Analysis Overview
SHA256
3759744039346620e9613f40f90e8f318e5f54ad49c070e2bd23b667f7e65bf6
Threat Level: Known bad
The file Mercurial.Grabber.v1.03.rar was found to be: Known bad.
Malicious Activity Summary
Mercurial Grabber Stealer
Looks for VirtualBox Guest Additions in registry
Downloads MZ/PE file
Looks for VMWare Tools registry key
Executes dropped EXE
Checks BIOS information in registry
Reads user/profile data of web browsers
Maps connected drives based on registry
Looks up external IP address via web service
Legitimate hosting services abused for malware hosting/C2
Drops file in Program Files directory
Program crash
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious behavior: GetForegroundWindowSpam
Enumerates system info in registry
Suspicious behavior: EnumeratesProcesses
Checks SCSI registry key(s)
Suspicious use of SetWindowsHookEx
Suspicious use of SendNotifyMessage
Modifies registry class
Suspicious use of WriteProcessMemory
Checks processor information in registry
MITRE ATT&CK
Enterprise Matrix V6
Analysis: static1
Detonation Overview
Reported
2022-10-18 08:55
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2022-10-18 08:55
Reported
2022-10-18 09:05
Platform
win10v2004-20220812-en
Max time kernel
598s
Max time network
603s
Command Line
Signatures
Mercurial Grabber Stealer
Looks for VirtualBox Guest Additions in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\SOFTWARE\Oracle\VirtualBox Guest Additions | C:\Users\Admin\Downloads\png-handler.exe | N/A |
Downloads MZ/PE file
Executes dropped EXE
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\Downloads\Mercurial.exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\png-handler.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\ChromeRecovery\scoped_dir8076_1016753805\ChromeRecovery.exe | N/A |
Looks for VMWare Tools registry key
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\SOFTWARE\VMWare, Inc.\VMWare Tools | C:\Users\Admin\Downloads\png-handler.exe | N/A |
Checks BIOS information in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\VideoBiosVersion | C:\Users\Admin\Downloads\png-handler.exe | N/A |
Reads user/profile data of web browsers
Legitimate hosting services abused for malware hosting/C2
Looks up external IP address via web service
| Description | Indicator | Process | Target |
| N/A | ip4.seeip.org | N/A | N/A |
| N/A | ip4.seeip.org | N/A | N/A |
| N/A | ip-api.com | N/A | N/A |
Maps connected drives based on registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Services\Disk\Enum | C:\Users\Admin\Downloads\png-handler.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Services\disk\Enum\0 | C:\Users\Admin\Downloads\png-handler.exe | N/A |
Drops file in Program Files directory
| Description | Indicator | Process | Target |
| File opened for modification | C:\Program Files\Google\Chrome\Application\89.0.4389.114\readme.txt | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\89.0.4389.114\Mercurial.exe | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\ChromeRecovery\scoped_dir8076_1016753805\ChromeRecovery.exe | C:\Program Files\Google\Chrome\Application\89.0.4389.114\elevation_service.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\ChromeRecovery\scoped_dir8076_1016753805\manifest.json | C:\Program Files\Google\Chrome\Application\89.0.4389.114\elevation_service.exe | N/A |
| File created | C:\Program Files\Google\Chrome\ChromeRecovery\scoped_dir8076_1016753805\ChromeRecoveryCRX.crx | C:\Program Files\Google\Chrome\Application\89.0.4389.114\elevation_service.exe | N/A |
| File created | C:\Program Files\Google\Chrome\ChromeRecovery\scoped_dir8076_1016753805\ChromeRecovery.exe | C:\Program Files\Google\Chrome\Application\89.0.4389.114\elevation_service.exe | N/A |
| File created | C:\Program Files\Google\Chrome\ChromeRecovery\scoped_dir8076_1016753805\manifest.json | C:\Program Files\Google\Chrome\Application\89.0.4389.114\elevation_service.exe | N/A |
| File created | C:\Program Files\Google\Chrome\ChromeRecovery\scoped_dir8076_1016753805\_metadata\verified_contents.json | C:\Program Files\Google\Chrome\Application\89.0.4389.114\elevation_service.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\ChromeRecovery\scoped_dir8076_1016753805\_metadata\verified_contents.json | C:\Program Files\Google\Chrome\Application\89.0.4389.114\elevation_service.exe | N/A |
Program crash
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\system32\WerFault.exe | |
| N/A | N/A | C:\Windows\SysWOW64\WerFault.exe | C:\Users\Admin\AppData\Local\Temp\Mercurial.exe |
| N/A | N/A | C:\Windows\SysWOW64\WerFault.exe | C:\Users\Admin\AppData\Local\Temp\Mercurial.exe |
| N/A | N/A | C:\Windows\SysWOW64\WerFault.exe | C:\Users\Admin\Downloads\Mercurial.exe |
| N/A | N/A | C:\Windows\SysWOW64\WerFault.exe | C:\Users\Admin\Downloads\Mercurial.exe |
Checks SCSI registry key(s)
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_VMware_&Prod_VMware_Virtual_S | C:\Users\Admin\Downloads\png-handler.exe | N/A |
Checks processor information in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\Hardware\Description\System\CentralProcessor\0 | C:\Users\Admin\Downloads\png-handler.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\Downloads\png-handler.exe | N/A |
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\SystemManufacturer | C:\Users\Admin\Downloads\png-handler.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\SystemProductName | C:\Users\Admin\Downloads\png-handler.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\Logical Unit Id 0 | C:\Users\Admin\Downloads\png-handler.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\SystemBiosInformation | C:\Users\Admin\Downloads\png-handler.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-2629973501-4017243118-3254762364-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-2629973501-4017243118-3254762364-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\Sort = 000000000000000000000000000000000100000030f125b7ef471a10a5f102608c9eebac0e000000ffffffff | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2629973501-4017243118-3254762364-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\GroupByDirection = "4294967295" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2629973501-4017243118-3254762364-1000_Classes\Local Settings | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2629973501-4017243118-3254762364-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\GroupView = "4294967295" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2629973501-4017243118-3254762364-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\FFlags = "1092616193" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2629973501-4017243118-3254762364-1000_Classes\Local Settings | C:\Windows\system32\OpenWith.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2629973501-4017243118-3254762364-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\FFlags = "1" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2629973501-4017243118-3254762364-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2 | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2629973501-4017243118-3254762364-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\Mode = "4" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2629973501-4017243118-3254762364-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\GroupByKey:FMTID = "{B725F130-47EF-101A-A5F1-02608C9EEBAC}" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2629973501-4017243118-3254762364-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\Shell\SniffedFolderType = "Downloads" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{4336a54d-038b-4685-ab02-99bb52d3fb8b}\Instance\ | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2629973501-4017243118-3254762364-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\GroupView = "4294967295" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2629973501-4017243118-3254762364-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\FFlags = "1" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2629973501-4017243118-3254762364-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\IconSize = "48" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2629973501-4017243118-3254762364-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\Shell\SniffedFolderType = "Downloads" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2629973501-4017243118-3254762364-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2629973501-4017243118-3254762364-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\FFlags = "1" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2629973501-4017243118-3254762364-1000_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6}\Instance\ | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2629973501-4017243118-3254762364-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1 | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{4336a54d-038b-4685-ab02-99bb52d3fb8b}\Instance\ | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2629973501-4017243118-3254762364-1000_Classes\Local Settings | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2629973501-4017243118-3254762364-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4 | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2629973501-4017243118-3254762364-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\FFlags = "1092616193" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2629973501-4017243118-3254762364-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\Version = "1" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2629973501-4017243118-3254762364-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2629973501-4017243118-3254762364-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\Mode = "4" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2629973501-4017243118-3254762364-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\GroupByDirection = "4294967295" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2629973501-4017243118-3254762364-1000_Classes\Local Settings | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2629973501-4017243118-3254762364-1000_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6}\Instance\ | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2629973501-4017243118-3254762364-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1 | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2629973501-4017243118-3254762364-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\2 | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2629973501-4017243118-3254762364-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\0 | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2629973501-4017243118-3254762364-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3} | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2629973501-4017243118-3254762364-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\IconSize = "16" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-2629973501-4017243118-3254762364-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\ColInfo = 00000000000000000000000000000000fddfdffd100000000000000000000000040000001800000030f125b7ef471a10a5f102608c9eebac0a0000001001000030f125b7ef471a10a5f102608c9eebac0e0000009000000030f125b7ef471a10a5f102608c9eebac040000007800000030f125b7ef471a10a5f102608c9eebac0c00000050000000 | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-2629973501-4017243118-3254762364-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\MRUListEx = 010000000200000000000000ffffffff | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2629973501-4017243118-3254762364-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259} | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2629973501-4017243118-3254762364-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\Shell\SniffedFolderType = "Downloads" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2629973501-4017243118-3254762364-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\LogicalViewMode = "1" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-2629973501-4017243118-3254762364-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\MRUListEx = 020000000100000000000000ffffffff | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-2629973501-4017243118-3254762364-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\MRUListEx = 010000000200000000000000ffffffff | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2629973501-4017243118-3254762364-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\FFlags = "1" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2629973501-4017243118-3254762364-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259} | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2629973501-4017243118-3254762364-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2629973501-4017243118-3254762364-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{4336a54d-038b-4685-ab02-99bb52d3fb8b}\Instance\ | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2629973501-4017243118-3254762364-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2629973501-4017243118-3254762364-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\Mode = "1" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-2629973501-4017243118-3254762364-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\Sort = 000000000000000000000000000000000100000030f125b7ef471a10a5f102608c9eebac0a00000001000000 | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2629973501-4017243118-3254762364-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\GroupByKey:PID = "14" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2629973501-4017243118-3254762364-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\FFlags = "1092616193" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-2629973501-4017243118-3254762364-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\NodeSlots = 02020202 | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-2629973501-4017243118-3254762364-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\MRUListEx = 010000000200000000000000ffffffff | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2629973501-4017243118-3254762364-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\GroupByKey:PID = "14" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2629973501-4017243118-3254762364-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2629973501-4017243118-3254762364-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\1\0 | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-2629973501-4017243118-3254762364-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\2 = 3a001f44471a0359723fa74489c55595fe6b30ee260001002600efbe1000000079b8e6f37eaed8011253ccde86aed801b9224c8ce0e2d80114000000 | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-2629973501-4017243118-3254762364-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\2\MRUListEx = ffffffff | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2629973501-4017243118-3254762364-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\LogicalViewMode = "3" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2629973501-4017243118-3254762364-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\FFlags = "1092616193" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2629973501-4017243118-3254762364-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\GroupView = "0" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2629973501-4017243118-3254762364-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\LogicalViewMode = "1" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: GetForegroundWindowSpam
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\system32\OpenWith.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of AdjustPrivilegeToken
| Description | Indicator | Process | Target |
| Token: SeDebugPrivilege | N/A | C:\Users\Admin\AppData\Local\Temp\Mercurial.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Users\Admin\Downloads\Mercurial.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Users\Admin\Downloads\png-handler.exe | N/A |
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of SetWindowsHookEx
Suspicious use of WriteProcessMemory
Processes
C:\Users\Admin\AppData\Local\Temp\Mercurial.exe
"C:\Users\Admin\AppData\Local\Temp\Mercurial.exe"
C:\Windows\system32\WerFault.exe
C:\Windows\system32\WerFault.exe -pss -s 424 -p 3476 -ip 3476
C:\Windows\system32\WerFault.exe
C:\Windows\system32\WerFault.exe -u -p 3476 -s 780
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=89.0.4389.114 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7fff3c234f50,0x7fff3c234f60,0x7fff3c234f70
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1700 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --lang=en-US --service-sandbox-type=network --mojo-platform-channel-handle=2016 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2292 /prefetch:8
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2836 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3032 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3668 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=4508 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=4648 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=4636 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=4936 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4952 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=5160 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=5300 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=5328 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --extension-process --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5392 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4824 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4916 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5480 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2928 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3680 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5708 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5944 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4036 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6260 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5936 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5228 /prefetch:1
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 436 -p 2220 -ip 2220
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 2220 -s 1568
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=31 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6444 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=32 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5844 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=30 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6260 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=29 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6256 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6004 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=35 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6960 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=37 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7284 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=36 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7152 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=34 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6952 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=33 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5776 /prefetch:1
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 384 -p 2220 -ip 2220
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 2220 -s 1568
