba3fa0a-7f12-4441-a729-3cee0aac3b54
    ms-cv: {1F7DB9D2-1DCA-40A8-937A-8CF34B7AF11B}.0
  • flag-us
    POST
    https://msedge.api.cdp.microsoft.com/api/v1.1/internal/contents/Browser/namespaces/Default/names/msedge-stable-win-x64/versions/132.0.2957.140/files?action=GenerateDownloadInfo&foregroundPriority=false
    Remote address:
    4.155.164.36:443
    Request
    POST /api/v1.1/internal/contents/Browser/namespaces/Default/names/msedge-stable-win-x64/versions/132.0.2957.140/files?action=GenerateDownloadInfo&foregroundPriority=false HTTP/2.0
    host: msedge.api.cdp.microsoft.com
    cache-control: no-cache
    pragma: no-cache
    content-type: application/json
    user-agent: Microsoft Edge Update/1.3.195.43;winhttp
    x-old-uid: {21430C21-34E0-43B9-8A61-08464A5E7863}; age=-1; cnt=2
    ms-correlationid: {1F7DB9D2-1DCA-40A8-937A-8CF34B7AF11B}
    ms-requestid: {54F16AF7-8DD2-4FA7-9978-BD7B4496DAE0}
    ms-cv: 0rl9H8odqECTeozzS3rxGw.1
    x-last-hr: 0x0
    x-last-http-status-code: 0
    x-retry-count: 0
    x-http-attempts: 1
    content-length: 2
    Response
    HTTP/2.0 200
    content-type: text/plain; charset=utf-8
    content-type: application/json; charset=utf-8
    date: Sun, 09 Feb 2025 14:13:03 GMT
    content-length: 5353
    ms-correlationid: 1f7db9d2-1dca-40a8-937a-8cf34b7af11b
    ms-requestid: 54f16af7-8dd2-4fa7-9978-bd7b4496dae0
    ms-cv: {1F7DB9D2-1DCA-40A8-937A-8CF34B7AF11B}.0
  • flag-us
    DNS
    msedge.b.tlu.dl.delivery.mp.microsoft.com
    Remote address:
    8.8.8.8:53
    Request
    msedge.b.tlu.dl.delivery.mp.microsoft.com
    IN A
    Response
    msedge.b.tlu.dl.delivery.mp.microsoft.com
    IN CNAME
    star.b.tlu.dl.delivery.mp.microsoft.com.delivery.microsoft.com
    star.b.tlu.dl.delivery.mp.microsoft.com.delivery.microsoft.com
    IN CNAME
    cdp-f-tlu-net.trafficmanager.net
    cdp-f-tlu-net.trafficmanager.net
    IN CNAME
    fg.microsoft.map.fastly.net
    fg.microsoft.map.fastly.net
    IN A
    199.232.210.172
    fg.microsoft.map.fastly.net
    IN A
    199.232.214.172
  • flag-us
    HEAD
    http://msedge.b.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/0740036a-4e18-456d-96fa-d1d9c4ca4676?P1=1739715184&P2=404&P3=2&P4=OrsIWKshnZjx3LsCdP33g4Zrepc3dr5%2fyeHnFPOJFEissonk9DLmSC7RKHeZjsk8%2f4Myl2VjlYlwlN5iyKN4CQ%3d%3d
    Remote address:
    199.232.210.172:80
    Request
    HEAD /filestreamingservice/files/0740036a-4e18-456d-96fa-d1d9c4ca4676?P1=1739715184&P2=404&P3=2&P4=OrsIWKshnZjx3LsCdP33g4Zrepc3dr5%2fyeHnFPOJFEissonk9DLmSC7RKHeZjsk8%2f4Myl2VjlYlwlN5iyKN4CQ%3d%3d HTTP/1.1
    Connection: Keep-Alive
    Accept: */*
    Accept-Encoding: identity
    User-Agent: Microsoft BITS/7.8
    X-Old-UID: {21430C21-34E0-43B9-8A61-08464A5E7863}; age=-1; cnt=2
    X-Last-HR: 0x80070422
    X-Last-HTTP-Status-Code: 500
    X-Retry-Count: 0
    X-HTTP-Attempts: 2
    Host: msedge.b.tlu.dl.delivery.mp.microsoft.com
    Response
    HTTP/1.1 200 OK
    Connection: keep-alive
    Content-Length: 177180216
    Cache-Control: public, max-age=17280000
    Content-Type: application/octet-stream
    MS-CorrelationId: 6f60f8cc-e39b-44d3-b4d4-339059ed8366
    MS-RequestId: c8e2eff3-3eeb-4f9c-9dc9-9aaf7fc8a933
    MS-CV: y9dBBsu9vkmE74iU.0
    Last-Modified: Thu, 30 Jan 2025 22:24:43 GMT
    ETag: "Zn30nCFs7P9yX7o9FILxqytRM2k="
    Accept-Ranges: bytes
    Date: Sun, 09 Feb 2025 14:13:12 GMT
    Via: 1.1 varnish
    Age: 829471
    X-Served-By: cache-lcy-eglc8600025-LCY
    X-Cache: HIT
    X-Cache-Hits: 132888
    X-Timer: S1739110393.819706,VS0,VE0
    X-CID: 3
    X-CCC: GB
  • flag-us
    GET
    http://msedge.b.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/0740036a-4e18-456d-96fa-d1d9c4ca4676?P1=1739715184&P2=404&P3=2&P4=OrsIWKshnZjx3LsCdP33g4Zrepc3dr5%2fyeHnFPOJFEissonk9DLmSC7RKHeZjsk8%2f4Myl2VjlYlwlN5iyKN4CQ%3d%3d
    Remote address:
    199.232.210.172:80
    Request
    GET /filestreamingservice/files/0740036a-4e18-456d-96fa-d1d9c4ca4676?P1=1739715184&P2=404&P3=2&P4=OrsIWKshnZjx3LsCdP33g4Zrepc3dr5%2fyeHnFPOJFEissonk9DLmSC7RKHeZjsk8%2f4Myl2VjlYlwlN5iyKN4CQ%3d%3d HTTP/1.1
    Connection: Keep-Alive
    Accept: */*
    Accept-Encoding: identity
    If-Unmodified-Since: Thu, 30 Jan 2025 22:24:43 GMT
    Range: bytes=0-1119
    User-Agent: Microsoft BITS/7.8
    X-Old-UID: {21430C21-34E0-43B9-8A61-08464A5E7863}; age=-1; cnt=2
    X-Last-HR: 0x80070422
    X-Last-HTTP-Status-Code: 500
    X-Retry-Count: 0
    X-HTTP-Attempts: 2
    Host: msedge.b.tlu.dl.delivery.mp.microsoft.com
    Response
    HTTP/1.1 206 Partial Content
    Connection: keep-alive
    Content-Length: 1120
    Cache-Control: public, max-age=17280000
    Content-Type: application/octet-stream
    MS-CorrelationId: 6f60f8cc-e39b-44d3-b4d4-339059ed8366
    MS-RequestId: c8e2eff3-3eeb-4f9c-9dc9-9aaf7fc8a933
    MS-CV: y9dBBsu9vkmE74iU.0
    Last-Modified: Thu, 30 Jan 2025 22:24:43 GMT
    ETag: "Zn30nCFs7P9yX7o9FILxqytRM2k="
    Accept-Ranges: bytes
    Date: Sun, 09 Feb 2025 14:13:12 GMT
    Via: 1.1 varnish
    Age: 829471
    X-Served-By: cache-lcy-eglc8600025-LCY
    X-Cache: HIT
    X-Cache-Hits: 132889
    X-Timer: S1739110393.891948,VS0,VE0
    X-CID: 3
    X-CCC: GB
    Content-Range: bytes 0-1119/177180216
  • flag-us
    GET
    http://msedge.b.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/0740036a-4e18-456d-96fa-d1d9c4ca4676?P1=1739715184&P2=404&P3=2&P4=OrsIWKshnZjx3LsCdP33g4Zrepc3dr5%2fyeHnFPOJFEissonk9DLmSC7RKHeZjsk8%2f4Myl2VjlYlwlN5iyKN4CQ%3d%3d
    Remote address:
    199.232.210.172:80
    Request
    GET /filestreamingservice/files/0740036a-4e18-456d-96fa-d1d9c4ca4676?P1=1739715184&P2=404&P3=2&P4=OrsIWKshnZjx3LsCdP33g4Zrepc3dr5%2fyeHnFPOJFEissonk9DLmSC7RKHeZjsk8%2f4Myl2VjlYlwlN5iyKN4CQ%3d%3d HTTP/1.1
    Connection: Keep-Alive
    Accept: */*
    Accept-Encoding: identity
    If-Unmodified-Since: Thu, 30 Jan 2025 22:24:43 GMT
    Range: bytes=1120-1143
    User-Agent: Microsoft BITS/7.8
    X-Old-UID: {21430C21-34E0-43B9-8A61-08464A5E7863}; age=-1; cnt=2
    X-Last-HR: 0x80070422
    X-Last-HTTP-Status-Code: 500
    X-Retry-Count: 0
    X-HTTP-Attempts: 2
    Host: msedge.b.tlu.dl.delivery.mp.microsoft.com
    Response
    HTTP/1.1 206 Partial Content
    Connection: keep-alive
    Content-Length: 24
    Cache-Control: public, max-age=17280000
    Content-Type: application/octet-stream
