Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

3bf45d9e1a...ac.exe

windows7-x64

10

3bf45d9e1a...ac.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    133s
  • max time network
    152s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20250207-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20250207-enlocale:en-usos:windows10-2004-x64system
  • submitted
    16/02/2025, 02:23 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    3bf45d9e1a4948475d8770f14d50fcf227eb60484f892fab04896e95c16fe8ac.exe

  • Size

    6.3MB

  • MD5

    368e676306818d9266f0d4948e0eb541

  • SHA1

    4d67aef52ca4ff56130990bd789ba99887e8094f

  • SHA256

    3bf45d9e1a4948475d8770f14d50fcf227eb60484f892fab04896e95c16fe8ac

  • SHA512

    d9f0f7ce266411e3493d1c617d6d322beeed05704cd30689cd3e4f95c7f3d47ec2ab0704c17094a94dc4b2059bbd088df77751ed782d3aac06893319bd650d16

  • SSDEEP

    98304:yuDuKIqCMOWkhl9mPIiyZlpVbawv+MqdEjDYPVakdiNV2:5DuK7XOWXDyZlbVoVasiG

Score
10/10
cryptbotdefense_evasiondiscoveryspywarestealer

Malware Config

Extracted

Family

cryptbot

C2

http://home.fivejj5sr.top/fWukggcxTlVTnBnJjsCp17

Signatures

  • CryptBot

    CryptBot is a C++ stealer distributed widely in bundle with other software.

    spywarestealercryptbot
  • Cryptbot family
    cryptbot
  • Enumerates VirtualBox registry keys 2 TTPs 1 IoCs
    defense_evasion
  • Identifies VirtualBox via ACPI registry values (likely anti-VM) 2 TTPs 1 IoCs
    defense_evasion
  • Downloads MZ/PE file 1 IoCs
  • Checks BIOS information in registry 2 TTPs 2 IoCs

    BIOS information is often read in order to detect sandboxing environments.

  • Identifies Wine through registry keys 2 TTPs 1 IoCs

    Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.

    defense_evasion
  • Checks installed software on the system 1 TTPs

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery
  • Suspicious use of NtSetInformationThreadHideFromDebugger 1 IoCs
  • System Location Discovery: System Language Discovery 1 TTPs 2 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • System Network Configuration Discovery: Internet Connection Discovery 1 TTPs 1 IoCs

    Adversaries may check for Internet connectivity on compromised systems.

    discovery
  • Suspicious behavior: EnumeratesProcesses 10 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\3bf45d9e1a4948475d8770f14d50fcf227eb60484f892fab04896e95c16fe8ac.exe
    "C:\Users\Admin\AppData\Local\Temp\3bf45d9e1a4948475d8770f14d50fcf227eb60484f892fab04896e95c16fe8ac.exe"
    1⤵
    • Enumerates VirtualBox registry keys
    • Identifies VirtualBox via ACPI registry values (likely anti-VM)
    • Checks BIOS information in registry
    • Identifies Wine through registry keys
    • Suspicious use of NtSetInformationThreadHideFromDebugger
    • System Location Discovery: System Language Discovery
    • Suspicious behavior: EnumeratesProcesses
    PID:3008
  • C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
    "C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xOTUuNDMiIHNoZWxsX3ZlcnNpb249IjEuMy4xOTUuNDMiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7MTdFODNCMzgtNDE3Mi00QjUzLTg3OTQtQzEyMEUyMTI4MkIzfSIgdXNlcmlkPSJ7MDM1QjAxQTgtQkM5RS00NjBGLUE2OTUtMjc2NEZGMEU2RUM5fSIgaW5zdGFsbHNvdXJjZT0ibGltaXRlZCIgcmVxdWVzdGlkPSJ7NTVBNzQ1MEUtMkE1MS00MjcyLUE2NzAtMjYwRjY3NzhFNjg3fSIgZGVkdXA9ImNyIiBkb21haW5qb2luZWQ9IjAiPjxodyBsb2dpY2FsX2NwdXM9IjIiIHBoeXNtZW1vcnk9IjQiIGRpc2tfdHlwZT0iMiIgc3NlPSIxIiBzc2UyPSIxIiBzc2UzPSIxIiBzc3NlMz0iMSIgc3NlNDE9IjEiIHNzZTQyPSIxIiBhdng9IjEiLz48b3MgcGxhdGZvcm09IndpbiIgdmVyc2lvbj0iMTAuMC4xOTA0MS4xMjg4IiBzcD0iIiBhcmNoPSJ4NjQiIHByb2R1Y3RfdHlwZT0iNDgiIGlzX3dpcD0iMCIgaXNfaW5fbG9ja2Rvd25fbW9kZT0iMCIvPjxvZW0gcHJvZHVjdF9tYW51ZmFjdHVyZXI9IiIgcHJvZHVjdF9uYW1lPSIiLz48ZXhwIGV0YWc9IiZxdW90O0UreGJBejZZNnNVMTI4OWJTNnFsNFZSTGJramZCVUdUTUpzanJIcjQ0aUk9JnF1b3Q7Ii8-PGFwcCBhcHBpZD0iezhBNjlEMzQ1LUQ1NjQtNDYzYy1BRkYxLUE2OUQ5RTUzMEY5Nn0iIHZlcnNpb249IjEyMy4wLjYzMTIuMTIzIiBuZXh0dmVyc2lvbj0iIiBsYW5nPSJlbiIgYnJhbmQ9IkdHTFMiIGNsaWVudD0iIiBpbnN0YWxsYWdlPSI4IiBpbnN0YWxsZGF0ZXRpbWU9IjE3Mzg5NDU5ODUiIG9vYmVfaW5zdGFsbF90aW1lPSIxMzM4MzQxODQ0NDQzNjAwMDAiPjxldmVudCBldmVudHR5cGU9IjMxIiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIyMTc5ODYyIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSI1MjI2OTI4NjAyIi8-PC9hcHA-PC9yZXF1ZXN0Pg
    1⤵
    • System Location Discovery: System Language Discovery
    • System Network Configuration Discovery: Internet Connection Discovery
    PID:4264

