Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

JaffaCakes...4f.exe

windows7-x64

10

JaffaCakes...4f.exe

windows10-2004-x64

10

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

AKV.exe

windows7-x64

3

AKV.exe

windows10-2004-x64

8

HTV.dll

windows7-x64

3

HTV.dll

windows10-2004-x64

8

HTV.exe

windows7-x64

6

HTV.exe

windows10-2004-x64

8

HTV.dll

windows7-x64

3

HTV.dll

windows10-2004-x64

8

HTV.dll

windows7-x64

3

HTV.dll

windows10-2004-x64

8

HTV.chm

windows7-x64

1

HTV.chm

windows10-2004-x64

8

HTV.exe

windows7-x64

6

HTV.exe

windows10-2004-x64

8

Uninstall.exe

windows7-x64

7

Uninstall.exe

windows10-2004-x64

8

qs.html

windows7-x64

3

qs.html

windows10-2004-x64

8

Analysis

  • max time kernel
    148s
  • max time network
    152s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20250207-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20250207-enlocale:en-usos:windows10-2004-x64system
  • submitted
    08/02/2025, 19:31 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    HTV.exe

  • Size

    14KB

  • MD5

    661aab4571bea11f40a403b154d6dba8

  • SHA1

    731266406f6458c99bc8c1a9b3d3b7eb0d0eac6f

  • SHA256

    580e5897b0cd5ec956020f2d482dc953b57817bc83b2dfac72574e1e33c18412

  • SHA512

    b3cf1713f972839afded4b9760b615821d237d6fbab4b6215e5dc6aa964544f1d16ef9dc08f8d58e369cd91f56b3a6e06b15587b1ece4c680f3b2f98f6c2879d

  • SSDEEP

    384:ItkaCh/Mg3dy/AdMNscqXXTB4EKS40TN99AOK:okaCh/UGMJTNWTNLAx

Score
8/10
discoverypersistence

Malware Config

Signatures

  • Downloads MZ/PE file 1 IoCs
  • Adds Run key to start application 2 TTPs 1 IoCs
    persistence
  • Checks installed software on the system 1 TTPs

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • System Location Discovery: System Language Discovery 1 TTPs 2 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • System Network Configuration Discovery: Internet Connection Discovery 1 TTPs 1 IoCs

    Adversaries may check for Internet connectivity on compromised systems.

    discovery
  • Suspicious use of AdjustPrivilegeToken 2 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SendNotifyMessage 1 IoCs
  • Suspicious use of SetWindowsHookEx 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\HTV.exe
    "C:\Users\Admin\AppData\Local\Temp\HTV.exe"
    1⤵
    • Adds Run key to start application
    • System Location Discovery: System Language Discovery
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    • Suspicious use of SetWindowsHookEx
    PID:1532
  • C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
    "C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xOTUuNDMiIHNoZWxsX3ZlcnNpb249IjEuMy4xOTUuNDMiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7OEYzQ0YyRjYtMzNGMS00QzBDLUEyOTQtNTUwNzlGNTVBMEI2fSIgdXNlcmlkPSJ7QzZDRTBBMkEtQkNENC00RkUzLTk0ODgtMTk4N0ZEMEUwMDZFfSIgaW5zdGFsbHNvdXJjZT0ibGltaXRlZCIgcmVxdWVzdGlkPSJ7MTAzQjE0RDktQ0E5Qy00MUEyLThEREEtODkwRDYzOTgwNzRCfSIgZGVkdXA9ImNyIiBkb21haW5qb2luZWQ9IjAiPjxodyBsb2dpY2FsX2NwdXM9IjIiIHBoeXNtZW1vcnk9IjQiIGRpc2tfdHlwZT0iMiIgc3NlPSIxIiBzc2UyPSIxIiBzc2UzPSIxIiBzc3NlMz0iMSIgc3NlNDE9IjEiIHNzZTQyPSIxIiBhdng9IjEiLz48b3MgcGxhdGZvcm09IndpbiIgdmVyc2lvbj0iMTAuMC4xOTA0MS4xMjg4IiBzcD0iIiBhcmNoPSJ4NjQiIHByb2R1Y3RfdHlwZT0iNDgiIGlzX3dpcD0iMCIgaXNfaW5fbG9ja2Rvd25fbW9kZT0iMCIvPjxvZW0gcHJvZHVjdF9tYW51ZmFjdHVyZXI9IiIgcHJvZHVjdF9uYW1lPSIiLz48ZXhwIGV0YWc9IiZxdW90O0UreGJBejZZNnNVMTI4OWJTNnFsNFZSTGJramZCVUdUTUpzanJIcjQ0aUk9JnF1b3Q7Ii8-PGFwcCBhcHBpZD0iezhBNjlEMzQ1LUQ1NjQtNDYzYy1BRkYxLUE2OUQ5RTUzMEY5Nn0iIHZlcnNpb249IjEyMy4wLjYzMTIuMTIzIiBuZXh0dmVyc2lvbj0iIiBsYW5nPSJlbiIgYnJhbmQ9IkdHTFMiIGNsaWVudD0iIiBpbnN0YWxsYWdlPSIyIiBpbnN0YWxsZGF0ZXRpbWU9IjE3Mzg5NDcxNzgiIG9vYmVfaW5zdGFsbF90aW1lPSIxMzM4MzQxOTY4MDM3MTAwMDAiPjxldmVudCBldmVudHR5cGU9IjMxIiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIyMTc5ODYyIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSI0NzE4MDcxNTM4Ii8-PC9hcHA-PC9yZXF1ZXN0Pg
    1⤵
    • System Location Discovery: System Language Discovery
    • System Network Configuration Discovery: Internet Connection Discovery
    PID:2172

