6c7dec68b134fdac9247bec027c295c5121c0814f2c05e7274caab10f3580212

Analysis

max time kernel
299s
max time network
300s
platform
windows10-2004_x64
resource
win10v2004-20250313-en
resource tags

arch:x64arch:x86image:win10v2004-20250313-enlocale:en-usos:windows10-2004-x64system
submitted
18/03/2025, 04:41 UTC

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

6c7dec68b134fdac9247bec027c295c5121c0814f2c05e7274caab10f3580212.exe
Size

897KB
MD5

879e8ec49af82fad3cba14f8c2660897
SHA1

afe0e172efb08a300e5b0637289151753b810cfb
SHA256

6c7dec68b134fdac9247bec027c295c5121c0814f2c05e7274caab10f3580212
SHA512

f2264d1301c104311e82f28f4382fbde7bf1022be76b4aa097ebc0d8abd719cce9033ac389cf949d74972fb127dcc1d3c61643305c3b9cb9ea7731779fc30d67
SSDEEP

12288:/qDEvFo+yo4DdbbMWu/jrQu4M9lBAlKhQcDGB3cuBNGE6iOrpfe4JdaDgaSTa:/qDEvCTbMWu7rQYlBQcBiT6rprG8aya

Score

7^/10

discovery

Malware Config

Signatures

Loads dropped DLL 1 IoCs

pid	Process
5980	msedge.exe

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping5980_1367471735\adblock_snippet.js	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping5980_1367471735\Filtering Rules-CA	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping5980_353053472\auto_open_controller.js	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping5980_353053472\edge_driver.js	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping5980_1387330171\manifest.fingerprint	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping5980_429123229\Microsoft.CognitiveServices.Speech.core.dll	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping5980_906642784\hyph-af.hyb	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping5980_906642784\hyph-da.hyb	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping5980_906642784\hyph-en-us.hyb	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping5980_906642784\hyph-sq.hyb	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping5980_906642784\hyph-ta.hyb	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping5980_906642784\hyph-uk.hyb	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping5980_906642784\_metadata\verified_contents.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping5980_1367471735\Filtering Rules-AA	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping5980_1367471735\Part-ES	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping5980_353053472\product_page.js	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping5980_353053472\shopping_iframe_driver.js	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping5980_2137099460\_metadata\verified_contents.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping5980_906642784\hyph-et.hyb	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping5980_906642784\hyph-hi.hyb	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping5980_906642784\hyph-tk.hyb	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping5980_906642784\hyph-el.hyb	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping5980_1492486439\manifest.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping5980_1387330171\well_known_domains.dll	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping5980_906642784\hyph-de-1996.hyb	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping5980_906642784\hyph-und-ethi.hyb	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping5980_353053472\shopping.js	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping5980_353053472\shopping_fre.html	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping5980_906642784\hyph-as.hyb	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping5980_906642784\hyph-hr.hyb	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping5980_906642784\hyph-mn-cyrl.hyb	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping5980_906642784\hyph-mr.hyb	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping5980_906642784\hyph-mul-ethi.hyb	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping5980_1367471735\Filtering Rules	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping5980_1367471735\LICENSE	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping5980_1367471735\Part-IT	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping5980_906642784\hyph-ga.hyb	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping5980_906642784\hyph-sv.hyb	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping5980_906642784\hyph-bg.hyb	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping5980_906642784\hyph-fr.hyb	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping5980_906642784\manifest.fingerprint	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping5980_1367471735\Part-FR	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping5980_2137099460\manifest.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping5980_2137099460\manifest.fingerprint	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping5980_1387330171\manifest.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping5980_906642784\hyph-la.hyb	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping5980_906642784\hyph-lt.hyb	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping5980_906642784\hyph-ru.hyb	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping5980_906642784\hyph-lv.hyb	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping5980_906642784\hyph-ml.hyb	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping5980_2137099460\sets.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping5980_906642784\hyph-cy.hyb	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping5980_906642784\hyph-gu.hyb	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping5980_906642784\hyph-te.hyb	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping5980_1367471735\Part-NL	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping5980_1367471735\manifest.fingerprint	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping5980_2137099460\LICENSE	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping5980_906642784\hyph-cu.hyb	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping5980_906642784\hyph-es.hyb	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping5980_906642784\hyph-hy.hyb	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping5980_906642784\hyph-it.hyb	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping5980_906642784\hyph-nl.hyb	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping5980_353053472\edge_checkout_page_validator.js	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping5980_353053472\shopping.html	msedge.exe

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	6c7dec68b134fdac9247bec027c295c5121c0814f2c05e7274caab10f3580212.exe

Checks processor information in registry 2 TTPs 2 IoCs

Processor information is often read in order to detect sandboxing environments.

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier	msedge.exe

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	msedge.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133867465152645204"	msedge.exe

Modifies registry class 3 IoCs

description	ioc	Process
Key created	\REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-1279544337-3716153908-718418795-1000\{E911C995-6EC0-4AFA-A3F8-8AFA43A79B67}	msedge.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{1f3427c8-5c10-4210-aa03-2ee45287d668}\Instance\	msedge.exe
Key created	\REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-1279544337-3716153908-718418795-1000\{BACE67F8-5836-4FC3-BAC2-0020ECE369DC}	msedge.exe

Suspicious behavior: EnumeratesProcesses 2 IoCs

pid	Process
5096	msedge.exe
5096	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 7 IoCs

pid	Process
5980	msedge.exe
5980	msedge.exe
5980	msedge.exe
5980	msedge.exe
5980	msedge.exe
5980	msedge.exe
5980	msedge.exe

Suspicious use of FindShellTrayWindow 4 IoCs

pid	Process
3168	6c7dec68b134fdac9247bec027c295c5121c0814f2c05e7274caab10f3580212.exe
3168	6c7dec68b134fdac9247bec027c295c5121c0814f2c05e7274caab10f3580212.exe
3168	6c7dec68b134fdac9247bec027c295c5121c0814f2c05e7274caab10f3580212.exe
5980	msedge.exe

Suspicious use of SendNotifyMessage 3 IoCs

pid	Process
3168	6c7dec68b134fdac9247bec027c295c5121c0814f2c05e7274caab10f3580212.exe
3168	6c7dec68b134fdac9247bec027c295c5121c0814f2c05e7274caab10f3580212.exe
3168	6c7dec68b134fdac9247bec027c295c5121c0814f2c05e7274caab10f3580212.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 3168 wrote to memory of 5980	3168	6c7dec68b134fdac9247bec027c295c5121c0814f2c05e7274caab10f3580212.exe	87
PID 3168 wrote to memory of 5980	3168	6c7dec68b134fdac9247bec027c295c5121c0814f2c05e7274caab10f3580212.exe	87
PID 3168 wrote to memory of 4304	3168	6c7dec68b134fdac9247bec027c295c5121c0814f2c05e7274caab10f3580212.exe	89
PID 3168 wrote to memory of 4304	3168	6c7dec68b134fdac9247bec027c295c5121c0814f2c05e7274caab10f3580212.exe	89
PID 5980 wrote to memory of 1368	5980	msedge.exe	90
PID 5980 wrote to memory of 1368	5980	msedge.exe	90
PID 3168 wrote to memory of 1756	3168	6c7dec68b134fdac9247bec027c295c5121c0814f2c05e7274caab10f3580212.exe	91
PID 3168 wrote to memory of 1756	3168	6c7dec68b134fdac9247bec027c295c5121c0814f2c05e7274caab10f3580212.exe	91
PID 5980 wrote to memory of 5840	5980	msedge.exe	93
PID 5980 wrote to memory of 5840	5980	msedge.exe	93
PID 5980 wrote to memory of 3980	5980	msedge.exe	92
PID 5980 wrote to memory of 3980	5980	msedge.exe	92
PID 5980 wrote to memory of 5840	5980	msedge.exe	93
PID 5980 wrote to memory of 5840	5980	msedge.exe	93
PID 5980 wrote to memory of 5840	5980	msedge.exe	93
PID 5980 wrote to memory of 5840	5980	msedge.exe	93
PID 5980 wrote to memory of 5840	5980	msedge.exe	93
PID 5980 wrote to memory of 5840	5980	msedge.exe	93
PID 5980 wrote to memory of 5840	5980	msedge.exe	93
PID 5980 wrote to memory of 5840	5980	msedge.exe	93
PID 5980 wrote to memory of 5840	5980	msedge.exe	93
PID 5980 wrote to memory of 5840	5980	msedge.exe	93
PID 5980 wrote to memory of 5840	5980	msedge.exe	93
PID 5980 wrote to memory of 5840	5980	msedge.exe	93
PID 5980 wrote to memory of 5840	5980	msedge.exe	93
PID 5980 wrote to memory of 5840	5980	msedge.exe	93
PID 5980 wrote to memory of 5840	5980	msedge.exe	93
PID 5980 wrote to memory of 5840	5980	msedge.exe	93
PID 5980 wrote to memory of 5840	5980	msedge.exe	93
PID 5980 wrote to memory of 5840	5980	msedge.exe	93
PID 5980 wrote to memory of 5840	5980	msedge.exe	93
PID 5980 wrote to memory of 5840	5980	msedge.exe	93
PID 5980 wrote to memory of 5840	5980	msedge.exe	93
PID 5980 wrote to memory of 5840	5980	msedge.exe	93
PID 5980 wrote to memory of 5840	5980	msedge.exe	93
PID 5980 wrote to memory of 5840	5980	msedge.exe	93
PID 5980 wrote to memory of 5840	5980	msedge.exe	93
PID 5980 wrote to memory of 5840	5980	msedge.exe	93
PID 5980 wrote to memory of 5840	5980	msedge.exe	93
PID 5980 wrote to memory of 5840	5980	msedge.exe	93
PID 5980 wrote to memory of 5840	5980	msedge.exe	93
PID 5980 wrote to memory of 5840	5980	msedge.exe	93
PID 5980 wrote to memory of 5840	5980	msedge.exe	93
PID 5980 wrote to memory of 5840	5980	msedge.exe	93
PID 5980 wrote to memory of 5840	5980	msedge.exe	93
PID 5980 wrote to memory of 5840	5980	msedge.exe	93
PID 5980 wrote to memory of 5840	5980	msedge.exe	93
PID 5980 wrote to memory of 5840	5980	msedge.exe	93
PID 5980 wrote to memory of 5840	5980	msedge.exe	93
PID 5980 wrote to memory of 5840	5980	msedge.exe	93
PID 5980 wrote to memory of 5840	5980	msedge.exe	93
PID 5980 wrote to memory of 5840	5980	msedge.exe	93
PID 5980 wrote to memory of 5840	5980	msedge.exe	93
PID 5980 wrote to memory of 5840	5980	msedge.exe	93
PID 5980 wrote to memory of 5840	5980	msedge.exe	93
PID 5980 wrote to memory of 5840	5980	msedge.exe	93
PID 5980 wrote to memory of 5840	5980	msedge.exe	93
PID 5980 wrote to memory of 5840	5980	msedge.exe	93
PID 5980 wrote to memory of 5840	5980	msedge.exe	93
PID 5980 wrote to memory of 5840	5980	msedge.exe	93
PID 5980 wrote to memory of 5840	5980	msedge.exe	93
PID 5980 wrote to memory of 4608	5980	msedge.exe	94
PID 5980 wrote to memory of 4608	5980	msedge.exe	94
PID 5980 wrote to memory of 4608	5980	msedge.exe	94

C:\Users\Admin\AppData\Local\Temp\6c7dec68b134fdac9247bec027c295c5121c0814f2c05e7274caab10f3580212.exe
"C:\Users\Admin\AppData\Local\Temp\6c7dec68b134fdac9247bec027c295c5121c0814f2c05e7274caab10f3580212.exe"
1⤵
- System Location Discovery: System Language Discovery
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:3168
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.youtube.com/account
  2⤵
  - Loads dropped DLL
  - Drops file in Program Files directory
  - Checks processor information in registry
  - Enumerates system info in registry
  - Modifies data under HKEY_USERS
  - Modifies registry class
  - Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
  - Suspicious use of FindShellTrayWindow
  - Suspicious use of WriteProcessMemory
  PID:5980
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=133.0.6943.99 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 --annotation=prod=Edge --annotation=ver=133.0.3065.69 --initial-client-data=0x2c8,0x2cc,0x2d0,0x2c4,0x354,0x7ffb01d9f208,0x7ffb01d9f214,0x7ffb01d9f220
    3⤵
    PID:1368
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --string-annotations --always-read-main-dll --field-trial-handle=1932,i,15686472493301041050,9172371892503501713,262144 --variations-seed-version --mojo-platform-channel-handle=2376 /prefetch:3
    3⤵
    PID:3980
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --string-annotations --gpu-preferences=UAAAAAAAAADgAAAEAAAAAAAAAAAAAAAAAABgAAEAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAEAAAAAAAAAAIAAAAAAAAAAgAAAAAAAAA --always-read-main-dll --field-trial-handle=2320,i,15686472493301041050,9172371892503501713,262144 --variations-seed-version --mojo-platform-channel-handle=2256 /prefetch:2
    3⤵
    PID:5840
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --string-annotations --always-read-main-dll --field-trial-handle=2596,i,15686472493301041050,9172371892503501713,262144 --variations-seed-version --mojo-platform-channel-handle=2736 /prefetch:8
    3⤵
    PID:4608
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --always-read-main-dll --field-trial-handle=3440,i,15686472493301041050,9172371892503501713,262144 --variations-seed-version --mojo-platform-channel-handle=3524 /prefetch:1
    3⤵
    PID:4868
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --always-read-main-dll --field-trial-handle=3448,i,15686472493301041050,9172371892503501713,262144 --variations-seed-version --mojo-platform-channel-handle=3528 /prefetch:1
    3⤵
    PID:4876
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --always-read-main-dll --field-trial-handle=4352,i,15686472493301041050,9172371892503501713,262144 --variations-seed-version --mojo-platform-channel-handle=4340 /prefetch:1
    3⤵
    PID:4912
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --always-read-main-dll --field-trial-handle=4648,i,15686472493301041050,9172371892503501713,262144 --variations-seed-version --mojo-platform-channel-handle=4668 /prefetch:1
    3⤵
    PID:4656
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --always-read-main-dll --field-trial-handle=5304,i,15686472493301041050,9172371892503501713,262144 --variations-seed-version --mojo-platform-channel-handle=5348 /prefetch:1
    3⤵
    PID:4788
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --always-read-main-dll --field-trial-handle=5396,i,15686472493301041050,9172371892503501713,262144 --variations-seed-version --mojo-platform-channel-handle=5496 /prefetch:1
    3⤵
    PID:5676
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5512,i,15686472493301041050,9172371892503501713,262144 --variations-seed-version --mojo-platform-channel-handle=5656 /prefetch:8
    3⤵
    - Modifies registry class
    PID:4804
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5160,i,15686472493301041050,9172371892503501713,262144 --variations-seed-version --mojo-platform-channel-handle=5708 /prefetch:8
    3⤵
    PID:5876
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5968,i,15686472493301041050,9172371892503501713,262144 --variations-seed-version --mojo-platform-channel-handle=4604 /prefetch:8
    3⤵
    PID:1032
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=entity_extraction_service.mojom.Extractor --lang=en-US --service-sandbox-type=entity_extraction --onnx-enabled-for-ee --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5976,i,15686472493301041050,9172371892503501713,262144 --variations-seed-version --mojo-platform-channel-handle=3576 /prefetch:8
    3⤵
    PID:2924
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=PooledProcess2 --lang=en-US --service-sandbox-type=utility --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6240,i,15686472493301041050,9172371892503501713,262144 --variations-seed-version --mojo-platform-channel-handle=6148 /prefetch:8
    3⤵
    PID:5580
- - C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5944,i,15686472493301041050,9172371892503501713,262144 --variations-seed-version --mojo-platform-channel-handle=6496 /prefetch:8
    3⤵
    PID:3432
- - C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5944,i,15686472493301041050,9172371892503501713,262144 --variations-seed-version --mojo-platform-channel-handle=6496 /prefetch:8
    3⤵
    PID:5224
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6564,i,15686472493301041050,9172371892503501713,262144 --variations-seed-version --mojo-platform-channel-handle=6232 /prefetch:8
    3⤵
    PID:3988
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6500,i,15686472493301041050,9172371892503501713,262144 --variations-seed-version --mojo-platform-channel-handle=6364 /prefetch:8
    3⤵
    PID:736
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6552,i,15686472493301041050,9172371892503501713,262144 --variations-seed-version --mojo-platform-channel-handle=6744 /prefetch:8
    3⤵
    PID:2340
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_search_indexer.mojom.SearchIndexerInterfaceBroker --lang=en-US --service-sandbox-type=search_indexer --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6364,i,15686472493301041050,9172371892503501713,262144 --variations-seed-version --mojo-platform-channel-handle=2424 /prefetch:8
    3⤵
    PID:1092
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6896,i,15686472493301041050,9172371892503501713,262144 --variations-seed-version --mojo-platform-channel-handle=6920 /prefetch:8
    3⤵
    PID:5596
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=860,i,15686472493301041050,9172371892503501713,262144 --variations-seed-version --mojo-platform-channel-handle=6912 /prefetch:8
    3⤵
    PID:3640
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6920,i,15686472493301041050,9172371892503501713,262144 --variations-seed-version --mojo-platform-channel-handle=6912 /prefetch:8
    3⤵
    PID:452
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --string-annotations --gpu-preferences=UAAAAAAAAADoAAAEAAAAAAAAAAAAAAAAAABgAAEAAAAAAAAAAAAAAAAAAABCAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAEAAAAAAAAAAIAAAAAAAAAAgAAAAAAAAA --always-read-main-dll --field-trial-handle=864,i,15686472493301041050,9172371892503501713,262144 --variations-seed-version --mojo-platform-channel-handle=7008 /prefetch:8
    3⤵
    - Suspicious behavior: EnumeratesProcesses
    PID:5096
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5932,i,15686472493301041050,9172371892503501713,262144 --variations-seed-version --mojo-platform-channel-handle=3200 /prefetch:8
    3⤵
    PID:2052
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=3080,i,15686472493301041050,9172371892503501713,262144 --variations-seed-version --mojo-platform-channel-handle=6996 /prefetch:8
    3⤵
    PID:5428
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5268,i,15686472493301041050,9172371892503501713,262144 --variations-seed-version --mojo-platform-channel-handle=3540 /prefetch:8
    3⤵
    PID:4936
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6948,i,15686472493301041050,9172371892503501713,262144 --variations-seed-version --mojo-platform-channel-handle=6972 /prefetch:8
    3⤵
    PID:5228
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6888,i,15686472493301041050,9172371892503501713,262144 --variations-seed-version --mojo-platform-channel-handle=5956 /prefetch:8
    3⤵
    PID:5240
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.facebook.com/video
  2⤵
  PID:4304
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://accounts.google.com/
  2⤵
  PID:1756