Network

  • flag-us
    DNS
    httpbin.org
    3bf45d9e1a4948475d8770f14d50fcf227eb60484f892fab04896e95c16fe8ac.exe
    Remote address:
    8.8.8.8:53
    Request
    httpbin.org
    IN A
    Response
  • flag-us
    DNS
    httpbin.org
    3bf45d9e1a4948475d8770f14d50fcf227eb60484f892fab04896e95c16fe8ac.exe
    Remote address:
    8.8.8.8:53
    Request
    httpbin.org
    IN AAAA
  • flag-us
    DNS
    httpbin.org
    3bf45d9e1a4948475d8770f14d50fcf227eb60484f892fab04896e95c16fe8ac.exe
    Remote address:
    8.8.8.8:53
    Request
    httpbin.org
    IN A
  • flag-us
    DNS
    httpbin.org
    3bf45d9e1a4948475d8770f14d50fcf227eb60484f892fab04896e95c16fe8ac.exe
    Remote address:
    8.8.8.8:53
    Request
    httpbin.org
    IN AAAA
  • flag-us
    DNS
    httpbin.org
    3bf45d9e1a4948475d8770f14d50fcf227eb60484f892fab04896e95c16fe8ac.exe
    Remote address:
    8.8.8.8:53
    Request
    httpbin.org
    IN AAAA
  • flag-us
    DNS
    httpbin.org
    3bf45d9e1a4948475d8770f14d50fcf227eb60484f892fab04896e95c16fe8ac.exe
    Remote address:
    8.8.8.8:53
    Request
    httpbin.org
    IN A
  • flag-us
    DNS
    g.bing.com
    Remote address:
    8.8.8.8:53
    Request
    g.bing.com
    IN A
    Response
    g.bing.com
    IN CNAME
    g-bing-com.ax-0001.ax-msedge.net
    g-bing-com.ax-0001.ax-msedge.net
    IN CNAME
    ax-0001.ax-msedge.net
    ax-0001.ax-msedge.net
    IN A
    150.171.27.10
    ax-0001.ax-msedge.net
    IN A
    150.171.28.10
  • flag-us
    GET
    https://g.bing.com/neg/0?action=emptycreativeimpression&adUnitId=11730597&publisherId=251978541&rid=c94cfcb8b8a649a4af8f29f3ae571f36&localId=w:0926CBB6-AA0B-F8CF-5045-569FA1599743&deviceId=6966574813478974&anid=
    Remote address:
    150.171.27.10:443
    Request
    GET /neg/0?action=emptycreativeimpression&adUnitId=11730597&publisherId=251978541&rid=c94cfcb8b8a649a4af8f29f3ae571f36&localId=w:0926CBB6-AA0B-F8CF-5045-569FA1599743&deviceId=6966574813478974&anid= HTTP/2.0
    host: g.bing.com
    accept-encoding: gzip, deflate
    user-agent: WindowsShellClient/9.0.40929.0 (Windows)
    Response
    HTTP/2.0 204
    cache-control: no-cache, must-revalidate
    pragma: no-cache
    expires: Fri, 01 Jan 1990 00:00:00 GMT
    set-cookie: MUID=31B67886C36E6CEE37596D13C2E56D72; domain=.bing.com; expires=Fri, 13-Mar-2026 02:23:23 GMT; path=/; SameSite=None; Secure; Priority=High;
    strict-transport-security: max-age=31536000; includeSubDomains; preload
    access-control-allow-origin: *
    x-cache: CONFIG_NOCACHE
    accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
    x-msedge-ref: Ref A: 4FFF6CF6E1314E8481BCF9480BBDE1F5 Ref B: FRA31EDGE0219 Ref C: 2025-02-16T02:23:23Z
    date: Sun, 16 Feb 2025 02:23:22 GMT
  • flag-us
    GET
    https://g.bing.com/neg/0?action=emptycreative&adUnitId=11730597&publisherId=251978541&rid=c94cfcb8b8a649a4af8f29f3ae571f36&localId=w:0926CBB6-AA0B-F8CF-5045-569FA1599743&deviceId=6966574813478974&anid=
    Remote address:
    150.171.27.10:443
    Request
    GET /neg/0?action=emptycreative&adUnitId=11730597&publisherId=251978541&rid=c94cfcb8b8a649a4af8f29f3ae571f36&localId=w:0926CBB6-AA0B-F8CF-5045-569FA1599743&deviceId=6966574813478974&anid= HTTP/2.0
    host: g.bing.com
    accept-encoding: gzip, deflate
    user-agent: WindowsShellClient/9.0.40929.0 (Windows)
    cookie: MUID=31B67886C36E6CEE37596D13C2E56D72
    Response
    HTTP/2.0 204
    cache-control: no-cache, must-revalidate
    pragma: no-cache
    expires: Fri, 01 Jan 1990 00:00:00 GMT
    set-cookie: MSPTC=zXJd2_5pW_1364qk5iKRftcwWzFBY1dhXcr7iXqAJDw; domain=.bing.com; expires=Fri, 13-Mar-2026 02:23:26 GMT; path=/; Partitioned; secure; SameSite=None
    strict-transport-security: max-age=31536000; includeSubDomains; preload
    access-control-allow-origin: *
    x-cache: CONFIG_NOCACHE
    accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
    x-msedge-ref: Ref A: D993F285610A4982A574501778AA647E Ref B: FRA31EDGE0219 Ref C: 2025-02-16T02:23:26Z
    date: Sun, 16 Feb 2025 02:23:25 GMT
  • flag-us
    GET
    https://g.bing.com/neg/0?action=emptycreativeimpression&adUnitId=11730597&publisherId=251978541&rid=c94cfcb8b8a649a4af8f29f3ae571f36&localId=w:0926CBB6-AA0B-F8CF-5045-569FA1599743&deviceId=6966574813478974&anid=
    Remote address:
    150.171.27.10:443
    Request
    GET /neg/0?action=emptycreativeimpression&adUnitId=11730597&publisherId=251978541&rid=c94cfcb8b8a649a4af8f29f3ae571f36&localId=w:0926CBB6-AA0B-F8CF-5045-569FA1599743&deviceId=6966574813478974&anid= HTTP/2.0
    host: g.bing.com
    accept-encoding: gzip, deflate
    user-agent: WindowsShellClient/9.0.40929.0 (Windows)
    cookie: MUID=31B67886C36E6CEE37596D13C2E56D72; MSPTC=zXJd2_5pW_1364qk5iKRftcwWzFBY1dhXcr7iXqAJDw
    Response
    HTTP/2.0 204
    cache-control: no-cache, must-revalidate
    pragma: no-cache
    expires: Fri, 01 Jan 1990 00:00:00 GMT
    strict-transport-security: max-age=31536000; includeSubDomains; preload
    access-control-allow-origin: *
    x-cache: CONFIG_NOCACHE
    accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
    x-msedge-ref: Ref A: 504253308B2342AF899ED8CFA8B83930 Ref B: FRA31EDGE0219 Ref C: 2025-02-16T02:23:26Z
    date: Sun, 16 Feb 2025 02:23:26 GMT
  • flag-gb
    GET
    https://www.bing.com/th?id=OADD2.10239414284817_1UVYYSBXC4CID8KBL&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=48&h=48&dynsize=1&qlt=90
    Remote address:
    2.18.66.65:443
    Request
    GET /th?id=OADD2.10239414284817_1UVYYSBXC4CID8KBL&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=48&h=48&dynsize=1&qlt=90 HTTP/2.0
    host: www.bing.com
    accept: */*
    accept-encoding: gzip, deflate, br
    user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
    Response
    HTTP/2.0 200
    cache-control: public, max-age=2592000
    content-type: image/jpeg
    access-control-allow-origin: *
    access-control-allow-headers: *
    access-control-allow-methods: GET, POST, OPTIONS
    timing-allow-origin: *
    report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QWthbWFp"}]}
    nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
    content-length: 1981
    date: Sun, 16 Feb 2025 02:23:30 GMT
    alt-svc: h3=":443"; ma=93600
    x-cdn-traceid: 0.756e5668.1739672610.102a2a8a
  • flag-us
    DNS
    httpbin.org
    3bf45d9e1a4948475d8770f14d50fcf227eb60484f892fab04896e95c16fe8ac.exe
    Remote address:
    8.8.8.8:53
    Request
    httpbin.org
    IN A
    Response
    httpbin.org
    IN A
    3.214.119.249
    httpbin.org
    IN A
    3.208.239.150
  • flag-us
    DNS
    httpbin.org
    3bf45d9e1a4948475d8770f14d50fcf227eb60484f892fab04896e95c16fe8ac.exe
    Remote address:
    8.8.8.8:53
    Request
    httpbin.org
    IN AAAA
    Response
  • flag-us
    DNS
    home.fivejj5sr.top
    3bf45d9e1a4948475d8770f14d50fcf227eb60484f892fab04896e95c16fe8ac.exe
    Remote address:
    8.8.8.8:53
    Request
    home.fivejj5sr.top
    IN A
    Response
    home.fivejj5sr.top
    IN A
    166.1.36.226
  • flag-us
    DNS
    home.fivejj5sr.top
    3bf45d9e1a4948475d8770f14d50fcf227eb60484f892fab04896e95c16fe8ac.exe
    Remote address:
    8.8.8.8:53
    Request
    home.fivejj5sr.top
    IN AAAA
  • flag-us
    DNS
    home.fivejj5sr.top
    3bf45d9e1a4948475d8770f14d50fcf227eb60484f892fab04896e95c16fe8ac.exe
    Remote address:
    8.8.8.8:53
    Request
    home.fivejj5sr.top
    IN A
  • flag-us
    DNS
    home.fivejj5sr.top
    3bf45d9e1a4948475d8770f14d50fcf227eb60484f892fab04896e95c16fe8ac.exe
    Remote address:
    8.8.8.8:53
    Request
    home.fivejj5sr.top
    IN AAAA
  • flag-de
    POST