Network

  • flag-us
    DNS
    msedge.api.cdp.microsoft.com
    Remote address:
    8.8.8.8:53
    Request
    msedge.api.cdp.microsoft.com
    IN A
    Response
    msedge.api.cdp.microsoft.com
    IN CNAME
    api.cdp.microsoft.com
    api.cdp.microsoft.com
    IN CNAME
    glb.api.prod.dcat.dsp.trafficmanager.net
    glb.api.prod.dcat.dsp.trafficmanager.net
    IN A
    172.169.87.222
  • flag-us
    POST
    https://msedge.api.cdp.microsoft.com/api/v2/contents/Browser/namespaces/Default/names?action=batchupdates
    Remote address:
    172.169.87.222:443
    Request
    POST /api/v2/contents/Browser/namespaces/Default/names?action=batchupdates HTTP/2.0
    host: msedge.api.cdp.microsoft.com
    cache-control: no-cache
    pragma: no-cache
    content-type: application/json
    user-agent: Microsoft Edge Update/1.3.195.43;winhttp
    x-old-uid: {768E06D1-E60E-4702-89DB-6EE20A6A3D3E}; age=-1; cnt=2
    ms-correlationid: {8F3CF2F6-33F1-4C0C-A294-55079F55A0B6}
    ms-requestid: {760CAEBA-1F12-4821-8B77-042E5AB431C8}
    ms-cv: 9vI8j/EzDEyilFUHn1Wgtg.0
    x-last-hr: 0x0
    x-last-http-status-code: 0
    x-retry-count: 0
    x-http-attempts: 1
    content-length: 2540
    Response
    HTTP/2.0 200
    content-type: text/plain; charset=utf-8
    content-type: application/json; charset=utf-8
    date: Sun, 09 Feb 2025 22:10:42 GMT
    content-length: 298
    ms-correlationid: 8f3cf2f6-33f1-4c0c-a294-55079f55a0b6
    ms-requestid: 760caeba-1f12-4821-8b77-042e5ab431c8
    ms-cv: {8F3CF2F6-33F1-4C0C-A294-55079F55A0B6}.0
  • flag-us
    POST
    https://msedge.api.cdp.microsoft.com/api/v1.1/internal/contents/Browser/namespaces/Default/names/msedge-stable-win-x64/versions/132.0.2957.140/files?action=GenerateDownloadInfo&foregroundPriority=false
    Remote address:
    172.169.87.222:443
    Request
    POST /api/v1.1/internal/contents/Browser/namespaces/Default/names/msedge-stable-win-x64/versions/132.0.2957.140/files?action=GenerateDownloadInfo&foregroundPriority=false HTTP/2.0
    host: msedge.api.cdp.microsoft.com
    cache-control: no-cache
    pragma: no-cache
    content-type: application/json
    user-agent: Microsoft Edge Update/1.3.195.43;winhttp
    x-old-uid: {768E06D1-E60E-4702-89DB-6EE20A6A3D3E}; age=-1; cnt=2
    ms-correlationid: {8F3CF2F6-33F1-4C0C-A294-55079F55A0B6}
    ms-requestid: {0401BF01-2D15-4712-968D-0DFBFFA648E1}
    ms-cv: 9vI8j/EzDEyilFUHn1Wgtg.1
    x-last-hr: 0x0
    x-last-http-status-code: 0
    x-retry-count: 0
    x-http-attempts: 1
    content-length: 2
    Response
    HTTP/2.0 200
    content-type: text/plain; charset=utf-8
    content-type: application/json; charset=utf-8
    date: Sun, 09 Feb 2025 22:10:42 GMT
    content-length: 5341
    ms-correlationid: 8f3cf2f6-33f1-4c0c-a294-55079f55a0b6
    ms-requestid: 0401bf01-2d15-4712-968d-0dfbffa648e1
    ms-cv: {8F3CF2F6-33F1-4C0C-A294-55079F55A0B6}.0
  • flag-us
    DNS
    msedge.b.tlu.dl.delivery.mp.microsoft.com
    Remote address:
    8.8.8.8:53
    Request
    msedge.b.tlu.dl.delivery.mp.microsoft.com
    IN A
    Response
    msedge.b.tlu.dl.delivery.mp.microsoft.com
    IN CNAME
    star.b.tlu.dl.delivery.mp.microsoft.com.delivery.microsoft.com
    star.b.tlu.dl.delivery.mp.microsoft.com.delivery.microsoft.com
    IN CNAME
    cdp-f-tlu-net.trafficmanager.net
    cdp-f-tlu-net.trafficmanager.net
    IN CNAME
    wildcard.f.tlu.dl.delivery.mp.microsoft.com.edgesuite.net
    wildcard.f.tlu.dl.delivery.mp.microsoft.com.edgesuite.net
    IN CNAME
    a1847.dscd.akamai.net
    a1847.dscd.akamai.net
    IN A
    2.20.12.74
    a1847.dscd.akamai.net
    IN A
    2.20.12.95
  • flag-gb
    HEAD
    http://msedge.b.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/0740036a-4e18-456d-96fa-d1d9c4ca4676?P1=1739743843&P2=404&P3=2&P4=eRoFEPgiCgLsPmLuSc5AzPHCF8jkt239WlHxndqQaGFVNlFMZE%2bKllIoY8bU%2fkK9McTGayMJ8xxL3ZIHmFSmfg%3d%3d
    Remote address:
    2.20.12.74:80
    Request
    HEAD /filestreamingservice/files/0740036a-4e18-456d-96fa-d1d9c4ca4676?P1=1739743843&P2=404&P3=2&P4=eRoFEPgiCgLsPmLuSc5AzPHCF8jkt239WlHxndqQaGFVNlFMZE%2bKllIoY8bU%2fkK9McTGayMJ8xxL3ZIHmFSmfg%3d%3d HTTP/1.1
    Connection: Keep-Alive
    Accept: */*
    Accept-Encoding: identity
    User-Agent: Microsoft BITS/7.8
    X-Old-UID: {768E06D1-E60E-4702-89DB-6EE20A6A3D3E}; age=-1; cnt=2
    X-Last-HR: 0x80070422
    X-Last-HTTP-Status-Code: 500
    X-Retry-Count: 0
    X-HTTP-Attempts: 2
    Host: msedge.b.tlu.dl.delivery.mp.microsoft.com
    Response
    HTTP/1.1 200 OK
    Cache-Control: public, max-age=17280000
    Content-Length: 177180216
    Content-Type: application/octet-stream
    Last-Modified: Thu, 30 Jan 2025 22:24:43 GMT
    Accept-Ranges: bytes
    ETag: "Zn30nCFs7P9yX7o9FILxqytRM2k="
    Server: Microsoft-IIS/10.0
    X-AspNetMvc-Version: 5.3
    MS-CorrelationId: 57bc4fdb-5120-49b5-8001-a2329fc1e2df
    MS-RequestId: 9991e830-be9e-4e5d-a5d5-93f0bb823527
    MS-CV: CF4EFJgeEUeGqOzu.0
    X-AspNet-Version: 4.0.30319
    X-Powered-By: ASP.NET
    X-Powered-By: ARR/3.0
    X-Powered-By: ASP.NET
    Date: Sun, 09 Feb 2025 22:11:02 GMT
    Connection: keep-alive
    X-CID: 2
    X-CCC: GB
  • flag-gb
    GET
    http://msedge.b.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/0740036a-4e18-456d-96fa-d1d9c4ca4676?P1=1739743843&P2=404&P3=2&P4=eRoFEPgiCgLsPmLuSc5AzPHCF8jkt239WlHxndqQaGFVNlFMZE%2bKllIoY8bU%2fkK9McTGayMJ8xxL3ZIHmFSmfg%3d%3d
    Remote address:
    2.20.12.74:80
    Request
    GET /filestreamingservice/files/0740036a-4e18-456d-96fa-d1d9c4ca4676?P1=1739743843&P2=404&P3=2&P4=eRoFEPgiCgLsPmLuSc5AzPHCF8jkt239WlHxndqQaGFVNlFMZE%2bKllIoY8bU%2fkK9McTGayMJ8xxL3ZIHmFSmfg%3d%3d HTTP/1.1