C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\elevation_service.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\elevation_service.exe"
1⤵
PID:4588

Network

DNS

g.bing.com

Remote address:

8.8.8.8:53

Request

g.bing.com

IN A

Response

g.bing.com

IN CNAME

g-bing-com.ax-0001.ax-msedge.net

g-bing-com.ax-0001.ax-msedge.net

IN CNAME

ax-0001.ax-msedge.net

ax-0001.ax-msedge.net

IN A

150.171.28.10

ax-0001.ax-msedge.net

IN A

150.171.27.10
DNS

edge.microsoft.com

msedge.exe

Remote address:

8.8.8.8:53

Request

edge.microsoft.com

IN A

Response

edge.microsoft.com

IN CNAME

edge-domain.trafficmanager.net

edge-domain.trafficmanager.net

IN CNAME

edge-microsoft-com.dual-a-0036.a-msedge.net

edge-microsoft-com.dual-a-0036.a-msedge.net

IN CNAME

dual-a-0036.a-msedge.net

dual-a-0036.a-msedge.net

IN A

13.107.21.239

dual-a-0036.a-msedge.net

IN A

204.79.197.239
DNS

edge.microsoft.com

msedge.exe

Remote address:

8.8.8.8:53

Request

edge.microsoft.com

IN Unknown

Response

edge.microsoft.com

IN CNAME

edge-domain.trafficmanager.net

edge-domain.trafficmanager.net

IN CNAME

edge-microsoft-com.ax-0002.ax-msedge.net
DNS

www.youtube.com

msedge.exe

Remote address:

8.8.8.8:53

Request

www.youtube.com

IN A

Response

www.youtube.com

IN CNAME

youtube-ui.l.google.com

youtube-ui.l.google.com

IN A

142.250.200.14

youtube-ui.l.google.com

IN A

142.250.178.14

youtube-ui.l.google.com

IN A

142.250.180.14

youtube-ui.l.google.com

IN A

142.250.187.238

youtube-ui.l.google.com

IN A

216.58.212.238

youtube-ui.l.google.com

IN A

172.217.169.46

youtube-ui.l.google.com

IN A

216.58.204.78

youtube-ui.l.google.com

IN A

216.58.201.110

youtube-ui.l.google.com

IN A

142.250.200.46

youtube-ui.l.google.com

IN A

172.217.16.238

youtube-ui.l.google.com

IN A

216.58.213.14

youtube-ui.l.google.com

IN A

172.217.169.14

youtube-ui.l.google.com

IN A

216.58.212.206

youtube-ui.l.google.com

IN A

142.250.187.206

youtube-ui.l.google.com

IN A

142.250.179.238
DNS

www.youtube.com

msedge.exe

Remote address:

8.8.8.8:53

Request

www.youtube.com

IN Unknown

Response

www.youtube.com

IN CNAME

youtube-ui.l.google.com

youtube-ui.l.google.com

IN Unknown
DNS

www.facebook.com

msedge.exe

Remote address:

8.8.8.8:53

Request

www.facebook.com

IN A

Response

www.facebook.com

IN CNAME

star-mini.c10r.facebook.com

star-mini.c10r.facebook.com

IN A

157.240.214.35
DNS

www.facebook.com

msedge.exe

Remote address:

8.8.8.8:53

Request

www.facebook.com

IN Unknown

Response

www.facebook.com

IN CNAME

star-mini.c10r.facebook.com

star-mini.c10r.facebook.com

IN Unknown

h2h3

star-mini.c10r.facebook.com

IN Unknown

star-minifallbackc10rfacebookcomh2h3
DNS

accounts.google.com

msedge.exe

Remote address:

8.8.8.8:53

Request

accounts.google.com

IN A

Response

accounts.google.com

IN A

142.250.153.84
DNS

accounts.google.com

msedge.exe

Remote address:

8.8.8.8:53

Request

accounts.google.com

IN Unknown

Response
DNS

edge.microsoft.com

msedge.exe

Remote address:

8.8.8.8:53

Request

edge.microsoft.com

IN A

Response

edge.microsoft.com

IN CNAME

edge-domain.trafficmanager.net

edge-domain.trafficmanager.net

IN CNAME

edge-microsoft-com.dual-a-0036.a-msedge.net

edge-microsoft-com.dual-a-0036.a-msedge.net

IN CNAME

dual-a-0036.a-msedge.net

dual-a-0036.a-msedge.net

IN A

204.79.197.239

dual-a-0036.a-msedge.net

IN A

13.107.21.239
DNS

edge.microsoft.com

msedge.exe

Remote address:

8.8.8.8:53

Request

edge.microsoft.com

IN Unknown

Response

edge.microsoft.com

IN CNAME

edge-domain.trafficmanager.net

edge-domain.trafficmanager.net

IN CNAME

edge-microsoft-com.ax-0002.ax-msedge.net
GET

http://edge.microsoft.com/browsernetworktime/time/1/current?cup2key=2:V4MQQuB0-C4UqyzXQoVWc2294wO9qjsd0KKlChVO5gY&cup2hreq=e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

msedge.exe

Remote address:

13.107.21.239:80

Request

GET /browsernetworktime/time/1/current?cup2key=2:V4MQQuB0-C4UqyzXQoVWc2294wO9qjsd0KKlChVO5gY&cup2hreq=e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP/1.1
Host: edge.microsoft.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Sec-Mesh-Client-Edge-Version: 133.0.3065.69
Sec-Mesh-Client-Edge-Channel: stable
Sec-Mesh-Client-OS: Windows
Sec-Mesh-Client-OS-Version: 10.0.19041
Sec-Mesh-Client-Arch: x86_64
Sec-Mesh-Client-WebView: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36 Edg/133.0.0.0
Accept-Encoding: gzip, deflate

Response

HTTP/1.1 200 OK

Cache-Control: no-store, must-revalidate, no-cache, max-age=0
Pragma: no-cache
Content-Length: 96
Content-Type: application/json
Content-Encoding: gzip
Expires: Mon, 01 Jan 1990 00:00:00 GMT
X-Frame-Options: sameorigin
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
x-cup-server-proof: 3044022034702933B55B3C965CFA5D7FB8EE62229770ACC90AD3E042F0A39793D8FA09F6022032F64A92B63E82632E039D965F707BE91B08367FD67424578E22DCFA64552621:e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Content-Disposition: attachment; filename='json.txt'
X-Cache: CONFIG_NOCACHE
X-MSEdge-Ref: Ref A: 219B9E4884284C9798B309FDDF74F9DE Ref B: FRA31EDGE0211 Ref C: 2025-03-18T04:41:52Z
Date: Tue, 18 Mar 2025 04:41:51 GMT
DNS

api.edgeoffer.microsoft.com

msedge.exe

Remote address:

8.8.8.8:53

Request

api.edgeoffer.microsoft.com

IN A

Response

api.edgeoffer.microsoft.com

IN CNAME

bingadsedgeextension-prod.trafficmanager.net

bingadsedgeextension-prod.trafficmanager.net

IN CNAME

bingadsedgeextension-prod-europe.azurewebsites.net

bingadsedgeextension-prod-europe.azurewebsites.net

IN CNAME

ssl.bingadsedgeextension-prod-europe.azurewebsites.net

ssl.bingadsedgeextension-prod-europe.azurewebsites.net

IN A

94.245.104.56
DNS

api.edgeoffer.microsoft.com

msedge.exe

Remote address:

8.8.8.8:53

Request

api.edgeoffer.microsoft.com

IN Unknown

Response

api.edgeoffer.microsoft.com

IN CNAME

bingadsedgeextension-prod.trafficmanager.net

bingadsedgeextension-prod.trafficmanager.net

IN CNAME

bingadsedgeextension-prod-europe.azurewebsites.net

bingadsedgeextension-prod-europe.azurewebsites.net

IN CNAME

ssl.bingadsedgeextension-prod-europe.azurewebsites.net
DNS

consent.youtube.com

msedge.exe

Remote address:

8.8.8.8:53

Request

consent.youtube.com

IN A

Response

consent.youtube.com

IN A

142.250.200.46
DNS

consent.youtube.com

msedge.exe

Remote address:

8.8.8.8:53

Request

consent.youtube.com

IN Unknown

Response
DNS

static.xx.fbcdn.net

msedge.exe

Remote address:

8.8.8.8:53

Request

static.xx.fbcdn.net

IN A

Response

static.xx.fbcdn.net

IN CNAME

scontent.xx.fbcdn.net

scontent.xx.fbcdn.net

IN A

163.70.147.23
DNS

static.xx.fbcdn.net

msedge.exe

Remote address:

8.8.8.8:53

Request

static.xx.fbcdn.net

IN Unknown

Response

static.xx.fbcdn.net

IN CNAME

scontent.xx.fbcdn.net

scontent.xx.fbcdn.net

IN Unknown

scontentfallbackxxfbcdnneth2h3

scontent.xx.fbcdn.net

IN Unknown

h2h3
DNS

edge.microsoft.com

msedge.exe

Remote address:

8.8.8.8:53

Request

edge.microsoft.com

IN A

Response

edge.microsoft.com

IN CNAME

edge-domain.trafficmanager.net

edge-domain.trafficmanager.net

IN CNAME

edge-microsoft-com.dual-a-0036.a-msedge.net

edge-microsoft-com.dual-a-0036.a-msedge.net

IN CNAME

dual-a-0036.a-msedge.net

dual-a-0036.a-msedge.net

IN A

13.107.21.239

dual-a-0036.a-msedge.net

IN A

204.79.197.239
DNS

edge.microsoft.com

msedge.exe

Remote address:

8.8.8.8:53

Request

edge.microsoft.com

IN Unknown

Response

edge.microsoft.com

IN CNAME

edge-domain.trafficmanager.net

edge-domain.trafficmanager.net

IN CNAME

edge-microsoft-com.dual-a-0036.a-msedge.net
DNS

accounts.youtube.com

msedge.exe

Remote address:

8.8.8.8:53

Request

accounts.youtube.com

IN A

Response

accounts.youtube.com

IN CNAME

www3.l.google.com

www3.l.google.com

IN A

216.58.201.110
DNS

accounts.youtube.com

msedge.exe

Remote address:

8.8.8.8:53

Request

accounts.youtube.com

IN Unknown

Response

accounts.youtube.com

IN CNAME

www3.l.google.com
DNS

play.google.com

msedge.exe

Remote address:

8.8.8.8:53

Request

play.google.com

IN A

Response

play.google.com

IN A

142.250.187.206
DNS

play.google.com

msedge.exe

Remote address:

8.8.8.8:53

Request

play.google.com

IN Unknown

Response
DNS

www.google.com

msedge.exe

Remote address:

8.8.8.8:53

Request

www.google.com

IN A

Response

www.google.com

IN A

142.250.200.4
DNS

www.google.com

msedge.exe

Remote address:

8.8.8.8:53

Request

www.google.com

IN Unknown

Response

www.google.com

IN Unknown

h2h3
DNS

www.google.com

msedge.exe

Remote address:

8.8.8.8:53

Request

www.google.com

IN A

Response

www.google.com

IN A

142.250.200.4
DNS

www.google.com

msedge.exe

Remote address:

8.8.8.8:53

Request

www.google.com

IN Unknown

Response

www.google.com

IN Unknown

h2h3
GET

https://g.bing.com/neg/0?action=emptycreativeimpression&adUnitId=11730597&publisherId=251978541&rid=cdfcc45d640b486daa2513fdd84bfd45&localId=w:CBB7F54C-C09B-E6A4-2E33-59BBA531C848&deviceId=6966580960794682&anid=

Remote address:

150.171.28.10:443

Request

GET /neg/0?action=emptycreativeimpression&adUnitId=11730597&publisherId=251978541&rid=cdfcc45d640b486daa2513fdd84bfd45&localId=w:CBB7F54C-C09B-E6A4-2E33-59BBA531C848&deviceId=6966580960794682&anid= HTTP/2.0
host: g.bing.com
accept-encoding: gzip, deflate
user-agent: WindowsShellClient/9.0.40929.0 (Windows)

Response

HTTP/2.0 204

cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MUID=33AC3A187A1E609824382FAB7BB2617A; domain=.bing.com; expires=Sun, 12-Apr-2026 04:41:54 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 9FF0C91B0EC34DCF90BC5C131912B5EF Ref B: FRA31EDGE0816 Ref C: 2025-03-18T04:41:54Z
date: Tue, 18 Mar 2025 04:41:53 GMT
GET

https://g.bing.com/neg/0?action=emptycreative&adUnitId=11730597&publisherId=251978541&rid=cdfcc45d640b486daa2513fdd84bfd45&localId=w:CBB7F54C-C09B-E6A4-2E33-59BBA531C848&deviceId=6966580960794682&anid=

Remote address:

150.171.28.10:443

Request

GET /neg/0?action=emptycreative&adUnitId=11730597&publisherId=251978541&rid=cdfcc45d640b486daa2513fdd84bfd45&localId=w:CBB7F54C-C09B-E6A4-2E33-59BBA531C848&deviceId=6966580960794682&anid= HTTP/2.0
host: g.bing.com
accept-encoding: gzip, deflate
user-agent: WindowsShellClient/9.0.40929.0 (Windows)
cookie: MUID=33AC3A187A1E609824382FAB7BB2617A

Response

HTTP/2.0 204

cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MSPTC=2uIvo9J7v8SYy54EuCeuG85Zjf2u9U7y8vqxVqOfrBc; domain=.bing.com; expires=Sun, 12-Apr-2026 04:41:54 GMT; path=/; Partitioned; secure; SameSite=None
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 86C19C52987246B49C54AAF03185D4AB Ref B: FRA31EDGE0816 Ref C: 2025-03-18T04:41:54Z
date: Tue, 18 Mar 2025 04:41:54 GMT
GET

https://g.bing.com/neg/0?action=emptycreativeimpression&adUnitId=11730597&publisherId=251978541&rid=cdfcc45d640b486daa2513fdd84bfd45&localId=w:CBB7F54C-C09B-E6A4-2E33-59BBA531C848&deviceId=6966580960794682&anid=

Remote address:

150.171.28.10:443

Request

GET /neg/0?action=emptycreativeimpression&adUnitId=11730597&publisherId=251978541&rid=cdfcc45d640b486daa2513fdd84bfd45&localId=w:CBB7F54C-C09B-E6A4-2E33-59BBA531C848&deviceId=6966580960794682&anid= HTTP/2.0
host: g.bing.com
accept-encoding: gzip, deflate
user-agent: WindowsShellClient/9.0.40929.0 (Windows)
cookie: MUID=33AC3A187A1E609824382FAB7BB2617A; MSPTC=2uIvo9J7v8SYy54EuCeuG85Zjf2u9U7y8vqxVqOfrBc

Response

HTTP/2.0 204

cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 8EC7217A37DB486392A149DF565CF6CC Ref B: FRA31EDGE0816 Ref C: 2025-03-18T04:41:55Z
date: Tue, 18 Mar 2025 04:41:54 GMT
DNS

edge.microsoft.com

msedge.exe

Remote address:

8.8.8.8:53

Request

edge.microsoft.com

IN A

Response

edge.microsoft.com

IN CNAME

edge-domain.trafficmanager.net

edge-domain.trafficmanager.net

IN CNAME

edge-microsoft-com.ax-0002.ax-msedge.net

edge-microsoft-com.ax-0002.ax-msedge.net

IN CNAME

ax-0002.ax-msedge.net

ax-0002.ax-msedge.net

IN A

150.171.28.11

ax-0002.ax-msedge.net

IN A

150.171.27.11
DNS

edge.microsoft.com

msedge.exe

Remote address:

8.8.8.8:53

Request

edge.microsoft.com

IN Unknown

Response

edge.microsoft.com

IN CNAME

edge-domain.trafficmanager.net

edge-domain.trafficmanager.net

IN CNAME

edge-microsoft-com.dual-a-0036.a-msedge.net
DNS

scontent-lhr6-1.xx.fbcdn.net

msedge.exe

Remote address:

8.8.8.8:53

Request

scontent-lhr6-1.xx.fbcdn.net

IN A

Response

scontent-lhr6-1.xx.fbcdn.net

IN A

163.70.147.23
DNS

scontent-lhr6-1.xx.fbcdn.net

msedge.exe

Remote address:

8.8.8.8:53

Request

scontent-lhr6-1.xx.fbcdn.net

IN Unknown

Response

scontent-lhr6-1.xx.fbcdn.net

IN Unknown

h2h3
DNS

scontent-lhr8-1.xx.fbcdn.net

msedge.exe

Remote address:

8.8.8.8:53

Request

scontent-lhr8-1.xx.fbcdn.net

IN A

Response

scontent-lhr8-1.xx.fbcdn.net

IN A

157.240.221.16
DNS

scontent-lhr8-1.xx.fbcdn.net

msedge.exe

Remote address:

8.8.8.8:53

Request

scontent-lhr8-1.xx.fbcdn.net

IN Unknown

Response

scontent-lhr8-1.xx.fbcdn.net

IN Unknown

h2h3
DNS

scontent.xx.fbcdn.net

msedge.exe

Remote address:

8.8.8.8:53

Request

scontent.xx.fbcdn.net

IN A

Response

scontent.xx.fbcdn.net

IN A

163.70.147.23
DNS

scontent.xx.fbcdn.net

msedge.exe

Remote address:

8.8.8.8:53

Request

scontent.xx.fbcdn.net

IN Unknown

Response

scontent.xx.fbcdn.net

IN Unknown

h2h3

scontent.xx.fbcdn.net

IN Unknown

scontentfallbackxxfbcdnneth2h3
DNS

edge.microsoft.com

msedge.exe

Remote address:

8.8.8.8:53

Request

edge.microsoft.com

IN A

Response

edge.microsoft.com

IN CNAME

edge-domain.trafficmanager.net

edge-domain.trafficmanager.net

IN CNAME

edge-microsoft-com.ax-0002.ax-msedge.net

edge-microsoft-com.ax-0002.ax-msedge.net

IN CNAME

ax-0002.ax-msedge.net

ax-0002.ax-msedge.net

IN A

150.171.27.11

ax-0002.ax-msedge.net

IN A

150.171.28.11
DNS

edge.microsoft.com

msedge.exe

Remote address:

8.8.8.8:53

Request

edge.microsoft.com

IN Unknown

Response

edge.microsoft.com

IN CNAME

edge-domain.trafficmanager.net

edge-domain.trafficmanager.net

IN CNAME

edge-microsoft-com.dual-a-0036.a-msedge.net
DNS

edgeassetservice.azureedge.net

msedge.exe

Remote address:

8.8.8.8:53

Request

edgeassetservice.azureedge.net

IN A

Response

edgeassetservice.azureedge.net

IN CNAME

edgeassetservice.afd.azureedge.net

edgeassetservice.afd.azureedge.net

IN CNAME

azureedge-t-prod.trafficmanager.net

azureedge-t-prod.trafficmanager.net

IN CNAME

shed.dual-low.s-part-0036.t-0009.t-msedge.net

shed.dual-low.s-part-0036.t-0009.t-msedge.net

IN CNAME

s-part-0036.t-0009.t-msedge.net

s-part-0036.t-0009.t-msedge.net

IN A

13.107.246.64
DNS

edgeassetservice.azureedge.net

msedge.exe

Remote address:

8.8.8.8:53

Request

edgeassetservice.azureedge.net

IN Unknown

Response

edgeassetservice.azureedge.net

IN CNAME

edgeassetservice.afd.azureedge.net

edgeassetservice.afd.azureedge.net

IN CNAME

azureedge-t-prod.trafficmanager.net

azureedge-t-prod.trafficmanager.net

IN CNAME

shed.dual-low.s-part-0036.t-0009.t-msedge.net

shed.dual-low.s-part-0036.t-0009.t-msedge.net

IN CNAME

s-part-0036.t-0009.t-msedge.net
DNS

edge-consumer-static.azureedge.net

msedge.exe

Remote address:

8.8.8.8:53

Request

edge-consumer-static.azureedge.net

IN A

Response

edge-consumer-static.azureedge.net

IN CNAME

edge-consumer-static.afd.azureedge.net

edge-consumer-static.afd.azureedge.net

IN CNAME

azureedge-t-prod.trafficmanager.net

azureedge-t-prod.trafficmanager.net

IN CNAME

shed.dual-low.s-part-0036.t-0009.t-msedge.net

shed.dual-low.s-part-0036.t-0009.t-msedge.net

IN CNAME

s-part-0036.t-0009.t-msedge.net

s-part-0036.t-0009.t-msedge.net

IN A

13.107.246.64
DNS

edge-consumer-static.azureedge.net

msedge.exe

Remote address:

8.8.8.8:53

Request

edge-consumer-static.azureedge.net

IN Unknown

Response

edge-consumer-static.azureedge.net

IN CNAME

edge-consumer-static.afd.azureedge.net

edge-consumer-static.afd.azureedge.net

IN CNAME

azureedge-t-prod.trafficmanager.net

azureedge-t-prod.trafficmanager.net

IN CNAME

shed.dual-low.s-part-0036.t-0009.t-msedge.net
DNS

play.google.com

msedge.exe

Remote address:

8.8.8.8:53

Request

play.google.com

IN A

Response

play.google.com

IN A

142.250.187.206
DNS

play.google.com

msedge.exe

Remote address:

8.8.8.8:53

Request

play.google.com

IN Unknown

Response
DNS

static.edge.microsoftapp.net

msedge.exe

Remote address:

8.8.8.8:53

Request

static.edge.microsoftapp.net

IN A

Response

static.edge.microsoftapp.net

IN CNAME

edge-cloud-resource-static.azureedge.net

edge-cloud-resource-static.azureedge.net

IN CNAME

edge-cloud-resource-static.afd.azureedge.net

edge-cloud-resource-static.afd.azureedge.net

IN CNAME

azureedge-t-prod.trafficmanager.net

azureedge-t-prod.trafficmanager.net

IN CNAME

shed.dual-low.s-part-0036.t-0009.t-msedge.net

shed.dual-low.s-part-0036.t-0009.t-msedge.net

IN CNAME

s-part-0036.t-0009.t-msedge.net

s-part-0036.t-0009.t-msedge.net

IN A

13.107.246.64
DNS

static.edge.microsoftapp.net

msedge.exe

Remote address:

8.8.8.8:53

Request

static.edge.microsoftapp.net

IN Unknown

Response

static.edge.microsoftapp.net

IN CNAME

edge-cloud-resource-static.azureedge.net

edge-cloud-resource-static.azureedge.net

IN CNAME

edge-cloud-resource-static.afd.azureedge.net

edge-cloud-resource-static.afd.azureedge.net

IN CNAME

azureedge-t-prod.trafficmanager.net

azureedge-t-prod.trafficmanager.net

IN CNAME

shed.dual-low.s-part-0036.t-0009.t-msedge.net
DNS

edge-mobile-static.azureedge.net

msedge.exe

Remote address:

8.8.8.8:53

Request

edge-mobile-static.azureedge.net

IN A

Response

edge-mobile-static.azureedge.net

IN CNAME

edge-mobile-static.afd.azureedge.net

edge-mobile-static.afd.azureedge.net

IN CNAME

azureedge-t-prod.trafficmanager.net

azureedge-t-prod.trafficmanager.net

IN CNAME

shed.dual-low.s-part-0036.t-0009.t-msedge.net

shed.dual-low.s-part-0036.t-0009.t-msedge.net

IN CNAME

s-part-0036.t-0009.t-msedge.net

s-part-0036.t-0009.t-msedge.net

IN A

13.107.246.64
DNS

edge-mobile-static.azureedge.net

msedge.exe

Remote address:

8.8.8.8:53

Request

edge-mobile-static.azureedge.net

IN Unknown

Response

edge-mobile-static.azureedge.net

IN CNAME

edge-mobile-static.afd.azureedge.net

edge-mobile-static.afd.azureedge.net

IN CNAME

azureedge-t-prod.trafficmanager.net

azureedge-t-prod.trafficmanager.net

IN CNAME

shed.dual-low.s-part-0036.t-0009.t-msedge.net

shed.dual-low.s-part-0036.t-0009.t-msedge.net

IN CNAME

s-part-0036.t-0009.t-msedge.net
DNS

accounts.google.com

msedge.exe

Remote address:

8.8.8.8:53

Request

accounts.google.com

IN A

Response

accounts.google.com

IN A

142.250.153.84
DNS

accounts.google.com

msedge.exe

Remote address:

8.8.8.8:53

Request

accounts.google.com

IN Unknown

Response
DNS

consent.youtube.com

msedge.exe

Remote address:

8.8.8.8:53

Request

consent.youtube.com

IN A

Response

consent.youtube.com

IN A

142.250.200.46
DNS

consent.youtube.com

msedge.exe

Remote address:

8.8.8.8:53

Request

consent.youtube.com

IN Unknown

Response
DNS

c.pki.goog

Remote address:

8.8.8.8:53

Request

c.pki.goog

IN A

Response

c.pki.goog

IN CNAME

pki-goog.l.google.com

pki-goog.l.google.com

IN A

142.250.200.35
GET

http://c.pki.goog/r/r1.crl

Remote address:

142.250.200.35:80

Request

GET /r/r1.crl HTTP/1.1
Cache-Control: max-age = 3000
Connection: Keep-Alive
Accept: */*
If-Modified-Since: Thu, 25 Jul 2024 14:48:00 GMT
User-Agent: Microsoft-CryptoAPI/10.0
Host: c.pki.goog

Response

HTTP/1.1 304 Not Modified

Date: Tue, 18 Mar 2025 04:11:18 GMT
Expires: Tue, 18 Mar 2025 05:01:18 GMT
Age: 1898
Last-Modified: Thu, 25 Jul 2024 14:48:00 GMT
Cache-Control: public, max-age=3000
Vary: Accept-Encoding
DNS

msedge.b.tlu.dl.delivery.mp.microsoft.com

Remote address:

8.8.8.8:53

Request

msedge.b.tlu.dl.delivery.mp.microsoft.com

IN A

Response

msedge.b.tlu.dl.delivery.mp.microsoft.com

IN CNAME

star.b.tlu.dl.delivery.mp.microsoft.com.delivery.microsoft.com

star.b.tlu.dl.delivery.mp.microsoft.com.delivery.microsoft.com

IN CNAME

cdp-f-tlu-net.trafficmanager.net

cdp-f-tlu-net.trafficmanager.net

IN CNAME

edge.ds-c7114-microsoft.global.dns.qwilted-cds.cqloud.com

edge.ds-c7114-microsoft.global.dns.qwilted-cds.cqloud.com

IN A

91.81.129.182

edge.ds-c7114-microsoft.global.dns.qwilted-cds.cqloud.com

IN A

91.80.49.85

edge.ds-c7114-microsoft.global.dns.qwilted-cds.cqloud.com

IN A

91.80.49.86

edge.ds-c7114-microsoft.global.dns.qwilted-cds.cqloud.com

IN A

91.81.129.180

edge.ds-c7114-microsoft.global.dns.qwilted-cds.cqloud.com

IN A

91.81.129.181
HEAD

http://msedge.b.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/2a0d597c-a09c-4400-be86-87596dd2e696?P1=1742410104&P2=404&P3=2&P4=kAUeIRBk%2bHnmkXoQVcVYoQCN20Iona0OdYuzUyUxDt2og1GoZcaOAapMtHKx65nWn7Ow9j2xPqKtRfEinpU5jw%3d%3d

Remote address:

91.81.129.182:80

Request

HEAD /filestreamingservice/files/2a0d597c-a09c-4400-be86-87596dd2e696?P1=1742410104&P2=404&P3=2&P4=kAUeIRBk%2bHnmkXoQVcVYoQCN20Iona0OdYuzUyUxDt2og1GoZcaOAapMtHKx65nWn7Ow9j2xPqKtRfEinpU5jw%3d%3d HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
User-Agent: Microsoft BITS/7.8
Host: msedge.b.tlu.dl.delivery.mp.microsoft.com

Response

HTTP/1.1 200 OK

Date: Tue, 18 Mar 2025 04:42:56 GMT
Content-Type: application/x-chrome-extension
Content-Length: 6252
Connection: keep-alive
Age: 434
Cache-Control: public, max-age=17280000
Etag: "3AWVl34DSMJKHl2C217ukEQM0Mw="
Last-Modified: Mon, 11 Nov 2024 00:17:54 GMT
MS-CorrelationId: 205c2916-df22-4c46-a28e-6c2dc505958d
MS-CV: 7cqM8pKkVUu2bUpF.0
MS-RequestId: 018c4aa9-70c6-4132-bed1-45eaba10281e
X-AspNet-Version: 4.0.30319
X-AspNetMvc-Version: 5.3
X-Cache: HIT
X-CCC: it
X-CID: 9
X-Powered-By: ASP.NET
X-Powered-By: ARR/3.0
X-Powered-By: ASP.NET
Ocn-Cache-Status: HIT
Ocn-Requestid: 100000085ff601ba-4252475243-1
Ocn-Served-By: QLT
Accept-Ranges: bytes
Server: Qwilt
X-OC-Service-Type: lo
GET

http://msedge.b.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/2a0d597c-a09c-4400-be86-87596dd2e696?P1=1742410104&P2=404&P3=2&P4=kAUeIRBk%2bHnmkXoQVcVYoQCN20Iona0OdYuzUyUxDt2og1GoZcaOAapMtHKx65nWn7Ow9j2xPqKtRfEinpU5jw%3d%3d

Remote address:

91.81.129.182:80

Request

GET /filestreamingservice/files/2a0d597c-a09c-4400-be86-87596dd2e696?P1=1742410104&P2=404&P3=2&P4=kAUeIRBk%2bHnmkXoQVcVYoQCN20Iona0OdYuzUyUxDt2og1GoZcaOAapMtHKx65nWn7Ow9j2xPqKtRfEinpU5jw%3d%3d HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
If-Unmodified-Since: Mon, 11 Nov 2024 00:17:54 GMT
Range: bytes=0-1119
User-Agent: Microsoft BITS/7.8
Host: msedge.b.tlu.dl.delivery.mp.microsoft.com

Response

HTTP/1.1 206 Partial Content

Date: Tue, 18 Mar 2025 04:42:56 GMT
Content-Type: application/x-chrome-extension
Content-Length: 1120
Connection: keep-alive
Age: 434
Cache-Control: public, max-age=17280000
Etag: "3AWVl34DSMJKHl2C217ukEQM0Mw="
Last-Modified: Mon, 11 Nov 2024 00:17:54 GMT
MS-CorrelationId: 205c2916-df22-4c46-a28e-6c2dc505958d
MS-CV: 7cqM8pKkVUu2bUpF.0
MS-RequestId: 018c4aa9-70c6-4132-bed1-45eaba10281e
X-AspNet-Version: 4.0.30319
X-AspNetMvc-Version: 5.3
X-Cache: HIT
X-CCC: it
X-CID: 9
X-Powered-By: ASP.NET
X-Powered-By: ARR/3.0
X-Powered-By: ASP.NET
Ocn-Cache-Status: HIT
Ocn-Requestid: 100000085ff60208-4252475243-2
Ocn-Served-By: QLT
Content-Range: bytes 0-1119/6252
Server: Qwilt
X-OC-Service-Type: lo
GET

http://msedge.b.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/2a0d597c-a09c-4400-be86-87596dd2e696?P1=1742410104&P2=404&P3=2&P4=kAUeIRBk%2bHnmkXoQVcVYoQCN20Iona0OdYuzUyUxDt2og1GoZcaOAapMtHKx65nWn7Ow9j2xPqKtRfEinpU5jw%3d%3d

Remote address:

91.81.129.182:80

Request

GET /filestreamingservice/files/2a0d597c-a09c-4400-be86-87596dd2e696?P1=1742410104&P2=404&P3=2&P4=kAUeIRBk%2bHnmkXoQVcVYoQCN20Iona0OdYuzUyUxDt2og1GoZcaOAapMtHKx65nWn7Ow9j2xPqKtRfEinpU5jw%3d%3d HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
If-Unmodified-Since: Mon, 11 Nov 2024 00:17:54 GMT
Range: bytes=1120-3027
User-Agent: Microsoft BITS/7.8
Host: msedge.b.tlu.dl.delivery.mp.microsoft.com

Response

HTTP/1.1 206 Partial Content

Date: Tue, 18 Mar 2025 04:42:59 GMT
Content-Type: application/x-chrome-extension
Content-Length: 1908
Connection: keep-alive
Age: 434
Cache-Control: public, max-age=17280000
Etag: "3AWVl34DSMJKHl2C217ukEQM0Mw="
Last-Modified: Mon, 11 Nov 2024 00:17:54 GMT
MS-CorrelationId: 205c2916-df22-4c46-a28e-6c2dc505958d
MS-CV: 7cqM8pKkVUu2bUpF.0
MS-RequestId: 018c4aa9-70c6-4132-bed1-45eaba10281e
X-AspNet-Version: 4.0.30319
X-AspNetMvc-Version: 5.3
X-Cache: HIT
X-CCC: it
X-CID: 9
X-Powered-By: ASP.NET
X-Powered-By: ARR/3.0
X-Powered-By: ASP.NET
Ocn-Cache-Status: HIT
Ocn-Requestid: 100000085ff6114b-4252475243-3
Ocn-Served-By: QLT
Content-Range: bytes 1120-3027/6252
Server: Qwilt
X-OC-Service-Type: lo
GET

http://msedge.b.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/2a0d597c-a09c-4400-be86-87596dd2e696?P1=1742410104&P2=404&P3=2&P4=kAUeIRBk%2bHnmkXoQVcVYoQCN20Iona0OdYuzUyUxDt2og1GoZcaOAapMtHKx65nWn7Ow9j2xPqKtRfEinpU5jw%3d%3d

Remote address:

91.81.129.182:80

Request

GET /filestreamingservice/files/2a0d597c-a09c-4400-be86-87596dd2e696?P1=1742410104&P2=404&P3=2&P4=kAUeIRBk%2bHnmkXoQVcVYoQCN20Iona0OdYuzUyUxDt2og1GoZcaOAapMtHKx65nWn7Ow9j2xPqKtRfEinpU5jw%3d%3d HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
If-Unmodified-Since: Mon, 11 Nov 2024 00:17:54 GMT
Range: bytes=3028-6251
User-Agent: Microsoft BITS/7.8
Host: msedge.b.tlu.dl.delivery.mp.microsoft.com

Response

HTTP/1.1 206 Partial Content

Date: Tue, 18 Mar 2025 04:43:00 GMT
Content-Type: application/x-chrome-extension
Content-Length: 3224
Connection: keep-alive
Age: 434
Cache-Control: public, max-age=17280000
Etag: "3AWVl34DSMJKHl2C217ukEQM0Mw="
Last-Modified: Mon, 11 Nov 2024 00:17:54 GMT
MS-CorrelationId: 205c2916-df22-4c46-a28e-6c2dc505958d
MS-CV: 7cqM8pKkVUu2bUpF.0
MS-RequestId: 018c4aa9-70c6-4132-bed1-45eaba10281e
X-AspNet-Version: 4.0.30319
X-AspNetMvc-Version: 5.3
X-Cache: HIT
X-CCC: it
X-CID: 9
X-Powered-By: ASP.NET
X-Powered-By: ARR/3.0
X-Powered-By: ASP.NET
Ocn-Cache-Status: HIT
Ocn-Requestid: 100000085ff6170f-4252475243-4
Ocn-Served-By: QLT
Content-Range: bytes 3028-6251/6252
Server: Qwilt
X-OC-Service-Type: lo
HEAD

http://msedge.b.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/51e2aa9e-0a9d-4432-95ba-449f08b06e7d?P1=1742805538&P2=404&P3=2&P4=PRlWq%2bG3UiZFCHhIj4EBFQR0O0umAp%2bCCSZTCspL1QunWEZHIQS1Cy13l%2fskUvaAENqrI%2bt2mW41wLoUAKLqxw%3d%3d

Remote address:

91.81.129.182:80

Request

HEAD /filestreamingservice/files/51e2aa9e-0a9d-4432-95ba-449f08b06e7d?P1=1742805538&P2=404&P3=2&P4=PRlWq%2bG3UiZFCHhIj4EBFQR0O0umAp%2bCCSZTCspL1QunWEZHIQS1Cy13l%2fskUvaAENqrI%2bt2mW41wLoUAKLqxw%3d%3d HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
User-Agent: Microsoft BITS/7.8
Host: msedge.b.tlu.dl.delivery.mp.microsoft.com

Response

HTTP/1.1 200 OK

Date: Tue, 18 Mar 2025 04:43:16 GMT
Content-Type: application/x-chrome-extension
Content-Length: 178844
Connection: keep-alive
Cache-Control: public, max-age=17280000
Last-Modified: Mon, 17 Mar 2025 07:46:05 GMT
ETag: "CjBXyQgSs5Rbiu4Qz9rGMYyL7sg="
X-AspNetMvc-Version: 5.3
MS-CorrelationId: 920835c4-2998-48e4-8775-713c566cd493
MS-RequestId: ed8b1684-7861-463f-aa55-dee43274849e
MS-CV: QjUNvwBMl0Osm34F.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
X-Powered-By: ARR/3.0
X-Powered-By: ASP.NET
X-CID: 9
X-CCC: it
Ocn-Cache-Status: HIT
Ocn-Requestid: 100000085ff66444-4252475243-5
Ocn-Served-By: QLT
Accept-Ranges: bytes
Server: Qwilt
X-OC-Service-Type: lo
GET

http://msedge.b.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/51e2aa9e-0a9d-4432-95ba-449f08b06e7d?P1=1742805538&P2=404&P3=2&P4=PRlWq%2bG3UiZFCHhIj4EBFQR0O0umAp%2bCCSZTCspL1QunWEZHIQS1Cy13l%2fskUvaAENqrI%2bt2mW41wLoUAKLqxw%3d%3d

Remote address:

91.81.129.182:80

Request

GET /filestreamingservice/files/51e2aa9e-0a9d-4432-95ba-449f08b06e7d?P1=1742805538&P2=404&P3=2&P4=PRlWq%2bG3UiZFCHhIj4EBFQR0O0umAp%2bCCSZTCspL1QunWEZHIQS1Cy13l%2fskUvaAENqrI%2bt2mW41wLoUAKLqxw%3d%3d HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
If-Unmodified-Since: Mon, 17 Mar 2025 07:46:05 GMT
Range: bytes=0-9349
User-Agent: Microsoft BITS/7.8
Host: msedge.b.tlu.dl.delivery.mp.microsoft.com

Response

HTTP/1.1 206 Partial Content

Date: Tue, 18 Mar 2025 04:43:16 GMT
Content-Type: application/x-chrome-extension
Content-Length: 9350
Connection: keep-alive
Cache-Control: public, max-age=17280000
Last-Modified: Mon, 17 Mar 2025 07:46:05 GMT
ETag: "CjBXyQgSs5Rbiu4Qz9rGMYyL7sg="
X-AspNetMvc-Version: 5.3
MS-CorrelationId: 920835c4-2998-48e4-8775-713c566cd493
MS-RequestId: ed8b1684-7861-463f-aa55-dee43274849e
MS-CV: QjUNvwBMl0Osm34F.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
X-Powered-By: ARR/3.0
X-Powered-By: ASP.NET
X-CID: 9
X-CCC: it
Ocn-Cache-Status: HIT
Ocn-Requestid: 100000085ff664ab-4252475243-6
Ocn-Served-By: QLT
Content-Range: bytes 0-9349/178844
Server: Qwilt
X-OC-Service-Type: lo
GET

http://msedge.b.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/51e2aa9e-0a9d-4432-95ba-449f08b06e7d?P1=1742805538&P2=404&P3=2&P4=PRlWq%2bG3UiZFCHhIj4EBFQR0O0umAp%2bCCSZTCspL1QunWEZHIQS1Cy13l%2fskUvaAENqrI%2bt2mW41wLoUAKLqxw%3d%3d

Remote address:

91.81.129.182:80

Request

GET /filestreamingservice/files/51e2aa9e-0a9d-4432-95ba-449f08b06e7d?P1=1742805538&P2=404&P3=2&P4=PRlWq%2bG3UiZFCHhIj4EBFQR0O0umAp%2bCCSZTCspL1QunWEZHIQS1Cy13l%2fskUvaAENqrI%2bt2mW41wLoUAKLqxw%3d%3d HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
If-Unmodified-Since: Mon, 17 Mar 2025 07:46:05 GMT
Range: bytes=9350-31768
User-Agent: Microsoft BITS/7.8
Host: msedge.b.tlu.dl.delivery.mp.microsoft.com

Response

HTTP/1.1 206 Partial Content

Date: Tue, 18 Mar 2025 04:43:17 GMT
Content-Type: application/x-chrome-extension
Content-Length: 22419
Connection: keep-alive
Cache-Control: public, max-age=17280000
Last-Modified: Mon, 17 Mar 2025 07:46:05 GMT
ETag: "CjBXyQgSs5Rbiu4Qz9rGMYyL7sg="
X-AspNetMvc-Version: 5.3
MS-CorrelationId: 920835c4-2998-48e4-8775-713c566cd493
MS-RequestId: ed8b1684-7861-463f-aa55-dee43274849e
MS-CV: QjUNvwBMl0Osm34F.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
X-Powered-By: ARR/3.0
X-Powered-By: ASP.NET
X-CID: 9
X-CCC: it
Ocn-Cache-Status: HIT
Ocn-Requestid: 100000085ff66b16-4252475243-7
Ocn-Served-By: QLT
Content-Range: bytes 9350-31768/178844
Server: Qwilt
X-OC-Service-Type: lo
GET

http://msedge.b.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/51e2aa9e-0a9d-4432-95ba-449f08b06e7d?P1=1742805538&P2=404&P3=2&P4=PRlWq%2bG3UiZFCHhIj4EBFQR0O0umAp%2bCCSZTCspL1QunWEZHIQS1Cy13l%2fskUvaAENqrI%2bt2mW41wLoUAKLqxw%3d%3d

Remote address:

91.81.129.182:80

Request

GET /filestreamingservice/files/51e2aa9e-0a9d-4432-95ba-449f08b06e7d?P1=1742805538&P2=404&P3=2&P4=PRlWq%2bG3UiZFCHhIj4EBFQR0O0umAp%2bCCSZTCspL1QunWEZHIQS1Cy13l%2fskUvaAENqrI%2bt2mW41wLoUAKLqxw%3d%3d HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
If-Unmodified-Since: Mon, 17 Mar 2025 07:46:05 GMT
Range: bytes=31769-76742
User-Agent: Microsoft BITS/7.8
Host: msedge.b.tlu.dl.delivery.mp.microsoft.com

Response

HTTP/1.1 206 Partial Content

Date: Tue, 18 Mar 2025 04:43:18 GMT
Content-Type: application/x-chrome-extension
Content-Length: 44974
Connection: keep-alive
Cache-Control: public, max-age=17280000
Last-Modified: Mon, 17 Mar 2025 07:46:05 GMT
ETag: "CjBXyQgSs5Rbiu4Qz9rGMYyL7sg="
X-AspNetMvc-Version: 5.3
MS-CorrelationId: 920835c4-2998-48e4-8775-713c566cd493
MS-RequestId: ed8b1684-7861-463f-aa55-dee43274849e
MS-CV: QjUNvwBMl0Osm34F.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
X-Powered-By: ARR/3.0
X-Powered-By: ASP.NET
X-CID: 9
X-CCC: it
Ocn-Cache-Status: HIT
Ocn-Requestid: 100000085ff6711b-4252475243-8
Ocn-Served-By: QLT
Content-Range: bytes 31769-76742/178844
Server: Qwilt
X-OC-Service-Type: lo
GET

http://msedge.b.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/51e2aa9e-0a9d-4432-95ba-449f08b06e7d?P1=1742805538&P2=404&P3=2&P4=PRlWq%2bG3UiZFCHhIj4EBFQR0O0umAp%2bCCSZTCspL1QunWEZHIQS1Cy13l%2fskUvaAENqrI%2bt2mW41wLoUAKLqxw%3d%3d

Remote address:

91.81.129.182:80

Request

GET /filestreamingservice/files/51e2aa9e-0a9d-4432-95ba-449f08b06e7d?P1=1742805538&P2=404&P3=2&P4=PRlWq%2bG3UiZFCHhIj4EBFQR0O0umAp%2bCCSZTCspL1QunWEZHIQS1Cy13l%2fskUvaAENqrI%2bt2mW41wLoUAKLqxw%3d%3d HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
If-Unmodified-Since: Mon, 17 Mar 2025 07:46:05 GMT
Range: bytes=76743-167633
User-Agent: Microsoft BITS/7.8
Host: msedge.b.tlu.dl.delivery.mp.microsoft.com

Response

HTTP/1.1 206 Partial Content

Date: Tue, 18 Mar 2025 04:43:20 GMT
Content-Type: application/x-chrome-extension
Content-Length: 90891
Connection: keep-alive
Cache-Control: public, max-age=17280000
Last-Modified: Mon, 17 Mar 2025 07:46:05 GMT
ETag: "CjBXyQgSs5Rbiu4Qz9rGMYyL7sg="
X-AspNetMvc-Version: 5.3
MS-CorrelationId: 920835c4-2998-48e4-8775-713c566cd493
MS-RequestId: ed8b1684-7861-463f-aa55-dee43274849e
MS-CV: QjUNvwBMl0Osm34F.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
X-Powered-By: ARR/3.0
X-Powered-By: ASP.NET
X-CID: 9
X-CCC: it
Ocn-Cache-Status: HIT
Ocn-Requestid: 100000085ff6765c-4252475243-9
Ocn-Served-By: QLT
Content-Range: bytes 76743-167633/178844
Server: Qwilt
X-OC-Service-Type: lo
GET

http://msedge.b.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/51e2aa9e-0a9d-4432-95ba-449f08b06e7d?P1=1742805538&P2=404&P3=2&P4=PRlWq%2bG3UiZFCHhIj4EBFQR0O0umAp%2bCCSZTCspL1QunWEZHIQS1Cy13l%2fskUvaAENqrI%2bt2mW41wLoUAKLqxw%3d%3d

Remote address:

91.81.129.182:80

Request

GET /filestreamingservice/files/51e2aa9e-0a9d-4432-95ba-449f08b06e7d?P1=1742805538&P2=404&P3=2&P4=PRlWq%2bG3UiZFCHhIj4EBFQR0O0umAp%2bCCSZTCspL1QunWEZHIQS1Cy13l%2fskUvaAENqrI%2bt2mW41wLoUAKLqxw%3d%3d HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
If-Unmodified-Since: Mon, 17 Mar 2025 07:46:05 GMT
Range: bytes=167634-178843
User-Agent: Microsoft BITS/7.8
Host: msedge.b.tlu.dl.delivery.mp.microsoft.com

Response

HTTP/1.1 206 Partial Content

Date: Tue, 18 Mar 2025 04:43:21 GMT
Content-Type: application/x-chrome-extension
Content-Length: 11210
Connection: keep-alive
Cache-Control: public, max-age=17280000
Last-Modified: Mon, 17 Mar 2025 07:46:05 GMT
ETag: "CjBXyQgSs5Rbiu4Qz9rGMYyL7sg="
X-AspNetMvc-Version: 5.3
MS-CorrelationId: 920835c4-2998-48e4-8775-713c566cd493
MS-RequestId: ed8b1684-7861-463f-aa55-dee43274849e
MS-CV: QjUNvwBMl0Osm34F.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
X-Powered-By: ARR/3.0
X-Powered-By: ASP.NET
X-CID: 9
X-CCC: it
Ocn-Cache-Status: HIT
Ocn-Requestid: 100000085ff67bd2-4252475243-10
Ocn-Served-By: QLT
Content-Range: bytes 167634-178843/178844
Server: Qwilt
X-OC-Service-Type: lo
HEAD

http://msedge.b.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/1159c5f4-512b-4855-918f-92aa88aa927b?P1=1742839398&P2=404&P3=2&P4=TMD1ET0tZIFliCudyboyLAugu5%2fuMZQbXT0M%2bMdIHGGt2SsDc3FtBz7QOMP8eEgvZksiyLySN7MIZ8m5Drl0Vw%3d%3d

Remote address:

91.81.129.182:80

Request

HEAD /filestreamingservice/files/1159c5f4-512b-4855-918f-92aa88aa927b?P1=1742839398&P2=404&P3=2&P4=TMD1ET0tZIFliCudyboyLAugu5%2fuMZQbXT0M%2bMdIHGGt2SsDc3FtBz7QOMP8eEgvZksiyLySN7MIZ8m5Drl0Vw%3d%3d HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
User-Agent: Microsoft BITS/7.8
Host: msedge.b.tlu.dl.delivery.mp.microsoft.com

Response

HTTP/1.1 200 OK

Date: Tue, 18 Mar 2025 04:43:45 GMT
Content-Type: application/x-chrome-extension
Content-Length: 253497
Connection: keep-alive
Cache-Control: public, max-age=17280000
Last-Modified: Mon, 03 Mar 2025 20:39:10 GMT
ETag: "Sks0vA6tnKTR+EIKeUerOQQ0s2o="
X-AspNetMvc-Version: 5.3
MS-CorrelationId: 895c6558-f142-4cba-bf6e-71ce128fcac4
MS-RequestId: 911e200c-89a6-4060-976b-4e655544b1a4
MS-CV: yz1ix0hwtyywmt0mz2t5zk.0.2.3.1.1.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
X-Powered-By: ARR/3.0
X-Powered-By: ASP.NET
X-CID: 9
X-CCC: it
Ocn-Cache-Status: HIT
Ocn-Requestid: 100000085ff6ed5c-4252475243-11
Ocn-Served-By: QLT
Accept-Ranges: bytes
Server: Qwilt
X-OC-Service-Type: lo
GET

http://msedge.b.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/1159c5f4-512b-4855-918f-92aa88aa927b?P1=1742839398&P2=404&P3=2&P4=TMD1ET0tZIFliCudyboyLAugu5%2fuMZQbXT0M%2bMdIHGGt2SsDc3FtBz7QOMP8eEgvZksiyLySN7MIZ8m5Drl0Vw%3d%3d

Remote address:

91.81.129.182:80

Request

GET /filestreamingservice/files/1159c5f4-512b-4855-918f-92aa88aa927b?P1=1742839398&P2=404&P3=2&P4=TMD1ET0tZIFliCudyboyLAugu5%2fuMZQbXT0M%2bMdIHGGt2SsDc3FtBz7QOMP8eEgvZksiyLySN7MIZ8m5Drl0Vw%3d%3d HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
If-Unmodified-Since: Mon, 03 Mar 2025 20:39:10 GMT
User-Agent: Microsoft BITS/7.8
Host: msedge.b.tlu.dl.delivery.mp.microsoft.com

Response

HTTP/1.1 200 OK

Date: Tue, 18 Mar 2025 04:43:45 GMT
Content-Type: application/x-chrome-extension
Content-Length: 253497
Connection: keep-alive
Cache-Control: public, max-age=17280000
Last-Modified: Mon, 03 Mar 2025 20:39:10 GMT
ETag: "Sks0vA6tnKTR+EIKeUerOQQ0s2o="
X-AspNetMvc-Version: 5.3
MS-CorrelationId: 895c6558-f142-4cba-bf6e-71ce128fcac4
MS-RequestId: 911e200c-89a6-4060-976b-4e655544b1a4
MS-CV: yz1ix0hwtyywmt0mz2t5zk.0.2.3.1.1.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
X-Powered-By: ARR/3.0
X-Powered-By: ASP.NET
X-CID: 9
X-CCC: it
Ocn-Cache-Status: HIT
Ocn-Requestid: 100000085ff6ede1-4252475243-12
Ocn-Served-By: QLT
Accept-Ranges: bytes
Server: Qwilt
X-OC-Service-Type: lo
HEAD

http://msedge.b.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/2132f61f-f790-4ae6-a355-8cf9a1533800?P1=1742410102&P2=404&P3=2&P4=ReLjstUwhjy05OODPmVE4LQ%2feTTbKUaVl31lJtI67yF6AqE2Ts0OGIr0JD%2f7JK3X%2bgELUiU7QZbfljLuP3EUKQ%3d%3d

Remote address:

91.81.129.182:80

Request

HEAD /filestreamingservice/files/2132f61f-f790-4ae6-a355-8cf9a1533800?P1=1742410102&P2=404&P3=2&P4=ReLjstUwhjy05OODPmVE4LQ%2feTTbKUaVl31lJtI67yF6AqE2Ts0OGIr0JD%2f7JK3X%2bgELUiU7QZbfljLuP3EUKQ%3d%3d HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
User-Agent: Microsoft BITS/7.8
Host: msedge.b.tlu.dl.delivery.mp.microsoft.com

Response

HTTP/1.1 200 OK

Date: Tue, 18 Mar 2025 04:44:13 GMT
Content-Type: application/x-chrome-extension
Content-Length: 975576
Connection: keep-alive
Age: 4900716
Cache-Control: public, max-age=17280000
Etag: "wehJBmKQPZDel3YMsxAkJvJ4S9k="
Last-Modified: Tue, 08 Mar 2022 02:44:10 GMT
MS-CorrelationId: a836c466-eb8c-4d7d-bc45-bccf7548035b
MS-CV: OW3lbFYd0EyO59aC.0
MS-RequestId: d2933ec9-1b40-44c8-aa96-f918b3eaf10d
X-AspNet-Version: 4.0.30319
X-AspNetMvc-Version: 5.3
X-Cache: HIT
X-CCC: it
X-CID: 9
X-EC-BBR-Enable: 1
X-Powered-By: ASP.NET
X-Powered-By: ARR/3.0
X-Powered-By: ASP.NET
Ocn-Cache-Status: HIT
Ocn-Requestid: 100000085ff77cd2-4252475243-13
Ocn-Served-By: QLT
Accept-Ranges: bytes
Server: Qwilt
X-OC-Service-Type: lo
GET

http://msedge.b.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/2132f61f-f790-4ae6-a355-8cf9a1533800?P1=1742410102&P2=404&P3=2&P4=ReLjstUwhjy05OODPmVE4LQ%2feTTbKUaVl31lJtI67yF6AqE2Ts0OGIr0JD%2f7JK3X%2bgELUiU7QZbfljLuP3EUKQ%3d%3d

Remote address:

91.81.129.182:80

Request

GET /filestreamingservice/files/2132f61f-f790-4ae6-a355-8cf9a1533800?P1=1742410102&P2=404&P3=2&P4=ReLjstUwhjy05OODPmVE4LQ%2feTTbKUaVl31lJtI67yF6AqE2Ts0OGIr0JD%2f7JK3X%2bgELUiU7QZbfljLuP3EUKQ%3d%3d HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
If-Unmodified-Since: Tue, 08 Mar 2022 02:44:10 GMT
Range: bytes=0-599045
User-Agent: Microsoft BITS/7.8
Host: msedge.b.tlu.dl.delivery.mp.microsoft.com

Response

HTTP/1.1 206 Partial Content

Date: Tue, 18 Mar 2025 04:44:13 GMT
Content-Type: application/x-chrome-extension
Content-Length: 599046
Connection: keep-alive
Age: 4900716
Cache-Control: public, max-age=17280000
Etag: "wehJBmKQPZDel3YMsxAkJvJ4S9k="
Last-Modified: Tue, 08 Mar 2022 02:44:10 GMT
MS-CorrelationId: a836c466-eb8c-4d7d-bc45-bccf7548035b
MS-CV: OW3lbFYd0EyO59aC.0
MS-RequestId: d2933ec9-1b40-44c8-aa96-f918b3eaf10d
X-AspNet-Version: 4.0.30319
X-AspNetMvc-Version: 5.3
X-Cache: HIT
X-CCC: it
X-CID: 9
X-EC-BBR-Enable: 1
X-Powered-By: ASP.NET
X-Powered-By: ARR/3.0
X-Powered-By: ASP.NET
Ocn-Cache-Status: HIT
Ocn-Requestid: 100000085ff77d47-4252475243-14
Ocn-Served-By: QLT
Content-Range: bytes 0-599045/975576
Server: Qwilt
X-OC-Service-Type: lo
GET

http://msedge.b.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/2132f61f-f790-4ae6-a355-8cf9a1533800?P1=1742410102&P2=404&P3=2&P4=ReLjstUwhjy05OODPmVE4LQ%2feTTbKUaVl31lJtI67yF6AqE2Ts0OGIr0JD%2f7JK3X%2bgELUiU7QZbfljLuP3EUKQ%3d%3d

Remote address:

91.81.129.182:80

Request

GET /filestreamingservice/files/2132f61f-f790-4ae6-a355-8cf9a1533800?P1=1742410102&P2=404&P3=2&P4=ReLjstUwhjy05OODPmVE4LQ%2feTTbKUaVl31lJtI67yF6AqE2Ts0OGIr0JD%2f7JK3X%2bgELUiU7QZbfljLuP3EUKQ%3d%3d HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
If-Unmodified-Since: Tue, 08 Mar 2022 02:44:10 GMT
Range: bytes=599046-975575
User-Agent: Microsoft BITS/7.8
Host: msedge.b.tlu.dl.delivery.mp.microsoft.com

Response

HTTP/1.1 206 Partial Content

Date: Tue, 18 Mar 2025 04:44:14 GMT
Content-Type: application/x-chrome-extension
Content-Length: 376530
Connection: keep-alive
Age: 4900716
Cache-Control: public, max-age=17280000
Etag: "wehJBmKQPZDel3YMsxAkJvJ4S9k="
Last-Modified: Tue, 08 Mar 2022 02:44:10 GMT
MS-CorrelationId: a836c466-eb8c-4d7d-bc45-bccf7548035b
MS-CV: OW3lbFYd0EyO59aC.0
MS-RequestId: d2933ec9-1b40-44c8-aa96-f918b3eaf10d
X-AspNet-Version: 4.0.30319
X-AspNetMvc-Version: 5.3
X-Cache: HIT
X-CCC: it
X-CID: 9
X-EC-BBR-Enable: 1
X-Powered-By: ASP.NET
X-Powered-By: ARR/3.0
X-Powered-By: ASP.NET
Ocn-Cache-Status: HIT
Ocn-Requestid: 100000085ff782ab-4252475243-15
Ocn-Served-By: QLT
Content-Range: bytes 599046-975575/975576
Server: Qwilt
X-OC-Service-Type: lo
HEAD

http://msedge.b.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/68591036-2289-4858-9f7f-9149e89c8a08?P1=1742413702&P2=404&P3=2&P4=lnzm3KE7xp8kqorrUGMU6vk2Hik9kEPChX7CQunxC%2bP%2fccuvQCKco7QOY%2fmHWmFN3LeHxoP2mo3tfST9yJnV%2fQ%3d%3d

Remote address:

91.81.129.182:80

Request

HEAD /filestreamingservice/files/68591036-2289-4858-9f7f-9149e89c8a08?P1=1742413702&P2=404&P3=2&P4=lnzm3KE7xp8kqorrUGMU6vk2Hik9kEPChX7CQunxC%2bP%2fccuvQCKco7QOY%2fmHWmFN3LeHxoP2mo3tfST9yJnV%2fQ%3d%3d HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
User-Agent: Microsoft BITS/7.8
Host: msedge.b.tlu.dl.delivery.mp.microsoft.com

Response

HTTP/1.1 200 OK

Date: Tue, 18 Mar 2025 04:44:46 GMT
Content-Type: application/x-chrome-extension
Content-Length: 1093663
Connection: keep-alive
Age: 35
Cache-Control: public, max-age=17280000
Etag: "itE55H1NWN82nkDAJZI74NgqX5s="
Last-Modified: Wed, 06 Nov 2024 01:23:58 GMT
MS-CorrelationId: 72eb4bbe-44d5-4c86-89e1-9b71d8d8c209
MS-CV: gaO3ogKb6Ueabat4.0
MS-RequestId: 50f8c65a-e7a7-4bec-ac20-78d18aaae4a1
X-AspNet-Version: 4.0.30319
X-AspNetMvc-Version: 5.3
X-Cache: HIT
X-CCC: it
X-CID: 9
X-Powered-By: ASP.NET
X-Powered-By: ARR/3.0
X-Powered-By: ASP.NET
Ocn-Cache-Status: HIT
Ocn-Requestid: 100000085ff81fca-4252475243-16
Ocn-Served-By: QLT
Accept-Ranges: bytes
Server: Qwilt
X-OC-Service-Type: lo
GET

http://msedge.b.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/68591036-2289-4858-9f7f-9149e89c8a08?P1=1742413702&P2=404&P3=2&P4=lnzm3KE7xp8kqorrUGMU6vk2Hik9kEPChX7CQunxC%2bP%2fccuvQCKco7QOY%2fmHWmFN3LeHxoP2mo3tfST9yJnV%2fQ%3d%3d

Remote address:

91.81.129.182:80

Request

GET /filestreamingservice/files/68591036-2289-4858-9f7f-9149e89c8a08?P1=1742413702&P2=404&P3=2&P4=lnzm3KE7xp8kqorrUGMU6vk2Hik9kEPChX7CQunxC%2bP%2fccuvQCKco7QOY%2fmHWmFN3LeHxoP2mo3tfST9yJnV%2fQ%3d%3d HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
If-Unmodified-Since: Wed, 06 Nov 2024 01:23:58 GMT
User-Agent: Microsoft BITS/7.8
Host: msedge.b.tlu.dl.delivery.mp.microsoft.com

Response

HTTP/1.1 200 OK

Date: Tue, 18 Mar 2025 04:44:46 GMT
Content-Type: application/x-chrome-extension
Content-Length: 1093663
Connection: keep-alive
Age: 35
Cache-Control: public, max-age=17280000
Etag: "itE55H1NWN82nkDAJZI74NgqX5s="
Last-Modified: Wed, 06 Nov 2024 01:23:58 GMT
MS-CorrelationId: 72eb4bbe-44d5-4c86-89e1-9b71d8d8c209
MS-CV: gaO3ogKb6Ueabat4.0
MS-RequestId: 50f8c65a-e7a7-4bec-ac20-78d18aaae4a1
X-AspNet-Version: 4.0.30319
X-AspNetMvc-Version: 5.3
X-Cache: HIT
X-CCC: it
X-CID: 9
X-Powered-By: ASP.NET
X-Powered-By: ARR/3.0
X-Powered-By: ASP.NET
Ocn-Cache-Status: HIT
Ocn-Requestid: 100000085ff8202e-4252475243-17
Ocn-Served-By: QLT
Accept-Ranges: bytes
Server: Qwilt
X-OC-Service-Type: lo
HEAD

http://msedge.b.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/0c269ced-c74b-4e70-9b58-6e7999b292c0?P1=1742406501&P2=404&P3=2&P4=BqrIIzGV13yx3Y%2fDnUXC9PJtJBqQNzUXYFTNpWoiXMH3hreUtC0k0dyHDB%2fq2QZZAqFjY8FYyVJHdc7z3rVRrQ%3d%3d

Remote address:

91.81.129.182:80

Request

HEAD /filestreamingservice/files/0c269ced-c74b-4e70-9b58-6e7999b292c0?P1=1742406501&P2=404&P3=2&P4=BqrIIzGV13yx3Y%2fDnUXC9PJtJBqQNzUXYFTNpWoiXMH3hreUtC0k0dyHDB%2fq2QZZAqFjY8FYyVJHdc7z3rVRrQ%3d%3d HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
User-Agent: Microsoft BITS/7.8
Host: msedge.b.tlu.dl.delivery.mp.microsoft.com

Response

HTTP/1.1 200 OK

Date: Tue, 18 Mar 2025 04:45:23 GMT
Content-Type: application/x-chrome-extension
Content-Length: 1674005
Connection: keep-alive
Age: 93694
Cache-Control: public, max-age=17280000
Etag: "dtH9pDPv394DAGGJ6XJ8Jw5KaTY="
Last-Modified: Fri, 08 Nov 2024 04:52:16 GMT
MS-CorrelationId: 6a65d810-7fdb-4b23-a505-1259bb9cbbe3
MS-CV: GVP0/z0Gr0KT5MRP.0
MS-RequestId: f20831ef-e924-450c-a299-809d52870e03
X-AspNet-Version: 4.0.30319
X-AspNetMvc-Version: 5.3
X-Cache: HIT
X-CCC: it
X-CID: 9
X-EC-BBR-Enable: 1
X-Powered-By: ASP.NET
X-Powered-By: ARR/3.0
X-Powered-By: ASP.NET
Ocn-Cache-Status: HIT
Ocn-Requestid: 100000085ff8cc60-4252475243-18
Ocn-Served-By: QLT
Accept-Ranges: bytes
Server: Qwilt
X-OC-Service-Type: lo
GET

http://msedge.b.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/0c269ced-c74b-4e70-9b58-6e7999b292c0?P1=1742406501&P2=404&P3=2&P4=BqrIIzGV13yx3Y%2fDnUXC9PJtJBqQNzUXYFTNpWoiXMH3hreUtC0k0dyHDB%2fq2QZZAqFjY8FYyVJHdc7z3rVRrQ%3d%3d

Remote address:

91.81.129.182:80

Request

GET /filestreamingservice/files/0c269ced-c74b-4e70-9b58-6e7999b292c0?P1=1742406501&P2=404&P3=2&P4=BqrIIzGV13yx3Y%2fDnUXC9PJtJBqQNzUXYFTNpWoiXMH3hreUtC0k0dyHDB%2fq2QZZAqFjY8FYyVJHdc7z3rVRrQ%3d%3d HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
If-Unmodified-Since: Fri, 08 Nov 2024 04:52:16 GMT
User-Agent: Microsoft BITS/7.8
Host: msedge.b.tlu.dl.delivery.mp.microsoft.com

Response

HTTP/1.1 200 OK

Date: Tue, 18 Mar 2025 04:45:23 GMT
Content-Type: application/x-chrome-extension
Content-Length: 1674005
Connection: keep-alive
Age: 93694
Cache-Control: public, max-age=17280000
Etag: "dtH9pDPv394DAGGJ6XJ8Jw5KaTY="
Last-Modified: Fri, 08 Nov 2024 04:52:16 GMT
MS-CorrelationId: 6a65d810-7fdb-4b23-a505-1259bb9cbbe3
MS-CV: GVP0/z0Gr0KT5MRP.0
MS-RequestId: f20831ef-e924-450c-a299-809d52870e03
X-AspNet-Version: 4.0.30319
X-AspNetMvc-Version: 5.3
X-Cache: HIT
X-CCC: it
X-CID: 9
X-EC-BBR-Enable: 1
X-Powered-By: ASP.NET
X-Powered-By: ARR/3.0
X-Powered-By: ASP.NET
Ocn-Cache-Status: HIT
Ocn-Requestid: 100000085ff8ccc3-4252475243-19
Ocn-Served-By: QLT
Accept-Ranges: bytes
Server: Qwilt
X-OC-Service-Type: lo
HEAD

http://msedge.b.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/5643cf9d-4e0e-4f1a-bd96-6abb91536f90?P1=1742571700&P2=404&P3=2&P4=hMcnnpDTBmbyAXVqIgdDCDy7eS7ZSDbtpeKEEGxfv4tq5nsiKusPeHlWtG0cOjPZsRpnbM3KXABIhsNsKmOYGw%3d%3d

Remote address:

91.81.129.182:80

Request

HEAD /filestreamingservice/files/5643cf9d-4e0e-4f1a-bd96-6abb91536f90?P1=1742571700&P2=404&P3=2&P4=hMcnnpDTBmbyAXVqIgdDCDy7eS7ZSDbtpeKEEGxfv4tq5nsiKusPeHlWtG0cOjPZsRpnbM3KXABIhsNsKmOYGw%3d%3d HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
User-Agent: Microsoft BITS/7.8
Host: msedge.b.tlu.dl.delivery.mp.microsoft.com

Response

HTTP/1.1 200 OK

Date: Tue, 18 Mar 2025 04:46:04 GMT
Content-Type: application/x-chrome-extension
Content-Length: 3252444
Connection: keep-alive
Cache-Control: public, max-age=17280000
Last-Modified: Fri, 14 Mar 2025 00:39:38 GMT
ETag: "fhn27GJGqXDzuFRUyDerHGezeKE="
X-AspNetMvc-Version: 5.3
MS-CorrelationId: 24f97aec-dadd-4884-8da2-3c7e0eaa6e8b
MS-RequestId: 13cfd6bd-28c7-4c85-904b-4c22ac0350fd
MS-CV: QFBcx2VJ3k6Oosxy.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
X-Powered-By: ARR/3.0
X-Powered-By: ASP.NET
X-CID: 9
X-CCC: it
Ocn-Cache-Status: HIT
Ocn-Requestid: 100000085ff999bd-4252475243-20
Ocn-Served-By: QLT
Accept-Ranges: bytes
Server: Qwilt
X-OC-Service-Type: lo
GET

http://msedge.b.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/5643cf9d-4e0e-4f1a-bd96-6abb91536f90?P1=1742571700&P2=404&P3=2&P4=hMcnnpDTBmbyAXVqIgdDCDy7eS7ZSDbtpeKEEGxfv4tq5nsiKusPeHlWtG0cOjPZsRpnbM3KXABIhsNsKmOYGw%3d%3d

Remote address:

91.81.129.182:80

Request

GET /filestreamingservice/files/5643cf9d-4e0e-4f1a-bd96-6abb91536f90?P1=1742571700&P2=404&P3=2&P4=hMcnnpDTBmbyAXVqIgdDCDy7eS7ZSDbtpeKEEGxfv4tq5nsiKusPeHlWtG0cOjPZsRpnbM3KXABIhsNsKmOYGw%3d%3d HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
If-Unmodified-Since: Fri, 14 Mar 2025 00:39:38 GMT
User-Agent: Microsoft BITS/7.8
Host: msedge.b.tlu.dl.delivery.mp.microsoft.com

Response

HTTP/1.1 200 OK

Date: Tue, 18 Mar 2025 04:46:04 GMT
Content-Type: application/x-chrome-extension
Content-Length: 3252444
Connection: keep-alive
Cache-Control: public, max-age=17280000
Last-Modified: Fri, 14 Mar 2025 00:39:38 GMT
ETag: "fhn27GJGqXDzuFRUyDerHGezeKE="
X-AspNetMvc-Version: 5.3
MS-CorrelationId: 24f97aec-dadd-4884-8da2-3c7e0eaa6e8b
MS-RequestId: 13cfd6bd-28c7-4c85-904b-4c22ac0350fd
MS-CV: QFBcx2VJ3k6Oosxy.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
X-Powered-By: ARR/3.0
X-Powered-By: ASP.NET
X-CID: 9
X-CCC: it
Ocn-Cache-Status: HIT
Ocn-Requestid: 100000085ff99a3b-4252475243-21
Ocn-Served-By: QLT
Accept-Ranges: bytes
Server: Qwilt
X-OC-Service-Type: lo
HEAD

http://msedge.b.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/0cd04ea6-f2d8-46ef-8173-46a29bb98c18?P1=1742349813&P2=404&P3=2&P4=Uj7wyTLzlK6IeN8ektF4FMr5Vl1og1iyALNbc%2bidT4acxr5ED%2bJzrfEW79h9iGYfcGzrMaKz6GiUq5d18XtGkA%3d%3d

Remote address:

91.81.129.182:80

Request

HEAD /filestreamingservice/files/0cd04ea6-f2d8-46ef-8173-46a29bb98c18?P1=1742349813&P2=404&P3=2&P4=Uj7wyTLzlK6IeN8ektF4FMr5Vl1og1iyALNbc%2bidT4acxr5ED%2bJzrfEW79h9iGYfcGzrMaKz6GiUq5d18XtGkA%3d%3d HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
User-Agent: Microsoft BITS/7.8
Host: msedge.b.tlu.dl.delivery.mp.microsoft.com

Response

HTTP/1.1 200 OK

Date: Tue, 18 Mar 2025 04:46:49 GMT
Content-Type: application/x-chrome-extension
Content-Length: 4340683
Connection: keep-alive
Cache-Control: public, max-age=17280000
Last-Modified: Tue, 04 Mar 2025 10:55:27 GMT
ETag: "oGE+t7TnycsMe+9IbQWqFurtTwo="
X-AspNetMvc-Version: 5.3
MS-CorrelationId: abf0c69d-a8cd-4119-833f-1abe8fee56e7
MS-RequestId: ad3c008a-d8a2-445f-9c76-2c8fb1087033
MS-CV: 90qHc7wJu0Wrm2zQ.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
X-Powered-By: ARR/3.0
X-Powered-By: ASP.NET
X-CID: 9
X-CCC: it
Ocn-Cache-Status: HIT
Ocn-Requestid: 100000085ffa6b2f-4252475243-22
Ocn-Served-By: QLT
Accept-Ranges: bytes
Server: Qwilt
X-OC-Service-Type: lo
GET

http://msedge.b.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/0cd04ea6-f2d8-46ef-8173-46a29bb98c18?P1=1742349813&P2=404&P3=2&P4=Uj7wyTLzlK6IeN8ektF4FMr5Vl1og1iyALNbc%2bidT4acxr5ED%2bJzrfEW79h9iGYfcGzrMaKz6GiUq5d18XtGkA%3d%3d

Remote address:

91.81.129.182:80

Request

GET /filestreamingservice/files/0cd04ea6-f2d8-46ef-8173-46a29bb98c18?P1=1742349813&P2=404&P3=2&P4=Uj7wyTLzlK6IeN8ektF4FMr5Vl1og1iyALNbc%2bidT4acxr5ED%2bJzrfEW79h9iGYfcGzrMaKz6GiUq5d18XtGkA%3d%3d HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
If-Unmodified-Since: Tue, 04 Mar 2025 10:55:27 GMT
User-Agent: Microsoft BITS/7.8
Host: msedge.b.tlu.dl.delivery.mp.microsoft.com

Response

HTTP/1.1 200 OK

Date: Tue, 18 Mar 2025 04:46:49 GMT
Content-Type: application/x-chrome-extension
Content-Length: 4340683
Connection: keep-alive
Cache-Control: public, max-age=17280000
Last-Modified: Tue, 04 Mar 2025 10:55:27 GMT
ETag: "oGE+t7TnycsMe+9IbQWqFurtTwo="
X-AspNetMvc-Version: 5.3
MS-CorrelationId: abf0c69d-a8cd-4119-833f-1abe8fee56e7
MS-RequestId: ad3c008a-d8a2-445f-9c76-2c8fb1087033
MS-CV: 90qHc7wJu0Wrm2zQ.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
X-Powered-By: ARR/3.0
X-Powered-By: ASP.NET
X-CID: 9
X-CCC: it
Ocn-Cache-Status: HIT
Ocn-Requestid: 100000085ffa6b99-4252475243-23
Ocn-Served-By: QLT
Accept-Ranges: bytes
Server: Qwilt
X-OC-Service-Type: lo
DNS

edge.microsoft.com

msedge.exe

Remote address:

8.8.8.8:53

Request

edge.microsoft.com

IN A

Response

edge.microsoft.com

IN CNAME

edge-domain.trafficmanager.net

edge-domain.trafficmanager.net

IN CNAME

edge-microsoft-com.dual-a-0036.a-msedge.net

edge-microsoft-com.dual-a-0036.a-msedge.net

IN CNAME

dual-a-0036.a-msedge.net

dual-a-0036.a-msedge.net

IN A

13.107.21.239

dual-a-0036.a-msedge.net

IN A

204.79.197.239
DNS

edge.microsoft.com

msedge.exe

Remote address:

8.8.8.8:53

Request

edge.microsoft.com

IN Unknown

Response

edge.microsoft.com

IN CNAME

edge-domain.trafficmanager.net

edge-domain.trafficmanager.net

IN CNAME

edge-microsoft-com.dual-a-0036.a-msedge.net
DNS

www.facebook.com

msedge.exe

Remote address:

8.8.8.8:53

Request

www.facebook.com

IN A

Response

www.facebook.com

IN CNAME

star-mini.c10r.facebook.com

star-mini.c10r.facebook.com

IN A

163.70.147.35
DNS

www.facebook.com

msedge.exe

Remote address:

8.8.8.8:53

Request

www.facebook.com

IN Unknown

Response

www.facebook.com

IN CNAME

star-mini.c10r.facebook.com

star-mini.c10r.facebook.com

IN Unknown

star-minifallbackc10rfacebookcomh2h3

star-mini.c10r.facebook.com

IN Unknown

h2h3
DNS

msedge.b.tlu.dl.delivery.mp.microsoft.com

Remote address:

8.8.8.8:53

Request

msedge.b.tlu.dl.delivery.mp.microsoft.com

IN A

Response

msedge.b.tlu.dl.delivery.mp.microsoft.com

IN CNAME

star.b.tlu.dl.delivery.mp.microsoft.com.delivery.microsoft.com

star.b.tlu.dl.delivery.mp.microsoft.com.delivery.microsoft.com

IN CNAME

cdp-f-tlu-net.trafficmanager.net

cdp-f-tlu-net.trafficmanager.net

IN CNAME

wildcard.f.tlu.dl.delivery.mp.microsoft.com.edgesuite.net

wildcard.f.tlu.dl.delivery.mp.microsoft.com.edgesuite.net

IN CNAME

a1847.dscd.akamai.net

a1847.dscd.akamai.net

IN A

104.77.160.78

a1847.dscd.akamai.net

IN A

104.77.160.86
DNS

accounts.google.com

msedge.exe

Remote address:

8.8.8.8:53

Request

accounts.google.com

IN A

Response

accounts.google.com

IN A

142.250.153.84
DNS

accounts.google.com

msedge.exe

Remote address:

8.8.8.8:53

Request

accounts.google.com

IN Unknown

Response
DNS

msedge.b.tlu.dl.delivery.mp.microsoft.com

Remote address:

8.8.8.8:53

Request

msedge.b.tlu.dl.delivery.mp.microsoft.com

IN A

Response

msedge.b.tlu.dl.delivery.mp.microsoft.com

IN CNAME

star.b.tlu.dl.delivery.mp.microsoft.com.delivery.microsoft.com

star.b.tlu.dl.delivery.mp.microsoft.com.delivery.microsoft.com

IN CNAME

cdp-f-tlu-net.trafficmanager.net

cdp-f-tlu-net.trafficmanager.net

IN CNAME

wildcard.f.tlu.dl.delivery.mp.microsoft.com.edgesuite.net

wildcard.f.tlu.dl.delivery.mp.microsoft.com.edgesuite.net

IN CNAME

a1847.dscd.akamai.net

a1847.dscd.akamai.net

IN A

104.77.160.86

a1847.dscd.akamai.net

IN A

104.77.160.78
DNS

edge.microsoft.com

msedge.exe

Remote address:

8.8.8.8:53

Request

edge.microsoft.com

IN A

Response

edge.microsoft.com

IN CNAME

edge-domain.trafficmanager.net

edge-domain.trafficmanager.net

IN CNAME

edge-microsoft-com.ax-0002.ax-msedge.net

edge-microsoft-com.ax-0002.ax-msedge.net

IN CNAME

ax-0002.ax-msedge.net

ax-0002.ax-msedge.net

IN A

150.171.28.11

ax-0002.ax-msedge.net

IN A

150.171.27.11
DNS

edge.microsoft.com

msedge.exe

Remote address:

8.8.8.8:53

Request

edge.microsoft.com

IN Unknown

Response

edge.microsoft.com

IN CNAME

edge-domain.trafficmanager.net

edge-domain.trafficmanager.net

IN CNAME

edge-microsoft-com.dual-a-0036.a-msedge.net
DNS

msedge.b.tlu.dl.delivery.mp.microsoft.com

Remote address:

8.8.8.8:53

Request

msedge.b.tlu.dl.delivery.mp.microsoft.com

IN A

Response

msedge.b.tlu.dl.delivery.mp.microsoft.com

IN CNAME

star.b.tlu.dl.delivery.mp.microsoft.com.delivery.microsoft.com

star.b.tlu.dl.delivery.mp.microsoft.com.delivery.microsoft.com

IN CNAME

cdp-f-tlu-net.trafficmanager.net

cdp-f-tlu-net.trafficmanager.net

IN CNAME

fg.microsoft.map.fastly.net

fg.microsoft.map.fastly.net

IN A

199.232.214.172

fg.microsoft.map.fastly.net

IN A

199.232.210.172
DNS

edge.microsoft.com

msedge.exe

Remote address:

8.8.8.8:53

Request

edge.microsoft.com

IN A

Response

edge.microsoft.com

IN CNAME

edge-domain.trafficmanager.net

edge-domain.trafficmanager.net

IN CNAME

edge-microsoft-com.dual-a-0036.a-msedge.net

edge-microsoft-com.dual-a-0036.a-msedge.net

IN CNAME

dual-a-0036.a-msedge.net

dual-a-0036.a-msedge.net

IN A

204.79.197.239

dual-a-0036.a-msedge.net

IN A

13.107.21.239
DNS

edge.microsoft.com

msedge.exe

Remote address:

8.8.8.8:53

Request

edge.microsoft.com

IN Unknown

Response

edge.microsoft.com

IN CNAME

edge-domain.trafficmanager.net

edge-domain.trafficmanager.net

IN CNAME

edge-microsoft-com.dual-a-0036.a-msedge.net
DNS

edge.microsoft.com

msedge.exe

Remote address:

8.8.8.8:53

Request

edge.microsoft.com

IN A

Response

edge.microsoft.com

IN CNAME

edge-domain.trafficmanager.net

edge-domain.trafficmanager.net

IN CNAME

edge-microsoft-com.dual-a-0036.a-msedge.net

edge-microsoft-com.dual-a-0036.a-msedge.net

IN CNAME

dual-a-0036.a-msedge.net

dual-a-0036.a-msedge.net

IN A

13.107.21.239

dual-a-0036.a-msedge.net

IN A

204.79.197.239
DNS

edge.microsoft.com

msedge.exe

Remote address:

8.8.8.8:53

Request

edge.microsoft.com

IN Unknown

Response

edge.microsoft.com

IN CNAME

edge-domain.trafficmanager.net

edge-domain.trafficmanager.net

IN CNAME

edge-microsoft-com.dual-a-0036.a-msedge.net
DNS

accounts.google.com

msedge.exe

Remote address:

8.8.8.8:53

Request

accounts.google.com

IN A

Response

accounts.google.com

IN A

142.250.153.84
DNS

accounts.google.com

msedge.exe

Remote address:

8.8.8.8:53

Request

accounts.google.com

IN Unknown

Response
DNS

consent.youtube.com

msedge.exe

Remote address:

8.8.8.8:53

Request

consent.youtube.com

IN A

Response

consent.youtube.com

IN A

142.250.200.46
DNS

consent.youtube.com

msedge.exe

Remote address:

8.8.8.8:53

Request

consent.youtube.com

IN Unknown

Response
DNS

msedge.b.tlu.dl.delivery.mp.microsoft.com

Remote address:

8.8.8.8:53

Request

msedge.b.tlu.dl.delivery.mp.microsoft.com

IN A

Response

msedge.b.tlu.dl.delivery.mp.microsoft.com

IN CNAME

star.b.tlu.dl.delivery.mp.microsoft.com.delivery.microsoft.com

star.b.tlu.dl.delivery.mp.microsoft.com.delivery.microsoft.com

IN CNAME

cdp-f-tlu-net.trafficmanager.net

cdp-f-tlu-net.trafficmanager.net

IN CNAME

fg.microsoft.map.fastly.net

fg.microsoft.map.fastly.net

IN A

199.232.214.172

fg.microsoft.map.fastly.net

IN A

199.232.210.172
DNS

msedge.b.tlu.dl.delivery.mp.microsoft.com

Remote address:

8.8.8.8:53

Request

msedge.b.tlu.dl.delivery.mp.microsoft.com

IN A

Response

msedge.b.tlu.dl.delivery.mp.microsoft.com

IN CNAME

star.b.tlu.dl.delivery.mp.microsoft.com.delivery.microsoft.com

star.b.tlu.dl.delivery.mp.microsoft.com.delivery.microsoft.com

IN CNAME

cdp-f-tlu-net.trafficmanager.net

cdp-f-tlu-net.trafficmanager.net

IN CNAME

wildcard.f.tlu.dl.delivery.mp.microsoft.com.edgesuite.net

wildcard.f.tlu.dl.delivery.mp.microsoft.com.edgesuite.net

IN CNAME

a1847.dscd.akamai.net

a1847.dscd.akamai.net

IN A

104.77.160.86

a1847.dscd.akamai.net

IN A

104.77.160.78

13.107.21.239:80

http://edge.microsoft.com/browsernetworktime/time/1/current?cup2key=2:V4MQQuB0-C4UqyzXQoVWc2294wO9qjsd0KKlChVO5gY&cup2hreq=e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

http

msedge.exe

883 B
1.1kB
5
5

HTTP Request

GET http://edge.microsoft.com/browsernetworktime/time/1/current?cup2key=2:V4MQQuB0-C4UqyzXQoVWc2294wO9qjsd0KKlChVO5gY&cup2hreq=e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Response

200
204.79.197.239:443

edge.microsoft.com

tls

msedge.exe

2.2kB
6.5kB
9
12
157.240.214.35:443

www.facebook.com

tls

msedge.exe

2.3kB
3.3kB
9
8
142.250.200.14:443

www.youtube.com

tls

msedge.exe

3.3kB
11.6kB
15
18
142.250.153.84:443

accounts.google.com

tls

msedge.exe

2.1kB
5.7kB
8
8
94.245.104.56:443

api.edgeoffer.microsoft.com

msedge.exe

98 B
52 B
2
1
142.250.153.84:443

accounts.google.com

tls

msedge.exe

3.6kB
9.4kB
17
21
94.245.104.56:443

api.edgeoffer.microsoft.com

tls

msedge.exe

2.9kB
6.6kB
9
10
204.79.197.239:443

edge.microsoft.com

tls

msedge.exe

3.4kB
8.3kB
15
18
142.250.200.46:443

consent.youtube.com

tls

msedge.exe

4.6kB
77.0kB
39
64
94.245.104.56:443

api.edgeoffer.microsoft.com

tls

msedge.exe

3.5kB
7.4kB
12
13
13.107.21.239:443

edge.microsoft.com

tls

msedge.exe

3.0kB
7.7kB
15
17
216.58.201.110:443

accounts.youtube.com

tls

msedge.exe

3.8kB
25.2kB
21
27
142.250.187.206:443

play.google.com

tls

msedge.exe

2.2kB
8.1kB
9
10
142.250.187.206:443

play.google.com

tls

msedge.exe

2.1kB
8.1kB
9
10
142.250.187.206:443

play.google.com

tls

msedge.exe

4.9kB
10.4kB
21
23
142.250.187.206:443

play.google.com

tls

msedge.exe

2.3kB
8.8kB
11
11
150.171.28.10:443

https://g.bing.com/neg/0?action=emptycreativeimpression&adUnitId=11730597&publisherId=251978541&rid=cdfcc45d640b486daa2513fdd84bfd45&localId=w:CBB7F54C-C09B-E6A4-2E33-59BBA531C848&deviceId=6966580960794682&anid=

tls, http2

2.0kB
9.4kB
21
19

HTTP Request

GET https://g.bing.com/neg/0?action=emptycreativeimpression&adUnitId=11730597&publisherId=251978541&rid=cdfcc45d640b486daa2513fdd84bfd45&localId=w:CBB7F54C-C09B-E6A4-2E33-59BBA531C848&deviceId=6966580960794682&anid=

HTTP Response

204

HTTP Request

GET https://g.bing.com/neg/0?action=emptycreative&adUnitId=11730597&publisherId=251978541&rid=cdfcc45d640b486daa2513fdd84bfd45&localId=w:CBB7F54C-C09B-E6A4-2E33-59BBA531C848&deviceId=6966580960794682&anid=

HTTP Response

204

HTTP Request

GET https://g.bing.com/neg/0?action=emptycreativeimpression&adUnitId=11730597&publisherId=251978541&rid=cdfcc45d640b486daa2513fdd84bfd45&localId=w:CBB7F54C-C09B-E6A4-2E33-59BBA531C848&deviceId=6966580960794682&anid=

HTTP Response

204
150.171.28.11:443

edge.microsoft.com

tls

msedge.exe

3.3kB
8.8kB
17
21
157.240.221.16:443

scontent-lhr8-1.xx.fbcdn.net

tls

msedge.exe

3.3kB
6.4kB
14
16
163.70.147.23:443

scontent.xx.fbcdn.net

tls

msedge.exe

3.1kB
5.2kB
14
15
204.79.197.239:443

edge.microsoft.com

tls

msedge.exe

4.3kB
3.2kB
18
21
2.18.66.42:443

www.bing.com

tls

msedge.exe

3.2kB
6.6kB
15
17
150.171.27.11:443

edge.microsoft.com

tls

msedge.exe

3.1kB
7.5kB
14
17
13.107.246.64:443

edgeassetservice.azureedge.net

tls

msedge.exe

4.3kB
29.9kB
31
32
13.107.246.64:443

edge-consumer-static.azureedge.net

tls

msedge.exe

3.8kB
9.3kB
18
21
142.250.187.206:443

play.google.com

tls

msedge.exe

4.6kB
10.2kB
23
25
13.107.246.64:443

static.edge.microsoftapp.net

tls

msedge.exe

3.7kB
10.0kB
19
22
150.171.27.11:443

edge.microsoft.com

tls

msedge.exe

29.8kB
16.7kB
69
73
13.107.246.64:443

edge-mobile-static.azureedge.net

tls

msedge.exe

3.9kB
12.9kB
20
23
142.250.200.35:80

http://c.pki.goog/r/r1.crl

http

476 B
395 B
6
4

HTTP Request

GET http://c.pki.goog/r/r1.crl

HTTP Response

304
91.81.129.182:80

http://msedge.b.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/0cd04ea6-f2d8-46ef-8173-46a29bb98c18?P1=1742349813&P2=404&P3=2&P4=Uj7wyTLzlK6IeN8ektF4FMr5Vl1og1iyALNbc%2bidT4acxr5ED%2bJzrfEW79h9iGYfcGzrMaKz6GiUq5d18XtGkA%3d%3d

http

330.5kB
12.2MB
5637
8778

HTTP Request

HEAD http://msedge.b.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/2a0d597c-a09c-4400-be86-87596dd2e696?P1=1742410104&P2=404&P3=2&P4=kAUeIRBk%2bHnmkXoQVcVYoQCN20Iona0OdYuzUyUxDt2og1GoZcaOAapMtHKx65nWn7Ow9j2xPqKtRfEinpU5jw%3d%3d

HTTP Response

200

HTTP Request

GET http://msedge.b.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/2a0d597c-a09c-4400-be86-87596dd2e696?P1=1742410104&P2=404&P3=2&P4=kAUeIRBk%2bHnmkXoQVcVYoQCN20Iona0OdYuzUyUxDt2og1GoZcaOAapMtHKx65nWn7Ow9j2xPqKtRfEinpU5jw%3d%3d

HTTP Response

206

HTTP Request

GET http://msedge.b.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/2a0d597c-a09c-4400-be86-87596dd2e696?P1=1742410104&P2=404&P3=2&P4=kAUeIRBk%2bHnmkXoQVcVYoQCN20Iona0OdYuzUyUxDt2og1GoZcaOAapMtHKx65nWn7Ow9j2xPqKtRfEinpU5jw%3d%3d

HTTP Response

206

HTTP Request

GET http://msedge.b.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/2a0d597c-a09c-4400-be86-87596dd2e696?P1=1742410104&P2=404&P3=2&P4=kAUeIRBk%2bHnmkXoQVcVYoQCN20Iona0OdYuzUyUxDt2og1GoZcaOAapMtHKx65nWn7Ow9j2xPqKtRfEinpU5jw%3d%3d

HTTP Response

206

HTTP Request

HEAD http://msedge.b.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/51e2aa9e-0a9d-4432-95ba-449f08b06e7d?P1=1742805538&P2=404&P3=2&P4=PRlWq%2bG3UiZFCHhIj4EBFQR0O0umAp%2bCCSZTCspL1QunWEZHIQS1Cy13l%2fskUvaAENqrI%2bt2mW41wLoUAKLqxw%3d%3d

HTTP Response

200

HTTP Request

GET http://msedge.b.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/51e2aa9e-0a9d-4432-95ba-449f08b06e7d?P1=1742805538&P2=404&P3=2&P4=PRlWq%2bG3UiZFCHhIj4EBFQR0O0umAp%2bCCSZTCspL1QunWEZHIQS1Cy13l%2fskUvaAENqrI%2bt2mW41wLoUAKLqxw%3d%3d

HTTP Response

206

HTTP Request

GET http://msedge.b.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/51e2aa9e-0a9d-4432-95ba-449f08b06e7d?P1=1742805538&P2=404&P3=2&P4=PRlWq%2bG3UiZFCHhIj4EBFQR0O0umAp%2bCCSZTCspL1QunWEZHIQS1Cy13l%2fskUvaAENqrI%2bt2mW41wLoUAKLqxw%3d%3d

HTTP Response

206

HTTP Request

GET http://msedge.b.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/51e2aa9e-0a9d-4432-95ba-449f08b06e7d?P1=1742805538&P2=404&P3=2&P4=PRlWq%2bG3UiZFCHhIj4EBFQR0O0umAp%2bCCSZTCspL1QunWEZHIQS1Cy13l%2fskUvaAENqrI%2bt2mW41wLoUAKLqxw%3d%3d

HTTP Response

206

HTTP Request

GET http://msedge.b.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/51e2aa9e-0a9d-4432-95ba-449f08b06e7d?P1=1742805538&P2=404&P3=2&P4=PRlWq%2bG3UiZFCHhIj4EBFQR0O0umAp%2bCCSZTCspL1QunWEZHIQS1Cy13l%2fskUvaAENqrI%2bt2mW41wLoUAKLqxw%3d%3d

HTTP Response

206

HTTP Request

GET http://msedge.b.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/51e2aa9e-0a9d-4432-95ba-449f08b06e7d?P1=1742805538&P2=404&P3=2&P4=PRlWq%2bG3UiZFCHhIj4EBFQR0O0umAp%2bCCSZTCspL1QunWEZHIQS1Cy13l%2fskUvaAENqrI%2bt2mW41wLoUAKLqxw%3d%3d

HTTP Response

206

HTTP Request

HEAD http://msedge.b.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/1159c5f4-512b-4855-918f-92aa88aa927b?P1=1742839398&P2=404&P3=2&P4=TMD1ET0tZIFliCudyboyLAugu5%2fuMZQbXT0M%2bMdIHGGt2SsDc3FtBz7QOMP8eEgvZksiyLySN7MIZ8m5Drl0Vw%3d%3d