    http://home.fivejj5sr.top/fWukggcxTlVTnBnJjsCp1739361436
    3bf45d9e1a4948475d8770f14d50fcf227eb60484f892fab04896e95c16fe8ac.exe
    Remote address:
    166.1.36.226:80
    Request
    POST /fWukggcxTlVTnBnJjsCp1739361436 HTTP/1.1
    Host: home.fivejj5sr.top
    Accept: */*
    Content-Type: application/json
    Content-Length: 461832
    Response
    HTTP/1.0 504 Gateway Time-out
    Cache-Control: no-cache
    Connection: close
    Content-Type: text/html
  • flag-us
    DNS
    msedge.api.cdp.microsoft.com
    Remote address:
    8.8.8.8:53
    Request
    msedge.api.cdp.microsoft.com
    IN A
    Response
    msedge.api.cdp.microsoft.com
    IN CNAME
    api.cdp.microsoft.com
    api.cdp.microsoft.com
    IN CNAME
    glb.api.prod.dcat.dsp.trafficmanager.net
    glb.api.prod.dcat.dsp.trafficmanager.net
    IN A
    4.151.228.221
  • flag-us
    DNS
    msedge.api.cdp.microsoft.com
    Remote address:
    8.8.8.8:53
    Request
    msedge.api.cdp.microsoft.com
    IN A
  • flag-us
    POST
    https://msedge.api.cdp.microsoft.com/api/v2/contents/Browser/namespaces/Default/names?action=batchupdates
    Remote address:
    4.151.228.221:443
    Request
    POST /api/v2/contents/Browser/namespaces/Default/names?action=batchupdates HTTP/2.0
    host: msedge.api.cdp.microsoft.com
    cache-control: no-cache
    pragma: no-cache
    content-type: application/json
    user-agent: Microsoft Edge Update/1.3.195.43;winhttp
    x-old-uid: {8BC1E0D0-A68F-40A8-985E-9EA4403F8D22}; age=-1; cnt=2
    ms-correlationid: {17E83B38-4172-4B53-8794-C120E21282B3}
    ms-requestid: {8B4F8922-628F-4594-B562-1613F1597549}
    ms-cv: ODvoF3JBU0uHlMEg4hKCsw.0
    x-last-hr: 0x0
    x-last-http-status-code: 0
    x-retry-count: 0
    x-http-attempts: 1
    content-length: 2539
    Response
    HTTP/2.0 200
    content-type: text/plain; charset=utf-8
    content-type: application/json; charset=utf-8
    date: Sun, 16 Feb 2025 02:24:01 GMT
    content-length: 296
    ms-correlationid: 17e83b38-4172-4b53-8794-c120e21282b3
    ms-requestid: 8b4f8922-628f-4594-b562-1613f1597549
    ms-cv: {17E83B38-4172-4B53-8794-C120E21282B3}.0
  • flag-us
    POST
    https://msedge.api.cdp.microsoft.com/api/v1.1/internal/contents/Browser/namespaces/Default/names/msedge-stable-win-x64/versions/133.0.3065.59/files?action=GenerateDownloadInfo&foregroundPriority=false
    Remote address:
    4.151.228.221:443
    Request
    POST /api/v1.1/internal/contents/Browser/namespaces/Default/names/msedge-stable-win-x64/versions/133.0.3065.59/files?action=GenerateDownloadInfo&foregroundPriority=false HTTP/2.0
    host: msedge.api.cdp.microsoft.com
    cache-control: no-cache
    pragma: no-cache
    content-type: application/json
    user-agent: Microsoft Edge Update/1.3.195.43;winhttp
    x-old-uid: {8BC1E0D0-A68F-40A8-985E-9EA4403F8D22}; age=-1; cnt=2
    ms-correlationid: {17E83B38-4172-4B53-8794-C120E21282B3}
    ms-requestid: {C5FAE0B0-AA54-4D23-AEFF-E08409147CEE}
    ms-cv: ODvoF3JBU0uHlMEg4hKCsw.1
    x-last-hr: 0x0
    x-last-http-status-code: 0
    x-retry-count: 0
    x-http-attempts: 1
    content-length: 2
    Response
    HTTP/2.0 200
    content-type: text/plain; charset=utf-8
    content-type: application/json; charset=utf-8
    date: Sun, 16 Feb 2025 02:24:01 GMT
    content-length: 5346
    ms-correlationid: 17e83b38-4172-4b53-8794-c120e21282b3
    ms-requestid: c5fae0b0-aa54-4d23-aeff-e08409147cee
    ms-cv: {17E83B38-4172-4B53-8794-C120E21282B3}.0
  • flag-us
    POST
    https://msedge.api.cdp.microsoft.com/api/v1.1/internal/contents/Browser/namespaces/Default/names/msedgewebview-stable-win-x64/versions/133.0.3065.69/files?action=GenerateDownloadInfo&foregroundPriority=false
    Remote address:
    4.151.228.221:443
    Request
    POST /api/v1.1/internal/contents/Browser/namespaces/Default/names/msedgewebview-stable-win-x64/versions/133.0.3065.69/files?action=GenerateDownloadInfo&foregroundPriority=false HTTP/2.0
    host: msedge.api.cdp.microsoft.com
    cache-control: no-cache
    pragma: no-cache
    content-type: application/json
    user-agent: Microsoft Edge Update/1.3.195.43;winhttp
    x-old-uid: {8BC1E0D0-A68F-40A8-985E-9EA4403F8D22}; age=-1; cnt=2
    ms-correlationid: {17E83B38-4172-4B53-8794-C120E21282B3}
    ms-requestid: {E50CD5C4-2748-4B6A-974B-325F0AFE442C}
    ms-cv: ODvoF3JBU0uHlMEg4hKCsw.2
    x-last-hr: 0x0
    x-last-http-status-code: 0
    x-retry-count: 0
    x-http-attempts: 1
    content-length: 2
    Response
    HTTP/2.0 200
    content-type: text/plain; charset=utf-8
    content-type: application/json; charset=utf-8
    date: Sun, 16 Feb 2025 02:24:02 GMT
    content-length: 5364
    ms-correlationid: 17e83b38-4172-4b53-8794-c120e21282b3
    ms-requestid: e50cd5c4-2748-4b6a-974b-325f0afe442c
    ms-cv: {17E83B38-4172-4B53-8794-C120E21282B3}.0
  • flag-us
    DNS
    msedge.b.tlu.dl.delivery.mp.microsoft.com
    Remote address:
    8.8.8.8:53
    Request
    msedge.b.tlu.dl.delivery.mp.microsoft.com
    IN A
    Response
    msedge.b.tlu.dl.delivery.mp.microsoft.com
    IN CNAME
    star.b.tlu.dl.delivery.mp.microsoft.com.delivery.microsoft.com
    star.b.tlu.dl.delivery.mp.microsoft.com.delivery.microsoft.com
    IN CNAME
    cdp-f-tlu-net.trafficmanager.net
    cdp-f-tlu-net.trafficmanager.net
    IN CNAME
    wildcard.f.tlu.dl.delivery.mp.microsoft.com.edgesuite.net
    wildcard.f.tlu.dl.delivery.mp.microsoft.com.edgesuite.net
    IN CNAME
    a1847.dscd.akamai.net
    a1847.dscd.akamai.net
    IN A
    104.77.160.217
    a1847.dscd.akamai.net
    IN A
    104.77.160.196
  • flag-gb
    HEAD
    http://msedge.b.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/fed55805-2e85-41d8-b4e3-4ef6b5ebf63a?P1=1740277441&P2=404&P3=2&P4=DyGIXSruLcUJ0y7%2bf%2b1rvkhU8B7OU7hfBXXAXQMzwmqez3b5PoCUU5%2b4hVvvLhFKzHYplDspy%2byeMjGJ824frQ%3d%3d
    Remote address:
    104.77.160.217:80
    Request
    HEAD /filestreamingservice/files/fed55805-2e85-41d8-b4e3-4ef6b5ebf63a?P1=1740277441&P2=404&P3=2&P4=DyGIXSruLcUJ0y7%2bf%2b1rvkhU8B7OU7hfBXXAXQMzwmqez3b5PoCUU5%2b4hVvvLhFKzHYplDspy%2byeMjGJ824frQ%3d%3d HTTP/1.1
    Connection: Keep-Alive
    Accept: */*
    Accept-Encoding: identity
    User-Agent: Microsoft BITS/7.8
    X-Old-UID: {8BC1E0D0-A68F-40A8-985E-9EA4403F8D22}; age=-1; cnt=2
    X-Last-HR: 0x80070422
    X-Last-HTTP-Status-Code: 500
    X-Retry-Count: 0
    X-HTTP-Attempts: 2
    Host: msedge.b.tlu.dl.delivery.mp.microsoft.com
    Response
    HTTP/1.1 200 OK
    Cache-Control: public, max-age=17280000
    Content-Length: 178604088
    Content-Type: application/octet-stream
    Last-Modified: Mon, 10 Feb 2025 02:10:08 GMT
    Accept-Ranges: bytes
    ETag: "BajKwfS+sHh4GdiCWW5erzQdfdY="
    Server: Microsoft-IIS/10.0
    X-AspNetMvc-Version: 5.3
    MS-CorrelationId: 38950630-062e-4b11-abf9-27528cc8372b
    MS-RequestId: ab97e305-abce-4560-9c14-07ae0c2048b9
    MS-CV: d58aS+FfYkmqLl9I.0
    X-AspNet-Version: 4.0.30319
    X-Powered-By: ASP.NET
    X-Powered-By: ARR/3.0
    X-Powered-By: ASP.NET
    Date: Sun, 16 Feb 2025 02:24:07 GMT
    Connection: keep-alive
    X-CID: 2
    X-CCC: GB
  • flag-gb
    GET
    http://msedge.b.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/fed55805-2e85-41d8-b4e3-4ef6b5ebf63a?P1=1740277441&P2=404&P3=2&P4=DyGIXSruLcUJ0y7%2bf%2b1rvkhU8B7OU7hfBXXAXQMzwmqez3b5PoCUU5%2b4hVvvLhFKzHYplDspy%2byeMjGJ824frQ%3d%3d
    Remote address:
    104.77.160.217:80
    Request
    GET /filestreamingservice/files/fed55805-2e85-41d8-b4e3-4ef6b5ebf63a?P1=1740277441&P2=404&P3=2&P4=DyGIXSruLcUJ0y7%2bf%2b1rvkhU8B7OU7hfBXXAXQMzwmqez3b5PoCUU5%2b4hVvvLhFKzHYplDspy%2byeMjGJ824frQ%3d%3d HTTP/1.1