    Connection: Keep-Alive
    Accept: */*
    Accept-Encoding: identity
    If-Unmodified-Since: Thu, 30 Jan 2025 22:24:43 GMT
    Range: bytes=0-1119
    User-Agent: Microsoft BITS/7.8
    X-Old-UID: {768E06D1-E60E-4702-89DB-6EE20A6A3D3E}; age=-1; cnt=2
    X-Last-HR: 0x80070422
    X-Last-HTTP-Status-Code: 500
    X-Retry-Count: 0
    X-HTTP-Attempts: 2
    Host: msedge.b.tlu.dl.delivery.mp.microsoft.com
    Response
    HTTP/1.1 206 Partial Content
    Cache-Control: public, max-age=17280000
    Content-Type: application/octet-stream
    Accept-Ranges: bytes
    Server: Microsoft-IIS/10.0
    X-AspNetMvc-Version: 5.3
    MS-CorrelationId: 6f60f8cc-e39b-44d3-b4d4-339059ed8366
    MS-RequestId: c8e2eff3-3eeb-4f9c-9dc9-9aaf7fc8a933
    MS-CV: y9dBBsu9vkmE74iU.0
    X-AspNet-Version: 4.0.30319
    X-Powered-By: ASP.NET
    X-Powered-By: ARR/3.0
    X-Powered-By: ASP.NET
    Last-Modified: Thu, 30 Jan 2025 22:24:43 GMT
    ETag: "Zn30nCFs7P9yX7o9FILxqytRM2k="
    Date: Sun, 09 Feb 2025 22:11:02 GMT
    Content-Range: bytes 0-1119/177180216
    Content-Length: 1120
    Connection: keep-alive
    X-CID: 2
    X-CCC: GB
  • flag-gb
    GET
    http://msedge.b.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/0740036a-4e18-456d-96fa-d1d9c4ca4676?P1=1739743843&P2=404&P3=2&P4=eRoFEPgiCgLsPmLuSc5AzPHCF8jkt239WlHxndqQaGFVNlFMZE%2bKllIoY8bU%2fkK9McTGayMJ8xxL3ZIHmFSmfg%3d%3d
    Remote address:
    2.20.12.74:80
    Request
    GET /filestreamingservice/files/0740036a-4e18-456d-96fa-d1d9c4ca4676?P1=1739743843&P2=404&P3=2&P4=eRoFEPgiCgLsPmLuSc5AzPHCF8jkt239WlHxndqQaGFVNlFMZE%2bKllIoY8bU%2fkK9McTGayMJ8xxL3ZIHmFSmfg%3d%3d HTTP/1.1
    Connection: Keep-Alive
    Accept: */*
    Accept-Encoding: identity
    If-Unmodified-Since: Thu, 30 Jan 2025 22:24:43 GMT
    Range: bytes=1120-3023
    User-Agent: Microsoft BITS/7.8
    X-Old-UID: {768E06D1-E60E-4702-89DB-6EE20A6A3D3E}; age=-1; cnt=2
    X-Last-HR: 0x80070422
    X-Last-HTTP-Status-Code: 500
    X-Retry-Count: 0
    X-HTTP-Attempts: 2
    Host: msedge.b.tlu.dl.delivery.mp.microsoft.com
    Response
    HTTP/1.1 206 Partial Content
    Cache-Control: public, max-age=17280000
    Content-Type: application/octet-stream
    Accept-Ranges: bytes
    Server: Microsoft-IIS/10.0
    X-AspNetMvc-Version: 5.3
    MS-CorrelationId: 6f60f8cc-e39b-44d3-b4d4-339059ed8366
    MS-RequestId: c8e2eff3-3eeb-4f9c-9dc9-9aaf7fc8a933
    MS-CV: y9dBBsu9vkmE74iU.0
    X-AspNet-Version: 4.0.30319
    X-Powered-By: ASP.NET
    X-Powered-By: ARR/3.0
    X-Powered-By: ASP.NET
    Last-Modified: Thu, 30 Jan 2025 22:24:43 GMT
    ETag: "Zn30nCFs7P9yX7o9FILxqytRM2k="
    Date: Sun, 09 Feb 2025 22:11:05 GMT
    Content-Range: bytes 1120-3023/177180216
    Content-Length: 1904
    Connection: keep-alive
    X-CID: 2
    X-CCC: GB
  • flag-gb
    GET
    http://msedge.b.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/0740036a-4e18-456d-96fa-d1d9c4ca4676?P1=1739743843&P2=404&P3=2&P4=eRoFEPgiCgLsPmLuSc5AzPHCF8jkt239WlHxndqQaGFVNlFMZE%2bKllIoY8bU%2fkK9McTGayMJ8xxL3ZIHmFSmfg%3d%3d
    Remote address:
    2.20.12.74:80
    Request
    GET /filestreamingservice/files/0740036a-4e18-456d-96fa-d1d9c4ca4676?P1=1739743843&P2=404&P3=2&P4=eRoFEPgiCgLsPmLuSc5AzPHCF8jkt239WlHxndqQaGFVNlFMZE%2bKllIoY8bU%2fkK9McTGayMJ8xxL3ZIHmFSmfg%3d%3d HTTP/1.1
    Connection: Keep-Alive
    Accept: */*
    Accept-Encoding: identity
    If-Unmodified-Since: Thu, 30 Jan 2025 22:24:43 GMT
    Range: bytes=3024-8491
    User-Agent: Microsoft BITS/7.8
    X-Old-UID: {768E06D1-E60E-4702-89DB-6EE20A6A3D3E}; age=-1; cnt=2
    X-Last-HR: 0x80070422
    X-Last-HTTP-Status-Code: 500
    X-Retry-Count: 0
    X-HTTP-Attempts: 2
    Host: msedge.b.tlu.dl.delivery.mp.microsoft.com
    Response
    HTTP/1.1 206 Partial Content
    Cache-Control: public, max-age=17280000
    Content-Type: application/octet-stream
    Accept-Ranges: bytes
    Server: Microsoft-IIS/10.0
    X-AspNetMvc-Version: 5.3
    MS-CorrelationId: 6f60f8cc-e39b-44d3-b4d4-339059ed8366
    MS-RequestId: c8e2eff3-3eeb-4f9c-9dc9-9aaf7fc8a933
    MS-CV: y9dBBsu9vkmE74iU.0
    X-AspNet-Version: 4.0.30319
    X-Powered-By: ASP.NET
    X-Powered-By: ARR/3.0
    X-Powered-By: ASP.NET
    Last-Modified: Thu, 30 Jan 2025 22:24:43 GMT
    ETag: "Zn30nCFs7P9yX7o9FILxqytRM2k="
    Date: Sun, 09 Feb 2025 22:11:10 GMT
    Content-Range: bytes 3024-8491/177180216
    Content-Length: 5468
    Connection: keep-alive
    X-CID: 2
    X-CCC: GB
  • flag-gb
    GET
    http://msedge.b.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/0740036a-4e18-456d-96fa-d1d9c4ca4676?P1=1739743843&P2=404&P3=2&P4=eRoFEPgiCgLsPmLuSc5AzPHCF8jkt239WlHxndqQaGFVNlFMZE%2bKllIoY8bU%2fkK9McTGayMJ8xxL3ZIHmFSmfg%3d%3d
    Remote address:
    2.20.12.74:80
    Request
    GET /filestreamingservice/files/0740036a-4e18-456d-96fa-d1d9c4ca4676?P1=1739743843&P2=404&P3=2&P4=eRoFEPgiCgLsPmLuSc5AzPHCF8jkt239WlHxndqQaGFVNlFMZE%2bKllIoY8bU%2fkK9McTGayMJ8xxL3ZIHmFSmfg%3d%3d HTTP/1.1
    Connection: Keep-Alive
    Accept: */*
    Accept-Encoding: identity
    If-Unmodified-Since: Thu, 30 Jan 2025 22:24:43 GMT
    Range: bytes=8492-18016
    User-Agent: Microsoft BITS/7.8
    X-Old-UID: {768E06D1-E60E-4702-89DB-6EE20A6A3D3E}; age=-1; cnt=2
    X-Last-HR: 0x80070422
    X-Last-HTTP-Status-Code: 500
    X-Retry-Count: 0
    X-HTTP-Attempts: 2
    Host: msedge.b.tlu.dl.delivery.mp.microsoft.com
    Response
    HTTP/1.1 206 Partial Content
    Cache-Control: public, max-age=17280000
    Content-Type: application/octet-stream
    Accept-Ranges: bytes
    Server: Microsoft-IIS/10.0