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=38 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7604 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=39 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7840 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=40 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7964 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=41 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7788 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=42 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7716 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=43 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8556 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=44 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8492 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=45 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8616 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=46 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8620 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=47 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8948 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=48 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9256 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=49 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7936 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=50 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8964 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=51 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9116 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=52 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9624 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=53 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9768 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=54 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9432 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=55 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10052 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=57 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10160 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=56 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10152 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=58 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10000 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=59 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10592 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=61 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10596 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=60 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10408 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=62 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10936 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=63 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10972 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=64 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10980 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=65 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11172 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=66 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11444 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=67 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11804 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=69 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12076 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=68 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11948 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=70 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11972 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=71 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9544 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=72 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12292 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=73 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12456 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=9628 /prefetch:8
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=9064 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=212 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=9024 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=78 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4456 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=79 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10244 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=1184 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=11976 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=82 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3800 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=9924 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=84 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10164 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=85 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=972 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=8456 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=3784 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=88 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3856 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2128 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.FileUtilService --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=10560 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=91 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9688 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=92 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8456 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=93 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9696 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=94 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9376 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=11048 /prefetch:8
C:\Windows\system32\OpenWith.exe
C:\Windows\system32\OpenWith.exe -Embedding
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3328 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=97 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3548 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=98 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9480 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=99 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3336 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=100 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9928 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=101 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12720 /prefetch:1
C:\Windows\system32\OpenWith.exe
C:\Windows\system32\OpenWith.exe -Embedding
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=9940 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=5140 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=SAAAAAAAAADoAAAwAAAAAAAAAAAAAAAAAABgAAAQAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=8564 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=10668 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=9000 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=8188 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=107 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1592 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=108 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9772 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=109 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10260 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3220 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=11100 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=112 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10652 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=10252 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=11428 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=12184 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=116 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2216 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=11692 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=2424 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=11724 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=120 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8652 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=10816 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=9808 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=12096 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=11060 /prefetch:8
C:\Users\Admin\Downloads\Mercurial.exe
"C:\Users\Admin\Downloads\Mercurial.exe"
C:\Windows\Microsoft.NET\Framework\v4.0.30319\csc.exe
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\csc.exe" /noconfig /fullpaths @"C:\Users\Admin\AppData\Local\Temp\pz25rzrz\pz25rzrz.cmdline"
C:\Windows\Microsoft.NET\Framework\v4.0.30319\cvtres.exe
C:\Windows\Microsoft.NET\Framework\v4.0.30319\cvtres.exe /NOLOGO /READONLY /MACHINE:IX86 "/OUT:C:\Users\Admin\AppData\Local\Temp\RES3692.tmp" "c:\Users\Admin\Downloads\CSCE4A685892F5D49918A3764DEA0751B4E.TMP"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=125 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11252 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=126 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10628 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=10252 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=9492 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=9528 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=130 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2660 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=131 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10948 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=132 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11596 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=7936 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=134 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9076 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=135 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9436 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=136 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11736 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=137 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8572 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=138 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9292 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=139 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12324 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=140 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10472 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=141 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7880 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=142 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11420 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=143 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12880 /prefetch:1