    MS-CorrelationId: 6f60f8cc-e39b-44d3-b4d4-339059ed8366
    MS-RequestId: c8e2eff3-3eeb-4f9c-9dc9-9aaf7fc8a933
    MS-CV: y9dBBsu9vkmE74iU.0
    Last-Modified: Thu, 30 Jan 2025 22:24:43 GMT
    ETag: "Zn30nCFs7P9yX7o9FILxqytRM2k="
    Accept-Ranges: bytes
    Date: Sun, 09 Feb 2025 14:13:20 GMT
    Via: 1.1 varnish
    Age: 829479
    X-Served-By: cache-lcy-eglc8600025-LCY
    X-Cache: HIT
    X-Cache-Hits: 132891
    X-Timer: S1739110400.185088,VS0,VE0
    X-CID: 3
    X-CCC: GB
    Content-Range: bytes 1120-1143/177180216
  • flag-us
    GET
    http://msedge.b.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/0740036a-4e18-456d-96fa-d1d9c4ca4676?P1=1739715184&P2=404&P3=2&P4=OrsIWKshnZjx3LsCdP33g4Zrepc3dr5%2fyeHnFPOJFEissonk9DLmSC7RKHeZjsk8%2f4Myl2VjlYlwlN5iyKN4CQ%3d%3d
    Remote address:
    199.232.210.172:80
    Request
    GET /filestreamingservice/files/0740036a-4e18-456d-96fa-d1d9c4ca4676?P1=1739715184&P2=404&P3=2&P4=OrsIWKshnZjx3LsCdP33g4Zrepc3dr5%2fyeHnFPOJFEissonk9DLmSC7RKHeZjsk8%2f4Myl2VjlYlwlN5iyKN4CQ%3d%3d HTTP/1.1
    Connection: Keep-Alive
    Accept: */*
    Accept-Encoding: identity
    If-Unmodified-Since: Thu, 30 Jan 2025 22:24:43 GMT
    Range: bytes=1144-2846
    User-Agent: Microsoft BITS/7.8
    X-Old-UID: {21430C21-34E0-43B9-8A61-08464A5E7863}; age=-1; cnt=2
    X-Last-HR: 0x80070422
    X-Last-HTTP-Status-Code: 500
    X-Retry-Count: 0
    X-HTTP-Attempts: 2
    Host: msedge.b.tlu.dl.delivery.mp.microsoft.com
    Response
    HTTP/1.1 206 Partial Content
    Connection: keep-alive
    Content-Length: 1703
    Cache-Control: public, max-age=17280000
    Content-Type: application/octet-stream
    MS-CorrelationId: 6f60f8cc-e39b-44d3-b4d4-339059ed8366
    MS-RequestId: c8e2eff3-3eeb-4f9c-9dc9-9aaf7fc8a933
    MS-CV: y9dBBsu9vkmE74iU.0
    Last-Modified: Thu, 30 Jan 2025 22:24:43 GMT
    ETag: "Zn30nCFs7P9yX7o9FILxqytRM2k="
    Accept-Ranges: bytes
    Date: Sun, 09 Feb 2025 14:13:23 GMT
    Via: 1.1 varnish
    Age: 829482
    X-Served-By: cache-lcy-eglc8600025-LCY
    X-Cache: HIT
    X-Cache-Hits: 132895
    X-Timer: S1739110404.626118,VS0,VE0
    X-CID: 3
    X-CCC: GB
    Content-Range: bytes 1144-2846/177180216
  • flag-us
    GET
    http://msedge.b.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/0740036a-4e18-456d-96fa-d1d9c4ca4676?P1=1739715184&P2=404&P3=2&P4=OrsIWKshnZjx3LsCdP33g4Zrepc3dr5%2fyeHnFPOJFEissonk9DLmSC7RKHeZjsk8%2f4Myl2VjlYlwlN5iyKN4CQ%3d%3d
    Remote address:
    199.232.210.172:80
    Request
    GET /filestreamingservice/files/0740036a-4e18-456d-96fa-d1d9c4ca4676?P1=1739715184&P2=404&P3=2&P4=OrsIWKshnZjx3LsCdP33g4Zrepc3dr5%2fyeHnFPOJFEissonk9DLmSC7RKHeZjsk8%2f4Myl2VjlYlwlN5iyKN4CQ%3d%3d HTTP/1.1
    Connection: Keep-Alive
    Accept: */*
    Accept-Encoding: identity
    If-Unmodified-Since: Thu, 30 Jan 2025 22:24:43 GMT
    Range: bytes=2847-7014
    User-Agent: Microsoft BITS/7.8
    X-Old-UID: {21430C21-34E0-43B9-8A61-08464A5E7863}; age=-1; cnt=2
    X-Last-HR: 0x80070422
    X-Last-HTTP-Status-Code: 500
    X-Retry-Count: 0
    X-HTTP-Attempts: 2
    Host: msedge.b.tlu.dl.delivery.mp.microsoft.com
    Response
    HTTP/1.1 206 Partial Content
    Connection: keep-alive
    Content-Length: 4168
    Cache-Control: public, max-age=17280000
    Content-Type: application/octet-stream
    MS-CorrelationId: 6f60f8cc-e39b-44d3-b4d4-339059ed8366
    MS-RequestId: c8e2eff3-3eeb-4f9c-9dc9-9aaf7fc8a933
    MS-CV: y9dBBsu9vkmE74iU.0
    Last-Modified: Thu, 30 Jan 2025 22:24:43 GMT
    ETag: "Zn30nCFs7P9yX7o9FILxqytRM2k="
    Accept-Ranges: bytes
    Date: Sun, 09 Feb 2025 14:13:24 GMT
    Via: 1.1 varnish
    Age: 829483
    X-Served-By: cache-lcy-eglc8600025-LCY
    X-Cache: HIT
    X-Cache-Hits: 132896
    X-Timer: S1739110405.862845,VS0,VE0
    X-CID: 3
    X-CCC: GB
    Content-Range: bytes 2847-7014/177180216
  • flag-us
    GET
    http://msedge.b.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/0740036a-4e18-456d-96fa-d1d9c4ca4676?P1=1739715184&P2=404&P3=2&P4=OrsIWKshnZjx3LsCdP33g4Zrepc3dr5%2fyeHnFPOJFEissonk9DLmSC7RKHeZjsk8%2f4Myl2VjlYlwlN5iyKN4CQ%3d%3d
    Remote address:
    199.232.210.172:80
    Request
    GET /filestreamingservice/files/0740036a-4e18-456d-96fa-d1d9c4ca4676?P1=1739715184&P2=404&P3=2&P4=OrsIWKshnZjx3LsCdP33g4Zrepc3dr5%2fyeHnFPOJFEissonk9DLmSC7RKHeZjsk8%2f4Myl2VjlYlwlN5iyKN4CQ%3d%3d HTTP/1.1
    Connection: Keep-Alive
    Accept: */*
    Accept-Encoding: identity
    If-Unmodified-Since: Thu, 30 Jan 2025 22:24:43 GMT
    Range: bytes=7015-12982
    User-Agent: Microsoft BITS/7.8
    X-Old-UID: {21430C21-34E0-43B9-8A61-08464A5E7863}; age=-1; cnt=2
    X-Last-HR: 0x80070422
    X-Last-HTTP-Status-Code: 500
    X-Retry-Count: 0
    X-HTTP-Attempts: 2
    Host: msedge.b.tlu.dl.delivery.mp.microsoft.com
    Response
    HTTP/1.1 206 Partial Content
    Connection: keep-alive
    Content-Length: 5968
    Cache-Control: public, max-age=17280000
    Content-Type: application/octet-stream
    MS-CorrelationId: 6f60f8cc-e39b-44d3-b4d4-339059ed8366
    MS-RequestId: c8e2eff3-3eeb-4f9c-9dc9-9aaf7fc8a933
    MS-CV: y9dBBsu9vkmE74iU.0
    Last-Modified: Thu, 30 Jan 2025 22:24:43 GMT
    ETag: "Zn30nCFs7P9yX7o9FILxqytRM2k="
    Accept-Ranges: bytes
    Date: Sun, 09 Feb 2025 14:13:25 GMT
    Via: 1.1 varnish
    Age: 829484
    X-Served-By: cache-lcy-eglc8600025-LCY
    X-Cache: HIT
    X-Cache-Hits: 132897
    X-Timer: S1739110406.672507,VS0,VE0
    X-CID: 3
    X-CCC: GB
    Content-Range: bytes 7015-12982/177180216
  • flag-us
    GET
    http://msedge.b.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/0740036a-4e18-456d-96fa-d1d9c4ca4676?P1=1739715184&P2=404&P3=2&P4=OrsIWKshnZjx3LsCdP33g4Zrepc3dr5%2fyeHnFPOJFEissonk9DLmSC7RKHeZjsk8%2f4Myl2VjlYlwlN5iyKN4CQ%3d%3d
    Remote address:
    199.232.210.172:80
    Request
    GET /filestreamingservice/files/0740036a-4e18-456d-96fa-d1d9c4ca4676?P1=1739715184&P2=404&P3=2&P4=OrsIWKshnZjx3LsCdP33g4Zrepc3dr5%2fyeHnFPOJFEissonk9DLmSC7RKHeZjsk8%2f4Myl2VjlYlwlN5iyKN4CQ%3d%3d HTTP/1.1
    Connection: Keep-Alive
    Accept: */*
    Accept-Encoding: identity
    If-Unmodified-Since: Thu, 30 Jan 2025 22:24:43 GMT
    Range: bytes=12983-34913
    User-Agent: Microsoft BITS/7.8
    X-Old-UID: {21430C21-34E0-43B9-8A61-08464A5E7863}; age=-1; cnt=2
    X-Last-HR: 0x80070422
    X-Last-HTTP-Status-Code: 500