HTTP Response

200

HTTP Request

GET http://msedge.b.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/1159c5f4-512b-4855-918f-92aa88aa927b?P1=1742839398&P2=404&P3=2&P4=TMD1ET0tZIFliCudyboyLAugu5%2fuMZQbXT0M%2bMdIHGGt2SsDc3FtBz7QOMP8eEgvZksiyLySN7MIZ8m5Drl0Vw%3d%3d

HTTP Response

200

HTTP Request

HEAD http://msedge.b.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/2132f61f-f790-4ae6-a355-8cf9a1533800?P1=1742410102&P2=404&P3=2&P4=ReLjstUwhjy05OODPmVE4LQ%2feTTbKUaVl31lJtI67yF6AqE2Ts0OGIr0JD%2f7JK3X%2bgELUiU7QZbfljLuP3EUKQ%3d%3d

HTTP Response

200

HTTP Request

GET http://msedge.b.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/2132f61f-f790-4ae6-a355-8cf9a1533800?P1=1742410102&P2=404&P3=2&P4=ReLjstUwhjy05OODPmVE4LQ%2feTTbKUaVl31lJtI67yF6AqE2Ts0OGIr0JD%2f7JK3X%2bgELUiU7QZbfljLuP3EUKQ%3d%3d

HTTP Response

206

HTTP Request

GET http://msedge.b.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/2132f61f-f790-4ae6-a355-8cf9a1533800?P1=1742410102&P2=404&P3=2&P4=ReLjstUwhjy05OODPmVE4LQ%2feTTbKUaVl31lJtI67yF6AqE2Ts0OGIr0JD%2f7JK3X%2bgELUiU7QZbfljLuP3EUKQ%3d%3d

HTTP Response

206

HTTP Request

HEAD http://msedge.b.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/68591036-2289-4858-9f7f-9149e89c8a08?P1=1742413702&P2=404&P3=2&P4=lnzm3KE7xp8kqorrUGMU6vk2Hik9kEPChX7CQunxC%2bP%2fccuvQCKco7QOY%2fmHWmFN3LeHxoP2mo3tfST9yJnV%2fQ%3d%3d

HTTP Response

200

HTTP Request

GET http://msedge.b.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/68591036-2289-4858-9f7f-9149e89c8a08?P1=1742413702&P2=404&P3=2&P4=lnzm3KE7xp8kqorrUGMU6vk2Hik9kEPChX7CQunxC%2bP%2fccuvQCKco7QOY%2fmHWmFN3LeHxoP2mo3tfST9yJnV%2fQ%3d%3d

HTTP Response

200

HTTP Request

HEAD http://msedge.b.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/0c269ced-c74b-4e70-9b58-6e7999b292c0?P1=1742406501&P2=404&P3=2&P4=BqrIIzGV13yx3Y%2fDnUXC9PJtJBqQNzUXYFTNpWoiXMH3hreUtC0k0dyHDB%2fq2QZZAqFjY8FYyVJHdc7z3rVRrQ%3d%3d

HTTP Response

200

HTTP Request

GET http://msedge.b.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/0c269ced-c74b-4e70-9b58-6e7999b292c0?P1=1742406501&P2=404&P3=2&P4=BqrIIzGV13yx3Y%2fDnUXC9PJtJBqQNzUXYFTNpWoiXMH3hreUtC0k0dyHDB%2fq2QZZAqFjY8FYyVJHdc7z3rVRrQ%3d%3d

HTTP Response

200

HTTP Request

HEAD http://msedge.b.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/5643cf9d-4e0e-4f1a-bd96-6abb91536f90?P1=1742571700&P2=404&P3=2&P4=hMcnnpDTBmbyAXVqIgdDCDy7eS7ZSDbtpeKEEGxfv4tq5nsiKusPeHlWtG0cOjPZsRpnbM3KXABIhsNsKmOYGw%3d%3d

HTTP Response

200

HTTP Request

GET http://msedge.b.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/5643cf9d-4e0e-4f1a-bd96-6abb91536f90?P1=1742571700&P2=404&P3=2&P4=hMcnnpDTBmbyAXVqIgdDCDy7eS7ZSDbtpeKEEGxfv4tq5nsiKusPeHlWtG0cOjPZsRpnbM3KXABIhsNsKmOYGw%3d%3d

HTTP Response

200

HTTP Request

HEAD http://msedge.b.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/0cd04ea6-f2d8-46ef-8173-46a29bb98c18?P1=1742349813&P2=404&P3=2&P4=Uj7wyTLzlK6IeN8ektF4FMr5Vl1og1iyALNbc%2bidT4acxr5ED%2bJzrfEW79h9iGYfcGzrMaKz6GiUq5d18XtGkA%3d%3d

HTTP Response

200

HTTP Request

GET http://msedge.b.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/0cd04ea6-f2d8-46ef-8173-46a29bb98c18?P1=1742349813&P2=404&P3=2&P4=Uj7wyTLzlK6IeN8ektF4FMr5Vl1og1iyALNbc%2bidT4acxr5ED%2bJzrfEW79h9iGYfcGzrMaKz6GiUq5d18XtGkA%3d%3d

HTTP Response

200
204.79.197.239:443

edge.microsoft.com

tls

msedge.exe

3.1kB
1.3kB
11
11

8.8.8.8:53

g.bing.com

dns

56 B
148 B
1
1

DNS Request

g.bing.com

DNS Response

150.171.28.10

150.171.27.10
8.8.8.8:53

edge.microsoft.com

dns

msedge.exe

64 B
208 B
1
1

DNS Request

edge.microsoft.com

DNS Response

13.107.21.239

204.79.197.239
8.8.8.8:53

edge.microsoft.com

dns

msedge.exe

64 B
206 B
1
1

DNS Request

edge.microsoft.com
8.8.8.8:53

www.youtube.com

dns

msedge.exe

61 B
335 B
1
1

DNS Request

www.youtube.com

DNS Response

142.250.200.14

142.250.178.14

142.250.180.14

142.250.187.238

216.58.212.238

172.217.169.46

216.58.204.78

216.58.201.110

142.250.200.46

172.217.16.238

216.58.213.14

172.217.169.14

216.58.212.206

142.250.187.206

142.250.179.238
8.8.8.8:53

www.youtube.com

dns

msedge.exe

61 B
110 B
1
1

DNS Request

www.youtube.com
8.8.8.8:53

www.facebook.com

dns

msedge.exe

62 B
107 B
1
1

DNS Request

www.facebook.com

DNS Response

157.240.214.35
8.8.8.8:53

www.facebook.com

dns

msedge.exe

62 B
178 B
1
1

DNS Request

www.facebook.com
8.8.8.8:53

accounts.google.com

dns

msedge.exe

65 B
81 B
1
1

DNS Request

accounts.google.com

DNS Response

142.250.153.84
8.8.8.8:53

accounts.google.com

dns

msedge.exe

65 B
115 B
1
1

DNS Request

accounts.google.com
8.8.8.8:53

edge.microsoft.com

dns

msedge.exe

64 B
208 B
1
1

DNS Request

edge.microsoft.com

DNS Response

204.79.197.239

13.107.21.239
8.8.8.8:53

edge.microsoft.com

dns

msedge.exe

64 B
206 B
1
1

DNS Request

edge.microsoft.com
157.240.214.35:443

www.facebook.com

https

msedge.exe

6.9kB
113.9kB
60
108
8.8.8.8:53

api.edgeoffer.microsoft.com

dns

msedge.exe

73 B
226 B
1
1

DNS Request

api.edgeoffer.microsoft.com

DNS Response

94.245.104.56
8.8.8.8:53

api.edgeoffer.microsoft.com

dns

msedge.exe

73 B
271 B
1
1

DNS Request

api.edgeoffer.microsoft.com
8.8.8.8:53

consent.youtube.com

dns

msedge.exe

65 B
81 B
1
1

DNS Request

consent.youtube.com

DNS Response

142.250.200.46
8.8.8.8:53

consent.youtube.com

dns

msedge.exe

65 B
122 B
1
1

DNS Request

consent.youtube.com
142.250.153.84:443

accounts.google.com

https

msedge.exe

10.4kB
174.0kB
74
161
8.8.8.8:53

static.xx.fbcdn.net

dns

msedge.exe

65 B
104 B
1
1

DNS Request

static.xx.fbcdn.net

DNS Response

163.70.147.23
8.8.8.8:53

static.xx.fbcdn.net

dns

msedge.exe

65 B
169 B
1
1

DNS Request

static.xx.fbcdn.net
163.70.147.23:443

static.xx.fbcdn.net

https

msedge.exe

12.3kB
897.6kB
136
738
157.240.214.35:443

www.facebook.com

https

msedge.exe

3.8kB
5.1kB
9
13
8.8.8.8:53

edge.microsoft.com

dns

msedge.exe

64 B
208 B
1
1

DNS Request

edge.microsoft.com

DNS Response

13.107.21.239

204.79.197.239
8.8.8.8:53

edge.microsoft.com

dns

msedge.exe

64 B
209 B
1
1

DNS Request

edge.microsoft.com
8.8.8.8:53

accounts.youtube.com

dns

msedge.exe

66 B
110 B
1
1

DNS Request

accounts.youtube.com

DNS Response

216.58.201.110
8.8.8.8:53

accounts.youtube.com

dns

msedge.exe

66 B
144 B
1
1

DNS Request

accounts.youtube.com
8.8.8.8:53

play.google.com

dns

msedge.exe

61 B
77 B
1
1

DNS Request

play.google.com

DNS Response

142.250.187.206
8.8.8.8:53

play.google.com

dns

msedge.exe

61 B
111 B
1
1

DNS Request

play.google.com
8.8.8.8:53

www.google.com

dns

msedge.exe

60 B
76 B
1
1

DNS Request

www.google.com

DNS Response

142.250.200.4
8.8.8.8:53

www.google.com

dns

msedge.exe

60 B
85 B
1
1

DNS Request

www.google.com
163.70.147.23:443

static.xx.fbcdn.net

https

msedge.exe

11.7kB
476.1kB
118
426
142.250.200.4:443

www.google.com

https

msedge.exe

5.5kB
12.8kB
14
16
8.8.8.8:53

www.google.com

dns

msedge.exe

60 B
76 B
1
1

DNS Request

www.google.com

DNS Response

142.250.200.4
8.8.8.8:53

www.google.com

dns

msedge.exe

60 B
85 B
1
1

DNS Request

www.google.com
142.250.200.4:443

www.google.com

https

msedge.exe

5.4kB
12.9kB
13
16
157.240.214.35:443

www.facebook.com

https

msedge.exe

28.3kB
164.9kB
95
163
163.70.147.23:443

static.xx.fbcdn.net

https

msedge.exe

5.4kB
42.9kB
34
53
8.8.8.8:53

edge.microsoft.com

dns

msedge.exe

64 B
205 B
1
1

DNS Request

edge.microsoft.com

DNS Response

150.171.28.11

150.171.27.11
8.8.8.8:53

edge.microsoft.com

dns

msedge.exe

64 B
209 B
1
1

DNS Request

edge.microsoft.com
8.8.8.8:53

scontent-lhr6-1.xx.fbcdn.net

dns

msedge.exe

74 B
90 B
1
1

DNS Request

scontent-lhr6-1.xx.fbcdn.net

DNS Response

163.70.147.23
8.8.8.8:53

scontent-lhr6-1.xx.fbcdn.net

dns

msedge.exe

74 B
99 B
1
1

DNS Request

scontent-lhr6-1.xx.fbcdn.net
163.70.147.23:443

scontent-lhr6-1.xx.fbcdn.net

https

msedge.exe

12.8kB
138.1kB
73
152
8.8.8.8:53

scontent-lhr8-1.xx.fbcdn.net

dns

msedge.exe

74 B
90 B
1
1

DNS Request

scontent-lhr8-1.xx.fbcdn.net

DNS Response

157.240.221.16
8.8.8.8:53

scontent-lhr8-1.xx.fbcdn.net

dns

msedge.exe

74 B
99 B
1
1

DNS Request

scontent-lhr8-1.xx.fbcdn.net
8.8.8.8:53

scontent.xx.fbcdn.net

dns

msedge.exe

67 B
83 B
1
1

DNS Request

scontent.xx.fbcdn.net

DNS Response

163.70.147.23
8.8.8.8:53

scontent.xx.fbcdn.net

dns

msedge.exe

67 B
148 B
1
1

DNS Request

scontent.xx.fbcdn.net
142.250.153.84:443

accounts.google.com

https

msedge.exe

4.1kB
5.5kB
9
13
8.8.8.8:53

edge.microsoft.com

dns

msedge.exe

64 B
205 B
1
1

DNS Request

edge.microsoft.com

DNS Response

150.171.27.11

150.171.28.11
8.8.8.8:53

edge.microsoft.com

dns

msedge.exe

64 B
209 B
1
1

DNS Request

edge.microsoft.com
8.8.8.8:53

edgeassetservice.azureedge.net

dns

msedge.exe

76 B
243 B
1
1

DNS Request

edgeassetservice.azureedge.net

DNS Response

13.107.246.64
8.8.8.8:53

edgeassetservice.azureedge.net

dns

msedge.exe

76 B
287 B
1
1

DNS Request

edgeassetservice.azureedge.net
224.0.0.251:5353

msedge.exe

204 B
3
2.18.66.42:443

www.bing.com

https

msedge.exe

3.3kB
6.9kB
12
15
157.240.214.35:443

www.facebook.com

https

msedge.exe

43.3kB
10.5kB
51
30
142.250.187.206:443

play.google.com

https

msedge.exe

5.0kB
10.5kB
13
16
142.250.187.206:443

play.google.com

https

msedge.exe

5.4kB
5.4kB
10
13
8.8.8.8:53

edge-consumer-static.azureedge.net

dns

msedge.exe

80 B
251 B
1
1

DNS Request

edge-consumer-static.azureedge.net

DNS Response

13.107.246.64
8.8.8.8:53

edge-consumer-static.azureedge.net

dns

msedge.exe

80 B
281 B
1
1

DNS Request

edge-consumer-static.azureedge.net
8.8.8.8:53

play.google.com

dns

msedge.exe

61 B
77 B
1
1

DNS Request

play.google.com

DNS Response

142.250.187.206
8.8.8.8:53

play.google.com

dns

msedge.exe

61 B
111 B
1
1

DNS Request

play.google.com
8.8.8.8:53

static.edge.microsoftapp.net

dns

msedge.exe

74 B
302 B
1
1

DNS Request

static.edge.microsoftapp.net

DNS Response

13.107.246.64
8.8.8.8:53

static.edge.microsoftapp.net

dns

msedge.exe

74 B
332 B
1
1

DNS Request

static.edge.microsoftapp.net
8.8.8.8:53

edge-mobile-static.azureedge.net

dns

msedge.exe

78 B
247 B
1
1

DNS Request

edge-mobile-static.azureedge.net

DNS Response

13.107.246.64
8.8.8.8:53

edge-mobile-static.azureedge.net

dns

msedge.exe

78 B
291 B
1
1

DNS Request

edge-mobile-static.azureedge.net
8.8.8.8:53

accounts.google.com

dns

msedge.exe

65 B
81 B
1
1

DNS Request

accounts.google.com

DNS Response

142.250.153.84
8.8.8.8:53

accounts.google.com

dns

msedge.exe

65 B
115 B
1
1

DNS Request

accounts.google.com
142.250.153.84:443

accounts.google.com

https

msedge.exe

5.6kB
5.5kB
11
14
8.8.8.8:53

consent.youtube.com

dns

msedge.exe

65 B
81 B
1
1

DNS Request

consent.youtube.com

DNS Response

142.250.200.46
8.8.8.8:53

consent.youtube.com

dns

msedge.exe

65 B
122 B
1
1

DNS Request

consent.youtube.com
142.250.200.46:443

consent.youtube.com

https

msedge.exe

5.3kB
11.0kB
11
14
8.8.8.8:53

c.pki.goog

dns

56 B
107 B
1
1

DNS Request

c.pki.goog

DNS Response

142.250.200.35
8.8.8.8:53

msedge.b.tlu.dl.delivery.mp.microsoft.com

dns

87 B
344 B
1
1

DNS Request

msedge.b.tlu.dl.delivery.mp.microsoft.com

DNS Response

91.81.129.182

91.80.49.85

91.80.49.86

91.81.129.180

91.81.129.181
104.86.110.91:443

www.bing.com

https

msedge.exe

3.2kB
3.6kB
9
11
8.8.8.8:53

edge.microsoft.com

dns

msedge.exe

64 B
208 B
1
1

DNS Request

edge.microsoft.com

DNS Response

13.107.21.239

204.79.197.239
8.8.8.8:53

edge.microsoft.com

dns

msedge.exe

64 B
209 B
1
1

DNS Request

edge.microsoft.com
8.8.8.8:53

www.facebook.com

dns

msedge.exe

62 B
107 B
1
1

DNS Request

www.facebook.com

DNS Response

163.70.147.35
8.8.8.8:53

www.facebook.com

dns

msedge.exe

62 B
178 B
1
1

DNS Request

www.facebook.com
163.70.147.35:443

www.facebook.com

https

msedge.exe

4.9kB
5.0kB
9
12
8.8.8.8:53

msedge.b.tlu.dl.delivery.mp.microsoft.com

dns

87 B
328 B
1
1

DNS Request

msedge.b.tlu.dl.delivery.mp.microsoft.com

DNS Response

104.77.160.78

104.77.160.86
8.8.8.8:53

accounts.google.com

dns

msedge.exe

65 B
81 B
1
1

DNS Request

accounts.google.com

DNS Response

142.250.153.84
8.8.8.8:53

accounts.google.com

dns

msedge.exe

65 B
115 B
1
1

DNS Request

accounts.google.com
142.250.153.84:443

accounts.google.com

https

msedge.exe

2.9kB
4.2kB
7
8
8.8.8.8:53

msedge.b.tlu.dl.delivery.mp.microsoft.com

dns

87 B
328 B
1
1

DNS Request

msedge.b.tlu.dl.delivery.mp.microsoft.com

DNS Response

104.77.160.86

104.77.160.78
8.8.8.8:53

edge.microsoft.com

dns

msedge.exe

64 B
205 B
1
1

DNS Request

edge.microsoft.com

DNS Response

150.171.28.11

150.171.27.11
8.8.8.8:53

edge.microsoft.com

dns

msedge.exe

64 B
209 B
1
1

DNS Request

edge.microsoft.com
8.8.8.8:53

msedge.b.tlu.dl.delivery.mp.microsoft.com

dns

87 B
266 B
1
1

DNS Request

msedge.b.tlu.dl.delivery.mp.microsoft.com

DNS Response

199.232.214.172

199.232.210.172
8.8.8.8:53

edge.microsoft.com

dns

msedge.exe

64 B
208 B
1
1

DNS Request

edge.microsoft.com

DNS Response

204.79.197.239

13.107.21.239
8.8.8.8:53

edge.microsoft.com

dns

msedge.exe

64 B
209 B
1
1

DNS Request

edge.microsoft.com
142.250.153.84:443

accounts.google.com

https

msedge.exe

4.1kB
7.1kB
10
13
8.8.8.8:53

edge.microsoft.com

dns

msedge.exe

64 B
208 B
1
1

DNS Request

edge.microsoft.com

DNS Response

13.107.21.239

204.79.197.239
8.8.8.8:53

edge.microsoft.com

dns

msedge.exe

64 B
209 B
1
1

DNS Request

edge.microsoft.com
8.8.8.8:53

accounts.google.com

dns

msedge.exe

65 B
81 B
1
1

DNS Request

accounts.google.com

DNS Response

142.250.153.84
8.8.8.8:53

accounts.google.com

dns

msedge.exe

65 B
115 B
1
1

DNS Request

accounts.google.com
142.250.153.84:443

accounts.google.com

https

msedge.exe

2.9kB
4.2kB
7
8
8.8.8.8:53

consent.youtube.com

dns

msedge.exe

65 B
81 B
1
1

DNS Request

consent.youtube.com

DNS Response

142.250.200.46
8.8.8.8:53

consent.youtube.com

dns

msedge.exe

65 B
122 B
1
1

DNS Request

consent.youtube.com
142.250.200.46:443

consent.youtube.com

https

msedge.exe

6.5kB
5.6kB
10
9
8.8.8.8:53

msedge.b.tlu.dl.delivery.mp.microsoft.com

dns

87 B
266 B
1
1

DNS Request

msedge.b.tlu.dl.delivery.mp.microsoft.com

DNS Response

199.232.214.172

199.232.210.172
8.8.8.8:53

msedge.b.tlu.dl.delivery.mp.microsoft.com

dns

87 B
328 B
1
1

DNS Request

msedge.b.tlu.dl.delivery.mp.microsoft.com

DNS Response

104.77.160.86

104.77.160.78

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Program Files\chrome_Unpacker_BeginUnzipping5980_1367471735\manifest.json