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 404 -p 6400 -ip 6400
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 6400 -s 3012
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=145 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7188 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=144 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8600 /prefetch:1
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 540 -p 6400 -ip 6400
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 6400 -s 3184
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=146 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11344 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=10016 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=148 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7944 /prefetch:1
C:\Users\Admin\Downloads\png-handler.exe
"C:\Users\Admin\Downloads\png-handler.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=149 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12848 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=150 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8128 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=151 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12888 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=152 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9788 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=153 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12324 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=154 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9280 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=155 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12760 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=156 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7236 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=157 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7216 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=158 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12924 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=159 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9300 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=160 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9976 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=161 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9052 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=11792 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=163 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11080 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=9036 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=165 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8992 /prefetch:1
C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x4b0 0x478
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=166 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12872 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=167 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9200 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=168 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9196 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=169 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9528 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=13020 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=8228 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=172 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=13000 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=173 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=13412 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=174 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=13392 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=175 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=13708 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=176 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=13652 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=177 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9168 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=178 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=13224 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=179 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11244 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=180 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12400 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=12328 /prefetch:8
C:\Program Files\Google\Chrome\Application\89.0.4389.114\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\89.0.4389.114\elevation_service.exe"
C:\Program Files\Google\Chrome\ChromeRecovery\scoped_dir8076_1016753805\ChromeRecovery.exe
"C:\Program Files\Google\Chrome\ChromeRecovery\scoped_dir8076_1016753805\ChromeRecovery.exe" --appguid={8A69D345-D564-463c-AFF1-A69D9E530F96} --browser-version=89.0.4389.114 --sessionid={a6ff787a-4cf9-443f-bfed-69af9bdc373d} --system
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=13284 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=183 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=13000 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=184 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=13224 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=14060 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=186 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=14140 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=10416 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=13992 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=189 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=13180 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=14164 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=191 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8436 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=192 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=13900 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=13276 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=194 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=13548 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=195 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=13616 /prefetch:1
Network
| Country | Destination | Domain | Proto |
| US | 93.184.220.29:80 | tcp | |
| US | 93.184.220.29:80 | tcp | |
| US | 8.253.225.254:80 | tcp | |
| US | 8.253.225.254:80 | tcp | |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| US | 8.8.8.8:53 | clients2.google.com | udp |
| NL | 172.217.168.238:443 | clients2.google.com | tcp |
| NL | 142.251.36.45:443 | accounts.google.com | tcp |
| US | 8.8.8.8:53 | edgedl.me.gvt1.com | udp |
| US | 34.104.35.123:80 | edgedl.me.gvt1.com | tcp |
| US | 8.8.8.8:53 | apis.google.com | udp |
| NL | 216.58.208.110:443 | apis.google.com | tcp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.4.4:443 | dns.google | tcp |
| US | 8.8.4.4:443 | dns.google | tcp |
| US | 8.8.4.4:443 | dns.google | tcp |
| US | 8.8.4.4:443 | dns.google | udp |
| NL | 216.58.208.99:443 | ssl.gstatic.com | tcp |
| US | 104.20.67.143:80 | tcp | |
| US | 104.20.67.143:80 | pastebin.com | tcp |
| US | 104.20.67.143:443 | pastebin.com | tcp |
| US | 172.67.21.227:443 | services.vlitag.com | tcp |
| US | 172.67.21.227:443 | services.vlitag.com | tcp |
| US | 216.239.32.36:443 | region1.google-analytics.com | tcp |
| US | 104.18.29.213:443 | adsystem.pocpoc.io | tcp |
| NL | 18.65.33.229:443 | c.amazon-adsystem.com | tcp |
| NL | 172.217.168.194:443 | www.googletagservices.com | tcp |
| NL | 216.58.208.98:443 | securepubads.g.doubleclick.net | tcp |
| NL | 216.58.208.98:443 | securepubads.g.doubleclick.net | tcp |
| NL | 18.65.33.229:443 | c.amazon-adsystem.com | tcp |
| US | 172.67.75.241:443 | script.4dex.io | tcp |
| US | 151.101.1.229:443 | cdn.jsdelivr.net | tcp |
| NL | 72.251.249.13:443 | ap.lijit.com | tcp |
| US | 69.166.1.8:443 | apex.go.sonobi.com | tcp |
| DE | 54.93.145.1:443 | tcp | |
| US | 34.107.148.139:443 | prebid.media.net | tcp |
| US | 145.40.88.5:443 | prebid.a-mo.net | tcp |
| US | 185.184.10.30:443 | prebid-us.creativecdn.com | tcp |
| NL | 185.89.210.212:443 | tcp | |
| NL | 185.89.210.212:443 | tcp | |
| US | 104.22.68.131:443 | prebid.smilewanted.com | tcp |
| NL | 80.67.93.123:443 | a.teads.tv | tcp |
| US | 172.98.26.245:443 | pbjs.e-planning.net | tcp |
| FR | 185.86.137.17:443 | prg-apac.smartadserver.com | tcp |
| US | 74.118.184.142:443 | tcp | |
| US | 74.118.184.142:443 | tcp | |
| US | 74.118.184.142:443 | tcp | |
| US | 34.236.43.246:443 | tcp | |
| US | 34.236.43.246:443 | tcp | |
| US | 34.236.43.246:443 | tcp | |
| US | 34.236.43.246:443 | tcp | |
| US | 172.67.42.201:443 | useast.quantumdex.io | tcp |
| US | 145.40.88.5:443 | tcp | |
| US | 172.98.26.245:443 | tcp | |
| US | 185.184.10.30:443 | tcp | |
| NL | 185.89.210.212:443 | tcp | |
| US | 69.166.1.8:443 | tcp | |
| DE | 54.93.145.1:443 | tcp | |
| US | 74.118.184.142:443 | tcp | |
| NL | 72.251.249.13:443 | ap.lijit.com | tcp |
| NL | 185.89.210.212:443 | tcp | |
| NL | 65.9.78.75:443 | aax-dtb-cf.amazon-adsystem.com | tcp |
| US | 104.21.82.134:443 | tcp | |
| US | 104.21.82.134:443 | tcp | |
| US | 104.21.82.134:443 | tcp | |
| US | 104.21.82.134:443 | tcp | |
| US | 104.21.82.134:443 | tcp | |
| US | 34.107.148.139:443 | tcp | |
| US | 172.67.42.201:443 | tcp | |
| NL | 65.9.78.75:443 | tcp | |
| US | 104.21.82.134:443 | tcp | |
| NL | 65.9.78.75:443 | tcp | |
| US | 8.8.8.8:53 | apps.identrust.com | udp |
| NL | 96.16.53.139:80 | apps.identrust.com | tcp |
| NL | 96.16.53.139:80 | apps.identrust.com | tcp |
| US | 172.67.75.241:443 | script.4dex.io | tcp |
| IE | 52.95.118.179:443 | tcp | |
| US | 74.118.184.142:443 | tcp | |
| US | 74.118.184.142:443 | tcp | |