    X-Retry-Count: 0
    X-HTTP-Attempts: 2
    Host: msedge.b.tlu.dl.delivery.mp.microsoft.com
    Response
    HTTP/1.1 206 Partial Content
    Connection: keep-alive
    Content-Length: 21931
    Cache-Control: public, max-age=17280000
    Content-Type: application/octet-stream
    MS-CorrelationId: 6f60f8cc-e39b-44d3-b4d4-339059ed8366
    MS-RequestId: c8e2eff3-3eeb-4f9c-9dc9-9aaf7fc8a933
    MS-CV: y9dBBsu9vkmE74iU.0
    Last-Modified: Thu, 30 Jan 2025 22:24:43 GMT
    ETag: "Zn30nCFs7P9yX7o9FILxqytRM2k="
    Accept-Ranges: bytes
    Date: Sun, 09 Feb 2025 14:13:26 GMT
    Via: 1.1 varnish
    Age: 829485
    X-Served-By: cache-lcy-eglc8600025-LCY
    X-Cache: HIT
    X-Cache-Hits: 132898
    X-Timer: S1739110407.744831,VS0,VE0
    X-CID: 3
    X-CCC: GB
    Content-Range: bytes 12983-34913/177180216
  • flag-us
    GET
    http://msedge.b.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/0740036a-4e18-456d-96fa-d1d9c4ca4676?P1=1739715184&P2=404&P3=2&P4=OrsIWKshnZjx3LsCdP33g4Zrepc3dr5%2fyeHnFPOJFEissonk9DLmSC7RKHeZjsk8%2f4Myl2VjlYlwlN5iyKN4CQ%3d%3d
    Remote address:
    199.232.210.172:80
    Request
    GET /filestreamingservice/files/0740036a-4e18-456d-96fa-d1d9c4ca4676?P1=1739715184&P2=404&P3=2&P4=OrsIWKshnZjx3LsCdP33g4Zrepc3dr5%2fyeHnFPOJFEissonk9DLmSC7RKHeZjsk8%2f4Myl2VjlYlwlN5iyKN4CQ%3d%3d HTTP/1.1
    Connection: Keep-Alive
    Accept: */*
    Accept-Encoding: identity
    If-Unmodified-Since: Thu, 30 Jan 2025 22:24:43 GMT
    Range: bytes=34914-80446
    User-Agent: Microsoft BITS/7.8
    X-Old-UID: {21430C21-34E0-43B9-8A61-08464A5E7863}; age=-1; cnt=2
    X-Last-HR: 0x80070422
    X-Last-HTTP-Status-Code: 500
    X-Retry-Count: 0
    X-HTTP-Attempts: 2
    Host: msedge.b.tlu.dl.delivery.mp.microsoft.com
    Response
    HTTP/1.1 206 Partial Content
    Connection: keep-alive
    Content-Length: 45533
    Cache-Control: public, max-age=17280000
    Content-Type: application/octet-stream
    MS-CorrelationId: 6f60f8cc-e39b-44d3-b4d4-339059ed8366
    MS-RequestId: c8e2eff3-3eeb-4f9c-9dc9-9aaf7fc8a933
    MS-CV: y9dBBsu9vkmE74iU.0
    Last-Modified: Thu, 30 Jan 2025 22:24:43 GMT
    ETag: "Zn30nCFs7P9yX7o9FILxqytRM2k="
    Accept-Ranges: bytes
    Date: Sun, 09 Feb 2025 14:13:27 GMT
    Via: 1.1 varnish
    Age: 829486
    X-Served-By: cache-lcy-eglc8600025-LCY
    X-Cache: HIT
    X-Cache-Hits: 132899
    X-Timer: S1739110408.781021,VS0,VE0
    X-CID: 3
    X-CCC: GB
    Content-Range: bytes 34914-80446/177180216
  • flag-us
    GET
    http://msedge.b.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/0740036a-4e18-456d-96fa-d1d9c4ca4676?P1=1739715184&P2=404&P3=2&P4=OrsIWKshnZjx3LsCdP33g4Zrepc3dr5%2fyeHnFPOJFEissonk9DLmSC7RKHeZjsk8%2f4Myl2VjlYlwlN5iyKN4CQ%3d%3d
    Remote address:
    199.232.210.172:80
    Request
    GET /filestreamingservice/files/0740036a-4e18-456d-96fa-d1d9c4ca4676?P1=1739715184&P2=404&P3=2&P4=OrsIWKshnZjx3LsCdP33g4Zrepc3dr5%2fyeHnFPOJFEissonk9DLmSC7RKHeZjsk8%2f4Myl2VjlYlwlN5iyKN4CQ%3d%3d HTTP/1.1
    Connection: Keep-Alive
    Accept: */*
    Accept-Encoding: identity
    If-Unmodified-Since: Thu, 30 Jan 2025 22:24:43 GMT
    Range: bytes=80447-103031
    User-Agent: Microsoft BITS/7.8
    X-Old-UID: {21430C21-34E0-43B9-8A61-08464A5E7863}; age=-1; cnt=2
    X-Last-HR: 0x80070422
    X-Last-HTTP-Status-Code: 500
    X-Retry-Count: 0
    X-HTTP-Attempts: 2
    Host: msedge.b.tlu.dl.delivery.mp.microsoft.com
    Response
    HTTP/1.1 206 Partial Content
    Connection: keep-alive
    Content-Length: 22585
    Cache-Control: public, max-age=17280000
    Content-Type: application/octet-stream
    MS-CorrelationId: 6f60f8cc-e39b-44d3-b4d4-339059ed8366
    MS-RequestId: c8e2eff3-3eeb-4f9c-9dc9-9aaf7fc8a933
    MS-CV: y9dBBsu9vkmE74iU.0
    Last-Modified: Thu, 30 Jan 2025 22:24:43 GMT
    ETag: "Zn30nCFs7P9yX7o9FILxqytRM2k="
    Accept-Ranges: bytes
    Date: Sun, 09 Feb 2025 14:13:29 GMT
    Via: 1.1 varnish
    Age: 829489
    X-Served-By: cache-lcy-eglc8600025-LCY
    X-Cache: HIT
    X-Cache-Hits: 132900
    X-Timer: S1739110410.955412,VS0,VE0
    X-CID: 3
    X-CCC: GB
    Content-Range: bytes 80447-103031/177180216
  • flag-us
    GET
    http://msedge.b.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/0740036a-4e18-456d-96fa-d1d9c4ca4676?P1=1739715184&P2=404&P3=2&P4=OrsIWKshnZjx3LsCdP33g4Zrepc3dr5%2fyeHnFPOJFEissonk9DLmSC7RKHeZjsk8%2f4Myl2VjlYlwlN5iyKN4CQ%3d%3d
    Remote address:
    199.232.210.172:80
    Request
    GET /filestreamingservice/files/0740036a-4e18-456d-96fa-d1d9c4ca4676?P1=1739715184&P2=404&P3=2&P4=OrsIWKshnZjx3LsCdP33g4Zrepc3dr5%2fyeHnFPOJFEissonk9DLmSC7RKHeZjsk8%2f4Myl2VjlYlwlN5iyKN4CQ%3d%3d HTTP/1.1
    Connection: Keep-Alive
    Accept: */*
    Accept-Encoding: identity
    If-Unmodified-Since: Thu, 30 Jan 2025 22:24:43 GMT
    Range: bytes=103032-117491
    User-Agent: Microsoft BITS/7.8
    X-Old-UID: {21430C21-34E0-43B9-8A61-08464A5E7863}; age=-1; cnt=2
    X-Last-HR: 0x80070422
    X-Last-HTTP-Status-Code: 500
    X-Retry-Count: 0
    X-HTTP-Attempts: 2
    Host: msedge.b.tlu.dl.delivery.mp.microsoft.com
    Response
    HTTP/1.1 206 Partial Content
    Connection: keep-alive
    Content-Length: 14460
    Cache-Control: public, max-age=17280000
    Content-Type: application/octet-stream
    MS-CorrelationId: 6f60f8cc-e39b-44d3-b4d4-339059ed8366
    MS-RequestId: c8e2eff3-3eeb-4f9c-9dc9-9aaf7fc8a933
    MS-CV: y9dBBsu9vkmE74iU.0
    Last-Modified: Thu, 30 Jan 2025 22:24:43 GMT
    ETag: "Zn30nCFs7P9yX7o9FILxqytRM2k="
    Accept-Ranges: bytes
    Date: Sun, 09 Feb 2025 14:14:04 GMT
    Via: 1.1 varnish
    Age: 829523
    X-Served-By: cache-lcy-eglc8600025-LCY
    X-Cache: HIT
    X-Cache-Hits: 132905
    X-Timer: S1739110445.717762,VS0,VE0
    X-CID: 3
    X-CCC: GB
    Content-Range: bytes 103032-117491/177180216
  • flag-us
    GET
    http://msedge.b.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/0740036a-4e18-456d-96fa-d1d9c4ca4676?P1=1739715184&P2=404&P3=2&P4=OrsIWKshnZjx3LsCdP33g4Zrepc3dr5%2fyeHnFPOJFEissonk9DLmSC7RKHeZjsk8%2f4Myl2VjlYlwlN5iyKN4CQ%3d%3d
    Remote address:
    199.232.210.172:80
    Request
    GET /filestreamingservice/files/0740036a-4e18-456d-96fa-d1d9c4ca4676?P1=1739715184&P2=404&P3=2&P4=OrsIWKshnZjx3LsCdP33g4Zrepc3dr5%2fyeHnFPOJFEissonk9DLmSC7RKHeZjsk8%2f4Myl2VjlYlwlN5iyKN4CQ%3d%3d HTTP/1.1