Filesize
116B

MD5
2188c7ec4e86e29013803d6b85b0d5bb

SHA1
5a9b4a91c63e0013f661dfc472edb01385d0e3ce

SHA256
ac47cc331bb96271da2140941926a8accc6cb7599a6f3c17bd31c78f46709a62

SHA512
37c21eaff24a54c2c7571e480ff4f349267e4404111508f241f54a41542ce06bcde4c830c6e195fc48d1bf831ed1fe78da361d1e43416cfd6c02afa8188af656

Download Submit
C:\Program Files\chrome_Unpacker_BeginUnzipping5980_1387330171\manifest.fingerprint

Filesize
66B

MD5
8f2639181ba53326d9fbf097b8b722a5

SHA1
bc2f20985486807e1a58f603773454f57df9dbeb

SHA256
f3a552de3178100a4f029ea16a27b4bc99e23c4aee29bdc062b2fb44c401eca3

SHA512
a35664160b50477244b612b52f1f823d0a35d391d3d4f8a50092d3cc989c887c4a1c9151ca036913b227135672522a1aea261c8d0977074e59a55c881ca9f973

Download Submit
C:\Program Files\chrome_Unpacker_BeginUnzipping5980_1387330171\manifest.json

Filesize
141B

MD5
811f0436837c701dc1cea3d6292b3922

SHA1
4e51a3e9f5cbf8c9c96985dabe8ffc2de28dae87

SHA256
dbfb38a16e33a39c35ac50bd81782e4608be14954f1df69ac8272c0b9ce87a5d

SHA512
21e7bf2f8333b2900bcbcb871ede14684073249597d105095dc7d3f101e7ccc326068732f11d4a167365f245a3f2205793f520c7666d7f948e70919b40b43d35

Download Submit
C:\Program Files\chrome_Unpacker_BeginUnzipping5980_353053472\manifest.json

Filesize
145B

MD5
0df2306638bd60162686e9c4bafbd505

SHA1
ef9e16bf867f7950d5a30172e1d34d38686b0e72

SHA256
fd7b554588c5e72506a0bfed89bc298911a5649b9f5168ad7c1804d1c75de42e

SHA512
73fca229097631104cf352061d62455b6c5520bf59777520165719d2368b0e77f3ce66f52873fec53ac60e35274bf397ba321bc62610f0b7b172a7c5c4975174

Download Submit
C:\Program Files\chrome_Unpacker_BeginUnzipping5980_429123229\manifest.json

Filesize
76B

MD5
ba25fcf816a017558d3434583e9746b8

SHA1
be05c87f7adf6b21273a4e94b3592618b6a4a624

SHA256
0d664bc422a696452111b9a48e7da9043c03786c8d5401282cff9d77bcc34b11

SHA512
3763bd77675221e323faa5502023dc677c08911a673db038e4108a2d4d71b1a6c0727a65128898bb5dfab275e399f4b7ed19ca2194a8a286e8f9171b3536546f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
280B

MD5
998db8a9f40f71e2f3d9e19aac4db4a9

SHA1
dade0e68faef54a59d68ae8cb3b8314b6947b6d7

SHA256
1b28744565eb600485d9800703f2fb635ecf4187036c12d47f86bbd1e078e06b

SHA512
0e66fd26a11507f78fb1b173fd50555dbd95b0d330e095cdd93206757c6af2780ece914a11a23cd4c840636a59470f44c6db35fa392303fb583806264e652016

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Asset Store\assets.db\000007.log

Filesize
21KB

MD5
594fb6c02a5de4eb05132ab9cd8857ba

SHA1
390bd653a0cdfd878af3fe681d7c8d8b59e8b30d

SHA256
57305a78bf36ac9c70a8440e6679cab0b9f597ebdd3451e194f9acdf1dbcaece

SHA512
925d55ee7a70e646b7d918b05d6f145b23df632179eab4fde5724161d1bc0162bec05ff605cb0f93d19e660f13bd4113e028c101a8b17025d0561b09a7a5ec8c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Asset Store\assets.db\LOG.old

Filesize
331B

MD5
5b209b2d40dcd04b8e94e24512bf799b

SHA1
d669c7eb85b1e6f3d40ab67fb6c3be00dcaf614f

SHA256
052f822ad78074e49e8ca1e15034ed42b8737c68b49678b527134fd237ff0df8

SHA512
0c9c0537258ccd93e944ad4dc3b955ab195263b08bb10ee79d02a7125ab64c1de3059d990913008d80089bba58cc799ee23030c04a592ae7a49c20cbc08d7a12

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
4KB

MD5
cc3c07c20f716731f00b15fcd94726b9

SHA1
b0d30a7bcad411b41c7fbfb0a834b95fb90f0516

SHA256
2570c5bc2dcce3834f08eedea1c7c85f518c604a0d2a5abd13932924a621a834

SHA512
d615a9cd406571e42b4cb6070153e934c829705d3f2c1947c8fe07687567b1be8d57ed1c466fd1cc9fa4ec75a637cf56849e0d60e7889bb4da3bd69639df1e5e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index~RFe57ceaa.TMP

Filesize
3KB

MD5
7961b294d5ec09e4f08c49b192eebb34

SHA1
8234dfc9922fce211d3ec8df24320fdfacfac2a9

SHA256
fcfe6853e68528d95922208bb0991d4d51a3c69dcdbce701592a8a895b33804d

SHA512
d958002a2a74a416fc032a97abd8fa156785bc214cfbbaafb164c84669b44d1089ace98c63ea8a738df767ebcdead442929bc9e12dc919ea7cc2f0690fc22399

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\DualEngine\SiteList-Enterprise.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\HubApps

Filesize
107KB

MD5
40e2018187b61af5be8caf035fb72882

SHA1
72a0b7bcb454b6b727bf90da35879b3e9a70621e

SHA256
b3efd9d75856016510dd0bdb5e22359925cee7f2056b3cde6411c55ae8ae8ee5

SHA512
a21b8f3f7d646909d6aed605ad5823269f52fda1255aa9bb4d4643e165a7b11935572bf9e0a6a324874f99c20a6f3b6d1e457c7ccd30adcac83c15febc063d12

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\Network Persistent State

Filesize
6KB

MD5
5ce602eddbb69e3c7ba0424b4509776f

SHA1
2e2b6a475ee08d3a55e951235fcd51360d633880

SHA256
38b753a1a2bfae0d2692f93387f014f788449779b78a755fbc1d1ad6070ab7b0

SHA512
2318d486ff3b565cc84e8c0ab87497a75c8f611eff334fea8f7b0b9f1ae2d4a24e722da8b3a89a7832d15e3e6dab3802d09779eefe3c4f133fefc30dc137ac6a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\Network Persistent State

Filesize
6KB

MD5
e901e816b3b5d14693f02e035c001c8b

SHA1
cb0e95d43b9aa3d03e06ee3db13f8cbd159e51d9

SHA256
b09858191f9ce2d5b7a97eb48c1846c594710e87dccddae095fffb098135fc35

SHA512
321aa51e1b37f8f87c7f56f092315ea294c48577b51008c8a5a05d57ecdc091270fc88a9b3aa0b680487d7ca66fb60df6f1d0e40a1ea7d8d40fdac7b20369c67

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\Network Persistent State

Filesize
6KB

MD5
ee088039dc2697ade3070e6e6abf6c5c

SHA1
7ee158493ae2ac3d5275059946f89a1134811c20

SHA256
740c17a7dbf0c42b75c9a22ed491c1b958f9c2379a76d7b1a3135e37ed1a7a95

SHA512
4ae5eaea915334e2fd27b248510932cb7940f9c99c31a85e145ceaddf9ead695c29837db289e91c0aeea70eb8a9c43f64ecaa5a8e8d6b65798233ffa0b42422c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\Sdch Dictionaries

Filesize
40B

MD5
20d4b8fa017a12a108c87f540836e250

SHA1
1ac617fac131262b6d3ce1f52f5907e31d5f6f00

SHA256
6028bd681dbf11a0a58dde8a0cd884115c04caa59d080ba51bde1b086ce0079d

SHA512
507b2b8a8a168ff8f2bdafa5d9d341c44501a5f17d9f63f3d43bd586bc9e8ae33221887869fa86f845b7d067cb7d2a7009efd71dda36e03a40a74fee04b86856

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
16KB

MD5
03f4b624af83b144fc7916f797795bd7

SHA1
3d807ec8fed6fc0d23c67e67d8078de9e07ccb87

SHA256
cb179c8218e2f32f1a54dffde83a655491d411669804e99144804362d21af532

SHA512
4ee1a4fbb3846f8dd5db1cb7cf73caaef46b4af71607dbd17d26eaa709571b31d99b489c966ace3df0cf3faafcbc951799b8a14448c8af442cc7db266626cc31

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
17KB

MD5
7ebdcd7575c2744374c0aa06330f677e

SHA1
bbd1e254bfee30aa714a33ae419b8549b381f803

SHA256
cf937ccad0bab3710f9b9b5c9b20f9e7410be927c1f077a6d7cfe95a49045fca

SHA512
bf193ac8170e7d4ce069b639773e425e2639aa32abc245761360c495cd542a51aa0aa4e134e12c709af99f32631ed64d161a1ecda3b5d972185db1b33d468040

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences

Filesize
36KB

MD5
8f518fe0e888f206eb0cea0f40ff2637

SHA1
d6cbdc36dc73d9c78ac25447f609ebbec03cb098

SHA256
c0af0d94850fb1cbb71469dc7e91b6c8d422231fee0d37731f9b57c30a031f05

SHA512
e13cd80707ae4f82ab68bc3dc5ce54879b12f94295d5c8b0e04f0b8fb9b464f9d826f875ea094b9e5f1f8c7bd728fb84c8bd94764e6ceb7f9c5a603228077def

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\Logs\sync_diagnostic.log

Filesize
22KB

MD5
41c1f324e145dc0492ed3871fd9ff972

SHA1
1c5b6feb06ff0824e370e792cb64ed78683417ca

SHA256
ae4040fd77e5cff63b25a0223fad820ced86765b9cda9547e84bfd66de3fef85

SHA512
f9e65fa576f112b83262ef3be0d19db33d5da7e81c08e51ec78be3017a58ce4b167570fe8e239c385ef6c7fdd025cb4645382f057da0ed2f51b562bfdb8a23fe

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Edge Cloud Config\CloudConfigLog

Filesize
900B

MD5
c3e9b18def012bdfcee83029530ba39a

SHA1
4b7b8243ebd74042ad671f3fc56b36f172741a43

SHA256
4a3e95a30ced2fbcb766e47f8ab6913e3e884f414002979e096e127e1f81c87b

SHA512
c22781338ff7491146b1178903221ebd594c97859a0f91acd17c390cf7028b0ebc91b9b2a913dbd6eed73d6e3a6897e3ceb28ad17552da6a38c4932a728e4630

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Edge Cloud Config\CloudConfigLog

Filesize
467B

MD5
5066a3239be4ceb6ca04f06ddd4367f3

SHA1
92f7a6878f8a737043b29a51255d5b4f899bce9a

SHA256
f215b71e160a0bbd1cb184dda54e3e3ab10cbf9f8bf1e9a44bf59cd120f99e35

SHA512
9a64bb24eebe4f38ed18336a758701a7678d5fd32e6f4eb07e517c052a3825dc1789b88433bf640e04b6b2a2785c5e64e5c218eadde52445b3e3117fe1fef78f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Edge Cloud Config\CloudConfigLog

Filesize
18KB

MD5
4ad3e025a2fb5d24e1a86c574c6dc3a1

SHA1
c82c299338d28e82f053e11d843b41a36b1ad688

SHA256
6859c71140ee436e6e95943293f733473304f91d77d45a01e796bad794316162

SHA512
8d16c30f3438201a58545fdd9d430725350092db199bbd99c721f3f23a9d067fa13431988af3717f9fbb76f6c8dc0c3156e964c0694713801ccdf98859775679

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Edge Cloud Config\OperationConfig

Filesize
19KB

MD5
41c1930548d8b99ff1dbb64ba7fecb3d

SHA1
d8acfeaf7c74e2b289be37687f886f50c01d4f2f

SHA256
16cee17a989167242dd7ee2755721e357dd23bcfcb61f5789cc19deafe7ca502

SHA512
a684d61324c71ac15f3a907788ab2150f61e7e2b2bf13ca08c14e9822b22336d0d45d9ff2a2a145aa7321d28d6b71408f9515131f8a1bd9f4927b105e6471b75

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
49KB

MD5
19cc576fc990f236dacdb88b90b2ed7f

SHA1
9a40e95130c58b3502f1693f5e87d056fa1b2c3d

SHA256
f77170922d8d4af3f337ee1a1b08fb9460815f203e7e0a252b46aea02451c654

SHA512
cb80c91d1e266b42ee17e258e97c3be111180b661545ca77202d011f076d4b1fa33d9095195ffd27b3129512fca127d4b117d238c919abac0bf737f4d0624f45

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
54KB

MD5
f69c78050a5c23076d2609a323ac708d

SHA1
f02a572940d591df665dedf6294f61c8843b9e51

SHA256
86c597d3b285be6c142254c8fd1c3f04dc335e7f472b1b8ab1a0cfed81c34d16

SHA512
5f5493ef7e8a356d65b0c8690a76036b1425c1bc08b927bdb4957f3a9bcd06ccb8aff7614c43106722d7a66f00ed8ff91e0411d851b397d20f7079a90c1a5b23

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
40KB

MD5
7a544e6241cc9f0516fa0cb02b7f96e0

SHA1
22e21e63e7278b267d6ed2e21918099193319dea

SHA256
7de978ad1713edbeefe9b841db759905b3514040699662ab2ffa6441d99365d7

SHA512
33dc2d7a3a8bd08083f2412bfce4455554c4aa3307843a379f881c4bb9c8b6ac14b23d5fe8639b306a155921c56eda5d1fab7a93c5b533644ea4dd0317b92deb

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
40KB

MD5
926c99fa9b8383fc66351a6231ddba49

SHA1
113a0c36bc3cd6540211c2b344be65ae3d1a3a47

SHA256
5e64c9725efb75782185101f805218df130d1ca463297f79db354002c5e87873

SHA512
fa3596a57a3d470863a293e72b8ab79841ee6f508b819fda4d8a928df2eef4bb16de8d09328a69e7b817ecbbbec82c3b9c060e10d727529a11133e67cd59eb09

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Subresource Filter\Unindexed Rules\10.34.0.57\Filtering Rules

Filesize
1.8MB

MD5
d7c9c6d2e1d9ae242d68a8316f41198c

SHA1
8d2ddccc88a10468e5bffad1bd377be82d053357

SHA256
f215127185b2ee6b01e12b6ca75d3e5c4e454598dd4aed36124ae13d59afd547

SHA512
7fd14824e9200dd99e1fd2cee402656dc0cfc3d0a60058c5eb05c68e9e65b7f0b47e550fb4d6c2b59eba204dbf3ef9e69dc9723b43a9b3ccd5412d6b77715fc3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Subresource Filter\Unindexed Rules\10.34.0.57\LICENSE

Filesize
24KB

MD5
aad9405766b20014ab3beb08b99536de

SHA1
486a379bdfeecdc99ed3f4617f35ae65babe9d47

SHA256
ed0f972d56566a96fb2f128a7b58091dfbf32dc365b975bc9318c9701677f44d

SHA512
bd9bf257306fdaff3f1e3e1fccb1f0d6a3181d436035124bd4953679d1af2cd5b4cc053b0e2ef17745ae44ae919cd8fd9663fbc0cd9ed36607e9b2472c206852

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Well Known Domains\1.2.0.0\well_known_domains.dll

Filesize
572KB

MD5
f5f5b37fd514776f455864502c852773

SHA1
8d5ed434173fd77feb33cb6cb0fad5e2388d97c6

SHA256
2778063e5ded354d852004e80492edb3a0f731b838bb27ba3a233bc937592f6e

SHA512
b0931f1cae171190e6ec8880f4d560cc7b3d5bffe1db11525bd133eaf51e2e0b3c920ea194d6c7577f95e7b4b4380f7845c82eb2898ad1f5c35d4550f93a14b6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\TokenBroker\Cache\5a2a7058cf8d1e56c20e6b19a7c48eb2386d141b.tbres

Filesize
2KB

MD5
1a9573915cb7f4a8197c32c0fe00e77e

SHA1
30e1c56f15cdc2ae8aeb27837a11ea9f626dc20a

SHA256
f8fa3268cf24febddd0ef08ee8b8aeeddd9cf29b01b55048c31c161b40633fc1

SHA512
9b9320f9c1a1d77373b19775e8dbacb0b9d084e74aa56bf0946de5f9debc2430d917fbf897e182c9c4eee7daff7a62f624f88f45c8ded2cd6ef36e4c1e68a646

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

DNS Request

DNS Response

DNS Request

DNS Response

DNS Request

DNS Request

DNS Response

DNS Request

DNS Request

DNS Response

DNS Request

DNS Request

DNS Response

DNS Request

DNS Request

DNS Response

DNS Request