| US | 74.118.184.142:443 | tcp | |
| US | 74.118.184.142:443 | tcp | |
| NL | 142.251.36.34:443 | adservice.google.nl | tcp |
| NL | 216.58.208.98:443 | udp | |
| NL | 142.250.179.161:443 | ca6454b2796d86d18c63cde321c322a3.safeframe.googlesyndication.com | tcp |
| DE | 51.89.9.254:443 | onetag-sys.com | tcp |
| US | 64.202.112.63:443 | tcp | |
| DE | 18.156.148.146:443 | tcp | |
| NL | 65.9.86.31:443 | s.ad.smaato.net | tcp |
| US | 35.211.178.172:443 | tcp | |
| NL | 142.251.36.1:443 | tpc.googlesyndication.com | tcp |
| US | 35.211.178.172:443 | tcp | |
| US | 18.235.137.77:443 | tcp | |
| US | 151.101.1.229:443 | cdn.jsdelivr.net | tcp |
| NL | 172.217.168.194:443 | udp | |
| NL | 46.228.164.11:443 | ad.turn.com | tcp |
| NL | 142.250.179.161:443 | udp | |
| US | 13.248.245.213:443 | tcp | |
| NL | 23.222.19.168:443 | stags.bluekai.com | tcp |
| IE | 52.95.118.179:443 | tcp | |
| GB | 66.155.71.25:443 | tcp | |
| NL | 193.0.160.128:443 | tcp | |
| NL | 23.2.175.14:443 | tcp | |
| US | 198.148.27.140:443 | bh.contextweb.com | tcp |
| NL | 142.250.179.162:443 | cm.g.doubleclick.net | tcp |
| NL | 23.2.175.14:443 | tcp | |
| NL | 216.52.2.19:443 | ce.lijit.com | tcp |
| US | 3.213.189.24:443 | tcp | |
| NL | 142.251.36.1:443 | udp | |
| US | 107.178.246.49:443 | pixel.tapad.com | tcp |
| NL | 178.250.2.146:443 | gum.criteo.com | tcp |
| DE | 141.95.33.111:443 | id5-sync.com | tcp |
| US | 188.114.96.3:443 | id.a-mx.com | tcp |
| US | 151.101.1.108:443 | tcp | |
| NL | 104.123.40.23:443 | contextual.media.net | tcp |
| NL | 178.250.2.146:443 | gum.criteo.com | tcp |
| US | 172.98.26.246:443 | tcp | |
| US | 172.98.26.246:443 | u-iad04.e-planning.net | tcp |
| US | 52.223.40.198:443 | tcp | |
| NL | 142.250.179.162:443 | udp | |
| US | 13.107.42.14:443 | tcp | |
| IE | 63.32.23.1:443 | tcp | |
| US | 209.54.182.161:443 | tcp | |
| US | 204.79.197.200:443 | tcp | |
| US | 64.202.112.63:443 | tcp | |
| US | 35.211.178.172:443 | tcp | |
| DE | 18.156.148.146:443 | tcp | |
| DE | 3.126.56.137:443 | ups.analytics.yahoo.com | tcp |
| LU | 188.42.191.196:443 | ads.betweendigital.com | tcp |
| US | 52.203.70.89:443 | tcp | |
| NL | 104.123.44.23:443 | hbx.media.net | tcp |
| DK | 37.157.4.23:443 | tcp | |
| US | 34.239.109.150:443 | ads.avct.cloud | tcp |
| NL | 72.251.249.13:443 | ap.lijit.com | tcp |
| US | 64.202.112.63:443 | tcp | |
| US | 104.18.19.126:443 | ssum-sec.casalemedia.com | tcp |
| NL | 104.80.224.197:443 | tcp | |
| NL | 72.251.249.13:443 | ap.lijit.com | tcp |
| NL | 23.2.211.147:443 | secure-assets.rubiconproject.com | tcp |
| US | 199.127.204.142:443 | tcp | |
| US | 209.54.182.161:443 | tcp | |
| US | 35.211.178.172:443 | tcp | |
| NL | 72.251.249.13:443 | ap.lijit.com | tcp |
| NL | 72.251.249.13:443 | ap.lijit.com | tcp |
| US | 64.202.112.63:443 | tcp | |
| NL | 72.251.249.13:443 | ap.lijit.com | tcp |
| US | 209.54.182.161:443 | tcp | |
| NL | 104.126.125.209:443 | eus.rubiconproject.com | tcp |
| NL | 198.47.127.19:443 | tcp | |
| US | 64.202.112.63:443 | tcp | |
| US | 209.54.182.161:443 | tcp | |
| US | 209.54.182.161:443 | tcp | |
| IE | 54.76.210.146:443 | tcp | |
| US | 52.0.100.122:443 | tcp | |
| CA | 185.80.39.216:443 | dsum-sec.casalemedia.com | tcp |
| CA | 185.80.39.216:443 | dsum-sec.casalemedia.com | tcp |
| US | 209.54.182.161:443 | tcp | |
| US | 35.211.178.172:443 | tcp | |
| NL | 89.207.16.201:443 | tcp | |
| NL | 35.204.74.118:443 | tcp | |
| CA | 185.80.39.216:443 | dsum-sec.casalemedia.com | tcp |
| DE | 37.252.173.215:443 | tcp | |
| NL | 185.29.134.244:443 | tcp | |
| US | 169.197.150.7:443 | match.deepintent.com | tcp |
| US | 52.0.22.83:443 | tcp | |
| US | 141.226.124.48:443 | tcp | |
| US | 209.54.182.161:443 | tcp | |
| CA | 185.80.39.216:443 | dsum-sec.casalemedia.com | tcp |
| CA | 185.80.39.216:443 | dsum-sec.casalemedia.com | tcp |
| US | 64.202.112.63:443 | tcp | |
| US | 141.226.124.48:443 | tcp | |
| SE | 213.155.156.169:443 | d5p.de17a.com | tcp |
| CA | 185.80.39.216:443 | dsum-sec.casalemedia.com | tcp |
| US | 151.101.2.49:443 | tcp | |
| US | 209.54.182.161:443 | tcp | |
| US | 104.18.24.173:443 | a.tribalfusion.com | tcp |
| CA | 185.80.39.216:443 | dsum.casalemedia.com | tcp |
| CA | 185.80.39.216:443 | dsum.casalemedia.com | tcp |
| US | 3.219.134.214:443 | tcp | |
| FR | 178.250.0.163:443 | dis.criteo.com | tcp |
| GB | 185.64.190.80:443 | tcp | |
| US | 69.166.1.10:443 | tcp | |
| US | 69.166.1.10:443 | tcp | |
| FR | 141.94.170.77:443 | pixel.onaudience.com | tcp |
| US | 74.119.119.150:443 | widget.us.criteo.com | tcp |
| NL | 185.29.134.244:443 | tcp | |
| US | 52.0.22.83:443 | tcp | |
| US | 192.184.69.167:443 | tcp | |
| DE | 3.70.4.188:443 | tcp | |
| DE | 146.0.227.110:443 | tcp | |
| CA | 185.80.39.216:443 | dsum.casalemedia.com | tcp |
| US | 69.166.1.10:443 | tcp | |
| NL | 185.64.189.110:443 | tcp | |
| NL | 185.64.189.110:443 | tcp | |
| NL | 185.64.189.110:443 | tcp | |
| NL | 198.47.127.20:443 | tcp | |
| US | 35.211.178.172:443 | tcp | |
| US | 18.214.54.215:443 | tcp | |
| CA | 185.80.39.216:443 | dsum.casalemedia.com | tcp |
| NL | 96.16.53.164:443 | ads.stickyadstv.com | tcp |
| NL | 213.19.162.90:443 | tcp | |
| NL | 185.184.8.90:443 | creativecdn.com | tcp |
| US | 104.22.54.206:443 | cdn.connectad.io | tcp |
| FR | 185.86.139.57:443 | sync.smartadserver.com | tcp |
| US | 52.23.113.215:443 | tcp | |
| NL | 213.19.162.90:443 | tcp | |
| US | 69.173.151.100:443 | tcp | |
| NL | 216.52.2.19:443 | tcp | |
| GB | 185.64.190.81:443 | tcp | |
| US | 54.243.140.171:443 | tcp | |
| DE | 85.114.159.93:443 | tcp | |
| DK | 77.243.60.138:443 | uipglob.semasio.net | tcp |
| US | 35.201.96.126:443 | visitor.fiftyt.com | tcp |
| US | 52.23.73.66:443 | tcp | |
| US | 104.22.24.87:443 | mwzeom.zeotap.com | tcp |
| NL | 89.207.16.140:443 | tcp | |
| US | 104.19.173.108:443 | csync.loopme.me | tcp |
| DE | 162.55.120.196:443 | tcp | |
| US | 150.136.26.45:443 | sync.technoratimedia.com | tcp |
| SI | 195.5.165.20:443 | tcp | |
| NL | 173.231.181.122:443 | tcp | |
| US | 199.127.204.171:443 | tcp | |
| US | 104.18.19.126:443 | ssum.casalemedia.com | tcp |
| US | 34.111.129.221:443 | cr.frontend.weborama.fr | tcp |
| GB | 66.155.71.25:443 | tcp | |
| FR | 51.68.39.188:443 | dsp.nrich.ai | tcp |
| NL | 159.65.197.210:443 | match.adsby.bidtheatre.com | tcp |
| US | 34.102.253.54:443 | ads.playground.xyz | tcp |
| US | 50.57.31.206:443 | tcp | |
| US | 52.6.15.8:443 | tcp | |
| NL | 72.251.249.13:443 | ap.lijit.com | tcp |
| US | 34.231.236.133:443 | tcp | |
| US | 35.244.159.8:443 | u.openx.net | tcp |
| DK | 37.157.6.245:443 | tcp | |
| NL | 185.64.189.229:443 | tcp | |
| SI | 195.5.165.20:443 | tcp | |
| US | 199.127.204.171:443 | tcp | |
| FR | 141.94.242.204:443 | green.erne.co | tcp |
| US | 151.101.1.44:443 | trc.taboola.com | tcp |
| DE | 3.127.41.215:443 | tcp | |
| US | 74.222.140.158:443 | tcp | |
| DE | 35.157.207.1:443 | tcp | |
| DE | 37.252.173.215:443 | tcp | |
| DE | 3.127.41.215:443 | tcp | |
| US | 34.111.151.213:443 | dmp.brand-display.com | tcp |
| IE | 54.228.48.165:443 | tcp | |
| FR | 185.86.137.133:443 | rtb-csync.smartadserver.com | tcp |
| CA | 185.80.39.216:443 | dsum-sec.casalemedia.com | tcp |
| CA | 185.80.39.216:443 | dsum-sec.casalemedia.com | tcp |
| CA | 185.80.39.216:443 | r.casalemedia.com | tcp |
| FR | 141.94.171.215:443 | pixel-eu.onaudience.com | tcp |
| CA | 185.80.39.216:443 | dsum-sec.casalemedia.com | tcp |
| FR | 141.94.171.215:443 | tcp | |
| NL | 104.126.124.21:443 | tags.bluekai.com | tcp |
| CA | 185.80.39.216:443 | tcp | |
| CA | 185.80.39.216:443 | dsum.casalemedia.com | tcp |
| US | 204.79.197.200:443 | tcp | |
| US | 204.79.197.200:443 | tcp | |
| US | 209.197.3.8:80 | tcp | |
| US | 8.8.8.8:53 | teams-ring.msedge.net | udp |
| US | 52.113.196.254:443 | teams-ring.msedge.net | tcp |
| US | 8.8.8.8:53 | fp-afd-nocache.azureedge.net | udp |
| US | 13.107.219.67:443 | fp-afd-nocache.azureedge.net | tcp |
| US | 8.8.8.8:53 | t-s1-ring.msedge.net | udp |
| US | 13.107.228.254:443 | t-s1-ring.msedge.net | tcp |
| US | 74.118.184.142:443 | tcp | |
| US | 69.166.1.8:443 | apex.go.sonobi.com | tcp |
| US | 172.98.26.245:443 | pbjs.e-planning.net | tcp |
| NL | 72.251.249.13:443 | ap.lijit.com | tcp |
| NL | 185.89.210.212:443 | tcp | |
| US | 34.236.43.246:443 | tcp | |
| FR | 185.86.137.17:443 | prg-apac.smartadserver.com | tcp |
| US | 8.8.4.4:443 | dns.google | udp |
| NL | 142.250.179.163:443 | update.googleapis.com | tcp |
| US | 8.8.8.8:53 | edgedl.me.gvt1.com | udp |
| US | 34.104.35.123:80 | edgedl.me.gvt1.com | tcp |
| US | 8.8.4.4:443 | dns.google | udp |
| US | 35.201.124.40:443 | tcp | |
| NL | 172.217.168.227:443 | beacons.gvt2.com | tcp |
| US | 104.20.67.143:80 | tcp | |
| US | 216.239.32.36:443 | udp | |
| NL | 142.250.179.163:443 | udp | |
| US | 140.82.114.4:443 | tcp | |
| US | 140.82.114.4:443 | github.com | tcp |
| US | 185.199.108.133:443 | objects.githubusercontent.com | tcp |
| US | 8.8.4.4:443 | dns.google | tcp |
| US | 8.8.8.8:53 | sb-ssl.google.com | udp |
| NL | 142.251.36.14:443 | sb-ssl.google.com | tcp |
| US | 104.20.67.143:80 | tcp | |
| NL | 172.217.168.194:443 | udp | |
| NL | 142.250.179.130:443 | udp | |
| NL | 185.89.210.212:443 | tcp | |
| US | 69.166.1.8:443 | apex.go.sonobi.com | tcp |
| US | 172.98.26.245:443 | pbjs.e-planning.net | tcp |
| NL | 72.251.249.13:443 | ap.lijit.com | tcp |
| NL | 185.89.210.212:443 | tcp | |
| FR | 185.86.137.17:443 | prg-apac.smartadserver.com | tcp |
| US | 184.72.104.46:443 | tcp | |
| US | 74.118.184.143:443 | tcp | |
| US | 74.118.184.143:443 | tcp | |
| US | 74.118.184.143:443 | tcp | |
| DE | 51.89.9.254:443 | onetag-sys.com | tcp |
| US | 8.8.4.4:443 | dns.google | udp |
| US | 3.228.253.110:443 | tcp | |
| US | 3.230.15.144:443 | tcp | |
| NL | 142.250.179.170:443 | safebrowsing.googleapis.com | tcp |
| NL | 142.250.179.130:443 | udp | |
| US | 8.8.8.8:53 | secure.adnxs.com | udp |
| DE | 37.252.172.123:443 | secure.adnxs.com | tcp |
| GB | 66.155.71.25:443 | tcp | |
| US | 52.223.40.198:443 | tcp | |
| NL | 142.251.36.1:443 | udp | |
| NL | 142.250.179.142:443 | safebrowsing.google.com | tcp |
| NL | 178.250.2.146:443 | gum.criteo.com | tcp |
| NL | 178.250.2.146:443 | gum.criteo.com | tcp |