    Connection: Keep-Alive
    Accept: */*
    Accept-Encoding: identity
    If-Unmodified-Since: Thu, 30 Jan 2025 22:24:43 GMT
    Range: bytes=117492-138775
    User-Agent: Microsoft BITS/7.8
    X-Old-UID: {21430C21-34E0-43B9-8A61-08464A5E7863}; age=-1; cnt=2
    X-Last-HR: 0x80070422
    X-Last-HTTP-Status-Code: 500
    X-Retry-Count: 0
    X-HTTP-Attempts: 2
    Host: msedge.b.tlu.dl.delivery.mp.microsoft.com
    Response
    HTTP/1.1 206 Partial Content
    Connection: keep-alive
    Content-Length: 21284
    Cache-Control: public, max-age=17280000
    Content-Type: application/octet-stream
    MS-CorrelationId: 6f60f8cc-e39b-44d3-b4d4-339059ed8366
    MS-RequestId: c8e2eff3-3eeb-4f9c-9dc9-9aaf7fc8a933
    MS-CV: y9dBBsu9vkmE74iU.0
    Last-Modified: Thu, 30 Jan 2025 22:24:43 GMT
    ETag: "Zn30nCFs7P9yX7o9FILxqytRM2k="
    Accept-Ranges: bytes
    Date: Sun, 09 Feb 2025 14:14:05 GMT
    Via: 1.1 varnish
    Age: 829525
    X-Served-By: cache-lcy-eglc8600025-LCY
    X-Cache: HIT
    X-Cache-Hits: 132906
    X-Timer: S1739110446.969417,VS0,VE0
    X-CID: 3
    X-CCC: GB
    Content-Range: bytes 117492-138775/177180216
  • flag-us
    GET
    http://msedge.b.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/0740036a-4e18-456d-96fa-d1d9c4ca4676?P1=1739715184&P2=404&P3=2&P4=OrsIWKshnZjx3LsCdP33g4Zrepc3dr5%2fyeHnFPOJFEissonk9DLmSC7RKHeZjsk8%2f4Myl2VjlYlwlN5iyKN4CQ%3d%3d
    Remote address:
    199.232.210.172:80
    Request
    GET /filestreamingservice/files/0740036a-4e18-456d-96fa-d1d9c4ca4676?P1=1739715184&P2=404&P3=2&P4=OrsIWKshnZjx3LsCdP33g4Zrepc3dr5%2fyeHnFPOJFEissonk9DLmSC7RKHeZjsk8%2f4Myl2VjlYlwlN5iyKN4CQ%3d%3d HTTP/1.1
    Connection: Keep-Alive
    Accept: */*
    Accept-Encoding: identity
    If-Unmodified-Since: Thu, 30 Jan 2025 22:24:43 GMT
    Range: bytes=138776-153296
    User-Agent: Microsoft BITS/7.8
    X-Old-UID: {21430C21-34E0-43B9-8A61-08464A5E7863}; age=-1; cnt=2
    X-Last-HR: 0x80070422
    X-Last-HTTP-Status-Code: 500
    X-Retry-Count: 0
    X-HTTP-Attempts: 2
    Host: msedge.b.tlu.dl.delivery.mp.microsoft.com
    Response
    HTTP/1.1 206 Partial Content
    Connection: keep-alive
    Content-Length: 14521
    Cache-Control: public, max-age=17280000
    Content-Type: application/octet-stream
    MS-CorrelationId: 6f60f8cc-e39b-44d3-b4d4-339059ed8366
    MS-RequestId: c8e2eff3-3eeb-4f9c-9dc9-9aaf7fc8a933
    MS-CV: y9dBBsu9vkmE74iU.0
    Last-Modified: Thu, 30 Jan 2025 22:24:43 GMT
    ETag: "Zn30nCFs7P9yX7o9FILxqytRM2k="
    Accept-Ranges: bytes
    Date: Sun, 09 Feb 2025 14:14:10 GMT
    Via: 1.1 varnish
    Age: 829529
    X-Served-By: cache-lcy-eglc8600025-LCY
    X-Cache: HIT
    X-Cache-Hits: 132907
    X-Timer: S1739110450.425624,VS0,VE0
    X-CID: 3
    X-CCC: GB
    Content-Range: bytes 138776-153296/177180216
  • flag-us
    GET
    http://msedge.b.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/0740036a-4e18-456d-96fa-d1d9c4ca4676?P1=1739715184&P2=404&P3=2&P4=OrsIWKshnZjx3LsCdP33g4Zrepc3dr5%2fyeHnFPOJFEissonk9DLmSC7RKHeZjsk8%2f4Myl2VjlYlwlN5iyKN4CQ%3d%3d
    Remote address:
    199.232.210.172:80
    Request
    GET /filestreamingservice/files/0740036a-4e18-456d-96fa-d1d9c4ca4676?P1=1739715184&P2=404&P3=2&P4=OrsIWKshnZjx3LsCdP33g4Zrepc3dr5%2fyeHnFPOJFEissonk9DLmSC7RKHeZjsk8%2f4Myl2VjlYlwlN5iyKN4CQ%3d%3d HTTP/1.1
    Connection: Keep-Alive
    Accept: */*
    Accept-Encoding: identity
    If-Unmodified-Since: Thu, 30 Jan 2025 22:24:43 GMT
    Range: bytes=153297-177364
    User-Agent: Microsoft BITS/7.8
    X-Old-UID: {21430C21-34E0-43B9-8A61-08464A5E7863}; age=-1; cnt=2
    X-Last-HR: 0x80070422
    X-Last-HTTP-Status-Code: 500
    X-Retry-Count: 0
    X-HTTP-Attempts: 2
    Host: msedge.b.tlu.dl.delivery.mp.microsoft.com
    Response
    HTTP/1.1 206 Partial Content
    Connection: keep-alive
    Content-Length: 24068
    Cache-Control: public, max-age=17280000
    Content-Type: application/octet-stream
    MS-CorrelationId: 6f60f8cc-e39b-44d3-b4d4-339059ed8366
    MS-RequestId: c8e2eff3-3eeb-4f9c-9dc9-9aaf7fc8a933
    MS-CV: y9dBBsu9vkmE74iU.0
    Last-Modified: Thu, 30 Jan 2025 22:24:43 GMT
    ETag: "Zn30nCFs7P9yX7o9FILxqytRM2k="
    Accept-Ranges: bytes
    Date: Sun, 09 Feb 2025 14:14:11 GMT
    Via: 1.1 varnish
    Age: 829530
    X-Served-By: cache-lcy-eglc8600025-LCY
    X-Cache: HIT
    X-Cache-Hits: 132908
    X-Timer: S1739110451.423918,VS0,VE0
    X-CID: 3
    X-CCC: GB
    Content-Range: bytes 153297-177364/177180216
  • flag-us
    GET
    http://msedge.b.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/0740036a-4e18-456d-96fa-d1d9c4ca4676?P1=1739715184&P2=404&P3=2&P4=OrsIWKshnZjx3LsCdP33g4Zrepc3dr5%2fyeHnFPOJFEissonk9DLmSC7RKHeZjsk8%2f4Myl2VjlYlwlN5iyKN4CQ%3d%3d
    Remote address:
    199.232.210.172:80
    Request
    GET /filestreamingservice/files/0740036a-4e18-456d-96fa-d1d9c4ca4676?P1=1739715184&P2=404&P3=2&P4=OrsIWKshnZjx3LsCdP33g4Zrepc3dr5%2fyeHnFPOJFEissonk9DLmSC7RKHeZjsk8%2f4Myl2VjlYlwlN5iyKN4CQ%3d%3d HTTP/1.1
    Connection: Keep-Alive
    Accept: */*
    Accept-Encoding: identity
    If-Unmodified-Since: Thu, 30 Jan 2025 22:24:43 GMT
    Range: bytes=177365-199910
    User-Agent: Microsoft BITS/7.8
    X-Old-UID: {21430C21-34E0-43B9-8A61-08464A5E7863}; age=-1; cnt=2
    X-Last-HR: 0x80070422
    X-Last-HTTP-Status-Code: 500
    X-Retry-Count: 0
    X-HTTP-Attempts: 2
    Host: msedge.b.tlu.dl.delivery.mp.microsoft.com
    Response
    HTTP/1.1 206 Partial Content
    Connection: keep-alive
    Content-Length: 22546
    Cache-Control: public, max-age=17280000
    Content-Type: application/octet-stream
    MS-CorrelationId: 6f60f8cc-e39b-44d3-b4d4-339059ed8366
    MS-RequestId: c8e2eff3-3eeb-4f9c-9dc9-9aaf7fc8a933
    MS-CV: y9dBBsu9vkmE74iU.0
    Last-Modified: Thu, 30 Jan 2025 22:24:43 GMT
    ETag: "Zn30nCFs7P9yX7o9FILxqytRM2k="
    Accept-Ranges: bytes
    Date: Sun, 09 Feb 2025 14:14:13 GMT
    Via: 1.1 varnish
    Age: 829532
    X-Served-By: cache-lcy-eglc8600025-LCY
    X-Cache: HIT
    X-Cache-Hits: 132909
    X-Timer: S1739110453.025168,VS0,VE0
    X-CID: 3
    X-CCC: GB
    Content-Range: bytes 177365-199910/177180216
  • flag-us
    GET
    http://msedge.b.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/0740036a-4e18-456d-96fa-d1d9c4ca4676?P1=1739715184&P2=404&P3=2&P4=OrsIWKshnZjx3LsCdP33g4Zrepc3dr5%2fyeHnFPOJFEissonk9DLmSC7RKHeZjsk8%2f4Myl2VjlYlwlN5iyKN4CQ%3d%3d