    X-AspNetMvc-Version: 5.3
    MS-CorrelationId: 6f60f8cc-e39b-44d3-b4d4-339059ed8366
    MS-RequestId: c8e2eff3-3eeb-4f9c-9dc9-9aaf7fc8a933
    MS-CV: y9dBBsu9vkmE74iU.0
    X-AspNet-Version: 4.0.30319
    X-Powered-By: ASP.NET
    X-Powered-By: ARR/3.0
    X-Powered-By: ASP.NET
    Last-Modified: Thu, 30 Jan 2025 22:24:43 GMT
    ETag: "Zn30nCFs7P9yX7o9FILxqytRM2k="
    Date: Sun, 09 Feb 2025 22:11:12 GMT
    Content-Range: bytes 8492-18016/177180216
    Content-Length: 9525
    Connection: keep-alive
    X-CID: 2
    X-CCC: GB
  • flag-gb
    GET
    http://msedge.b.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/0740036a-4e18-456d-96fa-d1d9c4ca4676?P1=1739743843&P2=404&P3=2&P4=eRoFEPgiCgLsPmLuSc5AzPHCF8jkt239WlHxndqQaGFVNlFMZE%2bKllIoY8bU%2fkK9McTGayMJ8xxL3ZIHmFSmfg%3d%3d
    Remote address:
    2.20.12.74:80
    Request
    GET /filestreamingservice/files/0740036a-4e18-456d-96fa-d1d9c4ca4676?P1=1739743843&P2=404&P3=2&P4=eRoFEPgiCgLsPmLuSc5AzPHCF8jkt239WlHxndqQaGFVNlFMZE%2bKllIoY8bU%2fkK9McTGayMJ8xxL3ZIHmFSmfg%3d%3d HTTP/1.1
    Connection: Keep-Alive
    Accept: */*
    Accept-Encoding: identity
    If-Unmodified-Since: Thu, 30 Jan 2025 22:24:43 GMT
    Range: bytes=18017-26642
    User-Agent: Microsoft BITS/7.8
    X-Old-UID: {768E06D1-E60E-4702-89DB-6EE20A6A3D3E}; age=-1; cnt=2
    X-Last-HR: 0x80070422
    X-Last-HTTP-Status-Code: 500
    X-Retry-Count: 0
    X-HTTP-Attempts: 2
    Host: msedge.b.tlu.dl.delivery.mp.microsoft.com
    Response
    HTTP/1.1 206 Partial Content
    Cache-Control: public, max-age=17280000
    Content-Type: application/octet-stream
    Accept-Ranges: bytes
    Server: Microsoft-IIS/10.0
    X-AspNetMvc-Version: 5.3
    MS-CorrelationId: 6f60f8cc-e39b-44d3-b4d4-339059ed8366
    MS-RequestId: c8e2eff3-3eeb-4f9c-9dc9-9aaf7fc8a933
    MS-CV: y9dBBsu9vkmE74iU.0
    X-AspNet-Version: 4.0.30319
    X-Powered-By: ASP.NET
    X-Powered-By: ARR/3.0
    X-Powered-By: ASP.NET
    Last-Modified: Thu, 30 Jan 2025 22:24:43 GMT
    ETag: "Zn30nCFs7P9yX7o9FILxqytRM2k="
    Date: Sun, 09 Feb 2025 22:11:13 GMT
    Content-Range: bytes 18017-26642/177180216
    Content-Length: 8626
    Connection: keep-alive
    X-CID: 2
    X-CCC: GB
  • flag-gb
    GET
    http://msedge.b.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/0740036a-4e18-456d-96fa-d1d9c4ca4676?P1=1739743843&P2=404&P3=2&P4=eRoFEPgiCgLsPmLuSc5AzPHCF8jkt239WlHxndqQaGFVNlFMZE%2bKllIoY8bU%2fkK9McTGayMJ8xxL3ZIHmFSmfg%3d%3d
    Remote address:
    2.20.12.74:80
    Request
    GET /filestreamingservice/files/0740036a-4e18-456d-96fa-d1d9c4ca4676?P1=1739743843&P2=404&P3=2&P4=eRoFEPgiCgLsPmLuSc5AzPHCF8jkt239WlHxndqQaGFVNlFMZE%2bKllIoY8bU%2fkK9McTGayMJ8xxL3ZIHmFSmfg%3d%3d HTTP/1.1
    Connection: Keep-Alive
    Accept: */*
    Accept-Encoding: identity
    If-Unmodified-Since: Thu, 30 Jan 2025 22:24:43 GMT
    Range: bytes=26643-70044
    User-Agent: Microsoft BITS/7.8
    X-Old-UID: {768E06D1-E60E-4702-89DB-6EE20A6A3D3E}; age=-1; cnt=2
    X-Last-HR: 0x80070422
    X-Last-HTTP-Status-Code: 500
    X-Retry-Count: 0
    X-HTTP-Attempts: 2
    Host: msedge.b.tlu.dl.delivery.mp.microsoft.com
    Response
    HTTP/1.1 206 Partial Content
    Cache-Control: public, max-age=17280000
    Content-Type: application/octet-stream
    Accept-Ranges: bytes
    Server: Microsoft-IIS/10.0
    X-AspNetMvc-Version: 5.3
    MS-CorrelationId: 6f60f8cc-e39b-44d3-b4d4-339059ed8366
    MS-RequestId: c8e2eff3-3eeb-4f9c-9dc9-9aaf7fc8a933
    MS-CV: y9dBBsu9vkmE74iU.0
    X-AspNet-Version: 4.0.30319
    X-Powered-By: ASP.NET
    X-Powered-By: ARR/3.0
    X-Powered-By: ASP.NET
    Last-Modified: Thu, 30 Jan 2025 22:24:43 GMT
    ETag: "Zn30nCFs7P9yX7o9FILxqytRM2k="
    Date: Sun, 09 Feb 2025 22:11:14 GMT
    Content-Range: bytes 26643-70044/177180216
    Content-Length: 43402
    Connection: keep-alive
    X-CID: 2
    X-CCC: GB
  • flag-gb
    GET
    http://msedge.b.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/0740036a-4e18-456d-96fa-d1d9c4ca4676?P1=1739743843&P2=404&P3=2&P4=eRoFEPgiCgLsPmLuSc5AzPHCF8jkt239WlHxndqQaGFVNlFMZE%2bKllIoY8bU%2fkK9McTGayMJ8xxL3ZIHmFSmfg%3d%3d
    Remote address:
    2.20.12.74:80
    Request
    GET /filestreamingservice/files/0740036a-4e18-456d-96fa-d1d9c4ca4676?P1=1739743843&P2=404&P3=2&P4=eRoFEPgiCgLsPmLuSc5AzPHCF8jkt239WlHxndqQaGFVNlFMZE%2bKllIoY8bU%2fkK9McTGayMJ8xxL3ZIHmFSmfg%3d%3d HTTP/1.1
    Connection: Keep-Alive
    Accept: */*
    Accept-Encoding: identity
    If-Unmodified-Since: Thu, 30 Jan 2025 22:24:43 GMT
    Range: bytes=70045-160426
    User-Agent: Microsoft BITS/7.8
    X-Old-UID: {768E06D1-E60E-4702-89DB-6EE20A6A3D3E}; age=-1; cnt=2
    X-Last-HR: 0x80070422
    X-Last-HTTP-Status-Code: 500
    X-Retry-Count: 0
    X-HTTP-Attempts: 2
    Host: msedge.b.tlu.dl.delivery.mp.microsoft.com
    Response
    HTTP/1.1 206 Partial Content
    Cache-Control: public, max-age=17280000
    Content-Type: application/octet-stream
    Accept-Ranges: bytes
    Server: Microsoft-IIS/10.0
    X-AspNetMvc-Version: 5.3
    MS-CorrelationId: 6f60f8cc-e39b-44d3-b4d4-339059ed8366
    MS-RequestId: c8e2eff3-3eeb-4f9c-9dc9-9aaf7fc8a933
    MS-CV: y9dBBsu9vkmE74iU.0
    X-AspNet-Version: 4.0.30319
    X-Powered-By: ASP.NET
    X-Powered-By: ARR/3.0
    X-Powered-By: ASP.NET
    Last-Modified: Thu, 30 Jan 2025 22:24:43 GMT
    ETag: "Zn30nCFs7P9yX7o9FILxqytRM2k="
    Date: Sun, 09 Feb 2025 22:11:15 GMT
    Content-Range: bytes 70045-160426/177180216
    Content-Length: 90382
    Connection: keep-alive
    X-CID: 2
    X-CCC: GB
  • flag-gb
    GET