    Connection: Keep-Alive
    Accept: */*
    Accept-Encoding: identity
    If-Unmodified-Since: Mon, 10 Feb 2025 02:10:08 GMT
    Range: bytes=0-1119
    User-Agent: Microsoft BITS/7.8
    X-Old-UID: {8BC1E0D0-A68F-40A8-985E-9EA4403F8D22}; age=-1; cnt=2
    X-Last-HR: 0x80070422
    X-Last-HTTP-Status-Code: 500
    X-Retry-Count: 0
    X-HTTP-Attempts: 2
    Host: msedge.b.tlu.dl.delivery.mp.microsoft.com
    Response
    HTTP/1.1 206 Partial Content
    Cache-Control: public, max-age=17280000
    Content-Type: application/octet-stream
    Accept-Ranges: bytes
    Server: Microsoft-IIS/10.0
    X-AspNetMvc-Version: 5.3
    MS-CorrelationId: bca99da9-4533-48de-9915-2116a3a8b393
    MS-RequestId: 1a28825d-7e68-4417-a360-3d8f3579d4b7
    MS-CV: z0TyYAApQ0SnTPhTzEiNVQ.0.1.1.6.1.1.1.0
    X-AspNet-Version: 4.0.30319
    X-Powered-By: ASP.NET
    X-Powered-By: ARR/3.0
    X-Powered-By: ASP.NET
    Last-Modified: Mon, 10 Feb 2025 02:10:08 GMT
    ETag: "BajKwfS+sHh4GdiCWW5erzQdfdY="
    Date: Sun, 16 Feb 2025 02:24:07 GMT
    Content-Range: bytes 0-1119/178604088
    Content-Length: 1120
    Connection: keep-alive
    X-CID: 2
    X-CCC: GB
  • flag-gb
    GET
    http://msedge.b.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/fed55805-2e85-41d8-b4e3-4ef6b5ebf63a?P1=1740277441&P2=404&P3=2&P4=DyGIXSruLcUJ0y7%2bf%2b1rvkhU8B7OU7hfBXXAXQMzwmqez3b5PoCUU5%2b4hVvvLhFKzHYplDspy%2byeMjGJ824frQ%3d%3d
    Remote address:
    104.77.160.217:80
    Request
    GET /filestreamingservice/files/fed55805-2e85-41d8-b4e3-4ef6b5ebf63a?P1=1740277441&P2=404&P3=2&P4=DyGIXSruLcUJ0y7%2bf%2b1rvkhU8B7OU7hfBXXAXQMzwmqez3b5PoCUU5%2b4hVvvLhFKzHYplDspy%2byeMjGJ824frQ%3d%3d HTTP/1.1
    Connection: Keep-Alive
    Accept: */*
    Accept-Encoding: identity
    If-Unmodified-Since: Mon, 10 Feb 2025 02:10:08 GMT
    Range: bytes=1120-2664
    User-Agent: Microsoft BITS/7.8
    X-Old-UID: {8BC1E0D0-A68F-40A8-985E-9EA4403F8D22}; age=-1; cnt=2
    X-Last-HR: 0x80070422
    X-Last-HTTP-Status-Code: 500
    X-Retry-Count: 0
    X-HTTP-Attempts: 2
    Host: msedge.b.tlu.dl.delivery.mp.microsoft.com
    Response
    HTTP/1.1 206 Partial Content
    Cache-Control: public, max-age=17280000
    Content-Type: application/octet-stream
    Accept-Ranges: bytes
    Server: Microsoft-IIS/10.0
    X-AspNetMvc-Version: 5.3
    MS-CorrelationId: bca99da9-4533-48de-9915-2116a3a8b393
    MS-RequestId: 1a28825d-7e68-4417-a360-3d8f3579d4b7
    MS-CV: z0TyYAApQ0SnTPhTzEiNVQ.0.1.1.6.1.1.1.0
    X-AspNet-Version: 4.0.30319
    X-Powered-By: ASP.NET
    X-Powered-By: ARR/3.0
    X-Powered-By: ASP.NET
    Last-Modified: Mon, 10 Feb 2025 02:10:08 GMT
    ETag: "BajKwfS+sHh4GdiCWW5erzQdfdY="
    Date: Sun, 16 Feb 2025 02:24:10 GMT
    Content-Range: bytes 1120-2664/178604088
    Content-Length: 1545
    Connection: keep-alive
    X-CID: 2
    X-CCC: GB
  • flag-gb
    GET
    http://msedge.b.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/fed55805-2e85-41d8-b4e3-4ef6b5ebf63a?P1=1740277441&P2=404&P3=2&P4=DyGIXSruLcUJ0y7%2bf%2b1rvkhU8B7OU7hfBXXAXQMzwmqez3b5PoCUU5%2b4hVvvLhFKzHYplDspy%2byeMjGJ824frQ%3d%3d
    Remote address:
    104.77.160.217:80
    Request
    GET /filestreamingservice/files/fed55805-2e85-41d8-b4e3-4ef6b5ebf63a?P1=1740277441&P2=404&P3=2&P4=DyGIXSruLcUJ0y7%2bf%2b1rvkhU8B7OU7hfBXXAXQMzwmqez3b5PoCUU5%2b4hVvvLhFKzHYplDspy%2byeMjGJ824frQ%3d%3d HTTP/1.1
    Connection: Keep-Alive
    Accept: */*
    Accept-Encoding: identity
    If-Unmodified-Since: Mon, 10 Feb 2025 02:10:08 GMT
    Range: bytes=2665-6672
    User-Agent: Microsoft BITS/7.8
    X-Old-UID: {8BC1E0D0-A68F-40A8-985E-9EA4403F8D22}; age=-1; cnt=2
    X-Last-HR: 0x80070422
    X-Last-HTTP-Status-Code: 500
    X-Retry-Count: 0
    X-HTTP-Attempts: 2
    Host: msedge.b.tlu.dl.delivery.mp.microsoft.com
    Response
    HTTP/1.1 206 Partial Content
    Cache-Control: public, max-age=17280000
    Content-Type: application/octet-stream
    Accept-Ranges: bytes
    Server: Microsoft-IIS/10.0
    X-AspNetMvc-Version: 5.3
    MS-CorrelationId: bca99da9-4533-48de-9915-2116a3a8b393
    MS-RequestId: 1a28825d-7e68-4417-a360-3d8f3579d4b7
    MS-CV: z0TyYAApQ0SnTPhTzEiNVQ.0.1.1.6.1.1.1.0
    X-AspNet-Version: 4.0.30319
    X-Powered-By: ASP.NET
    X-Powered-By: ARR/3.0
    X-Powered-By: ASP.NET
    Last-Modified: Mon, 10 Feb 2025 02:10:08 GMT
    ETag: "BajKwfS+sHh4GdiCWW5erzQdfdY="
    Date: Sun, 16 Feb 2025 02:24:11 GMT
    Content-Range: bytes 2665-6672/178604088
    Content-Length: 4008
    Connection: keep-alive
    X-CID: 2
    X-CCC: GB
  • flag-gb
    GET
    http://msedge.b.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/fed55805-2e85-41d8-b4e3-4ef6b5ebf63a?P1=1740277441&P2=404&P3=2&P4=DyGIXSruLcUJ0y7%2bf%2b1rvkhU8B7OU7hfBXXAXQMzwmqez3b5PoCUU5%2b4hVvvLhFKzHYplDspy%2byeMjGJ824frQ%3d%3d
    Remote address:
    104.77.160.217:80
    Request
    GET /filestreamingservice/files/fed55805-2e85-41d8-b4e3-4ef6b5ebf63a?P1=1740277441&P2=404&P3=2&P4=DyGIXSruLcUJ0y7%2bf%2b1rvkhU8B7OU7hfBXXAXQMzwmqez3b5PoCUU5%2b4hVvvLhFKzHYplDspy%2byeMjGJ824frQ%3d%3d HTTP/1.1
    Connection: Keep-Alive
    Accept: */*
    Accept-Encoding: identity
    If-Unmodified-Since: Mon, 10 Feb 2025 02:10:08 GMT
    Range: bytes=6673-16791
    User-Agent: Microsoft BITS/7.8
    X-Old-UID: {8BC1E0D0-A68F-40A8-985E-9EA4403F8D22}; age=-1; cnt=2
    X-Last-HR: 0x80070422
    X-Last-HTTP-Status-Code: 500
    X-Retry-Count: 0
    X-HTTP-Attempts: 2
    Host: msedge.b.tlu.dl.delivery.mp.microsoft.com
    Response
    HTTP/1.1 206 Partial Content
    Cache-Control: public, max-age=17280000
    Content-Type: application/octet-stream
    Accept-Ranges: bytes
    Server: Microsoft-IIS/10.0
    X-AspNetMvc-Version: 5.3
    MS-CorrelationId: bca99da9-4533-48de-9915-2116a3a8b393
    MS-RequestId: 1a28825d-7e68-4417-a360-3d8f3579d4b7
    MS-CV: z0TyYAApQ0SnTPhTzEiNVQ.0.1.1.6.1.1.1.0
    X-AspNet-Version: 4.0.30319
    X-Powered-By: ASP.NET
    X-Powered-By: ARR/3.0
    X-Powered-By: ASP.NET
    Last-Modified: Mon, 10 Feb 2025 02:10:08 GMT
    ETag: "BajKwfS+sHh4GdiCWW5erzQdfdY="
    Date: Sun, 16 Feb 2025 02:24:13 GMT
    Content-Range: bytes 6673-16791/178604088
    Content-Length: 10119
    Connection: keep-alive
    X-CID: 2
    X-CCC: GB
  • flag-gb
    GET
    http://msedge.b.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/fed55805-2e85-41d8-b4e3-4ef6b5ebf63a?P1=1740277441&P2=404&P3=2&P4=DyGIXSruLcUJ0y7%2bf%2b1rvkhU8B7OU7hfBXXAXQMzwmqez3b5PoCUU5%2b4hVvvLhFKzHYplDspy%2byeMjGJ824frQ%3d%3d
    Remote address:
    104.77.160.217:80
    Request
    GET /filestreamingservice/files/fed55805-2e85-41d8-b4e3-4ef6b5ebf63a?P1=1740277441&P2=404&P3=2&P4=DyGIXSruLcUJ0y7%2bf%2b1rvkhU8B7OU7hfBXXAXQMzwmqez3b5PoCUU5%2b4hVvvLhFKzHYplDspy%2byeMjGJ824frQ%3d%3d HTTP/1.1
    Connection: Keep-Alive
    Accept: */*
    Accept-Encoding: identity
    If-Unmodified-Since: Mon, 10 Feb 2025 02:10:08 GMT
    Range: bytes=16792-38493
    User-Agent: Microsoft BITS/7.8
    X-Old-UID: {8BC1E0D0-A68F-40A8-985E-9EA4403F8D22}; age=-1; cnt=2
    X-Last-HR: 0x80070422
    X-Last-HTTP-Status-Code: 500
    X-Retry-Count: 0
    X-HTTP-Attempts: 2
    Host: msedge.b.tlu.dl.delivery.mp.microsoft.com
    Response
    HTTP/1.1 206 Partial Content
    Cache-Control: public, max-age=17280000
    Content-Type: application/octet-stream
    Accept-Ranges: bytes
    Server: Microsoft-IIS/10.0
    X-AspNetMvc-Version: 5.3
    MS-CorrelationId: bca99da9-4533-48de-9915-2116a3a8b393
    MS-RequestId: 1a28825d-7e68-4417-a360-3d8f3579d4b7
    MS-CV: z0TyYAApQ0SnTPhTzEiNVQ.0.1.1.6.1.1.1.0
    X-AspNet-Version: 4.0.30319
    X-Powered-By: ASP.NET
    X-Powered-By: ARR/3.0
    X-Powered-By: ASP.NET