    Remote address:
    199.232.210.172:80
    Request
    GET /filestreamingservice/files/0740036a-4e18-456d-96fa-d1d9c4ca4676?P1=1739715184&P2=404&P3=2&P4=OrsIWKshnZjx3LsCdP33g4Zrepc3dr5%2fyeHnFPOJFEissonk9DLmSC7RKHeZjsk8%2f4Myl2VjlYlwlN5iyKN4CQ%3d%3d HTTP/1.1
    Connection: Keep-Alive
    Accept: */*
    Accept-Encoding: identity
    If-Unmodified-Since: Thu, 30 Jan 2025 22:24:43 GMT
    Range: bytes=199911-209794
    User-Agent: Microsoft BITS/7.8
    X-Old-UID: {21430C21-34E0-43B9-8A61-08464A5E7863}; age=-1; cnt=2
    X-Last-HR: 0x80070422
    X-Last-HTTP-Status-Code: 500
    X-Retry-Count: 0
    X-HTTP-Attempts: 2
    Host: msedge.b.tlu.dl.delivery.mp.microsoft.com
    Response
    HTTP/1.1 206 Partial Content
    Connection: keep-alive
    Content-Length: 9884
    Cache-Control: public, max-age=17280000
    Content-Type: application/octet-stream
    MS-CorrelationId: 6f60f8cc-e39b-44d3-b4d4-339059ed8366
    MS-RequestId: c8e2eff3-3eeb-4f9c-9dc9-9aaf7fc8a933
    MS-CV: y9dBBsu9vkmE74iU.0
    Last-Modified: Thu, 30 Jan 2025 22:24:43 GMT
    ETag: "Zn30nCFs7P9yX7o9FILxqytRM2k="
    Accept-Ranges: bytes
    Date: Sun, 09 Feb 2025 14:14:18 GMT
    Via: 1.1 varnish
    Age: 829537
    X-Served-By: cache-lcy-eglc8600025-LCY
    X-Cache: HIT
    X-Cache-Hits: 132912
    X-Timer: S1739110459.833962,VS0,VE0
    X-CID: 3
    X-CCC: GB
    Content-Range: bytes 199911-209794/177180216
  • flag-us
    GET
    http://msedge.b.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/0740036a-4e18-456d-96fa-d1d9c4ca4676?P1=1739715184&P2=404&P3=2&P4=OrsIWKshnZjx3LsCdP33g4Zrepc3dr5%2fyeHnFPOJFEissonk9DLmSC7RKHeZjsk8%2f4Myl2VjlYlwlN5iyKN4CQ%3d%3d
    Remote address:
    199.232.210.172:80
    Request
    GET /filestreamingservice/files/0740036a-4e18-456d-96fa-d1d9c4ca4676?P1=1739715184&P2=404&P3=2&P4=OrsIWKshnZjx3LsCdP33g4Zrepc3dr5%2fyeHnFPOJFEissonk9DLmSC7RKHeZjsk8%2f4Myl2VjlYlwlN5iyKN4CQ%3d%3d HTTP/1.1
    Connection: Keep-Alive
    Accept: */*
    Accept-Encoding: identity
    If-Unmodified-Since: Thu, 30 Jan 2025 22:24:43 GMT
    Range: bytes=209795-229519
    User-Agent: Microsoft BITS/7.8
    X-Old-UID: {21430C21-34E0-43B9-8A61-08464A5E7863}; age=-1; cnt=2
    X-Last-HR: 0x80070422
    X-Last-HTTP-Status-Code: 500
    X-Retry-Count: 0
    X-HTTP-Attempts: 2
    Host: msedge.b.tlu.dl.delivery.mp.microsoft.com
    Response
    HTTP/1.1 206 Partial Content
    Connection: keep-alive
    Content-Length: 19725
    Cache-Control: public, max-age=17280000
    Content-Type: application/octet-stream
    MS-CorrelationId: 6f60f8cc-e39b-44d3-b4d4-339059ed8366
    MS-RequestId: c8e2eff3-3eeb-4f9c-9dc9-9aaf7fc8a933
    MS-CV: y9dBBsu9vkmE74iU.0
    Last-Modified: Thu, 30 Jan 2025 22:24:43 GMT
    ETag: "Zn30nCFs7P9yX7o9FILxqytRM2k="
    Accept-Ranges: bytes
    Date: Sun, 09 Feb 2025 14:14:57 GMT
    Via: 1.1 varnish
    Age: 829576
    X-Served-By: cache-lcy-eglc8600025-LCY
    X-Cache: HIT
    X-Cache-Hits: 132924
    X-Timer: S1739110498.789850,VS0,VE0
    X-CID: 3
    X-CCC: GB
    Content-Range: bytes 209795-229519/177180216
  • flag-us
    GET
    http://msedge.b.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/0740036a-4e18-456d-96fa-d1d9c4ca4676?P1=1739715184&P2=404&P3=2&P4=OrsIWKshnZjx3LsCdP33g4Zrepc3dr5%2fyeHnFPOJFEissonk9DLmSC7RKHeZjsk8%2f4Myl2VjlYlwlN5iyKN4CQ%3d%3d
    Remote address:
    199.232.210.172:80
    Request
    GET /filestreamingservice/files/0740036a-4e18-456d-96fa-d1d9c4ca4676?P1=1739715184&P2=404&P3=2&P4=OrsIWKshnZjx3LsCdP33g4Zrepc3dr5%2fyeHnFPOJFEissonk9DLmSC7RKHeZjsk8%2f4Myl2VjlYlwlN5iyKN4CQ%3d%3d HTTP/1.1
    Connection: Keep-Alive
    Accept: */*
    Accept-Encoding: identity
    If-Unmodified-Since: Thu, 30 Jan 2025 22:24:43 GMT
    Range: bytes=229520-245305
    User-Agent: Microsoft BITS/7.8
    X-Old-UID: {21430C21-34E0-43B9-8A61-08464A5E7863}; age=-1; cnt=2
    X-Last-HR: 0x80070422
    X-Last-HTTP-Status-Code: 500
    X-Retry-Count: 0
    X-HTTP-Attempts: 2
    Host: msedge.b.tlu.dl.delivery.mp.microsoft.com
    Response
    HTTP/1.1 206 Partial Content
    Connection: keep-alive
    Content-Length: 15786
    Cache-Control: public, max-age=17280000
    Content-Type: application/octet-stream
    MS-CorrelationId: 6f60f8cc-e39b-44d3-b4d4-339059ed8366
    MS-RequestId: c8e2eff3-3eeb-4f9c-9dc9-9aaf7fc8a933
    MS-CV: y9dBBsu9vkmE74iU.0
    Last-Modified: Thu, 30 Jan 2025 22:24:43 GMT
    ETag: "Zn30nCFs7P9yX7o9FILxqytRM2k="
    Accept-Ranges: bytes
    Date: Sun, 09 Feb 2025 14:14:58 GMT
    Via: 1.1 varnish
    Age: 829577
    X-Served-By: cache-lcy-eglc8600025-LCY
    X-Cache: HIT
    X-Cache-Hits: 132925
    X-Timer: S1739110499.897521,VS0,VE0
    X-CID: 3
    X-CCC: GB
    Content-Range: bytes 229520-245305/177180216
  • flag-us
    GET
    http://msedge.b.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/0740036a-4e18-456d-96fa-d1d9c4ca4676?P1=1739715184&P2=404&P3=2&P4=OrsIWKshnZjx3LsCdP33g4Zrepc3dr5%2fyeHnFPOJFEissonk9DLmSC7RKHeZjsk8%2f4Myl2VjlYlwlN5iyKN4CQ%3d%3d
    Remote address:
    199.232.210.172:80
    Request
    GET /filestreamingservice/files/0740036a-4e18-456d-96fa-d1d9c4ca4676?P1=1739715184&P2=404&P3=2&P4=OrsIWKshnZjx3LsCdP33g4Zrepc3dr5%2fyeHnFPOJFEissonk9DLmSC7RKHeZjsk8%2f4Myl2VjlYlwlN5iyKN4CQ%3d%3d HTTP/1.1
    Connection: Keep-Alive
    Accept: */*
    Accept-Encoding: identity
    If-Unmodified-Since: Thu, 30 Jan 2025 22:24:43 GMT
    Range: bytes=245306-258139
    User-Agent: Microsoft BITS/7.8
    X-Old-UID: {21430C21-34E0-43B9-8A61-08464A5E7863}; age=-1; cnt=2
    X-Last-HR: 0x80070422
    X-Last-HTTP-Status-Code: 500
    X-Retry-Count: 0
    X-HTTP-Attempts: 2
    Host: msedge.b.tlu.dl.delivery.mp.microsoft.com
    Response
    HTTP/1.1 206 Partial Content
    Connection: keep-alive
    Content-Length: 12834
    Cache-Control: public, max-age=17280000
    Content-Type: application/octet-stream
    MS-CorrelationId: 6f60f8cc-e39b-44d3-b4d4-339059ed8366
    MS-RequestId: c8e2eff3-3eeb-4f9c-9dc9-9aaf7fc8a933
    MS-CV: y9dBBsu9vkmE74iU.0
    Last-Modified: Thu, 30 Jan 2025 22:24:43 GMT
    ETag: "Zn30nCFs7P9yX7o9FILxqytRM2k="
    Accept-Ranges: bytes
    Date: Sun, 09 Feb 2025 14:15:01 GMT
    Via: 1.1 varnish
    Age: 829580
    X-Served-By: cache-lcy-eglc8600025-LCY
    X-Cache: HIT
    X-Cache-Hits: 132926