    http://msedge.b.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/0740036a-4e18-456d-96fa-d1d9c4ca4676?P1=1739743843&P2=404&P3=2&P4=eRoFEPgiCgLsPmLuSc5AzPHCF8jkt239WlHxndqQaGFVNlFMZE%2bKllIoY8bU%2fkK9McTGayMJ8xxL3ZIHmFSmfg%3d%3d
    Remote address:
    2.20.12.74:80
    Request
    GET /filestreamingservice/files/0740036a-4e18-456d-96fa-d1d9c4ca4676?P1=1739743843&P2=404&P3=2&P4=eRoFEPgiCgLsPmLuSc5AzPHCF8jkt239WlHxndqQaGFVNlFMZE%2bKllIoY8bU%2fkK9McTGayMJ8xxL3ZIHmFSmfg%3d%3d HTTP/1.1
    Connection: Keep-Alive
    Accept: */*
    Accept-Encoding: identity
    If-Unmodified-Since: Thu, 30 Jan 2025 22:24:43 GMT
    Range: bytes=160427-171094
    User-Agent: Microsoft BITS/7.8
    X-Old-UID: {768E06D1-E60E-4702-89DB-6EE20A6A3D3E}; age=-1; cnt=2
    X-Last-HR: 0x80070422
    X-Last-HTTP-Status-Code: 500
    X-Retry-Count: 0
    X-HTTP-Attempts: 2
    Host: msedge.b.tlu.dl.delivery.mp.microsoft.com
    Response
    HTTP/1.1 206 Partial Content
    Cache-Control: public, max-age=17280000
    Content-Type: application/octet-stream
    Accept-Ranges: bytes
    Server: Microsoft-IIS/10.0
    X-AspNetMvc-Version: 5.3
    MS-CorrelationId: 6f60f8cc-e39b-44d3-b4d4-339059ed8366
    MS-RequestId: c8e2eff3-3eeb-4f9c-9dc9-9aaf7fc8a933
    MS-CV: y9dBBsu9vkmE74iU.0
    X-AspNet-Version: 4.0.30319
    X-Powered-By: ASP.NET
    X-Powered-By: ARR/3.0
    X-Powered-By: ASP.NET
    Last-Modified: Thu, 30 Jan 2025 22:24:43 GMT
    ETag: "Zn30nCFs7P9yX7o9FILxqytRM2k="
    Date: Sun, 09 Feb 2025 22:11:33 GMT
    Content-Range: bytes 160427-171094/177180216
    Content-Length: 10668
    Connection: keep-alive
    X-CID: 2
    X-CCC: GB
  • flag-gb
    GET
    http://msedge.b.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/0740036a-4e18-456d-96fa-d1d9c4ca4676?P1=1739743843&P2=404&P3=2&P4=eRoFEPgiCgLsPmLuSc5AzPHCF8jkt239WlHxndqQaGFVNlFMZE%2bKllIoY8bU%2fkK9McTGayMJ8xxL3ZIHmFSmfg%3d%3d
    Remote address:
    2.20.12.74:80
    Request
    GET /filestreamingservice/files/0740036a-4e18-456d-96fa-d1d9c4ca4676?P1=1739743843&P2=404&P3=2&P4=eRoFEPgiCgLsPmLuSc5AzPHCF8jkt239WlHxndqQaGFVNlFMZE%2bKllIoY8bU%2fkK9McTGayMJ8xxL3ZIHmFSmfg%3d%3d HTTP/1.1
    Connection: Keep-Alive
    Accept: */*
    Accept-Encoding: identity
    If-Unmodified-Since: Thu, 30 Jan 2025 22:24:43 GMT
    Range: bytes=171095-210948
    User-Agent: Microsoft BITS/7.8
    X-Old-UID: {768E06D1-E60E-4702-89DB-6EE20A6A3D3E}; age=-1; cnt=2
    X-Last-HR: 0x80070422
    X-Last-HTTP-Status-Code: 500
    X-Retry-Count: 0
    X-HTTP-Attempts: 2
    Host: msedge.b.tlu.dl.delivery.mp.microsoft.com
    Response
    HTTP/1.1 206 Partial Content
    Cache-Control: public, max-age=17280000
    Content-Type: application/octet-stream
    Accept-Ranges: bytes
    Server: Microsoft-IIS/10.0
    X-AspNetMvc-Version: 5.3
    MS-CorrelationId: 6f60f8cc-e39b-44d3-b4d4-339059ed8366
    MS-RequestId: c8e2eff3-3eeb-4f9c-9dc9-9aaf7fc8a933
    MS-CV: y9dBBsu9vkmE74iU.0
    X-AspNet-Version: 4.0.30319
    X-Powered-By: ASP.NET
    X-Powered-By: ARR/3.0
    X-Powered-By: ASP.NET
    Last-Modified: Thu, 30 Jan 2025 22:24:43 GMT
    ETag: "Zn30nCFs7P9yX7o9FILxqytRM2k="
    Date: Sun, 09 Feb 2025 22:11:34 GMT
    Content-Range: bytes 171095-210948/177180216
    Content-Length: 39854
    Connection: keep-alive
    X-CID: 2
    X-CCC: GB
  • flag-gb
    GET
    http://msedge.b.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/0740036a-4e18-456d-96fa-d1d9c4ca4676?P1=1739743843&P2=404&P3=2&P4=eRoFEPgiCgLsPmLuSc5AzPHCF8jkt239WlHxndqQaGFVNlFMZE%2bKllIoY8bU%2fkK9McTGayMJ8xxL3ZIHmFSmfg%3d%3d
    Remote address:
    2.20.12.74:80
    Request
    GET /filestreamingservice/files/0740036a-4e18-456d-96fa-d1d9c4ca4676?P1=1739743843&P2=404&P3=2&P4=eRoFEPgiCgLsPmLuSc5AzPHCF8jkt239WlHxndqQaGFVNlFMZE%2bKllIoY8bU%2fkK9McTGayMJ8xxL3ZIHmFSmfg%3d%3d HTTP/1.1
    Connection: Keep-Alive
    Accept: */*
    Accept-Encoding: identity
    If-Unmodified-Since: Thu, 30 Jan 2025 22:24:43 GMT
    Range: bytes=210949-369331
    User-Agent: Microsoft BITS/7.8
    X-Old-UID: {768E06D1-E60E-4702-89DB-6EE20A6A3D3E}; age=-1; cnt=2
    X-Last-HR: 0x80070422
    X-Last-HTTP-Status-Code: 500
    X-Retry-Count: 0
    X-HTTP-Attempts: 2
    Host: msedge.b.tlu.dl.delivery.mp.microsoft.com
    Response
    HTTP/1.1 206 Partial Content
    Cache-Control: public, max-age=17280000
    Content-Type: application/octet-stream
    Accept-Ranges: bytes
    Server: Microsoft-IIS/10.0
    X-AspNetMvc-Version: 5.3
    MS-CorrelationId: 6f60f8cc-e39b-44d3-b4d4-339059ed8366
    MS-RequestId: c8e2eff3-3eeb-4f9c-9dc9-9aaf7fc8a933
    MS-CV: y9dBBsu9vkmE74iU.0
    X-AspNet-Version: 4.0.30319
    X-Powered-By: ASP.NET
    X-Powered-By: ARR/3.0
    X-Powered-By: ASP.NET
    Last-Modified: Thu, 30 Jan 2025 22:24:43 GMT
    ETag: "Zn30nCFs7P9yX7o9FILxqytRM2k="
    Date: Sun, 09 Feb 2025 22:11:35 GMT
    Content-Range: bytes 210949-369331/177180216
    Content-Length: 158383
    Connection: keep-alive
    X-CID: 2
    X-CCC: GB
  • flag-gb
    GET
    http://msedge.b.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/0740036a-4e18-456d-96fa-d1d9c4ca4676?P1=1739743843&P2=404&P3=2&P4=eRoFEPgiCgLsPmLuSc5AzPHCF8jkt239WlHxndqQaGFVNlFMZE%2bKllIoY8bU%2fkK9McTGayMJ8xxL3ZIHmFSmfg%3d%3d
    Remote address:
    2.20.12.74:80
    Request
    GET /filestreamingservice/files/0740036a-4e18-456d-96fa-d1d9c4ca4676?P1=1739743843&P2=404&P3=2&P4=eRoFEPgiCgLsPmLuSc5AzPHCF8jkt239WlHxndqQaGFVNlFMZE%2bKllIoY8bU%2fkK9McTGayMJ8xxL3ZIHmFSmfg%3d%3d HTTP/1.1
    Connection: Keep-Alive
    Accept: */*
    Accept-Encoding: identity
    If-Unmodified-Since: Thu, 30 Jan 2025 22:24:43 GMT
    Range: bytes=369332-689774
    User-Agent: Microsoft BITS/7.8
