Windows 10
A Microsoft operating system that runs on personal computers and tablets.
11,825 questions
This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
Hi,
We recently seem to be getting a lot of URLs are being blocked due to them not being tested/unknown by our AV solution.
The URLs are being accessed by a Svhost process and seems to be accessing two IPs with regard to downloading what appear to be update files:
http://192.33.139.163/filestreamingservice/files/511c6cff-ed08-4366-a308-56cdb4e4d3e5/pieceshash?cacheHostOrigin=dl.delivery.mp.microsoft.com |
http://192.33.139.163/filestreamingservice/files/76864380-9ee8-4f9b-907f-7ccce9c7ca57/pieceshash?cacheHostOrigin=dl.delivery.mp.microsoft.com |
http://192.33.139.163/filestreamingservice/files/986a8270-404c-4470-871d-5c4090dcaa79/pieceshash?cacheHostOrigin=dl.delivery.mp.microsoft.com |
http://192.33.139.163/filestreamingservice/files/cd62da91-72eb-4972-9fdd-41647aeede71/pieceshash?cacheHostOrigin=dl.delivery.mp.microsoft.com |
http://192.33.139.163/filestreamingservice/files/f5bfaa2a-4007-4d5f-ba81-0565d5143cd9/pieceshash?cacheHostOrigin=dl.delivery.mp.microsoft.com |
http://151.139.51.189/filestreamingservice/files/28edaebf-8019-4844-ba32-8ab019bc9391?P1=1699006332&P2=404&P3=2&P4=m3bjVB2ZaTg5QRA4G%2bPtY7RlQHFzfAnpvDeY8XFkUSlGKy8F6xhvb8CvkkCFYbJiPMTDc1O8jpBgPqT4Oeol7A%3d%3d&cacheHostOrigin=3.tlu.dl.delivery.mp.microsoft.com |
http://151.139.51.189/filestreamingservice/files/28edaebf-8019-4844-ba32-8ab019bc9391?P1=1699020744&P2=404&P3=2&P4=ne%2fn9nLy4C%2byBkXzCVi%2fdgPdWBHnyNQlvQjN1Mxq9YSzy6Angtipr72WpMbXSg%2f3173rsQ3KlyS%2b3vHea9NzPg%3d%3d&cacheHostOrigin=3.tlu.dl.delivery.mp.microsoft.com |
http://151.139.51.189/filestreamingservice/files/cd62da91-72eb-4972-9fdd-41647aeede71/pieceshash?cacheHostOrigin=dl.delivery.mp.microsoft.com |
http://151.139.51.189/filestreamingservice/files/17e72fea-05d2-4e88-b80b-75050bd568e7/pieceshash?cacheHostOrigin=dl.delivery.mp.microsoft.com |
http://151.139.51.189/filestreamingservice/files/451c9759-f3e9-4541-b42b-d151994fe7cc/pieceshash?cacheHostOrigin=dl.delivery.mp.microsoft.com |
http://151.139.51.189/filestreamingservice/files/986a8270-404c-4470-871d-5c4090dcaa79/pieceshash?cacheHostOrigin=dl.delivery.mp.microsoft.com |
I have looked at the MSFT Public IPv4 & IPv6 list and these ranges are not listed there.
Can you confirm if this is legitimate traffic? If so where can I find the documentation that lists the correct IP we should be whitelisting?