    X-Timer: S1739110502.864580,VS0,VE0
    X-CID: 3
    X-CCC: GB
    Content-Range: bytes 245306-258139/177180216
  • flag-us
    GET
    http://msedge.b.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/0740036a-4e18-456d-96fa-d1d9c4ca4676?P1=1739715184&P2=404&P3=2&P4=OrsIWKshnZjx3LsCdP33g4Zrepc3dr5%2fyeHnFPOJFEissonk9DLmSC7RKHeZjsk8%2f4Myl2VjlYlwlN5iyKN4CQ%3d%3d
    Remote address:
    199.232.210.172:80
    Request
    GET /filestreamingservice/files/0740036a-4e18-456d-96fa-d1d9c4ca4676?P1=1739715184&P2=404&P3=2&P4=OrsIWKshnZjx3LsCdP33g4Zrepc3dr5%2fyeHnFPOJFEissonk9DLmSC7RKHeZjsk8%2f4Myl2VjlYlwlN5iyKN4CQ%3d%3d HTTP/1.1
    Connection: Keep-Alive
    Accept: */*
    Accept-Encoding: identity
    If-Unmodified-Since: Thu, 30 Jan 2025 22:24:43 GMT
    Range: bytes=258140-266665
    User-Agent: Microsoft BITS/7.8
    X-Old-UID: {21430C21-34E0-43B9-8A61-08464A5E7863}; age=-1; cnt=2
    X-Last-HR: 0x80070422
    X-Last-HTTP-Status-Code: 500
    X-Retry-Count: 0
    X-HTTP-Attempts: 2
    Host: msedge.b.tlu.dl.delivery.mp.microsoft.com
    Response
    HTTP/1.1 206 Partial Content
    Connection: keep-alive
    Content-Length: 8526
    Cache-Control: public, max-age=17280000
    Content-Type: application/octet-stream
    MS-CorrelationId: 6f60f8cc-e39b-44d3-b4d4-339059ed8366
    MS-RequestId: c8e2eff3-3eeb-4f9c-9dc9-9aaf7fc8a933
    MS-CV: y9dBBsu9vkmE74iU.0
    Last-Modified: Thu, 30 Jan 2025 22:24:43 GMT
    ETag: "Zn30nCFs7P9yX7o9FILxqytRM2k="
    Accept-Ranges: bytes
    Date: Sun, 09 Feb 2025 14:15:05 GMT
    Via: 1.1 varnish
    Age: 829584
    X-Served-By: cache-lcy-eglc8600025-LCY
    X-Cache: HIT
    X-Cache-Hits: 132928
    X-Timer: S1739110505.408185,VS0,VE0
    X-CID: 3
    X-CCC: GB
    Content-Range: bytes 258140-266665/177180216
  • flag-us
    GET
    http://msedge.b.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/0740036a-4e18-456d-96fa-d1d9c4ca4676?P1=1739715184&P2=404&P3=2&P4=OrsIWKshnZjx3LsCdP33g4Zrepc3dr5%2fyeHnFPOJFEissonk9DLmSC7RKHeZjsk8%2f4Myl2VjlYlwlN5iyKN4CQ%3d%3d
    Remote address:
    199.232.210.172:80
    Request
    GET /filestreamingservice/files/0740036a-4e18-456d-96fa-d1d9c4ca4676?P1=1739715184&P2=404&P3=2&P4=OrsIWKshnZjx3LsCdP33g4Zrepc3dr5%2fyeHnFPOJFEissonk9DLmSC7RKHeZjsk8%2f4Myl2VjlYlwlN5iyKN4CQ%3d%3d HTTP/1.1
    Connection: Keep-Alive
    Accept: */*
    Accept-Encoding: identity
    If-Unmodified-Since: Thu, 30 Jan 2025 22:24:43 GMT
    Range: bytes=266666-281104
    User-Agent: Microsoft BITS/7.8
    X-Old-UID: {21430C21-34E0-43B9-8A61-08464A5E7863}; age=-1; cnt=2
    X-Last-HR: 0x80070422
    X-Last-HTTP-Status-Code: 500
    X-Retry-Count: 0
    X-HTTP-Attempts: 2
    Host: msedge.b.tlu.dl.delivery.mp.microsoft.com
    Response
    HTTP/1.1 206 Partial Content
    Connection: keep-alive
    Content-Length: 14439
    Cache-Control: public, max-age=17280000
    Content-Type: application/octet-stream
    MS-CorrelationId: 6f60f8cc-e39b-44d3-b4d4-339059ed8366
    MS-RequestId: c8e2eff3-3eeb-4f9c-9dc9-9aaf7fc8a933
    MS-CV: y9dBBsu9vkmE74iU.0
    Last-Modified: Thu, 30 Jan 2025 22:24:43 GMT
    ETag: "Zn30nCFs7P9yX7o9FILxqytRM2k="
    Accept-Ranges: bytes
    Date: Sun, 09 Feb 2025 14:15:15 GMT
    Via: 1.1 varnish
    Age: 829594
    X-Served-By: cache-lcy-eglc8600025-LCY
    X-Cache: HIT
    X-Cache-Hits: 132932
    X-Timer: S1739110516.842043,VS0,VE0
    X-CID: 3
    X-CCC: GB
    Content-Range: bytes 266666-281104/177180216
  • flag-us
    GET
    http://msedge.b.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/0740036a-4e18-456d-96fa-d1d9c4ca4676?P1=1739715184&P2=404&P3=2&P4=OrsIWKshnZjx3LsCdP33g4Zrepc3dr5%2fyeHnFPOJFEissonk9DLmSC7RKHeZjsk8%2f4Myl2VjlYlwlN5iyKN4CQ%3d%3d
    Remote address:
    199.232.210.172:80
    Request
    GET /filestreamingservice/files/0740036a-4e18-456d-96fa-d1d9c4ca4676?P1=1739715184&P2=404&P3=2&P4=OrsIWKshnZjx3LsCdP33g4Zrepc3dr5%2fyeHnFPOJFEissonk9DLmSC7RKHeZjsk8%2f4Myl2VjlYlwlN5iyKN4CQ%3d%3d HTTP/1.1
    Connection: Keep-Alive
    Accept: */*
    Accept-Encoding: identity
    If-Unmodified-Since: Thu, 30 Jan 2025 22:24:43 GMT
    Range: bytes=281105-293809
    User-Agent: Microsoft BITS/7.8
    X-Old-UID: {21430C21-34E0-43B9-8A61-08464A5E7863}; age=-1; cnt=2
    X-Last-HR: 0x80070422
    X-Last-HTTP-Status-Code: 500
    X-Retry-Count: 0
    X-HTTP-Attempts: 2
    Host: msedge.b.tlu.dl.delivery.mp.microsoft.com
    Response
    HTTP/1.1 206 Partial Content
    Connection: keep-alive
    Content-Length: 12705
    Cache-Control: public, max-age=17280000
    Content-Type: application/octet-stream
    MS-CorrelationId: 6f60f8cc-e39b-44d3-b4d4-339059ed8366
    MS-RequestId: c8e2eff3-3eeb-4f9c-9dc9-9aaf7fc8a933
    MS-CV: y9dBBsu9vkmE74iU.0
    Last-Modified: Thu, 30 Jan 2025 22:24:43 GMT
    ETag: "Zn30nCFs7P9yX7o9FILxqytRM2k="
    Accept-Ranges: bytes
    Date: Sun, 09 Feb 2025 14:15:16 GMT
    Via: 1.1 varnish
    Age: 829595
    X-Served-By: cache-lcy-eglc8600025-LCY
    X-Cache: HIT
    X-Cache-Hits: 132933
    X-Timer: S1739110516.277009,VS0,VE0
    X-CID: 3
    X-CCC: GB
    Content-Range: bytes 281105-293809/177180216
  • flag-us
    GET
    http://msedge.b.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/0740036a-4e18-456d-96fa-d1d9c4ca4676?P1=1739715184&P2=404&P3=2&P4=OrsIWKshnZjx3LsCdP33g4Zrepc3dr5%2fyeHnFPOJFEissonk9DLmSC7RKHeZjsk8%2f4Myl2VjlYlwlN5iyKN4CQ%3d%3d
    Remote address:
    199.232.210.172:80
    Request
    GET /filestreamingservice/files/0740036a-4e18-456d-96fa-d1d9c4ca4676?P1=1739715184&P2=404&P3=2&P4=OrsIWKshnZjx3LsCdP33g4Zrepc3dr5%2fyeHnFPOJFEissonk9DLmSC7RKHeZjsk8%2f4Myl2VjlYlwlN5iyKN4CQ%3d%3d HTTP/1.1
    Connection: Keep-Alive
    Accept: */*
    Accept-Encoding: identity
    If-Unmodified-Since: Thu, 30 Jan 2025 22:24:43 GMT
    Range: bytes=293810-302796
    User-Agent: Microsoft BITS/7.8
    X-Old-UID: {21430C21-34E0-43B9-8A61-08464A5E7863}; age=-1; cnt=2
    X-Last-HR: 0x80070422
    X-Last-HTTP-Status-Code: 500
    X-Retry-Count: 0
    X-HTTP-Attempts: 2
    Host: msedge.b.tlu.dl.delivery.mp.microsoft.com
  • 150.171.28.10:443
    https://g.bing.com/neg/0?action=emptycreativeimpression&adUnitId=11730597&publisherId=251978541&rid=e35e8decf40e466d8e85fae7c01739ec&localId=w:23783DC3-A089-EC8F-F8FF-C6E76D0A06B0&deviceId=6966574813950623&anid=
    tls, http2
    2.9kB
     12.6kB
     33
    26