    X-Old-UID: {768E06D1-E60E-4702-89DB-6EE20A6A3D3E}; age=-1; cnt=2
    X-Last-HR: 0x80070422
    X-Last-HTTP-Status-Code: 500
    X-Retry-Count: 0
    X-HTTP-Attempts: 2
    Host: msedge.b.tlu.dl.delivery.mp.microsoft.com
    Response
    HTTP/1.1 206 Partial Content
    Cache-Control: public, max-age=17280000
    Content-Type: application/octet-stream
    Accept-Ranges: bytes
    Server: Microsoft-IIS/10.0
    X-AspNetMvc-Version: 5.3
    MS-CorrelationId: 6f60f8cc-e39b-44d3-b4d4-339059ed8366
    MS-RequestId: c8e2eff3-3eeb-4f9c-9dc9-9aaf7fc8a933
    MS-CV: y9dBBsu9vkmE74iU.0
    X-AspNet-Version: 4.0.30319
    X-Powered-By: ASP.NET
    X-Powered-By: ARR/3.0
    X-Powered-By: ASP.NET
    Last-Modified: Thu, 30 Jan 2025 22:24:43 GMT
    ETag: "Zn30nCFs7P9yX7o9FILxqytRM2k="
    Date: Sun, 09 Feb 2025 22:11:36 GMT
    Content-Range: bytes 369332-689774/177180216
    Content-Length: 320443
    Connection: keep-alive
    X-CID: 2
    X-CCC: GB
  • flag-gb
    GET
    http://msedge.b.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/0740036a-4e18-456d-96fa-d1d9c4ca4676?P1=1739743843&P2=404&P3=2&P4=eRoFEPgiCgLsPmLuSc5AzPHCF8jkt239WlHxndqQaGFVNlFMZE%2bKllIoY8bU%2fkK9McTGayMJ8xxL3ZIHmFSmfg%3d%3d
    Remote address:
    2.20.12.74:80
    Request
    GET /filestreamingservice/files/0740036a-4e18-456d-96fa-d1d9c4ca4676?P1=1739743843&P2=404&P3=2&P4=eRoFEPgiCgLsPmLuSc5AzPHCF8jkt239WlHxndqQaGFVNlFMZE%2bKllIoY8bU%2fkK9McTGayMJ8xxL3ZIHmFSmfg%3d%3d HTTP/1.1
    Connection: Keep-Alive
    Accept: */*
    Accept-Encoding: identity
    If-Unmodified-Since: Thu, 30 Jan 2025 22:24:43 GMT
    Range: bytes=689775-1276644
    User-Agent: Microsoft BITS/7.8
    X-Old-UID: {768E06D1-E60E-4702-89DB-6EE20A6A3D3E}; age=-1; cnt=2
    X-Last-HR: 0x80070422
    X-Last-HTTP-Status-Code: 500
    X-Retry-Count: 0
    X-HTTP-Attempts: 2
    Host: msedge.b.tlu.dl.delivery.mp.microsoft.com
    Response
    HTTP/1.1 206 Partial Content
    Cache-Control: public, max-age=17280000
    Content-Type: application/octet-stream
    Accept-Ranges: bytes
    Server: Microsoft-IIS/10.0
    X-AspNetMvc-Version: 5.3
    MS-CorrelationId: 6f60f8cc-e39b-44d3-b4d4-339059ed8366
    MS-RequestId: c8e2eff3-3eeb-4f9c-9dc9-9aaf7fc8a933
    MS-CV: y9dBBsu9vkmE74iU.0
    X-AspNet-Version: 4.0.30319
    X-Powered-By: ASP.NET
    X-Powered-By: ARR/3.0
    X-Powered-By: ASP.NET
    Last-Modified: Thu, 30 Jan 2025 22:24:43 GMT
    ETag: "Zn30nCFs7P9yX7o9FILxqytRM2k="
    Date: Sun, 09 Feb 2025 22:11:38 GMT
    Content-Range: bytes 689775-1276644/177180216
    Content-Length: 586870
    Connection: keep-alive
    X-CID: 2
    X-CCC: GB
  • flag-gb
    GET
    http://msedge.b.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/0740036a-4e18-456d-96fa-d1d9c4ca4676?P1=1739743843&P2=404&P3=2&P4=eRoFEPgiCgLsPmLuSc5AzPHCF8jkt239WlHxndqQaGFVNlFMZE%2bKllIoY8bU%2fkK9McTGayMJ8xxL3ZIHmFSmfg%3d%3d
    Remote address:
    2.20.12.74:80
    Request
    GET /filestreamingservice/files/0740036a-4e18-456d-96fa-d1d9c4ca4676?P1=1739743843&P2=404&P3=2&P4=eRoFEPgiCgLsPmLuSc5AzPHCF8jkt239WlHxndqQaGFVNlFMZE%2bKllIoY8bU%2fkK9McTGayMJ8xxL3ZIHmFSmfg%3d%3d HTTP/1.1
    Connection: Keep-Alive
    Accept: */*
    Accept-Encoding: identity
    If-Unmodified-Since: Thu, 30 Jan 2025 22:24:43 GMT
    Range: bytes=1276645-1691287
    User-Agent: Microsoft BITS/7.8
    X-Old-UID: {768E06D1-E60E-4702-89DB-6EE20A6A3D3E}; age=-1; cnt=2
    X-Last-HR: 0x80070422
    X-Last-HTTP-Status-Code: 500
    X-Retry-Count: 0
    X-HTTP-Attempts: 2
    Host: msedge.b.tlu.dl.delivery.mp.microsoft.com
    Response
    HTTP/1.1 206 Partial Content
    Cache-Control: public, max-age=17280000
    Content-Type: application/octet-stream
    Accept-Ranges: bytes
    Server: Microsoft-IIS/10.0
    X-AspNetMvc-Version: 5.3
    MS-CorrelationId: 6f60f8cc-e39b-44d3-b4d4-339059ed8366
    MS-RequestId: c8e2eff3-3eeb-4f9c-9dc9-9aaf7fc8a933
    MS-CV: y9dBBsu9vkmE74iU.0
    X-AspNet-Version: 4.0.30319
    X-Powered-By: ASP.NET
    X-Powered-By: ARR/3.0
    X-Powered-By: ASP.NET
    Last-Modified: Thu, 30 Jan 2025 22:24:43 GMT
    ETag: "Zn30nCFs7P9yX7o9FILxqytRM2k="
    Date: Sun, 09 Feb 2025 22:11:49 GMT
    Content-Range: bytes 1276645-1691287/177180216
    Content-Length: 414643
    Connection: keep-alive
    X-CID: 2
    X-CCC: GB
  • flag-gb
    GET
    http://msedge.b.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/0740036a-4e18-456d-96fa-d1d9c4ca4676?P1=1739743843&P2=404&P3=2&P4=eRoFEPgiCgLsPmLuSc5AzPHCF8jkt239WlHxndqQaGFVNlFMZE%2bKllIoY8bU%2fkK9McTGayMJ8xxL3ZIHmFSmfg%3d%3d
    Remote address:
    2.20.12.74:80
    Request
    GET /filestreamingservice/files/0740036a-4e18-456d-96fa-d1d9c4ca4676?P1=1739743843&P2=404&P3=2&P4=eRoFEPgiCgLsPmLuSc5AzPHCF8jkt239WlHxndqQaGFVNlFMZE%2bKllIoY8bU%2fkK9McTGayMJ8xxL3ZIHmFSmfg%3d%3d HTTP/1.1
    Connection: Keep-Alive
    Accept: */*
    Accept-Encoding: identity
    If-Unmodified-Since: Thu, 30 Jan 2025 22:24:43 GMT
    Range: bytes=1691288-2540297
    User-Agent: Microsoft BITS/7.8
    X-Old-UID: {768E06D1-E60E-4702-89DB-6EE20A6A3D3E}; age=-1; cnt=2
    X-Last-HR: 0x80070422
    X-Last-HTTP-Status-Code: 500
    X-Retry-Count: 0
    X-HTTP-Attempts: 2
    Host: msedge.b.tlu.dl.delivery.mp.microsoft.com
    Response
    HTTP/1.1 206 Partial Content
    Cache-Control: public, max-age=17280000
    Content-Type: application/octet-stream
    Accept-Ranges: bytes
    Server: Microsoft-IIS/10.0
    X-AspNetMvc-Version: 5.3
    MS-CorrelationId: 6f60f8cc-e39b-44d3-b4d4-339059ed8366
    MS-RequestId: c8e2eff3-3eeb-4f9c-9dc9-9aaf7fc8a933
    MS-CV: y9dBBsu9vkmE74iU.0
    X-AspNet-Version: 4.0.30319
    X-Powered-By: ASP.NET