    Last-Modified: Mon, 10 Feb 2025 02:10:08 GMT
    ETag: "BajKwfS+sHh4GdiCWW5erzQdfdY="
    Date: Sun, 16 Feb 2025 02:24:14 GMT
    Content-Range: bytes 16792-38493/178604088
    Content-Length: 21702
    Connection: keep-alive
    X-CID: 2
    X-CCC: GB
  • flag-gb
    GET
    http://msedge.b.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/fed55805-2e85-41d8-b4e3-4ef6b5ebf63a?P1=1740277441&P2=404&P3=2&P4=DyGIXSruLcUJ0y7%2bf%2b1rvkhU8B7OU7hfBXXAXQMzwmqez3b5PoCUU5%2b4hVvvLhFKzHYplDspy%2byeMjGJ824frQ%3d%3d
    Remote address:
    104.77.160.217:80
    Request
    GET /filestreamingservice/files/fed55805-2e85-41d8-b4e3-4ef6b5ebf63a?P1=1740277441&P2=404&P3=2&P4=DyGIXSruLcUJ0y7%2bf%2b1rvkhU8B7OU7hfBXXAXQMzwmqez3b5PoCUU5%2b4hVvvLhFKzHYplDspy%2byeMjGJ824frQ%3d%3d HTTP/1.1
    Connection: Keep-Alive
    Accept: */*
    Accept-Encoding: identity
    If-Unmodified-Since: Mon, 10 Feb 2025 02:10:08 GMT
    Range: bytes=38494-83013
    User-Agent: Microsoft BITS/7.8
    X-Old-UID: {8BC1E0D0-A68F-40A8-985E-9EA4403F8D22}; age=-1; cnt=2
    X-Last-HR: 0x80070422
    X-Last-HTTP-Status-Code: 500
    X-Retry-Count: 0
    X-HTTP-Attempts: 2
    Host: msedge.b.tlu.dl.delivery.mp.microsoft.com
    Response
    HTTP/1.1 206 Partial Content
    Cache-Control: public, max-age=17280000
    Content-Type: application/octet-stream
    Accept-Ranges: bytes
    Server: Microsoft-IIS/10.0
    X-AspNetMvc-Version: 5.3
    MS-CorrelationId: bca99da9-4533-48de-9915-2116a3a8b393
    MS-RequestId: 1a28825d-7e68-4417-a360-3d8f3579d4b7
    MS-CV: z0TyYAApQ0SnTPhTzEiNVQ.0.1.1.6.1.1.1.0
    X-AspNet-Version: 4.0.30319
    X-Powered-By: ASP.NET
    X-Powered-By: ARR/3.0
    X-Powered-By: ASP.NET
    Last-Modified: Mon, 10 Feb 2025 02:10:08 GMT
    ETag: "BajKwfS+sHh4GdiCWW5erzQdfdY="
    Date: Sun, 16 Feb 2025 02:24:15 GMT
    Content-Range: bytes 38494-83013/178604088
    Content-Length: 44520
    Connection: keep-alive
    X-CID: 2
    X-CCC: GB
  • flag-gb
    GET
    http://msedge.b.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/fed55805-2e85-41d8-b4e3-4ef6b5ebf63a?P1=1740277441&P2=404&P3=2&P4=DyGIXSruLcUJ0y7%2bf%2b1rvkhU8B7OU7hfBXXAXQMzwmqez3b5PoCUU5%2b4hVvvLhFKzHYplDspy%2byeMjGJ824frQ%3d%3d
    Remote address:
    104.77.160.217:80
    Request
    GET /filestreamingservice/files/fed55805-2e85-41d8-b4e3-4ef6b5ebf63a?P1=1740277441&P2=404&P3=2&P4=DyGIXSruLcUJ0y7%2bf%2b1rvkhU8B7OU7hfBXXAXQMzwmqez3b5PoCUU5%2b4hVvvLhFKzHYplDspy%2byeMjGJ824frQ%3d%3d HTTP/1.1
    Connection: Keep-Alive
    Accept: */*
    Accept-Encoding: identity
    If-Unmodified-Since: Mon, 10 Feb 2025 02:10:08 GMT
    Range: bytes=83014-142972
    User-Agent: Microsoft BITS/7.8
    X-Old-UID: {8BC1E0D0-A68F-40A8-985E-9EA4403F8D22}; age=-1; cnt=2
    X-Last-HR: 0x80070422
    X-Last-HTTP-Status-Code: 500
    X-Retry-Count: 0
    X-HTTP-Attempts: 2
    Host: msedge.b.tlu.dl.delivery.mp.microsoft.com
    Response
    HTTP/1.1 206 Partial Content
    Cache-Control: public, max-age=17280000
    Content-Type: application/octet-stream
    Accept-Ranges: bytes
    Server: Microsoft-IIS/10.0
    X-AspNetMvc-Version: 5.3
    MS-CorrelationId: bca99da9-4533-48de-9915-2116a3a8b393
    MS-RequestId: 1a28825d-7e68-4417-a360-3d8f3579d4b7
    MS-CV: z0TyYAApQ0SnTPhTzEiNVQ.0.1.1.6.1.1.1.0
    X-AspNet-Version: 4.0.30319
    X-Powered-By: ASP.NET
    X-Powered-By: ARR/3.0
    X-Powered-By: ASP.NET
    Last-Modified: Mon, 10 Feb 2025 02:10:08 GMT
    ETag: "BajKwfS+sHh4GdiCWW5erzQdfdY="
    Date: Sun, 16 Feb 2025 02:24:17 GMT
    Content-Range: bytes 83014-142972/178604088
    Content-Length: 59959
    Connection: keep-alive
    X-CID: 2
    X-CCC: GB
  • flag-gb
    GET
    http://msedge.b.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/fed55805-2e85-41d8-b4e3-4ef6b5ebf63a?P1=1740277441&P2=404&P3=2&P4=DyGIXSruLcUJ0y7%2bf%2b1rvkhU8B7OU7hfBXXAXQMzwmqez3b5PoCUU5%2b4hVvvLhFKzHYplDspy%2byeMjGJ824frQ%3d%3d
    Remote address:
    104.77.160.217:80
    Request
    GET /filestreamingservice/files/fed55805-2e85-41d8-b4e3-4ef6b5ebf63a?P1=1740277441&P2=404&P3=2&P4=DyGIXSruLcUJ0y7%2bf%2b1rvkhU8B7OU7hfBXXAXQMzwmqez3b5PoCUU5%2b4hVvvLhFKzHYplDspy%2byeMjGJ824frQ%3d%3d HTTP/1.1
    Connection: Keep-Alive
    Accept: */*
    Accept-Encoding: identity
    If-Unmodified-Since: Mon, 10 Feb 2025 02:10:08 GMT
    Range: bytes=142973-235333
    User-Agent: Microsoft BITS/7.8
    X-Old-UID: {8BC1E0D0-A68F-40A8-985E-9EA4403F8D22}; age=-1; cnt=2
    X-Last-HR: 0x80070422
    X-Last-HTTP-Status-Code: 500
    X-Retry-Count: 0
    X-HTTP-Attempts: 2
    Host: msedge.b.tlu.dl.delivery.mp.microsoft.com
    Response
    HTTP/1.1 206 Partial Content
    Cache-Control: public, max-age=17280000
    Content-Type: application/octet-stream
    Accept-Ranges: bytes
    Server: Microsoft-IIS/10.0
    X-AspNetMvc-Version: 5.3
    MS-CorrelationId: bca99da9-4533-48de-9915-2116a3a8b393
    MS-RequestId: 1a28825d-7e68-4417-a360-3d8f3579d4b7
    MS-CV: z0TyYAApQ0SnTPhTzEiNVQ.0.1.1.6.1.1.1.0
    X-AspNet-Version: 4.0.30319
    X-Powered-By: ASP.NET
    X-Powered-By: ARR/3.0
    X-Powered-By: ASP.NET
    Last-Modified: Mon, 10 Feb 2025 02:10:08 GMT
    ETag: "BajKwfS+sHh4GdiCWW5erzQdfdY="
    Date: Sun, 16 Feb 2025 02:24:17 GMT
    Content-Range: bytes 142973-235333/178604088
    Content-Length: 92361
    Connection: keep-alive
    X-CID: 2
    X-CCC: GB
  • flag-gb
    GET
    http://msedge.b.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/fed55805-2e85-41d8-b4e3-4ef6b5ebf63a?P1=1740277441&P2=404&P3=2&P4=DyGIXSruLcUJ0y7%2bf%2b1rvkhU8B7OU7hfBXXAXQMzwmqez3b5PoCUU5%2b4hVvvLhFKzHYplDspy%2byeMjGJ824frQ%3d%3d
    Remote address:
    104.77.160.217:80
    Request
    GET /filestreamingservice/files/fed55805-2e85-41d8-b4e3-4ef6b5ebf63a?P1=1740277441&P2=404&P3=2&P4=DyGIXSruLcUJ0y7%2bf%2b1rvkhU8B7OU7hfBXXAXQMzwmqez3b5PoCUU5%2b4hVvvLhFKzHYplDspy%2byeMjGJ824frQ%3d%3d HTTP/1.1
    Connection: Keep-Alive
    Accept: */*
    Accept-Encoding: identity
    If-Unmodified-Since: Mon, 10 Feb 2025 02:10:08 GMT
    Range: bytes=235334-422082
    User-Agent: Microsoft BITS/7.8
    X-Old-UID: {8BC1E0D0-A68F-40A8-985E-9EA4403F8D22}; age=-1; cnt=2
    X-Last-HR: 0x80070422
    X-Last-HTTP-Status-Code: 500
    X-Retry-Count: 0
    X-HTTP-Attempts: 2
    Host: msedge.b.tlu.dl.delivery.mp.microsoft.com
    Response
    HTTP/1.1 206 Partial Content
    Cache-Control: public, max-age=17280000
    Content-Type: application/octet-stream
    Accept-Ranges: bytes
    Server: Microsoft-IIS/10.0
    X-AspNetMvc-Version: 5.3
    MS-CorrelationId: bca99da9-4533-48de-9915-2116a3a8b393
    MS-RequestId: 1a28825d-7e68-4417-a360-3d8f3579d4b7
    MS-CV: z0TyYAApQ0SnTPhTzEiNVQ.0.1.1.6.1.1.1.0
    X-AspNet-Version: 4.0.30319
    X-Powered-By: ASP.NET
    X-Powered-By: ARR/3.0
    X-Powered-By: ASP.NET
    Last-Modified: Mon, 10 Feb 2025 02:10:08 GMT
    ETag: "BajKwfS+sHh4GdiCWW5erzQdfdY="
    Date: Sun, 16 Feb 2025 02:24:18 GMT
    Content-Range: bytes 235334-422082/178604088
    Content-Length: 186749
    Connection: keep-alive
    X-CID: 2
    X-CCC: GB
  • flag-gb
    GET
    http://msedge.b.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/fed55805-2e85-41d8-b4e3-4ef6b5ebf63a?P1=1740277441&P2=404&P3=2&P4=DyGIXSruLcUJ0y7%2bf%2b1rvkhU8B7OU7hfBXXAXQMzwmqez3b5PoCUU5%2b4hVvvLhFKzHYplDspy%2byeMjGJ824frQ%3d%3d
    Remote address:
    104.77.160.217:80
    Request
    GET /filestreamingservice/files/fed55805-2e85-41d8-b4e3-4ef6b5ebf63a?P1=1740277441&P2=404&P3=2&P4=DyGIXSruLcUJ0y7%2bf%2b1rvkhU8B7OU7hfBXXAXQMzwmqez3b5PoCUU5%2b4hVvvLhFKzHYplDspy%2byeMjGJ824frQ%3d%3d HTTP/1.1
    Connection: Keep-Alive
    Accept: */*
    Accept-Encoding: identity