    HTTP Request

    GET https://g.bing.com/neg/0?action=emptycreativeimpression&adUnitId=11730597&publisherId=251978541&rid=e35e8decf40e466d8e85fae7c01739ec&localId=w:23783DC3-A089-EC8F-F8FF-C6E76D0A06B0&deviceId=6966574813950623&anid=

    HTTP Response

    204

    HTTP Request

    GET https://g.bing.com/neg/0?action=emptycreative&adUnitId=11730597&publisherId=251978541&rid=e35e8decf40e466d8e85fae7c01739ec&localId=w:23783DC3-A089-EC8F-F8FF-C6E76D0A06B0&deviceId=6966574813950623&anid=

    HTTP Response

    204

    HTTP Request

    GET https://g.bing.com/neg/0?action=emptycreativeimpression&adUnitId=11730597&publisherId=251978541&rid=e35e8decf40e466d8e85fae7c01739ec&localId=w:23783DC3-A089-EC8F-F8FF-C6E76D0A06B0&deviceId=6966574813950623&anid=

    HTTP Response

    204
  • 127.0.0.1:6000
    39505bf9b61e4886a5e886d9ec0b50f00ce691c8c7c6934fdb62a90ee0eb7997.exe
  • 4.155.164.36:443
    https://msedge.api.cdp.microsoft.com/api/v1.1/internal/contents/Browser/namespaces/Default/names/msedge-stable-win-x64/versions/132.0.2957.140/files?action=GenerateDownloadInfo&foregroundPriority=false
    tls, http2
    5.0kB
     13.2kB
     22
    20

    HTTP Request

    POST https://msedge.api.cdp.microsoft.com/api/v2/contents/Browser/namespaces/Default/names?action=batchupdates

    HTTP Response

    200

    HTTP Request

    POST https://msedge.api.cdp.microsoft.com/api/v1.1/internal/contents/Browser/namespaces/Default/names/msedge-stable-win-x64/versions/132.0.2957.140/files?action=GenerateDownloadInfo&foregroundPriority=false

    HTTP Response

    200
  • 199.232.210.172:80
    http://msedge.b.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/0740036a-4e18-456d-96fa-d1d9c4ca4676?P1=1739715184&P2=404&P3=2&P4=OrsIWKshnZjx3LsCdP33g4Zrepc3dr5%2fyeHnFPOJFEissonk9DLmSC7RKHeZjsk8%2f4Myl2VjlYlwlN5iyKN4CQ%3d%3d
    http
    36.7kB
     331.4kB
     231
    265

    HTTP Request

    HEAD http://msedge.b.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/0740036a-4e18-456d-96fa-d1d9c4ca4676?P1=1739715184&P2=404&P3=2&P4=OrsIWKshnZjx3LsCdP33g4Zrepc3dr5%2fyeHnFPOJFEissonk9DLmSC7RKHeZjsk8%2f4Myl2VjlYlwlN5iyKN4CQ%3d%3d

    HTTP Response

    200

    HTTP Request

    GET http://msedge.b.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/0740036a-4e18-456d-96fa-d1d9c4ca4676?P1=1739715184&P2=404&P3=2&P4=OrsIWKshnZjx3LsCdP33g4Zrepc3dr5%2fyeHnFPOJFEissonk9DLmSC7RKHeZjsk8%2f4Myl2VjlYlwlN5iyKN4CQ%3d%3d

    HTTP Response

    206

    HTTP Request

    GET http://msedge.b.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/0740036a-4e18-456d-96fa-d1d9c4ca4676?P1=1739715184&P2=404&P3=2&P4=OrsIWKshnZjx3LsCdP33g4Zrepc3dr5%2fyeHnFPOJFEissonk9DLmSC7RKHeZjsk8%2f4Myl2VjlYlwlN5iyKN4CQ%3d%3d

    HTTP Response

    206

    HTTP Request

    GET http://msedge.b.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/0740036a-4e18-456d-96fa-d1d9c4ca4676?P1=1739715184&P2=404&P3=2&P4=OrsIWKshnZjx3LsCdP33g4Zrepc3dr5%2fyeHnFPOJFEissonk9DLmSC7RKHeZjsk8%2f4Myl2VjlYlwlN5iyKN4CQ%3d%3d

    HTTP Response

    206

    HTTP Request

    GET http://msedge.b.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/0740036a-4e18-456d-96fa-d1d9c4ca4676?P1=1739715184&P2=404&P3=2&P4=OrsIWKshnZjx3LsCdP33g4Zrepc3dr5%2fyeHnFPOJFEissonk9DLmSC7RKHeZjsk8%2f4Myl2VjlYlwlN5iyKN4CQ%3d%3d

    HTTP Response

    206

    HTTP Request

    GET http://msedge.b.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/0740036a-4e18-456d-96fa-d1d9c4ca4676?P1=1739715184&P2=404&P3=2&P4=OrsIWKshnZjx3LsCdP33g4Zrepc3dr5%2fyeHnFPOJFEissonk9DLmSC7RKHeZjsk8%2f4Myl2VjlYlwlN5iyKN4CQ%3d%3d

    HTTP Response

    206

    HTTP Request

    GET http://msedge.b.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/0740036a-4e18-456d-96fa-d1d9c4ca4676?P1=1739715184&P2=404&P3=2&P4=OrsIWKshnZjx3LsCdP33g4Zrepc3dr5%2fyeHnFPOJFEissonk9DLmSC7RKHeZjsk8%2f4Myl2VjlYlwlN5iyKN4CQ%3d%3d

    HTTP Response

    206

    HTTP Request

    GET http://msedge.b.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/0740036a-4e18-456d-96fa-d1d9c4ca4676?P1=1739715184&P2=404&P3=2&P4=OrsIWKshnZjx3LsCdP33g4Zrepc3dr5%2fyeHnFPOJFEissonk9DLmSC7RKHeZjsk8%2f4Myl2VjlYlwlN5iyKN4CQ%3d%3d

    HTTP Response

    206

    HTTP Request

    GET http://msedge.b.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/0740036a-4e18-456d-96fa-d1d9c4ca4676?P1=1739715184&P2=404&P3=2&P4=OrsIWKshnZjx3LsCdP33g4Zrepc3dr5%2fyeHnFPOJFEissonk9DLmSC7RKHeZjsk8%2f4Myl2VjlYlwlN5iyKN4CQ%3d%3d

    HTTP Response

    206

    HTTP Request

    GET http://msedge.b.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/0740036a-4e18-456d-96fa-d1d9c4ca4676?P1=1739715184&P2=404&P3=2&P4=OrsIWKshnZjx3LsCdP33g4Zrepc3dr5%2fyeHnFPOJFEissonk9DLmSC7RKHeZjsk8%2f4Myl2VjlYlwlN5iyKN4CQ%3d%3d

    HTTP Response

    206

    HTTP Request

    GET http://msedge.b.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/0740036a-4e18-456d-96fa-d1d9c4ca4676?P1=1739715184&P2=404&P3=2&P4=OrsIWKshnZjx3LsCdP33g4Zrepc3dr5%2fyeHnFPOJFEissonk9DLmSC7RKHeZjsk8%2f4Myl2VjlYlwlN5iyKN4CQ%3d%3d

    HTTP Response

    206

    HTTP Request

    GET http://msedge.b.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/0740036a-4e18-456d-96fa-d1d9c4ca4676?P1=1739715184&P2=404&P3=2&P4=OrsIWKshnZjx3LsCdP33g4Zrepc3dr5%2fyeHnFPOJFEissonk9DLmSC7RKHeZjsk8%2f4Myl2VjlYlwlN5iyKN4CQ%3d%3d