    X-Powered-By: ARR/3.0
    X-Powered-By: ASP.NET
    Last-Modified: Thu, 30 Jan 2025 22:24:43 GMT
    ETag: "Zn30nCFs7P9yX7o9FILxqytRM2k="
    Date: Sun, 09 Feb 2025 22:11:49 GMT
    Content-Range: bytes 1691288-2540297/177180216
    Content-Length: 849010
    Connection: keep-alive
    X-CID: 2
    X-CCC: GB
  • flag-gb
    GET
    http://msedge.b.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/0740036a-4e18-456d-96fa-d1d9c4ca4676?P1=1739743843&P2=404&P3=2&P4=eRoFEPgiCgLsPmLuSc5AzPHCF8jkt239WlHxndqQaGFVNlFMZE%2bKllIoY8bU%2fkK9McTGayMJ8xxL3ZIHmFSmfg%3d%3d
    Remote address:
    2.20.12.74:80
    Request
    GET /filestreamingservice/files/0740036a-4e18-456d-96fa-d1d9c4ca4676?P1=1739743843&P2=404&P3=2&P4=eRoFEPgiCgLsPmLuSc5AzPHCF8jkt239WlHxndqQaGFVNlFMZE%2bKllIoY8bU%2fkK9McTGayMJ8xxL3ZIHmFSmfg%3d%3d HTTP/1.1
    Connection: Keep-Alive
    Accept: */*
    Accept-Encoding: identity
    If-Unmodified-Since: Thu, 30 Jan 2025 22:24:43 GMT
    Range: bytes=2540298-3745457
    User-Agent: Microsoft BITS/7.8
    X-Old-UID: {768E06D1-E60E-4702-89DB-6EE20A6A3D3E}; age=-1; cnt=2
    X-Last-HR: 0x80070422
    X-Last-HTTP-Status-Code: 500
    X-Retry-Count: 0
    X-HTTP-Attempts: 2
    Host: msedge.b.tlu.dl.delivery.mp.microsoft.com
    Response
    HTTP/1.1 206 Partial Content
    Cache-Control: public, max-age=17280000
    Content-Type: application/octet-stream
    Accept-Ranges: bytes
    Server: Microsoft-IIS/10.0
    X-AspNetMvc-Version: 5.3
    MS-CorrelationId: 6f60f8cc-e39b-44d3-b4d4-339059ed8366
    MS-RequestId: c8e2eff3-3eeb-4f9c-9dc9-9aaf7fc8a933
    MS-CV: y9dBBsu9vkmE74iU.0
    X-AspNet-Version: 4.0.30319
    X-Powered-By: ASP.NET
    X-Powered-By: ARR/3.0
    X-Powered-By: ASP.NET
    Last-Modified: Thu, 30 Jan 2025 22:24:43 GMT
    ETag: "Zn30nCFs7P9yX7o9FILxqytRM2k="
    Date: Sun, 09 Feb 2025 22:11:50 GMT
    Content-Range: bytes 2540298-3745457/177180216
    Content-Length: 1205160
    Connection: keep-alive
    X-CID: 2
    X-CCC: GB
  • flag-gb
    GET
    http://msedge.b.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/0740036a-4e18-456d-96fa-d1d9c4ca4676?P1=1739743843&P2=404&P3=2&P4=eRoFEPgiCgLsPmLuSc5AzPHCF8jkt239WlHxndqQaGFVNlFMZE%2bKllIoY8bU%2fkK9McTGayMJ8xxL3ZIHmFSmfg%3d%3d
    Remote address:
    2.20.12.74:80
    Request
    GET /filestreamingservice/files/0740036a-4e18-456d-96fa-d1d9c4ca4676?P1=1739743843&P2=404&P3=2&P4=eRoFEPgiCgLsPmLuSc5AzPHCF8jkt239WlHxndqQaGFVNlFMZE%2bKllIoY8bU%2fkK9McTGayMJ8xxL3ZIHmFSmfg%3d%3d HTTP/1.1
    Connection: Keep-Alive
    Accept: */*
    Accept-Encoding: identity
    If-Unmodified-Since: Thu, 30 Jan 2025 22:24:43 GMT
    Range: bytes=3745458-6098552
    User-Agent: Microsoft BITS/7.8
    X-Old-UID: {768E06D1-E60E-4702-89DB-6EE20A6A3D3E}; age=-1; cnt=2
    X-Last-HR: 0x80070422
    X-Last-HTTP-Status-Code: 500
    X-Retry-Count: 0
    X-HTTP-Attempts: 2
    Host: msedge.b.tlu.dl.delivery.mp.microsoft.com
    Response
    HTTP/1.1 206 Partial Content
    Cache-Control: public, max-age=17280000
    Content-Type: application/octet-stream
    Accept-Ranges: bytes
    Server: Microsoft-IIS/10.0
    X-AspNetMvc-Version: 5.3
    MS-CorrelationId: 6f60f8cc-e39b-44d3-b4d4-339059ed8366
    MS-RequestId: c8e2eff3-3eeb-4f9c-9dc9-9aaf7fc8a933
    MS-CV: y9dBBsu9vkmE74iU.0
    X-AspNet-Version: 4.0.30319
    X-Powered-By: ASP.NET
    X-Powered-By: ARR/3.0
    X-Powered-By: ASP.NET
    Last-Modified: Thu, 30 Jan 2025 22:24:43 GMT
    ETag: "Zn30nCFs7P9yX7o9FILxqytRM2k="
    Date: Sun, 09 Feb 2025 22:11:51 GMT
    Content-Range: bytes 3745458-6098552/177180216
    Content-Length: 2353095
    Connection: keep-alive
    X-CID: 2
    X-CCC: GB
  • flag-gb
    GET
    http://msedge.b.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/0740036a-4e18-456d-96fa-d1d9c4ca4676?P1=1739743843&P2=404&P3=2&P4=eRoFEPgiCgLsPmLuSc5AzPHCF8jkt239WlHxndqQaGFVNlFMZE%2bKllIoY8bU%2fkK9McTGayMJ8xxL3ZIHmFSmfg%3d%3d
    Remote address:
    2.20.12.74:80
    Request
    GET /filestreamingservice/files/0740036a-4e18-456d-96fa-d1d9c4ca4676?P1=1739743843&P2=404&P3=2&P4=eRoFEPgiCgLsPmLuSc5AzPHCF8jkt239WlHxndqQaGFVNlFMZE%2bKllIoY8bU%2fkK9McTGayMJ8xxL3ZIHmFSmfg%3d%3d HTTP/1.1
    Connection: Keep-Alive
    Accept: */*
    Accept-Encoding: identity
    If-Unmodified-Since: Thu, 30 Jan 2025 22:24:43 GMT
    Range: bytes=6098553-7900652
    User-Agent: Microsoft BITS/7.8
    X-Old-UID: {768E06D1-E60E-4702-89DB-6EE20A6A3D3E}; age=-1; cnt=2
    X-Last-HR: 0x80070422
    X-Last-HTTP-Status-Code: 500
    X-Retry-Count: 0
    X-HTTP-Attempts: 2
    Host: msedge.b.tlu.dl.delivery.mp.microsoft.com
    Response
    HTTP/1.1 206 Partial Content
    Cache-Control: public, max-age=17280000
    Content-Type: application/octet-stream
    Accept-Ranges: bytes
    Server: Microsoft-IIS/10.0
    X-AspNetMvc-Version: 5.3
    MS-CorrelationId: 6f60f8cc-e39b-44d3-b4d4-339059ed8366
    MS-RequestId: c8e2eff3-3eeb-4f9c-9dc9-9aaf7fc8a933
    MS-CV: y9dBBsu9vkmE74iU.0
    X-AspNet-Version: 4.0.30319
    X-Powered-By: ASP.NET
    X-Powered-By: ARR/3.0
    X-Powered-By: ASP.NET
    Last-Modified: Thu, 30 Jan 2025 22:24:43 GMT
    ETag: "Zn30nCFs7P9yX7o9FILxqytRM2k="
    Date: Sun, 09 Feb 2025 22:11:54 GMT
    Content-Range: bytes 6098553-7900652/177180216
    Content-Length: 1802100
    Connection: keep-alive
    X-CID: 2
    X-CCC: GB
  • 172.169.87.222:443
    https://msedge.api.cdp.microsoft.com/api/v1.1/internal/contents/Browser/namespaces/Default/names/msedge-stable-win-x64/versions/132.0.2957.140/files?action=GenerateDownloadInfo&foregroundPriority=false
    tls, http2
    4.6kB
     11.0kB
     20
    20