    If-Unmodified-Since: Mon, 10 Feb 2025 02:10:08 GMT
    Range: bytes=422083-797217
    User-Agent: Microsoft BITS/7.8
    X-Old-UID: {8BC1E0D0-A68F-40A8-985E-9EA4403F8D22}; age=-1; cnt=2
    X-Last-HR: 0x80070422
    X-Last-HTTP-Status-Code: 500
    X-Retry-Count: 0
    X-HTTP-Attempts: 2
    Host: msedge.b.tlu.dl.delivery.mp.microsoft.com
    Response
    HTTP/1.1 206 Partial Content
    Cache-Control: public, max-age=17280000
    Content-Type: application/octet-stream
    Accept-Ranges: bytes
    Server: Microsoft-IIS/10.0
    X-AspNetMvc-Version: 5.3
    MS-CorrelationId: bca99da9-4533-48de-9915-2116a3a8b393
    MS-RequestId: 1a28825d-7e68-4417-a360-3d8f3579d4b7
    MS-CV: z0TyYAApQ0SnTPhTzEiNVQ.0.1.1.6.1.1.1.0
    X-AspNet-Version: 4.0.30319
    X-Powered-By: ASP.NET
    X-Powered-By: ARR/3.0
    X-Powered-By: ASP.NET
    Last-Modified: Mon, 10 Feb 2025 02:10:08 GMT
    ETag: "BajKwfS+sHh4GdiCWW5erzQdfdY="
    Date: Sun, 16 Feb 2025 02:24:20 GMT
    Content-Range: bytes 422083-797217/178604088
    Content-Length: 375135
    Connection: keep-alive
    X-CID: 2
    X-CCC: GB
  • flag-gb
    GET
    http://msedge.b.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/fed55805-2e85-41d8-b4e3-4ef6b5ebf63a?P1=1740277441&P2=404&P3=2&P4=DyGIXSruLcUJ0y7%2bf%2b1rvkhU8B7OU7hfBXXAXQMzwmqez3b5PoCUU5%2b4hVvvLhFKzHYplDspy%2byeMjGJ824frQ%3d%3d
    Remote address:
    104.77.160.217:80
    Request
    GET /filestreamingservice/files/fed55805-2e85-41d8-b4e3-4ef6b5ebf63a?P1=1740277441&P2=404&P3=2&P4=DyGIXSruLcUJ0y7%2bf%2b1rvkhU8B7OU7hfBXXAXQMzwmqez3b5PoCUU5%2b4hVvvLhFKzHYplDspy%2byeMjGJ824frQ%3d%3d HTTP/1.1
    Connection: Keep-Alive
    Accept: */*
    Accept-Encoding: identity
    If-Unmodified-Since: Mon, 10 Feb 2025 02:10:08 GMT
    Range: bytes=797218-1544531
    User-Agent: Microsoft BITS/7.8
    X-Old-UID: {8BC1E0D0-A68F-40A8-985E-9EA4403F8D22}; age=-1; cnt=2
    X-Last-HR: 0x80070422
    X-Last-HTTP-Status-Code: 500
    X-Retry-Count: 0
    X-HTTP-Attempts: 2
    Host: msedge.b.tlu.dl.delivery.mp.microsoft.com
    Response
    HTTP/1.1 206 Partial Content
    Cache-Control: public, max-age=17280000
    Content-Type: application/octet-stream
    Accept-Ranges: bytes
    Server: Microsoft-IIS/10.0
    X-AspNetMvc-Version: 5.3
    MS-CorrelationId: bca99da9-4533-48de-9915-2116a3a8b393
    MS-RequestId: 1a28825d-7e68-4417-a360-3d8f3579d4b7
    MS-CV: z0TyYAApQ0SnTPhTzEiNVQ.0.1.1.6.1.1.1.0
    X-AspNet-Version: 4.0.30319
    X-Powered-By: ASP.NET
    X-Powered-By: ARR/3.0
    X-Powered-By: ASP.NET
    Last-Modified: Mon, 10 Feb 2025 02:10:08 GMT
    ETag: "BajKwfS+sHh4GdiCWW5erzQdfdY="
    Date: Sun, 16 Feb 2025 02:24:20 GMT
    Content-Range: bytes 797218-1544531/178604088
    Content-Length: 747314
    Connection: keep-alive
    X-CID: 2
    X-CCC: GB
  • flag-us
    DNS
    home.fivejj5sr.top
    3bf45d9e1a4948475d8770f14d50fcf227eb60484f892fab04896e95c16fe8ac.exe
    Remote address:
    8.8.8.8:53
    Request
    home.fivejj5sr.top
    IN A
    Response
  • flag-us
    DNS
    home.fivejj5sr.top
    3bf45d9e1a4948475d8770f14d50fcf227eb60484f892fab04896e95c16fe8ac.exe
    Remote address:
    8.8.8.8:53
    Request
    home.fivejj5sr.top
    IN AAAA
    Response
    home.fivejj5sr.top
    IN A
    166.1.36.226
  • flag-us
    DNS
    home.fivejj5sr.top
    3bf45d9e1a4948475d8770f14d50fcf227eb60484f892fab04896e95c16fe8ac.exe
    Remote address:
    8.8.8.8:53
    Request
    home.fivejj5sr.top
    IN A
  • flag-us
    DNS
    home.fivejj5sr.top
    3bf45d9e1a4948475d8770f14d50fcf227eb60484f892fab04896e95c16fe8ac.exe
    Remote address:
    8.8.8.8:53
    Request
    home.fivejj5sr.top
    IN AAAA
  • flag-de
    POST
    http://home.fivejj5sr.top/fWukggcxTlVTnBnJjsCp1739361436
    3bf45d9e1a4948475d8770f14d50fcf227eb60484f892fab04896e95c16fe8ac.exe
    Remote address:
    166.1.36.226:80
    Request
    POST /fWukggcxTlVTnBnJjsCp1739361436 HTTP/1.1
    Host: home.fivejj5sr.top
    Accept: */*
    Content-Type: application/json
    Content-Length: 128
    Response
    HTTP/1.1 404 NOT FOUND
    Server: nginx/1.22.1
    Date: Sun, 16 Feb 2025 02:25:12 GMT
    Content-Type: text/html; charset=utf-8
    Content-Length: 207
    Connection: close
  • flag-us
    DNS
    tse1.mm.bing.net
    Remote address:
    8.8.8.8:53
    Request
    tse1.mm.bing.net
    IN A
    Response
    tse1.mm.bing.net
    IN CNAME
    mm-mm.bing.net.trafficmanager.net
    mm-mm.bing.net.trafficmanager.net
    IN CNAME
    ax-0001.ax-msedge.net
    ax-0001.ax-msedge.net
    IN A
    150.171.28.10
    ax-0001.ax-msedge.net
    IN A
    150.171.27.10
  • flag-us
    DNS
    tse1.mm.bing.net
    Remote address:
    8.8.8.8:53
    Request
    tse1.mm.bing.net
    IN A
  • flag-us
    DNS
    tse1.mm.bing.net
    Remote address:
    8.8.8.8:53
    Request
    tse1.mm.bing.net
    IN A
  • flag-us
    GET
    https://tse1.mm.bing.net/th?id=OADD2.10239339388239_1FMFJEKV2DXW3LPOK&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90
    Remote address:
    150.171.28.10:443
    Request
    GET /th?id=OADD2.10239339388239_1FMFJEKV2DXW3LPOK&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90 HTTP/2.0
    host: tse1.mm.bing.net
    accept: */*
    accept-encoding: gzip, deflate, br
    user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
    Response
    HTTP/2.0 200
    cache-control: public, max-age=2592000
    content-length: 332661
    content-type: image/jpeg
    x-cache: TCP_HIT
    access-control-allow-origin: *
    access-control-allow-headers: *
    access-control-allow-methods: GET, POST, OPTIONS
    timing-allow-origin: *
    report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
    nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
    accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
    x-msedge-ref: Ref A: 3813F3CF2FBF4A78985102EB74DDC478 Ref B: FRA31EDGE0510 Ref C: 2025-02-16T02:25:25Z
    date: Sun, 16 Feb 2025 02:25:24 GMT
  • flag-us
    GET
    https://tse1.mm.bing.net/th?id=OADD2.10239360433542_1UJC4903W7XNIUU73&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90
    Remote address:
    150.171.28.10:443
    Request
    GET /th?id=OADD2.10239360433542_1UJC4903W7XNIUU73&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90 HTTP/2.0
    host: tse1.mm.bing.net
    accept: */*
    accept-encoding: gzip, deflate, br
    user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
  • flag-us
    GET
    https://tse1.mm.bing.net/th?id=OADD2.10239339388238_1B1DKEJRUJUG2JDMP&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90
    Remote address:
    150.171.28.10:443
    Request
    GET /th?id=OADD2.10239339388238_1B1DKEJRUJUG2JDMP&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90 HTTP/2.0
    host: tse1.mm.bing.net
    accept: */*
    accept-encoding: gzip, deflate, br
    user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
  • flag-us
    GET
    https://tse1.mm.bing.net/th?id=OADD2.10239340418566_1KUOCUMD7VRU52NBF&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90
    Remote address:
    150.171.28.10:443
    Request
    GET /th?id=OADD2.10239340418566_1KUOCUMD7VRU52NBF&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90 HTTP/2.0
    host: tse1.mm.bing.net
    accept: */*
    accept-encoding: gzip, deflate, br
    user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
  • 150.171.27.10:443
    https://g.bing.com/neg/0?action=emptycreativeimpression&adUnitId=11730597&publisherId=251978541&rid=c94cfcb8b8a649a4af8f29f3ae571f36&localId=w:0926CBB6-AA0B-F8CF-5045-569FA1599743&deviceId=6966574813478974&anid=
    tls, http2
    3.0kB
     11.8kB
     26
    18