    HTTP Response

    206

    HTTP Request

    GET http://msedge.b.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/0740036a-4e18-456d-96fa-d1d9c4ca4676?P1=1739715184&P2=404&P3=2&P4=OrsIWKshnZjx3LsCdP33g4Zrepc3dr5%2fyeHnFPOJFEissonk9DLmSC7RKHeZjsk8%2f4Myl2VjlYlwlN5iyKN4CQ%3d%3d

    HTTP Response

    206

    HTTP Request

    GET http://msedge.b.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/0740036a-4e18-456d-96fa-d1d9c4ca4676?P1=1739715184&P2=404&P3=2&P4=OrsIWKshnZjx3LsCdP33g4Zrepc3dr5%2fyeHnFPOJFEissonk9DLmSC7RKHeZjsk8%2f4Myl2VjlYlwlN5iyKN4CQ%3d%3d

    HTTP Response

    206

    HTTP Request

    GET http://msedge.b.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/0740036a-4e18-456d-96fa-d1d9c4ca4676?P1=1739715184&P2=404&P3=2&P4=OrsIWKshnZjx3LsCdP33g4Zrepc3dr5%2fyeHnFPOJFEissonk9DLmSC7RKHeZjsk8%2f4Myl2VjlYlwlN5iyKN4CQ%3d%3d

    HTTP Response

    206

    HTTP Request

    GET http://msedge.b.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/0740036a-4e18-456d-96fa-d1d9c4ca4676?P1=1739715184&P2=404&P3=2&P4=OrsIWKshnZjx3LsCdP33g4Zrepc3dr5%2fyeHnFPOJFEissonk9DLmSC7RKHeZjsk8%2f4Myl2VjlYlwlN5iyKN4CQ%3d%3d

    HTTP Response

    206

    HTTP Request

    GET http://msedge.b.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/0740036a-4e18-456d-96fa-d1d9c4ca4676?P1=1739715184&P2=404&P3=2&P4=OrsIWKshnZjx3LsCdP33g4Zrepc3dr5%2fyeHnFPOJFEissonk9DLmSC7RKHeZjsk8%2f4Myl2VjlYlwlN5iyKN4CQ%3d%3d

    HTTP Response

    206

    HTTP Request

    GET http://msedge.b.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/0740036a-4e18-456d-96fa-d1d9c4ca4676?P1=1739715184&P2=404&P3=2&P4=OrsIWKshnZjx3LsCdP33g4Zrepc3dr5%2fyeHnFPOJFEissonk9DLmSC7RKHeZjsk8%2f4Myl2VjlYlwlN5iyKN4CQ%3d%3d

    HTTP Response

    206

    HTTP Request

    GET http://msedge.b.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/0740036a-4e18-456d-96fa-d1d9c4ca4676?P1=1739715184&P2=404&P3=2&P4=OrsIWKshnZjx3LsCdP33g4Zrepc3dr5%2fyeHnFPOJFEissonk9DLmSC7RKHeZjsk8%2f4Myl2VjlYlwlN5iyKN4CQ%3d%3d

    HTTP Response

    206

    HTTP Request

    GET http://msedge.b.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/0740036a-4e18-456d-96fa-d1d9c4ca4676?P1=1739715184&P2=404&P3=2&P4=OrsIWKshnZjx3LsCdP33g4Zrepc3dr5%2fyeHnFPOJFEissonk9DLmSC7RKHeZjsk8%2f4Myl2VjlYlwlN5iyKN4CQ%3d%3d

    HTTP Response

    206

    HTTP Request

    GET http://msedge.b.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/0740036a-4e18-456d-96fa-d1d9c4ca4676?P1=1739715184&P2=404&P3=2&P4=OrsIWKshnZjx3LsCdP33g4Zrepc3dr5%2fyeHnFPOJFEissonk9DLmSC7RKHeZjsk8%2f4Myl2VjlYlwlN5iyKN4CQ%3d%3d

    HTTP Response

    206

    HTTP Request

    GET http://msedge.b.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/0740036a-4e18-456d-96fa-d1d9c4ca4676?P1=1739715184&P2=404&P3=2&P4=OrsIWKshnZjx3LsCdP33g4Zrepc3dr5%2fyeHnFPOJFEissonk9DLmSC7RKHeZjsk8%2f4Myl2VjlYlwlN5iyKN4CQ%3d%3d
  • 127.0.0.1:6000
    39505bf9b61e4886a5e886d9ec0b50f00ce691c8c7c6934fdb62a90ee0eb7997.exe
  • 127.0.0.1:6000
    39505bf9b61e4886a5e886d9ec0b50f00ce691c8c7c6934fdb62a90ee0eb7997.exe
  • 127.0.0.1:6000
    39505bf9b61e4886a5e886d9ec0b50f00ce691c8c7c6934fdb62a90ee0eb7997.exe
  • 127.0.0.1:6000
    39505bf9b61e4886a5e886d9ec0b50f00ce691c8c7c6934fdb62a90ee0eb7997.exe
  • 127.0.0.1:6000
    39505bf9b61e4886a5e886d9ec0b50f00ce691c8c7c6934fdb62a90ee0eb7997.exe
  • 74.249.113.208:6000
    39505bf9b61e4886a5e886d9ec0b50f00ce691c8c7c6934fdb62a90ee0eb7997.exe
    260 B
     5
  • 74.249.113.208:6000
    39505bf9b61e4886a5e886d9ec0b50f00ce691c8c7c6934fdb62a90ee0eb7997.exe
    260 B
     5
  • 127.0.0.1:6000
    39505bf9b61e4886a5e886d9ec0b50f00ce691c8c7c6934fdb62a90ee0eb7997.exe
  • 74.249.113.208:6000
    39505bf9b61e4886a5e886d9ec0b50f00ce691c8c7c6934fdb62a90ee0eb7997.exe
    260 B
     5
  • 127.0.0.1:6000
    39505bf9b61e4886a5e886d9ec0b50f00ce691c8c7c6934fdb62a90ee0eb7997.exe
  • 127.0.0.1:6000
    39505bf9b61e4886a5e886d9ec0b50f00ce691c8c7c6934fdb62a90ee0eb7997.exe
  • 8.8.8.8:53
    g.bing.com
    dns
    56 B
     148 B
     1
    1

    DNS Request

    g.bing.com

    DNS Response

    150.171.28.10
    150.171.27.10

  • 8.8.8.8:53
    msedge.api.cdp.microsoft.com
    dns
    74 B
     158 B
     1
    1

    DNS Request

    msedge.api.cdp.microsoft.com

    DNS Response

    4.155.164.36

  • 8.8.8.8:53
    msedge.b.tlu.dl.delivery.mp.microsoft.com
    dns
    87 B
     266 B
     1
    1

    DNS Request

    msedge.b.tlu.dl.delivery.mp.microsoft.com

    DNS Response

    199.232.210.172
    199.232.214.172

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\PROGRA~2\Adobe\ACROBA~1\Reader\ACROTE~1.EXE
    Filesize

    86KB

    MD5

    3b73078a714bf61d1c19ebc3afc0e454

    SHA1

    9abeabd74613a2f533e2244c9ee6f967188e4e7e

    SHA256

    ded54d1fcca07b6bff2bc3b9a1131eac29ff1f836e5d7a7c5c325ec5abe96e29

    SHA512

    75959d4e8a7649c3268b551a2a378e6d27c0bfb03d2422ebeeb67b0a3f78c079473214057518930f2d72773ce79b106fd2d78405e8e3d8883459dcbb49c163c4

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\3582-490\39505bf9b61e4886a5e886d9ec0b50f00ce691c8c7c6934fdb62a90ee0eb7997.exe
    Filesize

    60KB

    MD5

    64c62bd8f4f6cc59800fbd0c5db24f6f

    SHA1

    d8a4cab2cfe708116347c8d45a4ed531b4bd18a9

    SHA256

    621a4767b78e23621629f3abcc77504163a9effdcd13ea9aaa561a2044bbb5fa

    SHA512

    bbc6a618eca27a2465165317afbbeb03b81200aa8662adb0049f5504534ec0c780d265419317640d06f561e1ad9ff8703a04dd2d95ca72392a88c99931523f6a

    Download Submit

  • memory/1808-128-0x0000000000400000-0x000000000041B000-memory.dmp

    Filesize

    108KB

    Download

  • memory/1808-131-0x0000000000400000-0x000000000041B000-memory.dmp

    Filesize

    108KB

    Download

  • memory/1808-132-0x0000000000400000-0x000000000041B000-memory.dmp

    Filesize

    108KB

    Download

  • memory/1808-134-0x0000000000400000-0x000000000041B000-memory.dmp

    Filesize

    108KB

    Download

  • memory/2028-13-0x00000000003A0000-0x00000000003B6000-memory.dmp

    Filesize

    88KB

    Download

  • memory/2028-12-0x00007FF9BEA43000-0x00007FF9BEA45000-memory.dmp

    Filesize

    8KB

    Download

  • memory/2028-126-0x00007FF9BEA40000-0x00007FF9BF501000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/2028-127-0x00007FF9BEA43000-0x00007FF9BEA45000-memory.dmp

    Filesize

    8KB

    Download

  • memory/2028-129-0x00007FF9BEA40000-0x00007FF9BF501000-memory.dmp

    Filesize

    10.8MB

    Download

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.