| NL | 46.228.164.11:443 | ad.turn.com | tcp |
| US | 54.225.184.91:443 | tcp | |
| NL | 142.250.179.170:443 | udp | |
| US | 3.230.15.144:443 | tcp | |
| US | 199.127.204.142:443 | tcp | |
| US | 192.184.69.252:443 | tcp | |
| AU | 3.105.144.226:443 | tcp | |
| US | 3.226.18.175:443 | tcp | |
| US | 34.237.81.207:443 | tcp | |
| AU | 3.105.144.226:443 | tcp | |
| US | 3.218.231.183:443 | tcp | |
| DE | 52.59.108.23:443 | tcp | |
| FR | 185.86.139.114:443 | sync.smartadserver.com | tcp |
| NL | 185.94.180.126:443 | tcp | |
| US | 64.202.112.63:443 | tcp | |
| DE | 3.126.56.137:443 | ups.analytics.yahoo.com | tcp |
| DE | 18.158.247.155:443 | tcp | |
| US | 192.132.33.46:443 | tcp | |
| US | 52.89.174.73:443 | tcp | |
| US | 52.89.174.73:443 | tcp | |
| US | 20.42.72.131:443 | tcp | |
| US | 8.8.4.4:443 | dns.google | udp |
| NL | 142.251.36.14:443 | sb-ssl.google.com | tcp |
| NL | 142.250.179.142:443 | google.com | tcp |
| NL | 142.251.36.35:443 | beacons.gcp.gvt2.com | tcp |
| NL | 142.251.36.35:443 | tcp | |
| NL | 142.251.36.35:443 | tcp | |
| NL | 142.251.36.14:443 | sb-ssl.google.com | tcp |
| US | 172.217.197.94:443 | beacons2.gvt2.com | tcp |
| NL | 142.251.39.97:443 | lh5.googleusercontent.com | tcp |
| US | 172.217.197.94:443 | udp | |
| US | 172.67.159.133:443 | tcp | |
| US | 172.67.159.133:443 | tcp | |
| US | 8.8.4.4:443 | dns.google | udp |
| NL | 142.251.36.42:443 | translate.googleapis.com | tcp |
| US | 34.104.35.123:80 | edgedl.me.gvt1.com | tcp |
| NL | 216.58.214.14:443 | consent.google.com | tcp |
| NL | 142.251.36.14:443 | sb-ssl.google.com | tcp |
| NL | 216.58.208.110:443 | apis.google.com | udp |
| NL | 142.250.179.170:443 | udp | |
| NL | 142.251.36.14:443 | sb-ssl.google.com | udp |
| DE | 176.9.21.46:443 | tcp | |
| DE | 136.243.171.216:443 | tcp | |
| NL | 216.58.208.110:443 | apis.google.com | udp |
| NL | 157.240.247.8:443 | tcp | |
| NL | 142.251.39.106:443 | content-autofill.googleapis.com | tcp |
| DE | 176.9.21.46:443 | id.123apps.com | tcp |
| US | 142.251.16.120:443 | csi.gstatic.com | tcp |
| US | 142.250.102.156:443 | stats.g.doubleclick.net | tcp |
| NL | 142.251.36.3:443 | www.google.nl | tcp |
| NL | 142.251.36.1:443 | udp | |
| NL | 142.250.179.163:443 | udp | |
| NL | 172.217.168.194:443 | udp | |
| US | 52.70.86.138:443 | tcp | |
| NL | 142.250.179.162:443 | udp | |
| CA | 185.80.39.216:443 | dsum-sec.casalemedia.com | tcp |
| NL | 185.83.142.19:443 | tcp | |
| CA | 185.80.39.216:443 | tcp | |
| NL | 142.250.179.130:443 | udp | |
| US | 142.251.16.120:443 | udp | |
| US | 44.194.193.183:443 | tcp | |
| US | 44.194.193.183:443 | tcp | |
| US | 44.194.193.183:443 | tcp | |
| NL | 65.9.86.104:443 | static.adsafeprotected.com | tcp |
| NL | 142.251.36.2:443 | googleads4.g.doubleclick.net | tcp |
| NL | 142.250.179.134:443 | s0.2mdn.net | tcp |
| NL | 142.251.36.2:443 | udp | |
| DE | 136.243.171.216:443 | s170.123apps.com | tcp |
| DE | 136.243.171.216:443 | s170.123apps.com | tcp |
| NL | 142.251.36.35:443 | udp | |
| US | 8.8.4.4:443 | dns.google | udp |
| NL | 142.251.36.14:443 | sb-ssl.google.com | udp |
| NL | 142.250.179.142:443 | udp | |
| US | 216.239.32.36:443 | udp | |
| NL | 172.217.168.227:443 | udp | |
| US | 8.8.4.4:443 | dns.google | udp |
| NL | 142.251.36.35:443 | udp | |
| NL | 142.250.179.142:443 | udp | |
| US | 216.239.32.116:443 | beacons4.gvt2.com | tcp |
| US | 216.239.32.116:443 | udp | |
| US | 8.8.8.8:53 | discord.com | udp |
| US | 162.159.128.233:443 | discord.com | tcp |
| US | 74.118.184.143:443 | tcp | |
| US | 69.166.1.8:443 | apex.go.sonobi.com | tcp |
| NL | 185.83.142.19:443 | tcp | |
| NL | 185.83.142.19:443 | tcp | |
| US | 172.98.26.245:443 | pbjs.e-planning.net | tcp |
| US | 145.40.88.5:443 | prebid.a-mo.net | tcp |
| NL | 216.52.2.48:443 | ap.lijit.com | tcp |
| NL | 142.250.179.130:443 | udp | |
| NL | 142.250.179.161:443 | udp | |
| US | 69.166.1.8:443 | apex.go.sonobi.com | tcp |
| US | 54.227.36.165:443 | tcp | |
| FR | 185.86.137.114:443 | prg-apac.smartadserver.com | tcp |
| NL | 185.83.142.19:443 | tcp | |
| NL | 185.83.142.19:443 | tcp | |
| US | 74.118.184.143:443 | tcp | |
| US | 172.98.26.245:443 | pbjs.e-planning.net | tcp |
| NL | 216.52.2.48:443 | ap.lijit.com | tcp |
| US | 69.166.1.8:443 | apex.go.sonobi.com | tcp |
| JP | 35.213.86.143:443 | tcp | |
| JP | 35.213.86.143:443 | tcp | |
| NL | 172.217.168.227:443 | udp | |
| NL | 142.251.36.14:443 | sb-ssl.google.com | udp |
| US | 173.194.194.94:443 | id.google.com | tcp |
| NL | 142.251.36.14:443 | sb-ssl.google.com | udp |
| FR | 151.80.29.83:443 | tcp | |
| FR | 151.80.29.83:443 | tcp | |
| US | 188.114.97.3:443 | ad.plus | tcp |
| FR | 149.202.85.166:443 | tcp | |
| FR | 51.38.43.18:443 | tcp | |
| FR | 149.202.85.166:443 | tcp | |
| NL | 65.9.86.93:443 | cdn.intergient.com | tcp |
| US | 104.26.6.139:443 | btloader.com | tcp |
| NL | 142.250.179.130:443 | udp | |
| US | 104.26.2.70:443 | ad-delivery.net | tcp |
| US | 104.26.2.70:443 | tcp | |
| NL | 65.9.86.60:443 | cdn.intergi.com | tcp |
| NL | 142.250.179.130:443 | udp | |
| NL | 142.250.179.170:443 | udp | |
| US | 216.239.32.36:443 | udp | |
| US | 130.211.23.194:443 | api.btloader.com | tcp |
| NL | 142.251.36.1:443 | udp | |
| NL | 104.80.229.151:443 | z.moatads.com | tcp |
| NL | 65.9.86.103:443 | config.playwire.com | tcp |
| NL | 65.9.86.32:443 | tags.crwdcntrl.net | tcp |
| US | 54.90.254.15:443 | tcp | |
| US | 54.165.58.209:443 | tcp | |
| DE | 141.95.33.111:443 | id5-sync.com | tcp |
| US | 3.218.10.121:443 | tcp | |
| US | 34.160.46.1:443 | fid.agkn.com | tcp |
| NL | 142.251.39.106:443 | udp | |
| FR | 31.14.70.246:443 | tcp | |
| US | 3.227.250.154:443 | tcp | |
| US | 3.227.250.154:443 | tcp | |
| NL | 172.217.168.194:443 | udp | |
| US | 3.227.250.154:443 | tcp | |
| NL | 142.250.179.162:443 | udp | |
| US | 35.227.252.103:443 | rtb.openx.net | tcp |
| US | 35.190.60.146:443 | id.rlcdn.com | tcp |
| DE | 3.126.163.185:443 | tcp | |
| GB | 3.11.254.218:443 | tcp | |
| US | 69.166.1.8:443 | apex.go.sonobi.com | tcp |
| US | 172.98.26.245:443 | pbjs.e-planning.net | tcp |
| US | 172.64.152.63:443 | mp.4dex.io | tcp |
| US | 104.18.19.126:443 | htlb.casalemedia.com | tcp |
| US | 34.149.20.76:443 | ssc.33across.com | tcp |
| US | 34.149.20.76:443 | tcp | |
| US | 34.149.20.76:443 | tcp | |
| US | 34.149.20.76:443 | tcp | |
| GB | 185.64.190.77:443 | tcp | |
| US | 74.118.184.142:443 | tcp | |
| DE | 35.158.179.242:443 | tcp | |
| DE | 37.252.172.250:443 | secure.adnxs.com | tcp |
| US | 3.214.130.52:443 | btlr.sharethrough.com | tcp |
| US | 3.214.130.52:443 | btlr.sharethrough.com | tcp |
| US | 3.214.130.52:443 | btlr.sharethrough.com | tcp |
| US | 3.214.127.213:443 | tcp | |
| US | 34.195.224.168:443 | tcp | |
| US | 3.214.127.213:443 | tcp | |
| US | 34.195.224.168:443 | tcp | |
| NL | 104.81.141.9:443 | tcp | |
| US | 34.149.40.38:443 | u.4dex.io | tcp |
| NL | 23.2.211.147:443 | secure-assets.rubiconproject.com | tcp |
| NL | 213.19.162.80:443 | tcp | |
| NL | 178.250.2.130:443 | static.criteo.net | tcp |
| US | 172.67.38.106:443 | cdn.id5-sync.com | tcp |
| NL | 142.250.179.161:443 | tcp | |
| NL | 142.250.179.161:443 | cdn.ampproject.org | tcp |
| NL | 142.250.179.161:443 | tcp | |
| NL | 142.250.179.161:443 | tcp | |
| NL | 142.250.179.161:443 | tcp | |
| NL | 65.9.86.66:443 | public.servenobid.com | tcp |
| NL | 104.123.40.23:443 | contextual.media.net | tcp |
| DE | 141.95.33.111:443 | id5-sync.com | tcp |
| DE | 51.89.9.254:443 | onetag-sys.com | tcp |
| US | 18.214.180.95:443 | tcp | |
| NL | 216.52.2.48:443 | ap.lijit.com | tcp |
| US | 199.127.204.171:443 | tcp | |
| NL | 193.0.160.128:443 | tcp | |
| US | 69.166.1.10:443 | tcp | |
| FR | 185.86.137.121:443 | ssbsync.smartadserver.com | tcp |
| NL | 216.52.2.48:443 | ce.lijit.com | tcp |
| DE | 3.126.56.137:443 | ups.analytics.yahoo.com | tcp |
| US | 138.197.50.103:443 | tcp | |
| US | 138.197.50.103:443 | x.yieldlift.com | tcp |
| US | 52.223.40.198:443 | tcp | |
| DK | 37.157.4.23:443 | tcp | |
| US | 192.132.33.46:443 | tcp | |
| DE | 37.252.173.27:443 | secure.adnxs.com | tcp |
| CA | 15.235.43.132:443 | gu.dyntrk.com | tcp |
| DE | 37.252.173.27:443 | secure.adnxs.com | tcp |
| IE | 54.154.199.204:443 | tcp | |
| NL | 23.2.175.14:443 | tcp | |
| IE | 63.32.210.84:443 | tcp | |
| IE | 54.73.71.55:443 | tcp | |
| CA | 185.80.39.216:443 | dsum-sec.casalemedia.com | tcp |
| CA | 185.80.39.216:443 | dsum-sec.casalemedia.com | tcp |
| US | 50.31.142.31:443 | tcp | |
| DE | 3.122.20.151:443 | tcp | |
| US | 34.196.85.232:443 | tcp | |
| US | 52.205.223.187:443 | tcp | |
| US | 198.148.27.140:443 | bh.contextweb.com | tcp |
| US | 193.122.130.38:443 | sync.technoratimedia.com | tcp |
| US | 38.91.45.7:443 | match.deepintent.com | tcp |
| US | 18.208.125.151:443 | tcp | |
| US | 64.74.236.127:443 | tcp | |
| US | 35.172.99.217:443 | tcp | |
| US | 35.172.99.217:443 | tcp | |
| CA | 185.80.39.216:443 | dsum-sec.casalemedia.com | tcp |
| FR | 185.86.137.131:443 | rtb-csync.smartadserver.com | tcp |
| FR | 185.86.137.131:443 | rtb-csync.smartadserver.com | tcp |
| US | 44.209.207.157:443 | tcp | |
| JP | 202.241.208.57:443 | tcp | |
| US | 35.172.99.217:443 | tcp | |
| US | 35.172.99.217:443 | tcp | |
| US | 35.172.99.217:443 | tcp | |
| US | 35.172.99.217:443 | tcp | |
| JP | 202.241.208.57:443 | tcp | |
| US | 192.184.69.167:443 | tcp | |
| NL | 104.126.124.21:443 | stags.bluekai.com | tcp |
| US | 50.31.142.31:443 | tcp | |
| US | 172.217.197.94:443 | udp | |
| NL | 142.251.36.35:443 | udp | |
| US | 69.166.1.8:443 | apex.go.sonobi.com | tcp |
| US | 74.118.184.142:443 | tcp | |
| US | 172.98.26.245:443 | pbjs.e-planning.net | tcp |
| DE | 37.252.172.250:443 | secure.adnxs.com | tcp |
| NL | 216.52.2.48:443 | ap.lijit.com | tcp |
| NL | 142.250.179.134:443 | udp | |
| NL | 104.109.249.82:443 | sync.teads.tv | tcp |
| NL | 104.109.249.82:443 | tcp | |
| US | 64.74.236.127:443 | tcp | |
| US | 52.205.223.187:443 | tcp | |
| NL | 142.251.36.2:443 | udp | |
| US | 34.96.105.8:443 | tr.blismedia.com | tcp |
| NL | 142.250.179.134:443 | udp | |
| RU | 213.180.204.90:443 | an.yandex.ru | tcp |
| FR | 162.19.80.91:443 | c.eu1.dyntrk.com | tcp |
| US | 67.202.105.23:443 | ssc-cms.33across.com | tcp |