    HTTP Request

    GET https://g.bing.com/neg/0?action=emptycreativeimpression&adUnitId=11730597&publisherId=251978541&rid=c94cfcb8b8a649a4af8f29f3ae571f36&localId=w:0926CBB6-AA0B-F8CF-5045-569FA1599743&deviceId=6966574813478974&anid=

    HTTP Response

    204

    HTTP Request

    GET https://g.bing.com/neg/0?action=emptycreative&adUnitId=11730597&publisherId=251978541&rid=c94cfcb8b8a649a4af8f29f3ae571f36&localId=w:0926CBB6-AA0B-F8CF-5045-569FA1599743&deviceId=6966574813478974&anid=

    HTTP Response

    204

    HTTP Request

    GET https://g.bing.com/neg/0?action=emptycreativeimpression&adUnitId=11730597&publisherId=251978541&rid=c94cfcb8b8a649a4af8f29f3ae571f36&localId=w:0926CBB6-AA0B-F8CF-5045-569FA1599743&deviceId=6966574813478974&anid=

    HTTP Response

    204
  • 2.18.66.65:443
    https://www.bing.com/th?id=OADD2.10239414284817_1UVYYSBXC4CID8KBL&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=48&h=48&dynsize=1&qlt=90
    tls, http2
    1.8kB
     8.6kB
     20
    16

    HTTP Request

    GET https://www.bing.com/th?id=OADD2.10239414284817_1UVYYSBXC4CID8KBL&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=48&h=48&dynsize=1&qlt=90

    HTTP Response

    200
  • 3.214.119.249:443
    httpbin.org
    tls
    3bf45d9e1a4948475d8770f14d50fcf227eb60484f892fab04896e95c16fe8ac.exe
    1.6kB
     6.5kB
     15
    15
  • 166.1.36.226:80
    http://home.fivejj5sr.top/fWukggcxTlVTnBnJjsCp1739361436
    http
    3bf45d9e1a4948475d8770f14d50fcf227eb60484f892fab04896e95c16fe8ac.exe
    127.4kB
     2.1kB
     96
    43

    HTTP Request

    POST http://home.fivejj5sr.top/fWukggcxTlVTnBnJjsCp1739361436

    HTTP Response

    504
  • 4.151.228.221:443
    https://msedge.api.cdp.microsoft.com/api/v1.1/internal/contents/Browser/namespaces/Default/names/msedgewebview-stable-win-x64/versions/133.0.3065.69/files?action=GenerateDownloadInfo&foregroundPriority=false
    tls, http2
    6.1kB
     20.9kB
     29
    27

    HTTP Request

    POST https://msedge.api.cdp.microsoft.com/api/v2/contents/Browser/namespaces/Default/names?action=batchupdates

    HTTP Response

    200

    HTTP Request

    POST https://msedge.api.cdp.microsoft.com/api/v1.1/internal/contents/Browser/namespaces/Default/names/msedge-stable-win-x64/versions/133.0.3065.59/files?action=GenerateDownloadInfo&foregroundPriority=false

    HTTP Response

    200

    HTTP Request

    POST https://msedge.api.cdp.microsoft.com/api/v1.1/internal/contents/Browser/namespaces/Default/names/msedgewebview-stable-win-x64/versions/133.0.3065.69/files?action=GenerateDownloadInfo&foregroundPriority=false

    HTTP Response

    200
  • 104.77.160.217:80
    http://msedge.b.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/fed55805-2e85-41d8-b4e3-4ef6b5ebf63a?P1=1740277441&P2=404&P3=2&P4=DyGIXSruLcUJ0y7%2bf%2b1rvkhU8B7OU7hfBXXAXQMzwmqez3b5PoCUU5%2b4hVvvLhFKzHYplDspy%2byeMjGJ824frQ%3d%3d
    http
    48.8kB
     1.3MB
     727
    917

    HTTP Request

    HEAD http://msedge.b.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/fed55805-2e85-41d8-b4e3-4ef6b5ebf63a?P1=1740277441&P2=404&P3=2&P4=DyGIXSruLcUJ0y7%2bf%2b1rvkhU8B7OU7hfBXXAXQMzwmqez3b5PoCUU5%2b4hVvvLhFKzHYplDspy%2byeMjGJ824frQ%3d%3d

    HTTP Response

    200

    HTTP Request

    GET http://msedge.b.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/fed55805-2e85-41d8-b4e3-4ef6b5ebf63a?P1=1740277441&P2=404&P3=2&P4=DyGIXSruLcUJ0y7%2bf%2b1rvkhU8B7OU7hfBXXAXQMzwmqez3b5PoCUU5%2b4hVvvLhFKzHYplDspy%2byeMjGJ824frQ%3d%3d

    HTTP Response

    206

    HTTP Request

    GET http://msedge.b.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/fed55805-2e85-41d8-b4e3-4ef6b5ebf63a?P1=1740277441&P2=404&P3=2&P4=DyGIXSruLcUJ0y7%2bf%2b1rvkhU8B7OU7hfBXXAXQMzwmqez3b5PoCUU5%2b4hVvvLhFKzHYplDspy%2byeMjGJ824frQ%3d%3d

    HTTP Response

    206

    HTTP Request

    GET http://msedge.b.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/fed55805-2e85-41d8-b4e3-4ef6b5ebf63a?P1=1740277441&P2=404&P3=2&P4=DyGIXSruLcUJ0y7%2bf%2b1rvkhU8B7OU7hfBXXAXQMzwmqez3b5PoCUU5%2b4hVvvLhFKzHYplDspy%2byeMjGJ824frQ%3d%3d

    HTTP Response

    206

    HTTP Request

    GET http://msedge.b.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/fed55805-2e85-41d8-b4e3-4ef6b5ebf63a?P1=1740277441&P2=404&P3=2&P4=DyGIXSruLcUJ0y7%2bf%2b1rvkhU8B7OU7hfBXXAXQMzwmqez3b5PoCUU5%2b4hVvvLhFKzHYplDspy%2byeMjGJ824frQ%3d%3d

    HTTP Response

    206

    HTTP Request

    GET http://msedge.b.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/fed55805-2e85-41d8-b4e3-4ef6b5ebf63a?P1=1740277441&P2=404&P3=2&P4=DyGIXSruLcUJ0y7%2bf%2b1rvkhU8B7OU7hfBXXAXQMzwmqez3b5PoCUU5%2b4hVvvLhFKzHYplDspy%2byeMjGJ824frQ%3d%3d

    HTTP Response

    206

    HTTP Request

    GET http://msedge.b.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/fed55805-2e85-41d8-b4e3-4ef6b5ebf63a?P1=1740277441&P2=404&P3=2&P4=DyGIXSruLcUJ0y7%2bf%2b1rvkhU8B7OU7hfBXXAXQMzwmqez3b5PoCUU5%2b4hVvvLhFKzHYplDspy%2byeMjGJ824frQ%3d%3d

    HTTP Response

    206

    HTTP Request

    GET http://msedge.b.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/fed55805-2e85-41d8-b4e3-4ef6b5ebf63a?P1=1740277441&P2=404&P3=2&P4=DyGIXSruLcUJ0y7%2bf%2b1rvkhU8B7OU7hfBXXAXQMzwmqez3b5PoCUU5%2b4hVvvLhFKzHYplDspy%2byeMjGJ824frQ%3d%3d

    HTTP Response

    206

    HTTP Request

    GET http://msedge.b.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/fed55805-2e85-41d8-b4e3-4ef6b5ebf63a?P1=1740277441&P2=404&P3=2&P4=DyGIXSruLcUJ0y7%2bf%2b1rvkhU8B7OU7hfBXXAXQMzwmqez3b5PoCUU5%2b4hVvvLhFKzHYplDspy%2byeMjGJ824frQ%3d%3d

    HTTP Response

    206

    HTTP Request

    GET http://msedge.b.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/fed55805-2e85-41d8-b4e3-4ef6b5ebf63a?P1=1740277441&P2=404&P3=2&P4=DyGIXSruLcUJ0y7%2bf%2b1rvkhU8B7OU7hfBXXAXQMzwmqez3b5PoCUU5%2b4hVvvLhFKzHYplDspy%2byeMjGJ824frQ%3d%3d