    HTTP Request

    POST https://msedge.api.cdp.microsoft.com/api/v2/contents/Browser/namespaces/Default/names?action=batchupdates

    HTTP Response

    200

    HTTP Request

    POST https://msedge.api.cdp.microsoft.com/api/v1.1/internal/contents/Browser/namespaces/Default/names/msedge-stable-win-x64/versions/132.0.2957.140/files?action=GenerateDownloadInfo&foregroundPriority=false

    HTTP Response

    200
  • 2.20.12.74:80
    http://msedge.b.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/0740036a-4e18-456d-96fa-d1d9c4ca4676?P1=1739743843&P2=404&P3=2&P4=eRoFEPgiCgLsPmLuSc5AzPHCF8jkt239WlHxndqQaGFVNlFMZE%2bKllIoY8bU%2fkK9McTGayMJ8xxL3ZIHmFSmfg%3d%3d
    http
    305.2kB
     6.5MB
     4288
    4932

    HTTP Request

    HEAD http://msedge.b.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/0740036a-4e18-456d-96fa-d1d9c4ca4676?P1=1739743843&P2=404&P3=2&P4=eRoFEPgiCgLsPmLuSc5AzPHCF8jkt239WlHxndqQaGFVNlFMZE%2bKllIoY8bU%2fkK9McTGayMJ8xxL3ZIHmFSmfg%3d%3d

    HTTP Response

    200

    HTTP Request

    GET http://msedge.b.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/0740036a-4e18-456d-96fa-d1d9c4ca4676?P1=1739743843&P2=404&P3=2&P4=eRoFEPgiCgLsPmLuSc5AzPHCF8jkt239WlHxndqQaGFVNlFMZE%2bKllIoY8bU%2fkK9McTGayMJ8xxL3ZIHmFSmfg%3d%3d

    HTTP Response

    206

    HTTP Request

    GET http://msedge.b.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/0740036a-4e18-456d-96fa-d1d9c4ca4676?P1=1739743843&P2=404&P3=2&P4=eRoFEPgiCgLsPmLuSc5AzPHCF8jkt239WlHxndqQaGFVNlFMZE%2bKllIoY8bU%2fkK9McTGayMJ8xxL3ZIHmFSmfg%3d%3d

    HTTP Response

    206

    HTTP Request

    GET http://msedge.b.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/0740036a-4e18-456d-96fa-d1d9c4ca4676?P1=1739743843&P2=404&P3=2&P4=eRoFEPgiCgLsPmLuSc5AzPHCF8jkt239WlHxndqQaGFVNlFMZE%2bKllIoY8bU%2fkK9McTGayMJ8xxL3ZIHmFSmfg%3d%3d

    HTTP Response

    206

    HTTP Request

    GET http://msedge.b.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/0740036a-4e18-456d-96fa-d1d9c4ca4676?P1=1739743843&P2=404&P3=2&P4=eRoFEPgiCgLsPmLuSc5AzPHCF8jkt239WlHxndqQaGFVNlFMZE%2bKllIoY8bU%2fkK9McTGayMJ8xxL3ZIHmFSmfg%3d%3d

    HTTP Response

    206

    HTTP Request

    GET http://msedge.b.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/0740036a-4e18-456d-96fa-d1d9c4ca4676?P1=1739743843&P2=404&P3=2&P4=eRoFEPgiCgLsPmLuSc5AzPHCF8jkt239WlHxndqQaGFVNlFMZE%2bKllIoY8bU%2fkK9McTGayMJ8xxL3ZIHmFSmfg%3d%3d

    HTTP Response

    206

    HTTP Request

    GET http://msedge.b.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/0740036a-4e18-456d-96fa-d1d9c4ca4676?P1=1739743843&P2=404&P3=2&P4=eRoFEPgiCgLsPmLuSc5AzPHCF8jkt239WlHxndqQaGFVNlFMZE%2bKllIoY8bU%2fkK9McTGayMJ8xxL3ZIHmFSmfg%3d%3d

    HTTP Response

    206

    HTTP Request

    GET http://msedge.b.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/0740036a-4e18-456d-96fa-d1d9c4ca4676?P1=1739743843&P2=404&P3=2&P4=eRoFEPgiCgLsPmLuSc5AzPHCF8jkt239WlHxndqQaGFVNlFMZE%2bKllIoY8bU%2fkK9McTGayMJ8xxL3ZIHmFSmfg%3d%3d

    HTTP Response

    206

    HTTP Request

    GET http://msedge.b.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/0740036a-4e18-456d-96fa-d1d9c4ca4676?P1=1739743843&P2=404&P3=2&P4=eRoFEPgiCgLsPmLuSc5AzPHCF8jkt239WlHxndqQaGFVNlFMZE%2bKllIoY8bU%2fkK9McTGayMJ8xxL3ZIHmFSmfg%3d%3d

    HTTP Response

    206

    HTTP Request

    GET http://msedge.b.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/0740036a-4e18-456d-96fa-d1d9c4ca4676?P1=1739743843&P2=404&P3=2&P4=eRoFEPgiCgLsPmLuSc5AzPHCF8jkt239WlHxndqQaGFVNlFMZE%2bKllIoY8bU%2fkK9McTGayMJ8xxL3ZIHmFSmfg%3d%3d

    HTTP Response

    206

    HTTP Request

    GET http://msedge.b.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/0740036a-4e18-456d-96fa-d1d9c4ca4676?P1=1739743843&P2=404&P3=2&P4=eRoFEPgiCgLsPmLuSc5AzPHCF8jkt239WlHxndqQaGFVNlFMZE%2bKllIoY8bU%2fkK9McTGayMJ8xxL3ZIHmFSmfg%3d%3d

    HTTP Response

    206

    HTTP Request

    GET http://msedge.b.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/0740036a-4e18-456d-96fa-d1d9c4ca4676?P1=1739743843&P2=404&P3=2&P4=eRoFEPgiCgLsPmLuSc5AzPHCF8jkt239WlHxndqQaGFVNlFMZE%2bKllIoY8bU%2fkK9McTGayMJ8xxL3ZIHmFSmfg%3d%3d

    HTTP Response

    206

    HTTP Request

    GET http://msedge.b.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/0740036a-4e18-456d-96fa-d1d9c4ca4676?P1=1739743843&P2=404&P3=2&P4=eRoFEPgiCgLsPmLuSc5AzPHCF8jkt239WlHxndqQaGFVNlFMZE%2bKllIoY8bU%2fkK9McTGayMJ8xxL3ZIHmFSmfg%3d%3d

    HTTP Response

    206

    HTTP Request

    GET http://msedge.b.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/0740036a-4e18-456d-96fa-d1d9c4ca4676?P1=1739743843&P2=404&P3=2&P4=eRoFEPgiCgLsPmLuSc5AzPHCF8jkt239WlHxndqQaGFVNlFMZE%2bKllIoY8bU%2fkK9McTGayMJ8xxL3ZIHmFSmfg%3d%3d

    HTTP Response

    206

    HTTP Request

    GET http://msedge.b.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/0740036a-4e18-456d-96fa-d1d9c4ca4676?P1=1739743843&P2=404&P3=2&P4=eRoFEPgiCgLsPmLuSc5AzPHCF8jkt239WlHxndqQaGFVNlFMZE%2bKllIoY8bU%2fkK9McTGayMJ8xxL3ZIHmFSmfg%3d%3d

    HTTP Response

    206

    HTTP Request

    GET http://msedge.b.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/0740036a-4e18-456d-96fa-d1d9c4ca4676?P1=1739743843&P2=404&P3=2&P4=eRoFEPgiCgLsPmLuSc5AzPHCF8jkt239WlHxndqQaGFVNlFMZE%2bKllIoY8bU%2fkK9McTGayMJ8xxL3ZIHmFSmfg%3d%3d

    HTTP Response

    206

    HTTP Request

    GET http://msedge.b.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/0740036a-4e18-456d-96fa-d1d9c4ca4676?P1=1739743843&P2=404&P3=2&P4=eRoFEPgiCgLsPmLuSc5AzPHCF8jkt239WlHxndqQaGFVNlFMZE%2bKllIoY8bU%2fkK9McTGayMJ8xxL3ZIHmFSmfg%3d%3d

    HTTP Response

    206

    HTTP Request

    GET http://msedge.b.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/0740036a-4e18-456d-96fa-d1d9c4ca4676?P1=1739743843&P2=404&P3=2&P4=eRoFEPgiCgLsPmLuSc5AzPHCF8jkt239WlHxndqQaGFVNlFMZE%2bKllIoY8bU%2fkK9McTGayMJ8xxL3ZIHmFSmfg%3d%3d

    HTTP Response

    206
  • 8.8.8.8:53
    msedge.api.cdp.microsoft.com
    dns
    74 B
     158 B
     1
    1

    DNS Request

    msedge.api.cdp.microsoft.com

    DNS Response

    172.169.87.222

  • 8.8.8.8:53
    msedge.b.tlu.dl.delivery.mp.microsoft.com
    dns
    87 B
     328 B
     1
    1

    DNS Request

    msedge.b.tlu.dl.delivery.mp.microsoft.com

    DNS Response

    2.20.12.74
    2.20.12.95

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1532-1-0x0000000000520000-0x0000000000521000-memory.dmp

    Filesize

    4KB

    Download

  • memory/1532-6-0x0000000000520000-0x0000000000521000-memory.dmp

    Filesize

    4KB

    Download

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.