| US | 67.202.105.34:443 | de.tynt.com | tcp |
| US | 67.202.105.32:443 | hde.tynt.com | tcp |
| DE | 3.122.20.151:443 | tcp | |
| NL | 63.215.202.137:443 | tcp | |
| NL | 193.0.160.128:443 | tcp | |
| US | 34.117.239.71:443 | events-ssc.33across.com | tcp |
| US | 34.117.239.71:443 | tcp | |
| US | 34.117.239.71:443 | tcp | |
| US | 34.104.35.123:80 | edgedl.me.gvt1.com | tcp |
| NL | 142.250.179.163:443 | udp | |
| US | 69.166.1.8:443 | apex.go.sonobi.com | tcp |
| US | 74.118.184.142:443 | tcp | |
| DE | 37.252.172.250:443 | secure.adnxs.com | tcp |
| US | 172.98.26.245:443 | pbjs.e-planning.net | tcp |
| NL | 142.251.36.35:443 | udp | |
| DE | 51.89.9.254:443 | onetag-sys.com | tcp |
| NL | 142.250.179.130:443 | udp | |
| NL | 172.217.168.194:443 | udp | |
| US | 3.223.154.227:443 | tcp | |
| NL | 142.250.179.162:443 | udp | |
| NL | 142.251.36.2:443 | udp | |
| NL | 185.94.180.126:443 | tcp | |
| SE | 213.155.156.169:443 | d5p.de17a.com | tcp |
| NL | 185.94.180.126:443 | tcp | |
| NL | 104.123.44.23:443 | cs.media.net | tcp |
| US | 3.221.233.8:443 | tcp | |
| NL | 216.58.214.3:443 | google.nl | tcp |
| NL | 172.217.168.227:443 | udp | |
| US | 8.8.8.8:53 | ip4.seeip.org | udp |
| US | 23.128.64.141:443 | ip4.seeip.org | tcp |
| US | 8.8.8.8:53 | ip-api.com | udp |
| US | 208.95.112.1:80 | ip-api.com | tcp |
| US | 74.118.184.142:443 | tcp | |
| DE | 37.252.172.250:443 | secure.adnxs.com | tcp |
| US | 69.166.1.8:443 | apex.go.sonobi.com | tcp |
| US | 162.159.128.233:443 | discord.com | tcp |
| US | 172.98.26.246:443 | pbjs.e-planning.net | tcp |
| US | 35.215.90.198:443 | tcp | |
| FR | 185.86.139.103:443 | ssbsync.smartadserver.com | tcp |
| US | 3.221.233.8:443 | tcp | |
| FR | 185.255.84.153:443 | visitor.omnitagjs.com | tcp |
| FR | 185.86.137.131:443 | rtb-csync.smartadserver.com | tcp |
| NL | 142.250.179.130:443 | udp | |
| NL | 142.251.39.98:443 | udp | |
| NL | 172.217.168.226:443 | udp | |
| US | 162.159.128.233:443 | discord.com | tcp |
| NL | 142.251.36.2:443 | udp | |
| NL | 142.251.39.98:443 | udp | |
| NL | 142.251.36.2:443 | udp | |
| DE | 168.119.79.223:443 | tcp | |
| NL | 23.72.252.161:443 | ads.stickyadstv.com | tcp |
| IE | 63.32.210.84:443 | tcp | |
| NL | 23.72.252.161:443 | tcp | |
| NL | 142.250.179.170:443 | udp | |
| DE | 18.156.0.31:443 | ups.analytics.yahoo.com | tcp |
| US | 35.186.193.173:443 | gcm.ctnsnet.com | tcp |
| NL | 193.0.160.128:443 | tcp | |
| US | 174.137.133.49:443 | tcp | |
| GB | 18.134.84.20:443 | tcp | |
| US | 174.137.133.49:443 | tcp | |
| US | 162.159.128.233:443 | discord.com | tcp |
| US | 162.159.128.233:443 | discord.com | tcp |
| US | 69.166.1.8:443 | tcp | |
| US | 172.98.26.246:443 | tcp | |
| US | 74.118.184.142:443 | tcp | |
| US | 8.8.4.4:443 | dns.google | udp |
| DE | 37.252.172.250:443 | secure.adnxs.com | tcp |
| US | 69.166.1.8:443 | apex.go.sonobi.com | tcp |
| US | 172.98.26.246:443 | pbjs.e-planning.net | tcp |
| NL | 142.251.39.98:443 | udp | |
| NL | 172.217.168.226:443 | udp | |
| NL | 142.250.179.130:443 | udp | |
| NL | 142.251.36.2:443 | udp | |
| NL | 142.251.39.98:443 | udp | |
| NL | 142.251.36.2:443 | udp | |
| US | 69.166.1.10:443 | tcp | |
| FR | 185.86.139.103:443 | ssbsync.smartadserver.com | tcp |
| DE | 51.89.9.254:443 | onetag-sys.com | tcp |
| GB | 66.155.71.149:443 | tcp | |
| NL | 65.9.86.46:443 | s.ad.smaato.net | tcp |
| NL | 216.58.214.3:443 | udp | |
| NL | 172.217.168.238:443 | clients2.google.com | udp |
| NL | 142.251.36.35:443 | udp | |
| US | 69.166.1.8:443 | apex.go.sonobi.com | tcp |
| US | 172.98.26.246:443 | pbjs.e-planning.net | tcp |
| US | 74.118.184.142:443 | tcp | |
| DE | 37.252.172.250:443 | secure.adnxs.com | tcp |
| NL | 142.251.39.98:443 | udp | |
| NL | 172.217.168.226:443 | udp | |
| NL | 142.250.179.130:443 | udp | |
| NL | 142.251.36.2:443 | udp | |
| NL | 142.251.39.98:443 | udp | |
| NL | 142.251.36.2:443 | udp | |
| NL | 142.250.179.134:443 | udp | |
| US | 69.166.1.10:443 | tcp | |
| DE | 51.89.9.254:443 | onetag-sys.com | tcp |
| DE | 3.121.65.152:443 | tcp | |
| DK | 37.157.6.241:443 | tcp | |
| US | 52.21.122.168:443 | tcp | |
| FR | 185.86.137.121:443 | ssbsync.smartadserver.com | tcp |
| US | 216.239.32.36:443 | udp | |
| NL | 142.251.36.1:443 | udp | |
| NL | 142.250.179.130:443 | udp | |
| CA | 185.80.39.216:443 | dsum-sec.casalemedia.com | tcp |
| US | 35.190.90.30:443 | odr.mookie1.com | tcp |
| GB | 3.11.254.218:443 | tcp | |
| US | 52.5.82.174:443 | tcp | |
| US | 18.218.129.96:443 | tcp | |
| CA | 15.235.43.132:443 | gu.dyntrk.com | tcp |
| US | 69.166.1.8:443 | apex.go.sonobi.com | tcp |
| US | 172.98.26.246:443 | pbjs.e-planning.net | tcp |
| US | 74.118.184.142:443 | tcp | |
| DE | 37.252.172.250:443 | secure.adnxs.com | tcp |
| NL | 104.123.44.23:443 | c21lg-d.media.net | tcp |
| DE | 195.201.152.90:443 | tcp | |
| FR | 185.86.137.121:443 | ssbsync.smartadserver.com | tcp |
| NL | 159.65.197.210:443 | match.adsby.bidtheatre.com | tcp |
| US | 3.214.226.3:443 | tcp | |
| US | 69.166.1.10:443 | tcp | |
| NL | 216.52.2.48:443 | ce.lijit.com | tcp |
| NL | 216.52.2.48:443 | ap.lijit.com | tcp |
| NL | 193.0.160.129:443 | tcp | |
| DE | 18.156.0.31:443 | ups.analytics.yahoo.com | tcp |
| US | 199.127.204.171:443 | tcp | |
| US | 145.40.89.200:443 | prebid.a-mo.net | tcp |
| FR | 185.86.137.131:443 | rtb-csync.smartadserver.com | tcp |
| US | 138.197.50.103:443 | x.yieldlift.com | tcp |
| US | 80.77.87.164:443 | tcp | |
| IE | 52.208.242.118:443 | tcp | |
| FR | 185.86.137.131:443 | tcp | |
| IE | 63.32.210.84:443 | tcp | |
| US | 52.5.242.57:443 | tcp | |
| US | 52.5.54.148:443 | tcp | |
| US | 107.20.141.222:443 | tcp | |
| US | 3.221.53.246:443 | tcp | |
| CA | 185.80.39.216:443 | dsum-sec.casalemedia.com | tcp |
| US | 8.8.4.4:443 | dns.google | udp |
| CA | 185.80.39.216:443 | dsum-sec.casalemedia.com | tcp |
| US | 80.77.87.164:443 | tcp | |
| NL | 142.250.179.170:443 | udp | |
| US | 38.91.45.7:443 | match.deepintent.com | tcp |
| US | 199.127.204.171:443 | tcp | |
| US | 64.202.112.63:443 | tcp | |
| US | 35.172.99.217:443 | tcp | |
| CA | 185.80.39.216:443 | dsum-sec.casalemedia.com | tcp |
| CA | 185.80.39.216:443 | dsum-sec.casalemedia.com | tcp |
| US | 35.172.99.217:443 | tcp | |
| NL | 104.126.124.21:443 | stags.bluekai.com | tcp |
| US | 3.227.250.201:443 | tcp | |
| US | 3.227.250.201:443 | tcp | |
| US | 3.227.250.201:443 | tcp | |
| DE | 136.243.61.83:443 | ad.a-ads.com | tcp |
| DE | 136.243.11.250:443 | static.a-ads.com | tcp |
| DE | 116.202.214.170:443 | tcp | |
| DE | 116.202.214.170:443 | click.a-ads.com | tcp |
| IE | 13.69.228.3:443 | tcp | |
| US | 54.193.7.186:443 | tcp | |
| US | 13.107.246.67:443 | tcp | |
| US | 13.107.246.67:443 | tcp | |
| US | 13.107.246.67:443 | tcp | |
| US | 13.107.246.67:443 | tcp | |
| US | 13.107.246.67:443 | tcp | |
| US | 13.107.246.67:443 | tcp | |
| US | 35.190.70.79:443 | cdn.sanity.io | tcp |
| US | 35.190.70.79:443 | tcp | |
| US | 35.190.70.79:443 | tcp | |
| US | 35.190.70.79:443 | tcp | |
| US | 35.190.70.79:443 | tcp | |
| US | 54.193.7.186:443 | tcp | |
| US | 13.107.246.67:443 | tcp | |
| US | 34.96.102.137:443 | dev.visualwebsiteoptimizer.com | tcp |
| US | 34.96.102.137:443 | udp | |
| US | 142.250.102.157:443 | udp | |
| NL | 142.251.36.3:443 | udp | |
| US | 69.166.1.8:443 | apex.go.sonobi.com | tcp |
| US | 74.118.184.142:443 | tcp | |
| US | 172.98.26.246:443 | pbjs.e-planning.net | tcp |
| DE | 37.252.172.250:443 | secure.adnxs.com | tcp |
| DE | 195.201.152.90:443 | tcp | |
| SE | 213.155.156.169:443 | d5p.de17a.com | tcp |
| US | 69.166.1.10:443 | tcp | |
| FR | 185.86.137.121:443 | ssbsync.smartadserver.com | tcp |
| FR | 31.14.70.246:443 | tcp | |
| US | 54.161.122.246:443 | tcp | |
| NL | 142.251.36.1:443 | udp | |
| US | 54.146.152.111:443 | tcp | |
| US | 209.205.201.34:443 | ghb.adtelligent.com | tcp |
| US | 69.166.1.8:443 | apex.go.sonobi.com | tcp |
| US | 74.118.184.142:443 | tcp | |
| GB | 185.64.190.80:443 | tcp | |
| US | 8.253.208.37:443 | cdn.vidcrunch.com | tcp |
| US | 52.45.229.205:443 | tcp | |
| NL | 104.123.45.99:443 | tcp | |
| FR | 2.17.34.84:443 | player.vidcrunch.com | tcp |
| US | 34.192.54.128:443 | tcp | |
| US | 69.166.1.10:443 | tcp | |
| FR | 2.17.34.84:443 | player.vidcrunch.com | tcp |
| FR | 2.17.34.84:443 | player.vidcrunch.com | tcp |
| FR | 2.17.34.84:443 | player.vidcrunch.com | tcp |
| NL | 104.80.224.197:443 | tcp | |
| US | 23.21.8.79:443 | tcp | |
| US | 193.122.130.38:443 | tcp | |
| US | 193.122.130.38:443 | vidcrunch.technoratimedia.com | tcp |
| US | 193.122.130.38:443 | vidcrunch.technoratimedia.com | tcp |
| NL | 142.250.179.170:443 | imasdk.googleapis.com | tcp |
| NL | 142.250.179.170:443 | udp | |
| NL | 142.250.179.134:443 | udp | |
| US | 152.199.5.184:443 | tcp | |
| US | 216.239.32.116:443 | udp | |
| NL | 23.2.211.147:443 | secure-assets.rubiconproject.com | tcp |
| US | 67.202.105.22:443 | pixel.33across.com | tcp |
| DE | 37.252.173.38:443 | secure.adnxs.com | tcp |
| NL | 178.250.2.146:443 | gum.criteo.com | tcp |
| GB | 66.155.71.149:443 | tcp | |
| US | 35.169.70.139:443 | tcp | |
| NL | 193.0.160.129:443 | tcp | |
| US | 54.84.160.184:443 | tcp | |
| NL | 77.245.57.72:443 | tcp | |
| FR | 141.94.242.204:443 | green.erne.co | tcp |
| NL | 178.250.2.146:443 | gum.criteo.com | tcp |
| NL | 46.228.164.11:443 | tcp | |
| FR | 141.94.171.215:443 | pixel-eu.onaudience.com | tcp |
| NL | 185.94.180.125:443 | tcp | |
| US | 38.91.45.7:443 | match.deepintent.com | tcp |
| NL | 77.245.57.72:443 | tcp | |
| NL | 46.228.164.11:443 | ad.turn.com | tcp |
| US | 3.215.101.237:443 | tcp | |
| US | 198.148.27.140:443 | bh.contextweb.com | tcp |
| NL | 185.94.180.125:443 | tcp | |
| NL | 142.250.179.130:443 | udp | |
| NL | 34.91.62.186:443 | tcp | |
| US | 69.166.1.10:443 | tcp | |
| DE | 18.158.247.155:443 | tcp | |
| US | 74.118.184.142:443 | tcp | |
| DE | 3.121.65.152:443 | tcp | |
| US | 74.118.184.142:443 | tcp | |
| US | 74.118.184.142:443 | tcp | |
| US | 52.45.229.205:443 | tcp | |
| NL | 216.52.2.48:443 | ce.lijit.com | tcp |
| US | 44.201.217.92:443 | ads.avct.cloud | tcp |
| NL | 142.251.36.35:443 | udp | |
| NL | 142.251.36.34:443 | pubads.g.doubleclick.net | tcp |