    HTTP Response

    206

    HTTP Request

    GET http://msedge.b.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/fed55805-2e85-41d8-b4e3-4ef6b5ebf63a?P1=1740277441&P2=404&P3=2&P4=DyGIXSruLcUJ0y7%2bf%2b1rvkhU8B7OU7hfBXXAXQMzwmqez3b5PoCUU5%2b4hVvvLhFKzHYplDspy%2byeMjGJ824frQ%3d%3d

    HTTP Response

    206

    HTTP Request

    GET http://msedge.b.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/fed55805-2e85-41d8-b4e3-4ef6b5ebf63a?P1=1740277441&P2=404&P3=2&P4=DyGIXSruLcUJ0y7%2bf%2b1rvkhU8B7OU7hfBXXAXQMzwmqez3b5PoCUU5%2b4hVvvLhFKzHYplDspy%2byeMjGJ824frQ%3d%3d

    HTTP Response

    206
  • 166.1.36.226:80
    http://home.fivejj5sr.top/fWukggcxTlVTnBnJjsCp1739361436
    http
    3bf45d9e1a4948475d8770f14d50fcf227eb60484f892fab04896e95c16fe8ac.exe
    597 B
     544 B
     7
    4

    HTTP Request

    POST http://home.fivejj5sr.top/fWukggcxTlVTnBnJjsCp1739361436

    HTTP Response

    404
  • 150.171.28.10:443
    tse1.mm.bing.net
    tls
    1.4kB
     140 B
     8
    3
  • 150.171.28.10:443
    tse1.mm.bing.net
    tls
    1.4kB
     192 B
     9
    4
  • 150.171.28.10:443
    tse1.mm.bing.net
    tls
    1.4kB
     192 B
     9
    4
  • 150.171.28.10:443
    tse1.mm.bing.net
    tls
    1.4kB
     192 B
     9
    4
  • 150.171.28.10:443
    tse1.mm.bing.net
    tls
    1.4kB
     192 B
     9
    4
  • 150.171.28.10:443
    tse1.mm.bing.net
    tls
    436 B
     132 B
     4
    3
  • 150.171.28.10:443
    tse1.mm.bing.net
    tls
    826 B
     184 B
     7
    4
  • 150.171.28.10:443
    tse1.mm.bing.net
    801 B
     172 B
     9
    4
  • 150.171.28.10:443
    tse1.mm.bing.net
    tls
    436 B
     132 B
     4
    3
  • 150.171.28.10:443
    tse1.mm.bing.net
    tls
    657 B
     184 B
     6
    4
  • 150.171.28.10:443
    tse1.mm.bing.net
    242 B
     92 B
     5
    2
  • 150.171.28.10:443
    tse1.mm.bing.net
    196 B
     132 B
     4
    3
  • 150.171.28.10:443
    tse1.mm.bing.net
    190 B
     132 B
     4
    3
  • 150.171.28.10:443
    tse1.mm.bing.net
    tls, http2
    1.9kB
     8.7kB
     19
    12
  • 150.171.28.10:443
    tse1.mm.bing.net
    190 B
     132 B
     4
    3
  • 150.171.28.10:443
    https://tse1.mm.bing.net/th?id=OADD2.10239340418566_1KUOCUMD7VRU52NBF&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90
    tls, http2
    8.9kB
     153.0kB
     124
    118

    HTTP Request

    GET https://tse1.mm.bing.net/th?id=OADD2.10239339388239_1FMFJEKV2DXW3LPOK&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90

    HTTP Request

    GET https://tse1.mm.bing.net/th?id=OADD2.10239360433542_1UJC4903W7XNIUU73&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90

    HTTP Request

    GET https://tse1.mm.bing.net/th?id=OADD2.10239339388238_1B1DKEJRUJUG2JDMP&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90

    HTTP Response

    200

    HTTP Request

    GET https://tse1.mm.bing.net/th?id=OADD2.10239340418566_1KUOCUMD7VRU52NBF&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90
  • 8.8.8.8:53
    httpbin.org
    dns
    3bf45d9e1a4948475d8770f14d50fcf227eb60484f892fab04896e95c16fe8ac.exe
    468 B
     150 B
     6
    1

    DNS Request

    httpbin.org

    DNS Request

    httpbin.org

    DNS Request

    httpbin.org

    DNS Request

    httpbin.org

    DNS Request

    httpbin.org

    DNS Request

    httpbin.org

  • 8.8.8.8:53
    g.bing.com
    dns
    56 B
     148 B
     1
    1

    DNS Request

    g.bing.com

    DNS Response

    150.171.27.10
    150.171.28.10

  • 8.8.8.8:53
    httpbin.org
    dns
    3bf45d9e1a4948475d8770f14d50fcf227eb60484f892fab04896e95c16fe8ac.exe
    160 B
     250 B
     2
    2

    DNS Request

    httpbin.org

    DNS Request

    httpbin.org

    DNS Response

    3.214.119.249
    3.208.239.150

  • 8.8.8.8:53
    home.fivejj5sr.top
    dns
    3bf45d9e1a4948475d8770f14d50fcf227eb60484f892fab04896e95c16fe8ac.exe
    348 B
     91 B
     4
    1

    DNS Request

    home.fivejj5sr.top

    DNS Request

    home.fivejj5sr.top

    DNS Request

    home.fivejj5sr.top

    DNS Request

    home.fivejj5sr.top

    DNS Response

    166.1.36.226

  • 8.8.8.8:53
    msedge.api.cdp.microsoft.com
    dns
    148 B
     158 B
     2
    1

    DNS Request

    msedge.api.cdp.microsoft.com

    DNS Request

    msedge.api.cdp.microsoft.com

    DNS Response

    4.151.228.221

  • 8.8.8.8:53
    msedge.b.tlu.dl.delivery.mp.microsoft.com
    dns
    87 B
     328 B
     1
    1

    DNS Request

    msedge.b.tlu.dl.delivery.mp.microsoft.com

    DNS Response

    104.77.160.217
    104.77.160.196

  • 8.8.8.8:53
    home.fivejj5sr.top
    dns
    3bf45d9e1a4948475d8770f14d50fcf227eb60484f892fab04896e95c16fe8ac.exe
    348 B
     226 B
     4
    2

    DNS Request

    home.fivejj5sr.top

    DNS Request

    home.fivejj5sr.top

    DNS Request

    home.fivejj5sr.top

    DNS Request

    home.fivejj5sr.top

    DNS Response

    166.1.36.226

  • 8.8.8.8:53
    tse1.mm.bing.net
    dns
    186 B
     170 B
     3
    1

    DNS Request

    tse1.mm.bing.net

    DNS Request

    tse1.mm.bing.net

    DNS Request

    tse1.mm.bing.net

    DNS Response

    150.171.28.10
    150.171.27.10

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/3008-0-0x00000000003E0000-0x0000000001105000-memory.dmp

    Filesize

    13.1MB

    Download

  • memory/3008-1-0x0000000077DB4000-0x0000000077DB6000-memory.dmp

    Filesize

    8KB

    Download

  • memory/3008-2-0x00000000003E1000-0x000000000067B000-memory.dmp

    Filesize

    2.6MB

    Download

  • memory/3008-3-0x00000000003E0000-0x0000000001105000-memory.dmp

    Filesize

    13.1MB

    Download

  • memory/3008-4-0x00000000003E0000-0x0000000001105000-memory.dmp

    Filesize

    13.1MB

    Download

  • memory/3008-5-0x00000000003E0000-0x0000000001105000-memory.dmp

    Filesize

    13.1MB

    Download

  • memory/3008-6-0x00000000003E0000-0x0000000001105000-memory.dmp

    Filesize

    13.1MB

    Download

  • memory/3008-7-0x00000000003E0000-0x0000000001105000-memory.dmp

    Filesize

    13.1MB

    Download

  • memory/3008-8-0x00000000003E0000-0x0000000001105000-memory.dmp

    Filesize

    13.1MB

    Download

  • memory/3008-9-0x00000000003E0000-0x0000000001105000-memory.dmp

    Filesize

    13.1MB

    Download

  • memory/3008-10-0x00000000003E0000-0x0000000001105000-memory.dmp

    Filesize

    13.1MB

    Download

  • memory/3008-11-0x00000000003E0000-0x0000000001105000-memory.dmp

    Filesize

    13.1MB

    Download

  • memory/3008-12-0x00000000003E0000-0x0000000001105000-memory.dmp

    Filesize

    13.1MB

    Download

  • memory/3008-13-0x00000000003E0000-0x0000000001105000-memory.dmp

    Filesize

    13.1MB

    Download

  • memory/3008-14-0x00000000003E0000-0x0000000001105000-memory.dmp

    Filesize

    13.1MB

    Download

  • memory/3008-16-0x00000000003E0000-0x0000000001105000-memory.dmp

    Filesize

    13.1MB

    Download

  • memory/3008-17-0x00000000003E0000-0x0000000001105000-memory.dmp

    Filesize

    13.1MB

    Download

  • memory/3008-18-0x00000000003E0000-0x0000000001105000-memory.dmp

    Filesize

    13.1MB

    Download

  • memory/3008-19-0x00000000003E0000-0x0000000001105000-memory.dmp

    Filesize

    13.1MB

    Download

  • memory/3008-20-0x00000000003E0000-0x0000000001105000-memory.dmp

    Filesize

    13.1MB

    Download

  • memory/3008-21-0x00000000003E0000-0x0000000001105000-memory.dmp

    Filesize

    13.1MB

    Download

  • memory/3008-22-0x00000000003E0000-0x0000000001105000-memory.dmp

    Filesize

    13.1MB

    Download

  • memory/3008-23-0x00000000003E0000-0x0000000001105000-memory.dmp

    Filesize

    13.1MB

    Download

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.