| NL | 104.109.249.82:443 | sync.teads.tv | tcp |
| IE | 52.94.223.167:443 | tcp | |
| DE | 18.156.0.31:443 | ups.analytics.yahoo.com | tcp |
| US | 193.122.130.38:443 | vidcrunch.technoratimedia.com | tcp |
| US | 34.197.59.15:443 | tcp | |
| NL | 104.123.40.23:443 | contextual.media.net | tcp |
| US | 192.96.200.41:443 | tcp | |
| NL | 89.207.16.204:443 | tcp | |
| US | 34.231.236.133:443 | tcp | |
| CA | 15.235.43.132:443 | gu.dyntrk.com | tcp |
| US | 150.136.25.38:443 | tcp | |
| US | 150.136.25.38:443 | uat-net.technoratimedia.com | tcp |
| US | 150.136.25.38:443 | tcp | |
| US | 150.136.25.38:443 | tcp | |
| US | 69.166.1.8:443 | apex.go.sonobi.com | tcp |
| US | 34.204.28.136:443 | tcp | |
| NL | 89.207.16.140:443 | tcp | |
| NL | 185.94.180.125:443 | tcp | |
| US | 192.96.200.41:443 | tcp | |
| US | 69.166.1.10:443 | tcp | |
| US | 141.226.124.48:443 | tcp | |
| NL | 216.52.2.48:443 | ap.lijit.com | tcp |
| US | 159.203.145.121:443 | tcp | |
| DE | 85.114.159.93:443 | tcp | |
| FR | 178.250.0.163:443 | dis.criteo.com | tcp |
| US | 64.202.112.63:443 | tcp | |
| US | 64.202.112.63:443 | tcp | |
| US | 199.127.204.171:443 | tcp | |
| DE | 162.19.138.117:443 | id5-sync.com | tcp |
| US | 74.119.119.150:443 | widget.us.criteo.com | tcp |
| FR | 185.86.137.133:443 | rtb-csync.smartadserver.com | tcp |
| FR | 185.86.137.133:443 | rtb-csync.smartadserver.com | tcp |
| US | 159.203.145.121:443 | tcp | |
| US | 192.132.33.46:443 | tcp | |
| IE | 52.31.4.32:443 | tcp | |
| US | 3.225.197.224:443 | tcp | |
| CA | 185.80.39.216:443 | dsum.casalemedia.com | tcp |
| CA | 185.80.39.216:443 | dsum-sec.casalemedia.com | tcp |
| US | 34.104.35.123:80 | edgedl.me.gvt1.com | tcp |
| CA | 185.80.39.216:443 | tcp | |
| US | 3.227.250.201:443 | tcp | |
| US | 3.227.250.201:443 | tcp | |
| US | 3.227.250.201:443 | tcp | |
| NL | 23.72.252.161:443 | ads.stickyadstv.com | tcp |
| US | 193.122.130.38:443 | vidcrunch.technoratimedia.com | tcp |
| US | 159.203.145.121:443 | cs.chocolateplatform.com | tcp |
| US | 159.203.145.121:443 | tcp | |
| US | 8.8.8.8:53 | zerossl.crt.sectigo.com | udp |
| GB | 91.199.212.52:80 | zerossl.crt.sectigo.com | tcp |
| NL | 142.251.36.34:443 | udp | |
| US | 193.122.130.38:443 | vidcrunch.technoratimedia.com | tcp |
| US | 193.122.130.38:443 | vidcrunch.technoratimedia.com | tcp |
| US | 8.8.4.4:443 | dns.google | udp |
| NL | 142.250.179.163:443 | udp | |
| US | 193.122.130.38:443 | vidcrunch.technoratimedia.com | tcp |
| US | 69.166.1.8:443 | apex.go.sonobi.com | tcp |
| US | 172.98.26.246:443 | pbjs.e-planning.net | tcp |
| DE | 37.252.172.250:443 | secure.adnxs.com | tcp |
| NL | 142.250.179.134:443 | udp | |
| US | 69.166.1.10:443 | tcp | |
| NL | 216.52.2.48:443 | ap.lijit.com | tcp |
| BR | 35.199.82.15:443 | tcp | |
| BR | 35.199.82.15:443 | tcp | |
| NL | 172.217.168.227:443 | udp | |
| US | 193.122.130.38:443 | vidcrunch.technoratimedia.com | tcp |
| US | 69.166.1.8:443 | apex.go.sonobi.com | tcp |
| DE | 195.201.152.90:443 | tcp | |
| US | 69.166.1.10:443 | tcp | |
| FR | 185.86.137.121:443 | ssbsync.smartadserver.com | tcp |
| US | 193.122.130.38:443 | vidcrunch.technoratimedia.com | tcp |
| US | 35.217.93.191:443 | tcp | |
| US | 193.122.130.38:443 | vidcrunch.technoratimedia.com | tcp |
| NL | 142.251.36.3:443 | udp | |
| NL | 142.251.36.3:443 | tcp | |
| US | 193.122.130.38:443 | vidcrunch.technoratimedia.com | tcp |
| US | 74.118.184.142:443 | tcp | |
| US | 193.122.130.38:443 | vidcrunch.technoratimedia.com | tcp |
| US | 74.118.184.142:443 | tcp | |
| US | 74.118.184.142:443 | tcp | |
| US | 193.122.130.38:443 | vidcrunch.technoratimedia.com | tcp |
| US | 108.177.119.94:443 | udp | |
| US | 69.166.1.8:443 | apex.go.sonobi.com | tcp |
| US | 172.98.26.246:443 | pbjs.e-planning.net | tcp |
| US | 74.118.184.142:443 | tcp | |
| DE | 37.252.172.250:443 | secure.adnxs.com | tcp |
| NL | 142.250.179.134:443 | udp | |
| US | 69.166.1.10:443 | tcp | |
| US | 159.203.145.121:443 | tcp | |
| US | 159.203.145.121:443 | tcp | |
| US | 159.203.145.121:443 | tcp | |
| FR | 185.86.137.121:443 | ssbsync.smartadserver.com | tcp |
| NL | 142.251.36.1:443 | udp | |
| US | 159.203.145.121:443 | tcp | |
| US | 69.166.1.8:443 | apex.go.sonobi.com | tcp |
| US | 74.118.184.142:443 | tcp | |
| DE | 91.228.72.119:8443 | eu-google-rtb.quantserve.com | tcp |
| NL | 104.80.225.152:443 | z.moatads.com | tcp |
| US | 192.184.69.239:443 | tcp | |
| US | 192.184.69.239:443 | tcp | |
| NL | 65.9.86.107:443 | tcp | |
| NL | 65.9.86.107:443 | content.quantcount.com | tcp |
| NL | 142.250.179.134:443 | udp | |
| US | 18.235.70.192:443 | tcp | |
| GB | 3.11.123.3:443 | tcp | |
| DE | 91.228.74.168:443 | tcp | |
| NL | 142.250.179.170:443 | udp | |
| US | 69.166.1.10:443 | tcp | |
| US | 159.203.145.121:443 | tcp | |
| NL | 142.251.36.6:443 | static.doubleclick.net | tcp |
| US | 159.203.145.121:443 | tcp | |
| US | 104.16.12.64:443 | c.bannerflow.net | tcp |
| US | 159.203.145.121:443 | tcp | |
| US | 159.203.145.121:443 | tcp | |
| NL | 104.123.45.151:443 | quantcast584928381.s.moatpixel.com | tcp |
| NL | 104.123.45.151:443 | tcp | |
| NL | 104.123.45.151:443 | tcp | |
| NL | 104.123.45.151:443 | tcp | |
| US | 104.16.12.64:443 | c.bannerflow.net | tcp |
| US | 74.118.184.142:443 | tcp | |
| US | 193.122.130.38:443 | vidcrunch.technoratimedia.com | tcp |
| US | 74.118.184.142:443 | tcp | |
| US | 74.118.184.142:443 | tcp | |
| US | 193.122.130.38:443 | vidcrunch.technoratimedia.com | tcp |
| NL | 142.250.179.142:443 | udp | |
| US | 74.118.184.142:443 | tcp | |
| US | 193.122.130.38:443 | vidcrunch.technoratimedia.com | tcp |
| US | 74.118.184.142:443 | tcp | |
| US | 74.118.184.142:443 | tcp | |
| US | 193.122.130.38:443 | vidcrunch.technoratimedia.com | tcp |
| US | 74.118.184.142:443 | tcp | |
| US | 69.166.1.8:443 | apex.go.sonobi.com | tcp |
| DE | 37.252.172.250:443 | secure.adnxs.com | tcp |
| US | 172.98.26.246:443 | pbjs.e-planning.net | tcp |
| NL | 142.251.39.98:443 | udp | |
| NL | 142.250.179.130:443 | udp | |
| NL | 142.251.36.2:443 | udp | |
| NL | 142.251.39.98:443 | udp | |
| US | 69.166.1.10:443 | tcp | |
| US | 159.203.145.121:443 | tcp | |
| DE | 51.89.9.254:443 | onetag-sys.com | tcp |
| DK | 37.157.5.142:443 | tcp | |
| FR | 185.86.137.121:443 | ssbsync.smartadserver.com | tcp |
| US | 159.203.145.121:443 | tcp | |
| US | 159.203.145.121:443 | tcp | |
| NL | 172.217.168.227:443 | udp | |
| US | 159.203.145.121:443 | tcp | |
| US | 69.166.1.8:443 | apex.go.sonobi.com | tcp |
| US | 74.118.184.142:443 | tcp | |
| NL | 142.250.179.134:443 | udp | |
| US | 69.166.1.10:443 | tcp | |
| US | 159.203.145.121:443 | tcp | |
| US | 159.203.145.121:443 | tcp | |
| US | 159.203.145.121:443 | tcp | |
| NL | 142.251.36.1:443 | udp | |
| US | 159.203.145.121:443 | tcp | |
| US | 193.122.130.38:443 | vidcrunch.technoratimedia.com | tcp |
| US | 74.118.184.142:443 | tcp | |
| NL | 142.251.36.3:443 | udp | |
| US | 74.118.184.142:443 | tcp | |
| US | 74.118.184.142:443 | tcp | |
| US | 193.122.130.38:443 | vidcrunch.technoratimedia.com | tcp |
| US | 108.177.119.94:443 | udp | |
| US | 216.239.32.116:443 | udp | |
| US | 193.122.130.38:443 | vidcrunch.technoratimedia.com | tcp |
| US | 74.118.184.142:443 | tcp | |
| US | 74.118.184.142:443 | tcp | |
| US | 74.118.184.142:443 | tcp | |
| US | 193.122.130.38:443 | vidcrunch.technoratimedia.com | tcp |
| NL | 142.251.36.35:443 | udp | |
| US | 74.118.184.142:443 | tcp | |
| US | 193.122.130.38:443 | vidcrunch.technoratimedia.com | tcp |
| US | 74.118.184.142:443 | tcp | |
| US | 74.118.184.142:443 | tcp | |
| US | 193.122.130.38:443 | vidcrunch.technoratimedia.com | tcp |
| US | 69.166.1.8:443 | apex.go.sonobi.com | tcp |
| US | 172.98.26.246:443 | pbjs.e-planning.net | tcp |
| NL | 185.89.210.244:443 | tcp | |
| US | 69.166.1.10:443 | tcp | |
| FR | 185.86.137.121:443 | ssbsync.smartadserver.com | tcp |
Files
memory/2220-132-0x0000000000150000-0x000000000048A000-memory.dmp
memory/2220-133-0x00000000054F0000-0x0000000005A94000-memory.dmp
memory/2220-134-0x0000000004E20000-0x0000000004EB2000-memory.dmp
memory/2220-135-0x0000000004ED0000-0x0000000004EDA000-memory.dmp
memory/2220-136-0x0000000004F29000-0x0000000004F2F000-memory.dmp
memory/2220-137-0x0000000004F29000-0x0000000004F2F000-memory.dmp
memory/2220-138-0x000000000BF10000-0x000000000BFEB000-memory.dmp
memory/2220-139-0x000000000BF10000-0x000000000BFEB000-memory.dmp
memory/2220-140-0x000000000BF10000-0x000000000BFEB000-memory.dmp
\??\pipe\crashpad_2228_PZBWDSVQEIOYOBQJ
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
memory/2220-142-0x000000000BF10000-0x000000000BFEB000-memory.dmp
memory/2220-143-0x000000000BF10000-0x000000000BFEB000-memory.dmp
memory/2220-144-0x000000000BF10000-0x000000000BFEB000-memory.dmp
memory/2220-145-0x000000000BF10000-0x000000000BFEB000-memory.dmp
memory/2220-146-0x000000000BF10000-0x000000000BFEB000-memory.dmp
memory/6400-147-0x0000000000000000-mapping.dmp
memory/6400-148-0x00000000050C9000-0x00000000050CF000-memory.dmp
memory/6400-149-0x000000000C880000-0x000000000C884000-memory.dmp
memory/6400-150-0x00000000050C9000-0x00000000050CF000-memory.dmp
memory/6400-151-0x000000000C880000-0x000000000C884000-memory.dmp
memory/6576-152-0x0000000000000000-mapping.dmp
memory/4904-153-0x0000000000000000-mapping.dmp
memory/6400-154-0x000000000C884000-0x000000000C887000-memory.dmp
memory/6400-155-0x000000000C887000-0x000000000C88A000-memory.dmp
memory/6400-156-0x000000000C88A000-0x000000000C88F000-memory.dmp
memory/6400-157-0x000000000C884000-0x000000000C887000-memory.dmp
memory/6400-158-0x000000000C887000-0x000000000C88A000-memory.dmp
memory/6400-159-0x000000000C88A000-0x000000000C88F000-memory.dmp
memory/6400-161-0x000000000C887000-0x000000000C88A000-memory.dmp
memory/6400-160-0x000000000C880000-0x000000000C884000-memory.dmp
memory/6400-162-0x000000000C88A000-0x000000000C88F000-memory.dmp
memory/8100-163-0x0000000000010000-0x0000000000020000-memory.dmp
memory/8100-164-0x00007FFF38B10000-0x00007FFF395D1000-memory.dmp
memory/8100-165-0x000000001B9D0000-0x000000001BA20000-memory.dmp
memory/8100-166-0x00007FFF38B10000-0x00007FFF395D1000-memory.dmp
memory/8100-167-0x00007FFF38B10000-0x00007FFF395D1000-memory.dmp
memory/5792-168-0x0000000000000000-mapping.dmp